diff options
Diffstat (limited to 'patches')
863 files changed, 89886 insertions, 0 deletions
diff --git a/patches/packages/MPlayer-1.2_20160125-x86_64-1_slack13.1.txt b/patches/packages/MPlayer-1.2_20160125-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..fcba8f20 --- /dev/null +++ b/patches/packages/MPlayer-1.2_20160125-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +MPlayer: MPlayer (Linux movie player) +MPlayer: +MPlayer: MPlayer is a movie player for Linux. It plays most MPEG, VOB, AVI, +MPlayer: Ogg/OGM, VIVO, ASF/WMA/WMV, QT/MOV/MP4, FLI, RM, NuppelVideo, +MPlayer: YUV4MPEG, FILM, RoQ, PVA files, supported by many native, XAnim, +MPlayer: and Win32 DLL codecs. You can watch VideoCD, SVCD, DVD, 3ivx, +MPlayer: DivX 3/4/5 and even WMV movies, too (without the avifile library). +MPlayer: MPlayer supports 10 types of subtitles formats: VobSub, +MPlayer: MicroDVD, SubRip, SubViewer, Sami, VPlayer, RT, SSA, AQTitle, MPsub. +MPlayer: +MPlayer: Homepage for MPLayer is http://www.mplayerhq.hu/ diff --git a/patches/packages/acl-2.2.50-x86_64-1_slack13.1.txt b/patches/packages/acl-2.2.50-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..38dace93 --- /dev/null +++ b/patches/packages/acl-2.2.50-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +acl: acl (tools for using POSIX Access Control Lists) +acl: +acl: This package contains a set of tools and libraries for manipulating +acl: POSIX Access Control Lists. POSIX Access Control Lists (defined in +acl: POSIX 1003.1e draft standard 17) are used to define more fine-grained +acl: discretionary access rights for files and directories. +acl: +acl: +acl: +acl: Homepage: http://savannah.nongnu.org/projects/acl +acl: diff --git a/patches/packages/apr-1.4.5-x86_64-1_slack13.1.txt b/patches/packages/apr-1.4.5-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..462103da --- /dev/null +++ b/patches/packages/apr-1.4.5-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +apr: apr (Apache Portable Runtime) +apr: +apr: The mission of the Apache Portable Runtime (APR) is to provide a +apr: free library of C data structures and routines, forming a system +apr: portability layer to as many operating systems as possible. +apr: +apr: +apr: +apr: +apr: +apr: diff --git a/patches/packages/apr-util-1.4.1-x86_64-1_slack13.1.txt b/patches/packages/apr-util-1.4.1-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..8a5614af --- /dev/null +++ b/patches/packages/apr-util-1.4.1-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +apr-util: apr-util (Apache Portable Runtime utilities) +apr-util: +apr-util: The mission of the Apache Portable Runtime (APR) is to provide a +apr-util: free library of C data structures and routines, forming a system +apr-util: portability layer to as many operating systems as possible. +apr-util: +apr-util: This package contains additional utility interfaces for APR; +apr-util: including support for XML, LDAP, database interfaces, URI parsing, +apr-util: and more. +apr-util: +apr-util: diff --git a/patches/packages/bash-4.1.017-x86_64-2_slack13.1.txt b/patches/packages/bash-4.1.017-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..99268883 --- /dev/null +++ b/patches/packages/bash-4.1.017-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +bash: bash (sh-compatible shell) +bash: +bash: The GNU Bourne-Again SHell. Bash is a sh-compatible command +bash: interpreter that executes commands read from the standard input or +bash: from a file. Bash also incorporates useful features from the Korn +bash: and C shells (ksh and csh). Bash is ultimately intended to be a +bash: conformant implementation of the IEEE Posix Shell and Tools +bash: specification (IEEE Working Group 1003.2). +bash: +bash: Bash must be present for the system to boot properly. +bash: diff --git a/patches/packages/bind-9.9.11_P1-x86_64-1_slack13.1.txt b/patches/packages/bind-9.9.11_P1-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..3289b10d --- /dev/null +++ b/patches/packages/bind-9.9.11_P1-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +bind: bind (DNS server and utilities) +bind: +bind: The named daemon and support utilities such as dig, host, and +bind: nslookup. Sample configuration files for running a simple caching +bind: nameserver are included. Documentation for advanced name server +bind: setup can be found in /usr/doc/bind-9.x.x/. +bind: +bind: +bind: +bind: +bind: diff --git a/patches/packages/bluez-4.64-x86_64-2_slack13.1.txt b/patches/packages/bluez-4.64-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..b4b50d59 --- /dev/null +++ b/patches/packages/bluez-4.64-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +bluez: bluez (Bluetooth libraries and utilities) +bluez: +bluez: Bluez is the Bluetooth stack for Linux, allowing Bluetooth adaptors +bluez: and devices to be used with Linux. This package contains the Bluez +bluez: libraries, utilities, and other support files. +bluez: +bluez: For more info, visit: http://www.bluez.org +bluez: +bluez: +bluez: +bluez: diff --git a/patches/packages/bzip2-1.0.6-x86_64-1_slack13.1.txt b/patches/packages/bzip2-1.0.6-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..acda18b8 --- /dev/null +++ b/patches/packages/bzip2-1.0.6-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +bzip2: bzip2 (a block-sorting file compressor) +bzip2: +bzip2: Bzip2 compresses files using the Burrows-Wheeler block sorting text +bzip2: compression algorithm, and Huffman coding. Compression is generally +bzip2: considerably better than that achieved by more conventional LZ77/LZ78- +bzip2: based compressors, and approaches the performance of the PPM family of +bzip2: statistical compressors. +bzip2: +bzip2: Julian Seward <jseward@acm.org> is the author of bzip2. +bzip2: +bzip2: diff --git a/patches/packages/coreutils-8.15-x86_64-1_slack13.1.txt b/patches/packages/coreutils-8.15-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..b41ad37d --- /dev/null +++ b/patches/packages/coreutils-8.15-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +coreutils: coreutils (core GNU utilities) +coreutils: +coreutils: These are the GNU core utilities, the basic command line programs +coreutils: such as 'mkdir', 'ls', and 'rm' that are needed for the system to +coreutils: run. This package is the union of the GNU fileutils, sh-utils, and +coreutils: textutils packages. Most of these programs have significant +coreutils: advantages over their Unix counterparts, such as greater speed, +coreutils: additional options, and fewer arbitrary limits. +coreutils: +coreutils: +coreutils: diff --git a/patches/packages/cups-1.4.5-x86_64-3_slack13.1.txt b/patches/packages/cups-1.4.5-x86_64-3_slack13.1.txt new file mode 100644 index 00000000..55818635 --- /dev/null +++ b/patches/packages/cups-1.4.5-x86_64-3_slack13.1.txt @@ -0,0 +1,11 @@ +cups: CUPS (Common UNIX Printing System) +cups: +cups: The Common UNIX Printing System provides a portable printing layer for +cups: UNIX(R)-like operating systems. It has been developed by Easy Software +cups: Products to promote a standard printing solution for all UNIX vendors +cups: and users. CUPS uses the Internet Printing Protocol ("IPP") as the +cups: basis for managing print jobs and queues. The CUPS package includes +cups: System V and Berkeley command-line interfaces, a PostScript RIP +cups: package for supporting non-PostScript printer drivers, and tools for +cups: creating additional printer drivers and other CUPS services. +cups: diff --git a/patches/packages/curl-7.55.0-x86_64-1_slack13.1.txt b/patches/packages/curl-7.55.0-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..eda0c0f2 --- /dev/null +++ b/patches/packages/curl-7.55.0-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +curl: curl (command line URL data transfer tool) +curl: +curl: Curl is a command line tool for transferring data specified with URL +curl: syntax. The command is designed to work without user interaction or +curl: any kind of interactivity. Curl offers a busload of useful tricks +curl: like proxy support, user authentication, ftp upload, HTTP post, SSL +curl: (https:) connections, cookies, file transfer resume and more. +curl: +curl: libcurl is a library that Curl uses to do its job. It is readily +curl: available to be used by your software, too. +curl: diff --git a/patches/packages/dhcp-4.4.1-x86_64-1_slack13.1.txt b/patches/packages/dhcp-4.4.1-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..beaa83c2 --- /dev/null +++ b/patches/packages/dhcp-4.4.1-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +dhcp: dhcp (DHCP server and client utilities) +dhcp: +dhcp: This package provides the ISC's DHCP utilities, including both a +dhcp: server and client. The DHCP protocol allows a host to contact a +dhcp: central server which maintains a list of IP addresses which may be +dhcp: assigned on one or more subnets. A DHCP client may request an +dhcp: address from this pool, and then use it temporarily for communication +dhcp: on the network. The DHCP protocol also provides a mechanism whereby +dhcp: a client can learn important details about the network to which it is +dhcp: attached, such as the location of a default router or name server. +dhcp: diff --git a/patches/packages/dhcpcd-5.2.12-x86_64-2_slack13.1.txt b/patches/packages/dhcpcd-5.2.12-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..31304a2a --- /dev/null +++ b/patches/packages/dhcpcd-5.2.12-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +dhcpcd: dhcpcd (DHCP client daemon) +dhcpcd: +dhcpcd: The DHCP client program dhcpcd is used to connect to a network by +dhcpcd: contacting a DHCP server. dhcpcd gets an IP address and other +dhcpcd: information from a corresponding DHCP server, configures the network +dhcpcd: interface automatically, and tries to renew the lease time according +dhcpcd: to RFC2131 or RFC1541 depending on the command line option. +dhcpcd: +dhcpcd: +dhcpcd: +dhcpcd: diff --git a/patches/packages/dnsmasq-2.78-x86_64-1_slack13.1.txt b/patches/packages/dnsmasq-2.78-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..4029c10f --- /dev/null +++ b/patches/packages/dnsmasq-2.78-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +dnsmasq: dnsmasq (small DNS and DHCP server) +dnsmasq: +dnsmasq: Dnsmasq is a lightweight, easy to configure DNS forwarder and DHCP +dnsmasq: server. It is designed to provide DNS (and optionally DHCP) to a +dnsmasq: small network, and can serve the names of local machines which are not +dnsmasq: in the global DNS. +dnsmasq: +dnsmasq: Dnsmasq was written by Simon Kelley. +dnsmasq: +dnsmasq: Homepage: http://www.thekelleys.org.uk/dnsmasq/ +dnsmasq: diff --git a/patches/packages/emacs-25.3-x86_64-1_slack13.1.txt b/patches/packages/emacs-25.3-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..77e793c2 --- /dev/null +++ b/patches/packages/emacs-25.3-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +emacs: emacs (GNU Emacs) +emacs: +emacs: Emacs is the extensible, customizable, self-documenting real-time +emacs: display editor. If this seems to be a bit of a mouthful, an +emacs: easier explanation is that Emacs is a text editor and more. At +emacs: its core is an interpreter for Emacs Lisp, a dialect of the Lisp +emacs: programming language with extensions to support text editing. +emacs: This version supports X. +emacs: +emacs: http://www.gnu.org/software/emacs/ +emacs: diff --git a/patches/packages/expat-2.2.2-x86_64-1_slack13.1.txt b/patches/packages/expat-2.2.2-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..fcd3a006 --- /dev/null +++ b/patches/packages/expat-2.2.2-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +expat: expat (C library for parsing XML) +expat: +expat: This is Expat, a C library for parsing XML, written by James Clark. +expat: Expat is a stream-oriented XML parser used by Python, GNOME, Xft2, +expat: and other things. +expat: +expat: +expat: +expat: +expat: +expat: diff --git a/patches/packages/fetchmail-6.3.20-x86_64-1_slack13.1.txt b/patches/packages/fetchmail-6.3.20-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..a637f456 --- /dev/null +++ b/patches/packages/fetchmail-6.3.20-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +fetchmail: fetchmail (mail retrieval and forwarding utility) +fetchmail: +fetchmail: fetchmail is a mail retrieval and forwarding utility. It fetches +fetchmail: mail from a POP, IMAP, or ETRN-capable remote mailserver and forwards +fetchmail: it to your local (client) machine's delivery system. You can then +fetchmail: handle the retrieved mail using normal mail user agents such as elm, +fetchmail: pine, or mutt. The fetchmail utility can be run in a daemon mode to +fetchmail: repeatedly poll one or more systems at a specified interval. +fetchmail: +fetchmail: fetchmail is probably not secure. +fetchmail: diff --git a/patches/packages/fixesproto-5.0-x86_64-1_slack13.1.txt b/patches/packages/fixesproto-5.0-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..3f4eca10 --- /dev/null +++ b/patches/packages/fixesproto-5.0-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +fixesproto: fixesproto (C prototypes for X11 X Fixes Extension) +fixesproto: +fixesproto: fixesproto is part of X11. +fixesproto: +fixesproto: For more information about the X.Org Foundation (the providers of the +fixesproto: X.Org implementation of the X Window System), see their website: +fixesproto: +fixesproto: http://www.x.org +fixesproto: +fixesproto: +fixesproto: diff --git a/patches/packages/freetype-2.5.5-x86_64-2_slack13.1.txt b/patches/packages/freetype-2.5.5-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..89d99c6d --- /dev/null +++ b/patches/packages/freetype-2.5.5-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +freetype: freetype (A Free, High-Quality, and Portable Font Engine) +freetype: +freetype: The FreeType engine is a free and portable TrueType font rendering +freetype: engine. It has been developed to provide TrueType support to a +freetype: great variety of platforms and environments. +freetype: +freetype: +freetype: +freetype: +freetype: +freetype: diff --git a/patches/packages/ghostscript-8.71-x86_64-3_slack13.1.txt b/patches/packages/ghostscript-8.71-x86_64-3_slack13.1.txt new file mode 100644 index 00000000..c9c939fd --- /dev/null +++ b/patches/packages/ghostscript-8.71-x86_64-3_slack13.1.txt @@ -0,0 +1,11 @@ +ghostscript: ghostscript (GPL Ghostscript) +ghostscript: +ghostscript: GPL Ghostscript is an interpreter of Adobe Systems' PostScript(tm) +ghostscript: and Portable Document Format (PDF) languages. Ghostscript is an +ghostscript: essential part of the printing subsystem, taking PostScript output +ghostscript: from applications and converting it into an appropriate printer or +ghostscript: display format. Ghostscript supports many printers directly, and +ghostscript: more are supported through add-on packages. +ghostscript: +ghostscript: +ghostscript: diff --git a/patches/packages/git-2.14.1-x86_64-1_slack13.1.txt b/patches/packages/git-2.14.1-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..059a95ba --- /dev/null +++ b/patches/packages/git-2.14.1-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +git: git (the stupid content tracker) +git: +git: Git is a fast, scalable, distributed revision control system with an +git: unusually rich command set that provides both high-level operations +git: and full access to internals. +git: +git: "git" can mean anything, depending on your mood. +git: +git: Git was originally written by Linus Torvalds and is currently +git: maintained by Junio C. Hamano. +git: diff --git a/patches/packages/glibc-2.11.1-x86_64-9_slack13.1.txt b/patches/packages/glibc-2.11.1-x86_64-9_slack13.1.txt new file mode 100644 index 00000000..9b940f88 --- /dev/null +++ b/patches/packages/glibc-2.11.1-x86_64-9_slack13.1.txt @@ -0,0 +1,11 @@ +glibc: glibc (GNU C libraries) +glibc: +glibc: This package contains the GNU C libraries and header files. The GNU +glibc: C library was written originally by Roland McGrath, and is currently +glibc: maintained by Ulrich Drepper. Some parts of the library were +glibc: contributed or worked on by other people. +glibc: +glibc: You'll need this package to compile programs. +glibc: +glibc: +glibc: diff --git a/patches/packages/glibc-i18n-2.11.1-x86_64-9_slack13.1.txt b/patches/packages/glibc-i18n-2.11.1-x86_64-9_slack13.1.txt new file mode 100644 index 00000000..7384659b --- /dev/null +++ b/patches/packages/glibc-i18n-2.11.1-x86_64-9_slack13.1.txt @@ -0,0 +1,11 @@ +glibc-i18n: glibc-i18n (locale files from glibc) +glibc-i18n: +glibc-i18n: These files go in /usr/lib/locale and /usr/share/i18n/ to provide +glibc-i18n: internationalization support. You'll need this package unless you +glibc-i18n: will be using US English only. +glibc-i18n: +glibc-i18n: +glibc-i18n: +glibc-i18n: +glibc-i18n: +glibc-i18n: diff --git a/patches/packages/glibc-profile-2.11.1-x86_64-9_slack13.1.txt b/patches/packages/glibc-profile-2.11.1-x86_64-9_slack13.1.txt new file mode 100644 index 00000000..f9b53ba6 --- /dev/null +++ b/patches/packages/glibc-profile-2.11.1-x86_64-9_slack13.1.txt @@ -0,0 +1,11 @@ +glibc-profile: glibc-profile (GNU C libraries with profiling support) +glibc-profile: +glibc-profile: This package contains static versions of the GNU C libraries with +glibc-profile: support for profiling binaries using gprof. gprof calculates how +glibc-profile: much time a program spends in each routine which can suggest where +glibc-profile: to concentrate efforts to improve performance. +glibc-profile: +glibc-profile: See the gprof man page for more details. +glibc-profile: +glibc-profile: +glibc-profile: diff --git a/patches/packages/glibc-solibs-2.11.1-x86_64-9_slack13.1.txt b/patches/packages/glibc-solibs-2.11.1-x86_64-9_slack13.1.txt new file mode 100644 index 00000000..3824184d --- /dev/null +++ b/patches/packages/glibc-solibs-2.11.1-x86_64-9_slack13.1.txt @@ -0,0 +1,11 @@ +glibc-solibs: glibc-solibs (shared GNU C libraries) +glibc-solibs: +glibc-solibs: This package contains the shared libraries, binaries, and support +glibc-solibs: files required to run most Linux applications linked with glibc. +glibc-solibs: +glibc-solibs: +glibc-solibs: +glibc-solibs: +glibc-solibs: +glibc-solibs: +glibc-solibs: diff --git a/patches/packages/glibc-zoneinfo-2018e-noarch-2_slack13.1.txt b/patches/packages/glibc-zoneinfo-2018e-noarch-2_slack13.1.txt new file mode 100644 index 00000000..c74ccc6a --- /dev/null +++ b/patches/packages/glibc-zoneinfo-2018e-noarch-2_slack13.1.txt @@ -0,0 +1,11 @@ +glibc-zoneinfo: glibc-zoneinfo (timezone database) +glibc-zoneinfo: +glibc-zoneinfo: This package allows you to configure your time zone. +glibc-zoneinfo: +glibc-zoneinfo: This timezone database comes from the tzdata and tzcode packages by +glibc-zoneinfo: Arthur David Olson et.al. The latest version and more information +glibc-zoneinfo: may be found at: http://www.iana.org/time-zones +glibc-zoneinfo: +glibc-zoneinfo: Use the timeconfig utility to set your local time zone. +glibc-zoneinfo: +glibc-zoneinfo: diff --git a/patches/packages/gnupg-1.4.22-x86_64-1_slack13.1.txt b/patches/packages/gnupg-1.4.22-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..59d38136 --- /dev/null +++ b/patches/packages/gnupg-1.4.22-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +gnupg: gnupg (The GNU Privacy Guard) +gnupg: +gnupg: GnuPG is GNU's tool for secure communication and data storage. It can +gnupg: be used to encrypt data and to create digital signatures. It includes +gnupg: an advanced key management facility and is compliant with the proposed +gnupg: OpenPGP Internet standard as described in RFC2440. +gnupg: +gnupg: +gnupg: +gnupg: +gnupg: diff --git a/patches/packages/gnupg2-2.0.14-x86_64-3_slack13.1.txt b/patches/packages/gnupg2-2.0.14-x86_64-3_slack13.1.txt new file mode 100644 index 00000000..73fb401d --- /dev/null +++ b/patches/packages/gnupg2-2.0.14-x86_64-3_slack13.1.txt @@ -0,0 +1,11 @@ +gnupg2: GnuPG2 (The GNU Privacy Guard version 2.x) +gnupg2: +gnupg2: GnuPG is GNU's tool for secure communication and data storage. It can +gnupg2: be used to encrypt data and to create digital signatures. It includes +gnupg2: an advanced key management facility and is compliant with the proposed +gnupg2: OpenPGP Internet standard as described in RFC2440 and the S/MIME +gnupg2: standard as described by several RFCs. +gnupg2: +gnupg2: GnuPG 2.0 is the stable version of GnuPG integrating support for +gnupg2: OpenPGP and S/MIME. It does not conflict with an installed 1.4.x +gnupg2: OpenPGP-only version. diff --git a/patches/packages/gnutls-2.8.6-x86_64-4_slack13.1.txt b/patches/packages/gnutls-2.8.6-x86_64-4_slack13.1.txt new file mode 100644 index 00000000..40c151dc --- /dev/null +++ b/patches/packages/gnutls-2.8.6-x86_64-4_slack13.1.txt @@ -0,0 +1,11 @@ +gnutls: gnutls (GNU TLS library) +gnutls: +gnutls: This is a TLS (Transport Layer Security) 1.0 and SSL (Secure Sockets +gnutls: Layer) 3.0 implementation. In brief, GnuTLS can be described as a +gnutls: library which offers an API to access secure communication protocols. +gnutls: These protocols provide privacy over insecure lines, and were designed +gnutls: to prevent eavesdropping, tampering, or message forgery. +gnutls: +gnutls: Homepage: http://www.gnu.org/software/gnutls/ +gnutls: +gnutls: diff --git a/patches/packages/hplip-3.10.2-x86_64-4_slack13.1.txt b/patches/packages/hplip-3.10.2-x86_64-4_slack13.1.txt new file mode 100644 index 00000000..d6179a47 --- /dev/null +++ b/patches/packages/hplip-3.10.2-x86_64-4_slack13.1.txt @@ -0,0 +1,11 @@ +hplip: hplip (HP print/scan/fax support) +hplip: +hplip: HPLIP is an HP developed solution for printing, scanning, and faxing +hplip: with HP inkjet and laser based printers in Linux. The HPLIP project +hplip: provides printing support for more than 1400 HP printer models, +hplip: including Deskjet, Officejet, Photosmart, PSC (Print Scan Copy), +hplip: Business Inkjet, LaserJet, and LaserJet MFP. +hplip: +hplip: For more information, see: http://hplipopensource.com +hplip: +hplip: diff --git a/patches/packages/httpd-2.2.34-x86_64-2_slack13.1.txt b/patches/packages/httpd-2.2.34-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..e0fe474d --- /dev/null +++ b/patches/packages/httpd-2.2.34-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +httpd: httpd (The Apache HTTP Server) +httpd: +httpd: Apache is an HTTP server designed as a plug-in replacement for the +httpd: NCSA HTTP server. It fixes numerous bugs in the NCSA server and +httpd: includes many frequently requested new features, and has an API which +httpd: allows it to be extended to meet users' needs more easily. +httpd: +httpd: Apache is the most popular web server in the known universe; over +httpd: half of the servers on the Internet are running Apache or one of +httpd: its variants. +httpd: diff --git a/patches/packages/imlib-1.9.15-x86_64-7_slack13.1.txt b/patches/packages/imlib-1.9.15-x86_64-7_slack13.1.txt new file mode 100644 index 00000000..1b88b00a --- /dev/null +++ b/patches/packages/imlib-1.9.15-x86_64-7_slack13.1.txt @@ -0,0 +1,11 @@ +imlib: imlib (image loading and rendering library) +imlib: +imlib: Imlib is a display depth-independent image loading and rendering +imlib: library. Imlib is designed to simplify and speed up the process of +imlib: loading images and obtaining X Window System drawables. Imlib +imlib: provides many simple manipulation routines which can be used for +imlib: common operations. +imlib: +imlib: +imlib: +imlib: diff --git a/patches/packages/inputproto-2.3.2-noarch-1_slack13.1.txt b/patches/packages/inputproto-2.3.2-noarch-1_slack13.1.txt new file mode 100644 index 00000000..e5287dfe --- /dev/null +++ b/patches/packages/inputproto-2.3.2-noarch-1_slack13.1.txt @@ -0,0 +1,11 @@ +inputproto: inputproto (C prototypes for X Input extension) +inputproto: +inputproto: inputproto is part of X11. +inputproto: +inputproto: For more information about the X.Org Foundation (the providers of the +inputproto: X.Org implementation of the X Window System), see their website: +inputproto: +inputproto: http://www.x.org +inputproto: +inputproto: +inputproto: diff --git a/patches/packages/irssi-0.8.21-x86_64-2_slack13.1.txt b/patches/packages/irssi-0.8.21-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..c7127d1f --- /dev/null +++ b/patches/packages/irssi-0.8.21-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +irssi: irssi (Internet Relay Chat client) +irssi: +irssi: Irssi is an Internet Relay Chat client. Designed to be both secure +irssi: and expandable, irssi is easily customized using modules and scripts. +irssi: +irssi: For more information, visit: http://irssi.org +irssi: +irssi: irssi was written by Timo Sirainen. +irssi: +irssi: +irssi: diff --git a/patches/packages/jasper-1.900.1-x86_64-4_slack13.1.txt b/patches/packages/jasper-1.900.1-x86_64-4_slack13.1.txt new file mode 100644 index 00000000..77319af7 --- /dev/null +++ b/patches/packages/jasper-1.900.1-x86_64-4_slack13.1.txt @@ -0,0 +1,11 @@ +jasper: jasper (free implementation of the JPEG-2000 standard) +jasper: +jasper: The JasPer Project is an open-source initiative to provide a free +jasper: software-based reference implementation of the codec specified in the +jasper: JPEG-2000 Part-1 standard (i.e., ISO/IEC 15444-1).jasper: +jasper: +jasper: jasper home: http://www.ece.uvic.ca/~mdadams/jasper/ +jasper: +jasper: +jasper: +jasper: diff --git a/patches/packages/k3b-2.0.0-x86_64-1_slack13.1.txt b/patches/packages/k3b-2.0.0-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..1ffe4885 --- /dev/null +++ b/patches/packages/k3b-2.0.0-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +k3b: k3b (The CD Creator) +k3b: +k3b: K3b makes writing cds under Linux easy. It has an easy to use +k3b: interface and supports CD burning (including on-the-fly), copying, +k3b: erasing, ripping, and more. +k3b: +k3b: K3b was written by Sebastian Trueg, Thomas Froescher, +k3b: Christian Kvasny, and Klaus-Dieter Krannich. +k3b: +k3b: For more information, visit: http://www.k3b.org +k3b: diff --git a/patches/packages/kdegraphics-4.4.3-x86_64-3_slack13.1.txt b/patches/packages/kdegraphics-4.4.3-x86_64-3_slack13.1.txt new file mode 100644 index 00000000..9de7ef6e --- /dev/null +++ b/patches/packages/kdegraphics-4.4.3-x86_64-3_slack13.1.txt @@ -0,0 +1,11 @@ +kdegraphics: kdegraphics (KDE graphics programs) +kdegraphics: +kdegraphics: Graphics programs for the KDE Software Compilation, including +kdegraphics: gwenview, kcolorchooser, kbackgroundsnapshot, kolourpaint, kruler, +kdegraphics: ksnapshot, okular, and xf86gammacfg. +kdegraphics: +kdegraphics: +kdegraphics: +kdegraphics: +kdegraphics: +kdegraphics: diff --git a/patches/packages/kdelibs-4.4.3-x86_64-2_slack13.1.txt b/patches/packages/kdelibs-4.4.3-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..d192ec7a --- /dev/null +++ b/patches/packages/kdelibs-4.4.3-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +kdelibs: kdelibs (KDE libraries) +kdelibs: +kdelibs: System libraries and other resources required for the KDE Platform. +kdelibs: +kdelibs: +kdelibs: +kdelibs: +kdelibs: +kdelibs: +kdelibs: +kdelibs: diff --git a/patches/packages/libX11-1.6.4-x86_64-1_slack13.1.txt b/patches/packages/libX11-1.6.4-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..7a0038ff --- /dev/null +++ b/patches/packages/libX11-1.6.4-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +libX11: libX11 (Core X11 protocol client library) +libX11: +libX11: libX11 is part of X11. +libX11: +libX11: For more information about the X.Org Foundation (the providers of the +libX11: X.Org implementation of the X Window System), see their website: +libX11: +libX11: http://www.x.org +libX11: +libX11: +libX11: diff --git a/patches/packages/libXcursor-1.1.15-x86_64-1_slack13.1.txt b/patches/packages/libXcursor-1.1.15-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..a95a82df --- /dev/null +++ b/patches/packages/libXcursor-1.1.15-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +libXcursor: libXcursor (X Window System Cursor management library) +libXcursor: +libXcursor: libXcursor is part of X11. +libXcursor: +libXcursor: For more information about the X.Org Foundation (the providers of the +libXcursor: X.Org implementation of the X Window System), see their website: +libXcursor: +libXcursor: http://www.x.org +libXcursor: +libXcursor: +libXcursor: diff --git a/patches/packages/libXext-1.3.3-x86_64-1_slack13.1.txt b/patches/packages/libXext-1.3.3-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..4a7d5952 --- /dev/null +++ b/patches/packages/libXext-1.3.3-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +libXext: libXext (library for common extensions to the X11 protocol) +libXext: +libXext: libXext is part of X11. +libXext: +libXext: For more information about the X.Org Foundation (the providers of the +libXext: X.Org implementation of the X Window System), see their website: +libXext: +libXext: http://www.x.org +libXext: +libXext: +libXext: diff --git a/patches/packages/libXfixes-5.0.3-x86_64-1_slack13.1.txt b/patches/packages/libXfixes-5.0.3-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..cad880c5 --- /dev/null +++ b/patches/packages/libXfixes-5.0.3-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +libXfixes: libXfixes (client library for the Xfixes extension) +libXfixes: +libXfixes: libXfixes is part of X11. +libXfixes: +libXfixes: For more information about the X.Org Foundation (the providers of the +libXfixes: X.Org implementation of the X Window System), see their website: +libXfixes: +libXfixes: http://www.x.org +libXfixes: +libXfixes: +libXfixes: diff --git a/patches/packages/libXfont-1.4.7-x86_64-2_slack13.1.txt b/patches/packages/libXfont-1.4.7-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..fd4ecec9 --- /dev/null +++ b/patches/packages/libXfont-1.4.7-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +libXfont: libXfont (library for legacy X11 font system) +libXfont: +libXfont: libXfont provides the core of the legacy X11 font system, handling the +libXfont: index files (fonts.dir, fonts.alias, fonts.scale), the various font +libXfont: file formats, and rasterizing them. It is used by the X servers, the +libXfont: X Font Server (xfs), and some font utilities (bdftopcf for instance), +libXfont: but should not be used by normal X11 clients. X11 clients access fonts +libXfont: via either the new API's in libXft, or the legacy API's in libX11. +libXfont: +libXfont: +libXfont: diff --git a/patches/packages/libXi-1.7.8-x86_64-1_slack13.1.txt b/patches/packages/libXi-1.7.8-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..f8ef8ec2 --- /dev/null +++ b/patches/packages/libXi-1.7.8-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +libXi: libXi (library for the X Input Extension) +libXi: +libXi: libXi is part of X11. +libXi: +libXi: For more information about the X.Org Foundation (the providers of the +libXi: X.Org implementation of the X Window System), see their website: +libXi: +libXi: http://www.x.org +libXi: +libXi: +libXi: diff --git a/patches/packages/libXrandr-1.5.1-x86_64-1_slack13.1.txt b/patches/packages/libXrandr-1.5.1-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..7025c9ef --- /dev/null +++ b/patches/packages/libXrandr-1.5.1-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +libXrandr: libXrandr (X Resize, Rotate and Reflection extension library) +libXrandr: +libXrandr: libXrandr is part of X11. +libXrandr: +libXrandr: For more information about the X.Org Foundation (the providers of the +libXrandr: X.Org implementation of the X Window System), see their website: +libXrandr: +libXrandr: http://www.x.org +libXrandr: +libXrandr: +libXrandr: diff --git a/patches/packages/libXrender-0.9.10-x86_64-1_slack13.1.txt b/patches/packages/libXrender-0.9.10-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..254411dd --- /dev/null +++ b/patches/packages/libXrender-0.9.10-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +libXrender: libXrender (library for the Render Extension to the X11 protocol) +libXrender: +libXrender: libXrender is part of X11. +libXrender: +libXrender: For more information about the X.Org Foundation (the providers of the +libXrender: X.Org implementation of the X Window System), see their website: +libXrender: +libXrender: http://www.x.org +libXrender: +libXrender: +libXrender: diff --git a/patches/packages/libXtst-1.2.3-x86_64-1_slack13.1.txt b/patches/packages/libXtst-1.2.3-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..b44d139f --- /dev/null +++ b/patches/packages/libXtst-1.2.3-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +libXtst: libXtst (client library for the XTEST & RECORD extensions) +libXtst: +libXtst: libXtst is part of X11. +libXtst: +libXtst: For more information about the X.Org Foundation (the providers of the +libXtst: X.Org implementation of the X Window System), see their website: +libXtst: +libXtst: http://www.x.org +libXtst: +libXtst: +libXtst: diff --git a/patches/packages/libXv-1.0.11-x86_64-1_slack13.1.txt b/patches/packages/libXv-1.0.11-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..57e51905 --- /dev/null +++ b/patches/packages/libXv-1.0.11-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +libXv: libXv (library for the X Video (Xv) extension to the X Window System) +libXv: +libXv: libXv is part of X11. +libXv: +libXv: For more information about the X.Org Foundation (the providers of the +libXv: X.Org implementation of the X Window System), see their website: +libXv: +libXv: http://www.x.org +libXv: +libXv: +libXv: diff --git a/patches/packages/libXvMC-1.0.10-x86_64-1_slack13.1.txt b/patches/packages/libXvMC-1.0.10-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..b23d9bd2 --- /dev/null +++ b/patches/packages/libXvMC-1.0.10-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +libXvMC: libXvMC (X.Org X11 libXvMC runtime library) +libXvMC: +libXvMC: libXvMC is part of X11. +libXvMC: +libXvMC: For more information about the X.Org Foundation (the providers of the +libXvMC: X.Org implementation of the X Window System), see their website: +libXvMC: +libXvMC: http://www.x.org +libXvMC: +libXvMC: +libXvMC: diff --git a/patches/packages/libexif-0.6.21-x86_64-1_slack13.1.txt b/patches/packages/libexif-0.6.21-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..6610204e --- /dev/null +++ b/patches/packages/libexif-0.6.21-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +libexif: libexif (Exchangeable Image File Format library) +libexif: +libexif: EXIF stands for Exchangeable Image File Format, which is a format used +libexif: to store extra information in images such as the JPEG files produced +libexif: by digital cameras. The libexif library allows programs such as +libexif: gthumb to parse, edit, and save EXIF data. +libexif: +libexif: +libexif: +libexif: +libexif: diff --git a/patches/packages/libgcrypt-1.5.6-x86_64-1_slack13.1.txt b/patches/packages/libgcrypt-1.5.6-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..079f2133 --- /dev/null +++ b/patches/packages/libgcrypt-1.5.6-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +libgcrypt: libgcrypt (General purpose crypto library) +libgcrypt: +libgcrypt: Libgcrypt is a general purpose crypto library based on the code +libgcrypt: used in GnuPG. +libgcrypt: +libgcrypt: +libgcrypt: +libgcrypt: +libgcrypt: +libgcrypt: +libgcrypt: diff --git a/patches/packages/libgpg-error-1.11-x86_64-1_slack13.1.txt b/patches/packages/libgpg-error-1.11-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..65f09d5e --- /dev/null +++ b/patches/packages/libgpg-error-1.11-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +libgpg-error: libgpg-error (GnuPG Error Definitions Library) +libgpg-error: +libgpg-error: This is a library that defines common error values for all GnuPG +libgpg-error: components. Among these are GPG, GPGSM, GPGME, GPG-Agent, +libgpg-error: libgcrypt, Libksba, DirMngr, Pinentry, SmartCard Daemon, and more. +libgpg-error: +libgpg-error: +libgpg-error: +libgpg-error: +libgpg-error: +libgpg-error: diff --git a/patches/packages/libidn-1.34-x86_64-1_slack13.1.txt b/patches/packages/libidn-1.34-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..86ffee4f --- /dev/null +++ b/patches/packages/libidn-1.34-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +libidn: libidn (GNU Internationalized Domain Name library) +libidn: +libidn: GNU Libidn is an implementation of the Stringprep, Punycode and IDNA +libidn: specifications defined by the IETF Internationalized Domain Names +libidn: (IDN) working group, used for internationalized domain names. +libidn: +libidn: +libidn: +libidn: +libidn: +libidn: diff --git a/patches/packages/libiodbc-3.52.8-x86_64-1_slack13.1.txt b/patches/packages/libiodbc-3.52.8-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..cc761507 --- /dev/null +++ b/patches/packages/libiodbc-3.52.8-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +libiodbc: libiodbc (Independent Open DataBase Connectivity) +libiodbc: +libiodbc: iODBC is the acronym for Independent Open DataBase Connectivity, +libiodbc: an Open Source platform independent implementation of both the ODBC +libiodbc: and X/Open specifications. It allows for developing solutions +libiodbc: that are language, platform and database independent. +libiodbc: +libiodbc: +libiodbc: +libiodbc: Homepage: http://iodbc.org/ +libiodbc: diff --git a/patches/packages/libjpeg-v8a-x86_64-2_slack13.1.txt b/patches/packages/libjpeg-v8a-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..5b4a1f09 --- /dev/null +++ b/patches/packages/libjpeg-v8a-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +libjpeg: libjpeg (Independent JPEG Group's JPEG software) +libjpeg: +libjpeg: Software to implement JPEG image compression and decompression. JPEG +libjpeg: (pronounced 'jay-peg') is a standardized compression method for +libjpeg: full-color and gray-scale images. JPEG is intended for compressing +libjpeg: 'real-world' scenes; cartoons and other non-realistic images are not +libjpeg: its strong suit. JPEG is lossy, however, on typical images of +libjpeg: real-world scenes, very good compression levels can be obtained with +libjpeg: no visible change, and amazingly high compression levels are possible +libjpeg: if you can tolerate a low-quality image. +libjpeg: diff --git a/patches/packages/libpng-1.4.20-x86_64-1_slack13.1.txt b/patches/packages/libpng-1.4.20-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..3d0deb67 --- /dev/null +++ b/patches/packages/libpng-1.4.20-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +libpng: libpng (Portable Network Graphics library) +libpng: +libpng: PNG (Portable Network Graphics) is an extensible file format for the +libpng: lossless, portable, well-compressed storage of raster images. PNG +libpng: provides a patent-free replacement for GIF and can also replace many +libpng: common uses of TIFF. Indexed-color, grayscale, and truecolor images +libpng: are supported, plus an optional alpha channel. Sample depths range +libpng: from 1 to 16 bits. +libpng: +libpng: +libpng: diff --git a/patches/packages/libtiff-3.9.7-x86_64-1_slack13.1.txt b/patches/packages/libtiff-3.9.7-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..89df05ed --- /dev/null +++ b/patches/packages/libtiff-3.9.7-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +libtiff: libtiff (a library for reading and writing TIFF files) +libtiff: +libtiff: This package provides support for the Tag Image File Format (TIFF), +libtiff: a widely used format for storing image data. Included is the libtiff +libtiff: library (for reading and writing TIFF files), and a collection of +libtiff: tools for working with TIFF images. +libtiff: +libtiff: +libtiff: +libtiff: +libtiff: diff --git a/patches/packages/libwmf-0.2.8.4-x86_64-6_slack13.1.txt b/patches/packages/libwmf-0.2.8.4-x86_64-6_slack13.1.txt new file mode 100644 index 00000000..9ce901b8 --- /dev/null +++ b/patches/packages/libwmf-0.2.8.4-x86_64-6_slack13.1.txt @@ -0,0 +1,11 @@ +libwmf: libwmf (WMF graphics format library) +libwmf: +libwmf: libwmf is a library for interpreting metafile images and either +libwmf: displaying them using X or converting them to standard formats such +libwmf: as PNG, JPEG, PS, EPS and SVG. +libwmf: +libwmf: +libwmf: +libwmf: +libwmf: +libwmf: diff --git a/patches/packages/libxcb-1.11.1-x86_64-2_slack13.1.txt b/patches/packages/libxcb-1.11.1-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..cc9d7054 --- /dev/null +++ b/patches/packages/libxcb-1.11.1-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +libxcb: libxcb (X protocol C-language Binding) +libxcb: +libxcb: The XCB library provides an interface to the X Window System protocol +libxcb: which is fully capable of replacing Xlib. In fact, libX11 makes use +libxcb: of libxcb as much as possible. :-) Porting to XCB has several +libxcb: advantages such as a smaller memory footprint, latency hiding, direct +libxcb: protocol access, and improved thread support. +libxcb: +libxcb: +libxcb: +libxcb: diff --git a/patches/packages/libxml2-2.7.6-x86_64-3_slack13.1.txt b/patches/packages/libxml2-2.7.6-x86_64-3_slack13.1.txt new file mode 100644 index 00000000..806c9765 --- /dev/null +++ b/patches/packages/libxml2-2.7.6-x86_64-3_slack13.1.txt @@ -0,0 +1,11 @@ +libxml2: libxml2 (XML parser library) +libxml2: +libxml2: Libxml2 is the XML C parser library and toolkit. XML itself is a +libxml2: metalanguage to design markup languages -- i.e. a text language where +libxml2: structures are added to the content using extra "markup" information +libxml2: enclosed between angle brackets. HTML is the most well-known markup +libxml2: language. Though the library is written in C, a variety of language +libxml2: bindings make it available in other environments. +libxml2: +libxml2: +libxml2: diff --git a/patches/packages/libyaml-0.1.6-x86_64-1_slack13.1.txt b/patches/packages/libyaml-0.1.6-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..0d9e6c94 --- /dev/null +++ b/patches/packages/libyaml-0.1.6-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +libyaml: libyaml (YAML parser, written in C) +libyaml: +libyaml: YAML Ain't Markup Language. It is a human friendly data serialization +libyaml: standard for all programming languages. +libyaml: +libyaml: Homepage: http://pyyaml.org/wiki/LibYAML +libyaml: +libyaml: +libyaml: +libyaml: +libyaml: diff --git a/patches/packages/linux-2.6.33.4-2/README b/patches/packages/linux-2.6.33.4-2/README new file mode 100644 index 00000000..7befffaa --- /dev/null +++ b/patches/packages/linux-2.6.33.4-2/README @@ -0,0 +1,23 @@ +After using upgradepkg to install these packages, you'll need +to rebuild your initrd (if you use one), and then reinstall +LILO. + +Here's an example of how to rebuild the initrd for the +generic kernel for a root partition on /dev/sda2 using ext4: + +mkinitrd -k 2.6.33.4 -m ext4 -f ext4 -r /dev/sda2 + +See "man initrd" for full details on using mkinitrd. + +Then, make sure /etc/lilo has a section similar to this: + +# Linux bootable partition config begins +image = /boot/vmlinuz-generic-2.6.33.4 + initrd = /boot/initrd.gz + root = /dev/sda2 + label = Linux + read-only +# Linux bootable partition config ends + +Then, reinstall LILO by running "lilo" as root. + diff --git a/patches/packages/linux-2.6.33.4-2/kernel-firmware-2.6.33.4-noarch-2.txt b/patches/packages/linux-2.6.33.4-2/kernel-firmware-2.6.33.4-noarch-2.txt new file mode 100644 index 00000000..8a2d40cc --- /dev/null +++ b/patches/packages/linux-2.6.33.4-2/kernel-firmware-2.6.33.4-noarch-2.txt @@ -0,0 +1,11 @@ +kernel-firmware: kernel-firmware (Firmware installed by the kernel) +kernel-firmware: +kernel-firmware: These are the firmware files from the Linux kernel. +kernel-firmware: +kernel-firmware: You'll need these to use certain hardware with Linux. +kernel-firmware: +kernel-firmware: +kernel-firmware: +kernel-firmware: +kernel-firmware: +kernel-firmware: diff --git a/patches/packages/linux-2.6.33.4-2/kernel-generic-2.6.33.4-x86_64-2.txt b/patches/packages/linux-2.6.33.4-2/kernel-generic-2.6.33.4-x86_64-2.txt new file mode 100644 index 00000000..b99e5509 --- /dev/null +++ b/patches/packages/linux-2.6.33.4-2/kernel-generic-2.6.33.4-x86_64-2.txt @@ -0,0 +1,11 @@ +kernel-generic: kernel-generic (a general purpose SMP Linux kernel) +kernel-generic: +kernel-generic: This is a Linux kernel with built-in support for most disk +kernel-generic: controllers. To use filesystems, or to load support for a SCSI or +kernel-generic: other controller, then you'll need to load one or more kernel +kernel-generic: modules using an initial ramdisk, or initrd. For more information +kernel-generic: about creating an initrd, see the README.initrd file in the /boot +kernel-generic: directory. +kernel-generic: +kernel-generic: SMP is "Symmetric multiprocessing", or multiple CPU/core support. +kernel-generic: diff --git a/patches/packages/linux-2.6.33.4-2/kernel-headers-2.6.33.4-x86-2.txt b/patches/packages/linux-2.6.33.4-2/kernel-headers-2.6.33.4-x86-2.txt new file mode 100644 index 00000000..27b46a0e --- /dev/null +++ b/patches/packages/linux-2.6.33.4-2/kernel-headers-2.6.33.4-x86-2.txt @@ -0,0 +1,11 @@ +kernel-headers: kernel-headers (Linux kernel include files) +kernel-headers: +kernel-headers: These are the include files from the Linux kernel. +kernel-headers: +kernel-headers: You'll need these to compile most system software for Linux. +kernel-headers: +kernel-headers: +kernel-headers: +kernel-headers: +kernel-headers: +kernel-headers: diff --git a/patches/packages/linux-2.6.33.4-2/kernel-huge-2.6.33.4-x86_64-2.txt b/patches/packages/linux-2.6.33.4-2/kernel-huge-2.6.33.4-x86_64-2.txt new file mode 100644 index 00000000..95357007 --- /dev/null +++ b/patches/packages/linux-2.6.33.4-2/kernel-huge-2.6.33.4-x86_64-2.txt @@ -0,0 +1,11 @@ +kernel-huge: kernel-huge (a fully-loaded SMP Linux kernel) +kernel-huge: +kernel-huge: This is a Linux kernel with built-in support for most disk +kernel-huge: controllers. If you're looking for a more stripped down kernel +kernel-huge: (this one contains everything but the kitchen sink ;-), then install +kernel-huge: the kernel-generic in the /boot directory along with an initrd to +kernel-huge: load support for your boot device and filesystem. For instructions +kernel-huge: on the initrd, see README.initrd in the /boot directory. +kernel-huge: +kernel-huge: SMP is "Symmetric multiprocessing", or multiple CPU/core support. +kernel-huge: diff --git a/patches/packages/linux-2.6.33.4-2/kernel-modules-2.6.33.4-x86_64-2.txt b/patches/packages/linux-2.6.33.4-2/kernel-modules-2.6.33.4-x86_64-2.txt new file mode 100644 index 00000000..56067d43 --- /dev/null +++ b/patches/packages/linux-2.6.33.4-2/kernel-modules-2.6.33.4-x86_64-2.txt @@ -0,0 +1,11 @@ +kernel-modules: kernel-modules (Linux kernel modules) +kernel-modules: +kernel-modules: A kernel module is a piece of object code that can be dynamically +kernel-modules: loaded into the Linux kernel to provide new kernel functions. Most of +kernel-modules: these modules provide support for devices such as CD-ROM drives, tape +kernel-modules: drives, and ethernet cards. You can choose which modules to load by +kernel-modules: editing /etc/rc.d/rc.modules. +kernel-modules: +kernel-modules: +kernel-modules: +kernel-modules: diff --git a/patches/packages/linux-2.6.33.4-2/kernel-source-2.6.33.4-noarch-2.txt b/patches/packages/linux-2.6.33.4-2/kernel-source-2.6.33.4-noarch-2.txt new file mode 100644 index 00000000..e06aa296 --- /dev/null +++ b/patches/packages/linux-2.6.33.4-2/kernel-source-2.6.33.4-noarch-2.txt @@ -0,0 +1,11 @@ +kernel-source: kernel-source (Linux kernel source) +kernel-source: +kernel-source: Source code for Linus Torvalds' Linux kernel. +kernel-source: +kernel-source: This is the complete source code for the Linux kernel. +kernel-source: +kernel-source: This kernel has been patched to fix: +kernel-source: 64-bit Compatibility Mode Stack Pointer Underflow (CVE-2010-3081). +kernel-source: IA32 System Call Entry Point Vulnerability (CVE-2010-3301). +kernel-source: +kernel-source: diff --git a/patches/packages/linux-2.6.33.4-2/kernels/VERSIONS.TXT b/patches/packages/linux-2.6.33.4-2/kernels/VERSIONS.TXT new file mode 100644 index 00000000..e328d23a --- /dev/null +++ b/patches/packages/linux-2.6.33.4-2/kernels/VERSIONS.TXT @@ -0,0 +1,3 @@ +
+These kernels are version 2.6.33.4.
+
diff --git a/patches/packages/lm_sensors-3.3.4-x86_64-1_slack13.1.txt b/patches/packages/lm_sensors-3.3.4-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..025e3f68 --- /dev/null +++ b/patches/packages/lm_sensors-3.3.4-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +lm_sensors: lm_sensors (hardware monitoring package) +lm_sensors: +lm_sensors: lm_sensors provides tools for monitoring the temperatures, voltages, +lm_sensors: and fans of Linux systems with hardware monitoring devices. Included +lm_sensors: are text-based tools for sensor reporting, and a library for sensors +lm_sensors: access called libsensors. It also contains tools for sensor hardware +lm_sensors: identification and I2C bus probing. +lm_sensors: +lm_sensors: IMPORTANT NOTE: If you have a Thinkpad, please read the warnings in +lm_sensors: the README.thinkpad file. lm_sensors has been known to cause damage +lm_sensors: to some Thinkpads. diff --git a/patches/packages/lynx-2.8.8rel.2-x86_64-1_slack13.1.txt b/patches/packages/lynx-2.8.8rel.2-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..925b5830 --- /dev/null +++ b/patches/packages/lynx-2.8.8rel.2-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +lynx: Lynx (text mode browser) +lynx: +lynx: Lynx is a distributed hypertext browser with full World Wide Web +lynx: capabilities. Lynx can be used to access information on the World +lynx: Wide Web, or to build information systems intended primarily for local +lynx: access. For example, Lynx has been used to build several Campus Wide +lynx: Information Systems (CWIS). +lynx: +lynx: Lynx's authors include Lou Montulli, Garrett Blythe, Craig Lavender, +lynx: Michael Grobe, and Charles Rezac. +lynx: diff --git a/patches/packages/mailx-12.5-x86_64-1_slack13.1.txt b/patches/packages/mailx-12.5-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..5ae7aa79 --- /dev/null +++ b/patches/packages/mailx-12.5-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +mailx: mailx (a simple mail client) +mailx: +mailx: Mailx is derived from Berkeley Mail and is intended provide the +mailx: functionality of the POSIX mailx command with additional support +mailx: for MIME, IMAP, POP3, SMTP, and S/MIME. It provides enhanced +mailx: features for interactive use, such as caching and disconnected +mailx: operation for IMAP, message threading, scoring, and filtering. +mailx: It is also usable as a mail batch language, both for sending +mailx: and receiving mail. +mailx: +mailx: The maintainer and primary developer of mailx is Gunnar Ritter. diff --git a/patches/packages/mercurial-3.8.1-x86_64-1_slack13.1.txt b/patches/packages/mercurial-3.8.1-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..74728542 --- /dev/null +++ b/patches/packages/mercurial-3.8.1-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +mercurial: mercurial (a distributed source management system) +mercurial: +mercurial: Mercurial is a cross-platform, distributed source management tool for +mercurial: software developers. It is written in Python, with a binary diff +mercurial: implementation written in C. Its major features include high- +mercurial: performance; serverless, fully distributed collaborative development; +mercurial: robust handling of both plain text and binary files; advanced +mercurial: branching and merging capabilities; and full source code available +mercurial: under the terms of the LGPL. +mercurial: +mercurial: Mercurial was written by Matt Mackall and other contributors. diff --git a/patches/packages/minicom-2.7.1-x86_64-1_slack13.1.txt b/patches/packages/minicom-2.7.1-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..ec008506 --- /dev/null +++ b/patches/packages/minicom-2.7.1-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +minicom: minicom (communications package) +minicom: +minicom: Minicom - a full featured menu-driven communications package similar +minicom: to the DOS program 'Telix'. Also includes sz/rz - utilities used to +minicom: upload and download files using the Zmodem protocol. +minicom: +minicom: Homepage: http://alioth.debian.org/projects/minicom +minicom: +minicom: +minicom: +minicom: diff --git a/patches/packages/mozilla-firefox-3.6.28-x86_64-1_slack13.1.txt b/patches/packages/mozilla-firefox-3.6.28-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..1d399dbf --- /dev/null +++ b/patches/packages/mozilla-firefox-3.6.28-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +mozilla-firefox: mozilla-firefox (Mozilla Firefox Web browser) +mozilla-firefox: +mozilla-firefox: This project is a redesign of the Mozilla browser component written +mozilla-firefox: using the XUL user interface language. Firefox empowers you to +mozilla-firefox: browse faster, more safely and more efficiently than with any other +mozilla-firefox: browser. +mozilla-firefox: +mozilla-firefox: Visit the Mozilla Firefox project online: +mozilla-firefox: http://www.mozilla.org/projects/firefox/ +mozilla-firefox: +mozilla-firefox: diff --git a/patches/packages/mozilla-thunderbird-3.1.20-x86_64-1_slack13.1.txt b/patches/packages/mozilla-thunderbird-3.1.20-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..79d02252 --- /dev/null +++ b/patches/packages/mozilla-thunderbird-3.1.20-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +mozilla-thunderbird: mozilla-thunderbird (Mozilla Thunderbird mail application) +mozilla-thunderbird: +mozilla-thunderbird: Mozilla Thunderbird is a redesign of the Mozilla mail component +mozilla-thunderbird: written using the XUL user interface language. Thunderbird makes +mozilla-thunderbird: emailing safer, faster, and easier than ever before with the +mozilla-thunderbird: industry's best implementations of features such as intelligent spam +mozilla-thunderbird: filters, built-in RSS reader, quick search, and much more. +mozilla-thunderbird: +mozilla-thunderbird: Visit the Mozilla Thunderbird project online: +mozilla-thunderbird: http://www.mozilla.org/projects/thunderbird/ +mozilla-thunderbird: diff --git a/patches/packages/mysql-5.1.73-x86_64-1_slack13.1.txt b/patches/packages/mysql-5.1.73-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..f11c282f --- /dev/null +++ b/patches/packages/mysql-5.1.73-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +mysql: mysql (SQL-based relational database server) +mysql: +mysql: MySQL is a fast, multi-threaded, multi-user, and robust SQL +mysql: (Structured Query Language) database server. It comes with a nice API +mysql: which makes it easy to integrate into other applications. +mysql: +mysql: The home page for MySQL is http://www.mysql.com/ +mysql: +mysql: +mysql: +mysql: diff --git a/patches/packages/ntp-4.2.8p10-x86_64-1_slack13.1.txt b/patches/packages/ntp-4.2.8p10-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..128dd5c6 --- /dev/null +++ b/patches/packages/ntp-4.2.8p10-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +ntp: ntp (Network Time Protocol daemon) +ntp: +ntp: The Network Time Protocol (NTP) is used to synchronize the time of a +ntp: computer client or server to another server or reference time source, +ntp: such as a radio or satellite receiver or modem. It provides client +ntp: accuracies typically within a millisecond on LANs and up to a few tens +ntp: of milliseconds on WANs relative to a primary server synchronized to +ntp: Coordinated Universal Time (UTC) via a Global Positioning Service +ntp: (GPS) receiver, for example. +ntp: +ntp: diff --git a/patches/packages/openssh-7.4p1-x86_64-2_slack13.1.txt b/patches/packages/openssh-7.4p1-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..65f39171 --- /dev/null +++ b/patches/packages/openssh-7.4p1-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +openssh: openssh (Secure Shell daemon and clients) +openssh: +openssh: ssh (Secure Shell) is a program for logging into a remote machine and +openssh: for executing commands on a remote machine. It is intended to replace +openssh: rlogin and rsh, and provide secure encrypted communications between +openssh: two untrusted hosts over an insecure network. sshd (SSH Daemon) is +openssh: the daemon program for ssh. OpenSSH is based on the last free version +openssh: of Tatu Ylonen's SSH, further enhanced and cleaned up by Aaron +openssh: Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt, and +openssh: Dug Song. It has a homepage at http://www.openssh.com/ +openssh: diff --git a/patches/packages/openssl-0.9.8zh-x86_64-2_slack13.1.txt b/patches/packages/openssl-0.9.8zh-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..26048b4f --- /dev/null +++ b/patches/packages/openssl-0.9.8zh-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +openssl: openssl (Secure Sockets Layer toolkit) +openssl: +openssl: The OpenSSL certificate management tool and the shared libraries that +openssl: provide various encryption and decryption algorithms and protocols. +openssl: +openssl: This product includes software developed by the OpenSSL Project for +openssl: use in the OpenSSL Toolkit (http://www.openssl.org). This product +openssl: includes cryptographic software written by Eric Young +openssl: (eay@cryptsoft.com). This product includes software written by Tim +openssl: Hudson (tjh@cryptsoft.com). +openssl: diff --git a/patches/packages/openssl-solibs-0.9.8zh-x86_64-2_slack13.1.txt b/patches/packages/openssl-solibs-0.9.8zh-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..becd3123 --- /dev/null +++ b/patches/packages/openssl-solibs-0.9.8zh-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +openssl-solibs: openssl-solibs (OpenSSL shared libraries) +openssl-solibs: +openssl-solibs: These shared libraries provide encryption routines required by +openssl-solibs: programs such as openssh. They are also used by KDE's Konqueror web +openssl-solibs: browser to provide secure web connections. +openssl-solibs: +openssl-solibs: This product includes software developed by the OpenSSL Project for +openssl-solibs: use in the OpenSSL Toolkit (http://www.openssl.org). This product +openssl-solibs: includes cryptographic software written by Eric Young +openssl-solibs: (eay@cryptsoft.com). This product includes software written by Tim +openssl-solibs: Hudson (tjh@cryptsoft.com). diff --git a/patches/packages/openvpn-2.4.6-x86_64-1_slack13.1.txt b/patches/packages/openvpn-2.4.6-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..73bb76e0 --- /dev/null +++ b/patches/packages/openvpn-2.4.6-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +openvpn: openvpn (secure IP tunnel daemon) +openvpn: +openvpn: OpenVPN is a full-featured SSL VPN which can accommodate a wide range +openvpn: of configurations, including remote access, site-to-site VPNs, WiFi +openvpn: security, and enterprise-scale remote access with load balancing, +openvpn: failover, and fine-grained access-controls. +openvpn: +openvpn: OpenVPN's home on the net is: http://openvpn.net +openvpn: +openvpn: +openvpn: diff --git a/patches/packages/patch-2.7.4-x86_64-2_slack13.1.txt b/patches/packages/patch-2.7.4-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..f298d860 --- /dev/null +++ b/patches/packages/patch-2.7.4-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +patch: patch (apply a diff file to an original file or files) +patch: +patch: Patch is a utility used to apply diffs (or patches) to files, which +patch: are usually source code. +patch: +patch: Larry Wall wrote the original version of patch. Paul Eggert removed +patch: patch's arbitrary limits; added support for binary files, setting +patch: file times, and deleting files; and made it conform better to POSIX. +patch: Other contributors include Wayne Davison, who added unidiff support, +patch: and David MacKenzie, who added configuration and backup support. +patch: diff --git a/patches/packages/perl-5.10.1-x86_64-2_slack13.1.txt b/patches/packages/perl-5.10.1-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..596b9af7 --- /dev/null +++ b/patches/packages/perl-5.10.1-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +perl: perl (Practical Extraction and Report Language) +perl: +perl: Larry Wall's "Practical Extraction and Report Language". Perl is a +perl: language optimized for scanning arbitrary text files, extracting +perl: information from those text files, and printing reports based on that +perl: information. It's also a good language for many system management +perl: tasks. The language is intended to be practical (easy to use, +perl: efficient, complete) rather than beautiful (tiny, elegant, minimal). +perl: +perl: +perl: diff --git a/patches/packages/php-5.3.29-x86_64-1_slack13.1.txt b/patches/packages/php-5.3.29-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..e771b5f3 --- /dev/null +++ b/patches/packages/php-5.3.29-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +php: php (HTML-embedded scripting language) +php: +php: PHP is an HTML-embedded scripting language. It shares syntax +php: characteristics with C, Java, and Perl. The primary objective behind +php: this language is to make a fast and easy-to-use scripting language +php: for dynamic web sites. +php: +php: More information can be found online at http://www.php.net/ +php: +php: +php: diff --git a/patches/packages/pidgin-2.12.0-x86_64-1_slack13.1.txt b/patches/packages/pidgin-2.12.0-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..1eb97f00 --- /dev/null +++ b/patches/packages/pidgin-2.12.0-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +pidgin: pidgin (GTK+ instant messaging program) +pidgin: +pidgin: Pidgin allows you to talk to anyone using a variety of messaging +pidgin: protocols, including AIM (Oscar and TOC), ICQ, IRC, Yahoo!, MSN +pidgin: Messenger, Jabber, Gadu-Gadu, Napster, and Zephyr. These protocols +pidgin: are implemented using a modular, easy to use design. To use a +pidgin: protocol, just load the plugin for it. +pidgin: +pidgin: For more info, see: http://www.pidgin.im +pidgin: +pidgin: diff --git a/patches/packages/polkit-1_14bdfd8-x86_64-2_slack13.1.txt b/patches/packages/polkit-1_14bdfd8-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..5502357c --- /dev/null +++ b/patches/packages/polkit-1_14bdfd8-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +polkit: polkit (authentication framework) +polkit: +polkit: PolicyKit is an application-level toolkit for defining and handling +polkit: the policy that allows unprivileged processes to speak to privileged +polkit: processes. PolicyKit is specifically targeting applications in rich +polkit: desktop environments on multi-user UNIX-like operating systems. +polkit: +polkit: +polkit: +polkit: Home: http://www.freedesktop.org/wiki/Software/PolicyKit +polkit: diff --git a/patches/packages/poppler-0.12.4-x86_64-2_slack13.1.txt b/patches/packages/poppler-0.12.4-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..4c0f4a66 --- /dev/null +++ b/patches/packages/poppler-0.12.4-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +poppler: poppler (a library for rendering PDF documents) +poppler: +poppler: Poppler is a library based on the xpdf PDF viewer developed by Derek +poppler: Noonburg of Glyph and Cog, LLC. Since xpdf does not provide a shared +poppler: library, whenever a flaw was found potentially dozens of applications +poppler: incorporating code from xpdf would have to be patched. By providing +poppler: a centralized PDF library this duplicated effort will be eliminated. +poppler: +poppler: +poppler: +poppler: diff --git a/patches/packages/ppp-2.4.5-x86_64-2_slack13.1.txt b/patches/packages/ppp-2.4.5-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..1c0d758c --- /dev/null +++ b/patches/packages/ppp-2.4.5-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +ppp: ppp (Point-to-Point Protocol) +ppp: +ppp: The Point-to-Point Protocol (PPP) provides a method for transmitting +ppp: data over serial links. It's commonly used for connecting to the +ppp: Internet using a modem. This package includes the PPP daemon (pppd), +ppp: which negotiates with the peer to establish the link and sets up the +ppp: ppp network interface, and pppsetup, an easy-to-use utility for +ppp: setting up your PPP daemon. +ppp: +ppp: +ppp: diff --git a/patches/packages/proftpd-1.3.5e-x86_64-1_slack13.1.txt b/patches/packages/proftpd-1.3.5e-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..7053edf3 --- /dev/null +++ b/patches/packages/proftpd-1.3.5e-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +proftpd: proftpd (FTP server daemon) +proftpd: +proftpd: ProFTPD is the Professional File Transfer Protocol (FTP) server +proftpd: daemon. ProFTPD grew out of the desire to have a secure and +proftpd: configurable FTP server, and out of a significant admiration of the +proftpd: Apache web server. +proftpd: +proftpd: +proftpd: +proftpd: +proftpd: diff --git a/patches/packages/randrproto-1.5.0-noarch-1_slack13.1.txt b/patches/packages/randrproto-1.5.0-noarch-1_slack13.1.txt new file mode 100644 index 00000000..f2807263 --- /dev/null +++ b/patches/packages/randrproto-1.5.0-noarch-1_slack13.1.txt @@ -0,0 +1,11 @@ +randrproto: randrproto (C prototypes for RandR) +randrproto: +randrproto: RandR is the X11 Resize and Rotate Extension +randrproto: +randrproto: +randrproto: +randrproto: +randrproto: +randrproto: +randrproto: +randrproto: diff --git a/patches/packages/rdesktop-1.6.0-x86_64-2_slack13.1.txt b/patches/packages/rdesktop-1.6.0-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..5f857ead --- /dev/null +++ b/patches/packages/rdesktop-1.6.0-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +rdesktop: rdesktop (Remote Desktop Protocol client) +rdesktop: +rdesktop: rdesktop is a client for Remote Desktop Protocol (RDP), used in a +rdesktop: number of Microsoft products including Windows NT Terminal Server, +rdesktop: Windows 2000 Server, Windows XP, and Windows 2003 Server. +rdesktop: +rdesktop: For more information, see: http://www.rdesktop.org +rdesktop: +rdesktop: +rdesktop: +rdesktop: diff --git a/patches/packages/recordproto-1.14.2-noarch-1_slack13.1.txt b/patches/packages/recordproto-1.14.2-noarch-1_slack13.1.txt new file mode 100644 index 00000000..5cd58fba --- /dev/null +++ b/patches/packages/recordproto-1.14.2-noarch-1_slack13.1.txt @@ -0,0 +1,11 @@ +recordproto: recordproto (C prototypes for X Record Extension) +recordproto: +recordproto: recordproto is part of X11. +recordproto: +recordproto: For more information about the X.Org Foundation (the providers of the +recordproto: X.Org implementation of the X Window System), see their website: +recordproto: +recordproto: http://www.x.org +recordproto: +recordproto: +recordproto: diff --git a/patches/packages/rsync-3.1.3-x86_64-1_slack13.1.txt b/patches/packages/rsync-3.1.3-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..7565757a --- /dev/null +++ b/patches/packages/rsync-3.1.3-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +rsync: rsync (remote file sync) +rsync: +rsync: rsync is a replacement for rcp that has many more features. It +rsync: uses the "rsync algorithm" which provides a very fast method for +rsync: bringing remote files into sync. It does this by sending just the +rsync: differences in the files across the link, without requiring that both +rsync: sets of files are present at one of the ends of the link beforehand. +rsync: rsync was written by Andrew Tridgell and Paul Mackerras. +rsync: +rsync: Homepage: http://rsync.samba.org +rsync: diff --git a/patches/packages/ruby-1.9.3_p484-x86_64-1_slack13.1.txt b/patches/packages/ruby-1.9.3_p484-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..265efadf --- /dev/null +++ b/patches/packages/ruby-1.9.3_p484-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +ruby: ruby (Interpreted object-oriented scripting language) +ruby: +ruby: Ruby is an interpreted scripting language for quick and easy +ruby: object-oriented programming. It has many features to process text +ruby: files and to do system management tasks (as in Perl). It is simple, +ruby: straight-forward, and extensible. +ruby: +ruby: Visit the Ruby project online at http://www.ruby-lang.org/ +ruby: +ruby: +ruby: diff --git a/patches/packages/rxvt-2.7.10-x86_64-5_slack13.1.txt b/patches/packages/rxvt-2.7.10-x86_64-5_slack13.1.txt new file mode 100644 index 00000000..21fc353f --- /dev/null +++ b/patches/packages/rxvt-2.7.10-x86_64-5_slack13.1.txt @@ -0,0 +1,11 @@ +rxvt: rxvt (terminal emulator) +rxvt: +rxvt: rxvt is a color vt102 terminal emulator intended as an xterm +rxvt: replacement for users who do not require features such as Tektronix +rxvt: 4014 emulation and toolkit-style configurability. As a result, rxvt +rxvt: uses much less memory -- a significant advantage on a machine serving +rxvt: many X sessions. Also included is rclock, an analog clock for X. +rxvt: +rxvt: +rxvt: +rxvt: diff --git a/patches/packages/samba-3.5.22-x86_64-2_slack13.1.txt b/patches/packages/samba-3.5.22-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..1fa8579c --- /dev/null +++ b/patches/packages/samba-3.5.22-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +samba: samba (SMB/CIFS file and print server) +samba: +samba: Samba is an SMB/CIFS file and print server for SMB and CIFS clients. +samba: It allows you to make file space or printers on a Samba host +samba: available to SMB/CIFS clients (such as PCs running Windows). +samba: +samba: If you have any Windows file servers, you may be able to replace them +samba: or supplement them with Samba. One of Samba's big strengths is +samba: integration, so you can use it to tie together your Linux hosts and +samba: Windows PC clients. +samba: diff --git a/patches/packages/sdl-1.2.14-x86_64-3_slack13.1.txt b/patches/packages/sdl-1.2.14-x86_64-3_slack13.1.txt new file mode 100644 index 00000000..8a4122f8 --- /dev/null +++ b/patches/packages/sdl-1.2.14-x86_64-3_slack13.1.txt @@ -0,0 +1,11 @@ +sdl: sdl (Simple DirectMedia Layer library) +sdl: +sdl: This is the Simple DirectMedia Layer, a generic API that provides low +sdl: level access to audio, keyboard, mouse, joystick, 3D hardware via +sdl: OpenGL, and 2D framebuffer across multiple platforms. +sdl: +sdl: SDL links against alsa-lib, arts, audiofile, esound, and the X11 +sdl: libraries. Make sure all of these are installed if you're planning to +sdl: use SDL (a full installation will cover all of the prerequisites). +sdl: +sdl: diff --git a/patches/packages/seamonkey-2.0.14-x86_64-1_slack13.1.txt b/patches/packages/seamonkey-2.0.14-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..da07187a --- /dev/null +++ b/patches/packages/seamonkey-2.0.14-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +seamonkey: SeaMonkey (an open-source web browser suite) +seamonkey: +seamonkey: The SeaMonkey browser suite. SeaMonkey features a state-of-the-art +seamonkey: web browser and powerful email client, as well as a WYSIWYG web page +seamonkey: composer and a feature-rich IRC chat client. +seamonkey: +seamonkey: +seamonkey: +seamonkey: Visit the SeaMonkey project at this URL: +seamonkey: http://www.mozilla.org/projects/seamonkey/ +seamonkey: diff --git a/patches/packages/seamonkey-solibs-2.0.14-x86_64-1_slack13.1.txt b/patches/packages/seamonkey-solibs-2.0.14-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..57181134 --- /dev/null +++ b/patches/packages/seamonkey-solibs-2.0.14-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +seamonkey-solibs: seamonkey-solibs (Shared libraries from Seamonkey) +seamonkey-solibs: +seamonkey-solibs: This package contains a subset of the shared libraries from Seamonkey +seamonkey-solibs: to provide runtime support for programs that require nss, nspr, and +seamonkey-solibs: js. These libraries are used in programs like RPM and gxine, and can +seamonkey-solibs: be used in others. This package is built from the Seamonkey sources +seamonkey-solibs: and is provided as a standalone runtime package for people who do not +seamonkey-solibs: want to install the entire seamonkey package (as for server use). +seamonkey-solibs: +seamonkey-solibs: This package is runtime only. The include files and other files for +seamonkey-solibs: development can be found in the seamonkey package. diff --git a/patches/packages/sendmail-8.14.9-x86_64-1_slack13.1.txt b/patches/packages/sendmail-8.14.9-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..7498d7c9 --- /dev/null +++ b/patches/packages/sendmail-8.14.9-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +sendmail: sendmail (mail transfer agent) +sendmail: +sendmail: Eric Allman's mail transport agent. The _Unix System Administration +sendmail: Handbook_ calls sendmail 'The most complex and complete mail delivery +sendmail: system in common use...' +sendmail: +sendmail: Ready-made configuration files are included for systems connected by +sendmail: TCP/IP (with or without a nameserver) and for systems using UUCP. +sendmail: +sendmail: The procmail package is required to handle local mail delivery. +sendmail: diff --git a/patches/packages/sendmail-cf-8.14.9-noarch-1_slack13.1.txt b/patches/packages/sendmail-cf-8.14.9-noarch-1_slack13.1.txt new file mode 100644 index 00000000..da73ab70 --- /dev/null +++ b/patches/packages/sendmail-cf-8.14.9-noarch-1_slack13.1.txt @@ -0,0 +1,11 @@ +sendmail-cf: sendmail-cf (configuration files for sendmail) +sendmail-cf: +sendmail-cf: These files are used to create sendmail.cf configuration files. The +sendmail-cf: m4 macro processor is also required in order to make use of these +sendmail-cf: files. +sendmail-cf: +sendmail-cf: The files and documentation in /usr/share/sendmail should make it +sendmail-cf: possible to support virtually any mail configuration. NOTE: You +sendmail-cf: probably won't need this package if you're planning to use one of the +sendmail-cf: sendmail.cf samples included in the sendmail package. +sendmail-cf: diff --git a/patches/packages/shadow-4.1.4.3-x86_64-2_slack13.1.txt b/patches/packages/shadow-4.1.4.3-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..31744f55 --- /dev/null +++ b/patches/packages/shadow-4.1.4.3-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +shadow: shadow (shadow password suite) +shadow: +shadow: This set of login related programs utilizes an alternate, non-readable +shadow: file to contain the actual encrypted passwords. This is presumed to +shadow: increase system security by increasing the difficulty with which +shadow: system crackers obtain encrypted passwords. It was written by +shadow: Julianne Frances Haugh and the Linux port is maintained by Tomasz +shadow: Kloczko. +shadow: +shadow: This package provides 'login', which is needed to log into the system. +shadow: diff --git a/patches/packages/slocate-3.1-x86_64-4_slack13.1.txt b/patches/packages/slocate-3.1-x86_64-4_slack13.1.txt new file mode 100644 index 00000000..774993a8 --- /dev/null +++ b/patches/packages/slocate-3.1-x86_64-4_slack13.1.txt @@ -0,0 +1,11 @@ +slocate: slocate (Secure Locate) +slocate: +slocate: Slocate is an enhanced version of locate, a command to help you locate +slocate: files on the system. Like the original version of locate, Slocate +slocate: maintains a database of files on the system, updating it nightly. +slocate: Unlike the original, Slocate indexes every file on the machine rather +slocate: than only the ones that can be seen by everyone. The "secure" part of +slocate: slocate is that it will only return matches if the user is allowed to +slocate: see the files. +slocate: +slocate: diff --git a/patches/packages/stunnel-5.35-x86_64-2_slack13.1.txt b/patches/packages/stunnel-5.35-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..2e5c70ca --- /dev/null +++ b/patches/packages/stunnel-5.35-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +stunnel: stunnel (Universal SSL tunnel) +stunnel: +stunnel: The stunnel program is designed to work as an SSL encryption wrapper +stunnel: between remote client and local (inetd-startable) or remote servers. +stunnel: The goal is to facilitate SSL encryption and authentication for +stunnel: non-SSL-aware programs. +stunnel: +stunnel: stunnel can be used to add SSL functionality to commonly used inetd +stunnel: daemons like POP-2, POP-3 and IMAP servers without any changes in the +stunnel: programs' code. +stunnel: diff --git a/patches/packages/subversion-1.6.21-x86_64-1_slack13.1.txt b/patches/packages/subversion-1.6.21-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..7b438689 --- /dev/null +++ b/patches/packages/subversion-1.6.21-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +subversion: subversion (a version control system) +subversion: +subversion: Subversion is a version control system which allows you to keep old +subversion: versions of files and directories (usually source code), and keep a +subversion: log of who, when, and why changes occurred, similar to other such +subversion: systems like CVS, RCS or SCCS. Subversion keeps all the information +subversion: to permit extracting previous versions of those files at any time. +subversion: +subversion: For more information about the Subversion project, visit: +subversion: http://subversion.apache.org +subversion: diff --git a/patches/packages/sudo-1.8.20p2-x86_64-1_slack13.1.txt b/patches/packages/sudo-1.8.20p2-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..1f1087d7 --- /dev/null +++ b/patches/packages/sudo-1.8.20p2-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +sudo: sudo (give limited root privileges to certain users) +sudo: +sudo: 'sudo' is a command that allows users to execute some commands as +sudo: root. The /etc/sudoers file (edited with 'visudo') specifies which +sudo: users have access to sudo and which commands they can run. 'sudo' +sudo: logs all its activities to /var/log/ so the system administrator +sudo: can keep an eye on things. +sudo: +sudo: +sudo: +sudo: diff --git a/patches/packages/t1lib-5.1.2-x86_64-2_slack13.1.txt b/patches/packages/t1lib-5.1.2-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..fe5cb0f6 --- /dev/null +++ b/patches/packages/t1lib-5.1.2-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +t1lib: t1lib (Type 1 font rasterizer library) +t1lib: +t1lib: t1lib is a library distributed under the GNU General Public Library +t1lib: License for generating character and string glyphs from Adobe Type 1 +t1lib: fonts under UNIX. t1lib uses most of the code of the X11 rasterizer +t1lib: donated by IBM to the X11 project. +t1lib: +t1lib: +t1lib: +t1lib: +t1lib: diff --git a/patches/packages/vsftpd-2.3.5-x86_64-1_slack13.1.txt b/patches/packages/vsftpd-2.3.5-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..90b70017 --- /dev/null +++ b/patches/packages/vsftpd-2.3.5-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +vsftpd: vsftpd (Very Secure FTP Daemon) +vsftpd: +vsftpd: vsftpd is an FTP server, or daemon. The 'vs' stands for Very Secure. +vsftpd: Obviously this is not a guarantee, but a reflection that the entire +vsftpd: codebase was written with security in mind, and carefully designed to +vsftpd: be resilient to attack (as well as extremely fast and scalable). +vsftpd: +vsftpd: The vsftpd homepage is http://vsftpd.beasts.org/ +vsftpd: +vsftpd: The Very Secure FTP Daemon was written by Chris Evans. +vsftpd: diff --git a/patches/packages/wget-1.19.5-x86_64-1_slack13.1.txt b/patches/packages/wget-1.19.5-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..cd0faad0 --- /dev/null +++ b/patches/packages/wget-1.19.5-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +wget: wget (a non-interactive network retriever) +wget: +wget: GNU Wget is a free network utility to retrieve files from the +wget: World Wide Web using HTTP and FTP, the two most widely used Internet +wget: protocols. It works non-interactively, thus enabling work in the +wget: background after having logged off. +wget: +wget: The author of Wget is Hrvoje Niksic <hniksic@srce.hr>. +wget: +wget: +wget: diff --git a/patches/packages/wicd-1.7.2.4-x86_64-2_slack13.1.txt b/patches/packages/wicd-1.7.2.4-x86_64-2_slack13.1.txt new file mode 100644 index 00000000..237a18d2 --- /dev/null +++ b/patches/packages/wicd-1.7.2.4-x86_64-2_slack13.1.txt @@ -0,0 +1,11 @@ +wicd: wicd (network manager for linux) +wicd: +wicd: wicd is a wired and wireless network manager for Linux. +wicd: Some features include: +wicd: - Ability to connect to wired and wireless networks +wicd: - Profiles for each wireless network and wired network +wicd: - Many encryption schemes, some of which include WEP/WPA/WPA2 +wicd: - Compatible with wireless-tools +wicd: +wicd: Homepage: http://wicd.net +wicd: diff --git a/patches/packages/xcb-proto-1.11-x86_64-1_slack13.1.txt b/patches/packages/xcb-proto-1.11-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..df6cd924 --- /dev/null +++ b/patches/packages/xcb-proto-1.11-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +xcb-proto: xcb-proto (X protocol C-language Binding protocol descriptions) +xcb-proto: +xcb-proto: xcb-proto provides the XML-XCB protocol descriptions that libxcb +xcb-proto: uses to generate the majority of its code and API. We provide them +xcb-proto: separately from libxcb to allow reuse by other projects, such as +xcb-proto: additional language bindings, protocol dissectors, or documentation +xcb-proto: generators. +xcb-proto: +xcb-proto: +xcb-proto: +xcb-proto: diff --git a/patches/packages/xextproto-7.3.0-x86_64-1_slack13.1.txt b/patches/packages/xextproto-7.3.0-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..40d18943 --- /dev/null +++ b/patches/packages/xextproto-7.3.0-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +xextproto: xextproto (C prototypes for X Protocol Extensions) +xextproto: +xextproto: xextproto is part of X11. +xextproto: +xextproto: For more information about the X.Org Foundation (the providers of the +xextproto: X.Org implementation of the X Window System), see their website: +xextproto: +xextproto: http://www.x.org +xextproto: +xextproto: +xextproto: diff --git a/patches/packages/xorg-server-1.7.7-x86_64-4_slack13.1.txt b/patches/packages/xorg-server-1.7.7-x86_64-4_slack13.1.txt new file mode 100644 index 00000000..1ebe1b27 --- /dev/null +++ b/patches/packages/xorg-server-1.7.7-x86_64-4_slack13.1.txt @@ -0,0 +1,11 @@ +xorg-server: xorg-server (The Xorg server, the core of the X Window System) +xorg-server: +xorg-server: Xorg is a full featured X server that was originally designed for UNIX +xorg-server: and UNIX-like operating systems running on Intel x86 hardware. It now +xorg-server: runs on a wider range of hardware and OS platforms. This work was +xorg-server: derived by the X.Org Foundation from the XFree86 Project's XFree86 +xorg-server: 4.4rc2 release. The XFree86 release was originally derived from X386 +xorg-server: 1.2 by Thomas Roell which was contributed to X11R5 by Snitily Graphics +xorg-server: Consulting Service. +xorg-server: +xorg-server: The home page for the X project is: http://www.x.org diff --git a/patches/packages/xorg-server-xephyr-1.7.7-x86_64-4_slack13.1.txt b/patches/packages/xorg-server-xephyr-1.7.7-x86_64-4_slack13.1.txt new file mode 100644 index 00000000..2ffb35f6 --- /dev/null +++ b/patches/packages/xorg-server-xephyr-1.7.7-x86_64-4_slack13.1.txt @@ -0,0 +1,11 @@ +xorg-server-xephyr: xorg-server-xephyr (Improved nested X server/client) +xorg-server-xephyr: +xorg-server-xephyr: Xephyr is a nested X-Client like Xnest, but with some additional +xorg-server-xephyr: features like XRender support. +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: diff --git a/patches/packages/xorg-server-xnest-1.7.7-x86_64-4_slack13.1.txt b/patches/packages/xorg-server-xnest-1.7.7-x86_64-4_slack13.1.txt new file mode 100644 index 00000000..31dc1e78 --- /dev/null +++ b/patches/packages/xorg-server-xnest-1.7.7-x86_64-4_slack13.1.txt @@ -0,0 +1,11 @@ +xorg-server-xnest: xorg-server-xnest (a nested X server) +xorg-server-xnest: +xorg-server-xnest: Xnest is an experimental nested server for X that acts as both a +xorg-server-xnest: client and a server. Xnest is a client of the real server which +xorg-server-xnest: manages windows and graphics requests on its behalf. Xnest is a +xorg-server-xnest: server to its own clients. Xnest manages windows and graphics +xorg-server-xnest: requests on their behalf. To these clients Xnest appears to be a +xorg-server-xnest: conventional server. +xorg-server-xnest: +xorg-server-xnest: +xorg-server-xnest: diff --git a/patches/packages/xorg-server-xvfb-1.7.7-x86_64-4_slack13.1.txt b/patches/packages/xorg-server-xvfb-1.7.7-x86_64-4_slack13.1.txt new file mode 100644 index 00000000..3a7122df --- /dev/null +++ b/patches/packages/xorg-server-xvfb-1.7.7-x86_64-4_slack13.1.txt @@ -0,0 +1,11 @@ +xorg-server-xvfb: xorg-server-xvfb (virtual framebuffer X server) +xorg-server-xvfb: +xorg-server-xvfb: Xvfb is an X server that can run on machines with no display hardware +xorg-server-xvfb: and no physical input devices. It emulates a dumb framebuffer using +xorg-server-xvfb: virtual memory. The primary use of this server is intended to be +xorg-server-xvfb: server testing. The mfb or cfb code for any depth can be exercised +xorg-server-xvfb: with this server without the need for real hardware that supports the +xorg-server-xvfb: desired depths. A secondary use is testing clients against unusual +xorg-server-xvfb: depths and screen configurations. +xorg-server-xvfb: +xorg-server-xvfb: diff --git a/patches/packages/xpdf-3.03-x86_64-1_slack13.1.txt b/patches/packages/xpdf-3.03-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..3eeb1423 --- /dev/null +++ b/patches/packages/xpdf-3.03-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +xpdf: xpdf (PDF viewer for X) +xpdf: +xpdf: Xpdf is a viewer for Portable Document Format (PDF) files. +xpdf: +xpdf: xpdf was written by Derek B. Noonburg. +xpdf: +xpdf: +xpdf: +xpdf: +xpdf: +xpdf: diff --git a/patches/packages/xproto-7.0.29-noarch-1_slack13.1.txt b/patches/packages/xproto-7.0.29-noarch-1_slack13.1.txt new file mode 100644 index 00000000..b4397153 --- /dev/null +++ b/patches/packages/xproto-7.0.29-noarch-1_slack13.1.txt @@ -0,0 +1,11 @@ +xproto: xproto (C prototypes for X Window System Core Protocol) +xproto: +xproto: xproto is part of X11. +xproto: +xproto: For more information about the X.Org Foundation (the providers of the +xproto: X.Org implementation of the X Window System), see their website: +xproto: +xproto: http://www.x.org +xproto: +xproto: +xproto: diff --git a/patches/packages/xrdb-1.0.9-x86_64-1_slack13.1.txt b/patches/packages/xrdb-1.0.9-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..05cdda83 --- /dev/null +++ b/patches/packages/xrdb-1.0.9-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +xrdb: xrdb +xrdb: +xrdb: xrdb is part of X11. +xrdb: +xrdb: For more information about the X.Org Foundation (the providers of the +xrdb: X.Org implementation of the X Window System), see their website: +xrdb: +xrdb: http://www.x.org +xrdb: +xrdb: +xrdb: diff --git a/patches/packages/yasm-1.2.0-x86_64-1_slack13.1.txt b/patches/packages/yasm-1.2.0-x86_64-1_slack13.1.txt new file mode 100644 index 00000000..3181e05f --- /dev/null +++ b/patches/packages/yasm-1.2.0-x86_64-1_slack13.1.txt @@ -0,0 +1,11 @@ +yasm: yasm (complete rewrite of the NASM assembler) +yasm: +yasm: Yasm is a complete rewrite of the NASM assembler under the "new" BSD +yasm: License (some portions are under other licenses, see COPYING for +yasm: details). Yasm currently supports the x86 and AMD64 instruction sets, +yasm: accepts NASM and GAS assembler syntaxes, outputs binary, ELF32, ELF64, +yasm: 32 and 64-bit Mach-O, RDOFF2, COFF, Win32, and Win64 object formats, +yasm: and generates source debugging information in STABS, DWARF 2, and +yasm: CodeView 8 formats. +yasm: +yasm: yasm home: http://www.tortall.net/projects/yasm/ diff --git a/patches/source/MPlayer/MPlayer.SlackBuild b/patches/source/MPlayer/MPlayer.SlackBuild new file mode 100755 index 00000000..89d94ff2 --- /dev/null +++ b/patches/source/MPlayer/MPlayer.SlackBuild @@ -0,0 +1,488 @@ +#!/bin/sh +# $Id: MPlayer.SlackBuild,v 1.27 2012/07/01 13:07:08 root Exp root $ +# Copyright 2006, 2007, 2008, 2010, 2011, 2012 Eric Hameleers, Eindhoven, NL +# Copyright 2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Permission to use, copy, modify, and distribute this software for +# any purpose with or without fee is hereby granted, provided that +# the above copyright notice and this permission notice appear in all +# copies. +# +# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# ----------------------------------------------------------------------------- +# +# Slackware SlackBuild script +# =========================== +# By: Eric Hameleers <alien@slackware.com> +# For: MPlayer +# Descr: a movie player for LINUX +# URL: http://www.mplayerhq.hu/ +# Needs: +# Changelog: +# 1.0rc1-1: 05/Nov/2006 by Eric Hameleers <alien@slackware.com> +# * Initial build. +# 1.0rc1-2: 07/Nov/2006 by Eric Hameleers <alien@slackware.com> +# * Removed MPlayer's internal libdvdcss code from the build, so +# that MPlayer no longer plays encrypted DVD's by default (and the +# package is now safe to upload to public repositories). +# If it is allowed in your country, you can either install +# libdvdcss (which is picked up automatically by MPlayer), or +# rebuild MPlayer yourself using this SlackBuild - and set the +# variable REMOVECSS="no" first (see further down). +# Use this commandline if you can't or won't modify the script: +# REMOVECSS="no" ./MPlayer.SlackBuild +# 1.0rc1-3: 08/Nov/2006 by Eric Hameleers <alien@slackware.com> +# * Install the mplayer.conf into correct location '/etc/mplayer/' +# 1.0rc1-4: 15/mar/2007 by Eric Hameleers <alien@slackware.com> +# * Differentiate between versions of X11 (modular X has another +# install-prefix); update default skin; enable mplayer menu; +# add security fix +# 1.0rc1-5: 07/jun/2007 by Eric Hameleers <alien@slackware.com> +# * Add security fix. +# 1.0rc2-1: 09/oct/2007 by Eric Hameleers <alien@slackware.com> +# * New version. +# 1.0rc2-2: 01/feb/2008 by Eric Hameleers <alien@slackware.com> +# * Apply 4 security fixes. +# 1.0rc2-3: 10/mar/2008 by Eric Hameleers <alien@slackware.com> +# * Apply a patch that allows compilation against the ivtv driver +# in the 2.6.24.x kernels. +# r28148-1: 14/dec/2008 by Eric Hameleers <alien@slackware.com> +# * Build SVN snapshot - remove support for *all* patented or +# questionable software if "USE_PATENTS" is set to "NO" - think +# of DECSS dvd decryption code, and mp3/aac/amr audio encoders. +# r28929-1: 10/mar/2009 by Eric Hameleers <alien@slackware.com> +# * Update. +# r29301-1: 12/may/2009 by Eric Hameleers <alien@slackware.com> +# * Update. +# r29301-1: 12/may/2009 by Eric Hameleers <alien@slackware.com> +# * Update. +# 20100926-1: 26/sep/2010 by Eric Hameleers <alien@slackware.com> +# * Slackware has MPlayer now of course, but it does not hurt +# to have a full-featured binary package available. The 1.0rc3 +# was released recently but I prefer to build a snapshot. +# 20110624-1: 24/jun/2011 by Eric Hameleers <alien@slackware.com> +# * Provide an up-to-date snapshot to be used in conjunction +# with UMPlayer (a MPlayer GUI). New MPlayer source requires +# a separate ffmpeg download. +# 20120514-1: 14/may/2012 by volkerdi@slackware.com +# * Update. +# 1.1_20120701-1: 28/jun/2012 by alien@slackware.com +# * Update to the 1.1 branch (essentially this is MPlayer-1.1 but +# I like to check it out of SVN). +# 1.1_20130819-1: 19/aug/2013 by volkerdi@slackware.com +# * Update to the latest 1.1 branch, and the same ffmpeg that was +# shipped with the 1.1.1 tarball. The official 1.1.1 release +# did not start a new repo branch, so this is the latest. +# 20150308-1: 09/mar/2015 by pprkut@slackware.com +# * Update to latest version from trunk, together with ffmpeg 2.6, +# which was released roughly around that date as well. +# 20140403-1: 03/apr/2015 by volkerdi@slackware.com +# * Update to latest version from trunk and ffmpeg-2.6.1. +# +# Run 'sh MPlayer.SlackBuild' to build a Slackware package. +# The package (.txz) plus descriptive .txt file are created in /tmp . +# Install using 'installpkg'. +# +# ----------------------------------------------------------------------------- + +# Set initial variables: + +PRGNAM=MPlayer +VERSION=${VERSION:-20160125} +BRANCH=${BRANCH:-1.2} # leave empty if you want to build MPlayer trunk +FFMPEG=${FFMPEG:-2.8.5} +BUILD=${BUILD:-1_slack13.1} +TAG=${TAG:-} +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Show the branch version in the package name if we build from a branch: +[ -n "$BRANCH" ] && PKGVERSION=${BRANCH}_${VERSION} || PKGVERSION=${VERSION} + +DOCS="AUTHORS Changelog Copyright LICENSE README VERSION DOCS/HTML DOCS/tech" + +# MPlayer repository characteristics: +MPURI="svn://svn.mplayerhq.hu/mplayer/" +if [ -n "$BRANCH" ]; then + MPBRANCH="branches/$BRANCH" +else + MPBRANCH="trunk" +fi + +FFURI=git://git.videolan.org/ffmpeg.git + +DEFSKIN=${DEFSKIN:-"Blue"} # Download more skins at the following url: +SKINVER=${SKINVER:-"1.11"} # http://www.mplayerhq.hu/design7/dload.html + +# Available languages: all cs de en es fr hu it pl ru zh_CN +LANGUAGES="en,de,es,fr" + +# Automatically determine the architecture we're building on: +MARCH=$( uname -m ) +if [ -z "$ARCH" ]; then + case "$MARCH" in + i?86) export ARCH=i486 ;; + armv7hl) export ARCH=$MARCH ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$MARCH ;; + esac +fi + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" + # --enable-runtime-cpudetection is supported only for x86, x86_64, and PPC + EXTRACONFIGUREOPTIONS="--enable-runtime-cpudetection" +elif [ "$ARCH" = "i486" -o \ + "$ARCH" = "i586" -o \ + "$ARCH" = "i686" ]; then + LIBDIRSUFFIX="" + EXTRACONFIGUREOPTIONS="--enable-runtime-cpudetection" +else + LIBDIRSUFFIX="" + EXTRACONFIGUREOPTIONS="" +fi + +# Where the WIN32 codecs are expectedfor instance +CODECSDIR=/usr/lib${LIBDIRSUFFIX}/codecs + +# --------------------------------------------------------------------------- +# -- PATENT ALERT! -- +# MPLayer can be built with MP3 (lame) and AMR audio encoders +# (needed for FLV and .3GP videos) but these libraries are 'contaminated' +# with patents from Fraunhofer and GGP. +# Also, the AAC encoder has patent issues. +# You can build these patended algorithms into ffmpeg, and if you are an +# ordinary end user, no one will bother you for using them. +# For the binaries based on this SlackBuild that I distribute, it is a +# different story. I am not allowed to distribute binary packages that +# incorporate patented code. So here you go. My Slackware package was +# built with "USE_PATENTS=NO" i.e. without using +# the lame mp3, faac, AMR and dvdcss libraries. +# --------------------------------------------------------------------------- +USE_PATENTS=${USE_PATENTS:-"NO"} + +# MPlayer will try to use one of the TrueType fonts present on the target +# system for it's On Screen Display (OSD) font. +# Slackware 11.0 ships with the Vera and DejaVu fonts, you may want to add +# more fonts to this list. The first font found will be used by creating a +# symbolic link "/usr/share/mplayer/subfont.ttf" to it. +# The use of bitmapped fonts is considered deprecated, but you can still use +# those if you want. Read http://www.mplayerhq.hu/DOCS/HTML/en/fonts-osd.html +# if you want to know more about OSD font configuration. +OSDFONTS="LiberationSans-Regular.ttf \ + Arialuni.ttf arial.ttf \ + DejaVuSans.ttf Vera.ttf" + +# Where do we look for sources? +SRCDIR=$(cd $(dirname $0); pwd) + +SOURCE[0]="$SRCDIR/${PRGNAM}-${VERSION}.tar.xz" +SRCURL[0]="" + +# The default skin to use (we need to add at least one) +SOURCE[1]="$SRCDIR/${DEFSKIN}-${SKINVER}.tar.bz2" +SRCURL[1]="http://www.mplayerhq.hu/MPlayer/skins/${DEFSKIN}-${SKINVER}.tar.bz2" + +# Ffmpeg needs to be checked out separately now: +SOURCE[2]="$SRCDIR/ffmpeg-${FFMPEG}.tar.xz" +SRCURL[2]="" + +# Use the src_checkout() function if no downloadable tarball exists. +# This function checks out sources from SVN/CVS and creates a tarball of them. +src_checkout() { + # Param #1 : index in the SOURCE[] array. + # Param #2 : full path to where SOURCE[$1] tarball should be created. + # Determine the tarball extension: + PEXT=$(echo "${2}" | sed -r -e 's/.*[^.].(tar.xz|tar.gz|tar.bz2|tgz).*/\1/') + case "$PEXT" in + "tar.xz") TARCOMP="J" ;; + "tar.gz") TARCOMP="z" ;; + "tgz") TARCOMP="z" ;; + "tar.bz2") TARCOMP="j" ;; + *) echo "Archive can only have extension 'tar.xz', '.tar.gz' '.tar.bz2' or '.tgz'" ; exit 1 ;; + esac + case ${1} in + 0) # mplayer + if [ "$(echo ${VERSION}|cut -c1)" == 'r' ]; then # revision instead of date + echo "Only supported VERSION is a date - yyyymmdd - or 'HEAD'" + else + REV="{${VERSION}}" + fi + mkdir MPlayer-${VERSION} \ + && cd MPlayer-${VERSION} \ + && svn checkout --revision $REV ${MPURI}/${MPBRANCH} . \ + && svn propget svn:externals | sed -e 's/[[:space:]].*$//g' | xargs svn up --revision $REV \ + && chown -R root:root . \ + && cd .. \ + && tar --exclude-vcs -${TARCOMP}cf ${2} MPlayer-${VERSION} + rm -rf MPlayer-${VERSION} + ;; + 2) # ffmpeg-${FFMPEG} + mkdir ffmpeg_temp_checkout_$$ \ + && cd ffmpeg_temp_checkout_$$ + echo "Checking out tag n$FFMPEG from '$FFURI':" + git clone ${FFURI} ffmpeg \ + && cd ffmpeg \ + && git checkout n$FFMPEG \ + && cd .. + chown -R root:root . \ + && tar --exclude-vcs -${TARCOMP}cf ${2} ffmpeg + cd .. + rm -rf ffmpeg_temp_checkout_$$ + ;; + *) # Do nothing + ;; + esac +} + +# Place to build (TMP) package (PKG) and output (OUTPUT) the program: +TMP=${TMP:-/tmp/build} +PKG=$TMP/package-$PRGNAM +OUTPUT=${OUTPUT:-/tmp} + +## +## --- with a little luck, you won't have to edit below this point --- ## +## + +# Exit the script on errors: +set -e +trap 'echo "$0 FAILED at line $LINENO!" | tee $OUTPUT/error-${PRGNAM}.log' ERR +# Catch unitialized variables: +set -u +P1=${1:-1} + +# Create working directories: +mkdir -p $TMP/tmp-$PRGNAM # location to build the source +rm -rf $TMP/tmp-$PRGNAM/* # remove the remnants of previous build +mkdir -p $PKG # place for the package to be built +rm -rf $PKG/* # erase old package's contents +mkdir -p $OUTPUT # place for the package to be saved + +# Source file availability: +for (( i = 0; i < ${#SOURCE[*]}; i++ )) ; do + if ! [ -f ${SOURCE[$i]} ]; then + echo "Source '$(basename ${SOURCE[$i]})' not available yet..." + # Check if the $SRCDIR is writable at all - if not, download to $OUTPUT + [ -w "$SRCDIR" ] || SOURCE[$i]="$OUTPUT/$(basename ${SOURCE[$i]})" + if ! [ "x${SRCURL[$i]}" == "x" ]; then + echo "Will download file to $(dirname $SOURCE[$i])" + wget -nv -T 20 -O "${SOURCE[$i]}" "${SRCURL[$i]}" || true + if [ $? -ne 0 -o ! -s "${SOURCE[$i]}" ]; then + echo "Downloading '$(basename ${SOURCE[$i]})' failed.. aborting the build." + mv -f "${SOURCE[$i]}" "${SOURCE[$i]}".FAIL + exit 1 + fi + else + # Try if we have a SVN/CVS download routine for ${SOURCE[$i]} + echo "Will checkout sources to $(dirname $SOURCE[$i])" + src_checkout $i "${SOURCE[$i]}" 2>&1 > $OUTPUT/checkout-$(basename ${SOURCE[$i]}).log + fi + if [ ! -f "${SOURCE[$i]}" -o ! -s "${SOURCE[$i]}" ]; then + echo "File '$(basename ${SOURCE[$i]})' not available.. aborting the build." + exit 1 + fi + fi +done + +if [ "$P1" == "--download" ]; then + echo "Download complete." + exit 0 +fi + +# --- PACKAGE BUILDING --- + +echo "++" +echo "|| $PRGNAM-$VERSION" +echo "++" + +cd $TMP/tmp-$PRGNAM +echo "Extracting the source archive(s) for $PRGNAM..." +tar -xvf ${SOURCE[0]} + +cd ${PRGNAM}-${VERSION} + # remove MPlayer's copy of libswscale + rm -rf ffmpeg + + # Extract the ffmpeg source inside the MPlayer directory: + tar -xvf ${SOURCE[2]} + + # in case we build with an official tarball + if [ -e "ffmpeg-$FFMPEG" ]; then + mv "ffmpeg-$FFMPEG" ffmpeg + fi + +cd .. + +chown -R root:root * +chmod -R u+w,go+r-w,a+X-s * +cd ${PRGNAM}-${VERSION} + +# Determine what X we're running (the modular X returns the prefix +# in the next command, while older versions stay silent): +XPREF=$(pkg-config --variable=prefix x11) || true +[ "$XPREF" == "" ] && XPREF='/usr/X11R6' + +# Remove support for patent encumbered and possibly illegal code: +if [ "$USE_PATENTS" != "YES" ]; then + DO_PATENTED="--disable-mp3lame --disable-mp3lame-lavc \ + --disable-libopencore_amrnb \ + --disable-libopencore_amrwb" +else + DO_PATENTED="" +fi + +echo Building ... +# MPlayer wants to automatically determine compiler flags, +# so we don't provide CFLAGS. +./configure \ + --prefix=/usr \ + --mandir=/usr/man \ + --confdir=/etc/mplayer \ + --enable-gui \ + --enable-menu \ + --disable-arts \ + --disable-bitmap-font \ + --codecsdir=${CODECSDIR} \ + --language="${LANGUAGES}" \ + ${EXTRACONFIGUREOPTIONS} \ + ${DO_PATENTED} \ + 2>&1 | tee $OUTPUT/configure-${PRGNAM}.log +# So that MPlayer does not report "UNKNOWN" as it's version: +if [ ! -f VERSION ]; then + echo $VERSION > VERSION +fi +make $NUMJOBS 2>&1 | tee $OUTPUT/make-${PRGNAM}.log +make DESTDIR=$PKG install 2>&1 |tee $OUTPUT/install-${PRGNAM}.log + +# Build the html documentation (not all languages are available): +if [ "$LANGUAGES" = "all" ]; then + # make html-chunked + make html-single +else + for i in $(echo $LANGUAGES | tr , ' ') ; do + # make html-chunked-$i ; + make html-single-$i ; + done +fi + +# Prepare the configfile: +mkdir -p $PKG/etc/mplayer +cp etc/example.conf $PKG/etc/mplayer/mplayer.conf.new + +# Install our default skin: +cd $PKG/usr/share/mplayer/skins +tar -xvf ${SOURCE[1]} +chown -R root:root * +chmod -R u+w,go+r-w,a+X-s * +ln -s ${DEFSKIN} default +cd - + +# Add this to the doinst.sh: +mkdir -p $PKG/install +cat <<EOINS >> $PKG/install/doinst.sh +# Handle the incoming configuration files: +config() { + for infile in \$1; do + NEW="\$infile" + OLD="\`dirname \$NEW\`/\`basename \$NEW .new\`" + # If there's no config file by that name, mv it over: + if [ ! -r \$OLD ]; then + mv \$NEW \$OLD + elif [ "\`cat \$OLD | md5sum\`" = "\`cat \$NEW | md5sum\`" ]; then + # toss the redundant copy + rm \$NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... + done +} + +# Installing a bitmap font is considered deprecated; use a TTF font instead. +# We try to link to an installed TTF font at install time. +# Configure a default TrueType font to use for the OSD : +if [ ! -f usr/share/mplayer/subfont.ttf ]; then + for font in ${OSDFONTS}; do + if [ -f .${XPREF}/lib${LIBDIRSUFFIX}/X11/fonts/TTF/\${font} ]; then + ( cd usr/share/mplayer/ + ln -sf ${XPREF}/lib${LIBDIRSUFFIX}/X11/fonts/TTF/\${font} subfont.ttf + ) + break + fi + done +fi + +# Prepare the new configuration file +config etc/mplayer/mplayer.conf.new + +# Update the desktop database: +if [ -x usr/bin/update-desktop-database ]; then + chroot . /usr/bin/update-desktop-database usr/share/applications 1> /dev/null 2> /dev/null +fi + +# Update hicolor theme cache: +if [ -e usr/share/icons/hicolor/icon-theme.cache ]; then + if [ -x usr/bin/gtk-update-icon-cache ]; then + chroot . /usr/bin/gtk-update-icon-cache /usr/share/icons/hicolor >/dev/null 2>&1 + fi +fi + +# Update the mime database: +if [ -x usr/bin/update-mime-database ]; then + chroot . /usr/bin/update-mime-database usr/share/mime >/dev/null 2>&1 +fi + +EOINS + +# Add documentation: +mkdir -p $PKG/usr/doc/$PRGNAM-$PKGVERSION +cp -a $DOCS $PKG/usr/doc/$PRGNAM-$PKGVERSION || true +cp -a $SRCDIR/$(basename $0) $PKG/usr/doc/$PRGNAM-$PKGVERSION/$PRGNAM.SlackBuild +mv $PKG/usr/doc/$PRGNAM-$PKGVERSION/HTML $PKG/usr/doc/$PRGNAM-$PKGVERSION/html +# Save a sample of all configuration files: +for i in etc/*.conf ; do + cp $i $PKG/usr/doc/$PRGNAM-$PKGVERSION/$(basename $i)-sample +done +# Save a transcript of all configured options for this specific build: +if [ -n $OUTPUT/configure-${PRGNAM}.log ]; then + cat $OUTPUT/configure-${PRGNAM}.log \ + | sed -n "/^Config files successfully generated/,/^'config.h' and 'config.mak' contain your configuration options./p" \ + > $PKG/usr/doc/$PRGNAM-$PKGVERSION/${PRGNAM}.configuration +fi +find $PKG/usr/doc -type f -exec chmod 644 {} \; + +# Compress the man page(s): +if [ -d $PKG/usr/man ]; then + find $PKG/usr/man -type f -name "*.?" -exec gzip -9f {} \; + for i in $(find $PKG/usr/man -type l -name "*.?") ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +fi + +# Strip binaries: +( find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null ) + +# Add a package description: +mkdir -p $PKG/install +cat $SRCDIR/slack-desc > $PKG/install/slack-desc +if [ -f $SRCDIR/doinst.sh ]; then + cat $SRCDIR/doinst.sh >> $PKG/install/doinst.sh +fi + +# Build the package: +cd $PKG +makepkg --linkadd y --chown n $OUTPUT/${PRGNAM}-${PKGVERSION}-${ARCH}-${BUILD}${TAG}.txz 2>&1 | tee $OUTPUT/makepkg-${PRGNAM}.log +cd $OUTPUT +md5sum ${PRGNAM}-${PKGVERSION}-${ARCH}-${BUILD}${TAG}.txz > ${PRGNAM}-${PKGVERSION}-${ARCH}-${BUILD}${TAG}.txz.md5 +cd - +cat $PKG/install/slack-desc | grep "^${PRGNAM}" > $OUTPUT/${PRGNAM}-${PKGVERSION}-${ARCH}-${BUILD}${TAG}.txt + diff --git a/patches/source/MPlayer/slack-desc b/patches/source/MPlayer/slack-desc new file mode 100644 index 00000000..033b4170 --- /dev/null +++ b/patches/source/MPlayer/slack-desc @@ -0,0 +1,20 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +MPlayer: MPlayer (Linux movie player) +MPlayer: +MPlayer: MPlayer is a movie player for Linux. It plays most MPEG, VOB, AVI, +MPlayer: Ogg/OGM, VIVO, ASF/WMA/WMV, QT/MOV/MP4, FLI, RM, NuppelVideo, +MPlayer: YUV4MPEG, FILM, RoQ, PVA files, supported by many native, XAnim, +MPlayer: and Win32 DLL codecs. You can watch VideoCD, SVCD, DVD, 3ivx, +MPlayer: DivX 3/4/5 and even WMV movies, too (without the avifile library). +MPlayer: MPlayer supports 10 types of subtitles formats: VobSub, +MPlayer: MicroDVD, SubRip, SubViewer, Sami, VPlayer, RT, SSA, AQTitle, MPsub. +MPlayer: +MPlayer: Homepage for MPLayer is http://www.mplayerhq.hu/ + diff --git a/patches/source/acl/acl.SlackBuild b/patches/source/acl/acl.SlackBuild new file mode 100755 index 00000000..1c058e46 --- /dev/null +++ b/patches/source/acl/acl.SlackBuild @@ -0,0 +1,120 @@ +#!/bin/sh + +# Copyright 2005-2011 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=acl +VERSION=2.2.50 +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-acl + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP + +rm -rf acl-$(echo $VERSION | cut -f 1 -d '-') +tar xzvf $CWD/acl-$VERSION.src.tar.gz || exit 1 +cd acl-$(echo $VERSION | cut -f 1 -d '-') || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Add DESTDIR support and improve docs install location: +zcat $CWD/acl.destdir.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit + +# Make sure you have the same version of autoconf as the +# developers did... ;-) +autoconf + +./configure \ + --prefix=/ \ + --exec-prefix=/ \ + --sbindir=/bin \ + --bindir=/usr/bin \ + --libdir=/lib${LIBDIRSUFFIX} \ + --libexecdir=/usr/lib${LIBDIRSUFFIX} \ + --includedir=/usr/include \ + --mandir=/usr/man \ + --datadir=/usr/share + +make || exit 1 +make install DESTDIR=$PKG +make install-dev DESTDIR=$PKG +make install-lib DESTDIR=$PKG + +mv $PKG/usr/share/doc $PKG/usr +( cd $PKG/usr/doc ; mv acl acl-$VERSION ) +#It would be nice to keep the same timestamps that the files have in the source: +cp -a \ + README doc/COPYING* doc/PORTING \ + $PKG/usr/doc/acl-$VERSION + +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) +strip -g $PKG/usr/lib${LIBDIRSUFFIX}/*.a + +# Remove bogus files: +rm -f $PKG/lib${LIBDIRSUFFIX}/*.a $PKG/lib${LIBDIRSUFFIX}/libacl.so $PKG/lib${LIBDIRSUFFIX}/*.la $PKG/usr/lib${LIBDIRSUFFIX}/*.la +# Make /usr/lib${LIBDIRSUFFIX}/libacl.so a symlink to /lib${LIBDIRSUFFIX}: +( cd $PKG/usr/lib${LIBDIRSUFFIX} + rm -f libacl.so + ln -sf /lib${LIBDIRSUFFIX}/libacl.so.1 libacl.so +) +# Fix shared library perms: +chmod 755 $PKG/lib${LIBDIRSUFFIX}/* + +# Gzip the man pages: +( cd $PKG/usr/man + for i in `find . -type l` ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done + gzip -9 */*.? +) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +makepkg -l y -c n $TMP/acl-$(echo $VERSION | tr - _ )-$ARCH-$BUILD.txz + diff --git a/patches/source/acl/acl.destdir.diff b/patches/source/acl/acl.destdir.diff new file mode 100644 index 00000000..aa4b42e8 --- /dev/null +++ b/patches/source/acl/acl.destdir.diff @@ -0,0 +1,36 @@ +--- ./include/builddefs.in.orig 2011-04-08 11:55:52.000000000 -0500 ++++ ./include/builddefs.in 2011-04-18 13:41:25.000000000 -0500 +@@ -28,14 +28,14 @@ + PKG_VERSION = @pkg_version@ + PKG_PLATFORM = @pkg_platform@ + PKG_DISTRIBUTION= @pkg_distribution@ +-PKG_BIN_DIR = @bindir@ +-PKG_SBIN_DIR = @sbindir@ +-PKG_LIB_DIR = @libdir@@libdirsuffix@ +-PKG_DEVLIB_DIR = @libexecdir@@libdirsuffix@ +-PKG_INC_DIR = @includedir@ +-PKG_MAN_DIR = @mandir@ +-PKG_DOC_DIR = @datadir@/doc/@pkg_name@ +-PKG_LOCALE_DIR = @datadir@/locale ++PKG_BIN_DIR = $(DESTDIR)@bindir@ ++PKG_SBIN_DIR = $(DESTDIR)@sbindir@ ++PKG_LIB_DIR = $(DESTDIR)@libdir@@libdirsuffix@ ++PKG_DEVLIB_DIR = $(DESTDIR)@libexecdir@@libdirsuffix@ ++PKG_INC_DIR = $(DESTDIR)@includedir@ ++PKG_MAN_DIR = $(DESTDIR)@mandir@ ++PKG_DOC_DIR = $(DESTDIR)@datadir@/doc/@pkg_name@ ++PKG_LOCALE_DIR = $(DESTDIR)@datadir@/locale + + CC = @cc@ + AWK = @awk@ +--- ./include/buildmacros.orig 2011-04-08 11:55:52.000000000 -0500 ++++ ./include/buildmacros 2011-04-18 13:41:54.000000000 -0500 +@@ -40,7 +40,7 @@ + $(LFILES:.l=.o) \ + $(YFILES:%.y=%.tab.o) + +-INSTALL = $(TOPDIR)/include/install-sh -o $(PKG_USER) -g $(PKG_GROUP) ++INSTALL = $(TOPDIR)/include/install-sh + + SHELL = /bin/sh + IMAGES_DIR = $(TOPDIR)/all-images diff --git a/patches/source/acl/slack-desc b/patches/source/acl/slack-desc new file mode 100644 index 00000000..93484df3 --- /dev/null +++ b/patches/source/acl/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +acl: acl (tools for using POSIX Access Control Lists) +acl: +acl: This package contains a set of tools and libraries for manipulating +acl: POSIX Access Control Lists. POSIX Access Control Lists (defined in +acl: POSIX 1003.1e draft standard 17) are used to define more fine-grained +acl: discretionary access rights for files and directories. +acl: +acl: +acl: +acl: Homepage: http://savannah.nongnu.org/projects/acl +acl: diff --git a/patches/source/apr-util/apr-util.SlackBuild b/patches/source/apr-util/apr-util.SlackBuild new file mode 100755 index 00000000..d1c9f2e4 --- /dev/null +++ b/patches/source/apr-util/apr-util.SlackBuild @@ -0,0 +1,124 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo apr-util-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-apr-util + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf apr-util-$VERSION +tar xvf $CWD/apr-util-$VERSION.tar.bz2 || exit 1 +cd apr-util-$VERSION + +# For now, this isn't working with svn (here, anyway) and is probably +# more trouble than it's worth. Could be a grey area in regards to +# licensing, too -- the Apache people say it's fine for third parties +# to link this and distribute the result, but there are usually some +# differing opinions when it comes to this sort of thing... +#( cd dbd ; lftpget http://apache.webthing.com/svn/apache/apr/apr_dbd_mysql.c ) +# --with-mysql=/usr \ +# + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-apr=/usr \ + --with-dbm=db44 \ + --with-berkeley-db \ + --disable-util-dso \ + --without-gdbm \ + --with-ldap \ + --disable-static \ + --without-sqlite2 \ + $ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make dox || exit 1 +make install DESTDIR=$PKG + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc/apr-util-$VERSION +cp -a \ + INSTALL.MySQL LICENSE NOTICE \ + $PKG/usr/doc/apr-util-$VERSION + +# If there's a CHANGES file, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGES ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat CHANGES | head -n 1000 > $DOCSDIR/CHANGES + touch -r CHANGES $DOCSDIR/CHANGES +fi + +# This just seems like way too much stuff... +#mv docs/dox/html $PKG/usr/doc/apr-util-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/apr-util-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/apr-util/slack-desc b/patches/source/apr-util/slack-desc new file mode 100644 index 00000000..cec19063 --- /dev/null +++ b/patches/source/apr-util/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +apr-util: apr-util (Apache Portable Runtime utilities) +apr-util: +apr-util: The mission of the Apache Portable Runtime (APR) is to provide a +apr-util: free library of C data structures and routines, forming a system +apr-util: portability layer to as many operating systems as possible. +apr-util: +apr-util: This package contains additional utility interfaces for APR; +apr-util: including support for XML, LDAP, database interfaces, URI parsing, +apr-util: and more. +apr-util: +apr-util: diff --git a/patches/source/apr/apr.SlackBuild b/patches/source/apr/apr.SlackBuild new file mode 100755 index 00000000..125e5677 --- /dev/null +++ b/patches/source/apr/apr.SlackBuild @@ -0,0 +1,110 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo apr-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-apr + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf apr-$VERSION +tar xvf $CWD/apr-$VERSION.tar.bz2 || exit 1 +cd apr-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-installbuilddir=/usr/lib${LIBDIRSUFFIX}/apr-${VERSION}/build-1 \ + --disable-static \ + --with-devrandom=/dev/urandom \ + $ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make dox || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc/apr-$VERSION +cp -a \ + LICENSE NOTICE README.dev \ + $PKG/usr/doc/apr-$VERSION + +# If there's a CHANGES file, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGES ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat CHANGES | head -n 1000 > $DOCSDIR/CHANGES + touch -r CHANGES $DOCSDIR/CHANGES +fi + +# This just seems like way too much stuff... +#mv docs/dox/html $PKG/usr/doc/apr-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/apr-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/apr/slack-desc b/patches/source/apr/slack-desc new file mode 100644 index 00000000..2e52660d --- /dev/null +++ b/patches/source/apr/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +apr: apr (Apache Portable Runtime) +apr: +apr: The mission of the Apache Portable Runtime (APR) is to provide a +apr: free library of C data structures and routines, forming a system +apr: portability layer to as many operating systems as possible. +apr: +apr: +apr: +apr: +apr: +apr: diff --git a/patches/source/bash/bash-4.1-patches/bash41-001 b/patches/source/bash/bash-4.1-patches/bash41-001 new file mode 100644 index 00000000..758e1fa4 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-001 @@ -0,0 +1,48 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-001 + +Bug-Reported-by: Yann Rouillard <yann@pleiades.fr.eu.org> +Bug-Reference-ID: <4B44A410.4070107@pleiades.fr.eu.org> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-01/msg00018.html + +Bug-Description: + +A prototype for vsnprintf was incorrect, and caused compilation failures +on systems that did not have a suitable vsnprintf, but had a declaration in +one of the system header files. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/builtins/printf.def 2009-11-20 15:31:23.000000000 -0500 +--- builtins/printf.def 2010-01-07 08:50:06.000000000 -0500 +*************** +*** 173,177 **** + + #if !HAVE_VSNPRINTF +! extern int vsnprintf __P((char *, size_t, const char *, ...)) __attribute__((__format__ (printf, 3, 4))); + #endif + +--- 173,177 ---- + + #if !HAVE_VSNPRINTF +! extern int vsnprintf __P((char *, size_t, const char *, va_list)) __attribute__((__format__ (printf, 3, 0))); + #endif + +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 0 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 1 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-002 b/patches/source/bash/bash-4.1-patches/bash41-002 new file mode 100644 index 00000000..a1151985 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-002 @@ -0,0 +1,65 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-002 + +Bug-Reported-by: guillaume.outters@free.fr +Bug-Reference-ID: <20100105230441.70D171AA7F52@asterix.local> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-01/msg00017.html + +Bug-Description: + +Bash-4.1/Readline-6.1 introduced a hook function that allows applications +to rewrite or modify filenames read from the file system before comparing +them with a word to be completed. The converted filename, if it matches, +needs to be inserted into the line buffer, replacing the original contents. + +This fixes a completion bug on Mac OS X involving filenames containing +UTF-8 characters. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/lib/readline/complete.c 2009-11-29 18:39:30.000000000 -0500 +--- lib/readline/complete.c 2010-01-06 08:30:23.000000000 -0500 +*************** +*** 2139,2143 **** + if (filename_len == 0) + { +! if (_rl_match_hidden_files == 0 && HIDDEN_FILE (entry->d_name)) + continue; + +--- 2139,2143 ---- + if (filename_len == 0) + { +! if (_rl_match_hidden_files == 0 && HIDDEN_FILE (convfn)) + continue; + +*************** +*** 2220,2224 **** + } + +! strcpy (temp + dirlen, entry->d_name); + } + else +--- 2220,2224 ---- + } + +! strcpy (temp + dirlen, convfn); + } + else +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 1 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 2 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-003 b/patches/source/bash/bash-4.1-patches/bash41-003 new file mode 100644 index 00000000..479fdcd9 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-003 @@ -0,0 +1,48 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-003 + +Bug-Reported-by: coyote@wariat.org.pl +Bug-Reference-ID: <4b64a1f8.06e2660a.60af.4bfb@mx.google.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-01/msg00135.html + +Bug-Description: + +If command completion is attempted on a word with a quoted globbing +character (e.g., `*' or `?'), bash can reference a NULL pointer and +dump core. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/bashline.c 2009-10-24 14:10:19.000000000 -0400 +--- bashline.c 2010-01-30 21:53:49.000000000 -0500 +*************** +*** 1681,1685 **** + characters in the common prefix are bad) will ever be returned on + regular completion. */ +! if (glob_pattern_p (hint)) + { + if (state == 0) +--- 1681,1685 ---- + characters in the common prefix are bad) will ever be returned on + regular completion. */ +! if (globpat) + { + if (state == 0) +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 2 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 3 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-004 b/patches/source/bash/bash-4.1-patches/bash41-004 new file mode 100644 index 00000000..33f79bb7 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-004 @@ -0,0 +1,47 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-004 + +Bug-Reported-by: Crestez Dan Leonard <cdleonard@gmail.com> +Bug-Reference-ID: <1265592839.30682.21.camel@deskbox> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-02/msg00034.html + +Bug-Description: + +When running in Posix mode and executing a shell function without local +variables, bash will not propagate a variable in a special builtin's temporary +environment to have global scope. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/variables.c 2009-11-03 14:13:58.000000000 -0500 +--- variables.c 2010-02-08 17:36:18.000000000 -0500 +*************** +*** 3809,3812 **** +--- 3809,3817 ---- + if (tempvar_p (var) && (posixly_correct || (var->attributes & att_propagate))) + { ++ /* Make sure we have a hash table to store the variable in while it is ++ being propagated down to the global variables table. Create one if ++ we have to */ ++ if ((vc_isfuncenv (shell_variables) || vc_istempenv (shell_variables)) && shell_variables->table == 0) ++ shell_variables->table = hash_create (0); + /* XXX - should we set v->context here? */ + v = bind_variable_internal (var->name, value_cell (var), shell_variables->table, 0, 0); +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 3 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 4 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-005 b/patches/source/bash/bash-4.1-patches/bash41-005 new file mode 100644 index 00000000..8a2fec8a --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-005 @@ -0,0 +1,56 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-005 + +Bug-Reported-by: werner@suse.de +Bug-Reference-ID: <201002251238.o1PCcYcg016893@boole.suse.de> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-02/msg00132.html + +Bug-Description: + +When the `read' builtin times out after the timeout specified with -t is +exceeded, it does not reset the flags that tell signal handlers to process +signals immediately instead of deferring their handling. This can result +in unsafe functions being called from signal handlers, which can cause bash +to hang or dump core. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/builtins/read.def 2009-10-08 11:35:46.000000000 -0400 +--- builtins/read.def 2010-03-17 17:35:39.000000000 -0400 +*************** +*** 616,621 **** + zsyncfd (fd); + +- interrupt_immediately--; +- terminate_immediately--; + discard_unwind_frame ("read_builtin"); + +--- 616,619 ---- +*************** +*** 624,627 **** +--- 622,628 ---- + assign_vars: + ++ interrupt_immediately--; ++ terminate_immediately--; ++ + #if defined (ARRAY_VARS) + /* If -a was given, take the string read, break it into a list of words, +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 4 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 5 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-006 b/patches/source/bash/bash-4.1-patches/bash41-006 new file mode 100644 index 00000000..d6553b8b --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-006 @@ -0,0 +1,76 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-006 + +Bug-Reported-by: Mike Frysinger <vapier@gentoo.org> +Bug-Reference-ID: <201003210155.56618.vapier@gentoo.org> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-03/msg00063.html + +Bug-Description: + +Bash did not correctly print/reproduce here documents attached to commands +inside compound commands such as for and while. This affected the +execution of such commands inside a shell function when the function +definition is saved and later restored using `.' or `eval'. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/print_cmd.c 2009-09-16 15:32:26.000000000 -0400 +--- print_cmd.c 2010-03-22 21:15:30.000000000 -0400 +*************** +*** 114,117 **** +--- 114,123 ---- + #define CHECK_XTRACE_FP xtrace_fp = (xtrace_fp ? xtrace_fp : stderr) + ++ #define PRINT_DEFERRED_HEREDOCS(x) \ ++ do { \ ++ if (deferred_heredocs) \ ++ print_deferred_heredocs (x); \ ++ } while (0) ++ + /* Non-zero means the stuff being printed is inside of a function def. */ + static int inside_function_def; +*************** +*** 561,571 **** + { + print_for_command_head (for_command); +- + cprintf (";"); + newline ("do\n"); + indentation += indentation_amount; + make_command_string_internal (for_command->action); + semicolon (); + indentation -= indentation_amount; + newline ("done"); + } +--- 566,578 ---- + { + print_for_command_head (for_command); + cprintf (";"); + newline ("do\n"); ++ + indentation += indentation_amount; + make_command_string_internal (for_command->action); ++ PRINT_DEFERRED_HEREDOCS (""); + semicolon (); + indentation -= indentation_amount; ++ + newline ("done"); + } +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 5 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 6 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-007 b/patches/source/bash/bash-4.1-patches/bash41-007 new file mode 100644 index 00000000..07b4796c --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-007 @@ -0,0 +1,47 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-007 + +Bug-Reported-by: Rob Robason <rob@robason.net> +Bug-Reference-ID: <1269513145.22336.9.camel@home.robason.homelinux.net> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-03/msg00089.html + +Bug-Description: + +A typo caused bash to not honor a precision specification in a printf +format. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/builtins/printf.def 2010-01-18 10:50:22.000000000 -0500 +--- builtins/printf.def 2010-03-25 09:40:56.000000000 -0400 +*************** +*** 118,122 **** + nw = vflag ? vbprintf (f, fieldwidth, func) : printf (f, fieldwidth, func); \ + else if (have_precision) \ +! nw = vflag ? vbprintf (f, precision, func) : printf (f, fieldwidth, func); \ + else \ + nw = vflag ? vbprintf (f, func) : printf (f, func); \ +--- 118,122 ---- + nw = vflag ? vbprintf (f, fieldwidth, func) : printf (f, fieldwidth, func); \ + else if (have_precision) \ +! nw = vflag ? vbprintf (f, precision, func) : printf (f, precision, func); \ + else \ + nw = vflag ? vbprintf (f, func) : printf (f, func); \ +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 6 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 7 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-008 b/patches/source/bash/bash-4.1-patches/bash41-008 new file mode 100644 index 00000000..2bec4de4 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-008 @@ -0,0 +1,49 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-008 + +Bug-Reported-by: Dennis van Dok <dvandok@gmail.com> +Bug-Reference-ID: <4BBF2501.5050703@gmail.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-04/msg00038.html + +Bug-Description: + +When declaring an associative array and implicitly assigning a value +to element "0", bash does not correctly allocate memory, leading to +a segmentation violation when that element or the array itself is +unset. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/builtins/declare.def 2009-11-25 19:42:00.000000000 -0500 +--- builtins/declare.def 2010-05-30 18:25:21.000000000 -0400 +*************** +*** 513,517 **** + /* let bind_{array,assoc}_variable take care of this. */ + if (assoc_p (var)) +! bind_assoc_variable (var, name, "0", value, aflags); + else + bind_array_variable (name, 0, value, aflags); +--- 519,523 ---- + /* let bind_{array,assoc}_variable take care of this. */ + if (assoc_p (var)) +! bind_assoc_variable (var, name, savestring ("0"), value, aflags); + else + bind_array_variable (name, 0, value, aflags); +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 7 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 8 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-009 b/patches/source/bash/bash-4.1-patches/bash41-009 new file mode 100644 index 00000000..ae0f1e3e --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-009 @@ -0,0 +1,48 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-009 + +Bug-Reported-by: Tomas Trnka <tomastrnka@gmx.com> +Bug-Reference-ID: <201003242030.02166.tomastrnka@gmx.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-03/msg00090.html + +Bug-Description: + +An arriving SIGCHLD will interrupt `slow' system calls such as write(2) to +or read(2) from a terminal. This results in an error message and truncated +input or output. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/sig.c Fri Aug 14 16:31:52 2009 +--- sig.c Fri Mar 26 22:34:11 2010 +*************** +*** 655,660 **** +--- 655,663 ---- + act.sa_flags |= SA_INTERRUPT; /* XXX */ + else + act.sa_flags |= SA_RESTART; /* XXX */ ++ #else ++ if (sig == SIGCHLD) ++ act.sa_flags |= SA_RESTART; + #endif + sigemptyset (&act.sa_mask); + sigemptyset (&oact.sa_mask); +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 8 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 9 + + #endif /* _PATCHLEVEL_H_ */ + diff --git a/patches/source/bash/bash-4.1-patches/bash41-010 b/patches/source/bash/bash-4.1-patches/bash41-010 new file mode 100644 index 00000000..b5a4b615 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-010 @@ -0,0 +1,68 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-010 + +Bug-Reported-by: Stephane Jourdois <sjourdois@gmail.com> +Bug-Reference-ID: <AANLkTimbh1t2BmCjnCgACpEidArJMBIEtr30Vv3VzHxf@mail.gmail.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2010-05/msg00165.html + +Bug-Description: + +The expansion of the \W prompt string escape sequence incorrectly used +strcpy to copy overlapping strings. Only memmove works in this case. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/parse.y 2009-12-30 12:51:42.000000000 -0500 +--- parse.y 2011-02-24 16:40:48.000000000 -0500 +*************** +*** 5153,5157 **** + t = strrchr (t_string, '/'); + if (t) +! strcpy (t_string, t + 1); + } + } +--- 5153,5157 ---- + t = strrchr (t_string, '/'); + if (t) +! memmove (t_string, t + 1, strlen (t)); + } + } +*** ../bash-4.1-patched/y.tab.c 2009-12-30 12:52:02.000000000 -0500 +--- y.tab.c 2011-02-24 16:50:27.000000000 -0500 +*************** +*** 7482,7486 **** + t = strrchr (t_string, '/'); + if (t) +! strcpy (t_string, t + 1); + } + } +--- 7482,7486 ---- + t = strrchr (t_string, '/'); + if (t) +! memmove (t_string, t + 1, strlen (t)); + } + } +*************** +*** 8244,8246 **** + } + #endif /* HANDLE_MULTIBYTE */ +- +--- 8244,8245 ---- +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 9 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 10 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-011 b/patches/source/bash/bash-4.1-patches/bash41-011 new file mode 100644 index 00000000..050da955 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-011 @@ -0,0 +1,86 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-011 + +Bug-Reported-by: <piuma@piumalab.org> +Bug-Reference-ID: <4DAAC0DB.7060606@piumalab.org> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2011-04/msg00075.html + +Bug-Description: + +Under certain circumstances, running `fc -l' two times in succession with a +relative history offset at the end of the history will result in an incorrect +calculation of the last history entry and a seg fault. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1-patched/builtins/fc.def 2009-03-21 14:03:43.000000000 -0400 +--- builtins/fc.def 2011-04-19 15:46:17.000000000 -0400 +*************** +*** 304,307 **** +--- 304,317 ---- + last_hist = i - rh - hist_last_line_added; + ++ /* XXX */ ++ if (i == last_hist && hlist[last_hist] == 0) ++ while (last_hist >= 0 && hlist[last_hist] == 0) ++ last_hist--; ++ if (last_hist < 0) ++ { ++ sh_erange ((char *)NULL, _("history specification")); ++ return (EXECUTION_FAILURE); ++ } ++ + if (list) + { +*************** +*** 466,470 **** + { + int sign, n, clen, rh; +! register int i, j; + register char *s; + +--- 476,480 ---- + { + int sign, n, clen, rh; +! register int i, j, last_hist; + register char *s; + +*************** +*** 486,490 **** + calculation as if it were on. */ + rh = remember_on_history || ((subshell_environment & SUBSHELL_COMSUB) && enable_history_list); +! i -= rh + hist_last_line_added; + + /* No specification defaults to most recent command. */ +--- 496,508 ---- + calculation as if it were on. */ + rh = remember_on_history || ((subshell_environment & SUBSHELL_COMSUB) && enable_history_list); +! last_hist = i - rh - hist_last_line_added; +! +! if (i == last_hist && hlist[last_hist] == 0) +! while (last_hist >= 0 && hlist[last_hist] == 0) +! last_hist--; +! if (last_hist < 0) +! return (-1); +! +! i = last_hist; + + /* No specification defaults to most recent command. */ +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 10 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 11 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-012 b/patches/source/bash/bash-4.1-patches/bash41-012 new file mode 100644 index 00000000..17464c07 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-012 @@ -0,0 +1,104 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-012 + +Bug-Reported-by: Stephane Chazelas <stephane.chazelas@gmail.com> +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +Under certain circumstances, bash will execute user code while processing the +environment for exported function definitions. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1.11/builtins/common.h 2009-12-22 16:30:42.000000000 -0500 +--- builtins/common.h 2014-09-16 19:27:38.000000000 -0400 +*************** +*** 36,39 **** +--- 36,41 ---- + + /* Flags for describe_command, shared between type.def and command.def */ ++ #define SEVAL_FUNCDEF 0x080 /* only allow function definitions */ ++ #define SEVAL_ONECMD 0x100 /* only allow a single command */ + #define CDESC_ALL 0x001 /* type -a */ + #define CDESC_SHORTDESC 0x002 /* command -V */ +*** ../bash-4.1.11/builtins/evalstring.c 2009-10-17 21:18:50.000000000 -0400 +--- builtins/evalstring.c 2014-09-16 19:27:38.000000000 -0400 +*************** +*** 262,265 **** +--- 262,273 ---- + struct fd_bitmap *bitmap; + ++ if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def) ++ { ++ internal_warning ("%s: ignoring function definition attempt", from_file); ++ should_jump_to_top_level = 0; ++ last_result = last_command_exit_value = EX_BADUSAGE; ++ break; ++ } ++ + bitmap = new_fd_bitmap (FD_BITMAP_SIZE); + begin_unwind_frame ("pe_dispose"); +*************** +*** 322,325 **** +--- 330,336 ---- + dispose_fd_bitmap (bitmap); + discard_unwind_frame ("pe_dispose"); ++ ++ if (flags & SEVAL_ONECMD) ++ break; + } + } +*** ../bash-4.1.11/variables.c 2010-03-26 12:15:39.000000000 -0400 +--- variables.c 2014-09-16 19:27:38.000000000 -0400 +*************** +*** 348,357 **** + strcpy (temp_string + char_index + 1, string); + +! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST); +! +! /* Ancient backwards compatibility. Old versions of bash exported +! functions like name()=() {...} */ +! if (name[char_index - 1] == ')' && name[char_index - 2] == '(') +! name[char_index - 2] = '\0'; + + if (temp_var = find_function (name)) +--- 348,355 ---- + strcpy (temp_string + char_index + 1, string); + +! /* Don't import function names that are invalid identifiers from the +! environment. */ +! if (legal_identifier (name)) +! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); + + if (temp_var = find_function (name)) +*************** +*** 362,369 **** + else + report_error (_("error importing function definition for `%s'"), name); +- +- /* ( */ +- if (name[char_index - 1] == ')' && name[char_index - 2] == '\0') +- name[char_index - 2] = '('; /* ) */ + } + #if defined (ARRAY_VARS) +--- 360,363 ---- +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 11 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 12 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-013 b/patches/source/bash/bash-4.1-patches/bash41-013 new file mode 100644 index 00000000..7a93dacd --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-013 @@ -0,0 +1,43 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-013 + +Bug-Reported-by: Tavis Ormandy <taviso@cmpxchg8b.com> +Bug-Reference-ID: +Bug-Reference-URL: http://twitter.com/taviso/statuses/514887394294652929 + +Bug-Description: + +Under certain circumstances, bash can incorrectly save a lookahead character and +return it on a subsequent call, even when reading a new line. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1.12/parse.y 2011-02-24 19:41:01.000000000 -0500 +--- parse.y 2014-09-25 16:13:57.000000000 -0400 +*************** +*** 2812,2815 **** +--- 2812,2817 ---- + word_desc_to_read = (WORD_DESC *)NULL; + ++ eol_ungetc_lookahead = 0; ++ + current_token = '\n'; /* XXX */ + last_read_token = '\n'; +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 12 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 13 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-014 b/patches/source/bash/bash-4.1-patches/bash41-014 new file mode 100644 index 00000000..87a57be7 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-014 @@ -0,0 +1,217 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-014 + +Bug-Reported-by: Florian Weimer <fweimer@redhat.com> +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +This patch changes the encoding bash uses for exported functions to avoid +clashes with shell variables and to avoid depending only on an environment +variable's contents to determine whether or not to interpret it as a shell +function. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1.13/variables.c 2014-09-16 19:27:38.000000000 -0400 +--- variables.c 2014-09-27 20:57:46.000000000 -0400 +*************** +*** 80,83 **** +--- 80,88 ---- + #define ifsname(s) ((s)[0] == 'I' && (s)[1] == 'F' && (s)[2] == 'S' && (s)[3] == '\0') + ++ #define BASHFUNC_PREFIX "BASH_FUNC_" ++ #define BASHFUNC_PREFLEN 10 /* == strlen(BASHFUNC_PREFIX */ ++ #define BASHFUNC_SUFFIX "%%" ++ #define BASHFUNC_SUFFLEN 2 /* == strlen(BASHFUNC_SUFFIX) */ ++ + extern char **environ; + +*************** +*** 269,273 **** + static void dispose_temporary_env __P((sh_free_func_t *)); + +! static inline char *mk_env_string __P((const char *, const char *)); + static char **make_env_array_from_var_list __P((SHELL_VAR **)); + static char **make_var_export_array __P((VAR_CONTEXT *)); +--- 274,278 ---- + static void dispose_temporary_env __P((sh_free_func_t *)); + +! static inline char *mk_env_string __P((const char *, const char *, int)); + static char **make_env_array_from_var_list __P((SHELL_VAR **)); + static char **make_var_export_array __P((VAR_CONTEXT *)); +*************** +*** 339,357 **** + /* If exported function, define it now. Don't import functions from + the environment in privileged mode. */ +! if (privmode == 0 && read_but_dont_execute == 0 && STREQN ("() {", string, 4)) + { + string_length = strlen (string); +! temp_string = (char *)xmalloc (3 + string_length + char_index); + +! strcpy (temp_string, name); +! temp_string[char_index] = ' '; +! strcpy (temp_string + char_index + 1, string); + + /* Don't import function names that are invalid identifiers from the + environment. */ +! if (legal_identifier (name)) +! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); + +! if (temp_var = find_function (name)) + { + VSETATTR (temp_var, (att_exported|att_imported)); +--- 344,373 ---- + /* If exported function, define it now. Don't import functions from + the environment in privileged mode. */ +! if (privmode == 0 && read_but_dont_execute == 0 && +! STREQN (BASHFUNC_PREFIX, name, BASHFUNC_PREFLEN) && +! STREQ (BASHFUNC_SUFFIX, name + char_index - BASHFUNC_SUFFLEN) && +! STREQN ("() {", string, 4)) + { ++ size_t namelen; ++ char *tname; /* desired imported function name */ ++ ++ namelen = char_index - BASHFUNC_PREFLEN - BASHFUNC_SUFFLEN; ++ ++ tname = name + BASHFUNC_PREFLEN; /* start of func name */ ++ tname[namelen] = '\0'; /* now tname == func name */ ++ + string_length = strlen (string); +! temp_string = (char *)xmalloc (namelen + string_length + 2); + +! memcpy (temp_string, tname, namelen); +! temp_string[namelen] = ' '; +! memcpy (temp_string + namelen + 1, string, string_length + 1); + + /* Don't import function names that are invalid identifiers from the + environment. */ +! if (absolute_program (tname) == 0 && (posixly_correct == 0 || legal_identifier (tname))) +! parse_and_execute (temp_string, tname, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); + +! if (temp_var = find_function (tname)) + { + VSETATTR (temp_var, (att_exported|att_imported)); +*************** +*** 359,363 **** + } + else +! report_error (_("error importing function definition for `%s'"), name); + } + #if defined (ARRAY_VARS) +--- 375,382 ---- + } + else +! report_error (_("error importing function definition for `%s'"), tname); +! +! /* Restore original suffix */ +! tname[namelen] = BASHFUNC_SUFFIX[0]; + } + #if defined (ARRAY_VARS) +*************** +*** 2520,2524 **** + + INVALIDATE_EXPORTSTR (var); +! var->exportstr = mk_env_string (name, value); + + array_needs_making = 1; +--- 2539,2543 ---- + + INVALIDATE_EXPORTSTR (var); +! var->exportstr = mk_env_string (name, value, 0); + + array_needs_making = 1; +*************** +*** 3339,3357 **** + + static inline char * +! mk_env_string (name, value) + const char *name, *value; + { +! int name_len, value_len; +! char *p; + + name_len = strlen (name); + value_len = STRLEN (value); +! p = (char *)xmalloc (2 + name_len + value_len); +! strcpy (p, name); +! p[name_len] = '='; + if (value && *value) +! strcpy (p + name_len + 1, value); + else +! p[name_len + 1] = '\0'; + return (p); + } +--- 3358,3397 ---- + + static inline char * +! mk_env_string (name, value, isfunc) + const char *name, *value; ++ int isfunc; + { +! size_t name_len, value_len; +! char *p, *q; + + name_len = strlen (name); + value_len = STRLEN (value); +! +! /* If we are exporting a shell function, construct the encoded function +! name. */ +! if (isfunc && value) +! { +! p = (char *)xmalloc (BASHFUNC_PREFLEN + name_len + BASHFUNC_SUFFLEN + value_len + 2); +! q = p; +! memcpy (q, BASHFUNC_PREFIX, BASHFUNC_PREFLEN); +! q += BASHFUNC_PREFLEN; +! memcpy (q, name, name_len); +! q += name_len; +! memcpy (q, BASHFUNC_SUFFIX, BASHFUNC_SUFFLEN); +! q += BASHFUNC_SUFFLEN; +! } +! else +! { +! p = (char *)xmalloc (2 + name_len + value_len); +! memcpy (p, name, name_len); +! q = p + name_len; +! } +! +! q[0] = '='; + if (value && *value) +! memcpy (q + 1, value, value_len + 1); + else +! q[1] = '\0'; +! + return (p); + } +*************** +*** 3439,3443 **** + using the cached exportstr... */ + list[list_index] = USE_EXPORTSTR ? savestring (value) +! : mk_env_string (var->name, value); + + if (USE_EXPORTSTR == 0) +--- 3479,3483 ---- + using the cached exportstr... */ + list[list_index] = USE_EXPORTSTR ? savestring (value) +! : mk_env_string (var->name, value, function_p (var)); + + if (USE_EXPORTSTR == 0) +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 13 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 14 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-015 b/patches/source/bash/bash-4.1-patches/bash41-015 new file mode 100644 index 00000000..c7af80f0 --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-015 @@ -0,0 +1,173 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-015 + +Bug-Reported-by: Florian Weimer <fweimer@redhat.com> +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +There are two local buffer overflows in parse.y that can cause the shell +to dump core when given many here-documents attached to a single command +or many nested loops. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1.14/parse.y 2014-09-27 12:18:25.000000000 -0400 +--- parse.y 2014-09-30 19:36:03.000000000 -0400 +*************** +*** 168,171 **** +--- 168,174 ---- + static int reserved_word_acceptable __P((int)); + static int yylex __P((void)); ++ ++ static void push_heredoc __P((REDIRECT *)); ++ static char *mk_alexpansion __P((char *)); + static int alias_expand_token __P((char *)); + static int time_command_acceptable __P((void)); +*************** +*** 262,266 **** + /* Variables to manage the task of reading here documents, because we need to + defer the reading until after a complete command has been collected. */ +! static REDIRECT *redir_stack[10]; + int need_here_doc; + +--- 265,271 ---- + /* Variables to manage the task of reading here documents, because we need to + defer the reading until after a complete command has been collected. */ +! #define HEREDOC_MAX 16 +! +! static REDIRECT *redir_stack[HEREDOC_MAX]; + int need_here_doc; + +*************** +*** 304,308 **** + index is decremented after a case, select, or for command is parsed. */ + #define MAX_CASE_NEST 128 +! static int word_lineno[MAX_CASE_NEST]; + static int word_top = -1; + +--- 309,313 ---- + index is decremented after a case, select, or for command is parsed. */ + #define MAX_CASE_NEST 128 +! static int word_lineno[MAX_CASE_NEST+1]; + static int word_top = -1; + +*************** +*** 517,521 **** + redir.filename = $2; + $$ = make_redirection (source, r_reading_until, redir, 0); +! redir_stack[need_here_doc++] = $$; + } + | NUMBER LESS_LESS WORD +--- 522,526 ---- + redir.filename = $2; + $$ = make_redirection (source, r_reading_until, redir, 0); +! push_heredoc ($$); + } + | NUMBER LESS_LESS WORD +*************** +*** 524,528 **** + redir.filename = $3; + $$ = make_redirection (source, r_reading_until, redir, 0); +! redir_stack[need_here_doc++] = $$; + } + | REDIR_WORD LESS_LESS WORD +--- 529,533 ---- + redir.filename = $3; + $$ = make_redirection (source, r_reading_until, redir, 0); +! push_heredoc ($$); + } + | REDIR_WORD LESS_LESS WORD +*************** +*** 531,535 **** + redir.filename = $3; + $$ = make_redirection (source, r_reading_until, redir, REDIR_VARASSIGN); +! redir_stack[need_here_doc++] = $$; + } + | LESS_LESS_MINUS WORD +--- 536,540 ---- + redir.filename = $3; + $$ = make_redirection (source, r_reading_until, redir, REDIR_VARASSIGN); +! push_heredoc ($$); + } + | LESS_LESS_MINUS WORD +*************** +*** 538,542 **** + redir.filename = $2; + $$ = make_redirection (source, r_deblank_reading_until, redir, 0); +! redir_stack[need_here_doc++] = $$; + } + | NUMBER LESS_LESS_MINUS WORD +--- 543,547 ---- + redir.filename = $2; + $$ = make_redirection (source, r_deblank_reading_until, redir, 0); +! push_heredoc ($$); + } + | NUMBER LESS_LESS_MINUS WORD +*************** +*** 545,549 **** + redir.filename = $3; + $$ = make_redirection (source, r_deblank_reading_until, redir, 0); +! redir_stack[need_here_doc++] = $$; + } + | REDIR_WORD LESS_LESS_MINUS WORD +--- 550,554 ---- + redir.filename = $3; + $$ = make_redirection (source, r_deblank_reading_until, redir, 0); +! push_heredoc ($$); + } + | REDIR_WORD LESS_LESS_MINUS WORD +*************** +*** 552,556 **** + redir.filename = $3; + $$ = make_redirection (source, r_deblank_reading_until, redir, REDIR_VARASSIGN); +! redir_stack[need_here_doc++] = $$; + } + | LESS_LESS_LESS WORD +--- 557,561 ---- + redir.filename = $3; + $$ = make_redirection (source, r_deblank_reading_until, redir, REDIR_VARASSIGN); +! push_heredoc ($$); + } + | LESS_LESS_LESS WORD +*************** +*** 2508,2511 **** +--- 2513,2531 ---- + static int esacs_needed_count; + ++ static void ++ push_heredoc (r) ++ REDIRECT *r; ++ { ++ if (need_here_doc >= HEREDOC_MAX) ++ { ++ last_command_exit_value = EX_BADUSAGE; ++ need_here_doc = 0; ++ report_syntax_error (_("maximum here-document count exceeded")); ++ reset_parser (); ++ exit_shell (last_command_exit_value); ++ } ++ redir_stack[need_here_doc++] = r; ++ } ++ + void + gather_here_documents () +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 14 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 15 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-016 b/patches/source/bash/bash-4.1-patches/bash41-016 new file mode 100644 index 00000000..ff1ce9cd --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-016 @@ -0,0 +1,59 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-016 + +Bug-Reported-by: Michal Zalewski <lcamtuf@coredump.cx> +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +When bash is parsing a function definition that contains a here-document +delimited by end-of-file (or end-of-string), it leaves the closing delimiter +uninitialized. This can result in an invalid memory access when the parsed +function is later copied. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1.15/make_cmd.c 2009-09-11 17:26:12.000000000 -0400 +--- make_cmd.c 2014-10-02 11:29:35.000000000 -0400 +*************** +*** 690,693 **** +--- 690,694 ---- + temp->redirector = source; + temp->redirectee = dest_and_filename; ++ temp->here_doc_eof = 0; + temp->instruction = instruction; + temp->flags = 0; +*** ../bash-4.1.15/copy_cmd.c 2009-09-11 16:28:02.000000000 -0400 +--- copy_cmd.c 2014-10-02 11:29:35.000000000 -0400 +*************** +*** 127,131 **** + case r_reading_until: + case r_deblank_reading_until: +! new_redirect->here_doc_eof = savestring (redirect->here_doc_eof); + /*FALLTHROUGH*/ + case r_reading_string: +--- 127,131 ---- + case r_reading_until: + case r_deblank_reading_until: +! new_redirect->here_doc_eof = redirect->here_doc_eof ? savestring (redirect->here_doc_eof) : 0; + /*FALLTHROUGH*/ + case r_reading_string: +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 15 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 16 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash-4.1-patches/bash41-017 b/patches/source/bash/bash-4.1-patches/bash41-017 new file mode 100644 index 00000000..22a9336f --- /dev/null +++ b/patches/source/bash/bash-4.1-patches/bash41-017 @@ -0,0 +1,132 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.1 +Patch-ID: bash41-017 + +Bug-Reported-by: Michal Zalewski <lcamtuf@coredump.cx> +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +A combination of nested command substitutions and function importing from +the environment can cause bash to execute code appearing in the environment +variable value following the function definition. + +Patch (apply with `patch -p0'): + +*** ../bash-4.1.16/builtins/evalstring.c 2014-09-16 19:27:38.000000000 -0400 +--- builtins/evalstring.c 2014-10-04 15:08:26.000000000 -0400 +*************** +*** 262,271 **** + struct fd_bitmap *bitmap; + +! if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def) + { +! internal_warning ("%s: ignoring function definition attempt", from_file); +! should_jump_to_top_level = 0; +! last_result = last_command_exit_value = EX_BADUSAGE; +! break; + } + +--- 262,284 ---- + struct fd_bitmap *bitmap; + +! if (flags & SEVAL_FUNCDEF) + { +! char *x; +! +! /* If the command parses to something other than a straight +! function definition, or if we have not consumed the entire +! string, or if the parser has transformed the function +! name (as parsing will if it begins or ends with shell +! whitespace, for example), reject the attempt */ +! if (command->type != cm_function_def || +! ((x = parser_remaining_input ()) && *x) || +! (STREQ (from_file, command->value.Function_def->name->word) == 0)) +! { +! internal_warning (_("%s: ignoring function definition attempt"), from_file); +! should_jump_to_top_level = 0; +! last_result = last_command_exit_value = EX_BADUSAGE; +! reset_parser (); +! break; +! } + } + +*************** +*** 332,336 **** + + if (flags & SEVAL_ONECMD) +! break; + } + } +--- 345,352 ---- + + if (flags & SEVAL_ONECMD) +! { +! reset_parser (); +! break; +! } + } + } +*** ../bash-4.1.16/parse.y 2014-09-30 19:36:03.000000000 -0400 +--- parse.y 2014-10-04 15:08:26.000000000 -0400 +*************** +*** 2410,2413 **** +--- 2410,2423 ---- + } + ++ char * ++ parser_remaining_input () ++ { ++ if (shell_input_line == 0) ++ return 0; ++ if (shell_input_line_index < 0 || shell_input_line_index >= shell_input_line_len) ++ return '\0'; /* XXX */ ++ return (shell_input_line + shell_input_line_index); ++ } ++ + #ifdef INCLUDE_UNUSED + /* Back the input pointer up by one, effectively `ungetting' a character. */ +*************** +*** 3809,3814 **** + restore_parser_state (&ps); + reset_parser (); +! if (interactive) +! token_to_read = 0; + + /* Need to find how many characters parse_and_execute consumed, update +--- 3819,3824 ---- + restore_parser_state (&ps); + reset_parser (); +! +! token_to_read = 0; + + /* Need to find how many characters parse_and_execute consumed, update +*** ../bash-4.1.16/shell.h 2009-08-14 16:32:52.000000000 -0400 +--- shell.h 2014-10-04 15:08:26.000000000 -0400 +*************** +*** 164,167 **** +--- 164,169 ---- + + /* Let's try declaring these here. */ ++ extern char *parser_remaining_input __P((void)); ++ + extern sh_parser_state_t *save_parser_state __P((sh_parser_state_t *)); + extern void restore_parser_state __P((sh_parser_state_t *)); +*** ../bash-4.1-patched/patchlevel.h 2009-10-01 16:39:22.000000000 -0400 +--- patchlevel.h 2010-01-14 09:38:08.000000000 -0500 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 16 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 17 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash.CVE-2016-0634.bash43-047 b/patches/source/bash/bash.CVE-2016-0634.bash43-047 new file mode 100644 index 00000000..316e3afc --- /dev/null +++ b/patches/source/bash/bash.CVE-2016-0634.bash43-047 @@ -0,0 +1,150 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.3 +Patch-ID: bash43-047 + +Bug-Reported-by: Bernd Dietzel +Bug-Reference-ID: +Bug-Reference-URL: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1507025 + +Bug-Description: + +Bash performs word expansions on the prompt strings after the special +escape sequences are expanded. If a malicious user can modify the system +hostname or change the name of the bash executable and coerce a user into +executing it, and the new name contains word expansions (including +command substitution), bash will expand them in prompt strings containing +the \h or \H and \s escape sequences, respectively. + +Patch (apply with `patch -p0'): + +*** ../bash-4.3-patched/parse.y 2015-08-13 15:11:54.000000000 -0400 +--- parse.y 2016-03-07 15:44:14.000000000 -0500 +*************** +*** 5259,5263 **** + int result_size, result_index; + int c, n, i; +! char *temp, octal_string[4]; + struct tm *tm; + time_t the_time; +--- 5259,5263 ---- + int result_size, result_index; + int c, n, i; +! char *temp, *t_host, octal_string[4]; + struct tm *tm; + time_t the_time; +*************** +*** 5407,5411 **** + case 's': + temp = base_pathname (shell_name); +! temp = savestring (temp); + goto add_string; + +--- 5407,5415 ---- + case 's': + temp = base_pathname (shell_name); +! /* Try to quote anything the user can set in the file system */ +! if (promptvars || posixly_correct) +! temp = sh_backslash_quote_for_double_quotes (temp); +! else +! temp = savestring (temp); + goto add_string; + +*************** +*** 5497,5503 **** + case 'h': + case 'H': +! temp = savestring (current_host_name); +! if (c == 'h' && (t = (char *)strchr (temp, '.'))) + *t = '\0'; + goto add_string; + +--- 5501,5515 ---- + case 'h': + case 'H': +! t_host = savestring (current_host_name); +! if (c == 'h' && (t = (char *)strchr (t_host, '.'))) + *t = '\0'; ++ if (promptvars || posixly_correct) ++ /* Make sure that expand_prompt_string is called with a ++ second argument of Q_DOUBLE_QUOTES if we use this ++ function here. */ ++ temp = sh_backslash_quote_for_double_quotes (t_host); ++ else ++ temp = savestring (t_host); ++ free (t_host); + goto add_string; + +*** ../bash-4.3-patched/y.tab.c 2015-08-13 15:11:54.000000000 -0400 +--- y.tab.c 2016-03-07 15:44:14.000000000 -0500 +*************** +*** 7571,7575 **** + int result_size, result_index; + int c, n, i; +! char *temp, octal_string[4]; + struct tm *tm; + time_t the_time; +--- 7571,7575 ---- + int result_size, result_index; + int c, n, i; +! char *temp, *t_host, octal_string[4]; + struct tm *tm; + time_t the_time; +*************** +*** 7719,7723 **** + case 's': + temp = base_pathname (shell_name); +! temp = savestring (temp); + goto add_string; + +--- 7719,7727 ---- + case 's': + temp = base_pathname (shell_name); +! /* Try to quote anything the user can set in the file system */ +! if (promptvars || posixly_correct) +! temp = sh_backslash_quote_for_double_quotes (temp); +! else +! temp = savestring (temp); + goto add_string; + +*************** +*** 7809,7815 **** + case 'h': + case 'H': +! temp = savestring (current_host_name); +! if (c == 'h' && (t = (char *)strchr (temp, '.'))) + *t = '\0'; + goto add_string; + +--- 7813,7827 ---- + case 'h': + case 'H': +! t_host = savestring (current_host_name); +! if (c == 'h' && (t = (char *)strchr (t_host, '.'))) + *t = '\0'; ++ if (promptvars || posixly_correct) ++ /* Make sure that expand_prompt_string is called with a ++ second argument of Q_DOUBLE_QUOTES if we use this ++ function here. */ ++ temp = sh_backslash_quote_for_double_quotes (t_host); ++ else ++ temp = savestring (t_host); ++ free (t_host); + goto add_string; + +*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 +--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 46 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 47 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash.CVE-2016-7543.bash43-048 b/patches/source/bash/bash.CVE-2016-7543.bash43-048 new file mode 100644 index 00000000..6a8588ec --- /dev/null +++ b/patches/source/bash/bash.CVE-2016-7543.bash43-048 @@ -0,0 +1,54 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 4.3 +Patch-ID: bash43-048 + +Bug-Reported-by: up201407890@alunos.dcc.fc.up.pt +Bug-Reference-ID: <20151210201649.126444eionzfsam8@webmail.alunos.dcc.fc.up.pt> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2015-12/msg00054.html + +Bug-Description: + +If a malicious user can inject a value of $SHELLOPTS containing `xtrace' +and a value for $PS4 that includes a command substitution into a shell +running as root, bash will expand the command substitution as part of +expanding $PS4 when it executes a traced command. + +Patch (apply with `patch -p0'): + +*** ../bash-4.3-patched/variables.c 2015-11-26 12:31:21.000000000 -0500 +--- variables.c 2015-12-23 10:19:01.000000000 -0500 +*************** +*** 496,500 **** + set_if_not ("PS2", secondary_prompt); + } +! set_if_not ("PS4", "+ "); + + /* Don't allow IFS to be imported from the environment. */ +--- 496,504 ---- + set_if_not ("PS2", secondary_prompt); + } +! +! if (current_user.euid == 0) +! bind_variable ("PS4", "+ ", 0); +! else +! set_if_not ("PS4", "+ "); + + /* Don't allow IFS to be imported from the environment. */ + +*** ../bash-4.3/patchlevel.h 2012-12-29 10:47:57.000000000 -0500 +--- patchlevel.h 2014-03-20 20:01:28.000000000 -0400 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 47 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 48 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/bash.SlackBuild b/patches/source/bash/bash.SlackBuild new file mode 100755 index 00000000..513d27f9 --- /dev/null +++ b/patches/source/bash/bash.SlackBuild @@ -0,0 +1,155 @@ +#!/bin/sh + +# Copyright 2005-2017 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# Set initial variables: +CWD=`pwd` +if [ "$TMP" = "" ]; then + TMP=/tmp +fi +PKG=$TMP/package-bash + +VERSION=${VERSION:-$(echo bash-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +if [ ! -d $TMP ]; then + mkdir -p $TMP # location to build the source +fi +rm -rf $PKG +mkdir -p $PKG + +# Determine bash patchlevel: +PATCHLEVEL="$( cd $CWD/bash-${VERSION}-patches ; /bin/ls bash4?-??? | tail -1 | cut -f 2 -d - 2> /dev/null )" +if [ "$PATCHLEVEL" = "" ]; then + PATCHLEVEL=0 +fi + +cd $TMP +rm -rf bash-$VERSION +tar xvf $CWD/bash-$VERSION.tar.?z* || exit 1 +cd bash-$VERSION || exit 1 +chown -R root:root . +find . -perm 664 | xargs chmod 644 +find . -perm 775 | xargs chmod 755 + +if [ -d $CWD/bash-${VERSION}-patches ]; then + ( cd $CWD/bash-${VERSION}-patches ; cat bash4?-??? ) | patch -p0 --verbose || exit 1 +fi + +# Patch security issues with upstream patches for bash-4.3. +# Don't worry about the patch rejections in patchlevel.h here. +zcat $CWD/bash.CVE-2016-0634.bash43-047.gz | patch -p0 --verbose +zcat $CWD/bash.CVE-2016-7543.bash43-048.gz | patch -p0 --verbose + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --build=$ARCH-slackware-linux +make -j4 || make || exit 1 +make install DESTDIR=$PKG +mv $PKG/usr/share/doc $PKG/usr +mkdir -p $PKG/bin +mv $PKG/usr/bin/bash $PKG/bin/bash4.new +# We don't include the "bashbug" script. +rm -rf $PKG/usr/bin $PKG/usr/man/man1/bashbug.1 + +# Strip binaries: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# bash.1 is already installed by "make install" +( cd doc + for page in builtins.1 rbash.1 ; do + cat $page | gzip -9c > $PKG/usr/man/man1/$page.gz + done +) + +# Compress info files, if any: +if [ -d $PKG/usr/info ]; then + ( cd $PKG/usr/info + rm -f dir + gzip -9 * + ) +fi + +mkdir -p $PKG/usr/doc/bash-$VERSION +cp -a AUTHORS CHANGES COMPAT COPYING INSTALL MANIFEST NEWS NOTES \ + README Y2K doc/FAQ doc/INTRO \ + $PKG/usr/doc/bash-$VERSION +( cd doc ; groff -ms -Tascii article.ms > $PKG/usr/doc/bash-$VERSION/article.txt ) + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +makepkg -l y -c n $TMP/bash-$VERSION.$PATCHLEVEL-$ARCH-$BUILD.txz + diff --git a/patches/source/bash/doinst.sh b/patches/source/bash/doinst.sh new file mode 100644 index 00000000..867958fb --- /dev/null +++ b/patches/source/bash/doinst.sh @@ -0,0 +1,18 @@ +if [ -r bin/bash ]; then + mv bin/bash bin/bash.old +fi +mv bin/bash4.new bin/bash +if [ -f bin/bash.old ]; then + rm -f bin/bash.old +fi +if [ ! -r etc/shells ]; then + touch etc/shells + chmod 644 etc/shells +fi +if grep -wq /bin/bash etc/shells ; then + true +else + echo /bin/bash >> etc/shells +fi +( cd usr/bin ; rm -rf bash ) +( cd usr/bin ; ln -sf /bin/bash bash ) diff --git a/patches/source/bash/slack-desc b/patches/source/bash/slack-desc new file mode 100644 index 00000000..f2fdb929 --- /dev/null +++ b/patches/source/bash/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +bash: bash (sh-compatible shell) +bash: +bash: The GNU Bourne-Again SHell. Bash is a sh-compatible command +bash: interpreter that executes commands read from the standard input or +bash: from a file. Bash also incorporates useful features from the Korn +bash: and C shells (ksh and csh). Bash is ultimately intended to be a +bash: conformant implementation of the IEEE Posix Shell and Tools +bash: specification (IEEE Working Group 1003.2). +bash: +bash: Bash must be present for the system to boot properly. +bash: diff --git a/patches/source/bind/3link.sh b/patches/source/bind/3link.sh new file mode 100644 index 00000000..ec8ba4d1 --- /dev/null +++ b/patches/source/bind/3link.sh @@ -0,0 +1,136 @@ +rm -f lwres_addr_parse.3 +ln -sf lwres_resutil.3 lwres_addr_parse.3 +rm -f lwres_buffer_add.3 +ln -sf lwres_buffer.3 lwres_buffer_add.3 +rm -f lwres_buffer_back.3 +ln -sf lwres_buffer.3 lwres_buffer_back.3 +rm -f lwres_buffer_clear.3 +ln -sf lwres_buffer.3 lwres_buffer_clear.3 +rm -f lwres_buffer_first.3 +ln -sf lwres_buffer.3 lwres_buffer_first.3 +rm -f lwres_buffer_forward.3 +ln -sf lwres_buffer.3 lwres_buffer_forward.3 +rm -f lwres_buffer_getmem.3 +ln -sf lwres_buffer.3 lwres_buffer_getmem.3 +rm -f lwres_buffer_getuint16.3 +ln -sf lwres_buffer.3 lwres_buffer_getuint16.3 +rm -f lwres_buffer_getuint32.3 +ln -sf lwres_buffer.3 lwres_buffer_getuint32.3 +rm -f lwres_buffer_getuint8.3 +ln -sf lwres_buffer.3 lwres_buffer_getuint8.3 +rm -f lwres_buffer_init.3 +ln -sf lwres_buffer.3 lwres_buffer_init.3 +rm -f lwres_buffer_invalidate.3 +ln -sf lwres_buffer.3 lwres_buffer_invalidate.3 +rm -f lwres_buffer_putmem.3 +ln -sf lwres_buffer.3 lwres_buffer_putmem.3 +rm -f lwres_buffer_putuint16.3 +ln -sf lwres_buffer.3 lwres_buffer_putuint16.3 +rm -f lwres_buffer_putuint32.3 +ln -sf lwres_buffer.3 lwres_buffer_putuint32.3 +rm -f lwres_buffer_putuint8.3 +ln -sf lwres_buffer.3 lwres_buffer_putuint8.3 +rm -f lwres_buffer_subtract.3 +ln -sf lwres_buffer.3 lwres_buffer_subtract.3 +rm -f lwres_conf_clear.3 +ln -sf lwres_config.3 lwres_conf_clear.3 +rm -f lwres_conf_get.3 +ln -sf lwres_config.3 lwres_conf_get.3 +rm -f lwres_conf_init.3 +ln -sf lwres_config.3 lwres_conf_init.3 +rm -f lwres_conf_parse.3 +ln -sf lwres_config.3 lwres_conf_parse.3 +rm -f lwres_conf_print.3 +ln -sf lwres_config.3 lwres_conf_print.3 +rm -f lwres_context_allocmem.3 +ln -sf lwres_context.3 lwres_context_allocmem.3 +rm -f lwres_context_create.3 +ln -sf lwres_context.3 lwres_context_create.3 +rm -f lwres_context_destroy.3 +ln -sf lwres_context.3 lwres_context_destroy.3 +rm -f lwres_context_freemem.3 +ln -sf lwres_context.3 lwres_context_freemem.3 +rm -f lwres_context_initserial.3 +ln -sf lwres_context.3 lwres_context_initserial.3 +rm -f lwres_context_nextserial.3 +ln -sf lwres_context.3 lwres_context_nextserial.3 +rm -f lwres_context_sendrecv.3 +ln -sf lwres_context.3 lwres_context_sendrecv.3 +rm -f lwres_endhostent.3 +ln -sf lwres_gethostent.3 lwres_endhostent.3 +rm -f lwres_endhostent_r.3 +ln -sf lwres_gethostent.3 lwres_endhostent_r.3 +rm -f lwres_freeaddrinfo.3 +ln -sf lwres_getaddrinfo.3 lwres_freeaddrinfo.3 +rm -f lwres_freehostent.3 +ln -sf lwres_getipnode.3 lwres_freehostent.3 +rm -f lwres_gabnrequest_free.3 +ln -sf lwres_gabn.3 lwres_gabnrequest_free.3 +rm -f lwres_gabnrequest_parse.3 +ln -sf lwres_gabn.3 lwres_gabnrequest_parse.3 +rm -f lwres_gabnrequest_render.3 +ln -sf lwres_gabn.3 lwres_gabnrequest_render.3 +rm -f lwres_gabnresponse_free.3 +ln -sf lwres_gabn.3 lwres_gabnresponse_free.3 +rm -f lwres_gabnresponse_parse.3 +ln -sf lwres_gabn.3 lwres_gabnresponse_parse.3 +rm -f lwres_gabnresponse_render.3 +ln -sf lwres_gabn.3 lwres_gabnresponse_render.3 +rm -f lwres_getaddrsbyname.3 +ln -sf lwres_resutil.3 lwres_getaddrsbyname.3 +rm -f lwres_gethostbyaddr.3 +ln -sf lwres_gethostent.3 lwres_gethostbyaddr.3 +rm -f lwres_gethostbyaddr_r.3 +ln -sf lwres_gethostent.3 lwres_gethostbyaddr_r.3 +rm -f lwres_gethostbyname.3 +ln -sf lwres_gethostent.3 lwres_gethostbyname.3 +rm -f lwres_gethostbyname2.3 +ln -sf lwres_gethostent.3 lwres_gethostbyname2.3 +rm -f lwres_gethostbyname_r.3 +ln -sf lwres_gethostent.3 lwres_gethostbyname_r.3 +rm -f lwres_gethostent_r.3 +ln -sf lwres_gethostent.3 lwres_gethostent_r.3 +rm -f lwres_getipnodebyaddr.3 +ln -sf lwres_getipnode.3 lwres_getipnodebyaddr.3 +rm -f lwres_getipnodebyname.3 +ln -sf lwres_getipnode.3 lwres_getipnodebyname.3 +rm -f lwres_getnamebyaddr.3 +ln -sf lwres_resutil.3 lwres_getnamebyaddr.3 +rm -f lwres_gnbarequest_free.3 +ln -sf lwres_gnba.3 lwres_gnbarequest_free.3 +rm -f lwres_gnbarequest_parse.3 +ln -sf lwres_gnba.3 lwres_gnbarequest_parse.3 +rm -f lwres_gnbarequest_render.3 +ln -sf lwres_gnba.3 lwres_gnbarequest_render.3 +rm -f lwres_gnbaresponse_free.3 +ln -sf lwres_gnba.3 lwres_gnbaresponse_free.3 +rm -f lwres_gnbaresponse_parse.3 +ln -sf lwres_gnba.3 lwres_gnbaresponse_parse.3 +rm -f lwres_gnbaresponse_render.3 +ln -sf lwres_gnba.3 lwres_gnbaresponse_render.3 +rm -f lwres_herror.3 +ln -sf lwres_hstrerror.3 lwres_herror.3 +rm -f lwres_lwpacket_parseheader.3 +ln -sf lwres_packet.3 lwres_lwpacket_parseheader.3 +rm -f lwres_lwpacket_renderheader.3 +ln -sf lwres_packet.3 lwres_lwpacket_renderheader.3 +rm -f lwres_net_ntop.3 +ln -sf lwres_inetntop.3 lwres_net_ntop.3 +rm -f lwres_nooprequest_free.3 +ln -sf lwres_noop.3 lwres_nooprequest_free.3 +rm -f lwres_nooprequest_parse.3 +ln -sf lwres_noop.3 lwres_nooprequest_parse.3 +rm -f lwres_nooprequest_render.3 +ln -sf lwres_noop.3 lwres_nooprequest_render.3 +rm -f lwres_noopresponse_free.3 +ln -sf lwres_noop.3 lwres_noopresponse_free.3 +rm -f lwres_noopresponse_parse.3 +ln -sf lwres_noop.3 lwres_noopresponse_parse.3 +rm -f lwres_noopresponse_render.3 +ln -sf lwres_noop.3 lwres_noopresponse_render.3 +rm -f lwres_sethostent.3 +ln -sf lwres_gethostent.3 lwres_sethostent.3 +rm -f lwres_sethostent_r.3 +ln -sf lwres_gethostent.3 lwres_sethostent_r.3 +rm -f lwres_string_parse.3 +ln -sf lwres_resutil.3 lwres_string_parse.3 diff --git a/patches/source/bind/bind.SlackBuild b/patches/source/bind/bind.SlackBuild new file mode 100755 index 00000000..c6b81ec9 --- /dev/null +++ b/patches/source/bind/bind.SlackBuild @@ -0,0 +1,165 @@ +#!/bin/sh + +# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=bind +VERSION=${VERSION:-9.9.11-P1} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=/bind-$(mcookie) +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG/etc/default + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +cd $TMP +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.gz || exit 1 +cd ${PKGNAM}-$VERSION || exit 1 + +# Remove use of SO_BSDCOMPAT which has been obsolete since the 2.2.x kernel +# series, and generates warnings under 2.6.x kernels. This _might_ be fixed +# upstream already, but an explicit #undef SO_BSDCOMPAT does not hurt: +zcat $CWD/bind.so_bsdcompat.diff.gz | patch -p1 --verbose || exit + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Configure: +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --with-libtool \ + --mandir=/usr/man \ + --enable-shared \ + --disable-static \ + --enable-threads \ + --with-openssl=/usr \ + --build=$ARCH-slackware-linux || exit 1 + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# We like symlinks. +( cd $PKG/usr/sbin + ln -sf named lwresd +) + +# We like a lot of symlinks. +( cd $PKG/usr/man/man3 + sh $CWD/3link.sh +) + +# Install init script: +mkdir -p $PKG/etc/rc.d +cp -a $CWD/rc.bind $PKG/etc/rc.d/rc.bind.new +chmod 644 $PKG/etc/rc.d/rc.bind.new + +# Add /var/run/named directory: +mkdir -p $PKG/var/run/named + +# Fix library perms: +chmod 755 $PKG/usr/lib${LIBDIRSUFFIX}/* + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* 2> /dev/null + ) + done + ) +fi + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a \ + CHANGES COPYRIGHT FAQ* README* \ + doc/arm doc/misc \ + $PKG/usr/doc/${PKGNAM}-$VERSION + +# This one should have the correct perms of the config file: +chmod 644 $PKG/usr/doc/${PKGNAM}-$VERSION/misc/rndc.conf-sample + +# One format of this is plenty. Especially get rid of the bloated PDF. +( cd $PKG/usr/doc/bind-$VERSION/arm + rm -f Makefile* *.pdf *.xml README.SGML latex-fixup.pl +) + +# Add sample config files for a simple caching nameserver: +mkdir -p $PKG/var/named/caching-example +cat $CWD/caching-example/named.conf > $PKG/etc/named.conf.new +cat $CWD/caching-example/localhost.zone > $PKG/var/named/caching-example/localhost.zone +cat $CWD/caching-example/named.local > $PKG/var/named/caching-example/named.local +cat $CWD/caching-example/named.root > $PKG/var/named/caching-example/named.root +# This name is deprecated, but having it here doesn't hurt in case +# an old configuration file wants it: +cat $CWD/caching-example/named.root > $PKG/var/named/caching-example/named.ca + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$(echo $VERSION | tr - _)-$ARCH-$BUILD.txz + diff --git a/patches/source/bind/bind.so_bsdcompat.diff b/patches/source/bind/bind.so_bsdcompat.diff new file mode 100644 index 00000000..5d78031b --- /dev/null +++ b/patches/source/bind/bind.so_bsdcompat.diff @@ -0,0 +1,11 @@ +--- ./lib/isc/unix/socket.c.orig 2005-11-03 17:08:42.000000000 -0600 ++++ ./lib/isc/unix/socket.c 2006-02-18 13:09:15.000000000 -0600 +@@ -245,6 +245,8 @@ + + #define SOCK_DEAD(s) ((s)->references == 0) + ++#undef SO_BSDCOMPAT ++ + static void + manager_log(isc_socketmgr_t *sockmgr, + isc_logcategory_t *category, isc_logmodule_t *module, int level, diff --git a/patches/source/bind/caching-example/localhost.zone b/patches/source/bind/caching-example/localhost.zone new file mode 100644 index 00000000..c47baf5f --- /dev/null +++ b/patches/source/bind/caching-example/localhost.zone @@ -0,0 +1,11 @@ +$TTL 86400 +$ORIGIN localhost. +@ 1D IN SOA @ root ( + 42 ; serial (d. adams) + 3H ; refresh + 15M ; retry + 1W ; expiry + 1D ) ; minimum + + 1D IN NS @ + 1D IN A 127.0.0.1 diff --git a/patches/source/bind/caching-example/named.conf b/patches/source/bind/caching-example/named.conf new file mode 100644 index 00000000..a8ee2795 --- /dev/null +++ b/patches/source/bind/caching-example/named.conf @@ -0,0 +1,31 @@ +options { + directory "/var/named"; + /* + * If there is a firewall between you and nameservers you want + * to talk to, you might need to uncomment the query-source + * directive below. Previous versions of BIND always asked + * questions using port 53, but BIND 8.1 uses an unprivileged + * port by default. + */ + // query-source address * port 53; +}; + +// +// a caching only nameserver config +// +zone "." IN { + type hint; + file "caching-example/named.root"; +}; + +zone "localhost" IN { + type master; + file "caching-example/localhost.zone"; + allow-update { none; }; +}; + +zone "0.0.127.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; diff --git a/patches/source/bind/caching-example/named.local b/patches/source/bind/caching-example/named.local new file mode 100644 index 00000000..8f40bcf3 --- /dev/null +++ b/patches/source/bind/caching-example/named.local @@ -0,0 +1,10 @@ +$TTL 86400 +@ IN SOA localhost. root.localhost. ( + 2011032500 ; Serial + 28800 ; Refresh + 14400 ; Retry + 3600000 ; Expire + 86400 ) ; Minimum + IN NS localhost. + +1 IN PTR localhost. diff --git a/patches/source/bind/caching-example/named.root b/patches/source/bind/caching-example/named.root new file mode 100644 index 00000000..9cc20228 --- /dev/null +++ b/patches/source/bind/caching-example/named.root @@ -0,0 +1,90 @@ +; This file holds the information on root name servers needed to +; initialize cache of Internet domain name servers +; (e.g. reference this file in the "cache . <file>" +; configuration file of BIND domain name servers). +; +; This file is made available by InterNIC +; under anonymous FTP as +; file /domain/named.cache +; on server FTP.INTERNIC.NET +; -OR- RS.INTERNIC.NET +; +; last update: November 05, 2014 +; related version of root zone: 2014110501 +; +; formerly NS.INTERNIC.NET +; +. 3600000 NS A.ROOT-SERVERS.NET. +A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 +A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30 +; +; FORMERLY NS1.ISI.EDU +; +. 3600000 NS B.ROOT-SERVERS.NET. +B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 +B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::b +; +; FORMERLY C.PSI.NET +; +. 3600000 NS C.ROOT-SERVERS.NET. +C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 +C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c +; +; FORMERLY TERP.UMD.EDU +; +. 3600000 NS D.ROOT-SERVERS.NET. +D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 +D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d +; +; FORMERLY NS.NASA.GOV +; +. 3600000 NS E.ROOT-SERVERS.NET. +E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 +; +; FORMERLY NS.ISC.ORG +; +. 3600000 NS F.ROOT-SERVERS.NET. +F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 +F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f +; +; FORMERLY NS.NIC.DDN.MIL +; +. 3600000 NS G.ROOT-SERVERS.NET. +G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 +; +; FORMERLY AOS.ARL.ARMY.MIL +; +. 3600000 NS H.ROOT-SERVERS.NET. +H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 +H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803f:235 +; +; FORMERLY NIC.NORDU.NET +; +. 3600000 NS I.ROOT-SERVERS.NET. +I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 +I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53 +; +; OPERATED BY VERISIGN, INC. +; +. 3600000 NS J.ROOT-SERVERS.NET. +J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 +J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30 +; +; OPERATED BY RIPE NCC +; +. 3600000 NS K.ROOT-SERVERS.NET. +K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 +K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1 +; +; OPERATED BY ICANN +; +. 3600000 NS L.ROOT-SERVERS.NET. +L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42 +L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42 +; +; OPERATED BY WIDE +; +. 3600000 NS M.ROOT-SERVERS.NET. +M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 +M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35 +; End of file diff --git a/patches/source/bind/doinst.sh b/patches/source/bind/doinst.sh new file mode 100644 index 00000000..afeff946 --- /dev/null +++ b/patches/source/bind/doinst.sh @@ -0,0 +1,36 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +# Keep same perms on rc.bind.new: +if [ -e etc/rc.d/rc.bind ]; then + cp -a etc/rc.d/rc.bind etc/rc.d/rc.bind.new.incoming + cat etc/rc.d/rc.bind.new > etc/rc.d/rc.bind.new.incoming + mv etc/rc.d/rc.bind.new.incoming etc/rc.d/rc.bind.new +fi + +config etc/named.conf.new +config etc/rc.d/rc.bind.new + +# Add a /var/named if it doesn't exist: +if [ ! -d var/named ]; then + mkdir -p var/named + chmod 755 var/named +fi + +# Generate /etc/rndc.key if there's none there, +# and there also no /etc/rndc.conf (the other +# way to set this up). +if [ ! -r etc/rndc.key -a ! -r /etc/rndc.conf ]; then + chroot . /sbin/ldconfig + chroot . /usr/sbin/rndc-confgen -r /dev/urandom -a 2> /dev/null +fi diff --git a/patches/source/bind/rc.bind b/patches/source/bind/rc.bind new file mode 100644 index 00000000..6d77d73d --- /dev/null +++ b/patches/source/bind/rc.bind @@ -0,0 +1,112 @@ +#!/bin/sh +# Start/stop/restart the BIND name server daemon (named). + + +# Start bind. In the past it was more secure to run BIND as a non-root +# user (for example, with '-u daemon'), but the modern version of BIND +# knows how to use the kernel's capability mechanism to drop all root +# privileges except the ability to bind() to a privileged port and set +# process resource limits, so -u should not be needed. If you wish to +# use it anyway, chown the /var/run/named and /var/named directories to +# the non-root user. The command options can be set like this in +# /etc/default/named : +# NAMED_OPTIONS="-u daemon" +# So you will not have to edit this script. + +# You might also consider running BIND in a "chroot jail", +# a discussion of which may be found in +# /usr/doc/Linux-HOWTOs/Chroot-BIND-HOWTO. + +# One last note: rndc has a lot of other nice features that it is not +# within the scope of this start/stop/restart script to support. +# For more details, see "man rndc" or just type "rndc" to see the options. + +# Load command defaults: +if [ -f /etc/default/named ] ; then . /etc/default/named ; fi +if [ -f /etc/default/rndc ] ; then . /etc/default/rndc ; fi + +# Sanity check. If /usr/sbin/named is missing then it +# doesn't make much sense to try to run this script: +if [ ! -x /usr/sbin/named ]; then + echo "/etc/rc.d/rc.bind: no /usr/sbin/named found (or not executable); cannot start." + exit 1 +fi + +# Start BIND. As many times as you like. ;-) +# Seriously, don't run "rc.bind start" if BIND is already +# running or you'll get more than one copy running. +bind_start() { + if [ -x /usr/sbin/named ]; then + echo "Starting BIND: /usr/sbin/named $NAMED_OPTIONS" + /usr/sbin/named $NAMED_OPTIONS + sleep 1 + fi + if ! ps axc | grep -q named ; then + echo "WARNING: named did not start." + echo "Attempting to start named again: /usr/sbin/named $NAMED_OPTIONS" + /usr/sbin/named $NAMED_OPTIONS + sleep 1 + if ps axc | grep -q named ; then + echo "SUCCESS: named started." + else + echo "FAILED: Sorry, a second attempt to start named has also failed." + echo "There may be a configuration error that needs fixing. Good luck!" + fi + fi +} + +# Stop all running copies of BIND (/usr/sbin/named): +bind_stop() { + echo "Stopping BIND: /usr/sbin/rndc $RDNC_OPTIONS stop" + /usr/sbin/rndc $RDNC_OPTIONS stop + # A problem with using "/usr/sbin/rndc stop" is that if you + # managed to get multiple copies of named running it will + # only stop one of them and then can't stop the others even + # if you run it again. So, after doing things the nice way + # we'll do them the old-fashioned way. If you don't like + # it you can comment it out, but unless you have a lot of + # other programs you run called "named" this is unlikely + # to have any ill effects: + sleep 1 + if ps axc | grep -q named ; then + echo "Using "killall named" on additional BIND processes..." + /bin/killall named 2> /dev/null + fi +} + +# Reload BIND: +bind_reload() { + /usr/sbin/rndc $RDNC_OPTIONS reload +} + +# Restart BIND: +bind_restart() { + bind_stop + bind_start +} + +# Get BIND status: +bind_status() { + /usr/sbin/rndc $RDNC_OPTIONS status +} + +case "$1" in +'start') + bind_start + ;; +'stop') + bind_stop + ;; +'reload') + bind_reload + ;; +'restart') + bind_restart + ;; +'status') + bind_status + ;; +*) + echo "usage $0 start|stop|reload|restart|status" +esac + diff --git a/patches/source/bind/slack-desc b/patches/source/bind/slack-desc new file mode 100644 index 00000000..9e9b15d1 --- /dev/null +++ b/patches/source/bind/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +bind: bind (DNS server and utilities) +bind: +bind: The named daemon and support utilities such as dig, host, and +bind: nslookup. Sample configuration files for running a simple caching +bind: nameserver are included. Documentation for advanced name server +bind: setup can be found in /usr/doc/bind-9.x.x/. +bind: +bind: +bind: +bind: +bind: diff --git a/patches/source/bluez/bluez.CVE-2017-1000251.diff b/patches/source/bluez/bluez.CVE-2017-1000251.diff new file mode 100644 index 00000000..8f820363 --- /dev/null +++ b/patches/source/bluez/bluez.CVE-2017-1000251.diff @@ -0,0 +1,27 @@ +From 9e009647b14e810e06626dde7f1bb9ea3c375d09 Mon Sep 17 00:00:00 2001 +From: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> +Date: Wed, 13 Sep 2017 10:01:40 +0300 +Subject: sdp: Fix Out-of-bounds heap read in service_search_attr_req function + +Check if there is enough data to continue otherwise return an error. +--- + src/sdpd-request.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/sdpd-request.c b/src/sdpd-request.c +index 1eefdce..318d044 100644 +--- a/src/sdpd-request.c ++++ b/src/sdpd-request.c +@@ -917,7 +917,7 @@ static int service_search_attr_req(sdp_req_t *req, sdp_buf_t *buf) + } else { + /* continuation State exists -> get from cache */ + sdp_buf_t *pCache = sdp_get_cached_rsp(cstate); +- if (pCache) { ++ if (pCache && cstate->cStateValue.maxBytesSent < pCache->data_size) { + uint16_t sent = MIN(max, pCache->data_size - cstate->cStateValue.maxBytesSent); + pResponse = pCache->data; + memcpy(buf->data, pResponse + cstate->cStateValue.maxBytesSent, sent); +-- +cgit v1.1 + + diff --git a/patches/source/bluez/bluez.SlackBuild b/patches/source/bluez/bluez.SlackBuild new file mode 100755 index 00000000..5367ad9f --- /dev/null +++ b/patches/source/bluez/bluez.SlackBuild @@ -0,0 +1,199 @@ +#!/bin/sh + +# Slackware build script for bluez-utils - http://www.bluez.org + +# Copyright 2009, 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=bluez +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/${PKGNAM}-${VERSION}.tar.?z* || exit 1 +cd $PKGNAM-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Fixup the dbus config file for our usage: +zcat $CWD/patches/bluez-dbus-config.patch.gz | patch -p1 --verbose || exit 1 + +# Use a wrapper to check rc.bluetooth mode before starting bluetoothd +zcat $CWD/patches/bluez-run_udev_helper.patch.gz | patch -p1 --verbose || exit 1 + +# Unbreak a Dell USB mouse +# https://bugzilla.novell.com/show_bug.cgi?id=522287 +# https://bugzilla.redhat.com/show_bug.cgi?id=517088 +zcat $CWD/patches/bluez-unbreak_dell_mouse.patch.gz | patch -p1 --verbose || exit 1 + +# Patch CVE-2017-1000251: +zcat $CWD/bluez.CVE-2017-1000251.diff.gz | patch -p1 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --localstatedir=/var \ + --enable-gstreamer \ + --enable-alsa \ + --enable-usb \ + --enable-netlink \ + --enable-tools\ + --enable-bccmd \ + --enable-hid2hci \ + --enable-dfutool \ + --enable-hidd \ + --enable-pand \ + --enable-dund \ + --enable-cups \ + --enable-service \ + --enable-udevrules \ + --enable-configfiles \ + --disable-silent-rules \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG + +# I'm don't think we need this, but I'll leave it commented just in case: +# http://bugs.archlinux.org/task/4930 +# The dbus-1 and bluetooth linkages are obvious, but I had to get the rt and +# pthread ones from the old bluez-utils (VERSION=3.36) tests/Makefile +#gcc $SLKCFLAGS $(pkg-config --cflags dbus-1) -DVERSION=3.36 \ +# -L$(pwd)/lib/.libs -ldbus-1 -lbluetooth -lpthread -lrt \ +# $CWD/passkey-agent.c -o $PKG/usr/bin/passkey-agent || exit 1 + +cp -a scripts/bluetooth_serial $PKG/lib/udev/bluetooth_serial || exit 1 +chmod 0755 $PKG/lib/udev/bluetooth_serial + +cat $CWD/config/bluetooth.sh > $PKG/lib/udev/bluetooth.sh +chmod 0755 $PKG/lib/udev/bluetooth.sh + +# SuSE says this is safe... :-) +mkdir -p $PKG/etc/modprobe.d +cat $CWD/config/bluetooth.modprobe > $PKG/etc/modprobe.d/bluetooth.conf + +mkdir -p $PKG/etc/bluetooth +cp -a audio/audio.conf $PKG/etc/bluetooth +cp -a input/input.conf $PKG/etc/bluetooth +cp -a network/network.conf $PKG/etc/bluetooth +cp -a serial/serial.conf $PKG/etc/bluetooth +cp -a tools/rfcomm.conf $PKG/etc/bluetooth +chmod 644 $PKG/etc/bluetooth/*.conf + +# Do not overwrite configuration +# Well, let the dbus file be overwritten, as it is not usually user-edited. +( cd $PKG + for file in \ + etc/alsa/bluetooth.conf \ + etc/bluetooth/audio.conf \ + etc/bluetooth/input.conf \ + etc/bluetooth/network.conf \ + etc/bluetooth/serial.conf \ + etc/bluetooth/rfcomm.conf \ + etc/bluetooth/main.conf \ + etc/modprobe.d/bluetooth.conf ; do + mv ${file} ${file}.new + done +) + +# Add an init script +mkdir -p $PKG/etc/rc.d +cat $CWD/config/rc.bluetooth > $PKG/etc/rc.d/rc.bluetooth.new + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + AUTHORS COPYING* INSTALL NEWS README* \ + $PKG/usr/doc/$PKGNAM-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/bluez/config/bluetooth.modprobe b/patches/source/bluez/config/bluetooth.modprobe new file mode 100644 index 00000000..3072d788 --- /dev/null +++ b/patches/source/bluez/config/bluetooth.modprobe @@ -0,0 +1,3 @@ +# use "reset=1" as default, since it should be safe for recent devices and +# solves all kind of problems. +options btusb reset=1 diff --git a/patches/source/bluez/config/bluetooth.sh b/patches/source/bluez/config/bluetooth.sh new file mode 100644 index 00000000..22034551 --- /dev/null +++ b/patches/source/bluez/config/bluetooth.sh @@ -0,0 +1,7 @@ +#!/bin/sh + +# Check whether /etc/rc.d/rc.bluetooth is executable before starting +# the bluetooth subsystem for hotplugged bluetooth devices +[ -x /etc/rc.d/rc.bluetooth ] && exec /usr/sbin/bluetoothd --udev +exit 0 + diff --git a/patches/source/bluez/config/rc.bluetooth b/patches/source/bluez/config/rc.bluetooth new file mode 100644 index 00000000..12540d83 --- /dev/null +++ b/patches/source/bluez/config/rc.bluetooth @@ -0,0 +1,30 @@ +#!/bin/sh + +bluez_start() { + # bluetoothd requires dbus, but dbus isn't started early enough during + # system boot, so we have to re-trigger the events now + udevadm trigger --subsystem-match=bluetooth --action=add +} + +bluez_stop() { + pkill -TERM bluetoothd 1>/dev/null 2>/dev/null +} + +case "$1" in + start) + bluez_start + ;; + stop) + bluez_stop + ;; + restart) + bluez_stop + sleep 1 + bluez_start + ;; + *) + printf "Usage: $N {start|stop|restart}\n" + exit 1 + ;; +esac + diff --git a/patches/source/bluez/doinst.sh b/patches/source/bluez/doinst.sh new file mode 100644 index 00000000..1711435e --- /dev/null +++ b/patches/source/bluez/doinst.sh @@ -0,0 +1,29 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +# Keep same perms on rc.bluetooth.new: +if [ -e etc/rc.d/rc.bluetooth ]; then + cp -a etc/rc.d/rc.bluetooth etc/rc.d/rc.bluetooth.new.incoming + cat etc/rc.d/rc.bluetooth.new > etc/rc.d/rc.bluetooth.new.incoming + mv etc/rc.d/rc.bluetooth.new.incoming etc/rc.d/rc.bluetooth.new +fi + +config etc/alsa/bluetooth.conf.new +config etc/rc.d/rc.bluetooth.new +config etc/bluetooth/audio.conf.new +config etc/bluetooth/input.conf.new +config etc/bluetooth/main.conf.new +config etc/bluetooth/network.conf.new +config etc/bluetooth/serial.conf.new +config etc/bluetooth/rfcomm.conf.new +config etc/modprobe.d/bluetooth.conf.new + diff --git a/patches/source/bluez/passkey-agent.c b/patches/source/bluez/passkey-agent.c new file mode 100644 index 00000000..8ac91d27 --- /dev/null +++ b/patches/source/bluez/passkey-agent.c @@ -0,0 +1,418 @@ +/* + * + * BlueZ - Bluetooth protocol stack for Linux + * + * Copyright (C) 2004-2008 Marcel Holtmann <marcel@holtmann.org> + * + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + * + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif + +#include <stdio.h> +#include <errno.h> +#include <unistd.h> +#include <stdlib.h> +#include <signal.h> +#include <getopt.h> +#include <string.h> + +#include <dbus/dbus.h> + +#define INTERFACE "org.bluez.Security" + +static char *passkey = NULL; +static char *address = NULL; + +static int do_reject = 0; + +static volatile sig_atomic_t __io_canceled = 0; +static volatile sig_atomic_t __io_terminated = 0; + +static void sig_term(int sig) +{ + __io_canceled = 1; +} + +static DBusHandlerResult agent_filter(DBusConnection *conn, + DBusMessage *msg, void *data) +{ + const char *name, *old, *new; + + if (!dbus_message_is_signal(msg, DBUS_INTERFACE_DBUS, "NameOwnerChanged")) + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; + + if (!dbus_message_get_args(msg, NULL, + DBUS_TYPE_STRING, &name, DBUS_TYPE_STRING, &old, + DBUS_TYPE_STRING, &new, DBUS_TYPE_INVALID)) { + fprintf(stderr, "Invalid arguments for NameOwnerChanged signal"); + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; + } + + if (!strcmp(name, "org.bluez") && *new == '\0') { + fprintf(stderr, "Passkey service has been terminated\n"); + __io_terminated = 1; + } + + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; +} + +static DBusHandlerResult request_message(DBusConnection *conn, + DBusMessage *msg, void *data) +{ + DBusMessage *reply; + const char *path, *address; + dbus_bool_t numeric; + + if (!passkey) + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; + + if (!dbus_message_get_args(msg, NULL, + DBUS_TYPE_STRING, &path, DBUS_TYPE_STRING, &address, + DBUS_TYPE_BOOLEAN, &numeric, DBUS_TYPE_INVALID)) { + fprintf(stderr, "Invalid arguments for passkey Request method"); + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; + } + + if (do_reject) { + reply = dbus_message_new_error(msg, + "org.bluez.Error.Rejected", ""); + goto send; + } + + reply = dbus_message_new_method_return(msg); + if (!reply) { + fprintf(stderr, "Can't create reply message\n"); + return DBUS_HANDLER_RESULT_NEED_MEMORY; + } + + printf("Passkey request for device %s\n", address); + + dbus_message_append_args(reply, DBUS_TYPE_STRING, &passkey, + DBUS_TYPE_INVALID); + +send: + dbus_connection_send(conn, reply, NULL); + + dbus_connection_flush(conn); + + dbus_message_unref(reply); + + return DBUS_HANDLER_RESULT_HANDLED; +} + +static DBusHandlerResult cancel_message(DBusConnection *conn, + DBusMessage *msg, void *data) +{ + DBusMessage *reply; + const char *path, *address; + + if (!dbus_message_get_args(msg, NULL, + DBUS_TYPE_STRING, &path, DBUS_TYPE_STRING, &address, + DBUS_TYPE_INVALID)) { + fprintf(stderr, "Invalid arguments for passkey Confirm method"); + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; + } + + printf("Request canceled for device %s\n", address); + + reply = dbus_message_new_method_return(msg); + if (!reply) { + fprintf(stderr, "Can't create reply message\n"); + return DBUS_HANDLER_RESULT_NEED_MEMORY; + } + + dbus_connection_send(conn, reply, NULL); + + dbus_connection_flush(conn); + + dbus_message_unref(reply); + + return DBUS_HANDLER_RESULT_HANDLED; +} + +static DBusHandlerResult release_message(DBusConnection *conn, + DBusMessage *msg, void *data) +{ + DBusMessage *reply; + + if (!dbus_message_get_args(msg, NULL, DBUS_TYPE_INVALID)) { + fprintf(stderr, "Invalid arguments for passkey Release method"); + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; + } + + if (!__io_canceled) + fprintf(stderr, "Passkey service has been released\n"); + + __io_terminated = 1; + + reply = dbus_message_new_method_return(msg); + if (!reply) { + fprintf(stderr, "Can't create reply message\n"); + return DBUS_HANDLER_RESULT_NEED_MEMORY; + } + + dbus_connection_send(conn, reply, NULL); + + dbus_connection_flush(conn); + + dbus_message_unref(reply); + + return DBUS_HANDLER_RESULT_HANDLED; +} + +static DBusHandlerResult agent_message(DBusConnection *conn, + DBusMessage *msg, void *data) +{ + if (dbus_message_is_method_call(msg, "org.bluez.PasskeyAgent", "Request")) + return request_message(conn, msg, data); + + if (dbus_message_is_method_call(msg, "org.bluez.PasskeyAgent", "Cancel")) + return cancel_message(conn, msg, data); + + if (dbus_message_is_method_call(msg, "org.bluez.PasskeyAgent", "Release")) + return release_message(conn, msg, data); + + return DBUS_HANDLER_RESULT_NOT_YET_HANDLED; +} + +static const DBusObjectPathVTable agent_table = { + .message_function = agent_message, +}; + +static int register_agent(DBusConnection *conn, const char *agent_path, + const char *remote_address, int use_default) +{ + DBusMessage *msg, *reply; + DBusError err; + const char *path, *method, *address = remote_address; + + if (!dbus_connection_register_object_path(conn, agent_path, + &agent_table, NULL)) { + fprintf(stderr, "Can't register object path for agent\n"); + return -1; + } + + if (use_default) { + path = "/org/bluez"; + method = "RegisterDefaultPasskeyAgent"; + } else { + path = "/org/bluez/hci0"; + method = "RegisterPasskeyAgent"; + } + + msg = dbus_message_new_method_call("org.bluez", path, INTERFACE, method); + if (!msg) { + fprintf(stderr, "Can't allocate new method call\n"); + return -1; + } + + if (use_default) + dbus_message_append_args(msg, DBUS_TYPE_STRING, &agent_path, + DBUS_TYPE_INVALID); + else + dbus_message_append_args(msg, DBUS_TYPE_STRING, &agent_path, + DBUS_TYPE_STRING, &address, DBUS_TYPE_INVALID); + + dbus_error_init(&err); + + reply = dbus_connection_send_with_reply_and_block(conn, msg, -1, &err); + + dbus_message_unref(msg); + + if (!reply) { + fprintf(stderr, "Can't register passkey agent\n"); + if (dbus_error_is_set(&err)) { + fprintf(stderr, "%s\n", err.message); + dbus_error_free(&err); + } + return -1; + } + + dbus_message_unref(reply); + + dbus_connection_flush(conn); + + return 0; +} + +static int unregister_agent(DBusConnection *conn, const char *agent_path, + const char *remote_address, int use_default) +{ + DBusMessage *msg, *reply; + DBusError err; + const char *path, *method, *address = remote_address; + + if (use_default) { + path = "/org/bluez"; + method = "UnregisterDefaultPasskeyAgent"; + } else { + path = "/org/bluez/hci0"; + method = "UnregisterPasskeyAgent"; + } + + msg = dbus_message_new_method_call("org.bluez", path, INTERFACE, method); + if (!msg) { + fprintf(stderr, "Can't allocate new method call\n"); + dbus_connection_unref(conn); + exit(1); + } + + if (use_default) + dbus_message_append_args(msg, DBUS_TYPE_STRING, &agent_path, + DBUS_TYPE_INVALID); + else + dbus_message_append_args(msg, DBUS_TYPE_STRING, &agent_path, + DBUS_TYPE_STRING, &address, DBUS_TYPE_INVALID); + + dbus_error_init(&err); + + reply = dbus_connection_send_with_reply_and_block(conn, msg, -1, &err); + + dbus_message_unref(msg); + + if (!reply) { + fprintf(stderr, "Can't unregister passkey agent\n"); + if (dbus_error_is_set(&err)) { + fprintf(stderr, "%s\n", err.message); + dbus_error_free(&err); + } + return -1; + } + + dbus_message_unref(reply); + + dbus_connection_flush(conn); + + dbus_connection_unregister_object_path(conn, agent_path); + + return 0; +} + +static void usage(void) +{ + printf("Bluetooth passkey agent ver %s\n\n", VERSION); + + printf("Usage:\n" + "\tpasskey-agent [--default] [--path agent-path] <passkey> [address]\n" + "\n"); +} + +static struct option main_options[] = { + { "default", 0, 0, 'd' }, + { "reject", 0, 0, 'r' }, + { "path", 1, 0, 'p' }, + { "help", 0, 0, 'h' }, + { 0, 0, 0, 0 } +}; + +int main(int argc, char *argv[]) +{ + struct sigaction sa; + DBusConnection *conn; + char match_string[128], default_path[128], *agent_path = NULL; + int opt, use_default = 0; + + snprintf(default_path, sizeof(default_path), + "/org/bluez/passkey_agent_%d", getpid()); + + while ((opt = getopt_long(argc, argv, "+dp:h", main_options, NULL)) != EOF) { + switch(opt) { + case 'd': + use_default = 1; + break; + case 'r': + do_reject = 1; + break; + case 'p': + if (optarg[0] != '/') { + fprintf(stderr, "Invalid path\n"); + exit(1); + } + agent_path = strdup(optarg); + break; + case 'h': + usage(); + exit(0); + default: + exit(1); + } + } + + argc -= optind; + argv += optind; + optind = 0; + + if (argc < 1) { + usage(); + exit(1); + } + + passkey = strdup(argv[0]); + address = (argc > 1) ? strdup(argv[1]) : NULL; + + if (!use_default && !address) { + usage(); + exit(1); + } + + if (!agent_path) + agent_path = strdup(default_path); + + conn = dbus_bus_get(DBUS_BUS_SYSTEM, NULL); + if (!conn) { + fprintf(stderr, "Can't get on system bus"); + exit(1); + } + + if (register_agent(conn, agent_path, address, use_default) < 0) { + dbus_connection_unref(conn); + exit(1); + } + + if (!dbus_connection_add_filter(conn, agent_filter, NULL, NULL)) + fprintf(stderr, "Can't add signal filter"); + + snprintf(match_string, sizeof(match_string), + "interface=%s,member=NameOwnerChanged,arg0=%s", + DBUS_INTERFACE_DBUS, "org.bluez"); + + dbus_bus_add_match(conn, match_string, NULL); + + memset(&sa, 0, sizeof(sa)); + sa.sa_flags = SA_NOCLDSTOP; + sa.sa_handler = sig_term; + sigaction(SIGTERM, &sa, NULL); + sigaction(SIGINT, &sa, NULL); + + while (!__io_canceled && !__io_terminated) { + if (dbus_connection_read_write_dispatch(conn, 500) != TRUE) + break; + } + + if (!__io_terminated) + unregister_agent(conn, agent_path, address, use_default); + + if (passkey) + free(passkey); + + dbus_connection_unref(conn); + + return 0; +} diff --git a/patches/source/bluez/patches/bluez-dbus-config.patch b/patches/source/bluez/patches/bluez-dbus-config.patch new file mode 100644 index 00000000..4160600a --- /dev/null +++ b/patches/source/bluez/patches/bluez-dbus-config.patch @@ -0,0 +1,25 @@ +Use the plugdev group for bluetooth on Slackware, and allow this to + work as expected with our current setup. + +diff -Nur bluez-4.61.orig//src/bluetooth.conf bluez-4.61/src/bluetooth.conf +--- bluez-4.61.orig//src/bluetooth.conf 2010-02-18 17:48:50.434527785 -0600 ++++ bluez-4.61/src/bluetooth.conf 2010-02-18 17:47:30.727431004 -0600 +@@ -11,11 +11,16 @@ + <allow own="org.bluez"/> + <allow send_destination="org.bluez"/> + <allow send_interface="org.bluez.Agent"/> ++ <allow send_interface="org.bluez.Adapter"/> + <allow send_interface="org.bluez.HandsfreeAgent"/> + </policy> + +- <policy at_console="true"> +- <allow send_destination="org.bluez"/> ++ <policy group="plugdev"> ++ <allow send_destination="org.bluez"/> ++ <allow send_interface="org.bluez.Agent"/> ++ <allow send_interface="org.bluez.Adapter"/> ++ <allow send_destination="org.bluez" ++ send_interface="org.freedesktop.DBus.Introspectable"/> + </policy> + + <!-- allow users of lp group (printing subsystem) to diff --git a/patches/source/bluez/patches/bluez-run_udev_helper.patch b/patches/source/bluez/patches/bluez-run_udev_helper.patch new file mode 100644 index 00000000..18860745 --- /dev/null +++ b/patches/source/bluez/patches/bluez-run_udev_helper.patch @@ -0,0 +1,12 @@ +Instead of automatically starting the bluetooth subsystem when devices + are added, let's invoke a wrapper script in /lib/udev and have that + wrapper check whether /etc/rc.d/rc.bluetooth is executable first. + +diff -Nur bluez-4.59.orig/scripts/bluetooth.rules.in bluez-4.59/scripts/bluetooth.rules.in +--- bluez-4.59.orig/scripts/bluetooth.rules.in 2009-07-06 15:21:40.000000000 -0500 ++++ bluez-4.59/scripts/bluetooth.rules.in 2009-12-30 11:50:37.069164823 -0600 +@@ -1,3 +1,3 @@ + # Run helper every time a Bluetooth device appears + # On remove actions, bluetoothd should go away by itself +-ACTION=="add", SUBSYSTEM=="bluetooth", RUN+="@prefix@/sbin/bluetoothd --udev" ++ACTION=="add", SUBSYSTEM=="bluetooth", RUN+="/lib/udev/bluetooth.sh" diff --git a/patches/source/bluez/patches/bluez-unbreak_dell_mouse.patch b/patches/source/bluez/patches/bluez-unbreak_dell_mouse.patch new file mode 100644 index 00000000..ec0b4a96 --- /dev/null +++ b/patches/source/bluez/patches/bluez-unbreak_dell_mouse.patch @@ -0,0 +1,14 @@ +One of the Dell USB mice gets broken by this rule, so we'll unbreak it. + +diff -Nur bluez-4.59.orig/scripts/bluetooth-hid2hci.rules bluez-4.59/scripts/bluetooth-hid2hci.rules +--- bluez-4.59.orig/scripts/bluetooth-hid2hci.rules 2009-05-19 04:04:10.000000000 -0500 ++++ bluez-4.59/scripts/bluetooth-hid2hci.rules 2009-12-30 12:34:14.165164370 -0600 +@@ -8,7 +8,7 @@ + # 413c:8154 + # 413c:8158 + # 413c:8162 +-ACTION=="add", ENV{ID_VENDOR}=="413c", ENV{ID_CLASS}=="mouse", ATTRS{bmAttributes}=="e0", KERNEL=="mouse*", RUN+="/usr/sbin/hid2hci --method dell -v $env{ID_VENDOR} -p $env{ID_MODEL} --mode hci" ++# ACTION=="add", ENV{ID_VENDOR}=="413c", ENV{ID_CLASS}=="mouse", ATTRS{bmAttributes}=="e0", KERNEL=="mouse*", RUN+="/usr/sbin/hid2hci --method dell -v $env{ID_VENDOR} -p $env{ID_MODEL} --mode hci" + + # Logitech devices + ACTION=="add", ENV{ID_VENDOR}=="046d", ENV{ID_MODEL}=="c703" RUN+="/usr/sbin/hid2hci --method logitech -v $env{ID_VENDOR} -p $env{ID_MODEL} --mode hci" diff --git a/patches/source/bluez/slack-desc b/patches/source/bluez/slack-desc new file mode 100644 index 00000000..607fa4d9 --- /dev/null +++ b/patches/source/bluez/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +bluez: bluez (Bluetooth libraries and utilities) +bluez: +bluez: Bluez is the Bluetooth stack for Linux, allowing Bluetooth adaptors +bluez: and devices to be used with Linux. This package contains the Bluez +bluez: libraries, utilities, and other support files. +bluez: +bluez: For more info, visit: http://www.bluez.org +bluez: +bluez: +bluez: +bluez: diff --git a/patches/source/bzip2/bzip2.SlackBuild b/patches/source/bzip2/bzip2.SlackBuild new file mode 100755 index 00000000..77f0e5f7 --- /dev/null +++ b/patches/source/bzip2/bzip2.SlackBuild @@ -0,0 +1,121 @@ +#!/bin/sh + +# Copyright 2005-2009, 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=bzip2 +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +SOLIB=1.0.6 +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-bzip2 + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf bzip2-$VERSION +tar xzvf $CWD/bzip2-$VERSION.tar.gz || exit 1 +cd bzip2-$VERSION || exit 1 +chown -R root:root . +# This should be ok, since libbz2.so.1.0 will still exist. +zcat $CWD/bzip2.saneso.diff.gz | patch -p1 || exit +make -f Makefile-libbz2_so || exit 1 +make -j3 || make || exit 1 +mkdir -p $PKG/usr/include +cp -a bzlib.h $PKG/usr/include +chown root:root $PKG/usr/include/bzlib.h +chmod 644 $PKG/usr/include/bzlib.h +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX} +cp -a libbz2.a $PKG/usr/lib${LIBDIRSUFFIX}/libbz2.a +mkdir -p $PKG/lib${LIBDIRSUFFIX} +cp -a libbz2.so.$SOLIB $PKG/lib${LIBDIRSUFFIX}/libbz2.so.$SOLIB +chmod 644 $PKG/usr/lib${LIBDIRSUFFIX}/libbz2.a +chmod 755 $PKG/lib${LIBDIRSUFFIX}/libbz2.so.$SOLIB +mkdir -p $PKG/bin +cat bzip2-shared > $PKG/bin/bzip2 +cat bzip2recover > $PKG/bin/bzip2recover +mkdir -p $PKG/usr/man/man1 +cat bzip2.1 | gzip -9c > $PKG/usr/man/man1/bzip2.1.gz +echo '.so man1/bzip2.1' | gzip -9c > $PKG/usr/man/man1/bzip2recover.1.gz +mkdir -p $PKG/usr/doc/bzip2-$VERSION +cp -a CHANGES LICENSE README* \ + bzip2.txt *.html $PKG/usr/doc/bzip2-$VERSION +chmod 644 $PKG/usr/doc/bzip2-$VERSION/* +# Link up them links +( cd $PKG + ( cd lib${LIBDIRSUFFIX} + rm -f libbz2.so.1.0 libbz2.so.1 + ln -sf libbz2.so.$SOLIB libbz2.so.1.0 + ln -sf libbz2.so.1.0 libbz2.so.1 + ) + ( cd usr/lib${LIBDIRSUFFIX} + ln -sf ../../lib${LIBDIRSUFFIX}/libbz2.so.1 libbz2.so + ) + ( cd bin ; ln -sf bzip2 bunzip2 ) + ( cd bin ; ln -sf bzip2 bzcat ) + mkdir -p usr/bin + ( cd usr/bin + ln -sf ../../bin/bzip2 . + ln -sf ../../bin/bzip2 bunzip2 + ln -sf ../../bin/bzip2 bzcat + ln -sf bzmore bzless + ) +) +# Here are some optional scripts: +for file in bzdiff bzgrep bzmore ; do + cat $file > $PKG/usr/bin/$file + cat ${file}.1 | gzip -9c > $PKG/usr/man/man1/${file}.1.gz +done +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) +chmod 755 $PKG/bin/* $PKG/usr/bin/* +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +makepkg -l y -c n $TMP/bzip2-$VERSION-$ARCH-$BUILD.txz + +# Clean up the extra stuff: +if [ "$1" = "--cleanup" ]; then + rm -rf $TMP/bzip2-$VERSION + rm -rf $PKG +fi diff --git a/patches/source/bzip2/bzip2.saneso.diff b/patches/source/bzip2/bzip2.saneso.diff new file mode 100644 index 00000000..4f0acc6e --- /dev/null +++ b/patches/source/bzip2/bzip2.saneso.diff @@ -0,0 +1,20 @@ +--- ./Makefile-libbz2_so.orig 2010-09-10 18:07:52.000000000 -0500 ++++ ./Makefile-libbz2_so 2010-09-20 12:30:10.475525363 -0500 +@@ -35,13 +35,13 @@ + bzlib.o + + all: $(OBJS) +- $(CC) -shared -Wl,-soname -Wl,libbz2.so.1.0 -o libbz2.so.1.0.6 $(OBJS) ++ $(CC) -shared -Wl,-soname -Wl,libbz2.so.1 -o libbz2.so.1.0.6 $(OBJS) + $(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.6 +- rm -f libbz2.so.1.0 +- ln -s libbz2.so.1.0.6 libbz2.so.1.0 ++ rm -f libbz2.so.1 ++ ln -s libbz2.so.1.0.6 libbz2.so.1 + + clean: +- rm -f $(OBJS) bzip2.o libbz2.so.1.0.6 libbz2.so.1.0 bzip2-shared ++ rm -f $(OBJS) bzip2.o libbz2.so.1.0.6 libbz2.so.1 bzip2-shared + + blocksort.o: blocksort.c + $(CC) $(CFLAGS) -c blocksort.c diff --git a/patches/source/bzip2/slack-desc b/patches/source/bzip2/slack-desc new file mode 100644 index 00000000..8026e755 --- /dev/null +++ b/patches/source/bzip2/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +bzip2: bzip2 (a block-sorting file compressor) +bzip2: +bzip2: Bzip2 compresses files using the Burrows-Wheeler block sorting text +bzip2: compression algorithm, and Huffman coding. Compression is generally +bzip2: considerably better than that achieved by more conventional LZ77/LZ78- +bzip2: based compressors, and approaches the performance of the PPM family of +bzip2: statistical compressors. +bzip2: +bzip2: Julian Seward <jseward@acm.org> is the author of bzip2. +bzip2: +bzip2: diff --git a/patches/source/coreutils/DIR_COLORS b/patches/source/coreutils/DIR_COLORS new file mode 100644 index 00000000..fd77f563 --- /dev/null +++ b/patches/source/coreutils/DIR_COLORS @@ -0,0 +1,235 @@ +# Configuration file for dircolors, a utility to help you set the +# LS_COLORS environment variable used by GNU ls with the --color option. + +# The keywords COLOR, OPTIONS, and EIGHTBIT (honored by the +# slackware version of dircolors) are recognized but ignored. +# (see the scripts in /etc/profile.d/coreutils-dircolors.* to change default +# options in the Slackware aliases) + +# Below, there should be one TERM entry for each termtype that is colorizable +TERM Eterm +TERM ansi +TERM color-xterm +TERM con132x25 +TERM con132x30 +TERM con132x43 +TERM con132x60 +TERM con80x25 +TERM con80x28 +TERM con80x30 +TERM con80x43 +TERM con80x50 +TERM con80x60 +TERM cons25 +TERM console +TERM cygwin +TERM dtterm +TERM eterm-color +TERM gnome +TERM gnome-256color +TERM jfbterm +TERM konsole +TERM kterm +TERM linux +TERM linux-c +TERM mach-color +TERM mlterm +TERM putty +TERM rxvt +TERM rxvt-256color +TERM rxvt-cygwin +TERM rxvt-cygwin-native +TERM rxvt-unicode +TERM rxvt-unicode-256color +TERM rxvt-unicode256 +TERM screen +TERM screen-256color +TERM screen-256color-bce +TERM screen-bce +TERM screen-w +TERM screen.linux +TERM screen.rxvt +TERM terminator +TERM vt100 +TERM xterm +TERM xterm-16color +TERM xterm-256color +TERM xterm-88color +TERM xterm-color +TERM xterm-debian + +# Below are the color init strings for the basic file types. A color init +# string consists of one or more of the following numeric codes: +# Attribute codes: +# 00=none 01=bold 04=underscore 05=blink 07=reverse 08=concealed +# Text color codes: +# 30=black 31=red 32=green 33=yellow 34=blue 35=magenta 36=cyan 37=white +# Background color codes: +# 40=black 41=red 42=green 43=yellow 44=blue 45=magenta 46=cyan 47=white +NORMAL 00 # global default, although everything should be something. +FILE 00 # normal file +# RESET 0 # reset to "normal" color +DIR 01;34 # directory +LINK 01;36 # symbolic link. (If you set this to 'target' instead of a + # numerical value, the color is as for the file pointed to.) +# HARDLINK 44;37 # regular file with more than one link +FIFO 40;33 # pipe +SOCK 01;35 # socket +DOOR 01;35 # door +BLK 40;33;01 # block device driver +CHR 40;33;01 # character device driver +ORPHAN 40;31;01 # symlink to nonexistent file +SETUID 37;41 # file that is setuid (u+s) +SETGID 30;43 # file that is setgid (g+s) +CAPABILITY 30;41 # file with capability +STICKY_OTHER_WRITABLE 30;42 # dir that is sticky and other-writable (+t,o+w) +OTHER_WRITABLE 34;42 # dir that is other-writable (o+w) and not sticky +STICKY 37;44 # dir with the sticky bit set (+t) and not other-writable +EXEC 01;32 # This is for files with execute permission: + +# List any file extensions like '.gz' or '.tar' that you would like ls +# to colorize below. Put the extension, a space, and the color init string. +# (and any comments you want to add after a '#') + +# DOS-style executables (bright green) +.bat 01;32 +.BAT 01;32 +.btm 01;32 +.BTM 01;32 +.cmd 01;32 +.CMD 01;32 +.com 01;32 +.COM 01;32 +.dll 01;32 +.DLL 01;32 +.exe 01;32 +.EXE 01;32 + +# archives or compressed (bright red) +.7z 01;31 +.ace 01;31 +.ACE 01;31 +.arj 01;31 +.bz2 01;31 +.cpio 01;31 +.deb 01;31 +.dz 01;31 +.gz 01;31 +.jar 01;31 +.lzh 01;31 +.lzma 01;31 +.rar 01;31 +.RAR 01;31 +.rpm 01;31 +.rz 01;31 +.tar 01;31 +.taz 01;31 +.tb2 01;31 +.tbz2 01;31 +.tbz 01;31 +.tgz 01;31 +.tlz 01;31 +.trz 01;31 +.txz 01;31 +.tz 01;31 +.tz2 01;31 +.xz 01;31 +.z 01;31 +.Z 01;31 +.zip 01;31 +.ZIP 01;31 +.zoo 01;31 + +# multimedia (video/image/sound) file formats +.aac 01;35 +.AAC 01;35 +.anx 01;35 +.asf 01;35 +.ASF 01;35 +.au 01;35 +.axa 01;35 +.axv 01;35 +.avi 01;35 +.AVI 01;35 +.bmp 01;35 +.BMP 01;35 +.divx 01;35 +.DIVX 01;35 +.flac 01;35 +.FLAC 01;35 +.gif 01;35 +.GIF 01;35 +.jpg 01;35 +.JPG 01;35 +.jpeg 01;35 +.JPEG 01;35 +.m2a 01;35 +.M2A 01;35 +.m2v 01;35 +.M2V 01;35 +.m4a 01;35 +.M4A 01;35 +.m4p 01;35 +.M4P 01;35 +.m4v 01;35 +.M4V 01;35 +.mid 01;35 +.midi 01;35 +.mka 01;35 +.mkv 01;35 +.MKV 01;35 +.mov 01;35 +.MOV 01;35 +.mp3 01;35 +.MP3 01;35 +.mp4 01;35 +.MP4 01;35 +.mp4v 01;35 +.mpc 01;35 +.MPC 01;35 +.mpeg 01;35 +.MPEG 01;35 +.mpg 01;35 +.MPG 01;35 +.nuv 01;35 +.oga 01;35 +.ogv 01;35 +.ogx 01;35 +.ogg 01;35 +.OGG 01;35 +.pbm 01;35 +.pgm 01;35 +.png 01;35 +.PNG 01;35 +.ppm 01;35 +.qt 01;35 +.ra 01;35 +.RA 01;35 +.ram 01;35 +.RAM 01;35 +.rm 01;35 +.RM 01;35 +.spx 01;35 +.svg 01;35 +.svgz 01;35 +.tga 01;35 +.TGA 01;35 +.tif 01;35 +.TIF 01;35 +.tiff 01;35 +.TIFF 01;35 +.vob 01;35 +.VOB 01;35 +.wav 01;35 +.WAV 01;35 +.wma 01;35 +.WMA 01;35 +.wmv 01;35 +.WMV 01;35 +.xbm 01;35 +.xcf 01;35 +.xpm 01;35 +.xspf 01;35 +.xwd 01;35 +.XWD 01;35 +.xvid 01;35 diff --git a/patches/source/coreutils/coreutils-dircolors.csh b/patches/source/coreutils/coreutils-dircolors.csh new file mode 100644 index 00000000..d7234c85 --- /dev/null +++ b/patches/source/coreutils/coreutils-dircolors.csh @@ -0,0 +1,48 @@ +# Slackware color ls profile script for /bin/csh-like shells. + +# Set up LS_OPTIONS environment variable. +# This contains extra command line options to use with ls. +# The default ones are: +# -F = show '/' for dirs, '*' for executables, etc. +# -T 0 = don't trust tab spacing when formatting ls output. +# -b = better support for special characters +setenv OPTIONS "-F -b -T 0" + +# COLOR needs one of these arguments: +# 'auto' colorizes output to ttys, but not pipes. +# 'always' adds color characters to all output. +# 'never' shuts colorization off. +setenv COLOR auto + +# This section shouldn't require any user adjustment since it is +# simply setting the LS_OPTIONS variable using the information +# already given above: +setenv LS_OPTIONS " $OPTIONS --color=$COLOR " +unsetenv COLOR +unsetenv OPTIONS + +# Set up aliases to use color ls by default. A few additional +# aliases like 'dir', 'vdir', etc, are some ancient artifacts +# from 1992 or so... possibly they should be disabled, but maybe +# someone out there is actually using them? :-) +alias ls '/bin/ls $LS_OPTIONS'; +alias dir '/bin/ls $LS_OPTIONS --format=vertical'; +alias vdir '/bin/ls $LS_OPTIONS --format=long'; +alias d dir; +alias v vdir; +unsetenv noglob; + +# Set up the LS_COLORS environment: +[ -f $HOME/.dir_colors ] +if ($status == 0) then + eval `/bin/dircolors -c $HOME/.dir_colors` +endif +[ -f /etc/DIR_COLORS ] +if ($status == 0) then + eval `/bin/dircolors -c /etc/DIR_COLORS` +endif +[ ! -f $HOME/.dir_colors -a ! -f /etc/DIR_COLORS ] +if ($status == 0) then + eval `/bin/dircolors -c` +endif + diff --git a/patches/source/coreutils/coreutils-dircolors.sh b/patches/source/coreutils/coreutils-dircolors.sh new file mode 100644 index 00000000..fc848c6f --- /dev/null +++ b/patches/source/coreutils/coreutils-dircolors.sh @@ -0,0 +1,54 @@ +# Slackware color ls profile script for /bin/sh-like shells. + +# Set up LS_OPTIONS environment variable. +# This contains extra command line options to use with ls. +# The default ones are: +# -F = show '/' for dirs, '*' for executables, etc. +# -T 0 = don't trust tab spacing when formatting ls output. +# -b = better support for special characters +OPTIONS="-F -b -T 0" + +# COLOR needs one of these arguments: +# 'auto' colorizes output to ttys, but not pipes. +# 'always' adds color characters to all output. +# 'never' shuts colorization off. +COLOR=auto + + +# This section shouldn't require any user adjustment since it is +# simply setting the LS_OPTIONS variable using the information +# already given above: +LS_OPTIONS="$OPTIONS --color=$COLOR"; +export LS_OPTIONS; +unset COLOR +unset OPTIONS + +# Set up aliases to use color ls by default. A few additional +# aliases like 'dir', 'vdir', etc, are some ancient artifacts +# from 1992 or so... possibly they should be disabled, but maybe +# someone out there is actually using them? :-) +# Assume shell aliases are supported. +if [ "$SHELL" = "/bin/zsh" ] ; then + # By default, zsh doesn't split parameters into separate words + # when it encounters whitespace. The '=' flag will fix this. + # see zshexpn(1) man-page regarding SH_WORD_SPLIT. + alias ls='/bin/ls ${=LS_OPTIONS}' + alias dir='/bin/ls ${=LS_OPTIONS} --format=vertical' + alias vdir='/bin/ls ${=LS_OPTIONS} --format=long' +else + alias ls='/bin/ls $LS_OPTIONS' + alias dir='/bin/ls $LS_OPTIONS --format=vertical' + alias vdir='/bin/ls $LS_OPTIONS --format=long' +fi +alias d=dir +alias v=vdir + +# Set up the LS_COLORS environment: +if [ -f $HOME/.dir_colors ]; then + eval `/bin/dircolors -b $HOME/.dir_colors` +elif [ -f /etc/DIR_COLORS ]; then + eval `/bin/dircolors -b /etc/DIR_COLORS` +else + eval `/bin/dircolors -b` +fi + diff --git a/patches/source/coreutils/coreutils.SlackBuild b/patches/source/coreutils/coreutils.SlackBuild new file mode 100755 index 00000000..2ddd6ede --- /dev/null +++ b/patches/source/coreutils/coreutils.SlackBuild @@ -0,0 +1,195 @@ +#!/bin/sh + +# Copyright 2005-2010, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=coreutils +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | cut -d - -f 2 | rev | cut -f 3- -d . | rev)} +BUILD=${BUILD:-1_slack13.1} + +NUMJOBS=${NUMJOBS:--j6} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +elif [ "$ARCH" = "arm" ]; then + SLKCFLAGS="-O2 -march=armv4 -mtune=xscale" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "armel" ]; then + SLKCFLAGS="-O2 -march=armv4t" + LIBDIRSUFFIX="" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP + +rm -rf $PKGNAM-$VERSION +if [ -r $CWD/$PKGNAM-$VERSION.tar.gz ]; then + tar xf $CWD/$PKGNAM-$VERSION.tar.gz || exit 1 +elif [ -r $CWD/$PKGNAM-$VERSION.tar.bz2 ]; then + tar xf $CWD/$PKGNAM-$VERSION.tar.bz2 || exit 1 +elif [ -r $CWD/$PKGNAM-$VERSION.tar.xz ]; then + tar xf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +elif [ -r $CWD/$PKGNAM-$VERSION.tar.lzma ]; then + tar xf $CWD/$PKGNAM-$VERSION.tar.lzma || exit 1 +else + exit 1 +fi + +cd $PKGNAM-$VERSION +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Patch uname to correctly display CPU information: +zcat $CWD/$PKGNAM.uname.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 + +# Compilation with glibc version later than 2.3.2 needs the environment +# variable DEFAULT_POSIX2_VERSION set to 199209. +# Without the next line, the coreutils will start complaining about 'obsolete' +# command switches, like "tail -20" will be considered obsolete. +# This behaviour breaks many other packages... the 'obsolete' parameters are +# too commonly used to disregard them. Better to stick with the older more +# widely accepted standards until things begin to demand the new way. + +CFLAGS="$SLKCFLAGS" \ +DEFAULT_POSIX2_VERSION=199209 \ +./configure \ + --prefix=/usr \ + --bindir=/bin \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --sysconfdir=/etc \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --without-gmp \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# We have had the mktemp from debianutils included with Slackware for quite a +# long time, and certain options are changed here, like changing -u to mean a +# dry-run rather than to unlink the tempfile when finished. Since this could +# break existing scripts, unless someone can tell me a good reason why we +# should start using a new version of mktemp, we will continue to use the +# one we've been using. If the new one starts to become expected, let me know. +# We'll figure out what the best options are and go from there. +mv $PKG/bin/mktemp $PKG/bin/mktemp-gnu +mv $PKG/usr/man/man1/mktemp.1 $PKG/usr/man/man1/mktemp-gnu.1 + +# This seems wrong, and it stomps on files in the ksh93 package, though I'm +# not sure the placement of those is correct, either... The ksh93 package +# installs them as flat text files, while coreutils installs empty directories +# Oh well, this is what we've done for years, and nobody's complained... +rm -rf $PKG/usr/share/locale/*/LC_TIME + +# These are important enough that they should probably all go into /bin at this +# point... Having some of them unavailable when /usr isn't mounted is just a +# source of unending bug reports for various third party applications. +# Time to end those reports. :-) +mkdir -p $PKG/bin $PKG/usr/bin +( cd $PKG/usr/bin + for file in ../../bin/* ; do + ln --verbose -sf $file . + done +) + +# Add some defaults, although a very slack-like set of default options are built +# into /bin/ls now anyway: +mkdir -p $PKG/etc +zcat $CWD/DIR_COLORS.gz > $PKG/etc/DIR_COLORS.new + +# Since dircolors no longer provides any default aliases these scripts +# will be needed for ls to act as expected: +mkdir -p $PKG/etc/profile.d +zcat $CWD/coreutils-dircolors.csh.gz > $PKG/etc/profile.d/coreutils-dircolors.csh +zcat $CWD/coreutils-dircolors.sh.gz > $PKG/etc/profile.d/coreutils-dircolors.sh +chmod 755 $PKG/etc/profile.d/* + +# Remove things that are provided by other Slackware packages: +for dupe in hostname kill su uptime ; do + rm -f $PKG/bin/${dupe} $PKG/usr/bin/${dupe} \ + $PKG/usr/sbin/${dupe} $PKG/usr/man/man?/${dupe}.* ; +done + +# Add ginstall links (there's still a lot of stuff that needs this to compile): +( cd $PKG/bin ; ln -sf install ginstall ) +( cd $PKG/usr/bin ; ln -sf ../../bin/ginstall ginstall ) +( cd $PKG/usr/man/man1 ; ln -sf install.1 ginstall.1 ) + +( cd $PKG/usr/man + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done +) + +rm -f $PKG/usr/info/dir +gzip -9 $PKG/usr/info/* + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + AUTHORS COPYING* NEWS README* THANKS THANKS-to-translators TODO \ + $PKG/usr/doc/$PKGNAM-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/coreutils/coreutils.uname.diff b/patches/source/coreutils/coreutils.uname.diff new file mode 100644 index 00000000..69911031 --- /dev/null +++ b/patches/source/coreutils/coreutils.uname.diff @@ -0,0 +1,152 @@ +diff -Nur coreutils-7.6.orig/src/uname.c coreutils-7.6/src/uname.c +--- coreutils-7.6.orig/src/uname.c 2009-09-01 06:01:16.000000000 -0500 ++++ coreutils-7.6/src/uname.c 2009-09-15 08:55:26.239452858 -0500 +@@ -50,6 +50,11 @@ + # include <mach-o/arch.h> + #endif + ++#if defined (__linux__) ++# define USE_PROCINFO ++# define UNAME_HARDWARE_PLATFORM ++#endif ++ + #include "system.h" + #include "error.h" + #include "quote.h" +@@ -155,6 +160,106 @@ + exit (status); + } + ++#if defined(USE_PROCINFO) ++ ++# if defined(__s390__) || defined(__s390x__) ++# define CPUINFO_FILE "/proc/sysinfo" ++# define CPUINFO_FORMAT "%64[^\t :]%*[ :]%256[^\n]%c" ++# else ++# define CPUINFO_FILE "/proc/cpuinfo" ++# define CPUINFO_FORMAT "%64[^\t:]\t:%256[^\n]%c" ++# endif ++ ++# define PROCINFO_PROCESSOR 0 ++# define PROCINFO_HARDWARE_PLATFORM 1 ++ ++static void __eat_cpuinfo_space(char *buf) ++{ ++ /* first eat trailing space */ ++ char *tmp = buf + strlen(buf) - 1; ++ while (tmp > buf && isspace(*tmp)) ++ *tmp-- = '\0'; ++ /* then eat leading space */ ++ tmp = buf; ++ while (*tmp && isspace(*tmp)) ++ tmp++; ++ if (tmp != buf) ++ memmove(buf, tmp, strlen(tmp)+1); ++} ++ ++static int __linux_procinfo (int x, char *fstr, size_t s) ++{ ++ FILE *fp; ++ ++ char *procinfo_keys[] = { ++ /* --processor --hardware-platform */ ++ #if defined(__alpha__) ++ "cpu model", "system type" ++ #elif defined(__arm__) ++ "Processor", "Hardware" ++ #elif defined(bfin) ++ "CPU", "BOARD Name" ++ #elif defined(__cris__) ++ "cpu", "cpu model" ++ #elif defined(__frv__) ++ "CPU-Core", "System" ++ #elif defined(__i386__) || defined(__x86_64__) ++ "model name", "vendor_id" ++ #elif defined(__ia64__) ++ "family", "vendor" ++ #elif defined(__hppa__) ++ "cpu", "model" ++ #elif defined(__m68k__) ++ "CPU", "MMU" ++ #elif defined(__mips__) ++ "cpu model", "system type" ++ #elif defined(__powerpc__) || defined(__powerpc64__) ++ "cpu", "machine" ++ #elif defined(__s390__) || defined(__s390x__) ++ "Type", "Manufacturer" ++ #elif defined(__sh__) ++ "cpu type", "machine" ++ #elif defined(sparc) || defined(__sparc__) ++ "type", "cpu" ++ #elif defined(__vax__) ++ "cpu type", "cpu" ++ #else ++ "unknown", "unknown" ++ #endif ++ }; ++ ++ if ((fp = fopen(CPUINFO_FILE, "r")) != NULL) { ++ char key[65], value[257], eol, *ret = NULL; ++ ++ while (fscanf(fp, CPUINFO_FORMAT, key, value, &eol) != EOF) { ++ __eat_cpuinfo_space(key); ++ if (!strcmp(key, procinfo_keys[x])) { ++ __eat_cpuinfo_space(value); ++ ret = value; ++ break; ++ } ++ if (eol != '\n') { ++ /* we need two fscanf's here in case the previous ++ * length limit caused us to read right up to the ++ * newline ... doing "%*[^\n]\n" wont eat the newline ++ */ ++ fscanf(fp, "%*[^\n]"); ++ fscanf(fp, "\n"); ++ } ++ } ++ fclose(fp); ++ ++ if (ret) { ++ strncpy(fstr, ret, s); ++ return 0; ++ } ++ } ++ ++ return -1; ++} ++ ++#endif ++ + /* Print ELEMENT, preceded by a space if something has already been + printed. */ + +@@ -302,10 +407,14 @@ + if (toprint & PRINT_PROCESSOR) + { + char const *element = unknown; +-#if HAVE_SYSINFO && defined SI_ARCHITECTURE ++#if ( HAVE_SYSINFO && defined SI_ARCHITECTURE ) || defined(USE_PROCINFO) + { + static char processor[257]; ++#if defined(USE_PROCINFO) ++ if (0 <= __linux_procinfo (PROCINFO_PROCESSOR, processor, sizeof processor)) ++#else + if (0 <= sysinfo (SI_ARCHITECTURE, processor, sizeof processor)) ++#endif + element = processor; + } + #endif +@@ -358,9 +467,13 @@ + if (element == unknown) + { + static char hardware_platform[257]; ++#if defined(USE_PROCINFO) ++ if (0 <= __linux_procinfo (PROCINFO_HARDWARE_PLATFORM, hardware_platform, sizeof hardware_platform)) ++#else + size_t s = sizeof hardware_platform; + static int mib[] = { CTL_HW, UNAME_HARDWARE_PLATFORM }; + if (sysctl (mib, 2, hardware_platform, &s, 0, 0) >= 0) ++#endif + element = hardware_platform; + } + #endif diff --git a/patches/source/coreutils/doinst.sh b/patches/source/coreutils/doinst.sh new file mode 100644 index 00000000..b1a6112f --- /dev/null +++ b/patches/source/coreutils/doinst.sh @@ -0,0 +1,13 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/DIR_COLORS.new + diff --git a/patches/source/coreutils/slack-desc b/patches/source/coreutils/slack-desc new file mode 100644 index 00000000..57e562d3 --- /dev/null +++ b/patches/source/coreutils/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +coreutils: coreutils (core GNU utilities) +coreutils: +coreutils: These are the GNU core utilities, the basic command line programs +coreutils: such as 'mkdir', 'ls', and 'rm' that are needed for the system to +coreutils: run. This package is the union of the GNU fileutils, sh-utils, and +coreutils: textutils packages. Most of these programs have significant +coreutils: advantages over their Unix counterparts, such as greater speed, +coreutils: additional options, and fewer arbitrary limits. +coreutils: +coreutils: +coreutils: diff --git a/patches/source/cups/cups.SlackBuild b/patches/source/cups/cups.SlackBuild new file mode 100755 index 00000000..964cf701 --- /dev/null +++ b/patches/source/cups/cups.SlackBuild @@ -0,0 +1,206 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# CUPS build script by volkerdi@slackware.com. + +VERSION=1.4.5 +BUILD=${BUILD:-3_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-cups + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf cups-$VERSION +tar xvf $CWD/cups-$VERSION-source.tar.?z* || exit 1 +cd cups-$VERSION + +# Fix the USB backend to use either usblp or libusb: +zcat $CWD/usb-backend-both-usblp-and-libusb.dpatch.gz | patch -p1 --verbose || exit 1 + +# Fix locking to avoid crashes with OpenSSL: +zcat $CWD/cups.fix_broken_locking.diff.gz | patch -p1 --verbose || exit 1 + +zcat $CWD/str4609-1.4.patch.gz | patch -p0 --verbose || exit 1 + +sed -i.orig -e 's#$exec_prefix/lib/cups#$libdir/cups#g' configure +./configure \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --enable-ssl \ + --enable-openssl=yes \ + --enable-gnutls=no \ + --enable-cdsassl=no \ + --docdir=/usr/doc \ + --without-php \ + --disable-pam \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || exit 1 +mkdir -p $PKG/etc/cups +mkdir -p $PKG/var/spool +make BUILDROOT=$PKG install || exit 1 + +# I've added so many things like /etc/init.d/ to Slackware that CUPS +# is now installing init scripts to the Red Hat locations. We'll move +# them to the usual locations: +mkdir -p $PKG/etc/rc.d +# Handle this as a config file, and non-executable in a default install: +mv $PKG/etc/init.d/cups $PKG/etc/rc.d/rc.cups.new +chmod 644 $PKG/etc/rc.d/rc.cups.new +# Clear out the additions: +rm -rf $PKG/etc/init.d $PKG/etc/rc{0,2,3,5}.d + +### OBSOLETE. The USB backend is patched to support usblp again. ### +## From 1.4.x, CUPS no longer uses usblp, and having the module loaded +## will interfere with USB printers. So, we will add a blacklist rule +## so that the module is not loaded: +#mkdir -p $PKG/etc/modprobe.d +#cat << EOF > $PKG/etc/modprobe.d/cups.blacklist.usblp.conf.new +## Do not load the kernel usblp module, since it interferes with +## versions of CUPS 1.4.0 and newer: +#blacklist usblp +#EOF + +# I'm not sure if overwriting this blindly could have ill effects, +# but it never hurts to play it safe. According to the dbus-daemon +# manpage, only files ending in .conf will be used, so there won't +# be any unintended doubling up. +mv $PKG/etc/dbus-1/system.d/cups.conf $PKG/etc/dbus-1/system.d/cups.conf.new + +# For full CUPS SMB support, you'll need to install the cups-samba +# package from the source in this directory. There's no easy way +# to add that to a package build, and the requests aren't pouring in, +# so you'll have to install it yourself. It's easy to do. + +# However, this will get you the most useful SMB support for free. +# Thanks to Boris Kurktchiev for the tip. :-) +( cd $PKG/usr/lib${LIBDIRSUFFIX}/cups/backend + if [ ! -e smb ]; then + ln -sf /usr/bin/smbspool smb + fi +) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Remove preformatted manpages and move the manpages to /usr/man: +( cd $PKG/usr/share/man + find . -type d -name "cat*" | xargs rm -rf + cd .. + mv man .. +) + +# Adjust/expand docs: +( mkdir -p $PKG/usr/doc + mv $PKG/usr/share/doc/cups $PKG/usr/doc/cups-$VERSION + rmdir $PKG/usr/share/doc + cd $PKG/usr/doc + ln -sf cups-$VERSION cups ) + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGES.txt ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat CHANGES.txt | head -n 1000 > $DOCSDIR/CHANGES.txt + touch -r CHANGES.txt $DOCSDIR/CHANGES.txt +fi + +# I'm sorry, but PDF files are almost as bloated and annoying as +# MS Word documents. We'll retain the HTML files in /usr/doc. +( cd $PKG/usr/doc + find . -name "*.pdf" -exec rm -f {} \; ) + +# Apply no-clobber fix to conffiles: +( cd $PKG/etc/cups + for file in * ; do + if [ -f $file ]; then + mv $file $file.new + fi + done ) + +# Strip stuff: +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Use symlinks to certain binaries so that CUPS and LPRng can coexist: +SUFFIX=cups +for file in \ +usr/bin/cancel \ +usr/bin/lp \ +usr/bin/lpq \ +usr/bin/lpr \ +usr/bin/lprm \ +usr/bin/lpstat \ +usr/sbin/lpc ; do + ( cd $PKG + mv ${file} ${file}-${SUFFIX} + ( cd `dirname ${file}` ; ln -sf `basename ${file}`-${SUFFIX} `basename ${file}` ) + ) +done +# Now fix the associated man pages: +mv $PKG/usr/man/man1/cancel.1.gz $PKG/usr/man/man1/cancel-${SUFFIX}.1.gz +mv $PKG/usr/man/man1/lp.1.gz $PKG/usr/man/man1/lp-${SUFFIX}.1.gz +mv $PKG/usr/man/man1/lpq.1.gz $PKG/usr/man/man1/lpq-${SUFFIX}.1.gz +mv $PKG/usr/man/man1/lpr.1.gz $PKG/usr/man/man1/lpr-${SUFFIX}.1.gz +mv $PKG/usr/man/man1/lprm.1.gz $PKG/usr/man/man1/lprm-${SUFFIX}.1.gz +mv $PKG/usr/man/man1/lpstat.1.gz $PKG/usr/man/man1/lpstat-${SUFFIX}.1.gz +mv $PKG/usr/man/man8/lpc.8.gz $PKG/usr/man/man8/lpc-${SUFFIX}.8.gz +( cd $PKG/usr/man/man1 + ln -sf cancel-${SUFFIX}.1.gz cancel.1.gz + ln -sf lp-${SUFFIX}.1.gz lp.1.gz + ln -sf lpq-${SUFFIX}.1.gz lpq.1.gz + ln -sf lpr-${SUFFIX}.1.gz lpr.1.gz + ln -sf lprm-${SUFFIX}.1.gz lprm.1.gz + ln -sf lpstat-${SUFFIX}.1.gz lpstat.1.gz +) +( cd $PKG/usr/man/man8 + ln -sf lpc-${SUFFIX}.8.gz lpc.8.gz +) + +# Add the doinst.sh that installs the .new conffiles: +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/cups-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/cups/cups.fix_broken_locking.diff b/patches/source/cups/cups.fix_broken_locking.diff new file mode 100644 index 00000000..44f97533 --- /dev/null +++ b/patches/source/cups/cups.fix_broken_locking.diff @@ -0,0 +1,256 @@ +Submitted By: DJ Lucas <robert AT linuxfromscratch DOT org> +Date: 2010-09-13 +Initial Package Version: 1.4.4 +Upstream Status: Unknown +Origin: https://bugzilla.redhat.com/show_bug.cgi?id=553834 +Description: Bug fix for invalid locking with GCrypt. + +diff -Naurp cups-1.4.4-orig/cups/http.c cups-1.4.4/cups/http.c +--- cups-1.4.4-orig/cups/http.c 2010-06-16 00:27:41.000000000 -0500 ++++ cups-1.4.4/cups/http.c 2010-09-13 01:27:03.000000000 -0500 +@@ -83,12 +83,10 @@ + * http_debug_hex() - Do a hex dump of a buffer. + * http_field() - Return the field index for a field name. + * http_read_ssl() - Read from a SSL/TLS connection. +- * http_locking_cb() - Lock/unlock a thread's mutex. + * http_send() - Send a request with all fields and the trailing + * blank line. + * http_setup_ssl() - Set up SSL/TLS support on a connection. + * http_shutdown_ssl() - Shut down SSL/TLS on a connection. +- * http_threadid_cb() - Return the current thread ID. + * http_upgrade() - Force upgrade to TLS encryption. + * http_write() - Write a buffer to a HTTP connection. + * http_write_chunk() - Write a chunked buffer. +@@ -146,19 +144,6 @@ static int http_setup_ssl(http_t *http) + static void http_shutdown_ssl(http_t *http); + static int http_upgrade(http_t *http); + static int http_write_ssl(http_t *http, const char *buf, int len); +- +-# ifdef HAVE_GNUTLS +-# ifdef HAVE_PTHREAD_H +-GCRY_THREAD_OPTION_PTHREAD_IMPL; +-# endif /* HAVE_PTHREAD_H */ +- +-# elif defined(HAVE_LIBSSL) && defined(HAVE_PTHREAD_H) +-static pthread_mutex_t *http_locks; /* OpenSSL lock mutexes */ +- +-static void http_locking_cb(int mode, int type, const char *file, +- int line); +-static unsigned long http_threadid_cb(void); +-# endif /* HAVE_GNUTLS */ + #endif /* HAVE_SSL */ + + +@@ -1188,22 +1173,21 @@ httpHead(http_t *http, /* I - Conne + void + httpInitialize(void) + { +- static int initialized = 0; /* Have we been called before? */ +-#ifdef WIN32 +- WSADATA winsockdata; /* WinSock data */ +-#endif /* WIN32 */ + #ifdef HAVE_LIBSSL +- int i; /* Looping var */ +- unsigned char data[1024]; /* Seed data */ ++# ifndef WIN32 ++ struct timeval curtime; /* Current time in microseconds */ ++# endif /* !WIN32 */ ++ int i; /* Looping var */ ++ unsigned char data[1024]; /* Seed data */ + #endif /* HAVE_LIBSSL */ + +- +- if (initialized) +- return; +- + #ifdef WIN32 +- WSAStartup(MAKEWORD(2,2), &winsockdata); ++ WSADATA winsockdata; /* WinSock data */ ++ + ++ static int initialized = 0; /* Has WinSock been initialized? */ ++ if (!initialized) ++ WSAStartup(MAKEWORD(1,1), &winsockdata); + #elif !defined(SO_NOSIGPIPE) + /* + * Ignore SIGPIPE signals... +@@ -1226,21 +1210,15 @@ httpInitialize(void) + #endif /* WIN32 */ + + #ifdef HAVE_GNUTLS +- /* +- * Make sure we handle threading properly... +- */ +- +-# ifdef HAVE_PTHREAD_H +- gcry_control(GCRYCTL_SET_THREAD_CBS, &gcry_threads_pthread); +-# endif /* HAVE_PTHREAD_H */ + + /* + * Initialize GNU TLS... + */ + + gnutls_global_init(); ++#endif /* HAVE_GNUTLS */ + +-#elif defined(HAVE_LIBSSL) ++#ifdef HAVE_LIBSSL + /* + * Initialize OpenSSL... + */ +@@ -1249,33 +1227,21 @@ httpInitialize(void) + SSL_library_init(); + + /* +- * Set the threading callbacks... +- */ +- +-# ifdef HAVE_PTHREAD_H +- http_locks = calloc(CRYPTO_num_locks(), sizeof(pthread_mutex_t)); +- +- for (i = 0; i < CRYPTO_num_locks(); i ++) +- pthread_mutex_init(http_locks + i, NULL); +- +- CRYPTO_set_id_callback(http_threadid_cb); +- CRYPTO_set_locking_callback(http_locking_cb); +-# endif /* HAVE_PTHREAD_H */ +- +- /* + * Using the current time is a dubious random seed, but on some systems + * it is the best we can do (on others, this seed isn't even used...) + */ + +- CUPS_SRAND(time(NULL)); ++# ifdef WIN32 ++# else ++ gettimeofday(&curtime, NULL); ++ srand(curtime.tv_sec + curtime.tv_usec); ++# endif /* WIN32 */ + + for (i = 0; i < sizeof(data); i ++) +- data[i] = CUPS_RAND(); ++ data[i] = rand(); + + RAND_seed(data, sizeof(data)); +-#endif /* HAVE_GNUTLS */ +- +- initialized = 1; ++#endif /* HAVE_LIBSSL */ + } + + +@@ -2834,25 +2800,6 @@ http_read_ssl(http_t *http, /* I - Conn + #endif /* HAVE_SSL */ + + +-#if defined(HAVE_LIBSSL) && defined(HAVE_PTHREAD_H) +-/* +- * 'http_locking_cb()' - Lock/unlock a thread's mutex. +- */ +- +-static void +-http_locking_cb(int mode, /* I - Lock mode */ +- int type, /* I - Lock type */ +- const char *file, /* I - Source file */ +- int line) /* I - Line number */ +-{ +- if (mode & CRYPTO_LOCK) +- pthread_mutex_lock(http_locks + type); +- else +- pthread_mutex_unlock(http_locks + type); +-} +-#endif /* HAVE_LIBSSL && HAVE_PTHREAD_H */ +- +- + /* + * 'http_send()' - Send a request with all fields and the trailing blank line. + */ +@@ -3224,19 +3171,6 @@ http_shutdown_ssl(http_t *http) /* I - + #endif /* HAVE_SSL */ + + +-#if defined(HAVE_LIBSSL) && defined(HAVE_PTHREAD_H) +-/* +- * 'http_threadid_cb()' - Return the current thread ID. +- */ +- +-static unsigned long /* O - Thread ID */ +-http_threadid_cb(void) +-{ +- return ((unsigned long)pthread_self()); +-} +-#endif /* HAVE_LIBSSL && HAVE_PTHREAD_H */ +- +- + #ifdef HAVE_SSL + /* + * 'http_upgrade()' - Force upgrade to TLS encryption. +diff -Naurp cups-1.4.4-orig/cups/http-private.h cups-1.4.4/cups/http-private.h +--- cups-1.4.4-orig/cups/http-private.h 2010-04-11 23:03:53.000000000 -0500 ++++ cups-1.4.4/cups/http-private.h 2010-09-13 01:27:24.000000000 -0500 +@@ -98,7 +98,6 @@ extern BIO_METHOD *_httpBIOMethods(void) + * The GNU TLS library is more of a "bare metal" SSL/TLS library... + */ + # include <gnutls/gnutls.h> +-# include <gcrypt.h> + + typedef struct + { +diff -Naurp cups-1.4.4-orig/scheduler/main.c cups-1.4.4/scheduler/main.c +--- cups-1.4.4-orig/scheduler/main.c 2010-04-23 13:56:34.000000000 -0500 ++++ cups-1.4.4/scheduler/main.c 2010-09-13 01:27:36.000000000 -0500 +@@ -549,8 +549,6 @@ main(int argc, /* I - Number of comm + * Startup the server... + */ + +- httpInitialize(); +- + cupsdStartServer(); + + /* +diff -Naurp cups-1.4.4-orig/scheduler/server.c cups-1.4.4/scheduler/server.c +--- cups-1.4.4-orig/scheduler/server.c 2010-04-11 23:03:53.000000000 -0500 ++++ cups-1.4.4/scheduler/server.c 2010-09-13 01:27:49.000000000 -0500 +@@ -44,6 +44,42 @@ static int started = 0; + void + cupsdStartServer(void) + { ++#ifdef HAVE_LIBSSL ++ int i; /* Looping var */ ++ struct timeval curtime; /* Current time in microseconds */ ++ unsigned char data[1024]; /* Seed data */ ++#endif /* HAVE_LIBSSL */ ++ ++ ++#ifdef HAVE_LIBSSL ++ /* ++ * Initialize the encryption libraries... ++ */ ++ ++ SSL_library_init(); ++ SSL_load_error_strings(); ++ ++ /* ++ * Using the current time is a dubious random seed, but on some systems ++ * it is the best we can do (on others, this seed isn't even used...) ++ */ ++ ++ gettimeofday(&curtime, NULL); ++ srand(curtime.tv_sec + curtime.tv_usec); ++ ++ for (i = 0; i < sizeof(data); i ++) ++ data[i] = rand(); /* Yes, this is a poor source of random data... */ ++ ++ RAND_seed(&data, sizeof(data)); ++#elif defined(HAVE_GNUTLS) ++ /* ++ * Initialize the encryption libraries... ++ */ ++ ++ gnutls_global_init(); ++#endif /* HAVE_LIBSSL */ ++ ++ + /* + * Create the default security profile... + */ diff --git a/patches/source/cups/doinst.sh b/patches/source/cups/doinst.sh new file mode 100644 index 00000000..6807cc3a --- /dev/null +++ b/patches/source/cups/doinst.sh @@ -0,0 +1,34 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +for file in etc/cups/*.new ; do + config $file +done +config etc/dbus-1/system.d/cups.conf.new + +# This file will just have to go. It appeared for a while during a -current +# devel period and has never been part of a stable release. +#config etc/modprobe.d/cups.blacklist.usblp.conf.new +rm -f etc/modprobe.d/cups.blacklist.usblp.conf.new +rm -f etc/modprobe.d/cups.blacklist.usblp.conf + +# Leave any new rc.cups with the same permissions as the old one: +# This is a kludge, but it's because there's no --reference option +# on busybox's 'chmod': +if [ -e etc/rc.d/rc.cups ]; then + if [ -x etc/rc.d/rc.cups ]; then + chmod 755 etc/rc.d/rc.cups.new + else + chmod 644 etc/rc.d/rc.cups.new + fi +fi +# Then config() it: +config etc/rc.d/rc.cups.new diff --git a/patches/source/cups/slack-desc b/patches/source/cups/slack-desc new file mode 100644 index 00000000..c2e1643c --- /dev/null +++ b/patches/source/cups/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +cups: CUPS (Common UNIX Printing System) +cups: +cups: The Common UNIX Printing System provides a portable printing layer for +cups: UNIX(R)-like operating systems. It has been developed by Easy Software +cups: Products to promote a standard printing solution for all UNIX vendors +cups: and users. CUPS uses the Internet Printing Protocol ("IPP") as the +cups: basis for managing print jobs and queues. The CUPS package includes +cups: System V and Berkeley command-line interfaces, a PostScript RIP +cups: package for supporting non-PostScript printer drivers, and tools for +cups: creating additional printer drivers and other CUPS services. +cups: diff --git a/patches/source/cups/str4609-1.4.patch b/patches/source/cups/str4609-1.4.patch new file mode 100644 index 00000000..d896b6bd --- /dev/null +++ b/patches/source/cups/str4609-1.4.patch @@ -0,0 +1,332 @@ +Index: cgi-bin/ipp-var.c +=================================================================== +--- cgi-bin/ipp-var.c (revision 12588) ++++ cgi-bin/ipp-var.c (working copy) +@@ -1230,21 +1230,7 @@ + * Rewrite URIs... + */ + +- if (!strcmp(name, "member_uris")) +- { +- char url[1024]; /* URL for class member... */ +- +- +- cgiRewriteURL(attr->values[i].string.text, url, +- sizeof(url), NULL); +- +- snprintf(valptr, sizeof(value) - (valptr - value), +- "<A HREF=\"%s\">%s</A>", url, +- strrchr(attr->values[i].string.text, '/') + 1); +- } +- else +- cgiRewriteURL(attr->values[i].string.text, valptr, +- sizeof(value) - (valptr - value), NULL); ++ cgiRewriteURL(attr->values[i].string.text, valptr, sizeof(value) - (valptr - value), NULL); + break; + } + +Index: cgi-bin/template.c +=================================================================== +--- cgi-bin/template.c (revision 12588) ++++ cgi-bin/template.c (working copy) +@@ -659,39 +659,7 @@ + while (*s) + { + if (*s == '<') +- { +- /* +- * Pass <A HREF="url"> and </A>, otherwise quote it... +- */ +- +- if (!strncasecmp(s, "<A HREF=\"", 9)) +- { +- fputs("<A HREF=\"", out); +- s += 9; +- +- while (*s && *s != '\"') +- { +- if (*s == '&') +- fputs("&", out); +- else +- putc(*s, out); +- +- s ++; +- } +- +- if (*s) +- s ++; +- +- fputs("\">", out); +- } +- else if (!strncasecmp(s, "</A>", 4)) +- { +- fputs("</A>", out); +- s += 3; +- } +- else +- fputs("<", out); +- } ++ fputs("<", out); + else if (*s == '>') + fputs(">", out); + else if (*s == '\"') +Index: scheduler/ipp.c +=================================================================== +--- scheduler/ipp.c (revision 12588) ++++ scheduler/ipp.c (working copy) +@@ -498,8 +498,8 @@ + * Remote unauthenticated user masquerading as local root... + */ + +- _cupsStrFree(username->values[0].string.text); +- username->values[0].string.text = _cupsStrAlloc(RemoteRoot); ++ _cupsStrFree(username->values[0].string.text); ++ username->values[0].string.text = _cupsStrAlloc(RemoteRoot); + } + } + +@@ -1638,7 +1638,10 @@ + cupsdSetString(&job->username, con->username); + + if (attr) +- cupsdSetString(&attr->values[0].string.text, con->username); ++ { ++ _cupsStrFree(attr->values[0].string.text); ++ attr->values[0].string.text = _cupsStrAlloc(con->username); ++ } + } + else if (attr) + { +@@ -1689,48 +1692,11 @@ + * Also, we can only have 1 value and it must be a name value. + */ + +- switch (attr->value_tag) +- { +- case IPP_TAG_STRING : +- case IPP_TAG_TEXTLANG : +- case IPP_TAG_NAMELANG : +- case IPP_TAG_TEXT : +- case IPP_TAG_NAME : +- case IPP_TAG_KEYWORD : +- case IPP_TAG_URI : +- case IPP_TAG_URISCHEME : +- case IPP_TAG_CHARSET : +- case IPP_TAG_LANGUAGE : +- case IPP_TAG_MIMETYPE : +- /* +- * Free old strings... +- */ +- +- for (i = 0; i < attr->num_values; i ++) +- { +- _cupsStrFree(attr->values[i].string.text); +- attr->values[i].string.text = NULL; +- if (attr->values[i].string.charset) +- { +- _cupsStrFree(attr->values[i].string.charset); +- attr->values[i].string.charset = NULL; +- } +- } +- +- default : +- break; +- } +- +- /* +- * Use the default connection hostname instead... +- */ +- +- attr->value_tag = IPP_TAG_NAME; +- attr->num_values = 1; +- attr->values[0].string.text = _cupsStrAlloc(con->http.hostname); ++ ippDeleteAttribute(job->attrs, attr); ++ ippAddString(job->attrs, IPP_TAG_JOB, IPP_TAG_NAME, "job-originating-host-name", NULL, con->http.hostname); + } +- +- attr->group_tag = IPP_TAG_JOB; ++ else ++ attr->group_tag = IPP_TAG_JOB; + } + else + { +@@ -1822,8 +1788,8 @@ + + attr = ippAddStrings(job->attrs, IPP_TAG_JOB, IPP_TAG_NAME, "job-sheets", + 2, NULL, NULL); +- attr->values[0].string.text = _cupsStrRetain(printer->job_sheets[0]); +- attr->values[1].string.text = _cupsStrRetain(printer->job_sheets[1]); ++ attr->values[0].string.text = _cupsStrAlloc(printer->job_sheets[0]); ++ attr->values[1].string.text = _cupsStrAlloc(printer->job_sheets[1]); + } + + job->job_sheets = attr; +@@ -1849,7 +1815,8 @@ + * Force the leading banner to have the classification on it... + */ + +- cupsdSetString(&attr->values[0].string.text, Classification); ++ _cupsStrFree(attr->values[0].string.text); ++ attr->values[0].string.text = _cupsStrAlloc(Classification); + + cupsdLogJob(job, CUPSD_LOG_NOTICE, "CLASSIFICATION FORCED " + "job-sheets=\"%s,none\", " +@@ -1866,7 +1833,8 @@ + * Can't put two different security markings on the same document! + */ + +- cupsdSetString(&attr->values[1].string.text, attr->values[0].string.text); ++ _cupsStrFree(attr->values[1].string.text); ++ attr->values[1].string.text = _cupsStrAlloc(attr->values[0].string.text); + + cupsdLogJob(job, CUPSD_LOG_NOTICE, "CLASSIFICATION FORCED " + "job-sheets=\"%s,%s\", " +@@ -1906,18 +1874,26 @@ + if (attr->num_values > 1 && + !strcmp(attr->values[0].string.text, attr->values[1].string.text)) + { +- cupsdSetString(&(attr->values[0].string.text), Classification); +- cupsdSetString(&(attr->values[1].string.text), Classification); ++ _cupsStrFree(attr->values[0].string.text); ++ attr->values[0].string.text = _cupsStrAlloc(Classification); ++ _cupsStrFree(attr->values[1].string.text); ++ attr->values[1].string.text = _cupsStrAlloc(Classification); + } + else + { + if (attr->num_values == 1 || + strcmp(attr->values[0].string.text, "none")) +- cupsdSetString(&(attr->values[0].string.text), Classification); ++ { ++ _cupsStrFree(attr->values[0].string.text); ++ attr->values[0].string.text = _cupsStrAlloc(Classification); ++ } + + if (attr->num_values > 1 && + strcmp(attr->values[1].string.text, "none")) +- cupsdSetString(&(attr->values[1].string.text), Classification); ++ { ++ _cupsStrFree(attr->values[1].string.text); ++ attr->values[1].string.text = _cupsStrAlloc(Classification); ++ } + } + + if (attr->num_values > 1) +@@ -3845,7 +3821,8 @@ + if (attr) + { + attr->value_tag = IPP_TAG_KEYWORD; +- cupsdSetString(&(attr->values[0].string.text), "no-hold"); ++ _cupsStrFree(attr->values[0].string.text); ++ attr->values[0].string.text = _cupsStrAlloc("no-hold"); + } + + /* +@@ -8832,7 +8809,6 @@ + if (format) + { + _cupsStrFree(format->values[0].string.text); +- + format->values[0].string.text = _cupsStrAlloc(mimetype); + } + else +@@ -9371,9 +9347,8 @@ + + if (attr) + { ++ attr->value_tag = IPP_TAG_KEYWORD; + _cupsStrFree(attr->values[0].string.text); +- +- attr->value_tag = IPP_TAG_KEYWORD; + attr->values[0].string.text = _cupsStrAlloc("no-hold"); + + cupsdAddEvent(CUPSD_EVENT_JOB_CONFIG_CHANGED, cupsdFindDest(job->dest), job, +@@ -10065,7 +10040,6 @@ + IPP_TAG_MIMETYPE)) != NULL) + { + _cupsStrFree(jformat->values[0].string.text); +- + jformat->values[0].string.text = _cupsStrAlloc(mimetype); + } + else +Index: scheduler/job.c +=================================================================== +--- scheduler/job.c (revision 12588) ++++ scheduler/job.c (working copy) +@@ -397,7 +397,10 @@ + + if ((attr = ippFindAttribute(job->attrs, "job-actual-printer-uri", + IPP_TAG_URI)) != NULL) +- cupsdSetString(&attr->values[0].string.text, printer->uri); ++ { ++ _cupsStrFree(attr->values[0].string.text); ++ attr->values[0].string.text = _cupsStrAlloc(printer->uri); ++ } + else + ippAddString(job->attrs, IPP_TAG_JOB, IPP_TAG_URI, + "job-actual-printer-uri", NULL, printer->uri); +@@ -1830,7 +1833,10 @@ + + if ((attr = ippFindAttribute(job->attrs, "job-printer-uri", + IPP_TAG_URI)) != NULL) +- cupsdSetString(&(attr->values[0].string.text), p->uri); ++ { ++ _cupsStrFree(attr->values[0].string.text); ++ attr->values[0].string.text = _cupsStrAlloc(p->uri); ++ } + + cupsdAddEvent(CUPSD_EVENT_JOB_STOPPED, p, job, + "Job #%d moved from %s to %s.", job->id, olddest, +@@ -2026,7 +2032,10 @@ + attr = ippFindAttribute(job->attrs, "job-hold-until", IPP_TAG_NAME); + + if (attr) +- cupsdSetString(&(attr->values[0].string.text), when); ++ { ++ _cupsStrFree(attr->values[0].string.text); ++ attr->values[0].string.text = _cupsStrAlloc(when); ++ } + else + attr = ippAddString(job->attrs, IPP_TAG_JOB, IPP_TAG_KEYWORD, + "job-hold-until", NULL, when); +@@ -2272,7 +2281,8 @@ + if (attr) + { + attr->value_tag = IPP_TAG_KEYWORD; +- cupsdSetString(&(attr->values[0].string.text), "no-hold"); ++ _cupsStrFree(attr->values[0].string.text); ++ attr->values[0].string.text = _cupsStrAlloc("no-hold"); + } + + default : +@@ -3989,7 +3999,10 @@ + job->status_level = CUPSD_LOG_INFO; + + if (job->printer_message) +- cupsdSetString(&(job->printer_message->values[0].string.text), ""); ++ { ++ _cupsStrFree(job->printer_message->values[0].string.text); ++ job->printer_message->values[0].string.text = _cupsStrAlloc(""); ++ } + + /* + * Create the backchannel pipes and make them non-blocking... +@@ -4547,10 +4560,15 @@ + + if (job->state_value != IPP_JOB_PROCESSING && + job->status_level == CUPSD_LOG_INFO) +- cupsdSetString(&(job->printer_message->values[0].string.text), ""); ++ { ++ _cupsStrFree(job->printer_message->values[0].string.text); ++ job->printer_message->values[0].string.text = _cupsStrAlloc(""); ++ } + else if (job->printer->state_message[0] && do_message) +- cupsdSetString(&(job->printer_message->values[0].string.text), +- job->printer->state_message); ++ { ++ _cupsStrFree(job->printer_message->values[0].string.text); ++ job->printer_message->values[0].string.text = _cupsStrAlloc(job->printer->state_message); ++ } + + /* + * ... and the printer-state-reasons value... diff --git a/patches/source/cups/usb-backend-both-usblp-and-libusb.dpatch b/patches/source/cups/usb-backend-both-usblp-and-libusb.dpatch new file mode 100644 index 00000000..88ae9d07 --- /dev/null +++ b/patches/source/cups/usb-backend-both-usblp-and-libusb.dpatch @@ -0,0 +1,574 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## usb-backend-both-usblp-and-libusb.dpatch by <till.kamppeter@gmail.com> +## +## DP: http://www.cups.org/str.php?L3357 + +@DPATCH@ +diff -urNad cups-1.4.3~/backend/Makefile cups-1.4.3/backend/Makefile +--- cups-1.4.3~/backend/Makefile 2010-04-09 15:56:03.735720821 +0200 ++++ cups-1.4.3/backend/Makefile 2010-04-09 15:56:04.335705387 +0200 +@@ -267,7 +267,7 @@ + echo Linking $@... + $(CC) $(LDFLAGS) -o usb usb.o libbackend.a $(LIBUSB) \ + $(BACKLIBS) $(LIBS) +-usb.o: usb.c usb-darwin.c usb-libusb.c usb-unix.c ++usb.o: usb.c usb-darwin.c usb-hybrid.c usb-libusb.c usb-unix.c + + + # +diff -urNad cups-1.4.3~/backend/ieee1284.c cups-1.4.3/backend/ieee1284.c +--- cups-1.4.3~/backend/ieee1284.c 2009-12-08 03:13:42.000000000 +0100 ++++ cups-1.4.3/backend/ieee1284.c 2010-04-09 15:56:04.335705387 +0200 +@@ -255,6 +255,7 @@ + cups_option_t *values; /* Keys and values in device ID */ + const char *mfg, /* Manufacturer */ + *mdl, /* Model */ ++ *des, /* Description */ + *sern; /* Serial number */ + char temp[256], /* Temporary manufacturer string */ + *tempptr; /* Pointer into temp string */ +@@ -285,10 +286,20 @@ + } + else + { +- strlcpy(temp, make_model, sizeof(temp)); ++ /* ++ * No manufacturer? Use the model string or description... ++ */ ++ ++ if (mdl) ++ _ppdNormalizeMakeAndModel(mdl, temp, sizeof(temp)); ++ else if ((des = cupsGetOption("DESCRIPTION", num_values, values)) != NULL || ++ (des = cupsGetOption("DES", num_values, values)) != NULL) ++ _ppdNormalizeMakeAndModel(des, temp, sizeof(temp)); ++ else ++ strlcpy(temp, "Unknown", sizeof(temp)); + + if ((tempptr = strchr(temp, ' ')) != NULL) +- *tempptr = '\0'; ++ *tempptr = '\0'; + + mfg = temp; + } +diff -urNad cups-1.4.3~/backend/usb-hybrid.c cups-1.4.3/backend/usb-hybrid.c +--- cups-1.4.3~/backend/usb-hybrid.c 1970-01-01 01:00:00.000000000 +0100 ++++ cups-1.4.3/backend/usb-hybrid.c 2010-04-09 15:56:04.345707078 +0200 +@@ -0,0 +1,87 @@ ++/* ++ * "$Id: usb-hybrid.c 8807 2009-08-31 18:45:43Z mike $" ++ * ++ * USB port backend for the Common UNIX Printing System (CUPS). ++ * ++ * This file is included from "usb.c" when compiled on Linux. ++ * ++ * Copyright 2007-2008 by Apple Inc. ++ * Copyright 1997-2007 by Easy Software Products, all rights reserved. ++ * ++ * These coded instructions, statements, and computer programs are the ++ * property of Apple Inc. and are protected by Federal copyright ++ * law. Distribution and use rights are outlined in the file "LICENSE.txt" ++ * "LICENSE" which should have been included with this file. If this ++ * file is missing or damaged, see the license at "http://www.cups.org/". ++ * ++ * This file is subject to the Apple OS-Developed Software exception. ++ * ++ * Contents: ++ * ++ * print_device() - Print a file to a USB device. ++ * list_devices() - List all USB devices. ++ */ ++ ++/* ++ * Include necessary headers. ++ */ ++ ++#include <sys/select.h> ++ ++/* ++ * Include the two USB implementations used under Linux ... ++ */ ++ ++#include "usb-libusb.c" ++#include "usb-unix.c" ++ ++/* ++ * 'print_device()' - Print a file to a USB device. ++ */ ++ ++int /* O - Exit status */ ++print_device(const char *uri, /* I - Device URI */ ++ const char *hostname, /* I - Hostname/manufacturer */ ++ const char *resource, /* I - Resource/modelname */ ++ char *options, /* I - Device options/serial number */ ++ int print_fd, /* I - File descriptor to print */ ++ int copies, /* I - Copies to print */ ++ int argc, /* I - Number of command-line arguments (6 or 7) */ ++ char *argv[]) /* I - Command-line arguments */ ++{ ++ int result; ++ for(;;) ++ { ++ result = print_device_unix(uri, hostname, resource, options, print_fd, ++ copies, argc, argv); ++ if (result == -1) ++ { ++ result = print_device_libusb(uri, hostname, resource, options, print_fd, ++ copies, argc, argv); ++ if (result == -1) ++ sleep(5); ++ else ++ return(result); ++ } ++ else ++ return(result); ++ } ++} ++ ++/* ++ * 'list_devices()' - List all USB devices. ++ */ ++ ++void ++list_devices(void) ++{ ++ /* Try both discovery methods, each device will appear only under one ++ of them */ ++ list_devices_libusb(); ++ list_devices_unix(); ++} ++ ++ ++/* ++ * End of "$Id: usb-hybrid.c 8807 2009-08-31 18:45:43Z mike $". ++ */ +diff -urNad cups-1.4.3~/backend/usb-libusb.c cups-1.4.3/backend/usb-libusb.c +--- cups-1.4.3~/backend/usb-libusb.c 2009-09-11 22:03:31.000000000 +0200 ++++ cups-1.4.3/backend/usb-libusb.c 2010-04-09 15:56:04.345707078 +0200 +@@ -13,16 +13,16 @@ + * + * Contents: + * +- * list_devices() - List the available printers. +- * print_device() - Print a file to a USB device. ++ * list_devices_libusb() - List the available printers. ++ * print_device_libusb() - Print a file to a USB device. + * close_device() - Close the connection to the USB printer. + * find_device() - Find or enumerate USB printers. + * get_device_id() - Get the IEEE-1284 device ID for the printer. + * list_cb() - List USB printers for discovery. + * make_device_uri() - Create a device URI for a USB printer. +- * open_device() - Open a connection to the USB printer. ++ * open_device_libusb() - Open a connection to the USB printer. + * print_cb() - Find a USB printer for printing. +- * side_cb() - Handle side-channel requests. ++ * side_cb_libusb() - Handle side-channel requests. + */ + + /* +@@ -65,30 +65,30 @@ + static char *make_device_uri(usb_printer_t *printer, + const char *device_id, + char *uri, size_t uri_size); +-static int open_device(usb_printer_t *printer, int verbose); ++static int open_device_libusb(usb_printer_t *printer, int verbose); + static int print_cb(usb_printer_t *printer, const char *device_uri, + const char *device_id, const void *data); +-static ssize_t side_cb(usb_printer_t *printer, int print_fd); ++static ssize_t side_cb_libusb(usb_printer_t *printer, int print_fd); + + + /* +- * 'list_devices()' - List the available printers. ++ * 'list_devices_libusb()' - List the available printers. + */ + + void +-list_devices(void) ++list_devices_libusb(void) + { +- fputs("DEBUG: list_devices\n", stderr); ++ fputs("DEBUG: list_devices_libusb\n", stderr); + find_device(list_cb, NULL); + } + + + /* +- * 'print_device()' - Print a file to a USB device. ++ * 'print_device_libusb()' - Print a file to a USB device. + */ + + int /* O - Exit status */ +-print_device(const char *uri, /* I - Device URI */ ++print_device_libusb(const char *uri, /* I - Device URI */ + const char *hostname, /* I - Hostname/manufacturer */ + const char *resource, /* I - Resource/modelname */ + char *options, /* I - Device options/serial number */ +@@ -105,19 +105,23 @@ + struct pollfd pfds[2]; /* Poll descriptors */ + + +- fputs("DEBUG: print_device\n", stderr); ++ fputs("DEBUG: print_device_libusb\n", stderr); + + /* + * Connect to the printer... + */ + ++#if defined(__linux) || defined(__sun) || defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) ++ if ((printer = find_device(print_cb, uri)) == NULL) ++ return(-1); ++#else + while ((printer = find_device(print_cb, uri)) == NULL) + { + _cupsLangPuts(stderr, + _("INFO: Waiting for printer to become available...\n")); + sleep(5); + } +- ++#endif + + /* + * If we are printing data from a print driver on stdin, ignore SIGTERM +@@ -189,7 +193,7 @@ + + if (pfds[1].revents & (POLLIN | POLLHUP)) + { +- if ((bytes = side_cb(printer, print_fd)) < 0) ++ if ((bytes = side_cb_libusb(printer, print_fd)) < 0) + pfds[1].events = 0; /* Filter has gone away... */ + else + tbytes += bytes; +@@ -359,7 +363,7 @@ + printer.iface = iface; + printer.handle = NULL; + +- if (!open_device(&printer, data != NULL)) ++ if (!open_device_libusb(&printer, data != NULL)) + { + if (!get_device_id(&printer, device_id, sizeof(device_id))) + { +@@ -583,6 +587,14 @@ + mfg = tempmfg; + } + ++ if (!strncasecmp(mdl, mfg, strlen(mfg))) ++ { ++ mdl += strlen(mfg); ++ ++ while (isspace(*mdl & 255)) ++ mdl ++; ++ } ++ + /* + * Generate the device URI from the manufacturer, model, serial number, + * and interface number... +@@ -611,11 +623,11 @@ + + + /* +- * 'open_device()' - Open a connection to the USB printer. ++ * 'open_device_libusb()' - Open a connection to the USB printer. + */ + + static int /* O - 0 on success, -1 on error */ +-open_device(usb_printer_t *printer, /* I - Printer */ ++open_device_libusb(usb_printer_t *printer, /* I - Printer */ + int verbose) /* I - Update connecting-to-device state? */ + { + int number; /* Configuration/interface/altset numbers */ +@@ -733,16 +745,73 @@ + const char *device_id, /* I - IEEE-1284 device ID */ + const void *data) /* I - User data (make, model, S/N) */ + { +- return (!strcmp((char *)data, device_uri)); ++ char *uri = (char *)data, ++ *str1, ++ *str2, ++ buf[255], ++ requested_uri[1024]; ++ ++ /* Work on a copy of uri */ ++ strncpy(requested_uri, uri, sizeof(requested_uri)); ++ requested_uri[sizeof(requested_uri) - 1] = '\0'; ++ ++ /* ++ * libusb-discovered URIs can have an "interface" specification and this ++ * never happens for usblp-discovered URIs, so remove the "interface" ++ * specification from the URI which we are checking currently. This way a ++ * queue for a usblp-discovered printer can now be accessed via libusb ++ */ ++ if (((str1 = strstr(requested_uri, "interface=")) == NULL) && ++ ((str2 = strstr(device_uri, "interface=")) != NULL)) ++ { ++ *(str2 - 1) = '\0'; ++ } ++ ++ /* ++ * Old URI with "serial=?". Cut this part off and consider this as ++ * an URI without serial number ++ */ ++ if ((str1 = strstr(requested_uri, "serial=?")) != NULL) ++ *(str1 - 1) = '\0'; ++ ++ /* ++ * Old URI without serial number. Match it also with URIs with serial ++ * number ++ */ ++ if (((str1 = strstr(requested_uri, "serial=")) == NULL) && ++ ((str2 = strstr(device_uri, "serial=")) != NULL)) ++ *(str2 - 1) = '\0'; ++ ++ /* ++ * libusb-discovered URIs can have a "serial" specification when the ++ * usblp-discovered URI for the same printer does not have one, as ++ * with libusb we can discover serial numbers also with other methods ++ * than only via the device ID. Therefore we accept also a ++ * usblp-discovered printer without serial number as a match. This we ++ * do by removing the serial number from the queue's (libusb-discovered) ++ * URI before comparing. Also warn the user because of the incapability ++ * of the usblp-based access to distinguish printers by the serial ++ * number. ++ */ ++ if (((str1 = strstr(requested_uri, "serial=")) == NULL) && ++ ((str2 = strstr(device_uri, "serial=")) != NULL)) ++ { ++ *(str2 - 1) = '\0'; ++ if (backendGetMakeModel(device_id, buf, sizeof(buf)) == 0) ++ fprintf(stderr, "WARNING: If you have more than one %s printer connected to this machine, please make sure that the \"usblp\" kernel module is always unloaded (and blacklisted) and re-create the queues for these printers. Otherwise CUPS will not be able to distinguish them.\n", ++ buf); ++ } ++ ++ return (!strcmp(requested_uri, device_uri)); + } + + + /* +- * 'side_cb()' - Handle side-channel requests. ++ * 'side_cb_libusb()' - Handle side-channel requests. + */ + + static ssize_t /* O - Number of bytes written */ +-side_cb(usb_printer_t *printer, /* I - Printer */ ++side_cb_libusb(usb_printer_t *printer, /* I - Printer */ + int print_fd) /* I - File to print */ + { + ssize_t bytes, /* Bytes read/written */ +diff -urNad cups-1.4.3~/backend/usb-unix.c cups-1.4.3/backend/usb-unix.c +--- cups-1.4.3~/backend/usb-unix.c 2009-12-08 03:13:42.000000000 +0100 ++++ cups-1.4.3/backend/usb-unix.c 2010-04-09 15:56:30.799666933 +0200 +@@ -18,10 +18,10 @@ + * + * Contents: + * +- * print_device() - Print a file to a USB device. +- * list_devices() - List all USB devices. +- * open_device() - Open a USB device... +- * side_cb() - Handle side-channel requests... ++ * print_device_unix() - Print a file to a USB device. ++ * list_devices_unix() - List all USB devices. ++ * open_device_unix() - Open a USB device... ++ * side_cb_unix() - Handle side-channel requests... + */ + + /* +@@ -35,17 +35,17 @@ + * Local functions... + */ + +-static int open_device(const char *uri, int *use_bc); +-static int side_cb(int print_fd, int device_fd, int snmp_fd, ++static int open_device_unix(const char *uri, int *use_bc); ++static int side_cb_unix(int print_fd, int device_fd, int snmp_fd, + http_addr_t *addr, int use_bc); + + + /* +- * 'print_device()' - Print a file to a USB device. ++ * 'print_device_unix()' - Print a file to a USB device. + */ + + int /* O - Exit status */ +-print_device(const char *uri, /* I - Device URI */ ++print_device_unix(const char *uri, /* I - Device URI */ + const char *hostname, /* I - Hostname/manufacturer */ + const char *resource, /* I - Resource/modelname */ + char *options, /* I - Device options/serial number */ +@@ -102,7 +102,7 @@ + strncasecmp(hostname, "Minolta", 7); + #endif /* __FreeBSD__ || __NetBSD__ || __OpenBSD__ || __DragonFly__ */ + +- if ((device_fd = open_device(uri, &use_bc)) == -1) ++ if ((device_fd = open_device_unix(uri, &use_bc)) == -1) + { + if (getenv("CLASS") != NULL) + { +@@ -132,6 +132,10 @@ + _("INFO: Printer busy; will retry in 10 seconds...\n")); + sleep(10); + } ++#ifdef HAVE_USB_H ++ else ++ return (-1); ++#else + else if (errno == ENXIO || errno == EIO || errno == ENOENT || + errno == ENODEV) + { +@@ -147,6 +151,7 @@ + resource, strerror(errno)); + return (CUPS_BACKEND_FAILED); + } ++#endif + } + } + while (device_fd < 0); +@@ -190,7 +195,7 @@ + tbytes = backendRunLoop(print_fd, device_fd, -1, NULL, use_bc, 1, NULL); + + #else +- tbytes = backendRunLoop(print_fd, device_fd, -1, NULL, use_bc, 1, side_cb); ++ tbytes = backendRunLoop(print_fd, device_fd, -1, NULL, use_bc, 1, side_cb_unix); + #endif /* __sun */ + + if (print_fd != 0 && tbytes >= 0) +@@ -214,11 +219,11 @@ + + + /* +- * 'list_devices()' - List all USB devices. ++ * 'list_devices_unix()' - List all USB devices. + */ + + void +-list_devices(void) ++list_devices_unix(void) + { + #ifdef __linux + int i; /* Looping var */ +@@ -320,11 +325,11 @@ + + + /* +- * 'open_device()' - Open a USB device... ++ * 'open_device_unix()' - Open a USB device... + */ + + static int /* O - File descriptor or -1 on error */ +-open_device(const char *uri, /* I - Device URI */ ++open_device_unix(const char *uri, /* I - Device URI */ + int *use_bc) /* O - Set to 0 for unidirectional */ + { + int fd; /* File descriptor */ +@@ -357,9 +362,12 @@ + char device[255], /* Device filename */ + device_id[1024], /* Device ID string */ + make_model[1024], /* Make and model */ +- device_uri[1024]; /* Device URI string */ +- ++ device_uri[1024], /* Device URI string */ ++ requested_uri[1024], /* Device URI string */ ++ *str1, ++ *str2; + ++ + /* + * Find the correct USB device... + */ +@@ -407,7 +415,55 @@ + device_uri[0] = '\0'; + } + +- if (!strcmp(uri, device_uri)) ++ /* Work on a copy of uri */ ++ strncpy(requested_uri, uri, sizeof(requested_uri)); ++ requested_uri[sizeof(requested_uri) - 1] = '\0'; ++ ++ /* ++ * libusb-discovered URIs can have an "interface" specification and this ++ * never happens for usblp-discovered URIs, so remove the "interface" ++ * specification from the URI of the print queue. This way a queue for ++ * a libusb-discovered printer can now be accessed via the usblip kernel ++ * module ++ */ ++ if ((str1 = strstr(requested_uri, "interface=")) != NULL) ++ *(str1 - 1) = '\0'; ++ ++ /* ++ * Old URI with "serial=?". Cut this part off and consider this as ++ * an URI without serial number ++ */ ++ if ((str1 = strstr(requested_uri, "serial=?")) != NULL) ++ *(str1 - 1) = '\0'; ++ ++ /* ++ * Old URI without serial number. Match it also with URIs with serial ++ * number ++ */ ++ if (((str1 = strstr(requested_uri, "serial=")) == NULL) && ++ ((str2 = strstr(device_uri, "serial=")) != NULL)) ++ *(str2 - 1) = '\0'; ++ ++ /* ++ * libusb-discovered URIs can have a "serial" specification when the ++ * usblp-discovered URI for the same printer does not have one, as ++ * with libusb we can discover serial numbers also with other methods ++ * than only via the device ID. Therefore we accept also a ++ * usblp-discovered printer without serial number as a match. This we ++ * do by removing the serial number from the queue's (libusb-discovered) ++ * URI before comparing. Also warn the user because of the incapability ++ * of the usblp-based access to distinguish printers by the serial ++ * number. ++ */ ++ if (((str1 = strstr(requested_uri, "serial=")) != NULL) && ++ ((str2 = strstr(device_uri, "serial=")) == NULL)) ++ { ++ *(str1 - 1) = '\0'; ++ fprintf(stderr, "WARNING: If you have more than one %s printer connected to this machine, please unload (and blacklist) the \"usblp\" kernel module as otherwise CUPS will not be able to distinguish your printers.\n", ++ make_model); ++ } ++ ++ if (!strcmp(requested_uri, device_uri)) + { + /* + * Yes, return this file descriptor... +@@ -433,10 +489,14 @@ + */ + + if (busy) ++ { + _cupsLangPuts(stderr, + _("INFO: Printer busy; will retry in 5 seconds...