diff options
Diffstat (limited to 'source/n')
252 files changed, 6460 insertions, 8233 deletions
diff --git a/source/n/ModemManager/ModemManager.SlackBuild b/source/n/ModemManager/ModemManager.SlackBuild index 6a6e116e..090fdfaf 100755 --- a/source/n/ModemManager/ModemManager.SlackBuild +++ b/source/n/ModemManager/ModemManager.SlackBuild @@ -2,7 +2,7 @@ # Slackware build script for ModemManager -# Copyright 2010, 2011 Robby Workman, Northport, Alabama, USA +# Copyright 2010, 2011 Robby Workman, Tuscaloosa, Alabama, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -26,11 +26,11 @@ PKGNAM=ModemManager VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d- | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-1} if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) ARCH=i486 ;; + i?86) ARCH=i586 ;; arm*) ARCH=arm ;; *) ARCH=$( uname -m ) ;; esac @@ -43,8 +43,8 @@ TMP=${TMP:-/tmp} PKG=$TMP/package-$PKGNAM OUTPUT=${OUTPUT:-/tmp} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "i686" ]; then SLKCFLAGS="-O2 -march=i686 -mtune=i686" @@ -81,6 +81,7 @@ CXXFLAGS="$SLKCFLAGS" \ --localstatedir=/var \ --with-polkit=no \ --mandir=/usr/man \ + --disable-static \ --docdir=/usr/doc/$PKGNAM-$VERSION \ --build=$ARCH-slackware-linux || exit 1 diff --git a/source/n/ModemManager/slack-desc b/source/n/ModemManager/slack-desc index 87f1ba66..7e8ca3de 100644 --- a/source/n/ModemManager/slack-desc +++ b/source/n/ModemManager/slack-desc @@ -12,7 +12,7 @@ ModemManager: ModemManager provides a unified high level API for communicating w ModemManager: mobile broadband modems. ModemManager: ModemManager: For more info, see: -ModemManager: http://cgit.freedesktop.org/ModemManager/ModemManager/ +ModemManager: https://www.freedesktop.org/wiki/Software/ModemManager ModemManager: ModemManager: ModemManager: diff --git a/source/n/NetworkManager/55NetworkManager b/source/n/NetworkManager/55NetworkManager index f3c6df5e..d7b3ee6a 100644 --- a/source/n/NetworkManager/55NetworkManager +++ b/source/n/NetworkManager/55NetworkManager @@ -1,10 +1,5 @@ #!/bin/sh # If we are running NetworkManager, tell it we are going to sleep. -# TODO: Make NetworkManager smarter about how to handle sleep/resume -# If we are asleep for less time than it takes for TCP to reset a -# connection, and we are assigned the same IP on resume, we should -# not break established connections. Apple can do this, and it is -# rather nifty. . "${PM_FUNCTIONS}" @@ -12,10 +7,11 @@ suspend_nm() { # Tell NetworkManager to shut down networking printf "Having NetworkManager put all interaces to sleep..." - dbus_send --system \ + dbus_send --system --print-reply \ --dest=org.freedesktop.NetworkManager \ /org/freedesktop/NetworkManager \ - org.freedesktop.NetworkManager.sleep && \ + org.freedesktop.NetworkManager.Sleep \ + boolean:true && \ echo Done. || echo Failed. } @@ -23,10 +19,11 @@ resume_nm() { # Wake up NetworkManager and make it do a new connection printf "Having NetworkManager wake interfaces back up..." - dbus_send --system \ + dbus_send --system --print-reply \ --dest=org.freedesktop.NetworkManager \ /org/freedesktop/NetworkManager \ - org.freedesktop.NetworkManager.wake && \ + org.freedesktop.NetworkManager.Sleep \ + boolean:false && \ echo Done. || echo Failed. } diff --git a/source/n/NetworkManager/NetworkManager.SlackBuild b/source/n/NetworkManager/NetworkManager.SlackBuild index 41e0d18d..d152c07c 100755 --- a/source/n/NetworkManager/NetworkManager.SlackBuild +++ b/source/n/NetworkManager/NetworkManager.SlackBuild @@ -1,7 +1,7 @@ #!/bin/sh -# Copyright 2010, 2011 Robby Workman, Northport, Alabama, USA -# Copyright 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2010, 2011, 2014, 2016 Robby Workman, Northport, Alabama, USA +# Copyright 2013, 2014, 2015, 2016 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -25,13 +25,13 @@ PKGNAM=NetworkManager VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: MARCH=$( uname -m ) if [ -z "$ARCH" ]; then case "$MARCH" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; armv7hl) export ARCH=$MARCH ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: @@ -46,8 +46,8 @@ TMP=${TMP:-/tmp} PKG=$TMP/package-$PKGNAM OUTPUT=${OUTPUT:-/tmp} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "i686" ]; then SLKCFLAGS="-O2 -march=i686 -mtune=i686" @@ -81,9 +81,8 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -# Find the version off pppd installed or else assume we are on -current: -PPPD=$( basename $(find /usr/lib${LIBDIRSUFFIX}/pppd -type d -maxdepth 1 -mindepth 1) ) -[ -z "$PPPD" ] && PPPD=2.4.5 +# Find the version number for pppd, used to specify the plugin directory: +PPPD=$(echo /usr/lib${LIBDIRSUFFIX}/pppd/?.?.? | rev | cut -f 1 -d / | rev) CFLAGS="$SLKCFLAGS" \ CXXFLAGS="$SLKCFLAGS" \ @@ -94,6 +93,7 @@ CXXFLAGS="$SLKCFLAGS" \ --localstatedir=/var \ --mandir=/usr/man \ --docdir=/usr/doc/$PKGNAM-$VERSION \ + --with-udev-dir=/lib/udev \ --with-pppd-plugin-dir=/usr/lib${LIBDIRSUFFIX}/pppd/$PPPD \ --with-crypto=nss \ --enable-more-warnings=no \ @@ -101,24 +101,26 @@ CXXFLAGS="$SLKCFLAGS" \ --with-dhcpcd=/sbin/dhcpcd \ --with-dhclient=yes \ --with-modem-manager-1=yes \ + --with-nmtui=yes \ + --disable-vala \ + --with-session-tracking=consolekit \ + --with-suspend-resume=consolekit \ + --with-hostname-persist=slackware \ --build=$TARGET || exit 1 make $NUMJOBS || exit 1 make install DESTDIR=$PKG || exit 1 -# For some reason NetworkManager-0.9.8.0 does not install these: -( cd man - mkdir -p $PKG/usr/man/man1 - cp -a *.1 $PKG/usr/man/man1 - mkdir -p $PKG/usr/man/man5 - cp -a *.5 $PKG/usr/man/man5 - mkdir -p $PKG/usr/man/man8 - cp -a *.8 $PKG/usr/man/man8 -) - find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true +# Fix hardlinked manpages: +( cd $PKG/usr/man/man1 + ln -sf nmtui.1 nmtui-connect.1 + ln -sf nmtui.1 nmtui-edit.1 + ln -sf nmtui.1 nmtui-hostname.1 +) + find $PKG/usr/man -type f -exec gzip -9 {} \; for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done @@ -133,19 +135,24 @@ mkdir -p $PKG/etc/rc.d cat $CWD/rc.networkmanager > $PKG/etc/rc.d/rc.networkmanager.new chmod 0644 $PKG/etc/rc.d/rc.networkmanager.new -# Add a 'starter' NetworkManager.conf file -# This sets the hostname (during postinstall) to match the system's name -# and defines dhcpcd as the dhcp client to use -mkdir -p $PKG/etc/NetworkManager -cat $CWD/NetworkManager.conf.new > \ - $PKG/etc/NetworkManager/NetworkManager.conf.new +# Add the pm-utils hook back in +# xfce4-power-manager needs to be built *without* NM support +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/pm-utils/sleep.d/ +cat $CWD/55NetworkManager > $PKG/usr/lib${LIBDIRSUFFIX}/pm-utils/sleep.d/55NetworkManager +chmod 0755 $PKG/usr/lib${LIBDIRSUFFIX}/pm-utils/sleep.d/55NetworkManager + +# Add default (plain) config file to enable keyfile plugin +cat $CWD/NetworkManager.conf > $PKG/etc/NetworkManager/NetworkManager.conf.new + +# Set dhcp client to "dhcpcd" and rc-manager to "file" by default +mkdir -p $PKG/etc/NetworkManager/conf.d +cat $CWD/conf.d/00-dhcp-client.conf > $PKG/etc/NetworkManager/conf.d/00-dhcp-client.conf.new +cat $CWD/conf.d/00-rc-manager.conf > $PKG/etc/NetworkManager/conf.d/00-rc-manager.conf.new mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION cp -a \ AUTHORS CONTRIBUTING COPYING ChangeLog INSTALL NEWS README TODO \ $PKG/usr/doc/$PKGNAM-$VERSION -# In case someone needs this still: -cp $CWD/55NetworkManager $PKG/usr/doc/$PKGNAM-$VERSION/ # If there's a ChangeLog, installing at least part of the recent history # is useful, but don't let it get totally out of control: diff --git a/source/n/NetworkManager/NetworkManager.conf b/source/n/NetworkManager/NetworkManager.conf new file mode 100644 index 00000000..eb8f6ae1 --- /dev/null +++ b/source/n/NetworkManager/NetworkManager.conf @@ -0,0 +1,7 @@ +# /etc/NetworkManager/NetworkManager.conf +# +# See additional config files (such as for DHCP settings) in ./conf.d + +[main] +plugins=keyfile + diff --git a/source/n/NetworkManager/NetworkManager.conf.new b/source/n/NetworkManager/NetworkManager.conf.new deleted file mode 100644 index 71945e90..00000000 --- a/source/n/NetworkManager/NetworkManager.conf.new +++ /dev/null @@ -1,11 +0,0 @@ -# /etc/NetworkManager/NetworkManager.conf -# -# See NetworkManager.conf(5) for more information on this file - -[main] -plugins=keyfile -dhcp=dhcpcd - -[keyfile] -hostname=yourhostname - diff --git a/source/n/NetworkManager/README b/source/n/NetworkManager/README deleted file mode 100644 index 5556f27f..00000000 --- a/source/n/NetworkManager/README +++ /dev/null @@ -1,15 +0,0 @@ -NetworkManager attempts to keep an active network connection available at all -times. The point of NetworkManager is to make networking configuration and -setup as painless and automatic as possible. NetworkManager is intended to -replace default route, replace other routes, set IP addresses, and in general -configure networking as NM sees fit (with the possibility of manual override as -necessary). In effect, the goal of NetworkManager is to make networking Just -Work with a minimum of user hassle, but still allow customization and a high -level of manual network control. - -You will probably want to install network-manager-applet (for a configuration -UI) for sure, along with ModemManager (if you want support for configuring -broadband modem connections) perhaps one or more of the VPN-related addons. - -You will also need to start rc.networkmanager during boot - you can use -rc.local, or perhaps you'll want to edit rc.M's call to rc.wicd... :-) diff --git a/source/n/NetworkManager/conf.d/00-dhcp-client.conf b/source/n/NetworkManager/conf.d/00-dhcp-client.conf new file mode 100644 index 00000000..7b52815f --- /dev/null +++ b/source/n/NetworkManager/conf.d/00-dhcp-client.conf @@ -0,0 +1,8 @@ +[main] +# Choose a DHCP client below. Upstream recommends dhclient, but results may vary. +# dhcpcd is the DHCP client usually used by Slackware: +dhcp=dhcpcd +# dhclient is the ISC reference DHCP client, part of the dhcp package: +#dhcp=dhclient +# This is a simple DHCP client that is built into NetworkManager: +#dhcp=internal diff --git a/source/n/NetworkManager/conf.d/00-rc-manager.conf b/source/n/NetworkManager/conf.d/00-rc-manager.conf new file mode 100644 index 00000000..c848c003 --- /dev/null +++ b/source/n/NetworkManager/conf.d/00-rc-manager.conf @@ -0,0 +1,2 @@ +[main] +rc-manager=file diff --git a/source/n/NetworkManager/doinst.sh b/source/n/NetworkManager/doinst.sh index cf091e8d..6c88b8cf 100644 --- a/source/n/NetworkManager/doinst.sh +++ b/source/n/NetworkManager/doinst.sh @@ -32,6 +32,8 @@ fi # connection could be lost at a remote location. preserve_perms etc/rc.d/rc.networkmanager.new config etc/NetworkManager/NetworkManager.conf.new +config etc/NetworkManager/conf.d/00-rc-manager.conf.new +config etc/NetworkManager/conf.d/00-dhcp-client.conf.new # If the .pid file is found in the old location, move it to the new one: if [ -r var/run/NetworkManager.pid ]; then diff --git a/source/n/NetworkManager/rc.networkmanager b/source/n/NetworkManager/rc.networkmanager index 430e61a4..dbdf19d5 100644 --- a/source/n/NetworkManager/rc.networkmanager +++ b/source/n/NetworkManager/rc.networkmanager @@ -69,6 +69,14 @@ nm_stop() sleep 3 rm -f $PIDFILE &>/dev/null fi + # If wpa_supplicant is running here, it needs to be shut down as well. + # Since you're asking for NetworkManager to shut down, we have to assume + # that wpa_supplicant was started by it. + if [ -r /var/run/wpa_supplicant.pid ]; then + kill $(cat /var/run/wpa_supplicant.pid) + elif [ -r /run/wpa_supplicant.pid ]; then + kill $(cat /run/wpa_supplicant.pid) + fi echo "stopped"; sleep 3 } diff --git a/source/n/alpine/alpine.SlackBuild b/source/n/alpine/alpine.SlackBuild index 5bf3b445..9f2a91c8 100755 --- a/source/n/alpine/alpine.SlackBuild +++ b/source/n/alpine/alpine.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2006, 2007, 2008, 2009, 2010, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2006, 2007, 2008, 2009, 2010, 2012, 2013, 2015 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,15 +22,15 @@ PKGNAM=alpine -VERSION=${VERSION:-2.11} -ALPINEBUILD=${ALPINEBUILD:-1} -IMAPDBUILD=${IMAPDBUILD:-1} +VERSION=${VERSION:-2.20} +ALPINEBUILD=${ALPINEBUILD:-2} +IMAPDBUILD=${IMAPDBUILD:-2} PINEPGP=${PINEPGP:-0.18.0} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -46,8 +46,8 @@ PKG=$TMP/package-${PKGNAM} rm -rf $PKG mkdir -p $PKG/etc -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" elif [ "$ARCH" = "x86_64" ]; then @@ -62,7 +62,7 @@ cd alpine-$VERSION # Make sure ownerships and permissions are sane: chown -R root:root . find . \ - \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 700 -o -perm 555 -o -perm 511 \) \ -exec chmod 755 {} \; -o \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; @@ -79,6 +79,7 @@ CFLAGS="$SLKCFLAGS" \ --with-c-client-target=slx \ --with-system-pinerc=/etc/pine.conf \ --with-system-fixed-pinerc=/etc/pine.conf.fixed \ + --with-passfile=.alpine.passfile \ --disable-debug \ --with-debug-level=0 \ --without-tcl \ @@ -87,7 +88,11 @@ CFLAGS="$SLKCFLAGS" \ --build=$ARCH-slackware-linux # Correct paths and programs in tech-notes.txt: -zcat $CWD/alpine.tech-notes.txt.diff.gz | patch -p1 --verbose || exit 1 +( cd doc/tech-notes + sed -i "s,/usr/local/lib/pine.info,/usr/lib/pine.info,g" tech-notes.txt + sed -i "s,/usr/local/lib,/etc,g" tech-notes.txt + sed -i "s,/usr/local,/etc,g" tech-notes.txt +) # Build and install: # Since we build non-compliant to RFC3501 we have to answer 'y' half-way: @@ -102,9 +107,8 @@ make install SSLTYPE=unix DESTDIR=$PKG || exit 1 mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION cp -a \ LICENSE NOTICE README* VERSION \ - doc/tech-notes.txt doc/brochure.txt doc/mailcap.unx doc/mime.types \ + doc/tech-notes* doc/brochure.txt doc/mailcap.unx doc/mime.types \ $PKG/usr/doc/${PKGNAM}-$VERSION -gzip -9 $PKG/usr/doc/${PKGNAM}-$VERSION/tech-notes.txt # Add pinepgp support: cd $TMP diff --git a/source/n/alpine/alpine.tech-notes.txt.diff b/source/n/alpine/alpine.tech-notes.txt.diff deleted file mode 100644 index 3af68e92..00000000 --- a/source/n/alpine/alpine.tech-notes.txt.diff +++ /dev/null @@ -1,136 +0,0 @@ ---- ./doc/tech-notes.txt.orig 2008-03-17 17:26:52.000000000 -0500 -+++ ./doc/tech-notes.txt 2008-08-06 21:16:06.000000000 -0500 -@@ -271,14 +271,14 @@ - The selection of which MTA to use depends on the settings of smtp-server, - sendmail-path, and compile-time options. The first MTA specified in the - following list is used: -- 1. _sendmail-path_ in /usr/local/lib/pine.conf.fixed -- 2. _smtp-server_ in /usr/local/pine.conf.fixed -+ 1. _sendmail-path_ in /etc/pine.conf.fixed -+ 2. _smtp-server_ in /etc/pine.conf.fixed - 3. _sendmail-path_ specified on the command line. - 4. _smtp-server_ specified on the command line. - 5. _sendmail-path_ in the user's .pinerc file. - 6. _smtp-server_ in the user's .pinerc file. -- 7. _sendmail-path_ in /usr/local/lib/pine.conf -- 8. _smtp-server_ in /usr/local/pine.conf -+ 7. _sendmail-path_ in /etc/pine.conf -+ 8. _smtp-server_ in /etc/pine.conf - 9. DF_SENDMAIL_PATH defined at compile time. - 10. SENDMAIL and SENDMAILFLAGS defined at compile time. - -@@ -600,8 +600,8 @@ - into _Alpine_ so there are no _required_ auxiliary files. Instead of copying - the binaries manually, you may use make install to install them. - -- There are three optional auxiliary files: /usr/local/lib/pine.info, -- /usr/local/lib/pine.conf, and /usr/local/lib/pine.conf.fixed. The file -+ There are three optional auxiliary files: /usr/pine.info, -+ /etc/pine.conf, and /etc/pine.conf.fixed. The file - pine.info contains text on how to get further help on the local system. It - is part of the help text for the main menu and should probably refer to the - local help desk or the system administrator. If this file doesn't exist a -@@ -674,11 +674,11 @@ - This section lists the various files which _Alpine_ uses which are not email - folders. All of these are the default names of files, they may vary based on - _Alpine_'s configuration. -- /usr/local/lib/pine.conf -+ /etc/pine.conf - Pine's global configuration file. -- /usr/local/lib/pine.conf.fixed -+ /etc/pine.conf.fixed - Non-overridable global configuration file. -- /usr/local/lib/pine.info -+ /etc/pine.info - Local pointer to system administrator. - ~/.pinerc - Personal configuration file for each user. -@@ -872,10 +872,10 @@ - Configuration: Prints a sample system configuration file to the - screen or standard output. To generate an initial system - configuration file, execute -- alpine -conf > /usr/local/lib/pine.conf -+ alpine -conf > /etc/pine.conf - To generate a system configuration file using settings from an old - system configuration file, execute -- alpine -P old-pine.conf -conf > /usr/local/lib/pine.conf -+ alpine -P old-pine.conf -conf > /etc/pine.conf - A system configuration file is not required. - -convert_sigs _-p pinerc_ - Convert signatures contained in signature files into literal -@@ -973,7 +973,7 @@ - Pinerc may be either a local file or a remote configuration folder. - -P _pinerc_ - Uses the named file as the system wide configuration file instead of -- _/usr/local/lib/pine.conf_ on UNIX, or nothing on _PC-Alpine_. Pinerc -+ _/etc/pine.conf_ on UNIX, or nothing on _PC-Alpine_. Pinerc - may be either a local file or a remote configuration folder. - -passfile _passfile_ - This tells _Alpine_ what file should be used as the password file. -@@ -1180,8 +1180,8 @@ - configuration. In most cases, the compiled-in preferences will suit users - and administrators just fine. When running _Alpine_ on a UNIX system, the - default built-in configuration can be changed by setting variables in the -- system configuration files, /usr/local/lib/pine.conf or -- /usr/local/lib/pine.conf.fixed. (Actually, these files can be changed using -+ system configuration files, /etc/pine.conf or -+ /etc/pine.conf.fixed. (Actually, these files can be changed using - the configure arguments --with-system-pinerc=VALUE or - --with-system-fixed-pinerc=VALUE.) The location of the pine.conf file can be - changed with the -P command line argument. Both _Alpine_ and _PC-Alpine_ -@@ -3538,7 +3538,7 @@ - For Unix _Alpine_ the program _ispell_ works well as an alternate - spell checker. If your Unix system has _ispell_ it is probably - reasonable to make it the default speller by configuring it as the -- default in the system configuration file, /usr/local/lib/pine.conf. -+ default in the system configuration file, /etc/pine.conf. - If this option is not set, then the system's _spell_ command is used. - The spell command does not work the same as the alternate speller. It - produces a list of misspelled words on its standard output, instead, -@@ -3932,12 +3932,12 @@ - must exist as a full path or a path relative to your home directory). - Now for an example: - -- url-viewers=_TEST("test -n '${DISPLAY}'")_ /usr/local/bin/netscape, -- /usr/local/bin/lynx, C:\BIN\NETSCAPE.BAT -+ url-viewers=_TEST("test -n '${DISPLAY}'")_ /usr/bin/firefox, -+ /usr/bin/lynx, C:\BIN\NETSCAPE.BAT - This example shows that for the first browser in the list to be used - the environment variable DISPLAY must be defined. If it is, then the -- file /usr/local/bin/netscape must exist. If either condition is not -- met, then the file /usr/local/bin/lynx must exist. If it doesn't, -+ file /usr/bin/firefox must exist. If either condition is not -+ met, then the file /usr/bin/lynx must exist. If it doesn't, - then the final path and file must exist. Note that the last entry is - a DOS/Windows path. This is one way to support _Alpine_ running on - more than one architecture with the same configuration file. -@@ -10273,9 +10273,9 @@ - 4. a command line argument - 5. the system-wide _fixed_ configuration file (Unix _Alpine_ only) - -- The fixed configuration file is normally /usr/local/lib/pine.conf.fixed. -+ The fixed configuration file is normally /etc/pine.conf.fixed. - -- The system-wide configuration file is normally /usr/local/lib/pine.conf for -+ The system-wide configuration file is normally /etc/pine.conf for - Unix _Alpine_ and is normally not set for _PC-Alpine_. For _PC-Alpine_, if - the environment variable _$PINECONF_ is set, that is used for the - system-wide configuration. This location can be set or changed on the -@@ -10524,7 +10524,7 @@ - * A program that implements the SMTP or ESMTP protocol via stdio. - * An entry in /etc/services for the alternate service. - * An entry in /etc/inetd.conf for the alternate service. -- * An entry in /usr/local/lib/pine.conf, /usr/local/lib/pine.conf.fixed or -+ * An entry in /etc/pine.conf, /etc/pine.conf.fixed or - ~/.pinerc. - _________________________________________________________________ - -@@ -11366,7 +11366,7 @@ - - The second selection is the standard UNIX print command. The default is - _lpr_, but it can be changed on a system basis to anything so desired in -- /usr/local/lib/pine.conf. -+ /etc/pine.conf. - - The third selection is the user's personal choice for a UNIX print command. - The text to be printed is piped into the command. _Enscript_ or _lpr_ with diff --git a/source/n/bind/bind.SlackBuild b/source/n/bind/bind.SlackBuild index 2f7768db..13d9cdd7 100755 --- a/source/n/bind/bind.SlackBuild +++ b/source/n/bind/bind.