\n")); + +- sleep(5); ++ sleep(5); ++ } ++ else ++ return -1; + } + } + #elif defined(__sun) && defined(ECPPIOC_GETDEVID) +@@ -557,11 +617,11 @@ + + + /* +- * 'side_cb()' - Handle side-channel requests... ++ * 'side_cb_unix()' - Handle side-channel requests... + */ + + static int /* O - 0 on success, -1 on error */ +-side_cb(int print_fd, /* I - Print file */ ++side_cb_unix(int print_fd, /* I - Print file */ + int device_fd, /* I - Device file */ + int snmp_fd, /* I - SNMP socket (unused) */ + http_addr_t *addr, /* I - Device address (unused) */ +diff -urNad cups-1.4.3~/backend/usb.c cups-1.4.3/backend/usb.c +--- cups-1.4.3~/backend/usb.c 2008-06-24 03:28:36.000000000 +0200 ++++ cups-1.4.3/backend/usb.c 2010-04-09 15:56:04.345707078 +0200 +@@ -56,7 +56,7 @@ + */ + + #ifdef HAVE_USB_H +-# include "usb-libusb.c" ++# include "usb-hybrid.c" + #elif defined(__APPLE__) + # include "usb-darwin.c" + #elif defined(__linux) || defined(__sun) || defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || defined(__DragonFly__) || defined(__FreeBSD_kernel__) diff --git a/patches/source/curl/cacert-fetch.sh b/patches/source/curl/cacert-fetch.sh new file mode 100755 index 00000000..d0f156e2 --- /dev/null +++ b/patches/source/curl/cacert-fetch.sh @@ -0,0 +1 @@ +lftpget http://curl.haxx.se/ca/cacert.pem && rm cacert.pem.bz2 && bzip2 -9 cacert.pem diff --git a/patches/source/curl/cacert.pem b/patches/source/curl/cacert.pem new file mode 100644 index 00000000..8f1357b6 --- /dev/null +++ b/patches/source/curl/cacert.pem @@ -0,0 +1,3955 @@ +## +## Bundle of CA Root Certificates +## +## Certificate data from Mozilla as of: Wed Jun 7 03:12:05 2017 GMT +## +## This is a bundle of X.509 certificates of public Certificate Authorities +## (CA). These were automatically extracted from Mozilla's root certificates +## file (certdata.txt). This file can be found in the mozilla source tree: +## https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt +## +## It contains the certificates in PEM format and therefore +## can be directly used with curl / libcurl / php_curl, or with +## an Apache+mod_ssl webserver for SSL client authentication. +## Just configure this file as the SSLCACertificateFile. +## +## Conversion done with mk-ca-bundle.pl version 1.27. +## SHA256: 93753268e1c596aee21893fb1c6975338389132f15c942ed65fc394a904371d7 +## + + +GlobalSign Root CA +================== +-----BEGIN CERTIFICATE----- +MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkGA1UEBhMCQkUx +GTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jvb3QgQ0ExGzAZBgNVBAMTEkds +b2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAwMDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNV +BAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYD +VQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa +DuaZjc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavpxy0Sy6sc +THAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp1Wrjsok6Vjk4bwY8iGlb +Kk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdGsnUOhugZitVtbNV4FpWi6cgKOOvyJBNP +c1STE4U6G7weNLWLBYy5d4ux2x8gkasJU26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrX +gzT/LCrBbBlDSgeF59N89iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV +HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0BAQUF +AAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOzyj1hTdNGCbM+w6Dj +Y1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE38NflNUVyRRBnMRddWQVDf9VMOyG +j/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymPAbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhH +hm4qxFYxldBniYUr+WymXUadDKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveC +X4XSQRjbgbMEHMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A== +-----END CERTIFICATE----- + +GlobalSign Root CA - R2 +======================= +-----BEGIN CERTIFICATE----- +MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4GA1UECxMXR2xv +YmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2Jh +bFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxT +aWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2ln +bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6 +ErPLv4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8eoLrvozp +s6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklqtTleiDTsvHgMCJiEbKjN +S7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzdC9XZzPnqJworc5HGnRusyMvo4KD0L5CL +TfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pazq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6C +ygPCm48CAwEAAaOBnDCBmTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E +FgQUm+IHV2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5nbG9i +YWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG3lm0mi3f3BmGLjAN +BgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4GsJ0/WwbgcQ3izDJr86iw8bmEbTUsp +9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu +01yiPqFbQfXf5WRDLenVOavSot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG7 +9G+dwfCMNYxdAfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7 +TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg== +-----END CERTIFICATE----- + +Verisign Class 3 Public Primary Certification Authority - G3 +============================================================ +-----BEGIN CERTIFICATE----- +MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQswCQYDVQQGEwJV +UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv +cmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl +IG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQsw +CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy +dXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhv +cml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDMgUHVibGljIFByaW1hcnkg +Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAMu6nFL8eB8aHm8bN3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1 +EUGO+i2tKmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGukxUc +cLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBmCC+Vk7+qRy+oRpfw +EuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJXwzw3sJ2zq/3avL6QaaiMxTJ5Xpj +055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWuimi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEA +ERSWwauSCPc/L8my/uRan2Te2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5f +j267Cz3qWhMeDGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC +/Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565pF4ErWjfJXir0 +xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGtTxzhT5yvDwyd93gN2PQ1VoDa +t20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ== +-----END CERTIFICATE----- + +Entrust.net Premium 2048 Secure Server CA +========================================= +-----BEGIN CERTIFICATE----- +MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChMLRW50cnVzdC5u +ZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBpbmNvcnAuIGJ5IHJlZi4gKGxp +bWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNV +BAMTKkVudHJ1c3QubmV0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQx +NzUwNTFaFw0yOTA3MjQxNDE1MTJaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3 +d3d3LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTEl +MCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5u +ZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEArU1LqRKGsuqjIAcVFmQqK0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOL +Gp18EzoOH1u3Hs/lJBQesYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSr +hRSGlVuXMlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVTXTzW +nLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/HoZdenoVve8AjhUi +VBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH4QIDAQABo0IwQDAOBgNVHQ8BAf8E +BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUVeSB0RGAvtiJuQijMfmhJAkWuXAwDQYJ +KoZIhvcNAQEFBQADggEBADubj1abMOdTmXx6eadNl9cZlZD7Bh/KM3xGY4+WZiT6QBshJ8rmcnPy +T/4xmf3IDExoU8aAghOY+rat2l098c5u9hURlIIM7j+VrxGrD9cv3h8Dj1csHsm7mhpElesYT6Yf +zX1XEC+bBAlahLVu2B064dae0Wx5XnkcFMXj0EyTO2U87d89vqbllRrDtRnDvV5bu/8j72gZyxKT +J1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+bYQLCIt+jerXmCHG8+c8eS9e +nNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/ErfF6adulZkMV8gzURZVE= +-----END CERTIFICATE----- + +Baltimore CyberTrust Root +========================= +-----BEGIN CERTIFICATE----- +MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJRTESMBAGA1UE +ChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3li +ZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoXDTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMC +SUUxEjAQBgNVBAoTCUJhbHRpbW9yZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFs +dGltb3JlIEN5YmVyVHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKME +uyKrmD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjrIZ3AQSsB +UnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeKmpYcqWe4PwzV9/lSEy/C +G9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSuXmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9 +XbIGevOF6uvUA65ehD5f/xXtabz5OTZydc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjpr +l3RjM71oGDHweI12v/yejl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoI +VDaGezq1BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEB +BQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT929hkTI7gQCvlYpNRh +cL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3WgxjkzSswF07r51XgdIGn9w/xZchMB5 +hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsa +Y71k5h+3zvDyny67G7fyUIhzksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9H +RCwBXbsdtTLSR9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp +-----END CERTIFICATE----- + +AddTrust Low-Value Services Root +================================ +-----BEGIN CERTIFICATE----- +MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML +QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRU +cnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMwMTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQsw +CQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBO +ZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ulCDtbKRY6 +54eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6ntGO0/7Gcrjyvd7ZWxbWr +oulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyldI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1 +Zmne3yzxbrww2ywkEtvrNTVokMsAsJchPXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJui +GMx1I4S+6+JNM3GOGvDC+Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8w +HQYDVR0OBBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8EBTAD +AQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBlMQswCQYDVQQGEwJT +RTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEw +HwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxt +ZBsfzQ3duQH6lmM0MkhHma6X7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0Ph +iVYrqW9yTkkz43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY +eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJlpz/+0WatC7xr +mYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOAWiFeIc9TVPC6b4nbqKqVz4vj +ccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk= +-----END CERTIFICATE----- + +AddTrust External Root +====================== +-----BEGIN CERTIFICATE----- +MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEUMBIGA1UEChML +QWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYD +VQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEw +NDgzOFowbzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRU +cnVzdCBFeHRlcm5hbCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0Eg +Um9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvtH7xsD821 ++iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9uMq/NzgtHj6RQa1wVsfw +Tz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzXmk6vBbOmcZSccbNQYArHE504B4YCqOmo +aSYYkKtMsE8jqzpPhNjfzp/haW+710LXa0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy +2xSoRcRdKn23tNbE7qzNE0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv7 +7+ldU9U0WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYDVR0P +BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0Jvf6xCZU7wO94CTL +VBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEmMCQGA1UECxMdQWRk +VHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsxIjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENB +IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZl +j7DYd7usQWxHYINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5 +6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvCNr4TDea9Y355 +e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEXc4g/VhsxOBi0cQ+azcgOno4u +G+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5amnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ= +-----END CERTIFICATE----- + +AddTrust Public Services Root +============================= +-----BEGIN CERTIFICATE----- +MIIEFTCCAv2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJTRTEUMBIGA1UEChML +QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSAwHgYDVQQDExdBZGRU +cnVzdCBQdWJsaWMgQ0EgUm9vdDAeFw0wMDA1MzAxMDQxNTBaFw0yMDA1MzAxMDQxNTBaMGQxCzAJ +BgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5l +dHdvcmsxIDAeBgNVBAMTF0FkZFRydXN0IFB1YmxpYyBDQSBSb290MIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+A3S72mnTRqX4jsIMEZBRpS9mVEBV6tsfSlbu +nyNu9DnLoblv8n75XYcmYZ4c+OLspoH4IcUkzBEMP9smcnrHAZcHF/nXGCwwfQ56HmIexkvA/X1i +d9NEHif2P0tEs7c42TkfYNVRknMDtABp4/MUTu7R3AnPdzRGULD4EfL+OHn3Bzn+UZKXC1sIXzSG +Aa2Il+tmzV7R/9x98oTaunet3IAIx6eH1lWfl2royBFkuucZKT8Rs3iQhCBSWxHveNCD9tVIkNAw +HM+A+WD+eeSI8t0A65RF62WUaUC6wNW0uLp9BBGo6zEFlpROWCGOn9Bg/QIDAQABo4HRMIHOMB0G +A1UdDgQWBBSBPjfYkrAfd59ctKtzquf2NGAv+jALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB +/zCBjgYDVR0jBIGGMIGDgBSBPjfYkrAfd59ctKtzquf2NGAv+qFopGYwZDELMAkGA1UEBhMCU0Ux +FDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRUcnVzdCBUVFAgTmV0d29yazEgMB4G +A1UEAxMXQWRkVHJ1c3QgUHVibGljIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBAAP3FUr4 +JNojVhaTdt02KLmuG7jD8WS6IBh4lSknVwW8fCr0uVFV2ocC3g8WFzH4qnkuCRO7r7IgGRLlk/lL ++YPoRNWyQSW/iHVv/xD8SlTQX/D67zZzfRs2RcYhbbQVuE7PnFylPVoAjgbjPGsye/Kf8Lb93/Ao +GEjwxrzQvzSAlsJKsW2Ox5BF3i9nrEUEo3rcVZLJR2bYGozH7ZxOmuASu7VqTITh4SINhwBk/ox9 +Yjllpu9CtoAlEmEBqCQTcAARJl/6NVDFSMwGR+gn2HCNX2TmoUQmXiLsks3/QppEIW1cxeMiHV9H +EufOX1362KqxMy3ZdvJOOjMMK7MtkAY= +-----END CERTIFICATE----- + +AddTrust Qualified Certificates Root +==================================== +-----BEGIN CERTIFICATE----- +MIIEHjCCAwagAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJTRTEUMBIGA1UEChML +QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSMwIQYDVQQDExpBZGRU +cnVzdCBRdWFsaWZpZWQgQ0EgUm9vdDAeFw0wMDA1MzAxMDQ0NTBaFw0yMDA1MzAxMDQ0NTBaMGcx +CzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQ +IE5ldHdvcmsxIzAhBgNVBAMTGkFkZFRydXN0IFF1YWxpZmllZCBDQSBSb290MIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoekn0e+EV+vhDTbYjx5eLfpMLXsDBwqxBb/4Oxx +64r1EW7tTw2R0hIYLUkVAcKkIhPHEWT/IhKauY5cLwjPcWqzZwFZ8V1G87B4pfYOQnrjfxvM0PC3 +KP0q6p6zsLkEqv32x7SxuCqg+1jxGaBvcCV+PmlKfw8i2O+tCBGaKZnhqkRFmhJePp1tUvznoD1o +L/BLcHwTOK28FSXx1s6rosAx1i+f4P8UWfyEk9mHfExUE+uf0S0R+Bg6Ot4l2ffTQO2kBhLEO+GR +wVY18BTcZTYJbqukB8c10cIDMzZbdSZtQvESa0NvS3GU+jQd7RNuyoB/mC9suWXY6QIDAQABo4HU +MIHRMB0GA1UdDgQWBBQ5lYtii1zJ1IC6WA+XPxUIQ8yYpzALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/ +BAUwAwEB/zCBkQYDVR0jBIGJMIGGgBQ5lYtii1zJ1IC6WA+XPxUIQ8yYp6FrpGkwZzELMAkGA1UE +BhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRUcnVzdCBUVFAgTmV0d29y +azEjMCEGA1UEAxMaQWRkVHJ1c3QgUXVhbGlmaWVkIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQAD +ggEBABmrder4i2VhlRO6aQTvhsoToMeqT2QbPxj2qC0sVY8FtzDqQmodwCVRLae/DLPt7wh/bDxG +GuoYQ992zPlmhpwsaPXpF/gxsxjE1kh9I0xowX67ARRvxdlu3rsEQmr49lx95dr6h+sNNVJn0J6X +dgWTP5XHAeZpVTh/EGGZyeNfpso+gmNIquIISD6q8rKFYqa0p9m9N5xotS1WfbC3P6CxB9bpT9ze +RXEwMn8bLgn5v1Kh7sKAPgZcLlVAwRv1cEWw3F369nJad9Jjzc9YiQBCYz95OdBEsIJuQRno3eDB +iFrRHnGTHyQwdOUeqN48Jzd/g66ed8/wMLH/S5noxqE= +-----END CERTIFICATE----- + +Entrust Root Certification Authority +==================================== +-----BEGIN CERTIFICATE----- +MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMCVVMxFjAUBgNV +BAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0Lm5ldC9DUFMgaXMgaW5jb3Jw +b3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMWKGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsG +A1UEAxMkRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA2MTEyNzIwMjM0 +MloXDTI2MTEyNzIwNTM0MlowgbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMu +MTkwNwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSByZWZlcmVu +Y2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNVBAMTJEVudHJ1c3QgUm9v +dCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +ALaVtkNC+sZtKm9I35RMOVcF7sN5EUFoNu3s/poBj6E4KPz3EEZmLk0eGrEaTsbRwJWIsMn/MYsz +A9u3g3s+IIRe7bJWKKf44LlAcTfFy0cOlypowCKVYhXbR9n10Cv/gkvJrT7eTNuQgFA/CYqEAOww +Cj0Yzfv9KlmaI5UXLEWeH25DeW0MXJj+SKfFI0dcXv1u5x609mhF0YaDW6KKjbHjKYD+JXGIrb68 +j6xSlkuqUY3kEzEZ6E5Nn9uss2rVvDlUccp6en+Q3X0dgNmBu1kmwhH+5pPi94DkZfs0Nw4pgHBN +rziGLp5/V6+eF67rHMsoIV+2HNjnogQi+dPa2MsCAwEAAaOBsDCBrTAOBgNVHQ8BAf8EBAMCAQYw +DwYDVR0TAQH/BAUwAwEB/zArBgNVHRAEJDAigA8yMDA2MTEyNzIwMjM0MlqBDzIwMjYxMTI3MjA1 +MzQyWjAfBgNVHSMEGDAWgBRokORnpKZTgMeGZqTx90tD+4S9bTAdBgNVHQ4EFgQUaJDkZ6SmU4DH +hmak8fdLQ/uEvW0wHQYJKoZIhvZ9B0EABBAwDhsIVjcuMTo0LjADAgSQMA0GCSqGSIb3DQEBBQUA +A4IBAQCT1DCw1wMgKtD5Y+iRDAUgqV8ZyntyTtSx29CW+1RaGSwMCPeyvIWonX9tO1KzKtvn1ISM +Y/YPyyYBkVBs9F8U4pN0wBOeMDpQ47RgxRzwIkSNcUesyBrJ6ZuaAGAT/3B+XxFNSRuzFVJ7yVTa +v52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP9WQcCk3RvKqsnyrQ/39/2n3qse0wJcGE2jTS +W3iDVuycNsMm4hH2Z0kdkquM++v/eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0 +tHuu2guQOHXvgR1m0vdXcDazv/wor3ElhVsT/h5/WrQ8 +-----END CERTIFICATE----- + +GeoTrust Global CA +================== +-----BEGIN CERTIFICATE----- +MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVTMRYwFAYDVQQK +Ew1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9iYWwgQ0EwHhcNMDIwNTIxMDQw +MDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5j +LjEbMBkGA1UEAxMSR2VvVHJ1c3QgR2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEA2swYYzD99BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjo +BbdqfnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDviS2Aelet +8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU1XupGc1V3sjs0l44U+Vc +T4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+bw8HHa8sHo9gOeL6NlMTOdReJivbPagU +vTLrGAMoUgRx5aszPeE4uwc2hGKceeoWMPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBTAephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVk +DBF9qn1luMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKInZ57Q +zxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfStQWVYrmm3ok9Nns4 +d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcFPseKUgzbFbS9bZvlxrFUaKnjaZC2 +mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Unhw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6p +XE0zX5IJL4hmXXeXxx12E6nV5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvm +Mw== +-----END CERTIFICATE----- + +GeoTrust Global CA 2 +==================== +-----BEGIN CERTIFICATE----- +MIIDZjCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN +R2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFsIENBIDIwHhcNMDQwMzA0MDUw +MDAwWhcNMTkwMzA0MDUwMDAwWjBEMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5j +LjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFsIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQDvPE1APRDfO1MA4Wf+lGAVPoWI8YkNkMgoI5kF6CsgncbzYEbYwbLVjDHZ3CB5JIG/ +NTL8Y2nbsSpr7iFY8gjpeMtvy/wWUsiRxP89c96xPqfCfWbB9X5SJBri1WeR0IIQ13hLTytCOb1k +LUCgsBDTOEhGiKEMuzozKmKY+wCdE1l/bztyqu6mD4b5BWHqZ38MN5aL5mkWRxHCJ1kDs6ZgwiFA +Vvqgx306E+PsV8ez1q6diYD3Aecs9pYrEw15LNnA5IZ7S4wMcoKK+xfNAGw6EzywhIdLFnopsk/b +HdQL82Y3vdj2V7teJHq4PIu5+pIaGoSe2HSPqht/XvT+RSIhAgMBAAGjYzBhMA8GA1UdEwEB/wQF +MAMBAf8wHQYDVR0OBBYEFHE4NvICMVNHK266ZUapEBVYIAUJMB8GA1UdIwQYMBaAFHE4NvICMVNH +K266ZUapEBVYIAUJMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAQEAA/e1K6tdEPx7 +srJerJsOflN4WT5CBP51o62sgU7XAotexC3IUnbHLB/8gTKY0UvGkpMzNTEv/NgdRN3ggX+d6Yvh +ZJFiCzkIjKx0nVnZellSlxG5FntvRdOW2TF9AjYPnDtuzywNA0ZF66D0f0hExghAzN4bcLUprbqL +OzRldRtxIR0sFAqwlpW41uryZfspuk/qkZN0abby/+Ea0AzRdoXLiiW9l14sbxWZJue2Kf8i7MkC +x1YAzUm5s2x7UwQa4qjJqhIFI8LO57sEAszAR6LkxCkvW0VXiVHuPOtSCP8HNR6fNWpHSlaY0VqF +H4z1Ir+rzoPz4iIprn2DQKi6bA== +-----END CERTIFICATE----- + +GeoTrust Universal CA +===================== +-----BEGIN CERTIFICATE----- +MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN +R2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVyc2FsIENBMB4XDTA0MDMwNDA1 +MDAwMFoXDTI5MDMwNDA1MDAwMFowRTELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IElu +Yy4xHjAcBgNVBAMTFUdlb1RydXN0IFVuaXZlcnNhbCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIP +ADCCAgoCggIBAKYVVaCjxuAfjJ0hUNfBvitbtaSeodlyWL0AG0y/YckUHUWCq8YdgNY96xCcOq9t +JPi8cQGeBvV8Xx7BDlXKg5pZMK4ZyzBIle0iN430SppyZj6tlcDgFgDgEB8rMQ7XlFTTQjOgNB0e +RXbdT8oYN+yFFXoZCPzVx5zw8qkuEKmS5j1YPakWaDwvdSEYfyh3peFhF7em6fgemdtzbvQKoiFs +7tqqhZJmr/Z6a4LauiIINQ/PQvE1+mrufislzDoR5G2vc7J2Ha3QsnhnGqQ5HFELZ1aD/ThdDc7d +8Lsrlh/eezJS/R27tQahsiFepdaVaH/wmZ7cRQg+59IJDTWU3YBOU5fXtQlEIGQWFwMCTFMNaN7V +qnJNk22CDtucvc+081xdVHppCZbW2xHBjXWotM85yM48vCR85mLK4b19p71XZQvk/iXttmkQ3Cga +Rr0BHdCXteGYO8A3ZNY9lO4L4fUorgtWv3GLIylBjobFS1J72HGrH4oVpjuDWtdYAVHGTEHZf9hB +Z3KiKN9gg6meyHv8U3NyWfWTehd2Ds735VzZC1U0oqpbtWpU5xPKV+yXbfReBi9Fi1jUIxaS5BZu +KGNZMN9QAZxjiRqf2xeUgnA3wySemkfWWspOqGmJch+RbNt+nhutxx9z3SxPGWX9f5NAEC7S8O08 +ni4oPmkmM8V7AgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNq7LqqwDLiIJlF0 +XG0D08DYj3rWMB8GA1UdIwQYMBaAFNq7LqqwDLiIJlF0XG0D08DYj3rWMA4GA1UdDwEB/wQEAwIB +hjANBgkqhkiG9w0BAQUFAAOCAgEAMXjmx7XfuJRAyXHEqDXsRh3ChfMoWIawC/yOsjmPRFWrZIRc +aanQmjg8+uUfNeVE44B5lGiku8SfPeE0zTBGi1QrlaXv9z+ZhP015s8xxtxqv6fXIwjhmF7DWgh2 +qaavdy+3YL1ERmrvl/9zlcGO6JP7/TG37FcREUWbMPEaiDnBTzynANXH/KttgCJwpQzgXQQpAvvL +oJHRfNbDflDVnVi+QTjruXU8FdmbyUqDWcDaU/0zuzYYm4UPFd3uLax2k7nZAY1IEKj79TiG8dsK +xr2EoyNB3tZ3b4XUhRxQ4K5RirqNPnbiucon8l+f725ZDQbYKxek0nxru18UGkiPGkzns0ccjkxF +KyDuSN/n3QmOGKjaQI2SJhFTYXNd673nxE0pN2HrrDktZy4W1vUAg4WhzH92xH3kt0tm7wNFYGm2 +DFKWkoRepqO1pD4r2czYG0eq8kTaT/kD6PAUyz/zg97QwVTjt+gKN02LIFkDMBmhLMi9ER/frslK +xfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQtDF4JbAiXfKM9fJP/P6EU +p8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/SfuvmbJxPgWp6ZKy7PtXny3YuxadIwVyQD8vI +P/rmMuGNG2+k5o7Y+SlIis5z/iw= +-----END CERTIFICATE----- + +GeoTrust Universal CA 2 +======================= +-----BEGIN CERTIFICATE----- +MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN +R2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVyc2FsIENBIDIwHhcNMDQwMzA0 +MDUwMDAwWhcNMjkwMzA0MDUwMDAwWjBHMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3Qg +SW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVyc2FsIENBIDIwggIiMA0GCSqGSIb3DQEBAQUA +A4ICDwAwggIKAoICAQCzVFLByT7y2dyxUxpZKeexw0Uo5dfR7cXFS6GqdHtXr0om/Nj1XqduGdt0 +DE81WzILAePb63p3NeqqWuDW6KFXlPCQo3RWlEQwAx5cTiuFJnSCegx2oG9NzkEtoBUGFF+3Qs17 +j1hhNNwqCPkuwwGmIkQcTAeC5lvO0Ep8BNMZcyfwqph/Lq9O64ceJHdqXbboW0W63MOhBW9Wjo8Q +JqVJwy7XQYci4E+GymC16qFjwAGXEHm9ADwSbSsVsaxLse4YuU6W3Nx2/zu+z18DwPw76L5GG//a +QMJS9/7jOvdqdzXQ2o3rXhhqMcceujwbKNZrVMaqW9eiLBsZzKIC9ptZvTdrhrVtgrrY6slWvKk2 +WP0+GfPtDCapkzj4T8FdIgbQl+rhrcZV4IErKIM6+vR7IVEAvlI4zs1meaj0gVbi0IMJR1FbUGrP +20gaXT73y/Zl92zxlfgCOzJWgjl6W70viRu/obTo/3+NjN8D8WBOWBFM66M/ECuDmgFz2ZRthAAn +ZqzwcEAJQpKtT5MNYQlRJNiS1QuUYbKHsu3/mjX/hVTK7URDrBs8FmtISgocQIgfksILAAX/8sgC +SqSqqcyZlpwvWOB94b67B9xfBHJcMTTD7F8t4D1kkCLm0ey4Lt1ZrtmhN79UNdxzMk+MBB4zsslG +8dhcyFVQyWi9qLo2CQIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR281Xh+qQ2 ++/CfXGJx7Tz0RzgQKzAfBgNVHSMEGDAWgBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAOBgNVHQ8BAf8E +BAMCAYYwDQYJKoZIhvcNAQEFBQADggIBAGbBxiPz2eAubl/oz66wsCVNK/g7WJtAJDday6sWSf+z +dXkzoS9tcBc0kf5nfo/sm+VegqlVHy/c1FEHEv6sFj4sNcZj/NwQ6w2jqtB8zNHQL1EuxBRa3ugZ +4T7GzKQp5y6EqgYweHZUcyiYWTjgAA1i00J9IZ+uPTqM1fp3DRgrFg5fNuH8KrUwJM/gYwx7WBr+ +mbpCErGR9Hxo4sjoryzqyX6uuyo9DRXcNJW2GHSoag/HtPQTxORb7QrSpJdMKu0vbBKJPfEncKpq +A1Ihn0CoZ1Dy81of398j9tx4TuaYT1U6U+Pv8vSfx3zYWK8pIpe44L2RLrB27FcRz+8pRPPphXpg +Y+RdM4kX2TGq2tbzGDVyz4crL2MjhF2EjD9XoIj8mZEoJmmZ1I+XRL6O1UixpCgp8RW04eWe3fiP +pm8m1wk8OhwRDqZsN/etRIcsKMfYdIKz0G9KV7s1KSegi+ghp4dkNl3M2Basx7InQJJVOCiNUW7d +FGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH6aLcr34YEoP9VhdBLtUp +gn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwXQMAJKOSLakhT2+zNVVXxxvjpoixMptEm +X36vWkzaH6byHCx+rgIW0lbQL1dTR+iS +-----END CERTIFICATE----- + +Visa eCommerce Root +=================== +-----BEGIN CERTIFICATE----- +MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBrMQswCQYDVQQG +EwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5hdGlvbmFsIFNlcnZpY2Ug +QXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNvbW1lcmNlIFJvb3QwHhcNMDIwNjI2MDIxODM2 +WhcNMjIwNjI0MDAxNjEyWjBrMQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMm +VmlzYSBJbnRlcm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNv +bW1lcmNlIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvV95WHm6h2mCxlCfL +F9sHP4CFT8icttD0b0/Pmdjh28JIXDqsOTPHH2qLJj0rNfVIsZHBAk4ElpF7sDPwsRROEW+1QK8b +RaVK7362rPKgH1g/EkZgPI2h4H3PVz4zHvtH8aoVlwdVZqW1LS7YgFmypw23RuwhY/81q6UCzyr0 +TP579ZRdhE2o8mCP2w4lPJ9zcc+U30rq299yOIzzlr3xF7zSujtFWsan9sYXiwGd/BmoKoMWuDpI +/k4+oKsGGelT84ATB+0tvz8KPFUgOSwsAGl0lUq8ILKpeeUYiZGo3BxN77t+Nwtd/jmliFKMAGzs +GHxBvfaLdXe6YJ2E5/4tAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG +MB0GA1UdDgQWBBQVOIMPPyw/cDMezUb+B4wg4NfDtzANBgkqhkiG9w0BAQUFAAOCAQEAX/FBfXxc +CLkr4NWSR/pnXKUTwwMhmytMiUbPWU3J/qVAtmPN3XEolWcRzCSs00Rsca4BIGsDoo8Ytyk6feUW +YFN4PMCvFYP3j1IzJL1kk5fui/fbGKhtcbP3LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pz +zkWKsKZJ/0x9nXGIxHYdkFsd7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBu +YQa7FkKMcPcw++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt +398znM/jra6O1I7mT1GvFpLgXPYHDw== +-----END CERTIFICATE----- + +Certum Root CA +============== +-----BEGIN CERTIFICATE----- +MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBMMRswGQYDVQQK +ExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBDQTAeFw0wMjA2MTExMDQ2Mzla +Fw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBMMRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8u +by4xEjAQBgNVBAMTCUNlcnR1bSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6x +wS7TT3zNJc4YPk/EjG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdL +kKWoePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GIULdtlkIJ +89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapuOb7kky/ZR6By6/qmW6/K +Uz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUgAKpoC6EahQGcxEZjgoi2IrHu/qpGWX7P +NSzVttpd90gzFFS269lvzs2I1qsb2pY7HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkq +hkiG9w0BAQUFAAOCAQEAuI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+ +GXYkHAQaTOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTgxSvg +GrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1qCjqTE5s7FCMTY5w/ +0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5xO/fIR/RpbxXyEV6DHpx8Uq79AtoS +qFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs6GAqm4VKQPNriiTsBhYscw== +-----END CERTIFICATE----- + +Comodo AAA Services root +======================== +-----BEGIN CERTIFICATE----- +MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEbMBkGA1UECAwS +R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0Eg +TGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAw +MFoXDTI4MTIzMTIzNTk1OVowezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hl +c3RlcjEQMA4GA1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV +BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQuaBtDFcCLNSS1UY8y2bmhG +C1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe3M/vg4aijJRPn2jymJBGhCfHdr/jzDUs +i14HZGWCwEiwqJH5YZ92IFCokcdmtet4YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszW +Y19zjNoFmag4qMsXeDZRrOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjH +Ypy+g8cmez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQUoBEK +Iz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wewYDVR0f +BHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20vQUFBQ2VydGlmaWNhdGVTZXJ2aWNl +cy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29tb2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2Vz +LmNybDANBgkqhkiG9w0BAQUFAAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm +7l3sAg9g1o1QGE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz +Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2G9w84FoVxp7Z +8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsil2D4kF501KKaU73yqWjgom7C +12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg== +-----END CERTIFICATE----- + +Comodo Secure Services root +=========================== +-----BEGIN CERTIFICATE----- +MIIEPzCCAyegAwIBAgIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwS +R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0Eg +TGltaXRlZDEkMCIGA1UEAwwbU2VjdXJlIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAw +MDAwMFoXDTI4MTIzMTIzNTk1OVowfjELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFu +Y2hlc3RlcjEQMA4GA1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxJDAi +BgNVBAMMG1NlY3VyZSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAMBxM4KK0HDrc4eCQNUd5MvJDkKQ+d40uaG6EfQlhfPMcm3ye5drswfxdySRXyWP +9nQ95IDC+DwN879A6vfIUtFyb+/Iq0G4bi4XKpVpDM3SHpR7LZQdqnXXs5jLrLxkU0C8j6ysNstc +rbvd4JQX7NFc0L/vpZXJkMWwrPsbQ996CF23uPJAGysnnlDOXmWCiIxe004MeuoIkbY2qitC++rC +oznl2yY4rYsK7hljxxwk3wN42ubqwUcaCwtGCd0C/N7Lh1/XMGNooa7cMqG6vv5Eq2i2pRcV/b3V +p6ea5EQz6YiO/O1R65NxTq0B50SOqy3LqP4BSUjwwN3HaNiS/j0CAwEAAaOBxzCBxDAdBgNVHQ4E +FgQUPNiTiMLAggnMAZkGkyDpnnAJY08wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w +gYEGA1UdHwR6MHgwO6A5oDeGNWh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1NlY3VyZUNlcnRpZmlj +YXRlU2VydmljZXMuY3JsMDmgN6A1hjNodHRwOi8vY3JsLmNvbW9kby5uZXQvU2VjdXJlQ2VydGlm +aWNhdGVTZXJ2aWNlcy5jcmwwDQYJKoZIhvcNAQEFBQADggEBAIcBbSMdflsXfcFhMs+P5/OKlFlm +4J4oqF7Tt/Q05qo5spcWxYJvMqTpjOev/e/C6LlLqqP05tqNZSH7uoDrJiiFGv45jN5bBAS0VPmj +Z55B+glSzAVIqMk/IQQezkhr/IXownuvf7fM+F86/TXGDe+X3EyrEeFryzHRbPtIgKvcnDe4IRRL +DXE97IMzbtFuMhbsmMcWi1mmNKsFVy2T96oTy9IT4rcuO81rUBcJaD61JlfutuC23bkpgHl9j6Pw +pCikFcSF9CfUa7/lXORlAnZUtOM3ZiTTGWHIUhDlizeauan5Hb/qmZJhlv8BzaFfDbxxvA6sCx1H +RR3B7Hzs/Sk= +-----END CERTIFICATE----- + +Comodo Trusted Services root +============================ +-----BEGIN CERTIFICATE----- +MIIEQzCCAyugAwIBAgIBATANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJHQjEbMBkGA1UECAwS +R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0Eg +TGltaXRlZDElMCMGA1UEAwwcVHJ1c3RlZCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0wNDAxMDEw +MDAwMDBaFw0yODEyMzEyMzU5NTlaMH8xCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1h +bmNoZXN0ZXIxEDAOBgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSUw +IwYDVQQDDBxUcnVzdGVkIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQIIO0Yfyod5jWaHiWsnOWWfnJSoBVC21ndZHoa0Lh7 +3TkVvFVIxO06AOoxEbrycXQaZ7jPM8yoMa+j49d/vzMtTGo87IvDktJTdyR0nAducPy9C1t2ul/y +/9c3S0pgePfw+spwtOpZqqPOSC+pw7ILfhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6 +juljatEPmsbS9Is6FARW1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAEAtdbtz6SrGsS +ivnkBbA7kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt6wIDAQABo4HJMIHGMB0GA1Ud +DgQWBBTFe1i97doladL3WRaoszLAeydb9DAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB +/zCBgwYDVR0fBHwwejA8oDqgOIY2aHR0cDovL2NybC5jb21vZG9jYS5jb20vVHJ1c3RlZENlcnRp +ZmljYXRlU2VydmljZXMuY3JsMDqgOKA2hjRodHRwOi8vY3JsLmNvbW9kby5uZXQvVHJ1c3RlZENl +cnRpZmljYXRlU2VydmljZXMuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQDIk4E7ibSvuIQSTI3S8Ntw +uleGFTQQuS9/HrCoiWChisJ3DFBKmwCL2Iv0QeLQg4pKHBQGsKNoBXAxMKdTmw7pSqBYaWcOrp32 +pSxBvzwGa+RZzG0Q8ZZvH9/0BAKkn0U+yNj6NkZEUD+Cl5EfKNsYEYwq5GWDVxISjBc/lDb+XbDA +BHcTuPQV1T84zJQ6VdCsmPW6AF/ghhmBeC8owH7TzEIK9a5QoNE+xqFx7D+gIIxmOom0jtTYsU0l +R+4viMi14QVFwL4Ucd56/Y57fU0IlqUSc/AtyjcndBInTMu2l+nZrghtWjlA3QVHdWpaIbOjGM9O +9y5Xt5hwXsjEeLBi +-----END CERTIFICATE----- + +QuoVadis Root CA +================ +-----BEGIN CERTIFICATE----- +MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJCTTEZMBcGA1UE +ChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 +eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAz +MTkxODMzMzNaFw0yMTAzMTcxODMzMzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRp +cyBMaW1pdGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQD +EyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Ypli4kVEAkOPcahdxYTMuk +J0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2DrOpm2RgbaIr1VxqYuvXtdj182d6UajtL +F8HVj71lODqV0D1VNk7feVcxKh7YWWVJWCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeL +YzcS19Dsw3sgQUSj7cugF+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWen +AScOospUxbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCCAk4w +PQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVvdmFkaXNvZmZzaG9y +ZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREwggENMIIBCQYJKwYBBAG+WAABMIH7 +MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNlIG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmlj +YXRlIGJ5IGFueSBwYXJ0eSBhc3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJs +ZSBzdGFuZGFyZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh +Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYIKwYBBQUHAgEW +Fmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3TKbkGGew5Oanwl4Rqy+/fMIGu +BgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rqy+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkw +FwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0 +aG9yaXR5MS4wLAYDVQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6 +tlCLMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSkfnIYj9lo +fFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf87C9TqnN7Az10buYWnuul +LsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1RcHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2x +gI4JVrmcGmD+XcHXetwReNDWXcG31a0ymQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi +5upZIof4l/UO/erMkqQWxFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi +5nrQNiOKSnQ2+Q== +-----END CERTIFICATE----- + +QuoVadis Root CA 2 +================== +-----BEGIN CERTIFICATE----- +MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoT +EFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMjAeFw0wNjExMjQx +ODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM +aW1pdGVkMRswGQYDVQQDExJRdW9WYWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4IC +DwAwggIKAoICAQCaGMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6 +XJxgFyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55JWpzmM+Yk +lvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bBrrcCaoF6qUWD4gXmuVbB +lDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp+ARz8un+XJiM9XOva7R+zdRcAitMOeGy +lZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt +66/3FsvbzSUr5R/7mp/iUcw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1Jdxn +wQ5hYIizPtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og/zOh +D7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UHoycR7hYQe7xFSkyy +BNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuIyV77zGHcizN300QyNQliBJIWENie +J0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1Ud +DgQWBBQahGK8SEwzJQTU7tD2A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGU +a6FJpEcwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMT +ElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2fBluornFdLwUv +Z+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzng/iN/Ae42l9NLmeyhP3ZRPx3 +UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2BlfF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodm +VjB3pjd4M1IQWK4/YY7yarHvGH5KWWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK ++JDSV6IZUaUtl0HaB0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrW +IozchLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPRTUIZ3Ph1 +WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWDmbA4CD/pXvk1B+TJYm5X +f6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0ZohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II +4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8 +VCLAAVBpQ570su9t+Oza8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u +-----END CERTIFICATE----- + +QuoVadis Root CA 3 +================== +-----BEGIN CERTIFICATE----- +MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoT +EFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMzAeFw0wNjExMjQx +OTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM +aW1pdGVkMRswGQYDVQQDExJRdW9WYWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4IC +DwAwggIKAoICAQDMV0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNgg +DhoB4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUrH556VOij +KTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd8lyyBTNvijbO0BNO/79K +DDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9CabwvvWhDFlaJKjdhkf2mrk7AyxRllDdLkgbv +BNDInIjbC3uBr7E9KsRlOni27tyAsdLTmZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwp +p5ijJUMv7/FfJuGITfhebtfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8 +nT8KKdjcT5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDtWAEX +MJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZc6tsgLjoC2SToJyM +Gf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A4iLItLRkT9a6fUg+qGkM17uGcclz +uD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYDVR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHT +BgkrBgEEAb5YAAMwgcUwgZMGCCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmlj +YXRlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0 +aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVudC4wLQYIKwYB +BQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2NwczALBgNVHQ8EBAMCAQYwHQYD +VR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4GA1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4 +ywLQoUmkRzBFMQswCQYDVQQGEwJCTTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UE +AxMSUXVvVmFkaXMgUm9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZV +qyM07ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSemd1o417+s +hvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd+LJ2w/w4E6oM3kJpK27z +POuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2 +Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadNt54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp +8kokUvd0/bpO5qgdAm6xDYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBC +bjPsMZ57k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6szHXu +g/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0jWy10QJLZYxkNc91p +vGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeTmJlglFwjz1onl14LBQaTNx47aTbr +qZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK4SVhM7JZG+Ju1zdXtg2pEto= +-----END CERTIFICATE----- + +Security Communication Root CA +============================== +-----BEGIN CERTIFICATE----- +MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMP +U0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEw +HhcNMDMwOTMwMDQyMDQ5WhcNMjMwOTMwMDQyMDQ5WjBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMP +U0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzs/5/022x7xZ8V6UMbXaKL0u/ZPtM7orw +8yl89f/uKuDp6bpbZCKamm8sOiZpUQWZJtzVHGpxxpp9Hp3dfGzGjGdnSj74cbAZJ6kJDKaVv0uM +DPpVmDvY6CKhS3E4eayXkmmziX7qIWgGmBSWh9JhNrxtJ1aeV+7AwFb9Ms+k2Y7CI9eNqPPYJayX +5HA49LY6tJ07lyZDo6G8SVlyTCMwhwFY9k6+HGhWZq/NQV3Is00qVUarH9oe4kA92819uZKAnDfd +DJZkndwi92SL32HeFZRSFaB9UslLqCHJxrHty8OVYNEP8Ktw+N/LTX7s1vqr2b1/VPKl6Xn62dZ2 +JChzAgMBAAGjPzA9MB0GA1UdDgQWBBSgc0mZaNyFW2XjmygvV5+9M7wHSDALBgNVHQ8EBAMCAQYw +DwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaECpqLvkT115swW1F7NgE+vGkl3g +0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfrUj94nK9NrvjVT8+a +mCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5Bw+SUEmK3TGXX8npN6o7WWWXlDLJ +s58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJUJRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ +6rBK+1YWc26sTfcioU+tHXotRSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAi +FL39vmwLAw== +-----END CERTIFICATE----- + +Sonera Class 2 Root CA +====================== +-----BEGIN CERTIFICATE----- +MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEPMA0GA1UEChMG +U29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAxMDQwNjA3Mjk0MFoXDTIxMDQw +NjA3Mjk0MFowOTELMAkGA1UEBhMCRkkxDzANBgNVBAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJh +IENsYXNzMiBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJAXSjWdyvANlsdE+hY3 +/Ei9vX+ALTU74W+oZ6m/AxxNjG8yR9VBaKQTBME1DJqEQ/xcHf+Js+gXGM2RX/uJ4+q/Tl18GybT +dXnt5oTjV+WtKcT0OijnpXuENmmz/V52vaMtmdOQTiMofRhj8VQ7Jp12W5dCsv+u8E7s3TmVToMG +f+dJQMjFAbJUWmYdPfz56TwKnoG4cPABi+QjVHzIrviQHgCWctRUz2EjvOr7nQKV0ba5cTppCD8P +tOFCx4j1P5iop7oc4HFx71hXgVB6XGt0Rg6DA5jDjqhu8nYybieDwnPz3BjotJPqdURrBGAgcVeH +nfO+oJAjPYok4doh28MCAwEAAaMzMDEwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISqCqWITT +XjwwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBazof5FnIVV0sd2ZvnoiYw7JNn39Yt +0jSv9zilzqsWuasvfDXLrNAPtEwr/IDva4yRXzZ299uzGxnq9LIR/WFxRL8oszodv7ND6J+/3DEI +cbCdjdY0RzKQxmUk96BKfARzjzlvF4xytb1LyHr4e4PDKE6cCepnP7JnBBvDFNr450kkkdAdavph +Oe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6Tk6ezAyNlNzZRZxe7EJQY670XcSx +EtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLH +llpwrN9M +-----END CERTIFICATE----- + +UTN USERFirst Hardware Root CA +============================== +-----BEGIN CERTIFICATE----- +MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCBlzELMAkGA1UE +BhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwGA1UEChMVVGhl +IFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAd +BgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgx +OTIyWjCBlzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0 +eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVz +ZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdhcmUwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlI +wrthdBKWHTxqctU8EGc6Oe0rE81m65UJM6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFd +tqdt++BxF2uiiPsA3/4aMXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8 +i4fDidNdoI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqIDsjf +Pe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9KsyoUhbAgMBAAGjgbkw +gbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFKFyXyYbKJhDlV0HN9WF +lp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNF +UkZpcnN0LUhhcmR3YXJlLmNybDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUF +BwMGBggrBgEFBQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM +//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28GpgoiskliCE7/yMgUsogW +XecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gECJChicsZUN/KHAG8HQQZexB2 +lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kn +iCrVWFCVH/A7HFe7fRQ5YiuayZSSKqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67 +nfhmqA== +-----END CERTIFICATE----- + +Camerfirma Chambers of Commerce Root +==================================== +-----BEGIN CERTIFICATE----- +MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEnMCUGA1UEChMe +QUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1i +ZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAx +NjEzNDNaFw0zNzA5MzAxNjEzNDRaMH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZp +cm1hIFNBIENJRiBBODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3Jn +MSIwIAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0BAQEFAAOC +AQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtbunXF/KGIJPov7coISjlU +xFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0dBmpAPrMMhe5cG3nCYsS4No41XQEMIwRH +NaqbYE6gZj3LJgqcQKH0XZi/caulAGgq7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jW +DA+wWFjbw2Y3npuRVDM30pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFV +d9oKDMyXroDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIGA1Ud +EwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5jaGFtYmVyc2lnbi5v +cmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p26EpW1eLTXYGduHRooowDgYDVR0P +AQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hh +bWJlcnNpZ24ub3JnMCcGA1UdEgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYD +VR0gBFEwTzBNBgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz +aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEBAAxBl8IahsAi +fJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZdp0AJPaxJRUXcLo0waLIJuvvD +L8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wN +UPf6s+xCX6ndbcj0dc97wXImsQEcXCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/n +ADydb47kMgkdTXg0eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1 +erfutGWaIZDgqtCYvDi1czyL+Nw= +-----END CERTIFICATE----- + +Camerfirma Global Chambersign Root +================================== +-----BEGIN CERTIFICATE----- +MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEnMCUGA1UEChMe +QUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1i +ZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYx +NDE4WhcNMzcwOTMwMTYxNDE4WjB9MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJt +YSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEg +MB4GA1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUAA4IBDQAw +ggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0Mi+ITaFgCPS3CU6gSS9J +1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/sQJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8O +by4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpVeAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl +6DJWk0aJqCWKZQbua795B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c +8lCrEqWhz0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0TAQH/ +BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1iZXJzaWduLm9yZy9j +aGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4wTcbOX60Qq+UDpfqpFDAOBgNVHQ8B +Af8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAHMCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBj +aGFtYmVyc2lnbi5vcmcwKgYDVR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9y +ZzBbBgNVHSAEVDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh +bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0BAQUFAAOCAQEA +PDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUMbKGKfKX0j//U2K0X1S0E0T9Y +gOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXiryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJ +PJ7oKXqJ1/6v/2j1pReQvayZzKWGVwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4 +IBHNfTIzSJRUTN3cecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREes +t2d/AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A== +-----END CERTIFICATE----- + +XRamp Global CA Root +==================== +-----BEGIN CERTIFICATE----- +MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCBgjELMAkGA1UE +BhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2Vj +dXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBB +dXRob3JpdHkwHhcNMDQxMTAxMTcxNDA0WhcNMzUwMTAxMDUzNzE5WjCBgjELMAkGA1UEBhMCVVMx +HjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkg +U2VydmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3Jp +dHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJB69FbS638eMpSe2OAtp87ZOqCwu +IR1cRN8hXX4jdP5efrRKt6atH67gBhbim1vZZ3RrXYCPKZ2GG9mcDZhtdhAoWORlsH9KmHmf4MMx +foArtYzAQDsRhtDLooY2YKTVMIJt2W7QDxIEM5dfT2Fa8OT5kavnHTu86M/0ay00fOJIYRyO82FE +zG+gSqmUsE3a56k0enI4qEHMPJQRfevIpoy3hsvKMzvZPTeL+3o+hiznc9cKV6xkmxnr9A8ECIqs +AxcZZPRaJSKNNCyy9mgdEm3Tih4U2sSPpuIjhdV6Db1q4Ons7Be7QhtnqiXtRYMh/MHJfNViPvry +xS3T/dRlAgMBAAGjgZ8wgZwwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1Ud +EwEB/wQFMAMBAf8wHQYDVR0OBBYEFMZPoj0GY4QJnM5i5ASsjVy16bYbMDYGA1UdHwQvMC0wK6Ap +oCeGJWh0dHA6Ly9jcmwueHJhbXBzZWN1cml0eS5jb20vWEdDQS5jcmwwEAYJKwYBBAGCNxUBBAMC +AQEwDQYJKoZIhvcNAQEFBQADggEBAJEVOQMBG2f7Shz5CmBbodpNl2L5JFMn14JkTpAuw0kbK5rc +/Kh4ZzXxHfARvbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt +qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLaIR9NmXmd4c8n +nxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSyi6mx5O+aGtA9aZnuqCij4Tyz +8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQO+7ETPTsJ3xCwnR8gooJybQDJbw= +-----END CERTIFICATE----- + +Go Daddy Class 2 CA +=================== +-----BEGIN CERTIFICATE----- +MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMY +VGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRp +ZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkG +A1UEBhMCVVMxITAfBgNVBAoTGFRoZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28g +RGFkZHkgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQAD +ggENADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCAPVYYYwhv +2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6wwdhFJ2+qN1j3hybX2C32 +qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXiEqITLdiOr18SPaAIBQi2XKVlOARFmR6j +YGB0xUGlcmIbYsUfb18aQr4CUWWoriMYavx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmY +vLEHZ6IVDd2gWMZEewo+YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0O +BBYEFNLEsNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h/t2o +atTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMu +MTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwG +A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wim +PQoZ+YeAEW5p5JYXMP80kWNyOO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKt +I3lpjbi2Tc7PTMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ +HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mERdEr/VxqHD3VI +Ls9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5CufReYNnyicsbkqWletNw+vHX/b +vZ8= +-----END CERTIFICATE----- + +Starfield Class 2 CA +==================== +-----BEGIN CERTIFICATE----- +MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzElMCMGA1UEChMc +U3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZpZWxkIENsYXNzIDIg +Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQwNjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBo +MQswCQYDVQQGEwJVUzElMCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAG +A1UECxMpU3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqG +SIb3DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf8MOh2tTY +bitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN+lq2cwQlZut3f+dZxkqZ +JRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVm +epsZGD3/cVE8MC5fvj13c7JdBmzDI1aaK4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSN +F4Azbl5KXZnJHoe0nRrA1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HF +MIHCMB0GA1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fRzt0f +hvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNo +bm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBDbGFzcyAyIENlcnRpZmljYXRpb24g +QXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGs +afPzWdqbAYcaT1epoXkJKtv3L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLM +PUxA2IGvd56Deruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl +xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynpVSJYACPq4xJD +KVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEYWQPJIrSPnNVeKtelttQKbfi3 +QBFGmh95DmK/D5fs4C8fF5Q= +-----END CERTIFICATE----- + +StartCom Certification Authority +================================ +-----BEGIN CERTIFICATE----- +MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMN +U3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmlu +ZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0 +NjM2WhcNMzYwOTE3MTk0NjM2WjB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRk +LjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMg +U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw +ggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZkpMyONvg45iPwbm2xPN1y +o4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rfOQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/ +Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/CJi/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/d +eMotHweXMAEtcnn6RtYTKqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt +2PZE4XNiHzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMMAv+Z +6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w+2OqqGwaVLRcJXrJ +osmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/ +untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVc +UjyJthkqcwEKDwOzEmDyei+B26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT +37uMdBNSSwIDAQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE +FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9jZXJ0LnN0YXJ0 +Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3JsLnN0YXJ0Y29tLm9yZy9zZnNj +YS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFMBgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUH +AgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRw +Oi8vY2VydC5zdGFydGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYg +U3RhcnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlhYmlsaXR5 +LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2YgdGhlIFN0YXJ0Q29tIENl +cnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFpbGFibGUgYXQgaHR0cDovL2NlcnQuc3Rh +cnRjb20ub3JnL3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilT +dGFydENvbSBGcmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOC +AgEAFmyZ9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8jhvh +3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUWFjgKXlf2Ysd6AgXm +vB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJzewT4F+irsfMuXGRuczE6Eri8sxHk +fY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3 +fsNrarnDy0RLrHiQi+fHLB5LEUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZ +EoalHmdkrQYuL6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq +yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuCO3NJo2pXh5Tl +1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6Vum0ABj6y6koQOdjQK/W/7HW/ +lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkyShNOsF/5oirpt9P/FlUQqmMGqz9IgcgA38coro +g14= +-----END CERTIFICATE----- + +Taiwan GRCA +=========== +-----BEGIN CERTIFICATE----- +MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/MQswCQYDVQQG +EwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4X +DTAyMTIwNTEzMjMzM1oXDTMyMTIwNTEzMjMzM1owPzELMAkGA1UEBhMCVFcxMDAuBgNVBAoMJ0dv +dmVybm1lbnQgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQAD +ggIPADCCAgoCggIBAJoluOzMonWoe/fOW1mKydGGEghU7Jzy50b2iPN86aXfTEc2pBsBHH8eV4qN +w8XRIePaJD9IK/ufLqGU5ywck9G/GwGHU5nOp/UKIXZ3/6m3xnOUT0b3EEk3+qhZSV1qgQdW8or5 +BtD3cCJNtLdBuTK4sfCxw5w/cP1T3YGq2GN49thTbqGsaoQkclSGxtKyyhwOeYHWtXBiCAEuTk8O +1RGvqa/lmr/czIdtJuTJV6L7lvnM4T9TjGxMfptTCAtsF/tnyMKtsc2AtJfcdgEWFelq16TheEfO +htX7MfP6Mb40qij7cEwdScevLJ1tZqa2jWR+tSBqnTuBto9AAGdLiYa4zGX+FVPpBMHWXx1E1wov +J5pGfaENda1UhhXcSTvxls4Pm6Dso3pdvtUqdULle96ltqqvKKyskKw4t9VoNSZ63Pc78/1Fm9G7 +Q3hub/FCVGqY8A2tl+lSXunVanLeavcbYBT0peS2cWeqH+riTcFCQP5nRhc4L0c/cZyu5SHKYS1t +B6iEfC3uUSXxY5Ce/eFXiGvviiNtsea9P63RPZYLhY3Naye7twWb7LuRqQoHEgKXTiCQ8P8NHuJB +O9NAOueNXdpm5AKwB1KYXA6OM5zCppX7VRluTI6uSw+9wThNXo+EHWbNxWCWtFJaBYmOlXqYwZE8 +lSOyDvR5tMl8wUohAgMBAAGjajBoMB0GA1UdDgQWBBTMzO/MKWCkO7GStjz6MmKPrCUVOzAMBgNV +HRMEBTADAQH/MDkGBGcqBwAEMTAvMC0CAQAwCQYFKw4DAhoFADAHBgVnKgMAAAQUA5vwIhP/lSg2 +09yewDL7MTqKUWUwDQYJKoZIhvcNAQEFBQADggIBAECASvomyc5eMN1PhnR2WPWus4MzeKR6dBcZ +TulStbngCnRiqmjKeKBMmo4sIy7VahIkv9Ro04rQ2JyftB8M3jh+Vzj8jeJPXgyfqzvS/3WXy6Tj +Zwj/5cAWtUgBfen5Cv8b5Wppv3ghqMKnI6mGq3ZW6A4M9hPdKmaKZEk9GhiHkASfQlK3T8v+R0F2 +Ne//AHY2RTKbxkaFXeIksB7jSJaYV0eUVXoPQbFEJPPB/hprv4j9wabak2BegUqZIJxIZhm1AHlU +D7gsL0u8qV1bYH+Mh6XgUmMqvtg7hUAV/h62ZT/FS9p+tXo1KaMuephgIqP0fSdOLeq0dDzpD6Qz +DxARvBMB1uUO07+1EqLhRSPAzAhuYbeJq4PjJB7mXQfnHyA+z2fI56wwbSdLaG5LKlwCCDTb+Hbk +Z6MmnD+iMsJKxYEYMRBWqoTvLQr/uB930r+lWKBi5NdLkXWNiYCYfm3LU05er/ayl4WXudpVBrkk +7tfGOB5jGxI7leFYrPLfhNVfmS8NVVvmONsuP3LpSIXLuykTjx44VbnzssQwmSNOXfJIoRIM3BKQ +CZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDeLMDDav7v3Aun+kbfYNucpllQdSNpc5Oy ++fwC00fmcc4QAu4njIT/rEUNE1yDMuAlpYYsfPQS +-----END CERTIFICATE----- + +Swisscom Root CA 1 +================== +-----BEGIN CERTIFICATE----- +MIIF2TCCA8GgAwIBAgIQXAuFXAvnWUHfV8w/f52oNjANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQG +EwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2VydGlmaWNhdGUgU2Vy +dmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3QgQ0EgMTAeFw0wNTA4MTgxMjA2MjBaFw0yNTA4 +MTgyMjA2MjBaMGQxCzAJBgNVBAYTAmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGln +aXRhbCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAxMIIC +IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0LmwqAzZuz8h+BvVM5OAFmUgdbI9m2BtRsiM +MW8Xw/qabFbtPMWRV8PNq5ZJkCoZSx6jbVfd8StiKHVFXqrWW/oLJdihFvkcxC7mlSpnzNApbjyF +NDhhSbEAn9Y6cV9Nbc5fuankiX9qUvrKm/LcqfmdmUc/TilftKaNXXsLmREDA/7n29uj/x2lzZAe +AR81sH8A25Bvxn570e56eqeqDFdvpG3FEzuwpdntMhy0XmeLVNxzh+XTF3xmUHJd1BpYwdnP2IkC +b6dJtDZd0KTeByy2dbcokdaXvij1mB7qWybJvbCXc9qukSbraMH5ORXWZ0sKbU/Lz7DkQnGMU3nn +7uHbHaBuHYwadzVcFh4rUx80i9Fs/PJnB3r1re3WmquhsUvhzDdf/X/NTa64H5xD+SpYVUNFvJbN +cA78yeNmuk6NO4HLFWR7uZToXTNShXEuT46iBhFRyePLoW4xCGQMwtI89Tbo19AOeCMgkckkKmUp +WyL3Ic6DXqTz3kvTaI9GdVyDCW4pa8RwjPWd1yAv/0bSKzjCL3UcPX7ape8eYIVpQtPM+GP+HkM5 +haa2Y0EQs3MevNP6yn0WR+Kn1dCjigoIlmJWbjTb2QK5MHXjBNLnj8KwEUAKrNVxAmKLMb7dxiNY +MUJDLXT5xp6mig/p/r+D5kNXJLrvRjSq1xIBOO0CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYw +HQYDVR0hBBYwFDASBgdghXQBUwABBgdghXQBUwABMBIGA1UdEwEB/wQIMAYBAf8CAQcwHwYDVR0j +BBgwFoAUAyUv3m+CATpcLNwroWm1Z9SM0/0wHQYDVR0OBBYEFAMlL95vggE6XCzcK6FptWfUjNP9 +MA0GCSqGSIb3DQEBBQUAA4ICAQA1EMvspgQNDQ/NwNurqPKIlwzfky9NfEBWMXrrpA9gzXrzvsMn +jgM+pN0S734edAY8PzHyHHuRMSG08NBsl9Tpl7IkVh5WwzW9iAUPWxAaZOHHgjD5Mq2eUCzneAXQ +MbFamIp1TpBcahQq4FJHgmDmHtqBsfsUC1rxn9KVuj7QG9YVHaO+htXbD8BJZLsuUBlL0iT43R4H +VtA4oJVwIHaM190e3p9xxCPvgxNcoyQVTSlAPGrEqdi3pkSlDfTgnXceQHAm/NrZNuR55LU/vJtl +vrsRls/bxig5OgjOR1tTWsWZ/l2p3e9M1MalrQLmjAcSHm8D0W+go/MpvRLHUKKwf4ipmXeascCl +OS5cfGniLLDqN2qk4Vrh9VDlg++luyqI54zb/W1elxmofmZ1a3Hqv7HHb6D0jqTsNFFbjCYDcKF3 +1QESVwA12yPeDooomf2xEG9L/zgtYE4snOtnta1J7ksfrK/7DZBaZmBwXarNeNQk7shBoJMBkpxq +nvy5JMWzFYJ+vq6VK+uxwNrjAWALXmmshFZhvnEX/h0TD/7Gh0Xp/jKgGg0TpJRVcaUWi7rKibCy +x/yP2FS1k2Kdzs9Z+z0YzirLNRWCXf9UIltxUvu3yf5gmwBBZPCqKuy2QkPOiWaByIufOVQDJdMW +NY6E0F/6MBr1mmz0DlP5OlvRHA== +-----END CERTIFICATE----- + +DigiCert Assured ID Root CA +=========================== +-----BEGIN CERTIFICATE----- +MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSQw +IgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzEx +MTEwMDAwMDAwWjBlMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQL +ExB3d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0Ew +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7cJpSIqvTO +9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYPmDI2dsze3Tyoou9q+yHy +UmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW +/lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpy +oeb6pNnVFzF1roV9Iq4/AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whf +GHdPAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRF +66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzANBgkq +hkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRCdWKuh+vy1dneVrOfzM4UKLkNl2Bc +EkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTffwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38Fn +SbNd67IJKusm7Xi+fT8r87cmNW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i +8b5QZ7dsvfPxH2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe ++o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g== +-----END CERTIFICATE----- + +DigiCert Global Root CA +======================= +-----BEGIN CERTIFICATE----- +MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBhMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAw +HgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAw +MDAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3 +dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsBCSDMAZOn +TjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97nh6Vfe63SKMI2tavegw5 +BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt43C/dxC//AH2hdmoRBBYMql1GNXRor5H +4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7PT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y +7vrTC0LUq7dBMtoM1O/4gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQAB +o2MwYTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbRTLtm +8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJKoZIhvcNAQEF +BQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/EsrhMAtudXH/vTBH1jLuG2cenTnmCmr +EbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIt +tep3Sp+dWOIrWcBAI+0tKIJFPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886 +UAb3LujEV0lsYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk +CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4= +-----END CERTIFICATE----- + +DigiCert High Assurance EV Root CA +================================== +-----BEGIN CERTIFICATE----- +MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBsMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSsw +KQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAw +MFoXDTMxMTExMDAwMDAwMFowbDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZ +MBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFu +Y2UgRVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm+9S75S0t +Mqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTWPNt0OKRKzE0lgvdKpVMS +OO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEMxChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3 +MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFBIk5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQ +NAQTXKFx01p8VdteZOE3hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUe +h10aUAsgEsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMB +Af8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSY +JhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3NecnzyIZgYIVyHbIUf4KmeqvxgydkAQ +V8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6zeM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFp +myPInngiK3BD41VHMWEZ71jFhS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkK +mNEVX58Svnw2Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe +vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep+OkuE6N36B9K +-----END CERTIFICATE----- + +Certplus Class 2 Primary CA +=========================== +-----BEGIN CERTIFICATE----- +MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAwPTELMAkGA1UE +BhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFzcyAyIFByaW1hcnkgQ0EwHhcN +OTkwNzA3MTcwNTAwWhcNMTkwNzA2MjM1OTU5WjA9MQswCQYDVQQGEwJGUjERMA8GA1UEChMIQ2Vy +dHBsdXMxGzAZBgNVBAMTEkNsYXNzIDIgUHJpbWFyeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBANxQltAS+DXSCHh6tlJw/W/uz7kRy1134ezpfgSN1sxvc0NXYKwzCkTsA18cgCSR +5aiRVhKC9+Ar9NuuYS6JEI1rbLqzAr3VNsVINyPi8Fo3UjMXEuLRYE2+L0ER4/YXJQyLkcAbmXuZ +Vg2v7tK8R1fjeUl7NIknJITesezpWE7+Tt9avkGtrAjFGA7v0lPubNCdEgETjdyAYveVqUSISnFO +YFWe2yMZeVYHDD9jC1yw4r5+FfyUM1hBOHTE4Y+L3yasH7WLO7dDWWuwJKZtkIvEcupdM5i3y95e +e++U8Rs+yskhwcWYAqqi9lt3m/V+llU0HGdpwPFC40es/CgcZlUCAwEAAaOBjDCBiTAPBgNVHRME +CDAGAQH/AgEKMAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQU43Mt38sOKAze3bOkynm4jrvoMIkwEQYJ +YIZIAYb4QgEBBAQDAgEGMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly93d3cuY2VydHBsdXMuY29t +L0NSTC9jbGFzczIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQCnVM+IRBnL39R/AN9WM2K191EBkOvD +P9GIROkkXe/nFL0gt5o8AP5tn9uQ3Nf0YtaLcF3n5QRIqWh8yfFC82x/xXp8HVGIutIKPidd3i1R +TtMTZGnkLuPT55sJmabglZvOGtd/vjzOUrMRFcEPF80Du5wlFbqidon8BvEY0JNLDnyCt6X09l/+ +7UCmnYR0ObncHoUW2ikbhiMAybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW +//1IMwrh3KWBkJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7 +l7+ijrRU +-----END CERTIFICATE----- + +DST Root CA X3 +============== +-----BEGIN CERTIFICATE----- +MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/MSQwIgYDVQQK +ExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMTDkRTVCBSb290IENBIFgzMB4X +DTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVowPzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1 +cmUgVHJ1c3QgQ28uMRcwFQYDVQQDEw5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmT +rE4Orz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEqOLl5CjH9 +UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9bxiqKqy69cK3FCxolkHRy +xXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40d +utolucbY38EVAjqr2m7xPi71XAicPNaDaeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0T +AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQ +MA0GCSqGSIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69ikug +dB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXrAvHRAosZy5Q6XkjE +GB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZzR8srzJmwN0jP41ZL9c8PDHIyh8bw +RLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubS +fZGL+T0yjWW06XyxV3bqxbYoOb8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ +-----END CERTIFICATE----- + +DST ACES CA X6 +============== +-----BEGIN CERTIFICATE----- +MIIECTCCAvGgAwIBAgIQDV6ZCtadt3js2AdWO4YV2TANBgkqhkiG9w0BAQUFADBbMQswCQYDVQQG +EwJVUzEgMB4GA1UEChMXRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QxETAPBgNVBAsTCERTVCBBQ0VT +MRcwFQYDVQQDEw5EU1QgQUNFUyBDQSBYNjAeFw0wMzExMjAyMTE5NThaFw0xNzExMjAyMTE5NTha +MFsxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdDERMA8GA1UE +CxMIRFNUIEFDRVMxFzAVBgNVBAMTDkRTVCBBQ0VTIENBIFg2MIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAuT31LMmU3HWKlV1j6IR3dma5WZFcRt2SPp/5DgO0PWGSvSMmtWPuktKe1jzI +DZBfZIGxqAgNTNj50wUoUrQBJcWVHAx+PhCEdc/BGZFjz+iokYi5Q1K7gLFViYsx+tC3dr5BPTCa +pCIlF3PoHuLTrCq9Wzgh1SpL11V94zpVvddtawJXa+ZHfAjIgrrep4c9oW24MFbCswKBXy314pow +GCi4ZtPLAZZv6opFVdbgnf9nKxcCpk4aahELfrd755jWjHZvwTvbUJN+5dCOHze4vbrGn2zpfDPy +MjwmR/onJALJfh1biEITajV8fTXpLmaRcpPVMibEdPVTo7NdmvYJywIDAQABo4HIMIHFMA8GA1Ud +EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgHGMB8GA1UdEQQYMBaBFHBraS1vcHNAdHJ1c3Rkc3Qu +Y29tMGIGA1UdIARbMFkwVwYKYIZIAWUDAgEBATBJMEcGCCsGAQUFBwIBFjtodHRwOi8vd3d3LnRy +dXN0ZHN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9saWN5L0FDRVMtaW5kZXguaHRtbDAdBgNVHQ4EFgQU +CXIGThhDD+XWzMNqizF7eI+og7gwDQYJKoZIhvcNAQEFBQADggEBAKPYjtay284F5zLNAdMEA+V2 +5FYrnJmQ6AgwbN99Pe7lv7UkQIRJ4dEorsTCOlMwiPH1d25Ryvr/ma8kXxug/fKshMrfqfBfBC6t +Fr8hlxCBPeP/h40y3JTlR4peahPJlJU90u7INJXQgNStMgiAVDzgvVJT11J8smk/f3rPanTK+gQq +nExaBqXpIK1FZg9p8d2/6eMyi/rgwYZNcjwu2JN4Cir42NInPRmJX1p7ijvMDNpRrscL9yuwNwXs +vFcj4jjSm2jzVhKIT0J8uDHEtdvkyCE06UgRNe76x5JXxZ805Mf29w4LTJxoeHtxMcfrHuBnQfO3 +oKfN5XozNmr6mis= +-----END CERTIFICATE----- + +SwissSign Gold CA - G2 +====================== +-----BEGIN CERTIFICATE----- +MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkNIMRUw +EwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2lnbiBHb2xkIENBIC0gRzIwHhcN +MDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBFMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dp +c3NTaWduIEFHMR8wHQYDVQQDExZTd2lzc1NpZ24gR29sZCBDQSAtIEcyMIICIjANBgkqhkiG9w0B +AQEFAAOCAg8AMIICCgKCAgEAr+TufoskDhJuqVAtFkQ7kpJcyrhdhJJCEyq8ZVeCQD5XJM1QiyUq +t2/876LQwB8CJEoTlo8jE+YoWACjR8cGp4QjK7u9lit/VcyLwVcfDmJlD909Vopz2q5+bbqBHH5C +jCA12UNNhPqE21Is8w4ndwtrvxEvcnifLtg+5hg3Wipy+dpikJKVyh+c6bM8K8vzARO/Ws/BtQpg +vd21mWRTuKCWs2/iJneRjOBiEAKfNA+k1ZIzUd6+jbqEemA8atufK+ze3gE/bk3lUIbLtK/tREDF +ylqM2tIrfKjuvqblCqoOpd8FUrdVxyJdMmqXl2MT28nbeTZ7hTpKxVKJ+STnnXepgv9VHKVxaSvR +AiTysybUa9oEVeXBCsdtMDeQKuSeFDNeFhdVxVu1yzSJkvGdJo+hB9TGsnhQ2wwMC3wLjEHXuend +jIj3o02yMszYF9rNt85mndT9Xv+9lz4pded+p2JYryU0pUHHPbwNUMoDAw8IWh+Vc3hiv69yFGkO +peUDDniOJihC8AcLYiAQZzlG+qkDzAQ4embvIIO1jEpWjpEA/I5cgt6IoMPiaG59je883WX0XaxR +7ySArqpWl2/5rX3aYT+YdzylkbYcjCbaZaIJbcHiVOO5ykxMgI93e2CaHt+28kgeDrpOVG2Y4OGi +GqJ3UM/EY5LsRxmd6+ZrzsECAwEAAaOBrDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQUWyV7lqRlUX64OfPAeGZe6Drn8O4wHwYDVR0jBBgwFoAUWyV7lqRlUX64 +OfPAeGZe6Drn8O4wRgYDVR0gBD8wPTA7BglghXQBWQECAQEwLjAsBggrBgEFBQcCARYgaHR0cDov +L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBACe645R88a7A3hfm +5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczOUYrHUDFu4Up+GC9pWbY9ZIEr +44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5O1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOf +Mke6UiI0HTJ6CVanfCU2qT1L2sCCbwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6m +Gu6uLftIdxf+u+yvGPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxp +mo/a77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCChdiDyyJk +vC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid392qgQmwLOM7XdVAyksLf +KzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEppLd6leNcG2mqeSz53OiATIgHQv2ieY2Br +NU0LbbqhPcCT4H8js1WtciVORvnSFu+wZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6Lqj +viOvrv1vA+ACOzB2+httQc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ +-----END CERTIFICATE----- + +SwissSign Silver CA - G2 +======================== +-----BEGIN CERTIFICATE----- +MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCQ0gxFTAT +BgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMB4X +DTA2MTAyNTA4MzI0NloXDTM2MTAyNTA4MzI0NlowRzELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3 +aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEAxPGHf9N4Mfc4yfjDmUO8x/e8N+dOcbpLj6VzHVxumK4DV644 +N0MvFz0fyM5oEMF4rhkDKxD6LHmD9ui5aLlV8gREpzn5/ASLHvGiTSf5YXu6t+WiE7brYT7QbNHm ++/pe7R20nqA1W6GSy/BJkv6FCgU+5tkL4k+73JU3/JHpMjUi0R86TieFnbAVlDLaYQ1HTWBCrpJH +6INaUFjpiou5XaHc3ZlKHzZnu0jkg7Y360g6rw9njxcH6ATK72oxh9TAtvmUcXtnZLi2kUpCe2Uu +MGoM9ZDulebyzYLs2aFK7PayS+VFheZteJMELpyCbTapxDFkH4aDCyr0NQp4yVXPQbBH6TCfmb5h +qAaEuSh6XzjZG6k4sIN/c8HDO0gqgg8hm7jMqDXDhBuDsz6+pJVpATqJAHgE2cn0mRmrVn5bi4Y5 +FZGkECwJMoBgs5PAKrYYC51+jUnyEEp/+dVGLxmSo5mnJqy7jDzmDrxHB9xzUfFwZC8I+bRHHTBs +ROopN4WSaGa8gzj+ezku01DwH/teYLappvonQfGbGHLy9YR0SslnxFSuSGTfjNFusB3hB48IHpmc +celM2KX3RxIfdNFRnobzwqIjQAtz20um53MGjMGg6cFZrEb65i/4z3GcRm25xBWNOHkDRUjvxF3X +CO6HOSKGsg0PWEP3calILv3q1h8CAwEAAaOBrDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ +BAUwAwEB/zAdBgNVHQ4EFgQUF6DNweRBtjpbO8tFnb0cwpj6hlgwHwYDVR0jBBgwFoAUF6DNweRB +tjpbO8tFnb0cwpj6hlgwRgYDVR0gBD8wPTA7BglghXQBWQEDAQEwLjAsBggrBgEFBQcCARYgaHR0 +cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBAHPGgeAn0i0P +4JUw4ppBf1AsX19iYamGamkYDHRJ1l2E6kFSGG9YrVBWIGrGvShpWJHckRE1qTodvBqlYJ7YH39F +kWnZfrt4csEGDyrOj4VwYaygzQu4OSlWhDJOhrs9xCrZ1x9y7v5RoSJBsXECYxqCsGKrXlcSH9/L +3XWgwF15kIwb4FDm3jH+mHtwX6WQ2K34ArZv02DdQEsixT2tOnqfGhpHkXkzuoLcMmkDlm4fS/Bx +/uNncqCxv1yL5PqZIseEuRuNI5c/7SXgz2W79WEE790eslpBIlqhn10s6FvJbakMDHiqYMZWjwFa +DGi8aRl5xB9+lwW/xekkUV7U1UtT7dkjWjYDZaPBA61BMPNGG4WQr2W11bHkFlt4dR2Xem1ZqSqP +e97Dh4kQmUlzeMg9vVE1dCrV8X5pGyq7O70luJpaPXJhkGaH7gzWTdQRdAtq/gsD/KNVV4n+Ssuu +WxcFyPKNIzFTONItaj+CuY0IavdeQXRuwxF+B6wpYJE/OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJ +DIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ub +DgEj8Z+7fNzcbBGXJbLytGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u +-----END CERTIFICATE----- + +GeoTrust Primary Certification Authority +======================================== +-----BEGIN CERTIFICATE----- +MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQG +EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMoR2VvVHJ1c3QgUHJpbWFyeSBD +ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjExMjcwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMFgx +CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhHZW9UcnVzdCBQ +cmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEAvrgVe//UfH1nrYNke8hCUy3f9oQIIGHWAVlqnEQRr+92/ZV+zmEwu3qDXwK9AWbK7hWN +b6EwnL2hhZ6UOvNWiAAxz9juapYC2e0DjPt1befquFUWBRaa9OBesYjAZIVcFU2Ix7e64HXprQU9 +nceJSOC7KMgD4TCTZF5SwFlwIjVXiIrxlQqD17wxcwE07e9GceBrAqg1cmuXm2bgyxx5X9gaBGge +RwLmnWDiNpcB3841kt++Z8dtd1k7j53WkBWUvEI0EME5+bEnPn7WinXFsq+W06Lem+SYvn3h6YGt +tm/81w7a4DSwDRp35+MImO9Y+pyEtzavwt+s0vQQBnBxNQIDAQABo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQULNVQQZcVi/CPNmFbSvtr2ZnJM5IwDQYJKoZI +hvcNAQEFBQADggEBAFpwfyzdtzRP9YZRqSa+S7iq8XEN3GHHoOo0Hnp3DwQ16CePbJC/kRYkRj5K +Ts4rFtULUh38H2eiAkUxT87z+gOneZ1TatnaYzr4gNfTmeGl4b7UVXGYNTq+k+qurUKykG/g/CFN +NWMziUnWm07Kx+dOCQD32sfvmWKZd7aVIl6KoKv0uHiYyjgZmclynnjNS6yvGaBzEi38wkG6gZHa +Floxt/m0cYASSJlyc1pZU8FjUjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG +1riR/aYNKxoUAT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk= +-----END CERTIFICATE----- + +thawte Primary Root CA +====================== +-----BEGIN CERTIFICATE----- +MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCBqTELMAkGA1UE +BhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2 +aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhv +cml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYxMTE3 +MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwg +SW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMv +KGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMT +FnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs +oPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQLZU0HObrTQmnHNK4yZc2AreJ +1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGc +q/gcfomk6KHYcWUNo1F77rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/K +aAcdHJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR32HuHUETVPm4p +afs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYD +VR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUF +AAOCAQEAeRHAS7ORtvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeE +uzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQaEfZYGDm/Ac9IiAX +xPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqdE8hhuvU5HIe6uL17In/2/qxAeeWsEG89 +jxt5dovEN7MhGITlNgDrYyCZuen+MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVH +z7z9M/P2C2F+fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaA== +-----END CERTIFICATE----- + +VeriSign Class 3 Public Primary Certification Authority - G5 +============================================================ +-----BEGIN CERTIFICATE----- +MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE +BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBO +ZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVk +IHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRp +ZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCB +yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2ln +biBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBh +dXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmlt +YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKz +j/i5Vbext0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhD +Y2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/ +Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNHiDxpg8v+R70r +fk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/ +BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2Uv +Z2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy +aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqG +SIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzEp6B4Eq1iDkVwZMXnl2YtmAl+ +X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKE +KQsTb47bDN0lAtukixlE0kF6BWlKWE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiC +Km0oHw0LxOXnGiYZ4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vE +ZV8NhnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq +-----END CERTIFICATE----- + +SecureTrust CA +============== +-----BEGIN CERTIFICATE----- +MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBIMQswCQYDVQQG +EwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24xFzAVBgNVBAMTDlNlY3VyZVRy +dXN0IENBMB4XDTA2MTEwNzE5MzExOFoXDTI5MTIzMTE5NDA1NVowSDELMAkGA1UEBhMCVVMxIDAe +BgNVBAoTF1NlY3VyZVRydXN0IENvcnBvcmF0aW9uMRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTCC +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKukgeWVzfX2FI7CT8rU4niVWJxB4Q2ZQCQX +OZEzZum+4YOvYlyJ0fwkW2Gz4BERQRwdbvC4u/jep4G6pkjGnx29vo6pQT64lO0pGtSO0gMdA+9t +DWccV9cGrcrI9f4Or2YlSASWC12juhbDCE/RRvgUXPLIXgGZbf2IzIaowW8xQmxSPmjL8xk037uH +GFaAJsTQ3MBv396gwpEWoGQRS0S8Hvbn+mPeZqx2pHGj7DaUaHp3pLHnDi+BeuK1cobvomuL8A/b +01k/unK8RCSc43Oz969XL0Imnal0ugBS8kvNU3xHCzaFDmapCJcWNFfBZveA4+1wVMeT4C4oFVmH +ursCAwEAAaOBnTCBmjATBgkrBgEEAYI3FAIEBh4EAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/ +BAUwAwEB/zAdBgNVHQ4EFgQUQjK2FvoE/f5dS3rD/fdMQB1aQ68wNAYDVR0fBC0wKzApoCegJYYj +aHR0cDovL2NybC5zZWN1cmV0cnVzdC5jb20vU1RDQS5jcmwwEAYJKwYBBAGCNxUBBAMCAQAwDQYJ +KoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt36Z3q059c4EVlew3KW+JwULKUBRSu +SceNQQcSc5R+DCMh/bwQf2AQWnL1mA6s7Ll/3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHf +mbx8IVQr5Fiiu1cprp6poxkmD5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZ +nMUFdAvnZyPSCPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR +3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE= +-----END CERTIFICATE----- + +Secure Global CA +================ +-----BEGIN CERTIFICATE----- +MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQG +EwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBH +bG9iYWwgQ0EwHhcNMDYxMTA3MTk0MjI4WhcNMjkxMjMxMTk1MjA2WjBKMQswCQYDVQQGEwJVUzEg +MB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwg +Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNS7YrGxVaQZx5RNoJLNP2MwhR/jx +YDiJiQPpvepeRlMJ3Fz1Wuj3RSoC6zFh1ykzTM7HfAo3fg+6MpjhHZevj8fcyTiW89sa/FHtaMbQ +bqR8JNGuQsiWUGMu4P51/pinX0kuleM5M2SOHqRfkNJnPLLZ/kG5VacJjnIFHovdRIWCQtBJwB1g +8NEXLJXr9qXBkqPFwqcIYA1gBBCWeZ4WNOaptvolRTnIHmX5k/Wq8VLcmZg9pYYaDDUz+kulBAYV +HDGA76oYa8J719rO+TMg1fW9ajMtgQT7sFzUnKPiXB3jqUJ1XnvUd+85VLrJChgbEplJL4hL/VBi +0XPnj3pDAgMBAAGjgZ0wgZowEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1Ud +EwEB/wQFMAMBAf8wHQYDVR0OBBYEFK9EBMJBfkiD2045AuzshHrmzsmkMDQGA1UdHwQtMCswKaAn +oCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NHQ0EuY3JsMBAGCSsGAQQBgjcVAQQDAgEA +MA0GCSqGSIb3DQEBBQUAA4IBAQBjGghAfaReUw132HquHw0LURYD7xh8yOOvaliTFGCRsoTciE6+ +OYo68+aCiV0BN7OrJKQVDpI1WkpEXk5X+nXOH0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cn +CDpOGR86p1hcF895P4vkp9MmI50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/5 +3CYNv6ZHdAbYiNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc +f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW +-----END CERTIFICATE----- + +COMODO Certification Authority +============================== +-----BEGIN CERTIFICATE----- +MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCBgTELMAkGA1UE +BhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgG +A1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNVBAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1 +dGhvcml0eTAeFw0wNjEyMDEwMDAwMDBaFw0yOTEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEb +MBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFD +T01PRE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3UcEbVASY06m/weaKXTuH ++7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI2GqGd0S7WWaXUF601CxwRM/aN5VCaTww +xHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV +4EajcNxo2f8ESIl33rXp+2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA +1KGzqSX+DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5OnKVI +rLsm9wIDAQABo4GOMIGLMB0GA1UdDgQWBBQLWOWLxkwVN6RAqTCpIb5HNlpW/zAOBgNVHQ8BAf8E +BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBJBgNVHR8EQjBAMD6gPKA6hjhodHRwOi8vY3JsLmNvbW9k +b2NhLmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDANBgkqhkiG9w0BAQUFAAOC +AQEAPpiem/Yb6dc5t3iuHXIYSdOH5EOC6z/JqvWote9VfCFSZfnVDeFs9D6Mk3ORLgLETgdxb8CP +OGEIqB6BCsAvIC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/ +RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4zJVSk/BwJVmc +IGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5ddBA6+C4OmF4O5MBKgxTMVBbkN ++8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IBZQ== +-----END CERTIFICATE----- + +Network Solutions Certificate Authority +======================================= +-----BEGIN CERTIFICATE----- +MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBiMQswCQYDVQQG +EwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydOZXR3b3Jr +IFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMx +MjM1OTU5WjBiMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu +MTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkvH6SMG3G2I4rC7xGzuAnlt7e+foS0zwzc7MEL7xx +jOWftiJgPl9dzgn/ggwbmlFQGiaJ3dVhXRncEg8tCqJDXRfQNJIg6nPPOCwGJgl6cvf6UDL4wpPT +aaIjzkGxzOTVHzbRijr4jGPiFFlp7Q3Tf2vouAPlT2rlmGNpSAW+Lv8ztumXWWn4Zxmuk2GWRBXT +crA/vGp97Eh/jcOrqnErU2lBUzS1sLnFBgrEsEX1QV1uiUV7PTsmjHTC5dLRfbIR1PtYMiKagMnc +/Qzpf14Dl847ABSHJ3A4qY5usyd2mFHgBeMhqxrVhSI8KbWaFsWAqPS7azCPL0YCorEMIuDTAgMB +AAGjgZcwgZQwHQYDVR0OBBYEFCEwyfsA106Y2oeqKtCnLrFAMadMMA4GA1UdDwEB/wQEAwIBBjAP +BgNVHRMBAf8EBTADAQH/MFIGA1UdHwRLMEkwR6BFoEOGQWh0dHA6Ly9jcmwubmV0c29sc3NsLmNv +bS9OZXR3b3JrU29sdXRpb25zQ2VydGlmaWNhdGVBdXRob3JpdHkuY3JsMA0GCSqGSIb3DQEBBQUA +A4IBAQC7rkvnt1frf6ott3NHhWrB5KUd5Oc86fRZZXe1eltajSU24HqXLjjAV2CDmAaDn7l2em5Q +4LqILPxFzBiwmZVRDuwduIj/h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/ +GGUsyfJj4akH/nxxH2szJGoeBfcFaMBqEssuXmHLrijTfsK0ZpEmXzwuJF/LWA/rKOyvEZbz3Htv +wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHNpGxlaKFJdlxD +ydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey +-----END CERTIFICATE----- + +COMODO ECC Certification Authority +================================== +-----BEGIN CERTIFICATE----- +MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTELMAkGA1UEBhMC +R0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UE +ChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBB +dXRob3JpdHkwHhcNMDgwMzA2MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0Ix +GzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR +Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRo +b3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQDR3svdcmCFYX7deSRFtSrYpn1PlILBs5BAH+X +4QokPB0BBO490o0JlwzgdeT6+3eKKvUDYEs2ixYjFq0JcfRK9ChQtP6IHG4/bC8vCVlbpVsLM5ni +wz2J+Wos77LTBumjQjBAMB0GA1UdDgQWBBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8E +BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VG +FAkK+qDmfQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdvGDeA +U/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY= +-----END CERTIFICATE----- + +Security Communication EV RootCA1 +================================= +-----BEGIN CERTIFICATE----- +MIIDfTCCAmWgAwIBAgIBADANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJKUDElMCMGA1UEChMc +U0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEqMCgGA1UECxMhU2VjdXJpdHkgQ29tbXVuaWNh +dGlvbiBFViBSb290Q0ExMB4XDTA3MDYwNjAyMTIzMloXDTM3MDYwNjAyMTIzMlowYDELMAkGA1UE +BhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xKjAoBgNVBAsTIVNl +Y3VyaXR5IENvbW11bmljYXRpb24gRVYgUm9vdENBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC +AQoCggEBALx/7FebJOD+nLpCeamIivqA4PUHKUPqjgo0No0c+qe1OXj/l3X3L+SqawSERMqm4miO +/VVQYg+kcQ7OBzgtQoVQrTyWb4vVog7P3kmJPdZkLjjlHmy1V4qe70gOzXppFodEtZDkBp2uoQSX +WHnvIEqCa4wiv+wfD+mEce3xDuS4GBPMVjZd0ZoeUWs5bmB2iDQL87PRsJ3KYeJkHcFGB7hj3R4z +ZbOOCVVSPbW9/wfrrWFVGCypaZhKqkDFMxRldAD5kd6vA0jFQFTcD4SQaCDFkpbcLuUCRarAX1T4 +bepJz11sS6/vmsJWXMY1VkJqMF/Cq/biPT+zyRGPMUzXn0kCAwEAAaNCMEAwHQYDVR0OBBYEFDVK +9U2vP9eCOKyrcWUXdYydVZPmMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqG +SIb3DQEBBQUAA4IBAQCoh+ns+EBnXcPBZsdAS5f8hxOQWsTvoMpfi7ent/HWtWS3irO4G8za+6xm +iEHO6Pzk2x6Ipu0nUBsCMCRGef4Eh3CXQHPRwMFXGZpppSeZq51ihPZRwSzJIxXYKLerJRO1RuGG +Av8mjMSIkh1W/hln8lXkgKNrnKt34VFxDSDbEJrbvXZ5B3eZKK2aXtqxT0QsNY6llsf9g/BYxnnW +mHyojf6GPgcWkuF75x3sM3Z+Qi5KhfmRiWiEA4Glm5q+4zfFVKtWOxgtQaQM+ELbmaDgcm+7XeEW +T1MKZPlO9L9OVL14bIjqv5wTJMJwaaJ/D8g8rQjJsJhAoyrniIPtd490 +-----END CERTIFICATE----- + +OISTE WISeKey Global Root GA CA +=============================== +-----BEGIN CERTIFICATE----- +MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCBijELMAkGA1UE +BhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHlyaWdodCAoYykgMjAwNTEiMCAG +A1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBH +bG9iYWwgUm9vdCBHQSBDQTAeFw0wNTEyMTExNjAzNDRaFw0zNzEyMTExNjA5NTFaMIGKMQswCQYD +VQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEbMBkGA1UECxMSQ29weXJpZ2h0IChjKSAyMDA1MSIw +IAYDVQQLExlPSVNURSBGb3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5 +IEdsb2JhbCBSb290IEdBIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0+zAJs9 +Nt350UlqaxBJH+zYK7LG+DKBKUOVTJoZIyEVRd7jyBxRVVuuk+g3/ytr6dTqvirdqFEr12bDYVxg +Asj1znJ7O7jyTmUIms2kahnBAbtzptf2w93NvKSLtZlhuAGio9RN1AU9ka34tAhxZK9w8RxrfvbD +d50kc3vkDIzh2TbhmYsFmQvtRTEJysIA2/dyoJaqlYfQjse2YXMNdmaM3Bu0Y6Kff5MTMPGhJ9vZ +/yxViJGg4E8HsChWjBgbl0SOid3gF27nKu+POQoxhILYQBRJLnpB5Kf+42TMwVlxSywhp1t94B3R +LoGbw9ho972WG6xwsRYUC9tguSYBBQIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQUswN+rja8sHnR3JQmthG+IbJphpQwEAYJKwYBBAGCNxUBBAMCAQAwDQYJ +KoZIhvcNAQEFBQADggEBAEuh/wuHbrP5wUOxSPMowB0uyQlB+pQAHKSkq0lPjz0e701vvbyk9vIm +MMkQyh2I+3QZH4VFvbBsUfk2ftv1TDI6QU9bR8/oCy22xBmddMVHxjtqD6wU2zz0c5ypBd8A3HR4 ++vg1YFkCExh8vPtNsCBtQ7tgMHpnM1zFmdH4LTlSc/uMqpclXHLZCB6rTjzjgTGfA6b7wP4piFXa +hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZiFj4A4xylNoEY +okxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ/L7fCg0= +-----END CERTIFICATE----- + +Certigna +======== +-----BEGIN CERTIFICATE----- +MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNVBAYTAkZSMRIw +EAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4XDTA3MDYyOTE1MTMwNVoXDTI3 +MDYyOTE1MTMwNVowNDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURoaW15b3RpczERMA8GA1UEAwwI +Q2VydGlnbmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIaPHJ1tazNHUmgh7stL7q +XOEm7RFHYeGifBZ4QCHkYJ5ayGPhxLGWkv8YbWkj4Sti993iNi+RB7lIzw7sebYs5zRLcAglozyH +GxnygQcPOJAZ0xH+hrTy0V4eHpbNgGzOOzGTtvKg0KmVEn2lmsxryIRWijOp5yIVUxbwzBfsV1/p +ogqYCd7jX5xv3EjjhQsVWqa6n6xI4wmy9/Qy3l40vhx4XUJbzg4ij02Q130yGLMLLGq/jj8UEYkg +DncUtT2UCIf3JR7VsmAA7G8qKCVuKj4YYxclPz5EIBb2JsglrgVKtOdjLPOMFlN+XPsRGgjBRmKf +Irjxwo1p3Po6WAbfAgMBAAGjgbwwgbkwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUGu3+QTmQ +tCRZvgHyUtVF9lo53BEwZAYDVR0jBF0wW4AUGu3+QTmQtCRZvgHyUtVF9lo53BGhOKQ2MDQxCzAJ +BgNVBAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hggkA/tzjAQ/J +SP8wDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG9w0BAQUFAAOCAQEA +hQMeknH2Qq/ho2Ge6/PAD/Kl1NqV5ta+aDY9fm4fTIrv0Q8hbV6lUmPOEvjvKtpv6zf+EwLHyzs+ +ImvaYS5/1HI93TDhHkxAGYwP15zRgzB7mFncfca5DClMoTOi62c6ZYTTluLtdkVwj7Ur3vkj1klu +PBS1xp81HlDQwY9qcEQCYsuuHWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY +1gkIl2PlwS6wt0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw +WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg== +-----END CERTIFICATE----- + +Deutsche Telekom Root CA 2 +========================== +-----BEGIN CERTIFICATE----- +MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEcMBoGA1UEChMT +RGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2VjIFRydXN0IENlbnRlcjEjMCEG +A1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290IENBIDIwHhcNOTkwNzA5MTIxMTAwWhcNMTkwNzA5 +MjM1OTAwWjBxMQswCQYDVQQGEwJERTEcMBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0G +A1UECxMWVC1UZWxlU2VjIFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBS +b290IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrC6M14IspFLEUha88EOQ5 +bzVdSq7d6mGNlUn0b2SjGmBmpKlAIoTZ1KXleJMOaAGtuU1cOs7TuKhCQN/Po7qCWWqSG6wcmtoI +KyUn+WkjR/Hg6yx6m/UTAtB+NHzCnjwAWav12gz1MjwrrFDa1sPeg5TKqAyZMg4ISFZbavva4VhY +AUlfckE8FQYBjl2tqriTtM2e66foai1SNNs671x1Udrb8zH57nGYMsRUFUQM+ZtV7a3fGAigo4aK +Se5TBY8ZTNXeWHmb0mocQqvF1afPaA+W5OFhmHZhyJF81j4A4pFQh+GdCuatl9Idxjp9y7zaAzTV +jlsB9WoHtxa2bkp/AgMBAAGjQjBAMB0GA1UdDgQWBBQxw3kbuvVT1xfgiXotF2wKsyudMzAPBgNV +HRMECDAGAQH/AgEFMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAlGRZrTlk5ynr +E/5aw4sTV8gEJPB0d8Bg42f76Ymmg7+Wgnxu1MM9756AbrsptJh6sTtU6zkXR34ajgv8HzFZMQSy +zhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpaIzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8 +rZ7/gFnkm0W09juwzTkZmDLl6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4G +dyd1Lx+4ivn+xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU +Cm26OWMohpLzGITY+9HPBVZkVw== +-----END CERTIFICATE----- + +Cybertrust Global Root +====================== +-----BEGIN CERTIFICATE----- +MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYGA1UEChMPQ3li +ZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2JhbCBSb290MB4XDTA2MTIxNTA4 +MDAwMFoXDTIxMTIxNTA4MDAwMFowOzEYMBYGA1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQD +ExZDeWJlcnRydXN0IEdsb2JhbCBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA ++Mi8vRRQZhP/8NN57CPytxrHjoXxEnOmGaoQ25yiZXRadz5RfVb23CO21O1fWLE3TdVJDm71aofW +0ozSJ8bi/zafmGWgE07GKmSb1ZASzxQG9Dvj1Ci+6A74q05IlG2OlTEQXO2iLb3VOm2yHLtgwEZL +AfVJrn5GitB0jaEMAs7u/OePuGtm839EAL9mJRQr3RAwHQeWP032a7iPt3sMpTjr3kfb1V05/Iin +89cqdPHoWqI7n1C6poxFNcJQZZXcY4Lv3b93TZxiyWNzFtApD0mpSPCzqrdsxacwOUBdrsTiXSZT +8M4cIwhhqJQZugRiQOwfOHB3EgZxpzAYXSUnpQIDAQABo4GlMIGiMA4GA1UdDwEB/wQEAwIBBjAP +BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBS2CHsNesysIEyGVjJez6tuhS1wVzA/BgNVHR8EODA2 +MDSgMqAwhi5odHRwOi8vd3d3Mi5wdWJsaWMtdHJ1c3QuY29tL2NybC9jdC9jdHJvb3QuY3JsMB8G +A1UdIwQYMBaAFLYIew16zKwgTIZWMl7Pq26FLXBXMA0GCSqGSIb3DQEBBQUAA4IBAQBW7wojoFRO +lZfJ+InaRcHUowAl9B8Tq7ejhVhpwjCt2BWKLePJzYFa+HMjWqd8BfP9IjsO0QbE2zZMcwSO5bAi +5MXzLqXZI+O4Tkogp24CJJ8iYGd7ix1yCcUxXOl5n4BHPa2hCwcUPUf/A2kaDAtE52Mlp3+yybh2 +hO0j9n0Hq0V+09+zv+mKts2oomcrUtW3ZfA5TGOgkXmTUg9U3YO7n9GPp1Nzw8v/MOx8BLjYRB+T +X3EJIrduPuocA06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW +WL1WMRJOEcgh4LMRkWXbtKaIOM5V +-----END CERTIFICATE----- + +ePKI Root Certification Authority +================================= +-----BEGIN CERTIFICATE----- +MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQG +EwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0ZC4xKjAoBgNVBAsMIWVQS0kg +Um9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNDEyMjAwMjMxMjdaFw0zNDEyMjAwMjMx +MjdaMF4xCzAJBgNVBAYTAlRXMSMwIQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEq +MCgGA1UECwwhZVBLSSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0B +AQEFAAOCAg8AMIICCgKCAgEA4SUP7o3biDN1Z82tH306Tm2d0y8U82N0ywEhajfqhFAHSyZbCUNs +IZ5qyNUD9WBpj8zwIuQf5/dqIjG3LBXy4P4AakP/h2XGtRrBp0xtInAhijHyl3SJCRImHJ7K2RKi +lTza6We/CKBk49ZCt0Xvl/T29de1ShUCWH2YWEtgvM3XDZoTM1PRYfl61dd4s5oz9wCGzh1NlDiv +qOx4UXCKXBCDUSH3ET00hl7lSM2XgYI1TBnsZfZrxQWh7kcT1rMhJ5QQCtkkO7q+RBNGMD+XPNjX +12ruOzjjK9SXDrkb5wdJfzcq+Xd4z1TtW0ado4AOkUPB1ltfFLqfpo0kR0BZv3I4sjZsN/+Z0V0O +WQqraffAsgRFelQArr5T9rXn4fg8ozHSqf4hUmTFpmfwdQcGlBSBVcYn5AGPF8Fqcde+S/uUWH1+ +ETOxQvdibBjWzwloPn9s9h6PYq2lY9sJpx8iQkEeb5mKPtf5P0B6ebClAZLSnT0IFaUQAS2zMnao +lQ2zepr7BxB4EW/hj8e6DyUadCrlHJhBmd8hh+iVBmoKs2pHdmX2Os+PYhcZewoozRrSgx4hxyy/ +vv9haLdnG7t4TY3OZ+XkwY63I2binZB1NJipNiuKmpS5nezMirH4JYlcWrYvjB9teSSnUmjDhDXi +Zo1jDiVN1Rmy5nk3pyKdVDECAwEAAaNqMGgwHQYDVR0OBBYEFB4M97Zn8uGSJglFwFU5Lnc/Qkqi +MAwGA1UdEwQFMAMBAf8wOQYEZyoHAAQxMC8wLQIBADAJBgUrDgMCGgUAMAcGBWcqAwAABBRFsMLH +ClZ87lt4DJX5GFPBphzYEDANBgkqhkiG9w0BAQUFAAOCAgEACbODU1kBPpVJufGBuvl2ICO1J2B0 +1GqZNF5sAFPZn/KmsSQHRGoqxqWOeBLoR9lYGxMqXnmbnwoqZ6YlPwZpVnPDimZI+ymBV3QGypzq +KOg4ZyYr8dW1P2WT+DZdjo2NQCCHGervJ8A9tDkPJXtoUHRVnAxZfVo9QZQlUgjgRywVMRnVvwdV +xrsStZf0X4OFunHB2WyBEXYKCrC/gpf36j36+uwtqSiUO1bd0lEursC9CBWMd1I0ltabrNMdjmEP +NXubrjlpC2JgQCA2j6/7Nu4tCEoduL+bXPjqpRugc6bY+G7gMwRfaKonh+3ZwZCc7b3jajWvY9+r +GNm65ulK6lCKD2GTHuItGeIwlDWSXQ62B68ZgI9HkFFLLk3dheLSClIKF5r8GrBQAuUBo2M3IUxE +xJtRmREOc5wGj1QupyheRDmHVi03vYVElOEMSyycw5KFNGHLD7ibSkNS/jQ6fbjpKdx2qcgw+BRx +gMYeNkh0IkFch4LoGHGLQYlE535YW6i4jRPpp2zDR+2zGp1iro2C6pSe3VkQw63d4k3jMdXH7Ojy +sP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTEW9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmOD +BCEIZ43ygknQW/2xzQ+DhNQ+IIX3Sj0rnP0qCglN6oH4EZw= +-----END CERTIFICATE----- + +T\xc3\x9c\x42\xC4\xB0TAK UEKAE K\xC3\xB6k Sertifika Hizmet Sa\xC4\x9Flay\xc4\xb1\x63\xc4\xb1s\xc4\xb1 - S\xC3\xBCr\xC3\xBCm 3 +============================================================================================================================= +-----BEGIN CERTIFICATE----- +MIIFFzCCA/+gAwIBAgIBETANBgkqhkiG9w0BAQUFADCCASsxCzAJBgNVBAYTAlRSMRgwFgYDVQQH +DA9HZWJ6ZSAtIEtvY2FlbGkxRzBFBgNVBAoMPlTDvHJraXllIEJpbGltc2VsIHZlIFRla25vbG9q +aWsgQXJhxZ90xLFybWEgS3VydW11IC0gVMOcQsSwVEFLMUgwRgYDVQQLDD9VbHVzYWwgRWxla3Ry +b25payB2ZSBLcmlwdG9sb2ppIEFyYcWfdMSxcm1hIEVuc3RpdMO8c8O8IC0gVUVLQUUxIzAhBgNV +BAsMGkthbXUgU2VydGlmaWthc3lvbiBNZXJrZXppMUowSAYDVQQDDEFUw5xCxLBUQUsgVUVLQUUg +S8O2ayBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSAtIFPDvHLDvG0gMzAeFw0wNzA4 +MjQxMTM3MDdaFw0xNzA4MjExMTM3MDdaMIIBKzELMAkGA1UEBhMCVFIxGDAWBgNVBAcMD0dlYnpl +IC0gS29jYWVsaTFHMEUGA1UECgw+VMO8cmtpeWUgQmlsaW1zZWwgdmUgVGVrbm9sb2ppayBBcmHF +n3TEsXJtYSBLdXJ1bXUgLSBUw5xCxLBUQUsxSDBGBgNVBAsMP1VsdXNhbCBFbGVrdHJvbmlrIHZl +IEtyaXB0b2xvamkgQXJhxZ90xLFybWEgRW5zdGl0w7xzw7wgLSBVRUtBRTEjMCEGA1UECwwaS2Ft +dSBTZXJ0aWZpa2FzeW9uIE1lcmtlemkxSjBIBgNVBAMMQVTDnELEsFRBSyBVRUtBRSBLw7ZrIFNl +cnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIC0gU8O8csO8bSAzMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAim1L/xCIOsP2fpTo6iBkcK4hgb46ezzb8R1Sf1n68yJMlaCQvEhO +Eav7t7WNeoMojCZG2E6VQIdhn8WebYGHV2yKO7Rm6sxA/OOqbLLLAdsyv9Lrhc+hDVXDWzhXcLh1 +xnnRFDDtG1hba+818qEhTsXOfJlfbLm4IpNQp81McGq+agV/E5wrHur+R84EpW+sky58K5+eeROR +6Oqeyjh1jmKwlZMq5d/pXpduIF9fhHpEORlAHLpVK/swsoHvhOPc7Jg4OQOFCKlUAwUp8MmPi+oL +hmUZEdPpCSPeaJMDyTYcIW7OjGbxmTDY17PDHfiBLqi9ggtm/oLL4eAagsNAgQIDAQABo0IwQDAd +BgNVHQ4EFgQUvYiHyY/2pAoLquvF/pEjnatKijIwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF +MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAB18+kmPNOm3JpIWmgV050vQbTlswyb2zrgxvMTfvCr4 +N5EY3ATIZJkrGG2AA1nJrvhY0D7twyOfaTyGOBye79oneNGEN3GKPEs5z35FBtYt2IpNeBLWrcLT +y9LQQfMmNkqblWwM7uXRQydmwYj3erMgbOqwaSvHIOgMA8RBBZniP+Rr+KCGgceExh/VS4ESshYh +LBOhgLJeDEoTniDYYkCrkOpkSi+sDQESeUWoL4cZaMjihccwsnX5OD+ywJO0a+IDRM5noN+J1q2M +dqMTw5RhK2vZbMEHCiIHhWyFJEapvj+LeISCfiQMnf2BN+MlqO02TpUsyZyQ2uypQjyttgI= +-----END CERTIFICATE----- + +certSIGN ROOT CA +================ +-----BEGIN CERTIFICATE----- +MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYTAlJPMREwDwYD +VQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBDQTAeFw0wNjA3MDQxNzIwMDRa +Fw0zMTA3MDQxNzIwMDRaMDsxCzAJBgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UE +CxMQY2VydFNJR04gUk9PVCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALczuX7I +JUqOtdu0KBuqV5Do0SLTZLrTk+jUrIZhQGpgV2hUhE28alQCBf/fm5oqrl0Hj0rDKH/v+yv6efHH +rfAQUySQi2bJqIirr1qjAOm+ukbuW3N7LBeCgV5iLKECZbO9xSsAfsT8AzNXDe3i+s5dRdY4zTW2 +ssHQnIFKquSyAVwdj1+ZxLGt24gh65AIgoDzMKND5pCCrlUoSe1b16kQOA7+j0xbm0bqQfWwCHTD +0IgztnzXdN/chNFDDnU5oSVAKOp4yw4sLjmdjItuFhwvJoIQ4uNllAoEwF73XVv4EOLQunpL+943 +AAAaWyjj0pxzPjKHmKHJUS/X3qwzs08CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8B +Af8EBAMCAcYwHQYDVR0OBBYEFOCMm9slSbPxfIbWskKHC9BroNnkMA0GCSqGSIb3DQEBBQUAA4IB +AQA+0hyJLjX8+HXd5n9liPRyTMks1zJO890ZeUe9jjtbkw9QSSQTaxQGcu8J06Gh40CEyecYMnQ8 +SG4Pn0vU9x7Tk4ZkVJdjclDVVc/6IJMCopvDI5NOFlV2oHB5bc0hH88vLbwZ44gx+FkagQnIl6Z0 +x2DEW8xXjrJ1/RsCCdtZb3KTafcxQdaIOL+Hsr0Wefmq5L6IJd1hJyMctTEHBDa0GpC9oHRxUIlt +vBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNwi/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7Nz +TogVZ96edhBiIL5VaZVDADlN9u6wWk5JRFRYX0KD +-----END CERTIFICATE----- + +CNNIC ROOT +========== +-----BEGIN CERTIFICATE----- +MIIDVTCCAj2gAwIBAgIESTMAATANBgkqhkiG9w0BAQUFADAyMQswCQYDVQQGEwJDTjEOMAwGA1UE +ChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwHhcNMDcwNDE2MDcwOTE0WhcNMjcwNDE2MDcw +OTE0WjAyMQswCQYDVQQGEwJDTjEOMAwGA1UEChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1Qw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTNfc/c3et6FtzF8LRb+1VvG7q6KR5smzD +o+/hn7E7SIX1mlwhIhAsxYLO2uOabjfhhyzcuQxauohV3/2q2x8x6gHx3zkBwRP9SFIhxFXf2tiz +VHa6dLG3fdfA6PZZxU3Iva0fFNrfWEQlMhkqx35+jq44sDB7R3IJMfAw28Mbdim7aXZOV/kbZKKT +VrdvmW7bCgScEeOAH8tjlBAKqeFkgjH5jCftppkA9nCTGPihNIaj3XrCGHn2emU1z5DrvTOTn1Or +czvmmzQgLx3vqR1jGqCA2wMv+SYahtKNu6m+UjqHZ0gNv7Sg2Ca+I19zN38m5pIEo3/PIKe38zrK +y5nLAgMBAAGjczBxMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBRl8jGtKvf33VKWCscC +wQ7vptU7ETAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIB/jAdBgNVHQ4EFgQUZfIxrSr3991S +lgrHAsEO76bVOxEwDQYJKoZIhvcNAQEFBQADggEBAEs17szkrr/Dbq2flTtLP1se31cpolnKOOK5 +Gv+e5m4y3R6u6jW39ZORTtpC4cMXYFDy0VwmuYK36m3knITnA3kXr5g9lNvHugDnuL8BV8F3RTIM +O/G0HAiw/VGgod2aHRM2mm23xzy54cXZF/qD1T0VoDy7HgviyJA/qIYM/PmLXoXLT1tLYhFHxUV8 +BS9BsZ4QaRuZluBVeftOhpm4lNqGOGqTo+fLbuXf6iFViZx9fX+Y9QCJ7uOEwFyWtcVG6kbghVW2 +G8kS1sHNzYDzAgE8yGnLRUhj2JTQ7IUOO04RZfSCjKY9ri4ilAnIXOo8gV0WKgOXFlUJ24pBgp5m +mxE= +-----END CERTIFICATE----- + +GeoTrust Primary Certification Authority - G3 +============================================= +-----BEGIN CERTIFICATE----- +MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UE +BhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChjKSAyMDA4IEdlb1RydXN0 +IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFy +eSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEczMB4XDTA4MDQwMjAwMDAwMFoXDTM3MTIwMTIz +NTk1OVowgZgxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAo +YykgMjAwOCBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNVBAMT +LUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMzCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBANziXmJYHTNXOTIz+uvLh4yn1ErdBojqZI4xmKU4kB6Yzy5j +K/BGvESyiaHAKAxJcCGVn2TAppMSAmUmhsalifD614SgcK9PGpc/BkTVyetyEH3kMSj7HGHmKAdE +c5IiaacDiGydY8hS2pgn5whMcD60yRLBxWeDXTPzAxHsatBT4tG6NmCUgLthY2xbF37fQJQeqw3C +IShwiP/WJmxsYAQlTlV+fe+/lEjetx3dcI0FX4ilm/LC7urRQEFtYjgdVgbFA0dRIBn8exALDmKu +dlW/X3e+PkkBUz2YJQN2JFodtNuJ6nnltrM7P7pMKEF/BqxqjsHQ9gUdfeZChuOl1UcCAwEAAaNC +MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMR5yo6hTgMdHNxr +2zFblD4/MH8tMA0GCSqGSIb3DQEBCwUAA4IBAQAtxRPPVoB7eni9n64smefv2t+UXglpp+duaIy9 +cr5HqQ6XErhK8WTTOd8lNNTBzU6B8A8ExCSzNJbGpqow32hhc9f5joWJ7w5elShKKiePEI4ufIbE +Ap7aDHdlDkQNkv39sxY2+hENHYwOB4lqKVb3cvTdFZx3NWZXqxNT2I7BQMXXExZacse3aQHEerGD +AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUHSJsMC8tJP33s +t/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2Gspki4cErx5z481+oghLrGREt +-----END CERTIFICATE----- + +thawte Primary Root CA - G2 +=========================== +-----BEGIN CERTIFICATE----- +MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDELMAkGA1UEBhMC +VVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE4MDYGA1UECxMvKGMpIDIwMDcgdGhhd3RlLCBJbmMu +IC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3Qg +Q0EgLSBHMjAeFw0wNzExMDUwMDAwMDBaFw0zODAxMTgyMzU5NTlaMIGEMQswCQYDVQQGEwJVUzEV +MBMGA1UEChMMdGhhd3RlLCBJbmMuMTgwNgYDVQQLEy8oYykgMjAwNyB0aGF3dGUsIEluYy4gLSBG +b3IgYXV0aG9yaXplZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAt +IEcyMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEotWcgnuVnfFSeIf+iha/BebfowJPDQfGAFG6DAJS +LSKkQjnE/o/qycG+1E3/n3qe4rF8mq2nhglzh9HnmuN6papu+7qzcMBniKI11KOasf2twu8x+qi5 +8/sIxpHR+ymVo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU +mtgAMADna3+FGO6Lts6KDPgR4bswCgYIKoZIzj0EAwMDaQAwZgIxAN344FdHW6fmCsO99YCKlzUN +G4k8VIZ3KMqh9HneteY4sPBlcIx/AlTCv//YoT7ZzwIxAMSNlPzcU9LcnXgWHxUzI1NS41oxXZ3K +rr0TKUQNJ1uo52icEvdYPy5yAlejj6EULg== +-----END CERTIFICATE----- + +thawte Primary Root CA - G3 +=========================== +-----BEGIN CERTIFICATE----- +MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCBrjELMAkGA1UE +BhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2 +aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhv +cml6ZWQgdXNlIG9ubHkxJDAiBgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzAeFw0w +ODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIGuMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhh +d3RlLCBJbmMuMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMTgwNgYD +VQQLEy8oYykgMjAwOCB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEkMCIG +A1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAtIEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAsr8nLPvb2FvdeHsbnndmgcs+vHyu86YnmjSjaDFxODNi5PNxZnmxqWWjpYvVj2At +P0LMqmsywCPLLEHd5N/8YZzic7IilRFDGF/Eth9XbAoFWCLINkw6fKXRz4aviKdEAhN0cXMKQlkC ++BsUa0Lfb1+6a4KinVvnSr0eAXLbS3ToO39/fR8EtCab4LRarEc9VbjXsCZSKAExQGbY2SS99irY +7CFJXJv2eul/VTV+lmuNk5Mny5K76qxAwJ/C+IDPXfRa3M50hqY+bAtTyr2SzhkGcuYMXDhpxwTW +vGzOW/b3aJzcJRVIiKHpqfiYnODz1TEoYRFsZ5aNOZnLwkUkOQIDAQABo0IwQDAPBgNVHRMBAf8E +BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUrWyqlGCc7eT/+j4KdCtjA/e2Wb8wDQYJ +KoZIhvcNAQELBQADggEBABpA2JVlrAmSicY59BDlqQ5mU1143vokkbvnRFHfxhY0Cu9qRFHqKweK +A3rD6z8KLFIWoCtDuSWQP3CpMyVtRRooOyfPqsMpQhvfO0zAMzRbQYi/aytlryjvsvXDqmbOe1bu +t8jLZ8HJnBoYuMTDSQPxYA5QzUbF83d597YV4Djbxy8ooAw/dyZ02SUS2jHaGh7cKUGRIjxpp7sC +8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fMm7v/OeZWYdMKp8RcTGB7BXcm +er/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZuMdRAGmI0Nj81Aa6sY6A= +-----END CERTIFICATE----- + +GeoTrust Primary Certification Authority - G2 +============================================= +-----BEGIN CERTIFICATE----- +MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDELMAkGA1UEBhMC +VVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChjKSAyMDA3IEdlb1RydXN0IElu +Yy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBD +ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMB4XDTA3MTEwNTAwMDAwMFoXDTM4MDExODIzNTk1 +OVowgZgxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykg +MjAwNyBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNVBAMTLUdl +b1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjB2MBAGByqGSM49AgEG +BSuBBAAiA2IABBWx6P0DFUPlrOuHNxFi79KDNlJ9RVcLSo17VDs6bl8VAsBQps8lL33KSLjHUGMc +KiEIfJo22Av+0SbFWDEwKCXzXV2juLaltJLtbCyf691DiaI8S0iRHVDsJt/WYC69IaNCMEAwDwYD +VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBVfNVdRVfslsq0DafwBo/q+ +EVXVMAoGCCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGTqQ7m +ndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBuczrD6ogRLQy7rQkgu2 +npaqBA+K +-----END CERTIFICATE----- + +VeriSign Universal Root Certification Authority +=============================================== +-----BEGIN CERTIFICATE----- +MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCBvTELMAkGA1UE +BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBO +ZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVk +IHVzZSBvbmx5MTgwNgYDVQQDEy9WZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9u +IEF1dGhvcml0eTAeFw0wODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIG9MQswCQYDVQQGEwJV +UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv +cmsxOjA4BgNVBAsTMShjKSAyMDA4IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl +IG9ubHkxODA2BgNVBAMTL1ZlcmlTaWduIFVuaXZlcnNhbCBSb290IENlcnRpZmljYXRpb24gQXV0 +aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2E3XrEBNNti1xWb/1hajCMj +1mCOkdeQmIN65lgZOIzF9uVkhbSicfvtvbnazU0AtMgtc6XHaXGVHzk8skQHnOgO+k1KxCHfKWGP +MiJhgsWHH26MfF8WIFFE0XBPV+rjHOPMee5Y2A7Cs0WTwCznmhcrewA3ekEzeOEz4vMQGn+HLL72 +9fdC4uW/h2KJXwBL38Xd5HVEMkE6HnFuacsLdUYI0crSK5XQz/u5QGtkjFdN/BMReYTtXlT2NJ8I +AfMQJQYXStrxHXpma5hgZqTZ79IugvHw7wnqRMkVauIDbjPTrJ9VAMf2CGqUuV/c4DPxhGD5WycR +tPwW8rtWaoAljQIDAQABo4GyMIGvMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMG0G +CCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2O +a8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMB0GA1Ud +DgQWBBS2d/ppSEefUxLVwuoHMnYH0ZcHGTANBgkqhkiG9w0BAQsFAAOCAQEASvj4sAPmLGd75JR3 +Y8xuTPl9Dg3cyLk1uXBPY/ok+myDjEedO2Pzmvl2MpWRsXe8rJq+seQxIcaBlVZaDrHC1LGmWazx +Y8u4TB1ZkErvkBYoH1quEPuBUDgMbMzxPcP1Y+Oz4yHJJDnp/RVmRvQbEdBNc6N9Rvk97ahfYtTx +P/jgdFcrGJ2BtMQo2pSXpXDrrB2+BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+P +wGZsY6rp2aQW9IHRlRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4 +mJO37M2CYfE45k+XmCpajQ== +-----END CERTIFICATE----- + +VeriSign Class 3 Public Primary Certification Authority - G4 +============================================================ +-----BEGIN CERTIFICATE----- +MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjELMAkGA1UEBhMC +VVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3 +b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVz +ZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmlj +YXRpb24gQXV0aG9yaXR5IC0gRzQwHhcNMDcxMTA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCByjEL +MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBU +cnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRo +b3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5 +IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASnVnp8 +Utpkmw4tXNherJI9/gHmGUo9FANL+mAnINmDiWn6VMaaGF5VKmTeBvaNSjutEDxlPZCIBIngMGGz +rl0Bp3vefLK+ymVhAIau2o970ImtTR1ZmkGxvEeA3J5iw/mjgbIwga8wDwYDVR0TAQH/BAUwAwEB +/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEw +HzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24u +Y29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFLMWkf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMD +A2gAMGUCMGYhDBgmYFo4e1ZC4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIx +AJw9SDkjOVgaFRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA== +-----END CERTIFICATE----- + +NetLock Arany (Class Gold) FÅ‘tanúsÃtvány +======================================== +-----BEGIN CERTIFICATE----- +MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQGEwJIVTERMA8G +A1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3MDUGA1UECwwuVGFuw7pzw610 +dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNlcnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBB +cmFueSAoQ2xhc3MgR29sZCkgRsWRdGFuw7pzw610dsOhbnkwHhcNMDgxMjExMTUwODIxWhcNMjgx +MjA2MTUwODIxWjCBpzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxO +ZXRMb2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlmaWNhdGlv +biBTZXJ2aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNzIEdvbGQpIEbFkXRhbsO6 +c8OtdHbDoW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCRec75LbRTDofTjl5Bu +0jBFHjzuZ9lk4BqKf8owyoPjIMHj9DrTlF8afFttvzBPhCf2nx9JvMaZCpDyD/V/Q4Q3Y1GLeqVw +/HpYzY6b7cNGbIRwXdrzAZAj/E4wqX7hJ2Pn7WQ8oLjJM2P+FpD/sLj916jAwJRDC7bVWaaeVtAk +H3B5r9s5VA1lddkVQZQBr17s9o3x/61k/iCa11zr/qYfCGSji3ZVrR47KGAuhyXoqq8fxmRGILdw +fzzeSNuWU7c5d+Qa4scWhHaXWy+7GRWF+GmF9ZmnqfI0p6m2pgP8b4Y9VHx2BJtr+UBdADTHLpl1 +neWIA6pN+APSQnbAGwIDAKiLo0UwQzASBgNVHRMBAf8ECDAGAQH/AgEEMA4GA1UdDwEB/wQEAwIB +BjAdBgNVHQ4EFgQUzPpnk/C2uNClwB7zU/2MU9+D15YwDQYJKoZIhvcNAQELBQADggEBAKt/7hwW +qZw8UQCgwBEIBaeZ5m8BiFRhbvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTta +YtOUZcTh5m2C+C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC +bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2FuLjbvrW5Kfna +NwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2XjG4Kvte9nHfRCaexOYNkbQu +dZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E= +-----END CERTIFICATE----- + +Staat der Nederlanden Root CA - G2 +================================== +-----BEGIN CERTIFICATE----- +MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJOTDEeMBwGA1UE +CgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFhdCBkZXIgTmVkZXJsYW5kZW4g +Um9vdCBDQSAtIEcyMB4XDTA4MDMyNjExMTgxN1oXDTIwMDMyNTExMDMxMFowWjELMAkGA1UEBhMC +TkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5l +ZGVybGFuZGVuIFJvb3QgQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMVZ +5291qj5LnLW4rJ4L5PnZyqtdj7U5EILXr1HgO+EASGrP2uEGQxGZqhQlEq0i6ABtQ8SpuOUfiUtn +vWFI7/3S4GCI5bkYYCjDdyutsDeqN95kWSpGV+RLufg3fNU254DBtvPUZ5uW6M7XxgpT0GtJlvOj +CwV3SPcl5XCsMBQgJeN/dVrlSPhOewMHBPqCYYdu8DvEpMfQ9XQ+pV0aCPKbJdL2rAQmPlU6Yiil +e7Iwr/g3wtG61jj99O9JMDeZJiFIhQGp5Rbn3JBV3w/oOM2ZNyFPXfUib2rFEhZgF1XyZWampzCR +OME4HYYEhLoaJXhena/MUGDWE4dS7WMfbWV9whUYdMrhfmQpjHLYFhN9C0lK8SgbIHRrxT3dsKpI +CT0ugpTNGmXZK4iambwYfp/ufWZ8Pr2UuIHOzZgweMFvZ9C+X+Bo7d7iscksWXiSqt8rYGPy5V65 +48r6f1CGPqI0GAwJaCgRHOThuVw+R7oyPxjMW4T182t0xHJ04eOLoEq9jWYv6q012iDTiIJh8BIi +trzQ1aTsr1SIJSQ8p22xcik/Plemf1WvbibG/ufMQFxRRIEKeN5KzlW/HdXZt1bv8Hb/C3m1r737 +qWmRRpdogBQ2HbN/uymYNqUg+oJgYjOk7Na6B6duxc8UpufWkjTYgfX8HV2qXB72o007uPc5AgMB +AAGjgZcwgZQwDwYDVR0TAQH/BAUwAwEB/zBSBgNVHSAESzBJMEcGBFUdIAAwPzA9BggrBgEFBQcC +ARYxaHR0cDovL3d3dy5wa2lvdmVyaGVpZC5ubC9wb2xpY2llcy9yb290LXBvbGljeS1HMjAOBgNV +HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJFoMocVHYnitfGsNig0jQt8YojrMA0GCSqGSIb3DQEBCwUA +A4ICAQCoQUpnKpKBglBu4dfYszk78wIVCVBR7y29JHuIhjv5tLySCZa59sCrI2AGeYwRTlHSeYAz ++51IvuxBQ4EffkdAHOV6CMqqi3WtFMTC6GY8ggen5ieCWxjmD27ZUD6KQhgpxrRW/FYQoAUXvQwj +f/ST7ZwaUb7dRUG/kSS0H4zpX897IZmflZ85OkYcbPnNe5yQzSipx6lVu6xiNGI1E0sUOlWDuYaN +kqbG9AclVMwWVxJKgnjIFNkXgiYtXSAfea7+1HAWFpWD2DU5/1JddRwWxRNVz0fMdWVSSt7wsKfk +CpYL+63C4iWEst3kvX5ZbJvw8NjnyvLplzh+ib7M+zkXYT9y2zqR2GUBGR2tUKRXCnxLvJxxcypF +URmFzI79R6d0lR2o0a9OF7FpJsKqeFdbxU2n5Z4FF5TKsl+gSRiNNOkmbEgeqmiSBeGCc1qb3Adb +CG19ndeNIdn8FCCqwkXfP+cAslHkwvgFuXkajDTznlvkN1trSt8sV4pAWja63XVECDdCcAz+3F4h +oKOKwJCcaNpQ5kUQR3i2TtJlycM33+FCY7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoV +IPVVYpbtbZNQvOSqeK3Zywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm +66+KAQ== +-----END CERTIFICATE----- + +Hongkong Post Root CA 1 +======================= +-----BEGIN CERTIFICATE----- +MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsxFjAUBgNVBAoT +DUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3QgUm9vdCBDQSAxMB4XDTAzMDUx +NTA1MTMxNFoXDTIzMDUxNTA0NTIyOVowRzELMAkGA1UEBhMCSEsxFjAUBgNVBAoTDUhvbmdrb25n +IFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3QgUm9vdCBDQSAxMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEArP84tulmAknjorThkPlAj3n54r15/gK97iSSHSL22oVyaf7XPwnU3ZG1 +ApzQjVrhVcNQhrkpJsLj2aDxaQMoIIBFIi1WpztUlVYiWR8o3x8gPW2iNr4joLFutbEnPzlTCeqr +auh0ssJlXI6/fMN4hM2eFvz1Lk8gKgifd/PFHsSaUmYeSF7jEAaPIpjhZY4bXSNmO7ilMlHIhqqh +qZ5/dpTCpmy3QfDVyAY45tQM4vM7TG1QjMSDJ8EThFk9nnV0ttgCXjqQesBCNnLsak3c78QA3xMY +V18meMjWCnl3v/evt3a5pQuEF10Q6m/hq5URX208o1xNg1vysxmKgIsLhwIDAQABoyYwJDASBgNV +HRMBAf8ECDAGAQH/AgEDMA4GA1UdDwEB/wQEAwIBxjANBgkqhkiG9w0BAQUFAAOCAQEADkbVPK7i +h9legYsCmEEIjEy82tvuJxuC52pF7BaLT4Wg87JwvVqWuspube5Gi27nKi6Wsxkz67SfqLI37pio +l7Yutmcn1KZJ/RyTZXaeQi/cImyaT/JaFTmxcdcrUehtHJjA2Sr0oYJ71clBoiMBdDhViw+5Lmei +IAQ32pwL0xch4I+XeTRvhEgCIDMb5jREn5Fw9IBehEPCKdJsEhTkYY2sEJCehFC78JZvRZ+K88ps +T/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpOfMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilT +c4afU9hDDl3WY4JxHYB0yvbiAmvZWg== +-----END CERTIFICATE----- + +SecureSign RootCA11 +=================== +-----BEGIN CERTIFICATE----- +MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJKUDErMCkGA1UEChMi +SmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoGA1UEAxMTU2VjdXJlU2lnbiBS +b290Q0ExMTAeFw0wOTA0MDgwNDU2NDdaFw0yOTA0MDgwNDU2NDdaMFgxCzAJBgNVBAYTAkpQMSsw +KQYDVQQKEyJKYXBhbiBDZXJ0aWZpY2F0aW9uIFNlcnZpY2VzLCBJbmMuMRwwGgYDVQQDExNTZWN1 +cmVTaWduIFJvb3RDQTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/XeqpRyQBTvL +TJszi1oURaTnkBbR31fSIRCkF/3frNYfp+TbfPfs37gD2pRY/V1yfIw/XwFndBWW4wI8h9uuywGO +wvNmxoVF9ALGOrVisq/6nL+k5tSAMJjzDbaTj6nU2DbysPyKyiyhFTOVMdrAG/LuYpmGYz+/3ZMq +g6h2uRMft85OQoWPIucuGvKVCbIFtUROd6EgvanyTgp9UK31BQ1FT0Zx/Sg+U/sE2C3XZR1KG/rP +O7AxmjVuyIsG0wCR8pQIZUyxNAYAeoni8McDWc/V1uinMrPmmECGxc0nEovMe863ETxiYAcjPitA +bpSACW22s293bzUIUPsCh8U+iQIDAQABo0IwQDAdBgNVHQ4EFgQUW/hNT7KlhtQ60vFjmqC+CfZX +t94wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAKCh +OBZmLqdWHyGcBvod7bkixTgm2E5P7KN/ed5GIaGHd48HCJqypMWvDzKYC3xmKbabfSVSSUOrTC4r +bnpwrxYO4wJs+0LmGJ1F2FXI6Dvd5+H0LgscNFxsWEr7jIhQX5Ucv+2rIrVls4W6ng+4reV6G4pQ +Oh29Dbx7VFALuUKvVaAYga1lme++5Jy/xIWrQbJUb9wlze144o4MjQlJ3WN7WmmWAiGovVJZ6X01 +y8hSyn+B/tlr0/cR7SXf+Of5pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061 +lgeLKBObjBmNQSdJQO7e5iNEOdyhIta6A/I= +-----END CERTIFICATE----- + +ACEDICOM Root +============= +-----BEGIN CERTIFICATE----- +MIIFtTCCA52gAwIBAgIIYY3HhjsBggUwDQYJKoZIhvcNAQEFBQAwRDEWMBQGA1UEAwwNQUNFRElD +T00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00xCzAJBgNVBAYTAkVTMB4XDTA4 +MDQxODE2MjQyMloXDTI4MDQxMzE2MjQyMlowRDEWMBQGA1UEAwwNQUNFRElDT00gUm9vdDEMMAoG +A1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00xCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEF +AAOCAg8AMIICCgKCAgEA/5KV4WgGdrQsyFhIyv2AVClVYyT/kGWbEHV7w2rbYgIB8hiGtXxaOLHk +WLn709gtn70yN78sFW2+tfQh0hOR2QetAQXW8713zl9CgQr5auODAKgrLlUTY4HKRxx7XBZXehuD +YAQ6PmXDzQHe3qTWDLqO3tkE7hdWIpuPY/1NFgu3e3eM+SW10W2ZEi5PGrjm6gSSrj0RuVFCPYew +MYWveVqc/udOXpJPQ/yrOq2lEiZmueIM15jO1FillUAKt0SdE3QrwqXrIhWYENiLxQSfHY9g5QYb +m8+5eaA9oiM/Qj9r+hwDezCNzmzAv+YbX79nuIQZ1RXve8uQNjFiybwCq0Zfm/4aaJQ0PZCOrfbk +HQl/Sog4P75n/TSW9R28MHTLOO7VbKvU/PQAtwBbhTIWdjPp2KOZnQUAqhbm84F9b32qhm2tFXTT +xKJxqvQUfecyuB+81fFOvW8XAjnXDpVCOscAPukmYxHqC9FK/xidstd7LzrZlvvoHpKuE1XI2Sf2 +3EgbsCTBheN3nZqk8wwRHQ3ItBTutYJXCb8gWH8vIiPYcMt5bMlL8qkqyPyHK9caUPgn6C9D4zq9 +2Fdx/c6mUlv53U3t5fZvie27k5x2IXXwkkwp9y+cAS7+UEaeZAwUswdbxcJzbPEHXEUkFDWug/Fq +TYl6+rPYLWbwNof1K1MCAwEAAaOBqjCBpzAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKaz +4SsrSbbXc6GqlPUB53NlTKxQMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUprPhKytJttdzoaqU +9QHnc2VMrFAwRAYDVR0gBD0wOzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly9hY2VkaWNv +bS5lZGljb21ncm91cC5jb20vZG9jMA0GCSqGSIb3DQEBBQUAA4ICAQDOLAtSUWImfQwng4/F9tqg +aHtPkl7qpHMyEVNEskTLnewPeUKzEKbHDZ3Ltvo/Onzqv4hTGzz3gvoFNTPhNahXwOf9jU8/kzJP +eGYDdwdY6ZXIfj7QeQCM8htRM5u8lOk6e25SLTKeI6RF+7YuE7CLGLHdztUdp0J/Vb77W7tH1Pwk +zQSulgUV1qzOMPPKC8W64iLgpq0i5ALudBF/TP94HTXa5gI06xgSYXcGCRZj6hitoocf8seACQl1 +ThCojz2GuHURwCRiipZ7SkXp7FnFvmuD5uHorLUwHv4FB4D54SMNUI8FmP8sX+g7tq3PgbUhh8oI +KiMnMCArz+2UW6yyetLHKKGKC5tNSixthT8Jcjxn4tncB7rrZXtaAWPWkFtPF2Y9fwsZo5NjEFIq +nxQWWOLcpfShFosOkYuByptZ+thrkQdlVV9SH686+5DdaaVbnG0OLLb6zqylfDJKZ0DcMDQj3dcE +I2bw/FWAp/tmGYI1Z2JwOV5vx+qQQEQIHriy1tvuWacNGHk0vFQYXlPKNFHtRQrmjseCNj6nOGOp +MCwXEGCSn1WHElkQwg9naRHMTh5+Spqtr0CodaxWkHS4oJyleW/c6RrIaQXpuvoDs3zk4E7Czp3o +tkYNbn5XOmeUwssfnHdKZ05phkOTOPu220+DkdRgfks+KzgHVZhepA== +-----END CERTIFICATE----- + +Microsec e-Szigno Root CA 2009 +============================== +-----BEGIN CERTIFICATE----- +MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYDVQQGEwJIVTER +MA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jv +c2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5o +dTAeFw0wOTA2MTYxMTMwMThaFw0yOTEyMzAxMTMwMThaMIGCMQswCQYDVQQGEwJIVTERMA8GA1UE +BwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUt +U3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOn4j/NjrdqG2KfgQvvPkd6mJviZpWNwrZuuyjNA +fW2WbqEORO7hE52UQlKavXWFdCyoDh2Tthi3jCyoz/tccbna7P7ofo/kLx2yqHWH2Leh5TvPmUpG +0IMZfcChEhyVbUr02MelTTMuhTlAdX4UfIASmFDHQWe4oIBhVKZsTh/gnQ4H6cm6M+f+wFUoLAKA +pxn1ntxVUwOXewdI/5n7N4okxFnMUBBjjqqpGrCEGob5X7uxUG6k0QrM1XF+H6cbfPVTbiJfyyvm +1HxdrtbCxkzlBQHZ7Vf8wSN5/PrIJIOV87VqUQHQd9bpEqH5GoP7ghu5sJf0dgYzQ0mg/wu1+rUC +AwEAAaOBgDB+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTLD8bf +QkPMPcu1SCOhGnqmKrs0aDAfBgNVHSMEGDAWgBTLD8bfQkPMPcu1SCOhGnqmKrs0aDAbBgNVHREE +FDASgRBpbmZvQGUtc3ppZ25vLmh1MA0GCSqGSIb3DQEBCwUAA4IBAQDJ0Q5eLtXMs3w+y/w9/w0o +lZMEyL/azXm4Q5DwpL7v8u8hmLzU1F0G9u5C7DBsoKqpyvGvivo/C3NqPuouQH4frlRheesuCDfX +I/OMn74dseGkddug4lQUsbocKaQY9hK6ohQU4zE1yED/t+AFdlfBHFny+L/k7SViXITwfn4fs775 +tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c2Pm2G2JwCz02 +yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5tHMN1Rq41Bab2XD0h7lbwyYIi +LXpUq3DDfSJlgnCW +-----END CERTIFICATE----- + +GlobalSign Root CA - R3 +======================= +-----BEGIN CERTIFICATE----- +MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4GA1UECxMXR2xv +YmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2Jh +bFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxT +aWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2ln +bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWt +iHL8RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsTgHeMCOFJ +0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmmKPZpO/bLyCiR5Z2KYVc3 +rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zdQQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjl +OCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZXriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2 +xmmFghcCAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE +FI/wS3+oLkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZURUm7 +lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMpjjM5RcOO5LlXbKr8 +EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK6fBdRoyV3XpYKBovHd7NADdBj+1E +bddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQXmcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18 +YIvDQVETI53O9zJrlAGomecsMx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7r +kpeDMdmztcpHWD9f +-----END CERTIFICATE----- + +Autoridad de Certificacion Firmaprofesional CIF A62634068 +========================================================= +-----BEGIN CERTIFICATE----- +MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UEBhMCRVMxQjBA +BgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1hcHJvZmVzaW9uYWwgQ0lGIEE2 +MjYzNDA2ODAeFw0wOTA1MjAwODM4MTVaFw0zMDEyMzEwODM4MTVaMFExCzAJBgNVBAYTAkVTMUIw +QAYDVQQDDDlBdXRvcmlkYWQgZGUgQ2VydGlmaWNhY2lvbiBGaXJtYXByb2Zlc2lvbmFsIENJRiBB +NjI2MzQwNjgwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKlmuO6vj78aI14H9M2uDD +Utd9thDIAl6zQyrET2qyyhxdKJp4ERppWVevtSBC5IsP5t9bpgOSL/UR5GLXMnE42QQMcas9UX4P +B99jBVzpv5RvwSmCwLTaUbDBPLutN0pcyvFLNg4kq7/DhHf9qFD0sefGL9ItWY16Ck6WaVICqjaY +7Pz6FIMMNx/Jkjd/14Et5cS54D40/mf0PmbR0/RAz15iNA9wBj4gGFrO93IbJWyTdBSTo3OxDqqH +ECNZXyAFGUftaI6SEspd/NYrspI8IM/hX68gvqB2f3bl7BqGYTM+53u0P6APjqK5am+5hyZvQWyI +plD9amML9ZMWGxmPsu2bm8mQ9QEM3xk9Dz44I8kvjwzRAv4bVdZO0I08r0+k8/6vKtMFnXkIoctX +MbScyJCyZ/QYFpM6/EfY0XiWMR+6KwxfXZmtY4laJCB22N/9q06mIqqdXuYnin1oKaPnirjaEbsX +LZmdEyRG98Xi2J+Of8ePdG1asuhy9azuJBCtLxTa/y2aRnFHvkLfuwHb9H/TKI8xWVvTyQKmtFLK +bpf7Q8UIJm+K9Lv9nyiqDdVF8xM6HdjAeI9BZzwelGSuewvF6NkBiDkal4ZkQdU7hwxu+g/GvUgU +vzlN1J5Bto+WHWOWk9mVBngxaJ43BjuAiUVhOSPHG0SjFeUc+JIwuwIDAQABo4HvMIHsMBIGA1Ud +EwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRlzeurNR4APn7VdMActHNH +DhpkLzCBpgYDVR0gBIGeMIGbMIGYBgRVHSAAMIGPMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmZp +cm1hcHJvZmVzaW9uYWwuY29tL2NwczBcBggrBgEFBQcCAjBQHk4AUABhAHMAZQBvACAAZABlACAA +bABhACAAQgBvAG4AYQBuAG8AdgBhACAANAA3ACAAQgBhAHIAYwBlAGwAbwBuAGEAIAAwADgAMAAx +ADcwDQYJKoZIhvcNAQEFBQADggIBABd9oPm03cXF661LJLWhAqvdpYhKsg9VSytXjDvlMd3+xDLx +51tkljYyGOylMnfX40S2wBEqgLk9am58m9Ot/MPWo+ZkKXzR4Tgegiv/J2Wv+xYVxC5xhOW1//qk +R71kMrv2JYSiJ0L1ILDCExARzRAVukKQKtJE4ZYm6zFIEv0q2skGz3QeqUvVhyj5eTSSPi5E6PaP +T481PyWzOdxjKpBrIF/EUhJOlywqrJ2X3kjyo2bbwtKDlaZmp54lD+kLM5FlClrD2VQS3a/DTg4f +Jl4N3LON7NWBcN7STyQF82xO9UxJZo3R/9ILJUFI/lGExkKvgATP0H5kSeTy36LssUzAKh3ntLFl +osS88Zj0qnAHY7S42jtM+kAiMFsRpvAFDsYCA0irhpuF3dvd6qJ2gHN99ZwExEWN57kci57q13XR +crHedUTnQn3iV2t93Jm8PYMo6oCTjcVMZcFwgbg4/EMxsvYDNEeyrPsiBsse3RdHHF9mudMaotoR +saS8I8nkvof/uZS2+F0gStRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTD +KCOM/iczQ0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQBjLMi +6Et8Vcad+qMUu2WFbm5PEn4KPJ2V +-----END CERTIFICATE----- + +Izenpe.com +========== +-----BEGIN CERTIFICATE----- +MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4MQswCQYDVQQG +EwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6ZW5wZS5jb20wHhcNMDcxMjEz +MTMwODI4WhcNMzcxMjEzMDgyNzI1WjA4MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMu +QS4xEzARBgNVBAMMCkl6ZW5wZS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJ +03rKDx6sp4boFmVqscIbRTJxldn+EFvMr+eleQGPicPK8lVx93e+d5TzcqQsRNiekpsUOqHnJJAK +ClaOxdgmlOHZSOEtPtoKct2jmRXagaKH9HtuJneJWK3W6wyyQXpzbm3benhB6QiIEn6HLmYRY2xU ++zydcsC8Lv/Ct90NduM61/e0aL6i9eOBbsFGb12N4E3GVFWJGjMxCrFXuaOKmMPsOzTFlUFpfnXC +PCDFYbpRR6AgkJOhkEvzTnyFRVSa0QUmQbC1TR0zvsQDyCV8wXDbO/QJLVQnSKwv4cSsPsjLkkxT +OTcj7NMB+eAJRE1NZMDhDVqHIrytG6P+JrUV86f8hBnp7KGItERphIPzidF0BqnMC9bC3ieFUCbK +F7jJeodWLBoBHmy+E60QrLUk9TiRodZL2vG70t5HtfG8gfZZa88ZU+mNFctKy6lvROUbQc/hhqfK +0GqfvEyNBjNaooXlkDWgYlwWTvDjovoDGrQscbNYLN57C9saD+veIR8GdwYDsMnvmfzAuU8Lhij+ +0rnq49qlw0dpEuDb8PYZi+17cNcC1u2HGCgsBCRMd+RIihrGO5rUD8r6ddIBQFqNeb+Lz0vPqhbB +leStTIo+F5HUsWLlguWABKQDfo2/2n+iD5dPDNMN+9fR5XJ+HMh3/1uaD7euBUbl8agW7EekFwID +AQABo4H2MIHzMIGwBgNVHREEgagwgaWBD2luZm9AaXplbnBlLmNvbaSBkTCBjjFHMEUGA1UECgw+ +SVpFTlBFIFMuQS4gLSBDSUYgQTAxMzM3MjYwLVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBG +NjIgUzgxQzBBBgNVBAkMOkF2ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAwMTAx +MCBWaXRvcmlhLUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0O +BBYEFB0cZQ6o8iV7tJHP5LGx5r1VdGwFMA0GCSqGSIb3DQEBCwUAA4ICAQB4pgwWSp9MiDrAyw6l +Fn2fuUhfGI8NYjb2zRlrrKvV9pF9rnHzP7MOeIWblaQnIUdCSnxIOvVFfLMMjlF4rJUT3sb9fbga +kEyrkgPH7UIBzg/YsfqikuFgba56awmqxinuaElnMIAkejEWOVt+8Rwu3WwJrfIxwYJOubv5vr8q +hT/AQKM6WfxZSzwoJNu0FXWuDYi6LnPAvViH5ULy617uHjAimcs30cQhbIHsvm0m5hzkQiCeR7Cs +g1lwLDXWrzY0tM07+DKo7+N4ifuNRSzanLh+QBxh5z6ikixL8s36mLYp//Pye6kfLqCTVyvehQP5 +aTfLnnhqBbTFMXiJ7HqnheG5ezzevh55hM6fcA5ZwjUukCox2eRFekGkLhObNA5me0mrZJfQRsN5 +nXJQY6aYWwa9SG3YOYNw6DXwBdGqvOPbyALqfP2C2sJbUjWumDqtujWTI6cfSN01RpiyEGjkpTHC +ClguGYEQyVB1/OpaFs4R1+7vUIgtYf8/QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZo +Q0iy2+tzJOeRf1SktoA+naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1Z +WrOZyGlsQyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw== +-----END CERTIFICATE----- + +Chambers of Commerce Root - 2008 +================================ +-----BEGIN CERTIFICATE----- +MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYDVQQGEwJFVTFD +MEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNv +bS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMu +QS4xKTAnBgNVBAMTIENoYW1iZXJzIG9mIENvbW1lcmNlIFJvb3QgLSAyMDA4MB4XDTA4MDgwMTEy +Mjk1MFoXDTM4MDczMTEyMjk1MFowga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNl +ZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQF +EwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJl +cnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC +AQCvAMtwNyuAWko6bHiUfaN/Gh/2NdW928sNRHI+JrKQUrpjOyhYb6WzbZSm891kDFX29ufyIiKA +XuFixrYp4YFs8r/lfTJqVKAyGVn+H4vXPWCGhSRv4xGzdz4gljUha7MI2XAuZPeEklPWDrCQiorj +h40G072QDuKZoRuGDtqaCrsLYVAGUvGef3bsyw/QHg3PmTA9HMRFEFis1tPo1+XqxQEHd9ZR5gN/ +ikilTWh1uem8nk4ZcfUyS5xtYBkL+8ydddy/Js2Pk3g5eXNeJQ7KXOt3EgfLZEFHcpOrUMPrCXZk +NNI5t3YRCQ12RcSprj1qr7V9ZS+UWBDsXHyvfuK2GNnQm05aSd+pZgvMPMZ4fKecHePOjlO+Bd5g +D2vlGts/4+EhySnB8esHnFIbAURRPHsl18TlUlRdJQfKFiC4reRB7noI/plvg6aRArBsNlVq5331 +lubKgdaX8ZSD6e2wsWsSaR6s+12pxZjptFtYer49okQ6Y1nUCyXeG0+95QGezdIp1Z8XGQpvvwyQ +0wlf2eOKNcx5Wk0ZN5K3xMGtr/R5JJqyAQuxr1yW84Ay+1w9mPGgP0revq+ULtlVmhduYJ1jbLhj +ya6BXBg14JC7vjxPNyK5fuvPnnchpj04gftI2jE9K+OJ9dC1vX7gUMQSibMjmhAxhduub+84Mxh2 +EQIDAQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBDDAdBgNVHQ4EFgQU+SSsD7K1+HnA+mCI +G8TZTQKeFxkwgeMGA1UdIwSB2zCB2IAU+SSsD7K1+HnA+mCIG8TZTQKeFxmhgbSkgbEwga4xCzAJ +BgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNh +bWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENh +bWVyZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDiC +CQCj2kJ+pLGu2jAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUH +AgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZIhvcNAQEFBQADggIBAJASryI1 +wqM58C7e6bXpeHxIvj99RZJe6dqxGfwWPJ+0W2aeaufDuV2I6A+tzyMP3iU6XsxPpcG1Lawk0lgH +3qLPaYRgM+gQDROpI9CF5Y57pp49chNyM/WqfcZjHwj0/gF/JM8rLFQJ3uIrbZLGOU8W6jx+ekbU +RWpGqOt1glanq6B8aBMz9p0w8G8nOSQjKpD9kCk18pPfNKXG9/jvjA9iSnyu0/VU+I22mlaHFoI6 +M6taIgj3grrqLuBHmrS1RaMFO9ncLkVAO+rcf+g769HsJtg1pDDFOqxXnrN2pSB7+R5KBWIBpih1 +YJeSDW4+TTdDDZIVnBgizVGZoCkaPF+KMjNbMMeJL0eYD6MDxvbxrN8y8NmBGuScvfaAFPDRLLmF +9dijscilIeUcE5fuDr3fKanvNFNb0+RqE4QGtjICxFKuItLcsiFCGtpA8CnJ7AoMXOLQusxI0zcK +zBIKinmwPQN/aUv0NCB9szTqjktk9T79syNnFQ0EuPAtwQlRPLJsFfClI9eDdOTlLsn+mCdCxqvG +nrDQWzilm1DefhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg +OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZd0jQ +-----END CERTIFICATE----- + +Global Chambersign Root - 2008 +============================== +-----BEGIN CERTIFICATE----- +MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYDVQQGEwJFVTFD +MEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNv +bS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMu +QS4xJzAlBgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwODAeFw0wODA4MDExMjMx +NDBaFw0zODA3MzExMjMxNDBaMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUg +Y3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJ +QTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBD +aGFtYmVyc2lnbiBSb290IC0gMjAwODCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMDf +VtPkOpt2RbQT2//BthmLN0EYlVJH6xedKYiONWwGMi5HYvNJBL99RDaxccy9Wglz1dmFRP+RVyXf +XjaOcNFccUMd2drvXNL7G706tcuto8xEpw2uIRU/uXpbknXYpBI4iRmKt4DS4jJvVpyR1ogQC7N0 +ZJJ0YPP2zxhPYLIj0Mc7zmFLmY/CDNBAspjcDahOo7kKrmCgrUVSY7pmvWjg+b4aqIG7HkF4ddPB +/gBVsIdU6CeQNR1MM62X/JcumIS/LMmjv9GYERTtY/jKmIhYF5ntRQOXfjyGHoiMvvKRhI9lNNgA +TH23MRdaKXoKGCQwoze1eqkBfSbW+Q6OWfH9GzO1KTsXO0G2Id3UwD2ln58fQ1DJu7xsepeY7s2M +H/ucUa6LcL0nn3HAa6x9kGbo1106DbDVwo3VyJ2dwW3Q0L9R5OP4wzg2rtandeavhENdk5IMagfe +Ox2YItaswTXbo6Al/3K1dh3ebeksZixShNBFks4c5eUzHdwHU1SjqoI7mjcv3N2gZOnm3b2u/GSF +HTynyQbehP9r6GsaPMWis0L7iwk+XwhSx2LE1AVxv8Rk5Pihg+g+EpuoHtQ2TS9x9o0o9oOpE9Jh +wZG7SMA0j0GMS0zbaRL/UJScIINZc+18ofLx/d33SdNDWKBWY8o9PeU1VlnpDsogzCtLkykPAgMB +AAGjggFqMIIBZjASBgNVHRMBAf8ECDAGAQH/AgEMMB0GA1UdDgQWBBS5CcqcHtvTbDprru1U8VuT +BjUuXjCB4QYDVR0jBIHZMIHWgBS5CcqcHtvTbDprru1U8VuTBjUuXqGBsqSBrzCBrDELMAkGA1UE +BhMCRVUxQzBBBgNVBAcTOk1hZHJpZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJm +aXJtYS5jb20vYWRkcmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJm +aXJtYSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAtIDIwMDiCCQDJzdPp +1X0jzjAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0 +dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZIhvcNAQEFBQADggIBAICIf3DekijZBZRG +/5BXqfEv3xoNa/p8DhxJJHkn2EaqbylZUohwEurdPfWbU1Rv4WCiqAm57OtZfMY18dwY6fFn5a+6 +ReAJ3spED8IXDneRRXozX1+WLGiLwUePmJs9wOzL9dWCkoQ10b42OFZyMVtHLaoXpGNR6woBrX/s +dZ7LoR/xfxKxueRkf2fWIyr0uDldmOghp+G9PUIadJpwr2hsUF1Jz//7Dl3mLEfXgTpZALVza2Mg +9jFFCDkO9HB+QHBaP9BrQql0PSgvAm11cpUJjUhjxsYjV5KTXjXBjfkK9yydYhz2rXzdpjEetrHH +foUm+qRqtdpjMNHvkzeyZi99Bffnt0uYlDXA2TopwZ2yUDMdSqlapskD7+3056huirRXhOukP9Du +qqqHW2Pok+JrqNS4cnhrG+055F3Lm6qH1U9OAP7Zap88MQ8oAgF9mOinsKJknnn4SPIVqczmyETr +P3iZ8ntxPjzxmKfFGBI/5rsoM0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVq +c5iJWzouE4gev8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z +09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/B +-----END CERTIFICATE----- + +Go Daddy Root Certificate Authority - G2 +======================================== +-----BEGIN CERTIFICATE----- +MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT +B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdvRGFkZHkuY29tLCBJbmMu +MTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5 +MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgYMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6 +b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8G +A1UEAxMoR28gRGFkZHkgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAL9xYgjx+lk09xvJGKP3gElY6SKDE6bFIEMBO4Tx5oVJnyfq +9oQbTqC023CYxzIBsQU+B07u9PpPL1kwIuerGVZr4oAH/PMWdYA5UXvl+TW2dE6pjYIT5LY/qQOD ++qK+ihVqf94Lw7YZFAXK6sOoBJQ7RnwyDfMAZiLIjWltNowRGLfTshxgtDj6AozO091GB94KPutd +fMh8+7ArU6SSYmlRJQVhGkSBjCypQ5Yj36w6gZoOKcUcqeldHraenjAKOc7xiID7S13MMuyFYkMl +NAJWJwGRtDtwKj9useiciAF9n9T521NtYJ2/LOdYq7hfRvzOxBsDPAnrSTFcaUaz4EcCAwEAAaNC +MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFDqahQcQZyi27/a9 +BUFuIMGU2g/eMA0GCSqGSIb3DQEBCwUAA4IBAQCZ21151fmXWWcDYfF+OwYxdS2hII5PZYe096ac +vNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu9tfeE8tTEH6KRtGX+rcuKxGrkLAngPnon1rpN5+r +5N9ss4UXnT3ZJE95kTXWXwTrgIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYV +N8Gb5DKj7Tjo2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO +LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI4uJEvlz36hz1 +-----END CERTIFICATE----- + +Starfield Root Certificate Authority - G2 +========================================= +-----BEGIN CERTIFICATE----- +MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT +B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9s +b2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVsZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0 +eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAlVTMRAw +DgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQg +VGVjaG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZpY2F0ZSBB +dXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL3twQP89o/8ArFv +W59I2Z154qK3A2FWGMNHttfKPTUuiUP3oWmb3ooa/RMgnLRJdzIpVv257IzdIvpy3Cdhl+72WoTs +bhm5iSzchFvVdPtrX8WJpRBSiUZV9Lh1HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNk +N3mSwOxGXn/hbVNMYq/NHwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uLicFZ8WJ/X7Nf +ZTD4p7dNdloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzRmZTRouNjWwl2tVZi4Ut0HZbU +JtQIBFnQmA4O5t78w+wfkPECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC +AQYwHQYDVR0OBBYEFHwMMh+n2TB/xH1oo2Kooc6rB1snMA0GCSqGSIb3DQEBCwUAA4IBAQARWfol +TwNvlJk7mh+ChTnUdgWUXuEok21iXQnCoKjUsHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx +4mcujJUDJi5DnUox9g61DLu34jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUw +F5okxBDgBPfg8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K +pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1mMpYjn0q7pBZ +c2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0 +-----END CERTIFICATE----- + +Starfield Services Root Certificate Authority - G2 +================================================== +-----BEGIN CERTIFICATE----- +MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgT +B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9s +b2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRl +IEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgZgxCzAJBgNV +BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxT +dGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTswOQYDVQQDEzJTdGFyZmllbGQgU2VydmljZXMg +Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC +AQoCggEBANUMOsQq+U7i9b4Zl1+OiFOxHz/Lz58gE20pOsgPfTz3a3Y4Y9k2YKibXlwAgLIvWX/2 +h/klQ4bnaRtSmpDhcePYLQ1Ob/bISdm28xpWriu2dBTrz/sm4xq6HZYuajtYlIlHVv8loJNwU4Pa +hHQUw2eeBGg6345AWh1KTs9DkTvnVtYAcMtS7nt9rjrnvDH5RfbCYM8TWQIrgMw0R9+53pBlbQLP +LJGmpufehRhJfGZOozptqbXuNC66DQO4M99H67FrjSXZm86B0UVGMpZwh94CDklDhbZsc7tk6mFB +rMnUVN+HL8cisibMn1lUaJ/8viovxFUcdUBgF4UCVTmLfwUCAwEAAaNCMEAwDwYDVR0TAQH/BAUw +AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJxfAN+qAdcwKziIorhtSpzyEZGDMA0GCSqG +SIb3DQEBCwUAA4IBAQBLNqaEd2ndOxmfZyMIbw5hyf2E3F/YNoHN2BtBLZ9g3ccaaNnRbobhiCPP +E95Dz+I0swSdHynVv/heyNXBve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTy +xQGjhdByPq1zqwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd +iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn0q23KXB56jza +YyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCNsSi6 +-----END CERTIFICATE----- + +AffirmTrust Commercial +====================== +-----BEGIN CERTIFICATE----- +MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UEBhMCVVMxFDAS +BgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBDb21tZXJjaWFsMB4XDTEw +MDEyOTE0MDYwNloXDTMwMTIzMTE0MDYwNlowRDELMAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmly +bVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBDb21tZXJjaWFsMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEA9htPZwcroRX1BiLLHwGy43NFBkRJLLtJJRTWzsO3qyxPxkEylFf6Eqdb +DuKPHx6GGaeqtS25Xw2Kwq+FNXkyLbscYjfysVtKPcrNcV/pQr6U6Mje+SJIZMblq8Yrba0F8PrV +C8+a5fBQpIs7R6UjW3p6+DM/uO+Zl+MgwdYoic+U+7lF7eNAFxHUdPALMeIrJmqbTFeurCA+ukV6 +BfO9m2kVrn1OIGPENXY6BwLJN/3HR+7o8XYdcxXyl6S1yHp52UKqK39c/s4mT6NmgTWvRLpUHhww +MmWd5jyTXlBOeuM61G7MGvv50jeuJCqrVwMiKA1JdX+3KNp1v47j3A55MQIDAQABo0IwQDAdBgNV +HQ4EFgQUnZPGU4teyq8/nx4P5ZmVvCT2lI8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC +AQYwDQYJKoZIhvcNAQELBQADggEBAFis9AQOzcAN/wr91LoWXym9e2iZWEnStB03TX8nfUYGXUPG +hi4+c7ImfU+TqbbEKpqrIZcUsd6M06uJFdhrJNTxFq7YpFzUf1GO7RgBsZNjvbz4YYCanrHOQnDi +qX0GJX0nof5v7LMeJNrjS1UaADs1tDvZ110w/YETifLCBivtZ8SOyUOyXGsViQK8YvxO8rUzqrJv +0wqiUOP2O+guRMLbZjipM1ZI8W0bM40NjD9gN53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0kh +sUlHRUe072o0EclNmsxZt9YCnlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8= +-----END CERTIFICATE----- + +AffirmTrust Networking +====================== +-----BEGIN CERTIFICATE----- +MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UEBhMCVVMxFDAS +BgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBOZXR3b3JraW5nMB4XDTEw +MDEyOTE0MDgyNFoXDTMwMTIzMTE0MDgyNFowRDELMAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmly +bVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBOZXR3b3JraW5nMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAtITMMxcua5Rsa2FSoOujz3mUTOWUgJnLVWREZY9nZOIG41w3SfYvm4SE +Hi3yYJ0wTsyEheIszx6e/jarM3c1RNg1lho9Nuh6DtjVR6FqaYvZ/Ls6rnla1fTWcbuakCNrmreI +dIcMHl+5ni36q1Mr3Lt2PpNMCAiMHqIjHNRqrSK6mQEubWXLviRmVSRLQESxG9fhwoXA3hA/Pe24 +/PHxI1Pcv2WXb9n5QHGNfb2V1M6+oF4nI979ptAmDgAp6zxG8D1gvz9Q0twmQVGeFDdCBKNwV6gb +h+0t+nvujArjqWaJGctB+d1ENmHP4ndGyH329JKBNv3bNPFyfvMMFr20FQIDAQABo0IwQDAdBgNV +HQ4EFgQUBx/S55zawm6iQLSwelAQUHTEyL0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC +AQYwDQYJKoZIhvcNAQEFBQADggEBAIlXshZ6qML91tmbmzTCnLQyFE2npN/svqe++EPbkTfOtDIu +UFUaNU52Q3Eg75N3ThVwLofDwR1t3Mu1J9QsVtFSUzpE0nPIxBsFZVpikpzuQY0x2+c06lkh1QF6 +12S4ZDnNye2v7UsDSKegmQGA3GWjNq5lWUhPgkvIZfFXHeVZLgo/bNjR9eUJtGxUAArgFU2HdW23 +WJZa3W3SAKD0m0i+wzekujbgfIeFlxoVot4uolu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9 +/ZFvgrG+CJPbFEfxojfHRZ48x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9s= +-----END CERTIFICATE----- + +AffirmTrust Premium +=================== +-----BEGIN CERTIFICATE----- +MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UEBhMCVVMxFDAS +BgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVzdCBQcmVtaXVtMB4XDTEwMDEy +OTE0MTAzNloXDTQwMTIzMTE0MTAzNlowQTELMAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRy +dXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVzdCBQcmVtaXVtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A +MIICCgKCAgEAxBLfqV/+Qd3d9Z+K4/as4Tx4mrzY8H96oDMq3I0gW64tb+eT2TZwamjPjlGjhVtn +BKAQJG9dKILBl1fYSCkTtuG+kU3fhQxTGJoeJKJPj/CihQvL9Cl/0qRY7iZNyaqoe5rZ+jjeRFcV +5fiMyNlI4g0WJx0eyIOFJbe6qlVBzAMiSy2RjYvmia9mx+n/K+k8rNrSs8PhaJyJ+HoAVt70VZVs ++7pk3WKL3wt3MutizCaam7uqYoNMtAZ6MMgpv+0GTZe5HMQxK9VfvFMSF5yZVylmd2EhMQcuJUmd +GPLu8ytxjLW6OQdJd/zvLpKQBY0tL3d770O/Nbua2Plzpyzy0FfuKE4mX4+QaAkvuPjcBukumj5R +p9EixAqnOEhss/n/fauGV+O61oV4d7pD6kh/9ti+I20ev9E2bFhc8e6kGVQa9QPSdubhjL08s9NI +S+LI+H+SqHZGnEJlPqQewQcDWkYtuJfzt9WyVSHvutxMAJf7FJUnM7/oQ0dG0giZFmA7mn7S5u04 +6uwBHjxIVkkJx0w3AJ6IDsBz4W9m6XJHMD4Q5QsDyZpCAGzFlH5hxIrff4IaC1nEWTJ3s7xgaVY5 +/bQGeyzWZDbZvUjthB9+pSKPKrhC9IK31FOQeE4tGv2Bb0TXOwF0lkLgAOIua+rF7nKsu7/+6qqo ++Nz2snmKtmcCAwEAAaNCMEAwHQYDVR0OBBYEFJ3AZ6YMItkm9UWrpmVSESfYRaxjMA8GA1UdEwEB +/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBDAUAA4ICAQCzV00QYk465KzquByv +MiPIs0laUZx2KI15qldGF9X1Uva3ROgIRL8YhNILgM3FEv0AVQVhh0HctSSePMTYyPtwni94loMg +Nt58D2kTiKV1NpgIpsbfrM7jWNa3Pt668+s0QNiigfV4Py/VpfzZotReBA4Xrf5B8OWycvpEgjNC +6C1Y91aMYj+6QrCcDFx+LmUmXFNPALJ4fqENmS2NuB2OosSw/WDQMKSOyARiqcTtNd56l+0OOF6S +L5Nwpamcb6d9Ex1+xghIsV5n61EIJenmJWtSKZGc0jlzCFfemQa0W50QBuHCAKi4HEoCChTQwUHK ++4w1IX2COPKpVJEZNZOUbWo6xbLQu4mGk+ibyQ86p3q4ofB4Rvr8Ny/lioTz3/4E2aFooC8k4gmV +BtWVyuEklut89pMFu+1z6S3RdTnX5yTb2E5fQ4+e0BQ5v1VwSJlXMbSc7kqYA5YwH2AG7hsj/oFg +IxpHYoWlzBk0gG+zrBrjn/B7SK3VAdlntqlyk+otZrWyuOQ9PLLvTIzq6we/qzWaVYa8GKa1qF60 +g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaORtGdFNrHF+QFlozEJLUb +zxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6eKeC2uAloGRwYQw== +-----END CERTIFICATE----- + +AffirmTrust Premium ECC +======================= +-----BEGIN CERTIFICATE----- +MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMCVVMxFDASBgNV +BAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQcmVtaXVtIEVDQzAeFw0xMDAx +MjkxNDIwMjRaFw00MDEyMzExNDIwMjRaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1U +cnVzdDEgMB4GA1UEAwwXQWZmaXJtVHJ1c3QgUHJlbWl1bSBFQ0MwdjAQBgcqhkjOPQIBBgUrgQQA +IgNiAAQNMF4bFZ0D0KF5Nbc6PJJ6yhUczWLznCZcBz3lVPqj1swS6vQUX+iOGasvLkjmrBhDeKzQ +N8O9ss0s5kfiGuZjuD0uL3jET9v0D6RoTFVya5UdThhClXjMNzyR4ptlKymjQjBAMB0GA1UdDgQW +BBSaryl6wBE1NSZRMADDav5A1a7WPDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAK +BggqhkjOPQQDAwNnADBkAjAXCfOHiFBar8jAQr9HX/VsaobgxCd05DhT1wV/GzTjxi+zygk8N53X +57hG8f2h4nECMEJZh0PUUd+60wkyWs6Iflc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKM +eQ== +-----END CERTIFICATE----- + +Certum Trusted Network CA +========================= +-----BEGIN CERTIFICATE----- +MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBMMSIwIAYDVQQK +ExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlv +biBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBUcnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIy +MTIwNzM3WhcNMjkxMjMxMTIwNzM3WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBU +ZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 +MSIwIAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rHUV+rpDKmYYe2bg+G0jAC +l/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LMTXPb865Px1bVWqeWifrzq2jUI4ZZJ88J +J7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVUBBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4 +fOQtf/WsX+sWn7Et0brMkUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0 +cvW0QM8xAcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNVHRMB +Af8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNVHQ8BAf8EBAMCAQYw +DQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15ysHhE49wcrwn9I0j6vSrEuVUEtRCj +jSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfLI9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1 +mS1FhIrlQgnXdAIv94nYmem8J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5aj +Zt3hrvJBW8qYVoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI +03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw= +-----END CERTIFICATE----- + +Certinomis - Autorité Racine +============================ +-----BEGIN CERTIFICATE----- +MIIFnDCCA4SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJGUjETMBEGA1UEChMK +Q2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxJjAkBgNVBAMMHUNlcnRpbm9taXMg +LSBBdXRvcml0w6kgUmFjaW5lMB4XDTA4MDkxNzA4Mjg1OVoXDTI4MDkxNzA4Mjg1OVowYzELMAkG +A1UEBhMCRlIxEzARBgNVBAoTCkNlcnRpbm9taXMxFzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMSYw +JAYDVQQDDB1DZXJ0aW5vbWlzIC0gQXV0b3JpdMOpIFJhY2luZTCCAiIwDQYJKoZIhvcNAQEBBQAD +ggIPADCCAgoCggIBAJ2Fn4bT46/HsmtuM+Cet0I0VZ35gb5j2CN2DpdUzZlMGvE5x4jYF1AMnmHa +wE5V3udauHpOd4cN5bjr+p5eex7Ezyh0x5P1FMYiKAT5kcOrJ3NqDi5N8y4oH3DfVS9O7cdxbwly +Lu3VMpfQ8Vh30WC8Tl7bmoT2R2FFK/ZQpn9qcSdIhDWerP5pqZ56XjUl+rSnSTV3lqc2W+HN3yNw +2F1MpQiD8aYkOBOo7C+ooWfHpi2GR+6K/OybDnT0K0kCe5B1jPyZOQE51kqJ5Z52qz6WKDgmi92N +jMD2AR5vpTESOH2VwnHu7XSu5DaiQ3XV8QCb4uTXzEIDS3h65X27uK4uIJPT5GHfceF2Z5c/tt9q +c1pkIuVC28+BA5PY9OMQ4HL2AHCs8MF6DwV/zzRpRbWT5BnbUhYjBYkOjUjkJW+zeL9i9Qf6lSTC +lrLooyPCXQP8w9PlfMl1I9f09bze5N/NgL+RiH2nE7Q5uiy6vdFrzPOlKO1Enn1So2+WLhl+HPNb +xxaOu2B9d2ZHVIIAEWBsMsGoOBvrbpgT1u449fCfDu/+MYHB0iSVL1N6aaLwD4ZFjliCK0wi1F6g +530mJ0jfJUaNSih8hp75mxpZuWW/Bd22Ql095gBIgl4g9xGC3srYn+Y3RyYe63j3YcNBZFgCQfna +4NH4+ej9Uji29YnfAgMBAAGjWzBZMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G +A1UdDgQWBBQNjLZh2kS40RR9w759XkjwzspqsDAXBgNVHSAEEDAOMAwGCiqBegFWAgIAAQEwDQYJ +KoZIhvcNAQEFBQADggIBACQ+YAZ+He86PtvqrxyaLAEL9MW12Ukx9F1BjYkMTv9sov3/4gbIOZ/x +WqndIlgVqIrTseYyCYIDbNc/CMf4uboAbbnW/FIyXaR/pDGUu7ZMOH8oMDX/nyNTt7buFHAAQCva +R6s0fl6nVjBhK4tDrP22iCj1a7Y+YEq6QpA0Z43q619FVDsXrIvkxmUP7tCMXWY5zjKn2BCXwH40 +nJ+U8/aGH88bc62UeYdocMMzpXDn2NU4lG9jeeu/Cg4I58UvD0KgKxRA/yHgBcUn4YQRE7rWhh1B +CxMjidPJC+iKunqjo3M3NYB9Ergzd0A4wPpeMNLytqOx1qKVl4GbUu1pTP+A5FPbVFsDbVRfsbjv +JL1vnxHDx2TCDyhihWZeGnuyt++uNckZM6i4J9szVb9o4XVIRFb7zdNIu0eJOqxp9YDG5ERQL1TE +qkPFMTFYvZbF6nVsmnWxTfj3l/+WFvKXTej28xH5On2KOG4Ey+HTRRWqpdEdnV1j6CTmNhTih60b +WfVEm/vXd3wfAXBioSAaosUaKPQhA+4u2cGA6rnZgtZbdsLLO7XSAPCjDuGtbkD326C00EauFddE +wk01+dIL8hf2rGbVJLJP0RyZwG71fet0BLj5TXcJ17TPBzAJ8bgAVtkXFhYKK4bfjwEZGuW7gmP/ +vgt2Fl43N+bYdJeimUV5 +-----END CERTIFICATE----- + +TWCA Root Certification Authority +================================= +-----BEGIN CERTIFICATE----- +MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzESMBAGA1UECgwJ +VEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkwHhcNMDgwODI4MDcyNDMzWhcNMzAxMjMxMTU1OTU5WjBfMQswCQYDVQQG +EwJUVzESMBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NB +IFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQCwfnK4pAOU5qfeCTiRShFAh6d8WWQUe7UREN3+v9XAu1bihSX0NXIP+FPQQeFEAcK0HMMx +QhZHhTMidrIKbw/lJVBPhYa+v5guEGcevhEFhgWQxFnQfHgQsIBct+HHK3XLfJ+utdGdIzdjp9xC +oi2SBBtQwXu4PhvJVgSLL1KbralW6cH/ralYhzC2gfeXRfwZVzsrb+RH9JlF/h3x+JejiB03HFyP +4HYlmlD4oFT/RJB2I9IyxsOrBr/8+7/zrX2SYgJbKdM1o5OaQ2RgXbL6Mv87BK9NQGr5x+PvI/1r +y+UPizgN7gr8/g+YnzAx3WxSZfmLgb4i4RxYA7qRG4kHAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIB +BjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqOFsmjd6LWvJPelSDGRjjCDWmujANBgkqhkiG +9w0BAQUFAAOCAQEAPNV3PdrfibqHDAhUaiBQkr6wQT25JmSDCi/oQMCXKCeCMErJk/9q56YAf4lC +mtYR5VPOL8zy2gXE/uJQxDqGfczafhAJO5I1KlOy/usrBdlsXebQ79NqZp4VKIV66IIArB6nCWlW +QtNoURi+VJq/REG6Sb4gumlc7rh3zc5sH62Dlhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVY +T0bf+215WfKEIlKuD8z7fDvnaspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocny +Yh0igzyXxfkZYiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw== +-----END CERTIFICATE----- + +Security Communication RootCA2 +============================== +-----BEGIN CERTIFICATE----- +MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDElMCMGA1UEChMc +U0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMeU2VjdXJpdHkgQ29tbXVuaWNh +dGlvbiBSb290Q0EyMB4XDTA5MDUyOTA1MDAzOVoXDTI5MDUyOTA1MDAzOVowXTELMAkGA1UEBhMC +SlAxJTAjBgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xJzAlBgNVBAsTHlNlY3Vy +aXR5IENvbW11bmljYXRpb24gUm9vdENBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +ANAVOVKxUrO6xVmCxF1SrjpDZYBLx/KWvNs2l9amZIyoXvDjChz335c9S672XewhtUGrzbl+dp++ ++T42NKA7wfYxEUV0kz1XgMX5iZnK5atq1LXaQZAQwdbWQonCv/Q4EpVMVAX3NuRFg3sUZdbcDE3R +3n4MqzvEFb46VqZab3ZpUql6ucjrappdUtAtCms1FgkQhNBqyjoGADdH5H5XTz+L62e4iKrFvlNV +spHEfbmwhRkGeC7bYRr6hfVKkaHnFtWOojnflLhwHyg/i/xAXmODPIMqGplrz95Zajv8bxbXH/1K +EOtOghY6rCcMU/Gt1SSwawNQwS08Ft1ENCcadfsCAwEAAaNCMEAwHQYDVR0OBBYEFAqFqXdlBZh8 +QIH4D5csOPEK7DzPMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEB +CwUAA4IBAQBMOqNErLlFsceTfsgLCkLfZOoc7llsCLqJX2rKSpWeeo8HxdpFcoJxDjrSzG+ntKEj +u/Ykn8sX/oymzsLS28yN/HH8AynBbF0zX2S2ZTuJbxh2ePXcokgfGT+Ok+vx+hfuzU7jBBJV1uXk +3fs+BXziHV7Gp7yXT2g69ekuCkO2r1dcYmh8t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6q +tnRGEmyR7jTV7JqR50S+kDFy1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29 +mvVXIwAHIRc/SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03 +-----END CERTIFICATE----- + +EC-ACC +====== +-----BEGIN CERTIFICATE----- +MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB8zELMAkGA1UE +BhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2VydGlmaWNhY2lvIChOSUYgUS0w +ODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYD +VQQLEyxWZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UE +CxMsSmVyYXJxdWlhIEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMT +BkVDLUFDQzAeFw0wMzAxMDcyMzAwMDBaFw0zMTAxMDcyMjU5NTlaMIHzMQswCQYDVQQGEwJFUzE7 +MDkGA1UEChMyQWdlbmNpYSBDYXRhbGFuYSBkZSBDZXJ0aWZpY2FjaW8gKE5JRiBRLTA4MDExNzYt +SSkxKDAmBgNVBAsTH1NlcnZlaXMgUHVibGljcyBkZSBDZXJ0aWZpY2FjaW8xNTAzBgNVBAsTLFZl +Z2V1IGh0dHBzOi8vd3d3LmNhdGNlcnQubmV0L3ZlcmFycmVsIChjKTAzMTUwMwYDVQQLEyxKZXJh +cnF1aWEgRW50aXRhdHMgZGUgQ2VydGlmaWNhY2lvIENhdGFsYW5lczEPMA0GA1UEAxMGRUMtQUND +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyLHT+KXQpWIR4NA9h0X84NzJB5R85iK +w5K4/0CQBXCHYMkAqbWUZRkiFRfCQ2xmRJoNBD45b6VLeqpjt4pEndljkYRm4CgPukLjbo73FCeT +ae6RDqNfDrHrZqJyTxIThmV6PttPB/SnCWDaOkKZx7J/sxaVHMf5NLWUhdWZXqBIoH7nF2W4onW4 +HvPlQn2v7fOKSGRdghST2MDk/7NQcvJ29rNdQlB50JQ+awwAvthrDk4q7D7SzIKiGGUzE3eeml0a +E9jD2z3Il3rucO2n5nzbcc8tlGLfbdb1OL4/pYUKGbio2Al1QnDE6u/LDsg0qBIimAy4E5S2S+zw +0JDnJwIDAQABo4HjMIHgMB0GA1UdEQQWMBSBEmVjX2FjY0BjYXRjZXJ0Lm5ldDAPBgNVHRMBAf8E +BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUoMOLRKo3pUW/l4Ba0fF4opvpXY0wfwYD +VR0gBHgwdjB0BgsrBgEEAfV4AQMBCjBlMCwGCCsGAQUFBwIBFiBodHRwczovL3d3dy5jYXRjZXJ0 +Lm5ldC92ZXJhcnJlbDA1BggrBgEFBQcCAjApGidWZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5l +dC92ZXJhcnJlbCAwDQYJKoZIhvcNAQEFBQADggEBAKBIW4IB9k1IuDlVNZyAelOZ1Vr/sXE7zDkJ +lF7W2u++AVtd0x7Y/X1PzaBB4DSTv8vihpw3kpBWHNzrKQXlxJ7HNd+KDM3FIUPpqojlNcAZQmNa +Al6kSBg6hW/cnbw/nZzBh7h6YQjpdwt/cKt63dmXLGQehb+8dJahw3oS7AwaboMMPOhyRp/7SNVe +l+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOSAgu+TGbrIP65y7WZf+a2 +E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xlnJ2lYJU6Un/10asIbvPuW/mIPX64b24D +5EI= +-----END CERTIFICATE----- + +Hellenic Academic and Research Institutions RootCA 2011 +======================================================= +-----BEGIN CERTIFICATE----- +MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1IxRDBCBgNVBAoT +O0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9y +aXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25z +IFJvb3RDQSAyMDExMB4XDTExMTIwNjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYT +AkdSMUQwQgYDVQQKEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25z +IENlcnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNo +IEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +AKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPzdYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI +1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJfel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa +71HFK9+WXesyHgLacEnsbgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u +8yBRQlqD75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSPFEDH +3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNVHRMBAf8EBTADAQH/ +MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp5dgTBCPuQSUwRwYDVR0eBEAwPqA8 +MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQub3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQu +b3JnMA0GCSqGSIb3DQEBBQUAA4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVt +XdMiKahsog2p6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8 +TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7dIsXRSZMFpGD +/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8AcysNnq/onN694/BtZqhFLKPM58N +7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXIl7WdmplNsDz4SgCbZN2fOUvRJ9e4 +-----END CERTIFICATE----- + +Actalis Authentication Root CA +============================== +-----BEGIN CERTIFICATE----- +MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCSVQxDjAM +BgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1ODUyMDk2NzEnMCUGA1UE +AwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290IENBMB4XDTExMDkyMjExMjIwMloXDTMwMDky +MjExMjIwMlowazELMAkGA1UEBhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlz +IFMucC5BLi8wMzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290 +IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8bEpSmkLO/lGMWwUKNvUTufClrJ +wkg4CsIcoBh/kbWHuUA/3R1oHwiD1S0eiKD4j1aPbZkCkpAW1V8IbInX4ay8IMKx4INRimlNAJZa +by/ARH6jDuSRzVju3PvHHkVH3Se5CAGfpiEd9UEtL0z9KK3giq0itFZljoZUj5NDKd45RnijMCO6 +zfB9E1fAXdKDa0hMxKufgFpbOr3JpyI/gCczWw63igxdBzcIy2zSekciRDXFzMwujt0q7bd9Zg1f +YVEiVRvjRuPjPdA1YprbrxTIW6HMiRvhMCb8oJsfgadHHwTrozmSBp+Z07/T6k9QnBn+locePGX2 +oxgkg4YQ51Q+qDp2JE+BIcXjDwL4k5RHILv+1A7TaLndxHqEguNTVHnd25zS8gebLra8Pu2Fbe8l +EfKXGkJh90qX6IuxEAf6ZYGyojnP9zz/GPvG8VqLWeICrHuS0E4UT1lF9gxeKF+w6D9Fz8+vm2/7 +hNN3WpVvrJSEnu68wEqPSpP4RCHiMUVhUE4Q2OM1fEwZtN4Fv6MGn8i1zeQf1xcGDXqVdFUNaBr8 +EBtiZJ1t4JWgw5QHVw0U5r0F+7if5t+L4sbnfpb2U8WANFAoWPASUHEXMLrmeGO89LKtmyuy/uE5 +jF66CyCU3nuDuP/jVo23Eek7jPKxwV2dpAtMK9myGPW1n0sCAwEAAaNjMGEwHQYDVR0OBBYEFFLY +iDrIn3hm7YnzezhwlMkCAjbQMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUUtiIOsifeGbt +ifN7OHCUyQICNtAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQALe3KHwGCmSUyI +WOYdiPcUZEim2FgKDk8TNd81HdTtBjHIgT5q1d07GjLukD0R0i70jsNjLiNmsGe+b7bAEzlgqqI0 +JZN1Ut6nna0Oh4lScWoWPBkdg/iaKWW+9D+a2fDzWochcYBNy+A4mz+7+uAwTc+G02UQGRjRlwKx +K3JCaKygvU5a2hi/a5iB0P2avl4VSM0RFbnAKVy06Ij3Pjaut2L9HmLecHgQHEhb2rykOLpn7VU+ +Xlff1ANATIGk0k9jpwlCCRT8AKnCgHNPLsBA2RF7SOp6AsDT6ygBJlh0wcBzIm2Tlf05fbsq4/aC +4yyXX04fkZT6/iyj2HYauE2yOE+b+h1IYHkm4vP9qdCa6HCPSXrW5b0KDtst842/6+OkfcvHlXHo +2qN8xcL4dJIEG4aspCJTQLas/kx2z/uUMsA1n3Y/buWQbqCmJqK4LL7RK4X9p2jIugErsWx0Hbhz +lefut8cl8ABMALJ+tguLHPPAUJ4lueAI3jZm/zel0btUZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXem +OR/qnuOf0GZvBeyqdn6/axag67XH/JJULysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9 +vwGYT7JZVEc+NHt4bVaTLnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg== +-----END CERTIFICATE----- + +Trustis FPS Root CA +=================== +-----BEGIN CERTIFICATE----- +MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQG +EwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQLExNUcnVzdGlzIEZQUyBSb290 +IENBMB4XDTAzMTIyMzEyMTQwNloXDTI0MDEyMTExMzY1NFowRTELMAkGA1UEBhMCR0IxGDAWBgNV +BAoTD1RydXN0aXMgTGltaXRlZDEcMBoGA1UECxMTVHJ1c3RpcyBGUFMgUm9vdCBDQTCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMVQe547NdDfxIzNjpvto8A2mfRC6qc+gIMPpqdZh8mQ +RUN+AOqGeSoDvT03mYlmt+WKVoaTnGhLaASMk5MCPjDSNzoiYYkchU59j9WvezX2fihHiTHcDnlk +H5nSW7r+f2C/revnPDgpai/lkQtV/+xvWNUtyd5MZnGPDNcE2gfmHhjjvSkCqPoc4Vu5g6hBSLwa +cY3nYuUtsuvffM/bq1rKMfFMIvMFE/eC+XN5DL7XSxzA0RU8k0Fk0ea+IxciAIleH2ulrG6nS4zt +o3Lmr2NNL4XSFDWaLk6M6jKYKIahkQlBOrTh4/L68MkKokHdqeMDx4gVOxzUGpTXn2RZEm0CAwEA +AaNTMFEwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBS6+nEleYtXQSUhhgtx67JkDoshZzAd +BgNVHQ4EFgQUuvpxJXmLV0ElIYYLceuyZA6LIWcwDQYJKoZIhvcNAQEFBQADggEBAH5Y//01GX2c +GE+esCu8jowU/yyg2kdbw++BLa8F6nRIW/M+TgfHbcWzk88iNVy2P3UnXwmWzaD+vkAMXBJV+JOC +yinpXj9WV4s4NvdFGkwozZ5BuO1WTISkQMi4sKUraXAEasP41BIy+Q7DsdwyhEQsb8tGD+pmQQ9P +8Vilpg0ND2HepZ5dfWWhPBfnqFVO76DH7cZEf1T1o+CP8HxVIo8ptoGj4W1OLBuAZ+ytIJ8MYmHV +l/9D7S3B2l0pKoU/rGXuhg8FjZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYl +iB6XzCGcKQENZetX2fNXlrtIzYE= +-----END CERTIFICATE----- + +StartCom Certification Authority +================================ +-----BEGIN CERTIFICATE----- +MIIHhzCCBW+gAwIBAgIBLTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMN +U3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmlu +ZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0 +NjM3WhcNMzYwOTE3MTk0NjM2WjB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRk +LjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMg +U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw +ggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZkpMyONvg45iPwbm2xPN1y +o4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rfOQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/ +Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/CJi/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/d +eMotHweXMAEtcnn6RtYTKqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt +2PZE4XNiHzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMMAv+Z +6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w+2OqqGwaVLRcJXrJ +osmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/ +untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVc +UjyJthkqcwEKDwOzEmDyei+B26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT +37uMdBNSSwIDAQABo4ICEDCCAgwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD +VR0OBBYEFE4L7xqkQFulF2mHMMo0aEPQQa7yMB8GA1UdIwQYMBaAFE4L7xqkQFulF2mHMMo0aEPQ +Qa7yMIIBWgYDVR0gBIIBUTCCAU0wggFJBgsrBgEEAYG1NwEBATCCATgwLgYIKwYBBQUHAgEWImh0 +dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cu +c3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwgc8GCCsGAQUFBwICMIHCMCcWIFN0YXJ0IENv +bW1lcmNpYWwgKFN0YXJ0Q29tKSBMdGQuMAMCAQEagZZMaW1pdGVkIExpYWJpbGl0eSwgcmVhZCB0 +aGUgc2VjdGlvbiAqTGVnYWwgTGltaXRhdGlvbnMqIG9mIHRoZSBTdGFydENvbSBDZXJ0aWZpY2F0 +aW9uIEF1dGhvcml0eSBQb2xpY3kgYXZhaWxhYmxlIGF0IGh0dHA6Ly93d3cuc3RhcnRzc2wuY29t +L3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBG +cmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQsFAAOCAgEAjo/n3JR5 +fPGFf59Jb2vKXfuM/gTFwWLRfUKKvFO3lANmMD+x5wqnUCBVJX92ehQN6wQOQOY+2IirByeDqXWm +N3PH/UvSTa0XQMhGvjt/UfzDtgUx3M2FIk5xt/JxXrAaxrqTi3iSSoX4eA+D/i+tLPfkpLst0OcN +Org+zvZ49q5HJMqjNTbOx8aHmNrs++myziebiMMEofYLWWivydsQD032ZGNcpRJvkrKTlMeIFw6T +tn5ii5B/q06f/ON1FE8qMt9bDeD1e5MNq6HPh+GlBEXoPBKlCcWw0bdT82AUuoVpaiF8H3VhFyAX +e2w7QSlc4axa0c2Mm+tgHRns9+Ww2vl5GKVFP0lDV9LdJNUso/2RjSe15esUBppMeyG7Oq0wBhjA +2MFrLH9ZXF2RsXAiV+uKa0hK1Q8p7MZAwC+ITGgBF3f0JBlPvfrhsiAhS90a2Cl9qrjeVOwhVYBs +HvUwyKMQ5bLmKhQxw4UtjJixhlpPiVktucf3HMiKf8CdBUrmQk9io20ppB+Fq9vlgcitKj1MXVuE +JnHEhV5xJMqlG2zYYdMa4FTbzrqpMrUi9nNBCV24F10OD5mQ1kfabwo6YigUZ4LZ8dCAWZvLMdib +D4x3TrVoivJs9iQOLWxwxXPR3hTQcY+203sC9uO41Alua551hDnmfyWl8kgAwKQB2j8= +-----END CERTIFICATE----- + +StartCom Certification Authority G2 +=================================== +-----BEGIN CERTIFICATE----- +MIIFYzCCA0ugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJJTDEWMBQGA1UEChMN +U3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg +RzIwHhcNMTAwMTAxMDEwMDAxWhcNMzkxMjMxMjM1OTAxWjBTMQswCQYDVQQGEwJJTDEWMBQGA1UE +ChMNU3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3Jp +dHkgRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2iTZbB7cgNr2Cu+EWIAOVeq8O +o1XJJZlKxdBWQYeQTSFgpBSHO839sj60ZwNq7eEPS8CRhXBF4EKe3ikj1AENoBB5uNsDvfOpL9HG +4A/LnooUCri99lZi8cVytjIl2bLzvWXFDSxu1ZJvGIsAQRSCb0AgJnooD/Uefyf3lLE3PbfHkffi +Aez9lInhzG7TNtYKGXmu1zSCZf98Qru23QumNK9LYP5/Q0kGi4xDuFby2X8hQxfqp0iVAXV16iul +Q5XqFYSdCI0mblWbq9zSOdIxHWDirMxWRST1HFSr7obdljKF+ExP6JV2tgXdNiNnvP8V4so75qbs +O+wmETRIjfaAKxojAuuKHDp2KntWFhxyKrOq42ClAJ8Em+JvHhRYW6Vsi1g8w7pOOlz34ZYrPu8H +vKTlXcxNnw3h3Kq74W4a7I/htkxNeXJdFzULHdfBR9qWJODQcqhaX2YtENwvKhOuJv4KHBnM0D4L +nMgJLvlblnpHnOl68wVQdJVznjAJ85eCXuaPOQgeWeU1FEIT/wCc976qUM/iUUjXuG+v+E5+M5iS +FGI6dWPPe/regjupuznixL0sAA7IF6wT700ljtizkC+p2il9Ha90OrInwMEePnWjFqmveiJdnxMa +z6eg6+OGCtP95paV1yPIN93EfKo2rJgaErHgTuixO/XWb/Ew1wIDAQABo0IwQDAPBgNVHRMBAf8E +BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUS8W0QGutHLOlHGVuRjaJhwUMDrYwDQYJ +KoZIhvcNAQELBQADggIBAHNXPyzVlTJ+N9uWkusZXn5T50HsEbZH77Xe7XRcxfGOSeD8bpkTzZ+K +2s06Ctg6Wgk/XzTQLwPSZh0avZyQN8gMjgdalEVGKua+etqhqaRpEpKwfTbURIfXUfEpY9Z1zRbk +J4kd+MIySP3bmdCPX1R0zKxnNBFi2QwKN4fRoxdIjtIXHfbX/dtl6/2o1PXWT6RbdejF0mCy2wl+ +JYt7ulKSnj7oxXehPOBKc2thz4bcQ///If4jXSRK9dNtD2IEBVeC2m6kMyV5Sy5UGYvMLD0w6dEG +/+gyRr61M3Z3qAFdlsHB1b6uJcDJHgoJIIihDsnzb02CVAAgp9KP5DlUFy6NHrgbuxu9mk47EDTc +nIhT76IxW1hPkWLIwpqazRVdOKnWvvgTtZ8SafJQYqz7Fzf07rh1Z2AQ+4NQ+US1dZxAF7L+/Xld +blhYXzD8AK6vM8EOTmy6p6ahfzLbOOCxchcKK5HsamMm7YnUeMx0HgX4a/6ManY5Ka5lIxKVCCIc +l85bBu4M4ru8H0ST9tg4RQUh7eStqxK2A6RCLi3ECToDZ2mEmuFZkIoohdVddLHRDiBYmxOlsGOm +7XtH/UVVMKTumtTm4ofvmMkyghEpIrwACjFeLQ/Ajulrso8uBtjRkcfGEvRM/TAXw8HaOFvjqerm +obp573PYtlNXLfbQ4ddI +-----END CERTIFICATE----- + +Buypass Class 2 Root CA +======================= +-----BEGIN CERTIFICATE----- +MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEdMBsGA1UECgwU +QnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3MgQ2xhc3MgMiBSb290IENBMB4X +DTEwMTAyNjA4MzgwM1oXDTQwMTAyNjA4MzgwM1owTjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1 +eXBhc3MgQVMtOTgzMTYzMzI3MSAwHgYDVQQDDBdCdXlwYXNzIENsYXNzIDIgUm9vdCBDQTCCAiIw +DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANfHXvfBB9R3+0Mh9PT1aeTuMgHbo4Yf5FkNuud1 +g1Lr6hxhFUi7HQfKjK6w3Jad6sNgkoaCKHOcVgb/S2TwDCo3SbXlzwx87vFKu3MwZfPVL4O2fuPn +9Z6rYPnT8Z2SdIrkHJasW4DptfQxh6NR/Md+oW+OU3fUl8FVM5I+GC911K2GScuVr1QGbNgGE41b +/+EmGVnAJLqBcXmQRFBoJJRfuLMR8SlBYaNByyM21cHxMlAQTn/0hpPshNOOvEu/XAFOBz3cFIqU +CqTqc/sLUegTBxj6DvEr0VQVfTzh97QZQmdiXnfgolXsttlpF9U6r0TtSsWe5HonfOV116rLJeff +awrbD02TTqigzXsu8lkBarcNuAeBfos4GzjmCleZPe4h6KP1DBbdi+w0jpwqHAAVF41og9JwnxgI +zRFo1clrUs3ERo/ctfPYV3Me6ZQ5BL/T3jjetFPsaRyifsSP5BtwrfKi+fv3FmRmaZ9JUaLiFRhn +Bkp/1Wy1TbMz4GHrXb7pmA8y1x1LPC5aAVKRCfLf6o3YBkBjqhHk/sM3nhRSP/TizPJhk9H9Z2vX +Uq6/aKtAQ6BXNVN48FP4YUIHZMbXb5tMOA1jrGKvNouicwoN9SG9dKpN6nIDSdvHXx1iY8f93ZHs +M+71bbRuMGjeyNYmsHVee7QHIJihdjK4TWxPAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYD +VR0OBBYEFMmAd+BikoL1RpzzuvdMw964o605MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsF +AAOCAgEAU18h9bqwOlI5LJKwbADJ784g7wbylp7ppHR/ehb8t/W2+xUbP6umwHJdELFx7rxP462s +A20ucS6vxOOto70MEae0/0qyexAQH6dXQbLArvQsWdZHEIjzIVEpMMpghq9Gqx3tOluwlN5E40EI +osHsHdb9T7bWR9AUC8rmyrV7d35BH16Dx7aMOZawP5aBQW9gkOLo+fsicdl9sz1Gv7SEr5AcD48S +aq/v7h56rgJKihcrdv6sVIkkLE8/trKnToyokZf7KcZ7XC25y2a2t6hbElGFtQl+Ynhw/qlqYLYd +DnkM/crqJIByw5c/8nerQyIKx+u2DISCLIBrQYoIwOula9+ZEsuK1V6ADJHgJgg2SMX6OBE1/yWD +LfJ6v9r9jv6ly0UsH8SIU653DtmadsWOLB2jutXsMq7Aqqz30XpN69QH4kj3Io6wpJ9qzo6ysmD0 +oyLQI+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK75t98biGC +wWg5TbSYWGZizEqQXsP6JwSxeRV0mcy+rSDeJmAc61ZRpqPq5KM/p/9h3PFaTWwyI0PurKju7koS +CTxdccK+efrCh2gdC/1cacwG0Jp9VJkqyTkaGa9LKkPzY11aWOIv4x3kqdbQCtCev9eBCfHJxyYN +rJgWVqA= +-----END CERTIFICATE----- + +Buypass Class 3 Root CA +======================= +-----BEGIN CERTIFICATE----- +MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEdMBsGA1UECgwU +QnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3MgQ2xhc3MgMyBSb290IENBMB4X +DTEwMTAyNjA4Mjg1OFoXDTQwMTAyNjA4Mjg1OFowTjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1 +eXBhc3MgQVMtOTgzMTYzMzI3MSAwHgYDVQQDDBdCdXlwYXNzIENsYXNzIDMgUm9vdCBDQTCCAiIw +DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKXaCpUWUOOV8l6ddjEGMnqb8RB2uACatVI2zSRH +sJ8YZLya9vrVediQYkwiL944PdbgqOkcLNt4EemOaFEVcsfzM4fkoF0LXOBXByow9c3EN3coTRiR +5r/VUv1xLXA+58bEiuPwKAv0dpihi4dVsjoT/Lc+JzeOIuOoTyrvYLs9tznDDgFHmV0ST9tD+leh +7fmdvhFHJlsTmKtdFoqwNxxXnUX/iJY2v7vKB3tvh2PX0DJq1l1sDPGzbjniazEuOQAnFN44wOwZ +ZoYS6J1yFhNkUsepNxz9gjDthBgd9K5c/3ATAOux9TN6S9ZV+AWNS2mw9bMoNlwUxFFzTWsL8TQH +2xc519woe2v1n/MuwU8XKhDzzMro6/1rqy6any2CbgTUUgGTLT2G/H783+9CHaZr77kgxve9oKeV +/afmiSTYzIw0bOIjL9kSGiG5VZFvC5F5GQytQIgLcOJ60g7YaEi7ghM5EFjp2CoHxhLbWNvSO1UQ +RwUVZ2J+GGOmRj8JDlQyXr8NYnon74Do29lLBlo3WiXQCBJ31G8JUJc9yB3D34xFMFbG02SrZvPA +Xpacw8Tvw3xrizp5f7NJzz3iiZ+gMEuFuZyUJHmPfWupRWgPK9Dx2hzLabjKSWJtyNBjYt1gD1iq +j6G8BaVmos8bdrKEZLFMOVLAMLrwjEsCsLa3AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYD +VR0OBBYEFEe4zf/lb+74suwvTg75JbCOPGvDMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsF +AAOCAgEAACAjQTUEkMJAYmDv4jVM1z+s4jSQuKFvdvoWFqRINyzpkMLyPPgKn9iB5btb2iUspKdV +cSQy9sgL8rxq+JOssgfCX5/bzMiKqr5qb+FJEMwx14C7u8jYog5kV+qi9cKpMRXSIGrs/CIBKM+G +uIAeqcwRpTzyFrNHnfzSgCHEy9BHcEGhyoMZCCxt8l13nIoUE9Q2HJLw5QY33KbmkJs4j1xrG0aG +Q0JfPgEHU1RdZX33inOhmlRaHylDFCfChQ+1iHsaO5S3HWCntZznKWlXWpuTekMwGwPXYshApqr8 +ZORK15FTAaggiG6cX0S5y2CBNOxv033aSF/rtJC8LakcC6wc1aJoIIAE1vyxjy+7SjENSoYc6+I2 +KSb12tjE8nVhz36udmNKekBlk4f4HoCMhuWG1o8O/FMsYOgWYRqiPkN7zTlgVGr18okmAWiDSKIz +6MkEkbIRNBE+6tBDGR8Dk5AM/1E9V/RBbuHLoL7ryWPNbczk+DaqaJ3tvV2XcEQNtg413OEMXbug +UZTLfhbrES+jkkXITHHZvMmZUldGL1DPvTVp9D0VzgalLA8+9oG6lLvDu79leNKGef9JOxqDDPDe +eOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq4/g7u9xN12TyUb7mqqta6THuBrxzvxNi +Cp/HuZc= +-----END CERTIFICATE----- + +T-TeleSec GlobalRoot Class 3 +============================ +-----BEGIN CERTIFICATE----- +MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoM +IlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBU +cnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwHhcNMDgx +MDAxMTAyOTU2WhcNMzMxMDAxMjM1OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lz +dGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBD +ZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQC9dZPwYiJvJK7genasfb3ZJNW4t/zN8ELg63iIVl6bmlQdTQyK +9tPPcPRStdiTBONGhnFBSivwKixVA9ZIw+A5OO3yXDw/RLyTPWGrTs0NvvAgJ1gORH8EGoel15YU +NpDQSXuhdfsaa3Ox+M6pCSzyU9XDFES4hqX2iys52qMzVNn6chr3IhUciJFrf2blw2qAsCTz34ZF +iP0Zf3WHHx+xGwpzJFu5ZeAsVMhg02YXP+HMVDNzkQI6pn97djmiH5a2OK61yJN0HZ65tOVgnS9W +0eDrXltMEnAMbEQgqxHY9Bn20pxSN+f6tsIxO0rUFJmtxxr1XV/6B7h8DR/Wgx6zAgMBAAGjQjBA +MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS1A/d2O2GCahKqGFPr +AyGUv/7OyjANBgkqhkiG9w0BAQsFAAOCAQEAVj3vlNW92nOyWL6ukK2YJ5f+AbGwUgC4TeQbIXQb +fsDuXmkqJa9c1h3a0nnJ85cp4IaH3gRZD/FZ1GSFS5mvJQQeyUapl96Cshtwn5z2r3Ex3XsFpSzT +ucpH9sry9uetuUg/vBa3wW306gmv7PO15wWeph6KU1HWk4HMdJP2udqmJQV0eVp+QD6CSyYRMG7h +P0HHRwA11fXT91Q+gT3aSWqas+8QPebrb9HIIkfLzM8BMZLZGOMivgkeGj5asuRrDFR6fUNOuIml +e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4pTpPDpFQUWw== +-----END CERTIFICATE----- + +EE Certification Centre Root CA +=============================== +-----BEGIN CERTIFICATE----- +MIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQG +EwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1czEoMCYGA1UEAwwfRUUgQ2Vy +dGlmaWNhdGlvbiBDZW50cmUgUm9vdCBDQTEYMBYGCSqGSIb3DQEJARYJcGtpQHNrLmVlMCIYDzIw +MTAxMDMwMTAxMDMwWhgPMjAzMDEyMTcyMzU5NTlaMHUxCzAJBgNVBAYTAkVFMSIwIAYDVQQKDBlB +UyBTZXJ0aWZpdHNlZXJpbWlza2Vza3VzMSgwJgYDVQQDDB9FRSBDZXJ0aWZpY2F0aW9uIENlbnRy +ZSBSb290IENBMRgwFgYJKoZIhvcNAQkBFglwa2lAc2suZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQDIIMDs4MVLqwd4lfNE7vsLDP90jmG7sWLqI9iroWUyeuuOF0+W2Ap7kaJjbMeM +TC55v6kF/GlclY1i+blw7cNRfdCT5mzrMEvhvH2/UpvObntl8jixwKIy72KyaOBhU8E2lf/slLo2 +rpwcpzIP5Xy0xm90/XsY6KxX7QYgSzIwWFv9zajmofxwvI6Sc9uXp3whrj3B9UiHbCe9nyV0gVWw +93X2PaRka9ZP585ArQ/dMtO8ihJTmMmJ+xAdTX7Nfh9WDSFwhfYggx/2uh8Ej+p3iDXE/+pOoYtN +P2MbRMNE1CV2yreN1x5KZmTNXMWcg+HCCIia7E6j8T4cLNlsHaFLAgMBAAGjgYowgYcwDwYDVR0T +AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBLyWj7qVhy/zQas8fElyalL1BSZ +MEUGA1UdJQQ+MDwGCCsGAQUFBwMCBggrBgEFBQcDAQYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEF +BQcDCAYIKwYBBQUHAwkwDQYJKoZIhvcNAQEFBQADggEBAHv25MANqhlHt01Xo/6tu7Fq1Q+e2+Rj +xY6hUFaTlrg4wCQiZrxTFGGVv9DHKpY5P30osxBAIWrEr7BSdxjhlthWXePdNl4dp1BUoMUq5KqM +lIpPnTX/dqQGE5Gion0ARD9V04I8GtVbvFZMIi5GQ4okQC3zErg7cBqklrkar4dBGmoYDQZPxz5u +uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIWiAYLtqZLICjU +3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/vGVCJYMzpJJUPwssd8m92kMfM +dcGWxZ0= +-----END CERTIFICATE----- + +TURKTRUST Certificate Services Provider Root 2007 +================================================= +-----BEGIN CERTIFICATE----- +MIIEPTCCAyWgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvzE/MD0GA1UEAww2VMOcUktUUlVTVCBF +bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxMQswCQYDVQQGEwJUUjEP +MA0GA1UEBwwGQW5rYXJhMV4wXAYDVQQKDFVUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUg +QmlsacWfaW0gR8O8dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLiAoYykgQXJhbMSxayAyMDA3MB4X +DTA3MTIyNTE4MzcxOVoXDTE3MTIyMjE4MzcxOVowgb8xPzA9BgNVBAMMNlTDnFJLVFJVU1QgRWxl +a3Ryb25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTELMAkGA1UEBhMCVFIxDzAN +BgNVBAcMBkFua2FyYTFeMFwGA1UECgxVVMOcUktUUlVTVCBCaWxnaSDEsGxldGnFn2ltIHZlIEJp +bGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7Fni4gKGMpIEFyYWzEsWsgMjAwNzCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKu3PgqMyKVYFeaK7yc9SrToJdPNM8Ig3BnuiD9N +YvDdE3ePYakqtdTyuTFYKTsvP2qcb3N2Je40IIDu6rfwxArNK4aUyeNgsURSsloptJGXg9i3phQv +KUmi8wUG+7RP2qFsmmaf8EMJyupyj+sA1zU511YXRxcw9L6/P8JorzZAwan0qafoEGsIiveGHtya +KhUG9qPw9ODHFNRRf8+0222vR5YXm3dx2KdxnSQM9pQ/hTEST7ruToK4uT6PIzdezKKqdfcYbwnT +rqdUKDT74eA7YH2gvnmJhsifLfkKS8RQouf9eRbHegsYz85M733WB2+Y8a+xwXrXgTW4qhe04MsC +AwEAAaNCMEAwHQYDVR0OBBYEFCnFkKslrxHkYb+j/4hhkeYO/pyBMA4GA1UdDwEB/wQEAwIBBjAP +BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAQDdr4Ouwo0RSVgrESLFF6QSU2TJ/s +Px+EnWVUXKgWAkD6bho3hO9ynYYKVZ1WKKxmLNA6VpM0ByWtCLCPyA8JWcqdmBzlVPi5RX9ql2+I +aE1KBiY3iAIOtsbWcpnOa3faYjGkVh+uX4132l32iPwa2Z61gfAyuOOI0JzzaqC5mxRZNTZPz/OO +Xl0XrRWV2N2y1RVuAE6zS89mlOTgzbUF2mNXi+WzqtvALhyQRNsaXRik7r4EW5nVcV9VZWRi1aKb +BFmGyGJ353yCRWo9F7/snXUMrqNvWtMvmDb08PUZqxFdyKbjKlhqQgnDvZImZjINXQhVdP+MmNAK +poRq0Tl9 +-----END CERTIFICATE----- + +D-TRUST Root Class 3 CA 2 2009 +============================== +-----BEGIN CERTIFICATE----- +MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQK +DAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTAe +Fw0wOTExMDUwODM1NThaFw0yOTExMDUwODM1NThaME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxE +LVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANOySs96R+91myP6Oi/WUEWJNTrGa9v+2wBoqOAD +ER03UAifTUpolDWzU9GUY6cgVq/eUXjsKj3zSEhQPgrfRlWLJ23DEE0NkVJD2IfgXU42tSHKXzlA +BF9bfsyjxiupQB7ZNoTWSPOSHjRGICTBpFGOShrvUD9pXRl/RcPHAY9RySPocq60vFYJfxLLHLGv +KZAKyVXMD9O0Gu1HNVpK7ZxzBCHQqr0ME7UAyiZsxGsMlFqVlNpQmvH/pStmMaTJOKDfHR+4CS7z +p+hnUquVH+BGPtikw8paxTGA6Eian5Rp/hnd2HN8gcqW3o7tszIFZYQ05ub9VxC1X3a/L7AQDcUC +AwEAAaOCARowggEWMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP3aFMSfMN4hvR5COfyrYyNJ +4PGEMA4GA1UdDwEB/wQEAwIBBjCB0wYDVR0fBIHLMIHIMIGAoH6gfIZ6bGRhcDovL2RpcmVjdG9y +eS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwUm9vdCUyMENsYXNzJTIwMyUyMENBJTIwMiUyMDIw +MDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3QwQ6BBoD+G +PWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3JsL2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfMjAw +OS5jcmwwDQYJKoZIhvcNAQELBQADggEBAH+X2zDI36ScfSF6gHDOFBJpiBSVYEQBrLLpME+bUMJm +2H6NMLVwMeniacfzcNsgFYbQDfC+rAF1hM5+n02/t2A7nPPKHeJeaNijnZflQGDSNiH+0LS4F9p0 +o3/U37CYAqxva2ssJSRyoWXuJVrl5jLn8t+rSfrzkGkj2wTZ51xY/GXUl77M/C4KzCUqNQT4YJEV +dT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8PIWmawomDeCTmGCufsYkl4ph +X5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3YJohw1+qRzT65ysCQblrGXnRl11z+o+I= +-----END CERTIFICATE----- + +D-TRUST Root Class 3 CA 2 EV 2009 +================================= +-----BEGIN CERTIFICATE----- +MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQK +DAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAw +OTAeFw0wOTExMDUwODUwNDZaFw0yOTExMDUwODUwNDZaMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQK +DAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAw +OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJnxhDRwui+3MKCOvXwEz75ivJn9gpfS +egpnljgJ9hBOlSJzmY3aFS3nBfwZcyK3jpgAvDw9rKFs+9Z5JUut8Mxk2og+KbgPCdM03TP1YtHh +zRnp7hhPTFiu4h7WDFsVWtg6uMQYZB7jM7K1iXdODL/ZlGsTl28So/6ZqQTMFexgaDbtCHu39b+T +7WYxg4zGcTSHThfqr4uRjRxWQa4iN1438h3Z0S0NL2lRp75mpoo6Kr3HGrHhFPC+Oh25z1uxav60 +sUYgovseO3Dvk5h9jHOW8sXvhXCtKSb8HgQ+HKDYD8tSg2J87otTlZCpV6LqYQXY+U3EJ/pure35 +11H3a6UCAwEAAaOCASQwggEgMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNOUikxiEyoZLsyv +cop9NteaHNxnMA4GA1UdDwEB/wQEAwIBBjCB3QYDVR0fBIHVMIHSMIGHoIGEoIGBhn9sZGFwOi8v +ZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ2xhc3MlMjAzJTIwQ0El +MjAyJTIwRVYlMjAyMDA5LE89RC1UcnVzdCUyMEdtYkgsQz1ERT9jZXJ0aWZpY2F0ZXJldm9jYXRp +b25saXN0MEagRKBChkBodHRwOi8vd3d3LmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2xh +c3NfM19jYV8yX2V2XzIwMDkuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQA07XtaPKSUiO8aEXUHL7P+ +PPoeUSbrh/Yp3uDx1MYkCenBz1UbtDDZzhr+BlGmFaQt77JLvyAoJUnRpjZ3NOhk31KxEcdzes05 +nsKtjHEh8lprr988TlWvsoRlFIm5d8sqMb7Po23Pb0iUMkZv53GMoKaEGTcH8gNFCSuGdXzfX2lX +ANtu2KZyIktQ1HWYVt+3GP9DQ1CuekR78HlR10M9p9OB0/DJT7naxpeG0ILD5EJt/rDiZE4OJudA +NCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqXKVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVv +w9y4AyHqnxbxLFS1 +-----END CERTIFICATE----- + +PSCProcert +========== +-----BEGIN CERTIFICATE----- +MIIJhjCCB26gAwIBAgIBCzANBgkqhkiG9w0BAQsFADCCAR4xPjA8BgNVBAMTNUF1dG9yaWRhZCBk +ZSBDZXJ0aWZpY2FjaW9uIFJhaXogZGVsIEVzdGFkbyBWZW5lem9sYW5vMQswCQYDVQQGEwJWRTEQ +MA4GA1UEBxMHQ2FyYWNhczEZMBcGA1UECBMQRGlzdHJpdG8gQ2FwaXRhbDE2MDQGA1UEChMtU2lz +dGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMUMwQQYDVQQLEzpTdXBl +cmludGVuZGVuY2lhIGRlIFNlcnZpY2lvcyBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMSUw +IwYJKoZIhvcNAQkBFhZhY3JhaXpAc3VzY2VydGUuZ29iLnZlMB4XDTEwMTIyODE2NTEwMFoXDTIw +MTIyNTIzNTk1OVowgdExJjAkBgkqhkiG9w0BCQEWF2NvbnRhY3RvQHByb2NlcnQubmV0LnZlMQ8w +DQYDVQQHEwZDaGFjYW8xEDAOBgNVBAgTB01pcmFuZGExKjAoBgNVBAsTIVByb3ZlZWRvciBkZSBD +ZXJ0aWZpY2Fkb3MgUFJPQ0VSVDE2MDQGA1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZp +Y2FjaW9uIEVsZWN0cm9uaWNhMQswCQYDVQQGEwJWRTETMBEGA1UEAxMKUFNDUHJvY2VydDCCAiIw +DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANW39KOUM6FGqVVhSQ2oh3NekS1wwQYalNo97BVC +wfWMrmoX8Yqt/ICV6oNEolt6Vc5Pp6XVurgfoCfAUFM+jbnADrgV3NZs+J74BCXfgI8Qhd19L3uA +3VcAZCP4bsm+lU/hdezgfl6VzbHvvnpC2Mks0+saGiKLt38GieU89RLAu9MLmV+QfI4tL3czkkoh +RqipCKzx9hEC2ZUWno0vluYC3XXCFCpa1sl9JcLB/KpnheLsvtF8PPqv1W7/U0HU9TI4seJfxPmO +EO8GqQKJ/+MMbpfg353bIdD0PghpbNjU5Db4g7ayNo+c7zo3Fn2/omnXO1ty0K+qP1xmk6wKImG2 +0qCZyFSTXai20b1dCl53lKItwIKOvMoDKjSuc/HUtQy9vmebVOvh+qBa7Dh+PsHMosdEMXXqP+UH +0quhJZb25uSgXTcYOWEAM11G1ADEtMo88aKjPvM6/2kwLkDd9p+cJsmWN63nOaK/6mnbVSKVUyqU +td+tFjiBdWbjxywbk5yqjKPK2Ww8F22c3HxT4CAnQzb5EuE8XL1mv6JpIzi4mWCZDlZTOpx+FIyw +Bm/xhnaQr/2v/pDGj59/i5IjnOcVdo/Vi5QTcmn7K2FjiO/mpF7moxdqWEfLcU8UC17IAggmosvp +r2uKGcfLFFb14dq12fy/czja+eevbqQ34gcnAgMBAAGjggMXMIIDEzASBgNVHRMBAf8ECDAGAQH/ +AgEBMDcGA1UdEgQwMC6CD3N1c2NlcnRlLmdvYi52ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAz +Ni0wMB0GA1UdDgQWBBRBDxk4qpl/Qguk1yeYVKIXTC1RVDCCAVAGA1UdIwSCAUcwggFDgBStuyId +xuDSAaj9dlBSk+2YwU2u06GCASakggEiMIIBHjE+MDwGA1UEAxM1QXV0b3JpZGFkIGRlIENlcnRp +ZmljYWNpb24gUmFpeiBkZWwgRXN0YWRvIFZlbmV6b2xhbm8xCzAJBgNVBAYTAlZFMRAwDgYDVQQH +EwdDYXJhY2FzMRkwFwYDVQQIExBEaXN0cml0byBDYXBpdGFsMTYwNAYDVQQKEy1TaXN0ZW1hIE5h +Y2lvbmFsIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExQzBBBgNVBAsTOlN1cGVyaW50ZW5k +ZW5jaWEgZGUgU2VydmljaW9zIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExJTAjBgkqhkiG +9w0BCQEWFmFjcmFpekBzdXNjZXJ0ZS5nb2IudmWCAQowDgYDVR0PAQH/BAQDAgEGME0GA1UdEQRG +MESCDnByb2NlcnQubmV0LnZloBUGBWCGXgIBoAwMClBTQy0wMDAwMDKgGwYFYIZeAgKgEgwQUklG +LUotMzE2MzUzNzMtNzB2BgNVHR8EbzBtMEagRKBChkBodHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52 +ZS9sY3IvQ0VSVElGSUNBRE8tUkFJWi1TSEEzODRDUkxERVIuY3JsMCOgIaAfhh1sZGFwOi8vYWNy +YWl6LnN1c2NlcnRlLmdvYi52ZTA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9v +Y3NwLnN1c2NlcnRlLmdvYi52ZTBBBgNVHSAEOjA4MDYGBmCGXgMBAjAsMCoGCCsGAQUFBwIBFh5o +dHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9kcGMwDQYJKoZIhvcNAQELBQADggIBACtZ6yKZu4Sq +T96QxtGGcSOeSwORR3C7wJJg7ODU523G0+1ng3dS1fLld6c2suNUvtm7CpsR72H0xpkzmfWvADmN +g7+mvTV+LFwxNG9s2/NkAZiqlCxB3RWGymspThbASfzXg0gTB1GEMVKIu4YXx2sviiCtxQuPcD4q +uxtxj7mkoP3YldmvWb8lK5jpY5MvYB7Eqvh39YtsL+1+LrVPQA3uvFd359m21D+VJzog1eWuq2w1 +n8GhHVnchIHuTQfiSLaeS5UtQbHh6N5+LwUeaO6/u5BlOsju6rEYNxxik6SgMexxbJHmpHmJWhSn +FFAFTKQAVzAswbVhltw+HoSvOULP5dAssSS830DD7X9jSr3hTxJkhpXzsOfIt+FTvZLm8wyWuevo +5pLtp4EJFAv8lXrPj9Y0TzYS3F7RNHXGRoAvlQSMx4bEqCaJqD8Zm4G7UaRKhqsLEQ+xrmNTbSjq +3TNWOByyrYDT13K9mmyZY+gAu0F2BbdbmRiKw7gSXFbPVgx96OLP7bx0R/vu0xdOIk9W/1DzLuY5 +poLWccret9W6aAjtmcz9opLLabid+Qqkpj5PkygqYWwHJgD/ll9ohri4zspV4KuxPX+Y1zMOWj3Y +eMLEYC/HYvBhkdI4sPaeVdtAgAUSM84dkpvRabP/v/GSCmE1P93+hvS84Bpxs2Km +-----END CERTIFICATE----- + +China Internet Network Information Center EV Certificates Root +============================================================== +-----BEGIN CERTIFICATE----- +MIID9zCCAt+gAwIBAgIESJ8AATANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMCQ04xMjAwBgNV +BAoMKUNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyMUcwRQYDVQQDDD5D +aGluYSBJbnRlcm5ldCBOZXR3b3JrIEluZm9ybWF0aW9uIENlbnRlciBFViBDZXJ0aWZpY2F0ZXMg +Um9vdDAeFw0xMDA4MzEwNzExMjVaFw0zMDA4MzEwNzExMjVaMIGKMQswCQYDVQQGEwJDTjEyMDAG +A1UECgwpQ2hpbmEgSW50ZXJuZXQgTmV0d29yayBJbmZvcm1hdGlvbiBDZW50ZXIxRzBFBgNVBAMM +PkNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyIEVWIENlcnRpZmljYXRl +cyBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm35z7r07eKpkQ0H1UN+U8i6y +jUqORlTSIRLIOTJCBumD1Z9S7eVnAztUwYyZmczpwA//DdmEEbK40ctb3B75aDFk4Zv6dOtouSCV +98YPjUesWgbdYavi7NifFy2cyjw1l1VxzUOFsUcW9SxTgHbP0wBkvUCZ3czY28Sf1hNfQYOL+Q2H +klY0bBoQCxfVWhyXWIQ8hBouXJE0bhlffxdpxWXvayHG1VA6v2G5BY3vbzQ6sm8UY78WO5upKv23 +KzhmBsUs4qpnHkWnjQRmQvaPK++IIGmPMowUc9orhpFjIpryp9vOiYurXccUwVswah+xt54ugQEC +7c+WXmPbqOY4twIDAQABo2MwYTAfBgNVHSMEGDAWgBR8cks5x8DbYqVPm6oYNJKiyoOCWTAPBgNV +HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUfHJLOcfA22KlT5uqGDSSosqD +glkwDQYJKoZIhvcNAQEFBQADggEBACrDx0M3j92tpLIM7twUbY8opJhJywyA6vPtI2Z1fcXTIWd5 +0XPFtQO3WKwMVC/GVhMPMdoG52U7HW8228gd+f2ABsqjPWYWqJ1MFn3AlUa1UeTiH9fqBk1jjZaM +7+czV0I664zBechNdn3e9rG3geCg+aF4RhcaVpjwTj2rHO3sOdwHSPdj/gauwqRcalsyiMXHM4Ws +ZkJHwlgkmeHlPuV1LI5D1l08eB6olYIpUNHRFrrvwb562bTYzB5MRuF3sTGrvSrIzo9uoV1/A3U0 +5K2JRVRevq4opbs/eHnrc7MKDf2+yfdWrPa37S+bISnHOLaVxATywy39FCqQmbkHzJ8= +-----END CERTIFICATE----- + +Swisscom Root CA 2 +================== +-----BEGIN CERTIFICATE----- +MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQG +EwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2VydGlmaWNhdGUgU2Vy +dmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3QgQ0EgMjAeFw0xMTA2MjQwODM4MTRaFw0zMTA2 +MjUwNzM4MTRaMGQxCzAJBgNVBAYTAmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGln +aXRhbCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAyMIIC +IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlUJOhJ1R5tMJ6HJaI2nbeHCOFvErjw0DzpPM +LgAIe6szjPTpQOYXTKueuEcUMncy3SgM3hhLX3af+Dk7/E6J2HzFZ++r0rk0X2s682Q2zsKwzxNo +ysjL67XiPS4h3+os1OD5cJZM/2pYmLcX5BtS5X4HAB1f2uY+lQS3aYg5oUFgJWFLlTloYhyxCwWJ +wDaCFCE/rtuh/bxvHGCGtlOUSbkrRsVPACu/obvLP+DHVxxX6NZp+MEkUp2IVd3Chy50I9AU/SpH +Wrumnf2U5NGKpV+GY3aFy6//SSj8gO1MedK75MDvAe5QQQg1I3ArqRa0jG6F6bYRzzHdUyYb3y1a +SgJA/MTAtukxGggo5WDDH8SQjhBiYEQN7Aq+VRhxLKX0srwVYv8c474d2h5Xszx+zYIdkeNL6yxS +NLCK/RJOlrDrcH+eOfdmQrGrrFLadkBXeyq96G4DsguAhYidDMfCd7Camlf0uPoTXGiTOmekl9Ab +mbeGMktg2M7v0Ax/lZ9vh0+Hio5fCHyqW/xavqGRn1V9TrALacywlKinh/LTSlDcX3KwFnUey7QY +Ypqwpzmqm59m2I2mbJYV4+by+PGDYmy7Velhk6M99bFXi08jsJvllGov34zflVEpYKELKeRcVVi3 +qPyZ7iVNTA6z00yPhOgpD/0QVAKFyPnlw4vP5w8CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYw +HQYDVR0hBBYwFDASBgdghXQBUwIBBgdghXQBUwIBMBIGA1UdEwEB/wQIMAYBAf8CAQcwHQYDVR0O +BBYEFE0mICKJS9PVpAqhb97iEoHF8TwuMB8GA1UdIwQYMBaAFE0mICKJS9PVpAqhb97iEoHF8Twu +MA0GCSqGSIb3DQEBCwUAA4ICAQAyCrKkG8t9voJXiblqf/P0wS4RfbgZPnm3qKhyN2abGu2sEzsO +v2LwnN+ee6FTSA5BesogpxcbtnjsQJHzQq0Qw1zv/2BZf82Fo4s9SBwlAjxnffUy6S8w5X2lejjQ +82YqZh6NM4OKb3xuqFp1mrjX2lhIREeoTPpMSQpKwhI3qEAMw8jh0FcNlzKVxzqfl9NX+Ave5XLz +o9v/tdhZsnPdTSpxsrpJ9csc1fV5yJmz/MFMdOO0vSk3FQQoHt5FRnDsr7p4DooqzgB53MBfGWcs +a0vvaGgLQ+OswWIJ76bdZWGgr4RVSJFSHMYlkSrQwSIjYVmvRRGFHQEkNI/Ps/8XciATwoCqISxx +OQ7Qj1zB09GOInJGTB2Wrk9xseEFKZZZ9LuedT3PDTcNYtsmjGOpI99nBjx8Oto0QuFmtEYE3saW +mA9LSHokMnWRn6z3aOkquVVlzl1h0ydw2Df+n7mvoC5Wt6NlUe07qxS/TFED6F+KBZvuim6c779o ++sjaC+NCydAXFJy3SuCvkychVSa1ZC+N8f+mQAWFBVzKBxlcCxMoTFh/wqXvRdpg065lYZ1Tg3TC +rvJcwhbtkj6EPnNgiLx29CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX +5OfNeOI5wSsSnqaeG8XmDtkx2Q== +-----END CERTIFICATE----- + +Swisscom Root EV CA 2 +===================== +-----BEGIN CERTIFICATE----- +MIIF4DCCA8igAwIBAgIRAPL6ZOJ0Y9ON/RAdBB92ylgwDQYJKoZIhvcNAQELBQAwZzELMAkGA1UE +BhMCY2gxETAPBgNVBAoTCFN3aXNzY29tMSUwIwYDVQQLExxEaWdpdGFsIENlcnRpZmljYXRlIFNl +cnZpY2VzMR4wHAYDVQQDExVTd2lzc2NvbSBSb290IEVWIENBIDIwHhcNMTEwNjI0MDk0NTA4WhcN +MzEwNjI1MDg0NTA4WjBnMQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsT +HERpZ2l0YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxHjAcBgNVBAMTFVN3aXNzY29tIFJvb3QgRVYg +Q0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMT3HS9X6lds93BdY7BxUglgRCgz +o3pOCvrY6myLURYaVa5UJsTMRQdBTxB5f3HSek4/OE6zAMaVylvNwSqD1ycfMQ4jFrclyxy0uYAy +Xhqdk/HoPGAsp15XGVhRXrwsVgu42O+LgrQ8uMIkqBPHoCE2G3pXKSinLr9xJZDzRINpUKTk4Rti +GZQJo/PDvO/0vezbE53PnUgJUmfANykRHvvSEaeFGHR55E+FFOtSN+KxRdjMDUN/rhPSays/p8Li +qG12W0OfvrSdsyaGOx9/5fLoZigWJdBLlzin5M8J0TbDC77aO0RYjb7xnglrPvMyxyuHxuxenPaH +Za0zKcQvidm5y8kDnftslFGXEBuGCxobP/YCfnvUxVFkKJ3106yDgYjTdLRZncHrYTNaRdHLOdAG +alNgHa/2+2m8atwBz735j9m9W8E6X47aD0upm50qKGsaCnw8qyIL5XctcfaCNYGu+HuB5ur+rPQa +m3Rc6I8k9l2dRsQs0h4rIWqDJ2dVSqTjyDKXZpBy2uPUZC5f46Fq9mDU5zXNysRojddxyNMkM3Ox +bPlq4SjbX8Y96L5V5jcb7STZDxmPX2MYWFCBUWVv8p9+agTnNCRxunZLWB4ZvRVgRaoMEkABnRDi +xzgHcgplwLa7JSnaFp6LNYth7eVxV4O1PHGf40+/fh6Bn0GXAgMBAAGjgYYwgYMwDgYDVR0PAQH/ +BAQDAgGGMB0GA1UdIQQWMBQwEgYHYIV0AVMCAgYHYIV0AVMCAjASBgNVHRMBAf8ECDAGAQH/AgED +MB0GA1UdDgQWBBRF2aWBbj2ITY1x0kbBbkUe88SAnTAfBgNVHSMEGDAWgBRF2aWBbj2ITY1x0kbB +bkUe88SAnTANBgkqhkiG9w0BAQsFAAOCAgEAlDpzBp9SSzBc1P6xXCX5145v9Ydkn+0UjrgEjihL +j6p7jjm02Vj2e6E1CqGdivdj5eu9OYLU43otb98TPLr+flaYC/NUn81ETm484T4VvwYmneTwkLbU +wp4wLh/vx3rEUMfqe9pQy3omywC0Wqu1kx+AiYQElY2NfwmTv9SoqORjbdlk5LgpWgi/UOGED1V7 +XwgiG/W9mR4U9s70WBCCswo9GcG/W6uqmdjyMb3lOGbcWAXH7WMaLgqXfIeTK7KK4/HsGOV1timH +59yLGn602MnTihdsfSlEvoqq9X46Lmgxk7lq2prg2+kupYTNHAq4Sgj5nPFhJpiTt3tm7JFe3VE/ +23MPrQRYCd0EApUKPtN236YQHoA96M2kZNEzx5LH4k5E4wnJTsJdhw4Snr8PyQUQ3nqjsTzyP6Wq +J3mtMX0f/fwZacXduT98zca0wjAefm6S139hdlqP65VNvBFuIXxZN5nQBrz5Bm0yFqXZaajh3DyA +HmBR3NdUIR7KYndP+tiPsys6DXhyyWhBWkdKwqPrGtcKqzwyVcgKEZzfdNbwQBUdyLmPtTbFr/gi +uMod89a2GQ+fYWVq6nTIfI/DT11lgh/ZDYnadXL77/FHZxOzyNEZiCcmmpl5fx7kLD977vHeTYuW +l8PVP3wbI+2ksx0WckNLIOFZfsLorSa/ovc= +-----END CERTIFICATE----- + +CA Disig Root R1 +================ +-----BEGIN CERTIFICATE----- +MIIFaTCCA1GgAwIBAgIJAMMDmu5QkG4oMA0GCSqGSIb3DQEBBQUAMFIxCzAJBgNVBAYTAlNLMRMw +EQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMuMRkwFwYDVQQDExBDQSBEaXNp +ZyBSb290IFIxMB4XDTEyMDcxOTA5MDY1NloXDTQyMDcxOTA5MDY1NlowUjELMAkGA1UEBhMCU0sx +EzARBgNVBAcTCkJyYXRpc2xhdmExEzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERp +c2lnIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqw3j33Jijp1pedxiy +3QRkD2P9m5YJgNXoqqXinCaUOuiZc4yd39ffg/N4T0Dhf9Kn0uXKE5Pn7cZ3Xza1lK/oOI7bm+V8 +u8yN63Vz4STN5qctGS7Y1oprFOsIYgrY3LMATcMjfF9DCCMyEtztDK3AfQ+lekLZWnDZv6fXARz2 +m6uOt0qGeKAeVjGu74IKgEH3G8muqzIm1Cxr7X1r5OJeIgpFy4QxTaz+29FHuvlglzmxZcfe+5nk +CiKxLU3lSCZpq+Kq8/v8kiky6bM+TR8noc2OuRf7JT7JbvN32g0S9l3HuzYQ1VTW8+DiR0jm3hTa +YVKvJrT1cU/J19IG32PK/yHoWQbgCNWEFVP3Q+V8xaCJmGtzxmjOZd69fwX3se72V6FglcXM6pM6 +vpmumwKjrckWtc7dXpl4fho5frLABaTAgqWjR56M6ly2vGfb5ipN0gTco65F97yLnByn1tUD3AjL +LhbKXEAz6GfDLuemROoRRRw1ZS0eRWEkG4IupZ0zXWX4Qfkuy5Q/H6MMMSRE7cderVC6xkGbrPAX +ZcD4XW9boAo0PO7X6oifmPmvTiT6l7Jkdtqr9O3jw2Dv1fkCyC2fg69naQanMVXVz0tv/wQFx1is +XxYb5dKj6zHbHzMVTdDypVP1y+E9Tmgt2BLdqvLmTZtJ5cUoobqwWsagtQIDAQABo0IwQDAPBgNV +HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUiQq0OJMa5qvum5EY+fU8PjXQ +04IwDQYJKoZIhvcNAQEFBQADggIBADKL9p1Kyb4U5YysOMo6CdQbzoaz3evUuii+Eq5FLAR0rBNR +xVgYZk2C2tXck8An4b58n1KeElb21Zyp9HWc+jcSjxyT7Ff+Bw+r1RL3D65hXlaASfX8MPWbTx9B +LxyE04nH4toCdu0Jz2zBuByDHBb6lM19oMgY0sidbvW9adRtPTXoHqJPYNcHKfyyo6SdbhWSVhlM +CrDpfNIZTUJG7L399ldb3Zh+pE3McgODWF3vkzpBemOqfDqo9ayk0d2iLbYq/J8BjuIQscTK5Gfb +VSUZP/3oNn6z4eGBrxEWi1CXYBmCAMBrTXO40RMHPuq2MU/wQppt4hF05ZSsjYSVPCGvxdpHyN85 +YmLLW1AL14FABZyb7bq2ix4Eb5YgOe2kfSnbSM6C3NQCjR0EMVrHS/BsYVLXtFHCgWzN4funodKS +ds+xDzdYpPJScWc/DIh4gInByLUfkmO+p3qKViwaqKactV2zY9ATIKHrkWzQjX2v3wvkF7mGnjix +lAxYjOBVqjtjbZqJYLhkKpLGN/R+Q0O3c+gB53+XD9fyexn9GtePyfqFa3qdnom2piiZk4hA9z7N +UaPK6u95RyG1/jLix8NRb76AdPCkwzryT+lf3xkK8jsTQ6wxpLPn6/wY1gGp8yqPNg7rtLG8t0zJ +a7+h89n07eLw4+1knj0vllJPgFOL +-----END CERTIFICATE----- + +CA Disig Root R2 +================ +-----BEGIN CERTIFICATE----- +MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNVBAYTAlNLMRMw +EQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMuMRkwFwYDVQQDExBDQSBEaXNp +ZyBSb290IFIyMB4XDTEyMDcxOTA5MTUzMFoXDTQyMDcxOTA5MTUzMFowUjELMAkGA1UEBhMCU0sx +EzARBgNVBAcTCkJyYXRpc2xhdmExEzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERp +c2lnIFJvb3QgUjIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCio8QACdaFXS1tFPbC +w3OeNcJxVX6B+6tGUODBfEl45qt5WDza/3wcn9iXAng+a0EE6UG9vgMsRfYvZNSrXaNHPWSb6Wia +xswbP7q+sos0Ai6YVRn8jG+qX9pMzk0DIaPY0jSTVpbLTAwAFjxfGs3Ix2ymrdMxp7zo5eFm1tL7 +A7RBZckQrg4FY8aAamkw/dLukO8NJ9+flXP04SXabBbeQTg06ov80egEFGEtQX6sx3dOy1FU+16S +GBsEWmjGycT6txOgmLcRK7fWV8x8nhfRyyX+hk4kLlYMeE2eARKmK6cBZW58Yh2EhN/qwGu1pSqV +g8NTEQxzHQuyRpDRQjrOQG6Vrf/GlK1ul4SOfW+eioANSW1z4nuSHsPzwfPrLgVv2RvPN3YEyLRa +5Beny912H9AZdugsBbPWnDTYltxhh5EF5EQIM8HauQhl1K6yNg3ruji6DOWbnuuNZt2Zz9aJQfYE +koopKW1rOhzndX0CcQ7zwOe9yxndnWCywmZgtrEE7snmhrmaZkCo5xHtgUUDi/ZnWejBBhG93c+A +Ak9lQHhcR1DIm+YfgXvkRKhbhZri3lrVx/k6RGZL5DJUfORsnLMOPReisjQS1n6yqEm70XooQL6i +Fh/f5DcfEXP7kAplQ6INfPgGAVUzfbANuPT1rqVCV3w2EYx7XsQDnYx5nQIDAQABo0IwQDAPBgNV +HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUtZn4r7CU9eMg1gqtzk5WpC5u +Qu0wDQYJKoZIhvcNAQELBQADggIBACYGXnDnZTPIgm7ZnBc6G3pmsgH2eDtpXi/q/075KMOYKmFM +tCQSin1tERT3nLXK5ryeJ45MGcipvXrA1zYObYVybqjGom32+nNjf7xueQgcnYqfGopTpti72TVV +sRHFqQOzVju5hJMiXn7B9hJSi+osZ7z+Nkz1uM/Rs0mSO9MpDpkblvdhuDvEK7Z4bLQjb/D907Je +dR+Zlais9trhxTF7+9FGs9K8Z7RiVLoJ92Owk6Ka+elSLotgEqv89WBW7xBci8QaQtyDW2QOy7W8 +1k/BfDxujRNt+3vrMNDcTa/F1balTFtxyegxvug4BkihGuLq0t4SOVga/4AOgnXmt8kHbA7v/zjx +mHHEt38OFdAlab0inSvtBfZGR6ztwPDUO+Ls7pZbkBNOHlY667DvlruWIxG68kOGdGSVyCh13x01 +utI3gzhTODY7z2zp+WsO0PsE6E9312UBeIYMej4hYvF/Y3EMyZ9E26gnonW+boE+18DrG5gPcFw0 +sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3OszMOl6W8KjptlwlCFtaOg +UxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8xL4ysEr3vQCj8KWefshNPZiTEUxnpHikV +7+ZtsH8tZ/3zbBt1RqPlShfppNcL +-----END CERTIFICATE----- + +ACCVRAIZ1 +========= +-----BEGIN CERTIFICATE----- +MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UEAwwJQUNDVlJB +SVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQswCQYDVQQGEwJFUzAeFw0xMTA1 +MDUwOTM3MzdaFw0zMDEyMzEwOTM3MzdaMEIxEjAQBgNVBAMMCUFDQ1ZSQUlaMTEQMA4GA1UECwwH +UEtJQUNDVjENMAsGA1UECgwEQUNDVjELMAkGA1UEBhMCRVMwggIiMA0GCSqGSIb3DQEBAQUAA4IC +DwAwggIKAoICAQCbqau/YUqXry+XZpp0X9DZlv3P4uRm7x8fRzPCRKPfmt4ftVTdFXxpNRFvu8gM +jmoYHtiP2Ra8EEg2XPBjs5BaXCQ316PWywlxufEBcoSwfdtNgM3802/J+Nq2DoLSRYWoG2ioPej0 +RGy9ocLLA76MPhMAhN9KSMDjIgro6TenGEyxCQ0jVn8ETdkXhBilyNpAlHPrzg5XPAOBOp0KoVdD +aaxXbXmQeOW1tDvYvEyNKKGno6e6Ak4l0Squ7a4DIrhrIA8wKFSVf+DuzgpmndFALW4ir50awQUZ +0m/A8p/4e7MCQvtQqR0tkw8jq8bBD5L/0KIV9VMJcRz/RROE5iZe+OCIHAr8Fraocwa48GOEAqDG +WuzndN9wrqODJerWx5eHk6fGioozl2A3ED6XPm4pFdahD9GILBKfb6qkxkLrQaLjlUPTAYVtjrs7 +8yM2x/474KElB0iryYl0/wiPgL/AlmXz7uxLaL2diMMxs0Dx6M/2OLuc5NF/1OVYm3z61PMOm3WR +5LpSLhl+0fXNWhn8ugb2+1KoS5kE3fj5tItQo05iifCHJPqDQsGH+tUtKSpacXpkatcnYGMN285J +9Y0fkIkyF/hzQ7jSWpOGYdbhdQrqeWZ2iE9x6wQl1gpaepPluUsXQA+xtrn13k/c4LOsOxFwYIRK +Q26ZIMApcQrAZQIDAQABo4ICyzCCAscwfQYIKwYBBQUHAQEEcTBvMEwGCCsGAQUFBzAChkBodHRw +Oi8vd3d3LmFjY3YuZXMvZmlsZWFkbWluL0FyY2hpdm9zL2NlcnRpZmljYWRvcy9yYWl6YWNjdjEu +Y3J0MB8GCCsGAQUFBzABhhNodHRwOi8vb2NzcC5hY2N2LmVzMB0GA1UdDgQWBBTSh7Tj3zcnk1X2 +VuqB5TbMjB4/vTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNKHtOPfNyeTVfZW6oHlNsyM +Hj+9MIIBcwYDVR0gBIIBajCCAWYwggFiBgRVHSAAMIIBWDCCASIGCCsGAQUFBwICMIIBFB6CARAA +QQB1AHQAbwByAGkAZABhAGQAIABkAGUAIABDAGUAcgB0AGkAZgBpAGMAYQBjAGkA8wBuACAAUgBh +AO0AegAgAGQAZQAgAGwAYQAgAEEAQwBDAFYAIAAoAEEAZwBlAG4AYwBpAGEAIABkAGUAIABUAGUA +YwBuAG8AbABvAGcA7QBhACAAeQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzAG4AIABFAGwAZQBj +AHQAcgDzAG4AaQBjAGEALAAgAEMASQBGACAAUQA0ADYAMAAxADEANQA2AEUAKQAuACAAQwBQAFMA +IABlAG4AIABoAHQAdABwADoALwAvAHcAdwB3AC4AYQBjAGMAdgAuAGUAczAwBggrBgEFBQcCARYk +aHR0cDovL3d3dy5hY2N2LmVzL2xlZ2lzbGFjaW9uX2MuaHRtMFUGA1UdHwROMEwwSqBIoEaGRGh0 +dHA6Ly93d3cuYWNjdi5lcy9maWxlYWRtaW4vQXJjaGl2b3MvY2VydGlmaWNhZG9zL3JhaXphY2N2 +MV9kZXIuY3JsMA4GA1UdDwEB/wQEAwIBBjAXBgNVHREEEDAOgQxhY2N2QGFjY3YuZXMwDQYJKoZI +hvcNAQEFBQADggIBAJcxAp/n/UNnSEQU5CmH7UwoZtCPNdpNYbdKl02125DgBS4OxnnQ8pdpD70E +R9m+27Up2pvZrqmZ1dM8MJP1jaGo/AaNRPTKFpV8M9xii6g3+CfYCS0b78gUJyCpZET/LtZ1qmxN +YEAZSUNUY9rizLpm5U9EelvZaoErQNV/+QEnWCzI7UiRfD+mAM/EKXMRNt6GGT6d7hmKG9Ww7Y49 +nCrADdg9ZuM8Db3VlFzi4qc1GwQA9j9ajepDvV+JHanBsMyZ4k0ACtrJJ1vnE5Bc5PUzolVt3OAJ +TS+xJlsndQAJxGJ3KQhfnlmstn6tn1QwIgPBHnFk/vk4CpYY3QIUrCPLBhwepH2NDd4nQeit2hW3 +sCPdK6jT2iWH7ehVRE2I9DZ+hJp4rPcOVkkO1jMl1oRQQmwgEh0q1b688nCBpHBgvgW1m54ERL5h +I6zppSSMEYCUWqKiuUnSwdzRp+0xESyeGabu4VXhwOrPDYTkF7eifKXeVSUG7szAh1xA2syVP1Xg +Nce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xFd3+YJ5oyXSrjhO7FmGYvliAd +3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2HpPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3p +EfbRD0tVNEYqi4Y7 +-----END CERTIFICATE----- + +TWCA Global Root CA +=================== +-----BEGIN CERTIFICATE----- +MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcxEjAQBgNVBAoT +CVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMTVFdDQSBHbG9iYWwgUm9vdCBD +QTAeFw0xMjA2MjcwNjI4MzNaFw0zMDEyMzExNTU5NTlaMFExCzAJBgNVBAYTAlRXMRIwEAYDVQQK +EwlUQUlXQU4tQ0ExEDAOBgNVBAsTB1Jvb3QgQ0ExHDAaBgNVBAMTE1RXQ0EgR2xvYmFsIFJvb3Qg +Q0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCwBdvI64zEbooh745NnHEKH1Jw7W2C +nJfF10xORUnLQEK1EjRsGcJ0pDFfhQKX7EMzClPSnIyOt7h52yvVavKOZsTuKwEHktSz0ALfUPZV +r2YOy+BHYC8rMjk1Ujoog/h7FsYYuGLWRyWRzvAZEk2tY/XTP3VfKfChMBwqoJimFb3u/Rk28OKR +Q4/6ytYQJ0lM793B8YVwm8rqqFpD/G2Gb3PpN0Wp8DbHzIh1HrtsBv+baz4X7GGqcXzGHaL3SekV +tTzWoWH1EfcFbx39Eb7QMAfCKbAJTibc46KokWofwpFFiFzlmLhxpRUZyXx1EcxwdE8tmx2RRP1W +KKD+u4ZqyPpcC1jcxkt2yKsi2XMPpfRaAok/T54igu6idFMqPVMnaR1sjjIsZAAmY2E2TqNGtz99 +sy2sbZCilaLOz9qC5wc0GZbpuCGqKX6mOL6OKUohZnkfs8O1CWfe1tQHRvMq2uYiN2DLgbYPoA/p +yJV/v1WRBXrPPRXAb94JlAGD1zQbzECl8LibZ9WYkTunhHiVJqRaCPgrdLQABDzfuBSO6N+pjWxn +kjMdwLfS7JLIvgm/LCkFbwJrnu+8vyq8W8BQj0FwcYeyTbcEqYSjMq+u7msXi7Kx/mzhkIyIqJdI +zshNy/MGz19qCkKxHh53L46g5pIOBvwFItIm4TFRfTLcDwIDAQABoyMwITAOBgNVHQ8BAf8EBAMC +AQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAXzSBdu+WHdXltdkCY4QWwa6g +cFGn90xHNcgL1yg9iXHZqjNB6hQbbCEAwGxCGX6faVsgQt+i0trEfJdLjbDorMjupWkEmQqSpqsn +LhpNgb+E1HAerUf+/UqdM+DyucRFCCEK2mlpc3INvjT+lIutwx4116KD7+U4x6WFH6vPNOw/KP4M +8VeGTslV9xzU2KV9Bnpv1d8Q34FOIWWxtuEXeZVFBs5fzNxGiWNoRI2T9GRwoD2dKAXDOXC4Ynsg +/eTb6QihuJ49CcdP+yz4k3ZB3lLg4VfSnQO8d57+nile98FRYB/e2guyLXW3Q0iT5/Z5xoRdgFlg +lPx4mI88k1HtQJAH32RjJMtOcQWh15QaiDLxInQirqWm2BJpTGCjAu4r7NRjkgtevi92a6O2JryP +A9gK8kxkRr05YuWW6zRjESjMlfGt7+/cgFhI6Uu46mWs6fyAtbXIRfmswZ/ZuepiiI7E8UuDEq3m +i4TWnsLrgxifarsbJGAzcMzs9zLzXNl5fe+epP7JI8Mk7hWSsT2RTyaGvWZzJBPqpK5jwa19hAM8 +EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWzaGHQRiapIVJpLesux+t3 +zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmyKwbQBM0= +-----END CERTIFICATE----- + +TeliaSonera Root CA v1 +====================== +-----BEGIN CERTIFICATE----- +MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAwNzEUMBIGA1UE +CgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJvb3QgQ0EgdjEwHhcNMDcxMDE4 +MTIwMDUwWhcNMzIxMDE4MTIwMDUwWjA3MRQwEgYDVQQKDAtUZWxpYVNvbmVyYTEfMB0GA1UEAwwW +VGVsaWFTb25lcmEgUm9vdCBDQSB2MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMK+ +6yfwIaPzaSZVfp3FVRaRXP3vIb9TgHot0pGMYzHw7CTww6XScnwQbfQ3t+XmfHnqjLWCi65ItqwA +3GV17CpNX8GH9SBlK4GoRz6JI5UwFpB/6FcHSOcZrr9FZ7E3GwYq/t75rH2D+1665I+XZ75Ljo1k +B1c4VWk0Nj0TSO9P4tNmHqTPGrdeNjPUtAa9GAH9d4RQAEX1jF3oI7x+/jXh7VB7qTCNGdMJjmhn +Xb88lxhTuylixcpecsHHltTbLaC0H2kD7OriUPEMPPCs81Mt8Bz17Ww5OXOAFshSsCPN4D7c3TxH +oLs1iuKYaIu+5b9y7tL6pe0S7fyYGKkmdtwoSxAgHNN/Fnct7W+A90m7UwW7XWjH1Mh1Fj+JWov3 +F0fUTPHSiXk+TT2YqGHeOh7S+F4D4MHJHIzTjU3TlTazN19jY5szFPAtJmtTfImMMsJu7D0hADnJ +oWjiUIMusDor8zagrC/kb2HCUQk5PotTubtn2txTuXZZNp1D5SDgPTJghSJRt8czu90VL6R4pgd7 +gUY2BIbdeTXHlSw7sKMXNeVzH7RcWe/a6hBle3rQf5+ztCo3O3CLm1u5K7fsslESl1MpWtTwEhDc +TwK7EpIvYtQ/aUN8Ddb8WHUBiJ1YFkveupD/RwGJBmr2X7KQarMCpgKIv7NHfirZ1fpoeDVNAgMB +AAGjPzA9MA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBTwj1k4ALP1j5qW +DNXr+nuqF+gTEjANBgkqhkiG9w0BAQUFAAOCAgEAvuRcYk4k9AwI//DTDGjkk0kiP0Qnb7tt3oNm +zqjMDfz1mgbldxSR651Be5kqhOX//CHBXfDkH1e3damhXwIm/9fH907eT/j3HEbAek9ALCI18Bmx +0GtnLLCo4MBANzX2hFxc469CeP6nyQ1Q6g2EdvZR74NTxnr/DlZJLo961gzmJ1TjTQpgcmLNkQfW +pb/ImWvtxBnmq0wROMVvMeJuScg/doAmAyYp4Db29iBT4xdwNBedY2gea+zDTYa4EzAvXUYNR0PV +G6pZDrlcjQZIrXSHX8f8MVRBE+LHIQ6e4B4N4cB7Q4WQxYpYxmUKeFfyxiMPAdkgS94P+5KFdSpc +c41teyWRyu5FrgZLAMzTsVlQ2jqIOylDRl6XK1TOU2+NSueW+r9xDkKLfP0ooNBIytrEgUy7onOT +JsjrDNYmiLbAJM+7vVvrdX3pCI6GMyx5dwlppYn8s3CQh3aP0yK7Qs69cwsgJirQmz1wHiRszYd2 +qReWt88NkvuOGKmYSdGe/mBEciG5Ge3C9THxOUiIkCR1VBatzvT4aRRkOfujuLpwQMcnHL/EVlP6 +Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVxSK236thZiNSQvxaz2ems +WWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVY= +-----END CERTIFICATE----- + +E-Tugra Certification Authority +=============================== +-----BEGIN CERTIFICATE----- +MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNVBAYTAlRSMQ8w +DQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamls +ZXJpIHZlIEhpem1ldGxlcmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBN +ZXJrZXppMSgwJgYDVQQDDB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEzMDMw +NTEyMDk0OFoXDTIzMDMwMzEyMDk0OFowgbIxCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmEx +QDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhpem1ldGxl +cmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBNZXJrZXppMSgwJgYDVQQD +DB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEFAAOCAg8A +MIICCgKCAgEA4vU/kwVRHoViVF56C/UYB4Oufq9899SKa6VjQzm5S/fDxmSJPZQuVIBSOTkHS0vd +hQd2h8y/L5VMzH2nPbxHD5hw+IyFHnSOkm0bQNGZDbt1bsipa5rAhDGvykPL6ys06I+XawGb1Q5K +CKpbknSFQ9OArqGIW66z6l7LFpp3RMih9lRozt6Plyu6W0ACDGQXwLWTzeHxE2bODHnv0ZEoq1+g +ElIwcxmOj+GMB6LDu0rw6h8VqO4lzKRG+Bsi77MOQ7osJLjFLFzUHPhdZL3Dk14opz8n8Y4e0ypQ +BaNV2cvnOVPAmJ6MVGKLJrD3fY185MaeZkJVgkfnsliNZvcHfC425lAcP9tDJMW/hkd5s3kc91r0 +E+xs+D/iWR+V7kI+ua2oMoVJl0b+SzGPWsutdEcf6ZG33ygEIqDUD13ieU/qbIWGvaimzuT6w+Gz +rt48Ue7LE3wBf4QOXVGUnhMMti6lTPk5cDZvlsouDERVxcr6XQKj39ZkjFqzAQqptQpHF//vkUAq +jqFGOjGY5RH8zLtJVor8udBhmm9lbObDyz51Sf6Pp+KJxWfXnUYTTjF2OySznhFlhqt/7x3U+Lzn +rFpct1pHXFXOVbQicVtbC/DP3KBhZOqp12gKY6fgDT+gr9Oq0n7vUaDmUStVkhUXU8u3Zg5mTPj5 +dUyQ5xJwx0UCAwEAAaNjMGEwHQYDVR0OBBYEFC7j27JJ0JxUeVz6Jyr+zE7S6E5UMA8GA1UdEwEB +/wQFMAMBAf8wHwYDVR0jBBgwFoAULuPbsknQnFR5XPonKv7MTtLoTlQwDgYDVR0PAQH/BAQDAgEG +MA0GCSqGSIb3DQEBCwUAA4ICAQAFNzr0TbdF4kV1JI+2d1LoHNgQk2Xz8lkGpD4eKexd0dCrfOAK +kEh47U6YA5n+KGCRHTAduGN8qOY1tfrTYXbm1gdLymmasoR6d5NFFxWfJNCYExL/u6Au/U5Mh/jO +XKqYGwXgAEZKgoClM4so3O0409/lPun++1ndYYRP0lSWE2ETPo+Aab6TR7U1Q9Jauz1c77NCR807 +VRMGsAnb/WP2OogKmW9+4c4bU2pEZiNRCHu8W1Ki/QY3OEBhj0qWuJA3+GbHeJAAFS6LrVE1Uweo +a2iu+U48BybNCAVwzDk/dr2l02cmAYamU9JgO3xDf1WKvJUawSg5TB9D0pH0clmKuVb8P7Sd2nCc +dlqMQ1DujjByTd//SffGqWfZbawCEeI6FiWnWAjLb1NBnEg4R2gz0dfHj9R0IdTDBZB6/86WiLEV +KV0jq9BgoRJP3vQXzTLlyb/IQ639Lo7xr+L0mPoSHyDYwKcMhcWQ9DstliaxLL5Mq+ux0orJ23gT +Dx4JnW2PAJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpDy4Q0 +8ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8dNL/+I5c30jn6PQ0G +C7TbO6Orb1wdtn7os4I07QZcJA== +-----END CERTIFICATE----- + +T-TeleSec GlobalRoot Class 2 +============================ +-----BEGIN CERTIFICATE----- +MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoM +IlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBU +cnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgx +MDAxMTA0MDE0WhcNMzMxMDAxMjM1OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lz +dGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBD +ZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUdAqSzm1nzHoqvNK38DcLZ +SBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiCFoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/F +vudocP05l03Sx5iRUKrERLMjfTlH6VJi1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx970 +2cu+fjOlbpSD8DT6IavqjnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGV +WOHAD3bZwI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGjQjBA +MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/WSA2AHmgoCJrjNXy +YdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhyNsZt+U2e+iKo4YFWz827n+qrkRk4 +r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPACuvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNf +vNoBYimipidx5joifsFvHZVwIEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR +3p1m0IvVVGb6g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN +9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlPBSeOE6Fuwg== +-----END CERTIFICATE----- + +Atos TrustedRoot 2011 +===================== +-----BEGIN CERTIFICATE----- +MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UEAwwVQXRvcyBU +cnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQGEwJERTAeFw0xMTA3MDcxNDU4 +MzBaFw0zMDEyMzEyMzU5NTlaMDwxHjAcBgNVBAMMFUF0b3MgVHJ1c3RlZFJvb3QgMjAxMTENMAsG +A1UECgwEQXRvczELMAkGA1UEBhMCREUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV +hTuXbyo7LjvPpvMpNb7PGKw+qtn4TaA+Gke5vJrf8v7MPkfoepbCJI419KkM/IL9bcFyYie96mvr +54rMVD6QUM+A1JX76LWC1BTFtqlVJVfbsVD2sGBkWXppzwO3bw2+yj5vdHLqqjAqc2K+SZFhyBH+ +DgMq92og3AIVDV4VavzjgsG1xZ1kCWyjWZgHJ8cblithdHFsQ/H3NYkQ4J7sVaE3IqKHBAUsR320 +HLliKWYoyrfhk/WklAOZuXCFteZI6o1Q/NnezG8HDt0Lcp2AMBYHlT8oDv3FdU9T1nSatCQujgKR +z3bFmx5VdJx4IbHwLfELn8LVlhgf8FQieowHAgMBAAGjfTB7MB0GA1UdDgQWBBSnpQaxLKYJYO7R +l+lwrrw7GWzbITAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKelBrEspglg7tGX6XCuvDsZ +bNshMBgGA1UdIAQRMA8wDQYLKwYBBAGwLQMEAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEB +CwUAA4IBAQAmdzTblEiGKkGdLD4GkGDEjKwLVLgfuXvTBznk+j57sj1O7Z8jvZfza1zv7v1Apt+h +k6EKhqzvINB5Ab149xnYJDE0BAGmuhWawyfc2E8PzBhj/5kPDpFrdRbhIfzYJsdHt6bPWHJxfrrh +TZVHO8mvbaG0weyJ9rQPOLXiZNwlz6bb65pcmaHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a9 +61qn8FYiqTxlVMYVqL2Gns2Dlmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G +3mB/ufNPRJLvKrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed +-----END CERTIFICATE----- + +QuoVadis Root CA 1 G3 +===================== +-----BEGIN CERTIFICATE----- +MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQELBQAwSDELMAkG +A1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAcBgNVBAMTFVF1b1ZhZGlzIFJv +b3QgQ0EgMSBHMzAeFw0xMjAxMTIxNzI3NDRaFw00MjAxMTIxNzI3NDRaMEgxCzAJBgNVBAYTAkJN +MRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDEg +RzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCgvlAQjunybEC0BJyFuTHK3C3kEakE +PBtVwedYMB0ktMPvhd6MLOHBPd+C5k+tR4ds7FtJwUrVu4/sh6x/gpqG7D0DmVIB0jWerNrwU8lm +PNSsAgHaJNM7qAJGr6Qc4/hzWHa39g6QDbXwz8z6+cZM5cOGMAqNF34168Xfuw6cwI2H44g4hWf6 +Pser4BOcBRiYz5P1sZK0/CPTz9XEJ0ngnjybCKOLXSoh4Pw5qlPafX7PGglTvF0FBM+hSo+LdoIN +ofjSxxR3W5A2B4GbPgb6Ul5jxaYA/qXpUhtStZI5cgMJYr2wYBZupt0lwgNm3fME0UDiTouG9G/l +g6AnhF4EwfWQvTA9xO+oabw4m6SkltFi2mnAAZauy8RRNOoMqv8hjlmPSlzkYZqn0ukqeI1RPToV +7qJZjqlc3sX5kCLliEVx3ZGZbHqfPT2YfF72vhZooF6uCyP8Wg+qInYtyaEQHeTTRCOQiJ/GKubX +9ZqzWB4vMIkIG1SitZgj7Ah3HJVdYdHLiZxfokqRmu8hqkkWCKi9YSgxyXSthfbZxbGL0eUQMk1f +iyA6PEkfM4VZDdvLCXVDaXP7a3F98N/ETH3Goy7IlXnLc6KOTk0k+17kBL5yG6YnLUlamXrXXAkg +t3+UuU/xDRxeiEIbEbfnkduebPRq34wGmAOtzCjvpUfzUwIDAQABo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUo5fW816iEOGrRZ88F2Q87gFwnMwwDQYJKoZI +hvcNAQELBQADggIBABj6W3X8PnrHX3fHyt/PX8MSxEBd1DKquGrX1RUVRpgjpeaQWxiZTOOtQqOC +MTaIzen7xASWSIsBx40Bz1szBpZGZnQdT+3Btrm0DWHMY37XLneMlhwqI2hrhVd2cDMT/uFPpiN3 +GPoajOi9ZcnPP/TJF9zrx7zABC4tRi9pZsMbj/7sPtPKlL92CiUNqXsCHKnQO18LwIE6PWThv6ct +Tr1NxNgpxiIY0MWscgKCP6o6ojoilzHdCGPDdRS5YCgtW2jgFqlmgiNR9etT2DGbe+m3nUvriBbP ++V04ikkwj+3x6xn0dxoxGE1nVGwvb2X52z3sIexe9PSLymBlVNFxZPT5pqOBMzYzcfCkeF9OrYMh +3jRJjehZrJ3ydlo28hP0r+AJx2EqbPfgna67hkooby7utHnNkDPDs3b69fBsnQGQ+p6Q9pxyz0fa +wx/kNSBT8lTR32GDpgLiJTjehTItXnOQUl1CxM49S+H5GYQd1aJQzEH7QRTDvdbJWqNjZgKAvQU6 +O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhpq1467HxpvMc7hU6eFbm0 +FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFtnh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOV +hMJKzRwuJIczYOXD +-----END CERTIFICATE----- + +QuoVadis Root CA 2 G3 +===================== +-----BEGIN CERTIFICATE----- +MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQELBQAwSDELMAkG +A1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAcBgNVBAMTFVF1b1ZhZGlzIFJv +b3QgQ0EgMiBHMzAeFw0xMjAxMTIxODU5MzJaFw00MjAxMTIxODU5MzJaMEgxCzAJBgNVBAYTAkJN +MRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDIg +RzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQChriWyARjcV4g/Ruv5r+LrI3HimtFh +ZiFfqq8nUeVuGxbULX1QsFN3vXg6YOJkApt8hpvWGo6t/x8Vf9WVHhLL5hSEBMHfNrMWn4rjyduY +NM7YMxcoRvynyfDStNVNCXJJ+fKH46nafaF9a7I6JaltUkSs+L5u+9ymc5GQYaYDFCDy54ejiK2t +oIz/pgslUiXnFgHVy7g1gQyjO/Dh4fxaXc6AcW34Sas+O7q414AB+6XrW7PFXmAqMaCvN+ggOp+o +MiwMzAkd056OXbxMmO7FGmh77FOm6RQ1o9/NgJ8MSPsc9PG/Srj61YxxSscfrf5BmrODXfKEVu+l +V0POKa2Mq1W/xPtbAd0jIaFYAI7D0GoT7RPjEiuA3GfmlbLNHiJuKvhB1PLKFAeNilUSxmn1uIZo +L1NesNKqIcGY5jDjZ1XHm26sGahVpkUG0CM62+tlXSoREfA7T8pt9DTEceT/AFr2XK4jYIVz8eQQ +sSWu1ZK7E8EM4DnatDlXtas1qnIhO4M15zHfeiFuuDIIfR0ykRVKYnLP43ehvNURG3YBZwjgQQvD +6xVu+KQZ2aKrr+InUlYrAoosFCT5v0ICvybIxo/gbjh9Uy3l7ZizlWNof/k19N+IxWA1ksB8aRxh +lRbQ694Lrz4EEEVlWFA4r0jyWbYW8jwNkALGcC4BrTwV1wIDAQABo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU7edvdlq/YOxJW8ald7tyFnGbxD0wDQYJKoZI +hvcNAQELBQADggIBAJHfgD9DCX5xwvfrs4iP4VGyvD11+ShdyLyZm3tdquXK4Qr36LLTn91nMX66 +AarHakE7kNQIXLJgapDwyM4DYvmL7ftuKtwGTTwpD4kWilhMSA/ohGHqPHKmd+RCroijQ1h5fq7K +pVMNqT1wvSAZYaRsOPxDMuHBR//47PERIjKWnML2W2mWeyAMQ0GaW/ZZGYjeVYg3UQt4XAoeo0L9 +x52ID8DyeAIkVJOviYeIyUqAHerQbj5hLja7NQ4nlv1mNDthcnPxFlxHBlRJAHpYErAK74X9sbgz +dWqTHBLmYF5vHX/JHyPLhGGfHoJE+V+tYlUkmlKY7VHnoX6XOuYvHxHaU4AshZ6rNRDbIl9qxV6X +U/IyAgkwo1jwDQHVcsaxfGl7w/U2Rcxhbl5MlMVerugOXou/983g7aEOGzPuVBj+D77vfoRrQ+Nw +mNtddbINWQeFFSM51vHfqSYP1kjHs6Yi9TM3WpVHn3u6GBVv/9YUZINJ0gpnIdsPNWNgKCLjsZWD +zYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeMHVOyToV7BjjHLPj4sHKN +JeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4WSr2Rz0ZiC3oheGe7IUIarFsNMkd7Egr +O3jtZsSOeWmD3n+M +-----END CERTIFICATE----- + +QuoVadis Root CA 3 G3 +===================== +-----BEGIN CERTIFICATE----- +MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQELBQAwSDELMAkG +A1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAcBgNVBAMTFVF1b1ZhZGlzIFJv +b3QgQ0EgMyBHMzAeFw0xMjAxMTIyMDI2MzJaFw00MjAxMTIyMDI2MzJaMEgxCzAJBgNVBAYTAkJN +MRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDMg +RzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCzyw4QZ47qFJenMioKVjZ/aEzHs286 +IxSR/xl/pcqs7rN2nXrpixurazHb+gtTTK/FpRp5PIpM/6zfJd5O2YIyC0TeytuMrKNuFoM7pmRL +Mon7FhY4futD4tN0SsJiCnMK3UmzV9KwCoWdcTzeo8vAMvMBOSBDGzXRU7Ox7sWTaYI+FrUoRqHe +6okJ7UO4BUaKhvVZR74bbwEhELn9qdIoyhA5CcoTNs+cra1AdHkrAj80//ogaX3T7mH1urPnMNA3 +I4ZyYUUpSFlob3emLoG+B01vr87ERRORFHAGjx+f+IdpsQ7vw4kZ6+ocYfx6bIrc1gMLnia6Et3U +VDmrJqMz6nWB2i3ND0/kA9HvFZcba5DFApCTZgIhsUfei5pKgLlVj7WiL8DWM2fafsSntARE60f7 +5li59wzweyuxwHApw0BiLTtIadwjPEjrewl5qW3aqDCYz4ByA4imW0aucnl8CAMhZa634RylsSqi +Md5mBPfAdOhx3v89WcyWJhKLhZVXGqtrdQtEPREoPHtht+KPZ0/l7DxMYIBpVzgeAVuNVejH38DM +dyM0SXV89pgR6y3e7UEuFAUCf+D+IOs15xGsIs5XPd7JMG0QA4XN8f+MFrXBsj6IbGB/kE+V9/Yt +rQE5BwT6dYB9v0lQ7e/JxHwc64B+27bQ3RP+ydOc17KXqQIDAQABo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUxhfQvKjqAkPyGwaZXSuQILnXnOQwDQYJKoZI +hvcNAQELBQADggIBADRh2Va1EodVTd2jNTFGu6QHcrxfYWLopfsLN7E8trP6KZ1/AvWkyaiTt3px +KGmPc+FSkNrVvjrlt3ZqVoAh313m6Tqe5T72omnHKgqwGEfcIHB9UqM+WXzBusnIFUBhynLWcKzS +t/Ac5IYp8M7vaGPQtSCKFWGafoaYtMnCdvvMujAWzKNhxnQT5WvvoxXqA/4Ti2Tk08HS6IT7SdEQ +TXlm66r99I0xHnAUrdzeZxNMgRVhvLfZkXdxGYFgu/BYpbWcC/ePIlUnwEsBbTuZDdQdm2NnL9Du +DcpmvJRPpq3t/O5jrFc/ZSXPsoaP0Aj/uHYUbt7lJ+yreLVTubY/6CD50qi+YUbKh4yE8/nxoGib +Ih6BJpsQBJFxwAYf3KDTuVan45gtf4Od34wrnDKOMpTwATwiKp9Dwi7DmDkHOHv8XgBCH/MyJnmD +hPbl8MFREsALHgQjDFSlTC9JxUrRtm5gDWv8a4uFJGS3iQ6rJUdbPM9+Sb3H6QrG2vd+DhcI00iX +0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HNPlopNLk9hM6xZdRZkZFW +dSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/ywaZWWDYWGWVjUTR939+J399roD1B0y2 +PpxxVJkES/1Y+Zj0 +-----END CERTIFICATE----- + +DigiCert Assured ID Root G2 +=========================== +-----BEGIN CERTIFICATE----- +MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSQw +IgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIwHhcNMTMwODAxMTIwMDAwWhcNMzgw +MTE1MTIwMDAwWjBlMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQL +ExB3d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ5ygvUj82ckmIkzTz+GoeMVSAn61UQbVH +35ao1K+ALbkKz3X9iaV9JPrjIgwrvJUXCzO/GU1BBpAAvQxNEP4HteccbiJVMWWXvdMX0h5i89vq +bFCMP4QMls+3ywPgym2hFEwbid3tALBSfK+RbLE4E9HpEgjAALAcKxHad3A2m67OeYfcgnDmCXRw +VWmvo2ifv922ebPynXApVfSr/5Vh88lAbx3RvpO704gqu52/clpWcTs/1PPRCv4o76Pu2ZmvA9OP +YLfykqGxvYmJHzDNw6YuYjOuFgJ3RFrngQo8p0Quebg/BLxcoIfhG69Rjs3sLPr4/m3wOnyqi+Rn +lTGNAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBTO +w0q5mVXyuNtgv6l+vVa1lzan1jANBgkqhkiG9w0BAQsFAAOCAQEAyqVVjOPIQW5pJ6d1Ee88hjZv +0p3GeDgdaZaikmkuOGybfQTUiaWxMTeKySHMq2zNixya1r9I0jJmwYrA8y8678Dj1JGG0VDjA9tz +d29KOVPt3ibHtX2vK0LRdWLjSisCx1BL4GnilmwORGYQRI+tBev4eaymG+g3NJ1TyWGqolKvSnAW +hsI6yLETcDbYz+70CjTVW0z9B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0M +jomZmWzwPDCvON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo +IhNzbM8m9Yop5w== +-----END CERTIFICATE----- + +DigiCert Assured ID Root G3 +=========================== +-----BEGIN CERTIFICATE----- +MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQswCQYDVQQGEwJV +UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSQwIgYD +VQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1 +MTIwMDAwWjBlMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwdjAQ +BgcqhkjOPQIBBgUrgQQAIgNiAAQZ57ysRGXtzbg/WPuNsVepRC0FFfLvC/8QdJ+1YlJfZn4f5dwb +RXkLzMZTCp2NXQLZqVneAlr2lSoOjThKiknGvMYDOAdfVdp+CW7if17QRSAPWXYQ1qAk8C3eNvJs +KTmjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBTL0L2p4ZgF +UaFNN6KDec6NHSrkhDAKBggqhkjOPQQDAwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5Fy +YZ5eEJJZVrmDxxDnOOlYJjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy +1vUhZscv6pZjamVFkpUBtA== +-----END CERTIFICATE----- + +DigiCert Global Root G2 +======================= +-----BEGIN CERTIFICATE----- +MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAw +HgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUx +MjAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3 +dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI2/Ou8jqJ +kTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx1x7e/dfgy5SDN67sH0NO +3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQq2EGnI/yuum06ZIya7XzV+hdG82MHauV +BJVJ8zUtluNJbd134/tJS7SsVQepj5WztCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyM +UNGPHgm+F6HmIcr9g+UQvIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQAB +o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV5uNu +5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY1Yl9PMWLSn/pvtsr +F9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4NeF22d+mQrvHRAiGfzZ0JFrabA0U +WTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NGFdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBH +QRFXGU7Aj64GxJUTFy8bJZ918rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/ +iyK5S9kJRaTepLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl +MrY= +-----END CERTIFICATE----- + +DigiCert Global Root G3 +======================= +-----BEGIN CERTIFICATE----- +MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQswCQYDVQQGEwJV +UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYD +VQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAw +MDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5k +aWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEczMHYwEAYHKoZIzj0C +AQYFK4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOrexpu80JX28MzQC7phW1FGfp4tn+6O +YwwX7Adw9c+ELkCDnOg/QW07rdOkFFk2eJ0DQ+4QE2xy3q6Ip6FrtUPOZ9wj/wMco+I+o0IwQDAP +BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNp +Yim8S8YwCgYIKoZIzj0EAwMDaAAwZQIxAK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y +3maTD/HMsQmP3Wyr+mt/oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34 +VOKa5Vt8sycX +-----END CERTIFICATE----- + +DigiCert Trusted Root G4 +======================== +-----BEGIN CERTIFICATE----- +MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBiMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSEw +HwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1 +MTIwMDAwWjBiMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0G +CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3yithZwuEp +pz1Yq3aaza57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1Ifxp4VpX6+n6lXFllVcq9o +k3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDVySAdYyktzuxeTsiT+CFhmzTrBcZe7Fsa +vOvJz82sNEBfsXpm7nfISKhmV1efVFiODCu3T6cw2Vbuyntd463JT17lNecxy9qTXtyOj4DatpGY +QJB5w3jHtrHEtWoYOAMQjdjUN6QuBX2I9YI+EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6 +MUSaM0C/CNdaSaTC5qmgZ92kJ7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCiEhtm +mnTK3kse5w5jrubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADMfRyVw4/3IbKyEbe7 +f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QYuKZ3AeEPlAwhHbJUKSWJbOUOUlFH +dL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXKchYiCd98THU/Y+whX8QgUWtvsauGi0/C1kVfnSD8 +oR7FwI+isX4KJpn15GkvmB0t9dmpsh3lGwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud +DwEB/wQEAwIBhjAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZIhvcNAQEMBQAD +ggIBALth2X2pbL4XxJEbw6GiAI3jZGgPVs93rnD5/ZpKmbnJeFwMDF/k5hQpVgs2SV1EY+CtnJYY +ZhsjDT156W1r1lT40jzBQ0CuHVD1UvyQO7uYmWlrx8GnqGikJ9yd+SeuMIW59mdNOj6PWTkiU0Tr +yF0Dyu1Qen1iIQqAyHNm0aAFYF/opbSnr6j3bTWcfFqK1qI4mfN4i/RN0iAL3gTujJtHgXINwBQy +7zBZLq7gcfJW5GqXb5JQbZaNaHqasjYUegbyJLkJEVDXCLG4iXqEI2FCKeWjzaIgQdfRnGTZ6iah +ixTXTBmyUEFxPT9NcCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN +5r5N0XWs0Mr7QbhDparTwwVETyw2m+L64kW4I1NsBm9nVX9GtUw/bihaeSbSpKhil9Ie4u1Ki7wb +/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mIr/OSmbaz5mEP0oUA51Aa +5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1/YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tK +G48BtieVU+i2iW1bvGjUI+iLUaJW+fCmgKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP +82Z+ +-----END CERTIFICATE----- + +WoSign +====== +-----BEGIN CERTIFICATE----- +MIIFdjCCA16gAwIBAgIQXmjWEXGUY1BWAGjzPsnFkTANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQG +EwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxKjAoBgNVBAMTIUNlcnRpZmljYXRpb24g +QXV0aG9yaXR5IG9mIFdvU2lnbjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgwMTAwMDFaMFUxCzAJ +BgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEqMCgGA1UEAxMhQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkgb2YgV29TaWduMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA +vcqNrLiRFVaXe2tcesLea9mhsMMQI/qnobLMMfo+2aYpbxY94Gv4uEBf2zmoAHqLoE1UfcIiePyO +CbiohdfMlZdLdNiefvAA5A6JrkkoRBoQmTIPJYhTpA2zDxIIFgsDcSccf+Hb0v1naMQFXQoOXXDX +2JegvFNBmpGN9J42Znp+VsGQX+axaCA2pIwkLCxHC1l2ZjC1vt7tj/id07sBMOby8w7gLJKA84X5 +KIq0VC6a7fd2/BVoFutKbOsuEo/Uz/4Mx1wdC34FMr5esAkqQtXJTpCzWQ27en7N1QhatH/YHGkR ++ScPewavVIMYe+HdVHpRaG53/Ma/UkpmRqGyZxq7o093oL5d//xWC0Nyd5DKnvnyOfUNqfTq1+ez +EC8wQjchzDBwyYaYD8xYTYO7feUapTeNtqwylwA6Y3EkHp43xP901DfA4v6IRmAR3Qg/UDaruHqk +lWJqbrDKaiFaafPz+x1wOZXzp26mgYmhiMU7ccqjUu6Du/2gd/Tkb+dC221KmYo0SLwX3OSACCK2 +8jHAPwQ+658geda4BmRkAjHXqc1S+4RFaQkAKtxVi8QGRkvASh0JWzko/amrzgD5LkhLJuYwTKVY +yrREgk/nkR4zw7CT/xH8gdLKH3Ep3XZPkiWvHYG3Dy+MwwbMLyejSuQOmbp8HkUff6oZRZb9/D0C +AwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOFmzw7R +8bNLtwYgFP6HEtX2/vs+MA0GCSqGSIb3DQEBBQUAA4ICAQCoy3JAsnbBfnv8rWTjMnvMPLZdRtP1 +LOJwXcgu2AZ9mNELIaCJWSQBnfmvCX0KI4I01fx8cpm5o9dU9OpScA7F9dY74ToJMuYhOZO9sxXq +T2r09Ys/L3yNWC7F4TmgPsc9SnOeQHrAK2GpZ8nzJLmzbVUsWh2eJXLOC62qx1ViC777Y7NhRCOj +y+EaDveaBk3e1CNOIZZbOVtXHS9dCF4Jef98l7VNg64N1uajeeAz0JmWAjCnPv/So0M/BVoG6kQC +2nz4SNAzqfkHx5Xh9T71XXG68pWpdIhhWeO/yloTunK0jF02h+mmxTwTv97QRCbut+wucPrXnbes +5cVAWubXbHssw1abR80LzvobtCHXt2a49CUwi1wNuepnsvRtrtWhnk/Yn+knArAdBtaP4/tIEp9/ +EaEQPkxROpaw0RPxx9gmrjrKkcRpnd8BKWRRb2jaFOwIQZeQjdCygPLPwj2/kWjFgGcexGATVdVh +mVd8upUPYUk6ynW8yQqTP2cOEvIo4jEbwFcW3wh8GcF+Dx+FHgo2fFt+J7x6v+Db9NpSvd4MVHAx +kUOVyLzwPt0JfjBkUO1/AaQzZ01oT74V77D2AhGiGxMlOtzCWfHjXEa7ZywCRuoeSKbmW9m1vFGi +kpbbqsY3Iqb+zCB0oy2pLmvLwIIRIbWTee5Ehr7XHuQe+w== +-----END CERTIFICATE----- + +WoSign China +============ +-----BEGIN CERTIFICATE----- +MIIFWDCCA0CgAwIBAgIQUHBrzdgT/BtOOzNy0hFIjTANBgkqhkiG9w0BAQsFADBGMQswCQYDVQQG +EwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMMEkNBIOayg+mAmuagueiv +geS5pjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgwMTAwMDFaMEYxCzAJBgNVBAYTAkNOMRowGAYD +VQQKExFXb1NpZ24gQ0EgTGltaXRlZDEbMBkGA1UEAwwSQ0Eg5rKD6YCa5qC56K+B5LmmMIICIjAN +BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0EkhHiX8h8EqwqzbdoYGTufQdDTc7WU1/FDWiD+k +8H/rD195L4mx/bxjWDeTmzj4t1up+thxx7S8gJeNbEvxUNUqKaqoGXqW5pWOdO2XCld19AXbbQs5 +uQF/qvbW2mzmBeCkTVL829B0txGMe41P/4eDrv8FAxNXUDf+jJZSEExfv5RxadmWPgxDT74wwJ85 +dE8GRV2j1lY5aAfMh09Qd5Nx2UQIsYo06Yms25tO4dnkUkWMLhQfkWsZHWgpLFbE4h4TV2TwYeO5 +Ed+w4VegG63XX9Gv2ystP9Bojg/qnw+LNVgbExz03jWhCl3W6t8Sb8D7aQdGctyB9gQjF+BNdeFy +b7Ao65vh4YOhn0pdr8yb+gIgthhid5E7o9Vlrdx8kHccREGkSovrlXLp9glk3Kgtn3R46MGiCWOc +76DbT52VqyBPt7D3h1ymoOQ3OMdc4zUPLK2jgKLsLl3Az+2LBcLmc272idX10kaO6m1jGx6KyX2m ++Jzr5dVjhU1zZmkR/sgO9MHHZklTfuQZa/HpelmjbX7FF+Ynxu8b22/8DU0GAbQOXDBGVWCvOGU6 +yke6rCzMRh+yRpY/8+0mBe53oWprfi1tWFxK1I5nuPHa1UaKJ/kR8slC/k7e3x9cxKSGhxYzoacX +GKUN5AXlK8IrC6KVkLn9YDxOiT7nnO4fuwECAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1Ud +EwEB/wQFMAMBAf8wHQYDVR0OBBYEFOBNv9ybQV0T6GTwp+kVpOGBwboxMA0GCSqGSIb3DQEBCwUA +A4ICAQBqinA4WbbaixjIvirTthnVZil6Xc1bL3McJk6jfW+rtylNpumlEYOnOXOvEESS5iVdT2H6 +yAa+Tkvv/vMx/sZ8cApBWNromUuWyXi8mHwCKe0JgOYKOoICKuLJL8hWGSbueBwj/feTZU7n85iY +r83d2Z5AiDEoOqsuC7CsDCT6eiaY8xJhEPRdF/d+4niXVOKM6Cm6jBAyvd0zaziGfjk9DgNyp115 +j0WKWa5bIW4xRtVZjc8VX90xJc/bYNaBRHIpAlf2ltTW/+op2znFuCyKGo3Oy+dCMYYFaA6eFN0A +kLppRQjbbpCBhqcqBT/mhDn4t/lXX0ykeVoQDF7Va/81XwVRHmyjdanPUIPTfPRm94KNPQx96N97 +qA4bLJyuQHCH2u2nFoJavjVsIE4iYdm8UXrNemHcSxH5/mc0zy4EZmFcV5cjjPOGG0jfKq+nwf/Y +jj4Du9gqsPoUJbJRa4ZDhS4HIxaAjUz7tGM7zMN07RujHv41D198HRaG9Q7DlfEvr10lO1Hm13ZB +ONFLAzkopR6RctR9q5czxNM+4Gm2KHmgCY0c0f9BckgG/Jou5yD5m6Leie2uPAmvylezkolwQOQv +T8Jwg0DXJCxr5wkf09XHwQj02w47HAcLQxGEIYbpgNR12KvxAmLBsX5VYc8T1yaw15zLKYs4SgsO +kI26oQ== +-----END CERTIFICATE----- + +COMODO RSA Certification Authority +================================== +-----BEGIN CERTIFICATE----- +MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCBhTELMAkGA1UE +BhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgG +A1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlv +biBBdXRob3JpdHkwHhcNMTAwMTE5MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMC +R0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UE +ChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBB +dXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR6FSS0gpWsawNJN3Fz0Rn +dJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8Xpz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZ +FGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+ +5eNu/Nio5JIk2kNrYrhV/erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pG +x8cgoLEfZd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z+pUX +2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7wqP/0uK3pN/u6uPQL +OvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZahSL0896+1DSJMwBGB7FY79tOi4lu3 +sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVICu9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+C +GCe01a60y1Dma/RMhnEw6abfFobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5 +WdYgGq/yapiqcrxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E +FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w +DQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvlwFTPoCWOAvn9sKIN9SCYPBMt +rFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+ +nq6PK7o9mfjYcwlYRm6mnPTXJ9OV2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSg +tZx8jb8uk2IntznaFxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwW +sRqZCuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiKboHGhfKp +pC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmckejkk9u+UJueBPSZI9FoJA +zMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yLS0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHq +ZJx64SIDqZxubw5lT2yHh17zbqD5daWbQOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk52 +7RH89elWsn2/x20Kk4yl0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7I +LaZRfyHBNVOFBkpdn627G190 +-----END CERTIFICATE----- + +USERTrust RSA Certification Authority +===================================== +-----BEGIN CERTIFICATE----- +MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCBiDELMAkGA1UE +BhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQK +ExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkwHhcNMTAwMjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UE +BhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQK +ExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCAEmUXNg7D2wiz +0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2j +Y0K2dvKpOyuR+OJv0OwWIJAJPuLodMkYtJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFn +RghRy4YUVD+8M/5+bJz/Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O ++T23LLb2VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT79uq +/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6c0Plfg6lZrEpfDKE +Y1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmTYo61Zs8liM2EuLE/pDkP2QKe6xJM +lXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97lc6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8 +yexDJtC/QV9AqURE9JnnV4eeUB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+ +eLf8ZxXhyVeEHg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd +BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF +MAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPFUp/L+M+ZBn8b2kMVn54CVVeW +FPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KOVWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ +7l8wXEskEVX/JJpuXior7gtNn3/3ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQ +Eg9zKC7F4iRO/Fjs8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM +8WcRiQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYzeSf7dNXGi +FSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZXHlKYC6SQK5MNyosycdi +yA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9c +J2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRBVXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGw +sAvgnEzDHNb842m1R0aBL6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gx +Q+6IHdfGjjxDah2nGN59PRbxYvnKkKj9 +-----END CERTIFICATE----- + +USERTrust ECC Certification Authority +===================================== +-----BEGIN CERTIFICATE----- +MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDELMAkGA1UEBhMC +VVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU +aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlv +biBBdXRob3JpdHkwHhcNMTAwMjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMC +VVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU +aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlv +biBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQarFRaqfloI+d61SRvU8Za2EurxtW2 +0eZzca7dnNYMYf3boIkDuAUU7FfO7l0/4iGzzvfUinngo4N+LZfQYcTxmdwlkWOrfzCjtHDix6Ez +nPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0GA1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNV +HQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBB +HU6+4WMBzzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbWRNZu +9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg= +-----END CERTIFICATE----- + +GlobalSign ECC Root CA - R4 +=========================== +-----BEGIN CERTIFICATE----- +MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEkMCIGA1UECxMb +R2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQD +EwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoXDTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMb +R2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQD +EwpHbG9iYWxTaWduMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuMZ5049sJQ6fLjkZHAOkrprl +OQcJFspjsbmG+IpXwVfOQvpzofdlQv8ewQCybnMO/8ch5RikqtlxP6jUuc6MHaNCMEAwDgYDVR0P +AQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFSwe61FuOJAf/sKbvu+M8k8o4TV +MAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGXkPoUVy0D7O48027KqGx2vKLeuwIgJ6iF +JzWbVsaj8kfSt24bAgAXqmemFZHe+pTsewv4n4Q= +-----END CERTIFICATE----- + +GlobalSign ECC Root CA - R5 +=========================== +-----BEGIN CERTIFICATE----- +MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEkMCIGA1UECxMb +R2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQD +EwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoXDTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMb +R2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQD +EwpHbG9iYWxTaWduMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAER0UOlvt9Xb/pOdEh+J8LttV7HpI6 +SFkc8GIxLcB6KP4ap1yztsyX50XUWPrRd21DosCHZTQKH3rd6zwzocWdTaRvQZU4f8kehOvRnkmS +h5SHDDqFSmafnVmTTZdhBoZKo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAd +BgNVHQ4EFgQUPeYpSJvqB8ohREom3m7e0oPQn1kwCgYIKoZIzj0EAwMDaAAwZQIxAOVpEslu28Yx +uglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7 +yFz9SO8NdCKoCOJuxUnOxwy8p2Fp8fc74SrL+SvzZpA3 +-----END CERTIFICATE----- + +Staat der Nederlanden Root CA - G3 +================================== +-----BEGIN CERTIFICATE----- +MIIFdDCCA1ygAwIBAgIEAJiiOTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJOTDEeMBwGA1UE +CgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFhdCBkZXIgTmVkZXJsYW5kZW4g +Um9vdCBDQSAtIEczMB4XDTEzMTExNDExMjg0MloXDTI4MTExMzIzMDAwMFowWjELMAkGA1UEBhMC +TkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5l +ZGVybGFuZGVuIFJvb3QgQ0EgLSBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL4y +olQPcPssXFnrbMSkUeiFKrPMSjTysF/zDsccPVMeiAho2G89rcKezIJnByeHaHE6n3WWIkYFsO2t +x1ueKt6c/DrGlaf1F2cY5y9JCAxcz+bMNO14+1Cx3Gsy8KL+tjzk7FqXxz8ecAgwoNzFs21v0IJy +EavSgWhZghe3eJJg+szeP4TrjTgzkApyI/o1zCZxMdFyKJLZWyNtZrVtB0LrpjPOktvA9mxjeM3K +Tj215VKb8b475lRgsGYeCasH/lSJEULR9yS6YHgamPfJEf0WwTUaVHXvQ9Plrk7O53vDxk5hUUur +mkVLoR9BvUhTFXFkC4az5S6+zqQbwSmEorXLCCN2QyIkHxcE1G6cxvx/K2Ya7Irl1s9N9WMJtxU5 +1nus6+N86U78dULI7ViVDAZCopz35HCz33JvWjdAidiFpNfxC95DGdRKWCyMijmev4SH8RY7Ngzp +07TKbBlBUgmhHbBqv4LvcFEhMtwFdozL92TkA1CvjJFnq8Xy7ljY3r735zHPbMk7ccHViLVlvMDo +FxcHErVc0qsgk7TmgoNwNsXNo42ti+yjwUOH5kPiNL6VizXtBznaqB16nzaeErAMZRKQFWDZJkBE +41ZgpRDUajz9QdwOWke275dhdU/Z/seyHdTtXUmzqWrLZoQT1Vyg3N9udwbRcXXIV2+vD3dbAgMB +AAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRUrfrHkleu +yjWcLhL75LpdINyUVzANBgkqhkiG9w0BAQsFAAOCAgEAMJmdBTLIXg47mAE6iqTnB/d6+Oea31BD +U5cqPco8R5gu4RV78ZLzYdqQJRZlwJ9UXQ4DO1t3ApyEtg2YXzTdO2PCwyiBwpwpLiniyMMB8jPq +KqrMCQj3ZWfGzd/TtiunvczRDnBfuCPRy5FOCvTIeuXZYzbB1N/8Ipf3YF3qKS9Ysr1YvY2WTxB1 +v0h7PVGHoTx0IsL8B3+A3MSs/mrBcDCw6Y5p4ixpgZQJut3+TcCDjJRYwEYgr5wfAvg1VUkvRtTA +8KCWAg8zxXHzniN9lLf9OtMJgwYh/WA9rjLA0u6NpvDntIJ8CsxwyXmA+P5M9zWEGYox+wrZ13+b +8KKaa8MFSu1BYBQw0aoRQm7TIwIEC8Zl3d1Sd9qBa7Ko+gE4uZbqKmxnl4mUnrzhVNXkanjvSr0r +mj1AfsbAddJu+2gw7OyLnflJNZoaLNmzlTnVHpL3prllL+U9bTpITAjc5CgSKL59NVzq4BZ+Extq +1z7XnvwtdbLBFNUjA9tbbws+eC8N3jONFrdI54OagQ97wUNNVQQXOEpR1VmiiXTTn74eS9fGbbeI +JG9gkaSChVtWQbzQRKtqE77RLFi3EjNYsjdj3BP1lB0/QFH1T/U67cjF68IeHRaVesd+QnGTbksV +tzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM94B7IWcnMFk= +-----END CERTIFICATE----- + +Staat der Nederlanden EV Root CA +================================ +-----BEGIN CERTIFICATE----- +MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJOTDEeMBwGA1UE +CgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFhdCBkZXIgTmVkZXJsYW5kZW4g +RVYgUm9vdCBDQTAeFw0xMDEyMDgxMTE5MjlaFw0yMjEyMDgxMTEwMjhaMFgxCzAJBgNVBAYTAk5M +MR4wHAYDVQQKDBVTdGFhdCBkZXIgTmVkZXJsYW5kZW4xKTAnBgNVBAMMIFN0YWF0IGRlciBOZWRl +cmxhbmRlbiBFViBSb290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA48d+ifkk +SzrSM4M1LGns3Amk41GoJSt5uAg94JG6hIXGhaTK5skuU6TJJB79VWZxXSzFYGgEt9nCUiY4iKTW +O0Cmws0/zZiTs1QUWJZV1VD+hq2kY39ch/aO5ieSZxeSAgMs3NZmdO3dZ//BYY1jTw+bbRcwJu+r +0h8QoPnFfxZpgQNH7R5ojXKhTbImxrpsX23Wr9GxE46prfNeaXUmGD5BKyF/7otdBwadQ8QpCiv8 +Kj6GyzyDOvnJDdrFmeK8eEEzduG/L13lpJhQDBXd4Pqcfzho0LKmeqfRMb1+ilgnQ7O6M5HTp5gV +XJrm0w912fxBmJc+qiXbj5IusHsMX/FjqTf5m3VpTCgmJdrV8hJwRVXj33NeN/UhbJCONVrJ0yPr +08C+eKxCKFhmpUZtcALXEPlLVPxdhkqHz3/KRawRWrUgUY0viEeXOcDPusBCAUCZSCELa6fS/ZbV +0b5GnUngC6agIk440ME8MLxwjyx1zNDFjFE7PZQIZCZhfbnDZY8UnCHQqv0XcgOPvZuM5l5Tnrmd +74K74bzickFbIZTTRTeU0d8JOV3nI6qaHcptqAqGhYqCvkIH1vI4gnPah1vlPNOePqc7nvQDs/nx +fRN0Av+7oeX6AHkcpmZBiFxgV6YuCcS6/ZrPpx9Aw7vMWgpVSzs4dlG4Y4uElBbmVvMCAwEAAaNC +MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFP6rAJCYniT8qcwa +ivsnuL8wbqg7MA0GCSqGSIb3DQEBCwUAA4ICAQDPdyxuVr5Os7aEAJSrR8kN0nbHhp8dB9O2tLsI +eK9p0gtJ3jPFrK3CiAJ9Brc1AsFgyb/E6JTe1NOpEyVa/m6irn0F3H3zbPB+po3u2dfOWBfoqSmu +c0iH55vKbimhZF8ZE/euBhD/UcabTVUlT5OZEAFTdfETzsemQUHSv4ilf0X8rLiltTMMgsT7B/Zq +5SWEXwbKwYY5EdtYzXc7LMJMD16a4/CrPmEbUCTCwPTxGfARKbalGAKb12NMcIxHowNDXLldRqAN +b/9Zjr7dn3LDWyvfjFvO5QxGbJKyCqNMVEIYFRIYvdr8unRu/8G2oGTYqV9Vrp9canaW2HNnh/tN +f1zuacpzEPuKqf2evTY4SUmH9A4U8OmHuD+nT3pajnnUk+S7aFKErGzp85hwVXIy+TSrK0m1zSBi +5Dp6Z2Orltxtrpfs/J92VoguZs9btsmksNcFuuEnL5O7Jiqik7Ab846+HUCjuTaPPoIaGl6I6lD4 +WeKDRikL40Rc4ZW2aZCaFG+XroHPaO+Zmr615+F/+PoTRxZMzG0IQOeLeG9QgkRQP2YGiqtDhFZK +DyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGy +eUN51q1veieQA6TqJIc/2b3Z6fJfUEkc7uzXLg== +-----END CERTIFICATE----- + +IdenTrust Commercial Root CA 1 +============================== +-----BEGIN CERTIFICATE----- +MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBKMQswCQYDVQQG +EwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBS +b290IENBIDEwHhcNMTQwMTE2MTgxMjIzWhcNMzQwMTE2MTgxMjIzWjBKMQswCQYDVQQGEwJVUzES +MBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBSb290IENB +IDEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCnUBneP5k91DNG8W9RYYKyqU+PZ4ld +hNlT3Qwo2dfw/66VQ3KZ+bVdfIrBQuExUHTRgQ18zZshq0PirK1ehm7zCYofWjK9ouuU+ehcCuz/ +mNKvcbO0U59Oh++SvL3sTzIwiEsXXlfEU8L2ApeN2WIrvyQfYo3fw7gpS0l4PJNgiCL8mdo2yMKi +1CxUAGc1bnO/AljwpN3lsKImesrgNqUZFvX9t++uP0D1bVoE/c40yiTcdCMbXTMTEl3EASX2MN0C +XZ/g1Ue9tOsbobtJSdifWwLziuQkkORiT0/Br4sOdBeo0XKIanoBScy0RnnGF7HamB4HWfp1IYVl +3ZBWzvurpWCdxJ35UrCLvYf5jysjCiN2O/cz4ckA82n5S6LgTrx+kzmEB/dEcH7+B1rlsazRGMzy +NeVJSQjKVsk9+w8YfYs7wRPCTY/JTw436R+hDmrfYi7LNQZReSzIJTj0+kuniVyc0uMNOYZKdHzV +WYfCP04MXFL0PfdSgvHqo6z9STQaKPNBiDoT7uje/5kdX7rL6B7yuVBgwDHTc+XvvqDtMwt0viAg +xGds8AgDelWAf0ZOlqf0Hj7h9tgJ4TNkK2PXMl6f+cB7D3hvl7yTmvmcEpB4eoCHFddydJxVdHix +uuFucAS6T6C6aMN7/zHwcz09lCqxC0EOoP5NiGVreTO01wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMC +AQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU7UQZwNPwBovupHu+QucmVMiONnYwDQYJKoZI +hvcNAQELBQADggIBAA2ukDL2pkt8RHYZYR4nKM1eVO8lvOMIkPkp165oCOGUAFjvLi5+U1KMtlwH +6oi6mYtQlNeCgN9hCQCTrQ0U5s7B8jeUeLBfnLOic7iPBZM4zY0+sLj7wM+x8uwtLRvM7Kqas6pg +ghstO8OEPVeKlh6cdbjTMM1gCIOQ045U8U1mwF10A0Cj7oV+wh93nAbowacYXVKV7cndJZ5t+qnt +ozo00Fl72u1Q8zW/7esUTTHHYPTa8Yec4kjixsU3+wYQ+nVZZjFHKdp2mhzpgq7vmrlR94gjmmmV +YjzlVYA211QC//G5Xc7UI2/YRYRKW2XviQzdFKcgyxilJbQN+QHwotL0AMh0jqEqSI5l2xPE4iUX +feu+h1sXIFRRk0pTAwvsXcoz7WL9RccvW9xYoIA55vrX/hMUpu09lEpCdNTDd1lzzY9GvlU47/ro +kTLql1gEIt44w8y8bckzOmoKaT+gyOpyj4xjhiO9bTyWnpXgSUyqorkqG5w2gXjtw+hG4iZZRHUe +2XWJUc0QhJ1hYMtd+ZciTY6Y5uN/9lu7rs3KSoFrXgvzUeF0K+l+J6fZmUlO+KWA2yUPHGNiiskz +Z2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7R +cGzM7vRX+Bi6hG6H +-----END CERTIFICATE----- + +IdenTrust Public Sector Root CA 1 +================================= +-----BEGIN CERTIFICATE----- +MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQG +EwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3Rv +ciBSb290IENBIDEwHhcNMTQwMTE2MTc1MzMyWhcNMzQwMTE2MTc1MzMyWjBNMQswCQYDVQQGEwJV +UzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3RvciBS +b290IENBIDEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2IpT8pEiv6EdrCvsnduTy +P4o7ekosMSqMjbCpwzFrqHd2hCa2rIFCDQjrVVi7evi8ZX3yoG2LqEfpYnYeEe4IFNGyRBb06tD6 +Hi9e28tzQa68ALBKK0CyrOE7S8ItneShm+waOh7wCLPQ5CQ1B5+ctMlSbdsHyo+1W/CD80/HLaXI +rcuVIKQxKFdYWuSNG5qrng0M8gozOSI5Cpcu81N3uURF/YTLNiCBWS2ab21ISGHKTN9T0a9SvESf +qy9rg3LvdYDaBjMbXcjaY8ZNzaxmMc3R3j6HEDbhuaR672BQssvKplbgN6+rNBM5Jeg5ZuSYeqoS +mJxZZoY+rfGwyj4GD3vwEUs3oERte8uojHH01bWRNszwFcYr3lEXsZdMUD2xlVl8BX0tIdUAvwFn +ol57plzy9yLxkA2T26pEUWbMfXYD62qoKjgZl3YNa4ph+bz27nb9cCvdKTz4Ch5bQhyLVi9VGxyh +LrXHFub4qjySjmm2AcG1hp2JDws4lFTo6tyePSW8Uybt1as5qsVATFSrsrTZ2fjXctscvG29ZV/v +iDUqZi/u9rNl8DONfJhBaUYPQxxp+pu10GFqzcpL2UyQRqsVWaFHVCkugyhfHMKiq3IXAAaOReyL +4jM9f9oZRORicsPfIsbyVtTdX5Vy7W1f90gDW/3FKqD2cyOEEBsB5wIDAQABo0IwQDAOBgNVHQ8B +Af8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU43HgntinQtnbcZFrlJPrw6PRFKMw +DQYJKoZIhvcNAQELBQADggIBAEf63QqwEZE4rU1d9+UOl1QZgkiHVIyqZJnYWv6IAcVYpZmxI1Qj +t2odIFflAWJBF9MJ23XLblSQdf4an4EKwt3X9wnQW3IV5B4Jaj0z8yGa5hV+rVHVDRDtfULAj+7A +mgjVQdZcDiFpboBhDhXAuM/FSRJSzL46zNQuOAXeNf0fb7iAaJg9TaDKQGXSc3z1i9kKlT/YPyNt +GtEqJBnZhbMX73huqVjRI9PHE+1yJX9dsXNw0H8GlwmEKYBhHfpe/3OsoOOJuBxxFcbeMX8S3OFt +m6/n6J91eEyrRjuazr8FGF1NFTwWmhlQBJqymm9li1JfPFgEKCXAZmExfrngdbkaqIHWchezxQMx +NRF4eKLg6TCMf4DfWN88uieW4oA0beOY02QnrEh+KHdcxiVhJfiFDGX6xDIvpZgF5PgLZxYWxoK4 +Mhn5+bl53B/N66+rDt0b20XkeucC4pVd/GnwU2lhlXV5C15V5jgclKlZM57IcXR5f1GJtshquDDI +ajjDbp7hNxbqBWJMWxJH7ae0s1hWx0nzfxJoCTFx8G34Tkf71oXuxVhAGaQdp/lLQzfcaFpPz+vC +ZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv8Ue1fXwsBOxonbRJRBD0ckscZOf85muQ +3Wl9af0AVqW3rLatt8o+Ae+c +-----END CERTIFICATE----- + +Entrust Root Certification Authority - G2 +========================================= +-----BEGIN CERTIFICATE----- +MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMCVVMxFjAUBgNV +BAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVy +bXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ug +b25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIw +HhcNMDkwNzA3MTcyNTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoT +DUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMx +OTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25s +eTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP +/vaCeb9zYQYKpSfYs1/TRU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXz +HHfV1IWNcCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hWwcKU +s/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1U1+cPvQXLOZprE4y +TGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0jaWvYkxN4FisZDQSA/i2jZRjJKRx +AgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ6 +0B7vfec7aVHUbI2fkBJmqzANBgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5Z +iXMRrEPR9RP/jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ +Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v1fN2D807iDgi +nWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4RnAuknZoh8/CbCzB428Hch0P+ +vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmHVHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xO +e4pIb4tF9g== +-----END CERTIFICATE----- + +Entrust Root Certification Authority - EC1 +========================================== +-----BEGIN CERTIFICATE----- +MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkGA1UEBhMCVVMx +FjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVn +YWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXpl +ZCB1c2Ugb25seTEzMDEGA1UEAxMqRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 +IC0gRUMxMB4XDTEyMTIxODE1MjUzNloXDTM3MTIxODE1NTUzNlowgb8xCzAJBgNVBAYTAlVTMRYw +FAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2Fs +LXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQg +dXNlIG9ubHkxMzAxBgNVBAMTKkVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt +IEVDMTB2MBAGByqGSM49AgEGBSuBBAAiA2IABIQTydC6bUF74mzQ61VfZgIaJPRbiWlH47jCffHy +AsWfoPZb1YsGGYZPUxBtByQnoaD41UcZYUx9ypMn6nQM72+WCf5j7HBdNq1nd67JnXxVRDqiY1Ef +9eNi1KlHBz7MIKNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE +FLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVCR98crlOZF7ZvHH3h +vxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nXhTcGtXsI/esni0qU+eH6p44mCOh8 +kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G +-----END CERTIFICATE----- + +CFCA EV ROOT +============ +-----BEGIN CERTIFICATE----- +MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJDTjEwMC4GA1UE +CgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQDDAxDRkNB +IEVWIFJPT1QwHhcNMTIwODA4MDMwNzAxWhcNMjkxMjMxMDMwNzAxWjBWMQswCQYDVQQGEwJDTjEw +MC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQD +DAxDRkNBIEVWIFJPT1QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDXXWvNED8fBVnV +BU03sQ7smCuOFR36k0sXgiFxEFLXUWRwFsJVaU2OFW2fvwwbwuCjZ9YMrM8irq93VCpLTIpTUnrD +7i7es3ElweldPe6hL6P3KjzJIx1qqx2hp/Hz7KDVRM8Vz3IvHWOX6Jn5/ZOkVIBMUtRSqy5J35DN +uF++P96hyk0g1CXohClTt7GIH//62pCfCqktQT+x8Rgp7hZZLDRJGqgG16iI0gNyejLi6mhNbiyW +ZXvKWfry4t3uMCz7zEasxGPrb382KzRzEpR/38wmnvFyXVBlWY9ps4deMm/DGIq1lY+wejfeWkU7 +xzbh72fROdOXW3NiGUgthxwG+3SYIElz8AXSG7Ggo7cbcNOIabla1jj0Ytwli3i/+Oh+uFzJlU9f +py25IGvPa931DfSCt/SyZi4QKPaXWnuWFo8BGS1sbn85WAZkgwGDg8NNkt0yxoekN+kWzqotaK8K +gWU6cMGbrU1tVMoqLUuFG7OA5nBFDWteNfB/O7ic5ARwiRIlk9oKmSJgamNgTnYGmE69g60dWIol +hdLHZR4tjsbftsbhf4oEIRUpdPA+nJCdDC7xij5aqgwJHsfVPKPtl8MeNPo4+QgO48BdK4PRVmrJ +tqhUUy54Mmc9gn900PvhtgVguXDbjgv5E1hvcWAQUhC5wUEJ73IfZzF4/5YFjQIDAQABo2MwYTAf +BgNVHSMEGDAWgBTj/i39KNALtbq2osS/BqoFjJP7LzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB +/wQEAwIBBjAdBgNVHQ4EFgQU4/4t/SjQC7W6tqLEvwaqBYyT+y8wDQYJKoZIhvcNAQELBQADggIB +ACXGumvrh8vegjmWPfBEp2uEcwPenStPuiB/vHiyz5ewG5zz13ku9Ui20vsXiObTej/tUxPQ4i9q +ecsAIyjmHjdXNYmEwnZPNDatZ8POQQaIxffu2Bq41gt/UP+TqhdLjOztUmCypAbqTuv0axn96/Ua +4CUqmtzHQTb3yHQFhDmVOdYLO6Qn+gjYXB74BGBSESgoA//vU2YApUo0FmZ8/Qmkrp5nGm9BC2sG +E5uPhnEFtC+NiWYzKXZUmhH4J/qyP5Hgzg0b8zAarb8iXRvTvyUFTeGSGn+ZnzxEk8rUQElsgIfX +BDrDMlI1Dlb4pd19xIsNER9Tyx6yF7Zod1rg1MvIB671Oi6ON7fQAUtDKXeMOZePglr4UeWJoBjn +aH9dCi77o0cOPaYjesYBx4/IXr9tgFa+iiS6M+qf4TIRnvHST4D2G0CvOJ4RUHlzEhLN5mydLIhy +PDCBBpEi6lmt2hkuIsKNuYyH4Ga8cyNfIWRjgEj1oDwYPZTISEEdQLpe/v5WOaHIz16eGWRGENoX +kbcFgKyLmZJ956LYBws2J+dIeWCKw9cTXPhyQN9Ky8+ZAAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3C +ekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su +-----END CERTIFICATE----- + +TÃœRKTRUST Elektronik Sertifika Hizmet SaÄŸlayıcısı H5 +==================================================== +-----BEGIN CERTIFICATE----- +MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UEBhMCVFIxDzAN +BgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxnaSDEsGxldGnFn2ltIHZlIEJp +bGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7Fni4xQjBABgNVBAMMOVTDnFJLVFJVU1Qg +RWxla3Ryb25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSBINTAeFw0xMzA0MzAw +ODA3MDFaFw0yMzA0MjgwODA3MDFaMIGxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMU0w +SwYDVQQKDERUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnE +n2kgSGl6bWV0bGVyaSBBLsWeLjFCMEAGA1UEAww5VMOcUktUUlVTVCBFbGVrdHJvbmlrIFNlcnRp +ZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIEg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEApCUZ4WWe60ghUEoI5RHwWrom/4NZzkQqL/7hzmAD/I0Dpe3/a6i6zDQGn1k19uwsu537 +jVJp45wnEFPzpALFp/kRGml1bsMdi9GYjZOHp3GXDSHHmflS0yxjXVW86B8BSLlg/kJK9siArs1m +ep5Fimh34khon6La8eHBEJ/rPCmBp+EyCNSgBbGM+42WAA4+Jd9ThiI7/PS98wl+d+yG6w8z5UNP +9FR1bSmZLmZaQ9/LXMrI5Tjxfjs1nQ/0xVqhzPMggCTTV+wVunUlm+hkS7M0hO8EuPbJbKoCPrZV +4jI3X/xml1/N1p7HIL9Nxqw/dV8c7TKcfGkAaZHjIxhT6QIDAQABo0IwQDAdBgNVHQ4EFgQUVpkH +HtOsDGlktAxQR95DLL4gwPswDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAJ5FdnsXSDLyOIspve6WSk6BGLFRRyDN0GSxDsnZAdkJzsiZ3GglE9Rc8qPo +BP5yCccLqh0lVX6Wmle3usURehnmp349hQ71+S4pL+f5bFgWV1Al9j4uPqrtd3GqqpmWRgqujuwq +URawXs3qZwQcWDD1YIq9pr1N5Za0/EKJAWv2cMhQOQwt1WbZyNKzMrcbGW3LM/nfpeYVhDfwwvJl +lpKQd/Ct9JDpEXjXk4nAPQu6KfTomZ1yju2dL+6SfaHx/126M2CFYv4HAqGEVka+lgqaE9chTLd8 +B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW+qtB4Uu2NQvAmxU= +-----END CERTIFICATE----- + +Certinomis - Root CA +==================== +-----BEGIN CERTIFICATE----- +MIIFkjCCA3qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjETMBEGA1UEChMK +Q2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxHTAbBgNVBAMTFENlcnRpbm9taXMg +LSBSb290IENBMB4XDTEzMTAyMTA5MTcxOFoXDTMzMTAyMTA5MTcxOFowWjELMAkGA1UEBhMCRlIx +EzARBgNVBAoTCkNlcnRpbm9taXMxFzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMR0wGwYDVQQDExRD +ZXJ0aW5vbWlzIC0gUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANTMCQos +P5L2fxSeC5yaah1AMGT9qt8OHgZbn1CF6s2Nq0Nn3rD6foCWnoR4kkjW4znuzuRZWJflLieY6pOo +d5tK8O90gC3rMB+12ceAnGInkYjwSond3IjmFPnVAy//ldu9n+ws+hQVWZUKxkd8aRi5pwP5ynap +z8dvtF4F/u7BUrJ1Mofs7SlmO/NKFoL21prbcpjp3vDFTKWrteoB4owuZH9kb/2jJZOLyKIOSY00 +8B/sWEUuNKqEUL3nskoTuLAPrjhdsKkb5nPJWqHZZkCqqU2mNAKthH6yI8H7KsZn9DS2sJVqM09x +RLWtwHkziOC/7aOgFLScCbAK42C++PhmiM1b8XcF4LVzbsF9Ri6OSyemzTUK/eVNfaoqoynHWmgE +6OXWk6RiwsXm9E/G+Z8ajYJJGYrKWUM66A0ywfRMEwNvbqY/kXPLynNvEiCL7sCCeN5LLsJJwx3t +FvYk9CcbXFcx3FXuqB5vbKziRcxXV4p1VxngtViZSTYxPDMBbRZKzbgqg4SGm/lg0h9tkQPTYKbV +PZrdd5A9NaSfD171UkRpucC63M9933zZxKyGIjK8e2uR73r4F2iw4lNVYC2vPsKD2NkJK/DAZNuH +i5HMkesE/Xa0lZrmFAYb1TQdvtj/dBxThZngWVJKYe2InmtJiUZ+IFrZ50rlau7SZRFDAgMBAAGj +YzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTvkUz1pcMw6C8I +6tNxIqSSaHh02TAfBgNVHSMEGDAWgBTvkUz1pcMw6C8I6tNxIqSSaHh02TANBgkqhkiG9w0BAQsF +AAOCAgEAfj1U2iJdGlg+O1QnurrMyOMaauo++RLrVl89UM7g6kgmJs95Vn6RHJk/0KGRHCwPT5iV +WVO90CLYiF2cN/z7ZMF4jIuaYAnq1fohX9B0ZedQxb8uuQsLrbWwF6YSjNRieOpWauwK0kDDPAUw +Pk2Ut59KA9N9J0u2/kTO+hkzGm2kQtHdzMjI1xZSg081lLMSVX3l4kLr5JyTCcBMWwerx20RoFAX +lCOotQqSD7J6wWAsOMwaplv/8gzjqh8c3LigkyfeY+N/IZ865Z764BNqdeuWXGKRlI5nU7aJ+BIJ +y29SWwNyhlCVCNSNh4YVH5Uk2KRvms6knZtt0rJ2BobGVgjF6wnaNsIbW0G+YSrjcOa4pvi2WsS9 +Iff/ql+hbHY5ZtbqTFXhADObE5hjyW/QASAJN1LnDE8+zbz1X5YnpyACleAu6AdBBR8Vbtaw5Bng +DwKTACdyxYvRVB9dSsNAl35VpnzBMwQUAR1JIGkLGZOdblgi90AMRgwjY/M50n92Uaf0yKHxDHYi +I0ZSKS3io0EHVmmY0gUJvGnHWmHNj4FgFU2A3ZDifcRQ8ow7bkrHxuaAKzyBvBGAFhAn1/DNP3nM +cyrDflOR1m749fPH0FFNjkulW+YZFzvWgQncItzujrnEj1PhZ7szuIgVRs/taTX/dQ1G885x4cVr +hkIGuUE= +-----END CERTIFICATE----- + +OISTE WISeKey Global Root GB CA +=============================== +-----BEGIN CERTIFICATE----- +MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBtMQswCQYDVQQG +EwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNl +ZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwgUm9vdCBHQiBDQTAeFw0xNDEyMDExNTAw +MzJaFw0zOTEyMDExNTEwMzFaMG0xCzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYD +VQQLExlPSVNURSBGb3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEds +b2JhbCBSb290IEdCIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Be3HEokKtaX +scriHvt9OO+Y9bI5mE4nuBFde9IllIiCFSZqGzG7qFshISvYD06fWvGxWuR51jIjK+FTzJlFXHtP +rby/h0oLS5daqPZI7H17Dc0hBt+eFf1Biki3IPShehtX1F1Q/7pn2COZH8g/497/b1t3sWtuuMlk +9+HKQUYOKXHQuSP8yYFfTvdv37+ErXNku7dCjmn21HYdfp2nuFeKUWdy19SouJVUQHMD9ur06/4o +Qnc/nSMbsrY9gBQHTC5P99UKFg29ZkM3fiNDecNAhvVMKdqOmq0NpQSHiB6F4+lT1ZvIiwNjeOvg +GUpuuy9rM2RYk61pv48b74JIxwIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB +/zAdBgNVHQ4EFgQUNQ/INmNe4qPs+TtmFc5RUuORmj0wEAYJKwYBBAGCNxUBBAMCAQAwDQYJKoZI +hvcNAQELBQADggEBAEBM+4eymYGQfp3FsLAmzYh7KzKNbrghcViXfa43FK8+5/ea4n32cZiZBKpD +dHij40lhPnOMTZTg+XHEthYOU3gf1qKHLwI5gSk8rxWYITD+KJAAjNHhy/peyP34EEY7onhCkRd0 +VQreUGdNZtGn//3ZwLWoo4rOZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEui +HZeeevJuQHHfaPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic +Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM= +-----END CERTIFICATE----- + +Certification Authority of WoSign G2 +==================================== +-----BEGIN CERTIFICATE----- +MIIDfDCCAmSgAwIBAgIQayXaioidfLwPBbOxemFFRDANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQG +EwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxLTArBgNVBAMTJENlcnRpZmljYXRpb24g +QXV0aG9yaXR5IG9mIFdvU2lnbiBHMjAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4NThaMFgx +CzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEtMCsGA1UEAxMkQ2VydGlm +aWNhdGlvbiBBdXRob3JpdHkgb2YgV29TaWduIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEAvsXEoCKASU+/2YcRxlPhuw+9YH+v9oIOH9ywjj2X4FA8jzrvZjtFB5sg+OPXJYY1kBai +XW8wGQiHC38Gsp1ij96vkqVg1CuAmlI/9ZqD6TRay9nVYlzmDuDfBpgOgHzKtB0TiGsOqCR3A9Du +W/PKaZE1OVbFbeP3PU9ekzgkyhjpJMuSA93MHD0JcOQg5PGurLtzaaNjOg9FD6FKmsLRY6zLEPg9 +5k4ot+vElbGs/V6r+kHLXZ1L3PR8du9nfwB6jdKgGlxNIuG12t12s9R23164i5jIFFTMaxeSt+BK +v0mUYQs4kI9dJGwlezt52eJ+na2fmKEG/HgUYFf47oB3sQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMC +AQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU+mCp62XF3RYUCE4MD42b4Pdkr2cwDQYJKoZI +hvcNAQELBQADggEBAFfDejaCnI2Y4qtAqkePx6db7XznPWZaOzG73/MWM5H8fHulwqZm46qwtyeY +P0nXYGdnPzZPSsvxFPpahygc7Y9BMsaV+X3avXtbwrAh449G3CE4Q3RM+zD4F3LBMvzIkRfEzFg3 +TgvMWvchNSiDbGAtROtSjFA9tWwS1/oJu2yySrHFieT801LYYRf+epSEj3m2M1m6D8QL4nCgS3gu ++sif/a+RZQp4OBXllxcU3fngLDT4ONCEIgDAFFEYKwLcMFrw6AF8NTojrwjkr6qOKEJJLvD1mTS+ +7Q9LGOHSJDy7XUe3IfKN0QqZjuNuPq1w4I+5ysxugTH2e5x6eeRncRg= +-----END CERTIFICATE----- + +CA WoSign ECC Root +================== +-----BEGIN CERTIFICATE----- +MIICCTCCAY+gAwIBAgIQaEpYcIBr8I8C+vbe6LCQkDAKBggqhkjOPQQDAzBGMQswCQYDVQQGEwJD +TjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMTEkNBIFdvU2lnbiBFQ0MgUm9v +dDAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4NThaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQK +ExFXb1NpZ24gQ0EgTGltaXRlZDEbMBkGA1UEAxMSQ0EgV29TaWduIEVDQyBSb290MHYwEAYHKoZI +zj0CAQYFK4EEACIDYgAE4f2OuEMkq5Z7hcK6C62N4DrjJLnSsb6IOsq/Srj57ywvr1FQPEd1bPiU +t5v8KB7FVMxjnRZLU8HnIKvNrCXSf4/CwVqCXjCLelTOA7WRf6qU0NGKSMyCBSah1VES1ns2o0Iw +QDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUqv3VWqP2h4syhf3R +MluARZPzA7gwCgYIKoZIzj0EAwMDaAAwZQIxAOSkhLCB1T2wdKyUpOgOPQB0TKGXa/kNUTyh2Tv0 +Daupn75OcsqF1NnstTJFGG+rrQIwfcf3aWMvoeGY7xMQ0Xk/0f7qO3/eVvSQsRUR2LIiFdAvwyYu +a/GRspBl9JrmkO5K +-----END CERTIFICATE----- + +SZAFIR ROOT CA2 +=============== +-----BEGIN CERTIFICATE----- +MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQELBQAwUTELMAkG +A1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6ZW5pb3dhIFMuQS4xGDAWBgNV +BAMMD1NaQUZJUiBST09UIENBMjAeFw0xNTEwMTkwNzQzMzBaFw0zNTEwMTkwNzQzMzBaMFExCzAJ +BgNVBAYTAlBMMSgwJgYDVQQKDB9LcmFqb3dhIEl6YmEgUm96bGljemVuaW93YSBTLkEuMRgwFgYD +VQQDDA9TWkFGSVIgUk9PVCBDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3vD5Q +qEvNQLXOYeeWyrSh2gwisPq1e3YAd4wLz32ohswmUeQgPYUM1ljj5/QqGJ3a0a4m7utT3PSQ1hNK +DJA8w/Ta0o4NkjrcsbH/ON7Dui1fgLkCvUqdGw+0w8LBZwPd3BucPbOw3gAeqDRHu5rr/gsUvTaE +2g0gv/pby6kWIK05YO4vdbbnl5z5Pv1+TW9NL++IDWr63fE9biCloBK0TXC5ztdyO4mTp4CEHCdJ +ckm1/zuVnsHMyAHs6A6KCpbns6aH5db5BSsNl0BwPLqsdVqc1U2dAgrSS5tmS0YHF2Wtn2yIANwi +ieDhZNRnvDF5YTy7ykHNXGoAyDw4jlivAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P +AQH/BAQDAgEGMB0GA1UdDgQWBBQuFqlKGLXLzPVvUPMjX/hd56zwyDANBgkqhkiG9w0BAQsFAAOC +AQEAtXP4A9xZWx126aMqe5Aosk3AM0+qmrHUuOQn/6mWmc5G4G18TKI4pAZw8PRBEew/R40/cof5 +O/2kbytTAOD/OblqBw7rHRz2onKQy4I9EYKL0rufKq8h5mOGnXkZ7/e7DDWQw4rtTw/1zBLZpD67 +oPwglV9PJi8RI4NOdQcPv5vRtB3pEAT+ymCPoky4rc/hkA/NrgrHXXu3UNLUYfrVFdvXn4dRVOul +4+vJhaAlIDf7js4MNIThPIGyd05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6 ++/NNIxuZMzSgLvWpCz/UXeHPhJ/iGcJfitYgHuNztw== +-----END CERTIFICATE----- + +Certum Trusted Network CA 2 +=========================== +-----BEGIN CERTIFICATE----- +MIIF0jCCA7qgAwIBAgIQIdbQSk8lD8kyN/yqXhKN6TANBgkqhkiG9w0BAQ0FADCBgDELMAkGA1UE +BhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMuQS4xJzAlBgNVBAsTHkNlcnR1 +bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEkMCIGA1UEAxMbQ2VydHVtIFRydXN0ZWQgTmV0d29y +ayBDQSAyMCIYDzIwMTExMDA2MDgzOTU2WhgPMjA0NjEwMDYwODM5NTZaMIGAMQswCQYDVQQGEwJQ +TDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENl +cnRpZmljYXRpb24gQXV0aG9yaXR5MSQwIgYDVQQDExtDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENB +IDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC9+Xj45tWADGSdhhuWZGc/IjoedQF9 +7/tcZ4zJzFxrqZHmuULlIEub2pt7uZld2ZuAS9eEQCsn0+i6MLs+CRqnSZXvK0AkwpfHp+6bJe+o +CgCXhVqqndwpyeI1B+twTUrWwbNWuKFBOJvR+zF/j+Bf4bE/D44WSWDXBo0Y+aomEKsq09DRZ40b +Rr5HMNUuctHFY9rnY3lEfktjJImGLjQ/KUxSiyqnwOKRKIm5wFv5HdnnJ63/mgKXwcZQkpsCLL2p +uTRZCr+ESv/f/rOf69me4Jgj7KZrdxYq28ytOxykh9xGc14ZYmhFV+SQgkK7QtbwYeDBoz1mo130 +GO6IyY0XRSmZMnUCMe4pJshrAua1YkV/NxVaI2iJ1D7eTiew8EAMvE0Xy02isx7QBlrd9pPPV3WZ +9fqGGmd4s7+W/jTcvedSVuWz5XV710GRBdxdaeOVDUO5/IOWOZV7bIBaTxNyxtd9KXpEulKkKtVB +Rgkg/iKgtlswjbyJDNXXcPiHUv3a76xRLgezTv7QCdpw75j6VuZt27VXS9zlLCUVyJ4ueE742pye +hizKV/Ma5ciSixqClnrDvFASadgOWkaLOusm+iPJtrCBvkIApPjW/jAux9JG9uWOdf3yzLnQh1vM +BhBgu4M1t15n3kfsmUjxpKEV/q2MYo45VU85FrmxY53/twIDAQABo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBS2oVQ5AsOgP46KvPrU+Bym0ToO/TAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZI +hvcNAQENBQADggIBAHGlDs7k6b8/ONWJWsQCYftMxRQXLYtPU2sQF/xlhMcQSZDe28cmk4gmb3DW +Al45oPePq5a1pRNcgRRtDoGCERuKTsZPpd1iHkTfCVn0W3cLN+mLIMb4Ck4uWBzrM9DPhmDJ2vuA +L55MYIR4PSFk1vtBHxgP58l1cb29XN40hz5BsA72udY/CROWFC/emh1auVbONTqwX3BNXuMp8SMo +clm2q8KMZiYcdywmdjWLKKdpoPk79SPdhRB0yZADVpHnr7pH1BKXESLjokmUbOe3lEu6LaTaM4tM +pkT/WjzGHWTYtTHkpjx6qFcL2+1hGsvxznN3Y6SHb0xRONbkX8eftoEq5IVIeVheO/jbAoJnwTnb +w3RLPTYe+SmTiGhbqEQZIfCn6IENLOiTNrQ3ssqwGyZ6miUfmpqAnksqP/ujmv5zMnHCnsZy4Ypo +J/HkD7TETKVhk/iXEAcqMCWpuchxuO9ozC1+9eB+D4Kob7a6bINDd82Kkhehnlt4Fj1F4jNy3eFm +ypnTycUm/Q1oBEauttmbjL4ZvrHG8hnjXALKLNhvSgfZyTXaQHXyxKcZb55CEJh15pWLYLztxRLX +is7VmFxWlgPF7ncGNf/P5O4/E2Hu29othfDNrp2yGAlFw5Khchf8R7agCyzxxN5DaAhqXzvwdmP7 +zAYspsbiDrW5viSP +-----END CERTIFICATE----- + +Hellenic Academic and Research Institutions RootCA 2015 +======================================================= +-----BEGIN CERTIFICATE----- +MIIGCzCCA/OgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCR1IxDzANBgNVBAcT +BkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0 +aW9ucyBDZXJ0LiBBdXRob3JpdHkxQDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNl +YXJjaCBJbnN0aXR1dGlvbnMgUm9vdENBIDIwMTUwHhcNMTUwNzA3MTAxMTIxWhcNNDAwNjMwMTAx +MTIxWjCBpjELMAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMg +QWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxQDA+BgNV +BAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgUm9vdENBIDIw +MTUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDC+Kk/G4n8PDwEXT2QNrCROnk8Zlrv +bTkBSRq0t89/TSNTt5AA4xMqKKYx8ZEA4yjsriFBzh/a/X0SWwGDD7mwX5nh8hKDgE0GPt+sr+eh +iGsxr/CL0BgzuNtFajT0AoAkKAoCFZVedioNmToUW/bLy1O8E00BiDeUJRtCvCLYjqOWXjrZMts+ +6PAQZe104S+nfK8nNLspfZu2zwnI5dMK/IhlZXQK3HMcXM1AsRzUtoSMTFDPaI6oWa7CJ06CojXd +FPQf/7J31Ycvqm59JCfnxssm5uX+Zwdj2EUN3TpZZTlYepKZcj2chF6IIbjV9Cz82XBST3i4vTwr +i5WY9bPRaM8gFH5MXF/ni+X1NYEZN9cRCLdmvtNKzoNXADrDgfgXy5I2XdGj2HUb4Ysn6npIQf1F +GQatJ5lOwXBH3bWfgVMS5bGMSF0xQxfjjMZ6Y5ZLKTBOhE5iGV48zpeQpX8B653g+IuJ3SWYPZK2 +fu/Z8VFRfS0myGlZYeCsargqNhEEelC9MoS+L9xy1dcdFkfkR2YgP/SWxa+OAXqlD3pk9Q0Yh9mu +iNX6hME6wGkoLfINaFGq46V3xqSQDqE3izEjR8EJCOtu93ib14L8hCCZSRm2Ekax+0VVFqmjZayc +Bw/qa9wfLgZy7IaIEuQt218FL+TwA9MmM+eAws1CoRc0CwIDAQABo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUcRVnyMjJvXVdctA4GGqd83EkVAswDQYJKoZI +hvcNAQELBQADggIBAHW7bVRLqhBYRjTyYtcWNl0IXtVsyIe9tC5G8jH4fOpCtZMWVdyhDBKg2mF+ +D1hYc2Ryx+hFjtyp8iY/xnmMsVMIM4GwVhO+5lFc2JsKT0ucVlMC6U/2DWDqTUJV6HwbISHTGzrM +d/K4kPFox/la/vot9L/J9UUbzjgQKjeKeaO04wlshYaT/4mWJ3iBj2fjRnRUjtkNaeJK9E10A/+y +d+2VZ5fkscWrv2oj6NSU4kQoYsRL4vDY4ilrGnB+JGGTe08DMiUNRSQrlrRGar9KC/eaj8GsGsVn +82800vpzY4zvFrCopEYq+OsS7HK07/grfoxSwIuEVPkvPuNVqNxmsdnhX9izjFk0WaSrT2y7Hxjb +davYy5LNlDhhDgcGH0tGEPEVvo2FXDtKK4F5D7Rpn0lQl033DlZdwJVqwjbDG2jJ9SrcR5q+ss7F +Jej6A7na+RZukYT1HCjI/CbM1xyQVqdfbzoEvM14iQuODy+jqk+iGxI9FghAD/FGTNeqewjBCvVt +J94Cj8rDtSvK6evIIVM4pcw72Hc3MKJP2W/R8kCtQXoXxdZKNYm3QdV8hn9VTYNKpXMgwDqvkPGa +JI7ZjnHKe7iG2rKPmT4dEw0SEe7Uq/DpFXYC5ODfqiAeW2GFZECpkJcNrVPSWh2HagCXZWK0vm9q +p/UsQu0yrbYhnr68 +-----END CERTIFICATE----- + +Hellenic Academic and Research Institutions ECC RootCA 2015 +=========================================================== +-----BEGIN CERTIFICATE----- +MIICwzCCAkqgAwIBAgIBADAKBggqhkjOPQQDAjCBqjELMAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0 +aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9u +cyBDZXJ0LiBBdXRob3JpdHkxRDBCBgNVBAMTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJj +aCBJbnN0aXR1dGlvbnMgRUNDIFJvb3RDQSAyMDE1MB4XDTE1MDcwNzEwMzcxMloXDTQwMDYzMDEw +MzcxMlowgaoxCzAJBgNVBAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmlj +IEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUQwQgYD +VQQDEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIEVDQyBSb290 +Q0EgMjAxNTB2MBAGByqGSM49AgEGBSuBBAAiA2IABJKgQehLgoRc4vgxEZmGZE4JJS+dQS8KrjVP +dJWyUWRrjWvmP3CV8AVER6ZyOFB2lQJajq4onvktTpnvLEhvTCUp6NFxW98dwXU3tNf6e3pCnGoK +Vlp8aQuqgAkkbH7BRqNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0O +BBYEFLQiC4KZJAEOnLvkDv2/+5cgk5kqMAoGCCqGSM49BAMCA2cAMGQCMGfOFmI4oqxiRaeplSTA +GiecMjvAwNW6qef4BENThe5SId6d9SWDPp5YSy/XZxMOIQIwBeF1Ad5o7SofTUwJCA3sS61kFyjn +dc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKR +-----END CERTIFICATE----- + +Certplus Root CA G1 +=================== +-----BEGIN CERTIFICATE----- +MIIFazCCA1OgAwIBAgISESBVg+QtPlRWhS2DN7cs3EYRMA0GCSqGSIb3DQEBDQUAMD4xCzAJBgNV +BAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBsdXMgUm9vdCBDQSBHMTAe +Fw0xNDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBaMD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhD +ZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBsdXMgUm9vdCBDQSBHMTCCAiIwDQYJKoZIhvcNAQEBBQAD +ggIPADCCAgoCggIBANpQh7bauKk+nWT6VjOaVj0W5QOVsjQcmm1iBdTYj+eJZJ+622SLZOZ5KmHN +r49aiZFluVj8tANfkT8tEBXgfs+8/H9DZ6itXjYj2JizTfNDnjl8KvzsiNWI7nC9hRYt6kuJPKNx +Qv4c/dMcLRC4hlTqQ7jbxofaqK6AJc96Jh2qkbBIb6613p7Y1/oA/caP0FG7Yn2ksYyy/yARujVj +BYZHYEMzkPZHogNPlk2dT8Hq6pyi/jQu3rfKG3akt62f6ajUeD94/vI4CTYd0hYCyOwqaK/1jpTv +LRN6HkJKHRUxrgwEV/xhc/MxVoYxgKDEEW4wduOU8F8ExKyHcomYxZ3MVwia9Az8fXoFOvpHgDm2 +z4QTd28n6v+WZxcIbekN1iNQMLAVdBM+5S//Ds3EC0pd8NgAM0lm66EYfFkuPSi5YXHLtaW6uOrc +4nBvCGrch2c0798wct3zyT8j/zXhviEpIDCB5BmlIOklynMxdCm+4kLV87ImZsdo/Rmz5yCTmehd +4F6H50boJZwKKSTUzViGUkAksnsPmBIgJPaQbEfIDbsYIC7Z/fyL8inqh3SV4EJQeIQEQWGw9CEj +jy3LKCHyamz0GqbFFLQ3ZU+V/YDI+HLlJWvEYLF7bY5KinPOWftwenMGE9nTdDckQQoRb5fc5+R+ +ob0V8rqHDz1oihYHAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0G +A1UdDgQWBBSowcCbkahDFXxdBie0KlHYlwuBsTAfBgNVHSMEGDAWgBSowcCbkahDFXxdBie0KlHY +lwuBsTANBgkqhkiG9w0BAQ0FAAOCAgEAnFZvAX7RvUz1isbwJh/k4DgYzDLDKTudQSk0YcbX8ACh +66Ryj5QXvBMsdbRX7gp8CXrc1cqh0DQT+Hern+X+2B50ioUHj3/MeXrKls3N/U/7/SMNkPX0XtPG +YX2eEeAC7gkE2Qfdpoq3DIMku4NQkv5gdRE+2J2winq14J2by5BSS7CTKtQ+FjPlnsZlFT5kOwQ/ +2wyPX1wdaR+v8+khjPPvl/aatxm2hHSco1S1cE5j2FddUyGbQJJD+tZ3VTNPZNX70Cxqjm0lpu+F +6ALEUz65noe8zDUa3qHpimOHZR4RKttjd5cUvpoUmRGywO6wT/gUITJDT5+rosuoD6o7BlXGEilX +CNQ314cnrUlZp5GrRHpejXDbl85IULFzk/bwg2D5zfHhMf1bfHEhYxQUqq/F3pN+aLHsIqKqkHWe +tUNy6mSjhEv9DKgma3GX7lZjZuhCVPnHHd/Qj1vfyDBviP4NxDMcU6ij/UgQ8uQKTuEVV/xuZDDC +VRHc6qnNSlSsKWNEz0pAoNZoWRsz+e86i9sgktxChL8Bq4fA1SCC28a5g4VCXA9DO2pJNdWY9BW/ ++mGBDAkgGNLQFwzLSABQ6XaCjGTXOqAHVcweMcDvOrRl++O/QmueD6i9a5jc2NvLi6Td11n0bt3+ +qsOR0C5CB8AMTVPNJLFMWx5R9N/pkvo= +-----END CERTIFICATE----- + +Certplus Root CA G2 +=================== +-----BEGIN CERTIFICATE----- +MIICHDCCAaKgAwIBAgISESDZkc6uo+jF5//pAq/Pc7xVMAoGCCqGSM49BAMDMD4xCzAJBgNVBAYT +AkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBsdXMgUm9vdCBDQSBHMjAeFw0x +NDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBaMD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0 +cGx1czEcMBoGA1UEAwwTQ2VydHBsdXMgUm9vdCBDQSBHMjB2MBAGByqGSM49AgEGBSuBBAAiA2IA +BM0PW1aC3/BFGtat93nwHcmsltaeTpwftEIRyoa/bfuFo8XlGVzX7qY/aWfYeOKmycTbLXku54uN +Am8xIk0G42ByRZ0OQneezs/lf4WbGOT8zC5y0xaTTsqZY1yhBSpsBqNjMGEwDgYDVR0PAQH/BAQD +AgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNqDYwJ5jtpMxjwjFNiPwyCrKGBZMB8GA1Ud +IwQYMBaAFNqDYwJ5jtpMxjwjFNiPwyCrKGBZMAoGCCqGSM49BAMDA2gAMGUCMHD+sAvZ94OX7PNV +HdTcswYO/jOYnYs5kGuUIe22113WTNchp+e/IQ8rzfcq3IUHnQIxAIYUFuXcsGXCwI4Un78kFmjl +vPl5adytRSv3tjFzzAalU5ORGpOucGpnutee5WEaXw== +-----END CERTIFICATE----- + +OpenTrust Root CA G1 +==================== +-----BEGIN CERTIFICATE----- +MIIFbzCCA1egAwIBAgISESCzkFU5fX82bWTCp59rY45nMA0GCSqGSIb3DQEBCwUAMEAxCzAJBgNV +BAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5UcnVzdCBSb290IENBIEcx +MB4XDTE0MDUyNjA4NDU1MFoXDTM4MDExNTAwMDAwMFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoM +CU9wZW5UcnVzdDEdMBsGA1UEAwwUT3BlblRydXN0IFJvb3QgQ0EgRzEwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQD4eUbalsUwXopxAy1wpLuwxQjczeY1wICkES3d5oeuXT2R0odsN7fa +Yp6bwiTXj/HbpqbfRm9RpnHLPhsxZ2L3EVs0J9V5ToybWL0iEA1cJwzdMOWo010hOHQX/uMftk87 +ay3bfWAfjH1MBcLrARYVmBSO0ZB3Ij/swjm4eTrwSSTilZHcYTSSjFR077F9jAHiOH3BX2pfJLKO +YheteSCtqx234LSWSE9mQxAGFiQD4eCcjsZGT44ameGPuY4zbGneWK2gDqdkVBFpRGZPTBKnjix9 +xNRbxQA0MMHZmf4yzgeEtE7NCv82TWLxp2NX5Ntqp66/K7nJ5rInieV+mhxNaMbBGN4zK1FGSxyO +9z0M+Yo0FMT7MzUj8czxKselu7Cizv5Ta01BG2Yospb6p64KTrk5M0ScdMGTHPjgniQlQ/GbI4Kq +3ywgsNw2TgOzfALU5nsaqocTvz6hdLubDuHAk5/XpGbKuxs74zD0M1mKB3IDVedzagMxbm+WG+Oi +n6+Sx+31QrclTDsTBM8clq8cIqPQqwWyTBIjUtz9GVsnnB47ev1CI9sjgBPwvFEVVJSmdz7QdFG9 +URQIOTfLHzSpMJ1ShC5VkLG631UAC9hWLbFJSXKAqWLXwPYYEQRVzXR7z2FwefR7LFxckvzluFqr +TJOVoSfupb7PcSNCupt2LQIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB +/zAdBgNVHQ4EFgQUl0YhVyE12jZVx/PxN3DlCPaTKbYwHwYDVR0jBBgwFoAUl0YhVyE12jZVx/Px +N3DlCPaTKbYwDQYJKoZIhvcNAQELBQADggIBAB3dAmB84DWn5ph76kTOZ0BP8pNuZtQ5iSas000E +PLuHIT839HEl2ku6q5aCgZG27dmxpGWX4m9kWaSW7mDKHyP7Rbr/jyTwyqkxf3kfgLMtMrpkZ2Cv +uVnN35pJ06iCsfmYlIrM4LvgBBuZYLFGZdwIorJGnkSI6pN+VxbSFXJfLkur1J1juONI5f6ELlgK +n0Md/rcYkoZDSw6cMoYsYPXpSOqV7XAp8dUv/TW0V8/bhUiZucJvbI/NeJWsZCj9VrDDb8O+WVLh +X4SPgPL0DTatdrOjteFkdjpY3H1PXlZs5VVZV6Xf8YpmMIzUUmI4d7S+KNfKNsSbBfD4Fdvb8e80 +nR14SohWZ25g/4/Ii+GOvUKpMwpZQhISKvqxnUOOBZuZ2mKtVzazHbYNeS2WuOvyDEsMpZTGMKcm +GS3tTAZQMPH9WD25SxdfGbRqhFS0OE85og2WaMMolP3tLR9Ka0OWLpABEPs4poEL0L9109S5zvE/ +bw4cHjdx5RiHdRk/ULlepEU0rbDK5uUTdg8xFKmOLZTW1YVNcxVPS/KyPu1svf0OnWZzsD2097+o +4BGkxK51CUpjAEggpsadCwmKtODmzj7HPiY46SvepghJAwSQiumPv+i2tCqjI40cHLI5kqiPAlxA +OXXUc0ECd97N4EOH1uS6SsNsEn/+KuYj1oxx +-----END CERTIFICATE----- + +OpenTrust Root CA G2 +==================== +-----BEGIN CERTIFICATE----- +MIIFbzCCA1egAwIBAgISESChaRu/vbm9UpaPI+hIvyYRMA0GCSqGSIb3DQEBDQUAMEAxCzAJBgNV +BAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5UcnVzdCBSb290IENBIEcy +MB4XDTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAwMFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoM +CU9wZW5UcnVzdDEdMBsGA1UEAwwUT3BlblRydXN0IFJvb3QgQ0EgRzIwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQDMtlelM5QQgTJT32F+D3Y5z1zCU3UdSXqWON2ic2rxb95eolq5cSG+ +Ntmh/LzubKh8NBpxGuga2F8ORAbtp+Dz0mEL4DKiltE48MLaARf85KxP6O6JHnSrT78eCbY2albz +4e6WiWYkBuTNQjpK3eCasMSCRbP+yatcfD7J6xcvDH1urqWPyKwlCm/61UWY0jUJ9gNDlP7ZvyCV +eYCYitmJNbtRG6Q3ffyZO6v/v6wNj0OxmXsWEH4db0fEFY8ElggGQgT4hNYdvJGmQr5J1WqIP7wt +UdGejeBSzFfdNTVY27SPJIjki9/ca1TSgSuyzpJLHB9G+h3Ykst2Z7UJmQnlrBcUVXDGPKBWCgOz +3GIZ38i1MH/1PCZ1Eb3XG7OHngevZXHloM8apwkQHZOJZlvoPGIytbU6bumFAYueQ4xncyhZW+vj +3CzMpSZyYhK05pyDRPZRpOLAeiRXyg6lPzq1O4vldu5w5pLeFlwoW5cZJ5L+epJUzpM5ChaHvGOz +9bGTXOBut9Dq+WIyiET7vycotjCVXRIouZW+j1MY5aIYFuJWpLIsEPUdN6b4t/bQWVyJ98LVtZR0 +0dX+G7bw5tYee9I8y6jj9RjzIR9u701oBnstXW5DiabA+aC/gh7PU3+06yzbXfZqfUAkBXKJOAGT +y3HCOV0GEfZvePg3DTmEJwIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB +/zAdBgNVHQ4EFgQUajn6QiL35okATV59M4PLuG53hq8wHwYDVR0jBBgwFoAUajn6QiL35okATV59 +M4PLuG53hq8wDQYJKoZIhvcNAQENBQADggIBAJjLq0A85TMCl38th6aP1F5Kr7ge57tx+4BkJamz +Gj5oXScmp7oq4fBXgwpkTx4idBvpkF/wrM//T2h6OKQQbA2xx6R3gBi2oihEdqc0nXGEL8pZ0keI +mUEiyTCYYW49qKgFbdEfwFFEVn8nNQLdXpgKQuswv42hm1GqO+qTRmTFAHneIWv2V6CG1wZy7HBG +S4tz3aAhdT7cHcCP009zHIXZ/n9iyJVvttN7jLpTwm+bREx50B1ws9efAvSyB7DH5fitIw6mVskp +EndI2S9G/Tvw/HRwkqWOOAgfZDC2t0v7NqwQjqBSM2OdAzVWxWm9xiNaJ5T2pBL4LTM8oValX9YZ +6e18CL13zSdkzJTaTkZQh+D5wVOAHrut+0dSixv9ovneDiK3PTNZbNTe9ZUGMg1RGUFcPk8G97kr +gCf2o6p6fAbhQ8MTOWIaNr3gKC6UAuQpLmBVrkA9sHSSXvAgZJY/X0VdiLWK2gKgW0VU3jg9CcCo +SmVGFvyqv1ROTVu+OEO3KMqLM6oaJbolXCkvW0pujOotnCr2BXbgd5eAiN1nE28daCSLT7d0geX0 +YJ96Vdc+N9oWaz53rK4YcJUIeSkDiv7BO7M/Gg+kO14fWKGVyasvc0rQLW6aWQ9VGHgtPFGml4vm +u7JwqkwR3v98KzfUetF3NI/n+UL3PIEMS1IK +-----END CERTIFICATE----- + +OpenTrust Root CA G3 +==================== +-----BEGIN CERTIFICATE----- +MIICITCCAaagAwIBAgISESDm+Ez8JLC+BUCs2oMbNGA/MAoGCCqGSM49BAMDMEAxCzAJBgNVBAYT +AkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5UcnVzdCBSb290IENBIEczMB4X +DTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAwMFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9w +ZW5UcnVzdDEdMBsGA1UEAwwUT3BlblRydXN0IFJvb3QgQ0EgRzMwdjAQBgcqhkjOPQIBBgUrgQQA +IgNiAARK7liuTcpm3gY6oxH84Bjwbhy6LTAMidnW7ptzg6kjFYwvWYpa3RTqnVkrQ7cG7DK2uu5B +ta1doYXM6h0UZqNnfkbilPPntlahFVmhTzeXuSIevRHr9LIfXsMUmuXZl5mjYzBhMA4GA1UdDwEB +/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRHd8MUi2I5DMlv4VBN0BBY3JWIbTAf +BgNVHSMEGDAWgBRHd8MUi2I5DMlv4VBN0BBY3JWIbTAKBggqhkjOPQQDAwNpADBmAjEAj6jcnboM +BBf6Fek9LykBl7+BFjNAk2z8+e2AcG+qj9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta +3U1fJAuwACEl74+nBCZx4nxp5V2a+EEfOzmTk51V6s2N8fvB +-----END CERTIFICATE----- + +ISRG Root X1 +============ +-----BEGIN CERTIFICATE----- +MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UE +BhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQD +EwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQG +EwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMT +DElTUkcgUm9vdCBYMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54r +Vygch77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+0TM8ukj1 +3Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6UA5/TR5d8mUgjU+g4rk8K +b4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sWT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCN +Aymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyHB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ +4Q7e2RCOFvu396j3x+UCB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf +1b0SHzUvKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWnOlFu +hjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTnjh8BCNAw1FtxNrQH +usEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbwqHyGO0aoSCqI3Haadr8faqU9GY/r +OPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CIrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4G +A1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY +9umbbjANBgkqhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL +ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ3BebYhtF8GaV +0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KKNFtY2PwByVS5uCbMiogziUwt +hDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJw +TdwJx4nLCgdNbOhdjsnvzqvHu7UrTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nx +e5AW0wdeRlN8NwdCjNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZA +JzVcoyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq4RgqsahD +YVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPAmRGunUHBcnWEvgJBQl9n +JEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57demyPxgcYxn/eR44/KJ4EBs+lVDR3veyJ +m+kXQ99b21/+jh5Xos1AnX5iItreGCc= +-----END CERTIFICATE----- + +AC RAIZ FNMT-RCM +================ +-----BEGIN CERTIFICATE----- +MIIFgzCCA2ugAwIBAgIPXZONMGc2yAYdGsdUhGkHMA0GCSqGSIb3DQEBCwUAMDsxCzAJBgNVBAYT +AkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBGTk1ULVJDTTAeFw0wODEw +MjkxNTU5NTZaFw0zMDAxMDEwMDAwMDBaMDsxCzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJD +TTEZMBcGA1UECwwQQUMgUkFJWiBGTk1ULVJDTTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC +ggIBALpxgHpMhm5/yBNtwMZ9HACXjywMI7sQmkCpGreHiPibVmr75nuOi5KOpyVdWRHbNi63URcf +qQgfBBckWKo3Shjf5TnUV/3XwSyRAZHiItQDwFj8d0fsjz50Q7qsNI1NOHZnjrDIbzAzWHFctPVr +btQBULgTfmxKo0nRIBnuvMApGGWn3v7v3QqQIecaZ5JCEJhfTzC8PhxFtBDXaEAUwED653cXeuYL +j2VbPNmaUtu1vZ5Gzz3rkQUCwJaydkxNEJY7kvqcfw+Z374jNUUeAlz+taibmSXaXvMiwzn15Cou +08YfxGyqxRxqAQVKL9LFwag0Jl1mpdICIfkYtwb1TplvqKtMUejPUBjFd8g5CSxJkjKZqLsXF3mw +WsXmo8RZZUc1g16p6DULmbvkzSDGm0oGObVo/CK67lWMK07q87Hj/LaZmtVC+nFNCM+HHmpxffnT +tOmlcYF7wk5HlqX2doWjKI/pgG6BU6VtX7hI+cL5NqYuSf+4lsKMB7ObiFj86xsc3i1w4peSMKGJ +47xVqCfWS+2QrYv6YyVZLag13cqXM7zlzced0ezvXg5KkAYmY6252TUtB7p2ZSysV4999AeU14EC +ll2jB0nVetBX+RvnU0Z1qrB5QstocQjpYL05ac70r8NWQMetUqIJ5G+GR4of6ygnXYMgrwTJbFaa +i0b1AgMBAAGjgYMwgYAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE +FPd9xf3E6Jobd2Sn9R2gzL+HYJptMD4GA1UdIAQ3MDUwMwYEVR0gADArMCkGCCsGAQUFBwIBFh1o +dHRwOi8vd3d3LmNlcnQuZm5tdC5lcy9kcGNzLzANBgkqhkiG9w0BAQsFAAOCAgEAB5BK3/MjTvDD +nFFlm5wioooMhfNzKWtN/gHiqQxjAb8EZ6WdmF/9ARP67Jpi6Yb+tmLSbkyU+8B1RXxlDPiyN8+s +D8+Nb/kZ94/sHvJwnvDKuO+3/3Y3dlv2bojzr2IyIpMNOmqOFGYMLVN0V2Ue1bLdI4E7pWYjJ2cJ +j+F3qkPNZVEI7VFY/uY5+ctHhKQV8Xa7pO6kO8Rf77IzlhEYt8llvhjho6Tc+hj507wTmzl6NLrT +Qfv6MooqtyuGC2mDOL7Nii4LcK2NJpLuHvUBKwrZ1pebbuCoGRw6IYsMHkCtA+fdZn71uSANA+iW ++YJF1DngoABd15jmfZ5nc8OaKveri6E6FO80vFIOiZiaBECEHX5FaZNXzuvO+FB8TxxuBEOb+dY7 +Ixjp6o7RTUaN8Tvkasq6+yO3m/qZASlaWFot4/nUbQ4mrcFuNLwy+AwF+mWj2zs3gyLp1txyM/1d +8iC9djwj2ij3+RvrWWTV3F9yfiD8zYm1kGdNYno/Tq0dwzn+evQoFt9B9kiABdcPUXmsEKvU7ANm +5mqwujGSQkBqvjrTcuFqN1W8rB2Vt2lh8kORdOag0wokRqEIr9baRRmW1FMdW4R58MD3R++Lj8UG +rp1MYp3/RgT408m2ECVAdf4WqslKYIYvuu8wd+RU4riEmViAqhOLUTpPSPaLtrM= +-----END CERTIFICATE----- + +Amazon Root CA 1 +================ +-----BEGIN CERTIFICATE----- +MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsFADA5MQswCQYD +VQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24gUm9vdCBDQSAxMB4XDTE1 +MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpv +bjEZMBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBALJ4gHHKeNXjca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgH +FzZM9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qwIFAGbHrQ +gLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6VOujw5H5SNz/0egwLX0t +dHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L93FcXmn/6pUCyziKrlA4b9v7LWIbxcce +VOF34GfID5yHI9Y/QCB/IIDEgEw+OyQmjgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB +/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3 +DQEBCwUAA4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDIU5PM +CCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUsN+gDS63pYaACbvXy +8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vvo/ufQJVtMVT8QtPHRh8jrdkPSHCa +2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2 +xJNDd2ZhwLnoQdeXeGADbkpyrqXRfboQnoZsG4q5WTP468SQvvG5 +-----END CERTIFICATE----- + +Amazon Root CA 2 +================ +-----BEGIN CERTIFICATE----- +MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwFADA5MQswCQYD +VQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24gUm9vdCBDQSAyMB4XDTE1 +MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpv +bjEZMBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC +ggIBAK2Wny2cSkxKgXlRmeyKy2tgURO8TW0G/LAIjd0ZEGrHJgw12MBvIITplLGbhQPDW9tK6Mj4 +kHbZW0/jTOgGNk3Mmqw9DJArktQGGWCsN0R5hYGCrVo34A3MnaZMUnbqQ523BNFQ9lXg1dKmSYXp +N+nKfq5clU1Imj+uIFptiJXZNLhSGkOQsL9sBbm2eLfq0OQ6PBJTYv9K8nu+NQWpEjTj82R0Yiw9 +AElaKP4yRLuH3WUnAnE72kr3H9rN9yFVkE8P7K6C4Z9r2UXTu/Bfh+08LDmG2j/e7HJV63mjrdvd +fLC6HM783k81ds8P+HgfajZRRidhW+mez/CiVX18JYpvL7TFz4QuK/0NURBs+18bvBt+xa47mAEx +kv8LV/SasrlX6avvDXbR8O70zoan4G7ptGmh32n2M8ZpLpcTnqWHsFcQgTfJU7O7f/aS0ZzQGPSS +btqDT6ZjmUyl+17vIWR6IF9sZIUVyzfpYgwLKhbcAS4y2j5L9Z469hdAlO+ekQiG+r5jqFoz7Mt0 +Q5X5bGlSNscpb/xVA1wf+5+9R+vnSUeVC06JIglJ4PVhHvG/LopyboBZ/1c6+XUyo05f7O0oYtlN +c/LMgRdg7c3r3NunysV+Ar3yVAhU/bQtCSwXVEqY0VThUWcI0u1ufm8/0i2BWSlmy5A5lREedCf+ +3euvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSw +DPBMMPQFWAJI/TPlUq9LhONmUjANBgkqhkiG9w0BAQwFAAOCAgEAqqiAjw54o+Ci1M3m9Zh6O+oA +A7CXDpO8Wqj2LIxyh6mx/H9z/WNxeKWHWc8w4Q0QshNabYL1auaAn6AFC2jkR2vHat+2/XcycuUY ++gn0oJMsXdKMdYV2ZZAMA3m3MSNjrXiDCYZohMr/+c8mmpJ5581LxedhpxfL86kSk5Nrp+gvU5LE +YFiwzAJRGFuFjWJZY7attN6a+yb3ACfAXVU3dJnJUH/jWS5E4ywl7uxMMne0nxrpS10gxdr9HIcW +xkPo1LsmmkVwXqkLN1PiRnsn/eBG8om3zEK2yygmbtmlyTrIQRNg91CMFa6ybRoVGld45pIq2WWQ +gj9sAq+uEjonljYE1x2igGOpm/HlurR8FLBOybEfdF849lHqm/osohHUqS0nGkWxr7JOcQ3AWEbW +aQbLU8uz/mtBzUF+fUwPfHJ5elnNXkoOrJupmHN5fLT0zLm4BwyydFy4x2+IoZCn9Kr5v2c69BoV +Yh63n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE76KlXIx3 +KadowGuuQNKotOrN8I1LOJwZmhsoVLiJkO/KdYE+HvJkJMcYr07/R54H9jVlpNMKVv/1F2Rs76gi +JUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT4PsJYGw= +-----END CERTIFICATE----- + +Amazon Root CA 3 +================ +-----BEGIN CERTIFICATE----- +MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5MQswCQYDVQQG +EwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24gUm9vdCBDQSAzMB4XDTE1MDUy +NjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZ +MBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCmXp8ZB +f8ANm+gBG1bG8lKlui2yEujSLtf6ycXYqm0fc4E7O5hrOXwzpcVOho6AF2hiRVd9RFgdszflZwjr +Zt6jQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSrttvXBp43 +rDCGB5Fwx5zEGbF4wDAKBggqhkjOPQQDAgNJADBGAiEA4IWSoxe3jfkrBqWTrBqYaGFy+uGh0Psc +eGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteMYyRIHN8wfdVoOw== +-----END CERTIFICATE----- + +Amazon Root CA 4 +================ +-----BEGIN CERTIFICATE----- +MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5MQswCQYDVQQG +EwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24gUm9vdCBDQSA0MB4XDTE1MDUy +NjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZ +MBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgNDB2MBAGByqGSM49AgEGBSuBBAAiA2IABNKrijdPo1MN +/sGKe0uoe0ZLY7Bi9i0b2whxIdIA6GO9mif78DluXeo9pcmBqqNbIJhFXRbb/egQbeOc4OO9X4Ri +83BkM6DLJC9wuoihKqB1+IGuYgbEgds5bimwHvouXKNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV +HQ8BAf8EBAMCAYYwHQYDVR0OBBYEFNPsxzplbszh2naaVvuc84ZtV+WBMAoGCCqGSM49BAMDA2gA +MGUCMDqLIfG9fhGt0O9Yli/W651+kI0rz2ZVwyzjKKlwCkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1 +AE47xDqUEpHJWEadIRNyp4iciuRMStuW1KyLa2tJElMzrdfkviT8tQp21KW8EA== +-----END CERTIFICATE----- + +LuxTrust Global Root 2 +====================== +-----BEGIN CERTIFICATE----- +MIIFwzCCA6ugAwIBAgIUCn6m30tEntpqJIWe5rgV0xZ/u7EwDQYJKoZIhvcNAQELBQAwRjELMAkG +A1UEBhMCTFUxFjAUBgNVBAoMDUx1eFRydXN0IFMuQS4xHzAdBgNVBAMMFkx1eFRydXN0IEdsb2Jh +bCBSb290IDIwHhcNMTUwMzA1MTMyMTU3WhcNMzUwMzA1MTMyMTU3WjBGMQswCQYDVQQGEwJMVTEW +MBQGA1UECgwNTHV4VHJ1c3QgUy5BLjEfMB0GA1UEAwwWTHV4VHJ1c3QgR2xvYmFsIFJvb3QgMjCC +AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANeFl78RmOnwYoNMPIf5U2o3C/IPPIfOb9wm +Kb3FibrJgz337spbxm1Jc7TJRqMbNBM/wYlFV/TZsfs2ZUv7COJIcRHIbjuend+JZTemhfY7RBi2 +xjcwYkSSl2l9QjAk5A0MiWtj3sXh306pFGxT4GHO9hcvHTy95iJMHZP1EMShduxq3sVs35a0VkBC +wGKSMKEtFZSg0iAGCW5qbeXrt77U8PEVfIvmTroTzEsnXpk8F12PgX8zPU/TPxvsXD/wPEx1bvKm +1Z3aLQdjAsZy6ZS8TEmVT4hSyNvoaYL4zDRbIvCGp4m9SAptZoFtyMhk+wHh9OHe2Z7d21vUKpkm +FRseTJIpgp7VkoGSQXAZ96Tlk0u8d2cx3Rz9MXANF5kM+Qw5GSoXtTBxVdUPrljhPS80m8+f9niF +wpN6cj5mj5wWEWCPnolvZ77gR1o7DJpni89Gxq44o/KnvObWhWszJHAiS8sIm7vI+AIpHb4gDEa/ +a4ebsypmQjVGbKq6rfmYe+lQVRQxv7HaLe2ArWgk+2mr2HETMOZns4dA/Yl+8kPREd8vZS9kzl8U +ubG/Mb2HeFpZZYiq/FkySIbWTLkpS5XTdvN3JW1CHDiDTf2jX5t/Lax5Gw5CMZdjpPuKadUiDTSQ +MC6otOBttpSsvItO13D8xTiOZCXhTTmQzsmHhFhxAgMBAAGjgagwgaUwDwYDVR0TAQH/BAUwAwEB +/zBCBgNVHSAEOzA5MDcGByuBKwEBAQowLDAqBggrBgEFBQcCARYeaHR0cHM6Ly9yZXBvc2l0b3J5 +Lmx1eHRydXN0Lmx1MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBT/GCh2+UgFLKGu8SsbK7JT ++Et8szAdBgNVHQ4EFgQU/xgodvlIBSyhrvErGyuyU/hLfLMwDQYJKoZIhvcNAQELBQADggIBAGoZ +FO1uecEsh9QNcH7X9njJCwROxLHOk3D+sFTAMs2ZMGQXvw/l4jP9BzZAcg4atmpZ1gDlaCDdLnIN +H2pkMSCEfUmmWjfrRcmF9dTHF5kH5ptV5AzoqbTOjFu1EVzPig4N1qx3gf4ynCSecs5U89BvolbW +7MM3LGVYvlcAGvI1+ut7MV3CwRI9loGIlonBWVx65n9wNOeD4rHh4bhY79SV5GCc8JaXcozrhAIu +ZY+kt9J/Z93I055cqqmkoCUUBpvsT34tC38ddfEz2O3OuHVtPlu5mB0xDVbYQw8wkbIEa91WvpWA +VWe+2M2D2RjuLg+GLZKecBPs3lHJQ3gCpU3I+V/EkVhGFndadKpAvAefMLmx9xIX3eP/JEAdemrR +TxgKqpAd60Ae36EeRJIQmvKN4dFLRp7oRUKX6kWZ8+xm1QL68qZKJKrezrnK+T+Tb/mjuuqlPpmt +/f97mfVl7vBZKGfXkJWkE4SphMHozs51k2MavDzq1WQfLSoSOcbDWjLtR5EWDrw4wVDej8oqkDQc +7kGUnF4ZLvhFSZl0kbAEb+MEWrGrKqv+x9CWttrhSmQGbmBNvUJO/3jaJMobtNeWOWyu8Q6qp31I +iyBMz2TWuJdGsE7RKlY6oJO9r4Ak4Ap+58rVyuiFVdw2KuGUaJPHZnJED4AhMmwlxyOAgwrr +-----END CERTIFICATE----- + +TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1 +============================================= +-----BEGIN CERTIFICATE----- +MIIEYzCCA0ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCB0jELMAkGA1UEBhMCVFIxGDAWBgNVBAcT +D0dlYnplIC0gS29jYWVsaTFCMEAGA1UEChM5VHVya2l5ZSBCaWxpbXNlbCB2ZSBUZWtub2xvamlr +IEFyYXN0aXJtYSBLdXJ1bXUgLSBUVUJJVEFLMS0wKwYDVQQLEyRLYW11IFNlcnRpZmlrYXN5b24g +TWVya2V6aSAtIEthbXUgU00xNjA0BgNVBAMTLVRVQklUQUsgS2FtdSBTTSBTU0wgS29rIFNlcnRp +ZmlrYXNpIC0gU3VydW0gMTAeFw0xMzExMjUwODI1NTVaFw00MzEwMjUwODI1NTVaMIHSMQswCQYD +VQQGEwJUUjEYMBYGA1UEBxMPR2ViemUgLSBLb2NhZWxpMUIwQAYDVQQKEzlUdXJraXllIEJpbGlt +c2VsIHZlIFRla25vbG9qaWsgQXJhc3Rpcm1hIEt1cnVtdSAtIFRVQklUQUsxLTArBgNVBAsTJEth +bXUgU2VydGlmaWthc3lvbiBNZXJrZXppIC0gS2FtdSBTTTE2MDQGA1UEAxMtVFVCSVRBSyBLYW11 +IFNNIFNTTCBLb2sgU2VydGlmaWthc2kgLSBTdXJ1bSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAr3UwM6q7a9OZLBI3hNmNe5eA027n/5tQlT6QlVZC1xl8JoSNkvoBHToP4mQ4t4y8 +6Ij5iySrLqP1N+RAjhgleYN1Hzv/bKjFxlb4tO2KRKOrbEz8HdDc72i9z+SqzvBV96I01INrN3wc +wv61A+xXzry0tcXtAA9TNypN9E8Mg/uGz8v+jE69h/mniyFXnHrfA2eJLJ2XYacQuFWQfw4tJzh0 +3+f92k4S400VIgLI4OD8D62K18lUUMw7D8oWgITQUVbDjlZ/iSIzL+aFCr2lqBs23tPcLG07xxO9 +WSMs5uWk99gL7eqQQESolbuT1dCANLZGeA4fAJNG4e7p+exPFwIDAQABo0IwQDAdBgNVHQ4EFgQU +ZT/HiobGPN08VFw1+DrtUgxHV8gwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJ +KoZIhvcNAQELBQADggEBACo/4fEyjq7hmFxLXs9rHmoJ0iKpEsdeV31zVmSAhHqT5Am5EM2fKifh +AHe+SMg1qIGf5LgsyX8OsNJLN13qudULXjS99HMpw+0mFZx+CFOKWI3QSyjfwbPfIPP54+M638yc +lNhOT8NrF7f3cuitZjO1JVOr4PhMqZ398g26rrnZqsZr+ZO7rqu4lzwDGrpDxpa5RXI4s6ehlj2R +e37AIVNMh+3yC1SVUZPVIqUNivGTDj5UDrDYyU7c8jEyVupk+eq1nRZmQnLzf9OxMUP8pI4X8W0j +q5Rm+K37DwhuJi1/FwcJsoz7UMCflo3Ptv0AnVoUmr8CRPXBwp8iXqIPoeM= +-----END CERTIFICATE----- diff --git a/patches/source/curl/curl.SlackBuild b/patches/source/curl/curl.SlackBuild new file mode 100755 index 00000000..9727bd68 --- /dev/null +++ b/patches/source/curl/curl.SlackBuild @@ -0,0 +1,152 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2013, 2014, 2016, 2017 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=curl +VERSION=${VERSION:-$(echo curl-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-curl + +# Uncomment to build a no-SSL version: +#SSLOPT=--without-ssl + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $PKG +cd $TMP +rm -rf curl-$VERSION +tar xvf $CWD/curl-$VERSION.tar.xz || exit 1 +cd curl-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --with-ca-bundle=/usr/share/curl/ca-bundle.crt \ + --enable-static=no \ + $SSLOPT || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# We have always installed the man3 documentation, so we'll keep doing it +# even though these are no longer installed by default. No || exit 1, if +# it works, it works, and if it doesn't, we tried. +( cd docs/libcurl + make install-man3 DESTDIR=$PKG + cd opts + make install-man3 DESTDIR=$PKG +) + +mkdir -p $PKG/usr/share/curl +cp -a $CWD/cacert.pem.bz2 $PKG/usr/share/curl +( cd $PKG/usr/share/curl + bzip2 -d cacert.pem.bz2 + mv cacert.pem ca-bundle.crt + chown root:root ca-bundle.crt + chmod 644 ca-bundle.crt +) + +# We don't ship the related perl script (yet): +rm -f $PKG/usr/man/man1/mk-ca-bundle.1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +strip -g $PKG/usr/lib${LIBDIRSUFFIX}/libcurl.a + +mkdir -p $PKG/usr/doc/curl-$VERSION +cp -a \ + COPYING* README* UPGRADE \ + $PKG/usr/doc/curl-$VERSION +( cd docs + cp -a \ + BUGS CONTRIBUTE FAQ FEATURES INSTALL INTERNALS MANUAL README* RESOURCES THANKS TODO examples \ + $PKG/usr/doc/curl-$VERSION ) +# Get rid of .deps cruft: +rm -rf $PKG/usr/doc/curl-$VERSION/examples/.deps + +# If there's a CHANGES file, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGES ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat CHANGES | head -n 1000 > $DOCSDIR/ChangeLog + touch -r CHANGES $DOCSDIR/ChangeLog +fi + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/curl-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/curl/slack-desc b/patches/source/curl/slack-desc new file mode 100644 index 00000000..0fe5c532 --- /dev/null +++ b/patches/source/curl/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +curl: curl (command line URL data transfer tool) +curl: +curl: Curl is a command line tool for transferring data specified with URL +curl: syntax. The command is designed to work without user interaction or +curl: any kind of interactivity. Curl offers a busload of useful tricks +curl: like proxy support, user authentication, ftp upload, HTTP post, SSL +curl: (https:) connections, cookies, file transfer resume and more. +curl: +curl: libcurl is a library that Curl uses to do its job. It is readily +curl: available to be used by your software, too. +curl: diff --git a/patches/source/dhcp/dhclient-script.PATH.diff b/patches/source/dhcp/dhclient-script.PATH.diff new file mode 100644 index 00000000..567ed2a4 --- /dev/null +++ b/patches/source/dhcp/dhclient-script.PATH.diff @@ -0,0 +1,13 @@ +--- ./client/scripts/linux.orig 2017-07-25 08:39:54.000000000 -0500 ++++ ./client/scripts/linux 2017-08-03 15:31:41.067873392 -0500 +@@ -22,6 +22,10 @@ + # 4. TIMEOUT not tested. ping has a flag I don't know, and I'm suspicious + # of the $1 in its args. + ++# Set a reasonable default path for Linux: ++PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin ++export PATH ++ + # 5. Script refresh in 2017. The aliasing code was too convoluted and needs + # to go away. Migrated DHCPv4 script to ip command from iproute2 suite. + # This is based on Debian script with some tweaks. ifconfig is no longer diff --git a/patches/source/dhcp/dhcp-remove-bind-tarball.sh b/patches/source/dhcp/dhcp-remove-bind-tarball.sh new file mode 100755 index 00000000..5249f967 --- /dev/null +++ b/patches/source/dhcp/dhcp-remove-bind-tarball.sh @@ -0,0 +1,49 @@ +#!/bin/sh + +# Copyright 2011 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=dhcp +VERSION=${VERSION:-4.2.1-P1} +BUILD=${BUILD:-1} + +# This is not yet used, but eventually we would like to be able to purge +# the bundled BIND and use the system's instead. Maybe wishful thinking. + +CWD=$(pwd) +TMP=${TMP:-/tmp} + +cd $TMP +rm -rf dhcp-$VERSION +tar xvf $CWD/dhcp-$VERSION.tar.?z* || exit 1 +cd dhcp-$VERSION || exit 1 + +# good "bob" why? ... +rm -rf bind/* + +# Generate a new .xz compressed tarball in /tmp: +cd $TMP +rm -f dhcp-$VERSION.tar* +tar cf dhcp-$VERSION.tar dhcp-$VERSION +xz -9 dhcp-$VERSION.tar + +echo "$TMP/dhcp-$VERSION.tar.xz created" + diff --git a/patches/source/dhcp/dhcp.SlackBuild b/patches/source/dhcp/dhcp.SlackBuild new file mode 100755 index 00000000..6123db3c --- /dev/null +++ b/patches/source/dhcp/dhcp.SlackBuild @@ -0,0 +1,179 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=dhcp +# Leave this one .gz as other compressors do not help much and we can keep +# the original upstream .asc +VERSION=${VERSION:-$(basename $(echo $PKGNAM-*.tar.gz | cut -f 2- -d -) .tar.gz)} +BUILD=${BUILD:-1_slack13.1} + +PKG_VERSION=$(echo $VERSION | tr - _) + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-dhcp + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf dhcp-$VERSION +tar xvf $CWD/dhcp-$VERSION.tar.gz || exit 1 +cd dhcp-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Add PATH setting to /sbin/dhclient-script +zcat $CWD/dhclient-script.PATH.diff.gz | patch -p1 || exit 1 + +# Fix paths in manual pages +sed -i \ + -e "s,ETCDIR,/etc,g" \ + -e "s,DBDIR,/var/state/dhcp,g" \ + -e "s,RUNDIR,/var/run,g" \ + client/*.{5,8} \ + server/*.{5,8} \ + doc/*/*.{5,8} + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --docdir=/usr/doc/dhcp-$VERSION \ + --build=$ARCH-slackware-linux \ + --with-srv-lease-file=/var/state/dhcp/dhcpd.leases \ + --with-srv6-lease-file=/var/state/dhcp/dhcpd6.leases \ + --with-cli-lease-file=/var/state/dhcp/dhclient.leases \ + --with-cli6-lease-file=/var/state/dhcp/dhclient6.leases +# Default pid dir is still /var/run, so no need to declare it + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# DHCP libraries need not be included, yet. +rm -rf $PKG/usr/{include,lib${LIBDIRSUFFIX}} + +# We need this in /sbin +mkdir -p $PKG/sbin +mv $PKG/usr/sbin/dhclient $PKG/sbin + +# Install the dhclient-script for linux +cat client/scripts/linux > $PKG/sbin/dhclient-script +chmod 700 $PKG/sbin/dhclient-script + +# Create the initial *.leases files: +mkdir -p $PKG/var/state/dhcp +touch $PKG/var/state/dhcp/dhcpd.leases.new +touch $PKG/var/state/dhcp/dhcpd6.leases.new +touch $PKG/var/state/dhcp/dhclient.leases.new +touch $PKG/var/state/dhcp/dhclient6.leases.new + +cat << EOF > $PKG/etc/dhcpd.conf.new +# dhcpd.conf +# +# Configuration file for ISC dhcpd (see 'man dhcpd.conf') +# +EOF + +cat << EOF > $PKG/etc/dhclient.conf.new +# dhclient.conf +# +# Configuration file for ISC dhclient (see 'man dhclient.conf') +# +EOF + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc/dhcp-$VERSION/examples +cp -a \ + LICENSE README RELNOTES \ + $PKG/usr/doc/dhcp-$VERSION +mv $PKG/etc/dhcpd.conf $PKG/etc/dhclient.conf \ + $PKG/usr/doc/dhcp-$VERSION/examples + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/dhcp-$PKG_VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/dhcp/doinst.sh b/patches/source/dhcp/doinst.sh new file mode 100644 index 00000000..a376034a --- /dev/null +++ b/patches/source/dhcp/doinst.sh @@ -0,0 +1,21 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/dhcpd.conf.new +config etc/dhclient.conf.new +config var/state/dhcp/dhcpd.leases.new +config var/state/dhcp/dhcpd6.leases.new +config var/state/dhcp/dhclient.leases.new +config var/state/dhcp/dhclient6.leases.new +rm -f var/state/dhcp/*.leases.new + diff --git a/patches/source/dhcp/slack-desc b/patches/source/dhcp/slack-desc new file mode 100644 index 00000000..f586e4e1 --- /dev/null +++ b/patches/source/dhcp/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +dhcp: dhcp (DHCP server and client utilities) +dhcp: +dhcp: This package provides the ISC's DHCP utilities, including both a +dhcp: server and client. The DHCP protocol allows a host to contact a +dhcp: central server which maintains a list of IP addresses which may be +dhcp: assigned on one or more subnets. A DHCP client may request an +dhcp: address from this pool, and then use it temporarily for communication +dhcp: on the network. The DHCP protocol also provides a mechanism whereby +dhcp: a client can learn important details about the network to which it is +dhcp: attached, such as the location of a default router or name server. +dhcp: diff --git a/patches/source/dhcpcd/50-ntp.conf.diff b/patches/source/dhcpcd/50-ntp.conf.diff new file mode 100644 index 00000000..63fd914b --- /dev/null +++ b/patches/source/dhcpcd/50-ntp.conf.diff @@ -0,0 +1,29 @@ +--- ./dhcpcd-hooks/50-ntp.conf.orig 2010-11-19 04:17:14.000000000 -0600 ++++ ./dhcpcd-hooks/50-ntp.conf 2010-12-29 16:07:48.000000000 -0600 +@@ -8,6 +8,26 @@ + # NTP_CONF=/usr/pkg/etc/ntpd.conf + # to use openntpd from pkgsrc instead of the system provided ntp. + ++# Detect OpenRC, Debian or BSD rc ++# Distributions may want to just have their command here instead of this ++if type rc-service >/dev/null 2>&1 && rc-service --exists ntpd; then ++ ntpd_restart_cmd="rc-service ntpd -- -Ds restart" ++elif type invoke-rc.d >/dev/null 2>&1; then ++ if [ -x /etc/init.d/ntp ]; then ++ ntpd_restart_cmd="invoke-rc.d ntp try-restart" ++ fi ++ # Debian as a seperate file for DHCP config to avoid stamping on ++ # the master. ++ [ -e /var/lib/ntp ] || mkdir /var/lib/ntp ++ : ${NTP_DHCP_CONF:=/var/lib/ntp/ntp.conf.dhcp} ++elif [ -x /etc/rc.d/ntpd ]; then ++ ntpd_restart_cmd="/etc/rc.d/ntpd status >/dev/null 2>&1 && /etc/rc.d/ntpd restart" ++elif [ -x /usr/local/etc/rc.d/ntpd ]; then ++ ntpd_restart_cmd="/usr/local/etc/rc.d/ntpd status >/dev/null 2>&1 && /usr/local/etc/rc.d/ntpd restart" ++elif [ -x /etc/rc.d/rc.ntpd ]; then ++ ntpd_restart_cmd="/etc/rc.d/rc.ntpd status >/dev/null 2>&1 && /etc/rc.d/rc.ntpd restart" ++fi ++ + : ${ntpd_restart_cmd:=service_condcommand ntpd restart} + if type invoke-rc.d >/dev/null 2>&1; then + # Debian has a seperate file for DHCP config to avoid stamping on diff --git a/patches/source/dhcpcd/COPYRIGHT b/patches/source/dhcpcd/COPYRIGHT new file mode 100644 index 00000000..07d9e683 --- /dev/null +++ b/patches/source/dhcpcd/COPYRIGHT @@ -0,0 +1,26 @@ +/* + * dhcpcd - DHCP client daemon + * Copyright 2006-2008 Roy Marples <roy@marples.name> + * All rights reserved + + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ diff --git a/patches/source/dhcpcd/dhcpcd.SlackBuild b/patches/source/dhcpcd/dhcpcd.SlackBuild new file mode 100755 index 00000000..8d91540c --- /dev/null +++ b/patches/source/dhcpcd/dhcpcd.SlackBuild @@ -0,0 +1,119 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo dhcpcd-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-dhcpcd + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf dhcpcd-$VERSION +tar xvf $CWD/dhcpcd-$VERSION.tar.?z* || exit 1 +cd dhcpcd-$VERSION +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# At this point, it should be safe to assume that /var will be mounted by the +# time dhcpcd is called, as all non-root local filesystems are mounted from +# /etc/rc.d/rc.S, and /var should not be on a network filesystem. As such, +# we'll use the FHS layout instead of putting things in /etc/dhcpc + +# Fixup the 50-ntp.conf hook with our init script location +zcat $CWD/50-ntp.conf.diff.gz | patch -p1 || exit 1 + +# Security fix: +zcat $CWD/dhcpcd.dho_optionsoverloaded.dos.patch.gz | patch -p1 || exit 1 + +# Yes, /lib/dhcpcd is correct, even on x86_64. +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sbindir=/sbin \ + --sysconfdir=/etc \ + --dbdir=/var/lib/dhcpcd \ + --libexecdir=/lib/dhcpcd \ + --mandir=/usr/man \ + --with-hooks="50-ntp.conf 50-yp.conf" \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG HOOKSCRIPTS="50-ntp.conf 50-yp.conf" || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Let's not clobber the config file +mv $PKG/etc/dhcpcd.conf $PKG/etc/dhcpcd.conf.new + +# Compress manpages +( cd $PKG/usr/man + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done +) + +mkdir -p $PKG/usr/doc/dhcpcd-$VERSION +cp -a README* $PKG/usr/doc/dhcpcd-$VERSION +zcat $CWD/COPYRIGHT.gz > $PKG/usr/doc/dhcpcd-$VERSION/COPYRIGHT + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/dhcpcd-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/dhcpcd/dhcpcd.dho_optionsoverloaded.dos.patch b/patches/source/dhcpcd/dhcpcd.dho_optionsoverloaded.dos.patch new file mode 100644 index 00000000..77007cf9 --- /dev/null +++ b/patches/source/dhcpcd/dhcpcd.dho_optionsoverloaded.dos.patch @@ -0,0 +1,11 @@ +--- ./dhcp.c.orig 2013-08-02 15:12:22.000000000 -0500 ++++ ./dhcp.c 2014-08-01 15:34:23.681955373 -0500 +@@ -345,7 +345,7 @@ + case DHO_OPTIONSOVERLOADED: + /* Ensure we only get this option once */ + if (!overl) +- overl = p[1]; ++ overl = 0x80 | p[1]; + break; + } + l = *p++; diff --git a/patches/source/dhcpcd/doinst.sh b/patches/source/dhcpcd/doinst.sh new file mode 100644 index 00000000..a1a93b20 --- /dev/null +++ b/patches/source/dhcpcd/doinst.sh @@ -0,0 +1,15 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/dhcpcd.conf.new + diff --git a/patches/source/dhcpcd/slack-desc b/patches/source/dhcpcd/slack-desc new file mode 100644 index 00000000..04859d7c --- /dev/null +++ b/patches/source/dhcpcd/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +dhcpcd: dhcpcd (DHCP client daemon) +dhcpcd: +dhcpcd: The DHCP client program dhcpcd is used to connect to a network by +dhcpcd: contacting a DHCP server. dhcpcd gets an IP address and other +dhcpcd: information from a corresponding DHCP server, configures the network +dhcpcd: interface automatically, and tries to renew the lease time according +dhcpcd: to RFC2131 or RFC1541 depending on the command line option. +dhcpcd: +dhcpcd: +dhcpcd: +dhcpcd: diff --git a/patches/source/dnsmasq/dnsmasq.SlackBuild b/patches/source/dnsmasq/dnsmasq.SlackBuild new file mode 100755 index 00000000..1851fe08 --- /dev/null +++ b/patches/source/dnsmasq/dnsmasq.SlackBuild @@ -0,0 +1,107 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2015, 2017 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo dnsmasq-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-dnsmasq + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf dnsmasq-$VERSION +tar xvf $CWD/dnsmasq-$VERSION.tar.xz || exit 1 +cd dnsmasq-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/dnsmasq.leasedir.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 + +make $NUMJOBS all-i18n PREFIX=/usr MANDIR=/usr/man || exit 1 +make install-i18n PREFIX=/usr DESTDIR=$PKG MANDIR=/usr/man || exit 1 +chmod 0755 $PKG/usr/sbin/dnsmasq + +mkdir -p $PKG/etc/dnsmasq.d + +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/var/state/dnsmasq + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/etc +cat dnsmasq.conf.example > $PKG/etc/dnsmasq.conf.new +mkdir -p $PKG/etc/rc.d +zcat $CWD/rc.dnsmasq.gz > $PKG/etc/rc.d/rc.dnsmasq.new + +mkdir -p $PKG/usr/doc/dnsmasq-$VERSION +cp -a \ + COPYING FAQ doc.html setup.html \ + $PKG/usr/doc/dnsmasq-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGELOG ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat CHANGELOG | head -n 1000 > $DOCSDIR/CHANGELOG + touch -r CHANGELOG $DOCSDIR/CHANGELOG +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/dnsmasq-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/dnsmasq/dnsmasq.leasedir.diff b/patches/source/dnsmasq/dnsmasq.leasedir.diff new file mode 100644 index 00000000..9fec6b43 --- /dev/null +++ b/patches/source/dnsmasq/dnsmasq.leasedir.diff @@ -0,0 +1,24 @@ +diff -Nur dnsmasq-2.52.orig/dnsmasq.conf.example dnsmasq-2.52/dnsmasq.conf.example +--- dnsmasq-2.52.orig/dnsmasq.conf.example 2009-11-25 06:55:16.000000000 -0600 ++++ dnsmasq-2.52/dnsmasq.conf.example 2010-01-22 15:32:41.137807274 -0600 +@@ -415,7 +415,7 @@ + # The DHCP server needs somewhere on disk to keep its lease database. + # This defaults to a sane location, but if you want to change it, use + # the line below. +-#dhcp-leasefile=/var/lib/misc/dnsmasq.leases ++#dhcp-leasefile=/var/state/dnsmasq/dnsmasq.leases + + # Set the DHCP server to authoritative mode. In this mode it will barge in + # and take over the lease for any client which broadcasts on the network, +diff -Nur dnsmasq-2.52.orig/src/config.h dnsmasq-2.52/src/config.h +--- dnsmasq-2.52.orig/src/config.h 2010-01-21 08:22:06.000000000 -0600 ++++ dnsmasq-2.52/src/config.h 2010-01-22 15:32:41.136833058 -0600 +@@ -47,7 +47,7 @@ + # elif defined(__sun__) || defined (__sun) + # define LEASEFILE "/var/cache/dnsmasq.leases" + # else +-# define LEASEFILE "/var/lib/misc/dnsmasq.leases" ++# define LEASEFILE "/var/state/dnsmasq/dnsmasq.leases" + # endif + #endif + diff --git a/patches/source/dnsmasq/doinst.sh b/patches/source/dnsmasq/doinst.sh new file mode 100644 index 00000000..9aadc3e5 --- /dev/null +++ b/patches/source/dnsmasq/doinst.sh @@ -0,0 +1,26 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +preserve_perms() { + NEW="$1" + OLD="$(dirname ${NEW})/$(basename ${NEW} .new)" + if [ -e ${OLD} ]; then + cp -a ${OLD} ${NEW}.incoming + cat ${NEW} > ${NEW}.incoming + mv ${NEW}.incoming ${NEW} + fi + config ${NEW} +} +config etc/dnsmasq.conf.new +preserve_perms etc/rc.d/rc.dnsmasq.new + +# This should be mostly useless... +rm -f etc/rc.d/rc.dnsmasq.new diff --git a/patches/source/dnsmasq/rc.dnsmasq b/patches/source/dnsmasq/rc.dnsmasq new file mode 100644 index 00000000..ce584cbd --- /dev/null +++ b/patches/source/dnsmasq/rc.dnsmasq @@ -0,0 +1,36 @@ +#!/bin/sh +# Start/stop/restart dnsmasq (a small DNS/DHCP server): + +# Start dnsmasq: +dnsmasq_start() { + if [ -x /usr/sbin/dnsmasq ]; then + echo "Starting dnsmasq: /usr/sbin/dnsmasq" + /usr/sbin/dnsmasq + fi +} + +# Stop dnsmasq: +dnsmasq_stop() { + killall dnsmasq +} + +# Restart dnsmasq: +dnsmasq_restart() { + dnsmasq_stop + sleep 1 + dnsmasq_start +} + +case "$1" in +'start') + dnsmasq_start + ;; +'stop') + dnsmasq_stop + ;; +'restart') + dnsmasq_restart + ;; +*) + echo "usage rc.dnsmasq: start|stop|restart" +esac diff --git a/patches/source/dnsmasq/slack-desc b/patches/source/dnsmasq/slack-desc new file mode 100644 index 00000000..3db2c42e --- /dev/null +++ b/patches/source/dnsmasq/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +dnsmasq: dnsmasq (small DNS and DHCP server) +dnsmasq: +dnsmasq: Dnsmasq is a lightweight, easy to configure DNS forwarder and DHCP +dnsmasq: server. It is designed to provide DNS (and optionally DHCP) to a +dnsmasq: small network, and can serve the names of local machines which are not +dnsmasq: in the global DNS. +dnsmasq: +dnsmasq: Dnsmasq was written by Simon Kelley. +dnsmasq: +dnsmasq: Homepage: http://www.thekelleys.org.uk/dnsmasq/ +dnsmasq: diff --git a/patches/source/emacs/doinst.sh b/patches/source/emacs/doinst.sh new file mode 100644 index 00000000..64a3adff --- /dev/null +++ b/patches/source/emacs/doinst.sh @@ -0,0 +1,10 @@ +# Vim ships a better (IMHO) version of ctags, and we don't want +# to overwrite it with this one. If you really want emacs' ctags +# either copy or link it into place yourself, or remove the vim +# packages and reinstall emacs. Besides, does anyone know/use +# *both* emacs and vi? I'd think that would bring the universe +# to an end. ;-) +if [ ! -e usr/bin/ctags ]; then + cp -a usr/bin/ctags-emacs usr/bin/ctags + cp -a usr/man/man1/ctags-emacs.1.gz usr/man/man1/ctags.1.gz +fi diff --git a/patches/source/emacs/emacs.SlackBuild b/patches/source/emacs/emacs.SlackBuild new file mode 100755 index 00000000..e1cc3cd7 --- /dev/null +++ b/patches/source/emacs/emacs.SlackBuild @@ -0,0 +1,190 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012, 2014, 2015, 2017 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# Slackware build script for emacs-22 + +# Written by DuÅ¡an Stefanović (stefanovic.dusan@gmail.com) +# Modified by Robby Workman <rworkman@slackbuilds.org> +# Modified by Patrick Volkerding <volkerdi@slackware.com> + +PKGNAM=emacs +BUILD=${BUILD:-1_slack13.1} +# Determine version number the tarball is labeled with: +TARBALLVER=${TARBALLVER:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +# OK, now what's being used as the source directory version number... account +# for subversions a, b, c, and d in the $TARBALLVER: +SRCDIRVER=$(echo $TARBALLVER | tr -d a | tr -d b | tr -d c | tr -d d) +# I guess this is the main "version"... we don't use this variable anywhere below, but +# defining it is traditional: +VERSION=$SRCDIRVER + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i486 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +elif [ "$ARCH" = "armv7hl" ]; then + SLKCFLAGS="-O2 -march=armv7-a -mfpu=vfpv3-d16" +else + SLKCFLAGS="-O2" +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$TARBALLVER +tar xvf $CWD/$PKGNAM-$TARBALLVER.tar.xz || exit 1 +cd $PKGNAM-$SRCDIRVER || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --program-prefix="" \ + --program-suffix="" \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --without-gconf \ + --without-gsettings \ + --with-x \ + --with-x-toolkit=gtk2 \ + --build=${ARCH}-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +( cd $PKG/usr/bin + rm emacs + mv emacs-${SRCDIRVER} emacs-${TARBALLVER}-with-x11 + ln -sf emacs-${TARBALLVER}-with-x11 emacs +) + +# Also add a version of the binary that is not linked to X11: +cd $TMP +rm -rf $PKGNAM-$TARBALLVER +tar xvf $CWD/$PKGNAM-$TARBALLVER.tar.xz || exit 1 +cd $PKGNAM-$SRCDIRVER || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --program-prefix="" \ + --program-suffix="" \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --without-gconf \ + --without-gsettings \ + --with-x=no \ + --build=${ARCH}-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 + +# Install the non-x version: +cat src/emacs > $PKG/usr/bin/emacs-${TARBALLVER}-no-x11 +chown root:root $PKG/usr/bin/emacs-${TARBALLVER}-no-x11 +chmod 1755 $PKG/usr/bin/emacs-${TARBALLVER}-no-x11 + +# I don't care for broken permissions. +chmod 755 $PKG/var/games/emacs +chown -R root:games $PKG/var/games/emacs +chmod 664 $PKG/var/games/emacs/* + +# This avoids a collision with Exuberant Ctags... +mv $PKG/usr/bin/ctags $PKG/usr/bin/ctags-emacs +if [ -r $PKG/usr/man/man1/ctags.1 ]; then + mv $PKG/usr/man/man1/ctags.1 $PKG/usr/man/man1/ctags-emacs.1 +elif [ -r $PKG/usr/man/man1/ctags.1.gz ]; then + mv $PKG/usr/man/man1/ctags.1.gz $PKG/usr/man/man1/ctags-emacs.1.gz +fi + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +( cd $PKG/usr/man + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +) + +( cd $PKG/usr/info + rm -f dir + gzip -9 * +) + +mkdir -p $PKG/usr/doc/$PKGNAM-$TARBALLVER +cp -a \ + AUTHORS COPYING* INSTALL README* \ + $PKG/usr/doc/$PKGNAM-$TARBALLVER + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$TARBALLVER) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$TARBALLVER-$ARCH-$BUILD.txz + diff --git a/patches/source/emacs/slack-desc b/patches/source/emacs/slack-desc new file mode 100644 index 00000000..94ba8e13 --- /dev/null +++ b/patches/source/emacs/slack-desc @@ -0,0 +1,12 @@ + |-----handy-ruler------------------------------------------------------| +emacs: emacs (GNU Emacs) +emacs: +emacs: Emacs is the extensible, customizable, self-documenting real-time +emacs: display editor. If this seems to be a bit of a mouthful, an +emacs: easier explanation is that Emacs is a text editor and more. At +emacs: its core is an interpreter for Emacs Lisp, a dialect of the Lisp +emacs: programming language with extensions to support text editing. +emacs: This version supports X. +emacs: +emacs: http://www.gnu.org/software/emacs/ +emacs: diff --git a/patches/source/expat/expat.SlackBuild b/patches/source/expat/expat.SlackBuild new file mode 100755 index 00000000..3b5f5f76 --- /dev/null +++ b/patches/source/expat/expat.SlackBuild @@ -0,0 +1,101 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2013, 2017 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=expat +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# Choose an entropy source: +if [ "$ENTROPY" = "" ]; then + #ENTROPY="-DHAVE_GETRANDOM" + #ENTROPY="-DHAVE_SYSCALL_GETRANDOM" + #ENTROPY="-DHAVE_ARC4RANDOM_BUF" + ENTROPY="-DXML_POOR_ENTROPY" +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686 $ENTROPY" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2 $ENTROPY" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC $ENTROPY" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2 $ENTROPY" + LIBDIRSUFFIX="" +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-expat + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf expat-$VERSION +tar xvf $CWD/expat-$VERSION.tar.?z* || exit 1 +cd expat-$VERSION + +chown -R root:root . +find . -perm 777 -exec chmod 755 {} \; +find . -perm 664 -exec chmod 644 {} \; +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --disable-static \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || exit 1 +make install DESTDIR=$PKG || exit 1 + +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +mkdir -p $PKG/usr/doc/expat-$VERSION +cp -a \ + COPYING* Changes README* doc/reference.html \ + $PKG/usr/doc/expat-$VERSION +gzip -9 $PKG/usr/man/man?/*.? +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +makepkg -l y -c n $TMP/expat-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/expat/slack-desc b/patches/source/expat/slack-desc new file mode 100644 index 00000000..348df3c3 --- /dev/null +++ b/patches/source/expat/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +expat: expat (C library for parsing XML) +expat: +expat: This is Expat, a C library for parsing XML, written by James Clark. +expat: Expat is a stream-oriented XML parser used by Python, GNOME, Xft2, +expat: and other things. +expat: +expat: +expat: +expat: +expat: +expat: diff --git a/patches/source/fetchmail/fetchmail.SlackBuild b/patches/source/fetchmail/fetchmail.SlackBuild new file mode 100755 index 00000000..98b24e5d --- /dev/null +++ b/patches/source/fetchmail/fetchmail.SlackBuild @@ -0,0 +1,107 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=fetchmail +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-fetchmail + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf fetchmail-$VERSION +tar xvf $CWD/fetchmail-$VERSION.tar.bz2 || exit 1 +cd fetchmail-$VERSION || exit 1 + +# this is the sloppiest source tarball ever +# [NOTE: *was*... the new maintainers are much better] +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --mandir=/usr/man \ + --enable-nls \ + --with-ssl \ + --program-prefix="" \ + --program-suffix="" \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +( cd $PKG/usr/man/man1 + rm fetchmailconf.1 + gzip -9 * + ln -sf fetchmail.1.gz fetchmailconf.1.gz +) + +mkdir -p $PKG/usr/doc/fetchmail-$VERSION +cp -a \ + ABOUT-NLS COPYING* FAQ FEATURES INSTALL NEWS* NOTES* README* TODO \ + *.html contrib *.lsm \ + $PKG/usr/doc/fetchmail-$VERSION + +rm -rf $PKG/usr/doc/fetchmail-$VERSION/RCS \ + $PKG/usr/doc/fetchmail-$VERSION/contrib/RCS \ + $PKG/usr/doc/fetchmail-$VERSION/fetchmail-man.html + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/fetchmail-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/fetchmail/slack-desc b/patches/source/fetchmail/slack-desc new file mode 100644 index 00000000..7be0c1e4 --- /dev/null +++ b/patches/source/fetchmail/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +fetchmail: fetchmail (mail retrieval and forwarding utility) +fetchmail: +fetchmail: fetchmail is a mail retrieval and forwarding utility. It fetches +fetchmail: mail from a POP, IMAP, or ETRN-capable remote mailserver and forwards +fetchmail: it to your local (client) machine's delivery system. You can then +fetchmail: handle the retrieved mail using normal mail user agents such as elm, +fetchmail: pine, or mutt. The fetchmail utility can be run in a daemon mode to +fetchmail: repeatedly poll one or more systems at a specified interval. +fetchmail: +fetchmail: fetchmail is probably not secure. +fetchmail: diff --git a/patches/source/fixesproto/arch.use.flags b/patches/source/fixesproto/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/fixesproto/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/fixesproto/build/fixesproto b/patches/source/fixesproto/build/fixesproto new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/fixesproto/build/fixesproto @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/fixesproto/configure/configure b/patches/source/fixesproto/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/fixesproto/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/fixesproto/fixesproto.SlackBuild b/patches/source/fixesproto/fixesproto.SlackBuild new file mode 100755 index 00000000..260a042a --- /dev/null +++ b/patches/source/fixesproto/fixesproto.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild proto fixesproto +mv /tmp/x11-build/fixesproto*txz /tmp diff --git a/patches/source/fixesproto/modularize b/patches/source/fixesproto/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/fixesproto/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/fixesproto/noarch b/patches/source/fixesproto/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/fixesproto/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/fixesproto/package-blacklist b/patches/source/fixesproto/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/fixesproto/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/fixesproto/slack-desc/fixesproto b/patches/source/fixesproto/slack-desc/fixesproto new file mode 100644 index 00000000..83cfded0 --- /dev/null +++ b/patches/source/fixesproto/slack-desc/fixesproto @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +fixesproto: fixesproto (C prototypes for X11 X Fixes Extension) +fixesproto: +fixesproto: fixesproto is part of X11. +fixesproto: +fixesproto: For more information about the X.Org Foundation (the providers of the +fixesproto: X.Org implementation of the X Window System), see their website: +fixesproto: +fixesproto: http://www.x.org +fixesproto: +fixesproto: +fixesproto: diff --git a/patches/source/fixesproto/x11.SlackBuild b/patches/source/fixesproto/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/fixesproto/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/freetype/freetype.CVE-2017-8287.diff b/patches/source/freetype/freetype.CVE-2017-8287.diff new file mode 100644 index 00000000..4f4b67b1 --- /dev/null +++ b/patches/source/freetype/freetype.CVE-2017-8287.diff @@ -0,0 +1,31 @@ +From 3774fc08b502c3e685afca098b6e8a195aded6a0 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg <wl@gnu.org> +Date: Sun, 26 Mar 2017 08:32:09 +0200 +Subject: * src/psaux/psobjs.c (t1_builder_close_contour): Add safety guard. + +Reported as + + https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941 + +diff --git a/src/psaux/psobjs.c b/src/psaux/psobjs.c +index d18e821..0baf836 100644 +--- a/src/psaux/psobjs.c ++++ b/src/psaux/psobjs.c +@@ -1718,6 +1718,14 @@ + first = outline->n_contours <= 1 + ? 0 : outline->contours[outline->n_contours - 2] + 1; + ++ /* in malformed fonts it can happen that a contour was started */ ++ /* but no points were added */ ++ if ( outline->n_contours && first == outline->n_points ) ++ { ++ outline->n_contours--; ++ return; ++ } ++ + /* We must not include the last point in the path if it */ + /* is located on the first point. */ + if ( outline->n_points > 1 ) +-- +cgit v1.0-41-gc330 + diff --git a/patches/source/freetype/freetype.SlackBuild b/patches/source/freetype/freetype.SlackBuild new file mode 100755 index 00000000..64be5770 --- /dev/null +++ b/patches/source/freetype/freetype.SlackBuild @@ -0,0 +1,123 @@ +#!/bin/sh + +# Copyright 2005-2012 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=freetype +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | cut -d - -f 2 | rev | cut -f 3- -d . | rev)} +BUILD=${BUILD:-2_slack13.1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-freetype + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf freetype-$VERSION +tar xvf $CWD/freetype-$VERSION.tar.xz || exit 1 +cd freetype-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# This breaks far too many things. Freetype2 developers will have to get their +# punishment on someone else's distribution. +zcat $CWD/freetype.illadvisederror.diff.gz | patch -p1 --verbose || exit 1 + +# The line below enables code patented by Microsoft, so don't uncomment it +# unless you have a license to use the code and take all legal responsibility +# for doing so. +# Please see this web site for more details: +# http://www.freetype.org/patents.html +#zcat $CWD/freetype.subpixel.rendering.diff.gz | patch -p1 --verbose || exit 1 + +# Security fix: +zcat $CWD/freetype.CVE-2017-8287.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +CFLAGS="$SLKCFLAGS" make setup CFG="--prefix=/usr --libdir=/usr/lib${LIBDIRSUFFIX} --build=$ARCH-slackware-linux" +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG + +# This shouldn't be needed (apps should pick up -I/usr/include/freetype2 from +# `freetype-config --cflags` while compiling), but it's so often reported as +# a bug that I'll give in to the point. Now that Freetype1 is pretty much gone +# having this link shouldn't hurt anything. Try not to rely on it, though. +mkdir -p $PKG/usr/include +( cd $PKG/usr/include + rm -rf freetype + ln -sf freetype2 freetype +) + +# Can't imagine a lot of use for this: +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.a + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mv $PKG/usr/share/man $PKG/usr/man +find $PKG/usr/man -type f -exec gzip -9 {} \; + +mkdir -p $PKG/usr/doc/freetype-$VERSION +cp -a \ + docs \ + README \ + $PKG/usr/doc/freetype-$VERSION +# too much +rm -rf $PKG/usr/doc/freetype-$VERSION/docs/reference + +mkdir $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/freetype-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/freetype/freetype.illadvisederror.diff b/patches/source/freetype/freetype.illadvisederror.diff new file mode 100644 index 00000000..b0a33694 --- /dev/null +++ b/patches/source/freetype/freetype.illadvisederror.diff @@ -0,0 +1,31 @@ +diff -Nur freetype-2.5.3.orig/include/freetype.h freetype-2.5.3/include/freetype.h +--- freetype-2.5.3.orig/include/freetype.h 2014-03-06 12:10:31.661681917 -0600 ++++ freetype-2.5.3/include/freetype.h 2014-05-12 01:41:42.002526416 -0500 +@@ -20,13 +20,20 @@ + #define __FREETYPE_H__ + + +-#ifndef FT_FREETYPE_H +-#error "`ft2build.h' hasn't been included yet!" +-#error "Please always use macros to include FreeType header files." +-#error "Example:" +-#error " #include <ft2build.h>" +-#error " #include FT_FREETYPE_H" +-#endif ++/***************************************************************************/ ++/* */ ++/* If you think breaking almost 100% of all source that links with */ ++/* freetype (anything using a configure file for sure) is a good idea, */ ++/* then feel free to uncomment this block. */ ++/* */ ++/* #ifndef FT_FREETYPE_H */ ++/* #error "`ft2build.h' hasn't been included yet!" */ ++/* #error "Please always use macros to include FreeType header files." */ ++/* #error "Example:" */ ++/* #error " #include <ft2build.h>" */ ++/* #error " #include FT_FREETYPE_H" */ ++/* #endif */ ++/***************************************************************************/ + + + #include <ft2build.h> diff --git a/patches/source/freetype/freetype.subpixel.rendering.diff b/patches/source/freetype/freetype.subpixel.rendering.diff new file mode 100644 index 00000000..ab3d479e --- /dev/null +++ b/patches/source/freetype/freetype.subpixel.rendering.diff @@ -0,0 +1,11 @@ +--- ./include/config/ftoption.h.orig 2014-03-01 05:27:34.842960857 -0600 ++++ ./include/config/ftoption.h 2014-08-27 13:43:07.351974078 -0500 +@@ -92,7 +92,7 @@ + /* This is done to allow FreeType clients to run unmodified, forcing */ + /* them to display normal gray-level anti-aliased glyphs. */ + /* */ +-/* #define FT_CONFIG_OPTION_SUBPIXEL_RENDERING */ ++#define FT_CONFIG_OPTION_SUBPIXEL_RENDERING + + + /*************************************************************************/ diff --git a/patches/source/freetype/slack-desc b/patches/source/freetype/slack-desc new file mode 100644 index 00000000..0d179401 --- /dev/null +++ b/patches/source/freetype/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +freetype: freetype (A Free, High-Quality, and Portable Font Engine) +freetype: +freetype: The FreeType engine is a free and portable TrueType font rendering +freetype: engine. It has been developed to provide TrueType support to a +freetype: great variety of platforms and environments. +freetype: +freetype: +freetype: +freetype: +freetype: +freetype: diff --git a/patches/source/ghostscript/cidfmap b/patches/source/ghostscript/cidfmap new file mode 100644 index 00000000..0303f66f --- /dev/null +++ b/patches/source/ghostscript/cidfmap @@ -0,0 +1,118 @@ +%! +% $Id: cidfmap 6300 2005-12-28 19:56:24Z giles $ +% This is a sample map file for CIDFont category. + +% +% The map is a set of records, which must use one of the two formats : +% +% 1. A substutution of a CIF font with another CID font : +% +% /substituted /original ; +% +% Where 'substituted' is a name being used in a document, +% 'original' is a name of an available resource. +% +% 2. A substutution of a CIF font with a True Type font : +% +% /substituted << /FileType /TrueType /Path (path) /SunfontID 1 /CSI [(ordering) supplement] >> ; +% +% Where 'substituted' is a name being used in a document, +% 'path' is a path to a True Type font file, +% 'ordering' is a value of Ordering required for CIDSystemInfo dictionary, +% 'supplement' is a value of Supplement required for CIDSystemInfo dictionary. +% +% Examples : +% +% /ShinGo-Bold /HeiseiKakuGo-W5 ; +% /Ryumin-Medium << /FileType /TrueType /Path (H:/AuxFiles/Fonts/BATANG.TTC) /SubfontID 3 /CSI [(Japan1) 2] >> ; +% + + +%% cidfmap.zh_CN (simplified Chinese ; zh_CN) +%% This font will produce better results than the wqy-zenhei.ttf that we use +%% to get out-of-the-box output. +%% If you install it, uncomment the line below and comment the one below that. +%/BousungEG-Light-GB << /FileType /TrueType /Path (uming.ttf) /CSI [(GB1) 4] >> ; +/BousungEG-Light-GB << /FileType /TrueType /Path (wqy-zenhei.ttf) /CSI [(GB1) 4] >> ; +%% This font will produce better results than the wqy-zenhei.ttf that we use +%% to get out-of-the-box output. +%% If you install it, uncomment the line below and comment the one below that. +%/GBZenKai-Medium << /FileType /TrueType /Path (ukai.ttf) /CSI [(GB1) 4] >> ; +/GBZenKai-Medium << /FileType /TrueType /Path (wqy-zenhei.ttf) /CSI [(GB1) 4] >> ; +/MSungGBK-Light << /FileType /TrueType /Path (wqy-zenhei.ttf) /CSI [(GB1) 4] >> ; +/MSung-Light /MSungGBK-Light ; +/MSung-Medium /GBZenKai-Medium ; +/MHei-Medium /BousungEG-Light-GB ; +/MKai-Medium /GBZenKai-Medium ; +/STSong-Light /BousungEG-Light-GB ; +/STFangsong-Light /BousungEG-Light-GB ; +/STHeiti-Regular /MSungGBK-Light ; +/STKaiti-Regular /GBZenKai-Medium ; +/Adobe-GB1 /BousungEG-Light-GB ; + +%% cidfmap.zh_TW (traditional Chinese ; zh_TW) +%% To use this example, install the missing uming.ttf and ukai.ttf fonts, and +%% uncomment everything in the block below. Also, fix the simplified Chinese +%% block as described above for "better output" so that there is no +%% interference (or comment the whole block out). +%/BousungEG-Light-GB << /FileType /TrueType /Path (uming.ttf) /CSI [(CNS1) 4] >> ; +%/ZenKai-Medium << /FileType /TrueType /Path (ukai.ttf) /CSI [(CNS1) 4] >> ; +%/ShanHeiSun-Light << /FileType /TrueType /Path (wqy-zenhei.ttf) /CSI [(CNS1) 4] >> ; +%/STSong-Light /BousungEG-Light-GB ; +%/STKaiti-Regular /ZenKai-Medium-GB ; +%/STFangsong-Light /BousungEG-Light ; +%/STHeiti-Regular /MHei-Medium ; +%/MSung-Light /BousungEG-Light-GB ; +%/MSung-Medium /ZenKai-Medium ; +%/MHei-Medium /ShanHeiSun-Light ; +%/MKai-Medium /ZenKai-Medium ; +%/Adobe-CNS1 /BousungEG-Light-GB ; + +%% cidfmap.ja +/Sazanami-Gothic << /FileType /TrueType /Path (sazanami-gothic.ttf) /CSI [(Japan1) 6] >> ; +/Sazanami-Gothic-Regular /Sazanami-Gothic ; +/Sazanami-Gothic-JaH << /FileType /TrueType /Path (sazanami-gothic.ttf) /CSI [(Japan2) 0] >> ; +/Sazanami-Gothic-Regular-JaH /Sazanami-Gothic-JaH ; +/Sazanami-Mincho << /FileType /TrueType /Path (sazanami-mincho.ttf) /CSI [(Japan1) 6] >> ; +/Sazanami-Mincho-Regular /Sazanami-Mincho ; +/Sazanami-Mincho-JaH << /FileType /TrueType /Path (sazanami-mincho.ttf) /CSI [(Japan2) 0] >> ; +/Sazanami-Mincho-Regular-JaH /Sazanami-Mincho-JaH ; +/Ryumin-Light /Sazanami-Mincho ; +/Ryumin-Light-H /Sazanami-Mincho ; +/GothicBBB-Medium /Sazanami-Gothic ; +/GothicBBB-Medium-V /Sazanami-Gothic ; +/HeiseiMin-W3 /Ryumin-Light ; +/HeiseiKakuGo-W5 /GothicBBB-Medium ; +/HeiseiMin-W3-Acro /Ryumin-Light ; +/HeiseiKaKuGo-W5-Acro /GothicBBB-Medium ; +/Kochi-Gothic /Sazanami-Gothic ; +/Kochi-Mincho /Sazanami-Mincho ; +/WadaMin-Regular /Sazanami-Mincho ; +/WadaMin-Bold /Sazanami-Mincho ; +/WadaGo-Regular /Sazanami-Gothic ; +/WadaGo-Bold /Sazanami-Gothic ; +/Adobe-Japan1 /Sazanami-Gothic ; +/Adobe-Japan2 /Sazanami-Gothic-JaH ; + +%% cidfmap.ko +%% To enable Korean printing support, install the fonts shown in the example +%% here and uncomment the block below: +%/Baekmuk-Batang << /FileType /TrueType /Path (batang.ttf) /CSI [(Korea1) 2] >> ; +%/Baekmuk-Batang-Regular /Baekmuk-Batang ; +%/Baekmuk-Dotum << /FileType /TrueType /Path (dotum.ttf) /CSI [(Korea1) 2] >> ; +%/Baekmuk-Dotum-Regular /Baekmuk-Dotum ; +%/Baekmuk-Gulim << /FileType /TrueType /Path (gulim.ttf) /CSI [(Korea1) 2] >> ; +%/Baekmuk-Gulim-Regular /Baekmuk-Gulim ; +%/Baekmuk-Headline << /FileType /TrueType /Path (hline.ttf) /CSI [(Korea1) 2] >> ; +%/Baekmuk-Headline-Regular /Baekmuk-Headline ; +%/Adobe-Korea1 /Baekmuk-Batang ; + +%/BousungEG-Light-GB << /FileType /TrueType /Path (uming.ttf) /CSI [(GB1) 4] >> ; +%/GBZenKai-Medium << /FileType /TrueType /Path (ukai.ttf) /CSI [(GB1) 4] >> ; +%/MSungGBK-Light /BousungEG-Light-GB ; +%/Adobe-GB1 /BousungEG-Light-GB ; + +%/ZenKai-Medium << /FileType /TrueType /Path (ukai.ttf) /CSI [(CNS1) 4] >> ; +%/ShanHeiSun-Light << /FileType /TrueType /Path (uming.ttf) /CSI [(CNS1) 4] >> ; +%/Adobe-CNS1 /ShanHeiSun-Light ; + diff --git a/patches/source/ghostscript/ghostscript-pdf2dsc.patch b/patches/source/ghostscript/ghostscript-pdf2dsc.patch new file mode 100644 index 00000000..31b6b544 --- /dev/null +++ b/patches/source/ghostscript/ghostscript-pdf2dsc.patch @@ -0,0 +1,12 @@ +diff -up ghostscript-8.71/lib/pdf2dsc.ps.pdf2dsc ghostscript-8.71/lib/pdf2dsc.ps +--- ghostscript-8.71/lib/pdf2dsc.ps.pdf2dsc 2010-02-20 15:50:51.287734970 +0000 ++++ ghostscript-8.71/lib/pdf2dsc.ps 2010-02-20 15:51:02.902609964 +0000 +@@ -116,7 +116,7 @@ systemdict /.setsafe known { .setsafe } + DSCfile PDFname write==only + ( \(r\) file { DELAYSAFER { .setsafe } if } stopped pop\n) puts + ( pdfopen begin\n) puts +- ( copy_trailer_attrs\n) puts ++ ( process_trailer_attrs\n) puts + (%%EndSetup\n) puts + + /.hasPageLabels false def % see "Page Labels" in the PDF Reference diff --git a/patches/source/ghostscript/ghostscript.SlackBuild b/patches/source/ghostscript/ghostscript.SlackBuild new file mode 100755 index 00000000..e3ce584f --- /dev/null +++ b/patches/source/ghostscript/ghostscript.SlackBuild @@ -0,0 +1,190 @@ +#!/bin/sh + +# Copyright 2006, 2007, 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=ghostscript +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-3_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +cd $TMP +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.?z* || exit 1 +cd ${PKGNAM}-$VERSION + +zcat $CWD/ghostscript-pdf2dsc.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/ghostscript.fix_black_page.diff.gz | patch -p1 --verbose || exit 1 + +## Regenerate ./configure: +#sh autogen.sh + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Build/install IJS: +( cd ijs + if [ ! -r configure ]; then + sh autogen.sh + fi + CFLAGS="$SLKCFLAGS" \ + ./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --program-prefix= \ + --program-suffix= \ + --build=$ARCH-slackware-linux + make || exit 1 + make install || exit 1 + make install DESTDIR=$PKG || exit 1 +) || exit 1 + +# Configure: +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --with-fontpath=/usr/share/fonts/TTF \ + --with-ijs \ + --disable-compile-inits \ + --enable-dynamic \ + --enable-cairo=no \ + --program-prefix= \ + --program-suffix= \ + --build=$ARCH-slackware-linux + +# Build and install: +make || exit 1 +make install DESTDIR=$PKG || exit 1 +make clean || exit 1 +make so || exit 1 +make soinstall DESTDIR=$PKG || exit 1 + +# Replace the default cidfmap with one containing additional +# support for CJK printing: + +if [ -r $PKG/usr/share/ghostscript/${VERSION}/Resource/Init/cidfmap ]; then + mv $PKG/usr/share/ghostscript/${VERSION}/Resource/Init/cidfmap $PKG/usr/share/ghostscript/${VERSION}/Resource/Init/cidfmap.default.ghostscript-${VERSION} + zcat $CWD/cidfmap.gz > $PKG/usr/share/ghostscript/${VERSION}/Resource/Init/cidfmap.new +fi + +# Strip binaries: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) +fi + +# Compress info files, if any: +if [ -d $PKG/usr/info ]; then + ( cd $PKG/usr/info + rm -f dir + gzip -9 * + ) +fi + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +( cd doc + cp -a \ + COPYING ../LICENSE README \ + $PKG/usr/doc/${PKGNAM}-$VERSION +) +( cd $PKG/usr/doc/${PKGNAM}-$VERSION + ln -sf /usr/share/ghostscript/$VERSION/doc doc +) + +cd $TMP +cp -a ${PKGNAM}-${VERSION}/examples/cjk $PKG/usr/share/ghostscript/${VERSION}/examples/ + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +cat << EOF > $PKG/install/doinst.sh +#!/bin/sh +config() { + NEW="\$1" + OLD="\$(dirname \$NEW)/\$(basename \$NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r \$OLD ]; then + mv \$NEW \$OLD + elif [ "\$(cat \$OLD | md5sum)" = "\$(cat \$NEW | md5sum)" ]; then # toss the redundant copy + rm \$NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config usr/share/ghostscript/${VERSION}/Resource/Init/cidfmap.new +EOF + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/ghostscript/ghostscript.fix_black_page.diff b/patches/source/ghostscript/ghostscript.fix_black_page.diff new file mode 100644 index 00000000..afcbf473 --- /dev/null +++ b/patches/source/ghostscript/ghostscript.fix_black_page.diff @@ -0,0 +1,99 @@ +From 6d26e9b1c38d8c0f0ab4af42c513cb23f3ae1656 Mon Sep 17 00:00:00 2001 +From: till <till@a1074d23-0009-0410-80fe-cf8c14f379e6> +Date: Tue, 9 Mar 2010 16:35:06 +0000 +Subject: [PATCH] Fixes on CUPS Raster output device: + - Fixed memory reallocation on bitmap size change. Reallocation is not only + needed when dimendions and margins change, but also when the color depth + changes. Fixes bugs #691029 and #691108. + - Fixed arrayoption() macro in cups_put_params() function. Array values did + not get actually set in cups.header data structure. Bug only showed via + a compiler warning. + - Silenced compiler warning by presetting c0..c3 in cups_map_cmyk() to zero. + +git-svn-id: http://svn.ghostscript.com/ghostscript/trunk/gs@10890 a1074d23-0009-0410-80fe-cf8c14f379e6 +--- + cups/gdevcups.c | 32 +++++++++++++++++++++++--------- + 1 files changed, 23 insertions(+), 9 deletions(-) + +diff --git a/cups/gdevcups.c b/cups/gdevcups.c +index 551b806..4000abf 100644 +--- a/cups/gdevcups.c ++++ b/cups/gdevcups.c +@@ -975,7 +975,8 @@ cups_map_cmyk(gx_device *pdev, /* I - Device info */ + frac k, /* I - Black value */ + frac *out) /* O - Device colors */ + { +- int c0, c1, c2, c3; /* Temporary color values */ ++ int c0 = 0, c1 = 0, ++ c2 = 0, c3 = 0; /* Temporary color values */ + float rr, rg, rb, /* Real RGB colors */ + ciex, ciey, ciez, /* CIE XYZ colors */ + ciey_yn, /* Normalized luminance */ +@@ -2703,9 +2704,13 @@ cups_put_params(gx_device *pdev, /* I - Device info */ + int color_set; /* Were the color attrs set? */ + gdev_prn_space_params sp; /* Space parameter data */ + int width, /* New width of page */ +- height; /* New height of page */ ++ height, /* New height of page */ ++ colorspace, /* New color space */ ++ bitspercolor; /* New bits per color */ + static int width_old = 0, /* Previous width */ +- height_old = 0; /* Previous height */ ++ height_old = 0, /* Previous height */ ++ colorspace_old = 0,/* Previous color space */ ++ bitspercolor_old = 0;/* Previous bits per color */ + ppd_attr_t *backside = NULL, + *backsiderequiresflippedmargins = NULL; + float swap; +@@ -2800,9 +2805,10 @@ cups_put_params(gx_device *pdev, /* I - Device info */ + else if (code == 0) \ + { \ + dprintf1("DEBUG: Setting %s to", sname); \ +- for (i = 0; i < count; i ++) \ +- dprintf1(" %d", (unsigned)(arrayval.data[i])); \ +- cups->header.name[i] = (unsigned)arrayval.data[i]; \ ++ for (i = 0; i < count; i ++) { \ ++ dprintf1(" %d", (unsigned)(arrayval.data[i])); \ ++ cups->header.name[i] = (unsigned)(arrayval.data[i]); \ ++ } \ + dprintf("...\n"); \ + } + +@@ -3243,23 +3249,31 @@ cups_put_params(gx_device *pdev, /* I - Device info */ + } + #endif /* CUPS_RASTER_SYNCv1 */ + ++ colorspace = cups->header.cupsColorSpace; ++ bitspercolor = cups->header.cupsBitsPerColor; ++ + /* + * Don't reallocate memory unless the device has been opened... + * Also reallocate only if the size has actually changed... + */ + +- if (pdev->is_open && (width != width_old || height != height_old)) ++ if (pdev->is_open && ++ (width != width_old || height != height_old || ++ colorspace != colorspace_old || bitspercolor != bitspercolor_old)) + { + + width_old = width; + height_old = height; ++ colorspace_old = colorspace; ++ bitspercolor_old = bitspercolor; + + /* + * Device is open and size has changed, so reallocate... + */ + +- dprintf4("DEBUG2: Reallocating memory, [%.0f %.0f] = %dx%d pixels...\n", +- pdev->MediaSize[0], pdev->MediaSize[1], width, height); ++ dprintf6("DEBUG2: Reallocating memory, [%.0f %.0f] = %dx%d pixels, color space: %d, bits per color: %d...\n", ++ pdev->MediaSize[0], pdev->MediaSize[1], width, height, ++ colorspace, bitspercolor); + + sp = ((gx_device_printer *)pdev)->space_params; + +-- +1.6.6.1 + diff --git a/patches/source/ghostscript/slack-desc b/patches/source/ghostscript/slack-desc new file mode 100644 index 00000000..1ac40827 --- /dev/null +++ b/patches/source/ghostscript/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +ghostscript: ghostscript (GPL Ghostscript) +ghostscript: +ghostscript: GPL Ghostscript is an interpreter of Adobe Systems' PostScript(tm) +ghostscript: and Portable Document Format (PDF) languages. Ghostscript is an +ghostscript: essential part of the printing subsystem, taking PostScript output +ghostscript: from applications and converting it into an appropriate printer or +ghostscript: display format. Ghostscript supports many printers directly, and +ghostscript: more are supported through add-on packages. +ghostscript: +ghostscript: +ghostscript: diff --git a/patches/source/git/git-2.14.1.tar.sign b/patches/source/git/git-2.14.1.tar.sign Binary files differnew file mode 100644 index 00000000..2dffd4d3 --- /dev/null +++ b/patches/source/git/git-2.14.1.tar.sign diff --git a/patches/source/git/git.SlackBuild b/patches/source/git/git.SlackBuild new file mode 100755 index 00000000..fec444f2 --- /dev/null +++ b/patches/source/git/git.SlackBuild @@ -0,0 +1,170 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2016 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +BUILD=${BUILD:-1_slack13.1} + +PKGNAM=git +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | cut -d - -f 2 | rev | cut -f 3- -d . | rev)} +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +eval $(perl '-V:installvendorlib') +PERLDIR=$installvendorlib/$ARCH-linux-thread-multi/auto + +if ls /var/log/packages/git-* 1> /dev/null 2> /dev/null ; then + echo "The git package needs to be removed before building to ensure that" + echo "the perl modules are included in the new package." + echo + echo "Removing the git package in 15 seconds, and then continuing with the build." + sleep 15 + removepkg git +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-git + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf git-$VERSION +tar xvf $CWD/git-$VERSION.tar.?z* || exit 1 +cd git-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +mkdir -p $PKG/usr/doc/git-$VERSION +cp -a \ + COPYING* INSTALL README \ + Documentation \ + contrib \ + $PKG/usr/doc/git-$VERSION +( cd $PKG/usr/doc/git-$VERSION/Documentation ; rm *.1 *.3 *.7 ) +( cd $PKG/usr/doc/git-$VERSION && find . -name ".git*" -exec rm -r "{}" \; ) + +make $NUMJOBS \ + prefix=/usr \ + mandir=/usr/man \ + CFLAGS="$SLKCFLAGS" \ + INSTALLDIRS=vendor \ + ASCIIDOC8=YesPlease \ + all doc || exit 1 + +make \ + prefix=/usr \ + mandir=/usr/man \ + "CFLAGS=$SLKCFLAGS" \ + INSTALLDIRS=vendor \ + ASCIIDOC8=YesPlease \ + install \ + install-doc \ + DESTDIR=$PKG || exit 1 + +mv $PKG/usr/share/man/man3 $PKG/usr/man +rmdir $PKG/usr/share/man + +# Don't stomp on perl's file: +rm -f $PKG/usr/lib*/perl5/perllocal.pod + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Since Stuart Winter hates hard links. ;-) +# +# Switch a hard link with a soft link: +( cd $PKG/usr/bin + find . -links +1 -not -name git | while read gitfile ; do + if [ git -ef $gitfile ]; then + rm -vf $gitfile + ln -vfs git $gitfile + fi + done +) + +# This removes our DESTDIR from the packlist filenames, to keep perl's +# internal inventories consistent and correct. +find $PKG -name .packlist | while read plist ; do + sed -e "s%/share/man%/man%g" \ + -e "s%$PKG%%g" \ + -e "s%\.1$%\.1\.gz%g" \ + -e "s%\.2$%\.2\.gz%g" \ + -e "s%\.3$%\.3\.gz%g" \ + -e "s%\.3pm$%\.3pm\.gz%g" \ + -e "s%\.4$%\.4\.gz%g" \ + -e "s%\.5$%\.5\.gz%g" \ + -e "s%\.6$%\.6\.gz%g" \ + -e "s%\.7$%\.7\.gz%g" \ + -e "s%\.8$%\.8\.gz%g" \ + ${plist} > ${plist}.new + mv -f ${plist}.new ${plist} +done + +# This is junk: +eval $(perl '-V:privlib') +( cd $PKG$(dirname $privlib) && rm -rf 5.* ) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/git-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/git/git.url b/patches/source/git/git.url new file mode 100644 index 00000000..a4c15db3 --- /dev/null +++ b/patches/source/git/git.url @@ -0,0 +1 @@ +https://www.kernel.org/pub/software/scm/git/ diff --git a/patches/source/git/slack-desc b/patches/source/git/slack-desc new file mode 100644 index 00000000..271b863a --- /dev/null +++ b/patches/source/git/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +git: git (the stupid content tracker) +git: +git: Git is a fast, scalable, distributed revision control system with an +git: unusually rich command set that provides both high-level operations +git: and full access to internals. +git: +git: "git" can mean anything, depending on your mood. +git: +git: Git was originally written by Linus Torvalds and is currently +git: maintained by Junio C. Hamano. +git: diff --git a/patches/source/glibc-zoneinfo/doinst.sh b/patches/source/glibc-zoneinfo/doinst.sh new file mode 100644 index 00000000..3c86f65e --- /dev/null +++ b/patches/source/glibc-zoneinfo/doinst.sh @@ -0,0 +1,57 @@ +# In order to properly handle time before /usr is mounted (in +# the event that /usr is a separate partition, which for a number +# of reasons isn't really a great idea), the /etc/localtime file +# should be a copy of the desired zoneinfo file and not a symlink +# to a file in /usr/share/zoneinfo. But if we find a symlink here +# we should defer to the admin's wishes and leave it alone. +# +# Note that setting the timezone with timeconfig will wipe both +# /etc/localtime and /etc/localtime-copied from. +# /etc/localtime-copied-from will be a symlink to a file under +# /usr/share/zoneinfo, and /etc/localtime will be a copy of that file. + +# In a special case, we will handle the removal of the US/Pacific-New +# timezone. A bit of background information on this: +# +# "US/Pacific-New' stands for 'Pacific Presidential Election Time', +# which was passed by the House in April 1989 but never signed into law. +# In presidential election years, this rule would have delayed the +# PDT-to-PST switchover until after the election, to lessen the effect +# of broadcast news election projections on last-minute west-coast +# voters. " +# +# In nearly all cases, a machine that uses the US/Pacific-New timezone +# has chosen it by mistake. In 2016, having this as the system timezone +# actually led to clock errors, and after that it was decided that the +# timezone (only of historical interest anyway) should be removed from +# the timezone database. +# +# If we see that the machine's localtime-copied-from symlink is pointing +# to US/Pacific-New, change it to point to US/Pacific instead. +if [ "$(/bin/ls -l etc/localtime-copied-from | rev | cut -f 1,2 -d / | rev)" = "US/Pacific-New" ]; then + ( cd etc ; rm -rf localtime-copied-from ) + ( cd etc ; ln -sf /usr/share/zoneinfo/US/Pacific localtime-copied-from ) +fi + +# If we have no /etc/localtime, but we do have a localtime-copied-from +# symlink to locate what we would want there, then add a copy now: +if [ ! -r etc/localtime -a -L etc/localtime-copied-from ]; then + chroot . /bin/cp etc/localtime-copied-from etc/localtime +fi + +# Add the default timezone in /etc, if none exists: +if [ ! -r etc/localtime -a ! -L etc/localtime-copied-from ]; then + ( cd etc ; rm -rf localtime localtime-copied-from ) + ( cd etc ; ln -sf /usr/share/zoneinfo/Factory localtime-copied-from ) +fi + +# Make sure /etc/localtime is updated, unless it is a symlink (in which +# case leave it alone): +if [ ! -L etc/localtime ]; then + chroot . /bin/cp etc/localtime-copied-from etc/localtime +fi + +# Add a link to the timeconfig script in /usr/share/zoneinfo: +( cd usr/share/zoneinfo ; rm -rf timeconfig ) +( cd usr/share/zoneinfo ; ln -sf /usr/sbin/timeconfig timeconfig ) +### Make the rest of the symbolic links in the zoneinfo database: diff --git a/patches/source/glibc-zoneinfo/glibc-zoneinfo.SlackBuild b/patches/source/glibc-zoneinfo/glibc-zoneinfo.SlackBuild new file mode 100755 index 00000000..26c9209d --- /dev/null +++ b/patches/source/glibc-zoneinfo/glibc-zoneinfo.SlackBuild @@ -0,0 +1,147 @@ +#!