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,13 +22,13 @@ PKGNAM=bind -VERSION=${VERSION:-9.9.3-P2} +VERSION=${VERSION:-9.10.4-P1} BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -43,8 +43,8 @@ PKG=$TMP/package-${PKGNAM} rm -rf $PKG mkdir -p $TMP $PKG/etc/default -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -117,20 +117,17 @@ chmod 755 $PKG/usr/lib${LIBDIRSUFFIX}/* find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null -# Compress and link manpages, if any: -if [ -d $PKG/usr/man ]; then - ( cd $PKG/usr/man - for manpagedir in $(find . -type d -name "man*") ; do - ( cd $manpagedir - for eachpage in $( find . -type l -maxdepth 1) ; do - ln -s $( readlink $eachpage ).gz $eachpage.gz - rm $eachpage - done - gzip -9 *.* 2> /dev/null - ) - done - ) -fi +# Symlink hardlinked man pages: +( cd $PKG/usr/man/man1 + ln -sf isc-config.sh.1 bind9-config.1 +) + +# Compress manual pages: +find $PKG/usr/man -type f -exec gzip -9 {} \; +for i in $( find $PKG/usr/man -type l ) ; do + ln -s $( readlink $i ).gz $i.gz + rm $i +done # Add a documentation directory: mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION diff --git a/source/n/bind/caching-example/named.root b/source/n/bind/caching-example/named.root index 6c197412..9cc20228 100644 --- a/source/n/bind/caching-example/named.root +++ b/source/n/bind/caching-example/named.root @@ -9,30 +9,32 @@ ; on server FTP.INTERNIC.NET ; -OR- RS.INTERNIC.NET ; -; last update: Jan 3, 2013 -; related version of root zone: 2013010300 +; last update: November 05, 2014 +; related version of root zone: 2014110501 ; ; formerly NS.INTERNIC.NET ; -. 3600000 IN NS A.ROOT-SERVERS.NET. +. 3600000 NS A.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 -A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:BA3E::2:30 +A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30 ; ; FORMERLY NS1.ISI.EDU ; . 3600000 NS B.ROOT-SERVERS.NET. B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 +B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::b ; ; FORMERLY C.PSI.NET ; . 3600000 NS C.ROOT-SERVERS.NET. C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 +C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c ; ; FORMERLY TERP.UMD.EDU ; . 3600000 NS D.ROOT-SERVERS.NET. D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 -D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2D::D +D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d ; ; FORMERLY NS.NASA.GOV ; @@ -43,7 +45,7 @@ E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 ; . 3600000 NS F.ROOT-SERVERS.NET. F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 -F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2F::F +F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f ; ; FORMERLY NS.NIC.DDN.MIL ; @@ -54,25 +56,25 @@ G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 ; . 3600000 NS H.ROOT-SERVERS.NET. H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 -H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803F:235 +H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803f:235 ; ; FORMERLY NIC.NORDU.NET ; . 3600000 NS I.ROOT-SERVERS.NET. I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 -I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FE::53 +I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53 ; ; OPERATED BY VERISIGN, INC. ; . 3600000 NS J.ROOT-SERVERS.NET. J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 -J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:C27::2:30 +J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30 ; ; OPERATED BY RIPE NCC ; . 3600000 NS K.ROOT-SERVERS.NET. K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 -K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7FD::1 +K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1 ; ; OPERATED BY ICANN ; @@ -84,5 +86,5 @@ L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42 ; . 3600000 NS M.ROOT-SERVERS.NET. M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 -M.ROOT-SERVERS.NET. 3600000 AAAA 2001:DC3::35 -; End of File +M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35 +; End of file diff --git a/source/n/bluez-hcidump/bluez-hcidump-2.4.tar.sign b/source/n/bluez-hcidump/bluez-hcidump-2.4.tar.sign deleted file mode 100644 index 42ee696a..00000000 --- a/source/n/bluez-hcidump/bluez-hcidump-2.4.tar.sign +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.12 (GNU/Linux) - -iQIcBAABAgAGBQJPkb1tAAoJEAbKn10dzyZZFUkP/A2hX9Rjeg16vDfycTRnDJy2 -jrcA2ExrKnb8uYgvCuYlY1cXb+tS5xCGQt1YlFowV9ukx9tt5C0krAIKjfeZ90tJ -o/nD/us60t0n5sAOK230W1l8XBDuawnIN3zjznLCzntybOyl5lc9Uia5tCCd69rg -7UOmj6Ahsk0g8GEqIQgYhddM6Q/HQNjKGKqYPzjdInORgJz+C5E/ONpbsbL8MAfG -t/8S1CfnBuwaRCM8pUdCBLO2bj7oKHLE/vipccorMWDuXEsU1a1rilbbBlONLLFb -pgfqjkpAdqgICS9+YkdA7e+i/Ha2B0hS1qS7x5PGApSwWXaxNDMiaksMEHkh4B6A -b1va/nOepb+IlS67tF/SB0S7PyUyuKpBv6Ln8dpdz5gwbyJ2XGDNdmhe/4zTFjiv -HVrvS3Ms0ULv7NRX9rXiNEK1rmJ61uVzHInMJQUcASr4ZrdYSaCZ53Ejr+bqCDWV -DogI+ZSHOBgDSCSbY0UMhQtqxOE24vgT8IlJwQJNFMhRXpj550Jz1qbjUGNybnAI -fNYJ8RxdoLriJUY7+MmniUvcen6vAd/yXI4sp+GF6Akt72gkCA0T0Y41vIL3sQnj -M26O9Nn+j/GowSYATEj6QCWUCBH/BUxau+9tQfq7axiMOeiYJOAe3yciW6pP1Ysh -ZVBKF6fOxaegTPiooruJ -=q5pj ------END PGP SIGNATURE----- diff --git a/source/n/bluez-hcidump/slack-desc b/source/n/bluez-hcidump/slack-desc deleted file mode 100644 index 59111837..00000000 --- a/source/n/bluez-hcidump/slack-desc +++ /dev/null @@ -1,19 +0,0 @@ -# HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line -# up the first '|' above the ':' following the base package name, and the '|' -# on the right side marks the last column you can put a character in. You must -# make exactly 11 lines for the formatting to be correct. It's also -# customary to leave one space after the ':'. - - |-----handy-ruler------------------------------------------------------| -bluez-hcidump: bluez-hcidump (Bluetooth analyzer) -bluez-hcidump: -bluez-hcidump: The bluez-hcidump package contains a network analyzer for Bluetooth. -bluez-hcidump: This utility (hcidump) utility reads raw HCI data coming from and -bluez-hcidump: going to a Bluetooth device and prints commands, events and data. -bluez-hcidump: -bluez-hcidump: For more info, visit: http://www.bluez.org -bluez-hcidump: -bluez-hcidump: -bluez-hcidump: -bluez-hcidump: diff --git a/source/n/bluez/bluez-4.99.tar.sign b/source/n/bluez/bluez-4.99.tar.sign deleted file mode 100644 index a9a039be..00000000 --- a/source/n/bluez/bluez-4.99.tar.sign +++ /dev/null @@ -1,17 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.12 (GNU/Linux) - -iQIcBAABAgAGBQJPVkejAAoJEAbKn10dzyZZ0rEP/1BvYxUAoYf0cP2pQIqDwzkV -l9PSVsxKq/n3rNwKEWBufo3heHYxVAG5prlPiY8yHj4Q0tFNiCSPL+zLObG++iDy -3x+wxmaNaqbYurXQolHOqmH1L4OeMqT3mdzlb7xN48RLHLiS0XwTUMu2VBcM00me -nd03q+7gV6c1v3bXrDalUJuQQYHeubSLT6YMDKmMj/7PiLfA8hEoOE1uWefcBcas -B9xi5IBY208Cdq5odL6ae8ybvvG/PTDSFAOZNCzqIjJMYEwBosh1TbPN1AvUu1z2 -bzbgAa3oaRXnGZNDJ07pwa+2A+jAAtDRNO2R6z5lovpT568nwY6bmDIvbcIHuMHj -xhrhbUvPnhIcn+no+WkAtYjNe8ydcdH8BkeA7o1oauRAYJlGoTIVugobu2a608NN -7bGChWnhTPaKty8p0NGuE5gFvMwwLeE3W3d50+JH6icNBZbZOYK+88q1OI9hTHSW -fUm/tydzqRwPDuqgt6CiYxT49AuwQ+MjfED0fwvlfta8A+tYUDkgaOkpUcJvq8v/ -Bnd0mUkT7l2fiymw7hfzJEh9EXBWmXJBs77zkYPBmzv/YDSCpMWZuEHI7gvcBu4j -BN/+pJfYwo/kPRS0nXc/Xt438H806SUdvD926MmRwmg5jYmBRVJSemYtPHfkC03L -MO/geWyy5aH5w/+THCgN -=BIdO ------END PGP SIGNATURE----- diff --git a/source/n/bluez/bluez-5.30-obexd_without_systemd-1.patch b/source/n/bluez/bluez-5.30-obexd_without_systemd-1.patch new file mode 100644 index 00000000..749787c5 --- /dev/null +++ b/source/n/bluez/bluez-5.30-obexd_without_systemd-1.patch @@ -0,0 +1,61 @@ +Submitted By: Armin K. <krejzi at email dot com> +Date: 2013-04-29 +Initial Package Version: 5.17 +Upstream Status: unknown +Origin: Arch Linux (Giovanni Campagna) +Description: Allow using obexd without systemd in the user session + +Not all sessions run systemd --user (actually, the majority +doesn't), so the dbus daemon must be able to spawn obexd +directly, and to do so it needs the full path of the daemon. +--- + Makefile.obexd | 4 ++-- + obexd/src/org.bluez.obex.service | 4 ---- + obexd/src/org.bluez.obex.service.in | 4 ++++ + 3 files changed, 6 insertions(+), 6 deletions(-) + delete mode 100644 obexd/src/org.bluez.obex.service + create mode 100644 obexd/src/org.bluez.obex.service.in + +diff --git a/Makefile.obexd b/Makefile.obexd +index 3760867..142e7c3 100644 +--- a/Makefile.obexd ++++ b/Makefile.obexd +@@ -2,12 +2,12 @@ + if SYSTEMD + systemduserunitdir = @SYSTEMD_USERUNITDIR@ + systemduserunit_DATA = obexd/src/obex.service ++endif + + dbussessionbusdir = @DBUS_SESSIONBUSDIR@ + dbussessionbus_DATA = obexd/src/org.bluez.obex.service +-endif + +-EXTRA_DIST += obexd/src/obex.service.in obexd/src/org.bluez.obex.service ++EXTRA_DIST += obexd/src/obex.service.in obexd/src/org.bluez.obex.service.in + + obex_plugindir = $(libdir)/obex/plugins + +diff --git a/obexd/src/org.bluez.obex.service b/obexd/src/org.bluez.obex.service +deleted file mode 100644 +index a538088..0000000 +--- a/obexd/src/org.bluez.obex.service ++++ /dev/null +@@ -1,4 +0,0 @@ +-[D-BUS Service] +-Name=org.bluez.obex +-Exec=/bin/false +-SystemdService=dbus-org.bluez.obex.service +diff --git a/obexd/src/org.bluez.obex.service.in b/obexd/src/org.bluez.obex.service.in +new file mode 100644 +index 0000000..9c815f2 +--- /dev/null ++++ b/obexd/src/org.bluez.obex.service.in +@@ -0,0 +1,4 @@ ++[D-BUS Service] ++Name=org.bluez.obex ++Exec=@libexecdir@/obexd ++SystemdService=dbus-org.bluez.obex.service +-- +1.8.3.1 + + diff --git a/source/n/bluez/bluez-run_udev_helper.patch b/source/n/bluez/bluez-run_udev_helper.patch deleted file mode 100644 index a3a71e6d..00000000 --- a/source/n/bluez/bluez-run_udev_helper.patch +++ /dev/null @@ -1,14 +0,0 @@ -Instead of automatically starting the bluetooth subsystem when devices -are added, let's invoke a wrapper script in /lib/udev and have that -wrapper check whether /etc/rc.d/rc.bluetooth is executable first. - -diff -Nur bluez-4.99/scripts/bluetooth.rules.in bluez-4.99.orig/scripts/bluetooth.rules.in ---- bluez-4.99.orig/scripts/bluetooth.rules.in 2010-10-02 18:25:27.000000000 -0500 -+++ bluez-4.99/scripts/bluetooth.rules.in 2013-06-27 22:05:55.572332197 -0500 -@@ -1,4 +1,4 @@ - # Run helper every time a Bluetooth device appears - # On remove actions, bluetoothd should go away by itself --ACTION=="add", SUBSYSTEM=="bluetooth", RUN+="@prefix@/sbin/bluetoothd --udev" --ACTION=="change", SUBSYSTEM=="bluetooth", RUN+="@prefix@/sbin/bluetoothd --udev" -+ACTION=="add", SUBSYSTEM=="bluetooth", RUN+="/lib/udev/bluetooth.sh" -+ACTION=="change", SUBSYSTEM=="bluetooth", RUN+="/lib/udev/bluetooth.sh" diff --git a/source/n/bluez/bluez.SlackBuild b/source/n/bluez/bluez.SlackBuild index b1f31593..3dbd00f7 100755 --- a/source/n/bluez/bluez.SlackBuild +++ b/source/n/bluez/bluez.SlackBuild @@ -1,8 +1,6 @@ #!/bin/sh -# Slackware build script for bluez - http://www.bluez.org - -# Copyright 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2009, 2010, 2011, 2012, 2013, 2016 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -23,23 +21,23 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. PKGNAM=bluez -VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-3} +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} -NUMJOBS=${NUMJOBS:-" -j7 "} +NUMJOBS=${NUMJOBS:--j7} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac fi -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -61,8 +59,7 @@ mkdir -p $TMP $PKG cd $TMP rm -rf $PKGNAM-$VERSION tar xvf $CWD/${PKGNAM}-${VERSION}.tar.xz || exit 1 -cd $PKGNAM-$VERSION - +cd $PKGNAM-$VERSION || exit 1 chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ @@ -70,89 +67,56 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -# Start bluetoothd via a wrapper script to check rc.bluetooth's +/-x first -zcat $CWD/bluez-run_udev_helper.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/bluez-5.30-obexd_without_systemd-1.patch.gz | patch -p1 --verbose || exit 1 -# Enable the audio socket in audio.conf: -zcat $CWD/bluez.enable.audio.socket.diff.gz | patch -p1 --verbose || exit 1 +autoreconf -vif + +sed -i -e 's|-lreadline|\0 -lncursesw|g' Makefile.{in,tools} CFLAGS="$SLKCFLAGS" \ CXXFLAGS="$SLKCFLAGS" \ +LDFLAGS="-L/usr/lib$LIBDIRSUFFIX" \ ./configure \ --prefix=/usr \ --libdir=/usr/lib${LIBDIRSUFFIX} \ --sysconfdir=/etc \ --mandir=/usr/man \ --localstatedir=/var \ - --enable-datafiles \ - --enable-audio \ - --enable-gstreamer \ - --enable-alsa \ - --enable-usb \ - --enable-tools\ - --enable-input \ - --enable-bccmd \ - --enable-hid2hci \ - --enable-dfutool \ - --enable-hidd \ - --enable-pand \ - --enable-dund \ - --enable-cups \ - --enable-service \ - --enable-network \ - --enable-serial \ - --enable-health \ - --enable-pnat \ - --enable-maemo6 \ - --enable-wiimote \ - --enable-test \ - --enable-dbusoob \ - --with-ouifile=/usr/share/hwdata/oui.txt \ - --disable-silent-rules \ - --build=$ARCH-slackware-linux + --docdir=/usr/doc/${PKGNAM}-${VERSION} \ + --enable-library \ + --disable-systemd \ + --build=$ARCH-slackware-linux || exit 1 make $NUMJOBS || make || exit 1 make install DESTDIR=$PKG || exit 1 -cp scripts/bluetooth-serial.rules $PKG/lib/udev/rules.d/97-bluetooth-serial.rules || exit 1 -cp -a scripts/bluetooth_serial $PKG/lib/udev/bluetooth_serial || exit 1 -chmod 0755 $PKG/lib/udev/bluetooth_serial - -mkdir -p $PKG/etc/bluetooth -cp -a audio/audio.conf $PKG/etc/bluetooth -cp -a input/input.conf $PKG/etc/bluetooth -cp -a network/network.conf $PKG/etc/bluetooth -cp -a serial/serial.conf $PKG/etc/bluetooth -chmod 644 $PKG/etc/bluetooth/*.conf - -mkdir -p $PKG/etc/alsa -mv $PKG/usr/share/alsa/bluetooth.conf $PKG/etc/alsa -( cd $PKG/usr/share/alsa ; ln -s ../../../etc/alsa/bluetooth.conf . ) - -# Do not overwrite configuration -# Well, let the dbus file be overwritten, as it is not usually user-edited. -( cd $PKG - for file in \ - etc/alsa/bluetooth.conf \ - etc/bluetooth/audio.conf \ - etc/bluetooth/input.conf \ - etc/bluetooth/network.conf \ - etc/bluetooth/serial.conf \ - etc/bluetooth/rfcomm.conf \ - etc/bluetooth/main.conf \ - etc/modprobe.d/bluetooth.conf ; do - mv ${file} ${file}.new - done -) - -# Add the wrapper script -cat $CWD/config/bluetooth.sh > $PKG/lib/udev/bluetooth.sh -chmod 0755 $PKG/lib/udev/bluetooth.sh +# Use reset=1 for the btusb module, which supposedly fixes reconnect problems: +mkdir -p $PKG/lib/modprobe.d +cp -a $CWD/btusb.conf $PKG/lib/modprobe.d +chown root:root $PKG/lib/modprobe.d/btusb.conf +chmod 644 $PKG/lib/modprobe.d/btusb.conf + +# Add bluetoothd to /usr/sbin +mkdir -p $PKG/usr/sbin +ln -s ../libexec/bluetooth/bluetoothd $PKG/usr/sbin + +# Install the configuration files +mkdir -p $PKG/etc/bluetooth $PKG/etc/default +cat src/main.conf > $PKG/etc/bluetooth/main.conf.new +cat profiles/input/input.conf > $PKG/etc/bluetooth/input.conf.new +cat profiles/network/network.conf > $PKG/etc/bluetooth/network.conf.new +cat profiles/proximity/proximity.conf > $PKG/etc/bluetooth/proximity.conf.new +cat $CWD/config/uart.conf > $PKG/etc/bluetooth/uart.conf.new +cat $CWD/config/defaultconfig > $PKG/etc/default/bluetooth.new # Add an init script mkdir -p $PKG/etc/rc.d cat $CWD/config/rc.bluetooth > $PKG/etc/rc.d/rc.bluetooth.new +# Let's go ahead and let that start by default, unless an existing init +# script is not executable: +chmod 755 $PKG/etc/rc.d/rc.bluetooth.new + # Compress and if needed symlink the man pages: if [ -d $PKG/usr/man ]; then ( cd $PKG/usr/man @@ -173,7 +137,7 @@ find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION cp -a \ - AUTHORS COPYING* INSTALL NEWS README* \ + AUTHORS COPYING* INSTALL README* TODO \ $PKG/usr/doc/$PKGNAM-$VERSION # If there's a ChangeLog, installing at least part of the recent history @@ -185,9 +149,9 @@ if [ -r ChangeLog ]; then fi mkdir -p $PKG/install -cat $CWD/slack-desc > $PKG/install/slack-desc + zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc cd $PKG /sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz - diff --git a/source/n/bluez/bluez.enable.audio.socket.diff b/source/n/bluez/bluez.enable.audio.socket.diff deleted file mode 100644 index 52b9d0c6..00000000 --- a/source/n/bluez/bluez.enable.audio.socket.diff +++ /dev/null @@ -1,12 +0,0 @@ ---- ./audio/audio.conf.orig 2010-08-25 00:10:02.000000000 -0500 -+++ ./audio/audio.conf 2012-09-09 12:36:31.766492102 -0500 -@@ -4,6 +4,9 @@ - # particular interface - [General] - -+# Enable the audio socket -+Enable=Socket -+ - # Switch to master role for incoming connections (defaults to true) - #Master=true - diff --git a/source/n/bluez/config/bluetooth.modprobe b/source/n/bluez/btusb.conf index 3072d788..3072d788 100644 --- a/source/n/bluez/config/bluetooth.modprobe +++ b/source/n/bluez/btusb.conf diff --git a/source/n/bluez/config/bluetooth.sh b/source/n/bluez/config/bluetooth.sh deleted file mode 100644 index 22034551..00000000 --- a/source/n/bluez/config/bluetooth.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -# Check whether /etc/rc.d/rc.bluetooth is executable before starting -# the bluetooth subsystem for hotplugged bluetooth devices -[ -x /etc/rc.d/rc.bluetooth ] && exec /usr/sbin/bluetoothd --udev -exit 0 - diff --git a/source/n/bluez/config/defaultconfig b/source/n/bluez/config/defaultconfig new file mode 100644 index 00000000..b4da786e --- /dev/null +++ b/source/n/bluez/config/defaultconfig @@ -0,0 +1,9 @@ +# /etc/default/bluetooth + +# A space delimied list of devices to start at boot time +ACTIVE_HCI_DEVICES_ON_BOOT="hci0" + +# A semicolon delimited list of SDP (Service Discovery Protocol) +# operations for bluetooth devices. See the sdptool for more details. +SDPTOOL_OPTIONS="" + diff --git a/source/n/bluez/config/rc.bluetooth b/source/n/bluez/config/rc.bluetooth index 296c4542..b56fcd10 100644 --- a/source/n/bluez/config/rc.bluetooth +++ b/source/n/bluez/config/rc.bluetooth @@ -1,28 +1,73 @@ #!