/bin/sh + +# Copyright 2015, 2016, 2018 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=glibc-zoneinfo +ZONE_VERSIONS="$(echo tzdata* | cut -f1 -d . | cut -b7-11)" +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i486 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-DHAVE_SNPRINTF=1 -O2 -march=i386 -mcpu=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-DHAVE_SNPRINTF=1 -O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-DHAVE_SNPRINTF=1 -O2 -march=i586 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-DHAVE_SNPRINTF=1 -O2 -march=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-DHAVE_SNPRINTF=1 -O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-DHAVE_SNPRINTF=1 -O2 -fPIC" + LIBDIRSUFFIX="64" +elif [ "$ARCH" = "armv7hl" ]; then + SLKCFLAGS="-DHAVE_SNPRINTF=1 -O3 -march=armv7-a -mfpu=vfpv3-d16" + LIBDIRSUFFIX="" +else + SLKCFLAGS="-DHAVE_SNPRINTF=1 -O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG/etc + +# Build and install the zoneinfo database: +cd $TMP +rm -rf tzcodedata-build +mkdir tzcodedata-build +cd tzcodedata-build +tar xzf $CWD/tzdata?????.tar.gz +tar xzf $CWD/tzcode?????.tar.gz + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +sed -i "s,/usr/local,$(pwd),g" Makefile +sed -i "s,/etc/zoneinfo,/zoneinfo,g" Makefile +sed -i "s,^CFLAGS=,CFLAGS= $SLKCFLAGS,g" Makefile +make +make install DESTDIR=$PKG/stage + +# Install the primary zone files: +mkdir -p $PKG/usr/share +mv $PKG/stage/usr/share/zoneinfo $PKG/usr/share + +# These are all identical to the normal zoneinfo files, so let's hard link +# them to save space: +cp -al $PKG/usr/share/zoneinfo $PKG/usr/share/posix +mv $PKG/usr/share/posix $PKG/usr/share/zoneinfo + +# Install the "right" files: +mkdir -p $PKG/usr/share/zoneinfo/right +cp -a $PKG/stage/usr/share/zoneinfo-leaps/* $PKG/usr/share/zoneinfo/right + +# Clean up staged file residue: +rm -rf $PKG/stage + +# Remove $PKG/usr/share/zoneinfo/localtime -- the install script will +# create it as a link to /etc/localtime. +rm -f $PKG/usr/share/zoneinfo/localtime + +# Install some scripts to help select a timezone: +mkdir -p $PKG/var/log/setup +cp -a $CWD/timezone-scripts/setup.timeconfig $PKG/var/log/setup +chown root:root $PKG/var/log/setup/setup.timeconfig +chmod 755 $PKG/var/log/setup/setup.timeconfig +mkdir -p $PKG/usr/sbin +cp -a $CWD/timezone-scripts/timeconfig $PKG/usr/sbin +chown root:root $PKG/usr/sbin/timeconfig +chmod 755 $PKG/usr/sbin/timeconfig +( cd $CWD/timezone-scripts + # Try to rebuild this: + sh output-updated-timeconfig.sh $PKG/usr/share/zoneinfo > $PKG/usr/sbin/timeconfig 2> /dev/null +) +# Note in timeconfig which zoneinfo database was used: +sed -i "s/# ChangeLog:/# ChangeLog:\n# $(date '+%Y-%m-%d'): Updated timezones from tzdata${ZONE_VERSIONS}./g" $PKG/usr/sbin/timeconfig + +# Don't forget to add the /usr/share/zoneinfo/localtime -> /etc/localtime symlink! :) +if [ ! -r $PKG/usr/share/zoneinfo/localtime ]; then + ( cd $PKG/usr/share/zoneinfo ; ln -sf /etc/localtime . ) +fi + +mkdir -p $PKG/usr/doc/glibc-zoneinfo-$ZONE_VERSIONS +cp -a \ + CONTRIBUTING NEWS README Theory \ + $PKG/usr/doc/glibc-zoneinfo-$ZONE_VERSIONS + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +makepkg -l y -c n $TMP/glibc-zoneinfo-$ZONE_VERSIONS-noarch-$BUILD.txz + diff --git a/patches/source/glibc-zoneinfo/slack-desc b/patches/source/glibc-zoneinfo/slack-desc new file mode 100644 index 00000000..69420f78 --- /dev/null +++ b/patches/source/glibc-zoneinfo/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +glibc-zoneinfo: glibc-zoneinfo (timezone database) +glibc-zoneinfo: +glibc-zoneinfo: This package allows you to configure your time zone. +glibc-zoneinfo: +glibc-zoneinfo: This timezone database comes from the tzdata and tzcode packages by +glibc-zoneinfo: Arthur David Olson et.al. The latest version and more information +glibc-zoneinfo: may be found at: http://www.iana.org/time-zones +glibc-zoneinfo: +glibc-zoneinfo: Use the timeconfig utility to set your local time zone. +glibc-zoneinfo: +glibc-zoneinfo: diff --git a/patches/source/glibc-zoneinfo/timezone-scripts/output-updated-timeconfig.sh b/patches/source/glibc-zoneinfo/timezone-scripts/output-updated-timeconfig.sh new file mode 100755 index 00000000..268e4c6c --- /dev/null +++ b/patches/source/glibc-zoneinfo/timezone-scripts/output-updated-timeconfig.sh @@ -0,0 +1,60 @@ +#!/bin/sh +# Copyright 2000, 2001, 2006, 2007, 2008, 2012 Patrick J. Volkerding, Sebeka, MN, USA. +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +if [ ! "$(basename "$1")" = "zoneinfo" -o ! -d "$1" ]; then + echo " Usage: output-updated-timeconfig.sh <zoneinfo directory>" + exit 1 +fi + +CWD=$(pwd) +cat $CWD/parts/00 +# Sorry, I'd rather not be US-centric but some people here have a hard +# time finding things. ;-) +( cd $1 + find . -type f | xargs file | grep "timezone data" | cut -f 1 -d : | cut -f 2- -d / | sort | grep "^US/" | while read zone ; do + echo "\"${zone}\" \" \" \\" + done +) +# Don't list right/ and posix/ zones, as these are wrong choices for most +# people. posix/ is just a duplicate of the normal zones, while right/ do +# not include leap seconds. Anyone actually needing something from one of +# those trees will have no problem selecting it by manually adjusting +# /etc/localtime. +( cd $1 + find . -type f | xargs file | grep "timezone data" | cut -f 1 -d : | cut -f 2- -d / | sort | grep -v "^US/" | grep -v "^posix/" | grep -v "^right/" | while read zone ; do + echo "\"${zone}\" \" \" \\" + done +) +cat $CWD/parts/02 +# US/ first: +( cd $1 + find . -type f | xargs file | grep "timezone data" | cut -f 1 -d : | cut -f 2- -d / | sort | grep "^US/" | while read zone ; do + echo "${zone}" + done +) +# Don't list right/ and posix/ zones: +( cd $1 + find . -type f | xargs file | grep "timezone data" | cut -f 1 -d : | cut -f 2- -d / | sort | grep -v "^US/" | grep -v "^posix/" | grep -v "^right/" | while read zone ; do + echo "${zone}" + done +) +cat $CWD/parts/04 diff --git a/patches/source/glibc-zoneinfo/timezone-scripts/parts/00 b/patches/source/glibc-zoneinfo/timezone-scripts/parts/00 new file mode 100644 index 00000000..678094e1 --- /dev/null +++ b/patches/source/glibc-zoneinfo/timezone-scripts/parts/00 @@ -0,0 +1,132 @@ +#!/bin/sh +# +# timeconfig Slackware Linux timezone configuration utility. +# +# Author: Patrick Volkerding <volkerdi@slackware.com> +# Modified by: David Cantrell <david@slackware.com>, 06-Oct-2000 +# +# ChangeLog: +# 2014-10-22: Updated timezones from tzdata2014i. <pjv> +# 2012-12-12: Updated timezones from tzdata2012j. <pjv> +# 2008-03-10: Updated timezones from tzdata2008a. <pjv> +# 2007-12-21: Updated timezones from tzdata2007j. <pjv> +# 2006-12-03: Updated timezones from tzdata2006p. <pjv> +# 2006-09-14: Updated timezones from tzdata2006k. <pjv> +# 2006-08-22: Updated timezones from tzdata2006j. +# 2006-08-13: Updated timezones from tzdata2006g. +# 2006-03-13: Updated timezones from tzdata2006c. +# 19-Feb-2001 Add new timezones from glibc-2.2.2. +# 06-Oct-2000 Fixed a problem with selecting UTC time. It was writing +# the hardwareclock file to the root disk and not your dest +# partition. Changed the HWCLOCK_CONF variable to be +# $T_PX/etc/hardwareclock to fix this. Thanks to David L. +# Dickman <softbear@optonline.net> for finding this and +# submitting a patch. +# +# 15-Mar-2000 Added the writeconf function to write out the +# /etc/hardwareclock file which tells what the hardware clock +# is set to (UTC or localtime). +# +# 03-Mar-2000 Reorganized script. Made one timezone set block, added +# stage that asks the user if the hardware clock is set to +# UTC. + +# setup our temp locations and variables +TMP=/var/log/setup/tmp +if [ -r $TMP/SeTT_PX ]; then + T_PX="`cat $TMP/SeTT_PX`" +elif [ ! "$!" = "" ]; then + T_PX=$1 +else + T_PX=/ +fi + +# the hardware clock configuration file +HWCLOCK_CONF=$T_PX/etc/hardwareclock + +# setzone( $TIMEZONE ) +# +# This function accepts a time zone as the only parameter and sets it as +# the default system time zone. +setzone() +{ + TZ=$1 + + cd $T_PX/etc + if [ -r $T_PX/usr/share/zoneinfo/$TZ -o \ + -r /var/log/mount/usr/share/zoneinfo/$TZ -o \ + -L $T_PX/usr/share/zoneinfo/$TZ -o \ + -L /var/log/mount/usr/share/zoneinfo/$TZ ]; then + rm -f localtime-copied-from + ln -sf /usr/share/zoneinfo/$TZ localtime-copied-from + rm -f localtime + cd .. + chroot . cp etc/localtime-copied-from etc/localtime + fi +} + +# writeconf( $CLOCK_SET_TO ) +# +# Writes out $HWCLOCK_CONF that tells rc.S how the hardware clock +# value is stored. +writeconf() +{ + echo "# /etc/hardwareclock" > $HWCLOCK_CONF + echo "#" >> $HWCLOCK_CONF + echo "# Tells how the hardware clock time is stored." >> $HWCLOCK_CONF + echo "# You should run timeconfig to edit this file." >> $HWCLOCK_CONF + echo >> $HWCLOCK_CONF + echo $1 >> $HWCLOCK_CONF +} + +# ask the user if the hardware clock is set for UTC/GMT +if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then + ### + ### use color menus here + ### + dialog --title "HARDWARE CLOCK SET TO UTC?" --menu "Is the hardware clock set \ +to Coordinated Universal Time (UTC/GMT)? If it is, select YES here. If the \ +hardware clock is set to the current local time (this is how most PCs are set \ +up), then say NO here. If you are not sure what this is, you should answer NO \ +here." 13 60 2 \ + "NO" "Hardware clock is set to local time" \ + "YES" "Hardware clock is set to UTC" \ + 2> $TMP/utc + if [ $? = 1 -o $? = 255 ]; then + rm -f $TMP/utc + exit + fi + if [ "`cat $TMP/utc`" = "YES" ]; then + # yes, the hardware clock is UTC + writeconf "UTC" + else # must be NO + writeconf "localtime" + fi + rm -f $TMP/utc +else + ### + ### use text prompts + ### + echo "Is the hardware clock set to Coordinated Universal Time (UTC/GMT)?" + echo "If it is, select 'y' here. If the hardware clock is set to the" + echo "current local time (this is how most PCs are set up), then say 'n'" + echo "here. If you are not sure what this is, you should answer 'n' here." + echo + echo -n "Is your hardware clock set to UTC ([y]es, [n]o)? " + read HEJAZ + + if [ "$HEJAZ" = "y" -o "$HEJAZ" = "Y" -o "$HEJAZ" = "YES" -o "$HEJAZ" = "yes" ]; then + # yes, the hardware clock is UTC + writeconf "UTC" + else + # default to localtime + writeconf "localtime" + fi +fi + +# Now set the correct timezone link: +if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then + ### + ### use color menus here + ### + dialog --title "TIMEZONE CONFIGURATION" --menu "Please select one of the following timezones for your machine:" 21 50 13 \ diff --git a/patches/source/glibc-zoneinfo/timezone-scripts/parts/01 b/patches/source/glibc-zoneinfo/timezone-scripts/parts/01 new file mode 100644 index 00000000..999f67d7 --- /dev/null +++ b/patches/source/glibc-zoneinfo/timezone-scripts/parts/01 @@ -0,0 +1,585 @@ +"US/Alaska" " " \ +"US/Aleutian" " " \ +"US/Arizona" " " \ +"US/Central" " " \ +"US/East-Indiana" " " \ +"US/Eastern" " " \ +"US/Hawaii" " " \ +"US/Indiana-Starke" " " \ +"US/Michigan" " " \ +"US/Mountain" " " \ +"US/Pacific" " " \ +"US/Pacific-New" " " \ +"US/Samoa" " " \ +"Africa/Abidjan" " " \ +"Africa/Accra" " " \ +"Africa/Addis_Ababa" " " \ +"Africa/Algiers" " " \ +"Africa/Asmara" " " \ +"Africa/Asmera" " " \ +"Africa/Bamako" " " \ +"Africa/Bangui" " " \ +"Africa/Banjul" " " \ +"Africa/Bissau" " " \ +"Africa/Blantyre" " " \ +"Africa/Brazzaville" " " \ +"Africa/Bujumbura" " " \ +"Africa/Cairo" " " \ +"Africa/Casablanca" " " \ +"Africa/Ceuta" " " \ +"Africa/Conakry" " " \ +"Africa/Dakar" " " \ +"Africa/Dar_es_Salaam" " " \ +"Africa/Djibouti" " " \ +"Africa/Douala" " " \ +"Africa/El_Aaiun" " " \ +"Africa/Freetown" " " \ +"Africa/Gaborone" " " \ +"Africa/Harare" " " \ +"Africa/Johannesburg" " " \ +"Africa/Juba" " " \ +"Africa/Kampala" " " \ +"Africa/Khartoum" " " \ +"Africa/Kigali" " " \ +"Africa/Kinshasa" " " \ +"Africa/Lagos" " " \ +"Africa/Libreville" " " \ +"Africa/Lome" " " \ +"Africa/Luanda" " " \ +"Africa/Lubumbashi" " " \ +"Africa/Lusaka" " " \ +"Africa/Malabo" " " \ +"Africa/Maputo" " " \ +"Africa/Maseru" " " \ +"Africa/Mbabane" " " \ +"Africa/Mogadishu" " " \ +"Africa/Monrovia" " " \ +"Africa/Nairobi" " " \ +"Africa/Ndjamena" " " \ +"Africa/Niamey" " " \ +"Africa/Nouakchott" " " \ +"Africa/Ouagadougou" " " \ +"Africa/Porto-Novo" " " \ +"Africa/Sao_Tome" " " \ +"Africa/Timbuktu" " " \ +"Africa/Tripoli" " " \ +"Africa/Tunis" " " \ +"Africa/Windhoek" " " \ +"America/Adak" " " \ +"America/Anchorage" " " \ +"America/Anguilla" " " \ +"America/Antigua" " " \ +"America/Araguaina" " " \ +"America/Argentina/Buenos_Aires" " " \ +"America/Argentina/Catamarca" " " \ +"America/Argentina/ComodRivadavia" " " \ +"America/Argentina/Cordoba" " " \ +"America/Argentina/Jujuy" " " \ +"America/Argentina/La_Rioja" " " \ +"America/Argentina/Mendoza" " " \ +"America/Argentina/Rio_Gallegos" " " \ +"America/Argentina/Salta" " " \ +"America/Argentina/San_Juan" " " \ +"America/Argentina/San_Luis" " " \ +"America/Argentina/Tucuman" " " \ +"America/Argentina/Ushuaia" " " \ +"America/Aruba" " " \ +"America/Asuncion" " " \ +"America/Atikokan" " " \ +"America/Atka" " " \ +"America/Bahia" " " \ +"America/Bahia_Banderas" " " \ +"America/Barbados" " " \ +"America/Belem" " " \ +"America/Belize" " " \ +"America/Blanc-Sablon" " " \ +"America/Boa_Vista" " " \ +"America/Bogota" " " \ +"America/Boise" " " \ +"America/Buenos_Aires" " " \ +"America/Cambridge_Bay" " " \ +"America/Campo_Grande" " " \ +"America/Cancun" " " \ +"America/Caracas" " " \ +"America/Catamarca" " " \ +"America/Cayenne" " " \ +"America/Cayman" " " \ +"America/Chicago" " " \ +"America/Chihuahua" " " \ +"America/Coral_Harbour" " " \ +"America/Cordoba" " " \ +"America/Costa_Rica" " " \ +"America/Creston" " " \ +"America/Cuiaba" " " \ +"America/Curacao" " " \ +"America/Danmarkshavn" " " \ +"America/Dawson" " " \ +"America/Dawson_Creek" " " \ +"America/Denver" " " \ +"America/Detroit" " " \ +"America/Dominica" " " \ +"America/Edmonton" " " \ +"America/Eirunepe" " " \ +"America/El_Salvador" " " \ +"America/Ensenada" " " \ +"America/Fort_Nelson" " " \ +"America/Fort_Wayne" " " \ +"America/Fortaleza" " " \ +"America/Glace_Bay" " " \ +"America/Godthab" " " \ +"America/Goose_Bay" " " \ +"America/Grand_Turk" " " \ +"America/Grenada" " " \ +"America/Guadeloupe" " " \ +"America/Guatemala" " " \ +"America/Guayaquil" " " \ +"America/Guyana" " " \ +"America/Halifax" " " \ +"America/Havana" " " \ +"America/Hermosillo" " " \ +"America/Indiana/Indianapolis" " " \ +"America/Indiana/Knox" " " \ +"America/Indiana/Marengo" " " \ +"America/Indiana/Petersburg" " " \ +"America/Indiana/Tell_City" " " \ +"America/Indiana/Vevay" " " \ +"America/Indiana/Vincennes" " " \ +"America/Indiana/Winamac" " " \ +"America/Indianapolis" " " \ +"America/Inuvik" " " \ +"America/Iqaluit" " " \ +"America/Jamaica" " " \ +"America/Jujuy" " " \ +"America/Juneau" " " \ +"America/Kentucky/Louisville" " " \ +"America/Kentucky/Monticello" " " \ +"America/Knox_IN" " " \ +"America/Kralendijk" " " \ +"America/La_Paz" " " \ +"America/Lima" " " \ +"America/Los_Angeles" " " \ +"America/Louisville" " " \ +"America/Lower_Princes" " " \ +"America/Maceio" " " \ +"America/Managua" " " \ +"America/Manaus" " " \ +"America/Marigot" " " \ +"America/Martinique" " " \ +"America/Matamoros" " " \ +"America/Mazatlan" " " \ +"America/Mendoza" " " \ +"America/Menominee" " " \ +"America/Merida" " " \ +"America/Metlakatla" " " \ +"America/Mexico_City" " " \ +"America/Miquelon" " " \ +"America/Moncton" " " \ +"America/Monterrey" " " \ +"America/Montevideo" " " \ +"America/Montreal" " " \ +"America/Montserrat" " " \ +"America/Nassau" " " \ +"America/New_York" " " \ +"America/Nipigon" " " \ +"America/Nome" " " \ +"America/Noronha" " " \ +"America/North_Dakota/Beulah" " " \ +"America/North_Dakota/Center" " " \ +"America/North_Dakota/New_Salem" " " \ +"America/Ojinaga" " " \ +"America/Panama" " " \ +"America/Pangnirtung" " " \ +"America/Paramaribo" " " \ +"America/Phoenix" " " \ +"America/Port-au-Prince" " " \ +"America/Port_of_Spain" " " \ +"America/Porto_Acre" " " \ +"America/Porto_Velho" " " \ +"America/Puerto_Rico" " " \ +"America/Rainy_River" " " \ +"America/Rankin_Inlet" " " \ +"America/Recife" " " \ +"America/Regina" " " \ +"America/Resolute" " " \ +"America/Rio_Branco" " " \ +"America/Rosario" " " \ +"America/Santa_Isabel" " " \ +"America/Santarem" " " \ +"America/Santiago" " " \ +"America/Santo_Domingo" " " \ +"America/Sao_Paulo" " " \ +"America/Scoresbysund" " " \ +"America/Shiprock" " " \ +"America/Sitka" " " \ +"America/St_Barthelemy" " " \ +"America/St_Johns" " " \ +"America/St_Kitts" " " \ +"America/St_Lucia" " " \ +"America/St_Thomas" " " \ +"America/St_Vincent" " " \ +"America/Swift_Current" " " \ +"America/Tegucigalpa" " " \ +"America/Thule" " " \ +"America/Thunder_Bay" " " \ +"America/Tijuana" " " \ +"America/Toronto" " " \ +"America/Tortola" " " \ +"America/Vancouver" " " \ +"America/Virgin" " " \ +"America/Whitehorse" " " \ +"America/Winnipeg" " " \ +"America/Yakutat" " " \ +"America/Yellowknife" " " \ +"Antarctica/Casey" " " \ +"Antarctica/Davis" " " \ +"Antarctica/DumontDUrville" " " \ +"Antarctica/Macquarie" " " \ +"Antarctica/Mawson" " " \ +"Antarctica/McMurdo" " " \ +"Antarctica/Palmer" " " \ +"Antarctica/Rothera" " " \ +"Antarctica/South_Pole" " " \ +"Antarctica/Syowa" " " \ +"Antarctica/Troll" " " \ +"Antarctica/Vostok" " " \ +"Arctic/Longyearbyen" " " \ +"Asia/Aden" " " \ +"Asia/Almaty" " " \ +"Asia/Amman" " " \ +"Asia/Anadyr" " " \ +"Asia/Aqtau" " " \ +"Asia/Aqtobe" " " \ +"Asia/Ashgabat" " " \ +"Asia/Ashkhabad" " " \ +"Asia/Baghdad" " " \ +"Asia/Bahrain" " " \ +"Asia/Baku" " " \ +"Asia/Bangkok" " " \ +"Asia/Beirut" " " \ +"Asia/Bishkek" " " \ +"Asia/Brunei" " " \ +"Asia/Calcutta" " " \ +"Asia/Chita" " " \ +"Asia/Choibalsan" " " \ +"Asia/Chongqing" " " \ +"Asia/Chungking" " " \ +"Asia/Colombo" " " \ +"Asia/Dacca" " " \ +"Asia/Damascus" " " \ +"Asia/Dhaka" " " \ +"Asia/Dili" " " \ +"Asia/Dubai" " " \ +"Asia/Dushanbe" " " \ +"Asia/Gaza" " " \ +"Asia/Harbin" " " \ +"Asia/Hebron" " " \ +"Asia/Ho_Chi_Minh" " " \ +"Asia/Hong_Kong" " " \ +"Asia/Hovd" " " \ +"Asia/Irkutsk" " " \ +"Asia/Istanbul" " " \ +"Asia/Jakarta" " " \ +"Asia/Jayapura" " " \ +"Asia/Jerusalem" " " \ +"Asia/Kabul" " " \ +"Asia/Kamchatka" " " \ +"Asia/Karachi" " " \ +"Asia/Kashgar" " " \ +"Asia/Kathmandu" " " \ +"Asia/Katmandu" " " \ +"Asia/Khandyga" " " \ +"Asia/Kolkata" " " \ +"Asia/Krasnoyarsk" " " \ +"Asia/Kuala_Lumpur" " " \ +"Asia/Kuching" " " \ +"Asia/Kuwait" " " \ +"Asia/Macao" " " \ +"Asia/Macau" " " \ +"Asia/Magadan" " " \ +"Asia/Makassar" " " \ +"Asia/Manila" " " \ +"Asia/Muscat" " " \ +"Asia/Nicosia" " " \ +"Asia/Novokuznetsk" " " \ +"Asia/Novosibirsk" " " \ +"Asia/Omsk" " " \ +"Asia/Oral" " " \ +"Asia/Phnom_Penh" " " \ +"Asia/Pontianak" " " \ +"Asia/Pyongyang" " " \ +"Asia/Qatar" " " \ +"Asia/Qyzylorda" " " \ +"Asia/Rangoon" " " \ +"Asia/Riyadh" " " \ +"Asia/Saigon" " " \ +"Asia/Sakhalin" " " \ +"Asia/Samarkand" " " \ +"Asia/Seoul" " " \ +"Asia/Shanghai" " " \ +"Asia/Singapore" " " \ +"Asia/Srednekolymsk" " " \ +"Asia/Taipei" " " \ +"Asia/Tashkent" " " \ +"Asia/Tbilisi" " " \ +"Asia/Tehran" " " \ +"Asia/Tel_Aviv" " " \ +"Asia/Thimbu" " " \ +"Asia/Thimphu" " " \ +"Asia/Tokyo" " " \ +"Asia/Ujung_Pandang" " " \ +"Asia/Ulaanbaatar" " " \ +"Asia/Ulan_Bator" " " \ +"Asia/Urumqi" " " \ +"Asia/Ust-Nera" " " \ +"Asia/Vientiane" " " \ +"Asia/Vladivostok" " " \ +"Asia/Yakutsk" " " \ +"Asia/Yekaterinburg" " " \ +"Asia/Yerevan" " " \ +"Atlantic/Azores" " " \ +"Atlantic/Bermuda" " " \ +"Atlantic/Canary" " " \ +"Atlantic/Cape_Verde" " " \ +"Atlantic/Faeroe" " " \ +"Atlantic/Faroe" " " \ +"Atlantic/Jan_Mayen" " " \ +"Atlantic/Madeira" " " \ +"Atlantic/Reykjavik" " " \ +"Atlantic/South_Georgia" " " \ +"Atlantic/St_Helena" " " \ +"Atlantic/Stanley" " " \ +"Australia/ACT" " " \ +"Australia/Adelaide" " " \ +"Australia/Brisbane" " " \ +"Australia/Broken_Hill" " " \ +"Australia/Canberra" " " \ +"Australia/Currie" " " \ +"Australia/Darwin" " " \ +"Australia/Eucla" " " \ +"Australia/Hobart" " " \ +"Australia/LHI" " " \ +"Australia/Lindeman" " " \ +"Australia/Lord_Howe" " " \ +"Australia/Melbourne" " " \ +"Australia/NSW" " " \ +"Australia/North" " " \ +"Australia/Perth" " " \ +"Australia/Queensland" " " \ +"Australia/South" " " \ +"Australia/Sydney" " " \ +"Australia/Tasmania" " " \ +"Australia/Victoria" " " \ +"Australia/West" " " \ +"Australia/Yancowinna" " " \ +"Brazil/Acre" " " \ +"Brazil/DeNoronha" " " \ +"Brazil/East" " " \ +"Brazil/West" " " \ +"CET" " " \ +"CST6CDT" " " \ +"Canada/Atlantic" " " \ +"Canada/Central" " " \ +"Canada/East-Saskatchewan" " " \ +"Canada/Eastern" " " \ +"Canada/Mountain" " " \ +"Canada/Newfoundland" " " \ +"Canada/Pacific" " " \ +"Canada/Saskatchewan" " " \ +"Canada/Yukon" " " \ +"Chile/Continental" " " \ +"Chile/EasterIsland" " " \ +"Cuba" " " \ +"EET" " " \ +"EST" " " \ +"EST5EDT" " " \ +"Egypt" " " \ +"Eire" " " \ +"Etc/GMT" " " \ +"Etc/GMT+0" " " \ +"Etc/GMT+1" " " \ +"Etc/GMT+10" " " \ +"Etc/GMT+11" " " \ +"Etc/GMT+12" " " \ +"Etc/GMT+2" " " \ +"Etc/GMT+3" " " \ +"Etc/GMT+4" " " \ +"Etc/GMT+5" " " \ +"Etc/GMT+6" " " \ +"Etc/GMT+7" " " \ +"Etc/GMT+8" " " \ +"Etc/GMT+9" " " \ +"Etc/GMT-0" " " \ +"Etc/GMT-1" " " \ +"Etc/GMT-10" " " \ +"Etc/GMT-11" " " \ +"Etc/GMT-12" " " \ +"Etc/GMT-13" " " \ +"Etc/GMT-14" " " \ +"Etc/GMT-2" " " \ +"Etc/GMT-3" " " \ +"Etc/GMT-4" " " \ +"Etc/GMT-5" " " \ +"Etc/GMT-6" " " \ +"Etc/GMT-7" " " \ +"Etc/GMT-8" " " \ +"Etc/GMT-9" " " \ +"Etc/GMT0" " " \ +"Etc/Greenwich" " " \ +"Etc/UCT" " " \ +"Etc/UTC" " " \ +"Etc/Universal" " " \ +"Etc/Zulu" " " \ +"Europe/Amsterdam" " " \ +"Europe/Andorra" " " \ +"Europe/Athens" " " \ +"Europe/Belfast" " " \ +"Europe/Belgrade" " " \ +"Europe/Berlin" " " \ +"Europe/Bratislava" " " \ +"Europe/Brussels" " " \ +"Europe/Bucharest" " " \ +"Europe/Budapest" " " \ +"Europe/Busingen" " " \ +"Europe/Chisinau" " " \ +"Europe/Copenhagen" " " \ +"Europe/Dublin" " " \ +"Europe/Gibraltar" " " \ +"Europe/Guernsey" " " \ +"Europe/Helsinki" " " \ +"Europe/Isle_of_Man" " " \ +"Europe/Istanbul" " " \ +"Europe/Jersey" " " \ +"Europe/Kaliningrad" " " \ +"Europe/Kiev" " " \ +"Europe/Lisbon" " " \ +"Europe/Ljubljana" " " \ +"Europe/London" " " \ +"Europe/Luxembourg" " " \ +"Europe/Madrid" " " \ +"Europe/Malta" " " \ +"Europe/Mariehamn" " " \ +"Europe/Minsk" " " \ +"Europe/Monaco" " " \ +"Europe/Moscow" " " \ +"Europe/Nicosia" " " \ +"Europe/Oslo" " " \ +"Europe/Paris" " " \ +"Europe/Podgorica" " " \ +"Europe/Prague" " " \ +"Europe/Riga" " " \ +"Europe/Rome" " " \ +"Europe/Samara" " " \ +"Europe/San_Marino" " " \ +"Europe/Sarajevo" " " \ +"Europe/Simferopol" " " \ +"Europe/Skopje" " " \ +"Europe/Sofia" " " \ +"Europe/Stockholm" " " \ +"Europe/Tallinn" " " \ +"Europe/Tirane" " " \ +"Europe/Tiraspol" " " \ +"Europe/Uzhgorod" " " \ +"Europe/Vaduz" " " \ +"Europe/Vatican" " " \ +"Europe/Vienna" " " \ +"Europe/Vilnius" " " \ +"Europe/Volgograd" " " \ +"Europe/Warsaw" " " \ +"Europe/Zagreb" " " \ +"Europe/Zaporozhye" " " \ +"Europe/Zurich" " " \ +"Factory" " " \ +"GB" " " \ +"GB-Eire" " " \ +"GMT" " " \ +"GMT+0" " " \ +"GMT-0" " " \ +"GMT0" " " \ +"Greenwich" " " \ +"HST" " " \ +"Hongkong" " " \ +"Iceland" " " \ +"Indian/Antananarivo" " " \ +"Indian/Chagos" " " \ +"Indian/Christmas" " " \ +"Indian/Cocos" " " \ +"Indian/Comoro" " " \ +"Indian/Kerguelen" " " \ +"Indian/Mahe" " " \ +"Indian/Maldives" " " \ +"Indian/Mauritius" " " \ +"Indian/Mayotte" " " \ +"Indian/Reunion" " " \ +"Iran" " " \ +"Israel" " " \ +"Jamaica" " " \ +"Japan" " " \ +"Kwajalein" " " \ +"Libya" " " \ +"MET" " " \ +"MST" " " \ +"MST7MDT" " " \ +"Mexico/BajaNorte" " " \ +"Mexico/BajaSur" " " \ +"Mexico/General" " " \ +"NZ" " " \ +"NZ-CHAT" " " \ +"Navajo" " " \ +"PRC" " " \ +"PST8PDT" " " \ +"Pacific/Apia" " " \ +"Pacific/Auckland" " " \ +"Pacific/Bougainville" " " \ +"Pacific/Chatham" " " \ +"Pacific/Chuuk" " " \ +"Pacific/Easter" " " \ +"Pacific/Efate" " " \ +"Pacific/Enderbury" " " \ +"Pacific/Fakaofo" " " \ +"Pacific/Fiji" " " \ +"Pacific/Funafuti" " " \ +"Pacific/Galapagos" " " \ +"Pacific/Gambier" " " \ +"Pacific/Guadalcanal" " " \ +"Pacific/Guam" " " \ +"Pacific/Honolulu" " " \ +"Pacific/Johnston" " " \ +"Pacific/Kiritimati" " " \ +"Pacific/Kosrae" " " \ +"Pacific/Kwajalein" " " \ +"Pacific/Majuro" " " \ +"Pacific/Marquesas" " " \ +"Pacific/Midway" " " \ +"Pacific/Nauru" " " \ +"Pacific/Niue" " " \ +"Pacific/Norfolk" " " \ +"Pacific/Noumea" " " \ +"Pacific/Pago_Pago" " " \ +"Pacific/Palau" " " \ +"Pacific/Pitcairn" " " \ +"Pacific/Pohnpei" " " \ +"Pacific/Ponape" " " \ +"Pacific/Port_Moresby" " " \ +"Pacific/Rarotonga" " " \ +"Pacific/Saipan" " " \ +"Pacific/Samoa" " " \ +"Pacific/Tahiti" " " \ +"Pacific/Tarawa" " " \ +"Pacific/Tongatapu" " " \ +"Pacific/Truk" " " \ +"Pacific/Wake" " " \ +"Pacific/Wallis" " " \ +"Pacific/Yap" " " \ +"Poland" " " \ +"Portugal" " " \ +"ROC" " " \ +"ROK" " " \ +"Singapore" " " \ +"Turkey" " " \ +"UCT" " " \ +"UTC" " " \ +"Universal" " " \ +"W-SU" " " \ +"WET" " " \ +"Zulu" " " \ +"posixrules" " " \ diff --git a/patches/source/glibc-zoneinfo/timezone-scripts/parts/02 b/patches/source/glibc-zoneinfo/timezone-scripts/parts/02 new file mode 100644 index 00000000..bd5a50bb --- /dev/null +++ b/patches/source/glibc-zoneinfo/timezone-scripts/parts/02 @@ -0,0 +1,28 @@ + 2> $TMP/tz + + if [ $? = 1 -o $? = 255 ]; then + rm -f $TMP/tz + exit + fi + + TIMEZONE="`cat $TMP/tz`" + rm -f $TMP/tz + + setzone $TIMEZONE + exit +else + ### + ### use text prompts + ### + while [ 0 ]; do + echo -n "Would you like to configure your timezone ([y]es, [n]o)? " + read TIMECONF; + echo + + if [ "$TIMECONF" = "n" ]; then + break + fi + + cat << EOF +Select one of these timezones: + diff --git a/patches/source/glibc-zoneinfo/timezone-scripts/parts/03 b/patches/source/glibc-zoneinfo/timezone-scripts/parts/03 new file mode 100644 index 00000000..f595dfab --- /dev/null +++ b/patches/source/glibc-zoneinfo/timezone-scripts/parts/03 @@ -0,0 +1,585 @@ +US/Alaska +US/Aleutian +US/Arizona +US/Central +US/East-Indiana +US/Eastern +US/Hawaii +US/Indiana-Starke +US/Michigan +US/Mountain +US/Pacific +US/Pacific-New +US/Samoa +Africa/Abidjan +Africa/Accra +Africa/Addis_Ababa +Africa/Algiers +Africa/Asmara +Africa/Asmera +Africa/Bamako +Africa/Bangui +Africa/Banjul +Africa/Bissau +Africa/Blantyre +Africa/Brazzaville +Africa/Bujumbura +Africa/Cairo +Africa/Casablanca +Africa/Ceuta +Africa/Conakry +Africa/Dakar +Africa/Dar_es_Salaam +Africa/Djibouti +Africa/Douala +Africa/El_Aaiun +Africa/Freetown +Africa/Gaborone +Africa/Harare +Africa/Johannesburg +Africa/Juba +Africa/Kampala +Africa/Khartoum +Africa/Kigali +Africa/Kinshasa +Africa/Lagos +Africa/Libreville +Africa/Lome +Africa/Luanda +Africa/Lubumbashi +Africa/Lusaka +Africa/Malabo +Africa/Maputo +Africa/Maseru +Africa/Mbabane +Africa/Mogadishu +Africa/Monrovia +Africa/Nairobi +Africa/Ndjamena +Africa/Niamey +Africa/Nouakchott +Africa/Ouagadougou +Africa/Porto-Novo +Africa/Sao_Tome +Africa/Timbuktu +Africa/Tripoli +Africa/Tunis +Africa/Windhoek +America/Adak +America/Anchorage +America/Anguilla +America/Antigua +America/Araguaina +America/Argentina/Buenos_Aires +America/Argentina/Catamarca +America/Argentina/ComodRivadavia +America/Argentina/Cordoba +America/Argentina/Jujuy +America/Argentina/La_Rioja +America/Argentina/Mendoza +America/Argentina/Rio_Gallegos +America/Argentina/Salta +America/Argentina/San_Juan +America/Argentina/San_Luis +America/Argentina/Tucuman +America/Argentina/Ushuaia +America/Aruba +America/Asuncion +America/Atikokan +America/Atka +America/Bahia +America/Bahia_Banderas +America/Barbados +America/Belem +America/Belize +America/Blanc-Sablon +America/Boa_Vista +America/Bogota +America/Boise +America/Buenos_Aires +America/Cambridge_Bay +America/Campo_Grande +America/Cancun +America/Caracas +America/Catamarca +America/Cayenne +America/Cayman +America/Chicago +America/Chihuahua +America/Coral_Harbour +America/Cordoba +America/Costa_Rica +America/Creston +America/Cuiaba +America/Curacao +America/Danmarkshavn +America/Dawson +America/Dawson_Creek +America/Denver +America/Detroit +America/Dominica +America/Edmonton +America/Eirunepe +America/El_Salvador +America/Ensenada +America/Fort_Nelson +America/Fort_Wayne +America/Fortaleza +America/Glace_Bay +America/Godthab +America/Goose_Bay +America/Grand_Turk +America/Grenada +America/Guadeloupe +America/Guatemala +America/Guayaquil +America/Guyana +America/Halifax +America/Havana +America/Hermosillo +America/Indiana/Indianapolis +America/Indiana/Knox +America/Indiana/Marengo +America/Indiana/Petersburg +America/Indiana/Tell_City +America/Indiana/Vevay +America/Indiana/Vincennes +America/Indiana/Winamac +America/Indianapolis +America/Inuvik +America/Iqaluit +America/Jamaica +America/Jujuy +America/Juneau +America/Kentucky/Louisville +America/Kentucky/Monticello +America/Knox_IN +America/Kralendijk +America/La_Paz +America/Lima +America/Los_Angeles +America/Louisville +America/Lower_Princes +America/Maceio +America/Managua +America/Manaus +America/Marigot +America/Martinique +America/Matamoros +America/Mazatlan +America/Mendoza +America/Menominee +America/Merida +America/Metlakatla +America/Mexico_City +America/Miquelon +America/Moncton +America/Monterrey +America/Montevideo +America/Montreal +America/Montserrat +America/Nassau +America/New_York +America/Nipigon +America/Nome +America/Noronha +America/North_Dakota/Beulah +America/North_Dakota/Center +America/North_Dakota/New_Salem +America/Ojinaga +America/Panama +America/Pangnirtung +America/Paramaribo +America/Phoenix +America/Port-au-Prince +America/Port_of_Spain +America/Porto_Acre +America/Porto_Velho +America/Puerto_Rico +America/Rainy_River +America/Rankin_Inlet +America/Recife +America/Regina +America/Resolute +America/Rio_Branco +America/Rosario +America/Santa_Isabel +America/Santarem +America/Santiago +America/Santo_Domingo +America/Sao_Paulo +America/Scoresbysund +America/Shiprock +America/Sitka +America/St_Barthelemy +America/St_Johns +America/St_Kitts +America/St_Lucia +America/St_Thomas +America/St_Vincent +America/Swift_Current +America/Tegucigalpa +America/Thule +America/Thunder_Bay +America/Tijuana +America/Toronto +America/Tortola +America/Vancouver +America/Virgin +America/Whitehorse +America/Winnipeg +America/Yakutat +America/Yellowknife +Antarctica/Casey +Antarctica/Davis +Antarctica/DumontDUrville +Antarctica/Macquarie +Antarctica/Mawson +Antarctica/McMurdo +Antarctica/Palmer +Antarctica/Rothera +Antarctica/South_Pole +Antarctica/Syowa +Antarctica/Troll +Antarctica/Vostok +Arctic/Longyearbyen +Asia/Aden +Asia/Almaty +Asia/Amman +Asia/Anadyr +Asia/Aqtau +Asia/Aqtobe +Asia/Ashgabat +Asia/Ashkhabad +Asia/Baghdad +Asia/Bahrain +Asia/Baku +Asia/Bangkok +Asia/Beirut +Asia/Bishkek +Asia/Brunei +Asia/Calcutta +Asia/Chita +Asia/Choibalsan +Asia/Chongqing +Asia/Chungking +Asia/Colombo +Asia/Dacca +Asia/Damascus +Asia/Dhaka +Asia/Dili +Asia/Dubai +Asia/Dushanbe +Asia/Gaza +Asia/Harbin +Asia/Hebron +Asia/Ho_Chi_Minh +Asia/Hong_Kong +Asia/Hovd +Asia/Irkutsk +Asia/Istanbul +Asia/Jakarta +Asia/Jayapura +Asia/Jerusalem +Asia/Kabul +Asia/Kamchatka +Asia/Karachi +Asia/Kashgar +Asia/Kathmandu +Asia/Katmandu +Asia/Khandyga +Asia/Kolkata +Asia/Krasnoyarsk +Asia/Kuala_Lumpur +Asia/Kuching +Asia/Kuwait +Asia/Macao +Asia/Macau +Asia/Magadan +Asia/Makassar +Asia/Manila +Asia/Muscat +Asia/Nicosia +Asia/Novokuznetsk +Asia/Novosibirsk +Asia/Omsk +Asia/Oral +Asia/Phnom_Penh +Asia/Pontianak +Asia/Pyongyang +Asia/Qatar +Asia/Qyzylorda +Asia/Rangoon +Asia/Riyadh +Asia/Saigon +Asia/Sakhalin +Asia/Samarkand +Asia/Seoul +Asia/Shanghai +Asia/Singapore +Asia/Srednekolymsk +Asia/Taipei +Asia/Tashkent +Asia/Tbilisi +Asia/Tehran +Asia/Tel_Aviv +Asia/Thimbu +Asia/Thimphu +Asia/Tokyo +Asia/Ujung_Pandang +Asia/Ulaanbaatar +Asia/Ulan_Bator +Asia/Urumqi +Asia/Ust-Nera +Asia/Vientiane +Asia/Vladivostok +Asia/Yakutsk +Asia/Yekaterinburg +Asia/Yerevan +Atlantic/Azores +Atlantic/Bermuda +Atlantic/Canary +Atlantic/Cape_Verde +Atlantic/Faeroe +Atlantic/Faroe +Atlantic/Jan_Mayen +Atlantic/Madeira +Atlantic/Reykjavik +Atlantic/South_Georgia +Atlantic/St_Helena +Atlantic/Stanley +Australia/ACT +Australia/Adelaide +Australia/Brisbane +Australia/Broken_Hill +Australia/Canberra +Australia/Currie +Australia/Darwin +Australia/Eucla +Australia/Hobart +Australia/LHI +Australia/Lindeman +Australia/Lord_Howe +Australia/Melbourne +Australia/NSW +Australia/North +Australia/Perth +Australia/Queensland +Australia/South +Australia/Sydney +Australia/Tasmania +Australia/Victoria +Australia/West +Australia/Yancowinna +Brazil/Acre +Brazil/DeNoronha +Brazil/East +Brazil/West +CET +CST6CDT +Canada/Atlantic +Canada/Central +Canada/East-Saskatchewan +Canada/Eastern +Canada/Mountain +Canada/Newfoundland +Canada/Pacific +Canada/Saskatchewan +Canada/Yukon +Chile/Continental +Chile/EasterIsland +Cuba +EET +EST +EST5EDT +Egypt +Eire +Etc/GMT +Etc/GMT+0 +Etc/GMT+1 +Etc/GMT+10 +Etc/GMT+11 +Etc/GMT+12 +Etc/GMT+2 +Etc/GMT+3 +Etc/GMT+4 +Etc/GMT+5 +Etc/GMT+6 +Etc/GMT+7 +Etc/GMT+8 +Etc/GMT+9 +Etc/GMT-0 +Etc/GMT-1 +Etc/GMT-10 +Etc/GMT-11 +Etc/GMT-12 +Etc/GMT-13 +Etc/GMT-14 +Etc/GMT-2 +Etc/GMT-3 +Etc/GMT-4 +Etc/GMT-5 +Etc/GMT-6 +Etc/GMT-7 +Etc/GMT-8 +Etc/GMT-9 +Etc/GMT0 +Etc/Greenwich +Etc/UCT +Etc/UTC +Etc/Universal +Etc/Zulu +Europe/Amsterdam +Europe/Andorra +Europe/Athens +Europe/Belfast +Europe/Belgrade +Europe/Berlin +Europe/Bratislava +Europe/Brussels +Europe/Bucharest +Europe/Budapest +Europe/Busingen +Europe/Chisinau +Europe/Copenhagen +Europe/Dublin +Europe/Gibraltar +Europe/Guernsey +Europe/Helsinki +Europe/Isle_of_Man +Europe/Istanbul +Europe/Jersey +Europe/Kaliningrad +Europe/Kiev +Europe/Lisbon +Europe/Ljubljana +Europe/London +Europe/Luxembourg +Europe/Madrid +Europe/Malta +Europe/Mariehamn +Europe/Minsk +Europe/Monaco +Europe/Moscow +Europe/Nicosia +Europe/Oslo +Europe/Paris +Europe/Podgorica +Europe/Prague +Europe/Riga +Europe/Rome +Europe/Samara +Europe/San_Marino +Europe/Sarajevo +Europe/Simferopol +Europe/Skopje +Europe/Sofia +Europe/Stockholm +Europe/Tallinn +Europe/Tirane +Europe/Tiraspol +Europe/Uzhgorod +Europe/Vaduz +Europe/Vatican +Europe/Vienna +Europe/Vilnius +Europe/Volgograd +Europe/Warsaw +Europe/Zagreb +Europe/Zaporozhye +Europe/Zurich +Factory +GB +GB-Eire +GMT +GMT+0 +GMT-0 +GMT0 +Greenwich +HST +Hongkong +Iceland +Indian/Antananarivo +Indian/Chagos +Indian/Christmas +Indian/Cocos +Indian/Comoro +Indian/Kerguelen +Indian/Mahe +Indian/Maldives +Indian/Mauritius +Indian/Mayotte +Indian/Reunion +Iran +Israel +Jamaica +Japan +Kwajalein +Libya +MET +MST +MST7MDT +Mexico/BajaNorte +Mexico/BajaSur +Mexico/General +NZ +NZ-CHAT +Navajo +PRC +PST8PDT +Pacific/Apia +Pacific/Auckland +Pacific/Bougainville +Pacific/Chatham +Pacific/Chuuk +Pacific/Easter +Pacific/Efate +Pacific/Enderbury +Pacific/Fakaofo +Pacific/Fiji +Pacific/Funafuti +Pacific/Galapagos +Pacific/Gambier +Pacific/Guadalcanal +Pacific/Guam +Pacific/Honolulu +Pacific/Johnston +Pacific/Kiritimati +Pacific/Kosrae +Pacific/Kwajalein +Pacific/Majuro +Pacific/Marquesas +Pacific/Midway +Pacific/Nauru +Pacific/Niue +Pacific/Norfolk +Pacific/Noumea +Pacific/Pago_Pago +Pacific/Palau +Pacific/Pitcairn +Pacific/Pohnpei +Pacific/Ponape +Pacific/Port_Moresby +Pacific/Rarotonga +Pacific/Saipan +Pacific/Samoa +Pacific/Tahiti +Pacific/Tarawa +Pacific/Tongatapu +Pacific/Truk +Pacific/Wake +Pacific/Wallis +Pacific/Yap +Poland +Portugal +ROC +ROK +Singapore +Turkey +UCT +UTC +Universal +W-SU +WET +Zulu +posixrules diff --git a/patches/source/glibc-zoneinfo/timezone-scripts/parts/04 b/patches/source/glibc-zoneinfo/timezone-scripts/parts/04 new file mode 100644 index 00000000..5b0da0e8 --- /dev/null +++ b/patches/source/glibc-zoneinfo/timezone-scripts/parts/04 @@ -0,0 +1,33 @@ + +Type it at the prompt below exactly as it appears above. (NOTE: If you don't +see your timezone, use "timeconfig" again after booting for the verbose list) + +EOF + echo -n "Timezone? " + read TIMEZONE; + echo + + if [ -n "$TIMEZONE" -a \ + -r $T_PX/usr/share/zoneinfo/$TIMEZONE -o \ + -r /var/log/mount/usr/share/zoneinfo/$TIMEZONE -o \ + -L $T_PX/usr/share/zoneinfo/$TIMEZONE -o \ + -L /var/log/mount/usr/share/zoneinfo/$TIMEZONE ]; then + echo "Creating link from $TIMEZONE to localtime in /etc..." + echo + setzone $TIMEZONE + exit + else + cat << EOF + +Timezone $TIMEZONE could not be found. You may try again if you wish. +Make sure you type the name exactly as it appears - this configuration script +is case sensitive. + +Press [enter] to continue. + +EOF + read JUNK; + fi + done +fi + diff --git a/patches/source/glibc-zoneinfo/timezone-scripts/parts/README b/patches/source/glibc-zoneinfo/timezone-scripts/parts/README new file mode 100644 index 00000000..80d5cf5b --- /dev/null +++ b/patches/source/glibc-zoneinfo/timezone-scripts/parts/README @@ -0,0 +1,2 @@ +Files 01 and 03 are samples, showing the format, and are +not necessarily up to date... diff --git a/patches/source/glibc-zoneinfo/timezone-scripts/setup.timeconfig b/patches/source/glibc-zoneinfo/timezone-scripts/setup.timeconfig new file mode 100644 index 00000000..81ff7055 --- /dev/null +++ b/patches/source/glibc-zoneinfo/timezone-scripts/setup.timeconfig @@ -0,0 +1,3 @@ +#!/bin/sh +#BLURB="Select your timezone" +sh usr/sbin/timeconfig $* diff --git a/patches/source/glibc-zoneinfo/timezone-scripts/timeconfig b/patches/source/glibc-zoneinfo/timezone-scripts/timeconfig new file mode 100644 index 00000000..0fa59ac0 --- /dev/null +++ b/patches/source/glibc-zoneinfo/timezone-scripts/timeconfig @@ -0,0 +1,1363 @@ +#!/bin/sh +# +# timeconfig Slackware Linux timezone configuration utility. +# +# Author: Patrick Volkerding <volkerdi@slackware.com> +# Modified by: David Cantrell <david@slackware.com>, 06-Oct-2000 +# +# ChangeLog: +# 2014-10-22: Updated timezones from tzdata2014i. <pjv> +# 2012-12-12: Updated timezones from tzdata2012j. <pjv> +# 2008-03-10: Updated timezones from tzdata2008a. <pjv> +# 2007-12-21: Updated timezones from tzdata2007j. <pjv> +# 2006-12-03: Updated timezones from tzdata2006p. <pjv> +# 2006-09-14: Updated timezones from tzdata2006k. <pjv> +# 2006-08-22: Updated timezones from tzdata2006j. +# 2006-08-13: Updated timezones from tzdata2006g. +# 2006-03-13: Updated timezones from tzdata2006c. +# 19-Feb-2001 Add new timezones from glibc-2.2.2. +# 06-Oct-2000 Fixed a problem with selecting UTC time. It was writing +# the hardwareclock file to the root disk and not your dest +# partition. Changed the HWCLOCK_CONF variable to be +# $T_PX/etc/hardwareclock to fix this. Thanks to David L. +# Dickman <softbear@optonline.net> for finding this and +# submitting a patch. +# +# 15-Mar-2000 Added the writeconf function to write out the +# /etc/hardwareclock file which tells what the hardware clock +# is set to (UTC or localtime). +# +# 03-Mar-2000 Reorganized script. Made one timezone set block, added +# stage that asks the user if the hardware clock is set to +# UTC. + +# setup our temp locations and variables +TMP=/var/log/setup/tmp +if [ -r $TMP/SeTT_PX ]; then + T_PX="`cat $TMP/SeTT_PX`" +elif [ ! "$!" = "" ]; then + T_PX=$1 +else + T_PX=/ +fi + +# the hardware clock configuration file +HWCLOCK_CONF=$T_PX/etc/hardwareclock + +# setzone( $TIMEZONE ) +# +# This function accepts a time zone as the only parameter and sets it as +# the default system time zone. +setzone() +{ + TZ=$1 + + cd $T_PX/etc + if [ -r $T_PX/usr/share/zoneinfo/$TZ -o \ + -r /var/log/mount/usr/share/zoneinfo/$TZ -o \ + -L $T_PX/usr/share/zoneinfo/$TZ -o \ + -L /var/log/mount/usr/share/zoneinfo/$TZ ]; then + rm -f localtime-copied-from + ln -sf /usr/share/zoneinfo/$TZ localtime-copied-from + rm -f localtime + cd .. + chroot . cp etc/localtime-copied-from etc/localtime + fi +} + +# writeconf( $CLOCK_SET_TO ) +# +# Writes out $HWCLOCK_CONF that tells rc.S how the hardware clock +# value is stored. +writeconf() +{ + echo "# /etc/hardwareclock" > $HWCLOCK_CONF + echo "#" >> $HWCLOCK_CONF + echo "# Tells how the hardware clock time is stored." >> $HWCLOCK_CONF + echo "# You should run timeconfig to edit this file." >> $HWCLOCK_CONF + echo >> $HWCLOCK_CONF + echo $1 >> $HWCLOCK_CONF +} + +# ask the user if the hardware clock is set for UTC/GMT +if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then + ### + ### use color menus here + ### + dialog --title "HARDWARE CLOCK SET TO UTC?" --menu "Is the hardware clock set \ +to Coordinated Universal Time (UTC/GMT)? If it is, select YES here. If the \ +hardware clock is set to the current local time (this is how most PCs are set \ +up), then say NO here. If you are not sure what this is, you should answer NO \ +here." 13 60 2 \ + "NO" "Hardware clock is set to local time" \ + "YES" "Hardware clock is set to UTC" \ + 2> $TMP/utc + if [ $? = 1 -o $? = 255 ]; then + rm -f $TMP/utc + exit + fi + if [ "`cat $TMP/utc`" = "YES" ]; then + # yes, the hardware clock is UTC + writeconf "UTC" + else # must be NO + writeconf "localtime" + fi + rm -f $TMP/utc +else + ### + ### use text prompts + ### + echo "Is the hardware clock set to Coordinated Universal Time (UTC/GMT)?" + echo "If it is, select 'y' here. If the hardware clock is set to the" + echo "current local time (this is how most PCs are set up), then say 'n'" + echo "here. If you are not sure what this is, you should answer 'n' here." + echo + echo -n "Is your hardware clock set to UTC ([y]es, [n]o)? " + read HEJAZ + + if [ "$HEJAZ" = "y" -o "$HEJAZ" = "Y" -o "$HEJAZ" = "YES" -o "$HEJAZ" = "yes" ]; then + # yes, the hardware clock is UTC + writeconf "UTC" + else + # default to localtime + writeconf "localtime" + fi +fi + +# Now set the correct timezone link: +if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then + ### + ### use color menus here + ### + dialog --title "TIMEZONE CONFIGURATION" --menu "Please select one of the following timezones for your machine:" 21 50 13 \ +"US/Alaska" " " \ +"US/Aleutian" " " \ +"US/Arizona" " " \ +"US/Central" " " \ +"US/East-Indiana" " " \ +"US/Eastern" " " \ +"US/Hawaii" " " \ +"US/Indiana-Starke" " " \ +"US/Michigan" " " \ +"US/Mountain" " " \ +"US/Pacific" " " \ +"US/Pacific-New" " " \ +"US/Samoa" " " \ +"Africa/Abidjan" " " \ +"Africa/Accra" " " \ +"Africa/Addis_Ababa" " " \ +"Africa/Algiers" " " \ +"Africa/Asmara" " " \ +"Africa/Asmera" " " \ +"Africa/Bamako" " " \ +"Africa/Bangui" " " \ +"Africa/Banjul" " " \ +"Africa/Bissau" " " \ +"Africa/Blantyre" " " \ +"Africa/Brazzaville" " " \ +"Africa/Bujumbura" " " \ +"Africa/Cairo" " " \ +"Africa/Casablanca" " " \ +"Africa/Ceuta" " " \ +"Africa/Conakry" " " \ +"Africa/Dakar" " " \ +"Africa/Dar_es_Salaam" " " \ +"Africa/Djibouti" " " \ +"Africa/Douala" " " \ +"Africa/El_Aaiun" " " \ +"Africa/Freetown" " " \ +"Africa/Gaborone" " " \ +"Africa/Harare" " " \ +"Africa/Johannesburg" " " \ +"Africa/Juba" " " \ +"Africa/Kampala" " " \ +"Africa/Khartoum" " " \ +"Africa/Kigali" " " \ +"Africa/Kinshasa" " " \ +"Africa/Lagos" " " \ +"Africa/Libreville" " " \ +"Africa/Lome" " " \ +"Africa/Luanda" " " \ +"Africa/Lubumbashi" " " \ +"Africa/Lusaka" " " \ +"Africa/Malabo" " " \ +"Africa/Maputo" " " \ +"Africa/Maseru" " " \ +"Africa/Mbabane" " " \ +"Africa/Mogadishu" " " \ +"Africa/Monrovia" " " \ +"Africa/Nairobi" " " \ +"Africa/Ndjamena" " " \ +"Africa/Niamey" " " \ +"Africa/Nouakchott" " " \ +"Africa/Ouagadougou" " " \ +"Africa/Porto-Novo" " " \ +"Africa/Sao_Tome" " " \ +"Africa/Timbuktu" " " \ +"Africa/Tripoli" " " \ +"Africa/Tunis" " " \ +"Africa/Windhoek" " " \ +"America/Adak" " " \ +"America/Anchorage" " " \ +"America/Anguilla" " " \ +"America/Antigua" " " \ +"America/Araguaina" " " \ +"America/Argentina/Buenos_Aires" " " \ +"America/Argentina/Catamarca" " " \ +"America/Argentina/ComodRivadavia" " " \ +"America/Argentina/Cordoba" " " \ +"America/Argentina/Jujuy" " " \ +"America/Argentina/La_Rioja" " " \ +"America/Argentina/Mendoza" " " \ +"America/Argentina/Rio_Gallegos" " " \ +"America/Argentina/Salta" " " \ +"America/Argentina/San_Juan" " " \ +"America/Argentina/San_Luis" " " \ +"America/Argentina/Tucuman" " " \ +"America/Argentina/Ushuaia" " " \ +"America/Aruba" " " \ +"America/Asuncion" " " \ +"America/Atikokan" " " \ +"America/Atka" " " \ +"America/Bahia" " " \ +"America/Bahia_Banderas" " " \ +"America/Barbados" " " \ +"America/Belem" " " \ +"America/Belize" " " \ +"America/Blanc-Sablon" " " \ +"America/Boa_Vista" " " \ +"America/Bogota" " " \ +"America/Boise" " " \ +"America/Buenos_Aires" " " \ +"America/Cambridge_Bay" " " \ +"America/Campo_Grande" " " \ +"America/Cancun" " " \ +"America/Caracas" " " \ +"America/Catamarca" " " \ +"America/Cayenne" " " \ +"America/Cayman" " " \ +"America/Chicago" " " \ +"America/Chihuahua" " " \ +"America/Coral_Harbour" " " \ +"America/Cordoba" " " \ +"America/Costa_Rica" " " \ +"America/Creston" " " \ +"America/Cuiaba" " " \ +"America/Curacao" " " \ +"America/Danmarkshavn" " " \ +"America/Dawson" " " \ +"America/Dawson_Creek" " " \ +"America/Denver" " " \ +"America/Detroit" " " \ +"America/Dominica" " " \ +"America/Edmonton" " " \ +"America/Eirunepe" " " \ +"America/El_Salvador" " " \ +"America/Ensenada" " " \ +"America/Fort_Nelson" " " \ +"America/Fort_Wayne" " " \ +"America/Fortaleza" " " \ +"America/Glace_Bay" " " \ +"America/Godthab" " " \ +"America/Goose_Bay" " " \ +"America/Grand_Turk" " " \ +"America/Grenada" " " \ +"America/Guadeloupe" " " \ +"America/Guatemala" " " \ +"America/Guayaquil" " " \ +"America/Guyana" " " \ +"America/Halifax" " " \ +"America/Havana" " " \ +"America/Hermosillo" " " \ +"America/Indiana/Indianapolis" " " \ +"America/Indiana/Knox" " " \ +"America/Indiana/Marengo" " " \ +"America/Indiana/Petersburg" " " \ +"America/Indiana/Tell_City" " " \ +"America/Indiana/Vevay" " " \ +"America/Indiana/Vincennes" " " \ +"America/Indiana/Winamac" " " \ +"America/Indianapolis" " " \ +"America/Inuvik" " " \ +"America/Iqaluit" " " \ +"America/Jamaica" " " \ +"America/Jujuy" " " \ +"America/Juneau" " " \ +"America/Kentucky/Louisville" " " \ +"America/Kentucky/Monticello" " " \ +"America/Knox_IN" " " \ +"America/Kralendijk" " " \ +"America/La_Paz" " " \ +"America/Lima" " " \ +"America/Los_Angeles" " " \ +"America/Louisville" " " \ +"America/Lower_Princes" " " \ +"America/Maceio" " " \ +"America/Managua" " " \ +"America/Manaus" " " \ +"America/Marigot" " " \ +"America/Martinique" " " \ +"America/Matamoros" " " \ +"America/Mazatlan" " " \ +"America/Mendoza" " " \ +"America/Menominee" " " \ +"America/Merida" " " \ +"America/Metlakatla" " " \ +"America/Mexico_City" " " \ +"America/Miquelon" " " \ +"America/Moncton" " " \ +"America/Monterrey" " " \ +"America/Montevideo" " " \ +"America/Montreal" " " \ +"America/Montserrat" " " \ +"America/Nassau" " " \ +"America/New_York" " " \ +"America/Nipigon" " " \ +"America/Nome" " " \ +"America/Noronha" " " \ +"America/North_Dakota/Beulah" " " \ +"America/North_Dakota/Center" " " \ +"America/North_Dakota/New_Salem" " " \ +"America/Ojinaga" " " \ +"America/Panama" " " \ +"America/Pangnirtung" " " \ +"America/Paramaribo" " " \ +"America/Phoenix" " " \ +"America/Port-au-Prince" " " \ +"America/Port_of_Spain" " " \ +"America/Porto_Acre" " " \ +"America/Porto_Velho" " " \ +"America/Puerto_Rico" " " \ +"America/Rainy_River" " " \ +"America/Rankin_Inlet" " " \ +"America/Recife" " " \ +"America/Regina" " " \ +"America/Resolute" " " \ +"America/Rio_Branco" " " \ +"America/Rosario" " " \ +"America/Santa_Isabel" " " \ +"America/Santarem" " " \ +"America/Santiago" " " \ +"America/Santo_Domingo" " " \ +"America/Sao_Paulo" " " \ +"America/Scoresbysund" " " \ +"America/Shiprock" " " \ +"America/Sitka" " " \ +"America/St_Barthelemy" " " \ +"America/St_Johns" " " \ +"America/St_Kitts" " " \ +"America/St_Lucia" " " \ +"America/St_Thomas" " " \ +"America/St_Vincent" " " \ +"America/Swift_Current" " " \ +"America/Tegucigalpa" " " \ +"America/Thule" " " \ +"America/Thunder_Bay" " " \ +"America/Tijuana" " " \ +"America/Toronto" " " \ +"America/Tortola" " " \ +"America/Vancouver" " " \ +"America/Virgin" " " \ +"America/Whitehorse" " " \ +"America/Winnipeg" " " \ +"America/Yakutat" " " \ +"America/Yellowknife" " " \ +"Antarctica/Casey" " " \ +"Antarctica/Davis" " " \ +"Antarctica/DumontDUrville" " " \ +"Antarctica/Macquarie" " " \ +"Antarctica/Mawson" " " \ +"Antarctica/McMurdo" " " \ +"Antarctica/Palmer" " " \ +"Antarctica/Rothera" " " \ +"Antarctica/South_Pole" " " \ +"Antarctica/Syowa" " " \ +"Antarctica/Troll" " " \ +"Antarctica/Vostok" " " \ +"Arctic/Longyearbyen" " " \ +"Asia/Aden" " " \ +"Asia/Almaty" " " \ +"Asia/Amman" " " \ +"Asia/Anadyr" " " \ +"Asia/Aqtau" " " \ +"Asia/Aqtobe" " " \ +"Asia/Ashgabat" " " \ +"Asia/Ashkhabad" " " \ +"Asia/Baghdad" " " \ +"Asia/Bahrain" " " \ +"Asia/Baku" " " \ +"Asia/Bangkok" " " \ +"Asia/Beirut" " " \ +"Asia/Bishkek" " " \ +"Asia/Brunei" " " \ +"Asia/Calcutta" " " \ +"Asia/Chita" " " \ +"Asia/Choibalsan" " " \ +"Asia/Chongqing" " " \ +"Asia/Chungking" " " \ +"Asia/Colombo" " " \ +"Asia/Dacca" " " \ +"Asia/Damascus" " " \ +"Asia/Dhaka" " " \ +"Asia/Dili" " " \ +"Asia/Dubai" " " \ +"Asia/Dushanbe" " " \ +"Asia/Gaza" " " \ +"Asia/Harbin" " " \ +"Asia/Hebron" " " \ +"Asia/Ho_Chi_Minh" " " \ +"Asia/Hong_Kong" " " \ +"Asia/Hovd" " " \ +"Asia/Irkutsk" " " \ +"Asia/Istanbul" " " \ +"Asia/Jakarta" " " \ +"Asia/Jayapura" " " \ +"Asia/Jerusalem" " " \ +"Asia/Kabul" " " \ +"Asia/Kamchatka" " " \ +"Asia/Karachi" " " \ +"Asia/Kashgar" " " \ +"Asia/Kathmandu" " " \ +"Asia/Katmandu" " " \ +"Asia/Khandyga" " " \ +"Asia/Kolkata" " " \ +"Asia/Krasnoyarsk" " " \ +"Asia/Kuala_Lumpur" " " \ +"Asia/Kuching" " " \ +"Asia/Kuwait" " " \ +"Asia/Macao" " " \ +"Asia/Macau" " " \ +"Asia/Magadan" " " \ +"Asia/Makassar" " " \ +"Asia/Manila" " " \ +"Asia/Muscat" " " \ +"Asia/Nicosia" " " \ +"Asia/Novokuznetsk" " " \ +"Asia/Novosibirsk" " " \ +"Asia/Omsk" " " \ +"Asia/Oral" " " \ +"Asia/Phnom_Penh" " " \ +"Asia/Pontianak" " " \ +"Asia/Pyongyang" " " \ +"Asia/Qatar" " " \ +"Asia/Qyzylorda" " " \ +"Asia/Rangoon" " " \ +"Asia/Riyadh" " " \ +"Asia/Saigon" " " \ +"Asia/Sakhalin" " " \ +"Asia/Samarkand" " " \ +"Asia/Seoul" " " \ +"Asia/Shanghai" " " \ +"Asia/Singapore" " " \ +"Asia/Srednekolymsk" " " \ +"Asia/Taipei" " " \ +"Asia/Tashkent" " " \ +"Asia/Tbilisi" " " \ +"Asia/Tehran" " " \ +"Asia/Tel_Aviv" " " \ +"Asia/Thimbu" " " \ +"Asia/Thimphu" " " \ +"Asia/Tokyo" " " \ +"Asia/Ujung_Pandang" " " \ +"Asia/Ulaanbaatar" " " \ +"Asia/Ulan_Bator" " " \ +"Asia/Urumqi" " " \ +"Asia/Ust-Nera" " " \ +"Asia/Vientiane" " " \ +"Asia/Vladivostok" " " \ +"Asia/Yakutsk" " " \ +"Asia/Yekaterinburg" " " \ +"Asia/Yerevan" " " \ +"Atlantic/Azores" " " \ +"Atlantic/Bermuda" " " \ +"Atlantic/Canary" " " \ +"Atlantic/Cape_Verde" " " \ +"Atlantic/Faeroe" " " \ +"Atlantic/Faroe" " " \ +"Atlantic/Jan_Mayen" " " \ +"Atlantic/Madeira" " " \ +"Atlantic/Reykjavik" " " \ +"Atlantic/South_Georgia" " " \ +"Atlantic/St_Helena" " " \ +"Atlantic/Stanley" " " \ +"Australia/ACT" " " \ +"Australia/Adelaide" " " \ +"Australia/Brisbane" " " \ +"Australia/Broken_Hill" " " \ +"Australia/Canberra" " " \ +"Australia/Currie" " " \ +"Australia/Darwin" " " \ +"Australia/Eucla" " " \ +"Australia/Hobart" " " \ +"Australia/LHI" " " \ +"Australia/Lindeman" " " \ +"Australia/Lord_Howe" " " \ +"Australia/Melbourne" " " \ +"Australia/NSW" " " \ +"Australia/North" " " \ +"Australia/Perth" " " \ +"Australia/Queensland" " " \ +"Australia/South" " " \ +"Australia/Sydney" " " \ +"Australia/Tasmania" " " \ +"Australia/Victoria" " " \ +"Australia/West" " " \ +"Australia/Yancowinna" " " \ +"Brazil/Acre" " " \ +"Brazil/DeNoronha" " " \ +"Brazil/East" " " \ +"Brazil/West" " " \ +"CET" " " \ +"CST6CDT" " " \ +"Canada/Atlantic" " " \ +"Canada/Central" " " \ +"Canada/East-Saskatchewan" " " \ +"Canada/Eastern" " " \ +"Canada/Mountain" " " \ +"Canada/Newfoundland" " " \ +"Canada/Pacific" " " \ +"Canada/Saskatchewan" " " \ +"Canada/Yukon" " " \ +"Chile/Continental" " " \ +"Chile/EasterIsland" " " \ +"Cuba" " " \ +"EET" " " \ +"EST" " " \ +"EST5EDT" " " \ +"Egypt" " " \ +"Eire" " " \ +"Etc/GMT" " " \ +"Etc/GMT+0" " " \ +"Etc/GMT+1" " " \ +"Etc/GMT+10" " " \ +"Etc/GMT+11" " " \ +"Etc/GMT+12" " " \ +"Etc/GMT+2" " " \ +"Etc/GMT+3" " " \ +"Etc/GMT+4" " " \ +"Etc/GMT+5" " " \ +"Etc/GMT+6" " " \ +"Etc/GMT+7" " " \ +"Etc/GMT+8" " " \ +"Etc/GMT+9" " " \ +"Etc/GMT-0" " " \ +"Etc/GMT-1" " " \ +"Etc/GMT-10" " " \ +"Etc/GMT-11" " " \ +"Etc/GMT-12" " " \ +"Etc/GMT-13" " " \ +"Etc/GMT-14" " " \ +"Etc/GMT-2" " " \ +"Etc/GMT-3" " " \ +"Etc/GMT-4" " " \ +"Etc/GMT-5" " " \ +"Etc/GMT-6" " " \ +"Etc/GMT-7" " " \ +"Etc/GMT-8" " " \ +"Etc/GMT-9" " " \ +"Etc/GMT0" " " \ +"Etc/Greenwich" " " \ +"Etc/UCT" " " \ +"Etc/UTC" " " \ +"Etc/Universal" " " \ +"Etc/Zulu" " " \ +"Europe/Amsterdam" " " \ +"Europe/Andorra" " " \ +"Europe/Athens" " " \ +"Europe/Belfast" " " \ +"Europe/Belgrade" " " \ +"Europe/Berlin" " " \ +"Europe/Bratislava" " " \ +"Europe/Brussels" " " \ +"Europe/Bucharest" " " \ +"Europe/Budapest" " " \ +"Europe/Busingen" " " \ +"Europe/Chisinau" " " \ +"Europe/Copenhagen" " " \ +"Europe/Dublin" " " \ +"Europe/Gibraltar" " " \ +"Europe/Guernsey" " " \ +"Europe/Helsinki" " " \ +"Europe/Isle_of_Man" " " \ +"Europe/Istanbul" " " \ +"Europe/Jersey" " " \ +"Europe/Kaliningrad" " " \ +"Europe/Kiev" " " \ +"Europe/Lisbon" " " \ +"Europe/Ljubljana" " " \ +"Europe/London" " " \ +"Europe/Luxembourg" " " \ +"Europe/Madrid" " " \ +"Europe/Malta" " " \ +"Europe/Mariehamn" " " \ +"Europe/Minsk" " " \ +"Europe/Monaco" " " \ +"Europe/Moscow" " " \ +"Europe/Nicosia" " " \ +"Europe/Oslo" " " \ +"Europe/Paris" " " \ +"Europe/Podgorica" " " \ +"Europe/Prague" " " \ +"Europe/Riga" " " \ +"Europe/Rome" " " \ +"Europe/Samara" " " \ +"Europe/San_Marino" " " \ +"Europe/Sarajevo" " " \ +"Europe/Simferopol" " " \ +"Europe/Skopje" " " \ +"Europe/Sofia" " " \ +"Europe/Stockholm" " " \ +"Europe/Tallinn" " " \ +"Europe/Tirane" " " \ +"Europe/Tiraspol" " " \ +"Europe/Uzhgorod" " " \ +"Europe/Vaduz" " " \ +"Europe/Vatican" " " \ +"Europe/Vienna" " " \ +"Europe/Vilnius" " " \ +"Europe/Volgograd" " " \ +"Europe/Warsaw" " " \ +"Europe/Zagreb" " " \ +"Europe/Zaporozhye" " " \ +"Europe/Zurich" " " \ +"Factory" " " \ +"GB" " " \ +"GB-Eire" " " \ +"GMT" " " \ +"GMT+0" " " \ +"GMT-0" " " \ +"GMT0" " " \ +"Greenwich" " " \ +"HST" " " \ +"Hongkong" " " \ +"Iceland" " " \ +"Indian/Antananarivo" " " \ +"Indian/Chagos" " " \ +"Indian/Christmas" " " \ +"Indian/Cocos" " " \ +"Indian/Comoro" " " \ +"Indian/Kerguelen" " " \ +"Indian/Mahe" " " \ +"Indian/Maldives" " " \ +"Indian/Mauritius" " " \ +"Indian/Mayotte" " " \ +"Indian/Reunion" " " \ +"Iran" " " \ +"Israel" " " \ +"Jamaica" " " \ +"Japan" " " \ +"Kwajalein" " " \ +"Libya" " " \ +"MET" " " \ +"MST" " " \ +"MST7MDT" " " \ +"Mexico/BajaNorte" " " \ +"Mexico/BajaSur" " " \ +"Mexico/General" " " \ +"NZ" " " \ +"NZ-CHAT" " " \ +"Navajo" " " \ +"PRC" " " \ +"PST8PDT" " " \ +"Pacific/Apia" " " \ +"Pacific/Auckland" " " \ +"Pacific/Bougainville" " " \ +"Pacific/Chatham" " " \ +"Pacific/Chuuk" " " \ +"Pacific/Easter" " " \ +"Pacific/Efate" " " \ +"Pacific/Enderbury" " " \ +"Pacific/Fakaofo" " " \ +"Pacific/Fiji" " " \ +"Pacific/Funafuti" " " \ +"Pacific/Galapagos" " " \ +"Pacific/Gambier" " " \ +"Pacific/Guadalcanal" " " \ +"Pacific/Guam" " " \ +"Pacific/Honolulu" " " \ +"Pacific/Johnston" " " \ +"Pacific/Kiritimati" " " \ +"Pacific/Kosrae" " " \ +"Pacific/Kwajalein" " " \ +"Pacific/Majuro" " " \ +"Pacific/Marquesas" " " \ +"Pacific/Midway" " " \ +"Pacific/Nauru" " " \ +"Pacific/Niue" " " \ +"Pacific/Norfolk" " " \ +"Pacific/Noumea" " " \ +"Pacific/Pago_Pago" " " \ +"Pacific/Palau" " " \ +"Pacific/Pitcairn" " " \ +"Pacific/Pohnpei" " " \ +"Pacific/Ponape" " " \ +"Pacific/Port_Moresby" " " \ +"Pacific/Rarotonga" " " \ +"Pacific/Saipan" " " \ +"Pacific/Samoa" " " \ +"Pacific/Tahiti" " " \ +"Pacific/Tarawa" " " \ +"Pacific/Tongatapu" " " \ +"Pacific/Truk" " " \ +"Pacific/Wake" " " \ +"Pacific/Wallis" " " \ +"Pacific/Yap" " " \ +"Poland" " " \ +"Portugal" " " \ +"ROC" " " \ +"ROK" " " \ +"Singapore" " " \ +"Turkey" " " \ +"UCT" " " \ +"UTC" " " \ +"Universal" " " \ +"W-SU" " " \ +"WET" " " \ +"Zulu" " " \ +"posixrules" " " \ + 2> $TMP/tz + + if [ $? = 1 -o $? = 255 ]; then + rm -f $TMP/tz + exit + fi + + TIMEZONE="`cat $TMP/tz`" + rm -f $TMP/tz + + setzone $TIMEZONE + exit +else + ### + ### use text prompts + ### + while [ 0 ]; do + echo -n "Would you like to configure your timezone ([y]es, [n]o)? " + read TIMECONF; + echo + + if [ "$TIMECONF" = "n" ]; then + break + fi + + cat << EOF +Select one of these timezones: + +US/Alaska +US/Aleutian +US/Arizona +US/Central +US/East-Indiana +US/Eastern +US/Hawaii +US/Indiana-Starke +US/Michigan +US/Mountain +US/Pacific +US/Pacific-New +US/Samoa +Africa/Abidjan +Africa/Accra +Africa/Addis_Ababa +Africa/Algiers +Africa/Asmara +Africa/Asmera +Africa/Bamako +Africa/Bangui +Africa/Banjul +Africa/Bissau +Africa/Blantyre +Africa/Brazzaville +Africa/Bujumbura +Africa/Cairo +Africa/Casablanca +Africa/Ceuta +Africa/Conakry +Africa/Dakar +Africa/Dar_es_Salaam +Africa/Djibouti +Africa/Douala +Africa/El_Aaiun +Africa/Freetown +Africa/Gaborone +Africa/Harare +Africa/Johannesburg +Africa/Juba +Africa/Kampala +Africa/Khartoum +Africa/Kigali +Africa/Kinshasa +Africa/Lagos +Africa/Libreville +Africa/Lome +Africa/Luanda +Africa/Lubumbashi +Africa/Lusaka +Africa/Malabo +Africa/Maputo +Africa/Maseru +Africa/Mbabane +Africa/Mogadishu +Africa/Monrovia +Africa/Nairobi +Africa/Ndjamena +Africa/Niamey +Africa/Nouakchott +Africa/Ouagadougou +Africa/Porto-Novo +Africa/Sao_Tome +Africa/Timbuktu +Africa/Tripoli +Africa/Tunis +Africa/Windhoek +America/Adak +America/Anchorage +America/Anguilla +America/Antigua +America/Araguaina +America/Argentina/Buenos_Aires +America/Argentina/Catamarca +America/Argentina/ComodRivadavia +America/Argentina/Cordoba +America/Argentina/Jujuy +America/Argentina/La_Rioja +America/Argentina/Mendoza +America/Argentina/Rio_Gallegos +America/Argentina/Salta +America/Argentina/San_Juan +America/Argentina/San_Luis +America/Argentina/Tucuman +America/Argentina/Ushuaia +America/Aruba +America/Asuncion +America/Atikokan +America/Atka +America/Bahia +America/Bahia_Banderas +America/Barbados +America/Belem +America/Belize +America/Blanc-Sablon +America/Boa_Vista +America/Bogota +America/Boise +America/Buenos_Aires +America/Cambridge_Bay +America/Campo_Grande +America/Cancun +America/Caracas +America/Catamarca +America/Cayenne +America/Cayman +America/Chicago +America/Chihuahua +America/Coral_Harbour +America/Cordoba +America/Costa_Rica +America/Creston +America/Cuiaba +America/Curacao +America/Danmarkshavn +America/Dawson +America/Dawson_Creek +America/Denver +America/Detroit +America/Dominica +America/Edmonton +America/Eirunepe +America/El_Salvador +America/Ensenada +America/Fort_Nelson +America/Fort_Wayne +America/Fortaleza +America/Glace_Bay +America/Godthab +America/Goose_Bay +America/Grand_Turk +America/Grenada +America/Guadeloupe +America/Guatemala +America/Guayaquil +America/Guyana +America/Halifax +America/Havana +America/Hermosillo +America/Indiana/Indianapolis +America/Indiana/Knox +America/Indiana/Marengo +America/Indiana/Petersburg +America/Indiana/Tell_City +America/Indiana/Vevay +America/Indiana/Vincennes +America/Indiana/Winamac +America/Indianapolis +America/Inuvik +America/Iqaluit +America/Jamaica +America/Jujuy +America/Juneau +America/Kentucky/Louisville +America/Kentucky/Monticello +America/Knox_IN +America/Kralendijk +America/La_Paz +America/Lima +America/Los_Angeles +America/Louisville +America/Lower_Princes +America/Maceio +America/Managua +America/Manaus +America/Marigot +America/Martinique +America/Matamoros +America/Mazatlan +America/Mendoza +America/Menominee +America/Merida +America/Metlakatla +America/Mexico_City +America/Miquelon +America/Moncton +America/Monterrey +America/Montevideo +America/Montreal +America/Montserrat +America/Nassau +America/New_York +America/Nipigon +America/Nome +America/Noronha +America/North_Dakota/Beulah +America/North_Dakota/Center +America/North_Dakota/New_Salem +America/Ojinaga +America/Panama +America/Pangnirtung +America/Paramaribo +America/Phoenix +America/Port-au-Prince +America/Port_of_Spain +America/Porto_Acre +America/Porto_Velho +America/Puerto_Rico +America/Rainy_River +America/Rankin_Inlet +America/Recife +America/Regina +America/Resolute +America/Rio_Branco +America/Rosario +America/Santa_Isabel +America/Santarem +America/Santiago +America/Santo_Domingo +America/Sao_Paulo +America/Scoresbysund +America/Shiprock +America/Sitka +America/St_Barthelemy +America/St_Johns +America/St_Kitts +America/St_Lucia +America/St_Thomas +America/St_Vincent +America/Swift_Current +America/Tegucigalpa +America/Thule +America/Thunder_Bay +America/Tijuana +America/Toronto +America/Tortola +America/Vancouver +America/Virgin +America/Whitehorse +America/Winnipeg +America/Yakutat +America/Yellowknife +Antarctica/Casey +Antarctica/Davis +Antarctica/DumontDUrville +Antarctica/Macquarie +Antarctica/Mawson +Antarctica/McMurdo +Antarctica/Palmer +Antarctica/Rothera +Antarctica/South_Pole +Antarctica/Syowa +Antarctica/Troll +Antarctica/Vostok +Arctic/Longyearbyen +Asia/Aden +Asia/Almaty +Asia/Amman +Asia/Anadyr +Asia/Aqtau +Asia/Aqtobe +Asia/Ashgabat +Asia/Ashkhabad +Asia/Baghdad +Asia/Bahrain +Asia/Baku +Asia/Bangkok +Asia/Beirut +Asia/Bishkek +Asia/Brunei +Asia/Calcutta +Asia/Chita +Asia/Choibalsan +Asia/Chongqing +Asia/Chungking +Asia/Colombo +Asia/Dacca +Asia/Damascus +Asia/Dhaka +Asia/Dili +Asia/Dubai +Asia/Dushanbe +Asia/Gaza +Asia/Harbin +Asia/Hebron +Asia/Ho_Chi_Minh +Asia/Hong_Kong +Asia/Hovd +Asia/Irkutsk +Asia/Istanbul +Asia/Jakarta +Asia/Jayapura +Asia/Jerusalem +Asia/Kabul +Asia/Kamchatka +Asia/Karachi +Asia/Kashgar +Asia/Kathmandu +Asia/Katmandu +Asia/Khandyga +Asia/Kolkata +Asia/Krasnoyarsk +Asia/Kuala_Lumpur +Asia/Kuching +Asia/Kuwait +Asia/Macao +Asia/Macau +Asia/Magadan +Asia/Makassar +Asia/Manila +Asia/Muscat +Asia/Nicosia +Asia/Novokuznetsk +Asia/Novosibirsk +Asia/Omsk +Asia/Oral +Asia/Phnom_Penh +Asia/Pontianak +Asia/Pyongyang +Asia/Qatar +Asia/Qyzylorda +Asia/Rangoon +Asia/Riyadh +Asia/Saigon +Asia/Sakhalin +Asia/Samarkand +Asia/Seoul +Asia/Shanghai +Asia/Singapore +Asia/Srednekolymsk +Asia/Taipei +Asia/Tashkent +Asia/Tbilisi +Asia/Tehran +Asia/Tel_Aviv +Asia/Thimbu +Asia/Thimphu +Asia/Tokyo +Asia/Ujung_Pandang +Asia/Ulaanbaatar +Asia/Ulan_Bator +Asia/Urumqi +Asia/Ust-Nera +Asia/Vientiane +Asia/Vladivostok +Asia/Yakutsk +Asia/Yekaterinburg +Asia/Yerevan +Atlantic/Azores +Atlantic/Bermuda +Atlantic/Canary +Atlantic/Cape_Verde +Atlantic/Faeroe +Atlantic/Faroe +Atlantic/Jan_Mayen +Atlantic/Madeira +Atlantic/Reykjavik +Atlantic/South_Georgia +Atlantic/St_Helena +Atlantic/Stanley +Australia/ACT +Australia/Adelaide +Australia/Brisbane +Australia/Broken_Hill +Australia/Canberra +Australia/Currie +Australia/Darwin +Australia/Eucla +Australia/Hobart +Australia/LHI +Australia/Lindeman +Australia/Lord_Howe +Australia/Melbourne +Australia/NSW +Australia/North +Australia/Perth +Australia/Queensland +Australia/South +Australia/Sydney +Australia/Tasmania +Australia/Victoria +Australia/West +Australia/Yancowinna +Brazil/Acre +Brazil/DeNoronha +Brazil/East +Brazil/West +CET +CST6CDT +Canada/Atlantic +Canada/Central +Canada/East-Saskatchewan +Canada/Eastern +Canada/Mountain +Canada/Newfoundland +Canada/Pacific +Canada/Saskatchewan +Canada/Yukon +Chile/Continental +Chile/EasterIsland +Cuba +EET +EST +EST5EDT +Egypt +Eire +Etc/GMT +Etc/GMT+0 +Etc/GMT+1 +Etc/GMT+10 +Etc/GMT+11 +Etc/GMT+12 +Etc/GMT+2 +Etc/GMT+3 +Etc/GMT+4 +Etc/GMT+5 +Etc/GMT+6 +Etc/GMT+7 +Etc/GMT+8 +Etc/GMT+9 +Etc/GMT-0 +Etc/GMT-1 +Etc/GMT-10 +Etc/GMT-11 +Etc/GMT-12 +Etc/GMT-13 +Etc/GMT-14 +Etc/GMT-2 +Etc/GMT-3 +Etc/GMT-4 +Etc/GMT-5 +Etc/GMT-6 +Etc/GMT-7 +Etc/GMT-8 +Etc/GMT-9 +Etc/GMT0 +Etc/Greenwich +Etc/UCT +Etc/UTC +Etc/Universal +Etc/Zulu +Europe/Amsterdam +Europe/Andorra +Europe/Athens +Europe/Belfast +Europe/Belgrade +Europe/Berlin +Europe/Bratislava +Europe/Brussels +Europe/Bucharest +Europe/Budapest +Europe/Busingen +Europe/Chisinau +Europe/Copenhagen +Europe/Dublin +Europe/Gibraltar +Europe/Guernsey +Europe/Helsinki +Europe/Isle_of_Man +Europe/Istanbul +Europe/Jersey +Europe/Kaliningrad +Europe/Kiev +Europe/Lisbon +Europe/Ljubljana +Europe/London +Europe/Luxembourg +Europe/Madrid +Europe/Malta +Europe/Mariehamn +Europe/Minsk +Europe/Monaco +Europe/Moscow +Europe/Nicosia +Europe/Oslo +Europe/Paris +Europe/Podgorica +Europe/Prague +Europe/Riga +Europe/Rome +Europe/Samara +Europe/San_Marino +Europe/Sarajevo +Europe/Simferopol +Europe/Skopje +Europe/Sofia +Europe/Stockholm +Europe/Tallinn +Europe/Tirane +Europe/Tiraspol +Europe/Uzhgorod +Europe/Vaduz +Europe/Vatican +Europe/Vienna +Europe/Vilnius +Europe/Volgograd +Europe/Warsaw +Europe/Zagreb +Europe/Zaporozhye +Europe/Zurich +Factory +GB +GB-Eire +GMT +GMT+0 +GMT-0 +GMT0 +Greenwich +HST +Hongkong +Iceland +Indian/Antananarivo +Indian/Chagos +Indian/Christmas +Indian/Cocos +Indian/Comoro +Indian/Kerguelen +Indian/Mahe +Indian/Maldives +Indian/Mauritius +Indian/Mayotte +Indian/Reunion +Iran +Israel +Jamaica +Japan +Kwajalein +Libya +MET +MST +MST7MDT +Mexico/BajaNorte +Mexico/BajaSur +Mexico/General +NZ +NZ-CHAT +Navajo +PRC +PST8PDT +Pacific/Apia +Pacific/Auckland +Pacific/Bougainville +Pacific/Chatham +Pacific/Chuuk +Pacific/Easter +Pacific/Efate +Pacific/Enderbury +Pacific/Fakaofo +Pacific/Fiji +Pacific/Funafuti +Pacific/Galapagos +Pacific/Gambier +Pacific/Guadalcanal +Pacific/Guam +Pacific/Honolulu +Pacific/Johnston +Pacific/Kiritimati +Pacific/Kosrae +Pacific/Kwajalein +Pacific/Majuro +Pacific/Marquesas +Pacific/Midway +Pacific/Nauru +Pacific/Niue +Pacific/Norfolk +Pacific/Noumea +Pacific/Pago_Pago +Pacific/Palau +Pacific/Pitcairn +Pacific/Pohnpei +Pacific/Ponape +Pacific/Port_Moresby +Pacific/Rarotonga +Pacific/Saipan +Pacific/Samoa +Pacific/Tahiti +Pacific/Tarawa +Pacific/Tongatapu +Pacific/Truk +Pacific/Wake +Pacific/Wallis +Pacific/Yap +Poland +Portugal +ROC +ROK +Singapore +Turkey +UCT +UTC +Universal +W-SU +WET +Zulu +posixrules + +Type it at the prompt below exactly as it appears above. (NOTE: If you don't +see your timezone, use "timeconfig" again after booting for the verbose list) + +EOF + echo -n "Timezone? " + read TIMEZONE; + echo + + if [ -n "$TIMEZONE" -a \ + -r $T_PX/usr/share/zoneinfo/$TIMEZONE -o \ + -r /var/log/mount/usr/share/zoneinfo/$TIMEZONE -o \ + -L $T_PX/usr/share/zoneinfo/$TIMEZONE -o \ + -L /var/log/mount/usr/share/zoneinfo/$TIMEZONE ]; then + echo "Creating link from $TIMEZONE to localtime in /etc..." + echo + setzone $TIMEZONE + exit + else + cat << EOF + +Timezone $TIMEZONE could not be found. You may try again if you wish. +Make sure you type the name exactly as it appears - this configuration script +is case sensitive. + +Press [enter] to continue. + +EOF + read JUNK; + fi + done +fi + diff --git a/patches/source/glibc/doinst.sh-glibc b/patches/source/glibc/doinst.sh-glibc new file mode 100644 index 00000000..ffc066e8 --- /dev/null +++ b/patches/source/glibc/doinst.sh-glibc @@ -0,0 +1,192 @@ +#!/bin/sh +# Copyright (C) 2002, 2005 Slackware Linux, Inc. +# Copyright 2005, 2006, 2007 Patrick J. Volkerding, Sebeka, Minnesota, USA +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# Swap glibc on the fly. +# +# If we're on a running system we have to handle this _very_ carefully. :-) +# The tricks involved here get trickier every time... + +# OK, now we have to be sure of a few things. First, you do have a 2.6 +# kernel running, right? + +if [ -r /proc/ksyms ]; then + echo "FATAL: you need to be running a 2.6.x kernel in order to upgrade" + echo "to this version of glibc." + echo + sleep 999 + exit 1 +fi + +# Next, stop using the /lib/ntpl libraries. These are now obsolete and +# will break the installation if present: +if [ -d lib/tls ]; then + mkdir -p lib/obsolete + mv lib/tls lib/obsolete +fi +if [ -x sbin/ldconfig ]; then + sbin/ldconfig -r . +fi + +# Install NPTL glibc libraries: +if [ -x /sbin/ldconfig -a -d lib/incoming ]; then # swap on the fly + # First create copies of the incoming libraries: + ( cd lib/incoming + for file in * ; do + if [ ! -r ../${file}.incoming ]; then + cp -a $file ../${file}.incoming + fi + done + ) + # Then switch to them all at once: + /sbin/ldconfig -l lib/*.incoming 2> /dev/null + # Finally, rename them and clean up: + ( cd lib + for file in *.incoming ; do + rm -f `basename $file .incoming` + cp -a $file `basename $file .incoming` + /sbin/ldconfig -l `basename $file .incoming` + rm -f $file + done + ) +else # no ldconfig? Good, it's safe to just jam it on home (and make links below): + ( cd lib/incoming + for file in * ; do + cp -a $file .. + done + ) +fi +# Now, get rid of the temporary directory: +rm -rf lib/incoming +# Done installing NPTL glibc libraries. + +# Timezone stuff: +if [ -L etc/localtime -a ! -r etc/localtime-copied-from ]; then + mv etc/localtime etc/localtime-copied-from + chroot . /bin/cp etc/localtime-copied-from etc/localtime +fi +# Add the default timezone in /etc, if none exists: +if [ ! -r etc/localtime ]; then + ( cd etc ; rm -rf localtime localtime-copied-from ) + ( cd etc ; ln -sf /usr/share/zoneinfo/Factory localtime-copied-from ) + chroot . /bin/cp etc/localtime-copied-from etc/localtime +fi +# Add the default link in /usr/share/zoneinfo, if none exists: +if [ ! -L usr/share/zoneinfo/localtime ]; then + ( cd usr/share/zoneinfo ; rm -rf localtime ) + ( cd usr/share/zoneinfo ; ln -sf /etc/localtime localtime ) +fi +( cd usr/share/zoneinfo ; rm -rf timeconfig ) +( cd usr/share/zoneinfo ; ln -sf /usr/sbin/timeconfig timeconfig ) + +# Handle config files: +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/nscd.conf.new +config etc/profile.d/glibc.csh.new +config etc/profile.d/glibc.sh.new +# Clearly you already decided this issue. :-) +rm -f etc/profile.d/glibc.csh.new +rm -f etc/profile.d/glibc.sh.new + +# In case there's no ldconfig, make the links manually: +if [ ! -x /sbin/ldconfig ]; then +( cd lib ; rm -rf libnss_nis.so.2 ) +( cd lib ; ln -sf libnss_nis-2.11.1.so libnss_nis.so.2 ) +( cd lib ; rm -rf libm.so.6 ) +( cd lib ; ln -sf libm-2.11.1.so libm.so.6 ) +( cd lib ; rm -rf libnss_files.so.2 ) +( cd lib ; ln -sf libnss_files-2.11.1.so libnss_files.so.2 ) +( cd lib ; rm -rf libresolv.so.2 ) +( cd lib ; ln -sf libresolv-2.11.1.so libresolv.so.2 ) +( cd lib ; rm -rf libnsl.so.1 ) +( cd lib ; ln -sf libnsl-2.11.1.so libnsl.so.1 ) +( cd lib ; rm -rf libutil.so.1 ) +( cd lib ; ln -sf libutil-2.11.1.so libutil.so.1 ) +( cd lib ; rm -rf libnss_compat.so.2 ) +( cd lib ; ln -sf libnss_compat-2.11.1.so libnss_compat.so.2 ) +( cd lib ; rm -rf libthread_db.so.1 ) +( cd lib ; ln -sf libthread_db-1.0.so libthread_db.so.1 ) +( cd lib ; rm -rf libnss_hesiod.so.2 ) +( cd lib ; ln -sf libnss_hesiod-2.11.1.so libnss_hesiod.so.2 ) +( cd lib ; rm -rf libanl.so.1 ) +( cd lib ; ln -sf libanl-2.11.1.so libanl.so.1 ) +( cd lib ; rm -rf libcrypt.so.1 ) +( cd lib ; ln -sf libcrypt-2.11.1.so libcrypt.so.1 ) +( cd lib ; rm -rf libBrokenLocale.so.1 ) +( cd lib ; ln -sf libBrokenLocale-2.11.1.so libBrokenLocale.so.1 ) +( cd lib ; rm -rf ld-linux.so.2 ) +( cd lib ; ln -sf ld-2.11.1.so ld-linux.so.2 ) +( cd lib ; rm -rf libdl.so.2 ) +( cd lib ; ln -sf libdl-2.11.1.so libdl.so.2 ) +( cd lib ; rm -rf libnss_dns.so.2 ) +( cd lib ; ln -sf libnss_dns-2.11.1.so libnss_dns.so.2 ) +( cd lib ; rm -rf libpthread.so.0 ) +( cd lib ; ln -sf libpthread-2.11.1.so libpthread.so.0 ) +( cd lib ; rm -rf libnss_nisplus.so.2 ) +( cd lib ; ln -sf libnss_nisplus-2.11.1.so libnss_nisplus.so.2 ) +( cd lib ; rm -rf libc.so.6 ) +( cd lib ; ln -sf libc-2.11.1.so libc.so.6 ) +( cd lib ; rm -rf librt.so.1 ) +( cd lib ; ln -sf librt-2.11.1.so librt.so.1 ) +fi + +# More links: +( cd usr/lib ; rm -rf libnss_nisplus.so ) +( cd usr/lib ; ln -sf ../../lib/libnss_nisplus.so.2 libnss_nisplus.so ) +# This is now a linker script: +#( cd usr/lib ; rm -rf libpthread.so ) +#( cd usr/lib ; ln -sf ../../lib/libpthread.so.0 libpthread.so ) +( cd usr/lib ; rm -rf libresolv.so ) +( cd usr/lib ; ln -sf ../../lib/libresolv.so.2 libresolv.so ) +( cd usr/lib ; rm -rf libnsl.so ) +( cd usr/lib ; ln -sf ../../lib/libnsl.so.1 libnsl.so ) +( cd usr/lib ; rm -rf libnss_hesiod.so ) +( cd usr/lib ; ln -sf ../../lib/libnss_hesiod.so.2 libnss_hesiod.so ) +( cd usr/lib ; rm -rf libnss_files.so ) +( cd usr/lib ; ln -sf ../../lib/libnss_files.so.2 libnss_files.so ) +( cd usr/lib ; rm -rf libm.so ) +( cd usr/lib ; ln -sf ../../lib/libm.so.6 libm.so ) +( cd usr/lib ; rm -rf libutil.so ) +( cd usr/lib ; ln -sf ../../lib/libutil.so.1 libutil.so ) +( cd usr/lib ; rm -rf libnss_compat.so ) +( cd usr/lib ; ln -sf ../../lib/libnss_compat.so.2 libnss_compat.so ) +( cd usr/lib ; rm -rf libthread_db.so ) +( cd usr/lib ; ln -sf ../../lib/libthread_db.so.1 libthread_db.so ) +( cd usr/lib ; rm -rf libcrypt.so ) +( cd usr/lib ; ln -sf ../../lib/libcrypt.so.1 libcrypt.so ) +( cd usr/lib ; rm -rf libBrokenLocale.so ) +( cd usr/lib ; ln -sf ../../lib/libBrokenLocale.so.1 libBrokenLocale.so ) +( cd usr/lib ; rm -rf libdl.so ) +( cd usr/lib ; ln -sf ../../lib/libdl.so.2 libdl.so ) +( cd usr/lib ; rm -rf libnss_dns.so ) +( cd usr/lib ; ln -sf ../../lib/libnss_dns.so.2 libnss_dns.so ) +( cd usr/lib ; rm -rf librt.so ) +( cd usr/lib ; ln -sf ../../lib/librt.so.1 librt.so ) +( cd usr/lib ; rm -rf libanl.so ) +( cd usr/lib ; ln -sf ../../lib/libanl.so.1 libanl.so ) +( cd usr/lib ; rm -rf libnss_nis.so ) +( cd usr/lib ; ln -sf ../../lib/libnss_nis.so.2 libnss_nis.so ) +( cd usr/share/zoneinfo ; rm -rf localtime ) +( cd usr/share/zoneinfo ; ln -sf /etc/localtime localtime ) +( cd bin ; rm -rf sln ) +( cd bin ; ln -sf /sbin/sln sln ) diff --git a/patches/source/glibc/doinst.sh-glibc-solibs b/patches/source/glibc/doinst.sh-glibc-solibs new file mode 100644 index 00000000..a186da99 --- /dev/null +++ b/patches/source/glibc/doinst.sh-glibc-solibs @@ -0,0 +1,131 @@ +#!/bin/sh +# Copyright (C) 2002, 2005 Slackware Linux, Inc. +# Copyright 2005, 2006 Patrick J. Volkerding, Sebeka, Minnesota, USA +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# Swap glibc on the fly. +# +# If we're on a running system we have to handle this _very_ carefully. :-) +# The tricks involved here get trickier every time... + +# OK, now we have to be sure of a few things. First, you do have a 2.6 +# kernel running, right? + +if [ -r /proc/ksyms ]; then + echo "FATAL: you need to be running a 2.6.x kernel in order to upgrade" + echo "to this version of glibc." + echo + sleep 999 + exit 1 +fi + +# Next, stop using the /lib/ntpl libraries. These are now obsolete and +# will break the installation if present: +if [ -d lib/tls ]; then + mkdir -p lib/obsolete + mv lib/tls lib/obsolete +fi +if [ -x sbin/ldconfig ]; then + sbin/ldconfig -r . +fi + +# Install NPTL glibc libraries: +if [ -x /sbin/ldconfig -a -d lib/incoming ]; then # swap on the fly + # First create copies of the incoming libraries: + ( cd lib/incoming + for file in * ; do + if [ ! -r ../${file}.incoming ]; then + cp -a $file ../${file}.incoming + fi + done + ) + # Then switch to them all at once: + /sbin/ldconfig -l lib/*.incoming 2> /dev/null + # Finally, rename them and clean up: + ( cd lib + for file in *.incoming ; do + rm -f `basename $file .incoming` + cp -a $file `basename $file .incoming` + /sbin/ldconfig -l `basename $file .incoming` + rm -f $file + done + ) +else # no ldconfig? Good, it's safe to just jam it on home (and make links below): + ( cd lib/incoming + for file in * ; do + cp -a $file .. + done + ) +fi +# Now, get rid of the temporary directory: +rm -rf lib/incoming +# Done installing NPTL glibc libraries. + +# Handle config files: +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/profile.d/glibc.csh.new +config etc/profile.d/glibc.sh.new +# Clearly you already decided this issue. :-) +rm -f etc/profile.d/glibc.csh.new +rm -f etc/profile.d/glibc.sh.new + +# In case there's no ldconfig, make the links manually: +if [ ! -x /sbin/ldconfig ]; then +( cd lib ; rm -rf libnss_nis.so.2 ) +( cd lib ; ln -sf libnss_nis-2.11.1.so libnss_nis.so.2 ) +( cd lib ; rm -rf libm.so.6 ) +( cd lib ; ln -sf libm-2.11.1.so libm.so.6 ) +( cd lib ; rm -rf libnss_files.so.2 ) +( cd lib ; ln -sf libnss_files-2.11.1.so libnss_files.so.2 ) +( cd lib ; rm -rf libresolv.so.2 ) +( cd lib ; ln -sf libresolv-2.11.1.so libresolv.so.2 ) +( cd lib ; rm -rf libnsl.so.1 ) +( cd lib ; ln -sf libnsl-2.11.1.so libnsl.so.1 ) +( cd lib ; rm -rf libutil.so.1 ) +( cd lib ; ln -sf libutil-2.11.1.so libutil.so.1 ) +( cd lib ; rm -rf libnss_compat.so.2 ) +( cd lib ; ln -sf libnss_compat-2.11.1.so libnss_compat.so.2 ) +( cd lib ; rm -rf libthread_db.so.1 ) +( cd lib ; ln -sf libthread_db-1.0.so libthread_db.so.1 ) +( cd lib ; rm -rf libnss_hesiod.so.2 ) +( cd lib ; ln -sf libnss_hesiod-2.11.1.so libnss_hesiod.so.2 ) +( cd lib ; rm -rf libanl.so.1 ) +( cd lib ; ln -sf libanl-2.11.1.so libanl.so.1 ) +( cd lib ; rm -rf libcrypt.so.1 ) +( cd lib ; ln -sf libcrypt-2.11.1.so libcrypt.so.1 ) +( cd lib ; rm -rf libBrokenLocale.so.1 ) +( cd lib ; ln -sf libBrokenLocale-2.11.1.so libBrokenLocale.so.1 ) +( cd lib ; rm -rf ld-linux.so.2 ) +( cd lib ; ln -sf ld-2.11.1.so ld-linux.so.2 ) +( cd lib ; rm -rf libdl.so.2 ) +( cd lib ; ln -sf libdl-2.11.1.so libdl.so.2 ) +( cd lib ; rm -rf libnss_dns.so.2 ) +( cd lib ; ln -sf libnss_dns-2.11.1.so libnss_dns.so.2 ) +( cd lib ; rm -rf libpthread.so.0 ) +( cd lib ; ln -sf libpthread-2.11.1.so libpthread.so.0 ) +( cd lib ; rm -rf libnss_nisplus.so.2 ) +( cd lib ; ln -sf libnss_nisplus-2.11.1.so libnss_nisplus.so.2 ) +( cd lib ; rm -rf libc.so.6 ) +( cd lib ; ln -sf libc-2.11.1.so libc.so.6 ) +( cd lib ; rm -rf librt.so.1 ) +( cd lib ; ln -sf librt-2.11.1.so librt.so.1 ) +fi diff --git a/patches/source/glibc/doinst.sh-glibc-zoneinfo b/patches/source/glibc/doinst.sh-glibc-zoneinfo new file mode 100644 index 00000000..7afabf89 --- /dev/null +++ b/patches/source/glibc/doinst.sh-glibc-zoneinfo @@ -0,0 +1,23 @@ +# Prep the library links: +ldconfig -r . +# Fix existing old style /etc/localtime symlink: +if [ -L etc/localtime -a ! -r etc/localtime-copied-from ]; then + mv etc/localtime etc/localtime-copied-from + chroot . /bin/cp etc/localtime-copied-from etc/localtime +fi +# Add the default timezone in /etc, if none exists: +if [ ! -r etc/localtime ]; then + ( cd etc ; rm -rf localtime localtime-copied-from ) + ( cd etc ; ln -sf /usr/share/zoneinfo/Factory localtime-copied-from ) + chroot . /bin/cp etc/localtime-copied-from etc/localtime +fi +# Add the default link in /usr/share/zoneinfo, if none exists: +if [ ! -L usr/share/zoneinfo/localtime ]; then + ( cd usr/share/zoneinfo ; rm -rf localtime ) + ( cd usr/share/zoneinfo ; ln -sf /etc/localtime localtime ) +fi +# Make sure /etc/localtime is updated: +chroot . /bin/cp etc/localtime-copied-from etc/localtime +( cd usr/share/zoneinfo ; rm -rf timeconfig ) +( cd usr/share/zoneinfo ; ln -sf /usr/sbin/timeconfig timeconfig ) +### Make the rest of the symbolic links in the zoneinfo database: diff --git a/patches/source/glibc/glibc-2.10-dns-no-gethostbyname4.diff b/patches/source/glibc/glibc-2.10-dns-no-gethostbyname4.diff new file mode 100644 index 00000000..3fa365af --- /dev/null +++ b/patches/source/glibc/glibc-2.10-dns-no-gethostbyname4.diff @@ -0,0 +1,26 @@ +The gethostbyname4() lookup method is problematic since it fires out both +the A and AAAA DNS queries in parallel and over the same socket. This +should work in theory, but it turns out that many cheap DSL modems and +similar devices have buggy DNS servers - if the AAAA query arrives too +quickly after the A query, the server will generate only a single reply +with the A query id but returning an error for the AAAA query; we get +stuck waiting for the second reply. + +For gethostbyname4() users affected, disabling IPv6 in the system might +work around the issue, unfortunately it only helps with applications +using AI_ADDRCONFIG (e.g. Firefox); some (notably e.g. Pidgin) neglect +to do that. + +Real fix should be using separate ports for the A and AAAA queries. + +--- resolv/Versions 2008-08-02 10:26:09.000000000 +0200 ++++ resolv/Versions 2008-12-08 12:51:53.000000000 +0100 +@@ -102,7 +102,7 @@ libnss_dns { + _nss_dns_gethostbyname_r; _nss_dns_getnetbyaddr_r; + _nss_dns_getnetbyname_r; _nss_dns_getcanonname_r; + _nss_dns_gethostbyaddr2_r; +- _nss_dns_gethostbyname4_r; ++# _nss_dns_gethostbyname4_r; + } + } + diff --git a/patches/source/glibc/glibc-2.11.1.strtod.CVE-2012-3480.diff b/patches/source/glibc/glibc-2.11.1.strtod.CVE-2012-3480.diff new file mode 100644 index 00000000..45f83b36 --- /dev/null +++ b/patches/source/glibc/glibc-2.11.1.strtod.CVE-2012-3480.diff @@ -0,0 +1,328 @@ +--- ./stdlib/strtod_l.c.orig 2009-12-08 14:10:20.000000000 -0600 ++++ ./stdlib/strtod_l.c 2012-08-29 15:40:49.975590298 -0500 +@@ -62,6 +62,7 @@ + #include <math.h> + #include <stdlib.h> + #include <string.h> ++#include <stdint.h> + + /* The gmp headers need some configuration frobs. */ + #define HAVE_ALLOCA 1 +@@ -74,7 +75,6 @@ + #include "longlong.h" + #include "fpioconst.h" + +-#define NDEBUG 1 + #include <assert.h> + + +@@ -176,19 +176,19 @@ + /* Return a floating point number of the needed type according to the given + multi-precision number after possible rounding. */ + static FLOAT +-round_and_return (mp_limb_t *retval, int exponent, int negative, ++round_and_return (mp_limb_t *retval, intmax_t exponent, int negative, + mp_limb_t round_limb, mp_size_t round_bit, int more_bits) + { + if (exponent < MIN_EXP - 1) + { +- mp_size_t shift = MIN_EXP - 1 - exponent; +- +- if (shift > MANT_DIG) ++ if (exponent < MIN_EXP - 1 - MANT_DIG) + { + __set_errno (EDOM); + return 0.0; + } + ++ mp_size_t shift = MIN_EXP - 1 - exponent; ++ + more_bits |= (round_limb & ((((mp_limb_t) 1) << round_bit) - 1)) != 0; + if (shift == MANT_DIG) + /* This is a special case to handle the very seldom case where +@@ -235,6 +235,9 @@ + __set_errno (ERANGE); + } + ++ if (exponent > MAX_EXP) ++ goto overflow; ++ + if ((round_limb & (((mp_limb_t) 1) << round_bit)) != 0 + && (more_bits || (retval[0] & 1) != 0 + || (round_limb & ((((mp_limb_t) 1) << round_bit) - 1)) != 0)) +@@ -260,6 +263,7 @@ + } + + if (exponent > MAX_EXP) ++ overflow: + return negative ? -FLOAT_HUGE_VAL : FLOAT_HUGE_VAL; + + return MPN2FLOAT (retval, exponent, negative); +@@ -273,7 +277,7 @@ + factor for the resulting number (see code) multiply by it. */ + static const STRING_TYPE * + str_to_mpn (const STRING_TYPE *str, int digcnt, mp_limb_t *n, mp_size_t *nsize, +- int *exponent ++ intmax_t *exponent + #ifndef USE_WIDE_CHAR + , const char *decimal, size_t decimal_len, const char *thousands + #endif +@@ -303,6 +307,7 @@ + cy += __mpn_add_1 (n, n, *nsize, low); + if (cy != 0) + { ++ assert (*nsize < MPNSIZE); + n[*nsize] = cy; + ++(*nsize); + } +@@ -337,7 +342,7 @@ + } + while (--digcnt > 0); + +- if (*exponent > 0 && cnt + *exponent <= MAX_DIG_PER_LIMB) ++ if (*exponent > 0 && *exponent <= MAX_DIG_PER_LIMB - cnt) + { + low *= _tens_in_limb[*exponent]; + start = _tens_in_limb[cnt + *exponent]; +@@ -357,7 +362,10 @@ + cy = __mpn_mul_1 (n, n, *nsize, start); + cy += __mpn_add_1 (n, n, *nsize, low); + if (cy != 0) +- n[(*nsize)++] = cy; ++ { ++ assert (*nsize < MPNSIZE); ++ n[(*nsize)++] = cy; ++ } + } + + return str; +@@ -415,7 +423,7 @@ + { + int negative; /* The sign of the number. */ + MPN_VAR (num); /* MP representation of the number. */ +- int exponent; /* Exponent of the number. */ ++ intmax_t exponent; /* Exponent of the number. */ + + /* Numbers starting `0X' or `0x' have to be processed with base 16. */ + int base = 10; +@@ -437,7 +445,7 @@ + /* Points at the character following the integer and fractional digits. */ + const STRING_TYPE *expp; + /* Total number of digit and number of digits in integer part. */ +- int dig_no, int_no, lead_zero; ++ size_t dig_no, int_no, lead_zero; + /* Contains the last character read. */ + CHAR_TYPE c; + +@@ -769,7 +777,7 @@ + are all or any is really a fractional digit will be decided + later. */ + int_no = dig_no; +- lead_zero = int_no == 0 ? -1 : 0; ++ lead_zero = int_no == 0 ? (size_t) -1 : 0; + + /* Read the fractional digits. A special case are the 'american + style' numbers like `16.' i.e. with decimal point but without +@@ -791,12 +799,13 @@ + (base == 16 && ({ CHAR_TYPE lo = TOLOWER (c); + lo >= L_('a') && lo <= L_('f'); }))) + { +- if (c != L_('0') && lead_zero == -1) ++ if (c != L_('0') && lead_zero == (size_t) -1) + lead_zero = dig_no - int_no; + ++dig_no; + c = *++cp; + } + } ++ assert (dig_no <= (uintmax_t) INTMAX_MAX); + + /* Remember start of exponent (if any). */ + expp = cp; +@@ -819,24 +828,80 @@ + + if (c >= L_('0') && c <= L_('9')) + { +- int exp_limit; ++ intmax_t exp_limit; + + /* Get the exponent limit. */ + if (base == 16) +- exp_limit = (exp_negative ? +- -MIN_EXP + MANT_DIG + 4 * int_no : +- MAX_EXP - 4 * int_no + 4 * lead_zero + 3); ++ { ++ if (exp_negative) ++ { ++ assert (int_no <= (uintmax_t) (INTMAX_MAX ++ + MIN_EXP - MANT_DIG) / 4); ++ exp_limit = -MIN_EXP + MANT_DIG + 4 * (intmax_t) int_no; ++ } ++ else ++ { ++ if (int_no) ++ { ++ assert (lead_zero == 0 ++ && int_no <= (uintmax_t) INTMAX_MAX / 4); ++ exp_limit = MAX_EXP - 4 * (intmax_t) int_no + 3; ++ } ++ else if (lead_zero == (size_t) -1) ++ { ++ /* The number is zero and this limit is ++ arbitrary. */ ++ exp_limit = MAX_EXP + 3; ++ } ++ else ++ { ++ assert (lead_zero ++ <= (uintmax_t) (INTMAX_MAX - MAX_EXP - 3) / 4); ++ exp_limit = (MAX_EXP ++ + 4 * (intmax_t) lead_zero ++ + 3); ++ } ++ } ++ } + else +- exp_limit = (exp_negative ? +- -MIN_10_EXP + MANT_DIG + int_no : +- MAX_10_EXP - int_no + lead_zero + 1); ++ { ++ if (exp_negative) ++ { ++ assert (int_no ++ <= (uintmax_t) (INTMAX_MAX + MIN_10_EXP - MANT_DIG)); ++ exp_limit = -MIN_10_EXP + MANT_DIG + (intmax_t) int_no; ++ } ++ else ++ { ++ if (int_no) ++ { ++ assert (lead_zero == 0 ++ && int_no <= (uintmax_t) INTMAX_MAX); ++ exp_limit = MAX_10_EXP - (intmax_t) int_no + 1; ++ } ++ else if (lead_zero == (size_t) -1) ++ { ++ /* The number is zero and this limit is ++ arbitrary. */ ++ exp_limit = MAX_10_EXP + 1; ++ } ++ else ++ { ++ assert (lead_zero ++ <= (uintmax_t) (INTMAX_MAX - MAX_10_EXP - 1)); ++ exp_limit = MAX_10_EXP + (intmax_t) lead_zero + 1; ++ } ++ } ++ } ++ ++ if (exp_limit < 0) ++ exp_limit = 0; + + do + { +- exponent *= 10; +- exponent += c - L_('0'); +- +- if (__builtin_expect (exponent > exp_limit, 0)) ++ if (__builtin_expect ((exponent > exp_limit / 10 ++ || (exponent == exp_limit / 10 ++ && c - L_('0') > exp_limit % 10)), 0)) + /* The exponent is too large/small to represent a valid + number. */ + { +@@ -845,7 +910,7 @@ + /* We have to take care for special situation: a joker + might have written "0.0e100000" which is in fact + zero. */ +- if (lead_zero == -1) ++ if (lead_zero == (size_t) -1) + result = negative ? -0.0 : 0.0; + else + { +@@ -864,6 +929,9 @@ + /* NOTREACHED */ + } + ++ exponent *= 10; ++ exponent += c - L_('0'); ++ + c = *++cp; + } + while (c >= L_('0') && c <= L_('9')); +@@ -932,7 +1000,14 @@ + } + #endif + startp += lead_zero + decimal_len; +- exponent -= base == 16 ? 4 * lead_zero : lead_zero; ++ assert (lead_zero <= (base == 16 ++ ? (uintmax_t) INTMAX_MAX / 4 ++ : (uintmax_t) INTMAX_MAX)); ++ assert (lead_zero <= (base == 16 ++ ? ((uintmax_t) exponent ++ - (uintmax_t) INTMAX_MIN) / 4 ++ : ((uintmax_t) exponent - (uintmax_t) INTMAX_MIN))); ++ exponent -= base == 16 ? 4 * (intmax_t) lead_zero : (intmax_t) lead_zero; + dig_no -= lead_zero; + } + +@@ -974,7 +1049,10 @@ + } + + /* Adjust the exponent for the bits we are shifting in. */ +- exponent += bits - 1 + (int_no - 1) * 4; ++ assert (int_no <= (uintmax_t) (exponent < 0 ++ ? (INTMAX_MAX - bits + 1) / 4 ++ : (INTMAX_MAX - exponent - bits + 1) / 4)); ++ exponent += bits - 1 + ((intmax_t) int_no - 1) * 4; + + while (--dig_no > 0 && idx >= 0) + { +@@ -1014,13 +1092,15 @@ + really integer digits or belong to the fractional part; i.e. we normalize + 123e-2 to 1.23. */ + { +- register int incr = (exponent < 0 ? MAX (-int_no, exponent) +- : MIN (dig_no - int_no, exponent)); ++ register intmax_t incr = (exponent < 0 ++ ? MAX (-(intmax_t) int_no, exponent) ++ : MIN ((intmax_t) dig_no - (intmax_t) int_no, ++ exponent)); + int_no += incr; + exponent -= incr; + } + +- if (__builtin_expect (int_no + exponent > MAX_10_EXP + 1, 0)) ++ if (__builtin_expect (exponent > MAX_10_EXP + 1 - (intmax_t) int_no, 0)) + { + __set_errno (ERANGE); + return negative ? -FLOAT_HUGE_VAL : FLOAT_HUGE_VAL; +@@ -1205,7 +1285,7 @@ + digits we should have enough bits for the result. The remaining + decimal digits give us the information that more bits are following. + This can be used while rounding. (Two added as a safety margin.) */ +- if (dig_no - int_no > (MANT_DIG - bits + 2) / 3 + 2) ++ if ((intmax_t) dig_no > (intmax_t) int_no + (MANT_DIG - bits + 2) / 3 + 2) + { + dig_no = int_no + (MANT_DIG - bits + 2) / 3 + 2; + more_bits = 1; +@@ -1213,7 +1293,7 @@ + else + more_bits = 0; + +- neg_exp = dig_no - int_no - exponent; ++ neg_exp = (intmax_t) dig_no - (intmax_t) int_no - exponent; + + /* Construct the denominator. */ + densize = 0; +--- ./stdlib/Makefile.orig 2009-12-08 14:10:20.000000000 -0600 ++++ ./stdlib/Makefile 2012-08-29 15:42:34.210585861 -0500 +@@ -70,7 +70,8 @@ + test-a64l tst-qsort tst-system testmb2 bug-strtod2 \ + tst-atof1 tst-atof2 tst-strtod2 tst-strtod3 tst-rand48-2 \ + tst-makecontext tst-strtod4 tst-strtod5 tst-qsort2 \ +- tst-makecontext2 tst-strtod6 tst-unsetenv1 ++ tst-makecontext2 tst-strtod6 tst-unsetenv1 \ ++ tst-strtod-overflow + + include ../Makeconfig + diff --git a/patches/source/glibc/glibc-cvs-checkout.sh b/patches/source/glibc/glibc-cvs-checkout.sh new file mode 100755 index 00000000..022d0117 --- /dev/null +++ b/patches/source/glibc/glibc-cvs-checkout.sh @@ -0,0 +1,3 @@ +echo "The password below is \"anoncvs\":" +cvs -z 9 -d :pserver:anoncvs@sources.redhat.com:/cvs/glibc login +cvs -z 9 -d :pserver:anoncvs@sources.redhat.com:/cvs/glibc co libc diff --git a/patches/source/glibc/glibc.CVE-2009-5029.diff b/patches/source/glibc/glibc.CVE-2009-5029.diff new file mode 100644 index 00000000..5c730d42 --- /dev/null +++ b/patches/source/glibc/glibc.CVE-2009-5029.diff @@ -0,0 +1,85 @@ +2011-12-17 Ulrich Drepper <drepper@gmail.com> + + [BZ #13506] + * time/tzfile.c (__tzfile_read): Check values from file header. + +diff --git a/time/tzfile.c b/time/tzfile.c +index 144e20b..402389c 100644 +--- a/time/tzfile.c ++++ b/time/tzfile.c +@@ -26,6 +26,7 @@ + #include <time.h> + #include <unistd.h> + #include <sys/stat.h> ++#include <stdint.h> + + #define NOID + #include <timezone/tzfile.h> +@@ -234,23 +234,58 @@ __tzfile_read (const char *file, size_t extra, char **extrap) + goto read_again; + } + ++ if (__builtin_expect (num_transitions ++ > ((SIZE_MAX - (__alignof__ (struct ttinfo) - 1)) ++ / (sizeof (time_t) + 1)), 0)) ++ goto lose; + total_size = num_transitions * (sizeof (time_t) + 1); + total_size = ((total_size + __alignof__ (struct ttinfo) - 1) + & ~(__alignof__ (struct ttinfo) - 1)); + types_idx = total_size; +- total_size += num_types * sizeof (struct ttinfo) + chars; ++ if (__builtin_expect (num_types ++ > (SIZE_MAX - total_size) / sizeof (struct ttinfo), 0)) ++ goto lose; ++ total_size += num_types * sizeof (struct ttinfo); ++ if (__builtin_expect (chars > SIZE_MAX - total_size, 0)) ++ goto lose; ++ total_size += chars; ++ if (__builtin_expect (__alignof__ (struct leap) - 1 ++ > SIZE_MAX - total_size, 0)) ++ goto lose; + total_size = ((total_size + __alignof__ (struct leap) - 1) + & ~(__alignof__ (struct leap) - 1)); + leaps_idx = total_size; ++ if (__builtin_expect (num_leaps ++ > (SIZE_MAX - total_size) / sizeof (struct leap), 0)) ++ goto lose; + total_size += num_leaps * sizeof (struct leap); +- tzspec_len = (sizeof (time_t) == 8 && trans_width == 8 +- ? st.st_size - (ftello (f) +- + num_transitions * (8 + 1) +- + num_types * 6 +- + chars +- + num_leaps * 12 +- + num_isstd +- + num_isgmt) - 1 : 0); ++ tzspec_len = 0; ++ if (sizeof (time_t) == 8 && trans_width == 8) ++ { ++ off_t rem = st.st_size - ftello (f); ++ if (__builtin_expect (rem < 0 ++ || (size_t) rem < (num_transitions * (8 + 1) ++ + num_types * 6 ++ + chars), 0)) ++ goto lose; ++ tzspec_len = (size_t) rem - (num_transitions * (8 + 1) ++ + num_types * 6 ++ + chars); ++ if (__builtin_expect (num_leaps > SIZE_MAX / 12 ++ || tzspec_len < num_leaps * 12, 0)) ++ goto lose; ++ tzspec_len -= num_leaps * 12; ++ if (__builtin_expect (tzspec_len < num_isstd, 0)) ++ goto lose; ++ tzspec_len -= num_isstd; ++ if (__builtin_expect (tzspec_len == 0 || tzspec_len - 1 < num_isgmt, 0)) ++ goto lose; ++ tzspec_len -= num_isgmt + 1; ++ if (__builtin_expect (SIZE_MAX - total_size < tzspec_len, 0)) ++ goto lose; ++ } ++ if (__builtin_expect (SIZE_MAX - total_size - tzspec_len < extra, 0)) ++ goto lose; + + /* Allocate enough memory including the extra block requested by the + caller. */ diff --git a/patches/source/glibc/glibc.CVE-2010-3847.diff b/patches/source/glibc/glibc.CVE-2010-3847.diff new file mode 100644 index 00000000..89af16fa --- /dev/null +++ b/patches/source/glibc/glibc.CVE-2010-3847.diff @@ -0,0 +1,70 @@ +--- ./elf/dl-load.c.orig 2010-07-27 06:34:39.000000000 -0500 ++++ ./elf/dl-load.c 2010-10-19 12:30:16.366002034 -0500 +@@ -169,8 +169,7 @@ + + + static size_t +-is_dst (const char *start, const char *name, const char *str, +- int is_path, int secure) ++is_dst (const char *start, const char *name, const char *str, int is_path) + { + size_t len; + bool is_curly = false; +@@ -199,11 +198,6 @@ + && (!is_path || name[len] != ':')) + return 0; + +- if (__builtin_expect (secure, 0) +- && ((name[len] != '\0' && (!is_path || name[len] != ':')) +- || (name != start + 1 && (!is_path || name[-2] != ':')))) +- return 0; +- + return len; + } + +@@ -218,13 +212,12 @@ + { + size_t len; + +- /* $ORIGIN is not expanded for SUID/GUID programs (except if it +- is $ORIGIN alone) and it must always appear first in path. */ ++ /* $ORIGIN is not expanded for SUID/GUID programs. */ + ++name; +- if ((len = is_dst (start, name, "ORIGIN", is_path, +- INTUSE(__libc_enable_secure))) != 0 +- || (len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0 +- || (len = is_dst (start, name, "LIB", is_path, 0)) != 0) ++ if (((len = is_dst (start, name, "ORIGIN", is_path)) != 0 ++ && !INTUSE(__libc_enable_secure)) ++ || (len = is_dst (start, name, "PLATFORM", is_path)) != 0 ++ || (len = is_dst (start, name, "LIB", is_path)) != 0) + ++cnt; + + name = strchr (name + len, '$'); +@@ -256,9 +249,12 @@ + size_t len; + + ++name; +- if ((len = is_dst (start, name, "ORIGIN", is_path, +- INTUSE(__libc_enable_secure))) != 0) ++ if ((len = is_dst (start, name, "ORIGIN", is_path)) != 0) + { ++ /* Ignore this path element in SUID/SGID programs. */ ++ if (INTUSE(__libc_enable_secure)) ++ repl = (const char *) -1; ++ else + #ifndef SHARED + if (l == NULL) + repl = _dl_get_origin (); +@@ -266,9 +262,9 @@ + #endif + repl = l->l_origin; + } +- else if ((len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0) ++ else if ((len = is_dst (start, name, "PLATFORM", is_path)) != 0) + repl = GLRO(dl_platform); +- else if ((len = is_dst (start, name, "LIB", is_path, 0)) != 0) ++ else if ((len = is_dst (start, name, "LIB", is_path)) != 0) + repl = DL_DST_LIB; + + if (repl != NULL && repl != (const char *) -1) diff --git a/patches/source/glibc/glibc.CVE-2010-3856.diff b/patches/source/glibc/glibc.CVE-2010-3856.diff new file mode 100644 index 00000000..8bae1081 --- /dev/null +++ b/patches/source/glibc/glibc.CVE-2010-3856.diff @@ -0,0 +1,188 @@ +--- ./include/dlfcn.h.orig 2010-07-27 06:34:39.000000000 -0500 ++++ ./include/dlfcn.h 2010-10-28 12:02:21.000000000 -0500 +@@ -9,6 +9,7 @@ + #define __RTLD_OPENEXEC 0x20000000 + #define __RTLD_CALLMAP 0x10000000 + #define __RTLD_AUDIT 0x08000000 ++#define __RTLD_SECURE 0x04000000 /* Apply additional security checks. */ + + #define __LM_ID_CALLER -2 + +--- ./elf/dl-deps.c.orig 2010-07-27 06:34:39.000000000 -0500 ++++ ./elf/dl-deps.c 2010-10-28 12:02:21.000000000 -0500 +@@ -62,7 +62,7 @@ + { + struct openaux_args *args = (struct openaux_args *) a; + +- args->aux = _dl_map_object (args->map, args->name, 0, ++ args->aux = _dl_map_object (args->map, args->name, + (args->map->l_type == lt_executable + ? lt_library : args->map->l_type), + args->trace_mode, args->open_mode, +--- ./elf/dl-open.c.orig 2010-07-27 06:34:39.000000000 -0500 ++++ ./elf/dl-open.c 2010-10-28 12:04:40.000000000 -0500 +@@ -252,7 +252,7 @@ + + /* Load the named object. */ + struct link_map *new; +- args->map = new = _dl_map_object (call_map, file, 0, lt_loaded, 0, ++ args->map = new = _dl_map_object (call_map, file, lt_loaded, 0, + mode | __RTLD_CALLMAP, args->nsid); + + /* If the pointer returned is NULL this means the RTLD_NOLOAD flag is +--- ./elf/rtld.c.orig 2010-07-27 06:34:39.000000000 -0500 ++++ ./elf/rtld.c 2010-10-28 12:02:21.000000000 -0500 +@@ -589,7 +589,6 @@ + /* Argument to map_doit. */ + char *str; + struct link_map *loader; +- int is_preloaded; + int mode; + /* Return value of map_doit. */ + struct link_map *map; +@@ -627,16 +626,17 @@ + map_doit (void *a) + { + struct map_args *args = (struct map_args *) a; +- args->map = _dl_map_object (args->loader, args->str, +- args->is_preloaded, lt_library, 0, args->mode, +- LM_ID_BASE); ++ args->map = _dl_map_object (args->loader, args->str, lt_library, 0, ++ args->mode, LM_ID_BASE); + } + + static void + dlmopen_doit (void *a) + { + struct dlmopen_args *args = (struct dlmopen_args *) a; +- args->map = _dl_open (args->fname, RTLD_LAZY | __RTLD_DLOPEN | __RTLD_AUDIT, ++ args->map = _dl_open (args->fname, ++ (RTLD_LAZY | __RTLD_DLOPEN | __RTLD_AUDIT ++ | __RTLD_SECURE), + dl_main, LM_ID_NEWLM, _dl_argc, INTUSE(_dl_argv), + __environ); + } +@@ -806,8 +806,7 @@ + + args.str = fname; + args.loader = main_map; +- args.is_preloaded = 1; +- args.mode = 0; ++ args.mode = __RTLD_SECURE; + + unsigned int old_nloaded = GL(dl_ns)[LM_ID_BASE]._ns_nloaded; + +@@ -1054,7 +1053,6 @@ + + args.str = rtld_progname; + args.loader = NULL; +- args.is_preloaded = 0; + args.mode = __RTLD_OPENEXEC; + (void) _dl_catch_error (&objname, &err_str, &malloced, map_doit, + &args); +@@ -1066,7 +1064,7 @@ + else + { + HP_TIMING_NOW (start); +- _dl_map_object (NULL, rtld_progname, 0, lt_library, 0, ++ _dl_map_object (NULL, rtld_progname, lt_library, 0, + __RTLD_OPENEXEC, LM_ID_BASE); + HP_TIMING_NOW (stop); + +--- ./elf/dl-load.c.orig 2010-07-27 06:34:39.000000000 -0500 ++++ ./elf/dl-load.c 2010-10-28 12:02:21.000000000 -0500 +@@ -1815,7 +1815,7 @@ + if MAY_FREE_DIRS is true. */ + + static int +-open_path (const char *name, size_t namelen, int preloaded, ++open_path (const char *name, size_t namelen, int secure, + struct r_search_path_struct *sps, char **realname, + struct filebuf *fbp, struct link_map *loader, int whatcode, + bool *found_other_class) +@@ -1897,7 +1897,7 @@ + /* Remember whether we found any existing directory. */ + here_any |= this_dir->status[cnt] != nonexisting; + +- if (fd != -1 && __builtin_expect (preloaded, 0) ++ if (fd != -1 && __builtin_expect (secure, 0) + && INTUSE(__libc_enable_secure)) + { + /* This is an extra security effort to make sure nobody can +@@ -1966,7 +1966,7 @@ + + struct link_map * + internal_function +-_dl_map_object (struct link_map *loader, const char *name, int preloaded, ++_dl_map_object (struct link_map *loader, const char *name, + int type, int trace_mode, int mode, Lmid_t nsid) + { + int fd; +@@ -2070,7 +2070,8 @@ + for (l = loader; l; l = l->l_loader) + if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH")) + { +- fd = open_path (name, namelen, preloaded, &l->l_rpath_dirs, ++ fd = open_path (name, namelen, mode & __RTLD_SECURE, ++ &l->l_rpath_dirs, + &realname, &fb, loader, LA_SER_RUNPATH, + &found_other_class); + if (fd != -1) +@@ -2085,14 +2086,15 @@ + && main_map != NULL && main_map->l_type != lt_loaded + && cache_rpath (main_map, &main_map->l_rpath_dirs, DT_RPATH, + "RPATH")) +- fd = open_path (name, namelen, preloaded, &main_map->l_rpath_dirs, ++ fd = open_path (name, namelen, mode & __RTLD_SECURE, ++ &main_map->l_rpath_dirs, + &realname, &fb, loader ?: main_map, LA_SER_RUNPATH, + &found_other_class); + } + + /* Try the LD_LIBRARY_PATH environment variable. */ + if (fd == -1 && env_path_list.dirs != (void *) -1) +- fd = open_path (name, namelen, preloaded, &env_path_list, ++ fd = open_path (name, namelen, mode & __RTLD_SECURE, &env_path_list, + &realname, &fb, + loader ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded, + LA_SER_LIBPATH, &found_other_class); +@@ -2101,12 +2103,12 @@ + if (fd == -1 && loader != NULL + && cache_rpath (loader, &loader->l_runpath_dirs, + DT_RUNPATH, "RUNPATH")) +- fd = open_path (name, namelen, preloaded, ++ fd = open_path (name, namelen, mode & __RTLD_SECURE, + &loader->l_runpath_dirs, &realname, &fb, loader, + LA_SER_RUNPATH, &found_other_class); + + if (fd == -1 +- && (__builtin_expect (! preloaded, 1) ++ && (__builtin_expect (! (mode & __RTLD_SECURE), 1) + || ! INTUSE(__libc_enable_secure))) + { + /* Check the list of libraries in the file /etc/ld.so.cache, +@@ -2172,7 +2174,7 @@ + && ((l = loader ?: GL(dl_ns)[nsid]._ns_loaded) == NULL + || __builtin_expect (!(l->l_flags_1 & DF_1_NODEFLIB), 1)) + && rtld_search_dirs.dirs != (void *) -1) +- fd = open_path (name, namelen, preloaded, &rtld_search_dirs, ++ fd = open_path (name, namelen, mode & __RTLD_SECURE, &rtld_search_dirs, + &realname, &fb, l, LA_SER_DEFAULT, &found_other_class); + + /* Add another newline when we are tracing the library loading. */ +--- ./sysdeps/generic/ldsodefs.h.orig 2010-07-27 06:34:39.000000000 -0500 ++++ ./sysdeps/generic/ldsodefs.h 2010-10-28 12:02:21.000000000 -0500 +@@ -824,11 +824,9 @@ + + /* Open the shared object NAME and map in its segments. + LOADER's DT_RPATH is used in searching for NAME. +- If the object is already opened, returns its existing map. +- For preloaded shared objects PRELOADED is set to a non-zero +- value to allow additional security checks. */ ++ If the object is already opened, returns its existing map. */ + extern struct link_map *_dl_map_object (struct link_map *loader, +- const char *name, int preloaded, ++ const char *name, + int type, int trace_mode, int mode, + Lmid_t nsid) + internal_function attribute_hidden; diff --git a/patches/source/glibc/glibc.CVE-2013-4332.diff b/patches/source/glibc/glibc.CVE-2013-4332.diff new file mode 100644 index 00000000..9f7f5886 --- /dev/null +++ b/patches/source/glibc/glibc.CVE-2013-4332.diff @@ -0,0 +1,64 @@ +From 0d6085cb1b4330b835ad08a3ec8f80b30f0cadb4 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Wed, 11 Sep 2013 +Subject: CVE-2013-4332 + +malloc: Check for integer overflow in pvalloc, valloc, and memalign. + +A large bytes parameter to pvalloc, valloc, or memalign could cause +an integer overflow and corrupt allocator internals. Check the +overflow does not occur before continuing with the allocation. + +Note: This is a backport to glibc 2.17 of the following three commits: + * https://sourceware.org/git/?p=glibc.git;a=commit;h=1159a193696a + * https://sourceware.org/git/?p=glibc.git;a=commit;h=55e17aadc1ef + * https://sourceware.org/git/?p=glibc.git;a=commit;h=b73ed247781d +--- + +malloc.c | 21 +++++++++++++++++++++ + 1 file changed, 21 insertions(+) + +--- a/malloc/malloc.c ++++ b/malloc/malloc.c +@@ -3020,6 +3020,13 @@ __libc_memalign(size_t alignment, size_t + /* Otherwise, ensure that it is at least a minimum chunk size */ + if (alignment < MINSIZE) alignment = MINSIZE; + ++ /* Check for overflow. */ ++ if (bytes > SIZE_MAX - alignment - MINSIZE) ++ { ++ __set_errno (ENOMEM); ++ return 0; ++ } ++ + arena_get(ar_ptr, bytes + alignment + MINSIZE); + if(!ar_ptr) + return 0; +@@ -3051,6 +3058,13 @@ __libc_valloc(size_t bytes) + + size_t pagesz = GLRO(dl_pagesize); + ++ /* Check for overflow. */ ++ if (bytes > SIZE_MAX - pagesz - MINSIZE) ++ { ++ __set_errno (ENOMEM); ++ return 0; ++ } ++ + __malloc_ptr_t (*hook) __MALLOC_PMT ((size_t, size_t, + const __malloc_ptr_t)) = + force_reg (__memalign_hook); +@@ -3088,6 +3102,13 @@ __libc_pvalloc(size_t bytes) + size_t page_mask = GLRO(dl_pagesize) - 1; + size_t rounded_bytes = (bytes + page_mask) & ~(page_mask); + ++ /* Check for overflow. */ ++ if (bytes > SIZE_MAX - 2*pagesz - MINSIZE) ++ { ++ __set_errno (ENOMEM); ++ return 0; ++ } ++ + __malloc_ptr_t (*hook) __MALLOC_PMT ((size_t, size_t, + const __malloc_ptr_t)) = + force_reg (__memalign_hook); diff --git a/patches/source/glibc/glibc.CVE-2015-0235.glibc2111.diff b/patches/source/glibc/glibc.CVE-2015-0235.glibc2111.diff new file mode 100644 index 00000000..5a4436b3 --- /dev/null +++ b/patches/source/glibc/glibc.CVE-2015-0235.glibc2111.diff @@ -0,0 +1,208 @@ +--- ./nss/getXXbyYY_r.c.orig 2009-12-08 14:10:20.000000000 -0600 ++++ ./nss/getXXbyYY_r.c 2015-01-27 17:50:42.168043997 -0600 +@@ -178,6 +178,9 @@ + case -1: + return errno; + case 1: ++#ifdef NEED_H_ERRNO ++ any_service = true; ++#endif + goto done; + } + #endif +--- ./nss/digits_dots.c.orig 2009-12-08 14:10:20.000000000 -0600 ++++ ./nss/digits_dots.c 2015-01-27 17:50:42.169043997 -0600 +@@ -47,7 +47,10 @@ + { + if (h_errnop) + *h_errnop = NETDB_INTERNAL; +- *result = NULL; ++ if (buffer_size == NULL) ++ *status = NSS_STATUS_TRYAGAIN; ++ else ++ *result = NULL; + return -1; + } + +@@ -84,14 +87,16 @@ + } + + size_needed = (sizeof (*host_addr) +- + sizeof (*h_addr_ptrs) + strlen (name) + 1); ++ + sizeof (*h_addr_ptrs) ++ + sizeof (*h_alias_ptr) + strlen (name) + 1); + + if (buffer_size == NULL) + { + if (buflen < size_needed) + { ++ *status = NSS_STATUS_TRYAGAIN; + if (h_errnop != NULL) +- *h_errnop = TRY_AGAIN; ++ *h_errnop = NETDB_INTERNAL; + __set_errno (ERANGE); + goto done; + } +@@ -110,7 +115,7 @@ + *buffer_size = 0; + __set_errno (save); + if (h_errnop != NULL) +- *h_errnop = TRY_AGAIN; ++ *h_errnop = NETDB_INTERNAL; + *result = NULL; + goto done; + } +@@ -150,7 +155,9 @@ + if (! ok) + { + *h_errnop = HOST_NOT_FOUND; +- if (buffer_size) ++ if (buffer_size == NULL) ++ *status = NSS_STATUS_NOTFOUND; ++ else + *result = NULL; + goto done; + } +@@ -191,7 +198,7 @@ + if (buffer_size == NULL) + *status = NSS_STATUS_SUCCESS; + else +- *result = resbuf; ++ *result = resbuf; + goto done; + } + +@@ -202,15 +209,6 @@ + + if ((isxdigit (name[0]) && strchr (name, ':') != NULL) || name[0] == ':') + { +- const char *cp; +- char *hostname; +- typedef unsigned char host_addr_t[16]; +- host_addr_t *host_addr; +- typedef char *host_addr_list_t[2]; +- host_addr_list_t *h_addr_ptrs; +- size_t size_needed; +- int addr_size; +- + switch (af) + { + default: +@@ -226,7 +224,10 @@ + /* This is not possible. We cannot represent an IPv6 address + in an `struct in_addr' variable. */ + *h_errnop = HOST_NOT_FOUND; +- *result = NULL; ++ if (buffer_size == NULL) ++ *status = NSS_STATUS_NOTFOUND; ++ else ++ *result = NULL; + goto done; + + case AF_INET6: +@@ -234,42 +235,6 @@ + break; + } + +- size_needed = (sizeof (*host_addr) +- + sizeof (*h_addr_ptrs) + strlen (name) + 1); +- +- if (buffer_size == NULL && buflen < size_needed) +- { +- if (h_errnop != NULL) +- *h_errnop = TRY_AGAIN; +- __set_errno (ERANGE); +- goto done; +- } +- else if (buffer_size != NULL && *buffer_size < size_needed) +- { +- char *new_buf; +- *buffer_size = size_needed; +- new_buf = realloc (*buffer, *buffer_size); +- +- if (new_buf == NULL) +- { +- save = errno; +- free (*buffer); +- __set_errno (save); +- *buffer = NULL; +- *buffer_size = 0; +- *result = NULL; +- goto done; +- } +- *buffer = new_buf; +- } +- +- memset (*buffer, '\0', size_needed); +- +- host_addr = (host_addr_t *) *buffer; +- h_addr_ptrs = (host_addr_list_t *) +- ((char *) host_addr + sizeof (*host_addr)); +- hostname = (char *) h_addr_ptrs + sizeof (*h_addr_ptrs); +- + for (cp = name;; ++cp) + { + if (!*cp) +@@ -282,7 +247,9 @@ + if (inet_pton (AF_INET6, name, host_addr) <= 0) + { + *h_errnop = HOST_NOT_FOUND; +- if (buffer_size) ++ if (buffer_size == NULL) ++ *status = NSS_STATUS_NOTFOUND; ++ else + *result = NULL; + goto done; + } +--- ./nss/test-digits-dots.c.orig 2015-01-27 17:50:42.170043997 -0600 ++++ ./nss/test-digits-dots.c 2015-01-27 17:50:42.170043997 -0600 +@@ -0,0 +1,38 @@ ++/* Copyright (C) 2013 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ <http://www.gnu.org/licenses/>. */ ++ ++/* Testcase for BZ #15014 */ ++ ++#include <stdlib.h> ++#include <netdb.h> ++#include <errno.h> ++ ++static int ++do_test (void) ++{ ++ char buf[32]; ++ struct hostent *result = NULL; ++ struct hostent ret; ++ int h_err = 0; ++ int err; ++ ++ err = gethostbyname_r ("1.2.3.4", &ret, buf, sizeof (buf), &result, &h_err); ++ return err == ERANGE && h_err == NETDB_INTERNAL ? EXIT_SUCCESS : EXIT_FAILURE; ++} ++ ++#define TEST_FUNCTION do_test () ++#include "../test-skeleton.c" +--- ./nss/Makefile.orig 2015-01-27 17:50:42.171043997 -0600 ++++ ./nss/Makefile 2015-01-27 17:51:24.107042656 -0600 +@@ -39,7 +39,7 @@ + others := getent + install-bin := getent + +-tests = test-netdb ++tests = test-netdb test-digits-dots + xtests = bug-erange + + include ../Makeconfig diff --git a/patches/source/glibc/glibc.SlackBuild b/patches/source/glibc/glibc.SlackBuild new file mode 100755 index 00000000..17f4edac --- /dev/null +++ b/patches/source/glibc/glibc.SlackBuild @@ -0,0 +1,489 @@ +#!/bin/sh + +# Copyright 2006, 2008, 2009, 2010, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +## build glibc-$VERSION for Slackware + +VERSION=${VERSION:-2.11.1} +CHECKOUT=${CHECKOUT:-""} +BUILD=${BUILD:-9_slack13.1} + +## Included in glibc now: +## glibc-libidn version +#LIBIDNVER=2.10.1 + +# $ARCH may be preset, otherwise i486 compatibility with i686 binary +# structuring is the Slackware default, since this is what gcc-3.2+ +# requires for binary compatibility with previous releases. +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CVSVER=${VERSION}${CHECKOUT} + +# NOTE!!! glibc needs to be built against the sanitized kernel headers, +# which will be installed under /usr/include by the kernel-headers package. +# Be sure the correct version of the headers package is installed BEFORE +# building glibc! + +CWD=$(pwd) +# Temporary build location. This should not be a directory +# path a non-root user could create later... +TMP=${TMP:-/glibc-tmp-$(mcookie)} +mkdir -p $TMP + +NUMJOBS=${NUMJOBS:--j4} + +# Sanity check on the version number in the install scripts: +if ! grep -vq libutil-$VERSION}.so $CWD/doinst.sh-glibc ; then + echo "FATAL: doinst.sh scripts have wrong version numbers." + exit 1 +fi + +case $ARCH in + x86_64) + TARGET=${TARGET:-x86_64} + ;; + i486) + # This should be i486 for all 32-bit x86 arch: + TARGET=${TARGET:-i486} + ;; +esac + +# This function fixes a doinst.sh file for x86_64. +# With thanks to Fred Emmott. +fix_doinst() { + if [ "x$LIBDIRSUFFIX" = "x" ]; then + return; + fi; + # Fix "( cd usr/lib ;" occurrences + sed -i "s#lib ;#lib${LIBDIRSUFFIX} ;#" install/doinst.sh + # Fix "lib/" occurrences + sed -i "s#lib/#lib${LIBDIRSUFFIX}/#g" install/doinst.sh + # Fix "( cd lib" occurrences + sed -i "s#( cd lib\$#( cd lib${LIBDIRSUFFIX}#" install/doinst.sh + + if [ "$ARCH" = "x86_64" ]; then + sed -i 's#ld-linux.so.2#ld-linux-x86-64.so.2#' install/doinst.sh + fi +} + +# This is a patch function to put all glibc patches in the build script +# up near the top. +apply_patches() { + # Use old-style locale directories rather than a single (and strangely + # formatted) /usr/lib/locale/locale-archive file: + zcat $CWD/glibc.locale.no-archive.diff.gz | patch -p1 --verbose || exit 1 + # The is_IS locale is causing a strange error about the "echn" command + # not existing. This patch reverts is_IS to the version shipped in + # glibc-2.5: + zcat $CWD/is_IS.diff.gz | patch -p1 --verbose || exit 1 + # Fix NIS netgroups: + zcat $CWD/glibc.nis-netgroups.diff.gz | patch -p1 --verbose || exit 1 + # Support ru_RU.CP1251 locale: + zcat $CWD/glibc.ru_RU.CP1251.diff.gz | patch -p1 --verbose || exit 1 + # Fix missing MAX macro in getcwd.c: + zcat $CWD/glibc.getcwd.max.macro.diff.gz | patch -p1 --verbose || exit 1 + # Fix resolver problem with glibc-2.9: + zcat $CWD/glibc-2.10-dns-no-gethostbyname4.diff.gz | patch -p0 --verbose || exit 1 + # This reverts a patch that was made to glibc to fix "namespace leakage", + # which seems to cause some build failures (e.g. with conntrack): + zcat $CWD/glibc.revert.to.fix.build.breakages.diff.gz | patch -p1 --verbose || exit 1 + # This fixes a security issue in glibc 2.12.1 and earlier: + zcat $CWD/glibc.CVE-2010-3847.diff.gz | patch -p1 --verbose || exit 1 + # This fixes a security issue in glibc 2.12.1 and earlier: + zcat $CWD/glibc.CVE-2010-3856.diff.gz | patch -p1 --verbose || exit 1 + # Fix an integer overflow in tzfile: + zcat $CWD/glibc.CVE-2009-5029.diff.gz | patch -p1 --verbose || exit 1 + # Fix strtod overflows: + zcat $CWD/glibc-2.11.1.strtod.CVE-2012-3480.diff.gz | patch -p1 --verbose || exit 1 + # Patch integer overflows in pvalloc, valloc, and + # posix_memalign/memalign/aligned_alloc (CVE-2013-4332). + zcat $CWD/glibc.CVE-2013-4332.diff.gz | patch -p1 --verbose || exit 1 + # Fix parsing of numeric hosts in gethostbyname_r: + zcat $CWD/glibc.CVE-2015-0235.glibc2111.diff.gz | patch -p1 --verbose || exit 1 +} + +# I'll break this out as an option for fun :-) +case $ARCH in + i386) + OPTIMIZ="-O3 -march=i386 -mcpu=i686" + LIBDIRSUFFIX="" + ;; + i486) + OPTIMIZ="-O3 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" + ;; + i586) + OPTIMIZ="-O3 -march=i586" + LIBDIRSUFFIX="" + ;; + i686) + OPTIMIZ="-O3 -march=i686" + LIBDIRSUFFIX="" + ;; + athlon) + OPTIMIZ="-O3 -march=athlon" + LIBDIRSUFFIX="" + ;; + s390) + OPTIMIZ="-O3" + LIBDIRSUFFIX="" + ;; + x86_64) + OPTIMIZ="-O3 -fPIC" + LIBDIRSUFFIX="64" + ;; + *) + OPTIMIZ="-O3" + LIBDIRSUFFIX="" + ;; +esac + +# This is going to be the initial $DESTDIR: +export PKG=$TMP/package-glibc-incoming-tree +PGLIBC=$TMP/package-glibc +PSOLIBS=$TMP/package-glibc-solibs +PZONE=$TMP/package-glibc-zoneinfo +PI18N=$TMP/package-glibc-i18n +PPROFILE=$TMP/package-glibc-profile +PDEBUG=$TMP/package-glibc-debug + +# Empty these locations first: +for dir in $PKG $PGLIBC $PSOLIBS $PZONE $PI18N $PPROFILE $PDEBUG ; do + if [ -d $dir ]; then + rm -rf $dir + fi + mkdir -p $dir +done +if [ -d $TMP/glibc-$VERSION ]; then + rm -rf $TMP/glibc-$VERSION +fi + +# Create an incoming directory structure for glibc to be built into: +mkdir -p $PKG/lib${LIBDIRSUFFIX} +mkdir -p $PKG/sbin +mkdir -p $PKG/usr/bin +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX} +mkdir -p $PKG/usr/sbin +mkdir -p $PKG/usr/include +mkdir -p $PKG/usr/doc +mkdir -p $PKG/usr/man +mkdir -p $PKG/usr/share +mkdir -p $PKG/var/db/nscd +mkdir -p $PKG/var/run/nscd + +# Begin extract/compile: +cd $TMP +rm -rf glibc-$CVSVER +tar xvf $CWD/glibc-$CVSVER.tar.xz \ + || tar xvf $CWD/glibc-$CVSVER.tar.bz2 \ + || tar xvf $CWD/glibc-$CVSVER.tar.gz +cd glibc-$CVSVER + +#tar xvf $CWD/glibc-libidn-$LIBIDNVER.tar.?z* +#mv glibc-libidn-$LIBIDNVER libidn + +chown -R root:root . +find . -perm 666 -exec chmod 644 {} \; +find . -perm 664 -exec chmod 644 {} \; +find . -perm 600 -exec chmod 644 {} \; +find . -perm 444 -exec chmod 644 {} \; +find . -perm 400 -exec chmod 644 {} \; +find . -perm 440 -exec chmod 644 {} \; +find . -perm 777 -exec chmod 755 {} \; +find . -perm 775 -exec chmod 755 {} \; +find . -perm 511 -exec chmod 755 {} \; +find . -perm 711 -exec chmod 755 {} \; +find . -perm 555 -exec chmod 755 {} \; + +# Clean up leftover CVS directories: +find . -type d -name CVS -exec rm -r {} \; 2> /dev/null + +# Apply patches; exit if any fail. +apply_patches +if [ ! $? = 0 ]; then + exit 1 +fi + +# Make build directory: +mkdir build-glibc-$VERSION +cd build-glibc-$VERSION + +echo "BUILDING DAS NPTL GLIBC" +CFLAGS="-g $OPTIMIZ" \ +../configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --enable-kernel=2.6.18 \ + --with-headers=/usr/include \ + --enable-add-ons=libidn,nptl \ + --enable-profile \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --with-tls \ + --with-__thread \ + --without-cvs \ + $TARGET-slackware-linux + +make $NUMJOBS || make || exit 1 +make install install_root=$PKG || exit 1 +make localedata/install-locales install_root=$PKG || exit 1 + +# The prevailing standard seems to be putting unstripped libraries in +# /usr/lib/debug/ and stripping the debugging symbols from all the other +# libraries. +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/debug +cp -a $PKG/lib${LIBDIRSUFFIX}/l*.so* $PKG/usr/lib${LIBDIRSUFFIX}/debug +cp -a $PKG/usr/lib${LIBDIRSUFFIX}/*.a $PKG/usr/lib${LIBDIRSUFFIX}/debug +# Don't need debug+profile: +( cd $PKG/usr/lib${LIBDIRSUFFIX}/debug ; rm -f *_p.* ) +# NOTE: Is there really a reason for the glibc-debug package? +# If you're debugging glibc, you can also compile it, right? + +## COMMENTED OUT: There's no reason for profile libs to include -g information. +## Put back unstripped profiling libraries: +#mv $PKG/usr/lib${LIBDIRSUFFIX}/debug/*_p.a $PKG/usr/lib${LIBDIRSUFFIX} +# It might be best to put the unstripped and profiling libraries in glibc-debug and glibc-profile. + +# I don't think "strip -g" causes the pthread problems. It's --strip-unneeded that does. +strip -g $PKG/lib${LIBDIRSUFFIX}/l*.so* +strip -g $PKG/usr/lib${LIBDIRSUFFIX}/l*.so* +strip -g $PKG/usr/lib${LIBDIRSUFFIX}/lib*.a + +# Build and install the zoneinfo database: +cd $TMP +rm -rf tzcodedata-build +mkdir tzcodedata-build +cd tzcodedata-build +tar xzf $CWD/tzdata?????.tar.gz +tar xzf $CWD/tzcode?????.tar.gz +sed -i "s,/usr/local,$(pwd),g" Makefile +sed -i "s,/etc/zoneinfo,/zoneinfo,g" Makefile +make +make install +mkdir -p $PKG/usr/share/zoneinfo/{posix,right} +cp -a zoneinfo/* $PKG/usr/share/zoneinfo +cp -a zoneinfo-posix/* $PKG/usr/share/zoneinfo/posix +cp -a zoneinfo-leaps/* $PKG/usr/share/zoneinfo/right +# Remove $PKG/usr/share/zoneinfo/localtime -- the install script will +# create it as a link to /etc/localtime. +rm -f $PKG/usr/share/zoneinfo/localtime + +# Back to the sources dir to add some files/docs: +cd $TMP/glibc-$CVSVER + +# We'll automatically install the config file for the Name Server Cache Daemon. +# Perhaps this should also have some commented-out startup code in rc.inet2... +mkdir -p $PKG/etc +cat nscd/nscd.conf > $PKG/etc/nscd.conf.new + +# Install some scripts to help select a timezone: +mkdir -p $PKG/var/log/setup +cp -a $CWD/timezone-scripts/setup.timeconfig $PKG/var/log/setup +chown root:root $PKG/var/log/setup/setup.timeconfig +chmod 755 $PKG/var/log/setup/setup.timeconfig +mkdir -p $PKG/usr/sbin +cp -a $CWD/timezone-scripts/timeconfig $PKG/usr/sbin +chown root:root $PKG/usr/sbin/timeconfig +chmod 755 $PKG/usr/sbin/timeconfig + +## Install docs: +( mkdir -p $PKG/usr/doc/glibc-$VERSION + cp -a \ + BUGS CONFORMANCE COPYING COPYING.LIB FAQ INSTALL LICENSES NAMESPACE \ + NEWS NOTES PROJECTS README README.libm \ + $PKG/usr/doc/glibc-$VERSION +) + +# Don't forget to add the /usr/share/zoneinfo/localtime -> /etc/localtime symlink! :) +if [ ! -r $PKG/usr/share/zoneinfo/localtime ]; then + ( cd $PKG/usr/share/zoneinfo ; ln -sf /etc/localtime . ) +fi + +# OK, there are some very old Linux standards that say that any binaries in a /bin or +# /sbin directory (and the directories themselves) should be group bin rather than +# group root, unless a specific group is really needed for some reason. +# +# I can't find any mention of this in more recent standards docs, and always thought +# that it was pretty cosmetic anyway (hey, if there's a reason -- fill me in!), so +# it's possible that this ownership change won't be followed in the near future +# (it's a PITA, and causes many bug reports when the perms change is occasionally +# forgotten). +# +# But, it's hard to get me to break old habits, so we'll continue the tradition here: +# +# No, no we won't. You know how we love to break traditions. + +# Strip most binaries: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-debug 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null +) + +# Fix info dir: +rm $PKG/usr/info/dir +gzip -9 $PKG/usr/info/* + +# This is junk +rm $PKG/etc/ld.so.cache +( cd $PKG + find . -name "*.orig" -exec rm {} \; +) + +################################## +# OK, time to make some packages # +################################## + +# glibc-zoneinfo. We will start with an easy one to avoid breaking a sweat. ;-) +cd $CWD +ZONE_VERSIONS="$(echo tzdata* | cut -f1 -d . | cut -b7-11)" +echo $ZONE_VERSIONS +cd $PZONE +# Install some scripts to help select a timezone: +mkdir -p $PZONE/var/log/setup +cp -a $CWD/timezone-scripts/setup.timeconfig $PZONE/var/log/setup +chown root:root $PZONE/var/log/setup/setup.timeconfig +chmod 755 $PZONE/var/log/setup/setup.timeconfig +mkdir -p $PZONE/usr/sbin +cp -a $CWD/timezone-scripts/timeconfig $PZONE/usr/sbin +chown root:root $PZONE/usr/sbin/timeconfig +chmod 755 $PZONE/usr/sbin/timeconfig +mkdir $PZONE/install +cat $CWD/doinst.sh-glibc-zoneinfo > $PZONE/install/doinst.sh +cat $CWD/slack-desc.glibc-zoneinfo > $PZONE/install/slack-desc +mkdir -p $PZONE/usr/share +cd $PZONE/usr/share +cp -a --verbose $PKG/usr/share/zoneinfo . +cd $PZONE +mkdir -p $PZONE/etc +# This is already hard-coded into doinst.sh (like it'll be there anyway ;-): +rm -f etc/localtime +# Wrap it up: +makepkg -l y -c n $TMP/glibc-zoneinfo-$ZONE_VERSIONS-noarch-$BUILD.txz + +# glibc-profile: +cd $PPROFILE +mkdir -p usr/lib${LIBDIRSUFFIX} +# Might as well just grab these with 'mv' to simplify things later: +mv $PKG/usr/lib${LIBDIRSUFFIX}/lib*_p.a usr/lib${LIBDIRSUFFIX} +# Profile libs should be stripped. Use the debug libs to debug... +( cd usr/lib${LIBDIRSUFFIX} ; strip -g *.a ) +mkdir install +cp -a $CWD/slack-desc.glibc-profile install/slack-desc +makepkg -l y -c n $TMP/glibc-profile-$VERSION-$ARCH-$BUILD.txz + +# THIS IS NO LONGER PACKAGED (or is it? might be better to let it be made, and then ship it or not...) +# glibc-debug: +cd $PDEBUG +mkdir -p usr/lib${LIBDIRSUFFIX} +# Might as well just grab these with 'mv' to simplify things later: +mv $PKG/usr/lib${LIBDIRSUFFIX}/debug usr/lib${LIBDIRSUFFIX} +mkdir install +cp -a $CWD/slack-desc.glibc-debug install/slack-desc +makepkg -l y -c n $TMP/glibc-debug-$VERSION-$ARCH-$BUILD.txz +## INSTEAD, NUKE THESE LIBS +#rm -rf $PKG/usr/lib${LIBDIRSUFFIX}/debug + +# glibc-i18n: +cd $PI18N +mkdir -p usr/lib${LIBDIRSUFFIX} +rm -rf usr/lib${LIBDIRSUFFIX}/locale +cp -a $PKG/usr/lib${LIBDIRSUFFIX}/locale usr/lib${LIBDIRSUFFIX} +mkdir -p usr/share +cp -a $PKG/usr/share/i18n usr/share +cp -a $PKG/usr/share/locale usr/share +mkdir install +cp -a $CWD/slack-desc.glibc-i18n install/slack-desc +makepkg -l y -c n $TMP/glibc-i18n-$VERSION-$ARCH-$BUILD.txz + +# glibc-solibs: +cd $PSOLIBS +mkdir -p etc/profile.d +cp -a $CWD/profile.d/* etc/profile.d +chown -R root:root etc +chmod 755 etc/profile.d/* +mkdir -p lib${LIBDIRSUFFIX} +cp -a $PKG/lib${LIBDIRSUFFIX}/* lib${LIBDIRSUFFIX} +( cd lib${LIBDIRSUFFIX} + mkdir incoming + mv *so* incoming + mv incoming/libSegFault.so . +) +mkdir -p usr +cp -a $PKG/usr/bin usr +mv usr/bin/ldd . +rm usr/bin/* +mv ldd usr/bin +mkdir -p usr/lib${LIBDIRSUFFIX} +# The gconv directory has a lot of stuff, but including it here will save some problems. +# Seems standard elsewhere. +cp -a $PKG/usr/lib${LIBDIRSUFFIX}/gconv usr/lib${LIBDIRSUFFIX} +# Another manpage abandoned by GNU... +#mkdir -p usr/man/man1 +#cp -a $PKG/usr/man/man1/ldd.1.gz usr/man/man1 +mkdir -p usr/libexec +cp -a $PKG/usr/libexec/pt_chown usr/libexec +# Same usr.bin deal: +cp -a $PKG/sbin . +mv sbin/ldconfig . +rm sbin/* +mv ldconfig sbin +mkdir install +cp -a $CWD/slack-desc.glibc-solibs install/slack-desc +cp -a $CWD/doinst.sh-glibc-solibs install/doinst.sh +fix_doinst +# Ditch links: +find . -type l -exec rm {} \; +# Build the package: +makepkg -l y -c n $TMP/glibc-solibs-$VERSION-$ARCH-$BUILD.txz + +# And finally, the complete "all-in-one" glibc package is created +# from whatever was leftover: +cd $PGLIBC +mv $PKG/* . +mkdir -p etc/profile.d +cp -a $CWD/profile.d/* etc/profile.d +chown -R root:root etc +chmod 755 etc/profile.d/* +# Ditch links (these are in doinst.sh-glibc): +find . -type l -exec rm {} \; +mkdir install +cp -a $CWD/slack-desc.glibc install/slack-desc +cp -a $CWD/doinst.sh-glibc install/doinst.sh +fix_doinst +( cd lib${LIBDIRSUFFIX} + mkdir incoming + mv *so* incoming + mv incoming/libSegFault.so . +) +# Build the package: +/sbin/makepkg -l y -c n $TMP/glibc-$VERSION-$ARCH-$BUILD.txz + +# Done! +echo +echo "glibc packages built in $TMP!" + diff --git a/patches/source/glibc/glibc.getcwd.max.macro.diff b/patches/source/glibc/glibc.getcwd.max.macro.diff new file mode 100644 index 00000000..e26e14d9 --- /dev/null +++ b/patches/source/glibc/glibc.getcwd.max.macro.diff @@ -0,0 +1,10 @@ +--- ./sysdeps/unix/sysv/linux/getcwd.c.orig 2006-04-02 12:58:28.000000000 -0500 ++++ ./sysdeps/unix/sysv/linux/getcwd.c 2006-10-10 22:11:02.000000000 -0500 +@@ -28,6 +28,7 @@ + #include <sysdep.h> + #include <sys/syscall.h> + #include <bp-checks.h> ++#include <sys/param.h> + + #include <kernel-features.h> + diff --git a/patches/source/glibc/glibc.locale.no-archive.diff b/patches/source/glibc/glibc.locale.no-archive.diff new file mode 100644 index 00000000..bf1a83b7 --- /dev/null +++ b/patches/source/glibc/glibc.locale.no-archive.diff @@ -0,0 +1,10 @@ +--- ./localedata/Makefile.orig 2003-11-20 15:31:38.000000000 -0800 ++++ ./localedata/Makefile 2004-08-03 17:20:54.000000000 -0700 +@@ -222,6 +222,7 @@ + echo -n '...'; \ + input=`echo $$locale | sed 's/\([^.]*\)[^@]*\(.*\)/\1\2/'`; \ + $(LOCALEDEF) --alias-file=../intl/locale.alias \ ++ --no-archive \ + -i locales/$$input -c -f charmaps/$$charset \ + $(addprefix --prefix=,$(install_root)) $$locale; \ + echo ' done'; \ diff --git a/patches/source/glibc/glibc.nis-netgroups.diff b/patches/source/glibc/glibc.nis-netgroups.diff new file mode 100644 index 00000000..2473e976 --- /dev/null +++ b/patches/source/glibc/glibc.nis-netgroups.diff @@ -0,0 +1,12 @@ +--- ./nis/nss_nis/nis-netgrp.c.orig 2006-04-08 21:08:28.000000000 -0500 ++++ ./nis/nss_nis/nis-netgrp.c 2006-10-10 20:49:11.000000000 -0500 +@@ -72,7 +72,8 @@ + and the last byte is filled with NUL. So we can simply + use that buffer. */ + assert (len >= 0); +- assert (malloc_usable_size (netgrp->data) >= len + 1); ++ /* The next line break NIS netgroups on non-PAM systems, so we will comment it out */ ++ /* assert (malloc_usable_size (netgrp->data) >= len + 1); */ + assert (netgrp->data[len] == '\0'); + + netgrp->data_size = len; diff --git a/patches/source/glibc/glibc.revert.to.fix.build.breakages.diff b/patches/source/glibc/glibc.revert.to.fix.build.breakages.diff new file mode 100644 index 00000000..9c8e93b9 --- /dev/null +++ b/patches/source/glibc/glibc.revert.to.fix.build.breakages.diff @@ -0,0 +1,13 @@ +--- ./sysdeps/unix/sysv/linux/bits/socket.h.orig 2008-07-27 03:25:30.000000000 -0500 ++++ ./sysdeps/unix/sysv/linux/bits/socket.h 2009-02-24 17:38:52.000000000 -0600 +@@ -26,8 +26,9 @@ + #endif + + #define __need_size_t ++#define __need_NULL + #include <stddef.h> +- ++#include <limits.h> + #include <sys/types.h> + + /* Type for length arguments in socket calls. */ diff --git a/patches/source/glibc/glibc.ru_RU.CP1251.diff b/patches/source/glibc/glibc.ru_RU.CP1251.diff new file mode 100644 index 00000000..376cf76a --- /dev/null +++ b/patches/source/glibc/glibc.ru_RU.CP1251.diff @@ -0,0 +1,10 @@ +--- ./localedata/SUPPORTED.orig 2005-07-17 20:50:35.000000000 -0500 ++++ ./localedata/SUPPORTED 2006-08-22 01:33:09.000000000 -0500 +@@ -270,6 +270,7 @@ + ro_RO/ISO-8859-2 \ + ru_RU.KOI8-R/KOI8-R \ + ru_RU.UTF-8/UTF-8 \ ++ru_RU.CP1251/CP1251 \ + ru_RU/ISO-8859-5 \ + ru_UA.UTF-8/UTF-8 \ + ru_UA/KOI8-U \ diff --git a/patches/source/glibc/is_IS.diff b/patches/source/glibc/is_IS.diff new file mode 100644 index 00000000..52a99696 --- /dev/null +++ b/patches/source/glibc/is_IS.diff @@ -0,0 +1,19 @@ +--- ./localedata/locales/is_IS.orig 2007-09-30 17:30:17.000000000 -0500 ++++ ./localedata/locales/is_IS 2006-07-30 17:19:43.000000000 -0500 +@@ -947,6 +947,7 @@ + <UE00D> IGNORE;IGNORE;IGNORE;<UE00D> + <UE00E> IGNORE;IGNORE;IGNORE;<UE00E> + <UE00F> IGNORE;IGNORE;IGNORE;<UE00F> ++<"=> IGNORE;IGNORE;IGNORE;<"=> + <UE011> IGNORE;IGNORE;IGNORE;<UE011> + <UE012> IGNORE;IGNORE;IGNORE;<UE012> + <UE013> IGNORE;IGNORE;IGNORE;<UE013> +@@ -955,6 +956,8 @@ + <UE017> IGNORE;IGNORE;IGNORE;<UE017> + <UE018> IGNORE;IGNORE;IGNORE;<UE018> + <UE019> IGNORE;IGNORE;IGNORE;<UE019> ++<Mc> IGNORE;IGNORE;IGNORE;<Mc> ++<Fl> IGNORE;IGNORE;IGNORE;<Fl> + UNDEFINED IGNORE;IGNORE;IGNORE + + <U0030> <U0030>;<U0030>;IGNORE;IGNORE diff --git a/patches/source/glibc/profile.d/glibc.csh.new b/patches/source/glibc/profile.d/glibc.csh.new new file mode 100755 index 00000000..adcc4060 --- /dev/null +++ b/patches/source/glibc/profile.d/glibc.csh.new @@ -0,0 +1,9 @@ +#!/bin/csh +# Set more relaxed (glibc-2.3.5 like) malloc() checking. +# +# This relaxes the default paranoia level so that it reports +# bugs, but does not kill the questionable process. You can +# get away with running broken programs with this setting, +# but at a possible performance and security cost. +# +#setenv MALLOC_CHECK_=1 diff --git a/patches/source/glibc/profile.d/glibc.sh.new b/patches/source/glibc/profile.d/glibc.sh.new new file mode 100755 index 00000000..979f4879 --- /dev/null +++ b/patches/source/glibc/profile.d/glibc.sh.new @@ -0,0 +1,8 @@ +#!/bin/sh +# Set more relaxed (glibc-2.3.5 like) malloc() checking. +# +# This relaxes the default paranoia level so that it reports +# bugs, but does not kill the questionable process. You can +# get away with running broken programs with this setting, +# but at a possible performance and security cost. +#export MALLOC_CHECK_=1 diff --git a/patches/source/glibc/slack-desc.glibc b/patches/source/glibc/slack-desc.glibc new file mode 100644 index 00000000..c9c35c2d --- /dev/null +++ b/patches/source/glibc/slack-desc.glibc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +glibc: glibc (GNU C libraries) +glibc: +glibc: This package contains the GNU C libraries and header files. The GNU +glibc: C library was written originally by Roland McGrath, and is currently +glibc: maintained by Ulrich Drepper. Some parts of the library were +glibc: contributed or worked on by other people. +glibc: +glibc: You'll need this package to compile programs. +glibc: +glibc: +glibc: diff --git a/patches/source/glibc/slack-desc.glibc-debug b/patches/source/glibc/slack-desc.glibc-debug new file mode 100644 index 00000000..79398d0b --- /dev/null +++ b/patches/source/glibc/slack-desc.glibc-debug @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +glibc-debug: glibc-debug (GNU C libraries with debugging symbols) +glibc-debug: +glibc-debug: This package contains versions of the GNU C libraries with debugging +glibc-debug: information. These are needed only if you wish to be able to step +glibc-debug: through C library routines while debugging programs. Most debugging +glibc-debug: efforts will not require these. +glibc-debug: To use these libraries, set LD_LIBRARY_PATH when calling the debugger: +glibc-debug: LD_LIBRARY_PATH=/usr/lib/debug gdb <executable> +glibc-debug: +glibc-debug: Or, use this approach if you need to debug a setuid binary: +glibc-debug: su user -c "LD_LIBRARY_PATH=/usr/lib/debug gdb <executable>" diff --git a/patches/source/glibc/slack-desc.glibc-i18n b/patches/source/glibc/slack-desc.glibc-i18n new file mode 100644 index 00000000..71f5336c --- /dev/null +++ b/patches/source/glibc/slack-desc.glibc-i18n @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +glibc-i18n: glibc-i18n (locale files from glibc) +glibc-i18n: +glibc-i18n: These files go in /usr/lib/locale and /usr/share/i18n/ to provide +glibc-i18n: internationalization support. You'll need this package unless you +glibc-i18n: will be using US English only. +glibc-i18n: +glibc-i18n: +glibc-i18n: +glibc-i18n: +glibc-i18n: +glibc-i18n: diff --git a/patches/source/glibc/slack-desc.glibc-profile b/patches/source/glibc/slack-desc.glibc-profile new file mode 100644 index 00000000..8c873fd9 --- /dev/null +++ b/patches/source/glibc/slack-desc.glibc-profile @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +glibc-profile: glibc-profile (GNU C libraries with profiling support) +glibc-profile: +glibc-profile: This package contains static versions of the GNU C libraries with +glibc-profile: support for profiling binaries using gprof. gprof calculates how +glibc-profile: much time a program spends in each routine which can suggest where +glibc-profile: to concentrate efforts to improve performance. +glibc-profile: +glibc-profile: See the gprof man page for more details. +glibc-profile: +glibc-profile: +glibc-profile: diff --git a/patches/source/glibc/slack-desc.glibc-solibs b/patches/source/glibc/slack-desc.glibc-solibs new file mode 100644 index 00000000..807df645 --- /dev/null +++ b/patches/source/glibc/slack-desc.glibc-solibs @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +glibc-solibs: glibc-solibs (shared GNU C libraries) +glibc-solibs: +glibc-solibs: This package contains the shared libraries, binaries, and support +glibc-solibs: files required to run most Linux applications linked with glibc. +glibc-solibs: +glibc-solibs: +glibc-solibs: +glibc-solibs: +glibc-solibs: +glibc-solibs: +glibc-solibs: diff --git a/patches/source/glibc/slack-desc.glibc-solibs-linuxthreads b/patches/source/glibc/slack-desc.glibc-solibs-linuxthreads new file mode 100644 index 00000000..9efe3bf1 --- /dev/null +++ b/patches/source/glibc/slack-desc.glibc-solibs-linuxthreads @@ -0,0 +1,18 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +glibc-solibs-linuxthreads: glibc-solibs-linuxthreads (LinuxThreads shared GNU C libraries) +glibc-solibs-linuxthreads: +glibc-solibs-linuxthreads: This package contains the shared libraries for glibc that uses +glibc-solibs-linuxthreads: LinuxThreads, the threading implementation in Linux 2.4.x and +glibc-solibs-linuxthreads: earlier kernels. In some cases you'll need to use these libraries +glibc-solibs-linuxthreads: to run old binaries by setting these environment variables: +glibc-solibs-linuxthreads: export LD_ASSUME_KERNEL=2.4.33 +glibc-solibs-linuxthreads: export LD_LIBRARY_PATH=/lib/obsolete/linuxthreads +glibc-solibs-linuxthreads: old-program +glibc-solibs-linuxthreads: Most users should have no need for this package. Recompile. :-) diff --git a/patches/source/glibc/slack-desc.glibc-zoneinfo b/patches/source/glibc/slack-desc.glibc-zoneinfo new file mode 100644 index 00000000..24dfd0e9 --- /dev/null +++ b/patches/source/glibc/slack-desc.glibc-zoneinfo @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +glibc-zoneinfo: glibc-zoneinfo (timezone database) +glibc-zoneinfo: +glibc-zoneinfo: This package allows you to configure your time zone. +glibc-zoneinfo: +glibc-zoneinfo: This timezone database comes from the tzdata and tzcode packages by +glibc-zoneinfo: Arthur David Olson et.al. The latest version and more information +glibc-zoneinfo: may be found at ftp://elsie.nci.nih.gov/pub/ +glibc-zoneinfo: +glibc-zoneinfo: Use the timeconfig utility to set your local time zone. +glibc-zoneinfo: +glibc-zoneinfo: diff --git a/patches/source/glibc/timezone-scripts/output-updated-timeconfig.sh b/patches/source/glibc/timezone-scripts/output-updated-timeconfig.sh new file mode 100644 index 00000000..a04f1b67 --- /dev/null +++ b/patches/source/glibc/timezone-scripts/output-updated-timeconfig.sh @@ -0,0 +1,53 @@ +#!/bin/sh +# Copyright 2000, 2001, 2006, 2007, 2008, 2012 Patrick J. Volkerding, Sebeka, MN, USA. +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +if [ ! "$(basename "$1")" = "zoneinfo" -o ! -d "$1" ]; then + echo " Usage: output-updated-timeconfig.sh <zoneinfo directory>" + exit 1 +fi + +CWD=$(pwd) +cat $CWD/parts/00 +# Sorry, I'd rather not be US-centric but some people here have a hard +# time finding things. ;-) +( cd $1 + find . -type f | xargs file | grep "timezone data" | cut -f 1 -d : | cut -f 2- -d / | sort | grep "^US/" | while read zone ; do + echo "\"${zone}\" \" \" \\" + done +) +( cd $1 + find . -type f | xargs file | grep "timezone data" | cut -f 1 -d : | cut -f 2- -d / | sort | grep -v "^US/" | while read zone ; do + echo "\"${zone}\" \" \" \\" + done +) +cat $CWD/parts/02 +( cd $1 + find . -type f | xargs file | grep "timezone data" | cut -f 1 -d : | cut -f 2- -d / | sort | grep "^US/" | while read zone ; do + echo "${zone}" + done +) +( cd $1 + find . -type f | xargs file | grep "timezone data" | cut -f 1 -d : | cut -f 2- -d / | sort | grep -v "^US/" | while read zone ; do + echo "${zone}" + done +) +cat $CWD/parts/04 diff --git a/patches/source/glibc/timezone-scripts/parts/00 b/patches/source/glibc/timezone-scripts/parts/00 new file mode 100644 index 00000000..a1601faa --- /dev/null +++ b/patches/source/glibc/timezone-scripts/parts/00 @@ -0,0 +1,131 @@ +#!/bin/sh +# +# timeconfig Slackware Linux timezone configuration utility. +# +# Author: Patrick Volkerding <volkerdi@slackware.com> +# Modified by: David Cantrell <david@slackware.com>, 06-Oct-2000 +# +# ChangeLog: +# 2014-10-22: Updated timezones from tzdata2014i. <pjv> +# 2012-12-12: Updated timezones from tzdata2012j. <pjv> +# 2008-03-10: Updated timezones from tzdata2008a. <pjv> +# 2007-12-21: Updated timezones from tzdata2007j. <pjv> +# 2006-12-03: Updated timezones from tzdata2006p. <pjv> +# 2006-09-14: Updated timezones from tzdata2006k. <pjv> +# 2006-08-22: Updated timezones from tzdata2006j. +# 2006-08-13: Updated timezones from tzdata2006g. +# 2006-03-13: Updated timezones from tzdata2006c. +# 19-Feb-2001 Add new timezones from glibc-2.2.2. +# 06-Oct-2000 Fixed a problem with selecting UTC time. It was writing +# the hardwareclock file to the root disk and not your dest +# partition. Changed the HWCLOCK_CONF variable to be +# $T_PX/etc/hardwareclock to fix this. Thanks to David L. +# Dickman <softbear@optonline.net> for finding this and +# submitting a patch. +# +# 15-Mar-2000 Added the writeconf function to write out the +# /etc/hardwareclock file which tells what the hardware clock +# is set to (UTC or localtime). +# +# 03-Mar-2000 Reorganized script. Made one timezone set block, added +# stage that asks the user if the hardware clock is set to +# UTC. + +# setup our temp locations and variables +TMP=/var/log/setup/tmp +if [ -r $TMP/SeTT_PX ]; then + T_PX="`cat $TMP/SeTT_PX`" +elif [ ! "$!" = "" ]; then + T_PX=$1 +else + T_PX=/ +fi + +# the hardware clock configuration file +HWCLOCK_CONF=$T_PX/etc/hardwareclock + +# setzone( $TIMEZONE ) +# +# This function accepts a time zone as the only parameter and sets it as +# the default system time zone. +setzone() +{ + TZ=$1 + + cd $T_PX/etc + if [ -r $T_PX/usr/share/zoneinfo/$TZ -o \ + -r /var/log/mount/usr/share/zoneinfo/$TZ -o \ + -L $T_PX/usr/share/zoneinfo/$TZ -o \ + -L /var/log/mount/usr/share/zoneinfo/$TZ ]; then + ln -sf /usr/share/zoneinfo/$TZ localtime-copied-from + rm -f localtime + cd .. + chroot . cp etc/localtime-copied-from etc/localtime + fi +} + +# writeconf( $CLOCK_SET_TO ) +# +# Writes out $HWCLOCK_CONF that tells rc.S how the hardware clock +# value is stored. +writeconf() +{ + echo "# /etc/hardwareclock" > $HWCLOCK_CONF + echo "#" >> $HWCLOCK_CONF + echo "# Tells how the hardware clock time is stored." >> $HWCLOCK_CONF + echo "# You should run timeconfig to edit this file." >> $HWCLOCK_CONF + echo >> $HWCLOCK_CONF + echo $1 >> $HWCLOCK_CONF +} + +# ask the user if the hardware clock is set for UTC/GMT +if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then + ### + ### use color menus here + ### + dialog --title "HARDWARE CLOCK SET TO UTC?" --menu "Is the hardware clock set \ +to Coordinated Universal Time (UTC/GMT)? If it is, select YES here. If the \ +hardware clock is set to the current local time (this is how most PCs are set \ +up), then say NO here. If you are not sure what this is, you should answer NO \ +here." 13 60 2 \ + "NO" "Hardware clock is set to local time" \ + "YES" "Hardware clock is set to UTC" \ + 2> $TMP/utc + if [ $? = 1 -o $? = 255 ]; then + rm -f $TMP/utc + exit + fi + if [ "`cat $TMP/utc`" = "YES" ]; then + # yes, the hardware clock is UTC + writeconf "UTC" + else # must be NO + writeconf "localtime" + fi + rm -f $TMP/utc +else + ### + ### use text prompts + ### + echo "Is the hardware clock set to Coordinated Universal Time (UTC/GMT)?" + echo "If it is, select 'y' here. If the hardware clock is set to the" + echo "current local time (this is how most PCs are set up), then say 'n'" + echo "here. If you are not sure what this is, you should answer 'n' here." + echo + echo -n "Is your hardware clock set to UTC ([y]es, [n]o)? " + read HEJAZ + + if [ "$HEJAZ" = "y" -o "$HEJAZ" = "Y" -o "$HEJAZ" = "YES" -o "$HEJAZ" = "yes" ]; then + # yes, the hardware clock is UTC + writeconf "UTC" + else + # default to localtime + writeconf "localtime" + fi +fi + +# Now set the correct timezone link: +if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then + ### + ### use color menus here + ### + dialog --title "TIMEZONE CONFIGURATION" --menu "Please select one of the following timezones for your machine:" 21 50 13 \ diff --git a/patches/source/glibc/timezone-scripts/parts/01 b/patches/source/glibc/timezone-scripts/parts/01 new file mode 100644 index 00000000..7fc8fb1d --- /dev/null +++ b/patches/source/glibc/timezone-scripts/parts/01 @@ -0,0 +1,1658 @@ +"US/Alaska" " " \ +"US/Aleutian" " " \ +"US/Arizona" " " \ +"US/Central" " " \ +"US/East-Indiana" " " \ +"US/Eastern" " " \ +"US/Hawaii" " " \ +"US/Indiana-Starke" " " \ +"US/Michigan" " " \ +"US/Mountain" " " \ +"US/Pacific" " " \ +"US/Pacific-New" " " \ +"US/Samoa" " " \ +"Africa/Abidjan" " " \ +"Africa/Accra" " " \ +"Africa/Addis_Ababa" " " \ +"Africa/Algiers" " " \ +"Africa/Asmera" " " \ +"Africa/Bamako" " " \ +"Africa/Bangui" " " \ +"Africa/Banjul" " " \ +"Africa/Bissau" " " \ +"Africa/Blantyre" " " \ +"Africa/Brazzaville" " " \ +"Africa/Bujumbura" " " \ +"Africa/Cairo" " " \ +"Africa/Casablanca" " " \ +"Africa/Ceuta" " " \ +"Africa/Conakry" " " \ +"Africa/Dakar" " " \ +"Africa/Dar_es_Salaam" " " \ +"Africa/Djibouti" " " \ +"Africa/Douala" " " \ +"Africa/El_Aaiun" " " \ +"Africa/Freetown" " " \ +"Africa/Gaborone" " " \ +"Africa/Harare" " " \ +"Africa/Johannesburg" " " \ +"Africa/Kampala" " " \ +"Africa/Khartoum" " " \ +"Africa/Kigali" " " \ +"Africa/Kinshasa" " " \ +"Africa/Lagos" " " \ +"Africa/Libreville" " " \ +"Africa/Lome" " " \ +"Africa/Luanda" " " \ +"Africa/Lubumbashi" " " \ +"Africa/Lusaka" " " \ +"Africa/Malabo" " " \ +"Africa/Maputo" " " \ +"Africa/Maseru" " " \ +"Africa/Mbabane" " " \ +"Africa/Mogadishu" " " \ +"Africa/Monrovia" " " \ +"Africa/Nairobi" " " \ +"Africa/Ndjamena" " " \ +"Africa/Niamey" " " \ +"Africa/Nouakchott" " " \ +"Africa/Ouagadougou" " " \ +"Africa/Porto-Novo" " " \ +"Africa/Sao_Tome" " " \ +"Africa/Timbuktu" " " \ +"Africa/Tripoli" " " \ +"Africa/Tunis" " " \ +"Africa/Windhoek" " " \ +"America/Adak" " " \ +"America/Anchorage" " " \ +"America/Anguilla" " " \ +"America/Antigua" " " \ +"America/Araguaina" " " \ +"America/Argentina/Buenos_Aires" " " \ +"America/Argentina/Catamarca" " " \ +"America/Argentina/ComodRivadavia" " " \ +"America/Argentina/Cordoba" " " \ +"America/Argentina/Jujuy" " " \ +"America/Argentina/La_Rioja" " " \ +"America/Argentina/Mendoza" " " \ +"America/Argentina/Rio_Gallegos" " " \ +"America/Argentina/San_Juan" " " \ +"America/Argentina/Tucuman" " " \ +"America/Argentina/Ushuaia" " " \ +"America/Aruba" " " \ +"America/Asuncion" " " \ +"America/Atikokan" " " \ +"America/Atka" " " \ +"America/Bahia" " " \ +"America/Barbados" " " \ +"America/Belem" " " \ +"America/Belize" " " \ +"America/Blanc-Sablon" " " \ +"America/Boa_Vista" " " \ +"America/Bogota" " " \ +"America/Boise" " " \ +"America/Buenos_Aires" " " \ +"America/Cambridge_Bay" " " \ +"America/Campo_Grande" " " \ +"America/Cancun" " " \ +"America/Caracas" " " \ +"America/Catamarca" " " \ +"America/Cayenne" " " \ +"America/Cayman" " " \ +"America/Chicago" " " \ +"America/Chihuahua" " " \ +"America/Coral_Harbour" " " \ +"America/Cordoba" " " \ +"America/Costa_Rica" " " \ +"America/Cuiaba" " " \ +"America/Curacao" " " \ +"America/Danmarkshavn" " " \ +"America/Dawson" " " \ +"America/Dawson_Creek" " " \ +"America/Denver" " " \ +"America/Detroit" " " \ +"America/Dominica" " " \ +"America/Edmonton" " " \ +"America/Eirunepe" " " \ +"America/El_Salvador" " " \ +"America/Ensenada" " " \ +"America/Fort_Wayne" " " \ +"America/Fortaleza" " " \ +"America/Glace_Bay" " " \ +"America/Godthab" " " \ +"America/Goose_Bay" " " \ +"America/Grand_Turk" " " \ +"America/Grenada" " " \ +"America/Guadeloupe" " " \ +"America/Guatemala" " " \ +"America/Guayaquil" " " \ +"America/Guyana" " " \ +"America/Halifax" " " \ +"America/Havana" " " \ +"America/Hermosillo" " " \ +"America/Indiana/Indianapolis" " " \ +"America/Indiana/Knox" " " \ +"America/Indiana/Marengo" " " \ +"America/Indiana/Petersburg" " " \ +"America/Indiana/Tell_City" " " \ +"America/Indiana/Vevay" " " \ +"America/Indiana/Vincennes" " " \ +"America/Indianapolis" " " \ +"America/Inuvik" " " \ +"America/Iqaluit" " " \ +"America/Jamaica" " " \ +"America/Jujuy" " " \ +"America/Juneau" " " \ +"America/Kentucky/Louisville" " " \ +"America/Kentucky/Monticello" " " \ +"America/Knox_IN" " " \ +"America/La_Paz" " " \ +"America/Lima" " " \ +"America/Los_Angeles" " " \ +"America/Louisville" " " \ +"America/Maceio" " " \ +"America/Managua" " " \ +"America/Manaus" " " \ +"America/Martinique" " " \ +"America/Mazatlan" " " \ +"America/Mendoza" " " \ +"America/Menominee" " " \ +"America/Merida" " " \ +"America/Mexico_City" " " \ +"America/Miquelon" " " \ +"America/Moncton" " " \ +"America/Monterrey" " " \ +"America/Montevideo" " " \ +"America/Montreal" " " \ +"America/Montserrat" " " \ +"America/Nassau" " " \ +"America/New_York" " " \ +"America/Nipigon" " " \ +"America/Nome" " " \ +"America/Noronha" " " \ +"America/North_Dakota/Center" " " \ +"America/North_Dakota/New_Salem" " " \ +"America/Panama" " " \ +"America/Pangnirtung" " " \ +"America/Paramaribo" " " \ +"America/Phoenix" " " \ +"America/Port-au-Prince" " " \ +"America/Port_of_Spain" " " \ +"America/Porto_Acre" " " \ +"America/Porto_Velho" " " \ +"America/Puerto_Rico" " " \ +"America/Rainy_River" " " \ +"America/Rankin_Inlet" " " \ +"America/Recife" " " \ +"America/Regina" " " \ +"America/Rio_Branco" " " \ +"America/Rosario" " " \ +"America/Santiago" " " \ +"America/Santo_Domingo" " " \ +"America/Sao_Paulo" " " \ +"America/Scoresbysund" " " \ +"America/Shiprock" " " \ +"America/St_Johns" " " \ +"America/St_Kitts" " " \ +"America/St_Lucia" " " \ +"America/St_Thomas" " " \ +"America/St_Vincent" " " \ +"America/Swift_Current" " " \ +"America/Tegucigalpa" " " \ +"America/Thule" " " \ +"America/Thunder_Bay" " " \ +"America/Tijuana" " " \ +"America/Toronto" " " \ +"America/Tortola" " " \ +"America/Vancouver" " " \ +"America/Virgin" " " \ +"America/Whitehorse" " " \ +"America/Winnipeg" " " \ +"America/Yakutat" " " \ +"America/Yellowknife" " " \ +"Antarctica/Casey" " " \ +"Antarctica/Davis" " " \ +"Antarctica/DumontDUrville" " " \ +"Antarctica/Mawson" " " \ +"Antarctica/McMurdo" " " \ +"Antarctica/Palmer" " " \ +"Antarctica/Rothera" " " \ +"Antarctica/South_Pole" " " \ +"Antarctica/Syowa" " " \ +"Antarctica/Troll" " " \ +"Antarctica/Vostok" " " \ +"Arctic/Longyearbyen" " " \ +"Asia/Aden" " " \ +"Asia/Almaty" " " \ +"Asia/Amman" " " \ +"Asia/Anadyr" " " \ +"Asia/Aqtau" " " \ +"Asia/Aqtobe" " " \ +"Asia/Ashgabat" " " \ +"Asia/Ashkhabad" " " \ +"Asia/Baghdad" " " \ +"Asia/Bahrain" " " \ +"Asia/Baku" " " \ +"Asia/Bangkok" " " \ +"Asia/Beirut" " " \ +"Asia/Bishkek" " " \ +"Asia/Brunei" " " \ +"Asia/Calcutta" " " \ +"Asia/Chita" " " \ +"Asia/Choibalsan" " " \ +"Asia/Chongqing" " " \ +"Asia/Chungking" " " \ +"Asia/Colombo" " " \ +"Asia/Dacca" " " \ +"Asia/Damascus" " " \ +"Asia/Dhaka" " " \ +"Asia/Dili" " " \ +"Asia/Dubai" " " \ +"Asia/Dushanbe" " " \ +"Asia/Gaza" " " \ +"Asia/Harbin" " " \ +"Asia/Hong_Kong" " " \ +"Asia/Hovd" " " \ +"Asia/Irkutsk" " " \ +"Asia/Istanbul" " " \ +"Asia/Jakarta" " " \ +"Asia/Jayapura" " " \ +"Asia/Jerusalem" " " \ +"Asia/Kabul" " " \ +"Asia/Kamchatka" " " \ +"Asia/Karachi" " " \ +"Asia/Kashgar" " " \ +"Asia/Katmandu" " " \ +"Asia/Khandyga" " " \ +"Asia/Khandyga" " " \ +"Asia/Krasnoyarsk" " " \ +"Asia/Kuala_Lumpur" " " \ +"Asia/Kuching" " " \ +"Asia/Kuwait" " " \ +"Asia/Macao" " " \ +"Asia/Macau" " " \ +"Asia/Magadan" " " \ +"Asia/Makassar" " " \ +"Asia/Manila" " " \ +"Asia/Muscat" " " \ +"Asia/Nicosia" " " \ +"Asia/Novosibirsk" " " \ +"Asia/Omsk" " " \ +"Asia/Oral" " " \ +"Asia/Phnom_Penh" " " \ +"Asia/Pontianak" " " \ +"Asia/Pyongyang" " " \ +"Asia/Qatar" " " \ +"Asia/Qyzylorda" " " \ +"Asia/Rangoon" " " \ +"Asia/Riyadh" " " \ +"Asia/Saigon" " " \ +"Asia/Sakhalin" " " \ +"Asia/Samarkand" " " \ +"Asia/Seoul" " " \ +"Asia/Shanghai" " " \ +"Asia/Singapore" " " \ +"Asia/Srednekolymsk" " " \ +"Asia/Taipei" " " \ +"Asia/Tashkent" " " \ +"Asia/Tbilisi" " " \ +"Asia/Tehran" " " \ +"Asia/Tel_Aviv" " " \ +"Asia/Thimbu" " " \ +"Asia/Thimphu" " " \ +"Asia/Tokyo" " " \ +"Asia/Ujung_Pandang" " " \ +"Asia/Ulaanbaatar" " " \ +"Asia/Ulan_Bator" " " \ +"Asia/Urumqi" " " \ +"Asia/Ust-Nera" " " \ +"Asia/Vientiane" " " \ +"Asia/Vladivostok" " " \ +"Asia/Yakutsk" " " \ +"Asia/Yekaterinburg" " " \ +"Asia/Yerevan" " " \ +"Atlantic/Azores" " " \ +"Atlantic/Bermuda" " " \ +"Atlantic/Canary" " " \ +"Atlantic/Cape_Verde" " " \ +"Atlantic/Faeroe" " " \ +"Atlantic/Jan_Mayen" " " \ +"Atlantic/Madeira" " " \ +"Atlantic/Reykjavik" " " \ +"Atlantic/South_Georgia" " " \ +"Atlantic/St_Helena" " " \ +"Atlantic/Stanley" " " \ +"Australia/ACT" " " \ +"Australia/Adelaide" " " \ +"Australia/Brisbane" " " \ +"Australia/Broken_Hill" " " \ +"Australia/Canberra" " " \ +"Australia/Currie" " " \ +"Australia/Darwin" " " \ +"Australia/Hobart" " " \ +"Australia/LHI" " " \ +"Australia/Lindeman" " " \ +"Australia/Lord_Howe" " " \ +"Australia/Melbourne" " " \ +"Australia/NSW" " " \ +"Australia/North" " " \ +"Australia/Perth" " " \ +"Australia/Queensland" " " \ +"Australia/South" " " \ +"Australia/Sydney" " " \ +"Australia/Tasmania" " " \ +"Australia/Victoria" " " \ +"Australia/West" " " \ +"Australia/Yancowinna" " " \ +"Brazil/Acre" " " \ +"Brazil/DeNoronha" " " \ +"Brazil/East" " " \ +"Brazil/West" " " \ +"CET" " " \ +"CST6CDT" " " \ +"Canada/Atlantic" " " \ +"Canada/Central" " " \ +"Canada/East-Saskatchewan" " " \ +"Canada/Eastern" " " \ +"Canada/Mountain" " " \ +"Canada/Newfoundland" " " \ +"Canada/Pacific" " " \ +"Canada/Saskatchewan" " " \ +"Canada/Yukon" " " \ +"Chile/Continental" " " \ +"Chile/EasterIsland" " " \ +"Cuba" " " \ +"EET" " " \ +"EST" " " \ +"EST5EDT" " " \ +"Egypt" " " \ +"Eire" " " \ +"Etc/GMT" " " \ +"Etc/GMT+0" " " \ +"Etc/GMT+1" " " \ +"Etc/GMT+10" " " \ +"Etc/GMT+11" " " \ +"Etc/GMT+12" " " \ +"Etc/GMT+2" " " \ +"Etc/GMT+3" " " \ +"Etc/GMT+4" " " \ +"Etc/GMT+5" " " \ +"Etc/GMT+6" " " \ +"Etc/GMT+7" " " \ +"Etc/GMT+8" " " \ +"Etc/GMT+9" " " \ +"Etc/GMT-0" " " \ +"Etc/GMT-1" " " \ +"Etc/GMT-10" " " \ +"Etc/GMT-11" " " \ +"Etc/GMT-12" " " \ +"Etc/GMT-13" " " \ +"Etc/GMT-14" " " \ +"Etc/GMT-2" " " \ +"Etc/GMT-3" " " \ +"Etc/GMT-4" " " \ +"Etc/GMT-5" " " \ +"Etc/GMT-6" " " \ +"Etc/GMT-7" " " \ +"Etc/GMT-8" " " \ +"Etc/GMT-9" " " \ +"Etc/GMT0" " " \ +"Etc/Greenwich" " " \ +"Etc/UCT" " " \ +"Etc/UTC" " " \ +"Etc/Universal" " " \ +"Etc/Zulu" " " \ +"Europe/Amsterdam" " " \ +"Europe/Andorra" " " \ +"Europe/Athens" " " \ +"Europe/Belfast" " " \ +"Europe/Belgrade" " " \ +"Europe/Berlin" " " \ +"Europe/Bratislava" " " \ +"Europe/Brussels" " " \ +"Europe/Bucharest" " " \ +"Europe/Budapest" " " \ +"Europe/Busingen" " " \ +"Europe/Chisinau" " " \ +"Europe/Copenhagen" " " \ +"Europe/Dublin" " " \ +"Europe/Gibraltar" " " \ +"Europe/Guernsey" " " \ +"Europe/Helsinki" " " \ +"Europe/Isle_of_Man" " " \ +"Europe/Istanbul" " " \ +"Europe/Jersey" " " \ +"Europe/Kaliningrad" " " \ +"Europe/Kiev" " " \ +"Europe/Lisbon" " " \ +"Europe/Ljubljana" " " \ +"Europe/London" " " \ +"Europe/Luxembourg" " " \ +"Europe/Madrid" " " \ +"Europe/Malta" " " \ +"Europe/Mariehamn" " " \ +"Europe/Minsk" " " \ +"Europe/Monaco" " " \ +"Europe/Moscow" " " \ +"Europe/Nicosia" " " \ +"Europe/Oslo" " " \ +"Europe/Paris" " " \ +"Europe/Podgorica" " " \ +"Europe/Prague" " " \ +"Europe/Riga" " " \ +"Europe/Rome" " " \ +"Europe/Samara" " " \ +"Europe/San_Marino" " " \ +"Europe/Sarajevo" " " \ +"Europe/Simferopol" " " \ +"Europe/Skopje" " " \ +"Europe/Sofia" " " \ +"Europe/Stockholm" " " \ +"Europe/Tallinn" " " \ +"Europe/Tirane" " " \ +"Europe/Tiraspol" " " \ +"Europe/Uzhgorod" " " \ +"Europe/Vaduz" " " \ +"Europe/Vatican" " " \ +"Europe/Vienna" " " \ +"Europe/Vilnius" " " \ +"Europe/Volgograd" " " \ +"Europe/Warsaw" " " \ +"Europe/Zagreb" " " \ +"Europe/Zaporozhye" " " \ +"Europe/Zurich" " " \ +"Factory" " " \ +"GB" " " \ +"GB-Eire" " " \ +"GMT" " " \ +"GMT+0" " " \ +"GMT-0" " " \ +"GMT0" " " \ +"Greenwich" " " \ +"HST" " " \ +"Hongkong" " " \ +"Iceland" " " \ +"Indian/Antananarivo" " " \ +"Indian/Chagos" " " \ +"Indian/Christmas" " " \ +"Indian/Cocos" " " \ +"Indian/Comoro" " " \ +"Indian/Kerguelen" " " \ +"Indian/Mahe" " " \ +"Indian/Maldives" " " \ +"Indian/Mauritius" " " \ +"Indian/Mayotte" " " \ +"Indian/Reunion" " " \ +"Iran" " " \ +"Israel" " " \ +"Jamaica" " " \ +"Japan" " " \ +"Kwajalein" " " \ +"Libya" " " \ +"MET" " " \ +"MST" " " \ +"MST7MDT" " " \ +"Mexico/BajaNorte" " " \ +"Mexico/BajaSur" " " \ +"Mexico/General" " " \ +"NZ" " " \ +"NZ-CHAT" " " \ +"Navajo" " " \ +"PRC" " " \ +"PST8PDT" " " \ +"Pacific/Apia" " " \ +"Pacific/Auckland" " " \ +"Pacific/Bougainville" " " \ +"Pacific/Chatham" " " \ +"Pacific/Easter" " " \ +"Pacific/Efate" " " \ +"Pacific/Enderbury" " " \ +"Pacific/Fakaofo" " " \ +"Pacific/Fiji" " " \ +"Pacific/Funafuti" " " \ +"Pacific/Galapagos" " " \ +"Pacific/Gambier" " " \ +"Pacific/Guadalcanal" " " \ +"Pacific/Guam" " " \ +"Pacific/Honolulu" " " \ +"Pacific/Johnston" " " \ +"Pacific/Kiritimati" " " \ +"Pacific/Kosrae" " " \ +"Pacific/Kwajalein" " " \ +"Pacific/Majuro" " " \ +"Pacific/Marquesas" " " \ +"Pacific/Midway" " " \ +"Pacific/Nauru" " " \ +"Pacific/Niue" " " \ +"Pacific/Norfolk" " " \ +"Pacific/Noumea" " " \ +"Pacific/Pago_Pago" " " \ +"Pacific/Palau" " " \ +"Pacific/Pitcairn" " " \ +"Pacific/Ponape" " " \ +"Pacific/Port_Moresby" " " \ +"Pacific/Rarotonga" " " \ +"Pacific/Saipan" " " \ +"Pacific/Samoa" " " \ +"Pacific/Tahiti" " " \ +"Pacific/Tarawa" " " \ +"Pacific/Tongatapu" " " \ +"Pacific/Truk" " " \ +"Pacific/Wake" " " \ +"Pacific/Wallis" " " \ +"Pacific/Yap" " " \ +"Poland" " " \ +"Portugal" " " \ +"ROC" " " \ +"ROK" " " \ +"Singapore" " " \ +"Turkey" " " \ +"UCT" " " \ +"UTC" " " \ +"Universal" " " \ +"W-SU" " " \ +"WET" " " \ +"Zulu" " " \ +"posix/Africa/Abidjan" " " \ +"posix/Africa/Accra" " " \ +"posix/Africa/Addis_Ababa" " " \ +"posix/Africa/Algiers" " " \ +"posix/Africa/Asmera" " " \ +"posix/Africa/Bamako" " " \ +"posix/Africa/Bangui" " " \ +"posix/Africa/Banjul" " " \ +"posix/Africa/Bissau" " " \ +"posix/Africa/Blantyre" " " \ +"posix/Africa/Brazzaville" " " \ +"posix/Africa/Bujumbura" " " \ +"posix/Africa/Cairo" " " \ +"posix/Africa/Casablanca" " " \ +"posix/Africa/Ceuta" " " \ +"posix/Africa/Conakry" " " \ +"posix/Africa/Dakar" " " \ +"posix/Africa/Dar_es_Salaam" " " \ +"posix/Africa/Djibouti" " " \ +"posix/Africa/Douala" " " \ +"posix/Africa/El_Aaiun" " " \ +"posix/Africa/Freetown" " " \ +"posix/Africa/Gaborone" " " \ +"posix/Africa/Harare" " " \ +"posix/Africa/Johannesburg" " " \ +"posix/Africa/Kampala" " " \ +"posix/Africa/Khartoum" " " \ +"posix/Africa/Kigali" " " \ +"posix/Africa/Kinshasa" " " \ +"posix/Africa/Lagos" " " \ +"posix/Africa/Libreville" " " \ +"posix/Africa/Lome" " " \ +"posix/Africa/Luanda" " " \ +"posix/Africa/Lubumbashi" " " \ +"posix/Africa/Lusaka" " " \ +"posix/Africa/Malabo" " " \ +"posix/Africa/Maputo" " " \ +"posix/Africa/Maseru" " " \ +"posix/Africa/Mbabane" " " \ +"posix/Africa/Mogadishu" " " \ +"posix/Africa/Monrovia" " " \ +"posix/Africa/Nairobi" " " \ +"posix/Africa/Ndjamena" " " \ +"posix/Africa/Niamey" " " \ +"posix/Africa/Nouakchott" " " \ +"posix/Africa/Ouagadougou" " " \ +"posix/Africa/Porto-Novo" " " \ +"posix/Africa/Sao_Tome" " " \ +"posix/Africa/Timbuktu" " " \ +"posix/Africa/Tripoli" " " \ +"posix/Africa/Tunis" " " \ +"posix/Africa/Windhoek" " " \ +"posix/America/Adak" " " \ +"posix/America/Anchorage" " " \ +"posix/America/Anguilla" " " \ +"posix/America/Antigua" " " \ +"posix/America/Araguaina" " " \ +"posix/America/Argentina/Buenos_Aires" " " \ +"posix/America/Argentina/Catamarca" " " \ +"posix/America/Argentina/ComodRivadavia" " " \ +"posix/America/Argentina/Cordoba" " " \ +"posix/America/Argentina/Jujuy" " " \ +"posix/America/Argentina/La_Rioja" " " \ +"posix/America/Argentina/Mendoza" " " \ +"posix/America/Argentina/Rio_Gallegos" " " \ +"posix/America/Argentina/San_Juan" " " \ +"posix/America/Argentina/Tucuman" " " \ +"posix/America/Argentina/Ushuaia" " " \ +"posix/America/Aruba" " " \ +"posix/America/Asuncion" " " \ +"posix/America/Atikokan" " " \ +"posix/America/Atka" " " \ +"posix/America/Bahia" " " \ +"posix/America/Barbados" " " \ +"posix/America/Belem" " " \ +"posix/America/Belize" " " \ +"posix/America/Blanc-Sablon" " " \ +"posix/America/Boa_Vista" " " \ +"posix/America/Bogota" " " \ +"posix/America/Boise" " " \ +"posix/America/Buenos_Aires" " " \ +"posix/America/Cambridge_Bay" " " \ +"posix/America/Campo_Grande" " " \ +"posix/America/Cancun" " " \ +"posix/America/Caracas" " " \ +"posix/America/Catamarca" " " \ +"posix/America/Cayenne" " " \ +"posix/America/Cayman" " " \ +"posix/America/Chicago" " " \ +"posix/America/Chihuahua" " " \ +"posix/America/Coral_Harbour" " " \ +"posix/America/Cordoba" " " \ +"posix/America/Costa_Rica" " " \ +"posix/America/Cuiaba" " " \ +"posix/America/Curacao" " " \ +"posix/America/Danmarkshavn" " " \ +"posix/America/Dawson" " " \ +"posix/America/Dawson_Creek" " " \ +"posix/America/Denver" " " \ +"posix/America/Detroit" " " \ +"posix/America/Dominica" " " \ +"posix/America/Edmonton" " " \ +"posix/America/Eirunepe" " " \ +"posix/America/El_Salvador" " " \ +"posix/America/Ensenada" " " \ +"posix/America/Fort_Wayne" " " \ +"posix/America/Fortaleza" " " \ +"posix/America/Glace_Bay" " " \ +"posix/America/Godthab" " " \ +"posix/America/Goose_Bay" " " \ +"posix/America/Grand_Turk" " " \ +"posix/America/Grenada" " " \ +"posix/America/Guadeloupe" " " \ +"posix/America/Guatemala" " " \ +"posix/America/Guayaquil" " " \ +"posix/America/Guyana" " " \ +"posix/America/Halifax" " " \ +"posix/America/Havana" " " \ +"posix/America/Hermosillo" " " \ +"posix/America/Indiana/Indianapolis" " " \ +"posix/America/Indiana/Knox" " " \ +"posix/America/Indiana/Marengo" " " \ +"posix/America/Indiana/Petersburg" " " \ +"posix/America/Indiana/Tell_City" " " \ +"posix/America/Indiana/Vevay" " " \ +"posix/America/Indiana/Vincennes" " " \ +"posix/America/Indianapolis" " " \ +"posix/America/Inuvik" " " \ +"posix/America/Iqaluit" " " \ +"posix/America/Jamaica" " " \ +"posix/America/Jujuy" " " \ +"posix/America/Juneau" " " \ +"posix/America/Kentucky/Louisville" " " \ +"posix/America/Kentucky/Monticello" " " \ +"posix/America/Knox_IN" " " \ +"posix/America/La_Paz" " " \ +"posix/America/Lima" " " \ +"posix/America/Los_Angeles" " " \ +"posix/America/Louisville" " " \ +"posix/America/Maceio" " " \ +"posix/America/Managua" " " \ +"posix/America/Manaus" " " \ +"posix/America/Martinique" " " \ +"posix/America/Mazatlan" " " \ +"posix/America/Mendoza" " " \ +"posix/America/Menominee" " " \ +"posix/America/Merida" " " \ +"posix/America/Mexico_City" " " \ +"posix/America/Miquelon" " " \ +"posix/America/Moncton" " " \ +"posix/America/Monterrey" " " \ +"posix/America/Montevideo" " " \ +"posix/America/Montreal" " " \ +"posix/America/Montserrat" " " \ +"posix/America/Nassau" " " \ +"posix/America/New_York" " " \ +"posix/America/Nipigon" " " \ +"posix/America/Nome" " " \ +"posix/America/Noronha" " " \ +"posix/America/North_Dakota/Center" " " \ +"posix/America/North_Dakota/New_Salem" " " \ +"posix/America/Panama" " " \ +"posix/America/Pangnirtung" " " \ +"posix/America/Paramaribo" " " \ +"posix/America/Phoenix" " " \ +"posix/America/Port-au-Prince" " " \ +"posix/America/Port_of_Spain" " " \ +"posix/America/Porto_Acre" " " \ +"posix/America/Porto_Velho" " " \ +"posix/America/Puerto_Rico" " " \ +"posix/America/Rainy_River" " " \ +"posix/America/Rankin_Inlet" " " \ +"posix/America/Recife" " " \ +"posix/America/Regina" " " \ +"posix/America/Rio_Branco" " " \ +"posix/America/Rosario" " " \ +"posix/America/Santiago" " " \ +"posix/America/Santo_Domingo" " " \ +"posix/America/Sao_Paulo" " " \ +"posix/America/Scoresbysund" " " \ +"posix/America/Shiprock" " " \ +"posix/America/St_Johns" " " \ +"posix/America/St_Kitts" " " \ +"posix/America/St_Lucia" " " \ +"posix/America/St_Thomas" " " \ +"posix/America/St_Vincent" " " \ +"posix/America/Swift_Current" " " \ +"posix/America/Tegucigalpa" " " \ +"posix/America/Thule" " " \ +"posix/America/Thunder_Bay" " " \ +"posix/America/Tijuana" " " \ +"posix/America/Toronto" " " \ +"posix/America/Tortola" " " \ +"posix/America/Vancouver" " " \ +"posix/America/Virgin" " " \ +"posix/America/Whitehorse" " " \ +"posix/America/Winnipeg" " " \ +"posix/America/Yakutat" " " \ +"posix/America/Yellowknife" " " \ +"posix/Antarctica/Casey" " " \ +"posix/Antarctica/Davis" " " \ +"posix/Antarctica/DumontDUrville" " " \ +"posix/Antarctica/Mawson" " " \ +"posix/Antarctica/McMurdo" " " \ +"posix/Antarctica/Palmer" " " \ +"posix/Antarctica/Rothera" " " \ +"posix/Antarctica/South_Pole" " " \ +"posix/Antarctica/Syowa" " " \ +"posix/Antarctica/Troll" " " \ +"posix/Antarctica/Vostok" " " \ +"posix/Arctic/Longyearbyen" " " \ +"posix/Asia/Aden" " " \ +"posix/Asia/Almaty" " " \ +"posix/Asia/Amman" " " \ +"posix/Asia/Anadyr" " " \ +"posix/Asia/Aqtau" " " \ +"posix/Asia/Aqtobe" " " \ +"posix/Asia/Ashgabat" " " \ +"posix/Asia/Ashkhabad" " " \ +"posix/Asia/Baghdad" " " \ +"posix/Asia/Bahrain" " " \ +"posix/Asia/Baku" " " \ +"posix/Asia/Bangkok" " " \ +"posix/Asia/Beirut" " " \ +"posix/Asia/Bishkek" " " \ +"posix/Asia/Brunei" " " \ +"posix/Asia/Calcutta" " " \ +"posix/Asia/Chita" " " \ +"posix/Asia/Choibalsan" " " \ +"posix/Asia/Chongqing" " " \ +"posix/Asia/Chungking" " " \ +"posix/Asia/Colombo" " " \ +"posix/Asia/Dacca" " " \ +"posix/Asia/Damascus" " " \ +"posix/Asia/Dhaka" " " \ +"posix/Asia/Dili" " " \ +"posix/Asia/Dubai" " " \ +"posix/Asia/Dushanbe" " " \ +"posix/Asia/Gaza" " " \ +"posix/Asia/Harbin" " " \ +"posix/Asia/Hong_Kong" " " \ +"posix/Asia/Hovd" " " \ +"posix/Asia/Irkutsk" " " \ +"posix/Asia/Istanbul" " " \ +"posix/Asia/Jakarta" " " \ +"posix/Asia/Jayapura" " " \ +"posix/Asia/Jerusalem" " " \ +"posix/Asia/Kabul" " " \ +"posix/Asia/Kamchatka" " " \ +"posix/Asia/Karachi" " " \ +"posix/Asia/Kashgar" " " \ +"posix/Asia/Katmandu" " " \ +"posix/Asia/Krasnoyarsk" " " \ +"posix/Asia/Kuala_Lumpur" " " \ +"posix/Asia/Kuching" " " \ +"posix/Asia/Kuwait" " " \ +"posix/Asia/Macao" " " \ +"posix/Asia/Macau" " " \ +"posix/Asia/Magadan" " " \ +"posix/Asia/Makassar" " " \ +"posix/Asia/Manila" " " \ +"posix/Asia/Muscat" " " \ +"posix/Asia/Nicosia" " " \ +"posix/Asia/Novosibirsk" " " \ +"posix/Asia/Omsk" " " \ +"posix/Asia/Oral" " " \ +"posix/Asia/Phnom_Penh" " " \ +"posix/Asia/Pontianak" " " \ +"posix/Asia/Pyongyang" " " \ +"posix/Asia/Qatar" " " \ +"posix/Asia/Qyzylorda" " " \ +"posix/Asia/Rangoon" " " \ +"posix/Asia/Riyadh" " " \ +"posix/Asia/Saigon" " " \ +"posix/Asia/Sakhalin" " " \ +"posix/Asia/Samarkand" " " \ +"posix/Asia/Seoul" " " \ +"posix/Asia/Shanghai" " " \ +"posix/Asia/Singapore" " " \ +"posix/Asia/Srednekolymsk" " " \ +"posix/Asia/Taipei" " " \ +"posix/Asia/Tashkent" " " \ +"posix/Asia/Tbilisi" " " \ +"posix/Asia/Tehran" " " \ +"posix/Asia/Tel_Aviv" " " \ +"posix/Asia/Thimbu" " " \ +"posix/Asia/Thimphu" " " \ +"posix/Asia/Tokyo" " " \ +"posix/Asia/Ujung_Pandang" " " \ +"posix/Asia/Ulaanbaatar" " " \ +"posix/Asia/Ulan_Bator" " " \ +"posix/Asia/Urumqi" " " \ +"posix/Asia/Vientiane" " " \ +"posix/Asia/Vladivostok" " " \ +"posix/Asia/Yakutsk" " " \ +"posix/Asia/Yekaterinburg" " " \ +"posix/Asia/Yerevan" " " \ +"posix/Atlantic/Azores" " " \ +"posix/Atlantic/Bermuda" " " \ +"posix/Atlantic/Canary" " " \ +"posix/Atlantic/Cape_Verde" " " \ +"posix/Atlantic/Faeroe" " " \ +"posix/Atlantic/Jan_Mayen" " " \ +"posix/Atlantic/Madeira" " " \ +"posix/Atlantic/Reykjavik" " " \ +"posix/Atlantic/South_Georgia" " " \ +"posix/Atlantic/St_Helena" " " \ +"posix/Atlantic/Stanley" " " \ +"posix/Australia/ACT" " " \ +"posix/Australia/Adelaide" " " \ +"posix/Australia/Brisbane" " " \ +"posix/Australia/Broken_Hill" " " \ +"posix/Australia/Canberra" " " \ +"posix/Australia/Currie" " " \ +"posix/Australia/Darwin" " " \ +"posix/Australia/Hobart" " " \ +"posix/Australia/LHI" " " \ +"posix/Australia/Lindeman" " " \ +"posix/Australia/Lord_Howe" " " \ +"posix/Australia/Melbourne" " " \ +"posix/Australia/NSW" " " \ +"posix/Australia/North" " " \ +"posix/Australia/Perth" " " \ +"posix/Australia/Queensland" " " \ +"posix/Australia/South" " " \ +"posix/Australia/Sydney" " " \ +"posix/Australia/Tasmania" " " \ +"posix/Australia/Victoria" " " \ +"posix/Australia/West" " " \ +"posix/Australia/Yancowinna" " " \ +"posix/Brazil/Acre" " " \ +"posix/Brazil/DeNoronha" " " \ +"posix/Brazil/East" " " \ +"posix/Brazil/West" " " \ +"posix/CET" " " \ +"posix/CST6CDT" " " \ +"posix/Canada/Atlantic" " " \ +"posix/Canada/Central" " " \ +"posix/Canada/East-Saskatchewan" " " \ +"posix/Canada/Eastern" " " \ +"posix/Canada/Mountain" " " \ +"posix/Canada/Newfoundland" " " \ +"posix/Canada/Pacific" " " \ +"posix/Canada/Saskatchewan" " " \ +"posix/Canada/Yukon" " " \ +"posix/Chile/Continental" " " \ +"posix/Chile/EasterIsland" " " \ +"posix/Cuba" " " \ +"posix/EET" " " \ +"posix/EST" " " \ +"posix/EST5EDT" " " \ +"posix/Egypt" " " \ +"posix/Eire" " " \ +"posix/Etc/GMT" " " \ +"posix/Etc/GMT+0" " " \ +"posix/Etc/GMT+1" " " \ +"posix/Etc/GMT+10" " " \ +"posix/Etc/GMT+11" " " \ +"posix/Etc/GMT+12" " " \ +"posix/Etc/GMT+2" " " \ +"posix/Etc/GMT+3" " " \ +"posix/Etc/GMT+4" " " \ +"posix/Etc/GMT+5" " " \ +"posix/Etc/GMT+6" " " \ +"posix/Etc/GMT+7" " " \ +"posix/Etc/GMT+8" " " \ +"posix/Etc/GMT+9" " " \ +"posix/Etc/GMT-0" " " \ +"posix/Etc/GMT-1" " " \ +"posix/Etc/GMT-10" " " \ +"posix/Etc/GMT-11" " " \ +"posix/Etc/GMT-12" " " \ +"posix/Etc/GMT-13" " " \ +"posix/Etc/GMT-14" " " \ +"posix/Etc/GMT-2" " " \ +"posix/Etc/GMT-3" " " \ +"posix/Etc/GMT-4" " " \ +"posix/Etc/GMT-5" " " \ +"posix/Etc/GMT-6" " " \ +"posix/Etc/GMT-7" " " \ +"posix/Etc/GMT-8" " " \ +"posix/Etc/GMT-9" " " \ +"posix/Etc/GMT0" " " \ +"posix/Etc/Greenwich" " " \ +"posix/Etc/UCT" " " \ +"posix/Etc/UTC" " " \ +"posix/Etc/Universal" " " \ +"posix/Etc/Zulu" " " \ +"posix/Europe/Amsterdam" " " \ +"posix/Europe/Andorra" " " \ +"posix/Europe/Athens" " " \ +"posix/Europe/Belfast" " " \ +"posix/Europe/Belgrade" " " \ +"posix/Europe/Berlin" " " \ +"posix/Europe/Bratislava" " " \ +"posix/Europe/Brussels" " " \ +"posix/Europe/Bucharest" " " \ +"posix/Europe/Budapest" " " \ +"posix/Europe/Chisinau" " " \ +"posix/Europe/Copenhagen" " " \ +"posix/Europe/Dublin" " " \ +"posix/Europe/Gibraltar" " " \ +"posix/Europe/Guernsey" " " \ +"posix/Europe/Helsinki" " " \ +"posix/Europe/Isle_of_Man" " " \ +"posix/Europe/Istanbul" " " \ +"posix/Europe/Jersey" " " \ +"posix/Europe/Kaliningrad" " " \ +"posix/Europe/Kiev" " " \ +"posix/Europe/Lisbon" " " \ +"posix/Europe/Ljubljana" " " \ +"posix/Europe/London" " " \ +"posix/Europe/Luxembourg" " " \ +"posix/Europe/Madrid" " " \ +"posix/Europe/Malta" " " \ +"posix/Europe/Mariehamn" " " \ +"posix/Europe/Minsk" " " \ +"posix/Europe/Monaco" " " \ +"posix/Europe/Moscow" " " \ +"posix/Europe/Nicosia" " " \ +"posix/Europe/Oslo" " " \ +"posix/Europe/Paris" " " \ +"posix/Europe/Podgorica" " " \ +"posix/Europe/Prague" " " \ +"posix/Europe/Riga" " " \ +"posix/Europe/Rome" " " \ +"posix/Europe/Samara" " " \ +"posix/Europe/San_Marino" " " \ +"posix/Europe/Sarajevo" " " \ +"posix/Europe/Simferopol" " " \ +"posix/Europe/Skopje" " " \ +"posix/Europe/Sofia" " " \ +"posix/Europe/Stockholm" " " \ +"posix/Europe/Tallinn" " " \ +"posix/Europe/Tirane" " " \ +"posix/Europe/Tiraspol" " " \ +"posix/Europe/Uzhgorod" " " \ +"posix/Europe/Vaduz" " " \ +"posix/Europe/Vatican" " " \ +"posix/Europe/Vienna" " " \ +"posix/Europe/Vilnius" " " \ +"posix/Europe/Volgograd" " " \ +"posix/Europe/Warsaw" " " \ +"posix/Europe/Zagreb" " " \ +"posix/Europe/Zaporozhye" " " \ +"posix/Europe/Zurich" " " \ +"posix/Factory" " " \ +"posix/GB" " " \ +"posix/GB-Eire" " " \ +"posix/GMT" " " \ +"posix/GMT+0" " " \ +"posix/GMT-0" " " \ +"posix/GMT0" " " \ +"posix/Greenwich" " " \ +"posix/HST" " " \ +"posix/Hongkong" " " \ +"posix/Iceland" " " \ +"posix/Indian/Antananarivo" " " \ +"posix/Indian/Chagos" " " \ +"posix/Indian/Christmas" " " \ +"posix/Indian/Cocos" " " \ +"posix/Indian/Comoro" " " \ +"posix/Indian/Kerguelen" " " \ +"posix/Indian/Mahe" " " \ +"posix/Indian/Maldives" " " \ +"posix/Indian/Mauritius" " " \ +"posix/Indian/Mayotte" " " \ +"posix/Indian/Reunion" " " \ +"posix/Iran" " " \ +"posix/Israel" " " \ +"posix/Jamaica" " " \ +"posix/Japan" " " \ +"posix/Kwajalein" " " \ +"posix/Libya" " " \ +"posix/MET" " " \ +"posix/MST" " " \ +"posix/MST7MDT" " " \ +"posix/Mexico/BajaNorte" " " \ +"posix/Mexico/BajaSur" " " \ +"posix/Mexico/General" " " \ +"posix/NZ" " " \ +"posix/NZ-CHAT" " " \ +"posix/Navajo" " " \ +"posix/PRC" " " \ +"posix/PST8PDT" " " \ +"posix/Pacific/Apia" " " \ +"posix/Pacific/Auckland" " " \ +"posix/Pacific/Bougainville" " " \ +"posix/Pacific/Chatham" " " \ +"posix/Pacific/Easter" " " \ +"posix/Pacific/Efate" " " \ +"posix/Pacific/Enderbury" " " \ +"posix/Pacific/Fakaofo" " " \ +"posix/Pacific/Fiji" " " \ +"posix/Pacific/Funafuti" " " \ +"posix/Pacific/Galapagos" " " \ +"posix/Pacific/Gambier" " " \ +"posix/Pacific/Guadalcanal" " " \ +"posix/Pacific/Guam" " " \ +"posix/Pacific/Honolulu" " " \ +"posix/Pacific/Johnston" " " \ +"posix/Pacific/Kiritimati" " " \ +"posix/Pacific/Kosrae" " " \ +"posix/Pacific/Kwajalein" " " \ +"posix/Pacific/Majuro" " " \ +"posix/Pacific/Marquesas" " " \ +"posix/Pacific/Midway" " " \ +"posix/Pacific/Nauru" " " \ +"posix/Pacific/Niue" " " \ +"posix/Pacific/Norfolk" " " \ +"posix/Pacific/Noumea" " " \ +"posix/Pacific/Pago_Pago" " " \ +"posix/Pacific/Palau" " " \ +"posix/Pacific/Pitcairn" " " \ +"posix/Pacific/Ponape" " " \ +"posix/Pacific/Port_Moresby" " " \ +"posix/Pacific/Rarotonga" " " \ +"posix/Pacific/Saipan" " " \ +"posix/Pacific/Samoa" " " \ +"posix/Pacific/Tahiti" " " \ +"posix/Pacific/Tarawa" " " \ +"posix/Pacific/Tongatapu" " " \ +"posix/Pacific/Truk" " " \ +"posix/Pacific/Wake" " " \ +"posix/Pacific/Wallis" " " \ +"posix/Pacific/Yap" " " \ +"posix/Poland" " " \ +"posix/Portugal" " " \ +"posix/ROC" " " \ +"posix/ROK" " " \ +"posix/Singapore" " " \ +"posix/Turkey" " " \ +"posix/UCT" " " \ +"posix/US/Alaska" " " \ +"posix/US/Aleutian" " " \ +"posix/US/Arizona" " " \ +"posix/US/Central" " " \ +"posix/US/East-Indiana" " " \ +"posix/US/Eastern" " " \ +"posix/US/Hawaii" " " \ +"posix/US/Indiana-Starke" " " \ +"posix/US/Michigan" " " \ +"posix/US/Mountain" " " \ +"posix/US/Pacific" " " \ +"posix/US/Pacific-New" " " \ +"posix/US/Samoa" " " \ +"posix/UTC" " " \ +"posix/Universal" " " \ +"posix/W-SU" " " \ +"posix/WET" " " \ +"posix/Zulu" " " \ +"posixrules" " " \ +"right/Africa/Abidjan" " " \ +"right/Africa/Accra" " " \ +"right/Africa/Addis_Ababa" " " \ +"right/Africa/Algiers" " " \ +"right/Africa/Asmera" " " \ +"right/Africa/Bamako" " " \ +"right/Africa/Bangui" " " \ +"right/Africa/Banjul" " " \ +"right/Africa/Bissau" " " \ +"right/Africa/Blantyre" " " \ +"right/Africa/Brazzaville" " " \ +"right/Africa/Bujumbura" " " \ +"right/Africa/Cairo" " " \ +"right/Africa/Casablanca" " " \ +"right/Africa/Ceuta" " " \ +"right/Africa/Conakry" " " \ +"right/Africa/Dakar" " " \ +"right/Africa/Dar_es_Salaam" " " \ +"right/Africa/Djibouti" " " \ +"right/Africa/Douala" " " \ +"right/Africa/El_Aaiun" " " \ +"right/Africa/Freetown" " " \ +"right/Africa/Gaborone" " " \ +"right/Africa/Harare" " " \ +"right/Africa/Johannesburg" " " \ +"right/Africa/Kampala" " " \ +"right/Africa/Khartoum" " " \ +"right/Africa/Kigali" " " \ +"right/Africa/Kinshasa" " " \ +"right/Africa/Lagos" " " \ +"right/Africa/Libreville" " " \ +"right/Africa/Lome" " " \ +"right/Africa/Luanda" " " \ +"right/Africa/Lubumbashi" " " \ +"right/Africa/Lusaka" " " \ +"right/Africa/Malabo" " " \ +"right/Africa/Maputo" " " \ +"right/Africa/Maseru" " " \ +"right/Africa/Mbabane" " " \ +"right/Africa/Mogadishu" " " \ +"right/Africa/Monrovia" " " \ +"right/Africa/Nairobi" " " \ +"right/Africa/Ndjamena" " " \ +"right/Africa/Niamey" " " \ +"right/Africa/Nouakchott" " " \ +"right/Africa/Ouagadougou" " " \ +"right/Africa/Porto-Novo" " " \ +"right/Africa/Sao_Tome" " " \ +"right/Africa/Timbuktu" " " \ +"right/Africa/Tripoli" " " \ +"right/Africa/Tunis" " " \ +"right/Africa/Windhoek" " " \ +"right/America/Adak" " " \ +"right/America/Anchorage" " " \ +"right/America/Anguilla" " " \ +"right/America/Antigua" " " \ +"right/America/Araguaina" " " \ +"right/America/Argentina/Buenos_Aires" " " \ +"right/America/Argentina/Catamarca" " " \ +"right/America/Argentina/ComodRivadavia" " " \ +"right/America/Argentina/Cordoba" " " \ +"right/America/Argentina/Jujuy" " " \ +"right/America/Argentina/La_Rioja" " " \ +"right/America/Argentina/Mendoza" " " \ +"right/America/Argentina/Rio_Gallegos" " " \ +"right/America/Argentina/San_Juan" " " \ +"right/America/Argentina/Tucuman" " " \ +"right/America/Argentina/Ushuaia" " " \ +"right/America/Aruba" " " \ +"right/America/Asuncion" " " \ +"right/America/Atikokan" " " \ +"right/America/Atka" " " \ +"right/America/Bahia" " " \ +"right/America/Barbados" " " \ +"right/America/Belem" " " \ +"right/America/Belize" " " \ +"right/America/Blanc-Sablon" " " \ +"right/America/Boa_Vista" " " \ +"right/America/Bogota" " " \ +"right/America/Boise" " " \ +"right/America/Buenos_Aires" " " \ +"right/America/Cambridge_Bay" " " \ +"right/America/Campo_Grande" " " \ +"right/America/Cancun" " " \ +"right/America/Caracas" " " \ +"right/America/Catamarca" " " \ +"right/America/Cayenne" " " \ +"right/America/Cayman" " " \ +"right/America/Chicago" " " \ +"right/America/Chihuahua" " " \ +"right/America/Coral_Harbour" " " \ +"right/America/Cordoba" " " \ +"right/America/Costa_Rica" " " \ +"right/America/Cuiaba" " " \ +"right/America/Curacao" " " \ +"right/America/Danmarkshavn" " " \ +"right/America/Dawson" " " \ +"right/America/Dawson_Creek" " " \ +"right/America/Denver" " " \ +"right/America/Detroit" " " \ +"right/America/Dominica" " " \ +"right/America/Edmonton" " " \ +"right/America/Eirunepe" " " \ +"right/America/El_Salvador" " " \ +"right/America/Ensenada" " " \ +"right/America/Fort_Wayne" " " \ +"right/America/Fortaleza" " " \ +"right/America/Glace_Bay" " " \ +"right/America/Godthab" " " \ +"right/America/Goose_Bay" " " \ +"right/America/Grand_Turk" " " \ +"right/America/Grenada" " " \ +"right/America/Guadeloupe" " " \ +"right/America/Guatemala" " " \ +"right/America/Guayaquil" " " \ +"right/America/Guyana" " " \ +"right/America/Halifax" " " \ +"right/America/Havana" " " \ +"right/America/Hermosillo" " " \ +"right/America/Indiana/Indianapolis" " " \ +"right/America/Indiana/Knox" " " \ +"right/America/Indiana/Marengo" " " \ +"right/America/Indiana/Petersburg" " " \ +"right/America/Indiana/Tell_City" " " \ +"right/America/Indiana/Vevay" " " \ +"right/America/Indiana/Vincennes" " " \ +"right/America/Indianapolis" " " \ +"right/America/Inuvik" " " \ +"right/America/Iqaluit" " " \ +"right/America/Jamaica" " " \ +"right/America/Jujuy" " " \ +"right/America/Juneau" " " \ +"right/America/Kentucky/Louisville" " " \ +"right/America/Kentucky/Monticello" " " \ +"right/America/Knox_IN" " " \ +"right/America/La_Paz" " " \ +"right/America/Lima" " " \ +"right/America/Los_Angeles" " " \ +"right/America/Louisville" " " \ +"right/America/Maceio" " " \ +"right/America/Managua" " " \ +"right/America/Manaus" " " \ +"right/America/Martinique" " " \ +"right/America/Mazatlan" " " \ +"right/America/Mendoza" " " \ +"right/America/Menominee" " " \ +"right/America/Merida" " " \ +"right/America/Mexico_City" " " \ +"right/America/Miquelon" " " \ +"right/America/Moncton" " " \ +"right/America/Monterrey" " " \ +"right/America/Montevideo" " " \ +"right/America/Montreal" " " \ +"right/America/Montserrat" " " \ +"right/America/Nassau" " " \ +"right/America/New_York" " " \ +"right/America/Nipigon" " " \ +"right/America/Nome" " " \ +"right/America/Noronha" " " \ +"right/America/North_Dakota/Center" " " \ +"right/America/North_Dakota/New_Salem" " " \ +"right/America/Panama" " " \ +"right/America/Pangnirtung" " " \ +"right/America/Paramaribo" " " \ +"right/America/Phoenix" " " \ +"right/America/Port-au-Prince" " " \ +"right/America/Port_of_Spain" " " \ +"right/America/Porto_Acre" " " \ +"right/America/Porto_Velho" " " \ +"right/America/Puerto_Rico" " " \ +"right/America/Rainy_River" " " \ +"right/America/Rankin_Inlet" " " \ +"right/America/Recife" " " \ +"right/America/Regina" " " \ +"right/America/Rio_Branco" " " \ +"right/America/Rosario" " " \ +"right/America/Santiago" " " \ +"right/America/Santo_Domingo" " " \ +"right/America/Sao_Paulo" " " \ +"right/America/Scoresbysund" " " \ +"right/America/Shiprock" " " \ +"right/America/St_Johns" " " \ +"right/America/St_Kitts" " " \ +"right/America/St_Lucia" " " \ +"right/America/St_Thomas" " " \ +"right/America/St_Vincent" " " \ +"right/America/Swift_Current" " " \ +"right/America/Tegucigalpa" " " \ +"right/America/Thule" " " \ +"right/America/Thunder_Bay" " " \ +"right/America/Tijuana" " " \ +"right/America/Toronto" " " \ +"right/America/Tortola" " " \ +"right/America/Vancouver" " " \ +"right/America/Virgin" " " \ +"right/America/Whitehorse" " " \ +"right/America/Winnipeg" " " \ +"right/America/Yakutat" " " \ +"right/America/Yellowknife" " " \ +"right/Antarctica/Casey" " " \ +"right/Antarctica/Davis" " " \ +"right/Antarctica/DumontDUrville" " " \ +"right/Antarctica/Mawson" " " \ +"right/Antarctica/McMurdo" " " \ +"right/Antarctica/Palmer" " " \ +"right/Antarctica/Rothera" " " \ +"right/Antarctica/South_Pole" " " \ +"right/Antarctica/Syowa" " " \ +"right/Antarctica/Troll" " " \ +"right/Antarctica/Vostok" " " \ +"right/Arctic/Longyearbyen" " " \ +"right/Asia/Aden" " " \ +"right/Asia/Almaty" " " \ +"right/Asia/Amman" " " \ +"right/Asia/Anadyr" " " \ +"right/Asia/Aqtau" " " \ +"right/Asia/Aqtobe" " " \ +"right/Asia/Ashgabat" " " \ +"right/Asia/Ashkhabad" " " \ +"right/Asia/Baghdad" " " \ +"right/Asia/Bahrain" " " \ +"right/Asia/Baku" " " \ +"right/Asia/Bangkok" " " \ +"right/Asia/Beirut" " " \ +"right/Asia/Bishkek" " " \ +"right/Asia/Brunei" " " \ +"right/Asia/Calcutta" " " \ +"right/Asia/Chita" " " \ +"right/Asia/Choibalsan" " " \ +"right/Asia/Chongqing" " " \ +"right/Asia/Chungking" " " \ +"right/Asia/Colombo" " " \ +"right/Asia/Dacca" " " \ +"right/Asia/Damascus" " " \ +"right/Asia/Dhaka" " " \ +"right/Asia/Dili" " " \ +"right/Asia/Dubai" " " \ +"right/Asia/Dushanbe" " " \ +"right/Asia/Gaza" " " \ +"right/Asia/Harbin" " " \ +"right/Asia/Hong_Kong" " " \ +"right/Asia/Hovd" " " \ +"right/Asia/Irkutsk" " " \ +"right/Asia/Istanbul" " " \ +"right/Asia/Jakarta" " " \ +"right/Asia/Jayapura" " " \ +"right/Asia/Jerusalem" " " \ +"right/Asia/Kabul" " " \ +"right/Asia/Kamchatka" " " \ +"right/Asia/Karachi" " " \ +"right/Asia/Kashgar" " " \ +"right/Asia/Katmandu" " " \ +"right/Asia/Krasnoyarsk" " " \ +"right/Asia/Kuala_Lumpur" " " \ +"right/Asia/Kuching" " " \ +"right/Asia/Kuwait" " " \ +"right/Asia/Macao" " " \ +"right/Asia/Macau" " " \ +"right/Asia/Magadan" " " \ +"right/Asia/Makassar" " " \ +"right/Asia/Manila" " " \ +"right/Asia/Muscat" " " \ +"right/Asia/Nicosia" " " \ +"right/Asia/Novosibirsk" " " \ +"right/Asia/Omsk" " " \ +"right/Asia/Oral" " " \ +"right/Asia/Phnom_Penh" " " \ +"right/Asia/Pontianak" " " \ +"right/Asia/Pyongyang" " " \ +"right/Asia/Qatar" " " \ +"right/Asia/Qyzylorda" " " \ +"right/Asia/Rangoon" " " \ +"right/Asia/Riyadh" " " \ +"right/Asia/Saigon" " " \ +"right/Asia/Sakhalin" " " \ +"right/Asia/Samarkand" " " \ +"right/Asia/Seoul" " " \ +"right/Asia/Shanghai" " " \ +"right/Asia/Singapore" " " \ +"right/Asia/Srednekolymsk" " " \ +"right/Asia/Taipei" " " \ +"right/Asia/Tashkent" " " \ +"right/Asia/Tbilisi" " " \ +"right/Asia/Tehran" " " \ +"right/Asia/Tel_Aviv" " " \ +"right/Asia/Thimbu" " " \ +"right/Asia/Thimphu" " " \ +"right/Asia/Tokyo" " " \ +"right/Asia/Ujung_Pandang" " " \ +"right/Asia/Ulaanbaatar" " " \ +"right/Asia/Ulan_Bator" " " \ +"right/Asia/Urumqi" " " \ +"right/Asia/Vientiane" " " \ +"right/Asia/Vladivostok" " " \ +"right/Asia/Yakutsk" " " \ +"right/Asia/Yekaterinburg" " " \ +"right/Asia/Yerevan" " " \ +"right/Atlantic/Azores" " " \ +"right/Atlantic/Bermuda" " " \ +"right/Atlantic/Canary" " " \ +"right/Atlantic/Cape_Verde" " " \ +"right/Atlantic/Faeroe" " " \ +"right/Atlantic/Jan_Mayen" " " \ +"right/Atlantic/Madeira" " " \ +"right/Atlantic/Reykjavik" " " \ +"right/Atlantic/South_Georgia" " " \ +"right/Atlantic/St_Helena" " " \ +"right/Atlantic/Stanley" " " \ +"right/Australia/ACT" " " \ +"right/Australia/Adelaide" " " \ +"right/Australia/Brisbane" " " \ +"right/Australia/Broken_Hill" " " \ +"right/Australia/Canberra" " " \ +"right/Australia/Currie" " " \ +"right/Australia/Darwin" " " \ +"right/Australia/Hobart" " " \ +"right/Australia/LHI" " " \ +"right/Australia/Lindeman" " " \ +"right/Australia/Lord_Howe" " " \ +"right/Australia/Melbourne" " " \ +"right/Australia/NSW" " " \ +"right/Australia/North" " " \ +"right/Australia/Perth" " " \ +"right/Australia/Queensland" " " \ +"right/Australia/South" " " \ +"right/Australia/Sydney" " " \ +"right/Australia/Tasmania" " " \ +"right/Australia/Victoria" " " \ +"right/Australia/West" " " \ +"right/Australia/Yancowinna" " " \ +"right/Brazil/Acre" " " \ +"right/Brazil/DeNoronha" " " \ +"right/Brazil/East" " " \ +"right/Brazil/West" " " \ +"right/CET" " " \ +"right/CST6CDT" " " \ +"right/Canada/Atlantic" " " \ +"right/Canada/Central" " " \ +"right/Canada/East-Saskatchewan" " " \ +"right/Canada/Eastern" " " \ +"right/Canada/Mountain" " " \ +"right/Canada/Newfoundland" " " \ +"right/Canada/Pacific" " " \ +"right/Canada/Saskatchewan" " " \ +"right/Canada/Yukon" " " \ +"right/Chile/Continental" " " \ +"right/Chile/EasterIsland" " " \ +"right/Cuba" " " \ +"right/EET" " " \ +"right/EST" " " \ +"right/EST5EDT" " " \ +"right/Egypt" " " \ +"right/Eire" " " \ +"right/Etc/GMT" " " \ +"right/Etc/GMT+0" " " \ +"right/Etc/GMT+1" " " \ +"right/Etc/GMT+10" " " \ +"right/Etc/GMT+11" " " \ +"right/Etc/GMT+12" " " \ +"right/Etc/GMT+2" " " \ +"right/Etc/GMT+3" " " \ +"right/Etc/GMT+4" " " \ +"right/Etc/GMT+5" " " \ +"right/Etc/GMT+6" " " \ +"right/Etc/GMT+7" " " \ +"right/Etc/GMT+8" " " \ +"right/Etc/GMT+9" " " \ +"right/Etc/GMT-0" " " \ +"right/Etc/GMT-1" " " \ +"right/Etc/GMT-10" " " \ +"right/Etc/GMT-11" " " \ +"right/Etc/GMT-12" " " \ +"right/Etc/GMT-13" " " \ +"right/Etc/GMT-14" " " \ +"right/Etc/GMT-2" " " \ +"right/Etc/GMT-3" " " \ +"right/Etc/GMT-4" " " \ +"right/Etc/GMT-5" " " \ +"right/Etc/GMT-6" " " \ +"right/Etc/GMT-7" " " \ +"right/Etc/GMT-8" " " \ +"right/Etc/GMT-9" " " \ +"right/Etc/GMT0" " " \ +"right/Etc/Greenwich" " " \ +"right/Etc/UCT" " " \ +"right/Etc/UTC" " " \ +"right/Etc/Universal" " " \ +"right/Etc/Zulu" " " \ +"right/Europe/Amsterdam" " " \ +"right/Europe/Andorra" " " \ +"right/Europe/Athens" " " \ +"right/Europe/Belfast" " " \ +"right/Europe/Belgrade" " " \ +"right/Europe/Berlin" " " \ +"right/Europe/Bratislava" " " \ +"right/Europe/Brussels" " " \ +"right/Europe/Bucharest" " " \ +"right/Europe/Budapest" " " \ +"right/Europe/Chisinau" " " \ +"right/Europe/Copenhagen" " " \ +"right/Europe/Dublin" " " \ +"right/Europe/Gibraltar" " " \ +"right/Europe/Guernsey" " " \ +"right/Europe/Helsinki" " " \ +"right/Europe/Isle_of_Man" " " \ +"right/Europe/Istanbul" " " \ +"right/Europe/Jersey" " " \ +"right/Europe/Kaliningrad" " " \ +"right/Europe/Kiev" " " \ +"right/Europe/Lisbon" " " \ +"right/Europe/Ljubljana" " " \ +"right/Europe/London" " " \ +"right/Europe/Luxembourg" " " \ +"right/Europe/Madrid" " " \ +"right/Europe/Malta" " " \ +"right/Europe/Mariehamn" " " \ +"right/Europe/Minsk" " " \ +"right/Europe/Monaco" " " \ +"right/Europe/Moscow" " " \ +"right/Europe/Nicosia" " " \ +"right/Europe/Oslo" " " \ +"right/Europe/Paris" " " \ +"right/Europe/Podgorica" " " \ +"right/Europe/Prague" " " \ +"right/Europe/Riga" " " \ +"right/Europe/Rome" " " \ +"right/Europe/Samara" " " \ +"right/Europe/San_Marino" " " \ +"right/Europe/Sarajevo" " " \ +"right/Europe/Simferopol" " " \ +"right/Europe/Skopje" " " \ +"right/Europe/Sofia" " " \ +"right/Europe/Stockholm" " " \ +"right/Europe/Tallinn" " " \ +"right/Europe/Tirane" " " \ +"right/Europe/Tiraspol" " " \ +"right/Europe/Uzhgorod" " " \ +"right/Europe/Vaduz" " " \ +"right/Europe/Vatican" " " \ +"right/Europe/Vienna" " " \ +"right/Europe/Vilnius" " " \ +"right/Europe/Volgograd" " " \ +"right/Europe/Warsaw" " " \ +"right/Europe/Zagreb" " " \ +"right/Europe/Zaporozhye" " " \ +"right/Europe/Zurich" " " \ +"right/Factory" " " \ +"right/GB" " " \ +"right/GB-Eire" " " \ +"right/GMT" " " \ +"right/GMT+0" " " \ +"right/GMT-0" " " \ +"right/GMT0" " " \ +"right/Greenwich" " " \ +"right/HST" " " \ +"right/Hongkong" " " \ +"right/Iceland" " " \ +"right/Indian/Antananarivo" " " \ +"right/Indian/Chagos" " " \ +"right/Indian/Christmas" " " \ +"right/Indian/Cocos" " " \ +"right/Indian/Comoro" " " \ +"right/Indian/Kerguelen" " " \ +"right/Indian/Mahe" " " \ +"right/Indian/Maldives" " " \ +"right/Indian/Mauritius" " " \ +"right/Indian/Mayotte" " " \ +"right/Indian/Reunion" " " \ +"right/Iran" " " \ +"right/Israel" " " \ +"right/Jamaica" " " \ +"right/Japan" " " \ +"right/Kwajalein" " " \ +"right/Libya" " " \ +"right/MET" " " \ +"right/MST" " " \ +"right/MST7MDT" " " \ +"right/Mexico/BajaNorte" " " \ +"right/Mexico/BajaSur" " " \ +"right/Mexico/General" " " \ +"right/NZ" " " \ +"right/NZ-CHAT" " " \ +"right/Navajo" " " \ +"right/PRC" " " \ +"right/PST8PDT" " " \ +"right/Pacific/Apia" " " \ +"right/Pacific/Auckland" " " \ +"right/Pacific/Bougainville" " " \ +"right/Pacific/Chatham" " " \ +"right/Pacific/Easter" " " \ +"right/Pacific/Efate" " " \ +"right/Pacific/Enderbury" " " \ +"right/Pacific/Fakaofo" " " \ +"right/Pacific/Fiji" " " \ +"right/Pacific/Funafuti" " " \ +"right/Pacific/Galapagos" " " \ +"right/Pacific/Gambier" " " \ +"right/Pacific/Guadalcanal" " " \ +"right/Pacific/Guam" " " \ +"right/Pacific/Honolulu" " " \ +"right/Pacific/Johnston" " " \ +"right/Pacific/Kiritimati" " " \ +"right/Pacific/Kosrae" " " \ +"right/Pacific/Kwajalein" " " \ +"right/Pacific/Majuro" " " \ +"right/Pacific/Marquesas" " " \ +"right/Pacific/Midway" " " \ +"right/Pacific/Nauru" " " \ +"right/Pacific/Niue" " " \ +"right/Pacific/Norfolk" " " \ +"right/Pacific/Noumea" " " \ +"right/Pacific/Pago_Pago" " " \ +"right/Pacific/Palau" " " \ +"right/Pacific/Pitcairn" " " \ +"right/Pacific/Ponape" " " \ +"right/Pacific/Port_Moresby" " " \ +"right/Pacific/Rarotonga" " " \ +"right/Pacific/Saipan" " " \ +"right/Pacific/Samoa" " " \ +"right/Pacific/Tahiti" " " \ +"right/Pacific/Tarawa" " " \ +"right/Pacific/Tongatapu" " " \ +"right/Pacific/Truk" " " \ +"right/Pacific/Wake" " " \ +"right/Pacific/Wallis" " " \ +"right/Pacific/Yap" " " \ +"right/Poland" " " \ +"right/Portugal" " " \ +"right/ROC" " " \ +"right/ROK" " " \ +"right/Singapore" " " \ +"right/Turkey" " " \ +"right/UCT" " " \ +"right/US/Alaska" " " \ +"right/US/Aleutian" " " \ +"right/US/Arizona" " " \ +"right/US/Central" " " \ +"right/US/East-Indiana" " " \ +"right/US/Eastern" " " \ +"right/US/Hawaii" " " \ +"right/US/Indiana-Starke" " " \ +"right/US/Michigan" " " \ +"right/US/Mountain" " " \ +"right/US/Pacific" " " \ +"right/US/Pacific-New" " " \ +"right/US/Samoa" " " \ +"right/UTC" " " \ +"right/Universal" " " \ +"right/W-SU" " " \ +"right/WET" " " \ +"right/Zulu" " " \ diff --git a/patches/source/glibc/timezone-scripts/parts/02 b/patches/source/glibc/timezone-scripts/parts/02 new file mode 100644 index 00000000..bd5a50bb --- /dev/null +++ b/patches/source/glibc/timezone-scripts/parts/02 @@ -0,0 +1,28 @@ + 2> $TMP/tz + + if [ $? = 1 -o $? = 255 ]; then + rm -f $TMP/tz + exit + fi + + TIMEZONE="`cat $TMP/tz`" + rm -f $TMP/tz + + setzone $TIMEZONE + exit +else + ### + ### use text prompts + ### + while [ 0 ]; do + echo -n "Would you like to configure your timezone ([y]es, [n]o)? " + read TIMECONF; + echo + + if [ "$TIMECONF" = "n" ]; then + break + fi + + cat << EOF +Select one of these timezones: + diff --git a/patches/source/glibc/timezone-scripts/parts/03 b/patches/source/glibc/timezone-scripts/parts/03 new file mode 100644 index 00000000..7da2043d --- /dev/null +++ b/patches/source/glibc/timezone-scripts/parts/03 @@ -0,0 +1,1658 @@ +US/Alaska +US/Aleutian +US/Arizona +US/Central +US/East-Indiana +US/Eastern +US/Hawaii +US/Indiana-Starke +US/Michigan +US/Mountain +US/Pacific +US/Pacific-New +US/Samoa +Africa/Abidjan +Africa/Accra +Africa/Addis_Ababa +Africa/Algiers +Africa/Asmera +Africa/Bamako +Africa/Bangui +Africa/Banjul +Africa/Bissau +Africa/Blantyre +Africa/Brazzaville +Africa/Bujumbura +Africa/Cairo +Africa/Casablanca +Africa/Ceuta +Africa/Conakry +Africa/Dakar +Africa/Dar_es_Salaam +Africa/Djibouti +Africa/Douala +Africa/El_Aaiun +Africa/Freetown +Africa/Gaborone +Africa/Harare +Africa/Johannesburg +Africa/Kampala +Africa/Khartoum +Africa/Kigali +Africa/Kinshasa +Africa/Lagos +Africa/Libreville +Africa/Lome +Africa/Luanda +Africa/Lubumbashi +Africa/Lusaka +Africa/Malabo +Africa/Maputo +Africa/Maseru +Africa/Mbabane +Africa/Mogadishu +Africa/Monrovia +Africa/Nairobi +Africa/Ndjamena +Africa/Niamey +Africa/Nouakchott +Africa/Ouagadougou +Africa/Porto-Novo +Africa/Sao_Tome +Africa/Timbuktu +Africa/Tripoli +Africa/Tunis +Africa/Windhoek +America/Adak +America/Anchorage +America/Anguilla +America/Antigua +America/Araguaina +America/Argentina/Buenos_Aires +America/Argentina/Catamarca +America/Argentina/ComodRivadavia +America/Argentina/Cordoba +America/Argentina/Jujuy +America/Argentina/La_Rioja +America/Argentina/Mendoza +America/Argentina/Rio_Gallegos +America/Argentina/San_Juan +America/Argentina/Tucuman +America/Argentina/Ushuaia +America/Aruba +America/Asuncion +America/Atikokan +America/Atka +America/Bahia +America/Barbados +America/Belem +America/Belize +America/Blanc-Sablon +America/Boa_Vista +America/Bogota +America/Boise +America/Buenos_Aires +America/Cambridge_Bay +America/Campo_Grande +America/Cancun +America/Caracas +America/Catamarca +America/Cayenne +America/Cayman +America/Chicago +America/Chihuahua +America/Coral_Harbour +America/Cordoba +America/Costa_Rica +America/Cuiaba +America/Curacao +America/Danmarkshavn +America/Dawson +America/Dawson_Creek +America/Denver +America/Detroit +America/Dominica +America/Edmonton +America/Eirunepe +America/El_Salvador +America/Ensenada +America/Fort_Wayne +America/Fortaleza +America/Glace_Bay +America/Godthab +America/Goose_Bay +America/Grand_Turk +America/Grenada +America/Guadeloupe +America/Guatemala +America/Guayaquil +America/Guyana +America/Halifax +America/Havana +America/Hermosillo +America/Indiana/Indianapolis +America/Indiana/Knox +America/Indiana/Marengo +America/Indiana/Petersburg +America/Indiana/Tell_City +America/Indiana/Vevay +America/Indiana/Vincennes +America/Indianapolis +America/Inuvik +America/Iqaluit +America/Jamaica +America/Jujuy +America/Juneau +America/Kentucky/Louisville +America/Kentucky/Monticello +America/Knox_IN +America/La_Paz +America/Lima +America/Los_Angeles +America/Louisville +America/Maceio +America/Managua +America/Manaus +America/Martinique +America/Mazatlan +America/Mendoza +America/Menominee +America/Merida +America/Mexico_City +America/Miquelon +America/Moncton +America/Monterrey +America/Montevideo +America/Montreal +America/Montserrat +America/Nassau +America/New_York +America/Nipigon +America/Nome +America/Noronha +America/North_Dakota/Center +America/North_Dakota/New_Salem +America/Panama +America/Pangnirtung +America/Paramaribo +America/Phoenix +America/Port-au-Prince +America/Port_of_Spain +America/Porto_Acre +America/Porto_Velho +America/Puerto_Rico +America/Rainy_River +America/Rankin_Inlet +America/Recife +America/Regina +America/Rio_Branco +America/Rosario +America/Santiago +America/Santo_Domingo +America/Sao_Paulo +America/Scoresbysund +America/Shiprock +America/St_Johns +America/St_Kitts +America/St_Lucia +America/St_Thomas +America/St_Vincent +America/Swift_Current +America/Tegucigalpa +America/Thule +America/Thunder_Bay +America/Tijuana +America/Toronto +America/Tortola +America/Vancouver +America/Virgin +America/Whitehorse +America/Winnipeg +America/Yakutat +America/Yellowknife +Antarctica/Casey +Antarctica/Davis +Antarctica/DumontDUrville +Antarctica/Mawson +Antarctica/McMurdo +Antarctica/Palmer +Antarctica/Rothera +Antarctica/South_Pole +Antarctica/Syowa +Antarctica/Troll +Antarctica/Vostok +Arctic/Longyearbyen +Asia/Aden +Asia/Almaty +Asia/Amman +Asia/Anadyr +Asia/Aqtau +Asia/Aqtobe +Asia/Ashgabat +Asia/Ashkhabad +Asia/Baghdad +Asia/Bahrain +Asia/Baku +Asia/Bangkok +Asia/Beirut +Asia/Bishkek +Asia/Brunei +Asia/Calcutta +Asia/Chita +Asia/Choibalsan +Asia/Chongqing +Asia/Chungking +Asia/Colombo +Asia/Dacca +Asia/Damascus +Asia/Dhaka +Asia/Dili +Asia/Dubai +Asia/Dushanbe +Asia/Gaza +Asia/Harbin +Asia/Hong_Kong +Asia/Hovd +Asia/Irkutsk +Asia/Istanbul +Asia/Jakarta +Asia/Jayapura +Asia/Jerusalem +Asia/Kabul +Asia/Kamchatka +Asia/Karachi +Asia/Kashgar +Asia/Katmandu +Asia/Khandyga +Asia/Kolkata +Asia/Krasnoyarsk +Asia/Kuala_Lumpur +Asia/Kuching +Asia/Kuwait +Asia/Macao +Asia/Macau +Asia/Magadan +Asia/Makassar +Asia/Manila +Asia/Muscat +Asia/Nicosia +Asia/Novosibirsk +Asia/Omsk +Asia/Oral +Asia/Phnom_Penh +Asia/Pontianak +Asia/Pyongyang +Asia/Qatar +Asia/Qyzylorda +Asia/Rangoon +Asia/Riyadh +Asia/Saigon +Asia/Sakhalin +Asia/Samarkand +Asia/Seoul +Asia/Shanghai +Asia/Singapore +Asia/Srednekolymsk +Asia/Taipei +Asia/Tashkent +Asia/Tbilisi +Asia/Tehran +Asia/Tel_Aviv +Asia/Thimbu +Asia/Thimphu +Asia/Tokyo +Asia/Ujung_Pandang +Asia/Ulaanbaatar +Asia/Ulan_Bator +Asia/Urumqi +Asia/Ust-Nera +Asia/Vientiane +Asia/Vladivostok +Asia/Yakutsk +Asia/Yekaterinburg +Asia/Yerevan +Atlantic/Azores +Atlantic/Bermuda +Atlantic/Canary +Atlantic/Cape_Verde +Atlantic/Faeroe +Atlantic/Jan_Mayen +Atlantic/Madeira +Atlantic/Reykjavik +Atlantic/South_Georgia +Atlantic/St_Helena +Atlantic/Stanley +Australia/ACT +Australia/Adelaide +Australia/Brisbane +Australia/Broken_Hill +Australia/Canberra +Australia/Currie +Australia/Darwin +Australia/Hobart +Australia/LHI +Australia/Lindeman +Australia/Lord_Howe +Australia/Melbourne +Australia/NSW +Australia/North +Australia/Perth +Australia/Queensland +Australia/South +Australia/Sydney +Australia/Tasmania +Australia/Victoria +Australia/West +Australia/Yancowinna +Brazil/Acre +Brazil/DeNoronha +Brazil/East +Brazil/West +CET +CST6CDT +Canada/Atlantic +Canada/Central +Canada/East-Saskatchewan +Canada/Eastern +Canada/Mountain +Canada/Newfoundland +Canada/Pacific +Canada/Saskatchewan +Canada/Yukon +Chile/Continental +Chile/EasterIsland +Cuba +EET +EST +EST5EDT +Egypt +Eire +Etc/GMT +Etc/GMT+0 +Etc/GMT+1 +Etc/GMT+10 +Etc/GMT+11 +Etc/GMT+12 +Etc/GMT+2 +Etc/GMT+3 +Etc/GMT+4 +Etc/GMT+5 +Etc/GMT+6 +Etc/GMT+7 +Etc/GMT+8 +Etc/GMT+9 +Etc/GMT-0 +Etc/GMT-1 +Etc/GMT-10 +Etc/GMT-11 +Etc/GMT-12 +Etc/GMT-13 +Etc/GMT-14 +Etc/GMT-2 +Etc/GMT-3 +Etc/GMT-4 +Etc/GMT-5 +Etc/GMT-6 +Etc/GMT-7 +Etc/GMT-8 +Etc/GMT-9 +Etc/GMT0 +Etc/Greenwich +Etc/UCT +Etc/UTC +Etc/Universal +Etc/Zulu +Europe/Amsterdam +Europe/Andorra +Europe/Athens +Europe/Belfast +Europe/Belgrade +Europe/Berlin +Europe/Bratislava +Europe/Brussels +Europe/Bucharest +Europe/Budapest +Europe/Busingen +Europe/Chisinau +Europe/Copenhagen +Europe/Dublin +Europe/Gibraltar +Europe/Guernsey +Europe/Helsinki +Europe/Isle_of_Man +Europe/Istanbul +Europe/Jersey +Europe/Kaliningrad +Europe/Kiev +Europe/Lisbon +Europe/Ljubljana +Europe/London +Europe/Luxembourg +Europe/Madrid +Europe/Malta +Europe/Mariehamn +Europe/Minsk +Europe/Monaco +Europe/Moscow +Europe/Nicosia +Europe/Oslo +Europe/Paris +Europe/Podgorica +Europe/Prague +Europe/Riga +Europe/Rome +Europe/Samara +Europe/San_Marino +Europe/Sarajevo +Europe/Simferopol +Europe/Skopje +Europe/Sofia +Europe/Stockholm +Europe/Tallinn +Europe/Tirane +Europe/Tiraspol +Europe/Uzhgorod +Europe/Vaduz +Europe/Vatican +Europe/Vienna +Europe/Vilnius +Europe/Volgograd +Europe/Warsaw +Europe/Zagreb +Europe/Zaporozhye +Europe/Zurich +Factory +GB +GB-Eire +GMT +GMT+0 +GMT-0 +GMT0 +Greenwich +HST +Hongkong +Iceland +Indian/Antananarivo +Indian/Chagos +Indian/Christmas +Indian/Cocos +Indian/Comoro +Indian/Kerguelen +Indian/Mahe +Indian/Maldives +Indian/Mauritius +Indian/Mayotte +Indian/Reunion +Iran +Israel +Jamaica +Japan +Kwajalein +Libya +MET +MST +MST7MDT +Mexico/BajaNorte +Mexico/BajaSur +Mexico/General +NZ +NZ-CHAT +Navajo +PRC +PST8PDT +Pacific/Apia +Pacific/Auckland +Pacific/Bougainville +Pacific/Chatham +Pacific/Easter +Pacific/Efate +Pacific/Enderbury +Pacific/Fakaofo +Pacific/Fiji +Pacific/Funafuti +Pacific/Galapagos +Pacific/Gambier +Pacific/Guadalcanal +Pacific/Guam +Pacific/Honolulu +Pacific/Johnston +Pacific/Kiritimati +Pacific/Kosrae +Pacific/Kwajalein +Pacific/Majuro +Pacific/Marquesas +Pacific/Midway +Pacific/Nauru +Pacific/Niue +Pacific/Norfolk +Pacific/Noumea +Pacific/Pago_Pago +Pacific/Palau +Pacific/Pitcairn +Pacific/Ponape +Pacific/Port_Moresby +Pacific/Rarotonga +Pacific/Saipan +Pacific/Samoa +Pacific/Tahiti +Pacific/Tarawa +Pacific/Tongatapu +Pacific/Truk +Pacific/Wake +Pacific/Wallis +Pacific/Yap +Poland +Portugal +ROC +ROK +Singapore +Turkey +UCT +UTC +Universal +W-SU +WET +Zulu +posix/Africa/Abidjan +posix/Africa/Accra +posix/Africa/Addis_Ababa +posix/Africa/Algiers +posix/Africa/Asmera +posix/Africa/Bamako +posix/Africa/Bangui +posix/Africa/Banjul +posix/Africa/Bissau +posix/Africa/Blantyre +posix/Africa/Brazzaville +posix/Africa/Bujumbura +posix/Africa/Cairo +posix/Africa/Casablanca +posix/Africa/Ceuta +posix/Africa/Conakry +posix/Africa/Dakar +posix/Africa/Dar_es_Salaam +posix/Africa/Djibouti +posix/Africa/Douala +posix/Africa/El_Aaiun +posix/Africa/Freetown +posix/Africa/Gaborone +posix/Africa/Harare +posix/Africa/Johannesburg +posix/Africa/Kampala +posix/Africa/Khartoum +posix/Africa/Kigali +posix/Africa/Kinshasa +posix/Africa/Lagos +posix/Africa/Libreville +posix/Africa/Lome +posix/Africa/Luanda +posix/Africa/Lubumbashi +posix/Africa/Lusaka +posix/Africa/Malabo +posix/Africa/Maputo +posix/Africa/Maseru +posix/Africa/Mbabane +posix/Africa/Mogadishu +posix/Africa/Monrovia +posix/Africa/Nairobi +posix/Africa/Ndjamena +posix/Africa/Niamey +posix/Africa/Nouakchott +posix/Africa/Ouagadougou +posix/Africa/Porto-Novo +posix/Africa/Sao_Tome +posix/Africa/Timbuktu +posix/Africa/Tripoli +posix/Africa/Tunis +posix/Africa/Windhoek +posix/America/Adak +posix/America/Anchorage +posix/America/Anguilla +posix/America/Antigua +posix/America/Araguaina +posix/America/Argentina/Buenos_Aires +posix/America/Argentina/Catamarca +posix/America/Argentina/ComodRivadavia +posix/America/Argentina/Cordoba +posix/America/Argentina/Jujuy +posix/America/Argentina/La_Rioja +posix/America/Argentina/Mendoza +posix/America/Argentina/Rio_Gallegos +posix/America/Argentina/San_Juan +posix/America/Argentina/Tucuman +posix/America/Argentina/Ushuaia +posix/America/Aruba +posix/America/Asuncion +posix/America/Atikokan +posix/America/Atka +posix/America/Bahia +posix/America/Barbados +posix/America/Belem +posix/America/Belize +posix/America/Blanc-Sablon +posix/America/Boa_Vista +posix/America/Bogota +posix/America/Boise +posix/America/Buenos_Aires +posix/America/Cambridge_Bay +posix/America/Campo_Grande +posix/America/Cancun +posix/America/Caracas +posix/America/Catamarca +posix/America/Cayenne +posix/America/Cayman +posix/America/Chicago +posix/America/Chihuahua +posix/America/Coral_Harbour +posix/America/Cordoba +posix/America/Costa_Rica +posix/America/Cuiaba +posix/America/Curacao +posix/America/Danmarkshavn +posix/America/Dawson +posix/America/Dawson_Creek +posix/America/Denver +posix/America/Detroit +posix/America/Dominica +posix/America/Edmonton +posix/America/Eirunepe +posix/America/El_Salvador +posix/America/Ensenada +posix/America/Fort_Wayne +posix/America/Fortaleza +posix/America/Glace_Bay +posix/America/Godthab +posix/America/Goose_Bay +posix/America/Grand_Turk +posix/America/Grenada +posix/America/Guadeloupe +posix/America/Guatemala +posix/America/Guayaquil +posix/America/Guyana +posix/America/Halifax +posix/America/Havana +posix/America/Hermosillo +posix/America/Indiana/Indianapolis +posix/America/Indiana/Knox +posix/America/Indiana/Marengo +posix/America/Indiana/Petersburg +posix/America/Indiana/Tell_City +posix/America/Indiana/Vevay +posix/America/Indiana/Vincennes +posix/America/Indianapolis +posix/America/Inuvik +posix/America/Iqaluit +posix/America/Jamaica +posix/America/Jujuy +posix/America/Juneau +posix/America/Kentucky/Louisville +posix/America/Kentucky/Monticello +posix/America/Knox_IN +posix/America/La_Paz +posix/America/Lima +posix/America/Los_Angeles +posix/America/Louisville +posix/America/Maceio +posix/America/Managua +posix/America/Manaus +posix/America/Martinique +posix/America/Mazatlan +posix/America/Mendoza +posix/America/Menominee +posix/America/Merida +posix/America/Mexico_City +posix/America/Miquelon +posix/America/Moncton +posix/America/Monterrey +posix/America/Montevideo +posix/America/Montreal +posix/America/Montserrat +posix/America/Nassau +posix/America/New_York +posix/America/Nipigon +posix/America/Nome +posix/America/Noronha +posix/America/North_Dakota/Center +posix/America/North_Dakota/New_Salem +posix/America/Panama +posix/America/Pangnirtung +posix/America/Paramaribo +posix/America/Phoenix +posix/America/Port-au-Prince +posix/America/Port_of_Spain +posix/America/Porto_Acre +posix/America/Porto_Velho +posix/America/Puerto_Rico +posix/America/Rainy_River +posix/America/Rankin_Inlet +posix/America/Recife +posix/America/Regina +posix/America/Rio_Branco +posix/America/Rosario +posix/America/Santiago +posix/America/Santo_Domingo +posix/America/Sao_Paulo +posix/America/Scoresbysund +posix/America/Shiprock +posix/America/St_Johns +posix/America/St_Kitts +posix/America/St_Lucia +posix/America/St_Thomas +posix/America/St_Vincent +posix/America/Swift_Current +posix/America/Tegucigalpa +posix/America/Thule +posix/America/Thunder_Bay +posix/America/Tijuana +posix/America/Toronto +posix/America/Tortola +posix/America/Vancouver +posix/America/Virgin +posix/America/Whitehorse +posix/America/Winnipeg +posix/America/Yakutat +posix/America/Yellowknife +posix/Antarctica/Casey +posix/Antarctica/Davis +posix/Antarctica/DumontDUrville +posix/Antarctica/Mawson +posix/Antarctica/McMurdo +posix/Antarctica/Palmer +posix/Antarctica/Rothera +posix/Antarctica/South_Pole +posix/Antarctica/Syowa +posix/Antarctica/Troll +posix/Antarctica/Vostok +posix/Arctic/Longyearbyen +posix/Asia/Aden +posix/Asia/Almaty +posix/Asia/Amman +posix/Asia/Anadyr +posix/Asia/Aqtau +posix/Asia/Aqtobe +posix/Asia/Ashgabat +posix/Asia/Ashkhabad +posix/Asia/Baghdad +posix/Asia/Bahrain +posix/Asia/Baku +posix/Asia/Bangkok +posix/Asia/Beirut +posix/Asia/Bishkek +posix/Asia/Brunei +posix/Asia/Calcutta +posix/Asia/Chita +posix/Asia/Choibalsan +posix/Asia/Chongqing +posix/Asia/Chungking +posix/Asia/Colombo +posix/Asia/Dacca +posix/Asia/Damascus +posix/Asia/Dhaka +posix/Asia/Dili +posix/Asia/Dubai +posix/Asia/Dushanbe +posix/Asia/Gaza +posix/Asia/Harbin +posix/Asia/Hong_Kong +posix/Asia/Hovd +posix/Asia/Irkutsk +posix/Asia/Istanbul +posix/Asia/Jakarta +posix/Asia/Jayapura +posix/Asia/Jerusalem +posix/Asia/Kabul +posix/Asia/Kamchatka +posix/Asia/Karachi +posix/Asia/Kashgar +posix/Asia/Katmandu +posix/Asia/Krasnoyarsk +posix/Asia/Kuala_Lumpur +posix/Asia/Kuching +posix/Asia/Kuwait +posix/Asia/Macao +posix/Asia/Macau +posix/Asia/Magadan +posix/Asia/Makassar +posix/Asia/Manila +posix/Asia/Muscat +posix/Asia/Nicosia +posix/Asia/Novosibirsk +posix/Asia/Omsk +posix/Asia/Oral +posix/Asia/Phnom_Penh +posix/Asia/Pontianak +posix/Asia/Pyongyang +posix/Asia/Qatar +posix/Asia/Qyzylorda +posix/Asia/Rangoon +posix/Asia/Riyadh +posix/Asia/Saigon +posix/Asia/Sakhalin +posix/Asia/Samarkand +posix/Asia/Seoul +posix/Asia/Shanghai +posix/Asia/Singapore +posix/Asia/Srednekolymsk +posix/Asia/Taipei +posix/Asia/Tashkent +posix/Asia/Tbilisi +posix/Asia/Tehran +posix/Asia/Tel_Aviv +posix/Asia/Thimbu +posix/Asia/Thimphu +posix/Asia/Tokyo +posix/Asia/Ujung_Pandang +posix/Asia/Ulaanbaatar +posix/Asia/Ulan_Bator +posix/Asia/Urumqi +posix/Asia/Vientiane +posix/Asia/Vladivostok +posix/Asia/Yakutsk +posix/Asia/Yekaterinburg +posix/Asia/Yerevan +posix/Atlantic/Azores +posix/Atlantic/Bermuda +posix/Atlantic/Canary +posix/Atlantic/Cape_Verde +posix/Atlantic/Faeroe +posix/Atlantic/Jan_Mayen +posix/Atlantic/Madeira +posix/Atlantic/Reykjavik +posix/Atlantic/South_Georgia +posix/Atlantic/St_Helena +posix/Atlantic/Stanley +posix/Australia/ACT +posix/Australia/Adelaide +posix/Australia/Brisbane +posix/Australia/Broken_Hill +posix/Australia/Canberra +posix/Australia/Currie +posix/Australia/Darwin +posix/Australia/Hobart +posix/Australia/LHI +posix/Australia/Lindeman +posix/Australia/Lord_Howe +posix/Australia/Melbourne +posix/Australia/NSW +posix/Australia/North +posix/Australia/Perth +posix/Australia/Queensland +posix/Australia/South +posix/Australia/Sydney +posix/Australia/Tasmania +posix/Australia/Victoria +posix/Australia/West +posix/Australia/Yancowinna +posix/Brazil/Acre +posix/Brazil/DeNoronha +posix/Brazil/East +posix/Brazil/West +posix/CET +posix/CST6CDT +posix/Canada/Atlantic +posix/Canada/Central +posix/Canada/East-Saskatchewan +posix/Canada/Eastern +posix/Canada/Mountain +posix/Canada/Newfoundland +posix/Canada/Pacific +posix/Canada/Saskatchewan +posix/Canada/Yukon +posix/Chile/Continental +posix/Chile/EasterIsland +posix/Cuba +posix/EET +posix/EST +posix/EST5EDT +posix/Egypt +posix/Eire +posix/Etc/GMT +posix/Etc/GMT+0 +posix/Etc/GMT+1 +posix/Etc/GMT+10 +posix/Etc/GMT+11 +posix/Etc/GMT+12 +posix/Etc/GMT+2 +posix/Etc/GMT+3 +posix/Etc/GMT+4 +posix/Etc/GMT+5 +posix/Etc/GMT+6 +posix/Etc/GMT+7 +posix/Etc/GMT+8 +posix/Etc/GMT+9 +posix/Etc/GMT-0 +posix/Etc/GMT-1 +posix/Etc/GMT-10 +posix/Etc/GMT-11 +posix/Etc/GMT-12 +posix/Etc/GMT-13 +posix/Etc/GMT-14 +posix/Etc/GMT-2 +posix/Etc/GMT-3 +posix/Etc/GMT-4 +posix/Etc/GMT-5 +posix/Etc/GMT-6 +posix/Etc/GMT-7 +posix/Etc/GMT-8 +posix/Etc/GMT-9 +posix/Etc/GMT0 +posix/Etc/Greenwich +posix/Etc/UCT +posix/Etc/UTC +posix/Etc/Universal +posix/Etc/Zulu +posix/Europe/Amsterdam +posix/Europe/Andorra +posix/Europe/Athens +posix/Europe/Belfast +posix/Europe/Belgrade +posix/Europe/Berlin +posix/Europe/Bratislava +posix/Europe/Brussels +posix/Europe/Bucharest +posix/Europe/Budapest +posix/Europe/Chisinau +posix/Europe/Copenhagen +posix/Europe/Dublin +posix/Europe/Gibraltar +posix/Europe/Guernsey +posix/Europe/Helsinki +posix/Europe/Isle_of_Man +posix/Europe/Istanbul +posix/Europe/Jersey +posix/Europe/Kaliningrad +posix/Europe/Kiev +posix/Europe/Lisbon +posix/Europe/Ljubljana +posix/Europe/London +posix/Europe/Luxembourg +posix/Europe/Madrid +posix/Europe/Malta +posix/Europe/Mariehamn +posix/Europe/Minsk +posix/Europe/Monaco +posix/Europe/Moscow +posix/Europe/Nicosia +posix/Europe/Oslo +posix/Europe/Paris +posix/Europe/Podgorica +posix/Europe/Prague +posix/Europe/Riga +posix/Europe/Rome +posix/Europe/Samara +posix/Europe/San_Marino +posix/Europe/Sarajevo +posix/Europe/Simferopol +posix/Europe/Skopje +posix/Europe/Sofia +posix/Europe/Stockholm +posix/Europe/Tallinn +posix/Europe/Tirane +posix/Europe/Tiraspol +posix/Europe/Uzhgorod +posix/Europe/Vaduz +posix/Europe/Vatican +posix/Europe/Vienna +posix/Europe/Vilnius +posix/Europe/Volgograd +posix/Europe/Warsaw +posix/Europe/Zagreb +posix/Europe/Zaporozhye +posix/Europe/Zurich +posix/Factory +posix/GB +posix/GB-Eire +posix/GMT +posix/GMT+0 +posix/GMT-0 +posix/GMT0 +posix/Greenwich +posix/HST +posix/Hongkong +posix/Iceland +posix/Indian/Antananarivo +posix/Indian/Chagos +posix/Indian/Christmas +posix/Indian/Cocos +posix/Indian/Comoro +posix/Indian/Kerguelen +posix/Indian/Mahe +posix/Indian/Maldives +posix/Indian/Mauritius +posix/Indian/Mayotte +posix/Indian/Reunion +posix/Iran +posix/Israel +posix/Jamaica +posix/Japan +posix/Kwajalein +posix/Libya +posix/MET +posix/MST +posix/MST7MDT +posix/Mexico/BajaNorte +posix/Mexico/BajaSur +posix/Mexico/General +posix/NZ +posix/NZ-CHAT +posix/Navajo +posix/PRC +posix/PST8PDT +posix/Pacific/Apia +posix/Pacific/Auckland +posix/Pacific/Bougainville +posix/Pacific/Chatham +posix/Pacific/Easter +posix/Pacific/Efate +posix/Pacific/Enderbury +posix/Pacific/Fakaofo +posix/Pacific/Fiji +posix/Pacific/Funafuti +posix/Pacific/Galapagos +posix/Pacific/Gambier +posix/Pacific/Guadalcanal +posix/Pacific/Guam +posix/Pacific/Honolulu +posix/Pacific/Johnston +posix/Pacific/Kiritimati +posix/Pacific/Kosrae +posix/Pacific/Kwajalein +posix/Pacific/Majuro +posix/Pacific/Marquesas +posix/Pacific/Midway +posix/Pacific/Nauru +posix/Pacific/Niue +posix/Pacific/Norfolk +posix/Pacific/Noumea +posix/Pacific/Pago_Pago +posix/Pacific/Palau +posix/Pacific/Pitcairn +posix/Pacific/Ponape +posix/Pacific/Port_Moresby +posix/Pacific/Rarotonga +posix/Pacific/Saipan +posix/Pacific/Samoa +posix/Pacific/Tahiti +posix/Pacific/Tarawa +posix/Pacific/Tongatapu +posix/Pacific/Truk +posix/Pacific/Wake +posix/Pacific/Wallis +posix/Pacific/Yap +posix/Poland +posix/Portugal +posix/ROC +posix/ROK +posix/Singapore +posix/Turkey +posix/UCT +posix/US/Alaska +posix/US/Aleutian +posix/US/Arizona +posix/US/Central +posix/US/East-Indiana +posix/US/Eastern +posix/US/Hawaii +posix/US/Indiana-Starke +posix/US/Michigan +posix/US/Mountain +posix/US/Pacific +posix/US/Pacific-New +posix/US/Samoa +posix/UTC +posix/Universal +posix/W-SU +posix/WET +posix/Zulu +posixrules +right/Africa/Abidjan +right/Africa/Accra +right/Africa/Addis_Ababa +right/Africa/Algiers +right/Africa/Asmera +right/Africa/Bamako +right/Africa/Bangui +right/Africa/Banjul +right/Africa/Bissau +right/Africa/Blantyre +right/Africa/Brazzaville +right/Africa/Bujumbura +right/Africa/Cairo +right/Africa/Casablanca +right/Africa/Ceuta +right/Africa/Conakry +right/Africa/Dakar +right/Africa/Dar_es_Salaam +right/Africa/Djibouti +right/Africa/Douala +right/Africa/El_Aaiun +right/Africa/Freetown +right/Africa/Gaborone +right/Africa/Harare +right/Africa/Johannesburg +right/Africa/Kampala +right/Africa/Khartoum +right/Africa/Kigali +right/Africa/Kinshasa +right/Africa/Lagos +right/Africa/Libreville +right/Africa/Lome +right/Africa/Luanda +right/Africa/Lubumbashi +right/Africa/Lusaka +right/Africa/Malabo +right/Africa/Maputo +right/Africa/Maseru +right/Africa/Mbabane +right/Africa/Mogadishu +right/Africa/Monrovia +right/Africa/Nairobi +right/Africa/Ndjamena +right/Africa/Niamey +right/Africa/Nouakchott +right/Africa/Ouagadougou +right/Africa/Porto-Novo +right/Africa/Sao_Tome +right/Africa/Timbuktu +right/Africa/Tripoli +right/Africa/Tunis +right/Africa/Windhoek +right/America/Adak +right/America/Anchorage +right/America/Anguilla +right/America/Antigua +right/America/Araguaina +right/America/Argentina/Buenos_Aires +right/America/Argentina/Catamarca +right/America/Argentina/ComodRivadavia +right/America/Argentina/Cordoba +right/America/Argentina/Jujuy +right/America/Argentina/La_Rioja +right/America/Argentina/Mendoza +right/America/Argentina/Rio_Gallegos +right/America/Argentina/San_Juan +right/America/Argentina/Tucuman +right/America/Argentina/Ushuaia +right/America/Aruba +right/America/Asuncion +right/America/Atikokan +right/America/Atka +right/America/Bahia +right/America/Barbados +right/America/Belem +right/America/Belize +right/America/Blanc-Sablon +right/America/Boa_Vista +right/America/Bogota +right/America/Boise +right/America/Buenos_Aires +right/America/Cambridge_Bay +right/America/Campo_Grande +right/America/Cancun +right/America/Caracas +right/America/Catamarca +right/America/Cayenne +right/America/Cayman +right/America/Chicago +right/America/Chihuahua +right/America/Coral_Harbour +right/America/Cordoba +right/America/Costa_Rica +right/America/Cuiaba +right/America/Curacao +right/America/Danmarkshavn +right/America/Dawson +right/America/Dawson_Creek +right/America/Denver +right/America/Detroit +right/America/Dominica +right/America/Edmonton +right/America/Eirunepe +right/America/El_Salvador +right/America/Ensenada +right/America/Fort_Wayne +right/America/Fortaleza +right/America/Glace_Bay +right/America/Godthab +right/America/Goose_Bay +right/America/Grand_Turk +right/America/Grenada +right/America/Guadeloupe +right/America/Guatemala +right/America/Guayaquil +right/America/Guyana +right/America/Halifax +right/America/Havana +right/America/Hermosillo +right/America/Indiana/Indianapolis +right/America/Indiana/Knox +right/America/Indiana/Marengo +right/America/Indiana/Petersburg +right/America/Indiana/Tell_City +right/America/Indiana/Vevay +right/America/Indiana/Vincennes +right/America/Indianapolis +right/America/Inuvik +right/America/Iqaluit +right/America/Jamaica +right/America/Jujuy +right/America/Juneau +right/America/Kentucky/Louisville +right/America/Kentucky/Monticello +right/America/Knox_IN +right/America/La_Paz +right/America/Lima +right/America/Los_Angeles +right/America/Louisville +right/America/Maceio +right/America/Managua +right/America/Manaus +right/America/Martinique +right/America/Mazatlan +right/America/Mendoza +right/America/Menominee +right/America/Merida +right/America/Mexico_City +right/America/Miquelon +right/America/Moncton +right/America/Monterrey +right/America/Montevideo +right/America/Montreal +right/America/Montserrat +right/America/Nassau +right/America/New_York +right/America/Nipigon +right/America/Nome +right/America/Noronha +right/America/North_Dakota/Center +right/America/North_Dakota/New_Salem +right/America/Panama +right/America/Pangnirtung +right/America/Paramaribo +right/America/Phoenix +right/America/Port-au-Prince +right/America/Port_of_Spain +right/America/Porto_Acre +right/America/Porto_Velho +right/America/Puerto_Rico +right/America/Rainy_River +right/America/Rankin_Inlet +right/America/Recife +right/America/Regina +right/America/Rio_Branco +right/America/Rosario +right/America/Santiago +right/America/Santo_Domingo +right/America/Sao_Paulo +right/America/Scoresbysund +right/America/Shiprock +right/America/St_Johns +right/America/St_Kitts +right/America/St_Lucia +right/America/St_Thomas +right/America/St_Vincent +right/America/Swift_Current +right/America/Tegucigalpa +right/America/Thule +right/America/Thunder_Bay +right/America/Tijuana +right/America/Toronto +right/America/Tortola +right/America/Vancouver +right/America/Virgin +right/America/Whitehorse +right/America/Winnipeg +right/America/Yakutat +right/America/Yellowknife +right/Antarctica/Casey +right/Antarctica/Davis +right/Antarctica/DumontDUrville +right/Antarctica/Mawson +right/Antarctica/McMurdo +right/Antarctica/Palmer +right/Antarctica/Rothera +right/Antarctica/South_Pole +right/Antarctica/Syowa +right/Antarctica/Troll +right/Antarctica/Vostok +right/Arctic/Longyearbyen +right/Asia/Aden +right/Asia/Almaty +right/Asia/Amman +right/Asia/Anadyr +right/Asia/Aqtau +right/Asia/Aqtobe +right/Asia/Ashgabat +right/Asia/Ashkhabad +right/Asia/Baghdad +right/Asia/Bahrain +right/Asia/Baku +right/Asia/Bangkok +right/Asia/Beirut +right/Asia/Bishkek +right/Asia/Brunei +right/Asia/Calcutta +right/Asia/Chita +right/Asia/Choibalsan +right/Asia/Chongqing +right/Asia/Chungking +right/Asia/Colombo +right/Asia/Dacca +right/Asia/Damascus +right/Asia/Dhaka +right/Asia/Dili +right/Asia/Dubai +right/Asia/Dushanbe +right/Asia/Gaza +right/Asia/Harbin +right/Asia/Hong_Kong +right/Asia/Hovd +right/Asia/Irkutsk +right/Asia/Istanbul +right/Asia/Jakarta +right/Asia/Jayapura +right/Asia/Jerusalem +right/Asia/Kabul +right/Asia/Kamchatka +right/Asia/Karachi +right/Asia/Kashgar +right/Asia/Katmandu +right/Asia/Krasnoyarsk +right/Asia/Kuala_Lumpur +right/Asia/Kuching +right/Asia/Kuwait +right/Asia/Macao +right/Asia/Macau +right/Asia/Magadan +right/Asia/Makassar +right/Asia/Manila +right/Asia/Muscat +right/Asia/Nicosia +right/Asia/Novosibirsk +right/Asia/Omsk +right/Asia/Oral +right/Asia/Phnom_Penh +right/Asia/Pontianak +right/Asia/Pyongyang +right/Asia/Qatar +right/Asia/Qyzylorda +right/Asia/Rangoon +right/Asia/Riyadh +right/Asia/Saigon +right/Asia/Sakhalin +right/Asia/Samarkand +right/Asia/Seoul +right/Asia/Shanghai +right/Asia/Singapore +right/Asia/Srednekolymsk +right/Asia/Taipei +right/Asia/Tashkent +right/Asia/Tbilisi +right/Asia/Tehran +right/Asia/Tel_Aviv +right/Asia/Thimbu +right/Asia/Thimphu +right/Asia/Tokyo +right/Asia/Ujung_Pandang +right/Asia/Ulaanbaatar +right/Asia/Ulan_Bator +right/Asia/Urumqi +right/Asia/Vientiane +right/Asia/Vladivostok +right/Asia/Yakutsk +right/Asia/Yekaterinburg +right/Asia/Yerevan +right/Atlantic/Azores +right/Atlantic/Bermuda +right/Atlantic/Canary +right/Atlantic/Cape_Verde +right/Atlantic/Faeroe +right/Atlantic/Jan_Mayen +right/Atlantic/Madeira +right/Atlantic/Reykjavik +right/Atlantic/South_Georgia +right/Atlantic/St_Helena +right/Atlantic/Stanley +right/Australia/ACT +right/Australia/Adelaide +right/Australia/Brisbane +right/Australia/Broken_Hill +right/Australia/Canberra +right/Australia/Currie +right/Australia/Darwin +right/Australia/Hobart +right/Australia/LHI +right/Australia/Lindeman +right/Australia/Lord_Howe +right/Australia/Melbourne +right/Australia/NSW +right/Australia/North +right/Australia/Perth +right/Australia/Queensland +right/Australia/South +right/Australia/Sydney +right/Australia/Tasmania +right/Australia/Victoria +right/Australia/West +right/Australia/Yancowinna +right/Brazil/Acre +right/Brazil/DeNoronha +right/Brazil/East +right/Brazil/West +right/CET +right/CST6CDT +right/Canada/Atlantic +right/Canada/Central +right/Canada/East-Saskatchewan +right/Canada/Eastern +right/Canada/Mountain +right/Canada/Newfoundland +right/Canada/Pacific +right/Canada/Saskatchewan +right/Canada/Yukon +right/Chile/Continental +right/Chile/EasterIsland +right/Cuba +right/EET +right/EST +right/EST5EDT +right/Egypt +right/Eire +right/Etc/GMT +right/Etc/GMT+0 +right/Etc/GMT+1 +right/Etc/GMT+10 +right/Etc/GMT+11 +right/Etc/GMT+12 +right/Etc/GMT+2 +right/Etc/GMT+3 +right/Etc/GMT+4 +right/Etc/GMT+5 +right/Etc/GMT+6 +right/Etc/GMT+7 +right/Etc/GMT+8 +right/Etc/GMT+9 +right/Etc/GMT-0 +right/Etc/GMT-1 +right/Etc/GMT-10 +right/Etc/GMT-11 +right/Etc/GMT-12 +right/Etc/GMT-13 +right/Etc/GMT-14 +right/Etc/GMT-2 +right/Etc/GMT-3 +right/Etc/GMT-4 +right/Etc/GMT-5 +right/Etc/GMT-6 +right/Etc/GMT-7 +right/Etc/GMT-8 +right/Etc/GMT-9 +right/Etc/GMT0 +right/Etc/Greenwich +right/Etc/UCT +right/Etc/UTC +right/Etc/Universal +right/Etc/Zulu +right/Europe/Amsterdam +right/Europe/Andorra +right/Europe/Athens +right/Europe/Belfast +right/Europe/Belgrade +right/Europe/Berlin +right/Europe/Bratislava +right/Europe/Brussels +right/Europe/Bucharest +right/Europe/Budapest +right/Europe/Chisinau +right/Europe/Copenhagen +right/Europe/Dublin +right/Europe/Gibraltar +right/Europe/Guernsey +right/Europe/Helsinki +right/Europe/Isle_of_Man +right/Europe/Istanbul +right/Europe/Jersey +right/Europe/Kaliningrad +right/Europe/Kiev +right/Europe/Lisbon +right/Europe/Ljubljana +right/Europe/London +right/Europe/Luxembourg +right/Europe/Madrid +right/Europe/Malta +right/Europe/Mariehamn +right/Europe/Minsk +right/Europe/Monaco +right/Europe/Moscow +right/Europe/Nicosia +right/Europe/Oslo +right/Europe/Paris +right/Europe/Podgorica +right/Europe/Prague +right/Europe/Riga +right/Europe/Rome +right/Europe/Samara +right/Europe/San_Marino +right/Europe/Sarajevo +right/Europe/Simferopol +right/Europe/Skopje +right/Europe/Sofia +right/Europe/Stockholm +right/Europe/Tallinn +right/Europe/Tirane +right/Europe/Tiraspol +right/Europe/Uzhgorod +right/Europe/Vaduz +right/Europe/Vatican +right/Europe/Vienna +right/Europe/Vilnius +right/Europe/Volgograd +right/Europe/Warsaw +right/Europe/Zagreb +right/Europe/Zaporozhye +right/Europe/Zurich +right/Factory +right/GB +right/GB-Eire +right/GMT +right/GMT+0 +right/GMT-0 +right/GMT0 +right/Greenwich +right/HST +right/Hongkong +right/Iceland +right/Indian/Antananarivo +right/Indian/Chagos +right/Indian/Christmas +right/Indian/Cocos +right/Indian/Comoro +right/Indian/Kerguelen +right/Indian/Mahe +right/Indian/Maldives +right/Indian/Mauritius +right/Indian/Mayotte +right/Indian/Reunion +right/Iran +right/Israel +right/Jamaica +right/Japan +right/Kwajalein +right/Libya +right/MET +right/MST +right/MST7MDT +right/Mexico/BajaNorte +right/Mexico/BajaSur +right/Mexico/General +right/NZ +right/NZ-CHAT +right/Navajo +right/PRC +right/PST8PDT +right/Pacific/Apia +right/Pacific/Auckland +right/Pacific/Bougainville +right/Pacific/Chatham +right/Pacific/Easter +right/Pacific/Efate +right/Pacific/Enderbury +right/Pacific/Fakaofo +right/Pacific/Fiji +right/Pacific/Funafuti +right/Pacific/Galapagos +right/Pacific/Gambier +right/Pacific/Guadalcanal +right/Pacific/Guam +right/Pacific/Honolulu +right/Pacific/Johnston +right/Pacific/Kiritimati +right/Pacific/Kosrae +right/Pacific/Kwajalein +right/Pacific/Majuro +right/Pacific/Marquesas +right/Pacific/Midway +right/Pacific/Nauru +right/Pacific/Niue +right/Pacific/Norfolk +right/Pacific/Noumea +right/Pacific/Pago_Pago +right/Pacific/Palau +right/Pacific/Pitcairn +right/Pacific/Ponape +right/Pacific/Port_Moresby +right/Pacific/Rarotonga +right/Pacific/Saipan +right/Pacific/Samoa +right/Pacific/Tahiti +right/Pacific/Tarawa +right/Pacific/Tongatapu +right/Pacific/Truk +right/Pacific/Wake +right/Pacific/Wallis +right/Pacific/Yap +right/Poland +right/Portugal +right/ROC +right/ROK +right/Singapore +right/Turkey +right/UCT +right/US/Alaska +right/US/Aleutian +right/US/Arizona +right/US/Central +right/US/East-Indiana +right/US/Eastern +right/US/Hawaii +right/US/Indiana-Starke +right/US/Michigan +right/US/Mountain +right/US/Pacific +right/US/Pacific-New +right/US/Samoa +right/UTC +right/Universal +right/W-SU +right/WET +right/Zulu diff --git a/patches/source/glibc/timezone-scripts/parts/04 b/patches/source/glibc/timezone-scripts/parts/04 new file mode 100644 index 00000000..ec36338b --- /dev/null +++ b/patches/source/glibc/timezone-scripts/parts/04 @@ -0,0 +1,32 @@ + +Type it at the prompt below exactly as it appears above. (NOTE: If you don't +see your timezone, use "timeconfig" again after booting for the verbose list) + +EOF + echo -n "Timezone? " + read TIMEZONE; + echo + + if [ -r $T_PX/usr/share/zoneinfo/$TIMEZONE -o \ + -r /var/log/mount/usr/share/zoneinfo/$TIMEZONE -o \ + -L $T_PX/usr/share/zoneinfo/$TIMEZONE -o \ + -L /var/log/mount/usr/share/zoneinfo/$TIMEZONE ]; then + echo "Creating link from $TIMEZONE to localtime in /etc..." + echo + setzone $TIMEZONE + exit + else + cat << EOF + +Timezone $TIMEZONE could not be found. You may try again if you wish. +Make sure you type the name exactly as it appears - this configuration script +is case sensitive. + +Press [enter] to continue. + +EOF + read JUNK; + fi + done +fi + diff --git a/patches/source/glibc/timezone-scripts/parts/README b/patches/source/glibc/timezone-scripts/parts/README new file mode 100644 index 00000000..80d5cf5b --- /dev/null +++ b/patches/source/glibc/timezone-scripts/parts/README @@ -0,0 +1,2 @@ +Files 01 and 03 are samples, showing the format, and are +not necessarily up to date... diff --git a/patches/source/glibc/timezone-scripts/setup.timeconfig b/patches/source/glibc/timezone-scripts/setup.timeconfig new file mode 100644 index 00000000..81ff7055 --- /dev/null +++ b/patches/source/glibc/timezone-scripts/setup.timeconfig @@ -0,0 +1,3 @@ +#!/bin/sh +#BLURB="Select your timezone" +sh usr/sbin/timeconfig $* diff --git a/patches/source/glibc/timezone-scripts/timeconfig b/patches/source/glibc/timezone-scripts/timeconfig new file mode 100644 index 00000000..9f939b36 --- /dev/null +++ b/patches/source/glibc/timezone-scripts/timeconfig @@ -0,0 +1,3695 @@ +#!/bin/sh +# +# timeconfig Slackware Linux timezone configuration utility. +# +# Author: Patrick Volkerding <volkerdi@slackware.com> +# Modified by: David Cantrell <david@slackware.com>, 06-Oct-2000 +# +# ChangeLog: +# 2014-10-22: Updated timezones from tzdata2014i. <pjv> +# 2012-12-12: Updated timezones from tzdata2012j. <pjv> +# 2008-03-10: Updated timezones from tzdata2008a. <pjv> +# 2007-12-21: Updated timezones from tzdata2007j. <pjv> +# 2006-12-03: Updated timezones from tzdata2006p. <pjv> +# 2006-09-14: Updated timezones from tzdata2006k. <pjv> +# 2006-08-22: Updated timezones from tzdata2006j. +# 2006-08-13: Updated timezones from tzdata2006g. +# 2006-03-13: Updated timezones from tzdata2006c. +# 19-Feb-2001 Add new timezones from glibc-2.2.2. +# 06-Oct-2000 Fixed a problem with selecting UTC time. It was writing +# the hardwareclock file to the root disk and not your dest +# partition. Changed the HWCLOCK_CONF variable to be +# $T_PX/etc/hardwareclock to fix this. Thanks to David L. +# Dickman <softbear@optonline.net> for finding this and +# submitting a patch. +# +# 15-Mar-2000 Added the writeconf function to write out the +# /etc/hardwareclock file which tells what the hardware clock +# is set to (UTC or localtime). +# +# 03-Mar-2000 Reorganized script. Made one timezone set block, added +# stage that asks the user if the hardware clock is set to +# UTC. + +# setup our temp locations and variables +TMP=/var/log/setup/tmp +if [ -r $TMP/SeTT_PX ]; then + T_PX="`cat $TMP/SeTT_PX`" +elif [ ! "$!" = "" ]; then + T_PX=$1 +else + T_PX=/ +fi + +# the hardware clock configuration file +HWCLOCK_CONF=$T_PX/etc/hardwareclock + +# setzone( $TIMEZONE ) +# +# This function accepts a time zone as the only parameter and sets it as +# the default system time zone. +setzone() +{ + TZ=$1 + + cd $T_PX/etc + if [ -r $T_PX/usr/share/zoneinfo/$TZ -o \ + -r /var/log/mount/usr/share/zoneinfo/$TZ -o \ + -L $T_PX/usr/share/zoneinfo/$TZ -o \ + -L /var/log/mount/usr/share/zoneinfo/$TZ ]; then + ln -sf /usr/share/zoneinfo/$TZ localtime-copied-from + rm -f localtime + cd .. + chroot . cp etc/localtime-copied-from etc/localtime + fi +} + +# writeconf( $CLOCK_SET_TO ) +# +# Writes out $HWCLOCK_CONF that tells rc.S how the hardware clock +# value is stored. +writeconf() +{ + echo "# /etc/hardwareclock" > $HWCLOCK_CONF + echo "#" >> $HWCLOCK_CONF + echo "# Tells how the hardware clock time is stored." >> $HWCLOCK_CONF + echo "# You should run timeconfig to edit this file." >> $HWCLOCK_CONF + echo >> $HWCLOCK_CONF + echo $1 >> $HWCLOCK_CONF +} + +# ask the user if the hardware clock is set for UTC/GMT +if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then + ### + ### use color menus here + ### + dialog --title "HARDWARE CLOCK SET TO UTC?" --menu "Is the hardware clock set \ +to Coordinated Universal Time (UTC/GMT)? If it is, select YES here. If the \ +hardware clock is set to the current local time (this is how most PCs are set \ +up), then say NO here. If you are not sure what this is, you should answer NO \ +here." 13 60 2 \ + "NO" "Hardware clock is set to local time" \ + "YES" "Hardware clock is set to UTC" \ + 2> $TMP/utc + if [ $? = 1 -o $? = 255 ]; then + rm -f $TMP/utc + exit + fi + if [ "`cat $TMP/utc`" = "YES" ]; then + # yes, the hardware clock is UTC + writeconf "UTC" + else # must be NO + writeconf "localtime" + fi + rm -f $TMP/utc +else + ### + ### use text prompts + ### + echo "Is the hardware clock set to Coordinated Universal Time (UTC/GMT)?" + echo "If it is, select 'y' here. If the hardware clock is set to the" + echo "current local time (this is how most PCs are set up), then say 'n'" + echo "here. If you are not sure what this is, you should answer 'n' here." + echo + echo -n "Is your hardware clock set to UTC ([y]es, [n]o)? " + read HEJAZ + + if [ "$HEJAZ" = "y" -o "$HEJAZ" = "Y" -o "$HEJAZ" = "YES" -o "$HEJAZ" = "yes" ]; then + # yes, the hardware clock is UTC + writeconf "UTC" + else + # default to localtime + writeconf "localtime" + fi +fi + +# Now set the correct timezone link: +if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then + ### + ### use color menus here + ### + dialog --title "TIMEZONE CONFIGURATION" --menu "Please select one of the following timezones for your machine:" 21 50 13 \ +"US/Alaska" " " \ +"US/Aleutian" " " \ +"US/Arizona" " " \ +"US/Central" " " \ +"US/East-Indiana" " " \ +"US/Eastern" " " \ +"US/Hawaii" " " \ +"US/Indiana-Starke" " " \ +"US/Michigan" " " \ +"US/Mountain" " " \ +"US/Pacific" " " \ +"US/Pacific-New" " " \ +"US/Samoa" " " \ +"Africa/Abidjan" " " \ +"Africa/Accra" " " \ +"Africa/Addis_Ababa" " " \ +"Africa/Algiers" " " \ +"Africa/Asmara" " " \ +"Africa/Asmera" " " \ +"Africa/Bamako" " " \ +"Africa/Bangui" " " \ +"Africa/Banjul" " " \ +"Africa/Bissau" " " \ +"Africa/Blantyre" " " \ +"Africa/Brazzaville" " " \ +"Africa/Bujumbura" " " \ +"Africa/Cairo" " " \ +"Africa/Casablanca" " " \ +"Africa/Ceuta" " " \ +"Africa/Conakry" " " \ +"Africa/Dakar" " " \ +"Africa/Dar_es_Salaam" " " \ +"Africa/Djibouti" " " \ +"Africa/Douala" " " \ +"Africa/El_Aaiun" " " \ +"Africa/Freetown" " " \ +"Africa/Gaborone" " " \ +"Africa/Harare" " " \ +"Africa/Johannesburg" " " \ +"Africa/Juba" " " \ +"Africa/Kampala" " " \ +"Africa/Khartoum" " " \ +"Africa/Kigali" " " \ +"Africa/Kinshasa" " " \ +"Africa/Lagos" " " \ +"Africa/Libreville" " " \ +"Africa/Lome" " " \ +"Africa/Luanda" " " \ +"Africa/Lubumbashi" " " \ +"Africa/Lusaka" " " \ +"Africa/Malabo" " " \ +"Africa/Maputo" " " \ +"Africa/Maseru" " " \ +"Africa/Mbabane" " " \ +"Africa/Mogadishu" " " \ +"Africa/Monrovia" " " \ +"Africa/Nairobi" " " \ +"Africa/Ndjamena" " " \ +"Africa/Niamey" " " \ +"Africa/Nouakchott" " " \ +"Africa/Ouagadougou" " " \ +"Africa/Porto-Novo" " " \ +"Africa/Sao_Tome" " " \ +"Africa/Timbuktu" " " \ +"Africa/Tripoli" " " \ +"Africa/Tunis" " " \ +"Africa/Windhoek" " " \ +"America/Adak" " " \ +"America/Anchorage" " " \ +"America/Anguilla" " " \ +"America/Antigua" " " \ +"America/Araguaina" " " \ +"America/Argentina/Buenos_Aires" " " \ +"America/Argentina/Catamarca" " " \ +"America/Argentina/ComodRivadavia" " " \ +"America/Argentina/Cordoba" " " \ +"America/Argentina/Jujuy" " " \ +"America/Argentina/La_Rioja" " " \ +"America/Argentina/Mendoza" " " \ +"America/Argentina/Rio_Gallegos" " " \ +"America/Argentina/Salta" " " \ +"America/Argentina/San_Juan" " " \ +"America/Argentina/San_Luis" " " \ +"America/Argentina/Tucuman" " " \ +"America/Argentina/Ushuaia" " " \ +"America/Aruba" " " \ +"America/Asuncion" " " \ +"America/Atikokan" " " \ +"America/Atka" " " \ +"America/Bahia" " " \ +"America/Bahia_Banderas" " " \ +"America/Barbados" " " \ +"America/Belem" " " \ +"America/Belize" " " \ +"America/Blanc-Sablon" " " \ +"America/Boa_Vista" " " \ +"America/Bogota" " " \ +"America/Boise" " " \ +"America/Buenos_Aires" " " \ +"America/Cambridge_Bay" " " \ +"America/Campo_Grande" " " \ +"America/Cancun" " " \ +"America/Caracas" " " \ +"America/Catamarca" " " \ +"America/Cayenne" " " \ +"America/Cayman" " " \ +"America/Chicago" " " \ +"America/Chihuahua" " " \ +"America/Coral_Harbour" " " \ +"America/Cordoba" " " \ +"America/Costa_Rica" " " \ +"America/Creston" " " \ +"America/Cuiaba" " " \ +"America/Curacao" " " \ +"America/Danmarkshavn" " " \ +"America/Dawson" " " \ +"America/Dawson_Creek" " " \ +"America/Denver" " " \ +"America/Detroit" " " \ +"America/Dominica" " " \ +"America/Edmonton" " " \ +"America/Eirunepe" " " \ +"America/El_Salvador" " " \ +"America/Ensenada" " " \ +"America/Fort_Wayne" " " \ +"America/Fortaleza" " " \ +"America/Glace_Bay" " " \ +"America/Godthab" " " \ +"America/Goose_Bay" " " \ +"America/Grand_Turk" " " \ +"America/Grenada" " " \ +"America/Guadeloupe" " " \ +"America/Guatemala" " " \ +"America/Guayaquil" " " \ +"America/Guyana" " " \ +"America/Halifax" " " \ +"America/Havana" " " \ +"America/Hermosillo" " " \ +"America/Indiana/Indianapolis" " " \ +"America/Indiana/Knox" " " \ +"America/Indiana/Marengo" " " \ +"America/Indiana/Petersburg" " " \ +"America/Indiana/Tell_City" " " \ +"America/Indiana/Vevay" " " \ +"America/Indiana/Vincennes" " " \ +"America/Indiana/Winamac" " " \ +"America/Indianapolis" " " \ +"America/Inuvik" " " \ +"America/Iqaluit" " " \ +"America/Jamaica" " " \ +"America/Jujuy" " " \ +"America/Juneau" " " \ +"America/Kentucky/Louisville" " " \ +"America/Kentucky/Monticello" " " \ +"America/Knox_IN" " " \ +"America/Kralendijk" " " \ +"America/La_Paz" " " \ +"America/Lima" " " \ +"America/Los_Angeles" " " \ +"America/Louisville" " " \ +"America/Lower_Princes" " " \ +"America/Maceio" " " \ +"America/Managua" " " \ +"America/Manaus" " " \ +"America/Marigot" " " \ +"America/Martinique" " " \ +"America/Matamoros" " " \ +"America/Mazatlan" " " \ +"America/Mendoza" " " \ +"America/Menominee" " " \ +"America/Merida" " " \ +"America/Metlakatla" " " \ +"America/Mexico_City" " " \ +"America/Miquelon" " " \ +"America/Moncton" " " \ +"America/Monterrey" " " \ +"America/Montevideo" " " \ +"America/Montreal" " " \ +"America/Montserrat" " " \ +"America/Nassau" " " \ +"America/New_York" " " \ +"America/Nipigon" " " \ +"America/Nome" " " \ +"America/Noronha" " " \ +"America/North_Dakota/Beulah" " " \ +"America/North_Dakota/Center" " " \ +"America/North_Dakota/New_Salem" " " \ +"America/Ojinaga" " " \ +"America/Panama" " " \ +"America/Pangnirtung" " " \ +"America/Paramaribo" " " \ +"America/Phoenix" " " \ +"America/Port-au-Prince" " " \ +"America/Port_of_Spain" " " \ +"America/Porto_Acre" " " \ +"America/Porto_Velho" " " \ +"America/Puerto_Rico" " " \ +"America/Rainy_River" " " \ +"America/Rankin_Inlet" " " \ +"America/Recife" " " \ +"America/Regina" " " \ +"America/Resolute" " " \ +"America/Rio_Branco" " " \ +"America/Rosario" " " \ +"America/Santa_Isabel" " " \ +"America/Santarem" " " \ +"America/Santiago" " " \ +"America/Santo_Domingo" " " \ +"America/Sao_Paulo" " " \ +"America/Scoresbysund" " " \ +"America/Shiprock" " " \ +"America/Sitka" " " \ +"America/St_Barthelemy" " " \ +"America/St_Johns" " " \ +"America/St_Kitts" " " \ +"America/St_Lucia" " " \ +"America/St_Thomas" " " \ +"America/St_Vincent" " " \ +"America/Swift_Current" " " \ +"America/Tegucigalpa" " " \ +"America/Thule" " " \ +"America/Thunder_Bay" " " \ +"America/Tijuana" " " \ +"America/Toronto" " " \ +"America/Tortola" " " \ +"America/Vancouver" " " \ +"America/Virgin" " " \ +"America/Whitehorse" " " \ +"America/Winnipeg" " " \ +"America/Yakutat" " " \ +"America/Yellowknife" " " \ +"Antarctica/Casey" " " \ +"Antarctica/Davis" " " \ +"Antarctica/DumontDUrville" " " \ +"Antarctica/Macquarie" " " \ +"Antarctica/Mawson" " " \ +"Antarctica/McMurdo" " " \ +"Antarctica/Palmer" " " \ +"Antarctica/Rothera" " " \ +"Antarctica/South_Pole" " " \ +"Antarctica/Syowa" " " \ +"Antarctica/Troll" " " \ +"Antarctica/Vostok" " " \ +"Arctic/Longyearbyen" " " \ +"Asia/Aden" " " \ +"Asia/Almaty" " " \ +"Asia/Amman" " " \ +"Asia/Anadyr" " " \ +"Asia/Aqtau" " " \ +"Asia/Aqtobe" " " \ +"Asia/Ashgabat" " " \ +"Asia/Ashkhabad" " " \ +"Asia/Baghdad" " " \ +"Asia/Bahrain" " " \ +"Asia/Baku" " " \ +"Asia/Bangkok" " " \ +"Asia/Beirut" " " \ +"Asia/Bishkek" " " \ +"Asia/Brunei" " " \ +"Asia/Calcutta" " " \ +"Asia/Chita" " " \ +"Asia/Choibalsan" " " \ +"Asia/Chongqing" " " \ +"Asia/Chungking" " " \ +"Asia/Colombo" " " \ +"Asia/Dacca" " " \ +"Asia/Damascus" " " \ +"Asia/Dhaka" " " \ +"Asia/Dili" " " \ +"Asia/Dubai" " " \ +"Asia/Dushanbe" " " \ +"Asia/Gaza" " " \ +"Asia/Harbin" " " \ +"Asia/Hebron" " " \ +"Asia/Ho_Chi_Minh" " " \ +"Asia/Hong_Kong" " " \ +"Asia/Hovd" " " \ +"Asia/Irkutsk" " " \ +"Asia/Istanbul" " " \ +"Asia/Jakarta" " " \ +"Asia/Jayapura" " " \ +"Asia/Jerusalem" " " \ +"Asia/Kabul" " " \ +"Asia/Kamchatka" " " \ +"Asia/Karachi" " " \ +"Asia/Kashgar" " " \ +"Asia/Kathmandu" " " \ +"Asia/Katmandu" " " \ +"Asia/Khandyga" " " \ +"Asia/Kolkata" " " \ +"Asia/Krasnoyarsk" " " \ +"Asia/Kuala_Lumpur" " " \ +"Asia/Kuching" " " \ +"Asia/Kuwait" " " \ +"Asia/Macao" " " \ +"Asia/Macau" " " \ +"Asia/Magadan" " " \ +"Asia/Makassar" " " \ +"Asia/Manila" " " \ +"Asia/Muscat" " " \ +"Asia/Nicosia" " " \ +"Asia/Novokuznetsk" " " \ +"Asia/Novosibirsk" " " \ +"Asia/Omsk" " " \ +"Asia/Oral" " " \ +"Asia/Phnom_Penh" " " \ +"Asia/Pontianak" " " \ +"Asia/Pyongyang" " " \ +"Asia/Qatar" " " \ +"Asia/Qyzylorda" " " \ +"Asia/Rangoon" " " \ +"Asia/Riyadh" " " \ +"Asia/Saigon" " " \ +"Asia/Sakhalin" " " \ +"Asia/Samarkand" " " \ +"Asia/Seoul" " " \ +"Asia/Shanghai" " " \ +"Asia/Singapore" " " \ +"Asia/Srednekolymsk" " " \ +"Asia/Taipei" " " \ +"Asia/Tashkent" " " \ +"Asia/Tbilisi" " " \ +"Asia/Tehran" " " \ +"Asia/Tel_Aviv" " " \ +"Asia/Thimbu" " " \ +"Asia/Thimphu" " " \ +"Asia/Tokyo" " " \ +"Asia/Ujung_Pandang" " " \ +"Asia/Ulaanbaatar" " " \ +"Asia/Ulan_Bator" " " \ +"Asia/Urumqi" " " \ +"Asia/Ust-Nera" " " \ +"Asia/Vientiane" " " \ +"Asia/Vladivostok" " " \ +"Asia/Yakutsk" " " \ +"Asia/Yekaterinburg" " " \ +"Asia/Yerevan" " " \ +"Atlantic/Azores" " " \ +"Atlantic/Bermuda" " " \ +"Atlantic/Canary" " " \ +"Atlantic/Cape_Verde" " " \ +"Atlantic/Faeroe" " " \ +"Atlantic/Faroe" " " \ +"Atlantic/Jan_Mayen" " " \ +"Atlantic/Madeira" " " \ +"Atlantic/Reykjavik" " " \ +"Atlantic/South_Georgia" " " \ +"Atlantic/St_Helena" " " \ +"Atlantic/Stanley" " " \ +"Australia/ACT" " " \ +"Australia/Adelaide" " " \ +"Australia/Brisbane" " " \ +"Australia/Broken_Hill" " " \ +"Australia/Canberra" " " \ +"Australia/Currie" " " \ +"Australia/Darwin" " " \ +"Australia/Eucla" " " \ +"Australia/Hobart" " " \ +"Australia/LHI" " " \ +"Australia/Lindeman" " " \ +"Australia/Lord_Howe" " " \ +"Australia/Melbourne" " " \ +"Australia/NSW" " " \ +"Australia/North" " " \ +"Australia/Perth" " " \ +"Australia/Queensland" " " \ +"Australia/South" " " \ +"Australia/Sydney" " " \ +"Australia/Tasmania" " " \ +"Australia/Victoria" " " \ +"Australia/West" " " \ +"Australia/Yancowinna" " " \ +"Brazil/Acre" " " \ +"Brazil/DeNoronha" " " \ +"Brazil/East" " " \ +"Brazil/West" " " \ +"CET" " " \ +"CST6CDT" " " \ +"Canada/Atlantic" " " \ +"Canada/Central" " " \ +"Canada/East-Saskatchewan" " " \ +"Canada/Eastern" " " \ +"Canada/Mountain" " " \ +"Canada/Newfoundland" " " \ +"Canada/Pacific" " " \ +"Canada/Saskatchewan" " " \ +"Canada/Yukon" " " \ +"Chile/Continental" " " \ +"Chile/EasterIsland" " " \ +"Cuba" " " \ +"EET" " " \ +"EST" " " \ +"EST5EDT" " " \ +"Egypt" " " \ +"Eire" " " \ +"Etc/GMT" " " \ +"Etc/GMT+0" " " \ +"Etc/GMT+1" " " \ +"Etc/GMT+10" " " \ +"Etc/GMT+11" " " \ +"Etc/GMT+12" " " \ +"Etc/GMT+2" " " \ +"Etc/GMT+3" " " \ +"Etc/GMT+4" " " \ +"Etc/GMT+5" " " \ +"Etc/GMT+6" " " \ +"Etc/GMT+7" " " \ +"Etc/GMT+8" " " \ +"Etc/GMT+9" " " \ +"Etc/GMT-0" " " \ +"Etc/GMT-1" " " \ +"Etc/GMT-10" " " \ +"Etc/GMT-11" " " \ +"Etc/GMT-12" " " \ +"Etc/GMT-13" " " \ +"Etc/GMT-14" " " \ +"Etc/GMT-2" " " \ +"Etc/GMT-3" " " \ +"Etc/GMT-4" " " \ +"Etc/GMT-5" " " \ +"Etc/GMT-6" " " \ +"Etc/GMT-7" " " \ +"Etc/GMT-8" " " \ +"Etc/GMT-9" " " \ +"Etc/GMT0" " " \ +"Etc/Greenwich" " " \ +"Etc/UCT" " " \ +"Etc/UTC" " " \ +"Etc/Universal" " " \ +"Etc/Zulu" " " \ +"Europe/Amsterdam" " " \ +"Europe/Andorra" " " \ +"Europe/Athens" " " \ +"Europe/Belfast" " " \ +"Europe/Belgrade" " " \ +"Europe/Berlin" " " \ +"Europe/Bratislava" " " \ +"Europe/Brussels" " " \ +"Europe/Bucharest" " " \ +"Europe/Budapest" " " \ +"Europe/Busingen" " " \ +"Europe/Chisinau" " " \ +"Europe/Copenhagen" " " \ +"Europe/Dublin" " " \ +"Europe/Gibraltar" " " \ +"Europe/Guernsey" " " \ +"Europe/Helsinki" " " \ +"Europe/Isle_of_Man" " " \ +"Europe/Istanbul" " " \ +"Europe/Jersey" " " \ +"Europe/Kaliningrad" " " \ +"Europe/Kiev" " " \ +"Europe/Lisbon" " " \ +"Europe/Ljubljana" " " \ +"Europe/London" " " \ +"Europe/Luxembourg" " " \ +"Europe/Madrid" " " \ +"Europe/Malta" " " \ +"Europe/Mariehamn" " " \ +"Europe/Minsk" " " \ +"Europe/Monaco" " " \ +"Europe/Moscow" " " \ +"Europe/Nicosia" " " \ +"Europe/Oslo" " " \ +"Europe/Paris" " " \ +"Europe/Podgorica" " " \ +"Europe/Prague" " " \ +"Europe/Riga" " " \ +"Europe/Rome" " " \ +"Europe/Samara" " " \ +"Europe/San_Marino" " " \ +"Europe/Sarajevo" " " \ +"Europe/Simferopol" " " \ +"Europe/Skopje" " " \ +"Europe/Sofia" " " \ +"Europe/Stockholm" " " \ +"Europe/Tallinn" " " \ +"Europe/Tirane" " " \ +"Europe/Tiraspol" " " \ +"Europe/Uzhgorod" " " \ +"Europe/Vaduz" " " \ +"Europe/Vatican" " " \ +"Europe/Vienna" " " \ +"Europe/Vilnius" " " \ +"Europe/Volgograd" " " \ +"Europe/Warsaw" " " \ +"Europe/Zagreb" " " \ +"Europe/Zaporozhye" " " \ +"Europe/Zurich" " " \ +"Factory" " " \ +"GB" " " \ +"GB-Eire" " " \ +"GMT" " " \ +"GMT+0" " " \ +"GMT-0" " " \ +"GMT0" " " \ +"Greenwich" " " \ +"HST" " " \ +"Hongkong" " " \ +"Iceland" " " \ +"Indian/Antananarivo" " " \ +"Indian/Chagos" " " \ +"Indian/Christmas" " " \ +"Indian/Cocos" " " \ +"Indian/Comoro" " " \ +"Indian/Kerguelen" " " \ +"Indian/Mahe" " " \ +"Indian/Maldives" " " \ +"Indian/Mauritius" " " \ +"Indian/Mayotte" " " \ +"Indian/Reunion" " " \ +"Iran" " " \ +"Israel" " " \ +"Jamaica" " " \ +"Japan" " " \ +"Kwajalein" " " \ +"Libya" " " \ +"MET" " " \ +"MST" " " \ +"MST7MDT" " " \ +"Mexico/BajaNorte" " " \ +"Mexico/BajaSur" " " \ +"Mexico/General" " " \ +"NZ" " " \ +"NZ-CHAT" " " \ +"Navajo" " " \ +"PRC" " " \ +"PST8PDT" " " \ +"Pacific/Apia" " " \ +"Pacific/Auckland" " " \ +"Pacific/Bougainville" " " \ +"Pacific/Chatham" " " \ +"Pacific/Chuuk" " " \ +"Pacific/Easter" " " \ +"Pacific/Efate" " " \ +"Pacific/Enderbury" " " \ +"Pacific/Fakaofo" " " \ +"Pacific/Fiji" " " \ +"Pacific/Funafuti" " " \ +"Pacific/Galapagos" " " \ +"Pacific/Gambier" " " \ +"Pacific/Guadalcanal" " " \ +"Pacific/Guam" " " \ +"Pacific/Honolulu" " " \ +"Pacific/Johnston" " " \ +"Pacific/Kiritimati" " " \ +"Pacific/Kosrae" " " \ +"Pacific/Kwajalein" " " \ +"Pacific/Majuro" " " \ +"Pacific/Marquesas" " " \ +"Pacific/Midway" " " \ +"Pacific/Nauru" " " \ +"Pacific/Niue" " " \ +"Pacific/Norfolk" " " \ +"Pacific/Noumea" " " \ +"Pacific/Pago_Pago" " " \ +"Pacific/Palau" " " \ +"Pacific/Pitcairn" " " \ +"Pacific/Pohnpei" " " \ +"Pacific/Ponape" " " \ +"Pacific/Port_Moresby" " " \ +"Pacific/Rarotonga" " " \ +"Pacific/Saipan" " " \ +"Pacific/Samoa" " " \ +"Pacific/Tahiti" " " \ +"Pacific/Tarawa" " " \ +"Pacific/Tongatapu" " " \ +"Pacific/Truk" " " \ +"Pacific/Wake" " " \ +"Pacific/Wallis" " " \ +"Pacific/Yap" " " \ +"Poland" " " \ +"Portugal" " " \ +"ROC" " " \ +"ROK" " " \ +"Singapore" " " \ +"Turkey" " " \ +"UCT" " " \ +"UTC" " " \ +"Universal" " " \ +"W-SU" " " \ +"WET" " " \ +"Zulu" " " \ +"posix/Africa/Abidjan" " " \ +"posix/Africa/Accra" " " \ +"posix/Africa/Addis_Ababa" " " \ +"posix/Africa/Algiers" " " \ +"posix/Africa/Asmara" " " \ +"posix/Africa/Asmera" " " \ +"posix/Africa/Bamako" " " \ +"posix/Africa/Bangui" " " \ +"posix/Africa/Banjul" " " \ +"posix/Africa/Bissau" " " \ +"posix/Africa/Blantyre" " " \ +"posix/Africa/Brazzaville" " " \ +"posix/Africa/Bujumbura" " " \ +"posix/Africa/Cairo" " " \ +"posix/Africa/Casablanca" " " \ +"posix/Africa/Ceuta" " " \ +"posix/Africa/Conakry" " " \ +"posix/Africa/Dakar" " " \ +"posix/Africa/Dar_es_Salaam" " " \ +"posix/Africa/Djibouti" " " \ +"posix/Africa/Douala" " " \ +"posix/Africa/El_Aaiun" " " \ +"posix/Africa/Freetown" " " \ +"posix/Africa/Gaborone" " " \ +"posix/Africa/Harare" " " \ +"posix/Africa/Johannesburg" " " \ +"posix/Africa/Juba" " " \ +"posix/Africa/Kampala" " " \ +"posix/Africa/Khartoum" " " \ +"posix/Africa/Kigali" " " \ +"posix/Africa/Kinshasa" " " \ +"posix/Africa/Lagos" " " \ +"posix/Africa/Libreville" " " \ +"posix/Africa/Lome" " " \ +"posix/Africa/Luanda" " " \ +"posix/Africa/Lubumbashi" " " \ +"posix/Africa/Lusaka" " " \ +"posix/Africa/Malabo" " " \ +"posix/Africa/Maputo" " " \ +"posix/Africa/Maseru" " " \ +"posix/Africa/Mbabane" " " \ +"posix/Africa/Mogadishu" " " \ +"posix/Africa/Monrovia" " " \ +"posix/Africa/Nairobi" " " \ +"posix/Africa/Ndjamena" " " \ +"posix/Africa/Niamey" " " \ +"posix/Africa/Nouakchott" " " \ +"posix/Africa/Ouagadougou" " " \ +"posix/Africa/Porto-Novo" " " \ +"posix/Africa/Sao_Tome" " " \ +"posix/Africa/Timbuktu" " " \ +"posix/Africa/Tripoli" " " \ +"posix/Africa/Tunis" " " \ +"posix/Africa/Windhoek" " " \ +"posix/America/Adak" " " \ +"posix/America/Anchorage" " " \ +"posix/America/Anguilla" " " \ +"posix/America/Antigua" " " \ +"posix/America/Araguaina" " " \ +"posix/America/Argentina/Buenos_Aires" " " \ +"posix/America/Argentina/Catamarca" " " \ +"posix/America/Argentina/ComodRivadavia" " " \ +"posix/America/Argentina/Cordoba" " " \ +"posix/America/Argentina/Jujuy" " " \ +"posix/America/Argentina/La_Rioja" " " \ +"posix/America/Argentina/Mendoza" " " \ +"posix/America/Argentina/Rio_Gallegos" " " \ +"posix/America/Argentina/Salta" " " \ +"posix/America/Argentina/San_Juan" " " \ +"posix/America/Argentina/San_Luis" " " \ +"posix/America/Argentina/Tucuman" " " \ +"posix/America/Argentina/Ushuaia" " " \ +"posix/America/Aruba" " " \ +"posix/America/Asuncion" " " \ +"posix/America/Atikokan" " " \ +"posix/America/Atka" " " \ +"posix/America/Bahia" " " \ +"posix/America/Bahia_Banderas" " " \ +"posix/America/Barbados" " " \ +"posix/America/Belem" " " \ +"posix/America/Belize" " " \ +"posix/America/Blanc-Sablon" " " \ +"posix/America/Boa_Vista" " " \ +"posix/America/Bogota" " " \ +"posix/America/Boise" " " \ +"posix/America/Buenos_Aires" " " \ +"posix/America/Cambridge_Bay" " " \ +"posix/America/Campo_Grande" " " \ +"posix/America/Cancun" " " \ +"posix/America/Caracas" " " \ +"posix/America/Catamarca" " " \ +"posix/America/Cayenne" " " \ +"posix/America/Cayman" " " \ +"posix/America/Chicago" " " \ +"posix/America/Chihuahua" " " \ +"posix/America/Coral_Harbour" " " \ +"posix/America/Cordoba" " " \ +"posix/America/Costa_Rica" " " \ +"posix/America/Creston" " " \ +"posix/America/Cuiaba" " " \ +"posix/America/Curacao" " " \ +"posix/America/Danmarkshavn" " " \ +"posix/America/Dawson" " " \ +"posix/America/Dawson_Creek" " " \ +"posix/America/Denver" " " \ +"posix/America/Detroit" " " \ +"posix/America/Dominica" " " \ +"posix/America/Edmonton" " " \ +"posix/America/Eirunepe" " " \ +"posix/America/El_Salvador" " " \ +"posix/America/Ensenada" " " \ +"posix/America/Fort_Wayne" " " \ +"posix/America/Fortaleza" " " \ +"posix/America/Glace_Bay" " " \ +"posix/America/Godthab" " " \ +"posix/America/Goose_Bay" " " \ +"posix/America/Grand_Turk" " " \ +"posix/America/Grenada" " " \ +"posix/America/Guadeloupe" " " \ +"posix/America/Guatemala" " " \ +"posix/America/Guayaquil" " " \ +"posix/America/Guyana" " " \ +"posix/America/Halifax" " " \ +"posix/America/Havana" " " \ +"posix/America/Hermosillo" " " \ +"posix/America/Indiana/Indianapolis" " " \ +"posix/America/Indiana/Knox" " " \ +"posix/America/Indiana/Marengo" " " \ +"posix/America/Indiana/Petersburg" " " \ +"posix/America/Indiana/Tell_City" " " \ +"posix/America/Indiana/Vevay" " " \ +"posix/America/Indiana/Vincennes" " " \ +"posix/America/Indiana/Winamac" " " \ +"posix/America/Indianapolis" " " \ +"posix/America/Inuvik" " " \ +"posix/America/Iqaluit" " " \ +"posix/America/Jamaica" " " \ +"posix/America/Jujuy" " " \ +"posix/America/Juneau" " " \ +"posix/America/Kentucky/Louisville" " " \ +"posix/America/Kentucky/Monticello" " " \ +"posix/America/Knox_IN" " " \ +"posix/America/Kralendijk" " " \ +"posix/America/La_Paz" " " \ +"posix/America/Lima" " " \ +"posix/America/Los_Angeles" " " \ +"posix/America/Louisville" " " \ +"posix/America/Lower_Princes" " " \ +"posix/America/Maceio" " " \ +"posix/America/Managua" " " \ +"posix/America/Manaus" " " \ +"posix/America/Marigot" " " \ +"posix/America/Martinique" " " \ +"posix/America/Matamoros" " " \ +"posix/America/Mazatlan" " " \ +"posix/America/Mendoza" " " \ +"posix/America/Menominee" " " \ +"posix/America/Merida" " " \ +"posix/America/Metlakatla" " " \ +"posix/America/Mexico_City" " " \ +"posix/America/Miquelon" " " \ +"posix/America/Moncton" " " \ +"posix/America/Monterrey" " " \ +"posix/America/Montevideo" " " \ +"posix/America/Montreal" " " \ +"posix/America/Montserrat" " " \ +"posix/America/Nassau" " " \ +"posix/America/New_York" " " \ +"posix/America/Nipigon" " " \ +"posix/America/Nome" " " \ +"posix/America/Noronha" " " \ +"posix/America/North_Dakota/Beulah" " " \ +"posix/America/North_Dakota/Center" " " \ +"posix/America/North_Dakota/New_Salem" " " \ +"posix/America/Ojinaga" " " \ +"posix/America/Panama" " " \ +"posix/America/Pangnirtung" " " \ +"posix/America/Paramaribo" " " \ +"posix/America/Phoenix" " " \ +"posix/America/Port-au-Prince" " " \ +"posix/America/Port_of_Spain" " " \ +"posix/America/Porto_Acre" " " \ +"posix/America/Porto_Velho" " " \ +"posix/America/Puerto_Rico" " " \ +"posix/America/Rainy_River" " " \ +"posix/America/Rankin_Inlet" " " \ +"posix/America/Recife" " " \ +"posix/America/Regina" " " \ +"posix/America/Resolute" " " \ +"posix/America/Rio_Branco" " " \ +"posix/America/Rosario" " " \ +"posix/America/Santa_Isabel" " " \ +"posix/America/Santarem" " " \ +"posix/America/Santiago" " " \ +"posix/America/Santo_Domingo" " " \ +"posix/America/Sao_Paulo" " " \ +"posix/America/Scoresbysund" " " \ +"posix/America/Shiprock" " " \ +"posix/America/Sitka" " " \ +"posix/America/St_Barthelemy" " " \ +"posix/America/St_Johns" " " \ +"posix/America/St_Kitts" " " \ +"posix/America/St_Lucia" " " \ +"posix/America/St_Thomas" " " \ +"posix/America/St_Vincent" " " \ +"posix/America/Swift_Current" " " \ +"posix/America/Tegucigalpa" " " \ +"posix/America/Thule" " " \ +"posix/America/Thunder_Bay" " " \ +"posix/America/Tijuana" " " \ +"posix/America/Toronto" " " \ +"posix/America/Tortola" " " \ +"posix/America/Vancouver" " " \ +"posix/America/Virgin" " " \ +"posix/America/Whitehorse" " " \ +"posix/America/Winnipeg" " " \ +"posix/America/Yakutat" " " \ +"posix/America/Yellowknife" " " \ +"posix/Antarctica/Casey" " " \ +"posix/Antarctica/Davis" " " \ +"posix/Antarctica/DumontDUrville" " " \ +"posix/Antarctica/Macquarie" " " \ +"posix/Antarctica/Mawson" " " \ +"posix/Antarctica/McMurdo" " " \ +"posix/Antarctica/Palmer" " " \ +"posix/Antarctica/Rothera" " " \ +"posix/Antarctica/South_Pole" " " \ +"posix/Antarctica/Syowa" " " \ +"posix/Antarctica/Troll" " " \ +"posix/Antarctica/Vostok" " " \ +"posix/Arctic/Longyearbyen" " " \ +"posix/Asia/Aden" " " \ +"posix/Asia/Almaty" " " \ +"posix/Asia/Amman" " " \ +"posix/Asia/Anadyr" " " \ +"posix/Asia/Aqtau" " " \ +"posix/Asia/Aqtobe" " " \ +"posix/Asia/Ashgabat" " " \ +"posix/Asia/Ashkhabad" " " \ +"posix/Asia/Baghdad" " " \ +"posix/Asia/Bahrain" " " \ +"posix/Asia/Baku" " " \ +"posix/Asia/Bangkok" " " \ +"posix/Asia/Beirut" " " \ +"posix/Asia/Bishkek" " " \ +"posix/Asia/Brunei" " " \ +"posix/Asia/Calcutta" " " \ +"posix/Asia/Chita" " " \ +"posix/Asia/Choibalsan" " " \ +"posix/Asia/Chongqing" " " \ +"posix/Asia/Chungking" " " \ +"posix/Asia/Colombo" " " \ +"posix/Asia/Dacca" " " \ +"posix/Asia/Damascus" " " \ +"posix/Asia/Dhaka" " " \ +"posix/Asia/Dili" " " \ +"posix/Asia/Dubai" " " \ +"posix/Asia/Dushanbe" " " \ +"posix/Asia/Gaza" " " \ +"posix/Asia/Harbin" " " \ +"posix/Asia/Hebron" " " \ +"posix/Asia/Ho_Chi_Minh" " " \ +"posix/Asia/Hong_Kong" " " \ +"posix/Asia/Hovd" " " \ +"posix/Asia/Irkutsk" " " \ +"posix/Asia/Istanbul" " " \ +"posix/Asia/Jakarta" " " \ +"posix/Asia/Jayapura" " " \ +"posix/Asia/Jerusalem" " " \ +"posix/Asia/Kabul" " " \ +"posix/Asia/Kamchatka" " " \ +"posix/Asia/Karachi" " " \ +"posix/Asia/Kashgar" " " \ +"posix/Asia/Kathmandu" " " \ +"posix/Asia/Katmandu" " " \ +"posix/Asia/Khandyga" " " \ +"posix/Asia/Kolkata" " " \ +"posix/Asia/Krasnoyarsk" " " \ +"posix/Asia/Kuala_Lumpur" " " \ +"posix/Asia/Kuching" " " \ +"posix/Asia/Kuwait" " " \ +"posix/Asia/Macao" " " \ +"posix/Asia/Macau" " " \ +"posix/Asia/Magadan" " " \ +"posix/Asia/Makassar" " " \ +"posix/Asia/Manila" " " \ +"posix/Asia/Muscat" " " \ +"posix/Asia/Nicosia" " " \ +"posix/Asia/Novokuznetsk" " " \ +"posix/Asia/Novosibirsk" " " \ +"posix/Asia/Omsk" " " \ +"posix/Asia/Oral" " " \ +"posix/Asia/Phnom_Penh" " " \ +"posix/Asia/Pontianak" " " \ +"posix/Asia/Pyongyang" " " \ +"posix/Asia/Qatar" " " \ +"posix/Asia/Qyzylorda" " " \ +"posix/Asia/Rangoon" " " \ +"posix/Asia/Riyadh" " " \ +"posix/Asia/Saigon" " " \ +"posix/Asia/Sakhalin" " " \ +"posix/Asia/Samarkand" " " \ +"posix/Asia/Seoul" " " \ +"posix/Asia/Shanghai" " " \ +"posix/Asia/Singapore" " " \ +"posix/Asia/Srednekolymsk" " " \ +"posix/Asia/Taipei" " " \ +"posix/Asia/Tashkent" " " \ +"posix/Asia/Tbilisi" " " \ +"posix/Asia/Tehran" " " \ +"posix/Asia/Tel_Aviv" " " \ +"posix/Asia/Thimbu" " " \ +"posix/Asia/Thimphu" " " \ +"posix/Asia/Tokyo" " " \ +"posix/Asia/Ujung_Pandang" " " \ +"posix/Asia/Ulaanbaatar" " " \ +"posix/Asia/Ulan_Bator" " " \ +"posix/Asia/Urumqi" " " \ +"posix/Asia/Ust-Nera" " " \ +"posix/Asia/Vientiane" " " \ +"posix/Asia/Vladivostok" " " \ +"posix/Asia/Yakutsk" " " \ +"posix/Asia/Yekaterinburg" " " \ +"posix/Asia/Yerevan" " " \ +"posix/Atlantic/Azores" " " \ +"posix/Atlantic/Bermuda" " " \ +"posix/Atlantic/Canary" " " \ +"posix/Atlantic/Cape_Verde" " " \ +"posix/Atlantic/Faeroe" " " \ +"posix/Atlantic/Faroe" " " \ +"posix/Atlantic/Jan_Mayen" " " \ +"posix/Atlantic/Madeira" " " \ +"posix/Atlantic/Reykjavik" " " \ +"posix/Atlantic/South_Georgia" " " \ +"posix/Atlantic/St_Helena" " " \ +"posix/Atlantic/Stanley" " " \ +"posix/Australia/ACT" " " \ +"posix/Australia/Adelaide" " " \ +"posix/Australia/Brisbane" " " \ +"posix/Australia/Broken_Hill" " " \ +"posix/Australia/Canberra" " " \ +"posix/Australia/Currie" " " \ +"posix/Australia/Darwin" " " \ +"posix/Australia/Eucla" " " \ +"posix/Australia/Hobart" " " \ +"posix/Australia/LHI" " " \ +"posix/Australia/Lindeman" " " \ +"posix/Australia/Lord_Howe" " " \ +"posix/Australia/Melbourne" " " \ +"posix/Australia/NSW" " " \ +"posix/Australia/North" " " \ +"posix/Australia/Perth" " " \ +"posix/Australia/Queensland" " " \ +"posix/Australia/South" " " \ +"posix/Australia/Sydney" " " \ +"posix/Australia/Tasmania" " " \ +"posix/Australia/Victoria" " " \ +"posix/Australia/West" " " \ +"posix/Australia/Yancowinna" " " \ +"posix/Brazil/Acre" " " \ +"posix/Brazil/DeNoronha" " " \ +"posix/Brazil/East" " " \ +"posix/Brazil/West" " " \ +"posix/CET" " " \ +"posix/CST6CDT" " " \ +"posix/Canada/Atlantic" " " \ +"posix/Canada/Central" " " \ +"posix/Canada/East-Saskatchewan" " " \ +"posix/Canada/Eastern" " " \ +"posix/Canada/Mountain" " " \ +"posix/Canada/Newfoundland" " " \ +"posix/Canada/Pacific" " " \ +"posix/Canada/Saskatchewan" " " \ +"posix/Canada/Yukon" " " \ +"posix/Chile/Continental" " " \ +"posix/Chile/EasterIsland" " " \ +"posix/Cuba" " " \ +"posix/EET" " " \ +"posix/EST" " " \ +"posix/EST5EDT" " " \ +"posix/Egypt" " " \ +"posix/Eire" " " \ +"posix/Etc/GMT" " " \ +"posix/Etc/GMT+0" " " \ +"posix/Etc/GMT+1" " " \ +"posix/Etc/GMT+10" " " \ +"posix/Etc/GMT+11" " " \ +"posix/Etc/GMT+12" " " \ +"posix/Etc/GMT+2" " " \ +"posix/Etc/GMT+3" " " \ +"posix/Etc/GMT+4" " " \ +"posix/Etc/GMT+5" " " \ +"posix/Etc/GMT+6" " " \ +"posix/Etc/GMT+7" " " \ +"posix/Etc/GMT+8" " " \ +"posix/Etc/GMT+9" " " \ +"posix/Etc/GMT-0" " " \ +"posix/Etc/GMT-1" " " \ +"posix/Etc/GMT-10" " " \ +"posix/Etc/GMT-11" " " \ +"posix/Etc/GMT-12" " " \ +"posix/Etc/GMT-13" " " \ +"posix/Etc/GMT-14" " " \ +"posix/Etc/GMT-2" " " \ +"posix/Etc/GMT-3" " " \ +"posix/Etc/GMT-4" " " \ +"posix/Etc/GMT-5" " " \ +"posix/Etc/GMT-6" " " \ +"posix/Etc/GMT-7" " " \ +"posix/Etc/GMT-8" " " \ +"posix/Etc/GMT-9" " " \ +"posix/Etc/GMT0" " " \ +"posix/Etc/Greenwich" " " \ +"posix/Etc/UCT" " " \ +"posix/Etc/UTC" " " \ +"posix/Etc/Universal" " " \ +"posix/Etc/Zulu" " " \ +"posix/Europe/Amsterdam" " " \ +"posix/Europe/Andorra" " " \ +"posix/Europe/Athens" " " \ +"posix/Europe/Belfast" " " \ +"posix/Europe/Belgrade" " " \ +"posix/Europe/Berlin" " " \ +"posix/Europe/Bratislava" " " \ +"posix/Europe/Brussels" " " \ +"posix/Europe/Bucharest" " " \ +"posix/Europe/Budapest" " " \ +"posix/Europe/Busingen" " " \ +"posix/Europe/Chisinau" " " \ +"posix/Europe/Copenhagen" " " \ +"posix/Europe/Dublin" " " \ +"posix/Europe/Gibraltar" " " \ +"posix/Europe/Guernsey" " " \ +"posix/Europe/Helsinki" " " \ +"posix/Europe/Isle_of_Man" " " \ +"posix/Europe/Istanbul" " " \ +"posix/Europe/Jersey" " " \ +"posix/Europe/Kaliningrad" " " \ +"posix/Europe/Kiev" " " \ +"posix/Europe/Lisbon" " " \ +"posix/Europe/Ljubljana" " " \ +"posix/Europe/London" " " \ +"posix/Europe/Luxembourg" " " \ +"posix/Europe/Madrid" " " \ +"posix/Europe/Malta" " " \ +"posix/Europe/Mariehamn" " " \ +"posix/Europe/Minsk" " " \ +"posix/Europe/Monaco" " " \ +"posix/Europe/Moscow" " " \ +"posix/Europe/Nicosia" " " \ +"posix/Europe/Oslo" " " \ +"posix/Europe/Paris" " " \ +"posix/Europe/Podgorica" " " \ +"posix/Europe/Prague" " " \ +"posix/Europe/Riga" " " \ +"posix/Europe/Rome" " " \ +"posix/Europe/Samara" " " \ +"posix/Europe/San_Marino" " " \ +"posix/Europe/Sarajevo" " " \ +"posix/Europe/Simferopol" " " \ +"posix/Europe/Skopje" " " \ +"posix/Europe/Sofia" " " \ +"posix/Europe/Stockholm" " " \ +"posix/Europe/Tallinn" " " \ +"posix/Europe/Tirane" " " \ +"posix/Europe/Tiraspol" " " \ +"posix/Europe/Uzhgorod" " " \ +"posix/Europe/Vaduz" " " \ +"posix/Europe/Vatican" " " \ +"posix/Europe/Vienna" " " \ +"posix/Europe/Vilnius" " " \ +"posix/Europe/Volgograd" " " \ +"posix/Europe/Warsaw" " " \ +"posix/Europe/Zagreb" " " \ +"posix/Europe/Zaporozhye" " " \ +"posix/Europe/Zurich" " " \ +"posix/Factory" " " \ +"posix/GB" " " \ +"posix/GB-Eire" " " \ +"posix/GMT" " " \ +"posix/GMT+0" " " \ +"posix/GMT-0" " " \ +"posix/GMT0" " " \ +"posix/Greenwich" " " \ +"posix/HST" " " \ +"posix/Hongkong" " " \ +"posix/Iceland" " " \ +"posix/Indian/Antananarivo" " " \ +"posix/Indian/Chagos" " " \ +"posix/Indian/Christmas" " " \ +"posix/Indian/Cocos" " " \ +"posix/Indian/Comoro" " " \ +"posix/Indian/Kerguelen" " " \ +"posix/Indian/Mahe" " " \ +"posix/Indian/Maldives" " " \ +"posix/Indian/Mauritius" " " \ +"posix/Indian/Mayotte" " " \ +"posix/Indian/Reunion" " " \ +"posix/Iran" " " \ +"posix/Israel" " " \ +"posix/Jamaica" " " \ +"posix/Japan" " " \ +"posix/Kwajalein" " " \ +"posix/Libya" " " \ +"posix/MET" " " \ +"posix/MST" " " \ +"posix/MST7MDT" " " \ +"posix/Mexico/BajaNorte" " " \ +"posix/Mexico/BajaSur" " " \ +"posix/Mexico/General" " " \ +"posix/NZ" " " \ +"posix/NZ-CHAT" " " \ +"posix/Navajo" " " \ +"posix/PRC" " " \ +"posix/PST8PDT" " " \ +"posix/Pacific/Apia" " " \ +"posix/Pacific/Auckland" " " \ +"posix/Pacific/Bougainville" " " \ +"posix/Pacific/Chatham" " " \ +"posix/Pacific/Chuuk" " " \ +"posix/Pacific/Easter" " " \ +"posix/Pacific/Efate" " " \ +"posix/Pacific/Enderbury" " " \ +"posix/Pacific/Fakaofo" " " \ +"posix/Pacific/Fiji" " " \ +"posix/Pacific/Funafuti" " " \ +"posix/Pacific/Galapagos" " " \ +"posix/Pacific/Gambier" " " \ +"posix/Pacific/Guadalcanal" " " \ +"posix/Pacific/Guam" " " \ +"posix/Pacific/Honolulu" " " \ +"posix/Pacific/Johnston" " " \ +"posix/Pacific/Kiritimati" " " \ +"posix/Pacific/Kosrae" " " \ +"posix/Pacific/Kwajalein" " " \ +"posix/Pacific/Majuro" " " \ +"posix/Pacific/Marquesas" " " \ +"posix/Pacific/Midway" " " \ +"posix/Pacific/Nauru" " " \ +"posix/Pacific/Niue" " " \ +"posix/Pacific/Norfolk" " " \ +"posix/Pacific/Noumea" " " \ +"posix/Pacific/Pago_Pago" " " \ +"posix/Pacific/Palau" " " \ +"posix/Pacific/Pitcairn" " " \ +"posix/Pacific/Pohnpei" " " \ +"posix/Pacific/Ponape" " " \ +"posix/Pacific/Port_Moresby" " " \ +"posix/Pacific/Rarotonga" " " \ +"posix/Pacific/Saipan" " " \ +"posix/Pacific/Samoa" " " \ +"posix/Pacific/Tahiti" " " \ +"posix/Pacific/Tarawa" " " \ +"posix/Pacific/Tongatapu" " " \ +"posix/Pacific/Truk" " " \ +"posix/Pacific/Wake" " " \ +"posix/Pacific/Wallis" " " \ +"posix/Pacific/Yap" " " \ +"posix/Poland" " " \ +"posix/Portugal" " " \ +"posix/ROC" " " \ +"posix/ROK" " " \ +"posix/Singapore" " " \ +"posix/Turkey" " " \ +"posix/UCT" " " \ +"posix/US/Alaska" " " \ +"posix/US/Aleutian" " " \ +"posix/US/Arizona" " " \ +"posix/US/Central" " " \ +"posix/US/East-Indiana" " " \ +"posix/US/Eastern" " " \ +"posix/US/Hawaii" " " \ +"posix/US/Indiana-Starke" " " \ +"posix/US/Michigan" " " \ +"posix/US/Mountain" " " \ +"posix/US/Pacific" " " \ +"posix/US/Pacific-New" " " \ +"posix/US/Samoa" " " \ +"posix/UTC" " " \ +"posix/Universal" " " \ +"posix/W-SU" " " \ +"posix/WET" " " \ +"posix/Zulu" " " \ +"posix/localtime" " " \ +"posix/posixrules" " " \ +"posixrules" " " \ +"right/Africa/Abidjan" " " \ +"right/Africa/Accra" " " \ +"right/Africa/Addis_Ababa" " " \ +"right/Africa/Algiers" " " \ +"right/Africa/Asmara" " " \ +"right/Africa/Asmera" " " \ +"right/Africa/Bamako" " " \ +"right/Africa/Bangui" " " \ +"right/Africa/Banjul" " " \ +"right/Africa/Bissau" " " \ +"right/Africa/Blantyre" " " \ +"right/Africa/Brazzaville" " " \ +"right/Africa/Bujumbura" " " \ +"right/Africa/Cairo" " " \ +"right/Africa/Casablanca" " " \ +"right/Africa/Ceuta" " " \ +"right/Africa/Conakry" " " \ +"right/Africa/Dakar" " " \ +"right/Africa/Dar_es_Salaam" " " \ +"right/Africa/Djibouti" " " \ +"right/Africa/Douala" " " \ +"right/Africa/El_Aaiun" " " \ +"right/Africa/Freetown" " " \ +"right/Africa/Gaborone" " " \ +"right/Africa/Harare" " " \ +"right/Africa/Johannesburg" " " \ +"right/Africa/Juba" " " \ +"right/Africa/Kampala" " " \ +"right/Africa/Khartoum" " " \ +"right/Africa/Kigali" " " \ +"right/Africa/Kinshasa" " " \ +"right/Africa/Lagos" " " \ +"right/Africa/Libreville" " " \ +"right/Africa/Lome" " " \ +"right/Africa/Luanda" " " \ +"right/Africa/Lubumbashi" " " \ +"right/Africa/Lusaka" " " \ +"right/Africa/Malabo" " " \ +"right/Africa/Maputo" " " \ +"right/Africa/Maseru" " " \ +"right/Africa/Mbabane" " " \ +"right/Africa/Mogadishu" " " \ +"right/Africa/Monrovia" " " \ +"right/Africa/Nairobi" " " \ +"right/Africa/Ndjamena" " " \ +"right/Africa/Niamey" " " \ +"right/Africa/Nouakchott" " " \ +"right/Africa/Ouagadougou" " " \ +"right/Africa/Porto-Novo" " " \ +"right/Africa/Sao_Tome" " " \ +"right/Africa/Timbuktu" " " \ +"right/Africa/Tripoli" " " \ +"right/Africa/Tunis" " " \ +"right/Africa/Windhoek" " " \ +"right/America/Adak" " " \ +"right/America/Anchorage" " " \ +"right/America/Anguilla" " " \ +"right/America/Antigua" " " \ +"right/America/Araguaina" " " \ +"right/America/Argentina/Buenos_Aires" " " \ +"right/America/Argentina/Catamarca" " " \ +"right/America/Argentina/ComodRivadavia" " " \ +"right/America/Argentina/Cordoba" " " \ +"right/America/Argentina/Jujuy" " " \ +"right/America/Argentina/La_Rioja" " " \ +"right/America/Argentina/Mendoza" " " \ +"right/America/Argentina/Rio_Gallegos" " " \ +"right/America/Argentina/Salta" " " \ +"right/America/Argentina/San_Juan" " " \ +"right/America/Argentina/San_Luis" " " \ +"right/America/Argentina/Tucuman" " " \ +"right/America/Argentina/Ushuaia" " " \ +"right/America/Aruba" " " \ +"right/America/Asuncion" " " \ +"right/America/Atikokan" " " \ +"right/America/Atka" " " \ +"right/America/Bahia" " " \ +"right/America/Bahia_Banderas" " " \ +"right/America/Barbados" " " \ +"right/America/Belem" " " \ +"right/America/Belize" " " \ +"right/America/Blanc-Sablon" " " \ +"right/America/Boa_Vista" " " \ +"right/America/Bogota" " " \ +"right/America/Boise" " " \ +"right/America/Buenos_Aires" " " \ +"right/America/Cambridge_Bay" " " \ +"right/America/Campo_Grande" " " \ +"right/America/Cancun" " " \ +"right/America/Caracas" " " \ +"right/America/Catamarca" " " \ +"right/America/Cayenne" " " \ +"right/America/Cayman" " " \ +"right/America/Chicago" " " \ +"right/America/Chihuahua" " " \ +"right/America/Coral_Harbour" " " \ +"right/America/Cordoba" " " \ +"right/America/Costa_Rica" " " \ +"right/America/Creston" " " \ +"right/America/Cuiaba" " " \ +"right/America/Curacao" " " \ +"right/America/Danmarkshavn" " " \ +"right/America/Dawson" " " \ +"right/America/Dawson_Creek" " " \ +"right/America/Denver" " " \ +"right/America/Detroit" " " \ +"right/America/Dominica" " " \ +"right/America/Edmonton" " " \ +"right/America/Eirunepe" " " \ +"right/America/El_Salvador" " " \ +"right/America/Ensenada" " " \ +"right/America/Fort_Wayne" " " \ +"right/America/Fortaleza" " " \ +"right/America/Glace_Bay" " " \ +"right/America/Godthab" " " \ +"right/America/Goose_Bay" " " \ +"right/America/Grand_Turk" " " \ +"right/America/Grenada" " " \ +"right/America/Guadeloupe" " " \ +"right/America/Guatemala" " " \ +"right/America/Guayaquil" " " \ +"right/America/Guyana" " " \ +"right/America/Halifax" " " \ +"right/America/Havana" " " \ +"right/America/Hermosillo" " " \ +"right/America/Indiana/Indianapolis" " " \ +"right/America/Indiana/Knox" " " \ +"right/America/Indiana/Marengo" " " \ +"right/America/Indiana/Petersburg" " " \ +"right/America/Indiana/Tell_City" " " \ +"right/America/Indiana/Vevay" " " \ +"right/America/Indiana/Vincennes" " " \ +"right/America/Indiana/Winamac" " " \ +"right/America/Indianapolis" " " \ +"right/America/Inuvik" " " \ +"right/America/Iqaluit" " " \ +"right/America/Jamaica" " " \ +"right/America/Jujuy" " " \ +"right/America/Juneau" " " \ +"right/America/Kentucky/Louisville" " " \ +"right/America/Kentucky/Monticello" " " \ +"right/America/Knox_IN" " " \ +"right/America/Kralendijk" " " \ +"right/America/La_Paz" " " \ +"right/America/Lima" " " \ +"right/America/Los_Angeles" " " \ +"right/America/Louisville" " " \ +"right/America/Lower_Princes" " " \ +"right/America/Maceio" " " \ +"right/America/Managua" " " \ +"right/America/Manaus" " " \ +"right/America/Marigot" " " \ +"right/America/Martinique" " " \ +"right/America/Matamoros" " " \ +"right/America/Mazatlan" " " \ +"right/America/Mendoza" " " \ +"right/America/Menominee" " " \ +"right/America/Merida" " " \ +"right/America/Metlakatla" " " \ +"right/America/Mexico_City" " " \ +"right/America/Miquelon" " " \ +"right/America/Moncton" " " \ +"right/America/Monterrey" " " \ +"right/America/Montevideo" " " \ +"right/America/Montreal" " " \ +"right/America/Montserrat" " " \ +"right/America/Nassau" " " \ +"right/America/New_York" " " \ +"right/America/Nipigon" " " \ +"right/America/Nome" " " \ +"right/America/Noronha" " " \ +"right/America/North_Dakota/Beulah" " " \ +"right/America/North_Dakota/Center" " " \ +"right/America/North_Dakota/New_Salem" " " \ +"right/America/Ojinaga" " " \ +"right/America/Panama" " " \ +"right/America/Pangnirtung" " " \ +"right/America/Paramaribo" " " \ +"right/America/Phoenix" " " \ +"right/America/Port-au-Prince" " " \ +"right/America/Port_of_Spain" " " \ +"right/America/Porto_Acre" " " \ +"right/America/Porto_Velho" " " \ +"right/America/Puerto_Rico" " " \ +"right/America/Rainy_River" " " \ +"right/America/Rankin_Inlet" " " \ +"right/America/Recife" " " \ +"right/America/Regina" " " \ +"right/America/Resolute" " " \ +"right/America/Rio_Branco" " " \ +"right/America/Rosario" " " \ +"right/America/Santa_Isabel" " " \ +"right/America/Santarem" " " \ +"right/America/Santiago" " " \ +"right/America/Santo_Domingo" " " \ +"right/America/Sao_Paulo" " " \ +"right/America/Scoresbysund" " " \ +"right/America/Shiprock" " " \ +"right/America/Sitka" " " \ +"right/America/St_Barthelemy" " " \ +"right/America/St_Johns" " " \ +"right/America/St_Kitts" " " \ +"right/America/St_Lucia" " " \ +"right/America/St_Thomas" " " \ +"right/America/St_Vincent" " " \ +"right/America/Swift_Current" " " \ +"right/America/Tegucigalpa" " " \ +"right/America/Thule" " " \ +"right/America/Thunder_Bay" " " \ +"right/America/Tijuana" " " \ +"right/America/Toronto" " " \ +"right/America/Tortola" " " \ +"right/America/Vancouver" " " \ +"right/America/Virgin" " " \ +"right/America/Whitehorse" " " \ +"right/America/Winnipeg" " " \ +"right/America/Yakutat" " " \ +"right/America/Yellowknife" " " \ +"right/Antarctica/Casey" " " \ +"right/Antarctica/Davis" " " \ +"right/Antarctica/DumontDUrville" " " \ +"right/Antarctica/Macquarie" " " \ +"right/Antarctica/Mawson" " " \ +"right/Antarctica/McMurdo" " " \ +"right/Antarctica/Palmer" " " \ +"right/Antarctica/Rothera" " " \ +"right/Antarctica/South_Pole" " " \ +"right/Antarctica/Syowa" " " \ +"right/Antarctica/Troll" " " \ +"right/Antarctica/Vostok" " " \ +"right/Arctic/Longyearbyen" " " \ +"right/Asia/Aden" " " \ +"right/Asia/Almaty" " " \ +"right/Asia/Amman" " " \ +"right/Asia/Anadyr" " " \ +"right/Asia/Aqtau" " " \ +"right/Asia/Aqtobe" " " \ +"right/Asia/Ashgabat" " " \ +"right/Asia/Ashkhabad" " " \ +"right/Asia/Baghdad" " " \ +"right/Asia/Bahrain" " " \ +"right/Asia/Baku" " " \ +"right/Asia/Bangkok" " " \ +"right/Asia/Beirut" " " \ +"right/Asia/Bishkek" " " \ +"right/Asia/Brunei" " " \ +"right/Asia/Calcutta" " " \ +"right/Asia/Chita" " " \ +"right/Asia/Choibalsan" " " \ +"right/Asia/Chongqing" " " \ +"right/Asia/Chungking" " " \ +"right/Asia/Colombo" " " \ +"right/Asia/Dacca" " " \ +"right/Asia/Damascus" " " \ +"right/Asia/Dhaka" " " \ +"right/Asia/Dili" " " \ +"right/Asia/Dubai" " " \ +"right/Asia/Dushanbe" " " \ +"right/Asia/Gaza" " " \ +"right/Asia/Harbin" " " \ +"right/Asia/Hebron" " " \ +"right/Asia/Ho_Chi_Minh" " " \ +"right/Asia/Hong_Kong" " " \ +"right/Asia/Hovd" " " \ +"right/Asia/Irkutsk" " " \ +"right/Asia/Istanbul" " " \ +"right/Asia/Jakarta" " " \ +"right/Asia/Jayapura" " " \ +"right/Asia/Jerusalem" " " \ +"right/Asia/Kabul" " " \ +"right/Asia/Kamchatka" " " \ +"right/Asia/Karachi" " " \ +"right/Asia/Kashgar" " " \ +"right/Asia/Kathmandu" " " \ +"right/Asia/Katmandu" " " \ +"right/Asia/Khandyga" " " \ +"right/Asia/Kolkata" " " \ +"right/Asia/Krasnoyarsk" " " \ +"right/Asia/Kuala_Lumpur" " " \ +"right/Asia/Kuching" " " \ +"right/Asia/Kuwait" " " \ +"right/Asia/Macao" " " \ +"right/Asia/Macau" " " \ +"right/Asia/Magadan" " " \ +"right/Asia/Makassar" " " \ +"right/Asia/Manila" " " \ +"right/Asia/Muscat" " " \ +"right/Asia/Nicosia" " " \ +"right/Asia/Novokuznetsk" " " \ +"right/Asia/Novosibirsk" " " \ +"right/Asia/Omsk" " " \ +"right/Asia/Oral" " " \ +"right/Asia/Phnom_Penh" " " \ +"right/Asia/Pontianak" " " \ +"right/Asia/Pyongyang" " " \ +"right/Asia/Qatar" " " \ +"right/Asia/Qyzylorda" " " \ +"right/Asia/Rangoon" " " \ +"right/Asia/Riyadh" " " \ +"right/Asia/Saigon" " " \ +"right/Asia/Sakhalin" " " \ +"right/Asia/Samarkand" " " \ +"right/Asia/Seoul" " " \ +"right/Asia/Shanghai" " " \ +"right/Asia/Singapore" " " \ +"right/Asia/Srednekolymsk" " " \ +"right/Asia/Taipei" " " \ +"right/Asia/Tashkent" " " \ +"right/Asia/Tbilisi" " " \ +"right/Asia/Tehran" " " \ +"right/Asia/Tel_Aviv" " " \ +"right/Asia/Thimbu" " " \ +"right/Asia/Thimphu" " " \ +"right/Asia/Tokyo" " " \ +"right/Asia/Ujung_Pandang" " " \ +"right/Asia/Ulaanbaatar" " " \ +"right/Asia/Ulan_Bator" " " \ +"right/Asia/Urumqi" " " \ +"right/Asia/Ust-Nera" " " \ +"right/Asia/Vientiane" " " \ +"right/Asia/Vladivostok" " " \ +"right/Asia/Yakutsk" " " \ +"right/Asia/Yekaterinburg" " " \ +"right/Asia/Yerevan" " " \ +"right/Atlantic/Azores" " " \ +"right/Atlantic/Bermuda" " " \ +"right/Atlantic/Canary" " " \ +"right/Atlantic/Cape_Verde" " " \ +"right/Atlantic/Faeroe" " " \ +"right/Atlantic/Faroe" " " \ +"right/Atlantic/Jan_Mayen" " " \ +"right/Atlantic/Madeira" " " \ +"right/Atlantic/Reykjavik" " " \ +"right/Atlantic/South_Georgia" " " \ +"right/Atlantic/St_Helena" " " \ +"right/Atlantic/Stanley" " " \ +"right/Australia/ACT" " " \ +"right/Australia/Adelaide" " " \ +"right/Australia/Brisbane" " " \ +"right/Australia/Broken_Hill" " " \ +"right/Australia/Canberra" " " \ +"right/Australia/Currie" " " \ +"right/Australia/Darwin" " " \ +"right/Australia/Eucla" " " \ +"right/Australia/Hobart" " " \ +"right/Australia/LHI" " " \ +"right/Australia/Lindeman" " " \ +"right/Australia/Lord_Howe" " " \ +"right/Australia/Melbourne" " " \ +"right/Australia/NSW" " " \ +"right/Australia/North" " " \ +"right/Australia/Perth" " " \ +"right/Australia/Queensland" " " \ +"right/Australia/South" " " \ +"right/Australia/Sydney" " " \ +"right/Australia/Tasmania" " " \ +"right/Australia/Victoria" " " \ +"right/Australia/West" " " \ +"right/Australia/Yancowinna" " " \ +"right/Brazil/Acre" " " \ +"right/Brazil/DeNoronha" " " \ +"right/Brazil/East" " " \ +"right/Brazil/West" " " \ +"right/CET" " " \ +"right/CST6CDT" " " \ +"right/Canada/Atlantic" " " \ +"right/Canada/Central" " " \ +"right/Canada/East-Saskatchewan" " " \ +"right/Canada/Eastern" " " \ +"right/Canada/Mountain" " " \ +"right/Canada/Newfoundland" " " \ +"right/Canada/Pacific" " " \ +"right/Canada/Saskatchewan" " " \ +"right/Canada/Yukon" " " \ +"right/Chile/Continental" " " \ +"right/Chile/EasterIsland" " " \ +"right/Cuba" " " \ +"right/EET" " " \ +"right/EST" " " \ +"right/EST5EDT" " " \ +"right/Egypt" " " \ +"right/Eire" " " \ +"right/Etc/GMT" " " \ +"right/Etc/GMT+0" " " \ +"right/Etc/GMT+1" " " \ +"right/Etc/GMT+10" " " \ +"right/Etc/GMT+11" " " \ +"right/Etc/GMT+12" " " \ +"right/Etc/GMT+2" " " \ +"right/Etc/GMT+3" " " \ +"right/Etc/GMT+4" " " \ +"right/Etc/GMT+5" " " \ +"right/Etc/GMT+6" " " \ +"right/Etc/GMT+7" " " \ +"right/Etc/GMT+8" " " \ +"right/Etc/GMT+9" " " \ +"right/Etc/GMT-0" " " \ +"right/Etc/GMT-1" " " \ +"right/Etc/GMT-10" " " \ +"right/Etc/GMT-11" " " \ +"right/Etc/GMT-12" " " \ +"right/Etc/GMT-13" " " \ +"right/Etc/GMT-14" " " \ +"right/Etc/GMT-2" " " \ +"right/Etc/GMT-3" " " \ +"right/Etc/GMT-4" " " \ +"right/Etc/GMT-5" " " \ +"right/Etc/GMT-6" " " \ +"right/Etc/GMT-7" " " \ +"right/Etc/GMT-8" " " \ +"right/Etc/GMT-9" " " \ +"right/Etc/GMT0" " " \ +"right/Etc/Greenwich" " " \ +"right/Etc/UCT" " " \ +"right/Etc/UTC" " " \ +"right/Etc/Universal" " " \ +"right/Etc/Zulu" " " \ +"right/Europe/Amsterdam" " " \ +"right/Europe/Andorra" " " \ +"right/Europe/Athens" " " \ +"right/Europe/Belfast" " " \ +"right/Europe/Belgrade" " " \ +"right/Europe/Berlin" " " \ +"right/Europe/Bratislava" " " \ +"right/Europe/Brussels" " " \ +"right/Europe/Bucharest" " " \ +"right/Europe/Budapest" " " \ +"right/Europe/Busingen" " " \ +"right/Europe/Chisinau" " " \ +"right/Europe/Copenhagen" " " \ +"right/Europe/Dublin" " " \ +"right/Europe/Gibraltar" " " \ +"right/Europe/Guernsey" " " \ +"right/Europe/Helsinki" " " \ +"right/Europe/Isle_of_Man" " " \ +"right/Europe/Istanbul" " " \ +"right/Europe/Jersey" " " \ +"right/Europe/Kaliningrad" " " \ +"right/Europe/Kiev" " " \ +"right/Europe/Lisbon" " " \ +"right/Europe/Ljubljana" " " \ +"right/Europe/London" " " \ +"right/Europe/Luxembourg" " " \ +"right/Europe/Madrid" " " \ +"right/Europe/Malta" " " \ +"right/Europe/Mariehamn" " " \ +"right/Europe/Minsk" " " \ +"right/Europe/Monaco" " " \ +"right/Europe/Moscow" " " \ +"right/Europe/Nicosia" " " \ +"right/Europe/Oslo" " " \ +"right/Europe/Paris" " " \ +"right/Europe/Podgorica" " " \ +"right/Europe/Prague" " " \ +"right/Europe/Riga" " " \ +"right/Europe/Rome" " " \ +"right/Europe/Samara" " " \ +"right/Europe/San_Marino" " " \ +"right/Europe/Sarajevo" " " \ +"right/Europe/Simferopol" " " \ +"right/Europe/Skopje" " " \ +"right/Europe/Sofia" " " \ +"right/Europe/Stockholm" " " \ +"right/Europe/Tallinn" " " \ +"right/Europe/Tirane" " " \ +"right/Europe/Tiraspol" " " \ +"right/Europe/Uzhgorod" " " \ +"right/Europe/Vaduz" " " \ +"right/Europe/Vatican" " " \ +"right/Europe/Vienna" " " \ +"right/Europe/Vilnius" " " \ +"right/Europe/Volgograd" " " \ +"right/Europe/Warsaw" " " \ +"right/Europe/Zagreb" " " \ +"right/Europe/Zaporozhye" " " \ +"right/Europe/Zurich" " " \ +"right/Factory" " " \ +"right/GB" " " \ +"right/GB-Eire" " " \ +"right/GMT" " " \ +"right/GMT+0" " " \ +"right/GMT-0" " " \ +"right/GMT0" " " \ +"right/Greenwich" " " \ +"right/HST" " " \ +"right/Hongkong" " " \ +"right/Iceland" " " \ +"right/Indian/Antananarivo" " " \ +"right/Indian/Chagos" " " \ +"right/Indian/Christmas" " " \ +"right/Indian/Cocos" " " \ +"right/Indian/Comoro" " " \ +"right/Indian/Kerguelen" " " \ +"right/Indian/Mahe" " " \ +"right/Indian/Maldives" " " \ +"right/Indian/Mauritius" " " \ +"right/Indian/Mayotte" " " \ +"right/Indian/Reunion" " " \ +"right/Iran" " " \ +"right/Israel" " " \ +"right/Jamaica" " " \ +"right/Japan" " " \ +"right/Kwajalein" " " \ +"right/Libya" " " \ +"right/MET" " " \ +"right/MST" " " \ +"right/MST7MDT" " " \ +"right/Mexico/BajaNorte" " " \ +"right/Mexico/BajaSur" " " \ +"right/Mexico/General" " " \ +"right/NZ" " " \ +"right/NZ-CHAT" " " \ +"right/Navajo" " " \ +"right/PRC" " " \ +"right/PST8PDT" " " \ +"right/Pacific/Apia" " " \ +"right/Pacific/Auckland" " " \ +"right/Pacific/Bougainville" " " \ +"right/Pacific/Chatham" " " \ +"right/Pacific/Chuuk" " " \ +"right/Pacific/Easter" " " \ +"right/Pacific/Efate" " " \ +"right/Pacific/Enderbury" " " \ +"right/Pacific/Fakaofo" " " \ +"right/Pacific/Fiji" " " \ +"right/Pacific/Funafuti" " " \ +"right/Pacific/Galapagos" " " \ +"right/Pacific/Gambier" " " \ +"right/Pacific/Guadalcanal" " " \ +"right/Pacific/Guam" " " \ +"right/Pacific/Honolulu" " " \ +"right/Pacific/Johnston" " " \ +"right/Pacific/Kiritimati" " " \ +"right/Pacific/Kosrae" " " \ +"right/Pacific/Kwajalein" " " \ +"right/Pacific/Majuro" " " \ +"right/Pacific/Marquesas" " " \ +"right/Pacific/Midway" " " \ +"right/Pacific/Nauru" " " \ +"right/Pacific/Niue" " " \ +"right/Pacific/Norfolk" " " \ +"right/Pacific/Noumea" " " \ +"right/Pacific/Pago_Pago" " " \ +"right/Pacific/Palau" " " \ +"right/Pacific/Pitcairn" " " \ +"right/Pacific/Pohnpei" " " \ +"right/Pacific/Ponape" " " \ +"right/Pacific/Port_Moresby" " " \ +"right/Pacific/Rarotonga" " " \ +"right/Pacific/Saipan" " " \ +"right/Pacific/Samoa" " " \ +"right/Pacific/Tahiti" " " \ +"right/Pacific/Tarawa" " " \ +"right/Pacific/Tongatapu" " " \ +"right/Pacific/Truk" " " \ +"right/Pacific/Wake" " " \ +"right/Pacific/Wallis" " " \ +"right/Pacific/Yap" " " \ +"right/Poland" " " \ +"right/Portugal" " " \ +"right/ROC" " " \ +"right/ROK" " " \ +"right/Singapore" " " \ +"right/Turkey" " " \ +"right/UCT" " " \ +"right/US/Alaska" " " \ +"right/US/Aleutian" " " \ +"right/US/Arizona" " " \ +"right/US/Central" " " \ +"right/US/East-Indiana" " " \ +"right/US/Eastern" " " \ +"right/US/Hawaii" " " \ +"right/US/Indiana-Starke" " " \ +"right/US/Michigan" " " \ +"right/US/Mountain" " " \ +"right/US/Pacific" " " \ +"right/US/Pacific-New" " " \ +"right/US/Samoa" " " \ +"right/UTC" " " \ +"right/Universal" " " \ +"right/W-SU" " " \ +"right/WET" " " \ +"right/Zulu" " " \ + 2> $TMP/tz + + if [ $? = 1 -o $? = 255 ]; then + rm -f $TMP/tz + exit + fi + + TIMEZONE="`cat $TMP/tz`" + rm -f $TMP/tz + + setzone $TIMEZONE + exit +else + ### + ### use text prompts + ### + while [ 0 ]; do + echo -n "Would you like to configure your timezone ([y]es, [n]o)? " + read TIMECONF; + echo + + if [ "$TIMECONF" = "n" ]; then + break + fi + + cat << EOF +Select one of these timezones: + +US/Alaska +US/Aleutian +US/Arizona +US/Central +US/East-Indiana +US/Eastern +US/Hawaii +US/Indiana-Starke +US/Michigan +US/Mountain +US/Pacific +US/Pacific-New +US/Samoa +Africa/Abidjan +Africa/Accra +Africa/Addis_Ababa +Africa/Algiers +Africa/Asmara +Africa/Asmera +Africa/Bamako +Africa/Bangui +Africa/Banjul +Africa/Bissau +Africa/Blantyre +Africa/Brazzaville +Africa/Bujumbura +Africa/Cairo +Africa/Casablanca +Africa/Ceuta +Africa/Conakry +Africa/Dakar +Africa/Dar_es_Salaam +Africa/Djibouti +Africa/Douala +Africa/El_Aaiun +Africa/Freetown +Africa/Gaborone +Africa/Harare +Africa/Johannesburg +Africa/Juba +Africa/Kampala +Africa/Khartoum +Africa/Kigali +Africa/Kinshasa +Africa/Lagos +Africa/Libreville +Africa/Lome +Africa/Luanda +Africa/Lubumbashi +Africa/Lusaka +Africa/Malabo +Africa/Maputo +Africa/Maseru +Africa/Mbabane +Africa/Mogadishu +Africa/Monrovia +Africa/Nairobi +Africa/Ndjamena +Africa/Niamey +Africa/Nouakchott +Africa/Ouagadougou +Africa/Porto-Novo +Africa/Sao_Tome +Africa/Timbuktu +Africa/Tripoli +Africa/Tunis +Africa/Windhoek +America/Adak +America/Anchorage +America/Anguilla +America/Antigua +America/Araguaina +America/Argentina/Buenos_Aires +America/Argentina/Catamarca +America/Argentina/ComodRivadavia +America/Argentina/Cordoba +America/Argentina/Jujuy +America/Argentina/La_Rioja +America/Argentina/Mendoza +America/Argentina/Rio_Gallegos +America/Argentina/Salta +America/Argentina/San_Juan +America/Argentina/San_Luis +America/Argentina/Tucuman +America/Argentina/Ushuaia +America/Aruba +America/Asuncion +America/Atikokan +America/Atka +America/Bahia +America/Bahia_Banderas +America/Barbados +America/Belem +America/Belize +America/Blanc-Sablon +America/Boa_Vista +America/Bogota +America/Boise +America/Buenos_Aires +America/Cambridge_Bay +America/Campo_Grande +America/Cancun +America/Caracas +America/Catamarca +America/Cayenne +America/Cayman +America/Chicago +America/Chihuahua +America/Coral_Harbour +America/Cordoba +America/Costa_Rica +America/Creston +America/Cuiaba +America/Curacao +America/Danmarkshavn +America/Dawson +America/Dawson_Creek +America/Denver +America/Detroit +America/Dominica +America/Edmonton +America/Eirunepe +America/El_Salvador +America/Ensenada +America/Fort_Wayne +America/Fortaleza +America/Glace_Bay +America/Godthab +America/Goose_Bay +America/Grand_Turk +America/Grenada +America/Guadeloupe +America/Guatemala +America/Guayaquil +America/Guyana +America/Halifax +America/Havana +America/Hermosillo +America/Indiana/Indianapolis +America/Indiana/Knox +America/Indiana/Marengo +America/Indiana/Petersburg +America/Indiana/Tell_City +America/Indiana/Vevay +America/Indiana/Vincennes +America/Indiana/Winamac +America/Indianapolis +America/Inuvik +America/Iqaluit +America/Jamaica +America/Jujuy +America/Juneau +America/Kentucky/Louisville +America/Kentucky/Monticello +America/Knox_IN +America/Kralendijk +America/La_Paz +America/Lima +America/Los_Angeles +America/Louisville +America/Lower_Princes +America/Maceio +America/Managua +America/Manaus +America/Marigot +America/Martinique +America/Matamoros +America/Mazatlan +America/Mendoza +America/Menominee +America/Merida +America/Metlakatla +America/Mexico_City +America/Miquelon +America/Moncton +America/Monterrey +America/Montevideo +America/Montreal +America/Montserrat +America/Nassau +America/New_York +America/Nipigon +America/Nome +America/Noronha +America/North_Dakota/Beulah +America/North_Dakota/Center +America/North_Dakota/New_Salem +America/Ojinaga +America/Panama +America/Pangnirtung +America/Paramaribo +America/Phoenix +America/Port-au-Prince +America/Port_of_Spain +America/Porto_Acre +America/Porto_Velho +America/Puerto_Rico +America/Rainy_River +America/Rankin_Inlet +America/Recife +America/Regina +America/Resolute +America/Rio_Branco +America/Rosario +America/Santa_Isabel +America/Santarem +America/Santiago +America/Santo_Domingo +America/Sao_Paulo +America/Scoresbysund +America/Shiprock +America/Sitka +America/St_Barthelemy +America/St_Johns +America/St_Kitts +America/St_Lucia +America/St_Thomas +America/St_Vincent +America/Swift_Current +America/Tegucigalpa +America/Thule +America/Thunder_Bay +America/Tijuana +America/Toronto +America/Tortola +America/Vancouver +America/Virgin +America/Whitehorse +America/Winnipeg +America/Yakutat +America/Yellowknife +Antarctica/Casey +Antarctica/Davis +Antarctica/DumontDUrville +Antarctica/Macquarie +Antarctica/Mawson +Antarctica/McMurdo +Antarctica/Palmer +Antarctica/Rothera +Antarctica/South_Pole +Antarctica/Syowa +Antarctica/Troll +Antarctica/Vostok +Arctic/Longyearbyen +Asia/Aden +Asia/Almaty +Asia/Amman +Asia/Anadyr +Asia/Aqtau +Asia/Aqtobe +Asia/Ashgabat +Asia/Ashkhabad +Asia/Baghdad +Asia/Bahrain +Asia/Baku +Asia/Bangkok +Asia/Beirut +Asia/Bishkek +Asia/Brunei +Asia/Calcutta +Asia/Chita +Asia/Choibalsan +Asia/Chongqing +Asia/Chungking +Asia/Colombo +Asia/Dacca +Asia/Damascus +Asia/Dhaka +Asia/Dili +Asia/Dubai +Asia/Dushanbe +Asia/Gaza +Asia/Harbin +Asia/Hebron +Asia/Ho_Chi_Minh +Asia/Hong_Kong +Asia/Hovd +Asia/Irkutsk +Asia/Istanbul +Asia/Jakarta +Asia/Jayapura +Asia/Jerusalem +Asia/Kabul +Asia/Kamchatka +Asia/Karachi +Asia/Kashgar +Asia/Kathmandu +Asia/Katmandu +Asia/Khandyga +Asia/Kolkata +Asia/Krasnoyarsk +Asia/Kuala_Lumpur +Asia/Kuching +Asia/Kuwait +Asia/Macao +Asia/Macau +Asia/Magadan +Asia/Makassar +Asia/Manila +Asia/Muscat +Asia/Nicosia +Asia/Novokuznetsk +Asia/Novosibirsk +Asia/Omsk +Asia/Oral +Asia/Phnom_Penh +Asia/Pontianak +Asia/Pyongyang +Asia/Qatar +Asia/Qyzylorda +Asia/Rangoon +Asia/Riyadh +Asia/Saigon +Asia/Sakhalin +Asia/Samarkand +Asia/Seoul +Asia/Shanghai +Asia/Singapore +Asia/Srednekolymsk +Asia/Taipei +Asia/Tashkent +Asia/Tbilisi +Asia/Tehran +Asia/Tel_Aviv +Asia/Thimbu +Asia/Thimphu +Asia/Tokyo +Asia/Ujung_Pandang +Asia/Ulaanbaatar +Asia/Ulan_Bator +Asia/Urumqi +Asia/Ust-Nera +Asia/Vientiane +Asia/Vladivostok +Asia/Yakutsk +Asia/Yekaterinburg +Asia/Yerevan +Atlantic/Azores +Atlantic/Bermuda +Atlantic/Canary +Atlantic/Cape_Verde +Atlantic/Faeroe +Atlantic/Faroe +Atlantic/Jan_Mayen +Atlantic/Madeira +Atlantic/Reykjavik +Atlantic/South_Georgia +Atlantic/St_Helena +Atlantic/Stanley +Australia/ACT +Australia/Adelaide +Australia/Brisbane +Australia/Broken_Hill +Australia/Canberra +Australia/Currie +Australia/Darwin +Australia/Eucla +Australia/Hobart +Australia/LHI +Australia/Lindeman +Australia/Lord_Howe +Australia/Melbourne +Australia/NSW +Australia/North +Australia/Perth +Australia/Queensland +Australia/South +Australia/Sydney +Australia/Tasmania +Australia/Victoria +Australia/West +Australia/Yancowinna +Brazil/Acre +Brazil/DeNoronha +Brazil/East +Brazil/West +CET +CST6CDT +Canada/Atlantic +Canada/Central +Canada/East-Saskatchewan +Canada/Eastern +Canada/Mountain +Canada/Newfoundland +Canada/Pacific +Canada/Saskatchewan +Canada/Yukon +Chile/Continental +Chile/EasterIsland +Cuba +EET +EST +EST5EDT +Egypt +Eire +Etc/GMT +Etc/GMT+0 +Etc/GMT+1 +Etc/GMT+10 +Etc/GMT+11 +Etc/GMT+12 +Etc/GMT+2 +Etc/GMT+3 +Etc/GMT+4 +Etc/GMT+5 +Etc/GMT+6 +Etc/GMT+7 +Etc/GMT+8 +Etc/GMT+9 +Etc/GMT-0 +Etc/GMT-1 +Etc/GMT-10 +Etc/GMT-11 +Etc/GMT-12 +Etc/GMT-13 +Etc/GMT-14 +Etc/GMT-2 +Etc/GMT-3 +Etc/GMT-4 +Etc/GMT-5 +Etc/GMT-6 +Etc/GMT-7 +Etc/GMT-8 +Etc/GMT-9 +Etc/GMT0 +Etc/Greenwich +Etc/UCT +Etc/UTC +Etc/Universal +Etc/Zulu +Europe/Amsterdam +Europe/Andorra +Europe/Athens +Europe/Belfast +Europe/Belgrade +Europe/Berlin +Europe/Bratislava +Europe/Brussels +Europe/Bucharest +Europe/Budapest +Europe/Busingen +Europe/Chisinau +Europe/Copenhagen +Europe/Dublin +Europe/Gibraltar +Europe/Guernsey +Europe/Helsinki +Europe/Isle_of_Man +Europe/Istanbul +Europe/Jersey +Europe/Kaliningrad +Europe/Kiev +Europe/Lisbon +Europe/Ljubljana +Europe/London +Europe/Luxembourg +Europe/Madrid +Europe/Malta +Europe/Mariehamn +Europe/Minsk +Europe/Monaco +Europe/Moscow +Europe/Nicosia +Europe/Oslo +Europe/Paris +Europe/Podgorica +Europe/Prague +Europe/Riga +Europe/Rome +Europe/Samara +Europe/San_Marino +Europe/Sarajevo +Europe/Simferopol +Europe/Skopje +Europe/Sofia +Europe/Stockholm +Europe/Tallinn +Europe/Tirane +Europe/Tiraspol +Europe/Uzhgorod +Europe/Vaduz +Europe/Vatican +Europe/Vienna +Europe/Vilnius +Europe/Volgograd +Europe/Warsaw +Europe/Zagreb +Europe/Zaporozhye +Europe/Zurich +Factory +GB +GB-Eire +GMT +GMT+0 +GMT-0 +GMT0 +Greenwich +HST +Hongkong +Iceland +Indian/Antananarivo +Indian/Chagos +Indian/Christmas +Indian/Cocos +Indian/Comoro +Indian/Kerguelen +Indian/Mahe +Indian/Maldives +Indian/Mauritius +Indian/Mayotte +Indian/Reunion +Iran +Israel +Jamaica +Japan +Kwajalein +Libya +MET +MST +MST7MDT +Mexico/BajaNorte +Mexico/BajaSur +Mexico/General +NZ +NZ-CHAT +Navajo +PRC +PST8PDT +Pacific/Apia +Pacific/Auckland +Pacific/Bougainville +Pacific/Chatham +Pacific/Chuuk +Pacific/Easter +Pacific/Efate +Pacific/Enderbury +Pacific/Fakaofo +Pacific/Fiji +Pacific/Funafuti +Pacific/Galapagos +Pacific/Gambier +Pacific/Guadalcanal +Pacific/Guam +Pacific/Honolulu +Pacific/Johnston +Pacific/Kiritimati +Pacific/Kosrae +Pacific/Kwajalein +Pacific/Majuro +Pacific/Marquesas +Pacific/Midway +Pacific/Nauru +Pacific/Niue +Pacific/Norfolk +Pacific/Noumea +Pacific/Pago_Pago +Pacific/Palau +Pacific/Pitcairn +Pacific/Pohnpei +Pacific/Ponape +Pacific/Port_Moresby +Pacific/Rarotonga +Pacific/Saipan +Pacific/Samoa +Pacific/Tahiti +Pacific/Tarawa +Pacific/Tongatapu +Pacific/Truk +Pacific/Wake +Pacific/Wallis +Pacific/Yap +Poland +Portugal +ROC +ROK +Singapore +Turkey +UCT +UTC +Universal +W-SU +WET +Zulu +posix/Africa/Abidjan +posix/Africa/Accra +posix/Africa/Addis_Ababa +posix/Africa/Algiers +posix/Africa/Asmara +posix/Africa/Asmera +posix/Africa/Bamako +posix/Africa/Bangui +posix/Africa/Banjul +posix/Africa/Bissau +posix/Africa/Blantyre +posix/Africa/Brazzaville +posix/Africa/Bujumbura +posix/Africa/Cairo +posix/Africa/Casablanca +posix/Africa/Ceuta +posix/Africa/Conakry +posix/Africa/Dakar +posix/Africa/Dar_es_Salaam +posix/Africa/Djibouti +posix/Africa/Douala +posix/Africa/El_Aaiun +posix/Africa/Freetown +posix/Africa/Gaborone +posix/Africa/Harare +posix/Africa/Johannesburg +posix/Africa/Juba +posix/Africa/Kampala +posix/Africa/Khartoum +posix/Africa/Kigali +posix/Africa/Kinshasa +posix/Africa/Lagos +posix/Africa/Libreville +posix/Africa/Lome +posix/Africa/Luanda +posix/Africa/Lubumbashi +posix/Africa/Lusaka +posix/Africa/Malabo +posix/Africa/Maputo +posix/Africa/Maseru +posix/Africa/Mbabane +posix/Africa/Mogadishu +posix/Africa/Monrovia +posix/Africa/Nairobi +posix/Africa/Ndjamena +posix/Africa/Niamey +posix/Africa/Nouakchott +posix/Africa/Ouagadougou +posix/Africa/Porto-Novo +posix/Africa/Sao_Tome +posix/Africa/Timbuktu +posix/Africa/Tripoli +posix/Africa/Tunis +posix/Africa/Windhoek +posix/America/Adak +posix/America/Anchorage +posix/America/Anguilla +posix/America/Antigua +posix/America/Araguaina +posix/America/Argentina/Buenos_Aires +posix/America/Argentina/Catamarca +posix/America/Argentina/ComodRivadavia +posix/America/Argentina/Cordoba +posix/America/Argentina/Jujuy +posix/America/Argentina/La_Rioja +posix/America/Argentina/Mendoza +posix/America/Argentina/Rio_Gallegos +posix/America/Argentina/Salta +posix/America/Argentina/San_Juan +posix/America/Argentina/San_Luis +posix/America/Argentina/Tucuman +posix/America/Argentina/Ushuaia +posix/America/Aruba +posix/America/Asuncion +posix/America/Atikokan +posix/America/Atka +posix/America/Bahia +posix/America/Bahia_Banderas +posix/America/Barbados +posix/America/Belem +posix/America/Belize +posix/America/Blanc-Sablon +posix/America/Boa_Vista +posix/America/Bogota +posix/America/Boise +posix/America/Buenos_Aires +posix/America/Cambridge_Bay +posix/America/Campo_Grande +posix/America/Cancun +posix/America/Caracas +posix/America/Catamarca +posix/America/Cayenne +posix/America/Cayman +posix/America/Chicago +posix/America/Chihuahua +posix/America/Coral_Harbour +posix/America/Cordoba +posix/America/Costa_Rica +posix/America/Creston +posix/America/Cuiaba +posix/America/Curacao +posix/America/Danmarkshavn +posix/America/Dawson +posix/America/Dawson_Creek +posix/America/Denver +posix/America/Detroit +posix/America/Dominica +posix/America/Edmonton +posix/America/Eirunepe +posix/America/El_Salvador +posix/America/Ensenada +posix/America/Fort_Wayne +posix/America/Fortaleza +posix/America/Glace_Bay +posix/America/Godthab +posix/America/Goose_Bay +posix/America/Grand_Turk +posix/America/Grenada +posix/America/Guadeloupe +posix/America/Guatemala +posix/America/Guayaquil +posix/America/Guyana +posix/America/Halifax +posix/America/Havana +posix/America/Hermosillo +posix/America/Indiana/Indianapolis +posix/America/Indiana/Knox +posix/America/Indiana/Marengo +posix/America/Indiana/Petersburg +posix/America/Indiana/Tell_City +posix/America/Indiana/Vevay +posix/America/Indiana/Vincennes +posix/America/Indiana/Winamac +posix/America/Indianapolis +posix/America/Inuvik +posix/America/Iqaluit +posix/America/Jamaica +posix/America/Jujuy +posix/America/Juneau +posix/America/Kentucky/Louisville +posix/America/Kentucky/Monticello +posix/America/Knox_IN +posix/America/Kralendijk +posix/America/La_Paz +posix/America/Lima +posix/America/Los_Angeles +posix/America/Louisville +posix/America/Lower_Princes +posix/America/Maceio +posix/America/Managua +posix/America/Manaus +posix/America/Marigot +posix/America/Martinique +posix/America/Matamoros +posix/America/Mazatlan +posix/America/Mendoza +posix/America/Menominee +posix/America/Merida +posix/America/Metlakatla +posix/America/Mexico_City +posix/America/Miquelon +posix/America/Moncton +posix/America/Monterrey +posix/America/Montevideo +posix/America/Montreal +posix/America/Montserrat +posix/America/Nassau +posix/America/New_York +posix/America/Nipigon +posix/America/Nome +posix/America/Noronha +posix/America/North_Dakota/Beulah +posix/America/North_Dakota/Center +posix/America/North_Dakota/New_Salem +posix/America/Ojinaga +posix/America/Panama +posix/America/Pangnirtung +posix/America/Paramaribo +posix/America/Phoenix +posix/America/Port-au-Prince +posix/America/Port_of_Spain +posix/America/Porto_Acre +posix/America/Porto_Velho +posix/America/Puerto_Rico +posix/America/Rainy_River +posix/America/Rankin_Inlet +posix/America/Recife +posix/America/Regina +posix/America/Resolute +posix/America/Rio_Branco +posix/America/Rosario +posix/America/Santa_Isabel +posix/America/Santarem +posix/America/Santiago +posix/America/Santo_Domingo +posix/America/Sao_Paulo +posix/America/Scoresbysund +posix/America/Shiprock +posix/America/Sitka +posix/America/St_Barthelemy +posix/America/St_Johns +posix/America/St_Kitts +posix/America/St_Lucia +posix/America/St_Thomas +posix/America/St_Vincent +posix/America/Swift_Current +posix/America/Tegucigalpa +posix/America/Thule +posix/America/Thunder_Bay +posix/America/Tijuana +posix/America/Toronto +posix/America/Tortola +posix/America/Vancouver +posix/America/Virgin +posix/America/Whitehorse +posix/America/Winnipeg +posix/America/Yakutat +posix/America/Yellowknife +posix/Antarctica/Casey +posix/Antarctica/Davis +posix/Antarctica/DumontDUrville +posix/Antarctica/Macquarie +posix/Antarctica/Mawson +posix/Antarctica/McMurdo +posix/Antarctica/Palmer +posix/Antarctica/Rothera +posix/Antarctica/South_Pole +posix/Antarctica/Syowa +posix/Antarctica/Troll +posix/Antarctica/Vostok +posix/Arctic/Longyearbyen +posix/Asia/Aden +posix/Asia/Almaty +posix/Asia/Amman +posix/Asia/Anadyr +posix/Asia/Aqtau +posix/Asia/Aqtobe +posix/Asia/Ashgabat +posix/Asia/Ashkhabad +posix/Asia/Baghdad +posix/Asia/Bahrain +posix/Asia/Baku +posix/Asia/Bangkok +posix/Asia/Beirut +posix/Asia/Bishkek +posix/Asia/Brunei +posix/Asia/Calcutta +posix/Asia/Chita +posix/Asia/Choibalsan +posix/Asia/Chongqing +posix/Asia/Chungking +posix/Asia/Colombo +posix/Asia/Dacca +posix/Asia/Damascus +posix/Asia/Dhaka +posix/Asia/Dili +posix/Asia/Dubai +posix/Asia/Dushanbe +posix/Asia/Gaza +posix/Asia/Harbin +posix/Asia/Hebron +posix/Asia/Ho_Chi_Minh +posix/Asia/Hong_Kong +posix/Asia/Hovd +posix/Asia/Irkutsk +posix/Asia/Istanbul +posix/Asia/Jakarta +posix/Asia/Jayapura +posix/Asia/Jerusalem +posix/Asia/Kabul +posix/Asia/Kamchatka +posix/Asia/Karachi +posix/Asia/Kashgar +posix/Asia/Kathmandu +posix/Asia/Katmandu +posix/Asia/Khandyga +posix/Asia/Kolkata +posix/Asia/Krasnoyarsk +posix/Asia/Kuala_Lumpur +posix/Asia/Kuching +posix/Asia/Kuwait +posix/Asia/Macao +posix/Asia/Macau +posix/Asia/Magadan +posix/Asia/Makassar +posix/Asia/Manila +posix/Asia/Muscat +posix/Asia/Nicosia +posix/Asia/Novokuznetsk +posix/Asia/Novosibirsk +posix/Asia/Omsk +posix/Asia/Oral +posix/Asia/Phnom_Penh +posix/Asia/Pontianak +posix/Asia/Pyongyang +posix/Asia/Qatar +posix/Asia/Qyzylorda +posix/Asia/Rangoon +posix/Asia/Riyadh +posix/Asia/Saigon +posix/Asia/Sakhalin +posix/Asia/Samarkand +posix/Asia/Seoul +posix/Asia/Shanghai +posix/Asia/Singapore +posix/Asia/Srednekolymsk +posix/Asia/Taipei +posix/Asia/Tashkent +posix/Asia/Tbilisi +posix/Asia/Tehran +posix/Asia/Tel_Aviv +posix/Asia/Thimbu +posix/Asia/Thimphu +posix/Asia/Tokyo +posix/Asia/Ujung_Pandang +posix/Asia/Ulaanbaatar +posix/Asia/Ulan_Bator +posix/Asia/Urumqi +posix/Asia/Ust-Nera +posix/Asia/Vientiane +posix/Asia/Vladivostok +posix/Asia/Yakutsk +posix/Asia/Yekaterinburg +posix/Asia/Yerevan +posix/Atlantic/Azores +posix/Atlantic/Bermuda +posix/Atlantic/Canary +posix/Atlantic/Cape_Verde +posix/Atlantic/Faeroe +posix/Atlantic/Faroe +posix/Atlantic/Jan_Mayen +posix/Atlantic/Madeira +posix/Atlantic/Reykjavik +posix/Atlantic/South_Georgia +posix/Atlantic/St_Helena +posix/Atlantic/Stanley +posix/Australia/ACT +posix/Australia/Adelaide +posix/Australia/Brisbane +posix/Australia/Broken_Hill +posix/Australia/Canberra +posix/Australia/Currie +posix/Australia/Darwin +posix/Australia/Eucla +posix/Australia/Hobart +posix/Australia/LHI +posix/Australia/Lindeman +posix/Australia/Lord_Howe +posix/Australia/Melbourne +posix/Australia/NSW +posix/Australia/North +posix/Australia/Perth +posix/Australia/Queensland +posix/Australia/South +posix/Australia/Sydney +posix/Australia/Tasmania +posix/Australia/Victoria +posix/Australia/West +posix/Australia/Yancowinna +posix/Brazil/Acre +posix/Brazil/DeNoronha +posix/Brazil/East +posix/Brazil/West +posix/CET +posix/CST6CDT +posix/Canada/Atlantic +posix/Canada/Central +posix/Canada/East-Saskatchewan +posix/Canada/Eastern +posix/Canada/Mountain +posix/Canada/Newfoundland +posix/Canada/Pacific +posix/Canada/Saskatchewan +posix/Canada/Yukon +posix/Chile/Continental +posix/Chile/EasterIsland +posix/Cuba +posix/EET +posix/EST +posix/EST5EDT +posix/Egypt +posix/Eire +posix/Etc/GMT +posix/Etc/GMT+0 +posix/Etc/GMT+1 +posix/Etc/GMT+10 +posix/Etc/GMT+11 +posix/Etc/GMT+12 +posix/Etc/GMT+2 +posix/Etc/GMT+3 +posix/Etc/GMT+4 +posix/Etc/GMT+5 +posix/Etc/GMT+6 +posix/Etc/GMT+7 +posix/Etc/GMT+8 +posix/Etc/GMT+9 +posix/Etc/GMT-0 +posix/Etc/GMT-1 +posix/Etc/GMT-10 +posix/Etc/GMT-11 +posix/Etc/GMT-12 +posix/Etc/GMT-13 +posix/Etc/GMT-14 +posix/Etc/GMT-2 +posix/Etc/GMT-3 +posix/Etc/GMT-4 +posix/Etc/GMT-5 +posix/Etc/GMT-6 +posix/Etc/GMT-7 +posix/Etc/GMT-8 +posix/Etc/GMT-9 +posix/Etc/GMT0 +posix/Etc/Greenwich +posix/Etc/UCT +posix/Etc/UTC +posix/Etc/Universal +posix/Etc/Zulu +posix/Europe/Amsterdam +posix/Europe/Andorra +posix/Europe/Athens +posix/Europe/Belfast +posix/Europe/Belgrade +posix/Europe/Berlin +posix/Europe/Bratislava +posix/Europe/Brussels +posix/Europe/Bucharest +posix/Europe/Budapest +posix/Europe/Busingen +posix/Europe/Chisinau +posix/Europe/Copenhagen +posix/Europe/Dublin +posix/Europe/Gibraltar +posix/Europe/Guernsey +posix/Europe/Helsinki +posix/Europe/Isle_of_Man +posix/Europe/Istanbul +posix/Europe/Jersey +posix/Europe/Kaliningrad +posix/Europe/Kiev +posix/Europe/Lisbon +posix/Europe/Ljubljana +posix/Europe/London +posix/Europe/Luxembourg +posix/Europe/Madrid +posix/Europe/Malta +posix/Europe/Mariehamn +posix/Europe/Minsk +posix/Europe/Monaco +posix/Europe/Moscow +posix/Europe/Nicosia +posix/Europe/Oslo +posix/Europe/Paris +posix/Europe/Podgorica +posix/Europe/Prague +posix/Europe/Riga +posix/Europe/Rome +posix/Europe/Samara +posix/Europe/San_Marino +posix/Europe/Sarajevo +posix/Europe/Simferopol +posix/Europe/Skopje +posix/Europe/Sofia +posix/Europe/Stockholm +posix/Europe/Tallinn +posix/Europe/Tirane +posix/Europe/Tiraspol +posix/Europe/Uzhgorod +posix/Europe/Vaduz +posix/Europe/Vatican +posix/Europe/Vienna +posix/Europe/Vilnius +posix/Europe/Volgograd +posix/Europe/Warsaw +posix/Europe/Zagreb +posix/Europe/Zaporozhye +posix/Europe/Zurich +posix/Factory +posix/GB +posix/GB-Eire +posix/GMT +posix/GMT+0 +posix/GMT-0 +posix/GMT0 +posix/Greenwich +posix/HST +posix/Hongkong +posix/Iceland +posix/Indian/Antananarivo +posix/Indian/Chagos +posix/Indian/Christmas +posix/Indian/Cocos +posix/Indian/Comoro +posix/Indian/Kerguelen +posix/Indian/Mahe +posix/Indian/Maldives +posix/Indian/Mauritius +posix/Indian/Mayotte +posix/Indian/Reunion +posix/Iran +posix/Israel +posix/Jamaica +posix/Japan +posix/Kwajalein +posix/Libya +posix/MET +posix/MST +posix/MST7MDT +posix/Mexico/BajaNorte +posix/Mexico/BajaSur +posix/Mexico/General +posix/NZ +posix/NZ-CHAT +posix/Navajo +posix/PRC +posix/PST8PDT +posix/Pacific/Apia +posix/Pacific/Auckland +posix/Pacific/Bougainville +posix/Pacific/Chatham +posix/Pacific/Chuuk +posix/Pacific/Easter +posix/Pacific/Efate +posix/Pacific/Enderbury +posix/Pacific/Fakaofo +posix/Pacific/Fiji +posix/Pacific/Funafuti +posix/Pacific/Galapagos +posix/Pacific/Gambier +posix/Pacific/Guadalcanal +posix/Pacific/Guam +posix/Pacific/Honolulu +posix/Pacific/Johnston +posix/Pacific/Kiritimati +posix/Pacific/Kosrae +posix/Pacific/Kwajalein +posix/Pacific/Majuro +posix/Pacific/Marquesas +posix/Pacific/Midway +posix/Pacific/Nauru +posix/Pacific/Niue +posix/Pacific/Norfolk +posix/Pacific/Noumea +posix/Pacific/Pago_Pago +posix/Pacific/Palau +posix/Pacific/Pitcairn +posix/Pacific/Pohnpei +posix/Pacific/Ponape +posix/Pacific/Port_Moresby +posix/Pacific/Rarotonga +posix/Pacific/Saipan +posix/Pacific/Samoa +posix/Pacific/Tahiti +posix/Pacific/Tarawa +posix/Pacific/Tongatapu +posix/Pacific/Truk +posix/Pacific/Wake +posix/Pacific/Wallis +posix/Pacific/Yap +posix/Poland +posix/Portugal +posix/ROC +posix/ROK +posix/Singapore +posix/Turkey +posix/UCT +posix/US/Alaska +posix/US/Aleutian +posix/US/Arizona +posix/US/Central +posix/US/East-Indiana +posix/US/Eastern +posix/US/Hawaii +posix/US/Indiana-Starke +posix/US/Michigan +posix/US/Mountain +posix/US/Pacific +posix/US/Pacific-New +posix/US/Samoa +posix/UTC +posix/Universal +posix/W-SU +posix/WET +posix/Zulu +posix/localtime +posix/posixrules +posixrules +right/Africa/Abidjan +right/Africa/Accra +right/Africa/Addis_Ababa +right/Africa/Algiers +right/Africa/Asmara +right/Africa/Asmera +right/Africa/Bamako +right/Africa/Bangui +right/Africa/Banjul +right/Africa/Bissau +right/Africa/Blantyre +right/Africa/Brazzaville +right/Africa/Bujumbura +right/Africa/Cairo +right/Africa/Casablanca +right/Africa/Ceuta +right/Africa/Conakry +right/Africa/Dakar +right/Africa/Dar_es_Salaam +right/Africa/Djibouti +right/Africa/Douala +right/Africa/El_Aaiun +right/Africa/Freetown +right/Africa/Gaborone +right/Africa/Harare +right/Africa/Johannesburg +right/Africa/Juba +right/Africa/Kampala +right/Africa/Khartoum +right/Africa/Kigali +right/Africa/Kinshasa +right/Africa/Lagos +right/Africa/Libreville +right/Africa/Lome +right/Africa/Luanda +right/Africa/Lubumbashi +right/Africa/Lusaka +right/Africa/Malabo +right/Africa/Maputo +right/Africa/Maseru +right/Africa/Mbabane +right/Africa/Mogadishu +right/Africa/Monrovia +right/Africa/Nairobi +right/Africa/Ndjamena +right/Africa/Niamey +right/Africa/Nouakchott +right/Africa/Ouagadougou +right/Africa/Porto-Novo +right/Africa/Sao_Tome +right/Africa/Timbuktu +right/Africa/Tripoli +right/Africa/Tunis +right/Africa/Windhoek +right/America/Adak +right/America/Anchorage +right/America/Anguilla +right/America/Antigua +right/America/Araguaina +right/America/Argentina/Buenos_Aires +right/America/Argentina/Catamarca +right/America/Argentina/ComodRivadavia +right/America/Argentina/Cordoba +right/America/Argentina/Jujuy +right/America/Argentina/La_Rioja +right/America/Argentina/Mendoza +right/America/Argentina/Rio_Gallegos +right/America/Argentina/Salta +right/America/Argentina/San_Juan +right/America/Argentina/San_Luis +right/America/Argentina/Tucuman +right/America/Argentina/Ushuaia +right/America/Aruba +right/America/Asuncion +right/America/Atikokan +right/America/Atka +right/America/Bahia +right/America/Bahia_Banderas +right/America/Barbados +right/America/Belem +right/America/Belize +right/America/Blanc-Sablon +right/America/Boa_Vista +right/America/Bogota +right/America/Boise +right/America/Buenos_Aires +right/America/Cambridge_Bay +right/America/Campo_Grande +right/America/Cancun +right/America/Caracas +right/America/Catamarca +right/America/Cayenne +right/America/Cayman +right/America/Chicago +right/America/Chihuahua +right/America/Coral_Harbour +right/America/Cordoba +right/America/Costa_Rica +right/America/Creston +right/America/Cuiaba +right/America/Curacao +right/America/Danmarkshavn +right/America/Dawson +right/America/Dawson_Creek +right/America/Denver +right/America/Detroit +right/America/Dominica +right/America/Edmonton +right/America/Eirunepe +right/America/El_Salvador +right/America/Ensenada +right/America/Fort_Wayne +right/America/Fortaleza +right/America/Glace_Bay +right/America/Godthab +right/America/Goose_Bay +right/America/Grand_Turk +right/America/Grenada +right/America/Guadeloupe +right/America/Guatemala +right/America/Guayaquil +right/America/Guyana +right/America/Halifax +right/America/Havana +right/America/Hermosillo +right/America/Indiana/Indianapolis +right/America/Indiana/Knox +right/America/Indiana/Marengo +right/America/Indiana/Petersburg +right/America/Indiana/Tell_City +right/America/Indiana/Vevay +right/America/Indiana/Vincennes +right/America/Indiana/Winamac +right/America/Indianapolis +right/America/Inuvik +right/America/Iqaluit +right/America/Jamaica +right/America/Jujuy +right/America/Juneau +right/America/Kentucky/Louisville +right/America/Kentucky/Monticello +right/America/Knox_IN +right/America/Kralendijk +right/America/La_Paz +right/America/Lima +right/America/Los_Angeles +right/America/Louisville +right/America/Lower_Princes +right/America/Maceio +right/America/Managua +right/America/Manaus +right/America/Marigot +right/America/Martinique +right/America/Matamoros +right/America/Mazatlan +right/America/Mendoza +right/America/Menominee +right/America/Merida +right/America/Metlakatla +right/America/Mexico_City +right/America/Miquelon +right/America/Moncton +right/America/Monterrey +right/America/Montevideo +right/America/Montreal +right/America/Montserrat +right/America/Nassau +right/America/New_York +right/America/Nipigon +right/America/Nome +right/America/Noronha +right/America/North_Dakota/Beulah +right/America/North_Dakota/Center +right/America/North_Dakota/New_Salem +right/America/Ojinaga +right/America/Panama +right/America/Pangnirtung +right/America/Paramaribo +right/America/Phoenix +right/America/Port-au-Prince +right/America/Port_of_Spain +right/America/Porto_Acre +right/America/Porto_Velho +right/America/Puerto_Rico +right/America/Rainy_River +right/America/Rankin_Inlet +right/America/Recife +right/America/Regina +right/America/Resolute +right/America/Rio_Branco +right/America/Rosario +right/America/Santa_Isabel +right/America/Santarem +right/America/Santiago +right/America/Santo_Domingo +right/America/Sao_Paulo +right/America/Scoresbysund +right/America/Shiprock +right/America/Sitka +right/America/St_Barthelemy +right/America/St_Johns +right/America/St_Kitts +right/America/St_Lucia +right/America/St_Thomas +right/America/St_Vincent +right/America/Swift_Current +right/America/Tegucigalpa +right/America/Thule +right/America/Thunder_Bay +right/America/Tijuana +right/America/Toronto +right/America/Tortola +right/America/Vancouver +right/America/Virgin +right/America/Whitehorse +right/America/Winnipeg +right/America/Yakutat +right/America/Yellowknife +right/Antarctica/Casey +right/Antarctica/Davis +right/Antarctica/DumontDUrville +right/Antarctica/Macquarie +right/Antarctica/Mawson +right/Antarctica/McMurdo +right/Antarctica/Palmer +right/Antarctica/Rothera +right/Antarctica/South_Pole +right/Antarctica/Syowa +right/Antarctica/Troll +right/Antarctica/Vostok +right/Arctic/Longyearbyen +right/Asia/Aden +right/Asia/Almaty +right/Asia/Amman +right/Asia/Anadyr +right/Asia/Aqtau +right/Asia/Aqtobe +right/Asia/Ashgabat +right/Asia/Ashkhabad +right/Asia/Baghdad +right/Asia/Bahrain +right/Asia/Baku +right/Asia/Bangkok +right/Asia/Beirut +right/Asia/Bishkek +right/Asia/Brunei +right/Asia/Calcutta +right/Asia/Chita +right/Asia/Choibalsan +right/Asia/Chongqing +right/Asia/Chungking +right/Asia/Colombo +right/Asia/Dacca +right/Asia/Damascus +right/Asia/Dhaka +right/Asia/Dili +right/Asia/Dubai +right/Asia/Dushanbe +right/Asia/Gaza +right/Asia/Harbin +right/Asia/Hebron +right/Asia/Ho_Chi_Minh +right/Asia/Hong_Kong +right/Asia/Hovd +right/Asia/Irkutsk +right/Asia/Istanbul +right/Asia/Jakarta +right/Asia/Jayapura +right/Asia/Jerusalem +right/Asia/Kabul +right/Asia/Kamchatka +right/Asia/Karachi +right/Asia/Kashgar +right/Asia/Kathmandu +right/Asia/Katmandu +right/Asia/Khandyga +right/Asia/Kolkata +right/Asia/Krasnoyarsk +right/Asia/Kuala_Lumpur +right/Asia/Kuching +right/Asia/Kuwait +right/Asia/Macao +right/Asia/Macau +right/Asia/Magadan +right/Asia/Makassar +right/Asia/Manila +right/Asia/Muscat +right/Asia/Nicosia +right/Asia/Novokuznetsk +right/Asia/Novosibirsk +right/Asia/Omsk +right/Asia/Oral +right/Asia/Phnom_Penh +right/Asia/Pontianak +right/Asia/Pyongyang +right/Asia/Qatar +right/Asia/Qyzylorda +right/Asia/Rangoon +right/Asia/Riyadh +right/Asia/Saigon +right/Asia/Sakhalin +right/Asia/Samarkand +right/Asia/Seoul +right/Asia/Shanghai +right/Asia/Singapore +right/Asia/Srednekolymsk +right/Asia/Taipei +right/Asia/Tashkent +right/Asia/Tbilisi +right/Asia/Tehran +right/Asia/Tel_Aviv +right/Asia/Thimbu +right/Asia/Thimphu +right/Asia/Tokyo +right/Asia/Ujung_Pandang +right/Asia/Ulaanbaatar +right/Asia/Ulan_Bator +right/Asia/Urumqi +right/Asia/Ust-Nera +right/Asia/Vientiane +right/Asia/Vladivostok +right/Asia/Yakutsk +right/Asia/Yekaterinburg +right/Asia/Yerevan +right/Atlantic/Azores +right/Atlantic/Bermuda +right/Atlantic/Canary +right/Atlantic/Cape_Verde +right/Atlantic/Faeroe +right/Atlantic/Faroe +right/Atlantic/Jan_Mayen +right/Atlantic/Madeira +right/Atlantic/Reykjavik +right/Atlantic/South_Georgia +right/Atlantic/St_Helena +right/Atlantic/Stanley +right/Australia/ACT +right/Australia/Adelaide +right/Australia/Brisbane +right/Australia/Broken_Hill +right/Australia/Canberra +right/Australia/Currie +right/Australia/Darwin +right/Australia/Eucla +right/Australia/Hobart +right/Australia/LHI +right/Australia/Lindeman +right/Australia/Lord_Howe +right/Australia/Melbourne +right/Australia/NSW +right/Australia/North +right/Australia/Perth +right/Australia/Queensland +right/Australia/South +right/Australia/Sydney +right/Australia/Tasmania +right/Australia/Victoria +right/Australia/West +right/Australia/Yancowinna +right/Brazil/Acre +right/Brazil/DeNoronha +right/Brazil/East +right/Brazil/West +right/CET +right/CST6CDT +right/Canada/Atlantic +right/Canada/Central +right/Canada/East-Saskatchewan +right/Canada/Eastern +right/Canada/Mountain +right/Canada/Newfoundland +right/Canada/Pacific +right/Canada/Saskatchewan +right/Canada/Yukon +right/Chile/Continental +right/Chile/EasterIsland +right/Cuba +right/EET +right/EST +right/EST5EDT +right/Egypt +right/Eire +right/Etc/GMT +right/Etc/GMT+0 +right/Etc/GMT+1 +right/Etc/GMT+10 +right/Etc/GMT+11 +right/Etc/GMT+12 +right/Etc/GMT+2 +right/Etc/GMT+3 +right/Etc/GMT+4 +right/Etc/GMT+5 +right/Etc/GMT+6 +right/Etc/GMT+7 +right/Etc/GMT+8 +right/Etc/GMT+9 +right/Etc/GMT-0 +right/Etc/GMT-1 +right/Etc/GMT-10 +right/Etc/GMT-11 +right/Etc/GMT-12 +right/Etc/GMT-13 +right/Etc/GMT-14 +right/Etc/GMT-2 +right/Etc/GMT-3 +right/Etc/GMT-4 +right/Etc/GMT-5 +right/Etc/GMT-6 +right/Etc/GMT-7 +right/Etc/GMT-8 +right/Etc/GMT-9 +right/Etc/GMT0 +right/Etc/Greenwich +right/Etc/UCT +right/Etc/UTC +right/Etc/Universal +right/Etc/Zulu +right/Europe/Amsterdam +right/Europe/Andorra +right/Europe/Athens +right/Europe/Belfast +right/Europe/Belgrade +right/Europe/Berlin +right/Europe/Bratislava +right/Europe/Brussels +right/Europe/Bucharest +right/Europe/Budapest +right/Europe/Busingen +right/Europe/Chisinau +right/Europe/Copenhagen +right/Europe/Dublin +right/Europe/Gibraltar +right/Europe/Guernsey +right/Europe/Helsinki +right/Europe/Isle_of_Man +right/Europe/Istanbul +right/Europe/Jersey +right/Europe/Kaliningrad +right/Europe/Kiev +right/Europe/Lisbon +right/Europe/Ljubljana +right/Europe/London +right/Europe/Luxembourg +right/Europe/Madrid +right/Europe/Malta +right/Europe/Mariehamn +right/Europe/Minsk +right/Europe/Monaco +right/Europe/Moscow +right/Europe/Nicosia +right/Europe/Oslo +right/Europe/Paris +right/Europe/Podgorica +right/Europe/Prague +right/Europe/Riga +right/Europe/Rome +right/Europe/Samara +right/Europe/San_Marino +right/Europe/Sarajevo +right/Europe/Simferopol +right/Europe/Skopje +right/Europe/Sofia +right/Europe/Stockholm +right/Europe/Tallinn +right/Europe/Tirane +right/Europe/Tiraspol +right/Europe/Uzhgorod +right/Europe/Vaduz +right/Europe/Vatican +right/Europe/Vienna +right/Europe/Vilnius +right/Europe/Volgograd +right/Europe/Warsaw +right/Europe/Zagreb +right/Europe/Zaporozhye +right/Europe/Zurich +right/Factory +right/GB +right/GB-Eire +right/GMT +right/GMT+0 +right/GMT-0 +right/GMT0 +right/Greenwich +right/HST +right/Hongkong +right/Iceland +right/Indian/Antananarivo +right/Indian/Chagos +right/Indian/Christmas +right/Indian/Cocos +right/Indian/Comoro +right/Indian/Kerguelen +right/Indian/Mahe +right/Indian/Maldives +right/Indian/Mauritius +right/Indian/Mayotte +right/Indian/Reunion +right/Iran +right/Israel +right/Jamaica +right/Japan +right/Kwajalein +right/Libya +right/MET +right/MST +right/MST7MDT +right/Mexico/BajaNorte +right/Mexico/BajaSur +right/Mexico/General +right/NZ +right/NZ-CHAT +right/Navajo +right/PRC +right/PST8PDT +right/Pacific/Apia +right/Pacific/Auckland +right/Pacific/Bougainville +right/Pacific/Chatham +right/Pacific/Chuuk +right/Pacific/Easter +right/Pacific/Efate +right/Pacific/Enderbury +right/Pacific/Fakaofo +right/Pacific/Fiji +right/Pacific/Funafuti +right/Pacific/Galapagos +right/Pacific/Gambier +right/Pacific/Guadalcanal +right/Pacific/Guam +right/Pacific/Honolulu +right/Pacific/Johnston +right/Pacific/Kiritimati +right/Pacific/Kosrae +right/Pacific/Kwajalein +right/Pacific/Majuro +right/Pacific/Marquesas +right/Pacific/Midway +right/Pacific/Nauru +right/Pacific/Niue +right/Pacific/Norfolk +right/Pacific/Noumea +right/Pacific/Pago_Pago +right/Pacific/Palau +right/Pacific/Pitcairn +right/Pacific/Pohnpei +right/Pacific/Ponape +right/Pacific/Port_Moresby +right/Pacific/Rarotonga +right/Pacific/Saipan +right/Pacific/Samoa +right/Pacific/Tahiti +right/Pacific/Tarawa +right/Pacific/Tongatapu +right/Pacific/Truk +right/Pacific/Wake +right/Pacific/Wallis +right/Pacific/Yap +right/Poland +right/Portugal +right/ROC +right/ROK +right/Singapore +right/Turkey +right/UCT +right/US/Alaska +right/US/Aleutian +right/US/Arizona +right/US/Central +right/US/East-Indiana +right/US/Eastern +right/US/Hawaii +right/US/Indiana-Starke +right/US/Michigan +right/US/Mountain +right/US/Pacific +right/US/Pacific-New +right/US/Samoa +right/UTC +right/Universal +right/W-SU +right/WET +right/Zulu + +Type it at the prompt below exactly as it appears above. (NOTE: If you don't +see your timezone, use "timeconfig" again after booting for the verbose list) + +EOF + echo -n "Timezone? " + read TIMEZONE; + echo + + if [ -r $T_PX/usr/share/zoneinfo/$TIMEZONE -o \ + -r /var/log/mount/usr/share/zoneinfo/$TIMEZONE -o \ + -L $T_PX/usr/share/zoneinfo/$TIMEZONE -o \ + -L /var/log/mount/usr/share/zoneinfo/$TIMEZONE ]; then + echo "Creating link from $TIMEZONE to localtime in /etc..." + echo + setzone $TIMEZONE + exit + else + cat << EOF + +Timezone $TIMEZONE could not be found. You may try again if you wish. +Make sure you type the name exactly as it appears - this configuration script +is case sensitive. + +Press [enter] to continue. + +EOF + read JUNK; + fi + done +fi + diff --git a/patches/source/gnupg/gnupg.SlackBuild b/patches/source/gnupg/gnupg.SlackBuild new file mode 100755 index 00000000..5455a969 --- /dev/null +++ b/patches/source/gnupg/gnupg.SlackBuild @@ -0,0 +1,114 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2015 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=gnupg +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-gnupg + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +rm -rf $PKG +mkdir -p $PKG $PKG + +cd $TMP +rm -rf gnupg-$VERSION +tar xvf $CWD/gnupg-$VERSION.tar.?z* || exit 1 +cd gnupg-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +rm -f $PKG/usr/info/dir +gzip -9 $PKG/usr/info/* + +gzip -9 $PKG/usr/man/*/* + +mkdir -p $PKG/usr/doc/gnupg-$VERSION +cp -a \ + ABOUT-NLS AUTHORS BUGS COPYING INSTALL NEWS PROJECTS README THANKS TODO VERSION \ + $PKG/usr/doc/gnupg-$VERSION +( cd $PKG/usr/doc/gnupg-$VERSION + ln -sf /usr/share/gnupg/FAQ . + ln -sf /usr/share/gnupg/faq.html . ) + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +# Add slack-desc files: +mkdir -p $PKG/install +cat $CWD/slack-desc.gnupg > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/gnupg-$VERSION-$ARCH-$BUILD.txz + +# Clean up the extra stuff: +if [ "$1" = "--cleanup" ]; then + rm -rf $TMP/gnupg-$VERSION + rm -rf $PKG +fi diff --git a/patches/source/gnupg/slack-desc.gnupg b/patches/source/gnupg/slack-desc.gnupg new file mode 100644 index 00000000..496005e9 --- /dev/null +++ b/patches/source/gnupg/slack-desc.gnupg @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +gnupg: gnupg (The GNU Privacy Guard) +gnupg: +gnupg: GnuPG is GNU's tool for secure communication and data storage. It can +gnupg: be used to encrypt data and to create digital signatures. It includes +gnupg: an advanced key management facility and is compliant with the proposed +gnupg: OpenPGP Internet standard as described in RFC2440. +gnupg: +gnupg: +gnupg: +gnupg: +gnupg: diff --git a/patches/source/gnupg2/gnupg-2.0.14-encode-s2k.patch b/patches/source/gnupg2/gnupg-2.0.14-encode-s2k.patch new file mode 100644 index 00000000..26c798ee --- /dev/null +++ b/patches/source/gnupg2/gnupg-2.0.14-encode-s2k.patch @@ -0,0 +1,65 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 +NotDashEscaped: You need GnuPG to verify this message + +#! /bin/sh +patch -p0 -f $* < $0 +exit $? + +agent/ +2010-01-26 Werner Koch <wk@g10code.com> + + * protect.c (do_encryption): Encode the s2kcount and do not use a + static value of 96. + +--- agent/protect.c (revision 5231) ++++ agent/protect.c (working copy) +@@ -360,19 +360,25 @@ + + in canoncical format of course. We use asprintf and %n modifier + and dummy values as placeholders. */ +- p = xtryasprintf +- ("(9:protected%d:%s((4:sha18:%n_8bytes_2:96)%d:%n%*s)%d:%n%*s)", +- (int)strlen (modestr), modestr, +- &saltpos, +- blklen, &ivpos, blklen, "", +- enclen, &encpos, enclen, ""); +- if (!p) +- { +- gpg_error_t tmperr = out_of_core (); +- xfree (iv); +- xfree (outbuf); +- return tmperr; +- } ++ { ++ char countbuf[35]; ++ ++ snprintf (countbuf, sizeof countbuf, "%lu", get_standard_s2k_count ()); ++ p = xtryasprintf ++ ("(9:protected%d:%s((4:sha18:%n_8bytes_%u:%s)%d:%n%*s)%d:%n%*s)", ++ (int)strlen (modestr), modestr, ++ &saltpos, ++ (unsigned int)strlen (countbuf), countbuf, ++ blklen, &ivpos, blklen, "", ++ enclen, &encpos, enclen, ""); ++ if (!p) ++ { ++ gpg_error_t tmperr = out_of_core (); ++ xfree (iv); ++ xfree (outbuf); ++ return tmperr; ++ } ++ } + *resultlen = strlen (p); + *result = (unsigned char*)p; + memcpy (p+saltpos, iv+2*blklen, 8); + +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.1.0-svn5201 (GNU/Linux) + +iJwEAQECAAYFAktmpLoACgkQU7Yg0BzgxjCj5wQAyZjQbZM77wdcXIgPgeLsG99W +esWR89/5VM34dY5tOG+McCAiA4/0hl6CYUkkK/394wcfUXbvbZYARPjJg5wMoZsG +VufEL+Uz+eLgkejYPVakOWzK00i7MHqDSjttOqHg0d8wSiy3LKk6CN6N19uPqxbI +/1Io5f3gcroLGfEZlN0= +=oP/V +-----END PGP SIGNATURE----- diff --git a/patches/source/gnupg2/gnupg2.CVE-2010-2547.diff b/patches/source/gnupg2/gnupg2.CVE-2010-2547.diff new file mode 100644 index 00000000..14c2de7e --- /dev/null +++ b/patches/source/gnupg2/gnupg2.CVE-2010-2547.diff @@ -0,0 +1,10 @@ +--- ./kbx/keybox-blob.c.orig 2009-09-21 11:53:44.000000000 -0500 ++++ ./kbx/keybox-blob.c 2010-08-18 20:10:19.000000000 -0500 +@@ -898,6 +898,7 @@ + rc = gpg_error_from_syserror (); + goto leave; + } ++ names = tmp; + } + names[blob->nuids++] = p; + if (!i && (p=x509_email_kludge (p))) diff --git a/patches/source/gnupg2/gnupg2.SlackBuild b/patches/source/gnupg2/gnupg2.SlackBuild new file mode 100755 index 00000000..2ea55d5c --- /dev/null +++ b/patches/source/gnupg2/gnupg2.SlackBuild @@ -0,0 +1,154 @@ +#!