/bin/sh -bluez_start() { - /usr/sbin/bluetoothd +# /etc/rc.d/rc.bluetooth (based on BLFS script) + +# Populated from /etc/default/bluetooth: +# ACTIVE_HCI_DEVICES_ON_BOOT and SDPTOOL_OPTIONS + +[ -r /etc/default/bluetooth ] && . /etc/default/bluetooth + +start_hci_dev() { + for dev in ${ACTIVE_HCI_DEVICES_ON_BOOT} ; do + hciconfig $dev up > /dev/null 2>&1 + done +} + +run_sdptool() { + # Declaring IFS local in this function, removes the need to save/restore it + local IFS option + test -x /usr/bin/sdptool || return 1 + IFS=";" + for option in ${SDPTOOL_OPTIONS}; do + IFS=" " + /usr/bin/sdptool $option > /dev/null 2>&1 + done +} + +start_uarts() { + [ -r /etc/bluetooth/uart.conf ] || return + grep -v '^[[:space:]]*(#|$)' /etc/bluetooth/uart.conf | while read i; do + /usr/bin/hciattach $i > /dev/null 2>&1 + done +} + +stop_uarts() { + killall /usr/bin/hciattach > /dev/null 2>&1 +} + +start() { + if [ -d /sys/class/bluetooth ]; then + # Start as background process and assume OK + echo -n "Starting Bluetooth services: bluetoothd " + /usr/sbin/bluetoothd & + echo -n "hciconfig " + start_hci_dev + echo -n "sdptool " + run_sdptool + echo "hciattach" + start_uarts + fi } -bluez_stop() { - udevadm trigger --subsystem-match=bluetooth --action=remove - pkill -TERM bluetoothd 1>/dev/null 2>/dev/null +stop() { + stop_uarts + killall /usr/sbin/bluetoothd > /dev/null 2>&1 } -case "$1" in +case "${1}" in start) - bluez_start + start ;; stop) - bluez_stop + stop ;; restart) - bluez_stop + stop sleep 1 - bluez_start + start ;; *) - printf "Usage: $N {start|stop|restart}\n" + echo "Usage: ${0} {start|stop|restart}" exit 1 ;; esac diff --git a/source/n/bluez/config/uart.conf b/source/n/bluez/config/uart.conf new file mode 100644 index 00000000..b2e276f4 --- /dev/null +++ b/source/n/bluez/config/uart.conf @@ -0,0 +1,6 @@ +# /etc/bluetooth/uart.conf + +# Attach serial devices via UART HCI to BlueZ stack +# Use one line per device +# See the hciattach man page for options + diff --git a/source/n/bluez/doinst.sh b/source/n/bluez/doinst.sh index fe68ad7f..7fc21383 100644 --- a/source/n/bluez/doinst.sh +++ b/source/n/bluez/doinst.sh @@ -18,11 +18,10 @@ if [ -e etc/rc.d/rc.bluetooth ]; then fi config etc/rc.d/rc.bluetooth.new -config etc/alsa/bluetooth.conf.new -config etc/bluetooth/audio.conf.new config etc/bluetooth/input.conf.new config etc/bluetooth/main.conf.new config etc/bluetooth/network.conf.new -config etc/bluetooth/serial.conf.new -config etc/bluetooth/rfcomm.conf.new +config etc/bluetooth/proximity.conf.new +config etc/bluetooth/uart.conf.new +config etc/default/bluetooth.new diff --git a/source/n/bridge-utils/bridge-utils-1.5-linux_3.8.x.patch b/source/n/bridge-utils/bridge-utils-1.5-linux_3.8.x.patch new file mode 100644 index 00000000..0455a908 --- /dev/null +++ b/source/n/bridge-utils/bridge-utils-1.5-linux_3.8.x.patch @@ -0,0 +1,30 @@ +commit 5eebb7f9288b7881ffb929b1fd494fe3ac3be27d +Author: Russell Senior <russell@personaltelco.net> +Date: Wed Mar 6 12:49:42 2013 -0800 + + bridge-utils: Fix compile against linux-3.8.x + + Linux 3.8 has a header, include/uapi/linux/if_bridge.h that uses a + struct in6_addr but doesn't define it. The trivial seeming fix of + including the header that does define it causes more problems. The + problem was discussed on mailing lists in January 2013. The final + suggestion I found was here: + + http://www.redhat.com/archives/libvir-list/2013-January/msg01253.html + + This is intended to implement that suggestion. + + Signed-off-by: Russell Senior <russell@personaltelco.net> + +diff --git a/libbridge/libbridge.h b/libbridge/libbridge.h +index 39964f2..dd14bae 100644 +--- a/libbridge/libbridge.h ++++ b/libbridge/libbridge.h +@@ -20,6 +20,7 @@ + #define _LIBBRIDGE_H + + #include <sys/socket.h> ++#include <netinet/in.h> + #include <linux/if.h> + #include <linux/if_bridge.h> + diff --git a/source/n/bridge-utils/bridge-utils.SlackBuild b/source/n/bridge-utils/bridge-utils.SlackBuild index eb31d6ef..4431da20 100755 --- a/source/n/bridge-utils/bridge-utils.SlackBuild +++ b/source/n/bridge-utils/bridge-utils.SlackBuild @@ -24,23 +24,25 @@ PKGNAM=bridge-utils VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} BUILD=${BUILD:-1} -# Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; - arm*) export ARCH=arm ;; - # Unless $ARCH is already set, use uname -m for all other archs: - *) export ARCH=$( uname -m ) ;; + i?86) ARCH=i586 ;; + arm*) ARCH=arm ;; + *) ARCH=$( uname -m ) ;; esac fi NUMJOBS=${NUMJOBS:-" -j7 "} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" -elif [ "$ARCH" = "s390" ]; then - SLKCFLAGS="-O2" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "x86_64" ]; then SLKCFLAGS="-O2 -fPIC" @@ -50,20 +52,16 @@ else LIBDIRSUFFIX="" fi -CWD=$(pwd) -TMP=${TMP:-/tmp} -PKG=$TMP/package-bridge-utils +NUMJOBS=${NUMJOBS:-" -j7 "} rm -rf $PKG mkdir -p $TMP $PKG cd $TMP rm -rf bridge-utils-$VERSION -tar xzf $CWD/bridge-utils-$VERSION.tar.gz || exit 1 +tar xf $CWD/bridge-utils-$VERSION.tar.xz || exit 1 cd bridge-utils-$VERSION || exit 1 -zcat $CWD/bridge-utils.isbridge.diff.gz | patch -p1 --verbose || exit 1 - chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ @@ -71,17 +69,27 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -# This is bad form, but what can you do... -autoconf +# Apply patches: +zcat $CWD/bridge-utils-1.5-linux_3.8.x.patch.gz | patch -p1 --verbose || exit 1 -CFLAGS="$SLKCFLAGS" \ +# Configure: +autoconf ./configure \ --prefix=/usr \ --libdir=/usr/lib${LIBDIRSUFFIX} \ - --mandir=/usr/man + --includedir=/usr/include \ + --with-linux-headers=/usr/include \ + --mandir=/usr/man || exit 1 +# Build: make $NUMJOBS || make || exit 1 + +# Install into package: make install DESTDIR=$PKG || exit 1 +mkdir -p $PKG/usr/include +install -m 644 libbridge/libbridge.h $PKG/usr/include +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX} +install -m 644 libbridge/libbridge.a $PKG/usr/lib${LIBDIRSUFFIX} mkdir -p $PKG/sbin mv $PKG/usr/sbin/brctl $PKG/sbin/brctl diff --git a/source/n/bridge-utils/bridge-utils.isbridge.diff b/source/n/bridge-utils/bridge-utils.isbridge.diff deleted file mode 100644 index b40e4879..00000000 --- a/source/n/bridge-utils/bridge-utils.isbridge.diff +++ /dev/null @@ -1,12 +0,0 @@ ---- ./libbridge/libbridge_init.c.orig 2008-01-08 17:20:35.000000000 +0100 -+++ ./libbridge/libbridge_init.c 2008-10-23 06:59:58.000000000 +0200 -@@ -49,6 +49,9 @@ - char path[SYSFS_PATH_MAX]; - struct stat st; - -+ if(entry->d_name[0] == '.') -+ return 0; -+ - snprintf(path, SYSFS_PATH_MAX, SYSFS_CLASS_NET "%s/bridge", entry->d_name); - return stat(path, &st) == 0 && S_ISDIR(st.st_mode); - } diff --git a/source/n/ca-certificates/ca-certificates.SlackBuild b/source/n/ca-certificates/ca-certificates.SlackBuild index 83d61a8b..4f2f2def 100755 --- a/source/n/ca-certificates/ca-certificates.SlackBuild +++ b/source/n/ca-certificates/ca-certificates.SlackBuild @@ -3,7 +3,7 @@ # Slackware build script for ca-certificates # Copyright 2009,2011 Robby Workman Northport, AL, USA -# Copyright 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2012, 2013, 2015, 2016 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -23,21 +23,29 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -PRGNAM=ca-certificates -VERSION=${VERSION:-20130906} +PKGNAM=ca-certificates +VERSION=${VERSION:-20160104} ARCH=noarch BUILD=${BUILD:-1} CWD=$(pwd) TMP=${TMP:-/tmp} -PKG=$TMP/package-$PRGNAM +PKG=$TMP/package-$PKGNAM rm -rf $PKG -mkdir -p $TMP $PKG +mkdir -p $TMP $PKG/usr/share/ca-certificates $PKG/usr/sbin cd $TMP -rm -rf $PRGNAM -tar xvf $CWD/${PRGNAM}_$VERSION.tar.gz || exit 1 -cd $PRGNAM || exit 1 + +# Need both $PKGNAM and $PKGNAM-$VERSION since upstream can't decide how +# to package their tarball: +rm -rf $PKGNAM $PKGNAM-$VERSION + +# Extract the tarball: +tar xvf $CWD/${PKGNAM}_$VERSION.tar.?z || exit 1 + +# Again, both $PKGNAM and $PKGNAM-$VERSION are needed here: +cd $PKGNAM || cd $PKGNAM-$VERSION || exit 1 + chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ @@ -45,14 +53,17 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -zcat $CWD/patches/fixup_DESTDIR.diff.gz | patch -p1 || exit 1 +# Obsolete? +#zcat $CWD/patches/fixup_DESTDIR.diff.gz | patch -p1 || exit 1 + +# Remove incompatible command operators used to call 'run-parts': zcat $CWD/patches/fixup_update-ca-certificates.diff.gz | patch -p1 || exit 1 make || exit 1 make install DESTDIR=$PKG || exit 1 mkdir -p $PKG/etc/ca-certificates/update.d -printf "# Automatically generated by $PRGNAM-$VERSION \n#\n" \ +printf "# Automatically generated by $PKGNAM-$VERSION \n#\n" \ > $PKG/etc/ca-certificates.conf.new ( cd $PKG/usr/share/ca-certificates find . -name '*.crt' | sort | cut -b3- @@ -62,9 +73,9 @@ mkdir -p $PKG/usr/man/man8 gzip -9c sbin/update-ca-certificates.8 > \ $PKG/usr/man/man8/update-ca-certificates.8.gz -mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION mv debian/NEWS debian/NEWS.Debian -cp -a debian/NEWS.Debian debian/README.Debian $PKG/usr/doc/$PRGNAM-$VERSION +cp -a debian/NEWS.Debian debian/README.Debian $PKG/usr/doc/$PKGNAM-$VERSION mkdir -p $PKG/var/log/setup cat $CWD/setup.11.cacerts > $PKG/var/log/setup/setup.11.cacerts @@ -75,4 +86,4 @@ cat $CWD/slack-desc > $PKG/install/slack-desc zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh cd $PKG -/sbin/makepkg -l y -c n $TMP/$PRGNAM-$VERSION-$ARCH-$BUILD.txz +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/n/ca-certificates/patches/fixup_update-ca-certificates.diff b/source/n/ca-certificates/patches/fixup_update-ca-certificates.diff index 8b0435b3..1c394058 100644 --- a/source/n/ca-certificates/patches/fixup_update-ca-certificates.diff +++ b/source/n/ca-certificates/patches/fixup_update-ca-certificates.diff @@ -1,14 +1,12 @@ -diff -Nur ca-certificates-20110502.orig//sbin/update-ca-certificates ca-certificates-20110502/sbin/update-ca-certificates ---- ca-certificates-20110502.orig//sbin/update-ca-certificates 2009-07-08 16:23:12.000000000 -0500 -+++ ca-certificates-20110502/sbin/update-ca-certificates 2011-07-05 17:37:01.842932741 -0500 -@@ -148,9 +148,7 @@ - - HOOKSDIR=/etc/ca-certificates/update.d - echo -n "Running hooks in $HOOKSDIR...." --VERBOSE_ARG= --[ "$verbose" = 0 ] || VERBOSE_ARG=--verbose --eval run-parts $VERBOSE_ARG --test -- $HOOKSDIR | while read hook -+eval run-parts $HOOKSDIR | while read hook - do - ( cat $ADDED - cat $REMOVED ) | $hook || echo E: $hook exited with code $?. +diff -urN ca-certificates-20150426.orig/sbin/update-ca-certificates ca-certificates-20150426/sbin/update-ca-certificates +--- ca-certificates-20150426.orig/sbin/update-ca-certificates 2015-04-01 13:47:25.000000000 +0100 ++++ ca-certificates-20150426/sbin/update-ca-certificates 2015-09-14 22:51:39.856021883 +0100 +@@ -193,7 +193,7 @@ + echo "Running hooks in $HOOKSDIR..." + VERBOSE_ARG= + [ "$verbose" = 0 ] || VERBOSE_ARG="--verbose" +- eval run-parts "$VERBOSE_ARG" --test -- "$HOOKSDIR" | while read hook ++ eval run-parts "$HOOKSDIR" | while read hook + do + ( cat "$ADDED" + cat "$REMOVED" ) | "$hook" || echo "E: $hook exited with code $?." diff --git a/source/n/cifs-utils/cifs-utils.SlackBuild b/source/n/cifs-utils/cifs-utils.SlackBuild index ef91a541..20871fb7 100755 --- a/source/n/cifs-utils/cifs-utils.SlackBuild +++ b/source/n/cifs-utils/cifs-utils.SlackBuild @@ -28,8 +28,8 @@ BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$(uname -m)" in - i?86) ARCH=i486 ;; - arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7lh ;; + i?86) ARCH=i586 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;; # Unless $ARCH is already set, use uname -m for all other archs: *) ARCH=$(uname -m) ;; esac @@ -38,11 +38,8 @@ fi NUMJOBS=${NUMJOBS:-" -j7 "} -if [ "$ARCH" = "i386" ]; then - SLKCFLAGS="-O2 -march=i386 -mcpu=i686" - LIBDIRSUFFIX="" -elif [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "i586" ]; then SLKCFLAGS="-O2 -march=i586 -mtune=i686" @@ -76,8 +73,6 @@ rm -rf $PKGNAM-$VERSION tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1 cd $PKGNAM-$VERSION -zcat $CWD/mount.cifs-set-rc-to-0-in-libcap-toggle_dac_capabili.patch.gz | patch -p1 --verbose || exit 1 - chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ diff --git a/source/n/cifs-utils/mount.cifs-set-rc-to-0-in-libcap-toggle_dac_capabili.patch b/source/n/cifs-utils/mount.cifs-set-rc-to-0-in-libcap-toggle_dac_capabili.patch deleted file mode 100644 index a8dd96c4..00000000 --- a/source/n/cifs-utils/mount.cifs-set-rc-to-0-in-libcap-toggle_dac_capabili.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 0eb3daa4b17ee64b464594f1a5d413ecb364957c Mon Sep 17 00:00:00 2001 -From: Jeff Layton <jlayton@samba.org> -Date: Thu, 14 Jun 2012 10:59:18 -0400 -Subject: [PATCH] mount.cifs: set rc to 0 in libcap toggle_dac_capability - -Thus spake Jochen: - -The mount.cifs program from the cifs-utils package 5.5 did not work on -my Linux system. It just exited without an error message and did not -mount anything. - -[...] - -I think, when this variable rc is now used in this function, it has also -to be properly initialized there. - -Reported-by: Jochen Roderburg <roderburg@uni-koeln.de> -Signed-off-by: Jeff Layton <jlayton@samba.org> ---- - mount.cifs.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/mount.cifs.c b/mount.cifs.c -index a1b0454..6f3f382 100644 ---- a/mount.cifs.c -+++ b/mount.cifs.c -@@ -495,7 +495,7 @@ free_caps: - static int - toggle_dac_capability(int writable, int enable) - { -- int rc; -+ int rc = 0; - cap_t caps; - cap_value_t capability = writable ? CAP_DAC_OVERRIDE : CAP_DAC_READ_SEARCH; - --- -1.7.11 - diff --git a/source/n/conntrack-tools/conntrack-tools.SlackBuild b/source/n/conntrack-tools/conntrack-tools.SlackBuild index 8f40c920..2af5957e 100755 --- a/source/n/conntrack-tools/conntrack-tools.SlackBuild +++ b/source/n/conntrack-tools/conntrack-tools.SlackBuild @@ -2,7 +2,7 @@ # Slackware build script for conntrack-tools -# Copyright 2006-2013 Robby Workman, Northport, Alabama, USA +# Copyright 2006-2015 Robby Workman, Tuscaloosa, Alabama, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -31,7 +31,7 @@ NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -42,8 +42,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-$PKGNAM -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "i686" ]; then SLKCFLAGS="-O2 -march=i686 -mtune=i686" diff --git a/source/n/crda/crda-3.18.tar.sign b/source/n/crda/crda-3.18.tar.sign new file mode 100644 index 00000000..7325da89 --- /dev/null +++ b/source/n/crda/crda-3.18.tar.sign @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iQIcBAABAgAGBQJUy9eSAAoJEM4jHQowkoinDOMP/3mh/jtlCn3dY0OLKSurmLtn +QIAk3fPklndffVvAbdBEIC1z4OaRBqvJezlo9fP1v7m9mgzZduTPvEj79E8sBjG8 +WwECfEXQLTZy3OPaDA762Yt/Gbg3MCnpY15CN0o+Wxspwl6SapNjryr6EKs/NMX6 +5n0Taga4mXqTpJ+K3LUv9prh0lch5P5ofFDY2zqohEDsCgQAzzhEJh0JAkLjnKak +P2wvquNLReUuTYVKHGZBAgPYjVQj2sWPnm8engButLz4eafK3FAv3EIDO4nWkYNu +hIzsWtaKU8LDAWdS63CIK/Bh72NzFZ93B7jZDF2DJOS0/007Gaml+Szmx0S00csr +Rl5ll2tqbIFTGp6NImO0XIXI7Or1mnBrrrRNodwEylsM5LvjOMtZpvQnAHJjjH1x +j3KF0Uv99gEVlX3tSLKej4nhnCE8dUa/C6buFUb3Cx1kILiARoNJ/wBScdSubew1 +nQmMd8L9j9gTRVkLTI2KJmoziZdZm6bgDCUOM0+uQ35QlNNPw20Op3vSHUf+BgDS +3XTCqL+QnYJh1gLdMx6q7cub6sf9GVj/MqCf+j5y6lhv7GPjQviObZVnkvdEkiF3 +PKJmhSQixJ5QM+kkcJDdks6Lu03h6HBKUlO+AcyV1tS7SK/q5oURwFQDW6dveW+f +SdI8tSCva6j6kLAX6XkF +=j/L/ +-----END PGP SIGNATURE----- diff --git a/source/n/crda/crda.SlackBuild b/source/n/crda/crda.SlackBuild index 93ffcd64..20c96fac 100755 --- a/source/n/crda/crda.SlackBuild +++ b/source/n/crda/crda.SlackBuild @@ -1,7 +1,7 @@ #!/bin/sh # Copyright 2009 Robby Workman, Northport, AL, USA -# Copyright 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2009, 2010, 2016 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,31 +22,32 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=${VERSION:-1.1.1} -BUILD=${BUILD:-1} +VERSION=${VERSION:-3.18} +BUILD=${BUILD:-3} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac fi -REGDBVERS=git_20100502 +REGDBVERS=2016.02.08 CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-crda -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" elif [ "$ARCH" = "i686" ]; then SLKCFLAGS="-O2 -march=i686 -mtune=i686" elif [ "$ARCH" = "x86_64" ]; then SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" elif [ "$ARCH" = "arm" ]; then SLKCFLAGS="-O2 -march=armv4 -mtune=xscale" elif [ "$ARCH" = "armel" ]; then @@ -60,7 +61,7 @@ mkdir -p $TMP $PKG # First, we need to install the wireless regulatory bin cd $TMP -tar xvf $CWD/wireless-regdb-$REGDBVERS.tar.bz2 || exit 1 +tar xvf $CWD/wireless-regdb-$REGDBVERS.tar.xz || exit 1 cd wireless-regdb-$REGDBVERS || exit 1 chown -R root:root . find . \ @@ -89,8 +90,21 @@ find . \ -exec chmod 755 {} \; -o \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -make CFLAGS="$SLKCFLAGS" MANDIR=/usr/man || exit 1 -make install MANDIR=/usr/man DESTDIR=$PKG || exit 1 + +# There's some weirdness going on here, but this seems to fix it: +make ; make clean ; make + +make \ + CFLAGS="$SLKCFLAGS" \ + MANDIR=/usr/man \ + LIBDIR=/usr/lib${LIBDIRSUFFIX} \ + || exit 1 +make install \ + CFLAGS="$SLKCFLAGS" \ + MANDIR=/usr/man \ + LIBDIR=/usr/lib${LIBDIRSUFFIX} \ + DESTDIR=$PKG \ + || exit 1 find $PKG | xargs file | grep -e "executable" -e "shared object" \ | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null diff --git a/source/n/crda/get_regdb.sh b/source/n/crda/get_regdb.sh index 05a2e93b..ce886f48 100644 --- a/source/n/crda/get_regdb.sh +++ b/source/n/crda/get_regdb.sh @@ -5,10 +5,11 @@ _DATE="$(date +%Y%m%d)" rm -rf wireless-regdb-git_${_DATE} wireless-regdb-git_${_DATE}.tar.bz2 git clone \ - git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-regdb.git \ + git://git.kernel.org/pub/scm/linux/kernel/git/sforshee/wireless-regdb.git \ wireless-regdb-git_${_DATE} -chown -R root:root wireless-regdb-${_DATE} +chown -R root:root wireless-regdb-git_${_DATE} +rm -rf wireless-regdb-git_${_DATE}/.git* tar cjf wireless-regdb-git_${_DATE}.tar.bz2 wireless-regdb-git_${_DATE} rm -rf wireless-regdb-git_${_DATE} diff --git a/source/n/crda/wireless-regdb-2016.02.08.tar.sign b/source/n/crda/wireless-regdb-2016.02.08.tar.sign new file mode 100644 index 00000000..e10b1380 --- /dev/null +++ b/source/n/crda/wireless-regdb-2016.02.08.tar.sign @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iQIcBAABCgAGBQJWuK7SAAoJEKtIAKYtufc6M0wQALm4zNeA/UlubfDeMjtLxDWb +7b/SHnjzZ0KIOA52Ysqns4hvAdrzqNyHuT+9a6tBKZQLB5ZHnXSGdEZtznsjXnM1 +UcrIC6X0u1CLL1HE+JA+OTjDfJjBreKTlF2aX35DjsIc2kR0NYkF4qkFCeYHvn/n +y+9YEF2VYkzxOkrX2B4aX2j4ncWA0vub11NoHdthzavPng8UJz91x9pu/8N2HzoC +h64jqDZK5YBdc6SE+CS/QEMlnMmizf560rsTxFR4m6drDBJGnOYJbRsi784AZf/R +HLJvzmou4BxKNTrFIkaE9CNgV3MHOaBB7NrvjgcoHCZI9Y9CQLZGJbPagLQ2KW0g +q6TOBqi3eKmE1PbtEi8jkHME6CYFk5R2NJyKQmVDyKp37nzX6lrk+7lfoqpQ7Pmr +fUNBCZoGGTLP9qV0fIRBk1pyIc2fXzXmSrh5v5GUzXRSFN6U4V6iKG1KqPVe6H7J +OqPwfMWQhCaK2e+/qXHb068oOnxOKhnw6ucDyq2qZVaWy8qKuJZ/EGWFMgWEo6/H +j9fReRc1k0/z5QFBRZ7tuqxTdquWO0Xsn5MvUbZA43Bi3CEAgxZoWmU7GxjW0Qh0 +8hu7Tyk58qqgyrpXUM3ccWJJ8wLK6kcdvtiRt9x5xavr4/2hdHb764HBtb0HdueK +4FghlQ8df3rH5pX3QxkH +=6hY4 +-----END PGP SIGNATURE----- diff --git a/source/n/curl/cacert.pem b/source/n/curl/cacert.pem index 99b310bc..c15368bd 100644 --- a/source/n/curl/cacert.pem +++ b/source/n/curl/cacert.pem @@ -1,208 +1,22 @@ ## -## ca-bundle.crt -- Bundle of CA Root Certificates +## Bundle of CA Root Certificates ## -## Certificate data from Mozilla as of: Sat Dec 29 20:03:40 2012 +## Certificate data from Mozilla as of: Wed Apr 20 03:12:05 2016 ## ## This is a bundle of X.509 certificates of public Certificate Authorities ## (CA). These were automatically extracted from Mozilla's root certificates ## file (certdata.txt). This file can be found in the mozilla source tree: -## http://mxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1 +## http://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt ## ## It contains the certificates in PEM format and therefore ## can be directly used with curl / libcurl / php_curl, or with ## an Apache+mod_ssl webserver for SSL client authentication. ## Just configure this file as the SSLCACertificateFile. ## +## Conversion done with mk-ca-bundle.pl version 1.25. +## SHA1: 5df367cda83086392e1acdf22bfef00c48d5eba6 +## -# @(#) $RCSfile: certdata.txt,v $ $Revision: 1.87 $ $Date: 2012/12/29 16:32:45 $ - -GTE CyberTrust Global Root -========================== ------BEGIN CERTIFICATE----- -MIICWjCCAcMCAgGlMA0GCSqGSIb3DQEBBAUAMHUxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9HVEUg -Q29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNvbHV0aW9ucywgSW5jLjEjMCEG -A1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJvb3QwHhcNOTgwODEzMDAyOTAwWhcNMTgwODEz -MjM1OTAwWjB1MQswCQYDVQQGEwJVUzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQL -Ex5HVEUgQ3liZXJUcnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0 -IEdsb2JhbCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVD6C28FCc6HrHiM3dFw4u -sJTQGz0O9pTAipTHBsiQl8i4ZBp6fmw8U+E3KHNgf7KXUwefU/ltWJTSr41tiGeA5u2ylc9yMcql -HHK6XALnZELn+aks1joNrI1CqiQBOeacPwGFVw1Yh0X404Wqk2kmhXBIgD8SFcd5tB8FLztimQID -AQABMA0GCSqGSIb3DQEBBAUAA4GBAG3rGwnpXtlR22ciYaQqPEh346B8pt5zohQDhT37qw4wxYMW -M4ETCJ57NE7fQMh017l93PR2VX2bY1QY6fDq81yx2YtCHrnAlU66+tXifPVoYb+O7AWXX1uw16OF -NMQkpw0PlZPvy5TYnh+dXIVtx6quTx8itc2VrbqnzPmrC3p/ ------END CERTIFICATE----- - -Thawte Server CA -================ ------BEGIN CERTIFICATE----- -MIIDEzCCAnygAwIBAgIBATANBgkqhkiG9w0BAQQFADCBxDELMAkGA1UEBhMCWkExFTATBgNVBAgT -DFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYDVQQKExRUaGF3dGUgQ29uc3Vs -dGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UE -AxMQVGhhd3RlIFNlcnZlciBDQTEmMCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5j -b20wHhcNOTYwODAxMDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCBxDELMAkGA1UEBhMCWkExFTATBgNV -BAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYDVQQKExRUaGF3dGUgQ29u -c3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcG -A1UEAxMQVGhhd3RlIFNlcnZlciBDQTEmMCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0 -ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANOkUG7I/1Zr5s9dtuoMaHVHoqrC2oQl -/Kj0R1HahbUgdJSGHg91yekIYfUGbTBuFRkC6VLAYttNmZ7iagxEOM3+vuNkCXDF/rFrKbYvScg7 -1CcEJRCXL+eQbcAoQpnXTEPew/UhbVSfXcNY4cDk2VuwuNy0e982OsK1ZiIS1ocNAgMBAAGjEzAR -MA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAB/pMaVz7lcxG7oWDTSEwjsrZqG9J -GubaUeNgcGyEYRGhGshIPllDfU+VPaGLtwtimHp1it2ITk6eQNuozDJ0uW8NxuOzRAvZim+aKZuZ -GCg70eNAKJpaPNW15yAbi8qkq43pUdniTCxZqdq5snUb9kLy78fyGPmJvKP/iiMucEc= ------END CERTIFICATE----- - -Thawte Premium Server CA -======================== ------BEGIN CERTIFICATE----- -MIIDJzCCApCgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBzjELMAkGA1UEBhMCWkExFTATBgNVBAgT -DFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYDVQQKExRUaGF3dGUgQ29uc3Vs -dGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UE -AxMYVGhhd3RlIFByZW1pdW0gU2VydmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNlcnZl -ckB0aGF3dGUuY29tMB4XDTk2MDgwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgc4xCzAJBgNVBAYT -AlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU -VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2 -aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBDQTEoMCYGCSqGSIb3DQEJARYZ -cHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0jY2 -aovXwlue2oFBYo847kkEVdbQ7xwblRZH7xhINTpS9CtqBo87L+pW46+GjZ4X9560ZXUCTe/LCaIh -Udib0GfQug2SBhRz1JPLlyoAnFxODLz6FVL88kRu2hFKbgifLy3j+ao6hnO2RlNYyIkFvYMRuHM/ -qgeN9EJN50CdHDcCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQAm -SCwWwlj66BZ0DKqqX1Q/8tfJeGBeXm43YyJ3Nn6yF8Q0ufUIhfzJATj/Tb7yFkJD57taRvvBxhEf -8UqwKEbJw8RCfbz6q1lu1bdRiBHjpIUZa4JMpAwSremkrj/xw0llmozFyD4lt5SZu5IycQfwhl7t -UCemDaYj+bvLpgcUQg== ------END CERTIFICATE----- - -Equifax Secure CA -================= ------BEGIN CERTIFICATE----- -MIIDIDCCAomgAwIBAgIENd70zzANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJVUzEQMA4GA1UE -ChMHRXF1aWZheDEtMCsGA1UECxMkRXF1aWZheCBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 -MB4XDTk4MDgyMjE2NDE1MVoXDTE4MDgyMjE2NDE1MVowTjELMAkGA1UEBhMCVVMxEDAOBgNVBAoT -B0VxdWlmYXgxLTArBgNVBAsTJEVxdWlmYXggU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eTCB -nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwV2xWGcIYu6gmi0fCG2RFGiYCh7+2gRvE4RiIcPR -fM6fBeC4AfBONOziipUEZKzxa1NfBbPLZ4C/QgKO/t0BCezhABRP/PvwDN1Dulsr4R+AcJkVV5MW -8Q+XarfCaCMczE1ZMKxRHjuvK9buY0V7xdlfUNLjUA86iOe/FP3gx7kCAwEAAaOCAQkwggEFMHAG -A1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEQMA4GA1UEChMHRXF1aWZheDEtMCsGA1UE -CxMkRXF1aWZheCBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMBoG -A1UdEAQTMBGBDzIwMTgwODIyMTY0MTUxWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUSOZo+SvS -spXXR9gjIBBPM5iQn9QwHQYDVR0OBBYEFEjmaPkr0rKV10fYIyAQTzOYkJ/UMAwGA1UdEwQFMAMB -Af8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUAA4GBAFjOKer89961 -zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y7qj/WsjTVbJmcVfewCHrPSqnI0kB -BIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee95 -70+sB3c4 ------END CERTIFICATE----- - -Digital Signature Trust Co. Global CA 1 -======================================= ------BEGIN CERTIFICATE----- -MIIDKTCCApKgAwIBAgIENnAVljANBgkqhkiG9w0BAQUFADBGMQswCQYDVQQGEwJVUzEkMCIGA1UE -ChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMREwDwYDVQQLEwhEU1RDQSBFMTAeFw05ODEy -MTAxODEwMjNaFw0xODEyMTAxODQwMjNaMEYxCzAJBgNVBAYTAlVTMSQwIgYDVQQKExtEaWdpdGFs -IFNpZ25hdHVyZSBUcnVzdCBDby4xETAPBgNVBAsTCERTVENBIEUxMIGdMA0GCSqGSIb3DQEBAQUA -A4GLADCBhwKBgQCgbIGpzzQeJN3+hijM3oMv+V7UQtLodGBmE5gGHKlREmlvMVW5SXIACH7TpWJE -NySZj9mDSI+ZbZUTu0M7LklOiDfBu1h//uG9+LthzfNHwJmm8fOR6Hh8AMthyUQncWlVSn5JTe2i -o74CTADKAqjuAQIxZA9SLRN0dja1erQtcQIBA6OCASQwggEgMBEGCWCGSAGG+EIBAQQEAwIABzBo -BgNVHR8EYTBfMF2gW6BZpFcwVTELMAkGA1UEBhMCVVMxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0 -dXJlIFRydXN0IENvLjERMA8GA1UECxMIRFNUQ0EgRTExDTALBgNVBAMTBENSTDEwKwYDVR0QBCQw -IoAPMTk5ODEyMTAxODEwMjNagQ8yMDE4MTIxMDE4MTAyM1owCwYDVR0PBAQDAgEGMB8GA1UdIwQY -MBaAFGp5fpFpRhgTCgJ3pVlbYJglDqL4MB0GA1UdDgQWBBRqeX6RaUYYEwoCd6VZW2CYJQ6i+DAM -BgNVHRMEBTADAQH/MBkGCSqGSIb2fQdBAAQMMAobBFY0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4GB -ACIS2Hod3IEGtgllsofIH160L+nEHvI8wbsEkBFKg05+k7lNQseSJqBcNJo4cvj9axY+IO6CizEq -kzaFI4iKPANo08kJD038bKTaKHKTDomAsH3+gG9lbRgzl4vCa4nuYD3Im+9/KzJic5PLPON74nZ4 -RbyhkwS7hp86W0N6w4pl ------END CERTIFICATE----- - -Digital Signature Trust Co. Global CA 3 -======================================= ------BEGIN CERTIFICATE----- -MIIDKTCCApKgAwIBAgIENm7TzjANBgkqhkiG9w0BAQUFADBGMQswCQYDVQQGEwJVUzEkMCIGA1UE -ChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMREwDwYDVQQLEwhEU1RDQSBFMjAeFw05ODEy -MDkxOTE3MjZaFw0xODEyMDkxOTQ3MjZaMEYxCzAJBgNVBAYTAlVTMSQwIgYDVQQKExtEaWdpdGFs -IFNpZ25hdHVyZSBUcnVzdCBDby4xETAPBgNVBAsTCERTVENBIEUyMIGdMA0GCSqGSIb3DQEBAQUA -A4GLADCBhwKBgQC/k48Xku8zExjrEH9OFr//Bo8qhbxe+SSmJIi2A7fBw18DW9Fvrn5C6mYjuGOD -VvsoLeE4i7TuqAHhzhy2iCoiRoX7n6dwqUcUP87eZfCocfdPJmyMvMa1795JJ/9IKn3oTQPMx7JS -xhcxEzu1TdvIxPbDDyQq2gyd55FbgM2UnQIBA6OCASQwggEgMBEGCWCGSAGG+EIBAQQEAwIABzBo -BgNVHR8EYTBfMF2gW6BZpFcwVTELMAkGA1UEBhMCVVMxJDAiBgNVBAoTG0RpZ2l0YWwgU2lnbmF0 -dXJlIFRydXN0IENvLjERMA8GA1UECxMIRFNUQ0EgRTIxDTALBgNVBAMTBENSTDEwKwYDVR0QBCQw -IoAPMTk5ODEyMDkxOTE3MjZagQ8yMDE4MTIwOTE5MTcyNlowCwYDVR0PBAQDAgEGMB8GA1UdIwQY -MBaAFB6CTShlgDzJQW6sNS5ay97u+DlbMB0GA1UdDgQWBBQegk0oZYA8yUFurDUuWsve7vg5WzAM -BgNVHRMEBTADAQH/MBkGCSqGSIb2fQdBAAQMMAobBFY0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4GB -AEeNg61i8tuwnkUiBbmi1gMOOHLnnvx75pO2mqWilMg0HZHRxdf0CiUPPXiBng+xZ8SQTGPdXqfi -up/1902lMXucKS1M/mQ+7LZT/uqb7YLbdHVLB3luHtgZg3Pe9T7Qtd7nS2h9Qy4qIOF+oHhEngj1 -mPnHfxsb1gYgAlihw6ID ------END CERTIFICATE----- - -Verisign Class 3 Public Primary Certification Authority -======================================================= ------BEGIN CERTIFICATE----- -MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMx -FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmltYXJ5 -IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVow -XzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAz -IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUA -A4GNADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhEBarsAx94 -f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/isI19wKTakyYbnsZogy1Ol -hec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0GCSqGSIb3DQEBAgUAA4GBALtMEivPLCYA -TxQT3ab7/AoRhIzzKBxnki98tsX63/Dolbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59Ah -WM1pF+NEHJwZRDmJXNycAA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2Omuf -Tqj/ZA1k ------END CERTIFICATE----- - -Verisign Class 1 Public Primary Certification Authority - G2 -============================================================ ------BEGIN CERTIFICATE----- -MIIDAjCCAmsCEEzH6qqYPnHTkxD4PTqJkZIwDQYJKoZIhvcNAQEFBQAwgcExCzAJBgNVBAYTAlVT -MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMSBQdWJsaWMgUHJpbWFy -eSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2ln -biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz -dCBOZXR3b3JrMB4XDTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVT -MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMSBQdWJsaWMgUHJpbWFy -eSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2ln -biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz -dCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCq0Lq+Fi24g9TK0g+8djHKlNgd -k4xWArzZbxpvUjZudVYKVdPfQ4chEWWKfo+9Id5rMj8bhDSVBZ1BNeuS65bdqlk/AVNtmU/t5eIq -WpDBucSmFc/IReumXY6cPvBkJHalzasab7bYe1FhbqZ/h8jit+U03EGI6glAvnOSPWvndQIDAQAB -MA0GCSqGSIb3DQEBBQUAA4GBAKlPww3HZ74sy9mozS11534Vnjty637rXC0Jh9ZrbWB85a7FkCMM -XErQr7Fd88e2CtvgFZMN3QO8x3aKtd1Pw5sTdbgBwObJW2uluIncrKTdcu1OofdPvAbT6shkdHvC -lUGcZXNY8ZCaPGqxmMnEh7zPRW1F4m4iP/68DzFc6PLZ ------END CERTIFICATE----- - -Verisign Class 2 Public Primary Certification Authority - G2 -============================================================ ------BEGIN CERTIFICATE----- -MIIDAzCCAmwCEQC5L2DMiJ+hekYJuFtwbIqvMA0GCSqGSIb3DQEBBQUAMIHBMQswCQYDVQQGEwJV -UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0NsYXNzIDIgUHVibGljIFByaW1h -cnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjE6MDgGA1UECxMxKGMpIDE5OTggVmVyaVNp -Z24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1 -c3QgTmV0d29yazAeFw05ODA1MTgwMDAwMDBaFw0yODA4MDEyMzU5NTlaMIHBMQswCQYDVQQGEwJV -UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xPDA6BgNVBAsTM0NsYXNzIDIgUHVibGljIFByaW1h -cnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjE6MDgGA1UECxMxKGMpIDE5OTggVmVyaVNp -Z24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1 -c3QgTmV0d29yazCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAp4gBIXQs5xoD8JjhlzwPIQjx -nNuX6Zr8wgQGE75fUsjMHiwSViy4AWkszJkfrbCWrnkE8hM5wXuYuggs6MKEEyyqaekJ9MepAqRC -wiNPStjwDqL7MWzJ5m+ZJwf15vRMeJ5t60aG+rmGyVTyssSv1EYcWskVMP8NbPUtDm3Of3cCAwEA -ATANBgkqhkiG9w0BAQUFAAOBgQByLvl/0fFx+8Se9sVeUYpAmLho+Jscg9jinb3/7aHmZuovCfTK -1+qlK5X2JGCGTUQug6XELaDTrnhpb3LabK4I8GOSN+a7xDAXrXfMSTWqz9iP0b63GJZHc2pUIjRk -LbYWm1lbtFFZOrMLFPQS32eg9K0yZF6xRnInjBJ7xUS0rg== ------END CERTIFICATE----- - -Verisign Class 3 Public Primary Certification Authority - G2 -============================================================ ------BEGIN CERTIFICATE----- -MIIDAjCCAmsCEH3Z/gfPqB63EHln+6eJNMYwDQYJKoZIhvcNAQEFBQAwgcExCzAJBgNVBAYTAlVT -MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMyBQdWJsaWMgUHJpbWFy -eSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2ln -biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz -dCBOZXR3b3JrMB4XDTk4MDUxODAwMDAwMFoXDTI4MDgwMTIzNTk1OVowgcExCzAJBgNVBAYTAlVT -MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMyBQdWJsaWMgUHJpbWFy -eSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2ln -biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz -dCBOZXR3b3JrMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMXtERXVxp0KvTuWpMmR9ZmDCO -FoUgRm1HP9SFIIThbbP4pO0M8RcPO/mn+SXXwc+EY/J8Y8+iR/LGWzOOZEAEaMGAuWQcRXfH2G71 -lSk8UOg013gfqLptQ5GVj0VXXn7F+8qkBOvqlzdUMG+7AUcyM83cV5tkaWH4mx0ciU9cZwIDAQAB -MA0GCSqGSIb3DQEBBQUAA4GBAFFNzb5cy5gZnBWyATl4Lk0PZ3BwmcYQWpSkU01UbSuvDV1Ai2TT -1+7eVmGSX6bEHRBhNtMsJzzoKQm5EWR0zLVznxxIqbxhAe7iF6YM40AIOw7n60RzKprxaZLvcRTD -Oaxxp5EJb+RxBrO6WVcmeQD2+A2iMzAo1KpYoJ2daZH9 ------END CERTIFICATE----- GlobalSign Root CA ================== @@ -247,111 +61,6 @@ BgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4GsJ0/WwbgcQ3izDJr86iw8bmEbTUsp TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg== -----END CERTIFICATE----- -ValiCert Class 1 VA -=================== ------BEGIN CERTIFICATE----- -MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRp -b24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs -YXNzIDEgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZh -bGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNTIy -MjM0OFoXDTE5MDYyNTIyMjM0OFowgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0 -d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDEg -UG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0 -LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMIGfMA0GCSqGSIb3DQEBAQUA -A4GNADCBiQKBgQDYWYJ6ibiWuqYvaG9YLqdUHAZu9OqNSLwxlBfw8068srg1knaw0KWlAdcAAxIi -GQj4/xEjm84H9b9pGib+TunRf50sQB1ZaG6m+FiwnRqP0z/x3BkGgagO4DrdyFNFCQbmD3DD+kCm -DuJWBQ8YTfwggtFzVXSNdnKgHZ0dwN0/cQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFBoPUn0LBwG -lN+VYH+Wexf+T3GtZMjdd9LvWVXoP+iOBSoh8gfStadS/pyxtuJbdxdA6nLWI8sogTLDAHkY7FkX -icnGah5xyf23dKUlRWnFSKsZ4UWKJWsZ7uW7EvV/96aNUcPwnXS3qT6gpf+2SQMT2iLM7XGCK5nP -Orf1LXLI ------END CERTIFICATE----- - -ValiCert Class 2 VA -=================== ------BEGIN CERTIFICATE----- -MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRp -b24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs -YXNzIDIgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZh -bGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAw -MTk1NFoXDTE5MDYyNjAwMTk1NFowgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0 -d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDIg -UG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0 -LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMIGfMA0GCSqGSIb3DQEBAQUA -A4GNADCBiQKBgQDOOnHK5avIWZJV16vYdA757tn2VUdZZUcOBVXc65g2PFxTXdMwzzjsvUGJ7SVC -CSRrCl6zfN1SLUzm1NZ9WlmpZdRJEy0kTRxQb7XBhVQ7/nHk01xC+YDgkRoKWzk2Z/M/VXwbP7Rf -ZHM047QSv4dk+NoS/zcnwbNDu+97bi5p9wIDAQABMA0GCSqGSIb3DQEBBQUAA4GBADt/UG9vUJSZ -SWI4OB9L+KXIPqeCgfYrx+jFzug6EILLGACOTb2oWH+heQC1u+mNr0HZDzTuIYEZoDJJKPTEjlbV -UjP9UNV+mWwD5MlM/Mtsq2azSiGM5bUMMj4QssxsodyamEwCW/POuZ6lcg5Ktz885hZo+L7tdEy8 -W9ViH0Pd ------END CERTIFICATE----- - -RSA Root Certificate 1 -====================== ------BEGIN CERTIFICATE----- -MIIC5zCCAlACAQEwDQYJKoZIhvcNAQEFBQAwgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRp -b24gTmV0d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENs -YXNzIDMgUG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZh -bGljZXJ0LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMB4XDTk5MDYyNjAw -MjIzM1oXDTE5MDYyNjAwMjIzM1owgbsxJDAiBgNVBAcTG1ZhbGlDZXJ0IFZhbGlkYXRpb24gTmV0 -d29yazEXMBUGA1UEChMOVmFsaUNlcnQsIEluYy4xNTAzBgNVBAsTLFZhbGlDZXJ0IENsYXNzIDMg -UG9saWN5IFZhbGlkYXRpb24gQXV0aG9yaXR5MSEwHwYDVQQDExhodHRwOi8vd3d3LnZhbGljZXJ0 -LmNvbS8xIDAeBgkqhkiG9w0BCQEWEWluZm9AdmFsaWNlcnQuY29tMIGfMA0GCSqGSIb3DQEBAQUA -A4GNADCBiQKBgQDjmFGWHOjVsQaBalfDcnWTq8+epvzzFlLWLU2fNUSoLgRNB0mKOCn1dzfnt6td -3zZxFJmP3MKS8edgkpfs2Ejcv8ECIMYkpChMMFp2bbFc893enhBxoYjHW5tBbcqwuI4V7q0zK89H -BFx1cQqYJJgpp0lZpd34t0NiYfPT4tBVPwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFa7AliEZwgs -3x/be0kz9dNnnfS0ChCzycUs4pJqcXgn8nCDQtM+z6lU9PHYkhaM0QTLS6vJn0WuPIqpsHEzXcjF -V9+vqDWzf4mH6eglkrh/hXqu1rweN1gqZ8mRzyqBPu3GOd/APhmcGcwTTYJBtYze4D1gCCAPRX5r -on+jjBXu ------END CERTIFICATE----- - -Verisign Class 1 Public Primary Certification Authority - G3 -============================================================ ------BEGIN CERTIFICATE----- -MIIEGjCCAwICEQCLW3VWhFSFCwDPrzhIzrGkMA0GCSqGSIb3DQEBBQUAMIHKMQswCQYDVQQGEwJV -UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv -cmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl -IG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDEgUHVibGljIFByaW1hcnkgQ2VydGlmaWNh -dGlvbiBBdXRob3JpdHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQsw -CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy -dXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhv -cml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDEgUHVibGljIFByaW1hcnkg -Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBAN2E1Lm0+afY8wR4nN493GwTFtl63SRRZsDHJlkNrAYIwpTRMx/wgzUfbhvI3qpuFU5UJ+/E -bRrsC+MO8ESlV8dAWB6jRx9x7GD2bZTIGDnt/kIYVt/kTEkQeE4BdjVjEjbdZrwBBDajVWjVojYJ -rKshJlQGrT/KFOCsyq0GHZXi+J3x4GD/wn91K0zM2v6HmSHquv4+VNfSWXjbPG7PoBMAGrgnoeS+ -Z5bKoMWznN3JdZ7rMJpfo83ZrngZPyPpXNspva1VyBtUjGP26KbqxzcSXKMpHgLZ2x87tNcPVkeB -FQRKr4Mn0cVYiMHd9qqnoxjaaKptEVHhv2Vrn5Z20T0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEA -q2aN17O6x5q25lXQBfGfMY1aqtmqRiYPce2lrVNWYgFHKkTp/j90CxObufRNG7LRX7K20ohcs5/N -y9Sn2WCVhDr4wTcdYcrnsMXlkdpUpqwxga6X3s0IrLjAl4B/bnKk52kTlWUfxJM8/XmPBNQ+T+r3 -ns7NZ3xPZQL/kYVUc8f/NveGLezQXk//EZ9yBta4GvFMDSZl4kSAHsef493oCtrspSCAaWihT37h -a88HQfqDjrw43bAuEbFrskLMmrz5SCJ5ShkPshw+IHTZasO+8ih4E1Z5T21Q6huwtVexN2ZYI/Pc -D98Kh8TvhgXVOBRgmaNL3gaWcSzy27YfpO8/7g== ------END CERTIFICATE----- - -Verisign Class 2 Public Primary Certification Authority - G3 -============================================================ ------BEGIN CERTIFICATE----- -MIIEGTCCAwECEGFwy0mMX5hFKeewptlQW3owDQYJKoZIhvcNAQEFBQAwgcoxCzAJBgNVBAYTAlVT -MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29y -azE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ug -b25seTFFMEMGA1UEAxM8VmVyaVNpZ24gQ2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0 -aW9uIEF1dGhvcml0eSAtIEczMB4XDTk5MTAwMTAwMDAwMFoXDTM2MDcxNjIzNTk1OVowgcoxCzAJ -BgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1 -c3QgTmV0d29yazE6MDgGA1UECxMxKGMpIDE5OTkgVmVyaVNpZ24sIEluYy4gLSBGb3IgYXV0aG9y -aXplZCB1c2Ugb25seTFFMEMGA1UEAxM8VmVyaVNpZ24gQ2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBD -ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC -AQEArwoNwtUs22e5LeWUJ92lvuCwTY+zYVY81nzD9M0+hsuiiOLh2KRpxbXiv8GmR1BeRjmL1Za6 -tW8UvxDOJxOeBUebMXoT2B/Z0wI3i60sR/COgQanDTAM6/c8DyAd3HJG7qUCyFvDyVZpTMUYwZF7 -C9UTAJu878NIPkZgIIUq1ZC2zYugzDLdt/1AVbJQHFauzI13TccgTacxdu9okoqQHgiBVrKtaaNS -0MscxCM9H5n+TOgWY47GCI72MfbS+uV23bUckqNJzc0BzWjNqWm6o+sdDZykIKbBoMXRRkwXbdKs -Zj+WjOCE1Db/IlnF+RFgqF8EffIa9iVCYQ/ESrg+iQIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA0 -JhU8wI1NQ0kdvekhktdmnLfexbjQ5F1fdiLAJvmEOjr5jLX77GDx6M4EsMjdpwOPMPOY36TmpDHf -0xwLRtxyID+u7gU8pDM/CzmscHhzS5kr3zDCVLCoO1Wh/hYozUK9dG6A2ydEp85EXdQbkJgNHkKU -sQAsBNB0owIFImNjzYO1+8FtYmtpdf1dcEG59b98377BMnMiIYtYgXsVkXq642RIsH/7NiXaldDx -JBQX3RiAa0YjOVT1jmIJBB2UkKab5iXiQkWquJCtvgiPqQtCGJTPcjnhsUPgKM+351psE2tJs//j -GHyJizNdrDPXp/naOlXJWBD5qu9ats9LS98q ------END CERTIFICATE----- - Verisign Class 3 Public Primary Certification Authority - G3 ============================================================ -----BEGIN CERTIFICATE----- @@ -376,65 +85,14 @@ xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGtTxzhT5yvDwyd93gN2PQ1VoDa t20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ== -----END CERTIFICATE----- -Verisign Class 4 Public Primary Certification Authority - G3 -============================================================ ------BEGIN CERTIFICATE----- -MIIEGjCCAwICEQDsoKeLbnVqAc/EfMwvlF7XMA0GCSqGSIb3DQEBBQUAMIHKMQswCQYDVQQGEwJV -UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv -cmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl -IG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDQgUHVibGljIFByaW1hcnkgQ2VydGlmaWNh -dGlvbiBBdXRob3JpdHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQsw -CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy -dXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhv -cml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDQgUHVibGljIFByaW1hcnkg -Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC -ggEBAK3LpRFpxlmr8Y+1GQ9Wzsy1HyDkniYlS+BzZYlZ3tCD5PUPtbut8XzoIfzk6AzufEUiGXaS -tBO3IFsJ+mGuqPKljYXCKtbeZjbSmwL0qJJgfJxptI8kHtCGUvYynEFYHiK9zUVilQhu0GbdU6LM -8BDcVHOLBKFGMzNcF0C5nk3T875Vg+ixiY5afJqWIpA7iCXy0lOIAgwLePLmNxdLMEYH5IBtptiW -Lugs+BGzOA1mppvqySNb247i8xOOGlktqgLw7KSHZtzBP/XYufTsgsbSPZUd5cBPhMnZo0QoBmrX -Razwa2rvTl/4EYIeOGM0ZlDUPpNz+jDDZq3/ky2X7wMCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEA -j/ola09b5KROJ1WrIhVZPMq1CtRK26vdoV9TxaBXOcLORyu+OshWv8LZJxA6sQU8wHcxuzrTBXtt -mhwwjIDLk5Mqg6sFUYICABFna/OIYUdfA5PVWw3g8dShMjWFsjrbsIKr0csKvE+MW8VLADsfKoKm -fjaF3H48ZwC15DtS4KjrXRX5xm3wrR0OhbepmnMUWluPQSjA1egtTaRezarZ7c7c2NU8Qh0XwRJd -RTjDOPP8hS6DRkiy1yBfkjaP53kPmF6Z6PDQpLv1U70qzlmwr25/bLvSHgCwIe34QWKCudiyxLtG -UPMxxY8BqHTr9Xgn2uf3ZkPznoM+IKrDNWCRzg== ------END CERTIFICATE----- - -Entrust.net Secure Server CA -============================ ------BEGIN CERTIFICATE----- -MIIE2DCCBEGgAwIBAgIEN0rSQzANBgkqhkiG9w0BAQUFADCBwzELMAkGA1UEBhMCVVMxFDASBgNV -BAoTC0VudHJ1c3QubmV0MTswOQYDVQQLEzJ3d3cuZW50cnVzdC5uZXQvQ1BTIGluY29ycC4gYnkg -cmVmLiAobGltaXRzIGxpYWIuKTElMCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRl -ZDE6MDgGA1UEAxMxRW50cnVzdC5uZXQgU2VjdXJlIFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhv -cml0eTAeFw05OTA1MjUxNjA5NDBaFw0xOTA1MjUxNjM5NDBaMIHDMQswCQYDVQQGEwJVUzEUMBIG -A1UEChMLRW50cnVzdC5uZXQxOzA5BgNVBAsTMnd3dy5lbnRydXN0Lm5ldC9DUFMgaW5jb3JwLiBi -eSByZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBFbnRydXN0Lm5ldCBMaW1p -dGVkMTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0 -aG9yaXR5MIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQDNKIM0VBuJ8w+vN5Ex/68xYMmo6LIQ -aO2f55M28Qpku0f1BBc/I0dNxScZgSYMVHINiC3ZH5oSn7yzcdOAGT9HZnuMNSjSuQrfJNqc1lB5 -gXpa0zf3wkrYKZImZNHkmGw6AIr1NJtl+O3jEP/9uElY3KDegjlrgbEWGWG5VLbmQwIBA6OCAdcw -ggHTMBEGCWCGSAGG+EIBAQQEAwIABzCCARkGA1UdHwSCARAwggEMMIHeoIHboIHYpIHVMIHSMQsw -CQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxOzA5BgNVBAsTMnd3dy5lbnRydXN0Lm5l -dC9DUFMgaW5jb3JwLiBieSByZWYuIChsaW1pdHMgbGlhYi4pMSUwIwYDVQQLExwoYykgMTk5OSBF -bnRydXN0Lm5ldCBMaW1pdGVkMTowOAYDVQQDEzFFbnRydXN0Lm5ldCBTZWN1cmUgU2VydmVyIENl -cnRpZmljYXRpb24gQXV0aG9yaXR5MQ0wCwYDVQQDEwRDUkwxMCmgJ6AlhiNodHRwOi8vd3d3LmVu -dHJ1c3QubmV0L0NSTC9uZXQxLmNybDArBgNVHRAEJDAigA8xOTk5MDUyNTE2MDk0MFqBDzIwMTkw -NTI1MTYwOTQwWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAU8BdiE1U9s/8KAGv7UISX8+1i0Bow -HQYDVR0OBBYEFPAXYhNVPbP/CgBr+1CEl/PtYtAaMAwGA1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EA -BAwwChsEVjQuMAMCBJAwDQYJKoZIhvcNAQEFBQADgYEAkNwwAvpkdMKnCqV8IY00F6j7Rw7/JXyN -Ewr75Ji174z4xRAN95K+8cPV1ZVqBLssziY2ZcgxxufuP+NXdYR6Ee9GTxj005i7qIcyunL2POI9 -n9cd2cNgQ4xYDiKWL2KjLB+6rQXvqzJ4h6BUcxm1XAX5Uj5tLUUL9wqT6u0G+bI= ------END CERTIFICATE----- - Entrust.net Premium 2048 Secure Server CA ========================================= -----BEGIN CERTIFICATE----- -MIIEXDCCA0SgAwIBAgIEOGO5ZjANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChMLRW50cnVzdC5u +MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChMLRW50cnVzdC5u ZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBpbmNvcnAuIGJ5IHJlZi4gKGxp bWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNV BAMTKkVudHJ1c3QubmV0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQx -NzUwNTFaFw0xOTEyMjQxODIwNTFaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3 +NzUwNTFaFw0yOTA3MjQxNDE1MTJaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3 d3d3LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTEl MCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5u ZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A @@ -442,14 +100,13 @@ MIIBCgKCAQEArU1LqRKGsuqjIAcVFmQqK0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOL Gp18EzoOH1u3Hs/lJBQesYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSr hRSGlVuXMlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVTXTzW nLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/HoZdenoVve8AjhUi -VBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH4QIDAQABo3QwcjARBglghkgBhvhC -AQEEBAMCAAcwHwYDVR0jBBgwFoAUVeSB0RGAvtiJuQijMfmhJAkWuXAwHQYDVR0OBBYEFFXkgdER -gL7YibkIozH5oSQJFrlwMB0GCSqGSIb2fQdBAAQQMA4bCFY1LjA6NC4wAwIEkDANBgkqhkiG9w0B -AQUFAAOCAQEAWUesIYSKF8mciVMeuoCFGsY8Tj6xnLZ8xpJdGGQC49MGCBFhfGPjK50xA3B20qMo -oPS7mmNz7W3lKtvtFKkrxjYR0CvrB4ul2p5cGZ1WEvVUKcgF7bISKo30Axv/55IQh7A6tcOdBTcS -o8f0FbnVpDkWm1M6I5HxqIKiaohowXkCIryqptau37AUX7iH0N18f3v/rxzP5tsHrV7bhZ3QKw0z -2wTR5klAEyt2+z7pnIkPFc4YsIV4IU9rTw76NmfNB/L/CNDi3tm/Kq+4h4YhPATKt5Rof8886ZjX -OP/swNlQ8C5LWK5Gb9Auw2DaclVyvUxFnmG6v4SBkgPR0ml8xQ== +VBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH4QIDAQABo0IwQDAOBgNVHQ8BAf8E +BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUVeSB0RGAvtiJuQijMfmhJAkWuXAwDQYJ +KoZIhvcNAQEFBQADggEBADubj1abMOdTmXx6eadNl9cZlZD7Bh/KM3xGY4+WZiT6QBshJ8rmcnPy +T/4xmf3IDExoU8aAghOY+rat2l098c5u9hURlIIM7j+VrxGrD9cv3h8Dj1csHsm7mhpElesYT6Yf +zX1XEC+bBAlahLVu2B064dae0Wx5XnkcFMXj0EyTO2U87d89vqbllRrDtRnDvV5bu/8j72gZyxKT +J1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+bYQLCIt+jerXmCHG8+c8eS9e +nNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/ErfF6adulZkMV8gzURZVE= -----END CERTIFICATE----- Baltimore CyberTrust Root @@ -473,60 +130,6 @@ Y71k5h+3zvDyny67G7fyUIhzksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9H RCwBXbsdtTLSR9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp -----END CERTIFICATE----- -Equifax Secure Global eBusiness CA -================================== ------BEGIN CERTIFICATE----- -MIICkDCCAfmgAwIBAgIBATANBgkqhkiG9w0BAQQFADBaMQswCQYDVQQGEwJVUzEcMBoGA1UEChMT -RXF1aWZheCBTZWN1cmUgSW5jLjEtMCsGA1UEAxMkRXF1aWZheCBTZWN1cmUgR2xvYmFsIGVCdXNp -bmVzcyBDQS0xMB4XDTk5MDYyMTA0MDAwMFoXDTIwMDYyMTA0MDAwMFowWjELMAkGA1UEBhMCVVMx -HDAaBgNVBAoTE0VxdWlmYXggU2VjdXJlIEluYy4xLTArBgNVBAMTJEVxdWlmYXggU2VjdXJlIEds -b2JhbCBlQnVzaW5lc3MgQ0EtMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuucXkAJlsTRV -PEnCUdXfp9E3j9HngXNBUmCbnaEXJnitx7HoJpQytd4zjTov2/KaelpzmKNc6fuKcxtc58O/gGzN -qfTWK8D3+ZmqY6KxRwIP1ORROhI8bIpaVIRw28HFkM9yRcuoWcDNM50/o5brhTMhHD4ePmBudpxn -hcXIw2ECAwEAAaNmMGQwEQYJYIZIAYb4QgEBBAQDAgAHMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0j -BBgwFoAUvqigdHJQa0S3ySPY+6j/s1draGwwHQYDVR0OBBYEFL6ooHRyUGtEt8kj2Puo/7NXa2hs -MA0GCSqGSIb3DQEBBAUAA4GBADDiAVGqx+pf2rnQZQ8w1j7aDRRJbpGTJxQx78T3LUX47Me/okEN -I7SS+RkAZ70Br83gcfxaz2TE4JaY0KNA4gGK7ycH8WUBikQtBmV1UsCGECAhX2xrD2yuCRyv8qIY -NMR1pHMc8Y3c7635s3a0kr/clRAevsvIO1qEYBlWlKlV ------END CERTIFICATE----- - -Equifax Secure eBusiness CA 1 -============================= ------BEGIN CERTIFICATE----- -MIICgjCCAeugAwIBAgIBBDANBgkqhkiG9w0BAQQFADBTMQswCQYDVQQGEwJVUzEcMBoGA1UEChMT -RXF1aWZheCBTZWN1cmUgSW5jLjEmMCQGA1UEAxMdRXF1aWZheCBTZWN1cmUgZUJ1c2luZXNzIENB -LTEwHhcNOTkwNjIxMDQwMDAwWhcNMjAwNjIxMDQwMDAwWjBTMQswCQYDVQQGEwJVUzEcMBoGA1UE -ChMTRXF1aWZheCBTZWN1cmUgSW5jLjEmMCQGA1UEAxMdRXF1aWZheCBTZWN1cmUgZUJ1c2luZXNz -IENBLTEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM4vGbwXt3fek6lfWg0XTzQaDJj0ItlZ -1MRoRvC0NcWFAyDGr0WlIVFFQesWWDYyb+JQYmT5/VGcqiTZ9J2DKocKIdMSODRsjQBuWqDZQu4a -IZX5UkxVWsUPOE9G+m34LjXWHXzr4vCwdYDIqROsvojvOm6rXyo4YgKwEnv+j6YDAgMBAAGjZjBk -MBEGCWCGSAGG+EIBAQQEAwIABzAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFEp4MlIR21kW -Nl7fwRQ2QGpHfEyhMB0GA1UdDgQWBBRKeDJSEdtZFjZe38EUNkBqR3xMoTANBgkqhkiG9w0BAQQF -AAOBgQB1W6ibAxHm6VZMzfmpTMANmvPMZWnmJXbMWbfWVMMdzZmsGd20hdXgPfxiIKeES1hl8eL5 -lSE/9dR+WB5Hh1Q+WKG1tfgq73HnvMP2sUlG4tega+VWeponmHxGYhTnyfxuAxJ5gDgdSIKN/Bf+ -KpYrtWKmpj29f5JZzVoqgrI3eQ== ------END CERTIFICATE----- - -Equifax Secure eBusiness CA 2 -============================= ------BEGIN CERTIFICATE----- -MIIDIDCCAomgAwIBAgIEN3DPtTANBgkqhkiG9w0BAQUFADBOMQswCQYDVQQGEwJVUzEXMBUGA1UE -ChMORXF1aWZheCBTZWN1cmUxJjAkBgNVBAsTHUVxdWlmYXggU2VjdXJlIGVCdXNpbmVzcyBDQS0y -MB4XDTk5MDYyMzEyMTQ0NVoXDTE5MDYyMzEyMTQ0NVowTjELMAkGA1UEBhMCVVMxFzAVBgNVBAoT -DkVxdWlmYXggU2VjdXJlMSYwJAYDVQQLEx1FcXVpZmF4IFNlY3VyZSBlQnVzaW5lc3MgQ0EtMjCB -nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5Dk5kx5SBhsoNviyoynF7Y6yEb3+6+e0dMKP/wXn -2Z0GvxLIPw7y1tEkshHe0XMJitSxLJgJDR5QRrKDpkWNYmi7hRsgcDKqQM2mll/EcTc/BPO3QSQ5 -BxoeLmFYoBIL5aXfxavqN3HMHMg3OrmXUqesxWoklE6ce8/AatbfIb0CAwEAAaOCAQkwggEFMHAG -A1UdHwRpMGcwZaBjoGGkXzBdMQswCQYDVQQGEwJVUzEXMBUGA1UEChMORXF1aWZheCBTZWN1cmUx -JjAkBgNVBAsTHUVxdWlmYXggU2VjdXJlIGVCdXNpbmVzcyBDQS0yMQ0wCwYDVQQDEwRDUkwxMBoG -A1UdEAQTMBGBDzIwMTkwNjIzMTIxNDQ1WjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUUJ4L6q9e -uSBIplBqy/3YIHqngnYwHQYDVR0OBBYEFFCeC+qvXrkgSKZQasv92CB6p4J2MAwGA1UdEwQFMAMB -Af8wGgYJKoZIhvZ9B0EABA0wCxsFVjMuMGMDAgbAMA0GCSqGSIb3DQEBBQUAA4GBAAyGgq3oThr1 -jokn4jVYPSm0B482UJW/bsGe68SQsoWou7dC4A8HOd/7npCy0cE+U58DRLB+S/Rv5Hwf5+Kx5Lia -78O9zt4LMjTZ3ijtM2vE1Nc9ElirfQkty3D1E4qUoSek1nDFbZS1yX2doNLGCEnZZpum0/QL3MUm -V+GRMOrN ------END CERTIFICATE----- - AddTrust Low-Value Services Root ================================ -----BEGIN CERTIFICATE----- @@ -772,84 +375,6 @@ gn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwXQMAJKOSLakhT2+zNVVXxxvjpoixMptEm X36vWkzaH6byHCx+rgIW0lbQL1dTR+iS -----END CERTIFICATE----- -UTN-USER First-Network Applications -=================================== ------BEGIN CERTIFICATE----- -MIIEZDCCA0ygAwIBAgIQRL4Mi1AAJLQR0zYwS8AzdzANBgkqhkiG9w0BAQUFADCBozELMAkGA1UE -BhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwGA1UEChMVVGhl -IFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xKzAp -BgNVBAMTIlVUTi1VU0VSRmlyc3QtTmV0d29yayBBcHBsaWNhdGlvbnMwHhcNOTkwNzA5MTg0ODM5 -WhcNMTkwNzA5MTg1NzQ5WjCBozELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5T -YWx0IExha2UgQ2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho -dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xKzApBgNVBAMTIlVUTi1VU0VSRmlyc3QtTmV0d29yayBB -cHBsaWNhdGlvbnMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz+5Gh5DZVhawGNFug -mliy+LUPBXeDrjKxdpJo7CNKyXY/45y2N3kDuatpjQclthln5LAbGHNhSuh+zdMvZOOmfAz6F4Cj -DUeJT1FxL+78P/m4FoCHiZMlIJpDgmkkdihZNaEdwH+DBmQWICzTSaSFtMBhf1EI+GgVkYDLpdXu -Ozr0hAReYFmnjDRy7rh4xdE7EkpvfmUnuaRVxblvQ6TFHSyZwFKkeEwVs0CYCGtDxgGwenv1axwi -P8vv/6jQOkt2FZ7S0cYu49tXGzKiuG/ohqY/cKvlcJKrRB5AUPuco2LkbG6gyN7igEL66S/ozjIE -j3yNtxyjNTwV3Z7DrpelAgMBAAGjgZEwgY4wCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8w -HQYDVR0OBBYEFPqGydvguul49Uuo1hXf8NPhahQ8ME8GA1UdHwRIMEYwRKBCoECGPmh0dHA6Ly9j -cmwudXNlcnRydXN0LmNvbS9VVE4tVVNFUkZpcnN0LU5ldHdvcmtBcHBsaWNhdGlvbnMuY3JsMA0G -CSqGSIb3DQEBBQUAA4IBAQCk8yXM0dSRgyLQzDKrm5ZONJFUICU0YV8qAhXhi6r/fWRRzwr/vH3Y -IWp4yy9Rb/hCHTO967V7lMPDqaAt39EpHx3+jz+7qEUqf9FuVSTiuwL7MT++6LzsQCv4AdRWOOTK -RIK1YSAhZ2X28AvnNPilwpyjXEAfhZOVBt5P1CeptqX8Fs1zMT+4ZSfP1FMa8Kxun08FDAOBp4Qp -xFq9ZFdyrTvPNximmMatBrTcCKME1SmklpoSZ0qMYEWd8SOasACcaLWYUNPvji6SZbFIPiG+FTAq -DbUMo2s/rn9X9R+WfN9v3YIwLGUbQErNaLly7HF27FSOH4UMAWr6pjisH8SE ------END CERTIFICATE----- - -America Online Root Certification Authority 1 -============================================= ------BEGIN CERTIFICATE----- -MIIDpDCCAoygAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEcMBoGA1UEChMT -QW1lcmljYSBPbmxpbmUgSW5jLjE2MDQGA1UEAxMtQW1lcmljYSBPbmxpbmUgUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eSAxMB4XDTAyMDUyODA2MDAwMFoXDTM3MTExOTIwNDMwMFowYzELMAkG -A1UEBhMCVVMxHDAaBgNVBAoTE0FtZXJpY2EgT25saW5lIEluYy4xNjA0BgNVBAMTLUFtZXJpY2Eg -T25saW5lIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMTCCASIwDQYJKoZIhvcNAQEBBQAD -ggEPADCCAQoCggEBAKgv6KRpBgNHw+kqmP8ZonCaxlCyfqXfaE0bfA+2l2h9LaaLl+lkhsmj76CG -v2BlnEtUiMJIxUo5vxTjWVXlGbR0yLQFOVwWpeKVBeASrlmLojNoWBym1BW32J/X3HGrfpq/m44z -DyL9Hy7nBzbvYjnF3cu6JRQj3gzGPTzOggjmZj7aUTsWOqMFf6Dch9Wc/HKpoH145LcxVR5lu9Rh -sCFg7RAycsWSJR74kEoYeEfffjA3PlAb2xzTa5qGUwew76wGePiEmf4hjUyAtgyC9mZweRrTT6PP -8c9GsEsPPt2IYriMqQkoO3rHl+Ee5fSfwMCuJKDIodkP1nsmgmkyPacCAwEAAaNjMGEwDwYDVR0T -AQH/BAUwAwEB/zAdBgNVHQ4EFgQUAK3Zo/Z59m50qX8zPYEX10zPM94wHwYDVR0jBBgwFoAUAK3Z -o/Z59m50qX8zPYEX10zPM94wDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBBQUAA4IBAQB8itEf -GDeC4Liwo+1WlchiYZwFos3CYiZhzRAW18y0ZTTQEYqtqKkFZu90821fnZmv9ov761KyBZiibyrF -VL0lvV+uyIbqRizBs73B6UlwGBaXCBOMIOAbLjpHyx7kADCVW/RFo8AasAFOq73AI25jP4BKxQft -3OJvx8Fi8eNy1gTIdGcL+oiroQHIb/AUr9KZzVGTfu0uOMe9zkZQPXLjeSWdm4grECDdpbgyn43g -Kd8hdIaC2y+CMMbHNYaz+ZZfRtsMRf3zUMNvxsNIrUam4SdHCh0Om7bCd39j8uB9Gr784N/Xx6ds -sPmuujz9dLQR6FgNgLzTqIA6me11zEZ7 ------END CERTIFICATE----- - -America Online Root Certification Authority 2 -============================================= ------BEGIN CERTIFICATE----- -MIIFpDCCA4ygAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEcMBoGA1UEChMT -QW1lcmljYSBPbmxpbmUgSW5jLjE2MDQGA1UEAxMtQW1lcmljYSBPbmxpbmUgUm9vdCBDZXJ0aWZp -Y2F0aW9uIEF1dGhvcml0eSAyMB4XDTAyMDUyODA2MDAwMFoXDTM3MDkyOTE0MDgwMFowYzELMAkG -A1UEBhMCVVMxHDAaBgNVBAoTE0FtZXJpY2EgT25saW5lIEluYy4xNjA0BgNVBAMTLUFtZXJpY2Eg -T25saW5lIFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgMjCCAiIwDQYJKoZIhvcNAQEBBQAD -ggIPADCCAgoCggIBAMxBRR3pPU0Q9oyxQcngXssNt79Hc9PwVU3dxgz6sWYFas14tNwC206B89en -fHG8dWOgXeMHDEjsJcQDIPT/DjsS/5uN4cbVG7RtIuOx238hZK+GvFciKtZHgVdEglZTvYYUAQv8 -f3SkWq7xuhG1m1hagLQ3eAkzfDJHA1zEpYNI9FdWboE2JxhP7JsowtS013wMPgwr38oE18aO6lhO -qKSlGBxsRZijQdEt0sdtjRnxrXm3gT+9BoInLRBYBbV4Bbkv2wxrkJB+FFk4u5QkE+XRnRTf04JN -RvCAOVIyD+OEsnpD8l7eXz8d3eOyG6ChKiMDbi4BFYdcpnV1x5dhvt6G3NRI270qv0pV2uh9UPu0 -gBe4lL8BPeraunzgWGcXuVjgiIZGZ2ydEEdYMtA1fHkqkKJaEBEjNa0vzORKW6fIJ/KD3l67Xnfn -6KVuY8INXWHQjNJsWiEOyiijzirplcdIz5ZvHZIlyMbGwcEMBawmxNJ10uEqZ8A9W6Wa6897Gqid -FEXlD6CaZd4vKL3Ob5Rmg0gp2OpljK+T2WSfVVcmv2/LNzGZo2C7HK2JNDJiuEMhBnIMoVxtRsX6 -Kc8w3onccVvdtjc+31D1uAclJuW8tf48ArO3+L5DwYcRlJ4jbBeKuIonDFRH8KmzwICMoCfrHRnj -B453cMor9H124HhnAgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFE1FwWg4u3Op -aaEg5+31IqEjFNeeMB8GA1UdIwQYMBaAFE1FwWg4u3OpaaEg5+31IqEjFNeeMA4GA1UdDwEB/wQE -AwIBhjANBgkqhkiG9w0BAQUFAAOCAgEAZ2sGuV9FOypLM7PmG2tZTiLMubekJcmnxPBUlgtk87FY -T15R/LKXeydlwuXK5w0MJXti4/qftIe3RUavg6WXSIylvfEWK5t2LHo1YGwRgJfMqZJS5ivmae2p -+DYtLHe/YUjRYwu5W1LtGLBDQiKmsXeu3mnFzcccobGlHBD7GL4acN3Bkku+KVqdPzW+5X1R+FXg -JXUjhx5c3LqdsKyzadsXg8n33gy8CNyRnqjQ1xU3c6U1uPx+xURABsPr+CKAXEfOAuMRn0T//Zoy -zH1kUQ7rVyZ2OuMeIjzCpjbdGe+n/BLzJsBZMYVMnNjP36TMzCmT/5RtdlwTCJfy7aULTd3oyWgO -ZtMADjMSW7yV5TKQqLPGbIOtd+6Lfn6xqavT4fG2wLHqiMDn05DpKJKUe2h7lyoKZy2FAjgQ5ANh -1NolNscIWC2hp1GvMApJ9aZphwctREZ2jirlmjvXGKL8nDgQzMY70rUXOm/9riW99XJZZLF0Kjhf -GEzfz3EEWjbUvy+ZnOjZurGV5gJLIaFb1cFPj65pbVPbAZO1XB4Y3WRayhgoPmMEEf0cjQAPuDff -Z4qdZqkCapH/E8ovXYO8h5Ns3CRRFgQlZvqz2cK6Kb6aSDiCmfS/O0oxGfm/jiEzFMpPVF/7zvuP -cX/9XhmgD0uRuMRUvAawRY8mkaKO/qk= ------END CERTIFICATE----- - Visa eCommerce Root =================== -----BEGIN CERTIFICATE----- @@ -1084,26 +609,6 @@ s58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJUJRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ FL39vmwLAw== -----END CERTIFICATE----- -Sonera Class 1 Root CA -====================== ------BEGIN CERTIFICATE----- -MIIDIDCCAgigAwIBAgIBJDANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEPMA0GA1UEChMG -U29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MxIENBMB4XDTAxMDQwNjEwNDkxM1oXDTIxMDQw -NjEwNDkxM1owOTELMAkGA1UEBhMCRkkxDzANBgNVBAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJh -IENsYXNzMSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALWJHytPZwp5/8Ue+H88 -7dF+2rDNbS82rDTG29lkFwhjMDMiikzujrsPDUJVyZ0upe/3p4zDq7mXy47vPxVnqIJyY1MPQYx9 -EJUkoVqlBvqSV536pQHydekfvFYmUk54GWVYVQNYwBSujHxVX3BbdyMGNpfzJLWaRpXk3w0LBUXl -0fIdgrvGE+D+qnr9aTCU89JFhfzyMlsy3uhsXR/LpCJ0sICOXZT3BgBLqdReLjVQCfOAl/QMF645 -2F/NM8EcyonCIvdFEu1eEpOdY6uCLrnrQkFEy0oaAIINnvmLVz5MxxftLItyM19yejhW1ebZrgUa -HXVFsculJRwSVzb9IjcCAwEAAaMzMDEwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQIR+IMi/ZT -iFIwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQCLGrLJXWG04bkruVPRsoWdd44W7hE9 -28Jj2VuXZfsSZ9gqXLar5V7DtxYvyOirHYr9qxp81V9jz9yw3Xe5qObSIjiHBxTZ/75Wtf0HDjxV -yhbMp6Z3N/vbXB9OWQaHowND9Rart4S9Tu+fMTfwRvFAttEMpWT4Y14h21VOTzF2nBBhjrZTOqMR -vq9tfB69ri3iDGnHhVNoomG6xT60eVR4ngrHAr5i0RGCS2UvkVrCqIexVmiUefkl98HVrhq4uz2P -qYo4Ffdz0Fpg0YCw8NzVUM1O7pJIae2yIx4wzMiUyLb1O4Z/P6Yun/Y+LLWSlj7fLJOK/4GMDw9Z -IRlXvVWa ------END CERTIFICATE----- - Sonera Class 2 Root CA ====================== -----BEGIN CERTIFICATE----- @@ -1124,131 +629,6 @@ EtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLH llpwrN9M -----END CERTIFICATE----- -Staat der Nederlanden Root CA -============================= ------BEGIN CERTIFICATE----- -MIIDujCCAqKgAwIBAgIEAJiWijANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJOTDEeMBwGA1UE -ChMVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSYwJAYDVQQDEx1TdGFhdCBkZXIgTmVkZXJsYW5kZW4g -Um9vdCBDQTAeFw0wMjEyMTcwOTIzNDlaFw0xNTEyMTYwOTE1MzhaMFUxCzAJBgNVBAYTAk5MMR4w -HAYDVQQKExVTdGFhdCBkZXIgTmVkZXJsYW5kZW4xJjAkBgNVBAMTHVN0YWF0IGRlciBOZWRlcmxh -bmRlbiBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNK1URF6gaYUmHFt -vsznExvWJw56s2oYHLZhWtVhCb/ekBPHZ+7d89rFDBKeNVU+LCeIQGv33N0iYfXCxw719tV2U02P -jLwYdjeFnejKScfST5gTCaI+Ioicf9byEGW07l8Y1Rfj+MX94p2i71MOhXeiD+EwR+4A5zN9RGca -C1Hoi6CeUJhoNFIfLm0B8mBF8jHrqTFoKbt6QZ7GGX+UtFE5A3+y3qcym7RHjm+0Sq7lr7HcsBth -vJly3uSJt3omXdozSVtSnA71iq3DuD3oBmrC1SoLbHuEvVYFy4ZlkuxEK7COudxwC0barbxjiDn6 -22r+I/q85Ej0ZytqERAhSQIDAQABo4GRMIGOMAwGA1UdEwQFMAMBAf8wTwYDVR0gBEgwRjBEBgRV -HSAAMDwwOgYIKwYBBQUHAgEWLmh0dHA6Ly93d3cucGtpb3ZlcmhlaWQubmwvcG9saWNpZXMvcm9v -dC1wb2xpY3kwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSofeu8Y6R0E3QA7Jbg0zTBLL9s+DAN -BgkqhkiG9w0BAQUFAAOCAQEABYSHVXQ2YcG70dTGFagTtJ+k/rvuFbQvBgwp8qiSpGEN/KtcCFtR -EytNwiphyPgJWPwtArI5fZlmgb9uXJVFIGzmeafR2Bwp/MIgJ1HI8XxdNGdphREwxgDS1/PTfLbw -MVcoEoJz6TMvplW0C5GUR5z6u3pCMuiufi3IvKwUv9kP2Vv8wfl6leF9fpb8cbDCTMjfRTTJzg3y -nGQI0DvDKcWy7ZAEwbEpkcUwb8GpcjPM/l0WFywRaed+/sWDCN+83CI6LiBpIzlWYGeQiy52OfsR -iJf2fL1LuCAWZwWN4jvBcj+UlTfHXbme2JOhF4//DGYVwSR8MnwDHTuhWEUykw== ------END CERTIFICATE----- - -TDC Internet Root CA -==================== ------BEGIN CERTIFICATE----- -MIIEKzCCAxOgAwIBAgIEOsylTDANBgkqhkiG9w0BAQUFADBDMQswCQYDVQQGEwJESzEVMBMGA1UE -ChMMVERDIEludGVybmV0MR0wGwYDVQQLExRUREMgSW50ZXJuZXQgUm9vdCBDQTAeFw0wMTA0MDUx -NjMzMTdaFw0yMTA0MDUxNzAzMTdaMEMxCzAJBgNVBAYTAkRLMRUwEwYDVQQKEwxUREMgSW50ZXJu -ZXQxHTAbBgNVBAsTFFREQyBJbnRlcm5ldCBSb290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAxLhAvJHVYx/XmaCLDEAedLdInUaMArLgJF/wGROnN4NrXceO+YQwzho7+vvOi20j -xsNuZp+Jpd/gQlBn+h9sHvTQBda/ytZO5GhgbEaqHF1j4QeGDmUApy6mcca8uYGoOn0a0vnRrEvL -znWv3Hv6gXPU/Lq9QYjUdLP5Xjg6PEOo0pVOd20TDJ2PeAG3WiAfAzc14izbSysseLlJ28TQx5yc -5IogCSEWVmb/Bexb4/DPqyQkXsN/cHoSxNK1EKC2IeGNeGlVRGn1ypYcNIUXJXfi9i8nmHj9eQY6 -otZaQ8H/7AQ77hPv01ha/5Lr7K7a8jcDR0G2l8ktCkEiu7vmpwIDAQABo4IBJTCCASEwEQYJYIZI -AYb4QgEBBAQDAgAHMGUGA1UdHwReMFwwWqBYoFakVDBSMQswCQYDVQQGEwJESzEVMBMGA1UEChMM -VERDIEludGVybmV0MR0wGwYDVQQLExRUREMgSW50ZXJuZXQgUm9vdCBDQTENMAsGA1UEAxMEQ1JM -MTArBgNVHRAEJDAigA8yMDAxMDQwNTE2MzMxN1qBDzIwMjEwNDA1MTcwMzE3WjALBgNVHQ8EBAMC -AQYwHwYDVR0jBBgwFoAUbGQBx/2FbazI2p5QCIUItTxWqFAwHQYDVR0OBBYEFGxkAcf9hW2syNqe -UAiFCLU8VqhQMAwGA1UdEwQFMAMBAf8wHQYJKoZIhvZ9B0EABBAwDhsIVjUuMDo0LjADAgSQMA0G -CSqGSIb3DQEBBQUAA4IBAQBOQ8zR3R0QGwZ/t6T609lN+yOfI1Rb5osvBCiLtSdtiaHsmGnc540m -gwV5dOy0uaOXwTUA/RXaOYE6lTGQ3pfphqiZdwzlWqCE/xIWrG64jcN7ksKsLtB9KOy282A4aW8+ -2ARVPp7MVdK6/rtHBNcK2RYKNCn1WBPVT8+PVkuzHu7TmHnaCB4Mb7j4Fifvwm899qNLPg7kbWzb -O0ESm70NRyN/PErQr8Cv9u8btRXE64PECV90i9kR+8JWsTz4cMo0jUNAE4z9mQNUecYu6oah9jrU -Cbz0vGbMPVjQV0kK7iXiQe4T+Zs4NNEA9X7nlB38aQNiuJkFBT1reBK9sG9l ------END CERTIFICATE----- - -TDC OCES Root CA -================ ------BEGIN CERTIFICATE----- -MIIFGTCCBAGgAwIBAgIEPki9xDANBgkqhkiG9w0BAQUFADAxMQswCQYDVQQGEwJESzEMMAoGA1UE -ChMDVERDMRQwEgYDVQQDEwtUREMgT0NFUyBDQTAeFw0wMzAyMTEwODM5MzBaFw0zNzAyMTEwOTA5 -MzBaMDExCzAJBgNVBAYTAkRLMQwwCgYDVQQKEwNUREMxFDASBgNVBAMTC1REQyBPQ0VTIENBMIIB -IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGL2YSCyz8DGhdfjeebM7fI5kqSXLmSjhFuH -nEz9pPPEXyG9VhDr2y5h7JNp46PMvZnDBfwGuMo2HP6QjklMxFaaL1a8z3sM8W9Hpg1DTeLpHTk0 -zY0s2RKY+ePhwUp8hjjEqcRhiNJerxomTdXkoCJHhNlktxmW/OwZ5LKXJk5KTMuPJItUGBxIYXvV -iGjaXbXqzRowwYCDdlCqT9HU3Tjw7xb04QxQBr/q+3pJoSgrHPb8FTKjdGqPqcNiKXEx5TukYBde -dObaE+3pHx8b0bJoc8YQNHVGEBDjkAB2QMuLt0MJIf+rTpPGWOmlgtt3xDqZsXKVSQTwtyv6e1mO -3QIDAQABo4ICNzCCAjMwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwgewGA1UdIASB -5DCB4TCB3gYIKoFQgSkBAQEwgdEwLwYIKwYBBQUHAgEWI2h0dHA6Ly93d3cuY2VydGlmaWthdC5k -ay9yZXBvc2l0b3J5MIGdBggrBgEFBQcCAjCBkDAKFgNUREMwAwIBARqBgUNlcnRpZmlrYXRlciBm -cmEgZGVubmUgQ0EgdWRzdGVkZXMgdW5kZXIgT0lEIDEuMi4yMDguMTY5LjEuMS4xLiBDZXJ0aWZp -Y2F0ZXMgZnJvbSB0aGlzIENBIGFyZSBpc3N1ZWQgdW5kZXIgT0lEIDEuMi4yMDguMTY5LjEuMS4x -LjARBglghkgBhvhCAQEEBAMCAAcwgYEGA1UdHwR6MHgwSKBGoESkQjBAMQswCQYDVQQGEwJESzEM -MAoGA1UEChMDVERDMRQwEgYDVQQDEwtUREMgT0NFUyBDQTENMAsGA1UEAxMEQ1JMMTAsoCqgKIYm -aHR0cDovL2NybC5vY2VzLmNlcnRpZmlrYXQuZGsvb2Nlcy5jcmwwKwYDVR0QBCQwIoAPMjAwMzAy -MTEwODM5MzBagQ8yMDM3MDIxMTA5MDkzMFowHwYDVR0jBBgwFoAUYLWF7FZkfhIZJ2cdUBVLc647 -+RIwHQYDVR0OBBYEFGC1hexWZH4SGSdnHVAVS3OuO/kSMB0GCSqGSIb2fQdBAAQQMA4bCFY2LjA6 -NC4wAwIEkDANBgkqhkiG9w0BAQUFAAOCAQEACromJkbTc6gJ82sLMJn9iuFXehHTuJTXCRBuo7E4 -A9G28kNBKWKnctj7fAXmMXAnVBhOinxO5dHKjHiIzxvTkIvmI/gLDjNDfZziChmPyQE+dF10yYsc -A+UYyAFMP8uXBV2YcaaYb7Z8vTd/vuGTJW1v8AqtFxjhA7wHKcitJuj4YfD9IQl+mo6paH1IYnK9 -AOoBmbgGglGBTvH1tJFUuSN6AJqfXY3gPGS5GhKSKseCRHI53OI8xthV9RVOyAUO28bQYqbsFbS1 -AoLbrIyigfCbmTH1ICCoiGEKB5+U/NDXG8wuF/MEJ3Zn61SD/aSQfgY9BKNDLdr8C2LqL19iUw== ------END CERTIFICATE----- - -UTN DATACorp SGC Root CA -======================== ------BEGIN CERTIFICATE----- -MIIEXjCCA0agAwIBAgIQRL4Mi1AAIbQR0ypoBqmtaTANBgkqhkiG9w0BAQUFADCBkzELMAkGA1UE -BhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwGA1UEChMVVGhl -IFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xGzAZ -BgNVBAMTElVUTiAtIERBVEFDb3JwIFNHQzAeFw05OTA2MjQxODU3MjFaFw0xOTA2MjQxOTA2MzBa -MIGTMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVVQxFzAVBgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4w -HAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRy -dXN0LmNvbTEbMBkGA1UEAxMSVVROIC0gREFUQUNvcnAgU0dDMIIBIjANBgkqhkiG9w0BAQEFAAOC -AQ8AMIIBCgKCAQEA3+5YEKIrblXEjr8uRgnn4AgPLit6E5Qbvfa2gI5lBZMAHryv4g+OGQ0SR+ys -raP6LnD43m77VkIVni5c7yPeIbkFdicZD0/Ww5y0vpQZY/KmEQrrU0icvvIpOxboGqBMpsn0GFlo -wHDyUwDAXlCCpVZvNvlK4ESGoE1O1kduSUrLZ9emxAW5jh70/P/N5zbgnAVssjMiFdC04MwXwLLA -9P4yPykqlXvY8qdOD1R8oQ2AswkDwf9c3V6aPryuvEeKaq5xyh+xKrhfQgUL7EYw0XILyulWbfXv -33i+Ybqypa4ETLyorGkVl73v67SMvzX41MPRKA5cOp9wGDMgd8SirwIDAQABo4GrMIGoMAsGA1Ud -DwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRTMtGzz3/64PGgXYVOktKeRR20TzA9 -BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVROLURBVEFDb3JwU0dD -LmNybDAqBgNVHSUEIzAhBggrBgEFBQcDAQYKKwYBBAGCNwoDAwYJYIZIAYb4QgQBMA0GCSqGSIb3 -DQEBBQUAA4IBAQAnNZcAiosovcYzMB4p/OL31ZjUQLtgyr+rFywJNn9Q+kHcrpY6CiM+iVnJowft -Gzet/Hy+UUla3joKVAgWRcKZsYfNjGjgaQPpxE6YsjuMFrMOoAyYUJuTqXAJyCyjj98C5OBxOvG0 -I3KgqgHf35g+FFCgMSa9KOlaMCZ1+XtgHI3zzVAmbQQnmt/VDUVHKWss5nbZqSl9Mt3JNjy9rjXx -EZ4du5A/EkdOjtd+D2JzHVImOBwYSf0wdJrE5SIv2MCN7ZF6TACPcn9d2t0bi0Vr591pl6jFVkwP -DPafepE39peC4N1xaf92P2BNPM/3mfnGV/TJVTl4uix5yaaIK/QI ------END CERTIFICATE----- - -UTN USERFirst Email Root CA -=========================== ------BEGIN CERTIFICATE----- -MIIEojCCA4qgAwIBAgIQRL4Mi1AAJLQR0zYlJWfJiTANBgkqhkiG9w0BAQUFADCBrjELMAkGA1UE -BhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwGA1UEChMVVGhl -IFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xNjA0 -BgNVBAMTLVVUTi1VU0VSRmlyc3QtQ2xpZW50IEF1dGhlbnRpY2F0aW9uIGFuZCBFbWFpbDAeFw05 -OTA3MDkxNzI4NTBaFw0xOTA3MDkxNzM2NThaMIGuMQswCQYDVQQGEwJVUzELMAkGA1UECBMCVVQx -FzAVBgNVBAcTDlNhbHQgTGFrZSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsx -ITAfBgNVBAsTGGh0dHA6Ly93d3cudXNlcnRydXN0LmNvbTE2MDQGA1UEAxMtVVROLVVTRVJGaXJz -dC1DbGllbnQgQXV0aGVudGljYXRpb24gYW5kIEVtYWlsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEAsjmFpPJ9q0E7YkY3rs3BYHW8OWX5ShpHornMSMxqmNVNNRm5pELlzkniii8efNIx -B8dOtINknS4p1aJkxIW9hVE1eaROaJB7HHqkkqgX8pgV8pPMyaQylbsMTzC9mKALi+VuG6JG+ni8 -om+rWV6lL8/K2m2qL+usobNqqrcuZzWLeeEeaYji5kbNoKXqvgvOdjp6Dpvq/NonWz1zHyLmSGHG -TPNpsaguG7bUMSAsvIKKjqQOpdeJQ/wWWq8dcdcRWdq6hw2v+vPhwvCkxWeM1tZUOt4KpLoDd7Nl -yP0e03RiqhjKaJMeoYV+9Udly/hNVyh00jT/MLbu9mIwFIws6wIDAQABo4G5MIG2MAsGA1UdDwQE -AwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSJgmd9xJ0mcABLtFBIfN49rgRufTBYBgNV -HR8EUTBPME2gS6BJhkdodHRwOi8vY3JsLnVzZXJ0cnVzdC5jb20vVVROLVVTRVJGaXJzdC1DbGll -bnRBdXRoZW50aWNhdGlvbmFuZEVtYWlsLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUH -AwQwDQYJKoZIhvcNAQEFBQADggEBALFtYV2mGn98q0rkMPxTbyUkxsrt4jFcKw7u7mFVbwQ+zzne -xRtJlOTrIEy05p5QLnLZjfWqo7NK2lYcYJeA3IKirUq9iiv/Cwm0xtcgBEXkzYABurorbs6q15L+ -5K/r9CYdFip/bDCVNy8zEqx/3cfREYxRmLLQo5HQrfafnoOTHh1CuEava2bwm3/q4wMC5QJRwarV -NZ1yQAOJujEdxRBoUp7fooXFXAimeOZTT7Hot9MUnpOmw2TjrH5xzbyf6QMbzPvprDHBr3wVdAKZ -w7JHpsIyYdfHb0gkUSeh1YdV8nuPmD0Wnu51tvjQjvLzxq4oW6fw8zYX/MMF08oDSlQ= ------END CERTIFICATE----- - UTN USERFirst Hardware Root CA ============================== -----BEGIN CERTIFICATE----- @@ -1275,31 +655,6 @@ iCrVWFCVH/A7HFe7fRQ5YiuayZSSKqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67 nfhmqA== -----END CERTIFICATE----- -UTN USERFirst Object Root CA -============================ ------BEGIN CERTIFICATE----- -MIIEZjCCA06gAwIBAgIQRL4Mi1AAJLQR0zYt4LNfGzANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UE -BhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwGA1UEChMVVGhl -IFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHTAb -BgNVBAMTFFVUTi1VU0VSRmlyc3QtT2JqZWN0MB4XDTk5MDcwOTE4MzEyMFoXDTE5MDcwOTE4NDAz -NlowgZUxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJVVDEXMBUGA1UEBxMOU2FsdCBMYWtlIENpdHkx -HjAcBgNVBAoTFVRoZSBVU0VSVFJVU1QgTmV0d29yazEhMB8GA1UECxMYaHR0cDovL3d3dy51c2Vy -dHJ1c3QuY29tMR0wGwYDVQQDExRVVE4tVVNFUkZpcnN0LU9iamVjdDCCASIwDQYJKoZIhvcNAQEB -BQADggEPADCCAQoCggEBAM6qgT+jo2F4qjEAVZURnicPHxzfOpuCaDDASmEd8S8O+r5596Uj71VR -loTN2+O5bj4x2AogZ8f02b+U60cEPgLOKqJdhwQJ9jCdGIqXsqoc/EHSoTbL+z2RuufZcDX65OeQ -w5ujm9M89RKZd7G3CeBo5hy485RjiGpq/gt2yb70IuRnuasaXnfBhQfdDWy/7gbHd2pBnqcP1/vu -lBe3/IW+pKvEHDHd17bR5PDv3xaPslKT16HUiaEHLr/hARJCHhrh2JU022R5KP+6LhHC5ehbkkj7 -RwvCbNqtMoNB86XlQXD9ZZBt+vpRxPm9lisZBCzTbafc8H9vg2XiaquHhnUCAwEAAaOBrzCBrDAL -BgNVHQ8EBAMCAcYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU2u1kdBScFDyr3ZmpvVsoTYs8 -ydgwQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VUTi1VU0VSRmly -c3QtT2JqZWN0LmNybDApBgNVHSUEIjAgBggrBgEFBQcDAwYIKwYBBQUHAwgGCisGAQQBgjcKAwQw -DQYJKoZIhvcNAQEFBQADggEBAAgfUrE3RHjb/c652pWWmKpVZIC1WkDdIaXFwfNfLEzIR1pp6ujw -NTX00CXzyKakh0q9G7FzCL3Uw8q2NbtZhncxzaeAFK4T7/yxSPlrJSUtUbYsbUXBmMiKVl0+7kNO -PmsnjtA6S4ULX9Ptaqd1y9Fahy85dRNacrACgZ++8A+EVCBibGnU4U3GDZlDAQ0Slox4nb9QorFE -qmrPF3rPbw/U+CRVX/A0FklmPlBGyWNxODFiuGK581OtbLUrohKqGU8J2l7nk8aOFAj+8DCAGKCG -hU3IfdeLA/5u1fedFqySLKAj5ZyRUh+U3xeUc8OzwcFxBSAAeL0TUh2oPs0AH8g= ------END CERTIFICATE----- - Camerfirma Chambers of Commerce Root ==================================== -----BEGIN CERTIFICATE----- @@ -1354,135 +709,6 @@ IBHNfTIzSJRUTN3cecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREes t2d/AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A== -----END CERTIFICATE----- -NetLock Qualified (Class QA) Root -================================= ------BEGIN CERTIFICATE----- -MIIG0TCCBbmgAwIBAgIBezANBgkqhkiG9w0BAQUFADCByTELMAkGA1UEBhMCSFUxETAPBgNVBAcT -CEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0b25zYWdpIEtmdC4xGjAYBgNV -BAsTEVRhbnVzaXR2YW55a2lhZG9rMUIwQAYDVQQDEzlOZXRMb2NrIE1pbm9zaXRldHQgS296amVn -eXpvaSAoQ2xhc3MgUUEpIFRhbnVzaXR2YW55a2lhZG8xHjAcBgkqhkiG9w0BCQEWD2luZm9AbmV0 -bG9jay5odTAeFw0wMzAzMzAwMTQ3MTFaFw0yMjEyMTUwMTQ3MTFaMIHJMQswCQYDVQQGEwJIVTER -MA8GA1UEBxMIQnVkYXBlc3QxJzAlBgNVBAoTHk5ldExvY2sgSGFsb3phdGJpenRvbnNhZ2kgS2Z0 -LjEaMBgGA1UECxMRVGFudXNpdHZhbnlraWFkb2sxQjBABgNVBAMTOU5ldExvY2sgTWlub3NpdGV0 -dCBLb3pqZWd5em9pIChDbGFzcyBRQSkgVGFudXNpdHZhbnlraWFkbzEeMBwGCSqGSIb3DQEJARYP -aW5mb0BuZXRsb2NrLmh1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1Ilstg91IRV -CacbvWy5FPSKAtt2/GoqeKvld/Bu4IwjZ9ulZJm53QE+b+8tmjwi8F3JV6BVQX/yQ15YglMxZc4e -8ia6AFQer7C8HORSjKAyr7c3sVNnaHRnUPYtLmTeriZ539+Zhqurf4XsoPuAzPS4DB6TRWO53Lhb -m+1bOdRfYrCnjnxmOCyqsQhjF2d9zL2z8cM/z1A57dEZgxXbhxInlrfa6uWdvLrqOU+L73Sa58XQ -0uqGURzk/mQIKAR5BevKxXEOC++r6uwSEaEYBTJp0QwsGj0lmT+1fMptsK6ZmfoIYOcZwvK9UdPM -0wKswREMgM6r3JSda6M5UzrWhQIDAMV9o4ICwDCCArwwEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNV -HQ8BAf8EBAMCAQYwggJ1BglghkgBhvhCAQ0EggJmFoICYkZJR1lFTEVNISBFemVuIHRhbnVzaXR2 -YW55IGEgTmV0TG9jayBLZnQuIE1pbm9zaXRldHQgU3pvbGdhbHRhdGFzaSBTemFiYWx5emF0YWJh -biBsZWlydCBlbGphcmFzb2sgYWxhcGphbiBrZXN6dWx0LiBBIG1pbm9zaXRldHQgZWxla3Ryb25p -a3VzIGFsYWlyYXMgam9naGF0YXMgZXJ2ZW55ZXN1bGVzZW5laywgdmFsYW1pbnQgZWxmb2dhZGFz -YW5hayBmZWx0ZXRlbGUgYSBNaW5vc2l0ZXR0IFN6b2xnYWx0YXRhc2kgU3phYmFseXphdGJhbiwg -YXogQWx0YWxhbm9zIFN6ZXJ6b2Rlc2kgRmVsdGV0ZWxla2JlbiBlbG9pcnQgZWxsZW5vcnplc2kg -ZWxqYXJhcyBtZWd0ZXRlbGUuIEEgZG9rdW1lbnR1bW9rIG1lZ3RhbGFsaGF0b2sgYSBodHRwczov -L3d3dy5uZXRsb2NrLmh1L2RvY3MvIGNpbWVuIHZhZ3kga2VyaGV0b2sgYXogaW5mb0BuZXRsb2Nr -Lm5ldCBlLW1haWwgY2ltZW4uIFdBUk5JTkchIFRoZSBpc3N1YW5jZSBhbmQgdGhlIHVzZSBvZiB0 -aGlzIGNlcnRpZmljYXRlIGFyZSBzdWJqZWN0IHRvIHRoZSBOZXRMb2NrIFF1YWxpZmllZCBDUFMg -YXZhaWxhYmxlIGF0IGh0dHBzOi8vd3d3Lm5ldGxvY2suaHUvZG9jcy8gb3IgYnkgZS1tYWlsIGF0 -IGluZm9AbmV0bG9jay5uZXQwHQYDVR0OBBYEFAlqYhaSsFq7VQ7LdTI6MuWyIckoMA0GCSqGSIb3 -DQEBBQUAA4IBAQCRalCc23iBmz+LQuM7/KbD7kPgz/PigDVJRXYC4uMvBcXxKufAQTPGtpvQMznN -wNuhrWw3AkxYQTvyl5LGSKjN5Yo5iWH5Upfpvfb5lHTocQ68d4bDBsxafEp+NFAwLvt/MpqNPfMg -W/hqyobzMUwsWYACff44yTB1HLdV47yfuqhthCgFdbOLDcCRVCHnpgu0mfVRQdzNo0ci2ccBgcTc -R08m6h/t280NmPSjnLRzMkqWmf68f8glWPhY83ZmiVSkpj7EUFy6iRiCdUgh0k8T6GB+B3bbELVR -5qq5aKrN9p2QdRLqOBrKROi3macqaJVmlaut74nLYKkGEsaUR+ko ------END CERTIFICATE----- - -NetLock Notary (Class A) Root -============================= ------BEGIN CERTIFICATE----- -MIIGfTCCBWWgAwIBAgICAQMwDQYJKoZIhvcNAQEEBQAwga8xCzAJBgNVBAYTAkhVMRAwDgYDVQQI -EwdIdW5nYXJ5MREwDwYDVQQHEwhCdWRhcGVzdDEnMCUGA1UEChMeTmV0TG9jayBIYWxvemF0Yml6 -dG9uc2FnaSBLZnQuMRowGAYDVQQLExFUYW51c2l0dmFueWtpYWRvazE2MDQGA1UEAxMtTmV0TG9j -ayBLb3pqZWd5em9pIChDbGFzcyBBKSBUYW51c2l0dmFueWtpYWRvMB4XDTk5MDIyNDIzMTQ0N1oX -DTE5MDIxOTIzMTQ0N1owga8xCzAJBgNVBAYTAkhVMRAwDgYDVQQIEwdIdW5nYXJ5MREwDwYDVQQH -EwhCdWRhcGVzdDEnMCUGA1UEChMeTmV0TG9jayBIYWxvemF0Yml6dG9uc2FnaSBLZnQuMRowGAYD -VQQLExFUYW51c2l0dmFueWtpYWRvazE2MDQGA1UEAxMtTmV0TG9jayBLb3pqZWd5em9pIChDbGFz -cyBBKSBUYW51c2l0dmFueWtpYWRvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHSM -D7tM9DceqQWC2ObhbHDqeLVu0ThEDaiDzl3S1tWBxdRL51uUcCbbO51qTGL3cfNk1mE7PetzozfZ -z+qMkjvN9wfcZnSX9EUi3fRc4L9t875lM+QVOr/bmJBVOMTtplVjC7B4BPTjbsE/jvxReB+SnoPC -/tmwqcm8WgD/qaiYdPv2LD4VOQ22BFWoDpggQrOxJa1+mm9dU7GrDPzr4PN6s6iz/0b2Y6LYOph7 -tqyF/7AlT3Rj5xMHpQqPBffAZG9+pyeAlt7ULoZgx2srXnN7F+eRP2QM2EsiNCubMvJIH5+hCoR6 -4sKtlz2O1cH5VqNQ6ca0+pii7pXmKgOM3wIDAQABo4ICnzCCApswDgYDVR0PAQH/BAQDAgAGMBIG -A1UdEwEB/wQIMAYBAf8CAQQwEQYJYIZIAYb4QgEBBAQDAgAHMIICYAYJYIZIAYb4QgENBIICURaC -Ak1GSUdZRUxFTSEgRXplbiB0YW51c2l0dmFueSBhIE5ldExvY2sgS2Z0LiBBbHRhbGFub3MgU3pv -bGdhbHRhdGFzaSBGZWx0ZXRlbGVpYmVuIGxlaXJ0IGVsamFyYXNvayBhbGFwamFuIGtlc3p1bHQu -IEEgaGl0ZWxlc2l0ZXMgZm9seWFtYXRhdCBhIE5ldExvY2sgS2Z0LiB0ZXJtZWtmZWxlbG9zc2Vn -LWJpenRvc2l0YXNhIHZlZGkuIEEgZGlnaXRhbGlzIGFsYWlyYXMgZWxmb2dhZGFzYW5hayBmZWx0 -ZXRlbGUgYXogZWxvaXJ0IGVsbGVub3J6ZXNpIGVsamFyYXMgbWVndGV0ZWxlLiBBeiBlbGphcmFz -IGxlaXJhc2EgbWVndGFsYWxoYXRvIGEgTmV0TG9jayBLZnQuIEludGVybmV0IGhvbmxhcGphbiBh -IGh0dHBzOi8vd3d3Lm5ldGxvY2submV0L2RvY3MgY2ltZW4gdmFneSBrZXJoZXRvIGF6IGVsbGVu -b3J6ZXNAbmV0bG9jay5uZXQgZS1tYWlsIGNpbWVuLiBJTVBPUlRBTlQhIFRoZSBpc3N1YW5jZSBh -bmQgdGhlIHVzZSBvZiB0aGlzIGNlcnRpZmljYXRlIGlzIHN1YmplY3QgdG8gdGhlIE5ldExvY2sg -Q1BTIGF2YWlsYWJsZSBhdCBodHRwczovL3d3dy5uZXRsb2NrLm5ldC9kb2NzIG9yIGJ5IGUtbWFp -bCBhdCBjcHNAbmV0bG9jay5uZXQuMA0GCSqGSIb3DQEBBAUAA4IBAQBIJEb3ulZv+sgoA0BO5TE5 -ayZrU3/b39/zcT0mwBQOxmd7I6gMc90Bu8bKbjc5VdXHjFYgDigKDtIqpLBJUsY4B/6+CgmM0ZjP -ytoUMaFP0jn8DxEsQ8Pdq5PHVT5HfBgaANzze9jyf1JsIPQLX2lS9O74silg6+NJMSEN1rUQQeJB -CWziGppWS3cC9qCbmieH6FUpccKQn0V4GuEVZD3QDtigdp+uxdAu6tYPVuxkf1qbFFgBJ34TUMdr -KuZoPL9coAob4Q566eKAw+np9v1sEZ7Q5SgnK1QyQhSCdeZK8CtmdWOMovsEPoMOmzbwGOQmIMOM -8CgHrTwXZoi1/baI ------END CERTIFICATE----- - -NetLock Business (Class B) Root -=============================== ------BEGIN CERTIFICATE----- -MIIFSzCCBLSgAwIBAgIBaTANBgkqhkiG9w0BAQQFADCBmTELMAkGA1UEBhMCSFUxETAPBgNVBAcT -CEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0b25zYWdpIEtmdC4xGjAYBgNV -BAsTEVRhbnVzaXR2YW55a2lhZG9rMTIwMAYDVQQDEylOZXRMb2NrIFV6bGV0aSAoQ2xhc3MgQikg -VGFudXNpdHZhbnlraWFkbzAeFw05OTAyMjUxNDEwMjJaFw0xOTAyMjAxNDEwMjJaMIGZMQswCQYD -VQQGEwJIVTERMA8GA1UEBxMIQnVkYXBlc3QxJzAlBgNVBAoTHk5ldExvY2sgSGFsb3phdGJpenRv -bnNhZ2kgS2Z0LjEaMBgGA1UECxMRVGFudXNpdHZhbnlraWFkb2sxMjAwBgNVBAMTKU5ldExvY2sg -VXpsZXRpIChDbGFzcyBCKSBUYW51c2l0dmFueWtpYWRvMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB -iQKBgQCx6gTsIKAjwo84YM/HRrPVG/77uZmeBNwcf4xKgZjupNTKihe5In+DCnVMm8Bp2GQ5o+2S -o/1bXHQawEfKOml2mrriRBf8TKPV/riXiK+IA4kfpPIEPsgHC+b5sy96YhQJRhTKZPWLgLViqNhr -1nGTLbO/CVRY7QbrqHvcQ7GhaQIDAQABo4ICnzCCApswEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNV -HQ8BAf8EBAMCAAYwEQYJYIZIAYb4QgEBBAQDAgAHMIICYAYJYIZIAYb4QgENBIICURaCAk1GSUdZ -RUxFTSEgRXplbiB0YW51c2l0dmFueSBhIE5ldExvY2sgS2Z0LiBBbHRhbGFub3MgU3pvbGdhbHRh -dGFzaSBGZWx0ZXRlbGVpYmVuIGxlaXJ0IGVsamFyYXNvayBhbGFwamFuIGtlc3p1bHQuIEEgaGl0 -ZWxlc2l0ZXMgZm9seWFtYXRhdCBhIE5ldExvY2sgS2Z0LiB0ZXJtZWtmZWxlbG9zc2VnLWJpenRv -c2l0YXNhIHZlZGkuIEEgZGlnaXRhbGlzIGFsYWlyYXMgZWxmb2dhZGFzYW5hayBmZWx0ZXRlbGUg -YXogZWxvaXJ0IGVsbGVub3J6ZXNpIGVsamFyYXMgbWVndGV0ZWxlLiBBeiBlbGphcmFzIGxlaXJh -c2EgbWVndGFsYWxoYXRvIGEgTmV0TG9jayBLZnQuIEludGVybmV0IGhvbmxhcGphbiBhIGh0dHBz -Oi8vd3d3Lm5ldGxvY2submV0L2RvY3MgY2ltZW4gdmFneSBrZXJoZXRvIGF6IGVsbGVub3J6ZXNA -bmV0bG9jay5uZXQgZS1tYWlsIGNpbWVuLiBJTVBPUlRBTlQhIFRoZSBpc3N1YW5jZSBhbmQgdGhl -IHVzZSBvZiB0aGlzIGNlcnRpZmljYXRlIGlzIHN1YmplY3QgdG8gdGhlIE5ldExvY2sgQ1BTIGF2 -YWlsYWJsZSBhdCBodHRwczovL3d3dy5uZXRsb2NrLm5ldC9kb2NzIG9yIGJ5IGUtbWFpbCBhdCBj -cHNAbmV0bG9jay5uZXQuMA0GCSqGSIb3DQEBBAUAA4GBAATbrowXr/gOkDFOzT4JwG06sPgzTEdM -43WIEJessDgVkcYplswhwG08pXTP2IKlOcNl40JwuyKQ433bNXbhoLXan3BukxowOR0w2y7jfLKR -stE3Kfq51hdcR0/jHTjrn9V7lagonhVK0dHQKwCXoOKSNitjrFgBazMpUIaD8QFI ------END CERTIFICATE----- - -NetLock Express (Class C) Root -============================== ------BEGIN CERTIFICATE----- -MIIFTzCCBLigAwIBAgIBaDANBgkqhkiG9w0BAQQFADCBmzELMAkGA1UEBhMCSFUxETAPBgNVBAcT -CEJ1ZGFwZXN0MScwJQYDVQQKEx5OZXRMb2NrIEhhbG96YXRiaXp0b25zYWdpIEtmdC4xGjAYBgNV -BAsTEVRhbnVzaXR2YW55a2lhZG9rMTQwMgYDVQQDEytOZXRMb2NrIEV4cHJlc3N6IChDbGFzcyBD -KSBUYW51c2l0dmFueWtpYWRvMB4XDTk5MDIyNTE0MDgxMVoXDTE5MDIyMDE0MDgxMVowgZsxCzAJ -BgNVBAYTAkhVMREwDwYDVQQHEwhCdWRhcGVzdDEnMCUGA1UEChMeTmV0TG9jayBIYWxvemF0Yml6 -dG9uc2FnaSBLZnQuMRowGAYDVQQLExFUYW51c2l0dmFueWtpYWRvazE0MDIGA1UEAxMrTmV0TG9j -ayBFeHByZXNzeiAoQ2xhc3MgQykgVGFudXNpdHZhbnlraWFkbzCBnzANBgkqhkiG9w0BAQEFAAOB -jQAwgYkCgYEA6+ywbGGKIyWvYCDj2Z/8kwvbXY2wobNAOoLO/XXgeDIDhlqGlZHtU/qdQPzm6N3Z -W3oDvV3zOwzDUXmbrVWg6dADEK8KuhRC2VImESLH0iDMgqSaqf64gXadarfSNnU+sYYJ9m5tfk63 -euyucYT2BDMIJTLrdKwWRMbkQJMdf60CAwEAAaOCAp8wggKbMBIGA1UdEwEB/wQIMAYBAf8CAQQw -DgYDVR0PAQH/BAQDAgAGMBEGCWCGSAGG+EIBAQQEAwIABzCCAmAGCWCGSAGG+EIBDQSCAlEWggJN -RklHWUVMRU0hIEV6ZW4gdGFudXNpdHZhbnkgYSBOZXRMb2NrIEtmdC4gQWx0YWxhbm9zIFN6b2xn -YWx0YXRhc2kgRmVsdGV0ZWxlaWJlbiBsZWlydCBlbGphcmFzb2sgYWxhcGphbiBrZXN6dWx0LiBB -IGhpdGVsZXNpdGVzIGZvbHlhbWF0YXQgYSBOZXRMb2NrIEtmdC4gdGVybWVrZmVsZWxvc3NlZy1i -aXp0b3NpdGFzYSB2ZWRpLiBBIGRpZ2l0YWxpcyBhbGFpcmFzIGVsZm9nYWRhc2FuYWsgZmVsdGV0 -ZWxlIGF6IGVsb2lydCBlbGxlbm9yemVzaSBlbGphcmFzIG1lZ3RldGVsZS4gQXogZWxqYXJhcyBs -ZWlyYXNhIG1lZ3RhbGFsaGF0byBhIE5ldExvY2sgS2Z0LiBJbnRlcm5ldCBob25sYXBqYW4gYSBo -dHRwczovL3d3dy5uZXRsb2NrLm5ldC9kb2NzIGNpbWVuIHZhZ3kga2VyaGV0byBheiBlbGxlbm9y -emVzQG5ldGxvY2submV0IGUtbWFpbCBjaW1lbi4gSU1QT1JUQU5UISBUaGUgaXNzdWFuY2UgYW5k -IHRoZSB1c2Ugb2YgdGhpcyBjZXJ0aWZpY2F0ZSBpcyBzdWJqZWN0IHRvIHRoZSBOZXRMb2NrIENQ -UyBhdmFpbGFibGUgYXQgaHR0cHM6Ly93d3cubmV0bG9jay5uZXQvZG9jcyBvciBieSBlLW1haWwg -YXQgY3BzQG5ldGxvY2submV0LjANBgkqhkiG9w0BAQQFAAOBgQAQrX/XDDKACtiG8XmYta3UzbM2 -xJZIwVzNmtkFLp++UOv0JhQQLdRmF/iewSf98e3ke0ugbLWrmldwpu2gpO0u9f38vf5NNwgMvOOW -gyL1SRt/Syu0VMGAfJlOHdCM7tCs5ZL6dVb+ZKATj7i4Fp1hBWeAyNDYpQcCNJgEjTME1A== ------END CERTIFICATE----- - XRamp Global CA Root ==================== -----BEGIN CERTIFICATE----- @@ -1626,54 +852,6 @@ CZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDeLMDDav7v3Aun+kbfYNucpllQdSNpc5Oy +fwC00fmcc4QAu4njIT/rEUNE1yDMuAlpYYsfPQS -----END CERTIFICATE----- -Firmaprofesional Root CA -======================== ------BEGIN CERTIFICATE----- -MIIEVzCCAz+gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBnTELMAkGA1UEBhMCRVMxIjAgBgNVBAcT -GUMvIE11bnRhbmVyIDI0NCBCYXJjZWxvbmExQjBABgNVBAMTOUF1dG9yaWRhZCBkZSBDZXJ0aWZp -Y2FjaW9uIEZpcm1hcHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2ODEmMCQGCSqGSIb3DQEJARYXY2FA -ZmlybWFwcm9mZXNpb25hbC5jb20wHhcNMDExMDI0MjIwMDAwWhcNMTMxMDI0MjIwMDAwWjCBnTEL -MAkGA1UEBhMCRVMxIjAgBgNVBAcTGUMvIE11bnRhbmVyIDI0NCBCYXJjZWxvbmExQjBABgNVBAMT -OUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1hcHJvZmVzaW9uYWwgQ0lGIEE2MjYzNDA2 -ODEmMCQGCSqGSIb3DQEJARYXY2FAZmlybWFwcm9mZXNpb25hbC5jb20wggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQDnIwNvbyOlXnjOlSztlB5uCp4Bx+ow0Syd3Tfom5h5VtP8c9/Qit5V -j1H5WuretXDE7aTt/6MNbg9kUDGvASdYrv5sp0ovFy3Tc9UTHI9ZpTQsHVQERc1ouKDAA6XPhUJH -lShbz++AbOCQl4oBPB3zhxAwJkh91/zpnZFx/0GaqUC1N5wpIE8fUuOgfRNtVLcK3ulqTgesrBlf -3H5idPayBQC6haD9HThuy1q7hryUZzM1gywfI834yJFxzJeL764P3CkDG8A563DtwW4O2GcLiam8 -NeTvtjS0pbbELaW+0MOUJEjb35bTALVmGotmBQ/dPz/LP6pemkr4tErvlTcbAgMBAAGjgZ8wgZww -KgYDVR0RBCMwIYYfaHR0cDovL3d3dy5maXJtYXByb2Zlc2lvbmFsLmNvbTASBgNVHRMBAf8ECDAG -AQH/AgEBMCsGA1UdEAQkMCKADzIwMDExMDI0MjIwMDAwWoEPMjAxMzEwMjQyMjAwMDBaMA4GA1Ud -DwEB/wQEAwIBBjAdBgNVHQ4EFgQUMwugZtHq2s7eYpMEKFK1FH84aLcwDQYJKoZIhvcNAQEFBQAD -ggEBAEdz/o0nVPD11HecJ3lXV7cVVuzH2Fi3AQL0M+2TUIiefEaxvT8Ub/GzR0iLjJcG1+p+o1wq -u00vR+L4OQbJnC4xGgN49Lw4xiKLMzHwFgQEffl25EvXwOaD7FnMP97/T2u3Z36mhoEyIwOdyPdf -wUpgpZKpsaSgYMN4h7Mi8yrrW6ntBas3D7Hi05V2Y1Z0jFhyGzflZKG+TQyTmAyX9odtsz/ny4Cm -7YjHX1BiAuiZdBbQ5rQ58SfLyEDW44YQqSMSkuBpQWOnryULwMWSyx6Yo1q6xTMPoJcB3X/ge9YG -VM+h4k0460tQtcsm9MracEpqoeJ5quGnM/b9Sh/22WA= ------END CERTIFICATE----- - -Wells Fargo Root CA -=================== ------BEGIN CERTIFICATE----- -MIID5TCCAs2gAwIBAgIEOeSXnjANBgkqhkiG9w0BAQUFADCBgjELMAkGA1UEBhMCVVMxFDASBgNV -BAoTC1dlbGxzIEZhcmdvMSwwKgYDVQQLEyNXZWxscyBGYXJnbyBDZXJ0aWZpY2F0aW9uIEF1dGhv -cml0eTEvMC0GA1UEAxMmV2VsbHMgRmFyZ28gUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcN -MDAxMDExMTY0MTI4WhcNMjEwMTE0MTY0MTI4WjCBgjELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1dl -bGxzIEZhcmdvMSwwKgYDVQQLEyNXZWxscyBGYXJnbyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEv -MC0GA1UEAxMmV2VsbHMgRmFyZ28gUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0GCSqG -SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVqDM7Jvk0/82bfuUER84A4n135zHCLielTWi5MbqNQ1mX -x3Oqfz1cQJ4F5aHiidlMuD+b+Qy0yGIZLEWukR5zcUHESxP9cMIlrCL1dQu3U+SlK93OvRw6esP3 -E48mVJwWa2uv+9iWsWCaSOAlIiR5NM4OJgALTqv9i86C1y8IcGjBqAr5dE8Hq6T54oN+J3N0Prj5 -OEL8pahbSCOz6+MlsoCultQKnMJ4msZoGK43YjdeUXWoWGPAUe5AeH6orxqg4bB4nVCMe+ez/I4j -sNtlAHCEAQgAFG5Uhpq6zPk3EPbg3oQtnaSFN9OH4xXQwReQfhkhahKpdv0SAulPIV4XAgMBAAGj -YTBfMA8GA1UdEwEB/wQFMAMBAf8wTAYDVR0gBEUwQzBBBgtghkgBhvt7hwcBCzAyMDAGCCsGAQUF -BwIBFiRodHRwOi8vd3d3LndlbGxzZmFyZ28uY29tL2NlcnRwb2xpY3kwDQYJKoZIhvcNAQEFBQAD -ggEBANIn3ZwKdyu7IvICtUpKkfnRLb7kuxpo7w6kAOnu5+/u9vnldKTC2FJYxHT7zmu1Oyl5GFrv -m+0fazbuSCUlFLZWohDo7qd/0D+j0MNdJu4HzMPBJCGHHt8qElNvQRbn7a6U+oxy+hNH8Dx+rn0R -OhPs7fpvcmR7nX1/Jv16+yWt6j4pf0zjAFcysLPp7VMX2YuyFA4w6OXVE8Zkr8QA1dhYJPz1j+zx -x32l2w8n0cbyQIjmH/ZhqPRCyLk306m+LFZ4wnKbWV01QIroTmMatukgalHizqSQ33ZwmVxwQ023 -tqcZZE6St8WRPH9IFmV7Fv3L/PvZ1dZPIWU7Sn9Ho/s= ------END CERTIFICATE----- - Swisscom Root CA 1 ================== -----BEGIN CERTIFICATE----- @@ -1838,85 +1016,6 @@ vFcj4jjSm2jzVhKIT0J8uDHEtdvkyCE06UgRNe76x5JXxZ805Mf29w4LTJxoeHtxMcfrHuBnQfO3 oKfN5XozNmr6mis= -----END CERTIFICATE----- -TURKTRUST Certificate Services Provider Root 1 -============================================== ------BEGIN CERTIFICATE----- -MIID+zCCAuOgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBtzE/MD0GA1UEAww2VMOcUktUUlVTVCBF -bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxMQswCQYDVQQGDAJUUjEP -MA0GA1UEBwwGQU5LQVJBMVYwVAYDVQQKDE0oYykgMjAwNSBUw5xSS1RSVVNUIEJpbGdpIMSwbGV0 -acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLjAeFw0wNTA1MTMx -MDI3MTdaFw0xNTAzMjIxMDI3MTdaMIG3MT8wPQYDVQQDDDZUw5xSS1RSVVNUIEVsZWt0cm9uaWsg -U2VydGlmaWthIEhpem1ldCBTYcSfbGF5xLFjxLFzxLExCzAJBgNVBAYMAlRSMQ8wDQYDVQQHDAZB -TktBUkExVjBUBgNVBAoMTShjKSAyMDA1IFTDnFJLVFJVU1QgQmlsZ2kgxLBsZXRpxZ9pbSB2ZSBC -aWxpxZ9pbSBHw7x2ZW5sacSfaSBIaXptZXRsZXJpIEEuxZ4uMIIBIjANBgkqhkiG9w0BAQEFAAOC -AQ8AMIIBCgKCAQEAylIF1mMD2Bxf3dJ7XfIMYGFbazt0K3gNfUW9InTojAPBxhEqPZW8qZSwu5GX -yGl8hMW0kWxsE2qkVa2kheiVfrMArwDCBRj1cJ02i67L5BuBf5OI+2pVu32Fks66WJ/bMsW9Xe8i -Si9BB35JYbOG7E6mQW6EvAPs9TscyB/C7qju6hJKjRTP8wrgUDn5CDX4EVmt5yLqS8oUBt5CurKZ -8y1UiBAG6uEaPj1nH/vO+3yC6BFdSsG5FOpU2WabfIl9BJpiyelSPJ6c79L1JuTm5Rh8i27fbMx4 -W09ysstcP4wFjdFMjK2Sx+F4f2VsSQZQLJ4ywtdKxnWKWU51b0dewQIDAQABoxAwDjAMBgNVHRME -BTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAV9VX/N5aAWSGk/KEVTCD21F/aAyT8z5Aa9CEKmu46 -sWrv7/hg0Uw2ZkUd82YCdAR7kjCo3gp2D++Vbr3JN+YaDayJSFvMgzbC9UZcWYJWtNX+I7TYVBxE -q8Sn5RTOPEFhfEPmzcSBCYsk+1Ql1haolgxnB2+zUEfjHCQo3SqYpGH+2+oSN7wBGjSFvW5P55Fy -B0SFHljKVETd96y5y4khctuPwGkplyqjrhgjlxxBKot8KsF8kOipKMDTkcatKIdAaLX/7KfS0zgY -nNN9aV3wxqUeJBujR/xpB2jn5Jq07Q+hh4cCzofSSE7hvP/L8XKSRGQDJereW26fyfJOrN3H ------END CERTIFICATE----- - -TURKTRUST Certificate Services Provider Root 2 -============================================== ------BEGIN CERTIFICATE----- -MIIEPDCCAySgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvjE/MD0GA1UEAww2VMOcUktUUlVTVCBF -bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxMQswCQYDVQQGEwJUUjEP -MA0GA1UEBwwGQW5rYXJhMV0wWwYDVQQKDFRUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUg -QmlsacWfaW0gR8O8dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLiAoYykgS2FzxLFtIDIwMDUwHhcN -MDUxMTA3MTAwNzU3WhcNMTUwOTE2MTAwNzU3WjCBvjE/MD0GA1UEAww2VMOcUktUUlVTVCBFbGVr -dHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxMQswCQYDVQQGEwJUUjEPMA0G -A1UEBwwGQW5rYXJhMV0wWwYDVQQKDFRUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmls -acWfaW0gR8O8dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLiAoYykgS2FzxLFtIDIwMDUwggEiMA0G -CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpNn7DkUNMwxmYCMjHWHtPFoylzkkBH3MOrHUTpvqe -LCDe2JAOCtFp0if7qnefJ1Il4std2NiDUBd9irWCPwSOtNXwSadktx4uXyCcUHVPr+G1QRT0mJKI -x+XlZEdhR3n9wFHxwZnn3M5q+6+1ATDcRhzviuyV79z/rxAc653YsKpqhRgNF8k+v/Gb0AmJQv2g -QrSdiVFVKc8bcLyEVK3BEx+Y9C52YItdP5qtygy/p1Zbj3e41Z55SZI/4PGXJHpsmxcPbe9TmJEr -5A++WXkHeLuXlfSfadRYhwqp48y2WBmfJiGxxFmNskF1wK1pzpwACPI2/z7woQ8arBT9pmAPAgMB -AAGjQzBBMB0GA1UdDgQWBBTZN7NOBf3Zz58SFq62iS/rJTqIHDAPBgNVHQ8BAf8EBQMDBwYAMA8G -A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAHJglrfJ3NgpXiOFX7KzLXb7iNcX/ntt -Rbj2hWyfIvwqECLsqrkw9qtY1jkQMZkpAL2JZkH7dN6RwRgLn7Vhy506vvWolKMiVW4XSf/SKfE4 -Jl3vpao6+XF75tpYHdN0wgH6PmlYX63LaL4ULptswLbcoCb6dxriJNoaN+BnrdFzgw2lGh1uEpJ+ -hGIAF728JRhX8tepb1mIvDS3LoV4nZbcFMMsilKbloxSZj2GFotHuFEJjOp9zYhys2AzsfAKRO8P -9Qk3iCQOLGsgOqL6EfJANZxEaGM7rDNvY7wsu/LSy3Z9fYjYHcgFHW68lKlmjHdxx/qR+i9Rnuk5 -UrbnBEI= ------END CERTIFICATE----- - -SwissSign Platinum CA - G2 -========================== ------BEGIN CERTIFICATE----- -MIIFwTCCA6mgAwIBAgIITrIAZwwDXU8wDQYJKoZIhvcNAQEFBQAwSTELMAkGA1UEBhMCQ0gxFTAT -BgNVBAoTDFN3aXNzU2lnbiBBRzEjMCEGA1UEAxMaU3dpc3NTaWduIFBsYXRpbnVtIENBIC0gRzIw -HhcNMDYxMDI1MDgzNjAwWhcNMzYxMDI1MDgzNjAwWjBJMQswCQYDVQQGEwJDSDEVMBMGA1UEChMM -U3dpc3NTaWduIEFHMSMwIQYDVQQDExpTd2lzc1NpZ24gUGxhdGludW0gQ0EgLSBHMjCCAiIwDQYJ -KoZIhvcNAQEBBQADggIPADCCAgoCggIBAMrfogLi2vj8Bxax3mCq3pZcZB/HL37PZ/pEQtZ2Y5Wu -669yIIpFR4ZieIbWIDkm9K6j/SPnpZy1IiEZtzeTIsBQnIJ71NUERFzLtMKfkr4k2HtnIuJpX+UF -eNSH2XFwMyVTtIc7KZAoNppVRDBopIOXfw0enHb/FZ1glwCNioUD7IC+6ixuEFGSzH7VozPY1kne -WCqv9hbrS3uQMpe5up1Y8fhXSQQeol0GcN1x2/ndi5objM89o03Oy3z2u5yg+gnOI2Ky6Q0f4nIo -j5+saCB9bzuohTEJfwvH6GXp43gOCWcwizSC+13gzJ2BbWLuCB4ELE6b7P6pT1/9aXjvCR+htL/6 -8++QHkwFix7qepF6w9fl+zC8bBsQWJj3Gl/QKTIDE0ZNYWqFTFJ0LwYfexHihJfGmfNtf9dng34T -aNhxKFrYzt3oEBSa/m0jh26OWnA81Y0JAKeqvLAxN23IhBQeW71FYyBrS3SMvds6DsHPWhaPpZjy -domyExI7C3d3rLvlPClKknLKYRorXkzig3R3+jVIeoVNjZpTxN94ypeRSCtFKwH3HBqi7Ri6Cr2D -+m+8jVeTO9TUps4e8aCxzqv9KyiaTxvXw3LbpMS/XUz13XuWae5ogObnmLo2t/5u7Su9IPhlGdpV -CX4l3P5hYnL5fhgC72O00Puv5TtjjGePAgMBAAGjgawwgakwDgYDVR0PAQH/BAQDAgEGMA8GA1Ud -EwEB/wQFMAMBAf8wHQYDVR0OBBYEFFCvzAeHFUdvOMW0ZdHelarp35zMMB8GA1UdIwQYMBaAFFCv -zAeHFUdvOMW0ZdHelarp35zMMEYGA1UdIAQ/MD0wOwYJYIV0AVkBAQEBMC4wLAYIKwYBBQUHAgEW -IGh0dHA6Ly9yZXBvc2l0b3J5LnN3aXNzc2lnbi5jb20vMA0GCSqGSIb3DQEBBQUAA4ICAQAIhab1 -Fgz8RBrBY+D5VUYI/HAcQiiWjrfFwUF1TglxeeVtlspLpYhg0DB0uMoI3LQwnkAHFmtllXcBrqS3 -NQuB2nEVqXQXOHtYyvkv+8Bldo1bAbl93oI9ZLi+FHSjClTTLJUYFzX1UWs/j6KWYTl4a0vlpqD4 -U99REJNi54Av4tHgvI42Rncz7Lj7jposiU0xEQ8mngS7twSNC/K5/FqdOxa3L8iYq/6KUFkuozv8 -KV2LwUvJ4ooTHbG/u0IdUt1O2BReEMYxB+9xJ/cbOQncguqLs5WGXv312l0xpuAxtpTmREl0xRbl -9x8DYSjFyMsSoEJL+WuICI20MhjzdZ/EfwBPBZWcoxcCw7NTm6ogOSkrZvqdr16zktK1puEa+S1B -aYEUtLS17Yk9zvupnTVCRLEcFHOBzyoBNZox1S2PbYTfgE1X4z/FhHXaicYwu+uPyyIIoK6q8QNs -OktNCaUOcsZWayFCTiMlFGiudgp8DAdwZPmaL/YFOSbGDI8Zf0NebvRbFS/bYV3mZy8/CJT5YLSY -Mdp08YSTcU1f+2BY0fvEwW2JorsgH51xkcsymxM9Pn2SUjWskpSi0xjCfMfqr3YFFt1nJ8J+HAci -IfNAChs0B0QTwoRqjt8ZWr9/6x3iGjjRXK9HkmuAtTClyY3YqzGBH9/CZjfTk6mFhnll0g== ------END CERTIFICATE----- - SwissSign Gold CA - G2 ====================== -----BEGIN CERTIFICATE----- @@ -2254,32 +1353,6 @@ hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZiFj4A4xylNoEY okxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ/L7fCg0= -----END CERTIFICATE----- -S-TRUST Authentication and Encryption Root CA 2005 PN -===================================================== ------BEGIN CERTIFICATE----- -MIIEezCCA2OgAwIBAgIQNxkY5lNUfBq1uMtZWts1tzANBgkqhkiG9w0BAQUFADCBrjELMAkGA1UE -BhMCREUxIDAeBgNVBAgTF0JhZGVuLVd1ZXJ0dGVtYmVyZyAoQlcpMRIwEAYDVQQHEwlTdHV0dGdh -cnQxKTAnBgNVBAoTIERldXRzY2hlciBTcGFya2Fzc2VuIFZlcmxhZyBHbWJIMT4wPAYDVQQDEzVT -LVRSVVNUIEF1dGhlbnRpY2F0aW9uIGFuZCBFbmNyeXB0aW9uIFJvb3QgQ0EgMjAwNTpQTjAeFw0w -NTA2MjIwMDAwMDBaFw0zMDA2MjEyMzU5NTlaMIGuMQswCQYDVQQGEwJERTEgMB4GA1UECBMXQmFk -ZW4tV3VlcnR0ZW1iZXJnIChCVykxEjAQBgNVBAcTCVN0dXR0Z2FydDEpMCcGA1UEChMgRGV1dHNj -aGVyIFNwYXJrYXNzZW4gVmVybGFnIEdtYkgxPjA8BgNVBAMTNVMtVFJVU1QgQXV0aGVudGljYXRp -b24gYW5kIEVuY3J5cHRpb24gUm9vdCBDQSAyMDA1OlBOMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A -MIIBCgKCAQEA2bVKwdMz6tNGs9HiTNL1toPQb9UY6ZOvJ44TzbUlNlA0EmQpoVXhOmCTnijJ4/Ob -4QSwI7+Vio5bG0F/WsPoTUzVJBY+h0jUJ67m91MduwwA7z5hca2/OnpYH5Q9XIHV1W/fuJvS9eXL -g3KSwlOyggLrra1fFi2SU3bxibYs9cEv4KdKb6AwajLrmnQDaHgTncovmwsdvs91DSaXm8f1Xgqf -eN+zvOyauu9VjxuapgdjKRdZYgkqeQd3peDRF2npW932kKvimAoA0SVtnteFhy+S8dF2g08LOlk3 -KC8zpxdQ1iALCvQm+Z845y2kuJuJja2tyWp9iRe79n+Ag3rm7QIDAQABo4GSMIGPMBIGA1UdEwEB -/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFTVFJv -bmxpbmUxLTIwNDgtNTAdBgNVHQ4EFgQUD8oeXHngovMpttKFswtKtWXsa1IwHwYDVR0jBBgwFoAU -D8oeXHngovMpttKFswtKtWXsa1IwDQYJKoZIhvcNAQEFBQADggEBAK8B8O0ZPCjoTVy7pWMciDMD -pwCHpB8gq9Yc4wYfl35UvbfRssnV2oDsF9eK9XvCAPbpEW+EoFolMeKJ+aQAPzFoLtU96G7m1R08 -P7K9n3frndOMusDXtk3sU5wPBG7qNWdX4wple5A64U8+wwCSersFiXOMy6ZNwPv2AtawB6MDwidA -nwzkhYItr5pCHdDHjfhA7p0GVxzZotiAFP7hYy0yh9WUUpY6RsZxlj33mA6ykaqP2vROJAA5Veit -F7nTNCtKqUDMFypVZUF0Qn71wK/Ik63yGFs9iQzbRzkk+OBM8h+wPQrKBU6JIRrjKpms/H+h8Q8b -Hz2eBIPdltkdOpQ= ------END CERTIFICATE----- - Microsec e-Szigno Root CA ========================= -----BEGIN CERTIFICATE----- @@ -2342,117 +1415,6 @@ PBS1xp81HlDQwY9qcEQCYsuuHWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg== -----END CERTIFICATE----- -AC Ra\xC3\xADz Certic\xC3\xA1mara S.A. -====================================== ------BEGIN CERTIFICATE----- -MIIGZjCCBE6gAwIBAgIPB35Sk3vgFeNX8GmMy+wMMA0GCSqGSIb3DQEBBQUAMHsxCzAJBgNVBAYT -AkNPMUcwRQYDVQQKDD5Tb2NpZWRhZCBDYW1lcmFsIGRlIENlcnRpZmljYWNpw7NuIERpZ2l0YWwg -LSBDZXJ0aWPDoW1hcmEgUy5BLjEjMCEGA1UEAwwaQUMgUmHDrXogQ2VydGljw6FtYXJhIFMuQS4w -HhcNMDYxMTI3MjA0NjI5WhcNMzAwNDAyMjE0MjAyWjB7MQswCQYDVQQGEwJDTzFHMEUGA1UECgw+ -U29jaWVkYWQgQ2FtZXJhbCBkZSBDZXJ0aWZpY2FjacOzbiBEaWdpdGFsIC0gQ2VydGljw6FtYXJh -IFMuQS4xIzAhBgNVBAMMGkFDIFJhw616IENlcnRpY8OhbWFyYSBTLkEuMIICIjANBgkqhkiG9w0B -AQEFAAOCAg8AMIICCgKCAgEAq2uJo1PMSCMI+8PPUZYILrgIem08kBeGqentLhM0R7LQcNzJPNCN -yu5LF6vQhbCnIwTLqKL85XXbQMpiiY9QngE9JlsYhBzLfDe3fezTf3MZsGqy2IiKLUV0qPezuMDU -2s0iiXRNWhU5cxh0T7XrmafBHoi0wpOQY5fzp6cSsgkiBzPZkc0OnB8OIMfuuzONj8LSWKdf/WU3 -4ojC2I+GdV75LaeHM/J4Ny+LvB2GNzmxlPLYvEqcgxhaBvzz1NS6jBUJJfD5to0EfhcSM2tXSExP -2yYe68yQ54v5aHxwD6Mq0Do43zeX4lvegGHTgNiRg0JaTASJaBE8rF9ogEHMYELODVoqDA+bMMCm -8Ibbq0nXl21Ii/kDwFJnmxL3wvIumGVC2daa49AZMQyth9VXAnow6IYm+48jilSH5L887uvDdUhf -HjlvgWJsxS3EF1QZtzeNnDeRyPYL1epjb4OsOMLzP96a++EjYfDIJss2yKHzMI+ko6Kh3VOz3vCa -Mh+DkXkwwakfU5tTohVTP92dsxA7SH2JD/ztA/X7JWR1DhcZDY8AFmd5ekD8LVkH2ZD6mq093ICK -5lw1omdMEWux+IBkAC1vImHFrEsm5VoQgpukg3s0956JkSCXjrdCx2bD0Omk1vUgjcTDlaxECp1b -czwmPS9KvqfJpxAe+59QafMCAwEAAaOB5jCB4zAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE -AwIBBjAdBgNVHQ4EFgQU0QnQ6dfOeXRU+Tows/RtLAMDG2gwgaAGA1UdIASBmDCBlTCBkgYEVR0g -ADCBiTArBggrBgEFBQcCARYfaHR0cDovL3d3dy5jZXJ0aWNhbWFyYS5jb20vZHBjLzBaBggrBgEF -BQcCAjBOGkxMaW1pdGFjaW9uZXMgZGUgZ2FyYW507WFzIGRlIGVzdGUgY2VydGlmaWNhZG8gc2Ug -cHVlZGVuIGVuY29udHJhciBlbiBsYSBEUEMuMA0GCSqGSIb3DQEBBQUAA4ICAQBclLW4RZFNjmEf -AygPU3zmpFmps4p6xbD/CHwso3EcIRNnoZUSQDWDg4902zNc8El2CoFS3UnUmjIz75uny3XlesuX -EpBcunvFm9+7OSPI/5jOCk0iAUgHforA1SBClETvv3eiiWdIG0ADBaGJ7M9i4z0ldma/Jre7Ir5v -/zlXdLp6yQGVwZVR6Kss+LGGIOk/yzVb0hfpKv6DExdA7ohiZVvVO2Dpezy4ydV/NgIlqmjCMRW3 -MGXrfx1IebHPOeJCgBbT9ZMj/EyXyVo3bHwi2ErN0o42gzmRkBDI8ck1fj+404HGIGQatlDCIaR4 -3NAvO2STdPCWkPHv+wlaNECW8DYSwaN0jJN+Qd53i+yG2dIPPy3RzECiiWZIHiCznCNZc6lEc7wk -eZBWN7PGKX6jD/EpOe9+XCgycDWs2rjIdWb8m0w5R44bb5tNAlQiM+9hup4phO9OSzNHdpdqy35f -/RWmnkJDW2ZaiogN9xa5P1FlK2Zqi9E4UqLWRhH6/JocdJ6PlwsCT2TG9WjTSy3/pDceiz+/RL5h -RqGEPQgnTIEgd4kI6mdAXmwIUV80WoyWaM3X94nCHNMyAK9Sy9NgWyo6R35rMDOhYil/SrnhLecU -Iw4OGEfhefwVVdCx/CVxY3UzHCMrr1zZ7Ud3YA47Dx7SwNxkBYn8eNZcLCZDqQ== ------END CERTIFICATE----- - -TC TrustCenter Class 2 CA II -============================ ------BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIOLmoAAQACH9dSISwRXDswDQYJKoZIhvcNAQEFBQAwdjELMAkGA1UEBhMC -REUxHDAaBgNVBAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxIjAgBgNVBAsTGVRDIFRydXN0Q2VudGVy -IENsYXNzIDIgQ0ExJTAjBgNVBAMTHFRDIFRydXN0Q2VudGVyIENsYXNzIDIgQ0EgSUkwHhcNMDYw -MTEyMTQzODQzWhcNMjUxMjMxMjI1OTU5WjB2MQswCQYDVQQGEwJERTEcMBoGA1UEChMTVEMgVHJ1 -c3RDZW50ZXIgR21iSDEiMCAGA1UECxMZVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMiBDQTElMCMGA1UE -AxMcVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMiBDQSBJSTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC -AQoCggEBAKuAh5uO8MN8h9foJIIRszzdQ2Lu+MNF2ujhoF/RKrLqk2jftMjWQ+nEdVl//OEd+DFw -IxuInie5e/060smp6RQvkL4DUsFJzfb95AhmC1eKokKguNV/aVyQMrKXDcpK3EY+AlWJU+MaWss2 -xgdW94zPEfRMuzBwBJWl9jmM/XOBCH2JXjIeIqkiRUuwZi4wzJ9l/fzLganx4Duvo4bRierERXlQ -Xa7pIXSSTYtZgo+U4+lK8edJsBTj9WLL1XK9H7nSn6DNqPoByNkN39r8R52zyFTfSUrxIan+GE7u -SNQZu+995OKdy1u2bv/jzVrndIIFuoAlOMvkaZ6vQaoahPUCAwEAAaOCATQwggEwMA8GA1UdEwEB -/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTjq1RMgKHbVkO3kUrL84J6E1wIqzCB -7QYDVR0fBIHlMIHiMIHfoIHcoIHZhjVodHRwOi8vd3d3LnRydXN0Y2VudGVyLmRlL2NybC92Mi90 -Y19jbGFzc18yX2NhX0lJLmNybIaBn2xkYXA6Ly93d3cudHJ1c3RjZW50ZXIuZGUvQ049VEMlMjBU -cnVzdENlbnRlciUyMENsYXNzJTIwMiUyMENBJTIwSUksTz1UQyUyMFRydXN0Q2VudGVyJTIwR21i -SCxPVT1yb290Y2VydHMsREM9dHJ1c3RjZW50ZXIsREM9ZGU/Y2VydGlmaWNhdGVSZXZvY2F0aW9u -TGlzdD9iYXNlPzANBgkqhkiG9w0BAQUFAAOCAQEAjNfffu4bgBCzg/XbEeprS6iSGNn3Bzn1LL4G -dXpoUxUc6krtXvwjshOg0wn/9vYua0Fxec3ibf2uWWuFHbhOIprtZjluS5TmVfwLG4t3wVMTZonZ -KNaL80VKY7f9ewthXbhtvsPcW3nS7Yblok2+XnR8au0WOB9/WIFaGusyiC2y8zl3gK9etmF1Kdsj -TYjKUCjLhdLTEKJZbtOTVAB6okaVhgWcqRmY5TFyDADiZ9lA4CQze28suVyrZZ0srHbqNZn1l7kP -JOzHdiEoZa5X6AeIdUpWoNIFOqTmjZKILPPy4cHGYdtBxceb9w4aUUXCYWvcZCcXjFq32nQozZfk -vQ== ------END CERTIFICATE----- - -TC TrustCenter Class 3 CA II -============================ ------BEGIN CERTIFICATE----- -MIIEqjCCA5KgAwIBAgIOSkcAAQAC5aBd1j8AUb8wDQYJKoZIhvcNAQEFBQAwdjELMAkGA1UEBhMC -REUxHDAaBgNVBAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxIjAgBgNVBAsTGVRDIFRydXN0Q2VudGVy -IENsYXNzIDMgQ0ExJTAjBgNVBAMTHFRDIFRydXN0Q2VudGVyIENsYXNzIDMgQ0EgSUkwHhcNMDYw -MTEyMTQ0MTU3WhcNMjUxMjMxMjI1OTU5WjB2MQswCQYDVQQGEwJERTEcMBoGA1UEChMTVEMgVHJ1 -c3RDZW50ZXIgR21iSDEiMCAGA1UECxMZVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQTElMCMGA1UE -AxMcVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMyBDQSBJSTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC -AQoCggEBALTgu1G7OVyLBMVMeRwjhjEQY0NVJz/GRcekPewJDRoeIMJWHt4bNwcwIi9v8Qbxq63W -yKthoy9DxLCyLfzDlml7forkzMA5EpBCYMnMNWju2l+QVl/NHE1bWEnrDgFPZPosPIlY2C8u4rBo -6SI7dYnWRBpl8huXJh0obazovVkdKyT21oQDZogkAHhg8fir/gKya/si+zXmFtGt9i4S5Po1auUZ -uV3bOx4a+9P/FRQI2AlqukWdFHlgfa9Aigdzs5OW03Q0jTo3Kd5c7PXuLjHCINy+8U9/I1LZW+Jk -2ZyqBwi1Rb3R0DHBq1SfqdLDYmAD8bs5SpJKPQq5ncWg/jcCAwEAAaOCATQwggEwMA8GA1UdEwEB -/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTUovyfs8PYA9NXXAek0CSnwPIA1DCB -7QYDVR0fBIHlMIHiMIHfoIHcoIHZhjVodHRwOi8vd3d3LnRydXN0Y2VudGVyLmRlL2NybC92Mi90 -Y19jbGFzc18zX2NhX0lJLmNybIaBn2xkYXA6Ly93d3cudHJ1c3RjZW50ZXIuZGUvQ049VEMlMjBU -cnVzdENlbnRlciUyMENsYXNzJTIwMyUyMENBJTIwSUksTz1UQyUyMFRydXN0Q2VudGVyJTIwR21i -SCxPVT1yb290Y2VydHMsREM9dHJ1c3RjZW50ZXIsREM9ZGU/Y2VydGlmaWNhdGVSZXZvY2F0aW9u -TGlzdD9iYXNlPzANBgkqhkiG9w0BAQUFAAOCAQEANmDkcPcGIEPZIxpC8vijsrlNirTzwppVMXzE -O2eatN9NDoqTSheLG43KieHPOh6sHfGcMrSOWXaiQYUlN6AT0PV8TtXqluJucsG7Kv5sbviRmEb8 -yRtXW+rIGjs/sFGYPAfaLFkB2otE6OF0/ado3VS6g0bsyEa1+K+XwDsJHI/OcpY9M1ZwvJbL2NV9 -IJqDnxrcOfHFcqMRA/07QlIp2+gB95tejNaNhk4Z+rwcvsUhpYeeeC422wlxo3I0+GzjBgnyXlal -092Y+tTmBvTwtiBjS+opvaqCZh77gaqnN60TGOaSw4HBM7uIHqHn4rS9MWwOUT1v+5ZWgOI2F9Hc -5A== ------END CERTIFICATE----- - -TC TrustCenter Universal CA I -============================= ------BEGIN CERTIFICATE----- -MIID3TCCAsWgAwIBAgIOHaIAAQAC7LdggHiNtgYwDQYJKoZIhvcNAQEFBQAweTELMAkGA1UEBhMC -REUxHDAaBgNVBAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxJDAiBgNVBAsTG1RDIFRydXN0Q2VudGVy -IFVuaXZlcnNhbCBDQTEmMCQGA1UEAxMdVEMgVHJ1c3RDZW50ZXIgVW5pdmVyc2FsIENBIEkwHhcN -MDYwMzIyMTU1NDI4WhcNMjUxMjMxMjI1OTU5WjB5MQswCQYDVQQGEwJERTEcMBoGA1UEChMTVEMg -VHJ1c3RDZW50ZXIgR21iSDEkMCIGA1UECxMbVEMgVHJ1c3RDZW50ZXIgVW5pdmVyc2FsIENBMSYw -JAYDVQQDEx1UQyBUcnVzdENlbnRlciBVbml2ZXJzYWwgQ0EgSTCCASIwDQYJKoZIhvcNAQEBBQAD -ggEPADCCAQoCggEBAKR3I5ZEr5D0MacQ9CaHnPM42Q9e3s9B6DGtxnSRJJZ4Hgmgm5qVSkr1YnwC -qMqs+1oEdjneX/H5s7/zA1hV0qq34wQi0fiU2iIIAI3TfCZdzHd55yx4Oagmcw6iXSVphU9VDprv -xrlE4Vc93x9UIuVvZaozhDrzznq+VZeujRIPFDPiUHDDSYcTvFHe15gSWu86gzOSBnWLknwSaHtw -ag+1m7Z3W0hZneTvWq3zwZ7U10VOylY0Ibw+F1tvdwxIAUMpsN0/lm7mlaoMwCC2/T42J5zjXM9O -gdwZu5GQfezmlwQek8wiSdeXhrYTCjxDI3d+8NzmzSQfO4ObNDqDNOMCAwEAAaNjMGEwHwYDVR0j -BBgwFoAUkqR1LKSevoFE63n8isWVpesQdXMwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC -AYYwHQYDVR0OBBYEFJKkdSyknr6BROt5/IrFlaXrEHVzMA0GCSqGSIb3DQEBBQUAA4IBAQAo0uCG -1eb4e/CX3CJrO5UUVg8RMKWaTzqwOuAGy2X17caXJ/4l8lfmXpWMPmRgFVp/Lw0BxbFg/UU1z/Cy -vwbZ71q+s2IhtNerNXxTPqYn8aEt2hojnczd7Dwtnic0XQ/CNnm8yUpiLe1r2X1BQ3y2qsrtYbE3 -ghUJGooWMNjsydZHcnhLEEYUjl8Or+zHL6sQ17bxbuyGssLoDZJz3KL0Dzq/YSMQiZxIQG5wALPT -ujdEWBF6AmqI8Dc08BnprNRlc/ZpjGSUOnmFKbAWKwyCPwacx/0QK54PLLae4xW/2TYcuiUaUj0a -7CIMHOCkoj3w6DnPgcB77V0fb8XQC9eY ------END CERTIFICATE----- - Deutsche Telekom Root CA 2 ========================== -----BEGIN CERTIFICATE----- @@ -2475,50 +1437,6 @@ dyd1Lx+4ivn+xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU Cm26OWMohpLzGITY+9HPBVZkVw== -----END CERTIFICATE----- -ComSign CA -========== ------BEGIN CERTIFICATE----- -MIIDkzCCAnugAwIBAgIQFBOWgxRVjOp7Y+X8NId3RDANBgkqhkiG9w0BAQUFADA0MRMwEQYDVQQD -EwpDb21TaWduIENBMRAwDgYDVQQKEwdDb21TaWduMQswCQYDVQQGEwJJTDAeFw0wNDAzMjQxMTMy -MThaFw0yOTAzMTkxNTAyMThaMDQxEzARBgNVBAMTCkNvbVNpZ24gQ0ExEDAOBgNVBAoTB0NvbVNp -Z24xCzAJBgNVBAYTAklMMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ORUaSvTx49q -ROR+WCf4C9DklBKK8Rs4OC8fMZwG1Cyn3gsqrhqg455qv588x26i+YtkbDqthVVRVKU4VbirgwTy -P2Q298CNQ0NqZtH3FyrV7zb6MBBC11PN+fozc0yz6YQgitZBJzXkOPqUm7h65HkfM/sb2CEJKHxN -GGleZIp6GZPKfuzzcuc3B1hZKKxC+cX/zT/npfo4sdAMx9lSGlPWgcxCejVb7Us6eva1jsz/D3zk -YDaHL63woSV9/9JLEYhwVKZBqGdTUkJe5DSe5L6j7KpiXd3DTKaCQeQzC6zJMw9kglcq/QytNuEM -rkvF7zuZ2SOzW120V+x0cAwqTwIDAQABo4GgMIGdMAwGA1UdEwQFMAMBAf8wPQYDVR0fBDYwNDAy -oDCgLoYsaHR0cDovL2ZlZGlyLmNvbXNpZ24uY28uaWwvY3JsL0NvbVNpZ25DQS5jcmwwDgYDVR0P -AQH/BAQDAgGGMB8GA1UdIwQYMBaAFEsBmz5WGmU2dst7l6qSBe4y5ygxMB0GA1UdDgQWBBRLAZs+ -VhplNnbLe5eqkgXuMucoMTANBgkqhkiG9w0BAQUFAAOCAQEA0Nmlfv4pYEWdfoPPbrxHbvUanlR2 -QnG0PFg/LUAlQvaBnPGJEMgOqnhPOAlXsDzACPw1jvFIUY0McXS6hMTXcpuEfDhOZAYnKuGntewI -mbQKDdSFc8gS4TXt8QUxHXOZDOuWyt3T5oWq8Ir7dcHyCTxlZWTzTNity4hp8+SDtwy9F1qWF8pb -/627HOkthIDYIb6FUtnUdLlphbpN7Sgy6/lhSuTENh4Z3G+EER+V9YMoGKgzkkMn3V0TBEVPh9VG -zT2ouvDzuFYkRes3x+F2T3I5GN9+dHLHcy056mDmrRGiVod7w2ia/viMcKjfZTL0pECMocJEAw6U -AGegcQCCSA== ------END CERTIFICATE----- - -ComSign Secured CA -================== ------BEGIN CERTIFICATE----- -MIIDqzCCApOgAwIBAgIRAMcoRwmzuGxFjB36JPU2TukwDQYJKoZIhvcNAQEFBQAwPDEbMBkGA1UE -AxMSQ29tU2lnbiBTZWN1cmVkIENBMRAwDgYDVQQKEwdDb21TaWduMQswCQYDVQQGEwJJTDAeFw0w -NDAzMjQxMTM3MjBaFw0yOTAzMTYxNTA0NTZaMDwxGzAZBgNVBAMTEkNvbVNpZ24gU2VjdXJlZCBD -QTEQMA4GA1UEChMHQ29tU2lnbjELMAkGA1UEBhMCSUwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw -ggEKAoIBAQDGtWhfHZQVw6QIVS3joFd67+l0Kru5fFdJGhFeTymHDEjWaueP1H5XJLkGieQcPOqs -49ohgHMhCu95mGwfCP+hUH3ymBvJVG8+pSjsIQQPRbsHPaHA+iqYHU4Gk/v1iDurX8sWv+bznkqH -7Rnqwp9D5PGBpX8QTz7RSmKtUxvLg/8HZaWSLWapW7ha9B20IZFKF3ueMv5WJDmyVIRD9YTC2LxB -kMyd1mja6YJQqTtoz7VdApRgFrFD2UNd3V2Hbuq7s8lr9gOUCXDeFhF6K+h2j0kQmHe5Y1yLM5d1 -9guMsqtb3nQgJT/j8xH5h2iGNXHDHYwt6+UarA9z1YJZQIDTAgMBAAGjgacwgaQwDAYDVR0TBAUw -AwEB/zBEBgNVHR8EPTA7MDmgN6A1hjNodHRwOi8vZmVkaXIuY29tc2lnbi5jby5pbC9jcmwvQ29t -U2lnblNlY3VyZWRDQS5jcmwwDgYDVR0PAQH/BAQDAgGGMB8GA1UdIwQYMBaAFMFL7XC29z58ADsA -j8c+DkWfHl3sMB0GA1UdDgQWBBTBS+1wtvc+fAA7AI/HPg5Fnx5d7DANBgkqhkiG9w0BAQUFAAOC -AQEAFs/ukhNQq3sUnjO2QiBq1BW9Cav8cujvR3qQrFHBZE7piL1DRYHjZiM/EoZNGeQFsOY3wo3a -BijJD4mkU6l1P7CW+6tMM1X5eCZGbxs2mPtCdsGCuY7e+0X5YxtiOzkGynd6qDwJz2w2PQ8KRUtp -FhpFfTMDZflScZAmlaxMDPWLkz/MdXSFmLr/YnpNH4n+rr2UAJm/EaXc4HnFFgt9AmEd6oX5AhVP -51qJThRv4zdLhfXBPGHg/QVBspJ/wx2g0K5SZGBrGMYmnNj1ZOQ2GmKfig8+/21OGVZOIJFsnzQz -OjRXUDpvgV4GxvU+fE6OK85lBi5d0ipTdF7Tbieejw== ------END CERTIFICATE----- - Cybertrust Global Root ====================== -----BEGIN CERTIFICATE----- @@ -2620,26 +1538,6 @@ fZleHwzoq0QkKXJAPTZSr4xYkHPB7GEseaHsh7U/2k3ZIQAw3pDaDtMaSKk+hQsUi4y8QZ5q9w5w wDX3OaJdZtB7WZ+oRxKaJyOkLY4ng5IgodcVf/EuGO70SH8vf/GhGLWhC5SgYiAynB321O+/TIho -----END CERTIFICATE----- -Buypass Class 3 CA 1 -==================== ------BEGIN CERTIFICATE----- -MIIDUzCCAjugAwIBAgIBAjANBgkqhkiG9w0BAQUFADBLMQswCQYDVQQGEwJOTzEdMBsGA1UECgwU -QnV5cGFzcyBBUy05ODMxNjMzMjcxHTAbBgNVBAMMFEJ1eXBhc3MgQ2xhc3MgMyBDQSAxMB4XDTA1 -MDUwOTE0MTMwM1oXDTE1MDUwOTE0MTMwM1owSzELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1eXBh -c3MgQVMtOTgzMTYzMzI3MR0wGwYDVQQDDBRCdXlwYXNzIENsYXNzIDMgQ0EgMTCCASIwDQYJKoZI -hvcNAQEBBQADggEPADCCAQoCggEBAKSO13TZKWTeXx+HgJHqTjnmGcZEC4DVC69TB4sSveZn8AKx -ifZgisRbsELRwCGoy+Gb72RRtqfPFfV0gGgEkKBYouZ0plNTVUhjP5JW3SROjvi6K//zNIqeKNc0 -n6wv1g/xpC+9UrJJhW05NfBEMJNGJPO251P7vGGvqaMU+8IXF4Rs4HyI+MkcVyzwPX6UvCWThOia -AJpFBUJXgPROztmuOfbIUxAMZTpHe2DC1vqRycZxbL2RhzyRhkmr8w+gbCZ2Xhysm3HljbybIR6c -1jh+JIAVMYKWsUnTYjdbiAwKYjT+p0h+mbEwi5A3lRyoH6UsjfRVyNvdWQrCrXig9IsCAwEAAaNC -MEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUOBTmyPCppAP0Tj4io1vy1uCtQHQwDgYDVR0P -AQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQABZ6OMySU9E2NdFm/soT4JXJEVKirZgCFPBdy7 -pYmrEzMqnji3jG8CcmPHc3ceCQa6Oyh7pEfJYWsICCD8igWKH7y6xsL+z27sEzNxZy5p+qksP2bA -EllNC1QCkoS72xLvg3BweMhT+t/Gxv/ciC8HwEmdMldg0/L2mSlf56oBzKwzqBwKu5HEA6BvtjT5 -htOzdlSY9EqBs1OdTUDs5XcTRa9bqh/YL0yCe/4qxFi7T/ye/QNlGioOw6UgFpRreaaiErS7GqQj -el/wroQk5PMr+4okoyeYZdowdXb8GZHo2+ubPzK/QJcHJrrM85SFSnonk8+QQtS4Wxam58tAA915 ------END CERTIFICATE----- - EBG Elektronik Sertifika Hizmet Sa\xC4\x9Flay\xc4\xb1\x63\xc4\xb1s\xc4\xb1 ========================================================================== -----BEGIN CERTIFICATE----- @@ -2921,30 +1819,6 @@ IPVVYpbtbZNQvOSqeK3Zywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm 66+KAQ== -----END CERTIFICATE----- -CA Disig -======== ------BEGIN CERTIFICATE----- -MIIEDzCCAvegAwIBAgIBATANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJTSzETMBEGA1UEBxMK -QnJhdGlzbGF2YTETMBEGA1UEChMKRGlzaWcgYS5zLjERMA8GA1UEAxMIQ0EgRGlzaWcwHhcNMDYw -MzIyMDEzOTM0WhcNMTYwMzIyMDEzOTM0WjBKMQswCQYDVQQGEwJTSzETMBEGA1UEBxMKQnJhdGlz -bGF2YTETMBEGA1UEChMKRGlzaWcgYS5zLjERMA8GA1UEAxMIQ0EgRGlzaWcwggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQCS9jHBfYj9mQGp2HvycXXxMcbzdWb6UShGhJd4NLxs/LxFWYgm -GErENx+hSkS943EE9UQX4j/8SFhvXJ56CbpRNyIjZkMhsDxkovhqFQ4/61HhVKndBpnXmjxUizkD -Pw/Fzsbrg3ICqB9x8y34dQjbYkzo+s7552oftms1grrijxaSfQUMbEYDXcDtab86wYqg6I7ZuUUo -hwjstMoVvoLdtUSLLa2GDGhibYVW8qwUYzrG0ZmsNHhWS8+2rT+MitcE5eN4TPWGqvWP+j1scaMt -ymfraHtuM6kMgiioTGohQBUgDCZbg8KpFhXAJIJdKxatymP2dACw30PEEGBWZ2NFAgMBAAGjgf8w -gfwwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUjbJJaJ1yCCW5wCf1UJNWSEZx+Y8wDgYDVR0P -AQH/BAQDAgEGMDYGA1UdEQQvMC2BE2Nhb3BlcmF0b3JAZGlzaWcuc2uGFmh0dHA6Ly93d3cuZGlz -aWcuc2svY2EwZgYDVR0fBF8wXTAtoCugKYYnaHR0cDovL3d3dy5kaXNpZy5zay9jYS9jcmwvY2Ff -ZGlzaWcuY3JsMCygKqAohiZodHRwOi8vY2EuZGlzaWcuc2svY2EvY3JsL2NhX2Rpc2lnLmNybDAa -BgNVHSAEEzARMA8GDSuBHpGT5goAAAABAQEwDQYJKoZIhvcNAQEFBQADggEBAF00dGFMrzvY/59t -WDYcPQuBDRIrRhCA/ec8J9B6yKm2fnQwM6M6int0wHl5QpNt/7EpFIKrIYwvF/k/Ji/1WcbvgAa3 -mkkp7M5+cTxqEEHA9tOasnxakZzArFvITV734VP/Q3f8nktnbNfzg9Gg4H8l37iYC5oyOGwwoPP/ -CBUz91BKez6jPiCp3C9WgArtQVCwyfTssuMmRAAOb54GvCKWU3BlxFAKRmukLyeBEicTXxChds6K -ezfqwzlhA5WYOudsiCUI/HloDYd9Yvi0X/vF2Ey9WLw/Q1vUHgFNPGO+I++MzVpQuGhU+QqZMxEA -4Z7CRneC9VkGjCFMhwnN5ag= ------END