/bin/sh + +# Copyright 2006-2010 Robby Workman, Northport, AL, USA +# Copyright 2007-2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SCRIPT IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SCRIPT, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=gnupg2 +VERSION=${VERSION:-$(echo gnupg-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-3_slack13.1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-gnupg + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf gnupg-$VERSION +tar xvf $CWD/gnupg-$VERSION.tar.?z* || exit 1 +cd gnupg-$VERSION + +zcat $CWD/gnupg-2.0.14-encode-s2k.patch.gz | patch -p0 --verbose || exit 1 +zcat $CWD/gnupg2.CVE-2010-2547.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --docdir=/usr/doc/gnupg2-$VERSION \ + --program-prefix="" \ + --program-suffix="" \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Create directory for global gpg.conf: +mkdir -p $PKG/etc/gnupg + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +( cd $PKG/usr/man + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done +) + +rm -f $PKG/usr/info/dir +gzip -9 $PKG/usr/info/* + +mkdir -p $PKG/usr/doc/gnupg2-$VERSION +cp -a \ + ABOUT-NLS AUTHORS COPYING* INSTALL NEWS README* THANKS TODO VERSION \ + $PKG/usr/doc/gnupg2-$VERSION +# Build html docs +( cd doc + make gnupg.html + mv gnupg.html $PKG/usr/doc/gnupg2-$VERSION/html +) +# Fix some filenames in the html directory +( cd $PKG/usr/doc/gnupg2-$VERSION/html +mv how_002dto_002dspecify_002da_002duser_002did.html howto_specify_user_id.html +mv GnuPG_002d1-and-GnuPG_002d2.html GnuPG_1-and-GnuPG_2.html +mv gpg_002dpreset_002dpassphrase.html gpg_preset_passphrase.html +mv gpgsm_002dgencert_002esh.html gpgsm_gencert_sh.html +mv Invoking-gpg_002dpreset_002dpassphrase.html Invoking-gpg_preset_passphrase.html +mv Invoking-gpg_002dconnect_002dagent.html Invoking-gpg_connect_agent.html +mv gpg_002dconnect_002dagent.html gpg_connect_agent.html +mv Agent-GET_005fCONFIRMATION.html Agent-GET_CONFIRMATION.html +mv option-_002d_002denable_002dssh_002dsupport.html option-enable_ssh_support.html +mv option-_002d_002doptions.html option-options.html +mv Invoking-GPG_002dAGENT.html Invoking-GPG_AGENT.html +mv gpg_002dzip.html gpg_zip.html +mv option-_002d_002dp12_002dcharset.html option-p12_charset.html +mv option-_002d_002dallow_002dmark_002dtrusted.html option-allow_mark_trusted.html +mv Controlling-gpg_002dconnect_002dagent.html Controlling-gpg_connect_agent.html +mv Agent-GET_005fPASSPHRASE.html Agent-GET_PASSPHRASE.html +mv option-_002d_002dhomedir.html option-homedir.html +mv PKCS_002315-Card.html PKCS-15-Card.html +mv option-_002d_002dexport_002downertrust.html option-export_ownertrust.html +) +# Move html doc to the proper location +mv $PKG/usr/doc/gnupg2-$VERSION/faq.html $PKG/usr/doc/gnupg2-$VERSION/html/ + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/gnupg2/slack-desc b/patches/source/gnupg2/slack-desc new file mode 100644 index 00000000..c64d7fb6 --- /dev/null +++ b/patches/source/gnupg2/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +gnupg2: GnuPG2 (The GNU Privacy Guard version 2.x) +gnupg2: +gnupg2: GnuPG is GNU's tool for secure communication and data storage. It can +gnupg2: be used to encrypt data and to create digital signatures. It includes +gnupg2: an advanced key management facility and is compliant with the proposed +gnupg2: OpenPGP Internet standard as described in RFC2440 and the S/MIME +gnupg2: standard as described by several RFCs. +gnupg2: +gnupg2: GnuPG 2.0 is the stable version of GnuPG integrating support for +gnupg2: OpenPGP and S/MIME. It does not conflict with an installed 1.4.x +gnupg2: OpenPGP-only version. diff --git a/patches/source/gnutls/gnutls-2.8.6_CVE-2009-3555.diff b/patches/source/gnutls/gnutls-2.8.6_CVE-2009-3555.diff new file mode 100644 index 00000000..6fe44f26 --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.6_CVE-2009-3555.diff @@ -0,0 +1,7376 @@ +From b5063f2621d7d1c032259f921f9944e63b1e24eb Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Sun, 29 Sep 2013 +Subject: CVE-2009-3555 [GNUTLS-SA-2009-5] + +Adds safe renegotiation patch from Steve Dispensa, modified by GnuTLS +to conform with project style guidelines, error checking, and RFC 5746. + +This is a backport adaptation for use with GnuTLS 2.8.6. + +For background, read Marsh Ray & Steve Dispensa's 2009 paper: +http://ww1.prweb.com/prfiles/2009/11/05/104435/RenegotiatingTLS.pdf + +Relevant upstream commits: +-------------------------- +https://gitorious.org/gnutls/gnutls/commit/03249cd537c0b5 +https://gitorious.org/gnutls/gnutls/commit/1344b312402d3b +https://gitorious.org/gnutls/gnutls/commit/15090a5f52a5f5 +https://gitorious.org/gnutls/gnutls/commit/17e65babe44763 +https://gitorious.org/gnutls/gnutls/commit/1875dca5e0f6d7 +https://gitorious.org/gnutls/gnutls/commit/1a338cbaaeec11 +https://gitorious.org/gnutls/gnutls/commit/1ac2d2d55d8411 +https://gitorious.org/gnutls/gnutls/commit/1ced4c4d68cf33 +https://gitorious.org/gnutls/gnutls/commit/1d6766cda39a57 +https://gitorious.org/gnutls/gnutls/commit/1e42526790e54d +https://gitorious.org/gnutls/gnutls/commit/22553a5d48bcf0 +https://gitorious.org/gnutls/gnutls/commit/250e4ddf478910 +https://gitorious.org/gnutls/gnutls/commit/2d303d2076f53a +https://gitorious.org/gnutls/gnutls/commit/30748a9bcbfb76 +https://gitorious.org/gnutls/gnutls/commit/36693266659a6d +https://gitorious.org/gnutls/gnutls/commit/3deda2c2f0c2ac +https://gitorious.org/gnutls/gnutls/commit/3ee73d04c2a503 +https://gitorious.org/gnutls/gnutls/commit/4ceabba9547dc3 +https://gitorious.org/gnutls/gnutls/commit/4e5d5518c6cb58 +https://gitorious.org/gnutls/gnutls/commit/4f31d28f160a59 +https://gitorious.org/gnutls/gnutls/commit/530fa2957535be +https://gitorious.org/gnutls/gnutls/commit/555ddcdcf363ca +https://gitorious.org/gnutls/gnutls/commit/58604f748d324c +https://gitorious.org/gnutls/gnutls/commit/5cf6a95171b1a8 +https://gitorious.org/gnutls/gnutls/commit/5dfa0b28334e36 +https://gitorious.org/gnutls/gnutls/commit/5fc3704e32462f +https://gitorious.org/gnutls/gnutls/commit/62e03fb4b0f307 +https://gitorious.org/gnutls/gnutls/commit/705aa8cd3da09a +https://gitorious.org/gnutls/gnutls/commit/78149b946d3cff +https://gitorious.org/gnutls/gnutls/commit/783bfc6415ca0a +https://gitorious.org/gnutls/gnutls/commit/7b6ae740e8e8a4 +https://gitorious.org/gnutls/gnutls/commit/87ff666e310cfa +https://gitorious.org/gnutls/gnutls/commit/8cb3fee16deb3f +https://gitorious.org/gnutls/gnutls/commit/987076c0b8fce9 +https://gitorious.org/gnutls/gnutls/commit/a23f37448755d8 +https://gitorious.org/gnutls/gnutls/commit/a4d4458cf2ec08 +https://gitorious.org/gnutls/gnutls/commit/ae2540986ed382 +https://gitorious.org/gnutls/gnutls/commit/bbc7b93c9e1720 +https://gitorious.org/gnutls/gnutls/commit/bef37bc1f17c83 +https://gitorious.org/gnutls/gnutls/commit/bfe6ede9843c0c +https://gitorious.org/gnutls/gnutls/commit/c1953c310b347b +https://gitorious.org/gnutls/gnutls/commit/caab2fd62fdd32 +https://gitorious.org/gnutls/gnutls/commit/ce53777e3ad877 +https://gitorious.org/gnutls/gnutls/commit/d20cd80b62148c +https://gitorious.org/gnutls/gnutls/commit/dc468cee92c5ae +https://gitorious.org/gnutls/gnutls/commit/de9bc9b3dc1ec0 +https://gitorious.org/gnutls/gnutls/commit/dea2ff7150f00f +https://gitorious.org/gnutls/gnutls/commit/df861cb8ae9728 +https://gitorious.org/gnutls/gnutls/commit/e543db08dc98d4 +https://gitorious.org/gnutls/gnutls/commit/ed8a5c018ea46d +https://gitorious.org/gnutls/gnutls/commit/f623b9904535b8 +https://gitorious.org/gnutls/gnutls/commit/d4ea78c390dff6 +https://gitorious.org/gnutls/gnutls/commit/b2fca85c8fe5db +https://gitorious.org/gnutls/gnutls/commit/100563a343b9e3 +https://gitorious.org/gnutls/gnutls/commit/67ff3f2cedabcf +https://gitorious.org/gnutls/gnutls/commit/8a39da8c8eba54 +https://gitorious.org/gnutls/gnutls/commit/dc5a475674af59 + +--- + AUTHORS | 3 + NEWS | 17 + configure | 3 + configure.ac | 1 + doc/gnutls-api.texi | 14 + doc/gnutls.texi | 94 + + doc/manpages/Makefile.in | 4 + doc/manpages/gnutls-cli.1 | 9 + doc/manpages/gnutls-serv.1 | 9 + doc/manpages/gnutls_priority_init.3 | 15 + doc/manpages/gnutls_safe_renegotiation_status.3 | 41 + lib/Makefile.am | 4 + lib/Makefile.in | 7 + lib/ext_safe_renegotiation.c | 139 ++ + lib/ext_safe_renegotiation.h | 33 + lib/gnutls_alert.c | 6 + lib/gnutls_algorithms.c | 7 + lib/gnutls_algorithms.h | 3 + lib/gnutls_constate.c | 15 + lib/gnutls_errors.c | 6 + lib/gnutls_extensions.c | 20 + lib/gnutls_extensions.h | 4 + lib/gnutls_handshake.c | 391 +++++-- + lib/gnutls_int.h | 39 + lib/gnutls_priority.c | 105 + + lib/gnutls_record.c | 12 + lib/gnutls_state.c | 6 + lib/includes/gnutls/gnutls.h.in | 10 + lib/libgnutls.map | 6 + src/cli-gaa.c | 19 + src/cli-gaa.h | 1 + src/cli.c | 25 + src/cli.gaa | 5 + src/serv.c | 59 - + src/tests.c | 513 ++------- + src/tests.h | 5 + src/tls_test.c | 11 + tests/Makefile.am | 2 + tests/Makefile.in | 4 + tests/resume.c | 22 + tests/safe-renegotiation/Makefile.am | 37 + tests/safe-renegotiation/Makefile.in | 1299 ++++++++++++++++++++++++ + tests/safe-renegotiation/README | 93 + + tests/safe-renegotiation/params.dh | 35 + tests/safe-renegotiation/srn0.c | 338 ++++++ + tests/safe-renegotiation/srn1.c | 341 ++++++ + tests/safe-renegotiation/srn2.c | 341 ++++++ + tests/safe-renegotiation/srn3.c | 264 ++++ + tests/safe-renegotiation/srn4.c | 263 ++++ + tests/safe-renegotiation/srn5.c | 337 ++++++ + tests/safe-renegotiation/srn6.c | 337 ++++++ + tests/safe-renegotiation/srn7.c | 336 ++++++ + tests/safe-renegotiation/testsrn | 103 + + tests/simple.c | 4 + 54 files changed, 5330 insertions(+), 487 deletions(-) + +--- a/AUTHORS 2009-06-02 ++++ b/AUTHORS 2013-09-26 +@@ -51,6 +51,9 @@ OpenPGP discussion and improvements. + David MarÃn Carreño <davefx@gmail.com> + Added gnutls_x509_crq_get_key_id. + ++Steve Dispensa <dispensa@phonefactor.com> ++TLS safe renegotiation fix. ++ + -----BEGIN PGP PUBLIC KEY BLOCK----- + URL: http://josefsson.org/key.txt (always latest version) + Comment: This 0xB565716F key is used to sign releases of GnuTLS. +--- a/configure.ac 2009-11-06 ++++ b/configure.ac 2013-09-26 +@@ -284,6 +284,7 @@ AC_CONFIG_FILES([ + tests/pkcs8-decode/Makefile + tests/rsa-md5-collision/Makefile + tests/sha2/Makefile ++ tests/safe-renegotiation/Makefile + tests/userid/Makefile + ]) + AC_OUTPUT +--- a/configure 2010-03-15 ++++ b/configure 2013-09-26 +@@ -28559,7 +28559,7 @@ subdirs="$subdirs libextra" + + ac_config_files="$ac_config_files guile/pre-inst-guile" + +-ac_config_files="$ac_config_files Makefile doc/Makefile doc/credentials/Makefile doc/credentials/openpgp/Makefile doc/credentials/srp/Makefile doc/credentials/x509/Makefile doc/cyclo/Makefile doc/doxygen/Doxyfile doc/examples/Makefile doc/manpages/Makefile doc/reference/Makefile doc/scripts/Makefile gl/Makefile gl/tests/Makefile guile/Makefile guile/modules/Makefile guile/src/Makefile guile/tests/Makefile src/Makefile src/cfg/Makefile src/cfg/platon/Makefile src/cfg/platon/str/Makefile tests/Makefile tests/key-id/Makefile tests/openpgp-certs/Makefile tests/pathlen/Makefile tests/pkcs1-padding/Makefile tests/pkcs12-decode/Makefile tests/pkcs8-decode/Makefile tests/rsa-md5-collision/Makefile tests/sha2/Makefile tests/userid/Makefile" ++ac_config_files="$ac_config_files Makefile doc/Makefile doc/credentials/Makefile doc/credentials/openpgp/Makefile doc/credentials/srp/Makefile doc/credentials/x509/Makefile doc/cyclo/Makefile doc/doxygen/Doxyfile doc/examples/Makefile doc/manpages/Makefile doc/reference/Makefile doc/scripts/Makefile gl/Makefile gl/tests/Makefile guile/Makefile guile/modules/Makefile guile/src/Makefile guile/tests/Makefile src/Makefile src/cfg/Makefile src/cfg/platon/Makefile src/cfg/platon/str/Makefile tests/Makefile tests/key-id/Makefile tests/openpgp-certs/Makefile tests/safe-renegotiation/Makefile tests/pathlen/Makefile tests/pkcs1-padding/Makefile tests/pkcs12-decode/Makefile tests/pkcs8-decode/Makefile tests/rsa-md5-collision/Makefile tests/sha2/Makefile tests/userid/Makefile" + + cat >confcache <<\_ACEOF + # This file is a shell script that caches the results of configure +@@ -29782,6 +29782,7 @@ do + "tests/Makefile") CONFIG_FILES="$CONFIG_FILES tests/Makefile" ;; + "tests/key-id/Makefile") CONFIG_FILES="$CONFIG_FILES tests/key-id/Makefile" ;; + "tests/openpgp-certs/Makefile") CONFIG_FILES="$CONFIG_FILES tests/openpgp-certs/Makefile" ;; ++ "tests/safe-renegotiation/Makefile") CONFIG_FILES="$CONFIG_FILES tests/safe-renegotiation/Makefile" ;; + "tests/pathlen/Makefile") CONFIG_FILES="$CONFIG_FILES tests/pathlen/Makefile" ;; + "tests/pkcs1-padding/Makefile") CONFIG_FILES="$CONFIG_FILES tests/pkcs1-padding/Makefile" ;; + "tests/pkcs12-decode/Makefile") CONFIG_FILES="$CONFIG_FILES tests/pkcs12-decode/Makefile" ;; +--- a/doc/gnutls-api.texi 2010-03-15 ++++ b/doc/gnutls-api.texi 2013-09-26 +@@ -3307,6 +3307,20 @@ This function will initialize the tempor + @strong{Returns:} @code{GNUTLS_E_SUCCESS} on success, or an negative error code. + @end deftypefun + ++@subheading gnutls_safe_renegotiation_status ++@anchor{gnutls_safe_renegotiation_status} ++@deftypefun {int} {gnutls_safe_renegotiation_status} (gnutls_session_t @var{session}) ++@var{session}: is a @code{gnutls_session_t} structure. ++ ++Can be used to check whether safe renegotiation is being used ++in the current session. ++ ++@strong{Returns:} 0 when safe renegotiation is not used and non zero when ++safe renegotiation is used. ++ ++@strong{Since:} 2.10.0 ++@end deftypefun ++ + @subheading gnutls_server_name_get + @anchor{gnutls_server_name_get} + @deftypefun {int} {gnutls_server_name_get} (gnutls_session_t @var{session}, void * @var{data}, size_t * @var{data_length}, unsigned int * @var{type}, unsigned int @var{indx}) +--- a/doc/gnutls.texi 2009-06-02 ++++ b/doc/gnutls.texi 2013-09-26 +@@ -565,6 +565,7 @@ also supports @acronym{X.509} and @acron + * Selecting cryptographic key sizes:: + * On SSL 2 and older protocols:: + * On Record Padding:: ++* Safe Renegotiation:: + @end menu + + @node TLS layers +@@ -1202,6 +1203,94 @@ here are some links: + + @url{http://thread.gmane.org/gmane.ietf.tls/3079} + ++@node Safe Renegotiation ++@section Safe Renegotiation ++@cindex renegotiation ++ ++Some application protocols and implementations uses the TLS ++renegotiation feature in a manner that enables attackers to insert ++content of his choice in the beginning of a TLS session. ++ ++One easy to understand vulnerability is HTTPS when servers request ++client certificates optionally for certain parts of a web site. The ++attack works by having the attacker simulate a client and connect to a ++server, with server-only authentication, and send some data intended ++to cause harm. When the proper client attempts to contact the server, ++the attacker hijacks that connection and uses the TLS renegotiation ++feature with the server and splices in the client connection to the ++already established connection between the attacker and server. The ++attacker will not be able to read the data exchanged between the ++client and the server. However, the server will (incorrectly) assume ++that the data sent by the attacker was sent by the now authenticated ++client. The result is a prefix plain-text injection attack. ++ ++The above is just one example. Other vulnerabilities exists that do ++not rely on the TLS renegotiation to change the client's authenticated ++status (either TLS or application layer). ++ ++While fixing these application protocols and implementations would be ++one natural reaction, an extension to TLS has been designed that ++cryptographically binds together any renegotiated handshakes with the ++initial negotiation. When the extension is used, the attack is ++detected and the session can be terminated. The extension is ++specified in @xcite{RFC5746}. ++ ++GnuTLS supports the safe renegotiation extension. The default ++behavior is as follows. Clients will attempt to negotiate the safe ++renegotiation extension when talking to servers. Servers will accept ++the extension when presented by clients. Clients and servers will ++permit an initial handshake to complete even when the other side does ++not support the safe renegotiation extension. Clients and servers ++will refuse renegotiation attempts when the extension has not been ++negotiated. ++ ++Note that permitting clients to connect to servers even when the safe ++renegotiation extension is not negotiated open up for some attacks. ++Changing this default behaviour would prevent interoperability against ++the majority of deployed servers out there. We will reconsider this ++default behaviour in the future when more servers have been upgraded. ++Note that it is easy to configure clients to always require the safe ++renegotiation extension from servers (see below on the ++%SAFE_RENEGOTIATION priority string). ++ ++To modify the default behaviour, we have introduced some new priority ++strings. The priority strings can be used by applications ++(@pxref{gnutls_priority_set}) and end users (e.g., @code{--priority} ++parameter to @code{gnutls-cli} and @code{gnutls-serv}). ++ ++The @code{%UNSAFE_RENEGOTIATION} priority string permits ++(re-)handshakes even when the safe renegotiation extension was not ++negotiated. The default behavior is @code{%PARTIAL_RENEGOTIATION} that will ++prevent renegotiation with clients and servers not supporting the ++extension. This is secure for servers but leaves clients vulnerable ++to some attacks, but this is a tradeoff between security and compatibility ++with old servers. The @code{%SAFE_RENEGOTIATION} priority string makes ++clients and servers require the extension for every handshake. The latter ++is the most secure option for clients, at the cost of not being able ++to connect to legacy servers. Servers will also deny clients that ++do not support the extension from connecting. ++ ++It is possible to disable use of the extension completely, in both ++clients and servers, by using the @code{%DISABLE_SAFE_RENEGOTIATION} ++priority string however we strongly recommend you to only do this for ++debugging and test purposes. ++ ++The default values if the flags above are not specified are: ++@table @code ++ ++@item Server: ++%PARTIAL_RENEGOTIATION ++ ++@item Client: ++%PARTIAL_RENEGOTIATION ++ ++@end table ++ ++For applications we have introduced a new API related to safe ++renegotiation. The @ref{gnutls_safe_renegotiation_status} function is ++used to check if the extension has been negotiated on a session, and ++can be used both by clients and servers. ++ + @node Authentication methods + @chapter Authentication Methods + +@@ -4179,6 +4268,11 @@ Pasi Eronen and Hannes Tschofenig, "Pre- + TLS", December 2005, Available from + @url{http://www.ietf.org/rfc/rfc4279.txt}. + ++@item @anchor{RFC5746}[RFC5746] ++E. Rescorla, M. Ray, S. Dispensa, and N. Oskov, "Transport Layer ++Security (TLS) Renegotiation Indication Extension", February 2010, ++available from @url{http://www.ietf.org/rfc/rfc5746}. ++ + @item @anchor{TOMSRP}[TOMSRP] + Tom Wu, "The Stanford SRP Authentication Project", Available at + @url{http://srp.stanford.edu/}. +--- a/doc/manpages/gnutls-cli.1 2009-06-02 ++++ b/doc/manpages/gnutls-cli.1 2013-09-26 +@@ -75,6 +75,15 @@ Special keywords: + "%SSL3_RECORD_VERSION" force SSL3.0 record version in the first client + hello. This is to avoid buggy servers from terminating connection. + .IP ++"%UNSAFE_RENEGOTIATION" Permits (re-)handshakes even unsafe ones. ++.IP ++"%PARTIAL_RENEGOTIATION" Prevents renegotiation with clients and servers not ++supporting the safe renegotiation extension. (default) ++.IP ++"%SAFE_RENEGOTIATION" will enable safe renegotiation. This is the most ++secure and recommended option for clients. However this will prevent from ++connecting to legacy servers. ++.IP + To avoid collisions in order to specify a compression algorithm in + this string you have to prefix it with "COMP-", protocol versions + with "VERS-" and certificate types with "CTYPE-". All other +--- a/doc/manpages/gnutls-serv.1 2009-06-02 ++++ b/doc/manpages/gnutls-serv.1 2013-09-26 +@@ -75,6 +75,15 @@ Special keywords: + .IP + '%COMPAT' will enable compatibility features for a server. + .IP ++"%UNSAFE_RENEGOTIATION" Permits (re-)handshakes even unsafe ones. ++.IP ++"%PARTIAL_RENEGOTIATION" Prevents renegotiation with clients and servers not ++supporting the safe renegotiation extension. (default) ++.IP ++"%SAFE_RENEGOTIATION" will enable safe renegotiation. This is the most ++secure and recommended option for clients. However this will prevent from ++connecting to legacy servers. ++.IP + To avoid collisions in order to specify a compression algorithm in + this string you have to prefix it with "COMP-", protocol versions + with "VERS-" and certificate types with "CTYPE-". All other +--- a/doc/manpages/gnutls_priority_init.3 2010-03-15 ++++ b/doc/manpages/gnutls_priority_init.3 2013-09-26 +@@ -67,6 +67,21 @@ compression methods. + + "%COMPAT" will enable compatibility features for a server. + ++"%UNSAFE_RENEGOTIATION" will allow unsafe renegotiation (this is now ++the default for clients, but will change once more servers support the safe renegotiation ++TLS fix). ++ ++"%SAFE_RENEGOTIATION" will allow safe renegotiation only (this is the ++default for servers \- that will reject clients trying to perform an ++unsafe renegotiation). ++ ++"%INITIAL_SAFE_RENEGOTIATION" will force initial safe negotiation even if ++renegotiation wasn't requested. Only valid for server side and implies ++"%SAFE_RENEGOTIATION". ++ ++"%DISABLE_SAFE_RENEGOTIATION" will disable safe renegotiation completely. Do not use ++unless you know what you are doing. Testing purposes only. ++ + "%SSL3_RECORD_VERSION" will use SSL3.0 record version in client hello. + + "%VERIFY_ALLOW_SIGN_RSA_MD5" will allow RSA\-MD5 signatures in +--- /dev/null 2013-09-26 ++++ b/doc/manpages/gnutls_safe_renegotiation_status.3 2013-09-26 +@@ -0,0 +1,41 @@ ++.\" DO NOT MODIFY THIS FILE! It was generated by gdoc. ++.TH "gnutls_safe_renegotiation_status" 3 "2.9.11" "gnutls" "gnutls" ++.SH NAME ++gnutls_safe_renegotiation_status \- API function ++.SH SYNOPSIS ++.B #include <gnutls/gnutls.h> ++.sp ++.BI "int gnutls_safe_renegotiation_status(gnutls_session_t " session ");" ++.SH ARGUMENTS ++.IP "gnutls_session_t session" 12 ++is a \fBgnutls_session_t\fP structure. ++.SH "DESCRIPTION" ++Can be used to check whether safe renegotiation is being used ++in the current session. ++.SH "RETURNS" ++0 when safe renegotiation is not used and non zero when ++safe renegotiation is used. ++.SH "SINCE" ++2.10.0 ++.SH "REPORTING BUGS" ++Report bugs to <bug-gnutls@gnu.org>. ++GnuTLS home page: http://www.gnu.org/software/gnutls/ ++General help using GNU software: http://www.gnu.org/gethelp/ ++.SH COPYRIGHT ++Copyright \(co 2008 Free Software Foundation. ++.br ++Copying and distribution of this file, with or without modification, ++are permitted in any medium without royalty provided the copyright ++notice and this notice are preserved. ++.SH "SEE ALSO" ++The full documentation for ++.B gnutls ++is maintained as a Texinfo manual. If the ++.B info ++and ++.B gnutls ++programs are properly installed at your site, the command ++.IP ++.B info gnutls ++.PP ++should give you access to the complete manual. +--- a/doc/manpages/Makefile.in 2010-03-15 ++++ b/doc/manpages/Makefile.in 2013-09-26 +@@ -525,7 +525,6 @@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ + PACKAGE_NAME = @PACKAGE_NAME@ + PACKAGE_STRING = @PACKAGE_STRING@ + PACKAGE_TARNAME = @PACKAGE_TARNAME@ +-PACKAGE_URL = @PACKAGE_URL@ + PACKAGE_VERSION = @PACKAGE_VERSION@ + PATH_SEPARATOR = @PATH_SEPARATOR@ + PKG_CONFIG = @PKG_CONFIG@ +@@ -684,7 +683,8 @@ APIMANS = gnutls_crypto_single_cipher_re + gnutls_crypto_bigint_register2.3 gnutls_crypto_pk_register2.3 \ + gnutls_crypto_cipher_register2.3 gnutls_crypto_mac_register2.3 \ + gnutls_crypto_digest_register2.3 gnutls_oprfi_enable_client.3 \ +- gnutls_oprfi_enable_server.3 gnutls_server_name_get.3 \ ++ gnutls_oprfi_enable_server.3 \ ++ gnutls_safe_renegotiation_status.3 gnutls_server_name_get.3 \ + gnutls_server_name_set.3 gnutls_alert_get_name.3 \ + gnutls_alert_send.3 gnutls_error_to_alert.3 \ + gnutls_alert_send_appropriate.3 gnutls_alert_get.3 \ +--- /dev/null 2013-09-26 ++++ b/lib/ext_safe_renegotiation.c 2013-09-26 +@@ -0,0 +1,139 @@ ++/* ++ * Copyright (C) 2009 Free Software Foundation ++ * ++ * Author: Steve Dispensa (<dispensa@phonefactor.com>) ++ * ++ * This file is part of GNUTLS. ++ * ++ * The GNUTLS library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public License ++ * as published by the Free Software Foundation; either version 2.1 of ++ * the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, ++ * USA ++ * ++ */ ++ ++#include <gnutls_int.h> ++#include <ext_safe_renegotiation.h> ++#include <gnutls_errors.h> ++ ++int ++_gnutls_safe_renegotiation_recv_params (gnutls_session_t session, ++ const opaque * data, size_t _data_size) ++{ ++ tls_ext_st *ext = &session->security_parameters.extensions; ++ int len = data[0]; ++ ssize_t data_size = _data_size; ++ ++ DECR_LEN (data_size, len+1 /* count the first byte and payload */); ++ ++ if (session->internals.priorities.safe_renegotiation == SR_DISABLED) ++ { ++ gnutls_assert (); ++ return 0; ++ } ++ ++ /* It is not legal to receive this extension on a renegotiation and ++ * not receive it on the initial negotiation. ++ */ ++ if (session->internals.initial_negotiation_completed != 0 && ++ session->internals.connection_using_safe_renegotiation == 0) ++ { ++ gnutls_assert(); ++ return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; ++ } ++ ++ if (len > sizeof (ext->ri_extension_data)) ++ { ++ gnutls_assert(); ++ return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; ++ } ++ ++ if (len > 0) ++ memcpy (ext->ri_extension_data, &data[1], len); ++ ext->ri_extension_data_len = len; ++ ++ /* "safe renegotiation received" means on *this* handshake; "connection using ++ * safe renegotiation" means that the initial hello received on the connection ++ * indicated safe renegotiation. ++ */ ++ session->internals.safe_renegotiation_received = 1; ++ session->internals.connection_using_safe_renegotiation = 1; ++ ++ return 0; ++} ++ ++int ++_gnutls_safe_renegotiation_send_params (gnutls_session_t session, ++ opaque * data, size_t _data_size) ++{ ++ /* The format of this extension is a one-byte length of verify data followed ++ * by the verify data itself. Note that the length byte does not include ++ * itself; IOW, empty verify data is represented as a length of 0. That means ++ * the minimum extension is one byte: 0x00. ++ */ ++ ssize_t data_size = _data_size; ++ tls_ext_st *ext = &session->security_parameters.extensions; ++ ++ ++ if (session->internals.priorities.safe_renegotiation == SR_DISABLED) ++ { ++ gnutls_assert(); ++ return 0; ++ } ++ ++ data[0] = 0; ++ ++ /* Always offer the extension if we're a client */ ++ if (session->internals.connection_using_safe_renegotiation || ++ session->security_parameters.entity == GNUTLS_CLIENT) ++ { ++ DECR_LEN (data_size, 1); ++ data[0] = ext->client_verify_data_len; ++ ++ DECR_LEN (data_size, ext->client_verify_data_len); ++ ++ if (ext->client_verify_data_len > 0) ++ memcpy(&data[1], ++ ext->client_verify_data, ++ ext->client_verify_data_len); ++ ++ if (session->security_parameters.entity == GNUTLS_SERVER) ++ { ++ data[0] += ext->server_verify_data_len; ++ ++ DECR_LEN (data_size, ext->server_verify_data_len); ++ ++ if (ext->server_verify_data_len > 0) ++ memcpy(&data[1 + ext->client_verify_data_len], ++ ext->server_verify_data, ++ ext->server_verify_data_len); ++ } ++ } ++ else ++ return 0; ++ ++ return 1 + data[0]; /* don't forget the length byte */ ++} ++ ++/** ++ * gnutls_safe_renegotiation_status: ++ * @session: is a #gnutls_session_t structure. ++ * ++ * Can be used to check whether safe renegotiation is being used ++ * in the current session. Returns 0 when not and non zero when ++ * used. ++ **/ ++int gnutls_safe_renegotiation_status (gnutls_session_t session) ++{ ++ return session->internals.connection_using_safe_renegotiation; ++} +--- /dev/null 2013-09-26 ++++ b/lib/ext_safe_renegotiation.h 2013-09-26 +@@ -0,0 +1,33 @@ ++/* ++ * Copyright (C) 2009 Free Software Foundation ++ * ++ * Author: Steve Dispensa (<dispensa@phonefactor.com>) ++ * ++ * This file is part of GNUTLS. ++ * ++ * The GNUTLS library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public License ++ * as published by the Free Software Foundation; either version 2.1 of ++ * the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, ++ * USA ++ * ++ */ ++ ++#ifndef EXT_SAFE_RENEGOTIATION_H ++# define EXT_SAFE_RENEGOTIATION_H ++ ++int _gnutls_safe_renegotiation_recv_params (gnutls_session_t state, ++ const opaque * data, size_t data_size); ++int _gnutls_safe_renegotiation_send_params (gnutls_session_t state, ++ opaque * data, size_t); ++ ++#endif /* EXT_SAFE_RENEGOTIATION_H */ +--- a/lib/gnutls_alert.c 2009-06-02 ++++ b/lib/gnutls_alert.c 2013-09-26 +@@ -180,6 +180,10 @@ gnutls_error_to_alert (int err, int *lev + ret = GNUTLS_A_ILLEGAL_PARAMETER; + _level = GNUTLS_AL_FATAL; + break; ++ case GNUTLS_E_UNKNOWN_SRP_USERNAME: ++ ret = GNUTLS_A_UNKNOWN_PSK_IDENTITY; ++ _level = GNUTLS_AL_FATAL; ++ break; + case GNUTLS_E_ASN1_ELEMENT_NOT_FOUND: + case GNUTLS_E_ASN1_IDENTIFIER_NOT_FOUND: + case GNUTLS_E_ASN1_DER_ERROR: +@@ -199,6 +203,7 @@ gnutls_error_to_alert (int err, int *lev + case GNUTLS_E_INSUFFICIENT_CREDENTIALS: + case GNUTLS_E_NO_CIPHER_SUITES: + case GNUTLS_E_NO_COMPRESSION_ALGORITHMS: ++ case GNUTLS_E_SAFE_RENEGOTIATION_FAILED: + ret = GNUTLS_A_HANDSHAKE_FAILURE; + _level = GNUTLS_AL_FATAL; + break; +@@ -212,6 +217,7 @@ gnutls_error_to_alert (int err, int *lev + _level = GNUTLS_AL_FATAL; + break; + case GNUTLS_E_REHANDSHAKE: ++ case GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED: + ret = GNUTLS_A_NO_RENEGOTIATION; + _level = GNUTLS_AL_WARNING; + break; +--- a/lib/gnutls_algorithms.c 2009-08-12 ++++ b/lib/gnutls_algorithms.c 2013-09-26 +@@ -457,6 +457,10 @@ typedef struct + #define GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 { 0x00,0x88 } + #endif + ++/* Safe renegotiation */ ++ ++#define GNUTLS_RENEGO_PROTECTION_REQUEST { GNUTLS_RENEGO_PROTECTION_REQUEST_MAJOR, GNUTLS_RENEGO_PROTECTION_REQUEST_MINOR } ++ + #define CIPHER_SUITES_COUNT sizeof(cs_algorithms)/sizeof(gnutls_cipher_suite_entry)-1 + + static const gnutls_cipher_suite_entry cs_algorithms[] = { +@@ -624,6 +628,9 @@ static const gnutls_cipher_suite_entry c + GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_RSA, + GNUTLS_MAC_SHA1, GNUTLS_TLS1), + #endif ++ GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RENEGO_PROTECTION_REQUEST, ++ GNUTLS_CIPHER_UNKNOWN, GNUTLS_KX_UNKNOWN, ++ GNUTLS_MAC_UNKNOWN, GNUTLS_SSL3), + {0, {{0, 0}}, 0, 0, 0, 0} + }; + +--- a/lib/gnutls_algorithms.h 2009-06-02 ++++ b/lib/gnutls_algorithms.h 2013-09-26 +@@ -27,6 +27,9 @@ + + #include "gnutls_auth.h" + ++#define GNUTLS_RENEGO_PROTECTION_REQUEST_MAJOR 0x00 ++#define GNUTLS_RENEGO_PROTECTION_REQUEST_MINOR 0xFF ++ + /* Functions for version handling. */ + gnutls_protocol_t _gnutls_version_lowest (gnutls_session_t session); + gnutls_protocol_t _gnutls_version_max (gnutls_session_t session); +--- a/lib/gnutls_constate.c 2009-11-06 ++++ b/lib/gnutls_constate.c 2013-09-26 +@@ -380,6 +380,17 @@ _gnutls_set_write_keys (gnutls_session_t + export_flag); + } + ++#define CPY_EXTENSIONS \ ++ memcpy(dst->extensions.server_names, src->extensions.server_names, sizeof(src->extensions.server_names)); \ ++ dst->extensions.server_names_size = src->extensions.server_names_size; \ ++ memcpy(dst->extensions.srp_username, src->extensions.srp_username, sizeof(src->extensions.srp_username)); \ ++ dst->extensions.gnutls_ia_enable = src->extensions.gnutls_ia_enable; \ ++ dst->extensions.gnutls_ia_peer_enable = src->extensions.gnutls_ia_peer_enable; \ ++ dst->extensions.gnutls_ia_allowskip = src->extensions.gnutls_ia_allowskip; \ ++ dst->extensions.gnutls_ia_peer_allowskip = src->extensions.gnutls_ia_peer_allowskip; \ ++ dst->extensions.do_recv_supplemental = src->extensions.do_recv_supplemental; \ ++ dst->extensions.do_send_supplemental = src->extensions.do_send_supplemental ++ + #define CPY_COMMON dst->entity = src->entity; \ + dst->kx_algorithm = src->kx_algorithm; \ + memcpy( &dst->current_cipher_suite, &src->current_cipher_suite, sizeof(cipher_suite_st)); \ +@@ -393,8 +404,8 @@ _gnutls_set_write_keys (gnutls_session_t + dst->max_record_recv_size = src->max_record_recv_size; \ + dst->max_record_send_size = src->max_record_send_size; \ + dst->version = src->version; \ +- memcpy( &dst->extensions, &src->extensions, sizeof(tls_ext_st)); \ +- memcpy( &dst->inner_secret, &src->inner_secret, GNUTLS_MASTER_SIZE); ++ CPY_EXTENSIONS; \ ++ memcpy( &dst->inner_secret, &src->inner_secret, GNUTLS_MASTER_SIZE) + + static void + _gnutls_cpy_read_security_parameters (security_parameters_st * +--- a/lib/gnutls_errors.c 2009-06-02 ++++ b/lib/gnutls_errors.c 2013-09-26 +@@ -220,9 +220,15 @@ static const gnutls_error_entry error_al + GNUTLS_E_OPENPGP_GETKEY_FAILED, 1), + ERROR_ENTRY (N_("Could not find OpenPGP subkey."), + GNUTLS_E_OPENPGP_SUBKEY_ERROR, 1), ++ ERROR_ENTRY (N_("Safe renegotiation failed."), ++ GNUTLS_E_SAFE_RENEGOTIATION_FAILED, 1), ++ ERROR_ENTRY (N_("Unsafe renegotiation denied."), ++ GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED, 1), + + ERROR_ENTRY (N_("The SRP username supplied is illegal."), + GNUTLS_E_ILLEGAL_SRP_USERNAME, 1), ++ ERROR_ENTRY (N_("The SRP username supplied is unknown."), ++ GNUTLS_E_UNKNOWN_SRP_USERNAME, 1), + + ERROR_ENTRY (N_("The OpenPGP fingerprint is not supported."), + GNUTLS_E_OPENPGP_FINGERPRINT_UNSUPPORTED, 1), +--- a/lib/gnutls_extensions.c 2009-06-08 ++++ b/lib/gnutls_extensions.c 2013-09-26 +@@ -35,6 +35,7 @@ + #include <ext_server_name.h> + #include <ext_oprfi.h> + #include <ext_srp.h> ++#include <ext_safe_renegotiation.h> + #include <gnutls_num.h> + + typedef struct +@@ -133,7 +134,7 @@ _gnutls_parse_extensions (gnutls_session + type = _gnutls_read_uint16 (&data[pos]); + pos += 2; + +- _gnutls_debug_log ("EXT[%p]: Received extension '%s/%d'\n", session, ++ _gnutls_debug_log ("EXT[%p]: Found extension '%s/%d'\n", session, + _gnutls_extension_get_name (type), type); + + if ((ret = _gnutls_extension_list_check (session, type)) < 0) +@@ -153,6 +154,8 @@ _gnutls_parse_extensions (gnutls_session + ext_recv = _gnutls_ext_func_recv (type, parse_type); + if (ext_recv == NULL) + continue; ++ ++ + if ((ret = ext_recv (session, sdata, size)) < 0) + { + gnutls_assert (); +@@ -170,7 +173,7 @@ _gnutls_parse_extensions (gnutls_session + * This list is used to check whether the (later) received + * extensions are the ones we requested. + */ +-static void ++void + _gnutls_extension_list_add (gnutls_session_t session, uint16_t type) + { + +@@ -192,7 +195,7 @@ _gnutls_extension_list_add (gnutls_sessi + + int + _gnutls_gen_extensions (gnutls_session_t session, opaque * data, +- size_t data_size) ++ size_t data_size, gnutls_ext_parse_type_t parse_type) + { + int size; + uint16_t pos = 0; +@@ -223,6 +226,9 @@ _gnutls_gen_extensions (gnutls_session_t + + if (p->send_func == NULL) + continue; ++ ++ if (parse_type != GNUTLS_EXT_ANY && p->parse_type != parse_type) ++ continue; + + size = p->send_func (session, sdata, sdata_size); + if (size > 0) +@@ -304,6 +310,14 @@ _gnutls_ext_init (void) + if (ret != GNUTLS_E_SUCCESS) + return ret; + ++ ret = gnutls_ext_register (GNUTLS_EXTENSION_SAFE_RENEGOTIATION, ++ "SAFE_RENEGOTIATION", ++ GNUTLS_EXT_MANDATORY, ++ _gnutls_safe_renegotiation_recv_params, ++ _gnutls_safe_renegotiation_send_params); ++ if (ret != GNUTLS_E_SUCCESS) ++ return ret; ++ + #ifdef ENABLE_OPRFI + ret = gnutls_ext_register (GNUTLS_EXTENSION_OPAQUE_PRF_INPUT, + "OPAQUE_PRF_INPUT", +--- a/lib/gnutls_extensions.h 2009-06-02 ++++ b/lib/gnutls_extensions.h 2013-09-26 +@@ -26,6 +26,8 @@ int _gnutls_parse_extensions (gnutls_ses + gnutls_ext_parse_type_t parse_type, + const opaque *data, int data_size); + int _gnutls_gen_extensions (gnutls_session_t session, opaque * data, +- size_t data_size); ++ size_t data_size, gnutls_ext_parse_type_t); + int _gnutls_ext_init (void); + void _gnutls_ext_deinit (void); ++ ++void _gnutls_extension_list_add (gnutls_session_t session, uint16_t type); +--- a/lib/gnutls_handshake.c 2009-11-02 ++++ b/lib/gnutls_handshake.c 2013-09-26 +@@ -48,6 +48,7 @@ + #include <gnutls_record.h> + #include <gnutls_state.h> + #include <ext_srp.h> ++#include <ext_safe_renegotiation.h> + #include <gnutls_rsa_export.h> /* for gnutls_get_rsa_params() */ + #include <auth_anon.h> /* for gnutls_anon_server_credentials_t */ + #include <auth_psk.h> /* for gnutls_psk_server_credentials_t */ +@@ -119,6 +120,7 @@ resume_copy_required_values (gnutls_sess + sizeof (session->security_parameters.session_id)); + session->security_parameters.session_id_size = + session->internals.resumed_security_parameters.session_id_size; ++ + } + + void +@@ -404,8 +406,36 @@ _gnutls_read_client_hello (gnutls_sessio + + if (ret == 0) + { /* resumed! */ ++ /* Parse only the safe renegotiation extension ++ * We don't want to parse any other extensions since ++ * we don't want new extension values to overwrite the ++ * resumed ones. ++ */ ++ ++ /* move forward to extensions */ ++ DECR_LEN (len, 2); ++ suite_size = _gnutls_read_uint16 (&data[pos]); ++ pos += 2; ++ ++ DECR_LEN (len, suite_size); ++ pos += suite_size; ++ ++ DECR_LEN (len, 1); ++ comp_size = data[pos++]; /* z is the number of compression methods */ ++ DECR_LEN (len, comp_size); ++ pos += comp_size; ++ ++ ret = _gnutls_parse_extensions (session, GNUTLS_EXT_MANDATORY, ++ &data[pos], len); ++ if (ret < 0) ++ { ++ gnutls_assert (); ++ return ret; ++ } ++ + resume_copy_required_values (session); + session->internals.resumed = RESUME_TRUE; ++ + return _gnutls_user_hello_func (session, adv_version); + } + else +@@ -437,17 +467,17 @@ _gnutls_read_client_hello (gnutls_sessio + pos += comp_size; + + /* Parse the extensions (if any) +- */ +- if (neg_version >= GNUTLS_TLS1) ++ * ++ * Unconditionally try to parse extensions; safe renegotiation uses them in ++ * sslv3 and higher, even though sslv3 doesn't officially support them. ++ */ ++ ret = _gnutls_parse_extensions (session, GNUTLS_EXT_APPLICATION, ++ &data[pos], len); ++ /* len is the rest of the parsed length */ ++ if (ret < 0) + { +- ret = _gnutls_parse_extensions (session, GNUTLS_EXT_APPLICATION, +- &data[pos], len); +- /* len is the rest of the parsed length */ +- if (ret < 0) +- { +- gnutls_assert (); +- return ret; +- } ++ gnutls_assert (); ++ return ret; + } + + ret = _gnutls_user_hello_func (session, adv_version); +@@ -457,16 +487,20 @@ _gnutls_read_client_hello (gnutls_sessio + return ret; + } + +- if (neg_version >= GNUTLS_TLS1) ++ ret = _gnutls_parse_extensions (session, GNUTLS_EXT_MANDATORY, ++ &data[pos], len); ++ if (ret < 0) + { +- ret = _gnutls_parse_extensions (session, GNUTLS_EXT_TLS, +- &data[pos], len); +- /* len is the rest of the parsed length */ +- if (ret < 0) +- { +- gnutls_assert (); +- return ret; +- } ++ gnutls_assert (); ++ return ret; ++ } ++ ++ ret = _gnutls_parse_extensions (session, GNUTLS_EXT_TLS, ++ &data[pos], len); ++ if (ret < 0) ++ { ++ gnutls_assert (); ++ return ret; + } + + /* select an appropriate cipher suite +@@ -531,7 +565,7 @@ _gnutls_handshake_hash_pending (gnutls_s + static int + _gnutls_send_finished (gnutls_session_t session, int again) + { +- uint8_t data[36]; ++ uint8_t data[MAX_VERIFY_DATA_SIZE]; + int ret; + int data_size = 0; + +@@ -556,7 +590,7 @@ _gnutls_send_finished (gnutls_session_t + data_size = 36; + } + else +- { /* TLS 1.0 */ ++ { /* TLS 1.0+ */ + ret = _gnutls_finished (session, + session->security_parameters.entity, data); + data_size = 12; +@@ -572,6 +606,31 @@ _gnutls_send_finished (gnutls_session_t + session->internals.finished_func (session, data, data_size); + } + ++ /* Save data for safe renegotiation. ++ */ ++ if (data_size > MAX_VERIFY_DATA_SIZE) ++ { ++ gnutls_assert (); ++ return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; ++ } ++ ++ if (session->security_parameters.entity == GNUTLS_CLIENT) ++ { ++ session->security_parameters.extensions.client_verify_data_len = ++ data_size; ++ ++ memcpy (session->security_parameters.extensions.client_verify_data, ++ data, data_size); ++ } ++ else ++ { ++ session->security_parameters.extensions.server_verify_data_len = ++ data_size; ++ ++ memcpy (session->security_parameters.extensions.server_verify_data, ++ data, data_size); ++ } ++ + ret = + _gnutls_send_handshake (session, data_size ? data : NULL, data_size, + GNUTLS_HANDSHAKE_FINISHED); +@@ -585,10 +644,11 @@ _gnutls_send_finished (gnutls_session_t + static int + _gnutls_recv_finished (gnutls_session_t session) + { +- uint8_t data[36], *vrfy; ++ uint8_t data[MAX_VERIFY_DATA_SIZE], *vrfy; + int data_size; + int ret; + int vrfysize; ++ tls_ext_st *ext; + + ret = + _gnutls_recv_handshake (session, &vrfy, &vrfysize, +@@ -640,13 +700,38 @@ _gnutls_recv_finished (gnutls_session_t + } + + if (memcmp (vrfy, data, data_size) != 0) ++ ret = memcmp (vrfy, data, data_size); ++ gnutls_free (vrfy); ++ ++ if (ret != 0) + { + gnutls_assert (); +- ret = GNUTLS_E_ERROR_IN_FINISHED_PACKET; ++ return GNUTLS_E_ERROR_IN_FINISHED_PACKET; + } +- gnutls_free (vrfy); + +- return ret; ++ /* Save peer's verify data for safe renegotiation */ ++ if (data_size > MAX_VERIFY_DATA_SIZE) ++ { ++ gnutls_assert (); ++ return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; ++ } ++ ++ ext = &session->security_parameters.extensions; ++ ++ if (session->security_parameters.entity == GNUTLS_CLIENT) ++ { ++ memcpy (ext->server_verify_data, data, data_size); ++ ext->server_verify_data_len = data_size; ++ } ++ else ++ { ++ memcpy (ext->client_verify_data, data, data_size); ++ ext->client_verify_data_len = data_size; ++ } ++ ++ session->internals.initial_negotiation_completed = 1; ++ ++ return 0; + } + + /* returns PK_RSA if the given cipher suite list only supports, +@@ -685,7 +770,6 @@ _gnutls_server_find_pk_algos_in_ciphersu + return algo; + } + +- + /* This selects the best supported ciphersuite from the given ones. Then + * it adds the suite to the session and performs some checks. + */ +@@ -700,11 +784,31 @@ _gnutls_server_select_suite (gnutls_sess + * supported by the peer. + */ + ++ /* First, check for safe renegotiation SCSV. ++ */ ++ if (session->internals.priorities.safe_renegotiation != SR_DISABLED) ++ { ++ int offset; ++ ++ for(offset = 0; offset < datalen; offset += 2) ++ { ++ /* TLS_RENEGO_PROTECTION_REQUEST = { 0x00, 0xff } */ ++ if (data[offset] == GNUTLS_RENEGO_PROTECTION_REQUEST_MAJOR && ++ data[offset+1] == GNUTLS_RENEGO_PROTECTION_REQUEST_MINOR) ++ { ++ _gnutls_handshake_log ("HSK[%p]: Received safe renegotiation CS\n", session); ++ session->internals.safe_renegotiation_received = 1; ++ session->internals.connection_using_safe_renegotiation = 1; ++ break; ++ } ++ } ++ } ++ + pk_algo = _gnutls_server_find_pk_algos_in_ciphersuites (data, datalen); + + x = _gnutls_supported_ciphersuites (session, &ciphers); + if (x < 0) +- { /* the case x==0 is handled within the function. */ ++ { /* the case x==0 is handled within the function. */ + gnutls_assert (); + return x; + } +@@ -752,21 +856,21 @@ _gnutls_server_select_suite (gnutls_sess + + for (j = 0; j < datalen; j += 2) + { +- for (i = 0; i < x; i++) +- { +- if (memcmp (ciphers[i].suite, &data[j], 2) == 0) +- { +- memcpy (&cs.suite, &data[j], 2); +- +- _gnutls_handshake_log +- ("HSK[%p]: Selected cipher suite: %s\n", session, +- _gnutls_cipher_suite_get_name (&cs)); +- memcpy (session->security_parameters.current_cipher_suite.suite, +- ciphers[i].suite, 2); +- retval = 0; +- goto finish; +- } +- } ++ for (i = 0; i < x; i++) ++ { ++ if (memcmp (ciphers[i].suite, &data[j], 2) == 0) ++ { ++ memcpy (&cs.suite, &data[j], 2); ++ ++ _gnutls_handshake_log ++ ("HSK[%p]: Selected cipher suite: %s\n", session, ++ _gnutls_cipher_suite_get_name (&cs)); ++ memcpy (session->security_parameters.current_cipher_suite.suite, ++ ciphers[i].suite, 2); ++ retval = 0; ++ goto finish; ++ } ++ } + } + + finish: +@@ -960,7 +1064,7 @@ _gnutls_send_handshake (gnutls_session_t + if (i_datasize > 0) + memcpy (&data[pos], i_data, i_datasize); + +- _gnutls_handshake_log ("HSK[%p]: %s was send [%ld bytes]\n", ++ _gnutls_handshake_log ("HSK[%p]: %s was sent [%ld bytes]\n", + session, _gnutls_handshake2str (type), + (long) datasize); + +@@ -1042,7 +1146,6 @@ _gnutls_recv_handshake_header (gnutls_se + + if (ret < 0) + { +- gnutls_assert (); + return ret; + } + +@@ -1525,15 +1628,26 @@ _gnutls_read_server_hello (gnutls_sessio + } + DECR_LEN (len, session_id_len); + +- + /* check if we are resuming and set the appropriate + * values; + */ + if (_gnutls_client_check_if_resuming + (session, &data[pos], session_id_len) == 0) +- return 0; +- pos += session_id_len; ++ { ++ pos += session_id_len + 2 + 1; ++ DECR_LEN (len, 2+1); ++ ++ ret = _gnutls_parse_extensions (session, GNUTLS_EXT_MANDATORY, ++ &data[pos], len); ++ if (ret < 0) ++ { ++ gnutls_assert (); ++ return ret; ++ } ++ return 0; ++ } + ++ pos += session_id_len; + + /* Check if the given cipher suite is supported and copy + * it to the session. +@@ -1548,8 +1662,6 @@ _gnutls_read_server_hello (gnutls_sessio + } + pos += 2; + +- +- + /* move to compression + */ + DECR_LEN (len, 1); +@@ -1563,32 +1675,32 @@ _gnutls_read_server_hello (gnutls_sessio + + /* Parse extensions. + */ +- if (version >= GNUTLS_TLS1) ++ ret = _gnutls_parse_extensions (session, GNUTLS_EXT_ANY, ++ &data[pos], len); ++ if (ret < 0) + { +- ret = _gnutls_parse_extensions (session, GNUTLS_EXT_ANY, +- &data[pos], len); +- /* len is the rest of the parsed length */ +- if (ret < 0) +- { +- gnutls_assert (); +- return ret; +- } ++ gnutls_assert (); ++ return ret; + } ++ + return ret; + } + + + /* This function copies the appropriate ciphersuites to a locally allocated buffer +- * Needed in client hello messages. Returns the new data length. ++ * Needed in client hello messages. Returns the new data length. If add_scsv is ++ * true, add the special safe renegotiation CS. + */ + static int + _gnutls_copy_ciphersuites (gnutls_session_t session, +- opaque * ret_data, size_t ret_data_size) ++ opaque * ret_data, size_t ret_data_size, ++ int add_scsv) + { + int ret, i; + cipher_suite_st *cipher_suites; + uint16_t cipher_num; + int datalen, pos; ++ uint16_t loop_max; + + ret = _gnutls_supported_ciphersuites_sorted (session, &cipher_suites); + if (ret < 0) +@@ -1619,6 +1731,9 @@ _gnutls_copy_ciphersuites (gnutls_sessio + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + ++ if (add_scsv) ++ ++ret; ++ + cipher_num = ret; + + cipher_num *= sizeof (uint16_t); /* in order to get bytes */ +@@ -1636,11 +1751,21 @@ _gnutls_copy_ciphersuites (gnutls_sessio + _gnutls_write_uint16 (cipher_num, ret_data); + pos += 2; + +- for (i = 0; i < (cipher_num / 2); i++) ++ loop_max = add_scsv ? cipher_num - 2 : cipher_num; ++ ++ for (i = 0; i < (loop_max / 2); i++) + { + memcpy (&ret_data[pos], cipher_suites[i].suite, 2); + pos += 2; + } ++ ++ if (add_scsv) ++ { ++ /* Safe renegotiation signalling CS value is { 0x00, 0xff } */ ++ ret_data[pos++] = 0x00; ++ ret_data[pos++] = 0xff; ++ } ++ + gnutls_free (cipher_suites); + + return datalen; +@@ -1700,7 +1825,7 @@ _gnutls_send_client_hello (gnutls_sessio + { + opaque *data = NULL; + int extdatalen; +- int pos = 0; ++ int pos = 0, type; + int datalen = 0, ret = 0; + opaque rnd[GNUTLS_RANDOM_SIZE]; + gnutls_protocol_t hver; +@@ -1807,9 +1932,21 @@ _gnutls_send_client_hello (gnutls_sessio + + + /* Copy the ciphersuites. ++ * ++ * If using SSLv3 Send TLS_RENEGO_PROTECTION_REQUEST SCSV for MITM ++ * prevention on initial negotiation (but not renegotiation; that's ++ * handled with the RI extension below). + */ +- extdatalen = +- _gnutls_copy_ciphersuites (session, extdata, sizeof (extdata)); ++ if(!session->internals.initial_negotiation_completed && ++ session->security_parameters.entity == GNUTLS_CLIENT && ++ gnutls_protocol_get_version (session) == GNUTLS_SSL3) ++ { ++ extdatalen = _gnutls_copy_ciphersuites (session, extdata, sizeof (extdata), TRUE); ++ _gnutls_extension_list_add (session, GNUTLS_EXTENSION_SAFE_RENEGOTIATION); ++ } ++ else ++ extdatalen = _gnutls_copy_ciphersuites (session, extdata, sizeof (extdata), FALSE); ++ + if (extdatalen > 0) + { + datalen += extdatalen; +@@ -1864,11 +2001,19 @@ _gnutls_send_client_hello (gnutls_sessio + /* Generate and copy TLS extensions. + */ + if (hver >= GNUTLS_TLS1) ++ type = GNUTLS_EXT_ANY; ++ else + { +- extdatalen = +- _gnutls_gen_extensions (session, extdata, sizeof (extdata)); ++ if (session->internals.initial_negotiation_completed != 0) ++ type = GNUTLS_EXT_MANDATORY; ++ else ++ type = GNUTLS_EXT_NONE; ++ } ++ ++ extdatalen = ++ _gnutls_gen_extensions (session, extdata, sizeof (extdata), type); + +- if (extdatalen > 0) ++ if (extdatalen > 0) + { + datalen += extdatalen; + data = gnutls_realloc_fast (data, datalen); +@@ -1880,13 +2025,12 @@ _gnutls_send_client_hello (gnutls_sessio + + memcpy (&data[pos], extdata, extdatalen); + } +- else if (extdatalen < 0) ++ else if (extdatalen < 0) + { + gnutls_assert (); + gnutls_free (data); + return extdatalen; + } +- } + } + + ret = +@@ -1932,15 +2075,7 @@ _gnutls_send_server_hello (gnutls_sessio + * alert and abort. + */ + gnutls_assert (); +- ret = gnutls_alert_send (session, GNUTLS_AL_FATAL, +- GNUTLS_A_UNKNOWN_PSK_IDENTITY); +- if (ret < 0) +- { +- gnutls_assert (); +- return ret; +- } +- +- return GNUTLS_E_ILLEGAL_SRP_USERNAME; ++ return GNUTLS_E_UNKNOWN_SRP_USERNAME; + } + } + #endif +@@ -1949,7 +2085,7 @@ _gnutls_send_server_hello (gnutls_sessio + { + datalen = 2 + session_id_len + 1 + GNUTLS_RANDOM_SIZE + 3; + extdatalen = +- _gnutls_gen_extensions (session, extdata, sizeof (extdata)); ++ _gnutls_gen_extensions (session, extdata, sizeof (extdata), GNUTLS_EXT_ANY); + + if (extdatalen < 0) + { +@@ -2015,6 +2151,8 @@ _gnutls_send_hello (gnutls_session_t ses + { + int ret; + ++ session->internals.safe_renegotiation_received = 0; ++ + if (session->security_parameters.entity == GNUTLS_CLIENT) + { + ret = _gnutls_send_client_hello (session, again); +@@ -2036,6 +2174,7 @@ int + _gnutls_recv_hello (gnutls_session_t session, opaque * data, int datalen) + { + int ret; ++ tls_ext_st *ext; + + if (session->security_parameters.entity == GNUTLS_CLIENT) + { +@@ -2047,7 +2186,7 @@ _gnutls_recv_hello (gnutls_session_t ses + } + } + else +- { /* Server side reading a client hello */ ++ { /* Server side reading a client hello */ + + ret = _gnutls_read_client_hello (session, data, datalen); + if (ret < 0) +@@ -2057,7 +2196,90 @@ _gnutls_recv_hello (gnutls_session_t ses + } + } + +- return ret; ++ if (session->internals.priorities.safe_renegotiation == SR_DISABLED) ++ { ++ gnutls_assert(); ++ return 0; ++ } ++ ++ /* Safe renegotiation */ ++ ext = &session->security_parameters.extensions; ++ ++ if (session->internals.safe_renegotiation_received) ++ { ++ if ((ext->ri_extension_data_len < ext->client_verify_data_len) || ++ (memcmp (ext->ri_extension_data, ++ ext->client_verify_data, ++ ext->client_verify_data_len))) ++ { ++ gnutls_assert(); ++ _gnutls_handshake_log ("Safe renegotiation failed [1]\n"); ++ return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; ++ } ++ if (session->security_parameters.entity == GNUTLS_CLIENT) ++ { ++ if ((ext->ri_extension_data_len != ++ ext->client_verify_data_len + ext->server_verify_data_len) || ++ memcmp (ext->ri_extension_data + ext->client_verify_data_len, ++ ext->server_verify_data, ext->server_verify_data_len) != 0) ++ { ++ gnutls_assert(); ++ _gnutls_handshake_log ("Safe renegotiation failed [2]\n"); ++ return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; ++ } ++ } ++ else /* Make sure there are 0 extra bytes */ ++ { ++ if (ext->ri_extension_data_len != ext->client_verify_data_len) ++ { ++ gnutls_assert(); ++ _gnutls_handshake_log ("Safe renegotiation failed [3]\n"); ++ return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; ++ } ++ } ++ ++ _gnutls_handshake_log ("Safe renegotiation succeeded.\n"); ++ } ++ else /* safe renegotiation not received... */ ++ { ++ if (session->internals.connection_using_safe_renegotiation) ++ { ++ gnutls_assert(); ++ _gnutls_handshake_log ("Peer previously asked for safe renegotiation!\n"); ++ return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; ++ } ++ ++ /* Clients can't tell if it's an initial negotiation */ ++ if (session->internals.initial_negotiation_completed) ++ { ++ ++ if (session->internals.priorities.safe_renegotiation < SR_PARTIAL) ++ { ++ _gnutls_handshake_log ("Allowing unsafe (re)negotiation!\n"); ++ } ++ else ++ { ++ gnutls_assert(); ++ _gnutls_handshake_log ("Denying unsafe (re)negotiation.\n"); ++ return GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED; ++ } ++ } ++ else ++ { ++ if (session->internals.priorities.safe_renegotiation < SR_SAFE) ++ { ++ _gnutls_handshake_log ("Allowing unsafe initial negotiation!\n"); ++ } ++ else ++ { ++ gnutls_assert(); ++ _gnutls_handshake_log ("Denying unsafe initial negotiation.\n"); ++ return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; ++ } ++ } ++ } ++ ++ return 0; + } + + /* The packets in gnutls_handshake (it's more broad than original TLS handshake) +@@ -2097,6 +2319,13 @@ _gnutls_recv_hello (gnutls_session_t ses + * gnutls_handshake() function in order to negotiate the new + * parameters. + * ++ * Since TLS is full duplex some application data might have been ++ * sent during peer's processing of this message. In that case ++ * one should call gnutls_record_recv() until GNUTLS_E_REHANDSHAKE ++ * is returned to clear any pending data. Care must be taken if ++ * rehandshake is mandatory to terminate if it does not start after ++ * some threshold. ++ * + * If the client does not wish to renegotiate parameters he will + * should with an alert message, thus the return code will be + * %GNUTLS_E_WARNING_ALERT_RECEIVED and the alert will be +--- a/lib/gnutls_int.h 2009-11-02 ++++ b/lib/gnutls_int.h 2013-09-26 +@@ -171,7 +171,8 @@ typedef enum extensions_t + GNUTLS_EXTENSION_OPAQUE_PRF_INPUT = ENABLE_OPRFI, + #endif + GNUTLS_EXTENSION_SRP = 12, +- GNUTLS_EXTENSION_INNER_APPLICATION = 37703 ++ GNUTLS_EXTENSION_INNER_APPLICATION = 37703, ++ GNUTLS_EXTENSION_SAFE_RENEGOTIATION = 65281, /* aka: 0xff01 */ + } extensions_t; + + typedef enum +@@ -282,6 +283,11 @@ typedef struct + + #define MAX_SERVER_NAME_EXTENSIONS 3 + ++#define MAX_VERIFY_DATA_SIZE 36 /* in SSL 3.0, 12 in TLS 1.0 */ ++ ++/* If you want the extension data to be kept across resuming sessions ++ * then modify CPY_EXTENSIONS in gnutls_constate.c ++ */ + typedef struct + { + server_name_st server_names[MAX_SERVER_NAME_EXTENSIONS]; +@@ -297,6 +303,9 @@ typedef struct + /* Used by extensions that enable supplemental data. */ + int do_recv_supplemental, do_send_supplemental; + ++ /*** Those below do not get copied when resuming session ++ ***/ ++ + /* Opaque PRF input. */ + gnutls_oprfi_callback_func oprfi_cb; + void *oprfi_userdata; +@@ -304,6 +313,15 @@ typedef struct + uint16_t oprfi_client_len; + opaque *oprfi_server; + uint16_t oprfi_server_len; ++ ++ /* Safe renegotiation. */ ++ uint8_t client_verify_data[MAX_VERIFY_DATA_SIZE]; ++ size_t client_verify_data_len; ++ uint8_t server_verify_data[MAX_VERIFY_DATA_SIZE]; ++ size_t server_verify_data_len; ++ uint8_t ri_extension_data[MAX_VERIFY_DATA_SIZE*2]; /* max signal is 72 bytes in s->c sslv3 */ ++ size_t ri_extension_data_len; ++ + } tls_ext_st; + + /* auth_info_t structures now MAY contain malloced +@@ -317,7 +335,7 @@ typedef struct + */ + + /* if you add anything in Security_Parameters struct, then +- * also modify CPY_COMMON in gnutls_constate.c ++ * also modify CPY_COMMON in gnutls_constate.c. + */ + + /* Note that the security parameters structure is set up after the +@@ -361,6 +379,7 @@ typedef struct + /* holds the negotiated certificate type */ + gnutls_certificate_type_t cert_type; + gnutls_protocol_t version; /* moved here */ ++ + /* For TLS/IA. XXX: Move to IA credential? */ + opaque inner_secret[GNUTLS_MASTER_SIZE]; + } security_parameters_st; +@@ -400,6 +419,13 @@ typedef struct + unsigned int algorithms; + } priority_st; + ++typedef enum { ++ SR_DISABLED, ++ SR_UNSAFE, ++ SR_PARTIAL, ++ SR_SAFE, ++} safe_renegotiation_t; ++ + /* For the external api */ + struct gnutls_priority_st + { +@@ -409,9 +435,12 @@ struct gnutls_priority_st + priority_st compression; + priority_st protocol; + priority_st cert_type; ++ priority_st sign_algo; + + /* to disable record padding */ +- int no_padding; ++ int no_padding:1; ++ safe_renegotiation_t safe_renegotiation; ++ int allow_large_records:1; + int ssl3_record_version; + int additional_verify_flags; + }; +@@ -673,6 +702,10 @@ typedef struct + */ + uint16_t srp_prime_bits; + ++ int safe_renegotiation_received:1; ++ int initial_negotiation_completed:1; ++ int connection_using_safe_renegotiation:1; ++ + /* If you add anything here, check _gnutls_handshake_internal_state_clear(). + */ + } internals_st; +--- a/lib/gnutls_priority.c 2009-06-02 ++++ b/lib/gnutls_priority.c 2013-09-26 +@@ -338,6 +338,27 @@ static const int comp_priority[] = { + 0 + }; + ++static const int sign_priority_default[] = { ++ GNUTLS_SIGN_RSA_SHA1, ++ GNUTLS_SIGN_DSA_SHA1, ++ GNUTLS_SIGN_RSA_SHA256, ++ GNUTLS_SIGN_RSA_SHA384, ++ GNUTLS_SIGN_RSA_SHA512, ++ 0 ++}; ++ ++static const int sign_priority_secure128[] = { ++ GNUTLS_SIGN_RSA_SHA256, ++ GNUTLS_SIGN_RSA_SHA384, ++ GNUTLS_SIGN_RSA_SHA512, ++ GNUTLS_SIGN_DSA_SHA1, ++ 0 ++}; ++ ++static const int sign_priority_secure256[] = { ++ GNUTLS_SIGN_RSA_SHA512, ++ 0 ++}; + + static const int mac_priority_performance[] = { + GNUTLS_MAC_MD5, +@@ -425,6 +446,14 @@ gnutls_priority_set (gnutls_session_t se + memcpy (&session->internals.priorities, priority, + sizeof (struct gnutls_priority_st)); + ++ /* set the current version to the first in the chain. ++ * * This will be overridden later. ++ * */ ++ if (session->internals.priorities.protocol.algorithms > 0) ++ _gnutls_set_current_version (session, ++ session->internals.priorities.protocol. ++ priority[0]); ++ + return 0; + } + +@@ -491,6 +520,21 @@ gnutls_priority_set (gnutls_session_t se + * + * "%COMPAT" will enable compatibility features for a server. + * ++ * "%DISABLE_SAFE_RENEGOTIATION" will disable safe renegotiation completely. Do not use ++ * unless you know what you are doing. Testing purposes only. ++ * ++ * "%UNSAFE_RENEGOTIATION" will allow unsafe renegotiation (this is now ++ * the default for clients, but will change once more servers support the safe renegotiation ++ * TLS fix). ++ * ++ * "%PARTIAL_SAFE_RENEGOTIATION" In server side it will enable safe renegotiation ++ * and will protect all clients from known attacks, but will not prevent insecure clients ++ * from connecting. In client side it will disallow from renegotiating with an insecure server ++ * but will not prevent connecting to one (this leaves the client vulnerable to attacks). ++ * ++ * "%SAFE_RENEGOTIATION" will enforce safe renegotiation. Clients and Servers will refuse ++ * to talk to an insecure peer. ++ * + * "%SSL3_RECORD_VERSION" will use SSL3.0 record version in client hello. + * + * "%VERIFY_ALLOW_SIGN_RSA_MD5" will allow RSA-MD5 signatures in +@@ -523,7 +567,7 @@ gnutls_priority_init (gnutls_priority_t + { + char *broken_list[MAX_ELEMENTS]; + int broken_list_size, i, j; +- char *darg; ++ char *darg = NULL; + int algo; + rmadd_func *fn; + +@@ -533,6 +577,11 @@ gnutls_priority_init (gnutls_priority_t + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } ++ ++ /* for now unsafe renegotiation is default on everyone. To be removed ++ * when we make it the default. ++ */ ++ (*priority_cache)->safe_renegotiation = SR_PARTIAL; + + if (priorities == NULL) + priorities = "NORMAL"; +@@ -541,9 +590,10 @@ gnutls_priority_init (gnutls_priority_t + if (darg == NULL) + { + gnutls_assert (); +- return GNUTLS_E_MEMORY_ERROR; ++ goto error; + } + ++ + break_comma_list (darg, broken_list, &broken_list_size, MAX_ELEMENTS, ':'); + /* This is our default set of protocol version, certificate types and + * compression methods. +@@ -553,6 +603,7 @@ gnutls_priority_init (gnutls_priority_t + _set_priority (&(*priority_cache)->protocol, protocol_priority); + _set_priority (&(*priority_cache)->compression, comp_priority); + _set_priority (&(*priority_cache)->cert_type, cert_type_priority); ++ _set_priority (&(*priority_cache)->sign_algo, sign_priority_default); + i = 0; + } + else +@@ -568,12 +619,16 @@ gnutls_priority_init (gnutls_priority_t + cipher_priority_performance); + _set_priority (&(*priority_cache)->kx, kx_priority_performance); + _set_priority (&(*priority_cache)->mac, mac_priority_performance); ++ _set_priority (&(*priority_cache)->sign_algo, ++ sign_priority_default); + } + else if (strcasecmp (broken_list[i], "NORMAL") == 0) + { + _set_priority (&(*priority_cache)->cipher, cipher_priority_normal); + _set_priority (&(*priority_cache)->kx, kx_priority_secure); + _set_priority (&(*priority_cache)->mac, mac_priority_secure); ++ _set_priority (&(*priority_cache)->sign_algo, ++ sign_priority_default); + } + else if (strcasecmp (broken_list[i], "SECURE256") == 0 + || strcasecmp (broken_list[i], "SECURE") == 0) +@@ -582,6 +637,8 @@ gnutls_priority_init (gnutls_priority_t + cipher_priority_secure256); + _set_priority (&(*priority_cache)->kx, kx_priority_secure); + _set_priority (&(*priority_cache)->mac, mac_priority_secure); ++ _set_priority (&(*priority_cache)->sign_algo, ++ sign_priority_secure256); + } + else if (strcasecmp (broken_list[i], "SECURE128") == 0) + { +@@ -589,12 +646,16 @@ gnutls_priority_init (gnutls_priority_t + cipher_priority_secure128); + _set_priority (&(*priority_cache)->kx, kx_priority_secure); + _set_priority (&(*priority_cache)->mac, mac_priority_secure); ++ _set_priority (&(*priority_cache)->sign_algo, ++ sign_priority_secure128); + } + else if (strcasecmp (broken_list[i], "EXPORT") == 0) + { + _set_priority (&(*priority_cache)->cipher, cipher_priority_export); + _set_priority (&(*priority_cache)->kx, kx_priority_export); + _set_priority (&(*priority_cache)->mac, mac_priority_secure); ++ _set_priority (&(*priority_cache)->sign_algo, ++ sign_priority_default); + } /* now check if the element is something like -ALGO */ + else if (broken_list[i][0] == '!' || broken_list[i][0] == '+' + || broken_list[i][0] == '-') +@@ -619,6 +680,8 @@ gnutls_priority_init (gnutls_priority_t + gnutls_protocol_get_id (&broken_list[i][6])) != + GNUTLS_VERSION_UNKNOWN) + fn (&(*priority_cache)->protocol, algo); ++ else ++ goto error; + } /* now check if the element is something like -ALGO */ + else if (strncasecmp (&broken_list[i][1], "COMP-", 5) == 0) + { +@@ -626,6 +689,8 @@ gnutls_priority_init (gnutls_priority_t + gnutls_compression_get_id (&broken_list[i][6])) != + GNUTLS_COMP_UNKNOWN) + fn (&(*priority_cache)->compression, algo); ++ else ++ goto error; + } /* now check if the element is something like -ALGO */ + else if (strncasecmp (&broken_list[i][1], "CTYPE-", 6) == 0) + { +@@ -633,18 +698,34 @@ gnutls_priority_init (gnutls_priority_t + gnutls_certificate_type_get_id (&broken_list[i][7])) != + GNUTLS_CRT_UNKNOWN) + fn (&(*priority_cache)->cert_type, algo); ++ else ++ goto error; + } /* now check if the element is something like -ALGO */ ++ else if (strncasecmp (&broken_list[i][1], "SIGN-", 5) == 0) ++ { ++ if ((algo = gnutls_sign_get_id (&broken_list[i][6])) != ++ GNUTLS_SIGN_UNKNOWN) ++ fn (&(*priority_cache)->sign_algo, algo); ++ else ++ goto error; ++ } /* now check if the element is something like -ALGO */ + else + goto error; + } + else if (broken_list[i][0] == '%') + { + if (strcasecmp (&broken_list[i][1], "COMPAT") == 0) ++ { + (*priority_cache)->no_padding = 1; ++ (*priority_cache)->allow_large_records = 1; ++ } + else if (strcasecmp (&broken_list[i][1], + "VERIFY_ALLOW_SIGN_RSA_MD5") == 0) ++ { ++ prio_add (&(*priority_cache)->sign_algo, GNUTLS_SIGN_RSA_MD5); + (*priority_cache)->additional_verify_flags |= + GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5; ++ } + else if (strcasecmp (&broken_list[i][1], + "SSL3_RECORD_VERSION") == 0) + (*priority_cache)->ssl3_record_version = 1; +@@ -652,6 +733,25 @@ gnutls_priority_init (gnutls_priority_t + "VERIFY_ALLOW_X509_V1_CA_CRT") == 0) + (*priority_cache)->additional_verify_flags |= + GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT; ++ else if (strcasecmp (&broken_list[i][1], ++ "UNSAFE_RENEGOTIATION") == 0) ++ { ++ (*priority_cache)->safe_renegotiation = SR_UNSAFE; ++ } ++ else if (strcasecmp (&broken_list[i][1], "SAFE_RENEGOTIATION") == 0) ++ { ++ (*priority_cache)->safe_renegotiation = SR_SAFE; ++ } ++ else if (strcasecmp (&broken_list[i][1], ++ "PARTIAL_RENEGOTIATION") == 0) ++ { ++ (*priority_cache)->safe_renegotiation = SR_PARTIAL; ++ } ++ else if (strcasecmp (&broken_list[i][1], ++ "DISABLE_SAFE_RENEGOTIATION") == 0) ++ { ++ (*priority_cache)->safe_renegotiation = SR_DISABLED; ++ } + else + goto error; + } +@@ -672,6 +772,7 @@ error: + } + } + gnutls_free (darg); ++ gnutls_free(*priority_cache); + + return GNUTLS_E_INVALID_REQUEST; + +--- a/lib/gnutls_record.c 2009-06-02 ++++ b/lib/gnutls_record.c 2013-09-26 +@@ -744,6 +744,14 @@ record_check_type (gnutls_session_t sess + if (session->security_parameters.entity == GNUTLS_SERVER) + { + gnutls_assert (); ++ ret = ++ _gnutls_record_buffer_put (recv_type, session, (void *) data, ++ data_size); ++ if (ret < 0) ++ { ++ gnutls_assert (); ++ return ret; ++ } + return GNUTLS_E_REHANDSHAKE; + } + +@@ -896,9 +904,13 @@ begin: + _gnutls_io_read_buffered (session, &headers, header_size, + -1)) != header_size) + { ++ _gnutls_handshake_log ("XXX[]: ret: %d %s\n", ret, gnutls_strerror(ret)); ++ + if (ret < 0 && gnutls_error_is_fatal (ret) == 0) + return ret; + ++ _gnutls_handshake_log ("XXX2[]: ret: %d %s\n", ret, gnutls_strerror(ret)); ++ + session_invalidate (session); + if (type == GNUTLS_ALERT) + { +--- a/lib/gnutls_state.c 2009-11-02 ++++ b/lib/gnutls_state.c 2013-09-26 +@@ -223,6 +223,7 @@ _gnutls_handshake_internal_state_clear ( + session->internals.adv_version_minor = 0; + session->internals.adv_version_minor = 0; + session->internals.direction = 0; ++ session->internals.safe_renegotiation_received = 0; + + /* use out of band data for the last + * handshake messages received. +@@ -338,6 +339,11 @@ gnutls_init (gnutls_session_t * session, + + _gnutls_handshake_internal_state_clear (*session); + ++ /* emulate old gnutls behavior for old applications that do not use the priority_* ++ * functions. ++ */ ++ (*session)->internals.priorities.safe_renegotiation = SR_PARTIAL; ++ + return 0; + } + +--- a/lib/includes/gnutls/gnutls.h.in 2009-06-02 ++++ b/lib/includes/gnutls/gnutls.h.in 2013-09-26 +@@ -503,7 +503,9 @@ extern "C" { + { + GNUTLS_EXT_ANY, + GNUTLS_EXT_APPLICATION, +- GNUTLS_EXT_TLS ++ GNUTLS_EXT_TLS, ++ GNUTLS_EXT_MANDATORY, /* parse even if resuming or extensions disabled */ ++ GNUTLS_EXT_NONE, + } gnutls_ext_parse_type_t; + + int gnutls_ext_register (int type, +@@ -525,6 +527,9 @@ extern "C" { + void *data, size_t * data_length, + unsigned int *type, unsigned int indx); + ++ /* Safe renegotiation */ ++ int gnutls_safe_renegotiation_status (gnutls_session_t session); ++ + /* Opaque PRF Input + * http://tools.ietf.org/id/draft-rescorla-tls-opaque-prf-input-00.txt + */ +@@ -1368,6 +1373,9 @@ extern "C" { + #define GNUTLS_E_IA_VERIFY_FAILED -104 + + #define GNUTLS_E_UNKNOWN_ALGORITHM -105 ++#define GNUTLS_E_SAFE_RENEGOTIATION_FAILED -107 ++#define GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED -108 ++#define GNUTLS_E_UNKNOWN_SRP_USERNAME -109 + + #define GNUTLS_E_BASE64_ENCODING_ERROR -201 + #define GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY -202 /* obsolete */ +--- a/lib/libgnutls.map 2009-06-02 ++++ b/lib/libgnutls.map 2013-09-26 +@@ -567,6 +567,12 @@ GNUTLS_2_8 + gnutls_x509_crt_verify_hash; + } GNUTLS_1_4; + ++GNUTLS_2_10 ++{ ++ global: ++ gnutls_safe_renegotiation_status; ++} GNUTLS_2_8; ++ + GNUTLS_PRIVATE { + global: + # Internal symbols needed by libgnutls-extra: +--- a/lib/Makefile.am 2009-06-02 ++++ b/lib/Makefile.am 2013-09-26 +@@ -79,7 +79,7 @@ COBJECTS = gnutls_record.c gnutls_compre + gnutls_rsa_export.c auth_rsa_export.c ext_server_name.c \ + auth_dh_common.c gnutls_helper.c gnutls_supplemental.c \ + crypto.c random.c pk-libgcrypt.c mpi-libgcrypt.c \ +- rnd-libgcrypt.c cipher-libgcrypt.c mac-libgcrypt.c ++ rnd-libgcrypt.c cipher-libgcrypt.c mac-libgcrypt.c ext_safe_renegotiation.c + + if ENABLE_OPRFI + COBJECTS += $(OPRFI_COBJECTS) +@@ -98,7 +98,7 @@ HFILES = debug.h gnutls_compress.h gnutl + gnutls_rsa_export.h ext_server_name.h auth_dh_common.h \ + ext_srp.h gnutls_srp.h auth_srp.h auth_srp_passwd.h \ + gnutls_helper.h auth_psk.h auth_psk_passwd.h \ +- gnutls_supplemental.h ext_oprfi.h crypto.h random.h ++ gnutls_supplemental.h ext_oprfi.h crypto.h random.h ext_safe_renegotiation.h + + # Separate so we can create the documentation + +--- a/lib/Makefile.in 2010-03-15 ++++ b/lib/Makefile.in 2013-09-26 +@@ -214,7 +214,7 @@ am__objects_4 = gnutls_record.lo gnutls_ + ext_server_name.lo auth_dh_common.lo gnutls_helper.lo \ + gnutls_supplemental.lo crypto.lo random.lo pk-libgcrypt.lo \ + mpi-libgcrypt.lo rnd-libgcrypt.lo cipher-libgcrypt.lo \ +- mac-libgcrypt.lo $(am__objects_3) ++ mac-libgcrypt.lo ext_safe_renegotiation.lo $(am__objects_3) + am__objects_5 = ext_srp.lo gnutls_srp.lo auth_srp.lo \ + auth_srp_passwd.lo auth_srp_sb64.lo auth_srp_rsa.lo + am__objects_6 = auth_psk.lo auth_psk_passwd.lo gnutls_psk.lo \ +@@ -854,6 +854,7 @@ COBJECTS = gnutls_record.c gnutls_compre + auth_dh_common.c gnutls_helper.c gnutls_supplemental.c \ + crypto.c random.c pk-libgcrypt.c mpi-libgcrypt.c \ + rnd-libgcrypt.c cipher-libgcrypt.c mac-libgcrypt.c \ ++ ext_safe_renegotiation.c \ + $(am__append_5) + HFILES = debug.h gnutls_compress.h gnutls_cipher.h gnutls_buffers.h \ + gnutls_errors.h gnutls_int.h gnutls_handshake.h gnutls_num.h \ +@@ -868,7 +869,8 @@ HFILES = debug.h gnutls_compress.h gnutl + gnutls_rsa_export.h ext_server_name.h auth_dh_common.h \ + ext_srp.h gnutls_srp.h auth_srp.h auth_srp_passwd.h \ + gnutls_helper.h auth_psk.h auth_psk_passwd.h \ +- gnutls_supplemental.h ext_oprfi.h crypto.h random.h ++ gnutls_supplemental.h ext_oprfi.h crypto.h random.h \ ++ ext_safe_renegotiation.h + + + # Separate so we can create the documentation +@@ -1058,6 +1060,7 @@ distclean-compile: + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gnutls_x509.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libgnutlsxx_la-gnutlsxx.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mac-libgcrypt.Plo@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ext_safe_renegotiation.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mpi-libgcrypt.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pk-libgcrypt.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkix_asn1_tab.Plo@am__quote@ +--- a/NEWS 2010-03-15 ++++ b/NEWS 2013-09-26 +@@ -3,6 +3,23 @@ Copyright (C) 2000, 2001, 2002, 2003, 20 + 2006, 2007, 2008, 2009, 2010 Free Software Foundation + See the end for copying conditions. + ++** libgnutls: Added Steve Dispensa's patch for safe renegotiation (RFC 5746) ++Solves the issue discussed in: ++<http://www.ietf.org/mail-archive/web/tls/current/msg03928.html> and ++<http://www.ietf.org/mail-archive/web/tls/current/msg03948.html>. ++Note that to allow connecting to unpatched servers the full protection ++is only enabled if the priority string %SAFE_RENEGOTIATION is ++specified. You can check whether protection is in place by querying ++gnutls_safe_renegotiation_status(). New error codes ++GNUTLS_E_SAFE_RENEGOTIATION_FAILED and ++GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED added. ++ ++gnutls_safe_renegotiation_status: Added ++ ++%UNSAFE_RENEGOTIATION: Added to priority strings ++%INITIAL_SAFE_RENEGOTIATION: Added to priority strings ++%DISABLE_SAFE_RENEGOTIATION: Added to priority strings (do not use) ++ + * Version 2.8.6 (released 2010-03-15) + + ** libgnutls: For CSRs, don't null pad integers for RSA/DSA value. +--- a/src/cli-gaa.c 2009-06-02 ++++ b/src/cli-gaa.c 2013-09-26 +@@ -129,6 +129,7 @@ void gaa_help(void) + printf("GNU TLS test client\nUsage: gnutls-cli [options] hostname\n\n\n"); + __gaa_helpsingle('d', "debug", "integer ", "Enable debugging"); + __gaa_helpsingle('r', "resume", "", "Connect, establish a session. Connect again and resume this session."); ++ __gaa_helpsingle('e', "rehandshake", "", "Connect, establish a session and rehandshake immediately."); + __gaa_helpsingle('s', "starttls", "", "Connect, establish a plain session and start TLS when EOF or a SIGALRM is received."); + __gaa_helpsingle(0, "crlf", "", "Send CR LF instead of LF."); + __gaa_helpsingle(0, "x509fmtder", "", "Use DER format for certificates to read from."); +@@ -250,6 +251,8 @@ struct _gaainfo + int crlf; + #line 20 "cli.gaa" + int starttls; ++#line 20 "cli.gaa" ++ int rehandshake; + #line 17 "cli.gaa" + int resume; + #line 14 "cli.gaa" +@@ -342,8 +345,9 @@ static int gaa_error = 0; + #define GAAOPTID_x509fmtder 31 + #define GAAOPTID_crlf 32 + #define GAAOPTID_starttls 33 +-#define GAAOPTID_resume 34 +-#define GAAOPTID_debug 35 ++#define GAAOPTID_rehandshake 34 ++#define GAAOPTID_resume 35 ++#define GAAOPTID_debug 36 + + #line 168 "gaa.skel" + +@@ -721,6 +725,7 @@ static int gaa_get_option_num(char *str, + GAA_CHECK1STR("", GAAOPTID_x509fmtder); + GAA_CHECK1STR("", GAAOPTID_crlf); + GAA_CHECK1STR("s", GAAOPTID_starttls); ++ GAA_CHECK1STR("e", GAAOPTID_rehandshake); + GAA_CHECK1STR("r", GAAOPTID_resume); + + #line 277 "gaa.skel" +@@ -759,6 +764,7 @@ static int gaa_get_option_num(char *str, + GAA_CHECKSTR("x509fmtder", GAAOPTID_x509fmtder); + GAA_CHECKSTR("crlf", GAAOPTID_crlf); + GAA_CHECKSTR("starttls", GAAOPTID_starttls); ++ GAA_CHECKSTR("rehandshake", GAAOPTID_rehandshake); + GAA_CHECKSTR("resume", GAAOPTID_resume); + GAA_CHECKSTR("debug", GAAOPTID_debug); + +@@ -1101,6 +1107,13 @@ static int gaa_try(int gaa_num, int gaa_ + + return GAA_OK; + break; ++ case GAAOPTID_rehandshake: ++ OK = 0; ++#line 21 "cli.gaa" ++{ gaaval->rehandshake = 1 ;}; ++ ++ return GAA_OK; ++ break; + case GAAOPTID_resume: + OK = 0; + #line 18 "cli.gaa" +@@ -1164,7 +1177,7 @@ int gaa(int argc, char **argv, gaainfo * + gaaval->srp_username=NULL; gaaval->srp_passwd=NULL; gaaval->fmtder = 0; gaaval->starttls =0; + gaaval->debug = 0; gaaval->print_cert = 0; gaaval->verbose = 0; gaaval->psk_key = NULL; + gaaval->psk_username = NULL; gaaval->priorities = NULL; +- gaaval->opaque_prf_input = NULL; gaaval->pgp_subkey = NULL; ;}; ++ gaaval->opaque_prf_input = NULL; gaaval->pgp_subkey = NULL; gaaval->rehandshake = 0; ;}; + + } + inited = 1; +--- a/src/cli-gaa.h 2009-06-02 ++++ b/src/cli-gaa.h 2013-09-26 +@@ -82,6 +82,7 @@ struct _gaainfo + int crlf; + #line 20 "cli.gaa" + int starttls; ++ int rehandshake; + #line 17 "cli.gaa" + int resume; + #line 14 "cli.gaa" +--- a/src/cli.c 2009-06-02 ++++ b/src/cli.c 2013-09-26 +@@ -53,7 +53,7 @@ + #define MAX_BUF 4096 + + /* global stuff here */ +-int resume, starttls, insecure; ++int resume, starttls, insecure, rehandshake; + const char *hostname = NULL; + char *service; + int record_max_size; +@@ -674,6 +674,23 @@ after_handshake: + programs to search for when gnutls-cli has reached this point. */ + printf ("\n- Simple Client Mode:\n\n"); + ++ if (rehandshake) ++ { ++ ret = do_handshake (&hd); ++ ++ if (ret < 0) ++ { ++ fprintf (stderr, "*** ReHandshake has failed\n"); ++ gnutls_perror (ret); ++ gnutls_deinit (hd.session); ++ return 1; ++ } ++ else ++ { ++ printf ("- ReHandshake was completed\n"); ++ } ++ } ++ + #ifndef _WIN32 + signal (SIGALRM, &starttls_alarm); + #endif +@@ -838,6 +855,7 @@ gaa_parser (int argc, char **argv) + print_cert = info.print_cert; + starttls = info.starttls; + resume = info.resume; ++ rehandshake = info.rehandshake; + insecure = info.insecure; + service = info.port; + record_max_size = info.record_size; +@@ -962,6 +980,11 @@ do_handshake (socket_st * socket) + socket->secure = 1; + + } ++ else ++ { ++ gnutls_alert_send_appropriate(socket->session, ret); ++ shutdown (socket->fd, SHUT_RDWR); ++ } + return ret; + } + +--- a/src/cli.gaa 2009-06-02 ++++ b/src/cli.gaa 2013-09-26 +@@ -17,6 +17,9 @@ option (d, debug) INT "integer" { $debug + #int resume; + option (r, resume) { $resume = 1 } "Connect, establish a session. Connect again and resume this session." + ++#int rehandshake; ++option (e, rehandshake) { $rehandshake = 1 } "Connect, establish a session and rehandshake immediately." ++ + #int starttls; + option (s, starttls) { $starttls = 1 } "Connect, establish a plain session and start TLS when EOF or a SIGALRM is received." + +@@ -130,4 +133,4 @@ init { $resume=0; $port="443"; $rest_arg + $srp_username=NULL; $srp_passwd=NULL; $fmtder = 0; $starttls =0; + $debug = 0; $print_cert = 0; $verbose = 0; $psk_key = NULL; + $psk_username = NULL; $priorities = NULL; +- $opaque_prf_input = NULL; $pgp_subkey = NULL; } ++ $opaque_prf_input = NULL; $pgp_subkey = NULL; $rehandshake = 0; } +--- a/src/serv.c 2009-11-06 ++++ b/src/serv.c 2013-09-26 +@@ -764,6 +764,18 @@ get_response (gnutls_session_t session, + } + else + { ++ fprintf(stderr, "received: %s\n", request); ++ if (request[0] == request[1] && request[0] == '*') ++ { ++ if (strncmp(request, "**REHANDSHAKE**", sizeof("**REHANDSHAKE**")-1)==0) ++ { ++ fprintf(stderr, "*** Sending rehandshake request\n"); ++ gnutls_rehandshake(session); ++ } ++ *response = NULL; ++ *response_length = 0; ++ return; ++ } + *response = strdup (request); + *response_length = ((*response) ? strlen (*response) : 0); + } +@@ -1177,7 +1189,7 @@ main (int argc, char **argv) + ret = + gnutls_alert_send_appropriate (j->tls_session, r); + } +- while (ret == GNUTLS_E_AGAIN); ++ while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); + j->http_state = HTTP_STATE_CLOSING; + } + else if (r == 0) +@@ -1210,14 +1222,37 @@ main (int argc, char **argv) + } + else if (r <= 0) + { +- j->http_state = HTTP_STATE_CLOSING; +- if (r < 0 && r != GNUTLS_E_UNEXPECTED_PACKET_LENGTH) ++ if (r == GNUTLS_E_REHANDSHAKE) + { +- check_alert (j->tls_session, r); +- fprintf (stderr, "Error while receiving data\n"); +- GERR (r); +- } +- ++ fprintf(stderr, "*** Received hello message\n"); ++ do ++ { ++ r = gnutls_handshake (j->tls_session); ++ } ++ while (r == GNUTLS_E_INTERRUPTED || r == GNUTLS_E_AGAIN); ++ if (r < 0) ++ { ++ ++ do ++ { ++ ret = gnutls_alert_send_appropriate (j->tls_session, r); ++ } ++ while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); ++ ++ GERR (r); ++ j->http_state = HTTP_STATE_CLOSING; ++ } ++ } ++ else ++ { ++ j->http_state = HTTP_STATE_CLOSING; ++ if (r < 0 && r != GNUTLS_E_UNEXPECTED_PACKET_LENGTH) ++ { ++ check_alert (j->tls_session, r); ++ fprintf (stderr, "Error while receiving data\n"); ++ GERR (r); ++ } ++ } + } + else + { +@@ -1299,7 +1334,7 @@ main (int argc, char **argv) + } + } + +- if (j->handshake_ok == 1) ++ if (j->handshake_ok == 1 && j->http_response != NULL) + { + /* FIXME if j->http_response == NULL? */ + r = gnutls_record_send (j->tls_session, +@@ -1351,6 +1386,12 @@ main (int argc, char **argv) + } + } + } ++ else ++ { ++ j->request_length = 0; ++ j->http_request[0] = 0; ++ j->http_state = HTTP_STATE_REQUEST; ++ } + } + } + lloopend (listener_list, j); +--- a/src/tests.c 2009-06-02 ++++ b/src/tests.c 2013-09-26 +@@ -45,6 +45,7 @@ extern int verbose; + int tls1_ok = 0; + int ssl3_ok = 0; + int tls1_1_ok = 0; ++int tls1_2_ok = 0; + + /* keep session info */ + static char *session_data = NULL; +@@ -103,158 +104,28 @@ do_handshake (gnutls_session_t session) + return TEST_SUCCEED; + } + +-static int protocol_priority[16] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 }; ++char protocol_str[] = "+VERS-TLS1.0:+VERS-SSL3.0"; ++char prio_str[256] = ""; + +-static const int kx_priority[16] = +- { GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, +- GNUTLS_KX_ANON_DH, +- GNUTLS_KX_RSA_EXPORT, 0 +-}; +- +-static const int cipher_priority[16] = +- { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR_128, +- GNUTLS_CIPHER_ARCFOUR_40, 0 +-}; +-static const int comp_priority[16] = { GNUTLS_COMP_NULL, 0 }; +-static const int mac_priority[16] = { GNUTLS_MAC_SHA1, GNUTLS_MAC_MD5, 0 }; +-static const int cert_type_priority[16] = { GNUTLS_CRT_X509, 0 }; +- +-#define ADD_ALL_CIPHERS(session) gnutls_cipher_set_priority(session, cipher_priority) +-#define ADD_ALL_COMP(session) gnutls_compression_set_priority(session, comp_priority) +-#define ADD_ALL_MACS(session) gnutls_mac_set_priority(session, mac_priority) +-#define ADD_ALL_KX(session) gnutls_kx_set_priority(session, kx_priority) +-#define ADD_ALL_PROTOCOLS(session) gnutls_protocol_set_priority(session, protocol_priority) +-#define ADD_ALL_CERTTYPES(session) gnutls_certificate_type_set_priority(session, cert_type_priority) +- +-static void +-ADD_KX (gnutls_session_t session, int kx) +-{ +- static int _kx_priority[] = { 0, 0 }; +- _kx_priority[0] = kx; +- +- gnutls_kx_set_priority (session, _kx_priority); +-} +- +-static void +-ADD_KX2 (gnutls_session_t session, int kx1, int kx2) +-{ +- static int _kx_priority[] = { 0, 0, 0 }; +- _kx_priority[0] = kx1; +- _kx_priority[1] = kx2; +- +- gnutls_kx_set_priority (session, _kx_priority); +-} +- +-static void +-ADD_CIPHER (gnutls_session_t session, int cipher) +-{ +- static int _cipher_priority[] = { 0, 0 }; +- _cipher_priority[0] = cipher; +- +- gnutls_cipher_set_priority (session, _cipher_priority); +-} +- +-static void +-ADD_CIPHER4 (gnutls_session_t session, int cipher1, int cipher2, int cipher3, +- int cipher4) +-{ +- static int _cipher_priority[] = { 0, 0, 0, 0, 0 }; +- _cipher_priority[0] = cipher1; +- _cipher_priority[1] = cipher2; +- _cipher_priority[2] = cipher3; +- _cipher_priority[3] = cipher4; +- +- gnutls_cipher_set_priority (session, _cipher_priority); +-} +- +-static void +-ADD_MAC (gnutls_session_t session, int mac) +-{ +- static int _mac_priority[] = { 0, 0 }; +- _mac_priority[0] = mac; +- +- gnutls_mac_set_priority (session, _mac_priority); +-} +- +-static void +-ADD_COMP (gnutls_session_t session, int c) +-{ +- static int _comp_priority[] = { 0, 0 }; +- _comp_priority[0] = c; +- +- gnutls_compression_set_priority (session, _comp_priority); +-} +- +-static void +-ADD_CERTTYPE (gnutls_session_t session, int ctype) +-{ +- static int _ct_priority[] = { 0, 0 }; +- _ct_priority[0] = ctype; +- +- gnutls_certificate_type_set_priority (session, _ct_priority); +-} +- +-static void +-ADD_PROTOCOL (gnutls_session_t session, int protocol) +-{ +- static int _proto_priority[] = { 0, 0 }; +- _proto_priority[0] = protocol; +- +- gnutls_protocol_set_priority (session, _proto_priority); +-} +- +-static void +-ADD_PROTOCOL3 (gnutls_session_t session, int p1, int p2, int p3) +-{ +- static int _proto_priority[] = { 0, 0, 0, 0 }; +- _proto_priority[0] = p1; +- _proto_priority[1] = p2; +- _proto_priority[2] = p3; +- +- gnutls_protocol_set_priority (session, _proto_priority); +-} +- +-#ifdef ENABLE_SRP +-static int srp_detected; +- +-int +-_test_srp_username_callback (gnutls_session_t session, +- char **username, char **password) +-{ +- srp_detected = 1; +- +- return -1; +-} +- +-test_code_t +-test_srp (gnutls_session_t session) +-{ +- int ret; +- +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- +- ADD_KX (session, GNUTLS_KX_SRP); +- srp_detected = 0; +- +- gnutls_srp_set_client_credentials_function (srp_cred, +- _test_srp_username_callback); +- +- gnutls_credentials_set (session, GNUTLS_CRD_SRP, srp_cred); +- +- ret = do_handshake (session); +- +- gnutls_srp_set_client_credentials_function (srp_cred, NULL); +- +- if (srp_detected != 0) +- return TEST_SUCCEED; +- else +- return TEST_FAILED; ++#define ALL_CIPHERS "+3DES-CBC:+ARCFOUR-128:+ARCFOUR-40" ++#define ALL_COMP "+COMP-NULL" ++#define ALL_MACS "+SHA1:+MD5" ++#define ALL_CERTTYPES "+CTYPE-X509" ++#define REST "%%UNSAFE_RENEGOTIATION" ++#define ALL_KX "+RSA:+DHE-RSA:+DHE-DSS:+ANON-DH:+RSA-EXPORT" ++#define INIT_STR "NONE:" ++ ++static inline void _gnutls_priority_set_direct(gnutls_session_t session, const char* str) ++{ ++ const char* err; ++ int ret = gnutls_priority_set_direct(session, str, &err); ++ ++ if (ret < 0) ++ { ++ fprintf(stderr, "Error in %s\n", err); ++ exit(1); ++ } + } +-#endif + + test_code_t + test_server (gnutls_session_t session) +@@ -269,12 +140,8 @@ test_server (gnutls_session_t session) + + buf[sizeof (buf) - 1] = 0; + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + +@@ -318,13 +185,9 @@ test_export (gnutls_session_t session) + { + int ret; + +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); ++ sprintf(prio_str, INIT_STR "+ARCFOUR-40:+RSA-EXPORT:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + +- ADD_KX (session, GNUTLS_KX_RSA_EXPORT); +- ADD_CIPHER (session, GNUTLS_CIPHER_ARCFOUR_40); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -348,13 +211,9 @@ test_export_info (gnutls_session_t sessi + if (verbose == 0 || export_true == 0) + return TEST_IGNORE; + +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); ++ sprintf(prio_str, INIT_STR "+ARCFOUR-40:+RSA-EXPORT:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + +- ADD_KX (session, GNUTLS_KX_RSA_EXPORT); +- ADD_CIPHER (session, GNUTLS_CIPHER_ARCFOUR_40); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -395,13 +254,9 @@ test_dhe (gnutls_session_t session) + { + int ret; + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":+DHE-RSA:+DHE-DSS:" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + +- ADD_KX2 (session, GNUTLS_KX_DHE_RSA, GNUTLS_KX_DHE_DSS); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -411,6 +266,37 @@ test_dhe (gnutls_session_t session) + return ret; + } + ++ ++test_code_t ++test_safe_renegotiation (gnutls_session_t session) ++{ ++ int ret; ++ ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":%%SAFE_RENEGOTIATION", protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); ++ ++ gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); ++ ++ ret = do_handshake (session); ++ ++ return ret; ++} ++ ++test_code_t ++test_safe_renegotiation_scsv (gnutls_session_t session) ++{ ++ int ret; ++ ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":+VERS-SSL3.0:" ALL_MACS ":" ALL_KX ":%%SAFE_RENEGOTIATION"); ++ _gnutls_priority_set_direct (session, prio_str); ++ ++ gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); ++ ++ ret = do_handshake (session); ++ ++ return ret; ++} ++ + test_code_t + test_dhe_group (gnutls_session_t session) + { +@@ -421,13 +307,8 @@ test_dhe_group (gnutls_session_t session + if (verbose == 0 || pubkey.data == NULL) + return TEST_IGNORE; + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":+DHE-RSA:+DHE-DSS:" REST, protocol_str); + +- ADD_KX2 (session, GNUTLS_KX_DHE_RSA, GNUTLS_KX_DHE_DSS); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -463,12 +344,9 @@ test_code_t + test_ssl3 (gnutls_session_t session) + { + int ret; +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_PROTOCOL (session, GNUTLS_SSL3); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":+VERS-SSL3.0:" ALL_MACS ":" ALL_KX ":" REST); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -496,12 +374,9 @@ test_bye (gnutls_session_t session) + signal (SIGALRM, got_alarm); + #endif + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -548,12 +423,10 @@ test_code_t + test_aes (gnutls_session_t session) + { + int ret; +- ADD_CIPHER (session, GNUTLS_CIPHER_AES_128_CBC); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR "+AES-128-CBC:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST , protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -565,12 +438,10 @@ test_code_t + test_camellia (gnutls_session_t session) + { + int ret; +- ADD_CIPHER (session, GNUTLS_CIPHER_CAMELLIA_128_CBC); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR "+CAMELLIA-128-CBC:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -582,12 +453,10 @@ test_code_t + test_openpgp1 (gnutls_session_t session) + { + int ret; +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_CERTTYPE (session, GNUTLS_CRT_OPENPGP); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":+CTYPE-OPENPGP:%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -604,18 +473,16 @@ test_code_t + test_unknown_ciphersuites (gnutls_session_t session) + { + int ret; ++ ++ + #ifdef ENABLE_CAMELLIA +- ADD_CIPHER4 (session, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_CIPHER_3DES_CBC, +- GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_CIPHER_ARCFOUR_128); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + #else +- ADD_CIPHER4 (session, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_CIPHER_3DES_CBC, +- GNUTLS_CIPHER_ARCFOUR_128, 0); ++ sprintf(prio_str, INIT_STR "+AES-128-CBC:" ALL_CIPHERS ":"ALL_COMP":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + #endif +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -626,12 +493,10 @@ test_code_t + test_md5 (gnutls_session_t session) + { + int ret; +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_MAC (session, GNUTLS_MAC_MD5); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR "+AES-128-CBC:" ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:+MD5:" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -643,12 +508,10 @@ test_code_t + test_zlib (gnutls_session_t session) + { + int ret; +- ADD_ALL_CIPHERS (session); +- ADD_COMP (session, GNUTLS_COMP_ZLIB); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":+COMP-ZLIB:" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -657,34 +520,25 @@ test_zlib (gnutls_session_t session) + #endif + + test_code_t +-test_lzo (gnutls_session_t session) ++test_sha (gnutls_session_t session) + { + int ret; +- gnutls_handshake_set_private_extensions (session, 1); + +- ADD_ALL_CIPHERS (session); +- ADD_COMP (session, GNUTLS_COMP_LZO); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR "+AES-128-CBC:" ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:+SHA1:" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +- + return ret; + } + + test_code_t +-test_sha (gnutls_session_t session) ++test_3des (gnutls_session_t session) + { + int ret; +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_MAC (session, GNUTLS_MAC_SHA1); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR "+3DES-CBC:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -692,15 +546,12 @@ test_sha (gnutls_session_t session) + } + + test_code_t +-test_3des (gnutls_session_t session) ++test_arcfour (gnutls_session_t session) + { + int ret; +- ADD_CIPHER (session, GNUTLS_CIPHER_3DES_CBC); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR "+ARCFOUR-128:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -708,15 +559,13 @@ test_3des (gnutls_session_t session) + } + + test_code_t +-test_arcfour (gnutls_session_t session) ++test_arcfour_40 (gnutls_session_t session) + { + int ret; +- ADD_CIPHER (session, GNUTLS_CIPHER_ARCFOUR_128); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR "+ARCFOUR-40:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" "+RSA-EXPORT" ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -724,36 +573,36 @@ test_arcfour (gnutls_session_t session) + } + + test_code_t +-test_arcfour_40 (gnutls_session_t session) ++test_tls1 (gnutls_session_t session) + { + int ret; +- ADD_CIPHER (session, GNUTLS_CIPHER_ARCFOUR_40); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":+VERS-TLS1.0:" ALL_MACS ":" ALL_KX ":" REST); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); ++ if (ret == TEST_SUCCEED) ++ tls1_ok = 1; ++ + return ret; ++ + } + + test_code_t +-test_tls1 (gnutls_session_t session) ++test_tls1_2 (gnutls_session_t session) + { + int ret; +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_PROTOCOL (session, GNUTLS_TLS1); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":+VERS-TLS1.2:" ALL_MACS ":" ALL_KX ":" REST); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); + if (ret == TEST_SUCCEED) +- tls1_ok = 1; ++ tls1_2_ok = 1; + + return ret; + +@@ -763,12 +612,10 @@ test_code_t + test_tls1_1 (gnutls_session_t session) + { + int ret; +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_PROTOCOL (session, GNUTLS_TLS1_1); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":+VERS-TLS1.1:" ALL_MACS ":" ALL_KX ":" REST); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -786,12 +633,9 @@ test_tls1_1_fallback (gnutls_session_t s + if (tls1_1_ok) + return TEST_IGNORE; + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_PROTOCOL3 (session, GNUTLS_TLS1_1, GNUTLS_TLS1, GNUTLS_SSL3); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:" ALL_MACS ":" ALL_KX ":" REST); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -817,12 +661,9 @@ test_tls_disable (gnutls_session_t sessi + if (tls1_ok != 0) + return TEST_IGNORE; + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -831,8 +672,7 @@ test_tls_disable (gnutls_session_t sessi + /* disable TLS 1.0 */ + if (ssl3_ok != 0) + { +- protocol_priority[0] = GNUTLS_SSL3; +- protocol_priority[1] = 0; ++ strcpy(protocol_str, "+VERS-SSL3.0"); + } + } + return ret; +@@ -849,12 +689,8 @@ test_rsa_pms (gnutls_session_t session) + * If the server is old, buggy and only supports + * SSL 3.0 then the handshake will fail. + */ +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_KX (session, GNUTLS_KX_RSA); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":+RSA:" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -870,12 +706,8 @@ test_code_t + test_max_record_size (gnutls_session_t session) + { + int ret; +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + gnutls_record_set_max_size (session, 512); + +@@ -894,12 +726,9 @@ test_code_t + test_hello_extension (gnutls_session_t session) + { + int ret; +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + gnutls_record_set_max_size (session, 512); + +@@ -925,12 +754,8 @@ test_version_rollback (gnutls_session_t + * attacks which allow a version downgrade) and this + * connection will fail. + */ +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + _gnutls_record_set_default_version (session, 3, 0); + +@@ -955,12 +780,8 @@ test_version_oob (gnutls_session_t sessi + /* here we enable both SSL 3.0 and TLS 1.0 + * and we connect using a 5.5 record version. + */ +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + _gnutls_record_set_default_version (session, 5, 5); + +@@ -980,12 +801,8 @@ test_rsa_pms_version_check (gnutls_sessi + * + * A normal server would abort this handshake. + */ +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + _gnutls_rsa_pms_set_version (session, 5, 5); /* use SSL 5.5 version */ + +@@ -1000,12 +817,8 @@ test_anonymous (gnutls_session_t session + { + int ret; + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_KX (session, GNUTLS_KX_ANON_DH); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":+ANON-DH:" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_ANON, anon_cred); + + ret = do_handshake (session); +@@ -1027,12 +840,8 @@ test_session_resume2 (gnutls_session_t s + if (session == NULL) + return TEST_IGNORE; + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + gnutls_credentials_set (session, GNUTLS_CRD_ANON, anon_cred); +@@ -1074,12 +883,8 @@ test_certificate (gnutls_session_t sessi + if (verbose == 0) + return TEST_IGNORE; + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + +@@ -1143,12 +948,8 @@ test_server_cas (gnutls_session_t sessio + if (verbose == 0) + return TEST_IGNORE; + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + gnutls_certificate_client_set_retrieve_function (xcred, cert_callback); +--- a/src/tests.h 2009-06-02 ++++ b/src/tests.h 2013-09-26 +@@ -3,7 +3,6 @@ typedef enum + TEST_SUCCEED, TEST_FAILED, TEST_UNSURE, TEST_IGNORE + } test_code_t; + +-test_code_t test_srp (gnutls_session_t state); + test_code_t test_server (gnutls_session_t state); + test_code_t test_export (gnutls_session_t state); + test_code_t test_export_info (gnutls_session_t state); +@@ -21,7 +20,10 @@ test_code_t test_3des (gnutls_session_t + test_code_t test_arcfour (gnutls_session_t state); + test_code_t test_arcfour_40 (gnutls_session_t state); + test_code_t test_tls1 (gnutls_session_t state); ++test_code_t test_safe_renegotiation (gnutls_session_t state); ++test_code_t test_safe_renegotiation_scsv (gnutls_session_t state); + test_code_t test_tls1_1 (gnutls_session_t state); ++test_code_t test_tls1_2 (gnutls_session_t state); + test_code_t test_tls1_1_fallback (gnutls_session_t state); + test_code_t test_tls_disable (gnutls_session_t state); + test_code_t test_rsa_pms (gnutls_session_t state); +@@ -37,6 +39,5 @@ test_code_t test_session_resume2 (gnutls + test_code_t test_rsa_pms_version_check (gnutls_session_t session); + test_code_t test_version_oob (gnutls_session_t session); + test_code_t test_zlib (gnutls_session_t session); +-test_code_t test_lzo (gnutls_session_t session); + int _test_srp_username_callback (gnutls_session_t session, + char **username, char **password); +--- a/src/tls_test.c 2009-06-02 ++++ b/src/tls_test.c 2013-09-26 +@@ -79,6 +79,9 @@ typedef struct + } TLS_TEST; + + static const TLS_TEST tls_tests[] = { ++ {"for Safe renegotiation support", test_safe_renegotiation, "yes", "no", "dunno"}, ++ {"for Safe renegotiation support (SCSV)", test_safe_renegotiation_scsv, "yes", "no", "dunno"}, ++ {"for TLS 1.2 support", test_tls1_2, "yes", "no", "dunno"}, + {"for TLS 1.1 support", test_tls1_1, "yes", "no", "dunno"}, + {"fallback from TLS 1.1 to", test_tls1_1_fallback, "TLS 1.0", "failed", + "SSL 3.0"}, +@@ -139,14 +142,8 @@ static const TLS_TEST tls_tests[] = { + {"for ZLIB compression support (TLS extension)", test_zlib, "yes", + "no", "dunno"}, + #endif +- {"for LZO compression support (GnuTLS extension)", test_lzo, "yes", +- "no", "dunno"}, + {"for max record size (TLS extension)", test_max_record_size, "yes", + "no", "dunno"}, +-#ifdef ENABLE_SRP +- {"for SRP authentication support (TLS extension)", test_srp, "yes", +- "no", "dunno"}, +-#endif + {"for OpenPGP authentication support (TLS extension)", test_openpgp1, + "yes", "no", "dunno"}, + {NULL, NULL, NULL, NULL, NULL} +@@ -233,7 +230,7 @@ main (int argc, char **argv) + + /* if neither of SSL3 and TLSv1 are supported, exit + */ +- if (i > 3 && tls1_1_ok == 0 && tls1_ok == 0 && ssl3_ok == 0) ++ if (i > 6 && tls1_1_ok == 0 && tls1_ok == 0 && ssl3_ok == 0) + { + fprintf (stderr, + "\nServer does not support any of SSL 3.0, TLS 1.0 and TLS 1.1\n"); +--- a/tests/Makefile.am 2010-01-24 ++++ b/tests/Makefile.am 2013-09-26 +@@ -20,7 +20,7 @@ + # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + + SUBDIRS = . rsa-md5-collision pkcs1-padding pkcs8-decode pkcs12-decode \ +- userid pathlen key-id sha2 ++ userid pathlen key-id sha2 safe-renegotiation + + if ENABLE_OPENPGP + SUBDIRS += openpgp-certs +--- a/tests/Makefile.in 2010-03-15 ++++ b/tests/Makefile.in 2013-09-26 +@@ -422,7 +422,7 @@ CTAGS = ctags + am__tty_colors = \ + red=; grn=; lgn=; blu=; std= + DIST_SUBDIRS = . rsa-md5-collision pkcs1-padding pkcs8-decode \ +- pkcs12-decode userid pathlen key-id sha2 openpgp-certs ++ pkcs12-decode userid pathlen key-id sha2 openpgp-certs safe-renegotiation + DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) + am__relativize = \ + dir0=`pwd`; \ +@@ -972,7 +972,7 @@ top_build_prefix = @top_build_prefix@ + top_builddir = @top_builddir@ + top_srcdir = @top_srcdir@ + SUBDIRS = . rsa-md5-collision pkcs1-padding pkcs8-decode pkcs12-decode \ +- userid pathlen key-id sha2 $(am__append_1) ++ userid pathlen key-id sha2 safe-renegotiation $(am__append_1) + EXTRA_DIST = libgcrypt.supp hostname-check.README + AM_CFLAGS = $(WARN_CFLAGS) $(WERROR_CFLAGS) + AM_CPPFLAGS = -I$(top_srcdir)/gl -I$(top_builddir)/gl \ +--- a/tests/resume.c 2009-06-02 ++++ b/tests/resume.c 2013-09-26 +@@ -47,6 +47,8 @@ static int wrap_db_store (void *dbf, gnu + static gnutls_datum_t wrap_db_fetch (void *dbf, gnutls_datum_t key); + static int wrap_db_delete (void *dbf, gnutls_datum_t key); + ++pid_t child; ++ + #define TLS_SESSION_CACHE 50 + + /* A very basic TLS client, with anonymous authentication. +@@ -56,6 +58,12 @@ static int wrap_db_delete (void *dbf, gn + #define MSG "Hello TLS" + + static void ++tls_log_func (int level, const char *str) ++{ ++ fprintf (stderr, "%s |<%d>| %s", child ? "server" : "client", level, str); ++} ++ ++static void + client (void) + { + int ret, sd, ii; +@@ -70,6 +78,11 @@ client (void) + int t; + gnutls_datum session_data; + ++ if (debug) ++ { ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (2); ++ } + gnutls_global_init (); + + gnutls_anon_allocate_client_credentials (&anoncred); +@@ -298,8 +311,13 @@ server (void) + + /* this must be called once in the program, it is mostly for the server. + */ +- gnutls_global_init (); ++ if (debug) ++ { ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (2); ++ } + ++ gnutls_global_init (); + gnutls_anon_allocate_server_credentials (&anoncred); + + success ("Launched, generating DH parameters...\n"); +@@ -385,8 +403,6 @@ server (void) + void + doit (void) + { +- pid_t child; +- + global_start (); + if (error_count) + return; +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/Makefile.am 2013-09-26 +@@ -0,0 +1,37 @@ ++## Process this file with automake to produce Makefile.in ++# Copyright (C) 2010 Free Software Foundation, Inc. ++# ++# This file is part of GnuTLS. ++# ++# This file is free software; you can redistribute it and/or modify it ++# under the terms of the GNU General Public License as published by ++# the Free Software Foundation; either version 3 of the License, or ++# (at your option) any later version. ++# ++# This file is distributed in the hope that it will be useful, but ++# WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++# General Public License for more details. ++# ++# You should have received a copy of the GNU General Public License ++# along with this file; if not, write to the Free Software Foundation, ++# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. ++ ++AM_CFLAGS = $(WARN_CFLAGS) $(WERROR_CFLAGS) ++AM_CPPFLAGS = \ ++ -I$(top_srcdir)/lib/includes \ ++ -I$(top_builddir)/lib/includes ++ ++AM_LDFLAGS = -no-install ++LDADD = ../../lib/libgnutls.la $(LTLIBGCRYPT) $(LIBSOCKET) ++ ++ctests = srn0 srn1 srn2 srn3 srn4 srn5 srn6 srn7 ++ ++check_PROGRAMS = $(ctests) ++TESTS = $(ctests) ++TESTS_ENVIRONMENT = $(VALGRIND) ++ ++EXTRA_DIST = README params.dh ++ ++dist_check_SCRIPTS = testsrn ++#TESTS = testsrn +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/Makefile.in 2013-09-26 +@@ -0,0 +1,1299 @@ ++# Makefile.in generated by automake 1.11.1 from Makefile.am. ++# @configure_input@ ++ ++# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, ++# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, ++# Inc. ++# This Makefile.in is free software; the Free Software Foundation ++# gives unlimited permission to copy and/or distribute it, ++# with or without modifications, as long as this notice is preserved. ++ ++# This program is distributed in the hope that it will be useful, ++# but WITHOUT ANY WARRANTY, to the extent permitted by law; without ++# even the implied warranty of MERCHANTABILITY or FITNESS FOR A ++# PARTICULAR PURPOSE. ++ ++@SET_MAKE@ ++ ++# Copyright (C) 2010 Free Software Foundation, Inc. ++# ++# This file is part of GnuTLS. ++# ++# This file is free software; you can redistribute it and/or modify it ++# under the terms of the GNU General Public License as published by ++# the Free Software Foundation; either version 3 of the License, or ++# (at your option) any later version. ++# ++# This file is distributed in the hope that it will be useful, but ++# WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++# General Public License for more details. ++# ++# You should have received a copy of the GNU General Public License ++# along with this file; if not, write to the Free Software Foundation, ++# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. ++VPATH = @srcdir@ ++pkgdatadir = $(datadir)/@PACKAGE@ ++pkgincludedir = $(includedir)/@PACKAGE@ ++pkglibdir = $(libdir)/@PACKAGE@ ++pkglibexecdir = $(libexecdir)/@PACKAGE@ ++am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd ++install_sh_DATA = $(install_sh) -c -m 644 ++install_sh_PROGRAM = $(install_sh) -c ++install_sh_SCRIPT = $(install_sh) -c ++INSTALL_HEADER = $(INSTALL_DATA) ++transform = $(program_transform_name) ++NORMAL_INSTALL = : ++PRE_INSTALL = : ++POST_INSTALL = : ++NORMAL_UNINSTALL = : ++PRE_UNINSTALL = : ++POST_UNINSTALL = : ++build_triplet = @build@ ++host_triplet = @host@ ++check_PROGRAMS = $(am__EXEEXT_1) ++TESTS = $(am__EXEEXT_1) ++subdir = tests/safe-renegotiation ++DIST_COMMON = README $(dist_check_SCRIPTS) $(srcdir)/Makefile.am \ ++ $(srcdir)/Makefile.in ++ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 ++am__aclocal_m4_deps = $(top_srcdir)/libextra/m4/hooks.m4 \ ++ $(top_srcdir)/lib/m4/hooks.m4 $(top_srcdir)/lib/gl/m4/po.m4 \ ++ $(top_srcdir)/gl/m4/00gnulib.m4 $(top_srcdir)/gl/m4/alloca.m4 \ ++ $(top_srcdir)/gl/m4/arpa_inet_h.m4 \ ++ $(top_srcdir)/gl/m4/asm-underscore.m4 \ ++ $(top_srcdir)/gl/m4/autobuild.m4 \ ++ $(top_srcdir)/gl/m4/clock_time.m4 $(top_srcdir)/gl/m4/close.m4 \ ++ $(top_srcdir)/gl/m4/errno_h.m4 $(top_srcdir)/gl/m4/error.m4 \ ++ $(top_srcdir)/gl/m4/extensions.m4 \ ++ $(top_srcdir)/gl/m4/fclose.m4 $(top_srcdir)/gl/m4/float_h.m4 \ ++ $(top_srcdir)/gl/m4/fseeko.m4 \ ++ $(top_srcdir)/gl/m4/getaddrinfo.m4 \ ++ $(top_srcdir)/gl/m4/getdelim.m4 $(top_srcdir)/gl/m4/getline.m4 \ ++ $(top_srcdir)/gl/m4/getpass.m4 $(top_srcdir)/gl/m4/gettime.m4 \ ++ $(top_srcdir)/gl/m4/gettimeofday.m4 \ ++ $(top_srcdir)/gl/m4/gnulib-common.m4 \ ++ $(top_srcdir)/gl/m4/gnulib-comp.m4 \ ++ $(top_srcdir)/gl/m4/hostent.m4 \ ++ $(top_srcdir)/gl/m4/include_next.m4 \ ++ $(top_srcdir)/gl/m4/inet_ntop.m4 \ ++ $(top_srcdir)/gl/m4/inet_pton.m4 \ ++ $(top_srcdir)/gl/m4/intmax_t.m4 \ ++ $(top_srcdir)/gl/m4/inttypes_h.m4 $(top_srcdir)/gl/m4/ioctl.m4 \ ++ $(top_srcdir)/gl/m4/lib-ld.m4 $(top_srcdir)/gl/m4/lib-link.m4 \ ++ $(top_srcdir)/gl/m4/lib-prefix.m4 \ ++ $(top_srcdir)/gl/m4/longlong.m4 $(top_srcdir)/gl/m4/lseek.m4 \ ++ $(top_srcdir)/gl/m4/malloc.m4 \ ++ $(top_srcdir)/gl/m4/manywarnings.m4 \ ++ $(top_srcdir)/gl/m4/memchr.m4 $(top_srcdir)/gl/m4/minmax.m4 \ ++ $(top_srcdir)/gl/m4/mmap-anon.m4 \ ++ $(top_srcdir)/gl/m4/multiarch.m4 \ ++ $(top_srcdir)/gl/m4/netdb_h.m4 \ ++ $(top_srcdir)/gl/m4/netinet_in_h.m4 \ ++ $(top_srcdir)/gl/m4/onceonly_2_57.m4 \ ++ $(top_srcdir)/gl/m4/perror.m4 $(top_srcdir)/gl/m4/printf.m4 \ ++ $(top_srcdir)/gl/m4/read-file.m4 \ ++ $(top_srcdir)/gl/m4/readline.m4 $(top_srcdir)/gl/m4/realloc.m4 \ ++ $(top_srcdir)/gl/m4/select.m4 $(top_srcdir)/gl/m4/servent.m4 \ ++ $(top_srcdir)/gl/m4/size_max.m4 \ ++ $(top_srcdir)/gl/m4/snprintf.m4 $(top_srcdir)/gl/m4/sockets.m4 \ ++ $(top_srcdir)/gl/m4/socklen.m4 $(top_srcdir)/gl/m4/sockpfaf.m4 \ ++ $(top_srcdir)/gl/m4/stdarg.m4 $(top_srcdir)/gl/m4/stdbool.m4 \ ++ $(top_srcdir)/gl/m4/stddef_h.m4 $(top_srcdir)/gl/m4/stdint.m4 \ ++ $(top_srcdir)/gl/m4/stdint_h.m4 $(top_srcdir)/gl/m4/stdio_h.m4 \ ++ $(top_srcdir)/gl/m4/stdlib_h.m4 \ ++ $(top_srcdir)/gl/m4/strerror.m4 \ ++ $(top_srcdir)/gl/m4/string_h.m4 \ ++ $(top_srcdir)/gl/m4/sys_ioctl_h.m4 \ ++ $(top_srcdir)/gl/m4/sys_select_h.m4 \ ++ $(top_srcdir)/gl/m4/sys_socket_h.m4 \ ++ $(top_srcdir)/gl/m4/sys_stat_h.m4 \ ++ $(top_srcdir)/gl/m4/sys_time_h.m4 \ ++ $(top_srcdir)/gl/m4/time_h.m4 $(top_srcdir)/gl/m4/timespec.m4 \ ++ $(top_srcdir)/gl/m4/ungetc.m4 $(top_srcdir)/gl/m4/unistd_h.m4 \ ++ $(top_srcdir)/gl/m4/valgrind-tests.m4 \ ++ $(top_srcdir)/gl/m4/vasnprintf.m4 \ ++ $(top_srcdir)/gl/m4/version-etc.m4 \ ++ $(top_srcdir)/gl/m4/warn-on-use.m4 \ ++ $(top_srcdir)/gl/m4/warnings.m4 $(top_srcdir)/gl/m4/wchar_h.m4 \ ++ $(top_srcdir)/gl/m4/wchar_t.m4 $(top_srcdir)/gl/m4/wint_t.m4 \ ++ $(top_srcdir)/gl/m4/xsize.m4 $(top_srcdir)/m4/gtk-doc.m4 \ ++ $(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/libtool.m4 \ ++ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ ++ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ ++ $(top_srcdir)/m4/pkg.m4 $(top_srcdir)/configure.ac ++am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ ++ $(ACLOCAL_M4) ++mkinstalldirs = $(install_sh) -d ++CONFIG_HEADER = $(top_builddir)/config.h ++CONFIG_CLEAN_FILES = ++CONFIG_CLEAN_VPATH_FILES = ++am__EXEEXT_1 = srn0$(EXEEXT) srn1$(EXEEXT) srn2$(EXEEXT) srn3$(EXEEXT) \ ++ srn4$(EXEEXT) srn5$(EXEEXT) srn6$(EXEEXT) srn7$(EXEEXT) ++srn0_SOURCES = srn0.c ++srn0_OBJECTS = srn0.$(OBJEXT) ++srn0_LDADD = $(LDADD) ++am__DEPENDENCIES_1 = ++srn0_DEPENDENCIES = ../../lib/libgnutls.la $(am__DEPENDENCIES_1) \ ++ $(am__DEPENDENCIES_1) ++srn1_SOURCES = srn1.c ++srn1_OBJECTS = srn1.$(OBJEXT) ++srn1_LDADD = $(LDADD) ++srn1_DEPENDENCIES = ../../lib/libgnutls.la $(am__DEPENDENCIES_1) \ ++ $(am__DEPENDENCIES_1) ++srn2_SOURCES = srn2.c ++srn2_OBJECTS = srn2.$(OBJEXT) ++srn2_LDADD = $(LDADD) ++srn2_DEPENDENCIES = ../../lib/libgnutls.la $(am__DEPENDENCIES_1) \ ++ $(am__DEPENDENCIES_1) ++srn3_SOURCES = srn3.c ++srn3_OBJECTS = srn3.$(OBJEXT) ++srn3_LDADD = $(LDADD) ++srn3_DEPENDENCIES = ../../lib/libgnutls.la $(am__DEPENDENCIES_1) \ ++ $(am__DEPENDENCIES_1) ++srn4_SOURCES = srn4.c ++srn4_OBJECTS = srn4.$(OBJEXT) ++srn4_LDADD = $(LDADD) ++srn4_DEPENDENCIES = ../../lib/libgnutls.la $(am__DEPENDENCIES_1) \ ++ $(am__DEPENDENCIES_1) ++srn5_SOURCES = srn5.c ++srn5_OBJECTS = srn5.$(OBJEXT) ++srn5_LDADD = $(LDADD) ++srn5_DEPENDENCIES = ../../lib/libgnutls.la $(am__DEPENDENCIES_1) \ ++ $(am__DEPENDENCIES_1) ++srn6_SOURCES = srn6.c ++srn6_OBJECTS = srn6.$(OBJEXT) ++srn6_LDADD = $(LDADD) ++srn6_DEPENDENCIES = ../../lib/libgnutls.la $(am__DEPENDENCIES_1) \ ++ $(am__DEPENDENCIES_1) ++srn7_SOURCES = srn7.c ++srn7_OBJECTS = srn7.$(OBJEXT) ++srn7_LDADD = $(LDADD) ++srn7_DEPENDENCIES = ../../lib/libgnutls.la $(am__DEPENDENCIES_1) \ ++ $(am__DEPENDENCIES_1) ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) ++depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp ++am__depfiles_maybe = depfiles ++am__mv = mv -f ++COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ ++ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) ++LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ ++ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ ++ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) ++CCLD = $(CC) ++LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ ++ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ ++ $(LDFLAGS) -o $@ ++SOURCES = srn0.c srn1.c srn2.c srn3.c srn4.c srn5.c srn6.c srn7.c ++DIST_SOURCES = srn0.c srn1.c srn2.c srn3.c srn4.c srn5.c srn6.c srn7.c ++ETAGS = etags ++CTAGS = ctags ++am__tty_colors = \ ++red=; grn=; lgn=; blu=; std= ++DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ++ACLOCAL = @ACLOCAL@ ++ALLOCA = @ALLOCA@ ++ALLOCA_H = @ALLOCA_H@ ++AMTAR = @AMTAR@ ++APPLE_UNIVERSAL_BUILD = @APPLE_UNIVERSAL_BUILD@ ++AR = @AR@ ++AS = @AS@ ++ASM_SYMBOL_PREFIX = @ASM_SYMBOL_PREFIX@ ++AUTOCONF = @AUTOCONF@ ++AUTOHEADER = @AUTOHEADER@ ++AUTOMAKE = @AUTOMAKE@ ++AWK = @AWK@ ++BITSIZEOF_PTRDIFF_T = @BITSIZEOF_PTRDIFF_T@ ++BITSIZEOF_SIG_ATOMIC_T = @BITSIZEOF_SIG_ATOMIC_T@ ++BITSIZEOF_SIZE_T = @BITSIZEOF_SIZE_T@ ++BITSIZEOF_WCHAR_T = @BITSIZEOF_WCHAR_T@ ++BITSIZEOF_WINT_T = @BITSIZEOF_WINT_T@ ++CC = @CC@ ++CCDEPMODE = @CCDEPMODE@ ++CFLAGS = @CFLAGS@ ++CONFIG_INCLUDE = @CONFIG_INCLUDE@ ++CPP = @CPP@ ++CPPFLAGS = @CPPFLAGS@ ++CXX = @CXX@ ++CXXCPP = @CXXCPP@ ++CXXDEPMODE = @CXXDEPMODE@ ++CXXFLAGS = @CXXFLAGS@ ++CYGPATH_W = @CYGPATH_W@ ++DEFS = @DEFS@ ++DEPDIR = @DEPDIR@ ++DLLTOOL = @DLLTOOL@ ++DLL_VERSION = @DLL_VERSION@ ++DSYMUTIL = @DSYMUTIL@ ++DUMPBIN = @DUMPBIN@ ++ECHO_C = @ECHO_C@ ++ECHO_N = @ECHO_N@ ++ECHO_T = @ECHO_T@ ++EGREP = @EGREP@ ++EMULTIHOP_HIDDEN = @EMULTIHOP_HIDDEN@ ++EMULTIHOP_VALUE = @EMULTIHOP_VALUE@ ++ENOLINK_HIDDEN = @ENOLINK_HIDDEN@ ++ENOLINK_VALUE = @ENOLINK_VALUE@ ++EOVERFLOW_HIDDEN = @EOVERFLOW_HIDDEN@ ++EOVERFLOW_VALUE = @EOVERFLOW_VALUE@ ++ERRNO_H = @ERRNO_H@ ++EXEEXT = @EXEEXT@ ++FGREP = @FGREP@ ++FLOAT_H = @FLOAT_H@ ++GAA = @GAA@ ++GETADDRINFO_LIB = @GETADDRINFO_LIB@ ++GNULIB_ACCEPT = @GNULIB_ACCEPT@ ++GNULIB_ACCEPT4 = @GNULIB_ACCEPT4@ ++GNULIB_ATOLL = @GNULIB_ATOLL@ ++GNULIB_BIND = @GNULIB_BIND@ ++GNULIB_BTOWC = @GNULIB_BTOWC@ ++GNULIB_CALLOC_POSIX = @GNULIB_CALLOC_POSIX@ ++GNULIB_CANONICALIZE_FILE_NAME = @GNULIB_CANONICALIZE_FILE_NAME@ ++GNULIB_CHOWN = @GNULIB_CHOWN@ ++GNULIB_CLOSE = @GNULIB_CLOSE@ ++GNULIB_CONNECT = @GNULIB_CONNECT@ ++GNULIB_DPRINTF = @GNULIB_DPRINTF@ ++GNULIB_DUP2 = @GNULIB_DUP2@ ++GNULIB_DUP3 = @GNULIB_DUP3@ ++GNULIB_ENVIRON = @GNULIB_ENVIRON@ ++GNULIB_EUIDACCESS = @GNULIB_EUIDACCESS@ ++GNULIB_FACCESSAT = @GNULIB_FACCESSAT@ ++GNULIB_FCHDIR = @GNULIB_FCHDIR@ ++GNULIB_FCHMODAT = @GNULIB_FCHMODAT@ ++GNULIB_FCHOWNAT = @GNULIB_FCHOWNAT@ ++GNULIB_FCLOSE = @GNULIB_FCLOSE@ ++GNULIB_FFLUSH = @GNULIB_FFLUSH@ ++GNULIB_FOPEN = @GNULIB_FOPEN@ ++GNULIB_FPRINTF = @GNULIB_FPRINTF@ ++GNULIB_FPRINTF_POSIX = @GNULIB_FPRINTF_POSIX@ ++GNULIB_FPURGE = @GNULIB_FPURGE@ ++GNULIB_FPUTC = @GNULIB_FPUTC@ ++GNULIB_FPUTS = @GNULIB_FPUTS@ ++GNULIB_FREOPEN = @GNULIB_FREOPEN@ ++GNULIB_FSEEK = @GNULIB_FSEEK@ ++GNULIB_FSEEKO = @GNULIB_FSEEKO@ ++GNULIB_FSTATAT = @GNULIB_FSTATAT@ ++GNULIB_FSYNC = @GNULIB_FSYNC@ ++GNULIB_FTELL = @GNULIB_FTELL@ ++GNULIB_FTELLO = @GNULIB_FTELLO@ ++GNULIB_FTRUNCATE = @GNULIB_FTRUNCATE@ ++GNULIB_FUTIMENS = @GNULIB_FUTIMENS@ ++GNULIB_FWRITE = @GNULIB_FWRITE@ ++GNULIB_GETADDRINFO = @GNULIB_GETADDRINFO@ ++GNULIB_GETCWD = @GNULIB_GETCWD@ ++GNULIB_GETDELIM = @GNULIB_GETDELIM@ ++GNULIB_GETDOMAINNAME = @GNULIB_GETDOMAINNAME@ ++GNULIB_GETDTABLESIZE = @GNULIB_GETDTABLESIZE@ ++GNULIB_GETGROUPS = @GNULIB_GETGROUPS@ ++GNULIB_GETHOSTNAME = @GNULIB_GETHOSTNAME@ ++GNULIB_GETLINE = @GNULIB_GETLINE@ ++GNULIB_GETLOADAVG = @GNULIB_GETLOADAVG@ ++GNULIB_GETLOGIN = @GNULIB_GETLOGIN@ ++GNULIB_GETLOGIN_R = @GNULIB_GETLOGIN_R@ ++GNULIB_GETPAGESIZE = @GNULIB_GETPAGESIZE@ ++GNULIB_GETPEERNAME = @GNULIB_GETPEERNAME@ ++GNULIB_GETSOCKNAME = @GNULIB_GETSOCKNAME@ ++GNULIB_GETSOCKOPT = @GNULIB_GETSOCKOPT@ ++GNULIB_GETSUBOPT = @GNULIB_GETSUBOPT@ ++GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@ ++GNULIB_GETUSERSHELL = @GNULIB_GETUSERSHELL@ ++GNULIB_GRANTPT = @GNULIB_GRANTPT@ ++GNULIB_INET_NTOP = @GNULIB_INET_NTOP@ ++GNULIB_INET_PTON = @GNULIB_INET_PTON@ ++GNULIB_IOCTL = @GNULIB_IOCTL@ ++GNULIB_LCHMOD = @GNULIB_LCHMOD@ ++GNULIB_LCHOWN = @GNULIB_LCHOWN@ ++GNULIB_LINK = @GNULIB_LINK@ ++GNULIB_LINKAT = @GNULIB_LINKAT@ ++GNULIB_LISTEN = @GNULIB_LISTEN@ ++GNULIB_LSEEK = @GNULIB_LSEEK@ ++GNULIB_LSTAT = @GNULIB_LSTAT@ ++GNULIB_MALLOC_POSIX = @GNULIB_MALLOC_POSIX@ ++GNULIB_MBRLEN = @GNULIB_MBRLEN@ ++GNULIB_MBRTOWC = @GNULIB_MBRTOWC@ ++GNULIB_MBSCASECMP = @GNULIB_MBSCASECMP@ ++GNULIB_MBSCASESTR = @GNULIB_MBSCASESTR@ ++GNULIB_MBSCHR = @GNULIB_MBSCHR@ ++GNULIB_MBSCSPN = @GNULIB_MBSCSPN@ ++GNULIB_MBSINIT = @GNULIB_MBSINIT@ ++GNULIB_MBSLEN = @GNULIB_MBSLEN@ ++GNULIB_MBSNCASECMP = @GNULIB_MBSNCASECMP@ ++GNULIB_MBSNLEN = @GNULIB_MBSNLEN@ ++GNULIB_MBSNRTOWCS = @GNULIB_MBSNRTOWCS@ ++GNULIB_MBSPBRK = @GNULIB_MBSPBRK@ ++GNULIB_MBSPCASECMP = @GNULIB_MBSPCASECMP@ ++GNULIB_MBSRCHR = @GNULIB_MBSRCHR@ ++GNULIB_MBSRTOWCS = @GNULIB_MBSRTOWCS@ ++GNULIB_MBSSEP = @GNULIB_MBSSEP@ ++GNULIB_MBSSPN = @GNULIB_MBSSPN@ ++GNULIB_MBSSTR = @GNULIB_MBSSTR@ ++GNULIB_MBSTOK_R = @GNULIB_MBSTOK_R@ ++GNULIB_MEMCHR = @GNULIB_MEMCHR@ ++GNULIB_MEMMEM = @GNULIB_MEMMEM@ ++GNULIB_MEMPCPY = @GNULIB_MEMPCPY@ ++GNULIB_MEMRCHR = @GNULIB_MEMRCHR@ ++GNULIB_MKDIRAT = @GNULIB_MKDIRAT@ ++GNULIB_MKDTEMP = @GNULIB_MKDTEMP@ ++GNULIB_MKFIFO = @GNULIB_MKFIFO@ ++GNULIB_MKFIFOAT = @GNULIB_MKFIFOAT@ ++GNULIB_MKNOD = @GNULIB_MKNOD@ ++GNULIB_MKNODAT = @GNULIB_MKNODAT@ ++GNULIB_MKOSTEMP = @GNULIB_MKOSTEMP@ ++GNULIB_MKOSTEMPS = @GNULIB_MKOSTEMPS@ ++GNULIB_MKSTEMP = @GNULIB_MKSTEMP@ ++GNULIB_MKSTEMPS = @GNULIB_MKSTEMPS@ ++GNULIB_MKTIME = @GNULIB_MKTIME@ ++GNULIB_NANOSLEEP = @GNULIB_NANOSLEEP@ ++GNULIB_OBSTACK_PRINTF = @GNULIB_OBSTACK_PRINTF@ ++GNULIB_OBSTACK_PRINTF_POSIX = @GNULIB_OBSTACK_PRINTF_POSIX@ ++GNULIB_PERROR = @GNULIB_PERROR@ ++GNULIB_PIPE2 = @GNULIB_PIPE2@ ++GNULIB_POPEN = @GNULIB_POPEN@ ++GNULIB_PREAD = @GNULIB_PREAD@ ++GNULIB_PRINTF = @GNULIB_PRINTF@ ++GNULIB_PRINTF_POSIX = @GNULIB_PRINTF_POSIX@ ++GNULIB_PTSNAME = @GNULIB_PTSNAME@ ++GNULIB_PUTC = @GNULIB_PUTC@ ++GNULIB_PUTCHAR = @GNULIB_PUTCHAR@ ++GNULIB_PUTENV = @GNULIB_PUTENV@ ++GNULIB_PUTS = @GNULIB_PUTS@ ++GNULIB_PWRITE = @GNULIB_PWRITE@ ++GNULIB_RANDOM_R = @GNULIB_RANDOM_R@ ++GNULIB_RAWMEMCHR = @GNULIB_RAWMEMCHR@ ++GNULIB_READLINK = @GNULIB_READLINK@ ++GNULIB_READLINKAT = @GNULIB_READLINKAT@ ++GNULIB_REALLOC_POSIX = @GNULIB_REALLOC_POSIX@ ++GNULIB_REALPATH = @GNULIB_REALPATH@ ++GNULIB_RECV = @GNULIB_RECV@ ++GNULIB_RECVFROM = @GNULIB_RECVFROM@ ++GNULIB_REMOVE = @GNULIB_REMOVE@ ++GNULIB_RENAME = @GNULIB_RENAME@ ++GNULIB_RENAMEAT = @GNULIB_RENAMEAT@ ++GNULIB_RMDIR = @GNULIB_RMDIR@ ++GNULIB_RPMATCH = @GNULIB_RPMATCH@ ++GNULIB_SELECT = @GNULIB_SELECT@ ++GNULIB_SEND = @GNULIB_SEND@ ++GNULIB_SENDTO = @GNULIB_SENDTO@ ++GNULIB_SETENV = @GNULIB_SETENV@ ++GNULIB_SETSOCKOPT = @GNULIB_SETSOCKOPT@ ++GNULIB_SHUTDOWN = @GNULIB_SHUTDOWN@ ++GNULIB_SLEEP = @GNULIB_SLEEP@ ++GNULIB_SNPRINTF = @GNULIB_SNPRINTF@ ++GNULIB_SOCKET = @GNULIB_SOCKET@ ++GNULIB_SPRINTF_POSIX = @GNULIB_SPRINTF_POSIX@ ++GNULIB_STAT = @GNULIB_STAT@ ++GNULIB_STDIO_H_SIGPIPE = @GNULIB_STDIO_H_SIGPIPE@ ++GNULIB_STPCPY = @GNULIB_STPCPY@ ++GNULIB_STPNCPY = @GNULIB_STPNCPY@ ++GNULIB_STRCASESTR = @GNULIB_STRCASESTR@ ++GNULIB_STRCHRNUL = @GNULIB_STRCHRNUL@ ++GNULIB_STRDUP = @GNULIB_STRDUP@ ++GNULIB_STRERROR = @GNULIB_STRERROR@ ++GNULIB_STRNCAT = @GNULIB_STRNCAT@ ++GNULIB_STRNDUP = @GNULIB_STRNDUP@ ++GNULIB_STRNLEN = @GNULIB_STRNLEN@ ++GNULIB_STRPBRK = @GNULIB_STRPBRK@ ++GNULIB_STRPTIME = @GNULIB_STRPTIME@ ++GNULIB_STRSEP = @GNULIB_STRSEP@ ++GNULIB_STRSIGNAL = @GNULIB_STRSIGNAL@ ++GNULIB_STRSTR = @GNULIB_STRSTR@ ++GNULIB_STRTOD = @GNULIB_STRTOD@ ++GNULIB_STRTOK_R = @GNULIB_STRTOK_R@ ++GNULIB_STRTOLL = @GNULIB_STRTOLL@ ++GNULIB_STRTOULL = @GNULIB_STRTOULL@ ++GNULIB_STRVERSCMP = @GNULIB_STRVERSCMP@ ++GNULIB_SYMLINK = @GNULIB_SYMLINK@ ++GNULIB_SYMLINKAT = @GNULIB_SYMLINKAT@ ++GNULIB_TIMEGM = @GNULIB_TIMEGM@ ++GNULIB_TIME_R = @GNULIB_TIME_R@ ++GNULIB_TMPFILE = @GNULIB_TMPFILE@ ++GNULIB_TTYNAME_R = @GNULIB_TTYNAME_R@ ++GNULIB_UNISTD_H_GETOPT = @GNULIB_UNISTD_H_GETOPT@ ++GNULIB_UNISTD_H_SIGPIPE = @GNULIB_UNISTD_H_SIGPIPE@ ++GNULIB_UNLINK = @GNULIB_UNLINK@ ++GNULIB_UNLINKAT = @GNULIB_UNLINKAT@ ++GNULIB_UNLOCKPT = @GNULIB_UNLOCKPT@ ++GNULIB_UNSETENV = @GNULIB_UNSETENV@ ++GNULIB_USLEEP = @GNULIB_USLEEP@ ++GNULIB_UTIMENSAT = @GNULIB_UTIMENSAT@ ++GNULIB_VASPRINTF = @GNULIB_VASPRINTF@ ++GNULIB_VDPRINTF = @GNULIB_VDPRINTF@ ++GNULIB_VFPRINTF = @GNULIB_VFPRINTF@ ++GNULIB_VFPRINTF_POSIX = @GNULIB_VFPRINTF_POSIX@ ++GNULIB_VPRINTF = @GNULIB_VPRINTF@ ++GNULIB_VPRINTF_POSIX = @GNULIB_VPRINTF_POSIX@ ++GNULIB_VSNPRINTF = @GNULIB_VSNPRINTF@ ++GNULIB_VSPRINTF_POSIX = @GNULIB_VSPRINTF_POSIX@ ++GNULIB_WCRTOMB = @GNULIB_WCRTOMB@ ++GNULIB_WCSNRTOMBS = @GNULIB_WCSNRTOMBS@ ++GNULIB_WCSRTOMBS = @GNULIB_WCSRTOMBS@ ++GNULIB_WCTOB = @GNULIB_WCTOB@ ++GNULIB_WCWIDTH = @GNULIB_WCWIDTH@ ++GNULIB_WRITE = @GNULIB_WRITE@ ++GREP = @GREP@ ++GTKDOC_CHECK = @GTKDOC_CHECK@ ++GTKDOC_MKPDF = @GTKDOC_MKPDF@ ++GTKDOC_REBASE = @GTKDOC_REBASE@ ++GUILE = @GUILE@ ++GUILE_CFLAGS = @GUILE_CFLAGS@ ++GUILE_CONFIG = @GUILE_CONFIG@ ++GUILE_LDFLAGS = @GUILE_LDFLAGS@ ++GUILE_SITE = @GUILE_SITE@ ++GUILE_TOOLS = @GUILE_TOOLS@ ++HAVE_ACCEPT4 = @HAVE_ACCEPT4@ ++HAVE_ARPA_INET_H = @HAVE_ARPA_INET_H@ ++HAVE_ATOLL = @HAVE_ATOLL@ ++HAVE_BTOWC = @HAVE_BTOWC@ ++HAVE_CALLOC_POSIX = @HAVE_CALLOC_POSIX@ ++HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@ ++HAVE_CHOWN = @HAVE_CHOWN@ ++HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@ ++HAVE_DECL_FPURGE = @HAVE_DECL_FPURGE@ ++HAVE_DECL_FREEADDRINFO = @HAVE_DECL_FREEADDRINFO@ ++HAVE_DECL_GAI_STRERROR = @HAVE_DECL_GAI_STRERROR@ ++HAVE_DECL_GETADDRINFO = @HAVE_DECL_GETADDRINFO@ ++HAVE_DECL_GETDELIM = @HAVE_DECL_GETDELIM@ ++HAVE_DECL_GETLINE = @HAVE_DECL_GETLINE@ ++HAVE_DECL_GETLOADAVG = @HAVE_DECL_GETLOADAVG@ ++HAVE_DECL_GETLOGIN_R = @HAVE_DECL_GETLOGIN_R@ ++HAVE_DECL_GETNAMEINFO = @HAVE_DECL_GETNAMEINFO@ ++HAVE_DECL_GETPAGESIZE = @HAVE_DECL_GETPAGESIZE@ ++HAVE_DECL_GETUSERSHELL = @HAVE_DECL_GETUSERSHELL@ ++HAVE_DECL_INET_NTOP = @HAVE_DECL_INET_NTOP@ ++HAVE_DECL_INET_PTON = @HAVE_DECL_INET_PTON@ ++HAVE_DECL_MEMMEM = @HAVE_DECL_MEMMEM@ ++HAVE_DECL_MEMRCHR = @HAVE_DECL_MEMRCHR@ ++HAVE_DECL_OBSTACK_PRINTF = @HAVE_DECL_OBSTACK_PRINTF@ ++HAVE_DECL_SNPRINTF = @HAVE_DECL_SNPRINTF@ ++HAVE_DECL_STRDUP = @HAVE_DECL_STRDUP@ ++HAVE_DECL_STRNDUP = @HAVE_DECL_STRNDUP@ ++HAVE_DECL_STRNLEN = @HAVE_DECL_STRNLEN@ ++HAVE_DECL_STRSIGNAL = @HAVE_DECL_STRSIGNAL@ ++HAVE_DECL_STRTOK_R = @HAVE_DECL_STRTOK_R@ ++HAVE_DECL_VSNPRINTF = @HAVE_DECL_VSNPRINTF@ ++HAVE_DECL_WCTOB = @HAVE_DECL_WCTOB@ ++HAVE_DECL_WCWIDTH = @HAVE_DECL_WCWIDTH@ ++HAVE_DPRINTF = @HAVE_DPRINTF@ ++HAVE_DUP2 = @HAVE_DUP2@ ++HAVE_DUP3 = @HAVE_DUP3@ ++HAVE_EUIDACCESS = @HAVE_EUIDACCESS@ ++HAVE_FACCESSAT = @HAVE_FACCESSAT@ ++HAVE_FCHDIR = @HAVE_FCHDIR@ ++HAVE_FCHMODAT = @HAVE_FCHMODAT@ ++HAVE_FCHOWNAT = @HAVE_FCHOWNAT@ ++HAVE_FSEEKO = @HAVE_FSEEKO@ ++HAVE_FSTATAT = @HAVE_FSTATAT@ ++HAVE_FSYNC = @HAVE_FSYNC@ ++HAVE_FTELLO = @HAVE_FTELLO@ ++HAVE_FTRUNCATE = @HAVE_FTRUNCATE@ ++HAVE_FUTIMENS = @HAVE_FUTIMENS@ ++HAVE_GETDOMAINNAME = @HAVE_GETDOMAINNAME@ ++HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@ ++HAVE_GETGROUPS = @HAVE_GETGROUPS@ ++HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@ ++HAVE_GETLOGIN = @HAVE_GETLOGIN@ ++HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@ ++HAVE_GETSUBOPT = @HAVE_GETSUBOPT@ ++HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@ ++HAVE_GRANTPT = @HAVE_GRANTPT@ ++HAVE_INTTYPES_H = @HAVE_INTTYPES_H@ ++HAVE_LCHMOD = @HAVE_LCHMOD@ ++HAVE_LCHOWN = @HAVE_LCHOWN@ ++HAVE_LIBGCRYPT = @HAVE_LIBGCRYPT@ ++HAVE_LIBTASN1 = @HAVE_LIBTASN1@ ++HAVE_LINK = @HAVE_LINK@ ++HAVE_LINKAT = @HAVE_LINKAT@ ++HAVE_LOCALTIME_R = @HAVE_LOCALTIME_R@ ++HAVE_LONG_LONG_INT = @HAVE_LONG_LONG_INT@ ++HAVE_LSTAT = @HAVE_LSTAT@ ++HAVE_MALLOC_POSIX = @HAVE_MALLOC_POSIX@ ++HAVE_MBRLEN = @HAVE_MBRLEN@ ++HAVE_MBRTOWC = @HAVE_MBRTOWC@ ++HAVE_MBSINIT = @HAVE_MBSINIT@ ++HAVE_MBSLEN = @HAVE_MBSLEN@ ++HAVE_MBSNRTOWCS = @HAVE_MBSNRTOWCS@ ++HAVE_MBSRTOWCS = @HAVE_MBSRTOWCS@ ++HAVE_MEMCHR = @HAVE_MEMCHR@ ++HAVE_MEMPCPY = @HAVE_MEMPCPY@ ++HAVE_MKDIRAT = @HAVE_MKDIRAT@ ++HAVE_MKDTEMP = @HAVE_MKDTEMP@ ++HAVE_MKFIFO = @HAVE_MKFIFO@ ++HAVE_MKFIFOAT = @HAVE_MKFIFOAT@ ++HAVE_MKNOD = @HAVE_MKNOD@ ++HAVE_MKNODAT = @HAVE_MKNODAT@ ++HAVE_MKOSTEMP = @HAVE_MKOSTEMP@ ++HAVE_MKOSTEMPS = @HAVE_MKOSTEMPS@ ++HAVE_MKSTEMP = @HAVE_MKSTEMP@ ++HAVE_MKSTEMPS = @HAVE_MKSTEMPS@ ++HAVE_NANOSLEEP = @HAVE_NANOSLEEP@ ++HAVE_NETDB_H = @HAVE_NETDB_H@ ++HAVE_NETINET_IN_H = @HAVE_NETINET_IN_H@ ++HAVE_OS_H = @HAVE_OS_H@ ++HAVE_PIPE2 = @HAVE_PIPE2@ ++HAVE_PREAD = @HAVE_PREAD@ ++HAVE_PTSNAME = @HAVE_PTSNAME@ ++HAVE_PWRITE = @HAVE_PWRITE@ ++HAVE_RANDOM_H = @HAVE_RANDOM_H@ ++HAVE_RANDOM_R = @HAVE_RANDOM_R@ ++HAVE_RAWMEMCHR = @HAVE_RAWMEMCHR@ ++HAVE_READLINK = @HAVE_READLINK@ ++HAVE_READLINKAT = @HAVE_READLINKAT@ ++HAVE_REALLOC_POSIX = @HAVE_REALLOC_POSIX@ ++HAVE_REALPATH = @HAVE_REALPATH@ ++HAVE_RENAMEAT = @HAVE_RENAMEAT@ ++HAVE_RPMATCH = @HAVE_RPMATCH@ ++HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@ ++HAVE_SETENV = @HAVE_SETENV@ ++HAVE_SIGNED_SIG_ATOMIC_T = @HAVE_SIGNED_SIG_ATOMIC_T@ ++HAVE_SIGNED_WCHAR_T = @HAVE_SIGNED_WCHAR_T@ ++HAVE_SIGNED_WINT_T = @HAVE_SIGNED_WINT_T@ ++HAVE_SLEEP = @HAVE_SLEEP@ ++HAVE_STDINT_H = @HAVE_STDINT_H@ ++HAVE_STPCPY = @HAVE_STPCPY@ ++HAVE_STPNCPY = @HAVE_STPNCPY@ ++HAVE_STRCASESTR = @HAVE_STRCASESTR@ ++HAVE_STRCHRNUL = @HAVE_STRCHRNUL@ ++HAVE_STRPBRK = @HAVE_STRPBRK@ ++HAVE_STRPTIME = @HAVE_STRPTIME@ ++HAVE_STRSEP = @HAVE_STRSEP@ ++HAVE_STRTOD = @HAVE_STRTOD@ ++HAVE_STRTOLL = @HAVE_STRTOLL@ ++HAVE_STRTOULL = @HAVE_STRTOULL@ ++HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@ ++HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@ ++HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@ ++HAVE_STRUCT_TIMEVAL = @HAVE_STRUCT_TIMEVAL@ ++HAVE_STRVERSCMP = @HAVE_STRVERSCMP@ ++HAVE_SYMLINK = @HAVE_SYMLINK@ ++HAVE_SYMLINKAT = @HAVE_SYMLINKAT@ ++HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@ ++HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@ ++HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@ ++HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@ ++HAVE_SYS_PARAM_H = @HAVE_SYS_PARAM_H@ ++HAVE_SYS_SELECT_H = @HAVE_SYS_SELECT_H@ ++HAVE_SYS_SOCKET_H = @HAVE_SYS_SOCKET_H@ ++HAVE_SYS_TIME_H = @HAVE_SYS_TIME_H@ ++HAVE_SYS_TYPES_H = @HAVE_SYS_TYPES_H@ ++HAVE_TIMEGM = @HAVE_TIMEGM@ ++HAVE_TTYNAME_R = @HAVE_TTYNAME_R@ ++HAVE_UNISTD_H = @HAVE_UNISTD_H@ ++HAVE_UNLINKAT = @HAVE_UNLINKAT@ ++HAVE_UNLOCKPT = @HAVE_UNLOCKPT@ ++HAVE_UNSETENV = @HAVE_UNSETENV@ ++HAVE_UNSIGNED_LONG_LONG_INT = @HAVE_UNSIGNED_LONG_LONG_INT@ ++HAVE_USLEEP = @HAVE_USLEEP@ ++HAVE_UTIMENSAT = @HAVE_UTIMENSAT@ ++HAVE_VASPRINTF = @HAVE_VASPRINTF@ ++HAVE_VDPRINTF = @HAVE_VDPRINTF@ ++HAVE_WCHAR_H = @HAVE_WCHAR_H@ ++HAVE_WCHAR_T = @HAVE_WCHAR_T@ ++HAVE_WCRTOMB = @HAVE_WCRTOMB@ ++HAVE_WCSNRTOMBS = @HAVE_WCSNRTOMBS@ ++HAVE_WCSRTOMBS = @HAVE_WCSRTOMBS@ ++HAVE_WINSOCK2_H = @HAVE_WINSOCK2_H@ ++HAVE_WINT_T = @HAVE_WINT_T@ ++HAVE_WS2TCPIP_H = @HAVE_WS2TCPIP_H@ ++HAVE__BOOL = @HAVE__BOOL@ ++HOSTENT_LIB = @HOSTENT_LIB@ ++HTML_DIR = @HTML_DIR@ ++INCLUDE_NEXT = @INCLUDE_NEXT@ ++INCLUDE_NEXT_AS_FIRST_DIRECTIVE = @INCLUDE_NEXT_AS_FIRST_DIRECTIVE@ ++INET_NTOP_LIB = @INET_NTOP_LIB@ ++INET_PTON_LIB = @INET_PTON_LIB@ ++INSTALL = @INSTALL@ ++INSTALL_DATA = @INSTALL_DATA@ ++INSTALL_PROGRAM = @INSTALL_PROGRAM@ ++INSTALL_SCRIPT = @INSTALL_SCRIPT@ ++INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ ++LD = @LD@ ++LDFLAGS = @LDFLAGS@ ++LIBGCRYPT = @LIBGCRYPT@ ++LIBGCRYPT_PREFIX = @LIBGCRYPT_PREFIX@ ++LIBINTL = @LIBINTL@ ++LIBOBJS = @LIBOBJS@ ++LIBREADLINE = @LIBREADLINE@ ++LIBS = @LIBS@ ++LIBSOCKET = @LIBSOCKET@ ++LIBTASN1 = @LIBTASN1@ ++LIBTASN1_PREFIX = @LIBTASN1_PREFIX@ ++LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@ ++LIBTOOL = @LIBTOOL@ ++LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@ ++LIPO = @LIPO@ ++LN_S = @LN_S@ ++LTALLOCA = @LTALLOCA@ ++LTLIBGCRYPT = @LTLIBGCRYPT@ ++LTLIBINTL = @LTLIBINTL@ ++LTLIBOBJS = @LTLIBOBJS@ ++LTLIBREADLINE = @LTLIBREADLINE@ ++LTLIBTASN1 = @LTLIBTASN1@ ++LT_AGE = @LT_AGE@ ++LT_CURRENT = @LT_CURRENT@ ++LT_REVISION = @LT_REVISION@ ++LZO_LIBS = @LZO_LIBS@ ++MAKEINFO = @MAKEINFO@ ++MKDIR_P = @MKDIR_P@ ++NETINET_IN_H = @NETINET_IN_H@ ++NEXT_ARPA_INET_H = @NEXT_ARPA_INET_H@ ++NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H = @NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H@ ++NEXT_AS_FIRST_DIRECTIVE_ERRNO_H = @NEXT_AS_FIRST_DIRECTIVE_ERRNO_H@ ++NEXT_AS_FIRST_DIRECTIVE_FLOAT_H = @NEXT_AS_FIRST_DIRECTIVE_FLOAT_H@ ++NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@ ++NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@ ++NEXT_AS_FIRST_DIRECTIVE_STDARG_H = @NEXT_AS_FIRST_DIRECTIVE_STDARG_H@ ++NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@ ++NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@ ++NEXT_AS_FIRST_DIRECTIVE_STDIO_H = @NEXT_AS_FIRST_DIRECTIVE_STDIO_H@ ++NEXT_AS_FIRST_DIRECTIVE_STDLIB_H = @NEXT_AS_FIRST_DIRECTIVE_STDLIB_H@ ++NEXT_AS_FIRST_DIRECTIVE_STRING_H = @NEXT_AS_FIRST_DIRECTIVE_STRING_H@ ++NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H@ ++NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H@ ++NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H@ ++NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H@ ++NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H@ ++NEXT_AS_FIRST_DIRECTIVE_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_TIME_H@ ++NEXT_AS_FIRST_DIRECTIVE_UNISTD_H = @NEXT_AS_FIRST_DIRECTIVE_UNISTD_H@ ++NEXT_AS_FIRST_DIRECTIVE_WCHAR_H = @NEXT_AS_FIRST_DIRECTIVE_WCHAR_H@ ++NEXT_ERRNO_H = @NEXT_ERRNO_H@ ++NEXT_FLOAT_H = @NEXT_FLOAT_H@ ++NEXT_NETDB_H = @NEXT_NETDB_H@ ++NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@ ++NEXT_STDARG_H = @NEXT_STDARG_H@ ++NEXT_STDDEF_H = @NEXT_STDDEF_H@ ++NEXT_STDINT_H = @NEXT_STDINT_H@ ++NEXT_STDIO_H = @NEXT_STDIO_H@ ++NEXT_STDLIB_H = @NEXT_STDLIB_H@ ++NEXT_STRING_H = @NEXT_STRING_H@ ++NEXT_SYS_IOCTL_H = @NEXT_SYS_IOCTL_H@ ++NEXT_SYS_SELECT_H = @NEXT_SYS_SELECT_H@ ++NEXT_SYS_SOCKET_H = @NEXT_SYS_SOCKET_H@ ++NEXT_SYS_STAT_H = @NEXT_SYS_STAT_H@ ++NEXT_SYS_TIME_H = @NEXT_SYS_TIME_H@ ++NEXT_TIME_H = @NEXT_TIME_H@ ++NEXT_UNISTD_H = @NEXT_UNISTD_H@ ++NEXT_WCHAR_H = @NEXT_WCHAR_H@ ++NM = @NM@ ++NMEDIT = @NMEDIT@ ++OBJDUMP = @OBJDUMP@ ++OBJEXT = @OBJEXT@ ++OTOOL = @OTOOL@ ++OTOOL64 = @OTOOL64@ ++PACKAGE = @PACKAGE@ ++PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ ++PACKAGE_NAME = @PACKAGE_NAME@ ++PACKAGE_STRING = @PACKAGE_STRING@ ++PACKAGE_TARNAME = @PACKAGE_TARNAME@ ++PACKAGE_URL = @PACKAGE_URL@ ++PACKAGE_VERSION = @PACKAGE_VERSION@ ++PATH_SEPARATOR = @PATH_SEPARATOR@ ++PKG_CONFIG = @PKG_CONFIG@ ++PMCCABE = @PMCCABE@ ++PRAGMA_SYSTEM_HEADER = @PRAGMA_SYSTEM_HEADER@ ++PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@ ++PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@ ++RANLIB = @RANLIB@ ++REPLACE_BTOWC = @REPLACE_BTOWC@ ++REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@ ++REPLACE_CHOWN = @REPLACE_CHOWN@ ++REPLACE_CLOSE = @REPLACE_CLOSE@ ++REPLACE_DPRINTF = @REPLACE_DPRINTF@ ++REPLACE_DUP = @REPLACE_DUP@ ++REPLACE_DUP2 = @REPLACE_DUP2@ ++REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@ ++REPLACE_FCLOSE = @REPLACE_FCLOSE@ ++REPLACE_FFLUSH = @REPLACE_FFLUSH@ ++REPLACE_FOPEN = @REPLACE_FOPEN@ ++REPLACE_FPRINTF = @REPLACE_FPRINTF@ ++REPLACE_FPURGE = @REPLACE_FPURGE@ ++REPLACE_FREOPEN = @REPLACE_FREOPEN@ ++REPLACE_FSEEK = @REPLACE_FSEEK@ ++REPLACE_FSEEKO = @REPLACE_FSEEKO@ ++REPLACE_FSTAT = @REPLACE_FSTAT@ ++REPLACE_FSTATAT = @REPLACE_FSTATAT@ ++REPLACE_FTELL = @REPLACE_FTELL@ ++REPLACE_FTELLO = @REPLACE_FTELLO@ ++REPLACE_FUTIMENS = @REPLACE_FUTIMENS@ ++REPLACE_GETCWD = @REPLACE_GETCWD@ ++REPLACE_GETDELIM = @REPLACE_GETDELIM@ ++REPLACE_GETGROUPS = @REPLACE_GETGROUPS@ ++REPLACE_GETLINE = @REPLACE_GETLINE@ ++REPLACE_GETPAGESIZE = @REPLACE_GETPAGESIZE@ ++REPLACE_GETTIMEOFDAY = @REPLACE_GETTIMEOFDAY@ ++REPLACE_IOCTL = @REPLACE_IOCTL@ ++REPLACE_LCHOWN = @REPLACE_LCHOWN@ ++REPLACE_LINK = @REPLACE_LINK@ ++REPLACE_LINKAT = @REPLACE_LINKAT@ ++REPLACE_LOCALTIME_R = @REPLACE_LOCALTIME_R@ ++REPLACE_LSEEK = @REPLACE_LSEEK@ ++REPLACE_LSTAT = @REPLACE_LSTAT@ ++REPLACE_MBRLEN = @REPLACE_MBRLEN@ ++REPLACE_MBRTOWC = @REPLACE_MBRTOWC@ ++REPLACE_MBSINIT = @REPLACE_MBSINIT@ ++REPLACE_MBSNRTOWCS = @REPLACE_MBSNRTOWCS@ ++REPLACE_MBSRTOWCS = @REPLACE_MBSRTOWCS@ ++REPLACE_MBSTATE_T = @REPLACE_MBSTATE_T@ ++REPLACE_MEMCHR = @REPLACE_MEMCHR@ ++REPLACE_MEMMEM = @REPLACE_MEMMEM@ ++REPLACE_MKDIR = @REPLACE_MKDIR@ ++REPLACE_MKFIFO = @REPLACE_MKFIFO@ ++REPLACE_MKNOD = @REPLACE_MKNOD@ ++REPLACE_MKSTEMP = @REPLACE_MKSTEMP@ ++REPLACE_MKTIME = @REPLACE_MKTIME@ ++REPLACE_NANOSLEEP = @REPLACE_NANOSLEEP@ ++REPLACE_NULL = @REPLACE_NULL@ ++REPLACE_OBSTACK_PRINTF = @REPLACE_OBSTACK_PRINTF@ ++REPLACE_PERROR = @REPLACE_PERROR@ ++REPLACE_POPEN = @REPLACE_POPEN@ ++REPLACE_PREAD = @REPLACE_PREAD@ ++REPLACE_PRINTF = @REPLACE_PRINTF@ ++REPLACE_PUTENV = @REPLACE_PUTENV@ ++REPLACE_PWRITE = @REPLACE_PWRITE@ ++REPLACE_READLINK = @REPLACE_READLINK@ ++REPLACE_REALPATH = @REPLACE_REALPATH@ ++REPLACE_REMOVE = @REPLACE_REMOVE@ ++REPLACE_RENAME = @REPLACE_RENAME@ ++REPLACE_RENAMEAT = @REPLACE_RENAMEAT@ ++REPLACE_RMDIR = @REPLACE_RMDIR@ ++REPLACE_SELECT = @REPLACE_SELECT@ ++REPLACE_SETENV = @REPLACE_SETENV@ ++REPLACE_SLEEP = @REPLACE_SLEEP@ ++REPLACE_SNPRINTF = @REPLACE_SNPRINTF@ ++REPLACE_SPRINTF = @REPLACE_SPRINTF@ ++REPLACE_STAT = @REPLACE_STAT@ ++REPLACE_STDIO_WRITE_FUNCS = @REPLACE_STDIO_WRITE_FUNCS@ ++REPLACE_STPNCPY = @REPLACE_STPNCPY@ ++REPLACE_STRCASESTR = @REPLACE_STRCASESTR@ ++REPLACE_STRDUP = @REPLACE_STRDUP@ ++REPLACE_STRERROR = @REPLACE_STRERROR@ ++REPLACE_STRNCAT = @REPLACE_STRNCAT@ ++REPLACE_STRNDUP = @REPLACE_STRNDUP@ ++REPLACE_STRNLEN = @REPLACE_STRNLEN@ ++REPLACE_STRSIGNAL = @REPLACE_STRSIGNAL@ ++REPLACE_STRSTR = @REPLACE_STRSTR@ ++REPLACE_STRTOD = @REPLACE_STRTOD@ ++REPLACE_STRTOK_R = @REPLACE_STRTOK_R@ ++REPLACE_SYMLINK = @REPLACE_SYMLINK@ ++REPLACE_TIMEGM = @REPLACE_TIMEGM@ ++REPLACE_TMPFILE = @REPLACE_TMPFILE@ ++REPLACE_TTYNAME_R = @REPLACE_TTYNAME_R@ ++REPLACE_UNLINK = @REPLACE_UNLINK@ ++REPLACE_UNLINKAT = @REPLACE_UNLINKAT@ ++REPLACE_UNSETENV = @REPLACE_UNSETENV@ ++REPLACE_USLEEP = @REPLACE_USLEEP@ ++REPLACE_UTIMENSAT = @REPLACE_UTIMENSAT@ ++REPLACE_VASPRINTF = @REPLACE_VASPRINTF@ ++REPLACE_VDPRINTF = @REPLACE_VDPRINTF@ ++REPLACE_VFPRINTF = @REPLACE_VFPRINTF@ ++REPLACE_VPRINTF = @REPLACE_VPRINTF@ ++REPLACE_VSNPRINTF = @REPLACE_VSNPRINTF@ ++REPLACE_VSPRINTF = @REPLACE_VSPRINTF@ ++REPLACE_WCRTOMB = @REPLACE_WCRTOMB@ ++REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@ ++REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@ ++REPLACE_WCTOB = @REPLACE_WCTOB@ ++REPLACE_WCWIDTH = @REPLACE_WCWIDTH@ ++REPLACE_WRITE = @REPLACE_WRITE@ ++SED = @SED@ ++SERVENT_LIB = @SERVENT_LIB@ ++SET_MAKE = @SET_MAKE@ ++SHELL = @SHELL@ ++SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@ ++SIZE_T_SUFFIX = @SIZE_T_SUFFIX@ ++STDARG_H = @STDARG_H@ ++STDBOOL_H = @STDBOOL_H@ ++STDDEF_H = @STDDEF_H@ ++STDINT_H = @STDINT_H@ ++STRIP = @STRIP@ ++SYS_IOCTL_H_HAVE_WINSOCK2_H = @SYS_IOCTL_H_HAVE_WINSOCK2_H@ ++SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@ ++SYS_TIME_H_DEFINES_STRUCT_TIMESPEC = @SYS_TIME_H_DEFINES_STRUCT_TIMESPEC@ ++TIME_H_DEFINES_STRUCT_TIMESPEC = @TIME_H_DEFINES_STRUCT_TIMESPEC@ ++UNDEFINE_STRTOK_R = @UNDEFINE_STRTOK_R@ ++UNISTD_H_HAVE_WINSOCK2_H = @UNISTD_H_HAVE_WINSOCK2_H@ ++UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@ ++VALGRIND = @VALGRIND@ ++VERSION = @VERSION@ ++WARN_CFLAGS = @WARN_CFLAGS@ ++WCHAR_T_SUFFIX = @WCHAR_T_SUFFIX@ ++WERROR_CFLAGS = @WERROR_CFLAGS@ ++WINT_T_SUFFIX = @WINT_T_SUFFIX@ ++WSTACK_CFLAGS = @WSTACK_CFLAGS@ ++abs_aux_dir = @abs_aux_dir@ ++abs_builddir = @abs_builddir@ ++abs_srcdir = @abs_srcdir@ ++abs_top_builddir = @abs_top_builddir@ ++abs_top_srcdir = @abs_top_srcdir@ ++ac_ct_CC = @ac_ct_CC@ ++ac_ct_CXX = @ac_ct_CXX@ ++ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ ++am__include = @am__include@ ++am__leading_dot = @am__leading_dot@ ++am__quote = @am__quote@ ++am__tar = @am__tar@ ++am__untar = @am__untar@ ++bindir = @bindir@ ++build = @build@ ++build_alias = @build_alias@ ++build_cpu = @build_cpu@ ++build_os = @build_os@ ++build_vendor = @build_vendor@ ++builddir = @builddir@ ++datadir = @datadir@ ++datarootdir = @datarootdir@ ++docdir = @docdir@ ++dvidir = @dvidir@ ++exec_prefix = @exec_prefix@ ++gl_LIBOBJS = @gl_LIBOBJS@ ++gl_LTLIBOBJS = @gl_LTLIBOBJS@ ++gltests_LIBOBJS = @gltests_LIBOBJS@ ++gltests_LTLIBOBJS = @gltests_LTLIBOBJS@ ++gltests_WITNESS = @gltests_WITNESS@ ++guile_snarf = @guile_snarf@ ++host = @host@ ++host_alias = @host_alias@ ++host_cpu = @host_cpu@ ++host_os = @host_os@ ++host_vendor = @host_vendor@ ++htmldir = @htmldir@ ++includedir = @includedir@ ++infodir = @infodir@ ++install_sh = @install_sh@ ++libdir = @libdir@ ++libexecdir = @libexecdir@ ++localedir = @localedir@ ++localstatedir = @localstatedir@ ++mandir = @mandir@ ++mkdir_p = @mkdir_p@ ++oldincludedir = @oldincludedir@ ++pdfdir = @pdfdir@ ++prefix = @prefix@ ++program_transform_name = @program_transform_name@ ++psdir = @psdir@ ++sbindir = @sbindir@ ++sharedstatedir = @sharedstatedir@ ++srcdir = @srcdir@ ++subdirs = @subdirs@ ++sysconfdir = @sysconfdir@ ++target_alias = @target_alias@ ++top_build_prefix = @top_build_prefix@ ++top_builddir = @top_builddir@ ++top_srcdir = @top_srcdir@ ++AM_CFLAGS = $(WARN_CFLAGS) $(WERROR_CFLAGS) ++AM_CPPFLAGS = \ ++ -I$(top_srcdir)/lib/includes \ ++ -I$(top_builddir)/lib/includes ++ ++AM_LDFLAGS = -no-install ++LDADD = ../../lib/libgnutls.la $(LTLIBGCRYPT) $(LIBSOCKET) ++ctests = srn0 srn1 srn2 srn3 srn4 srn5 srn6 srn7 ++TESTS_ENVIRONMENT = $(VALGRIND) ++EXTRA_DIST = README params.dh ++dist_check_SCRIPTS = testsrn ++all: all-am ++ ++.SUFFIXES: ++.SUFFIXES: .c .lo .o .obj ++$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) ++ @for dep in $?; do \ ++ case '$(am__configure_deps)' in \ ++ *$$dep*) \ ++ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ ++ && { if test -f $@; then exit 0; else break; fi; }; \ ++ exit 1;; \ ++ esac; \ ++ done; \ ++ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu tests/safe-renegotiation/Makefile'; \ ++ $(am__cd) $(top_srcdir) && \ ++ $(AUTOMAKE) --gnu tests/safe-renegotiation/Makefile ++.PRECIOUS: Makefile ++Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status ++ @case '$?' in \ ++ *config.status*) \ ++ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ ++ *) \ ++ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ ++ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ ++ esac; ++ ++$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) ++ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ++ ++$(top_srcdir)/configure: $(am__configure_deps) ++ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ++$(ACLOCAL_M4): $(am__aclocal_m4_deps) ++ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ++$(am__aclocal_m4_deps): ++ ++clean-checkPROGRAMS: ++ @list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \ ++ echo " rm -f" $$list; \ ++ rm -f $$list || exit $$?; \ ++ test -n "$(EXEEXT)" || exit 0; \ ++ list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ ++ echo " rm -f" $$list; \ ++ rm -f $$list ++srn0$(EXEEXT): $(srn0_OBJECTS) $(srn0_DEPENDENCIES) ++ @rm -f srn0$(EXEEXT) ++ $(LINK) $(srn0_OBJECTS) $(srn0_LDADD) $(LIBS) ++srn1$(EXEEXT): $(srn1_OBJECTS) $(srn1_DEPENDENCIES) ++ @rm -f srn1$(EXEEXT) ++ $(LINK) $(srn1_OBJECTS) $(srn1_LDADD) $(LIBS) ++srn2$(EXEEXT): $(srn2_OBJECTS) $(srn2_DEPENDENCIES) ++ @rm -f srn2$(EXEEXT) ++ $(LINK) $(srn2_OBJECTS) $(srn2_LDADD) $(LIBS) ++srn3$(EXEEXT): $(srn3_OBJECTS) $(srn3_DEPENDENCIES) ++ @rm -f srn3$(EXEEXT) ++ $(LINK) $(srn3_OBJECTS) $(srn3_LDADD) $(LIBS) ++srn4$(EXEEXT): $(srn4_OBJECTS) $(srn4_DEPENDENCIES) ++ @rm -f srn4$(EXEEXT) ++ $(LINK) $(srn4_OBJECTS) $(srn4_LDADD) $(LIBS) ++srn5$(EXEEXT): $(srn5_OBJECTS) $(srn5_DEPENDENCIES) ++ @rm -f srn5$(EXEEXT) ++ $(LINK) $(srn5_OBJECTS) $(srn5_LDADD) $(LIBS) ++srn6$(EXEEXT): $(srn6_OBJECTS) $(srn6_DEPENDENCIES) ++ @rm -f srn6$(EXEEXT) ++ $(LINK) $(srn6_OBJECTS) $(srn6_LDADD) $(LIBS) ++srn7$(EXEEXT): $(srn7_OBJECTS) $(srn7_DEPENDENCIES) ++ @rm -f srn7$(EXEEXT) ++ $(LINK) $(srn7_OBJECTS) $(srn7_LDADD) $(LIBS) ++ ++mostlyclean-compile: ++ -rm -f *.$(OBJEXT) ++ ++distclean-compile: ++ -rm -f *.tab.c ++ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srn0.Po@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srn1.Po@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srn2.Po@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srn3.Po@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srn4.Po@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srn5.Po@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srn6.Po@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srn7.Po@am__quote@ ++ ++.c.o: ++@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< ++@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ ++@am__fastdepCC_FALSE@ $(COMPILE) -c $< ++ ++.c.obj: ++@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` ++@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ ++@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` ++ ++.c.lo: ++@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< ++@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ ++@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< ++ ++mostlyclean-libtool: ++ -rm -f *.lo ++ ++clean-libtool: ++ -rm -rf .libs _libs ++ ++ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) ++ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ ++ unique=`for i in $$list; do \ ++ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ ++ done | \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ ++ mkid -fID $$unique ++tags: TAGS ++ ++TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ ++ $(TAGS_FILES) $(LISP) ++ set x; \ ++ here=`pwd`; \ ++ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ ++ unique=`for i in $$list; do \ ++ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ ++ done | \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ ++ shift; \ ++ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ ++ test -n "$$unique" || unique=$$empty_fix; \ ++ if test $$# -gt 0; then \ ++ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ ++ "$$@" $$unique; \ ++ else \ ++ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ ++ $$unique; \ ++ fi; \ ++ fi ++ctags: CTAGS ++CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ ++ $(TAGS_FILES) $(LISP) ++ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ ++ unique=`for i in $$list; do \ ++ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ ++ done | \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ ++ test -z "$(CTAGS_ARGS)$$unique" \ ++ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ ++ $$unique ++ ++GTAGS: ++ here=`$(am__cd) $(top_builddir) && pwd` \ ++ && $(am__cd) $(top_srcdir) \ ++ && gtags -i $(GTAGS_ARGS) "$$here" ++ ++distclean-tags: ++ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags ++ ++check-TESTS: $(TESTS) ++ @failed=0; all=0; xfail=0; xpass=0; skip=0; \ ++ srcdir=$(srcdir); export srcdir; \ ++ list=' $(TESTS) '; \ ++ $(am__tty_colors); \ ++ if test -n "$$list"; then \ ++ for tst in $$list; do \ ++ if test -f ./$$tst; then dir=./; \ ++ elif test -f $$tst; then dir=; \ ++ else dir="$(srcdir)/"; fi; \ ++ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ ++ all=`expr $$all + 1`; \ ++ case " $(XFAIL_TESTS) " in \ ++ *[\ \ ]$$tst[\ \ ]*) \ ++ xpass=`expr $$xpass + 1`; \ ++ failed=`expr $$failed + 1`; \ ++ col=$$red; res=XPASS; \ ++ ;; \ ++ *) \ ++ col=$$grn; res=PASS; \ ++ ;; \ ++ esac; \ ++ elif test $$? -ne 77; then \ ++ all=`expr $$all + 1`; \ ++ case " $(XFAIL_TESTS) " in \ ++ *[\ \ ]$$tst[\ \ ]*) \ ++ xfail=`expr $$xfail + 1`; \ ++ col=$$lgn; res=XFAIL; \ ++ ;; \ ++ *) \ ++ failed=`expr $$failed + 1`; \ ++ col=$$red; res=FAIL; \ ++ ;; \ ++ esac; \ ++ else \ ++ skip=`expr $$skip + 1`; \ ++ col=$$blu; res=SKIP; \ ++ fi; \ ++ echo "$${col}$$res$${std}: $$tst"; \ ++ done; \ ++ if test "$$all" -eq 1; then \ ++ tests="test"; \ ++ All=""; \ ++ else \ ++ tests="tests"; \ ++ All="All "; \ ++ fi; \ ++ if test "$$failed" -eq 0; then \ ++ if test "$$xfail" -eq 0; then \ ++ banner="$$All$$all $$tests passed"; \ ++ else \ ++ if test "$$xfail" -eq 1; then failures=failure; else failures=failures; fi; \ ++ banner="$$All$$all $$tests behaved as expected ($$xfail expected $$failures)"; \ ++ fi; \ ++ else \ ++ if test "$$xpass" -eq 0; then \ ++ banner="$$failed of $$all $$tests failed"; \ ++ else \ ++ if test "$$xpass" -eq 1; then passes=pass; else passes=passes; fi; \ ++ banner="$$failed of $$all $$tests did not behave as expected ($$xpass unexpected $$passes)"; \ ++ fi; \ ++ fi; \ ++ dashes="$$banner"; \ ++ skipped=""; \ ++ if test "$$skip" -ne 0; then \ ++ if test "$$skip" -eq 1; then \ ++ skipped="($$skip test was not run)"; \ ++ else \ ++ skipped="($$skip tests were not run)"; \ ++ fi; \ ++ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ ++ dashes="$$skipped"; \ ++ fi; \ ++ report=""; \ ++ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ ++ report="Please report to $(PACKAGE_BUGREPORT)"; \ ++ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ ++ dashes="$$report"; \ ++ fi; \ ++ dashes=`echo "$$dashes" | sed s/./=/g`; \ ++ if test "$$failed" -eq 0; then \ ++ echo "$$grn$$dashes"; \ ++ else \ ++ echo "$$red$$dashes"; \ ++ fi; \ ++ echo "$$banner"; \ ++ test -z "$$skipped" || echo "$$skipped"; \ ++ test -z "$$report" || echo "$$report"; \ ++ echo "$$dashes$$std"; \ ++ test "$$failed" -eq 0; \ ++ else :; fi ++ ++distdir: $(DISTFILES) ++ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ ++ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ ++ list='$(DISTFILES)'; \ ++ dist_files=`for file in $$list; do echo $$file; done | \ ++ sed -e "s|^$$srcdirstrip/||;t" \ ++ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ ++ case $$dist_files in \ ++ */*) $(MKDIR_P) `echo "$$dist_files" | \ ++ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ ++ sort -u` ;; \ ++ esac; \ ++ for file in $$dist_files; do \ ++ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ ++ if test -d $$d/$$file; then \ ++ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ ++ if test -d "$(distdir)/$$file"; then \ ++ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ ++ fi; \ ++ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ ++ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ ++ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ ++ fi; \ ++ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ ++ else \ ++ test -f "$(distdir)/$$file" \ ++ || cp -p $$d/$$file "$(distdir)/$$file" \ ++ || exit 1; \ ++ fi; \ ++ done ++check-am: all-am ++ $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) \ ++ $(dist_check_SCRIPTS) ++ $(MAKE) $(AM_MAKEFLAGS) check-TESTS ++check: check-am ++all-am: Makefile ++installdirs: ++install: install-am ++install-exec: install-exec-am ++install-data: install-data-am ++uninstall: uninstall-am ++ ++install-am: all-am ++ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am ++ ++installcheck: installcheck-am ++install-strip: ++ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ ++ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ ++ `test -z '$(STRIP)' || \ ++ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install ++mostlyclean-generic: ++ ++clean-generic: ++ ++distclean-generic: ++ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) ++ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) ++ ++maintainer-clean-generic: ++ @echo "This command is intended for maintainers to use" ++ @echo "it deletes files that may require special tools to rebuild." ++clean: clean-am ++ ++clean-am: clean-checkPROGRAMS clean-generic clean-libtool \ ++ mostlyclean-am ++ ++distclean: distclean-am ++ -rm -rf ./$(DEPDIR) ++ -rm -f Makefile ++distclean-am: clean-am distclean-compile distclean-generic \ ++ distclean-tags ++ ++dvi: dvi-am ++ ++dvi-am: ++ ++html: html-am ++ ++html-am: ++ ++info: info-am ++ ++info-am: ++ ++install-data-am: ++ ++install-dvi: install-dvi-am ++ ++install-dvi-am: ++ ++install-exec-am: ++ ++install-html: install-html-am ++ ++install-html-am: ++ ++install-info: install-info-am ++ ++install-info-am: ++ ++install-man: ++ ++install-pdf: install-pdf-am ++ ++install-pdf-am: ++ ++install-ps: install-ps-am ++ ++install-ps-am: ++ ++installcheck-am: ++ ++maintainer-clean: maintainer-clean-am ++ -rm -rf ./$(DEPDIR) ++ -rm -f Makefile ++maintainer-clean-am: distclean-am maintainer-clean-generic ++ ++mostlyclean: mostlyclean-am ++ ++mostlyclean-am: mostlyclean-compile mostlyclean-generic \ ++ mostlyclean-libtool ++ ++pdf: pdf-am ++ ++pdf-am: ++ ++ps: ps-am ++ ++ps-am: ++ ++uninstall-am: ++ ++.MAKE: check-am install-am install-strip ++ ++.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \ ++ clean-checkPROGRAMS clean-generic clean-libtool ctags \ ++ distclean distclean-compile distclean-generic \ ++ distclean-libtool distclean-tags distdir dvi dvi-am html \ ++ html-am info info-am install install-am install-data \ ++ install-data-am install-dvi install-dvi-am install-exec \ ++ install-exec-am install-html install-html-am install-info \ ++ install-info-am install-man install-pdf install-pdf-am \ ++ install-ps install-ps-am install-strip installcheck \ ++ installcheck-am installdirs maintainer-clean \ ++ maintainer-clean-generic mostlyclean mostlyclean-compile \ ++ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ ++ tags uninstall uninstall-am ++ ++#TESTS = testsrn ++ ++# Tell versions [3.59,3.63) of GNU make to not export all variables. ++# Otherwise a system limit (for SysV at least) may be exceeded. ++.NOEXPORT: +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/params.dh 2013-09-26 +@@ -0,0 +1,35 @@ ++ ++Generator: 05 ++ ++Prime: c9:e9:2d:fc:94:15:1a:10:4f:3c:b5:16 ++ 7e:34:10:7d:eb:3d:d5:7d:61:ff:b0:ce ++ da:7f:6e:0c:ea:db:b4:87:f6:c6:34:a8 ++ 3c:f8:84:52:14:59:ab:17:5c:d0:f0:86 ++ c4:02:93:dc:09:83:57:16:98:21:d0:42 ++ 8e:33:fc:48:69:e6:04:0d:4e:50:09:33 ++ 2e:28:60:4f:05:08:7c:ce:2f:a6:1a:4c ++ 41:d1:a3:dd:f6:37:56:44:1d:b0:54:af ++ f7:4a:a0:c2:19:5d:ce:62:b0:7a:1b:e1 ++ 5c:7f:bb:4d:7e:9e:28:48:00:a4:9a:86 ++ 3e:6e:6e:9c:57:41:c7:ec:bf:7f:09:fc ++ da:25:c2:1e:e0:52:dc:65:8c:40:a3:6e ++ bd:99:4e:0b:1a:04:e0:23:20:46:5a:d0 ++ 3f:b3:a4:d6:76:73:b7:cc:61:33:11:54 ++ a6:32:ff:94:08:d5:66:36:fd:99:69:21 ++ cc:28:5d:11:52:32:48:b6:a5:b5:c3:b0 ++ 21:3f:f9:69:25:83:b1:3d:79:a6:ed:ae ++ db:95:62:fc:72:ca:ad:46:fc:b6:b1:ea ++ 98:68:97:ba:f2:54:aa:86:ed:62:b1:78 ++ 5f:d5:19:80:ce:41:ee:98:a1:71:9f:fa ++ 5b:6b:d8:5e:7e:b3:18:0a:f0:4c:96:76 ++ 6c:0c:b0:a3 ++ ++ ++-----BEGIN DH PARAMETERS----- ++MIIBCAKCAQEAyekt/JQVGhBPPLUWfjQQfes91X1h/7DO2n9uDOrbtIf2xjSoPPiE ++UhRZqxdc0PCGxAKT3AmDVxaYIdBCjjP8SGnmBA1OUAkzLihgTwUIfM4vphpMQdGj ++3fY3VkQdsFSv90qgwhldzmKwehvhXH+7TX6eKEgApJqGPm5unFdBx+y/fwn82iXC ++HuBS3GWMQKNuvZlOCxoE4CMgRlrQP7Ok1nZzt8xhMxFUpjL/lAjVZjb9mWkhzChd ++EVIySLaltcOwIT/5aSWDsT15pu2u25Vi/HLKrUb8trHqmGiXuvJUqobtYrF4X9UZ ++gM5B7pihcZ/6W2vYXn6zGArwTJZ2bAywowIBBQ== ++-----END DH PARAMETERS----- +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/README 2013-09-26 +@@ -0,0 +1,93 @@ ++Testing safe renegotiation is relatively complex, here is a summary of ++what we test and what how we believe it should work. ++ ++ Client setting ++ Server setting ++ Initial handshake outcome ++ Rehandshake outcome ++srn0.c ++ ++ This tests that the safe renegotiation extension is negotiated ++ properly by default on initial connections and on rehandshaked ++ connections. Consequently, it also verifies that rehandshaked ++ connections work with the extension enabled. ++ ++ NORMAL ++ NORMAL ++ OK ++ OK ++ ++srn1.c ++ ++ This tests that clients without support for safe renegotiation is ++ able to handshake against servers with support, but not able to ++ rehandshake (server will refuse rehandshake). ++ ++ NORMAL:%DISABLE_SAFE_RENEGOTIATION ++ NORMAL ++ OK ++ Server refuses ++ ++srn2.c ++ ++ This tests that clients with support for safe renegotiation is able ++ to handshake against servers without support, but not able to ++ rehandshake (client will refuse rehandshake). ++ ++ NORMAL ++ NORMAL:%DISABLE_SAFE_RENEGOTIATION ++ OK ++ Client refuses ++ ++srn3.c ++ ++ This tests that a %SAFE_RENEGOTIATION client will reject handshakes ++ against servers that do not support the extension (server uses ++ %DISABLE_SAFE_RENEGOTIATION). ++ ++ NORMAL:%SAFE_RENEGOTIATION ++ NORMAL:%DISABLE_SAFE_RENEGOTIATION ++ Client refuses ++ N/A ++ ++srn4.c ++ ++ This tests that a %SAFE_RENEGOTIATION server will reject handshakes ++ against clients that do not support the extension. ++ ++ NORMAL:%DISABLE_SAFE_RENEGOTIATION ++ NORMAL:%SAFE_RENEGOTIATION ++ Server refuses ++ N/A ++ ++srn5.c ++ ++ This tests that a client with a permissive policy ++ (%UNSAFE_RENEGOTIATION) is able to handshake and rehandshake with a ++ server with no support for the extension. ++ ++ NORMAL:%DISABLE_SAFE_RENEGOTIATION ++ NORMAL:%UNSAFE_RENEGOTIATION ++ OK ++ OK ++ ++srn6.c ++ ++ This tests that a server with a permissive policy ++ (%UNSAFE_RENEGOTIATION) is able to handshake and rehandshake with a ++ client with no support for the extension. ++ ++ NORMAL:%UNSAFE_RENEGOTIATION ++ NORMAL:%DISABLE_SAFE_RENEGOTIATION ++ OK ++ OK ++ ++srn7.c ++ ++ This tests that clients and servers in %SAFE_RENEGOTIATION mode are ++ able to handshake and rehandshake. ++ ++ NORMAL:%SAFE_RENEGOTIATION ++ NORMAL:%SAFE_RENEGOTIATION ++ OK ++ OK +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/srn0.c 2013-09-26 +@@ -0,0 +1,338 @@ ++/* ++ * Copyright (C) 2008, 2010 Free Software Foundation, Inc. ++ * ++ * Author: Simon Josefsson ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ */ ++ ++/* Code based on ../mini-x509-rehandshake.c. ++ * ++ * This tests that the safe renegotiation extension is negotiated ++ * properly by default on initial connections and on rehandshaked ++ * connections. Consequently, it also verifies that rehandshaked ++ * connections work with the extension enabled. ++ */ ++ ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <errno.h> ++#include <gnutls/gnutls.h> ++ ++static void ++tls_log_func (int level, const char *str) ++{ ++ fprintf (stderr, "|<%d>| %s", level, str); ++} ++ ++static char *to_server; ++static size_t to_server_len; ++ ++static char *to_client; ++static size_t to_client_len; ++ ++static ssize_t ++client_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_client_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_client, len); ++ ++ memmove (to_client, to_client + len, to_client_len - len); ++ to_client_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++client_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_server_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_server, newlen); ++ if (!tmp) ++ abort (); ++ to_server = tmp; ++ ++ memcpy (to_server + to_server_len, data, len); ++ to_server_len = newlen; ++ ++ return len; ++} ++ ++static ssize_t ++server_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_server_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_server, len); ++ ++ memmove (to_server, to_server + len, to_server_len - len); ++ to_server_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++server_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_client_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_client, newlen); ++ if (!tmp) ++ abort (); ++ to_client = tmp; ++ ++ memcpy (to_client + to_client_len, data, len); ++ to_client_len = newlen; ++ ++ return len; ++} ++ ++static unsigned char server_cert_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" ++ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" ++ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" ++ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" ++ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" ++ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" ++ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" ++ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" ++ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" ++ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" ++ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" ++ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" ++ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; ++ ++const gnutls_datum_t server_cert = { server_cert_pem, ++ sizeof (server_cert_pem) ++}; ++ ++static unsigned char server_key_pem[] = ++ "-----BEGIN RSA PRIVATE KEY-----\n" ++ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" ++ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" ++ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" ++ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" ++ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" ++ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" ++ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" ++ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" ++ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" ++ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" ++ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" ++ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" ++ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" ++ "-----END RSA PRIVATE KEY-----\n"; ++ ++const gnutls_datum_t server_key = { server_key_pem, ++ sizeof (server_key_pem) ++}; ++ ++int ++main (int argc, char *argv[]) ++{ ++ int debug_level = argc - 1; ++ int exit_code = EXIT_SUCCESS; ++ /* Server stuff. */ ++ gnutls_certificate_credentials_t serverx509cred; ++ gnutls_session_t server; ++ int sret = GNUTLS_E_AGAIN; ++ /* Client stuff. */ ++ gnutls_certificate_credentials_t clientx509cred; ++ gnutls_session_t client; ++ int cret = GNUTLS_E_AGAIN; ++ ++ /* General init. */ ++ gnutls_global_init (); ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (debug_level); ++ ++ /* Init server */ ++ gnutls_certificate_allocate_credentials (&serverx509cred); ++ gnutls_certificate_set_x509_key_mem (serverx509cred, ++ &server_cert, &server_key, ++ GNUTLS_X509_FMT_PEM); ++ gnutls_init (&server, GNUTLS_SERVER); ++ gnutls_credentials_set (server, GNUTLS_CRD_CERTIFICATE, serverx509cred); ++ gnutls_priority_set_direct (server, "NORMAL", NULL); ++ gnutls_transport_set_push_function (server, server_push); ++ gnutls_transport_set_pull_function (server, server_pull); ++ ++ /* Init client */ ++ gnutls_certificate_allocate_credentials (&clientx509cred); ++ gnutls_init (&client, GNUTLS_CLIENT); ++ gnutls_credentials_set (client, GNUTLS_CRD_CERTIFICATE, clientx509cred); ++ gnutls_priority_set_direct (client, "NORMAL", NULL); ++ gnutls_transport_set_push_function (client, client_push); ++ gnutls_transport_set_pull_function (client, client_pull); ++ ++ /* Check that initially no session use the extension. */ ++ if (gnutls_safe_renegotiation_status (server) ++ || gnutls_safe_renegotiation_status (client)) ++ { ++ puts ("Client or server using extension before handshake?"); ++ abort (); ++ } ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = EXIT_FAILURE; ++ ++ if (!gnutls_safe_renegotiation_status (client) || ++ !gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Session not using safe renegotiation!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ sret = gnutls_rehandshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_rehandshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ ++ { ++ ssize_t n; ++ char b[1]; ++ n = gnutls_record_recv (client, b, 1); ++ if (n != GNUTLS_E_REHANDSHAKE) ++ abort (); ++ } ++ ++ cret = GNUTLS_E_AGAIN; ++ sret = GNUTLS_E_AGAIN; ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = 1; ++ ++ if (!gnutls_safe_renegotiation_status (client) || ++ !gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, ++ "Rehandshaked session not using safe renegotiation!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ gnutls_bye (client, GNUTLS_SHUT_RDWR); ++ gnutls_bye (server, GNUTLS_SHUT_RDWR); ++ ++ gnutls_deinit (client); ++ gnutls_deinit (server); ++ ++ free (to_server); ++ free (to_client); ++ ++ gnutls_certificate_free_credentials (serverx509cred); ++ ++ gnutls_global_deinit (); ++ ++ if (debug_level > 0) ++ { ++ if (exit_code == 0) ++ puts ("Self-test successful"); ++ else ++ puts ("Self-test failed"); ++ } ++ ++ return exit_code; ++} +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/srn1.c 2013-09-26 +@@ -0,0 +1,341 @@ ++/* ++ * Copyright (C) 2008, 2010 Free Software Foundation, Inc. ++ * ++ * Author: Simon Josefsson ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ */ ++ ++/* Code based on ./srn0.c. ++ * ++ * This tests that clients without support for safe renegotiation is ++ * able to handshake against servers with support, but not able to ++ * rehandshake (server will refuse rehandshake). ++ */ ++ ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <errno.h> ++#include <gnutls/gnutls.h> ++ ++static void ++tls_log_func (int level, const char *str) ++{ ++ fprintf (stderr, "|<%d>| %s", level, str); ++} ++ ++static char *to_server; ++static size_t to_server_len; ++ ++static char *to_client; ++static size_t to_client_len; ++ ++static ssize_t ++client_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_client_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_client, len); ++ ++ memmove (to_client, to_client + len, to_client_len - len); ++ to_client_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++client_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_server_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_server, newlen); ++ if (!tmp) ++ abort (); ++ to_server = tmp; ++ ++ memcpy (to_server + to_server_len, data, len); ++ to_server_len = newlen; ++ ++ return len; ++} ++ ++static ssize_t ++server_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_server_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_server, len); ++ ++ memmove (to_server, to_server + len, to_server_len - len); ++ to_server_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++server_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_client_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_client, newlen); ++ if (!tmp) ++ abort (); ++ to_client = tmp; ++ ++ memcpy (to_client + to_client_len, data, len); ++ to_client_len = newlen; ++ ++ return len; ++} ++ ++static unsigned char server_cert_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" ++ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" ++ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" ++ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" ++ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" ++ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" ++ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" ++ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" ++ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" ++ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" ++ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" ++ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" ++ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; ++ ++const gnutls_datum_t server_cert = { server_cert_pem, ++ sizeof (server_cert_pem) ++}; ++ ++static unsigned char server_key_pem[] = ++ "-----BEGIN RSA PRIVATE KEY-----\n" ++ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" ++ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" ++ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" ++ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" ++ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" ++ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" ++ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" ++ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" ++ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" ++ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" ++ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" ++ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" ++ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" ++ "-----END RSA PRIVATE KEY-----\n"; ++ ++const gnutls_datum_t server_key = { server_key_pem, ++ sizeof (server_key_pem) ++}; ++ ++int ++main (int argc, char *argv[]) ++{ ++ int debug_level = argc - 1; ++ int exit_code = EXIT_SUCCESS; ++ /* Server stuff. */ ++ gnutls_certificate_credentials_t serverx509cred; ++ gnutls_session_t server; ++ int sret = GNUTLS_E_AGAIN; ++ /* Client stuff. */ ++ gnutls_certificate_credentials_t clientx509cred; ++ gnutls_session_t client; ++ int cret = GNUTLS_E_AGAIN; ++ ++ /* General init. */ ++ gnutls_global_init (); ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (debug_level); ++ ++ /* Init server */ ++ gnutls_certificate_allocate_credentials (&serverx509cred); ++ gnutls_certificate_set_x509_key_mem (serverx509cred, ++ &server_cert, &server_key, ++ GNUTLS_X509_FMT_PEM); ++ gnutls_init (&server, GNUTLS_SERVER); ++ gnutls_credentials_set (server, GNUTLS_CRD_CERTIFICATE, serverx509cred); ++ gnutls_priority_set_direct (server, "NORMAL", NULL); ++ gnutls_transport_set_push_function (server, server_push); ++ gnutls_transport_set_pull_function (server, server_pull); ++ ++ /* Init client */ ++ gnutls_certificate_allocate_credentials (&clientx509cred); ++ gnutls_init (&client, GNUTLS_CLIENT); ++ gnutls_credentials_set (client, GNUTLS_CRD_CERTIFICATE, clientx509cred); ++ gnutls_priority_set_direct (client, "NORMAL:%DISABLE_SAFE_RENEGOTIATION", ++ NULL); ++ gnutls_transport_set_push_function (client, client_push); ++ gnutls_transport_set_pull_function (client, client_pull); ++ ++ /* Check that initially no session use the extension. */ ++ if (gnutls_safe_renegotiation_status (server) ++ || gnutls_safe_renegotiation_status (client)) ++ { ++ puts ("Client or server using extension before handshake?"); ++ abort (); ++ } ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = EXIT_FAILURE; ++ ++ if (gnutls_safe_renegotiation_status (client) || ++ gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Session using safe renegotiation but shouldn't?!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ sret = gnutls_rehandshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_rehandshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ ++ { ++ ssize_t n; ++ char b[1]; ++ n = gnutls_record_recv (client, b, 1); ++ if (n != GNUTLS_E_REHANDSHAKE) ++ abort (); ++ } ++ ++ cret = GNUTLS_E_AGAIN; ++ sret = GNUTLS_E_AGAIN; ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED) ++ break; ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS ++ && sret != GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED) ++ exit_code = 1; ++ ++ if (gnutls_safe_renegotiation_status (client) || ++ gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Rehandshaked worked and uses safe reneg?!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ gnutls_bye (client, GNUTLS_SHUT_RDWR); ++ gnutls_bye (server, GNUTLS_SHUT_RDWR); ++ ++ gnutls_deinit (client); ++ gnutls_deinit (server); ++ ++ free (to_server); ++ free (to_client); ++ ++ gnutls_certificate_free_credentials (serverx509cred); ++ ++ gnutls_global_deinit (); ++ ++ if (debug_level > 0) ++ { ++ if (exit_code == 0) ++ puts ("Self-test successful"); ++ else ++ puts ("Self-test failed"); ++ } ++ ++ return exit_code; ++} +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/srn2.c 2013-09-26 +@@ -0,0 +1,341 @@ ++/* ++ * Copyright (C) 2008, 2010 Free Software Foundation, Inc. ++ * ++ * Author: Simon Josefsson ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ */ ++ ++/* Code based on ./srn1.c. ++ * ++ * This tests that clients with support for safe renegotiation is able ++ * to handshake against servers without support, but not able to ++ * rehandshake (client will refuse rehandshake). ++ */ ++ ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <errno.h> ++#include <gnutls/gnutls.h> ++ ++static void ++tls_log_func (int level, const char *str) ++{ ++ fprintf (stderr, "|<%d>| %s", level, str); ++} ++ ++static char *to_server; ++static size_t to_server_len; ++ ++static char *to_client; ++static size_t to_client_len; ++ ++static ssize_t ++client_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_client_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_client, len); ++ ++ memmove (to_client, to_client + len, to_client_len - len); ++ to_client_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++client_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_server_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_server, newlen); ++ if (!tmp) ++ abort (); ++ to_server = tmp; ++ ++ memcpy (to_server + to_server_len, data, len); ++ to_server_len = newlen; ++ ++ return len; ++} ++ ++static ssize_t ++server_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_server_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_server, len); ++ ++ memmove (to_server, to_server + len, to_server_len - len); ++ to_server_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++server_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_client_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_client, newlen); ++ if (!tmp) ++ abort (); ++ to_client = tmp; ++ ++ memcpy (to_client + to_client_len, data, len); ++ to_client_len = newlen; ++ ++ return len; ++} ++ ++static unsigned char server_cert_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" ++ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" ++ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" ++ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" ++ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" ++ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" ++ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" ++ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" ++ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" ++ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" ++ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" ++ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" ++ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; ++ ++const gnutls_datum_t server_cert = { server_cert_pem, ++ sizeof (server_cert_pem) ++}; ++ ++static unsigned char server_key_pem[] = ++ "-----BEGIN RSA PRIVATE KEY-----\n" ++ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" ++ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" ++ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" ++ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" ++ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" ++ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" ++ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" ++ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" ++ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" ++ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" ++ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" ++ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" ++ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" ++ "-----END RSA PRIVATE KEY-----\n"; ++ ++const gnutls_datum_t server_key = { server_key_pem, ++ sizeof (server_key_pem) ++}; ++ ++int ++main (int argc, char *argv[]) ++{ ++ int debug_level = argc - 1; ++ int exit_code = EXIT_SUCCESS; ++ /* Server stuff. */ ++ gnutls_certificate_credentials_t serverx509cred; ++ gnutls_session_t server; ++ int sret = GNUTLS_E_AGAIN; ++ /* Client stuff. */ ++ gnutls_certificate_credentials_t clientx509cred; ++ gnutls_session_t client; ++ int cret = GNUTLS_E_AGAIN; ++ ++ /* General init. */ ++ gnutls_global_init (); ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (debug_level); ++ ++ /* Init server */ ++ gnutls_certificate_allocate_credentials (&serverx509cred); ++ gnutls_certificate_set_x509_key_mem (serverx509cred, ++ &server_cert, &server_key, ++ GNUTLS_X509_FMT_PEM); ++ gnutls_init (&server, GNUTLS_SERVER); ++ gnutls_credentials_set (server, GNUTLS_CRD_CERTIFICATE, serverx509cred); ++ gnutls_priority_set_direct (server, "NORMAL:%DISABLE_SAFE_RENEGOTIATION", ++ NULL); ++ gnutls_transport_set_push_function (server, server_push); ++ gnutls_transport_set_pull_function (server, server_pull); ++ ++ /* Init client */ ++ gnutls_certificate_allocate_credentials (&clientx509cred); ++ gnutls_init (&client, GNUTLS_CLIENT); ++ gnutls_credentials_set (client, GNUTLS_CRD_CERTIFICATE, clientx509cred); ++ gnutls_priority_set_direct (client, "NORMAL", NULL); ++ gnutls_transport_set_push_function (client, client_push); ++ gnutls_transport_set_pull_function (client, client_pull); ++ ++ /* Check that initially no session use the extension. */ ++ if (gnutls_safe_renegotiation_status (server) ++ || gnutls_safe_renegotiation_status (client)) ++ { ++ puts ("Client or server using extension before handshake?"); ++ abort (); ++ } ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = EXIT_FAILURE; ++ ++ if (gnutls_safe_renegotiation_status (client) || ++ gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Session using safe renegotiation but shouldn't?!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ sret = gnutls_rehandshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_rehandshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ ++ { ++ ssize_t n; ++ char b[1]; ++ n = gnutls_record_recv (client, b, 1); ++ if (n != GNUTLS_E_REHANDSHAKE) ++ abort (); ++ } ++ ++ cret = GNUTLS_E_AGAIN; ++ sret = GNUTLS_E_AGAIN; ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (cret == GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED) ++ break; ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED ++ && sret != GNUTLS_E_SUCCESS) ++ exit_code = 1; ++ ++ if (gnutls_safe_renegotiation_status (client) || ++ gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Rehandshaked worked and uses safe reneg?!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ gnutls_bye (client, GNUTLS_SHUT_RDWR); ++ gnutls_bye (server, GNUTLS_SHUT_RDWR); ++ ++ gnutls_deinit (client); ++ gnutls_deinit (server); ++ ++ free (to_server); ++ free (to_client); ++ ++ gnutls_certificate_free_credentials (serverx509cred); ++ ++ gnutls_global_deinit (); ++ ++ if (debug_level > 0) ++ { ++ if (exit_code == 0) ++ puts ("Self-test successful"); ++ else ++ puts ("Self-test failed"); ++ } ++ ++ return exit_code; ++} +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/srn3.c 2013-09-26 +@@ -0,0 +1,264 @@ ++/* ++ * Copyright (C) 2008, 2010 Free Software Foundation, Inc. ++ * ++ * Author: Simon Josefsson ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ */ ++ ++/* Code based on ../mini-x509.c. ++ * ++ * This tests that a %SAFE_RENEGOTIATION client will reject handshakes ++ * against servers that do not support the extension (server uses ++ * %DISABLE_SAFE_RENEGOTIATION). ++ */ ++ ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <errno.h> ++#include <gnutls/gnutls.h> ++ ++static void ++tls_log_func (int level, const char *str) ++{ ++ fprintf (stderr, "|<%d>| %s", level, str); ++} ++ ++static char *to_server; ++static size_t to_server_len; ++ ++static char *to_client; ++static size_t to_client_len; ++ ++static ssize_t ++client_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_client_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_client, len); ++ ++ memmove (to_client, to_client + len, to_client_len - len); ++ to_client_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++client_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_server_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_server, newlen); ++ if (!tmp) ++ abort (); ++ to_server = tmp; ++ ++ memcpy (to_server + to_server_len, data, len); ++ to_server_len = newlen; ++ ++ return len; ++} ++ ++static ssize_t ++server_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_server_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_server, len); ++ ++ memmove (to_server, to_server + len, to_server_len - len); ++ to_server_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++server_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_client_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_client, newlen); ++ if (!tmp) ++ abort (); ++ to_client = tmp; ++ ++ memcpy (to_client + to_client_len, data, len); ++ to_client_len = newlen; ++ ++ return len; ++} ++ ++static unsigned char server_cert_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" ++ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" ++ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" ++ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" ++ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" ++ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" ++ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" ++ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" ++ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" ++ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" ++ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" ++ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" ++ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; ++ ++const gnutls_datum_t server_cert = { server_cert_pem, ++ sizeof (server_cert_pem) ++}; ++ ++static unsigned char server_key_pem[] = ++ "-----BEGIN RSA PRIVATE KEY-----\n" ++ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" ++ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" ++ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" ++ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" ++ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" ++ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" ++ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" ++ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" ++ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" ++ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" ++ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" ++ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" ++ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" ++ "-----END RSA PRIVATE KEY-----\n"; ++ ++const gnutls_datum_t server_key = { server_key_pem, ++ sizeof (server_key_pem) ++}; ++ ++int ++main (int argc, char *argv[]) ++{ ++ int debug_level = argc - 1; ++ int exit_code = EXIT_SUCCESS; ++ /* Server stuff. */ ++ gnutls_certificate_credentials_t serverx509cred; ++ gnutls_session_t server; ++ int sret = GNUTLS_E_AGAIN; ++ /* Client stuff. */ ++ gnutls_certificate_credentials_t clientx509cred; ++ gnutls_session_t client; ++ int cret = GNUTLS_E_AGAIN; ++ ++ /* General init. */ ++ gnutls_global_init (); ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (debug_level); ++ ++ /* Init server */ ++ gnutls_certificate_allocate_credentials (&serverx509cred); ++ gnutls_certificate_set_x509_key_mem (serverx509cred, ++ &server_cert, &server_key, ++ GNUTLS_X509_FMT_PEM); ++ gnutls_init (&server, GNUTLS_SERVER); ++ gnutls_credentials_set (server, GNUTLS_CRD_CERTIFICATE, serverx509cred); ++ gnutls_priority_set_direct (server, "NORMAL:%DISABLE_SAFE_RENEGOTIATION", ++ NULL); ++ gnutls_transport_set_push_function (server, server_push); ++ gnutls_transport_set_pull_function (server, server_pull); ++ ++ /* Init client */ ++ gnutls_certificate_allocate_credentials (&clientx509cred); ++ gnutls_init (&client, GNUTLS_CLIENT); ++ gnutls_credentials_set (client, GNUTLS_CRD_CERTIFICATE, clientx509cred); ++ gnutls_priority_set_direct (client, "NORMAL:%SAFE_RENEGOTIATION", NULL); ++ gnutls_transport_set_push_function (client, client_push); ++ gnutls_transport_set_pull_function (client, client_pull); ++ ++ /* Check that initially no session use the extension. */ ++ if (gnutls_safe_renegotiation_status (server) ++ || gnutls_safe_renegotiation_status (client)) ++ { ++ puts ("Client or server using extension before handshake?"); ++ abort (); ++ } ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ((cret == GNUTLS_E_AGAIN || cret == GNUTLS_E_SUCCESS) ++ && (sret == GNUTLS_E_AGAIN || sret == GNUTLS_E_SUCCESS)); ++ ++ if (cret != GNUTLS_E_SAFE_RENEGOTIATION_FAILED && sret != GNUTLS_E_SUCCESS) ++ exit_code = EXIT_FAILURE; ++ ++ gnutls_bye (client, GNUTLS_SHUT_RDWR); ++ gnutls_bye (server, GNUTLS_SHUT_RDWR); ++ ++ gnutls_deinit (client); ++ gnutls_deinit (server); ++ ++ free (to_server); ++ free (to_client); ++ ++ gnutls_certificate_free_credentials (serverx509cred); ++ ++ gnutls_global_deinit (); ++ ++ if (debug_level > 0) ++ { ++ if (exit_code == 0) ++ puts ("Self-test successful"); ++ else ++ puts ("Self-test failed"); ++ } ++ ++ return exit_code; ++} +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/srn4.c 2013-09-26 +@@ -0,0 +1,263 @@ ++/* ++ * Copyright (C) 2008, 2010 Free Software Foundation, Inc. ++ * ++ * Author: Simon Josefsson ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ */ ++ ++/* Code based on ../mini-x509.c. ++ * ++ * This tests that a %SAFE_RENEGOTIATION server will reject handshakes ++ * against clients that do not support the extension. ++ */ ++ ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <errno.h> ++#include <gnutls/gnutls.h> ++ ++static void ++tls_log_func (int level, const char *str) ++{ ++ fprintf (stderr, "|<%d>| %s", level, str); ++} ++ ++static char *to_server; ++static size_t to_server_len; ++ ++static char *to_client; ++static size_t to_client_len; ++ ++static ssize_t ++client_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_client_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_client, len); ++ ++ memmove (to_client, to_client + len, to_client_len - len); ++ to_client_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++client_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_server_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_server, newlen); ++ if (!tmp) ++ abort (); ++ to_server = tmp; ++ ++ memcpy (to_server + to_server_len, data, len); ++ to_server_len = newlen; ++ ++ return len; ++} ++ ++static ssize_t ++server_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_server_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_server, len); ++ ++ memmove (to_server, to_server + len, to_server_len - len); ++ to_server_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++server_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_client_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_client, newlen); ++ if (!tmp) ++ abort (); ++ to_client = tmp; ++ ++ memcpy (to_client + to_client_len, data, len); ++ to_client_len = newlen; ++ ++ return len; ++} ++ ++static unsigned char server_cert_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" ++ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" ++ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" ++ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" ++ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" ++ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" ++ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" ++ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" ++ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" ++ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" ++ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" ++ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" ++ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; ++ ++const gnutls_datum_t server_cert = { server_cert_pem, ++ sizeof (server_cert_pem) ++}; ++ ++static unsigned char server_key_pem[] = ++ "-----BEGIN RSA PRIVATE KEY-----\n" ++ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" ++ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" ++ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" ++ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" ++ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" ++ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" ++ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" ++ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" ++ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" ++ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" ++ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" ++ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" ++ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" ++ "-----END RSA PRIVATE KEY-----\n"; ++ ++const gnutls_datum_t server_key = { server_key_pem, ++ sizeof (server_key_pem) ++}; ++ ++int ++main (int argc, char *argv[]) ++{ ++ int debug_level = argc - 1; ++ int exit_code = EXIT_SUCCESS; ++ /* Server stuff. */ ++ gnutls_certificate_credentials_t serverx509cred; ++ gnutls_session_t server; ++ int sret = GNUTLS_E_AGAIN; ++ /* Client stuff. */ ++ gnutls_certificate_credentials_t clientx509cred; ++ gnutls_session_t client; ++ int cret = GNUTLS_E_AGAIN; ++ ++ /* General init. */ ++ gnutls_global_init (); ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (debug_level); ++ ++ /* Init server */ ++ gnutls_certificate_allocate_credentials (&serverx509cred); ++ gnutls_certificate_set_x509_key_mem (serverx509cred, ++ &server_cert, &server_key, ++ GNUTLS_X509_FMT_PEM); ++ gnutls_init (&server, GNUTLS_SERVER); ++ gnutls_credentials_set (server, GNUTLS_CRD_CERTIFICATE, serverx509cred); ++ gnutls_priority_set_direct (server, "NORMAL:%SAFE_RENEGOTIATION", NULL); ++ gnutls_transport_set_push_function (server, server_push); ++ gnutls_transport_set_pull_function (server, server_pull); ++ ++ /* Init client */ ++ gnutls_certificate_allocate_credentials (&clientx509cred); ++ gnutls_init (&client, GNUTLS_CLIENT); ++ gnutls_credentials_set (client, GNUTLS_CRD_CERTIFICATE, clientx509cred); ++ gnutls_priority_set_direct (client, "NORMAL:%DISABLE_SAFE_RENEGOTIATION", ++ NULL); ++ gnutls_transport_set_push_function (client, client_push); ++ gnutls_transport_set_pull_function (client, client_pull); ++ ++ /* Check that initially no session use the extension. */ ++ if (gnutls_safe_renegotiation_status (server) ++ || gnutls_safe_renegotiation_status (client)) ++ { ++ puts ("Client or server using extension before handshake?"); ++ abort (); ++ } ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ((cret == GNUTLS_E_AGAIN || cret == GNUTLS_E_SUCCESS) ++ && (sret == GNUTLS_E_AGAIN || sret == GNUTLS_E_SUCCESS)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SAFE_RENEGOTIATION_FAILED) ++ exit_code = EXIT_FAILURE; ++ ++ gnutls_bye (client, GNUTLS_SHUT_RDWR); ++ gnutls_bye (server, GNUTLS_SHUT_RDWR); ++ ++ gnutls_deinit (client); ++ gnutls_deinit (server); ++ ++ free (to_server); ++ free (to_client); ++ ++ gnutls_certificate_free_credentials (serverx509cred); ++ ++ gnutls_global_deinit (); ++ ++ if (debug_level > 0) ++ { ++ if (exit_code == 0) ++ puts ("Self-test successful"); ++ else ++ puts ("Self-test failed"); ++ } ++ ++ return exit_code; ++} +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/srn5.c 2013-09-26 +@@ -0,0 +1,337 @@ ++/* ++ * Copyright (C) 2008, 2010 Free Software Foundation, Inc. ++ * ++ * Author: Simon Josefsson ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ */ ++ ++/* Code based on ./srn0.c. ++ * ++ * This tests that a client with a permissive policy ++ * (%UNSAFE_RENEGOTIATION) is able to handshake and rehandshake with a ++ * server with no support for the extension. ++ */ ++ ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <errno.h> ++#include <gnutls/gnutls.h> ++ ++static void ++tls_log_func (int level, const char *str) ++{ ++ fprintf (stderr, "|<%d>| %s", level, str); ++} ++ ++static char *to_server; ++static size_t to_server_len; ++ ++static char *to_client; ++static size_t to_client_len; ++ ++static ssize_t ++client_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_client_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_client, len); ++ ++ memmove (to_client, to_client + len, to_client_len - len); ++ to_client_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++client_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_server_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_server, newlen); ++ if (!tmp) ++ abort (); ++ to_server = tmp; ++ ++ memcpy (to_server + to_server_len, data, len); ++ to_server_len = newlen; ++ ++ return len; ++} ++ ++static ssize_t ++server_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_server_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_server, len); ++ ++ memmove (to_server, to_server + len, to_server_len - len); ++ to_server_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++server_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_client_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_client, newlen); ++ if (!tmp) ++ abort (); ++ to_client = tmp; ++ ++ memcpy (to_client + to_client_len, data, len); ++ to_client_len = newlen; ++ ++ return len; ++} ++ ++static unsigned char server_cert_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" ++ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" ++ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" ++ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" ++ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" ++ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" ++ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" ++ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" ++ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" ++ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" ++ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" ++ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" ++ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; ++ ++const gnutls_datum_t server_cert = { server_cert_pem, ++ sizeof (server_cert_pem) ++}; ++ ++static unsigned char server_key_pem[] = ++ "-----BEGIN RSA PRIVATE KEY-----\n" ++ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" ++ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" ++ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" ++ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" ++ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" ++ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" ++ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" ++ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" ++ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" ++ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" ++ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" ++ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" ++ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" ++ "-----END RSA PRIVATE KEY-----\n"; ++ ++const gnutls_datum_t server_key = { server_key_pem, ++ sizeof (server_key_pem) ++}; ++ ++int ++main (int argc, char *argv[]) ++{ ++ int debug_level = argc - 1; ++ int exit_code = EXIT_SUCCESS; ++ /* Server stuff. */ ++ gnutls_certificate_credentials_t serverx509cred; ++ gnutls_session_t server; ++ int sret = GNUTLS_E_AGAIN; ++ /* Client stuff. */ ++ gnutls_certificate_credentials_t clientx509cred; ++ gnutls_session_t client; ++ int cret = GNUTLS_E_AGAIN; ++ ++ /* General init. */ ++ gnutls_global_init (); ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (debug_level); ++ ++ /* Init server */ ++ gnutls_certificate_allocate_credentials (&serverx509cred); ++ gnutls_certificate_set_x509_key_mem (serverx509cred, ++ &server_cert, &server_key, ++ GNUTLS_X509_FMT_PEM); ++ gnutls_init (&server, GNUTLS_SERVER); ++ gnutls_credentials_set (server, GNUTLS_CRD_CERTIFICATE, serverx509cred); ++ gnutls_priority_set_direct (server, "NORMAL:%DISABLE_SAFE_RENEGOTIATION", ++ NULL); ++ gnutls_transport_set_push_function (server, server_push); ++ gnutls_transport_set_pull_function (server, server_pull); ++ ++ /* Init client */ ++ gnutls_certificate_allocate_credentials (&clientx509cred); ++ gnutls_init (&client, GNUTLS_CLIENT); ++ gnutls_credentials_set (client, GNUTLS_CRD_CERTIFICATE, clientx509cred); ++ gnutls_priority_set_direct (client, "NORMAL:%UNSAFE_RENEGOTIATION", NULL); ++ gnutls_transport_set_push_function (client, client_push); ++ gnutls_transport_set_pull_function (client, client_pull); ++ ++ /* Check that initially no session use the extension. */ ++ if (gnutls_safe_renegotiation_status (server) ++ || gnutls_safe_renegotiation_status (client)) ++ { ++ puts ("Client or server using extension before handshake?"); ++ abort (); ++ } ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = EXIT_FAILURE; ++ ++ if (gnutls_safe_renegotiation_status (client) || ++ gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Session using safe renegotiation?!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ sret = gnutls_rehandshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_rehandshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ ++ { ++ ssize_t n; ++ char b[1]; ++ n = gnutls_record_recv (client, b, 1); ++ if (n != GNUTLS_E_REHANDSHAKE) ++ abort (); ++ } ++ ++ cret = GNUTLS_E_AGAIN; ++ sret = GNUTLS_E_AGAIN; ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = 1; ++ ++ if (gnutls_safe_renegotiation_status (client) || ++ gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Rehandshaked using safe renegotiation?!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ gnutls_bye (client, GNUTLS_SHUT_RDWR); ++ gnutls_bye (server, GNUTLS_SHUT_RDWR); ++ ++ gnutls_deinit (client); ++ gnutls_deinit (server); ++ ++ free (to_server); ++ free (to_client); ++ ++ gnutls_certificate_free_credentials (serverx509cred); ++ ++ gnutls_global_deinit (); ++ ++ if (debug_level > 0) ++ { ++ if (exit_code == 0) ++ puts ("Self-test successful"); ++ else ++ puts ("Self-test failed"); ++ } ++ ++ return exit_code; ++} +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/srn6.c 2013-09-26 +@@ -0,0 +1,337 @@ ++/* ++ * Copyright (C) 2008, 2010 Free Software Foundation, Inc. ++ * ++ * Author: Simon Josefsson ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ */ ++ ++/* Code based on ./srn5.c. ++ * ++ * This tests that a server with a permissive policy ++ * (%UNSAFE_RENEGOTIATION) is able to handshake and rehandshake with a ++ * client with no support for the extension. ++ */ ++ ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <errno.h> ++#include <gnutls/gnutls.h> ++ ++static void ++tls_log_func (int level, const char *str) ++{ ++ fprintf (stderr, "|<%d>| %s", level, str); ++} ++ ++static char *to_server; ++static size_t to_server_len; ++ ++static char *to_client; ++static size_t to_client_len; ++ ++static ssize_t ++client_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_client_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_client, len); ++ ++ memmove (to_client, to_client + len, to_client_len - len); ++ to_client_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++client_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_server_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_server, newlen); ++ if (!tmp) ++ abort (); ++ to_server = tmp; ++ ++ memcpy (to_server + to_server_len, data, len); ++ to_server_len = newlen; ++ ++ return len; ++} ++ ++static ssize_t ++server_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_server_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_server, len); ++ ++ memmove (to_server, to_server + len, to_server_len - len); ++ to_server_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++server_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_client_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_client, newlen); ++ if (!tmp) ++ abort (); ++ to_client = tmp; ++ ++ memcpy (to_client + to_client_len, data, len); ++ to_client_len = newlen; ++ ++ return len; ++} ++ ++static unsigned char server_cert_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" ++ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" ++ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" ++ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" ++ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" ++ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" ++ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" ++ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" ++ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" ++ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" ++ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" ++ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" ++ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; ++ ++const gnutls_datum_t server_cert = { server_cert_pem, ++ sizeof (server_cert_pem) ++}; ++ ++static unsigned char server_key_pem[] = ++ "-----BEGIN RSA PRIVATE KEY-----\n" ++ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" ++ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" ++ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" ++ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" ++ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" ++ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" ++ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" ++ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" ++ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" ++ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" ++ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" ++ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" ++ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" ++ "-----END RSA PRIVATE KEY-----\n"; ++ ++const gnutls_datum_t server_key = { server_key_pem, ++ sizeof (server_key_pem) ++}; ++ ++int ++main (int argc, char *argv[]) ++{ ++ int debug_level = argc - 1; ++ int exit_code = EXIT_SUCCESS; ++ /* Server stuff. */ ++ gnutls_certificate_credentials_t serverx509cred; ++ gnutls_session_t server; ++ int sret = GNUTLS_E_AGAIN; ++ /* Client stuff. */ ++ gnutls_certificate_credentials_t clientx509cred; ++ gnutls_session_t client; ++ int cret = GNUTLS_E_AGAIN; ++ ++ /* General init. */ ++ gnutls_global_init (); ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (debug_level); ++ ++ /* Init server */ ++ gnutls_certificate_allocate_credentials (&serverx509cred); ++ gnutls_certificate_set_x509_key_mem (serverx509cred, ++ &server_cert, &server_key, ++ GNUTLS_X509_FMT_PEM); ++ gnutls_init (&server, GNUTLS_SERVER); ++ gnutls_credentials_set (server, GNUTLS_CRD_CERTIFICATE, serverx509cred); ++ gnutls_priority_set_direct (server, "NORMAL:%UNSAFE_RENEGOTIATION", NULL); ++ gnutls_transport_set_push_function (server, server_push); ++ gnutls_transport_set_pull_function (server, server_pull); ++ ++ /* Init client */ ++ gnutls_certificate_allocate_credentials (&clientx509cred); ++ gnutls_init (&client, GNUTLS_CLIENT); ++ gnutls_credentials_set (client, GNUTLS_CRD_CERTIFICATE, clientx509cred); ++ gnutls_priority_set_direct (client, "NORMAL:%DISABLE_SAFE_RENEGOTIATION", ++ NULL); ++ gnutls_transport_set_push_function (client, client_push); ++ gnutls_transport_set_pull_function (client, client_pull); ++ ++ /* Check that initially no session use the extension. */ ++ if (gnutls_safe_renegotiation_status (server) ++ || gnutls_safe_renegotiation_status (client)) ++ { ++ puts ("Client or server using extension before handshake?"); ++ abort (); ++ } ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = EXIT_FAILURE; ++ ++ if (gnutls_safe_renegotiation_status (client) || ++ gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Session using safe renegotiation?!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ sret = gnutls_rehandshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_rehandshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ ++ { ++ ssize_t n; ++ char b[1]; ++ n = gnutls_record_recv (client, b, 1); ++ if (n != GNUTLS_E_REHANDSHAKE) ++ abort (); ++ } ++ ++ cret = GNUTLS_E_AGAIN; ++ sret = GNUTLS_E_AGAIN; ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = 1; ++ ++ if (gnutls_safe_renegotiation_status (client) || ++ gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Rehandshaked using safe renegotiation?!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ gnutls_bye (client, GNUTLS_SHUT_RDWR); ++ gnutls_bye (server, GNUTLS_SHUT_RDWR); ++ ++ gnutls_deinit (client); ++ gnutls_deinit (server); ++ ++ free (to_server); ++ free (to_client); ++ ++ gnutls_certificate_free_credentials (serverx509cred); ++ ++ gnutls_global_deinit (); ++ ++ if (debug_level > 0) ++ { ++ if (exit_code == 0) ++ puts ("Self-test successful"); ++ else ++ puts ("Self-test failed"); ++ } ++ ++ return exit_code; ++} +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/srn7.c 2013-09-26 +@@ -0,0 +1,336 @@ ++/* ++ * Copyright (C) 2008, 2010 Free Software Foundation, Inc. ++ * ++ * Author: Simon Josefsson ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ */ ++ ++/* Code based on ../srn0.c. ++ * ++ * This tests that clients and servers in %SAFE_RENEGOTIATION mode are ++ * able to handshake and rehandshake. ++ */ ++ ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <errno.h> ++#include <gnutls/gnutls.h> ++ ++static void ++tls_log_func (int level, const char *str) ++{ ++ fprintf (stderr, "|<%d>| %s", level, str); ++} ++ ++static char *to_server; ++static size_t to_server_len; ++ ++static char *to_client; ++static size_t to_client_len; ++ ++static ssize_t ++client_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_client_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_client, len); ++ ++ memmove (to_client, to_client + len, to_client_len - len); ++ to_client_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++client_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_server_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_server, newlen); ++ if (!tmp) ++ abort (); ++ to_server = tmp; ++ ++ memcpy (to_server + to_server_len, data, len); ++ to_server_len = newlen; ++ ++ return len; ++} ++ ++static ssize_t ++server_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_server_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_server, len); ++ ++ memmove (to_server, to_server + len, to_server_len - len); ++ to_server_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++server_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_client_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_client, newlen); ++ if (!tmp) ++ abort (); ++ to_client = tmp; ++ ++ memcpy (to_client + to_client_len, data, len); ++ to_client_len = newlen; ++ ++ return len; ++} ++ ++static unsigned char server_cert_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" ++ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" ++ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" ++ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" ++ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" ++ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" ++ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" ++ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" ++ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" ++ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" ++ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" ++ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" ++ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; ++ ++const gnutls_datum_t server_cert = { server_cert_pem, ++ sizeof (server_cert_pem) ++}; ++ ++static unsigned char server_key_pem[] = ++ "-----BEGIN RSA PRIVATE KEY-----\n" ++ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" ++ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" ++ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" ++ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" ++ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" ++ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" ++ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" ++ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" ++ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" ++ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" ++ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" ++ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" ++ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" ++ "-----END RSA PRIVATE KEY-----\n"; ++ ++const gnutls_datum_t server_key = { server_key_pem, ++ sizeof (server_key_pem) ++}; ++ ++int ++main (int argc, char *argv[]) ++{ ++ int debug_level = argc - 1; ++ int exit_code = EXIT_SUCCESS; ++ /* Server stuff. */ ++ gnutls_certificate_credentials_t serverx509cred; ++ gnutls_session_t server; ++ int sret = GNUTLS_E_AGAIN; ++ /* Client stuff. */ ++ gnutls_certificate_credentials_t clientx509cred; ++ gnutls_session_t client; ++ int cret = GNUTLS_E_AGAIN; ++ ++ /* General init. */ ++ gnutls_global_init (); ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (debug_level); ++ ++ /* Init server */ ++ gnutls_certificate_allocate_credentials (&serverx509cred); ++ gnutls_certificate_set_x509_key_mem (serverx509cred, ++ &server_cert, &server_key, ++ GNUTLS_X509_FMT_PEM); ++ gnutls_init (&server, GNUTLS_SERVER); ++ gnutls_credentials_set (server, GNUTLS_CRD_CERTIFICATE, serverx509cred); ++ gnutls_priority_set_direct (server, "NORMAL:%SAFE_RENEGOTIATION", NULL); ++ gnutls_transport_set_push_function (server, server_push); ++ gnutls_transport_set_pull_function (server, server_pull); ++ ++ /* Init client */ ++ gnutls_certificate_allocate_credentials (&clientx509cred); ++ gnutls_init (&client, GNUTLS_CLIENT); ++ gnutls_credentials_set (client, GNUTLS_CRD_CERTIFICATE, clientx509cred); ++ gnutls_priority_set_direct (client, "NORMAL:%SAFE_RENEGOTIATION", NULL); ++ gnutls_transport_set_push_function (client, client_push); ++ gnutls_transport_set_pull_function (client, client_pull); ++ ++ /* Check that initially no session use the extension. */ ++ if (gnutls_safe_renegotiation_status (server) ++ || gnutls_safe_renegotiation_status (client)) ++ { ++ puts ("Client or server using extension before handshake?"); ++ abort (); ++ } ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = EXIT_FAILURE; ++ ++ if (!gnutls_safe_renegotiation_status (client) || ++ !gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Session not using safe renegotiation!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ sret = gnutls_rehandshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_rehandshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ ++ { ++ ssize_t n; ++ char b[1]; ++ n = gnutls_record_recv (client, b, 1); ++ if (n != GNUTLS_E_REHANDSHAKE) ++ abort (); ++ } ++ ++ cret = GNUTLS_E_AGAIN; ++ sret = GNUTLS_E_AGAIN; ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = 1; ++ ++ if (!gnutls_safe_renegotiation_status (client) || ++ !gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, ++ "Rehandshaked session not using safe renegotiation!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ gnutls_bye (client, GNUTLS_SHUT_RDWR); ++ gnutls_bye (server, GNUTLS_SHUT_RDWR); ++ ++ gnutls_deinit (client); ++ gnutls_deinit (server); ++ ++ free (to_server); ++ free (to_client); ++ ++ gnutls_certificate_free_credentials (serverx509cred); ++ ++ gnutls_global_deinit (); ++ ++ if (debug_level > 0) ++ { ++ if (exit_code == 0) ++ puts ("Self-test successful"); ++ else ++ puts ("Self-test failed"); ++ } ++ ++ return exit_code; ++} +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/testsrn 2013-09-26 +@@ -0,0 +1,103 @@ ++#!/bin/sh ++ ++# Copyright (C) 2010 Free Software Foundation, Inc. ++# ++# Author: Nikos Mavrogiannopoulos ++# ++# This file is part of GnuTLS. ++# ++# GnuTLS is free software; you can redistribute it and/or modify it ++# under the terms of the GNU General Public License as published by the ++# Free Software Foundation; either version 3 of the License, or (at ++# your option) any later version. ++# ++# GnuTLS is distributed in the hope that it will be useful, but ++# WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++# General Public License for more details. ++# ++# You should have received a copy of the GNU General Public License ++# along with GnuTLS; if not, write to the Free Software Foundation, ++# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. ++ ++srcdir="${srcdir:-.}" ++SERV="${SERV:-../../src/gnutls-serv$EXEEXT} -q" ++CLI="${CLI:-../../src/gnutls-cli$EXEEXT}" ++PORT="${PORT:-5558}" ++unset RETCODE ++ ++fail() { ++ echo "Failure: $1" >&2 ++ RETCODE=${RETCODE:-${2:-1}} ++} ++ ++echo "Checking Safe renegotiation" ++ ++$SERV -p $PORT --echo --priority NORMAL:+ANON-DH:%PARTIAL_RENEGOTIATION --dhparams $srcdir/params.dh >/dev/null 2>&1 & ++pid=$! ++ ++# give the server a chance to initialize ++sleep 2 ++ ++$CLI -p $PORT 127.0.0.1 --rehandshake --priority NONE:+AES-128-CBC:+MD5:+SHA1:+VERS-SSL3.0:+ANON-DH:+COMP-NULL:%SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 || \ ++ fail "0. Renegotiation should have succeeded!" ++ ++$CLI -p $PORT 127.0.0.1 --rehandshake --priority NORMAL:+ANON-DH:%SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 || \ ++ fail "1. Safe rehandshake should have succeeded!" ++ ++$CLI -p $PORT 127.0.0.1 --rehandshake --priority NORMAL:+ANON-DH:%UNSAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 || \ ++ fail "2. Unsafe rehandshake should have succeeded!" ++ ++$CLI -p $PORT 127.0.0.1 --priority NORMAL:+ANON-DH:%DISABLE_SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 || \ ++ fail "3. Unsafe negotiation should have succeeded!" ++ ++$CLI -p $PORT 127.0.0.1 --rehandshake --priority NORMAL:+ANON-DH:%DISABLE_SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 && \ ++ fail "4. Unsafe renegotiation should have failed!" ++ ++ ++kill $pid ++wait ++ ++$SERV -p $PORT --echo --priority NORMAL:+ANON-DH:%SAFE_RENEGOTIATION --dhparams $srcdir/params.dh >/dev/null 2>&1 & ++pid=$! ++ ++# give the server a chance to initialize ++sleep 2 ++ ++$CLI -p $PORT 127.0.0.1 --rehandshake --priority NORMAL:+ANON-DH:%SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 || \ ++ fail "5. Safe rehandshake should have succeeded!" ++ ++$CLI -p $PORT 127.0.0.1 --rehandshake --priority NORMAL:+ANON-DH:%UNSAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 || \ ++ fail "6. Unsafe rehandshake should have succeeded!" ++ ++$CLI -p $PORT 127.0.0.1 --priority NORMAL:+ANON-DH:%DISABLE_SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 && \ ++ fail "7. Unsafe negotiation should have failed!" ++ ++$CLI -p $PORT 127.0.0.1 --rehandshake --priority NORMAL:+ANON-DH:%DISABLE_SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 && \ ++ fail "8. Unsafe renegotiation should have failed!" ++ ++kill $pid ++wait ++ ++$SERV -p $PORT --echo --priority NORMAL:+ANON-DH:%DISABLE_SAFE_RENEGOTIATION --dhparams $srcdir/params.dh >/dev/null 2>&1 & ++pid=$! ++ ++# give the server a chance to initialize ++sleep 2 ++ ++$CLI -p $PORT 127.0.0.1 --priority NORMAL:+ANON-DH:%SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 && \ ++ fail "9. Initial connection should have failed!" ++ ++$CLI -p $PORT 127.0.0.1 --priority NORMAL:+ANON-DH:%UNSAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 || \ ++ fail "10. Unsafe connection should have succeeded!" ++ ++$CLI -p $PORT 127.0.0.1 --priority NORMAL:+ANON-DH:%DISABLE_SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 || \ ++ fail "11. Unsafe negotiation should have succeeded!" ++ ++$CLI -p $PORT 127.0.0.1 --rehandshake --priority NORMAL:+ANON-DH:%DISABLE_SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 || \ ++ fail "12. Unsafe renegotiation should have succeeded!" ++ ++kill $pid ++wait ++ ++exit ${RETCODE:-0} +--- a/tests/simple.c 2009-06-02 ++++ b/tests/simple.c 2013-09-26 +@@ -50,7 +50,7 @@ doit (void) + + for (i = 0; algs[i]; i++) + { +- printf ("pk_list[%d] = %d = %s = %d\n", i, algs[i], ++ printf ("pk_list[%d] = %d = %s = %d\n", (int)i, algs[i], + gnutls_pk_algorithm_get_name (algs[i]), + gnutls_pk_get_id (gnutls_pk_algorithm_get_name (algs[i]))); + if (gnutls_pk_get_id (gnutls_pk_algorithm_get_name (algs[i])) +@@ -76,7 +76,7 @@ doit (void) + + for (i = 0; algs[i]; i++) + { +- printf ("sign_list[%d] = %d = %s = %d\n", i, algs[i], ++ printf ("sign_list[%d] = %d = %s = %d\n", (int)i, algs[i], + gnutls_sign_algorithm_get_name (algs[i]), + gnutls_sign_get_id (gnutls_sign_algorithm_get_name + (algs[i]))); diff --git a/patches/source/gnutls/gnutls-2.8.6_CVE-2011-4128.diff b/patches/source/gnutls/gnutls-2.8.6_CVE-2011-4128.diff new file mode 100644 index 00000000..56a04ac6 --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.6_CVE-2011-4128.diff @@ -0,0 +1,36 @@ +From 949b53faed849109787a9972149874f7dfe63029 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Sun, 29 Sep 2013 +Subject: CVE-2011-4128 [GNUTLS-SA-2011-2] + +gnutls_session_get_data: fix possible buffer overflow + +This is a backport adaptation for use with GnuTLS 2.8.6. + +Relevant upstream commits: +-------------------------- +https://gitorious.org/gnutls/gnutls/commit/190cef6eed37d0 +https://gitorious.org/gnutls/gnutls/commit/e82ef4545e9e98 + +--- + gnutls_session.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/lib/gnutls_session.c 2013-09-27 ++++ b/lib/gnutls_session.c 2013-09-27 +@@ -64,13 +64,14 @@ gnutls_session_get_data (gnutls_session_ + gnutls_assert (); + return ret; + } +- *session_data_size = psession.size; + + if (psession.size > *session_data_size) + { ++ *session_data_size = psession.size; + ret = GNUTLS_E_SHORT_MEMORY_BUFFER; + goto error; + } ++ *session_data_size = psession.size; + + if (session_data != NULL) + memcpy (session_data, psession.data, psession.size); diff --git a/patches/source/gnutls/gnutls-2.8.6_CVE-2012-1569.diff b/patches/source/gnutls/gnutls-2.8.6_CVE-2012-1569.diff new file mode 100644 index 00000000..4fc4f45b --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.6_CVE-2012-1569.diff @@ -0,0 +1,62 @@ +From d62dfe61dcf118aa397c39b3b23d8459c150c3b7 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Thu, 3 Oct 2013 +Subject: CVE-2012-1569 [GNUTLS-SA-2012-3] + +asn1_get_length_der() in decoding.c in GNU Libtasn1 before 2.12 +does not properly handle certain large length values. This can be +exploited by attackers to cause a DoS or other impacts via a +crafted ASN.1 structure. + +Fix adapted for use with libtasn1 embedded in GnuTLS 2.8.6. + +Relevant upstream patch: +------------------------ +http://article.gmane.org/gmane.comp.gnu.libtasn1.general/54 + +--- + decoding.c | 12 ++++++++---- + 1 file changed, 8 insertions(+), 4 deletions(-) + +--- a/lib/minitasn1/decoding.c ++++ b/lib/minitasn1/decoding.c +@@ -55,12 +55,13 @@ _asn1_error_description_tag_error (ASN1_TYPE node, char *ErrorDescription) + * Extract a length field from DER data. + * + * Return value: Return the decoded length value, or -1 on indefinite +- * length, or -2 when the value was too big. ++ * length, or -2 when the value was too big to fit in a int, or -4 ++ * when the decoded length value plus @len would exceed @der_len. + **/ + signed long + asn1_get_length_der (const unsigned char *der, int der_len, int *len) + { +- unsigned long ans; ++ int ans; + int k, punt; + + *len = 0; +@@ -83,7 +84,7 @@ asn1_get_length_der (const unsigned char *der, int der_len, int *len) + ans = 0; + while (punt <= k && punt < der_len) + { +- unsigned long last = ans; ++ int last = ans; + + ans = ans * 256 + der[punt++]; + if (ans < last) +@@ -93,10 +94,13 @@ asn1_get_length_der (const unsigned char *der, int der_len, int *len) + } + else + { /* indefinite length method */ +- ans = -1; ++ *len = punt; ++ return -1; + } + + *len = punt; ++ if (ans + *len < ans || ans + *len > der_len) ++ return -4; + return ans; + } + } diff --git a/patches/source/gnutls/gnutls-2.8.6_CVE-2012-1573.diff b/patches/source/gnutls/gnutls-2.8.6_CVE-2012-1573.diff new file mode 100644 index 00000000..53a8af0e --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.6_CVE-2012-1573.diff @@ -0,0 +1,39 @@ +From c8cf27468841f2ad51b287176b440c6608edc6ba Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Sun, 29 Sep 2013 +Subject: CVE-2012-1573 [GNUTLS-SA-2012-2] + +Address a TLS record handling vulnerability in GnuTLS. + +This is a backport adaptation for use with GnuTLS 2.8.6. + +Relevant upstream commit: +------------------------- +https://gitorious.org/gnutls/gnutls/commit/42221486806137 + +--- + gnutls_cipher.c | 11 +++++------ + 1 file changed, 5 insertions(+), 6 deletions(-) + +--- a/lib/gnutls_cipher.c 2013-09-27 ++++ b/lib/gnutls_cipher.c 2013-09-27 +@@ -501,14 +501,13 @@ _gnutls_ciphertext2compressed (gnutls_se + { + ciphertext.size -= blocksize; + ciphertext.data += blocksize; +- +- if (ciphertext.size == 0) +- { +- gnutls_assert (); +- return GNUTLS_E_DECRYPTION_FAILED; +- } + } + ++ if (ciphertext.size < hash_size) ++ { ++ gnutls_assert (); ++ return GNUTLS_E_DECRYPTION_FAILED; ++ } + pad = ciphertext.data[ciphertext.size - 1] + 1; /* pad */ + + if ((int) pad > (int) ciphertext.size - hash_size) diff --git a/patches/source/gnutls/gnutls-2.8.6_CVE-2013-1619_CVE-2013-2116.diff b/patches/source/gnutls/gnutls-2.8.6_CVE-2013-1619_CVE-2013-2116.diff new file mode 100644 index 00000000..b5541e11 --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.6_CVE-2013-1619_CVE-2013-2116.diff @@ -0,0 +1,381 @@ +From 24b8c5e02c81e73c2c04022de72a1d354e333e6d Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Sun, 29 Sep 2013 +Subject: CVE-2013-1619 and CVE-2013-2116 [GNUTLS-SA-2013-1,GNUTLS-SA-2013-2] + +Fix to avoid a timing attack in TLS CBC record parsing (aka Lucky 13). + +For background, see http://www.isg.rhul.ac.uk/tls/Lucky13.html + +The fix for CVE-2013-2116 is folded into this patch since it addresses +a problem introduced by the fix for CVE-2013-1619. + +This is a backport adaptation for use with GnuTLS 2.8.6. + +Relevant upstream commits: +-------------------------- +https://gitorious.org/gnutls/gnutls/commit/458c67cf98740e +https://gitorious.org/gnutls/gnutls/commit/93b7fcfa3297a9 +https://gitorious.org/gnutls/gnutls/commit/32a7367601a3fd +https://gitorious.org/gnutls/gnutls/commit/63a331df6aa0ec + +--- + gnutls_algorithms.c | 14 +++++ + gnutls_algorithms.h | 3 + + gnutls_cipher.c | 132 ++++++++++++++++++++++++++++++++-------------------- + gnutls_hash_int.h | 21 ++++++++ + 4 files changed, 121 insertions(+), 49 deletions(-) + +--- a/lib/gnutls_cipher.c 2013-09-27 ++++ b/lib/gnutls_cipher.c 2013-09-27 +@@ -287,6 +287,26 @@ calc_enc_length (gnutls_session_t sessio + return length; + } + ++#define PREAMBLE_SIZE 16 ++static inline int make_preamble(opaque* uint64_data, opaque type, uint16_t c_length, opaque ver, opaque* preamble) ++{ ++ opaque minor = _gnutls_version_get_minor (ver); ++ opaque major = _gnutls_version_get_major (ver); ++ opaque *p = preamble; ++ ++ memcpy(p, uint64_data, 8); ++ p+=8; ++ *p=type; p++; ++ if (_gnutls_version_has_variable_padding (ver)) ++ { /* TLS 1.0 or higher */ ++ *p = major; p++; ++ *p = minor; p++; ++ } ++ memcpy(p, &c_length, 2); ++ p+=2; ++ return p-preamble; ++} ++ + /* This is the actual encryption + * Encrypts the given compressed datum, and puts the result to cipher_data, + * which has cipher_size size. +@@ -304,11 +324,11 @@ _gnutls_compressed2ciphertext (gnutls_se + int length, ret; + digest_hd_st td; + uint8_t type = _type; +- uint8_t major, minor; ++ opaque preamble[PREAMBLE_SIZE]; ++ int preamble_size; + int hash_size = + _gnutls_hash_get_algo_len (session->security_parameters. + write_mac_algorithm); +- gnutls_protocol_t ver; + int blocksize = + _gnutls_cipher_get_block_size (session->security_parameters. + write_bulk_cipher_algorithm); +@@ -316,40 +336,27 @@ _gnutls_compressed2ciphertext (gnutls_se + _gnutls_cipher_is_block (session->security_parameters. + write_bulk_cipher_algorithm); + opaque *data_ptr; +- +- +- ver = gnutls_protocol_get_version (session); +- minor = _gnutls_version_get_minor (ver); +- major = _gnutls_version_get_major (ver); +- ++ int ver = gnutls_protocol_get_version (session); + + /* Initialize MAC */ +- ret = mac_init (&td, session->security_parameters.write_mac_algorithm, +- session->connection_state.write_mac_secret.data, +- session->connection_state.write_mac_secret.size, ver); +- +- if (ret < 0 +- && session->security_parameters.write_mac_algorithm != GNUTLS_MAC_NULL) +- { +- gnutls_assert (); +- return ret; +- } + + c_length = _gnutls_conv_uint16 (compressed.size); + + if (session->security_parameters.write_mac_algorithm != GNUTLS_MAC_NULL) + { /* actually when the algorithm in not the NULL one */ +- _gnutls_hmac (&td, +- UINT64DATA (session->connection_state. +- write_sequence_number), 8); +- +- _gnutls_hmac (&td, &type, 1); +- if (ver >= GNUTLS_TLS1) +- { /* TLS 1.0 or higher */ +- _gnutls_hmac (&td, &major, 1); +- _gnutls_hmac (&td, &minor, 1); +- } +- _gnutls_hmac (&td, &c_length, 2); ++ digest_hd_st td; ++ ++ ret = mac_init (&td, session->security_parameters.write_mac_algorithm, ++ session->connection_state.write_mac_secret.data, ++ session->connection_state.write_mac_secret.size, ver); ++ ++ if (ret < 0) ++ { ++ gnutls_assert (); ++ return ret; ++ } ++ preamble_size = make_preamble( UINT64DATA (session->connection_state.write_sequence_number), type, c_length, ver, preamble); ++ _gnutls_hmac (&td, preamble, preamble_size); + _gnutls_hmac (&td, compressed.data, compressed.size); + mac_deinit (&td, MAC, ver); + } +@@ -418,6 +425,49 @@ _gnutls_compressed2ciphertext (gnutls_se + return length; + } + ++static void dummy_wait(gnutls_session_t session, gnutls_datum_t* plaintext, ++ unsigned pad_failed, unsigned int pad, unsigned total, int ver) ++{ ++ /* this hack is only needed on CBC ciphers */ ++ if (_gnutls_cipher_is_block (session->security_parameters.read_bulk_cipher_algorithm) == CIPHER_BLOCK) ++ { ++ uint8_t MAC[MAX_HASH_SIZE]; ++ unsigned len; ++ digest_hd_st td; ++ int ret; ++ ++ ret = mac_init (&td, session->security_parameters.read_mac_algorithm, ++ session->connection_state.read_mac_secret.data, ++ session->connection_state.read_mac_secret.size, ver); ++ ++ if (ret < 0) ++ return; ++ ++ /* force an additional hash compression function evaluation to prevent timing ++ * attacks that distinguish between wrong-mac + correct pad, from wrong-mac + incorrect pad. ++ */ ++ if (pad_failed == 0 && pad > 0) ++ { ++ len = _gnutls_get_hash_block_len(session->security_parameters.read_mac_algorithm); ++ if (len > 0) ++ { ++ /* This is really specific to the current hash functions. ++ * It should be removed once a protocol fix is in place. ++ */ ++ if ((pad+total) % len > len-9 && total % len <= len-9) ++ { ++ if (len < plaintext->size) ++ _gnutls_hmac (&td, plaintext->data, len); ++ else ++ _gnutls_hmac (&td, plaintext->data, plaintext->size); ++ } ++ } ++ } ++ ++ mac_deinit (&td, MAC, ver); ++ } ++} ++ + /* Deciphers the ciphertext packet, and puts the result to compress_data, of compress_size. + * Returns the actual compressed packet size. + */ +@@ -429,38 +479,22 @@ _gnutls_ciphertext2compressed (gnutls_se + { + uint8_t MAC[MAX_HASH_SIZE]; + uint16_t c_length; +- uint8_t pad; ++ unsigned int pad = 0; + int length; + digest_hd_st td; + uint16_t blocksize; + int ret, i, pad_failed = 0; +- uint8_t major, minor; +- gnutls_protocol_t ver; ++ opaque preamble[PREAMBLE_SIZE]; ++ int preamble_size = 0; ++ int ver = gnutls_protocol_get_version (session); + int hash_size = + _gnutls_hash_get_algo_len (session->security_parameters. + read_mac_algorithm); + +- ver = gnutls_protocol_get_version (session); +- minor = _gnutls_version_get_minor (ver); +- major = _gnutls_version_get_major (ver); +- + blocksize = + _gnutls_cipher_get_block_size (session->security_parameters. + read_bulk_cipher_algorithm); + +- /* initialize MAC +- */ +- ret = mac_init (&td, session->security_parameters.read_mac_algorithm, +- session->connection_state.read_mac_secret.data, +- session->connection_state.read_mac_secret.size, ver); +- +- if (ret < 0 +- && session->security_parameters.read_mac_algorithm != GNUTLS_MAC_NULL) +- { +- gnutls_assert (); +- return GNUTLS_E_INTERNAL_ERROR; +- } +- + /* actual decryption (inplace) + */ + switch (_gnutls_cipher_is_block +@@ -508,31 +542,25 @@ _gnutls_ciphertext2compressed (gnutls_se + gnutls_assert (); + return GNUTLS_E_DECRYPTION_FAILED; + } +- pad = ciphertext.data[ciphertext.size - 1] + 1; /* pad */ +- +- if ((int) pad > (int) ciphertext.size - hash_size) +- { +- gnutls_assert (); +- _gnutls_record_log +- ("REC[%p]: Short record length %d > %d - %d (under attack?)\n", +- session, pad, ciphertext.size, hash_size); +- /* We do not fail here. We check below for the +- * the pad_failed. If zero means success. +- */ +- pad_failed = GNUTLS_E_DECRYPTION_FAILED; +- } +- +- length = ciphertext.size - hash_size - pad; +- +- /* Check the pading bytes (TLS 1.x) ++ pad = ciphertext.data[ciphertext.size - 1]; /* pad */ ++ if (pad+1 > ciphertext.size-hash_size) ++ pad_failed = GNUTLS_E_DECRYPTION_FAILED; ++ ++ /* Check the pading bytes (TLS 1.x). ++ * Note that we access all 256 bytes of ciphertext for padding check ++ * because there is a timing channel in that memory access (in certain CPUs + */ + if (ver >= GNUTLS_TLS1 && pad_failed == 0) + for (i = 2; i < pad; i++) + { +- if (ciphertext.data[ciphertext.size - i] != +- ciphertext.data[ciphertext.size - 1]) ++ if (ciphertext.data[ciphertext.size - i] != pad) + pad_failed = GNUTLS_E_DECRYPTION_FAILED; + } ++ ++ if (pad_failed) ++ pad = 0; ++ length = ciphertext.size - hash_size - pad - 1; ++ + break; + default: + gnutls_assert (); +@@ -548,17 +576,20 @@ _gnutls_ciphertext2compressed (gnutls_se + */ + if (session->security_parameters.read_mac_algorithm != GNUTLS_MAC_NULL) + { +- _gnutls_hmac (&td, +- UINT64DATA (session->connection_state. +- read_sequence_number), 8); +- +- _gnutls_hmac (&td, &type, 1); +- if (ver >= GNUTLS_TLS1) +- { /* TLS 1.x */ +- _gnutls_hmac (&td, &major, 1); +- _gnutls_hmac (&td, &minor, 1); +- } +- _gnutls_hmac (&td, &c_length, 2); ++ digest_hd_st td; ++ ++ ret = mac_init (&td, session->security_parameters.read_mac_algorithm, ++ session->connection_state.read_mac_secret.data, ++ session->connection_state.read_mac_secret.size, ver); ++ ++ if (ret < 0) ++ { ++ gnutls_assert (); ++ return GNUTLS_E_INTERNAL_ERROR; ++ } ++ ++ preamble_size = make_preamble( UINT64DATA (session->connection_state.read_sequence_number), type, c_length, ver, preamble); ++ _gnutls_hmac (&td, preamble, preamble_size); + + if (length > 0) + _gnutls_hmac (&td, ciphertext.data, length); +@@ -566,16 +597,14 @@ _gnutls_ciphertext2compressed (gnutls_se + mac_deinit (&td, MAC, ver); + } + +- /* This one was introduced to avoid a timing attack against the TLS +- * 1.0 protocol. +- */ +- if (pad_failed != 0) +- return pad_failed; +- + /* HMAC was not the same. + */ +- if (memcmp (MAC, &ciphertext.data[length], hash_size) != 0) ++ if (memcmp (MAC, &ciphertext.data[length], hash_size) != 0 || pad_failed != 0) + { ++ gnutls_datum_t compressed = {compress_data, compress_size}; ++ /* HMAC was not the same. */ ++ dummy_wait(session, &compressed, pad_failed, pad, length+preamble_size, ver); ++ + gnutls_assert (); + return GNUTLS_E_DECRYPTION_FAILED; + } +--- a/lib/gnutls_hash_int.h 2013-09-27 ++++ b/lib/gnutls_hash_int.h 2013-09-27 +@@ -92,4 +92,25 @@ void _gnutls_mac_deinit_ssl3_handshake ( + + int _gnutls_hash_copy (digest_hd_st* dst_handle, digest_hd_st * src_handle); + ++/* We shouldn't need to know that, but a work-around in decoding ++ * TLS record padding requires that. ++ */ ++inline static size_t ++_gnutls_get_hash_block_len (gnutls_digest_algorithm_t algo) ++{ ++ switch (algo) ++ { ++ case GNUTLS_DIG_MD5: ++ case GNUTLS_DIG_SHA1: ++ case GNUTLS_DIG_RMD160: ++ case GNUTLS_DIG_SHA256: ++ case GNUTLS_DIG_SHA384: ++ case GNUTLS_DIG_SHA512: ++ case GNUTLS_DIG_SHA224: ++ return 64; ++ default: ++ return 0; ++ } ++} ++ + #endif /* GNUTLS_HASH_INT_H */ +--- a/lib/gnutls_algorithms.c 2013-09-27 ++++ b/lib/gnutls_algorithms.c 2013-09-27 +@@ -1185,6 +1185,20 @@ _gnutls_version_is_supported (gnutls_ses + return 1; + } + ++/* This function determines if the version specified can have ++ non-minimal padding. */ ++int _gnutls_version_has_variable_padding (gnutls_protocol_t version) ++{ ++ switch(version) { ++ case GNUTLS_TLS1_0: ++ case GNUTLS_TLS1_1: ++ case GNUTLS_TLS1_2: ++ return 1; ++ default: ++ return 0; ++ } ++} ++ + /* Type to KX mappings */ + gnutls_kx_algorithm_t + _gnutls_map_kx_get_kx (gnutls_credentials_type_t type, int server) +--- a/lib/gnutls_algorithms.h 2013-09-27 ++++ b/lib/gnutls_algorithms.h 2013-09-27 +@@ -41,6 +41,9 @@ int _gnutls_version_get_major (gnutls_pr + int _gnutls_version_get_minor (gnutls_protocol_t ver); + gnutls_protocol_t _gnutls_version_get (int major, int minor); + ++/* Functions for feature checks */ ++int _gnutls_version_has_variable_padding (gnutls_protocol_t version); ++ + /* Functions for MACs. */ + int _gnutls_mac_is_ok (gnutls_mac_algorithm_t algorithm); + gnutls_mac_algorithm_t _gnutls_x509_oid2mac_algorithm (const char *oid); diff --git a/patches/source/gnutls/gnutls-2.8.6_CVE-2014-0092.diff b/patches/source/gnutls/gnutls-2.8.6_CVE-2014-0092.diff new file mode 100644 index 00000000..dc37370b --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.6_CVE-2014-0092.diff @@ -0,0 +1,108 @@ +From 27892001331da24704fca8fa39041289ff7d3cd9 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Mon, 03 Mar 2014 +Subject: CVE-2014-0092 (GNUTLS-SA-2014-2) + +Fix vulnerabilities in the certificate verification code path. +The vulnerabilities can be exploited such that specially-crafted +certificates can bypass certificate validation checks. + +This is a backport adaptation for use with GnuTLS 2.8.6. + +Relevant upstream commit: +------------------------- +https://gitorious.org/gnutls/gnutls/commit/6aa26f78150ccb + +--- + lib/x509/verify.c | 17 +++++++++++------ + 1 file changed, 11 insertions(+), 6 deletions(-) + +--- a/lib/x509/verify.c ++++ b/lib/x509/verify.c +@@ -112,7 +112,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnu + if (result < 0) + { + gnutls_assert (); +- goto cleanup; ++ goto fail; + } + + result = +@@ -121,7 +121,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnu + if (result < 0) + { + gnutls_assert (); +- goto cleanup; ++ goto fail; + } + + result = +@@ -129,7 +129,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnu + if (result < 0) + { + gnutls_assert (); +- goto cleanup; ++ goto fail; + } + + result = +@@ -137,7 +137,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnu + if (result < 0) + { + gnutls_assert (); +- goto cleanup; ++ goto fail; + } + + /* If the subject certificate is the same as the issuer +@@ -177,6 +177,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnu + else + gnutls_assert (); + ++fail: + result = 0; + + cleanup: +@@ -269,7 +270,7 @@ _gnutls_verify_certificate2 (gnutls_x509 + gnutls_datum_t cert_signed_data = { NULL, 0 }; + gnutls_datum_t cert_signature = { NULL, 0 }; + gnutls_x509_crt_t issuer; +- int ret, issuer_version, result; ++ int ret, issuer_version, result = 0; + + if (output) + *output = 0; +@@ -299,7 +300,7 @@ _gnutls_verify_certificate2 (gnutls_x509 + if (issuer_version < 0) + { + gnutls_assert (); +- return issuer_version; ++ return 0; + } + + if (!(flags & GNUTLS_VERIFY_DISABLE_CA_SIGN) && +@@ -320,6 +321,7 @@ _gnutls_verify_certificate2 (gnutls_x509 + if (result < 0) + { + gnutls_assert (); ++ result = 0; + goto cleanup; + } + +@@ -328,6 +330,7 @@ _gnutls_verify_certificate2 (gnutls_x509 + if (result < 0) + { + gnutls_assert (); ++ result = 0; + goto cleanup; + } + +@@ -337,6 +340,8 @@ _gnutls_verify_certificate2 (gnutls_x509 + if (ret < 0) + { + gnutls_assert (); ++ result = 0; ++ goto cleanup; + } + else if (ret == 0) + { diff --git a/patches/source/gnutls/gnutls-2.8.6_CVE-2014-3466.diff b/patches/source/gnutls/gnutls-2.8.6_CVE-2014-3466.diff new file mode 100644 index 00000000..41758bec --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.6_CVE-2014-3466.diff @@ -0,0 +1,312 @@ +From aa7c26454d148c3ce29e428c23f4611b6f366f5c Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@zoho.com> +Date: Mon, 2 Jun 2014 +Subject: CVE-2014-3466 + +This is a backport adaptation for use with GnuTLS 2.8.6. + +Relevant upstream commit(s): +------------------------- +https://gitorious.org/gnutls/gnutls/commit/688ea6428a432c +https://gitorious.org/gnutls/gnutls/commit/a7be326f0e33cf + +--- + lib/gnutls_handshake.c | 2 + tests/Makefile.am | 2 + tests/long-session-id.c | 268 ++++++++++++++++++++++++++++++++++++++++ + 3 files changed, 270 insertions(+), 2 deletions(-) + +--- a/lib/gnutls_handshake.c ++++ b/lib/gnutls_handshake.c +@@ -1618,7 +1618,7 @@ _gnutls_read_server_hello (gnutls_sessio + DECR_LEN (len, 1); + session_id_len = data[pos++]; + +- if (len < session_id_len) ++ if (len < session_id_len || session_id_len > TLS_MAX_SESSION_ID_SIZE) + { + gnutls_assert (); + return GNUTLS_E_UNSUPPORTED_VERSION_PACKET; +--- a/tests/Makefile.am ++++ b/tests/Makefile.am +@@ -56,7 +56,8 @@ + ctests = simple gc set_pkcs12_cred certder mpi \ + certificate_set_x509_crl dn parse_ca moredn crypto_rng mini \ + finished hostname-check cve-2008-4989 pkcs12_s2k chainverify \ +- crq_key_id x509sign-verify cve-2009-1415 cve-2009-1416 mini-eagain ++ crq_key_id x509sign-verify cve-2009-1415 cve-2009-1416 \ ++ mini-eagain long-session-id + + if ENABLE_OPENSSL + ctests += openssl +--- /dev/null ++++ b/tests/long-session-id.c +@@ -0,0 +1,268 @@ ++/* ++ * Copyright (C) 2012 Free Software Foundation, Inc. ++ * ++ * Author: Nikos Mavrogiannopoulos ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ */ ++ ++#ifdef HAVE_CONFIG_H ++#include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++ ++#if defined(_WIN32) ++ ++int main() ++{ ++ exit(77); ++} ++ ++#else ++ ++#include <string.h> ++#include <sys/types.h> ++#include <netinet/in.h> ++#include <sys/socket.h> ++#include <sys/wait.h> ++#include <arpa/inet.h> ++#include <unistd.h> ++#include <gnutls/gnutls.h> ++#include <signal.h> ++ ++static int debug = 0; ++static void terminate(int); ++ ++/* This program tests the robustness of record ++ * decoding. ++ */ ++ ++static void client_log_func(int level, const char *str) ++{ ++ fprintf(stderr, "client|<%d>| %s", level, str); ++} ++ ++static unsigned char server_cert_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" ++ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" ++ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" ++ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" ++ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" ++ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" ++ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" ++ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" ++ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" ++ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" ++ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" ++ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" ++ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; ++ ++const gnutls_datum_t server_cert = { server_cert_pem, ++ sizeof(server_cert_pem) ++}; ++ ++static unsigned char server_key_pem[] = ++ "-----BEGIN RSA PRIVATE KEY-----\n" ++ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" ++ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" ++ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" ++ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" ++ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" ++ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" ++ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" ++ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" ++ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" ++ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" ++ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" ++ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" ++ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" ++ "-----END RSA PRIVATE KEY-----\n"; ++ ++const gnutls_datum_t server_key = { server_key_pem, ++ sizeof(server_key_pem) ++}; ++ ++ ++/* A very basic TLS client, with anonymous authentication. ++ */ ++ ++static void client(int fd, const char *prio) ++{ ++ int ret; ++ gnutls_anon_client_credentials_t anoncred; ++ gnutls_certificate_credentials_t x509_cred; ++ gnutls_session_t session; ++ /* Need to enable anonymous KX specifically. */ ++ ++ gnutls_global_init(); ++ ++ if (debug) { ++ gnutls_global_set_log_function(client_log_func); ++ gnutls_global_set_log_level(7); ++ } ++ ++ gnutls_anon_allocate_client_credentials(&anoncred); ++ gnutls_certificate_allocate_credentials(&x509_cred); ++ ++ /* Initialize TLS session ++ */ ++ gnutls_init(&session, GNUTLS_CLIENT); ++ ++ /* Use default priorities */ ++ gnutls_priority_set_direct(session, prio, NULL); ++ ++ /* put the anonymous credentials to the current session ++ */ ++ gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); ++ gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); ++ ++ gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) fd); ++ ++ /* Perform the TLS handshake ++ */ ++ do { ++ ret = gnutls_handshake(session); ++ } ++ while (ret < 0 && gnutls_error_is_fatal(ret) == 0); ++ ++ if (ret < 0) { ++ fprintf(stderr, "client: Handshake failed (expected)\n"); ++ gnutls_perror(ret); ++ exit(0); ++ } else { ++ if (debug) ++ fprintf(stderr, "client: Handshake was completed\n"); ++ } ++ ++ close(fd); ++ ++ gnutls_deinit(session); ++ ++ gnutls_anon_free_client_credentials(anoncred); ++ gnutls_certificate_free_credentials(x509_cred); ++ ++ gnutls_global_deinit(); ++} ++ ++ ++/* These are global */ ++pid_t child; ++ ++static void terminate(int ret) ++{ ++ kill(child, SIGTERM); ++ exit(ret); ++} ++ ++static void server(int fd, const char *prio) ++{ ++ int ret; ++ uint8_t id[255]; ++ uint8_t buffer[] = "\x16\x03\x00\x01\x25" ++ "\x02\x00\x01\x21" ++ "\x03\x00"/*Server Version */ ++ /*Random*/"\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00" ++ /*SessionID*/"\xfe"; ++ ++ ret = read(fd, id, sizeof(id)); ++ if (ret < 0) { ++ abort(); ++ } ++ ++ ret = write(fd, buffer, sizeof(buffer)); ++ if (ret < 0) { ++ return; ++ } ++ ++ memset(id, 0xff, sizeof(id)); ++ ret = write(fd, id, sizeof(id)); ++ if (ret < 0) { ++ return; ++ } ++ ++ memset(id, 0xff, sizeof(id)); ++ ret = write(fd, id, sizeof(id)); ++ if (ret < 0) { ++ return; ++ } ++ sleep(3); ++ ++ return; ++} ++ ++static void start(const char *prio) ++{ ++ int fd[2]; ++ int ret; ++ ++ ret = socketpair(AF_UNIX, SOCK_STREAM, 0, fd); ++ if (ret < 0) { ++ perror("socketpair"); ++ exit(1); ++ } ++ ++ child = fork(); ++ if (child < 0) { ++ perror("fork"); ++ exit(1); ++ } ++ ++ if (child) { ++ /* parent */ ++ close(fd[1]); ++ server(fd[0], prio); ++ kill(child, SIGTERM); ++ } else { ++ close(fd[0]); ++ client(fd[1], prio); ++ exit(0); ++ } ++} ++ ++static void ch_handler(int sig) ++{ ++ int status, ret = 0; ++ wait(&status); ++ if (WEXITSTATUS(status) != 0 || ++ (WIFSIGNALED(status) && WTERMSIG(status) == SIGSEGV)) { ++ if (WIFSIGNALED(status)) { ++ fprintf(stderr, "Child died with sigsegv\n"); ++ ret = 1; ++ } else { ++ fprintf(stderr, "Child died with status %d\n", ++ WEXITSTATUS(status)); ++ } ++ terminate(ret); ++ } ++ return; ++} ++ ++int main(int argc, char **argv) ++{ ++ signal(SIGCHLD, ch_handler); ++ ++ if (argc > 1) ++ debug = 1; ++ ++ start("NORMAL"); ++ return 0; ++} ++ ++#endif /* _WIN32 */ diff --git a/patches/source/gnutls/gnutls-2.8.6_CVE-2014-3467.diff b/patches/source/gnutls/gnutls-2.8.6_CVE-2014-3467.diff new file mode 100644 index 00000000..26427ef8 --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.6_CVE-2014-3467.diff @@ -0,0 +1,45 @@ +From b91a75fb2a91a1c7c1a068b25ee073f308f2c7ca Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@zoho.com> +Date: Mon, 2 Jun 2014 +Subject: CVE-2014-3467 + +This is a backport adaptation for use with GnuTLS 2.8.6. + +Relevant upstream commit(s): +------------------------- +http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=ff3b5c68cc32e3 +http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=51612fca32dda4 + +--- + lib/minitasn1/decoding.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +--- a/lib/minitasn1/decoding.c ++++ b/lib/minitasn1/decoding.c +@@ -135,7 +135,7 @@ asn1_get_tag_der (const unsigned char *d + /* Long form */ + punt = 1; + ris = 0; +- while (punt <= der_len && der[punt] & 128) ++ while (punt < der_len && der[punt] & 128) + { + int last = ris; + ris = ris * 128 + (der[punt++] & 0x7F); +@@ -245,7 +245,7 @@ _asn1_get_time_der (const unsigned char + if (der_len <= 0 || str == NULL) + return ASN1_DER_ERROR; + str_len = asn1_get_length_der (der, der_len, &len_len); +- if (str_len < 0 || str_size < str_len) ++ if (str_len <= 0 || str_size < str_len) + return ASN1_DER_ERROR; + memcpy (str, der + len_len, str_len); + str[str_len] = 0; +@@ -273,7 +273,7 @@ _asn1_get_objectid_der (const unsigned c + return ASN1_GENERIC_ERROR; + len = asn1_get_length_der (der, der_len, &len_len); + +- if (len < 0 || len > der_len || len_len > der_len) ++ if (len <= 0 || len > der_len || len_len > der_len) + return ASN1_DER_ERROR; + + val1 = der[len_len] / 40; diff --git a/patches/source/gnutls/gnutls-2.8.6_CVE-2014-3468.diff b/patches/source/gnutls/gnutls-2.8.6_CVE-2014-3468.diff new file mode 100644 index 00000000..72124727 --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.6_CVE-2014-3468.diff @@ -0,0 +1,45 @@ +From 38cb901f92d8977ca74f324cb04d53a4870458a6 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@zoho.com> +Date: Mon, 2 Jun 2014 +Subject: CVE-2014-3468 + +This is a backport adaptation for use with GnuTLS 2.8.6. + +Relevant upstream commit(s): +------------------------- +http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=1c3ccb3e040bf1 + +--- + lib/minitasn1/decoding.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +--- a/lib/minitasn1/decoding.c ++++ b/lib/minitasn1/decoding.c +@@ -210,7 +210,7 @@ asn1_get_octet_der (const unsigned char + int *ret_len, unsigned char *str, int str_size, + int *str_len) + { +- int len_len; ++ int len_len = 0; + + if (der_len <= 0) + return ASN1_GENERIC_ERROR; +@@ -335,7 +335,7 @@ asn1_get_bit_der (const unsigned char *d + int *ret_len, unsigned char *str, int str_size, + int *bit_len) + { +- int len_len, len_byte; ++ int len_len = 0, len_byte; + + if (der_len <= 0) + return ASN1_GENERIC_ERROR; +@@ -346,6 +346,9 @@ asn1_get_bit_der (const unsigned char *d + *ret_len = len_byte + len_len + 1; + *bit_len = len_byte * 8 - der[len_len]; + ++ if (*bit_len <= 0) ++ return ASN1_DER_ERROR; ++ + if (str_size >= len_byte) + memcpy (str, der + len_len + 1, len_byte); + else diff --git a/patches/source/gnutls/gnutls-2.8.6_CVE-2014-3469.diff b/patches/source/gnutls/gnutls-2.8.6_CVE-2014-3469.diff new file mode 100644 index 00000000..37b97c74 --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.6_CVE-2014-3469.diff @@ -0,0 +1,122 @@ +From b2477c9d1d2b550abade87651382880d370d2803 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@zoho.com> +Date: Mon, 2 Jun 2014 +Subject: CVE-2014-3469 + +This is a backport adaptation for use with GnuTLS 2.8.6. + +Relevant upstream commit(s): +------------------------- +http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=a8b3e14f84174e +http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=3d6a02f19ff15a +http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=53958290ab731c + +--- + lib/minitasn1/decoding.c | 11 ++++++++--- + lib/minitasn1/element.c | 27 ++++++++++++++++++--------- + 2 files changed, 26 insertions(+), 12 deletions(-) + +--- a/lib/minitasn1/decoding.c ++++ b/lib/minitasn1/decoding.c +@@ -215,7 +215,6 @@ asn1_get_octet_der (const unsigned char + if (der_len <= 0) + return ASN1_GENERIC_ERROR; + +- /* if(str==NULL) return ASN1_SUCCESS; */ + *str_len = asn1_get_length_der (der, der_len, &len_len); + + if (*str_len < 0) +@@ -223,7 +222,10 @@ asn1_get_octet_der (const unsigned char + + *ret_len = *str_len + len_len; + if (str_size >= *str_len) +- memcpy (str, der + len_len, *str_len); ++ { ++ if (*str_len > 0 && str != NULL) ++ memcpy (str, der + len_len, *str_len); ++ } + else + { + return ASN1_MEM_ERROR; +@@ -350,7 +352,10 @@ asn1_get_bit_der (const unsigned char *d + return ASN1_DER_ERROR; + + if (str_size >= len_byte) +- memcpy (str, der + len_len + 1, len_byte); ++ { ++ if (len_byte > 0 && str) ++ memcpy (str, der + len_len + 1, len_byte); ++ } + else + { + return ASN1_MEM_ERROR; +--- a/lib/minitasn1/element.c ++++ b/lib/minitasn1/element.c +@@ -113,8 +113,11 @@ _asn1_convert_integer (const unsigned ch + /* VALUE_OUT is too short to contain the value conversion */ + return ASN1_MEM_ERROR; + +- for (k2 = k; k2 < SIZEOF_UNSIGNED_LONG_INT; k2++) +- value_out[k2 - k] = val[k2]; ++ if (value_out != NULL) ++ { ++ for (k2 = k; k2 < SIZEOF_UNSIGNED_LONG_INT; k2++) ++ value_out[k2 - k] = val[k2]; ++ } + + #if 0 + printf ("_asn1_convert_integer: valueIn=%s, lenOut=%d", value, *len); +@@ -623,7 +626,8 @@ asn1_write_value (asn1_node node_root, c + if (ptr_size < data_size) { \ + return ASN1_MEM_ERROR; \ + } else { \ +- memcpy( ptr, data, data_size); \ ++ if (ptr && data_size > 0) \ ++ memcpy( ptr, data, data_size); \ + } + + #define PUT_STR_VALUE( ptr, ptr_size, data) \ +@@ -632,16 +626,19 @@ asn1_write_value (asn1_node node_root, c + return ASN1_MEM_ERROR; \ + } else { \ + /* this strcpy is checked */ \ +- strcpy(ptr, data); \ ++ if (ptr) { \ ++ strcpy(ptr, data); \ ++ } \ + } + + #define ADD_STR_VALUE( ptr, ptr_size, data) \ +- *len = (int) strlen(data) + 1; \ +- if (ptr_size < (int) strlen(ptr)+(*len)) { \ ++ *len += strlen(data); \ ++ if (ptr_size < (int) *len) { \ ++ (*len)++; \ + return ASN1_MEM_ERROR; \ + } else { \ + /* this strcat is checked */ \ +- strcat(ptr, data); \ ++ if (ptr) strcat (ptr, data); \ + } + + /** +@@ -803,7 +810,9 @@ asn1_read_value (asn1_node root, const c + case TYPE_OBJECT_ID: + if (node->type & CONST_ASSIGN) + { +- value[0] = 0; ++ *len = 0; ++ if (value) ++ value[0] = 0; + p = node->down; + while (p) + { +@@ -817,7 +826,7 @@ asn1_read_value (asn1_node root, const c + } + p = p->right; + } +- *len = strlen (value) + 1; ++ (*len)++; + } + else if ((node->type & CONST_DEFAULT) && (node->value == NULL)) + { diff --git a/patches/source/gnutls/gnutls-2.8.6_ipv6.diff b/patches/source/gnutls/gnutls-2.8.6_ipv6.diff new file mode 100644 index 00000000..ea32a20a --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.6_ipv6.diff @@ -0,0 +1,51 @@ +From 2040d99b1844c60375e76148ea306637efd53383 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Sun, 29 Sep 2013 +Subject: Fix binding of IPV6 address in gnutls-serv + +On Linux with /proc/sys/net/ipv6/bindv6only == 0 (which is now the +default), gnutls-serv cannot listen on ipv6. + +Fix adapted for use with GnuTLS 2.8.6. + +Relevant upstream commits: +-------------------------- +https://gitorious.org/gnutls/gnutls/commit/1c315602306afc +https://gitorious.org/gnutls/gnutls/commit/9c1536d514dd83 + +--- + serv.c | 16 ++++++++++++++++ + 1 file changed, 16 insertions(+) + +--- a/src/serv.c 2013-09-29 ++++ b/src/serv.c 2013-09-29 +@@ -677,6 +677,11 @@ listen_socket (const char *name, int lis + + for (ptr = res; ptr != NULL; ptr = ptr->ai_next) + { ++#ifndef HAVE_IPV6 ++ if (ptr->ai_family != AF_INET) ++ continue; ++#endif ++ + /* Print what we are doing. */ + { + char topbuf[512]; +@@ -694,6 +699,17 @@ listen_socket (const char *name, int lis + continue; + } + ++#if defined(HAVE_IPV6) && !defined(_WIN32) ++ if (ptr->ai_family == AF_INET6) ++ { ++ yes = 1; ++ /* avoid listen on ipv6 addresses failing ++ * because already listening on ipv4 addresses: */ ++ setsockopt (s, IPPROTO_IPV6, IPV6_V6ONLY, ++ (const void *) &yes, sizeof (yes)); ++ } ++#endif ++ + yes = 1; + if (setsockopt (s, SOL_SOCKET, SO_REUSEADDR, + (const void *) &yes, sizeof (yes)) < 0) diff --git a/patches/source/gnutls/gnutls-2.8.6_libgcrypt150-fix.diff b/patches/source/gnutls/gnutls-2.8.6_libgcrypt150-fix.diff new file mode 100644 index 00000000..29923091 --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.6_libgcrypt150-fix.diff @@ -0,0 +1,162 @@ +From 816ad8cf6e3707a4dc1f67a5aa06530c895273d5 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Sun, 29 Sep 2013 +Subject: Fix problem when using libgcrypt 1.5.0+ + +Fix GnuTLS to not rely on a bug present in libgcrypt before 1.5.0 +in gcry_sexp_nth_mpi(). + +Relevant discussion: +-------------------- +https://lists.gnu.org/archive/html/gnutls-devel/2011-07/msg00006.html + +--- + pk-libgcrypt.c | 32 ++++++++++++++++---------------- + 1 file changed, 16 insertions(+), 16 deletions(-) + +--- a/lib/pk-libgcrypt.c 2013-09-27 ++++ b/lib/pk-libgcrypt.c 2013-09-27 +@@ -112,7 +112,7 @@ _wrap_gcry_pk_encrypt (gnutls_pk_algorit + goto cleanup; + } + +- res = gcry_sexp_nth_mpi (list, 1, 0); ++ res = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + if (res == NULL) + { +@@ -202,7 +202,7 @@ _wrap_gcry_pk_decrypt (gnutls_pk_algorit + goto cleanup; + } + +- res = gcry_sexp_nth_mpi (s_plain, 0, 0); ++ res = gcry_sexp_nth_mpi (s_plain, 0, GCRYMPI_FMT_USG); + if (res == NULL) + { + gnutls_assert (); +@@ -327,7 +327,7 @@ _wrap_gcry_pk_sign (gnutls_pk_algorithm_ + goto cleanup; + } + +- res[0] = gcry_sexp_nth_mpi (list, 1, 0); ++ res[0] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (s_sig, "s", 0); +@@ -338,7 +338,7 @@ _wrap_gcry_pk_sign (gnutls_pk_algorithm_ + goto cleanup; + } + +- res[1] = gcry_sexp_nth_mpi (list, 1, 0); ++ res[1] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + ret = _gnutls_encode_ber_rs (signature, res[0], res[1]); +@@ -360,7 +360,7 @@ _wrap_gcry_pk_sign (gnutls_pk_algorithm_ + goto cleanup; + } + +- res[0] = gcry_sexp_nth_mpi (list, 1, 0); ++ res[0] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + ret = _gnutls_mpi_dprint (res[0], signature); +@@ -559,7 +559,7 @@ _dsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[0] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[0] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "q", 0); +@@ -570,7 +570,7 @@ _dsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[1] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[1] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "g", 0); +@@ -581,7 +581,7 @@ _dsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[2] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[2] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "y", 0); +@@ -592,7 +592,7 @@ _dsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[3] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[3] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + +@@ -604,7 +604,7 @@ _dsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[4] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[4] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + + gcry_sexp_release (list); + gcry_sexp_release (key); +@@ -653,7 +653,7 @@ _rsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[0] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[0] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "e", 0); +@@ -664,7 +664,7 @@ _rsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[1] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[1] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "d", 0); +@@ -675,7 +675,7 @@ _rsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[2] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[2] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "p", 0); +@@ -686,7 +686,7 @@ _rsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[3] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[3] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + +@@ -698,7 +698,7 @@ _rsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[4] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[4] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + +@@ -710,7 +710,7 @@ _rsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[5] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[5] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + + gcry_sexp_release (list); + gcry_sexp_release (key); diff --git a/patches/source/gnutls/gnutls.SlackBuild b/patches/source/gnutls/gnutls.SlackBuild new file mode 100755 index 00000000..50a32df8 --- /dev/null +++ b/patches/source/gnutls/gnutls.SlackBuild @@ -0,0 +1,145 @@ +#!/bin/sh + +# Copyright 2007 Robby Workman (http://rlworkman.net) +# Copyright 2007, 2008, 2009, 2010, 2014 Patrick Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=gnutls +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-4_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP + +rm -rf $PKGNAM-$VERSION +if [ -r $CWD/$PKGNAM-$VERSION.tar.gz ]; then + tar xf $CWD/$PKGNAM-$VERSION.tar.gz || exit 1 +elif [ -r $CWD/$PKGNAM-$VERSION.tar.bz2 ]; then + tar xf $CWD/$PKGNAM-$VERSION.tar.bz2 || exit 1 +elif [ -r $CWD/$PKGNAM-$VERSION.tar.xz ]; then + tar xf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +elif [ -r $CWD/$PKGNAM-$VERSION.tar.lzma ]; then + tar xf $CWD/$PKGNAM-$VERSION.tar.lzma || exit 1 +else + exit 1 +fi + + +cd $PKGNAM-$VERSION +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/gnutls-2.8.6_CVE-2009-3555.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.6_CVE-2011-4128.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.6_CVE-2012-1569.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.6_CVE-2012-1573.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.6_CVE-2013-1619_CVE-2013-2116.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.6_libgcrypt150-fix.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.6_ipv6.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.6_CVE-2014-0092.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.6_CVE-2014-3466.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.6_CVE-2014-3467.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.6_CVE-2014-3468.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.6_CVE-2014-3469.diff.gz | patch -p1 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --enable-static=no \ + --build=$ARCH-slackware-linux \ + --host=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +( cd $PKG/usr/man + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +) + +( cd $PKG/usr/info + rm -f dir + gzip -9 *.info* +) + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + ABOUT-NLS AUTHORS COPYING* INSTALL NEWS README* THANKS \ + $PKG/usr/doc/$PKGNAM-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n -p $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/gnutls/slack-desc b/patches/source/gnutls/slack-desc new file mode 100644 index 00000000..49fdb9f0 --- /dev/null +++ b/patches/source/gnutls/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +gnutls: gnutls (GNU TLS library) +gnutls: +gnutls: This is a TLS (Transport Layer Security) 1.0 and SSL (Secure Sockets +gnutls: Layer) 3.0 implementation. In brief, GnuTLS can be described as a +gnutls: library which offers an API to access secure communication protocols. +gnutls: These protocols provide privacy over insecure lines, and were designed +gnutls: to prevent eavesdropping, tampering, or message forgery. +gnutls: +gnutls: Homepage: http://www.gnu.org/software/gnutls/ +gnutls: +gnutls: diff --git a/patches/source/hplip/doinst.sh b/patches/source/hplip/doinst.sh new file mode 100644 index 00000000..8f9648e0 --- /dev/null +++ b/patches/source/hplip/doinst.sh @@ -0,0 +1,4 @@ +if [ -x /usr/bin/update-desktop-database ]; then + /usr/bin/update-desktop-database /usr/share/applications >/dev/null 2>&1 +fi + diff --git a/patches/source/hplip/hplip.CVE-2010-4267.diff b/patches/source/hplip/hplip.CVE-2010-4267.diff new file mode 100644 index 00000000..d7adcdba --- /dev/null +++ b/patches/source/hplip/hplip.CVE-2010-4267.diff @@ -0,0 +1,12 @@ +--- hplip-3.10.2.orig/io/hpmud/pml.c 2010-12-06 13:35:12.046894255 -0500 ++++ hplip-3.10.2.orig/io/hpmud/pml.c 2010-12-06 13:34:35.018894207 -0500 +@@ -504,6 +504,8 @@ enum HPMUD_RESULT hpmud_get_pml(HPMUD_DE + p += 2; /* eat type and length */ + } + ++ if (dLen > buf_size) ++ dLen = buf_size; + memcpy(buf, p, dLen); + *bytes_read = dLen; + *type = dt; + diff --git a/patches/source/hplip/hplip.CVE-2013-4325.diff b/patches/source/hplip/hplip.CVE-2013-4325.diff new file mode 100644 index 00000000..7f3bd820 --- /dev/null +++ b/patches/source/hplip/hplip.CVE-2013-4325.diff @@ -0,0 +1,38 @@ +From 6d7ddfd19733f2a8197c1e7ad8fdfef2b7e17c1a Mon Sep 17 00:00:00 2001 +From: Colin Walters <walters@verbum.org> +Date: Thu, 22 Aug 2013 17:37:31 -0400 +Subject: [PATCH] pkit: Pass system-bus-name as subject, not pid + +Previously, we were forcing polkit to scrape /proc/pid itself for the +uid, which is subject to a race condition if the caller execve()s a +setuid binary. Passing system-bus-name as a subject allows polkit to +use the valid information from the system bus. +--- + base/pkit.py | 9 ++------- + 1 files changed, 2 insertions(+), 7 deletions(-) + +diff --git a/base/pkit.py b/base/pkit.py +index 0acc124..08bebc8 100644 +--- a/base/pkit.py ++++ b/base/pkit.py +@@ -176,15 +176,10 @@ class PolicyKitService(dbus.service.Object): + "/org/freedesktop/PolicyKit1/Authority", + "org.freedesktop.PolicyKit1.Authority") + policy_kit = dbus.Interface(obj, "org.freedesktop.PolicyKit1.Authority") +- info = dbus.Interface(connection.get_object("org.freedesktop.DBus", +- "/org/freedesktop/DBus/Bus", +- False), +- "org.freedesktop.DBus") +- pid = info.GetConnectionUnixProcessID(sender) + + subject = ( +- 'unix-process', +- { 'pid' : dbus.UInt32(pid, variant_level = 1) } ++ 'system-bus-name', ++ { 'name' : dbus.String(sender, variant_level = 1) } + ) + details = { '' : '' } + flags = dbus.UInt32(1) # AllowUserInteraction = 0x00000001 +-- +1.7.1 + diff --git a/patches/source/hplip/hplip.SlackBuild b/patches/source/hplip/hplip.SlackBuild new file mode 100755 index 00000000..3c048629 --- /dev/null +++ b/patches/source/hplip/hplip.SlackBuild @@ -0,0 +1,125 @@ +#!/bin/sh + +# Slackware build script for hplip + +# Copyright 2006-2010 Robby Workman, Northport, Alabama, USA +# Copyright 2006-2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=hplip +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-4_slack13.1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1 +cd $PKGNAM-$VERSION || exit 1 + +zcat $CWD/hplip.CVE-2010-4267.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/hplip.CVE-2013-4325.diff.gz | patch -p1 -l --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Fix udev rules for current versions of udev +sed -i 's/SYSFS/ATTR/g' data/rules/*.rules +# Fix ownership in udev rules file +sed -i 's%OWNER="lp"%OWNER="root"%g' data/rules/*.rules + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-cupsbackenddir=/usr/lib${LIBDIRSUFFIX}/cups/backend \ + --with-cupsfilterdir=/usr/lib${LIBDIRSUFFIX}/cups/filter \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --docdir=/usr/doc/hplip-$VERSION \ + --with-docdir=/usr/doc/hplip-$VERSION \ + --with-hpppddir=/usr/share/cups/model/HP \ + --with-drvdir=/usr/share/cups/drv/hp \ + --enable-hpijs-install \ + --enable-shadow-build \ + --enable-scan-build \ + --enable-gui-build \ + --enable-fax-build \ + --enable-foomatic-rip-hplip-install \ + --disable-foomatic-ppd-install \ + --enable-foomatic-drv-install \ + --enable-network-build=yes \ + --enable-qt4 \ + --build=$ARCH-slackware-linux \ + --host=$ARCH-slackware-linux \ + || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG rulesdir=/lib/udev/rules.d || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# No thanks, we don't replace/add files which are part of other packages +rm -rf $PKG/etc/sane.d + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/hplip/slack-desc b/patches/source/hplip/slack-desc new file mode 100644 index 00000000..874e6ed6 --- /dev/null +++ b/patches/source/hplip/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler--------------------------------------------------------| +hplip: hplip (HP print/scan/fax support) +hplip: +hplip: HPLIP is an HP developed solution for printing, scanning, and faxing +hplip: with HP inkjet and laser based printers in Linux. The HPLIP project +hplip: provides printing support for more than 1400 HP printer models, +hplip: including Deskjet, Officejet, Photosmart, PSC (Print Scan Copy), +hplip: Business Inkjet, LaserJet, and LaserJet MFP. +hplip: +hplip: For more information, see: http://hplipopensource.com +hplip: +hplip: diff --git a/patches/source/httpd/README b/patches/source/httpd/README new file mode 100644 index 00000000..796bb29a --- /dev/null +++ b/patches/source/httpd/README @@ -0,0 +1,34 @@ +WARNING + +This script builds a package that conflicts with apache1. Before +attempting to install this package, you should uninstall any of +these packages that you find on your system: + +apache +mod_ssl +php + +Really though, the only points of overlap are in /usr/sbin, so if you +leave your old packages in place apache2 will still work, but the +apache1 httpd will have been overwritten (along with other files) + +Apache is the most popular web server in the known universe; over half +the servers on the Internet are running Apache or one of its variants. + +By default, we build apache2 with the traditional "apache prefork" multi +processing module (MPM). This is somewhat safer for the use of mod_php, +but can still carry some security risks (all your php scripts run as the +user configured to run apache2). + +For enhanced multi-threaded performance, use "apache worker", but using +mod_php with "worker" is considered dangerous. PHP Core is multi-thread +safe, but many PHP extensions are *NOT*. To build apache2 with the +worker MPM, change the option to: --with-mpm=worker + +Please note that this script does not build apache2 with SuEXEC support. +The Apache group feels SuEXEC should not be part of a default install. +If you need this functionality, please read the following documentation +and make the necessary changes to the ./configure options in the script. + + http://httpd.apache.org/docs/2.0/suexec.html + diff --git a/patches/source/httpd/apache-2.2.CVE-2017-9798.optionsbleed.patch b/patches/source/httpd/apache-2.2.CVE-2017-9798.optionsbleed.patch new file mode 100644 index 00000000..4c3ebaab --- /dev/null +++ b/patches/source/httpd/apache-2.2.CVE-2017-9798.optionsbleed.patch @@ -0,0 +1,21 @@ +CVE-2017-9798 + +Backport from https://svn.apache.org/viewvc?view=revision&revision=1807655 + +diff --git a/server/core.c b/server/core.c +index f61699e..d24542e 100644 +--- a/server/core.c ++++ b/server/core.c +@@ -1809,6 +1809,12 @@ AP_CORE_DECLARE_NONSTD(const char *) ap_limit_section(cmd_parms *cmd, + /* method has not been registered yet, but resorce restriction + * is always checked before method handling, so register it. + */ ++ if (cmd->pool == cmd->temp_pool) { ++ /* In .htaccess, we can't globally register new methods. */ ++ return apr_psprintf(cmd->pool, "Could not register method '%s' " ++ "for %s from .htaccess configuration", ++ method, cmd->cmd->name); ++ } + methnum = ap_method_register(cmd->pool, method); + } + diff --git a/patches/source/httpd/config.layout.diff b/patches/source/httpd/config.layout.diff new file mode 100644 index 00000000..c302515f --- /dev/null +++ b/patches/source/httpd/config.layout.diff @@ -0,0 +1,30 @@ +--- ./config.layout.orig 2004-11-21 12:50:36.000000000 -0600 ++++ ./config.layout 2007-05-23 13:35:20.000000000 -0500 +@@ -322,3 +322,27 @@ + installbuilddir: ${prefix}/etc/apache2/build + errordir: ${datadir}/error + </Layout> ++ ++# FHS layout ++<Layout Slackware-FHS> ++ prefix: /usr ++ exec_prefix: ${prefix} ++ bindir: ${prefix}/bin ++ sbindir: ${prefix}/sbin ++ libdir: ${prefix}/lib/httpd ++ libexecdir: ${prefix}/lib/httpd/modules ++ installbuilddir: ${prefix}/lib/httpd/build ++ mandir: ${prefix}/man ++ sysconfdir: /etc/httpd ++ datadir: /srv/httpd ++ iconsdir: ${datadir}/icons ++ htdocsdir: ${datadir}/htdocs ++ manualdir: ${htdocsdir}/manual ++ cgidir: ${datadir}/cgi-bin ++ errordir: ${datadir}/error ++ includedir: ${prefix}/include/httpd ++ localstatedir: /var ++ runtimedir: ${localstatedir}/run/httpd ++ logfiledir: ${localstatedir}/log/httpd ++ proxycachedir: ${localstatedir}/cache/httpd ++</Layout> diff --git a/patches/source/httpd/doinst.sh b/patches/source/httpd/doinst.sh new file mode 100644 index 00000000..e233c362 --- /dev/null +++ b/patches/source/httpd/doinst.sh @@ -0,0 +1,71 @@ +#!/bin/sh + +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +preserve_perms() { + NEW="$1" + OLD="$(dirname ${NEW})/$(basename ${NEW} .new)" + if [ -e ${OLD} ]; then + cp -a ${OLD} ${NEW}.incoming + cat ${NEW} > ${NEW}.incoming + mv ${NEW}.incoming ${NEW} + fi + # Don't use config() -- we always want to install this, changed or unchanged. + #config ${NEW} +} + +if [ ! -e var/log/httpd ]; then + mkdir -p var/log/httpd + chmod 755 var/log/httpd +fi + +# Don't wipe out an existing document root with symlinks. If someone has +# replaced the symlinks that are created on a fresh installation, assume +# that they know what they are doing and leave things as-is. +if [ ! -e srv/www ]; then + ( cd srv ; ln -sf /var/www www ) +fi +if [ ! -e srv/httpd ]; then + ( cd srv ; ln -sf /var/www httpd ) +fi + +# Once again, our intent is not to wipe out anyone's +# site, but building in Apache's docs tree is not as +# good an idea as picking a unique DocumentRoot. +# +# Still, we will do what we can here to mitigate +# possible site damage: +if [ -r var/www/htdocs/index.html ]; then + if [ ! -r "var/log/packages/httpd-*upgraded*" ]; then + if [ var/www/htdocs/index.html -nt var/log/packages/httpd-*-? ]; then + cp -a var/www/htdocs/index.html var/www/htdocs/index.html.bak.$$ + fi + fi +fi + +# Keep same perms when installing rc.httpd.new: +preserve_perms etc/rc.d/rc.httpd.new +# Always install the new rc.httpd: +mv etc/rc.d/rc.httpd.new etc/rc.d/rc.httpd + +# Handle config files. Unless this is a fresh installation, the +# admin will have to move the .new files into place to complete +# the package installation, as we don't want to clobber files that +# may contain local customizations. +config etc/httpd/httpd.conf.new +config etc/logrotate.d/httpd.new +for conf_file in etc/httpd/extra/*.new; do + config $conf_file +done +config var/www/htdocs/index.html.new + diff --git a/patches/source/httpd/httpd.SlackBuild b/patches/source/httpd/httpd.SlackBuild new file mode 100755 index 00000000..3480fcd8 --- /dev/null +++ b/patches/source/httpd/httpd.SlackBuild @@ -0,0 +1,227 @@ +#!/bin/sh + +# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2017 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# This script was written using the one from slackbuilds.org as a reference, +# so thanks to Adis Nezirovic ( adis _at_ linux.org.ba ) for the original work. + + +PKGNAM=httpd +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +cd $TMP +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.bz2 || exit 1 +cd ${PKGNAM}-$VERSION + +# Patch CVE-2017-9798 ("optionsbleed"): +zcat $CWD/apache-2.2.CVE-2017-9798.optionsbleed.patch.gz | patch -p1 --verbose || exit 1 + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# "prefork" is the default, safe, mpm type. If you *are not* using PHP, and you +# like to live on the bleeding edge, you may wish to change the --with-mpm option +# to "worker", which is the new way of doing things, but is multithreaded and +# many scripts (especially PHP ones) are not multithread safe. +# +# I'd leave this option the way is it on any production box that's keeping up +# with HTTP requests. No reason to chance it, IMHO. + +zcat $CWD/config.layout.diff.gz | sed -e "s#lib/httpd#lib${LIBDIRSUFFIX}/httpd#" | patch --verbose -p1 || exit 1 + +# Patch to fix aliasing issue exposed by gcc-4.5.1: +zcat $CWD/httpd.brigade_move.__noinline__.gcc451.diff.gz | patch --verbose -p1 || exit 1 + +# Configure: +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --enable-layout=Slackware-FHS \ + --with-mpm=prefork \ + --with-apr=/usr \ + --with-apr-util=/usr \ + --enable-mods-shared=all \ + --enable-so \ + --enable-pie \ + --enable-cgi \ + --with-pcre \ + --enable-ssl \ + --enable-rewrite \ + --enable-vhost-alias \ + --enable-proxy \ + --enable-proxy-http \ + --enable-proxy-ftp \ + --enable-proxy-balancer \ + --enable-cache \ + --enable-mem-cache \ + --enable-file-cache \ + --enable-disk-cache \ + --disable-speling \ + --enable-dav \ + --enable-ldap \ + --enable-authnz-ldap \ + --enable-authn-anon \ + --enable-authn-alias \ + --build=$ARCH-slackware-linux || exit 1 + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +rmdir $PKG/usr/bin + +# Tweak default apache configuration +( cd $PKG + zcat $CWD/httpd.nossldefault.diff.gz | sed -e "s#lib/httpd#lib${LIBDIRSUFFIX}/httpd#" | patch -p1 --verbose || exit 1 + zcat $CWD/httpd.runasapache.diff.gz | patch -p1 --verbose || exit 1 + rm -f $PKG/etc/httpd/httpd.conf~ $PKG/etc/httpd/httpd.conf.orig +) || exit 1 +# Change config files to .new: +( cd $PKG/etc/httpd + mv httpd.conf httpd.conf.new + for file in extra/*; do + mv $file "${file}.new" + done +) + +cat << EOF >> $PKG/etc/httpd/httpd.conf.new + +# Uncomment the following line to enable PHP: +# +#Include /etc/httpd/mod_php.conf + +# Uncomment the following lines to enable svn support: +# +#LoadModule dav_svn_module lib${LIBDIRSUFFIX}/httpd/modules/mod_dav_svn.so +#LoadModule authz_svn_module lib${LIBDIRSUFFIX}/httpd/modules/mod_authz_svn.so + +EOF + +rmdir $PKG/var/log/httpd + +mkdir -p $PKG/etc/rc.d +cat $CWD/rc.httpd > $PKG/etc/rc.d/rc.httpd.new + +mkdir -p $PKG/etc/logrotate.d +cat $CWD/logrotate.httpd > $PKG/etc/logrotate.d/httpd.new + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION/ +cp -a \ + ABOUT_APACHE Apache.dsw BuildBin.dsp CHANGES INSTALL InstallBin.dsp LAYOUT LICENSE NOTICE NWGNUmakefile README* ROADMAP VERSIONING \ + $PKG/usr/doc/$PKGNAM-$VERSION + +# Other distributions also strip the manual down to just English. +# If this isn't your language of choice, mea culpa. +( cd $PKG/srv/httpd/htdocs/manual + for file in $(find . -type f -name "*.html") ; do + if [ -f ${file}.en ]; then + cp ${file}.en ${file} + rm -f ${file}.* + fi + done +) + +# On Slackware, the traditional location for the Apache document root has always +# been "/var/www/htdocs/". We can avoid an unpleasant surprise for people by +# leaving things where they've always been, and comply with the FHS by providing +# symlinks allowing access through the FHS-approved pathnames. KDE, for example, +# will look for htdig's htsearch here: /var/www/cgi-bin/htsearch +mv $PKG/srv/httpd $PKG/var/www + +## DISABLED. Don't make these symlinks prior to packaging any more, as it is +## possibly dangerous to an existing document root created in the place where +## these symlinks are normally found. Instead, we make them in the install +## script (only if nothing exists there already) +#( cd $PKG/srv +# ln -sf /var/www . +# ln -sf /var/www httpd +#) + +# OK, it's just not generally good form to put your web site in /var/www/htdocs, +# but people do it every day. Like all new .new files, this won't save them this +# time, but if they don't learn their lesson now then it will the next time: +mv $PKG/var/www/htdocs/index.html $PKG/var/www/htdocs/index.html.new + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) +fi + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/httpd/httpd.brigade_move.__noinline__.gcc451.diff b/patches/source/httpd/httpd.brigade_move.__noinline__.gcc451.diff new file mode 100644 index 00000000..e8915ae4 --- /dev/null +++ b/patches/source/httpd/httpd.brigade_move.__noinline__.gcc451.diff @@ -0,0 +1,10 @@ +--- ./server/core_filters.c.orig 2010-02-26 03:32:15.000000000 -0600 ++++ ./server/core_filters.c 2011-02-12 13:23:22.000000000 -0600 +@@ -83,6 +83,7 @@ + * + * XXXX: Should this function be added to APR-Util? + */ ++__attribute__((__noinline__)) + static void brigade_move(apr_bucket_brigade *b, apr_bucket_brigade *a, + apr_bucket *e) + { diff --git a/patches/source/httpd/httpd.nossldefault.diff b/patches/source/httpd/httpd.nossldefault.diff new file mode 100644 index 00000000..bcf891f8 --- /dev/null +++ b/patches/source/httpd/httpd.nossldefault.diff @@ -0,0 +1,11 @@ +--- ./etc/httpd/httpd.conf.orig 2007-05-17 23:40:15.000000000 -0500 ++++ ./etc/httpd/httpd.conf 2007-05-18 15:55:38.000000000 -0500 +@@ -88,7 +88,7 @@ + LoadModule proxy_http_module lib/httpd/modules/mod_proxy_http.so + LoadModule proxy_ajp_module lib/httpd/modules/mod_proxy_ajp.so + LoadModule proxy_balancer_module lib/httpd/modules/mod_proxy_balancer.so +-LoadModule ssl_module lib/httpd/modules/mod_ssl.so ++#LoadModule ssl_module lib/httpd/modules/mod_ssl.so + LoadModule mime_module lib/httpd/modules/mod_mime.so + LoadModule dav_module lib/httpd/modules/mod_dav.so + LoadModule status_module lib/httpd/modules/mod_status.so diff --git a/patches/source/httpd/httpd.runasapache.diff b/patches/source/httpd/httpd.runasapache.diff new file mode 100644 index 00000000..c1954ec3 --- /dev/null +++ b/patches/source/httpd/httpd.runasapache.diff @@ -0,0 +1,13 @@ +--- ./etc/httpd/httpd.conf.orig 2008-02-14 15:24:21.000000000 -0600 ++++ ./etc/httpd/httpd.conf 2008-02-14 15:34:58.000000000 -0600 +@@ -125,8 +125,8 @@ + # It is usually good practice to create a dedicated user and group for + # running httpd, as with most system services. + # +-User daemon +-Group daemon ++User apache ++Group apache + + </IfModule> + </IfModule> diff --git a/patches/source/httpd/httpd.url b/patches/source/httpd/httpd.url new file mode 100644 index 00000000..36beb7d8 --- /dev/null +++ b/patches/source/httpd/httpd.url @@ -0,0 +1,2 @@ +http://www.apache.org/dist/httpd/httpd-2.2.32.tar.bz2 +http://www.apache.org/dist/httpd/httpd-2.2.32.tar.bz2.asc diff --git a/patches/source/httpd/logrotate.httpd b/patches/source/httpd/logrotate.httpd new file mode 100644 index 00000000..cc638367 --- /dev/null +++ b/patches/source/httpd/logrotate.httpd @@ -0,0 +1,12 @@ +/var/log/httpd/*_log { + rotate 10 + notifempty + missingok + size=5M + compress + delaycompress + sharedscripts + postrotate + /etc/rc.d/rc.httpd restart + endscript +} diff --git a/patches/source/httpd/rc.httpd b/patches/source/httpd/rc.httpd new file mode 100644 index 00000000..064f6ea4 --- /dev/null +++ b/patches/source/httpd/rc.httpd @@ -0,0 +1,35 @@ +#!/bin/sh +# +# /etc/rc.d/rc.httpd +# +# Start/stop/restart/graceful[ly restart]/graceful[ly]-stop +# the Apache (httpd) web server. +# +# To make Apache start automatically at boot, make this +# file executable: chmod 755 /etc/rc.d/rc.httpd +# +# For information on these options, "man apachectl". + +case "$1" in + 'start') + /usr/sbin/apachectl -k start + ;; + 'stop') + /usr/sbin/apachectl -k stop + killall httpd + rm -f /var/run/httpd/*.pid + ;; + 'restart') + /usr/sbin/apachectl -k restart + ;; + 'graceful') + /usr/sbin/apachectl -k graceful + ;; + 'graceful-stop') + /usr/sbin/apachectl -k graceful-stop + ;; + *) + echo "Usage: $0 {start|stop|restart|graceful|graceful-stop}" + ;; +esac + diff --git a/patches/source/httpd/slack-desc b/patches/source/httpd/slack-desc new file mode 100644 index 00000000..38d240b6 --- /dev/null +++ b/patches/source/httpd/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +httpd: httpd (The Apache HTTP Server) +httpd: +httpd: Apache is an HTTP server designed as a plug-in replacement for the +httpd: NCSA HTTP server. It fixes numerous bugs in the NCSA server and +httpd: includes many frequently requested new features, and has an API which +httpd: allows it to be extended to meet users' needs more easily. +httpd: +httpd: Apache is the most popular web server in the known universe; over +httpd: half of the servers on the Internet are running Apache or one of +httpd: its variants. +httpd: diff --git a/patches/source/imlib/imlib.SlackBuild b/patches/source/imlib/imlib.SlackBuild new file mode 100755 index 00000000..62142873 --- /dev/null +++ b/patches/source/imlib/imlib.SlackBuild @@ -0,0 +1,106 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=1.9.15 +NUMJOBS=${NUMJOBS:-" -j7 "} +BUILD=${BUILD:-7_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-imlib + +rm -rf $PKG +mkdir -p $TMP $PKG/usr + +cd $TMP +rm -rf imlib-$VERSION +tar xvf $CWD/imlib-$VERSION.tar.?z* || exit 1 +cd imlib-$VERSION +zcat $CWD/imlib.mitshm.render.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . -perm 666 -exec chmod 644 {} \; +find . -perm 664 -exec chmod 644 {} \; +find . -perm 600 -exec chmod 644 {} \; +find . -perm 444 -exec chmod 644 {} \; +find . -perm 400 -exec chmod 644 {} \; +find . -perm 440 -exec chmod 644 {} \; +find . -perm 777 -exec chmod 755 {} \; +find . -perm 775 -exec chmod 755 {} \; +find . -perm 511 -exec chmod 755 {} \; +find . -perm 711 -exec chmod 755 {} \; +find . -perm 555 -exec chmod 755 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --build=${ARCH}-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +gzip -9 $PKG/usr/man/man1/* + +mkdir -p $PKG/usr/doc/imlib-$VERSION +cp -a \ + ABOUT-NLS AUTHORS COPYING* ChangeLog INSTALL NEWS README \ + doc \ + $PKG/usr/doc/imlib-$VERSION +rm -f $PKG/usr/doc/imlib-$VERSION/doc/Makefile* + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/imlib-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/imlib/imlib.mitshm.render.diff b/patches/source/imlib/imlib.mitshm.render.diff new file mode 100644 index 00000000..f1c0ef11 --- /dev/null +++ b/patches/source/imlib/imlib.mitshm.render.diff @@ -0,0 +1,92 @@ +diff -up -ru imlib-1.9.15.orig/gdk_imlib/misc.c imlib-1.9.15/gdk_imlib/misc.c +--- imlib-1.9.15.orig/gdk_imlib/misc.c 2002-03-04 18:06:32.000000000 +0100 ++++ imlib-1.9.15/gdk_imlib/misc.c 2007-10-28 14:00:04.000000000 +0100 +@@ -674,6 +674,10 @@ gdk_imlib_init_params(GdkImlibInitParams + visual = gdk_rgb_get_visual(); + id->x.visual = GDK_VISUAL_XVISUAL(visual); /* the visual type */ + id->x.depth = visual->depth; /* the depth of the screen in bpp */ ++ ++ id->x.shm = 0; ++ id->x.shmp = 0; ++ id->max_shm = 0; + #ifdef HAVE_SHM + if (XShmQueryExtension(id->x.disp)) + { +@@ -689,17 +693,14 @@ gdk_imlib_init_params(GdkImlibInitParams + id->x.last_xim = NULL; + id->x.last_sxim = NULL; + id->max_shm = 0x7fffffff; +- if (XShmPixmapFormat(id->x.disp) == ZPixmap) ++ if ((XShmPixmapFormat(id->x.disp) == ZPixmap) && ++ (pm == True)) + id->x.shmp = 1; + } + } + } +- else + #endif +- { +- id->x.shm = 0; +- id->x.shmp = 0; +- } ++ + id->cache.on_image = 0; + id->cache.size_image = 0; + id->cache.num_image = 0; +@@ -935,8 +936,8 @@ gdk_imlib_init_params(GdkImlibInitParams + } + if (p->flags & PARAMS_SHAREDPIXMAPS) + { +- if (id->x.shm) +- id->x.shmp = p->sharedpixmaps; ++ if (!p->sharedpixmaps) ++ id->x.shmp = 0; + } + if (p->flags & PARAMS_PALETTEOVERRIDE) + override = p->paletteoverride; +diff -up -ru imlib-1.9.15.orig/Imlib/misc.c imlib-1.9.15/Imlib/misc.c +--- imlib-1.9.15.orig/Imlib/misc.c 2004-09-21 02:22:59.000000000 +0200 ++++ imlib-1.9.15/Imlib/misc.c 2007-10-28 14:00:23.000000000 +0100 +@@ -675,6 +675,10 @@ Imlib_init_with_params(Display * disp, I + id->x.root = DefaultRootWindow(disp); /* the root window id */ + id->x.visual = DefaultVisual(disp, id->x.screen); /* the visual type */ + id->x.depth = DefaultDepth(disp, id->x.screen); /* the depth of the screen in bpp */ ++ ++ id->x.shm = 0; ++ id->x.shmp = 0; ++ id->max_shm = 0; + #ifdef HAVE_SHM + if (XShmQueryExtension(id->x.disp)) + { +@@ -690,17 +694,14 @@ Imlib_init_with_params(Display * disp, I + id->x.last_xim = NULL; + id->x.last_sxim = NULL; + id->max_shm = 0x7fffffff; +- if (XShmPixmapFormat(id->x.disp) == ZPixmap) ++ if ((XShmPixmapFormat(id->x.disp) == ZPixmap && ++ (pm == True))) + id->x.shmp = 1; + } + } + } +- else + #endif +- { +- id->x.shm = 0; +- id->x.shmp = 0; +- } ++ + id->cache.on_image = 0; + id->cache.size_image = 0; + id->cache.num_image = 0; +@@ -952,8 +953,8 @@ Imlib_init_with_params(Display * disp, I + } + if (p->flags & PARAMS_SHAREDPIXMAPS) + { +- if (id->x.shm) +- id->x.shmp = p->sharedpixmaps; ++ if (!p->sharedpixmaps) ++ id->x.shmp = 0; + } + if (p->flags & PARAMS_PALETTEOVERRIDE) + override = p->paletteoverride; diff --git a/patches/source/imlib/slack-desc b/patches/source/imlib/slack-desc new file mode 100644 index 00000000..7f064551 --- /dev/null +++ b/patches/source/imlib/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +imlib: imlib (image loading and rendering library) +imlib: +imlib: Imlib is a display depth-independent image loading and rendering +imlib: library. Imlib is designed to simplify and speed up the process of +imlib: loading images and obtaining X Window System drawables. Imlib +imlib: provides many simple manipulation routines which can be used for +imlib: common operations. +imlib: +imlib: +imlib: +imlib: diff --git a/patches/source/inputproto/arch.use.flags b/patches/source/inputproto/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/inputproto/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/inputproto/build/inputproto b/patches/source/inputproto/build/inputproto new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/inputproto/build/inputproto @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/inputproto/configure/configure b/patches/source/inputproto/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/inputproto/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/inputproto/inputproto.SlackBuild b/patches/source/inputproto/inputproto.SlackBuild new file mode 100755 index 00000000..d5fe7aba --- /dev/null +++ b/patches/source/inputproto/inputproto.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild proto inputproto +mv /tmp/x11-build/inputproto*txz /tmp diff --git a/patches/source/inputproto/modularize b/patches/source/inputproto/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/inputproto/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/inputproto/noarch b/patches/source/inputproto/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/inputproto/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/inputproto/package-blacklist b/patches/source/inputproto/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/inputproto/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/inputproto/slack-desc/inputproto b/patches/source/inputproto/slack-desc/inputproto new file mode 100644 index 00000000..d5e58679 --- /dev/null +++ b/patches/source/inputproto/slack-desc/inputproto @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +inputproto: inputproto (C prototypes for X Input extension) +inputproto: +inputproto: inputproto is part of X11. +inputproto: +inputproto: For more information about the X.Org Foundation (the providers of the +inputproto: X.Org implementation of the X Window System), see their website: +inputproto: +inputproto: http://www.x.org +inputproto: +inputproto: +inputproto: diff --git a/patches/source/inputproto/x11.SlackBuild b/patches/source/inputproto/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/inputproto/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/irssi/doinst.sh b/patches/source/irssi/doinst.sh new file mode 100644 index 00000000..197eddce --- /dev/null +++ b/patches/source/irssi/doinst.sh @@ -0,0 +1,12 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/irssi.conf.new diff --git a/patches/source/irssi/irssi.SlackBuild b/patches/source/irssi/irssi.SlackBuild new file mode 100755 index 00000000..d20cef5a --- /dev/null +++ b/patches/source/irssi/irssi.SlackBuild @@ -0,0 +1,146 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2016, 2017 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-irssi + +VERSION=0.8.21 +DIRCD=0.8.21 +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf irssi-$VERSION +tar xvf $CWD/irssi-$VERSION.tar.xz || exit 1 +cd irssi-$DIRCD + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 -o -perm 2777 -o -perm 2775 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/patch-src_irc_dcc_dcc-get_c.diff.gz | patch -p0 --verbose || exit 1 +zcat $CWD/patch-src_irc_dcc_dcc-resume_c.diff.gz | patch -p0 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --sysconfdir=/etc \ + --docdir=/usr/doc/irssi-$VERSION \ + --enable-ipv6 \ + --with-textui \ + --with-proxy \ + --with-perl-lib=vendor \ + --build=$ARCH-slackware-linux + +make \ + docdir=/usr/doc/irssi-$VERSION \ + $NUMJOBS || make || exit 1 +make install \ + docdir=/usr/doc/irssi-$VERSION \ + DESTDIR=$PKG || exit 1 + +# This removes our DESTDIR from the packlist filenames, to keep perl's +# internal inventories consistent and correct. +find $PKG -name .packlist | while read plist ; do + sed -e "s%$PKG%%g" \ + -e "s%/share/man%/man%g" \ + -re "s%\.([1-9]n?|3pm)$%&.gz%g # extend man filenames for .gz" \ + ${plist} > ${plist}.new + mv -f ${plist}.new ${plist} +done + +mv $PKG/etc/irssi.conf $PKG/etc/irssi.conf.new + +find $PKG -name perllocal.pod | xargs rm -f +eval $(perl '-V:archlib') ; rmdir -p $PKG/$archlib + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +cp -a \ + AUTHORS COPYING INSTALL NEWS README TODO \ + $PKG/usr/doc/irssi-$VERSION +( cd $PKG/usr/doc/irssi-$VERSION ; ln -sf /usr/share/irssi/help . ) + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/irssi-$VERSION-$ARCH-$BUILD.txz diff --git a/patches/source/irssi/patch-src_irc_dcc_dcc-get_c.diff b/patches/source/irssi/patch-src_irc_dcc_dcc-get_c.diff new file mode 100644 index 00000000..88a06598 --- /dev/null +++ b/patches/source/irssi/patch-src_irc_dcc_dcc-get_c.diff @@ -0,0 +1,23 @@ +$OpenBSD$ +--- src/irc/dcc/dcc-get.c.orig Tue Jun 6 18:03:29 2017 ++++ src/irc/dcc/dcc-get.c Tue Jun 6 18:03:00 2017 +@@ -374,6 +374,8 @@ int get_file_params_count(char **params, int paramcoun + if (*params[0] == '"') { + /* quoted file name? */ + for (pos = 0; pos < paramcount-3; pos++) { ++ if (strlen(params[pos]) == 0) ++ continue; + if (params[pos][strlen(params[pos])-1] == '"' && + get_params_match(params, pos+1)) + return pos+1; +@@ -419,6 +421,10 @@ static void ctcp_msg_dcc_send(IRC_SERVER_REC *server, + uoff_t size; + int p_id = -1; + int passive = FALSE; ++ ++ if (addr == NULL) { ++ addr = ""; ++ } + + /* SEND <file name> <address> <port> <size> [...] */ + /* SEND <file name> <address> 0 <size> <id> (DCC SEND passive protocol) */ diff --git a/patches/source/irssi/patch-src_irc_dcc_dcc-resume_c.diff b/patches/source/irssi/patch-src_irc_dcc_dcc-resume_c.diff new file mode 100644 index 00000000..5b1994a6 --- /dev/null +++ b/patches/source/irssi/patch-src_irc_dcc_dcc-resume_c.diff @@ -0,0 +1,12 @@ +$OpenBSD$ +--- src/irc/dcc/dcc-resume.c.orig Tue Jun 6 18:03:50 2017 ++++ src/irc/dcc/dcc-resume.c Tue Jun 6 18:03:00 2017 +@@ -62,6 +62,8 @@ int get_file_params_count_resume(char **params, int pa + if (*params[0] == '"') { + /* quoted file name? */ + for (pos = 0; pos < paramcount-2; pos++) { ++ if (strlen(params[pos]) == 0) ++ continue; + if (params[pos][strlen(params[pos])-1] == '"' && + get_params_match_resume(params, pos+1)) + return pos+1; diff --git a/patches/source/irssi/slack-desc b/patches/source/irssi/slack-desc new file mode 100644 index 00000000..2a057892 --- /dev/null +++ b/patches/source/irssi/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +irssi: irssi (Internet Relay Chat client) +irssi: +irssi: Irssi is an Internet Relay Chat client. Designed to be both secure +irssi: and expandable, irssi is easily customized using modules and scripts. +irssi: +irssi: For more information, visit: http://irssi.org +irssi: +irssi: irssi was written by Timo Sirainen. +irssi: +irssi: +irssi: diff --git a/patches/source/jasper/jasper.SlackBuild b/patches/source/jasper/jasper.SlackBuild new file mode 100755 index 00000000..b48cc189 --- /dev/null +++ b/patches/source/jasper/jasper.SlackBuild @@ -0,0 +1,137 @@ +#!/bin/sh + +# Copyright 2007, 2008 Eric Hameleers, Eijdhoven, NL +# Copyright 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. + +# Permission to use, copy, modify, and distribute this software for +# any purpose with or without fee is hereby granted, provided that +# the above copyright notice and this permission notice appear in all +# copies. +# +# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. + + +PKGNAM=jasper +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-4_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +case "$ARCH" in + i486) SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" + ;; + s390) SLKCFLAGS="-O2" + LIBDIRSUFFIX="" + ;; + powerpc) SLKCFLAGS="-O2" + LIBDIRSUFFIX="" + ;; + x86_64) SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" + ;; + athlon-xp) SLKCFLAGS="-march=athlon-xp -O3 -pipe -fomit-frame-pointer" + LIBDIRSUFFIX="" + ;; + *) SLKCFLAGS="-O2" + LIBDIRSUFFIX="" + ;; +esac + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1 +cd $PKGNAM-$VERSION +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Taken from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469786 +zcat $CWD/patches/jpc_dec.c.patch.gz | patch -p1 --verbose || exit 1 + +# Taken from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413041;msg=88 +zcat $CWD/patches/patch-libjasper-stepsizes-overflow.diff.gz | patch -p1 --verbose || exit 1 + +# Apply security fixes - taken from fedora +zcat $CWD/patches/jasper-1.900.1-CVE-2008-3520.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-1.900.1-CVE-2008-3522.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-1.900.1-CVE-2011-4516-CVE-2011-4517-CERT-VU-887409.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-CVE-2014-8138.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-CVE-2014-8157.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-CVE-2014-8158.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-CVE-2014-8137.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-CVE-2014-9029.patch.gz | patch -p1 --verbose || exit 1 + +# Apply fixes for issues discovered by coverity - taken from fedora +zcat $CWD/patches/jasper-1.900.1-Coverity-BAD_SIZEOF.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-1.900.1-Coverity-CHECKED_RETURN.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-1.900.1-Coverity-FORWARD_NULL.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-1.900.1-Coverity-NULL_RETURNS.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-1.900.1-Coverity-RESOURCE_LEAKS.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-1.900.1-Coverity-UNREACHABLE.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-1.900.1-Coverity-UNUSED_VALUE.patch.gz | patch -p1 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS -fno-strict-overflow" \ +CXXFLAGS="$SLKCFLAGS -fno-strict-overflow" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --localstatedir=/var \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --enable-shared \ + --disable-static \ + --program-prefix= \ + --program-suffix= \ + --build=$ARCH-slackware-linux + +make || exit 1 +make DESTDIR=$PKG install + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + COPYRIGHT INSTALL LICENSE NEWS README \ + $PKG/usr/doc/$PKGNAM-$VERSION +find $PKG/usr/doc -type f -exec chmod 644 {} \; + +find $PKG/usr/man -type f -name "*.?" -exec gzip -9f {} \; +for i in $(find $PKG/usr/man -type l -name "*.?") ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-${VERSION}-${ARCH}-${BUILD}.txz + diff --git a/patches/source/jasper/patches/jasper-1.900.1-CVE-2008-3520.patch b/patches/source/jasper/patches/jasper-1.900.1-CVE-2008-3520.patch new file mode 100644 index 00000000..0f5e3b74 --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-CVE-2008-3520.patch @@ -0,0 +1,928 @@ +https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3520 + +OpenBSD jas_malloc hardening patches + +diff -pruN jasper-1.900.1.orig/src/libjasper/base/jas_cm.c jasper-1.900.1/src/libjasper/base/jas_cm.c +--- jasper-1.900.1.orig/src/libjasper/base/jas_cm.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_cm.c 2009-10-22 10:27:45.000000000 +0200 +@@ -704,8 +704,7 @@ static int jas_cmpxformseq_resize(jas_cm + { + jas_cmpxform_t **p; + assert(n >= pxformseq->numpxforms); +- p = (!pxformseq->pxforms) ? jas_malloc(n * sizeof(jas_cmpxform_t *)) : +- jas_realloc(pxformseq->pxforms, n * sizeof(jas_cmpxform_t *)); ++ p = jas_realloc2(pxformseq->pxforms, n, sizeof(jas_cmpxform_t *)); + if (!p) { + return -1; + } +@@ -889,13 +888,13 @@ static int jas_cmshapmatlut_set(jas_cmsh + jas_cmshapmatlut_cleanup(lut); + if (curv->numents == 0) { + lut->size = 2; +- if (!(lut->data = jas_malloc(lut->size * sizeof(jas_cmreal_t)))) ++ if (!(lut->data = jas_alloc2(lut->size, sizeof(jas_cmreal_t)))) + goto error; + lut->data[0] = 0.0; + lut->data[1] = 1.0; + } else if (curv->numents == 1) { + lut->size = 256; +- if (!(lut->data = jas_malloc(lut->size * sizeof(jas_cmreal_t)))) ++ if (!(lut->data = jas_alloc2(lut->size, sizeof(jas_cmreal_t)))) + goto error; + gamma = curv->ents[0] / 256.0; + for (i = 0; i < lut->size; ++i) { +@@ -903,7 +902,7 @@ static int jas_cmshapmatlut_set(jas_cmsh + } + } else { + lut->size = curv->numents; +- if (!(lut->data = jas_malloc(lut->size * sizeof(jas_cmreal_t)))) ++ if (!(lut->data = jas_alloc2(lut->size, sizeof(jas_cmreal_t)))) + goto error; + for (i = 0; i < lut->size; ++i) { + lut->data[i] = curv->ents[i] / 65535.0; +@@ -953,7 +952,7 @@ static int jas_cmshapmatlut_invert(jas_c + return -1; + } + } +- if (!(invlut->data = jas_malloc(n * sizeof(jas_cmreal_t)))) ++ if (!(invlut->data = jas_alloc2(n, sizeof(jas_cmreal_t)))) + return -1; + invlut->size = n; + for (i = 0; i < invlut->size; ++i) { +diff -pruN jasper-1.900.1.orig/src/libjasper/base/jas_icc.c jasper-1.900.1/src/libjasper/base/jas_icc.c +--- jasper-1.900.1.orig/src/libjasper/base/jas_icc.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_icc.c 2009-10-22 10:27:45.000000000 +0200 +@@ -373,7 +373,7 @@ int jas_iccprof_save(jas_iccprof_t *prof + jas_icctagtab_t *tagtab; + + tagtab = &prof->tagtab; +- if (!(tagtab->ents = jas_malloc(prof->attrtab->numattrs * ++ if (!(tagtab->ents = jas_alloc2(prof->attrtab->numattrs, + sizeof(jas_icctagtabent_t)))) + goto error; + tagtab->numents = prof->attrtab->numattrs; +@@ -522,7 +522,7 @@ static int jas_iccprof_gettagtab(jas_str + } + if (jas_iccgetuint32(in, &tagtab->numents)) + goto error; +- if (!(tagtab->ents = jas_malloc(tagtab->numents * ++ if (!(tagtab->ents = jas_alloc2(tagtab->numents, + sizeof(jas_icctagtabent_t)))) + goto error; + tagtabent = tagtab->ents; +@@ -743,8 +743,7 @@ static int jas_iccattrtab_resize(jas_icc + { + jas_iccattr_t *newattrs; + assert(maxents >= tab->numattrs); +- newattrs = tab->attrs ? jas_realloc(tab->attrs, maxents * +- sizeof(jas_iccattr_t)) : jas_malloc(maxents * sizeof(jas_iccattr_t)); ++ newattrs = jas_realloc2(tab->attrs, maxents, sizeof(jas_iccattr_t)); + if (!newattrs) + return -1; + tab->attrs = newattrs; +@@ -999,7 +998,7 @@ static int jas_icccurv_input(jas_iccattr + + if (jas_iccgetuint32(in, &curv->numents)) + goto error; +- if (!(curv->ents = jas_malloc(curv->numents * sizeof(jas_iccuint16_t)))) ++ if (!(curv->ents = jas_alloc2(curv->numents, sizeof(jas_iccuint16_t)))) + goto error; + for (i = 0; i < curv->numents; ++i) { + if (jas_iccgetuint16(in, &curv->ents[i])) +@@ -1100,7 +1099,7 @@ static int jas_icctxtdesc_input(jas_icca + if (jas_iccgetuint32(in, &txtdesc->uclangcode) || + jas_iccgetuint32(in, &txtdesc->uclen)) + goto error; +- if (!(txtdesc->ucdata = jas_malloc(txtdesc->uclen * 2))) ++ if (!(txtdesc->ucdata = jas_alloc2(txtdesc->uclen, 2))) + goto error; + if (jas_stream_read(in, txtdesc->ucdata, txtdesc->uclen * 2) != + JAS_CAST(int, txtdesc->uclen * 2)) +@@ -1292,17 +1291,17 @@ static int jas_icclut8_input(jas_iccattr + jas_iccgetuint16(in, &lut8->numouttabents)) + goto error; + clutsize = jas_iccpowi(lut8->clutlen, lut8->numinchans) * lut8->numoutchans; +- if (!(lut8->clut = jas_malloc(clutsize * sizeof(jas_iccuint8_t))) || +- !(lut8->intabsbuf = jas_malloc(lut8->numinchans * +- lut8->numintabents * sizeof(jas_iccuint8_t))) || +- !(lut8->intabs = jas_malloc(lut8->numinchans * ++ if (!(lut8->clut = jas_alloc2(clutsize, sizeof(jas_iccuint8_t))) || ++ !(lut8->intabsbuf = jas_alloc3(lut8->numinchans, ++ lut8->numintabents, sizeof(jas_iccuint8_t))) || ++ !(lut8->intabs = jas_alloc2(lut8->numinchans, + sizeof(jas_iccuint8_t *)))) + goto error; + for (i = 0; i < lut8->numinchans; ++i) + lut8->intabs[i] = &lut8->intabsbuf[i * lut8->numintabents]; +- if (!(lut8->outtabsbuf = jas_malloc(lut8->numoutchans * +- lut8->numouttabents * sizeof(jas_iccuint8_t))) || +- !(lut8->outtabs = jas_malloc(lut8->numoutchans * ++ if (!(lut8->outtabsbuf = jas_alloc3(lut8->numoutchans, ++ lut8->numouttabents, sizeof(jas_iccuint8_t))) || ++ !(lut8->outtabs = jas_alloc2(lut8->numoutchans, + sizeof(jas_iccuint8_t *)))) + goto error; + for (i = 0; i < lut8->numoutchans; ++i) +@@ -1461,17 +1460,17 @@ static int jas_icclut16_input(jas_iccatt + jas_iccgetuint16(in, &lut16->numouttabents)) + goto error; + clutsize = jas_iccpowi(lut16->clutlen, lut16->numinchans) * lut16->numoutchans; +- if (!(lut16->clut = jas_malloc(clutsize * sizeof(jas_iccuint16_t))) || +- !(lut16->intabsbuf = jas_malloc(lut16->numinchans * +- lut16->numintabents * sizeof(jas_iccuint16_t))) || +- !(lut16->intabs = jas_malloc(lut16->numinchans * ++ if (!(lut16->clut = jas_alloc2(clutsize, sizeof(jas_iccuint16_t))) || ++ !(lut16->intabsbuf = jas_alloc3(lut16->numinchans, ++ lut16->numintabents, sizeof(jas_iccuint16_t))) || ++ !(lut16->intabs = jas_alloc2(lut16->numinchans, + sizeof(jas_iccuint16_t *)))) + goto error; + for (i = 0; i < lut16->numinchans; ++i) + lut16->intabs[i] = &lut16->intabsbuf[i * lut16->numintabents]; +- if (!(lut16->outtabsbuf = jas_malloc(lut16->numoutchans * +- lut16->numouttabents * sizeof(jas_iccuint16_t))) || +- !(lut16->outtabs = jas_malloc(lut16->numoutchans * ++ if (!(lut16->outtabsbuf = jas_alloc3(lut16->numoutchans, ++ lut16->numouttabents, sizeof(jas_iccuint16_t))) || ++ !(lut16->outtabs = jas_alloc2(lut16->numoutchans, + sizeof(jas_iccuint16_t *)))) + goto error; + for (i = 0; i < lut16->numoutchans; ++i) +diff -pruN jasper-1.900.1.orig/src/libjasper/base/jas_image.c jasper-1.900.1/src/libjasper/base/jas_image.c +--- jasper-1.900.1.orig/src/libjasper/base/jas_image.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_image.c 2009-10-22 10:27:45.000000000 +0200 +@@ -142,7 +142,7 @@ jas_image_t *jas_image_create(int numcmp + image->inmem_ = true; + + /* Allocate memory for the per-component information. */ +- if (!(image->cmpts_ = jas_malloc(image->maxcmpts_ * ++ if (!(image->cmpts_ = jas_alloc2(image->maxcmpts_, + sizeof(jas_image_cmpt_t *)))) { + jas_image_destroy(image); + return 0; +@@ -774,8 +774,7 @@ static int jas_image_growcmpts(jas_image + jas_image_cmpt_t **newcmpts; + int cmptno; + +- newcmpts = (!image->cmpts_) ? jas_malloc(maxcmpts * sizeof(jas_image_cmpt_t *)) : +- jas_realloc(image->cmpts_, maxcmpts * sizeof(jas_image_cmpt_t *)); ++ newcmpts = jas_realloc2(image->cmpts_, maxcmpts, sizeof(jas_image_cmpt_t *)); + if (!newcmpts) { + return -1; + } +diff -pruN jasper-1.900.1.orig/src/libjasper/base/jas_malloc.c jasper-1.900.1/src/libjasper/base/jas_malloc.c +--- jasper-1.900.1.orig/src/libjasper/base/jas_malloc.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_malloc.c 2009-10-22 10:27:45.000000000 +0200 +@@ -76,6 +76,9 @@ + + /* We need the prototype for memset. */ + #include <string.h> ++#include <limits.h> ++#include <errno.h> ++#include <stdint.h> + + #include "jasper/jas_malloc.h" + +@@ -113,18 +116,50 @@ void jas_free(void *ptr) + + void *jas_realloc(void *ptr, size_t size) + { +- return realloc(ptr, size); ++ return ptr ? realloc(ptr, size) : malloc(size); + } + +-void *jas_calloc(size_t nmemb, size_t size) ++void *jas_realloc2(void *ptr, size_t nmemb, size_t size) ++{ ++ if (!ptr) ++ return jas_alloc2(nmemb, size); ++ if (nmemb && SIZE_MAX / nmemb < size) { ++ errno = ENOMEM; ++ return NULL; ++ } ++ return jas_realloc(ptr, nmemb * size); ++ ++} ++ ++void *jas_alloc2(size_t nmemb, size_t size) ++{ ++ if (nmemb && SIZE_MAX / nmemb < size) { ++ errno = ENOMEM; ++ return NULL; ++ } ++ ++ return jas_malloc(nmemb * size); ++} ++ ++void *jas_alloc3(size_t a, size_t b, size_t c) + { +- void *ptr; + size_t n; +- n = nmemb * size; +- if (!(ptr = jas_malloc(n * sizeof(char)))) { +- return 0; ++ ++ if (a && SIZE_MAX / a < b) { ++ errno = ENOMEM; ++ return NULL; + } +- memset(ptr, 0, n); ++ ++ return jas_alloc2(a*b, c); ++} ++ ++void *jas_calloc(size_t nmemb, size_t size) ++{ ++ void *ptr; ++ ++ ptr = jas_alloc2(nmemb, size); ++ if (ptr) ++ memset(ptr, 0, nmemb*size); + return ptr; + } + +diff -pruN jasper-1.900.1.orig/src/libjasper/base/jas_seq.c jasper-1.900.1/src/libjasper/base/jas_seq.c +--- jasper-1.900.1.orig/src/libjasper/base/jas_seq.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_seq.c 2009-10-22 10:27:45.000000000 +0200 +@@ -114,7 +114,7 @@ jas_matrix_t *jas_matrix_create(int numr + matrix->datasize_ = numrows * numcols; + + if (matrix->maxrows_ > 0) { +- if (!(matrix->rows_ = jas_malloc(matrix->maxrows_ * ++ if (!(matrix->rows_ = jas_alloc2(matrix->maxrows_, + sizeof(jas_seqent_t *)))) { + jas_matrix_destroy(matrix); + return 0; +@@ -122,7 +122,7 @@ jas_matrix_t *jas_matrix_create(int numr + } + + if (matrix->datasize_ > 0) { +- if (!(matrix->data_ = jas_malloc(matrix->datasize_ * ++ if (!(matrix->data_ = jas_alloc2(matrix->datasize_, + sizeof(jas_seqent_t)))) { + jas_matrix_destroy(matrix); + return 0; +@@ -220,7 +220,7 @@ void jas_matrix_bindsub(jas_matrix_t *ma + mat0->numrows_ = r1 - r0 + 1; + mat0->numcols_ = c1 - c0 + 1; + mat0->maxrows_ = mat0->numrows_; +- mat0->rows_ = jas_malloc(mat0->maxrows_ * sizeof(jas_seqent_t *)); ++ mat0->rows_ = jas_alloc2(mat0->maxrows_, sizeof(jas_seqent_t *)); + for (i = 0; i < mat0->numrows_; ++i) { + mat0->rows_[i] = mat1->rows_[r0 + i] + c0; + } +diff -pruN jasper-1.900.1.orig/src/libjasper/base/jas_stream.c jasper-1.900.1/src/libjasper/base/jas_stream.c +--- jasper-1.900.1.orig/src/libjasper/base/jas_stream.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_stream.c 2009-10-22 10:27:45.000000000 +0200 +@@ -212,7 +212,7 @@ jas_stream_t *jas_stream_memopen(char *b + if (buf) { + obj->buf_ = (unsigned char *) buf; + } else { +- obj->buf_ = jas_malloc(obj->bufsize_ * sizeof(char)); ++ obj->buf_ = jas_malloc(obj->bufsize_); + obj->myalloc_ = 1; + } + if (!obj->buf_) { +@@ -992,7 +992,7 @@ static int mem_resize(jas_stream_memobj_ + unsigned char *buf; + + assert(m->buf_); +- if (!(buf = jas_realloc(m->buf_, bufsize * sizeof(unsigned char)))) { ++ if (!(buf = jas_realloc(m->buf_, bufsize))) { + return -1; + } + m->buf_ = buf; +diff -pruN jasper-1.900.1.orig/src/libjasper/bmp/bmp_dec.c jasper-1.900.1/src/libjasper/bmp/bmp_dec.c +--- jasper-1.900.1.orig/src/libjasper/bmp/bmp_dec.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/bmp/bmp_dec.c 2009-10-22 10:27:45.000000000 +0200 +@@ -283,7 +283,7 @@ static bmp_info_t *bmp_getinfo(jas_strea + } + + if (info->numcolors > 0) { +- if (!(info->palents = jas_malloc(info->numcolors * ++ if (!(info->palents = jas_alloc2(info->numcolors, + sizeof(bmp_palent_t)))) { + bmp_info_destroy(info); + return 0; +diff -pruN jasper-1.900.1.orig/src/libjasper/include/jasper/jas_malloc.h jasper-1.900.1/src/libjasper/include/jasper/jas_malloc.h +--- jasper-1.900.1.orig/src/libjasper/include/jasper/jas_malloc.h 2007-01-19 22:43:04.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/include/jasper/jas_malloc.h 2009-10-22 10:27:45.000000000 +0200 +@@ -95,6 +95,9 @@ extern "C" { + #define jas_free MEMFREE + #define jas_realloc MEMREALLOC + #define jas_calloc MEMCALLOC ++#define jas_alloc2(a, b) MEMALLOC((a)*(b)) ++#define jas_alloc3(a, b, c) MEMALLOC((a)*(b)*(c)) ++#define jas_realloc2(p, a, b) MEMREALLOC((p), (a)*(b)) + #endif + + /******************************************************************************\ +@@ -115,6 +118,12 @@ void *jas_realloc(void *ptr, size_t size + /* Allocate a block of memory and initialize the contents to zero. */ + void *jas_calloc(size_t nmemb, size_t size); + ++/* size-checked double allocation .*/ ++void *jas_alloc2(size_t, size_t); ++ ++void *jas_alloc3(size_t, size_t, size_t); ++ ++void *jas_realloc2(void *, size_t, size_t); + #endif + + #ifdef __cplusplus +diff -pruN jasper-1.900.1.orig/src/libjasper/jp2/jp2_cod.c jasper-1.900.1/src/libjasper/jp2/jp2_cod.c +--- jasper-1.900.1.orig/src/libjasper/jp2/jp2_cod.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jp2/jp2_cod.c 2009-10-22 10:30:24.000000000 +0200 +@@ -247,7 +247,7 @@ jp2_box_t *jp2_box_get(jas_stream_t *in) + box = 0; + tmpstream = 0; + +- if (!(box = jas_malloc(sizeof(jp2_box_t)))) { ++ if (!(box = jas_calloc(1, sizeof(jp2_box_t)))) { + goto error; + } + box->ops = &jp2_boxinfo_unk.ops; +@@ -372,7 +372,7 @@ static int jp2_bpcc_getdata(jp2_box_t *b + jp2_bpcc_t *bpcc = &box->data.bpcc; + unsigned int i; + bpcc->numcmpts = box->datalen; +- if (!(bpcc->bpcs = jas_malloc(bpcc->numcmpts * sizeof(uint_fast8_t)))) { ++ if (!(bpcc->bpcs = jas_alloc2(bpcc->numcmpts, sizeof(uint_fast8_t)))) { + return -1; + } + for (i = 0; i < bpcc->numcmpts; ++i) { +@@ -416,7 +416,7 @@ static int jp2_colr_getdata(jp2_box_t *b + break; + case JP2_COLR_ICC: + colr->iccplen = box->datalen - 3; +- if (!(colr->iccp = jas_malloc(colr->iccplen * sizeof(uint_fast8_t)))) { ++ if (!(colr->iccp = jas_alloc2(colr->iccplen, sizeof(uint_fast8_t)))) { + return -1; + } + if (jas_stream_read(in, colr->iccp, colr->iccplen) != colr->iccplen) { +@@ -453,7 +453,7 @@ static int jp2_cdef_getdata(jp2_box_t *b + if (jp2_getuint16(in, &cdef->numchans)) { + return -1; + } +- if (!(cdef->ents = jas_malloc(cdef->numchans * sizeof(jp2_cdefchan_t)))) { ++ if (!(cdef->ents = jas_alloc2(cdef->numchans, sizeof(jp2_cdefchan_t)))) { + return -1; + } + for (channo = 0; channo < cdef->numchans; ++channo) { +@@ -766,7 +766,7 @@ static int jp2_cmap_getdata(jp2_box_t *b + unsigned int i; + + cmap->numchans = (box->datalen) / 4; +- if (!(cmap->ents = jas_malloc(cmap->numchans * sizeof(jp2_cmapent_t)))) { ++ if (!(cmap->ents = jas_alloc2(cmap->numchans, sizeof(jp2_cmapent_t)))) { + return -1; + } + for (i = 0; i < cmap->numchans; ++i) { +@@ -828,10 +828,10 @@ static int jp2_pclr_getdata(jp2_box_t *b + return -1; + } + lutsize = pclr->numlutents * pclr->numchans; +- if (!(pclr->lutdata = jas_malloc(lutsize * sizeof(int_fast32_t)))) { ++ if (!(pclr->lutdata = jas_alloc2(lutsize, sizeof(int_fast32_t)))) { + return -1; + } +- if (!(pclr->bpc = jas_malloc(pclr->numchans * sizeof(uint_fast8_t)))) { ++ if (!(pclr->bpc = jas_alloc2(pclr->numchans, sizeof(uint_fast8_t)))) { + return -1; + } + for (i = 0; i < pclr->numchans; ++i) { +diff -pruN jasper-1.900.1.orig/src/libjasper/jp2/jp2_dec.c jasper-1.900.1/src/libjasper/jp2/jp2_dec.c +--- jasper-1.900.1.orig/src/libjasper/jp2/jp2_dec.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jp2/jp2_dec.c 2009-10-22 10:27:45.000000000 +0200 +@@ -336,7 +336,7 @@ jas_image_t *jp2_decode(jas_stream_t *in + } + + /* Allocate space for the channel-number to component-number LUT. */ +- if (!(dec->chantocmptlut = jas_malloc(dec->numchans * sizeof(uint_fast16_t)))) { ++ if (!(dec->chantocmptlut = jas_alloc2(dec->numchans, sizeof(uint_fast16_t)))) { + jas_eprintf("error: no memory\n"); + goto error; + } +@@ -354,7 +354,7 @@ jas_image_t *jp2_decode(jas_stream_t *in + if (cmapent->map == JP2_CMAP_DIRECT) { + dec->chantocmptlut[channo] = channo; + } else if (cmapent->map == JP2_CMAP_PALETTE) { +- lutents = jas_malloc(pclrd->numlutents * sizeof(int_fast32_t)); ++ lutents = jas_alloc2(pclrd->numlutents, sizeof(int_fast32_t)); + for (i = 0; i < pclrd->numlutents; ++i) { + lutents[i] = pclrd->lutdata[cmapent->pcol + i * pclrd->numchans]; + } +diff -pruN jasper-1.900.1.orig/src/libjasper/jp2/jp2_enc.c jasper-1.900.1/src/libjasper/jp2/jp2_enc.c +--- jasper-1.900.1.orig/src/libjasper/jp2/jp2_enc.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jp2/jp2_enc.c 2009-10-22 10:27:45.000000000 +0200 +@@ -191,7 +191,7 @@ int sgnd; + } + bpcc = &box->data.bpcc; + bpcc->numcmpts = jas_image_numcmpts(image); +- if (!(bpcc->bpcs = jas_malloc(bpcc->numcmpts * ++ if (!(bpcc->bpcs = jas_alloc2(bpcc->numcmpts, + sizeof(uint_fast8_t)))) { + goto error; + } +@@ -285,7 +285,7 @@ int sgnd; + } + cdef = &box->data.cdef; + cdef->numchans = jas_image_numcmpts(image); +- cdef->ents = jas_malloc(cdef->numchans * sizeof(jp2_cdefchan_t)); ++ cdef->ents = jas_alloc2(cdef->numchans, sizeof(jp2_cdefchan_t)); + for (i = 0; i < jas_image_numcmpts(image); ++i) { + cdefchanent = &cdef->ents[i]; + cdefchanent->channo = i; +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_cs.c jasper-1.900.1/src/libjasper/jpc/jpc_cs.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_cs.c 2009-10-22 09:58:16.000000000 +0200 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_cs.c 2009-10-22 10:27:45.000000000 +0200 +@@ -502,7 +502,7 @@ static int jpc_siz_getparms(jpc_ms_t *ms + !siz->tileheight || !siz->numcomps) { + return -1; + } +- if (!(siz->comps = jas_malloc(siz->numcomps * sizeof(jpc_sizcomp_t)))) { ++ if (!(siz->comps = jas_alloc2(siz->numcomps, sizeof(jpc_sizcomp_t)))) { + return -1; + } + for (i = 0; i < siz->numcomps; ++i) { +@@ -986,7 +986,7 @@ static int jpc_qcx_getcompparms(jpc_qcxc + jpc_qcx_destroycompparms(compparms); + return -1; + } else if (compparms->numstepsizes > 0) { +- compparms->stepsizes = jas_malloc(compparms->numstepsizes * ++ compparms->stepsizes = jas_alloc2(compparms->numstepsizes, + sizeof(uint_fast16_t)); + assert(compparms->stepsizes); + for (i = 0; i < compparms->numstepsizes; ++i) { +@@ -1094,7 +1094,7 @@ static int jpc_ppm_getparms(jpc_ms_t *ms + + ppm->len = ms->len - 1; + if (ppm->len > 0) { +- if (!(ppm->data = jas_malloc(ppm->len * sizeof(unsigned char)))) { ++ if (!(ppm->data = jas_malloc(ppm->len))) { + goto error; + } + if (JAS_CAST(uint, jas_stream_read(in, ppm->data, ppm->len)) != ppm->len) { +@@ -1163,7 +1163,7 @@ static int jpc_ppt_getparms(jpc_ms_t *ms + } + ppt->len = ms->len - 1; + if (ppt->len > 0) { +- if (!(ppt->data = jas_malloc(ppt->len * sizeof(unsigned char)))) { ++ if (!(ppt->data = jas_malloc(ppt->len))) { + goto error; + } + if (jas_stream_read(in, (char *) ppt->data, ppt->len) != JAS_CAST(int, ppt->len)) { +@@ -1226,7 +1226,7 @@ static int jpc_poc_getparms(jpc_ms_t *ms + uint_fast8_t tmp; + poc->numpchgs = (cstate->numcomps > 256) ? (ms->len / 9) : + (ms->len / 7); +- if (!(poc->pchgs = jas_malloc(poc->numpchgs * sizeof(jpc_pocpchg_t)))) { ++ if (!(poc->pchgs = jas_alloc2(poc->numpchgs, sizeof(jpc_pocpchg_t)))) { + goto error; + } + for (pchgno = 0, pchg = poc->pchgs; pchgno < poc->numpchgs; ++pchgno, +@@ -1331,7 +1331,7 @@ static int jpc_crg_getparms(jpc_ms_t *ms + jpc_crgcomp_t *comp; + uint_fast16_t compno; + crg->numcomps = cstate->numcomps; +- if (!(crg->comps = jas_malloc(cstate->numcomps * sizeof(uint_fast16_t)))) { ++ if (!(crg->comps = jas_alloc2(cstate->numcomps, sizeof(uint_fast16_t)))) { + return -1; + } + for (compno = 0, comp = crg->comps; compno < cstate->numcomps; +@@ -1470,7 +1470,7 @@ static int jpc_unk_getparms(jpc_ms_t *ms + cstate = 0; + + if (ms->len > 0) { +- if (!(unk->data = jas_malloc(ms->len * sizeof(unsigned char)))) { ++ if (!(unk->data = jas_malloc(ms->len))) { + return -1; + } + if (jas_stream_read(in, (char *) unk->data, ms->len) != JAS_CAST(int, ms->len)) { +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_dec.c jasper-1.900.1/src/libjasper/jpc/jpc_dec.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_dec.c 2009-10-22 09:58:16.000000000 +0200 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_dec.c 2009-10-22 10:30:50.000000000 +0200 +@@ -449,7 +449,7 @@ static int jpc_dec_process_sot(jpc_dec_t + + if (dec->state == JPC_MH) { + +- compinfos = jas_malloc(dec->numcomps * sizeof(jas_image_cmptparm_t)); ++ compinfos = jas_alloc2(dec->numcomps, sizeof(jas_image_cmptparm_t)); + assert(compinfos); + for (cmptno = 0, cmpt = dec->cmpts, compinfo = compinfos; + cmptno < dec->numcomps; ++cmptno, ++cmpt, ++compinfo) { +@@ -692,7 +692,7 @@ static int jpc_dec_tileinit(jpc_dec_t *d + tile->realmode = 1; + } + tcomp->numrlvls = ccp->numrlvls; +- if (!(tcomp->rlvls = jas_malloc(tcomp->numrlvls * ++ if (!(tcomp->rlvls = jas_alloc2(tcomp->numrlvls, + sizeof(jpc_dec_rlvl_t)))) { + return -1; + } +@@ -764,7 +764,7 @@ rlvl->bands = 0; + rlvl->cbgheightexpn); + + rlvl->numbands = (!rlvlno) ? 1 : 3; +- if (!(rlvl->bands = jas_malloc(rlvl->numbands * ++ if (!(rlvl->bands = jas_alloc2(rlvl->numbands, + sizeof(jpc_dec_band_t)))) { + return -1; + } +@@ -797,7 +797,7 @@ rlvl->bands = 0; + + assert(rlvl->numprcs); + +- if (!(band->prcs = jas_malloc(rlvl->numprcs * sizeof(jpc_dec_prc_t)))) { ++ if (!(band->prcs = jas_alloc2(rlvl->numprcs, sizeof(jpc_dec_prc_t)))) { + return -1; + } + +@@ -834,7 +834,7 @@ rlvl->bands = 0; + if (!(prc->numimsbstagtree = jpc_tagtree_create(prc->numhcblks, prc->numvcblks))) { + return -1; + } +- if (!(prc->cblks = jas_malloc(prc->numcblks * sizeof(jpc_dec_cblk_t)))) { ++ if (!(prc->cblks = jas_alloc2(prc->numcblks, sizeof(jpc_dec_cblk_t)))) { + return -1; + } + +@@ -1181,7 +1181,7 @@ static int jpc_dec_process_siz(jpc_dec_t + return -1; + } + +- if (!(dec->cmpts = jas_malloc(dec->numcomps * sizeof(jpc_dec_cmpt_t)))) { ++ if (!(dec->cmpts = jas_alloc2(dec->numcomps, sizeof(jpc_dec_cmpt_t)))) { + return -1; + } + +@@ -1204,7 +1204,7 @@ static int jpc_dec_process_siz(jpc_dec_t + dec->numhtiles = JPC_CEILDIV(dec->xend - dec->tilexoff, dec->tilewidth); + dec->numvtiles = JPC_CEILDIV(dec->yend - dec->tileyoff, dec->tileheight); + dec->numtiles = dec->numhtiles * dec->numvtiles; +- if (!(dec->tiles = jas_malloc(dec->numtiles * sizeof(jpc_dec_tile_t)))) { ++ if (!(dec->tiles = jas_calloc(dec->numtiles, sizeof(jpc_dec_tile_t)))) { + return -1; + } + +@@ -1228,7 +1228,7 @@ static int jpc_dec_process_siz(jpc_dec_t + tile->pkthdrstreampos = 0; + tile->pptstab = 0; + tile->cp = 0; +- if (!(tile->tcomps = jas_malloc(dec->numcomps * ++ if (!(tile->tcomps = jas_calloc(dec->numcomps, + sizeof(jpc_dec_tcomp_t)))) { + return -1; + } +@@ -1489,7 +1489,7 @@ static jpc_dec_cp_t *jpc_dec_cp_create(u + cp->numlyrs = 0; + cp->mctid = 0; + cp->csty = 0; +- if (!(cp->ccps = jas_malloc(cp->numcomps * sizeof(jpc_dec_ccp_t)))) { ++ if (!(cp->ccps = jas_alloc2(cp->numcomps, sizeof(jpc_dec_ccp_t)))) { + return 0; + } + if (!(cp->pchglist = jpc_pchglist_create())) { +@@ -2048,7 +2048,7 @@ jpc_streamlist_t *jpc_streamlist_create( + } + streamlist->numstreams = 0; + streamlist->maxstreams = 100; +- if (!(streamlist->streams = jas_malloc(streamlist->maxstreams * ++ if (!(streamlist->streams = jas_alloc2(streamlist->maxstreams, + sizeof(jas_stream_t *)))) { + jas_free(streamlist); + return 0; +@@ -2068,8 +2068,8 @@ int jpc_streamlist_insert(jpc_streamlist + /* Grow the array of streams if necessary. */ + if (streamlist->numstreams >= streamlist->maxstreams) { + newmaxstreams = streamlist->maxstreams + 1024; +- if (!(newstreams = jas_realloc(streamlist->streams, +- (newmaxstreams + 1024) * sizeof(jas_stream_t *)))) { ++ if (!(newstreams = jas_realloc2(streamlist->streams, ++ (newmaxstreams + 1024), sizeof(jas_stream_t *)))) { + return -1; + } + for (i = streamlist->numstreams; i < streamlist->maxstreams; ++i) { +@@ -2155,8 +2155,7 @@ int jpc_ppxstab_grow(jpc_ppxstab_t *tab, + { + jpc_ppxstabent_t **newents; + if (tab->maxents < maxents) { +- newents = (tab->ents) ? jas_realloc(tab->ents, maxents * +- sizeof(jpc_ppxstabent_t *)) : jas_malloc(maxents * sizeof(jpc_ppxstabent_t *)); ++ newents = jas_realloc2(tab->ents, maxents, sizeof(jpc_ppxstabent_t *)); + if (!newents) { + return -1; + } +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_enc.c jasper-1.900.1/src/libjasper/jpc/jpc_enc.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_enc.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_enc.c 2009-10-22 10:27:45.000000000 +0200 +@@ -403,7 +403,7 @@ static jpc_enc_cp_t *cp_create(char *opt + vsteplcm *= jas_image_cmptvstep(image, cmptno); + } + +- if (!(cp->ccps = jas_malloc(cp->numcmpts * sizeof(jpc_enc_ccp_t)))) { ++ if (!(cp->ccps = jas_alloc2(cp->numcmpts, sizeof(jpc_enc_ccp_t)))) { + goto error; + } + for (cmptno = 0, ccp = cp->ccps; cmptno < JAS_CAST(int, cp->numcmpts); ++cmptno, +@@ -656,7 +656,7 @@ static jpc_enc_cp_t *cp_create(char *opt + + if (ilyrrates && numilyrrates > 0) { + tcp->numlyrs = numilyrrates + 1; +- if (!(tcp->ilyrrates = jas_malloc((tcp->numlyrs - 1) * ++ if (!(tcp->ilyrrates = jas_alloc2((tcp->numlyrs - 1), + sizeof(jpc_fix_t)))) { + goto error; + } +@@ -940,7 +940,7 @@ startoff = jas_stream_getrwcount(enc->ou + siz->tilewidth = cp->tilewidth; + siz->tileheight = cp->tileheight; + siz->numcomps = cp->numcmpts; +- siz->comps = jas_malloc(siz->numcomps * sizeof(jpc_sizcomp_t)); ++ siz->comps = jas_alloc2(siz->numcomps, sizeof(jpc_sizcomp_t)); + assert(siz->comps); + for (i = 0; i < JAS_CAST(int, cp->numcmpts); ++i) { + siz->comps[i].prec = cp->ccps[i].prec; +@@ -977,7 +977,7 @@ startoff = jas_stream_getrwcount(enc->ou + return -1; + } + crg = &enc->mrk->parms.crg; +- crg->comps = jas_malloc(crg->numcomps * sizeof(jpc_crgcomp_t)); ++ crg->comps = jas_alloc2(crg->numcomps, sizeof(jpc_crgcomp_t)); + if (jpc_putms(enc->out, enc->cstate, enc->mrk)) { + jas_eprintf("cannot write CRG marker\n"); + return -1; +@@ -1955,7 +1955,7 @@ jpc_enc_tile_t *jpc_enc_tile_create(jpc_ + tile->mctid = cp->tcp.mctid; + + tile->numlyrs = cp->tcp.numlyrs; +- if (!(tile->lyrsizes = jas_malloc(tile->numlyrs * ++ if (!(tile->lyrsizes = jas_alloc2(tile->numlyrs, + sizeof(uint_fast32_t)))) { + goto error; + } +@@ -1964,7 +1964,7 @@ jpc_enc_tile_t *jpc_enc_tile_create(jpc_ + } + + /* Allocate an array for the per-tile-component information. */ +- if (!(tile->tcmpts = jas_malloc(cp->numcmpts * sizeof(jpc_enc_tcmpt_t)))) { ++ if (!(tile->tcmpts = jas_alloc2(cp->numcmpts, sizeof(jpc_enc_tcmpt_t)))) { + goto error; + } + /* Initialize a few members critical for error recovery. */ +@@ -2110,7 +2110,7 @@ static jpc_enc_tcmpt_t *tcmpt_create(jpc + jas_seq2d_ystart(tcmpt->data), jas_seq2d_xend(tcmpt->data), + jas_seq2d_yend(tcmpt->data), bandinfos); + +- if (!(tcmpt->rlvls = jas_malloc(tcmpt->numrlvls * sizeof(jpc_enc_rlvl_t)))) { ++ if (!(tcmpt->rlvls = jas_alloc2(tcmpt->numrlvls, sizeof(jpc_enc_rlvl_t)))) { + goto error; + } + for (rlvlno = 0, rlvl = tcmpt->rlvls; rlvlno < tcmpt->numrlvls; +@@ -2213,7 +2213,7 @@ static jpc_enc_rlvl_t *rlvl_create(jpc_e + rlvl->numvprcs = JPC_FLOORDIVPOW2(brprcbry - tlprctly, rlvl->prcheightexpn); + rlvl->numprcs = rlvl->numhprcs * rlvl->numvprcs; + +- if (!(rlvl->bands = jas_malloc(rlvl->numbands * sizeof(jpc_enc_band_t)))) { ++ if (!(rlvl->bands = jas_alloc2(rlvl->numbands, sizeof(jpc_enc_band_t)))) { + goto error; + } + for (bandno = 0, band = rlvl->bands; bandno < rlvl->numbands; +@@ -2290,7 +2290,7 @@ if (bandinfo->xstart != bandinfo->xend & + band->synweight = bandinfo->synenergywt; + + if (band->data) { +- if (!(band->prcs = jas_malloc(rlvl->numprcs * sizeof(jpc_enc_prc_t)))) { ++ if (!(band->prcs = jas_alloc2(rlvl->numprcs, sizeof(jpc_enc_prc_t)))) { + goto error; + } + for (prcno = 0, prc = band->prcs; prcno < rlvl->numprcs; ++prcno, +@@ -2422,7 +2422,7 @@ if (!rlvlno) { + goto error; + } + +- if (!(prc->cblks = jas_malloc(prc->numcblks * sizeof(jpc_enc_cblk_t)))) { ++ if (!(prc->cblks = jas_alloc2(prc->numcblks, sizeof(jpc_enc_cblk_t)))) { + goto error; + } + for (cblkno = 0, cblk = prc->cblks; cblkno < prc->numcblks; +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_mqdec.c jasper-1.900.1/src/libjasper/jpc/jpc_mqdec.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_mqdec.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_mqdec.c 2009-10-22 10:27:45.000000000 +0200 +@@ -118,7 +118,7 @@ jpc_mqdec_t *jpc_mqdec_create(int maxctx + mqdec->in = in; + mqdec->maxctxs = maxctxs; + /* Allocate memory for the per-context state information. */ +- if (!(mqdec->ctxs = jas_malloc(mqdec->maxctxs * sizeof(jpc_mqstate_t *)))) { ++ if (!(mqdec->ctxs = jas_alloc2(mqdec->maxctxs, sizeof(jpc_mqstate_t *)))) { + goto error; + } + /* Set the current context to the first context. */ +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_mqenc.c jasper-1.900.1/src/libjasper/jpc/jpc_mqenc.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_mqenc.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_mqenc.c 2009-10-22 10:27:45.000000000 +0200 +@@ -197,7 +197,7 @@ jpc_mqenc_t *jpc_mqenc_create(int maxctx + mqenc->maxctxs = maxctxs; + + /* Allocate memory for the per-context state information. */ +- if (!(mqenc->ctxs = jas_malloc(mqenc->maxctxs * sizeof(jpc_mqstate_t *)))) { ++ if (!(mqenc->ctxs = jas_alloc2(mqenc->maxctxs, sizeof(jpc_mqstate_t *)))) { + goto error; + } + +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_qmfb.c jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_qmfb.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c 2009-10-22 10:27:45.000000000 +0200 +@@ -321,7 +321,7 @@ void jpc_qmfb_split_row(jpc_fix_t *a, in + #if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { +- if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) { ++ if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { + /* We have no choice but to commit suicide in this case. */ + abort(); + } +@@ -389,7 +389,7 @@ void jpc_qmfb_split_col(jpc_fix_t *a, in + #if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { +- if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) { ++ if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { + /* We have no choice but to commit suicide in this case. */ + abort(); + } +@@ -460,7 +460,7 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a, + #if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { +- if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) { ++ if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { + /* We have no choice but to commit suicide in this case. */ + abort(); + } +@@ -549,7 +549,7 @@ void jpc_qmfb_split_colres(jpc_fix_t *a, + #if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { +- if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) { ++ if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { + /* We have no choice but to commit suicide in this case. */ + abort(); + } +@@ -633,7 +633,7 @@ void jpc_qmfb_join_row(jpc_fix_t *a, int + #if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { +- if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) { ++ if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { + /* We have no choice but to commit suicide. */ + abort(); + } +@@ -698,7 +698,7 @@ void jpc_qmfb_join_col(jpc_fix_t *a, int + #if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { +- if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) { ++ if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { + /* We have no choice but to commit suicide. */ + abort(); + } +@@ -766,7 +766,7 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a, + #if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { +- if (!(buf = jas_malloc(bufsize * JPC_QMFB_COLGRPSIZE * sizeof(jpc_fix_t)))) { ++ if (!(buf = jas_alloc2(bufsize, JPC_QMFB_COLGRPSIZE * sizeof(jpc_fix_t)))) { + /* We have no choice but to commit suicide. */ + abort(); + } +@@ -852,7 +852,7 @@ void jpc_qmfb_join_colres(jpc_fix_t *a, + #if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { +- if (!(buf = jas_malloc(bufsize * numcols * sizeof(jpc_fix_t)))) { ++ if (!(buf = jas_alloc3(bufsize, numcols, sizeof(jpc_fix_t)))) { + /* We have no choice but to commit suicide. */ + abort(); + } +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_t1enc.c jasper-1.900.1/src/libjasper/jpc/jpc_t1enc.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_t1enc.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_t1enc.c 2009-10-22 10:27:45.000000000 +0200 +@@ -219,7 +219,7 @@ int jpc_enc_enccblk(jpc_enc_t *enc, jas_ + + cblk->numpasses = (cblk->numbps > 0) ? (3 * cblk->numbps - 2) : 0; + if (cblk->numpasses > 0) { +- cblk->passes = jas_malloc(cblk->numpasses * sizeof(jpc_enc_pass_t)); ++ cblk->passes = jas_alloc2(cblk->numpasses, sizeof(jpc_enc_pass_t)); + assert(cblk->passes); + } else { + cblk->passes = 0; +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_t2cod.c jasper-1.900.1/src/libjasper/jpc/jpc_t2cod.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_t2cod.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_t2cod.c 2009-10-22 10:27:45.000000000 +0200 +@@ -573,7 +573,7 @@ int jpc_pchglist_insert(jpc_pchglist_t * + } + if (pchglist->numpchgs >= pchglist->maxpchgs) { + newmaxpchgs = pchglist->maxpchgs + 128; +- if (!(newpchgs = jas_realloc(pchglist->pchgs, newmaxpchgs * sizeof(jpc_pchg_t *)))) { ++ if (!(newpchgs = jas_realloc2(pchglist->pchgs, newmaxpchgs, sizeof(jpc_pchg_t *)))) { + return -1; + } + pchglist->maxpchgs = newmaxpchgs; +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_t2dec.c jasper-1.900.1/src/libjasper/jpc/jpc_t2dec.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_t2dec.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_t2dec.c 2009-10-22 10:27:45.000000000 +0200 +@@ -478,7 +478,7 @@ jpc_pi_t *jpc_dec_pi_create(jpc_dec_t *d + return 0; + } + pi->numcomps = dec->numcomps; +- if (!(pi->picomps = jas_malloc(pi->numcomps * sizeof(jpc_picomp_t)))) { ++ if (!(pi->picomps = jas_alloc2(pi->numcomps, sizeof(jpc_picomp_t)))) { + jpc_pi_destroy(pi); + return 0; + } +@@ -490,7 +490,7 @@ jpc_pi_t *jpc_dec_pi_create(jpc_dec_t *d + for (compno = 0, tcomp = tile->tcomps, picomp = pi->picomps; + compno < pi->numcomps; ++compno, ++tcomp, ++picomp) { + picomp->numrlvls = tcomp->numrlvls; +- if (!(picomp->pirlvls = jas_malloc(picomp->numrlvls * ++ if (!(picomp->pirlvls = jas_alloc2(picomp->numrlvls, + sizeof(jpc_pirlvl_t)))) { + jpc_pi_destroy(pi); + return 0; +@@ -503,7 +503,7 @@ jpc_pi_t *jpc_dec_pi_create(jpc_dec_t *d + rlvlno < picomp->numrlvls; ++rlvlno, ++pirlvl, ++rlvl) { + /* XXX sizeof(long) should be sizeof different type */ + pirlvl->numprcs = rlvl->numprcs; +- if (!(pirlvl->prclyrnos = jas_malloc(pirlvl->numprcs * ++ if (!(pirlvl->prclyrnos = jas_alloc2(pirlvl->numprcs, + sizeof(long)))) { + jpc_pi_destroy(pi); + return 0; +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_t2enc.c jasper-1.900.1/src/libjasper/jpc/jpc_t2enc.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_t2enc.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_t2enc.c 2009-10-22 10:27:45.000000000 +0200 +@@ -565,7 +565,7 @@ jpc_pi_t *jpc_enc_pi_create(jpc_enc_cp_t + } + pi->pktno = -1; + pi->numcomps = cp->numcmpts; +- if (!(pi->picomps = jas_malloc(pi->numcomps * sizeof(jpc_picomp_t)))) { ++ if (!(pi->picomps = jas_alloc2(pi->numcomps, sizeof(jpc_picomp_t)))) { + jpc_pi_destroy(pi); + return 0; + } +@@ -577,7 +577,7 @@ jpc_pi_t *jpc_enc_pi_create(jpc_enc_cp_t + for (compno = 0, tcomp = tile->tcmpts, picomp = pi->picomps; + compno < pi->numcomps; ++compno, ++tcomp, ++picomp) { + picomp->numrlvls = tcomp->numrlvls; +- if (!(picomp->pirlvls = jas_malloc(picomp->numrlvls * ++ if (!(picomp->pirlvls = jas_alloc2(picomp->numrlvls, + sizeof(jpc_pirlvl_t)))) { + jpc_pi_destroy(pi); + return 0; +@@ -591,7 +591,7 @@ jpc_pi_t *jpc_enc_pi_create(jpc_enc_cp_t + /* XXX sizeof(long) should be sizeof different type */ + pirlvl->numprcs = rlvl->numprcs; + if (rlvl->numprcs) { +- if (!(pirlvl->prclyrnos = jas_malloc(pirlvl->numprcs * ++ if (!(pirlvl->prclyrnos = jas_alloc2(pirlvl->numprcs, + sizeof(long)))) { + jpc_pi_destroy(pi); + return 0; +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_tagtree.c jasper-1.900.1/src/libjasper/jpc/jpc_tagtree.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_tagtree.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_tagtree.c 2009-10-22 10:27:45.000000000 +0200 +@@ -125,7 +125,7 @@ jpc_tagtree_t *jpc_tagtree_create(int nu + ++numlvls; + } while (n > 1); + +- if (!(tree->nodes_ = jas_malloc(tree->numnodes_ * sizeof(jpc_tagtreenode_t)))) { ++ if (!(tree->nodes_ = jas_alloc2(tree->numnodes_, sizeof(jpc_tagtreenode_t)))) { + return 0; + } + +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_util.c jasper-1.900.1/src/libjasper/jpc/jpc_util.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_util.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_util.c 2009-10-22 10:27:45.000000000 +0200 +@@ -109,7 +109,7 @@ int jpc_atoaf(char *s, int *numvalues, d + } + + if (n) { +- if (!(vs = jas_malloc(n * sizeof(double)))) { ++ if (!(vs = jas_alloc2(n, sizeof(double)))) { + return -1; + } + +diff -pruN jasper-1.900.1.orig/src/libjasper/mif/mif_cod.c jasper-1.900.1/src/libjasper/mif/mif_cod.c +--- jasper-1.900.1.orig/src/libjasper/mif/mif_cod.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/mif/mif_cod.c 2009-10-22 10:27:45.000000000 +0200 +@@ -438,8 +438,7 @@ static int mif_hdr_growcmpts(mif_hdr_t * + int cmptno; + mif_cmpt_t **newcmpts; + assert(maxcmpts >= hdr->numcmpts); +- newcmpts = (!hdr->cmpts) ? jas_malloc(maxcmpts * sizeof(mif_cmpt_t *)) : +- jas_realloc(hdr->cmpts, maxcmpts * sizeof(mif_cmpt_t *)); ++ newcmpts = jas_realloc2(hdr->cmpts, maxcmpts, sizeof(mif_cmpt_t *)); + if (!newcmpts) { + return -1; + } diff --git a/patches/source/jasper/patches/jasper-1.900.1-CVE-2008-3522.patch b/patches/source/jasper/patches/jasper-1.900.1-CVE-2008-3522.patch new file mode 100644 index 00000000..4bf2e9b5 --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-CVE-2008-3522.patch @@ -0,0 +1,14 @@ +https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3522 + +diff -pruN jasper-1.900.1.orig/src/libjasper/base/jas_stream.c jasper-1.900.1/src/libjasper/base/jas_stream.c +--- jasper-1.900.1.orig/src/libjasper/base/jas_stream.c 2009-10-22 10:27:45.000000000 +0200 ++++ jasper-1.900.1/src/libjasper/base/jas_stream.c 2009-10-22 10:35:53.000000000 +0200 +@@ -553,7 +553,7 @@ int jas_stream_printf(jas_stream_t *stre + int ret; + + va_start(ap, fmt); +- ret = vsprintf(buf, fmt, ap); ++ ret = vsnprintf(buf, sizeof buf, fmt, ap); + jas_stream_puts(stream, buf); + va_end(ap); + return ret; diff --git a/patches/source/jasper/patches/jasper-1.900.1-CVE-2011-4516-CVE-2011-4517-CERT-VU-887409.patch b/patches/source/jasper/patches/jasper-1.900.1-CVE-2011-4516-CVE-2011-4517-CERT-VU-887409.patch new file mode 100644 index 00000000..f753080a --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-CVE-2011-4516-CVE-2011-4517-CERT-VU-887409.patch @@ -0,0 +1,23 @@ +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_cs.c.CERT-VU-887409 jasper-1.900.1/src/libjasper/jpc/jpc_cs.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_cs.c.CERT-VU-887409 2011-10-25 17:25:39.000000000 +0200 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_cs.c 2011-10-25 17:29:14.379371908 +0200 +@@ -744,6 +744,10 @@ static int jpc_cox_getcompparms(jpc_ms_t + return -1; + } + compparms->numrlvls = compparms->numdlvls + 1; ++ if (compparms->numrlvls > JPC_MAXRLVLS) { ++ jpc_cox_destroycompparms(compparms); ++ return -1; ++ } + if (prtflag) { + for (i = 0; i < compparms->numrlvls; ++i) { + if (jpc_getuint8(in, &tmp)) { +@@ -1331,7 +1335,7 @@ static int jpc_crg_getparms(jpc_ms_t *ms + jpc_crgcomp_t *comp; + uint_fast16_t compno; + crg->numcomps = cstate->numcomps; +- if (!(crg->comps = jas_alloc2(cstate->numcomps, sizeof(uint_fast16_t)))) { ++ if (!(crg->comps = jas_alloc2(cstate->numcomps, sizeof(jpc_crgcomp_t)))) { + return -1; + } + for (compno = 0, comp = crg->comps; compno < cstate->numcomps; diff --git a/patches/source/jasper/patches/jasper-1.900.1-Coverity-BAD_SIZEOF.patch b/patches/source/jasper/patches/jasper-1.900.1-Coverity-BAD_SIZEOF.patch new file mode 100644 index 00000000..19774005 --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-Coverity-BAD_SIZEOF.patch @@ -0,0 +1,17 @@ +Error: BAD_SIZEOF +jpc/jpc_enc.c:2105: bad_sizeof: Taking the size of binary expression "tcmpt->numstepsizes * sizeof (uint_fast16_t) /*8*/" is suspicious. + Did you intend "sizeof(tcmpt->numstepsizes) * sizeof (uint_fast16_t) /*8*/"? + +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_enc.c.bad_sizeof jasper-1.900.1/src/libjasper/jpc/jpc_enc.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_enc.c.bad_sizeof 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_enc.c 2011-06-23 17:28:17.085690561 +0200 +@@ -2102,8 +2102,7 @@ static jpc_enc_tcmpt_t *tcmpt_create(jpc + + tcmpt->numstepsizes = tcmpt->numbands; + assert(tcmpt->numstepsizes <= JPC_MAXBANDS); +- memset(tcmpt->stepsizes, 0, sizeof(tcmpt->numstepsizes * +- sizeof(uint_fast16_t))); ++ memset(tcmpt->stepsizes, 0, tcmpt->numstepsizes * sizeof(uint_fast16_t)); + + /* Retrieve information about the various bands. */ + jpc_tsfb_getbands(tcmpt->tsfb, jas_seq2d_xstart(tcmpt->data), diff --git a/patches/source/jasper/patches/jasper-1.900.1-Coverity-CHECKED_RETURN.patch b/patches/source/jasper/patches/jasper-1.900.1-Coverity-CHECKED_RETURN.patch new file mode 100644 index 00000000..ea330f2c --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-Coverity-CHECKED_RETURN.patch @@ -0,0 +1,141 @@ +Error: CHECKED_RETURN +jpc/jpc_cs.c:924: check_return: Calling function "jpc_putuint16" without checking return value (as is done elsewhere 11 out of 13 times). +jpc/jpc_cs.c:924: unchecked_value: No check of the return value of "jpc_putuint16(out, qcc->compno)". + +jpc/jpc_cs.c:1021: check_return: Calling function "jpc_putuint16" without checking return value (as is done elsewhere 11 out of 13 times). +jpc/jpc_cs.c:1021: unchecked_value: No check of the return value of "jpc_putuint16(out, compparms->stepsizes[i])". + +jpc/jpc_cs.c:994: check_return: Calling function "jpc_getuint16" without checking return value (as is done elsewhere 14 out of 16 times). +jpc/jpc_cs.c:994: unchecked_value: No check of the return value of "jpc_getuint16(in, compparms->stepsizes + i)". + +jpc/jpc_cs.c:905: check_return: Calling function "jpc_getuint16" without checking return value (as is done elsewhere 14 out of 16 times). +jpc/jpc_cs.c:905: unchecked_value: No check of the return value of "jpc_getuint16(in, &qcc->compno)". + +jpc/jpc_cs.c:969: check_return: Calling function "jpc_getuint8" without checking return value (as is done elsewhere 17 out of 20 times). +jpc/jpc_cs.c:969: unchecked_value: No check of the return value of "jpc_getuint8(in, &tmp)". + +jpc/jpc_cs.c:991: check_return: Calling function "jpc_getuint8" without checking return value (as is done elsewhere 17 out of 20 times). +jpc/jpc_cs.c:991: unchecked_value: No check of the return value of "jpc_getuint8(in, &tmp)". + +jpc/jpc_cs.c:901: check_return: Calling function "jpc_getuint8" without checking return value (as is done elsewhere 17 out of 20 times). +jpc/jpc_cs.c:901: unchecked_value: No check of the return value of "jpc_getuint8(in, &tmp)". + +jpc/jpc_t2enc.c:338: check_return: Calling function "jpc_putms" without checking return value (as is done elsewhere 12 out of 13 times). +jpc/jpc_t2enc.c:338: unchecked_value: No check of the return value of "jpc_putms(out, enc->cstate, ms)". + +ras/ras_enc.c:245: check_return: Calling function "jas_image_readcmpt" without checking return value (as is done elsewhere 9 out of 10 times). +ras/ras_enc.c:245: unchecked_value: No check of the return value of "jas_image_readcmpt(image, cmpts[i], 0L, y, image->brx_ - image->tlx_, 1L, data[i])". + +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_cs.c.checked_return jasper-1.900.1/src/libjasper/jpc/jpc_cs.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_cs.c.checked_return 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_cs.c 2011-06-24 13:52:25.636551844 +0200 +@@ -898,11 +898,15 @@ static int jpc_qcc_getparms(jpc_ms_t *ms + int len; + len = ms->len; + if (cstate->numcomps <= 256) { +- jpc_getuint8(in, &tmp); ++ if (jpc_getuint8(in, &tmp)) { ++ return -1; ++ } + qcc->compno = tmp; + --len; + } else { +- jpc_getuint16(in, &qcc->compno); ++ if (jpc_getuint16(in, &qcc->compno)) { ++ return -1; ++ } + len -= 2; + } + if (jpc_qcx_getcompparms(&qcc->compparms, cstate, in, len)) { +@@ -919,9 +923,13 @@ static int jpc_qcc_putparms(jpc_ms_t *ms + { + jpc_qcc_t *qcc = &ms->parms.qcc; + if (cstate->numcomps <= 256) { +- jpc_putuint8(out, qcc->compno); ++ if (jpc_putuint8(out, qcc->compno)) { ++ return -1; ++ } + } else { +- jpc_putuint16(out, qcc->compno); ++ if (jpc_putuint16(out, qcc->compno)) { ++ return -1; ++ } + } + if (jpc_qcx_putcompparms(&qcc->compparms, cstate, out)) { + return -1; +@@ -966,7 +974,9 @@ static int jpc_qcx_getcompparms(jpc_qcxc + cstate = 0; + + n = 0; +- jpc_getuint8(in, &tmp); ++ if (jpc_getuint8(in, &tmp)) { ++ return -1; ++ } + ++n; + compparms->qntsty = tmp & 0x1f; + compparms->numguard = (tmp >> 5) & 7; +@@ -988,10 +998,14 @@ static int jpc_qcx_getcompparms(jpc_qcxc + assert(compparms->stepsizes); + for (i = 0; i < compparms->numstepsizes; ++i) { + if (compparms->qntsty == JPC_QCX_NOQNT) { +- jpc_getuint8(in, &tmp); ++ if (jpc_getuint8(in, &tmp)) { ++ return -1; ++ } + compparms->stepsizes[i] = JPC_QCX_EXPN(tmp >> 3); + } else { +- jpc_getuint16(in, &compparms->stepsizes[i]); ++ if (jpc_getuint16(in, &compparms->stepsizes[i])) { ++ return -1; ++ } + } + } + } else { +@@ -1015,10 +1029,14 @@ static int jpc_qcx_putcompparms(jpc_qcxc + jpc_putuint8(out, ((compparms->numguard & 7) << 5) | compparms->qntsty); + for (i = 0; i < compparms->numstepsizes; ++i) { + if (compparms->qntsty == JPC_QCX_NOQNT) { +- jpc_putuint8(out, JPC_QCX_GETEXPN( +- compparms->stepsizes[i]) << 3); ++ if (jpc_putuint8(out, JPC_QCX_GETEXPN( ++ compparms->stepsizes[i]) << 3)) { ++ return -1; ++ } + } else { +- jpc_putuint16(out, compparms->stepsizes[i]); ++ if (jpc_putuint16(out, compparms->stepsizes[i])) { ++ return -1; ++ } + } + } + return 0; +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_t2enc.c.checked_return jasper-1.900.1/src/libjasper/jpc/jpc_t2enc.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_t2enc.c.checked_return 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_t2enc.c 2011-06-24 12:29:32.069578992 +0200 +@@ -335,7 +335,9 @@ assert(jpc_firstone(datalen) < cblk->num + if (!(ms = jpc_ms_create(JPC_MS_EPH))) { + return -1; + } +- jpc_putms(out, enc->cstate, ms); ++ if (jpc_putms(out, enc->cstate, ms)) { ++ return -1; ++ } + jpc_ms_destroy(ms); + } + +diff -up jasper-1.900.1/src/libjasper/ras/ras_enc.c.checked_return jasper-1.900.1/src/libjasper/ras/ras_enc.c +--- jasper-1.900.1/src/libjasper/ras/ras_enc.c.checked_return 2007-01-19 22:43:04.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/ras/ras_enc.c 2011-06-24 14:05:31.233482612 +0200 +@@ -242,8 +242,10 @@ static int ras_putdatastd(jas_stream_t * + + for (y = 0; y < hdr->height; y++) { + for (i = 0; i < numcmpts; ++i) { +- jas_image_readcmpt(image, cmpts[i], 0, y, jas_image_width(image), +- 1, data[i]); ++ if (jas_image_readcmpt(image, cmpts[i], 0, y, ++ jas_image_width(image), 1, data[i])) { ++ return -1; ++ } + } + z = 0; + nz = 0; diff --git a/patches/source/jasper/patches/jasper-1.900.1-Coverity-FORWARD_NULL.patch b/patches/source/jasper/patches/jasper-1.900.1-Coverity-FORWARD_NULL.patch new file mode 100644 index 00000000..ff526b4d --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-Coverity-FORWARD_NULL.patch @@ -0,0 +1,44 @@ +Error: FORWARD_NULL +jpc/jpc_dec.c:2207: var_compare_op: Comparing "streams" to null implies that "streams" might be null. +jpc/jpc_dec.c:2270: var_deref_model: Passing null variable "streams" to function "jpc_streamlist_destroy", which dereferences it. +jpc/jpc_dec.c:2108: deref_parm: Directly dereferencing parameter "streamlist". + +jpc/jpc_t1enc.c:225: assign_zero: Assigning: "cblk->passes" = 0. +jpc/jpc_t1enc.c:228: alias_transfer: Assigning null: "pass" = "cblk->passes". +jpc/jpc_t1enc.c:229: var_deref_op: Dereferencing null variable "pass". + +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_dec.c.forward_null jasper-1.900.1/src/libjasper/jpc/jpc_dec.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_dec.c.forward_null 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_dec.c 2011-06-24 15:01:39.200600146 +0200 +@@ -2267,7 +2267,9 @@ jpc_streamlist_t *jpc_ppmstabtostreams(j + return streams; + + error: +- jpc_streamlist_destroy(streams); ++ if (streams) { ++ jpc_streamlist_destroy(streams); ++ } + return 0; + } + +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_t1enc.c.forward_null jasper-1.900.1/src/libjasper/jpc/jpc_t1enc.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_t1enc.c.forward_null 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_t1enc.c 2011-06-24 14:58:33.061248133 +0200 +@@ -224,7 +224,7 @@ int jpc_enc_enccblk(jpc_enc_t *enc, jas_ + } else { + cblk->passes = 0; + } +- endpasses = &cblk->passes[cblk->numpasses]; ++ endpasses = (cblk->passes) ? &cblk->passes[cblk->numpasses] : 0; + for (pass = cblk->passes; pass != endpasses; ++pass) { + pass->start = 0; + pass->end = 0; +@@ -352,7 +352,7 @@ dump_passes(cblk->passes, cblk->numpasse + #endif + + n = 0; +- endpasses = &cblk->passes[cblk->numpasses]; ++ endpasses = (cblk->passes) ? &cblk->passes[cblk->numpasses] : 0; + for (pass = cblk->passes; pass != endpasses; ++pass) { + if (pass->start < n) { + pass->start = n; diff --git a/patches/source/jasper/patches/jasper-1.900.1-Coverity-NULL_RETURNS.patch b/patches/source/jasper/patches/jasper-1.900.1-Coverity-NULL_RETURNS.patch new file mode 100644 index 00000000..4c722702 --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-Coverity-NULL_RETURNS.patch @@ -0,0 +1,61 @@ +Error: NULL_RETURNS +base/jas_image.c:213: returned_null: Function "jas_image_create0" returns null (checked 6 out of 7 times). +base/jas_image.c:213: var_assigned: Assigning: "newimage" = null return value from "jas_image_create0". +base/jas_image.c:214: dereference: Dereferencing a pointer that might be null "newimage" when calling "jas_image_growcmpts". +base/jas_image.c:777: deref_parm: Directly dereferencing parameter "image". + +base/jas_seq.c:223: returned_null: Function "jas_malloc" returns null (checked 110 out of 119 times). +base/jas_seq.c:223: var_assigned: Assigning: "mat0->rows_" = null return value from "jas_malloc". +base/jas_seq.c:225: dereference: Dereferencing a null pointer "mat0->rows_". + +jp2/jp2_cod.c:484: returned_null: Function "jas_stream_memopen" returns null (checked 12 out of 15 times). +jp2/jp2_cod.c:484: var_assigned: Assigning: "tmpstream" = null return value from "jas_stream_memopen". +jp2/jp2_cod.c:490: dereference: Dereferencing a pointer that might be null "tmpstream" when calling "jas_stream_tell". +base/jas_stream.c:677: deref_parm: Directly dereferencing parameter "stream". + + +diff -up jasper-1.900.1/src/libjasper/base/jas_image.c.NULL_RETURNS jasper-1.900.1/src/libjasper/base/jas_image.c +--- jasper-1.900.1/src/libjasper/base/jas_image.c.NULL_RETURNS 2011-12-08 14:00:05.350020869 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_image.c 2011-12-08 14:00:06.638004766 +0100 +@@ -210,7 +210,10 @@ jas_image_t *jas_image_copy(jas_image_t + jas_image_t *newimage; + int cmptno; + +- newimage = jas_image_create0(); ++ if (!(newimage = jas_image_create0())) { ++ goto error; ++ } ++ + if (jas_image_growcmpts(newimage, image->numcmpts_)) { + goto error; + } +diff -up jasper-1.900.1/src/libjasper/base/jas_seq.c.NULL_RETURNS jasper-1.900.1/src/libjasper/base/jas_seq.c +--- jasper-1.900.1/src/libjasper/base/jas_seq.c.NULL_RETURNS 2011-12-08 14:00:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_seq.c 2011-12-08 14:15:12.449680562 +0100 +@@ -220,7 +220,11 @@ void jas_matrix_bindsub(jas_matrix_t *ma + mat0->numrows_ = r1 - r0 + 1; + mat0->numcols_ = c1 - c0 + 1; + mat0->maxrows_ = mat0->numrows_; +- mat0->rows_ = jas_alloc2(mat0->maxrows_, sizeof(jas_seqent_t *)); ++ if (!(mat0->rows_ = jas_alloc2(mat0->maxrows_, sizeof(jas_seqent_t *)))) { ++ jas_matrix_destroy(mat0); ++ return; ++ } ++ + for (i = 0; i < mat0->numrows_; ++i) { + mat0->rows_[i] = mat1->rows_[r0 + i] + c0; + } +diff -up jasper-1.900.1/src/libjasper/jp2/jp2_cod.c.NULL_RETURNS jasper-1.900.1/src/libjasper/jp2/jp2_cod.c +--- jasper-1.900.1/src/libjasper/jp2/jp2_cod.c.NULL_RETURNS 2011-12-08 14:00:05.633017331 +0100 ++++ jasper-1.900.1/src/libjasper/jp2/jp2_cod.c 2011-12-08 14:00:06.677004279 +0100 +@@ -481,7 +481,9 @@ int jp2_box_put(jp2_box_t *box, jas_stre + dataflag = !(box->info->flags & (JP2_BOX_SUPER | JP2_BOX_NODATA)); + + if (dataflag) { +- tmpstream = jas_stream_memopen(0, 0); ++ if (!(tmpstream = jas_stream_memopen(0, 0))) { ++ goto error; ++ } + if (box->ops->putdata) { + if ((*box->ops->putdata)(box, tmpstream)) { + goto error; diff --git a/patches/source/jasper/patches/jasper-1.900.1-Coverity-RESOURCE_LEAK.patch b/patches/source/jasper/patches/jasper-1.900.1-Coverity-RESOURCE_LEAK.patch new file mode 100644 index 00000000..76f5da77 --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-Coverity-RESOURCE_LEAK.patch @@ -0,0 +1,202 @@ +Error: RESOURCE_LEAK +src/appl/imgcmp.c:504: var_assign: Assigning: "diffimage" = storage returned from "jas_image_create(3, compparms, 1025)". +src/appl/imgcmp.c:511: leaked_storage: Variable "diffimage" going out of scope leaks the storage it points to. +src/appl/imgcmp.c:537: leaked_storage: Variable "diffimage" going out of scope leaks the storage it points to. + +base/jas_image.c:254: var_assign: Assigning: "newcmpt" = storage returned from "jas_image_cmpt_create0()". +base/jas_image.c:268: leaked_storage: Variable "newcmpt" going out of scope leaks the storage it points to. +base/jas_image.c:271: leaked_storage: Variable "newcmpt" going out of scope leaks the storage it points to. +base/jas_image.c:274: leaked_storage: Variable "newcmpt" going out of scope leaks the storage it points to. +base/jas_image.c:277: leaked_storage: Variable "newcmpt" going out of scope leaks the storage it points to. + +base/jas_cm.c:611: var_assign: Assigning: "newpxformseq" = storage returned from "jas_cmpxformseq_create()". +base/jas_cm.c:617: leaked_storage: Variable "newpxformseq" going out of scope leaks the storage it points to. + +base/jas_cm.c:343: var_assign: Assigning: "newprof" = storage returned from "jas_cmprof_create()". +base/jas_cm.c:358: leaked_storage: Variable "newprof" going out of scope leaks the storage it points to. + +base/jas_cm.c:380: var_assign: Assigning: "xform" = storage returned from "jas_malloc(sizeof (jas_cmxform_t) /*16*/)". +base/jas_cm.c:461: leaked_storage: Variable "xform" going out of scope leaks the storage it points to. + +base/jas_image.c:1379: var_assign: Assigning: "xform" = storage returned from "jas_cmxform_create(inprof, outprof, NULL, 0, intent, 0)". +base/jas_image.c:1444: leaked_storage: Variable "xform" going out of scope leaks the storage it points to. + +base/jas_image.c:1306: var_assign: Assigning: "inimage" = storage returned from "jas_image_copy(image)". +base/jas_image.c:1444: leaked_storage: Variable "inimage" going out of scope leaks the storage it points to. + +base/jas_image.c:1345: var_assign: Assigning: "outimage" = storage returned from "jas_image_create0()". +base/jas_image.c:1444: leaked_storage: Variable "outimage" going out of scope leaks the storage it points to. + +bmp/bmp_enc.c:187: var_assign: Assigning: "info" = storage returned from "bmp_info_create()". +bmp/bmp_enc.c:208: leaked_storage: Variable "info" going out of scope leaks the storage it points to. + +jpc/jpc_tagtree.c:111: var_assign: Assigning: "tree" = storage returned from "jpc_tagtree_alloc()". +jpc/jpc_tagtree.c:129: leaked_storage: Variable "tree" going out of scope leaks the storage it points to. + +jpc/jpc_dec.c:452: var_assign: Assigning: "compinfos" = storage returned from "jas_malloc(dec->numcomps * sizeof (jas_image_cmptparm_t) /*56*/)". +jpc/jpc_dec.c:468: leaked_storage: Variable "compinfos" going out of scope leaks the storage it points to. + +jpc/jpc_dec.c:1483: var_assign: Assigning: "cp" = storage returned from "jas_malloc(sizeof (jpc_dec_cp_t) /*48*/)". +jpc/jpc_dec.c:1493: leaked_storage: Variable "cp" going out of scope leaks the storage it points to. +jpc/jpc_dec.c:1497: leaked_storage: Variable "cp" going out of scope leaks the storage it points to. + +mif/mif_cod.c:523: var_assign: Assigning: "cmpt" = storage returned from "mif_cmpt_create()". +mif/mif_cod.c:568: leaked_storage: Variable "cmpt" going out of scope leaks the storage it points to. + +mif/mif_cod.c:568: leaked_storage: Variable "tvp" going out of scope leaks the storage it points to. + + +diff -up jasper-1.900.1/src/appl/imgcmp.c.RESOURCE_LEAK jasper-1.900.1/src/appl/imgcmp.c +--- jasper-1.900.1/src/appl/imgcmp.c.RESOURCE_LEAK 2007-01-19 22:43:08.000000000 +0100 ++++ jasper-1.900.1/src/appl/imgcmp.c 2011-12-08 14:16:04.727027007 +0100 +@@ -507,6 +507,7 @@ jas_image_t *makediffimage(jas_matrix_t + + for (i = 0; i < 3; ++i) { + if (!(diffdata[i] = jas_matrix_create(height, width))) { ++ jas_image_destroy(diffimage); + fprintf(stderr, "internal error\n"); + return 0; + } +@@ -534,6 +535,7 @@ jas_image_t *makediffimage(jas_matrix_t + + for (i = 0; i < 3; ++i) { + if (jas_image_writecmpt(diffimage, i, 0, 0, width, height, diffdata[i])) { ++ jas_image_destroy(diffimage); + return 0; + } + } +diff -up jasper-1.900.1/src/libjasper/base/jas_cm.c.RESOURCE_LEAK jasper-1.900.1/src/libjasper/base/jas_cm.c +--- jasper-1.900.1/src/libjasper/base/jas_cm.c.RESOURCE_LEAK 2011-12-08 14:16:03.387043758 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_cm.c 2011-12-08 14:16:04.728026994 +0100 +@@ -355,6 +355,8 @@ jas_cmprof_t *jas_cmprof_copy(jas_cmprof + } + return newprof; + error: ++ if (newprof) ++ jas_cmprof_destroy(newprof); + return 0; + } + +@@ -458,6 +460,8 @@ jas_cmxform_t *jas_cmxform_create(jas_cm + } + return xform; + error: ++ if (xform) ++ jas_cmxform_destroy(xform); + return 0; + } + +@@ -614,6 +618,8 @@ static jas_cmpxformseq_t *jas_cmpxformse + goto error; + return newpxformseq; + error: ++ if (newpxformseq) ++ jas_cmpxformseq_destroy(newpxformseq); + return 0; + } + +diff -up jasper-1.900.1/src/libjasper/base/jas_image.c.RESOURCE_LEAK jasper-1.900.1/src/libjasper/base/jas_image.c +--- jasper-1.900.1/src/libjasper/base/jas_image.c.RESOURCE_LEAK 2011-12-08 14:16:04.635028156 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_image.c 2011-12-08 14:16:04.776026394 +0100 +@@ -268,15 +268,19 @@ static jas_image_cmpt_t *jas_image_cmpt_ + newcmpt->cps_ = cmpt->cps_; + newcmpt->type_ = cmpt->type_; + if (!(newcmpt->stream_ = jas_stream_memopen(0, 0))) { ++ jas_image_cmpt_destroy(newcmpt); + return 0; + } + if (jas_stream_seek(cmpt->stream_, 0, SEEK_SET)) { ++ jas_image_cmpt_destroy(newcmpt); + return 0; + } + if (jas_stream_copy(newcmpt->stream_, cmpt->stream_, -1)) { ++ jas_image_cmpt_destroy(newcmpt); + return 0; + } + if (jas_stream_seek(newcmpt->stream_, 0, SEEK_SET)) { ++ jas_image_cmpt_destroy(newcmpt); + return 0; + } + return newcmpt; +@@ -1443,5 +1447,11 @@ jas_image_dump(outimage, stderr); + #endif + return outimage; + error: ++ if (xform) ++ jas_cmxform_destroy(xform); ++ if (inimage) ++ jas_image_destroy(inimage); ++ if (outimage) ++ jas_image_destroy(outimage); + return 0; + } +diff -up jasper-1.900.1/src/libjasper/bmp/bmp_enc.c.RESOURCE_LEAK jasper-1.900.1/src/libjasper/bmp/bmp_enc.c +--- jasper-1.900.1/src/libjasper/bmp/bmp_enc.c.RESOURCE_LEAK 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/bmp/bmp_enc.c 2011-12-08 14:16:04.826025768 +0100 +@@ -205,16 +205,19 @@ int bmp_encode(jas_image_t *image, jas_s + + /* Write the bitmap header. */ + if (bmp_puthdr(out, &hdr)) { ++ bmp_info_destroy(info); + return -1; + } + + /* Write the bitmap information. */ + if (bmp_putinfo(out, info)) { ++ bmp_info_destroy(info); + return -1; + } + + /* Write the bitmap data. */ + if (bmp_putdata(out, info, image, enc->cmpts)) { ++ bmp_info_destroy(info); + return -1; + } + +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_dec.c.RESOURCE_LEAK jasper-1.900.1/src/libjasper/jpc/jpc_dec.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_dec.c.RESOURCE_LEAK 2011-12-08 14:16:04.594028668 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_dec.c 2011-12-08 14:17:25.677014992 +0100 +@@ -465,6 +465,7 @@ static int jpc_dec_process_sot(jpc_dec_t + + if (!(dec->image = jas_image_create(dec->numcomps, compinfos, + JAS_CLRSPC_UNKNOWN))) { ++ jas_free(compinfos); + return -1; + } + jas_free(compinfos); +@@ -1490,10 +1491,11 @@ static jpc_dec_cp_t *jpc_dec_cp_create(u + cp->mctid = 0; + cp->csty = 0; + if (!(cp->ccps = jas_alloc2(cp->numcomps, sizeof(jpc_dec_ccp_t)))) { ++ jpc_dec_cp_destroy(cp); + return 0; + } + if (!(cp->pchglist = jpc_pchglist_create())) { +- jas_free(cp->ccps); ++ jpc_dec_cp_destroy(cp); + return 0; + } + for (compno = 0, ccp = cp->ccps; compno < cp->numcomps; +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_tagtree.c.RESOURCE_LEAK jasper-1.900.1/src/libjasper/jpc/jpc_tagtree.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_tagtree.c.RESOURCE_LEAK 2011-12-08 14:16:04.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_tagtree.c 2011-12-08 14:17:55.905637082 +0100 +@@ -126,6 +126,7 @@ jpc_tagtree_t *jpc_tagtree_create(int nu + } while (n > 1); + + if (!(tree->nodes_ = jas_alloc2(tree->numnodes_, sizeof(jpc_tagtreenode_t)))) { ++ jpc_tagtree_destroy(tree); + return 0; + } + +diff -up jasper-1.900.1/src/libjasper/mif/mif_cod.c.RESOURCE_LEAK jasper-1.900.1/src/libjasper/mif/mif_cod.c +--- jasper-1.900.1/src/libjasper/mif/mif_cod.c.RESOURCE_LEAK 2011-12-08 14:16:04.250032970 +0100 ++++ jasper-1.900.1/src/libjasper/mif/mif_cod.c 2011-12-08 14:16:04.967024005 +0100 +@@ -564,7 +564,7 @@ static int mif_process_cmpt(mif_hdr_t *h + break; + case MIF_DATA: + if (!(cmpt->data = jas_strdup(jas_tvparser_getval(tvp)))) { +- return -1; ++ goto error; + } + break; + } diff --git a/patches/source/jasper/patches/jasper-1.900.1-Coverity-UNREACHABLE.patch b/patches/source/jasper/patches/jasper-1.900.1-Coverity-UNREACHABLE.patch new file mode 100644 index 00000000..3cae2940 --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-Coverity-UNREACHABLE.patch @@ -0,0 +1,37 @@ +Error: UNREACHABLE +jp2/jp2_cod.c:304: unreachable: This code cannot be reached: "abort();". + +jp2/jp2_cod.c:514: unreachable: This code cannot be reached: "abort();". + +jp2/jp2_enc.c:354: unreachable: This code cannot be reached: "abort();". + +diff -up jasper-1.900.1/src/libjasper/jp2/jp2_cod.c.unreachable jasper-1.900.1/src/libjasper/jp2/jp2_cod.c +--- jasper-1.900.1/src/libjasper/jp2/jp2_cod.c.unreachable 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jp2/jp2_cod.c 2011-06-27 15:28:13.083137952 +0200 +@@ -301,7 +301,6 @@ jp2_box_t *jp2_box_get(jas_stream_t *in) + } + + return box; +- abort(); + + error: + if (box) { +@@ -511,7 +510,6 @@ int jp2_box_put(jp2_box_t *box, jas_stre + } + + return 0; +- abort(); + + error: + +diff -up jasper-1.900.1/src/libjasper/jp2/jp2_enc.c.unreachable jasper-1.900.1/src/libjasper/jp2/jp2_enc.c +--- jasper-1.900.1/src/libjasper/jp2/jp2_enc.c.unreachable 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jp2/jp2_enc.c 2011-06-27 15:27:58.858353979 +0200 +@@ -351,7 +351,6 @@ int sgnd; + } + + return 0; +- abort(); + + error: + diff --git a/patches/source/jasper/patches/jasper-1.900.1-Coverity-UNUSED_VALUE.patch b/patches/source/jasper/patches/jasper-1.900.1-Coverity-UNUSED_VALUE.patch new file mode 100644 index 00000000..e7d4cb59 --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-Coverity-UNUSED_VALUE.patch @@ -0,0 +1,41 @@ +Error: UNUSED_VALUE +base/jas_icc.c:328: returned_pointer: Pointer "attrvalinfo" returned by "jas_iccattrvalinfo_lookup(type)" is never used. + +jpc/jpc_enc.c:788: returned_pointer: Pointer "cp" returned by "strchr(s, 66)" is never used. + +diff -up jasper-1.900.1/src/libjasper/base/jas_icc.c.unused_value jasper-1.900.1/src/libjasper/base/jas_icc.c +--- jasper-1.900.1/src/libjasper/base/jas_icc.c.unused_value 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_icc.c 2011-06-27 15:35:52.815263000 +0200 +@@ -266,7 +266,6 @@ jas_iccprof_t *jas_iccprof_load(jas_stre + jas_iccattrval_t *attrval; + jas_iccattrval_t *prevattrval; + jas_icctagtabent_t *tagtabent; +- jas_iccattrvalinfo_t *attrvalinfo; + int i; + int len; + +@@ -325,7 +324,7 @@ jas_iccprof_t *jas_iccprof_load(jas_stre + goto error; + } + curoff += 8; +- if (!(attrvalinfo = jas_iccattrvalinfo_lookup(type))) { ++ if (!jas_iccattrvalinfo_lookup(type)) { + #if 0 + jas_eprintf("warning: skipping unknown tag type\n"); + #endif +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_enc.c.unused_value jasper-1.900.1/src/libjasper/jpc/jpc_enc.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_enc.c.unused_value 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_enc.c 2011-06-27 15:36:17.437900180 +0200 +@@ -781,11 +781,10 @@ void jpc_enc_cp_destroy(jpc_enc_cp_t *cp + + int ratestrtosize(char *s, uint_fast32_t rawsize, uint_fast32_t *size) + { +- char *cp; + jpc_flt_t f; + + /* Note: This function must not modify output size on failure. */ +- if ((cp = strchr(s, 'B'))) { ++ if (strchr(s, 'B')) { + *size = atoi(s); + } else { + f = atof(s); diff --git a/patches/source/jasper/patches/jasper-CVE-2014-8137.patch b/patches/source/jasper/patches/jasper-CVE-2014-8137.patch new file mode 100644 index 00000000..9600cd32 --- /dev/null +++ b/patches/source/jasper/patches/jasper-CVE-2014-8137.patch @@ -0,0 +1,57 @@ +--- jasper-1.900.1.orig/src/libjasper/base/jas_icc.c 2014-12-11 14:06:44.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_icc.c 2014-12-11 15:16:37.971272386 +0100 +@@ -1009,7 +1009,6 @@ static int jas_icccurv_input(jas_iccattr + return 0; + + error: +- jas_icccurv_destroy(attrval); + return -1; + } + +@@ -1127,7 +1126,6 @@ static int jas_icctxtdesc_input(jas_icca + #endif + return 0; + error: +- jas_icctxtdesc_destroy(attrval); + return -1; + } + +@@ -1206,8 +1204,6 @@ static int jas_icctxt_input(jas_iccattrv + goto error; + return 0; + error: +- if (txt->string) +- jas_free(txt->string); + return -1; + } + +@@ -1328,7 +1324,6 @@ static int jas_icclut8_input(jas_iccattr + goto error; + return 0; + error: +- jas_icclut8_destroy(attrval); + return -1; + } + +@@ -1497,7 +1492,6 @@ static int jas_icclut16_input(jas_iccatt + goto error; + return 0; + error: +- jas_icclut16_destroy(attrval); + return -1; + } + +--- jasper-1.900.1.orig/src/libjasper/jp2/jp2_dec.c 2014-12-11 14:30:54.193209780 +0100 ++++ jasper-1.900.1/src/libjasper/jp2/jp2_dec.c 2014-12-11 14:36:46.313217814 +0100 +@@ -291,7 +291,10 @@ jas_image_t *jp2_decode(jas_stream_t *in + case JP2_COLR_ICC: + iccprof = jas_iccprof_createfrombuf(dec->colr->data.colr.iccp, + dec->colr->data.colr.iccplen); +- assert(iccprof); ++ if (!iccprof) { ++ jas_eprintf("error: failed to parse ICC profile\n"); ++ goto error; ++ } + jas_iccprof_gethdr(iccprof, &icchdr); + jas_eprintf("ICC Profile CS %08x\n", icchdr.colorspc); + jas_image_setclrspc(dec->image, fromiccpcs(icchdr.colorspc)); diff --git a/patches/source/jasper/patches/jasper-CVE-2014-8138.patch b/patches/source/jasper/patches/jasper-CVE-2014-8138.patch new file mode 100644 index 00000000..5aaf8abb --- /dev/null +++ b/patches/source/jasper/patches/jasper-CVE-2014-8138.patch @@ -0,0 +1,14 @@ +--- jasper-1.900.1.orig/src/libjasper/jp2/jp2_dec.c 2014-12-11 14:06:44.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jp2/jp2_dec.c 2014-12-11 14:06:26.000000000 +0100 +@@ -386,6 +386,11 @@ jas_image_t *jp2_decode(jas_stream_t *in + /* Determine the type of each component. */ + if (dec->cdef) { + for (i = 0; i < dec->numchans; ++i) { ++ /* Is the channel number reasonable? */ ++ if (dec->cdef->data.cdef.ents[i].channo >= dec->numchans) { ++ jas_eprintf("error: invalid channel number in CDEF box\n"); ++ goto error; ++ } + jas_image_setcmpttype(dec->image, + dec->chantocmptlut[dec->cdef->data.cdef.ents[i].channo], + jp2_getct(jas_image_clrspc(dec->image), diff --git a/patches/source/jasper/patches/jasper-CVE-2014-8157.patch b/patches/source/jasper/patches/jasper-CVE-2014-8157.patch new file mode 100644 index 00000000..ebfc1b2d --- /dev/null +++ b/patches/source/jasper/patches/jasper-CVE-2014-8157.patch @@ -0,0 +1,12 @@ +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_dec.c.CVE-2014-8157 jasper-1.900.1/src/libjasper/jpc/jpc_dec.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_dec.c.CVE-2014-8157 2015-01-19 16:59:36.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_dec.c 2015-01-19 17:07:41.609863268 +0100 +@@ -489,7 +489,7 @@ static int jpc_dec_process_sot(jpc_dec_t + dec->curtileendoff = 0; + } + +- if (JAS_CAST(int, sot->tileno) > dec->numtiles) { ++ if (JAS_CAST(int, sot->tileno) >= dec->numtiles) { + jas_eprintf("invalid tile number in SOT marker segment\n"); + return -1; + } diff --git a/patches/source/jasper/patches/jasper-CVE-2014-8158.patch b/patches/source/jasper/patches/jasper-CVE-2014-8158.patch new file mode 100644 index 00000000..ce9e4b49 --- /dev/null +++ b/patches/source/jasper/patches/jasper-CVE-2014-8158.patch @@ -0,0 +1,329 @@ +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c.CVE-2014-8158 jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c.CVE-2014-8158 2015-01-19 17:25:28.730195502 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c 2015-01-19 17:27:20.214663127 +0100 +@@ -306,11 +306,7 @@ void jpc_qmfb_split_row(jpc_fix_t *a, in + { + + int bufsize = JPC_CEILDIVPOW2(numcols, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE]; +-#else +- jpc_fix_t splitbuf[bufsize]; +-#endif + jpc_fix_t *buf = splitbuf; + register jpc_fix_t *srcptr; + register jpc_fix_t *dstptr; +@@ -318,7 +314,6 @@ void jpc_qmfb_split_row(jpc_fix_t *a, in + register int m; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { +@@ -326,7 +321,6 @@ void jpc_qmfb_split_row(jpc_fix_t *a, in + abort(); + } + } +-#endif + + if (numcols >= 2) { + hstartcol = (numcols + 1 - parity) >> 1; +@@ -360,12 +354,10 @@ void jpc_qmfb_split_row(jpc_fix_t *a, in + } + } + +-#if !defined(HAVE_VLA) + /* If the split buffer was allocated on the heap, free this memory. */ + if (buf != splitbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -374,11 +366,7 @@ void jpc_qmfb_split_col(jpc_fix_t *a, in + { + + int bufsize = JPC_CEILDIVPOW2(numrows, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE]; +-#else +- jpc_fix_t splitbuf[bufsize]; +-#endif + jpc_fix_t *buf = splitbuf; + register jpc_fix_t *srcptr; + register jpc_fix_t *dstptr; +@@ -386,7 +374,6 @@ void jpc_qmfb_split_col(jpc_fix_t *a, in + register int m; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { +@@ -394,7 +381,6 @@ void jpc_qmfb_split_col(jpc_fix_t *a, in + abort(); + } + } +-#endif + + if (numrows >= 2) { + hstartcol = (numrows + 1 - parity) >> 1; +@@ -428,12 +414,10 @@ void jpc_qmfb_split_col(jpc_fix_t *a, in + } + } + +-#if !defined(HAVE_VLA) + /* If the split buffer was allocated on the heap, free this memory. */ + if (buf != splitbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -442,11 +426,7 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a, + { + + int bufsize = JPC_CEILDIVPOW2(numrows, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE * JPC_QMFB_COLGRPSIZE]; +-#else +- jpc_fix_t splitbuf[bufsize * JPC_QMFB_COLGRPSIZE]; +-#endif + jpc_fix_t *buf = splitbuf; + jpc_fix_t *srcptr; + jpc_fix_t *dstptr; +@@ -457,7 +437,6 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a, + int m; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { +@@ -465,7 +444,6 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a, + abort(); + } + } +-#endif + + if (numrows >= 2) { + hstartcol = (numrows + 1 - parity) >> 1; +@@ -517,12 +495,10 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a, + } + } + +-#if !defined(HAVE_VLA) + /* If the split buffer was allocated on the heap, free this memory. */ + if (buf != splitbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -531,11 +507,7 @@ void jpc_qmfb_split_colres(jpc_fix_t *a, + { + + int bufsize = JPC_CEILDIVPOW2(numrows, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE * JPC_QMFB_COLGRPSIZE]; +-#else +- jpc_fix_t splitbuf[bufsize * numcols]; +-#endif + jpc_fix_t *buf = splitbuf; + jpc_fix_t *srcptr; + jpc_fix_t *dstptr; +@@ -546,7 +518,6 @@ void jpc_qmfb_split_colres(jpc_fix_t *a, + int m; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { +@@ -554,7 +525,6 @@ void jpc_qmfb_split_colres(jpc_fix_t *a, + abort(); + } + } +-#endif + + if (numrows >= 2) { + hstartcol = (numrows + 1 - parity) >> 1; +@@ -606,12 +576,10 @@ void jpc_qmfb_split_colres(jpc_fix_t *a, + } + } + +-#if !defined(HAVE_VLA) + /* If the split buffer was allocated on the heap, free this memory. */ + if (buf != splitbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -619,18 +587,13 @@ void jpc_qmfb_join_row(jpc_fix_t *a, int + { + + int bufsize = JPC_CEILDIVPOW2(numcols, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t joinbuf[QMFB_JOINBUFSIZE]; +-#else +- jpc_fix_t joinbuf[bufsize]; +-#endif + jpc_fix_t *buf = joinbuf; + register jpc_fix_t *srcptr; + register jpc_fix_t *dstptr; + register int n; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { +@@ -638,7 +601,6 @@ void jpc_qmfb_join_row(jpc_fix_t *a, int + abort(); + } + } +-#endif + + hstartcol = (numcols + 1 - parity) >> 1; + +@@ -670,12 +632,10 @@ void jpc_qmfb_join_row(jpc_fix_t *a, int + ++srcptr; + } + +-#if !defined(HAVE_VLA) + /* If the join buffer was allocated on the heap, free this memory. */ + if (buf != joinbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -684,18 +644,13 @@ void jpc_qmfb_join_col(jpc_fix_t *a, int + { + + int bufsize = JPC_CEILDIVPOW2(numrows, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t joinbuf[QMFB_JOINBUFSIZE]; +-#else +- jpc_fix_t joinbuf[bufsize]; +-#endif + jpc_fix_t *buf = joinbuf; + register jpc_fix_t *srcptr; + register jpc_fix_t *dstptr; + register int n; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { +@@ -703,7 +658,6 @@ void jpc_qmfb_join_col(jpc_fix_t *a, int + abort(); + } + } +-#endif + + hstartcol = (numrows + 1 - parity) >> 1; + +@@ -735,12 +689,10 @@ void jpc_qmfb_join_col(jpc_fix_t *a, int + ++srcptr; + } + +-#if !defined(HAVE_VLA) + /* If the join buffer was allocated on the heap, free this memory. */ + if (buf != joinbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -749,11 +701,7 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a, + { + + int bufsize = JPC_CEILDIVPOW2(numrows, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t joinbuf[QMFB_JOINBUFSIZE * JPC_QMFB_COLGRPSIZE]; +-#else +- jpc_fix_t joinbuf[bufsize * JPC_QMFB_COLGRPSIZE]; +-#endif + jpc_fix_t *buf = joinbuf; + jpc_fix_t *srcptr; + jpc_fix_t *dstptr; +@@ -763,7 +711,6 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a, + register int i; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, JPC_QMFB_COLGRPSIZE * sizeof(jpc_fix_t)))) { +@@ -771,7 +718,6 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a, + abort(); + } + } +-#endif + + hstartcol = (numrows + 1 - parity) >> 1; + +@@ -821,12 +767,10 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a, + srcptr += JPC_QMFB_COLGRPSIZE; + } + +-#if !defined(HAVE_VLA) + /* If the join buffer was allocated on the heap, free this memory. */ + if (buf != joinbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -835,11 +779,7 @@ void jpc_qmfb_join_colres(jpc_fix_t *a, + { + + int bufsize = JPC_CEILDIVPOW2(numrows, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t joinbuf[QMFB_JOINBUFSIZE * JPC_QMFB_COLGRPSIZE]; +-#else +- jpc_fix_t joinbuf[bufsize * numcols]; +-#endif + jpc_fix_t *buf = joinbuf; + jpc_fix_t *srcptr; + jpc_fix_t *dstptr; +@@ -849,7 +789,6 @@ void jpc_qmfb_join_colres(jpc_fix_t *a, + register int i; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { + if (!(buf = jas_alloc3(bufsize, numcols, sizeof(jpc_fix_t)))) { +@@ -857,7 +796,6 @@ void jpc_qmfb_join_colres(jpc_fix_t *a, + abort(); + } + } +-#endif + + hstartcol = (numrows + 1 - parity) >> 1; + +@@ -907,12 +845,10 @@ void jpc_qmfb_join_colres(jpc_fix_t *a, + srcptr += numcols; + } + +-#if !defined(HAVE_VLA) + /* If the join buffer was allocated on the heap, free this memory. */ + if (buf != joinbuf) { + jas_free(buf); + } +-#endif + + } + diff --git a/patches/source/jasper/patches/jasper-CVE-2014-9029.patch b/patches/source/jasper/patches/jasper-CVE-2014-9029.patch new file mode 100644 index 00000000..98a20359 --- /dev/null +++ b/patches/source/jasper/patches/jasper-CVE-2014-9029.patch @@ -0,0 +1,29 @@ +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_dec.c 2014-11-27 12:45:44.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_dec.c 2014-11-27 12:44:58.000000000 +0100 +@@ -1281,7 +1281,7 @@ static int jpc_dec_process_coc(jpc_dec_t + jpc_coc_t *coc = &ms->parms.coc; + jpc_dec_tile_t *tile; + +- if (JAS_CAST(int, coc->compno) > dec->numcomps) { ++ if (JAS_CAST(int, coc->compno) >= dec->numcomps) { + jas_eprintf("invalid component number in COC marker segment\n"); + return -1; + } +@@ -1307,7 +1307,7 @@ static int jpc_dec_process_rgn(jpc_dec_t + jpc_rgn_t *rgn = &ms->parms.rgn; + jpc_dec_tile_t *tile; + +- if (JAS_CAST(int, rgn->compno) > dec->numcomps) { ++ if (JAS_CAST(int, rgn->compno) >= dec->numcomps) { + jas_eprintf("invalid component number in RGN marker segment\n"); + return -1; + } +@@ -1356,7 +1356,7 @@ static int jpc_dec_process_qcc(jpc_dec_t + jpc_qcc_t *qcc = &ms->parms.qcc; + jpc_dec_tile_t *tile; + +- if (JAS_CAST(int, qcc->compno) > dec->numcomps) { ++ if (JAS_CAST(int, qcc->compno) >= dec->numcomps) { + jas_eprintf("invalid component number in QCC marker segment\n"); + return -1; + } diff --git a/patches/source/jasper/patches/jpc_dec.c.patch b/patches/source/jasper/patches/jpc_dec.c.patch new file mode 100644 index 00000000..ae1cd061 --- /dev/null +++ b/patches/source/jasper/patches/jpc_dec.c.patch @@ -0,0 +1,18 @@ +diff -urN jasper-1.900.1/src/libjasper/jpc/jpc_dec.c jasper-1.900.1-fix/src/libjasper/jpc/jpc_dec.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_dec.c 2007-01-19 14:43:07.000000000 -0700 ++++ jasper-1.900.1-fix/src/libjasper/jpc/jpc_dec.c 2008-03-06 16:51:12.000000000 -0700 +@@ -1069,12 +1069,12 @@ + /* Apply an inverse intercomponent transform if necessary. */ + switch (tile->cp->mctid) { + case JPC_MCT_RCT: +- assert(dec->numcomps == 3); ++ assert(dec->numcomps >= 3); + jpc_irct(tile->tcomps[0].data, tile->tcomps[1].data, + tile->tcomps[2].data); + break; + case JPC_MCT_ICT: +- assert(dec->numcomps == 3); ++ assert(dec->numcomps >= 3); + jpc_iict(tile->tcomps[0].data, tile->tcomps[1].data, + tile->tcomps[2].data); + break; diff --git a/patches/source/jasper/patches/patch-libjasper-stepsizes-overflow.diff b/patches/source/jasper/patches/patch-libjasper-stepsizes-overflow.diff new file mode 100644 index 00000000..097559f6 --- /dev/null +++ b/patches/source/jasper/patches/patch-libjasper-stepsizes-overflow.diff @@ -0,0 +1,14 @@ +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_cs.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_cs.c 2007-04-06 01:29:02.000000000 +0200 +@@ -982,7 +982,10 @@ static int jpc_qcx_getcompparms(jpc_qcxc + compparms->numstepsizes = (len - n) / 2; + break; + } +- if (compparms->numstepsizes > 0) { ++ if (compparms->numstepsizes > 3 * JPC_MAXRLVLS + 1) { ++ jpc_qcx_destroycompparms(compparms); ++ return -1; ++ } else if (compparms->numstepsizes > 0) { + compparms->stepsizes = jas_malloc(compparms->numstepsizes * + sizeof(uint_fast16_t)); + assert(compparms->stepsizes); diff --git a/patches/source/jasper/slack-desc b/patches/source/jasper/slack-desc new file mode 100644 index 00000000..c79751af --- /dev/null +++ b/patches/source/jasper/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +jasper: jasper (free implementation of the JPEG-2000 standard) +jasper: +jasper: The JasPer Project is an open-source initiative to provide a free +jasper: software-based reference implementation of the codec specified in the +jasper: JPEG-2000 Part-1 standard (i.e., ISO/IEC 15444-1).jasper: +jasper: +jasper: jasper home: http://www.ece.uvic.ca/~mdadams/jasper/ +jasper: +jasper: +jasper: +jasper: diff --git a/patches/source/k3b/KDE.options b/patches/source/k3b/KDE.options new file mode 100644 index 00000000..730f3f46 --- /dev/null +++ b/patches/source/k3b/KDE.options @@ -0,0 +1,51 @@ +# Set default version/arch/build. You can override these settings +# in the SlackBuild scripts for each package (koffice, for example, +# usually has a different version number), or by setting your own +# environment variables. + +[ -z $VERSION ] && export VERSION=4.4.3 +[ -z $BUILD ] && export BUILD=1 + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# Use this as CFLAGS and CXXFLAGS: +if [ -z "$SLKCFLAGS" ]; then + if [ "$ARCH" = "i486" ]; then + export SLKCFLAGS="-O2 -march=i486 -mtune=i686" + export LIBDIRSUFFIX="" + elif [ "$ARCH" = "s390" ]; then + export SLKCFLAGS="-O2" + export LIBDIRSUFFIX="" + elif [ "$ARCH" = "x86_64" ]; then + export SLKCFLAGS="-O2 -fPIC" + export LIBDIRSUFFIX="64" + elif [ "$ARCH" = "arm" ]; then + export SLKCFLAGS="-O2 -march=armv4 -mtune=xscale" + export LIBDIRSUFFIX="" + elif [ "$ARCH" = "armel" ]; then + export SLKCFLAGS="-O2 -march=armv4t" + export LIBDIRSUFFIX="" + else + export SLKCFLAGS="-O2" + export LIBDIRSUFFIX="" + fi +fi + +# Use this to set the number of parallel make jobs: +if [ -z "$NUMJOBS" ]; then + export NUMJOBS="-j7" +fi + +# Additional cmake flags that are spanned across the KDE modules +# Do not use "final build" unless we build an actual release. +#export KDE_OPT_ARGS=" -DKDE4_ENABLE_FINAL=\"ON\" -DSITE=\"slackware.com\" " +export KDE_OPT_ARGS=" -DSITE=\"slackware.com\" " + diff --git a/patches/source/k3b/KDE_extra.SlackBuild b/patches/source/k3b/KDE_extra.SlackBuild new file mode 100755 index 00000000..9b702457 --- /dev/null +++ b/patches/source/k3b/KDE_extra.SlackBuild @@ -0,0 +1,54 @@ +#!/bin/sh + +# Build (and install) all KDE "extra" packages. +# Written for Slackware by volkerdi@slackware.com. +# Modified for KDE4 by Robby Workman <rworkman@slackware.com> +# Modified for KDE4 by Eric Hameleers <alien@slackware.com> + +# Set the config option variables if they are not already set: +[ -r ./KDE.options ] && . ./KDE.options + +# This avoids compiling a version number into KDE's .la files: +QTDIR=/usr/lib${LIBDIRSUFFIX}/qt ; export QTDIR + +# Get the kde environment variables +[ -d kdebase ] && eval $(sed -e "s#/lib#/lib${LIBDIRSUFFIX}#" ./kdebase/profile.d/kde.sh) + +KDEMODS=" \ + kdevplatform \ + kdevelop \ + konq-plugins \ + guidance-power-manager \ + kopete-cryptography \ + ktorrent \ + skanlite \ + koffice \ + kaudiocreator \ + amarok \ + k3b" + +# Allow for specification of individual packages to be built: +if [ -z "$1" ]; then + MODQUEUE=$KDEMODS +else + MODQUEUE=$* +fi + +for module in \ + $MODQUEUE ; +do + cd $module + ./$module.SlackBuild + if [ $? = 0 ]; then + # Yes, I will build with the fresh packages installed: + upgradepkg --install-new --reinstall /tmp/${module}-*.txz + # Keep MIME database current: + /usr/bin/update-mime-database /usr/share/mime 1> /dev/null 2> /dev/null & + rm -rf /tmp/package-${module} /tmp/${module}-$VERSION + else + echo "${module} failed to build." + exit 1 + fi + cd - ; +done + diff --git a/patches/source/k3b/k3b/doinst.sh b/patches/source/k3b/k3b/doinst.sh new file mode 100644 index 00000000..e376b59a --- /dev/null +++ b/patches/source/k3b/k3b/doinst.sh @@ -0,0 +1,5 @@ + +if [ -x /usr/bin/update-desktop-database ]; then + /usr/bin/update-desktop-database /usr/share/applications >/dev/null 2>&1 +fi + diff --git a/patches/source/k3b/k3b/k3b.SlackBuild b/patches/source/k3b/k3b/k3b.SlackBuild new file mode 100755 index 00000000..a32bbc74 --- /dev/null +++ b/patches/source/k3b/k3b/k3b.SlackBuild @@ -0,0 +1,94 @@ +#!/bin/sh + +# Copyright 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-k3b + +# Set the config option variables if they are not already set: +if [ -r ../KDE.options ]; then + . ../KDE.options +fi + +# The global options may be overridden here (if needed): +if [ -r ./local.options ]; then + . ./local.options +fi + +# Avoid a version number in .la files: +if [ -d /usr/lib${LIBDIRSUFFIX}/qt ]; then + QTDIR=/usr/lib${LIBDIRSUFFIX}/qt +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf k3b-$VERSION +echo "Building k3b-$VERSION..." +tar xvf $CWD/../src/extragear/k3b-$VERSION.tar.?z* +cd k3b-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +mkdir build +cd build +cmake \ + $KDE_OPT_ARGS \ + -DCMAKE_C_FLAGS:STRING="$SLKCFLAGS" \ + -DCMAKE_CXX_FLAGS:STRING="$SLKCFLAGS" \ + -DCMAKE_INSTALL_PREFIX=/usr \ + -DMAN_INSTALL_DIR=/usr/man \ + -DSYSCONF_INSTALL_DIR=/etc/kde \ + -DLIB_SUFFIX=${LIBDIRSUFFIX} \ + .. +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 +cd - + +# Move the dbus configuration files to the proper place: +mv $PKG/etc/kde/dbus-1 $PKG/etc/ + +if [ -d $PKG/usr/man ]; then + gzip -9 $PKG/usr/man/man?/* +fi + +mkdir -p $PKG/usr/doc/k3b-$VERSION +cp -a \ + AUTHORS COPYING* FAQ INSTALL KNOWNBUGS PERMISSIONS README RELEASE_HOWTO TODO \ + $PKG/usr/doc/k3b-$VERSION + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/k3b-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/k3b/k3b/local.options b/patches/source/k3b/k3b/local.options new file mode 100644 index 00000000..611a97a2 --- /dev/null +++ b/patches/source/k3b/k3b/local.options @@ -0,0 +1,2 @@ +VERSION=2.0.0 +BUILD=1_slack13.1 diff --git a/patches/source/k3b/k3b/slack-desc b/patches/source/k3b/k3b/slack-desc new file mode 100644 index 00000000..032bbb8a --- /dev/null +++ b/patches/source/k3b/k3b/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +k3b: k3b (The CD Creator) +k3b: +k3b: K3b makes writing cds under Linux easy. It has an easy to use +k3b: interface and supports CD burning (including on-the-fly), copying, +k3b: erasing, ripping, and more. +k3b: +k3b: K3b was written by Sebastian Trueg, Thomas Froescher, +k3b: Christian Kvasny, and Klaus-Dieter Krannich. +k3b: +k3b: For more information, visit: http://www.k3b.org +k3b: diff --git a/patches/source/kdegraphics/kdegraphics-4.4.x.okular.CVE-2010-2575.diff b/patches/source/kdegraphics/kdegraphics-4.4.x.okular.CVE-2010-2575.diff new file mode 100644 index 00000000..6b4c5274 --- /dev/null +++ b/patches/source/kdegraphics/kdegraphics-4.4.x.okular.CVE-2010-2575.diff @@ -0,0 +1,30 @@ +Index: okular/generators/plucker/unpluck/image.cpp +=================================================================== +--- okular/generators/plucker/unpluck/image.cpp (revision 1167825) ++++ okular/generators/plucker/unpluck/image.cpp (revision 1167826) +@@ -289,8 +289,23 @@ + for (j = 0; j < bytes_per_row;) { + incount = *palm_ptr++; + inval = *palm_ptr++; +- memset (rowbuf + j, inval, incount); +- j += incount; ++ if (incount + j <= bytes_per_row * width) ++ { ++ memset (rowbuf + j, inval, incount); ++ j += incount; ++ } ++ else ++ { ++ free (rowbuf); ++ free (lastrow); ++ free (jpeg_row); ++ ++ jpeg_destroy_compress (&cinfo); ++ ++ fclose( outfile ); ++ ++ return false; ++ } + } + } + else if ((flags & PALM_IS_COMPRESSED_FLAG) diff --git a/patches/source/kdegraphics/kdegraphics.SlackBuild b/patches/source/kdegraphics/kdegraphics.SlackBuild new file mode 100755 index 00000000..b8df950a --- /dev/null +++ b/patches/source/kdegraphics/kdegraphics.SlackBuild @@ -0,0 +1,95 @@ +#!/bin/sh + +# Copyright 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-kdegraphics + +# Set the config option variables if they are not already set: +if [ -r ../KDE.options ]; then + . ../KDE.options +fi + +# The global options may be overridden here (if needed): +if [ -r ./local.options ]; then + . ./local.options +fi + +# Avoid a version number in .la files: +if [ -d /usr/lib${LIBDIRSUFFIX}/qt ]; then + QTDIR=/usr/lib${LIBDIRSUFFIX}/qt +fi + +rm -rf $PKG +mkdir -p $PKG/usr +cd $TMP +echo "Building kdegraphics-$VERSION..." +tar xvf $CWD/../src/kdegraphics-$VERSION.tar.?z* || exit 1 +cd kdegraphics-$VERSION + +zcat $CWD/kdegraphics.gwenview.jpeg8.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/kdegraphics-4.4.x.okular.CVE-2010-2575.diff.gz | patch -p0 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +mkdir -p build +cd build + cmake \ + $KDE_OPT_ARGS \ + -DCMAKE_C_FLAGS:STRING="$SLKCFLAGS" \ + -DCMAKE_CXX_FLAGS:STRING="$SLKCFLAGS" \ + -DCMAKE_BUILD_TYPE=Release \ + -DCMAKE_INSTALL_PREFIX=/usr \ + -DMAN_INSTALL_DIR=/usr/man \ + -DSYSCONF_INSTALL_DIR=/etc/kde \ + -DLIB_SUFFIX=${LIBDIRSUFFIX} \ + .. + make $NUMJOBS || exit 1 + make install DESTDIR=$PKG || exit 1 +cd - + +if [ -d $PKG/usr/man ]; then + gzip -9 $PKG/usr/man/man?/* +fi + +mkdir -p $PKG/usr/doc/kdegraphics-$VERSION +cp -a AUTHORS COPYING* INSTALL README \ + $PKG/usr/doc/kdegraphics-$VERSION + +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/kdegraphics-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/kdegraphics/local.options b/patches/source/kdegraphics/local.options new file mode 100644 index 00000000..49d8bbec --- /dev/null +++ b/patches/source/kdegraphics/local.options @@ -0,0 +1 @@ +BUILD=3_slack13.1 diff --git a/patches/source/kdelibs/KDE.options b/patches/source/kdelibs/KDE.options new file mode 100644 index 00000000..730f3f46 --- /dev/null +++ b/patches/source/kdelibs/KDE.options @@ -0,0 +1,51 @@ +# Set default version/arch/build. You can override these settings +# in the SlackBuild scripts for each package (koffice, for example, +# usually has a different version number), or by setting your own +# environment variables. + +[ -z $VERSION ] && export VERSION=4.4.3 +[ -z $BUILD ] && export BUILD=1 + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# Use this as CFLAGS and CXXFLAGS: +if [ -z "$SLKCFLAGS" ]; then + if [ "$ARCH" = "i486" ]; then + export SLKCFLAGS="-O2 -march=i486 -mtune=i686" + export LIBDIRSUFFIX="" + elif [ "$ARCH" = "s390" ]; then + export SLKCFLAGS="-O2" + export LIBDIRSUFFIX="" + elif [ "$ARCH" = "x86_64" ]; then + export SLKCFLAGS="-O2 -fPIC" + export LIBDIRSUFFIX="64" + elif [ "$ARCH" = "arm" ]; then + export SLKCFLAGS="-O2 -march=armv4 -mtune=xscale" + export LIBDIRSUFFIX="" + elif [ "$ARCH" = "armel" ]; then + export SLKCFLAGS="-O2 -march=armv4t" + export LIBDIRSUFFIX="" + else + export SLKCFLAGS="-O2" + export LIBDIRSUFFIX="" + fi +fi + +# Use this to set the number of parallel make jobs: +if [ -z "$NUMJOBS" ]; then + export NUMJOBS="-j7" +fi + +# Additional cmake flags that are spanned across the KDE modules +# Do not use "final build" unless we build an actual release. +#export KDE_OPT_ARGS=" -DKDE4_ENABLE_FINAL=\"ON\" -DSITE=\"slackware.com\" " +export KDE_OPT_ARGS=" -DSITE=\"slackware.com\" " + diff --git a/patches/source/kdelibs/doinst.sh b/patches/source/kdelibs/doinst.sh new file mode 100644 index 00000000..d7006c70 --- /dev/null +++ b/patches/source/kdelibs/doinst.sh @@ -0,0 +1,9 @@ + +if [ -x /usr/bin/update-desktop-database ]; then + /usr/bin/update-desktop-database /usr/share/applications >/dev/null 2>&1 +fi + +if [ -x usr/bin/update-mime-database ]; then + /usr/bin/update-mime-database /usr/share/mime >/dev/null 2>&1 +fi + diff --git a/patches/source/kdelibs/kdelibs.4.4.x.CVE-2011-1168.diff b/patches/source/kdelibs/kdelibs.4.4.x.CVE-2011-1168.diff new file mode 100644 index 00000000..9a81db70 --- /dev/null +++ b/patches/source/kdelibs/kdelibs.4.4.x.CVE-2011-1168.diff @@ -0,0 +1,14 @@ +--- a/khtml/khtml_part.cpp ++++ b/khtml/khtml_part.cpp +@@ -1848,7 +1848,10 @@ void KHTMLPart::htmlError( int errorCode + stream >> errorName >> techName >> description >> causes >> solutions; + + QString url, protocol, datetime; +- url = Qt::escape( reqUrl.prettyUrl() ); ++ ++ // This is somewhat confusing, but we have to escape the externally- ++ // controlled URL twice: once for i18n, and once for HTML. ++ url = Qt::escape( Qt::escape( reqUrl.prettyUrl() ) ); + protocol = reqUrl.protocol(); + datetime = KGlobal::locale()->formatDateTime( QDateTime::currentDateTime(), + KLocale::LongDate ); diff --git a/patches/source/kdelibs/kdelibs.SlackBuild b/patches/source/kdelibs/kdelibs.SlackBuild new file mode 100755 index 00000000..798fca00 --- /dev/null +++ b/patches/source/kdelibs/kdelibs.SlackBuild @@ -0,0 +1,98 @@ +#!/bin/sh + +# Copyright 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-kdelibs + +# Set the config option variables if they are not already set: +if [ -r ./KDE.options ]; then + . ./KDE.options +fi + +# The global options may be overridden here (if needed): +if [ -r ./local.options ]; then + . ./local.options +fi + +# Avoid a version number in .la files: +if [ -d /usr/lib${LIBDIRSUFFIX}/qt ]; then + QTDIR=/usr/lib${LIBDIRSUFFIX}/qt +fi + +rm -rf $PKG +mkdir -p $PKG/usr +cd $TMP +echo "Building kdelibs-$VERSION..." +tar xvf $CWD/kdelibs-$VERSION.tar.?z* || exit 1 +cd kdelibs-$VERSION + +zcat $CWD/kdelibs.4.4.x.CVE-2011-1168.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +mkdir -p build +cd build + cmake \ + $KDE_OPT_ARGS \ + -DCMAKE_C_FLAGS:STRING="$SLKCFLAGS" \ + -DCMAKE_CXX_FLAGS:STRING="$SLKCFLAGS" \ + -DCMAKE_BUILD_TYPE=Release \ + -DCMAKE_INSTALL_PREFIX=/usr \ + -DMAN_INSTALL_DIR=/usr/man \ + -DSYSCONF_INSTALL_DIR=/etc/kde \ + -DLIB_SUFFIX=${LIBDIRSUFFIX} \ + -DKDE_DISTRIBUTION_TEXT="volkerdi@slackware.com" \ + .. + make $NUMJOBS || exit 1 + make install DESTDIR=$PKG || exit 1 +cd - + +# Move the polkit dbus configuration files to the proper place: +mv $PKG/etc/kde/dbus-1 $PKG/etc/ + +if [ -d $PKG/usr/man ]; then + gzip -9 $PKG/usr/man/man?/* +fi + +mkdir -p $PKG/usr/doc/kdelibs-$VERSION +cp -a AUTHORS COPYING* DEBUG INSTALL README TODO \ + $PKG/usr/doc/kdelibs-$VERSION + +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/kdelibs-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/kdelibs/kdesu-allow_NOPASS_in_suauth.patch b/patches/source/kdelibs/kdesu-allow_NOPASS_in_suauth.patch new file mode 100644 index 00000000..64b4d5af --- /dev/null +++ b/patches/source/kdelibs/kdesu-allow_NOPASS_in_suauth.patch @@ -0,0 +1,61 @@ +diff -Naur kdesu/stub.cpp kdesu.new/stub.cpp +--- kdesu/stub.cpp 2008-05-21 08:08:55.000000000 -0300 ++++ kdesu.new/stub.cpp 2009-10-13 01:32:10.000000000 -0300 +@@ -105,6 +105,7 @@ + int StubProcess::ConverseStub(int check) + { + QByteArray line, tmp; ++ + while (1) + { + line = readLine(); +@@ -117,7 +118,17 @@ + enableLocalEcho(false); + if (check) writeLine("stop"); + else writeLine("ok"); +- } else if (line == "display") { ++ break; ++ } ++ } ++ ++ while (1) ++ { ++ line = readLine(); ++ if (line.isNull()) ++ return -1; ++ ++ if (line == "display") { + writeLine(display()); + } else if (line == "display_auth") { + #ifdef Q_WS_X11 +diff -Naur kdesu/su.cpp kdesu.new/su.cpp +--- kdesu/su.cpp 2008-05-21 08:08:55.000000000 -0300 ++++ kdesu.new/su.cpp 2009-10-19 00:21:31.000000000 -0200 +@@ -258,13 +258,6 @@ + ////////////////////////////////////////////////////////////////////////// + case WaitForPrompt: + { +- // In case no password is needed. +- if (line == "kdesu_stub") +- { +- unreadLine(line); +- return ok; +- } +- + while(waitMS(fd(),100)>0) + { + // There is more output available, so the previous line +@@ -279,6 +272,13 @@ + kDebug(900) << k_lineinfo << "Read line <" << more << ">"; + } + ++ // In case no password is needed. ++ if (line == "kdesu_stub") ++ { ++ unreadLine(line); ++ return ok; ++ } ++ + // Match "Password: " with the regex ^[^:]+:[\w]*$. + const uint len = line.length(); + for (i=0,j=0,colon=0; i<len; i++) diff --git a/patches/source/kdelibs/local.options b/patches/source/kdelibs/local.options new file mode 100644 index 00000000..9933fea4 --- /dev/null +++ b/patches/source/kdelibs/local.options @@ -0,0 +1 @@ +BUILD=2_slack13.1 diff --git a/patches/source/kdelibs/slack-desc b/patches/source/kdelibs/slack-desc new file mode 100644 index 00000000..a89ea3c8 --- /dev/null +++ b/patches/source/kdelibs/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +kdelibs: kdelibs (KDE libraries) +kdelibs: +kdelibs: System libraries and other resources required for the KDE Platform. +kdelibs: +kdelibs: +kdelibs: +kdelibs: +kdelibs: +kdelibs: +kdelibs: +kdelibs: diff --git a/patches/source/libX11/arch.use.flags b/patches/source/libX11/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/libX11/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libX11/build/libX11 b/patches/source/libX11/build/libX11 new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/libX11/build/libX11 @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/libX11/configure/libX11 b/patches/source/libX11/configure/libX11 new file mode 100644 index 00000000..cf85e58d --- /dev/null +++ b/patches/source/libX11/configure/libX11 @@ -0,0 +1,12 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libX11/libX11.SlackBuild b/patches/source/libX11/libX11.SlackBuild new file mode 100755 index 00000000..6db22779 --- /dev/null +++ b/patches/source/libX11/libX11.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild lib libX11 +mv /tmp/x11-build/libX11*txz /tmp diff --git a/patches/source/libX11/modularize b/patches/source/libX11/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/libX11/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libX11/noarch b/patches/source/libX11/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/libX11/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libX11/package-blacklist b/patches/source/libX11/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/libX11/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libX11/post-install/libX11.post-install b/patches/source/libX11/post-install/libX11.post-install new file mode 100644 index 00000000..7232b680 --- /dev/null +++ b/patches/source/libX11/post-install/libX11.post-install @@ -0,0 +1,2 @@ +mkdir -p $PKG/usr/share/X11 +zcat $CWD/post-install/libX11/XKeysymDB.gz > $PKG/usr/share/X11/XKeysymDB diff --git a/patches/source/libX11/slack-desc/libX11 b/patches/source/libX11/slack-desc/libX11 new file mode 100644 index 00000000..2ec4f39a --- /dev/null +++ b/patches/source/libX11/slack-desc/libX11 @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libX11: libX11 (Core X11 protocol client library) +libX11: +libX11: libX11 is part of X11. +libX11: +libX11: For more information about the X.Org Foundation (the providers of the +libX11: X.Org implementation of the X Window System), see their website: +libX11: +libX11: http://www.x.org +libX11: +libX11: +libX11: diff --git a/patches/source/libX11/x11.SlackBuild b/patches/source/libX11/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/libX11/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXcursor/arch.use.flags b/patches/source/libXcursor/arch.use.flags new file mode 100644 index 00000000..f28a6cca --- /dev/null +++ b/patches/source/libXcursor/arch.use.flags @@ -0,0 +1,7 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXcursor/build/increment.sh b/patches/source/libXcursor/build/increment.sh new file mode 100755 index 00000000..6de5d0da --- /dev/null +++ b/patches/source/libXcursor/build/increment.sh @@ -0,0 +1,17 @@ +#!/bin/sh +# A script to increment build numbers. +# Call it with the list of the build numbers to increase by one: +# +# ./increment.sh xf86-input-acecad xf86-input-aiptek xf86-input-joystick +# +# If a build file does not exist, it will be created with a value of 2. + +for build in $* ; do + if [ ! -r $build ]; then + echo "Creating $build with value 2" + echo 2 > $build + else + echo "Incrementing $build $(cat $build) -> $(expr $(cat $build) + 1)" + echo $(expr $(cat $build) + 1) > $build + fi +done diff --git a/patches/source/libXcursor/build/libXcursor b/patches/source/libXcursor/build/libXcursor new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/libXcursor/build/libXcursor @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/libXcursor/configure/configure b/patches/source/libXcursor/configure/configure new file mode 100644 index 00000000..0f3bccf2 --- /dev/null +++ b/patches/source/libXcursor/configure/configure @@ -0,0 +1,12 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXcursor/libXcursor.SlackBuild b/patches/source/libXcursor/libXcursor.SlackBuild new file mode 100755 index 00000000..4d4f81d2 --- /dev/null +++ b/patches/source/libXcursor/libXcursor.SlackBuild @@ -0,0 +1,26 @@ +#!/bin/sh + +# Copyright 2017 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +UPGRADE_PACKAGES=no sh x11-build-script.sh lib libXcursor +mv --verbose /tmp/x11-build/*.txz /tmp + diff --git a/patches/source/libXcursor/modularize b/patches/source/libXcursor/modularize new file mode 100644 index 00000000..38762ffd --- /dev/null +++ b/patches/source/libXcursor/modularize @@ -0,0 +1,272 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXcursor/noarch b/patches/source/libXcursor/noarch new file mode 100644 index 00000000..480ffc26 --- /dev/null +++ b/patches/source/libXcursor/noarch @@ -0,0 +1,76 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-cf-files +xorg-docs +xproto +xtrans diff --git a/patches/source/libXcursor/package-blacklist b/patches/source/libXcursor/package-blacklist new file mode 100644 index 00000000..8e2f3eb5 --- /dev/null +++ b/patches/source/libXcursor/package-blacklist @@ -0,0 +1,43 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXcursor/slack-desc/libXcursor b/patches/source/libXcursor/slack-desc/libXcursor new file mode 100644 index 00000000..2906c6aa --- /dev/null +++ b/patches/source/libXcursor/slack-desc/libXcursor @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXcursor: libXcursor (X Window System Cursor management library) +libXcursor: +libXcursor: libXcursor is part of X11. +libXcursor: +libXcursor: For more information about the X.Org Foundation (the providers of the +libXcursor: X.Org implementation of the X Window System), see their website: +libXcursor: +libXcursor: http://www.x.org +libXcursor: +libXcursor: +libXcursor: diff --git a/patches/source/libXcursor/x11-build-script.sh b/patches/source/libXcursor/x11-build-script.sh new file mode 100755 index 00000000..6da53346 --- /dev/null +++ b/patches/source/libXcursor/x11-build-script.sh @@ -0,0 +1,374 @@ +#!/bin/sh +# Copyright 2007-2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# This is default. To not upgrade, pass UPGRADE_PACKAGES=no (or anything else). +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXext/arch.use.flags b/patches/source/libXext/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/libXext/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXext/build/libXext b/patches/source/libXext/build/libXext new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/libXext/build/libXext @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/libXext/configure/configure b/patches/source/libXext/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/libXext/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXext/libXext.SlackBuild b/patches/source/libXext/libXext.SlackBuild new file mode 100755 index 00000000..1f6fdb31 --- /dev/null +++ b/patches/source/libXext/libXext.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild lib libXext +mv /tmp/x11-build/libXext*txz /tmp diff --git a/patches/source/libXext/modularize b/patches/source/libXext/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/libXext/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXext/noarch b/patches/source/libXext/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/libXext/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libXext/package-blacklist b/patches/source/libXext/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/libXext/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXext/slack-desc/libXext b/patches/source/libXext/slack-desc/libXext new file mode 100644 index 00000000..a636363a --- /dev/null +++ b/patches/source/libXext/slack-desc/libXext @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXext: libXext (library for common extensions to the X11 protocol) +libXext: +libXext: libXext is part of X11. +libXext: +libXext: For more information about the X.Org Foundation (the providers of the +libXext: X.Org implementation of the X Window System), see their website: +libXext: +libXext: http://www.x.org +libXext: +libXext: +libXext: diff --git a/patches/source/libXext/x11.SlackBuild b/patches/source/libXext/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/libXext/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXfixes/arch.use.flags b/patches/source/libXfixes/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/libXfixes/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXfixes/build/libXfixes b/patches/source/libXfixes/build/libXfixes new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/libXfixes/build/libXfixes @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/libXfixes/configure/configure b/patches/source/libXfixes/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/libXfixes/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXfixes/libXfixes.SlackBuild b/patches/source/libXfixes/libXfixes.SlackBuild new file mode 100755 index 00000000..8d5116f4 --- /dev/null +++ b/patches/source/libXfixes/libXfixes.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild lib libXfixes +mv /tmp/x11-build/libXfixes*txz /tmp diff --git a/patches/source/libXfixes/modularize b/patches/source/libXfixes/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/libXfixes/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXfixes/noarch b/patches/source/libXfixes/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/libXfixes/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libXfixes/package-blacklist b/patches/source/libXfixes/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/libXfixes/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXfixes/slack-desc/libXfixes b/patches/source/libXfixes/slack-desc/libXfixes new file mode 100644 index 00000000..3c44fa46 --- /dev/null +++ b/patches/source/libXfixes/slack-desc/libXfixes @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXfixes: libXfixes (client library for the Xfixes extension) +libXfixes: +libXfixes: libXfixes is part of X11. +libXfixes: +libXfixes: For more information about the X.Org Foundation (the providers of the +libXfixes: X.Org implementation of the X Window System), see their website: +libXfixes: +libXfixes: http://www.x.org +libXfixes: +libXfixes: +libXfixes: diff --git a/patches/source/libXfixes/x11.SlackBuild b/patches/source/libXfixes/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/libXfixes/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXfont/arch.use.flags b/patches/source/libXfont/arch.use.flags new file mode 100644 index 00000000..f28a6cca --- /dev/null +++ b/patches/source/libXfont/arch.use.flags @@ -0,0 +1,7 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXfont/build/increment.sh b/patches/source/libXfont/build/increment.sh new file mode 100755 index 00000000..6de5d0da --- /dev/null +++ b/patches/source/libXfont/build/increment.sh @@ -0,0 +1,17 @@ +#!/bin/sh +# A script to increment build numbers. +# Call it with the list of the build numbers to increase by one: +# +# ./increment.sh xf86-input-acecad xf86-input-aiptek xf86-input-joystick +# +# If a build file does not exist, it will be created with a value of 2. + +for build in $* ; do + if [ ! -r $build ]; then + echo "Creating $build with value 2" + echo 2 > $build + else + echo "Incrementing $build $(cat $build) -> $(expr $(cat $build) + 1)" + echo $(expr $(cat $build) + 1) > $build + fi +done diff --git a/patches/source/libXfont/build/libXfont b/patches/source/libXfont/build/libXfont new file mode 100644 index 00000000..fcbe7754 --- /dev/null +++ b/patches/source/libXfont/build/libXfont @@ -0,0 +1 @@ +2_slack13.1 diff --git a/patches/source/libXfont/configure/configure b/patches/source/libXfont/configure/configure new file mode 100644 index 00000000..0f3bccf2 --- /dev/null +++ b/patches/source/libXfont/configure/configure @@ -0,0 +1,12 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXfont/libXfont.SlackBuild b/patches/source/libXfont/libXfont.SlackBuild new file mode 100755 index 00000000..25821f17 --- /dev/null +++ b/patches/source/libXfont/libXfont.SlackBuild @@ -0,0 +1,26 @@ +#!/bin/sh + +# Copyright 2014 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +UPGRADE_PACKAGES=no sh x11-build-script.sh lib libXfont +mv --verbose /tmp/x11-build/*.txz /tmp + diff --git a/patches/source/libXfont/modularize b/patches/source/libXfont/modularize new file mode 100644 index 00000000..38762ffd --- /dev/null +++ b/patches/source/libXfont/modularize @@ -0,0 +1,272 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXfont/noarch b/patches/source/libXfont/noarch new file mode 100644 index 00000000..480ffc26 --- /dev/null +++ b/patches/source/libXfont/noarch @@ -0,0 +1,76 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-cf-files +xorg-docs +xproto +xtrans diff --git a/patches/source/libXfont/package-blacklist b/patches/source/libXfont/package-blacklist new file mode 100644 index 00000000..8e2f3eb5 --- /dev/null +++ b/patches/source/libXfont/package-blacklist @@ -0,0 +1,43 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXfont/patch/libXfont.patch b/patches/source/libXfont/patch/libXfont.patch new file mode 100644 index 00000000..7b6e2457 --- /dev/null +++ b/patches/source/libXfont/patch/libXfont.patch @@ -0,0 +1 @@ +zcat $CWD/patch/libXfont/libXfont.CVE-2017-16611.diff.gz | patch -p1 || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } diff --git a/patches/source/libXfont/patch/libXfont/libXfont.CVE-2017-16611.diff b/patches/source/libXfont/patch/libXfont/libXfont.CVE-2017-16611.diff new file mode 100644 index 00000000..352d00f0 --- /dev/null +++ b/patches/source/libXfont/patch/libXfont/libXfont.CVE-2017-16611.diff @@ -0,0 +1,85 @@ +--- ./src/fontfile/fileio.c.orig 2014-01-07 10:25:08.000000000 -0600 ++++ ./src/fontfile/fileio.c 2017-11-29 00:37:05.450068487 -0600 +@@ -36,6 +36,9 @@ + #ifndef O_BINARY + #define O_BINARY O_RDONLY + #endif ++#ifndef O_NOFOLLOW ++#define O_NOFOLLOW 0 ++#endif + + FontFilePtr + FontFileOpen (const char *name) +@@ -44,7 +47,7 @@ + int len; + BufFilePtr raw, cooked; + +- fd = open (name, O_BINARY); ++ fd = open (name, O_BINARY|O_CLOEXEC|O_NOFOLLOW); + if (fd < 0) + return 0; + raw = BufFileOpenRead (fd); +--- ./src/fontfile/dirfile.c.orig 2014-01-07 10:25:08.000000000 -0600 ++++ ./src/fontfile/dirfile.c 2017-11-29 00:35:44.400069349 -0600 +@@ -41,6 +41,7 @@ + #include <stdio.h> + #include <sys/types.h> + #include <sys/stat.h> ++#include <fcntl.h> + #include <errno.h> + + static Bool AddFileNameAliases ( FontDirectoryPtr dir ); +@@ -57,8 +58,9 @@ + char dir_file[MAXFONTFILENAMELEN]; + char dir_path[MAXFONTFILENAMELEN]; + char *ptr; +- FILE *file; +- int count, ++ FILE *file = 0; ++ int file_fd, ++ count, + num_fonts, + status; + struct stat statb; +@@ -88,7 +90,14 @@ + if (dir_file[strlen(dir_file) - 1] != '/') + strcat(dir_file, "/"); + strcat(dir_file, FontDirFile); ++#ifndef WIN32 ++ file_fd = open(dir_file, O_RDONLY | O_NOFOLLOW); ++ if (file_fd >= 0) { ++ file = fdopen(file_fd, "rt"); ++ } ++#else + file = fopen(dir_file, "rt"); ++#endif + if (file) { + #ifndef WIN32 + if (fstat (fileno(file), &statb) == -1) +@@ -258,7 +267,8 @@ + char alias[MAXFONTNAMELEN]; + char font_name[MAXFONTNAMELEN]; + char alias_file[MAXFONTFILENAMELEN]; +- FILE *file; ++ int file_fd; ++ FILE *file = 0; + FontDirectoryPtr dir; + int token; + char *lexToken; +@@ -276,7 +286,16 @@ + strcat(alias_file, "/"); + strcat(alias_file, FontAliasFile); + } ++ ++#ifndef WIN32 ++ file_fd = open(alias_file, O_RDONLY | O_NOFOLLOW); ++ if (file_fd >= 0) { ++ file = fdopen(file_fd, "rt"); ++ } ++#else + file = fopen(alias_file, "rt"); ++#endif ++ + if (!file) + return ((errno == ENOENT) ? Successful : BadFontPath); + if (!dir) diff --git a/patches/source/libXfont/slack-desc/libXfont b/patches/source/libXfont/slack-desc/libXfont new file mode 100644 index 00000000..d78d6a0e --- /dev/null +++ b/patches/source/libXfont/slack-desc/libXfont @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXfont: libXfont (library for legacy X11 font system) +libXfont: +libXfont: libXfont provides the core of the legacy X11 font system, handling the +libXfont: index files (fonts.dir, fonts.alias, fonts.scale), the various font +libXfont: file formats, and rasterizing them. It is used by the X servers, the +libXfont: X Font Server (xfs), and some font utilities (bdftopcf for instance), +libXfont: but should not be used by normal X11 clients. X11 clients access fonts +libXfont: via either the new API's in libXft, or the legacy API's in libX11. +libXfont: +libXfont: +libXfont: diff --git a/patches/source/libXfont/x11-build-script.sh b/patches/source/libXfont/x11-build-script.sh new file mode 100755 index 00000000..6da53346 --- /dev/null +++ b/patches/source/libXfont/x11-build-script.sh @@ -0,0 +1,374 @@ +#!/bin/sh +# Copyright 2007-2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# This is default. To not upgrade, pass UPGRADE_PACKAGES=no (or anything else). +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXi/arch.use.flags b/patches/source/libXi/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/libXi/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXi/build/libXi b/patches/source/libXi/build/libXi new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/libXi/build/libXi @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/libXi/configure/configure b/patches/source/libXi/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/libXi/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXi/libXi.SlackBuild b/patches/source/libXi/libXi.SlackBuild new file mode 100755 index 00000000..eea1be6d --- /dev/null +++ b/patches/source/libXi/libXi.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild lib libXi +mv /tmp/x11-build/libXi*txz /tmp diff --git a/patches/source/libXi/modularize b/patches/source/libXi/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/libXi/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXi/noarch b/patches/source/libXi/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/libXi/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libXi/package-blacklist b/patches/source/libXi/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/libXi/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXi/slack-desc/libXi b/patches/source/libXi/slack-desc/libXi new file mode 100644 index 00000000..4585f82e --- /dev/null +++ b/patches/source/libXi/slack-desc/libXi @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXi: libXi (library for the X Input Extension) +libXi: +libXi: libXi is part of X11. +libXi: +libXi: For more information about the X.Org Foundation (the providers of the +libXi: X.Org implementation of the X Window System), see their website: +libXi: +libXi: http://www.x.org +libXi: +libXi: +libXi: diff --git a/patches/source/libXi/slack-desc/libXinerama b/patches/source/libXi/slack-desc/libXinerama new file mode 100644 index 00000000..3b16b81f --- /dev/null +++ b/patches/source/libXi/slack-desc/libXinerama @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXinerama: libXinerama (library for Xinerama extension to X11 Protocol) +libXinerama: +libXinerama: libXinerama is part of X11. +libXinerama: +libXinerama: For more information about the X.Org Foundation (the providers of the +libXinerama: X.Org implementation of the X Window System), see their website: +libXinerama: +libXinerama: http://www.x.org +libXinerama: +libXinerama: +libXinerama: diff --git a/patches/source/libXi/x11.SlackBuild b/patches/source/libXi/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/libXi/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXrandr/arch.use.flags b/patches/source/libXrandr/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/libXrandr/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXrandr/build/libXrandr b/patches/source/libXrandr/build/libXrandr new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/libXrandr/build/libXrandr @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/libXrandr/configure/configure b/patches/source/libXrandr/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/libXrandr/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXrandr/libXrandr.SlackBuild b/patches/source/libXrandr/libXrandr.SlackBuild new file mode 100755 index 00000000..8bc75df3 --- /dev/null +++ b/patches/source/libXrandr/libXrandr.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild lib libXrandr +mv /tmp/x11-build/libXrandr*txz /tmp diff --git a/patches/source/libXrandr/modularize b/patches/source/libXrandr/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/libXrandr/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXrandr/noarch b/patches/source/libXrandr/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/libXrandr/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libXrandr/package-blacklist b/patches/source/libXrandr/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/libXrandr/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXrandr/slack-desc/libXrandr b/patches/source/libXrandr/slack-desc/libXrandr new file mode 100644 index 00000000..ad2e243b --- /dev/null +++ b/patches/source/libXrandr/slack-desc/libXrandr @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXrandr: libXrandr (X Resize, Rotate and Reflection extension library) +libXrandr: +libXrandr: libXrandr is part of X11. +libXrandr: +libXrandr: For more information about the X.Org Foundation (the providers of the +libXrandr: X.Org implementation of the X Window System), see their website: +libXrandr: +libXrandr: http://www.x.org +libXrandr: +libXrandr: +libXrandr: diff --git a/patches/source/libXrandr/x11.SlackBuild b/patches/source/libXrandr/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/libXrandr/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXrender/arch.use.flags b/patches/source/libXrender/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/libXrender/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXrender/build/libXrender b/patches/source/libXrender/build/libXrender new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/libXrender/build/libXrender @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/libXrender/configure/configure b/patches/source/libXrender/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/libXrender/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXrender/libXrender.SlackBuild b/patches/source/libXrender/libXrender.SlackBuild new file mode 100755 index 00000000..b18aef0e --- /dev/null +++ b/patches/source/libXrender/libXrender.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild lib libXrender +mv /tmp/x11-build/libXrender*txz /tmp diff --git a/patches/source/libXrender/modularize b/patches/source/libXrender/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/libXrender/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXrender/noarch b/patches/source/libXrender/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/libXrender/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libXrender/package-blacklist b/patches/source/libXrender/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/libXrender/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXrender/slack-desc/libXrender b/patches/source/libXrender/slack-desc/libXrender new file mode 100644 index 00000000..c5fe7269 --- /dev/null +++ b/patches/source/libXrender/slack-desc/libXrender @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXrender: libXrender (library for the Render Extension to the X11 protocol) +libXrender: +libXrender: libXrender is part of X11. +libXrender: +libXrender: For more information about the X.Org Foundation (the providers of the +libXrender: X.Org implementation of the X Window System), see their website: +libXrender: +libXrender: http://www.x.org +libXrender: +libXrender: +libXrender: diff --git a/patches/source/libXrender/x11.SlackBuild b/patches/source/libXrender/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/libXrender/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXtst/arch.use.flags b/patches/source/libXtst/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/libXtst/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXtst/build/libXtst b/patches/source/libXtst/build/libXtst new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/libXtst/build/libXtst @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/libXtst/configure/configure b/patches/source/libXtst/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/libXtst/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXtst/libXtst.SlackBuild b/patches/source/libXtst/libXtst.SlackBuild new file mode 100755 index 00000000..0a4bb940 --- /dev/null +++ b/patches/source/libXtst/libXtst.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild lib libXtst +mv /tmp/x11-build/libXtst*txz /tmp diff --git a/patches/source/libXtst/modularize b/patches/source/libXtst/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/libXtst/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXtst/noarch b/patches/source/libXtst/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/libXtst/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libXtst/package-blacklist b/patches/source/libXtst/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/libXtst/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXtst/slack-desc/libXtst b/patches/source/libXtst/slack-desc/libXtst new file mode 100644 index 00000000..63b93c01 --- /dev/null +++ b/patches/source/libXtst/slack-desc/libXtst @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXtst: libXtst (client library for the XTEST & RECORD extensions) +libXtst: +libXtst: libXtst is part of X11. +libXtst: +libXtst: For more information about the X.Org Foundation (the providers of the +libXtst: X.Org implementation of the X Window System), see their website: +libXtst: +libXtst: http://www.x.org +libXtst: +libXtst: +libXtst: diff --git a/patches/source/libXtst/x11.SlackBuild b/patches/source/libXtst/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/libXtst/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXv/arch.use.flags b/patches/source/libXv/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/libXv/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXv/build/libXv b/patches/source/libXv/build/libXv new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/libXv/build/libXv @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/libXv/configure/configure b/patches/source/libXv/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/libXv/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXv/libXv.SlackBuild b/patches/source/libXv/libXv.SlackBuild new file mode 100755 index 00000000..b4a99f6c --- /dev/null +++ b/patches/source/libXv/libXv.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild lib libXv +mv /tmp/x11-build/libXv*txz /tmp diff --git a/patches/source/libXv/modularize b/patches/source/libXv/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/libXv/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXv/noarch b/patches/source/libXv/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/libXv/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libXv/package-blacklist b/patches/source/libXv/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/libXv/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXv/slack-desc/libXv b/patches/source/libXv/slack-desc/libXv new file mode 100644 index 00000000..d72865bf --- /dev/null +++ b/patches/source/libXv/slack-desc/libXv @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXv: libXv (library for the X Video (Xv) extension to the X Window System) +libXv: +libXv: libXv is part of X11. +libXv: +libXv: For more information about the X.Org Foundation (the providers of the +libXv: X.Org implementation of the X Window System), see their website: +libXv: +libXv: http://www.x.org +libXv: +libXv: +libXv: diff --git a/patches/source/libXv/slack-desc/libXvMC b/patches/source/libXv/slack-desc/libXvMC new file mode 100644 index 00000000..aecd7f3a --- /dev/null +++ b/patches/source/libXv/slack-desc/libXvMC @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXvMC: libXvMC (X.Org X11 libXvMC runtime library) +libXvMC: +libXvMC: libXvMC is part of X11. +libXvMC: +libXvMC: For more information about the X.Org Foundation (the providers of the +libXvMC: X.Org implementation of the X Window System), see their website: +libXvMC: +libXvMC: http://www.x.org +libXvMC: +libXvMC: +libXvMC: diff --git a/patches/source/libXv/x11.SlackBuild b/patches/source/libXv/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/libXv/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXvMC/arch.use.flags b/patches/source/libXvMC/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/libXvMC/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXvMC/build/libXvMC b/patches/source/libXvMC/build/libXvMC new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/libXvMC/build/libXvMC @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/libXvMC/configure/configure b/patches/source/libXvMC/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/libXvMC/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXvMC/libXvMC.SlackBuild b/patches/source/libXvMC/libXvMC.SlackBuild new file mode 100755 index 00000000..2b657972 --- /dev/null +++ b/patches/source/libXvMC/libXvMC.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild lib libXvMC +mv /tmp/x11-build/libXvMC*txz /tmp diff --git a/patches/source/libXvMC/modularize b/patches/source/libXvMC/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/libXvMC/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXvMC/noarch b/patches/source/libXvMC/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/libXvMC/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libXvMC/package-blacklist b/patches/source/libXvMC/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/libXvMC/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXvMC/slack-desc/libXvMC b/patches/source/libXvMC/slack-desc/libXvMC new file mode 100644 index 00000000..aecd7f3a --- /dev/null +++ b/patches/source/libXvMC/slack-desc/libXvMC @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXvMC: libXvMC (X.Org X11 libXvMC runtime library) +libXvMC: +libXvMC: libXvMC is part of X11. +libXvMC: +libXvMC: For more information about the X.Org Foundation (the providers of the +libXvMC: X.Org implementation of the X Window System), see their website: +libXvMC: +libXvMC: http://www.x.org +libXvMC: +libXvMC: +libXvMC: diff --git a/patches/source/libXvMC/x11.SlackBuild b/patches/source/libXvMC/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/libXvMC/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libexif/libexif.SlackBuild b/patches/source/libexif/libexif.SlackBuild new file mode 100755 index 00000000..a0d677c0 --- /dev/null +++ b/patches/source/libexif/libexif.SlackBuild @@ -0,0 +1,107 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo libexif-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-libexif + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf libexif-$VERSION +tar xvf $CWD/libexif-$VERSION.tar.?z* || exit 1 +cd libexif-$VERSION +zcat $CWD/libexif.pc.diff.gz | patch -p1 --verbose || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --disable-static \ + --localstatedir=/var/lib \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +strip -g $PKG/usr/lib/*.a + +rm -rf $PKG/usr/share/doc +mkdir -p $PKG/usr/doc/libexif-$VERSION +cp -a \ + ABOUT-NLS AUTHORS COPYING NEWS README \ + $PKG/usr/doc/libexif-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/libexif-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/libexif/libexif.pc.diff b/patches/source/libexif/libexif.pc.diff new file mode 100644 index 00000000..9ccd12d8 --- /dev/null +++ b/patches/source/libexif/libexif.pc.diff @@ -0,0 +1,8 @@ +--- ./libexif.pc.in.orig 2011-05-18 23:41:01.000000000 -0500 ++++ ./libexif.pc.in 2012-07-17 22:23:32.283678691 -0500 +@@ -9,4 +9,4 @@ + Version: @VERSION@ + Libs: -L${libdir} -lexif + Libs.private: -lm +-Cflags: -I${includedir} ++Cflags: -I${includedir}/libexif diff --git a/patches/source/libexif/slack-desc b/patches/source/libexif/slack-desc new file mode 100644 index 00000000..992e1915 --- /dev/null +++ b/patches/source/libexif/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libexif: libexif (Exchangeable Image File Format library) +libexif: +libexif: EXIF stands for Exchangeable Image File Format, which is a format used +libexif: to store extra information in images such as the JPEG files produced +libexif: by digital cameras. The libexif library allows programs such as +libexif: gthumb to parse, edit, and save EXIF data. +libexif: +libexif: +libexif: +libexif: +libexif: diff --git a/patches/source/libgcrypt/libgcrypt.SlackBuild b/patches/source/libgcrypt/libgcrypt.SlackBuild new file mode 100755 index 00000000..ad782cd2 --- /dev/null +++ b/patches/source/libgcrypt/libgcrypt.SlackBuild @@ -0,0 +1,124 @@ +#!/bin/sh + +# Copyright 2006-2009 Robby Workman, Northport, AL, USA +# Copyright 2007, 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=libgcrypt +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.bz2 || exit 1 +cd $PKGNAM-$VERSION +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --infodir=/usr/info \ + --docdir=/usr/doc/libgcrypt-$VERSION \ + --enable-shared=yes \ + --enable-static=yes \ + --program-prefix="" \ + --program-suffix="" \ + --build=$ARCH-slackware-linux \ + --host=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG + +# Move the shared library to $PKG/lib${LIBDIRSUFFIX}: +mkdir -p $PKG/lib${LIBDIRSUFFIX} +( cd $PKG/usr/lib${LIBDIRSUFFIX} + for file in lib*.so.??.* ; do + mv $file ../../lib${LIBDIRSUFFIX} + ln -sf ../../lib${LIBDIRSUFFIX}/$file . + done + cp -a lib*.so.?? ../../lib${LIBDIRSUFFIX} +) + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +rm -f $PKG/usr/info/dir +gzip -9 $PKG/usr/info/* + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + AUTHORS BUGS COPYING* ChangeLog INSTALL NEWS \ + README* THANKS TODO VERSION \ + $PKG/usr/doc/$PKGNAM-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/libgcrypt/slack-desc b/patches/source/libgcrypt/slack-desc new file mode 100644 index 00000000..365fab64 --- /dev/null +++ b/patches/source/libgcrypt/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libgcrypt: libgcrypt (General purpose crypto library) +libgcrypt: +libgcrypt: Libgcrypt is a general purpose crypto library based on the code +libgcrypt: used in GnuPG. +libgcrypt: +libgcrypt: +libgcrypt: +libgcrypt: +libgcrypt: +libgcrypt: +libgcrypt: diff --git a/patches/source/libgpg-error/libgpg-error.SlackBuild b/patches/source/libgpg-error/libgpg-error.SlackBuild new file mode 100755 index 00000000..f9905530 --- /dev/null +++ b/patches/source/libgpg-error/libgpg-error.SlackBuild @@ -0,0 +1,118 @@ +#!/bin/sh + +# Copyright 2006, 2009 Robby Workman, Northport, AL, USA +# Copyright 2007, 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SCRIPT IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SCRIPT, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=libgpg-error +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.bz2 || exit 1 +cd $PKGNAM-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --infodir=/usr/info \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --enable-shared=yes \ + --enable-static=yes \ + --build=$ARCH-slackware-linux \ + --host=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG + +# Move the shared library to $PKG/lib${LIBDIRSUFFIX}: +mkdir -p $PKG/lib${LIBDIRSUFFIX} +( cd $PKG/usr/lib${LIBDIRSUFFIX} + for file in lib*.so.?.* ; do + mv $file ../../lib${LIBDIRSUFFIX} + ln -sf ../../lib${LIBDIRSUFFIX}/$file . + done + cp -a lib*.so.? ../../lib${LIBDIRSUFFIX} +) + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + AUTHORS COPYING* INSTALL NEWS README* THANKS VERSION \ + $PKG/usr/doc/$PKGNAM-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/libgpg-error/slack-desc b/patches/source/libgpg-error/slack-desc new file mode 100644 index 00000000..1d0969cd --- /dev/null +++ b/patches/source/libgpg-error/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libgpg-error: libgpg-error (GnuPG Error Definitions Library) +libgpg-error: +libgpg-error: This is a library that defines common error values for all GnuPG +libgpg-error: components. Among these are GPG, GPGSM, GPGME, GPG-Agent, +libgpg-error: libgcrypt, Libksba, DirMngr, Pinentry, SmartCard Daemon, and more. +libgpg-error: +libgpg-error: +libgpg-error: +libgpg-error: +libgpg-error: +libgpg-error: diff --git a/patches/source/libidn/libidn.SlackBuild b/patches/source/libidn/libidn.SlackBuild new file mode 100755 index 00000000..a98d7748 --- /dev/null +++ b/patches/source/libidn/libidn.SlackBuild @@ -0,0 +1,137 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2018 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +cd $(dirname $0) ; CWD=$(pwd) + +PKGNAM=libidn +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz" + exit 0 +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +TMP=${TMP:-/tmp} +PKG=$TMP/package-libidn + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf libidn-$VERSION +tar xvf $CWD/libidn-$VERSION.tar.?z || exit 1 +cd libidn-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --disable-static \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Compress info pages and purge "dir" file from the package: +if [ -d $PKG/usr/info ]; then + ( cd $PKG/usr/info + rm -f dir + gzip -9 * + ) +fi + +mkdir -p $PKG/usr/doc/libidn-$VERSION +cp -a \ + ABOUT-NLS AUTHORS COPYING* FAQ INSTALL NEWS README* THANKS TODO \ + contrib \ + libidn/libidn.html \ + $PKG/usr/doc/libidn-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/libidn-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/libidn/slack-desc b/patches/source/libidn/slack-desc new file mode 100644 index 00000000..a10cfe7b --- /dev/null +++ b/patches/source/libidn/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libidn: libidn (GNU Internationalized Domain Name library) +libidn: +libidn: GNU Libidn is an implementation of the Stringprep, Punycode and IDNA +libidn: specifications defined by the IETF Internationalized Domain Names +libidn: (IDN) working group, used for internationalized domain names. +libidn: +libidn: +libidn: +libidn: +libidn: +libidn: diff --git a/patches/source/libiodbc/libiodbc.SlackBuild b/patches/source/libiodbc/libiodbc.SlackBuild new file mode 100755 index 00000000..5b1d032a --- /dev/null +++ b/patches/source/libiodbc/libiodbc.SlackBuild @@ -0,0 +1,126 @@ +#!/bin/sh + +# Copyright 2009, 2010 Eric Hameleers, Eindhoven, NL +# Copyright 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. + +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=libiodbc +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} +NUMJOBS=${NUMJOBS:--j6} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-libiodbc + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf libiodbc-$VERSION +tar xvf $CWD/libiodbc-$VERSION.tar.?z* || exit 1 +cd libiodbc-$VERSION || exit 1 + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Configure: +# We add '--disable-libodbc'. This way, a libodbc.so library does not get +# installed so that this package won't clash with an already present unixodbc. +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --docdir=/usr/doc/libiodbc-$VERSION \ + --disable-static \ + --disable-libodbc \ + --program-prefix= \ + --program-suffix= \ + --build=$ARCH-slackware-linux + +# Disable rpath: +zcat $CWD/libiodbc.disable.rpath.diff.gz | patch -p1 --verbose || exit 1 + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) +fi + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/libiodbc-$VERSION +cp -a \ + AUTHORS COPYING* ChangeLog INSTALL README TODO \ + $PKG/usr/doc/libiodbc-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/libiodbc-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/libiodbc/libiodbc.disable.rpath.diff b/patches/source/libiodbc/libiodbc.disable.rpath.diff new file mode 100644 index 00000000..a5f9701d --- /dev/null +++ b/patches/source/libiodbc/libiodbc.disable.rpath.diff @@ -0,0 +1,11 @@ +--- ./libtool.orig 2013-12-11 17:33:25.828622889 -0600 ++++ ./libtool 2013-12-11 17:39:28.910619029 -0600 +@@ -363,7 +363,7 @@ + + # Flag to hardcode $libdir into a binary during linking. + # This must work even if $libdir does not exist +-hardcode_libdir_flag_spec="\${wl}-rpath \${wl}\$libdir" ++hardcode_libdir_flag_spec="" + + # If ld is used when linking, flag to hardcode $libdir into a binary + # during linking. This must work even if $libdir does not exist. diff --git a/patches/source/libiodbc/slack-desc b/patches/source/libiodbc/slack-desc new file mode 100644 index 00000000..6844c927 --- /dev/null +++ b/patches/source/libiodbc/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler-----------------------------------------------------| +libiodbc: libiodbc (Independent Open DataBase Connectivity) +libiodbc: +libiodbc: iODBC is the acronym for Independent Open DataBase Connectivity, +libiodbc: an Open Source platform independent implementation of both the ODBC +libiodbc: and X/Open specifications. It allows for developing solutions +libiodbc: that are language, platform and database independent. +libiodbc: +libiodbc: +libiodbc: +libiodbc: Homepage: http://iodbc.org/ +libiodbc: diff --git a/patches/source/libjpeg/jpeg.CVE-2013-6629.diff b/patches/source/libjpeg/jpeg.CVE-2013-6629.diff new file mode 100644 index 00000000..37c267a1 --- /dev/null +++ b/patches/source/libjpeg/jpeg.CVE-2013-6629.diff @@ -0,0 +1,32 @@ +From f457207b57d0e234cf7a174d20a7db424b82173d Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Fri, 22 Nov 2013 +Subject: CVE-2013-6629 + +get_sos() in jdmarker.c does not check for duplication of component data +while reading segments following Start Of Scan (SOS) JPEG markers. This +allows remote attackers to obtain sensitive information from uninitialized +memory locations via crafted JPEG images. + +Adapted from: +https://codereview.chromium.org/download/issue31603002_1.diff + +--- + jdmarker.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +--- a/jdmarker.c ++++ b/jdmarker.c +@@ -347,6 +347,12 @@ get_sos (j_decompress_ptr cinfo) + + TRACEMS3(cinfo, 1, JTRC_SOS_COMPONENT, cc, + compptr->dc_tbl_no, compptr->ac_tbl_no); ++ ++ /* This CSi (cc) should differ from the previous CSi */ ++ for (ci = 0; ci < i; ci++) { ++ if (cinfo->cur_comp_info[ci] == compptr) ++ ERREXIT1(cinfo, JERR_BAD_COMPONENT_ID, cc); ++ } + } + + /* Collect the additional scan parameters Ss, Se, Ah/Al. */ diff --git a/patches/source/libjpeg/libjpeg.SlackBuild b/patches/source/libjpeg/libjpeg.SlackBuild new file mode 100755 index 00000000..be044099 --- /dev/null +++ b/patches/source/libjpeg/libjpeg.SlackBuild @@ -0,0 +1,112 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-v8a} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-libjpeg + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf jpeg-$(echo $VERSION | cut -f 2 -d v) +tar xvf $CWD/jpegsrc.${VERSION}.tar.?z* || exit 1 +cd jpeg-$(echo $VERSION | cut -f 2 -d v) + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/jpeg.CVE-2013-6629.diff.gz | patch -p1 --verbose || exit 1 + +export CFLAGS="$SLKCFLAGS" +./configure \ + --prefix=/usr \ + --mandir=/usr/man \ + --libdir=/usr/lib${LIBDIRSUFFIX} +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG + +# Strip binaries: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/libjpeg-$VERSION +cp -a README $PKG/usr/doc/libjpeg-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +makepkg -c y -l y $TMP/libjpeg-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/libjpeg/slack-desc b/patches/source/libjpeg/slack-desc new file mode 100644 index 00000000..d1add7fd --- /dev/null +++ b/patches/source/libjpeg/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libjpeg: libjpeg (Independent JPEG Group's JPEG software) +libjpeg: +libjpeg: Software to implement JPEG image compression and decompression. JPEG +libjpeg: (pronounced 'jay-peg') is a standardized compression method for +libjpeg: full-color and gray-scale images. JPEG is intended for compressing +libjpeg: 'real-world' scenes; cartoons and other non-realistic images are not +libjpeg: its strong suit. JPEG is lossy, however, on typical images of +libjpeg: real-world scenes, very good compression levels can be obtained with +libjpeg: no visible change, and amazingly high compression levels are possible +libjpeg: if you can tolerate a low-quality image. +libjpeg: diff --git a/patches/source/libpng/libpng.SlackBuild b/patches/source/libpng/libpng.SlackBuild new file mode 100755 index 00000000..7dbb6ed9 --- /dev/null +++ b/patches/source/libpng/libpng.SlackBuild @@ -0,0 +1,134 @@ +#!/bin/sh + +# Copyright 2005-2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION_OLD=1.2.57 +VERSION_NEW=1.4.20 +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-libpng +rm -rf $PKG +mkdir -p $TMP $PKG/usr + +build_source() { + +cd $TMP +rm -rf libpng-$VERSION +tar xvf $CWD/libpng-$VERSION.tar.?z* || exit 1 +cd libpng-$VERSION +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Look like using ./configure is the only way that works now... +./configure --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man + +make -j4 prefix=/usr LIBPATH=/usr/lib${LIBDIRSUFFIX} ZLIBLIB="-L/usr/lib${LIBDIRSUFFIX} -lm -lz" || exit 1 +make install prefix=/usr LIBPATH=/usr/lib${LIBDIRSUFFIX} ZLIBLIB="-L/usr/lib${LIBDIRSUFFIX} -lm -lz" DESTDIR=$PKG + +# I'm ditching this to see if anyone cares. +# +## This symlink is needed to keep old applications running: +## I guess the real lib used the major number 3, then 0 for +## a short while, and now .3 again. Hopefully it will stay +## this way as it was .3 in Slackware 10.2. One can hope. +#( cd $PKG/usr/lib${LIBDIRSUFFIX} +# if [ ! -e libpng.so.0 -a -e libpng.so.3 ]; then +# ln -sf libpng.so.3 libpng.so.0 +# fi +#) + +# Well, glad I got rid of the above, but <someone> upstream still does not +# grok shared libraries on Linux it seems -- libpng-1.4.0 caused all the +# newly compiled binaries to want libpng.so.14, and now libpng-1.4.1 +# wants to change that to libpng14.so.14. Searching online finds that +# we are not the only ones with binaries that want libpng.so.14, so we +# are forced to provide a compatibility symlink again... :-/ +# +# We'll try to remove this in 5 to 10 years, just like before. +( cd $PKG/usr/lib${LIBDIRSUFFIX} + if [ ! -e libpng.so.14 -a -e libpng14.so.14 ]; then + ln -sf libpng14.so.14 libpng.so.14 + fi +) + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +gzip -9 --force $PKG/usr/man/man?/*.? + +mkdir -p $PKG/usr/doc/libpng-$VERSION +cp -a \ + ANNOUNCE CHANGES INSTALL KNOWNBUG LICENSE README TODO Y2KINFO \ + libpng*.txt example.c \ + $PKG/usr/doc/libpng-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/libpng-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +} + +# Build the 1.2 version: +VERSION=$VERSION_OLD +build_source + +# Build the 1.4 version: +VERSION=$VERSION_NEW +build_source + +# Default the includes to version 1.4.x: +( cd $PKG/usr/include ; ln -sf libpng14 libpng ) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/libpng-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/libpng/slack-desc b/patches/source/libpng/slack-desc new file mode 100644 index 00000000..54d1d0f9 --- /dev/null +++ b/patches/source/libpng/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libpng: libpng (Portable Network Graphics library) +libpng: +libpng: PNG (Portable Network Graphics) is an extensible file format for the +libpng: lossless, portable, well-compressed storage of raster images. PNG +libpng: provides a patent-free replacement for GIF and can also replace many +libpng: common uses of TIFF. Indexed-color, grayscale, and truecolor images +libpng: are supported, plus an optional alpha channel. Sample depths range +libpng: from 1 to 16 bits. +libpng: +libpng: +libpng: diff --git a/patches/source/libtiff/libtiff.SlackBuild b/patches/source/libtiff/libtiff.SlackBuild new file mode 100755 index 00000000..c6432e8b --- /dev/null +++ b/patches/source/libtiff/libtiff.SlackBuild @@ -0,0 +1,122 @@ +#!/bin/sh + +# Copyright 2005-2013 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +VERSION=${VERSION:-$(echo tiff-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=1_slack13.1 + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-libtiff + +rm -rf $PKG +mkdir -p $PKG +cd $TMP +rm -rf tiff-$VERSION +tar xvf $CWD/tiff-$VERSION.tar.?z* || exit 1 +cd tiff-$VERSION + +zcat $CWD/tiff-3.9.7_CVE-2012-4447_CVE-2012-4564_CVE-2013-1960_CVE-2013-1961.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/tiff-3.9.7_CVE-2013-4231.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/tiff-3.9.7_CVE-2013-4232.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/tiff-3.9.7_CVE-2013-4244.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --program-prefix="" \ + --program-suffix="" \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 +( cd man ; make install-man DESTDIR=$PKG || exit 1 ) || exit 1 +rm -r $PKG/usr/share +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) +strip -g $PKG/usr/lib${LIBDIRSUFFIX}/lib*.a +chmod 755 $PKG/usr/lib${LIBDIRSUFFIX}/libtiff*.so.* +mkdir -p $PKG/usr/doc/libtiff-$VERSION +cp -a \ + COPYRIGHT README RELEASE-DATE TODO VERSION \ + $PKG/usr/doc/libtiff-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mv $PKG/usr/local/man $PKG/usr +rmdir $PKG/usr/local + +# I'd use that shiny new manpage script here but all the +# .3 manpages end with '.3tiff'. +gzip -9 $PKG/usr/man/man?/* + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +makepkg -l y -c n $TMP/libtiff-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/libtiff/slack-desc b/patches/source/libtiff/slack-desc new file mode 100644 index 00000000..42c79f47 --- /dev/null +++ b/patches/source/libtiff/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libtiff: libtiff (a library for reading and writing TIFF files) +libtiff: +libtiff: This package provides support for the Tag Image File Format (TIFF), +libtiff: a widely used format for storing image data. Included is the libtiff +libtiff: library (for reading and writing TIFF files), and a collection of +libtiff: tools for working with TIFF images. +libtiff: +libtiff: +libtiff: +libtiff: +libtiff: diff --git a/patches/source/libtiff/tiff-3.9.7_CVE-2012-4447_CVE-2012-4564_CVE-2013-1960_CVE-2013-1961.diff b/patches/source/libtiff/tiff-3.9.7_CVE-2012-4447_CVE-2012-4564_CVE-2013-1960_CVE-2013-1961.diff new file mode 100644 index 00000000..2ee6847c --- /dev/null +++ b/patches/source/libtiff/tiff-3.9.7_CVE-2012-4447_CVE-2012-4564_CVE-2013-1960_CVE-2013-1961.diff @@ -0,0 +1,3813 @@ +From 304327d825c7ba6a9f560d0ca792304f0b03e3b3 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Sun, 11 Aug 2013 +Subject: Multiple CVEs addressed and bugs fixed. + +Mega-patch against libtiff-3.9.7 constructed from upstream commits +that syncs it to the last CVS revision (5/2/2013). It fixes: + + a. CVE-2012-4447 + b. CVE-2012-4564 + c. CVE-2013-1960 + d. CVE-2013-1961 + e. auto-rotate option bug + f. TIFFPrintDirectory bug +--- + ChangeLog | 781 ++++++++++++++++++++++-------------------- + Makefile.in | 2 + aclocal.m4 | 6 + build/Makefile.in | 2 + contrib/Makefile.in | 2 + contrib/acorn/Makefile.in | 2 + contrib/addtiffo/Makefile.in | 2 + contrib/dbs/Makefile.in | 2 + contrib/dbs/xtiff/Makefile.in | 2 + contrib/dbs/xtiff/xtiff.c | 6 + contrib/iptcutil/Makefile.in | 2 + contrib/mac-cw/Makefile.in | 2 + contrib/mac-mpw/Makefile.in | 2 + contrib/mfs/Makefile.in | 2 + contrib/pds/Makefile.in | 2 + contrib/ras/Makefile.in | 2 + contrib/stream/Makefile.in | 2 + contrib/tags/Makefile.in | 2 + contrib/win_dib/Makefile.in | 2 + html/Makefile.in | 2 + html/images/Makefile.in | 2 + html/man/Makefile.in | 2 + libtiff/Makefile.in | 2 + libtiff/tif_codec.c | 5 + libtiff/tif_dirinfo.c | 4 + libtiff/tif_pixarlog.c | 94 ++--- + libtiff/tif_print.c | 15 + man/Makefile.in | 2 + port/Makefile.in | 2 + test/Makefile.in | 2 + tools/Makefile.in | 2 + tools/ppm2tiff.c | 39 +- + tools/rgb2ycbcr.c | 5 + tools/tiff2bw.c | 4 + tools/tiff2pdf.c | 313 ++++++++-------- + tools/tiff2ps.c | 20 - + tools/tiffcrop.c | 12 + tools/tiffdither.c | 4 + 38 files changed, 728 insertions(+), 628 deletions(-) + +diff --git a/ChangeLog b/ChangeLog +index c18d495..2d8bc7c 100644 +--- a/ChangeLog ++++ b/ChangeLog +@@ -1,3 +1,51 @@ ++2013-05-02 Tom Lane <tgl@sss.pgh.pa.us> ++ ++ * tools/tiff2pdf.c: Rewrite JPEG marker parsing in ++ t2p_process_jpeg_strip to be at least marginally competent. The ++ approach is still fundamentally flawed, but at least now it won't ++ stomp all over memory when given bogus input. Fixes CVE-2013-1960. ++ ++2013-05-02 Tom Lane <tgl@sss.pgh.pa.us> ++ ++ * contrib/dbs/xtiff/xtiff.c, libtiff/tif_codec.c, ++ libtiff/tif_dirinfo.c, tools/rgb2ycbcr.c, tools/tiff2bw.c, ++ tools/tiff2pdf.c, tools/tiff2ps.c, tools/tiffcrop.c, ++ tools/tiffdither.c: Enlarge some fixed-size buffers that weren't ++ large enough, and eliminate substantially all uses of sprintf(buf, ++ ...) in favor of using snprintf(buf, sizeof(buf), ...), so as to ++ protect against overflow of fixed-size buffers. This responds in ++ particular to CVE-2013-1961 concerning overflow in tiff2pdf.c's ++ t2p_write_pdf_page(), but in general it seems like a good idea to ++ deprecate use of sprintf(). ++ ++2013-01-25 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> ++ ++ * tools/tiff2ps.c:Fix bug in auto rotate option code. Once a ++ rotation angle was set by the auto rotate check, it was retained ++ for all pages that followed instead of being retested for each ++ page. Patch by Richard Nolde. ++ ++2012-12-12 Tom Lane <tgl@sss.pgh.pa.us> ++ ++ * libtiff/tif_print.c: Back-patch recent fixes in ++ TIFFPrintDirectory to make it handle field_passcount fields sanely ++ for both TIFF_VARIABLE and TIFF_VARIABLE2 cases. ++ ++2012-12-10 Tom Lane <tgl@sss.pgh.pa.us> ++ ++ * tools/ppm2tiff.c: Back-patch fix for CVE-2012-4564. ++ ++2012-12-10 Tom Lane <tgl@sss.pgh.pa.us> ++ ++ * libtiff/tif_pixarlog.c: Back-patch recent security fixes for ++ tif_pixarlog.c, namely the fix for CVE-2012-4447 and protections ++ against accessing outside the lookup arrays for out of range ++ inputs. ++ ++2012-11-18 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> ++ ++ * automake: Update Automake to 1.12.5 release. ++ + 2012-09-22 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + + * libtiff 3.9.7 released. +@@ -31,7 +79,7 @@ + + * libtiff/tif_dirread.c: Avoid trusting samplesperpixel's default + of 1 for purposes of trimming tags. This is to get some super +- crappy OJPEG files to work again. Grr. ++ crappy OJPEG files to work again. Grr. + http://bugzilla.maptools.org/show_bug.cgi?id=2348 + + 2012-06-01 Frank Warmerdam <warmerdam@google.com> +@@ -101,8 +149,8 @@ + * libtiff/tiffiop.h: avoid declaring int64/uint64 on AIX with XLC + where they are already available. (#2301) + +- * libtiff/tif_thunder.c: Correct potential buffer overflow with +- thunder encoded files with wrong bitspersample set. The libtiff ++ * libtiff/tif_thunder.c: Correct potential buffer overflow with ++ thunder encoded files with wrong bitspersample set. The libtiff + development team would like to thank Marin Barbella and TippingPoint's + Zero Day Initiative for reporting this vulnerability (ZDI-CAN-1004, + CVE-2011-1167). +@@ -110,18 +158,18 @@ + + 2011-03-10 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_fax3.h: Fix to last change allowing zero length ++ * libtiff/tif_fax3.h: Fix to last change allowing zero length + runs at the start of a scanline - needed for legal cases. + + 2011-03-02 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_fax3.h: Protect against a fax VL(n) codeword commanding +- a move left. Without this, a malicious input file can generate an +- indefinitely large series of runs without a0 ever reaching the right ++ * libtiff/tif_fax3.h: Protect against a fax VL(n) codeword commanding ++ a move left. Without this, a malicious input file can generate an ++ indefinitely large series of runs without a0 ever reaching the right + margin, thus overrunning our buffer of run lengths. Per CVE-2011-0192. +- This is a modified version of a patch proposed by Drew Yao of Apple +- Product Security. It adds an unexpected() report, and disallows the +- equality case, since emitting a run without increasing a0 still allows ++ This is a modified version of a patch proposed by Drew Yao of Apple ++ Product Security. It adds an unexpected() report, and disallows the ++ equality case, since emitting a run without increasing a0 still allows + buffer overrun. + + 2011-02-25 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -133,7 +181,7 @@ + 2011-01-03 Lee Howard <faxguy@howardsilvan.com> + + * libtiff/tif_jpeg.c: Fix regressions with 2 and 3 band images +- caused by commit on 2010-12-14. Submitted by e-mail from ++ caused by commit on 2010-12-14. Submitted by e-mail from + Even Rouault <even.rouault@mines-paris.org> + + 2010-12-31 Olivier Paquet <olivier.paquet@gmail.com> +@@ -188,13 +236,13 @@ + + 2010-12-12 Lee Howard <faxguy@howardsilvan.com> + +- * tools/tiff2pdf.c: fix colors for images with RGBA ++ * tools/tiff2pdf.c: fix colors for images with RGBA + interleaved data + http://bugzilla.maptools.org/show_bug.cgi?id=2250 + + 2010-12-11 Lee Howard <faxguy@howardsilvan.com> + +- * tools/tiff2pdf.c: remove invalid duplication for Lab ++ * tools/tiff2pdf.c: remove invalid duplication for Lab + http://bugzilla.maptools.org/show_bug.cgi?id=2162 + + 2010-12-11 Lee Howard <faxguy@howardsilvan.com> +@@ -236,7 +284,7 @@ + + 2010-12-07 Lee Howard <faxguy@howardsilvan.com> + +- * libtiff/tif_jpeg.c, libtiff/tif_strip.c: apply patch for ++ * libtiff/tif_jpeg.c, libtiff/tif_strip.c: apply patch for + CVE-2010-3087 per bug + http://bugzilla.maptools.org/show_bug.cgi?id=2140 + +@@ -248,7 +296,7 @@ + 2010-09-25 Lee Howard <faxguy@howardsilvan.com> + + * tools/tiff2ps.c: improvements and enhancements from Richard Nolde +- with additional command line options for Document Title, ++ with additional command line options for Document Title, + Document Creator, and Page Orientation + + 2010-07-13 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> +@@ -349,14 +397,14 @@ + * libtiff/tif_dirread.c: Fixed bad handling of out of order tags + definated late by a codec (#2210) + +- * libtiff/tif_dirread.c: Fixed inadequate validation of the ++ * libtiff/tif_dirread.c: Fixed inadequate validation of the + SubjectDistance field (#2212). + +- * tiff2pdf.c: Fix assorted bugs in tiff2pdf: missing "return" +- in t2p_read_tiff_size() causes t2p->tiff_datasize to be set entirely +- wrong for COMPRESSION_JPEG case, resulting in memory stomp if actual +- size is larger. Also, there are a bunch of places that try to +- memset() a malloc'd buffer before checking for malloc failure, which ++ * tiff2pdf.c: Fix assorted bugs in tiff2pdf: missing "return" ++ in t2p_read_tiff_size() causes t2p->tiff_datasize to be set entirely ++ wrong for COMPRESSION_JPEG case, resulting in memory stomp if actual ++ size is larger. Also, there are a bunch of places that try to ++ memset() a malloc'd buffer before checking for malloc failure, which + would result in core dump if there actually were a failure. (#2211) + + 2010-06-11 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> +@@ -452,13 +500,13 @@ + + 2010-05-07 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_jpeg.c: Ensure that quality is always set in +- JPEGPreEncode(), not just when we want to output local tables. ++ * libtiff/tif_jpeg.c: Ensure that quality is always set in ++ JPEGPreEncode(), not just when we want to output local tables. + Otherwise the quality used during compression may not be right and + might not match the tables in the tables tag. This bug only occurs + when seeking between directories in the midst of writing blocks. + http://trac.osgeo.org/gdal/ticket/3539 +- ++ + 2010-05-05 Olivier Paquet <olivier.paquet@gmail.com> + + * libtiff/tif_print.c: Have TIFFTAG_REFERENCEBLACKWHITE always print 6 +@@ -476,11 +524,11 @@ + 2010-02-22 Lee Howard <faxguy@howardsilvan.com> + + * libtiff/tif_jpeg.c: Do not generate a JPEGTables tag when creating +- the JPEG TIFF as is is not required in order to prevent it from +- being unused and filled with invalid data. (Leave it to be ++ the JPEG TIFF as is is not required in order to prevent it from ++ being unused and filled with invalid data. (Leave it to be + generated by later activity.) + http://bugzilla.maptools.org/show_bug.cgi?id=2135 +- * tools/tiff2pdf.c: Write the JPEG SOI headers into the TIFF strip ++ * tools/tiff2pdf.c: Write the JPEG SOI headers into the TIFF strip + data rather than skipping them. This fixes the ability to view in + Acrobat Reader, Evince, and Ghostscript. + http://bugzilla.maptools.org/show_bug.cgi?id=2135 +@@ -491,13 +539,13 @@ + 2010-01-06 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_dir.c: Ensure tile and scanline sizes are reset +- when moving to new directories. ++ when moving to new directories. + http://bugzilla.maptools.org/show_bug.cgi?id=1936 + + 2009-12-03 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_jpeg.c: Fix a couple of issues that trigger failures in +- some cases when using TIFFReadScanline() with JPEG compressed ++ some cases when using TIFFReadScanline() with JPEG compressed + subsampled ycbcr images. + http://bugzilla.maptools.org/show_bug.cgi?id=1936 + +@@ -610,7 +658,7 @@ + + 2009-06-22 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_lzw.c: Fix buffer underflow bug. ++ * libtiff/tif_lzw.c: Fix buffer underflow bug. + http://bugzilla.maptools.org/show_bug.cgi?id=2065 + + 2009-06-03 Frank Warmerdam <warmerdam@pobox.com> +@@ -621,7 +669,7 @@ + + 2009-02-12 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_luv.c: Fix handling of tiled logluv images. ++ * libtiff/tif_luv.c: Fix handling of tiled logluv images. + http://bugzilla.maptools.org/show_bug.cgi?id=2005 + + 2009-01-23 Frank Warmerdam <warmerdam@pobox.com> +@@ -635,7 +683,7 @@ + + 2009-01-12 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + +- * tools/tiff2ps.c: Remove spurious message printed to stderr. ++ * tools/tiff2ps.c: Remove spurious message printed to stderr. + + 2009-01-11 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + +@@ -668,7 +716,7 @@ + 2008-12-31 Frank Warmerdam <warmerdam@pobox.com> + + * tools/tiffcrop.c, man/tiffcrop.1: A major update from Richard +- Nolde. ++ Nolde. + + 2008-12-21 Frank Warmerdam <warmerdam@pobox.com> + +@@ -678,7 +726,7 @@ + + 2008-12-21 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_getimage.c, tiffio.h: More ABI corrections. ++ * libtiff/tif_getimage.c, tiffio.h: More ABI corrections. + Removed SubsamplingHor/Ver from TIFFRGBAImage structure. + http://bugzilla.maptools.org/show_bug.cgi?id=1980 + +@@ -719,15 +767,15 @@ + + 2008-05-24 Frank Warmerdam <warmerdam@pobox.com> + +- * tif_codec.c: Avoid NULL pointer dereferencing for exotic ++ * tif_codec.c: Avoid NULL pointer dereferencing for exotic + compression codec codes. + + * tif_dirread.c: zero tif->tif_dir after freeing the directory + in TIFFReadCustomDirectory(). I don't exactly remember why this +- was important. ++ was important. + + * tif_dirwrite.c: Fix potential memory leak writing large double +- tags. ++ tags. + + * tif_dirread.c: Fix unchecked malloc result. + +@@ -747,12 +795,12 @@ + + 2007-11-22 Frank Warmerdam <warmerdam@pobox.com> + +- * tif_write.c: Rip out the fancy logic in TIFFAppendToStrip() for +- establishing if an existing tile can be rewritten to the same location +- by comparing the current size to all the other blocks in the same +- directory. This is dangerous in many situations and can easily ++ * tif_write.c: Rip out the fancy logic in TIFFAppendToStrip() for ++ establishing if an existing tile can be rewritten to the same location ++ by comparing the current size to all the other blocks in the same ++ directory. This is dangerous in many situations and can easily + corrupt a file. (observed in esoteric GDAL situation that's hard to +- document). This change involves leaving the stripbytecount[] values ++ document). This change involves leaving the stripbytecount[] values + unaltered till TIFFAppendToStrip(). Now we only write a block back + to the same location it used to be at if the new data is the same + size or smaller - otherwise we move it to the end of file. +@@ -760,17 +808,17 @@ + * tif_dirwrite.c: Try to avoid writing out a full readbuffer of tile + data when writing the directory just because we have BEENWRITING at + some point in the past. This was causing odd junk to be written out +- in a tile of data when a single tile had an interleaving of reading +- and writing with reading last. (highlighted by gdal +- autotest/gcore/tif_write.py test 7. ++ in a tile of data when a single tile had an interleaving of reading ++ and writing with reading last. (highlighted by gdal ++ autotest/gcore/tif_write.py test 7. + + * tif_predict.c: use working buffer in PredictorEncodeTile to avoid +- modifying callers buffer. ++ modifying callers buffer. + http://trac.osgeo.org/gdal/ticket/1965 + +- * tif_predict.c/h, tif_lzw.c, tif_zip.c: Improvements so that ++ * tif_predict.c/h, tif_lzw.c, tif_zip.c: Improvements so that + predictor based encoding and decoding works in read-write update +- mode properly. ++ mode properly. + http://trac.osgeo.org/gdal/ticket/1948 + + 2007-10-05 Frank Warmerdam <warmerdam@pobox.com> +@@ -785,7 +833,7 @@ + + 2007-07-18 Andrey Kiselev <dron@ak4719.spb.edu> + +- * libtiff/{Makefile.am, Makefile.v}: Do not distribute tiffconf.h, ++ * libtiff/{Makefile.am, Makefile.v}: Do not distribute tiffconf.h, + remove tif_config.h/tiffconf.h during cleaning. As per bug + + http://bugzilla.remotesensing.org/show_bug.cgi?id=1573 +@@ -803,14 +851,13 @@ + 2007-07-03 Andrey Kiselev <dron@ak4719.spb.edu> + + * tools/tiff2ps.c: Added support 16-bit images as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=1566 + + Patch from William Bader. + + * tools/tiff2pdf.c: Fix for TIFFTAG_JPEGTABLES tag fetching and + significant upgrade of the whole utility as per bug +- + http://bugzilla.remotesensing.org/show_bug.cgi?id=1560 + + Now we don't need tiffiop.h in tiff2pdf anymore and will open output +@@ -828,7 +875,7 @@ + + * libtiff/tif_dirwrite.c: Fixed problem introduced with a fix for a + byte swapping issue +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=1363 + + As per bug +@@ -846,7 +893,7 @@ + * libtiff/{tif_dir.h, tif_dirread.c, tif_dirinfo.c, tif_jpeg.c, + tif_fax3.c, tif_jbig.c, tif_luv.c, tif_ojpeg.c, tif_pixarlog.c, + tif_predict.c, tif_zip.c}: Finally fix bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=1274 + + by introducing _TIFFMergeFieldInfo() returning integer error status +@@ -857,7 +904,7 @@ + + 2007-04-07 Frank Warmerdam <warmerdam@pobox.com> + +- * contrib/addtiffo/tif_overview.c: Fix problems with odd sized output ++ * contrib/addtiffo/tif_overview.c: Fix problems with odd sized output + blocks in TIFF_DownSample_Subsampled() (bug 1542). + + 2007-04-06 Frank Warmerdam <warmerdam@pobox.com> +@@ -865,20 +912,20 @@ + * libtiff/tif_jpeg.c: Changed JPEGInitializeLibJPEG() so that it + will convert from decompressor to compressor or compress to decompress + if required by the force arguments. This works around a problem in +- where the JPEGFixupTestSubsampling() may cause a decompressor to ++ where the JPEGFixupTestSubsampling() may cause a decompressor to + be setup on a directory when later a compressor is required with the +- force flag set. Occurs with the addtiffo program for instance. ++ force flag set. Occurs with the addtiffo program for instance. + + 2007-04-06 Andrey Kiselev <dron@ak4719.spb.edu> + + * libtiff/tif_dirwrite.c: Fixed swapping of byte arrays stored + in-place in tag offsets as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=1363 + + * tools/tiffcrop.c, man/tiffcrop.1: Significant update in + functionality from Richard Nolde. As per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=1525 + + 2007-03-28 Frank Warmerdam <warmerdam@pobox.com> +@@ -886,15 +933,15 @@ + * libtiff/tif_fax3.c: "inline static" -> "static inline" for IRIC CC. + + 2007-03-07 Joris Van Damme <joris.at.lebbeke@skynet.be> +- ++ + * libtiff/tif_getimage.c: workaround for 'Fractional scanline' error reading + OJPEG images with rowsperstrip that is not a multiple of vertical subsampling + factor. This bug is mentioned in: + http://bugzilla.remotesensing.org/show_bug.cgi?id=1390 +- http://www.asmail.be/msg0054766825.html ++ http://www.asmail.be/msg0054766825.html + + 2007-03-07 Joris Van Damme <joris.at.lebbeke@skynet.be> +- ++ + * libtiff/tif_win32.c: made inclusion of windows.h unconditional + + * libtiff/tif_win32.c: replaced preprocessor indication for consiously +@@ -944,14 +991,14 @@ + larger than 2GB. Fixes bug + + http://bugzilla.remotesensing.org/show_bug.cgi?id=890 +- ++ + Idea submitted by Matt Hancher. + + 2007-01-31 Andrey Kiselev <dron@ak4719.spb.edu> + + * tools/tif2rgba.c: This utility does not work properly on big-endian + architectures. It was fixed including the bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=1149 + + 2007-01-15 Mateusz Loskot <mateusz@loskot.net> +@@ -968,15 +1015,15 @@ + + 2006-11-19 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_write.c: TIFFAppendToStrip() - clear sorted flag if +- we move a strip. +- http://bugzilla.remotesensing.org/show_bug.cgi?id=1359 ++ * libtiff/tif_write.c: TIFFAppendToStrip() - clear sorted flag if ++ we move a strip. ++ http://bugzilla.remotesensing.org/show_bug.cgi?id=1359 + + 2006-10-13 Andrey Kiselev <dron@ak4719.spb.edu> + + * libtiff/tif_dir.c: More fixes for vulnerabilities, reported + in Gentoo bug (): +- ++ + http://bugs.gentoo.org/show_bug.cgi?id=142383 + + * libtiff/contrib/dbs/xtiff/xtiff.c: Make xtiff utility compilable. +@@ -1010,12 +1057,12 @@ + * libtiff/tif_lzw.c, libtiff/tif_zip.c: Fixed problems with mixing + encoding and decoding on the same read-write TIFF handle. The LZW + code can now maintain encode and decode state at the same time. The +- ZIP code will switch back and forth as needed. ++ ZIP code will switch back and forth as needed. + http://bugzilla.remotesensing.org/show_bug.cgi?id=757 + + 2006-09-20 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff: Rename config.h.vc and tif_config.h.vc to config.vc.h and ++ * libtiff: Rename config.h.vc and tif_config.h.vc to config.vc.h and + tif_config.vc.h for easier identification by folks using an IDE. + + 2006-07-25 Frank Warmerdam <warmerdam@pobox.com> +@@ -1030,7 +1077,7 @@ + + 2006-07-12 Frank Warmerdam <warmerdam@pobox.com> + +- * tif_dirwrite.c: make sure to use uint32 for wordcount in ++ * tif_dirwrite.c: make sure to use uint32 for wordcount in + TIFFWriteNormanTag if writecount is VARIABLE2 for ASCII fields. + It already seems to have been done for other field types. Needed + for "tiffset" on files with geotiff ascii text. +@@ -1058,9 +1105,9 @@ + 2006-06-17 Frank Warmerdam <warmerdam@pobox.com> + + * tif_readdir.c: Added case in EstimateStripByteCounts() for tiled +- files. Modified TIFFReadDirectory() to not invoke ++ files. Modified TIFFReadDirectory() to not invoke + EstimateStripByteCounts() for case where entry 0 and 1 are unequal +- but one of them is zero. ++ but one of them is zero. + http://bugzilla.remotesensing.org/show_bug.cgi?id=1204 + + 2006-06-08 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -1088,7 +1135,7 @@ + * {configure, configure.ac, libtiff/tif_jbig.c, tools/tiffcp.c}: Added + support for JBIG compression scheme (34661 code) contributed by Lee + Howard. As per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=896 + + * configure, configure.ac: OJPEG support enabled by default. +@@ -1127,7 +1174,7 @@ + 2006-04-18 Frank Warmerdam <warmerdam@pobox.com> + + * nmake.opt: use /EHsc for VS2005 compatibility. Also define +- _CRT_SECURE_NO_DEPRECATE to avoid noise on VS2005. ++ _CRT_SECURE_NO_DEPRECATE to avoid noise on VS2005. + + 2006-04-12 Joris Van Damme <joris.at.lebbeke@skynet.be> + +@@ -1135,7 +1182,7 @@ + non-subsampled YCbCr (i.e. separate YCbCr with subsampling [1,1]) + + 2006-04-11 Joris Van Damme <joris.at.lebbeke@skynet.be> +- ++ + * libtiff/tif_getimage.c: Revision of all RGB(A) put routines + - Conversion of unassociated alpha to associated alpha now done with + more performant LUT, and calculation more correct +@@ -1144,21 +1191,21 @@ + - Bugfix of handling of 16bit RGB with unassociated alpha + + 2006-04-11 Joris Van Damme <joris.at.lebbeke@skynet.be> +- +- * libtiff/tif_getimage.c: +- - When there is no alpha, gtTileSeparate and gtStripSeparate allocated +- buffer for alpha strile and filled it, only to never read it back. ++ ++ * libtiff/tif_getimage.c: ++ - When there is no alpha, gtTileSeparate and gtStripSeparate allocated ++ buffer for alpha strile and filled it, only to never read it back. + Removed allocation and fill. +- - Minor rename of vars in gtTileSeparate and gtStripSeparate ++ - Minor rename of vars in gtTileSeparate and gtStripSeparate + anticipating planned functionality extension + + 2006-04-08 Joris Van Damme <joris.at.lebbeke@skynet.be> + +- * libtiff/tif_getimage.c: renamed pickTileContigCase to PickContigCase +- and pickTileSeparateCase to PickSeparateCase as both work on strips as ++ * libtiff/tif_getimage.c: renamed pickTileContigCase to PickContigCase ++ and pickTileSeparateCase to PickSeparateCase as both work on strips as + well + +- * libtiff/tif_getimage.c: moved img->get selection from ++ * libtiff/tif_getimage.c: moved img->get selection from + TIFFRGBAImageBegin into PickContigCase and PickSeparateCase to create + logical hook for planned functionality extension + +@@ -1169,9 +1216,9 @@ + + 2006-04-07 Joris Van Damme <joris.at.lebbeke@skynet.be> + +- * libtiff/tif_getimage.c: replaced usage of TIFFScanlineSize in ++ * libtiff/tif_getimage.c: replaced usage of TIFFScanlineSize in + gtStripContig with TIFFNewScanlineSize so as to fix buggy behaviour +- on subsampled images - this ought to get sorted when we feel brave ++ on subsampled images - this ought to get sorted when we feel brave + enough to replace TIFFScanlineSize alltogether + + * libtiff/tif_ojpeg.c: fixed bug in OJPEGReadSkip +@@ -1180,13 +1227,13 @@ + + * libtiff/tiffio.h: added new type tstrile_t + +- * libtiff/tif_dir.h: changed types of td_stripsperimage and td_nstrips +- to new tstrile_t, types of td_stripoffset and td_stripbytecount to ++ * libtiff/tif_dir.h: changed types of td_stripsperimage and td_nstrips ++ to new tstrile_t, types of td_stripoffset and td_stripbytecount to + toff_t* + + * libtiff/tif_ojpeg.c: totally new implementation + +- * libtiff/tif_dirread.c: added several hacks to suit new support of ++ * libtiff/tif_dirread.c: added several hacks to suit new support of + OJPEG + + * libtiff/tif_getimage.c: removed TIFFTAG_JPEGCOLORMODE handling +@@ -1226,7 +1273,7 @@ + + * libtiff/tif_getimage.c: added putcontig8bitYCbCr12tile + +- * libtiff/tif_read.c: added support for new TIFF_NOREADRAW flag to ++ * libtiff/tif_read.c: added support for new TIFF_NOREADRAW flag to + prepare the path for new tif_ojpeg.c + + 2006-03-23 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -1342,7 +1389,7 @@ + + * libtiff/tif_write.c: Small code rearrangement in TIFFWriteScanline() + to avoid crash as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=1081. + + 2006-02-26 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -1392,7 +1439,7 @@ + 2006-02-07 Frank Warmerdam <warmerdam@pobox.com> + + * tools/tiff2pdf.c: Fixed support for non-YCbCr encoded JPEG +- compressed TIFF files, per submission from Dan Cobra. ++ compressed TIFF files, per submission from Dan Cobra. + + 2006-02-07 Andrey Kiselev <dron@ak4719.spb.edu> + +@@ -1424,7 +1471,7 @@ + + * libtiff/tif_dirread.c: Use _TIFFGetExifFieldInfo() instead of + _TIFFGetFieldInfo() in TIFFReadEXIFDirectory() call as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=1026. + + 2006-01-23 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -1490,7 +1537,7 @@ + + 2005-12-26 Andrey Kiselev <dron@ak4719.spb.edu> + +- * libtiff/{tif_dir.c, tif_dir.h, tif_dirread.c, tif_dirinfo.c}: ++ * libtiff/{tif_dir.c, tif_dir.h, tif_dirread.c, tif_dirinfo.c}: + tiffFieldInfo and exifFieldInfo arrays definitions moved back to + tif_dirinfo.c; added _TIFFGetFieldInfo() and _TIFFGetExifFieldInfo() + private functions to retrieve FieldInfo arrays. +@@ -1517,10 +1564,10 @@ + + 2005-12-23 Joris Van Damme <joris.at.lebbeke@skynet.be> + +- * libtiff/tiffio.h: fixed typo that potentially resulted in ++ * libtiff/tiffio.h: fixed typo that potentially resulted in + redefininition of USE_WIN32_FILEIO + +- * libtiff/*: Added more 'dual-mode' error handling: Done TIFFWarning ++ * libtiff/*: Added more 'dual-mode' error handling: Done TIFFWarning + calls in core LibTiff. + + 2005-12-21 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -1530,10 +1577,10 @@ + + 2005-12-21 Joris Van Damme <joris.at.lebbeke@skynet.be> + +- * libtiff/*, contrib/*: Added 'dual-mode' error handling, enabling ++ * libtiff/*, contrib/*: Added 'dual-mode' error handling, enabling + newer code to get context indicator in error handler and still +- remain compatible with older code: Done TIFFError calls everywhere +- except in tools ++ remain compatible with older code: Done TIFFError calls everywhere ++ except in tools + + 2005-12-20 Andrey Kiselev <dron@ak4719.spb.edu> + +@@ -1606,7 +1653,7 @@ + http://bugzilla.remotesensing.org/show_bug.cgi?id=1002 + + * .cvsignore: many files added, and a few update according +- to suggestion of Brad HArds on tiff mailing list. ++ to suggestion of Brad HArds on tiff mailing list. + + 2005-11-03 Frank Warmerdam <warmerdam@pobox.com> + +@@ -1631,7 +1678,7 @@ + http://bugzilla.remotesensing.org/show_bug.cgi?id=946 + + * tools/bmp2tiff.c: Fixed possible integer overflow error as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=965 + + * libtiff/tif_dirinfo.c: Make XResolution, YResolution and +@@ -1641,7 +1688,7 @@ + + * tools/tiffsplit.c: Copy fax related fields over splitted parts + as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=983 + + 2005-10-21 Frank Warmerdam <warmerdam@pobox.com> +@@ -1697,7 +1744,7 @@ + + * libtiff/tif_dir.c: When prefreeing tv->value in TIFFSetFieldV + also set it to NULL to avoid double free when re-setting custom +- string fields as per: ++ string fields as per: + + http://bugzilla.remotesensing.org/show_bug.cgi?id=922 + +@@ -1733,7 +1780,7 @@ + http://bugzilla.remotesensing.org/show_bug.cgi?id=831 + + Remove TIFFFetchExtraSamples() function, use TIFFFetchNormalTag() +- instead. ++ instead. + + * libtiff/tiffconf.h.in: One more attempt to fix the AIX bug + +@@ -1904,7 +1951,7 @@ + + 2005-05-22 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_dirread.c: Changed the code that computes ++ * libtiff/tif_dirread.c: Changed the code that computes + stripbytecount[0] if it appears bogus to ignore if stripoffset[0] is + zero. This is a common case with GDAL indicating a "null" tile/strip. + +@@ -1914,8 +1961,8 @@ + + 2005-05-06 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_dirread.c: Applied similar change to +- TIFFFetchPerSampleLongs and TIFFFetchPerSampleAnys. ++ * libtiff/tif_dirread.c: Applied similar change to ++ TIFFFetchPerSampleLongs and TIFFFetchPerSampleAnys. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=843 + +@@ -1965,7 +2012,7 @@ + + * man/TIFFSetField.3tiff: Fixed definition of the TIFFTAG_INKNAMES tag + as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=816 + + 2005-03-30 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -2075,7 +2122,7 @@ + + * libtiff/tiffio.h: Move TIFFOpenW() function into the extern "C"{} + block as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=763 + + 2005-02-03 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> +@@ -2096,7 +2143,7 @@ + http://bugzilla.remotesensing.org/show_bug.cgi?id=320 + + * tools/tiff2ps.c: Fixed problem with page sizes as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=742 + + 2005-01-31 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> +@@ -2137,7 +2184,7 @@ + TIFFRGBAImageBegin() as per bug + + http://bugzilla.remotesensing.org/show_bug.cgi?id=739 +- ++ + 2005-01-12 Andrey Kiselev <dron@ak4719.spb.edu> + + * libtiff/tif_jpeg.c: Added ability to read/write the fax specific +@@ -2166,7 +2213,7 @@ + * libtiff/tiff.h: Restore back the workaround for AIX Visual Age C + compiler to avoid double definition of BSD types as per bug + +- http://bugzilla.remotesensing.org/show_bug.cgi?id=39 ++ http://bugzilla.remotesensing.org/show_bug.cgi?id=39 + + * libtiff/Makefile.am: Place the C++ stream API in the separate + library called libtiffxx to avoid unneeded dependencies. Probably +@@ -2190,7 +2237,7 @@ + + * libtiff/tif_getimage.c: More fixes for multiple-alpha-channelled + RGB-images as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=713 + + +@@ -2226,7 +2273,7 @@ + 2004-12-15 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_getimage.c: #define A1 bracketing for clean build on +- SunPro compiler. ++ SunPro compiler. + + 2004-12-11 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + +@@ -2238,7 +2285,7 @@ + + * libtiff/tif_dirwrite.c: Always write TIFFTAG_SUBIFD using LONG type + as per bugs +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=703 + + and +@@ -2258,9 +2305,9 @@ + + * libtiff/tif_config.in.vc: Removed unneded definitions for + read/open/close/lseek functions to fix the +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=680 +- ++ + 2004-12-03 Andrey Kiselev <dron@ak4719.spb.edu> + + * libtiff/{tif_dir.c, tif_dirread.c}: Remove TIFFReassignTagToIgnore() +@@ -2296,7 +2343,7 @@ + + 2004-11-26 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/makefile.vc: make it easier to rename the libtiff DLL. ++ * libtiff/makefile.vc: make it easier to rename the libtiff DLL. + + 2004-11-24 Andrey Kiselev <dron@ak4719.spb.edu> + +@@ -2393,7 +2440,7 @@ + per bug + + http://bugzilla.remotesensing.org/show_bug.cgi?id=648 +- ++ + * libtiff/{tif_jpeg.c, tif_ojpeg.c}: TIFFTAG_JPEGTABLES should have + uint32 count. Use this type everywhere. + +@@ -2406,7 +2453,7 @@ + * tools/tiff2rgba.c: removed extra newlines in usage message. + + 2004-10-30 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * libtiff/tif_dirwrite.c: Improvements in tag writing code. + + * tools/tiff2ps.c: Fixed wrong variable data type when read Position +@@ -2421,7 +2468,7 @@ + + * libtiff/tif_fax3.c: Fixed case with the wrong decode routines + choosing when the incorrect Group4Options tag set. As per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=323 + + * libtiff/tif_dirwrite.c: Fixed problem with passing count variable of +@@ -2440,7 +2487,7 @@ + * tools/tiff2pdf.c: added casts to avoid warnings. + + * libtiff/libtiff.def: Added several more entry points required +- to link fax2tiff.c against the DLL on windows. ++ to link fax2tiff.c against the DLL on windows. + + 2004-10-27 Andrey Kiselev <dron@ak4719.spb.edu> + +@@ -2511,7 +2558,7 @@ + 2004-10-08 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_dirinfo.c: Fix bug with tif_foundfield and reallocation +- of tif_fieldinfo. ++ of tif_fieldinfo. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=630 + +@@ -2543,7 +2590,7 @@ + + 2004-09-30 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_dirinfo.c: changed type of XMLPacket (tag 700) to ++ * libtiff/tif_dirinfo.c: changed type of XMLPacket (tag 700) to + TIFFTAG_BYTE instead of TIFFTAG_UNDEFINED to comply with the info + in the Adobe XMP Specification. + +@@ -2563,7 +2610,7 @@ + 2004-09-26 Andrey Kiselev <dron@ak4719.spb.edu> + + * libtiff/{tif_dir.h, tif_dir.c, tif_dirread.c, tif_write.c}: +- Optimize checking for the strip bounds. ++ Optimize checking for the strip bounds. + + * libtiff/{tif_dirread.c, tif_strip.c}: TIFFScanlineSize() and + TIFFRasterScanlineSize() functions report zero in the case of integer +@@ -2714,7 +2761,7 @@ + here + + http://www.asmail.be/msg0054799560.html +- ++ + for details. + + * tools/fax2tiff.c: Use the new functions in the code. +@@ -2842,11 +2889,11 @@ + * tools/tiffsplit.c: Fixed problem with unproperly written multibyte + files. Now output files will be written using the same byte order + flag as in the input image. See +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=574 +- ++ + for details. +- ++ + 2004-05-19 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_print.c: added (untested) support for printing +@@ -2858,7 +2905,7 @@ + + * libtiff/tif_fax3.c: Avoid reading CCITT compression options + if compression type mismatches. See +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=565 + + 2004-04-30 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -2903,7 +2950,7 @@ + 2004-04-04 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_open.c: close clientdata if TIFFClientOpen() fails +- via bad2. ++ via bad2. + + 2004-03-26 Andrey Kiselev <dron@ak4719.spb.edu> + +@@ -2930,10 +2977,10 @@ + + 2004-02-26 Andrey Kiselev <dron@ak4719.spb.edu> + +- * tools/tiffsplit.c: Copy JPEGTables tag contents for JPEG compressed ++ * tools/tiffsplit.c: Copy JPEGTables tag contents for JPEG compressed + images. Reported by Artem Mirolubov. + +- * libtiff/tif_dirread.c: Fixed problem with handling TIFF_UNDEFINED ++ * libtiff/tif_dirread.c: Fixed problem with handling TIFF_UNDEFINED + tag type in TIFFFetchNormalTag() as per bug + + http://bugzilla.remotesensing.org/show_bug.cgi?id=508 +@@ -2955,8 +3002,8 @@ + 2004-01-30 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/libtiff.def: Added TIFFCurrentDirOffset, TIFFWriteCheck, +- TIFFRGBAImageOK, and TIFFNumberOfDirectories as suggested by +- Scott Reynolds. ++ TIFFRGBAImageOK, and TIFFNumberOfDirectories as suggested by ++ Scott Reynolds. + + 2004-01-29 Andrey Kiselev <dron@ak4719.spb.edu> + +@@ -2974,7 +3021,7 @@ + file if TIFFFdOpen() failed as per bug + + http://bugzilla.remotesensing.org/show_bug.cgi?id=468 +- ++ + * libtiff/tif_open.c: More fixes for + + http://bugzilla.remotesensing.org/show_bug.cgi?id=468 +@@ -2998,7 +3045,7 @@ + * libtiff/tif_dirwrite.c: Fixed handling of writable ASCII tags that + are field_passcount=TRUE properly. Arguably anonymous custom tags + should be declared as passcount=FALSE, but I don't want to change +- that without a careful review. ++ that without a careful review. + + 2004-01-20 Andrey Kiselev <dron@ak4719.spb.edu> + +@@ -3161,8 +3208,8 @@ + + 2003-11-17 Frank Warmerdam <warmerdam@pobox.com> + +- * tif_dirread.c: do not mark all anonymously defined tags to be +- IGNOREd. ++ * tif_dirread.c: do not mark all anonymously defined tags to be ++ IGNOREd. + + 2003-11-17 Andrey Kiselev <dron@ak4719.spb.edu> + +@@ -3202,15 +3249,15 @@ + + 2003-11-09 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_tile.c: remove spurious use of "s" (sample) in the ++ * libtiff/tif_tile.c: remove spurious use of "s" (sample) in the + planarconfig_contig case in TIFFComputeTile(). + + http://bugzilla.remotesensing.org/show_bug.cgi?id=387 + + 2003-11-09 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * libtiff/tiffiop.h: New macros: TIFFmax, TIFFmin and TIFFrint. +- ++ + 2003-11-07 Andrey Kiselev <dron@ak4719.spb.edu> + + * libtiff/{tiffio.h, tif_strip.c}, man/{TIFFstrip.3t, libtiff.3t}: +@@ -3277,11 +3324,11 @@ + function TIFFReadRGBAImageOriented() implemented to retrieve raster + array with user-specified origin position as suggested by Jason Frank. + See +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=322 + + for details. +- ++ + * tools/tiff2rgba.c: Switched to use TIFFReadRGBAImageOriented() + instead of TIFFReadRGBAImage(). + +@@ -3362,9 +3409,9 @@ + encoded write functions use tif_postdecode() to apply byte order + swapping (swab) to the application passed data buffer if the same + would be done when reading. This allows us to write pixel data with +- more than 8 bits per sample to existing files of a non-native byte ++ more than 8 bits per sample to existing files of a non-native byte + order. One side effect of this change is the applications buffer +- itself is altered in this case by the act of writing. ++ itself is altered in this case by the act of writing. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=171 + +@@ -3390,9 +3437,9 @@ + 2003-07-08 Frank Warmerdam <warmerdam@pobox.com> + + * tif_aux.c, tif_codec.c, tif_dir.c, tif_dirread.c, tif_extension.c, +- tif_fax3.c, tif_getimage.c, tif_luv.c, tif_lzw.c, tif_next.c, ++ tif_fax3.c, tif_getimage.c, tif_luv.c, tif_lzw.c, tif_next.c, + tif_packbits.c, tif_predict.c, tif_print.c, tif_swab.c, tif_thunder.c: +- avoid casting warning at /W4. ++ avoid casting warning at /W4. + + 2003-07-03 Andrey Kiselev <dron@ak4719.spb.edu> + +@@ -3414,11 +3461,11 @@ + + * libtiff/tif_dirinfo.c: TIFFDataWidth() returns 0 in case of + unknown data type. +- ++ + 2003-06-19 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_print.c: fixed some serious bugs when printing +- custom tags ... almost certain to crash. ++ custom tags ... almost certain to crash. + + * libtiff/tif_dirread.c: Don't ignore custom fields that are + autodefined. Not sure how this got to be like this. +@@ -3429,12 +3476,12 @@ + + * tools/tiffcmp.c, man/tiffcmp.1: Fixed problem with unused data + comparing as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=349 + + `-z' option now can be used to set the number of reported different + bytes. +- ++ + 2003-06-09 Andrey Kiselev <dron@ak4719.spb.edu> + + * tools/tiffcp.c, man/tiffcp.1: Added possibility to specify value -1 +@@ -3460,7 +3507,7 @@ + 2003-05-25 Andrey Kiselev <dron@ak4719.spb.edu> + + * tools/fax2tiff.c: Page numbering fixed, as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=341 + + 2003-05-20 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -3526,7 +3573,7 @@ + + * tools/tiffcp.c: Fixed problem with colorspace conversion for JPEG + encoded images. See bug entries +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=275 + + and +@@ -3587,16 +3634,16 @@ + + * libtiff/tif_jpeg.c: Modified to defer initialization of jpeg + library so that we can check if there is already any tile/strip data +- before deciding between creating a compressor or a decompressor. ++ before deciding between creating a compressor or a decompressor. + + 2003-01-31 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_write.c: TIFFWriteCheck() now fails if the image is +- a pre-existing compressed image. That is, image writing to ++ a pre-existing compressed image. That is, image writing to + pre-existing compressed images is not allowed. + + * libtiff/tif_open.c: Removed error if opening a compressed file +- in update mode. ++ in update mode. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=198 + +@@ -3609,16 +3656,16 @@ + * cut 3.6.0 Beta release. + + 2002-12-20 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * tools/fax2ps.c, man/fax2ps.1: Page size was determined + in wrong way as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=239 + + 2002-12-17 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_dirread.c: Allow wrong sized arrays in +- TIFFFetchStripThing(). ++ * libtiff/tif_dirread.c: Allow wrong sized arrays in ++ TIFFFetchStripThing(). + + http://bugzilla.remotesensing.org/show_bug.cgi?id=49 + +@@ -3632,7 +3679,7 @@ + * libtiff/tif_dir.c: fixed bug with resetting an existing custom + field value. + +- * libtiff/tif_dir.c: Fixed potential problem with ascii "custom" ++ * libtiff/tif_dir.c: Fixed potential problem with ascii "custom" + tags in TIFFVGetField() ... added missing break. + + 2002-10-14 Frank Warmerdam <warmerdam@pobox.com> +@@ -3644,11 +3691,11 @@ + the eps by redefining the colorimage operator will get messed up. + Patch supplied by William Bader. + +- * Makefile.in: added tif_extension.c to file list as per ++ * Makefile.in: added tif_extension.c to file list as per + http://bugzilla.remotesensing.org/show_bug.cgi?id=218. + + 2002-10-11 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * configure, config.site, libtiff/{tif_unix.c, Makefile.in}: Fix for + large files (>2GiB) supporting. New option in the config.site: + LARGEFILE="yes". Should be enough for I/O of the large files. +@@ -3680,13 +3727,13 @@ + 2002-10-06 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_jpeg.c: fixed problem with boolean defined with wrong +- size on windows. Use #define boolean hack. ++ size on windows. Use #define boolean hack. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=188 + + * libtiff/tiff.h: Don't do special type handling in tiff.h unless + USING_VISUALAGE is defined. +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=39 + + 2002-10-03 Frank Warmerdam <warmerdam@pobox.com> +@@ -3697,30 +3744,30 @@ + + * libtiff/tif_dirread.c: Another fix for the fetching SBYTE arrays + by the TIFFFetchByteArray() function. Should finally resolve +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=52 +- ++ + * configure: Set -DPIXARLOG_SUPPORT option along with -DZIP_SUPPORT + + * html/Makefile.in: New targets added: html and groffhtml for + producing HTML representations of the manual pages automatically. + html target uses man2html tool, groffhtml uses groff tool. +- ++ + 2002-09-29 Frank Warmerdam <warmerdam@pobox.com> + + * configure, libtiff/Makefile.in: Added SCO OpenServer 5.0.6 support +- from John H. DuBois III. ++ from John H. DuBois III. + + 2002-09-15 Andrey Kiselev <dron@ak4719.spb.edu> + + * Makefile.in, /man/{raw2tiff.1, Makefile.in, libtiff.3}: Added + manual page for raw2tiff(1) tool. +- ++ + 2002-09-12 Andrey Kiselev <dron@ak4719.spb.edu> + + * /libtiff/{tiffio.h, tif_dir.h}: TIFFDataWidth() declaration moved to + the tiffio.h header file. +- ++ + * Makefile.in, /man/{TIFFDataWidth.3t, Makefile.in, libtiff.3}: Added + manual page for TIFFDataWidth() function + +@@ -3730,8 +3777,8 @@ + as per http://bugzilla.remotesensing.org/show_bug.cgi?id=196. + + * tools/tiff2ps.c: Don't emit BeginData/EndData DSC comments +- since we are unable to properly include the amount to skip. +- ++ since we are unable to properly include the amount to skip. ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=80 + + 2002-09-02 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -3741,7 +3788,7 @@ + http://bugzilla.remotesensing.org/show_bug.cgi?id=52 + + 2002-08-22 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * /libtiff/tif_dirinfo.c: Further additions to free custom fields + in _TIFFSetupFieldInfo() function. + See http://bugzilla.remotesensing.org/show_bug.cgi?id=169 for details. +@@ -3750,14 +3797,14 @@ + LZWDecode() and LZWDecodeCompat(). + Fixes http://bugzilla.remotesensing.org/show_bug.cgi?id=190 + and http://bugzilla.remotesensing.org/show_bug.cgi?id=100 +- ++ + * /libtiff/tif_lzw.c: + Added check for valid code lengths in LZWDecode() and + LZWDecodeCompat(). Fixes + http://bugzilla.remotesensing.org/show_bug.cgi?id=115 + + 2002-08-16 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * /libtiff/{Makefile.vc, libtiff.def}: + Missed declarations added. + +@@ -3768,7 +3815,7 @@ + + http://bugzilla.remotesensing.org/show_bug.cgi?id=177 + +- * tif_dir.h: changed FIELD_CODEC to 66 from 64 to avoid overlap ++ * tif_dir.h: changed FIELD_CODEC to 66 from 64 to avoid overlap + with FIELD_CUSTOM as mentioned in bug 169. + + * tif_close.c: added logic to free dynamically created anonymous +@@ -3777,31 +3824,31 @@ + http://bugzilla.remotesensing.org/show_bug.cgi?id=169 + + 2002-08-10 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * /tools/{raw2tiff.c, Makefile.in, Makefile.lcc, Makefile.vc}: + New tool: raw2tiff --- raw images to TIFF converter. No manual page yet. + + 2002-07-31 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_jpeg.c: Fixed problem with setting of nrows in ++ * libtiff/tif_jpeg.c: Fixed problem with setting of nrows in + JPEGDecode() as per bugzilla bug (issue 1): + + http://bugzilla.remotesensing.org/show_bug.cgi?id=129 + + * libtiff/{tif_jpeg.c,tif_strip.c,tif_print.c}: Hacked tif_jpeg.c to + fetch TIFFTAG_YCBCRSUBSAMPLING from the jpeg data stream if it isn't +- present in the tiff tags. ++ present in the tiff tags. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=168 + + * libtiff/tif_read.c, libtiff/tif_write.c: TIFFReadScanline() and + TIFFWriteScanline() now set tif_row explicitly in case the codec has +- fooled with the value. ++ fooled with the value. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=129 + + 2002-06-22 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * /tools/tiff2ps.c: Added workaround for some software that may crash + when last strip of image contains fewer number of scanlines than + specified by the `/Height' variable. See +@@ -3817,8 +3864,8 @@ + + 2002-06-11 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/contrib/win95: renamed to contrib/win_dib. Added new +- Tiffile.cpp example of converting TIFF files into a DIB on Win32. ++ * libtiff/contrib/win95: renamed to contrib/win_dib. Added new ++ Tiffile.cpp example of converting TIFF files into a DIB on Win32. + This one is described in: + + http://bugzilla.remotesensing.org/show_bug.cgi?id=143 +@@ -3834,21 +3881,21 @@ + http://bugzilla.remotesensing.org/show_bug.cgi?id=131 + + 2002-04-26 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * libtiff/libtiff.def: Added missed declaration. +- ++ + 2002-04-22 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * tools/fax2tiff.c: Updated to reflect latest changes in libtiff. + Closes http://bugzilla.remotesensing.org/show_bug.cgi?id=125 + + 2002-04-20 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * libtiff/tif_open.c: Pointers to custom procedures + in TIFFClientOpen() are checked to be not NULL-pointers. +- ++ + 2002-04-18 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * libtiff/libtiff.def: Added missed declarations. + + * libtiff/tif_pixarlog.c: Updated for using tif_tagmethods structure. +@@ -3858,14 +3905,14 @@ + * libtiff/tif_lzw.c: Additional checks for data integrity introduced. + Should finally close + http://bugzilla.remotesensing.org/show_bug.cgi?id=100 +- ++ + 2002-04-10 Andrey Kiselev <dron@ak4719.spb.edu> + + * tools/tiff2ps: Division by zero fixed. + Closes http://bugzilla.remotesensing.org/show_bug.cgi?id=88 + + 2002-04-09 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * libtiff/: tif_dirwrite.c, tif_write.c, tiffio.h: + TIFFCheckpointDirectory() routine added. + Closes http://bugzilla.remotesensing.org/show_bug.cgi?id=124 +@@ -3897,7 +3944,7 @@ + replaced by warnings. Now libtiff should read corrupted LZW-compressed + files by skipping bad strips. + Closes http://bugzilla.remotesensing.org/show_bug.cgi?id=100 +- ++ + 2002-04-03 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_dirwrite.c: Removed some dead code. +@@ -3919,18 +3966,18 @@ + + http://bugzilla.remotesensing.org/show_bug.cgi?id=111 + +- * tif_print.c: Fixed so that ASCII FIELD_CUSTOM values with ++ * tif_print.c: Fixed so that ASCII FIELD_CUSTOM values with + passcount set FALSE can be printed (such as TIFFTAG_SOFTWARE). + +- * libtiff/tif_dir.c,tif_dirinfo.c,tif_dir.h,tif_ojpeg.c: modified so ++ * libtiff/tif_dir.c,tif_dirinfo.c,tif_dir.h,tif_ojpeg.c: modified so + that TIFFTAG_SOFTWARE uses FIELD_CUSTOM as an example. + + 2002-03-26 Dwight Kelly <dbmalloc@remotesensing.org> + + * libtiff/: tiff.h, tif_dir.c, tif_dir.h, tif_dirinfo.c, tif_dirread.c, + tif_dirwrite.c: Added get/put code for new tag XMLPACKET as defined +- in Adobe XMP Technote. Added missing INKSET tag value from TIFF 6.0 spec +- INKSET_MULTIINK (=2). Added missing tags from Adobe TIFF technotes: ++ in Adobe XMP Technote. Added missing INKSET tag value from TIFF 6.0 spec ++ INKSET_MULTIINK (=2). Added missing tags from Adobe TIFF technotes: + CLIPPATH, XCLIPPATHUNITS, YCLIPPATHUNITS, OPIIMAGEID, OPIPROXY and + INDEXED. Added PHOTOMETRIC tag value from TIFF technote 4 ICCLAB (=9). + +@@ -3989,7 +4036,7 @@ + + http://bugzilla.remotesensing.org/show_bug.cgi?id=94 + +- * man/Makefile.in: Patch DESTDIR handling ++ * man/Makefile.in: Patch DESTDIR handling + + http://bugzilla.remotesensing.org/show_bug.cgi?id=95 + +@@ -4027,9 +4074,9 @@ + + 2002-01-04 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_jpeg.c: fixed computation of segment_width for +- tiles files to avoid error about it not matching the +- cinfo.d.image_width values ("JPEGPreDecode: Improper JPEG strip/tile ++ * libtiff/tif_jpeg.c: fixed computation of segment_width for ++ tiles files to avoid error about it not matching the ++ cinfo.d.image_width values ("JPEGPreDecode: Improper JPEG strip/tile + size.") for ITIFF files. Apparently the problem was incorporated since + 3.5.5, presumably during the OJPEG/JPEG work recently. + +@@ -4039,7 +4086,7 @@ + + http://bugzilla.remotesensing.org/show_bug.cgi?id=94 + +- * libtiff/tif_getimage.c: If DEFAULT_EXTRASAMPLE_AS_ALPHA is 1 ++ * libtiff/tif_getimage.c: If DEFAULT_EXTRASAMPLE_AS_ALPHA is 1 + (defined in tiffconf.h - 1 by default) then the RGBA interface + will assume that a fourth extra sample is ASSOCALPHA if the + EXTRASAMPLE value isn't set for it. This changes the behaviour of +@@ -4051,9 +4098,9 @@ + + 2001-12-12 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_jpeg.c: allow jpeg data stream sampling values to +- override those from tiff directory. This makes this work with +- ImageGear generated files. ++ * libtiff/tif_jpeg.c: allow jpeg data stream sampling values to ++ override those from tiff directory. This makes this work with ++ ImageGear generated files. + + 2001-12-07 Frank Warmerdam <warmerdam@pobox.com> + +@@ -4066,7 +4113,7 @@ + * Reissue 3.5.7 release. + + * libtiff/mkversion.c: Fix output of TIFF_VERSION to be +- YYYYMMDD so that it is increasing over time. ++ YYYYMMDD so that it is increasing over time. + + * Makefile.in: Ensure that tiffvers.h is regenerated in the + make release target. +@@ -4091,8 +4138,8 @@ + + 2001-10-10 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tiff.h: I have created COMPRESSION_CCITT_T4, +- COMPRESSION_CCITT_T6, TIFFTAG_T4OPTIONS and TIFFTAG_T6OPTIONS aliases ++ * libtiff/tiff.h: I have created COMPRESSION_CCITT_T4, ++ COMPRESSION_CCITT_T6, TIFFTAG_T4OPTIONS and TIFFTAG_T6OPTIONS aliases + in keeping with TIFF 6.0 standard in tiff.h + + http://bugzilla.remotesensing.org/show_bug.cgi?id=83 +@@ -4112,10 +4159,10 @@ + error about LZW not being available. + + * libtiff/tif_dir.c: propagate failure to initialize compression +- back from TIFFSetField() as an error status, so applications can ++ back from TIFFSetField() as an error status, so applications can + detect failure. + +- * libtiff/tif_dir.c: removed the auto replacement of ++ * libtiff/tif_dir.c: removed the auto replacement of + COMPRESSION_LZW with COMPRESSION_NONE in _TIFFVSetField(). + + * Removed Makefile, tools/Makefile, port/install.sh, man/Makefile +@@ -4123,7 +4170,7 @@ + + 2001-09-22 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_ojpeg.c: new update from Scott. ++ * libtiff/tif_ojpeg.c: new update from Scott. + + 2001-09-09 Frank Warmerdam <warmerdam@pobox.com> + +@@ -4142,7 +4189,7 @@ + + http://bugzilla.remotesensing.org/show_bug.cgi?id=47 + +- * tools/tiff2ps.c: added OJPEG YCbCr to RGB support. ++ * tools/tiff2ps.c: added OJPEG YCbCr to RGB support. + + * libtiff/tif_ojpeg.c: Applied substantial patch from Scott. + +@@ -4151,14 +4198,14 @@ + * libtiff/tif_packbits.c: fixed memory overrun error. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=77 +- ++ + 2001-08-31 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_getimage.c: relax handling of contig case where + there are extra samples that are supposed to be ignored. This +- should now work for 8bit greyscale or palletted images. ++ should now work for 8bit greyscale or palletted images. + +- http://bugzilla.remotesensing.org/show_bug.cgi?id=75 ++ http://bugzilla.remotesensing.org/show_bug.cgi?id=75 + + 2001-08-28 Frank Warmerdam <warmerdam@pobox.com> + +@@ -4171,15 +4218,15 @@ + + * libtiff/tif_getimage.c: Use memmove() instead of TIFFmemcpy() + in TIFFReadRGBATile() to avoid issues in cases of overlapping +- buffers. See Bug 69 in Bugzilla. ++ buffers. See Bug 69 in Bugzilla. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=69 +- ++ + * tools/tiff2rgba.c: fixed getopt() call so that -b works again. + + 2001-08-09 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tiff.h, libtiff/tif_fax3.c: added check for __LP64__ ++ * libtiff/tiff.h, libtiff/tif_fax3.c: added check for __LP64__ + when checking for 64 bit architectures as per bugzilla bug 67. + + 2001-07-27 Frank Warmerdam <warmerdam@pobox.com> +@@ -4189,7 +4236,7 @@ + + 2001-07-20 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_jpeg.c: Define HAVE_BOOLEAN on windows if RPCNDR.H ++ * libtiff/tif_jpeg.c: Define HAVE_BOOLEAN on windows if RPCNDR.H + has been included. + + 2001-07-19 Frank Warmerdam <warmerdam@pobox.com> +@@ -4201,11 +4248,11 @@ + + * libtiff/tif_ojpeg.c: updates from Scott. Handles colors + much better. Now depends on having patched libjpeg as per +- patch in contrib/ojpeg/*. ++ patch in contrib/ojpeg/*. + + 2001-07-17 Frank Warmerdam <warmerdam@pobox.com> + +- * */Makefile.in: added DESTDIR support. ++ * */Makefile.in: added DESTDIR support. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=60 + +@@ -4213,20 +4260,20 @@ + + * configure, libtiff/Makefile.in: applied OpenBSD patches + as per: +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=61 + + 2001-06-28 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_getimage.c: Fixed so that failure is properly +- reported by gtTileContig, gtStripContig, gtTileSeparate and ++ reported by gtTileContig, gtStripContig, gtTileSeparate and + gtStripSeparate. + + See http://bugzilla.remotesensing.org/show_bug.cgi?id=51 + +- * tiffcmp.c: Fixed multi samples per pixel support for ContigCompare. ++ * tiffcmp.c: Fixed multi samples per pixel support for ContigCompare. + Updated bug section of tiffcmp.1 to note tiled file issues. +- ++ + See http://bugzilla.remotesensing.org/show_bug.cgi?id=53 + + 2001-06-22 Frank Warmerdam <warmerdam@pobox.com> +@@ -4267,10 +4314,10 @@ + + 2001-05-08 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_dirinfo.c: moved pixar and copyright flags to ++ * libtiff/tif_dirinfo.c: moved pixar and copyright flags to + ensure everything is in order. + +- * libtiff/libtiff.def: added TIFFCreateDirectory and ++ * libtiff/libtiff.def: added TIFFCreateDirectory and + TIFFDefaultStripSize as per: + + http://bugzilla.remotesensing.org/show_bug.cgi?id=46 +@@ -4279,10 +4326,10 @@ + + * libtiff/tif_dirinfo.c: Modified the TIFF_BYTE definition for + TIFFTAG_PHOTOSHOP to use a writecount of TIFF_VARIABLE2 (-3) to +- force use of uint32 counts instead of short counts. ++ force use of uint32 counts instead of short counts. + + * libtiff/tif_dirwrite.c: Added support for TIFF_VARIABLE2 in the +- case of writing TIFF_BYTE/TIFF_SBYTE fields. ++ case of writing TIFF_BYTE/TIFF_SBYTE fields. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=43 + +@@ -4318,20 +4365,20 @@ + with the inttypes.h include file on AIX. + + See http://bugzilla.remotesensing.org/show_bug.cgi?id=39 +- ++ + * VERSION: update to 3.5.7 beta in preparation for release. + + * configure/config.site: modified to check if -lm is needed for + MACHDEPLIBS if not supplied by config.site. Needed for Darwin. + +- * config.guess: updated wholesale to an FSF version apparently +- from 1998 (as opposed to 1994). This is mainly inspired by ++ * config.guess: updated wholesale to an FSF version apparently ++ from 1998 (as opposed to 1994). This is mainly inspired by + providing for MacOS X support. + + 2001-03-29 Frank Warmerdam <warmerdam@pobox.com> + + * configure, Makefile.in, etc: added support for OPTIMIZER being +- set from config.site. ++ set from config.site. + + 2001-03-28 Frank Warmerdam <warmerdam@pobox.com> + +@@ -4350,7 +4397,7 @@ + (in particular short ones) print properly. + + See http://bugzilla.remotesensing.org/show_bug.cgi?id=35 +- ++ + * tiff2ps.c/tiff2ps.1: Substantial changes to tiff2ps by + Bruce A. Mallett. See check message for detailed information + on all the changes, including a faster encoder, fixes for level +@@ -4358,7 +4405,7 @@ + + 2001-03-27 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tiffio.h: Changed "#if LOGLUV_PUBLIC" to ++ * libtiff/tiffio.h: Changed "#if LOGLUV_PUBLIC" to + "#ifdef LOGLUV_PUBLIC" so it will work with VisualAge on AIX. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=39 +@@ -4370,7 +4417,7 @@ + + 2001-03-13 Frank Warmerdam <warmerdam@pobox.com> + +- * tif_getimage.c: Added support for 16bit minisblack/miniswhite ++ * tif_getimage.c: Added support for 16bit minisblack/miniswhite + images in RGBA interface. + + 2001-03-02 Frank Warmerdam <warmerdam@pobox.com> +@@ -4381,29 +4428,29 @@ + + * Brent Roman contributed updated tiffcp utility (and tiffcp.1) + with support for extracting subimages with the ,n syntax, and also +- adding the -b bias removal flag. ++ adding the -b bias removal flag. + + 2001-02-16 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/libtiff.def: Brent Roman submitted new version adding +- serveral missing entry points. ++ serveral missing entry points. + + * libtiff/tif_dirinfo.c: don't declare tiffFieldInfo static on VMS. +- Some sort of weird VMS thing. ++ Some sort of weird VMS thing. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=31 + +- * tif_luv.c/tiff.h/tiffio.h: +- New version of TIFF LogLuv (SGILOG) modules contributed by Greg Ward ++ * tif_luv.c/tiff.h/tiffio.h: ++ New version of TIFF LogLuv (SGILOG) modules contributed by Greg Ward + (greg@shutterfly.com). He writes: + + 1) I improved the gamut-mapping function in tif_luv.c for imaginary +- colors, because some images were being super-saturated on the input ++ colors, because some images were being super-saturated on the input + side and this resulted in some strange color shifts in the output. + + 2) I added a psuedotag in tiff.h to control random dithering during +- LogLuv encoding. This is turned off by default for 32-bit LogLuv and +- on for 24-bit LogLuv output. Dithering improves the average color ++ LogLuv encoding. This is turned off by default for 32-bit LogLuv and ++ on for 24-bit LogLuv output. Dithering improves the average color + accuracy over the image. + + 3) I added a #define for LOG_LUV_PUBLIC, which is enabled by default in +@@ -4416,20 +4463,20 @@ + 2001-01-23 Frank Warmerdam <warmerdam@pobox.com> + + * tif_fax3.c: keep rw_mode flag internal to fax3 state to remember +- whether we are encoding or decoding. This is to ensure graceful ++ whether we are encoding or decoding. This is to ensure graceful + recovery if TIFFClientOpen() discovers an attempt to open a compressed +- file for "r+" access, and subsequently close it, as it resets the ++ file for "r+" access, and subsequently close it, as it resets the + tif_mode flag to O_RDONLY in this case to avoid writes, confusing the + compressor's concept of whether it is in encode or decode mode. + +-2001-01-08 Mike Welles <mike@bangstate.com> ++2001-01-08 Mike Welles <mike@bangstate.com> + + * Makefile.in: Now cleaning up after itself after creating the .tar.gz and .zip +- ++ + 2001-01-07 Frank Warmerdam <warmerdam@pobox.com> + + * html/libtiff.html: Fixed arguments in example for TIFFRGBAImageGet() +- as per bug report by Patrick Connor. ++ as per bug report by Patrick Connor. + + 2000-12-28 Frank Warmerdam <warmerdam@pobox.com> + +@@ -4437,12 +4484,12 @@ + + * Fixed libtiff/makefile.vc to make tiffvers.h not version.h. + +-2000-12-22 Mike Welles <mike@bangstate.com> ++2000-12-22 Mike Welles <mike@bangstate.com> + * added link to CVS mirror from index.html +- +- * updated html/internals.html to note that LZW compression is +- not supported by default. +- ++ ++ * updated html/internals.html to note that LZW compression is ++ not supported by default. ++ + 2000-12-22 Frank Warmerdam <warmerdam@pobox.com> + + * updated html/libtiff.html to not point at Niles' old JPL web site +@@ -4454,19 +4501,19 @@ + Leonard Rosenthol <leonardr@lazerware.com>. May interfere + with correct building on older systems. If so, please let me know. + +-2000-12-19 Mike Welles <mike@bangsate.com> ++2000-12-19 Mike Welles <mike@bangsate.com> + +- * Took out LZW Encoding from tif_lzw.c ++ * Took out LZW Encoding from tif_lzw.c + + * Created HOWTO-RELEASE + + * Created html/v3.5.6.html + + * updated index.html +- ++ + 2000-12-01 Frank Warmerdam <warmerdam@pobox.com> + +- * Added patches for EOFB support in tif_fax3.c and tif_fax3.h. ++ * Added patches for EOFB support in tif_fax3.c and tif_fax3.h. + Patches supplied by Frank Cringle <fdc@cliwe.ping.de> + Example file at: ftp://ftp.remotesensing.org/pub/libtiff/eofb_396.tif + +@@ -4480,30 +4527,30 @@ + targets so libtiff.so will be built with an explicit dependency + on libm.so. + +- * libtiff/Makefile.in: Use softlinks to link libtiff.so.3 to +- libtiff.so.3.5.5. ++ * libtiff/Makefile.in: Use softlinks to link libtiff.so.3 to ++ libtiff.so.3.5.5. + +- * libtiff/Makefile.in & configure: Remove all references to the ALPHA +- file, or ALPHA version logic. Added stuff about DIST_POINT in ++ * libtiff/Makefile.in & configure: Remove all references to the ALPHA ++ file, or ALPHA version logic. Added stuff about DIST_POINT in + place of DIST_TYPE and the alpha release number stuff. + + 2000-11-22 Frank Warmerdam <warmerdam@pobox.com> + + * I have applied a patch from Steffen Moeller <moeller@ebi.ac.uk> to +- the configure script so that it now accepts the --prefix, and +- --exec-prefix directives. ++ the configure script so that it now accepts the --prefix, and ++ --exec-prefix directives. + + 2000-11-13 Frank Warmerdam <warmerda@cs46980-c> + +- * I have made a variety of modifications in an effort to ensure the ++ * I have made a variety of modifications in an effort to ensure the + TIFFLIB_VERSION macro is automatically generated from the RELEASE-DATE +- file which seems to be updated regularly. ++ file which seems to be updated regularly. + +- o mkversion.c now reads RELEASE-DATE and emits TIFFLIB_VERSION in +- version include file. +- o renamed version.h to tiffvers.h because we now have to install it +- with the public libtiff include files. +- o include tiffvers.h in tiffio.h. ++ o mkversion.c now reads RELEASE-DATE and emits TIFFLIB_VERSION in ++ version include file. ++ o renamed version.h to tiffvers.h because we now have to install it ++ with the public libtiff include files. ++ o include tiffvers.h in tiffio.h. + o updated tif_version.c to use tiffvers.h. + o Updated Makefile.in accordingly. + +@@ -4517,13 +4564,13 @@ + See http://bugzilla.remotesensing.org/show_bug.cgi?id=20 + Some patches from Rick LaMont of Dot C Software. + +- * Modified tif_packbits.c encoder to avoid compressing more ++ * Modified tif_packbits.c encoder to avoid compressing more + data than provided if rowsize doesn't factor into provided data + (such as occurs for YCbCr). + + 2000-10-19 Frank Warmerdam <warmerda@cs46980-c> + +- * tools/rgb2ycbcr.c: fixed output strip size to account for vertical ++ * tools/rgb2ycbcr.c: fixed output strip size to account for vertical + roundup if rows_per_strip not a multiple of vertical sample size. + + 2000-10-16 Frank Warmerdam <warmerda@cs46980-c> +@@ -4539,8 +4586,8 @@ + 2000-10-12 Frank Warmerdam <warmerda@cs46980-c> + + * Modified tiff2bw to ensure portions add to 100%, and that +- white is properly recovered. +- ++ white is properly recovered. ++ + See bug http://bugzilla.remotesensing.org/show_bug.cgi?id=15 + Patch c/o Stanislav Brabec <utx@penguin.cz> + +@@ -4554,26 +4601,26 @@ + + 2000-09-27 Frank Warmerdam <warmerda@cs46980-c> + +- * Added GNULDdso target an`d switched linux and freebsd to use it. ++ * Added GNULDdso target an`d switched linux and freebsd to use it. + + 2000-09-26 Frank Warmerdam <warmerda@cs46980-c> + + * Applied patch for 0x0000 sequences in tif_fax3.h's definition +- of EXPAND1D() as per bug 11 (from Roman). ++ of EXPAND1D() as per bug 11 (from Roman). + + 2000-09-25 Frank Warmerdam <warmerda@cs46980-c> + * Fixed tiffcomp.h to avoid win32 stuff if unix #defined, to improve + cygwin compatibility. + + * Applied patch from Roman Shpount to tif_fax3.c. This seems to +- be a proper fix to the buffer sizing problem. See ++ be a proper fix to the buffer sizing problem. See + http://bugzilla.remotesensing.org/show_bug.cgi?id=11 + + * Fixed tif_getimage.c to fix overrun bug with YCbCr images without + downsampling. http://bugzilla.remotesensing.org/show_bug.cgi?id=10 + Thanks to Nick Lamb <njl98r@ecs.soton.ac.uk> for reporting the + bug and proving the patch. +- ++ + 2000-09-18 Frank Warmerdam <warmerda@cs46980-c> + + * Fixed tif_jpeg.c so avoid destroying the decompressor before +@@ -4603,15 +4650,15 @@ + * Tentatively added support for SAMPLEFORMAT_COMPLEXIEEEFP, and + SAMPLEFORMAT_COMPLEXINT. + +-2000-07-13 Mike Welles <mike@onshore.com> ++2000-07-13 Mike Welles <mike@onshore.com> ++ ++ * index.html, bugs.html: added bugzilla info. + +- * index.html, bugs.html: added bugzilla info. +- + 2000-07-12 Frank Warmerdam <warmerda@rommel.atlsci.com> + + * tif_read.c: fix subtle bug with determining the number of + rows for strips that are the last strip in a separation but +- not the last strip of all in TIFFReadEncodedStrip(). ++ not the last strip of all in TIFFReadEncodedStrip(). + + * Applied 16/32 bit fix to tif_fax3.c. Fix supplied by + Peter Skarpetis <peters@serendipity-software.com.au> +@@ -4633,7 +4680,7 @@ + + * libtiff/tif_dirread.c: Don't use estimate strip byte count for + one tile/strip images with an offset, and byte count of zero. These +- could be "unpopulated" images. ++ could be "unpopulated" images. + + 2000-04-18 Frank Warmerdam <warmerda@rommel.atlsci.com> + +@@ -4648,17 +4695,17 @@ Tue Apr 18 16:18:08 2000 Frank Warmerdam <warmerda@esabot.atlsci.com> + 2000-04-12 Mike Welles <mike@onshore.com> + * configure: Fixed stupid mistake in libc6 test on Linux + +-2000-04-04 Mike Welles <mike@onshore.com> ++2000-04-04 Mike Welles <mike@onshore.com> + * tif_win32.c: Applied patch to fix overreads and ovverwrites +- caught by BoundsChecker. From Arvan Pritchard +- <arvan.pritchard@infomatix.co.uk> (untested). +- +- * tif_getimage.c: Applied patch to silence VC6 warnings. From ++ caught by BoundsChecker. From Arvan Pritchard ++ <arvan.pritchard@infomatix.co.uk> (untested). ++ ++ * tif_getimage.c: Applied patch to silence VC6 warnings. From + Arvan Pritchard <arvan.pritchard@informatix.co.uk> +- +- * tif_lzw.c: Applied patch to silence VC6 warnings. From ++ ++ * tif_lzw.c: Applied patch to silence VC6 warnings. From + Arvan Pritchard <arvan.pritchard@informatix.co.uk> +- ++ + 2000-03-28 Frank Warmerdam <warmerda@cs46980-c> + + * Added contrib/stream (stream io) code submitted by Avi Bleiweiss. +@@ -4668,34 +4715,34 @@ Tue Apr 18 16:18:08 2000 Frank Warmerdam <warmerda@esabot.atlsci.com> + * fax2ps: Fixed mixup of width and height in bounding box statement + as per submission by Nalin Dahyabhai <nalin@redhat.com>. + +-2000-03-27 Mike Welles <mike@onshore.com> ++2000-03-27 Mike Welles <mike@onshore.com> + +- * fax2ps: Modified printruns to take uint32 instead of uint16. +- Patch courtesy of Bernt Herd <herd@herdsoft.com> +- +-2000-03-20 Mike Welles <mike@onshore.com> ++ * fax2ps: Modified printruns to take uint32 instead of uint16. ++ Patch courtesy of Bernt Herd <herd@herdsoft.com> + +- * configure: added test for libc6 for linux targets. Bug reported by ++2000-03-20 Mike Welles <mike@onshore.com> ++ ++ * configure: added test for libc6 for linux targets. Bug reported by + Stanislav Brabec <utx@k332.feld.cvut.cz> + +- * Added 3.5 docs to html/Makefile.in. ++ * Added 3.5 docs to html/Makefile.in. + Thanks to Stanislav Brabec <utx@k332.feld.cvut.cz> + +- * configure: fixed bugs in sed scripts +- (applied sed script s:/@:s;@:;s:/s;;:;: to configure). ++ * configure: fixed bugs in sed scripts ++ (applied sed script s:/@:s;@:;s:/s;;:;: to configure). + fix submitted to Stanislav Brabec <utx@k332.feld.cvut.cz> + +- * tools/iptcutil was not in files list, and wasn't being ++ * tools/iptcutil was not in files list, and wasn't being + added to tar archive. Updated Makefile.in. + + 2000-03-17 Frank Warmerdam <warmerda@cs46980-c> + + * tif_fax3.c: Fixed serious bug introduced during the uint16->uint32 +- conversion for the run arrays. ++ conversion for the run arrays. + + 2000-03-03 Frank Warmerdam <warmerda@cs46980-c.mtnk1.on.wave.home.com> + +- * Set td_sampleformat default to SAMPLEFORMAT_UINT instead of ++ * Set td_sampleformat default to SAMPLEFORMAT_UINT instead of + SAMPLEFORMAT_VOID in TIFFDefaultDirectory() in tif_dir.c. + + 2000-03-02 Frank Warmerdam <warmerda@cs46980-c.mtnk1.on.wave.home.com> +@@ -4716,20 +4763,20 @@ Tue Feb 15 22:01:05 2000 Frank Warmerdam <warmerda@gdal.velocet.ca> + set to 1, and added default (off) setting in tiffconf.h. This + should eventually be set by the configure script somehow. + +- The original work on all these 2-4GB changes was done by ++ The original work on all these 2-4GB changes was done by + Peter Smith (psmith@creo.com). + + * Modified tif_win32.c to support 2-4GB seeks. + + * tentatively changed toff_t to be unsigned instead of signed to +- facilitate support for 2-4GB files. ++ facilitate support for 2-4GB files. + + * Updated a variety of files to use toff_t. Fixed some mixups + between toff_t and tsize_t. + + Fri Jan 28 10:13:49 2000 Frank Warmerdam <warmerda@gdal.velocet.ca> + +- * Largely reimplemented contrib/addtiffo to avoid temp files, ++ * Largely reimplemented contrib/addtiffo to avoid temp files, + updating the TIFF file in place. Fixed a few other bugs to. + + * Set tif_rawdatasize to zero when freeing raw data buffer in +@@ -4738,7 +4785,7 @@ Fri Jan 28 10:13:49 2000 Frank Warmerdam <warmerda@gdal.velocet.ca> + * Enabled "REWRITE_HACK" in tif_write.c by default. + + * Fix bug in tif_write.c when switching between reading one directory +- and writing to another. ++ and writing to another. + + * Made TIFFWriteCheck() public, and added TIFFCreateDirectory() + +@@ -4750,41 +4797,41 @@ Tue Jan 4 13:39:00 2000 Frank Warmerdam <warmerda@gdal.velocet.ca> + + * Added libtiff/libtiff.def to TIFFILES distribution list. + +-Mon Dec 27 12:13:39 EST 1999 Mike Welles <mike@onshore.com> ++Mon Dec 27 12:13:39 EST 1999 Mike Welles <mike@onshore.com> + +- * Created lzw compression kit, as a new module (libtiff-lzw-compression-kit). ++ * Created lzw compression kit, as a new module (libtiff-lzw-compression-kit). + + * Altered descriptions in tools to reflect "by default" lzw not supported + +- * Updated index.html to note lzw compression kit. +- ++ * Updated index.html to note lzw compression kit. ++ + Tue Dec 21 14:01:51 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + +- * Added fax3sm_winnt.c to distribution list in Makefile.in. ++ * Added fax3sm_winnt.c to distribution list in Makefile.in. + + Tue Dec 21 11:04:45 EST 1999 Mike Welles <mike@onshore.com> *** 3.5.4 release *** +- +- * Aadded Pixar tag support. Contributed by Phil Beffery <phil@pixar.com> + +- * Made one more change to tif_dir.c for removal of LZW compression. Also added notice +- when LZW compression invoked. ++ * Aadded Pixar tag support. Contributed by Phil Beffery <phil@pixar.com> ++ ++ * Made one more change to tif_dir.c for removal of LZW compression. Also added notice ++ when LZW compression invoked. + + * Changed default compression in tools to TIFF_PACKBITS, and changed usage descriptions + in tools to reflect removal of LZW compression +- ++ + Mon Dec 20 18:39:02 EST 1999 Mike Welles <mike@onshore.com> + +- * Fixed bug that caused LZW (non) compression to segfault. Added +- warning about LZW compression removed being removed, and why. ++ * Fixed bug that caused LZW (non) compression to segfault. Added ++ warning about LZW compression removed being removed, and why. ++ ++ * Added nostrip to install in tools/Makefile.in so that debugging ++ symbols are kept. + +- * Added nostrip to install in tools/Makefile.in so that debugging +- symbols are kept. +- + Tue Dec 7 12:04:47 EST 1999 Mike Welles <mike@onshore.com> + +- * Added patch from Ivo Penzar <ivo.penzar@infolink-software.com>, +- supporting Adobe ZIP deflate. Untested. +- ++ * Added patch from Ivo Penzar <ivo.penzar@infolink-software.com>, ++ supporting Adobe ZIP deflate. Untested. ++ + Sat Dec 4 15:47:11 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + + * Made Packbits the default compression in tools/tiff2rgba.c instead +@@ -4794,12 +4841,12 @@ Tue Nov 30 14:41:43 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> *** 3.5 + + * Added tif_luv to contrib/djgpp/Makefile.lib. + +-Tue Nov 30 14:15:32 EST 1999 Mike Welles <mike@onshore.com> ++Tue Nov 30 14:15:32 EST 1999 Mike Welles <mike@onshore.com> ++ ++ * Added zip creation to relase makefile target + +- * Added zip creation to relase makefile target ++ * Added html for TIFFWriteTile.3t man page. + +- * Added html for TIFFWriteTile.3t man page. +- + Tue Nov 30 09:20:16 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + + * Added some changes to tif_write.c to support rewriting existing +@@ -4812,26 +4859,26 @@ Mon Nov 29 11:43:42 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + + Sun Nov 28 20:36:18 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + +- * Added notes on use of makefile.vc in build.html, and fixed ++ * Added notes on use of makefile.vc in build.html, and fixed + email subscription address. + +-199-11-28 Mike Welles <mike@onshore.com> ++1999-11-28 Mike Welles <mike@onshore.com> + +- * Fixed apocalypse-inducing y2k bug in contrib/ras/ras2tiff.c ++ * Fixed apocalypse-inducing y2k bug in contrib/ras/ras2tiff.c + + * Did some casts cleaning up to reduce compiler warnings in tif_fax3.c, +- from Bruce Carmeron <cameron@petris.com> -- modifications of +- changes made by Frank (sun cc still complained on cast). ++ from Bruce Carmeron <cameron@petris.com> -- modifications of ++ changes made by Frank (sun cc still complained on cast). + + * Added tiffconf.h to install target per request from Bill + Radcliffe <billr@corbis.com>: "We need a way for ImageMagick to + know features have been compiled into the TIFF library in order to +- handle things properly". +- ++ handle things properly". ++ + Sat Nov 27 16:49:21 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + + * fixed various VC++ warnings as suggested by Gilles Vollant +- <info@winimage.com>. ++ <info@winimage.com>. + + Wed Nov 24 12:08:16 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + +@@ -4840,59 +4887,59 @@ Wed Nov 24 12:08:16 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + + 1999-11-22 Mike Welles <mike@onshore.com> + * HTML-ized the man pages, added to html/man +- +- * Removed LZW Compression to comply with Unisys patent extortion. +- +-1999-09-29 Mike Welles <mike@onshore.com> +- * Corrected one remaining 16 -> 32 bit value in tif_fax3.c, +- From Ivo Penzar <ivo.penzar@infolink-software.com. ++ ++ * Removed LZW Compression to comply with Unisys patent extortion. ++ ++1999-09-29 Mike Welles <mike@onshore.com> ++ * Corrected one remaining 16 -> 32 bit value in tif_fax3.c, ++ From Ivo Penzar <ivo.penzar@infolink-software.com. + + * Added patch from Ivo Penzar to have TiffAdvanceDirectory handle + memory mapped files. <ivo.penzar@infolink-software.com> +- ++ + 1999-09-26 Mike Welles <mike@onshore.com> *** 3.5.2 release *** +- * Corrected alpha versioning. ++ * Corrected alpha versioning. + +- * Removed distinction between alpha and release targets in Makefile.in. ++ * Removed distinction between alpha and release targets in Makefile.in. + +- * added release.stamp target, which tags cvs tree, and updates ++ * added release.stamp target, which tags cvs tree, and updates + "RELEASE-DATE" + +- * added releasediff target, which diffs tree with source as of ++ * added releasediff target, which diffs tree with source as of + date in "RELEASE-DATE" +- +- * Ticked up version to 3.5.2 (alpha 01 -- but I think we'll moving +- away from alpha/non-alpha distinctions). + +- * updated html to reflect release +- ++ * Ticked up version to 3.5.2 (alpha 01 -- but I think we'll moving ++ away from alpha/non-alpha distinctions). ++ ++ * updated html to reflect release ++ + 1999-09-23 <warmerda@CS46980-B> + + * Set O_BINARY for tif_unix.c open() ... used on cygwin for instance. + + * Added CYGWIN case in configure. + +-Fri Sep 17 00:13:51 CEST 1999 Mike Welles <mike@onshore.com> ++Fri Sep 17 00:13:51 CEST 1999 Mike Welles <mike@onshore.com> ++ ++ * Applied Francois Dagand's patch to handle fax decompression bug. ++ (sizes >= 65536 were failing) + +- * Applied Francois Dagand's patch to handle fax decompression bug. +- (sizes >= 65536 were failing) +- + Tue Sep 14 21:31:43 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + +- * Applied "a" mode fix to tif_win32.c/TIFFOpen() as suggested ++ * Applied "a" mode fix to tif_win32.c/TIFFOpen() as suggested + by Christopher Lawton <clawton@mathworks.com> + + Wed Sep 8 08:19:18 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + +- * Added IRIX/gcc, and OSF/1 4.x support on behalf of ++ * Added IRIX/gcc, and OSF/1 4.x support on behalf of + Albert Chin-A-Young <china@thewrittenword.com> + +- * Added TIFFReassignTagToIgnore() API on behalf of ++ * Added TIFFReassignTagToIgnore() API on behalf of + Bruce Cameron <cameron@petris.com>. Man page still pending. + + Wed Aug 25 11:39:07 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + +- * Added test target in Makefile, test_pics.sh script and pics/*.rpt ++ * Added test target in Makefile, test_pics.sh script and pics/*.rpt + files to provide for a rudimentary testsuite. + + * Added contrib/tags back from old distribution ... fixed up a bit. +@@ -4900,7 +4947,7 @@ Wed Aug 25 11:39:07 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + 1999-08-16 <warmerda@CS46980-B> + + * Added simple makefile.vc makefiles for building with MS VC++ +- on Windows NT/98/95 in console mode. Stuff in contrib/win* make give ++ on Windows NT/98/95 in console mode. Stuff in contrib/win* make give + better solutions for some users. + + Mon Aug 16 21:52:11 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> +@@ -4910,20 +4957,20 @@ Mon Aug 16 21:52:11 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + + 1999-08-16 Michael L. Welles <mike@kurtz.fake> + +- * Updated html/index.html with anon CVS instructions. ++ * Updated html/index.html with anon CVS instructions. + + Mon Aug 16 13:18:41 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + +- * pre-remove so link before softlink in LINUXdso action in ++ * pre-remove so link before softlink in LINUXdso action in + libtiff/Makefile.in to avoid failure on LINUXdso builds other than + the first. + + * Fixed problem with cvtcmap() in tif_getimage.c modifying the + colormaps owned by the TIFF handle itself when trying to fixup wrong + (eight bit) colormaps. Corrected by maintaining a private copy of +- the colormap. ++ the colormap. + +- * Added TIFFReadRGBATile()/TIFFReadRGBAStrip() support in ++ * Added TIFFReadRGBATile()/TIFFReadRGBAStrip() support in + tif_getimage.c. + + * CVS Repository placed at remotesensing.org. ChangeLog added. +diff --git a/Makefile.in b/Makefile.in +index 72fbbf3..2ed5682 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/aclocal.m4 b/aclocal.m4 +index d7d14c8..9293eda 100644 +--- a/aclocal.m4 ++++ b/aclocal.m4 +@@ -1,4 +1,4 @@ +-# generated automatically by aclocal 1.12.4 -*- Autoconf -*- ++# generated automatically by aclocal 1.12.5 -*- Autoconf -*- + + # Copyright (C) 1996-2012 Free Software Foundation, Inc. + +@@ -34,7 +34,7 @@ AC_DEFUN([AM_AUTOMAKE_VERSION], + [am__api_version='1.12' + dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to + dnl require some minimum version. Point them to the right macro. +-m4_if([$1], [1.12.4], [], ++m4_if([$1], [1.12.5], [], + [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl + ]) + +@@ -50,7 +50,7 @@ m4_define([_AM_AUTOCONF_VERSION], []) + # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. + # This function is AC_REQUIREd by AM_INIT_AUTOMAKE. + AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], +-[AM_AUTOMAKE_VERSION([1.12.4])dnl ++[AM_AUTOMAKE_VERSION([1.12.5])dnl + m4_ifndef([AC_AUTOCONF_VERSION], + [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl + _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) +diff --git a/build/Makefile.in b/build/Makefile.in +index 1a316b1..cea7a08 100644 +--- a/build/Makefile.in ++++ b/build/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/Makefile.in b/contrib/Makefile.in +index ae67554..72be7a3 100644 +--- a/contrib/Makefile.in ++++ b/contrib/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/acorn/Makefile.in b/contrib/acorn/Makefile.in +index 1e966b4..5a73941 100644 +--- a/contrib/acorn/Makefile.in ++++ b/contrib/acorn/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/addtiffo/Makefile.in b/contrib/addtiffo/Makefile.in +index 25a6e8b..e07640c 100644 +--- a/contrib/addtiffo/Makefile.in ++++ b/contrib/addtiffo/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/dbs/Makefile.in b/contrib/dbs/Makefile.in +index f5b3ee5..d5e7b40 100644 +--- a/contrib/dbs/Makefile.in ++++ b/contrib/dbs/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/dbs/xtiff/Makefile.in b/contrib/dbs/xtiff/Makefile.in +index 2d1ce94..c655c54 100644 +--- a/contrib/dbs/xtiff/Makefile.in ++++ b/contrib/dbs/xtiff/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/dbs/xtiff/xtiff.c b/contrib/dbs/xtiff/xtiff.c +index 7fe3977..de0b2a7 100644 +--- a/contrib/dbs/xtiff/xtiff.c ++++ b/contrib/dbs/xtiff/xtiff.c +@@ -1,5 +1,5 @@ + /* +- * $Id: xtiff.c,v 1.2.2.1 2010-06-08 18:50:40 bfriesen Exp $ ++ * $Id: xtiff.c,v 1.2.2.2 2013-05-02 14:44:43 tgl Exp $ + * + * xtiff - view a TIFF file in an X window + * +@@ -512,9 +512,9 @@ SetNameLabel() + Arg args[1]; + + if (tfMultiPage) +- sprintf(buffer, "%s - page %d", fileName, tfDirectory); ++ snprintf(buffer, sizeof(buffer), "%s - page %d", fileName, tfDirectory); + else +- strcpy(buffer, fileName); ++ snprintf(buffer, sizeof(buffer), "%s", fileName); + XtSetArg(args[0], XtNlabel, buffer); + XtSetValues(labelWidget, args, 1); + } +diff --git a/contrib/iptcutil/Makefile.in b/contrib/iptcutil/Makefile.in +index 75b1ca3..5858c03 100644 +--- a/contrib/iptcutil/Makefile.in ++++ b/contrib/iptcutil/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/mac-cw/Makefile.in b/contrib/mac-cw/Makefile.in +index a94a33a..054d44e 100644 +--- a/contrib/mac-cw/Makefile.in ++++ b/contrib/mac-cw/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/mac-mpw/Makefile.in b/contrib/mac-mpw/Makefile.in +index 8fdaae1..7dd27d7 100644 +--- a/contrib/mac-mpw/Makefile.in ++++ b/contrib/mac-mpw/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/mfs/Makefile.in b/contrib/mfs/Makefile.in +index 230c925..4ee41af 100644 +--- a/contrib/mfs/Makefile.in ++++ b/contrib/mfs/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/pds/Makefile.in b/contrib/pds/Makefile.in +index 3511f62..fa0bcf7 100644 +--- a/contrib/pds/Makefile.in ++++ b/contrib/pds/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/ras/Makefile.in b/contrib/ras/Makefile.in +index 88907bf..e33a00f 100644 +--- a/contrib/ras/Makefile.in ++++ b/contrib/ras/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/stream/Makefile.in b/contrib/stream/Makefile.in +index 9c9dffb..1c36a7f 100644 +--- a/contrib/stream/Makefile.in ++++ b/contrib/stream/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/tags/Makefile.in b/contrib/tags/Makefile.in +index e378f32..891d565 100644 +--- a/contrib/tags/Makefile.in ++++ b/contrib/tags/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/win_dib/Makefile.in b/contrib/win_dib/Makefile.in +index 0f68e76..45bf928 100644 +--- a/contrib/win_dib/Makefile.in ++++ b/contrib/win_dib/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/html/Makefile.in b/html/Makefile.in +index b9f86c8..a85ebd6 100644 +--- a/html/Makefile.in ++++ b/html/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/html/images/Makefile.in b/html/images/Makefile.in +index 1b96240..eaf50a3 100644 +--- a/html/images/Makefile.in ++++ b/html/images/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/html/man/Makefile.in b/html/man/Makefile.in +index 3a5278e..98226c3 100644 +--- a/html/man/Makefile.in ++++ b/html/man/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/libtiff/Makefile.in b/libtiff/Makefile.in +index 6a7c415..69e59c7 100644 +--- a/libtiff/Makefile.in ++++ b/libtiff/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/libtiff/tif_codec.c b/libtiff/tif_codec.c +index d5c6fd1..5a38184 100644 +--- a/libtiff/tif_codec.c ++++ b/libtiff/tif_codec.c +@@ -1,4 +1,4 @@ +-/* $Id: tif_codec.c,v 1.10.2.2 2010-06-08 18:50:41 bfriesen Exp $ */ ++/* $Id: tif_codec.c,v 1.10.2.3 2013-05-02 14:44:43 tgl Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -104,7 +104,8 @@ _notConfigured(TIFF* tif) + const TIFFCodec* c = TIFFFindCODEC(tif->tif_dir.td_compression); + char compression_code[20]; + +- sprintf( compression_code, "%d", tif->tif_dir.td_compression ); ++ snprintf(compression_code, sizeof(compression_code), "%d", ++ tif->tif_dir.td_compression ); + TIFFErrorExt(tif->tif_clientdata, tif->tif_name, + "%s compression support is not configured", + c ? c->name : compression_code ); +diff --git a/libtiff/tif_dirinfo.c b/libtiff/tif_dirinfo.c +index 76ef572..417a2e3 100644 +--- a/libtiff/tif_dirinfo.c ++++ b/libtiff/tif_dirinfo.c +@@ -1,4 +1,4 @@ +-/* $Id: tif_dirinfo.c,v 1.65.2.10 2010-07-06 14:14:41 dron Exp $ */ ++/* $Id: tif_dirinfo.c,v 1.65.2.11 2013-05-02 14:44:43 tgl Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -869,7 +869,7 @@ _TIFFCreateAnonFieldInfo(TIFF *tif, ttag_t tag, TIFFDataType field_type) + * note that this name is a special sign to TIFFClose() and + * _TIFFSetupFieldInfo() to free the field + */ +- sprintf(fld->field_name, "Tag %d", (int) tag); ++ snprintf(fld->field_name, 32, "Tag %d", (int) tag); + + return fld; + } +diff --git a/libtiff/tif_pixarlog.c b/libtiff/tif_pixarlog.c +index ed8eb40..6e127fb 100644 +--- a/libtiff/tif_pixarlog.c ++++ b/libtiff/tif_pixarlog.c +@@ -1,4 +1,4 @@ +-/* $Id: tif_pixarlog.c,v 1.15.2.4 2010-06-08 18:50:42 bfriesen Exp $ */ ++/* $Id: tif_pixarlog.c,v 1.15.2.5 2012-12-10 17:38:54 tgl Exp $ */ + + /* + * Copyright (c) 1996-1997 Sam Leffler +@@ -117,9 +117,9 @@ horizontalAccumulateF(uint16 *wp, int n, int stride, float *op, + if (n >= stride) { + mask = CODE_MASK; + if (stride == 3) { +- t0 = ToLinearF[cr = wp[0]]; +- t1 = ToLinearF[cg = wp[1]]; +- t2 = ToLinearF[cb = wp[2]]; ++ t0 = ToLinearF[cr = (wp[0] & mask)]; ++ t1 = ToLinearF[cg = (wp[1] & mask)]; ++ t2 = ToLinearF[cb = (wp[2] & mask)]; + op[0] = t0; + op[1] = t1; + op[2] = t2; +@@ -136,10 +136,10 @@ horizontalAccumulateF(uint16 *wp, int n, int stride, float *op, + op[2] = t2; + } + } else if (stride == 4) { +- t0 = ToLinearF[cr = wp[0]]; +- t1 = ToLinearF[cg = wp[1]]; +- t2 = ToLinearF[cb = wp[2]]; +- t3 = ToLinearF[ca = wp[3]]; ++ t0 = ToLinearF[cr = (wp[0] & mask)]; ++ t1 = ToLinearF[cg = (wp[1] & mask)]; ++ t2 = ToLinearF[cb = (wp[2] & mask)]; ++ t3 = ToLinearF[ca = (wp[3] & mask)]; + op[0] = t0; + op[1] = t1; + op[2] = t2; +@@ -183,9 +183,9 @@ horizontalAccumulate12(uint16 *wp, int n, int stride, int16 *op, + if (n >= stride) { + mask = CODE_MASK; + if (stride == 3) { +- t0 = ToLinearF[cr = wp[0]] * SCALE12; +- t1 = ToLinearF[cg = wp[1]] * SCALE12; +- t2 = ToLinearF[cb = wp[2]] * SCALE12; ++ t0 = ToLinearF[cr = (wp[0] & mask)] * SCALE12; ++ t1 = ToLinearF[cg = (wp[1] & mask)] * SCALE12; ++ t2 = ToLinearF[cb = (wp[2] & mask)] * SCALE12; + op[0] = CLAMP12(t0); + op[1] = CLAMP12(t1); + op[2] = CLAMP12(t2); +@@ -202,10 +202,10 @@ horizontalAccumulate12(uint16 *wp, int n, int stride, int16 *op, + op[2] = CLAMP12(t2); + } + } else if (stride == 4) { +- t0 = ToLinearF[cr = wp[0]] * SCALE12; +- t1 = ToLinearF[cg = wp[1]] * SCALE12; +- t2 = ToLinearF[cb = wp[2]] * SCALE12; +- t3 = ToLinearF[ca = wp[3]] * SCALE12; ++ t0 = ToLinearF[cr = (wp[0] & mask)] * SCALE12; ++ t1 = ToLinearF[cg = (wp[1] & mask)] * SCALE12; ++ t2 = ToLinearF[cb = (wp[2] & mask)] * SCALE12; ++ t3 = ToLinearF[ca = (wp[3] & mask)] * SCALE12; + op[0] = CLAMP12(t0); + op[1] = CLAMP12(t1); + op[2] = CLAMP12(t2); +@@ -247,9 +247,9 @@ horizontalAccumulate16(uint16 *wp, int n, int stride, uint16 *op, + if (n >= stride) { + mask = CODE_MASK; + if (stride == 3) { +- op[0] = ToLinear16[cr = wp[0]]; +- op[1] = ToLinear16[cg = wp[1]]; +- op[2] = ToLinear16[cb = wp[2]]; ++ op[0] = ToLinear16[cr = (wp[0] & mask)]; ++ op[1] = ToLinear16[cg = (wp[1] & mask)]; ++ op[2] = ToLinear16[cb = (wp[2] & mask)]; + n -= 3; + while (n > 0) { + wp += 3; +@@ -260,10 +260,10 @@ horizontalAccumulate16(uint16 *wp, int n, int stride, uint16 *op, + op[2] = ToLinear16[(cb += wp[2]) & mask]; + } + } else if (stride == 4) { +- op[0] = ToLinear16[cr = wp[0]]; +- op[1] = ToLinear16[cg = wp[1]]; +- op[2] = ToLinear16[cb = wp[2]]; +- op[3] = ToLinear16[ca = wp[3]]; ++ op[0] = ToLinear16[cr = (wp[0] & mask)]; ++ op[1] = ToLinear16[cg = (wp[1] & mask)]; ++ op[2] = ToLinear16[cb = (wp[2] & mask)]; ++ op[3] = ToLinear16[ca = (wp[3] & mask)]; + n -= 4; + while (n > 0) { + wp += 4; +@@ -342,9 +342,9 @@ horizontalAccumulate8(uint16 *wp, int n, int stride, unsigned char *op, + if (n >= stride) { + mask = CODE_MASK; + if (stride == 3) { +- op[0] = ToLinear8[cr = wp[0]]; +- op[1] = ToLinear8[cg = wp[1]]; +- op[2] = ToLinear8[cb = wp[2]]; ++ op[0] = ToLinear8[cr = (wp[0] & mask)]; ++ op[1] = ToLinear8[cg = (wp[1] & mask)]; ++ op[2] = ToLinear8[cb = (wp[2] & mask)]; + n -= 3; + while (n > 0) { + n -= 3; +@@ -355,10 +355,10 @@ horizontalAccumulate8(uint16 *wp, int n, int stride, unsigned char *op, + op[2] = ToLinear8[(cb += wp[2]) & mask]; + } + } else if (stride == 4) { +- op[0] = ToLinear8[cr = wp[0]]; +- op[1] = ToLinear8[cg = wp[1]]; +- op[2] = ToLinear8[cb = wp[2]]; +- op[3] = ToLinear8[ca = wp[3]]; ++ op[0] = ToLinear8[cr = (wp[0] & mask)]; ++ op[1] = ToLinear8[cg = (wp[1] & mask)]; ++ op[2] = ToLinear8[cb = (wp[2] & mask)]; ++ op[3] = ToLinear8[ca = (wp[3] & mask)]; + n -= 4; + while (n > 0) { + n -= 4; +@@ -393,9 +393,9 @@ horizontalAccumulate8abgr(uint16 *wp, int n, int stride, unsigned char *op, + mask = CODE_MASK; + if (stride == 3) { + op[0] = 0; +- t1 = ToLinear8[cb = wp[2]]; +- t2 = ToLinear8[cg = wp[1]]; +- t3 = ToLinear8[cr = wp[0]]; ++ t1 = ToLinear8[cb = (wp[2] & mask)]; ++ t2 = ToLinear8[cg = (wp[1] & mask)]; ++ t3 = ToLinear8[cr = (wp[0] & mask)]; + op[1] = t1; + op[2] = t2; + op[3] = t3; +@@ -413,10 +413,10 @@ horizontalAccumulate8abgr(uint16 *wp, int n, int stride, unsigned char *op, + op[3] = t3; + } + } else if (stride == 4) { +- t0 = ToLinear8[ca = wp[3]]; +- t1 = ToLinear8[cb = wp[2]]; +- t2 = ToLinear8[cg = wp[1]]; +- t3 = ToLinear8[cr = wp[0]]; ++ t0 = ToLinear8[ca = (wp[3] & mask)]; ++ t1 = ToLinear8[cb = (wp[2] & mask)]; ++ t2 = ToLinear8[cg = (wp[1] & mask)]; ++ t3 = ToLinear8[cr = (wp[0] & mask)]; + op[0] = t0; + op[1] = t1; + op[2] = t2; +@@ -630,10 +630,10 @@ PixarLogGuessDataFmt(TIFFDirectory *td) + return guess; + } + +-static uint32 +-multiply(size_t m1, size_t m2) ++static tsize_t ++multiply(tsize_t m1, tsize_t m2) + { +- uint32 bytes = m1 * m2; ++ tsize_t bytes = m1 * m2; + + if (m1 && bytes / m1 != m2) + bytes = 0; +@@ -641,6 +641,20 @@ multiply(size_t m1, size_t m2) + return bytes; + } + ++static tsize_t ++add_ms(tsize_t m1, tsize_t m2) ++{ ++ tsize_t bytes = m1 + m2; ++ ++ /* if either input is zero, assume overflow already occurred */ ++ if (m1 == 0 || m2 == 0) ++ bytes = 0; ++ else if (bytes <= m1 || bytes <= m2) ++ bytes = 0; ++ ++ return bytes; ++} ++ + static int + PixarLogSetupDecode(TIFF* tif) + { +@@ -661,6 +675,8 @@ PixarLogSetupDecode(TIFF* tif) + td->td_samplesperpixel : 1); + tbuf_size = multiply(multiply(multiply(sp->stride, td->td_imagewidth), + td->td_rowsperstrip), sizeof(uint16)); ++ /* add one more stride in case input ends mid-stride */ ++ tbuf_size = add_ms(tbuf_size, sizeof(uint16) * sp->stride); + if (tbuf_size == 0) + return (0); + sp->tbuf = (uint16 *) _TIFFmalloc(tbuf_size); +diff --git a/libtiff/tif_print.c b/libtiff/tif_print.c +index 7634f6e..2b255da 100644 +--- a/libtiff/tif_print.c ++++ b/libtiff/tif_print.c +@@ -1,4 +1,4 @@ +-/* $Id: tif_print.c,v 1.36.2.5 2010-07-06 14:05:30 dron Exp $ */ ++/* $Id: tif_print.c,v 1.36.2.6 2012-12-12 23:18:05 tgl Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -514,8 +514,19 @@ TIFFPrintDirectory(TIFF* tif, FILE* fd, long flags) + continue; + + if(fip->field_passcount) { +- if(TIFFGetField(tif, tag, &value_count, &raw_data) != 1) ++ if (fip->field_readcount == TIFF_VARIABLE2 ) { ++ if(TIFFGetField(tif, tag, &value_count, &raw_data) != 1) ++ continue; ++ } else if (fip->field_readcount == TIFF_VARIABLE ) { ++ uint16 small_value_count; ++ if(TIFFGetField(tif, tag, &small_value_count, &raw_data) != 1) ++ continue; ++ value_count = small_value_count; ++ } else { ++ assert (fip->field_readcount == TIFF_VARIABLE ++ || fip->field_readcount == TIFF_VARIABLE2); + continue; ++ } + } else { + if (fip->field_readcount == TIFF_VARIABLE + || fip->field_readcount == TIFF_VARIABLE2) +diff --git a/man/Makefile.in b/man/Makefile.in +index a007da7..cac0721 100644 +--- a/man/Makefile.in ++++ b/man/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/port/Makefile.in b/port/Makefile.in +index 6674109..f95d58f 100644 +--- a/port/Makefile.in ++++ b/port/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/test/Makefile.in b/test/Makefile.in +index 61ea1ff..f88959f 100644 +--- a/test/Makefile.in ++++ b/test/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/tools/Makefile.in b/tools/Makefile.in +index 47dcec8..6f3d517 100644 +--- a/tools/Makefile.in ++++ b/tools/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/tools/ppm2tiff.c b/tools/ppm2tiff.c +index 6078459..ec8be5d 100644 +--- a/tools/ppm2tiff.c ++++ b/tools/ppm2tiff.c +@@ -1,4 +1,4 @@ +-/* $Id: ppm2tiff.c,v 1.13.2.2 2010-06-08 18:50:44 bfriesen Exp $ */ ++/* $Id: ppm2tiff.c,v 1.13.2.3 2012-12-10 18:27:35 tgl Exp $ */ + + /* + * Copyright (c) 1991-1997 Sam Leffler +@@ -68,6 +68,17 @@ BadPPM(char* file) + exit(-2); + } + ++static tsize_t ++multiply_ms(tsize_t m1, tsize_t m2) ++{ ++ tsize_t bytes = m1 * m2; ++ ++ if (m1 && bytes / m1 != m2) ++ bytes = 0; ++ ++ return bytes; ++} ++ + int + main(int argc, char* argv[]) + { +@@ -85,6 +96,7 @@ main(int argc, char* argv[]) + int c; + extern int optind; + extern char* optarg; ++ tsize_t scanline_size; + + if (argc < 2) { + fprintf(stderr, "%s: Too few arguments\n", argv[0]); +@@ -217,7 +229,8 @@ main(int argc, char* argv[]) + } + switch (bpp) { + case 1: +- linebytes = (spp * w + (8 - 1)) / 8; ++ /* if round-up overflows, result will be zero, OK */ ++ linebytes = (multiply_ms(spp, w) + (8 - 1)) / 8; + if (rowsperstrip == (uint32) -1) { + TIFFSetField(out, TIFFTAG_ROWSPERSTRIP, h); + } else { +@@ -226,15 +239,31 @@ main(int argc, char* argv[]) + } + break; + case 8: +- linebytes = spp * w; ++ linebytes = multiply_ms(spp, w); + TIFFSetField(out, TIFFTAG_ROWSPERSTRIP, + TIFFDefaultStripSize(out, rowsperstrip)); + break; + } +- if (TIFFScanlineSize(out) > linebytes) ++ if (linebytes == 0) { ++ fprintf(stderr, "%s: scanline size overflow\n", infile); ++ (void) TIFFClose(out); ++ exit(-2); ++ } ++ scanline_size = TIFFScanlineSize(out); ++ if (scanline_size == 0) { ++ /* overflow - TIFFScanlineSize already printed a message */ ++ (void) TIFFClose(out); ++ exit(-2); ++ } ++ if (scanline_size < linebytes) + buf = (unsigned char *)_TIFFmalloc(linebytes); + else +- buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out)); ++ buf = (unsigned char *)_TIFFmalloc(scanline_size); ++ if (buf == NULL) { ++ fprintf(stderr, "%s: Not enough memory\n", infile); ++ (void) TIFFClose(out); ++ exit(-2); ++ } + if (resolution > 0) { + TIFFSetField(out, TIFFTAG_XRESOLUTION, resolution); + TIFFSetField(out, TIFFTAG_YRESOLUTION, resolution); +diff --git a/tools/rgb2ycbcr.c b/tools/rgb2ycbcr.c +index 0b30b51..527c036 100644 +--- a/tools/rgb2ycbcr.c ++++ b/tools/rgb2ycbcr.c +@@ -1,4 +1,4 @@ +-/* $Id: rgb2ycbcr.c,v 1.9.2.2 2010-06-08 18:50:44 bfriesen Exp $ */ ++/* $Id: rgb2ycbcr.c,v 1.9.2.3 2013-05-02 14:44:44 tgl Exp $ */ + + /* + * Copyright (c) 1991-1997 Sam Leffler +@@ -326,7 +326,8 @@ tiffcvt(TIFF* in, TIFF* out) + TIFFSetField(out, TIFFTAG_PLANARCONFIG, PLANARCONFIG_CONTIG); + { char buf[2048]; + char *cp = strrchr(TIFFFileName(in), '/'); +- sprintf(buf, "YCbCr conversion of %s", cp ? cp+1 : TIFFFileName(in)); ++ snprintf(buf, sizeof(buf), "YCbCr conversion of %s", ++ cp ? cp+1 : TIFFFileName(in)); + TIFFSetField(out, TIFFTAG_IMAGEDESCRIPTION, buf); + } + TIFFSetField(out, TIFFTAG_SOFTWARE, TIFFGetVersion()); +diff --git a/tools/tiff2bw.c b/tools/tiff2bw.c +index 8fbf061..98908d1 100644 +--- a/tools/tiff2bw.c ++++ b/tools/tiff2bw.c +@@ -1,4 +1,4 @@ +-/* $Id: tiff2bw.c,v 1.12.2.2 2010-07-02 12:03:27 dron Exp $ */ ++/* $Id: tiff2bw.c,v 1.12.2.3 2013-05-02 14:44:44 tgl Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -201,7 +201,7 @@ main(int argc, char* argv[]) + } + } + TIFFSetField(out, TIFFTAG_PHOTOMETRIC, PHOTOMETRIC_MINISBLACK); +- sprintf(thing, "B&W version of %s", argv[optind]); ++ snprintf(thing, sizeof(thing), "B&W version of %s", argv[optind]); + TIFFSetField(out, TIFFTAG_IMAGEDESCRIPTION, thing); + TIFFSetField(out, TIFFTAG_SOFTWARE, "tiff2bw"); + outbuf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out)); +diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c +index dee6435..c55b927 100644 +--- a/tools/tiff2pdf.c ++++ b/tools/tiff2pdf.c +@@ -1,4 +1,4 @@ +-/* $Id: tiff2pdf.c,v 1.37.2.22 2012-07-19 15:43:31 tgl Exp $ ++/* $Id: tiff2pdf.c,v 1.37.2.24 2013-05-02 14:54:18 tgl Exp $ + * + * tiff2pdf - converts a TIFF image to a PDF document + * +@@ -3337,33 +3337,56 @@ int t2p_process_jpeg_strip( + uint32 height){ + + tsize_t i=0; +- uint16 ri =0; +- uint16 v_samp=1; +- uint16 h_samp=1; +- int j=0; +- +- i++; +- +- while(i<(*striplength)){ ++ ++ while (i < *striplength) { ++ tsize_t datalen; ++ uint16 ri; ++ uint16 v_samp; ++ uint16 h_samp; ++ int j; ++ int ncomp; ++ ++ /* marker header: one or more FFs */ ++ if (strip[i] != 0xff) ++ return(0); ++ i++; ++ while (i < *striplength && strip[i] == 0xff) ++ i++; ++ if (i >= *striplength) ++ return(0); ++ /* SOI is the only pre-SOS marker without a length word */ ++ if (strip[i] == 0xd8) ++ datalen = 0; ++ else { ++ if ((*striplength - i) <= 2) ++ return(0); ++ datalen = (strip[i+1] << 8) | strip[i+2]; ++ if (datalen < 2 || datalen >= (*striplength - i)) ++ return(0); ++ } + switch( strip[i] ){ +- case 0xd8: +- /* SOI - start of image */ ++ case 0xd8: /* SOI - start of image */ + _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), 2); + *bufferoffset+=2; +- i+=2; + break; +- case 0xc0: +- case 0xc1: +- case 0xc3: +- case 0xc9: +- case 0xca: ++ case 0xc0: /* SOF0 */ ++ case 0xc1: /* SOF1 */ ++ case 0xc3: /* SOF3 */ ++ case 0xc9: /* SOF9 */ ++ case 0xca: /* SOF10 */ + if(no==0){ +- _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), strip[i+2]+2); +- for(j=0;j<buffer[*bufferoffset+9];j++){ +- if( (buffer[*bufferoffset+11+(2*j)]>>4) > h_samp) +- h_samp = (buffer[*bufferoffset+11+(2*j)]>>4); +- if( (buffer[*bufferoffset+11+(2*j)] & 0x0f) > v_samp) +- v_samp = (buffer[*bufferoffset+11+(2*j)] & 0x0f); ++ _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), datalen+2); ++ ncomp = buffer[*bufferoffset+9]; ++ if (ncomp < 1 || ncomp > 4) ++ return(0); ++ v_samp=1; ++ h_samp=1; ++ for(j=0;j<ncomp;j++){ ++ uint16 samp = buffer[*bufferoffset+11+(3*j)]; ++ if( (samp>>4) > h_samp) ++ h_samp = (samp>>4); ++ if( (samp & 0x0f) > v_samp) ++ v_samp = (samp & 0x0f); + } + v_samp*=8; + h_samp*=8; +@@ -3377,45 +3400,43 @@ int t2p_process_jpeg_strip( + (unsigned char) ((height>>8) & 0xff); + buffer[*bufferoffset+6]= + (unsigned char) (height & 0xff); +- *bufferoffset+=strip[i+2]+2; +- i+=strip[i+2]+2; +- ++ *bufferoffset+=datalen+2; ++ /* insert a DRI marker */ + buffer[(*bufferoffset)++]=0xff; + buffer[(*bufferoffset)++]=0xdd; + buffer[(*bufferoffset)++]=0x00; + buffer[(*bufferoffset)++]=0x04; + buffer[(*bufferoffset)++]=(ri >> 8) & 0xff; + buffer[(*bufferoffset)++]= ri & 0xff; +- } else { +- i+=strip[i+2]+2; + } + break; +- case 0xc4: +- case 0xdb: +- _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), strip[i+2]+2); +- *bufferoffset+=strip[i+2]+2; +- i+=strip[i+2]+2; ++ case 0xc4: /* DHT */ ++ case 0xdb: /* DQT */ ++ _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), datalen+2); ++ *bufferoffset+=datalen+2; + break; +- case 0xda: ++ case 0xda: /* SOS */ + if(no==0){ +- _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), strip[i+2]+2); +- *bufferoffset+=strip[i+2]+2; +- i+=strip[i+2]+2; ++ _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), datalen+2); ++ *bufferoffset+=datalen+2; + } else { + buffer[(*bufferoffset)++]=0xff; + buffer[(*bufferoffset)++]= + (unsigned char)(0xd0 | ((no-1)%8)); +- i+=strip[i+2]+2; + } +- _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), (*striplength)-i-1); +- *bufferoffset+=(*striplength)-i-1; ++ i += datalen + 1; ++ /* copy remainder of strip */ ++ _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i]), *striplength - i); ++ *bufferoffset+= *striplength - i; + return(1); + default: +- i+=strip[i+2]+2; ++ /* ignore any other marker */ ++ break; + } ++ i += datalen + 1; + } +- + ++ /* failed to find SOS marker */ + return(0); + } + #endif +@@ -3605,7 +3626,9 @@ tsize_t t2p_write_pdf_header(T2P* t2p, TIFF* output){ + char buffer[16]; + int buflen=0; + +- buflen=sprintf(buffer, "%%PDF-%u.%u ", t2p->pdf_majorversion&0xff, t2p->pdf_minorversion&0xff); ++ buflen = snprintf(buffer, sizeof(buffer), "%%PDF-%u.%u ", ++ t2p->pdf_majorversion&0xff, ++ t2p->pdf_minorversion&0xff); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t)"\n%\342\343\317\323\n", 7); + +@@ -3619,10 +3642,10 @@ tsize_t t2p_write_pdf_header(T2P* t2p, TIFF* output){ + tsize_t t2p_write_pdf_obj_start(uint32 number, TIFF* output){ + + tsize_t written=0; +- char buffer[16]; ++ char buffer[32]; + int buflen=0; + +- buflen=sprintf(buffer, "%lu", (unsigned long)number); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)number); + written += t2pWriteFile(output, (tdata_t) buffer, buflen ); + written += t2pWriteFile(output, (tdata_t) " 0 obj\n", 7); + +@@ -3661,13 +3684,13 @@ tsize_t t2p_write_pdf_name(unsigned char* name, TIFF* output){ + written += t2pWriteFile(output, (tdata_t) "/", 1); + for (i=0;i<namelen;i++){ + if ( ((unsigned char)name[i]) < 0x21){ +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + nextchar=1; + } + if ( ((unsigned char)name[i]) > 0x7E){ +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + nextchar=1; +@@ -3675,57 +3698,57 @@ tsize_t t2p_write_pdf_name(unsigned char* name, TIFF* output){ + if (nextchar==0){ + switch (name[i]){ + case 0x23: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x25: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x28: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x29: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x2F: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x3C: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x3E: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x5B: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x5D: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x7B: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x7D: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; +@@ -3840,14 +3863,14 @@ tsize_t t2p_write_pdf_stream_end(TIFF* output){ + tsize_t t2p_write_pdf_stream_dict(tsize_t len, uint32 number, TIFF* output){ + + tsize_t written=0; +- char buffer[16]; ++ char buffer[32]; + int buflen=0; + + written += t2pWriteFile(output, (tdata_t) "/Length ", 8); + if(len!=0){ + written += t2p_write_pdf_stream_length(len, output); + } else { +- buflen=sprintf(buffer, "%lu", (unsigned long)number); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)number); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R \n", 6); + } +@@ -3888,10 +3911,10 @@ tsize_t t2p_write_pdf_stream_dict_end(TIFF* output){ + tsize_t t2p_write_pdf_stream_length(tsize_t len, TIFF* output){ + + tsize_t written=0; +- char buffer[16]; ++ char buffer[32]; + int buflen=0; + +- buflen=sprintf(buffer, "%lu", (unsigned long)len); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)len); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "\n", 1); + +@@ -3905,7 +3928,7 @@ tsize_t t2p_write_pdf_stream_length(tsize_t len, TIFF* output){ + tsize_t t2p_write_pdf_catalog(T2P* t2p, TIFF* output) + { + tsize_t written = 0; +- char buffer[16]; ++ char buffer[32]; + int buflen = 0; + + written += t2pWriteFile(output, +@@ -3944,7 +3967,6 @@ tsize_t t2p_write_pdf_info(T2P* t2p, TIFF* input, TIFF* output) + written += t2p_write_pdf_string(t2p->pdf_datetime, output); + } + written += t2pWriteFile(output, (tdata_t) "\n/Producer ", 11); +- _TIFFmemset((tdata_t)buffer, 0x00, sizeof(buffer)); + snprintf(buffer, sizeof(buffer), "libtiff / tiff2pdf - %d", TIFFLIB_VERSION); + written += t2p_write_pdf_string(buffer, output); + written += t2pWriteFile(output, (tdata_t) "\n", 1); +@@ -4085,7 +4107,7 @@ tsize_t t2p_write_pdf_pages(T2P* t2p, TIFF* output) + { + tsize_t written=0; + tdir_t i=0; +- char buffer[16]; ++ char buffer[32]; + int buflen=0; + + int page=0; +@@ -4093,7 +4115,7 @@ tsize_t t2p_write_pdf_pages(T2P* t2p, TIFF* output) + (tdata_t) "<< \n/Type /Pages \n/Kids [ ", 26); + page = t2p->pdf_pages+1; + for (i=0;i<t2p->tiff_pagecount;i++){ +- buflen=sprintf(buffer, "%d", page); ++ buflen=snprintf(buffer, sizeof(buffer), "%d", page); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); + if ( ((i+1)%8)==0 ) { +@@ -4108,8 +4130,7 @@ tsize_t t2p_write_pdf_pages(T2P* t2p, TIFF* output) + } + } + written += t2pWriteFile(output, (tdata_t) "] \n/Count ", 10); +- _TIFFmemset(buffer, 0x00, 16); +- buflen=sprintf(buffer, "%d", t2p->tiff_pagecount); ++ buflen=snprintf(buffer, sizeof(buffer), "%d", t2p->tiff_pagecount); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " \n>> \n", 6); + +@@ -4124,28 +4145,28 @@ tsize_t t2p_write_pdf_page(uint32 object, T2P* t2p, TIFF* output){ + + unsigned int i=0; + tsize_t written=0; +- char buffer[16]; ++ char buffer[256]; + int buflen=0; + + written += t2pWriteFile(output, (tdata_t) "<<\n/Type /Page \n/Parent ", 24); +- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_pages); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_pages); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R \n", 6); + written += t2pWriteFile(output, (tdata_t) "/MediaBox [", 11); +- buflen=sprintf(buffer, "%.4f",t2p->pdf_mediabox.x1); ++ buflen=snprintf(buffer, sizeof(buffer), "%.4f",t2p->pdf_mediabox.x1); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " ", 1); +- buflen=sprintf(buffer, "%.4f",t2p->pdf_mediabox.y1); ++ buflen=snprintf(buffer, sizeof(buffer), "%.4f",t2p->pdf_mediabox.y1); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " ", 1); +- buflen=sprintf(buffer, "%.4f",t2p->pdf_mediabox.x2); ++ buflen=snprintf(buffer, sizeof(buffer), "%.4f",t2p->pdf_mediabox.x2); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " ", 1); +- buflen=sprintf(buffer, "%.4f",t2p->pdf_mediabox.y2); ++ buflen=snprintf(buffer, sizeof(buffer), "%.4f",t2p->pdf_mediabox.y2); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "] \n", 3); + written += t2pWriteFile(output, (tdata_t) "/Contents ", 10); +- buflen=sprintf(buffer, "%lu", (unsigned long)(object + 1)); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)(object + 1)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R \n", 6); + written += t2pWriteFile(output, (tdata_t) "/Resources << \n", 15); +@@ -4153,15 +4174,13 @@ tsize_t t2p_write_pdf_page(uint32 object, T2P* t2p, TIFF* output){ + written += t2pWriteFile(output, (tdata_t) "/XObject <<\n", 12); + for(i=0;i<t2p->tiff_tiles[t2p->pdf_page].tiles_tilecount;i++){ + written += t2pWriteFile(output, (tdata_t) "/Im", 3); +- buflen = sprintf(buffer, "%u", t2p->pdf_page+1); ++ buflen = snprintf(buffer, sizeof(buffer), "%u", t2p->pdf_page+1); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "_", 1); +- buflen = sprintf(buffer, "%u", i+1); ++ buflen = snprintf(buffer, sizeof(buffer), "%u", i+1); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " ", 1); +- buflen = sprintf( +- buffer, +- "%lu", ++ buflen = snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)(object+3+(2*i)+t2p->tiff_pages[t2p->pdf_page].page_extra)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); +@@ -4173,12 +4192,10 @@ tsize_t t2p_write_pdf_page(uint32 object, T2P* t2p, TIFF* output){ + } else { + written += t2pWriteFile(output, (tdata_t) "/XObject <<\n", 12); + written += t2pWriteFile(output, (tdata_t) "/Im", 3); +- buflen = sprintf(buffer, "%u", t2p->pdf_page+1); ++ buflen = snprintf(buffer, sizeof(buffer), "%u", t2p->pdf_page+1); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " ", 1); +- buflen = sprintf( +- buffer, +- "%lu", ++ buflen = snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)(object+3+(2*i)+t2p->tiff_pages[t2p->pdf_page].page_extra)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); +@@ -4187,9 +4204,7 @@ tsize_t t2p_write_pdf_page(uint32 object, T2P* t2p, TIFF* output){ + if(t2p->tiff_transferfunctioncount != 0) { + written += t2pWriteFile(output, (tdata_t) "/ExtGState <<", 13); + t2pWriteFile(output, (tdata_t) "/GS1 ", 5); +- buflen = sprintf( +- buffer, +- "%lu", ++ buflen = snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)(object + 3)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); +@@ -4562,7 +4577,7 @@ tsize_t t2p_write_pdf_page_content_stream(T2P* t2p, TIFF* output){ + if(t2p->tiff_tiles[t2p->pdf_page].tiles_tilecount>0){ + for(i=0;i<t2p->tiff_tiles[t2p->pdf_page].tiles_tilecount; i++){ + box=t2p->tiff_tiles[t2p->pdf_page].tiles_tiles[i].tile_box; +- buflen=sprintf(buffer, ++ buflen=snprintf(buffer, sizeof(buffer), + "q %s %.4f %.4f %.4f %.4f %.4f %.4f cm /Im%d_%ld Do Q\n", + t2p->tiff_transferfunctioncount?"/GS1 gs ":"", + box.mat[0], +@@ -4577,7 +4592,7 @@ tsize_t t2p_write_pdf_page_content_stream(T2P* t2p, TIFF* output){ + } + } else { + box=t2p->pdf_imagebox; +- buflen=sprintf(buffer, ++ buflen=snprintf(buffer, sizeof(buffer), + "q %s %.4f %.4f %.4f %.4f %.4f %.4f cm /Im%d Do Q\n", + t2p->tiff_transferfunctioncount?"/GS1 gs ":"", + box.mat[0], +@@ -4602,59 +4617,48 @@ tsize_t t2p_write_pdf_xobject_stream_dict(ttile_t tile, + TIFF* output){ + + tsize_t written=0; +- char buffer[16]; ++ char buffer[32]; + int buflen=0; + + written += t2p_write_pdf_stream_dict(0, t2p->pdf_xrefcount+1, output); + written += t2pWriteFile(output, + (tdata_t) "/Type /XObject \n/Subtype /Image \n/Name /Im", + 42); +- buflen=sprintf(buffer, "%u", t2p->pdf_page+1); ++ buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->pdf_page+1); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + if(tile != 0){ + written += t2pWriteFile(output, (tdata_t) "_", 1); +- buflen=sprintf(buffer, "%lu", (unsigned long)tile); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)tile); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + } + written += t2pWriteFile(output, (tdata_t) "\n/Width ", 8); +- _TIFFmemset((tdata_t)buffer, 0x00, 16); + if(tile==0){ +- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->tiff_width); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->tiff_width); + } else { + if(t2p_tile_is_right_edge(t2p->tiff_tiles[t2p->pdf_page], tile-1)!=0){ +- buflen=sprintf( +- buffer, +- "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_edgetilewidth); + } else { +- buflen=sprintf( +- buffer, +- "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_tilewidth); + } + } + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "\n/Height ", 9); +- _TIFFmemset((tdata_t)buffer, 0x00, 16); + if(tile==0){ +- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->tiff_length); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->tiff_length); + } else { + if(t2p_tile_is_bottom_edge(t2p->tiff_tiles[t2p->pdf_page], tile-1)!=0){ +- buflen=sprintf( +- buffer, +- "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_edgetilelength); + } else { +- buflen=sprintf( +- buffer, +- "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_tilelength); + } + } + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "\n/BitsPerComponent ", 19); +- _TIFFmemset((tdata_t)buffer, 0x00, 16); +- buflen=sprintf(buffer, "%u", t2p->tiff_bitspersample); ++ buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->tiff_bitspersample); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "\n/ColorSpace ", 13); + written += t2p_write_pdf_xobject_cs(t2p, output); +@@ -4698,11 +4702,10 @@ tsize_t t2p_write_pdf_xobject_cs(T2P* t2p, TIFF* output){ + t2p->pdf_colorspace ^= T2P_CS_PALETTE; + written += t2p_write_pdf_xobject_cs(t2p, output); + t2p->pdf_colorspace |= T2P_CS_PALETTE; +- buflen=sprintf(buffer, "%u", (0x0001 << t2p->tiff_bitspersample)-1 ); ++ buflen=snprintf(buffer, sizeof(buffer), "%u", (0x0001 << t2p->tiff_bitspersample)-1 ); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " ", 1); +- _TIFFmemset(buffer, 0x00, 16); +- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_palettecs ); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_palettecs ); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R ]\n", 7); + return(written); +@@ -4736,10 +4739,10 @@ tsize_t t2p_write_pdf_xobject_cs(T2P* t2p, TIFF* output){ + X_W /= Y_W; + Z_W /= Y_W; + Y_W = 1.0F; +- buflen=sprintf(buffer, "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W); ++ buflen=snprintf(buffer, sizeof(buffer), "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "/Range ", 7); +- buflen=sprintf(buffer, "[%d %d %d %d] \n", ++ buflen=snprintf(buffer, sizeof(buffer), "[%d %d %d %d] \n", + t2p->pdf_labrange[0], + t2p->pdf_labrange[1], + t2p->pdf_labrange[2], +@@ -4755,26 +4758,26 @@ tsize_t t2p_write_pdf_xobject_cs(T2P* t2p, TIFF* output){ + tsize_t t2p_write_pdf_transfer(T2P* t2p, TIFF* output){ + + tsize_t written=0; +- char buffer[16]; ++ char buffer[32]; + int buflen=0; + + written += t2pWriteFile(output, (tdata_t) "<< /Type /ExtGState \n/TR ", 25); + if(t2p->tiff_transferfunctioncount == 1){ +- buflen=sprintf(buffer, "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)(t2p->pdf_xrefcount + 1)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); + } else { + written += t2pWriteFile(output, (tdata_t) "[ ", 2); +- buflen=sprintf(buffer, "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)(t2p->pdf_xrefcount + 1)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); +- buflen=sprintf(buffer, "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)(t2p->pdf_xrefcount + 2)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); +- buflen=sprintf(buffer, "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)(t2p->pdf_xrefcount + 3)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); +@@ -4796,7 +4799,7 @@ tsize_t t2p_write_pdf_transfer_dict(T2P* t2p, TIFF* output, uint16 i){ + written += t2pWriteFile(output, (tdata_t) "/FunctionType 0 \n", 17); + written += t2pWriteFile(output, (tdata_t) "/Domain [0.0 1.0] \n", 19); + written += t2pWriteFile(output, (tdata_t) "/Range [0.0 1.0] \n", 18); +- buflen=sprintf(buffer, "/Size [%u] \n", (1<<t2p->tiff_bitspersample)); ++ buflen=snprintf(buffer, sizeof(buffer), "/Size [%u] \n", (1<<t2p->tiff_bitspersample)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "/BitsPerSample 16 \n", 19); + written += t2p_write_pdf_stream_dict(1<<(t2p->tiff_bitspersample+1), 0, output); +@@ -4823,7 +4826,7 @@ tsize_t t2p_write_pdf_transfer_stream(T2P* t2p, TIFF* output, uint16 i){ + tsize_t t2p_write_pdf_xobject_calcs(T2P* t2p, TIFF* output){ + + tsize_t written=0; +- char buffer[128]; ++ char buffer[256]; + int buflen=0; + + float X_W=0.0; +@@ -4891,16 +4894,16 @@ tsize_t t2p_write_pdf_xobject_calcs(T2P* t2p, TIFF* output){ + written += t2pWriteFile(output, (tdata_t) "<< \n", 4); + if(t2p->pdf_colorspace & T2P_CS_CALGRAY){ + written += t2pWriteFile(output, (tdata_t) "/WhitePoint ", 12); +- buflen=sprintf(buffer, "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W); ++ buflen=snprintf(buffer, sizeof(buffer), "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "/Gamma 2.2 \n", 12); + } + if(t2p->pdf_colorspace & T2P_CS_CALRGB){ + written += t2pWriteFile(output, (tdata_t) "/WhitePoint ", 12); +- buflen=sprintf(buffer, "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W); ++ buflen=snprintf(buffer, sizeof(buffer), "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "/Matrix ", 8); +- buflen=sprintf(buffer, "[%.4f %.4f %.4f %.4f %.4f %.4f %.4f %.4f %.4f] \n", ++ buflen=snprintf(buffer, sizeof(buffer), "[%.4f %.4f %.4f %.4f %.4f %.4f %.4f %.4f %.4f] \n", + X_R, Y_R, Z_R, + X_G, Y_G, Z_G, + X_B, Y_B, Z_B); +@@ -4919,11 +4922,11 @@ tsize_t t2p_write_pdf_xobject_calcs(T2P* t2p, TIFF* output){ + tsize_t t2p_write_pdf_xobject_icccs(T2P* t2p, TIFF* output){ + + tsize_t written=0; +- char buffer[16]; ++ char buffer[32]; + int buflen=0; + + written += t2pWriteFile(output, (tdata_t) "[/ICCBased ", 11); +- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_icccs); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_icccs); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R] \n", 7); + +@@ -4933,11 +4936,11 @@ tsize_t t2p_write_pdf_xobject_icccs(T2P* t2p, TIFF* output){ + tsize_t t2p_write_pdf_xobject_icccs_dict(T2P* t2p, TIFF* output){ + + tsize_t written=0; +- char buffer[16]; ++ char buffer[32]; + int buflen=0; + + written += t2pWriteFile(output, (tdata_t) "/N ", 3); +- buflen=sprintf(buffer, "%u \n", t2p->tiff_samplesperpixel); ++ buflen=snprintf(buffer, sizeof(buffer), "%u \n", t2p->tiff_samplesperpixel); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "/Alternate ", 11); + t2p->pdf_colorspace ^= T2P_CS_ICCBASED; +@@ -5002,7 +5005,7 @@ tsize_t t2p_write_pdf_xobject_decode(T2P* t2p, TIFF* output){ + tsize_t t2p_write_pdf_xobject_stream_filter(ttile_t tile, T2P* t2p, TIFF* output){ + + tsize_t written=0; +- char buffer[16]; ++ char buffer[32]; + int buflen=0; + + if(t2p->pdf_compression==T2P_COMPRESS_NONE){ +@@ -5017,41 +5020,33 @@ tsize_t t2p_write_pdf_xobject_stream_filter(ttile_t tile, T2P* t2p, TIFF* output + written += t2pWriteFile(output, (tdata_t) "<< /K -1 ", 9); + if(tile==0){ + written += t2pWriteFile(output, (tdata_t) "/Columns ", 9); +- buflen=sprintf(buffer, "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_width); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " /Rows ", 7); +- buflen=sprintf(buffer, "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_length); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + } else { + if(t2p_tile_is_right_edge(t2p->tiff_tiles[t2p->pdf_page], tile-1)==0){ + written += t2pWriteFile(output, (tdata_t) "/Columns ", 9); +- buflen=sprintf( +- buffer, +- "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_tilewidth); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + } else { + written += t2pWriteFile(output, (tdata_t) "/Columns ", 9); +- buflen=sprintf( +- buffer, +- "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_edgetilewidth); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + } + if(t2p_tile_is_bottom_edge(t2p->tiff_tiles[t2p->pdf_page], tile-1)==0){ + written += t2pWriteFile(output, (tdata_t) " /Rows ", 7); +- buflen=sprintf( +- buffer, +- "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_tilelength); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + } else { + written += t2pWriteFile(output, (tdata_t) " /Rows ", 7); +- buflen=sprintf( +- buffer, +- "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_edgetilelength); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + } +@@ -5078,21 +5073,17 @@ tsize_t t2p_write_pdf_xobject_stream_filter(ttile_t tile, T2P* t2p, TIFF* output + if(t2p->pdf_compressionquality%100){ + written += t2pWriteFile(output, (tdata_t) "/DecodeParms ", 13); + written += t2pWriteFile(output, (tdata_t) "<< /Predictor ", 14); +- _TIFFmemset(buffer, 0x00, 16); +- buflen=sprintf(buffer, "%u", t2p->pdf_compressionquality%100); ++ buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->pdf_compressionquality%100); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " /Columns ", 10); +- _TIFFmemset(buffer, 0x00, 16); +- buflen = sprintf(buffer, "%lu", ++ buflen = snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_width); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " /Colors ", 9); +- _TIFFmemset(buffer, 0x00, 16); +- buflen=sprintf(buffer, "%u", t2p->tiff_samplesperpixel); ++ buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->tiff_samplesperpixel); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " /BitsPerComponent ", 19); +- _TIFFmemset(buffer, 0x00, 16); +- buflen=sprintf(buffer, "%u", t2p->tiff_bitspersample); ++ buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->tiff_bitspersample); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) ">>\n", 3); + } +@@ -5112,16 +5103,16 @@ tsize_t t2p_write_pdf_xobject_stream_filter(ttile_t tile, T2P* t2p, TIFF* output + tsize_t t2p_write_pdf_xreftable(T2P* t2p, TIFF* output){ + + tsize_t written=0; +- char buffer[21]; ++ char buffer[64]; + int buflen=0; + uint32 i=0; + + written += t2pWriteFile(output, (tdata_t) "xref\n0 ", 7); +- buflen=sprintf(buffer, "%lu", (unsigned long)(t2p->pdf_xrefcount + 1)); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)(t2p->pdf_xrefcount + 1)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " \n0000000000 65535 f \n", 22); + for (i=0;i<t2p->pdf_xrefcount;i++){ +- sprintf(buffer, "%.10lu 00000 n \n", ++ snprintf(buffer, sizeof(buffer), "%.10lu 00000 n \n", + (unsigned long)t2p->pdf_xrefoffsets[i]); + written += t2pWriteFile(output, (tdata_t) buffer, 20); + } +@@ -5145,17 +5136,14 @@ tsize_t t2p_write_pdf_trailer(T2P* t2p, TIFF* output) + snprintf(t2p->pdf_fileid + i, 9, "%.8X", rand()); + + written += t2pWriteFile(output, (tdata_t) "trailer\n<<\n/Size ", 17); +- buflen = sprintf(buffer, "%lu", (unsigned long)(t2p->pdf_xrefcount+1)); ++ buflen = snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)(t2p->pdf_xrefcount+1)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); +- _TIFFmemset(buffer, 0x00, 32); + written += t2pWriteFile(output, (tdata_t) "\n/Root ", 7); +- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_catalog); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_catalog); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); +- _TIFFmemset(buffer, 0x00, 32); + written += t2pWriteFile(output, (tdata_t) " 0 R \n/Info ", 12); +- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_info); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_info); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); +- _TIFFmemset(buffer, 0x00, 32); + written += t2pWriteFile(output, (tdata_t) " 0 R \n/ID[<", 11); + written += t2pWriteFile(output, (tdata_t) t2p->pdf_fileid, + sizeof(t2p->pdf_fileid) - 1); +@@ -5163,9 +5151,8 @@ tsize_t t2p_write_pdf_trailer(T2P* t2p, TIFF* output) + written += t2pWriteFile(output, (tdata_t) t2p->pdf_fileid, + sizeof(t2p->pdf_fileid) - 1); + written += t2pWriteFile(output, (tdata_t) ">]\n>>\nstartxref\n", 16); +- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_startxref); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_startxref); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); +- _TIFFmemset(buffer, 0x00, 32); + written += t2pWriteFile(output, (tdata_t) "\n%%EOF\n", 7); + + return(written); +diff --git a/tools/tiff2ps.c b/tools/tiff2ps.c +index 2d02b23..b9befe7 100644 +--- a/tools/tiff2ps.c ++++ b/tools/tiff2ps.c +@@ -1,4 +1,4 @@ +-/* $Id: tiff2ps.c,v 1.35.2.7 2011-04-09 16:53:56 bfriesen Exp $ */ ++/* $Id: tiff2ps.c,v 1.35.2.9 2013-05-02 14:44:44 tgl Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -44,6 +44,11 @@ + + /* + * Revision history ++ * 2013-Jan-21 ++ * Richard Nolde: Fix bug in auto rotate option code. Once a ++ * rotation angle was set by the auto rotate check, it was ++ * retained for all pages that followed instead of being ++ * retested for each page. + * + * 2010-Sep-17 + * Richard Nolde: Reinstate code from Feb 2009 that never got +@@ -423,9 +428,10 @@ main(int argc, char* argv[]) + /* auto rotate requires a specified page width and height */ + if (auto_rotate == TRUE) + { ++ /* + if ((pageWidth == 0) || (pageHeight == 0)) + TIFFWarning ("-r auto", " requires page height and width specified with -h and -w"); +- ++ */ + if ((maxPageWidth > 0) || (maxPageHeight > 0)) + { + TIFFError ("-r auto", " is incompatible with maximum page width/height specified by -H or -W"); +@@ -1594,6 +1600,8 @@ int TIFF2PS(FILE* fd, TIFF* tif, double pgwidth, double pgheight, double lm, dou + } + if (generateEPSF) + break; ++ if (auto_rotate) ++ rotation = 0.0; + TIFFGetFieldDefaulted(tif, TIFFTAG_SUBFILETYPE, &subfiletype); + } while (((subfiletype & FILETYPE_PAGE) || printAll) && TIFFReadDirectory(tif)); + +@@ -1783,8 +1791,8 @@ PS_Lvl2ImageDict(FILE* fd, TIFF* tif, uint32 w, uint32 h) + imageOp = "imagemask"; + + (void)strcpy(im_x, "0"); +- (void)sprintf(im_y, "%lu", (long) h); +- (void)sprintf(im_h, "%lu", (long) h); ++ (void)snprintf(im_y, sizeof(im_y), "%lu", (long) h); ++ (void)snprintf(im_h, sizeof(im_h), "%lu", (long) h); + tile_width = w; + tile_height = h; + if (TIFFIsTiled(tif)) { +@@ -1805,7 +1813,7 @@ PS_Lvl2ImageDict(FILE* fd, TIFF* tif, uint32 w, uint32 h) + } + if (tile_height < h) { + fputs("/im_y 0 def\n", fd); +- (void)sprintf(im_y, "%lu im_y sub", (unsigned long) h); ++ (void)snprintf(im_y, sizeof(im_y), "%lu im_y sub", (unsigned long) h); + } + } else { + repeat_count = tf_numberstrips; +@@ -1817,7 +1825,7 @@ PS_Lvl2ImageDict(FILE* fd, TIFF* tif, uint32 w, uint32 h) + fprintf(fd, "/im_h %lu def\n", + (unsigned long) tile_height); + (void)strcpy(im_h, "im_h"); +- (void)sprintf(im_y, "%lu im_y sub", (unsigned long) h); ++ (void)snprintf(im_y, sizeof(im_y), "%lu im_y sub", (unsigned long) h); + } + } + +diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c +index d00c912..6c53e74 100644 +--- a/tools/tiffcrop.c ++++ b/tools/tiffcrop.c +@@ -1,4 +1,4 @@ +-/* $Id: tiffcrop.c,v 1.3.2.15 2010-12-14 02:03:55 faxguy Exp $ */ ++/* $Id: tiffcrop.c,v 1.3.2.16 2013-05-02 14:44:44 tgl Exp $ */ + + /* tiffcrop.c -- a port of tiffcp.c extended to include manipulations of + * the image data through additional options listed below +@@ -2077,7 +2077,7 @@ update_output_file (TIFF **tiffout, char *mode, int autoindex, + return 1; + } + +- sprintf (filenum, "-%03d%s", findex, export_ext); ++ snprintf(filenum, sizeof(filenum), "-%03d%s", findex, export_ext); + filenum[14] = '\0'; + strncat (exportname, filenum, 15); + } +@@ -2230,8 +2230,8 @@ main(int argc, char* argv[]) + + /* dump.infilename is guaranteed to be NUL termimated and have 20 bytes + fewer than PATH_MAX */ +- memset (temp_filename, '\0', PATH_MAX + 1); +- sprintf (temp_filename, "%s-read-%03d.%s", dump.infilename, dump_images, ++ snprintf(temp_filename, sizeof(temp_filename), "%s-read-%03d.%s", ++ dump.infilename, dump_images, + (dump.format == DUMP_TEXT) ? "txt" : "raw"); + if ((dump.infile = fopen(temp_filename, dump.mode)) == NULL) + { +@@ -2249,8 +2249,8 @@ main(int argc, char* argv[]) + + /* dump.outfilename is guaranteed to be NUL termimated and have 20 bytes + fewer than PATH_MAX */ +- memset (temp_filename, '\0', PATH_MAX + 1); +- sprintf (temp_filename, "%s-write-%03d.%s", dump.outfilename, dump_images, ++ snprintf(temp_filename, sizeof(temp_filename), "%s-write-%03d.%s", ++ dump.outfilename, dump_images, + (dump.format == DUMP_TEXT) ? "txt" : "raw"); + if ((dump.outfile = fopen(temp_filename, dump.mode)) == NULL) + { +diff --git a/tools/tiffdither.c b/tools/tiffdither.c +index dee2a02..a0cb857 100644 +--- a/tools/tiffdither.c ++++ b/tools/tiffdither.c +@@ -1,4 +1,4 @@ +-/* $Id: tiffdither.c,v 1.9.2.1 2010-06-08 18:50:44 bfriesen Exp $ */ ++/* $Id: tiffdither.c,v 1.9.2.2 2013-05-02 14:44:45 tgl Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -256,7 +256,7 @@ main(int argc, char* argv[]) + TIFFSetField(out, TIFFTAG_FILLORDER, fillorder); + else + CopyField(TIFFTAG_FILLORDER, shortv); +- sprintf(thing, "Dithered B&W version of %s", argv[optind]); ++ snprintf(thing, sizeof(thing), "Dithered B&W version of %s", argv[optind]); + TIFFSetField(out, TIFFTAG_IMAGEDESCRIPTION, thing); + CopyField(TIFFTAG_PHOTOMETRIC, shortv); + CopyField(TIFFTAG_ORIENTATION, shortv); diff --git a/patches/source/libtiff/tiff-3.9.7_CVE-2013-4231.diff b/patches/source/libtiff/tiff-3.9.7_CVE-2013-4231.diff new file mode 100644 index 00000000..79eeb449 --- /dev/null +++ b/patches/source/libtiff/tiff-3.9.7_CVE-2013-4231.diff @@ -0,0 +1,23 @@ +From 5d19703933eaa59f97be9c88237fe00593f180ae Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Mon, 19 Aug 2013 +Subject: CVE-2013-4231 + +* tools/gif2tiff.c: Be more careful about corrupt or + hostile input files (#2450, CVE-2013-4231) + +--- + gif2tiff.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/tools/gif2tiff.c 2013-08-20 ++++ b/tools/gif2tiff.c 2013-08-20 +@@ -329,6 +329,8 @@ readraster(void) + int status = 1; + + datasize = getc(infile); ++ if (datasize > 12) ++ return 0; + clear = 1 << datasize; + eoi = clear + 1; + avail = clear + 2; diff --git a/patches/source/libtiff/tiff-3.9.7_CVE-2013-4232.diff b/patches/source/libtiff/tiff-3.9.7_CVE-2013-4232.diff new file mode 100644 index 00000000..b86f8f4a --- /dev/null +++ b/patches/source/libtiff/tiff-3.9.7_CVE-2013-4232.diff @@ -0,0 +1,24 @@ +From 8a2f9160cc4c52c73a62adef4d9282b2bd6e7ff1 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Mon, 19 Aug 2013 +Subject: CVE-2013-4232 + +* tools/tiff2pdf.c: terminate after failure of allocating + ycbcr buffer (bug #2449, CVE-2013-4232) + +--- + tiff2pdf.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/tools/tiff2pdf.c 2013-08-20 ++++ b/tools/tiff2pdf.c 2013-08-20 +@@ -2457,7 +2457,8 @@ tsize_t t2p_readwrite_pdf_image(T2P* t2p + t2p->tiff_datasize, + TIFFFileName(input)); + t2p->t2p_error = T2P_ERR_ERROR; +- _TIFFfree(buffer); ++ _TIFFfree(buffer); ++ return(0); + } else { + buffer=samplebuffer; + t2p->tiff_datasize *= t2p->tiff_samplesperpixel; diff --git a/patches/source/libtiff/tiff-3.9.7_CVE-2013-4244.diff b/patches/source/libtiff/tiff-3.9.7_CVE-2013-4244.diff new file mode 100644 index 00000000..4f8c5432 --- /dev/null +++ b/patches/source/libtiff/tiff-3.9.7_CVE-2013-4244.diff @@ -0,0 +1,24 @@ +From 7f4cfaec643863fcdc260da46af8d6581974101d Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Mon, 19 Aug 2013 +Subject: CVE-2013-4244 + +* tools/gif2tiff.c: fix possible OOB write (#2452, CVE-2013-4244) + +--- + gif2tiff.c | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/tools/gif2tiff.c 2013-08-20 ++++ b/tools/gif2tiff.c 2013-08-20 +@@ -396,6 +398,10 @@ process(register int code, unsigned char + } + + if (oldcode == -1) { ++ if (code >= clear) { ++ fprintf(stderr, "bad input: code=%d is larger than clear=%d\n",code, clear); ++ return 0; ++ } + *(*fill)++ = suffix[code]; + firstchar = oldcode = code; + return 1; diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2004-0941.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2004-0941.patch new file mode 100644 index 00000000..581e4e09 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2004-0941.patch @@ -0,0 +1,17 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd_png.c 2004-11-11 14:02:37.407589824 -0500 ++++ libwmf-0.2.8.4/src/extra/gd/gd_png.c 2004-11-11 14:04:29.672522960 -0500 +@@ -188,6 +188,14 @@ + + png_get_IHDR (png_ptr, info_ptr, &width, &height, &bit_depth, &color_type, + &interlace_type, NULL, NULL); ++ if (overflow2(sizeof (int), width)) ++ { ++ return NULL; ++ } ++ if (overflow2(sizeof (int) * width, height)) ++ { ++ return NULL; ++ } + if ((color_type == PNG_COLOR_TYPE_RGB) || + (color_type == PNG_COLOR_TYPE_RGB_ALPHA)) + { diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2006-3376.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2006-3376.patch new file mode 100644 index 00000000..507fe662 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2006-3376.patch @@ -0,0 +1,27 @@ +--- libwmf-0.2.8.4.orig/src/player.c 2002-12-10 19:30:26.000000000 +0000 ++++ libwmf-0.2.8.4/src/player.c 2006-07-12 15:12:52.000000000 +0100 +@@ -42,6 +42,7 @@ + #include "player/defaults.h" /* Provides: default settings */ + #include "player/record.h" /* Provides: parameter mechanism */ + #include "player/meta.h" /* Provides: record interpreters */ ++#include <stdint.h> + + /** + * @internal +@@ -132,8 +134,14 @@ + } + } + +-/* P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)-3) * 2 * sizeof (unsigned char)); +- */ P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char)); ++ if (MAX_REC_SIZE(API) > UINT32_MAX / 2) ++ { ++ API->err = wmf_E_InsMem; ++ WMF_DEBUG (API,"bailing..."); ++ return (API->err); ++ } ++ ++ P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char)); + + if (ERR (API)) + { WMF_DEBUG (API,"bailing..."); diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-0455.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-0455.patch new file mode 100644 index 00000000..0cc5abc7 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-0455.patch @@ -0,0 +1,11 @@ +--- libwmf-0.2.8.4/src/extra/gd/gdft.c 2010-12-06 11:18:26.000000000 +0000 ++++ libwmf-0.2.8.4/src/extra/gd/gdft.c 2010-12-06 11:21:09.000000000 +0000 +@@ -811,7 +811,7 @@ + { + ch = c & 0xFF; /* don't extend sign */ + } +- next++; ++ if (*next) next++; + } + else + { diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-2756.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-2756.patch new file mode 100644 index 00000000..eba8fac2 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-2756.patch @@ -0,0 +1,16 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd_png.c 1 Apr 2007 20:41:01 -0000 1.21.2.1 ++++ libwmf-0.2.8.4/src/extra/gd/gd_png.c 16 May 2007 19:06:11 -0000 +@@ -78,8 +78,11 @@ + gdPngReadData (png_structp png_ptr, + png_bytep data, png_size_t length) + { +- gdGetBuf (data, length, (gdIOCtx *) +- png_get_io_ptr (png_ptr)); ++ int check; ++ check = gdGetBuf (data, length, (gdIOCtx *) png_get_io_ptr (png_ptr)); ++ if (check != length) { ++ png_error(png_ptr, "Read Error: truncated data"); ++ } + } + + static void diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3472.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3472.patch new file mode 100644 index 00000000..2cd6d604 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3472.patch @@ -0,0 +1,61 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd.c ++++ libwmf-0.2.8.4/src/extra/gd/gd.c +@@ -106,6 +106,18 @@ + gdImagePtr im; + unsigned long cpa_size; + ++ if (overflow2(sx, sy)) { ++ return NULL; ++ } ++ ++ if (overflow2(sizeof (int *), sy)) { ++ return NULL; ++ } ++ ++ if (overflow2(sizeof(int), sx)) { ++ return NULL; ++ } ++ + im = (gdImage *) gdMalloc (sizeof (gdImage)); + if (im == 0) return 0; + memset (im, 0, sizeof (gdImage)); +--- libwmf-0.2.8.4/src/extra/gd/gdhelpers.c 2010-12-06 11:47:31.000000000 +0000 ++++ libwmf-0.2.8.4/src/extra/gd/gdhelpers.c 2010-12-06 11:48:04.000000000 +0000 +@@ -2,6 +2,7 @@ + #include "gdhelpers.h" + #include <stdlib.h> + #include <string.h> ++#include <limits.h> + + /* TBB: gd_strtok_r is not portable; provide an implementation */ + +@@ -94,3 +95,18 @@ + { + free (ptr); + } ++ ++int overflow2(int a, int b) ++{ ++ if(a < 0 || b < 0) { ++ fprintf(stderr, "gd warning: one parameter to a memory allocation multiplication is negative, failing operation gracefully\n"); ++ return 1; ++ } ++ if(b == 0) ++ return 0; ++ if(a > 2147483647 / b) { ++ fprintf(stderr, "gd warning: product of memory allocation multiplication would exceed INT_MAX, failing operation gracefully\n"); ++ return 1; ++ } ++ return 0; ++} +--- libwmf-0.2.8.4/src/extra/gd/gdhelpers.h 2010-12-06 11:47:17.000000000 +0000 ++++ libwmf-0.2.8.4/src/extra/gd/gdhelpers.h 2010-12-06 11:48:36.000000000 +0000 +@@ -15,6 +15,8 @@ + void *gdMalloc(size_t size); + void *gdRealloc(void *ptr, size_t size); + ++int overflow2(int a, int b); ++ + #pragma GCC visibility pop + + #endif /* GDHELPERS_H */ diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3473.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3473.patch new file mode 100644 index 00000000..59018996 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3473.patch @@ -0,0 +1,13 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd.c ++++ libwmf-0.2.8.4/src/extra/gd/gd.c +@@ -2483,6 +2483,10 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFromXbm (FILE * fd) + } + bytes = (w * h / 8) + 1; + im = gdImageCreate (w, h); ++ if (!im) { ++ return 0; ++ } ++ + gdImageColorAllocate (im, 255, 255, 255); + gdImageColorAllocate (im, 0, 0, 0); + x = 0; diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3477.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3477.patch new file mode 100644 index 00000000..81ac0385 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3477.patch @@ -0,0 +1,38 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd.c ++++ libwmf-0.2.8.4/src/extra/gd/gd.c +@@ -1335,10 +1335,31 @@ + int w2, h2; + w2 = w / 2; + h2 = h / 2; +- while (e < s) +- { +- e += 360; +- } ++ ++ if ((s % 360) == (e % 360)) { ++ s = 0; e = 360; ++ } else { ++ if (s > 360) { ++ s = s % 360; ++ } ++ ++ if (e > 360) { ++ e = e % 360; ++ } ++ ++ while (s < 0) { ++ s += 360; ++ } ++ ++ while (e < s) { ++ e += 360; ++ } ++ ++ if (s == e) { ++ s = 0; e = 360; ++ } ++ } ++ + for (i = s; (i <= e); i++) + { + int x, y; diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2009-3546.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2009-3546.patch new file mode 100644 index 00000000..d718976a --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2009-3546.patch @@ -0,0 +1,13 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd_gd.c 2010-12-06 14:56:06.000000000 +0000 ++++ libwmf-0.2.8.4/src/extra/gd/gd_gd.c 2010-12-06 14:57:04.000000000 +0000 +@@ -42,6 +42,10 @@ + { + goto fail1; + } ++ if (&im->colorsTotal > gdMaxColors) ++ { ++ goto fail1; ++ } + } + /* Int to accommodate truecolor single-color transparency */ + if (!gdGetInt (&im->transparent, in)) diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-0848+CVE-2015-4588.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-0848+CVE-2015-4588.patch new file mode 100644 index 00000000..e8ba8db1 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-0848+CVE-2015-4588.patch @@ -0,0 +1,118 @@ +--- libwmf-0.2.8.4/src/ipa/ipa/bmp.h 2015-06-08 14:46:24.591876404 +0100 ++++ libwmf-0.2.8.4/src/ipa/ipa/bmp.h 2015-06-08 14:46:35.345993247 +0100 +@@ -859,7 +859,7 @@ + % + % + */ +-static void DecodeImage (wmfAPI* API,wmfBMP* bmp,BMPSource* src,unsigned int compression,unsigned char* pixels) ++static int DecodeImage (wmfAPI* API,wmfBMP* bmp,BMPSource* src,unsigned int compression,unsigned char* pixels) + { int byte; + int count; + int i; +@@ -870,12 +870,14 @@ + U32 u; + + unsigned char* q; ++ unsigned char* end; + + for (u = 0; u < ((U32) bmp->width * (U32) bmp->height); u++) pixels[u] = 0; + + byte = 0; + x = 0; + q = pixels; ++ end = pixels + bmp->width * bmp->height; + + for (y = 0; y < bmp->height; ) + { count = ReadBlobByte (src); +@@ -884,7 +886,10 @@ + { /* Encoded mode. */ + byte = ReadBlobByte (src); + for (i = 0; i < count; i++) +- { if (compression == 1) ++ { ++ if (q == end) ++ return 0; ++ if (compression == 1) + { (*(q++)) = (unsigned char) byte; + } + else +@@ -896,13 +901,15 @@ + else + { /* Escape mode. */ + count = ReadBlobByte (src); +- if (count == 0x01) return; ++ if (count == 0x01) return 1; + switch (count) + { + case 0x00: + { /* End of line. */ + x = 0; + y++; ++ if (y >= bmp->height) ++ return 0; + q = pixels + y * bmp->width; + break; + } +@@ -910,13 +917,20 @@ + { /* Delta mode. */ + x += ReadBlobByte (src); + y += ReadBlobByte (src); ++ if (y >= bmp->height) ++ return 0; ++ if (x >= bmp->width) ++ return 0; + q = pixels + y * bmp->width + x; + break; + } + default: + { /* Absolute mode. */ + for (i = 0; i < count; i++) +- { if (compression == 1) ++ { ++ if (q == end) ++ return 0; ++ if (compression == 1) + { (*(q++)) = ReadBlobByte (src); + } + else +@@ -943,7 +957,7 @@ + byte = ReadBlobByte (src); /* end of line */ + byte = ReadBlobByte (src); + +- return; ++ return 1; + } + + /* +@@ -1143,8 +1157,18 @@ + } + } + else +- { /* Convert run-length encoded raster pixels. */ +- DecodeImage (API,bmp,src,(unsigned int) bmp_info.compression,data->image); ++ { ++ if (bmp_info.bits_per_pixel == 8) /* Convert run-length encoded raster pixels. */ ++ { ++ if (!DecodeImage (API,bmp,src,(unsigned int) bmp_info.compression,data->image)) ++ { WMF_ERROR (API,"corrupt bmp"); ++ API->err = wmf_E_BadFormat; ++ } ++ } ++ else ++ { WMF_ERROR (API,"Unexpected pixel depth"); ++ API->err = wmf_E_BadFormat; ++ } + } + + if (ERR (API)) +--- libwmf-0.2.8.4/src/ipa/ipa.h 2015-06-08 14:46:24.590876393 +0100 ++++ libwmf-0.2.8.4/src/ipa/ipa.h 2015-06-08 14:46:35.345993247 +0100 +@@ -48,7 +48,7 @@ + static unsigned short ReadBlobLSBShort (BMPSource*); + static unsigned long ReadBlobLSBLong (BMPSource*); + static long TellBlob (BMPSource*); +-static void DecodeImage (wmfAPI*,wmfBMP*,BMPSource*,unsigned int,unsigned char*); ++static int DecodeImage (wmfAPI*,wmfBMP*,BMPSource*,unsigned int,unsigned char*); + static void ReadBMPImage (wmfAPI*,wmfBMP*,BMPSource*); + static int ExtractColor (wmfAPI*,wmfBMP*,wmfRGB*,unsigned int,unsigned int); + static void SetColor (wmfAPI*,wmfBMP*,wmfRGB*,unsigned char,unsigned int,unsigned int); diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-4695.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-4695.patch new file mode 100644 index 00000000..b6d499da --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-4695.patch @@ -0,0 +1,56 @@ +--- libwmf-0.2.8.4/src/player/meta.h ++++ libwmf-0.2.8.4/src/player/meta.h +@@ -1565,7 +1565,7 @@ static int meta_rgn_create (wmfAPI* API, + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -2142,7 +2142,7 @@ static int meta_dib_brush (wmfAPI* API,w + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -3067,7 +3067,7 @@ static int meta_pen_create (wmfAPI* API, + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -3181,7 +3181,7 @@ static int meta_brush_create (wmfAPI* AP + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -3288,7 +3288,7 @@ static int meta_font_create (wmfAPI* API + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -3396,7 +3396,7 @@ static int meta_palette_create (wmfAPI* + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-4696.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-4696.patch new file mode 100644 index 00000000..33128412 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-4696.patch @@ -0,0 +1,23 @@ +--- libwmf-0.2.8.4/src/player/meta.h ++++ libwmf-0.2.8.4/src/player/meta.h +@@ -2585,6 +2585,8 @@ + polyrect.BR[i] = clip->rects[i].BR; + } + ++ if (FR->region_clip) FR->region_clip (API,&polyrect); ++ + wmf_free (API,polyrect.TL); + wmf_free (API,polyrect.BR); + } +@@ -2593,9 +2595,10 @@ + polyrect.BR = 0; + + polyrect.count = 0; ++ ++ if (FR->region_clip) FR->region_clip (API,&polyrect); + } + +- if (FR->region_clip) FR->region_clip (API,&polyrect); + + return (changed); + } diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-10167.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-10167.patch new file mode 100644 index 00000000..5e281974 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-10167.patch @@ -0,0 +1,30 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd_gd2.c ++++ libwmf-0.2.8.4/src/extra/gd/gd_gd2.c +@@ -362,10 +362,9 @@ + { + if (!gdGetInt (&im->tpixels[y][x], in)) + { +- /*printf("EOF while reading\n"); */ +- /*gdImageDestroy(im); */ +- /*return 0; */ +- im->tpixels[y][x] = 0; ++ fprintf(stderr, "gd2: EOF while reading\n"); ++ gdImageDestroy(im); ++ return NULL; + } + } + else +@@ -373,10 +372,9 @@ + int ch; + if (!gdGetByte (&ch, in)) + { +- /*printf("EOF while reading\n"); */ +- /*gdImageDestroy(im); */ +- /*return 0; */ +- ch = 0; ++ fprintf(stderr, "gd2: EOF while reading\n"); ++ gdImageDestroy(im); ++ return NULL; + } + im->pixels[y][x] = ch; + } diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-10168.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-10168.patch new file mode 100644 index 00000000..b1578bb9 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-10168.patch @@ -0,0 +1,14 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd_gd2.c ++++ libwmf-0.2.8.4/src/extra/gd/gd_gd2.c +@@ -145,6 +145,11 @@ + + if ((*fmt) == GD2_FMT_COMPRESSED) + { ++ if (*ncx <= 0 || *ncy <= 0 || *ncx > 2147483647 / *ncy) { ++ GD2_DBG(printf ("Illegal chunk counts: %d * %d\n", *ncx, *ncy)); ++ goto fail1; ++ } ++ + nc = (*ncx) * (*ncy); + GD2_DBG (printf ("Reading %d chunk index entries\n", nc)); + sidx = sizeof (t_chunk_info) * nc; diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-9011.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-9011.patch new file mode 100644 index 00000000..c6bd017c --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-9011.patch @@ -0,0 +1,36 @@ +--- libwmf-0.2.8.4/src/player.c ++++ libwmf-0.2.8.4/src/player.c +@@ -139,8 +139,31 @@ + WMF_DEBUG (API,"bailing..."); + return (API->err); + } +- +- P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char)); ++ ++ U32 nMaxRecordSize = (MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char); ++ if (nMaxRecordSize) ++ { ++ //before allocating memory do a sanity check on size by seeking ++ //to claimed end to see if its possible. We're constrained here ++ //by the api and existing implementations to not simply seeking ++ //to SEEK_END. So use what we have to skip to the last byte and ++ //try and read it. ++ const long nPos = WMF_TELL (API); ++ WMF_SEEK (API, nPos + nMaxRecordSize - 1); ++ if (ERR (API)) ++ { WMF_DEBUG (API,"bailing..."); ++ return (API->err); ++ } ++ int byte = WMF_READ (API); ++ if (byte == (-1)) ++ { WMF_ERROR (API,"Unexpected EOF!"); ++ API->err = wmf_E_EOF; ++ return (API->err); ++ } ++ WMF_SEEK (API, nPos); ++ } ++ ++ P->Parameters = (unsigned char*) wmf_malloc (API, nMaxRecordSize); + + if (ERR (API)) + { WMF_DEBUG (API,"bailing..."); diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-9317.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-9317.patch new file mode 100644 index 00000000..cf57734e --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-9317.patch @@ -0,0 +1,21 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd.c ++++ libwmf-0.2.8.4/src/extra/gd/gd.c +@@ -65,6 +65,18 @@ + { + int i; + gdImagePtr im; ++ ++ if (overflow2(sx, sy)) { ++ return NULL; ++ } ++ ++ if (overflow2(sizeof (unsigned char *), sy)) { ++ return NULL; ++ } ++ if (overflow2(sizeof (unsigned char), sx)) { ++ return NULL; ++ } ++ + im = (gdImage *) gdMalloc (sizeof (gdImage)); + memset (im, 0, sizeof (gdImage)); + /* Row-major ever since gd 1.3 */ diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2017-6362.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2017-6362.patch new file mode 100644 index 00000000..2ad180d9 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2017-6362.patch @@ -0,0 +1,32 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd_png.c ++++ libwmf-0.2.8.4/src/extra/gd/gd_png.c +@@ -435,17 +435,6 @@ + out->free (out); + } + +-void * +-gdImagePngPtr (gdImagePtr im, int *size) +-{ +- void *rv; +- gdIOCtx *out = gdNewDynamicCtx (2048, NULL); +- gdImagePngCtx (im, out); +- rv = gdDPExtractData (out, size); +- out->free (out); +- return rv; +-} +- + /* This routine is based in part on code from Dale Lutz (Safe Software Inc.) + * and in part on demo code from Chapter 15 of "PNG: The Definitive Guide" + * (http://www.cdrom.com/pub/png/pngbook.html). +--- libwmf-0.2.8.4/src/extra/gd/gd.h ++++ libwmf-0.2.8.4/src/extra/gd/gd.h +@@ -373,9 +373,6 @@ + void gdImageGd2(gdImagePtr im, FILE *out, int cs, int fmt); + + /* Best to free this memory with gdFree(), not free() */ +-void* gdImagePngPtr(gdImagePtr im, int *size); +- +-/* Best to free this memory with gdFree(), not free() */ + void* gdImageGdPtr(gdImagePtr im, int *size); + + /* Best to free this memory with gdFree(), not free() */ diff --git a/patches/source/libwmf/libwmf-0.2.8.4-fallbackfont.patch b/patches/source/libwmf/libwmf-0.2.8.4-fallbackfont.patch new file mode 100644 index 00000000..83383138 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-fallbackfont.patch @@ -0,0 +1,18 @@ +diff -ru libwmf-0.2.8.4.orig/src/font.c libwmf-0.2.8.4/src/font.c +--- libwmf-0.2.8.4.orig/src/font.c 2005-07-27 21:35:06.000000000 +0100 ++++ libwmf-0.2.8.4/src/font.c 2006-01-03 12:53:38.000000000 +0000 +@@ -1429,11 +1429,9 @@ + if (GS->len == 0) return (0); + + name = font->lfFaceName; +- if (name == 0) +- { WMF_DEBUG (API,"No font name?"); +- API->err = wmf_E_Glitch; +- return (0); +- } ++ ++ if (name == 0 || name[0] == 0) ++ name = "Times"; + + /* Find first white-space character or eol + */ diff --git a/patches/source/libwmf/libwmf-0.2.8.4-pixbufloaderdir.patch b/patches/source/libwmf/libwmf-0.2.8.4-pixbufloaderdir.patch new file mode 100644 index 00000000..a0357858 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-pixbufloaderdir.patch @@ -0,0 +1,14 @@ +diff -up libwmf-0.2.8.4/configure.in.pixbufloaderdir libwmf-0.2.8.4/configure.in +--- libwmf-0.2.8.4/configure.in.pixbufloaderdir 2010-06-28 23:35:06.227167269 -0400 ++++ libwmf-0.2.8.4/configure.in 2010-06-28 23:36:00.948420306 -0400 +@@ -741,8 +741,8 @@ + + if test $LIBWMF_BUILDSTYLE != lite; then + PKG_CHECK_MODULES(GDK_PIXBUF,gdk-pixbuf-2.0 >= 2.1.2,[ +- GTK_VERSION=`$PKG_CONFIG --variable=gtk_binary_version gtk+-2.0` +- GDK_PIXBUF_DIR="gtk-2.0/$GTK_VERSION/loaders" ++ GDK_PIXBUF_VERSION=`$PKG_CONFIG --variable=gdk_pixbuf_binary_version gdk-pixbuf-2.0` ++ GDK_PIXBUF_DIR="gdk-pixbuf-2.0/$GDK_PIXBUF_VERSION/loaders" + wmf_gdk_pixbuf=yes + ],[ wmf_gdk_pixbuf=no + ]) diff --git a/patches/source/libwmf/libwmf-0.2.8.4-reducesymbols.patch b/patches/source/libwmf/libwmf-0.2.8.4-reducesymbols.patch new file mode 100644 index 00000000..45d82b32 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-reducesymbols.patch @@ -0,0 +1,520 @@ +diff -ru libwmf-0.2.8.4/src/extra/gd/gd.c libwmf-0.2.8.4.symbols/src/extra/gd/gd.c +--- libwmf-0.2.8.4/src/extra/gd/gd.c 2005-07-27 21:35:05.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gd.c 2006-11-16 12:27:05.000000000 +0000 +@@ -249,6 +249,7 @@ + } + HWBType; + ++#if 0 + static HWBType * + RGB_to_HWB (RGBType RGB, HWBType * HWB) + { +@@ -308,7 +309,6 @@ + return diff; + } + +-#if 0 + /* + * This is not actually used, but is here for completeness, in case someone wants to + * use the HWB stuff for anything else... +@@ -355,6 +355,7 @@ + } + #endif + ++#if 0 + int + gdImageColorClosestHWB (gdImagePtr im, int r, int g, int b) + { +@@ -384,6 +385,7 @@ + } + return ct; + } ++#endif + + int + gdImageColorExact (gdImagePtr im, int r, int g, int b) +@@ -677,7 +679,7 @@ + } + } + +-int ++static int + gdImageGetTrueColorPixel (gdImagePtr im, int x, int y) + { + int p = gdImageGetPixel (im, x, y); +@@ -1286,11 +1288,11 @@ + return len; + } + +-#ifndef HAVE_LSQRT ++#if 0 + /* If you don't have a nice square root function for longs, you can use + ** this hack + */ +-long ++static long + lsqrt (long n) + { + long result = (long) sqrt ((double) n); +@@ -2250,7 +2252,7 @@ + } + } + +-int gdCompareInt (const void *a, const void *b); ++static int gdCompareInt (const void *a, const void *b); + + /* THANKS to Kirsten Schulz for the polygon fixes! */ + +diff -ru libwmf-0.2.8.4/src/extra/gd/gdcache.h libwmf-0.2.8.4.symbols/src/extra/gd/gdcache.h +--- libwmf-0.2.8.4/src/extra/gd/gdcache.h 2001-08-21 15:40:33.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdcache.h 2006-11-16 12:13:40.000000000 +0000 +@@ -41,6 +41,9 @@ + /*********************************************************/ + + /* #include <malloc.h> */ ++ ++#pragma GCC visibility push(hidden) ++ + #ifndef NULL + #define NULL (void *)0 + #endif +@@ -81,3 +84,5 @@ + + void * + gdCacheGet( gdCache_head_t *head, void *keydata ); ++ ++#pragma GCC visibility pop +diff -ru libwmf-0.2.8.4/src/extra/gd/gd_clip.h libwmf-0.2.8.4.symbols/src/extra/gd/gd_clip.h +--- libwmf-0.2.8.4/src/extra/gd/gd_clip.h 2001-03-28 10:37:30.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gd_clip.h 2006-11-16 12:11:49.000000000 +0000 +@@ -1,6 +1,8 @@ + #ifndef GD_CLIP_H + #define GD_CLIP_H 1 + ++#pragma GCC visibility push(hidden) ++ + #ifdef __cplusplus + extern "C" { + #endif +@@ -23,4 +25,6 @@ + } + #endif + ++#pragma GCC visibility pop ++ + #endif /* GD_CLIP_H */ +diff -ru libwmf-0.2.8.4/src/extra/gd/gdfontg.h libwmf-0.2.8.4.symbols/src/extra/gd/gdfontg.h +--- libwmf-0.2.8.4/src/extra/gd/gdfontg.h 2001-03-28 10:37:30.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdfontg.h 2006-11-16 12:12:03.000000000 +0000 +@@ -2,6 +2,8 @@ + #ifndef _GDFONTG_H_ + #define _GDFONTG_H_ 1 + ++#pragma GCC visibility push(hidden) ++ + #ifdef __cplusplus + extern "C" { + #endif +@@ -25,5 +27,7 @@ + } + #endif + ++#pragma GCC visibility pop ++ + #endif + +diff -ru libwmf-0.2.8.4/src/extra/gd/gdfontl.h libwmf-0.2.8.4.symbols/src/extra/gd/gdfontl.h +--- libwmf-0.2.8.4/src/extra/gd/gdfontl.h 2001-03-28 10:37:30.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdfontl.h 2006-11-16 12:12:11.000000000 +0000 +@@ -2,6 +2,8 @@ + #ifndef _GDFONTL_H_ + #define _GDFONTL_H_ 1 + ++#pragma GCC visibility push(hidden) ++ + #ifdef __cplusplus + extern "C" { + #endif +@@ -26,5 +28,7 @@ + } + #endif + ++#pragma GCC visibility pop ++ + #endif + +diff -ru libwmf-0.2.8.4/src/extra/gd/gdfontmb.h libwmf-0.2.8.4.symbols/src/extra/gd/gdfontmb.h +--- libwmf-0.2.8.4/src/extra/gd/gdfontmb.h 2001-03-28 10:37:30.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdfontmb.h 2006-11-16 12:12:19.000000000 +0000 +@@ -2,6 +2,8 @@ + #ifndef _GDFONTMB_H_ + #define _GDFONTMB_H_ 1 + ++#pragma GCC visibility push(hidden) ++ + #ifdef __cplusplus + extern "C" { + #endif +@@ -24,5 +26,7 @@ + } + #endif + ++#pragma GCC visibility pop ++ + #endif + +diff -ru libwmf-0.2.8.4/src/extra/gd/gdfonts.h libwmf-0.2.8.4.symbols/src/extra/gd/gdfonts.h +--- libwmf-0.2.8.4/src/extra/gd/gdfonts.h 2001-03-28 10:37:30.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdfonts.h 2006-11-16 12:12:28.000000000 +0000 +@@ -2,6 +2,8 @@ + #ifndef _GDFONTS_H_ + #define _GDFONTS_H_ 1 + ++#pragma GCC visibility push(hidden) ++ + #ifdef __cplusplus + extern "C" { + #endif +@@ -24,5 +26,7 @@ + } + #endif + ++#pragma GCC visibility pop ++ + #endif + +diff -ru libwmf-0.2.8.4/src/extra/gd/gdfontt.h libwmf-0.2.8.4.symbols/src/extra/gd/gdfontt.h +--- libwmf-0.2.8.4/src/extra/gd/gdfontt.h 2001-03-28 10:37:30.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdfontt.h 2006-11-16 12:12:36.000000000 +0000 +@@ -2,6 +2,8 @@ + #ifndef _GDFONTT_H_ + #define _GDFONTT_H_ 1 + ++#pragma GCC visibility push(hidden) ++ + #ifdef __cplusplus + extern "C" { + #endif +@@ -25,5 +27,7 @@ + } + #endif + ++#pragma GCC visibility pop ++ + #endif + +diff -ru libwmf-0.2.8.4/src/extra/gd/gdft.c libwmf-0.2.8.4.symbols/src/extra/gd/gdft.c +--- libwmf-0.2.8.4/src/extra/gd/gdft.c 2005-07-27 21:35:05.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdft.c 2006-11-16 12:24:50.000000000 +0000 +@@ -533,7 +533,7 @@ + } + + /* draw_bitmap - transfers glyph bitmap to GD image */ +-/* static */ char * ++static char * + gdft_draw_bitmap (gdImage * im, int fg, FT_Bitmap bitmap, int pen_x, int pen_y) + { + unsigned char *pixel = 0; +@@ -643,7 +643,7 @@ + return (char *) NULL; + } + +-int ++static int + gdroundupdown (FT_F26Dot6 v1, int updown) + { + return (!updown) +@@ -651,7 +651,9 @@ + : (v1 > 0 ? ((v1 + 63) >> 6) : v1 >> 6); + } + ++#pragma GCC visibility push(hidden) + extern int any2eucjp (char *, char *, unsigned int); ++#pragma GCC visibility pop + + /********************************************************************/ + /* gdImageStringFT - render a utf8 string onto a gd image */ +diff -ru libwmf-0.2.8.4/src/extra/gd/gd_gd2.c libwmf-0.2.8.4.symbols/src/extra/gd/gd_gd2.c +--- libwmf-0.2.8.4/src/extra/gd/gd_gd2.c 2005-07-27 21:35:05.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gd_gd2.c 2006-11-16 12:21:28.000000000 +0000 +@@ -34,8 +34,10 @@ + } + t_chunk_info; + ++#pragma GCC visibility push(hidden) + extern int _gdGetColors (gdIOCtx * in, gdImagePtr im, int gd2xFlag); + extern void _gdPutColors (gdImagePtr im, gdIOCtx * out); ++#pragma GCC visibility pop + + /* */ + /* Read the extra info in the gd2 header. */ +diff -ru libwmf-0.2.8.4/src/extra/gd/gd_gd.c libwmf-0.2.8.4.symbols/src/extra/gd/gd_gd.c +--- libwmf-0.2.8.4/src/extra/gd/gd_gd.c 2005-07-27 21:35:05.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gd_gd.c 2006-11-16 12:21:43.000000000 +0000 +@@ -11,6 +11,11 @@ + /* Exported functions: */ + extern void gdImageGd (gdImagePtr im, FILE * out); + ++#pragma GCC visibility push(hidden) ++int _gdGetColors (gdIOCtx * in, gdImagePtr im, int gd2xFlag); ++void _gdPutColors (gdImagePtr im, gdIOCtx * out); ++#pragma GCC visibility pop ++ + + /* Use this for commenting out debug-print statements. */ + /* Just use the first '#define' to allow all the prints... */ +diff -ru libwmf-0.2.8.4/src/extra/gd/gd.h libwmf-0.2.8.4.symbols/src/extra/gd/gd.h +--- libwmf-0.2.8.4/src/extra/gd/gd.h 2002-12-05 20:09:11.000000000 +0000 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gd.h 2006-11-16 12:14:11.000000000 +0000 +@@ -25,6 +25,8 @@ + #include <gd_io.h> + #include <gd_clip.h> + ++#pragma GCC visibility push(hidden) ++ + /* The maximum number of palette entries in palette-based images. + In the wonderful new world of gd 2.0, you can of course have + many more colors when using truecolor mode. */ +@@ -497,6 +499,8 @@ + /* resolution affects ttf font rendering, particularly hinting */ + #define GD_RESOLUTION 96 /* pixels per inch */ + ++#pragma GCC visibility pop ++ + #ifdef __cplusplus + } + #endif +diff -ru libwmf-0.2.8.4/src/extra/gd/gdhelpers.h libwmf-0.2.8.4.symbols/src/extra/gd/gdhelpers.h +--- libwmf-0.2.8.4/src/extra/gd/gdhelpers.h 2001-03-28 10:37:31.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdhelpers.h 2006-11-16 12:12:55.000000000 +0000 +@@ -1,6 +1,8 @@ + #ifndef GDHELPERS_H + #define GDHELPERS_H 1 + ++#pragma GCC visibility push(hidden) ++ + /* TBB: strtok_r is not universal; provide an implementation of it. */ + + extern char *gd_strtok_r(char *s, char *sep, char **state); +@@ -13,5 +15,7 @@ + void *gdMalloc(size_t size); + void *gdRealloc(void *ptr, size_t size); + ++#pragma GCC visibility pop ++ + #endif /* GDHELPERS_H */ + +diff -ru libwmf-0.2.8.4/src/extra/gd/gd_io.h libwmf-0.2.8.4.symbols/src/extra/gd/gd_io.h +--- libwmf-0.2.8.4/src/extra/gd/gd_io.h 2001-03-28 10:37:30.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gd_io.h 2006-11-16 12:13:08.000000000 +0000 +@@ -2,6 +2,8 @@ + #define GD_IO_H 1 + + #include <stdio.h> ++ ++#pragma GCC visibility push(hidden) + + typedef struct gdIOCtx { + int (*getC)(struct gdIOCtx*); +@@ -36,4 +38,6 @@ + int gdSeek(gdIOCtx *ctx, const int); + long gdTell(gdIOCtx *ctx); + ++#pragma GCC visibility pop ++ + #endif +diff -ru libwmf-0.2.8.4/src/extra/gd/gd_jpeg.c libwmf-0.2.8.4.symbols/src/extra/gd/gd_jpeg.c +--- libwmf-0.2.8.4/src/extra/gd/gd_jpeg.c 2005-07-27 21:35:06.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gd_jpeg.c 2006-11-16 12:28:13.000000000 +0000 +@@ -99,7 +99,7 @@ + return rv; + } + +-void jpeg_gdIOCtx_dest (j_compress_ptr cinfo, gdIOCtx * outfile); ++static void jpeg_gdIOCtx_dest (j_compress_ptr cinfo, gdIOCtx * outfile); + + void + gdImageJpegCtx (gdImagePtr im, gdIOCtx * outfile, int quality) +@@ -266,7 +266,7 @@ + return im; + } + +-void ++static void + jpeg_gdIOCtx_src (j_decompress_ptr cinfo, + gdIOCtx * infile); + +@@ -511,7 +511,7 @@ + * before any data is actually read. + */ + +-void ++static void + init_source (j_decompress_ptr cinfo) + { + my_src_ptr src = (my_src_ptr) cinfo->src; +@@ -559,7 +559,7 @@ +
+ #define END_JPEG_SEQUENCE "\r\n[*]--:END JPEG:--[*]\r\n"
+ +-safeboolean ++static safeboolean + fill_input_buffer (j_decompress_ptr cinfo) + { + my_src_ptr src = (my_src_ptr) cinfo->src; +@@ -627,7 +627,7 @@ + * buffer is the application writer's problem. + */ + +-void ++static void + skip_input_data (j_decompress_ptr cinfo, long num_bytes) + { + my_src_ptr src = (my_src_ptr) cinfo->src; +@@ -669,7 +669,7 @@ + * for error exit. + */ + +-void ++static void + term_source (j_decompress_ptr cinfo) + { +
+@@ -742,7 +742,7 @@ + * before any data is actually written. + */ + +-void ++static void + init_destination (j_compress_ptr cinfo) + { + my_dest_ptr dest = (my_dest_ptr) cinfo->dest; +@@ -780,7 +780,7 @@ + * write it out when emptying the buffer externally. + */ + +-safeboolean ++static safeboolean + empty_output_buffer (j_compress_ptr cinfo) + { + my_dest_ptr dest = (my_dest_ptr) cinfo->dest; +@@ -805,7 +805,7 @@ + * for error exit. + */ + +-void ++static void + term_destination (j_compress_ptr cinfo) + { + my_dest_ptr dest = (my_dest_ptr) cinfo->dest; +diff -ru libwmf-0.2.8.4/src/extra/gd/gdkanji.c libwmf-0.2.8.4.symbols/src/extra/gd/gdkanji.c +--- libwmf-0.2.8.4/src/extra/gd/gdkanji.c 2001-05-19 14:09:34.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdkanji.c 2006-11-16 12:29:42.000000000 +0000 +@@ -555,6 +555,11 @@ + return kanji; + } + ++#pragma GCC visibility push(hidden) ++int ++any2eucjp (unsigned char *dest, unsigned char *src, unsigned int dest_max); ++#pragma GCC visibility pop ++ + int + any2eucjp (unsigned char *dest, unsigned char *src, unsigned int dest_max) + { +diff -ru libwmf-0.2.8.4/src/extra/gd/gd_topal.c libwmf-0.2.8.4.symbols/src/extra/gd/gd_topal.c +--- libwmf-0.2.8.4/src/extra/gd/gd_topal.c 2005-07-27 21:35:06.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gd_topal.c 2006-11-16 12:25:45.000000000 +0000 +@@ -1129,7 +1129,7 @@ + * Map some rows of pixels to the output colormapped representation. + */ + +-void ++static void + pass2_no_dither (gdImagePtr im, my_cquantize_ptr cquantize) + /* This version performs no dithering */ + { +@@ -1217,7 +1217,7 @@ + #endif + + +-void ++static void + pass2_fs_dither (gdImagePtr im, my_cquantize_ptr cquantize) + + /* This version performs Floyd-Steinberg dithering */ +diff -ru libwmf-0.2.8.4/src/extra/gd/gd_wbmp.c libwmf-0.2.8.4.symbols/src/extra/gd/gd_wbmp.c +--- libwmf-0.2.8.4/src/extra/gd/gd_wbmp.c 2001-05-19 14:09:34.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gd_wbmp.c 2006-11-16 12:28:33.000000000 +0000 +@@ -67,7 +67,7 @@ + ** Wrapper around gdPutC for use with writewbmp + ** + */ +-void ++static void + gd_putout (int i, void *out) + { + gdPutC (i, (gdIOCtx *) out); +@@ -79,7 +79,7 @@ + ** Wrapper around gdGetC for use with readwbmp + ** + */ +-int ++static int + gd_getin (void *in) + { + return (gdGetC ((gdIOCtx *) in)); +diff -ru libwmf-0.2.8.4/src/extra/gd/gdxpm.c libwmf-0.2.8.4.symbols/src/extra/gd/gdxpm.c +--- libwmf-0.2.8.4/src/extra/gd/gdxpm.c 2001-05-19 14:09:34.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdxpm.c 2006-11-16 12:18:29.000000000 +0000 +@@ -10,6 +10,7 @@ + #include "gd.h" + #include "gdhelpers.h" + ++#if 0 + #ifndef HAVE_XPM + gdImagePtr + gdImageCreateFromXpm (char *filename) +@@ -146,3 +147,4 @@ + return (im); + } + #endif ++#endif +diff -ru libwmf-0.2.8.4/src/extra/gd/jisx0208.h libwmf-0.2.8.4.symbols/src/extra/gd/jisx0208.h +--- libwmf-0.2.8.4/src/extra/gd/jisx0208.h 2001-03-28 10:37:35.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/jisx0208.h 2006-11-16 12:13:19.000000000 +0000 +@@ -1,5 +1,8 @@ + #ifndef JISX0208_H + #define JISX0208_H ++ ++#pragma GCC visibility push(hidden) ++ + /* This file was derived from "src/VF_Ftype.c" in VFlib2-2.24.2 + by Dr. Kakugawa */ + +@@ -1202,4 +1205,6 @@ + 0x2170, 0x2171, 0x2172, 0x2173, 0x2174, 0x2175, 0x2176, 0x2177, + 0x2178, 0x2179, 0xFFE2, 0xFFE4, 0xFF07, 0xFF02}}; + ++#pragma GCC visibility pop ++ + #endif /* JISX0208_H */ +diff -ru libwmf-0.2.8.4/src/extra/gd/wbmp.h libwmf-0.2.8.4.symbols/src/extra/gd/wbmp.h +--- libwmf-0.2.8.4/src/extra/gd/wbmp.h 2001-03-28 10:37:37.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/wbmp.h 2006-11-16 12:14:19.000000000 +0000 +@@ -12,6 +12,8 @@ + #ifndef __WBMP_H + #define __WBMP_H 1 + ++#pragma GCC visibility push(hidden) ++ + + /* WBMP struct + ** ----------- +@@ -44,4 +46,6 @@ + void freewbmp( Wbmp *wbmp ); + void printwbmp( Wbmp *wbmp ); + ++#pragma GCC visibility pop ++ + #endif diff --git a/patches/source/libwmf/libwmf-0.2.8.4-useafterfree.patch b/patches/source/libwmf/libwmf-0.2.8.4-useafterfree.patch new file mode 100644 index 00000000..328c5411 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-useafterfree.patch @@ -0,0 +1,10 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd_clip.c.CVE-2009-1364-im-clip-list 2009-04-24 04:06:44.000000000 -0400 ++++ libwmf-0.2.8.4/src/extra/gd/gd_clip.c 2009-04-24 04:08:30.000000000 -0400 +@@ -70,6 +70,7 @@ void gdClipSetAdd(gdImagePtr im,gdClipRe + { more = gdRealloc (im->clip->list,(im->clip->max + 8) * sizeof (gdClipRectangle)); + if (more == 0) return; + im->clip->max += 8; ++ im->clip->list = more; + } + im->clip->list[im->clip->count] = (*rect); + im->clip->count++; diff --git a/patches/source/libwmf/libwmf.SlackBuild b/patches/source/libwmf/libwmf.SlackBuild new file mode 100755 index 00000000..04880c27 --- /dev/null +++ b/patches/source/libwmf/libwmf.SlackBuild @@ -0,0 +1,142 @@ +#!/bin/bash + +# Copyright 2008, 2009, 2010, 2018 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +cd $(dirname $0) ; CWD=$(pwd) + +PKGNAM=libwmf +VERSION=0.2.8.4 +BUILD=${BUILD:-6_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz" + exit 0 +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} +TMP=${TMP:-/tmp} + +PKG=$TMP/package-libwmf + +rm -rf $PKG +mkdir -p $PKG + +cd $TMP +rm -rf libwmf-$VERSION +tar xvf $CWD/libwmf-$VERSION.tar.?z* || exit 1 +cd libwmf-$VERSION || exit 1 + +zcat $CWD/libwmf.png14.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Miscellaneous patches from Fedora: +zcat $CWD/libwmf-0.2.8.4-fallbackfont.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-pixbufloaderdir.patch.gz | patch -p1 --verbose || exit 1 + +# Don't export the modified embedded GD library symbols, to avoid conflicts with +# the system libgd: +zcat $CWD/libwmf-0.2.8.4-reducesymbols.patch.gz | patch -p1 --verbose || exit 1 + +# Patch security issues: +zcat $CWD/libwmf-0.2.8.4-useafterfree.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2006-3376.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2004-0941.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2007-0455.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2007-2756.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2007-3472.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2007-3473.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2007-3477.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2009-3546.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2015-0848+CVE-2015-4588.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2015-4695.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2015-4696.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2016-10167.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2016-10168.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2016-9011.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2016-9317.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2017-6362.patch.gz | patch -p1 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --enable-static=no \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc +mv $PKG/usr/share/doc/libwmf $PKG/usr/doc/libwmf-$VERSION +rmdir $PKG/usr/share/doc +cp -a \ + AUTHORS BUILDING COPYING CREDITS NEWS README TODO \ + $PKG/usr/doc/libwmf-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/libwmf-$VERSION-$ARCH-$BUILD.txz diff --git a/patches/source/libwmf/libwmf.png14.diff b/patches/source/libwmf/libwmf.png14.diff new file mode 100644 index 00000000..c55b143c --- /dev/null +++ b/patches/source/libwmf/libwmf.png14.diff @@ -0,0 +1,11 @@ +--- ./src/extra/gd/gd_png.c.orig 2005-07-27 15:35:06.000000000 -0500 ++++ ./src/extra/gd/gd_png.c 2010-02-14 18:24:19.000000000 -0600 +@@ -136,7 +136,7 @@ + /* first do a quick check that the file really is a PNG image; could + * have used slightly more general png_sig_cmp() function instead */ + gdGetBuf (sig, 8, infile); +- if (!png_check_sig (sig, 8)) ++ if (!(png_sig_cmp(sig, 0, 8) == 0)) + return NULL; /* bad signature */ + + #ifndef PNG_SETJMP_NOT_SUPPORTED diff --git a/patches/source/libwmf/slack-desc b/patches/source/libwmf/slack-desc new file mode 100644 index 00000000..19f99a7d --- /dev/null +++ b/patches/source/libwmf/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libwmf: libwmf (WMF graphics format library) +libwmf: +libwmf: libwmf is a library for interpreting metafile images and either +libwmf: displaying them using X or converting them to standard formats such +libwmf: as PNG, JPEG, PS, EPS and SVG. +libwmf: +libwmf: +libwmf: +libwmf: +libwmf: +libwmf: diff --git a/patches/source/libxcb/arch.use.flags b/patches/source/libxcb/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/libxcb/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libxcb/build/libxcb b/patches/source/libxcb/build/libxcb new file mode 100644 index 00000000..fcbe7754 --- /dev/null +++ b/patches/source/libxcb/build/libxcb @@ -0,0 +1 @@ +2_slack13.1 diff --git a/patches/source/libxcb/configure/libxcb b/patches/source/libxcb/configure/libxcb new file mode 100644 index 00000000..0c8a4a8c --- /dev/null +++ b/patches/source/libxcb/configure/libxcb @@ -0,0 +1,14 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --disable-static \ + --enable-xinput \ + --enable-xkb \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libxcb/libxcb.SlackBuild b/patches/source/libxcb/libxcb.SlackBuild new file mode 100755 index 00000000..1c0b3165 --- /dev/null +++ b/patches/source/libxcb/libxcb.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild xcb libxcb +mv /tmp/x11-build/libxcb*txz /tmp diff --git a/patches/source/libxcb/modularize b/patches/source/libxcb/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/libxcb/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libxcb/noarch b/patches/source/libxcb/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/libxcb/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libxcb/package-blacklist b/patches/source/libxcb/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/libxcb/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libxcb/post-install/libxcb.post-install b/patches/source/libxcb/post-install/libxcb.post-install new file mode 100644 index 00000000..481ca730 --- /dev/null +++ b/patches/source/libxcb/post-install/libxcb.post-install @@ -0,0 +1,66 @@ + +# Copyright 2009 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +# Add documentation: +mkdir -p $PKG/usr/doc/libxcb-$MODULAR_PACKAGE_VERSION +cp -a \ + COPYING INSTALL NEWS README \ + $PKG/usr/doc/libxcb-$MODULAR_PACKAGE_VERSION +mv $PKG/usr/share/doc/libxcb/tutorial $PKG/usr/doc/libxcb-$MODULAR_PACKAGE_VERSION +# The manual isn't building for now, so... +rm -rf $PKG/usr/share/doc/libxcb +rmdir $PKG/usr/share/doc +rmdir $PKG/usr/share + +# Older versions of libxcb shipped a poorly libtooled .la file that caused +# the now-gone libxcb-xlib.so module to be incorrectly linked with many +# binaries and libraries, and cause the module to be listed (again, +# incorrectly) in a lot of .la files. Rather than breaking a large amount +# of existing X programs, we will use this simple trick to allow old binaries +# to keep running, and new things to compile even if a bogus .la file +# referencing libxcb-xlib is in the development environment. +# +# References to libxcb-xlib will go away as things are recompiled in the +# future (we've eliminated any remaining references in Slackware itself). +# +# It's like letting a sliver work out instead of cutting off the finger. + +( cd $PKG/usr/lib + ln -sf libxcb.so.1 libxcb-xlib.so.0 + ln -sf libxcb-xlib.so.0 libxcb-xlib.so + ln -sf libxcb.la libxcb-xlib.la +) + +# Changes to the .soname versions have caused a few binaries to break when +# libxcb was updated to facilitate security fixes. While the old library +# versions could be included in the package to fix this, that might result +# in a binary loading both library versions at the same time. Past +# experience has shown that to cause segfaults or other issues. So, we'll +# add a few compatibility symlinks so that old binaries will load. If +# it turns out to be required, we'll recompile anything that happens to run +# into an ABI issue due to this, but the testing seems to indicate that it +# won't break anything. At least there will be less breakage with this +# fix. If anyone notices any, please let us know. +( cd $PKG/usr/lib + ln -sf libxcb-sync.so.1 libxcb-sync.so.0 +) + diff --git a/patches/source/libxcb/slack-desc/libxcb b/patches/source/libxcb/slack-desc/libxcb new file mode 100644 index 00000000..35182210 --- /dev/null +++ b/patches/source/libxcb/slack-desc/libxcb @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libxcb: libxcb (X protocol C-language Binding) +libxcb: +libxcb: The XCB library provides an interface to the X Window System protocol +libxcb: which is fully capable of replacing Xlib. In fact, libX11 makes use +libxcb: of libxcb as much as possible. :-) Porting to XCB has several +libxcb: advantages such as a smaller memory footprint, latency hiding, direct +libxcb: protocol access, and improved thread support. +libxcb: +libxcb: +libxcb: +libxcb: diff --git a/patches/source/libxcb/x11.SlackBuild b/patches/source/libxcb/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/libxcb/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libxml2/libxml.CVE-2011-3102.diff b/patches/source/libxml2/libxml.CVE-2011-3102.diff new file mode 100644 index 00000000..4f6a92cb --- /dev/null +++ b/patches/source/libxml2/libxml.CVE-2011-3102.diff @@ -0,0 +1,39 @@ +From d8e1faeaa99c7a7c07af01c1c72de352eb590a3e Mon Sep 17 00:00:00 2001 +From: Jüri Aedla <asd@ut.ee> +Date: Mon, 07 May 2012 07:06:56 +0000 +Subject: Fix an off by one pointer access + +getting out of the range of memory allocated for xpointer decoding +--- +diff --git a/xpointer.c b/xpointer.c +index 37afa3a..0b463dd 100644 +--- a/xpointer.c ++++ b/xpointer.c +@@ -1007,21 +1007,14 @@ xmlXPtrEvalXPtrPart(xmlXPathParserContextPtr ctxt, xmlChar *name) { + NEXT; + break; + } +- *cur++ = CUR; + } else if (CUR == '(') { + level++; +- *cur++ = CUR; + } else if (CUR == '^') { +- NEXT; +- if ((CUR == ')') || (CUR == '(') || (CUR == '^')) { +- *cur++ = CUR; +- } else { +- *cur++ = '^'; +- *cur++ = CUR; +- } +- } else { +- *cur++ = CUR; ++ if ((NXT(1) == ')') || (NXT(1) == '(') || (NXT(1) == '^')) { ++ NEXT; ++ } + } ++ *cur++ = CUR; + NEXT; + } + *cur = 0; +-- +cgit v0.9.0.2 diff --git a/patches/source/libxml2/libxml2.CVE-2012-5134.diff b/patches/source/libxml2/libxml2.CVE-2012-5134.diff new file mode 100644 index 00000000..70905aaa --- /dev/null +++ b/patches/source/libxml2/libxml2.CVE-2012-5134.diff @@ -0,0 +1,21 @@ +From 6a36fbe3b3e001a8a840b5c1fdd81cefc9947f0d Mon Sep 17 00:00:00 2001 +From: Daniel Veillard <veillard@redhat.com> +Date: Mon, 29 Oct 2012 02:39:55 +0000 +Subject: Fix potential out of bound access + +--- +diff --git a/parser.c b/parser.c +index 0d8d7f2..bd634e9 100644 +--- a/parser.c ++++ b/parser.c +@@ -4076,7 +4076,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) { + goto error; + + if ((in_space) && (normalize)) { +- while (buf[len - 1] == 0x20) len--; ++ while ((len > 0) && (buf[len - 1] == 0x20)) len--; + } + buf[len] = 0; + if (RAW == '<') { +-- +cgit v0.9.0.2 diff --git a/patches/source/libxml2/libxml2.SlackBuild b/patches/source/libxml2/libxml2.SlackBuild new file mode 100755 index 00000000..848a085f --- /dev/null +++ b/patches/source/libxml2/libxml2.SlackBuild @@ -0,0 +1,108 @@ +#!/bin/sh + +# Copyright 2008, 2009 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=2.7.6 +BUILD=${BUILD:-3_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-libxml2 +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf libxml2-$VERSION +tar xvf $CWD/libxml2-$VERSION.tar.?z* || exit 1 +cd libxml2-$VERSION +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/libxml.CVE-2011-3102.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libxml2.CVE-2012-5134.diff.gz | patch -p1 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +#echo +#echo "Only the python bindings in /usr/lib/python__/site-packages/ should" +#echo "be kept... toss the other stuff" +#echo + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mv $PKG/usr/share/doc $PKG/usr +mv $PKG/usr/doc/libxml2-python-$VERSION $PKG/usr/doc/libxml2-$VERSION +cp -a \ + AUTHORS COPYING* INSTALL NEWS README \ + $PKG/usr/doc/libxml2-$VERSION +find $PKG/usr/doc/libxml2-$VERSION -type f | xargs chmod 644 + +gzip -9 $PKG/usr/man/man?/*.? + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +# Be sure to clobber any .pyc files that might have been generated so that +# the new .py files will be used instead of the already compiled copies +cat << EOF > $PKG/install/doinst.sh +rm -f /usr/lib${LIBDIRSUFFIX}/python26/site-packages/libxml2.pyc +rm -f /usr/lib${LIBDIRSUFFIX}/python26/site-packages/drv_libxml2.pyc +EOF + +cd $PKG +/sbin/makepkg -l y -c n $TMP/libxml2-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/libxml2/slack-desc b/patches/source/libxml2/slack-desc new file mode 100644 index 00000000..dfbc38dc --- /dev/null +++ b/patches/source/libxml2/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libxml2: libxml2 (XML parser library) +libxml2: +libxml2: Libxml2 is the XML C parser library and toolkit. XML itself is a +libxml2: metalanguage to design markup languages -- i.e. a text language where +libxml2: structures are added to the content using extra "markup" information +libxml2: enclosed between angle brackets. HTML is the most well-known markup +libxml2: language. Though the library is written in C, a variety of language +libxml2: bindings make it available in other environments. +libxml2: +libxml2: +libxml2: diff --git a/patches/source/libyaml/libyaml.SlackBuild b/patches/source/libyaml/libyaml.SlackBuild new file mode 100755 index 00000000..77efe78c --- /dev/null +++ b/patches/source/libyaml/libyaml.SlackBuild @@ -0,0 +1,114 @@ +#!/bin/sh + +# Copyright 2011 Vincent Batts, Vienna, VA, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=libyaml +SRCNAM=yaml +VERSION=$(echo $SRCNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev) +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i486 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7lh ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +elif [ "$ARCH" = "armv7hl" ]; then + SLKCFLAGS="-O3 -march=armv7-a -mfpu=vfpv3-d16" + LIBDIRSUFFIX="" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $SRCNAM-$VERSION +tar xvf $CWD/$SRCNAM-$VERSION.tar.?z* || exit 1 +cd $SRCNAM-$VERSION +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --mandir=/usr/man \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --disable-static \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + README LICENSE doc \ + $PKG/usr/doc/$PKGNAM-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +#cat $CWD/doinst.sh > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/libyaml/libyaml.url b/patches/source/libyaml/libyaml.url new file mode 100644 index 00000000..0ee34d3f --- /dev/null +++ b/patches/source/libyaml/libyaml.url @@ -0,0 +1 @@ +http://pyyaml.org/wiki/LibYAML diff --git a/patches/source/libyaml/slack-desc b/patches/source/libyaml/slack-desc new file mode 100644 index 00000000..8965634d --- /dev/null +++ b/patches/source/libyaml/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libyaml: libyaml (YAML parser, written in C) +libyaml: +libyaml: YAML Ain't Markup Language. It is a human friendly data serialization +libyaml: standard for all programming languages. +libyaml: +libyaml: Homepage: http://pyyaml.org/wiki/LibYAML +libyaml: +libyaml: +libyaml: +libyaml: +libyaml: diff --git a/patches/source/linux-2.6.33.4/kernel.CVE-2010-3081.diff b/patches/source/linux-2.6.33.4/kernel.CVE-2010-3081.diff new file mode 100644 index 00000000..67fd987d --- /dev/null +++ b/patches/source/linux-2.6.33.4/kernel.CVE-2010-3081.diff @@ -0,0 +1,169 @@ +From c41d68a513c71e35a14f66d71782d27a79a81ea6 Mon Sep 17 00:00:00 2001 +From: H. Peter Anvin <hpa@linux.intel.com> +Date: Tue, 7 Sep 2010 16:16:18 -0700 +Subject: [PATCH] compat: Make compat_alloc_user_space() incorporate the access_ok() + +compat_alloc_user_space() expects the caller to independently call +access_ok() to verify the returned area. A missing call could +introduce problems on some architectures. + +This patch incorporates the access_ok() check into +compat_alloc_user_space() and also adds a sanity check on the length. +The existing compat_alloc_user_space() implementations are renamed +arch_compat_alloc_user_space() and are used as part of the +implementation of the new global function. + +This patch assumes NULL will cause __get_user()/__put_user() to either +fail or access userspace on all architectures. This should be +followed by checking the return value of compat_access_user_space() +for NULL in the callers, at which time the access_ok() in the callers +can also be removed. + +Reported-by: Ben Hawkes <hawkes@sota.gen.nz> +Signed-off-by: H. Peter Anvin <hpa@linux.intel.com> +Acked-by: Benjamin Herrenschmidt <benh@kernel.crashing.org> +Acked-by: Chris Metcalf <cmetcalf@tilera.com> +Acked-by: David S. Miller <davem@davemloft.net> +Acked-by: Ingo Molnar <mingo@elte.hu> +Acked-by: Thomas Gleixner <tglx@linutronix.de> +Acked-by: Tony Luck <tony.luck@intel.com> +Cc: Andrew Morton <akpm@linux-foundation.org> +Cc: Arnd Bergmann <arnd@arndb.de> +Cc: Fenghua Yu <fenghua.yu@intel.com> +Cc: H. Peter Anvin <hpa@zytor.com> +Cc: Heiko Carstens <heiko.carstens@de.ibm.com> +Cc: Helge Deller <deller@gmx.de> +Cc: James Bottomley <jejb@parisc-linux.org> +Cc: Kyle McMartin <kyle@mcmartin.ca> +Cc: Martin Schwidefsky <schwidefsky@de.ibm.com> +Cc: Paul Mackerras <paulus@samba.org> +Cc: Ralf Baechle <ralf@linux-mips.org> +Cc: <stable@kernel.org> +--- + arch/ia64/include/asm/compat.h | 2 +- + arch/mips/include/asm/compat.h | 2 +- + arch/parisc/include/asm/compat.h | 2 +- + arch/powerpc/include/asm/compat.h | 2 +- + arch/s390/include/asm/compat.h | 2 +- + arch/sparc/include/asm/compat.h | 2 +- + arch/tile/include/asm/compat.h | 2 +- + arch/x86/include/asm/compat.h | 2 +- + include/linux/compat.h | 3 +++ + kernel/compat.c | 21 +++++++++++++++++++++ + 10 files changed, 32 insertions(+), 8 deletions(-) + +--- ./kernel/compat.c.orig 2010-07-28 16:16:40.774916889 -0500 ++++ ./kernel/compat.c 2010-09-20 21:54:37.767308329 -0500 +@@ -1139,3 +1139,24 @@ + + return 0; + } ++ ++/* ++ * Allocate user-space memory for the duration of a single system call, ++ * in order to marshall parameters inside a compat thunk. ++ */ ++void __user *compat_alloc_user_space(unsigned long len) ++{ ++ void __user *ptr; ++ ++ /* If len would occupy more than half of the entire compat space... */ ++ if (unlikely(len > (((compat_uptr_t)~0) >> 1))) ++ return NULL; ++ ++ ptr = arch_compat_alloc_user_space(len); ++ ++ if (unlikely(!access_ok(VERIFY_WRITE, ptr, len))) ++ return NULL; ++ ++ return ptr; ++} ++EXPORT_SYMBOL_GPL(compat_alloc_user_space); +--- ./arch/x86/include/asm/compat.h.orig 2010-07-28 16:16:47.101918489 -0500 ++++ ./arch/x86/include/asm/compat.h 2010-09-20 21:54:37.750819535 -0500 +@@ -204,7 +204,7 @@ + return (u32)(unsigned long)uptr; + } + +-static inline void __user *compat_alloc_user_space(long len) ++static inline void __user *arch_compat_alloc_user_space(long len) + { + struct pt_regs *regs = task_pt_regs(current); + return (void __user *)regs->sp - len; +--- ./arch/ia64/include/asm/compat.h.orig 2010-07-28 16:16:47.645915729 -0500 ++++ ./arch/ia64/include/asm/compat.h 2010-09-20 21:54:35.635808962 -0500 +@@ -198,7 +198,7 @@ + } + + static __inline__ void __user * +-compat_alloc_user_space (long len) ++arch_compat_alloc_user_space (long len) + { + struct pt_regs *regs = task_pt_regs(current); + return (void __user *) (((regs->r12 & 0xffffffff) & -16) - len); +--- ./arch/powerpc/include/asm/compat.h.orig 2010-07-28 16:16:50.286915689 -0500 ++++ ./arch/powerpc/include/asm/compat.h 2010-09-20 21:54:35.635808962 -0500 +@@ -133,7 +133,7 @@ + return (u32)(unsigned long)uptr; + } + +-static inline void __user *compat_alloc_user_space(long len) ++static inline void __user *arch_compat_alloc_user_space(long len) + { + struct pt_regs *regs = current->thread.regs; + unsigned long usp = regs->gpr[1]; +--- ./arch/sparc/include/asm/compat.h.orig 2010-07-28 16:16:51.303918489 -0500 ++++ ./arch/sparc/include/asm/compat.h 2010-09-20 21:54:35.636808219 -0500 +@@ -166,7 +166,7 @@ + return (u32)(unsigned long)uptr; + } + +-static inline void __user *compat_alloc_user_space(long len) ++static inline void __user *arch_compat_alloc_user_space(long len) + { + struct pt_regs *regs = current_thread_info()->kregs; + unsigned long usp = regs->u_regs[UREG_I6]; +--- ./arch/parisc/include/asm/compat.h.orig 2010-07-28 16:16:52.035916329 -0500 ++++ ./arch/parisc/include/asm/compat.h 2010-09-20 21:54:35.635808962 -0500 +@@ -146,7 +146,7 @@ + return (u32)(unsigned long)uptr; + } + +-static __inline__ void __user *compat_alloc_user_space(long len) ++static __inline__ void __user *arch_compat_alloc_user_space(long len) + { + struct pt_regs *regs = ¤t->thread.regs; + return (void __user *)regs->gr[30]; +--- ./arch/s390/include/asm/compat.h.orig 2010-07-28 16:16:52.308915929 -0500 ++++ ./arch/s390/include/asm/compat.h 2010-09-20 21:54:35.635808962 -0500 +@@ -180,7 +180,7 @@ + + #endif + +-static inline void __user *compat_alloc_user_space(long len) ++static inline void __user *arch_compat_alloc_user_space(long len) + { + unsigned long stack; + +--- ./arch/mips/include/asm/compat.h.orig 2010-07-28 16:16:53.603915849 -0500 ++++ ./arch/mips/include/asm/compat.h 2010-09-20 21:54:35.635808962 -0500 +@@ -144,7 +144,7 @@ + return (u32)(unsigned long)uptr; + } + +-static inline void __user *compat_alloc_user_space(long len) ++static inline void __user *arch_compat_alloc_user_space(long len) + { + struct pt_regs *regs = (struct pt_regs *) + ((unsigned long) current_thread_info() + THREAD_SIZE - 32) - 1; +--- ./include/linux/compat.h.orig 2010-07-28 16:16:56.000000000 -0500 ++++ ./include/linux/compat.h 2010-09-20 21:55:20.334819232 -0500 +@@ -353,5 +353,7 @@ + asmlinkage long compat_sys_openat(unsigned int dfd, const char __user *filename, + int flags, int mode); + ++extern void __user *compat_alloc_user_space(unsigned long len); ++ + #endif /* CONFIG_COMPAT */ + #endif /* _LINUX_COMPAT_H */ + diff --git a/patches/source/linux-2.6.33.4/kernel.CVE-2010-3301.a.diff b/patches/source/linux-2.6.33.4/kernel.CVE-2010-3301.a.diff new file mode 100644 index 00000000..8506e331 --- /dev/null +++ b/patches/source/linux-2.6.33.4/kernel.CVE-2010-3301.a.diff @@ -0,0 +1,97 @@ +From 36d001c70d8a0144ac1d038f6876c484849a74de Mon Sep 17 00:00:00 2001 +From: H. Peter Anvin <hpa@linux.intel.com> +Date: Tue, 14 Sep 2010 12:42:41 -0700 +Subject: [PATCH] x86-64, compat: Test %rax for the syscall number, not %eax + +On 64 bits, we always, by necessity, jump through the system call +table via %rax. For 32-bit system calls, in theory the system call +number is stored in %eax, and the code was testing %eax for a valid +system call number. At one point we loaded the stored value back from +the stack to enforce zero-extension, but that was removed in checkin +d4d67150165df8bf1cc05e532f6efca96f907cab. An actual 32-bit process +will not be able to introduce a non-zero-extended number, but it can +happen via ptrace. + +Instead of re-introducing the zero-extension, test what we are +actually going to use, i.e. %rax. This only adds a handful of REX +prefixes to the code. + +Reported-by: Ben Hawkes <hawkes@sota.gen.nz> +Signed-off-by: H. Peter Anvin <hpa@linux.intel.com> +Cc: <stable@kernel.org> +Cc: Roland McGrath <roland@redhat.com> +Cc: Andrew Morton <akpm@linux-foundation.org> +--- + arch/x86/ia32/ia32entry.S | 14 +++++++------- + 1 files changed, 7 insertions(+), 7 deletions(-) + +diff --git a/arch/x86/ia32/ia32entry.S b/arch/x86/ia32/ia32entry.S +index b86feab..84e3a4e 100644 +--- a/arch/x86/ia32/ia32entry.S ++++ b/arch/x86/ia32/ia32entry.S +@@ -153,7 +153,7 @@ ENTRY(ia32_sysenter_target) + testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags(%r10) + CFI_REMEMBER_STATE + jnz sysenter_tracesys +- cmpl $(IA32_NR_syscalls-1),%eax ++ cmpq $(IA32_NR_syscalls-1),%rax + ja ia32_badsys + sysenter_do_call: + IA32_ARG_FIXUP +@@ -195,7 +195,7 @@ sysexit_from_sys_call: + movl $AUDIT_ARCH_I386,%edi /* 1st arg: audit arch */ + call audit_syscall_entry + movl RAX-ARGOFFSET(%rsp),%eax /* reload syscall number */ +- cmpl $(IA32_NR_syscalls-1),%eax ++ cmpq $(IA32_NR_syscalls-1),%rax + ja ia32_badsys + movl %ebx,%edi /* reload 1st syscall arg */ + movl RCX-ARGOFFSET(%rsp),%esi /* reload 2nd syscall arg */ +@@ -248,7 +248,7 @@ sysenter_tracesys: + call syscall_trace_enter + LOAD_ARGS32 ARGOFFSET /* reload args from stack in case ptrace changed it */ + RESTORE_REST +- cmpl $(IA32_NR_syscalls-1),%eax ++ cmpq $(IA32_NR_syscalls-1),%rax + ja int_ret_from_sys_call /* sysenter_tracesys has set RAX(%rsp) */ + jmp sysenter_do_call + CFI_ENDPROC +@@ -314,7 +314,7 @@ ENTRY(ia32_cstar_target) + testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags(%r10) + CFI_REMEMBER_STATE + jnz cstar_tracesys +- cmpl $IA32_NR_syscalls-1,%eax ++ cmpq $IA32_NR_syscalls-1,%rax + ja ia32_badsys + cstar_do_call: + IA32_ARG_FIXUP 1 +@@ -367,7 +367,7 @@ cstar_tracesys: + LOAD_ARGS32 ARGOFFSET, 1 /* reload args from stack in case ptrace changed it */ + RESTORE_REST + xchgl %ebp,%r9d +- cmpl $(IA32_NR_syscalls-1),%eax ++ cmpq $(IA32_NR_syscalls-1),%rax + ja int_ret_from_sys_call /* cstar_tracesys has set RAX(%rsp) */ + jmp cstar_do_call + END(ia32_cstar_target) +@@ -425,7 +425,7 @@ ENTRY(ia32_syscall) + orl $TS_COMPAT,TI_status(%r10) + testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags(%r10) + jnz ia32_tracesys +- cmpl $(IA32_NR_syscalls-1),%eax ++ cmpq $(IA32_NR_syscalls-1),%rax + ja ia32_badsys + ia32_do_call: + IA32_ARG_FIXUP +@@ -444,7 +444,7 @@ ia32_tracesys: + call syscall_trace_enter + LOAD_ARGS32 ARGOFFSET /* reload args from stack in case ptrace changed it */ + RESTORE_REST +- cmpl $(IA32_NR_syscalls-1),%eax ++ cmpq $(IA32_NR_syscalls-1),%rax + ja int_ret_from_sys_call /* ia32_tracesys has set RAX(%rsp) */ + jmp ia32_do_call + END(ia32_syscall) +-- +1.7.3 + diff --git a/patches/source/linux-2.6.33.4/kernel.CVE-2010-3301.b.diff b/patches/source/linux-2.6.33.4/kernel.CVE-2010-3301.b.diff new file mode 100644 index 00000000..d8f209ca --- /dev/null +++ b/patches/source/linux-2.6.33.4/kernel.CVE-2010-3301.b.diff @@ -0,0 +1,49 @@ +From eefdca043e8391dcd719711716492063030b55ac Mon Sep 17 00:00:00 2001 +From: Roland McGrath <roland@redhat.com> +Date: Tue, 14 Sep 2010 12:22:58 -0700 +Subject: [PATCH] x86-64, compat: Retruncate rax after ia32 syscall entry tracing + +In commit d4d6715, we reopened an old hole for a 64-bit ptracer touching a +32-bit tracee in system call entry. A %rax value set via ptrace at the +entry tracing stop gets used whole as a 32-bit syscall number, while we +only check the low 32 bits for validity. + +Fix it by truncating %rax back to 32 bits after syscall_trace_enter, +in addition to testing the full 64 bits as has already been added. + +Reported-by: Ben Hawkes <hawkes@sota.gen.nz> +Signed-off-by: Roland McGrath <roland@redhat.com> +Signed-off-by: H. Peter Anvin <hpa@linux.intel.com> +--- + arch/x86/ia32/ia32entry.S | 8 +++++++- + 1 files changed, 7 insertions(+), 1 deletions(-) + +diff --git a/arch/x86/ia32/ia32entry.S b/arch/x86/ia32/ia32entry.S +index 84e3a4e..518bb99 100644 +--- a/arch/x86/ia32/ia32entry.S ++++ b/arch/x86/ia32/ia32entry.S +@@ -50,7 +50,12 @@ + /* + * Reload arg registers from stack in case ptrace changed them. + * We don't reload %eax because syscall_trace_enter() returned +- * the value it wants us to use in the table lookup. ++ * the %rax value we should see. Instead, we just truncate that ++ * value to 32 bits again as we did on entry from user mode. ++ * If it's a new value set by user_regset during entry tracing, ++ * this matches the normal truncation of the user-mode value. ++ * If it's -1 to make us punt the syscall, then (u32)-1 is still ++ * an appropriately invalid value. + */ + .macro LOAD_ARGS32 offset, _r9=0 + .if \_r9 +@@ -60,6 +65,7 @@ + movl \offset+48(%rsp),%edx + movl \offset+56(%rsp),%esi + movl \offset+64(%rsp),%edi ++ movl %eax,%eax /* zero extension */ + .endm + + .macro CFI_STARTPROC32 simple +-- +1.7.3 + diff --git a/patches/source/linux-2.6.33.4/kernel.compat.2.6.33.x.diff b/patches/source/linux-2.6.33.4/kernel.compat.2.6.33.x.diff new file mode 100644 index 00000000..624d372a --- /dev/null +++ b/patches/source/linux-2.6.33.4/kernel.compat.2.6.33.x.diff @@ -0,0 +1,10 @@ +--- ./kernel/compat.c.orig 2010-09-21 16:28:50.570069841 -0500 ++++ ./kernel/compat.c 2010-09-21 16:32:20.831943166 -0500 +@@ -13,6 +13,7 @@ + + #include <linux/linkage.h> + #include <linux/compat.h> ++#include <linux/module.h> + #include <linux/errno.h> + #include <linux/time.h> + #include <linux/signal.h> diff --git a/patches/source/lm_sensors/lm_sensors.SlackBuild b/patches/source/lm_sensors/lm_sensors.SlackBuild new file mode 100755 index 00000000..fb99e3d1 --- /dev/null +++ b/patches/source/lm_sensors/lm_sensors.SlackBuild @@ -0,0 +1,125 @@ +#!/bin/sh + +# Copyright 2006, 2008, 2009, 2010, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=lm_sensors +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.bz2 || exit 1 +cd ${PKGNAM}-$VERSION || exit 1 + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Configure: +zcat $CWD/lm_sensors.makefile.diff.gz | patch -p1 --verbose || exit 1 + +make user LIBDIR=/usr/lib${LIBDIRSUFFIX} || exit 1 +make user_install LIBDIR=/usr/lib${LIBDIRSUFFIX} || exit 1 + +# Nope. +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.a + +# Nope. +rm -rf $PKG/usr/include/linux + +# Do the .new thing with the config file: +mv $PKG/etc/sensors3.conf $PKG/etc/sensors3.conf.new + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a \ + CHANGES CONTRIBUTORS COPYING* INSTALL README* doc \ + $PKG/usr/doc/${PKGNAM}-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +cat << EOF > $PKG/install/doinst.sh +#!/bin/sh +config() { + NEW="\$1" + OLD="\$(dirname \$NEW)/\$(basename \$NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r \$OLD ]; then + mv \$NEW \$OLD + elif [ "\$(cat \$OLD | md5sum)" = "\$(cat \$NEW | md5sum)" ]; then # toss the redundant copy + rm \$NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/sensors3.conf.new +EOF + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/lm_sensors/lm_sensors.makefile.diff b/patches/source/lm_sensors/lm_sensors.makefile.diff new file mode 100644 index 00000000..8216a8d1 --- /dev/null +++ b/patches/source/lm_sensors/lm_sensors.makefile.diff @@ -0,0 +1,15 @@ +--- ./Makefile.orig 2008-03-26 08:37:12.000000000 -0500 ++++ ./Makefile 2008-10-25 20:05:44.000000000 -0500 +@@ -39,10 +39,10 @@ + + # If you want to install at some other place then at from which you will run + # everything, set DESTDIR to the extra prefix. +-DESTDIR := ++DESTDIR := /tmp/package-lm_sensors + + # This is the prefix that will be used for almost all directories below. +-PREFIX := /usr/local ++PREFIX := /usr + + # Your C compiler + CC := gcc diff --git a/patches/source/lm_sensors/slack-desc b/patches/source/lm_sensors/slack-desc new file mode 100644 index 00000000..2f32f80d --- /dev/null +++ b/patches/source/lm_sensors/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +lm_sensors: lm_sensors (hardware monitoring package) +lm_sensors: +lm_sensors: lm_sensors provides tools for monitoring the temperatures, voltages, +lm_sensors: and fans of Linux systems with hardware monitoring devices. Included +lm_sensors: are text-based tools for sensor reporting, and a library for sensors +lm_sensors: access called libsensors. It also contains tools for sensor hardware +lm_sensors: identification and I2C bus probing. +lm_sensors: +lm_sensors: IMPORTANT NOTE: If you have a Thinkpad, please read the warnings in +lm_sensors: the README.thinkpad file. lm_sensors has been known to cause damage +lm_sensors: to some Thinkpads. diff --git a/patches/source/lynx/doinst.sh b/patches/source/lynx/doinst.sh new file mode 100644 index 00000000..79c36713 --- /dev/null +++ b/patches/source/lynx/doinst.sh @@ -0,0 +1,13 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/lynx.cfg.new diff --git a/patches/source/lynx/lynx.SlackBuild b/patches/source/lynx/lynx.SlackBuild new file mode 100755 index 00000000..5d478a9b --- /dev/null +++ b/patches/source/lynx/lynx.SlackBuild @@ -0,0 +1,155 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2012, 2016, 2017 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGVER=2.8.8rel.2 +DIRVER=2-8-8 +BUILD=${BUILD:-1_slack13.1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-lynx + +rm -rf $PKG +mkdir -p $TMP $PKG/usr/lib${LIBDIRSUFFIX}/lynx +cd $TMP +rm -rf lynx$DIRVER +tar xvf $CWD/lynx${PKGVER}.tar.?z* || exit 1 +cd lynx$DIRVER || exit 1 + +find . -name "*~" -exec rm -f {} \; +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Change default colors and STARTFILE setting since the old site is gone: +zcat $CWD/lynx.cfg.diff.gz | patch -p1 --verbose --backup || exit 1 + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --libdir=/usr/lib${LIBDIRSUFFIX}/lynx \ + --datadir=/usr/share/lynx \ + --mandir=/usr/man \ + --enable-default-colors \ + --with-screen=ncursesw \ + --enable-widec \ + --enable-gzip-help \ + --with-zlib \ + --enable-read-eta \ + --enable-scrollbar \ + --with-ssl \ + --enable-ipv6 \ + --enable-color-style \ + --enable-prettysrc \ + --enable-source-cache \ + --enable-nsl-fork \ + --enable-nls \ + --enable-persistent-cookies \ + --enable-vertrace \ + --disable-full-paths \ + --enable-addrlist-page \ + --enable-charset-choice \ + --enable-cjk \ + --enable-htmlized-cfg \ + --enable-justify-elts \ + --enable-locale-charset \ + --enable-externs \ + --enable-cgi-links \ + --enable-change-exec \ + --enable-exec-links \ + --enable-exec-scripts \ + --enable-internal-links \ + --with-bzlib \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 +make install-help DESTDIR=$PKG || exit 1 +make install-doc DESTDIR=$PKG || exit 1 + +# Make lynx.cfg a preserved config file: +mv $PKG/etc/lynx.cfg $PKG/etc/lynx.cfg.new + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Correct $DESTDIR brokenness: +( cd $PKG/usr/share/lynx/lynx_help + rm -f COPYHEADER COPYING + ln -sf ../lynx_doc/COPYHEADER . + ln -sf ../lynx_doc/COPYING . +) +# Add documentation symlinks: +( mkdir -p $PKG/usr/doc/lynx-$PKGVER + cd $PKG/usr/doc/lynx-$PKGVER + ln -sf /usr/share/lynx/lynx_doc . + ln -sf /usr/share/lynx/lynx_help . +) + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGES ]; then + DOCSDIR=$(echo $PKG/usr/share/lynx/lynx_doc) + cat CHANGES | head -n 1000 > $DOCSDIR/CHANGES + touch -r CHANGES $DOCSDIR/CHANGES +fi + +gzip -9 $PKG/usr/man/man?/*.? + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/lynx-$PKGVER-$ARCH-$BUILD.txz + diff --git a/patches/source/lynx/lynx.cfg.diff b/patches/source/lynx/lynx.cfg.diff new file mode 100644 index 00000000..c2ecefd8 --- /dev/null +++ b/patches/source/lynx/lynx.cfg.diff @@ -0,0 +1,31 @@ +--- ./lynx.cfg.orig 2014-03-09 16:43:10.000000000 -0500 ++++ ./lynx.cfg 2017-05-29 14:35:52.629203408 -0500 +@@ -90,7 +90,7 @@ + # + # Normally we expect you will connect to a remote site, e.g., the Lynx starting + # site: +-STARTFILE:http://lynx.isc.org/ ++STARTFILE:http://lynx.invisible-island.net/ + # + # As an alternative, you may want to use a local URL. A good choice for this is + # the user's home directory: +@@ -2969,8 +2969,18 @@ + #COLOR:4:magenta:white + #COLOR:5:blue:white + #COLOR:6:red:white +-COLOR:6:brightred:black ++#COLOR:6:brightred:black + #COLOR:7:magenta:cyan ++COLOR:0:black:white ++COLOR:1:blue:white ++COLOR:2:yellow:blue ++COLOR:3:green:white ++COLOR:4:magenta:white ++COLOR:5:blue:white ++# This makes links a *lot* more visible. The default settings are like ++# "let's torture the color-blind" :^) ++COLOR:6:brightred:black ++COLOR:7:magenta:cyan + + .h2 COLOR_STYLE + # Also known as "lss" (lynx style-sheet), the color-style file assigns color diff --git a/patches/source/lynx/slack-desc b/patches/source/lynx/slack-desc new file mode 100644 index 00000000..c9209d29 --- /dev/null +++ b/patches/source/lynx/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +lynx: Lynx (text mode browser) +lynx: +lynx: Lynx is a distributed hypertext browser with full World Wide Web +lynx: capabilities. Lynx can be used to access information on the World +lynx: Wide Web, or to build information systems intended primarily for local +lynx: access. For example, Lynx has been used to build several Campus Wide +lynx: Information Systems (CWIS). +lynx: +lynx: Lynx's authors include Lou Montulli, Garrett Blythe, Craig Lavender, +lynx: Michael Grobe, and Charles Rezac. +lynx: diff --git a/patches/source/mailx/doinst.sh b/patches/source/mailx/doinst.sh new file mode 100644 index 00000000..62c288b4 --- /dev/null +++ b/patches/source/mailx/doinst.sh @@ -0,0 +1,14 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/nail.rc.new +# Make symlinks: diff --git a/patches/source/mailx/heirloom-mailx-12.5-fixes-1.patch b/patches/source/mailx/heirloom-mailx-12.5-fixes-1.patch new file mode 100644 index 00000000..fa6d5119 --- /dev/null +++ b/patches/source/mailx/heirloom-mailx-12.5-fixes-1.patch @@ -0,0 +1,232 @@ +Submitted By: Ken Moffat <ken at linuxfromscratch dot org> +Date: 2014-12-27 +Initial Package Version: 12.5 +Upstream Status: Unknown +Origin: Changes to remove SSL2 found at debian, remainder from redhat. +Description: Removes support for SSL2 (openssl no longer supports it) +and fixes CVE-2004-2771 [sic] and CVE-2014-7844. + +diff -Naur heirloom-mailx-12.5/extern.h heirloom-mailx-12.5-patched/extern.h +--- heirloom-mailx-12.5/extern.h 2011-04-26 22:23:22.000000000 +0100 ++++ heirloom-mailx-12.5-patched/extern.h 2014-12-27 01:26:59.654169487 +0000 +@@ -396,7 +396,7 @@ + int is_fileaddr(char *name); + struct name *usermap(struct name *names); + struct name *cat(struct name *n1, struct name *n2); +-char **unpack(struct name *np); ++char **unpack(struct name *smopts, struct name *np); + struct name *elide(struct name *names); + int count(struct name *np); + struct name *delete_alternates(struct name *np); +diff -Naur heirloom-mailx-12.5/fio.c heirloom-mailx-12.5-patched/fio.c +--- heirloom-mailx-12.5/fio.c 2011-04-26 22:23:22.000000000 +0100 ++++ heirloom-mailx-12.5-patched/fio.c 2014-12-27 01:27:15.634561413 +0000 +@@ -43,12 +43,15 @@ + #endif /* not lint */ + + #include "rcv.h" ++ ++#ifndef HAVE_WORDEXP ++#error wordexp support is required ++#endif ++ + #include <sys/stat.h> + #include <sys/file.h> + #include <sys/wait.h> +-#ifdef HAVE_WORDEXP + #include <wordexp.h> +-#endif /* HAVE_WORDEXP */ + #include <unistd.h> + + #if defined (USE_NSS) +@@ -481,7 +484,6 @@ + static char * + globname(char *name) + { +-#ifdef HAVE_WORDEXP + wordexp_t we; + char *cp; + sigset_t nset; +@@ -495,7 +497,7 @@ + sigemptyset(&nset); + sigaddset(&nset, SIGCHLD); + sigprocmask(SIG_BLOCK, &nset, NULL); +- i = wordexp(name, &we, 0); ++ i = wordexp(name, &we, WRDE_NOCMD); + sigprocmask(SIG_UNBLOCK, &nset, NULL); + switch (i) { + case 0: +@@ -527,65 +529,6 @@ + } + wordfree(&we); + return cp; +-#else /* !HAVE_WORDEXP */ +- char xname[PATHSIZE]; +- char cmdbuf[PATHSIZE]; /* also used for file names */ +- int pid, l; +- char *cp, *shell; +- int pivec[2]; +- extern int wait_status; +- struct stat sbuf; +- +- if (pipe(pivec) < 0) { +- perror("pipe"); +- return name; +- } +- snprintf(cmdbuf, sizeof cmdbuf, "echo %s", name); +- if ((shell = value("SHELL")) == NULL) +- shell = SHELL; +- pid = start_command(shell, 0, -1, pivec[1], "-c", cmdbuf, NULL); +- if (pid < 0) { +- close(pivec[0]); +- close(pivec[1]); +- return NULL; +- } +- close(pivec[1]); +-again: +- l = read(pivec[0], xname, sizeof xname); +- if (l < 0) { +- if (errno == EINTR) +- goto again; +- perror("read"); +- close(pivec[0]); +- return NULL; +- } +- close(pivec[0]); +- if (wait_child(pid) < 0 && WTERMSIG(wait_status) != SIGPIPE) { +- fprintf(stderr, catgets(catd, CATSET, 81, +- "\"%s\": Expansion failed.\n"), name); +- return NULL; +- } +- if (l == 0) { +- fprintf(stderr, catgets(catd, CATSET, 82, +- "\"%s\": No match.\n"), name); +- return NULL; +- } +- if (l == sizeof xname) { +- fprintf(stderr, catgets(catd, CATSET, 83, +- "\"%s\": Expansion buffer overflow.\n"), name); +- return NULL; +- } +- xname[l] = 0; +- for (cp = &xname[l-1]; *cp == '\n' && cp > xname; cp--) +- ; +- cp[1] = '\0'; +- if (strchr(xname, ' ') && stat(xname, &sbuf) < 0) { +- fprintf(stderr, catgets(catd, CATSET, 84, +- "\"%s\": Ambiguous.\n"), name); +- return NULL; +- } +- return savestr(xname); +-#endif /* !HAVE_WORDEXP */ + } + + /* +diff -Naur heirloom-mailx-12.5/mailx.1 heirloom-mailx-12.5-patched/mailx.1 +--- heirloom-mailx-12.5/mailx.1 2011-04-26 22:23:22.000000000 +0100 ++++ heirloom-mailx-12.5-patched/mailx.1 2014-12-27 01:26:53.838026857 +0000 +@@ -656,6 +656,14 @@ + will have the system wide alias expanded + as all mail goes through sendmail. + .SS "Recipient address specifications" ++If the ++.I expandaddr ++option is not set (the default), recipient addresses must be names of ++local mailboxes or Internet mail addresses. ++.PP ++If the ++.I expandaddr ++option is set, the following rules apply: + When an address is used to name a recipient + (in any of To, Cc, or Bcc), + names of local mail folders +@@ -2391,6 +2399,12 @@ + If this option is set, + \fImailx\fR starts even with an empty mailbox. + .TP ++.B expandaddr ++Causes ++.I mailx ++to expand message recipient addresses, as explained in the section, ++Recipient address specifications. ++.TP + .B flipr + Exchanges the + .I Respond +@@ -3575,7 +3589,7 @@ + .TP + .B ssl-method + Selects a SSL/TLS protocol version; +-valid values are `ssl2', `ssl3', and `tls1'. ++valid values are `ssl3', and `tls1'. + If unset, the method is selected automatically, + if possible. + .TP +diff -Naur heirloom-mailx-12.5/names.c heirloom-mailx-12.5-patched/names.c +--- heirloom-mailx-12.5/names.c 2011-04-26 22:23:22.000000000 +0100 ++++ heirloom-mailx-12.5-patched/names.c 2014-12-27 01:26:59.654169487 +0000 +@@ -268,6 +268,9 @@ + FILE *fout, *fin; + int ispipe; + ++ if (value("expandaddr") == NULL) ++ return names; ++ + top = names; + np = names; + time(&now); +@@ -546,7 +549,7 @@ + * Return an error if the name list won't fit. + */ + char ** +-unpack(struct name *np) ++unpack(struct name *smopts, struct name *np) + { + char **ap, **top; + struct name *n; +@@ -561,7 +564,7 @@ + * the terminating 0 pointer. Additional spots may be needed + * to pass along -f to the host mailer. + */ +- extra = 2; ++ extra = 3 + count(smopts); + extra++; + metoo = value("metoo") != NULL; + if (metoo) +@@ -578,6 +581,10 @@ + *ap++ = "-m"; + if (verbose) + *ap++ = "-v"; ++ for (; smopts != NULL; smopts = smopts->n_flink) ++ if ((smopts->n_type & GDEL) == 0) ++ *ap++ = smopts->n_name; ++ *ap++ = "--"; + for (; n != NULL; n = n->n_flink) + if ((n->n_type & GDEL) == 0) + *ap++ = n->n_name; +diff -Naur heirloom-mailx-12.5/openssl.c heirloom-mailx-12.5-patched/openssl.c +--- heirloom-mailx-12.5/openssl.c 2011-04-26 22:23:22.000000000 +0100 ++++ heirloom-mailx-12.5-patched/openssl.c 2014-12-27 01:26:34.385549867 +0000 +@@ -216,9 +216,7 @@ + + cp = ssl_method_string(uhp); + if (cp != NULL) { +- if (equal(cp, "ssl2")) +- method = SSLv2_client_method(); +- else if (equal(cp, "ssl3")) ++ if (equal(cp, "ssl3")) + method = SSLv3_client_method(); + else if (equal(cp, "tls1")) + method = TLSv1_client_method(); +diff -Naur heirloom-mailx-12.5/sendout.c heirloom-mailx-12.5-patched/sendout.c +--- heirloom-mailx-12.5/sendout.c 2011-04-26 22:23:22.000000000 +0100 ++++ heirloom-mailx-12.5-patched/sendout.c 2014-12-27 01:26:59.654169487 +0000 +@@ -835,7 +835,7 @@ + #endif /* HAVE_SOCKETS */ + + if ((smtp = value("smtp")) == NULL) { +- args = unpack(cat(mailargs, to)); ++ args = unpack(mailargs, to); + if (debug || value("debug")) { + printf(catgets(catd, CATSET, 181, + "Sendmail arguments:")); diff --git a/patches/source/mailx/mailx.SlackBuild b/patches/source/mailx/mailx.SlackBuild new file mode 100755 index 00000000..5738e5ba --- /dev/null +++ b/patches/source/mailx/mailx.SlackBuild @@ -0,0 +1,142 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2016 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=12.5 +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-mailx +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf mailx-$VERSION +tar xvf $CWD/mailx-$VERSION.tar.?z* || exit 1 +cd mailx-$VERSION || exit 1 + +zcat $CWD/heirloom-mailx-12.5-fixes-1.patch.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +make CFLAGS="$SLKCFLAGS" \ + PREFIX=/usr \ + MANDIR=/usr/man \ + MAILSPOOL=/var/spool/mail \ + UCBINSTALL=/usr/bin/install \ + SENDMAIL=/usr/sbin/sendmail + +make install DESTDIR=$PKG \ + CFLAGS="$SLKCFLAGS" \ + PREFIX=/usr \ + MANDIR=/usr/man \ + MAILSPOOL=/var/spool/mail \ + UCBINSTALL=/usr/bin/install \ + SENDMAIL=/usr/sbin/sendmail + +# We put symlinks in /bin since some things still expect '/bin/mail' or '/bin/Mail': +mkdir -p $PKG/bin +( cd $PKG/bin + ln -sf /usr/bin/mailx Mail + ln -sf /usr/bin/mailx mail + ln -sf /usr/bin/mailx nail +) +# Likewise, we make some compat symlinks in /usr/bin: +( cd $PKG/usr/bin + ln -sf mailx Mail + ln -sf mailx mail + ln -sf mailx nail +) +mv $PKG/etc/nail.rc $PKG/etc/nail.rc.new +strip $PKG/usr/bin/mailx + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Manpage links: +( cd $PKG/usr/man/man1 + ln -sf mailx.1.gz mail.1.gz + ln -sf mailx.1.gz nail.1.gz + ln -sf mailx.1.gz Mail.1.gz +) + +mkdir -p $PKG/usr/doc/mailx-$VERSION +cp -a \ + AUTHORS COPYING* INSTALL README TODO \ + $PKG/usr/doc/mailx-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/mailx-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/mailx/slack-desc b/patches/source/mailx/slack-desc new file mode 100644 index 00000000..d02c6f03 --- /dev/null +++ b/patches/source/mailx/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +mailx: mailx (a simple mail client) +mailx: +mailx: Mailx is derived from Berkeley Mail and is intended provide the +mailx: functionality of the POSIX mailx command with additional support +mailx: for MIME, IMAP, POP3, SMTP, and S/MIME. It provides enhanced +mailx: features for interactive use, such as caching and disconnected +mailx: operation for IMAP, message threading, scoring, and filtering. +mailx: It is also usable as a mail batch language, both for sending +mailx: and receiving mail. +mailx: +mailx: The maintainer and primary developer of mailx is Gunnar Ritter. diff --git a/patches/source/mercurial/doinst.sh b/patches/source/mercurial/doinst.sh new file mode 100644 index 00000000..4cefcc34 --- /dev/null +++ b/patches/source/mercurial/doinst.sh @@ -0,0 +1,13 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/mercurial/hgrc.d/hgk.rc.new +rm -f etc/mercurial/hgrc.d/hgk.rc.new diff --git a/patches/source/mercurial/mercurial.SlackBuild b/patches/source/mercurial/mercurial.SlackBuild new file mode 100755 index 00000000..793e99e0 --- /dev/null +++ b/patches/source/mercurial/mercurial.SlackBuild @@ -0,0 +1,109 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +VERSION=${VERSION:-$(echo mercurial-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-mercurial + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf mercurial-$VERSION +tar xvf $CWD/mercurial-$VERSION.tar.?z* || exit 1 +cd mercurial-$VERSION +chown -R root.root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +python setup.py build install --root=$PKG || exit 1 + +# Ordinarily we will not add stuff that's not installed through the normal +# default installation method, but we've had a lot of requests, and it appears +# that installing at least the hgk extension is the ad-hoc standard. +mkdir -p $PKG/usr/libexec/mercurial +cp -a contrib/hgk $PKG/usr/libexec/mercurial +chmod 0755 $PKG/usr/libexec/mercurial/hgk + +mkdir -p $PKG/etc/mercurial/hgrc.d +cat << EOF > $PKG/etc/mercurial/hgrc.d/hgk.rc.new +[extensions] +# enable hgk extension ('hg help' shows 'view' as a command) +hgk = +[hgk] + +path=/usr/libexec/mercurial/hgk +EOF + +# Bash and zsh completion: +mkdir -p $PKG/usr/share/bash-completion/completions/ +cp -a contrib/bash_completion $PKG/usr/share/bash-completion/completions/hg +chmod 644 $PKG/usr/share/bash-completion/completions/hg +mkdir -p $PKG/usr/share/zsh/site-functions +cp -a contrib/zsh_completion $PKG/usr/share/zsh/site-functions/_mercurial +chmod 644 $PKG/usr/share/zsh/site-functions/_mercurial + +# Emacs Lisp extensions: +mkdir -p $PKG/usr/share/emacs/site-lisp +cp -a contrib/mercurial.el contrib/mq.el $PKG/usr/share/emacs/site-lisp +chmod 644 $PKG/usr/share/emacs/site-lisp/* + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +( cd doc + for dir in 1 5 ; do + mkdir -p $PKG/usr/man/man${dir} + for file in *.${dir} ; do + cat $file | gzip -9c > $PKG/usr/man/man${dir}/${file}.gz + done + done +) + +mkdir -p $PKG/usr/doc/mercurial-$VERSION +cp -a \ + CONTRIBUTORS COPYING* PKG-INFO README* \ + $PKG/usr/doc/mercurial-$VERSION + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/mercurial-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/mercurial/slack-desc b/patches/source/mercurial/slack-desc new file mode 100644 index 00000000..e770f6c3 --- /dev/null +++ b/patches/source/mercurial/slack-desc @@ -0,0 +1,22 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + +# This article is licensed under the GNU Free Documentation License. +# It uses material from the Wikipedia article "Mercurial". + + |-----handy-ruler------------------------------------------------------| +mercurial: mercurial (a distributed source management system) +mercurial: +mercurial: Mercurial is a cross-platform, distributed source management tool for +mercurial: software developers. It is written in Python, with a binary diff +mercurial: implementation written in C. Its major features include high- +mercurial: performance; serverless, fully distributed collaborative development; +mercurial: robust handling of both plain text and binary files; advanced +mercurial: branching and merging capabilities; and full source code available +mercurial: under the terms of the LGPL. +mercurial: +mercurial: Mercurial was written by Matt Mackall and other contributors. diff --git a/patches/source/minicom/config.sub-x86_64.diff b/patches/source/minicom/config.sub-x86_64.diff new file mode 100644 index 00000000..fa89bb3c --- /dev/null +++ b/patches/source/minicom/config.sub-x86_64.diff @@ -0,0 +1,20 @@ +--- ./config.sub.orig 1998-04-26 17:20:59.000000000 +0400 ++++ ./config.sub 2007-08-30 09:48:46.000000000 +0400 +@@ -129,7 +129,7 @@ + case $basic_machine in + # Recognize the basic CPU types without company name. + # Some are omitted here because they have special meanings below. +- tahoe | i[345]86 | i860 | m68k | m68000 | m88k | ns32k | arm \ ++ tahoe | i[345]86 | x86_64 | i860 | m68k | m68000 | m88k | ns32k | arm \ + | arme[lb] | pyramid \ + | tron | a29k | 580 | i960 | h8300 | hppa1.0 | hppa1.1 \ + | alpha | we32k | ns16k | clipper | sparclite | i370 | sh \ +@@ -144,7 +144,7 @@ + exit 1 + ;; + # Recognize the basic CPU types with company name. +- vax-* | tahoe-* | i[345]86-* | i860-* | m68k-* | m68000-* | m88k-* \ ++ vax-* | tahoe-* | i[345]86-* | x86_64-* | i860-* | m68k-* | m68000-* | m88k-* \ + | sparc-* | ns32k-* | fx80-* | arm-* | c[123]* \ + | mips-* | pyramid-* | tron-* | a29k-* | romp-* | rs6000-* | power-* \ + | none-* | 580-* | cray2-* | h8300-* | i960-* | xmp-* | ymp-* \ diff --git a/patches/source/minicom/doinst.sh b/patches/source/minicom/doinst.sh new file mode 100644 index 00000000..5961829b --- /dev/null +++ b/patches/source/minicom/doinst.sh @@ -0,0 +1,15 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/minicom.users.new +config etc/minirc.dfl.new +rm -f etc/minicom.users.new etc/minirc.dfl.new diff --git a/patches/source/minicom/lrzsz_0.12.21-5.diff b/patches/source/minicom/lrzsz_0.12.21-5.diff new file mode 100644 index 00000000..b2541a91 --- /dev/null +++ b/patches/source/minicom/lrzsz_0.12.21-5.diff @@ -0,0 +1,4194 @@ +--- lrzsz-0.12.21.orig/po/de.po ++++ lrzsz-0.12.21/po/de.po +@@ -28,21 +28,21 @@ + + #: src/lsz.c:422 + msgid "packetlength" +-msgstr "Paketlänge" ++msgstr "Paketl?nge" + + #: src/lsz.c:427 + #, c-format + msgid "packetlength out of range 24..%ld" +-msgstr "Argument der Option L außerhalb des Bereichs 24..%ld" ++msgstr "Argument der Option L au?erhalb des Bereichs 24..%ld" + + #: src/lsz.c:436 + msgid "framelength" +-msgstr "Framelänge" ++msgstr "Framel?nge" + + #: src/lsz.c:441 + #, c-format + msgid "framelength out of range 32..%ld" +-msgstr "Argument der Option l außerhalb des Bereichs 32..%ld" ++msgstr "Argument der Option l au?erhalb des Bereichs 32..%ld" + + #: src/lrz.c:318 src/lsz.c:450 + msgid "min_bps" +@@ -50,7 +50,7 @@ + + #: src/lsz.c:452 + msgid "min_bps must be >= 0" +-msgstr "minimale BPS-Rate muß >= 0 sein" ++msgstr "minimale BPS-Rate mu? >= 0 sein" + + #: src/lrz.c:324 src/lsz.c:458 + msgid "min_bps_time" +@@ -58,7 +58,7 @@ + + #: src/lrz.c:326 src/lsz.c:460 + msgid "min_bps_time must be > 1" +-msgstr "Zeitfenster für minimale BPS-Rate muß > 1 Sekunde sein" ++msgstr "Zeitfenster f?r minimale BPS-Rate mu? > 1 Sekunde sein" + + #: src/lrz.c:342 src/lsz.c:484 + msgid "hour to large (0..23)" +@@ -70,7 +70,7 @@ + + #: src/lrz.c:348 src/lsz.c:490 + msgid "minute to large (0..59)" +-msgstr "Minute zu groß (0..59)" ++msgstr "Minute zu gro? (0..59)" + + #: src/lrz.c:358 src/lrz.c:365 src/lsz.c:500 src/lsz.c:507 + msgid "stop time to small" +@@ -86,15 +86,15 @@ + + #: src/lrz.c:396 src/lsz.c:518 + msgid "timeout out of range 10..1000" +-msgstr "Argument der Option t außerhalb des Bereichs 10..1000" ++msgstr "Argument der Option t au?erhalb des Bereichs 10..1000" + + #: src/lrz.c:412 src/lsz.c:526 + msgid "security violation: can't do that under restricted shell\n" +-msgstr "Sicherheitsverstoß: Ausführung unter eingeschränkter Shell verboten\n" ++msgstr "Sicherheitsversto?: Ausf?hrung unter eingeschr?nkter Shell verboten\n" + + #: src/lrz.c:402 src/lsz.c:533 + msgid "window size" +-msgstr "Fenstergröße" ++msgstr "Fenstergr??e" + + #: src/lrz.c:427 src/lrz.c:434 src/lsz.c:556 src/lsz.c:563 + msgid "cannot turnoff syslog" +@@ -102,7 +102,7 @@ + + #: src/lrz.c:449 src/lsz.c:571 + msgid "startup delay" +-msgstr "Startverzögerung" ++msgstr "Startverz?gerung" + + #: src/lrz.c:465 src/lrz.c:483 src/lrz.c:760 src/lrz.c:1122 src/lrz.c:1244 + #: src/lrz.c:1292 src/lrz.c:1309 src/lrz.c:1324 src/lrz.c:1423 src/lsz.c:580 +@@ -117,11 +117,11 @@ + + #: src/lsz.c:612 src/lsz.c:627 + msgid "need at least one file to send" +-msgstr "es muß mindestens ein Name einer zu sendenden Datei angegeben werden" ++msgstr "es mu? mindestens ein Name einer zu sendenden Datei angegeben werden" + + #: src/lsz.c:629 + msgid "Can't send command in restricted mode\n" +-msgstr "Im eingeschränkten Modus ist das Senden von Kommandos verboten\n" ++msgstr "Im eingeschr?nkten Modus ist das Senden von Kommandos verboten\n" + + #: src/lrz.c:527 src/lsz.c:656 + msgid "hostname too long\n" +@@ -137,21 +137,21 @@ + + #: src/lrz.c:574 src/lsz.c:803 + msgid "Transfer incomplete\n" +-msgstr "Übertragung nicht abgeschlossen\n" ++msgstr "?bertragung nicht abgeschlossen\n" + + #: src/lrz.c:576 src/lsz.c:805 + msgid "Transfer complete\n" +-msgstr "Übertragung abgeschlossen\n" ++msgstr "?bertragung abgeschlossen\n" + + #: src/lsz.c:838 + #, c-format + msgid "send_pseudo %s: cannot open tmpfile %s: %s" +-msgstr "send_pseudo %s: kann temporäre Datei %s nicht öffnen: %s" ++msgstr "send_pseudo %s: kann tempor?re Datei %s nicht ?ffnen: %s" + + #: src/lsz.c:851 + #, c-format + msgid "send_pseudo %s: cannot lstat tmpfile %s: %s" +-msgstr "send_pseudo %s: kann lstat nicht auf temporäre Datei %s anwenden: %s" ++msgstr "send_pseudo %s: kann lstat nicht auf tempor?re Datei %s anwenden: %s" + + #: src/lsz.c:859 + #, c-format +@@ -161,7 +161,7 @@ + #: src/lsz.c:870 + #, c-format + msgid "send_pseudo %s: cannot write to tmpfile %s: %s" +-msgstr "send_pseudo %s: kann nicht in temporäre Datei %s schreiben: %s" ++msgstr "send_pseudo %s: kann nicht in tempor?re Datei %s schreiben: %s" + + #: src/lsz.c:879 + #, c-format +@@ -188,17 +188,17 @@ + + #: src/lsz.c:953 + msgid "Can't open any requested files." +-msgstr "Kann keine der angeforderten Dateien öffnen" ++msgstr "Kann keine der angeforderten Dateien ?ffnen" + + #: src/lsz.c:1009 + #, c-format + msgid "security violation: not allowed to upload from %s" +-msgstr "Sicherheitsverstoß: Ausführung unter eingeschränkter Shell verboten" ++msgstr "Sicherheitsversto?: Ausf?hrung unter eingeschr?nkter Shell verboten" + + #: src/lrz.c:1384 src/lsz.c:1027 + #, c-format + msgid "cannot open %s" +-msgstr "kann %s nicht öffnen" ++msgstr "kann %s nicht ?ffnen" + + #: src/lsz.c:1082 + #, c-format +@@ -213,12 +213,12 @@ + #: src/lsz.c:1119 + #, c-format + msgid "skipped: %s" +-msgstr "übersprungen: %s" ++msgstr "?bersprungen: %s" + + #: src/lsz.c:1122 + #, c-format + msgid "%s/%s: skipped" +-msgstr "%s/%s: übersprungen" ++msgstr "%s/%s: ?bersprungen" + + #: src/lsz.c:1149 + #, c-format +@@ -228,7 +228,7 @@ + #: src/lsz.c:1178 + #, c-format + msgid "Sending %s, %ld blocks: " +-msgstr "Sende %s, %ld Blöcke:" ++msgstr "Sende %s, %ld Bl?cke:" + + #: src/lsz.c:1181 + msgid "Give your local XMODEM receive command now." +@@ -245,11 +245,11 @@ + + #: src/lsz.c:1314 + msgid "Receiver Cancelled" +-msgstr "Empfänger brach ab" ++msgstr "Empf?nger brach ab" + + #: src/lsz.c:1340 + msgid "No ACK on EOT" +-msgstr "Keine Bestätigung für Übertragungsende erhalten" ++msgstr "Keine Best?tigung f?r ?bertragungsende erhalten" + + #: src/lsz.c:1361 + #, c-format +@@ -267,11 +267,11 @@ + + #: src/lsz.c:1399 + msgid "Timeout on sector ACK" +-msgstr "Timeout bei Sektorbestätigung" ++msgstr "Timeout bei Sektorbest?tigung" + + #: src/lsz.c:1404 + msgid "NAK on sector" +-msgstr "Sektor nicht bestätigt" ++msgstr "Sektor nicht best?tigt" + + #: src/lsz.c:1410 + msgid "Got burst for sector ACK" +@@ -280,11 +280,11 @@ + #: src/lsz.c:1412 + #, c-format + msgid "Got %02x for sector ACK" +-msgstr "Erhielt %02x als Sektorbestätigung" ++msgstr "Erhielt %02x als Sektorbest?tigung" + + #: src/lsz.c:1424 + msgid "Retry Count Exceeded" +-msgstr "Maximale Wiederholungsanzahl überschritten" ++msgstr "Maximale Wiederholungsanzahl ?berschritten" + + #: src/lrz.c:596 src/lsz.c:1502 + #, c-format +@@ -308,7 +308,7 @@ + + #: src/lsz.c:1513 + msgid "Send file(s) with ZMODEM/YMODEM/XMODEM protocol\n" +-msgstr "Dateien mit ZMODEM/YMODEM/XMODEM übertragen\n" ++msgstr "Dateien mit ZMODEM/YMODEM/XMODEM ?bertragen\n" + + # src/lrz.c:475 src/lsz.c:1330 xx + #: src/lrz.c:607 src/lsz.c:1515 +@@ -317,9 +317,9 @@ + " (Y) = option applies to YMODEM only\n" + " (Z) = option applies to ZMODEM only\n" + msgstr "" +-" (X) = Option gilt nur für XMODEM\n" +-" (Y) = Option gilt nur für YMODEM\n" +-" (Z) = Option gilt nur für ZMODEM\n" ++" (X) = Option gilt nur f?r XMODEM\n" ++" (Y) = Option gilt nur f?r YMODEM\n" ++" (Z) = Option gilt nur f?r ZMODEM\n" + + #: src/lsz.c:1521 + msgid "" +@@ -347,32 +347,32 @@ + " -m, --min-bps N stop transmission if BPS below N\n" + " -M, --min-bps-time N for at least N seconds (default: 120)\n" + msgstr "" +-" -+, --append an existierende Dateien anhängen (Z)\n" ++" -+, --append an existierende Dateien anh?ngen (Z)\n" + " -2, --twostop zwei Stopbits verwenden\n" +-" -4, --try-4k bis zu 4K Blockgröße verwenden\n" +-" --start-4k mit 4K Blockgröße starten (versucht nicht 8)\n" +-" -8, --try-8k bis zu 8K Blockgröße verwenden\n" +-" --start-8k mit 8K Blockgröße starten\n" ++" -4, --try-4k bis zu 4K Blockgr??e verwenden\n" ++" --start-4k mit 4K Blockgr??e starten (versucht nicht 8)\n" ++" -8, --try-8k bis zu 8K Blockgr??e verwenden\n" ++" --start-8k mit 8K Blockgr??e starten\n" + " -a, --ascii ASCII: NL nach CR/LF wandeln\n" +-" -b, --binary Binärübertragung erzwingen\n" ++" -b, --binary Bin?r?bertragung erzwingen\n" + " -B, --bufsize N N Bytes puffern (auto: ganze Datei puffern)\n" +-" -c, --command COMMAND Kommando KOMMANDO auf Gegenseite ausführen " ++" -c, --command COMMAND Kommando KOMMANDO auf Gegenseite ausf?hren " + "(Z)\n" +-" -C, --command-tries N N mal Kommandoausführung versuchen (Z)\n" ++" -C, --command-tries N N mal Kommandoausf?hrung versuchen (Z)\n" + " -d, --dot-to-slash C '.' in Dateinamen nach '/' wandeln (Y/Z)\n" + " --delay-startup N Bei Programmstart N Sek. schlafen (Debugging)\n" + " -e, --escape alle Steuerzeichen escapen (Z)\n" +-" -E, --rename Empfänger soll Datei umbenennen falls\n" ++" -E, --rename Empf?nger soll Datei umbenennen falls\n" + " Zieldatei schon existiert\n" + " -f, --full-path Dateien mit vollen Pfaden senden (Y/Z)\n" +-" -i, --immediate-command CMD wie `c', aber sofort zurückkehren (Z)\n" ++" -i, --immediate-command CMD wie `c', aber sofort zur?ckkehren (Z)\n" + " -h, --help diesen Hilfetext ausgeben\n" + " -k, --1k 1024 Bytes Pakete senden (Y)\n" +-" -L, --packetlen N Unterpaketlänge auf N Bytes beschränken (Z)\n" +-" -l, --framelen N Rahmenlänge auf N Bytes beschränken (l>=L) " ++" -L, --packetlen N Unterpaketl?nge auf N Bytes beschr?nken (Z)\n" ++" -l, --framelen N Rahmenl?nge auf N Bytes beschr?nken (l>=L) " + "(Z)\n" +-" -m, --min-bps N Übertragung abbrechen bei weniger als N BPS\n" +-" -M, --min-bps-time N für mindestens N Sekunden (Default: 120)\n" ++" -m, --min-bps N ?bertragung abbrechen bei weniger als N BPS\n" ++" -M, --min-bps-time N f?r mindestens N Sekunden (Default: 120)\n" + + #: src/lsz.c:1546 + msgid "" +@@ -400,28 +400,28 @@ + "short options use the same arguments as the long ones\n" + msgstr "" + " -n, --newer Datei senden wenn sie neuer ist (Z)\n" +-" -N, --newer-or-longer Datei senden wenn neuer oder länger (Z)\n" ++" -N, --newer-or-longer Datei senden wenn neuer oder l?nger (Z)\n" + " -o, --16-bit-crc 16Bit CRC statt 32Bit CRC verwenden (Z)\n" + " -O, --disable-timeouts Timeoutbehandlung abschalten\n" +-" -p, --protect existierende Dateien nicht verändern\n" +-" -r, --resume unterbrochene Übertragungen fortsetzen (Z)\n" +-" -R, --restricted eingeschränkter, sichererer Modus\n" ++" -p, --protect existierende Dateien nicht ver?ndern\n" ++" -r, --resume unterbrochene ?bertragungen fortsetzen (Z)\n" ++" -R, --restricted eingeschr?nkter, sichererer Modus\n" + " -q, --quiet leise, keine Ausgaben machen\n" +-" -s, --stop-at {HH:MM|+N} Übertragung um HH:MM oder in N Sek. abbrechen\n" +-" --tcp-server Socket öffnen und auf Verbindung warten\n" +-" --tcp-client ADDR:PORT Socket öffnen und verbindung mit ...\n" +-" -u, --unlink Datei nach Übertragung löschen\n" +-" -U, --unrestrict eingeschränkten Modus aufheben (falls " ++" -s, --stop-at {HH:MM|+N} ?bertragung um HH:MM oder in N Sek. abbrechen\n" ++" --tcp-server Socket ?ffnen und auf Verbindung warten\n" ++" --tcp-client ADDR:PORT Socket ?ffnen und verbindung mit ...\n" ++" -u, --unlink Datei nach ?bertragung l?schen\n" ++" -U, --unrestrict eingeschr?nkten Modus aufheben (falls " + "erlaubt)\n" + " -v, --verbose mehr ausgeben\n" +-" -w, --windowsize N Fenstergröße auf N Bytes setzen (Z)\n" ++" -w, --windowsize N Fenstergr??e auf N Bytes setzen (Z)\n" + " -X --xmodem XMODEM-Protokoll benutzen\n" +-" -y, --overwrite existierende Dateien überschreiben\n" +-" -Y, --overwrite-or-skip wie `y', aber nicht existierende überspringen\n" ++" -y, --overwrite existierende Dateien ?berschreiben\n" ++" -Y, --overwrite-or-skip wie `y', aber nicht existierende ?berspringen\n" + " --ymodem YMODEM-Protokoll benutzen\n" + " -Z, --zmodem ZMODEM-Protokoll benutzen\n" + "\n" +-"Kurze Optionen benötigen dieselben Argumente wie Lange.\n" ++"Kurze Optionen ben?tigen dieselben Argumente wie Lange.\n" + + #: src/lsz.c:1768 + msgid "got ZRQINIT" +@@ -434,7 +434,7 @@ + #: src/lsz.c:1991 + #, c-format + msgid "blklen now %d\n" +-msgstr "Blockgröße nun %d\n" ++msgstr "Blockgr??e nun %d\n" + + #: src/lsz.c:2053 + #, c-format +@@ -453,7 +453,7 @@ + #: src/lsz.c:2223 + #, c-format + msgid "calc_blklen: reduced to %d due to error\n" +-msgstr "calc_blklen: Blockgrösse auf %d reduziert wegen Fehler\n" ++msgstr "calc_blklen: Blockgr?sse auf %d reduziert wegen Fehler\n" + + #: src/lsz.c:2256 + #, c-format +@@ -473,7 +473,7 @@ + #: src/lsz.c:2278 + #, c-format + msgid "calc_blklen: blklen %d, ok %ld, failed %ld -> %lu\n" +-msgstr "calc_blklen: Blocklänge %d, ok %ld, fehlgeschlagen %ld -> %lu\n" ++msgstr "calc_blklen: Blockl?nge %d, ok %ld, fehlgeschlagen %ld -> %lu\n" + + #: src/lsz.c:2290 + #, c-format +@@ -512,7 +512,7 @@ + + #: src/zm.c:712 + msgid "Garbage count exceeded" +-msgstr "Maximale Wiederholungsanzahl überschritten" ++msgstr "Maximale Wiederholungsanzahl ?berschritten" + + #: src/zm.c:773 + #, c-format +@@ -526,11 +526,11 @@ + + #: src/lrz.c:382 + msgid "don't have settimeofday, will not set time\n" +-msgstr "Zeitsynchronisation nicht ausführbar, settimeofday() fehlt\n" ++msgstr "Zeitsynchronisation nicht ausf?hrbar, settimeofday() fehlt\n" + + #: src/lrz.c:386 + msgid "not running as root (this is good!), can not set time\n" +-msgstr "Zeitsynchronisation mangels Superuserrechten nicht ausführbar\n" ++msgstr "Zeitsynchronisation mangels Superuserrechten nicht ausf?hrbar\n" + + #: src/lrz.c:441 + msgid "bytes_per_error" +@@ -542,16 +542,16 @@ + + #: src/lrz.c:455 + msgid "O_SYNC not supported by the kernel" +-msgstr "O_SYNC vom Kernel nicht unterstützt" ++msgstr "O_SYNC vom Kernel nicht unterst?tzt" + + #: src/lrz.c:497 src/lrz.c:499 + msgid "garbage on commandline" +-msgstr "Müll auf der Kommandozeile" ++msgstr "M?ll auf der Kommandozeile" + + #: src/lrz.c:604 + #, c-format + msgid "Usage: %s [options] [filename.if.xmodem]\n" +-msgstr "Benutzung: %s [Optionen] [Dateiname.für.xmodem]\n" ++msgstr "Benutzung: %s [Optionen] [Dateiname.f?r.xmodem]\n" + + #: src/lrz.c:605 + msgid "Receive files with ZMODEM/YMODEM/XMODEM protocol\n" +@@ -596,44 +596,44 @@ + "\n" + "short options use the same arguments as the long ones\n" + msgstr "" +-" -+, --append an existierende Dateien anhängen\n" +-" -a, --ascii ASCII-Übertragung (CR/LF nach LF wandeln)\n" +-" -b, --binary Binärübertragung (keine Umwandlungen)\n" ++" -+, --append an existierende Dateien anh?ngen\n" ++" -a, --ascii ASCII-?bertragung (CR/LF nach LF wandeln)\n" ++" -b, --binary Bin?r?bertragung (keine Umwandlungen)\n" + " -B, --bufsize N N Bytes puffern (auto: ganze Datei puffern)\n" +-" -c, --with-crc 16bit CRC statt Prüfsumme verwenden (X)\n" +-" -C, --allow-remote-commands Ausführung von Kommandos erlauben (Z)\n" ++" -c, --with-crc 16bit CRC statt Pr?fsumme verwenden (X)\n" ++" -C, --allow-remote-commands Ausf?hrung von Kommandos erlauben (Z)\n" + " -D, --null empfangene Daten nach /dev/null schreiben\n" + " --delay-startup N Bei Programmstart N Sek. schlafen (Debugging)\n" + " -e, --escape Alle Steuerzeichen escapen (Z)\n" +-" -E, --rename Empfänger soll Datei umbenennen falls\n" ++" -E, --rename Empf?nger soll Datei umbenennen falls\n" + " Zieldatei schon existiert\n" + " --errors N Einen CRC-Fehler alle N Bytes erzeugen\n" + " -h, --help Diesen Hilfstext ausgeben\n" +-" -m, --min-bps N Übertragung abbrechen bei weniger als N BPS\n" +-" -M, --min-bps-time N für mindestens N Sekunden (Default: 120)\n" ++" -m, --min-bps N ?bertragung abbrechen bei weniger als N BPS\n" ++" -M, --min-bps-time N f?r mindestens N Sekunden (Default: 120)\n" + " -O, --disable-timeouts Timeoutbehandlung abschalten\n" + " --o-sync Ausgabedatei(en) im synchron schreiben\n" +-" -p, --protect existierende Dateien nicht verändern\n" ++" -p, --protect existierende Dateien nicht ver?ndern\n" + " -q, --quiet leise, keine Ausgaben machen\n" +-" -r, --resume unterbrochene Übertragungen fortsetzen (Z)\n" +-" -R, --restricted eingeschränkter, sichererer Modus\n" +-" -s, --stop-at {HH:MM|+N} Übertragung um HH:MM oder in N Sek. abbrechen\n" ++" -r, --resume unterbrochene ?bertragungen fortsetzen (Z)\n" ++" -R, --restricted eingeschr?nkter, sichererer Modus\n" ++" -s, --stop-at {HH:MM|+N} ?bertragung um HH:MM oder in N Sek. abbrechen\n" + " -S, --timesync Zeit anfordern (doppelt: lokale Zeit setzen)\n" +-" --syslog[=off] syslog an- oder ausschalten, wenn möglich\n" ++" --syslog[=off] syslog an- oder ausschalten, wenn m?glich\n" + " -t, --timeout N Timeout auf N Zehntelsekungen setzen\n" +-" --tcp-server Socket öffnen und auf Verbindung warten\n" +-" --tcp-client ADDR:PORT Socket öffnen und verbindung mit ...\n" ++" --tcp-server Socket ?ffnen und auf Verbindung warten\n" ++" --tcp-client ADDR:PORT Socket ?ffnen und verbindung mit ...\n" + " -u, --keep-uppercase GROSS geschrieben Dateinamen beibehalten\n" +-" -U, --unrestrict eingeschränkten Modus aufheben (falls " ++" -U, --unrestrict eingeschr?nkten Modus aufheben (falls " + "erlaubt)\n" + " -v, --verbose mehr ausgeben\n" +-" -w, --windowsize N Fenstergröße auf N Bytes setzen (Z)\n" ++" -w, --windowsize N Fenstergr??e auf N Bytes setzen (Z)\n" + " -X --xmodem XMODEM-Protokoll benutzen\n" +-" -y, --overwrite existierende Dateien überschreiben\n" ++" -y, --overwrite existierende Dateien ?berschreiben\n" + " --ymodem YMODEM-Protokoll benutzen\n" + " -Z, --zmodem ZMODEM-Protokoll benutzen\n" + "\n" +-"Kurze Optionen benötigen dieselben Argumente wie Lange.\n" ++"Kurze Optionen ben?tigen dieselben Argumente wie Lange.\n" + + #: src/lrz.c:676 + #, c-format +@@ -662,11 +662,11 @@ + "%s: %s removed.\r\n" + msgstr "" + "\r\n" +-"%s: %s gelöscht\r\n" ++"%s: %s gel?scht\r\n" + + #: src/lrz.c:856 + msgid "Pathname fetch returned EOT" +-msgstr "Ende der Übertragung beim Warten auf Dateinamen" ++msgstr "Ende der ?bertragung beim Warten auf Dateinamen" + + #: src/lrz.c:903 + msgid "Received dup Sector" +@@ -682,7 +682,7 @@ + + #: src/lrz.c:976 + msgid "Checksum" +-msgstr "Prüfsummenfehler" ++msgstr "Pr?fsummenfehler" + + #: src/lrz.c:979 + msgid "Sector number garbled" +@@ -695,12 +695,12 @@ + #: src/lrz.c:1005 + #, c-format + msgid "Got 0%o sector header" +-msgstr "Erhielt %02x als Sektorbestätigung" ++msgstr "Erhielt %02x als Sektorbest?tigung" + + #: src/lrz.c:1113 + #, c-format + msgid "file name ends with a /, skipped: %s\n" +-msgstr "Dateiname endet mit /, übersprungen: %s\n" ++msgstr "Dateiname endet mit /, ?bersprungen: %s\n" + + #: src/lrz.c:1127 + #, c-format +@@ -715,7 +715,7 @@ + #: src/lrz.c:1192 src/lrz.c:1226 + #, c-format + msgid "file exists, skipped: %s\n" +-msgstr "Datei existiert, übersprungen: %s\n" ++msgstr "Datei existiert, ?bersprungen: %s\n" + + #: src/lrz.c:1267 + #, c-format +@@ -739,7 +739,7 @@ + #: src/lrz.c:1545 + #, c-format + msgid "Blocks received: %d" +-msgstr "Blöcke empfangen: %d" ++msgstr "Bl?cke empfangen: %d" + + #: src/lrz.c:1599 + #, c-format +@@ -749,15 +749,15 @@ + #: src/lrz.c:1612 src/lrz.c:1620 + #, c-format + msgid "%s:\tSecurity Violation" +-msgstr "%s:\tSicherheitsverstoß" ++msgstr "%s:\tSicherheitsversto?" + + #: src/lrz.c:1730 + msgid "remote command execution requested" +-msgstr "Gegenseite versucht Kommandoausführung" ++msgstr "Gegenseite versucht Kommandoausf?hrung" + + #: src/lrz.c:1737 + msgid "not executed" +-msgstr "nicht ausgeführt" ++msgstr "nicht ausgef?hrt" + + #: src/lrz.c:1768 + msgid "got ZRINIT" +@@ -765,7 +765,7 @@ + + #: src/lrz.c:1817 + msgid "Skipped" +-msgstr "Übersprungen" ++msgstr "?bersprungen" + + #. too bad + #: src/lrz.c:2049 +@@ -785,7 +785,7 @@ + + #: src/lrz.c:2215 + msgid "file close error" +-msgstr "Fehler beim Schließen der Datei" ++msgstr "Fehler beim Schlie?en der Datei" + + #~ msgid "tcp protocol init failed\n" + #~ msgstr "TCP Protokoll Initialisierung fehlgeschlagen\n" +@@ -797,7 +797,7 @@ + #~ msgstr "fgets() bei tcp Protokoll Synchronisation fehlgeschlagen: " + + #~ msgid "Transfer complete." +-#~ msgstr "Übertragung abgeschlossen" ++#~ msgstr "?bertragung abgeschlossen" + + #~ msgid "at" + #~ msgstr "um" +@@ -809,4 +809,4 @@ + #~ msgstr "Zeitsynchronisation: ok\n" + + #~ msgid "Falldown to %ld blklen" +-#~ msgstr "Blockgröße auf %ld gesenkt" ++#~ msgstr "Blockgr??e auf %ld gesenkt" +--- lrzsz-0.12.21.orig/debian/copyright ++++ lrzsz-0.12.21/debian/copyright +@@ -0,0 +1,31 @@ ++This is the lrzsz Debian GNU/Linux package. It was first maintained by ++Michael Alan Dorman <mdorman@debian.org>, with help of Martin Mitchell ++and current upstream maintainer, Uwe Ohse <uwe@ohse.de>. ++ ++Current maintainer is Josip Rodin <jrodin@jagor.srce.hr> ++ ++Original source was downloaded from: ftp://tirka.ohse.de/uwe/ ++ ++Copyright (C) until 1988 Chuck Forsberg (Omen Technology INC) ++Copyright (C) 1994 Matt Porter, Michael D. Black ++Copyright (C) 1996, 1997 Uwe Ohse ++ ++Please note that credit should be given to Chuck Forsberg (rzsz) and ++Stephen Satchell/Satchell Evaluations (crc routines) for this package. ++ ++ This program is free software; you can redistribute it and/or modify ++ it under the terms of the GNU General Public License as published by ++ the Free Software Foundation; version 2 dated June, 1991. ++ ++ This program is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ GNU General Public License for more details. ++ ++ You should have received a copy of the GNU General Public License ++ along with this program; if not, write to the Free Software ++ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, ++ MA 02110-1301, USA. ++ ++On Debian systems, the complete text of the GNU General Public License ++can be found in /usr/share/common-licenses/GPL file. +--- lrzsz-0.12.21.orig/debian/control ++++ lrzsz-0.12.21/debian/control +@@ -0,0 +1,18 @@ ++Source: lrzsz ++Section: comm ++Priority: optional ++Maintainer: Martin A. Godisch <godisch@debian.org> ++Standards-Version: 3.8.3 ++Build-Depends: autotools-dev, gettext ++ ++Package: lrzsz ++Architecture: any ++Depends: ${shlibs:Depends} ++Suggests: minicom ++Description: Tools for zmodem/xmodem/ymodem file transfer ++ Lrzsz is a cosmetically modified zmodem/ymodem/xmodem package built ++ from the public-domain version of Chuck Forsberg's rzsz package. ++ . ++ These programs use error correcting protocols ({z,x,y}modem) to send ++ (sz, sx, sb) and receive (rz, rx, rb) files over a dial-in serial port ++ from a variety of programs running under various operating systems. +--- lrzsz-0.12.21.orig/debian/changelog ++++ lrzsz-0.12.21/debian/changelog +@@ -0,0 +1,104 @@ ++lrzsz (0.12.21-5) unstable; urgency=low ++ ++ * New maintainer upload, closes: #556238. ++ Thanks to Josip Rodin for his work. ++ * Removed build-dependency on debhelper. ++ * Added build-dependency on autotools-dev. ++ * Cut Debian diff.gz into pieces. ++ * Updated FSF address in copyright file. ++ * Updated German po file, added build-dependency on gettext. ++ Closes: #313992, thanks to Jens Seidel and Tobias Toedter. ++ * Fixed missing includes (compiler warnings). ++ * Fixed typo in sz manpage. ++ * Fixed linking to libnsl. ++ * Removed changelog emacs settings. ++ * Updated standards version. ++ ++ -- Martin A. Godisch <godisch@debian.org> Sun, 22 Nov 2009 09:35:13 +0100 ++ ++lrzsz (0.12.21-4.1) unstable; urgency=low ++ ++ * Non-maintainer upload. ++ * Rebuilt with current debhelper, finishing the /usr/doc transition. ++ Closes: #322762 ++ * Rebuilt with a current toolchain, now it's prelinkable. ++ Closes: #288084 ++ * Appled man page typo fix patch from A Costa. Closes: #311459 ++ ++ -- Joey Hess <joeyh@debian.org> Tue, 10 Jan 2006 01:35:00 -0500 ++ ++lrzsz (0.12.21-4) unstable; urgency=low ++ ++ * Updated for Standards-Version: 3.5.2. ++ * Added touch stamp-h.in before make invocation in order to stop ++ autoheader from running. ++ ++ -- Josip Rodin <jrodin@jagor.srce.hr> Sun, 25 Mar 2001 19:48:18 +0200 ++ ++lrzsz (0.12.21-3) unstable; urgency=low ++ ++ * Newish upstream version, (990823 in CVS). ++ * Updated for Policy 3.x. ++ * Misc. fixes for debian/*. ++ ++ -- Josip Rodin <jrodin@jagor.srce.hr> Sun, 19 Sep 1999 17:55:38 +0200 ++ ++lrzsz (0.12.21-2) unstable; urgency=low ++ ++ * Removed definition of strstr, advised by upstream maintainer, to ++ get it to compile on glibc2.1, as John Goerzen and Bart Warmerdam ++ noticed (fixes: #39429 #39812). ++ ++ -- Josip Rodin <jrodin@jagor.srce.hr> Sun, 20 Jun 1999 21:38:07 +0200 ++ ++lrzsz (0.12.21-1) unstable; urgency=low ++ ++ * New upstream version (990604 in CVS). ++ * Cleaned up the diff by removing unneeded .deps/ files and not changing ++ aclocal et al. ++ ++ -- Josip Rodin <jrodin@jagor.srce.hr> Sun, 6 Jun 1999 21:01:50 +0200 ++ ++lrzsz (0.12.20-2) unstable; urgency=low ++ ++ * Don't install ansi2knr.1 manpage, closing bug #33121 ++ ++ -- Josip Rodin <jrodin@jagor.srce.hr> Sun, 7 Feb 1999 01:32:31 +0100 ++ ++lrzsz (0.12.20-1) unstable; urgency=low ++ ++ * New maintainer. ++ * Althought version number doesn't indicate that, this version is ++ today's CVS snapshot from ftp://tirka.ohse.de/uwe/cvs-trees ++ * This release fixes following bugs: #8373 #11208 #16170 #16744 #17210. ++ * Package is lintian clean. ++ ++ -- Josip Rodin <jrodin@jagor.srce.hr> Sun, 7 Feb 1999 01:32:31 +0100 ++ ++lrzsz (0.12.17) unstable; urgency=low ++ ++ * sorry, see ../ChangeLog. automagically generated debian/changelog ++ ++ -- Uwe Ohse <uwe@ohse.de> Mon, 02 Jun 1997 10:06:05 +0200 ++ ++lrzsz (0.12.16) unstable; urgency=low ++ ++ * sorry, see ../ChangeLog. changelog is here just to make ++ dpkg happy. ++ * initial release ++ ++ -- Uwe Ohse <uwe@ohse.de> Sun, 2 Jun 1997 21:00:00 +0200 ++ ++lrzsz (0.12b-1.1) unstable; urgency=low ++ ++ * Non-maintainer release. ++ * Libc6 compile. ++ ++ -- Martin Mitchell <martin@debian.org> Sat, 18 Oct 1997 01:58:54 +1000 ++ ++lrzsz (0.12b-1) unstable; urgency=low ++ ++ * Converted to new source packaging format. ++ * New upstream version. ++ ++ -- Michael Alan Dorman <mdorman@calder.med.miami.edu> Tue, 17 Sep 1996 13:39:23 -0400 +--- lrzsz-0.12.21.orig/debian/rules ++++ lrzsz-0.12.21/debian/rules +@@ -0,0 +1,80 @@ ++#!/usr/bin/make -f ++ ++testdir = test -f src/lrz.c && test -f debian/rules ++testroot = test x`whoami` = xroot ++ ++# FOR AUTOCONF 2.13 ONLY ++ifeq ($(DEB_BUILD_GNU_TYPE), $(DEB_HOST_GNU_TYPE)) ++ confflags += $(DEB_HOST_GNU_TYPE) ++else ++ $(error Cannot cross-compile this package out-of-the-box) ++endif ++ ++CFLAGS = -Wall -g ++ifneq "$(findstring noopt,$(DEB_BUILD_OPTIONS))" "" ++ CFLAGS += -O0 ++else ++ CFLAGS += -O2 ++endif ++export CFLAGS ++ ++build: build-stamp ++build-stamp: ++ $(testdir) ++ cp -f /usr/share/misc/config.guess /usr/share/misc/config.sub . ++ -cat debian/patches/*.diff | patch -Ntp1 -r debian/rejected --no-backup-if-mismatch ++ ./configure $(CONFFLAGS) --prefix=/usr --mandir='$${prefix}/share/man' --program-transform-name=s/l// ++ touch stamp-h.in # to stop autoheader from running ++ touch -d yesterday aclocal.m4 # to stop automake from running ++ $(MAKE) ++ touch $@ ++ ++clean: ++ $(testdir) ++ $(testroot) ++ cp -f /usr/share/misc/config.guess /usr/share/misc/config.sub . ++ touch stamp-h.in # to stop autoheader from running ++ touch -d yesterday aclocal.m4 # to stop automake from running ++ [ ! -f Makefile ] || $(MAKE) distclean ++ -cat `ls -r debian/patches/*.diff` /dev/null | patch -RNtp1 -r debian/rejected --no-backup-if-mismatch ++ rm -rf debian/tmp ++ rm -f build-stamp config.guess config.sub po/lrzsz.pot po/*.gmo debian/files debian/rejected debian/substvars ++ ++binary: binary-arch ++ ++binary-indep: ++ ++binary-arch: build ++ $(testdir) ++ $(testroot) ++ rm -rf debian/tmp ++ ++ $(MAKE) prefix=$(CURDIR)/debian/tmp/usr install ++ ++ifeq "$(findstring nostrip,$(DEB_BUILD_OPTIONS))" "" ++ strip -R .comment -R .note debian/tmp/usr/bin/* ++endif ++ ++ install -d -m 0755 debian/tmp/usr/share/doc/lrzsz ++ install -p -m 0644 NEWS README README.cvs README.isdn4linux TODO debian/copyright debian/tmp/usr/share/doc/lrzsz ++ install -p -m 0644 -D ChangeLog debian/tmp/usr/share/doc/lrzsz/changelog ++ install -p -m 0644 -D debian/changelog debian/tmp/usr/share/doc/lrzsz/changelog.Debian ++ ++ find debian/tmp/usr/share/man -type f -print0 | xargs -0 gzip -9 ++ find debian/tmp/usr/share/doc -type f ! -name copyright ! -name '*.html' \ ++ \( -name 'changelog*' -o -size +8 \) -print0 | xargs -0 gzip -9 ++ ++ ln -s rz.1.gz debian/tmp/usr/share/man/man1/rb.1.gz ++ ln -s rz.1.gz debian/tmp/usr/share/man/man1/rx.1.gz ++ ln -s sz.1.gz debian/tmp/usr/share/man/man1/sb.1.gz ++ ln -s sz.1.gz debian/tmp/usr/share/man/man1/sx.1.gz ++ ++ install -d -m 0755 debian/tmp/DEBIAN ++ install -p -m 0644 debian/control debian/tmp/DEBIAN ++ cd debian/tmp && find usr -type f -print0 | xargs -0 md5sum > DEBIAN/md5sums ++ ++ dpkg-shlibdeps debian/tmp/usr/bin/* ++ dpkg-gencontrol -isp -plrzsz ++ dpkg --build debian/tmp .. ++ ++.PHONY: build clean binary binary-indep binary-arch +--- lrzsz-0.12.21.orig/debian/patches/206648_dszlog.diff.unchecked ++++ lrzsz-0.12.21/debian/patches/206648_dszlog.diff.unchecked +@@ -0,0 +1,311 @@ ++diff -ur lrzsz-0.12.21/src/lrz.c newlrzsz/src/lrz.c ++--- lrzsz-0.12.21/src/lrz.c 2003-08-21 16:22:01.000000000 -0500 +++++ newlrzsz/src/lrz.c 2003-08-21 17:05:53.000000000 -0500 ++@@ -68,6 +68,7 @@ ++ unsigned Baudrate = 2400; ++ ++ FILE *fout; +++char *dszlogpath; ++ ++ ++ int Lastrx; ++@@ -192,6 +193,9 @@ ++ zmputs(Attn); ++ canit(STDOUT_FILENO); ++ io_mode(0,0); +++ if (dszlogpath) { +++ dszlog(dszlogpath, 'L', 0, 0, 0, errors, 0, 0); +++ } ++ error(128+n,0,_("caught signal %d; exiting"), n); ++ } ++ ++@@ -265,6 +269,13 @@ ++ if ((cp=getenv("ZMODEM_RESTRICTED"))!=NULL) ++ Restricted=2; ++ +++ dszlogpath = getenv("DSZLOG"); +++ if (access(dszlogpath, F_OK) == 0) { +++ if (unlink(dszlogpath) != 0) { +++ perror("unlink dszlog"); +++ } +++ } +++ ++ /* make temporary and unfinished files */ ++ umask(0077); ++ ++@@ -559,6 +570,7 @@ ++ signal(SIGINT, bibi); ++ signal(SIGTERM, bibi); ++ signal(SIGPIPE, bibi); +++ signal(SIGHUP, bibi); ++ if (wcreceive(npats, patts)==ERROR) { ++ exitcode=0200; ++ canit(STDOUT_FILENO); ++@@ -685,9 +697,9 @@ ++ #endif ++ if (c) ++ goto fubar; ++- } else { +++ } else { /* Not Xmodem, not Zmodem, so Ymodem */ ++ for (;;) { ++- if (Verbose > 1 +++ if (Verbose > 1 || dszlogpath ++ #ifdef ENABLE_SYSLOG ++ || enable_syslog ++ #endif ++@@ -712,7 +724,7 @@ ++ if (wcrx(&zi)==ERROR) ++ goto fubar; ++ ++- if (Verbose > 1 +++ if (Verbose > 1 || dszlogpath ++ #ifdef ENABLE_SYSLOG ++ || enable_syslog ++ #endif ++@@ -734,16 +746,19 @@ ++ lsyslog(LOG_INFO,"%s/%s: %ld Bytes, %ld BPS", ++ shortname,protname(),zi.bytes_received, bps); ++ #endif +++ if (dszlogpath) dszlog(dszlogpath, 'R', +++ zi.bytes_received, zi.fname, +++ bps, errors, 0, 0); ++ } ++ } ++ } ++- } else { +++ } else { /* Xmodem */ ++ char dummy[128]; ++ dummy[0]='\0'; /* pre-ANSI HPUX cc demands this */ ++ dummy[1]='\0'; /* procheader uses name + 1 + strlen(name) */ ++ zi.bytes_total = DEFBYTL; ++ ++- if (Verbose > 1 +++ if (Verbose > 1 || dszlogpath ++ #ifdef ENABLE_SYSLOG ++ || enable_syslog ++ #endif ++@@ -782,7 +797,7 @@ ++ if (wcrx(&zi)==ERROR) { ++ goto fubar; ++ } ++- if (Verbose > 1 +++ if (Verbose > 1 || dszlogpath ++ #ifdef ENABLE_SYSLOG ++ || enable_syslog ++ #endif ++@@ -803,6 +818,10 @@ ++ lsyslog(LOG_INFO,"%s/%s: %ld Bytes, %ld BPS", ++ shortname,protname(),zi.bytes_received, bps); ++ #endif +++ if (dszlogpath) dszlog(dszlogpath, 'R', +++ zi.bytes_received, zi.fname, +++ bps, errors, 0, 0); +++ ++ } ++ } ++ return OK; ++@@ -812,6 +831,13 @@ ++ lsyslog(LOG_ERR,"%s/%s: got error", ++ shortname ? shortname : "no.name", protname()); ++ #endif +++ if (dszlogpath) { +++ double d = timing(0,NULL); +++ dszlog(dszlogpath, 'E', zi.bytes_received, zi.fname, +++ (zi.bytes_received-zi.bytes_skipped)/((d) ? d : 0.5), +++ errors, 0, 0); +++ } +++ ++ canit(STDOUT_FILENO); ++ if (Topipe && fout) { ++ pclose(fout); return ERROR; ++@@ -1783,10 +1809,18 @@ ++ rzfiles(struct zm_fileinfo *zi) ++ { ++ register int c; +++ long bps; ++ ++ for (;;) { ++ timing(1,NULL); ++ c = rzfile(zi); +++ { +++ double d; +++ d=timing(0,NULL); +++ if (d==0) +++ d=0.5; /* can happen if timing uses time() */ +++ bps=(zi->bytes_received-zi->bytes_skipped)/d; +++ } ++ switch (c) { ++ case ZEOF: ++ if (Verbose > 1 ++@@ -1794,12 +1828,6 @@ ++ || enable_syslog ++ #endif ++ ) { ++- double d; ++- long bps; ++- d=timing(0,NULL); ++- if (d==0) ++- d=0.5; /* can happen if timing uses time() */ ++- bps=(zi->bytes_received-zi->bytes_skipped)/d; ++ if (Verbose > 1) { ++ vstringf( ++ _("\rBytes received: %7ld/%7ld BPS:%-6ld \r\n"), ++@@ -1807,6 +1835,8 @@ ++ } ++ DO_SYSLOG_FNAME((LOG_INFO, "%s/%s: %ld Bytes, %ld BPS",shortname, ++ protname(), (long) zi->bytes_total,bps)); +++ if (dszlogpath) dszlog(dszlogpath, 'z', zi->bytes_received, +++ zi->fname, bps, errors, 0, 0); ++ } ++ /* FALL THROUGH */ ++ case ZSKIP: ++@@ -1815,6 +1845,8 @@ ++ if (Verbose) ++ vstringf(_("Skipped")); ++ DO_SYSLOG_FNAME((LOG_INFO, "%s/%s: skipped",shortname,protname())); +++ if (dszlogpath) dszlog(dszlogpath, 'E', zi->bytes_received, +++ zi->fname, bps, errors, 0, 0); ++ } ++ switch (tryz()) { ++ case ZCOMPL: ++@@ -1829,6 +1861,8 @@ ++ return c; ++ case ERROR: ++ DO_SYSLOG_FNAME((LOG_INFO, "%s/%s: error",shortname,protname())); +++ if (dszlogpath) dszlog(dszlogpath, 'E', zi->bytes_received, +++ zi->fname, bps, errors, 0, 0); ++ return ERROR; ++ } ++ } ++diff -ur lrzsz-0.12.21/src/lsyslog.c newlrzsz/src/lsyslog.c ++--- lrzsz-0.12.21/src/lsyslog.c 1998-12-29 11:27:55.000000000 -0600 +++++ newlrzsz/src/lsyslog.c 2003-08-21 16:47:53.000000000 -0500 ++@@ -26,6 +26,8 @@ ++ #include <string.h> ++ #endif ++ +++#include <stdio.h> +++ ++ #if __STDC__ ++ # include <stdarg.h> ++ # define VA_START(args, lastarg) va_start(args, lastarg) ++@@ -79,3 +81,23 @@ ++ #endif ++ } ++ +++void dszlog(char *logname, char status, unsigned long num_bytes, char *fname, +++ int cps, int retry_events, int flow_events, int blocksize) { +++ +++ FILE *mylog; +++ if ((mylog = fopen(logname, "a"))) { +++ fprintf(mylog, "%c %6ld %5ld bps %4ld cps %3d errors %5u %4d %s %ld\r\n", +++ status, +++ num_bytes, +++ cps*8, /* XXX where to get DTE from? */ +++ cps, +++ retry_events, +++ flow_events, /* XXX where is flow_control? */ +++ blocksize, +++ fname, +++ -1 /* serial number */ +++ ); +++ fclose(mylog); +++ } +++} +++ ++diff -ur lrzsz-0.12.21/src/lsz.c newlrzsz/src/lsz.c ++--- lrzsz-0.12.21/src/lsz.c 2003-08-21 16:22:01.000000000 -0500 +++++ newlrzsz/src/lsz.c 2003-08-21 17:02:18.000000000 -0500 ++@@ -59,6 +59,8 @@ ++ extern int errno; ++ #endif ++ +++char *dszlogpath; +++ ++ unsigned Baudrate=2400; /* Default, should be set by first mode() call */ ++ unsigned Txwindow; /* Control the size of the transmitted window */ ++ unsigned Txwspac; /* Spacing between zcrcq requests */ ++@@ -223,6 +225,9 @@ ++ canit(STDOUT_FILENO); ++ fflush (stdout); ++ io_mode (io_mode_fd,0); +++ if (dszlogpath) { +++ dszlog(dszlogpath, 'L', 0, 0, 0, errors, 0, 0); +++ } ++ if (n == 99) ++ error (0, 0, _ ("io_mode(,2) in rbsb.c not implemented\n")); ++ else ++@@ -332,6 +337,14 @@ ++ } ++ if ((cp=getenv("ZMODEM_RESTRICTED"))!=NULL) ++ Restricted=1; +++ +++ dszlogpath = getenv("DSZLOG"); +++ if (access(dszlogpath, F_OK) == 0) { +++ if (unlink(dszlogpath) != 0) { +++ perror("unlink dszlog"); +++ } +++ } +++ ++ from_cu(); ++ chkinvok(argv[0]); ++ ++@@ -1113,6 +1126,12 @@ ++ if (enable_syslog) ++ lsyslog(LOG_INFO, _("%s/%s: error occured"),protname(),shortname); ++ #endif +++ if (dszlogpath) { +++ double d = timing(0,NULL); +++ dszlog(dszlogpath, 'E', zi.bytes_sent, zi.fname, +++ zi.bytes_sent/((d) ? d : 0.5), +++ errors, 0, blklen); +++ } ++ return ERROR; ++ case ZSKIP: ++ error(0,0, _("skipped: %s"),name); ++@@ -1120,6 +1139,13 @@ ++ if (enable_syslog) ++ lsyslog(LOG_INFO, _("%s/%s: skipped"),protname(),shortname); ++ #endif +++ if (dszlogpath) { +++ double d = timing(0,NULL); +++ /* XXX is Zmodem skip really deserving a 'E' ? */ +++ dszlog(dszlogpath, 'E', zi.bytes_sent, zi.fname, +++ zi.bytes_sent/((d) ? d : 0.5), +++ errors, 0, blklen); +++ } ++ return OK; ++ } ++ if (!zmodem_requested && wctx(&zi)==ERROR) ++@@ -1128,12 +1154,18 @@ ++ if (enable_syslog) ++ lsyslog(LOG_INFO, _("%s/%s: error occured"),protname(),shortname); ++ #endif +++ if (dszlogpath) { +++ double d = timing(0,NULL); +++ dszlog(dszlogpath, 'E', zi.bytes_sent, zi.fname, +++ zi.bytes_sent/((d) ? d : 0.5), +++ errors, 0, blklen); +++ } ++ return ERROR; ++ } ++ if (Unlinkafter) ++ unlink(oname); ++ ++- if (Verbose > 1 +++ if (Verbose > 1 || dszlogpath ++ #ifdef ENABLE_SYSLOG ++ || enable_syslog ++ #endif ++@@ -1152,6 +1184,11 @@ ++ lsyslog(LOG_INFO, "%s/%s: %ld Bytes, %ld BPS",shortname, ++ protname(), (long) zi.bytes_sent,bps); ++ #endif +++ if (dszlogpath) { +++ char whichprot = (protocol==ZM_ZMODEM)? 'Z' : 'S'; +++ dszlog(dszlogpath, whichprot, zi.bytes_sent, +++ zi.fname, bps, errors, 0, blklen); +++ } ++ } ++ return 0; ++ } +--- lrzsz-0.12.21.orig/debian/patches/include.diff ++++ lrzsz-0.12.21/debian/patches/include.diff +@@ -0,0 +1,20 @@ ++--- lrzsz-0.12.21.orig/lib/long-options.c +++++ lrzsz-0.12.21/lib/long-options.c ++@@ -22,6 +22,7 @@ ++ #endif ++ ++ #include <stdio.h> +++#include <stdlib.h> ++ #include <getopt.h> ++ #include "long-options.h" ++ ++--- lrzsz-0.12.21.orig/src/lsyslog.c +++++ lrzsz-0.12.21/src/lsyslog.c ++@@ -22,6 +22,7 @@ ++ #ifdef ENABLE_SYSLOG ++ #include "zglobal.h" ++ #include <pwd.h> +++#include <stdio.h> ++ #include <stdlib.h> ++ #include <string.h> ++ #endif +--- lrzsz-0.12.21.orig/debian/patches/mantypos.diff ++++ lrzsz-0.12.21/debian/patches/mantypos.diff +@@ -0,0 +1,49 @@ ++--- lrzsz-0.12.21.orig/man/lsz.1 +++++ lrzsz-0.12.21/man/lsz.1 ++@@ -247,7 +247,7 @@ ++ Escape all control characters; ++ normally XON, XOFF, DLE, CR-@-CR, and Ctrl-X are escaped. ++ .TP ++-.B"-E, --rename" +++.B "-E, --rename" ++ Force the sender to rename the new file if a file with the same ++ name already exists. ++ .TP ++@@ -265,7 +265,7 @@ ++ .TP ++ .B "-i COMMAND, --immediate-command COMMAND" ++ Send COMMAND to the receiver for execution, return immediately ++-upon the receiving program's successful recption of the command. +++upon the receiving program's successful reception of the command. ++ .TP ++ .B "-k, --1k" ++ (XMODEM/YMODEM) Send files using 1024 byte blocks ++@@ -509,7 +509,7 @@ ++ .RB ( \-a ) ++ to end of line conventions appropriate to the receiving environment. ++ With ZMODEM AutoDownload enabled, Professional-YAM and ZCOMM ++-will automatically recieve +++will automatically receive ++ the files after performing a security check. ++ ++ .br ++@@ -592,8 +592,8 @@ ++ the source file. ++ .SH "VMS VERSION" ++ The VMS version does not support wild cards. ++-Because of VMS DCL, upper case option letters muse be represented ++-by \\ proceding the letter. +++Because of VMS DCL, upper case option letters must be represented +++by \\ preceding the letter. ++ ++ The current VMS version does not support XMODEM, XMODEM-1k, or YMODEM. ++ ++@@ -682,7 +682,7 @@ ++ The test mode leaves a zero length file on the receiving system. ++ ++ A few high speed modems have a firmware bug that drops characters when the ++-direction of high speed transmissson is reversed. +++direction of high speed transmission is reversed. ++ The environment variable ZNULLS may be used to specify the number of nulls to ++ send before a ZDATA frame. ++ Values of 101 for a 4.77 mHz PC and 124 for an AT are typical. +--- lrzsz-0.12.21.orig/debian/patches/strstr.diff ++++ lrzsz-0.12.21/debian/patches/strstr.diff +@@ -0,0 +1,20 @@ ++--- lrzsz-0.12.21.orig/src/lrz.c +++++ lrzsz-0.12.21/src/lrz.c ++@@ -44,7 +44,6 @@ ++ #ifndef STRICT_PROTOTYPES ++ extern time_t time(); ++ extern char *strerror(); ++-extern char *strstr(); ++ #endif ++ ++ #ifndef HAVE_ERRNO_DECLARATION ++--- lrzsz-0.12.21.orig/src/lsz.c +++++ lrzsz-0.12.21/src/lsz.c ++@@ -53,7 +53,6 @@ ++ #ifndef STRICT_PROTOTYPES ++ extern time_t time(); ++ extern char *strerror(); ++-extern char *strstr(); ++ #endif ++ ++ #ifndef HAVE_ERRNO_DECLARATION +--- lrzsz-0.12.21.orig/debian/patches/build.diff ++++ lrzsz-0.12.21/debian/patches/build.diff +@@ -0,0 +1,2115 @@ ++--- lrzsz-0.12.21.orig/Makefile.in +++++ lrzsz-0.12.21/Makefile.in ++@@ -1,4 +1,4 @@ ++-# Makefile.in generated automatically by automake 1.4a from Makefile.am +++# Makefile.in generated automatically by automake 1.4 from Makefile.am ++ ++ # Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. ++ # This Makefile.in is free software; the Free Software Foundation ++@@ -46,10 +46,9 @@ ++ AUTOHEADER = @AUTOHEADER@ ++ ++ INSTALL = @INSTALL@ ++-INSTALL_PROGRAM = @INSTALL_PROGRAM@ +++INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) ++ INSTALL_DATA = @INSTALL_DATA@ ++ INSTALL_SCRIPT = @INSTALL_SCRIPT@ ++-INSTALL_STRIP_FLAG = ++ transform = @program_transform_name@ ++ ++ NORMAL_INSTALL = : ++@@ -106,13 +105,13 @@ ++ ++ DIST_COMMON = README ./stamp-h.in ABOUT-NLS AUTHORS COPYING ChangeLog \ ++ INSTALL Makefile.am Makefile.in NEWS Specfile.in THANKS TODO acconfig.h \ ++-acinclude.m4 aclocal.m4 config.guess config.h.in configure configure.in \ ++-install-sh missing mkinstalldirs systype.in +++acinclude.m4 aclocal.m4 config.guess config.h.in config.sub configure \ +++configure.in install-sh missing mkinstalldirs systype.in ++ ++ ++ DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) ++ ++-TAR = gtar +++TAR = tar ++ GZIP_ENV = --best ++ all: all-redirect ++ .SUFFIXES: ++@@ -298,7 +297,7 @@ ++ @for file in $(DISTFILES); do \ ++ d=$(srcdir); \ ++ if test -d $$d/$$file; then \ ++- cp -pr $$d/$$file $(distdir)/$$file; \ +++ cp -pr $$/$$file $(distdir)/$$file; \ ++ else \ ++ test -f $(distdir)/$$file \ ++ || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ ++@@ -340,7 +339,7 @@ ++ all-am: Makefile $(SCRIPTS) config.h ++ all-redirect: all-recursive-am ++ install-strip: ++- $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install +++ $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install ++ installdirs: installdirs-recursive ++ installdirs-am: ++ ++--- lrzsz-0.12.21.orig/aclocal.m4 +++++ lrzsz-0.12.21/aclocal.m4 ++@@ -1,4 +1,4 @@ ++-dnl aclocal.m4 generated automatically by aclocal 1.4a +++dnl aclocal.m4 generated automatically by aclocal 1.4 ++ ++ dnl Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. ++ dnl This file is free software; the Free Software Foundation ++@@ -117,8 +117,6 @@ ++ ++ AC_DEFUN(AM_INIT_AUTOMAKE, ++ [AC_REQUIRE([AC_PROG_INSTALL]) ++-dnl We require 2.13 because we rely on SHELL being computed by configure. ++-AC_PREREQ([2.13]) ++ PACKAGE=[$1] ++ AC_SUBST(PACKAGE) ++ VERSION=[$2] ++--- lrzsz-0.12.21.orig/configure +++++ lrzsz-0.12.21/configure ++@@ -703,7 +703,6 @@ ++ fi ++ ++ ++- ++ PACKAGE=lrzsz ++ ++ VERSION=0.12.21rc ++@@ -723,7 +722,7 @@ ++ ++ missing_dir=`cd $ac_aux_dir && pwd` ++ echo $ac_n "checking for working aclocal""... $ac_c" 1>&6 ++-echo "configure:727: checking for working aclocal" >&5 +++echo "configure:726: checking for working aclocal" >&5 ++ # Run test in a subshell; some versions of sh will print an error if ++ # an executable is not found, even if stderr is redirected. ++ # Redirect stdin to placate older versions of autoconf. Sigh. ++@@ -736,7 +735,7 @@ ++ fi ++ ++ echo $ac_n "checking for working autoconf""... $ac_c" 1>&6 ++-echo "configure:740: checking for working autoconf" >&5 +++echo "configure:739: checking for working autoconf" >&5 ++ # Run test in a subshell; some versions of sh will print an error if ++ # an executable is not found, even if stderr is redirected. ++ # Redirect stdin to placate older versions of autoconf. Sigh. ++@@ -749,7 +748,7 @@ ++ fi ++ ++ echo $ac_n "checking for working automake""... $ac_c" 1>&6 ++-echo "configure:753: checking for working automake" >&5 +++echo "configure:752: checking for working automake" >&5 ++ # Run test in a subshell; some versions of sh will print an error if ++ # an executable is not found, even if stderr is redirected. ++ # Redirect stdin to placate older versions of autoconf. Sigh. ++@@ -762,7 +761,7 @@ ++ fi ++ ++ echo $ac_n "checking for working autoheader""... $ac_c" 1>&6 ++-echo "configure:766: checking for working autoheader" >&5 +++echo "configure:765: checking for working autoheader" >&5 ++ # Run test in a subshell; some versions of sh will print an error if ++ # an executable is not found, even if stderr is redirected. ++ # Redirect stdin to placate older versions of autoconf. Sigh. ++@@ -775,7 +774,7 @@ ++ fi ++ ++ echo $ac_n "checking for working makeinfo""... $ac_c" 1>&6 ++-echo "configure:779: checking for working makeinfo" >&5 +++echo "configure:778: checking for working makeinfo" >&5 ++ # Run test in a subshell; some versions of sh will print an error if ++ # an executable is not found, even if stderr is redirected. ++ # Redirect stdin to placate older versions of autoconf. Sigh. ++@@ -926,7 +925,7 @@ ++ # Extract the first word of "gcc", so it can be a program name with args. ++ set dummy gcc; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:930: checking for $ac_word" >&5 +++echo "configure:929: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -956,7 +955,7 @@ ++ # Extract the first word of "cc", so it can be a program name with args. ++ set dummy cc; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:960: checking for $ac_word" >&5 +++echo "configure:959: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -1007,7 +1006,7 @@ ++ # Extract the first word of "cl", so it can be a program name with args. ++ set dummy cl; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:1011: checking for $ac_word" >&5 +++echo "configure:1010: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -1039,7 +1038,7 @@ ++ fi ++ ++ echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works""... $ac_c" 1>&6 ++-echo "configure:1043: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5 +++echo "configure:1042: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5 ++ ++ ac_ext=c ++ # CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. ++@@ -1050,12 +1049,12 @@ ++ ++ cat > conftest.$ac_ext << EOF ++ ++-#line 1054 "configure" +++#line 1053 "configure" ++ #include "confdefs.h" ++ ++ main(){return(0);} ++ EOF ++-if { (eval echo configure:1059: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:1058: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ ac_cv_prog_cc_works=yes ++ # If we can't run a trivial program, we are probably using a cross compiler. ++ if (./conftest; exit) 2>/dev/null; then ++@@ -1081,12 +1080,12 @@ ++ { echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; } ++ fi ++ echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6 ++-echo "configure:1085: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5 +++echo "configure:1084: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5 ++ echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6 ++ cross_compiling=$ac_cv_prog_cc_cross ++ ++ echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6 ++-echo "configure:1090: checking whether we are using GNU C" >&5 +++echo "configure:1089: checking whether we are using GNU C" >&5 ++ if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -1095,7 +1094,7 @@ ++ yes; ++ #endif ++ EOF ++-if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:1099: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then +++if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:1098: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then ++ ac_cv_prog_gcc=yes ++ else ++ ac_cv_prog_gcc=no ++@@ -1114,7 +1113,7 @@ ++ ac_save_CFLAGS="$CFLAGS" ++ CFLAGS= ++ echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6 ++-echo "configure:1118: checking whether ${CC-cc} accepts -g" >&5 +++echo "configure:1117: checking whether ${CC-cc} accepts -g" >&5 ++ if eval "test \"`echo '$''{'ac_cv_prog_cc_g'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -1146,7 +1145,7 @@ ++ fi ++ ++ echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6 ++-echo "configure:1150: checking how to run the C preprocessor" >&5 +++echo "configure:1149: checking how to run the C preprocessor" >&5 ++ # On Suns, sometimes $CPP names a directory. ++ if test -n "$CPP" && test -d "$CPP"; then ++ CPP= ++@@ -1161,13 +1160,13 @@ ++ # On the NeXT, cc -E runs the code through the compiler's parser, ++ # not just through cpp. ++ cat > conftest.$ac_ext <<EOF ++-#line 1165 "configure" +++#line 1164 "configure" ++ #include "confdefs.h" ++ #include <assert.h> ++ Syntax Error ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:1171: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:1170: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ : ++@@ -1178,13 +1177,13 @@ ++ rm -rf conftest* ++ CPP="${CC-cc} -E -traditional-cpp" ++ cat > conftest.$ac_ext <<EOF ++-#line 1182 "configure" +++#line 1181 "configure" ++ #include "confdefs.h" ++ #include <assert.h> ++ Syntax Error ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:1188: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:1187: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ : ++@@ -1195,13 +1194,13 @@ ++ rm -rf conftest* ++ CPP="${CC-cc} -nologo -E" ++ cat > conftest.$ac_ext <<EOF ++-#line 1199 "configure" +++#line 1198 "configure" ++ #include "confdefs.h" ++ #include <assert.h> ++ Syntax Error ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:1205: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:1204: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ : ++@@ -1235,13 +1234,13 @@ ++ fi ++ if test $ac_cv_prog_gcc = yes; then ++ echo $ac_n "checking whether ${CC-cc} needs -traditional""... $ac_c" 1>&6 ++-echo "configure:1239: checking whether ${CC-cc} needs -traditional" >&5 +++echo "configure:1238: checking whether ${CC-cc} needs -traditional" >&5 ++ if eval "test \"`echo '$''{'ac_cv_prog_gcc_traditional'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ ac_pattern="Autoconf.*'x'" ++ cat > conftest.$ac_ext <<EOF ++-#line 1245 "configure" +++#line 1244 "configure" ++ #include "confdefs.h" ++ #include <sgtty.h> ++ Autoconf TIOCGETP ++@@ -1259,7 +1258,7 @@ ++ ++ if test $ac_cv_prog_gcc_traditional = no; then ++ cat > conftest.$ac_ext <<EOF ++-#line 1263 "configure" +++#line 1262 "configure" ++ #include "confdefs.h" ++ #include <termio.h> ++ Autoconf TCGETA ++@@ -1283,7 +1282,7 @@ ++ # Extract the first word of "ranlib", so it can be a program name with args. ++ set dummy ranlib; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:1287: checking for $ac_word" >&5 +++echo "configure:1286: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_prog_RANLIB'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -1311,7 +1310,7 @@ ++ fi ++ ++ echo $ac_n "checking for POSIXized ISC""... $ac_c" 1>&6 ++-echo "configure:1315: checking for POSIXized ISC" >&5 +++echo "configure:1314: checking for POSIXized ISC" >&5 ++ if test -d /etc/conf/kconfig.d && ++ grep _POSIX_VERSION /usr/include/sys/unistd.h >/dev/null 2>&1 ++ then ++@@ -1332,9 +1331,9 @@ ++ fi ++ ++ echo $ac_n "checking for AIX""... $ac_c" 1>&6 ++-echo "configure:1336: checking for AIX" >&5 +++echo "configure:1335: checking for AIX" >&5 ++ cat > conftest.$ac_ext <<EOF ++-#line 1338 "configure" +++#line 1337 "configure" ++ #include "confdefs.h" ++ #ifdef _AIX ++ yes ++@@ -1357,17 +1356,17 @@ ++ ++ ac_safe=`echo "minix/config.h" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for minix/config.h""... $ac_c" 1>&6 ++-echo "configure:1361: checking for minix/config.h" >&5 +++echo "configure:1360: checking for minix/config.h" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 1366 "configure" +++#line 1365 "configure" ++ #include "confdefs.h" ++ #include <minix/config.h> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:1371: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:1370: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -1408,7 +1407,7 @@ ++ ++ ++ echo $ac_n "checking for ${CC-cc} option to accept ANSI C""... $ac_c" 1>&6 ++-echo "configure:1412: checking for ${CC-cc} option to accept ANSI C" >&5 +++echo "configure:1411: checking for ${CC-cc} option to accept ANSI C" >&5 ++ if eval "test \"`echo '$''{'am_cv_prog_cc_stdc'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -1424,7 +1423,7 @@ ++ do ++ CC="$ac_save_CC $ac_arg" ++ cat > conftest.$ac_ext <<EOF ++-#line 1428 "configure" +++#line 1427 "configure" ++ #include "confdefs.h" ++ #include <stdarg.h> ++ #include <stdio.h> ++@@ -1461,7 +1460,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:1465: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:1464: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ am_cv_prog_cc_stdc="$ac_arg"; break ++ else ++@@ -1487,7 +1486,7 @@ ++ ++ ++ echo $ac_n "checking for function prototypes""... $ac_c" 1>&6 ++-echo "configure:1491: checking for function prototypes" >&5 +++echo "configure:1490: checking for function prototypes" >&5 ++ if test "$am_cv_prog_cc_stdc" != no; then ++ echo "$ac_t""yes" 1>&6 ++ cat >> confdefs.h <<\EOF ++@@ -1500,12 +1499,12 @@ ++ U=_ ANSI2KNR=./ansi2knr ++ # Ensure some checks needed by ansi2knr itself. ++ echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6 ++-echo "configure:1504: checking for ANSI C header files" >&5 +++echo "configure:1503: checking for ANSI C header files" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 1509 "configure" +++#line 1508 "configure" ++ #include "confdefs.h" ++ #include <stdlib.h> ++ #include <stdarg.h> ++@@ -1513,7 +1512,7 @@ ++ #include <float.h> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:1517: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:1516: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -1530,7 +1529,7 @@ ++ if test $ac_cv_header_stdc = yes; then ++ # SunOS 4.x string.h does not declare mem*, contrary to ANSI. ++ cat > conftest.$ac_ext <<EOF ++-#line 1534 "configure" +++#line 1533 "configure" ++ #include "confdefs.h" ++ #include <string.h> ++ EOF ++@@ -1548,7 +1547,7 @@ ++ if test $ac_cv_header_stdc = yes; then ++ # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. ++ cat > conftest.$ac_ext <<EOF ++-#line 1552 "configure" +++#line 1551 "configure" ++ #include "confdefs.h" ++ #include <stdlib.h> ++ EOF ++@@ -1569,7 +1568,7 @@ ++ : ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 1573 "configure" +++#line 1572 "configure" ++ #include "confdefs.h" ++ #include <ctype.h> ++ #define ISLOWER(c) ('a' <= (c) && (c) <= 'z') ++@@ -1580,7 +1579,7 @@ ++ exit (0); } ++ ++ EOF ++-if { (eval echo configure:1584: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +++if { (eval echo configure:1583: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null ++ then ++ : ++ else ++@@ -1607,17 +1606,17 @@ ++ do ++ ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 ++-echo "configure:1611: checking for $ac_hdr" >&5 +++echo "configure:1610: checking for $ac_hdr" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 1616 "configure" +++#line 1615 "configure" ++ #include "confdefs.h" ++ #include <$ac_hdr> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:1621: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:1620: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -1646,12 +1645,12 @@ ++ fi ++ ++ echo $ac_n "checking for working const""... $ac_c" 1>&6 ++-echo "configure:1650: checking for working const" >&5 +++echo "configure:1649: checking for working const" >&5 ++ if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 1655 "configure" +++#line 1654 "configure" ++ #include "confdefs.h" ++ ++ int main() { ++@@ -1700,7 +1699,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:1704: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:1703: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ ac_cv_c_const=yes ++ else ++@@ -1721,21 +1720,21 @@ ++ fi ++ ++ echo $ac_n "checking for inline""... $ac_c" 1>&6 ++-echo "configure:1725: checking for inline" >&5 +++echo "configure:1724: checking for inline" >&5 ++ if eval "test \"`echo '$''{'ac_cv_c_inline'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ ac_cv_c_inline=no ++ for ac_kw in inline __inline__ __inline; do ++ cat > conftest.$ac_ext <<EOF ++-#line 1732 "configure" +++#line 1731 "configure" ++ #include "confdefs.h" ++ ++ int main() { ++ } $ac_kw foo() { ++ ; return 0; } ++ EOF ++-if { (eval echo configure:1739: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:1738: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ ac_cv_c_inline=$ac_kw; break ++ else ++@@ -1786,7 +1785,7 @@ ++ esac ++ ++ echo $ac_n "checking for syslog in -lsocket""... $ac_c" 1>&6 ++-echo "configure:1790: checking for syslog in -lsocket" >&5 +++echo "configure:1789: checking for syslog in -lsocket" >&5 ++ ac_lib_var=`echo socket'_'syslog | sed 'y%./+-%__p_%'` ++ if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++@@ -1794,7 +1793,7 @@ ++ ac_save_LIBS="$LIBS" ++ LIBS="-lsocket $LIBS" ++ cat > conftest.$ac_ext <<EOF ++-#line 1798 "configure" +++#line 1797 "configure" ++ #include "confdefs.h" ++ /* Override any gcc2 internal prototype to avoid an error. */ ++ /* We use char because int might match the return type of a gcc2 ++@@ -1805,7 +1804,7 @@ ++ syslog() ++ ; return 0; } ++ EOF ++-if { (eval echo configure:1809: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:1808: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_lib_$ac_lib_var=yes" ++ else ++@@ -1832,108 +1831,14 @@ ++ echo "$ac_t""no" 1>&6 ++ fi ++ ++-echo $ac_n "checking for syslog in -lbe""... $ac_c" 1>&6 ++-echo "configure:1837: checking for syslog in -lbe" >&5 ++-ac_lib_var=`echo be'_'syslog | sed 'y%./+-%__p_%'` ++-if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then ++- echo $ac_n "(cached) $ac_c" 1>&6 ++-else ++- ac_save_LIBS="$LIBS" ++-LIBS="-lbe $LIBS" ++-cat > conftest.$ac_ext <<EOF ++-#line 1845 "configure" ++-#include "confdefs.h" ++-/* Override any gcc2 internal prototype to avoid an error. */ ++-/* We use char because int might match the return type of a gcc2 ++- builtin and then its argument prototype would still apply. */ ++-char syslog(); ++- ++-int main() { ++-syslog() ++-; return 0; } ++-EOF ++-if { (eval echo configure:1856: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++- rm -rf conftest* ++- eval "ac_cv_lib_$ac_lib_var=yes" ++-else ++- echo "configure: failed program was:" >&5 ++- cat conftest.$ac_ext >&5 ++- rm -rf conftest* ++- eval "ac_cv_lib_$ac_lib_var=no" ++-fi ++-rm -f conftest* ++-LIBS="$ac_save_LIBS" ++- ++-fi ++-if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then ++- echo "$ac_t""yes" 1>&6 ++- ac_tr_lib=HAVE_LIB`echo be | sed -e 's/[^a-zA-Z0-9_]/_/g' \ ++- -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` ++- cat >> confdefs.h <<EOF ++-#define $ac_tr_lib 1 ++-EOF ++- ++- LIBS="-lbe $LIBS" ++- ++-else ++- echo "$ac_t""no" 1>&6 ++-fi ++- ++-echo $ac_n "checking for gethostbyname in -lnsl""... $ac_c" 1>&6 ++-echo "configure:1884: checking for gethostbyname in -lnsl" >&5 ++-ac_lib_var=`echo nsl'_'gethostbyname | sed 'y%./+-%__p_%'` ++-if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then ++- echo $ac_n "(cached) $ac_c" 1>&6 ++-else ++- ac_save_LIBS="$LIBS" ++-LIBS="-lnsl $LIBS" ++-cat > conftest.$ac_ext <<EOF ++-#line 1892 "configure" ++-#include "confdefs.h" ++-/* Override any gcc2 internal prototype to avoid an error. */ ++-/* We use char because int might match the return type of a gcc2 ++- builtin and then its argument prototype would still apply. */ ++-char gethostbyname(); ++- ++-int main() { ++-gethostbyname() ++-; return 0; } ++-EOF ++-if { (eval echo configure:1903: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++- rm -rf conftest* ++- eval "ac_cv_lib_$ac_lib_var=yes" ++-else ++- echo "configure: failed program was:" >&5 ++- cat conftest.$ac_ext >&5 ++- rm -rf conftest* ++- eval "ac_cv_lib_$ac_lib_var=no" ++-fi ++-rm -f conftest* ++-LIBS="$ac_save_LIBS" ++- ++-fi ++-if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then ++- echo "$ac_t""yes" 1>&6 ++- ac_tr_lib=HAVE_LIB`echo nsl | sed -e 's/[^a-zA-Z0-9_]/_/g' \ ++- -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` ++- cat >> confdefs.h <<EOF ++-#define $ac_tr_lib 1 ++-EOF ++- ++- LIBS="-lnsl $LIBS" ++- ++-else ++- echo "$ac_t""no" 1>&6 ++-fi ++- ++ ++ echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6 ++-echo "configure:1932: checking for ANSI C header files" >&5 +++echo "configure:1931: checking for ANSI C header files" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 1937 "configure" +++#line 1936 "configure" ++ #include "confdefs.h" ++ #include <stdlib.h> ++ #include <stdarg.h> ++@@ -1941,7 +1846,7 @@ ++ #include <float.h> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:1945: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:1944: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -1958,7 +1863,7 @@ ++ if test $ac_cv_header_stdc = yes; then ++ # SunOS 4.x string.h does not declare mem*, contrary to ANSI. ++ cat > conftest.$ac_ext <<EOF ++-#line 1962 "configure" +++#line 1961 "configure" ++ #include "confdefs.h" ++ #include <string.h> ++ EOF ++@@ -1976,7 +1881,7 @@ ++ if test $ac_cv_header_stdc = yes; then ++ # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. ++ cat > conftest.$ac_ext <<EOF ++-#line 1980 "configure" +++#line 1979 "configure" ++ #include "confdefs.h" ++ #include <stdlib.h> ++ EOF ++@@ -1997,7 +1902,7 @@ ++ : ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2001 "configure" +++#line 2000 "configure" ++ #include "confdefs.h" ++ #include <ctype.h> ++ #define ISLOWER(c) ('a' <= (c) && (c) <= 'z') ++@@ -2008,7 +1913,7 @@ ++ exit (0); } ++ ++ EOF ++-if { (eval echo configure:2012: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +++if { (eval echo configure:2011: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null ++ then ++ : ++ else ++@@ -2035,17 +1940,17 @@ ++ do ++ ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 ++-echo "configure:2039: checking for $ac_hdr" >&5 +++echo "configure:2038: checking for $ac_hdr" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2044 "configure" +++#line 2043 "configure" ++ #include "confdefs.h" ++ #include <$ac_hdr> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:2049: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:2048: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -2076,17 +1981,17 @@ ++ do ++ ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 ++-echo "configure:2080: checking for $ac_hdr" >&5 +++echo "configure:2079: checking for $ac_hdr" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2085 "configure" +++#line 2084 "configure" ++ #include "confdefs.h" ++ #include <$ac_hdr> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:2090: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:2089: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -2116,17 +2021,17 @@ ++ do ++ ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 ++-echo "configure:2120: checking for $ac_hdr" >&5 +++echo "configure:2119: checking for $ac_hdr" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2125 "configure" +++#line 2124 "configure" ++ #include "confdefs.h" ++ #include <$ac_hdr> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:2130: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:2129: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -2156,17 +2061,17 @@ ++ do ++ ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 ++-echo "configure:2160: checking for $ac_hdr" >&5 +++echo "configure:2159: checking for $ac_hdr" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2165 "configure" +++#line 2164 "configure" ++ #include "confdefs.h" ++ #include <$ac_hdr> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:2170: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:2169: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -2196,17 +2101,17 @@ ++ do ++ ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 ++-echo "configure:2200: checking for $ac_hdr" >&5 +++echo "configure:2199: checking for $ac_hdr" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2205 "configure" +++#line 2204 "configure" ++ #include "confdefs.h" ++ #include <$ac_hdr> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:2210: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:2209: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -2234,12 +2139,12 @@ ++ ++ ++ echo $ac_n "checking for size_t""... $ac_c" 1>&6 ++-echo "configure:2238: checking for size_t" >&5 +++echo "configure:2237: checking for size_t" >&5 ++ if eval "test \"`echo '$''{'ac_cv_type_size_t'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2243 "configure" +++#line 2242 "configure" ++ #include "confdefs.h" ++ #include <sys/types.h> ++ #if STDC_HEADERS ++@@ -2267,12 +2172,12 @@ ++ fi ++ ++ echo $ac_n "checking for mode_t""... $ac_c" 1>&6 ++-echo "configure:2271: checking for mode_t" >&5 +++echo "configure:2270: checking for mode_t" >&5 ++ if eval "test \"`echo '$''{'ac_cv_type_mode_t'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2276 "configure" +++#line 2275 "configure" ++ #include "confdefs.h" ++ #include <sys/types.h> ++ #if STDC_HEADERS ++@@ -2300,12 +2205,12 @@ ++ fi ++ ++ echo $ac_n "checking for off_t""... $ac_c" 1>&6 ++-echo "configure:2304: checking for off_t" >&5 +++echo "configure:2303: checking for off_t" >&5 ++ if eval "test \"`echo '$''{'ac_cv_type_off_t'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2309 "configure" +++#line 2308 "configure" ++ #include "confdefs.h" ++ #include <sys/types.h> ++ #if STDC_HEADERS ++@@ -2334,12 +2239,12 @@ ++ ++ ++ echo $ac_n "checking for speed_t""... $ac_c" 1>&6 ++-echo "configure:2338: checking for speed_t" >&5 +++echo "configure:2337: checking for speed_t" >&5 ++ if eval "test \"`echo '$''{'ac_cv_type_speed_t'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2343 "configure" +++#line 2342 "configure" ++ #include "confdefs.h" ++ #include <sys/types.h> ++ #if STDC_HEADERS ++@@ -2389,12 +2294,12 @@ ++ fi ++ ++ echo $ac_n "checking for st_rdev in struct stat""... $ac_c" 1>&6 ++-echo "configure:2393: checking for st_rdev in struct stat" >&5 +++echo "configure:2392: checking for st_rdev in struct stat" >&5 ++ if eval "test \"`echo '$''{'ac_cv_struct_st_rdev'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2398 "configure" +++#line 2397 "configure" ++ #include "confdefs.h" ++ #include <sys/types.h> ++ #include <sys/stat.h> ++@@ -2402,7 +2307,7 @@ ++ struct stat s; s.st_rdev; ++ ; return 0; } ++ EOF ++-if { (eval echo configure:2406: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:2405: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ ac_cv_struct_st_rdev=yes ++ else ++@@ -2423,12 +2328,12 @@ ++ fi ++ ++ echo $ac_n "checking whether time.h and sys/time.h may both be included""... $ac_c" 1>&6 ++-echo "configure:2427: checking whether time.h and sys/time.h may both be included" >&5 +++echo "configure:2426: checking whether time.h and sys/time.h may both be included" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_time'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2432 "configure" +++#line 2431 "configure" ++ #include "confdefs.h" ++ #include <sys/types.h> ++ #include <sys/time.h> ++@@ -2437,7 +2342,7 @@ ++ struct tm *tp; ++ ; return 0; } ++ EOF ++-if { (eval echo configure:2441: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:2440: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ ac_cv_header_time=yes ++ else ++@@ -2459,12 +2364,12 @@ ++ ++ ++ echo $ac_n "checking for socklen_t""... $ac_c" 1>&6 ++-echo "configure:2463: checking for socklen_t" >&5 +++echo "configure:2462: checking for socklen_t" >&5 ++ if eval "test \"`echo '$''{'ac_cv_type_socklen_t'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2468 "configure" +++#line 2467 "configure" ++ #include "confdefs.h" ++ ++ #include "confdefs.h" ++@@ -2480,7 +2385,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:2484: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:2483: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ ac_cv_type_socklen_t=yes ++ else ++@@ -2505,12 +2410,12 @@ ++ fi ++ ++ echo $ac_n "checking whether sys/time.h and sys/select.h may both be included""... $ac_c" 1>&6 ++-echo "configure:2509: checking whether sys/time.h and sys/select.h may both be included" >&5 +++echo "configure:2508: checking whether sys/time.h and sys/select.h may both be included" >&5 ++ if eval "test \"`echo '$''{'lrzsz_cv_header_sys_select'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2514 "configure" +++#line 2513 "configure" ++ #include "confdefs.h" ++ #include <sys/types.h> ++ #include <sys/time.h> ++@@ -2519,7 +2424,7 @@ ++ struct tm *tp; ++ ; return 0; } ++ EOF ++-if { (eval echo configure:2523: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:2522: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ lrzsz_cv_header_sys_select=yes ++ else ++@@ -2540,12 +2445,12 @@ ++ fi ++ ++ echo $ac_n "checking whether struct tm is in sys/time.h or time.h""... $ac_c" 1>&6 ++-echo "configure:2544: checking whether struct tm is in sys/time.h or time.h" >&5 +++echo "configure:2543: checking whether struct tm is in sys/time.h or time.h" >&5 ++ if eval "test \"`echo '$''{'ac_cv_struct_tm'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2549 "configure" +++#line 2548 "configure" ++ #include "confdefs.h" ++ #include <sys/types.h> ++ #include <time.h> ++@@ -2553,7 +2458,7 @@ ++ struct tm *tp; tp->tm_sec; ++ ; return 0; } ++ EOF ++-if { (eval echo configure:2557: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:2556: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ ac_cv_struct_tm=time.h ++ else ++@@ -2575,19 +2480,19 @@ ++ ++ ++ echo $ac_n "checking for errno declaration""... $ac_c" 1>&6 ++-echo "configure:2579: checking for errno declaration" >&5 +++echo "configure:2578: checking for errno declaration" >&5 ++ if eval "test \"`echo '$''{'lrzsz_cv_decl_errno'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2584 "configure" +++#line 2583 "configure" ++ #include "confdefs.h" ++ #include <errno.h> ++ int main() { ++ int i = errno; errno = 1; ++ ; return 0; } ++ EOF ++-if { (eval echo configure:2591: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:2590: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ lrzsz_cv_decl_errno=yes ++ else ++@@ -2610,7 +2515,7 @@ ++ ++ if test $cross_compiling = no ; then ++ echo $ac_n "checking whether setvbuf arguments are reversed""... $ac_c" 1>&6 ++-echo "configure:2614: checking whether setvbuf arguments are reversed" >&5 +++echo "configure:2613: checking whether setvbuf arguments are reversed" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_setvbuf_reversed'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -2618,7 +2523,7 @@ ++ { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; } ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2622 "configure" +++#line 2621 "configure" ++ #include "confdefs.h" ++ #include <stdio.h> ++ /* If setvbuf has the reversed format, exit 0. */ ++@@ -2632,7 +2537,7 @@ ++ exit(0); /* Non-reversed systems segv here. */ ++ } ++ EOF ++-if { (eval echo configure:2636: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +++if { (eval echo configure:2635: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null ++ then ++ ac_cv_func_setvbuf_reversed=yes ++ else ++@@ -2657,12 +2562,12 @@ ++ ++ fi ++ echo $ac_n "checking return type of signal handlers""... $ac_c" 1>&6 ++-echo "configure:2661: checking return type of signal handlers" >&5 +++echo "configure:2660: checking return type of signal handlers" >&5 ++ if eval "test \"`echo '$''{'ac_cv_type_signal'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2666 "configure" +++#line 2665 "configure" ++ #include "confdefs.h" ++ #include <sys/types.h> ++ #include <signal.h> ++@@ -2679,7 +2584,7 @@ ++ int i; ++ ; return 0; } ++ EOF ++-if { (eval echo configure:2683: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:2682: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ ac_cv_type_signal=void ++ else ++@@ -2701,17 +2606,17 @@ ++ do ++ ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 ++-echo "configure:2705: checking for $ac_hdr" >&5 +++echo "configure:2704: checking for $ac_hdr" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2710 "configure" +++#line 2709 "configure" ++ #include "confdefs.h" ++ #include <$ac_hdr> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:2715: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:2714: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -2740,12 +2645,12 @@ ++ for ac_func in getpagesize ++ do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:2744: checking for $ac_func" >&5 +++echo "configure:2743: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2749 "configure" +++#line 2748 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -2768,7 +2673,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:2772: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:2771: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -2793,7 +2698,7 @@ ++ done ++ ++ echo $ac_n "checking for working mmap""... $ac_c" 1>&6 ++-echo "configure:2797: checking for working mmap" >&5 +++echo "configure:2796: checking for working mmap" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_mmap_fixed_mapped'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -2801,7 +2706,7 @@ ++ ac_cv_func_mmap_fixed_mapped=no ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2805 "configure" +++#line 2804 "configure" ++ #include "confdefs.h" ++ ++ /* Thanks to Mike Haertel and Jim Avera for this test. ++@@ -2941,7 +2846,7 @@ ++ } ++ ++ EOF ++-if { (eval echo configure:2945: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +++if { (eval echo configure:2944: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null ++ then ++ ac_cv_func_mmap_fixed_mapped=yes ++ else ++@@ -2966,19 +2871,19 @@ ++ # The Ultrix 4.2 mips builtin alloca declared by alloca.h only works ++ # for constant arguments. Useless! ++ echo $ac_n "checking for working alloca.h""... $ac_c" 1>&6 ++-echo "configure:2970: checking for working alloca.h" >&5 +++echo "configure:2969: checking for working alloca.h" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_alloca_h'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2975 "configure" +++#line 2974 "configure" ++ #include "confdefs.h" ++ #include <alloca.h> ++ int main() { ++ char *p = alloca(2 * sizeof(int)); ++ ; return 0; } ++ EOF ++-if { (eval echo configure:2982: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:2981: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ ac_cv_header_alloca_h=yes ++ else ++@@ -2999,12 +2904,12 @@ ++ fi ++ ++ echo $ac_n "checking for alloca""... $ac_c" 1>&6 ++-echo "configure:3003: checking for alloca" >&5 +++echo "configure:3002: checking for alloca" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_alloca_works'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3008 "configure" +++#line 3007 "configure" ++ #include "confdefs.h" ++ ++ #ifdef __GNUC__ ++@@ -3032,7 +2937,7 @@ ++ char *p = (char *) alloca(1); ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3036: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3035: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ ac_cv_func_alloca_works=yes ++ else ++@@ -3064,12 +2969,12 @@ ++ ++ ++ echo $ac_n "checking whether alloca needs Cray hooks""... $ac_c" 1>&6 ++-echo "configure:3068: checking whether alloca needs Cray hooks" >&5 +++echo "configure:3067: checking whether alloca needs Cray hooks" >&5 ++ if eval "test \"`echo '$''{'ac_cv_os_cray'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3073 "configure" +++#line 3072 "configure" ++ #include "confdefs.h" ++ #if defined(CRAY) && ! defined(CRAY2) ++ webecray ++@@ -3094,12 +2999,12 @@ ++ if test $ac_cv_os_cray = yes; then ++ for ac_func in _getb67 GETB67 getb67; do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:3098: checking for $ac_func" >&5 +++echo "configure:3097: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3103 "configure" +++#line 3102 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -3122,7 +3027,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3126: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3125: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -3149,7 +3054,7 @@ ++ fi ++ ++ echo $ac_n "checking stack direction for C alloca""... $ac_c" 1>&6 ++-echo "configure:3153: checking stack direction for C alloca" >&5 +++echo "configure:3152: checking stack direction for C alloca" >&5 ++ if eval "test \"`echo '$''{'ac_cv_c_stack_direction'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -3157,7 +3062,7 @@ ++ ac_cv_c_stack_direction=0 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3161 "configure" +++#line 3160 "configure" ++ #include "confdefs.h" ++ find_stack_direction () ++ { ++@@ -3176,7 +3081,7 @@ ++ exit (find_stack_direction() < 0); ++ } ++ EOF ++-if { (eval echo configure:3180: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +++if { (eval echo configure:3179: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null ++ then ++ ac_cv_c_stack_direction=1 ++ else ++@@ -3198,7 +3103,7 @@ ++ fi ++ ++ cat > conftest.$ac_ext <<EOF ++-#line 3202 "configure" +++#line 3201 "configure" ++ #include "confdefs.h" ++ #include <utime.h> ++ EOF ++@@ -3216,12 +3121,12 @@ ++ for ac_func in gettimeofday settimeofday ++ do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:3220: checking for $ac_func" >&5 +++echo "configure:3219: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3225 "configure" +++#line 3224 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -3244,7 +3149,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3248: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3247: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -3271,12 +3176,12 @@ ++ for ac_func in strchr memcpy select vprintf ++ do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:3275: checking for $ac_func" >&5 +++echo "configure:3274: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3280 "configure" +++#line 3279 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -3299,7 +3204,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3303: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3302: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -3326,12 +3231,12 @@ ++ for ac_func in times rdchk utime syslog siginterrupt ++ do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:3330: checking for $ac_func" >&5 +++echo "configure:3329: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3335 "configure" +++#line 3334 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -3354,7 +3259,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3358: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3357: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -3381,12 +3286,12 @@ ++ for ac_func in mkdir mktime strerror strstr strdup strtoul strtol strpbrk ++ do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:3385: checking for $ac_func" >&5 +++echo "configure:3384: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3390 "configure" +++#line 3389 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -3409,7 +3314,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3413: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3412: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -3438,12 +3343,12 @@ ++ for ac_func in stpcpy strftime vasprintf ++ do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:3442: checking for $ac_func" >&5 +++echo "configure:3441: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3447 "configure" +++#line 3446 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -3466,7 +3371,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3470: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3469: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -3494,12 +3399,12 @@ ++ ++ ++ echo $ac_n "checking for getopt_long""... $ac_c" 1>&6 ++-echo "configure:3498: checking for getopt_long" >&5 +++echo "configure:3497: checking for getopt_long" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_getopt_long'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3503 "configure" +++#line 3502 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char getopt_long(); below. */ ++@@ -3522,7 +3427,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3526: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3525: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_getopt_long=yes" ++ else ++@@ -3552,12 +3457,12 @@ ++ ++ ++ echo $ac_n "checking for ftime""... $ac_c" 1>&6 ++-echo "configure:3556: checking for ftime" >&5 +++echo "configure:3555: checking for ftime" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_ftime'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3561 "configure" +++#line 3560 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char ftime(); below. */ ++@@ -3580,7 +3485,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3584: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3583: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_ftime=yes" ++ else ++@@ -3595,7 +3500,7 @@ ++ if eval "test \"`echo '$ac_cv_func_'ftime`\" = yes"; then ++ echo "$ac_t""yes" 1>&6 ++ echo $ac_n "checking that ftime works correctly""... $ac_c" 1>&6 ++-echo "configure:3599: checking that ftime works correctly" >&5 +++echo "configure:3598: checking that ftime works correctly" >&5 ++ if eval "test \"`echo '$''{'lrzsz_cv_sys_ftime_ok'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -3603,7 +3508,7 @@ ++ lrzsz_cv_sys_ftime_ok=runtime ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3607 "configure" +++#line 3606 "configure" ++ #include "confdefs.h" ++ ++ #include <sys/types.h> ++@@ -3632,7 +3537,7 @@ ++ } ++ ++ EOF ++-if { (eval echo configure:3636: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +++if { (eval echo configure:3635: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null ++ then ++ lrzsz_cv_sys_ftime_ok=yes ++ else ++@@ -3666,20 +3571,20 @@ ++ ++ ++ echo $ac_n "checking for timezone variable""... $ac_c" 1>&6 ++-echo "configure:3670: checking for timezone variable" >&5 +++echo "configure:3669: checking for timezone variable" >&5 ++ if eval "test \"`echo '$''{'libquark_cv_var_timezone'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ ++ cat > conftest.$ac_ext <<EOF ++-#line 3676 "configure" +++#line 3675 "configure" ++ #include "confdefs.h" ++ #include <time.h> ++ int main() { ++ return(int)(timezone/2); ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3683: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3682: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ libquark_cv_var_timezone=yes ++ else ++@@ -3705,13 +3610,13 @@ ++ : ++ else ++ echo $ac_n "checking for $lookup_facility""... $ac_c" 1>&6 ++-echo "configure:3709: checking for $lookup_facility" >&5 +++echo "configure:3708: checking for $lookup_facility" >&5 ++ if eval "test \"`echo '$''{'lrzsz_cv_lookup_facility'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ ++ cat > conftest.$ac_ext <<EOF ++-#line 3715 "configure" +++#line 3714 "configure" ++ #include "confdefs.h" ++ ++ #ifdef HAVE_SYSLOG_H ++@@ -3763,17 +3668,17 @@ ++ do ++ ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 ++-echo "configure:3767: checking for $ac_hdr" >&5 +++echo "configure:3766: checking for $ac_hdr" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3772 "configure" +++#line 3771 "configure" ++ #include "confdefs.h" ++ #include <$ac_hdr> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:3777: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:3776: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -3803,12 +3708,12 @@ ++ strdup __argz_count __argz_stringify __argz_next ++ do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:3807: checking for $ac_func" >&5 +++echo "configure:3806: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3812 "configure" +++#line 3811 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -3831,7 +3736,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3835: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3834: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -3860,12 +3765,12 @@ ++ for ac_func in stpcpy ++ do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:3864: checking for $ac_func" >&5 +++echo "configure:3863: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3869 "configure" +++#line 3868 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -3888,7 +3793,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3892: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3891: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -3922,19 +3827,19 @@ ++ ++ if test $ac_cv_header_locale_h = yes; then ++ echo $ac_n "checking for LC_MESSAGES""... $ac_c" 1>&6 ++-echo "configure:3926: checking for LC_MESSAGES" >&5 +++echo "configure:3925: checking for LC_MESSAGES" >&5 ++ if eval "test \"`echo '$''{'am_cv_val_LC_MESSAGES'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3931 "configure" +++#line 3930 "configure" ++ #include "confdefs.h" ++ #include <locale.h> ++ int main() { ++ return LC_MESSAGES ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3938: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3937: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ am_cv_val_LC_MESSAGES=yes ++ else ++@@ -3955,7 +3860,7 @@ ++ fi ++ fi ++ echo $ac_n "checking whether NLS is requested""... $ac_c" 1>&6 ++-echo "configure:3959: checking whether NLS is requested" >&5 +++echo "configure:3958: checking whether NLS is requested" >&5 ++ # Check whether --enable-nls or --disable-nls was given. ++ if test "${enable_nls+set}" = set; then ++ enableval="$enable_nls" ++@@ -3975,7 +3880,7 @@ ++ EOF ++ ++ echo $ac_n "checking whether included gettext is requested""... $ac_c" 1>&6 ++-echo "configure:3979: checking whether included gettext is requested" >&5 +++echo "configure:3978: checking whether included gettext is requested" >&5 ++ # Check whether --with-included-gettext or --without-included-gettext was given. ++ if test "${with_included_gettext+set}" = set; then ++ withval="$with_included_gettext" ++@@ -3994,17 +3899,17 @@ ++ ++ ac_safe=`echo "libintl.h" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for libintl.h""... $ac_c" 1>&6 ++-echo "configure:3998: checking for libintl.h" >&5 +++echo "configure:3997: checking for libintl.h" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 4003 "configure" +++#line 4002 "configure" ++ #include "confdefs.h" ++ #include <libintl.h> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:4008: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:4007: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -4021,19 +3926,19 @@ ++ if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then ++ echo "$ac_t""yes" 1>&6 ++ echo $ac_n "checking for gettext in libc""... $ac_c" 1>&6 ++-echo "configure:4025: checking for gettext in libc" >&5 +++echo "configure:4024: checking for gettext in libc" >&5 ++ if eval "test \"`echo '$''{'gt_cv_func_gettext_libc'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 4030 "configure" +++#line 4029 "configure" ++ #include "confdefs.h" ++ #include <libintl.h> ++ int main() { ++ return (int) gettext ("") ++ ; return 0; } ++ EOF ++-if { (eval echo configure:4037: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:4036: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ gt_cv_func_gettext_libc=yes ++ else ++@@ -4049,7 +3954,7 @@ ++ ++ if test "$gt_cv_func_gettext_libc" != "yes"; then ++ echo $ac_n "checking for bindtextdomain in -lintl""... $ac_c" 1>&6 ++-echo "configure:4053: checking for bindtextdomain in -lintl" >&5 +++echo "configure:4052: checking for bindtextdomain in -lintl" >&5 ++ ac_lib_var=`echo intl'_'bindtextdomain | sed 'y%./+-%__p_%'` ++ if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++@@ -4057,7 +3962,7 @@ ++ ac_save_LIBS="$LIBS" ++ LIBS="-lintl $LIBS" ++ cat > conftest.$ac_ext <<EOF ++-#line 4061 "configure" +++#line 4060 "configure" ++ #include "confdefs.h" ++ /* Override any gcc2 internal prototype to avoid an error. */ ++ /* We use char because int might match the return type of a gcc2 ++@@ -4068,7 +3973,7 @@ ++ bindtextdomain() ++ ; return 0; } ++ EOF ++-if { (eval echo configure:4072: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:4071: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_lib_$ac_lib_var=yes" ++ else ++@@ -4084,12 +3989,12 @@ ++ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then ++ echo "$ac_t""yes" 1>&6 ++ echo $ac_n "checking for gettext in libintl""... $ac_c" 1>&6 ++-echo "configure:4088: checking for gettext in libintl" >&5 +++echo "configure:4087: checking for gettext in libintl" >&5 ++ if eval "test \"`echo '$''{'gt_cv_func_gettext_libintl'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ echo $ac_n "checking for gettext in -lintl""... $ac_c" 1>&6 ++-echo "configure:4093: checking for gettext in -lintl" >&5 +++echo "configure:4092: checking for gettext in -lintl" >&5 ++ ac_lib_var=`echo intl'_'gettext | sed 'y%./+-%__p_%'` ++ if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++@@ -4097,7 +4002,7 @@ ++ ac_save_LIBS="$LIBS" ++ LIBS="-lintl $LIBS" ++ cat > conftest.$ac_ext <<EOF ++-#line 4101 "configure" +++#line 4100 "configure" ++ #include "confdefs.h" ++ /* Override any gcc2 internal prototype to avoid an error. */ ++ /* We use char because int might match the return type of a gcc2 ++@@ -4108,7 +4013,7 @@ ++ gettext() ++ ; return 0; } ++ EOF ++-if { (eval echo configure:4112: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:4111: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_lib_$ac_lib_var=yes" ++ else ++@@ -4147,7 +4052,7 @@ ++ # Extract the first word of "msgfmt", so it can be a program name with args. ++ set dummy msgfmt; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4151: checking for $ac_word" >&5 +++echo "configure:4150: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_MSGFMT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4181,12 +4086,12 @@ ++ for ac_func in dcgettext ++ do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:4185: checking for $ac_func" >&5 +++echo "configure:4184: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 4190 "configure" +++#line 4189 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -4209,7 +4114,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:4213: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:4212: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -4236,7 +4141,7 @@ ++ # Extract the first word of "gmsgfmt", so it can be a program name with args. ++ set dummy gmsgfmt; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4240: checking for $ac_word" >&5 +++echo "configure:4239: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_GMSGFMT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4272,7 +4177,7 @@ ++ # Extract the first word of "xgettext", so it can be a program name with args. ++ set dummy xgettext; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4276: checking for $ac_word" >&5 +++echo "configure:4275: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_XGETTEXT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4304,7 +4209,7 @@ ++ fi ++ ++ cat > conftest.$ac_ext <<EOF ++-#line 4308 "configure" +++#line 4307 "configure" ++ #include "confdefs.h" ++ ++ int main() { ++@@ -4312,7 +4217,7 @@ ++ return _nl_msg_cat_cntr ++ ; return 0; } ++ EOF ++-if { (eval echo configure:4316: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:4315: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ CATOBJEXT=.gmo ++ DATADIRNAME=share ++@@ -4335,7 +4240,7 @@ ++ ++ if test "$CATOBJEXT" = "NONE"; then ++ echo $ac_n "checking whether catgets can be used""... $ac_c" 1>&6 ++-echo "configure:4339: checking whether catgets can be used" >&5 +++echo "configure:4338: checking whether catgets can be used" >&5 ++ # Check whether --with-catgets or --without-catgets was given. ++ if test "${with_catgets+set}" = set; then ++ withval="$with_catgets" ++@@ -4348,7 +4253,7 @@ ++ ++ if test "$nls_cv_use_catgets" = "yes"; then ++ echo $ac_n "checking for main in -li""... $ac_c" 1>&6 ++-echo "configure:4352: checking for main in -li" >&5 +++echo "configure:4351: checking for main in -li" >&5 ++ ac_lib_var=`echo i'_'main | sed 'y%./+-%__p_%'` ++ if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++@@ -4356,14 +4261,14 @@ ++ ac_save_LIBS="$LIBS" ++ LIBS="-li $LIBS" ++ cat > conftest.$ac_ext <<EOF ++-#line 4360 "configure" +++#line 4359 "configure" ++ #include "confdefs.h" ++ ++ int main() { ++ main() ++ ; return 0; } ++ EOF ++-if { (eval echo configure:4367: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:4366: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_lib_$ac_lib_var=yes" ++ else ++@@ -4391,12 +4296,12 @@ ++ fi ++ ++ echo $ac_n "checking for catgets""... $ac_c" 1>&6 ++-echo "configure:4395: checking for catgets" >&5 +++echo "configure:4394: checking for catgets" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_catgets'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 4400 "configure" +++#line 4399 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char catgets(); below. */ ++@@ -4419,7 +4324,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:4423: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:4422: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_catgets=yes" ++ else ++@@ -4441,7 +4346,7 @@ ++ # Extract the first word of "gencat", so it can be a program name with args. ++ set dummy gencat; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4445: checking for $ac_word" >&5 +++echo "configure:4444: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_GENCAT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4477,7 +4382,7 @@ ++ # Extract the first word of "gmsgfmt", so it can be a program name with args. ++ set dummy gmsgfmt; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4481: checking for $ac_word" >&5 +++echo "configure:4480: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_GMSGFMT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4514,7 +4419,7 @@ ++ # Extract the first word of "msgfmt", so it can be a program name with args. ++ set dummy msgfmt; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4518: checking for $ac_word" >&5 +++echo "configure:4517: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_GMSGFMT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4549,7 +4454,7 @@ ++ # Extract the first word of "xgettext", so it can be a program name with args. ++ set dummy xgettext; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4553: checking for $ac_word" >&5 +++echo "configure:4552: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_XGETTEXT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4607,7 +4512,7 @@ ++ # Extract the first word of "msgfmt", so it can be a program name with args. ++ set dummy msgfmt; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4611: checking for $ac_word" >&5 +++echo "configure:4610: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_MSGFMT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4641,7 +4546,7 @@ ++ # Extract the first word of "gmsgfmt", so it can be a program name with args. ++ set dummy gmsgfmt; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4645: checking for $ac_word" >&5 +++echo "configure:4644: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_GMSGFMT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4677,7 +4582,7 @@ ++ # Extract the first word of "xgettext", so it can be a program name with args. ++ set dummy xgettext; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4681: checking for $ac_word" >&5 +++echo "configure:4680: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_XGETTEXT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4770,7 +4675,7 @@ ++ LINGUAS= ++ else ++ echo $ac_n "checking for catalogs to be installed""... $ac_c" 1>&6 ++-echo "configure:4774: checking for catalogs to be installed" >&5 +++echo "configure:4773: checking for catalogs to be installed" >&5 ++ NEW_LINGUAS= ++ for lang in ${LINGUAS=$ALL_LINGUAS}; do ++ case "$ALL_LINGUAS" in ++@@ -4798,17 +4703,17 @@ ++ if test "$CATOBJEXT" = ".cat"; then ++ ac_safe=`echo "linux/version.h" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for linux/version.h""... $ac_c" 1>&6 ++-echo "configure:4802: checking for linux/version.h" >&5 +++echo "configure:4801: checking for linux/version.h" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 4807 "configure" +++#line 4806 "configure" ++ #include "confdefs.h" ++ #include <linux/version.h> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:4812: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:4811: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++--- lrzsz-0.12.21.orig/lib/Makefile.in +++++ lrzsz-0.12.21/lib/Makefile.in ++@@ -1,4 +1,4 @@ ++-# Makefile.in generated automatically by automake 1.4a from Makefile.am +++# Makefile.in generated automatically by automake 1.4 from Makefile.am ++ ++ # Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. ++ # This Makefile.in is free software; the Free Software Foundation ++@@ -46,10 +46,9 @@ ++ AUTOHEADER = @AUTOHEADER@ ++ ++ INSTALL = @INSTALL@ ++-INSTALL_PROGRAM = @INSTALL_PROGRAM@ +++INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) ++ INSTALL_DATA = @INSTALL_DATA@ ++ INSTALL_SCRIPT = @INSTALL_SCRIPT@ ++-INSTALL_STRIP_FLAG = ++ transform = @program_transform_name@ ++ ++ NORMAL_INSTALL = : ++@@ -127,7 +126,7 @@ ++ ++ DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) ++ ++-TAR = gtar +++TAR = tar ++ GZIP_ENV = --best ++ DEP_FILES = .deps/alloca.P .deps/error.P .deps/getopt.P .deps/getopt1.P \ ++ .deps/long-options.P .deps/mkdir.P .deps/mktime.P .deps/stpcpy.P \ ++@@ -282,7 +281,7 @@ ++ @for file in $(DISTFILES); do \ ++ d=$(srcdir); \ ++ if test -d $$d/$$file; then \ ++- cp -pr $$d/$$file $(distdir)/$$file; \ +++ cp -pr $$/$$file $(distdir)/$$file; \ ++ else \ ++ test -f $(distdir)/$$file \ ++ || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ ++@@ -343,7 +342,7 @@ ++ all-am: Makefile $(ANSI2KNR) $(LIBRARIES) $(HEADERS) ++ all-redirect: all-am ++ install-strip: ++- $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install +++ $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install ++ installdirs: ++ ++ ++--- lrzsz-0.12.21.orig/man/Makefile.in +++++ lrzsz-0.12.21/man/Makefile.in ++@@ -1,4 +1,4 @@ ++-# Makefile.in generated automatically by automake 1.4a from Makefile.am +++# Makefile.in generated automatically by automake 1.4 from Makefile.am ++ ++ # Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. ++ # This Makefile.in is free software; the Free Software Foundation ++@@ -46,10 +46,9 @@ ++ AUTOHEADER = @AUTOHEADER@ ++ ++ INSTALL = @INSTALL@ ++-INSTALL_PROGRAM = @INSTALL_PROGRAM@ +++INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) ++ INSTALL_DATA = @INSTALL_DATA@ ++ INSTALL_SCRIPT = @INSTALL_SCRIPT@ ++-INSTALL_STRIP_FLAG = ++ transform = @program_transform_name@ ++ ++ NORMAL_INSTALL = : ++@@ -106,7 +105,7 @@ ++ ++ DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) ++ ++-TAR = gtar +++TAR = tar ++ GZIP_ENV = --best ++ all: all-redirect ++ .SUFFIXES: ++@@ -173,7 +172,7 @@ ++ @for file in $(DISTFILES); do \ ++ d=$(srcdir); \ ++ if test -d $$d/$$file; then \ ++- cp -pr $$d/$$file $(distdir)/$$file; \ +++ cp -pr $$/$$file $(distdir)/$$file; \ ++ else \ ++ test -f $(distdir)/$$file \ ++ || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ ++@@ -202,7 +201,7 @@ ++ all-am: Makefile $(MANS) ++ all-redirect: all-am ++ install-strip: ++- $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install +++ $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install ++ installdirs: ++ $(mkinstalldirs) $(DESTDIR)$(mandir)/man1 ++ ++--- lrzsz-0.12.21.orig/src/Makefile.in +++++ lrzsz-0.12.21/src/Makefile.in ++@@ -1,4 +1,4 @@ ++-# Makefile.in generated automatically by automake 1.4a from Makefile.am +++# Makefile.in generated automatically by automake 1.4 from Makefile.am ++ ++ # Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. ++ # This Makefile.in is free software; the Free Software Foundation ++@@ -45,10 +45,9 @@ ++ AUTOHEADER = @AUTOHEADER@ ++ ++ INSTALL = @INSTALL@ ++-INSTALL_PROGRAM = @INSTALL_PROGRAM@ +++INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) ++ INSTALL_DATA = @INSTALL_DATA@ ++ INSTALL_SCRIPT = @INSTALL_SCRIPT@ ++-INSTALL_STRIP_FLAG = ++ transform = @program_transform_name@ ++ ++ NORMAL_INSTALL = : ++@@ -132,7 +131,7 @@ ++ ++ DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) ++ ++-TAR = gtar +++TAR = tar ++ GZIP_ENV = --best ++ DEP_FILES = .deps/canit.P .deps/crctab.P .deps/lrz.P .deps/lsyslog.P \ ++ .deps/lsz.P .deps/protname.P .deps/rbsb.P .deps/tcp.P .deps/timing.P \ ++@@ -167,8 +166,8 @@ ++ $(mkinstalldirs) $(DESTDIR)$(bindir) ++ @list='$(bin_PROGRAMS)'; for p in $$list; do \ ++ if test -f $$p; then \ ++- echo " $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \ ++- $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ +++ echo " $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \ +++ $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ ++ else :; fi; \ ++ done ++ ++@@ -292,7 +291,7 @@ ++ @for file in $(DISTFILES); do \ ++ d=$(srcdir); \ ++ if test -d $$d/$$file; then \ ++- cp -pr $$d/$$file $(distdir)/$$file; \ +++ cp -pr $$/$$file $(distdir)/$$file; \ ++ else \ ++ test -f $(distdir)/$$file \ ++ || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ ++@@ -353,7 +352,7 @@ ++ all-am: Makefile $(ANSI2KNR) $(PROGRAMS) $(HEADERS) ++ all-redirect: all-am ++ install-strip: ++- $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install +++ $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install ++ installdirs: ++ $(mkinstalldirs) $(DESTDIR)$(bindir) ++ ++--- lrzsz-0.12.21.orig/testsuite/Makefile.in +++++ lrzsz-0.12.21/testsuite/Makefile.in ++@@ -1,4 +1,4 @@ ++-# Makefile.in generated automatically by automake 1.4a from Makefile.am +++# Makefile.in generated automatically by automake 1.4 from Makefile.am ++ ++ # Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. ++ # This Makefile.in is free software; the Free Software Foundation ++@@ -46,10 +46,9 @@ ++ AUTOHEADER = @AUTOHEADER@ ++ ++ INSTALL = @INSTALL@ ++-INSTALL_PROGRAM = @INSTALL_PROGRAM@ +++INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) ++ INSTALL_DATA = @INSTALL_DATA@ ++ INSTALL_SCRIPT = @INSTALL_SCRIPT@ ++-INSTALL_STRIP_FLAG = ++ transform = @program_transform_name@ ++ ++ NORMAL_INSTALL = : ++@@ -103,7 +102,7 @@ ++ DIST_COMMON = Makefile.am Makefile.in ++ ++ ++-TAR = gtar +++TAR = tar ++ GZIP_ENV = --best ++ EXPECT = expect ++ RUNTEST = runtest ++@@ -133,7 +132,7 @@ ++ @for file in $(DISTFILES); do \ ++ d=$(srcdir); \ ++ if test -d $$d/$$file; then \ ++- cp -pr $$d/$$file $(distdir)/$$file; \ +++ cp -pr $$/$$file $(distdir)/$$file; \ ++ else \ ++ test -f $(distdir)/$$file \ ++ || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ ++@@ -192,7 +191,7 @@ ++ all-am: Makefile ++ all-redirect: all-am ++ install-strip: ++- $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install +++ $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install ++ installdirs: ++ ++ +--- lrzsz-0.12.21.orig/debian/patches/cat-id-tbl.diff ++++ lrzsz-0.12.21/debian/patches/cat-id-tbl.diff +@@ -0,0 +1,118 @@ ++--- lrzsz-0.12.21.orig/po/cat-id-tbl.c +++++ lrzsz-0.12.21/po/cat-id-tbl.c ++@@ -141,22 +141,23 @@ ++ {"\ ++ \n\ ++ countem: Total %d %ld\n", 84}, ++- {"Bad escape sequence %x", 85}, ++- {"Sender Canceled", 86}, ++- {"TIMEOUT", 87}, ++- {"Bad data subpacket", 88}, ++- {"Data subpacket too long", 89}, ++- {"Garbage count exceeded", 90}, ++- {"Got %s", 91}, ++- {"Retry %d: ", 92}, ++- {"don't have settimeofday, will not set time\n", 93}, ++- {"not running as root (this is good!), can not set time\n", 94}, ++- {"bytes_per_error", 95}, ++- {"bytes-per-error should be >100", 96}, ++- {"O_SYNC not supported by the kernel", 97}, ++- {"garbage on commandline", 98}, ++- {"Usage: %s [options] [filename.if.xmodem]\n", 99}, ++- {"Receive files with ZMODEM/YMODEM/XMODEM protocol\n", 100}, +++ {"Bad CRC", 85}, +++ {"Bad escape sequence %x", 86}, +++ {"Sender Canceled", 87}, +++ {"TIMEOUT", 88}, +++ {"Bad data subpacket", 89}, +++ {"Data subpacket too long", 90}, +++ {"Garbage count exceeded", 91}, +++ {"Got %s", 92}, +++ {"Retry %d: ", 93}, +++ {"don't have settimeofday, will not set time\n", 94}, +++ {"not running as root (this is good!), can not set time\n", 95}, +++ {"bytes_per_error", 96}, +++ {"bytes-per-error should be >100", 97}, +++ {"O_SYNC not supported by the kernel", 98}, +++ {"garbage on commandline", 99}, +++ {"Usage: %s [options] [filename.if.xmodem]\n", 100}, +++ {"Receive files with ZMODEM/YMODEM/XMODEM protocol\n", 101}, ++ {"\ ++ -+, --append append to existing files\n\ ++ -a, --ascii ASCII transfer (change CR/LF to LF)\n\ ++@@ -193,41 +194,41 @@ ++ --ymodem use YMODEM protocol\n\ ++ -Z, --zmodem use ZMODEM protocol\n\ ++ \n\ ++-short options use the same arguments as the long ones\n", 101}, ++- {"%s waiting to receive.", 102}, ++- {"\rBytes received: %7ld/%7ld BPS:%-6ld \r\n", 103}, ++- {"%s: ready to receive %s", 104}, ++- {"\rBytes received: %7ld BPS:%-6ld \r\n", 105}, +++short options use the same arguments as the long ones\n", 102}, +++ {"%s waiting to receive.", 103}, +++ {"\rBytes received: %7ld/%7ld BPS:%-6ld \r\n", 104}, +++ {"%s: ready to receive %s", 105}, +++ {"\rBytes received: %7ld BPS:%-6ld \r\n", 106}, ++ {"\ ++ \r\n\ ++-%s: %s removed.\r\n", 106}, ++- {"Pathname fetch returned EOT", 107}, ++- {"Received dup Sector", 108}, ++- {"Sync Error", 109}, ++- {"CRC", 110}, ++- {"Checksum", 111}, ++- {"Sector number garbled", 112}, ++- {"Sender Cancelled", 113}, ++- {"Got 0%o sector header", 114}, ++- {"file name ends with a /, skipped: %s\n", 115}, ++- {"zmanag=%d, Lzmanag=%d\n", 116}, ++- {"zconv=%d\n", 117}, ++- {"file exists, skipped: %s\n", 118}, ++- {"TIMESYNC: here %ld, remote %ld, diff %ld seconds\n", 119}, ++- {"TIMESYNC: cannot set time: %s\n", 120}, ++- {"Topipe", 121}, ++- {"Receiving: %s\n", 122}, ++- {"Blocks received: %d", 123}, ++- {"%s: %s exists\n", 124}, ++- {"%s:\tSecurity Violation", 125}, ++- {"remote command execution requested", 126}, ++- {"not executed", 127}, ++- {"got ZRINIT", 128}, ++- {"Skipped", 129}, ++- {"rzfile: bps rate %ld below min %ld", 130}, ++- {"rzfile: reached stop time", 131}, ++- {"\rBytes received: %7ld/%7ld BPS:%-6ld ETA %02d:%02d ", 132}, ++- {"file close error", 133}, +++%s: %s removed.\r\n", 107}, +++ {"Pathname fetch returned EOT", 108}, +++ {"Received dup Sector", 109}, +++ {"Sync Error", 110}, +++ {"CRC", 111}, +++ {"Checksum", 112}, +++ {"Sector number garbled", 113}, +++ {"Sender Cancelled", 114}, +++ {"Got 0%o sector header", 115}, +++ {"file name ends with a /, skipped: %s\n", 116}, +++ {"zmanag=%d, Lzmanag=%d\n", 117}, +++ {"zconv=%d\n", 118}, +++ {"file exists, skipped: %s\n", 119}, +++ {"TIMESYNC: here %ld, remote %ld, diff %ld seconds\n", 120}, +++ {"TIMESYNC: cannot set time: %s\n", 121}, +++ {"Topipe", 122}, +++ {"Receiving: %s\n", 123}, +++ {"Blocks received: %d", 124}, +++ {"%s: %s exists\n", 125}, +++ {"%s:\tSecurity Violation", 126}, +++ {"remote command execution requested", 127}, +++ {"not executed", 128}, +++ {"got ZRINIT", 129}, +++ {"Skipped", 130}, +++ {"rzfile: bps rate %ld below min %ld", 131}, +++ {"rzfile: reached stop time", 132}, +++ {"\rBytes received: %7ld/%7ld BPS:%-6ld ETA %02d:%02d ", 133}, +++ {"file close error", 134}, ++ }; ++ ++-int _msg_tbl_length = 133; +++int _msg_tbl_length = 134; +--- lrzsz-0.12.21.orig/debian/patches/206499_ymodemg.diff.unchecked ++++ lrzsz-0.12.21/debian/patches/206499_ymodemg.diff.unchecked +@@ -0,0 +1,70 @@ ++--- org/lrz.c 1998-12-29 23:49:24.000000000 -0800 +++++ lrz.c 2003-08-21 15:15:15.000000000 -0700 ++@@ -73,6 +73,7 @@ ++ ++ int Lastrx; ++ int Crcflg; +++int Optiong; ++ int Firstsec; ++ int errors; ++ int Restricted=1; /* restricted; no /.. or ../ in filenames */ ++@@ -211,6 +212,7 @@ ++ {"allow-remote-commands", no_argument, NULL, 'C'}, ++ {"escape", no_argument, NULL, 'e'}, ++ {"rename", no_argument, NULL, 'E'}, +++ {"go", no_argument, NULL, 'g'}, ++ {"help", no_argument, NULL, 'h'}, ++ {"crc-check", no_argument, NULL, 'H'}, ++ {"junk-path", no_argument, NULL, 'j'}, ++@@ -288,7 +290,7 @@ ++ parse_long_options (argc, argv, show_version, usage1); ++ ++ while ((c = getopt_long (argc, argv, ++- "a+bB:cCDeEhm:M:OprRqs:St:uUvw:XZy", +++ "a+bB:cCDeEghm:M:OprRqs:St:uUvw:XZy", ++ long_options, (int *) 0)) != EOF) ++ { ++ unsigned long int tmp; ++@@ -313,6 +315,7 @@ ++ case 'D': Nflag = TRUE; break; ++ case 'E': Lzmanag = ZF1_ZMCHNG; break; ++ case 'e': Zctlesc = 1; break; +++ case 'g': Optiong = 1; break; ++ case 'h': usage(0,NULL); break; ++ case 'H': Lzmanag= ZF1_ZMCRC; break; ++ case 'j': junk_path=TRUE; break; ++@@ -617,6 +620,7 @@ ++ " -e, --escape Escape control characters (Z)\n" ++ " -E, --rename rename any files already existing\n" ++ " --errors N generate CRC error every N bytes (debugging)\n" +++" -g, --go use X/YMODEM-g protocol (with CRC)\n" ++ " -h, --help Help, print this usage message\n" ++ " -m, --min-bps N stop transmission if BPS below N\n" ++ " -M, --min-bps-time N for at least N seconds (default: 120)\n" ++@@ -843,7 +847,7 @@ ++ et_tu: ++ Firstsec=TRUE; ++ zi->eof_seen=FALSE; ++- sendline(Crcflg?WANTCRC:NAK); +++ sendline(Optiong?WANTG:(Crcflg?WANTCRC:NAK)); ++ flushmo(); ++ purgeline(0); /* Do read next time ... */ ++ while ((c = wcgetsec(&Blklen, rpn, 100)) != 0) { ++@@ -875,7 +879,7 @@ ++ ++ Firstsec=TRUE;sectnum=0; ++ zi->eof_seen=FALSE; ++- sendchar=Crcflg?WANTCRC:NAK; +++ sendchar=(Optiong?WANTG:(Crcflg?WANTCRC:NAK)); ++ ++ for (;;) { ++ sendline(sendchar); /* send it now, we're ready! */ ++@@ -1007,7 +1011,7 @@ ++ ; ++ } ++ if (Firstsec) { ++- sendline(Crcflg?WANTCRC:NAK); +++ sendline(Optiong?WANTG:(Crcflg?WANTCRC:NAK)); ++ flushmo(); ++ purgeline(0); /* Do read next time ... */ ++ } else { +--- lrzsz-0.12.21.orig/debian/patches/313992_de_po.diff ++++ lrzsz-0.12.21/debian/patches/313992_de_po.diff +@@ -0,0 +1,650 @@ ++--- lrzsz-0.12.21.orig/po/de.po +++++ lrzsz-0.12.21/po/de.po ++@@ -1,17 +1,18 @@ ++-# german translation of lrzsz output ++-# Copyright (C) 1997 Uwe Ohse ++-# Uwe Ohse <uwe@ohse.de>, 1997. +++# German translation of lrzsz +++# Copyright (C) Uwe Ohse <uwe@ohse.de>, 1997. +++# Copyright (C) Tobias Toedter <t.toedter@gmx.net>, 2005, 2006. ++ # ++ msgid "" ++ msgstr "" ++-"Project-Id-Version: PACKAGE VERSION\n" +++"Project-Id-Version: lrzsz 0.12.21\n" ++ "POT-Creation-Date: 1999-08-22 21:00+0200\n" ++-"PO-Revision-Date: 1997-06-01 19:00+0200\n" ++-"Last-Translator: FULL NAME <uwe@ohse.de>\n" ++-"Language-Team: none. try <uwe@ohse.de>\n" +++"PO-Revision-Date: 2006-01-12 10:23+0100\n" +++"Last-Translator: Tobias Toedter <t.toedter@gmx.net>\n" +++"Language-Team: German <debian-l10n-german@lists.debian.org>\n" ++ "MIME-Version: 1.0\n" ++-"Content-Type: text/plain; charset=iso-8859-1\n" +++"Content-Type: text/plain; charset=UTF-8\n" ++ "Content-Transfer-Encoding: 8bit\n" +++"X-Generator: KBabel 1.10.2\n" ++ ++ #: src/lsz.c:228 ++ msgid "io_mode(,2) in rbsb.c not implemented\n" ++@@ -28,21 +29,21 @@ ++ ++ #: src/lsz.c:422 ++ msgid "packetlength" ++-msgstr "Paketl?nge" +++msgstr "Paketlänge" ++ ++ #: src/lsz.c:427 ++ #, c-format ++ msgid "packetlength out of range 24..%ld" ++-msgstr "Argument der Option L au?erhalb des Bereichs 24..%ld" +++msgstr "Argument der Option L außerhalb des Bereichs 24..%ld" ++ ++ #: src/lsz.c:436 ++ msgid "framelength" ++-msgstr "Framel?nge" +++msgstr "Framelänge" ++ ++ #: src/lsz.c:441 ++ #, c-format ++ msgid "framelength out of range 32..%ld" ++-msgstr "Argument der Option l au?erhalb des Bereichs 32..%ld" +++msgstr "Argument der Option l außerhalb des Bereichs 32..%ld" ++ ++ #: src/lrz.c:318 src/lsz.c:450 ++ msgid "min_bps" ++@@ -50,27 +51,27 @@ ++ ++ #: src/lsz.c:452 ++ msgid "min_bps must be >= 0" ++-msgstr "minimale BPS-Rate mu? >= 0 sein" +++msgstr "minimale BPS-Rate muss >= 0 sein" ++ ++ #: src/lrz.c:324 src/lsz.c:458 ++ msgid "min_bps_time" ++-msgstr "" +++msgstr "Zeitfenster für minimale BPS-Rate" ++ ++ #: src/lrz.c:326 src/lsz.c:460 ++ msgid "min_bps_time must be > 1" ++-msgstr "Zeitfenster f?r minimale BPS-Rate mu? > 1 Sekunde sein" +++msgstr "Zeitfenster für minimale BPS-Rate muss > 1 Sekunde sein" ++ ++ #: src/lrz.c:342 src/lsz.c:484 ++ msgid "hour to large (0..23)" ++-msgstr "Stunde zu gross (0..23)" +++msgstr "Stunde zu groß (0..23)" ++ ++ #: src/lrz.c:344 src/lsz.c:486 ++ msgid "unparsable stop time\n" ++-msgstr "unparsbare Endzeit\n" +++msgstr "Endzeit nicht auszuwerten\n" ++ ++ #: src/lrz.c:348 src/lsz.c:490 ++ msgid "minute to large (0..59)" ++-msgstr "Minute zu gro? (0..59)" +++msgstr "Minute zu groß (0..59)" ++ ++ #: src/lrz.c:358 src/lrz.c:365 src/lsz.c:500 src/lsz.c:507 ++ msgid "stop time to small" ++@@ -78,7 +79,7 @@ ++ ++ #: src/lrz.c:363 src/lsz.c:505 ++ msgid "stop-at" ++-msgstr "" +++msgstr "Stopp um" ++ ++ #: src/lrz.c:394 src/lsz.c:516 ++ msgid "timeout" ++@@ -86,15 +87,15 @@ ++ ++ #: src/lrz.c:396 src/lsz.c:518 ++ msgid "timeout out of range 10..1000" ++-msgstr "Argument der Option t au?erhalb des Bereichs 10..1000" +++msgstr "Argument der Option t außerhalb des Bereichs 10..1000" ++ ++ #: src/lrz.c:412 src/lsz.c:526 ++ msgid "security violation: can't do that under restricted shell\n" ++-msgstr "Sicherheitsversto?: Ausf?hrung unter eingeschr?nkter Shell verboten\n" +++msgstr "Sicherheitsverstoß: Ausführung unter eingeschränkter Shell verboten\n" ++ ++ #: src/lrz.c:402 src/lsz.c:533 ++ msgid "window size" ++-msgstr "Fenstergr??e" +++msgstr "Fenstergröße" ++ ++ #: src/lrz.c:427 src/lrz.c:434 src/lsz.c:556 src/lsz.c:563 ++ msgid "cannot turnoff syslog" ++@@ -102,7 +103,7 @@ ++ ++ #: src/lrz.c:449 src/lsz.c:571 ++ msgid "startup delay" ++-msgstr "Startverz?gerung" +++msgstr "Startverzögerung" ++ ++ #: src/lrz.c:465 src/lrz.c:483 src/lrz.c:760 src/lrz.c:1122 src/lrz.c:1244 ++ #: src/lrz.c:1292 src/lrz.c:1309 src/lrz.c:1324 src/lrz.c:1423 src/lsz.c:580 ++@@ -117,11 +118,11 @@ ++ ++ #: src/lsz.c:612 src/lsz.c:627 ++ msgid "need at least one file to send" ++-msgstr "es mu? mindestens ein Name einer zu sendenden Datei angegeben werden" +++msgstr "es muss mindestens ein Name einer zu sendenden Datei angegeben werden" ++ ++ #: src/lsz.c:629 ++ msgid "Can't send command in restricted mode\n" ++-msgstr "Im eingeschr?nkten Modus ist das Senden von Kommandos verboten\n" +++msgstr "Im eingeschränkten Modus ist das Senden von Kommandos verboten\n" ++ ++ #: src/lrz.c:527 src/lsz.c:656 ++ msgid "hostname too long\n" ++@@ -129,7 +130,7 @@ ++ ++ #: src/lrz.c:542 src/lsz.c:671 ++ msgid "illegal server address\n" ++-msgstr "Illegale Serveraddresse\n" +++msgstr "Illegale Serveradresse\n" ++ ++ #: src/lsz.c:710 ++ msgid "can read only one file from stdin" ++@@ -137,21 +138,21 @@ ++ ++ #: src/lrz.c:574 src/lsz.c:803 ++ msgid "Transfer incomplete\n" ++-msgstr "?bertragung nicht abgeschlossen\n" +++msgstr "Ãœbertragung nicht abgeschlossen\n" ++ ++ #: src/lrz.c:576 src/lsz.c:805 ++ msgid "Transfer complete\n" ++-msgstr "?bertragung abgeschlossen\n" +++msgstr "Ãœbertragung abgeschlossen\n" ++ ++ #: src/lsz.c:838 ++ #, c-format ++ msgid "send_pseudo %s: cannot open tmpfile %s: %s" ++-msgstr "send_pseudo %s: kann tempor?re Datei %s nicht ?ffnen: %s" +++msgstr "send_pseudo %s: kann temporäre Datei %s nicht öffnen: %s" ++ ++ #: src/lsz.c:851 ++ #, c-format ++ msgid "send_pseudo %s: cannot lstat tmpfile %s: %s" ++-msgstr "send_pseudo %s: kann lstat nicht auf tempor?re Datei %s anwenden: %s" +++msgstr "send_pseudo %s: kann lstat nicht auf temporäre Datei %s anwenden: %s" ++ ++ #: src/lsz.c:859 ++ #, c-format ++@@ -161,7 +162,7 @@ ++ #: src/lsz.c:870 ++ #, c-format ++ msgid "send_pseudo %s: cannot write to tmpfile %s: %s" ++-msgstr "send_pseudo %s: kann nicht in tempor?re Datei %s schreiben: %s" +++msgstr "send_pseudo %s: kann nicht in temporäre Datei %s schreiben: %s" ++ ++ #: src/lsz.c:879 ++ #, c-format ++@@ -188,17 +189,17 @@ ++ ++ #: src/lsz.c:953 ++ msgid "Can't open any requested files." ++-msgstr "Kann keine der angeforderten Dateien ?ffnen" +++msgstr "Kann keine der angeforderten Dateien öffnen" ++ ++ #: src/lsz.c:1009 ++ #, c-format ++ msgid "security violation: not allowed to upload from %s" ++-msgstr "Sicherheitsversto?: Ausf?hrung unter eingeschr?nkter Shell verboten" +++msgstr "Sicherheitsverstoß: Hochladen von %s nicht erlaubt" ++ ++ #: src/lrz.c:1384 src/lsz.c:1027 ++ #, c-format ++ msgid "cannot open %s" ++-msgstr "kann %s nicht ?ffnen" +++msgstr "kann %s nicht öffnen" ++ ++ #: src/lsz.c:1082 ++ #, c-format ++@@ -213,12 +214,12 @@ ++ #: src/lsz.c:1119 ++ #, c-format ++ msgid "skipped: %s" ++-msgstr "?bersprungen: %s" +++msgstr "übersprungen: %s" ++ ++ #: src/lsz.c:1122 ++ #, c-format ++ msgid "%s/%s: skipped" ++-msgstr "%s/%s: ?bersprungen" +++msgstr "%s/%s: übersprungen" ++ ++ #: src/lsz.c:1149 ++ #, c-format ++@@ -228,7 +229,7 @@ ++ #: src/lsz.c:1178 ++ #, c-format ++ msgid "Sending %s, %ld blocks: " ++-msgstr "Sende %s, %ld Bl?cke:" +++msgstr "Sende %s, %ld Blöcke:" ++ ++ #: src/lsz.c:1181 ++ msgid "Give your local XMODEM receive command now." ++@@ -245,11 +246,11 @@ ++ ++ #: src/lsz.c:1314 ++ msgid "Receiver Cancelled" ++-msgstr "Empf?nger brach ab" +++msgstr "Empfänger brach ab" ++ ++ #: src/lsz.c:1340 ++ msgid "No ACK on EOT" ++-msgstr "Keine Best?tigung f?r ?bertragungsende erhalten" +++msgstr "Keine Bestätigung für Ãœbertragungsende erhalten" ++ ++ #: src/lsz.c:1361 ++ #, c-format ++@@ -267,24 +268,24 @@ ++ ++ #: src/lsz.c:1399 ++ msgid "Timeout on sector ACK" ++-msgstr "Timeout bei Sektorbest?tigung" +++msgstr "Timeout bei Sektorbestätigung" ++ ++ #: src/lsz.c:1404 ++ msgid "NAK on sector" ++-msgstr "Sektor nicht best?tigt" +++msgstr "Sektor nicht bestätigt" ++ ++ #: src/lsz.c:1410 ++ msgid "Got burst for sector ACK" ++-msgstr "" +++msgstr "Erhielt Bruch als Sektorbestätigung" ++ ++ #: src/lsz.c:1412 ++ #, c-format ++ msgid "Got %02x for sector ACK" ++-msgstr "Erhielt %02x als Sektorbest?tigung" +++msgstr "Erhielt %02x als Sektorbestätigung" ++ ++ #: src/lsz.c:1424 ++ msgid "Retry Count Exceeded" ++-msgstr "Maximale Wiederholungsanzahl ?berschritten" +++msgstr "Maximale Wiederholungsanzahl überschritten" ++ ++ #: src/lrz.c:596 src/lsz.c:1502 ++ #, c-format ++@@ -304,11 +305,11 @@ ++ #: src/lsz.c:1512 ++ #, c-format ++ msgid " or: %s [options] -{c|i} COMMAND\n" ++-msgstr " oder: %s [Optionen] -{c|i} KOMMANDO\n" +++msgstr " oder: %s [-2Ceqv] -{c|i} KOMMANDO\n" ++ ++ #: src/lsz.c:1513 ++ msgid "Send file(s) with ZMODEM/YMODEM/XMODEM protocol\n" ++-msgstr "Dateien mit ZMODEM/YMODEM/XMODEM ?bertragen\n" +++msgstr "Dateien mit ZMODEM/YMODEM/XMODEM übertragen\n" ++ ++ # src/lrz.c:475 src/lsz.c:1330 xx ++ #: src/lrz.c:607 src/lsz.c:1515 ++@@ -317,9 +318,9 @@ ++ " (Y) = option applies to YMODEM only\n" ++ " (Z) = option applies to ZMODEM only\n" ++ msgstr "" ++-" (X) = Option gilt nur f?r XMODEM\n" ++-" (Y) = Option gilt nur f?r YMODEM\n" ++-" (Z) = Option gilt nur f?r ZMODEM\n" +++" (X) = Option gilt nur für XMODEM\n" +++" (Y) = Option gilt nur für YMODEM\n" +++" (Z) = Option gilt nur für ZMODEM\n" ++ ++ #: src/lsz.c:1521 ++ msgid "" ++@@ -347,32 +348,32 @@ ++ " -m, --min-bps N stop transmission if BPS below N\n" ++ " -M, --min-bps-time N for at least N seconds (default: 120)\n" ++ msgstr "" ++-" -+, --append an existierende Dateien anh?ngen (Z)\n" +++" -+, --append an existierende Dateien anhängen (Z)\n" ++ " -2, --twostop zwei Stopbits verwenden\n" ++-" -4, --try-4k bis zu 4K Blockgr??e verwenden\n" ++-" --start-4k mit 4K Blockgr??e starten (versucht nicht 8)\n" ++-" -8, --try-8k bis zu 8K Blockgr??e verwenden\n" ++-" --start-8k mit 8K Blockgr??e starten\n" +++" -4, --try-4k bis zu 4K Blockgröße verwenden\n" +++" --start-4k mit 4K Blockgröße starten (versucht nicht 8)\n" +++" -8, --try-8k bis zu 8K Blockgröße verwenden\n" +++" --start-8k mit 8K Blockgröße starten\n" ++ " -a, --ascii ASCII: NL nach CR/LF wandeln\n" ++-" -b, --binary Bin?r?bertragung erzwingen\n" +++" -b, --binary Binärübertragung erzwingen\n" ++ " -B, --bufsize N N Bytes puffern (auto: ganze Datei puffern)\n" ++-" -c, --command COMMAND Kommando KOMMANDO auf Gegenseite ausf?hren " +++" -c, --command COMMAND Kommando KOMMANDO auf Gegenseite ausführen " ++ "(Z)\n" ++-" -C, --command-tries N N mal Kommandoausf?hrung versuchen (Z)\n" +++" -C, --command-tries N N mal Kommandoausführung versuchen (Z)\n" ++ " -d, --dot-to-slash C '.' in Dateinamen nach '/' wandeln (Y/Z)\n" ++ " --delay-startup N Bei Programmstart N Sek. schlafen (Debugging)\n" ++ " -e, --escape alle Steuerzeichen escapen (Z)\n" ++-" -E, --rename Empf?nger soll Datei umbenennen falls\n" +++" -E, --rename Empfänger soll Datei umbenennen falls\n" ++ " Zieldatei schon existiert\n" ++ " -f, --full-path Dateien mit vollen Pfaden senden (Y/Z)\n" ++-" -i, --immediate-command CMD wie `c', aber sofort zur?ckkehren (Z)\n" +++" -i, --immediate-command CMD wie `c', aber sofort zurückkehren (Z)\n" ++ " -h, --help diesen Hilfetext ausgeben\n" ++ " -k, --1k 1024 Bytes Pakete senden (Y)\n" ++-" -L, --packetlen N Unterpaketl?nge auf N Bytes beschr?nken (Z)\n" ++-" -l, --framelen N Rahmenl?nge auf N Bytes beschr?nken (l>=L) " +++" -L, --packetlen N Unterpaketlänge auf N Bytes beschränken (Z)\n" +++" -l, --framelen N Rahmenlänge auf N Bytes beschränken (l>=L) " ++ "(Z)\n" ++-" -m, --min-bps N ?bertragung abbrechen bei weniger als N BPS\n" ++-" -M, --min-bps-time N f?r mindestens N Sekunden (Default: 120)\n" +++" -m, --min-bps N Ãœbertragung abbrechen bei weniger als N BPS\n" +++" -M, --min-bps-time N für mindestens N Sekunden (Default: 120)\n" ++ ++ #: src/lsz.c:1546 ++ msgid "" ++@@ -400,28 +401,28 @@ ++ "short options use the same arguments as the long ones\n" ++ msgstr "" ++ " -n, --newer Datei senden wenn sie neuer ist (Z)\n" ++-" -N, --newer-or-longer Datei senden wenn neuer oder l?nger (Z)\n" +++" -N, --newer-or-longer Datei senden wenn neuer oder länger (Z)\n" ++ " -o, --16-bit-crc 16Bit CRC statt 32Bit CRC verwenden (Z)\n" ++ " -O, --disable-timeouts Timeoutbehandlung abschalten\n" ++-" -p, --protect existierende Dateien nicht ver?ndern\n" ++-" -r, --resume unterbrochene ?bertragungen fortsetzen (Z)\n" ++-" -R, --restricted eingeschr?nkter, sichererer Modus\n" +++" -p, --protect existierende Dateien nicht verändern\n" +++" -r, --resume unterbrochene Ãœbertragungen fortsetzen (Z)\n" +++" -R, --restricted eingeschränkter, sichererer Modus\n" ++ " -q, --quiet leise, keine Ausgaben machen\n" ++-" -s, --stop-at {HH:MM|+N} ?bertragung um HH:MM oder in N Sek. abbrechen\n" ++-" --tcp-server Socket ?ffnen und auf Verbindung warten\n" ++-" --tcp-client ADDR:PORT Socket ?ffnen und verbindung mit ...\n" ++-" -u, --unlink Datei nach ?bertragung l?schen\n" ++-" -U, --unrestrict eingeschr?nkten Modus aufheben (falls " +++" -s, --stop-at {HH:MM|+N} Ãœbertragung um HH:MM oder in N Sek. abbrechen\n" +++" --tcp-server Socket öffnen, Verbindung abwarten (Z)\n" +++" --tcp-client ADDR:PORT Socket öffnen, verbinden mit ... (Z)\n" +++" -u, --unlink Datei nach Ãœbertragung löschen\n" +++" -U, --unrestrict eingeschränkten Modus aufheben (falls " ++ "erlaubt)\n" ++ " -v, --verbose mehr ausgeben\n" ++-" -w, --windowsize N Fenstergr??e auf N Bytes setzen (Z)\n" +++" -w, --windowsize N Fenstergröße auf N Bytes setzen (Z)\n" ++ " -X --xmodem XMODEM-Protokoll benutzen\n" ++-" -y, --overwrite existierende Dateien ?berschreiben\n" ++-" -Y, --overwrite-or-skip wie `y', aber nicht existierende ?berspringen\n" +++" -y, --overwrite existierende Dateien überschreiben\n" +++" -Y, --overwrite-or-skip wie `y', aber nicht existierende überspringen\n" ++ " --ymodem YMODEM-Protokoll benutzen\n" ++ " -Z, --zmodem ZMODEM-Protokoll benutzen\n" ++ "\n" ++-"Kurze Optionen ben?tigen dieselben Argumente wie Lange.\n" +++"Kurze Optionen benötigen dieselben Argumente wie die langen.\n" ++ ++ #: src/lsz.c:1768 ++ msgid "got ZRQINIT" ++@@ -434,7 +435,7 @@ ++ #: src/lsz.c:1991 ++ #, c-format ++ msgid "blklen now %d\n" ++-msgstr "Blockgr??e nun %d\n" +++msgstr "Blockgröße nun %d\n" ++ ++ #: src/lsz.c:2053 ++ #, c-format ++@@ -453,7 +454,7 @@ ++ #: src/lsz.c:2223 ++ #, c-format ++ msgid "calc_blklen: reduced to %d due to error\n" ++-msgstr "calc_blklen: Blockgr?sse auf %d reduziert wegen Fehler\n" +++msgstr "calc_blklen: Blockgröße auf %d reduziert wegen Fehler\n" ++ ++ #: src/lsz.c:2256 ++ #, c-format ++@@ -468,12 +469,12 @@ ++ #: src/lsz.c:2267 ++ #, c-format ++ msgid "calc_blklen: calc total_bytes=%ld, bpe=%ld, ec=%ld\n" ++-msgstr "calc_blklen: kalkuliere gesamt_bytes=%ld, bpe=%le, ec=%ld\n" +++msgstr "calc_blklen: kalkuliere gesamt_bytes=%ld, bpe=%ld, ec=%ld\n" ++ ++ #: src/lsz.c:2278 ++ #, c-format ++ msgid "calc_blklen: blklen %d, ok %ld, failed %ld -> %lu\n" ++-msgstr "calc_blklen: Blockl?nge %d, ok %ld, fehlgeschlagen %ld -> %lu\n" +++msgstr "calc_blklen: Blocklänge %d, ok %ld, fehlgeschlagen %ld -> %lu\n" ++ ++ #: src/lsz.c:2290 ++ #, c-format ++@@ -512,7 +513,7 @@ ++ ++ #: src/zm.c:712 ++ msgid "Garbage count exceeded" ++-msgstr "Maximale Wiederholungsanzahl ?berschritten" +++msgstr "Maximale Wiederholungsanzahl überschritten" ++ ++ #: src/zm.c:773 ++ #, c-format ++@@ -526,11 +527,11 @@ ++ ++ #: src/lrz.c:382 ++ msgid "don't have settimeofday, will not set time\n" ++-msgstr "Zeitsynchronisation nicht ausf?hrbar, settimeofday() fehlt\n" +++msgstr "Zeitsynchronisation nicht ausführbar, settimeofday() fehlt\n" ++ ++ #: src/lrz.c:386 ++ msgid "not running as root (this is good!), can not set time\n" ++-msgstr "Zeitsynchronisation mangels Superuserrechten nicht ausf?hrbar\n" +++msgstr "Zeitsynchronisation mangels Superuserrechten nicht ausführbar\n" ++ ++ #: src/lrz.c:441 ++ msgid "bytes_per_error" ++@@ -542,16 +543,16 @@ ++ ++ #: src/lrz.c:455 ++ msgid "O_SYNC not supported by the kernel" ++-msgstr "O_SYNC vom Kernel nicht unterst?tzt" +++msgstr "O_SYNC vom Kernel nicht unterstützt" ++ ++ #: src/lrz.c:497 src/lrz.c:499 ++ msgid "garbage on commandline" ++-msgstr "M?ll auf der Kommandozeile" +++msgstr "Müll auf der Kommandozeile" ++ ++ #: src/lrz.c:604 ++ #, c-format ++ msgid "Usage: %s [options] [filename.if.xmodem]\n" ++-msgstr "Benutzung: %s [Optionen] [Dateiname.f?r.xmodem]\n" +++msgstr "Benutzung: %s [Optionen] [Dateiname.für.xmodem]\n" ++ ++ #: src/lrz.c:605 ++ msgid "Receive files with ZMODEM/YMODEM/XMODEM protocol\n" ++@@ -596,44 +597,44 @@ ++ "\n" ++ "short options use the same arguments as the long ones\n" ++ msgstr "" ++-" -+, --append an existierende Dateien anh?ngen\n" ++-" -a, --ascii ASCII-?bertragung (CR/LF nach LF wandeln)\n" ++-" -b, --binary Bin?r?bertragung (keine Umwandlungen)\n" +++" -+, --append an existierende Dateien anhängen\n" +++" -a, --ascii ASCII-Ãœbertragung (CR/LF nach LF wandeln)\n" +++" -b, --binary Binärübertragung (keine Umwandlungen)\n" ++ " -B, --bufsize N N Bytes puffern (auto: ganze Datei puffern)\n" ++-" -c, --with-crc 16bit CRC statt Pr?fsumme verwenden (X)\n" ++-" -C, --allow-remote-commands Ausf?hrung von Kommandos erlauben (Z)\n" +++" -c, --with-crc 16bit CRC statt Prüfsumme verwenden (X)\n" +++" -C, --allow-remote-commands Ausführung von Kommandos erlauben (Z)\n" ++ " -D, --null empfangene Daten nach /dev/null schreiben\n" ++ " --delay-startup N Bei Programmstart N Sek. schlafen (Debugging)\n" ++ " -e, --escape Alle Steuerzeichen escapen (Z)\n" ++-" -E, --rename Empf?nger soll Datei umbenennen falls\n" +++" -E, --rename Empfänger soll Datei umbenennen, falls\n" ++ " Zieldatei schon existiert\n" ++ " --errors N Einen CRC-Fehler alle N Bytes erzeugen\n" ++ " -h, --help Diesen Hilfstext ausgeben\n" ++-" -m, --min-bps N ?bertragung abbrechen bei weniger als N BPS\n" ++-" -M, --min-bps-time N f?r mindestens N Sekunden (Default: 120)\n" +++" -m, --min-bps N Ãœbertragung abbrechen bei weniger als N BPS\n" +++" -M, --min-bps-time N für mindestens N Sekunden (Default: 120)\n" ++ " -O, --disable-timeouts Timeoutbehandlung abschalten\n" ++ " --o-sync Ausgabedatei(en) im synchron schreiben\n" ++-" -p, --protect existierende Dateien nicht ver?ndern\n" +++" -p, --protect existierende Dateien nicht verändern\n" ++ " -q, --quiet leise, keine Ausgaben machen\n" ++-" -r, --resume unterbrochene ?bertragungen fortsetzen (Z)\n" ++-" -R, --restricted eingeschr?nkter, sichererer Modus\n" ++-" -s, --stop-at {HH:MM|+N} ?bertragung um HH:MM oder in N Sek. abbrechen\n" +++" -r, --resume unterbrochene Ãœbertragungen fortsetzen (Z)\n" +++" -R, --restricted eingeschränkter, sichererer Modus\n" +++" -s, --stop-at {HH:MM|+N} Ãœbertragung um HH:MM oder in N Sek. abbrechen\n" ++ " -S, --timesync Zeit anfordern (doppelt: lokale Zeit setzen)\n" ++-" --syslog[=off] syslog an- oder ausschalten, wenn m?glich\n" ++-" -t, --timeout N Timeout auf N Zehntelsekungen setzen\n" ++-" --tcp-server Socket ?ffnen und auf Verbindung warten\n" ++-" --tcp-client ADDR:PORT Socket ?ffnen und verbindung mit ...\n" +++" --syslog[=off] syslog an- oder ausschalten, wenn möglich\n" +++" -t, --timeout N Timeout auf N Zehntelsekunden setzen\n" +++" --tcp-server Socket öffnen, Verbindung abwarten (Z)\n" +++" --tcp-client ADDR:PORT Socket öffnen, verbinden mit ... (Z)\n" ++ " -u, --keep-uppercase GROSS geschrieben Dateinamen beibehalten\n" ++-" -U, --unrestrict eingeschr?nkten Modus aufheben (falls " +++" -U, --unrestrict eingeschränkten Modus aufheben (falls " ++ "erlaubt)\n" ++ " -v, --verbose mehr ausgeben\n" ++-" -w, --windowsize N Fenstergr??e auf N Bytes setzen (Z)\n" +++" -w, --windowsize N Fenstergröße auf N Bytes setzen (Z)\n" ++ " -X --xmodem XMODEM-Protokoll benutzen\n" ++-" -y, --overwrite existierende Dateien ?berschreiben\n" +++" -y, --overwrite existierende Dateien überschreiben\n" ++ " --ymodem YMODEM-Protokoll benutzen\n" ++ " -Z, --zmodem ZMODEM-Protokoll benutzen\n" ++ "\n" ++-"Kurze Optionen ben?tigen dieselben Argumente wie Lange.\n" +++"Kurze Optionen benötigen dieselben Argumente wie die langen.\n" ++ ++ #: src/lrz.c:676 ++ #, c-format ++@@ -662,11 +663,11 @@ ++ "%s: %s removed.\r\n" ++ msgstr "" ++ "\r\n" ++-"%s: %s gel?scht\r\n" +++"%s: %s gelöscht\r\n" ++ ++ #: src/lrz.c:856 ++ msgid "Pathname fetch returned EOT" ++-msgstr "Ende der ?bertragung beim Warten auf Dateinamen" +++msgstr "Ende der Ãœbertragung beim Warten auf Dateinamen" ++ ++ #: src/lrz.c:903 ++ msgid "Received dup Sector" ++@@ -682,7 +683,7 @@ ++ ++ #: src/lrz.c:976 ++ msgid "Checksum" ++-msgstr "Pr?fsummenfehler" +++msgstr "Prüfsummenfehler" ++ ++ #: src/lrz.c:979 ++ msgid "Sector number garbled" ++@@ -695,27 +696,27 @@ ++ #: src/lrz.c:1005 ++ #, c-format ++ msgid "Got 0%o sector header" ++-msgstr "Erhielt %02x als Sektorbest?tigung" +++msgstr "Erhielt %02x als Sektorbestätigung" ++ ++ #: src/lrz.c:1113 ++ #, c-format ++ msgid "file name ends with a /, skipped: %s\n" ++-msgstr "Dateiname endet mit /, ?bersprungen: %s\n" +++msgstr "Dateiname endet mit /, übersprungen: %s\n" ++ ++ #: src/lrz.c:1127 ++ #, c-format ++ msgid "zmanag=%d, Lzmanag=%d\n" ++-msgstr "" +++msgstr "zmanag=%d, Lzmanag=%d\n" ++ ++ #: src/lrz.c:1128 ++ #, c-format ++ msgid "zconv=%d\n" ++-msgstr "" +++msgstr "zconv=%d\n" ++ ++ #: src/lrz.c:1192 src/lrz.c:1226 ++ #, c-format ++ msgid "file exists, skipped: %s\n" ++-msgstr "Datei existiert, ?bersprungen: %s\n" +++msgstr "Datei existiert, übersprungen: %s\n" ++ ++ #: src/lrz.c:1267 ++ #, c-format ++@@ -739,7 +740,7 @@ ++ #: src/lrz.c:1545 ++ #, c-format ++ msgid "Blocks received: %d" ++-msgstr "Bl?cke empfangen: %d" +++msgstr "Blöcke empfangen: %d" ++ ++ #: src/lrz.c:1599 ++ #, c-format ++@@ -749,15 +750,15 @@ ++ #: src/lrz.c:1612 src/lrz.c:1620 ++ #, c-format ++ msgid "%s:\tSecurity Violation" ++-msgstr "%s:\tSicherheitsversto?" +++msgstr "%s:\tSicherheitsverstoß" ++ ++ #: src/lrz.c:1730 ++ msgid "remote command execution requested" ++-msgstr "Gegenseite versucht Kommandoausf?hrung" +++msgstr "Gegenseite versucht Kommandoausführung" ++ ++ #: src/lrz.c:1737 ++ msgid "not executed" ++-msgstr "nicht ausgef?hrt" +++msgstr "nicht ausgeführt" ++ ++ #: src/lrz.c:1768 ++ msgid "got ZRINIT" ++@@ -765,7 +766,7 @@ ++ ++ #: src/lrz.c:1817 ++ msgid "Skipped" ++-msgstr "?bersprungen" +++msgstr "Ãœbersprungen" ++ ++ #. too bad ++ #: src/lrz.c:2049 ++@@ -785,7 +786,7 @@ ++ ++ #: src/lrz.c:2215 ++ msgid "file close error" ++-msgstr "Fehler beim Schlie?en der Datei" +++msgstr "Fehler beim Schließen der Datei" ++ ++ #~ msgid "tcp protocol init failed\n" ++ #~ msgstr "TCP Protokoll Initialisierung fehlgeschlagen\n" ++@@ -796,17 +797,3 @@ ++ #~ msgid "fgets for tcp protocol synchronization failed: " ++ #~ msgstr "fgets() bei tcp Protokoll Synchronisation fehlgeschlagen: " ++ ++-#~ msgid "Transfer complete." ++-#~ msgstr "?bertragung abgeschlossen" ++- ++-#~ msgid "at" ++-#~ msgstr "um" ++- ++-#~ msgid "TIMESYNC: failed\n" ++-#~ msgstr "Zeitsynchronisation: fehlgeschlagen\n" ++- ++-#~ msgid "TIMESYNC: ok\n" ++-#~ msgstr "Zeitsynchronisation: ok\n" ++- ++-#~ msgid "Falldown to %ld blklen" ++-#~ msgstr "Blockgr??e auf %ld gesenkt" diff --git a/patches/source/minicom/minicom.SlackBuild b/patches/source/minicom/minicom.SlackBuild new file mode 100755 index 00000000..1ee7bba4 --- /dev/null +++ b/patches/source/minicom/minicom.SlackBuild @@ -0,0 +1,160 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2017 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=2.7.1 +BUILD=${BUILD:-1_slack13.1} + +NUMJOBS=${NUMJOBS:--j6} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-minicom + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +# minicom +cd $TMP +rm -rf minicom-$VERSION +tar xvf $CWD/minicom-$VERSION.tar.xz || exit 1 +cd minicom-$VERSION + +# The following command renames the internal implementation of getline +# to g_getline as newer versions of Glibc provide an incompatible version: +#sed -i -e "s/getline/g_&/" $(grep -lr getline *) + +chown -R root:root . +find . -perm 777 -exec chmod 755 {} \; +find . -perm 664 -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +mkdir -p $PKG/etc +zcat $CWD/minicom.users.gz > $PKG/etc/minicom.users.new +printf "# Machine-generated file - use \"minicom -s\" to change parameters.\n" \ + > $PKG/etc/minirc.dfl.new + +mkdir -p $PKG/usr/doc/minicom-$VERSION +cp -a \ + AUTHORS COPYING* ChangeLog FILE_ID.DIZ INSTALL NEWS README* TODO doc \ + $PKG/usr/doc/minicom-$VERSION +rm -f $PKG/usr/doc/minicom-$VERSION/doc/{ChangeLog.old,Makefile*} + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +# lzrz + +cd $TMP +rm -rf lrzsz-990823 +tar xvf $CWD/lrzsz_0.12.21.orig.tar.gz || exit 1 +cd lrzsz-990823 +chown -R root:root . + +# Make x86_64 a valid machine type (thanks to Fred Emmott) +zcat $CWD/config.sub-x86_64.diff.gz | patch -p1 --verbose || exit 1 + +# Apply some of the debian patches +zcat $CWD/lrzsz_0.12.21-5.diff.gz | patch -p1 --verbose || exit 1 +rm -f debian/patches/{206499_ymodemg.diff.unchecked,206648_dszlog.diff.unchecked} +for i in debian/patches/* ; do patch -p1 < $i || exit 1 ; done + +./configure \ + --prefix=/usr \ + --mandir=/usr/man \ + --build=$ARCH-slackware-linux + +touch stamp-h.in # to stop autoheader from running +touch -d yesterday aclocal.m4 # to stop automake from running + +make $NUMJOBS || make || exit 1 + +cp src/lrz src/lsz $PKG/usr/bin +chmod 0755 $PKG/usr/bin/{lrz,lsz} + +cp man/{lrz,lsz}.1 $PKG/usr/man/man1 +echo '.so man1/lrz.1' > $PKG/usr/man/man1/rz.1 +echo '.so man1/lsz.1' > $PKG/usr/man/man1/sz.1 + +mkdir -p $PKG/usr/share/locale/de/LC_MESSAGES +cat po/de.gmo > $PKG/usr/share/locale/de/LC_MESSAGES/lrzsz.mo + +mkdir -p $PKG/usr/doc/lrzsz-0.12.21 +cp -a \ + AUTHORS COMPATABILITY COPYING* INSTALL NEWS README* THANKS TODO \ + $PKG/usr/doc/lrzsz-0.12.21 + +( cd $PKG/usr/bin + for i in lrb lrx rz ; do ln -s lrz $i ; done + for i in lsb lsx sz ; do ln -s lsz $i ; done + for i in rx rb ; do ln -s rz $i ; done + for i in sb sx ; do ln -s sz $i ; done +) + +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +find $PKG/usr/man -type f -exec gzip -9 {} \; + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/minicom-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/minicom/minicom.users b/patches/source/minicom/minicom.users new file mode 100644 index 00000000..509d86f4 --- /dev/null +++ b/patches/source/minicom/minicom.users @@ -0,0 +1,36 @@ +# $Id: minicom.users,v 1.1.1.1 1999/12/18 11:18:51 misiek Exp $ +# Minicom.users Access file for the minicom program. +# +# Format: Either just one username per line, or +# a username followed by one or more +# configuration-names. The name of the +# default configuration is "dfl". The maximum +# significant line length is 70 characters. +# +# Location: The minicom library directory, probably +# /etc or /var/lib/minicom or whatever. +# +# Notes: If you don't install this file in the +# specified location, everybody will have +# access to minicom. +# +# This doesn't matter if minicom isn't installed +# setuid root since access will then be based +# on the permissions set on the serial port. +# + +# +# Who may use minicom? +# +# User [line] [..line] +# + +# Everyone has access to all configurations. +ALL + +## The rest are examples. +## # Erik only has access to the default configuration +## erik dfl +## +## # minicom has access to the default configuration, and configuration 'tty5'. +## minicom dfl tty5 diff --git a/patches/source/minicom/slack-desc b/patches/source/minicom/slack-desc new file mode 100644 index 00000000..4aa6302b --- /dev/null +++ b/patches/source/minicom/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +minicom: minicom (communications package) +minicom: +minicom: Minicom - a full featured menu-driven communications package similar +minicom: to the DOS program 'Telix'. Also includes sz/rz - utilities used to +minicom: upload and download files using the Zmodem protocol. +minicom: +minicom: Homepage: http://alioth.debian.org/projects/minicom +minicom: +minicom: +minicom: +minicom: diff --git a/patches/source/mozilla-firefox/firefox.moz_plugin_path.diff b/patches/source/mozilla-firefox/firefox.moz_plugin_path.diff new file mode 100644 index 00000000..761f295a --- /dev/null +++ b/patches/source/mozilla-firefox/firefox.moz_plugin_path.diff @@ -0,0 +1,17 @@ +--- ./firefox.orig 2008-05-29 15:21:18.000000000 -0500 ++++ ./firefox 2008-06-17 12:19:26.000000000 -0500 +@@ -54,6 +54,14 @@ + + moz_libdir=/usr/local/lib/firefox-3.0 + ++# Include /usr/lib/mozilla/plugins in the plugin path: ++if [ "$MOZ_PLUGIN_PATH" ] ; then ++ MOZ_PLUGIN_PATH=$MOZ_PLUGIN_PATH:${moz_libdir}/plugins:/usr/lib/mozilla/plugins ++else ++ MOZ_PLUGIN_PATH=${moz_libdir}/plugins:/usr/lib/mozilla/plugins ++fi ++export MOZ_PLUGIN_PATH ++ + # Use run-mozilla.sh in the current dir if it exists + # If not, then start resolving symlinks until we find run-mozilla.sh + found=0 diff --git a/patches/source/mozilla-firefox/firefox.png b/patches/source/mozilla-firefox/firefox.png Binary files differnew file mode 100644 index 00000000..76204b5d --- /dev/null +++ b/patches/source/mozilla-firefox/firefox.png diff --git a/patches/source/mozilla-firefox/mimeTypes.rdf b/patches/source/mozilla-firefox/mimeTypes.rdf new file mode 100644 index 00000000..f3bc7b40 --- /dev/null +++ b/patches/source/mozilla-firefox/mimeTypes.rdf @@ -0,0 +1,28 @@ +<?xml version="1.0"?> +<RDF:RDF xmlns:NC="http://home.netscape.com/NC-rdf#" + xmlns:RDF="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> + <RDF:Seq RDF:about="urn:mimetypes:root"> + </RDF:Seq> + <RDF:Description RDF:about="urn:mimetypes"> + <NC:MIME-types RDF:resource="urn:mimetypes:root"/> + </RDF:Description> + <RDF:Description RDF:about="urn:scheme:mailto" + NC:value="mailto"> + <NC:handlerProp RDF:resource="urn:scheme:handler:mailto"/> + </RDF:Description> + <RDF:Description RDF:about="urn:handler:web:http://compose.mail.yahoo.com/?To=%s" + NC:prettyName="Yahoo! Mail" + NC:uriTemplate="http://compose.mail.yahoo.com/?To=%s" /> + <RDF:Description RDF:about="urn:handler:web:https://mail.google.com/mail/?extsrc=mailto&url=%s" + NC:prettyName="GMail" + NC:uriTemplate="https://mail.google.com/mail/?extsrc=mailto&url=%s" /> + <RDF:Description RDF:about="urn:scheme:handler:mailto" + NC:alwaysAsk="true"> + <NC:possibleApplication RDF:resource="urn:handler:web:http://compose.mail.yahoo.com/?To=%s"/> + <NC:possibleApplication RDF:resource="urn:handler:web:https://mail.google.com/mail/?extsrc=mailto&url=%s"/> + <NC:possibleApplication RDF:resource="urn:handler:local:/usr/bin/thunderbird"/> + </RDF:Description> + <RDF:Description RDF:about="urn:handler:local:/usr/bin/thunderbird" + NC:prettyName="thunderbird" + NC:path="/usr/bin/thunderbird" /> +</RDF:RDF> diff --git a/patches/source/mozilla-firefox/mozilla-firefox-mimeTypes-fix.diff b/patches/source/mozilla-firefox/mozilla-firefox-mimeTypes-fix.diff new file mode 100644 index 00000000..22211304 --- /dev/null +++ b/patches/source/mozilla-firefox/mozilla-firefox-mimeTypes-fix.diff @@ -0,0 +1,45 @@ +diff -Nur mozilla-1.9.1.orig/browser/locales/generic/profile/mimeTypes.rdf mozilla-1.9.1/browser/locales/generic/profile/mimeTypes.rdf +--- mozilla-1.9.1.orig/browser/locales/generic/profile/mimeTypes.rdf 2009-06-29 11:14:41.000000000 -0500 ++++ mozilla-1.9.1/browser/locales/generic/profile/mimeTypes.rdf 2009-07-01 08:28:05.407353867 -0500 +@@ -1,13 +1,28 @@ +-<?xml version="1.0"?> +- +-<RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#" +- xmlns:NC="http://home.netscape.com/NC-rdf#" +- xmlns:RDF="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> +- +- <Description about="urn:mimetypes"> +- <NC:MIME-types> +- <Seq about="urn:mimetypes:root"> +- </Seq> +- </NC:MIME-types> +- </Description> +-</RDF> ++<?xml version="1.0"?> ++<RDF:RDF xmlns:NC="http://home.netscape.com/NC-rdf#" ++ xmlns:RDF="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> ++ <RDF:Seq RDF:about="urn:mimetypes:root"> ++ </RDF:Seq> ++ <RDF:Description RDF:about="urn:mimetypes"> ++ <NC:MIME-types RDF:resource="urn:mimetypes:root"/> ++ </RDF:Description> ++ <RDF:Description RDF:about="urn:scheme:mailto" ++ NC:value="mailto"> ++ <NC:handlerProp RDF:resource="urn:scheme:handler:mailto"/> ++ </RDF:Description> ++ <RDF:Description RDF:about="urn:handler:web:http://compose.mail.yahoo.com/?To=%s" ++ NC:prettyName="Yahoo! Mail" ++ NC:uriTemplate="http://compose.mail.yahoo.com/?To=%s" /> ++ <RDF:Description RDF:about="urn:handler:web:https://mail.google.com/mail/?extsrc=mailto&url=%s" ++ NC:prettyName="GMail" ++ NC:uriTemplate="https://mail.google.com/mail/?extsrc=mailto&url=%s" /> ++ <RDF:Description RDF:about="urn:scheme:handler:mailto" ++ NC:alwaysAsk="true"> ++ <NC:possibleApplication RDF:resource="urn:handler:web:http://compose.mail.yahoo.com/?To=%s"/> ++ <NC:possibleApplication RDF:resource="urn:handler:web:https://mail.google.com/mail/?extsrc=mailto&url=%s"/> ++ <NC:possibleApplication RDF:resource="urn:handler:local:/usr/bin/thunderbird"/> ++ </RDF:Description> ++ <RDF:Description RDF:about="urn:handler:local:/usr/bin/thunderbird" ++ NC:prettyName="thunderbird" ++ NC:path="/usr/bin/thunderbird" /> ++</RDF:RDF> diff --git a/patches/source/mozilla-firefox/mozilla-firefox.SlackBuild b/patches/source/mozilla-firefox/mozilla-firefox.SlackBuild new file mode 100755 index 00000000..758a8016 --- /dev/null +++ b/patches/source/mozilla-firefox/mozilla-firefox.SlackBuild @@ -0,0 +1,190 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# Thanks to the folks at the Mozilla Foundation for permission to +# distribute this, and for all the great work! :-) + +VERSION=$(basename $(ls firefox-*.tar.bz2 | cut -d - -f 2 | rev | cut -f 3- -d . | rev) .source) +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi +BUILD=${BUILD:-1_slack13.1} + +MOZVERS=${MOZVERS:-1.9.2} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Try to be gentle to the compiler, no optimizations: +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O -fPIC" + LIBDIRSUFFIX="64" +elif [ "$ARCH" = "arm" ]; then + SLKCFLAGS="-O2 -march=armv4 -mtune=xscale" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "armel" ]; then + SLKCFLAGS="-O2 -march=armv4t" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-mozilla-firefox + +rm -rf $PKG +mkdir -p $TMP $PKG/usr/lib${LIBDIRSUFFIX} + +cd $TMP +rm -rf mozilla-$MOZVERS +tar xvf $CWD/firefox-$VERSION.source.tar.bz2 || exit 1 +cd mozilla-$MOZVERS || exit 1 + +# Fix a long standing bug that's prevented staying current on GTK+. +# Thanks to the BLFS folks. :-) +cat << EOF >> layout/build/Makefile.in + +ifdef MOZ_ENABLE_CANVAS +EXTRA_DSO_LDOPTS += \$(XLDFLAGS) -lX11 -lXrender +endif + +EOF + +# Patch mimeTypes.rdf +# Uncomment this if you want to use the patch; otherwise, we overwrite the +# mimeTypes.rdf inside the package directory later +# zcat $CWD/mozilla-firefox-mimeTypes-fix.diff.gz | patch -p1 || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +export MOZILLA_OFFICIAL="1" && +export BUILD_OFFICIAL="1" && +export MOZ_PHOENIX="1" && +export CFLAGS="$SLKCFLAGS" && +export CXXFLAGS="$SLKCFLAGS" && +./configure \ + --enable-official-branding \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-default-mozilla-five-home=/usr/lib${LIBDIRSUFFIX}/firefox-$VERSION \ + --with-system-zlib \ + --enable-application=browser \ + --enable-default-toolkit=cairo-gtk2 \ + --enable-crypto \ + --enable-svg \ + --enable-canvas \ + --enable-xft \ + --enable-xinerama \ + --enable-optimize \ + --enable-reorder \ + --enable-strip \ + --enable-system-cairo \ + --enable-cpp-rtti \ + --enable-single-profile \ + --disable-ldap \ + --disable-accessibility \ + --disable-debug \ + --disable-tests \ + --disable-libnotify \ + --disable-logging \ + --disable-pedantic \ + --disable-installer \ + --disable-mailnews \ + --disable-composer \ + --disable-profilesharing + # Complains about missing APNG support in Slackware's libpng: + #--with-system-png \ + +#make -f client.mk build MOZ_MAKE_FLAGS="$NUMJOBS" || exit 1 +make MOZ_MAKE_FLAGS="$NUMJOBS" $NUMJOBS || exit 1 +make install DESTDIR=$PKG || exit 1 + +# We don't need these (just symlinks anyway): +rm -rf $PKG/usr/lib${LIBDIRSUFFIX}/firefox-devel-$VERSION + +# Nor these: +rm -rf $PKG/usr/include + +( cd $PKG/usr/lib${LIBDIRSUFFIX}/firefox-$VERSION + #mv defaults/profile/mimeTypes.rdf defaults/profile/mimeTypes.rdf.orig || exit 1 + zcat $CWD/mimeTypes.rdf > defaults/profile/mimeTypes.rdf || exit 1 + zcat $CWD/firefox.moz_plugin_path.diff.gz \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + | patch -p1 --verbose --backup --suffix=.orig || exit 1 + # Clean up if the above patch was successful: + rm -f firefox.orig +) || exit + +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/mozilla/plugins +mkdir -p $PKG/usr/share/applications +cat $CWD/mozilla-firefox.desktop > $PKG/usr/share/applications/mozilla-firefox.desktop +mkdir -p $PKG/usr/share/pixmaps +cat $CWD/firefox.png > $PKG/usr/share/pixmaps/firefox.png + +# These files/directories are usually created if Firefox is run as root, +# which on many systems might (and possibly should) be never. Therefore, if we +# don't see them we'll put stubs in place to prevent startup errors. +( cd $PKG/usr/lib${LIBDIRSUFFIX}/firefox-$VERSION + if [ -d extensions/talkback\@mozilla.org ]; then + if [ ! -r extensions/talkback\@mozilla.org/chrome.manifest ]; then + echo > extensions/talkback\@mozilla.org/chrome.manifest + fi + fi + if [ ! -d updates ]; then + mkdir -p updates/0 + fi +) + +# Need some default icons in the right place: +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/firefox-$VERSION/chrome/icons/default +install -m 644 other-licenses/branding/firefox/default16.png \ + $PKG/usr/lib${LIBDIRSUFFIX}/firefox-$VERSION/icons/ +install -m 644 other-licenses/branding/firefox/default16.png \ + $PKG/usr/lib${LIBDIRSUFFIX}/firefox-$VERSION/chrome/icons/default/ +( cd $PKG/usr/lib${LIBDIRSUFFIX}/firefox-$VERSION + install -m 644 icons/{default,mozicon50}.xpm chrome/icons/default/ +) + +# Copy over the LICENSE +install -p -c -m 644 LICENSE $PKG/usr/lib${LIBDIRSUFFIX}/firefox-$VERSION/ + +mkdir $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/mozilla-firefox-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/mozilla-firefox/mozilla-firefox.desktop b/patches/source/mozilla-firefox/mozilla-firefox.desktop new file mode 100644 index 00000000..23be26f3 --- /dev/null +++ b/patches/source/mozilla-firefox/mozilla-firefox.desktop @@ -0,0 +1,80 @@ +[Desktop Entry] +Exec=firefox %u +Icon=firefox +Type=Application +Categories=Network; +Name=Firefox +Name[bn]=ফায়ারফকà§à¦¸ +Name[eo]=Mozilo Fajrovulpo +Name[fi]=Mozilla Firefox +Name[pa]=ਫਾਇਰਫੋਕਸ +Name[tg]=Рӯбоҳи оташин +GenericName=Web Browser +GenericName[af]=Web Blaaier +GenericName[ar]=متصÙØ ÙˆÙŠØ¨ +GenericName[az]=Veb SÉ™yyahı +GenericName[bg]=Браузър +GenericName[bn]=ওয়েব বà§à¦°à¦¾à¦‰à¦œà¦¾à¦° +GenericName[br]=Furcher ar Gwiad +GenericName[bs]=WWW Preglednik +GenericName[ca]=Fullejador web +GenericName[cs]=WWW prohlÞeÄ +GenericName[cy]=Porydd Gwe +GenericName[da]=Browser +GenericName[de]=Web-Browser +GenericName[el]=ΠεÏιηγητής Î™ÏƒÏ„Î¿Ï +GenericName[eo]=TTT-legilo +GenericName[es]=Navegador web +GenericName[et]=Veebilehitseja +GenericName[eu]=Web arakatzailea +GenericName[fa]=مرورگر وب +GenericName[fi]=WWW-selain +GenericName[fo]=Alnótsfar +GenericName[fr]=Navigateur web +GenericName[gl]=Navegador Web +GenericName[he]=דפדפן ××™× ×˜×¨× ×˜ +GenericName[hi]=वेब बà¥à¤°à¤¾à¤‰à¤œà¤¼à¤° +GenericName[hr]=Web preglednik +GenericName[hu]=WebböngészÅ‘ +GenericName[is]=Vafri +GenericName[it]=Browser Web +GenericName[ja]=ウェブブラウザ +GenericName[ko]=웹 브ë¼ìš°ì € +GenericName[lo]=ເວັບບຣາວເຊີ +GenericName[lt]=Žiniatinklio narÅ¡yklÄ— +GenericName[lv]=Web PÄrlÅ«ks +GenericName[mk]=ПрелиÑтувач на Интернет +GenericName[mn]=Веб-Хөтөч +GenericName[nb]=Nettleser +GenericName[nds]=Nettkieker +GenericName[nl]=Webbrowser +GenericName[nn]=Nettlesar +GenericName[nso]=Seinyakisi sa Web +GenericName[pa]=ਵੈਬ à¨à¨²à¨•à¨¾à¨°à¨¾ +GenericName[pl]=PrzeglÄ…darka WWW +GenericName[pt]=Navegador Web +GenericName[pt_BR]=Navegador Web +GenericName[ro]=Navigator de web +GenericName[ru]=Веб-браузер +GenericName[se]=Fierpmádatlogan +GenericName[sk]=Webový prehliadaÄ +GenericName[sl]=Spletni brskalnik +GenericName[sr]=Веб претраживач +GenericName[sr@Latn]=Veb pretraživaÄ +GenericName[ss]=Ibrawuza yeWeb +GenericName[sv]=Webbläsare +GenericName[ta]=வலை உலாவி +GenericName[tg]=ТафÑиргари вÑб +GenericName[th]=เว็บบราวเซà¸à¸£à¹Œ +GenericName[tr]=Web Tarayıcı +GenericName[uk]=Ðавігатор Тенет +GenericName[uz]=Веб-браузер +GenericName[ven]=Buronza ya Webu +GenericName[vi]=Trình duyệt Web +GenericName[wa]=Betchteu waibe +GenericName[xh]=Umkhangeli zincwadi we Web +GenericName[zh_CN]=网页æµè§ˆå™¨ +GenericName[zh_TW]=網é ç€è¦½å™¨ +GenericName[zu]=Umcingi we-Web +MimeType=text/html; +X-KDE-StartupNotify=true diff --git a/patches/source/mozilla-firefox/slack-desc b/patches/source/mozilla-firefox/slack-desc new file mode 100644 index 00000000..a54bac8f --- /dev/null +++ b/patches/source/mozilla-firefox/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +mozilla-firefox: mozilla-firefox (Mozilla Firefox Web browser) +mozilla-firefox: +mozilla-firefox: This project is a redesign of the Mozilla browser component written +mozilla-firefox: using the XUL user interface language. Firefox empowers you to +mozilla-firefox: browse faster, more safely and more efficiently than with any other +mozilla-firefox: browser. +mozilla-firefox: +mozilla-firefox: Visit the Mozilla Firefox project online: +mozilla-firefox: http://www.mozilla.org/projects/firefox/ +mozilla-firefox: +mozilla-firefox: diff --git a/patches/source/mozilla-thunderbird/mimeTypes.rdf b/patches/source/mozilla-thunderbird/mimeTypes.rdf new file mode 100644 index 00000000..366df44b --- /dev/null +++ b/patches/source/mozilla-thunderbird/mimeTypes.rdf @@ -0,0 +1,113 @@ +<?xml version="1.0"?> + +<!-- + This file is used as a persistent data store for helper application + information about both MIME type and protocol scheme helpers. + + The root of the data are the two containers + <RDF:Seq about="urn:mimetypes:root"/> and <RDF:Seq about="urn:schemes:root"/>. + + These contain one <RDF:li/> entry per MIME type/protocol. Each <RDF:li/> entry + corresponds to a "urn:<class>:<type>" resource, where <class> is either + "mimetype" or "scheme" and <type> is either a MIME type in "major/minor" format + or a scheme. For example, for HTML we would have "urn:mimetype:text/html", + while for mailto: we would have "urn:scheme:mailto". + + Typically, this resource will be in the <RDF:Description/> node which has the + corresponding "about" attribute. + + Each "urn:<class>:<type>" resource can have the following properties: + + NC:Value - the MIME type or scheme string + NC:editable - a "true" or "false" depending on whether this entry is + editable + NC:description - a description of the type ("HTML Document" for text/html) + NC:fileExtensions - for MIME types, there will be one of these properties + per extension that corresponds to this MIME type, + each one having a single extension as its value. + NC:handlerProp - the way the type should be handled. This corresponds to a + "urn:<class>:handler:<type>" resource. Eg, the way HTML is + handled would be stored in the + "urn:mimetype:handler:text/html" resource. + + Each "urn:<class>:handler:<type>" resource can have the following properties: + + NC:useSystemDefault - "true" if we should handle per default OS setting, + "false" or not set otherwise + NC:saveToDisk - "true" if the data should be saved to disk, "false" or not + set otherwise. + (Note - if both of these are false, that means "open in helper app") + NC:alwaysAsk - "true" if the user should always be prompted before handling + data of this type, false otherwise. + NC:externalApplication - the preferred helper application to use for this + type. This corresponds to a + "urn:<class>:externalApplication:<type>" resource. + NC:possibleApplication - a helper application that can be used for this type. + Since there can be multiple possible applications, + there can be multiple assertions in the graph with + this property for a given handler resource. + + Each "urn:<class>:externalApplication:<type>" resource, and each resource + that represents a possible application, can have the following property: + + NC:prettyName - the "pretty name" of the application ("Acrobat Reader" for + /usr/bin/acroread, eg). + + If the resource represents a local application, then it can have the following + property: + + NC:path - the path to the application on the local filesystem, for example + /usr/bin/test or C:\windows\system32\cmd.exe. + + If the resource represents a web application, then it can have the following + property: + + NC:uriTemplate - a URI pointing to the web application to which the type + should be handed off, with %s in the template representing + the place where the content should be inserted. For example, + here is a URI template for a service that lets you email + an address in a mailto: link: + http://www.example.com/sendmail?link=%s +--> + +<RDF:RDF xmlns:RDF="http://www.w3.org/1999/02/22-rdf-syntax-ns#" + xmlns:NC="http://home.netscape.com/NC-rdf#"> + + <RDF:Description about="urn:mimetypes"> + <NC:MIME-types> + <RDF:Seq about="urn:mimetypes:root"> + </RDF:Seq> + </NC:MIME-types> + </RDF:Description> + + <RDF:Description RDF:about="urn:scheme:handler:http" + NC:alwaysAsk="false"> + <NC:externalApplication RDF:resource="urn:scheme:externalApplication:http"/> + </RDF:Description> + <RDF:Description RDF:about="urn:scheme:externalApplication:http" + NC:prettyName="firefox" + NC:path="/usr/bin/firefox" /> + <RDF:Description RDF:about="urn:schemes"> + <NC:Protocol-Schemes RDF:resource="urn:schemes:root"/> + </RDF:Description> + <RDF:Description RDF:about="urn:scheme:http" + NC:value="http"> + <NC:handlerProp RDF:resource="urn:scheme:handler:http"/> + </RDF:Description> + + <RDF:Description RDF:about="urn:scheme:handler:https" + NC:alwaysAsk="false"> + <NC:externalApplication RDF:resource="urn:scheme:externalApplication:https"/> + </RDF:Description> + <RDF:Description RDF:about="urn:scheme:externalApplication:https" + NC:prettyName="firefox" + NC:path="/usr/bin/firefox" /> + <RDF:Description RDF:about="urn:schemes"> + <NC:Protocol-Schemes RDF:resource="urn:schemes:root"/> + </RDF:Description> + <RDF:Description RDF:about="urn:scheme:https" + NC:value="https"> + <NC:handlerProp RDF:resource="urn:scheme:handler:https"/> + </RDF:Description> + +</RDF:RDF> diff --git a/patches/source/mozilla-thunderbird/mozilla-thunderbird.SlackBuild b/patches/source/mozilla-thunderbird/mozilla-thunderbird.SlackBuild new file mode 100755 index 00000000..5dc51b8c --- /dev/null +++ b/patches/source/mozilla-thunderbird/mozilla-thunderbird.SlackBuild @@ -0,0 +1,181 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# Thanks to the folks at the Mozilla Foundation for permission to +# distribute this, and for all the great work! :-) + +VERSION=$(basename $(ls thunderbird-*.tar.bz2 | cut -d - -f 2 | rev | cut -f 3- -d . | rev) .source) +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +MOZVERS=${MOZVERS:-1.9.2} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Try to be gentle to the compiler, no optimizations: +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O -fPIC" + LIBDIRSUFFIX="64" +elif [ "$ARCH" = "arm" ]; then + SLKCFLAGS="-O2 -march=armv4 -mtune=xscale" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "armel" ]; then + SLKCFLAGS="-O2 -march=armv4t" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-mozilla-thunderbird + +rm -rf $PKG +mkdir -p $TMP $PKG/usr/lib${LIBDIRSUFFIX} + +cd $TMP +rm -rf comm-$MOZVERS +tar xvf $CWD/thunderbird-$VERSION.source.tar.bz2 || exit 1 +cd comm-$MOZVERS || exit 1 + +# Fix a long standing bug that's prevented staying current on GTK+. +# Thanks to the BLFS folks. :-) +cat << EOF >> mozilla/layout/build/Makefile.in + +ifdef MOZ_ENABLE_CANVAS +EXTRA_DSO_LDOPTS += \$(XLDFLAGS) -lX11 -lXrender +endif + +EOF + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +export MOZILLA_OFFICIAL="1" && +export BUILD_OFFICIAL="1" && +export MOZ_PHOENIX="1" && +export CFLAGS="$SLKCFLAGS" && +export CXXFLAGS="$SLKCFLAGS" && +export MOZ_MAKE_FLAGS="$NUMJOBS" && +./configure \ + --enable-official-branding \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-default-mozilla-five-home=/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION \ + --with-system-zlib \ + --enable-application=mail \ + --enable-default-toolkit=cairo-gtk2 \ + --enable-startup-notification \ + --enable-crypto \ + --enable-svg \ + --enable-canvas \ + --enable-xft \ + --enable-xinerama \ + --enable-ldap \ + --enable-optimize \ + --enable-reorder \ + --enable-static \ + --enable-strip \ + --enable-system-cairo \ + --enable-cpp-rtti \ + --enable-single-profile \ + --disable-accessibility \ + --disable-debug \ + --disable-tests \ + --disable-logging \ + --disable-pedantic \ + --disable-installer \ + --disable-profilesharing + # Complains about missing APNG support in Slackware's libpng: + #--with-system-png \ + +#make -f client.mk build MOZ_MAKE_FLAGS="$NUMJOBS" || exit 1 +make $NUMJOBS || exit 1 +make install DESTDIR=$PKG || exit 1 + +# We don't need these (just symlinks anyway): +rm -rf $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-devel-$VERSION + +# Nor these: +rm -rf $PKG/usr/include + +( cd $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION + cp -a defaults/profile/mimeTypes.rdf defaults/profile/mimeTypes.rdf.orig + zcat $CWD/mimeTypes.rdf > defaults/profile/mimeTypes.rdf || exit 1 +) || exit 1 + +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/mozilla/plugins +mkdir -p $PKG/usr/share/applications +cat $CWD/mozilla-thunderbird.desktop > $PKG/usr/share/applications/mozilla-thunderbird.desktop +mkdir -p $PKG/usr/share/pixmaps +cat $CWD/thunderbird.png > $PKG/usr/share/pixmaps/thunderbird.png + +# These files/directories are usually created if Firefox is run as root, +# which on many systems might (and possibly should) be never. Therefore, if we +# don't see them we'll put stubs in place to prevent startup errors. +( cd $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION + if [ -d extensions/talkback\@mozilla.org ]; then + if [ ! -r extensions/talkback\@mozilla.org/chrome.manifest ]; then + echo > extensions/talkback\@mozilla.org/chrome.manifest + fi + fi + if [ ! -d updates ]; then + mkdir -p updates/0 + fi +) + +# Need some default icons in the right place: +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION/chrome/icons/default +install -m 644 other-licenses/branding/thunderbird/default16.png \ + $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION/icons/ +install -m 644 other-licenses/branding/thunderbird/default16.png \ + $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION/chrome/icons/default/ +( cd $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION + install -m 644 icons/{default,mozicon50}.xpm chrome/icons/default/ +) + +# Copy over the LICENSE +install -p -c -m 644 LICENSE $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION/ + +mkdir $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/mozilla-thunderbird-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/mozilla-thunderbird/mozilla-thunderbird.desktop b/patches/source/mozilla-thunderbird/mozilla-thunderbird.desktop new file mode 100644 index 00000000..0f85ecbe --- /dev/null +++ b/patches/source/mozilla-thunderbird/mozilla-thunderbird.desktop @@ -0,0 +1,84 @@ +[Desktop Entry] +Encoding=UTF-8 +Exec=thunderbird +Icon=/usr/share/pixmaps/thunderbird.png +Type=Application +Categories=Application;Network; +Name=Thunderbird +Name[bn]=থাণà§à¦¡à¦¾à¦°à¦¬à¦¾à¦°à§à¦¡ +Name[eo]=Mozilo Tondrobirdo +Name[fi]=Mozilla Thunderbird +Name[pa]=ਥੰਡਰਬਰਡ +Name[tg]=Паррандаи бало +GenericName=Mail Client +GenericName[af]=Pos Kliënt +GenericName[ar]=البريد الألكتروني +GenericName[az]=Poçt Alıcısı +GenericName[be]=Паштовы кліент +GenericName[bg]=ПощенÑки клиент +GenericName[bn]=ইমেইল কà§à¦²à¦¾à§Ÿà§‡à¦¨à§à¦Ÿ +GenericName[br]=Arval postel +GenericName[bs]=Program za Äitanje elektronske poÅ¡te +GenericName[ca]=Client de correu electrònic +GenericName[cs]=Klient pro Ätenà elektronické poÅ¡ty +GenericName[cy]=Dibynnydd Ebost +GenericName[da]=E-mail-klient +GenericName[de]=E-Mail-Programm +GenericName[el]=Πελάτης mail +GenericName[eo]=Legi kaj sendi retpoÅton +GenericName[es]=Cliente de correo electrónico +GenericName[et]=Meiliklient +GenericName[eu]=Posta bezeroa +GenericName[fa]=کارگیر پست الکترونیکی +GenericName[fi]=Sähköpostiohjelma +GenericName[fo]=Postforrit +GenericName[fr]=Logiciel de messagerie électronique +GenericName[ga]=Cliant RÃomhphoist +GenericName[gl]=Cliente de correo +GenericName[he]=×ª×•×›× ×™×ª דו×ר +GenericName[hi]=डाकिया +GenericName[hr]=Program za Äitanje elektronske poÅ¡te +GenericName[hu]=LevelezÅ‘program +GenericName[id]=Klien Mail +GenericName[is]=Póstforrit +GenericName[it]=Programma di posta elettronica +GenericName[ja]=メールクライアント +GenericName[ko]=편지를 ì£¼ê³ ë°›ëŠ” 프로그램 +GenericName[lo]=ໄຄà»à»€àºàº±àº™àºˆàº»àº”ຫມາàºà»€àºà»€àº¥àº±àºà»‚ຕນິຠ+GenericName[lt]=PaÅ¡to klientas +GenericName[lv]=Pasta Klients +GenericName[mk]=Програма за електронÑка пошта +GenericName[mn]=Ð-Захиа-Програм +GenericName[mt]=Klijent tal-imejl +GenericName[nb]=E-postklient +GenericName[nds]=Mailprogramm +GenericName[nl]=E-mailclient +GenericName[nn]=Lesing og sending av e-post +GenericName[nso]=Moreki wa Poso +GenericName[oc]=Programari de correu electrònic +GenericName[pa]=ਪੱਤਰ ਕਲਾਂਇਟ +GenericName[pl]=Program do wysyÅ‚ania i odbierania poczty elektronicznej +GenericName[pt]=Client de E-mail +GenericName[pt_BR]=Cliente de E-mail +GenericName[ro]=Program de poÅŸtă electronică +GenericName[ru]=Клиент Ñлектронной почты +GenericName[se]=Boastaprográmma +GenericName[sk]=Klient elektronickej poÅ¡ty +GenericName[sl]=Program za e-poÅ¡to +GenericName[sr]=Програм за e-пошту +GenericName[sr@Latn]=Program za e-poÅ¡tu +GenericName[ss]=Likhasimende leliposi +GenericName[sv]=E-postklient +GenericName[ta]=அஞà¯à®šà®²à¯ உறà¯à®ªà¯à®ªà®¿à®©à®°à¯ +GenericName[tg]=Коргири почтаи Ñллектроникӣ +GenericName[th]=ไคลเà¸à¸™à¸•à¹Œà¸ˆà¸”หมายà¸à¸´à¹€à¸¥à¹‡à¸à¸—รà¸à¸™à¸´à¸à¸ªà¹Œ +GenericName[tr]=Posta Ä°stemcisi +GenericName[uk]=Клієнт електронної пошти +GenericName[uz]=Хат-хабар клиенти +GenericName[ven]=Mushumisani na poso +GenericName[wa]=Cliyint d' emilaedje +GenericName[xh]=Umxhasi Weposi +GenericName[zh_CN]=é‚®ä»¶ç¨‹åº +GenericName[zh_TW]=郵件處ç†ç¨‹å¼ +GenericName[zu]=Umxhasi weposi +X-KDE-StartupNotify=true diff --git a/patches/source/mozilla-thunderbird/slack-desc b/patches/source/mozilla-thunderbird/slack-desc new file mode 100644 index 00000000..353b2225 --- /dev/null +++ b/patches/source/mozilla-thunderbird/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +mozilla-thunderbird: mozilla-thunderbird (Mozilla Thunderbird mail application) +mozilla-thunderbird: +mozilla-thunderbird: Mozilla Thunderbird is a redesign of the Mozilla mail component +mozilla-thunderbird: written using the XUL user interface language. Thunderbird makes +mozilla-thunderbird: emailing safer, faster, and easier than ever before with the +mozilla-thunderbird: industry's best implementations of features such as intelligent spam +mozilla-thunderbird: filters, built-in RSS reader, quick search, and much more. +mozilla-thunderbird: +mozilla-thunderbird: Visit the Mozilla Thunderbird project online: +mozilla-thunderbird: http://www.mozilla.org/projects/thunderbird/ +mozilla-thunderbird: diff --git a/patches/source/mozilla-thunderbird/thunderbird.png b/patches/source/mozilla-thunderbird/thunderbird.png Binary files differnew file mode 100644 index 00000000..61a37d70 --- /dev/null +++ b/patches/source/mozilla-thunderbird/thunderbird.png diff --git a/patches/source/mysql/doinst.sh b/patches/source/mysql/doinst.sh new file mode 100644 index 00000000..22f77474 --- /dev/null +++ b/patches/source/mysql/doinst.sh @@ -0,0 +1,22 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +# Keep same perms on rc.mysqld.new: +if [ -e etc/rc.d/rc.mysqld ]; then + cp -a etc/rc.d/rc.mysqld etc/rc.d/rc.mysqld.new.incoming + cat etc/rc.d/rc.mysqld.new > etc/rc.d/rc.mysqld.new.incoming + mv etc/rc.d/rc.mysqld.new.incoming etc/rc.d/rc.mysqld.new +fi + +config etc/rc.d/rc.mysqld.new + diff --git a/patches/source/mysql/mirror-url b/patches/source/mysql/mirror-url new file mode 100644 index 00000000..885cd48e --- /dev/null +++ b/patches/source/mysql/mirror-url @@ -0,0 +1 @@ +ftp://mysql.llarian.net/pub/mysql/ diff --git a/patches/source/mysql/mysql-embedded.build b/patches/source/mysql/mysql-embedded.build new file mode 100755 index 00000000..2ac77f31 --- /dev/null +++ b/patches/source/mysql/mysql-embedded.build @@ -0,0 +1,64 @@ +#!/bin/sh +# Build and install MySQL on Slackware +# by: David Cantrell <david@slackware.com> +# Currently maintained by: Patrick Volkerding <volkerdi@slackware.com> + +VERSION=${VERSION:-$(echo mysql-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-mysql + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf mysql-$VERSION +tar xvf $CWD/mysql-$VERSION.tar.?z* || exit 1 +cd mysql-$VERSION + +if ls $CWD/*.diff.gz 1> /dev/null 2> /dev/null ; then + for patch in $CWD/*.diff.gz ; do + zcat $patch | patch -p1 --verbose || exit 1 + done +fi + +CFLAGS="$SLKCFLAGS -fPIC" CXXFLAGS="$SLKCFLAGS -fPIC" \ + ./configure --prefix=/usr --libdir=/usr/lib${LIBDIRSUFFIX} \ + --datadir=/usr/share --sysconfdir=/etc/mysql \ + --libexecdir=/usr/sbin --localstatedir=/var/lib/mysql \ + --without-docs --without-man --without-server \ + --with-embedded-server --without-innodb \ + --without-berkeley-db --without-row-based-replication \ + --without-readline --disable-shared --with-charset=utf8 \ + --without-debug --with-pthread --without-ssl --without-query-cache \ + --without-geometry --with-pic + +make -j6 || make || exit 1 + +cp libmysqld/libmysqld.a /usr/lib${LIBDIRSUFFIX}/mysql/ + diff --git a/patches/source/mysql/mysql.CVE-2014-0001.diff b/patches/source/mysql/mysql.CVE-2014-0001.diff new file mode 100644 index 00000000..01a845e8 --- /dev/null +++ b/patches/source/mysql/mysql.CVE-2014-0001.diff @@ -0,0 +1,11 @@ +--- ./client/mysql.cc.orig 2013-11-04 12:52:27.000000000 -0600 ++++ ./client/mysql.cc 2014-02-18 22:24:32.928195436 -0600 +@@ -1167,7 +1167,7 @@ + + put_info("Welcome to the MySQL monitor. Commands end with ; or \\g.", + INFO_INFO); +- sprintf((char*) glob_buffer.ptr(), ++ snprintf((char*) glob_buffer.ptr(), glob_buffer.alloced_length(), + "Your MySQL connection id is %lu\nServer version: %s\n", + mysql_thread_id(&mysql), server_version_string(&mysql)); + put_info((char*) glob_buffer.ptr(),INFO_INFO); diff --git a/patches/source/mysql/mysql.SlackBuild b/patches/source/mysql/mysql.SlackBuild new file mode 100755 index 00000000..ac9cb73f --- /dev/null +++ b/patches/source/mysql/mysql.SlackBuild @@ -0,0 +1,223 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# Build and install MySQL on Slackware +# by: David Cantrell <david@slackware.com> +# Currently maintained by: Patrick Volkerding <volkerdi@slackware.com> + + +VERSION=${VERSION:-$(echo mysql-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-mysql + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf mysql-$VERSION +tar xvf $CWD/mysql-$VERSION.tar.?z* || exit 1 +cd mysql-$VERSION + +if ls $CWD/*.diff.gz 1> /dev/null 2> /dev/null ; then + for patch in $CWD/*.diff.gz ; do + zcat $patch | patch -p1 --verbose || exit 1 + done +fi + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS -felide-constructors -fno-exceptions -fno-rtti" \ +CXX=gcc \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-mysqld-user=mysql \ + --with-unix-socket-path=/var/run/mysql/mysql.sock \ + --localstatedir=/var/lib/mysql \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --enable-assembler \ + --without-debug \ + --enable-thread-safe-client \ + --with-extra-charsets=complex \ + --with-ssl=/usr \ + --enable-largefile \ + --with-innodb \ + --with-readline \ + --build=$ARCH-slackware-linux +# +# --without-readline + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG + +# install additional headers needed for building external engine plugins +for i in sql include regex; do + for j in $i/*.h; do + install -m 644 $j $PKG/usr/include/mysql/ + done +done + +mkdir -p $PKG/usr/include/mysql/atomic +for i in include/atomic/*.h; do + install -m 644 $i $PKG/usr/include/mysql/atomic/ +done + +# The ./configure option to omit this has gone away, so we'll omit it +# the old-fashioned way. It's all in the source tarball if you need it. +rm -rf $PKG/usr/sql-bench + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Install support files +mkdir -p $PKG/etc +cp support-files/my-{huge,large,medium,small}.cnf $PKG/etc + +# Install docs +mkdir -p $PKG/usr/doc/mysql-$VERSION/Docs +cp -a \ + COPYING* EXCEPTIONS* INSTALL-SOURCE README* \ + $PKG/usr/doc/mysql-$VERSION +( cd Docs + # Seems most of the Docs/* are gone, but we'll leave the cp stuff + # in case it returns. + cp -a INSTALL-BINARY *.html *.txt Flags \ + $PKG/usr/doc/mysql-$VERSION/Docs ) +## Too large to justify since the .html version is right there: +#rm $PKG/usr/doc/mysql-$VERSION/Docs/manual.txt +find $PKG/usr/doc/mysql-$VERSION -type f -exec chmod 0644 {} \; + +# This is the directory where databases are stored +mkdir -p $PKG/var/lib/mysql +chown mysql.mysql $PKG/var/lib/mysql +chmod 0750 $PKG/var/lib/mysql + +# This is where the socket is stored +mkdir -p $PKG/var/run/mysql +chown mysql.mysql $PKG/var/run/mysql +chmod 0755 $PKG/var/run/mysql + +# Do not include the test suite: +rm -rf $PKG/usr/mysql-test + +# Add init script: +mkdir -p $PKG/etc/rc.d +# This is intentionally chmod 644. +zcat $CWD/rc.mysqld.gz > $PKG/etc/rc.d/rc.mysqld.new + +# Install script: +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Add some handy library symlinks: +if [ -r $PKG/usr/lib${LIBDIRSUFFIX}/mysql/libmysqlclient.so.16 ]; then + ( cd $PKG/usr/lib${LIBDIRSUFFIX} + rm -f libmysqlclient.so libmysqlclient.so.16 + ln -sf mysql/libmysqlclient.so . + ln -sf mysql/libmysqlclient.so.16 . + ) +else + exit 1 +fi +if [ -r $PKG/usr/lib${LIBDIRSUFFIX}/mysql/libmysqlclient_r.so.16 ]; then + ( cd $PKG/usr/lib${LIBDIRSUFFIX} + rm -f libmysqlclient_r.so libmysqlclient_r.so.16 + ln -sf mysql/libmysqlclient_r.so . + ln -sf mysql/libmysqlclient_r.so.16 . + ) +else + exit 1 +fi + +# Packaging standards: +rm -f $PKG/usr/info/dir + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Compress info files, if any: +if [ -d $PKG/usr/info ]; then + ( cd $PKG/usr/info + rm -f dir + gzip -9 * + ) +fi + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +# Build package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/mysql-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/mysql/mysql.openssl0.diff b/patches/source/mysql/mysql.openssl0.diff new file mode 100644 index 00000000..42885ee5 --- /dev/null +++ b/patches/source/mysql/mysql.openssl0.diff @@ -0,0 +1,13 @@ +--- mysql-5.5.31/vio/viossl.c~ 2013-03-25 14:14:58.000000000 +0100 ++++ mysql-5.5.31/vio/viossl.c 2013-04-18 16:58:38.552557538 +0200 +@@ -172,8 +172,10 @@ + SSL_SESSION_set_timeout(SSL_get_session(ssl), timeout); + SSL_set_fd(ssl, vio->sd); + #ifndef HAVE_YASSL ++#ifdef SSL_OP_NO_COMPRESSION + SSL_set_options(ssl, SSL_OP_NO_COMPRESSION); + #endif ++#endif + + if ((r= connect_accept_func(ssl)) < 1) + { diff --git a/patches/source/mysql/rc.mysqld b/patches/source/mysql/rc.mysqld new file mode 100644 index 00000000..300e6eb2 --- /dev/null +++ b/patches/source/mysql/rc.mysqld @@ -0,0 +1,86 @@ +#!/bin/sh +# Start/stop/restart mysqld. +# +# Copyright 2003 Patrick J. Volkerding, Concord, CA +# Copyright 2003 Slackware Linux, Inc., Concord, CA +# Copyright 2008 Patrick J. Volkerding, Sebeka, MN +# +# This program comes with NO WARRANTY, to the extent permitted by law. +# You may redistribute copies of this program under the terms of the +# GNU General Public License. + +# To start MySQL automatically at boot, be sure this script is executable: +# chmod 755 /etc/rc.d/rc.mysqld + +# Before you can run MySQL, you must have a database. To install an initial +# database, do this as root: +# +# mysql_install_db --user=mysql +# +# Note that the mysql user must exist in /etc/passwd, and the created files +# will be owned by this dedicated user. This is important, or else mysql +# (which runs as user "mysql") will not be able to write to the database +# later (this can be fixed with 'chown -R mysql.mysql /var/lib/mysql'). +# +# To increase system security, consider using "mysql_secure_installation" +# as well. For more information on this tool, please read: +# man mysql_secure_installation + +# To allow outside connections to the database comment out the next line. +# If you don't need incoming network connections, then leave the line +# uncommented to improve system security. +SKIP="--skip-networking" + +# Start mysqld: +mysqld_start() { + if [ -x /usr/bin/mysqld_safe ]; then + # If there is an old PID file (no mysqld running), clean it up: + if [ -r /var/run/mysql/mysql.pid ]; then + if ! ps axc | grep mysqld 1> /dev/null 2> /dev/null ; then + echo "Cleaning up old /var/run/mysql/mysql.pid." + rm -f /var/run/mysql/mysql.pid + fi + fi + /usr/bin/mysqld_safe --datadir=/var/lib/mysql --pid-file=/var/run/mysql/mysql.pid $SKIP & + fi +} + +# Stop mysqld: +mysqld_stop() { + # If there is no PID file, ignore this request... + if [ -r /var/run/mysql/mysql.pid ]; then + killall mysqld + # Wait at least one minute for it to exit, as we don't know how big the DB is... + for second in 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 \ + 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 60 ; do + if [ ! -r /var/run/mysql/mysql.pid ]; then + break; + fi + sleep 1 + done + if [ "$second" = "60" ]; then + echo "WARNING: Gave up waiting for mysqld to exit!" + sleep 15 + fi + fi +} + +# Restart mysqld: +mysqld_restart() { + mysqld_stop + mysqld_start +} + +case "$1" in +'start') + mysqld_start + ;; +'stop') + mysqld_stop + ;; +'restart') + mysqld_restart + ;; +*) + echo "usage $0 start|stop|restart" +esac diff --git a/patches/source/mysql/slack-desc b/patches/source/mysql/slack-desc new file mode 100644 index 00000000..29e1b8be --- /dev/null +++ b/patches/source/mysql/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +mysql: mysql (SQL-based relational database server) +mysql: +mysql: MySQL is a fast, multi-threaded, multi-user, and robust SQL +mysql: (Structured Query Language) database server. It comes with a nice API +mysql: which makes it easy to integrate into other applications. +mysql: +mysql: The home page for MySQL is http://www.mysql.com/ +mysql: +mysql: +mysql: +mysql: diff --git a/patches/source/ntp/doinst.sh b/patches/source/ntp/doinst.sh new file mode 100644 index 00000000..bc542990 --- /dev/null +++ b/patches/source/ntp/doinst.sh @@ -0,0 +1,28 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +preserve_perms() { + NEW="$1" + OLD="$(dirname ${NEW})/$(basename ${NEW} .new)" + if [ -e ${OLD} ]; then + cp -a ${OLD} ${NEW}.incoming + cat ${NEW} > ${NEW}.incoming + mv ${NEW}.incoming ${NEW} + fi + config ${NEW} +} + +config etc/ntp.conf.new +config etc/ntp/ntp.keys.new +if [ -r etc/rc.d/rc.ntpd -a -r etc/rc.d/rc.ntpd.new ]; then + chmod --reference=etc/rc.d/rc.ntpd etc/rc.d/rc.ntpd.new +fi +mv etc/rc.d/rc.ntpd.new etc/rc.d/rc.ntpd diff --git a/patches/source/ntp/ntp.SlackBuild b/patches/source/ntp/ntp.SlackBuild new file mode 100755 index 00000000..fef8d125 --- /dev/null +++ b/patches/source/ntp/ntp.SlackBuild @@ -0,0 +1,158 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012, 2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=ntp +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-ntp + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf ntp-${VERSION}* +tar xvf $CWD/ntp-${VERSION}*.tar.?z* || exit 1 +cd ntp-${VERSION}* || exit 1 + +zcat $CWD/ntp.nano.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 2777 -o -perm 2755 -o -perm 2775 \) \ + -exec chmod u+rwx,g-sw,g+rx,o-w,o+rx {} \; -o \ + \( -perm 777 -o -perm 775 -o -perm 774 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod u+rwx,g-sw,g+rx,o-w,o+rx {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --localstatedir=/var \ + --sysconfdir=/etc \ + --bindir=/usr/sbin \ + --sbindir=/usr/sbin \ + --mandir=/usr/man \ + --docdir=/usr/doc/ntp-$VERSION \ + --htmldir=/usr/doc/ntp-$VERSION \ + --enable-ipv6 \ + --with-crypto \ + --program-prefix= \ + --program-suffix= \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make -i install DESTDIR=$PKG || exit 1 + +# Since the Makefile's install pays no heed to the --bindir settings, +# we'll move things to where they've always been ourselves: +mv $PKG/usr/bin/* $PKG/usr/sbin +rmdir $PKG/usr/bin + +# This might only be an empty directory: +rmdir $PKG/usr/lib/pkgconfig + +# This should be empty. Try to remove it, and error out if it's not actually empty: +rmdir $PKG/usr/libexec || exit 1 + +mkdir -p $PKG/etc/ntp +cat $CWD/ntp.conf > $PKG/etc/ntp.conf.new +cat $CWD/ntp.keys > $PKG/etc/ntp/ntp.keys.new +chmod 600 $PKG/etc/ntp/ntp.keys.new +touch $PKG/etc/ntp/step-tickers + +mkdir -p $PKG/etc/rc.d +cat $CWD/rc.ntpd > $PKG/etc/rc.d/rc.ntpd.new + +mv $PKG/usr/doc/ntp-$VERSION/*.html $PKG/usr/doc/ntp-$VERSION/html || exit 1 +cp -a \ + COPYRIGHT NEWS README* TODO WHERE-TO-START \ + *.y2kfixes clockstuff conf scripts \ + $PKG/usr/doc/ntp-$VERSION +mkdir $PKG/usr/doc/ntp-$VERSION/util +cp -a util/README $PKG/usr/doc/ntp-$VERSION/util +mkdir $PKG/usr/doc/ntp-$VERSION/ntpdate +cp -a ntpdate/README $PKG/usr/doc/ntp-$VERSION/ntpdate +( cd $PKG/usr/doc/ntp-$VERSION + find . -name ".deps*" -exec rm -rf "{}" \; 2> /dev/null +) + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +# Strip binaries: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/ntp-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/ntp/ntp.conf b/patches/source/ntp/ntp.conf new file mode 100644 index 00000000..1844fb91 --- /dev/null +++ b/patches/source/ntp/ntp.conf @@ -0,0 +1,72 @@ +# Sample /etc/ntp.conf: Configuration file for ntpd. +# +# Undisciplined Local Clock. This is a fake driver intended for backup +# and when no outside source of synchronized time is available. The +# default stratum is usually 3, but in this case we elect to use stratum +# 0. Since the server line does not have the prefer keyword, this driver +# is never used for synchronization, unless no other other +# synchronization source is available. In case the local host is +# controlled by some external source, such as an external oscillator or +# another protocol, the prefer keyword would cause the local host to +# disregard all other synchronization sources, unless the kernel +# modifications are in use and declare an unsynchronized condition. +# +server 127.127.1.0 # local clock +fudge 127.127.1.0 stratum 10 + +# +# NTP server (list one or more) to synchronize with: +#server 0.pool.ntp.org iburst +#server 1.pool.ntp.org iburst +#server 2.pool.ntp.org iburst +#server 3.pool.ntp.org iburst + +# +# Drift file. Put this in a directory which the daemon can write to. +# No symbolic links allowed, either, since the daemon updates the file +# by creating a temporary in the same directory and then rename()'ing +# it to the file. +# +driftfile /etc/ntp/drift + +# +# Uncomment to use a multicast NTP server on the local subnet: +#multicastclient 224.0.1.1 # listen on default 224.0.1.1 +# Set an optional compensation for broadcast packet delay: +#broadcastdelay 0.008 + +# +# Keys file. If you want to diddle your server at run time, make a +# keys file (mode 600 for sure) and define the key number to be +# used for making requests. +# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote +# systems might be able to reset your clock at will. +# +#keys /etc/ntp/keys +#trustedkey 65535 +#requestkey 65535 +#controlkey 65535 + +# +# Don't serve time or stats to anyone else by default (more secure) +restrict default limited kod nomodify notrap nopeer noquery +restrict -6 default limited kod nomodify notrap nopeer noquery + +# +# Use these lines instead if you do want to serve time and stats to +# other machines on the network: +#restrict default limited kod nomodify notrap nopeer +#restrict -6 default limited kod nomodify notrap nopeer + +# +# Disable the ntpdc -c monlist command, which is insecure and can be used +# to cause a denial of service attack (CVE-2013-5211). Future versions of +# NTP will remove this command. +# (this feature was disabled by default with ntpd 4.2.7p230) +disable monitor + +# +# Trust ourselves. :-) +restrict 127.0.0.1 +restrict ::1 + diff --git a/patches/source/ntp/ntp.keys b/patches/source/ntp/ntp.keys new file mode 100644 index 00000000..1c3fbd2c --- /dev/null +++ b/patches/source/ntp/ntp.keys @@ -0,0 +1,2 @@ +65535 M akey +1 M pass diff --git a/patches/source/ntp/ntp.nano.diff b/patches/source/ntp/ntp.nano.diff new file mode 100644 index 00000000..0ff361ce --- /dev/null +++ b/patches/source/ntp/ntp.nano.diff @@ -0,0 +1,17 @@ +--- ./include/ntp_syscall.h.orig 2009-12-09 01:36:37.000000000 -0600 ++++ ./include/ntp_syscall.h 2010-04-21 23:38:30.000000000 -0500 +@@ -14,6 +14,14 @@ + # include <sys/timex.h> + #endif + ++#if defined(ADJ_NANO) && !defined(MOD_NANO) ++#define MOD_NANO ADJ_NANO ++#endif ++ ++#if defined(ADJ_TAI) && !defined(MOD_TAI) ++#define MOD_TAI ADJ_TAI ++#endif ++ + #ifndef NTP_SYSCALLS_LIBC + #ifdef NTP_SYSCALLS_STD + # define ntp_adjtime(t) syscall(SYS_ntp_adjtime, (t)) diff --git a/patches/source/ntp/rc.ntpd b/patches/source/ntp/rc.ntpd new file mode 100644 index 00000000..c1d1411c --- /dev/null +++ b/patches/source/ntp/rc.ntpd @@ -0,0 +1,71 @@ +#!/bin/sh +# Start/stop/restart ntpd. + +# Start ntpd: +ntpd_start() { + CMDLINE="/usr/sbin/ntpd -g" + echo -n "Starting NTP daemon: $CMDLINE" + $CMDLINE -p /var/run/ntpd.pid + echo + # The kernel is now mocking around with the the hardware clock if + # ntpd is running, so if the hardware clock (wall clock) is set to + # 'localtime' execute hwclock --localtime --systohc to disable the + # 11 minute mode kernel function: + if [ -x /sbin/hwclock ]; then + # Check for a broken motherboard RTC clock (where ioports for rtc are + # unknown) to prevent hwclock causing a hang: + if ! grep -q -w rtc /proc/ioports ; then + CLOCK_OPT="--directisa" + fi + if ! grep -q "^UTC" /etc/hardwareclock 2> /dev/null ; then + echo "Saving system time to the hardware clock (localtime)." + /sbin/hwclock $CLOCK_OPT --localtime --systohc + fi + fi +} + +# Stop ntpd: +ntpd_stop() { + echo -n "Stopping NTP daemon..." + if [ -r /var/run/ntpd.pid ]; then + kill -HUP $(cat /var/run/ntpd.pid) + rm -f /var/run/ntpd.pid + else + killall -HUP -q ntpd + fi + echo +} + +# Restart ntpd: +ntpd_restart() { + ntpd_stop + sleep 1 + ntpd_start +} + +# Check if ntpd is running +ntpd_status() { + if [ -e /var/run/ntpd.pid ]; then + echo "ntpd is running." + else + echo "ntpd is stopped." + exit 1 + fi +} + +case "$1" in +'start') + ntpd_start + ;; +'stop') + ntpd_stop + ;; +'restart') + ntpd_restart + ;; +'status') + ntpd_status + ;; +*) + echo "usage $0 start|stop|restart|status" +esac diff --git a/patches/source/ntp/slack-desc b/patches/source/ntp/slack-desc new file mode 100644 index 00000000..6319e888 --- /dev/null +++ b/patches/source/ntp/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +ntp: ntp (Network Time Protocol daemon) +ntp: +ntp: The Network Time Protocol (NTP) is used to synchronize the time of a +ntp: computer client or server to another server or reference time source, +ntp: such as a radio or satellite receiver or modem. It provides client +ntp: accuracies typically within a millisecond on LANs and up to a few tens +ntp: of milliseconds on WANs relative to a primary server synchronized to +ntp: Coordinated Universal Time (UTC) via a Global Positioning Service +ntp: (GPS) receiver, for example. +ntp: +ntp: diff --git a/patches/source/openssh/doinst.sh b/patches/source/openssh/doinst.sh new file mode 100644 index 00000000..73ce6283 --- /dev/null +++ b/patches/source/openssh/doinst.sh @@ -0,0 +1,49 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +preserve_perms() { + NEW="$1" + OLD="$(dirname ${NEW})/$(basename ${NEW} .new)" + if [ -e ${OLD} ]; then + cp -a ${OLD} ${NEW}.incoming + cat ${NEW} > ${NEW}.incoming + touch -r ${NEW} ${NEW}.incoming + mv ${NEW}.incoming ${NEW} + fi + config ${NEW} +} + +config etc/ssh/ssh_config.new +config etc/ssh/sshd_config.new +preserve_perms etc/rc.d/rc.sshd.new +if [ -e etc/rc.d/rc.sshd.new ]; then + mv etc/rc.d/rc.sshd.new etc/rc.d/rc.sshd +fi + +# If the sshd user/group/shadow don't exist, add them: + +if ! grep -q "^sshd:" etc/passwd ; then + echo "sshd:x:33:33:sshd:/:" >> etc/passwd +fi + +if ! grep -q "^sshd:" etc/group ; then + echo "sshd::33:sshd" >> etc/group +fi + +if ! grep -q "^sshd:" etc/shadow ; then + echo "sshd:*:9797:0:::::" >> etc/shadow +fi + +# Add a btmp file to store login failure if one doesn't exist: +if [ ! -r var/log/btmp ]; then + ( cd var/log ; umask 077 ; touch btmp ) +fi + diff --git a/patches/source/openssh/openssh-7.4p1-libwrap.diff b/patches/source/openssh/openssh-7.4p1-libwrap.diff new file mode 100644 index 00000000..d1025e43 --- /dev/null +++ b/patches/source/openssh/openssh-7.4p1-libwrap.diff @@ -0,0 +1,137 @@ +--- ./configure.ac.orig 2016-12-18 22:59:41.000000000 -0600 ++++ ./configure.ac 2016-12-23 12:58:04.200707728 -0600 +@@ -1467,6 +1467,62 @@ + ] + ) + ++# Check whether user wants TCP wrappers support ++TCPW_MSG="no" ++AC_ARG_WITH([tcp-wrappers], ++ [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)], ++ [ ++ if test "x$withval" != "xno" ; then ++ saved_LIBS="$LIBS" ++ saved_LDFLAGS="$LDFLAGS" ++ saved_CPPFLAGS="$CPPFLAGS" ++ if test -n "${withval}" && \ ++ test "x${withval}" != "xyes"; then ++ if test -d "${withval}/lib"; then ++ if test -n "${need_dash_r}"; then ++ LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" ++ else ++ LDFLAGS="-L${withval}/lib ${LDFLAGS}" ++ fi ++ else ++ if test -n "${need_dash_r}"; then ++ LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" ++ else ++ LDFLAGS="-L${withval} ${LDFLAGS}" ++ fi ++ fi ++ if test -d "${withval}/include"; then ++ CPPFLAGS="-I${withval}/include ${CPPFLAGS}" ++ else ++ CPPFLAGS="-I${withval} ${CPPFLAGS}" ++ fi ++ fi ++ LIBS="-lwrap -lnsl $LIBS" ++ AC_MSG_CHECKING([for libwrap]) ++ AC_LINK_IFELSE([AC_LANG_PROGRAM([[ ++#include <sys/types.h> ++#include <sys/socket.h> ++#include <netinet/in.h> ++#include <tcpd.h> ++int deny_severity = 0, allow_severity = 0; ++ ]], [[ ++ hosts_access(0); ++ ]])], [ ++ AC_MSG_RESULT([yes]) ++ AC_DEFINE([LIBWRAP], [1], ++ [Define if you want ++ TCP Wrappers support]) ++ SSHDLIBS="$SSHDLIBS -lwrap -lnsl" ++ TCPW_MSG="yes" ++ ], [ ++ AC_MSG_ERROR([*** libwrap missing]) ++ ++ ]) ++ LIBS="$saved_LIBS" ++ fi ++ ] ++) ++ + # Check whether user wants to use ldns + LDNS_MSG="no" + AC_ARG_WITH(ldns, +@@ -5081,6 +5137,7 @@ + echo " SELinux support: $SELINUX_MSG" + echo " Smartcard support: $SCARD_MSG" + echo " S/KEY support: $SKEY_MSG" ++echo " TCP Wrappers support: $TCPW_MSG" + echo " MD5 password support: $MD5_MSG" + echo " libedit support: $LIBEDIT_MSG" + echo " Solaris process contract support: $SPC_MSG" +--- ./sshd.c.orig 2016-12-18 22:59:41.000000000 -0600 ++++ ./sshd.c 2016-12-23 12:58:40.847710372 -0600 +@@ -123,6 +123,13 @@ + #include "version.h" + #include "ssherr.h" + ++#ifdef LIBWRAP ++#include <tcpd.h> ++#include <syslog.h> ++int allow_severity; ++int deny_severity; ++#endif /* LIBWRAP */ ++ + /* Re-exec fds */ + #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) + #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) +@@ -1971,6 +1978,24 @@ + #ifdef SSH_AUDIT_EVENTS + audit_connection_from(remote_ip, remote_port); + #endif ++#ifdef LIBWRAP ++ allow_severity = options.log_facility|LOG_INFO; ++ deny_severity = options.log_facility|LOG_WARNING; ++ /* Check whether logins are denied from this host. */ ++ if (packet_connection_is_on_socket()) { ++ struct request_info req; ++ ++ request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, 0); ++ fromhost(&req); ++ ++ if (!hosts_access(&req)) { ++ debug("Connection refused by tcp wrapper"); ++ refuse(&req); ++ /* NOTREACHED */ ++ fatal("libwrap refuse returns"); ++ } ++ } ++#endif /* LIBWRAP */ + + /* Log the connection. */ + laddr = get_local_ipaddr(sock_in); +--- ./sshd.8.orig 2016-12-18 22:59:41.000000000 -0600 ++++ ./sshd.8 2016-12-23 12:58:04.208707729 -0600 +@@ -825,6 +825,12 @@ + This file should be writable only by the user, and need not be + readable by anyone else. + .Pp ++.It Pa /etc/hosts.allow ++.It Pa /etc/hosts.deny ++Access controls that should be enforced by tcp-wrappers are defined here. ++Further details are described in ++.Xr hosts_access 5 . ++.Pp + .It Pa /etc/hosts.equiv + This file is for host-based authentication (see + .Xr ssh 1 ) . +@@ -929,6 +935,7 @@ + .Xr ssh-keygen 1 , + .Xr ssh-keyscan 1 , + .Xr chroot 2 , ++.Xr hosts_access 5 , + .Xr login.conf 5 , + .Xr moduli 5 , + .Xr sshd_config 5 , diff --git a/patches/source/openssh/openssh.CVE-2017-15906.patch b/patches/source/openssh/openssh.CVE-2017-15906.patch new file mode 100644 index 00000000..fdb963f7 --- /dev/null +++ b/patches/source/openssh/openssh.CVE-2017-15906.patch @@ -0,0 +1,19 @@ +--- ./sftp-server.c.orig 2016-12-18 22:59:41.000000000 -0600 ++++ ./sftp-server.c 2018-03-07 19:18:19.275984210 -0600 +@@ -1,4 +1,4 @@ +-/* $OpenBSD: sftp-server.c,v 1.110 2016/09/12 01:22:38 deraadt Exp $ */ ++/* $OpenBSD: sftp-server.c,v 1.111 2017/04/04 00:24:56 djm Exp $ */ + /* + * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. + * +@@ -691,8 +691,8 @@ + logit("open \"%s\" flags %s mode 0%o", + name, string_from_portable(pflags), mode); + if (readonly && +- ((flags & O_ACCMODE) == O_WRONLY || +- (flags & O_ACCMODE) == O_RDWR)) { ++ ((flags & O_ACCMODE) != O_RDONLY || ++ (flags & (O_CREAT|O_TRUNC)) != 0)) { + verbose("Refusing open request in read-only mode"); + status = SSH2_FX_PERMISSION_DENIED; + } else { diff --git a/patches/source/openssh/openssh.SlackBuild b/patches/source/openssh/openssh.SlackBuild new file mode 100755 index 00000000..7d673e3d --- /dev/null +++ b/patches/source/openssh/openssh.SlackBuild @@ -0,0 +1,169 @@ +#!/bin/sh + +# Copyright 2000 BSDi, Inc. Concord, CA, USA +# Copyright 2001, 2002, 2003, 2004 Slackware Linux, Inc. Concord, CA, USA +# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-openssh + +VERSION=${VERSION:-$(echo openssh-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.1} + +NUMJOBS=${NUMJOBS:--j6} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +elif [ "$ARCH" = "arm" ]; then + SLKCFLAGS="-O2 -march=armv4 -mtune=xscale" +elif [ "$ARCH" = "armel" ]; then + SLKCFLAGS="-O2 -march=armv4t" +else + SLKCFLAGS="-O2" +fi + +# Clean target location: +rm -rf $PKG +mkdir -p $PKG + +# Prepare the framework and extract the package: +cd $TMP +rm -rf $PKG openssh-$VERSION +tar xvf $CWD/openssh-$VERSION.tar.gz || tar xvf $CWD/openssh-$VERSION.tar.?z* || exit 1 +cd openssh-$VERSION +chown -R root:root . + +zcat $CWD/openssh.CVE-2017-15906.patch.gz | patch -p1 --verbose || exit 1 + +# Restore support for tcpwrappers: +zcat $CWD/openssh-7.4p1-libwrap.diff.gz | patch -p1 --verbose || exit 1 +autoreconf -vif + +# Compile package: +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --mandir=/usr/man \ + --sysconfdir=/etc/ssh \ + --without-pam \ + --with-md5-passwords \ + --with-tcp-wrappers \ + --with-default-path=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin \ + --with-privsep-path=/var/empty \ + --with-privsep-user=sshd \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 + +# Install the package: +make install DESTDIR=$PKG + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Install directory used with PrivilegeSeparation option: +mkdir -p $PKG/var/empty +chmod 755 $PKG/var/empty + +# Install docs: +mkdir -p $PKG/usr/doc/openssh-$VERSION +cp -a \ + CREDITS ChangeLog INSTALL LICENCE OVERVIEW \ + README README.privsep README.smartcard RFC.nroff TODO WARNING.RNG \ + $PKG/usr/doc/openssh-$VERSION +chmod 644 $PKG/usr/doc/openssh-$VERSION/* + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +# Install also 'ssh-copy-id' and its manpage from contrib: +( cd contrib + cp -a ssh-copy-id $PKG/usr/bin/ssh-copy-id + chmod 755 $PKG/usr/bin/ssh-copy-id + cat ssh-copy-id.1 | gzip -9c > $PKG/usr/man/man1/ssh-copy-id.1.gz +) + +( cd $PKG + + # Ditch the new host keys, since these have to be uniquely prepared on each machine: + rm -f etc/ssh/ssh_host_dsa_key + rm -f etc/ssh/ssh_host_dsa_key.pub + rm -f etc/ssh/ssh_host_rsa_key + rm -f etc/ssh/ssh_host_rsa_key.pub + rm -f etc/ssh/ssh_host_key + rm -f etc/ssh/ssh_host_key.pub + + # Set up the config script installation: + mv etc/ssh/ssh_config etc/ssh/ssh_config.new + mv etc/ssh/sshd_config etc/ssh/sshd_config.new + + # Add the init script: + mkdir -p etc/rc.d + cat $CWD/rc.sshd > etc/rc.d/rc.sshd.new + chmod 755 etc/rc.d/rc.sshd.new + + # Copy runtime installation files: + mkdir -p install + zcat $CWD/doinst.sh.gz > install/doinst.sh + cat $CWD/slack-desc > install/slack-desc +) + +# Create the package itself: +cd $PKG +/sbin/makepkg -l y -c n $TMP/openssh-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/openssh/rc.sshd b/patches/source/openssh/rc.sshd new file mode 100644 index 00000000..2da2ab30 --- /dev/null +++ b/patches/source/openssh/rc.sshd @@ -0,0 +1,59 @@ +#!/bin/sh +# Start/stop/restart the secure shell server: + +sshd_start() { + # Create host keys if needed. + if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then + /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' + fi + if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then + /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' + fi + if [ ! -f /etc/ssh/ssh_host_ecdsa_key ]; then + /usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' + fi + if [ ! -f /etc/ssh/ssh_host_ed25519_key ]; then + /usr/bin/ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N '' + fi + # Catch any new host key types not yet created above: + /usr/bin/ssh-keygen -A + # Start the sshd daemon: + /usr/sbin/sshd +} + +sshd_stop() { + killall sshd +} + +sshd_restart() { + if [ -r /var/run/sshd.pid ]; then + echo "WARNING: killing listener process only. To kill every sshd process, you must" + echo " use 'rc.sshd stop'. 'rc.sshd restart' kills only the parent sshd to" + echo " allow an admin logged in through sshd to use 'rc.sshd restart' without" + echo " being cut off. If sshd has been upgraded, new connections will now" + echo " use the new version, which should be a safe enough approach." + kill `cat /var/run/sshd.pid` + else + echo "WARNING: There does not appear to be a parent instance of sshd running." + echo " If you really want to kill all running instances of sshd (including" + echo " any sessions currently in use), run '/etc/rc.d/rc.sshd stop' instead." + exit 1 + fi + sleep 1 + sshd_start +} + +case "$1" in +'start') + sshd_start + ;; +'stop') + sshd_stop + ;; +'restart') + sshd_restart + ;; +*) + echo "usage $0 start|stop|restart" +esac + diff --git a/patches/source/openssh/slack-desc b/patches/source/openssh/slack-desc new file mode 100644 index 00000000..04277a72 --- /dev/null +++ b/patches/source/openssh/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +openssh: openssh (Secure Shell daemon and clients) +openssh: +openssh: ssh (Secure Shell) is a program for logging into a remote machine and +openssh: for executing commands on a remote machine. It is intended to replace +openssh: rlogin and rsh, and provide secure encrypted communications between +openssh: two untrusted hosts over an insecure network. sshd (SSH Daemon) is +openssh: the daemon program for ssh. OpenSSH is based on the last free version +openssh: of Tatu Ylonen's SSH, further enhanced and cleaned up by Aaron +openssh: Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt, and +openssh: Dug Song. It has a homepage at http://www.openssh.com/ +openssh: diff --git a/patches/source/openssl/certwatch b/patches/source/openssl/certwatch new file mode 100644 index 00000000..d52dc3dc --- /dev/null +++ b/patches/source/openssl/certwatch @@ -0,0 +1,130 @@ +#!/bin/sh +# +# Will check all certificates stored in $CERTDIR for their expiration date, +# and will display (if optional "stdout" argument is given), or mail a warning +# message to $MAILADDR (if script is executed without any parameter +# - unattended mode suitable for cron execution) for each particular certificate +# that is about to expire in time less to, or equal to $DAYS after this script +# has been executed, or if it has already expired. +# This stupid script (C) 2006,2007 Jan Rafaj + +########################## CONFIGURATION SECTION BEGIN ######################### +# Note: all settings are mandatory +# Warning will be sent if a certificate expires in time <= days given here +DAYS=7 +# E-mail address where to send warnings +MAILADDR=root +# Directory with certificates to check +CERTDIR=/etc/ssl/certs +# Directory where to keep state files if this script isnt executed with "stdout" +STATEDIR=/var/run +########################### CONFIGURATION SECTION END ########################## + +PATH=/bin:/usr/bin:/sbin:/usr/sbin +DAY_IN_SECS=$((60*60*24)) +DATE_CURRENT=$(date '+%s') + +usage() +{ + echo "Usage: $0 [stdout]" + echo + echo "Detailed description and configuration is embedded within the script." + exit 0 +} + +message() +{ + cat << EOF + WARNING: certificate $certfile + is about to expire in time equal to or less than $DAYS days from now on, + or has already expired - it might be a good idea to obtain/create new one. + +EOF +} + +message_mail() +{ + message + cat << EOF + NOTE: This message is being sent only once. + + A lock-file + $STATEDIR/certwatch-mailwarning-sent-$certfilebase + has been created, which will prevent this script from mailing you again + upon its subsequent executions by crond. You dont need to care about it; + the file will be auto-deleted as soon as you'll prolong your certificate. +EOF +} + +unset stdout +case $# in + 0) ;; + 1) if [ "$1" = "-h" -o "$1" == "--help" ]; then + usage + elif [ "$1" = "stdout" ]; then + stdout=1 + else + usage + fi + ;; + *) usage ;; +esac + +for dir in $STATEDIR $CERTDIR ; do + if [ ! -d $dir ]; then + echo "ERROR: directory $dir does not exist" + exit 1 + fi +done +for binary in basename date find grep mail openssl touch ; do + if [ ! \( -x /usr/bin/$binary -o -x /bin/$binary \) ]; then + echo "ERROR: /usr/bin/$binary not found" + exit 1 + fi +done + +find $CERTDIR -type f -maxdepth 1 | while read certfile ; do + if [ "$certfile" != "/etc/ssl/certs/ca-certificates.crt" ]; then + certfilebase="$(basename "$certfile")" + inform=PEM + echo "$certfile" | grep -q -i '\.net$' + if [ $? -eq 0 ]; then + # This is based purely on filename extension, so may give false results. + # But lets assume noone uses NET format certs today, ok? + continue + fi + echo "$certfile" | grep -q -i '\.der$' + if [ $? -eq 0 -o "$(file "$certfile" | egrep '(ASCII|PEM)')" == "" ]; then + inform=DER + fi + # We wont use '-checkend' since it is not properly documented (as of + # OpenSSL 0.9.8e). + DATE_CERT_EXPIRES=$(openssl x509 -in "$certfile" -inform $inform -noout -enddate | sed 's/^notAfter=//') + DATE_CERT_EXPIRES=$(date -d"$DATE_CERT_EXPIRES" +%s) + if [ $(($DATE_CERT_EXPIRES - $DATE_CURRENT)) -le $(($DAYS * $DAY_IN_SECS)) ] + then + if [ $stdout ]; then + message + else + if [ ! -f $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" ]; then + subject="$0: certificate $certfile expiration warning" + message_mail | mail -r "certwatch@$HOSTNAME" \ + -s "$subject" \ + $MAILADDR 2>/dev/null + # echo "Mail about expiring certificate $certfile sent to $MAILADDR." + # echo "If you need to send it again, please remove lock-file" + # echo "$STATEDIR/certwatch-mailwarning-sent-$certfilebase ." + # echo + fi + touch $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" + fi + else + if [ ! $stdout ]; then + if [ -f $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" ]; then + rm $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" + fi + fi + fi + fi +done + diff --git a/patches/source/openssl/doinst.sh-openssl b/patches/source/openssl/doinst.sh-openssl new file mode 100644 index 00000000..f73c5a51 --- /dev/null +++ b/patches/source/openssl/doinst.sh-openssl @@ -0,0 +1,15 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/ssl/openssl.cnf.new +config etc/cron.daily/certwatch.new +# If the admin has modified this in any way, no need to keep the sample. +rm -f etc/cron.daily/certwatch.new diff --git a/patches/source/openssl/doinst.sh-openssl-solibs b/patches/source/openssl/doinst.sh-openssl-solibs new file mode 100644 index 00000000..ed4fdfac --- /dev/null +++ b/patches/source/openssl/doinst.sh-openssl-solibs @@ -0,0 +1,12 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/ssl/openssl.cnf.new diff --git a/patches/source/openssl/openssl.SlackBuild b/patches/source/openssl/openssl.SlackBuild new file mode 100755 index 00000000..751873d7 --- /dev/null +++ b/patches/source/openssl/openssl.SlackBuild @@ -0,0 +1,199 @@ +#!/bin/sh + +# Copyright 2000 BSDi, Inc. Concord, CA, USA +# Copyright 2001, 2002 Slackware Linux, Inc. Concord, CA, USA +# Copyright 2005, 2006, 2007, 2008, 2009, 2010, 2012, 2016 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +VERSION=${VERSION:-$(echo openssl-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +PKG1=$TMP/package-openssl +PKG2=$TMP/package-ossllibs +NAME1=openssl-$VERSION-$ARCH-$BUILD +NAME2=openssl-solibs-$VERSION-$ARCH-$BUILD + +NUMJOBS=${NUMJOBS:--j6} + +# So that ls has the right field counts for parsing... +export LC_ALL=C + +cd $TMP +rm -rf $PKG1 $PKG2 openssl-$VERSION +tar xvf $CWD/openssl-$VERSION.tar.gz || exit 1 +cd openssl-$VERSION + +# Use .so.0, not .so.0.9.8: +zcat $CWD/openssl.soname.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit 1 +if [ "$ARCH" = "i486" ]; then + # Build with -march=i486 -mtune=i686: + zcat $CWD/openssl.optsx86.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit 1 + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +fi + +# Mitigate DROWN: +zcat $CWD/openssl.no.weak.sslv2.ciphers.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/openssl.no.weak.sslv3.ciphers.diff.gz | patch -p1 --verbose || exit 1 + +# OpenSSL has a (nasty?) habit of bumping the internal version number with +# every release. This wouldn't be so bad, but some applications are so +# paranoid that they won't run against a different OpenSSL version than +# what they were compiled against, whether or not the ABI has changed. +# +# So, we will use the OPENSSL_VERSION_NUMBER from openssl-0.9.8o unless ABI +# breakage forces it to change. Yes, we're finally using this old trick. :) +sed -i "s/#define OPENSSL_VERSION_NUMBER.*/\/* Use 0x009080efL (0.9.8o) below to avoid pointlessly breaking the ABI *\/\n#define OPENSSL_VERSION_NUMBER 0x009080efL/g" crypto/opensslv.h || exit 1 + +chown -R root:root . +mkdir -p $PKG1/usr/doc/openssl-$VERSION +cp -a CHANGES CHANGES.SSLeay FAQ INSTALL INSTALL.MacOS INSTALL.VMS INSTALL.W32 \ + LICENSE NEWS README README.ENGINE doc $PKG1/usr/doc/openssl-$VERSION +find $PKG1/usr/doc/openssl-$VERSION -type d -exec chmod 755 {} \; +find $PKG1/usr/doc/openssl-$VERSION -type f -exec chmod 644 {} \; + +# If there's a CHANGES file, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGES ]; then + DOCSDIR=$(echo $PKG1/usr/doc/*-$VERSION) + cat CHANGES | head -n 2000 > $DOCSDIR/CHANGES + touch -r CHANGES $DOCSDIR/CHANGES +fi + +# These are the known patent issues with OpenSSL: +# name # expires +# MDC-2: 4,908,861 2007-03-13, included. :-) +# IDEA: 5,214,703 2010-05-25, not included. +# RC5: 5,724,428 2015-03-03, not included. + +./config \ + --prefix=/usr \ + --openssldir=/etc/ssl \ + no-idea \ + no-rc5 \ + no-sse2 \ + shared + +make depend || exit 1 + +make $NUMJOBS || make || exit 1 + +make install INSTALL_PREFIX=$PKG1 || exit 1 + +# Use proper libdir: +( cd $PKG1/usr; mv lib lib${LIBDIRSUFFIX} ) + +# Make the .so.? library symlinks: +( cd $PKG1/usr/lib${LIBDIRSUFFIX} ; ldconfig -l lib*.so.* ) + +# Move libraries, as they might be needed by programs that bring a network +# mounted /usr online: + +mkdir $PKG1/lib${LIBDIRSUFFIX} +( cd $PKG1/usr/lib${LIBDIRSUFFIX} + for file in lib*.so.?.* ; do + mv $file ../../lib${LIBDIRSUFFIX} + ln -sf ../../lib${LIBDIRSUFFIX}/$file . + done + cp -a lib*.so.? ../../lib${LIBDIRSUFFIX} +) + +# Add a cron script to warn root if a certificate is going to expire soon: +mkdir -p $PKG1/etc/cron.daily +zcat $CWD/certwatch.gz > $PKG1/etc/cron.daily/certwatch.new +chmod 755 $PKG1/etc/cron.daily/certwatch.new + +mv $PKG1/etc/ssl/openssl.cnf $PKG1/etc/ssl/openssl.cnf.new + +( cd $PKG1 + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +mv $PKG1/etc/ssl/man $PKG1/usr +( cd $PKG1/usr/man/man1 ; mv passwd.1 ssl_passwd.1 ) +( cd $PKG1/usr/man/man3 ; mv rand.3 ssl_rand.3 ) +( cd $PKG1/usr/man/man3 ; mv err.3 ssl_err.3 ) +# Compress and symlink the man pages: +if [ -d $PKG1/usr/man ]; then + ( cd $PKG1/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +cd $PKG1 +chmod 755 usr/lib${LIBDIRSUFFIX}/pkgconfig +sed -i -e "s#lib\$#lib${LIBDIRSUFFIX}#" usr/lib${LIBDIRSUFFIX}/pkgconfig/*.pc +mkdir -p install +zcat $CWD/doinst.sh-openssl.gz > install/doinst.sh +cat $CWD/slack-desc.openssl > install/slack-desc +/sbin/makepkg -l y -c n $TMP/${NAME1}.txz + +# Make runtime package: +mkdir -p $PKG2/lib${LIBDIRSUFFIX} +( cd lib${LIBDIRSUFFIX} ; cp -a lib*.so.* $PKG2/lib${LIBDIRSUFFIX} ) +( cd $PKG2/lib${LIBDIRSUFFIX} ; ldconfig -l * ) +mkdir -p $PKG2/etc +( cd $PKG2/etc ; cp -a $PKG1/etc/ssl . ) +mkdir -p $PKG2/usr/doc/openssl-$VERSION +( cd $TMP/openssl-$VERSION + cp -a CHANGES CHANGES.SSLeay FAQ INSTALL INSTALL.MacOS INSTALL.VMS INSTALL.W32 \ + LICENSE NEWS README README.ENGINE $PKG2/usr/doc/openssl-$VERSION +) + +# If there's a CHANGES file, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGES ]; then + DOCSDIR=$(echo $PKG2/usr/doc/*-$VERSION) + cat CHANGES | head -n 2000 > $DOCSDIR/CHANGES + touch -r CHANGES $DOCSDIR/CHANGES +fi + +find $PKG2/usr/doc/openssl-$VERSION -type d -exec chmod 755 {} \; +find $PKG2/usr/doc/openssl-$VERSION -type f -exec chmod 644 {} \; +cd $PKG2 +mkdir -p install +zcat $CWD/doinst.sh-openssl-solibs.gz > install/doinst.sh +cat $CWD/slack-desc.openssl-solibs > install/slack-desc +/sbin/makepkg -l y -c n $TMP/${NAME2}.txz diff --git a/patches/source/openssl/openssl.no.weak.sslv2.ciphers.diff b/patches/source/openssl/openssl.no.weak.sslv2.ciphers.diff new file mode 100644 index 00000000..a7075ba4 --- /dev/null +++ b/patches/source/openssl/openssl.no.weak.sslv2.ciphers.diff @@ -0,0 +1,51 @@ +diff -u -r --new-file openssl-0.9.8zh.orig/ssl/s2_lib.c openssl-0.9.8zh/ssl/s2_lib.c +--- openssl-0.9.8zh.orig/ssl/s2_lib.c 2015-12-03 08:59:08.000000000 -0600 ++++ openssl-0.9.8zh/ssl/s2_lib.c 2016-03-01 18:29:20.998111828 -0600 +@@ -97,6 +97,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# if 0 + /* RC4_128_EXPORT40_WITH_MD5 */ + { + 1, +@@ -110,6 +111,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* RC2_128_CBC_WITH_MD5 */ + { + 1, +@@ -123,6 +125,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# if 0 + /* RC2_128_CBC_EXPORT40_WITH_MD5 */ + { + 1, +@@ -136,6 +139,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* IDEA_128_CBC_WITH_MD5 */ + # ifndef OPENSSL_NO_IDEA + { +@@ -151,6 +155,7 @@ + SSL_ALL_STRENGTHS, + }, + # endif ++# if 0 + /* DES_64_CBC_WITH_MD5 */ + { + 1, +@@ -164,6 +169,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* DES_192_EDE3_CBC_WITH_MD5 */ + { + 1, diff --git a/patches/source/openssl/openssl.no.weak.sslv3.ciphers.diff b/patches/source/openssl/openssl.no.weak.sslv3.ciphers.diff new file mode 100644 index 00000000..17326a56 --- /dev/null +++ b/patches/source/openssl/openssl.no.weak.sslv3.ciphers.diff @@ -0,0 +1,356 @@ +diff -u -r --new-file openssl-0.9.8zh.orig/ssl/s3_lib.c openssl-0.9.8zh/ssl/s3_lib.c +--- openssl-0.9.8zh.orig/ssl/s3_lib.c 2015-12-03 08:59:08.000000000 -0600 ++++ openssl-0.9.8zh/ssl/s3_lib.c 2016-03-01 18:42:26.295095103 -0600 +@@ -166,6 +166,7 @@ + SSL_ALL_STRENGTHS, + }, + /* Cipher 03 */ ++# if 0 + { + 1, + SSL3_TXT_RSA_RC4_40_MD5, +@@ -178,6 +179,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 04 */ + { + 1, +@@ -205,6 +207,7 @@ + SSL_ALL_STRENGTHS, + }, + /* Cipher 06 */ ++# if 0 + { + 1, + SSL3_TXT_RSA_RC2_40_MD5, +@@ -217,6 +220,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 07 */ + #ifndef OPENSSL_NO_IDEA + { +@@ -233,6 +237,7 @@ + }, + #endif + /* Cipher 08 */ ++# if 0 + { + 1, + SSL3_TXT_RSA_DES_40_CBC_SHA, +@@ -245,7 +250,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 09 */ ++# if 0 + { + 1, + SSL3_TXT_RSA_DES_64_CBC_SHA, +@@ -258,6 +265,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 0A */ + { + 1, +@@ -273,6 +281,7 @@ + }, + /* The DH ciphers */ + /* Cipher 0B */ ++# if 0 + { + 0, + SSL3_TXT_DH_DSS_DES_40_CBC_SHA, +@@ -285,7 +294,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 0C */ ++# if 0 + { + 0, + SSL3_TXT_DH_DSS_DES_64_CBC_SHA, +@@ -298,6 +309,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 0D */ + { + 0, +@@ -312,6 +324,7 @@ + SSL_ALL_STRENGTHS, + }, + /* Cipher 0E */ ++# if 0 + { + 0, + SSL3_TXT_DH_RSA_DES_40_CBC_SHA, +@@ -324,7 +337,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 0F */ ++# if 0 + { + 0, + SSL3_TXT_DH_RSA_DES_64_CBC_SHA, +@@ -337,6 +352,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 10 */ + { + 0, +@@ -353,6 +369,7 @@ + + /* The Ephemeral DH ciphers */ + /* Cipher 11 */ ++# if 0 + { + 1, + SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, +@@ -365,7 +382,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 12 */ ++# if 0 + { + 1, + SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, +@@ -378,6 +397,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 13 */ + { + 1, +@@ -392,6 +412,7 @@ + SSL_ALL_STRENGTHS, + }, + /* Cipher 14 */ ++# if 0 + { + 1, + SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, +@@ -404,7 +425,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 15 */ ++# if 0 + { + 1, + SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, +@@ -417,6 +440,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 16 */ + { + 1, +@@ -431,6 +455,7 @@ + SSL_ALL_STRENGTHS, + }, + /* Cipher 17 */ ++# if 0 + { + 1, + SSL3_TXT_ADH_RC4_40_MD5, +@@ -443,6 +468,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 18 */ + { + 1, +@@ -457,6 +483,7 @@ + SSL_ALL_STRENGTHS, + }, + /* Cipher 19 */ ++# if 0 + { + 1, + SSL3_TXT_ADH_DES_40_CBC_SHA, +@@ -469,7 +496,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 1A */ ++# if 0 + { + 1, + SSL3_TXT_ADH_DES_64_CBC_SHA, +@@ -482,6 +511,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 1B */ + { + 1, +@@ -543,6 +573,7 @@ + + #ifndef OPENSSL_NO_KRB5 + /* The Kerberos ciphers */ ++# if 0 + /* Cipher 1E */ + { + 1, +@@ -556,6 +587,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 1F */ + { +@@ -600,6 +632,7 @@ + }, + + /* Cipher 22 */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_DES_64_CBC_MD5, +@@ -612,6 +645,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 23 */ + { +@@ -656,6 +690,7 @@ + }, + + /* Cipher 26 */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_DES_40_CBC_SHA, +@@ -668,8 +703,10 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 27 */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_RC2_40_CBC_SHA, +@@ -682,8 +719,10 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 28 */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_RC4_40_SHA, +@@ -696,8 +735,10 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 29 */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_DES_40_CBC_MD5, +@@ -710,8 +751,10 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 2A */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_RC2_40_CBC_MD5, +@@ -724,8 +767,10 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 2B */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_RC4_40_MD5, +@@ -738,6 +783,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + #endif /* OPENSSL_NO_KRB5 */ + + /* New AES ciphersuites */ +@@ -1007,6 +1053,7 @@ + }, + # endif + /* Cipher 62 */ ++# if 0 + { + 1, + TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA, +@@ -1019,7 +1066,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 63 */ ++# if 0 + { + 1, + TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, +@@ -1032,7 +1081,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 64 */ ++# if 0 + { + 1, + TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA, +@@ -1045,7 +1096,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 65 */ ++# if 0 + { + 1, + TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, +@@ -1058,6 +1111,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 66 */ + { + 1, diff --git a/patches/source/openssl/openssl.optsx86.diff b/patches/source/openssl/openssl.optsx86.diff new file mode 100644 index 00000000..a1a289a2 --- /dev/null +++ b/patches/source/openssl/openssl.optsx86.diff @@ -0,0 +1,11 @@ +--- ./Configure.orig 2005-08-02 03:59:42.000000000 -0700 ++++ ./Configure 2005-10-12 20:04:43.000000000 -0700 +@@ -317,7 +317,7 @@ + "linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc32.o::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + #### IA-32 targets... + "linux-ia32-icc", "icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +-"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -mtune=i686 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}", + #### + "linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", diff --git a/patches/source/openssl/openssl.soname.diff b/patches/source/openssl/openssl.soname.diff new file mode 100644 index 00000000..f660e93b --- /dev/null +++ b/patches/source/openssl/openssl.soname.diff @@ -0,0 +1,11 @@ +--- ./Makefile.shared.orig 2005-06-23 13:47:54.000000000 -0700 ++++ ./Makefile.shared 2005-10-12 20:02:28.000000000 -0700 +@@ -151,7 +151,7 @@ + SHLIB_SUFFIX=; \ + ALLSYMSFLAGS='-Wl,--whole-archive'; \ + NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ +- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX" ++ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB.0" + + DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)" + diff --git a/patches/source/openssl/slack-desc.openssl b/patches/source/openssl/slack-desc.openssl new file mode 100644 index 00000000..57227c04 --- /dev/null +++ b/patches/source/openssl/slack-desc.openssl @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +openssl: openssl (Secure Sockets Layer toolkit) +openssl: +openssl: The OpenSSL certificate management tool and the shared libraries that +openssl: provide various encryption and decryption algorithms and protocols. +openssl: +openssl: This product includes software developed by the OpenSSL Project for +openssl: use in the OpenSSL Toolkit (http://www.openssl.org). This product +openssl: includes cryptographic software written by Eric Young +openssl: (eay@cryptsoft.com). This product includes software written by Tim +openssl: Hudson (tjh@cryptsoft.com). +openssl: diff --git a/patches/source/openssl/slack-desc.openssl-solibs b/patches/source/openssl/slack-desc.openssl-solibs new file mode 100644 index 00000000..f65bf12c --- /dev/null +++ b/patches/source/openssl/slack-desc.openssl-solibs @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +openssl-solibs: openssl-solibs (OpenSSL shared libraries) +openssl-solibs: +openssl-solibs: These shared libraries provide encryption routines required by +openssl-solibs: programs such as openssh. They are also used by KDE's Konqueror web +openssl-solibs: browser to provide secure web connections. +openssl-solibs: +openssl-solibs: This product includes software developed by the OpenSSL Project for +openssl-solibs: use in the OpenSSL Toolkit (http://www.openssl.org). This product +openssl-solibs: includes cryptographic software written by Eric Young +openssl-solibs: (eay@cryptsoft.com). This product includes software written by Tim +openssl-solibs: Hudson (tjh@cryptsoft.com). diff --git a/patches/source/openvpn/README b/patches/source/openvpn/README new file mode 100644 index 00000000..cf2c6602 --- /dev/null +++ b/patches/source/openvpn/README @@ -0,0 +1,26 @@ +OpenVPN is a full-featured SSL VPN which can accomodate a wide +range of configurations, including remote access, site-to-site VPNs, +WiFi security, and enterprise-scale remote access with load +balancing, failover, and fine-grained access-controls. + +OpenVPN implements OSI layer 2 or 3 secure network extension using the +industry standard SSL/TLS protocol, supports flexible client +authentication methods based on certificates, smart cards, and/or +2-factor authentication, and allows user or group-specific access +control policies using firewall rules applied to the VPN virtual +interface. + +This build of OpenVPN depends upon having openssl (not just +openssl-solibs) and lzo installed on your computer. + +Please note that there is no default config file for OpenVPN. This is +by design. OpenVPN can technically use any config file in any location. +However, this script does create an /etc/openvpn/ directory with certs/ +and keys/ subdirectories. Feel free to place config files, keys, and +certificates in these directories. certs/ and keys/ are owned by user +root and group nobody and are not world readable nor writable. +Additionally, they are not writable by group nobody. It is recommended +that you run openvpn nobody:nobody, but you may use another +non-privilaged user and group at your option. Just change the +permissions on these permissions to reflect that if you do. + diff --git a/patches/source/openvpn/doinst.sh b/patches/source/openvpn/doinst.sh new file mode 100644 index 00000000..4b9b133a --- /dev/null +++ b/patches/source/openvpn/doinst.sh @@ -0,0 +1,25 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +preserve_perms() { + NEW="$1" + OLD="$(dirname ${NEW})/$(basename ${NEW} .new)" + if [ -e ${OLD} ]; then + cp -a ${OLD} ${NEW}.incoming + cat ${NEW} > ${NEW}.incoming + mv ${NEW}.incoming ${NEW} + fi + config ${NEW} +} + +preserve_perms etc/rc.d/rc.openvpn.new + diff --git a/patches/source/openvpn/openvpn.SlackBuild b/patches/source/openvpn/openvpn.SlackBuild new file mode 100755 index 00000000..477ac99a --- /dev/null +++ b/patches/source/openvpn/openvpn.SlackBuild @@ -0,0 +1,169 @@ +#!/bin/bash + +# Copyright 2006, Alan Hicks, Lizella, GA +# Copyright 2008, 2009, 2010, 2011, 2013, 2016, 2018 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +cd $(dirname $0) ; CWD=$(pwd) + +PKGNAM=openvpn +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz" + exit 0 +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 + +# Fix ownership and permissions inside the source tarball. +# It's appalling how many projects have 777 permissions or +# even suid, sgid, and sticky bits set on things. +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc/openvpn \ + --localstatedir=/var \ + --mandir=/usr/man \ + --docdir=/usr/doc/openvpn-${VERSION} \ + --enable-lzo \ + --enable-iproute2 \ + --disable-plugin-auth-pam \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install-strip DESTDIR=$PKG || exit 1 + +# Create a decent config directory. openvpn doesn't have one by +# default, nor does it have a single config file. +mkdir -p $PKG/etc/openvpn/{certs,keys} +chown root:nobody $PKG/etc/openvpn/{certs,keys} +chmod 750 $PKG/etc/openvpn/{certs,keys} + +# Install a startup script: +mkdir -p $PKG/etc/rc.d +cp -a $CWD/rc.openvpn $PKG/etc/rc.d/rc.openvpn.new +chmod 644 $PKG/etc/rc.d/rc.openvpn.new +chown root:root $PKG/etc/rc.d/rc.openvpn.new + +# Let folks know about the other configs, if they haven't found them. +# They might even find the documentation there useful. ;-) +cat << EOF > $PKG/etc/openvpn/README.TXT +One or more OpenVPN config files should be installed in this directory +as files ending in ".conf" (i.e. client.conf, server.conf, etc.). + +Have a look in sample-config-files for some more examples of how to +configure OpenVPN. + +To start OpenVPN, use this command as root: +sh /etc/rc.d/rc.openvpn start + +To make OpenVPN start automatically at boot, change the script permissions: +chmod 755 /etc/rc.d/rc.openvpn + +See "man openvpn" and the other docs for more information. +EOF + +# Add a link, too: +( cd $PKG/etc/openvpn + ln -sf /usr/doc/$PKGNAM-$VERSION/sample-config-files . +) + +if [ -d $PKG/usr/man ]; then +( cd $PKG/usr/man + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +) +fi + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a AUTHORS COPYING* COPYRIGHT* INSTALL* \ + NEWS PORTS README* sample/sample-config-files sample/sample-keys sample/sample-scripts \ + $PKG/usr/doc/$PKGNAM-$VERSION + +# Install a reasonably generic sample config file: +# (put this in with the other samples) +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files +cp -a $CWD/slackware.conf $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files +chown root:root $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files/slackware.conf +chmod 644 $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files/slackware.conf + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/openvpn/openvpn.url b/patches/source/openvpn/openvpn.url new file mode 100644 index 00000000..4c476d87 --- /dev/null +++ b/patches/source/openvpn/openvpn.url @@ -0,0 +1,2 @@ +https://swupdate.openvpn.org/community/releases/openvpn-2.4.6.tar.xz +https://swupdate.openvpn.org/community/releases/openvpn-2.4.6.tar.xz.asc diff --git a/patches/source/openvpn/rc.openvpn b/patches/source/openvpn/rc.openvpn new file mode 100644 index 00000000..86f31922 --- /dev/null +++ b/patches/source/openvpn/rc.openvpn @@ -0,0 +1,111 @@ +#!/bin/sh +# +# /etc/rc.d/rc.openvpn +# +# Start/stop/restart the openvpn daemon. +# +# By default, this script will start/stop/restart a daemon for every *.conf +# file found in /etc/openvpn. +# +# To work with a single connection, add the name of the config file: +# /etc/rc.d/rc.openvpn start configfile.conf +# +# You may also use a config file not found in /etc/openvpn by providing a +# complete path: +# /etc/rc.d/rc.openvpn start /path/to/some/other/configfile.conf +# +# The name of a config file provided with a complete path should not match +# the name of any config file present in the /etc/openvpn directory. + +ovpn_start() { + if [ -x /usr/sbin/openvpn ]; then + if [ -z "$1" ]; then # start OpenVPN for all config files: + if /bin/ls /etc/openvpn/*.conf 1> /dev/null 2> /dev/null ; then + for config in /etc/openvpn/*.conf ; do + echo "Starting OpenVPN: /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $config).pid --user nobody --group nobody --config $config" + /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $config).pid --user nobody --group nobody --config $config + done + else + echo "Unable to start OpenVPN - no .conf files found in /etc/openvpn/." + fi + else # start OpenVPN for one config file: + if [ -r "$1" ]; then + echo "Starting OpenVPN: /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $1).pid --user nobody --group nobody --config $1" + /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $1).pid --user nobody --group nobody --config $1 + else # config file is missing: + echo "Error starting OpenVPN: config file $1 is missing." + fi + fi + fi +} + +ovpn_stop() { + # Note: OpenVPN has a bad habit of leaving stale pid files around when exiting. + # Maybe it would be better to just use killall unless called for one config? + if [ -z "$1" ]; then # stop OpenVPN for all pid files: + if /bin/ls /run/openvpn/*.pid 1> /dev/null 2> /dev/null ; then + for pid in /run/openvpn/*.pid ; do + echo "Stopping OpenVPN for pid file $pid..." + kill $(cat $pid) + rm -f $pid + done + else + echo "Warning: no pid files found in /run/openvpn/. Using killall to stop any OpenVPN processes." + killall openvpn + fi + else # stop OpenVPN for one config file: + if [ -r /run/openvpn/$(basename ${1}).pid ]; then + echo "Stopping OpenVPN for config file ${1}..." + kill $(cat /run/openvpn/$(basename ${1}).pid) + rm -f /run/openvpn/$(basename ${1}).pid + else + echo "Error stopping OpenVPN: no such pid file /run/openvpn/$(basename ${1}).pid" + fi + fi +} + +ovpn_restart() { + if [ ! -z "$1" ]; then # restart for all config files: + ovpn_stop + sleep 2 + ovpn_start + else # restart for one config file only: + ovpn_stop $1 + sleep 2 + ovpn_start $1 + fi +} + +ovpn_status() { + if /bin/ls /run/openvpn/*.pid 1> /dev/null 2> /dev/null ; then + echo "Currently running OpenVPN processes according to .pid files in /run/openvpn:" + for pid in /run/openvpn/*.pid ; do + echo " $(basename $pid) ($(cat $pid))" + done + else + echo "No .pid files found in /run/openvpn." + fi +} + +# Create PID directory if it doesn't exist: +if [ ! -d /run/openvpn ]; then + mkdir -p /run/openvpn +fi + +case "$1" in +'start') + ovpn_start $2 + ;; +'stop') + ovpn_stop $2 + ;; +'restart') + ovpn_restart $2 + ;; +'status') + ovpn_status + ;; +*) + echo "Usage: $0 {start|stop|restart}" +esac + diff --git a/patches/source/openvpn/slack-desc b/patches/source/openvpn/slack-desc new file mode 100644 index 00000000..7ffd6167 --- /dev/null +++ b/patches/source/openvpn/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +openvpn: openvpn (secure IP tunnel daemon) +openvpn: +openvpn: OpenVPN is a full-featured SSL VPN which can accommodate a wide range +openvpn: of configurations, including remote access, site-to-site VPNs, WiFi +openvpn: security, and enterprise-scale remote access with load balancing, +openvpn: failover, and fine-grained access-controls. +openvpn: +openvpn: OpenVPN's home on the net is: http://openvpn.net +openvpn: +openvpn: +openvpn: diff --git a/patches/source/openvpn/slackware.conf b/patches/source/openvpn/slackware.conf new file mode 100644 index 00000000..4314b544 --- /dev/null +++ b/patches/source/openvpn/slackware.conf @@ -0,0 +1,178 @@ +# openvpn.conf.sample +# +# This is a sample configuration file for OpenVPN. +# Not all options are listed here; you can find good documentation +# about all of the options in OpenVPN's manual page - openvpn(8). +# +# You can make a P-t-P connection by creating a shared key, +# copying this key to other hosts in your network, and changing +# the IP addresses in this file. +# +# Commented options are provided for some typical configurations + +# Change the "search" path to /etc/openvpn +# All files referenced in this configuration will be relative to +# whatever directory is specified here - we default to /etc/openvpn +cd /etc/openvpn + +# If running as a server, which local IP address should OpenVPN +# listen on? Specify this as either a hostname or IP address. If +# this is left blank, OpenVPN will default to listening on all +# interfaces. +#local a.b.c.d + +# This option defines the IP or DNS name of the other side of your VPN +# connection. This option is needed if you are making client or P-t-P +# connections. If you are the server, use "local" instead. This may +# be specified as a domain name or IP address. +#remote vpn.server.org + +# This option defins the protocol to use. Valid options are: +# udp, tcp-server, or tcp-client. Default is udp, and generally +# speaking, tcp is a bad idea. +proto udp + +# This option defines the port on which your server will be listening +# or trying to connect. The default is 1194 +port 1194 + +# This option defines whether to use LZO compression. +# If enabled, it must be enabled at both ends of the VPN connection. +#comp-lzo + +# Debug level (default 1) +#verb 3 + +# VPN logfile location +# If you don't specify a location here, logging will be done through +# syslogd and write to /var/log/messages +log-append /var/log/openvpn.log + +# If you want to use OpenVPN as a daemon, uncomment this line. +# Generally speaking, servers should run OpenVPN as a daemon +# and clients should not. +#daemon + +# Device type to use, you can choose between tun or tap. +# TUN is the most common option. If you have multiple connections, +# it is a good idea to bind each connection to a separate TUN/TAP +# interface using tunX/tapX, where X is the number of each interface. +dev tun + +# This option prevents OpenVPN from closing and re-opening the tun/tap +# device every time it receives a SIGUSR1 signal +#persist-tun + +# This is similar to the previous option, but it prevents OpenVPN from +# re-reading the key files every time +#persist-key + +# If you are using a client-server architecture, you need to specify the +# role of your computer in your VPN network. To use one of these options, +# you need to configure TLS options too. +# +# To use the "server" option, you must specify a network subnet such +# as 172.16.1.0 255.255.255.0. The first number is the network, the +# second is the netmask. OpenVPN will take the first available IP +# for itself (in our example, 172.16.1.1) and the rest will be +# given to connecting clients dynamically. +# +# Leave these commented out if you are using OpenVPN in bridging mode. +# +#server 10.1.2.0 255.255.255.0 +#client + +# This option defines a file with IP address to client mapping. +# This is useful in general, and necessary if clients use persist-tun. +#ifconfig-pool-persist ips.txt + +# Enable this option if you want clients connected to this VPN to be +# able to talk directly to each other +#client-to-client + +# This option defines the directory in which configuration files for clients +# will reside. With individual files you can make each client get different +# options using "push" parameters +#client-config-dir ccd + +# If you are using P-t-P, you need to specify the IP addresses at both ends +# of your VPN connection. The IP addresses are reversed at the other side. +# +# You can use this to specify client IP addresses in ccd files (on server) +# or directly in client configuration +#ifconfig 10.1.2.1 10.1.2.2 + +# You can set routes to specific networks. In the sample below, "vpn_gateway" +# is an internal OpenVPN alias to your VPN gateway - leave it as is. +# This will enable you to talk with the networks behind your VPN server. +# Multiple routes can be specified. +# +# +------------+ <eth>-<tun> <tun>-<eth> +------------+ +# | Network1 |---| VPN1 |--[10.1.2.0/24]--| VPN2 |---| Network2 | +# +------------+ +------+ +------+ +------------+ +# 192.168.0.0/24 192.168.2.0/24 +# +# The sample below shows how VPN1 server can reach Network2 +#route 192.168.2.0 255.255.255.0 vpn_gateway + +# You can send clients many network configuration options using the +# "push" directive and sending commands. +# Multiple "push" directives can be used. You should only put global +# "push" directives here. You can "push" different options to +# different clients in per-client configuration files. See +# "client-config-dir" above. +# +# Using the same network configuration that you see above, the route statment +# here allows VPN2 to reach Network1 +#push "route-delay 2 600" +#push "route 192.168.2.0 255.255.255.0 vpn_gateway" +#push "persist-key" + +# This option sets the encryption algorithm to use in the VPN connection. +# Available options are: +# DES-CBC, RC2-CBC, DES-EDE-CBC, DES-EDE3-CBC, +# DESX-CBC, BF-CBC, RC2-40-CBC, CAST5-CBC, +# RC2-64-CBC, AES-128-CBC, AES-192-CBC and AES-256-CBC +cipher BF-CBC + +# Shared Key Connection +# --------------------- +# Secret is one shared key between the hosts that want to connect through VPNs. +# Without secret or TLS options, your data will not be encrypted. +# +# To generate an encryption key do: +# openvpn --genkey --secret /etc/openvpn/keys/shared.key +# +# Do the above on one host and copy it to the others +secret keys/shared.key + +# TLS Connections +# --------------- +# TLS must be used if you use option "server" or "client" +# The basic idea there is: You have one Certificate Authority, and all +# machines in your VPN network need to have individual certificates and +# keys signed by Certificate Authority. This means each client can +# have its own key, making it easier to revoke a key without copying +# a shared secret key to every client. +# +# Inside the /usr/doc/openvpn-$VERSION documentation directory, you can +# find "easy-rsa" scripts to make certificate and key management easier. + +# Certificate Authority file +# This file must be identical on all hosts that connect to your VPN +#ca certs/ca.crt + +# If you are the server, you need to specify some Diffie Hellman parameters. +# OpenVPN provides some sample .pem files in documentation directory +#dh my-dh.pem + +# Certificate and Key signed by Certificate Authority +# Each machine needs to have their own unique certificate +#cert certs/machine.cert +#key keys/machine.key + +# To prevent some DoS attacks we can add another authentication layer in the +# TLS control channel. This needs to be enabled at both ends to work +# client uses the value 1; server uses the value 0 +#tls-auth keys/shared.key 0 + diff --git a/patches/source/patch/0001-Refuse-to-apply-ed-scripts-by-default.patch b/patches/source/patch/0001-Refuse-to-apply-ed-scripts-by-default.patch new file mode 100644 index 00000000..46d9fcf5 --- /dev/null +++ b/patches/source/patch/0001-Refuse-to-apply-ed-scripts-by-default.patch @@ -0,0 +1,79 @@ +From 5046e5605cf7420d9a11de49bd9fe4851a4ca1d2 Mon Sep 17 00:00:00 2001 +From: Saleem Rashid <dev@saleemrashid.com> +Date: Thu, 5 Apr 2018 22:48:25 +0100 +Subject: [PATCH] Refuse to apply ed scripts by default + +* src/patch.c, src/pch.c: Warn that ed scripts are potentially +dangerous, unless patch is invoked with --force + +This fixes an issue where ed scripts could be included in a patch, executing +arbitrary shell commands without the user's knowledge. + +Original bug report: +https://savannah.gnu.org/bugs/index.php?53566 +--- + src/patch.c | 13 +++++++++++-- + src/pch.c | 11 +++++++++++ + 6 files changed, 62 insertions(+), 5 deletions(-) + +diff --git a/src/patch.c b/src/patch.c +index 0fe6d72..e14a9c4 100644 +--- a/src/patch.c ++++ b/src/patch.c +@@ -781,7 +781,7 @@ static char const *const option_help[] = + " -l --ignore-whitespace Ignore white space changes between patch and input.", + "", + " -c --context Interpret the patch as a context difference.", +-" -e --ed Interpret the patch as an ed script.", ++" -e --ed Interpret the patch as a potentially dangerous ed script. This could allow arbitrary command execution!", + " -n --normal Interpret the patch as a normal difference.", + " -u --unified Interpret the patch as a unified difference.", + "", +@@ -825,7 +825,7 @@ static char const *const option_help[] = + "Miscellaneous options:", + "", + " -t --batch Ask no questions; skip bad-Prereq patches; assume reversed.", +-" -f --force Like -t, but ignore bad-Prereq patches, and assume unreversed.", ++" -f --force Like -t, but ignore bad-Prereq patches, apply potentially dangerous ed scripts, and assume unreversed.", + " -s --quiet --silent Work silently unless an error occurs.", + " --verbose Output extra information about the work being done.", + " --dry-run Do not actually change any files; just print what would happen.", +@@ -1068,6 +1068,15 @@ get_some_switches (void) + } + } + ++ if (! force && diff_type == ED_DIFF) ++ { ++ ask ("Apply potentially dangerous ed script? This could allow arbitrary command execution! [n] "); ++ if (*buf != 'y') ++ { ++ fatal ("Refusing to apply potentially dangerous ed script."); ++ } ++ } ++ + /* Process any filename args. */ + if (optind < Argc) + { +diff --git a/src/pch.c b/src/pch.c +index bc6278c..ab34dd4 100644 +--- a/src/pch.c ++++ b/src/pch.c +@@ -1001,6 +1001,17 @@ intuit_diff_type (bool need_header, mode_t *p_file_type) + instat = st[i]; + } + ++ if (! force && retval == ED_DIFF) ++ { ++ ask ("Apply potentially dangerous ed script? This could allow arbitrary command execution! [n] "); ++ if (*buf != 'y') ++ { ++ if (verbosity != SILENT) ++ say ("Skipping potentially dangerous ed script.\n"); ++ skip_rest_of_patch = true; ++ } ++ } ++ + return retval; + } + + diff --git a/patches/source/patch/patch.SlackBuild b/patches/source/patch/patch.SlackBuild new file mode 100755 index 00000000..5d170d41 --- /dev/null +++ b/patches/source/patch/patch.SlackBuild @@ -0,0 +1,119 @@ +#!/bin/sh + +# Copyright 2005-2009, 2010, 2012, 2015 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=patch +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-patch + +rm -rf $PKG +mkdir -p $TMP $PKG + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +cd $TMP +rm -rf patch-${VERSION} +tar xvf $CWD/patch-${VERSION}.tar.xz || exit 1 +cd patch-${VERSION} || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Patch CVE-2018-1000156, arbitrary shell command execution by (obsolete) +# ed patch format: +zcat $CWD/0001-Refuse-to-apply-ed-scripts-by-default.patch.gz | patch -p1 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --mandir=/usr/man \ + --build=$ARCH-slackware-linux + +make -j4 || make || exit 1 +make install DESTDIR=$PKG + +# Strip everything for good measure: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/patch-${VERSION} +cp -a \ + AUTHORS COPYING* NEWS README* \ + $PKG/usr/doc/patch-${VERSION} + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +makepkg -l y -c n $TMP/patch-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/patch/slack-desc b/patches/source/patch/slack-desc new file mode 100644 index 00000000..5ddba89b --- /dev/null +++ b/patches/source/patch/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +patch: patch (apply a diff file to an original file or files) +patch: +patch: Patch is a utility used to apply diffs (or patches) to files, which +patch: are usually source code. +patch: +patch: Larry Wall wrote the original version of patch. Paul Eggert removed +patch: patch's arbitrary limits; added support for binary files, setting +patch: file times, and deleting files; and made it conform better to POSIX. +patch: Other contributors include Wayne Davison, who added unidiff support, +patch: and David MacKenzie, who added configuration and backup support. +patch: diff --git a/patches/source/perl/10_hash.t b/patches/source/perl/10_hash.t new file mode 100644 index 00000000..e051528b --- /dev/null +++ b/patches/source/perl/10_hash.t @@ -0,0 +1,38 @@ +X-Git-Url: http://perl5.git.perl.org/perl.git/blobdiff_plain/ca8de220718ba91d5a5fdd9779497cd5b0250258..f14269908e5f8b4cab4b55643d7dd9de577e7918:/ext/Hash-Util-FieldHash/t/10_hash.t + +diff --git a/ext/Hash-Util-FieldHash/t/10_hash.t b/ext/Hash-Util-FieldHash/t/10_hash.t +index 29c2f4d..c266b6a 100644 +--- a/ext/Hash-Util-FieldHash/t/10_hash.t ++++ b/ext/Hash-Util-FieldHash/t/10_hash.t +@@ -46,15 +46,29 @@ use constant START => "a"; + + # some initial hash data + fieldhash my %h2; +-%h2 = map {$_ => 1} 'a'..'cc'; ++my $counter= "a"; ++$h2{$counter++}++ while $counter ne 'cd'; + + ok (!Internals::HvREHASH(%h2), + "starting with pre-populated non-pathological hash (rehash flag if off)"); + + my @keys = get_keys(\%h2); ++my $buckets= buckets(\%h2); + $h2{$_}++ for @keys; ++$h2{$counter++}++ while buckets(\%h2) == $buckets; # force a split + ok (Internals::HvREHASH(%h2), +- scalar(@keys) . " colliding into the same bucket keys are triggering rehash"); ++ scalar(@keys) . " colliding into the same bucket keys are triggering rehash after split"); ++ ++# returns the number of buckets in a hash ++sub buckets { ++ my $hr = shift; ++ my $keys_buckets= scalar(%$hr); ++ if ($keys_buckets=~m!/([0-9]+)\z!) { ++ return 0+$1; ++ } else { ++ return 8; ++ } ++} + + sub get_keys { + my $hr = shift; diff --git a/patches/source/perl/hash.t b/patches/source/perl/hash.t new file mode 100644 index 00000000..6d6d61eb --- /dev/null +++ b/patches/source/perl/hash.t @@ -0,0 +1,46 @@ +X-Git-Url: http://perl5.git.perl.org/perl.git/blobdiff_plain/ca8de220718ba91d5a5fdd9779497cd5b0250258..f14269908e5f8b4cab4b55643d7dd9de577e7918:/t/op/hash.t + +diff --git a/t/op/hash.t b/t/op/hash.t +index 9bde518..45eb782 100644 +--- a/t/op/hash.t ++++ b/t/op/hash.t +@@ -39,22 +39,36 @@ use constant THRESHOLD => 14; + use constant START => "a"; + + # some initial hash data +-my %h2 = map {$_ => 1} 'a'..'cc'; ++my %h2; ++my $counter= "a"; ++$h2{$counter++}++ while $counter ne 'cd'; + + ok (!Internals::HvREHASH(%h2), + "starting with pre-populated non-pathological hash (rehash flag if off)"); + + my @keys = get_keys(\%h2); ++my $buckets= buckets(\%h2); + $h2{$_}++ for @keys; ++$h2{$counter++}++ while buckets(\%h2) == $buckets; # force a split + ok (Internals::HvREHASH(%h2), +- scalar(@keys) . " colliding into the same bucket keys are triggering rehash"); ++ scalar(@keys) . " colliding into the same bucket keys are triggering rehash after split"); ++ ++# returns the number of buckets in a hash ++sub buckets { ++ my $hr = shift; ++ my $keys_buckets= scalar(%$hr); ++ if ($keys_buckets=~m!/([0-9]+)\z!) { ++ return 0+$1; ++ } else { ++ return 8; ++ } ++} + + sub get_keys { + my $hr = shift; + + # the minimum of bits required to mount the attack on a hash + my $min_bits = log(THRESHOLD)/log(2); +- + # if the hash has already been populated with a significant amount + # of entries the number of mask bits can be higher + my $keys = scalar keys %$hr; diff --git a/patches/source/perl/hv.c b/patches/source/perl/hv.c new file mode 100644 index 00000000..71819e9b --- /dev/null +++ b/patches/source/perl/hv.c @@ -0,0 +1,61 @@ +X-Git-Url: http://perl5.git.perl.org/perl.git/blobdiff_plain/ca8de220718ba91d5a5fdd9779497cd5b0250258..f14269908e5f8b4cab4b55643d7dd9de577e7918:/hv.c + +diff --git a/hv.c b/hv.c +index 5d0f2f8..6bfedd5 100644 +--- a/hv.c ++++ b/hv.c +@@ -35,7 +35,8 @@ holds the key and hash value. + #define PERL_HASH_INTERNAL_ACCESS + #include "perl.h" + +-#define HV_MAX_LENGTH_BEFORE_SPLIT 14 ++#define HV_MAX_LENGTH_BEFORE_REHASH 14 ++#define SHOULD_DO_HSPLIT(xhv) ((xhv)->xhv_keys > (xhv)->xhv_max) /* HvTOTALKEYS(hv) > HvMAX(hv) */ + + static const char S_strtab_error[] + = "Cannot modify shared string table in hv_%s"; +@@ -818,23 +819,8 @@ Perl_hv_common(pTHX_ HV *hv, SV *keysv, const char *key, STRLEN klen, + xhv->xhv_keys++; /* HvTOTALKEYS(hv)++ */ + if (!counter) { /* initial entry? */ + xhv->xhv_fill++; /* HvFILL(hv)++ */ +- } else if (xhv->xhv_keys > (IV)xhv->xhv_max) { ++ } else if ( SHOULD_DO_HSPLIT(xhv) ) { + hsplit(hv); +- } else if(!HvREHASH(hv)) { +- U32 n_links = 1; +- +- while ((counter = HeNEXT(counter))) +- n_links++; +- +- if (n_links > HV_MAX_LENGTH_BEFORE_SPLIT) { +- /* Use only the old HvKEYS(hv) > HvMAX(hv) condition to limit +- bucket splits on a rehashed hash, as we're not going to +- split it again, and if someone is lucky (evil) enough to +- get all the keys in one list they could exhaust our memory +- as we repeatedly double the number of buckets on every +- entry. Linear search feels a less worse thing to do. */ +- hsplit(hv); +- } + } + } + +@@ -1180,7 +1166,7 @@ S_hsplit(pTHX_ HV *hv) + + + /* Pick your policy for "hashing isn't working" here: */ +- if (longest_chain <= HV_MAX_LENGTH_BEFORE_SPLIT /* split worked? */ ++ if (longest_chain <= HV_MAX_LENGTH_BEFORE_REHASH /* split worked? */ + || HvREHASH(hv)) { + return; + } +@@ -2506,8 +2492,8 @@ S_share_hek_flags(pTHX_ const char *str, I32 len, register U32 hash, int flags) + xhv->xhv_keys++; /* HvTOTALKEYS(hv)++ */ + if (!next) { /* initial entry? */ + xhv->xhv_fill++; /* HvFILL(hv)++ */ +- } else if (xhv->xhv_keys > (IV)xhv->xhv_max /* HvKEYS(hv) > HvMAX(hv) */) { +- hsplit(PL_strtab); ++ } else if ( SHOULD_DO_HSPLIT(xhv) ) { ++ hsplit(PL_strtab); + } + } + diff --git a/patches/source/perl/perl.SlackBuild b/patches/source/perl/perl.SlackBuild new file mode 100755 index 00000000..15fe8a20 --- /dev/null +++ b/patches/source/perl/perl.SlackBuild @@ -0,0 +1,296 @@ +#!/bin/sh + +# Copyright 2009 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +# originally by: David Cantrell <david@slackware.com> +# maintained by: <volkerdi@slackware.com> + +VERSION=5.10.1 +# IMPORTANT: also update -Dinc_version_list in ./configure below! + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi +BUILD=${BUILD:-2_slack13.1} + +NUMJOBS=${NUMJOBS:--j6} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-perl + +# Additional required modules: +DBDMYSQL=4.013 +DBI=1.609 +URI=1.40 +XMLPARSER=2.36 +XMLSIMPLE=2.18 + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +if [ -x /usr/bin/perl ]; then + echo "Perl detected." + echo + echo "It's a good idea to remove your existing perl first." + echo + sleep 15 +fi + +# Clear build location: +rm -rf $PKG +mkdir -p $PKG + +# Extract the source code: +cd $TMP +rm -rf perl-$VERSION +tar xvf $CWD/perl-$VERSION.tar.?z* || exit 1 + +# Change into the source directory: +cd perl-$VERSION + +zcat $CWD/10_hash.t.gz | patch -p1 --verbose || exit 1 +zcat $CWD/hash.t.gz | patch -p1 --verbose || exit 1 +zcat $CWD/hv.c.gz | patch -p1 --verbose || exit 1 + +# Adjust owner/perms to standard values: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# If after all this time you still don't trust threads, comment +# out the variable below: +# +USE_THREADS="-Dusethreads -Duseithreads" + +if [ "$ARCH" = "x86_64" ]; then # adopted from "Cross Linux From Scratch" + # Configure must be told to also use lib64: + zcat $CWD/perl.configure.multilib.patch.gz | patch -p1 --verbose || exit 1 + # "perl -V" should report that libc is in /lib64 + sed -i -e '/libc/s#/lib/#/lib64/#' hints/linux.sh + # make perl use lib64: + echo 'installstyle="lib64/perl5"' >>hints/linux.sh +fi + +# We no longer include suidperl. To quote the INSTALL file: +# +# Because of the buggy history of suidperl, and the difficulty +# of properly security auditing as large and complex piece of +# software as Perl, we cannot recommend using suidperl and the feature +# should be considered deprecated. +# Instead use for example 'sudo': http://www.courtesan.com/sudo/ + +# Configure perl: +./Configure -de \ + -Dprefix=/usr \ + -Dvendorprefix=/usr \ + -Dcccdlflags='-fPIC' \ + -Dinstallprefix=/usr \ + -Dlibpth="/usr/local/lib${LIBDIRSUFFIX} /usr/lib${LIBDIRSUFFIX} /lib${LIBDIRSUFFIX}" \ + -Doptimize="$SLKCFLAGS" \ + $USE_THREADS \ + -Dpager='/usr/bin/less -isr' \ + -Dinc_version_list='5.10.0 5.8.8 5.8.7 5.8.6 5.8.5 5.8.4 5.8.3 5.8.2 5.8.1 5.8.0' \ + -Darchname=$ARCH-linux + +# Kludge for gcc-4.2.4's needlessly changed output: +cat makefile | grep -v '\<command-line\>' > foo +mv foo makefile +cat x2p/makefile | grep -v '\<command-line\>' > foo +mv foo x2p/makefile + +# Build perl +make $NUMJOBS || exit 1 +make test + +# Install perl (needed to build modules): +make install +( cd /usr/bin + ln -sf perl$VERSION perl + ln -sf c2ph pstruct + ln -sf s2p psed +) +mkdir -p /usr/lib${LIBDIRSUFFIX}/perl5/vendor_perl/${VERSION}/${ARCH}-linux-thread-multi + +# Install perl package: +make install DESTDIR=$PKG +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/perl5/vendor_perl/${VERSION}/${ARCH}-linux-thread-multi + +# Add additional modules: +( cd ext + ( tar xzvf $CWD/DBI-${DBI}.tar.gz + cd DBI-${DBI} + chown -R root:root . + perl Makefile.PL INSTALLDIRS=vendor + make + make test + make install + make install DESTDIR=$PKG + mkdir -p $PKG/usr/doc/perl-$VERSION/DBI-${DBI} + cp -a README $PKG/usr/doc/perl-$VERSION/DBI-${DBI} + chmod 644 $PKG/usr/doc/perl-$VERSION/DBI-${DBI}/README + ) + ( tar xzvf $CWD/DBD-mysql-${DBDMYSQL}.tar.gz + cd DBD-mysql-${DBDMYSQL} + chown -R root:root . + perl Makefile.PL INSTALLDIRS=vendor + make + make test + make install + make install DESTDIR=$PKG + mkdir -p $PKG/usr/doc/perl-$VERSION/DBD-mysql-${DBDMYSQL} + cp -a INSTALL.html README TODO $PKG/usr/doc/perl-$VERSION/DBD-mysql-${DBDMYSQL} + chmod 644 $PKG/usr/doc/perl-$VERSION/DBD-mysql-${DBDMYSQL}/* + ) + ( tar xzvf $CWD/XML-Parser-${XMLPARSER}.tar.gz + cd XML-Parser-${XMLPARSER} + chown -R root:root . + perl Makefile.PL INSTALLDIRS=vendor + make + make test + make install + make install DESTDIR=$PKG + mkdir -p $PKG/usr/doc/perl-$VERSION/XML-Parser-${XMLPARSER} + cp -a README $PKG/usr/doc/perl-$VERSION/XML-Parser-${XMLPARSER} + chmod 644 $PKG/usr/doc/perl-$VERSION/XML-Parser-${XMLPARSER}/* + ) + ( tar xzvf $CWD/XML-Simple-${XMLSIMPLE}.tar.gz + cd XML-Simple-${XMLSIMPLE} + chown -R root:root . + perl Makefile.PL INSTALLDIRS=vendor + make + make test + make install + make install DESTDIR=$PKG + mkdir -p $PKG/usr/doc/perl-$VERSION/XML-Simple${XMLSIMPLE} + cp -a README $PKG/usr/doc/perl-$VERSION/XML-Simple${XMLSIMPLE} + chmod 644 $PKG/usr/doc/perl-$VERSION/XML-Simple${XMLSIMPLE}/* + ) + ( tar xzvf $CWD/URI-${URI}.tar.gz + cd URI-${URI} + chown -R root:root . + perl Makefile.PL INSTALLDIRS=vendor + make + make test + make install + make install DESTDIR=$PKG + mkdir -p $PKG/usr/doc/perl-$VERSION/URI-${URI} + cp -a README $PKG/usr/doc/perl-$VERSION/URI-${URI} + chmod 644 $PKG/usr/doc/perl-$VERSION/URI-${URI}/* + ) +) + +# Strip everything: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +# There are also miniperl and microperl. +# I haven't had any requests for them, but would be willing +# to consider adding one or both to the package if anyone +# actually needs them for some reason. +#make microperl + +# Symlinks that replace hard links +( cd $PKG/usr/bin + ln -sf perl$VERSION perl + ln -sf c2ph pstruct + ln -sf s2p psed ) + +# Install documentation +mkdir -p $PKG/usr/doc/perl-$VERSION +cp -a \ + AUTHORS Artistic Copying INSTALL MANIFEST README README.Y2K README.cn \ + README.jp README.ko README.micro README.tw Todo.micro \ + $PKG/usr/doc/perl-$VERSION + +# We follow LSB with symlinks in /usr/share: +( cd $PKG/usr/share + mv man .. ) +( cd $PKG/usr/man/man1 + mkdir foo + cp *.1 foo + rm *.1 + mv foo/* . + rmdir foo + gzip -9 * + ln -sf c2ph.1.gz pstruct.1.gz + ln -sf s2p.1.gz psed.1.gz ) +( cd $PKG/usr/man/man3 + gzip -9 * ) + +chmod 755 $PKG/usr/bin/* +chmod 644 $PKG/usr/man/man?/* +rmdir $PKG/usr/share + +# This file shouldn't get clobbered: +if [ -r $PKG/usr/lib${LIBDIRSUFFIX}/perl5/${VERSION}/${ARCH}-linux-thread-multi/perllocal.pod ]; then + mv $PKG/usr/lib${LIBDIRSUFFIX}/perl5/${VERSION}/${ARCH}-linux-thread-multi/perllocal.pod $PKG/usr/lib${LIBDIRSUFFIX}/perl5/${VERSION}/${ARCH}-linux-thread-multi/perllocal.pod.new +fi + +# Insert the slack-desc: +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + + +cat << EOF | sed -e "s#/lib/#/lib${LIBDIRSUFFIX}/#" | sed -e "s#i486#$ARCH#" \ + > $PKG/install/doinst.sh +#!/bin/sh +config() { + NEW="\$1" + OLD="\$(dirname \$NEW)/\$(basename \$NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r \$OLD ]; then + mv \$NEW \$OLD + elif [ "\$(cat \$OLD | md5sum)" = "\$(cat \$NEW | md5sum)" ]; then # toss the redundant copy + rm \$NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config usr/lib/perl5/${VERSION}/i486-linux-thread-multi/perllocal.pod.new +EOF + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/perl-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/perl/perl.configure.multilib.patch b/patches/source/perl/perl.configure.multilib.patch new file mode 100644 index 00000000..c86ce65f --- /dev/null +++ b/patches/source/perl/perl.configure.multilib.patch @@ -0,0 +1,35 @@ +Submitted By: Ryan Oliver <ryan(dot)oliver(at)pha(dot)com(dot)au> +Date: 2005-10-20 +Initial Package Version: 5.8.7 +Origin: Ryan Oliver +Description: this patch allows perl to be installed in /usr/lib32 or /usr/lib64 instead of /usr/lib. + +--- perl-5.8.7/Configure-ORIG 2005-10-20 11:49:47.571389008 +1000 ++++ perl-5.8.7/Configure 2005-10-20 12:30:35.571236464 +1000 +@@ -5930,6 +5930,8 @@ + : The default "style" setting is made in installstyle.U + case "$installstyle" in + *lib/perl5*) set dflt privlib lib/$package/$version ;; ++*lib32/perl5*) set dflt privlib lib32/$package/$version ;; ++*lib64/perl5*) set dflt privlib lib64/$package/$version ;; + *) set dflt privlib lib/$version ;; + esac + eval $prefixit +@@ -6433,6 +6435,8 @@ + case "$sitelib" in + '') case "$installstyle" in + *lib/perl5*) dflt=$siteprefix/lib/$package/site_$prog/$version ;; ++ *lib32/perl5*) dflt=$siteprefix/lib32/$package/site_$prog/$version ;; ++ *lib64/perl5*) dflt=$siteprefix/lib64/$package/site_$prog/$version ;; + *) dflt=$siteprefix/lib/site_$prog/$version ;; + esac + ;; +@@ -6560,6 +6564,8 @@ + prog=`echo $package | $sed 's/-*[0-9.]*$//'` + case "$installstyle" in + *lib/perl5*) dflt=$vendorprefix/lib/$package/vendor_$prog/$version ;; ++ *lib32/perl5*) dflt=$vendorprefix/lib32/$package/vendor_$prog/$version ;; ++ *lib64/perl5*) dflt=$vendorprefix/lib64/$package/vendor_$prog/$version ;; + *) dflt=$vendorprefix/lib/vendor_$prog/$version ;; + esac + ;; diff --git a/patches/source/perl/slack-desc b/patches/source/perl/slack-desc new file mode 100644 index 00000000..e28cf941 --- /dev/null +++ b/patches/source/perl/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +perl: perl (Practical Extraction and Report Language) +perl: +perl: Larry Wall's "Practical Extraction and Report Language". Perl is a +perl: language optimized for scanning arbitrary text files, extracting +perl: information from those text files, and printing reports based on that +perl: information. It's also a good language for many system management +perl: tasks. The language is intended to be practical (easy to use, +perl: efficient, complete) rather than beautiful (tiny, elegant, minimal). +perl: +perl: +perl: diff --git a/patches/source/php/doinst.sh b/patches/source/php/doinst.sh new file mode 100644 index 00000000..eda8b0de --- /dev/null +++ b/patches/source/php/doinst.sh @@ -0,0 +1,8 @@ +if [ ! -r etc/httpd/mod_php.conf ]; then + cp -a etc/httpd/mod_php.conf.example etc/httpd/mod_php.conf +elif [ "`cat etc/httpd/mod_php.conf 2> /dev/null`" = "" ]; then + cp -a etc/httpd/mod_php.conf.example etc/httpd/mod_php.conf +fi +if [ ! -r etc/httpd/php.ini ]; then + cp -a etc/httpd/php.ini-production etc/httpd/php.ini +fi diff --git a/patches/source/php/fetch-php.sh b/patches/source/php/fetch-php.sh new file mode 100755 index 00000000..8786664d --- /dev/null +++ b/patches/source/php/fetch-php.sh @@ -0,0 +1 @@ +lftpget http://us.php.net/distributions/php-5.3.29.tar.bz2 diff --git a/patches/source/php/mod_php.conf.example b/patches/source/php/mod_php.conf.example new file mode 100644 index 00000000..670eb713 --- /dev/null +++ b/patches/source/php/mod_php.conf.example @@ -0,0 +1,29 @@ +# +# mod_php - PHP Hypertext Preprocessor module +# + +# Load the PHP module: +LoadModule php5_module lib/httpd/modules/libphp5.so + +# Tell Apache to feed all *.php files through PHP. If you'd like to +# parse PHP embedded in files with different extensions, comment out +# these lines and see the example below. +<FilesMatch \.php$> + SetHandler application/x-httpd-php +</FilesMatch> + +# Tell Apache to feed all *.php, *.html, and *.htm files through +# the PHP module. Add or subtract extensions here as desired. Please +# note that running pages through PHP for no reason can be both slow +# and insecure, so be sure to know what you're doing. It's a convenient +# shortcut, but probably isn't suitible for high-traffic sites if you +# write any of your pages in straight HTML. +#<FilesMatch "\.(php|html|htm)$"> +# SetHandler application/x-httpd-php +#</FilesMatch> + +# This will display PHP files in colored syntax form. Use with caution. +#<FilesMatch "\.phps$"> +# SetHandler application/x-httpd-php-source +#</FilesMatch> + diff --git a/patches/source/php/php.SlackBuild b/patches/source/php/php.SlackBuild new file mode 100755 index 00000000..a55d76b7 --- /dev/null +++ b/patches/source/php/php.SlackBuild @@ -0,0 +1,301 @@ +#!/bin/sh + +# Build and package mod_php on Slackware. +# by: David Cantrell <david@slackware.com> +# Modified for PHP 4-5 by volkerdi@slackware.com +# Copyright 2007, 2008, 2009, 2010, 2011, 2012 Patrick Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo php-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +ALPINE=2.00 +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-php/ +rm -rf $PKG +mkdir -p $TMP $PKG + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +# we need to compile alpine to get c-client.a for IMAP support: +IMAPLIBDIR=/usr/local/lib${LIBDIRSUFFIX}/c-client +if [ -r $IMAPLIBDIR/lib${LIBDIRSUFFIX}/c-client.a ]; then + echo "Using IMAP library:" + ls -l $IMAPLIBDIR/lib${LIBDIRSUFFIX}/c-client.a + sleep 5 +else + ( cd $CWD/../alpine ; ./alpine.SlackBuild || exit 1 ) || exit 1 + ( cd $TMP/alpine-${ALPINE}/imap/c-client + strip -g c-client.a + mkdir -p $IMAPLIBDIR/lib${LIBDIRSUFFIX} + cp c-client.a $IMAPLIBDIR/lib${LIBDIRSUFFIX} + mkdir -p $IMAPLIBDIR/include + cp *.h $IMAPLIBDIR/include + ) +fi + +mkdir -p $PKG/etc/httpd +mkdir -p $PKG/etc/php +# A trick from DaMouse to enable building php into $PKG. +# We'll remove this later on. +cat /etc/httpd/original/httpd.conf > $PKG/etc/httpd/httpd.conf +if [ ! -e /etc/httpd/original/httpd.conf ]; then + echo "FATAL: no /etc/httpd/original/httpd.conf found." + exit 1 +fi + +cd $TMP +rm -rf php-$VERSION +tar xvf $CWD/php-$VERSION.tar.?z* || exit 1 +cd php-$VERSION + +# cleanup: +find . -name "*.orig" -delete + +# Add missing(?) PEAR modules back: +if [ -d php-$VERSION/pear/packages ]; then + ( cd php-$VERSION/pear/packages + cp -a $CWD/pear/*.bz2 . 2> /dev/null + bzip2 -d *.bz2 2> /dev/null + ) +fi + +if [ "$ARCH" = "s390" ]; then + zcat $CWD/php.configure.s390.diff.gz | patch -p1 || exit +fi + +# Fixup perms/owners: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +find . -name "*.h" -exec chmod 644 {} \; + +# Sometimes they ship a few of these: +find . -name "*.orig" -exec rm {} \; + +# Patch ini files: +zcat $CWD/php.ini-development.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/php.ini-development.diff.gz | patch -p1 --verbose php.ini-production || exit 1 +zcat $CWD/php.session.save_path.diff.gz | patch -p1 --verbose || exit 1 + +# Generic "kitchen sink" configure function, with as many things as possible (and +# maybe then some ;-) compiled as shared extensions: +php_configure() { +EXTENSION_DIR=/usr/lib${LIBDIRSUFFIX}/php/extensions \ +CFLAGS="$SLKCFLAGS" \ +./configure \ + $* \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-libdir=lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --disable-safe-mode \ + --disable-magic-quotes \ + --enable-zend-multibyte \ + --enable-mbregex \ + --enable-tokenizer=shared \ + --with-config-file-scan-dir=/etc/php \ + --with-config-file-path=/etc/httpd \ + --enable-mod_charset \ + --with-layout=PHP \ + --enable-sigchild \ + --enable-xml \ + --with-libxml-dir=/usr \ + --enable-simplexml \ + --enable-filter \ + --disable-debug \ + --with-openssl=shared \ + --with-pcre-regex=/usr \ + --with-zlib=shared,/usr \ + --enable-bcmath=shared \ + --with-bz2=shared,/usr \ + --enable-calendar=shared \ + --enable-ctype=shared \ + --with-curl=shared \ + --with-curlwrappers \ + --with-mcrypt=/usr \ + --enable-dba=shared \ + --with-gdbm=/usr \ + --with-db4=/usr \ + --enable-exif=shared \ + --enable-ftp=shared \ + --with-gd=shared \ + --with-jpeg-dir=/usr \ + --with-png-dir=/usr \ + --with-zlib-dir=/usr \ + --with-xpm-dir=/usr \ + --with-freetype-dir=/usr \ + --with-t1lib=/usr \ + --enable-gd-native-ttf \ + --enable-gd-jis-conv \ + --with-gettext=shared,/usr \ + --with-gmp=shared,/usr \ + --with-iconv=shared \ + --with-imap-ssl=/usr \ + --with-imap=$IMAPLIBDIR \ + --with-ldap=shared \ + --enable-mbstring=shared \ + --enable-hash \ + --with-mysql=shared,mysqlnd \ + --with-mysqli=shared,mysqlnd \ + --with-mysql-sock=/var/run/mysql/mysql.sock \ + --enable-pdo=shared \ + --with-pdo-mysql=shared,mysqlnd \ + --with-pdo-sqlite=shared,/usr \ + --with-pspell=shared,/usr \ + --with-enchant=shared,/usr \ + --with-mm=/usr \ + --enable-shmop=shared \ + --with-snmp=shared,/usr \ + --enable-soap=shared \ + --enable-sockets \ + --with-sqlite=shared \ + --with-sqlite3=shared \ + --enable-sqlite-utf8 \ + --with-regex=php \ + --enable-sysvmsg \ + --enable-sysvsem \ + --enable-sysvshm \ + --enable-wddx=shared \ + --with-xsl=shared,/usr \ + --enable-zip=shared \ + --with-tsrm-pthreads \ + --enable-shared=yes \ + --enable-static=no \ + --with-gnu-ld \ + --with-pic \ + --build=$ARCH-slackware-linux +} + +# I am told this option is worse than nothing. :-) +# --enable-safe-mode +# +# I would recommend *against* and will take no responbility for turning on +# "safe" mode. + +# Make the Apache2 module version of PHP: +php_configure \ + --with-apxs2=/usr/sbin/apxs +make $NUMJOBS || make || exit 1 +make install INSTALL_ROOT=$PKG || exit 1 + +# Make the CLI/CGI version of PHP: +make distclean +php_configure \ + --enable-pcntl \ + --enable-sigchild +make $NUMJOBS || make || exit 1 +mkdir -p $PKG/usr/bin +cat ./sapi/cli/php > $PKG/usr/bin/php +cat ./sapi/cgi/php-cgi > $PKG/usr/bin/php-cgi +chmod 755 $PKG/usr/bin/php +chmod 755 $PKG/usr/bin/php-cgi + +# PHP (used to) install Pear with some strange permissions. +chmod 755 $PKG/usr/bin/pear + +# PHP sometimes puts junk in the root directory: +( cd $PKG + rm -rf .channels .depdb .depdblock .filemap .lock .registry +) + +# Fix $PKG/usr/lib/php perms: +( cd $PKG/usr/lib${LIBDIRSUFFIX}/php + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +) + +mkdir -p $PKG/usr/doc/php-$VERSION +cp -a \ + CODING_STANDARDS CREDITS EXTENSIONS INSTALL LICENSE NEWS README* TODO* UPGRADING* \ + sapi/cgi/README.FastCGI \ + $PKG/usr/doc/php-$VERSION +chown -R root:root $PKG/usr/doc/php-$VERSION +chmod 644 $PKG/usr/doc/php-$VERSION/UPGRADING* + +mkdir -p $PKG/etc/httpd +cp -a php.ini-development php.ini-production $PKG/etc/httpd +cat $CWD/mod_php.conf.example | sed -e "s#lib/httpd#lib${LIBDIRSUFFIX}/httpd#" \ + > $PKG/etc/httpd/mod_php.conf.example +chmod 644 $PKG/etc/httpd/* +chown root:root $PKG/etc/httpd/* + +# This can go now. +rm -f $PKG/etc/httpd/httpd* + +# Session directory for PHP: +mkdir -p $PKG/var/lib/php +chmod 770 $PKG/var/lib/php +chown root:apache $PKG/var/lib/php + +# Strip ELF objects. +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +gzip -9 $PKG/usr/man/man?/*.? + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +#if [ -d "$IMAPLIBDIR" ]; then +# ( cd $IMAPLIBDIR && rm -rf * ) +# rmdir $IMAPLIBDIR +#fi + +cd $PKG +/sbin/makepkg -l y -c n $TMP/php-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/php/php.ini-development.diff b/patches/source/php/php.ini-development.diff new file mode 100644 index 00000000..49b441e6 --- /dev/null +++ b/patches/source/php/php.ini-development.diff @@ -0,0 +1,47 @@ +--- ./php.ini-development.orig 2011-02-08 18:25:44.000000000 -0600 ++++ ./php.ini-development 2011-04-01 22:42:50.000000000 -0500 +@@ -938,6 +938,44 @@ + ; If you only provide the name of the extension, PHP will look for it in its + ; default extension directory. + ; ++ ++; These are the extensions that are available for use on this PHP build. ++; If you do NOT need any of these extensions, you should comment them out. ++; That will probably increase both your security and performance. ++ ++extension=bcmath.so ++extension=bz2.so ++extension=calendar.so ++extension=ctype.so ++extension=curl.so ++extension=dba.so ++extension=enchant.so ++extension=exif.so ++extension=ftp.so ++extension=gd.so ++extension=gettext.so ++extension=gmp.so ++extension=iconv.so ++extension=ldap.so ++extension=mbstring.so ++extension=mysql.so ++extension=mysqli.so ++extension=openssl.so ++extension=pdo.so ++extension=pdo_mysql.so ++extension=pdo_sqlite.so ++extension=pspell.so ++extension=shmop.so ++extension=snmp.so ++extension=soap.so ++extension=sqlite.so ++extension=sqlite3.so ++extension=tokenizer.so ++extension=wddx.so ++extension=xsl.so ++extension=zip.so ++extension=zlib.so ++ + ; Windows Extensions + ; Note that ODBC support is built in, so no dll is needed for it. + ; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) diff --git a/patches/source/php/php.session.save_path.diff b/patches/source/php/php.session.save_path.diff new file mode 100644 index 00000000..60d6f072 --- /dev/null +++ b/patches/source/php/php.session.save_path.diff @@ -0,0 +1,22 @@ +--- ./php.ini-development.orig 2011-04-14 14:26:44.551000001 -0500 ++++ ./php.ini-development 2011-04-14 14:38:48.591000954 -0500 +@@ -1506,7 +1506,7 @@ + ; where MODE is the octal representation of the mode. Note that this + ; does not overwrite the process's umask. + ; http://php.net/session.save-path +-;session.save_path = "/tmp" ++session.save_path = "/var/lib/php" + + ; Whether to use cookies. + ; http://php.net/session.use-cookies +--- ./php.ini-production.orig 2011-04-14 14:26:44.558000001 -0500 ++++ ./php.ini-production 2011-04-14 14:39:09.598999155 -0500 +@@ -1513,7 +1513,7 @@ + ; where MODE is the octal representation of the mode. Note that this + ; does not overwrite the process's umask. + ; http://php.net/session.save-path +-;session.save_path = "/tmp" ++session.save_path = "/var/lib/php" + + ; Whether to use cookies. + ; http://php.net/session.use-cookies diff --git a/patches/source/php/slack-desc b/patches/source/php/slack-desc new file mode 100644 index 00000000..fe14da6d --- /dev/null +++ b/patches/source/php/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +php: php (HTML-embedded scripting language) +php: +php: PHP is an HTML-embedded scripting language. It shares syntax +php: characteristics with C, Java, and Perl. The primary objective behind +php: this language is to make a fast and easy-to-use scripting language +php: for dynamic web sites. +php: +php: More information can be found online at http://www.php.net/ +php: +php: +php: diff --git a/patches/source/pidgin/pidgin.SlackBuild b/patches/source/pidgin/pidgin.SlackBuild new file mode 100755 index 00000000..05ad8e3d --- /dev/null +++ b/patches/source/pidgin/pidgin.SlackBuild @@ -0,0 +1,224 @@ +#!/bin/sh + +# Copyright 2006, 2007, 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=pidgin +VERSION=${VERSION:-$(echo $PKGNAM-2.*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +PIDGINENC=${PIDGINENC:-3.1} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j6 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" + ARCHQUADLET="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" + ARCHQUADLET="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" + ARCHQUADLET="" +elif [ "$ARCH" = "arm" ]; then + SLKCFLAGS="-O2 -march=armv4t" + LIBDIRSUFFIX="" + ARCHQUADLET="-gnueabi" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" + ARCHQUADLET="" +fi + +cd $TMP +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.?z* || exit 1 +cd ${PKGNAM}-$VERSION || exit 1 + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Allow certificates signed with rsa-md5: +zcat $CWD/purple-allow-sign-rsa-md5.patch.gz | patch -p0 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --enable-dot=no \ + --disable-schemas-install \ + --enable-dbus \ + --enable-gnutls=yes \ + --enable-nss=no \ + --disable-vv \ + --enable-gtkspell \ + --enable-cyrus-sasl \ + --enable-perl \ + --disable-meanwhile \ + --disable-avahi \ + --disable-nm \ + --program-prefix= \ + --program-suffix= \ + --build=$ARCH-slackware-linux$ARCHQUADLET || exit 1 + +# Fix install location: +grep -lr -- "lib/perl" . | xargs sed -i 's?lib/perl?lib'"$LIBDIRSUFFIX"'/perl?g' + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Fix misplaced items: +eval $(perl '-V:archlib') +eval $(perl '-V:privlib') +VENDORPERL="$(echo $archlib | sed -e "s/perl5/perl5\/vendor_perl/")" + +mkdir -vpm755 $PKG/$VENDORPERL/ +find $PKG -type f -name perllocal.pod -exec mv -fv {} $PKG/$VENDORPERL/Pidgin.pod \; +# Fix install location for 64bit: +sed -i 's?/lib/perl?/lib'"$LIBDIRSUFFIX"'/perl?g' $PKG/$VENDORPERL/Pidgin.pod +mkdir -p $PKG/usr/man/man3 +find $PKG/usr/share/man -type f -name *.3 -exec mv -fv {} $PKG/usr/man/man3 \; +rm -rf $PKG/usr/share/man +rm -r $PKG$privlib +# This is empty: +rmdir $PKG/usr/lib$LIBDIRSUFFIX/perl[0-9]*/$ARCH-linux-thread-multi/ + +# In case of unwanted junk dirs on 64-bit... this may fail, but doesn't hurt: +rmdir $PKG/usr/lib/perl[0-9]*/$ARCH-linux-thread-multi/ +rmdir $PKG/usr/lib/perl[0-9]* +rmdir $PKG/usr/lib + +# This removes our DESTDIR from the packlist filenames, to keep perl's +# internal inventories consistent and correct. +find $PKG -name .packlist | while read plist ; do + sed -e "s%/share/man%/man%g" \ + -e "s%$PKG%%g" \ + -e "s%\.1$%\.1\.gz%g" \ + -e "s%\.2$%\.2\.gz%g" \ + -e "s%\.3$%\.3\.gz%g" \ + -e "s%\.3pm$%\.3pm\.gz%g" \ + -e "s%\.4$%\.4\.gz%g" \ + -e "s%\.5$%\.5\.gz%g" \ + -e "s%\.6$%\.6\.gz%g" \ + -e "s%\.7$%\.7\.gz%g" \ + -e "s%\.8$%\.8\.gz%g" \ + ${plist} > ${plist}.new + mv -f ${plist}.new ${plist} +done + +### add gaim-encryption +( cd $TMP + rm -rf pidgin-encryption-$PIDGINENC + tar xvf $CWD/pidgin-encryption-$PIDGINENC.tar.gz || exit 1 + cd pidgin-encryption-$PIDGINENC + PIDGIN_CFLAGS="-I${PKG}/usr/include/pidgin" \ + PIDGIN_LIBS="-L${PKG}/usr/lib${LIBDIRSUFFIX}" \ + PURPLE_CFLAGS="-I${PKG}/usr/include/libpurple" \ + PURPLE_LIBS="-L${PKG}/usr/lib${LIBDIRSUFFIX}" \ + ./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --disable-static \ + --with-nss-includes=/usr/include/seamonkey/nss \ + --with-nspr-includes=/usr/include/seamonkey/nspr \ + --with-nss-libs=/usr/lib${LIBDIRSUFFIX}/seamonkey/ \ + --with-nspr-libs=/usr/lib${LIBDIRSUFFIX}/seamonkey/ \ + --program-prefix="" \ + --program-suffix="" \ + --build=$ARCH-slackware-linux$ARCHQUADLET || exit 1 + + # Fix install location: + grep -lr -- "lib/perl" . | xargs sed -i 's?lib/perl?lib'"$LIBDIRSUFFIX"'/perl?g' + + make $NUMJOBS || make || exit 1 + make install DESTDIR=$PKG || exit 1 +) || exit 1 +### end add gaim-encryption + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) +fi + +# Compress info files, if any: +if [ -d $PKG/usr/info ]; then + ( cd $PKG/usr/info + rm -f dir + gzip -9 * + ) +fi + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a \ + AUTHORS COPYING COPYRIGHT HACKING INSTALL NEWS PLUGIN_HOWTO README* doc \ + $PKG/usr/doc/${PKGNAM}-$VERSION +( cd $PKG/usr/doc/${PKGNAM}-$VERSION/doc + rm -f Makefile* *.dox *.1 *.in +) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/pidgin/purple-allow-sign-rsa-md5.patch b/patches/source/pidgin/purple-allow-sign-rsa-md5.patch new file mode 100644 index 00000000..d882a6e8 --- /dev/null +++ b/patches/source/pidgin/purple-allow-sign-rsa-md5.patch @@ -0,0 +1,12 @@ +--- libpurple/plugins/ssl/ssl-gnutls.c.old 2008-10-17 18:58:31.000000000 +0200 ++++ libpurple/plugins/ssl/ssl-gnutls.c 2008-10-17 18:53:03.000000000 +0200 +@@ -693,7 +693,8 @@ + (Verisign and possibly others have + root certificates that predate the + current standard) */ +- GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT, ++ GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT ++ | GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5, + &verify); + + if (ret != 0) { diff --git a/patches/source/pidgin/slack-desc b/patches/source/pidgin/slack-desc new file mode 100644 index 00000000..a9aabca1 --- /dev/null +++ b/patches/source/pidgin/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +pidgin: pidgin (GTK+ instant messaging program) +pidgin: +pidgin: Pidgin allows you to talk to anyone using a variety of messaging +pidgin: protocols, including AIM (Oscar and TOC), ICQ, IRC, Yahoo!, MSN +pidgin: Messenger, Jabber, Gadu-Gadu, Napster, and Zephyr. These protocols +pidgin: are implemented using a modular, easy to use design. To use a +pidgin: protocol, just load the plugin for it. +pidgin: +pidgin: For more info, see: http://www.pidgin.im +pidgin: +pidgin: diff --git a/patches/source/polkit/CVE-2011-1485/0001-PolkitUnixProcess-Clarify-that-the-real-uid-is-retur.patch b/patches/source/polkit/CVE-2011-1485/0001-PolkitUnixProcess-Clarify-that-the-real-uid-is-retur.patch new file mode 100644 index 00000000..e448ce95 --- /dev/null +++ b/patches/source/polkit/CVE-2011-1485/0001-PolkitUnixProcess-Clarify-that-the-real-uid-is-retur.patch @@ -0,0 +1,122 @@ +From 83a65f1255fc3eebfb4be1f80a5ab0b5f98eef7c Mon Sep 17 00:00:00 2001 +From: David Zeuthen <davidz@redhat.com> +Date: Mon, 11 Apr 2011 11:38:22 -0400 +Subject: [PATCH 1/6] PolkitUnixProcess: Clarify that the real uid is + returned, not the effective one + +On Linux, also switch to parsing /proc/<pid>/status instead of relying +on the st_uid returned by stat(2) to be the uid we want. + +This was pointed out by Neel Mehta <nmehta@google.com>. Thanks! + +Signed-off-by: David Zeuthen <davidz@redhat.com> +--- + src/polkit/polkitunixprocess.c | 58 ++++++++++++++++++++++++++++++++------- + 1 files changed, 47 insertions(+), 11 deletions(-) + +diff --git a/src/polkit/polkitunixprocess.c b/src/polkit/polkitunixprocess.c +index e132387..868e3c5 100644 +--- a/src/polkit/polkitunixprocess.c ++++ b/src/polkit/polkitunixprocess.c +@@ -34,6 +34,7 @@ + #include <stdlib.h> + #include <string.h> + #include <errno.h> ++#include <stdio.h> + + #include "polkitunixprocess.h" + #include "polkitsubject.h" +@@ -207,6 +208,8 @@ polkit_unix_process_get_pid (PolkitUnixProcess *process) + * + * Gets the uid of the owner of @process. + * ++ * Note that this returns the real user-id (not the effective user-id) of @process. ++ * + * Returns: The UNIX user id of the owner for @process or 0 if @error is set. + **/ + gint +@@ -214,14 +217,18 @@ polkit_unix_process_get_owner (PolkitUnixProcess *process, + GError **error) + { + gint result; ++ gchar *contents; ++ gchar **lines; + #ifdef HAVE_FREEBSD + struct kinfo_proc p; + #else +- struct stat statbuf; +- char procbuf[32]; ++ gchar filename[64]; ++ guint n; + #endif + + result = 0; ++ lines = NULL; ++ contents = NULL; + + #ifdef HAVE_FREEBSD + if (get_kinfo_proc (process->pid, &p) == 0) +@@ -237,22 +244,51 @@ polkit_unix_process_get_owner (PolkitUnixProcess *process, + + result = p.ki_uid; + #else +- g_snprintf (procbuf, sizeof procbuf, "/proc/%d", process->pid); +- if (stat (procbuf, &statbuf) != 0) ++ /* see 'man proc' for layout of the status file ++ * ++ * Uid, Gid: Real, effective, saved set, and file system UIDs (GIDs). ++ */ ++ g_snprintf (filename, sizeof filename, "/proc/%d/status", process->pid); ++ if (!g_file_get_contents (filename, ++ &contents, ++ NULL, ++ error)) + { +- g_set_error (error, +- POLKIT_ERROR, +- POLKIT_ERROR_FAILED, +- "stat() failed for /proc/%d: %s", +- process->pid, +- g_strerror (errno)); + goto out; + } ++ lines = g_strsplit (contents, "\n", -1); ++ for (n = 0; lines != NULL && lines[n] != NULL; n++) ++ { ++ gint real_uid, effective_uid; ++ if (!g_str_has_prefix (lines[n], "Uid:")) ++ continue; ++ if (sscanf (lines[n] + 4, "%d %d", &real_uid, &effective_uid) != 2) ++ { ++ g_set_error (error, ++ POLKIT_ERROR, ++ POLKIT_ERROR_FAILED, ++ "Unexpected line `%s' in file %s", ++ lines[n], ++ filename); ++ goto out; ++ } ++ else ++ { ++ result = real_uid; ++ goto out; ++ } ++ } + +- result = statbuf.st_uid; ++ g_set_error (error, ++ POLKIT_ERROR, ++ POLKIT_ERROR_FAILED, ++ "Didn't find any line starting with `Uid:' in file %s", ++ filename); + #endif + + out: ++ g_strfreev (lines); ++ g_free (contents); + + return result; + } +-- +1.7.4.4 + diff --git a/patches/source/polkit/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch b/patches/source/polkit/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch new file mode 100644 index 00000000..5c70a71e --- /dev/null +++ b/patches/source/polkit/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch @@ -0,0 +1,666 @@ +From 9a44af8ab67d09a2c08be29428b8fe32da809e99 Mon Sep 17 00:00:00 2001 +From: David Zeuthen <davidz@redhat.com> +Date: Mon, 11 Apr 2011 12:41:00 -0400 +Subject: [PATCH 2/6] Make PolkitUnixProcess also record the uid of the + process + +This is needed to avoid possible TOCTTOU issues since a process can +change both its real uid and effective uid. + +Signed-off-by: David Zeuthen <davidz@redhat.com> +--- + docs/polkit/polkit-1-sections.txt | 7 +- + src/polkit/polkitsubject.c | 51 ++++-- + src/polkit/polkitunixprocess.c | 350 +++++++++++++++++++++++++----------- + src/polkit/polkitunixprocess.h | 10 + + 4 files changed, 296 insertions(+), 122 deletions(-) + +diff --git a/docs/polkit/polkit-1-sections.txt b/docs/polkit/polkit-1-sections.txt +index ac902b6..7f42cd2 100644 +--- a/docs/polkit/polkit-1-sections.txt ++++ b/docs/polkit/polkit-1-sections.txt +@@ -148,10 +148,13 @@ POLKIT_UNIX_SESSION_GET_CLASS + PolkitUnixProcess + polkit_unix_process_new + polkit_unix_process_new_full ++polkit_unix_process_new_for_owner ++polkit_unix_process_set_pid + polkit_unix_process_get_pid ++polkit_unix_process_set_start_time + polkit_unix_process_get_start_time +-polkit_unix_process_set_pid +-polkit_unix_process_get_owner ++polkit_unix_process_set_uid ++polkit_unix_process_get_uid + <SUBSECTION Standard> + PolkitUnixProcessClass + POLKIT_UNIX_PROCESS +diff --git a/src/polkit/polkitsubject.c b/src/polkit/polkitsubject.c +index d5039a5..02c707b 100644 +--- a/src/polkit/polkitsubject.c ++++ b/src/polkit/polkitsubject.c +@@ -24,6 +24,7 @@ + #endif + + #include <string.h> ++#include <stdio.h> + + #include "polkitsubject.h" + #include "polkitunixprocess.h" +@@ -209,8 +210,6 @@ polkit_subject_from_string (const gchar *str, + GError **error) + { + PolkitSubject *subject; +- guint64 val; +- gchar *endptr; + + g_return_val_if_fail (str != NULL, NULL); + +@@ -220,12 +219,20 @@ polkit_subject_from_string (const gchar *str, + + if (g_str_has_prefix (str, "unix-process:")) + { +- val = g_ascii_strtoull (str + sizeof "unix-process:" - 1, +- &endptr, +- 10); +- if (*endptr == '\0') ++ gint scanned_pid; ++ guint64 scanned_starttime; ++ gint scanned_uid; ++ if (sscanf (str, "unix-process:%d:%" G_GUINT64_FORMAT ":%d", &scanned_pid, &scanned_starttime, &scanned_uid) == 3) + { +- subject = polkit_unix_process_new ((gint) val); ++ subject = polkit_unix_process_new_for_owner (scanned_pid, scanned_starttime, scanned_uid); ++ } ++ else if (sscanf (str, "unix-process:%d:%" G_GUINT64_FORMAT, &scanned_pid, &scanned_starttime) == 2) ++ { ++ subject = polkit_unix_process_new_full (scanned_pid, scanned_starttime); ++ } ++ else if (sscanf (str, "unix-process:%d", &scanned_pid) == 1) ++ { ++ subject = polkit_unix_process_new (scanned_pid); + if (polkit_unix_process_get_start_time (POLKIT_UNIX_PROCESS (subject)) == 0) + { + g_object_unref (subject); +@@ -233,8 +240,8 @@ polkit_subject_from_string (const gchar *str, + g_set_error (error, + POLKIT_ERROR, + POLKIT_ERROR_FAILED, +- "No process with pid %" G_GUINT64_FORMAT, +- val); ++ "Unable to determine start time for process with pid %d", ++ scanned_pid); + } + } + } +@@ -268,6 +275,7 @@ polkit_subject_new_for_real (_PolkitSubject *real) + EggDBusHashMap *details; + EggDBusVariant *variant; + EggDBusVariant *variant2; ++ EggDBusVariant *variant3; + + s = NULL; + +@@ -281,10 +289,24 @@ polkit_subject_new_for_real (_PolkitSubject *real) + else if (strcmp (kind, "unix-process") == 0) + { + variant = egg_dbus_hash_map_lookup (details, "pid"); +- variant2 = egg_dbus_hash_map_lookup (details, "start-time"); +- if (variant != NULL && variant2 != NULL) +- s = polkit_unix_process_new_full (egg_dbus_variant_get_uint (variant), +- egg_dbus_variant_get_uint64 (variant2)); ++ if (variant != NULL && egg_dbus_variant_is_uint (variant)) ++ { ++ gint pid; ++ guint64 start_time; ++ gint uid; ++ variant2 = egg_dbus_hash_map_lookup (details, "start-time"); ++ pid = egg_dbus_variant_get_uint (variant); ++ if (variant2 != NULL && egg_dbus_variant_is_uint64 (variant2)) ++ start_time = egg_dbus_variant_get_uint64 (variant2); ++ else ++ start_time = 0; ++ variant3 = egg_dbus_hash_map_lookup (details, "uid"); ++ if (variant3 != NULL && egg_dbus_variant_is_int (variant3)) ++ uid = egg_dbus_variant_get_int (variant3); ++ else ++ uid = -1; ++ s = polkit_unix_process_new_for_owner (pid, start_time, uid); ++ } + } + else if (strcmp (kind, "unix-session") == 0) + { +@@ -330,6 +352,9 @@ polkit_subject_get_real (PolkitSubject *subject) + egg_dbus_hash_map_insert (details, + "start-time", + egg_dbus_variant_new_for_uint64 (polkit_unix_process_get_start_time (POLKIT_UNIX_PROCESS (subject)))); ++ egg_dbus_hash_map_insert (details, ++ "uid", ++ egg_dbus_variant_new_for_int (polkit_unix_process_get_uid (POLKIT_UNIX_PROCESS (subject)))); + } + else if (POLKIT_IS_UNIX_SESSION (subject)) + { +diff --git a/src/polkit/polkitunixprocess.c b/src/polkit/polkitunixprocess.c +index 868e3c5..eb455f6 100644 +--- a/src/polkit/polkitunixprocess.c ++++ b/src/polkit/polkitunixprocess.c +@@ -64,6 +64,7 @@ struct _PolkitUnixProcess + + gint pid; + guint64 start_time; ++ gint uid; + }; + + struct _PolkitUnixProcessClass +@@ -76,6 +77,7 @@ enum + PROP_0, + PROP_PID, + PROP_START_TIME, ++ PROP_UID + }; + + static void subject_iface_init (PolkitSubjectIface *subject_iface); +@@ -83,6 +85,9 @@ static void subject_iface_init (PolkitSubjectIface *subject_iface); + static guint64 get_start_time_for_pid (gint pid, + GError **error); + ++static gint _polkit_unix_process_get_owner (PolkitUnixProcess *process, ++ GError **error); ++ + #ifdef HAVE_FREEBSD + static gboolean get_kinfo_proc (gint pid, struct kinfo_proc *p); + #endif +@@ -94,6 +99,7 @@ G_DEFINE_TYPE_WITH_CODE (PolkitUnixProcess, polkit_unix_process, G_TYPE_OBJECT, + static void + polkit_unix_process_init (PolkitUnixProcess *unix_process) + { ++ unix_process->uid = -1; + } + + static void +@@ -110,6 +116,10 @@ polkit_unix_process_get_property (GObject *object, + g_value_set_int (value, unix_process->pid); + break; + ++ case PROP_UID: ++ g_value_set_int (value, unix_process->uid); ++ break; ++ + case PROP_START_TIME: + g_value_set_uint64 (value, unix_process->start_time); + break; +@@ -134,6 +144,14 @@ polkit_unix_process_set_property (GObject *object, + polkit_unix_process_set_pid (unix_process, g_value_get_int (value)); + break; + ++ case PROP_UID: ++ polkit_unix_process_set_uid (unix_process, g_value_get_int (value)); ++ break; ++ ++ case PROP_START_TIME: ++ polkit_unix_process_set_start_time (unix_process, g_value_get_uint64 (value)); ++ break; ++ + default: + G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); + break; +@@ -141,12 +159,39 @@ polkit_unix_process_set_property (GObject *object, + } + + static void ++polkit_unix_process_constructed (GObject *object) ++{ ++ PolkitUnixProcess *process = POLKIT_UNIX_PROCESS (object); ++ ++ /* sets start_time and uid in case they are unset */ ++ ++ if (process->start_time == 0) ++ process->start_time = get_start_time_for_pid (process->pid, NULL); ++ ++ if (process->uid == -1) ++ { ++ GError *error; ++ error = NULL; ++ process->uid = _polkit_unix_process_get_owner (process, &error); ++ if (error != NULL) ++ { ++ process->uid = -1; ++ g_error_free (error); ++ } ++ } ++ ++ if (G_OBJECT_CLASS (polkit_unix_process_parent_class)->constructed != NULL) ++ G_OBJECT_CLASS (polkit_unix_process_parent_class)->constructed (object); ++} ++ ++static void + polkit_unix_process_class_init (PolkitUnixProcessClass *klass) + { + GObjectClass *gobject_class = G_OBJECT_CLASS (klass); + + gobject_class->get_property = polkit_unix_process_get_property; + gobject_class->set_property = polkit_unix_process_set_property; ++ gobject_class->constructed = polkit_unix_process_constructed; + + /** + * PolkitUnixProcess:pid: +@@ -158,7 +203,7 @@ polkit_unix_process_class_init (PolkitUnixProcessClass *klass) + g_param_spec_int ("pid", + "Process ID", + "The UNIX process ID", +- -1, ++ 0, + G_MAXINT, + 0, + G_PARAM_CONSTRUCT | +@@ -168,6 +213,27 @@ polkit_unix_process_class_init (PolkitUnixProcessClass *klass) + G_PARAM_STATIC_NICK)); + + /** ++ * PolkitUnixProcess:uid: ++ * ++ * The UNIX user id of the process or -1 if unknown. ++ * ++ * Note that this is the real user-id, not the effective user-id. ++ */ ++ g_object_class_install_property (gobject_class, ++ PROP_UID, ++ g_param_spec_int ("uid", ++ "User ID", ++ "The UNIX user ID", ++ -1, ++ G_MAXINT, ++ -1, ++ G_PARAM_CONSTRUCT | ++ G_PARAM_READWRITE | ++ G_PARAM_STATIC_NAME | ++ G_PARAM_STATIC_BLURB | ++ G_PARAM_STATIC_NICK)); ++ ++ /** + * PolkitUnixProcess:start-time: + * + * The start time of the process. +@@ -180,7 +246,8 @@ polkit_unix_process_class_init (PolkitUnixProcessClass *klass) + 0, + G_MAXUINT64, + 0, +- G_PARAM_READABLE | ++ G_PARAM_CONSTRUCT | ++ G_PARAM_READWRITE | + G_PARAM_STATIC_NAME | + G_PARAM_STATIC_BLURB | + G_PARAM_STATIC_NICK)); +@@ -188,109 +255,50 @@ polkit_unix_process_class_init (PolkitUnixProcessClass *klass) + } + + /** +- * polkit_unix_process_get_pid: ++ * polkit_unix_process_get_uid: + * @process: A #PolkitUnixProcess. + * +- * Gets the process id for @process. ++ * Gets the user id for @process. Note that this is the real user-id, ++ * not the effective user-id. + * +- * Returns: The process id for @process. ++ * Returns: The user id for @process or -1 if unknown. + */ + gint +-polkit_unix_process_get_pid (PolkitUnixProcess *process) ++polkit_unix_process_get_uid (PolkitUnixProcess *process) + { +- return process->pid; ++ g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), -1); ++ return process->uid; + } + + /** +- * polkit_unix_process_get_owner: ++ * polkit_unix_process_set_uid: + * @process: A #PolkitUnixProcess. +- * @error: Return location for error or %NULL. ++ * @uid: The user id to set for @process or -1 to unset it. + * +- * Gets the uid of the owner of @process. ++ * Sets the (real, not effective) user id for @process. ++ */ ++void ++polkit_unix_process_set_uid (PolkitUnixProcess *process, ++ gint uid) ++{ ++ g_return_if_fail (POLKIT_IS_UNIX_PROCESS (process)); ++ g_return_if_fail (uid >= -1); ++ process->uid = uid; ++} ++ ++/** ++ * polkit_unix_process_get_pid: ++ * @process: A #PolkitUnixProcess. + * +- * Note that this returns the real user-id (not the effective user-id) of @process. ++ * Gets the process id for @process. + * +- * Returns: The UNIX user id of the owner for @process or 0 if @error is set. +- **/ ++ * Returns: The process id for @process. ++ */ + gint +-polkit_unix_process_get_owner (PolkitUnixProcess *process, +- GError **error) ++polkit_unix_process_get_pid (PolkitUnixProcess *process) + { +- gint result; +- gchar *contents; +- gchar **lines; +-#ifdef HAVE_FREEBSD +- struct kinfo_proc p; +-#else +- gchar filename[64]; +- guint n; +-#endif +- +- result = 0; +- lines = NULL; +- contents = NULL; +- +-#ifdef HAVE_FREEBSD +- if (get_kinfo_proc (process->pid, &p) == 0) +- { +- g_set_error (error, +- POLKIT_ERROR, +- POLKIT_ERROR_FAILED, +- "get_kinfo_proc() failed for pid %d: %s", +- process->pid, +- g_strerror (errno)); +- goto out; +- } +- +- result = p.ki_uid; +-#else +- /* see 'man proc' for layout of the status file +- * +- * Uid, Gid: Real, effective, saved set, and file system UIDs (GIDs). +- */ +- g_snprintf (filename, sizeof filename, "/proc/%d/status", process->pid); +- if (!g_file_get_contents (filename, +- &contents, +- NULL, +- error)) +- { +- goto out; +- } +- lines = g_strsplit (contents, "\n", -1); +- for (n = 0; lines != NULL && lines[n] != NULL; n++) +- { +- gint real_uid, effective_uid; +- if (!g_str_has_prefix (lines[n], "Uid:")) +- continue; +- if (sscanf (lines[n] + 4, "%d %d", &real_uid, &effective_uid) != 2) +- { +- g_set_error (error, +- POLKIT_ERROR, +- POLKIT_ERROR_FAILED, +- "Unexpected line `%s' in file %s", +- lines[n], +- filename); +- goto out; +- } +- else +- { +- result = real_uid; +- goto out; +- } +- } +- +- g_set_error (error, +- POLKIT_ERROR, +- POLKIT_ERROR_FAILED, +- "Didn't find any line starting with `Uid:' in file %s", +- filename); +-#endif +- +- out: +- g_strfreev (lines); +- g_free (contents); +- +- return result; ++ g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), 0); ++ return process->pid; + } + + /** +@@ -304,10 +312,26 @@ polkit_unix_process_get_owner (PolkitUnixProcess *process, + guint64 + polkit_unix_process_get_start_time (PolkitUnixProcess *process) + { ++ g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), 0); + return process->start_time; + } + + /** ++ * polkit_unix_process_set_start_time: ++ * @process: A #PolkitUnixProcess. ++ * @start_time: The start time for @pid. ++ * ++ * Set the start time of @process. ++ */ ++void ++polkit_unix_process_set_start_time (PolkitUnixProcess *process, ++ guint64 start_time) ++{ ++ g_return_if_fail (POLKIT_IS_UNIX_PROCESS (process)); ++ process->start_time = start_time; ++} ++ ++/** + * polkit_unix_process_set_pid: + * @process: A #PolkitUnixProcess. + * @pid: A process id. +@@ -318,21 +342,21 @@ void + polkit_unix_process_set_pid (PolkitUnixProcess *process, + gint pid) + { ++ g_return_if_fail (POLKIT_IS_UNIX_PROCESS (process)); + process->pid = pid; +- if (pid != (gint) -1) +- process->start_time = get_start_time_for_pid (pid, NULL); + } + + /** + * polkit_unix_process_new: + * @pid: The process id. + * +- * Creates a new #PolkitUnixProcess for @pid. The start time of the +- * process will be looked up in using e.g. the +- * <filename>/proc</filename> filesystem depending on the platform in +- * use. ++ * Creates a new #PolkitUnixProcess for @pid. + * +- * Returns: A #PolkitSubject. Free with g_object_unref(). ++ * The uid and start time of the process will be looked up in using ++ * e.g. the <filename>/proc</filename> filesystem depending on the ++ * platform in use. ++ * ++ * Returns: (transfer full): A #PolkitSubject. Free with g_object_unref(). + */ + PolkitSubject * + polkit_unix_process_new (gint pid) +@@ -349,22 +373,42 @@ polkit_unix_process_new (gint pid) + * + * Creates a new #PolkitUnixProcess object for @pid and @start_time. + * +- * Returns: A #PolkitSubject. Free with g_object_unref(). ++ * The uid of the process will be looked up in using e.g. the ++ * <filename>/proc</filename> filesystem depending on the platform in ++ * use. ++ * ++ * Returns: (transfer full): A #PolkitSubject. Free with g_object_unref(). + */ + PolkitSubject * + polkit_unix_process_new_full (gint pid, + guint64 start_time) + { +- PolkitUnixProcess *process; +- +- process = POLKIT_UNIX_PROCESS (polkit_unix_process_new ((gint) -1)); +- process->pid = pid; +- if (start_time != 0) +- process->start_time = start_time; +- else +- process->start_time = get_start_time_for_pid (pid, NULL); ++ return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_UNIX_PROCESS, ++ "pid", pid, ++ "start_time", start_time, ++ NULL)); ++} + +- return POLKIT_SUBJECT (process); ++/** ++ * polkit_unix_process_new_for_owner: ++ * @pid: The process id. ++ * @start_time: The start time for @pid or 0 to look it up in e.g. <filename>/proc</filename>. ++ * @uid: The (real, not effective) uid of the owner of @pid or -1 to look it up in e.g. <filename>/proc</filename>. ++ * ++ * Creates a new #PolkitUnixProcess object for @pid, @start_time and @uid. ++ * ++ * Returns: (transfer full): A #PolkitSubject. Free with g_object_unref(). ++ */ ++PolkitSubject * ++polkit_unix_process_new_for_owner (gint pid, ++ guint64 start_time, ++ gint uid) ++{ ++ return POLKIT_SUBJECT (g_object_new (POLKIT_TYPE_UNIX_PROCESS, ++ "pid", pid, ++ "start_time", start_time, ++ "uid", uid, ++ NULL)); + } + + static guint +@@ -612,3 +656,95 @@ out: + + return start_time; + } ++ ++static gint ++_polkit_unix_process_get_owner (PolkitUnixProcess *process, ++ GError **error) ++{ ++ gint result; ++ gchar *contents; ++ gchar **lines; ++#ifdef HAVE_FREEBSD ++ struct kinfo_proc p; ++#else ++ gchar filename[64]; ++ guint n; ++#endif ++ ++ g_return_val_if_fail (POLKIT_IS_UNIX_PROCESS (process), 0); ++ g_return_val_if_fail (error == NULL || *error == NULL, 0); ++ ++ result = 0; ++ lines = NULL; ++ contents = NULL; ++ ++#ifdef HAVE_FREEBSD ++ if (get_kinfo_proc (process->pid, &p) == 0) ++ { ++ g_set_error (error, ++ POLKIT_ERROR, ++ POLKIT_ERROR_FAILED, ++ "get_kinfo_proc() failed for pid %d: %s", ++ process->pid, ++ g_strerror (errno)); ++ goto out; ++ } ++ ++ result = p.ki_uid; ++#else ++ ++ /* see 'man proc' for layout of the status file ++ * ++ * Uid, Gid: Real, effective, saved set, and file system UIDs (GIDs). ++ */ ++ g_snprintf (filename, sizeof filename, "/proc/%d/status", process->pid); ++ if (!g_file_get_contents (filename, ++ &contents, ++ NULL, ++ error)) ++ { ++ goto out; ++ } ++ lines = g_strsplit (contents, "\n", -1); ++ for (n = 0; lines != NULL && lines[n] != NULL; n++) ++ { ++ gint real_uid, effective_uid; ++ if (!g_str_has_prefix (lines[n], "Uid:")) ++ continue; ++ if (sscanf (lines[n] + 4, "%d %d", &real_uid, &effective_uid) != 2) ++ { ++ g_set_error (error, ++ POLKIT_ERROR, ++ POLKIT_ERROR_FAILED, ++ "Unexpected line `%s' in file %s", ++ lines[n], ++ filename); ++ goto out; ++ } ++ else ++ { ++ result = real_uid; ++ goto out; ++ } ++ } ++ ++ g_set_error (error, ++ POLKIT_ERROR, ++ POLKIT_ERROR_FAILED, ++ "Didn't find any line starting with `Uid:' in file %s", ++ filename); ++#endif ++ ++out: ++ g_strfreev (lines); ++ g_free (contents); ++ return result; ++} ++ ++/* deprecated public method */ ++gint ++polkit_unix_process_get_owner (PolkitUnixProcess *process, ++ GError **error) ++{ ++ return _polkit_unix_process_get_owner (process, error); ++} +diff --git a/src/polkit/polkitunixprocess.h b/src/polkit/polkitunixprocess.h +index b88cd03..68c7fd7 100644 +--- a/src/polkit/polkitunixprocess.h ++++ b/src/polkit/polkitunixprocess.h +@@ -50,11 +50,21 @@ GType polkit_unix_process_get_type (void) G_GNUC_CONST; + PolkitSubject *polkit_unix_process_new (gint pid); + PolkitSubject *polkit_unix_process_new_full (gint pid, + guint64 start_time); ++PolkitSubject *polkit_unix_process_new_for_owner (gint pid, ++ guint64 start_time, ++ gint uid); + + gint polkit_unix_process_get_pid (PolkitUnixProcess *process); ++gint polkit_unix_process_get_uid (PolkitUnixProcess *process); + guint64 polkit_unix_process_get_start_time (PolkitUnixProcess *process); + void polkit_unix_process_set_pid (PolkitUnixProcess *process, + gint pid); ++void polkit_unix_process_set_uid (PolkitUnixProcess *process, ++ gint uid); ++void polkit_unix_process_set_start_time (PolkitUnixProcess *process, ++ guint64 start_time); ++ ++G_GNUC_DEPRECATED + gint polkit_unix_process_get_owner (PolkitUnixProcess *process, + GError **error); + +-- +1.7.4.4 + diff --git a/patches/source/polkit/CVE-2011-1485/0003-Use-polkit_unix_process_get_uid-to-get-the-owner-of-.patch b/patches/source/polkit/CVE-2011-1485/0003-Use-polkit_unix_process_get_uid-to-get-the-owner-of-.patch new file mode 100644 index 00000000..b7d53752 --- /dev/null +++ b/patches/source/polkit/CVE-2011-1485/0003-Use-polkit_unix_process_get_uid-to-get-the-owner-of-.patch @@ -0,0 +1,41 @@ +From 55e6f92e7340d57a66f83bd69bdf26454fdf7533 Mon Sep 17 00:00:00 2001 +From: David Zeuthen <davidz@redhat.com> +Date: Mon, 11 Apr 2011 12:41:35 -0400 +Subject: [PATCH 3/6] Use polkit_unix_process_get_uid() to get the owner of a + process + +This avoids a TOCTTOU problem. + +Signed-off-by: David Zeuthen <davidz@redhat.com> +--- + src/polkitbackend/polkitbackendsessionmonitor.c | 13 ++++++------- + 1 files changed, 6 insertions(+), 7 deletions(-) + +diff --git a/src/polkitbackend/polkitbackendsessionmonitor.c b/src/polkitbackend/polkitbackendsessionmonitor.c +index 2028250..d976514 100644 +--- a/src/polkitbackend/polkitbackendsessionmonitor.c ++++ b/src/polkitbackend/polkitbackendsessionmonitor.c +@@ -418,14 +418,13 @@ polkit_backend_session_monitor_get_user_for_subject (PolkitBackendSessionMonitor + + if (POLKIT_IS_UNIX_PROCESS (subject)) + { +- GError *local_error; +- +- local_error = NULL; +- uid = polkit_unix_process_get_owner (POLKIT_UNIX_PROCESS (subject), &local_error); +- if (local_error != NULL) ++ uid = polkit_unix_process_get_uid (POLKIT_UNIX_PROCESS (subject)); ++ if ((gint) uid == -1) + { +- g_propagate_error (error, local_error); +- g_error_free (local_error); ++ g_set_error (error, ++ POLKIT_ERROR, ++ POLKIT_ERROR_FAILED, ++ "Unix process subject does not have uid set"); + goto out; + } + user = polkit_unix_user_new (uid); +-- +1.7.4.4 + diff --git a/patches/source/polkit/CVE-2011-1485/0004-pkexec-Avoid-TOCTTOU-problems-with-parent-process.patch b/patches/source/polkit/CVE-2011-1485/0004-pkexec-Avoid-TOCTTOU-problems-with-parent-process.patch new file mode 100644 index 00000000..e17947a9 --- /dev/null +++ b/patches/source/polkit/CVE-2011-1485/0004-pkexec-Avoid-TOCTTOU-problems-with-parent-process.patch @@ -0,0 +1,97 @@ +--- ./src/programs/pkexec.c.orig 2010-03-10 11:46:19.000000000 -0600 ++++ ./src/programs/pkexec.c 2011-04-19 23:14:40.505000017 -0500 +@@ -38,6 +38,10 @@ + #include <syslog.h> + #include <stdarg.h> + ++#ifdef __linux__ ++#include <sys/prctl.h> ++#endif ++ + #include <polkit/polkit.h> + + static gchar *original_user_name = NULL; +@@ -410,7 +414,6 @@ + GPtrArray *saved_env; + gchar *opt_user; + pid_t pid_of_caller; +- uid_t uid_of_caller; + + ret = 127; + authority = NULL; +@@ -578,40 +581,49 @@ + */ + g_type_init (); + +- /* now check if the program that invoked us is authorized */ ++ /* make sure we are nuked if the parent process dies */ ++#ifdef __linux__ ++ if (prctl (PR_SET_PDEATHSIG, SIGTERM) != 0) ++ { ++ g_printerr ("prctl(PR_SET_PDEATHSIG, SIGTERM) failed: %s\n", g_strerror (errno)); ++ goto out; ++ } ++#else ++#warning "Please add OS specific code to catch when the parent dies" ++#endif ++ ++ /* Figure out the parent process */ + pid_of_caller = getppid (); + if (pid_of_caller == 1) + { + /* getppid() can return 1 if the parent died (meaning that we are reaped +- * by /sbin/init); get process group leader instead - for example, this +- * happens when launching via gnome-panel (alt+f2, then 'pkexec gedit'). ++ * by /sbin/init); In that case we simpy bail. + */ +- pid_of_caller = getpgrp (); +- } +- +- subject = polkit_unix_process_new (pid_of_caller); +- if (subject == NULL) +- { +- g_printerr ("No such process for pid %d: %s\n", (gint) pid_of_caller, error->message); +- g_error_free (error); ++ g_printerr ("Refusing to render service to dead parents.\n"); + goto out; + } + +- /* paranoia: check that the uid of pid_of_caller matches getuid() */ +- error = NULL; +- uid_of_caller = polkit_unix_process_get_owner (POLKIT_UNIX_PROCESS (subject), +- &error); +- if (error != NULL) +- { +- g_printerr ("Error determing pid of caller (pid %d): %s\n", (gint) pid_of_caller, error->message); +- g_error_free (error); +- goto out; +- } +- if (uid_of_caller != getuid ()) +- { +- g_printerr ("User of caller (%d) does not match our uid (%d)\n", uid_of_caller, getuid ()); +- goto out; +- } ++ /* This process we want to check an authorization for is the process ++ * that launched us - our parent process. ++ * ++ * At the time the parent process fork()'ed and exec()'ed us, the ++ * process had the same real-uid that we have now. So we use this ++ * real-uid instead of of looking it up to avoid TOCTTOU issues ++ * (consider the parent process exec()'ing a setuid helper). ++ * ++ * On the other hand, the monotonic process start-time is guaranteed ++ * to never change so it's safe to look that up given only the PID ++ * since we are guaranteed to be nuked if the parent goes away ++ * (cf. the prctl(2) call above). ++ */ ++ subject = polkit_unix_process_new_for_owner (pid_of_caller, ++ 0, /* 0 means "look up start-time in /proc" */ ++ getuid ()); ++ /* really double-check the invariants guaranteed by the PolkitUnixProcess class */ ++ g_assert (subject != NULL); ++ g_assert (polkit_unix_process_get_pid (POLKIT_UNIX_PROCESS (subject)) == pid_of_caller); ++ g_assert (polkit_unix_process_get_uid (POLKIT_UNIX_PROCESS (subject)) >= 0); ++ g_assert (polkit_unix_process_get_start_time (POLKIT_UNIX_PROCESS (subject)) > 0); + + authority = polkit_authority_get (); + diff --git a/patches/source/polkit/polkit-1-shadow.diff b/patches/source/polkit/polkit-1-shadow.diff new file mode 100644 index 00000000..56e24277 --- /dev/null +++ b/patches/source/polkit/polkit-1-shadow.diff @@ -0,0 +1,1030 @@ +diff --git a/src/polkitagent/Makefile.am b/src/polkitagent/Makefile.am +index 3f38329..e114d01 100644 +--- a/src/polkitagent/Makefile.am ++++ b/src/polkitagent/Makefile.am +@@ -68,8 +68,15 @@ libpolkit_agent_1_la_LDFLAGS = -export-symbols-regex '(^polkit_.*)' + libexec_PROGRAMS = polkit-agent-helper-1 + + polkit_agent_helper_1_SOURCES = \ +- polkitagenthelper.c \ +- $(NULL) ++ polkitagenthelperprivate.c polkitagenthelperprivate.h ++ ++if POLKIT_AUTHFW_PAM ++polkit_agent_helper_1_SOURCES += polkitagenthelper-pam.c ++endif ++if POLKIT_AUTHFW_SHADOW ++polkit_agent_helper_1_SOURCES += polkitagenthelper-shadow.c ++endif ++polkit_agent_helper_1_SOURCES += $(NULL) + + polkit_agent_helper_1_CFLAGS = \ + -D_POLKIT_COMPILATION \ +diff --git a/src/polkitagent/polkitagenthelper-pam.c b/src/polkitagent/polkitagenthelper-pam.c +new file mode 100644 +index 0000000..4c6c6fb +--- /dev/null ++++ b/src/polkitagent/polkitagenthelper-pam.c +@@ -0,0 +1,264 @@ ++/* ++ * Copyright (C) 2008, 2010 Red Hat, Inc. ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General ++ * Public License along with this library; if not, write to the ++ * Free Software Foundation, Inc., 59 Temple Place, Suite 330, ++ * Boston, MA 02111-1307, USA. ++ * ++ * Author: David Zeuthen <davidz@redhat.com> ++ */ ++ ++#include "config.h" ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <unistd.h> ++#include <sys/types.h> ++#include <sys/stat.h> ++#include <syslog.h> ++#include <security/pam_appl.h> ++ ++#include <polkit/polkit.h> ++#include "polkitagenthelperprivate.h" ++ ++static int conversation_function (int n, const struct pam_message **msg, struct pam_response **resp, void *data); ++ ++int ++main (int argc, char *argv[]) ++{ ++ int rc; ++ const char *user_to_auth; ++ const char *cookie; ++ struct pam_conv pam_conversation; ++ pam_handle_t *pam_h; ++ const void *authed_user; ++ ++ rc = 0; ++ pam_h = NULL; ++ ++ /* clear the entire environment to avoid attacks using with libraries honoring environment variables */ ++ if (clearenv () != 0) ++ goto error; ++ ++ /* set a minimal environment */ ++ setenv ("PATH", "/usr/sbin:/usr/bin:/sbin:/bin", 1); ++ ++ /* check that we are setuid root */ ++ if (geteuid () != 0) ++ { ++ fprintf (stderr, "polkit-agent-helper-1: needs to be setuid root\n"); ++ goto error; ++ } ++ ++ openlog ("polkit-agent-helper-1", LOG_CONS | LOG_PID, LOG_AUTHPRIV); ++ ++ /* check for correct invocation */ ++ if (argc != 3) ++ { ++ syslog (LOG_NOTICE, "inappropriate use of helper, wrong number of arguments [uid=%d]", getuid ()); ++ fprintf (stderr, "polkit-agent-helper-1: wrong number of arguments. This incident has been logged.\n"); ++ goto error; ++ } ++ ++ user_to_auth = argv[1]; ++ cookie = argv[2]; ++ ++ if (getuid () != 0) ++ { ++ /* check we're running with a non-tty stdin */ ++ if (isatty (STDIN_FILENO) != 0) ++ { ++ syslog (LOG_NOTICE, "inappropriate use of helper, stdin is a tty [uid=%d]", getuid ()); ++ fprintf (stderr, "polkit-agent-helper-1: inappropriate use of helper, stdin is a tty. This incident has been logged.\n"); ++ goto error; ++ } ++ } ++ ++#ifdef PAH_DEBUG ++ fprintf (stderr, "polkit-agent-helper-1: user to auth is '%s'.\n", user_to_auth); ++#endif /* PAH_DEBUG */ ++ ++ pam_conversation.conv = conversation_function; ++ pam_conversation.appdata_ptr = NULL; ++ ++ /* start the pam stack */ ++ rc = pam_start ("polkit-1", ++ user_to_auth, ++ &pam_conversation, ++ &pam_h); ++ if (rc != PAM_SUCCESS) ++ { ++ fprintf (stderr, "polkit-agent-helper-1: pam_start failed: %s\n", pam_strerror (pam_h, rc)); ++ goto error; ++ } ++ ++ /* set the requesting user */ ++ rc = pam_set_item (pam_h, PAM_RUSER, user_to_auth); ++ if (rc != PAM_SUCCESS) ++ { ++ fprintf (stderr, "polkit-agent-helper-1: pam_set_item failed: %s\n", pam_strerror (pam_h, rc)); ++ goto error; ++ } ++ ++ /* is user really user? */ ++ rc = pam_authenticate (pam_h, 0); ++ if (rc != PAM_SUCCESS) ++ { ++ fprintf (stderr, "polkit-agent-helper-1: pam_authenticated failed: %s\n", pam_strerror (pam_h, rc)); ++ goto error; ++ } ++ ++ /* permitted access? */ ++ rc = pam_acct_mgmt (pam_h, 0); ++ if (rc != PAM_SUCCESS) ++ { ++ fprintf (stderr, "polkit-agent-helper-1: pam_acct_mgmt failed: %s\n", pam_strerror (pam_h, rc)); ++ goto error; ++ } ++ ++ /* did we auth the right user? */ ++ rc = pam_get_item (pam_h, PAM_USER, &authed_user); ++ if (rc != PAM_SUCCESS) ++ { ++ fprintf (stderr, "polkit-agent-helper-1: pam_get_item failed: %s\n", pam_strerror (pam_h, rc)); ++ goto error; ++ } ++ ++ if (strcmp (authed_user, user_to_auth) != 0) ++ { ++ fprintf (stderr, "polkit-agent-helper-1: Tried to auth user '%s' but we got auth for user '%s' instead", ++ user_to_auth, (const char *) authed_user); ++ goto error; ++ } ++ ++#ifdef PAH_DEBUG ++ fprintf (stderr, "polkit-agent-helper-1: successfully authenticated user '%s'.\n", user_to_auth); ++#endif /* PAH_DEBUG */ ++ ++ pam_end (pam_h, rc); ++ pam_h = NULL; ++ ++#ifdef PAH_DEBUG ++ fprintf (stderr, "polkit-agent-helper-1: sending D-Bus message to PolicyKit daemon\n"); ++#endif /* PAH_DEBUG */ ++ ++ /* now send a D-Bus message to the PolicyKit daemon that ++ * includes a) the cookie; and b) the user we authenticated ++ */ ++ if (!send_dbus_message (cookie, user_to_auth)) ++ { ++#ifdef PAH_DEBUG ++ fprintf (stderr, "polkit-agent-helper-1: error sending D-Bus message to PolicyKit daemon\n"); ++#endif /* PAH_DEBUG */ ++ goto error; ++ } ++ ++#ifdef PAH_DEBUG ++ fprintf (stderr, "polkit-agent-helper-1: successfully sent D-Bus message to PolicyKit daemon\n"); ++#endif /* PAH_DEBUG */ ++ ++ fprintf (stdout, "SUCCESS\n"); ++ flush_and_wait(); ++ return 0; ++ ++error: ++ if (pam_h != NULL) ++ pam_end (pam_h, rc); ++ ++ fprintf (stdout, "FAILURE\n"); ++ flush_and_wait(); ++ return 1; ++} ++ ++static int ++conversation_function (int n, const struct pam_message **msg, struct pam_response **resp, void *data) ++{ ++ struct pam_response *aresp; ++ char buf[PAM_MAX_RESP_SIZE]; ++ int i; ++ ++ data = data; ++ if (n <= 0 || n > PAM_MAX_NUM_MSG) ++ return PAM_CONV_ERR; ++ ++ if ((aresp = calloc(n, sizeof *aresp)) == NULL) ++ return PAM_BUF_ERR; ++ ++ for (i = 0; i < n; ++i) ++ { ++ aresp[i].resp_retcode = 0; ++ aresp[i].resp = NULL; ++ switch (msg[i]->msg_style) ++ { ++ ++ case PAM_PROMPT_ECHO_OFF: ++ fprintf (stdout, "PAM_PROMPT_ECHO_OFF "); ++ goto conv1; ++ ++ case PAM_PROMPT_ECHO_ON: ++ fprintf (stdout, "PAM_PROMPT_ECHO_ON "); ++ conv1: ++ fputs (msg[i]->msg, stdout); ++ if (strlen (msg[i]->msg) > 0 && msg[i]->msg[strlen (msg[i]->msg) - 1] != '\n') ++ fputc ('\n', stdout); ++ fflush (stdout); ++ ++ if (fgets (buf, sizeof buf, stdin) == NULL) ++ goto error; ++ ++ if (strlen (buf) > 0 && ++ buf[strlen (buf) - 1] == '\n') ++ buf[strlen (buf) - 1] = '\0'; ++ ++ aresp[i].resp = strdup (buf); ++ if (aresp[i].resp == NULL) ++ goto error; ++ break; ++ ++ case PAM_ERROR_MSG: ++ fprintf (stdout, "PAM_ERROR_MSG "); ++ goto conv2; ++ ++ case PAM_TEXT_INFO: ++ fprintf (stdout, "PAM_TEXT_INFO "); ++ conv2: ++ fputs (msg[i]->msg, stdout); ++ if (strlen (msg[i]->msg) > 0 && ++ msg[i]->msg[strlen (msg[i]->msg) - 1] != '\n') ++ fputc ('\n', stdout); ++ fflush (stdout); ++ break; ++ ++ default: ++ goto error; ++ } ++ } ++ ++ *resp = aresp; ++ return PAM_SUCCESS; ++ ++error: ++ ++ for (i = 0; i < n; ++i) ++ { ++ if (aresp[i].resp != NULL) { ++ memset (aresp[i].resp, 0, strlen(aresp[i].resp)); ++ free (aresp[i].resp); ++ } ++ } ++ memset (aresp, 0, n * sizeof *aresp); ++ *resp = NULL; ++ return PAM_CONV_ERR; ++} ++ +diff --git a/src/polkitagent/polkitagenthelper-shadow.c b/src/polkitagent/polkitagenthelper-shadow.c +new file mode 100644 +index 0000000..7435533 +--- /dev/null ++++ b/src/polkitagent/polkitagenthelper-shadow.c +@@ -0,0 +1,189 @@ ++/* ++ * Copyright (C) 2008 Red Hat, Inc. ++ * Copyright (C) 2009-2010 Andrew Psaltis <ampsaltis@gmail.com> ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General ++ * Public License along with this library; if not, write to the ++ * Free Software Foundation, Inc., 59 Temple Place, Suite 330, ++ * Boston, MA 02111-1307, USA. ++ * ++ * Authors: Andrew Psaltis <ampsaltis@gmail.com>, based on ++ * polkitagenthelper.c which was written by ++ * David Zeuthen <davidz@redhat.com> ++ */ ++ ++#include "config.h" ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <unistd.h> ++#include <sys/types.h> ++#include <sys/stat.h> ++#include <syslog.h> ++#include <shadow.h> ++#include <grp.h> ++#include <pwd.h> ++#include <time.h> ++ ++#include <polkit/polkit.h> ++#include "polkitagenthelperprivate.h" ++ ++ ++extern char *crypt (); ++static int shadow_authenticate (struct spwd *shadow); ++ ++int ++main (int argc, char *argv[]) ++{ ++ struct spwd *shadow; ++ const char *user_to_auth; ++ const char *cookie; ++ time_t tm; ++ ++ /* clear the entire environment to avoid attacks with ++ libraries honoring environment variables */ ++ if (clearenv () != 0) ++ goto error; ++ ++ /* set a minimal environment */ ++ setenv ("PATH", "/usr/sbin:/usr/bin:/sbin:/bin", 1); ++ ++ /* check that we are setuid root */ ++ if (geteuid () != 0) ++ { ++ fprintf (stderr, "polkit-agent-helper-1: needs to be setuid root\n"); ++ goto error; ++ } ++ ++ openlog ("polkit-agent-helper-1", LOG_CONS | LOG_PID, LOG_AUTHPRIV); ++ ++ /* check for correct invocation */ ++ if (argc != 3) ++ { ++ syslog (LOG_NOTICE, "inappropriate use of helper, wrong number of arguments [uid=%d]", getuid ()); ++ fprintf (stderr, "polkit-agent-helper-1: wrong number of arguments. This incident has been logged.\n"); ++ goto error; ++ } ++ ++ if (getuid () != 0) ++ { ++ /* check we're running with a non-tty stdin */ ++ if (isatty (STDIN_FILENO) != 0) ++ { ++ syslog (LOG_NOTICE, "inappropriate use of helper, stdin is a tty [uid=%d]", getuid ()); ++ fprintf (stderr, "polkit-agent-helper-1: inappropriate use of helper, stdin is a tty. This incident has been logged.\n"); ++ goto error; ++ } ++ } ++ ++ user_to_auth = argv[1]; ++ cookie = argv[2]; ++ ++#ifdef PAH_DEBUG ++ fprintf (stderr, "polkit-agent-helper-1: user to auth is '%s'.\n", user_to_auth); ++#endif /* PAH_DEBUG */ ++ ++ /* Ask shadow about the user requesting authentication */ ++ if ((shadow = getspnam (user_to_auth)) == NULL) ++ { ++ syslog (LOG_NOTICE, "shadow file data information request for user %s [uid=%d] failed", user_to_auth, getuid()); ++ fprintf(stderr, "polkit-agent-helper-1: could not get shadow information for%.100s", user_to_auth); ++ goto error; ++ } ++ ++ /* Check the user's identity */ ++ if(!shadow_authenticate (shadow)) ++ { ++ syslog (LOG_NOTICE, "authentication failure [uid=%d] trying to authenticate '%s'", getuid (), user_to_auth); ++ fprintf (stderr, "polkit-agent-helper-1: authentication failure. This incident has been logged.\n"); ++ goto error; ++ } ++ ++ /* Check whether the user's password has expired */ ++ time(&tm); ++ if( shadow->sp_max >= 0 && (shadow->sp_lstchg + shadow->sp_max) * 60 * 60 * 24 <= tm) ++ { ++ syslog (LOG_NOTICE, "password expired for user '%s' [uid=%d] trying to authenticate", user_to_auth, getuid () ); ++ fprintf (stderr, "polkit-agent-helper-1: authorization failure. This incident has been logged.\n"); ++ goto error; ++ } ++ ++ /* Check whether the user's password has aged (and account expired along ++ * with it) ++ */ ++ if( shadow->sp_inact >= 0 && (shadow->sp_lstchg + shadow->sp_max + shadow->sp_inact) * 60 * 60 * 24 <= tm) ++ { ++ syslog (LOG_NOTICE, "password aged for user '%s' [uid=%d] trying to authenticate", user_to_auth, getuid () ); ++ fprintf (stderr, "polkit-agent-helper-1: authorization failure. This incident has been logged.\n"); ++ goto error; ++ } ++ ++ /* Check whether the user's account has expired */ ++ if(shadow->sp_expire >= 0 && shadow->sp_expire * 60 * 60 * 24 <= tm) ++ { ++ syslog (LOG_NOTICE, "account expired for user '%s' [uid=%d] trying to authenticate", user_to_auth, getuid () ); ++ fprintf (stderr, "polkit-agent-helper-1: authorization failure. This incident has been logged.\n"); ++ goto error; ++ } ++ ++#ifdef PAH_DEBUG ++ fprintf (stderr, "polkit-agent-helper-1: sending D-Bus message to PolicyKit daemon\n"); ++#endif /* PAH_DEBUG */ ++ ++ /* now send a D-Bus message to the PolicyKit daemon that ++ * includes a) the cookie; and b) the user we authenticated ++ */ ++ if (!send_dbus_message (cookie, user_to_auth)) ++ { ++#ifdef PAH_DEBUG ++ fprintf (stderr, "polkit-agent-helper-1: error sending D-Bus message to PolicyKit daemon\n"); ++#endif /* PAH_DEBUG */ ++ goto error; ++ } ++ ++#ifdef PAH_DEBUG ++ fprintf (stderr, "polkit-agent-helper-1: successfully sent D-Bus message to PolicyKit daemon\n"); ++#endif /* PAH_DEBUG */ ++ ++ fprintf (stdout, "SUCCESS\n"); ++ flush_and_wait(); ++ return 0; ++ ++error: ++ fprintf (stdout, "FAILURE\n"); ++ flush_and_wait(); ++ return 1; ++} ++ ++static int ++shadow_authenticate(struct spwd *shadow) ++{ ++ /* Speak PAM to the daemon, thanks to David Zeuthen for the idea. */ ++ char passwd[512]; ++ fprintf(stdout, "PAM_PROMPT_ECHO_OFF password:\n"); ++ fflush(stdout); ++ usleep (10 * 1000); /* since fflush(3) seems buggy */ ++ ++ if (fgets (passwd, sizeof (passwd), stdin) == NULL) ++ goto error; ++ ++ if (strlen (passwd) > 0 && passwd[strlen (passwd) - 1] == '\n') ++ passwd[strlen (passwd) - 1] = '\0'; ++ ++ if (strcmp (shadow->sp_pwdp, crypt (passwd, shadow->sp_pwdp)) != 0) ++ goto error; ++ return 1; ++error: ++ return 0; ++} ++ +diff --git a/src/polkitagent/polkitagenthelper.c b/src/polkitagent/polkitagenthelper.c +deleted file mode 100644 +index cca86db..0000000 +--- a/src/polkitagent/polkitagenthelper.c ++++ /dev/null +@@ -1,339 +0,0 @@ +-/* +- * Copyright (C) 2008 Red Hat, Inc. +- * +- * This library is free software; you can redistribute it and/or +- * modify it under the terms of the GNU Lesser General Public +- * License as published by the Free Software Foundation; either +- * version 2 of the License, or (at your option) any later version. +- * +- * This library is distributed in the hope that it will be useful, +- * but WITHOUT ANY WARRANTY; without even the implied warranty of +- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +- * Lesser General Public License for more details. +- * +- * You should have received a copy of the GNU Lesser General +- * Public License along with this library; if not, write to the +- * Free Software Foundation, Inc., 59 Temple Place, Suite 330, +- * Boston, MA 02111-1307, USA. +- * +- * Author: David Zeuthen <davidz@redhat.com> +- */ +- +-#include "config.h" +-#include <stdio.h> +-#include <stdlib.h> +-#include <string.h> +-#include <unistd.h> +-#include <sys/types.h> +-#include <sys/stat.h> +-#include <syslog.h> +-#include <security/pam_appl.h> +- +-#include <polkit/polkit.h> +- +-#ifdef HAVE_SOLARIS +-# define LOG_AUTHPRIV (10<<3) +-#endif +- +-#ifndef HAVE_CLEARENV +-extern char **environ; +- +-static int +-clearenv (void) +-{ +- if (environ != NULL) +- environ[0] = NULL; +- return 0; +-} +-#endif +- +-/* Development aid: define PAH_DEBUG to get debugging output. Do _NOT_ +- * enable this in production builds; it may leak passwords and other +- * sensitive information. +- */ +-#undef PAH_DEBUG +-// #define PAH_DEBUG +- +-static gboolean send_dbus_message (const char *cookie, const char *user); +- +-static int conversation_function (int n, const struct pam_message **msg, struct pam_response **resp, void *data); +- +-int +-main (int argc, char *argv[]) +-{ +- int rc; +- const char *user_to_auth; +- const char *cookie; +- struct pam_conv pam_conversation; +- pam_handle_t *pam_h; +- const void *authed_user; +- +- rc = 0; +- pam_h = NULL; +- +- /* clear the entire environment to avoid attacks using with libraries honoring environment variables */ +- if (clearenv () != 0) +- goto error; +- +- /* set a minimal environment */ +- setenv ("PATH", "/usr/sbin:/usr/bin:/sbin:/bin", 1); +- +- /* check that we are setuid root */ +- if (geteuid () != 0) +- { +- fprintf (stderr, "polkit-agent-helper-1: needs to be setuid root\n"); +- goto error; +- } +- +- openlog ("polkit-agent-helper-1", LOG_CONS | LOG_PID, LOG_AUTHPRIV); +- +- /* check for correct invocation */ +- if (argc != 3) +- { +- syslog (LOG_NOTICE, "inappropriate use of helper, wrong number of arguments [uid=%d]", getuid ()); +- fprintf (stderr, "polkit-agent-helper-1: wrong number of arguments. This incident has been logged.\n"); +- goto error; +- } +- +- user_to_auth = argv[1]; +- cookie = argv[2]; +- +- if (getuid () != 0) +- { +- /* check we're running with a non-tty stdin */ +- if (isatty (STDIN_FILENO) != 0) +- { +- syslog (LOG_NOTICE, "inappropriate use of helper, stdin is a tty [uid=%d]", getuid ()); +- fprintf (stderr, "polkit-agent-helper-1: inappropriate use of helper, stdin is a tty. This incident has been logged.\n"); +- goto error; +- } +- } +- +-#ifdef PAH_DEBUG +- fprintf (stderr, "polkit-agent-helper-1: user to auth is '%s'.\n", user_to_auth); +-#endif /* PAH_DEBUG */ +- +- pam_conversation.conv = conversation_function; +- pam_conversation.appdata_ptr = NULL; +- +- /* start the pam stack */ +- rc = pam_start ("polkit-1", +- user_to_auth, +- &pam_conversation, +- &pam_h); +- if (rc != PAM_SUCCESS) +- { +- fprintf (stderr, "polkit-agent-helper-1: pam_start failed: %s\n", pam_strerror (pam_h, rc)); +- goto error; +- } +- +- /* set the requesting user */ +- rc = pam_set_item (pam_h, PAM_RUSER, user_to_auth); +- if (rc != PAM_SUCCESS) +- { +- fprintf (stderr, "polkit-agent-helper-1: pam_set_item failed: %s\n", pam_strerror (pam_h, rc)); +- goto error; +- } +- +- /* is user really user? */ +- rc = pam_authenticate (pam_h, 0); +- if (rc != PAM_SUCCESS) +- { +- fprintf (stderr, "polkit-agent-helper-1: pam_authenticated failed: %s\n", pam_strerror (pam_h, rc)); +- goto error; +- } +- +- /* permitted access? */ +- rc = pam_acct_mgmt (pam_h, 0); +- if (rc != PAM_SUCCESS) +- { +- fprintf (stderr, "polkit-agent-helper-1: pam_acct_mgmt failed: %s\n", pam_strerror (pam_h, rc)); +- goto error; +- } +- +- /* did we auth the right user? */ +- rc = pam_get_item (pam_h, PAM_USER, &authed_user); +- if (rc != PAM_SUCCESS) +- { +- fprintf (stderr, "polkit-agent-helper-1: pam_get_item failed: %s\n", pam_strerror (pam_h, rc)); +- goto error; +- } +- +- if (strcmp (authed_user, user_to_auth) != 0) +- { +- fprintf (stderr, "polkit-agent-helper-1: Tried to auth user '%s' but we got auth for user '%s' instead", +- user_to_auth, (const char *) authed_user); +- goto error; +- } +- +-#ifdef PAH_DEBUG +- fprintf (stderr, "polkit-agent-helper-1: successfully authenticated user '%s'.\n", user_to_auth); +-#endif /* PAH_DEBUG */ +- +- pam_end (pam_h, rc); +- pam_h = NULL; +- +-#ifdef PAH_DEBUG +- fprintf (stderr, "polkit-agent-helper-1: sending D-Bus message to PolicyKit daemon\n"); +-#endif /* PAH_DEBUG */ +- +- /* now send a D-Bus message to the PolicyKit daemon that +- * includes a) the cookie; and b) the user we authenticated +- */ +- if (!send_dbus_message (cookie, user_to_auth)) +- { +-#ifdef PAH_DEBUG +- fprintf (stderr, "polkit-agent-helper-1: error sending D-Bus message to PolicyKit daemon\n"); +-#endif /* PAH_DEBUG */ +- goto error; +- } +- +-#ifdef PAH_DEBUG +- fprintf (stderr, "polkit-agent-helper-1: successfully sent D-Bus message to PolicyKit daemon\n"); +-#endif /* PAH_DEBUG */ +- +- fprintf (stdout, "SUCCESS\n"); +- fflush (stdout); +- fflush (stderr); +- usleep (10 * 1000); /* since fflush(3) seems buggy */ +- return 0; +- +-error: +- if (pam_h != NULL) +- pam_end (pam_h, rc); +- +- fprintf (stdout, "FAILURE\n"); +- fflush (stdout); +- fflush (stderr); +- usleep (10 * 1000); /* since fflush(3) seems buggy */ +- return 1; +-} +- +-static int +-conversation_function (int n, const struct pam_message **msg, struct pam_response **resp, void *data) +-{ +- struct pam_response *aresp; +- char buf[PAM_MAX_RESP_SIZE]; +- int i; +- +- data = data; +- if (n <= 0 || n > PAM_MAX_NUM_MSG) +- return PAM_CONV_ERR; +- +- if ((aresp = calloc(n, sizeof *aresp)) == NULL) +- return PAM_BUF_ERR; +- +- for (i = 0; i < n; ++i) +- { +- aresp[i].resp_retcode = 0; +- aresp[i].resp = NULL; +- switch (msg[i]->msg_style) +- { +- +- case PAM_PROMPT_ECHO_OFF: +- fprintf (stdout, "PAM_PROMPT_ECHO_OFF "); +- goto conv1; +- +- case PAM_PROMPT_ECHO_ON: +- fprintf (stdout, "PAM_PROMPT_ECHO_ON "); +- conv1: +- fputs (msg[i]->msg, stdout); +- if (strlen (msg[i]->msg) > 0 && msg[i]->msg[strlen (msg[i]->msg) - 1] != '\n') +- fputc ('\n', stdout); +- fflush (stdout); +- +- if (fgets (buf, sizeof buf, stdin) == NULL) +- goto error; +- +- if (strlen (buf) > 0 && +- buf[strlen (buf) - 1] == '\n') +- buf[strlen (buf) - 1] = '\0'; +- +- aresp[i].resp = strdup (buf); +- if (aresp[i].resp == NULL) +- goto error; +- break; +- +- case PAM_ERROR_MSG: +- fprintf (stdout, "PAM_ERROR_MSG "); +- goto conv2; +- +- case PAM_TEXT_INFO: +- fprintf (stdout, "PAM_TEXT_INFO "); +- conv2: +- fputs (msg[i]->msg, stdout); +- if (strlen (msg[i]->msg) > 0 && +- msg[i]->msg[strlen (msg[i]->msg) - 1] != '\n') +- fputc ('\n', stdout); +- fflush (stdout); +- break; +- +- default: +- goto error; +- } +- } +- +- *resp = aresp; +- return PAM_SUCCESS; +- +-error: +- +- for (i = 0; i < n; ++i) +- { +- if (aresp[i].resp != NULL) { +- memset (aresp[i].resp, 0, strlen(aresp[i].resp)); +- free (aresp[i].resp); +- } +- } +- memset (aresp, 0, n * sizeof *aresp); +- *resp = NULL; +- return PAM_CONV_ERR; +-} +- +-static gboolean +-send_dbus_message (const char *cookie, const char *user) +-{ +- PolkitAuthority *authority; +- PolkitIdentity *identity; +- GError *error; +- gboolean ret; +- +- ret = FALSE; +- +- error = NULL; +- +- g_type_init (); +- +- authority = polkit_authority_get (); +- +- identity = polkit_unix_user_new_for_name (user, &error); +- if (identity == NULL) +- { +- g_printerr ("Error constructing identity: %s\n", error->message); +- g_error_free (error); +- goto out; +- } +- +- if (!polkit_authority_authentication_agent_response_sync (authority, +- cookie, +- identity, +- NULL, +- &error)) +- { +- g_printerr ("polkit-agent-helper-1: error response to PolicyKit daemon: %s\n", error->message); +- g_error_free (error); +- goto out; +- } +- +- ret = TRUE; +- +- out: +- +- if (identity != NULL) +- g_object_unref (identity); +- +- if (authority != NULL) +- g_object_unref (authority); +- +- return ret; +-} +diff --git a/src/polkitagent/polkitagenthelperprivate.c b/src/polkitagent/polkitagenthelperprivate.c +new file mode 100644 +index 0000000..abf5524 +--- /dev/null ++++ b/src/polkitagent/polkitagenthelperprivate.c +@@ -0,0 +1,97 @@ ++/* ++ * Copyright (C) 2009-2010 Red Hat, Inc. ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General ++ * Public License along with this library; if not, write to the ++ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, ++ * Boston, MA 02110-1301, USA. ++ * ++ * Authors: David Zeuthen <davidz@redhat.com>, ++ * Andrew Psaltis <ampsaltis@gmail.com> ++ */ ++ ++#include "polkitagenthelperprivate.h" ++#include <stdio.h> ++ ++#ifndef HAVE_CLEARENV ++extern char **environ; ++ ++static int ++clearenv (void) ++{ ++ if (environ != NULL) ++ environ[0] = NULL; ++ return 0; ++} ++#endif ++ ++ ++gboolean ++send_dbus_message (const char *cookie, const char *user) ++{ ++ PolkitAuthority *authority; ++ PolkitIdentity *identity; ++ GError *error; ++ gboolean ret; ++ ++ ret = FALSE; ++ ++ error = NULL; ++ ++ g_type_init (); ++ ++ authority = polkit_authority_get (); ++ ++ identity = polkit_unix_user_new_for_name (user, &error); ++ if (identity == NULL) ++ { ++ g_printerr ("Error constructing identity: %s\n", error->message); ++ g_error_free (error); ++ goto out; ++ } ++ ++ if (!polkit_authority_authentication_agent_response_sync (authority, ++ cookie, ++ identity, ++ NULL, ++ &error)) ++ { ++ g_printerr ("polkit-agent-helper-1: error response to PolicyKit daemon: %s\n", error->message); ++ g_error_free (error); ++ goto out; ++ } ++ ++ ret = TRUE; ++ ++ out: ++ ++ if (identity != NULL) ++ g_object_unref (identity); ++ ++ if (authority != NULL) ++ g_object_unref (authority); ++ ++ return ret; ++} ++ ++/* fflush(3) stdin and stdout and wait a little bit. ++ * This replaces the three-line commands at the bottom of ++ * polkit-agent-helper-1's main() function. ++ */ ++void ++flush_and_wait () ++{ ++ fflush (stdout); ++ fflush (stderr); ++ usleep (10 * 1000); /* since fflush(3) seems buggy */ ++} +diff --git a/src/polkitagent/polkitagenthelperprivate.h b/src/polkitagent/polkitagenthelperprivate.h +new file mode 100644 +index 0000000..16f7ba4 +--- /dev/null ++++ b/src/polkitagent/polkitagenthelperprivate.h +@@ -0,0 +1,42 @@ ++/* ++ * Copyright (C) 2009-2010 Red Hat, Inc. ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General ++ * Public License along with this library; if not, write to the ++ * Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, ++ * Boston, MA 02110-1301, USA. ++ * ++ * Authors: David Zeuthen <davidz@redhat.com>, ++ * Andrew Psaltis <ampsalits@gmail.com> ++ */ ++#ifndef __POLKIT_AGENT_HELPER_PRIVATE_H ++#define __POLKIT_AGENT_HELPER_PRIVATE_H ++ ++#include <polkit/polkit.h> ++ ++/* Development aid: define PAH_DEBUG to get debugging output. Do _NOT_ ++ * enable this in production builds; it may leak passwords and other ++ * sensitive information. ++ */ ++#undef PAH_DEBUG ++// #define PAH_DEBUG ++ ++#ifdef HAVE_SOLARIS ++# define LOG_AUTHPRIV (10<<3) ++#endif ++ ++gboolean send_dbus_message (const char *cookie, const char *user); ++ ++void flush_and_wait (); ++ ++#endif /* __POLKIT_AGENT_HELPER_PRIVATE_H */ +diff --git a/src/programs/pkexec.c b/src/programs/pkexec.c +index 17c191e..3e096bf 100644 +--- a/src/programs/pkexec.c ++++ b/src/programs/pkexec.c +@@ -34,7 +34,11 @@ + #include <grp.h> + #include <pwd.h> + #include <errno.h> ++ ++#ifdef POLKIT_AUTHFW_PAM + #include <security/pam_appl.h> ++#endif /* POLKIT_AUTHFW_PAM */ ++ + #include <syslog.h> + #include <stdarg.h> + +@@ -115,6 +119,7 @@ log_message (gint level, + + /* ---------------------------------------------------------------------------------------------------- */ + ++#ifdef POLKIT_AUTHFW_PAM + static int + pam_conversation_function (int n, + const struct pam_message **msg, +@@ -167,6 +172,7 @@ out: + pam_end (pam_h, rc); + return ret; + } ++#endif /* POLKIT_AUTHFW_PAM */ + + /* ---------------------------------------------------------------------------------------------------- */ + +@@ -741,11 +747,13 @@ main (int argc, char *argv[]) + * TODO: The question here is whether we should clear the limits before applying them? + * As evident above, neither su(1) (and, for that matter, nor sudo(8)) does this. + */ ++#ifdef POLKIT_AUTHW_PAM + if (!open_session (pw->pw_name)) + { + goto out; + } +- ++#endif /* POLKIT_AUTHFW_PAM */ ++ + /* become the user */ + if (setgroups (0, NULL) != 0) + { diff --git a/patches/source/polkit/polkit.SlackBuild b/patches/source/polkit/polkit.SlackBuild new file mode 100755 index 00000000..3a4f6ca8 --- /dev/null +++ b/patches/source/polkit/polkit.SlackBuild @@ -0,0 +1,149 @@ +#!/bin/sh + +# Copyright 2009 Robby Workman, Northport, Alabama, USA +# Copyright 2010 Eric Hameleers, Eindhoven, NL +# Copyright 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. + +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=polkit +VERSION=${VERSION:-1_14bdfd8} +BUILD=${BUILD:-2_slack13.1} +NUMJOBS=${NUMJOBS:--j6} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.bz2 || exit 1 +cd $PKGNAM-$VERSION || exit 1 + +# Apply the patch that makes --with-authfw=shadow work +cat $CWD/polkit-1-shadow.diff | patch -p1 --verbose || exit 1 + +cat $CWD/CVE-2011-1485/0001-PolkitUnixProcess-Clarify-that-the-real-uid-is-retur.patch | patch -p1 || exit 1 +cat $CWD/CVE-2011-1485/0002-Make-PolkitUnixProcess-also-record-the-uid-of-the-pr.patch | patch -p1 || exit 1 +cat $CWD/CVE-2011-1485/0003-Use-polkit_unix_process_get_uid-to-get-the-owner-of-.patch | patch -p1 || exit 1 +cat $CWD/CVE-2011-1485/0004-pkexec-Avoid-TOCTTOU-problems-with-parent-process.patch | patch -p1 || exit 1 + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Configure: +# Using polkit-user=hald for now for easier transition; I don't think the +# separate user account is actually required any more, but I could be wrong +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./autogen.sh \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --enable-gtk-doc \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --enable-man-pages \ + --mandir=/usr/man \ + --disable-static \ + --disable-introspection \ + --with-authfw=shadow \ + --enable-verbose-mode \ + --build=$ARCH-slackware-linux + # Deprecated: + #--with-polkit-user=hald \ + +#NOTE: The directory /etc/polkit-1/localauthority must be owned +# by root and have mode 700 +#NOTE: The directory /var/lib/polkit-1 must be owned +# by root and have mode 700 +#NOTE: The file ${exec_prefix}/libexec/polkit-agent-helper-1 must be owned +# by root and have mode 4755 (setuid root binary) +#NOTE: The file ${exec_prefix}/bin/pkexec must be owned by root and +# have mode 4755 (setuid root binary) + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) +fi + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + AUTHORS COPYING ChangeLog HACKING INSTALL NEWS README \ + $PKG/usr/doc/$PKGNAM-$VERSION +( cd $PKG/usr/doc/$PKGNAM-$VERSION; ln -s ../../share/gtk-doc/html/polkit-1 html +) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/polkit/slack-desc b/patches/source/polkit/slack-desc new file mode 100644 index 00000000..006d8a8e --- /dev/null +++ b/patches/source/polkit/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler-----------------------------------------------------| +polkit: polkit (authentication framework) +polkit: +polkit: PolicyKit is an application-level toolkit for defining and handling +polkit: the policy that allows unprivileged processes to speak to privileged +polkit: processes. PolicyKit is specifically targeting applications in rich +polkit: desktop environments on multi-user UNIX-like operating systems. +polkit: +polkit: +polkit: +polkit: Home: http://www.freedesktop.org/wiki/Software/PolicyKit +polkit: diff --git a/patches/source/poppler/poppler-0.12.4-CVE-2010-3702.patch b/patches/source/poppler/poppler-0.12.4-CVE-2010-3702.patch new file mode 100644 index 00000000..9875b5a5 --- /dev/null +++ b/patches/source/poppler/poppler-0.12.4-CVE-2010-3702.patch @@ -0,0 +1,18 @@ +--- poppler-0.12.4/poppler/Gfx.cc 2010-01-23 00:54:42.000000000 +0100 ++++ poppler-0.12.4/poppler/Gfx.cc 2010-10-06 13:35:27.000000000 +0200 +@@ -518,6 +518,7 @@ Gfx::Gfx(XRef *xrefA, OutputDev *outA, i + drawText = gFalse; + maskHaveCSPattern = gFalse; + mcStack = NULL; ++ parser = NULL; + + // start the resource stack + res = new GfxResources(xref, resDict, NULL); +@@ -570,6 +571,7 @@ Gfx::Gfx(XRef *xrefA, OutputDev *outA, D + drawText = gFalse; + maskHaveCSPattern = gFalse; + mcStack = NULL; ++ parser = NULL; + + // start the resource stack + res = new GfxResources(xref, resDict, NULL); diff --git a/patches/source/poppler/poppler-0.12.4-CVE-2010-3703.patch b/patches/source/poppler/poppler-0.12.4-CVE-2010-3703.patch new file mode 100644 index 00000000..565a45ba --- /dev/null +++ b/patches/source/poppler/poppler-0.12.4-CVE-2010-3703.patch @@ -0,0 +1,10 @@ +--- poppler-0.12.4/poppler/Function.cc 2010-01-17 01:06:57.000000000 +0100 ++++ poppler-0.12.4/poppler/Function.cc 2010-10-06 13:40:22.000000000 +0200 +@@ -1106,6 +1106,7 @@ PostScriptFunction::PostScriptFunction(O + code = NULL; + codeString = NULL; + codeSize = 0; ++ stack = NULL; + ok = gFalse; + cache = new PopplerCache(5); + diff --git a/patches/source/poppler/poppler-0.12.4-CVE-2010-3704.patch b/patches/source/poppler/poppler-0.12.4-CVE-2010-3704.patch new file mode 100644 index 00000000..bfd5f41b --- /dev/null +++ b/patches/source/poppler/poppler-0.12.4-CVE-2010-3704.patch @@ -0,0 +1,20 @@ +--- poppler-0.12.4/fofi/FoFiType1.cc 2010-01-17 01:06:57.000000000 +0100 ++++ poppler-0.12.4/fofi/FoFiType1.cc 2010-10-06 13:37:39.000000000 +0200 +@@ -13,7 +13,7 @@ + // All changes made under the Poppler project to this file are licensed + // under GPL version 2 or later + // +-// Copyright (C) 2005, 2008 Albert Astals Cid <aacid@kde.org> ++// Copyright (C) 2005, 2008, 2010 Albert Astals Cid <aacid@kde.org> + // Copyright (C) 2005 Kristian Høgsberg <krh@redhat.com> + // + // To see a description of the changes please see the Changelog file that +@@ -241,7 +242,7 @@ void FoFiType1::parse() { + code = code * 8 + (*p2 - '0'); + } + } +- if (code < 256) { ++ if (code < 256 && code >= 0) { + for (p = p2; *p == ' ' || *p == '\t'; ++p) ; + if (*p == '/') { + ++p; diff --git a/patches/source/poppler/poppler.SlackBuild b/patches/source/poppler/poppler.SlackBuild new file mode 100755 index 00000000..fa07827d --- /dev/null +++ b/patches/source/poppler/poppler.SlackBuild @@ -0,0 +1,127 @@ +#!/bin/sh + +# Copyright 2006, 2007, 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=poppler +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP || exit 1 +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.?z* || exit 1 +cd ${PKGNAM}-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/poppler-0.12.4-CVE-2010-3702.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/poppler-0.12.4-CVE-2010-3703.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/poppler-0.12.4-CVE-2010-3704.patch.gz | patch -p1 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --enable-xpdf-headers \ + --enable-poppler-qt4 \ + --enable-cairo-output \ + --mandir=/usr/man \ + --disable-static \ + --enable-zlib \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a AUTHORS COPYING* INSTALL NEWS README README-XPDF TODO \ + $PKG/usr/doc/${PKGNAM}-$VERSION +( cd $PKG/usr/doc/${PKGNAM}-$VERSION + ln -s /usr/share/gtk-doc/html/poppler html ) + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/poppler/slack-desc b/patches/source/poppler/slack-desc new file mode 100644 index 00000000..9d5891d8 --- /dev/null +++ b/patches/source/poppler/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +poppler: poppler (a library for rendering PDF documents) +poppler: +poppler: Poppler is a library based on the xpdf PDF viewer developed by Derek +poppler: Noonburg of Glyph and Cog, LLC. Since xpdf does not provide a shared +poppler: library, whenever a flaw was found potentially dozens of applications +poppler: incorporating code from xpdf would have to be patched. By providing +poppler: a centralized PDF library this duplicated effort will be eliminated. +poppler: +poppler: +poppler: +poppler: diff --git a/patches/source/ppp/doinst.sh b/patches/source/ppp/doinst.sh new file mode 100644 index 00000000..54facc41 --- /dev/null +++ b/patches/source/ppp/doinst.sh @@ -0,0 +1,21 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/ppp/chap-secrets.new +config etc/ppp/options.new +config etc/ppp/pap-secrets.new + +config etc/radiusclient/issue.new +config etc/radiusclient/radiusclient.conf.new +config etc/radiusclient/realms.new +config etc/radiusclient/servers.new + diff --git a/patches/source/ppp/options.new b/patches/source/ppp/options.new new file mode 100644 index 00000000..2a028657 --- /dev/null +++ b/patches/source/ppp/options.new @@ -0,0 +1,276 @@ +# /etc/ppp/options +# +# $Id: options,v 1.4 1996/05/01 18:57:04 alvar Exp $ +# +# Originally created by Jim Knoble <jmknoble@mercury.interpath.net> +# Modified for Debian by alvar Bray <alvar@meiko.co.uk> +# Modified for PPP Server setup by Christoph Lameter <clameter@debian.org> +# Modified for Slackware by Pat Volkerding <volkerdi@slackware.com> +# +# Use the command egrep -v '#|^ *$' /etc/ppp/options to quickly see what +# options are active in this file. + +# Specify which DNS Servers the incoming Win95 or WinNT Connection should use +# Two Servers can be remotely configured +# dns-addr 192.168.1.1 +# dns-addr 192.168.1.2 + +# Specify which WINS Servers the incoming connection Win95 or WinNT should use +# wins-addr 192.168.1.50 +# wins-addr 192.168.1.51 + +# Run the executable or shell command specified after pppd has +# terminated the link. This script could, for example, issue commands +# to the modem to cause it to hang up if hardware modem control signals +# were not available. +#disconnect "chat -- \d+++\d\c OK ath0 OK" + +# async character map -- 32-bit hex; each bit is a character +# that needs to be escaped for pppd to receive it. 0x00000001 +# represents '\x01', and 0x80000000 represents '\x1f'. +asyncmap 0 + +# Require the peer to authenticate itself before allowing network +# packets to be sent or received. +# For a PPP Server with script based logins not using PAP or CHAP +# you need to disable this setting. +#auth + +# Do not require the other end of the connection to authenticate itself. +# This option is dangerous if pppd is setuid. +# If you also have ethernet and are having problems getting PPP to connect +# over a modem, try this option. +#noauth + +# Use hardware flow control (i.e. RTS/CTS) to control the flow of data +# on the serial port. +crtscts + +# Use software flow control (i.e. XON/XOFF) to control the flow of data +# on the serial port. +#xonxoff + +# Specifies that certain characters should be escaped on transmission +# (regardless of whether the peer requests them to be escaped with its +# async control character map). The characters to be escaped are +# specified as a list of hex numbers separated by commas. Note that +# almost any character can be specified for the escape option, unlike +# the asyncmap option which only allows control characters to be +# specified. The characters which may not be escaped are those with hex +# values 0x20 - 0x3f or 0x5e. +#escape 11,13,ff + +# Don't use the modem control lines. +#local + +# Specifies that pppd should use a UUCP-style lock on the serial device +# to ensure exclusive access to the device. +lock + +# Use the modem control lines. On Ultrix, this option implies hardware +# flow control, as for the crtscts option. (This option is not fully +# implemented.) +modem + +# Set the MRU [Maximum Receive Unit] value to <n> for negotiation. pppd +# will ask the peer to send packets of no more than <n> bytes. The +# minimum MRU value is 128. The default MRU value is 1500. A value of +# 296 is recommended for slow links (40 bytes for TCP/IP header + 256 +# bytes of data). +#mru 542 + +# Set the interface netmask to <n>, a 32 bit netmask in "decimal dot" +# notation (e.g. 255.255.255.0). +#netmask 255.255.255.0 + +# Disables the default behaviour when no local IP address is specified, +# which is to determine (if possible) the local IP address from the +# hostname. With this option, the peer will have to supply the local IP +# address during IPCP negotiation (unless it specified explicitly on the +# command line or in an options file). +#noipdefault + +# Enables the "passive" option in the LCP. With this option, pppd will +# attempt to initiate a connection; if no reply is received from the +# peer, pppd will then just wait passively for a valid LCP packet from +# the peer (instead of exiting, as it does without this option). +#passive + +# With this option, pppd will not transmit LCP packets to initiate a +# connection until a valid LCP packet is received from the peer (as for +# the "passive" option with old versions of pppd). +#silent + +# Don't request or allow negotiation of any options for LCP and IPCP +# (use default values). +#-all + +# Disable Address/Control compression negotiation (use default, i.e. +# address/control field disabled). +#-ac + +# Disable asyncmap negotiation (use the default asyncmap, i.e. escape +# all control characters). +#-am + +# Don't fork to become a background process (otherwise pppd will do so +# if a serial device is specified). +#-detach + +# Disable IP address negotiation (with this option, the remote IP +# address must be specified with an option on the command line or in an +# options file). +#-ip + +# Disable magic number negotiation. With this option, pppd cannot +# detect a looped-back line. +#-mn + +# Disable MRU [Maximum Receive Unit] negotiation (use default, i.e. +# 1500). +#-mru + +# Disable protocol field compression negotiation (use default, i.e. +# protocol field compression disabled). +#-pc + +# Require the peer to authenticate itself using PAP. +#+pap + +# Don't agree to authenticate using PAP. +#-pap + +# Require the peer to authenticate itself using CHAP [Cryptographic +# Handshake Authentication Protocol] authentication. +#+chap + +# Don't agree to authenticate using CHAP. +#-chap + +# Disable negotiation of Van Jacobson style IP header compression (use +# default, i.e. no compression). +#-vj + +# Increase debugging level (same as -d). If this option is given, pppd +# will log the contents of all control packets sent or received in a +# readable form. The packets are logged through syslog with facility +# daemon and level debug. This information can be directed to a file by +# setting up /etc/syslog.conf appropriately (see syslog.conf(5)). (If +# pppd is compiled with extra debugging enabled, it will log messages +# using facility local2 instead of daemon). +#debug + +# Append the domain name <d> to the local host name for authentication +# purposes. For example, if gethostname() returns the name porsche, +# but the fully qualified domain name is porsche.Quotron.COM, you would +# use the domain option to set the domain name to Quotron.COM. +#domain <d> + +# Enable debugging code in the kernel-level PPP driver. The argument n +# is a number which is the sum of the following values: 1 to enable +# general debug messages, 2 to request that the contents of received +# packets be printed, and 4 to request that the contents of transmitted +# packets be printed. +#kdebug n + +# Set the MTU [Maximum Transmit Unit] value to <n>. Unless the peer +# requests a smaller value via MRU negotiation, pppd will request that +# the kernel networking code send data packets of no more than n bytes +# through the PPP network interface. +#mtu <n> + +# Enforce the use of the hostname as the name of the local system for +# authentication purposes (overrides the name option). +#usehostname + +# Set the assumed name of the remote system for authentication purposes +# to <n>. +#remotename <n> + +# Add an entry to this system's ARP [Address Resolution Protocol] +# table with the IP address of the peer and the Ethernet address of this +# system. +proxyarp + +# Use the system password database for authenticating the peer using +# PAP. Note: mgetty already provides this option. If this is specified +# then dialin from users using a script under Linux to fire up ppp wont work. +# login + +# If this option is given, pppd will send an LCP echo-request frame to +# the peer every n seconds. Under Linux, the echo-request is sent when +# no packets have been received from the peer for n seconds. Normally +# the peer should respond to the echo-request by sending an echo-reply. +# This option can be used with the lcp-echo-failure option to detect +# that the peer is no longer connected. +lcp-echo-interval 30 + +# If this option is given, pppd will presume the peer to be dead if n +# LCP echo-requests are sent without receiving a valid LCP echo-reply. +# If this happens, pppd will terminate the connection. Use of this +# option requires a non-zero value for the lcp-echo-interval parameter. +# This option can be used to enable pppd to terminate after the physical +# connection has been broken (e.g., the modem has hung up) in +# situations where no hardware modem control lines are available. +lcp-echo-failure 4 + +# Set the LCP restart interval (retransmission timeout) to <n> seconds +# (default 3). +#lcp-restart <n> + +# Set the maximum number of LCP terminate-request transmissions to <n> +# (default 3). +#lcp-max-terminate <n> + +# Set the maximum number of LCP configure-request transmissions to <n> +# (default 10). +#lcp-max-configure <n> + +# Set the maximum number of LCP configure-NAKs returned before starting +# to send configure-Rejects instead to <n> (default 10). +#lcp-max-failure <n> + +# Set the IPCP restart interval (retransmission timeout) to <n> +# seconds (default 3). +#ipcp-restart <n> + +# Set the maximum number of IPCP terminate-request transmissions to <n> +# (default 3). +#ipcp-max-terminate <n> + +# Set the maximum number of IPCP configure-request transmissions to <n> +# (default 10). +#ipcp-max-configure <n> + +# Set the maximum number of IPCP configure-NAKs returned before starting +# to send configure-Rejects instead to <n> (default 10). +#ipcp-max-failure <n> + +# Set the PAP restart interval (retransmission timeout) to <n> seconds +# (default 3). +#pap-restart <n> + +# Set the maximum number of PAP authenticate-request transmissions to +# <n> (default 10). +#pap-max-authreq <n> + +# Set the CHAP restart interval (retransmission timeout for +# challenges) to <n> seconds (default 3). +#chap-restart <n> + +# Set the maximum number of CHAP challenge transmissions to <n> +# (default 10). +#chap-max-challenge + +# If this option is given, pppd will rechallenge the peer every <n> +# seconds. +#chap-interval <n> + +# With this option, pppd will accept the peer's idea of our local IP +# address, even if the local IP address was specified in an option. +#ipcp-accept-local + +# With this option, pppd will accept the peer's idea of its (remote) IP +# address, even if the remote IP address was specified in an option. +#ipcp-accept-remote + diff --git a/patches/source/ppp/ppp.CVE-2014-3158.diff b/patches/source/ppp/ppp.CVE-2014-3158.diff new file mode 100644 index 00000000..500ca18e --- /dev/null +++ b/patches/source/ppp/ppp.CVE-2014-3158.diff @@ -0,0 +1,30 @@ +diff --git a/pppd/options.c b/pppd/options.c +index 45fa742..e9042d1 100644 +--- a/pppd/options.c ++++ b/pppd/options.c +@@ -1289,9 +1289,10 @@ getword(f, word, newlinep, filename) + /* + * Store the resulting character for the escape sequence. + */ +- if (len < MAXWORDLEN-1) ++ if (len < MAXWORDLEN) { + word[len] = value; +- ++len; ++ ++len; ++ } + + if (!got) + c = getc(f); +@@ -1329,9 +1330,10 @@ getword(f, word, newlinep, filename) + /* + * An ordinary character: store it in the word and get another. + */ +- if (len < MAXWORDLEN-1) ++ if (len < MAXWORDLEN) { + word[len] = c; +- ++len; ++ ++len; ++ } + + c = getc(f); + } diff --git a/patches/source/ppp/ppp.CVE-2015-3310.diff b/patches/source/ppp/ppp.CVE-2015-3310.diff new file mode 100644 index 00000000..ecf53ce4 --- /dev/null +++ b/patches/source/ppp/ppp.CVE-2015-3310.diff @@ -0,0 +1,11 @@ +--- ./pppd/plugins/radius/util.c.orig 2015-04-17 11:43:59.687374237 -0500 ++++ ./pppd/plugins/radius/util.c 2015-04-17 11:45:12.612379499 -0500 +@@ -77,7 +77,7 @@ + static unsigned short int cnt = 0; + sprintf (buf, "%08lX%04X%02hX", + (unsigned long int) time (NULL), +- (unsigned int) getpid (), ++ (unsigned int) getpid () % 65535, + cnt & 0xFF); + cnt++; + return buf; diff --git a/patches/source/ppp/ppp.SlackBuild b/patches/source/ppp/ppp.SlackBuild new file mode 100755 index 00000000..e4187d0a --- /dev/null +++ b/patches/source/ppp/ppp.SlackBuild @@ -0,0 +1,172 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +VERSION=2.4.5 +RADVER=0.3.2 +PPPVER=1.98 +BUILD=${BUILD:-2_slack13.1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-ppp + +rm -rf $PKG +mkdir -p $TMP $PKG + +echo "+============+" +echo "| ppp-$VERSION |" +echo "+============+" +cd $TMP +rm -rf ppp-$VERSION +tar xvf $CWD/ppp-$VERSION.tar.bz2 || exit 1 +cd ppp-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/ppp.slack.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit +sed -i -e "s#lib/pppd#lib${LIBDIRSUFFIX}/pppd#g" $(grep -lr 'lib/pppd' *) + +zcat $CWD/ppp.CVE-2014-3158.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/ppp.CVE-2015-3310.diff.gz | patch -p1 --verbose || exit 1 + +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG/usr + +mv $PKG/usr/share/man $PKG/usr +rmdir $PKG/usr/share + +# Install PPP config files: +mkdir -p $PKG/etc/ppp +cp -a etc.ppp/* $PKG/etc/ppp +chmod 600 $PKG/etc/ppp/*secrets +( cd $PKG/etc/ppp + mv chap-secrets chap-secrets.new + mv options options.new + mv pap-secrets pap-secrets.new +) +zcat $CWD/options.new.gz > $PKG/etc/ppp/options.new + +# Fix what seems like an insecure default setting. +# Feel free to "chmod 4750 pppoatm.so rp-pppoe.so" at your own risk. +# Since they are only runnable by group root, the risk really isn't much... +chmod 755 $PKG/usr/lib${LIBDIRSUFFIX}/pppd/*/*.so + +mkdir -p $PKG/usr/doc/ppp-$VERSION +cp -a \ + FAQ PLUGINS README* SETUP scripts \ + $PKG/usr/doc/ppp-$VERSION + +echo "+====================+" +echo "| radiusclient-$RADVER |" +echo "+====================+" +cd $TMP +rm -rf radiusclient-$RADVER +tar xf $CWD/radiusclient-$RADVER.tar.bz2 || exit 1 +cd radiusclient-$RADVER || exit 1 +chown -R root:root . +#cp /usr/share/libtool/config.{guess,sub} . # libtool-1.x +cp /usr/share/libtool/config/config.{guess,sub} . # libtool-2.x +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 +zcat $CWD/radius.msdict.gz > $PKG/etc/radiusclient/dictionary.microsoft +zcat $CWD/realms.gz > $PKG/etc/radiusclient/realms +zcat $CWD/servers.gz > $PKG/etc/radiusclient/servers +( cd $PKG/etc/radiusclient + chmod 600 realms servers + mv issue issue.new + mv radiusclient.conf radiusclient.conf.new + mv realms realms.new + mv servers servers.new +) +mkdir -p $PKG/usr/doc/radiusclient-$RADVER +cp -a \ + BUGS CHANGES COPYRIGHT README README.radexample doc/instop.html \ + $PKG/usr/doc/radiusclient-$RADVER +chmod 644 $PKG/usr/doc/radiusclient-$RADVER/* + +echo "+===============+" +echo "| pppsetup-$PPPVER |" +echo "+===============+" +cd $TMP +rm -rf pppsetup-$PPPVER +tar xvf $CWD/pppsetup-$PPPVER.tar.gz || exit 1 +cd pppsetup-$PPPVER || exit 1 +chown -R root:root . +zcat $CWD/pppsetup-1.98.slack.diff.gz | patch -p1 --backup || exit +zcat $CWD/pppsetup-1.98.pppoff.diff.gz | patch -p0 --backup || exit +zcat $CWD/pppsetup-1.98.moredevs.diff.gz | patch -p1 --backup || exit +zcat $CWD/pppsetup-1.98.backupfiles.diff.gz | patch -p1 --backup || exit +chmod 755 ppp-off pppsetup +cp -a ppp-off pppsetup $PKG/usr/sbin +mkdir -p $PKG/usr/doc/pppsetup +cp -a \ + README.pppsetup ppp-compile.txt pppsetup-$PPPVER.README pppsetup-$PPPVER.lsm \ + $PKG/usr/doc/pppsetup + +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . -name "*.a" | xargs file | grep "ar archive" | cut -f 1 -d : | xargs strip -g 2> /dev/null +) + +chmod 755 $PKG/usr/sbin/* + +gzip -9 $PKG/usr/man/man?/*.? +chmod 644 $PKG/usr/man/man?/* + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/ppp-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/ppp/ppp.slack.diff b/patches/source/ppp/ppp.slack.diff new file mode 100644 index 00000000..dafd0d3e --- /dev/null +++ b/patches/source/ppp/ppp.slack.diff @@ -0,0 +1,28 @@ +diff -r -u ppp-2.4.2.orig/pppd/Makefile.linux ppp-2.4.2/pppd/Makefile.linux +--- ppp-2.4.2.orig/pppd/Makefile.linux 2003-11-27 13:55:19.000000000 -0800 ++++ ppp-2.4.2/pppd/Makefile.linux 2004-02-22 21:36:11.000000000 -0800 +@@ -31,7 +31,7 @@ + + # CC = gcc + # +-COPTS = -O2 -pipe -Wall -g ++COPTS = -O2 -pipe -Wall + LIBS = + + # Uncomment the next 2 lines to include support for Microsoft's +@@ -61,13 +61,13 @@ + + HAS_SHADOW=y + #USE_PAM=y +-#HAVE_INET6=y ++HAVE_INET6=y + + # Enable plugins + PLUGIN=y + + # Enable Microsoft proprietary Callback Control Protocol +-#CBCP=y ++CBCP=y + + # Enable EAP SRP-SHA1 authentication (requires libsrp) + #USE_SRP=y diff --git a/patches/source/ppp/pppsetup-1.98.backupfiles.diff b/patches/source/ppp/pppsetup-1.98.backupfiles.diff new file mode 100644 index 00000000..6b364779 --- /dev/null +++ b/patches/source/ppp/pppsetup-1.98.backupfiles.diff @@ -0,0 +1,26 @@ +--- ./pppsetup.orig Sun May 19 19:01:29 2002 ++++ ./pppsetup Sun May 19 19:06:07 2002 +@@ -861,10 +861,12 @@ + echo "multi on" >> /etc/host.conf + fi + +-if [ ! -z $DOMAINNAME ]; then ++if [ ! -z $DOMAINNAME ]; then ++# backup file ++cp -a /etc/resolv.conf /etc/resolv.conf.$$ 2> /dev/null + echo "search $DOMAINNAME" > /etc/resolv.conf + else +-rm -f /etc/resolv.conf 2>/dev/null ++rm -f /etc/resolv.conf 2>/dev/null + DOMAINNAME="unknown.com" + fi + +@@ -875,6 +877,8 @@ + fi + + if [ ! -s /etc/hosts ]; then ++# backup file ++cp -a /etc/hosts /etc/hosts.bak.$$ 2> /dev/null + echo "127.0.0.1 localhost" > /etc/hosts + if [ "$DOMAINNAME" = "unknown.com" ]; then + echo "0.0.0.0 `hostname 2>/dev/null`.localnet `hostname 2>/dev/null`" >> /etc/hosts diff --git a/patches/source/ppp/pppsetup-1.98.moredevs.diff b/patches/source/ppp/pppsetup-1.98.moredevs.diff new file mode 100644 index 00000000..6a11a3b5 --- /dev/null +++ b/patches/source/ppp/pppsetup-1.98.moredevs.diff @@ -0,0 +1,105 @@ +--- ./pppsetup.orig Sun May 19 18:41:04 2002 ++++ ./pppsetup Sun May 19 18:52:49 2002 +@@ -1,15 +1,10 @@ + #!/bin/bash +-############################################################################### +-# + # PPPSETUP -- Script to set up pppd + # History: + # 7/21/95 RSL Script created (v1.0) + # 9/15/96 RSL Added code to get the ISP's domainname (v1.1) + # 9/19/96 RSL Revamped interface to use the 'dialog' + # program. (v1.2) +-############################################################################### +- +-############################################################################### + # 2/22/98 KR Added pap, chap, ms-chap, callback, & + # modem init string options. (v1.98) + # Creates /etc/ppp/options, & pap, chap, +@@ -17,33 +12,21 @@ + # More guidance. + # Monitor connection with tail & syslogd. + # Demand dialing setup with ppp-2.3.0 or later. +-############################################################################### +- +-############################################################################### + # 4/4/98 PJV Fixed massive /tmp-related security problems + # Switched to a default init string that's more + # likely to work + # Increased TIMEOUTs + # fixed bad flags given to chat -- caused dialout + # to fail +-############################################################################### +- +-############################################################################### + # 2/6/1999 PJV Changed all occurances of /dev/cua* to /dev/ttyS* +-############################################################################### +- +-############################################################################### + # 5/3/1999 PJV Commented 'debug' in /etc/ppp/options + # Add commented 'noauth' in /etc/ppp/options so + # people who want to use ppp but already have a + # default route have an easier time figuring out + # what to do. :) +-############################################################################### +- +-############################################################################### + # 6/18/2000 PJV Added code to check for "ppp-stop" and "ppp-on" + # symlinks, and make them if they don't exist. +-############################################################################### ++# 5/19/2002 PJV Added support for more devices. + + TMP=/var/log/setup/tmp + +@@ -137,25 +120,40 @@ + done + + echo "Where is your modem /dev/ttyS?" > $TMP/txtTEMP$$ +-dialog --backtitle "MODEM DEVICE ..." --menu "`cat $TMP/txtTEMP$$`" 11 50 4 \ ++dialog --backtitle "MODEM DEVICE ..." --menu "`cat $TMP/txtTEMP$$`" 17 60 10 \ ++modem "= use whatever /dev/modem is linked to" \ + ttyS0 "= (COM1: under DOS)" \ + ttyS1 "= (COM2: under DOS)" \ + ttyS2 "= (COM3: under DOS)" \ + ttyS3 "= (COM4: under DOS)" \ ++ttyS4 "= PCI modem" \ ++ttyS5 "= PCI modem" \ ++ttyS6 "= PCI modem" \ ++ttyS7 "= PCI modem" \ ++ttyS8 "= PCI modem" \ ++ttyS9 "= PCI modem" \ ++ttyS10 "= PCI modem" \ ++ttyS11 "= PCI modem" \ ++ttyS12 "= PCI modem" \ ++ttyS13 "= PCI modem" \ ++ttyS14 "= PCI modem" \ ++ttyS15 "= PCI modem" \ + 2> $TMP/rspTEMP$$ + + MODEM="`cat $TMP/rspTEMP$$`" + +-if [ -z $MODEM ]; then +-clear 2>/dev/null || echo +-rm -f $TMP/*TEMP* +-echo "PPP configuration cancelled." +-exit +-elif [ ! -c "/dev/$MODEM" ]; then +-/dev/MAKEDEV $MODEM >/dev/null 2>&1 || MODERROR="YES" +-else +-rm -f /dev/modem 2>/dev/null +-ln -sf /dev/$MODEM /dev/modem 2>/dev/null ++if [ ! "$MODEM" = "modem" ]; then ++ if [ -z $MODEM ]; then ++ clear 2>/dev/null || echo ++ rm -f $TMP/*TEMP* ++ echo "PPP configuration cancelled." ++ exit ++ elif [ ! -c "/dev/$MODEM" ]; then ++ /dev/MAKEDEV $MODEM >/dev/null 2>&1 || MODERROR="YES" ++ else ++ rm -f /dev/modem 2>/dev/null ++ ln -sf /dev/$MODEM /dev/modem 2>/dev/null ++ fi + fi + + echo "What baud rate is your modem?" > $TMP/txtTEMP$$ diff --git a/patches/source/ppp/pppsetup-1.98.pppoff.diff b/patches/source/ppp/pppsetup-1.98.pppoff.diff new file mode 100644 index 00000000..66b51ba7 --- /dev/null +++ b/patches/source/ppp/pppsetup-1.98.pppoff.diff @@ -0,0 +1,19 @@ +--- ppp-off.orig Fri Oct 20 17:43:50 2000 ++++ ppp-off Fri Oct 20 17:46:32 2000 +@@ -21,14 +21,8 @@ + # This just checks if demand dialing is running, if so it + # says Demand Dialing Stoped. + +-ps x 2>/dev/null > /tmp/grep.tmp +- +-if grep 2>/dev/null "options.demand" /tmp/grep.tmp >/dev/null +-then +-rm -f /tmp/grep.tmp +-D="echo Demand Dialing Stoped." +-else +-rm -f /tmp/grep.tmp ++if ps x | fgrep "options.demand" 1> /dev/null 2> /dev/null ; then ++ D="echo Demand Dialing Stoped." + fi + + # diff --git a/patches/source/ppp/pppsetup-1.98.slack.diff b/patches/source/ppp/pppsetup-1.98.slack.diff new file mode 100644 index 00000000..f081699c --- /dev/null +++ b/patches/source/ppp/pppsetup-1.98.slack.diff @@ -0,0 +1,1709 @@ +--- ./pppsetup.orig Sun Feb 22 12:33:32 1998 ++++ ./pppsetup Sun Jun 18 14:01:10 2000 +@@ -19,6 +19,34 @@ + # Demand dialing setup with ppp-2.3.0 or later. + ############################################################################### + ++############################################################################### ++# 4/4/98 PJV Fixed massive /tmp-related security problems ++# Switched to a default init string that's more ++# likely to work ++# Increased TIMEOUTs ++# fixed bad flags given to chat -- caused dialout ++# to fail ++############################################################################### ++ ++############################################################################### ++# 2/6/1999 PJV Changed all occurances of /dev/cua* to /dev/ttyS* ++############################################################################### ++ ++############################################################################### ++# 5/3/1999 PJV Commented 'debug' in /etc/ppp/options ++# Add commented 'noauth' in /etc/ppp/options so ++# people who want to use ppp but already have a ++# default route have an easier time figuring out ++# what to do. :) ++############################################################################### ++ ++############################################################################### ++# 6/18/2000 PJV Added code to check for "ppp-stop" and "ppp-on" ++# symlinks, and make them if they don't exist. ++############################################################################### ++ ++TMP=/var/log/setup/tmp ++ + if [ ! "$UID" = "0" ]; then + echo + echo "NOTICE: * $LOGNAME * You need to be 'root' to run this script." +@@ -43,81 +71,84 @@ + exit 1 + fi + +-if [ ! -d /tmp ]; then +-mkdir /tmp +-chmod 1777 /tmp +-fi +- + if [ -s /usr/lib/setup/hdsetup ]; then +-SYS="on SLACKWARE ..." ++SYS="on SLACKWARE." + fi + + VERSION="1.98" + + stty erase ^? 2>/dev/null + +-echo "PPPSETUP $VERSION $SYS" > /tmp/txtTEMP01 +-echo >> /tmp/txtTEMP01 +-echo "Written by Robert S. Liesenfeld <xunil@bitstream.net> <IRC:Xunil>" >> /tmp/txtTEMP01 +-echo "Changes for 1.98 by Kent Robotti <robotti@erols.com>" >> /tmp/txtTEMP01 +-echo >> /tmp/txtTEMP01 +-echo "You should get these 'DOCS' if you don't already have them." >> /tmp/txtTEMP01 +-echo >> /tmp/txtTEMP01 +-echo 'ftp://sunsite.unc.edu/pub/Linux/docs/HOWTO "PPP-HOWTO"' >> /tmp/txtTEMP01 +-echo 'ftp://sunsite.unc.edu/pub/Linux/docs/faqs/PPP-FAQ "PPP-FAQ"' >> /tmp/txtTEMP01 +-echo >> /tmp/txtTEMP01 +-echo "Press [Enter] to continue with pppsetup..." >> /tmp/txtTEMP01 ++if [ ! -r /usr/sbin/ppp-stop ]; then ++ ( cd /usr/sbin ; ln -sf ppp-off ppp-stop ) ++fi ++if [ ! -r /usr/sbin/ppp-on ]; then ++ ( cd /usr/sbin ; ln -sf ppp-go ppp-on ) ++fi + +-dialog --backtitle "PPPSETUP $VERSION ..." --textbox "/tmp/txtTEMP01" 15 70 ++echo "PPPSETUP $VERSION $SYS" > $TMP/txtTEMP01 ++echo >> $TMP/txtTEMP01 ++echo "Written by Robert S. Liesenfeld <xunil@bitstream.net> <IRC:Xunil>" >> $TMP/txtTEMP01 ++echo "Changes for 1.98 by Kent Robotti <robotti@erols.com>" >> $TMP/txtTEMP01 ++echo "Patched for Slackware by Patrick Volkerding <volkerdi@slackware.com>" >> $TMP/txtTEMP01 ++echo >> $TMP/txtTEMP01 ++echo "You should get these docs if you don't already have them:" >> $TMP/txtTEMP01 ++echo >> $TMP/txtTEMP01 ++echo "ftp://metalab.unc.edu/pub/Linux/docs/howto/PPP-HOWTO" >> $TMP/txtTEMP01 ++echo "ftp://metalab.unc.edu/pub/Linux/docs/faqs/PPP-FAQ" >> $TMP/txtTEMP01 ++echo >> $TMP/txtTEMP01 ++echo "Press [Enter] to continue with pppsetup..." >> $TMP/txtTEMP01 ++ ++dialog --backtitle "PPPSETUP $VERSION/Slackware" --textbox "$TMP/txtTEMP01" 16 73 + + while [ -z "$PHONENUM" ] + do +-echo "To begin setting up your PPP connection, i need to know a few things." > /tmp/txtTEMP$$ +-echo "For starters, what is the phone number of your (I)nternet (S)ervice" >> /tmp/txtTEMP$$ +-echo "(P)rovider?" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Example: atdt6661776 <-For (t)one dialing.)" >> /tmp/txtTEMP$$ +-echo "Example: atdp6661776 <-For (p)ulse dialing.)" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Include the: atd? It's usally just: atdtphonenumber" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "(Note: in the USA, use atdt*70,6661776 [comma required!] to turn" >> /tmp/txtTEMP$$ +-echo " off call waiting.)" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ ++echo "To begin setting up your PPP connection, i need to know a few things." > $TMP/txtTEMP$$ ++echo "For starters, what is the phone number of your (I)nternet (S)ervice" >> $TMP/txtTEMP$$ ++echo "(P)rovider?" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Example: atdt6661776 <-For (t)one dialing.)" >> $TMP/txtTEMP$$ ++echo "Example: atdp6661776 <-For (p)ulse dialing.)" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Include the: atd? It's usally just: atdtphonenumber" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "(Note: in the USA, use atdt*70,6661776 [comma required!] to turn" >> $TMP/txtTEMP$$ ++echo " off call waiting.)" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + +-dialog --title "PHONE NUMBER ..." --inputbox "`cat /tmp/txtTEMP$$`" 18 75 2> /tmp/rspTEMP$$ ++dialog --title "PHONE NUMBER ..." --inputbox "`cat $TMP/txtTEMP$$`" 18 75 2> $TMP/rspTEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-PHONENUM="`cat /tmp/rspTEMP$$`" ++PHONENUM="`cat $TMP/rspTEMP$$`" + + if [ -z "$PHONENUM" ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + echo "No phone number." + exit + fi + done + +-echo "Where is your modem /dev/cua?" > /tmp/txtTEMP$$ +-dialog --backtitle "MODEM DEVICE ..." --menu "`cat /tmp/txtTEMP$$`" 11 50 4 \ +-cua0 "= (COM1: under DOS)" \ +-cua1 "= (COM2: under DOS)" \ +-cua2 "= (COM3: under DOS)" \ +-cua3 "= (COM4: under DOS)" \ +-2> /tmp/rspTEMP$$ ++echo "Where is your modem /dev/ttyS?" > $TMP/txtTEMP$$ ++dialog --backtitle "MODEM DEVICE ..." --menu "`cat $TMP/txtTEMP$$`" 11 50 4 \ ++ttyS0 "= (COM1: under DOS)" \ ++ttyS1 "= (COM2: under DOS)" \ ++ttyS2 "= (COM3: under DOS)" \ ++ttyS3 "= (COM4: under DOS)" \ ++2> $TMP/rspTEMP$$ + +-MODEM="`cat /tmp/rspTEMP$$`" ++MODEM="`cat $TMP/rspTEMP$$`" + + if [ -z $MODEM ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + exit + elif [ ! -c "/dev/$MODEM" ]; then +@@ -127,139 +158,139 @@ + ln -sf /dev/$MODEM /dev/modem 2>/dev/null + fi + +-echo "What baud rate is your modem?" > /tmp/txtTEMP$$ +-dialog --backtitle "MODEM BAUD RATE ..." --menu "`cat /tmp/txtTEMP$$`" 14 72 7 \ ++echo "What baud rate is your modem?" > $TMP/txtTEMP$$ ++dialog --backtitle "MODEM BAUD RATE ..." --menu "`cat $TMP/txtTEMP$$`" 14 72 7 \ + 460800 "460KBps - ISDN modem..." \ + 230400 "230KBps - 56Kbps modem... or ISDN modem..." \ + 115200 "115KBps - 28.8, 33.6, or 56Kbps modem..." \ + 57600 "57.6KBps - 28.8, 33.6, or 56Kbps modem..." \ + 38400 "38.4KBps - Hangin ten on the net! 28.8 or 33.6..." \ + 19200 "19.2KBps - Better known as 14.4..." \ +-9600 "9600bps - No comment..." 2> /tmp/rspTEMP$$ ++9600 "9600bps - No comment..." 2> $TMP/rspTEMP$$ + +-BAUDRATE="`cat /tmp/rspTEMP$$`" ++BAUDRATE="`cat $TMP/rspTEMP$$`" + + if [ -z $BAUDRATE ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + exit + fi + +-echo "Does your service provider use CALLBACK?" > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "CALLBACK is when you call your service provider and give them" >> /tmp/txtTEMP$$ +-echo "your phone number so they can call you back, then when they" >> /tmp/txtTEMP$$ +-echo "call you back you give them your login name and password." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Most service providers don't use CALLBACK, so the answer is" >> /tmp/txtTEMP$$ +-echo "probably No, unless you know otherwise." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +- +-dialog --backtitle "CALLBACK YES or NO? ..." --yesno "`cat /tmp/txtTEMP$$`" 13 70 +- +-if [ $? = 0 ]; then +-echo "Put your phone number in the box below, so your service provider" > /tmp/txtTEMP$$ +-echo "can call you back." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Example: 7771818" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ ++echo "Does your service provider use CALLBACK?" > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "CALLBACK is when you call your service provider and give them" >> $TMP/txtTEMP$$ ++echo "your phone number so they can call you back, then when they" >> $TMP/txtTEMP$$ ++echo "call you back you give them your login name and password." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Most service providers don't use CALLBACK, so the answer is" >> $TMP/txtTEMP$$ ++echo "probably No, unless you know otherwise." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++ ++dialog --backtitle "CALLBACK YES or NO? ..." --menu "`cat $TMP/txtTEMP$$`" 16 70 2 "NO" "Most Internet providers do not use callback" "YES" "Use callback support (I know what I'm doing)" 2> $TMP/replyTEMP$$ ++ ++if [ "`cat $TMP/replyTEMP$$`" = "YES" ]; then ++echo "Put your phone number in the box below, so your service provider" > $TMP/txtTEMP$$ ++echo "can call you back." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Example: 7771818" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + +-dialog --backtitle "CALLBACK Your Phone Number? ..." --inputbox "`cat /tmp/txtTEMP$$`" 11 72 2> /tmp/cb1TEMP$$ ++dialog --backtitle "CALLBACK Your Phone Number? ..." --inputbox "`cat $TMP/txtTEMP$$`" 11 72 2> $TMP/cb1TEMP$$ + + if [ $? = 1 ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + exit +-elif [ ! -s /tmp/cb1TEMP$$ ]; then ++elif [ ! -s $TMP/cb1TEMP$$ ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + echo "No Phone Number for Callback." + exit + fi + fi + +-if [ -s /tmp/cb1TEMP$$ ]; then +-CBPN="`cat /tmp/cb1TEMP$$`" +-echo "I have your phone number: $CBPN" > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Do you have to give a Username or Login for the initial connection" >> /tmp/txtTEMP$$ +-echo "to $PHONENUM before you're called back." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Example: jerry" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "If NO, just press [Enter] on a empty box and skip this." >> /tmp/txtTEMP$$ ++if [ -s $TMP/cb1TEMP$$ ]; then ++CBPN="`cat $TMP/cb1TEMP$$`" ++echo "I have your phone number: $CBPN" > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Do you have to give a Username or Login for the initial connection" >> $TMP/txtTEMP$$ ++echo "to $PHONENUM before you're called back." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Example: jerry" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "If NO, just press [Enter] on a empty box and skip this." >> $TMP/txtTEMP$$ + +-dialog --backtitle "CALLBACK INITIAL LOGIN? ..." --inputbox "`cat /tmp/txtTEMP$$`" 15 74 2> /tmp/cb1.1TEMP$$ ++dialog --backtitle "CALLBACK INITIAL LOGIN? ..." --inputbox "`cat $TMP/txtTEMP$$`" 15 74 2> $TMP/cb1.1TEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + else +-CBMODLOGIN="`cat /tmp/cb1.1TEMP$$`" ++CBMODLOGIN="`cat $TMP/cb1.1TEMP$$`" + fi + fi + +-if [ -s /tmp/cb1TEMP$$ ]; then +-echo "I have your phone number: $CBPN" > /tmp/txtTEMP$$ +-if [ -s /tmp/cb1.1TEMP$$ ]; then +-echo "I see you have to give a Username or Login: $CBMODLOGIN" >> /tmp/txtTEMP$$ +-echo "for the initial connection to: $PHONENUM" >> /tmp/txtTEMP$$ +-fi +-echo >> /tmp/txtTEMP$$ +-echo "Do you have to give a Password for the initial connection" >> /tmp/txtTEMP$$ +-echo "to $PHONENUM before you're called back." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Example: Zoy85mWc" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "If NO, just press [Enter] on a empty box and skip this." >> /tmp/txtTEMP$$ ++if [ -s $TMP/cb1TEMP$$ ]; then ++echo "I have your phone number: $CBPN" > $TMP/txtTEMP$$ ++if [ -s $TMP/cb1.1TEMP$$ ]; then ++echo "I see you have to give a Username or Login: $CBMODLOGIN" >> $TMP/txtTEMP$$ ++echo "for the initial connection to: $PHONENUM" >> $TMP/txtTEMP$$ ++fi ++echo >> $TMP/txtTEMP$$ ++echo "Do you have to give a Password for the initial connection" >> $TMP/txtTEMP$$ ++echo "to $PHONENUM before you're called back." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Example: Zoy85mWc" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "If NO, just press [Enter] on a empty box and skip this." >> $TMP/txtTEMP$$ + +-dialog --backtitle "CALLBACK INITIAL PASSWORD? ..." --inputbox "`cat /tmp/txtTEMP$$`" 17 68 2> /tmp/cb2TEMP$$ ++dialog --backtitle "CALLBACK INITIAL PASSWORD? ..." --inputbox "`cat $TMP/txtTEMP$$`" 17 68 2> $TMP/cb2TEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + else +-CBMODPASS="`cat /tmp/cb2TEMP$$`" ++CBMODPASS="`cat $TMP/cb2TEMP$$`" + fi + fi + + if [ ! -z "$CBPN" ]; then +-echo "Are they using PAP or CHAP for AUTHENTICATION? If so answer YES." > /tmp/txtTEMP$$ +-echo "Do they present you with a Username: or Login: and Password: prompt" >> /tmp/txtTEMP$$ +-echo "when they call you back, if so they're probably not using PAP or" >> /tmp/txtTEMP$$ +-echo "CHAP, so you can answer NO here." >> /tmp/txtTEMP$$ +-echo "If you're not sure, you'll have to ask you're service provider." >> /tmp/txtTEMP$$ ++echo "Are they using PAP or CHAP for AUTHENTICATION? If so answer YES." > $TMP/txtTEMP$$ ++echo "Do they present you with a Username: or Login: and Password: prompt" >> $TMP/txtTEMP$$ ++echo "when they call you back, if so they're probably not using PAP or" >> $TMP/txtTEMP$$ ++echo "CHAP, so you can answer NO here." >> $TMP/txtTEMP$$ ++echo "If you're not sure, you'll have to ask you're service provider." >> $TMP/txtTEMP$$ + +-dialog --backtitle "CALLBACK PAP-CHAP YES or NO? ..." --yesno "`cat /tmp/txtTEMP$$`" 9 72 ++dialog --backtitle "CALLBACK PAP-CHAP YES or NO? ..." --yesno "`cat $TMP/txtTEMP$$`" 9 72 + + if [ $? = 1 ]; then +-echo "What is your Username or Login to your service provider?" > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "This is the information you'll give them when they call" >> /tmp/txtTEMP$$ +-echo "you back at: $CBPN" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Example: jerry" >> /tmp/txtTEMP$$ ++echo "What is your Username or Login to your service provider?" > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "This is the information you'll give them when they call" >> $TMP/txtTEMP$$ ++echo "you back at: $CBPN" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Example: jerry" >> $TMP/txtTEMP$$ + +-dialog --backtitle "CALLBACK LOGIN? ..." --inputbox "`cat /tmp/txtTEMP$$`" 13 72 2> /tmp/cb3TEMP$$ ++dialog --backtitle "CALLBACK LOGIN? ..." --inputbox "`cat $TMP/txtTEMP$$`" 13 72 2> $TMP/cb3TEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-CBLOGIN="`cat /tmp/cb3TEMP$$`" ++CBLOGIN="`cat $TMP/cb3TEMP$$`" + + if [ -z "$CBLOGIN" ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + echo "No Login for Callback." +@@ -269,24 +300,24 @@ + fi + + if [ ! -z "$CBLOGIN" ]; then +-echo "What is the Password for: $CBLOGIN" > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Example: Ziy79Kie" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ ++echo "What is the Password for: $CBLOGIN" > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Example: Ziy79Kie" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + +-dialog --backtitle "CALLBACK PASSWORD? ..." --inputbox "`cat /tmp/txtTEMP$$`" 10 64 2> /tmp/cb4TEMP$$ ++dialog --backtitle "CALLBACK PASSWORD? ..." --inputbox "`cat $TMP/txtTEMP$$`" 10 64 2> $TMP/cb4TEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit 1 + fi + +-CBPASS="`cat /tmp/cb4TEMP$$`" ++CBPASS="`cat $TMP/cb4TEMP$$`" + + if [ -z "$CBPASS" ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + echo "No Password for Callback." +@@ -296,13 +327,13 @@ + + callback1() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -322,13 +353,13 @@ + + callback2() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -344,13 +375,13 @@ + + callback3() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -368,13 +399,13 @@ + + callback4() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -393,13 +424,13 @@ + + callback5() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -417,13 +448,13 @@ + + callback6() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -440,13 +471,13 @@ + + callback7() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -465,20 +496,20 @@ + mkdir -p /etc/ppp + fi + +-if [ -s /tmp/cb1TEMP$$ ]; then +-if [ -s /tmp/cb1.1TEMP$$ ] && [ -s /tmp/cb2TEMP$$ ] && [ -s /tmp/cb3TEMP$$ ] && [ -s /tmp/cb4TEMP$$ ]; then ++if [ -s $TMP/cb1TEMP$$ ]; then ++if [ -s $TMP/cb1.1TEMP$$ ] && [ -s $TMP/cb2TEMP$$ ] && [ -s $TMP/cb3TEMP$$ ] && [ -s $TMP/cb4TEMP$$ ]; then + callback1 > /etc/ppp/callback +-elif [ ! -s /tmp/cb1.1TEMP$$ ] && [ ! -s /tmp/cb2TEMP$$ ] && [ ! -s /tmp/cb3TEMP$$ ] && [ ! -s /tmp/cb4TEMP$$ ]; then ++elif [ ! -s $TMP/cb1.1TEMP$$ ] && [ ! -s $TMP/cb2TEMP$$ ] && [ ! -s $TMP/cb3TEMP$$ ] && [ ! -s $TMP/cb4TEMP$$ ]; then + callback2 > /etc/ppp/callback +-elif [ ! -s /tmp/cb1.1TEMP$$ ] && [ ! -s /tmp/cb2TEMP$$ ] && [ -s /tmp/cb3TEMP$$ ] && [ -s /tmp/cb4TEMP$$ ]; then ++elif [ ! -s $TMP/cb1.1TEMP$$ ] && [ ! -s $TMP/cb2TEMP$$ ] && [ -s $TMP/cb3TEMP$$ ] && [ -s $TMP/cb4TEMP$$ ]; then + callback3 > /etc/ppp/callback +-elif [ ! -s /tmp/cb1.1TEMP$$ ] && [ -s /tmp/cb2TEMP$$ ] && [ -s /tmp/cb3TEMP$$ ] && [ -s /tmp/cb4TEMP$$ ]; then ++elif [ ! -s $TMP/cb1.1TEMP$$ ] && [ -s $TMP/cb2TEMP$$ ] && [ -s $TMP/cb3TEMP$$ ] && [ -s $TMP/cb4TEMP$$ ]; then + callback4 > /etc/ppp/callback +-elif [ -s /tmp/cb1.1TEMP$$ ] && [ -s /tmp/cb2TEMP$$ ] && [ ! -s /tmp/cb3TEMP$$ ] && [ ! -s /tmp/cb4TEMP$$ ]; then ++elif [ -s $TMP/cb1.1TEMP$$ ] && [ -s $TMP/cb2TEMP$$ ] && [ ! -s $TMP/cb3TEMP$$ ] && [ ! -s $TMP/cb4TEMP$$ ]; then + callback5 > /etc/ppp/callback +-elif [ -s /tmp/cb1.1TEMP$$ ] && [ ! -s /tmp/cb3TEMP$$ ] && [ ! -s /tmp/cb4TEMP$$ ]; then ++elif [ -s $TMP/cb1.1TEMP$$ ] && [ ! -s $TMP/cb3TEMP$$ ] && [ ! -s $TMP/cb4TEMP$$ ]; then + callback6 > /etc/ppp/callback +-elif [ -s /tmp/cb2TEMP$$ ] && [ ! -s /tmp/cb3TEMP$$ ] && [ ! -s /tmp/cb4TEMP$$ ]; then ++elif [ -s $TMP/cb2TEMP$$ ] && [ ! -s $TMP/cb3TEMP$$ ] && [ ! -s $TMP/cb4TEMP$$ ]; then + callback7 > /etc/ppp/callback + fi + fi +@@ -488,93 +519,93 @@ + chmod 600 /etc/ppp/callback 2>/dev/null + fi + +-if [ ! -s /tmp/cb1TEMP$$ ]; then +-echo 'The default modem init string will be: "AT\&FW1H0" OK' > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "If you want to change it, put your init string in the box below." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "If you use \ in the init string, put it twice." >> /tmp/txtTEMP$$ +-echo 'Example: "AT\&F\\K3\\N3W1H0" OK' >> /tmp/txtTEMP$$ +-echo "M = No sound. W1 or S95=46 = Show CARRIER speed: 28800 etc." >> /tmp/txtTEMP$$ +-echo 'Put "" around each init string with "&" in it.' >> /tmp/txtTEMP$$ +-echo 'Put OK after each init string. Example: ATZ OK "AT\&F1MW1H0" OK' >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Just press [Enter] on a empty box to accept the default above." >> /tmp/txtTEMP$$ ++if [ ! -s $TMP/cb1TEMP$$ ]; then ++echo 'The default modem init string will be: "AT&FH0" OK' > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "If you want to change it, put your init string in the box below." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "If you use \ in the init string, put it twice." >> $TMP/txtTEMP$$ ++echo 'Example: "AT\&F\\K3\\N3H0" OK' >> $TMP/txtTEMP$$ ++echo "M = No sound. S95=46 = Show CARRIER speed: 28800 etc." >> $TMP/txtTEMP$$ ++echo 'Put "" around each init string with "&" in it.' >> $TMP/txtTEMP$$ ++echo 'Put OK after each init string. Example: ATZ OK "AT\&F1MH0" OK' >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Just press [Enter] on a empty box to accept the default above." >> $TMP/txtTEMP$$ + +-dialog --backtitle "MODEM INIT STRING ..." --inputbox "`cat /tmp/txtTEMP$$`" 18 74 2> /tmp/rspTEMP$$ ++dialog --backtitle "MODEM INIT STRING ..." --inputbox "`cat $TMP/txtTEMP$$`" 18 74 2> $TMP/rspTEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-if [ -s /tmp/rspTEMP$$ ]; then +-INIT="`cat /tmp/rspTEMP$$`" ++if [ -s $TMP/rspTEMP$$ ]; then ++INIT="`cat $TMP/rspTEMP$$`" + else + INIT="below" + fi + fi + +-echo "What is your (I)nternet (S)ervice (P)rovider's domain name?" > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "This is usually something like..." >> /tmp/txtTEMP$$ +-echo "Examples: something.edu something.net something.com something.org" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ ++echo "What is your (I)nternet (S)ervice (P)rovider's domain name?" > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "This is usually something like..." >> $TMP/txtTEMP$$ ++echo "Examples: something.edu something.net something.com something.org" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + +-dialog --backtitle "DOMAIN NAME ..." --inputbox "`cat /tmp/txtTEMP$$`" 11 74 2> /tmp/rspTEMP$$ ++dialog --backtitle "DOMAIN NAME ..." --inputbox "`cat $TMP/txtTEMP$$`" 11 74 2> $TMP/rspTEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-DOMAINNAME="`cat /tmp/rspTEMP$$`" ++DOMAINNAME="`cat $TMP/rspTEMP$$`" + +-echo "What is the IP address of your Internet provider's nameserver?" > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "It's important that these IP numbers be correct." >> /tmp/txtTEMP$$ +-echo "The IP numbers should not be: 0.0.0.0" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Note: Your service provider's technical support can provide you" >> /tmp/txtTEMP$$ +-echo "with this information. Example: 207.132.116.5" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ ++echo "What is the IP address of your Internet provider's nameserver?" > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "It's important that these IP numbers be correct." >> $TMP/txtTEMP$$ ++echo "The IP numbers should not be: 0.0.0.0" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Note: Your service provider's technical support can provide you" >> $TMP/txtTEMP$$ ++echo "with this information. Example: 207.132.116.5" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + +-dialog --backtitle "DNS IP ADDRESS ..." --inputbox "`cat /tmp/txtTEMP$$`" 14 74 2> /tmp/rspTEMP$$ ++dialog --backtitle "DNS IP ADDRESS ..." --inputbox "`cat $TMP/txtTEMP$$`" 14 74 2> $TMP/rspTEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-DNSIP="`cat /tmp/rspTEMP$$`" ++DNSIP="`cat $TMP/rspTEMP$$`" + +-if [ ! -s /tmp/cb3TEMP$$ ]; then +-echo "Does your service provider use PAP or CHAP?" > /tmp/txtTEMP$$ +-echo "If you're presented with a Username: or Login: and Password:" >> /tmp/txtTEMP$$ +-echo "prompt when you connect to your service provider, they're" >> /tmp/txtTEMP$$ +-echo "'probably' not using PAP or CHAP, so you can answer SCRIPT." >> /tmp/txtTEMP$$ +-echo "I said 'probably', the only way to know for sure is to ask you're" >> /tmp/txtTEMP$$ +-echo "service provider, this could save you a lot of wasted time." >> /tmp/txtTEMP$$ ++if [ ! -s $TMP/cb3TEMP$$ ]; then ++echo "Does your service provider use PAP or CHAP?" > $TMP/txtTEMP$$ ++echo "If you're presented with a Username: or Login: and Password:" >> $TMP/txtTEMP$$ ++echo "prompt when you connect to your service provider, they're" >> $TMP/txtTEMP$$ ++echo "'probably' not using PAP or CHAP, so you can answer SCRIPT." >> $TMP/txtTEMP$$ ++echo "I said 'probably', the only way to know for sure is to ask you're" >> $TMP/txtTEMP$$ ++echo "service provider, this could save you a lot of wasted time." >> $TMP/txtTEMP$$ + +-dialog --backtitle "PAP, CHAP, or SCRIPT? ..." --menu "`cat /tmp/txtTEMP$$`" 16 72 4 \ ++dialog --backtitle "PAP, CHAP, or SCRIPT? ..." --menu "`cat $TMP/txtTEMP$$`" 16 72 4 \ + PAP "AUTHENTICATION" \ + CHAP "AUTHENTICATION" \ + MS-CHAP-80 "is microsoft's version of CHAP." \ +-SCRIPT "Create Chat Script For Login." 2> /tmp/papTEMP ++SCRIPT "Create Chat Script For Login." 2> $TMP/papTEMP + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + else +-PAP="`cat /tmp/papTEMP`" ++PAP="`cat $TMP/papTEMP`" + fi + fi + +@@ -595,46 +626,46 @@ + + if [ "$PAP" = "MS-CHAP-80" ]; then + if [ ! -z "$DOMAINNAME" ]; then +-echo > /tmp/txtTEMP$$ +-echo "You gave $DOMAINNAME for domain name, this will be the" >> /tmp/txtTEMP$$ +-echo "NT server you connect to when you dial: $PHONENUM" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ ++echo > $TMP/txtTEMP$$ ++echo "You gave $DOMAINNAME for domain name, this will be the" >> $TMP/txtTEMP$$ ++echo "NT server you connect to when you dial: $PHONENUM" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + else +-echo > /tmp/txtTEMP$$ ++echo > $TMP/txtTEMP$$ + fi +-RAS >> /tmp/txtTEMP$$ ++RAS >> $TMP/txtTEMP$$ + +-dialog --title "MS-CHAP NT server, Stand-alone or ? ..." --menu "`cat /tmp/txtTEMP$$`" 22 72 2 \ ++dialog --title "MS-CHAP NT server, Stand-alone or ? ..." --menu "`cat $TMP/txtTEMP$$`" 22 72 2 \ + MS-CHAP-SERVER-1 "Stand-alone..." \ +-MS-CHAP-SERVER-2 "Queries domain controller..." 2> /tmp/mschapTEMP ++MS-CHAP-SERVER-2 "Queries domain controller..." 2> $TMP/mschapTEMP + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-MSCHAP="`cat /tmp/mschapTEMP`" ++MSCHAP="`cat $TMP/mschapTEMP`" + + if [ "$MSCHAP" = "MS-CHAP-SERVER-2" ]; then +-echo "Put the name of the domain you have your account on." > /tmp/txtTEMP0 +-echo "Example: fooboo" >> /tmp/txtTEMP0 +-echo >> /tmp/txtTEMP0 ++echo "Put the name of the domain you have your account on." > $TMP/txtTEMP0 ++echo "Example: fooboo" >> $TMP/txtTEMP0 ++echo >> $TMP/txtTEMP0 + +-dialog --backtitle "MS-CHAP QUERY DOMAIN? ..." --inputbox "`cat /tmp/txtTEMP0`" 9 64 2> /tmp/rspTEMP0 ++dialog --backtitle "MS-CHAP QUERY DOMAIN? ..." --inputbox "`cat $TMP/txtTEMP0`" 9 64 2> $TMP/rspTEMP0 + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-MSDOMAIN="`cat /tmp/rspTEMP0`" ++MSDOMAIN="`cat $TMP/rspTEMP0`" + +-if [ ! -s /tmp/rspTEMP0 ]; then +-rm -f /tmp/*TEMP* ++if [ ! -s $TMP/rspTEMP0 ]; then ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + echo "No ms-chap query domain name given." +@@ -643,32 +674,32 @@ + fi + fi + +-if [ ! "$PAP" = "SCRIPT" ] && [ ! -s /tmp/cb3TEMP$$ ]; then +-echo "Put your Login = Username in the box below." > /tmp/txtTEMP1 +-echo >> /tmp/txtTEMP1 +-echo "Sometimes they want your username or number followed" >> /tmp/txtTEMP1 +-echo "by their @domain name like this below." >> /tmp/txtTEMP1 +-echo "Example: jerry@foo.boo.com" >> /tmp/txtTEMP1 +-echo "Example: 1234567@foo.boo.com" >> /tmp/txtTEMP1 +-echo >> /tmp/txtTEMP1 +-echo "Sometimes the username is two words." >> /tmp/txtTEMP1 +-echo "Example: jerry donut" >> /tmp/txtTEMP1 +-echo >> /tmp/txtTEMP1 +-echo "Usally it's just your username like this below." >> /tmp/txtTEMP1 +-echo "Example: jerry" >> /tmp/txtTEMP1 +-echo >> /tmp/txtTEMP1 ++if [ ! "$PAP" = "SCRIPT" ] && [ ! -s $TMP/cb3TEMP$$ ]; then ++echo "Put your Login = Username in the box below." > $TMP/txtTEMP1 ++echo >> $TMP/txtTEMP1 ++echo "Sometimes they want your username or number followed" >> $TMP/txtTEMP1 ++echo "by their @domain name like this below." >> $TMP/txtTEMP1 ++echo "Example: jerry@foo.boo.com" >> $TMP/txtTEMP1 ++echo "Example: 1234567@foo.boo.com" >> $TMP/txtTEMP1 ++echo >> $TMP/txtTEMP1 ++echo "Sometimes the username is two words." >> $TMP/txtTEMP1 ++echo "Example: jerry donut" >> $TMP/txtTEMP1 ++echo >> $TMP/txtTEMP1 ++echo "Usally it's just your username like this below." >> $TMP/txtTEMP1 ++echo "Example: jerry" >> $TMP/txtTEMP1 ++echo >> $TMP/txtTEMP1 + +-dialog --backtitle "PAP or CHAP LOGIN? ..." --inputbox "`cat /tmp/txtTEMP1`" 19 64 2> /tmp/rspTEMP1 ++dialog --backtitle "PAP or CHAP LOGIN? ..." --inputbox "`cat $TMP/txtTEMP1`" 19 64 2> $TMP/rspTEMP1 + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-if [ ! -s /tmp/rspTEMP1 ]; then +-rm -f /tmp/*TEMP* ++if [ ! -s $TMP/rspTEMP1 ]; then ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + echo "No username for pap, chap, or ms-chap given." +@@ -676,119 +707,119 @@ + fi + fi + +-if [ -s /tmp/rspTEMP1 ]; then +-AUTH1="`cat /tmp/rspTEMP1`" +-echo "$AUTH1" > /tmp/txtTEMP2 +-echo "What's the password for the username above?" >> /tmp/txtTEMP2 +-echo "Example: Xpi9u87T" >> /tmp/txtTEMP2 +-dialog --backtitle "PAP or CHAP PASSWORD? ..." --inputbox "`cat /tmp/txtTEMP2`" 10 64 2> /tmp/rspTEMP2 ++if [ -s $TMP/rspTEMP1 ]; then ++AUTH1="`cat $TMP/rspTEMP1`" ++echo "$AUTH1" > $TMP/txtTEMP2 ++echo "What's the password for the username above?" >> $TMP/txtTEMP2 ++echo "Example: Xpi9u87T" >> $TMP/txtTEMP2 ++dialog --backtitle "PAP or CHAP PASSWORD? ..." --inputbox "`cat $TMP/txtTEMP2`" 10 64 2> $TMP/rspTEMP2 + +-AUTH2="`cat /tmp/rspTEMP2`" ++AUTH2="`cat $TMP/rspTEMP2`" + END="" + +-elif [ ! -s /tmp/cb1TEMP$$ ] && [ "$PAP" = "SCRIPT" ]; then ++elif [ ! -s $TMP/cb1TEMP$$ ] && [ "$PAP" = "SCRIPT" ]; then + END='""' +-echo "If you reached this part of the script, it should be because you" > /tmp/txtTEMP$$ +-echo "skipped the PAP or CHAP? and CALLBACK? parts of this script." >> /tmp/txtTEMP$$ +-echo "In other words, your service provider is not using PAP, CHAP, or" >> /tmp/txtTEMP$$ +-echo "CALLBACK." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Now comes the tough part. :) I need to know what your" >> /tmp/txtTEMP$$ +-echo "service provider prints to your screen when you dial in," >> /tmp/txtTEMP$$ +-echo "and what you respond with." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Usally when you connect to your service provider you see a" >> /tmp/txtTEMP$$ +-echo "Username: or Login: prompt, and you respond with your name." >> /tmp/txtTEMP$$ +-echo "Then there's a Password: prompt and you respond with your" >> /tmp/txtTEMP$$ +-echo "password." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "If you're not sure if it's Login: or login:, just put ogin:" >> /tmp/txtTEMP$$ +-echo "you don't have to spell the whole thing out, the end part of" >> /tmp/txtTEMP$$ +-echo "what to wait for should be enough." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo 'If they put this for example "foobar fooboo ID:", you could just' >> /tmp/txtTEMP$$ +-echo 'put ID: or you could spell the whole thing out & put "" around it.' >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo "ID:" >> /tmp/txtTEMP$$ +-echo "What text should I send?" >> /tmp/txtTEMP$$ +-echo "jerry" >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo '"foobar fooboo ID:"' >> /tmp/txtTEMP$$ +-echo "What text should I send?" >> /tmp/txtTEMP$$ +-echo "jerry" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Sometimes you may want to wait for nothing, but send something." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo '""' >> /tmp/txtTEMP$$ +-echo "What text should I send?" >> /tmp/txtTEMP$$ +-echo "something" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo '"" = wait for nothing.' >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "If you don't want your password printed out put \q in front of it." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo "Password:" >> /tmp/txtTEMP$$ +-echo "What text should I send?" >> /tmp/txtTEMP$$ +-echo "\qsecret" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "ogin: = Login: name: = Username: word: = Password:" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "This below would end up looking like this in the /etc/ppp/pppscript" >> /tmp/txtTEMP$$ +-echo "file created by pppsetup when you're done." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "ogin: jerry" >> /tmp/txtTEMP$$ +-echo "word: secret" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "For example..." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo "ogin:" >> /tmp/txtTEMP$$ +-echo "And what text should I send?" >> /tmp/txtTEMP$$ +-echo "jerry" >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo "word:" >> /tmp/txtTEMP$$ +-echo "And what text should I send?" >> /tmp/txtTEMP$$ +-echo "secret" >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "( End by pressing Enter on an empty = blank wait for? box. )" >> /tmp/txtTEMP$$ ++echo "If you reached this part of the script, it should be because you" > $TMP/txtTEMP$$ ++echo "skipped the PAP or CHAP? and CALLBACK? parts of this script." >> $TMP/txtTEMP$$ ++echo "In other words, your service provider is not using PAP, CHAP, or" >> $TMP/txtTEMP$$ ++echo "CALLBACK." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Now comes the tough part. :) I need to know what your" >> $TMP/txtTEMP$$ ++echo "service provider prints to your screen when you dial in," >> $TMP/txtTEMP$$ ++echo "and what you respond with." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Usally when you connect to your service provider you see a" >> $TMP/txtTEMP$$ ++echo "Username: or Login: prompt, and you respond with your name." >> $TMP/txtTEMP$$ ++echo "Then there's a Password: prompt and you respond with your" >> $TMP/txtTEMP$$ ++echo "password." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "If you're not sure if it's Login: or login:, just put ogin:" >> $TMP/txtTEMP$$ ++echo "you don't have to spell the whole thing out, the end part of" >> $TMP/txtTEMP$$ ++echo "what to wait for should be enough." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo 'If they put this for example "foobar fooboo ID:", you could just' >> $TMP/txtTEMP$$ ++echo 'put ID: or you could spell the whole thing out & put "" around it.' >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo "ID:" >> $TMP/txtTEMP$$ ++echo "What text should I send?" >> $TMP/txtTEMP$$ ++echo "jerry" >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo '"foobar fooboo ID:"' >> $TMP/txtTEMP$$ ++echo "What text should I send?" >> $TMP/txtTEMP$$ ++echo "jerry" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Sometimes you may want to wait for nothing, but send something." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo '""' >> $TMP/txtTEMP$$ ++echo "What text should I send?" >> $TMP/txtTEMP$$ ++echo "something" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo '"" = wait for nothing.' >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "If you don't want your password printed out put \q in front of it." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo "Password:" >> $TMP/txtTEMP$$ ++echo "What text should I send?" >> $TMP/txtTEMP$$ ++echo "\qsecret" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "ogin: = Login: name: = Username: word: = Password:" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "This below would end up looking like this in the /etc/ppp/pppscript" >> $TMP/txtTEMP$$ ++echo "file created by pppsetup when you're done." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "ogin: jerry" >> $TMP/txtTEMP$$ ++echo "word: secret" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "For example..." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo "ogin:" >> $TMP/txtTEMP$$ ++echo "And what text should I send?" >> $TMP/txtTEMP$$ ++echo "jerry" >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo "word:" >> $TMP/txtTEMP$$ ++echo "And what text should I send?" >> $TMP/txtTEMP$$ ++echo "secret" >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "( End by pressing Enter on an empty = blank wait for? box. )" >> $TMP/txtTEMP$$ + +-dialog --title "CHAT SCRIPT" --textbox "/tmp/txtTEMP$$" 22 72 ++dialog --title "CHAT SCRIPT" --textbox "$TMP/txtTEMP$$" 22 72 + + MESSAGE=' ' + YOUSAY=' ' + while [ ! "$MESSAGE" = "" -a ! "$YOUSAY" = "" ] + do + +-echo " End by pressing Enter on a empty = blank box." > /tmp/txtTEMP$$ +-echo " What text should I wait for?" >> /tmp/txtTEMP$$ +-dialog --backtitle "EXPECT ..." --inputbox "`cat /tmp/txtTEMP$$`" 9 60 2> /tmp/rspTEMP$$ ++echo " End by pressing Enter on a empty = blank box." > $TMP/txtTEMP$$ ++echo " What text should I wait for?" >> $TMP/txtTEMP$$ ++dialog --backtitle "EXPECT ..." --inputbox "`cat $TMP/txtTEMP$$`" 9 60 2> $TMP/rspTEMP$$ + +-MESSAGE="`cat /tmp/rspTEMP$$`" ++MESSAGE="`cat $TMP/rspTEMP$$`" + + if [ -z "$MESSAGE" ]; then + continue + fi + +-dialog --backtitle "SEND ..." --inputbox "And what text should I send?" 8 60 2> /tmp/rspTEMP$$ ++dialog --backtitle "SEND ..." --inputbox "And what text should I send?" 8 60 2> $TMP/rspTEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-YOUSAY="`cat /tmp/rspTEMP$$`" ++YOUSAY="`cat $TMP/rspTEMP$$`" + +-echo "$MESSAGE $YOUSAY" >> /tmp/sayTEMP1 ++echo "$MESSAGE $YOUSAY" >> $TMP/sayTEMP1 + + if [ -z "$YOUSAY" ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + echo "Nothing to send." + exit +@@ -798,22 +829,22 @@ + done + fi + +-if [ ! -s /tmp/cb3TEMP$$ ]; then +-if [ -s /tmp/cb1TEMP$$ ] && [ ! -s /tmp/cb3TEMP$$ ] && [ "$PAP" = "SCRIPT" ]; then ++if [ ! -s $TMP/cb3TEMP$$ ]; then ++if [ -s $TMP/cb1TEMP$$ ] && [ ! -s $TMP/cb3TEMP$$ ] && [ "$PAP" = "SCRIPT" ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + echo "You chose callback with PAP or CHAP, but answered SCRIPT to PAP or CHAP?." + exit +-elif [ ! -s /tmp/rspTEMP2 ] && [ -s /tmp/rspTEMP1 ]; then ++elif [ ! -s $TMP/rspTEMP2 ] && [ -s $TMP/rspTEMP1 ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + echo "No password for: $AUTH1" + exit +-elif [ ! -s /tmp/sayTEMP1 ] && [ ! -s /tmp/rspTEMP2 ]; then ++elif [ ! -s $TMP/sayTEMP1 ] && [ ! -s $TMP/rspTEMP2 ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + echo "Nothing to wait for." + exit +@@ -868,9 +899,9 @@ + PATH1="pppd" + fi + +-if [ "$PATH1" != "pppd" ]; then +-chmod 4755 $PATH1 2>/dev/null +-fi ++#if [ "$PATH1" != "pppd" ]; then ++#chmod 4755 $PATH1 2>/dev/null ++#fi + + if [ -x /usr/sbin/chat ]; then + PATH2="/usr/sbin/chat" +@@ -886,14 +917,14 @@ + PATH2="chat" + fi + +-if [ ! -s /tmp/cb1TEMP$$ ]; then +-echo "TIMEOUT 10" > /etc/ppp/pppscript ++if [ ! -s $TMP/cb1TEMP$$ ]; then ++echo "TIMEOUT 60" > /etc/ppp/pppscript + echo "ABORT ERROR" >> /etc/ppp/pppscript + echo "ABORT BUSY" >> /etc/ppp/pppscript + echo 'ABORT "NO CARRIER"' >> /etc/ppp/pppscript + echo 'ABORT "NO DIALTONE"' >> /etc/ppp/pppscript + if [ "$INIT" = "below" ]; then +-echo '"" "AT\&FW1H0"' >> /etc/ppp/pppscript ++echo '"" "AT&FH0"' >> /etc/ppp/pppscript + echo 'OK "'$PHONENUM'"' >> /etc/ppp/pppscript + else + echo '"" '$INIT'' >> /etc/ppp/pppscript +@@ -905,8 +936,8 @@ + chmod 600 /etc/ppp/pppscript 2>/dev/null + fi + +-if [ -s /tmp/sayTEMP1 ]; then +-cat /tmp/sayTEMP1 >> /etc/ppp/pppscript ++if [ -s $TMP/sayTEMP1 ]; then ++cat $TMP/sayTEMP1 >> /etc/ppp/pppscript + echo >> /etc/ppp/pppscript + else + echo >> /etc/ppp/pppscript +@@ -948,9 +979,9 @@ + echo "# The CARRIER speed at which you connected will be reported, if it's in" >> /etc/ppp/ip-up + echo '# the /var/log/messages file. You also need the programs "tail" "cut"' >> /etc/ppp/ip-up + echo '# "tr" "grep" and "syslogd" running for this to work.' >> /etc/ppp/ip-up +-echo "# You may have to add W1 or S95=46 to your modem init string" >> /etc/ppp/ip-up ++echo "# You may have to add S95=46 to your modem init string" >> /etc/ppp/ip-up + echo "# to get your modem to report the DCE = CARRIER speed." >> /etc/ppp/ip-up +-echo "# Examples: AT&FW1 or AT&FS95=46" >> /etc/ppp/ip-up ++echo "# Example: AT&FS95=46" >> /etc/ppp/ip-up + + echo >> /etc/ppp/ip-up + echo "if [ -s /var/log/messages ] && ( ps xc 2>/dev/null | grep -q syslogd 2>/dev/null ); then" >> /etc/ppp/ip-up +@@ -986,7 +1017,8 @@ + echo >> /etc/ppp/ip-up + echo "# End..." >> /etc/ppp/ip-up + +-chmod 4755 /etc/ppp/ip-up 2>/dev/null ++#chmod 4755 /etc/ppp/ip-up 2>/dev/null ++chmod 755 /etc/ppp/ip-up 2>/dev/null + + if [ -s /etc/ppp/ip-down ]; then + mv /etc/ppp/ip-down /etc/ppp/ip-down.OLD +@@ -1022,7 +1054,7 @@ + # You'll see the modem reponse OK and date in the /etc/ppp/modem.cua?, + # modem.ttyS?, or modem.modem file. + # You need the 'modem-stats' program for this below to work. +-# ftp://sunsite.unc.edu/pub/apps/serialcomm/modem ++# ftp://metalab.unc.edu/pub/apps/serialcomm/modem + # modem-stats-1.0.1.src.elf.tar.gz + # Remove the ##### from the lines below. + +@@ -1030,7 +1062,8 @@ + } + + ipdown > /etc/ppp/ip-down +-chmod 4755 /etc/ppp/ip-down 2>/dev/null ++#chmod 4755 /etc/ppp/ip-down 2>/dev/null ++chmod 755 /etc/ppp/ip-down 2>/dev/null + + echo "#sleep 2 # Make sure the modem is really down." >> /etc/ppp/ip-down + echo '#DEV=`echo $2 | sed -e "s./dev/.."`' >> /etc/ppp/ip-down +@@ -1080,38 +1113,38 @@ + cat <<EOF + grepauth() { + +-tail -n 30 /var/log/debug 2>/dev/null | grep -i -s "rcvd" > /tmp/grep.tmp ++tail -n 30 /var/log/debug 2>/dev/null | grep -i -s "rcvd" > $TMP/grep.tmp + +-if ( grep -i -q "auth pap" /tmp/grep.tmp ); then ++if ( grep -i -q "auth pap" $TMP/grep.tmp ); then + echo + echo "They seem to be requesting PAP = <auth pap> for authentication." + echo "I don't know if you're setup for 'PAP' or not." + echo "Did you answer 'PAP' when you ran pppsetup?" + echo +-elif ( grep -E -i -q "auth chap msoft|auth chap 80" /tmp/grep.tmp ); then ++elif ( grep -E -i -q "auth chap msoft|auth chap 80" $TMP/grep.tmp ); then + echo + echo "They seem to be requesting MS-CHAP-80 = <auth chap 80> for authentication." + echo "I don't know if you're setup for 'MS-CHAP' or not." + echo "Did you answer 'MS-CHAP' when you ran pppsetup?" + echo +-elif ( grep -i -q "auth chap" /tmp/grep.tmp ); then ++elif ( grep -i -q "auth chap" $TMP/grep.tmp ); then + echo "They seem to be requesting CHAP = <auth chap> for authentication." + echo "I don't know if you're setup for 'CHAP' or not." + echo "Did you answer 'CHAP' when you ran pppsetup?" + echo + else +-rm -f /tmp/grep.tmp ++rm -f $TMP/grep.tmp + exit 0 + fi + +-if ( grep -i -q "callback" /tmp/grep.tmp ); then ++if ( grep -i -q "callback" $TMP/grep.tmp ); then + echo "They seem to be requesting CALLBACK." + echo "I don't know if you're setup for 'callback' or not." + echo "Did you answer 'CALLBACK' when you ran pppsetup?" + echo + fi + +-rm -f /tmp/grep.tmp ++rm -f $TMP/grep.tmp + } + EOF + } +@@ -1124,14 +1157,14 @@ + echo "killall -INT pppd 2>/dev/null" >> /usr/sbin/ppp-go + echo "rm -f /var/lock/LCK* /var/run/ppp*.pid" >> /usr/sbin/ppp-go + +-if [ -s /tmp/cb1TEMP$$ ]; then +-echo '('$PATH1' -detach connect "'$PATH2' -v -s -f /etc/ppp/callback" &) || exit 1' >> /usr/sbin/ppp-go ++if [ -s $TMP/cb1TEMP$$ ]; then ++echo '('$PATH1' -detach connect "'$PATH2' -v -f /etc/ppp/callback" &) || exit 1' >> /usr/sbin/ppp-go + else +-echo '('$PATH1' -detach connect "'$PATH2' -v -s -f /etc/ppp/pppscript" &) || exit 1' >> /usr/sbin/ppp-go ++echo '('$PATH1' -detach connect "'$PATH2' -v -f /etc/ppp/pppscript" &) || exit 1' >> /usr/sbin/ppp-go + fi + +-echo "read" >> /usr/sbin/ppp-go +-echo "ifconnect" >> /usr/sbin/ppp-go ++echo "#read" >> /usr/sbin/ppp-go ++echo "#ifconnect" >> /usr/sbin/ppp-go + echo "exit 0" >> /usr/sbin/ppp-go + echo "fi" >> /usr/sbin/ppp-go + +@@ -1140,10 +1173,10 @@ + echo "killall -INT pppd 2>/dev/null" >> /usr/sbin/ppp-go + echo "rm -f /var/lock/LCK* /var/run/ppp*.pid" >> /usr/sbin/ppp-go + +-if [ -s /tmp/cb1TEMP$$ ]; then +-echo '('$PATH1' connect "'$PATH2' -v -f /etc/ppp/callback") || exit 1' >> /usr/sbin/ppp-go ++if [ -s $TMP/cb1TEMP$$ ]; then ++echo '('$PATH1' connect "'$PATH2' -v -f /etc/ppp/callback" 1> /dev/null 2> /dev/null ) || exit 1' >> /usr/sbin/ppp-go + else +-echo '('$PATH1' connect "'$PATH2' -v -f /etc/ppp/pppscript") || exit 1' >> /usr/sbin/ppp-go ++echo '('$PATH1' connect "'$PATH2' -v -f /etc/ppp/pppscript" 1> /dev/null 2> /dev/null ) || exit 1' >> /usr/sbin/ppp-go + fi + + echo "exit 0" >> /usr/sbin/ppp-go +@@ -1194,26 +1227,37 @@ + echo 'echo "USAGE: ppp-go -h <Help>"' >> /usr/sbin/ppp-go + echo "exit 1" >> /usr/sbin/ppp-go + +-chmod 4755 /usr/sbin/ppp-go 2>/dev/null ++#chmod 4755 /usr/sbin/ppp-go 2>/dev/null ++chmod 755 /usr/sbin/ppp-go 2>/dev/null + +-echo "lock" > /etc/ppp/options +-echo "defaultroute" >> /etc/ppp/options +-echo "noipdefault" >> /etc/ppp/options +-echo "modem" >> /etc/ppp/options +-echo "/dev/$MODEM" >> /etc/ppp/options +-echo "$BAUDRATE" >> /etc/ppp/options +-echo "crtscts" >> /etc/ppp/options +-echo "debug" >> /etc/ppp/options +-echo "passive" >> /etc/ppp/options +-echo "asyncmap 0" >> /etc/ppp/options ++cat << EOF > /etc/ppp/options ++# General configuration options for PPPD: ++lock ++defaultroute ++noipdefault ++modem ++/dev/$MODEM ++$BAUDRATE ++crtscts ++# Uncomment the line below for more verbose error reporting: ++#debug ++# If you have a default route already, pppd may require the other side ++# to authenticate itself, which most ISPs will not do. To work around this, ++# uncomment the line below. Note that this may have negative side effects ++# on system security if you allow PPP dialins. See the docs in /usr/doc/ppp* ++# for more information. ++#noauth ++passive ++asyncmap 0 ++EOF + + if [ ! -z "$CBPN" ]; then + echo 'callback "'$CBPN'"' >> /etc/ppp/options + fi + +-if [ "$MSCHAP" = "MS-CHAP-SERVER-2" ] && [ -s /tmp/rspTEMP2 ]; then ++if [ "$MSCHAP" = "MS-CHAP-SERVER-2" ] && [ -s $TMP/rspTEMP2 ]; then + echo 'name "'$MSDOMAIN\\\\$AUTH1'"' >> /etc/ppp/options +-elif [ -s /tmp/rspTEMP2 ]; then ++elif [ -s $TMP/rspTEMP2 ]; then + echo 'name "'$AUTH1'"' >> /etc/ppp/options + fi + +@@ -1277,7 +1321,7 @@ + echo "0.0.0.0:10.10.10.10" >> /etc/ppp/options.demand + echo "demand" >> /etc/ppp/options.demand + +-if [ -s /tmp/cb1TEMP$$ ]; then ++if [ -s $TMP/cb1TEMP$$ ]; then + echo 'connect "'$PATH2' -v -f /etc/ppp/callback"' >> /etc/ppp/options.demand + else + echo 'connect "'$PATH2' -v -f /etc/ppp/pppscript"' >> /etc/ppp/options.demand +@@ -1352,18 +1396,18 @@ + 0.0.0.0 foobar.localnet foobar + + ~# dip -tv +-dip> port /dev/cua1 +-can't open - problems with locking cua1 ++dip> port /dev/ttyS1 ++can't open - problems with locking ttyS1 + + If you get the above message after "port /dev/modem", it means you have a +-lock file in /var/lock/LCK..cua1, remove the lock file and kill dip. ++lock file in /var/lock/LCK..ttyS1, remove the lock file and kill dip. + + ~# rm /var/lock/LCK* + # killall -9 dip + + ~# dip -tv + +-dip> port /dev/cua1 <-Where's the modem? cua0 = com1 cua1 = com2 etc.) ++dip> port /dev/ttyS1 <-Where's the modem? ttyS0 = com1 ttyS1 = com2 etc.) + dip> speed 115200 <-Modem speed: 19200 38400 57600 + dip> term + +@@ -1379,7 +1423,7 @@ + dip> default <-Use default route.) + dip> mode ppp <-Start PPP at your end.) + +-~# ping sunsite.unc.edu <-To see if you're connected.) ++~# ping metalab.unc.edu <-To see if you're connected.) + + ~# dip -k <-To kill dip and the PPP connection.) + +@@ -1393,7 +1437,7 @@ + lock + defaultroute + noipdefault +-/dev/cua1 <- cua0 = com1 cua1 = com2 cua2 = com3 cua3 = com4 ++/dev/ttyS1 <- ttyS0 = com1 ttyS1 = com2 ttyS2 = com3 ttyS3 = com4 + 57600 + modem + crtscts +@@ -1419,221 +1463,221 @@ + } + + echo "=========================================================================" > /etc/ppp/pppsetup.txt +-cat /tmp/txtTEMP01 >> /etc/ppp/pppsetup.txt ++cat $TMP/txtTEMP01 >> /etc/ppp/pppsetup.txt + +-echo "=========================================================================" > /tmp/txtTEMP$$ +-echo "These are your PPP configuration files and instructions..." >> /tmp/txtTEMP$$ +-echo "=========================================================================" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +- +-if [ ! -s /tmp/cb1TEMP$$ ] && [ ! -s /tmp/sayTEMP1 ]; then +-echo "# This is your /etc/ppp/pppscript." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-cat /etc/ppp/pppscript >> /tmp/txtTEMP$$ +-elif [ ! -s /tmp/cb1TEMP$$ ] && [ -s /tmp/sayTEMP1 ]; then +-echo "# This is your /etc/ppp/pppscript." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Look at /etc/ppp/pppscript." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-fi +- +-if [ -s /tmp/cb1TEMP$$ ]; then +-echo "# This is your /etc/ppp/callback script." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Look at /etc/ppp/callback." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-fi +- +-echo "# This is your /etc/ppp/options file." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-cat /etc/ppp/options >> /tmp/txtTEMP$$ ++echo "=========================================================================" > $TMP/txtTEMP$$ ++echo "These are your PPP configuration files and instructions..." >> $TMP/txtTEMP$$ ++echo "=========================================================================" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++ ++if [ ! -s $TMP/cb1TEMP$$ ] && [ ! -s $TMP/sayTEMP1 ]; then ++echo "# This is your /etc/ppp/pppscript." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++cat /etc/ppp/pppscript >> $TMP/txtTEMP$$ ++elif [ ! -s $TMP/cb1TEMP$$ ] && [ -s $TMP/sayTEMP1 ]; then ++echo "# This is your /etc/ppp/pppscript." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Look at /etc/ppp/pppscript." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++fi ++ ++if [ -s $TMP/cb1TEMP$$ ]; then ++echo "# This is your /etc/ppp/callback script." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Look at /etc/ppp/callback." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++fi ++ ++echo "# This is your /etc/ppp/options file." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++cat /etc/ppp/options >> $TMP/txtTEMP$$ + + if [ "$MODERROR" = "YES" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "WARNING: I could not find the modem device: '/dev/$MODEM'" >> /tmp/txtTEMP$$ +-echo "cua0 = com1 cua1 = com2 cua2 = com3 cua3 = com4" >> /tmp/txtTEMP$$ +-echo "# MAKEDEV $MODEM # /dev/MAKEDEV $MODEM" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "WARNING: I could not find the modem device: '/dev/$MODEM'" >> $TMP/txtTEMP$$ ++echo "ttyS0 = com1 ttyS1 = com2 ttyS2 = com3 ttyS3 = com4" >> $TMP/txtTEMP$$ ++echo "# MAKEDEV $MODEM # /dev/MAKEDEV $MODEM" >> $TMP/txtTEMP$$ + fi + + if [ "$DOMAINNAME" = "unknown.com" ] && [ "$PAP" = "MS-CHAP-80" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "The remotename option is required for microsoft's ms-chap-80." >> /tmp/txtTEMP$$ +-echo "You didn't give a DOMAIN NAME so i put unknown.com, you should" >> /tmp/txtTEMP$$ +-echo "change that to your service providers domain name." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "The remotename option is required for microsoft's ms-chap-80." >> $TMP/txtTEMP$$ ++echo "You didn't give a DOMAIN NAME so i put unknown.com, you should" >> $TMP/txtTEMP$$ ++echo "change that to your service providers domain name." >> $TMP/txtTEMP$$ + fi + + if [ ! "$MODERROR" = "YES" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "I created the symbolic link: /dev/modem -> /dev/$MODEM" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "I created the symbolic link: /dev/modem -> /dev/$MODEM" >> $TMP/txtTEMP$$ + fi + +-echo >> /tmp/txtTEMP$$ +-echo "# This is your /etc/ppp/options.demand dialing file." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-cat /etc/ppp/options.demand >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "If you have a ethernet connection you should change the local:remote" >> /tmp/txtTEMP$$ +-echo "IP addresses in the options.demand file, to your actual local and" >> /tmp/txtTEMP$$ +-echo "remote address. Example: 215.346.117.89:312.217.187.96" >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "# This in your /etc/resolv.conf file." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-cat /etc/resolv.conf >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "# This is your /etc/ppp/options.demand dialing file." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++cat /etc/ppp/options.demand >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "If you have a ethernet connection you should change the local:remote" >> $TMP/txtTEMP$$ ++echo "IP addresses in the options.demand file, to your actual local and" >> $TMP/txtTEMP$$ ++echo "remote address. Example: 215.346.117.89:312.217.187.96" >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "# This in your /etc/resolv.conf file." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++cat /etc/resolv.conf >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + if [ -z $DNSIP ]; then +-echo "207.132.116.5 <-IMPORTANT: This should be the IP address of" >> /tmp/txtTEMP$$ +-echo " your service providers nameserver." >> /tmp/txtTEMP$$ ++echo "207.132.116.5 <-IMPORTANT: This should be the IP address of" >> $TMP/txtTEMP$$ ++echo " your service providers nameserver." >> $TMP/txtTEMP$$ + else +-echo "$DNSIP <-IMPORTANT: This should be the IP address of" >> /tmp/txtTEMP$$ +-echo " your service providers nameserver." >> /tmp/txtTEMP$$ ++echo "$DNSIP <-IMPORTANT: This should be the IP address of" >> $TMP/txtTEMP$$ ++echo " your service providers nameserver." >> $TMP/txtTEMP$$ + fi + + if [ -z $DNSIP ]; then +-echo >> /tmp/txtTEMP$$ +-echo "WARNING: You didn't give a IP address for your internet service" >> /tmp/txtTEMP$$ +-echo "providers nameserver, i put '207.132.116.5' but this may not work." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "WARNING: You didn't give a IP address for your internet service" >> $TMP/txtTEMP$$ ++echo "providers nameserver, i put '207.132.116.5' but this may not work." >> $TMP/txtTEMP$$ + fi + + if [ "$PAP" = "CHAP" ] || [ "$PAP" = "MS-CHAP-80" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "# This is your /etc/ppp/chap-secrets file." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Look at /etc/ppp/chap-secrets." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "# This is your /etc/ppp/chap-secrets file." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Look at /etc/ppp/chap-secrets." >> $TMP/txtTEMP$$ + fi + + if [ "$DOMAINNAME" = "unknown.com" ] && [ "$PAP" = "MS-CHAP-80" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "You didn't give a DOMAIN NAME that's why i put unknown.com in" >> /tmp/txtTEMP$$ +-echo "the /etc/ppp/chap-secrets file." >> /tmp/txtTEMP$$ +-echo "You should change that to your service providers domain name." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "You didn't give a DOMAIN NAME that's why i put unknown.com in" >> $TMP/txtTEMP$$ ++echo "the /etc/ppp/chap-secrets file." >> $TMP/txtTEMP$$ ++echo "You should change that to your service providers domain name." >> $TMP/txtTEMP$$ + fi + + if [ "$PAP" = "PAP" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "# This is your /etc/ppp/pap-secrets file." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Look at /etc/ppp/pap-secrets." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "# This is your /etc/ppp/pap-secrets file." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Look at /etc/ppp/pap-secrets." >> $TMP/txtTEMP$$ + fi + + if [ "$PATH1" = "pppd" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "ATENTION: I couldn't find <pppd> on your system." >> /tmp/txtTEMP$$ +-echo "You need <pppd> on your system to make the PPP connection." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "ATENTION: I couldn't find <pppd> on your system." >> $TMP/txtTEMP$$ ++echo "You need <pppd> on your system to make the PPP connection." >> $TMP/txtTEMP$$ + fi + + if [ "$PATH2" = "chat" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "ATENTION: I couldn't find <chat> on your system." >> /tmp/txtTEMP$$ +-echo "You need <chat> on your system to make the PPP connection." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "ATENTION: I couldn't find <chat> on your system." >> $TMP/txtTEMP$$ ++echo "You need <chat> on your system to make the PPP connection." >> $TMP/txtTEMP$$ + fi + + if [ ! "$MSG1" = "YES" ] && [ ! "$MSG2" = "YES" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "ATENTION: I couldn't find 'PPP' in the kernel or as a module." >> /tmp/txtTEMP$$ +-echo "You'll need 'PPP' in the kernel or as a module to make a PPP connection." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "ATENTION: I couldn't find 'PPP' in the kernel or as a module." >> $TMP/txtTEMP$$ ++echo "You'll need 'PPP' in the kernel or as a module to make a PPP connection." >> $TMP/txtTEMP$$ + fi + + if [ "$PPPRC" = "YES" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "ATENTION: I found a $HOME/.ppprc file and moved it to" >> /tmp/txtTEMP$$ +-echo ".ppprc.off, it might interfere with the PPP connection." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "ATENTION: I found a $HOME/.ppprc file and moved it to" >> $TMP/txtTEMP$$ ++echo ".ppprc.off, it might interfere with the PPP connection." >> $TMP/txtTEMP$$ + fi + +-echo >> /tmp/txtTEMP$$ +-echo "Does everything look correct? if not, run 'pppsetup' again..." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "=========================================================================" >> /tmp/txtTEMP$$ +-echo "To connect to your service provider." >> /tmp/txtTEMP$$ +-echo "=========================================================================" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "~# ppp-go <-Make PPP connection.)" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Does everything look correct? if not, run 'pppsetup' again..." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "=========================================================================" >> $TMP/txtTEMP$$ ++echo "To connect to your service provider." >> $TMP/txtTEMP$$ ++echo "=========================================================================" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "~# ppp-go <-Make PPP connection.)" >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ +-echo "You'll hear and see the modem dialing then once connected," >> /tmp/txtTEMP$$ +-echo "logging you in Username: or Login: and Password: etc." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "You won't see a Username or Login: and Password: prompt" >> /tmp/txtTEMP$$ +-echo "if they're using PAP or CHAP to authenticate you." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "If they use PAP or CHAP you'll just see CONNECT -- got it." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "If the connection was successful you'll see the Local IP and" >> /tmp/txtTEMP$$ +-echo "Remote IP address printed to the screen, you can press [Enter]." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "If you run ppp-go in X windows you probably won't see a Local" >> /tmp/txtTEMP$$ +-echo "and Remote IP address printed to the screen, you'll just see" >> /tmp/txtTEMP$$ +-echo "the connection process come to a end, wait a few seconds and" >> /tmp/txtTEMP$$ +-echo "press [Enter] at that point." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "If you don't connect for whatever reason e.g. Failed No" >> /tmp/txtTEMP$$ +-echo "Dialtone, Busy, No Carrier, Whatever, Exit, just press" >> /tmp/txtTEMP$$ +-echo "[Enter] at that point." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "if you have syslogd running, you can see the output messages" >> /tmp/txtTEMP$$ +-echo "from pppd and chat in the /var/log/messages and or debug file." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "Sample /var/log/messages file." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` pppd[562]: Serial connection established." >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` pppd[562]: Using interface ppp0" >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` pppd[562]: Connect: ppp0 <--> /dev/modem" >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` pppd[562]: local IP address 215.87.78.18" >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` pppd[562]: remote IP address 205.94.97.35" >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "You don't have a successful PPP connection until you" >> /tmp/txtTEMP$$ +-echo "receive a local & remote IP address like above." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "If you have the X window system, you could connect in a Xterm." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` # startx" >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` # ppp-go" >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` # netscape mosaic etc." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "You'll hear and see the modem dialing then once connected," >> $TMP/txtTEMP$$ ++echo "logging you in Username: or Login: and Password: etc." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "You won't see a Username or Login: and Password: prompt" >> $TMP/txtTEMP$$ ++echo "if they're using PAP or CHAP to authenticate you." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "If they use PAP or CHAP you'll just see CONNECT -- got it." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "If the connection was successful you'll see the Local IP and" >> $TMP/txtTEMP$$ ++echo "Remote IP address printed to the screen, you can press [Enter]." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "If you run ppp-go in X windows you probably won't see a Local" >> $TMP/txtTEMP$$ ++echo "and Remote IP address printed to the screen, you'll just see" >> $TMP/txtTEMP$$ ++echo "the connection process come to a end, wait a few seconds and" >> $TMP/txtTEMP$$ ++echo "press [Enter] at that point." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "If you don't connect for whatever reason e.g. Failed No" >> $TMP/txtTEMP$$ ++echo "Dialtone, Busy, No Carrier, Whatever, Exit, just press" >> $TMP/txtTEMP$$ ++echo "[Enter] at that point." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "if you have syslogd running, you can see the output messages" >> $TMP/txtTEMP$$ ++echo "from pppd and chat in the /var/log/messages and or debug file." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "Sample /var/log/messages file." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` pppd[562]: Serial connection established." >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` pppd[562]: Using interface ppp0" >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` pppd[562]: Connect: ppp0 <--> /dev/modem" >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` pppd[562]: local IP address 215.87.78.18" >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` pppd[562]: remote IP address 205.94.97.35" >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "You don't have a successful PPP connection until you" >> $TMP/txtTEMP$$ ++echo "receive a local & remote IP address like above." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "If you have the X window system, you could connect in a Xterm." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` # startx" >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` # ppp-go" >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` # netscape mosaic etc." >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ +-echo "~# ppp-off <-To end the ppp connection.)" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "~# ppp-off <-To end the ppp connection.)" >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ +-echo "~# ppp-go -h <-For help.)" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "~# ppp-go -h <-For help.)" >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ +-echo 'There is no support in linux for "WinModems", if you have a' >> /tmp/txtTEMP$$ +-echo "WinModem you will not be able to use it in linux." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "There is support for plug n play modems, if you have a pnp" >> /tmp/txtTEMP$$ +-echo 'modem you may need "isapnptools" to get it recognized.' >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo 'There is no support in linux for "WinModems", if you have a' >> $TMP/txtTEMP$$ ++echo "WinModem you will not be able to use it in linux." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "There is support for plug n play modems, if you have a pnp" >> $TMP/txtTEMP$$ ++echo 'modem you may need "isapnptools" to get it recognized.' >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ +-echo "=========================================================================" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "=========================================================================" >> $TMP/txtTEMP$$ + if [ -s /usr/doc/pppsetup/pppsetup-$VERSION.README ]; then +-echo "#### Look at the /usr/doc/pppsetup/pppsetup-$VERSION.README. ####" >> /tmp/txtTEMP$$ ++echo "#### Look at the /usr/doc/pppsetup/pppsetup-$VERSION.README. ####" >> $TMP/txtTEMP$$ + fi +-echo "#### A copy of this text can be found in: /etc/ppp/pppsetup.txt ####" >> /tmp/txtTEMP$$ +-echo "=========================================================================" >> /tmp/txtTEMP$$ ++echo "#### A copy of this text can be found in: /etc/ppp/pppsetup.txt ####" >> $TMP/txtTEMP$$ ++echo "=========================================================================" >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ +-echo "Done... You can exit now..." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "End..." >> /tmp/txtTEMP$$ +-echo "=========================================================================" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Done... You can exit now..." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "End..." >> $TMP/txtTEMP$$ ++echo "=========================================================================" >> $TMP/txtTEMP$$ + +-dialog --title "DONE" --clear --textbox "/tmp/txtTEMP$$" 22 78 ++dialog --title "DONE" --clear --textbox "$TMP/txtTEMP$$" 22 78 + + clear 2>/dev/null || echo + +-cat /tmp/txtTEMP$$ >> /etc/ppp/pppsetup.txt ++cat $TMP/txtTEMP$$ >> /etc/ppp/pppsetup.txt + chmod 600 /etc/ppp/pppsetup.txt 2>/dev/null + + if [ ! -s /etc/syslog.conf ]; then +@@ -1644,7 +1688,7 @@ + + demand >> /etc/ppp/pppsetup.txt + other >> /etc/ppp/pppsetup.txt +-rm -f /tmp/*TEMP* 2>/dev/null ++rm -f $TMP/*TEMP* 2>/dev/null + + killall -9 syslogd 2>/dev/null + syslogd & 2>/dev/null +@@ -1659,7 +1703,7 @@ + else + demand >> /etc/ppp/pppsetup.txt + other >> /etc/ppp/pppsetup.txt +-rm -f /tmp/*TEMP* 2>/dev/null ++rm -f $TMP/*TEMP* 2>/dev/null + echo + echo "#### A copy of this text can be found in: /etc/ppp/pppsetup.txt ####" + if [ -s /usr/doc/pppsetup/pppsetup-$VERSION.README ]; then diff --git a/patches/source/ppp/radius.msdict b/patches/source/ppp/radius.msdict new file mode 100644 index 00000000..da3a317c --- /dev/null +++ b/patches/source/ppp/radius.msdict @@ -0,0 +1,81 @@ +# +# Microsoft's VSA's, from RFC 2548 +# +# $Id: dictionary.microsoft,v 1.1 2004/11/14 07:26:26 paulus Exp $ +# + +VENDOR Microsoft 311 Microsoft + +ATTRIBUTE MS-CHAP-Response 1 string Microsoft +ATTRIBUTE MS-CHAP-Error 2 string Microsoft +ATTRIBUTE MS-CHAP-CPW-1 3 string Microsoft +ATTRIBUTE MS-CHAP-CPW-2 4 string Microsoft +ATTRIBUTE MS-CHAP-LM-Enc-PW 5 string Microsoft +ATTRIBUTE MS-CHAP-NT-Enc-PW 6 string Microsoft +ATTRIBUTE MS-MPPE-Encryption-Policy 7 string Microsoft +# This is referred to as both singular and plural in the RFC. +# Plural seems to make more sense. +ATTRIBUTE MS-MPPE-Encryption-Type 8 string Microsoft +ATTRIBUTE MS-MPPE-Encryption-Types 8 string Microsoft +ATTRIBUTE MS-RAS-Vendor 9 integer Microsoft +ATTRIBUTE MS-CHAP-Domain 10 string Microsoft +ATTRIBUTE MS-CHAP-Challenge 11 string Microsoft +ATTRIBUTE MS-CHAP-MPPE-Keys 12 string Microsoft +ATTRIBUTE MS-BAP-Usage 13 integer Microsoft +ATTRIBUTE MS-Link-Utilization-Threshold 14 integer Microsoft +ATTRIBUTE MS-Link-Drop-Time-Limit 15 integer Microsoft +ATTRIBUTE MS-MPPE-Send-Key 16 string Microsoft +ATTRIBUTE MS-MPPE-Recv-Key 17 string Microsoft +ATTRIBUTE MS-RAS-Version 18 string Microsoft +ATTRIBUTE MS-Old-ARAP-Password 19 string Microsoft +ATTRIBUTE MS-New-ARAP-Password 20 string Microsoft +ATTRIBUTE MS-ARAP-PW-Change-Reason 21 integer Microsoft + +ATTRIBUTE MS-Filter 22 string Microsoft +ATTRIBUTE MS-Acct-Auth-Type 23 integer Microsoft +ATTRIBUTE MS-Acct-EAP-Type 24 integer Microsoft + +ATTRIBUTE MS-CHAP2-Response 25 string Microsoft +ATTRIBUTE MS-CHAP2-Success 26 string Microsoft +ATTRIBUTE MS-CHAP2-CPW 27 string Microsoft + +ATTRIBUTE MS-Primary-DNS-Server 28 ipaddr Microsoft +ATTRIBUTE MS-Secondary-DNS-Server 29 ipaddr Microsoft +ATTRIBUTE MS-Primary-NBNS-Server 30 ipaddr Microsoft +ATTRIBUTE MS-Secondary-NBNS-Server 31 ipaddr Microsoft + +#ATTRIBUTE MS-ARAP-Challenge 33 string Microsoft + + +# +# Integer Translations +# + +# MS-BAP-Usage Values + +VALUE MS-BAP-Usage Not-Allowed 0 +VALUE MS-BAP-Usage Allowed 1 +VALUE MS-BAP-Usage Required 2 + +# MS-ARAP-Password-Change-Reason Values + +VALUE MS-ARAP-PW-Change-Reason Just-Change-Password 1 +VALUE MS-ARAP-PW-Change-Reason Expired-Password 2 +VALUE MS-ARAP-PW-Change-Reason Admin-Requires-Password-Change 3 +VALUE MS-ARAP-PW-Change-Reason Password-Too-Short 4 + +# MS-Acct-Auth-Type Values + +VALUE MS-Acct-Auth-Type PAP 1 +VALUE MS-Acct-Auth-Type CHAP 2 +VALUE MS-Acct-Auth-Type MS-CHAP-1 3 +VALUE MS-Acct-Auth-Type MS-CHAP-2 4 +VALUE MS-Acct-Auth-Type EAP 5 + +# MS-Acct-EAP-Type Values + +VALUE MS-Acct-EAP-Type MD5 4 +VALUE MS-Acct-EAP-Type OTP 5 +VALUE MS-Acct-EAP-Type Generic-Token-Card 6 +VALUE MS-Acct-EAP-Type TLS 13 + diff --git a/patches/source/ppp/realms b/patches/source/ppp/realms new file mode 100644 index 00000000..34403640 --- /dev/null +++ b/patches/source/ppp/realms @@ -0,0 +1,22 @@ +# /etc/radiusclient/realms +# +# Handle realm @netservers.co.uk on an internal RADIUS server +# (note the server must be told to strip the realm) + +#authserver netservers.co.uk 192.168.1.1:1812 +#acctserver netservers.co.uk 192.168.1.1:1813 + +# users in realm @example.com are handled by separate servers + +#authserver example.com 10.0.0.1:1812 +#acctserver example.com 10.0.0.2:1813 + +# the DEFAULT realm matches users that do not supply a realm + +#authserver DEFAULT 192.168.1.1:1812 +#acctserver DEFAULT 192.168.1.1:1813 + +# Any realms that do not match in the realms file automatically fall +# through to the standard radius plugin which uses the servers in the +# radiusclient.conf file. Note that this is different than the +# DEFAULT realm match, above. diff --git a/patches/source/ppp/servers b/patches/source/ppp/servers new file mode 100644 index 00000000..b061bf93 --- /dev/null +++ b/patches/source/ppp/servers @@ -0,0 +1,4 @@ +#Server Name or Client/Server pair Key +#---------------- --------------- +#portmaster.elemental.net hardlyasecret +#portmaster2.elemental.net donttellanyone diff --git a/patches/source/ppp/slack-desc b/patches/source/ppp/slack-desc new file mode 100644 index 00000000..ddf6f37f --- /dev/null +++ b/patches/source/ppp/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +ppp: ppp (Point-to-Point Protocol) +ppp: +ppp: The Point-to-Point Protocol (PPP) provides a method for transmitting +ppp: data over serial links. It's commonly used for connecting to the +ppp: Internet using a modem. This package includes the PPP daemon (pppd), +ppp: which negotiates with the peer to establish the link and sets up the +ppp: ppp network interface, and pppsetup, an easy-to-use utility for +ppp: setting up your PPP daemon. +ppp: +ppp: +ppp: diff --git a/patches/source/proftpd/doinst.sh b/patches/source/proftpd/doinst.sh new file mode 100644 index 00000000..37fe02dd --- /dev/null +++ b/patches/source/proftpd/doinst.sh @@ -0,0 +1,18 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/ftpusers.new +config etc/proftpd.conf.new + +# Remove any old proftpd files: +rm -f var/run/proftpd/proftpd* + diff --git a/patches/source/proftpd/etc/ftpusers b/patches/source/proftpd/etc/ftpusers new file mode 100644 index 00000000..d08f2a1f --- /dev/null +++ b/patches/source/proftpd/etc/ftpusers @@ -0,0 +1,22 @@ +# +# ftpusers This file describes the names of the users that may +# _*NOT*_ log into the system via the FTP server. +# This usually includes "root", "uucp", "news" and the +# like, because those users have too much power to be +# allowed to do "just" FTP... +# +# +# Version: @(#)/etc/ftpusers 3.00 02/25/2001 volkerdi +# +# Original Author: Fred N. van Kempen, <waltje@uwalt.nl.mugnet.org> +# +# The entire line gets matched, so no comments or extra characters on +# lines containing a username. +# +# To enable anonymous FTP, remove the "ftp" user: +ftp +root +uucp +news + +# End of ftpusers. diff --git a/patches/source/proftpd/etc/proftpd.conf b/patches/source/proftpd/etc/proftpd.conf new file mode 100644 index 00000000..ffb0df3f --- /dev/null +++ b/patches/source/proftpd/etc/proftpd.conf @@ -0,0 +1,74 @@ +# This is a basic ProFTPD configuration file. +# It establishes a single server and a single anonymous login. +# It assumes that you have a user/group "nobody" and "ftp" +# for normal/anonymous operation. + +ServerName "ProFTPD Default Installation" +#ServerType standalone +ServerType inetd +DefaultServer on + +# Port 21 is the standard FTP port. +Port 21 +# Umask 022 is a good standard umask to prevent new dirs and files +# from being group and world writable. +Umask 022 + +# To prevent DoS attacks, set the maximum number of child processes +# to 30. If you need to allow more than 30 concurrent connections +# at once, simply increase this value. Note that this ONLY works +# in standalone mode, in inetd mode you should use an inetd server +# that allows you to limit maximum number of processes per service +# (such as xinetd) +MaxInstances 30 + +# Set the user and group that the server normally runs at. +User nobody +Group nogroup + +# This next option is required for NIS or NIS+ to work properly: +#PersistentPasswd off + +SystemLog /var/log/proftpd.log +TransferLog /var/log/xferlog + +# Normally, we want files to be overwriteable. +<Directory /*> + AllowOverwrite on +</Directory> + +# A basic anonymous FTP server configuration. +# To enable this, remove the user ftp from /etc/ftpusers. +<Anonymous ~ftp> + RequireValidShell off + User ftp + Group ftp + # We want clients to be able to login with "anonymous" as well as "ftp" + UserAlias anonymous ftp + + # Limit the maximum number of anonymous logins + MaxClients 50 + + # We want 'welcome.msg' displayed at login, and '.message' displayed + # in each newly chdired directory. + DisplayLogin welcome.msg + DisplayChdir .message + + # Limit WRITE everywhere in the anonymous chroot + <Limit WRITE> + DenyAll + </Limit> + + # An upload directory that allows storing files but not retrieving + # or creating directories. +# <Directory incoming/*> +# <Limit READ> +# DenyAll +# </Limit> +# +# <Limit STOR> +# AllowAll +# </Limit> +# </Directory> + +</Anonymous> diff --git a/patches/source/proftpd/proftpd.SlackBuild b/patches/source/proftpd/proftpd.SlackBuild new file mode 100755 index 00000000..a88f97e4 --- /dev/null +++ b/patches/source/proftpd/proftpd.SlackBuild @@ -0,0 +1,134 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2015 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=1.3.5e +DIRVER=1.3.5e +BUILD=${BUILD:-1_slack13.1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-proftpd + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf proftpd-$VERSION +tar xvf $CWD/proftpd-$VERSION.tar.?z* || exit 1 +cd proftpd-$DIRVER || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --sysconfdir=/etc \ + --enable-autoshadow \ + --enable-ctrls \ + --enable-ipv6 \ + --localstatedir=/var/run \ + --with-modules=mod_readme:mod_ratio:mod_tls:mod_wrap:mod_ctrls_admin \ + --build=$ARCH-slackware-linux || exit 1 +# This caused funny messages about "Quotas off" with every FTP command, +# and mod_wrap gets a compile error: +# --with-modules= ... mod_quota ... + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# With no library to link against, these are useless: +rm -rf $PKG/usr/include +rm -f $PKG/etc/* +rmdir $PKG/usr/libexec 2> /dev/null + +cat $CWD/etc/proftpd.conf > $PKG/etc/proftpd.conf.new +cat $CWD/etc/ftpusers > $PKG/etc/ftpusers.new +mkdir -p $PKG/home/ftp + +gzip -9 $PKG/usr/man/man?/*.? + +mkdir -p $PKG/usr/doc/proftpd-$VERSION +cp -a COPYING CREDITS INSTALL NEWS README* \ + contrib/README.mod_wrap contrib/README.ratio \ + $PKG/usr/doc/proftpd-$VERSION +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/proftpd-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi +cp -a contrib/README $PKG/usr/doc/proftpd-$VERSION/README.contrib +cp -a doc sample-configurations $PKG/usr/doc/proftpd-$VERSION +# Bloat removal: +( cd $PKG/usr/doc + find . -name "*.sgml" -exec rm {} \; + find . -name "*.pdf" -exec rm {} \; +) +rmdir $PKG/usr/share/locale +rmdir $PKG/usr/share + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/proftpd-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/proftpd/slack-desc b/patches/source/proftpd/slack-desc new file mode 100644 index 00000000..5ed80ca9 --- /dev/null +++ b/patches/source/proftpd/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +proftpd: proftpd (FTP server daemon) +proftpd: +proftpd: ProFTPD is the Professional File Transfer Protocol (FTP) server +proftpd: daemon. ProFTPD grew out of the desire to have a secure and +proftpd: configurable FTP server, and out of a significant admiration of the +proftpd: Apache web server. +proftpd: +proftpd: +proftpd: +proftpd: +proftpd: diff --git a/patches/source/randrproto/arch.use.flags b/patches/source/randrproto/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/randrproto/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/randrproto/build/randrproto b/patches/source/randrproto/build/randrproto new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/randrproto/build/randrproto @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/randrproto/configure/configure b/patches/source/randrproto/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/randrproto/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/randrproto/modularize b/patches/source/randrproto/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/randrproto/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/randrproto/noarch b/patches/source/randrproto/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/randrproto/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/randrproto/package-blacklist b/patches/source/randrproto/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/randrproto/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/randrproto/randrproto.SlackBuild b/patches/source/randrproto/randrproto.SlackBuild new file mode 100755 index 00000000..d9f6c69e --- /dev/null +++ b/patches/source/randrproto/randrproto.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild proto randrproto +mv /tmp/x11-build/randrproto*txz /tmp diff --git a/patches/source/randrproto/slack-desc/randrproto b/patches/source/randrproto/slack-desc/randrproto new file mode 100644 index 00000000..f97ca095 --- /dev/null +++ b/patches/source/randrproto/slack-desc/randrproto @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +randrproto: randrproto (C prototypes for RandR) +randrproto: +randrproto: RandR is the X11 Resize and Rotate Extension +randrproto: +randrproto: +randrproto: +randrproto: +randrproto: +randrproto: +randrproto: +randrproto: diff --git a/patches/source/randrproto/x11.SlackBuild b/patches/source/randrproto/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/randrproto/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/rdesktop/rdesktop.CVE-2011-1595.diff b/patches/source/rdesktop/rdesktop.CVE-2011-1595.diff new file mode 100644 index 00000000..0db8c3bc --- /dev/null +++ b/patches/source/rdesktop/rdesktop.CVE-2011-1595.diff @@ -0,0 +1,22 @@ +--- ./disk.c.orig 2008-02-15 18:13:25.000000000 -0600 ++++ ./disk.c 2011-04-20 20:27:55.978000772 -0500 +@@ -356,6 +356,19 @@ + filename[strlen(filename) - 1] = 0; + sprintf(path, "%s%s", g_rdpdr_device[device_id].local_path, filename); + ++ /* Protect against mailicous servers: ++ somelongpath/.. not allowed ++ somelongpath/../b not allowed ++ somelongpath/..b in principle ok, but currently not allowed ++ somelongpath/b.. ok ++ somelongpath/b..b ok ++ somelongpath/b../c ok ++ */ ++ if (strstr(path, "/..")) ++ { ++ return RD_STATUS_ACCESS_DENIED; ++ } ++ + switch (create_disposition) + { + case CREATE_ALWAYS: diff --git a/patches/source/rdesktop/rdesktop.SlackBuild b/patches/source/rdesktop/rdesktop.SlackBuild new file mode 100755 index 00000000..153bb819 --- /dev/null +++ b/patches/source/rdesktop/rdesktop.SlackBuild @@ -0,0 +1,117 @@ +#!/bin/sh + +# Copyright 2006, 2008, 2009, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=rdesktop +VERSION=${VERSION:-1.6.0} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.bz2 || exit 1 +cd ${PKGNAM}-$VERSION || exit 1 + +zcat $CWD/rdesktop.CVE-2011-1595.diff.gz | patch -p1 --verbose || exit 1 + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Configure: +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-sound=alsa \ + --enable-smartcard \ + --mandir=/usr/man \ + --build=$ARCH-slackware-linux + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a \ + COPYING README \ + doc \ + $PKG/usr/doc/${PKGNAM}-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/rdesktop/slack-desc b/patches/source/rdesktop/slack-desc new file mode 100644 index 00000000..283da1cd --- /dev/null +++ b/patches/source/rdesktop/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +rdesktop: rdesktop (Remote Desktop Protocol client) +rdesktop: +rdesktop: rdesktop is a client for Remote Desktop Protocol (RDP), used in a +rdesktop: number of Microsoft products including Windows NT Terminal Server, +rdesktop: Windows 2000 Server, Windows XP, and Windows 2003 Server. +rdesktop: +rdesktop: For more information, see: http://www.rdesktop.org +rdesktop: +rdesktop: +rdesktop: +rdesktop: diff --git a/patches/source/recordproto/arch.use.flags b/patches/source/recordproto/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/recordproto/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/recordproto/build/recordproto b/patches/source/recordproto/build/recordproto new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/recordproto/build/recordproto @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/recordproto/configure/configure b/patches/source/recordproto/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/recordproto/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/recordproto/modularize b/patches/source/recordproto/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/recordproto/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/recordproto/noarch b/patches/source/recordproto/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/recordproto/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/recordproto/package-blacklist b/patches/source/recordproto/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/recordproto/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/recordproto/recordproto.SlackBuild b/patches/source/recordproto/recordproto.SlackBuild new file mode 100755 index 00000000..84451032 --- /dev/null +++ b/patches/source/recordproto/recordproto.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild proto recordproto +mv /tmp/x11-build/recordproto*txz /tmp diff --git a/patches/source/recordproto/slack-desc/recordproto b/patches/source/recordproto/slack-desc/recordproto new file mode 100644 index 00000000..4fc28e90 --- /dev/null +++ b/patches/source/recordproto/slack-desc/recordproto @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +recordproto: recordproto (C prototypes for X Record Extension) +recordproto: +recordproto: recordproto is part of X11. +recordproto: +recordproto: For more information about the X.Org Foundation (the providers of the +recordproto: X.Org implementation of the X Window System), see their website: +recordproto: +recordproto: http://www.x.org +recordproto: +recordproto: +recordproto: diff --git a/patches/source/recordproto/x11.SlackBuild b/patches/source/recordproto/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/recordproto/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/rsync/rsync.SlackBuild b/patches/source/rsync/rsync.SlackBuild new file mode 100755 index 00000000..16fdd466 --- /dev/null +++ b/patches/source/rsync/rsync.SlackBuild @@ -0,0 +1,110 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2018 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=rsync +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-rsync +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf rsync-$VERSION +tar xvf $CWD/rsync-$VERSION.tar.?z || exit 1 +cd rsync-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit + +mv $PKG/usr/share/man $PKG/usr +rmdir $PKG/usr/share + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1 | grep -v '\.gz$') ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/rsync-$VERSION/popt +cp -a \ + COPYING* INSTALL NEWS README* TODO tech_report.tex \ + support \ + $PKG/usr/doc/rsync-$VERSION +( cd popt + cp -a CHANGES COPYING README README.rsync $PKG/usr/doc/rsync-$VERSION/popt +) + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/rsync-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/rsync/slack-desc b/patches/source/rsync/slack-desc new file mode 100644 index 00000000..7e3b7089 --- /dev/null +++ b/patches/source/rsync/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +rsync: rsync (remote file sync) +rsync: +rsync: rsync is a replacement for rcp that has many more features. It +rsync: uses the "rsync algorithm" which provides a very fast method for +rsync: bringing remote files into sync. It does this by sending just the +rsync: differences in the files across the link, without requiring that both +rsync: sets of files are present at one of the ends of the link beforehand. +rsync: rsync was written by Andrew Tridgell and Paul Mackerras. +rsync: +rsync: Homepage: http://rsync.samba.org +rsync: diff --git a/patches/source/ruby/ruby.SlackBuild b/patches/source/ruby/ruby.SlackBuild new file mode 100755 index 00000000..78ffd772 --- /dev/null +++ b/patches/source/ruby/ruby.SlackBuild @@ -0,0 +1,130 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=ruby +VERSION=$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1,2 -d - | rev) +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-ruby + +if [ "$ARCH" = "i486" ]; then + # -O3 works around a compile failure due to a miniruby segfault + # when trying to build ruby with gcc-4.4 or newer. Evidently + # -O0 also works, but... + # other distributions also use -fno-strict-aliasing which helps stability + SLKCFLAGS="-march=i486 -mtune=i686 -O3 -fno-strict-aliasing" + OPTFLAGS=-O3 + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + # Unknown if s390 is needs -O3. Check to see if it compiles with -O2. + SLKCFLAGS="-O3 -fno-strict-aliasing" + OPTFLAGS=-O3 + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O3 -fPIC -fno-strict-aliasing" + OPTFLAGS=-O3 + LIBDIRSUFFIX="64" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf ruby-$VERSION +tar xvf $CWD/ruby-$VERSION.tar.?z* || exit 1 +cd ruby-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Evidently certain things must be linked static. +# Seems suboptimal to me... + +CFLAGS="$SLKCFLAGS" \ +optflags=$OPTFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --datadir=/usr/share \ + --docdir=/usr/doc/ruby-$VERSION \ + --enable-shared \ + --enable-pthread \ + --disable-install-capi \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +mkdir -p $PKG/usr/doc/ruby-$VERSION +cp -a \ + BSDL COPYING* *GPL* ChangeLog LEGAL NEWS README* ToDo \ + $PKG/usr/doc/ruby-$VERSION + +# The entire ChangeLog is excessive for most users: +cat $PKG/usr/doc/ruby-$VERSION/ChangeLog | head -n 1000 > $PKG/usr/doc/ruby-$VERSION/CL +mv $PKG/usr/doc/ruby-$VERSION/CL $PKG/usr/doc/ruby-$VERSION/ChangeLog + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +find $PKG | xargs file | grep -e "current ar archive" \ + | cut -f 1 -d : | xargs strip --strip-debug 2> /dev/null + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/ruby-$(echo $VERSION | tr - _)-$ARCH-$BUILD.txz + diff --git a/patches/source/ruby/slack-desc b/patches/source/ruby/slack-desc new file mode 100644 index 00000000..13ffd7a3 --- /dev/null +++ b/patches/source/ruby/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +ruby: ruby (Interpreted object-oriented scripting language) +ruby: +ruby: Ruby is an interpreted scripting language for quick and easy +ruby: object-oriented programming. It has many features to process text +ruby: files and to do system management tasks (as in Perl). It is simple, +ruby: straight-forward, and extensible. +ruby: +ruby: Visit the Ruby project online at http://www.ruby-lang.org/ +ruby: +ruby: +ruby: diff --git a/patches/source/rxvt/rxvt-integer-overflow-fix.patch b/patches/source/rxvt/rxvt-integer-overflow-fix.patch new file mode 100644 index 00000000..edb13856 --- /dev/null +++ b/patches/source/rxvt/rxvt-integer-overflow-fix.patch @@ -0,0 +1,11 @@ +--- rxvt-2.7.10/src/command.c 2003-03-26 07:01:23.000000000 +0100 ++++ rxvt-2.7.10-patched/src/command.c 2017-04-27 12:06:05.682072274 +0200 +@@ -2096,7 +2096,7 @@ + i = ch - CSI_ICH; + ndef = get_byte_array_bit(csi_defaults, i); + for (p = 0; p < nargs; p++) +- if (arg[p] == -1) ++ if (arg[p] < 0 || arg[p] > 30000) + arg[p] = ndef; + + #ifdef DEBUG_CMD diff --git a/patches/source/rxvt/rxvt.SlackBuild b/patches/source/rxvt/rxvt.SlackBuild new file mode 100755 index 00000000..5d029e85 --- /dev/null +++ b/patches/source/rxvt/rxvt.SlackBuild @@ -0,0 +1,127 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2012, 2017 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=rxvt +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-5_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i486 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +elif [ "$ARCH" = "armv7hl" ]; then + SLKCFLAGS="-O3 -march=armv7-a -mfpu=vfpv3-d16" +else + SLKCFLAGS="-O2" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-rxvt +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf rxvt-$VERSION +tar xvf $CWD/rxvt-$VERSION.tar.xz || exit 1 +cd rxvt-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/rxvt.utempter.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 + +# Patch for CVE-2017-7483: +zcat $CWD/rxvt-integer-overflow-fix.patch.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --enable-languages \ + --enable-utmp \ + --enable-wtmp \ + --enable-xpm-background \ + --enable-transparency \ + --enable-menubar \ + --enable-graphics \ + --enable-rxvt-scroll \ + --enable-next-scroll \ + --enable-xterm-scroll \ + --enable-xim \ + --enable-frills \ + --enable-linespace \ + --enable-24bit \ + --enable-keepscrolling \ + --enable-mousewheel \ + --enable-slipwheeling \ + --enable-xgetdefault \ + --enable-old-selection \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +rmdir $PKG/usr/lib $PKG/usr/include +rm $PKG/usr/bin/rxvt-$VERSION + +mkdir -p $PKG/usr/doc/rxvt-$VERSION +cp -a \ + rxvt-$VERSION.lsm doc rclock/rclock.html \ + $PKG/usr/doc/rxvt-$VERSION +rm -r $PKG/usr/doc/rxvt-$VERSION/doc/yodl + +gzip -9 $PKG/usr/man/man1/* + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/rxvt-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/rxvt/rxvt.utempter.diff b/patches/source/rxvt/rxvt.utempter.diff new file mode 100644 index 00000000..54e06f7a --- /dev/null +++ b/patches/source/rxvt/rxvt.utempter.diff @@ -0,0 +1,277 @@ +--- ./src/logging.c.orig 2002-12-15 16:33:04.000000000 -0800 ++++ ./src/logging.c 2003-06-07 21:08:52.000000000 -0700 +@@ -60,157 +60,7 @@ + void + rxvt_makeutent(rxvt_t *r, const char *pty, const char *hostname) + { +-#ifdef HAVE_STRUCT_UTMP +- struct utmp *ut = &(r->h->ut); +-#endif +-#ifdef HAVE_STRUCT_UTMPX +- struct utmpx *utx = &(r->h->utx); +-#endif +-#ifdef HAVE_UTMP_PID +- int i; +-#endif +- char ut_id[5]; +- struct passwd *pwent = getpwuid(getuid()); +- +- if (!STRNCMP(pty, "/dev/", 5)) +- pty += 5; /* skip /dev/ prefix */ +- +- if (!STRNCMP(pty, "pty", 3) || !STRNCMP(pty, "tty", 3)) { +- STRNCPY(ut_id, (pty + 3), sizeof(ut_id)); +- } +-#ifdef HAVE_UTMP_PID +- else if (sscanf(pty, "pts/%d", &i) == 1) +- sprintf(ut_id, "vt%02x", (i & 0xff)); /* sysv naming */ +-#endif +- else if (STRNCMP(pty, "pty", 3) && STRNCMP(pty, "tty", 3)) { +- rxvt_print_error("can't parse tty name \"%s\"", pty); +- return; +- } +- +-#ifdef HAVE_STRUCT_UTMP +- MEMSET(ut, 0, sizeof(struct utmp)); +-# ifdef HAVE_UTMP_PID +- setutent(); +- STRNCPY(ut->ut_id, ut_id, sizeof(ut->ut_id)); +- ut->ut_type = DEAD_PROCESS; +- getutid(ut); /* position to entry in utmp file */ +- STRNCPY(r->h->ut_id, ut_id, sizeof(r->h->ut_id)); +-# endif +-#endif +- +-#ifdef HAVE_STRUCT_UTMPX +- MEMSET(utx, 0, sizeof(struct utmpx)); +- setutxent(); +- STRNCPY(utx->ut_id, ut_id, sizeof(utx->ut_id)); +- utx->ut_type = DEAD_PROCESS; +- getutxid(utx); /* position to entry in utmp file */ +- STRNCPY(r->h->ut_id, ut_id, sizeof(r->h->ut_id)); +-#endif +- +-#ifdef HAVE_STRUCT_UTMP +- STRNCPY(ut->ut_line, pty, sizeof(ut->ut_line)); +- ut->ut_time = time(NULL); +-# ifdef HAVE_UTMP_PID +- STRNCPY(ut->ut_user, (pwent && pwent->pw_name) ? pwent->pw_name : "?", +- sizeof(ut->ut_user)); +- STRNCPY(ut->ut_id, ut_id, sizeof(ut->ut_id)); +- ut->ut_time = time(NULL); +- ut->ut_pid = r->h->cmd_pid; +-# ifdef HAVE_UTMP_HOST +- STRNCPY(ut->ut_host, hostname, sizeof(ut->ut_host)); +-# endif +- ut->ut_type = USER_PROCESS; +- pututline(ut); +- endutent(); /* close the file */ +- r->h->utmp_pos = -1; +-# else +- STRNCPY(ut->ut_name, (pwent && pwent->pw_name) ? pwent->pw_name : "?", +- sizeof(ut->ut_name)); +-# ifdef HAVE_UTMP_HOST +- STRNCPY(ut->ut_host, hostname, sizeof(ut->ut_host)); +-# endif +-# endif +-#endif +- +-#ifdef HAVE_STRUCT_UTMPX +- STRNCPY(utx->ut_line, pty, sizeof(utx->ut_line)); +- STRNCPY(utx->ut_user, (pwent && pwent->pw_name) ? pwent->pw_name : "?", +- sizeof(utx->ut_user)); +- STRNCPY(utx->ut_id, ut_id, sizeof(utx->ut_id)); +- utx->ut_session = getsid(0); +- utx->ut_tv.tv_sec = time(NULL); +- utx->ut_tv.tv_usec = 0; +- utx->ut_pid = r->h->cmd_pid; +-# ifdef HAVE_UTMPX_HOST +- STRNCPY(utx->ut_host, hostname, sizeof(utx->ut_host)); +-# if 0 +- { +- char *colon; +- +- if ((colon = STRRCHR(ut->ut_host, ':')) != NULL) +- *colon = '\0'; +- } +-# endif +-# endif +- utx->ut_type = USER_PROCESS; +- pututxline(utx); +- endutxent(); /* close the file */ +- r->h->utmp_pos = -1; +-#endif +- +-#if defined(HAVE_STRUCT_UTMP) && !defined(HAVE_UTMP_PID) +- { +- int i; +-# ifdef HAVE_TTYSLOT +- i = ttyslot(); +- if (rxvt_write_bsd_utmp(i, ut)) +- r->h->utmp_pos = i; +-# else +- FILE *fd0; +- +- if ((fd0 = fopen(TTYTAB_FILENAME, "r")) != NULL) { +- char buf[256], name[256]; +- +- buf[sizeof(buf) - 1] = '\0'; +- for (i = 1; (fgets(buf, sizeof(buf) - 1, fd0) != NULL);) { +- if (*buf == '#' || sscanf(buf, "%s", name) != 1) +- continue; +- if (!STRCMP(ut->ut_line, name)) { +- if (!rxvt_write_bsd_utmp(i, ut)) +- i = 0; +- r->h->utmp_pos = i; +- fclose(fd0); +- break; +- } +- i++; +- } +- fclose(fd0); +- } +-# endif +- } +-#endif +- +-#ifdef WTMP_SUPPORT +-# ifdef WTMP_ONLY_ON_LOGIN +- if (r->Options & Opt_loginShell) +-# endif +- { +-# ifdef HAVE_STRUCT_UTMP +-# ifdef HAVE_UPDWTMP +- updwtmp(RXVT_WTMP_FILE, ut); +-# else +- rxvt_update_wtmp(RXVT_WTMP_FILE, ut); +-# endif +-# endif +-# ifdef HAVE_STRUCT_UTMPX +- updwtmpx(RXVT_WTMPX_FILE, utx); +-# endif +- } +-#endif +-#if defined(LASTLOG_SUPPORT) && defined(RXVT_LASTLOG_FILE) +- if (r->Options & Opt_loginShell) +- rxvt_update_lastlog(RXVT_LASTLOG_FILE, pty, hostname); +-#endif ++ addToUtmp(pty, NULL, r->cmd_fd); + } + + /* ------------------------------------------------------------------------- */ +@@ -221,85 +71,7 @@ + void + rxvt_cleanutent(rxvt_t *r) + { +-#ifdef HAVE_STRUCT_UTMP +- struct utmp *tmput, *ut = &(r->h->ut); +-#endif +-#ifdef HAVE_STRUCT_UTMPX +- struct utmpx *tmputx, *utx = &(r->h->utx); +-#endif +- +-#ifdef HAVE_STRUCT_UTMP +-# ifdef HAVE_UTMP_PID +- MEMSET(ut, 0, sizeof(struct utmp)); +- setutent(); +- STRNCPY(ut->ut_id, r->h->ut_id, sizeof(ut->ut_id)); +- ut->ut_type = USER_PROCESS; +- if ((tmput = getutid(ut))) /* position to entry in utmp file */ +- ut = tmput; +- ut->ut_type = DEAD_PROCESS; +-# else +- MEMSET(ut->ut_name, 0, sizeof(ut->ut_name)); +-# ifdef HAVE_UTMP_HOST +- MEMSET(ut->ut_host, 0, sizeof(ut->ut_host)); +-# endif +-# endif +- ut->ut_time = time(NULL); +-#endif +- +-#ifdef HAVE_STRUCT_UTMPX +- MEMSET(utx, 0, sizeof(struct utmpx)); +- setutxent(); +- STRNCPY(utx->ut_id, r->h->ut_id, sizeof(utx->ut_id)); +- utx->ut_type = USER_PROCESS; +- if ((tmputx = getutxid(utx))) /* position to entry in utmp file */ +- utx = tmputx; +- utx->ut_type = DEAD_PROCESS; +- utx->ut_session = getsid(0); +- utx->ut_tv.tv_sec = time(NULL); +- utx->ut_tv.tv_usec = 0; +-#endif +- +- /* +- * Write ending wtmp entry +- */ +-#ifdef WTMP_SUPPORT +-# ifdef WTMP_ONLY_ON_LOGIN +- if (r->Options & Opt_loginShell) +-# endif +- { +-# ifdef HAVE_STRUCT_UTMP +-# ifdef HAVE_UPDWTMP +- updwtmp(RXVT_WTMP_FILE, ut); +-# else +- rxvt_update_wtmp(RXVT_WTMP_FILE, ut); +-# endif +-# endif +-# ifdef HAVE_STRUCT_UTMPX +- updwtmpx(RXVT_WTMPX_FILE, utx); +-# endif +- } +-#endif +- +- /* +- * Write utmp entry +- */ +-#ifdef HAVE_STRUCT_UTMP +-# ifdef HAVE_UTMP_PID +- if (ut->ut_pid == r->h->cmd_pid) +- pututline(ut); +- endutent(); +-# else +- if (r->h->utmp_pos > 0) { +- MEMSET(ut, 0, sizeof(struct utmp)); +- rxvt_write_bsd_utmp(r->h->utmp_pos, ut); +- } +-# endif +-#endif +-#ifdef HAVE_STRUCT_UTMPX +- if (utx->ut_pid == r->h->cmd_pid) +- pututxline(utx); +- endutxent(); +-#endif ++ removeFromUtmp(); + } + + /* ------------------------------------------------------------------------- */ +--- ./src/init.c.orig 2002-12-03 21:21:39.000000000 -0800 ++++ ./src/init.c 2003-06-07 21:09:26.000000000 -0700 +@@ -858,6 +858,7 @@ + rxvt_print_error("aborting"); + exit(EXIT_FAILURE); + } ++ rxvt_privileged_utmp(r, SAVE); + } + + /*----------------------------------------------------------------------*/ +@@ -1364,7 +1365,6 @@ + #endif + r->num_fds++; /* counts from 0 */ + +- rxvt_privileged_utmp(r, SAVE); + return cfd; + } + +--- ./autoconf/Make.common.in.orig 2001-11-29 19:22:56.000000000 -0800 ++++ ./autoconf/Make.common.in 2003-06-07 21:08:52.000000000 -0700 +@@ -68,7 +68,7 @@ + + LIBTOOL = @LIBTOOL@ + COMPILE = $(CC) $(DEFS) $(INCLUDES) $(CPPFLAGS) $(CFLAGS) $(DEBUG) $(DINCLUDE) $(XINC) -I$(basedir) -I$(srcdir) -I. +-LINK = $(CC) $(CFLAGS) $(LDFLAGS) ++LINK = $(CC) $(CFLAGS) $(LDFLAGS) -lutempter -lutil + + # End of common section of the Makefile + #------------------------------------------------------------------------- diff --git a/patches/source/rxvt/slack-desc b/patches/source/rxvt/slack-desc new file mode 100644 index 00000000..5f278d61 --- /dev/null +++ b/patches/source/rxvt/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +rxvt: rxvt (terminal emulator) +rxvt: +rxvt: rxvt is a color vt102 terminal emulator intended as an xterm +rxvt: replacement for users who do not require features such as Tektronix +rxvt: 4014 emulation and toolkit-style configurability. As a result, rxvt +rxvt: uses much less memory -- a significant advantage on a machine serving +rxvt: many X sessions. Also included is rclock, an analog clock for X. +rxvt: +rxvt: +rxvt: +rxvt: diff --git a/patches/source/samba/doinst.sh b/patches/source/samba/doinst.sh new file mode 100644 index 00000000..c7b358ed --- /dev/null +++ b/patches/source/samba/doinst.sh @@ -0,0 +1,16 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/rc.d/rc.samba.new +# This won't be needed. The point here is to preserve the permissions of the existing +# file, if there is one. I don't see major new development happening in rc.samba... ;-) +rm -f etc/rc.d/rc.samba.new diff --git a/patches/source/samba/prune-samba.sh b/patches/source/samba/prune-samba.sh new file mode 100755 index 00000000..a6106df3 --- /dev/null +++ b/patches/source/samba/prune-samba.sh @@ -0,0 +1,33 @@ +#!/bin/sh + +# Copyright 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# Pare down the Samba sources to just Samba3 for now, and drop redundant docs. +# This script expects the samba sources to be unpacked in the current +# directory. It will then "pare" them. You'll be expected to repack them +# afterwards. + +cd samba-?.?.? || cd samba-?.?.?? || exit 1 + +rm --verbose WHATSNEW4.txt howto-ol-backend-s4.txt howto4.txt prog_guide4.txt +rm -r --verbose docs-xml packaging4 source4 swat2* +rm --verbose docs/*.pdf + diff --git a/patches/source/samba/rc.samba b/patches/source/samba/rc.samba new file mode 100644 index 00000000..2a28f3e5 --- /dev/null +++ b/patches/source/samba/rc.samba @@ -0,0 +1,45 @@ +#!/bin/sh +# +# /etc/rc.d/rc.samba +# +# Start/stop/restart the Samba SMB file/print server. +# +# To make Samba start automatically at boot, make this +# file executable: chmod 755 /etc/rc.d/rc.samba +# + +samba_start() { + if [ -x /usr/sbin/smbd -a -x /usr/sbin/nmbd -a -r /etc/samba/smb.conf ]; then + echo "Starting Samba: /usr/sbin/smbd -D" + /usr/sbin/smbd -D + echo " /usr/sbin/nmbd -D" + /usr/sbin/nmbd -D + fi +} + +samba_stop() { + killall smbd nmbd +} + +samba_restart() { + samba_stop + sleep 2 + samba_start +} + +case "$1" in +'start') + samba_start + ;; +'stop') + samba_stop + ;; +'restart') + samba_restart + ;; +*) + # Default is "start", for backwards compatibility with previous + # Slackware versions. This may change to a 'usage' error someday. + samba_start +esac + diff --git a/patches/source/samba/samba-4.6.3-4.5.9-4.4.13-CVE-2017-7494.patch b/patches/source/samba/samba-4.6.3-4.5.9-4.4.13-CVE-2017-7494.patch new file mode 100644 index 00000000..34b44373 --- /dev/null +++ b/patches/source/samba/samba-4.6.3-4.5.9-4.4.13-CVE-2017-7494.patch @@ -0,0 +1,34 @@ +From d2bc9f3afe23ee04d237ae9f4511fbe59a27ff54 Mon Sep 17 00:00:00 2001 +From: Volker Lendecke <vl@samba.org> +Date: Mon, 8 May 2017 21:40:40 +0200 +Subject: [PATCH] CVE-2017-7494: rpc_server3: Refuse to open pipe names with / + inside + +Bug: https://bugzilla.samba.org/show_bug.cgi?id=12780 + +Signed-off-by: Volker Lendecke <vl@samba.org> +Reviewed-by: Jeremy Allison <jra@samba.org> +Reviewed-by: Stefan Metzmacher <metze@samba.org> +--- + source3/rpc_server/srv_pipe.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c +index 0633b5f..c3f0cd8 100644 +--- a/source3/rpc_server/srv_pipe.c ++++ b/source3/rpc_server/srv_pipe.c +@@ -475,6 +475,11 @@ bool is_known_pipename(const char *pipename, struct ndr_syntax_id *syntax) + { + NTSTATUS status; + ++ if (strchr(pipename, '/')) { ++ DEBUG(1, ("Refusing open on pipe %s\n", pipename)); ++ return false; ++ } ++ + if (lp_disable_spoolss() && strequal(pipename, "spoolss")) { + DEBUG(10, ("refusing spoolss access\n")); + return false; +-- +1.9.1 + diff --git a/patches/source/samba/samba.SlackBuild b/patches/source/samba/samba.SlackBuild new file mode 100755 index 00000000..8963db9a --- /dev/null +++ b/patches/source/samba/samba.SlackBuild @@ -0,0 +1,233 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo samba-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-samba +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf samba-$VERSION +tar xvf $CWD/samba-$VERSION.tar.xz || exit 1 +cd samba-$VERSION || exit 1 + +if [ ! -d source3/lib/cmdline ]; then + ( cd source3/lib + mkdir cmdline + cd cmdline + ln -sf ../../../source3/include/popt_common.h . ) +fi + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Patch CVE-2017-7494: +cat $CWD/samba-4.6.3-4.5.9-4.4.13-CVE-2017-7494.patch | patch -p1 --verbose || exit 1 + +cd source3 +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +# Some of these options could be auto-detected, but declaring them +# here doesn't hurt and helps document what features we're trying to +# build in. +# +# LDFLAGS are needed to avoid problems with missing symbols. +LDFLAGS="-Wl,--no-as-needed" \ +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --bindir=/usr/bin \ + --sbindir=/usr/sbin \ + --mandir=/usr/man \ + --sysconfdir=/etc \ + --with-configdir=/etc/samba \ + --with-piddir=/var/run \ + --with-privatedir=/etc/samba/private \ + --localstatedir=/var \ + --with-lockdir=/var/cache/samba \ + --with-swatdir=/usr/share/swat \ + --with-logfilebase=/var/log/samba \ + --enable-cups \ + --enable-external-libtalloc=no \ + --enable-static=no \ + --enable-shared=yes \ + --with-acl-support=yes \ + --with-automount \ + --with-cifsmount \ + --with-cifsumount \ + --with-quotas \ + --with-syslog \ + --with-utmp \ + --with-libsmbclient \ + --with-winbind \ + --with-ldap \ + --build=$ARCH-slackware-linux + # Using with-fhs overrides our libdir, and besides we are already hard-coding + # directories. So, now we define them all explicitly... + #--with-fhs \ + +# -j options don't seem to work... +make || exit 1 + +mkdir -p \ + $PKG/usr/doc/samba-$VERSION \ + $PKG/var/spool/samba \ + $PKG/var/log/samba \ + $PKG/etc/samba/private \ + $PKG/var/cache/samba +chmod 700 $PKG/etc/samba/private +chmod 1777 $PKG/var/spool/samba + +make install-everything DESTDIR=$PKG || exit 1 + +# Install libnss_win* libraries: +mkdir -p $PKG/lib${LIBDIRSUFFIX} +cp -a ../nsswitch/libnss_winbind.so $PKG/lib${LIBDIRSUFFIX}/libnss_winbind.so.2 +cp -a ../nsswitch/libnss_wins.so $PKG/lib${LIBDIRSUFFIX}/libnss_wins.so.2 +( cd $PKG/lib${LIBDIRSUFFIX} + ln -sf libnss_winbind.so.2 libnss_winbind.so + ln -sf libnss_wins.so.2 libnss_wins.so +) + +# Install a pkgconfig file for libtalloc: +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig +if [ ! -r $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/talloc.pc ]; then + cat $CWD/talloc.pc | sed -e "s/\/lib/\/lib${LIBDIRSUFFIX}/" > $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/talloc.pc +fi + +## Make sure that other programs can link against libsmbclient: +#( cd $PKG/usr/lib${LIBDIRSUFFIX} +# for FILE in samba/libsmbclient.so* ; do +# ln -sf $FILE +# done +#) + +# Add some (u)mount links: +mkdir -p $PKG/sbin +( cd $PKG/sbin + # SMBFS is obsolete in the kernel now -- use mount.cifs + #rm -f mount.smbfs ; ln -sf /usr/bin/smbmount mount.smbfs + # Add a wrapper script from Debian that's included in the upstream Samba + # sources to help out people (like me ;-) who don't read every speck of + # documentation: + cat $TMP/samba-$VERSION/examples/scripts/mount/mount.smbfs > mount.smbfs + chmod 755 $PKG/sbin/mount.smbfs + # I suppose this wouldn't be the worst idea in the world, either: + ( cd $PKG/usr/bin ; ln -sf /sbin/mount.smbfs smbmount ) + rm -f mount.cifs ; ln -sf /usr/sbin/mount.cifs mount.cifs + # smbumount was giving me problems so it seems wise to play it safe + #rm -f umount.smbfs ; ln -sf /usr/bin/smbumount umount.smbfs + #rm -f umount.cifs ; ln -sf /usr/sbin/umount.cifs umount.cifs +) + +# Add a sample config file: +cat $CWD/smb.conf.default > $PKG/etc/samba/smb.conf-sample + +if [ ! -r $PKG/usr/bin/smbget ]; then + rm -f $PKG/usr/share/man/man1/smbget.1 + rm -f $PKG/usr/share/swat/help/smbget.1.html +fi + +# We'll add rc.samba to the init directory, but chmod 644 so that it doesn't +# start by default: +mkdir -p $PKG/etc/rc.d +cat $CWD/rc.samba > $PKG/etc/rc.d/rc.samba.new +chmod 644 $PKG/etc/rc.d/rc.samba.new + +mv $PKG/usr/share/man $PKG/usr +gzip -9 $PKG/usr/man/man?/*.? + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# PAM related stuff we don't use: +rm -r $PKG/usr/share/locale +rm -f $PKG/usr/man/man8/pam* + +cd .. +cp -a \ + COPYING* MAINTAINERS Manifest PFIF.txt README* \ + Read-Manifest-Now Roadmap WHATSNEW.txt docs examples \ + $PKG/usr/doc/samba-$VERSION +# These are installed elsewhere: +rm -rf $PKG/usr/doc/samba-$VERSION/docs/htmldocs \ + $PKG/usr/doc/samba-$VERSION/docs/manpages +mkdir -p $PKG/usr/doc/samba-$VERSION/docs +( cd $PKG/usr/doc/samba-$VERSION/docs + ln -sf /usr/share/swat/help htmldocs +) +# I'm sorry, but when all this info is included in HTML, adding 7MB worth of +# PDF files just to have extra artwork is more fluff than I'll agree to. +rm -f $PKG/usr/doc/samba-$VERSION/docs/*.pdf +# Also redundant also: +rm -rf $PKG/usr/doc/samba-$VERSION/docs/docbook + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cat << EOF + +*** Be sure the package contains: + +drwx------ 2 root root 1024 Mar 12 13:21 /etc/samba/private +drwxr-xr-x 2 root root 4096 May 3 15:46 /var/cache/samba/ +drwxr-xr-x 2 root root 48 Aug 29 13:06 /var/log/samba/ +drwxrwxrwt 2 root root 1024 Mar 12 13:21 /var/spool/samba/ + +EOF + +cd $PKG +/sbin/makepkg -l y -c n $TMP/samba-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/samba/slack-desc b/patches/source/samba/slack-desc new file mode 100644 index 00000000..c06b485d --- /dev/null +++ b/patches/source/samba/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +samba: samba (SMB/CIFS file and print server) +samba: +samba: Samba is an SMB/CIFS file and print server for SMB and CIFS clients. +samba: It allows you to make file space or printers on a Samba host +samba: available to SMB/CIFS clients (such as PCs running Windows). +samba: +samba: If you have any Windows file servers, you may be able to replace them +samba: or supplement them with Samba. One of Samba's big strengths is +samba: integration, so you can use it to tie together your Linux hosts and +samba: Windows PC clients. +samba: diff --git a/patches/source/samba/smb.conf.default b/patches/source/samba/smb.conf.default new file mode 100644 index 00000000..44ba134f --- /dev/null +++ b/patches/source/samba/smb.conf.default @@ -0,0 +1,271 @@ +# This is the main Samba configuration file. You should read the +# smb.conf(5) manual page in order to understand the options listed +# here. Samba has a huge number of configurable options (perhaps too +# many!) most of which are not shown in this example +# +# For a step to step guide on installing, configuring and using samba, +# read the Samba-HOWTO-Collection. This may be obtained from: +# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf +# +# Many working examples of smb.conf files can be found in the +# Samba-Guide which is generated daily and can be downloaded from: +# http://www.samba.org/samba/docs/Samba-Guide.pdf +# +# Any line which starts with a ; (semi-colon) or a # (hash) +# is a comment and is ignored. In this example we will use a # +# for commentry and a ; for parts of the config file that you +# may wish to enable +# +# NOTE: Whenever you modify this file you should run the command "testparm" +# to check that you have not made any basic syntactic errors. +# +#======================= Global Settings ===================================== +[global] + +# workgroup = NT-Domain-Name or Workgroup-Name, eg: LINUX2 + workgroup = MYGROUP + +# server string is the equivalent of the NT Description field + server string = Samba Server + +# Security mode. Defines in which mode Samba will operate. Possible +# values are share, user, server, domain and ads. Most people will want +# user level security. See the Samba-HOWTO-Collection for details. + security = user + +# This option is important for security. It allows you to restrict +# connections to machines which are on your local network. The +# following example restricts access to two C class networks and +# the "loopback" interface. For more examples of the syntax see +# the smb.conf man page +; hosts allow = 192.168.1. 192.168.2. 127. + +# If you want to automatically load your printer list rather +# than setting them up individually then you'll need this + load printers = yes + +# you may wish to override the location of the printcap file +; printcap name = /etc/printcap + +# on SystemV system setting printcap name to lpstat should allow +# you to automatically obtain a printer list from the SystemV spool +# system +; printcap name = lpstat + +# It should not be necessary to specify the print system type unless +# it is non-standard. Currently supported print systems include: +# bsd, cups, sysv, plp, lprng, aix, hpux, qnx +; printing = cups + +# Uncomment this if you want a guest account, you must add this to /etc/passwd +# otherwise the user "nobody" is used +; guest account = pcguest + +# this tells Samba to use a separate log file for each machine +# that connects + log file = /var/log/samba.%m + +# Put a capping on the size of the log files (in Kb). + max log size = 50 + +# Use password server option only with security = server +# The argument list may include: +# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] +# or to auto-locate the domain controller/s +# password server = * +; password server = <NT-Server-Name> + +# Use the realm option only with security = ads +# Specifies the Active Directory realm the host is part of +; realm = MY_REALM + +# Backend to store user information in. New installations should +# use either tdbsam or ldapsam. smbpasswd is available for backwards +# compatibility. tdbsam requires no further configuration. +; passdb backend = tdbsam + +# Using the following line enables you to customise your configuration +# on a per machine basis. The %m gets replaced with the netbios name +# of the machine that is connecting. +# Note: Consider carefully the location in the configuration file of +# this line. The included file is read at that point. +; include = /usr/local/samba/lib/smb.conf.%m + +# Configure Samba to use multiple interfaces +# If you have multiple network interfaces then you must list them +# here. See the man page for details. +; interfaces = 192.168.12.2/24 192.168.13.2/24 + +# Browser Control Options: +# set local master to no if you don't want Samba to become a master +# browser on your network. Otherwise the normal election rules apply +; local master = no + +# OS Level determines the precedence of this server in master browser +# elections. The default value should be reasonable +; os level = 33 + +# Domain Master specifies Samba to be the Domain Master Browser. This +# allows Samba to collate browse lists between subnets. Don't use this +# if you already have a Windows NT domain controller doing this job +; domain master = yes + +# Preferred Master causes Samba to force a local browser election on startup +# and gives it a slightly higher chance of winning the election +; preferred master = yes + +# Enable this if you want Samba to be a domain logon server for +# Windows95 workstations. +; domain logons = yes + +# if you enable domain logons then you may want a per-machine or +# per user logon script +# run a specific logon batch file per workstation (machine) +; logon script = %m.bat +# run a specific logon batch file per username +; logon script = %U.bat + +# Where to store roving profiles (only for Win95 and WinNT) +# %L substitutes for this servers netbios name, %U is username +# You must uncomment the [Profiles] share below +; logon path = \\%L\Profiles\%U + +# Windows Internet Name Serving Support Section: +# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server +; wins support = yes + +# WINS Server - Tells the NMBD components of Samba to be a WINS Client +# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both +; wins server = w.x.y.z + +# WINS Proxy - Tells Samba to answer name resolution queries on +# behalf of a non WINS capable client, for this to work there must be +# at least one WINS Server on the network. The default is NO. +; wins proxy = yes + +# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names +# via DNS nslookups. The default is NO. + dns proxy = no + +# These scripts are used on a domain controller or stand-alone +# machine to add or delete corresponding unix accounts +; add user script = /usr/sbin/useradd %u +; add group script = /usr/sbin/groupadd %g +; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u +; delete user script = /usr/sbin/userdel %u +; delete user from group script = /usr/sbin/deluser %u %g +; delete group script = /usr/sbin/groupdel %g + + +#============================ Share Definitions ============================== +[homes] + comment = Home Directories + browseable = no + writable = yes + +# Un-comment the following and create the netlogon directory for Domain Logons +; [netlogon] +; comment = Network Logon Service +; path = /usr/local/samba/lib/netlogon +; guest ok = yes +; writable = no +; share modes = no + + +# Un-comment the following to provide a specific roving profile share +# the default is to use the user's home directory +;[Profiles] +; path = /usr/local/samba/profiles +; browseable = no +; guest ok = yes + + +# NOTE: If you have a BSD-style print system there is no need to +# specifically define each individual printer +[printers] + comment = All Printers + path = /var/spool/samba + browseable = no +# Set public = yes to allow user 'guest account' to print + guest ok = no + writable = no + printable = yes + +# This one is useful for people to share files +;[tmp] +; comment = Temporary file space +; path = /tmp +; read only = no +; public = yes + +# A publicly accessible directory, but read only, except for people in +# the "staff" group +;[public] +; comment = Public Stuff +; path = /home/samba +; public = yes +; writable = no +; printable = no +; write list = @staff + +# Other examples. +# +# A private printer, usable only by fred. Spool data will be placed in fred's +# home directory. Note that fred must have write access to the spool directory, +# wherever it is. +;[fredsprn] +; comment = Fred's Printer +; valid users = fred +; path = /homes/fred +; printer = freds_printer +; public = no +; writable = no +; printable = yes + +# A private directory, usable only by fred. Note that fred requires write +# access to the directory. +;[fredsdir] +; comment = Fred's Service +; path = /usr/somewhere/private +; valid users = fred +; public = no +; writable = yes +; printable = no + +# a service which has a different directory for each machine that connects +# this allows you to tailor configurations to incoming machines. You could +# also use the %U option to tailor it by user name. +# The %m gets replaced with the machine name that is connecting. +;[pchome] +; comment = PC Directories +; path = /usr/pc/%m +; public = no +; writable = yes + +# A publicly accessible directory, read/write to all users. Note that all files +# created in the directory by users will be owned by the default user, so +# any user with access can delete any other user's files. Obviously this +# directory must be writable by the default user. Another user could of course +# be specified, in which case all files would be owned by that user instead. +;[public] +; path = /usr/somewhere/else/public +; public = yes +; only guest = yes +; writable = yes +; printable = no + +# The following two entries demonstrate how to share a directory so that two +# users can place files there that will be owned by the specific users. In this +# setup, the directory should be writable by both users and should have the +# sticky bit set on it to prevent abuse. Obviously this could be extended to +# as many users as required. +;[myshare] +; comment = Mary's and Fred's stuff +; path = /usr/somewhere/shared +; valid users = mary fred +; public = no +; writable = yes +; printable = no +; create mask = 0765 + + diff --git a/patches/source/samba/smb.conf.default.orig b/patches/source/samba/smb.conf.default.orig new file mode 100644 index 00000000..b4e3d63e --- /dev/null +++ b/patches/source/samba/smb.conf.default.orig @@ -0,0 +1,271 @@ +# This is the main Samba configuration file. You should read the +# smb.conf(5) manual page in order to understand the options listed +# here. Samba has a huge number of configurable options (perhaps too +# many!) most of which are not shown in this example +# +# For a step to step guide on installing, configuring and using samba, +# read the Samba-HOWTO-Collection. This may be obtained from: +# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf +# +# Many working examples of smb.conf files can be found in the +# Samba-Guide which is generated daily and can be downloaded from: +# http://www.samba.org/samba/docs/Samba-Guide.pdf +# +# Any line which starts with a ; (semi-colon) or a # (hash) +# is a comment and is ignored. In this example we will use a # +# for commentry and a ; for parts of the config file that you +# may wish to enable +# +# NOTE: Whenever you modify this file you should run the command "testparm" +# to check that you have not made any basic syntactic errors. +# +#======================= Global Settings ===================================== +[global] + +# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH + workgroup = MYGROUP + +# server string is the equivalent of the NT Description field + server string = Samba Server + +# Security mode. Defines in which mode Samba will operate. Possible +# values are share, user, server, domain and ads. Most people will want +# user level security. See the Samba-HOWTO-Collection for details. + security = user + +# This option is important for security. It allows you to restrict +# connections to machines which are on your local network. The +# following example restricts access to two C class networks and +# the "loopback" interface. For more examples of the syntax see +# the smb.conf man page +; hosts allow = 192.168.1. 192.168.2. 127. + +# If you want to automatically load your printer list rather +# than setting them up individually then you'll need this + load printers = yes + +# you may wish to override the location of the printcap file +; printcap name = /etc/printcap + +# on SystemV system setting printcap name to lpstat should allow +# you to automatically obtain a printer list from the SystemV spool +# system +; printcap name = lpstat + +# It should not be necessary to specify the print system type unless +# it is non-standard. Currently supported print systems include: +# bsd, cups, sysv, plp, lprng, aix, hpux, qnx +; printing = cups + +# Uncomment this if you want a guest account, you must add this to /etc/passwd +# otherwise the user "nobody" is used +; guest account = pcguest + +# this tells Samba to use a separate log file for each machine +# that connects + log file = /usr/local/samba/var/log.%m + +# Put a capping on the size of the log files (in Kb). + max log size = 50 + +# Use password server option only with security = server +# The argument list may include: +# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] +# or to auto-locate the domain controller/s +# password server = * +; password server = <NT-Server-Name> + +# Use the realm option only with security = ads +# Specifies the Active Directory realm the host is part of +; realm = MY_REALM + +# Backend to store user information in. New installations should +# use either tdbsam or ldapsam. smbpasswd is available for backwards +# compatibility. tdbsam requires no further configuration. +; passdb backend = tdbsam + +# Using the following line enables you to customise your configuration +# on a per machine basis. The %m gets replaced with the netbios name +# of the machine that is connecting. +# Note: Consider carefully the location in the configuration file of +# this line. The included file is read at that point. +; include = /usr/local/samba/lib/smb.conf.%m + +# Configure Samba to use multiple interfaces +# If you have multiple network interfaces then you must list them +# here. See the man page for details. +; interfaces = 192.168.12.2/24 192.168.13.2/24 + +# Browser Control Options: +# set local master to no if you don't want Samba to become a master +# browser on your network. Otherwise the normal election rules apply +; local master = no + +# OS Level determines the precedence of this server in master browser +# elections. The default value should be reasonable +; os level = 33 + +# Domain Master specifies Samba to be the Domain Master Browser. This +# allows Samba to collate browse lists between subnets. Don't use this +# if you already have a Windows NT domain controller doing this job +; domain master = yes + +# Preferred Master causes Samba to force a local browser election on startup +# and gives it a slightly higher chance of winning the election +; preferred master = yes + +# Enable this if you want Samba to be a domain logon server for +# Windows95 workstations. +; domain logons = yes + +# if you enable domain logons then you may want a per-machine or +# per user logon script +# run a specific logon batch file per workstation (machine) +; logon script = %m.bat +# run a specific logon batch file per username +; logon script = %U.bat + +# Where to store roving profiles (only for Win95 and WinNT) +# %L substitutes for this servers netbios name, %U is username +# You must uncomment the [Profiles] share below +; logon path = \\%L\Profiles\%U + +# Windows Internet Name Serving Support Section: +# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server +; wins support = yes + +# WINS Server - Tells the NMBD components of Samba to be a WINS Client +# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both +; wins server = w.x.y.z + +# WINS Proxy - Tells Samba to answer name resolution queries on +# behalf of a non WINS capable client, for this to work there must be +# at least one WINS Server on the network. The default is NO. +; wins proxy = yes + +# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names +# via DNS nslookups. The default is NO. + dns proxy = no + +# These scripts are used on a domain controller or stand-alone +# machine to add or delete corresponding unix accounts +; add user script = /usr/sbin/useradd %u +; add group script = /usr/sbin/groupadd %g +; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u +; delete user script = /usr/sbin/userdel %u +; delete user from group script = /usr/sbin/deluser %u %g +; delete group script = /usr/sbin/groupdel %g + + +#============================ Share Definitions ============================== +[homes] + comment = Home Directories + browseable = no + writable = yes + +# Un-comment the following and create the netlogon directory for Domain Logons +; [netlogon] +; comment = Network Logon Service +; path = /usr/local/samba/lib/netlogon +; guest ok = yes +; writable = no +; share modes = no + + +# Un-comment the following to provide a specific roving profile share +# the default is to use the user's home directory +;[Profiles] +; path = /usr/local/samba/profiles +; browseable = no +; guest ok = yes + + +# NOTE: If you have a BSD-style print system there is no need to +# specifically define each individual printer +[printers] + comment = All Printers + path = /usr/spool/samba + browseable = no +# Set public = yes to allow user 'guest account' to print + guest ok = no + writable = no + printable = yes + +# This one is useful for people to share files +;[tmp] +; comment = Temporary file space +; path = /tmp +; read only = no +; public = yes + +# A publicly accessible directory, but read only, except for people in +# the "staff" group +;[public] +; comment = Public Stuff +; path = /home/samba +; public = yes +; writable = no +; printable = no +; write list = @staff + +# Other examples. +# +# A private printer, usable only by fred. Spool data will be placed in fred's +# home directory. Note that fred must have write access to the spool directory, +# wherever it is. +;[fredsprn] +; comment = Fred's Printer +; valid users = fred +; path = /homes/fred +; printer = freds_printer +; public = no +; writable = no +; printable = yes + +# A private directory, usable only by fred. Note that fred requires write +# access to the directory. +;[fredsdir] +; comment = Fred's Service +; path = /usr/somewhere/private +; valid users = fred +; public = no +; writable = yes +; printable = no + +# a service which has a different directory for each machine that connects +# this allows you to tailor configurations to incoming machines. You could +# also use the %U option to tailor it by user name. +# The %m gets replaced with the machine name that is connecting. +;[pchome] +; comment = PC Directories +; path = /usr/pc/%m +; public = no +; writable = yes + +# A publicly accessible directory, read/write to all users. Note that all files +# created in the directory by users will be owned by the default user, so +# any user with access can delete any other user's files. Obviously this +# directory must be writable by the default user. Another user could of course +# be specified, in which case all files would be owned by that user instead. +;[public] +; path = /usr/somewhere/else/public +; public = yes +; only guest = yes +; writable = yes +; printable = no + +# The following two entries demonstrate how to share a directory so that two +# users can place files there that will be owned by the specific users. In this +# setup, the directory should be writable by both users and should have the +# sticky bit set on it to prevent abuse. Obviously this could be extended to +# as many users as required. +;[myshare] +; comment = Mary's and Fred's stuff +; path = /usr/somewhere/shared +; valid users = mary fred +; public = no +; writable = yes +; printable = no +; create mask = 0765 + + diff --git a/patches/source/samba/smb.conf.diff b/patches/source/samba/smb.conf.diff new file mode 100644 index 00000000..3573a8f0 --- /dev/null +++ b/patches/source/samba/smb.conf.diff @@ -0,0 +1,29 @@ +--- smb.conf.default.orig 2009-09-30 07:17:40.000000000 -0500 ++++ smb.conf.default 2009-10-03 15:59:26.000000000 -0500 +@@ -22,7 +22,7 @@ + #======================= Global Settings ===================================== + [global] + +-# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH ++# workgroup = NT-Domain-Name or Workgroup-Name, eg: LINUX2 + workgroup = MYGROUP + + # server string is the equivalent of the NT Description field +@@ -63,7 +63,7 @@ + + # this tells Samba to use a separate log file for each machine + # that connects +- log file = /usr/local/samba/var/log.%m ++ log file = /var/log/samba.%m + + # Put a capping on the size of the log files (in Kb). + max log size = 50 +@@ -184,7 +184,7 @@ + # specifically define each individual printer + [printers] + comment = All Printers +- path = /usr/spool/samba ++ path = /var/spool/samba + browseable = no + # Set public = yes to allow user 'guest account' to print + guest ok = no diff --git a/patches/source/samba/talloc.pc b/patches/source/samba/talloc.pc new file mode 100644 index 00000000..7a23835c --- /dev/null +++ b/patches/source/samba/talloc.pc @@ -0,0 +1,11 @@ +prefix=/usr +exec_prefix=${prefix} +libdir=${exec_prefix}/lib +includedir=${prefix}/include + +Name: talloc +Description: A hierarchical pool based memory system with destructors +Version: 2.0.1 +Libs: -L${libdir} -ltalloc +Cflags: -I${includedir} +URL: http://talloc.samba.org/ diff --git a/patches/source/sdl/sdl-1.2.14-fix-mouse-clicking.patch b/patches/source/sdl/sdl-1.2.14-fix-mouse-clicking.patch new file mode 100644 index 00000000..7d3e5acf --- /dev/null +++ b/patches/source/sdl/sdl-1.2.14-fix-mouse-clicking.patch @@ -0,0 +1,23 @@ +--- SDL-1.2.14/src/video/x11/SDL_x11events.c.orig 2010-04-08 11:57:05.003169834 -0700 ++++ SDL-1.2.14/src/video/x11/SDL_x11events.c 2010-04-08 12:33:51.690926340 -0700 +@@ -423,12 +423,15 @@ + if ( xevent.xcrossing.mode == NotifyUngrab ) + printf("Mode: NotifyUngrab\n"); + #endif +- if ( this->input_grab == SDL_GRAB_OFF ) { +- posted = SDL_PrivateAppActive(1, SDL_APPMOUSEFOCUS); ++ if ( (xevent.xcrossing.mode != NotifyGrab) && ++ (xevent.xcrossing.mode != NotifyUngrab) ) { ++ if ( this->input_grab == SDL_GRAB_OFF ) { ++ posted = SDL_PrivateAppActive(1, SDL_APPMOUSEFOCUS); ++ } ++ posted = SDL_PrivateMouseMotion(0, 0, ++ xevent.xcrossing.x, ++ xevent.xcrossing.y); + } +- posted = SDL_PrivateMouseMotion(0, 0, +- xevent.xcrossing.x, +- xevent.xcrossing.y); + } + break; + diff --git a/patches/source/sdl/sdl.SlackBuild b/patches/source/sdl/sdl.SlackBuild new file mode 100755 index 00000000..04df6110 --- /dev/null +++ b/patches/source/sdl/sdl.SlackBuild @@ -0,0 +1,253 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +VERSION=${VERSION:-$(echo SDL-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +IMAGE=${IMAGE:-$(echo SDL_image-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +MIXER=${MIXER:-$(echo SDL_mixer-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +NET=${NET:-$(echo SDL_net-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +TTF=${TTF:-$(echo SDL_ttf-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} + +BUILD=${BUILD:-3_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-sdl + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf sdl-$VERSION +tar xf $CWD/SDL-$VERSION.tar.?z* || exit 1 +cd SDL-$VERSION +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/sdl.linux-2.6.31.input_absinfo.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/sdl-1.2.14-fix-mouse-clicking.patch.gz | patch -p1 --verbose || exit 1 + +# We must use --disable-x11-shared or programs linked with SDL will +# crash on machines that use the closed source nVidia drivers. + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --disable-arts \ + --disable-esd \ + --enable-shared=yes \ + --enable-static=no \ + --disable-x11-shared + +make $NUMJOBS || make || exit 1 + +# Spam /, for mixer/image later on: +make install +# install to package: +make install DESTDIR=$PKG || exit 1 +mkdir -p $PKG/usr/doc/SDL-$VERSION/html +cp -a docs/index.html $PKG/usr/doc/SDL-$VERSION +cp -a docs/html/*.html $PKG/usr/doc/SDL-$VERSION/html +cp -a \ + BUGS COPYING CREDITS INSTALL README* TODO WhatsNew \ + $PKG/usr/doc/SDL-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Add SDL_image: +cd $TMP +rm -rf SDL_image-$IMAGE +tar xf $CWD/SDL_image-$IMAGE.tar.?z* || exit 1 +cd SDL_image-$IMAGE +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# we don't want sdl to load the libs with dlopen(), gcc is smarter... +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --enable-shared=yes \ + --enable-static=no \ + --enable-jpg-shared=no \ + --enable-png-shared=no \ + --enable-tif-shared=no + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 +mkdir -p $PKG/usr/doc/SDL_image-$IMAGE +cp -a \ + CHANGES COPYING README \ + $PKG/usr/doc/SDL_image-$IMAGE + +# Add SDL_mixer: +cd $TMP +rm -rf SDL_mixer-$MIXER +tar xf $CWD/SDL_mixer-$MIXER.tar.?z* || exit 1 +cd SDL_mixer-$MIXER + +# Fix default library path. Don't use /usr/local, and use lib64 where needed: +sed -i "s,usr/local/lib,usr/lib${LIBDIRSUFFIX},g" timidity/config.h + +# Install patched static libmikmod: +unzip libmikmod-3.1.12.zip +( cd libmikmod-3.1.12.patched + ./configure \ + --prefix=/usr/local \ + --libdir=/usr/local/lib${LIBDIRSUFFIX} \ + --with-pic \ + --enable-shared=no \ + --enable-static=yes + make $NUMJOBS || make || exit 1 + make install +) + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --enable-music-mod \ + --enable-shared=yes \ + --enable-static=no + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +mkdir -p $PKG/usr/doc/SDL_mixer-$MIXER +cp -a \ + CHANGES COPYING README \ + $PKG/usr/doc/SDL_mixer-$MIXER + +# We do not want to try to pull in -lmikmod, since that was linked static: +sed -i -e "s/ -lmikmod//g" $PKG/usr/lib${LIBDIRSUFFIX}/libSDL_mixer.la + +# Add SDL_net: +cd $TMP +rm -rf SDL_net-$NET +tar xf $CWD/SDL_net-$NET.tar.?z* || exit 1 +cd SDL_net-$NET +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --enable-shared=yes \ + --enable-static=no + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +mkdir -p $PKG/usr/doc/SDL_net-$NET +cp -a \ + CHANGES COPYING README \ + $PKG/usr/doc/SDL_net-$NET + +# Add SDL_ttf: +cd $TMP +rm -rf SDL_ttf-$TTF +tar xf $CWD/SDL_ttf-$TTF.tar.?z* || exit 1 +cd SDL_ttf-$TTF + +#zcat $CWD/SDL_ttf-2.0.8-noftinternals.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --enable-shared=yes \ + --enable-static=no + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +mkdir -p $PKG/usr/doc/SDL_ttf-$TTF +cp -a \ + CHANGES COPYING README \ + $PKG/usr/doc/SDL_ttf-$TTF + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +gzip -9 $PKG/usr/man/man?/*.? + +cd $PKG +/sbin/makepkg -l y -c n $TMP/sdl-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/sdl/sdl.linux-2.6.31.input_absinfo.diff b/patches/source/sdl/sdl.linux-2.6.31.input_absinfo.diff new file mode 100644 index 00000000..685007ab --- /dev/null +++ b/patches/source/sdl/sdl.linux-2.6.31.input_absinfo.diff @@ -0,0 +1,38 @@ +--- SDL-1.2.14/src/joystick/linux/SDL_sysjoystick.c 2011-01-23 23:23:31.865198998 +0100 ++++ SDL-1.2.14/src/joystick/linux/SDL_sysjoystick.c.org 2011-01-23 23:28:12.427198998 +0100 +@@ -700,26 +700,26 @@ + continue; + } + if ( test_bit(i, absbit) ) { +- int values[5]; ++ struct input_absinfo absinfo; + +- if ( ioctl(fd, EVIOCGABS(i), values) < 0 ) ++ if ( ioctl(fd, EVIOCGABS(i), &absinfo) < 0 ) + continue; + #ifdef DEBUG_INPUT_EVENTS + printf("Joystick has absolute axis: %x\n", i); + printf("Values = { %d, %d, %d, %d, %d }\n", +- values[0], values[1], +- values[2], values[3], values[4]); ++ absinfo.value, absinfo.minimum, ++ absinfo.maximum, absinfo.fuzz, absinfo.flat); + #endif /* DEBUG_INPUT_EVENTS */ + joystick->hwdata->abs_map[i] = joystick->naxes; +- if ( values[1] == values[2] ) { ++ if ( absinfo.minimum == absinfo.maximum ) { + joystick->hwdata->abs_correct[i].used = 0; + } else { + joystick->hwdata->abs_correct[i].used = 1; + joystick->hwdata->abs_correct[i].coef[0] = +- (values[2] + values[1]) / 2 - values[4]; ++ (absinfo.maximum + absinfo.minimum) / 2 - absinfo.flat; + joystick->hwdata->abs_correct[i].coef[1] = +- (values[2] + values[1]) / 2 + values[4]; +- t = ((values[2] - values[1]) / 2 - 2 * values[4]); ++ (absinfo.maximum + absinfo.minimum) / 2 + absinfo.flat; ++ t = ((absinfo.maximum - absinfo.minimum) / 2 - 2 * absinfo.flat); + if ( t != 0 ) { + joystick->hwdata->abs_correct[i].coef[2] = (1 << 29) / t; + } else { + diff --git a/patches/source/sdl/slack-desc b/patches/source/sdl/slack-desc new file mode 100644 index 00000000..1d5d5c01 --- /dev/null +++ b/patches/source/sdl/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +sdl: sdl (Simple DirectMedia Layer library) +sdl: +sdl: This is the Simple DirectMedia Layer, a generic API that provides low +sdl: level access to audio, keyboard, mouse, joystick, 3D hardware via +sdl: OpenGL, and 2D framebuffer across multiple platforms. +sdl: +sdl: SDL links against alsa-lib, arts, audiofile, esound, and the X11 +sdl: libraries. Make sure all of these are installed if you're planning to +sdl: use SDL (a full installation will cover all of the prerequisites). +sdl: +sdl: diff --git a/patches/source/seamonkey/doinst.sh b/patches/source/seamonkey/doinst.sh new file mode 100644 index 00000000..c236bea5 --- /dev/null +++ b/patches/source/seamonkey/doinst.sh @@ -0,0 +1,11 @@ +# If there's no mozilla here, then take over: +if [ ! -r usr/bin/mozilla ]; then + ( cd usr/bin ; ln -sf seamonkey mozilla ) +fi +# Hopefully this won't break everything. ;-) +if ! grep /usr/lib/seamonkey etc/ld.so.conf 1> /dev/null 2> /dev/null ; then + echo "/usr/lib/seamonkey" >> etc/ld.so.conf +fi +if [ -x /sbin/ldconfig ]; then + /sbin/ldconfig 2> /dev/null +fi diff --git a/patches/source/seamonkey/pkgconfig/seamonkey-gtkmozembed.pc b/patches/source/seamonkey/pkgconfig/seamonkey-gtkmozembed.pc new file mode 100644 index 00000000..e5053267 --- /dev/null +++ b/patches/source/seamonkey/pkgconfig/seamonkey-gtkmozembed.pc @@ -0,0 +1,11 @@ +prefix=/usr +exec_prefix=/usr +libdir=/usr/@LIB@/seamonkey-@VERSION@ +includedir=/usr/include/seamonkey-@VERSION@ + +Name: Mozilla Gtk Embedding Widget +Description: Mozilla Embedding Widget for Gtk+ +Version: @VERSION@ +Requires: seamonkey-xpcom = @VERSION@ +Libs: -L${libdir} -lgtkembedmoz +Cflags: -I${includedir}/gtkembedmoz diff --git a/patches/source/seamonkey/pkgconfig/seamonkey-js.pc b/patches/source/seamonkey/pkgconfig/seamonkey-js.pc new file mode 100644 index 00000000..31433be2 --- /dev/null +++ b/patches/source/seamonkey/pkgconfig/seamonkey-js.pc @@ -0,0 +1,11 @@ +prefix=/usr +exec_prefix=/usr +libdir=/usr/@LIB@/seamonkey-@VERSION@ +includedir=/usr/include/seamonkey-@VERSION@ + +Name: JavaScript +Description: The Mozilla JavaScript Library +Version: @VERSION@ +Requires: seamonkey-nspr >= 4.7.1 +Libs: -L${libdir} -lmozjs +Cflags: -I${includedir}/js -DXP_UNIX -DJS_THREADSAFE diff --git a/patches/source/seamonkey/pkgconfig/seamonkey-nspr.pc b/patches/source/seamonkey/pkgconfig/seamonkey-nspr.pc new file mode 100644 index 00000000..756e996d --- /dev/null +++ b/patches/source/seamonkey/pkgconfig/seamonkey-nspr.pc @@ -0,0 +1,12 @@ +prefix=/usr +exec_prefix=/usr +libdir=/usr/@LIB@/seamonkey-@VERSION@ +includedir=/usr/include/seamonkey-@VERSION@ + +Name: NSPR +Description: The Netscape Portable Runtime +Version: 4.7.1 +Libs: -L/usr/@LIB@/seamonkey-@VERSION@ -lplds4 -lplc4 -lnspr4 -lpthread -ldl +Cflags: -I/usr/include/seamonkey-@VERSION@/nspr + + diff --git a/patches/source/seamonkey/pkgconfig/seamonkey-nss.pc b/patches/source/seamonkey/pkgconfig/seamonkey-nss.pc new file mode 100644 index 00000000..b929f202 --- /dev/null +++ b/patches/source/seamonkey/pkgconfig/seamonkey-nss.pc @@ -0,0 +1,11 @@ +prefix=/usr +exec_prefix=/usr +libdir=/usr/@LIB@/seamonkey-@VERSION@ +includedir=/usr/include/seamonkey-@VERSION@ + +Name: NSS +Description: Mozilla Network Security Services +Version: @VERSION@ +Requires: seamonkey-nspr >= 4.7.1 +Libs: -L${libdir} -lnss3 -lsmime3 -lssl3 -lsoftokn3 +Cflags: -I${includedir}/nss diff --git a/patches/source/seamonkey/pkgconfig/seamonkey-plugin.pc b/patches/source/seamonkey/pkgconfig/seamonkey-plugin.pc new file mode 100644 index 00000000..4550444a --- /dev/null +++ b/patches/source/seamonkey/pkgconfig/seamonkey-plugin.pc @@ -0,0 +1,10 @@ +prefix=/usr +exec_prefix=/usr +libdir=/usr/@LIB@/seamonkey-@VERSION@ +includedir=/usr/include/seamonkey-@VERSION@ + +Name: Mozilla Plug-In API +Description: Mozilla Plug-In API +Version: @VERSION@ +Requires: seamonkey-nspr >= 4.7.1 +Cflags: -I${includedir}/java -I${includedir}/plugin diff --git a/patches/source/seamonkey/pkgconfig/seamonkey-xpcom.pc b/patches/source/seamonkey/pkgconfig/seamonkey-xpcom.pc new file mode 100644 index 00000000..53200567 --- /dev/null +++ b/patches/source/seamonkey/pkgconfig/seamonkey-xpcom.pc @@ -0,0 +1,12 @@ +prefix=/usr +exec_prefix=/usr +libdir=/usr/@LIB@/seamonkey-@VERSION@ +includedir=/usr/include/seamonkey-@VERSION@ +idldir=/usr/share/idl/seamonkey-@VERSION@ + +Name: XPCOM +Description: The Mozilla Cross Platform Component Library +Version: @VERSION@ +Requires: seamonkey-nspr >= 4.7.1 +Libs: -L${libdir} -lxpcom +Cflags: -I${includedir} -I${includedir}/xpcom -I${includedir}/string diff --git a/patches/source/seamonkey/seamonkey-icon.png b/patches/source/seamonkey/seamonkey-icon.png Binary files differnew file mode 100644 index 00000000..824ab7a5 --- /dev/null +++ b/patches/source/seamonkey/seamonkey-icon.png diff --git a/patches/source/seamonkey/seamonkey-mail-icon.png b/patches/source/seamonkey/seamonkey-mail-icon.png Binary files differnew file mode 100644 index 00000000..123b077b --- /dev/null +++ b/patches/source/seamonkey/seamonkey-mail-icon.png diff --git a/patches/source/seamonkey/seamonkey-mail.desktop b/patches/source/seamonkey/seamonkey-mail.desktop new file mode 100644 index 00000000..1e0b62b1 --- /dev/null +++ b/patches/source/seamonkey/seamonkey-mail.desktop @@ -0,0 +1,8 @@ +[Desktop Entry] +Name=SeaMonkey Mail +Comment=Read Mail with SeaMonkey +Exec=/usr/bin/seamonkey -mail +Icon=/usr/share/pixmaps/seamonkey-mail-icon.png +Terminal=0 +Type=Application +Categories=Application;Network; diff --git a/patches/source/seamonkey/seamonkey.SlackBuild b/patches/source/seamonkey/seamonkey.SlackBuild new file mode 100755 index 00000000..b2c411b0 --- /dev/null +++ b/patches/source/seamonkey/seamonkey.SlackBuild @@ -0,0 +1,234 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +VERSION=${VERSION:-$(basename $(ls seamonkey-*.tar.* | cut -d - -f 2 | rev | cut -f 3- -d . | rev) .source)} +BUILD=${BUILD:-1_slack13.1} +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-seamonkey +rm -rf $PKG +mkdir -p $TMP $PKG/usr + +cd $TMP +rm -rf comm-1.9.1 +tar xvf $CWD/seamonkey-${VERSION}.source.tar.?z* || exit 1 +cd comm-1.9.1 || exit 1 + +# Make sure the perms/ownerships are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Fix a long standing bug that's prevented staying current on GTK+. +# Thanks to the BLFS folks. :-) +cat >> mozilla/layout/build/Makefile.in << EOF + +ifdef MOZ_ENABLE_CANVAS +EXTRA_DSO_LDOPTS += \$(XLDFLAGS) -lX11 -lXrender +endif + +EOF + +chown -R root:root . +BUILD_OFFICIAL=1 MOZILLA_OFFICIAL=1 \ +./configure --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --enable-optimize=-O2 \ + --disable-debug \ + --with-default-mozilla-five-home=/usr/lib${LIBDIRSUFFIX}/seamonkey-${VERSION} \ + --enable-strip \ + --disable-tests \ + --enable-svg \ + --enable-system-cairo \ + --enable-canvas \ + --disable-short-wchar \ + --enable-nspr-autoconf \ + --enable-extensions=default,irc \ + --enable-crypto \ + --disable-xprint \ + --without-system-nspr \ + --with-system-zlib \ + --with-system-jpeg \ + --with-system-mng \ + --enable-application=suite \ + --enable-xft \ + --host=$ARCH-slackware-linux \ + --target=$ARCH-slackware-linux \ + --build=$ARCH-slackware-linux + + # --with-system-png +make $NUMJOBS || exit 1 +DESTDIR=$PKG make install || exit 1 + +# Install js/nspr/nss headers. +for includedir in js nspr nspr/obsolete nspr/private nss plugin xpcom ; do + mkdir -p $PKG/usr/include/seamonkey-${VERSION}/$includedir + cp -aL mozilla/dist/include/${includedir}/*.h $PKG/usr/include/seamonkey-${VERSION}/$includedir +done +cp -aL mozilla/dist/include/js/*.tbl mozilla/dist/include/js/*.msg $PKG/usr/include/seamonkey-${VERSION}/js +cp -aL mozilla/dist/include/*.h $PKG/usr/include/seamonkey-${VERSION} +cp -aL mozilla/dist/sdk/include/* $PKG/usr/include/seamonkey-${VERSION} +( cd $PKG/usr/include/seamonkey-${VERSION}/plugin + for file in ../j*.h ; do + ln -sf $file . + done +) +chown -R root:root $PKG/usr/include/seamonkey-${VERSION} +find $PKG/usr/include/seamonkey-${VERSION} -name "*.h" -type f -exec chmod 644 {} \; +# Create a more generic include files symlink: +( cd $PKG/usr/include + if [ ! -e seamonkey ]; then + ln -sf seamonkey-${VERSION} seamonkey + fi +) + +# Install pkgconfig files: +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig +for file in $CWD/pkgconfig/* ; do +cat $file \ + | sed -e "s/@LIB@/lib${LIBDIRSUFFIX}/" \ + -e "s/@VERSION@/$VERSION/" \ + > $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/$(basename $file) +done + +# Add symlinks for the pkgconfig files: +( cd $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig + ln -s seamonkey-js.pc js.pc + ln -s seamonkey-nspr.pc nspr.pc + ln -s seamonkey-nss.pc nss.pc + ln -s seamonkey-plugin.pc plugin.pc + ln -s seamonkey-xpcom.pc xpcom.pc +) + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Strip files: +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# This remains the standard plugin directory for all browsers. +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/mozilla/plugins + +# This is traditional. +( cd $PKG/usr/lib${LIBDIRSUFFIX} + if [ ! -e seamonkey ]; then + ln -sf seamonkey-${VERSION} seamonkey + fi +) + +mkdir -p $PKG/usr/share/applications +cp -a $CWD/*.desktop $PKG/usr/share/applications +chown -R root:root $PKG/usr/share/applications +chmod 644 $PKG/usr/share/applications/* +mkdir -p $PKG/usr/share/pixmaps +cp -a $CWD/*.png $PKG/usr/share/pixmaps +chown -R root:root $PKG/usr/share/pixmaps +chmod 644 $PKG/usr/share/pixmaps/* + +mkdir -p $PKG/usr/doc/seamonkey-$VERSION +( cd mozilla + cp -a \ + LEGAL LICENSE README.txt \ + $PKG/usr/doc/seamonkey-$VERSION +) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + > $PKG/install/doinst.sh + +cd $TMP/package-seamonkey +/sbin/makepkg -l y -c n -p $TMP/seamonkey-$VERSION-$ARCH-$BUILD.txz + +# Create a standalone seamonkey-solibs package for RPM, gxine, etc. +rm -r $TMP/package-seamonkey-solibs +mkdir -p $TMP/package-seamonkey-solibs/usr/doc +cp -a $PKG/usr/doc/seamonkey-$VERSION $TMP/package-seamonkey-solibs/usr/doc +mkdir -p $TMP/package-seamonkey-solibs/usr/lib${LIBDIRSUFFIX}/seamonkey-${VERSION} +for file in libfreebl3.chk libfreebl3.so libmozjs.so libnspr4.so libnss3.so \ + libnssckbi.so libnssutil3.so libplc4.so libplds4.so libsmime3.so \ + libsoftokn3.chk libsoftokn3.so libssl3.so ; do + cp -a $PKG/usr/lib${LIBDIRSUFFIX}/seamonkey-${VERSION}/$file \ + $TMP/package-seamonkey-solibs/usr/lib${LIBDIRSUFFIX}/seamonkey-${VERSION} +done +mkdir $TMP/package-seamonkey-solibs/install +cat << EOF | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $TMP/package-seamonkey-solibs/install/doinst.sh +( cd usr/lib ; rm -rf seamonkey ) +( cd usr/lib ; ln -sf seamonkey-$VERSION seamonkey ) +if ! grep /usr/lib/seamonkey etc/ld.so.conf 1> /dev/null 2> /dev/null ; then + echo "/usr/lib/seamonkey" >> etc/ld.so.conf +fi +if [ -x /sbin/ldconfig ]; then + /sbin/ldconfig 2> /dev/null +fi +EOF +cat << EOF > $TMP/package-seamonkey-solibs/install/slack-desc + |-----handy-ruler------------------------------------------------------| +seamonkey-solibs: seamonkey-solibs (Shared libraries from Seamonkey) +seamonkey-solibs: +seamonkey-solibs: This package contains a subset of the shared libraries from Seamonkey +seamonkey-solibs: to provide runtime support for programs that require nss, nspr, and +seamonkey-solibs: js. These libraries are used in programs like RPM and gxine, and can +seamonkey-solibs: be used in others. This package is built from the Seamonkey sources +seamonkey-solibs: and is provided as a standalone runtime package for people who do not +seamonkey-solibs: want to install the entire seamonkey package (as for server use). +seamonkey-solibs: +seamonkey-solibs: This package is runtime only. The include files and other files for +seamonkey-solibs: development can be found in the seamonkey package. +EOF +cd $TMP/package-seamonkey-solibs +/sbin/makepkg -l y -c n -p $TMP/seamonkey-solibs-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/seamonkey/seamonkey.desktop b/patches/source/seamonkey/seamonkey.desktop new file mode 100644 index 00000000..7c988a76 --- /dev/null +++ b/patches/source/seamonkey/seamonkey.desktop @@ -0,0 +1,8 @@ +[Desktop Entry] +Name=SeaMonkey +Comment=Web Browser +Exec=/usr/bin/seamonkey +Icon=/usr/share/pixmaps/seamonkey-icon.png +Terminal=0 +Type=Application +Categories=Application;Network; diff --git a/patches/source/seamonkey/slack-desc b/patches/source/seamonkey/slack-desc new file mode 100644 index 00000000..af6ee240 --- /dev/null +++ b/patches/source/seamonkey/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +seamonkey: SeaMonkey (an open-source web browser suite) +seamonkey: +seamonkey: The SeaMonkey browser suite. SeaMonkey features a state-of-the-art +seamonkey: web browser and powerful email client, as well as a WYSIWYG web page +seamonkey: composer and a feature-rich IRC chat client. +seamonkey: +seamonkey: +seamonkey: +seamonkey: Visit the SeaMonkey project at this URL: +seamonkey: http://www.mozilla.org/projects/seamonkey/ +seamonkey: diff --git a/patches/source/sendmail/Build b/patches/source/sendmail/Build new file mode 100644 index 00000000..21950d49 --- /dev/null +++ b/patches/source/sendmail/Build @@ -0,0 +1,29 @@ +#!/bin/sh +# Copyright 2004 Slackware Linux, Inc. Concord, CA 94520 +# Copyright 2007, 2008 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +# A script to build .cf files from .mc files: + +for mcfile in $* ; do + /usr/bin/m4 /usr/share/sendmail/cf/m4/cf.m4 $mcfile > $(basename $mcfile .mc).cf +done + diff --git a/patches/source/sendmail/SlackBuild-sendmail b/patches/source/sendmail/SlackBuild-sendmail new file mode 100755 index 00000000..2f1ab33e --- /dev/null +++ b/patches/source/sendmail/SlackBuild-sendmail @@ -0,0 +1,168 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +VERSION=8.14.9 +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-sendmail + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +# Explode the package framework: +cd $PKG +explodepkg $CWD/_sendmail.tar.gz +[ -n "${LIBDIRSUFFIX}" ] && mv $PKG/usr/lib $PKG/usr/lib${LIBDIRSUFFIX} + +echo "+=================+" +echo "| sendmail.$VERSION |" +echo "+=================+" +OSCPU="`uname -srm | tr ' ' '.'`" +cd $TMP +rm -rf sendmail-$VERSION +tar xvf $CWD/sendmail.$VERSION.tar.gz || exit 1 +cd sendmail-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Add TLS support to the sendmail binary: +cat $CWD/site.config.m4 > devtools/Site/site.config.m4 + +# Build .cf files for Linux: +cd $TMP/sendmail-$VERSION/cf/cf +cp $CWD/*.mc . +cp linux.uucp.mc config.mc +sh Build config.cf +mv config.cf $PKG/usr/share/sendmail/linux.uucp.cf +cp sendmail-slackware.mc config.mc +sh Build config.cf +mv config.cf $PKG/usr/share/sendmail/sendmail-slackware.cf +cp sendmail-slackware-tls.mc config.mc +sh Build config.cf +mv config.cf $PKG/usr/share/sendmail/sendmail-slackware-tls.cf +cp sendmail-slackware-tls-sasl.mc config.mc +sh Build config.cf +mv config.cf $PKG/usr/share/sendmail/sendmail-slackware-tls-sasl.cf + +# Add a sample sendmail.cf: +cat $PKG/usr/share/sendmail/sendmail-slackware.cf > $PKG/etc/mail/sendmail.cf.new +cat submit.cf > $PKG/etc/mail/submit.cf.new + +cd $TMP/sendmail-$VERSION +## All "Build" does is call make while screwing up the options :-) +## sh Build +make O="$SLKCFLAGS" +#O="$SLKCFLAGS" sh Build +cat sendmail/mailq.1 | gzip -9c > $PKG/usr/man/man1/mailq.1.gz +cat sendmail/newaliases.1 | gzip -9c > $PKG/usr/man/man1/newaliases.1.gz +mkdir -p $PKG/usr/doc/sendmail-$VERSION +cp -a \ + FAQ INSTALL KNOWNBUGS LICENSE PGPKEYS README RELEASE_NOTES \ + $PKG/usr/doc/sendmail-$VERSION +( cd doc ; cp -a op $PKG/usr/doc/sendmail-$VERSION ) + +cd obj.$OSCPU/sendmail +cat sendmail > $PKG/usr/sbin/sendmail.new +cat aliases.5 | gzip -9c > $PKG/usr/man/man5/aliases.5.gz +cat sendmail.8 | gzip -9c > $PKG/usr/man/man8/sendmail.8.gz +cat statistics > $PKG/etc/mail/statistics +cat ../../sendmail/helpfile > $PKG/etc/mail/helpfile +cd ../makemap +cat makemap > $PKG/usr/sbin/makemap +cat makemap.8 | gzip -9c > $PKG/usr/man/man8/makemap.8.gz +cd ../mailstats +cat mailstats > $PKG/usr/sbin/mailstats +cat mailstats.8 | gzip -9c > $PKG/usr/man/man8/mailstats.8.gz +cd ../praliases +cat praliases > $PKG/usr/bin/praliases +chmod 755 $PKG/usr/bin/praliases +cat praliases.8 | gzip -9c > $PKG/usr/man/man8/praliases.8.gz +cd ../rmail +cat rmail > $PKG/usr/bin/rmail +cat rmail.8 | gzip -9c > $PKG/usr/man/man8/rmail.8.gz +cd ../smrsh +cat smrsh > $PKG/usr/sbin/smrsh +cat smrsh.8 | gzip -9c > $PKG/usr/man/man8/smrsh.8.gz +cd ../mail.local +cat mail.local > $PKG/usr/sbin/mail.local +cat mail.local.8 | gzip -9c > $PKG/usr/man/man8/mail.local.8.gz +cd ../vacation +cat vacation > $PKG/usr/bin/vacation +cat vacation.1 | gzip -9c > $PKG/usr/man/man1/vacation.1.gz +cd ../editmap +cat editmap > $PKG/usr/sbin/editmap +cat editmap.8 | gzip -9c > $PKG/usr/man/man8/editmap.8.gz + +# Add libmilter: +cd $TMP/sendmail-$VERSION/libmilter +./Build +cd .. +mkdir -p $PKG/usr/include +mkdir -p $PKG/usr/include/libmilter +cp -a include/libmilter/mfapi.h $PKG/usr/include/libmilter +cp -a include/libmilter/mfdef.h $PKG/usr/include/libmilter +cp -a obj.*/libmilter/libmilter.a $PKG/usr/lib${LIBDIRSUFFIX} +strip -g $PKG/usr/lib${LIBDIRSUFFIX}/libmilter.a +chmod 644 $PKG/usr/lib${LIBDIRSUFFIX}/libmilter.a $PKG/usr/include/libmilter/* +mkdir -p $PKG/usr/doc/sendmail-$VERSION/libmilter +cp -a libmilter/README $PKG/usr/doc/sendmail-$VERSION/libmilter + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +cat $CWD/slack-desc.sendmail > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/sendmail-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/sendmail/SlackBuild-sendmail-cf b/patches/source/sendmail/SlackBuild-sendmail-cf new file mode 100755 index 00000000..555f7170 --- /dev/null +++ b/patches/source/sendmail/SlackBuild-sendmail-cf @@ -0,0 +1,57 @@ +#!/bin/sh + +# Copyright 2008, 2009 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +VERSION=8.14.9 +ARCH=noarch +BUILD=${BUILD:-1_slack13.1} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-sendmail-cf + +rm -rf $PKG +mkdir -p $TMP $PKG + +echo "+====================+" +echo "| sendmail.cf.$VERSION |" +echo "+====================+" +( cd $TMP/sendmail-$VERSION ; find . -name "*~" -print -exec rm {} \; ) +cd $PKG +mkdir -p usr/share/sendmail/cf +cd usr/share/sendmail/cf +cp -a $TMP/sendmail-$VERSION/cf/README . +cp -a $TMP/package-sendmail/usr/share/sendmail/README.linux . +for dir in cf domain feature hack m4 mailer ostype sh siteconfig ; do + cp -a $TMP/sendmail-$VERSION/cf/$dir . +done +# Replace the sendmail Build script with a simple (working) one: +cp -a $PKG/usr/share/sendmail/cf/cf/Build $PKG/usr/share/sendmail/cf/cf/Build.orig +zcat $CWD/Build.gz > $PKG/usr/share/sendmail/cf/cf/Build +chown -R root.root * + +mkdir -p $PKG/install +cat $CWD/slack-desc.sendmail-cf > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/sendmail-cf-$VERSION-noarch-$BUILD.txz + diff --git a/patches/source/sendmail/linux.uucp.mc b/patches/source/sendmail/linux.uucp.mc new file mode 100644 index 00000000..ffd242bb --- /dev/null +++ b/patches/source/sendmail/linux.uucp.mc @@ -0,0 +1,8 @@ +include(`../m4/cf.m4') +VERSIONID(`linux for setup with uucp which uses domain names')dnl +OSTYPE(linux) +FEATURE(always_add_domain)dnl +MAILER(local)dnl +MAILER(smtp)dnl +MAILER(uucp) +define(`SMART_HOST', uucp-dom:otheruucphost) diff --git a/patches/source/sendmail/sendmail-slackware-tls-sasl.mc b/patches/source/sendmail/sendmail-slackware-tls-sasl.mc new file mode 100644 index 00000000..ed5753b4 --- /dev/null +++ b/patches/source/sendmail/sendmail-slackware-tls-sasl.mc @@ -0,0 +1,61 @@ +dnl# This is the a sendmail .mc file for Slackware with TLS support. +dnl# To generate the sendmail.cf file from this (perhaps after making +dnl# some changes), use the m4 files in /usr/share/sendmail/cf like this: +dnl# +dnl# cp sendmail-slackware-tls.mc /usr/share/sendmail/cf/config.mc +dnl# cd /usr/share/sendmail/cf +dnl# sh Build config.mc +dnl# +dnl# You may then install the resulting .cf file: +dnl# cp config.cf /etc/mail/sendmail.cf +dnl# +include(`../m4/cf.m4') +VERSIONID(`TLS supporting setup for Slackware Linux')dnl +OSTYPE(`linux')dnl +dnl# +dnl# You will need to create the certificates below with OpenSSL first: +define(`confCACERT_PATH', `/etc/mail/certs/') +define(`confCACERT', `/etc/mail/certs/CA.cert.pem') +define(`confSERVER_CERT', `/etc/mail/certs/smtp.cert.pem') +define(`confSERVER_KEY', `/etc/mail/certs/smtp.key.pem') +dnl# These settings help protect against people verifying email addresses +dnl# at your site in order to send you email that you probably don't want: +define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl +dnl# Uncomment the line below to send outgoing mail through an external server: +dnl define(`SMART_HOST',`mailserver.example.com') +dnl# No timeout for ident: +define(`confTO_IDENT', `0')dnl +dnl# Enable the line below to use smrsh to restrict what sendmail can run: +dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl +dnl# See the README in /usr/share/sendmail/cf for a ton of information on +dnl# how these options work: +FEATURE(`use_cw_file')dnl +FEATURE(`use_ct_file')dnl +FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl +FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl +FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl +FEATURE(`blacklist_recipients')dnl +FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl +FEATURE(`always_add_domain')dnl +FEATURE(`redirect')dnl +FEATURE(`no_default_msa')dnl +dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail: +dnl FEATURE(`accept_unresolvable_domains')dnl +EXPOSED_USER(`root')dnl +dnl# Also accept mail for localhost.localdomain: +LOCAL_DOMAIN(`localhost.localdomain')dnl +MAILER(local)dnl +MAILER(smtp)dnl +MAILER(procmail)dnl +dnl# Allow SASL authentication/relaying: +define(`confAUTH_OPTIONS', `A p y')dnl +define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl +TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl +DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl +dnl# Daemon options after M= below that might need to be changed are: +dnl# s (allow SSL, not only TLS) +dnl# a (require authentication) +DAEMON_OPTIONS(`Port=smtps, Name=MSA-SSL, M=Esa')dnl +LOCAL_CONFIG +dnl# Do not allow the weak SSLv2: +O CipherList=ALL:!ADH:!NULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv3:+TLSv1:-SSLv2:+EXP:+eNULL diff --git a/patches/source/sendmail/sendmail-slackware-tls.mc b/patches/source/sendmail/sendmail-slackware-tls.mc new file mode 100644 index 00000000..01a66775 --- /dev/null +++ b/patches/source/sendmail/sendmail-slackware-tls.mc @@ -0,0 +1,56 @@ +dnl# This is the a sendmail .mc file for Slackware with TLS support. +dnl# To generate the sendmail.cf file from this (perhaps after making +dnl# some changes), use the m4 files in /usr/share/sendmail/cf like this: +dnl# +dnl# cp sendmail-slackware-tls.mc /usr/share/sendmail/cf/config.mc +dnl# cd /usr/share/sendmail/cf +dnl# sh Build config.mc +dnl# +dnl# You may then install the resulting .cf file: +dnl# cp config.cf /etc/mail/sendmail.cf +dnl# +include(`../m4/cf.m4') +VERSIONID(`TLS supporting setup for Slackware Linux')dnl +OSTYPE(`linux')dnl +dnl# +dnl# You will need to create the certificates below with OpenSSL first: +define(`confCACERT_PATH', `/etc/mail/certs/') +define(`confCACERT', `/etc/mail/certs/CA.cert.pem') +define(`confSERVER_CERT', `/etc/mail/certs/smtp.cert.pem') +define(`confSERVER_KEY', `/etc/mail/certs/smtp.key.pem') +dnl# These settings help protect against people verifying email addresses +dnl# at your site in order to send you email that you probably don't want: +define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl +dnl# Uncomment the line below to send outgoing mail through an external server: +dnl define(`SMART_HOST',`mailserver.example.com') +dnl# No timeout for ident: +define(`confTO_IDENT', `0')dnl +dnl# Enable the line below to use smrsh to restrict what sendmail can run: +dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl +dnl# See the README in /usr/share/sendmail/cf for a ton of information on +dnl# how these options work: +FEATURE(`use_cw_file')dnl +FEATURE(`use_ct_file')dnl +FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl +FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl +FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl +FEATURE(`blacklist_recipients')dnl +FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl +FEATURE(`always_add_domain')dnl +FEATURE(`redirect')dnl +dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail: +dnl FEATURE(`accept_unresolvable_domains')dnl +EXPOSED_USER(`root')dnl +dnl# Also accept mail for localhost.localdomain: +LOCAL_DOMAIN(`localhost.localdomain')dnl +MAILER(local)dnl +MAILER(smtp)dnl +MAILER(procmail)dnl +DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl +dnl# Daemon options after M= below that might need to be changed are: +dnl# s (allow SSL, not only TLS) +dnl# a (require authentication) +DAEMON_OPTIONS(`Port=smtps, Name=MSA-SSL, M=Es')dnl +LOCAL_CONFIG +dnl# Do not allow the weak SSLv2: +O CipherList=ALL:!ADH:!NULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv3:+TLSv1:-SSLv2:+EXP:+eNULL diff --git a/patches/source/sendmail/sendmail-slackware.mc b/patches/source/sendmail/sendmail-slackware.mc new file mode 100644 index 00000000..4fd4620b --- /dev/null +++ b/patches/source/sendmail/sendmail-slackware.mc @@ -0,0 +1,42 @@ +dnl# This is the default sendmail .mc file for Slackware. To generate +dnl# the sendmail.cf file from this (perhaps after making some changes), +dnl# use the m4 files in /usr/share/sendmail/cf like this: +dnl# +dnl# cp sendmail-slackware.mc /usr/share/sendmail/cf/config.mc +dnl# cd /usr/share/sendmail/cf +dnl# sh Build config.cf +dnl# +dnl# You may then install the resulting .cf file: +dnl# cp config.cf /etc/mail/sendmail.cf +dnl# +include(`../m4/cf.m4') +VERSIONID(`default setup for Slackware Linux')dnl +OSTYPE(`linux')dnl +dnl# These settings help protect against people verifying email addresses +dnl# at your site in order to send you email that you probably don't want: +define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl +dnl# Uncomment the line below to send outgoing mail through an external server: +dnl define(`SMART_HOST',`mailserver.example.com') +dnl# No timeout for ident: +define(`confTO_IDENT', `0')dnl +dnl# Enable the line below to use smrsh to restrict what sendmail can run: +dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl +dnl# See the README in /usr/share/sendmail/cf for a ton of information on +dnl# how these options work: +FEATURE(`use_cw_file')dnl +FEATURE(`use_ct_file')dnl +FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl +FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl +FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl +FEATURE(`blacklist_recipients')dnl +FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl +FEATURE(`always_add_domain')dnl +FEATURE(`redirect')dnl +dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail: +dnl FEATURE(`accept_unresolvable_domains')dnl +EXPOSED_USER(`root')dnl +dnl# Also accept mail for localhost.localdomain: +LOCAL_DOMAIN(`localhost.localdomain')dnl +MAILER(local)dnl +MAILER(smtp)dnl +MAILER(procmail)dnl diff --git a/patches/source/sendmail/sendmail.SlackBuild b/patches/source/sendmail/sendmail.SlackBuild new file mode 100755 index 00000000..462f16e9 --- /dev/null +++ b/patches/source/sendmail/sendmail.SlackBuild @@ -0,0 +1,3 @@ +#!/bin/sh +./SlackBuild-sendmail $* +./SlackBuild-sendmail-cf $* diff --git a/patches/source/sendmail/site.config.m4 b/patches/source/sendmail/site.config.m4 new file mode 100644 index 00000000..09b1d72f --- /dev/null +++ b/patches/source/sendmail/site.config.m4 @@ -0,0 +1,8 @@ +APPENDDEF(`confENVDEF', `-DNETINET6') +APPENDDEF(`confMAPDEF', `-DNEWDB -DSTARTTLS -DSASL=2 -DTCPWRAPPERS -DNIS -DMAP_REGEX -DSOCKETMAP') +APPENDDEF(`confLIBS', `-lnsl -lssl -lcrypto -lsasl2 -lwrap -lm -ldb -lresolv') +APPENDDEF(`conf_libmilter_ENVDEF', `-DMILTER') +APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER') +APPENDDEF(`conf_libmilter_ENVDEF', `-D_FFR_MILTER_ROOT_UNSAFE ') +APPENDDEF(`confENVDEF', `-DBROKEN_PTHREAD_SLEEP') +APPENDDEF(`confENVDEF', `-D_FFR_TLS_1')dnl diff --git a/patches/source/sendmail/slack-desc.sendmail b/patches/source/sendmail/slack-desc.sendmail new file mode 100644 index 00000000..cdcc9387 --- /dev/null +++ b/patches/source/sendmail/slack-desc.sendmail @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +sendmail: sendmail (mail transfer agent) +sendmail: +sendmail: Eric Allman's mail transport agent. The _Unix System Administration +sendmail: Handbook_ calls sendmail 'The most complex and complete mail delivery +sendmail: system in common use...' +sendmail: +sendmail: Ready-made configuration files are included for systems connected by +sendmail: TCP/IP (with or without a nameserver) and for systems using UUCP. +sendmail: +sendmail: The procmail package is required to handle local mail delivery. +sendmail: diff --git a/patches/source/sendmail/slack-desc.sendmail-cf b/patches/source/sendmail/slack-desc.sendmail-cf new file mode 100644 index 00000000..df56efdc --- /dev/null +++ b/patches/source/sendmail/slack-desc.sendmail-cf @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +sendmail-cf: sendmail-cf (configuration files for sendmail) +sendmail-cf: +sendmail-cf: These files are used to create sendmail.cf configuration files. The +sendmail-cf: m4 macro processor is also required in order to make use of these +sendmail-cf: files. +sendmail-cf: +sendmail-cf: The files and documentation in /usr/share/sendmail should make it +sendmail-cf: possible to support virtually any mail configuration. NOTE: You +sendmail-cf: probably won't need this package if you're planning to use one of the +sendmail-cf: sendmail.cf samples included in the sendmail package. +sendmail-cf: diff --git a/patches/source/shadow/adduser b/patches/source/shadow/adduser new file mode 100644 index 00000000..5b674a85 --- /dev/null +++ b/patches/source/shadow/adduser @@ -0,0 +1,440 @@ +#!/bin/bash +# +# Copyright 1995 Hrvoje Dogan, Croatia. +# Copyright 2002-2004, 2008, 2009, 2010 Stuart Winter, Surrey, England, UK. +# Copyright 2004, 2008-2010 Slackware Linux, Inc., Concord, CA, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +# +########################################################################## +# Program: /usr/sbin/adduser +# Purpose: Interactive front end to /usr/sbin/useradd for Slackware Linux +# Author : Stuart Winter <mozes@slackware.com> +# Based on the original Slackware adduser by Hrvoje Dogan +# with modifications by Patrick Volkerding +# Version: 1.13 +########################################################################## +# Usage..: adduser [<new_user_name>] +########################################################################## +# History # +########### +# v1.13 - 13/01/10 +# * Fixed bug that removed underscore characters from UNIX group names. +# Thanks to mRgOBLIN for the report and Jim Hawkins for the fix. <sw> +# v1.12 - 21/07/09 +# * Adjusted the search of /etc/passwd to exclude the NIS inclusion +# string. Thanks to Dominik L. Borkowski. +# v1.11 - 04/06/09 +# * Add power and netdev to the suggested group list +# v1.10 - 24/03/08 +# * To facilitate use of the automatic mounting features of HAL, +# allow the admin to easily add users to the default groups: +# audio,cdrom,video,plugdev,floppy. +# The default is not to add new users to these groups. +# And by the way, this script is "useradd from Slackware" not +# "superadduser from Gentoo" ;-) +# v1.09 - 07/06/04 +# * Added standard Slackware script licence to the head of this file. +# v1.08 - 25/04/04 +# * Disallow user names that begin with a numeric because useradd +# (from shadow v4.03) does not allow them. <sw> +# v1.07 - 07/03/03 +# * When supplying a null string for the uid (meaning 'Choose next available'), +# if there were file names in the range 'a-z' in the pwd then the +# egrep command considered these files rather than the null string. +# The egrep expression is now in quotes. +# Reported & fixed by Vadim O. Ustiansky <sw> +# v1.06 - 31/03/03 +# * Ask to chown user.group the home directory if it already exists. +# This helps reduce later confusion when adding users whose home dir +# already exists (mounted partition for example) and is owned +# by a user other than the user to which the directory is being +# assigned as home. Default is not to chown. +# Brought to my attention by mRgOBLIN. <sw> +# v1.05 - 04/01/03 +# * Advise & prevent users from creating logins with '.' characters +# in the user name. <sw> +# * Made pending account creation info look neater <sw> +# v1.04 - 09/06/02 +# * Catered for shadow-4.0.3's 'useradd' binary that no longer +# will let you create a user that has any uppercase chars in it +# This was reported on the userlocal.org forums +# by 'xcp' - thanks. <sw,pjv> +# v1.03 - 20/05/02 +# * Support 'broken' (null lines in) /etc/passwd and +# /etc/group files <sw> +# * For recycling UIDs (default still 'off'), we now look in +# /etc/login.defs for the UID_MIN value and use it +# If not found then default to 1000 <sw> +# v1.02 - 10/04/02 +# * Fix user-specified UID bug. <pjv> +# v1.01 - 23/03/02 +# * Match Slackware indenting style, simplify. <pjv> +# v1.00 - 22/03/02 +# * Created +####################################################################### + +# Path to files +pfile=/etc/passwd +gfile=/etc/group +sfile=/etc/shells + +# Paths to binaries +useradd=/usr/sbin/useradd +chfn=/usr/bin/chfn +passwd=/usr/bin/passwd +chmod=/bin/chmod + +# Defaults +defhome=/home +defshell=/bin/bash +defchmod=711 # home dir permissions - may be preferable to use 701, however. +defgroup=users +AGID="audio cdrom floppy plugdev video power netdev" # additional groups for desktop users + +# Determine what the minimum UID is (for UID recycling) +# (we ignore it if it's not at the beginning of the line (i.e. commented out with #)) +export recycleUIDMIN="$(grep ^UID_MIN /etc/login.defs | awk '{print $2}' 2>/dev/null)" +# If we couldn't find it, set it to the default of 1000 +if [ -z "$recycleUIDMIN" ]; then + export recycleUIDMIN=1000 # this is the default from Slackware's /etc/login.defs +fi + + +# This setting enables the 'recycling' of older unused UIDs. +# When you userdel a user, it removes it from passwd and shadow but it will +# never get used again unless you specify it expliticly -- useradd (appears to) just +# look at the last line in passwd and increment the uid. I like the idea of +# recycling uids but you may have very good reasons not to (old forgotten +# confidential files still on the system could then be owned by this new user). +# We'll set this to no because this is what the original adduser shell script +# did and it's what users expect. +recycleuids=no + +# Function to read keyboard input. +# bash1 is broken (even ash will take read -ep!), so we work around +# it (even though bash1 is no longer supported on Slackware). +function get_input() { + local output + if [ "`echo $BASH_VERSION | cut -b1`" = "1" ]; then + echo -n "${1} " >&2 # fudge for use with bash v1 + read output + else # this should work with any other /bin/sh + read -ep "${1} " output + fi + echo $output +} + +# Function to display the account info +function display () { + local goose + goose="$(echo $2 | cut -d ' ' -f 2-)" # lop off the prefixed argument useradd needs + echo -n "$1 " + # If it's null then display the 'other' information + if [ -z "$goose" -a ! -z "$3" ]; then + echo "$3" + else + echo "$goose" + fi +} + +# Function to check whether groups exist in the /etc/group file +function check_group () { + local got_error group + if [ ! -z "$@" ]; then + for group in $@ ; do + local uid_not_named="" uid_not_num="" + grep -v "$^" $gfile | awk -F: '{print $1}' | grep "^${group}$" >/dev/null 2>&1 || uid_not_named=yes + grep -v "$^" $gfile | awk -F: '{print $3}' | grep "^${group}$" >/dev/null 2>&1 || uid_not_num=yes + if [ ! -z "$uid_not_named" -a ! -z "$uid_not_num" ]; then + echo "- Group '$group' does not exist" + got_error=yes + fi + done + fi + # Return exit code of 1 if at least one of the groups didn't exist + if [ ! -z "$got_error" ]; then + return 1 + fi +} + +#: Read the login name for the new user :# +# +# Remember that most Mail Transfer Agents are case independant, so having +# 'uSer' and 'user' may cause confusion/things to break. Because of this, +# useradd from shadow-4.0.3 no longer accepts usernames containing uppercase, +# and we must reject them, too. + +# Set the login variable to the command line param +echo +LOGIN="$1" +needinput=yes +while [ ! -z $needinput ]; do + if [ -z "$LOGIN" ]; then + while [ -z "$LOGIN" ]; do LOGIN="$(get_input "Login name for new user []:")" ; done + fi + grep "^${LOGIN}:" $pfile >/dev/null 2>&1 # ensure it's not already used + if [ $? -eq 0 ]; then + echo "- User '$LOGIN' already exists; please choose another" + unset LOGIN + elif [ ! -z "$( echo $LOGIN | grep "^[0-9]" )" ]; then + echo "- User names cannot begin with a number; please choose another" + unset LOGIN + elif [ ! "$LOGIN" = "`echo $LOGIN | tr A-Z a-z`" ]; then # useradd does not allow uppercase + echo "- User '$LOGIN' contains illegal characters (uppercase); please choose another" + unset LOGIN + elif [ ! -z "$( echo $LOGIN | grep '\.' )" ]; then + echo "- User '$LOGIN' contains illegal characters (period/dot); please choose another" + unset LOGIN + else + unset needinput + fi +done + +# Display the user name passed from the shell if it hasn't changed +if [ "$1" = "$LOGIN" ]; then + echo "Login name for new user: $LOGIN" +fi + +#: Get the UID for the user & ensure it's not already in use :# +# +# Whilst we _can_ allow users with identical UIDs, it's not a 'good thing' because +# when you change password for the uid, it finds the first match in /etc/passwd +# which isn't necessarily the correct user +# +echo +needinput=yes +while [ ! -z "$needinput" ]; do + _UID="$(get_input "User ID ('UID') [ defaults to next available ]:")" + egrep -v "^$|^\+" $pfile | awk -F: '{print $3}' | grep "^${_UID}$" >/dev/null 2>&1 + if [ $? -eq 0 ]; then + echo "- That UID is already in use; please choose another" + elif [ ! -z "$(echo $_UID | egrep '[A-Za-z]')" ]; then + echo "- UIDs are numerics only" + else + unset needinput + fi +done +# If we were given a UID, then syntax up the variable to pass to useradd +if [ ! -z "$_UID" ]; then + U_ID="-u ${_UID}" +else + # Will we be recycling UIDs? + if [ "$recycleuids" = "yes" ]; then + U_ID="-u $(awk -F: '{uid[$3]=1} END { for (i=ENVIRON["recycleUIDMIN"];i in uid;i++);print i}' $pfile)" + fi +fi + +#: Get the initial group for the user & ensure it exists :# +# +# We check /etc/group for both the text version and the group ID number +echo +needinput=yes +while [ ! -z "$needinput" ]; do + GID="$(get_input "Initial group [ ${defgroup} ]:")" + check_group "$GID" + if [ $? -gt 0 ]; then + echo "- Please choose another" + else + unset needinput + fi +done +# Syntax the variable ready for useradd +if [ -z "$GID" ]; then + GID="-g ${defgroup}" +else + GID="-g ${GID}" +fi + +#: Get additional groups for the user :# +# +echo "Additional UNIX groups:" +echo +echo "Users can belong to additional UNIX groups on the system." +echo "For local users using graphical desktop login managers such" +echo "as XDM/KDM, users may need to be members of additional groups" +echo "to access the full functionality of removable media devices." +echo +echo "* Security implications *" +echo "Please be aware that by adding users to additional groups may" +echo "potentially give access to the removable media of other users." +echo +echo "If you are creating a new user for remote shell access only," +echo "users do not need to belong to any additional groups as standard," +echo "so you may press ENTER at the next prompt." +echo +needinput=yes +while [ ! -z "$needinput" ]; do + history -c + history -s "$AGID" + echo "Press ENTER to continue without adding any additional groups" + echo "Or press the UP arrow key to add/select/edit additional groups" + AGID="$(get_input ": " | sed 's/[^A-Za-z0-9 _]//g;s/ */ /g;s/^ $//g' )" + if [ ! -z "$AGID" ]; then + check_group "$AGID" # check all groups at once (treated as N # of params) + if [ $? -gt 0 ]; then + echo "- Please re-enter the group(s)" + echo + else + unset needinput # we found all groups specified + AGID="-G $(echo $AGID | tr ' ' ,)" # useradd takes comma delimited groups + fi + else + unset needinput # we don't *have* to have additional groups + fi +done + +#: Get the new user's home dir :# +# +echo +needinput=yes +while [ ! -z "$needinput" ]; do + HME="$(get_input "Home directory [ ${defhome}/${LOGIN} ]")" + if [ -z "$HME" ]; then + HME="${defhome}/${LOGIN}" + fi + # Warn the user if the home dir already exists + if [ -d "$HME" ]; then + echo "- Warning: '$HME' already exists !" + getyn="$(get_input " Do you wish to change the home directory path ? (Y/n) ")" + if [ "$(echo $getyn | grep -i "n")" ]; then + unset needinput + # You're most likely going to only do this if you have the dir *mounted* for this user's $HOME + getyn="$(get_input " Do you want to chown $LOGIN.$( echo $GID | awk '{print $2}') $HME ? (y/N) ")" + if [ "$(echo $getyn | grep -i "y")" ]; then + CHOWNHOMEDIR=$HME # set this to the home directory + fi + fi + else + unset needinput + fi +done +HME="-d ${HME}" + +#: Get the new user's shell :# +echo +needinput=yes +while [ ! -z "$needinput" ]; do + unset got_error + SHL="$(get_input "Shell [ ${defshell} ]")" + if [ -z "$SHL" ]; then + SHL="${defshell}" + fi + # Warn the user if the shell doesn't exist in /etc/shells or as a file + if [ -z "$(grep "^${SHL}$" $sfile)" ]; then + echo "- Warning: ${SHL} is not in ${sfile} (potential problem using FTP)" + got_error=yes + fi + if [ ! -f "$SHL" ]; then + echo "- Warning: ${SHL} does not exist as a file" + got_error=yes + fi + if [ ! -z "$got_error" ]; then + getyn="$(get_input " Do you wish to change the shell ? (Y/n) ")" + if [ "$(echo $getyn | grep -i "n")" ]; then + unset needinput + fi + else + unset needinput + fi +done +SHL="-s ${SHL}" + +#: Get the expiry date :# +echo +needinput=yes +while [ ! -z "$needinput" ]; do + EXP="$(get_input "Expiry date (YYYY-MM-DD) []:")" + if [ ! -z "$EXP" ]; then + # Check to see whether the expiry date is in the valid format + if [ -z "$(echo "$EXP" | grep "^[[:digit:]]\{4\}[-]\?[[:digit:]]\{2\}[-]\?[[:digit:]]\{2\}$")" ]; then + echo "- That is not a valid expiration date" + else + unset needinput + EXP="-e ${EXP}" + fi + else + unset needinput + fi +done + +# Display the info about the new impending account +echo +echo "New account will be created as follows:" +echo +echo "---------------------------------------" +display "Login name.......: " "$LOGIN" +display "UID..............: " "$_UID" "[ Next available ]" +display "Initial group....: " "$GID" +display "Additional groups: " "$AGID" "[ None ]" +display "Home directory...: " "$HME" +display "Shell............: " "$SHL" +display "Expiry date......: " "$EXP" "[ Never ]" +echo + +echo "This is it... if you want to bail out, hit Control-C. Otherwise, press" +echo "ENTER to go ahead and make the account." +read junk + +echo +echo "Creating new account..." +echo +echo + +# Add the account to the system +CMD="$useradd "$HME" -m "$EXP" "$U_ID" "$GID" "$AGID" "$SHL" "$LOGIN"" +$CMD + +if [ $? -gt 0 ]; then + echo "- Error running useradd command -- account not created!" + echo "(cmd: $CMD)" + exit 1 +fi + +# chown the home dir ? We can only do this once the useradd has +# completed otherwise the user name doesn't exist. +if [ ! -z "${CHOWNHOMEDIR}" ]; then + chown "$LOGIN"."$( echo $GID | awk '{print $2}')" "${CHOWNHOMEDIR}" +fi + +# Set the finger information +$chfn "$LOGIN" +if [ $? -gt 0 ]; then + echo "- Warning: an error occurred while setting finger information" +fi + +# Set a password +$passwd "$LOGIN" +if [ $? -gt 0 ]; then + echo "* WARNING: An error occured while setting the password for" + echo " this account. Please manually investigate this *" + exit 1 +fi + +# If it was created (it should have been!), set the permissions for that user's dir +HME="$(echo "$HME" | awk '{print $2}')" # We have to remove the -g prefix +if [ -d "$HME" ]; then + $chmod $defchmod "$HME" +fi + +echo +echo +echo "Account setup complete." +exit 0 diff --git a/patches/source/shadow/doinst.sh b/patches/source/shadow/doinst.sh new file mode 100644 index 00000000..88fefb3a --- /dev/null +++ b/patches/source/shadow/doinst.sh @@ -0,0 +1,17 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/login.access.new +config etc/login.defs.new +config var/log/faillog.new +rm -f var/log/faillog.new + diff --git a/patches/source/shadow/login.defs b/patches/source/shadow/login.defs new file mode 100644 index 00000000..dde37c97 --- /dev/null +++ b/patches/source/shadow/login.defs @@ -0,0 +1,387 @@ +# +# /etc/login.defs - Configuration control definitions for the shadow package. +# +# $Id: login.defs 3038 2009-07-23 20:41:35Z nekral-guest $ +# + +# +# Delay in seconds before being allowed another attempt after a login failure +# +FAIL_DELAY 3 + +# +# Enable logging and display of /var/log/faillog login failure info. +# +FAILLOG_ENAB yes + +# +# Enable display of unknown usernames when login failures are recorded. +# +LOG_UNKFAIL_ENAB no + +# +# Enable logging of successful logins +# +LOG_OK_LOGINS no + +# +# Enable logging and display of /var/log/lastlog login time info. +# +LASTLOG_ENAB yes + +# +# Enable checking and display of mailbox status upon login. +# +# Disable if the shell startup files already check for mail +# ("mailx -e" or equivalent). +# +MAIL_CHECK_ENAB yes + +# +# Enable additional checks upon password changes. +# +OBSCURE_CHECKS_ENAB yes + +# +# Enable checking of time restrictions specified in /etc/porttime. +# +PORTTIME_CHECKS_ENAB yes + +# +# Enable setting of ulimit, umask, and niceness from passwd gecos field. +# +QUOTAS_ENAB yes + +# +# Enable "syslog" logging of su activity - in addition to sulog file logging. +# SYSLOG_SG_ENAB does the same for newgrp and sg. +# +SYSLOG_SU_ENAB yes +SYSLOG_SG_ENAB yes + +# +# If defined, either full pathname of a file containing device names or +# a ":" delimited list of device names. Root logins will be allowed only +# upon these devices. +# +CONSOLE /etc/securetty +#CONSOLE console:tty01:tty02:tty03:tty04 + +# +# If defined, all su activity is logged to this file. +# +#SULOG_FILE /var/log/sulog + +# +# If defined, ":" delimited list of "message of the day" files to +# be displayed upon login. +# +MOTD_FILE /etc/motd +#MOTD_FILE /etc/motd:/usr/lib/news/news-motd + +# +# If defined, this file will be output before each login prompt. +# +#ISSUE_FILE /etc/issue + +# +# If defined, file which maps tty line to TERM environment parameter. +# Each line of the file is in a format something like "vt100 tty01". +# +#TTYTYPE_FILE /etc/ttytype + +# +# If defined, login failures will be logged here in a utmp format. +# last, when invoked as lastb, will read /var/log/btmp, so... +# +FTMP_FILE /var/log/btmp + +# +# If defined, name of file whose presence which will inhibit non-root +# logins. The contents of this file should be a message indicating +# why logins are inhibited. +# +NOLOGINS_FILE /etc/nologin + +# +# If defined, the command name to display when running "su -". For +# example, if this is defined as "su" then a "ps" will display the +# command is "-su". If not defined, then "ps" would display the +# name of the shell actually being run, e.g. something like "-sh". +# +SU_NAME su + +# +# *REQUIRED* +# Directory where mailboxes reside, _or_ name of file, relative to the +# home directory. If you _do_ define both, MAIL_DIR takes precedence. +# +MAIL_DIR /var/spool/mail +#MAIL_FILE .mail + +# +# If defined, file which inhibits all the usual chatter during the login +# sequence. If a full pathname, then hushed mode will be enabled if the +# user's name or shell are found in the file. If not a full pathname, then +# hushed mode will be enabled if the file exists in the user's home directory. +# +HUSHLOGIN_FILE .hushlogin +#HUSHLOGIN_FILE /etc/hushlogins + +# +# If defined, either a TZ environment parameter spec or the +# fully-rooted pathname of a file containing such a spec. +# +#ENV_TZ TZ=CST6CDT +#ENV_TZ /etc/tzname + +# +# If defined, an HZ environment parameter spec. +# +# for Linux/x86 +ENV_HZ HZ=100 +# For Linux/Alpha... +#ENV_HZ HZ=1024 + +# +# *REQUIRED* The default PATH settings, for superuser and normal users. +# +# (they are minimal, add the rest in the shell startup files) +ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/sbin:/usr/sbin:/bin:/usr/bin +ENV_PATH PATH=/usr/local/bin:/bin:/usr/bin + +# +# Terminal permissions +# +# TTYGROUP Login tty will be assigned this group ownership. +# TTYPERM Login tty will be set to this permission. +# +# If you have a "write" program which is "setgid" to a special group +# which owns the terminals, define TTYGROUP to the group number and +# TTYPERM to 0620. Otherwise leave TTYGROUP commented out and assign +# TTYPERM to either 622 or 600. +# +TTYGROUP tty +TTYPERM 0620 + +# +# Login configuration initializations: +# +# ERASECHAR Terminal ERASE character ('\010' = backspace). +# KILLCHAR Terminal KILL character ('\025' = CTRL/U). +# ULIMIT Default "ulimit" value. +# +# The ERASECHAR and KILLCHAR are used only on System V machines. +# The ULIMIT is used only if the system supports it. +# (now it works with setrlimit too; ulimit is in 512-byte units) +# +# Prefix these values with "0" to get octal, "0x" to get hexadecimal. +# +ERASECHAR 0177 +KILLCHAR 025 +#ULIMIT 2097152 + +# Default initial "umask" value. +# UMASK is also used by useradd and newusers to set the mode of new home +# directories. +# 022 is the default value, but 027, or even 077, could be considered +# better for privacy. There is no One True Answer here: each sysadmin +# must make up her mind. +UMASK 022 + +# +# Password aging controls: +# +# PASS_MAX_DAYS Maximum number of days a password may be used. +# PASS_MIN_DAYS Minimum number of days allowed between password changes. +# PASS_MIN_LEN Minimum acceptable password length. +# PASS_WARN_AGE Number of days warning given before a password expires. +# +PASS_MAX_DAYS 99999 +PASS_MIN_DAYS 0 +PASS_MIN_LEN 5 +PASS_WARN_AGE 7 + +# +# If "yes", the user must be listed as a member of the first gid 0 group +# in /etc/group (called "root" on most Linux systems) to be able to "su" +# to uid 0 accounts. If the group doesn't exist or is empty, no one +# will be able to "su" to uid 0. +# +SU_WHEEL_ONLY no + +# +# If compiled with cracklib support, where are the dictionaries +# +#CRACKLIB_DICTPATH /var/cache/cracklib/cracklib_dict + +# +# Min/max values for automatic uid selection in useradd +# +UID_MIN 1000 +UID_MAX 60000 +# System accounts +SYS_UID_MIN 101 +SYS_UID_MAX 999 + +# +# Min/max values for automatic gid selection in groupadd +# +GID_MIN 1000 +GID_MAX 60000 +# System accounts +SYS_GID_MIN 101 +SYS_GID_MAX 999 + +# +# Max number of login retries if password is bad +# +LOGIN_RETRIES 5 + +# +# Max time in seconds for login +# +LOGIN_TIMEOUT 60 + +# +# Maximum number of attempts to change password if rejected (too easy) +# +PASS_CHANGE_TRIES 5 + +# +# Warn about weak passwords (but still allow them) if you are root. +# +PASS_ALWAYS_WARN yes + +# +# Number of significant characters in the password for crypt(). +# Default is 8, don't change unless your crypt() is better. +# Ignored if MD5_CRYPT_ENAB set to "yes". +# +#PASS_MAX_LEN 8 + +# +# Require password before chfn/chsh can make any changes. +# +CHFN_AUTH yes + +# +# Which fields may be changed by regular users using chfn - use +# any combination of letters "frwh" (full name, room number, work +# phone, home phone). If not defined, no changes are allowed. +# For backward compatibility, "yes" = "rwh" and "no" = "frwh". +# +CHFN_RESTRICT frwh + +# +# Password prompt (%s will be replaced by user name). +# +# XXX - it doesn't work correctly yet, for now leave it commented out +# to use the default which is just "Password: ". +#LOGIN_STRING "%s's Password: " + +# +# Only works if compiled with MD5_CRYPT defined: +# If set to "yes", new passwords will be encrypted using the MD5-based +# algorithm compatible with the one used by recent releases of FreeBSD. +# It supports passwords of unlimited length and longer salt strings. +# Set to "no" if you need to copy encrypted passwords to other systems +# which don't understand the new algorithm. Default is "no". +# +# This variable is deprecated. You should use ENCRYPT_METHOD. +# +#MD5_CRYPT_ENAB no + +# +# Only works if compiled with ENCRYPTMETHOD_SELECT defined: +# If set to MD5 , MD5-based algorithm will be used for encrypting password +# If set to SHA256, SHA256-based algorithm will be used for encrypting password +# If set to SHA512, SHA512-based algorithm will be used for encrypting password +# If set to DES, DES-based algorithm will be used for encrypting password (default) +# Overrides the MD5_CRYPT_ENAB option +# +ENCRYPT_METHOD MD5 + +# +# Only works if ENCRYPT_METHOD is set to SHA256 or SHA512. +# +# Define the number of SHA rounds. +# With a lot of rounds, it is more difficult to brute forcing the password. +# But note also that it more CPU resources will be needed to authenticate +# users. +# +# If not specified, the libc will choose the default number of rounds (5000). +# The values must be inside the 1000-999999999 range. +# If only one of the MIN or MAX values is set, then this value will be used. +# If MIN > MAX, the highest value will be used. +# +# SHA_CRYPT_MIN_ROUNDS 5000 +# SHA_CRYPT_MAX_ROUNDS 5000 + +# +# List of groups to add to the user's supplementary group set +# when logging in on the console (as determined by the CONSOLE +# setting). Default is none. +# +# Use with caution - it is possible for users to gain permanent +# access to these groups, even when not logged in on the console. +# How to do it is left as an exercise for the reader... +# +# Most of these groups are self-explanatory. +# +# Note that users are added to these default groups only when +# logging into a shell with /bin/login, not when using a login +# manager such as kdm. In that case, users who should have +# hardware access must be added to the appropriate groups +# when the user is added with adduser or useradd, or by editing +# /etc/group directly, preferably using "vigr" +# +CONSOLE_GROUPS floppy:audio:cdrom:video:scanner + +# +# Should login be allowed if we can't cd to the home directory? +# Default in no. +# +DEFAULT_HOME yes + +# +# If this file exists and is readable, login environment will be +# read from it. Every line should be in the form name=value. +# +ENVIRON_FILE /etc/environment + +# +# If defined, this command is run when removing a user. +# It should remove any at/cron/print jobs etc. owned by +# the user to be removed (passed as the first argument). +# +#USERDEL_CMD /usr/sbin/userdel_local + +# +# Enable setting of the umask group bits to be the same as owner bits +# (examples: 022 -> 002, 077 -> 007) for non-root users, if the uid is +# the same as gid, and username is the same as the primary group name. +# +# This also enables userdel to remove user groups if no members exist. +# +USERGROUPS_ENAB yes + +# +# If set to a non-nul number, the shadow utilities will make sure that +# groups never have more than this number of users on one line. +# This permit to support split groups (groups split into multiple lines, +# with the same group ID, to avoid limitation of the line length in the +# group file). +# +# 0 is the default value and disables this feature. +# +#MAX_MEMBERS_PER_GROUP 0 + +# +# If useradd should create home directories for users by default (non +# system users only) +# This option is overridden with the -M or -m flags on the useradd command +# line. +# +#CREATE_HOME yes + diff --git a/patches/source/shadow/patches/README_PATCHES b/patches/source/shadow/patches/README_PATCHES new file mode 100644 index 00000000..0c639d1a --- /dev/null +++ b/patches/source/shadow/patches/README_PATCHES @@ -0,0 +1,9 @@ + +r3054.diff: Fixed wrong format string +r3055.diff: Help output to stderr not stdout. +r3060.diff: Fix memory leaks +r3062.diff: Avoid memzero() on a possibly NULL pointer. +r3096.diff: Fix parsing of gshadow entries. +r3160.diff: Fixed limits support (non PAM enabled versions only) +r3194.diff: shell's name must be -su when a su fakes a login. +r3299.diff: man/ru/Makefile.am: Remove double inclusion of $(man_nopam) diff --git a/patches/source/shadow/patches/r3054.diff b/patches/source/shadow/patches/r3054.diff new file mode 100644 index 00000000..dc1eab13 --- /dev/null +++ b/patches/source/shadow/patches/r3054.diff @@ -0,0 +1,27 @@ +* src/useradd.c: Fixed wrong format string. +* lib/gshadow.c: Removed declaration of unused variable. + +=================================================================== +--- src/useradd.c (revision 3052) ++++ src/useradd.c (revision 3054) +@@ -684,7 +684,7 @@ + static void usage (void) + { + (void) fprintf (stderr, +- _("Usage: useradd [options] LOGIN\n" ++ _("Usage: %s [options] LOGIN\n" + "\n" + "Options:\n"), + Prog); + +=================================================================== +--- lib/gshadow.c (revision 3052) ++++ lib/gshadow.c (revision 3054) +@@ -216,7 +216,6 @@ + static char *buf = NULL; + + char *cp; +- struct sgrp *ret; + + if (0 == buflen) { + buf = (char *) malloc (BUFSIZ); diff --git a/patches/source/shadow/patches/r3055.diff b/patches/source/shadow/patches/r3055.diff new file mode 100644 index 00000000..a2af6f39 --- /dev/null +++ b/patches/source/shadow/patches/r3055.diff @@ -0,0 +1,1515 @@ +=================================================================== +--- src/userdel.c (revision 3054) ++++ src/userdel.c (revision 3055) +@@ -94,7 +94,7 @@ + static bool spw_locked = false; + + /* local function prototypes */ +-static void usage (void); ++static void usage (int status); + static void update_groups (void); + static void close_files (void); + static void fail_exit (int); +@@ -111,7 +111,7 @@ + /* + * usage - display usage message and exit + */ +-static void usage (void) ++static void usage (int status) + { + fputs (_("Usage: userdel [options] LOGIN\n" + "\n" +@@ -120,8 +120,8 @@ + " even if not owned by user\n" + " -h, --help display this help message and exit\n" + " -r, --remove remove home directory and mail spool\n" +- "\n"), stderr); +- exit (E_USAGE); ++ "\n"), status ? stderr : stdout); ++ exit (status); + } + + /* +@@ -774,17 +774,19 @@ + case 'f': /* force remove even if not owned by user */ + fflg = true; + break; ++ case 'h': ++ usage (E_SUCCESS); + case 'r': /* remove home dir and mailbox */ + rflg = true; + break; + default: +- usage (); ++ usage (E_USAGE); + } + } + } + + if ((optind + 1) != argc) { +- usage (); ++ usage (E_USAGE); + } + + OPENLOG ("userdel"); +Index: src/lastlog.c +=================================================================== +--- src/lastlog.c (revision 3054) ++++ src/lastlog.c (revision 3055) +@@ -71,7 +71,7 @@ + + #define NOW (time ((time_t *) 0)) + +-static void usage (void) ++static void usage (int status) + { + fputs (_("Usage: lastlog [options]\n" + "\n" +@@ -80,8 +80,8 @@ + " -h, --help display this help message and exit\n" + " -t, --time DAYS print only lastlog records more recent than DAYS\n" + " -u, --user LOGIN print lastlog record of the specified LOGIN\n" +- "\n"), stderr); +- exit (EXIT_FAILURE); ++ "\n"), status ? stderr : stdout); ++ exit (status); + } + + static void print_one (/*@null@*/const struct passwd *pw) +@@ -208,7 +208,7 @@ + NULL)) != -1) { + switch (c) { + case 'h': +- usage (); ++ usage (EXIT_SUCCESS); + break; + case 't': + { +@@ -267,7 +267,7 @@ + break; + } + default: +- usage (); ++ usage (EXIT_FAILURE); + break; + } + } +@@ -275,7 +275,7 @@ + fprintf (stderr, + _("lastlog: unexpected argument: %s\n"), + argv[optind]); +- usage(); ++ usage (EXIT_FAILURE); + } + } + +Index: src/gpasswd.c +=================================================================== +--- src/gpasswd.c (revision 3054) ++++ src/gpasswd.c (revision 3055) +@@ -94,7 +94,7 @@ + #endif + + /* local function prototypes */ +-static void usage (void); ++static void usage (int status); + static RETSIGTYPE catch_signals (int killed); + static bool is_valid_user_list (const char *users); + static void process_flags (int argc, char **argv); +@@ -128,14 +128,15 @@ + /* + * usage - display usage message + */ +-static void usage (void) ++static void usage (int status) + { +- fprintf (stderr, ++ fprintf (status ? stderr : stdout, + _("Usage: %s [option] GROUP\n" + "\n" + "Options:\n" + " -a, --add USER add USER to GROUP\n" + " -d, --delete USER remove USER from GROUP\n" ++ " -h, --help display this help message and exit\n" + " -r, --remove-password remove the GROUP's password\n" + " -R, --restrict restrict access to GROUP to its members\n" + " -M, --members USER,... set the list of members of GROUP\n" +@@ -150,7 +151,7 @@ + _("The options cannot be combined.\n") + #endif + ); +- exit (E_USAGE); ++ exit (status); + } + + /* +@@ -235,6 +236,7 @@ + static struct option long_options[] = { + {"add", required_argument, NULL, 'a'}, + {"delete", required_argument, NULL, 'd'}, ++ {"help", no_argument, NULL, 'h'}, + {"remove-password", no_argument, NULL, 'r'}, + {"restrict", no_argument, NULL, 'R'}, + {"administrators", required_argument, NULL, 'A'}, +@@ -242,7 +244,7 @@ + {NULL, 0, NULL, '\0'} + }; + +- while ((flag = getopt_long (argc, argv, "a:A:d:gM:rR", long_options, &option_index)) != -1) { ++ while ((flag = getopt_long (argc, argv, "a:A:d:ghM:rR", long_options, &option_index)) != -1) { + switch (flag) { + case 'a': /* add a user */ + aflg = true; +@@ -276,6 +278,8 @@ + break; + case 'g': /* no-op from normal password */ + break; ++ case 'h': ++ usage (E_SUCCESS); + case 'M': /* set the list of members */ + members = optarg; + if (!is_valid_user_list (members)) { +@@ -290,7 +294,7 @@ + Rflg = true; + break; + default: +- usage (); ++ usage (E_USAGE); + } + } + +@@ -325,14 +329,14 @@ + exclusive++; + } + if (exclusive > 1) { +- usage (); ++ usage (E_USAGE); + } + + /* + * Make sure one (and only one) group was provided + */ + if ((argc != (opt_index+1)) || (NULL == group)) { +- usage (); ++ usage (E_USAGE); + } + } + +Index: src/newusers.c +=================================================================== +--- src/newusers.c (revision 3054) ++++ src/newusers.c (revision 3055) +@@ -92,7 +92,7 @@ + static bool spw_locked = false; + + /* local function prototypes */ +-static void usage (void); ++static void usage (int status); + static void fail_exit (int); + static int add_group (const char *, const char *, gid_t *, gid_t); + static int get_user_id (const char *, uid_t *); +@@ -110,15 +110,16 @@ + /* + * usage - display usage message and exit + */ +-static void usage (void) ++static void usage (int status) + { +- (void) fprintf (stderr, ++ FILE *usageout = status ? stderr : stdout; ++ (void) fprintf (usageout, + _("Usage: %s [options]\n" + "\n" + "Options:\n"), + Prog); + #ifndef USE_PAM +- (void) fprintf (stderr, ++ (void) fprintf (usageout, + _(" -c, --crypt-method the crypt method (one of %s)\n"), + #ifndef USE_SHA_CRYPT + "NONE DES MD5" +@@ -127,18 +128,18 @@ + #endif /* USE_SHA_CRYPT */ + ); + #endif /* !USE_PAM */ +- (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); +- (void) fputs (_(" -r, --system create system accounts\n"), stderr); ++ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); ++ (void) fputs (_(" -r, --system create system accounts\n"), usageout); + #ifndef USE_PAM + #ifdef USE_SHA_CRYPT + (void) fputs (_(" -s, --sha-rounds number of SHA rounds for the SHA*\n" + " crypt algorithms\n"), +- stderr); ++ usageout); + #endif /* USE_SHA_CRYPT */ + #endif /* !USE_PAM */ +- (void) fputs ("\n", stderr); ++ (void) fputs ("\n", usageout); + +- exit (EXIT_FAILURE); ++ exit (status); + } + + /* +@@ -548,7 +549,7 @@ + long_options, &option_index)) != -1) { + switch (c) { + case 'h': +- usage (); ++ usage (EXIT_SUCCESS); + break; + case 'r': + rflg = true; +@@ -565,13 +566,13 @@ + fprintf (stderr, + _("%s: invalid numeric argument '%s'\n"), + Prog, optarg); +- usage (); ++ usage (EXIT_FAILURE); + } + break; + #endif /* USE_SHA_CRYPT */ + #endif /* !USE_PAM */ + default: +- usage (); ++ usage (EXIT_FAILURE); + break; + } + } +@@ -602,7 +603,7 @@ + fprintf (stderr, + _("%s: %s flag is only allowed with the %s flag\n"), + Prog, "-s", "-c"); +- usage (); ++ usage (EXIT_FAILURE); + } + #endif /* USE_SHA_CRYPT */ + +@@ -618,7 +619,7 @@ + fprintf (stderr, + _("%s: unsupported crypt method: %s\n"), + Prog, crypt_method); +- usage (); ++ usage (EXIT_FAILURE); + } + } + #endif /* !USE_PAM */ +Index: src/chpasswd.c +=================================================================== +--- src/chpasswd.c (revision 3054) ++++ src/chpasswd.c (revision 3055) +@@ -74,7 +74,7 @@ + + /* local function prototypes */ + static void fail_exit (int code); +-static void usage (void); ++static void usage (int status); + static void process_flags (int argc, char **argv); + static void check_flags (void); + static void check_perms (void); +@@ -112,15 +112,16 @@ + /* + * usage - display usage message and exit + */ +-static void usage (void) ++static void usage (int status) + { +- (void) fprintf (stderr, ++ FILE *usageout = status ? stderr : stdout; ++ (void) fprintf (usageout, + _("Usage: %s [options]\n" + "\n" + "Options:\n"), + Prog); + #ifndef USE_PAM +- (void) fprintf (stderr, ++ (void) fprintf (usageout, + _(" -c, --crypt-method the crypt method (one of %s)\n"), + #ifndef USE_SHA_CRYPT + "NONE DES MD5" +@@ -128,22 +129,22 @@ + "NONE DES MD5 SHA256 SHA512" + #endif /* USE_SHA_CRYPT */ + ); +- (void) fputs (_(" -e, --encrypted supplied passwords are encrypted\n"), stderr); ++ (void) fputs (_(" -e, --encrypted supplied passwords are encrypted\n"), usageout); + #endif /* !USE_PAM */ +- (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); ++ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); + #ifndef USE_PAM + (void) fputs (_(" -m, --md5 encrypt the clear text password using\n" + " the MD5 algorithm\n"), +- stderr); ++ usageout); + #ifdef USE_SHA_CRYPT + (void) fputs (_(" -s, --sha-rounds number of SHA rounds for the SHA*\n" + " crypt algorithms\n"), +- stderr); ++ usageout); + #endif /* USE_SHA_CRYPT */ + #endif /* !USE_PAM */ +- (void) fputs ("\n", stderr); ++ (void) fputs ("\n", usageout); + +- exit (E_USAGE); ++ exit (status); + } + + /* +@@ -181,7 +182,7 @@ + long_options, &option_index)) != -1) { + switch (c) { + case 'h': +- usage (); ++ usage (E_SUCCESS); + break; + #ifndef USE_PAM + case 'c': +@@ -201,13 +202,13 @@ + fprintf (stderr, + _("%s: invalid numeric argument '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + break; + #endif /* USE_SHA_CRYPT */ + #endif /* !USE_PAM */ + default: +- usage (); ++ usage (E_USAGE); + break; + } + } +@@ -229,7 +230,7 @@ + fprintf (stderr, + _("%s: %s flag is only allowed with the %s flag\n"), + Prog, "-s", "-c"); +- usage (); ++ usage (E_USAGE); + } + #endif + +@@ -238,7 +239,7 @@ + fprintf (stderr, + _("%s: the -c, -e, and -m flags are exclusive\n"), + Prog); +- usage (); ++ usage (E_USAGE); + } + + if (cflg) { +@@ -253,7 +254,7 @@ + fprintf (stderr, + _("%s: unsupported crypt method: %s\n"), + Prog, crypt_method); +- usage (); ++ usage (E_USAGE); + } + } + #endif /* USE_PAM */ +Index: src/groupmems.c +=================================================================== +--- src/groupmems.c (revision 3054) ++++ src/groupmems.c (revision 3055) +@@ -88,7 +88,7 @@ + const struct group *grp); + static void purge_members (const struct group *grp); + static void display_members (const char *const *members); +-static void usage (void); ++static void usage (int status); + static void process_flags (int argc, char **argv); + static void check_perms (void); + static void fail_exit (int code); +@@ -361,7 +361,7 @@ + } + } + +-static void usage (void) ++static void usage (int status) + { + (void) fputs (_("Usage: groupmems [options] [action]\n" + "\n" +@@ -372,10 +372,11 @@ + "Actions:\n" + " -a, --add username add username to the members of the group\n" + " -d, --delete username remove username from the members of the group\n" ++ " -h, --help display this help message and exit\n" + " -p, --purge purge all members from the group\n" + " -l, --list list the members of the group\n" +- "\n"), stderr); +- fail_exit (EXIT_USAGE); ++ "\n"), status ? stderr : stdout); ++ fail_exit (status); + } + + /* +@@ -389,12 +390,13 @@ + {"add", required_argument, NULL, 'a'}, + {"delete", required_argument, NULL, 'd'}, + {"group", required_argument, NULL, 'g'}, ++ {"help", no_argument, NULL, 'h'}, + {"list", no_argument, NULL, 'l'}, + {"purge", no_argument, NULL, 'p'}, + {NULL, 0, NULL, '\0'} + }; + +- while ((arg = getopt_long (argc, argv, "a:d:g:lp", long_options, ++ while ((arg = getopt_long (argc, argv, "a:d:g:hlp", long_options, + &option_index)) != EOF) { + switch (arg) { + case 'a': +@@ -408,6 +410,8 @@ + case 'g': + thisgroup = xstrdup (optarg); + break; ++ case 'h': ++ usage (EXIT_SUCCESS); + case 'l': + list = true; + ++exclusive; +@@ -417,12 +421,12 @@ + ++exclusive; + break; + default: +- usage (); ++ usage (EXIT_USAGE); + } + } + + if ((exclusive > 1) || (optind < argc)) { +- usage (); ++ usage (EXIT_USAGE); + } + + /* local, no need for xgetpwnam */ +Index: src/usermod.c +=================================================================== +--- src/usermod.c (revision 3054) ++++ src/usermod.c (revision 3055) +@@ -149,7 +149,7 @@ + static void date_to_str (char *buf, size_t maxsize, + long int date, const char *negativ); + static int get_groups (char *); +-static void usage (void); ++static void usage (int status); + static void new_pwent (struct passwd *); + #ifdef WITH_SELINUX + static void selinux_update_mapping (void); +@@ -300,9 +300,9 @@ + /* + * usage - display usage message and exit + */ +-static void usage (void) ++static void usage (int status) + { +- fprintf (stderr, ++ fprintf (status ? stderr : stdout, + _("Usage: usermod [options] LOGIN\n" + "\n" + "Options:\n" +@@ -334,7 +334,7 @@ + "" + #endif + ); +- exit (E_USAGE); ++ exit (status); + } + + /* +@@ -815,7 +815,7 @@ + bool anyflag = false; + + if ((1 == argc) || ('-' == argv[argc - 1][0])) { +- usage (); ++ usage (E_USAGE); + } + + { +@@ -955,7 +955,7 @@ + fprintf (stderr, + _("%s: invalid numeric argument '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + fflg = true; + break; +@@ -976,6 +976,8 @@ + } + Gflg = true; + break; ++ case 'h': ++ usage (E_SUCCESS); + case 'l': + if (!is_valid_user_name (optarg)) { + fprintf (stderr, +@@ -1036,7 +1038,7 @@ + break; + #endif + default: +- usage (); ++ usage (E_USAGE); + } + anyflag = true; + } +@@ -1092,14 +1094,14 @@ + } + + if (optind != argc - 1) { +- usage (); ++ usage (E_USAGE); + } + + if (aflg && (!Gflg)) { + fprintf (stderr, + _("%s: %s flag is only allowed with the %s flag\n"), + Prog, "-a", "-G"); +- usage (); ++ usage (E_USAGE); + exit (E_USAGE); + } + +@@ -1107,7 +1109,7 @@ + fprintf (stderr, + _("%s: the -L, -p, and -U flags are exclusive\n"), + Prog); +- usage (); ++ usage (E_USAGE); + exit (E_USAGE); + } + +@@ -1115,7 +1117,7 @@ + fprintf (stderr, + _("%s: %s flag is only allowed with the %s flag\n"), + Prog, "-o", "-u"); +- usage (); ++ usage (E_USAGE); + exit (E_USAGE); + } + +@@ -1123,7 +1125,7 @@ + fprintf (stderr, + _("%s: %s flag is only allowed with the %s flag\n"), + Prog, "-m", "-d"); +- usage (); ++ usage (E_USAGE); + exit (E_USAGE); + } + +Index: src/chgpasswd.c +=================================================================== +--- src/chgpasswd.c (revision 3054) ++++ src/chgpasswd.c (revision 3055) +@@ -78,7 +78,7 @@ + + /* local function prototypes */ + static void fail_exit (int code); +-static void usage (void); ++static void usage (int status); + static void process_flags (int argc, char **argv); + static void check_flags (void); + static void check_perms (void); +@@ -114,9 +114,10 @@ + /* + * usage - display usage message and exit + */ +-static void usage (void) ++static void usage (int status) + { +- fprintf (stderr, _("Usage: %s [options]\n" ++ fprintf (status ? stderr : stdout, ++ _("Usage: %s [options]\n" + "\n" + "Options:\n" + " -c, --crypt-method the crypt method (one of %s)\n" +@@ -135,7 +136,7 @@ + " crypt algorithms\n") + #endif + ); +- exit (E_USAGE); ++ exit (status); + } + + /* +@@ -174,7 +175,7 @@ + eflg = true; + break; + case 'h': +- usage (); ++ usage (E_SUCCESS); + break; + case 'm': + md5flg = true; +@@ -186,12 +187,12 @@ + fprintf (stderr, + _("%s: invalid numeric argument '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + break; + #endif + default: +- usage (); ++ usage (E_USAGE); + break; + } + } +@@ -212,7 +213,7 @@ + fprintf (stderr, + _("%s: %s flag is only allowed with the %s flag\n"), + Prog, "-s", "-c"); +- usage (); ++ usage (E_USAGE); + } + #endif + +@@ -221,7 +222,7 @@ + fprintf (stderr, + _("%s: the -c, -e, and -m flags are exclusive\n"), + Prog); +- usage (); ++ usage (E_USAGE); + } + + if (cflg) { +@@ -236,7 +237,7 @@ + fprintf (stderr, + _("%s: unsupported crypt method: %s\n"), + Prog, crypt_method); +- usage (); ++ usage (E_USAGE); + } + } + } +Index: src/vipw.c +=================================================================== +--- src/vipw.c (revision 3054) ++++ src/vipw.c (revision 3055) +@@ -1,7 +1,7 @@ + /* + vipw, vigr edit the password or group file + with -s will edit shadow or gshadow file +- ++ + Copyright (c) 1997 , Guy Maor <maor@ece.utexas.edu> + Copyright (c) 1999 - 2000, Marek MichaÅ‚kiewicz + Copyright (c) 2002 - 2006, Tomasz KÅ‚oczko +@@ -29,8 +29,8 @@ + + #include <errno.h> + #include <getopt.h> +-#ifdef WITH_SELINUX +-#include <selinux/selinux.h> ++#ifdef WITH_SELINUX ++#include <selinux/selinux.h> + #endif + #include <signal.h> + #include <stdio.h> +@@ -64,7 +64,7 @@ + static bool quiet = false; + + /* local function prototypes */ +-static void usage (void); ++static void usage (int status); + static int create_backup_file (FILE *, const char *, struct stat *); + static void vipwexit (const char *msg, int syserr, int ret); + static void vipwedit (const char *, int (*)(void), int (*)(void)); +@@ -72,9 +72,9 @@ + /* + * usage - display usage message and exit + */ +-static void usage (void) ++static void usage (int status) + { +- (void) ++ (void) + fputs (_("Usage: vipw [options]\n" + "\n" + "Options:\n" +@@ -83,8 +83,8 @@ + " -p, --passwd edit passwd database\n" + " -q, --quiet quiet mode\n" + " -s, --shadow edit shadow or gshadow database\n" +- "\n"), stderr); +- exit (E_USAGE); ++ "\n"), status ? stderr : stdout); ++ exit (status); + } + + /* +@@ -285,8 +285,8 @@ + if (st1.st_mtime == st2.st_mtime) { + vipwexit (0, 0, 0); + } +-#ifdef WITH_SELINUX +- /* unset the fscreatecon */ ++#ifdef WITH_SELINUX ++ /* unset the fscreatecon */ + if (is_selinux_enabled ()) { + if (setfscreatecon (NULL)) { + vipwexit (_("setfscreatecon () failed"), errno, 1); +@@ -353,7 +353,7 @@ + do_vipw = false; + break; + case 'h': +- usage (); ++ usage (E_SUCCESS); + break; + case 'p': + do_vipw = true; +@@ -365,7 +365,7 @@ + editshadow = true; + break; + default: +- usage (); ++ usage (E_USAGE); + } + } + } +Index: src/useradd.c +=================================================================== +--- src/useradd.c (revision 3054) ++++ src/useradd.c (revision 3055) +@@ -179,7 +179,7 @@ + static void show_defaults (void); + static int set_defaults (void); + static int get_groups (char *); +-static void usage (void); ++static void usage (int status); + static void new_pwent (struct passwd *); + #ifdef WITH_SELINUX + static void selinux_update_mapping (void); +@@ -681,45 +681,46 @@ + /* + * usage - display usage message and exit + */ +-static void usage (void) ++static void usage (int status) + { +- (void) fprintf (stderr, ++ FILE *usageout = status ? stderr : stdout; ++ (void) fprintf (usageout, + _("Usage: %s [options] LOGIN\n" + "\n" + "Options:\n"), + Prog); + (void) fputs (_(" -b, --base-dir BASE_DIR base directory for the home directory of the\n" +- " new account\n"), stderr); +- (void) fputs (_(" -c, --comment COMMENT GECOS field of the new account\n"), stderr); +- (void) fputs (_(" -d, --home-dir HOME_DIR home directory of the new account\n"), stderr); +- (void) fputs (_(" -D, --defaults print or change default useradd configuration\n"), stderr); +- (void) fputs (_(" -e, --expiredate EXPIRE_DATE expiration date of the new account\n"), stderr); +- (void) fputs (_(" -f, --inactive INACTIVE password inactivity period of the new account\n"), stderr); ++ " new account\n"), usageout); ++ (void) fputs (_(" -c, --comment COMMENT GECOS field of the new account\n"), usageout); ++ (void) fputs (_(" -d, --home-dir HOME_DIR home directory of the new account\n"), usageout); ++ (void) fputs (_(" -D, --defaults print or change default useradd configuration\n"), usageout); ++ (void) fputs (_(" -e, --expiredate EXPIRE_DATE expiration date of the new account\n"), usageout); ++ (void) fputs (_(" -f, --inactive INACTIVE password inactivity period of the new account\n"), usageout); + (void) fputs (_(" -g, --gid GROUP name or ID of the primary group of the new\n" +- " account\n"), stderr); ++ " account\n"), usageout); + (void) fputs (_(" -G, --groups GROUPS list of supplementary groups of the new\n" +- " account\n"), stderr); +- (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); +- (void) fputs (_(" -k, --skel SKEL_DIR use this alternative skeleton directory\n"), stderr); +- (void) fputs (_(" -K, --key KEY=VALUE override /etc/login.defs defaults\n"), stderr); ++ " account\n"), usageout); ++ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); ++ (void) fputs (_(" -k, --skel SKEL_DIR use this alternative skeleton directory\n"), usageout); ++ (void) fputs (_(" -K, --key KEY=VALUE override /etc/login.defs defaults\n"), usageout); + (void) fputs (_(" -l, --no-log-init do not add the user to the lastlog and\n" +- " faillog databases\n"), stderr); +- (void) fputs (_(" -m, --create-home create the user's home directory\n"), stderr); +- (void) fputs (_(" -M, --no-create-home do not create the user's home directory\n"), stderr); ++ " faillog databases\n"), usageout); ++ (void) fputs (_(" -m, --create-home create the user's home directory\n"), usageout); ++ (void) fputs (_(" -M, --no-create-home do not create the user's home directory\n"), usageout); + (void) fputs (_(" -N, --no-user-group do not create a group with the same name as\n" +- " the user\n"), stderr); ++ " the user\n"), usageout); + (void) fputs (_(" -o, --non-unique allow to create users with duplicate\n" +- " (non-unique) UID\n"), stderr); +- (void) fputs (_(" -p, --password PASSWORD encrypted password of the new account\n"), stderr); +- (void) fputs (_(" -r, --system create a system account\n"), stderr); +- (void) fputs (_(" -s, --shell SHELL login shell of the new account\n"), stderr); +- (void) fputs (_(" -u, --uid UID user ID of the new account\n"), stderr); +- (void) fputs (_(" -U, --user-group create a group with the same name as the user\n"), stderr); ++ " (non-unique) UID\n"), usageout); ++ (void) fputs (_(" -p, --password PASSWORD encrypted password of the new account\n"), usageout); ++ (void) fputs (_(" -r, --system create a system account\n"), usageout); ++ (void) fputs (_(" -s, --shell SHELL login shell of the new account\n"), usageout); ++ (void) fputs (_(" -u, --uid UID user ID of the new account\n"), usageout); ++ (void) fputs (_(" -U, --user-group create a group with the same name as the user\n"), usageout); + #ifdef WITH_SELINUX +- (void) fputs (_(" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping\n"), stderr); ++ (void) fputs (_(" -Z, --selinux-user SEUSER use a specific SEUSER for the SELinux user mapping\n"), usageout); + #endif +- (void) fputs ("\n", stderr); +- exit (E_USAGE); ++ (void) fputs ("\n", usageout); ++ exit (status); + } + + /* +@@ -989,9 +990,9 @@ + }; + while ((c = getopt_long (argc, argv, + #ifdef WITH_SELINUX +- "b:c:d:De:f:g:G:k:K:lmMNop:rs:u:UZ:", ++ "b:c:d:De:f:g:G:hk:K:lmMNop:rs:u:UZ:", + #else +- "b:c:d:De:f:g:G:k:K:lmMNop:rs:u:U", ++ "b:c:d:De:f:g:G:hk:K:lmMNop:rs:u:U", + #endif + long_options, NULL)) != -1) { + switch (c) { +@@ -1029,7 +1030,7 @@ + break; + case 'D': + if (anyflag) { +- usage (); ++ usage (E_USAGE); + } + Dflg = true; + break; +@@ -1066,7 +1067,7 @@ + fprintf (stderr, + _("%s: invalid numeric argument '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + /* + * -f -1 is allowed +@@ -1106,7 +1107,7 @@ + Gflg = true; + break; + case 'h': +- usage (); ++ usage (E_SUCCESS); + break; + case 'k': + def_template = optarg; +@@ -1201,7 +1202,7 @@ + break; + #endif + default: +- usage (); ++ usage (E_USAGE); + } + anyflag = true; + } +@@ -1220,31 +1221,31 @@ + fprintf (stderr, + _("%s: %s flag is only allowed with the %s flag\n"), + Prog, "-o", "-u"); +- usage (); ++ usage (E_USAGE); + } + if (kflg && !mflg) { + fprintf (stderr, + _("%s: %s flag is only allowed with the %s flag\n"), + Prog, "-k", "-m"); +- usage (); ++ usage (E_USAGE); + } + if (Uflg && gflg) { + fprintf (stderr, + _("%s: options %s and %s conflict\n"), + Prog, "-U", "-g"); +- usage (); ++ usage (E_USAGE); + } + if (Uflg && Nflg) { + fprintf (stderr, + _("%s: options %s and %s conflict\n"), + Prog, "-U", "-N"); +- usage (); ++ usage (E_USAGE); + } + if (mflg && Mflg) { + fprintf (stderr, + _("%s: options %s and %s conflict\n"), + Prog, "-m", "-M"); +- usage (); ++ usage (E_USAGE); + } + + /* +@@ -1253,15 +1254,15 @@ + */ + if (Dflg) { + if (optind != argc) { +- usage (); ++ usage (E_USAGE); + } + + if (uflg || oflg || Gflg || dflg || cflg || mflg) { +- usage (); ++ usage (E_USAGE); + } + } else { + if (optind != argc - 1) { +- usage (); ++ usage (E_USAGE); + } + + user_name = argv[optind]; +Index: src/su.c +=================================================================== +--- src/su.c (revision 3054) ++++ src/su.c (revision 3055) +@@ -323,7 +323,7 @@ + /* + * usage - print command line syntax and exit + */ +-static void usage (void) ++static void usage (int status) + { + fputs (_("Usage: su [options] [LOGIN]\n" + "\n" +@@ -335,8 +335,8 @@ + " --preserve-environment do not reset environment variables, and\n" + " keep the same shell\n" + " -s, --shell SHELL use SHELL instead of the default in passwd\n" +- "\n"), stderr); +- exit (E_USAGE); ++ "\n"), status ? stderr : stdout); ++ exit (status); + } + + /* +@@ -421,7 +421,7 @@ + command = optarg; + break; + case 'h': +- usage (); ++ usage (E_SUCCESS); + break; + case 'l': + fakelogin = true; +@@ -438,7 +438,7 @@ + shellstr = optarg; + break; + default: +- usage (); /* NOT REACHED */ ++ usage (E_USAGE); /* NOT REACHED */ + } + } + +Index: src/groupmod.c +=================================================================== +--- src/groupmod.c (revision 3054) ++++ src/groupmod.c (revision 3055) +@@ -93,7 +93,7 @@ + pflg = false; /* new encrypted password */ + + /* local function prototypes */ +-static void usage (void); ++static void usage (int status); + static void new_grent (struct group *); + + #ifdef SHADOWGRP +@@ -113,21 +113,22 @@ + * usage - display usage message and exit + */ + +-static void usage (void) ++static void usage (int status) + { +- (void) fprintf (stderr, ++ FILE *usageout = status ? stderr : stdout; ++ (void) fprintf (usageout, + _("Usage: %s [options] GROUP\n" + "\n" + "Options:\n"), + Prog); +- (void) fputs (_(" -g, --gid GID change the group ID to GID\n"), stderr); +- (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); +- (void) fputs (_(" -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"), stderr); +- (void) fputs (_(" -o, --non-unique allow to use a duplicate (non-unique) GID\n"), stderr); ++ (void) fputs (_(" -g, --gid GID change the group ID to GID\n"), usageout); ++ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); ++ (void) fputs (_(" -n, --new-name NEW_GROUP change the name to NEW_GROUP\n"), usageout); ++ (void) fputs (_(" -o, --non-unique allow to use a duplicate (non-unique) GID\n"), usageout); + (void) fputs (_(" -p, --password PASSWORD change the password to this (encrypted)\n" +- " PASSWORD\n"), stderr); +- (void) fputs ("\n", stderr); +- exit (E_USAGE); ++ " PASSWORD\n"), usageout); ++ (void) fputs ("\n", usageout); ++ exit (status); + } + + /* +@@ -362,6 +363,8 @@ + exit (E_BAD_ARG); + } + break; ++ case 'h': ++ usage (E_SUCCESS); + case 'n': + nflg = true; + group_newname = optarg; +@@ -374,16 +377,16 @@ + pflg = true; + break; + default: +- usage (); ++ usage (E_USAGE); + } + } + + if (oflg && !gflg) { +- usage (); ++ usage (E_USAGE); + } + + if (optind != (argc - 1)) { +- usage (); ++ usage (E_USAGE); + } + + group_name = argv[argc - 1]; +Index: src/passwd.c +=================================================================== +--- src/passwd.c (revision 3054) ++++ src/passwd.c (revision 3055) +@@ -180,7 +180,7 @@ + " -w, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n" + " -x, --maxdays MAX_DAYS set maximum number of days before password\n" + " change to MAX_DAYS\n" +- "\n"), stderr); ++ "\n"), status ? stderr : stdout); + exit (status); + } + +@@ -811,7 +811,7 @@ + {NULL, 0, NULL, '\0'} + }; + +- while ((c = getopt_long (argc, argv, "adei:kln:qr:Suw:x:", ++ while ((c = getopt_long (argc, argv, "adehi:kln:qr:Suw:x:", + long_options, &option_index)) != -1) { + switch (c) { + case 'a': +@@ -897,6 +897,8 @@ + xflg = true; + anyflag = true; + break; ++ case 'h': ++ usage (E_SUCCESS); + default: + usage (E_BAD_ARG); + } +Index: src/groupadd.c +=================================================================== +--- src/groupadd.c (revision 3054) ++++ src/groupadd.c (revision 3055) +@@ -88,7 +88,7 @@ + #endif + + /* local function prototypes */ +-static void usage (void); ++static void usage (int status); + static void new_grent (struct group *grent); + + #ifdef SHADOWGRP +@@ -105,24 +105,25 @@ + /* + * usage - display usage message and exit + */ +-static void usage (void) ++static void usage (int status) + { +- (void) fprintf (stderr, ++ FILE *usageout = status ? stderr : stdout; ++ (void) fprintf (usageout, + _("Usage: %s [options] GROUP\n" + "\n" + "Options:\n"), + Prog); + (void) fputs (_(" -f, --force exit successfully if the group already exists,\n" +- " and cancel -g if the GID is already used\n"), stderr); +- (void) fputs (_(" -g, --gid GID use GID for the new group\n"), stderr); +- (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); +- (void) fputs (_(" -K, --key KEY=VALUE override /etc/login.defs defaults\n"), stderr); ++ " and cancel -g if the GID is already used\n"), usageout); ++ (void) fputs (_(" -g, --gid GID use GID for the new group\n"), usageout); ++ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); ++ (void) fputs (_(" -K, --key KEY=VALUE override /etc/login.defs defaults\n"), usageout); + (void) fputs (_(" -o, --non-unique allow to create groups with duplicate\n" +- " (non-unique) GID\n"), stderr); +- (void) fputs (_(" -p, --password PASSWORD use this encrypted password for the new group\n"), stderr); +- (void) fputs (_(" -r, --system create a system account\n"), stderr); +- (void) fputs ("\n", stderr); +- exit (E_USAGE); ++ " (non-unique) GID\n"), usageout); ++ (void) fputs (_(" -p, --password PASSWORD use this encrypted password for the new group\n"), usageout); ++ (void) fputs (_(" -r, --system create a system account\n"), usageout); ++ (void) fputs ("\n", usageout); ++ exit (status); + } + + /* +@@ -412,7 +413,7 @@ + } + break; + case 'h': +- usage (); ++ usage (E_SUCCESS); + break; + case 'K': + /* +@@ -444,7 +445,7 @@ + rflg = true; + break; + default: +- usage (); ++ usage (E_USAGE); + } + } + +@@ -452,7 +453,7 @@ + * Check the flags consistency + */ + if (optind != argc - 1) { +- usage (); ++ usage (E_USAGE); + } + group_name = argv[optind]; + +@@ -468,7 +469,7 @@ + { + /* -o does not make sense without -g */ + if (oflg && !gflg) { +- usage (); ++ usage (E_USAGE); + } + + check_new_name (); +Index: src/chage.c +=================================================================== +--- src/chage.c (revision 3054) ++++ src/chage.c (revision 3055) +@@ -91,7 +91,7 @@ + + /* local function prototypes */ + static bool isnum (const char *s); +-static void usage (void); ++static void usage (int status); + static void date_to_str (char *buf, size_t maxsize, time_t date); + static int new_fields (void); + static void print_date (time_t date); +@@ -152,7 +152,7 @@ + /* + * usage - print command line syntax and exit + */ +-static void usage (void) ++static void usage (int status) + { + fputs (_("Usage: chage [options] [LOGIN]\n" + "\n" +@@ -168,8 +168,8 @@ + " -M, --maxdays MAX_DAYS set maximim number of days before password\n" + " change to MAX_DAYS\n" + " -W, --warndays WARN_DAYS set expiration warning days to WARN_DAYS\n" +- "\n"), stderr); +- exit (E_USAGE); ++ "\n"), status ? stderr : stdout); ++ exit (status); + } + + static void date_to_str (char *buf, size_t maxsize, time_t date) +@@ -413,7 +413,7 @@ + fprintf (stderr, + _("%s: invalid date '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + break; + case 'E': +@@ -425,11 +425,11 @@ + fprintf (stderr, + _("%s: invalid date '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + break; + case 'h': +- usage (); ++ usage (E_SUCCESS); + break; + case 'I': + Iflg = true; +@@ -438,7 +438,7 @@ + fprintf (stderr, + _("%s: invalid numeric argument '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + break; + case 'l': +@@ -451,7 +451,7 @@ + fprintf (stderr, + _("%s: invalid numeric argument '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + break; + case 'M': +@@ -461,7 +461,7 @@ + fprintf (stderr, + _("%s: invalid numeric argument '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + break; + case 'W': +@@ -471,11 +471,11 @@ + fprintf (stderr, + _("%s: invalid numeric argument '%s'\n"), + Prog, optarg); +- usage (); ++ usage (E_USAGE); + } + break; + default: +- usage (); ++ usage (E_USAGE); + } + } + +@@ -495,14 +495,14 @@ + */ + + if (argc != opt_index + 1) { +- usage (); ++ usage (E_USAGE); + } + + if (lflg && (mflg || Mflg || dflg || Wflg || Iflg || Eflg)) { + fprintf (stderr, + _("%s: do not include \"l\" with other flags\n"), + Prog); +- usage (); ++ usage (E_USAGE); + } + } + +Index: src/faillog.c +=================================================================== +--- src/faillog.c (revision 3054) ++++ src/faillog.c (revision 3055) +@@ -47,6 +47,17 @@ + /*@-exitarg@*/ + #include "exitcodes.h" + ++/* local function prototypes */ ++static void usage (int status); ++static void print_one (/*@null@*/const struct passwd *pw, bool force); ++static void set_locktime (long locktime); ++static bool set_locktime_one (uid_t uid, long locktime); ++static void setmax (int max); ++static bool setmax_one (uid_t uid, int max); ++static void print (void); ++static bool reset_one (uid_t uid); ++static void reset (void); ++ + /* + * Global variables + */ +@@ -69,24 +80,25 @@ + + #define NOW (time((time_t *) 0)) + +-static void usage (void) ++static void usage (int status) + { +- (void) fprintf (stderr, ++ FILE *usageout = status ? stderr : stdout; ++ (void) fprintf (usageout, + _("Usage: %s [options]\n" + "\n" + "Options:\n"), + "faillog"); +- (void) fputs (_(" -a, --all display faillog records for all users\n"), stderr); +- (void) fputs (_(" -h, --help display this help message and exit\n"), stderr); +- (void) fputs (_(" -l, --lock-time SEC after failed login lock account for SEC seconds\n"), stderr); +- (void) fputs (_(" -m, --maximum MAX set maximum failed login counters to MAX\n"), stderr); +- (void) fputs (_(" -r, --reset reset the counters of login failures\n"), stderr); +- (void) fputs (_(" -t, --time DAYS display faillog records more recent than DAYS\n"), stderr); ++ (void) fputs (_(" -a, --all display faillog records for all users\n"), usageout); ++ (void) fputs (_(" -h, --help display this help message and exit\n"), usageout); ++ (void) fputs (_(" -l, --lock-time SEC after failed login lock account for SEC seconds\n"), usageout); ++ (void) fputs (_(" -m, --maximum MAX set maximum failed login counters to MAX\n"), usageout); ++ (void) fputs (_(" -r, --reset reset the counters of login failures\n"), usageout); ++ (void) fputs (_(" -t, --time DAYS display faillog records more recent than DAYS\n"), usageout); + (void) fputs (_(" -u, --user LOGIN/RANGE display faillog record or maintains failure\n" + " counters and limits (if used with -r, -m,\n" +- " or -l) only for the specified LOGIN(s)\n"), stderr); +- (void) fputs ("\n", stderr); +- exit (E_USAGE); ++ " or -l) only for the specified LOGIN(s)\n"), usageout); ++ (void) fputs ("\n", usageout); ++ exit (status); + } + + static void print_one (/*@null@*/const struct passwd *pw, bool force) +@@ -495,7 +507,7 @@ + aflg = true; + break; + case 'h': +- usage (); ++ usage (E_SUCCESS); + break; + case 'l': + if (getlong (optarg, &fail_locktime) == 0) { +@@ -561,16 +573,16 @@ + break; + } + default: +- usage (); ++ usage (E_USAGE); + } + } + } + + if (aflg && uflg) { +- usage (); ++ usage (E_USAGE); + } + if (tflg && (lflg || mflg || rflg)) { +- usage (); ++ usage (E_USAGE); + } + + /* Open the faillog database */ +Index: src/chsh.c +=================================================================== +--- src/chsh.c (revision 3054) ++++ src/chsh.c (revision 3055) +@@ -72,7 +72,7 @@ + + /* local function prototypes */ + static void fail_exit (int code); +-static void usage (void); ++static void usage (int status); + static void new_fields (void); + static bool shell_is_listed (const char *); + static bool is_restricted_shell (const char *); +@@ -101,15 +101,15 @@ + /* + * usage - print command line syntax and exit + */ +-static void usage (void) ++static void usage (int status) + { + fputs (_("Usage: chsh [options] [LOGIN]\n" + "\n" + "Options:\n" + " -h, --help display this help message and exit\n" + " -s, --shell SHELL new login shell for the user account\n" +- "\n"), stderr); +- exit (E_USAGE); ++ "\n"), status ? stderr : stdout); ++ exit (status); + } + + /* +@@ -217,14 +217,14 @@ + &option_index)) != -1) { + switch (c) { + case 'h': +- usage (); ++ usage (E_SUCCESS); + break; + case 's': + sflg = true; + STRFCPY (loginsh, optarg); + break; + default: +- usage (); ++ usage (E_USAGE); + } + } + +@@ -233,7 +233,7 @@ + * be the user's name. + */ + if (argc > (optind + 1)) { +- usage (); ++ usage (E_USAGE); + } + } + +Index: man/groupmems.8.xml +=================================================================== +--- man/groupmems.8.xml (revision 3054) ++++ man/groupmems.8.xml (revision 3055) +@@ -114,6 +114,12 @@ + </listitem> + </varlistentry> + <varlistentry> ++ <term><option>-h</option>, <option>--help</option></term> ++ <listitem> ++ <para>Display help message and exit.</para> ++ </listitem> ++ </varlistentry> ++ <varlistentry> + <term><option>-l</option>, <option>--list</option></term> + <listitem> + <para>List the group membership list.</para> +Index: man/gpasswd.1.xml +=================================================================== +--- man/gpasswd.1.xml (revision 3054) ++++ man/gpasswd.1.xml (revision 3055) +@@ -1,7 +1,7 @@ + <?xml version="1.0" encoding="UTF-8"?> + <!-- + Copyright (c) 1996 , Rafal Maszkowski +- Copyright (c) 2007 - 2008, Nicolas François ++ Copyright (c) 2007 - 2009, Nicolas François + All rights reserved. + + Redistribution and use in source and binary forms, with or without +@@ -148,6 +148,14 @@ + </variablelist> + <variablelist remap='IP'> + <varlistentry> ++ <term><option>-h</option>, <option>--help</option></term> ++ <listitem> ++ <para>Display help message and exit.</para> ++ </listitem> ++ </varlistentry> ++ </variablelist> ++ <variablelist remap='IP'> ++ <varlistentry> + <term> + <option>-r</option>, <option>--remove-password</option> + </term> +Index: NEWS +=================================================================== +--- NEWS (revision 3054) ++++ NEWS (revision 3055) +@@ -1,5 +1,11 @@ + $Id$ + ++shadow-4.1.4.1 -> shadow-4.1.4.2 UNRELEASED ++ ++- general ++ * report usage error to stderr, but report usage help to stdout (and return ++ zero) when explicitly requested (e.g. with --help). ++ + shadow-4.1.4.1 -> shadow-4.1.4.2 2009-07-24 + + - general diff --git a/patches/source/shadow/patches/r3060.diff b/patches/source/shadow/patches/r3060.diff new file mode 100644 index 00000000..8ece6430 --- /dev/null +++ b/patches/source/shadow/patches/r3060.diff @@ -0,0 +1,116 @@ +* libmisc/copydir.c, lib/shadowmem.c, lib/groupmem.c, lib/pwmem.c: +Fix some memory leaks. + +Index: libmisc/copydir.c +=================================================================== +--- libmisc/copydir.c (revision 3059) ++++ libmisc/copydir.c (revision 3060) +@@ -443,6 +443,7 @@ + nchars = readlink (filename, buffer, size); + + if (nchars < 0) { ++ free(buffer); + return NULL; + } + + +Index: lib/shadowmem.c +=================================================================== +--- lib/shadowmem.c (revision 3059) ++++ lib/shadowmem.c (revision 3060) +@@ -52,10 +52,13 @@ + *sp = *spent; + sp->sp_namp = strdup (spent->sp_namp); + if (NULL == sp->sp_namp) { ++ free(sp); + return NULL; + } + sp->sp_pwdp = strdup (spent->sp_pwdp); + if (NULL == sp->sp_pwdp) { ++ free(sp->sp_namp); ++ free(sp); + return NULL; + } + +Index: lib/groupmem.c +=================================================================== +--- lib/groupmem.c (revision 3059) ++++ lib/groupmem.c (revision 3060) +@@ -51,10 +51,13 @@ + *gr = *grent; + gr->gr_name = strdup (grent->gr_name); + if (NULL == gr->gr_name) { ++ free(gr); + return NULL; + } + gr->gr_passwd = strdup (grent->gr_passwd); + if (NULL == gr->gr_passwd) { ++ free(gr->gr_name); ++ free(gr); + return NULL; + } + +@@ -62,11 +65,21 @@ + + gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *)); + if (NULL == gr->gr_mem) { ++ free(gr->gr_passwd); ++ free(gr->gr_name); ++ free(gr); + return NULL; + } + for (i = 0; grent->gr_mem[i]; i++) { + gr->gr_mem[i] = strdup (grent->gr_mem[i]); + if (NULL == gr->gr_mem[i]) { ++ int j; ++ for (j=0; j<i; j++) ++ free(gr->gr_mem[j]); ++ free(gr->gr_mem); ++ free(gr->gr_passwd); ++ free(gr->gr_name); ++ free(gr); + return NULL; + } + } +Index: lib/pwmem.c +=================================================================== +--- lib/pwmem.c (revision 3059) ++++ lib/pwmem.c (revision 3060) +@@ -51,22 +51,37 @@ + *pw = *pwent; + pw->pw_name = strdup (pwent->pw_name); + if (NULL == pw->pw_name) { ++ free(pw); + return NULL; + } + pw->pw_passwd = strdup (pwent->pw_passwd); + if (NULL == pw->pw_passwd) { ++ free(pw->pw_name); ++ free(pw); + return NULL; + } + pw->pw_gecos = strdup (pwent->pw_gecos); + if (NULL == pw->pw_gecos) { ++ free(pw->pw_passwd); ++ free(pw->pw_name); ++ free(pw); + return NULL; + } + pw->pw_dir = strdup (pwent->pw_dir); + if (NULL == pw->pw_dir) { ++ free(pw->pw_gecos); ++ free(pw->pw_passwd); ++ free(pw->pw_name); ++ free(pw); + return NULL; + } + pw->pw_shell = strdup (pwent->pw_shell); + if (NULL == pw->pw_shell) { ++ free(pw->pw_dir); ++ free(pw->pw_gecos); ++ free(pw->pw_passwd); ++ free(pw->pw_name); ++ free(pw); + return NULL; + } + diff --git a/patches/source/shadow/patches/r3062.diff b/patches/source/shadow/patches/r3062.diff new file mode 100644 index 00000000..00d9ba3a --- /dev/null +++ b/patches/source/shadow/patches/r3062.diff @@ -0,0 +1,139 @@ +Index: lib/shadowmem.c +=================================================================== +--- lib/shadowmem.c (revision 3061) ++++ lib/shadowmem.c (revision 3062) +@@ -49,8 +49,14 @@ + if (NULL == sp) { + return NULL; + } +- *sp = *spent; +- sp->sp_namp = strdup (spent->sp_namp); ++ sp->sp_lstchg = spent->sp_lstchg; ++ sp->sp_min = spent->sp_min; ++ sp->sp_max = spent->sp_max; ++ sp->sp_warn = spent->sp_warn; ++ sp->sp_inact = spent->sp_inact; ++ sp->sp_expire = spent->sp_expire; ++ sp->sp_flag = spent->sp_flag; ++ sp->sp_namp = strdup (spent->sp_namp); + if (NULL == sp->sp_namp) { + free(sp); + return NULL; +@@ -68,8 +74,10 @@ + void spw_free (/*@out@*/ /*@only@*/struct spwd *spent) + { + free (spent->sp_namp); +- memzero (spent->sp_pwdp, strlen (spent->sp_pwdp)); +- free (spent->sp_pwdp); ++ if (NULL != spent->sp_pwdp) { ++ memzero (spent->sp_pwdp, strlen (spent->sp_pwdp)); ++ free (spent->sp_pwdp); ++ } + free (spent); + } + +Index: lib/groupmem.c +=================================================================== +--- lib/groupmem.c (revision 3061) ++++ lib/groupmem.c (revision 3062) +@@ -48,7 +48,7 @@ + if (NULL == gr) { + return NULL; + } +- *gr = *grent; ++ gr->gr_gid = grent->gr_gid; + gr->gr_name = strdup (grent->gr_name); + if (NULL == gr->gr_name) { + free(gr); +@@ -90,13 +90,18 @@ + + void gr_free (/*@out@*/ /*@only@*/struct group *grent) + { ++ size_t i; + free (grent->gr_name); +- memzero (grent->gr_passwd, strlen (grent->gr_passwd)); +- free (grent->gr_passwd); +- while (*(grent->gr_mem)) { +- free (*(grent->gr_mem)); +- grent->gr_mem++; ++ if (NULL != grent->gr_passwd) { ++ memzero (grent->gr_passwd, strlen (grent->gr_passwd)); ++ free (grent->gr_passwd); + } ++ if (NULL != grent->gr_mem) { ++ for (i = 0; NULL != grent->gr_mem[i]; i++) { ++ free (grent->gr_mem[i]); ++ } ++ free (grent->gr_mem); ++ } + free (grent); + } + +Index: lib/sgroupio.c +=================================================================== +--- lib/sgroupio.c (revision 3061) ++++ lib/sgroupio.c (revision 3062) +@@ -51,7 +51,6 @@ + if (NULL == sg) { + return NULL; + } +- *sg = *sgent; + sg->sg_name = strdup (sgent->sg_name); + if (NULL == sg->sg_name) { + free (sg); +@@ -137,17 +136,20 @@ + + void sgr_free (/*@out@*/ /*@only@*/struct sgrp *sgent) + { ++ size_t i; + free (sgent->sg_name); +- memzero (sgent->sg_passwd, strlen (sgent->sg_passwd)); +- free (sgent->sg_passwd); +- while (NULL != *(sgent->sg_adm)) { +- free (*(sgent->sg_adm)); +- sgent->sg_adm++; ++ if (NULL != sgent->sg_passwd) { ++ memzero (sgent->sg_passwd, strlen (sgent->sg_passwd)); ++ free (sgent->sg_passwd); + } +- while (NULL != *(sgent->sg_mem)) { +- free (*(sgent->sg_mem)); +- sgent->sg_mem++; ++ for (i = 0; NULL != sgent->sg_adm[i]; i++) { ++ free (sgent->sg_adm[i]); + } ++ free (sgent->sg_adm); ++ for (i = 0; NULL != sgent->sg_mem[i]; i++) { ++ free (sgent->sg_mem[i]); ++ } ++ free (sgent->sg_mem); + free (sgent); + } + +Index: lib/pwmem.c +=================================================================== +--- lib/pwmem.c (revision 3061) ++++ lib/pwmem.c (revision 3062) +@@ -48,7 +48,8 @@ + if (NULL == pw) { + return NULL; + } +- *pw = *pwent; ++ pw->pw_uid = pwent->pw_uid; ++ pw->pw_gid = pwent->pw_gid; + pw->pw_name = strdup (pwent->pw_name); + if (NULL == pw->pw_name) { + free(pw); +@@ -91,8 +92,10 @@ + void pw_free (/*@out@*/ /*@only@*/struct passwd *pwent) + { + free (pwent->pw_name); +- memzero (pwent->pw_passwd, strlen (pwent->pw_passwd)); +- free (pwent->pw_passwd); ++ if (pwent->pw_passwd) { ++ memzero (pwent->pw_passwd, strlen (pwent->pw_passwd)); ++ free (pwent->pw_passwd); ++ } + free (pwent->pw_gecos); + free (pwent->pw_dir); + free (pwent->pw_shell); diff --git a/patches/source/shadow/patches/r3096.diff b/patches/source/shadow/patches/r3096.diff new file mode 100644 index 00000000..0e77ce6f --- /dev/null +++ b/patches/source/shadow/patches/r3096.diff @@ -0,0 +1,27 @@ + +* lib/gshadow.c: Fix parsing of gshadow entries. + +Index: lib/gshadow.c +=================================================================== +--- lib/gshadow.c (revision 3095) ++++ lib/gshadow.c (revision 3096) +@@ -222,6 +222,7 @@ + if (NULL == buf) { + return NULL; + } ++ buflen = BUFSIZ; + } + + if (NULL == fp) { +@@ -229,9 +230,9 @@ + } + + #ifdef USE_NIS +- while (fgetsx (buf, (int) sizeof buf, fp) == buf) ++ while (fgetsx (buf, (int) buflen, fp) == buf) + #else +- if (fgetsx (buf, (int) sizeof buf, fp) == buf) ++ if (fgetsx (buf, (int) buflen, fp) == buf) + #endif + { + while ( ((cp = strrchr (buf, '\n')) == NULL) diff --git a/patches/source/shadow/patches/r3160.diff b/patches/source/shadow/patches/r3160.diff new file mode 100644 index 00000000..5aabbaa9 --- /dev/null +++ b/patches/source/shadow/patches/r3160.diff @@ -0,0 +1,239 @@ +Index: libmisc/limits.c +=================================================================== +--- libmisc/limits.c (revision 3159) ++++ libmisc/limits.c (revision 3160) +@@ -33,6 +33,7 @@ + /* + * Separated from setup.c. --marekm + * Resource limits thanks to Cristian Gafton. ++ * Enhancements of resource limit code by Thomas Orgis <thomas@orgis.org> ("thor"). + */ + + #include <config.h> +@@ -44,6 +45,7 @@ + #include <sys/types.h> + #include <sys/stat.h> + #include <stdio.h> ++#include <ctype.h> + #include "prototypes.h" + #include "defines.h" + #include <pwd.h> +@@ -69,17 +71,37 @@ + unsigned int multiplier) + { + struct rlimit rlim; +- long limit; ++ rlim_t limit; + +- if (getlong (value, &limit) == 0) { +- return 0; ++ /* The "-" is special, not belonging to a strange negative limit. ++ It is infinity, in a controlled way. --thor */ ++ if(value[0] == '-') { ++ limit = RLIM_INFINITY; + } +- limit *= multiplier; +- if (limit != (rlim_t) limit) { +- return 0; ++ else { ++ /* We cannot use getlong here because it fails when there ++ is more to the value than just this number! ++ Also, we are limited to base 10 here (hex numbers will not ++ work with the limit string parser as is anyway) --thor */ ++ char *endptr; ++ long longlimit = strtol(value, &endptr, 10); ++ if ((0 == longlimit) && (value == endptr)) { ++ /* No argument at all. No-op. ++ We could instead throw an error, though. --thor */ ++ return 0; ++ } ++ longlimit *= multiplier; ++ limit = (rlim_t)longlimit; ++ if(longlimit != limit) ++ { ++ /* Again, silent error handling... I left it that way. ++ Wouldn't screaming make more sense? --thor */ ++ return 0; ++ } + } +- rlim.rlim_cur = (rlim_t) limit; +- rlim.rlim_max = (rlim_t) limit; ++ ++ rlim.rlim_cur = limit; ++ rlim.rlim_max = limit; + if (setrlimit (resource, &rlim) != 0) { + return LOGIN_ERROR_RLIMIT; + } +@@ -199,6 +221,9 @@ + * [Ii]: i = RLIMIT_NICE max nice value (0..39 translates to 20..-19) + * [Oo]: o = RLIMIT_RTPRIO max real time priority (linux/sched.h 0..MAX_RT_PRIO) + * ++ * Remember to extend the "no-limits" string below when adding a new limit... ++ * --thor ++ * + * Return value: + * 0 = okay, of course + * LOGIN_ERROR_RLIMIT = error setting some RLIMIT +@@ -214,7 +239,20 @@ + bool reported = false; + + pp = buf; ++ /* Skip leading whitespace. --thor */ ++ while(*pp == ' ' || *pp == '\t') ++pp; + ++ /* The special limit string "-" results in no limit for all known limits. ++ We achieve that by parsing a full limit string, parts of it being ignored ++ if a limit type is not known to the system. ++ Though, there will be complaining for unknown limit types. --thor */ ++ if(strcmp(pp, "-") == 0) { ++ /* Remember to extend this, too, when adding new limits! ++ Oh... but "unlimited" does not make sense for umask, or does it? ++ --thor */ ++ pp = "A- C- D- F- M- N- R- S- T- P- I- O-"; ++ } ++ + while ('\0' != *pp) { + switch (*pp++) { + #ifdef RLIMIT_AS +@@ -316,6 +354,10 @@ + break; + default: + /* Only report invalid strings once */ ++ /* Note: A string can be invalid just because a specific (theoretically ++ valid) setting is not supported by this build. ++ It is just a warning in syslog anyway. The line is still processed ++ --thor */ + if (!reported) { + SYSLOG ((LOG_WARN, + "Invalid limit string: '%s'", +@@ -324,13 +366,51 @@ + retval |= LOGIN_ERROR_RLIMIT; + } + } ++ /* After parsing one limit setting (or just complaining about it), ++ one still needs to skip its argument to prevent a bogus warning on ++ trying to parse that as limit specification. ++ So, let's skip all digits, "-" and our limited set of whitespace. ++ --thor */ ++ while(isdigit(*pp) || *pp == '-' || *pp == ' ' || *pp == '\t') { ++ ++pp; ++ } + } + return retval; + } + ++/* Check if user uname is in the group gname. ++ * Can I be sure that gr_mem contains no UID as string? ++ * Returns true when user is in the group, false when not. ++ * Any error is treated as false. --thor ++ */ ++static bool user_in_group (const char *uname, const char *gname) ++{ ++ struct group *groupdata; ++ char **member; ++ if(uname == NULL || gname == NULL){ ++ return false; ++ } ++ /* We are not claiming to be re-entrant! ++ * In case of paranoia or a multithreaded login program, ++ * one needs to add some mess for getgrnam_r. */ ++ groupdata = getgrnam(gname); ++ if(groupdata == NULL) { ++ SYSLOG ((LOG_WARN, "Nonexisting group `%s' in limits file.", gname)); ++ return false; ++ } ++ /* Now look for our user in the list of members. */ ++ member = groupdata->gr_mem; ++ while(*member != NULL) { ++ if(strcmp(*member, uname) == 0) { ++ return true; ++ } ++ ++member; ++ } ++ return false; ++} ++ + static int setup_user_limits (const char *uname) + { +- /* TODO: allow and use @group syntax --cristiang */ + FILE *fil; + char buf[1024]; + char name[1024]; +@@ -352,7 +432,7 @@ + } + /* The limits file have the following format: + * - '#' (comment) chars only as first chars on a line; +- * - username must start on first column ++ * - username must start on first column (or *, or @group --thor) + * A better (smarter) checking should be done --cristiang */ + while (fgets (buf, 1024, fil) != NULL) { + if (('#' == buf[0]) || ('\n' == buf[0])) { +@@ -367,6 +447,13 @@ + * Imposing a limit should be done with care, so a wrong + * entry means no care anyway :-). A '-' as a limits + * strings means no limits --cristiang */ ++ /* In addition to the handling of * as name which was alrady present, ++ I added handling of the @group syntax. ++ To clarify: The first entry with matching user name rules, ++ everything after it is ignored. If there is no user entry, ++ the last encountered entry for a matching group rules. ++ If there is no matching group entry, the default limits rule. ++ --thor. */ + if (sscanf (buf, "%s%[ACDFMNRSTULPIOacdfmnrstulpio0-9 \t-]", + name, tempbuf) == 2) { + if (strcmp (name, uname) == 0) { +@@ -374,6 +461,12 @@ + break; + } else if (strcmp (name, "*") == 0) { + strcpy (deflimits, tempbuf); ++ } else if (name[0] == '@') { ++ /* If the user is in the group, the group limits apply unless ++ later a line for the specific user is found. --thor */ ++ if(user_in_group(uname, name+1)) { ++ strcpy (limits, tempbuf); ++ } + } + } + } +Index: man/limits.5.xml +=================================================================== +--- man/limits.5.xml (revision 3159) ++++ man/limits.5.xml (revision 3160) +@@ -64,7 +64,13 @@ + <emphasis remap='I'>user LIMITS_STRING</emphasis> + </para> + ++ <para>or in the form:</para> ++ + <para> ++ <emphasis remap='I'>@group LIMITS_STRING</emphasis> ++ </para> ++ ++ <para> + The <emphasis>LIMITS_STRING</emphasis> is a string of a concatenated + list of resource limits. Each limit consists of a letter identifier + followed by a numerical limit. +@@ -125,11 +131,23 @@ + </para> + + <para> ++ The limits specified in the form "<replaceable>@group</replaceable>" ++ apply to the members of the specified ++ <replaceable>group</replaceable>. ++ </para> ++ ++ <para> + To completely disable limits for a user, a single dash + "<emphasis>-</emphasis>" will do. + </para> + + <para> ++ To disable a limit for a user, a single dash ++ "<replaceable>-</replaceable>" can be used instead of the numerical ++ value for this limit. ++ </para> ++ ++ <para> + Also, please note that all limit settings are set PER LOGIN. They are + not global, nor are they permanent. Perhaps global limits will come, + but for now this will have to do ;) diff --git a/patches/source/shadow/patches/r3194.diff b/patches/source/shadow/patches/r3194.diff new file mode 100644 index 00000000..0eff631b --- /dev/null +++ b/patches/source/shadow/patches/r3194.diff @@ -0,0 +1,15 @@ +* src/su.c: shell's name must be -su when a su fakes a login. + +=================================================================== +--- src/su.c (revision 3193) ++++ src/su.c (revision 3194) +@@ -1021,7 +1021,7 @@ + * Use the shell and create an argv + * with the rest of the command line included. + */ +- argv[-1] = shellstr; ++ argv[-1] = cp; + #ifndef USE_PAM + execve_shell (shellstr, &argv[-1], environ); + err = errno; + diff --git a/patches/source/shadow/patches/r3299.diff b/patches/source/shadow/patches/r3299.diff new file mode 100644 index 00000000..a46b18f0 --- /dev/null +++ b/patches/source/shadow/patches/r3299.diff @@ -0,0 +1,12 @@ +Index: man/ru/Makefile.am +=================================================================== +--- man/ru/Makefile.am (revision 3298) ++++ man/ru/Makefile.am (revision 3299) +@@ -1,7 +1,6 @@ + mandir = @mandir@/ru + + man_MANS = \ +- $(man_nopam) \ + chage.1 \ + chfn.1 \ + chgpasswd.8 \ diff --git a/patches/source/shadow/shadow.SlackBuild b/patches/source/shadow/shadow.SlackBuild new file mode 100755 index 00000000..84f790e2 --- /dev/null +++ b/patches/source/shadow/shadow.SlackBuild @@ -0,0 +1,165 @@ +#!/bin/sh + +# Copyright 2005-2011 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=shadow +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:--j6} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-shadow + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf shadow-$VERSION +tar xvf $CWD/shadow-$VERSION.tar.?z* || exit 1 +cd shadow-$VERSION + +# Apply some patches taken from the svn trunk that +# fix some of the more serious bugs in 4.1.4.3: +for patch in $CWD/patches/*.diff.gz ; do + zcat $patch | patch -p0 --verbose || exit 1 +done + +# Re-run automake because of r3299 patch to man/ru/Makefile.am: +automake -f + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --docdir=/usr/doc/shadow-$VERSION \ + --disable-shared \ + --without-libcrack \ + --build=$ARCH-slackware-linux + +# --enable-utmpx # defaults to 'no' + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Fix user group = 100: +zcat $CWD/useradd.gz > $PKG/etc/default/useradd + +# /bin/groups is provided by coreutils. +rm -f $PKG/bin/groups +find $PKG -name groups.1 -exec rm {} \; + +# Install a login.defs with unsurprising defaults: +rm -f $PKG/etc/login.defs +zcat $CWD/login.defs.gz > $PKG/etc/login.defs.new + +mv $PKG/etc/login.access $PKG/etc/login.access.new + +# I don't think this works well enough to recommend it. +#mv $PKG/etc/limits $PKG/etc/limits.new +rm -f $PKG/etc/limits + +# Add the friendly 'adduser' script: +cat $CWD/adduser > $PKG/usr/sbin/adduser +chmod 0755 $PKG/usr/sbin/adduser + +# Add sulogin to the package: +cp -a src/sulogin $PKG/sbin +( cd $PKG/bin ; ln -s ../sbin/sulogin ) + +# Add the empty faillog log file: +mkdir -p $PKG/var/log +touch $PKG/var/log/faillog.new + +# Put some stuff back in "old" locations and make symlinks for compat +( cd $PKG/usr/bin + mv faillog ../sbin + mv lastlog ../sbin + ln -s ../sbin/faillog + ln -s ../sbin/lastlog +) + +# Use 4711 rather than 4755 permissions where setuid root is required: +find $PKG -type f -perm 4755 -exec chmod 4711 "{}" \; + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/shadow-$VERSION +cp -a \ + COPYING* NEWS README* TODO doc/{README*,HOWTO,WISHLIST,*.txt} \ + $PKG/usr/doc/shadow-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/shadow-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/shadow/shadow.url b/patches/source/shadow/shadow.url new file mode 100644 index 00000000..b18864a8 --- /dev/null +++ b/patches/source/shadow/shadow.url @@ -0,0 +1 @@ +ftp://pkg-shadow.alioth.debian.org/pub/pkg-shadow diff --git a/patches/source/shadow/slack-desc b/patches/source/shadow/slack-desc new file mode 100644 index 00000000..57749146 --- /dev/null +++ b/patches/source/shadow/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +shadow: shadow (shadow password suite) +shadow: +shadow: This set of login related programs utilizes an alternate, non-readable +shadow: file to contain the actual encrypted passwords. This is presumed to +shadow: increase system security by increasing the difficulty with which +shadow: system crackers obtain encrypted passwords. It was written by +shadow: Julianne Frances Haugh and the Linux port is maintained by Tomasz +shadow: Kloczko. +shadow: +shadow: This package provides 'login', which is needed to log into the system. +shadow: diff --git a/patches/source/shadow/useradd b/patches/source/shadow/useradd new file mode 100644 index 00000000..f3205e49 --- /dev/null +++ b/patches/source/shadow/useradd @@ -0,0 +1,8 @@ +# useradd defaults file +GROUP=100 +HOME=/home +INACTIVE=-1 +EXPIRE= +SHELL=/bin/bash +SKEL=/etc/skel +CREATE_MAIL_SPOOL=yes diff --git a/patches/source/slocate/slack-desc b/patches/source/slocate/slack-desc new file mode 100644 index 00000000..22ec56cc --- /dev/null +++ b/patches/source/slocate/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +slocate: slocate (Secure Locate) +slocate: +slocate: Slocate is an enhanced version of locate, a command to help you locate +slocate: files on the system. Like the original version of locate, Slocate +slocate: maintains a database of files on the system, updating it nightly. +slocate: Unlike the original, Slocate indexes every file on the machine rather +slocate: than only the ones that can be seen by everyone. The "secure" part of +slocate: slocate is that it will only return matches if the user is allowed to +slocate: see the files. +slocate: +slocate: diff --git a/patches/source/slocate/slocate-3.1.tar.gz.sign b/patches/source/slocate/slocate-3.1.tar.gz.sign new file mode 100644 index 00000000..91b98242 --- /dev/null +++ b/patches/source/slocate/slocate-3.1.tar.gz.sign @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.2 (GNU/Linux) + +iD8DBQBEDmWkUZpV8HRsUfQRAnLeAJ0cBuIYvy+3GSTdm+sfQ7XYbNWuwgCgj+pZ +RKdGZfMmcuFGoBO39sCX/64= +=K/rW +-----END PGP SIGNATURE----- diff --git a/patches/source/slocate/slocate.CVE-2007-0277.diff b/patches/source/slocate/slocate.CVE-2007-0277.diff new file mode 100644 index 00000000..4f109922 --- /dev/null +++ b/patches/source/slocate/slocate.CVE-2007-0277.diff @@ -0,0 +1,42 @@ +--- slocate-3.1.orig/src/utils.c ++++ slocate-3.1/src/utils.c +@@ -524,6 +524,7 @@ + { + struct stat path_stat; + int ret = 0; ++ char *path_copy = NULL; + char *ptr = NULL; + + if (lstat(path, &path_stat) == -1) +@@ -532,15 +533,25 @@ + if (!S_ISLNK(path_stat.st_mode)) { + if (access(path, F_OK) != 0) + goto EXIT; +- } else if ((ptr = rindex(path, '/'))) { +- *ptr = 0; +- if (access(path, F_OK) == 0) +- ret = 1; +- *ptr = '/'; +- goto EXIT; + } + ++ /* "path" is const, so we shouldn't modify it. Also, for speed, ++ * I suspect strdup/free is less expensive than the deep access ++ * checks... */ ++ if (!(path_copy = strdup(path))) ++ goto EXIT; ++ + ret = 1; ++ ++ /* Each directory leading to the file (symlink or not) must be ++ * readable for us to allow it to be listed in search results. */ ++ while (ret && (ptr=rindex(path_copy,'/'))) { ++ *ptr=0; ++ if (*path_copy && access(path_copy, R_OK) != 0) ++ ret = 0; ++ } ++ free(path_copy); ++ + EXIT: + return ret; + } diff --git a/patches/source/slocate/slocate.SlackBuild b/patches/source/slocate/slocate.SlackBuild new file mode 100755 index 00000000..419a4cb1 --- /dev/null +++ b/patches/source/slocate/slocate.SlackBuild @@ -0,0 +1,90 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=3.1 +BUILD=${BUILD:-4_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-slocate + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +# Explode the package framework: +cd $PKG +explodepkg $CWD/_slocate.tar.gz + +cd $TMP +rm -rf slocate-$VERSION +tar xzvf $CWD/slocate-$VERSION.tar.gz || exit 1 +cd slocate-$VERSION || exit 1 + +zcat $CWD/slocate.bigfile.diff.gz | patch -p0 --verbose || exit 1 +zcat $CWD/slocate.CVE-2007-0277.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 2750 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +cd src +make CFLAGS="$SLKCFLAGS -D_LARGEFILE64_SOURCE" || exit 1 +cd .. +strip --strip-unneeded src/slocate +mkdir -p $PKG/usr/bin +cat src/slocate > $PKG/usr/bin/slocate +mkdir -p $PKG/usr/man/man1 +cat doc/slocate.1 | gzip -9c > $PKG/usr/man/man1/slocate.1.gz +cat doc/updatedb.1 | gzip -9c > $PKG/usr/man/man1/updatedb.1.gz +mkdir -p $PKG/usr/doc/slocate-$VERSION +cp -a \ + Changelog LICENSE README WISHLIST \ + $PKG/usr/doc/slocate-$VERSION +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +makepkg -l y -c n $TMP/slocate-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/slocate/slocate.bigfile.diff b/patches/source/slocate/slocate.bigfile.diff new file mode 100644 index 00000000..6ccd1202 --- /dev/null +++ b/patches/source/slocate/slocate.bigfile.diff @@ -0,0 +1,33 @@ +Fix 2GB limitation - brought to you by mancha + +--- src/utils.c.orig 2012-08-25 ++++ src/utils.c 2012-08-25 +@@ -284,12 +284,12 @@ int + verify_slocate_db(struct g_data_s *g_data, char *file) + { + char ch[1]; +- struct stat tf_stat; ++ struct stat64 tf_stat; + int bytes = 0; + int fd = -1; + + if (access(file, W_OK | R_OK) == 0) { +- if (lstat(file, &tf_stat) == -1) { ++ if (lstat64(file, &tf_stat) == -1) { + if (!report_error(g_data, FATAL, "get_temp_file: fstat(): %s: %s\n", file, strerror(errno))) + goto EXIT; + +@@ -522,11 +522,11 @@ EXIT: + * to check them separately */ + int verify_access(const char *path) + { +- struct stat path_stat; ++ struct stat64 path_stat; + int ret = 0; + char *ptr = NULL; + +- if (lstat(path, &path_stat) == -1) ++ if (lstat64(path, &path_stat) == -1) + goto EXIT; + + if (!S_ISLNK(path_stat.st_mode)) { diff --git a/patches/source/stunnel/doinst.sh b/patches/source/stunnel/doinst.sh new file mode 100644 index 00000000..21f004b0 --- /dev/null +++ b/patches/source/stunnel/doinst.sh @@ -0,0 +1,12 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/stunnel/openssl.cnf.new diff --git a/patches/source/stunnel/generate-stunnel-key.sh b/patches/source/stunnel/generate-stunnel-key.sh new file mode 100644 index 00000000..b24b4ba8 --- /dev/null +++ b/patches/source/stunnel/generate-stunnel-key.sh @@ -0,0 +1,13 @@ +#!/bin/sh +USE_DH=0 + +openssl req -new -x509 -days 365 -nodes \ + -config ./openssl.cnf -out stunnel.pem -keyout stunnel.pem + +test $USE_DH -eq 0 || openssl gendh >> stunnel.pem + +openssl x509 -subject -dates -fingerprint -noout \ + -in stunnel.pem + +chmod 600 stunnel.pem +rm -f stunnel.rnd diff --git a/patches/source/stunnel/slack-desc b/patches/source/stunnel/slack-desc new file mode 100644 index 00000000..f8ee5bc4 --- /dev/null +++ b/patches/source/stunnel/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +stunnel: stunnel (Universal SSL tunnel) +stunnel: +stunnel: The stunnel program is designed to work as an SSL encryption wrapper +stunnel: between remote client and local (inetd-startable) or remote servers. +stunnel: The goal is to facilitate SSL encryption and authentication for +stunnel: non-SSL-aware programs. +stunnel: +stunnel: stunnel can be used to add SSL functionality to commonly used inetd +stunnel: daemons like POP-2, POP-3 and IMAP servers without any changes in the +stunnel: programs' code. +stunnel: diff --git a/patches/source/stunnel/stunnel.SlackBuild b/patches/source/stunnel/stunnel.SlackBuild new file mode 100755 index 00000000..b1425a8d --- /dev/null +++ b/patches/source/stunnel/stunnel.SlackBuild @@ -0,0 +1,140 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=stunnel +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-stunnel + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf stunnel-$VERSION +tar xvf $CWD/stunnel-$VERSION.tar.?z || exit 1 +cd stunnel-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --exec-prefix= \ + --sysconfdir=/etc \ + --datadir=/usr/share \ + --mandir=/usr/man \ + --sbindir=/usr/sbin \ + --bindir=/usr/bin \ + --localstatedir=/var \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 + +# This used to be installed in /usr/sbin, so it would probably be nice to +# link from there: +mkdir -p $PKG/usr/sbin +( cd $PKG/usr/sbin + ln -sf ../bin/stunnel . + ln -sf ../bin/stunnel3 . +) + +mkdir -p $PKG/var/run/stunnel +# This will produce a useless key. +make -i install DESTDIR=$PKG +# Get rid of key, so nobody tries to use it: +rm -f $PKG/etc/stunnel/stunnel.pem +# Add cnf: +cat tools/openssl.cnf > $PKG/etc/stunnel/openssl.cnf.new +cat $CWD/generate-stunnel-key.sh > $PKG/etc/stunnel/generate-stunnel-key.sh +chmod 755 $PKG/etc/stunnel/generate-stunnel-key.sh + +mkdir -p $PKG/usr/doc/stunnel-$VERSION +mv $PKG/usr/share/doc/stunnel/* $PKG/usr/doc/stunnel-$VERSION +rmdir $PKG/usr/share/doc/stunnel +rmdir $PKG/usr/share/doc +rmdir $PKG/usr/share + +mkdir -p $PKG/usr/man/pl/man8 +mv $PKG/usr/man/man8/stunnel.pl.8 $PKG/usr/man/pl/man8/stunnel.8 +mkdir -p $PKG/usr/man/fr/man8 +mv $PKG/usr/man/man8/stunnel.fr.8 $PKG/usr/man/fr/man8/stunnel.8 +gzip -9 $PKG/usr/man/*/man?/*.? $PKG/usr/man/man?/*.? + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# The 4.15 version of stunnel caused some bizarre perms, so +# we'll protect against that: +chmod 0755 $PKG/var/lib +chown root:root $PKG/var/lib + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/stunnel-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/subversion/get-svn-book.sh b/patches/source/subversion/get-svn-book.sh new file mode 100755 index 00000000..112ba17c --- /dev/null +++ b/patches/source/subversion/get-svn-book.sh @@ -0,0 +1,9 @@ +#!/bin/sh +CWD=`pwd` + +# Add the latest copy of the Subversion book: +( cd $CWD + lftpget http://svnbook.red-bean.com/nightly/en/svn-book-html.tar.bz2 + chmod 644 svn-book-html.tar.bz2 +) + diff --git a/patches/source/subversion/slack-desc b/patches/source/subversion/slack-desc new file mode 100644 index 00000000..af2ef0b6 --- /dev/null +++ b/patches/source/subversion/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +subversion: subversion (a version control system) +subversion: +subversion: Subversion is a version control system which allows you to keep old +subversion: versions of files and directories (usually source code), and keep a +subversion: log of who, when, and why changes occurred, similar to other such +subversion: systems like CVS, RCS or SCCS. Subversion keeps all the information +subversion: to permit extracting previous versions of those files at any time. +subversion: +subversion: For more information about the Subversion project, visit: +subversion: http://subversion.apache.org +subversion: diff --git a/patches/source/subversion/subversion.SlackBuild b/patches/source/subversion/subversion.SlackBuild new file mode 100755 index 00000000..ab46b3ee --- /dev/null +++ b/patches/source/subversion/subversion.SlackBuild @@ -0,0 +1,174 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo subversion-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-subversion + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf subversion-$VERSION +tar xvf $CWD/subversion-$VERSION.tar.?z* || exit 1 +cd subversion-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --docdir=/usr/doc/subversion-$VERSION \ + --enable-shared \ + --disable-static \ + --with-apr=/usr \ + --with-apr-util=/usr \ + --with-apxs=/usr/sbin/apxs \ + --with-neon=/usr \ + --with-zlib=/usr \ + --with-pic \ + --with-ssl \ + --with-kwallet \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 +make install-docs DESTDIR=$PKG || exit 1 + +# Install python bindings +make swig-py +make install-swig-py DESTDIR=$PKG +PYTHON_VER=$(python -c 'import sys; print "%d.%d" % sys.version_info[:2]') +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/python${PYTHON_VER}/site-packages +mv $PKG/usr/lib${LIBDIRSUFFIX}/svn-python/* \ + $PKG/usr/lib${LIBDIRSUFFIX}/python${PYTHON_VER}/site-packages +rmdir $PKG/usr/lib${LIBDIRSUFFIX}/svn-python + +# Perl bindings +make swig-pl-lib +make install-swig-pl-lib DESTDIR=$PKG +( cd subversion/bindings/swig/perl/native + perl Makefile.PL + make install_vendor DESTDIR=$PKG +) +eval $(perl '-V:archlib') +mv $PKG/$archlib/perllocal.pod $PKG/$archlib/subversion.pod + +# Ruby bindings +make swig-rb +make install-swig-rb DESTDIR=$PKG + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +rm -rf $PKG/usr/info +# Something doesn't honor --mandir +mv $PKG/usr/share/man/man3 $PKG/usr/man +gzip -9 $PKG/usr/man/man?/* +rmdir $PKG/usr/share/man + +# What is this junk for? Since I don't know, I'll erase it. :-) +rm -rf $PKG/usr/build + +mkdir -p $PKG/usr/doc/subversion-$VERSION +cp -a \ + BUGS COMMITTERS COPYING* HACKING INSTALL README TRANSLATING doc \ + $PKG/usr/doc/subversion-$VERSION +# too big && useless for most || if you think not, can be found in the source tarball +rm -rf $PKG/usr/doc/subversion-$VERSION/doc/tools +# Add the HTML svn book: +( cd $PKG/usr/doc/subversion-$VERSION + tar xf $CWD/svn-book-html.tar.bz2 + mv svn-book-html book + cd book + chown -R root:root . + find . -type d -exec chmod 0755 {} \; + find . -type f -exec chmod 0644 {} \; + find . -perm 2755 -exec chmod 0755 {} \; + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +) + +# If there's a CHANGES file, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGES ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat CHANGES | head -n 1000 > $DOCSDIR/CHANGES + touch -r CHANGES $DOCSDIR/CHANGES +fi + +# This removes our DESTDIR from the packlist filenames, to keep perl's +# internal inventories consistent and correct. +find $PKG -name .packlist | while read plist ; do + sed -e "s%$PKG%%g" \ + -e "s%/share/man%/man%g" \ + -re "s%\.([1-9]n?|3pm)$%&.gz%g # extend man filenames for .gz" \ + ${plist} > ${plist}.new + mv -f ${plist}.new ${plist} +done + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/subversion-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/sudo/doinst.sh b/patches/source/sudo/doinst.sh new file mode 100644 index 00000000..01e3d173 --- /dev/null +++ b/patches/source/sudo/doinst.sh @@ -0,0 +1,14 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/sudoers.new +rm -f etc/sudoers.new diff --git a/patches/source/sudo/slack-desc b/patches/source/sudo/slack-desc new file mode 100644 index 00000000..66f1aa8c --- /dev/null +++ b/patches/source/sudo/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +sudo: sudo (give limited root privileges to certain users) +sudo: +sudo: 'sudo' is a command that allows users to execute some commands as +sudo: root. The /etc/sudoers file (edited with 'visudo') specifies which +sudo: users have access to sudo and which commands they can run. 'sudo' +sudo: logs all its activities to /var/log/ so the system administrator +sudo: can keep an eye on things. +sudo: +sudo: +sudo: +sudo: diff --git a/patches/source/sudo/sudo.SlackBuild b/patches/source/sudo/sudo.SlackBuild new file mode 100755 index 00000000..b4dc833b --- /dev/null +++ b/patches/source/sudo/sudo.SlackBuild @@ -0,0 +1,122 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012, 2015 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=sudo +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-sudo + +rm -rf $PKG +mkdir -p $TMP $PKG/var/db + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi + +cd $TMP +rm -rf sudo-$VERSION +tar xvf $CWD/sudo-$VERSION.tar.?z* || exit 1 +cd sudo-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sbindir=/usr/sbin \ + --mandir=/usr/man \ + --docdir=/usr/doc/sudo-$VERSION \ + --with-env-editor \ + --disable-pam-session \ + --with-pam=no \ + --with-rundir=/var/db/sudo \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +( cd $PKG/usr/bin + chmod 4711 sudo + ln -sf sudo sudoedit +) +chmod 755 $PKG/usr/sbin/visudo + +rm -f $PKG/usr/man/man8/sudoedit.8 +gzip -9 $PKG/usr/man/man?/*.? +( cd $PKG/usr/man/man8 ; ln -sf sudo.8.gz sudoedit.8.gz ) + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mv $PKG/etc/sudoers $PKG/etc/sudoers.new + +rm -r $PKG/usr/doc/sudo-$VERSION +mkdir -p $PKG/usr/doc/sudo-$VERSION +cp -a \ + INSTALL NEWS README* \ + doc/{CONTRIBUTORS,HISTORY,LICENSE,TROUBLESHOOTING,UPGRADE} \ + $PKG/usr/doc/sudo-$VERSION +chmod 644 $PKG/usr/doc/sudo-$VERSION/* + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/sudo-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/t1lib/slack-desc b/patches/source/t1lib/slack-desc new file mode 100644 index 00000000..293af0cb --- /dev/null +++ b/patches/source/t1lib/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +t1lib: t1lib (Type 1 font rasterizer library) +t1lib: +t1lib: t1lib is a library distributed under the GNU General Public Library +t1lib: License for generating character and string glyphs from Adobe Type 1 +t1lib: fonts under UNIX. t1lib uses most of the code of the X11 rasterizer +t1lib: donated by IBM to the X11 project. +t1lib: +t1lib: +t1lib: +t1lib: +t1lib: diff --git a/patches/source/t1lib/t1lib.SlackBuild b/patches/source/t1lib/t1lib.SlackBuild new file mode 100755 index 00000000..72d525c6 --- /dev/null +++ b/patches/source/t1lib/t1lib.SlackBuild @@ -0,0 +1,131 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2011, 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=t1lib +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-t1lib +rm -rf $PKG +mkdir -p $TMP $PKG/usr + +cd $TMP +rm -rf t1lib-$VERSION +tar xvf $CWD/t1lib-$VERSION.tar.?z* || exit 1 +cd t1lib-$VERSION + +# Apply Debian's patch since upstream seems inactive: +zcat $CWD/t1lib_5.1.2-3.5.diff.gz | patch -p1 --verbose || exit 1 + +# I don't think anyone is applying this first one: +#cat debian/patches/segfault.diff -b -z .segf | patch -p1 --verbose || exit 1 +# UUOCFTW: +cat debian/patches/no-config.diff | patch -p1 --verbose || exit 1 +cat debian/patches/no-docs.diff | patch -p1 --verbose || exit 1 +cat debian/patches/lib-cleanup.diff | patch -p1 --verbose || exit 1 +cat debian/patches/format-security.diff | patch -p1 --verbose || exit 1 +cat debian/patches/CVE-2011-0764.diff | patch -p1 --verbose || exit 1 +cat debian/patches/CVE-2011-1552_1553_1554.patch | patch -p1 --verbose || exit 1 +cat debian/patches/CVE-2010-2642.patch | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --enable-static=no \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install prefix=$PKG/usr libdir=$PKG/usr/lib${LIBDIRSUFFIX} || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +chmod 755 $PKG/usr/lib${LIBDIRSUFFIX}/*.so + +mkdir -p $PKG/usr/doc/t1lib-$VERSION +cp -a \ + Change* COPYING* *GPL* LICENSE* README* \ + $PKG/usr/doc/t1lib-$VERSION + +mkdir -p $PKG/usr/share/t1lib +cp -a Fonts $PKG/usr/share/t1lib +/bin/ls $PKG/usr/share/t1lib/Fonts/afm/*.afm /usr/share/fonts/Type1/*.afm | sort | uniq | wc -l | sed -e 's/ //g' > $PKG/usr/share/t1lib/FontDataBase +( cd $PKG/usr/share/t1lib/Fonts/afm ; /bin/ls *.afm ; cd /usr/share/fonts/Type1 ; /bin/ls *.afm ) | sort | uniq >> $PKG/usr/share/t1lib/FontDataBase +cat << EOF > $PKG/usr/share/t1lib/t1lib.config +This is a configuration file for t1lib + +FONTDATABASE=/usr/share/t1lib/FontDataBase +ENCODING=/usr/share/t1lib/Fonts/enc +AFM=/usr/share/t1lib/Fonts/afm:/usr/share/fonts/Type1 +TYPE1=/usr/share/t1lib/Fonts/type1:/usr/share/fonts/Type1 +EOF + +mkdir -p $PKG/etc/profile.d +cat << EOF > $PKG/etc/profile.d/t1lib.sh +T1LIB_CONFIG=/usr/share/t1lib/t1lib.config +export T1LIB_CONFIG +EOF +cat << EOF > $PKG/etc/profile.d/t1lib.csh +setenv T1LIB_CONFIG /usr/share/t1lib/t1lib.config +EOF +chmod 755 $PKG/etc/profile.d/* + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/t1lib-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/t1lib/t1lib_5.1.2-3.5.diff b/patches/source/t1lib/t1lib_5.1.2-3.5.diff new file mode 100644 index 00000000..bd137466 --- /dev/null +++ b/patches/source/t1lib/t1lib_5.1.2-3.5.diff @@ -0,0 +1,2109 @@ +--- t1lib-5.1.2.orig/debian/libt1-doc.docs ++++ t1lib-5.1.2/debian/libt1-doc.docs +@@ -0,0 +1 @@ ++doc/*.pdf +--- t1lib-5.1.2.orig/debian/orig-tar.sh ++++ t1lib-5.1.2/debian/orig-tar.sh +@@ -0,0 +1,11 @@ ++#!/bin/sh -e ++ ++# called by uscan with '--upstream-version' <version> <file> ++ ++# move to directory 'tarballs' ++if [ -r .svn/deb-layout ]; then ++ . .svn/deb-layout ++ mv $3 $origDir ++ echo "moved $3 to $origDir" ++fi ++ +--- t1lib-5.1.2.orig/debian/libt1-5.install ++++ t1lib-5.1.2/debian/libt1-5.install +@@ -0,0 +1 @@ ++debian/tmp/usr/lib/libt1*.so.* +--- t1lib-5.1.2.orig/debian/changelog ++++ t1lib-5.1.2/debian/changelog +@@ -0,0 +1,456 @@ ++t1lib (5.1.2-3.5) unstable; urgency=high ++ ++ * Non-maintainer upload by the Security Team. ++ * Thanks Jamie Strandboge from Ubuntu for the patch. ++ * debian/patches: ++ - series: make sure CVE-2010-2642.patch is really applied so CVE-2010-2642 ++ (denial of service via oversized fonts) is really fixed. ++ - CVE-2011-1552_1553_1554 added, few more fixes for CVE-2011-1552, ++ CVE-2011-1553 and CVE-2011-1554 (heap-based buffer overflow via AFM font ++ parser) ++ ++ -- Yves-Alexis Perez <corsac@debian.org> Wed, 18 Jan 2012 10:43:23 +0100 ++ ++t1lib (5.1.2-3.4) unstable; urgency=high ++ ++ * Non-maintainer upload by the Security Team. ++ * debian/patches: ++ - CVE-2010-2642 added, fix heap-based buffer overflow first found in ++ evince but applicable to the embedded afmparse library found in t1lib ++ too. Fixes CVE-2011-0433 too on the same patch. ++ ++ -- Yves-Alexis Perez <corsac@debian.org> Sun, 15 Jan 2012 13:47:26 +0100 ++ ++t1lib (5.1.2-3.3) unstable; urgency=low ++ ++ * Non-maintainer upload. ++ * Fix arbitrary code execution CVE-2011-0764 by only using ppoints when ++ it is a valid pointer (Closes: #652996). ++ * Don't ship .la file anymore (Closes: #633247). ++ ++ -- Luk Claes <luk@debian.org> Thu, 29 Dec 2011 23:21:33 +0100 ++ ++t1lib (5.1.2-3.2) unstable; urgency=low ++ ++ * Non-maintainer upload. (version 5.1.2-3.2 triggered a problem with dak) ++ * format-security.diff: use relevant "%s" format when passing a ++ variable string to a printf() function and replace printf() ++ with puts() for the model-only IfTrace0 macro. Thanks to Colin Watson ++ and Loïc Minier! (Closes: #646470) ++ ++ -- Mònica RamÃrez Arceda <monica@probeta.net> Sat, 03 Dec 2011 21:28:31 +0100 ++ ++t1lib (5.1.2-3) unstable; urgency=low ++ ++ * New Maintainer (Closes: #430611) ++ * Solved some hyphen-used-as-minus-sign in FontDatabase.5 ++ * Reformated debian/copyrigth ++ * Added symbols control file ++ ++ -- Ruben Molina <rmolina@udea.edu.co> Wed, 23 Jul 2008 20:24:22 -0500 ++ ++t1lib (5.1.2-2) unstable; urgency=low ++ ++ * Add a package with debugging information. ++ ++ -- Torsten Werner <twerner@debian.org> Sat, 08 Mar 2008 10:21:43 +0100 ++ ++t1lib (5.1.2-1) unstable; urgency=low ++ ++ * new upstream release ++ * Correct debian/watch. ++ * Remove patch cve-2007-4033.diff because it has been integrated upstream. ++ * Remove parts of patch segfault.diff that have been integrated upstream. ++ * Do not apply the remaining segfault.diff because it does not look safe but ++ keep the patch as a reminder that something was broken in the past. ++ ++ -- Torsten Werner <twerner@debian.org> Sat, 08 Mar 2008 10:07:54 +0100 ++ ++t1lib (5.1.1-5) unstable; urgency=low ++ ++ * Replace Build-Depends-Indep by Build-Depends again. ++ ++ -- Torsten Werner <twerner@debian.org> Tue, 08 Jan 2008 21:34:25 +0100 ++ ++t1lib (5.1.1-4) unstable; urgency=low ++ ++ * Add Build-Depends-Indep: libxt-dev. (Closes: #459754) ++ ++ -- Torsten Werner <twerner@debian.org> Tue, 08 Jan 2008 20:29:01 +0100 ++ ++t1lib (5.1.1-3) unstable; urgency=low ++ ++ * Replace static changes of upstream files by quilt patches as requested by ++ Fedora developers. ++ * Remove postinst that removed the old /usr/doc symlink. ++ * Remove preinst that removed the old /usr/share/doc/t1lib-bin symlink. ++ * Rename menu.t1lib-bin to t1lib-bin.menu to make sure the menu file gets ++ installed. ++ * Update menu file to conform to current menu policy. ++ * Install documentation with dh_installdocs instead of dh_install and some ++ other minor cleanups. ++ * Switch to cdbs. ++ * Fix versioned Build-Depends: debhelper (>= 5). ++ * Move some Build-Depends to Build-Depends-Indep. ++ * Apply two patches provided by Patrice Dumas: ++ - Update t1libconfig's font search. ++ - Fixes a segfault. ++ * Integrate another patch that fixes a segfault. (Closes: #313236) ++ ++ -- Torsten Werner <twerner@debian.org> Sun, 06 Jan 2008 20:50:19 +0100 ++ ++t1lib (5.1.1-2) unstable; urgency=low ++ ++ * Add Depends: libxaw7-dev to -dev package. ++ * Switch to DH_COMPAT = 5. ++ * Update Vcs headers in debian/control. ++ * Change Standards-Version: 3.7.3. ++ * Do not link with unneeded libraries. ++ * Add LDFLAGS=-Wl,--as-needed. ++ ++ -- Torsten Werner <twerner@debian.org> Fri, 21 Dec 2007 22:54:43 +0100 ++ ++t1lib (5.1.1-1) unstable; urgency=low ++ ++ * new upstream version (Closes: #418664) ++ * Add XS-Vcs-* header to debian/control. ++ * Update Standards-Version to 3.7.2 (no changes). ++ * Remove Depends: libc6-dev. (Closes: #446375). ++ * Change Maintainer to myself. ++ * Replace ${Source-Version} by ${binary:Version}. ++ * Do not ignore errors of 'make distclean'. ++ ++ -- Torsten Werner <twerner@debian.org> Sat, 13 Oct 2007 14:46:23 +0200 ++ ++t1lib (5.1.0-3) unstable; urgency=low ++ ++ * Apply patch from Artur R. Czechowski to fix CVE-2007-4033. ++ (Closes: #439927) ++ ++ -- Torsten Werner <twerner@debian.org> Mon, 17 Sep 2007 23:25:45 +0200 ++ ++t1lib (5.1.0-2) unstable; urgency=low ++ ++ * Upload to unstable ++ * Bump-up Standards-Version to 3.6.2 (no changes required) ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sat, 6 Aug 2005 20:11:51 +0200 ++ ++t1lib (5.1.0-1) experimental; urgency=low ++ ++ * New upstream release ++ * README.t1lib-5.0.2 replaced with README.t1lib-5.1.0 ++ * README.win32 is no longer installed ++ * Removed misleading information from README.Debian ++ * Replace -V with -V 'libt1-5 (>= 5.0.2)' for dh_makeshlibs in debian/rules ++ * Remove some commented stuff from debian/rules ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sat, 4 Jun 2005 22:12:43 +0200 ++ ++t1lib (5.0.2-3) unstable; urgency=low ++ ++ * Update libtool (Closes: #246753) ++ * Build-Depends on individual library instead dummy xlibs-dev ++ * Added dependencies to -dev package (Closes: #249973) ++ * Thanks to Christopher L Cheney for above patches ++ * Add -V to dh_makeshlibs to make a versioned dependencies on this library ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sun, 23 May 2004 01:02:02 +0200 ++ ++t1lib (5.0.2-2) unstable; urgency=low ++ ++ * change distribution to unstable ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sun, 18 Apr 2004 13:07:23 +0200 ++ ++t1lib (5.0.2-1) experimental; urgency=low ++ ++ * New upstream release (Closes: #243916) ++ - fixed some crashes (Closes: #242570, #243378) ++ * Reference to README.t1lib-5.0.2 instead -5.0.0 in some debian/ files ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sat, 17 Apr 2004 19:22:09 +0200 ++ ++t1lib (5.0.0-5) unstable; urgency=low ++ ++ * debian/rules: documentation is build from binary-indep (Closes: #230386) ++ * debian/watch has been added ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sat, 21 Feb 2004 20:19:38 +0100 ++ ++t1lib (5.0.0-4) unstable; urgency=low ++ ++ * Added missing files in NEWS.Debian ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Wed, 21 Jan 2004 00:27:24 +0100 ++ ++t1lib (5.0.0-3) unstable; urgency=low ++ ++ * New release uploaded to unstable (finaly closes: #185097, #216501) ++ * Unleash it to allow to migrate to testing (Closes: #221198) ++ * libt1-dev and t1lib-dev conflict with each other, ++ * libt1-dev conflicts with t1lib1-dev to smooth upgrade from t1lib 1.3.1-6 ++ * t1lib-bin provides/conflicts/replaces t1lib1-bin to smooth upgrade from ++ t1lib 1.3.1-6 ++ * Some README.* files in libt1-dev ++ * Applied patch which fixes memory access bug (see #224314 for details) ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sun, 18 Jan 2004 03:00:05 +0100 ++ ++t1lib (5.0.0-2) experimental; urgency=low ++ ++ * rename source package to t1lib ++ * rename binary packages: ++ + libt1-5 -> libt1-dev ++ + t1lib5-bin -> t1lib-bin ++ + libt1-5-doc -> libt1-doc ++ * rationale for all above: ++ http://lists.debian.org/debian-devel/2003/debian-devel-200311/msg01083.html ++ and rest of this thread ++ * linking libt1x with X libraries to avoid undefined symbols (see #220111) ++ * clearing independency of X11 in README.Debian ++ * removed all tracks of t1lib0 (Conflict, Replaces, etc) ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Wed, 24 Dec 2003 01:50:37 +0100 ++ ++t1lib5 (5.0.0-1) experimental; urgency=low ++ ++ * New upstream release (Closes: #185097, #216501) ++ * This release is binary incompatible with the previous one. ++ * t1lib-bin and t1lib-dev are virtual packages now ++ * removed weird ``dbl'' from configure - typo in upstream configure.in ++ * there is no necessity to conflict current -doc with the other ones ++ * library, devel and documentation package is libt1-5{,-dev,-doc} to be ++ consistent with Debian Policy 8.1 ++ * do not anymore copy config.{sub,guess} automagically ++ * update ac-tools/config.{sub,guess} to 20031007 ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sun, 9 Nov 2003 15:16:51 +0100 ++ ++t1lib (1.3.1-4) unstable; urgency=low ++ ++ * New Maintainer, Adopted Package (Closes: #189694) ++ * Prepare for migration to t1lib 5.x: ++ - all packages renamed to t1lib1{,-foo} ++ - empty packages t1lib-bin and t1lib-dev depending on t1lib1-bin ++ and t1lib1-dev ++ * Packaging from scratch using debhelper, Standards-Version is 3.6.1.0 now ++ * Remove non-existent xlib6g-dev from Build-Depends ++ * Updated README.Debian ++ * Remove symlinks from /usr/doc/t1lib* ++ * Only t1lib1-bin contains /etc/t1lib directory ++ * t1lib-dev has been split into two packages: t1lib1-dev and t1lib1-doc ++ * t1lib1-bin: change manual section for type1afm from 8 to 1 ++ * t1lib1-bin: create files in /etc/t1lib if don't exist (Closes: #58275) ++ * t1lib1-bin: remove symlink /usr/share/doc/t1lib-bin -> t1lib1 if exists ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sun, 2 Nov 2003 03:47:51 +0100 ++ ++t1lib (1.3.1-3) unstable; urgency=low ++ ++ * Change t1lib-dev's section from "devel" to "libdevel" (thanks, Katie!) ++ ++ -- Adam Conrad <adconrad@0c3.net> Mon, 18 Aug 2003 22:42:17 -0600 ++ ++t1lib (1.3.1-2) unstable; urgency=low ++ ++ * Set maintainer to QA, as this package was orphaned months ago (see #189694) ++ * Change "make" to "make without_doc" and remove build-dep on ++ tetex-bin (closes: #192291, #192290) ++ * Change libxaw-dev build-dep to libxaw7-dev, so we are asking for a real ++ package, rather than a virtual (closes: #170012) ++ * lib/Makefile.in changes (closes: #193757) ++ - add "-lm" to libt1.la target ++ - add "-L@top_srcdir@/lib/.libs/ -lt1" to libt1x.la target ++ ++ -- Adam Conrad <adconrad@0c3.net> Mon, 18 Aug 2003 21:50:22 -0600 ++ ++t1lib (1.3.1-1) unstable; urgency=low ++ ++ * New upstream version. (Closes: #127619,#127618) ++ ++ -- David Huggins-Daines <dhd@debian.org> Thu, 3 Jan 2002 21:53:29 -0500 ++ ++t1lib (1.2-1) unstable; urgency=low ++ ++ * New upstream version. ++ ++ -- David Huggins-Daines <dhd@debian.org> Wed, 22 Aug 2001 21:16:36 -0400 ++ ++t1lib (1.1.1-2.2) unstable; urgency=low ++ ++ * NMU ++ * debian/rules: if LD_LIBRARY_PATH is already set, append to it, so ++ builds under fakeroot will work (Closes: #104046) ++ ++ -- Branden Robinson <branden@debian.org> Fri, 10 Aug 2001 04:57:50 -0500 ++ ++t1lib (1.1.1-2.1) unstable; urgency=low ++ ++ * NMU, with updated config.{guess,sub} for newer architectures ++ ++ -- Randolph Chung <tausq@debian.org> Sat, 7 Jul 2001 01:01:51 -0600 ++ ++t1lib (1.1.1-2) unstable; urgency=high ++ ++ * Yow! Major upstream weirdness. Do *not* try to print the documentation ++ when building... Closes: #94660 ++ ++ -- David Huggins-Daines <dhd@debian.org> Fri, 20 Apr 2001 20:35:49 -0400 ++ ++t1lib (1.1.1-1) unstable; urgency=low ++ ++ * New upstream version. Closes: #94627 (why did I never get this bug ++ report in the first place?) ++ ++ -- David Huggins-Daines <dhd@debian.org> Fri, 20 Apr 2001 11:16:15 -0400 ++ ++t1lib (1.0.1-2) unstable; urgency=low ++ ++ * Recompile with new XFree86 libraries and glibc. ++ ++ -- David Huggins-Daines <dhd@debian.org> Wed, 24 Jan 2001 22:33:43 -0500 ++ ++t1lib (1.0.1-1) unstable; urgency=low ++ ++ * New upstream version. Closes: #69689 ++ ++ -- David Huggins-Daines <dhd@debian.org> Thu, 9 Nov 2000 00:29:06 -0500 ++ ++t1lib (1.0-2) frozen unstable; urgency=low ++ ++ * Use dpkg-architecture to supply a target architecture name to ++ configure, should fix the compile problems on Alpha and ARM for good. ++ (closes:#57839) ++ ++ -- David Huggins-Daines <dhd@eradicator.org> Wed, 1 Mar 2000 21:22:49 -0500 ++ ++t1lib (1.0-1) unstable; urgency=low ++ ++ * New upstream version. ++ * Twiddled package names to make more sense. ++ * Move back to priority optional to satisfy dependencies of xpdf and ++ php3. ++ * Moved .la files to t1lib-dev. Added versioned Replaces: field in the ++ control file to cope with potato-to-potato upgrades (the t1lib0 ++ packages in slink were not buggy in this way) ++ * t1libconfig and associated manual pages (FontDataBase.5, ++ t1libconfig.8) are now in the t1lib-bin package, for much the same ++ reason. Unfortunately this Replaces: field cannot be versioned. ++ * The t1lib packages no longer manage the contents of /etc/t1lib/. In ++ the near future, t1lib1 may have a debconf interface for doing so. ++ The t1lib.config and FontDataBase were never used by any programs that ++ linked with t1lib anyway, thankfully. ++ ++ -- David Huggins-Daines <dhd@eradicator.org> Sun, 2 Jan 2000 03:02:30 -0500 ++ ++t1lib0 (0.9.2-1) unstable; urgency=low ++ ++ * New upstream version. ++ * Being more intelligent in t1libconfig to avoid postinst-lossage. ++ Fixes: #44095 ++ * Updated for FHS compliance. ++ ++ -- David Huggins-Daines <dhd@debian.org> Fri, 8 Oct 1999 15:27:46 -0400 ++ ++t1lib0 (0.9.1-4) unstable; urgency=medium ++ ++ * Updated the shlibs file since it appears that programs compiled ++ against 0.9.1 won't work with 0.9 (though the other way around does ++ work). Fixes: #43215, #43231 ++ * Removed ARCH bogosity and updated config.sub and config.guess ++ (upstream maintainer will be notified) ++ ++ -- David Huggins-Daines <dhd@debian.org> Sat, 21 Aug 1999 01:23:39 -0400 ++ ++t1lib0 (0.9.1-3) unstable; urgency=low ++ ++ * Conditionalize that ARCH thing, or the Hurd people will kill me. ++ ++ -- David Huggins-Daines <dhd@debian.org> Sat, 3 Jul 1999 13:56:12 -0400 ++ ++t1lib0 (0.9.1-2) unstable; urgency=low ++ ++ * Oops. T1lib installs a dummy config file. We remove this before ++ building the package (because we generate our own). Also, the preinst ++ has to compensate for the past brokenness by saving it before an ++ upgrade. ++ ++ -- David Huggins-Daines <dhd@debian.org> Fri, 2 Jul 1999 16:13:46 -0400 ++ ++t1lib0 (0.9.1-1) unstable; urgency=low ++ ++ * New upstream version. ++ * Moved back to extra, because that's the way the winds are blowing. ++ * Added ARCH variable to debian/rules to work around strange ++ architecture detection on Alpha. ++ ++ -- David Huggins-Daines <dhd@debian.org> Fri, 2 Jul 1999 14:58:32 -0400 ++ ++t1lib0 (0.9-1) unstable; urgency=low ++ ++ * New upstream version ++ ++ -- David Huggins-Daines <dhd@debian.org> Thu, 10 Jun 1999 23:00:12 -0400 ++ ++t1lib0 (0.8.1-1) unstable; urgency=low ++ ++ * New upstream version. (fixes bug #31549) ++ * Upstream move to libtool has made debian/rules a lot less contorted, ++ and slimmed up the diff considerably. Thanks! ++ * I'm now uploading m68k versions as well. ++ * Fixed "confdif" typo in t1libconfig (oops!) ++ * This release breaks binary and source compatibility. Bumping the ++ soname seems a bit extreme, since there is only one Debian package ++ (gglyph) which depends on this, and I'm simultaneously uploading a ++ fixed version. ++ ++ -- David Huggins-Daines <dhd@debian.org> Wed, 24 Feb 1999 17:16:41 -0500 ++ ++t1lib0 (0.7.1-5) unstable; urgency=low ++ ++ * Changed debian/rules to remove debian/files on clean. (fixes bug #26907) ++ * Changed t1libconfig to allow installation </dev/null (fixes bug #27609) ++ ++ -- David Huggins-Daines <dhd@debian.org> Fri, 16 Oct 1998 20:12:02 -0400 ++ ++t1lib0 (0.7.1-4) unstable; urgency=low ++ ++ * Changed debian/rules not to use debhelper, to fix PowerPC and Alpha compile ++ problems and (hopefully) make the purists happy :) ++ * Upgraded priority to Optional, since it doesn't conflict with or break ++ anything, and is relatively stable. ++ ++ -- David Huggins-Daines <dhd@debian.org> Fri, 18 Sep 1998 18:36:07 -0400 ++ ++t1lib0 (0.7.1-3) unstable; urgency=low ++ ++ * Changed "read" to "read foo" in t1libconfig to make it more sh-friendly. ++ * Minor change to debian/rules (fixes bug #25501) ++ ++ -- David Huggins-Daines <dhd@debian.org> Fri, 7 Aug 1998 13:31:28 -0400 ++ ++t1lib0 (0.7.1-2) unstable; urgency=low ++ ++ * Patched lib/t1lib/t1finfo.c to fix segfault problems with some fonts. ++ * Fixed the URLs and info in copyright and README.Debian. ++ ++ -- David Huggins-Daines <dhd@debian.org> Tue, 21 Jul 1998 16:01:03 -0400 ++ ++t1lib0 (0.7.1-1) unstable; urgency=low ++ ++ * Initial release. ++ ++ -- David Huggins-Daines <dhd@debian.org> Thu, 16 Jul 1998 22:07:08 -0400 ++ ++ +--- t1lib-5.1.2.orig/debian/libt1-5.docs ++++ t1lib-5.1.2/debian/libt1-5.docs +@@ -0,0 +1,2 @@ ++README.t1lib-* ++README.t1python +--- t1lib-5.1.2.orig/debian/libt1-dev.docs ++++ t1lib-5.1.2/debian/libt1-dev.docs +@@ -0,0 +1,2 @@ ++README.t1lib-* ++README.t1python +--- t1lib-5.1.2.orig/debian/t1libconfig ++++ t1lib-5.1.2/debian/t1libconfig +@@ -0,0 +1,163 @@ ++#!/bin/sh -e ++ ++# to test POSIX-correctness, change hash-bang to /bin/bash and uncomment ++# the following line: ++ ++# set -o posix ++ ++# Very simple configuration script for t1lib. Checks a couple of ++# directories that might contain fonts, and if they exist, adds ++# anything ending in .pfa or pfb to the font database. A few things ++# borrowed from paperconfig, (C) 1996, Yves Arrouye ++# <arrouye@debian.org> ++ ++# note that this creates the "minimal" font database accepted by t1lib, ++# and doesn't look in every possible place for fonts. It is mostly ++# provided so that xglyph will work out of the box... ++ ++# Written by David Huggins-Daines <dhd@debian.org> ++ ++usage() { ++ if [ "$1" = -h ] ++ then ++ exec 1>&2 ++ echo -n U ++ else ++ echo -n u ++ fi ++ ++ echo "sage: `basename $0` [ -v, --version ] [ -h, --help ] [ --force ]" ++ echo " [ fontdirs... ]" ++ ++ if [ "$1" = -h ] ++ then ++ cat <<EOF ++ ++Options: -v, --verbose print version information and exit ++ -h, --help print this help and exit ++ --force force configuration ++EOF ++ exit 0 ++ else ++ exit 1 ++ fi ++} ++ ++version=0.2 ++topfontdirs="/usr/share/fonts/type1 /usr/share/fonts/X11" ++for dir in $topfontdirs; do ++ if [ -d $dir ]; then ++ subdirs=$(find $dir -type d -printf "%p ") ++ fontdirs="$subdirs $fontdirs" ++ fi ++done ++conffile=/etc/t1lib/t1lib.config ++confdir=/etc/t1lib/ ++dbase=/etc/t1lib/FontDatabase ++temp=/etc/t1lib/FontDatabase.tmp ++ ++force=0 ++ ++while [ $# -ne 0 ] ++do ++ case "$1" in ++ -v|--version) ++ echo "`basename $0` version $version" \ ++ "by David Huggins-Daines <dhd@debian.org>" ++ exit 0 ++ ;; ++ -h|--help) ++ usage -h ++ ;; ++ --force) ++ force=1 ++ ;; ++ *) ++ # hairy way to remove a trailing backslash (should use perl) ++ pat=`expr $1 : "\(.*\)\/\$" || echo $1` ++ # hairier way to find a string anywhere in another string ++ # should really use perl. ++ if ! grep $pat <<EOF >/dev/null 2>&1 ++$fontdirs ++EOF ++ then ++ fontdirs="$fontdirs $1" ++ fi ++ ;; ++ esac ++ shift ++done ++ ++# We presume that if the database exists, then so does the ++# configuration file. Hopefully this won't break anything. ++ ++if [ $force -eq 1 ] || [ ! -e $dbase ]; then ++ fontpath="" ++ afmpath="" ++ ++ mkdir -p $confdir || true ++ ++ echo -n "Searching for Type 1 fonts and AFM files..." ++ ++ for i in $fontdirs ++ do ++ if [ -d $i ] && ls $i/*.pf[ab] > /dev/null 2>&1; then ++ if [ -n "$fontpath" ]; then ++ fontpath="$fontpath:$i" ++ else ++ fontpath="$i" ++ fi ++ ++ if ls $i/*.afm > /dev/null 2>&1; then ++ if [ -n "$afmpath" ]; then ++ afmpath="$afmpath:$i" ++ else ++ afmpath="$i" ++ fi ++ fi ++ # get a listing of all the fonts in each dir ++ find $i -maxdepth 1 -name *.pf[ab] -printf '%f\n' >> $temp ++ fi ++ done ++ if [ -z "$fontpath" ]; then ++ cat <<EOF ++ ++No Type 1 fonts were found in the expected locations. ++If you want t1lib to be aware of your fonts, you should run ++/usr/sbin/t1libconfig with the names of your local font directories as ++arguments, or you should edit the /etc/t1lib/FontDatabase file manually. ++See the FontDatabase(5) manual page for more information. ++ ++Press [return] to continue. ++EOF ++ read foo || true ++ rm -f $temp ++ else ++ echo "done." ++ echo -n "Building font database..." ++ fontcount=`wc -l $temp || true` ++ echo $fontcount > $dbase ++ cat $temp >> $dbase ++ rm -f $temp ++ echo "done." ++ fi ++ ++ # now set the paths in the config file ++ cat <<EOF >$conffile ++t1lib.config - global configuration file for t1lib. ++It was created automatically on `date` ++by the t1libconfig script. ++ ++Run /usr/sbin/t1libconfig --force to rebuild it. ++ ++ENCODING=. ++AFM=$afmpath ++TYPE1=$fontpath ++FONTDATABASE=$dbase ++EOF ++else ++ echo "Configuration and font database files already exist." ++ echo "Run /usr/sbin/t1libconfig --force to rebuild them." ++fi ++ ++exit 0 +--- t1lib-5.1.2.orig/debian/t1lib-bin.postinst ++++ t1lib-5.1.2/debian/t1lib-bin.postinst +@@ -0,0 +1,8 @@ ++#!/bin/sh ++set -e ++ ++if [ ! -f /etc/t1lib/t1lib.config ]; then ++ /usr/sbin/t1libconfig ++fi ++ ++#DEBHELPER# +--- t1lib-5.1.2.orig/debian/t1lib-bin.menu ++++ t1lib-5.1.2/debian/t1lib-bin.menu +@@ -0,0 +1,2 @@ ++?package(t1lib-bin): needs="X11" section="Applications/Viewers" \ ++ title="XGlyph" command="/usr/bin/xglyph" +--- t1lib-5.1.2.orig/debian/t1lib-bin.install ++++ t1lib-5.1.2/debian/t1lib-bin.install +@@ -0,0 +1,2 @@ ++debian/t1libconfig usr/sbin ++debian/tmp/usr/bin/* +--- t1lib-5.1.2.orig/debian/copyright ++++ t1lib-5.1.2/debian/copyright +@@ -0,0 +1,94 @@ ++This package was debianized by David Huggins-Daines <dhd@debian.org> on ++Fri, 19 Jun 1998 20:01:01 -0400. It has been also maintained by Artur ++R. Czechowski <arturcz@hell.pl> and Torsten Werner <twerner@debian.org>. ++ ++It was downloaded from ftp://sunsite.unc.edu/pub/Linux/libs/graphics/ ++ ++Upstream Author: ++ ++ Rainer Menzner <Rainer.Menzner@web.de> ++ ++Copyright: ++ ++ Copyright (C) 1996-2003 Rainer Menzner ++ ++License: ++ ++ This package is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2 of the License, or (at your option) any later version. ++ ++ This package is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with this package; if not, write to the Free Software ++ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA ++ ++On Debian systems, the complete text of the GNU Lesser General ++Public License can be found in `/usr/share/common-licenses/LGPL'. ++ ++The Debian packaging is (C) 2008, Ruben Molina <rmolina@udea.edu.co> and ++is licensed under the GPL, see `/usr/share/common-licenses/GPL'. ++ ++Please note that there are parts of t1lib that are subject to other licenses: ++- The parseAFM-package is copyrighted by Adobe Systems Inc. ++- The type1 rasterizer is copyrighted by IBM and the X11-consortium. ++ ++(from lib/t1lib/parseAFM.c) ++/* ++ * (C) 1988, 1989, 1990 by Adobe Systems Incorporated. All rights reserved. ++ * ++ * This file may be freely copied and redistributed as long as: ++ * 1) This entire notice continues to be included in the file, ++ * 2) If the file has been modified in any way, a notice of such ++ * modification is conspicuously indicated. ++ * ++ * PostScript, Display PostScript, and Adobe are registered trademarks of ++ * Adobe Systems Incorporated. ++ * ++ * ************************************************************************ ++ * THE INFORMATION BELOW IS FURNISHED AS IS, IS SUBJECT TO CHANGE WITHOUT ++ * NOTICE, AND SHOULD NOT BE CONSTRUED AS A COMMITMENT BY ADOBE SYSTEMS ++ * INCORPORATED. ADOBE SYSTEMS INCORPORATED ASSUMES NO RESPONSIBILITY OR ++ * LIABILITY FOR ANY ERRORS OR INACCURACIES, MAKES NO WARRANTY OF ANY ++ * KIND (EXPRESS, IMPLIED OR STATUTORY) WITH RESPECT TO THIS INFORMATION, ++ * AND EXPRESSLY DISCLAIMS ANY AND ALL WARRANTIES OF MERCHANTABILITY, ++ * FITNESS FOR PARTICULAR PURPOSES AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. ++ * ************************************************************************ ++ */ ++ ++(from lib/type1/type1.c) ++/* $XConsortium: type1.c,v 1.5 91/10/10 11:20:06 rws Exp $ */ ++/* Copyright International Business Machines, Corp. 1991 ++ * All Rights Reserved ++ * Copyright Lexmark International, Inc. 1991 ++ * All Rights Reserved ++ * Portions Copyright (c) 1990 Adobe Systems Incorporated. ++ * All Rights Reserved ++ * ++ * License to use, copy, modify, and distribute this software and its ++ * documentation for any purpose and without fee is hereby granted, ++ * provided that the above copyright notice appear in all copies and that ++ * both that copyright notice and this permission notice appear in ++ * supporting documentation, and that the name of IBM or Lexmark or Adobe ++ * not be used in advertising or publicity pertaining to distribution of ++ * the software without specific, written prior permission. ++ * ++ * IBM, LEXMARK, AND ADOBE PROVIDE THIS SOFTWARE "AS IS", WITHOUT ANY ++ * WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT ++ * LIMITED TO ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A ++ * PARTICULAR PURPOSE, AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. THE ++ * ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE SOFTWARE, INCLUDING ++ * ANY DUTY TO SUPPORT OR MAINTAIN, BELONGS TO THE LICENSEE. SHOULD ANY ++ * PORTION OF THE SOFTWARE PROVE DEFECTIVE, THE LICENSEE (NOT IBM, ++ * LEXMARK, OR ADOBE) ASSUMES THE ENTIRE COST OF ALL SERVICING, REPAIR AND ++ * CORRECTION. IN NO EVENT SHALL IBM, LEXMARK, OR ADOBE BE LIABLE FOR ANY ++ * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ++ * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF ++ * CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN ++ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ */ +--- t1lib-5.1.2.orig/debian/NEWS ++++ t1lib-5.1.2/debian/NEWS +@@ -0,0 +1,9 @@ ++t1lib (5.0.0-3) unstable; urgency=low ++ ++ This version of t1lib package is binary incompatible with the previous ++ one in Debian. Details about changes are documented in following files ++ in /usr/share/doc/libt1-dev directory: ++ - changelog.gz ++ - README.t1lib-5.0.0.gz ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sun, 18 Jan 2004 00:02:29 +0100 +--- t1lib-5.1.2.orig/debian/t1lib-bin.manpages ++++ t1lib-5.1.2/debian/t1lib-bin.manpages +@@ -0,0 +1,4 @@ ++debian/man/FontDatabase.5 ++debian/man/t1libconfig.8 ++debian/man/type1afm.1 ++debian/man/xglyph.1 +--- t1lib-5.1.2.orig/debian/rules ++++ t1lib-5.1.2/debian/rules +@@ -0,0 +1,22 @@ ++#!/usr/bin/make -f ++ ++include /usr/share/cdbs/1/rules/debhelper.mk ++include /usr/share/cdbs/1/class/autotools.mk ++include /usr/share/cdbs/1/rules/patchsys-quilt.mk ++ ++export LDFLAGS := -Wl,--as-needed ++ ++DEB_MAKE_BUILD_TARGET := without_doc ++DEB_MAKE_INSTALL_TARGET := install prefix=$(CURDIR)/debian/tmp/usr ++DEB_INSTALL_DOCS_ALL += debian/README.Debian ++ ++binary-post-install/libt1-5 :: ++ rm -rf debian/libt1-5-dbg/usr/lib/debug/usr/bin/ ++binary-post-install/libt1-5-dbg :: ++ rm -rf debian/libt1-5-dbg/usr/lib/debug/usr/bin/ ++binary-post-install/libt1-dev :: ++ rm -rf debian/libt1-5-dbg/usr/lib/debug/usr/bin/ ++binary-post-install/libt1-doc :: ++ rm -rf debian/libt1-5-dbg/usr/lib/debug/usr/bin/ ++binary-post-install/t1lib-bin :: ++ rm -rf debian/libt1-5-dbg/usr/lib/debug/usr/bin/ +--- t1lib-5.1.2.orig/debian/libt1-5.symbols ++++ t1lib-5.1.2/debian/libt1-5.symbols +@@ -0,0 +1,381 @@ ++libt1.so.5 libt1-5 #MINVER# ++ BezierTerminationTest@Base 5.1.0 ++ CRASTERCompressionType@Base 5.1.0 ++ CacheBLimit@Base 5.1.0 ++ CachedChars@Base 5.1.0 ++ CachedFonts@Base 5.1.0 ++ ConicDebug@Base 5.1.0 ++ Continuity@Base 5.1.0 ++ CurFontEnv@Base 5.1.0 ++ CurFontName@Base 5.1.0 ++ DLadd@Base 5.1.0 ++ DLdiv@Base 5.1.0 ++ DLmult@Base 5.1.0 ++ DLsub@Base 5.1.0 ++ DeviceSpecifics@Base 5.1.0 ++ FPXYboth@Base 5.1.0 ++ FPXonly@Base 5.1.0 ++ FPYonly@Base 5.1.0 ++ FPdiv@Base 5.1.0 ++ FPmult@Base 5.1.0 ++ FPstarslash@Base 5.1.0 ++ FXYConvert@Base 5.1.0 ++ FXYboth@Base 5.1.0 ++ FXonly@Base 5.1.0 ++ FYonly@Base 5.1.0 ++ FontBase@Base 5.1.0 ++ FontDebug@Base 5.1.0 ++ ForceAFMBBox@Base 5.1.0 ++ ForceFloat@Base 5.1.0 ++ FreeAFMData@Base 5.1.0 ++ GetType1CharString@Base 5.1.0 ++ HighHex@Base 5.1.0 ++ HintDebug@Base 5.1.0 ++ IXYConvert@Base 5.1.0 ++ IXYboth@Base 5.1.0 ++ IXonly@Base 5.1.0 ++ IYonly@Base 5.1.0 ++ ImageDebug@Base 5.1.0 ++ InDotSection@Base 5.1.0 ++ Init_BuiltInEncoding@Base 5.1.0 ++ InternalTrace@Base 5.1.0 ++ LineDebug@Base 5.1.0 ++ LineIOTrace@Base 5.1.0 ++ LowHex@Base 5.1.0 ++ MemoryDebug@Base 5.1.0 ++ MustCheckArgs@Base 5.1.0 ++ MustCrash@Base 5.1.0 ++ MustTraceCalls@Base 5.1.0 ++ OffPageDebug@Base 5.1.0 ++ PathDebug@Base 5.1.0 ++ ProcessHints@Base 5.1.0 ++ QueryFontLib@Base 5.1.0 ++ RegionDebug@Base 5.1.0 ++ SaveFontPaths@Base 5.1.0 ++ SearchDictName@Base 5.1.0 ++ SetFuncRequestID@Base 5.1.0 ++ SpaceDebug@Base 5.1.0 ++ StdEncArrayP@Base 5.1.0 ++ StrokeDebug@Base 5.1.0 ++ T1Close@Base 5.1.0 ++ T1GetDecrypt@Base 5.1.0 ++ T1GetFileSize@Base 5.1.0 ++ T1GetTrailer@Base 5.1.0 ++ T1Getc@Base 5.1.0 ++ T1Gets@Base 5.1.0 ++ T1Open@Base 5.1.0 ++ T1Read@Base 5.1.0 ++ T1Ungetc@Base 5.1.0 ++ T1_AAFillOutline@Base 5.1.0 ++ T1_AAGetBitsPerPixel@Base 5.1.0 ++ T1_AAGetGrayValues@Base 5.1.0 ++ T1_AAGetLevel@Base 5.1.0 ++ T1_AAHGetGrayValues@Base 5.1.0 ++ T1_AAHSetGrayValues@Base 5.1.0 ++ T1_AANGetGrayValues@Base 5.1.0 ++ T1_AANSetGrayValues@Base 5.1.0 ++ T1_AASetBitsPerPixel@Base 5.1.0 ++ T1_AASetChar@Base 5.1.0 ++ T1_AASetGrayValues@Base 5.1.0 ++ T1_AASetLevel@Base 5.1.0 ++ T1_AASetRect@Base 5.1.0 ++ T1_AASetSmartLimits@Base 5.1.0 ++ T1_AASetSmartMode@Base 5.1.0 ++ T1_AASetString@Base 5.1.0 ++ T1_AFM_ptr@Base 5.1.0 ++ T1_AbsolutePath@Base 5.1.0 ++ T1_AddFont@Base 5.1.0 ++ T1_AddFontDataBase@Base 5.1.0 ++ T1_AddFontDataBaseXLFD@Base 5.1.0 ++ T1_AddToFileSearchPath@Base 5.1.0 ++ T1_CheckEndian@Base 5.1.0 ++ T1_CheckForFontID@Base 5.1.0 ++ T1_CheckForInit@Base 5.1.0 ++ T1_ClearStrokeFlag@Base 5.1.0 ++ T1_CloseLib@Base 5.1.0 ++ T1_ConcatGlyphs@Base 5.1.0 ++ T1_ConcatOutlines@Base 5.1.0 ++ T1_CopyFont@Base 5.1.0 ++ T1_CopyGlyph@Base 5.1.0 ++ T1_CopyOutline@Base 5.1.0 ++ T1_DeleteAllSizes@Base 5.1.0 ++ T1_DeleteEncoding@Base 5.1.0 ++ T1_DeleteFont@Base 5.1.0 ++ T1_DeleteSize@Base 5.1.0 ++ T1_DumpGlyph@Base 5.1.0 ++ T1_DumpPath@Base 5.1.0 ++ T1_ENC_ptr@Base 5.1.0 ++ T1_ExtendFont@Base 5.1.0 ++ T1_ExtendHMatrix@Base 5.1.0 ++ T1_ExtendVMatrix@Base 5.1.0 ++ T1_FDBXLFD_ptr@Base 5.1.0 ++ T1_FDB_ptr@Base 5.1.0 ++ T1_FillOutline@Base 5.1.0 ++ T1_FreeCompCharData@Base 5.1.0 ++ T1_FreeGlyph@Base 5.1.0 ++ T1_FreeOutline@Base 5.1.0 ++ T1_GenerateAFMFallbackInfo@Base 5.1.0 ++ T1_GetAfmFileName@Base 5.1.0 ++ T1_GetAfmFilePath@Base 5.1.0 ++ T1_GetAllCharNames@Base 5.1.0 ++ T1_GetBitmapPad@Base 5.1.0 ++ T1_GetCharBBox@Base 5.1.0 ++ T1_GetCharName@Base 5.1.0 ++ T1_GetCharOutline@Base 5.1.0 ++ T1_GetCharString@Base 5.1.0 ++ T1_GetCharWidth@Base 5.1.0 ++ T1_GetCompCharData@Base 5.1.0 ++ T1_GetCompCharDataByIndex@Base 5.1.0 ++ T1_GetEncodingIndex@Base 5.1.0 ++ T1_GetEncodingIndices@Base 5.1.0 ++ T1_GetEncodingScheme@Base 5.1.0 ++ T1_GetExtend@Base 5.1.0 ++ T1_GetFamilyName@Base 5.1.0 ++ T1_GetFileSearchPath@Base 5.1.0 ++ T1_GetFontBBox@Base 5.1.0 ++ T1_GetFontFileName@Base 5.1.0 ++ T1_GetFontFilePath@Base 5.1.0 ++ T1_GetFontName@Base 5.1.0 ++ T1_GetFullName@Base 5.1.0 ++ T1_GetIsFixedPitch@Base 5.1.0 ++ T1_GetItalicAngle@Base 5.1.0 ++ T1_GetKerning@Base 5.1.0 ++ T1_GetLibIdent@Base 5.1.0 ++ T1_GetLinePosition@Base 5.1.0 ++ T1_GetLineThickness@Base 5.1.0 ++ T1_GetMetricsInfo@Base 5.1.0 ++ T1_GetMoveOutline@Base 5.1.0 ++ T1_GetNoCompositeChars@Base 5.1.0 ++ T1_GetNoFonts@Base 5.1.0 ++ T1_GetNoKernPairs@Base 5.1.0 ++ T1_GetNotice@Base 5.1.0 ++ T1_GetSlant@Base 5.1.0 ++ T1_GetStringBBox@Base 5.1.0 ++ T1_GetStringOutline@Base 5.1.0 ++ T1_GetStringWidth@Base 5.1.0 ++ T1_GetStrokeMode@Base 5.1.0 ++ T1_GetStrokeWidth@Base 5.1.0 ++ T1_GetTransform@Base 5.1.0 ++ T1_GetUnderlinePosition@Base 5.1.0 ++ T1_GetUnderlineThickness@Base 5.1.0 ++ T1_GetVersion@Base 5.1.0 ++ T1_GetWeight@Base 5.1.0 ++ T1_GetlenIV@Base 5.1.0 ++ T1_INFINITY@Base 5.1.0 ++ T1_InitLib@Base 5.1.0 ++ T1_IsInternalChar@Base 5.1.0 ++ T1_LoadEncoding@Base 5.1.0 ++ T1_LoadFont@Base 5.1.0 ++ T1_ManipulatePath@Base 5.1.0 ++ T1_MirrorHMatrix@Base 5.1.0 ++ T1_MirrorVMatrix@Base 5.1.0 ++ T1_PFAB_ptr@Base 5.1.0 ++ T1_PrintLog@Base 5.1.0 ++ T1_QueryCompositeChar@Base 5.1.0 ++ T1_QueryLigs@Base 5.1.0 ++ T1_QueryX11Support@Base 5.1.0 ++ T1_ReencodeFont@Base 5.1.0 ++ T1_RelativePath@Base 5.1.0 ++ T1_RotateMatrix@Base 5.1.0 ++ T1_ScaleOutline@Base 5.1.0 ++ T1_SetAfmFileName@Base 5.1.0 ++ T1_SetBitmapPad@Base 5.1.0 ++ T1_SetChar@Base 5.1.0 ++ T1_SetDefaultEncoding@Base 5.1.0 ++ T1_SetDeviceResolutions@Base 5.1.0 ++ T1_SetFileSearchPath@Base 5.1.0 ++ T1_SetFontDataBase@Base 5.1.0 ++ T1_SetFontDataBaseXLFD@Base 5.1.0 ++ T1_SetLinePosition@Base 5.1.0 ++ T1_SetLineThickness@Base 5.1.0 ++ T1_SetLogLevel@Base 5.1.0 ++ T1_SetRasterFlags@Base 5.1.0 ++ T1_SetRect@Base 5.1.0 ++ T1_SetString@Base 5.1.0 ++ T1_SetStrokeFlag@Base 5.1.0 ++ T1_SetStrokeWidth@Base 5.1.0 ++ T1_ShearHMatrix@Base 5.1.0 ++ T1_ShearVMatrix@Base 5.1.0 ++ T1_SlantFont@Base 5.1.0 ++ T1_StrError@Base 5.1.0 ++ T1_StrokeFont@Base 5.1.0 ++ T1_SubsetFont@Base 5.1.0 ++ T1_TransformFont@Base 5.1.0 ++ T1_TransformMatrix@Base 5.1.0 ++ T1_Type1OperatorFlags@Base 5.1.0 ++ T1_Up@Base 5.1.0 ++ T1_WriteAFMFallbackFile@Base 5.1.0 ++ T1_errno@Base 5.1.0 ++ T1_fdb@Base 5.1.0 ++ T1_fdbxlfd@Base 5.1.0 ++ T1aa_SmartOn@Base 5.1.0 ++ T1aa_bg@Base 5.1.0 ++ T1aa_bpp@Base 5.1.0 ++ T1aa_smartlimit1@Base 5.1.0 ++ T1aa_smartlimit2@Base 5.1.0 ++ T1eexec@Base 5.1.0 ++ T1int_CreateNewFontSize@Base 5.1.0 ++ T1int_GetLastFontSize@Base 5.1.0 ++ T1int_QueryFontSize@Base 5.1.0 ++ T1int_QuerySEAC@Base 5.1.0 ++ T1int_Type1QuerySEAC@Base 5.1.0 ++ T1io_reset@Base 5.1.0 ++ T1lib_parseFile@Base 5.1.0 ++ TheCurrentFont@Base 5.1.0 ++ Type1Char@Base 5.1.0 ++ Type1Line@Base 5.1.0 ++ currstartstem@Base 5.1.0 ++ digit_value@Base 5.1.0 ++ err_warn_msg_buf@Base 5.1.0 ++ errornumber@Base 5.1.0 ++ filestats@Base 5.1.0 ++ fill@Base 5.1.0 ++ fillrun@Base 5.1.0 ++ fontfcnA@Base 5.1.0 ++ fontfcnB@Base 5.1.0 ++ fontfcnB_ByName@Base 5.1.0 ++ fontfcnB_string@Base 5.1.0 ++ fontfcnRect@Base 5.1.0 ++ initFont@Base 5.1.0 ++ intT1_Env_GetCompletePath@Base 5.1.0 ++ intT1_FreeSearchPaths@Base 5.1.0 ++ intT1_ScanConfigFile@Base 5.1.0 ++ intT1_SetupDefaultSearchPaths@Base 5.1.0 ++ intT1_scanFontDBase@Base 5.1.0 ++ intT1_scanFontDBaseXLFD@Base 5.1.0 ++ linebuf@Base 5.1.0 ++ not_def@Base 5.1.0 ++ numalignmentzones@Base 5.1.0 ++ numstems@Base 5.1.0 ++ objFormatArray@Base 5.1.0 ++ objFormatBoolean@Base 5.1.0 ++ objFormatEncoding@Base 5.1.0 ++ objFormatFile@Base 5.1.0 ++ objFormatInteger@Base 5.1.0 ++ objFormatName@Base 5.1.0 ++ objFormatReal@Base 5.1.0 ++ objFormatString@Base 5.1.0 ++ oldhor@Base 5.1.0 ++ oldhorhalf@Base 5.1.0 ++ oldvert@Base 5.1.0 ++ oldverthalf@Base 5.1.0 ++ pFontBase@Base 5.1.0 ++ readFont@Base 5.1.0 ++ reportusage@Base 5.1.0 ++ resetFont@Base 5.1.0 ++ scan_font@Base 5.1.0 ++ scan_token@Base 5.1.0 ++ stck_state@Base 5.1.0 ++ stems@Base 5.1.0 ++ swathrightmost@Base 5.1.0 ++ swathxsort@Base 5.1.0 ++ t1_Allocate@Base 5.1.0 ++ t1_ApplyContinuity@Base 5.1.0 ++ t1_ArgErr@Base 5.1.0 ++ t1_Bezier@Base 5.1.0 ++ t1_BoundingBox@Base 5.1.0 ++ t1_BoxClip@Base 5.1.0 ++ t1_BoxPath@Base 5.1.0 ++ t1_Bresenham@Base 5.1.0 ++ t1_ChangeDirection@Base 5.1.0 ++ t1_CloseHints@Base 5.1.0 ++ t1_ClosePath@Base 5.1.0 ++ t1_Consume@Base 5.1.0 ++ t1_Copy@Base 5.1.0 ++ t1_CopyPath@Base 5.1.0 ++ t1_CopyRegion@Base 5.1.0 ++ t1_CopySpace@Base 5.1.0 ++ t1_Destroy@Base 5.1.0 ++ t1_DropSegment@Base 5.1.0 ++ t1_DumpArea@Base 5.1.0 ++ t1_DumpEdges@Base 5.1.0 ++ t1_DumpSpace@Base 5.1.0 ++ t1_DumpText@Base 5.1.0 ++ t1_Dup@Base 5.1.0 ++ t1_EmptyRegion@Base 5.1.0 ++ t1_ErrorMsg@Base 5.1.0 ++ t1_FormatFP@Base 5.1.0 ++ t1_Free@Base 5.1.0 ++ t1_HeadSegment@Base 5.1.0 ++ t1_Hint@Base 5.1.0 ++ t1_ILoc@Base 5.1.0 ++ t1_Identity@Base 5.1.0 ++ t1_InitHints@Base 5.1.0 ++ t1_InitImager@Base 5.1.0 ++ t1_InitSpaces@Base 5.1.0 ++ t1_Interior@Base 5.1.0 ++ t1_Join@Base 5.1.0 ++ t1_JoinSegment@Base 5.1.0 ++ t1_KillPath@Base 5.1.0 ++ t1_KillRegion@Base 5.1.0 ++ t1_Line@Base 5.1.0 ++ t1_Loc@Base 5.1.0 ++ t1_MInvert@Base 5.1.0 ++ t1_MMultiply@Base 5.1.0 ++ t1_MoreWorkArea@Base 5.1.0 ++ t1_MoveEdges@Base 5.1.0 ++ t1_PathDelta@Base 5.1.0 ++ t1_PathSegment@Base 5.1.0 ++ t1_PathXform@Base 5.1.0 ++ t1_Permanent@Base 5.1.0 ++ t1_Phantom@Base 5.1.0 ++ t1_Pragmatics@Base 5.1.0 ++ t1_ProcessHint@Base 5.1.0 ++ t1_PseudoSpace@Base 5.1.0 ++ t1_QueryBounds@Base 5.1.0 ++ t1_QueryLoc@Base 5.1.0 ++ t1_QueryPath@Base 5.1.0 ++ t1_QuerySpace@Base 5.1.0 ++ t1_RegionBounds@Base 5.1.0 ++ t1_Reverse@Base 5.1.0 ++ t1_ReverseSubPaths@Base 5.1.0 ++ t1_Scale@Base 5.1.0 ++ t1_Snap@Base 5.1.0 ++ t1_SortSwath@Base 5.1.0 ++ t1_StepBezier@Base 5.1.0 ++ t1_StepLine@Base 5.1.0 ++ t1_SubLoc@Base 5.1.0 ++ t1_SwathUnion@Base 5.1.0 ++ t1_TermImager@Base 5.1.0 ++ t1_Transform@Base 5.1.0 ++ t1_TypeErr@Base 5.1.0 ++ t1_UnConvert@Base 5.1.0 ++ t1_UnJumble@Base 5.1.0 ++ t1_Unique@Base 5.1.0 ++ t1_User@Base 5.1.0 ++ t1_Xform@Base 5.1.0 ++ t1_abort@Base 5.1.0 ++ t1_get_abort_message@Base 5.1.0 ++ t1lib_log_file@Base 5.1.0 ++ t1lib_log_level@Base 5.1.0 ++ tokenLength@Base 5.1.0 ++ tokenMaxP@Base 5.1.0 ++ tokenStartP@Base 5.1.0 ++ tokenTooLong@Base 5.1.0 ++ tokenType@Base 5.1.0 ++ tokenValue@Base 5.1.0 ++ vm_alloc@Base 5.1.0 ++ vm_base@Base 5.1.0 ++ vm_free@Base 5.1.0 ++ vm_init@Base 5.1.0 ++ vm_init_amount@Base 5.1.0 ++ vm_init_count@Base 5.1.0 ++ vm_next@Base 5.1.0 ++ vm_size@Base 5.1.0 ++ vm_used@Base 5.1.0 ++ wsoffsetX@Base 5.1.0 ++ wsoffsetY@Base 5.1.0 ++ wsset@Base 5.1.0 ++ xiStub@Base 5.1.0 ++ xiTemporary@Base 5.1.0 ++libt1x.so.5 libt1-5 #MINVER# ++ T1_AASetCharX@Base 5.1.1 ++ T1_AASetRectX@Base 5.1.1 ++ T1_AASetStringX@Base 5.1.1 ++ T1_ComputeAAColorsX@Base 5.1.1 ++ T1_LogicalPositionX@Base 5.1.1 ++ T1_SetCharX@Base 5.1.1 ++ T1_SetRectX@Base 5.1.1 ++ T1_SetStringX@Base 5.1.1 ++ T1_SetX11Params@Base 5.1.1 ++ T1_XImageFromGlyph@Base 5.1.1 +--- t1lib-5.1.2.orig/debian/control ++++ t1lib-5.1.2/debian/control +@@ -0,0 +1,84 @@ ++Source: t1lib ++Section: libs ++Priority: optional ++Maintainer: Ruben Molina <rmolina@udea.edu.co> ++Build-Depends: cdbs, debhelper (>= 7), autotools-dev, libice-dev, libsm-dev, libx11-dev, libxext-dev, libxaw7-dev, quilt ++Standards-Version: 3.8.0 ++Homepage: ftp://sunsite.unc.edu/pub/Linux/libs/graphics/ ++ ++Package: libt1-5 ++Section: libs ++Architecture: any ++Depends: ${shlibs:Depends}, ${misc:Depends} ++Description: Type 1 font rasterizer library - runtime ++ T1lib is an enhanced rasterizer for Type 1 fonts. ++ . ++ T1lib is based on the X11R5 font rasterizer code, but operates independently ++ of X11. It includes many enhancements, including underlining, antialiasing, ++ user-defined slant and extension factors, and rotation. ++ . ++ This package contains the shared libraries needed to run programs using T1lib. ++ ++Package: libt1-dev ++Section: libdevel ++Architecture: any ++Depends: libt1-5 (= ${binary:Version}), libice-dev, libsm-dev, libx11-dev, ++ libxext-dev, libxaw7-dev ++Recommends: libt1-doc ++Conflicts: t1lib-dev, t1lib1-dev ++Description: Type 1 font rasterizer library - development ++ T1lib is an enhanced rasterizer for Type 1 fonts. ++ . ++ T1lib is based on the X11R5 font rasterizer code, but operates independently ++ of X11. It includes many enhancements, including underlining, antialiasing, ++ user-defined slant and extension factors, and rotation. ++ . ++ This package contains the header files and static libraries needed to ++ develop programs using T1lib. ++ . ++ Please note, that PDF documentation is placed in libt1-doc ++ ++Package: t1lib-bin ++Architecture: any ++Section: misc ++Depends: ${shlibs:Depends} ++Provides: t1lib1-bin ++Replaces: t1lib1-bin ++Conflicts: t1lib1-bin ++Description: Type 1 font rasterizer library - user binaries ++ T1lib is an enhanced rasterizer for Type 1 fonts. ++ . ++ T1lib is based on the X11R5 font rasterizer code, but operates independently ++ of X11. It includes many enhancements, including underlining, antialiasing, ++ user-defined slant and extension factors, and rotation. ++ . ++ This package contains the programs "xglyph" and "type1afm", included in the ++ upstream T1lib distribution. It also contains the "t1libconfig" ++ script used to configure t1lib. ++ ++Package: libt1-doc ++Architecture: all ++Section: doc ++Description: Type 1 font rasterizer library - developers documentation ++ T1lib is an enhanced rasterizer for Type 1 fonts. ++ . ++ T1lib is based on the X11R5 font rasterizer code, but operates independently ++ of X11. It includes many enhancements, including underlining, antialiasing, ++ user-defined slant and extension factors, and rotation. ++ . ++ This package contains developers documentation. ++ ++Package: libt1-5-dbg ++Section: libdevel ++Priority: extra ++Architecture: any ++Depends: libt1-5 (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends} ++Description: Type 1 font rasterizer library - debugging runtime ++ T1lib is an enhanced rasterizer for Type 1 fonts. ++ . ++ T1lib is based on the X11R5 font rasterizer code, but operates independently ++ of X11. It includes many enhancements, including underlining, antialiasing, ++ user-defined slant and extension factors, and rotation. ++ . ++ This package contains debugging information. ++ +--- t1lib-5.1.2.orig/debian/libt1-dev.install ++++ t1lib-5.1.2/debian/libt1-dev.install +@@ -0,0 +1,3 @@ ++debian/tmp/usr/include/* ++debian/tmp/usr/lib/*.so ++debian/tmp/usr/lib/*.a +--- t1lib-5.1.2.orig/debian/compat ++++ t1lib-5.1.2/debian/compat +@@ -0,0 +1 @@ ++7 +--- t1lib-5.1.2.orig/debian/t1lib-bin.postrm ++++ t1lib-5.1.2/debian/t1lib-bin.postrm +@@ -0,0 +1,8 @@ ++#!/bin/sh ++set -e ++ ++if [ "$1" = "purge" ]; then ++ rm -rf /etc/t1lib ++fi ++ ++#DEBHELPER# +--- t1lib-5.1.2.orig/debian/watch ++++ t1lib-5.1.2/debian/watch +@@ -0,0 +1,3 @@ ++version=3 ++ftp://sunsite.unc.edu/pub/Linux/libs/graphics/t1lib-(.*)\.tar\.gz \ ++ debian debian/orig-tar.sh +--- t1lib-5.1.2.orig/debian/README.Debian ++++ t1lib-5.1.2/debian/README.Debian +@@ -0,0 +1,25 @@ ++t1lib for Debian ++---------------- ++ ++This package has been created from scratch using debhelper. It contains ++four binary packages: ++ * shared library - libt1-5 ++ * development files - libt1-5-dev ++ * font-related binary utils - t1lib5-bin ++ * documentation - libt1-5-doc ++ ++However you can read in upstream's README that t1lib is completely independent ++of X11, you should know that package provides also libt1x library which ++contains X11 pixmap support. That's why it requires a bunch of X-libraries ++installed. If you consider this as a bad behavior, please discuss it on ++debian-devel list. ++ ++NOTE: The old 't1lib0' package will *remove* /etc/t1lib/ and its ++contents if you purge it. Since this package is now obsolete, there ++is no good solution for this; you must back up your font database and ++config file if you wish to preserve them. Sorry... ++ ++This package has been previously maintained by David Huggins-Daines, great ++thanks to him for his good job. ++ ++ -- Artur R. Czechowski <arturcz@hell.pl>, Tue, 11 Nov 2003 13:31:48 +0100 +--- t1lib-5.1.2.orig/debian/t1lib-bin.dirs ++++ t1lib-5.1.2/debian/t1lib-bin.dirs +@@ -0,0 +1 @@ ++etc/t1lib +--- t1lib-5.1.2.orig/debian/patches/no-docs.diff ++++ t1lib-5.1.2/debian/patches/no-docs.diff +@@ -0,0 +1,34 @@ ++We are using debhelper to install the documentation in the correct ++directory. ++ ++Index: t1lib-5.1.1/doc/Makefile.in ++=================================================================== ++--- t1lib-5.1.1.orig/doc/Makefile.in 2008-01-05 19:05:03.000000000 +0100 +++++ t1lib-5.1.1/doc/Makefile.in 2008-01-05 19:05:25.000000000 +0100 ++@@ -89,16 +89,16 @@ ++ ++ ++ install: dummy ++- if (test -f t1lib_doc.ps) \ ++- then \ ++- $(MKINSTALLDIRS) $(DESTDIR)@T1LIB_DATA_DIR@/doc; \ ++- $(INSTALL_DATA) t1lib_doc.ps $(DESTDIR)@T1LIB_DATA_DIR@/doc; \ ++- fi; ++- if (test -f t1lib_doc.pdf) \ ++- then \ ++- $(MKINSTALLDIRS) $(DESTDIR)@T1LIB_DATA_DIR@/doc; \ ++- $(INSTALL_DATA) t1lib_doc.pdf $(DESTDIR)@T1LIB_DATA_DIR@/doc; \ ++- fi; +++# if (test -f t1lib_doc.ps) \ +++# then \ +++# $(MKINSTALLDIRS) $(DESTDIR)@T1LIB_DATA_DIR@/doc; \ +++# $(INSTALL_DATA) t1lib_doc.ps $(DESTDIR)@T1LIB_DATA_DIR@/doc; \ +++# fi; +++# if (test -f t1lib_doc.pdf) \ +++# then \ +++# $(MKINSTALLDIRS) $(DESTDIR)@T1LIB_DATA_DIR@/doc; \ +++# $(INSTALL_DATA) t1lib_doc.pdf $(DESTDIR)@T1LIB_DATA_DIR@/doc; \ +++# fi; ++ ++ ++ uninstall: dummy +--- t1lib-5.1.2.orig/debian/patches/lib-cleanup.diff ++++ t1lib-5.1.2/debian/patches/lib-cleanup.diff +@@ -0,0 +1,59 @@ ++do not link against libraries that are not needed ++ ++Index: t1lib-5.1.1/lib/Makefile.in ++=================================================================== ++--- t1lib-5.1.1.orig/lib/Makefile.in 2008-01-05 19:17:21.000000000 +0100 +++++ t1lib-5.1.1/lib/Makefile.in 2008-01-05 19:17:38.000000000 +0100 ++@@ -24,7 +24,7 @@ ++ X_LIBS = @X_LIBS@ ++ TOPSRC = @top_srcdir@ ++ XPM_LIB = -lXpm ++-XLIB = @X_PRE_LIBS@ -lXext -lX11 @X_EXTRA_LIBS@ +++XLIB = -lX11 ++ LDFLAGS = @LDFLAGS@ ++ LDLIBS = @LDLIBS@ ++ AR = ar rc ++@@ -137,7 +137,7 @@ ++ $(LIBTOOL) --mode=link \ ++ $(CC) $(LDFLAGS) -o $@ $(T1LIBX_OBJS) \ ++ -version-info @T1LIB_LT_CURRENT@:@T1LIB_LT_REVISION@:@T1LIB_LT_AGE@ \ ++- libt1.la $(X_LIBS) $(XPM_LIB) $(XLIB) -no-undefined -rpath $(libdir) +++ libt1.la $(X_LIBS) $(XLIB) -no-undefined -rpath $(libdir) ++ cp t1lib/t1libx.h . ++ ++ ++Index: t1lib-5.1.1/type1afm/Makefile.in ++=================================================================== ++--- t1lib-5.1.1.orig/type1afm/Makefile.in 2008-01-05 19:17:52.000000000 +0100 +++++ t1lib-5.1.1/type1afm/Makefile.in 2008-01-05 19:18:02.000000000 +0100 ++@@ -70,7 +70,7 @@ ++ ++ type1afm: $(OBJS) ../lib/t1lib.h ++ $(LIBTOOL) --mode=link \ ++- $(CC) -o type1afm $(LDFLAGS) $(OBJS) $(T1LIB) $(LDLIBS) +++ $(CC) -o type1afm $(LDFLAGS) $(OBJS) $(T1LIB) ++ ++ .SUFFIXES: .lo ++ .c.lo: ++Index: t1lib-5.1.1/xglyph/Makefile.in ++=================================================================== ++--- t1lib-5.1.1.orig/xglyph/Makefile.in 2008-01-05 19:18:15.000000000 +0100 +++++ t1lib-5.1.1/xglyph/Makefile.in 2008-01-05 19:18:31.000000000 +0100 ++@@ -24,7 +24,7 @@ ++ X_LIBS = @X_LIBS@ ++ TOPSRC = @top_srcdir@ ++ XPM_LIB = -lXpm ++-XLIB = @X_PRE_LIBS@ -lXext -lX11 @X_EXTRA_LIBS@ +++XLIB = -lX11 @X_EXTRA_LIBS@ ++ LDFLAGS = @LDFLAGS@ ++ LDLIBS = @LDLIBS@ ++ AR = ar rc ++@@ -65,7 +65,7 @@ ++ ++ T1LIB = ../lib/libt1.la ++ T1LIBX = ../lib/libt1x.la ++-XAWLIB = -lXaw -lXt -lXmu +++XAWLIB = -lXaw -lXt ++ ++ ++ all: xglyph +--- t1lib-5.1.2.orig/debian/patches/no-config.diff ++++ t1lib-5.1.2/debian/patches/no-config.diff +@@ -0,0 +1,57 @@ ++do not install a static configuration file ++ ++Index: t1lib-5.1.1/lib/Makefile.in ++=================================================================== ++--- t1lib-5.1.1.orig/lib/Makefile.in 2008-01-05 19:13:57.000000000 +0100 +++++ t1lib-5.1.1/lib/Makefile.in 2008-01-05 19:14:18.000000000 +0100 ++@@ -161,17 +161,17 @@ ++ install: dummy ++ $(MKINSTALLDIRS) $(DESTDIR)$(libdir) ++ $(MKINSTALLDIRS) $(DESTDIR)$(includedir) ++- $(MKINSTALLDIRS) $(DESTDIR)@T1LIB_DATA_DIR@ +++# $(MKINSTALLDIRS) $(DESTDIR)@T1LIB_DATA_DIR@ ++ $(LIBTOOL) --mode=install \ ++ $(INSTALL_DATA) $(MAIN_TARGET) $(DESTDIR)$(libdir) ++ $(LIBTOOL) --mode=install \ ++ $(INSTALL_DATA) $(MAIN_HEADER) $(DESTDIR)$(includedir) ++- if (test -f $(DESTDIR)@T1LIB_DATA_DIR@/t1lib.config) \ ++- then \ ++- echo "Alert: Global configuration file exists, installation skipped!"; \ ++- else \ ++- $(LIBTOOL) --mode=install $(INSTALL_DATA) t1lib.config $(DESTDIR)@T1LIB_DATA_DIR@; \ ++- fi; +++# if (test -f $(DESTDIR)@T1LIB_DATA_DIR@/t1lib.config) \ +++# then \ +++# echo "Alert: Global configuration file exists, installation skipped!"; \ +++# else \ +++# $(LIBTOOL) --mode=install $(INSTALL_DATA) t1lib.config $(DESTDIR)@T1LIB_DATA_DIR@; \ +++# fi; ++ ++ ++ uninstall: dummy ++@@ -179,7 +179,7 @@ ++ -$(LIBTOOL) --mode=uninstall $(RM) $(DESTDIR)$(libdir)/libt1x.la ++ -$(LIBTOOL) --mode=uninstall $(RM) $(DESTDIR)$(includedir)/t1lib.h ++ -$(LIBTOOL) --mode=uninstall $(RM) $(DESTDIR)$(includedir)/t1libx.h ++- -$(LIBTOOL) --mode=uninstall $(RM) $(DESTDIR)@T1LIB_DATA_DIR@/t1lib.config +++# -$(LIBTOOL) --mode=uninstall $(RM) $(DESTDIR)@T1LIB_DATA_DIR@/t1lib.config ++ ++ ++ dummy: ++Index: t1lib-5.1.1/xglyph/xglyph.c ++=================================================================== ++--- t1lib-5.1.1.orig/xglyph/xglyph.c 2008-01-05 19:16:30.000000000 +0100 +++++ t1lib-5.1.1/xglyph/xglyph.c 2008-01-05 19:16:40.000000000 +0100 ++@@ -526,9 +526,12 @@ ++ ++ /* Check for environment entry. If not set, set it to current ++ directory so that configuration file is found there */ +++ /* It violates the Debian Policy */ +++#if 0 ++ if (getenv("T1LIB_CONFIG")==NULL){ ++ putenv( "T1LIB_CONFIG=./t1lib.config"); ++ } +++#endif ++ ++ ++ /* Set log-level: */ +--- t1lib-5.1.2.orig/debian/patches/segfault.diff ++++ t1lib-5.1.2/debian/patches/segfault.diff +@@ -0,0 +1,62 @@ ++This patch does not look safe and it has not been accepted upstream. ++Index: t1lib-5.1.1/lib/t1lib/t1base.c ++=================================================================== ++--- t1lib-5.1.1.orig/lib/t1lib/t1base.c 2005-05-18 05:08:01.000000000 +0200 +++++ t1lib-5.1.1/lib/t1lib/t1base.c 2008-01-06 20:48:32.000000000 +0100 ++@@ -455,7 +455,7 @@ ++ to test_for_t1_file() filename is substituted by an emty ++ string if the file was not found: */ ++ sprintf( err_warn_msg_buf, "Type 1 Font file %s.[pfa/pfb] not found (FontID=%d, SearchPath=%s)", ++- linebuf, m-1, T1_GetFileSearchPath(T1_PFAB_PATH)); +++ linebuf, m-1, intT1_GetFileSearchPath(T1_PFAB_PATH)); ++ if ((test_for_t1_file( &linebuf[0]))){ ++ T1_PrintLog( "intT1_scanFontDBase()", err_warn_msg_buf, T1LOG_WARNING); ++ located=0; ++@@ -579,7 +579,7 @@ ++ to test_for_t1_file() filename is substituted by an emty ++ string if the file was not found: */ ++ sprintf( err_warn_msg_buf, "Type 1 Font file %s.[pfa/pfb] not found (FontID=%d, SearchPath=%s)", ++- linebuf, m-1, T1_GetFileSearchPath(T1_PFAB_PATH)); +++ linebuf, m-1, intT1_GetFileSearchPath(T1_PFAB_PATH)); ++ if ((test_for_t1_file( &linebuf[0]))){ ++ T1_PrintLog( "intT1_scanFontDBase()", err_warn_msg_buf, T1LOG_WARNING); ++ located=0; ++Index: t1lib-5.1.1/lib/t1lib/t1env.c ++=================================================================== ++--- t1lib-5.1.1.orig/lib/t1lib/t1env.c 2008-01-06 20:48:32.000000000 +0100 +++++ t1lib-5.1.1/lib/t1lib/t1env.c 2008-01-06 20:48:32.000000000 +0100 ++@@ -807,6 +807,14 @@ ++ ++ } ++ +++/* intT1_GetFileSearchPath(): +++ call T1_GetFileSearchPath and truncate the line to avoid overflowing +++ error buffers*/ +++char *intT1_GetFileSearchPath( int type) +++{ +++ char *res = T1_GetFileSearchPath(type); +++ res[900] = 0; +++} ++ ++ /* T1_AddToFileSearchPath(): Add the specified path element to ++ the specified search path. If the existing path is the default path, ++Index: t1lib-5.1.1/lib/t1lib/t1env.h ++=================================================================== ++--- t1lib-5.1.1.orig/lib/t1lib/t1env.h 2005-05-16 20:37:43.000000000 +0200 +++++ t1lib-5.1.1/lib/t1lib/t1env.h 2008-01-06 20:48:32.000000000 +0100 ++@@ -35,6 +35,7 @@ ++ int T1_SetFileSearchPath( int type, char *pathname); ++ int T1_AddToFileSearchPath( int pathtype, int mode, char *pathname); ++ char *T1_GetFileSearchPath( int type); +++char *intT1_GetFileSearchPath( int type); ++ int T1_SetFontDataBase( char *filename); ++ int T1_AddFontDataBase( int mode, char *filename); ++ int T1_SetFontDataBaseXLFD( char *filename); ++@@ -49,6 +50,7 @@ ++ extern int T1_SetFileSearchPath( int type, char *pathname); ++ extern int T1_AddToFileSearchPath( int pathtype, int mode, char *pathname); ++ extern char *T1_GetFileSearchPath( int type); +++extern char *intT1_GetFileSearchPath( int type); ++ extern int T1_SetFontDataBase( char *filename); ++ extern int T1_AddFontDataBase( int mode, char *filename); ++ extern int T1_SetFontDataBaseXLFD( char *filename); +--- t1lib-5.1.2.orig/debian/patches/CVE-2010-2642.patch ++++ t1lib-5.1.2/debian/patches/CVE-2010-2642.patch +@@ -0,0 +1,24 @@ ++diff --git a/lib/t1lib/parseAFM.c b/lib/t1lib/parseAFM.c ++index 6a31d7f..ba64541 100644 ++--- a/lib/t1lib/parseAFM.c +++++ b/lib/t1lib/parseAFM.c ++@@ -199,7 +199,9 @@ static char *token(stream) ++ idx = 0; ++ ++ while (ch != EOF && ch != ' ' && ch != CR && ch != LF && ++- ch != CTRL_Z && ch != '\t' && ch != ':' && ch != ';'){ +++ ch != CTRL_Z && ch != '\t' && ch != ':' && ch != ';' +++ && idx < (MAX_NAME -1)) +++ { ++ ident[idx++] = ch; ++ ch = fgetc(stream); ++ } /* while */ ++@@ -235,7 +237,7 @@ static char *linetoken(stream) ++ while ((ch = fgetc(stream)) == ' ' || ch == '\t' ); ++ ++ idx = 0; ++- while (ch != EOF && ch != CR && ch != LF && ch != CTRL_Z) +++ while (ch != EOF && ch != CR && ch != LF && ch != CTRL_Z && idx < (MAX_NAME - 1)) ++ { ++ ident[idx++] = ch; ++ ch = fgetc(stream); +--- t1lib-5.1.2.orig/debian/patches/CVE-2011-0764.diff ++++ t1lib-5.1.2/debian/patches/CVE-2011-0764.diff +@@ -0,0 +1,32 @@ ++Description: Don't lookup previous point if there isn't any ++Author: Marc Deslauriers <marc.deslauriers@canonical.com> ++Forwarded: no ++ ++Index: t1lib-5.1.2/lib/type1/type1.c ++=================================================================== ++--- t1lib-5.1.2.orig/lib/type1/type1.c 2011-12-13 14:24:14.280965637 -0600 +++++ t1lib-5.1.2/lib/type1/type1.c 2011-12-13 14:25:25.893320747 -0600 ++@@ -1700,6 +1700,7 @@ ++ long pindex = 0; ++ ++ /* compute hinting for previous segment! */ +++ if (ppoints == NULL) Error0i("RLineTo: No previous point!\n"); ++ FindStems( currx, curry, currx-ppoints[numppoints-2].x, curry-ppoints[numppoints-2].y, dx, dy); ++ ++ /* Allocate a new path point and pre-setup data */ ++@@ -1728,6 +1729,7 @@ ++ long pindex = 0; ++ ++ /* compute hinting for previous point! */ +++ if (ppoints == NULL) Error0i("RRCurveTo: No previous point!\n"); ++ FindStems( currx, curry, currx-ppoints[numppoints-2].x, curry-ppoints[numppoints-2].y, dx1, dy1); ++ ++ /* Allocate three new path points and pre-setup data */ ++@@ -1903,6 +1905,7 @@ ++ FindStems( currx, curry, 0, 0, dx, dy); ++ } ++ else { +++ if (ppoints == NULL) Error0i("RMoveTo: No previous point!\n"); ++ FindStems( currx, curry, ppoints[numppoints-2].x, ppoints[numppoints-2].y, dx, dy); ++ } ++ +--- t1lib-5.1.2.orig/debian/patches/CVE-2011-1552_1553_1554.patch ++++ t1lib-5.1.2/debian/patches/CVE-2011-1552_1553_1554.patch +@@ -0,0 +1,133 @@ ++Author: Jaroslav Å karvada <jskarvad@redhat.com> ++Description: Fix more crashes on oversized fonts ++Bug-Redhat: http://bugzilla.redhat.com/show_bug.cgi?id=692909 ++Index: t1lib-5.1.2/lib/type1/lines.c ++=================================================================== ++--- t1lib-5.1.2.orig/lib/type1/lines.c 2007-12-23 09:49:42.000000000 -0600 +++++ t1lib-5.1.2/lib/type1/lines.c 2012-01-17 14:15:08.000000000 -0600 ++@@ -67,6 +67,10 @@ ++ None. ++ */ ++ +++#define BITS (sizeof(LONG)*8) +++#define HIGHTEST(p) (((p)>>(BITS-2)) != 0) /* includes sign bit */ +++#define TOOBIG(xy) ((xy < 0) ? HIGHTEST(-xy) : HIGHTEST(xy)) +++ ++ /* ++ :h2.StepLine() - Produces Run Ends for a Line After Checks ++ ++@@ -84,6 +88,9 @@ ++ IfTrace4((LineDebug > 0), ".....StepLine: (%d,%d) to (%d,%d)\n", ++ x1, y1, x2, y2); ++ +++ if ( TOOBIG(x1) || TOOBIG(x2) || TOOBIG(y1) || TOOBIG(y2)) +++ abort("Lines this big not supported", 49); +++ ++ dy = y2 - y1; ++ ++ /* ++Index: t1lib-5.1.2/lib/type1/objects.c ++=================================================================== ++--- t1lib-5.1.2.orig/lib/type1/objects.c 2007-12-23 09:49:42.000000000 -0600 +++++ t1lib-5.1.2/lib/type1/objects.c 2012-01-17 14:15:08.000000000 -0600 ++@@ -1137,12 +1137,13 @@ ++ "Context: out of them", /* 46 */ ++ "MatrixInvert: can't", /* 47 */ ++ "xiStub called", /* 48 */ ++- "Illegal access type1 abort() message" /* 49 */ +++ "Lines this big not supported", /* 49 */ +++ "Illegal access type1 abort() message" /* 50 */ ++ }; ++ ++- /* no is valid from 1 to 48 */ ++- if ( (number<1)||(number>48)) ++- number=49; +++ /* no is valid from 1 to 49 */ +++ if ( (number<1)||(number>49)) +++ number=50; ++ return( err_msgs[number-1]); ++ ++ } ++Index: t1lib-5.1.2/lib/type1/type1.c ++=================================================================== ++--- t1lib-5.1.2.orig/lib/type1/type1.c 2012-01-17 14:13:28.000000000 -0600 +++++ t1lib-5.1.2/lib/type1/type1.c 2012-01-17 14:19:54.000000000 -0600 ++@@ -1012,6 +1012,7 @@ ++ double nextdtana = 0.0; /* tangent of post-delta against horizontal line */ ++ double nextdtanb = 0.0; /* tangent of post-delta against vertical line */ ++ +++ if (ppoints == NULL || numppoints < 1) Error0v("FindStems: No previous point!\n"); ++ ++ /* setup default hinted position */ ++ ppoints[numppoints-1].ax = ppoints[numppoints-1].x; ++@@ -1289,7 +1290,7 @@ ++ static int DoRead(CodeP) ++ int *CodeP; ++ { ++- if (strindex >= CharStringP->len) return(FALSE); /* end of string */ +++ if (!CharStringP || strindex >= CharStringP->len) return(FALSE); /* end of string */ ++ /* We handle the non-documented Adobe convention to use lenIV=-1 to ++ suppress charstring encryption. */ ++ if (blues->lenIV==-1) { ++@@ -1700,7 +1701,7 @@ ++ long pindex = 0; ++ ++ /* compute hinting for previous segment! */ ++- if (ppoints == NULL) Error0i("RLineTo: No previous point!\n"); +++ if (ppoints == NULL || numppoints < 2) Error0i("RLineTo: No previous point!\n"); ++ FindStems( currx, curry, currx-ppoints[numppoints-2].x, curry-ppoints[numppoints-2].y, dx, dy); ++ ++ /* Allocate a new path point and pre-setup data */ ++@@ -1729,7 +1730,7 @@ ++ long pindex = 0; ++ ++ /* compute hinting for previous point! */ ++- if (ppoints == NULL) Error0i("RRCurveTo: No previous point!\n"); +++ if (ppoints == NULL || numppoints < 2) Error0i("RRCurveTo: No previous point!\n"); ++ FindStems( currx, curry, currx-ppoints[numppoints-2].x, curry-ppoints[numppoints-2].y, dx1, dy1); ++ ++ /* Allocate three new path points and pre-setup data */ ++@@ -1788,7 +1789,9 @@ ++ long tmpind; ++ double deltax = 0.0; ++ double deltay = 0.0; ++- +++ +++ if (ppoints == NULL || numppoints < 1) Error0i("DoClosePath: No previous point!"); +++ ++ /* If this ClosePath command together with the starting point of this ++ path completes to a segment aligned to a stem, we would miss ++ hinting for this point. --> Check and explicitly care for this! */ ++@@ -1803,6 +1806,7 @@ ++ deltax = ppoints[i].x - ppoints[numppoints-1].x; ++ deltay = ppoints[i].y - ppoints[numppoints-1].y; ++ +++ if (ppoints == NULL || numppoints <= i + 1) Error0i("DoClosePath: No previous point!"); ++ /* save nummppoints and reset to move point */ ++ tmpind = numppoints; ++ numppoints = i + 1; ++@@ -1905,7 +1909,7 @@ ++ FindStems( currx, curry, 0, 0, dx, dy); ++ } ++ else { ++- if (ppoints == NULL) Error0i("RMoveTo: No previous point!\n"); +++ if (ppoints == NULL || numppoints < 2) Error0i("RMoveTo: No previous point!\n"); ++ FindStems( currx, curry, ppoints[numppoints-2].x, ppoints[numppoints-2].y, dx, dy); ++ } ++ ++@@ -2155,6 +2159,7 @@ ++ DOUBLE cx, cy; ++ DOUBLE ex, ey; ++ +++ if (ppoints == NULL || numppoints < 8) Error0v("FlxProc: No previous point!"); ++ ++ /* Our PPOINT list now contains 7 moveto commands which ++ are about to be consumed by the Flex mechanism. --> Remove these ++@@ -2324,6 +2329,7 @@ ++ /* Returns currentpoint on stack */ ++ static void FlxProc2() ++ { +++ if (ppoints == NULL || numppoints < 1) Error0v("FlxProc2: No previous point!"); ++ /* Push CurrentPoint on fake PostScript stack */ ++ PSFakePush( ppoints[numppoints-1].x); ++ PSFakePush( ppoints[numppoints-1].y); +--- t1lib-5.1.2.orig/debian/patches/format-security.diff ++++ t1lib-5.1.2/debian/patches/format-security.diff +@@ -0,0 +1,33 @@ ++--- a/lib/type1/objects.c +++++ b/lib/type1/objects.c ++@@ -957,7 +957,7 @@ ++ ++ sprintf(typemsg, "Wrong object type in %s; expected %s, found %s.\n", ++ name, TypeFmt(expect), TypeFmt(obj->type)); ++- IfTrace0(TRUE,typemsg); +++ IfTrace1(TRUE, "%s", typemsg); ++ ++ ObjectPostMortem(obj); ++ ++--- a/lib/t1lib/t1subset.c +++++ b/lib/t1lib/t1subset.c ++@@ -759,7 +759,7 @@ ++ tr_len); ++ T1_PrintLog( "T1_SubsetFont()", err_warn_msg_buf, ++ T1LOG_DEBUG); ++- l+=sprintf( &(trailerbuf[l]), linebuf); /* contains the PostScript trailer */ +++ l+=sprintf( &(trailerbuf[l]), "%s", linebuf); /* contains the PostScript trailer */ ++ } ++ ++ /* compute size of output file */ ++--- a/lib/type1/objects.h +++++ b/lib/type1/objects.h ++@@ -214,7 +214,7 @@ ++ /*SHARED*/ ++ /* NDW: personally, I want to see status and error messages! */ ++ #define IfTrace0(condition,model) \ ++- {if (condition) printf(model);} +++ {if (condition) fputs(model,stdout);} ++ #define IfTrace1(condition,model,arg0) \ ++ {if (condition) printf(model,arg0);} ++ #define IfTrace2(condition,model,arg0,arg1) \ +--- t1lib-5.1.2.orig/debian/patches/series ++++ t1lib-5.1.2/debian/patches/series +@@ -0,0 +1,8 @@ ++no-docs.diff ++no-config.diff ++lib-cleanup.diff ++#segfault.diff ++format-security.diff ++CVE-2011-0764.diff ++CVE-2011-1552_1553_1554.patch ++CVE-2010-2642.patch +--- t1lib-5.1.2.orig/debian/man/FontDatabase.5 ++++ t1lib-5.1.2/debian/man/FontDatabase.5 +@@ -0,0 +1,77 @@ ++.TH FONTDATABASE 5 ++.SH NAME ++FontDataBase \- database of fonts accessible to t1lib. ++.SH DESCRIPTION ++This manual page has been written for the Debian GNU/Linux ++distribution. It has been adapted from the documentation included in ++the upstream ++.B t1lib ++distribution. ++.PP ++.B /etc/t1lib/FontDataBase ++is a text file which contains, minimally, the basenames of Type 1 font ++files to be made accessible to the ++.B t1lib ++font rasterizer library. The format is intentionally similar to that ++of the ++.B fonts.dir ++and ++.B fonts.scale ++files used by X11. ++.PP ++Line 1 of this file contains a positive integer specifying the number ++of fonts declared in that file. This is as in the ++.B fonts.dir ++files of the X11 system. ++.PP ++All remaining lines contain declarations of one font each. The only ++thing taken from such a line is the last string (delimited by white ++space) in it. It is assumed to be a filename of the format ++\fIbasename\fR.\fIsomeextension\fR. ++.PP ++The \fIbasename\fR part is assumed to be the ++.BR basename (1) ++of a fontfile. After the a string has been parsed, the ++.I extension ++is cut off and replaced in turn with ++.I .pfa ++and ++.I .pfb. ++The initialization routine tries to open a font file in ++its search path with one of the resulting filenames. ++.PP ++The remainder of the line, i.e., from beginning to the start of the ++filename string, is completely ignored and thus may contain ++information for other programs. ++.SH EXAMPLES ++Here is a minimal font database file for 4 fonts: ++.sp ++.nf ++4 ++isvl.afm ++isvli.afm ++isvd.afm ++isvdi.afm ++.fi ++.PP ++This file is \fIminimal\fR, because it contains just the information ++needed, and nothing not needed by the library. ++.PP ++Here is a more realistic example, which allows an application to match ++a fully qualified X11 fontname to a FontID in ++.B t1lib. ++This is also a valid font database file: ++.sp ++.nf ++4 ++Souvenir Souvenir-Light --- \-itc-souvenir-light-r-normal--#-0-0-0-p-0-iso8859-1 isvl.afm ++Souvenir Souvenir-LightItalic -*- \-itc-souvenir-light-i-normal--#-0-0-0-p-0-iso8859-1 isvli.afm ++ Souvenir-Demi *-- \-itc-souvenir-demi-r-normal--#-0-0-0-p-0-iso8859-1 isvd.afm ++ Souvenir-DemiItalic **- \-itc-souvenir-demi-i-normal--#-0-0-0-p-0-iso8859-1 isvdi.afm ++.fi ++.PP ++.SH FILES ++.I /etc/t1lib/FontDataBase ++.SH "SEE ALSO" ++.BR mkfontdir (1x) ++ +--- t1lib-5.1.2.orig/debian/man/t1libconfig.8 ++++ t1lib-5.1.2/debian/man/t1libconfig.8 +@@ -0,0 +1,57 @@ ++.TH T1LIBCONFIG 8 ++.SH NAME ++.B t1libconfig ++\- create the t1lib.config and FontDataBase files for t1lib ++.SH SYNOPSIS ++.B t1libconfig ++[ ++.BR \-v\fP, \fB\-\-version ++] ++[ ++.BR \-h\fP, \fB\-\-help ++] ++.B \-\-force ++] ++[ ++.B fontdirectory... ++] ++.SH DESCRIPTION ++.B t1libconfig ++scans a list of directories for Type 1 fonts and font metric files, ++and generates a configuration file and font database file for the ++.B t1lib ++rasterizer library accordingly. By default, it looks in all ++subdirectories of /usr/X11R6/lib/X11/fonts, and in ++/usr/lib/ghostscript. Extra directories to search may be specified on ++the command line. The ++.B t1libconfig ++script tries not to scan the same directory twice (this is, however, ++not foolproof, since /usr/X11R6/lib/X11/fonts and /usr/lib/X11/fonts ++typically point to the same directory on GNU/Linux systems). ++.SH OPTIONS ++.TP ++.BR \-v\fP, \fB\-\-version ++Print the version of ++.B t1libconfig ++and exit. ++.TP ++.BR \-h\fP, \fB\-\-help ++Print help about usage and exit. ++.TP ++.B \-\-force ++Force the generation of new configuration files even if these files ++already exist on the system. ++.SH FILES ++.TP 25 ++.B /etc/t1lib/t1lib.config ++Contains configuration information for t1lib, including ++colon-separated lists of paths to Type 1 font files and font metrics ++files, and the location of the default font database file ++.TP 25 ++.B /etc/t1lib/FontDataBase ++Contains a list of the names of Type 1 font files to be used by t1lib. ++.SH AUTHOR ++David Huggins-Daines <dhd@debian.org> ++.SH SEE ALSO ++.BR FontDataBase (5) ++ +--- t1lib-5.1.2.orig/debian/man/xglyph.1 ++++ t1lib-5.1.2/debian/man/xglyph.1 +@@ -0,0 +1,111 @@ ++.TH XGLYPH 1 ++.SH NAME ++xglyph \- demonstration program for the t1lib font rasterizer library. ++.SH SYNOPSIS ++.B xglyph ++[ ++.B fontfile... ++] ++.SH "DESCRIPTION" ++This manual page documents briefly the ++.BR xglyph ++program. ++This manual page was written for the Debian GNU/Linux distribution ++because the original program does not have a manual page. ++.PP ++.B xglyph ++is a program which demonstrates the capabilities of the ++.B t1lib ++library. It allows the user to view an arbitrary character or string ++rendered in the various ways pgossible with the library. By default, ++it writes a log file named \fIt1lib.log\fR in the current directory. ++.PP ++If invoked with no arguments, it will attempt to read the global ++configuration file and font database. It will also accept any number ++of filenames on the command line, in which case these are treated as ++font files to be loaded instead of the default font database. ++.SH "OPTIONS" ++.TP ++.BR \-\-help ++Shows a brief help text ++.TP ++.BR \-\-Help ++Shows a description of all options ++.TP ++.BR \-\-noGrid ++Don't draw grid lines when displaying glyphs ++.TP ++.BR \-\-setPad ++Set bitmap padding ++.TP ++.BR \-\-logError ++Log errors only ++.TP ++.BR \-\-logWarning ++Log errors and warnings ++.TP ++.BR \-\-logStatistic ++Log errors, warnings, and statistics ++.TP ++.BR \-\-logDebug ++Log just about everything ++.TP ++.BR \-\-ignoreForceBold ++Don't make pseudo-boldface glyphs ++.TP ++.BR \-\-ignoreFamilyAlignment ++.TP ++.BR \-\-ignoreHinting ++Ignore hints when scaling glyphs ++.TP ++.BR \-\-debugLine ++Show debugging info for line-drawing ++operations in the rasterizer ++.TP ++.BR \-\-debugRegion ++Show debugging info for region operations in ++the rasterizer ++.TP ++.BR \-\-debugPath ++Show debugging info for path operations in the ++rasterizer ++.TP ++.BR \-\-debugFont ++.TP ++.BR \-\-debugHint ++Show debugging info for hinting in the rasterizer. ++.TP ++.BR \-\-checkPerformance ++Do some simple performance tests while rasterizing. ++.TP ++.BR \-\-checkCopyFont ++Check that copying fonts works. ++.TP ++.BR \-\-checkConcatGlyphs ++Check that concatenating glyphs works. ++.TP ++.BR \-\-checkBadCharHandling ++.TP ++.BR \-\-checkDefaultEncoding ++Set a default encoding vector. ++.SH "ENVIRONMENT" ++In the Debian GNU/Linux version of this program, the environment ++variable ++.B T1LIB_CONFIG, ++if set, points to an alternate configuration ++file with which to initialize the library. ++.SH "SEE ALSO" ++.BR FontDataBase (5), ++.BR t1libconfig (8). ++.PP ++.B xglyph ++is much more fully documented in the LaTeX documentation that ++accompanies the upstream ++.B t1lib ++distribution. This documentation is installed in PostScript and source ++formats with the t1lib-dev package in /usr/share/doc/t1lib-dev, and is ++also accessible through the dwww system. ++.SH AUTHOR ++This manual page was written by David Huggins-Daines ++<dhd@debian.org>, for the Debian GNU/Linux system (but may ++be used by others). +--- t1lib-5.1.2.orig/debian/man/type1afm.1 ++++ t1lib-5.1.2/debian/man/type1afm.1 +@@ -0,0 +1,34 @@ ++.TH TYPE1AFM 1 ++.SH NAME ++.B type1afm ++\- create a font metrics file from a Type 1 font file ++.SH SYNOPSIS ++.B type1afm ++[ ++.BR \-l ++] ++.B fontfile ++[ ++.B fontfile... ++] ++.SH DESCRIPTION ++This manual page was written for the Debian GNU/Linux distribution ++because the original program does not have a manual page. ++.PP ++.B type1afm ++reads in Type 1 font files specified on the command line, rasterizes ++them to 1000bp, and writes AFM (font metrics) files based on the ++observed metrics information. ++.PP ++The AFM file is created in the same directory as the font file, so be ++sure that you have write access there before running this program. ++.SH OPTIONS ++.TP ++.BR \-l ++Write a log file ++.SH SEE ALSO ++.BR getafm (1) ++.SH AUTHOR ++This manual page was David Huggins-Daines <dhd@debian.org> ++for the Debian GNU/Linux distribution (but may be used by others) ++ diff --git a/patches/source/vsftpd/doinst.sh b/patches/source/vsftpd/doinst.sh new file mode 100644 index 00000000..f915774f --- /dev/null +++ b/patches/source/vsftpd/doinst.sh @@ -0,0 +1,15 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/vsftpd.conf.new +config etc/logrotate.d/vsftpd.new +rm -f etc/logrotate.d/vsftpd.new + diff --git a/patches/source/vsftpd/slack-desc b/patches/source/vsftpd/slack-desc new file mode 100644 index 00000000..82b9f521 --- /dev/null +++ b/patches/source/vsftpd/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +vsftpd: vsftpd (Very Secure FTP Daemon) +vsftpd: +vsftpd: vsftpd is an FTP server, or daemon. The 'vs' stands for Very Secure. +vsftpd: Obviously this is not a guarantee, but a reflection that the entire +vsftpd: codebase was written with security in mind, and carefully designed to +vsftpd: be resilient to attack (as well as extremely fast and scalable). +vsftpd: +vsftpd: The vsftpd homepage is http://vsftpd.beasts.org/ +vsftpd: +vsftpd: The Very Secure FTP Daemon was written by Chris Evans. +vsftpd: diff --git a/patches/source/vsftpd/vsftpd.SlackBuild b/patches/source/vsftpd/vsftpd.SlackBuild new file mode 100755 index 00000000..96d8dfbb --- /dev/null +++ b/patches/source/vsftpd/vsftpd.SlackBuild @@ -0,0 +1,106 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=vsftpd +VERSION=${VERSION:-$(echo ${PKGNAM}-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-vsftpd + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP || exit 1 +rm -rf vsftpd-$VERSION +tar xvf $CWD/vsftpd-$VERSION.tar.gz || exit 1 +cd vsftpd-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/vsftpd.builddefs.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/vsftpd.conf.diff.gz | patch -p1 --verbose || exit 1 + +make $NUMJOBS || make || exit 1 + +mkdir -p $PKG/usr/sbin +cp vsftpd $PKG/usr/sbin +chmod 755 $PKG/usr/sbin/vsftpd +strip --strip-unneeded $PKG/usr/sbin/vsftpd + +mkdir -p $PKG/usr/man/man{5,8} +cat vsftpd.conf.5 | gzip -9c > $PKG/usr/man/man5/vsftpd.conf.5.gz +cat vsftpd.8 | gzip -9c > $PKG/usr/man/man8/vsftpd.8.gz + +mkdir -p $PKG/etc +cat vsftpd.conf > $PKG/etc/vsftpd.conf.new + +mkdir -p $PKG/etc/logrotate.d +zcat $CWD/vsftpd.log.gz > $PKG/etc/logrotate.d/vsftpd.new + +mkdir -p $PKG/usr/share/empty +mkdir -p $PKG/home/ftp + +mkdir -p $PKG/usr/doc/vsftpd-$VERSION +cp -a \ + AUDIT BENCHMARKS BUGS COPYING* COPYRIGHT EXAMPLE FAQ \ + INSTALL LICENSE README* REFS REWARD SECURITY SIZE SPEED TODO TUNING \ + $PKG/usr/doc/vsftpd-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r Changelog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat Changelog | head -n 1000 > $DOCSDIR/Changelog + touch -r Changelog $DOCSDIR/Changelog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/vsftpd-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/vsftpd/vsftpd.builddefs.diff b/patches/source/vsftpd/vsftpd.builddefs.diff new file mode 100644 index 00000000..ea908139 --- /dev/null +++ b/patches/source/vsftpd/vsftpd.builddefs.diff @@ -0,0 +1,15 @@ +--- ./builddefs.h.orig 2004-07-02 07:36:59.000000000 -0700 ++++ ./builddefs.h 2004-09-03 11:25:13.000000000 -0700 +@@ -1,9 +1,9 @@ + #ifndef VSF_BUILDDEFS_H + #define VSF_BUILDDEFS_H + +-#undef VSF_BUILD_TCPWRAPPERS +-#define VSF_BUILD_PAM +-#undef VSF_BUILD_SSL ++#define VSF_BUILD_TCPWRAPPERS ++#undef VSF_BUILD_PAM ++#define VSF_BUILD_SSL + + #endif /* VSF_BUILDDEFS_H */ + diff --git a/patches/source/vsftpd/vsftpd.conf.diff b/patches/source/vsftpd/vsftpd.conf.diff new file mode 100644 index 00000000..1f410a7a --- /dev/null +++ b/patches/source/vsftpd/vsftpd.conf.diff @@ -0,0 +1,45 @@ +diff -Nur vsftpd-2.2.1.orig/vsftpd.conf vsftpd-2.2.1/vsftpd.conf +--- vsftpd-2.2.1.orig/vsftpd.conf 2009-10-18 21:04:23.000000000 -0500 ++++ vsftpd-2.2.1/vsftpd.conf 2009-10-19 10:22:16.609407947 -0500 +@@ -19,7 +19,7 @@ + # + # Default umask for local users is 077. You may wish to change this to 022, + # if your users expect that (022 is used by most other ftpd's) +-#local_umask=022 ++local_umask=022 + # + # Uncomment this to allow the anonymous FTP user to upload files. This only + # has an effect if the above global write enable is activated. Also, you will +@@ -48,11 +48,11 @@ + # + # You may override where the log file goes if you like. The default is shown + # below. +-#xferlog_file=/var/log/vsftpd.log ++xferlog_file=/var/log/vsftpd.log + # + # If you want, you can have your log file in standard ftpd xferlog format. + # Note that the default log file location is /var/log/xferlog in this case. +-#xferlog_std_format=YES ++xferlog_std_format=YES + # + # You may change the default value for timing out an idle session. + #idle_session_timeout=600 +@@ -101,12 +101,13 @@ + # default to avoid remote users being able to cause excessive I/O on large + # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume + # the presence of the "-R" option, so there is a strong case for enabling it. +-#ls_recurse_enable=YES ++ls_recurse_enable=YES + # +-# When "listen" directive is enabled, vsftpd runs in standalone mode and +-# listens on IPv4 sockets. This directive cannot be used in conjunction +-# with the listen_ipv6 directive. +-listen=YES ++# When "listen" directive is enabled, vsftpd runs in standalone mode (rather ++# than from inetd) and listens on IPv4 sockets. To use vsftpd in standalone ++# mode rather than with inetd, change the line below to 'listen=YES' ++# This directive cannot be used in conjunction with the listen_ipv6 directive. ++listen=NO + # + # This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6 + # sockets, you must run two copies of vsftpd with two configuration files. diff --git a/patches/source/vsftpd/vsftpd.log b/patches/source/vsftpd/vsftpd.log new file mode 100644 index 00000000..d338de81 --- /dev/null +++ b/patches/source/vsftpd/vsftpd.log @@ -0,0 +1,5 @@ +/var/log/vsftpd.log { + # ftpd doesn't handle SIGHUP properly + nocompress + missingok +} diff --git a/patches/source/wget/doinst.sh b/patches/source/wget/doinst.sh new file mode 100644 index 00000000..dd81eb50 --- /dev/null +++ b/patches/source/wget/doinst.sh @@ -0,0 +1,14 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/wgetrc.new + diff --git a/patches/source/wget/slack-desc b/patches/source/wget/slack-desc new file mode 100644 index 00000000..d023ea37 --- /dev/null +++ b/patches/source/wget/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +wget: wget (a non-interactive network retriever) +wget: +wget: GNU Wget is a free network utility to retrieve files from the +wget: World Wide Web using HTTP and FTP, the two most widely used Internet +wget: protocols. It works non-interactively, thus enabling work in the +wget: background after having logged off. +wget: +wget: The author of Wget is Hrvoje Niksic <hniksic@srce.hr>. +wget: +wget: +wget: diff --git a/patches/source/wget/wget.SlackBuild b/patches/source/wget/wget.SlackBuild new file mode 100755 index 00000000..2f4fbd82 --- /dev/null +++ b/patches/source/wget/wget.SlackBuild @@ -0,0 +1,109 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2012, 2013, 2014, 2015 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo wget-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-wget + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf wget-$VERSION +tar xvf $CWD/wget-$VERSION.tar.?z || exit 1 +cd wget-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --docdir=/usr/doc/wget-$VERSION \ + --with-ssl=openssl \ + --build=${ARCH}-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +mv $PKG/etc/wgetrc $PKG/etc/wgetrc.new + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +rm -f $PKG/usr/info/dir +gzip -9 $PKG/usr/info/* $PKG/usr/man/man?/* + +mkdir -p $PKG/usr/doc/wget-$VERSION +cp -a \ + AUTHORS COPYING* MAILING-LIST NEWS PATCHES README* TODO \ + $PKG/usr/doc/wget-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/wget-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/wicd/README.SLACKWARE b/patches/source/wicd/README.SLACKWARE new file mode 100644 index 00000000..e7a374dc --- /dev/null +++ b/patches/source/wicd/README.SLACKWARE @@ -0,0 +1,17 @@ +After installing this package, make sure the /etc/rc.d/rc.wicd +script is executable; if necessary, do: + chmod +x /etc/rc.d/rc.wicd + +Results have varied, but you will probably need/want to remove +any references to interfaces from /etc/rc.d/rc.inet1.conf - in +other words, make that file look as if netconfig has never been +run. + +When you start X, you should see a wicd icon in the system tray; +click on it to open the gui interface and configure as desired. +Your user account will need to be a member of the 'netdev' group +in order to use wicd. + +Note that urwid will need to be installed if you want to use the +curses client. Also, if you don't have kde installed, you won't +have a graphical sudo client available. diff --git a/patches/source/wicd/doinst.sh b/patches/source/wicd/doinst.sh new file mode 100644 index 00000000..78732c5b --- /dev/null +++ b/patches/source/wicd/doinst.sh @@ -0,0 +1,37 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +# Keep same perms on rc.wicd.new: +if [ -e etc/rc.d/rc.wicd ]; then + cp -a etc/rc.d/rc.wicd etc/rc.d/rc.wicd.new.incoming + cat etc/rc.d/rc.wicd.new > etc/rc.d/rc.wicd.new.incoming + mv etc/rc.d/rc.wicd.new.incoming etc/rc.d/rc.wicd.new +fi + +# Update desktop menu +if [ -x /usr/bin/update-desktop-database ]; then + /usr/bin/update-desktop-database -q usr/share/applications >/dev/null 2>&1 +fi + +# Update icon cache if one exists +if [ -r usr/share/icons/hicolor/icon-theme.cache ]; then + if [ -x /usr/bin/gtk-update-icon-cache ]; then + /usr/bin/gtk-update-icon-cache -t -f usr/share/icons/hicolor >/dev/null 2>&1 + fi +fi + +config etc/dbus-1/system.d/wicd.conf.new +config etc/rc.d/rc.wicd.new +config etc/wicd/manager-settings.conf.new +config etc/logrotate.d/wicd.logrotate.new + diff --git a/patches/source/wicd/slack-desc b/patches/source/wicd/slack-desc new file mode 100644 index 00000000..47cf875f --- /dev/null +++ b/patches/source/wicd/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler-------------------------------------------------------| +wicd: wicd (network manager for linux) +wicd: +wicd: wicd is a wired and wireless network manager for Linux. +wicd: Some features include: +wicd: - Ability to connect to wired and wireless networks +wicd: - Profiles for each wireless network and wired network +wicd: - Many encryption schemes, some of which include WEP/WPA/WPA2 +wicd: - Compatible with wireless-tools +wicd: +wicd: Homepage: http://wicd.net +wicd: diff --git a/patches/source/wicd/wicd-1.7.2.4.sanitize.string.bugfix.diff b/patches/source/wicd/wicd-1.7.2.4.sanitize.string.bugfix.diff new file mode 100644 index 00000000..4be44631 --- /dev/null +++ b/patches/source/wicd/wicd-1.7.2.4.sanitize.string.bugfix.diff @@ -0,0 +1,11 @@ +--- ./wicd/misc.py.orig 2012-04-30 14:20:09.000000000 -0500 ++++ ./wicd/misc.py 2012-05-09 14:08:24.611298308 -0500 +@@ -430,7 +430,7 @@ + """ Sanitize property names to be used in config-files. """ + allowed = string.ascii_letters + '_' + string.digits + table = string.maketrans(allowed, ' ' * len(allowed)) +- return s.translate(None, table) ++ return s.encode('ascii', 'replace').translate(None, table) + + def sanitize_escaped(s): + """ Sanitize double-escaped unicode strings. """ diff --git a/patches/source/wicd/wicd.SlackBuild b/patches/source/wicd/wicd.SlackBuild new file mode 100755 index 00000000..b6e765a2 --- /dev/null +++ b/patches/source/wicd/wicd.SlackBuild @@ -0,0 +1,100 @@ +#!/bin/sh + +# Copyright 2008,2009,2010,2011,2012 Robby Workman Northport, AL, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PRGNAM=wicd +VERSION=${VERSION:-1.7.2.4} +BUILD=${BUILD:-2_slack13.1} + +# Automatically determine architecture for build & packaging: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PRGNAM + +if [ "$ARCH" = "i486" ]; then + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PRGNAM-$VERSION +tar xvf $CWD/$PRGNAM-$VERSION.tar.xz || exit 1 +cd $PRGNAM-$VERSION || exit 1 +chown -R root:root . + +zcat $CWD/wicd-1.7.2.4.sanitize.string.bugfix.diff.gz | patch -p1 --verbose || exit 1 + +python setup.py configure \ + --lib=/usr/lib${LIBDIRSUFFIX}/wicd \ + --kdedir=/usr/share/autostart \ + --backends=/usr/lib${LIBDIRSUFFIX}/wicd/backends \ + || exit 1 + +# Bypass the need for pybabel (thanks, dapal!) +for pofile in $(find po/ -type f -name "*.po") ; do + mkdir -p translations/$(basename ${pofile} .po)/LC_MESSAGES + msgfmt -o translations/$(basename ${pofile} .po)/LC_MESSAGES/wicd.mo ${pofile} +done + +python setup.py install --root=$PKG || exit 1 + +# Handle some Slackware defaults +# Use dhcpcd as the dhcp client +# Use kdesu as the graphical sudo application +cat << EOF > $PKG/etc/wicd/manager-settings.conf.new +[Settings] +dhcp_client = 2 +sudo_app = 2 +EOF + +# Don't clobber configs on upgrade +mv $PKG/etc/dbus-1/system.d/wicd.conf $PKG/etc/dbus-1/system.d/wicd.conf.new +mv $PKG/etc/logrotate.d/wicd.logrotate $PKG/etc/logrotate.d/wicd.logrotate.new +mv $PKG/etc/rc.d/rc.wicd $PKG/etc/rc.d/rc.wicd.new + +# Compress the man pages and add a bit to the package docs +( cd $PKG/usr/man || exit 1 + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done +) +cat $CWD/README.SLACKWARE > $PKG/usr/doc/$PRGNAM-$VERSION/README.SLACKWARE + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -c n -l y $TMP/$PRGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/patches/source/xcb-proto/arch.use.flags b/patches/source/xcb-proto/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/xcb-proto/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/xcb-proto/build/xcb-proto b/patches/source/xcb-proto/build/xcb-proto new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/xcb-proto/build/xcb-proto @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/xcb-proto/configure/configure b/patches/source/xcb-proto/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/xcb-proto/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/xcb-proto/modularize b/patches/source/xcb-proto/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/xcb-proto/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/xcb-proto/noarch b/patches/source/xcb-proto/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/xcb-proto/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/xcb-proto/package-blacklist b/patches/source/xcb-proto/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/xcb-proto/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/xcb-proto/post-install/xcb-proto.post-install b/patches/source/xcb-proto/post-install/xcb-proto.post-install new file mode 100644 index 00000000..eb341027 --- /dev/null +++ b/patches/source/xcb-proto/post-install/xcb-proto.post-install @@ -0,0 +1,5 @@ +# Add documentation: +mkdir -p $PKG/usr/doc/xcb-proto-$MODULAR_PACKAGE_VERSION +cp -a \ + COPYING README \ + $PKG/usr/doc/xcb-proto-$MODULAR_PACKAGE_VERSION diff --git a/patches/source/xcb-proto/slack-desc/xcb-proto b/patches/source/xcb-proto/slack-desc/xcb-proto new file mode 100644 index 00000000..c66b7140 --- /dev/null +++ b/patches/source/xcb-proto/slack-desc/xcb-proto @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xcb-proto: xcb-proto (X protocol C-language Binding protocol descriptions) +xcb-proto: +xcb-proto: xcb-proto provides the XML-XCB protocol descriptions that libxcb +xcb-proto: uses to generate the majority of its code and API. We provide them +xcb-proto: separately from libxcb to allow reuse by other projects, such as +xcb-proto: additional language bindings, protocol dissectors, or documentation +xcb-proto: generators. +xcb-proto: +xcb-proto: +xcb-proto: +xcb-proto: diff --git a/patches/source/xcb-proto/x11.SlackBuild b/patches/source/xcb-proto/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/xcb-proto/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/xcb-proto/xcb-proto.SlackBuild b/patches/source/xcb-proto/xcb-proto.SlackBuild new file mode 100755 index 00000000..84fbe97b --- /dev/null +++ b/patches/source/xcb-proto/xcb-proto.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild xcb xcb-proto +mv /tmp/x11-build/xcb-proto*txz /tmp diff --git a/patches/source/xextproto/arch.use.flags b/patches/source/xextproto/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/xextproto/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/xextproto/build/xextproto b/patches/source/xextproto/build/xextproto new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/xextproto/build/xextproto @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/xextproto/configure/configure b/patches/source/xextproto/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/xextproto/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/xextproto/modularize b/patches/source/xextproto/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/xextproto/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/xextproto/noarch b/patches/source/xextproto/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/xextproto/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/xextproto/package-blacklist b/patches/source/xextproto/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/xextproto/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/xextproto/slack-desc/xextproto b/patches/source/xextproto/slack-desc/xextproto new file mode 100644 index 00000000..6ea870d0 --- /dev/null +++ b/patches/source/xextproto/slack-desc/xextproto @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xextproto: xextproto (C prototypes for X Protocol Extensions) +xextproto: +xextproto: xextproto is part of X11. +xextproto: +xextproto: For more information about the X.Org Foundation (the providers of the +xextproto: X.Org implementation of the X Window System), see their website: +xextproto: +xextproto: http://www.x.org +xextproto: +xextproto: +xextproto: diff --git a/patches/source/xextproto/x11.SlackBuild b/patches/source/xextproto/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/xextproto/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/xextproto/xextproto.SlackBuild b/patches/source/xextproto/xextproto.SlackBuild new file mode 100755 index 00000000..a61c5c38 --- /dev/null +++ b/patches/source/xextproto/xextproto.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild proto xextproto +mv /tmp/x11-build/xextproto*txz /tmp diff --git a/patches/source/xorg-server/arch.use.flags b/patches/source/xorg-server/arch.use.flags new file mode 100644 index 00000000..f28a6cca --- /dev/null +++ b/patches/source/xorg-server/arch.use.flags @@ -0,0 +1,7 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/xorg-server/build/xorg-server b/patches/source/xorg-server/build/xorg-server new file mode 100644 index 00000000..e7b87ee3 --- /dev/null +++ b/patches/source/xorg-server/build/xorg-server @@ -0,0 +1 @@ +4_slack13.1 diff --git a/patches/source/xorg-server/configure/xorg-server b/patches/source/xorg-server/configure/xorg-server new file mode 100644 index 00000000..943797bf --- /dev/null +++ b/patches/source/xorg-server/configure/xorg-server @@ -0,0 +1,41 @@ +# Servers to build: +BUILD_SERVERS="--enable-xorg \ + --enable-xvfb \ + --enable-xnest \ + --enable-kdrive \ + --enable-xephyr \ + --enable-xsdl \ + --enable-xfbdev" + +MESA_VERSION=${MESA_VERSION:-7.5} # unused in 1.7.x + +# Default font paths to be used by the X server +DEF_FONTPATH="/usr/share/fonts/local,/usr/share/fonts/TTF,/usr/share/fonts/OTF,/usr/share/fonts/Type1,/usr/share/fonts/misc,/usr/share/fonts/CID,/usr/share/fonts/75dpi/:unscaled,/usr/share/fonts/100dpi/:unscaled,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/cyrillic" + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --disable-static \ + --with-pic \ + --with-int10=x86emu \ + --with-default-font-path="${DEF_FONTPATH}" \ + --with-module-dir=/usr/lib${LIBDIRSUFFIX}/xorg/modules \ + --with-dri-driver-path=/usr/lib${LIBDIRSUFFIX}/xorg/modules/dri \ + --with-os-name="Slackware 13.1" \ + --with-os-vendor="Slackware Linux Project" \ + --with-xkb-path=/etc/X11/xkb \ + --with-xkb-output=/var/lib/xkb \ + $BUILD_SERVERS \ + --build=$ARCH-slackware-linux + +if [ "$ARCH" = "x86_64" ]; then + # To prevent the error "No rule to make target `-ldl'" + sed -i -e 's#-ldl##' hw/xfree86/Makefile + sed -i -e 's#-lm#-lm -ldl#' hw/xfree86/Makefile +fi + diff --git a/patches/source/xorg-server/makepkg/xorg-server b/patches/source/xorg-server/makepkg/xorg-server new file mode 100644 index 00000000..67b93c97 --- /dev/null +++ b/patches/source/xorg-server/makepkg/xorg-server @@ -0,0 +1,35 @@ + +rm -r ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/usr/bin +mv $PKG/usr/bin/Xnest ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/usr/bin +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/usr/man/man1 +mv $PKG/usr/man/man1/Xnest.1.gz ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/usr/man/man1 +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/install +cat $CWD/slack-desc/xorg-server-xnest > ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/install/slack-desc +cd ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest +/sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/xorg-server-xnest-${MODULAR_PACKAGE_VERSION}-$ARCH-$BUILD.txz + +rm -r ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/usr/bin +mv $PKG/usr/bin/Xvfb ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/usr/bin +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/usr/man/man1 +mv $PKG/usr/man/man1/Xvfb.1.gz ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/usr/man/man1 +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/install +cat $CWD/slack-desc/xorg-server-xvfb > ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/install/slack-desc +cd ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb +/sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/xorg-server-xvfb-${MODULAR_PACKAGE_VERSION}-$ARCH-$BUILD.txz + +rm -r ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/usr/bin +mv $PKG/usr/bin/Xephyr ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/usr/bin +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/usr/man/man1 +mv $PKG/usr/man/man1/Xephyr.1.gz ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/usr/man/man1 +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/install +cat $CWD/slack-desc/xorg-server-xephyr > ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/install/slack-desc +cd ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr +/sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/xorg-server-xephyr-${MODULAR_PACKAGE_VERSION}-$ARCH-$BUILD.txz + +# Build the main xorg-server package: +cd $PKG +/sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/xorg-server-${MODULAR_PACKAGE_VERSION}-$ARCH-$BUILD.txz + diff --git a/patches/source/xorg-server/modularize b/patches/source/xorg-server/modularize new file mode 100644 index 00000000..d6eb2f68 --- /dev/null +++ b/patches/source/xorg-server/modularize @@ -0,0 +1,265 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/xorg-server/noarch b/patches/source/xorg-server/noarch new file mode 100644 index 00000000..480ffc26 --- /dev/null +++ b/patches/source/xorg-server/noarch @@ -0,0 +1,76 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-cf-files +xorg-docs +xproto +xtrans diff --git a/patches/source/xorg-server/package-blacklist b/patches/source/xorg-server/package-blacklist new file mode 100644 index 00000000..37762499 --- /dev/null +++ b/patches/source/xorg-server/package-blacklist @@ -0,0 +1,39 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/xorg-server/patch/xorg-server.patch b/patches/source/xorg-server/patch/xorg-server.patch new file mode 100644 index 00000000..5fd59a64 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server.patch @@ -0,0 +1,6 @@ +zcat $CWD/patch/xorg-server/x11.startwithblackscreen.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patch/xorg-server/xorg-server.fb.fbpict.c.mod.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patch/xorg-server/xorg-server.CVE-2010-2240.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patch/xorg-server/xorg-server.CVE-2013-4396.diff.gz | patch -p1 -l --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/xorg-server/xorg-server.CVE-2017-10971.diff.gz | patch -p1 -l --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/xorg-server/xorg-server.CVE-2017-10972.diff.gz | patch -p1 -l --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } diff --git a/patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff b/patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff new file mode 100644 index 00000000..bfa9c305 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff @@ -0,0 +1,13 @@ +--- ./dix/window.c.orig 2007-01-22 23:39:15.000000000 -0600 ++++ ./dix/window.c 2007-02-14 03:21:03.000000000 -0600 +@@ -140,8 +140,8 @@ + * + ******/ + +-static unsigned char _back_lsb[4] = {0x88, 0x22, 0x44, 0x11}; +-static unsigned char _back_msb[4] = {0x11, 0x44, 0x22, 0x88}; ++static unsigned char _back_lsb[4] = {0x00, 0x00, 0x00, 0x00}; ++static unsigned char _back_msb[4] = {0x00, 0x00, 0x00, 0x00}; + + _X_EXPORT int screenIsSaved = SCREEN_SAVER_OFF; + diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2010-2240.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2010-2240.diff new file mode 100644 index 00000000..0001df45 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2010-2240.diff @@ -0,0 +1,130 @@ +--- ./os/osinit.c.orig 2010-04-20 21:00:27.000000000 -0500 ++++ ./os/osinit.c 2010-08-20 12:25:00.116604519 -0500 +@@ -96,6 +96,14 @@ + #ifdef RLIMIT_NOFILE + int limitNoFile = -1; + #endif ++#ifdef RLIMIT_AS ++#ifdef _XSERVER64 ++#define XORG_AS_LIMIT 10737418240LL ++#else ++#define XORG_AS_LIMIT 1610612736 ++#endif ++long limitAddressSpace = XORG_AS_LIMIT; ++#endif + + static OsSigWrapperPtr OsSigWrapper = NULL; + +@@ -302,6 +310,22 @@ + } + } + #endif ++#ifdef RLIMIT_AS ++ if (limitAddressSpace >= 0) ++ { ++ struct rlimit rlim; ++ ++ if (!getrlimit(RLIMIT_AS, &rlim)) ++ { ++ if ((limitAddressSpace > 0) ++ && (limitAddressSpace < rlim.rlim_max)) ++ rlim.rlim_cur = limitAddressSpace; ++ else ++ rlim.rlim_cur = rlim.rlim_max; ++ (void)setrlimit(RLIMIT_AS, &rlim); ++ } ++ } ++#endif + LockServer(); + been_here = TRUE; + } +--- ./os/utils.c.orig 2010-05-03 19:48:00.000000000 -0500 ++++ ./os/utils.c 2010-08-20 12:26:06.448480889 -0500 +@@ -63,6 +63,36 @@ + __stdcall unsigned long GetTickCount(void); + #endif + ++/* ++ * issetugid() ++ * ++ * Copyright (C) - 2007 Robert Connolly ++ * ++ * Permission to reproduce, copy, delete, distribute, transmit, use, modify, ++ * build upon or otherwise exploit this software, in any form, for any ++ * purpose, in any way, and by anyone, including by methods that have not ++ * yet been invented or conceived, is hereby granted. ++ */ ++#include <unistd.h> ++extern int __libc_enable_secure; ++int issetugid(void) ++{ ++ if (__libc_enable_secure) ++ { ++ return 1; ++ } ++ if (getuid() != geteuid()) ++ { ++ return 1; ++ } ++ if (getgid() != getegid()) ++ { ++ return 1; ++ } ++ /* Else */ ++ return 0; ++} ++ + #if defined(WIN32) && !defined(__CYGWIN__) + #include <X11/Xwinsock.h> + #endif +@@ -758,6 +788,22 @@ + UseMsg(); + } + #endif ++#ifdef RLIMIT_AS ++ else if ( strcmp( argv[i], "-la") == 0) ++ { ++ if (getuid() != 0 && issetugid()) { ++ FatalError("The '-la' option can only be used by root.\n"); ++ } ++ if(++i < argc) ++ { ++ limitAddressSpace = atol(argv[i]); ++ if (limitAddressSpace > 0) ++ limitAddressSpace *= 1024; ++ } ++ else ++ UseMsg(); ++ } ++#endif + #ifdef SERVER_LOCK + else if ( strcmp ( argv[i], "-nolock") == 0) + { +--- ./doc/Xserver.man.pre.orig 2010-05-03 19:47:58.000000000 -0500 ++++ ./doc/Xserver.man.pre 2010-08-20 12:25:00.116604519 -0500 +@@ -293,6 +293,13 @@ + A value of zero makes the stack size as large as possible. The default value + of \-1 leaves the stack space limit unchanged. + .TP 8 ++.B \-la \fIkilobytes\fP ++sets the address space limit of the server to the specified number of ++kilobytes. ++A value of zero makes address space as large as possible. ++The default value is 1572864 (1.5GB) on 32 bit architectures and ++10485760 (10GB) on 64 bit architectures. ++.TP 8 + .B \-logo + turns on the X Window System logo display in the screen-saver. + There is currently no way to change this from a client. +--- ./include/opaque.h.orig 2010-04-20 21:00:27.000000000 -0500 ++++ ./include/opaque.h 2010-08-20 12:25:00.116604519 -0500 +@@ -67,6 +67,9 @@ + #ifdef RLIMIT_NOFILE + extern _X_EXPORT int limitNoFile; + #endif ++#ifdef RLIMIT_AS ++extern _X_EXPORT int limitAddressSpace; ++#endif + extern _X_EXPORT Bool defeatAccessControl; + extern _X_EXPORT long maxBigRequestSize; + extern _X_EXPORT Bool party_like_its_1989; diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2013-4396.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2013-4396.diff new file mode 100644 index 00000000..dc4d0a25 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2013-4396.diff @@ -0,0 +1,42 @@ +--- ./dix/dixfonts.c.orig 2010-05-03 19:47:57.000000000 -0500 ++++ ./dix/dixfonts.c 2013-10-09 21:45:40.215770648 -0500 +@@ -1508,6 +1508,7 @@ + GC *pGC; + unsigned char *data; + ITclosurePtr new_closure; ++ ITclosurePtr old_closure; + + /* We're putting the client to sleep. We need to + save some state. Similar problem to that handled +@@ -1520,6 +1521,7 @@ + err = BadAlloc; + goto bail; + } ++ old_closure = c; + *new_closure = *c; + c = new_closure; + +@@ -1527,6 +1529,7 @@ + if (!data) + { + xfree(c); ++ c = old_closure; + err = BadAlloc; + goto bail; + } +@@ -1538,6 +1541,7 @@ + { + xfree(c->data); + xfree(c); ++ c = old_closure; + err = BadAlloc; + goto bail; + } +@@ -1551,6 +1555,7 @@ + FreeScratchGC(pGC); + xfree(c->data); + xfree(c); ++ c = old_closure; + err = BadAlloc; + goto bail; + } diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10971.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10971.diff new file mode 100644 index 00000000..25f09ee1 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10971.diff @@ -0,0 +1,21 @@ +--- ./Xi/sendexev.c.orig 2010-04-30 04:26:35.000000000 -0500 ++++ ./Xi/sendexev.c 2017-08-15 14:58:25.709950954 -0500 +@@ -95,9 +95,17 @@ + + eventP = (xEvent *) & stuff[1]; + for (i = 0; i < stuff->num_events; i++, eventP++) { ++ if (eventP->u.u.type == GenericEvent) { ++ client->errorValue = eventP->u.u.type; ++ return BadValue; ++ } ++ + proc = EventSwapVector[eventP->u.u.type & 0177]; +- if (proc == NotImplemented) /* no swapping proc; invalid event type? */ ++ /* no swapping proc; invalid event type? */ ++ if (proc == NotImplemented) { ++ client->errorValue = eventP->u.u.type; + return (BadValue); ++ } + (*proc) (eventP, &eventT); + *eventP = eventT; + } diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10972.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10972.diff new file mode 100644 index 00000000..edddc8d6 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10972.diff @@ -0,0 +1,36 @@ +From 05442de962d3dc624f79fc1a00eca3ffc5489ced Mon Sep 17 00:00:00 2001 +From: Michal Srb <msrb@suse.com> +Date: Wed, 24 May 2017 15:54:39 +0300 +Subject: Xi: Zero target buffer in SProcXSendExtensionEvent. + +Make sure that the xEvent eventT is initialized with zeros, the same way as +in SProcSendEvent. + +Some event swapping functions do not overwrite all 32 bytes of xEvent +structure, for example XSecurityAuthorizationRevoked. Two cooperating +clients, one swapped and the other not, can send +XSecurityAuthorizationRevoked event to each other to retrieve old stack data +from X server. This can be potentialy misused to go around ASLR or +stack-protector. + +Signed-off-by: Michal Srb <msrb@suse.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> + +diff --git a/Xi/sendexev.c b/Xi/sendexev.c +index 11d8202..1cf118a 100644 +--- a/Xi/sendexev.c ++++ b/Xi/sendexev.c +@@ -78,7 +78,7 @@ SProcXSendExtensionEvent(ClientPtr client) + { + CARD32 *p; + int i; +- xEvent eventT; ++ xEvent eventT = { .u.u.type = 0 }; + xEvent *eventP; + EventSwapPtr proc; + +-- +cgit v0.10.2 + + diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.fb.fbpict.c.mod.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.fb.fbpict.c.mod.diff new file mode 100644 index 00000000..f8abdccb --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.fb.fbpict.c.mod.diff @@ -0,0 +1,11 @@ +--- ./fb/fbpict.c.orig 2010-03-11 22:38:21.000000000 -0600 ++++ ./fb/fbpict.c 2010-04-29 14:14:52.000000000 -0500 +@@ -37,7 +37,7 @@ + #include "mipict.h" + #include "fbpict.h" + +-#define mod(a,b) ((b) == 1 ? 0 : (a) >= 0 ? (a) % (b) : (b) - (-a) % (b)) ++#define mod(a,b) ((b) == 1 ? 0 : (a) >= 0 ? (a) % (b) : (b) - (-(a)) % (b)) + + void + fbWalkCompositeRegion (CARD8 op, diff --git a/patches/source/xorg-server/post-install/xorg-server.post-install b/patches/source/xorg-server/post-install/xorg-server.post-install new file mode 100644 index 00000000..0185cb70 --- /dev/null +++ b/patches/source/xorg-server/post-install/xorg-server.post-install @@ -0,0 +1,17 @@ +# Add COPYING file: +mkdir -p $PKG/usr/doc/xorg-server-$MODULAR_PACKAGE_VERSION +cp -a COPYING $PKG/usr/doc/xorg-server-$MODULAR_PACKAGE_VERSION + +# Don't mess with my /var/log/ permissions: +rmdir $PKG/var/log +rmdir $PKG/var + +# While I hate to have X11 take over another generic-sounding +# piece of prime filesystem real estate, this symlink will +# direct (for now) proprietary X drivers into the corrent +# location: + +( cd $PKG/usr/lib + rm -rf modules + ln -sf xorg/modules . +) diff --git a/patches/source/xorg-server/slack-desc/xorg-server b/patches/source/xorg-server/slack-desc/xorg-server new file mode 100644 index 00000000..9d25b405 --- /dev/null +++ b/patches/source/xorg-server/slack-desc/xorg-server @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xorg-server: xorg-server (The Xorg server, the core of the X Window System) +xorg-server: +xorg-server: Xorg is a full featured X server that was originally designed for UNIX +xorg-server: and UNIX-like operating systems running on Intel x86 hardware. It now +xorg-server: runs on a wider range of hardware and OS platforms. This work was +xorg-server: derived by the X.Org Foundation from the XFree86 Project's XFree86 +xorg-server: 4.4rc2 release. The XFree86 release was originally derived from X386 +xorg-server: 1.2 by Thomas Roell which was contributed to X11R5 by Snitily Graphics +xorg-server: Consulting Service. +xorg-server: +xorg-server: The home page for the X project is: http://www.x.org diff --git a/patches/source/xorg-server/slack-desc/xorg-server-xephyr b/patches/source/xorg-server/slack-desc/xorg-server-xephyr new file mode 100644 index 00000000..640f3d18 --- /dev/null +++ b/patches/source/xorg-server/slack-desc/xorg-server-xephyr @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xorg-server-xephyr: xorg-server-xephyr (Improved nested X server/client) +xorg-server-xephyr: +xorg-server-xephyr: Xephyr is a nested X-Client like Xnest, but with some additional +xorg-server-xephyr: features like XRender support. +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: diff --git a/patches/source/xorg-server/slack-desc/xorg-server-xnest b/patches/source/xorg-server/slack-desc/xorg-server-xnest new file mode 100644 index 00000000..393f93bd --- /dev/null +++ b/patches/source/xorg-server/slack-desc/xorg-server-xnest @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xorg-server-xnest: xorg-server-xnest (a nested X server) +xorg-server-xnest: +xorg-server-xnest: Xnest is an experimental nested server for X that acts as both a +xorg-server-xnest: client and a server. Xnest is a client of the real server which +xorg-server-xnest: manages windows and graphics requests on its behalf. Xnest is a +xorg-server-xnest: server to its own clients. Xnest manages windows and graphics +xorg-server-xnest: requests on their behalf. To these clients Xnest appears to be a +xorg-server-xnest: conventional server. +xorg-server-xnest: +xorg-server-xnest: +xorg-server-xnest: diff --git a/patches/source/xorg-server/slack-desc/xorg-server-xvfb b/patches/source/xorg-server/slack-desc/xorg-server-xvfb new file mode 100644 index 00000000..aff9c642 --- /dev/null +++ b/patches/source/xorg-server/slack-desc/xorg-server-xvfb @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xorg-server-xvfb: xorg-server-xvfb (virtual framebuffer X server) +xorg-server-xvfb: +xorg-server-xvfb: Xvfb is an X server that can run on machines with no display hardware +xorg-server-xvfb: and no physical input devices. It emulates a dumb framebuffer using +xorg-server-xvfb: virtual memory. The primary use of this server is intended to be +xorg-server-xvfb: server testing. The mfb or cfb code for any depth can be exercised +xorg-server-xvfb: with this server without the need for real hardware that supports the +xorg-server-xvfb: desired depths. A secondary use is testing clients against unusual +xorg-server-xvfb: depths and screen configurations. +xorg-server-xvfb: +xorg-server-xvfb: diff --git a/patches/source/xorg-server/x11.SlackBuild b/patches/source/xorg-server/x11.SlackBuild new file mode 100755 index 00000000..ca729708 --- /dev/null +++ b/patches/source/xorg-server/x11.SlackBuild @@ -0,0 +1,364 @@ +#!/bin/sh +# Copyright 2007-2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc driver font xserver ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/xorg-server/xorg-server.SlackBuild b/patches/source/xorg-server/xorg-server.SlackBuild new file mode 100755 index 00000000..688448ec --- /dev/null +++ b/patches/source/xorg-server/xorg-server.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild xserver xorg-server +mv /tmp/x11-build/*txz /tmp diff --git a/patches/source/xpdf/doinst.sh b/patches/source/xpdf/doinst.sh new file mode 100644 index 00000000..03a6ae85 --- /dev/null +++ b/patches/source/xpdf/doinst.sh @@ -0,0 +1,19 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/xpdfrc.new + +if [ -x /usr/bin/update-desktop-database ]; then + /usr/bin/update-desktop-database -q usr/share/applications >/dev/null 2>&1 +fi + diff --git a/patches/source/xpdf/lang/xpdf-arabic.diff b/patches/source/xpdf/lang/xpdf-arabic.diff new file mode 100644 index 00000000..006e836a --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-arabic.diff @@ -0,0 +1,7 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.102417270 -0500 +@@ -1,3 +1,3 @@ + #----- begin Arabic support package (2011-aug-15) +-unicodeMap ISO-8859-6 /usr/local/share/xpdf/arabic/ISO-8859-6.unicodeMap ++unicodeMap ISO-8859-6 /usr/share/xpdf/arabic/ISO-8859-6.unicodeMap + #----- end Arabic support package diff --git a/patches/source/xpdf/lang/xpdf-chinese-simplified.diff b/patches/source/xpdf/lang/xpdf-chinese-simplified.diff new file mode 100644 index 00000000..bec5e25b --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-chinese-simplified.diff @@ -0,0 +1,19 @@ +--- ./add-to-xpdfrc.orig 2011-09-02 17:24:44.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:45:42.020412765 -0500 +@@ -1,9 +1,9 @@ + #----- begin Chinese Simplified support package (2011-sep-02) +-cidToUnicode Adobe-GB1 /usr/local/share/xpdf/chinese-simplified/Adobe-GB1.cidToUnicode +-unicodeMap ISO-2022-CN /usr/local/share/xpdf/chinese-simplified/ISO-2022-CN.unicodeMap +-unicodeMap EUC-CN /usr/local/share/xpdf/chinese-simplified/EUC-CN.unicodeMap +-unicodeMap GBK /usr/local/share/xpdf/chinese-simplified/GBK.unicodeMap +-cMapDir Adobe-GB1 /usr/local/share/xpdf/chinese-simplified/CMap +-toUnicodeDir /usr/local/share/xpdf/chinese-simplified/CMap +-#fontFileCC Adobe-GB1 /usr/..../gkai00mp.ttf ++cidToUnicode Adobe-GB1 /usr/share/xpdf/chinese-simplified/Adobe-GB1.cidToUnicode ++unicodeMap ISO-2022-CN /usr/share/xpdf/chinese-simplified/ISO-2022-CN.unicodeMap ++unicodeMap EUC-CN /usr/share/xpdf/chinese-simplified/EUC-CN.unicodeMap ++unicodeMap GBK /usr/share/xpdf/chinese-simplified/GBK.unicodeMap ++cMapDir Adobe-GB1 /usr/share/xpdf/chinese-simplified/CMap ++toUnicodeDir /usr/share/xpdf/chinese-simplified/CMap ++fontFileCC Adobe-GB1 /usr/share/fonts/TTF/wqy-zenhei.ttc + #----- end Chinese Simplified support package diff --git a/patches/source/xpdf/lang/xpdf-chinese-traditional.diff b/patches/source/xpdf/lang/xpdf-chinese-traditional.diff new file mode 100644 index 00000000..24857f46 --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-chinese-traditional.diff @@ -0,0 +1,17 @@ +--- ./add-to-xpdfrc.orig 2011-09-02 17:24:44.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:46:03.285412085 -0500 +@@ -1,8 +1,8 @@ + #----- begin Chinese Traditional support package (2011-sep-02) +-cidToUnicode Adobe-CNS1 /usr/local/share/xpdf/chinese-traditional/Adobe-CNS1.cidToUnicode +-unicodeMap Big5 /usr/local/share/xpdf/chinese-traditional/Big5.unicodeMap +-unicodeMap Big5ascii /usr/local/share/xpdf/chinese-traditional/Big5ascii.unicodeMap +-cMapDir Adobe-CNS1 /usr/local/share/xpdf/chinese-traditional/CMap +-toUnicodeDir /usr/local/share/xpdf/chinese-traditional/CMap +-#fontFileCC Adobe-CNS1 /usr/..../bkai00mp.ttf ++cidToUnicode Adobe-CNS1 /usr/share/xpdf/chinese-traditional/Adobe-CNS1.cidToUnicode ++unicodeMap Big5 /usr/share/xpdf/chinese-traditional/Big5.unicodeMap ++unicodeMap Big5ascii /usr/share/xpdf/chinese-traditional/Big5ascii.unicodeMap ++cMapDir Adobe-CNS1 /usr/share/xpdf/chinese-traditional/CMap ++toUnicodeDir /usr/share/xpdf/chinese-traditional/CMap ++fontFileCC Adobe-CNS1 /usr/share/fonts/TTF/wqy-zenhei.ttc + #----- end Chinese Traditional support package diff --git a/patches/source/xpdf/lang/xpdf-cyrillic.diff b/patches/source/xpdf/lang/xpdf-cyrillic.diff new file mode 100644 index 00000000..c453271a --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-cyrillic.diff @@ -0,0 +1,9 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.115417270 -0500 +@@ -1,4 +1,4 @@ + #----- begin Cyrillic support package (2011-aug-15) +-nameToUnicode /usr/local/share/xpdf/cyrillic/Bulgarian.nameToUnicode +-unicodeMap KOI8-R /usr/local/share/xpdf/cyrillic/KOI8-R.unicodeMap ++nameToUnicode /usr/share/xpdf/cyrillic/Bulgarian.nameToUnicode ++unicodeMap KOI8-R /usr/share/xpdf/cyrillic/KOI8-R.unicodeMap + #----- end Cyrillic support package diff --git a/patches/source/xpdf/lang/xpdf-greek.diff b/patches/source/xpdf/lang/xpdf-greek.diff new file mode 100644 index 00000000..2e846160 --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-greek.diff @@ -0,0 +1,9 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.116417270 -0500 +@@ -1,4 +1,4 @@ + #----- begin Greek support package (2011-aug-15) +-nameToUnicode /usr/local/share/xpdf/greek/Greek.nameToUnicode +-unicodeMap ISO-8859-7 /usr/local/share/xpdf/greek/ISO-8859-7.unicodeMap ++nameToUnicode /usr/share/xpdf/greek/Greek.nameToUnicode ++unicodeMap ISO-8859-7 /usr/share/xpdf/greek/ISO-8859-7.unicodeMap + #----- end Greek support package diff --git a/patches/source/xpdf/lang/xpdf-hebrew.diff b/patches/source/xpdf/lang/xpdf-hebrew.diff new file mode 100644 index 00000000..2c27bb6f --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-hebrew.diff @@ -0,0 +1,9 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.117417269 -0500 +@@ -1,4 +1,4 @@ + #----- begin Hebrew support package (2011-aug-15) +-unicodeMap ISO-8859-8 /usr/local/share/xpdf/hebrew/ISO-8859-8.unicodeMap +-unicodeMap Windows-1255 /usr/local/share/xpdf/hebrew/Windows-1255.unicodeMap ++unicodeMap ISO-8859-8 /usr/share/xpdf/hebrew/ISO-8859-8.unicodeMap ++unicodeMap Windows-1255 /usr/share/xpdf/hebrew/Windows-1255.unicodeMap + #----- end Hebrew support package diff --git a/patches/source/xpdf/lang/xpdf-japanese.diff b/patches/source/xpdf/lang/xpdf-japanese.diff new file mode 100644 index 00000000..ff0c6e98 --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-japanese.diff @@ -0,0 +1,55 @@ +--- ./add-to-xpdfrc.orig 2013-03-29 14:49:00.000000000 +0900 ++++ ./add-to-xpdfrc 2013-03-29 15:00:17.000000000 +0900 +@@ -1,9 +1,45 @@ + #----- begin Japanese support package (2011-sep-02) +-cidToUnicode Adobe-Japan1 /usr/local/share/xpdf/japanese/Adobe-Japan1.cidToUnicode +-unicodeMap ISO-2022-JP /usr/local/share/xpdf/japanese/ISO-2022-JP.unicodeMap +-unicodeMap EUC-JP /usr/local/share/xpdf/japanese/EUC-JP.unicodeMap +-unicodeMap Shift-JIS /usr/local/share/xpdf/japanese/Shift-JIS.unicodeMap +-cMapDir Adobe-Japan1 /usr/local/share/xpdf/japanese/CMap +-toUnicodeDir /usr/local/share/xpdf/japanese/CMap +-#fontFileCC Adobe-Japan1 /usr/..../kochi-mincho.ttf ++cidToUnicode Adobe-Japan1 /usr/share/xpdf/japanese/Adobe-Japan1.cidToUnicode ++unicodeMap ISO-2022-JP /usr/share/xpdf/japanese/ISO-2022-JP.unicodeMap ++unicodeMap EUC-JP /usr/share/xpdf/japanese/EUC-JP.unicodeMap ++unicodeMap Shift-JIS /usr/share/xpdf/japanese/Shift-JIS.unicodeMap ++cMapDir Adobe-Japan1 /usr/share/xpdf/japanese/CMap ++toUnicodeDir /usr/share/xpdf/japanese/CMap ++### use Sazanami by default ++fontFileCC Adobe-Japan1 /usr/share/fonts/TTF/sazanami-mincho.ttf ++### use Sazanami (Sazanami Gothic) if gothic font is required ++fontFileCC ShinGo-Bold /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC ShinGo-regular /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC MidashiGo-MB31 /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC FutoGoB101-Bold /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC HeiseiKakuGo-W5 /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC HeiseiKakuGo-W9 /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC HeiseiMaruGo-W4 /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC MS-Gothic /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC HG-GothicB /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC Kochi-Gothic /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC GothicBBB-Medium-H /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC GothicBBB-Medium /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC Ryumin-Light-H /usr/share/fonts/TTF/sazanami-mincho.ttf ++fontFileCC Ryumin-Light /usr/share/fonts/TTF/sazanami-mincho.ttf ++### make default font name to "Ryumin-Light" when converted to PostScript ++psResidentFontCC Adobe-Japan1 H Ryumin-Light-H ISO-2022-JP ++psResidentFontCC Adobe-Japan1 V Ryumin-Light-V ISO-2022-JP ++# use "Gothic-BBB-Medium" if gothic font is required ++psResidentFont16 MidashiGo-MB31 H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 MidashiGo-MB31 V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 FutoGoB101-Bold H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 FutoGoB101-Bold V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 HeiseiKakuGo-W5 H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 HeiseiKakuGo-W5 V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 HeiseiKakuGo-W9 H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 HeiseiKakuGo-W9 V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 HeiseiMaruGo-W4 H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 HeiseiMaruGo-W4 V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 MS-Gothic H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 MS-Gothic V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 HG-GothicB H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 HG-GothicB V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 Kochi-Gothic H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 Kochi-Gothic V GothicBBB-Medium-V ISO-2022-JP + #----- end Japanese support package diff --git a/patches/source/xpdf/lang/xpdf-korean.diff b/patches/source/xpdf/lang/xpdf-korean.diff new file mode 100644 index 00000000..531ad629 --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-korean.diff @@ -0,0 +1,15 @@ +--- ./add-to-xpdfrc.orig 2011-09-02 17:24:45.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.119417269 -0500 +@@ -1,8 +1,8 @@ + #----- begin Korean support package (2011-sep-02) +-cidToUnicode Adobe-Korea1 /usr/local/share/xpdf/korean/Adobe-Korea1.cidToUnicode +-unicodeMap ISO-2022-KR /usr/local/share/xpdf/korean/ISO-2022-KR.unicodeMap +-cMapDir Adobe-Korea1 /usr/local/share/xpdf/korean/CMap +-toUnicodeDir /usr/local/share/xpdf/korean/CMap ++cidToUnicode Adobe-Korea1 /usr/share/xpdf/korean/Adobe-Korea1.cidToUnicode ++unicodeMap ISO-2022-KR /usr/share/xpdf/korean/ISO-2022-KR.unicodeMap ++cMapDir Adobe-Korea1 /usr/share/xpdf/korean/CMap ++toUnicodeDir /usr/share/xpdf/korean/CMap + #fontFileCC Adobe-Korea1 /usr/..../batang.ttf" + #fontFileCC Unidocs-Korea1 /usr/..../batang.ttf" + #----- end Korean support package diff --git a/patches/source/xpdf/lang/xpdf-latin2.diff b/patches/source/xpdf/lang/xpdf-latin2.diff new file mode 100644 index 00000000..cf88fa02 --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-latin2.diff @@ -0,0 +1,7 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.120417269 -0500 +@@ -1,3 +1,3 @@ + #----- begin Latin2 support package (2011-aug-15) +-unicodeMap Latin2 /usr/local/share/xpdf/latin2/Latin2.unicodeMap ++unicodeMap Latin2 /usr/share/xpdf/latin2/Latin2.unicodeMap + #----- end Latin2 support package diff --git a/patches/source/xpdf/lang/xpdf-thai.diff b/patches/source/xpdf/lang/xpdf-thai.diff new file mode 100644 index 00000000..30c480ef --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-thai.diff @@ -0,0 +1,9 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.121417269 -0500 +@@ -1,4 +1,4 @@ + #----- begin Thai support package (2011-aug-15) +-nameToUnicode /usr/local/share/xpdf/thai/Thai.nameToUnicode +-unicodeMap TIS-620 /usr/local/share/xpdf/thai/TIS-620.unicodeMap ++nameToUnicode /usr/share/xpdf/thai/Thai.nameToUnicode ++unicodeMap TIS-620 /usr/share/xpdf/thai/TIS-620.unicodeMap + #----- end Thai support package diff --git a/patches/source/xpdf/lang/xpdf-turkish.diff b/patches/source/xpdf/lang/xpdf-turkish.diff new file mode 100644 index 00000000..81a79cff --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-turkish.diff @@ -0,0 +1,7 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.122417269 -0500 +@@ -1,3 +1,3 @@ + #----- begin Turkish support package (2011-aug-15) +-unicodeMap ISO-8859-9 /usr/local/share/xpdf/turkish/ISO-8859-9.unicodeMap ++unicodeMap ISO-8859-9 /usr/share/xpdf/turkish/ISO-8859-9.unicodeMap + #----- end Turkish support package diff --git a/patches/source/xpdf/patches/xpdf-3.03-CVE-2012-2142.diff b/patches/source/xpdf/patches/xpdf-3.03-CVE-2012-2142.diff new file mode 100644 index 00000000..891c41fd --- /dev/null +++ b/patches/source/xpdf/patches/xpdf-3.03-CVE-2012-2142.diff @@ -0,0 +1,55 @@ +From 3945969e0072217c143fefa3044512a31ac2afa8 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Sun, 11 Aug 2013 +Subject: CVE-2012-2142 + +Filter stuff that might end up in the shell to address CVE-2012-2142. +This code was adapted from the Poppler project. +--- + Error.cc | 21 ++++++++++++++++----- + 1 file changed, 16 insertions(+), 5 deletions(-) + +--- a/xpdf/Error.cc 2013-08-11 ++++ b/xpdf/Error.cc 2013-08-11 +@@ -43,7 +43,7 @@ void setErrorCallback(void (*cbk)(void * + + void CDECL error(ErrorCategory category, int pos, const char *msg, ...) { + va_list args; +- GString *s; ++ GString *s, *sanitized; + + // NB: this can be called before the globalParams object is created + if (!errorCbk && globalParams && globalParams->getErrQuiet()) { +@@ -52,17 +52,28 @@ void CDECL error(ErrorCategory category, + va_start(args, msg); + s = GString::formatv(msg, args); + va_end(args); ++ ++ sanitized = new GString (); ++ for (int i = 0; i < s->getLength(); ++i) { ++ const char c = s->getChar(i); ++ if (c < (char)0x20 || c >= (char)0x7f) { ++ sanitized->appendf("<{0:02x}>", c & 0xff); ++ } else { ++ sanitized->append(c); ++ } ++ } ++ + if (errorCbk) { +- (*errorCbk)(errorCbkData, category, pos, s->getCString()); ++ (*errorCbk)(errorCbkData, category, pos, sanitized->getCString()); + } else { + if (pos >= 0) { + fprintf(stderr, "%s (%d): %s\n", +- errorCategoryNames[category], pos, s->getCString()); ++ errorCategoryNames[category], pos, sanitized->getCString()); + } else { + fprintf(stderr, "%s: %s\n", +- errorCategoryNames[category], s->getCString()); ++ errorCategoryNames[category], sanitized->getCString()); + } + fflush(stderr); + } +- delete s; ++ delete sanitized; + } diff --git a/patches/source/xpdf/patches/xpdf.XPDFViewer.diff b/patches/source/xpdf/patches/xpdf.XPDFViewer.diff new file mode 100644 index 00000000..0aa4455d --- /dev/null +++ b/patches/source/xpdf/patches/xpdf.XPDFViewer.diff @@ -0,0 +1,11 @@ +--- ./xpdf/XPDFViewer.cc.orig 2011-08-15 16:08:53.000000000 -0500 ++++ ./xpdf/XPDFViewer.cc 2013-03-28 15:35:31.589432279 -0500 +@@ -1803,7 +1803,7 @@ + menuPane = XmCreatePulldownMenu(toolBar, "zoomMenuPane", args, n); + for (i = 0; i < nZoomMenuItems; ++i) { + n = 0; +- s = XmStringCreateLocalized(zoomMenuInfo[i].label); ++ s = XmStringCreateLocalized((char *)zoomMenuInfo[i].label); + XtSetArg(args[n], XmNlabelString, s); ++n; + XtSetArg(args[n], XmNuserData, (XtPointer)i); ++n; + sprintf(buf, "zoom%d", i); diff --git a/patches/source/xpdf/patches/xpdfrc.diff b/patches/source/xpdf/patches/xpdfrc.diff new file mode 100644 index 00000000..c136f997 --- /dev/null +++ b/patches/source/xpdf/patches/xpdfrc.diff @@ -0,0 +1,43 @@ +--- ./doc/sample-xpdfrc.orig 2013-03-28 15:29:16.957444255 -0500 ++++ ./doc/sample-xpdfrc 2013-03-28 15:32:11.413438678 -0500 +@@ -29,20 +29,20 @@ + # installed in a "standard" location, xpdf will find them + # automatically.) + +-#fontFile Times-Roman /usr/local/share/ghostscript/fonts/n021003l.pfb +-#fontFile Times-Italic /usr/local/share/ghostscript/fonts/n021023l.pfb +-#fontFile Times-Bold /usr/local/share/ghostscript/fonts/n021004l.pfb +-#fontFile Times-BoldItalic /usr/local/share/ghostscript/fonts/n021024l.pfb +-#fontFile Helvetica /usr/local/share/ghostscript/fonts/n019003l.pfb +-#fontFile Helvetica-Oblique /usr/local/share/ghostscript/fonts/n019023l.pfb +-#fontFile Helvetica-Bold /usr/local/share/ghostscript/fonts/n019004l.pfb +-#fontFile Helvetica-BoldOblique /usr/local/share/ghostscript/fonts/n019024l.pfb +-#fontFile Courier /usr/local/share/ghostscript/fonts/n022003l.pfb +-#fontFile Courier-Oblique /usr/local/share/ghostscript/fonts/n022023l.pfb +-#fontFile Courier-Bold /usr/local/share/ghostscript/fonts/n022004l.pfb +-#fontFile Courier-BoldOblique /usr/local/share/ghostscript/fonts/n022024l.pfb +-#fontFile Symbol /usr/local/share/ghostscript/fonts/s050000l.pfb +-#fontFile ZapfDingbats /usr/local/share/ghostscript/fonts/d050000l.pfb ++fontFile Times-Roman /usr/share/ghostscript/fonts/n021003l.pfb ++fontFile Times-Italic /usr/share/ghostscript/fonts/n021023l.pfb ++fontFile Times-Bold /usr/share/ghostscript/fonts/n021004l.pfb ++fontFile Times-BoldItalic /usr/share/ghostscript/fonts/n021024l.pfb ++fontFile Helvetica /usr/share/ghostscript/fonts/n019003l.pfb ++fontFile Helvetica-Oblique /usr/share/ghostscript/fonts/n019023l.pfb ++fontFile Helvetica-Bold /usr/share/ghostscript/fonts/n019004l.pfb ++fontFile Helvetica-BoldOblique /usr/share/ghostscript/fonts/n019024l.pfb ++fontFile Courier /usr/share/ghostscript/fonts/n022003l.pfb ++fontFile Courier-Oblique /usr/share/ghostscript/fonts/n022023l.pfb ++fontFile Courier-Bold /usr/share/ghostscript/fonts/n022004l.pfb ++fontFile Courier-BoldOblique /usr/share/ghostscript/fonts/n022024l.pfb ++fontFile Symbol /usr/share/ghostscript/fonts/s050000l.pfb ++fontFile ZapfDingbats /usr/share/ghostscript/fonts/d050000l.pfb + + # If you need to display PDF files that refer to non-embedded fonts, + # you should add one or more fontDir options to point to the +@@ -89,4 +89,4 @@ + # clicked. + + #launchCommand viewer-script +-#urlCommand "netscape -remote 'openURL(%s)'" ++#urlCommand "firefox -remote 'openURL(%s)'" diff --git a/patches/source/xpdf/slack-desc b/patches/source/xpdf/slack-desc new file mode 100644 index 00000000..58072776 --- /dev/null +++ b/patches/source/xpdf/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xpdf: xpdf (PDF viewer for X) +xpdf: +xpdf: Xpdf is a viewer for Portable Document Format (PDF) files. +xpdf: +xpdf: xpdf was written by Derek B. Noonburg. +xpdf: +xpdf: +xpdf: +xpdf: +xpdf: +xpdf: diff --git a/patches/source/xpdf/xpdf.SlackBuild b/patches/source/xpdf/xpdf.SlackBuild new file mode 100755 index 00000000..b4493f62 --- /dev/null +++ b/patches/source/xpdf/xpdf.SlackBuild @@ -0,0 +1,151 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=3.03 +PATCHLEVEL= +BUILD=${BUILD:-1_slack13.1} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-xpdf + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf xpdf-$VERSION +tar xvf $CWD/xpdf-$VERSION.tar.?z || exit 1 +cd xpdf-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/patches/xpdfrc.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/xpdf.XPDFViewer.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/xpdf-3.03-CVE-2012-2142.diff.gz | patch -p1 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --sysconfdir=/etc \ + --with-freetype2-includes=/usr/include/freetype2 \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +chmod 0755 $PKG/usr/bin/* +gzip -9 $PKG/usr/man/man?/* + +# We'll use the versions of these from the poppler derived work (if they exist here): +( cd $PKG/usr/bin + rm -f pdfinfo pdftops pdftoppm pdftohtml pdftotext pdfimages pdffonts + cd $PKG/usr/man/man1 + for file in pdfinfo pdftops pdftoppm pdftohtml pdftotext pdfimages pdffonts ; do + rm -f ${file}.1.gz + done +) + +# Don't clobber /etc/xpdfrc +mkdir -p $PKG/etc +cat doc/sample-xpdfrc > $PKG/etc/xpdfrc +mv $PKG/etc/xpdfrc $PKG/etc/xpdfrc.new + +# Add desktop menu entry and icon +mkdir -p $PKG/usr/share/{applications,pixmaps} +cat $CWD/xpdf.desktop > $PKG/usr/share/applications/xpdf.desktop +cat xpdf/xpdfIcon.xpm > $PKG/usr/share/pixmaps/xpdfIcon.xpm + +# Add additional language support: +for language in xpdf-arabic xpdf-chinese-simplified xpdf-chinese-traditional xpdf-cyrillic xpdf-greek xpdf-hebrew xpdf-japanese xpdf-korean xpdf-latin2 xpdf-thai xpdf-turkish ; do + rm -rf ${language} + tar xf $CWD/lang/${language}*.tar.gz + ( cd ${language} + echo "Patching for ${language}:" + zcat $CWD/lang/${language}.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 + chown -R root:root . + find . -type f -exec chmod 644 {} \; + cat add-to-xpdfrc >> $PKG/etc/xpdfrc.new + mkdir -p $PKG/usr/share/xpdf/$(echo ${language} | cut -f2- -d -) + cp -a * $PKG/usr/share/xpdf/$(echo ${language} | cut -f2- -d -) + ) || exit 1 +done + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc/xpdf-$VERSION +cp -a \ + ANNOUNCE CHANGES COPYING INSTALL README \ + $PKG/usr/doc/xpdf-$VERSION +chmod 0644 $PKG/usr/doc/xpdf-$VERSION/* + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGES ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat CHANGES | head -n 1000 > $DOCSDIR/CHANGES + touch -r CHANGES $DOCSDIR/CHANGES +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/xpdf-${VERSION}${PATCHLEVEL}-$ARCH-$BUILD.txz + diff --git a/patches/source/xpdf/xpdf.desktop b/patches/source/xpdf/xpdf.desktop new file mode 100644 index 00000000..51d1a5a6 --- /dev/null +++ b/patches/source/xpdf/xpdf.desktop @@ -0,0 +1,98 @@ +[Desktop Entry] +Name=X PDF +Name[bn]=à¦à¦•à§à¦¸ পি-ডি-à¦à¦« +Name[de]=X-PDF +Name[eo]=XPDF +Name[es]=PDF para X +Name[fr]=XPDF +Name[hi]=à¤à¤•à¥à¤¸ पीडीà¤à¤« +Name[ko]=Xìš© PDF +Name[mn]=X-PDF +Name[nds]=X-PDF +Name[te]=à°Žà°•à±à°¸à± పిడిఎఫౠ+MimeType=application/pdf; +GenericName=PDF Viewer +GenericName[af]=Pdf Aansig +GenericName[ar]=عارض الملÙات PDF +GenericName[az]=PDF Nümayişçisi +GenericName[be]=ПраглÑдальнік PDF +GenericName[bg]=Преглед на PDF документи +GenericName[bn]=পি-ডি-à¦à¦« পà§à¦°à¦¦à¦°à§à¦¶à¦• +GenericName[br]=Gweler PDF +GenericName[bs]=Preglednik PDF dokumenata +GenericName[ca]=Visor PDF +GenericName[cs]=ProhlÞeÄ PDF souborů +GenericName[csb]=Przezérnik PDF +GenericName[cy]=Gwelydd PDF +GenericName[da]=PDF-fremviser +GenericName[de]=PDF-Betrachter +GenericName[el]=Î ÏοβολÎας PDF +GenericName[eo]=PDF-rigardilo +GenericName[es]=Visor de documentos PDF +GenericName[et]=PDF failide vaatamine +GenericName[eu]=PDF ikustailua +GenericName[fa]=مشاهده‌گر PDF +GenericName[fi]=PDF-näytin +GenericName[fo]=PDF-vÃsari +GenericName[fr]=Afficheur PDF +GenericName[fy]=PDF-werjefteprogramma +GenericName[ga]=Amharcán PDF +GenericName[gl]=Visualizador de PDF +GenericName[he]=מציג קבצי PDF +GenericName[hi]=पीडीà¤à¤« पà¥à¤°à¤¦à¤°à¥à¤¶à¤• +GenericName[hr]=Preglednik PDF dokumenata +GenericName[hu]=PDF-nézegetÅ‘ +GenericName[id]=Viewer PDF +GenericName[is]=PDF-sjá +GenericName[it]=Visualizzatore PDF +GenericName[ja]=PDF ビューア +GenericName[kk]=PDF қарау құралы +GenericName[km]=កម្មវិធី​មើល PDF +GenericName[ko]=PDF 보기 +GenericName[lo]=ສະà»àº”ງຜົນPDF +GenericName[lt]=PDF ŽiÅ«riklis +GenericName[lv]=PDF SkatÄ«tÄjs +GenericName[mk]=Прегледувач на PDF +GenericName[mn]=PDF-Харагч +GenericName[ms]=Pemapar PDF +GenericName[mt]=Werrej PDF +GenericName[nb]=PDF-leser +GenericName[nds]=Kieker för PDF-Dateien +GenericName[ne]=PDF दरà¥à¤¶à¤• +GenericName[nl]=PDF-weergaveprogramma +GenericName[nn]=PDF-lesar +GenericName[nso]=Molebeledi wa PDF +GenericName[oc]=Visualisor PDF +GenericName[pa]=PDF ਦਰਸ਼ਕ +GenericName[pl]=PrzeglÄ…darka plików PDF +GenericName[pt]=Visualizador de PDFs +GenericName[pt_BR]=Visualizador de arquivos PDF +GenericName[ro]=Vizualizor de documente PDF +GenericName[ru]=ПроÑмотр PDF +GenericName[rw]=Mugaragaza PDF +GenericName[se]=PDF-logan +GenericName[sk]=PrehliadaÄ PDF súborov +GenericName[sl]=Pregledovalnik datotek PDF +GenericName[sr]=PDF приказивач +GenericName[sr@Latn]=PDF prikazivaÄ +GenericName[ss]=Sibuki se PDF +GenericName[sv]=PDF-visare +GenericName[ta]=PDF காடà¯à®šà®¿ +GenericName[tg]=Ðамоишгари PDF +GenericName[th]=ตัวà¹à¸ªà¸”งผล PDF +GenericName[tr]=PDF Görüntüleyici +GenericName[tt]=PDF Kürsätkeç +GenericName[uk]=ПереглÑдач PDF +GenericName[uz]=PDF кўрувчи +GenericName[ven]=Tshivhoni tsha PDF +GenericName[vi]=Trình xem PDF +GenericName[wa]=HÃ¥yneu di documints PDF +GenericName[zh_CN]=PDF 查看器 +GenericName[zh_TW]=PDF æª¢è¦–ç¨‹å¼ +GenericName[zu]=Umbukisi we-PDF +Exec=xpdf +Icon=xpdfIcon +Type=Application +Terminal=false +X-KDE-StartupNotify=false +Categories=Graphics; diff --git a/patches/source/xproto/arch.use.flags b/patches/source/xproto/arch.use.flags new file mode 100644 index 00000000..11087c88 --- /dev/null +++ b/patches/source/xproto/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/xproto/build/xproto b/patches/source/xproto/build/xproto new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/xproto/build/xproto @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/xproto/configure/configure b/patches/source/xproto/configure/configure new file mode 100644 index 00000000..dcb1109b --- /dev/null +++ b/patches/source/xproto/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/xproto/modularize b/patches/source/xproto/modularize new file mode 100644 index 00000000..8a28ed93 --- /dev/null +++ b/patches/source/xproto/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/xproto/noarch b/patches/source/xproto/noarch new file mode 100644 index 00000000..8785ee52 --- /dev/null +++ b/patches/source/xproto/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/xproto/package-blacklist b/patches/source/xproto/package-blacklist new file mode 100644 index 00000000..603b8c31 --- /dev/null +++ b/patches/source/xproto/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/xproto/post-install/xproto.post-install b/patches/source/xproto/post-install/xproto.post-install new file mode 100644 index 00000000..5a3b79b3 --- /dev/null +++ b/patches/source/xproto/post-install/xproto.post-install @@ -0,0 +1,2 @@ +# bloat +rm -rf $PKG/usr/doc/xproto diff --git a/patches/source/xproto/slack-desc/xproto b/patches/source/xproto/slack-desc/xproto new file mode 100644 index 00000000..1c230b1e --- /dev/null +++ b/patches/source/xproto/slack-desc/xproto @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xproto: xproto (C prototypes for X Window System Core Protocol) +xproto: +xproto: xproto is part of X11. +xproto: +xproto: For more information about the X.Org Foundation (the providers of the +xproto: X.Org implementation of the X Window System), see their website: +xproto: +xproto: http://www.x.org +xproto: +xproto: +xproto: diff --git a/patches/source/xproto/x11.SlackBuild b/patches/source/xproto/x11.SlackBuild new file mode 100755 index 00000000..c3887dff --- /dev/null +++ b/patches/source/xproto/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/xproto/xproto.SlackBuild b/patches/source/xproto/xproto.SlackBuild new file mode 100755 index 00000000..34af847e --- /dev/null +++ b/patches/source/xproto/xproto.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild proto xproto +mv /tmp/x11-build/xproto*txz /tmp diff --git a/patches/source/xrdb/arch.use.flags b/patches/source/xrdb/arch.use.flags new file mode 100644 index 00000000..f28a6cca --- /dev/null +++ b/patches/source/xrdb/arch.use.flags @@ -0,0 +1,7 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/xrdb/build/xrdb b/patches/source/xrdb/build/xrdb new file mode 100644 index 00000000..c26b02cb --- /dev/null +++ b/patches/source/xrdb/build/xrdb @@ -0,0 +1 @@ +1_slack13.1 diff --git a/patches/source/xrdb/configure/configure b/patches/source/xrdb/configure/configure new file mode 100644 index 00000000..0f3bccf2 --- /dev/null +++ b/patches/source/xrdb/configure/configure @@ -0,0 +1,12 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/xrdb/modularize b/patches/source/xrdb/modularize new file mode 100644 index 00000000..47da583f --- /dev/null +++ b/patches/source/xrdb/modularize @@ -0,0 +1,293 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +applewmproto +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +constype +damageproto +dmxproto +dri2proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libAppleWM +libFS +libICE +libSM +libWindowsWM +libX11 +libXScrnSaver +libXTrap +libXau +libXaw +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXprintAppUtil +libXprintUtil +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxkbui +listres +lndir +luit +makedepend +mkcfm +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +printproto +proxymngr +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +rstart +scripts +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +trapproto +twm +util-macros +videoproto +viewres +windowswmproto +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xclipboard +xclock +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-citron +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-geode +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-fbdev +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-i810 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nsc +xf86-video-nv +xf86-video-openchrome +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-wsfb +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86rushproto +xf86vidmodeproto +xfd +xfindproxy +xfontsel +xfs +xfsinfo +xfwp +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-sgml-doctools +xphelloworld +xplsprinters +xpr +xprehashprinterlist +xprop +xproto +xproxymanagementprotocol +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetmode +xsetpointer +xsetroot +xsm +xstdcmap +xtrans +xtrap +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/xrdb/noarch b/patches/source/xrdb/noarch new file mode 100644 index 00000000..79eb0e56 --- /dev/null +++ b/patches/source/xrdb/noarch @@ -0,0 +1,81 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scripts +scrnsaverproto +trapproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcb-proto +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86rushproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-cf-files +xorg-docs +xproto +xproxymanagementprotocol +xtrans diff --git a/patches/source/xrdb/package-blacklist b/patches/source/xrdb/package-blacklist new file mode 100644 index 00000000..37762499 --- /dev/null +++ b/patches/source/xrdb/package-blacklist @@ -0,0 +1,39 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/xrdb/slack-desc/xrdb b/patches/source/xrdb/slack-desc/xrdb new file mode 100644 index 00000000..26ea4786 --- /dev/null +++ b/patches/source/xrdb/slack-desc/xrdb @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xrdb: xrdb +xrdb: +xrdb: xrdb is part of X11. +xrdb: +xrdb: For more information about the X.Org Foundation (the providers of the +xrdb: X.Org implementation of the X Window System), see their website: +xrdb: +xrdb: http://www.x.org +xrdb: +xrdb: +xrdb: diff --git a/patches/source/xrdb/x11.SlackBuild b/patches/source/xrdb/x11.SlackBuild new file mode 100755 index 00000000..ca729708 --- /dev/null +++ b/patches/source/xrdb/x11.SlackBuild @@ -0,0 +1,364 @@ +#!/bin/sh +# Copyright 2007-2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc driver font xserver ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/xrdb/xrdb.SlackBuild b/patches/source/xrdb/xrdb.SlackBuild new file mode 100755 index 00000000..cd657e95 --- /dev/null +++ b/patches/source/xrdb/xrdb.SlackBuild @@ -0,0 +1,2 @@ +./x11.SlackBuild app xrdb +mv /tmp/x11-build/xrdb*z /tmp diff --git a/patches/source/yasm/slack-desc b/patches/source/yasm/slack-desc new file mode 100644 index 00000000..fc28253f --- /dev/null +++ b/patches/source/yasm/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +yasm: yasm (complete rewrite of the NASM assembler) +yasm: +yasm: Yasm is a complete rewrite of the NASM assembler under the "new" BSD +yasm: License (some portions are under other licenses, see COPYING for +yasm: details). Yasm currently supports the x86 and AMD64 instruction sets, +yasm: accepts NASM and GAS assembler syntaxes, outputs binary, ELF32, ELF64, +yasm: 32 and 64-bit Mach-O, RDOFF2, COFF, Win32, and Win64 object formats, +yasm: and generates source debugging information in STABS, DWARF 2, and +yasm: CodeView 8 formats. +yasm: +yasm: yasm home: http://www.tortall.net/projects/yasm/ diff --git a/patches/source/yasm/yasm.SlackBuild b/patches/source/yasm/yasm.SlackBuild new file mode 100755 index 00000000..cab3c359 --- /dev/null +++ b/patches/source/yasm/yasm.SlackBuild @@ -0,0 +1,216 @@ +#!/bin/sh +# $Id: yasm.SlackBuild,v 1.7 2009/05/12 20:24:31 root Exp root $ +# Copyright (c) 2008 Eric Hameleers <alien@slackware.com> +# Copyright 2010 Patrick Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Permission to use, copy, modify, and distribute this software for +# any purpose with or without fee is hereby granted, provided that +# the above copyright notice and this permission notice appear in all +# copies. +# +# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# ----------------------------------------------------------------------------- +# +# Slackware SlackBuild script +# =========================== +# By: Eric Hameleers <alien@slackware.com> +# For: yasm +# Descr: complete rewrite of the NASM assembler +# URL: http://www.tortall.net/projects/yasm/ +# Needs: +# Changelog: +# 0.7.1-1: 16/Jun/2008 by Eric Hameleers <alien@slackware.com> +# * Initial build. +# 0.7.2-1: 08/dec/2008 by Eric Hameleers <alien@slackware.com> +# * Update. +# 0.8.0-1: 12/may/2009 by Eric Hameleers <alien@slackware.com> +# * Update. +# 1.1.0-1: 2010-08-31 by volkerdi@slackware.com +# * Update. +# +# Run 'sh yasm.SlackBuild' to build a Slackware package. +# The package (.txz) plus descriptive .txt file are created in /tmp . +# Install using 'installpkg'. +# +# ----------------------------------------------------------------------------- + +PKGNAM=yasm +VERSION=${VERSION:-1.2.0} +BUILD=${BUILD:-1_slack13.1} +TAG=${TAG:-} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +DOCS="ABOUT-NLS AUTHORS ChangeLog COPYING GNU_* NEWS README *.txt" + +# If you want to disable python bindings, set ENABLE_PYTHON to "NO". +# Building python support requires Cython, which is not shipped with Slackware. +ENABLE_PYTHON=${ENABLE_PYTHON:-"'NO"} + +# Where do we look for sources? +SRCDIR=$(cd $(dirname $0); pwd) + +# Place to build (TMP) package (PKG) and output (OUTPUT) the program: +TMP=${TMP:-/tmp/build} +PKG=$TMP/package-$PKGNAM +OUTPUT=${OUTPUT:-/tmp} + +SOURCE="$SRCDIR/${PKGNAM}-${VERSION}.tar.xz" +SRCURL="http://www.tortall.net/projects/${PKGNAM}/releases/${PKGNAM}-${VERSION}.tar.gz" + +## +## --- with a little luck, you won't have to edit below this point --- ## +## + +# Exit the script on errors: +set -e +trap 'echo "$0 FAILED at line ${LINENO}" | tee $OUTPUT/error-${PKGNAM}.log' ERR +# Catch unitialized variables: +set -u +P1=${1:-1} + +case "$ARCH" in + i486) SLKCFLAGS="-O2 -march=i486 -mtune=i686" + SLKLDFLAGS=""; LIBDIRSUFFIX="" + ;; + s390) SLKCFLAGS="-O2" + SLKLDFLAGS=""; LIBDIRSUFFIX="" + ;; + powerpc) SLKCFLAGS="-O2" + SLKLDFLAGS=""; LIBDIRSUFFIX="" + ;; + x86_64) SLKCFLAGS="-O2 -fPIC" + SLKLDFLAGS="-L/usr/lib64"; LIBDIRSUFFIX="64" + ;; + athlon-xp) SLKCFLAGS="-march=athlon-xp -O3 -pipe -fomit-frame-pointer" + SLKLDFLAGS=""; LIBDIRSUFFIX="" + ;; +esac + +# Create working directories: +mkdir -p $OUTPUT # place for the package to be saved +mkdir -p $TMP/tmp-$PKGNAM # location to build the source +mkdir -p $PKG # place for the package to be built +rm -rf $PKG/* # always erase old package's contents +rm -rf $TMP/tmp-$PKGNAM/* # remove the remnants of previous build + +# Source file availability: +if ! [ -f ${SOURCE} ]; then + if ! [ "x${SRCURL}" == "x" ]; then + # Check if the $SRCDIR is writable at all - if not, download to $OUTPUT + [ -w "$SRCDIR" ] || SOURCE="$OUTPUT/$(basename $SOURCE)" + echo "Source '$(basename ${SOURCE})' not available yet..." + echo "Will download file to $(dirname $SOURCE)" + wget -nv -T 20 -O "${SOURCE}" "${SRCURL}" || true + if [ $? -ne 0 -o ! -s "${SOURCE}" ]; then + echo "Downloading '$(basename ${SOURCE})' failed... aborting the build." + mv -f "${SOURCE}" "${SOURCE}".FAIL + exit 1 + fi + else + echo "File '$(basename ${SOURCE})' not available... aborting the build." + exit 1 + fi +fi + +if [ "$P1" == "--download" ]; then + echo "Download complete." + exit 0 +fi + +# --- PACKAGE BUILDING --- + +echo "++" +echo "|| $PKGNAM-$VERSION" +echo "++" + +cd $TMP/tmp-$PKGNAM +echo "Extracting the source archive(s) for $PKGNAM..." +tar xvf ${SOURCE} +cd ${PKGNAM}-${VERSION} +chown -R root:root . +chmod -R u+w,go+r-w,a-s . + +if [ "$ENABLE_PYTHON" = "YES" ]; then + PYTHONSTUFF="--enable-python --enable-python-bindings" +else + PYTHONSTUFF="" +fi + +echo Building ... +LDFLAGS="$SLKLDFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +CFLAGS="$SLKCFLAGS" \ +./configure --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --localstatedir=/var \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + ${PYTHONSTUFF} \ + --program-prefix= \ + --program-suffix= \ + --build=$ARCH-slackware-linux \ + 2>&1 | tee $OUTPUT/configure-${PKGNAM}.log +make 2>&1 | tee $OUTPUT/make-${PKGNAM}.log + +# Install all the needed stuff to the package dir +# Use installwatch if available, to produce a logfile of the installation +# process that is more easily readable: +if $(which installwatch > /dev/null 2>&1); then + installwatch -o $OUTPUT/install-${PKGNAM}.log make DESTDIR=$PKG install +else + make DESTDIR=$PKG install 2>&1 |tee $OUTPUT/install-${PKGNAM}.log +fi + +# Add documentation: +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a $DOCS $PKG/usr/doc/$PKGNAM-$VERSION || true +cp -a $SRCDIR/$(basename $0) $PKG/usr/doc/$PKGNAM-$VERSION/$PKGNAM.SlackBuild +chown -R root:root $PKG/usr/doc/$PKGNAM-$VERSION +find $PKG/usr/doc -type f -exec chmod 644 {} \; + +# Remove empty share directory: +rmdir $PKG/usr/share || true + +# Compress the man page(s): +if [ -d $PKG/usr/man ]; then + find $PKG/usr/man -type f -name "*.?" -exec gzip -9f {} \; + for i in $(find $PKG/usr/man -type l -name "*.?") ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +fi + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Add a package description: +mkdir -p $PKG/install +cat $SRCDIR/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +makepkg --linkadd y --chown n $OUTPUT/${PKGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.txz 2>&1 | tee $OUTPUT/makepkg-${PKGNAM}.log +cd $OUTPUT +md5sum ${PKGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.txz > ${PKGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.txz.md5 +cd - +cat $PKG/install/slack-desc | grep "^${PKGNAM}" > $OUTPUT/${PKGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.txt + |