CERTIFICATE----- - Juur-SK ======= -----BEGIN CERTIFICATE----- @@ -3045,38 +1919,6 @@ MCwXEGCSn1WHElkQwg9naRHMTh5+Spqtr0CodaxWkHS4oJyleW/c6RrIaQXpuvoDs3zk4E7Czp3o tkYNbn5XOmeUwssfnHdKZ05phkOTOPu220+DkdRgfks+KzgHVZhepA== -----END CERTIFICATE----- -Verisign Class 1 Public Primary Certification Authority -======================================================= ------BEGIN CERTIFICATE----- -MIICPDCCAaUCED9pHoGc8JpK83P/uUii5N0wDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCVVMx -FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5 -IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDEyOTAwMDAwMFoXDTI4MDgwMjIzNTk1OVow -XzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAx -IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUA -A4GNADCBiQKBgQDlGb9to1ZhLZlIcfZn3rmN67eehoAKkQ76OCWvRoiC5XOooJskXQ0fzGVuDLDQ -VoQYh5oGmxChc9+0WDlrbsH2FdWoqD+qEgaNMax/sDTXjzRniAnNFBHiTkVWaR94AoDa3EeRKbs2 -yWNcxeDXLYd7obcysHswuiovMaruo2fa2wIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFgVKTk8d6Pa -XCUDfGD67gmZPCcQcMgMCeazh88K4hiWNWLMv5sneYlfycQJ9M61Hd8qveXbhpxoJeUwfLaJFf5n -0a3hUKw8fGJLj7qE1xIVGx/KXQ/BUpQqEZnae88MNhPVNdwQGVnqlMEAv3WP2fr9dgTbYruQagPZ -RjXZ+Hxb ------END CERTIFICATE----- - -Verisign Class 3 Public Primary Certification Authority -======================================================= ------BEGIN CERTIFICATE----- -MIICPDCCAaUCEDyRMcsf9tAbDpq40ES/Er4wDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCVVMx -FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmltYXJ5 -IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDEyOTAwMDAwMFoXDTI4MDgwMjIzNTk1OVow -XzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAz -IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUA -A4GNADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhEBarsAx94 -f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/isI19wKTakyYbnsZogy1Ol -hec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBABByUqkFFBky -CEHwxWsKzH4PIRnN5GfcX6kb5sroc50i2JhucwNhkcV8sEVAbkSdjbCxlnRhLQ2pRdKkkirWmnWX -bj9T/UWZYB2oK0z5XqcJ2HUw19JlYD1n1khVdWk/kfVIC0dpImmClr7JyDiGSnoscxlIaU5rfGW/ -D/xwzoiQ ------END CERTIFICATE----- - Microsec e-Szigno Root CA 2009 ============================== -----BEGIN CERTIFICATE----- @@ -3101,28 +1943,6 @@ yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5tHMN1Rq41Bab2XD0h7lbwyYIi LXpUq3DDfSJlgnCW -----END CERTIFICATE----- -E-Guven Kok Elektronik Sertifika Hizmet Saglayicisi -=================================================== ------BEGIN CERTIFICATE----- -MIIDtjCCAp6gAwIBAgIQRJmNPMADJ72cdpW56tustTANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQG -EwJUUjEoMCYGA1UEChMfRWxla3Ryb25payBCaWxnaSBHdXZlbmxpZ2kgQS5TLjE8MDoGA1UEAxMz -ZS1HdXZlbiBLb2sgRWxla3Ryb25payBTZXJ0aWZpa2EgSGl6bWV0IFNhZ2xheWljaXNpMB4XDTA3 -MDEwNDExMzI0OFoXDTE3MDEwNDExMzI0OFowdTELMAkGA1UEBhMCVFIxKDAmBgNVBAoTH0VsZWt0 -cm9uaWsgQmlsZ2kgR3V2ZW5saWdpIEEuUy4xPDA6BgNVBAMTM2UtR3V2ZW4gS29rIEVsZWt0cm9u -aWsgU2VydGlmaWthIEhpem1ldCBTYWdsYXlpY2lzaTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC -AQoCggEBAMMSIJ6wXgBljU5Gu4Bc6SwGl9XzcslwuedLZYDBS75+PNdUMZTe1RK6UxYC6lhj71vY -8+0qGqpxSKPcEC1fX+tcS5yWCEIlKBHMilpiAVDV6wlTL/jDj/6z/P2douNffb7tC+Bg62nsM+3Y -jfsSSYMAyYuXjDtzKjKzEve5TfL0TW3H5tYmNwjy2f1rXKPlSFxYvEK+A1qBuhw1DADT9SN+cTAI -JjjcJRFHLfO6IxClv7wC90Nex/6wN1CZew+TzuZDLMN+DfIcQ2Zgy2ExR4ejT669VmxMvLz4Bcpk -9Ok0oSy1c+HCPujIyTQlCFzz7abHlJ+tiEMl1+E5YP6sOVkCAwEAAaNCMEAwDgYDVR0PAQH/BAQD -AgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFJ/uRLOU1fqRTy7ZVZoEVtstxNulMA0GCSqG -SIb3DQEBBQUAA4IBAQB/X7lTW2M9dTLn+sR0GstG30ZpHFLPqk/CaOv/gKlR6D1id4k9CnU58W5d -F4dvaAXBlGzZXd/aslnLpRCKysw5zZ/rTt5S/wzw9JKp8mxTq5vSR6AfdPebmvEvFZ96ZDAYBzwq -D2fK/A+JYZ1lpTzlvBNbCNvj/+27BrtqBrF6T2XGgv0enIu1De5Iu7i9qgi0+6N8y5/NkHZchpZ4 -Vwpm+Vganf2XKWDeEaaQHBkc7gGWIjQ0LpH5t8Qn0Xvmv/uARFoW5evg1Ao4vOSR49XrXMGs3xtq -fJ7lddK2l4fbzIcrQzqECK+rPNv3PGYxhrCdU3nt+CPeQuMtgvEP5fqX ------END CERTIFICATE----- - GlobalSign Root CA - R3 ======================= -----BEGIN CERTIFICATE----- @@ -3144,29 +1964,6 @@ YIvDQVETI53O9zJrlAGomecsMx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7r kpeDMdmztcpHWD9f -----END CERTIFICATE----- -TC TrustCenter Universal CA III -=============================== ------BEGIN CERTIFICATE----- -MIID4TCCAsmgAwIBAgIOYyUAAQACFI0zFQLkbPQwDQYJKoZIhvcNAQEFBQAwezELMAkGA1UEBhMC -REUxHDAaBgNVBAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxJDAiBgNVBAsTG1RDIFRydXN0Q2VudGVy -IFVuaXZlcnNhbCBDQTEoMCYGA1UEAxMfVEMgVHJ1c3RDZW50ZXIgVW5pdmVyc2FsIENBIElJSTAe -Fw0wOTA5MDkwODE1MjdaFw0yOTEyMzEyMzU5NTlaMHsxCzAJBgNVBAYTAkRFMRwwGgYDVQQKExNU -QyBUcnVzdENlbnRlciBHbWJIMSQwIgYDVQQLExtUQyBUcnVzdENlbnRlciBVbml2ZXJzYWwgQ0Ex -KDAmBgNVBAMTH1RDIFRydXN0Q2VudGVyIFVuaXZlcnNhbCBDQSBJSUkwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQDC2pxisLlxErALyBpXsq6DFJmzNEubkKLF5+cvAqBNLaT6hdqbJYUt -QCggbergvbFIgyIpRJ9Og+41URNzdNW88jBmlFPAQDYvDIRlzg9uwliT6CwLOunBjvvya8o84pxO -juT5fdMnnxvVZ3iHLX8LR7PH6MlIfK8vzArZQe+f/prhsq75U7Xl6UafYOPfjdN/+5Z+s7Vy+Eut -CHnNaYlAJ/Uqwa1D7KRTyGG299J5KmcYdkhtWyUB0SbFt1dpIxVbYYqt8Bst2a9c8SaQaanVDED1 -M4BDj5yjdipFtK+/fz6HP3bFzSreIMUWWMv5G/UPyw0RUmS40nZid4PxWJ//AgMBAAGjYzBhMB8G -A1UdIwQYMBaAFFbn4VslQ4Dg9ozhcbyO5YAvxEjiMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/ -BAQDAgEGMB0GA1UdDgQWBBRW5+FbJUOA4PaM4XG8juWAL8RI4jANBgkqhkiG9w0BAQUFAAOCAQEA -g8ev6n9NCjw5sWi+e22JLumzCecYV42FmhfzdkJQEw/HkG8zrcVJYCtsSVgZ1OK+t7+rSbyUyKu+ -KGwWaODIl0YgoGhnYIg5IFHYaAERzqf2EQf27OysGh+yZm5WZ2B6dF7AbZc2rrUNXWZzwCUyRdhK -BgePxLcHsU0GDeGl6/R1yrqc0L2z0zIkTO5+4nYES0lT2PLpVDP85XEfPRRclkvxOvIAu2y0+pZV -CIgJwcyRGSmwIC3/yzikQOEXvnlhgP8HA4ZMTnsGnxGGjYnuJ8Tb4rwZjgvDwxPHLQNjO9Po5KIq -woIIlBZU8O8fJ5AluA0OKBtHd0e9HKgl8ZS0Zg== ------END CERTIFICATE----- - Autoridad de Certificacion Firmaprofesional CIF A62634068 ========================================================= -----BEGIN CERTIFICATE----- @@ -3548,29 +2345,6 @@ iJ35Rld8TWCvmHMTI6QgkYH60GFmuH3Rr9ZvHmw96RH9qfmCIoaZM3Fa6hlXPZHNqcCjbgcTpsnt +GijnsNacgmHKNHEc8RzGF9QdRYxn7fofMM= -----END CERTIFICATE----- -A-Trust-nQual-03 -================ ------BEGIN CERTIFICATE----- -MIIDzzCCAregAwIBAgIDAWweMA0GCSqGSIb3DQEBBQUAMIGNMQswCQYDVQQGEwJBVDFIMEYGA1UE -Cgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVy -a2VociBHbWJIMRkwFwYDVQQLDBBBLVRydXN0LW5RdWFsLTAzMRkwFwYDVQQDDBBBLVRydXN0LW5R -dWFsLTAzMB4XDTA1MDgxNzIyMDAwMFoXDTE1MDgxNzIyMDAwMFowgY0xCzAJBgNVBAYTAkFUMUgw -RgYDVQQKDD9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGltIGVsZWt0ci4gRGF0 -ZW52ZXJrZWhyIEdtYkgxGTAXBgNVBAsMEEEtVHJ1c3QtblF1YWwtMDMxGTAXBgNVBAMMEEEtVHJ1 -c3QtblF1YWwtMDMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtPWFuA/OQO8BBC4SA -zewqo51ru27CQoT3URThoKgtUaNR8t4j8DRE/5TrzAUjlUC5B3ilJfYKvUWG6Nm9wASOhURh73+n -yfrBJcyFLGM/BWBzSQXgYHiVEEvc+RFZznF/QJuKqiTfC0Li21a8StKlDJu3Qz7dg9MmEALP6iPE -SU7l0+m0iKsMrmKS1GWH2WrX9IWf5DMiJaXlyDO6w8dB3F/GaswADm0yqLaHNgBid5seHzTLkDx4 -iHQF63n1k3Flyp3HaxgtPVxO59X4PzF9j4fsCiIvI+n+u33J4PTs63zEsMMtYrWacdaxaujs2e3V -cuy+VwHOBVWf3tFgiBCzAgMBAAGjNjA0MA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0OBAoECERqlWdV -eRFPMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAVdRU0VlIXLOThaq/Yy/kgM40 -ozRiPvbY7meIMQQDbwvUB/tOdQ/TLtPAF8fGKOwGDREkDg6lXb+MshOWcdzUzg4NCmgybLlBMRmr -sQd7TZjTXLDR8KdCoLXEjq/+8T/0709GAHbrAvv5ndJAlseIOrifEXnzgGWovR/TeIGgUUw3tKZd -JXDRZslo+S4RFGjxVJgIrCaSD96JntT6s3kr0qN51OyLrIdTaEJMUVF0HhsnLuP1Hyl0Te2v9+GS -mYHovjrHF1D2t8b8m7CKa9aIA5GPBnc6hQLdmNVDeD/GMBWsm2vLV7eJUYs66MmEDNuxUCAKGkq6 -ahq97BvIxYSazQ== ------END CERTIFICATE----- - TWCA Root Certification Authority ================================= -----BEGIN CERTIFICATE----- @@ -3893,3 +2667,1199 @@ uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIWiAYLtqZLICjU 3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/vGVCJYMzpJJUPwssd8m92kMfM dcGWxZ0= -----END CERTIFICATE----- + +TURKTRUST Certificate Services Provider Root 2007 +================================================= +-----BEGIN CERTIFICATE----- +MIIEPTCCAyWgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvzE/MD0GA1UEAww2VMOcUktUUlVTVCBF +bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxMQswCQYDVQQGEwJUUjEP +MA0GA1UEBwwGQW5rYXJhMV4wXAYDVQQKDFVUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUg +QmlsacWfaW0gR8O8dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLiAoYykgQXJhbMSxayAyMDA3MB4X +DTA3MTIyNTE4MzcxOVoXDTE3MTIyMjE4MzcxOVowgb8xPzA9BgNVBAMMNlTDnFJLVFJVU1QgRWxl +a3Ryb25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTELMAkGA1UEBhMCVFIxDzAN +BgNVBAcMBkFua2FyYTFeMFwGA1UECgxVVMOcUktUUlVTVCBCaWxnaSDEsGxldGnFn2ltIHZlIEJp +bGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7Fni4gKGMpIEFyYWzEsWsgMjAwNzCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKu3PgqMyKVYFeaK7yc9SrToJdPNM8Ig3BnuiD9N +YvDdE3ePYakqtdTyuTFYKTsvP2qcb3N2Je40IIDu6rfwxArNK4aUyeNgsURSsloptJGXg9i3phQv +KUmi8wUG+7RP2qFsmmaf8EMJyupyj+sA1zU511YXRxcw9L6/P8JorzZAwan0qafoEGsIiveGHtya +KhUG9qPw9ODHFNRRf8+0222vR5YXm3dx2KdxnSQM9pQ/hTEST7ruToK4uT6PIzdezKKqdfcYbwnT +rqdUKDT74eA7YH2gvnmJhsifLfkKS8RQouf9eRbHegsYz85M733WB2+Y8a+xwXrXgTW4qhe04MsC +AwEAAaNCMEAwHQYDVR0OBBYEFCnFkKslrxHkYb+j/4hhkeYO/pyBMA4GA1UdDwEB/wQEAwIBBjAP +BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAQDdr4Ouwo0RSVgrESLFF6QSU2TJ/s +Px+EnWVUXKgWAkD6bho3hO9ynYYKVZ1WKKxmLNA6VpM0ByWtCLCPyA8JWcqdmBzlVPi5RX9ql2+I +aE1KBiY3iAIOtsbWcpnOa3faYjGkVh+uX4132l32iPwa2Z61gfAyuOOI0JzzaqC5mxRZNTZPz/OO +Xl0XrRWV2N2y1RVuAE6zS89mlOTgzbUF2mNXi+WzqtvALhyQRNsaXRik7r4EW5nVcV9VZWRi1aKb +BFmGyGJ353yCRWo9F7/snXUMrqNvWtMvmDb08PUZqxFdyKbjKlhqQgnDvZImZjINXQhVdP+MmNAK +poRq0Tl9 +-----END CERTIFICATE----- + +D-TRUST Root Class 3 CA 2 2009 +============================== +-----BEGIN CERTIFICATE----- +MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQK +DAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTAe +Fw0wOTExMDUwODM1NThaFw0yOTExMDUwODM1NThaME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxE +LVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANOySs96R+91myP6Oi/WUEWJNTrGa9v+2wBoqOAD +ER03UAifTUpolDWzU9GUY6cgVq/eUXjsKj3zSEhQPgrfRlWLJ23DEE0NkVJD2IfgXU42tSHKXzlA +BF9bfsyjxiupQB7ZNoTWSPOSHjRGICTBpFGOShrvUD9pXRl/RcPHAY9RySPocq60vFYJfxLLHLGv +KZAKyVXMD9O0Gu1HNVpK7ZxzBCHQqr0ME7UAyiZsxGsMlFqVlNpQmvH/pStmMaTJOKDfHR+4CS7z +p+hnUquVH+BGPtikw8paxTGA6Eian5Rp/hnd2HN8gcqW3o7tszIFZYQ05ub9VxC1X3a/L7AQDcUC +AwEAAaOCARowggEWMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP3aFMSfMN4hvR5COfyrYyNJ +4PGEMA4GA1UdDwEB/wQEAwIBBjCB0wYDVR0fBIHLMIHIMIGAoH6gfIZ6bGRhcDovL2RpcmVjdG9y +eS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwUm9vdCUyMENsYXNzJTIwMyUyMENBJTIwMiUyMDIw +MDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3QwQ6BBoD+G +PWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3JsL2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfMjAw +OS5jcmwwDQYJKoZIhvcNAQELBQADggEBAH+X2zDI36ScfSF6gHDOFBJpiBSVYEQBrLLpME+bUMJm +2H6NMLVwMeniacfzcNsgFYbQDfC+rAF1hM5+n02/t2A7nPPKHeJeaNijnZflQGDSNiH+0LS4F9p0 +o3/U37CYAqxva2ssJSRyoWXuJVrl5jLn8t+rSfrzkGkj2wTZ51xY/GXUl77M/C4KzCUqNQT4YJEV +dT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8PIWmawomDeCTmGCufsYkl4ph +X5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3YJohw1+qRzT65ysCQblrGXnRl11z+o+I= +-----END CERTIFICATE----- + +D-TRUST Root Class 3 CA 2 EV 2009 +================================= +-----BEGIN CERTIFICATE----- +MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQK +DAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAw +OTAeFw0wOTExMDUwODUwNDZaFw0yOTExMDUwODUwNDZaMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQK +DAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAw +OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJnxhDRwui+3MKCOvXwEz75ivJn9gpfS +egpnljgJ9hBOlSJzmY3aFS3nBfwZcyK3jpgAvDw9rKFs+9Z5JUut8Mxk2og+KbgPCdM03TP1YtHh +zRnp7hhPTFiu4h7WDFsVWtg6uMQYZB7jM7K1iXdODL/ZlGsTl28So/6ZqQTMFexgaDbtCHu39b+T +7WYxg4zGcTSHThfqr4uRjRxWQa4iN1438h3Z0S0NL2lRp75mpoo6Kr3HGrHhFPC+Oh25z1uxav60 +sUYgovseO3Dvk5h9jHOW8sXvhXCtKSb8HgQ+HKDYD8tSg2J87otTlZCpV6LqYQXY+U3EJ/pure35 +11H3a6UCAwEAAaOCASQwggEgMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNOUikxiEyoZLsyv +cop9NteaHNxnMA4GA1UdDwEB/wQEAwIBBjCB3QYDVR0fBIHVMIHSMIGHoIGEoIGBhn9sZGFwOi8v +ZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ2xhc3MlMjAzJTIwQ0El +MjAyJTIwRVYlMjAyMDA5LE89RC1UcnVzdCUyMEdtYkgsQz1ERT9jZXJ0aWZpY2F0ZXJldm9jYXRp +b25saXN0MEagRKBChkBodHRwOi8vd3d3LmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2xh +c3NfM19jYV8yX2V2XzIwMDkuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQA07XtaPKSUiO8aEXUHL7P+ +PPoeUSbrh/Yp3uDx1MYkCenBz1UbtDDZzhr+BlGmFaQt77JLvyAoJUnRpjZ3NOhk31KxEcdzes05 +nsKtjHEh8lprr988TlWvsoRlFIm5d8sqMb7Po23Pb0iUMkZv53GMoKaEGTcH8gNFCSuGdXzfX2lX +ANtu2KZyIktQ1HWYVt+3GP9DQ1CuekR78HlR10M9p9OB0/DJT7naxpeG0ILD5EJt/rDiZE4OJudA +NCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqXKVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVv +w9y4AyHqnxbxLFS1 +-----END CERTIFICATE----- + +PSCProcert +========== +-----BEGIN CERTIFICATE----- +MIIJhjCCB26gAwIBAgIBCzANBgkqhkiG9w0BAQsFADCCAR4xPjA8BgNVBAMTNUF1dG9yaWRhZCBk +ZSBDZXJ0aWZpY2FjaW9uIFJhaXogZGVsIEVzdGFkbyBWZW5lem9sYW5vMQswCQYDVQQGEwJWRTEQ +MA4GA1UEBxMHQ2FyYWNhczEZMBcGA1UECBMQRGlzdHJpdG8gQ2FwaXRhbDE2MDQGA1UEChMtU2lz +dGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMUMwQQYDVQQLEzpTdXBl +cmludGVuZGVuY2lhIGRlIFNlcnZpY2lvcyBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMSUw +IwYJKoZIhvcNAQkBFhZhY3JhaXpAc3VzY2VydGUuZ29iLnZlMB4XDTEwMTIyODE2NTEwMFoXDTIw +MTIyNTIzNTk1OVowgdExJjAkBgkqhkiG9w0BCQEWF2NvbnRhY3RvQHByb2NlcnQubmV0LnZlMQ8w +DQYDVQQHEwZDaGFjYW8xEDAOBgNVBAgTB01pcmFuZGExKjAoBgNVBAsTIVByb3ZlZWRvciBkZSBD +ZXJ0aWZpY2Fkb3MgUFJPQ0VSVDE2MDQGA1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZp +Y2FjaW9uIEVsZWN0cm9uaWNhMQswCQYDVQQGEwJWRTETMBEGA1UEAxMKUFNDUHJvY2VydDCCAiIw +DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANW39KOUM6FGqVVhSQ2oh3NekS1wwQYalNo97BVC +wfWMrmoX8Yqt/ICV6oNEolt6Vc5Pp6XVurgfoCfAUFM+jbnADrgV3NZs+J74BCXfgI8Qhd19L3uA +3VcAZCP4bsm+lU/hdezgfl6VzbHvvnpC2Mks0+saGiKLt38GieU89RLAu9MLmV+QfI4tL3czkkoh +RqipCKzx9hEC2ZUWno0vluYC3XXCFCpa1sl9JcLB/KpnheLsvtF8PPqv1W7/U0HU9TI4seJfxPmO +EO8GqQKJ/+MMbpfg353bIdD0PghpbNjU5Db4g7ayNo+c7zo3Fn2/omnXO1ty0K+qP1xmk6wKImG2 +0qCZyFSTXai20b1dCl53lKItwIKOvMoDKjSuc/HUtQy9vmebVOvh+qBa7Dh+PsHMosdEMXXqP+UH +0quhJZb25uSgXTcYOWEAM11G1ADEtMo88aKjPvM6/2kwLkDd9p+cJsmWN63nOaK/6mnbVSKVUyqU +td+tFjiBdWbjxywbk5yqjKPK2Ww8F22c3HxT4CAnQzb5EuE8XL1mv6JpIzi4mWCZDlZTOpx+FIyw +Bm/xhnaQr/2v/pDGj59/i5IjnOcVdo/Vi5QTcmn7K2FjiO/mpF7moxdqWEfLcU8UC17IAggmosvp +r2uKGcfLFFb14dq12fy/czja+eevbqQ34gcnAgMBAAGjggMXMIIDEzASBgNVHRMBAf8ECDAGAQH/ +AgEBMDcGA1UdEgQwMC6CD3N1c2NlcnRlLmdvYi52ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAz +Ni0wMB0GA1UdDgQWBBRBDxk4qpl/Qguk1yeYVKIXTC1RVDCCAVAGA1UdIwSCAUcwggFDgBStuyId +xuDSAaj9dlBSk+2YwU2u06GCASakggEiMIIBHjE+MDwGA1UEAxM1QXV0b3JpZGFkIGRlIENlcnRp +ZmljYWNpb24gUmFpeiBkZWwgRXN0YWRvIFZlbmV6b2xhbm8xCzAJBgNVBAYTAlZFMRAwDgYDVQQH +EwdDYXJhY2FzMRkwFwYDVQQIExBEaXN0cml0byBDYXBpdGFsMTYwNAYDVQQKEy1TaXN0ZW1hIE5h +Y2lvbmFsIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExQzBBBgNVBAsTOlN1cGVyaW50ZW5k +ZW5jaWEgZGUgU2VydmljaW9zIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExJTAjBgkqhkiG +9w0BCQEWFmFjcmFpekBzdXNjZXJ0ZS5nb2IudmWCAQowDgYDVR0PAQH/BAQDAgEGME0GA1UdEQRG +MESCDnByb2NlcnQubmV0LnZloBUGBWCGXgIBoAwMClBTQy0wMDAwMDKgGwYFYIZeAgKgEgwQUklG +LUotMzE2MzUzNzMtNzB2BgNVHR8EbzBtMEagRKBChkBodHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52 +ZS9sY3IvQ0VSVElGSUNBRE8tUkFJWi1TSEEzODRDUkxERVIuY3JsMCOgIaAfhh1sZGFwOi8vYWNy +YWl6LnN1c2NlcnRlLmdvYi52ZTA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9v +Y3NwLnN1c2NlcnRlLmdvYi52ZTBBBgNVHSAEOjA4MDYGBmCGXgMBAjAsMCoGCCsGAQUFBwIBFh5o +dHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9kcGMwDQYJKoZIhvcNAQELBQADggIBACtZ6yKZu4Sq +T96QxtGGcSOeSwORR3C7wJJg7ODU523G0+1ng3dS1fLld6c2suNUvtm7CpsR72H0xpkzmfWvADmN +g7+mvTV+LFwxNG9s2/NkAZiqlCxB3RWGymspThbASfzXg0gTB1GEMVKIu4YXx2sviiCtxQuPcD4q +uxtxj7mkoP3YldmvWb8lK5jpY5MvYB7Eqvh39YtsL+1+LrVPQA3uvFd359m21D+VJzog1eWuq2w1 +n8GhHVnchIHuTQfiSLaeS5UtQbHh6N5+LwUeaO6/u5BlOsju6rEYNxxik6SgMexxbJHmpHmJWhSn +FFAFTKQAVzAswbVhltw+HoSvOULP5dAssSS830DD7X9jSr3hTxJkhpXzsOfIt+FTvZLm8wyWuevo +5pLtp4EJFAv8lXrPj9Y0TzYS3F7RNHXGRoAvlQSMx4bEqCaJqD8Zm4G7UaRKhqsLEQ+xrmNTbSjq +3TNWOByyrYDT13K9mmyZY+gAu0F2BbdbmRiKw7gSXFbPVgx96OLP7bx0R/vu0xdOIk9W/1DzLuY5 +poLWccret9W6aAjtmcz9opLLabid+Qqkpj5PkygqYWwHJgD/ll9ohri4zspV4KuxPX+Y1zMOWj3Y +eMLEYC/HYvBhkdI4sPaeVdtAgAUSM84dkpvRabP/v/GSCmE1P93+hvS84Bpxs2Km +-----END CERTIFICATE----- + +China Internet Network Information Center EV Certificates Root +============================================================== +-----BEGIN CERTIFICATE----- +MIID9zCCAt+gAwIBAgIESJ8AATANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMCQ04xMjAwBgNV +BAoMKUNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyMUcwRQYDVQQDDD5D +aGluYSBJbnRlcm5ldCBOZXR3b3JrIEluZm9ybWF0aW9uIENlbnRlciBFViBDZXJ0aWZpY2F0ZXMg +Um9vdDAeFw0xMDA4MzEwNzExMjVaFw0zMDA4MzEwNzExMjVaMIGKMQswCQYDVQQGEwJDTjEyMDAG +A1UECgwpQ2hpbmEgSW50ZXJuZXQgTmV0d29yayBJbmZvcm1hdGlvbiBDZW50ZXIxRzBFBgNVBAMM +PkNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyIEVWIENlcnRpZmljYXRl +cyBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm35z7r07eKpkQ0H1UN+U8i6y +jUqORlTSIRLIOTJCBumD1Z9S7eVnAztUwYyZmczpwA//DdmEEbK40ctb3B75aDFk4Zv6dOtouSCV +98YPjUesWgbdYavi7NifFy2cyjw1l1VxzUOFsUcW9SxTgHbP0wBkvUCZ3czY28Sf1hNfQYOL+Q2H +klY0bBoQCxfVWhyXWIQ8hBouXJE0bhlffxdpxWXvayHG1VA6v2G5BY3vbzQ6sm8UY78WO5upKv23 +KzhmBsUs4qpnHkWnjQRmQvaPK++IIGmPMowUc9orhpFjIpryp9vOiYurXccUwVswah+xt54ugQEC +7c+WXmPbqOY4twIDAQABo2MwYTAfBgNVHSMEGDAWgBR8cks5x8DbYqVPm6oYNJKiyoOCWTAPBgNV +HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUfHJLOcfA22KlT5uqGDSSosqD +glkwDQYJKoZIhvcNAQEFBQADggEBACrDx0M3j92tpLIM7twUbY8opJhJywyA6vPtI2Z1fcXTIWd5 +0XPFtQO3WKwMVC/GVhMPMdoG52U7HW8228gd+f2ABsqjPWYWqJ1MFn3AlUa1UeTiH9fqBk1jjZaM +7+czV0I664zBechNdn3e9rG3geCg+aF4RhcaVpjwTj2rHO3sOdwHSPdj/gauwqRcalsyiMXHM4Ws +ZkJHwlgkmeHlPuV1LI5D1l08eB6olYIpUNHRFrrvwb562bTYzB5MRuF3sTGrvSrIzo9uoV1/A3U0 +5K2JRVRevq4opbs/eHnrc7MKDf2+yfdWrPa37S+bISnHOLaVxATywy39FCqQmbkHzJ8= +-----END CERTIFICATE----- + +Swisscom Root CA 2 +================== +-----BEGIN CERTIFICATE----- +MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQG +EwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2VydGlmaWNhdGUgU2Vy +dmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3QgQ0EgMjAeFw0xMTA2MjQwODM4MTRaFw0zMTA2 +MjUwNzM4MTRaMGQxCzAJBgNVBAYTAmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGln +aXRhbCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAyMIIC +IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlUJOhJ1R5tMJ6HJaI2nbeHCOFvErjw0DzpPM +LgAIe6szjPTpQOYXTKueuEcUMncy3SgM3hhLX3af+Dk7/E6J2HzFZ++r0rk0X2s682Q2zsKwzxNo +ysjL67XiPS4h3+os1OD5cJZM/2pYmLcX5BtS5X4HAB1f2uY+lQS3aYg5oUFgJWFLlTloYhyxCwWJ +wDaCFCE/rtuh/bxvHGCGtlOUSbkrRsVPACu/obvLP+DHVxxX6NZp+MEkUp2IVd3Chy50I9AU/SpH +Wrumnf2U5NGKpV+GY3aFy6//SSj8gO1MedK75MDvAe5QQQg1I3ArqRa0jG6F6bYRzzHdUyYb3y1a +SgJA/MTAtukxGggo5WDDH8SQjhBiYEQN7Aq+VRhxLKX0srwVYv8c474d2h5Xszx+zYIdkeNL6yxS +NLCK/RJOlrDrcH+eOfdmQrGrrFLadkBXeyq96G4DsguAhYidDMfCd7Camlf0uPoTXGiTOmekl9Ab +mbeGMktg2M7v0Ax/lZ9vh0+Hio5fCHyqW/xavqGRn1V9TrALacywlKinh/LTSlDcX3KwFnUey7QY +Ypqwpzmqm59m2I2mbJYV4+by+PGDYmy7Velhk6M99bFXi08jsJvllGov34zflVEpYKELKeRcVVi3 +qPyZ7iVNTA6z00yPhOgpD/0QVAKFyPnlw4vP5w8CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYw +HQYDVR0hBBYwFDASBgdghXQBUwIBBgdghXQBUwIBMBIGA1UdEwEB/wQIMAYBAf8CAQcwHQYDVR0O +BBYEFE0mICKJS9PVpAqhb97iEoHF8TwuMB8GA1UdIwQYMBaAFE0mICKJS9PVpAqhb97iEoHF8Twu +MA0GCSqGSIb3DQEBCwUAA4ICAQAyCrKkG8t9voJXiblqf/P0wS4RfbgZPnm3qKhyN2abGu2sEzsO +v2LwnN+ee6FTSA5BesogpxcbtnjsQJHzQq0Qw1zv/2BZf82Fo4s9SBwlAjxnffUy6S8w5X2lejjQ +82YqZh6NM4OKb3xuqFp1mrjX2lhIREeoTPpMSQpKwhI3qEAMw8jh0FcNlzKVxzqfl9NX+Ave5XLz +o9v/tdhZsnPdTSpxsrpJ9csc1fV5yJmz/MFMdOO0vSk3FQQoHt5FRnDsr7p4DooqzgB53MBfGWcs +a0vvaGgLQ+OswWIJ76bdZWGgr4RVSJFSHMYlkSrQwSIjYVmvRRGFHQEkNI/Ps/8XciATwoCqISxx +OQ7Qj1zB09GOInJGTB2Wrk9xseEFKZZZ9LuedT3PDTcNYtsmjGOpI99nBjx8Oto0QuFmtEYE3saW +mA9LSHokMnWRn6z3aOkquVVlzl1h0ydw2Df+n7mvoC5Wt6NlUe07qxS/TFED6F+KBZvuim6c779o ++sjaC+NCydAXFJy3SuCvkychVSa1ZC+N8f+mQAWFBVzKBxlcCxMoTFh/wqXvRdpg065lYZ1Tg3TC +rvJcwhbtkj6EPnNgiLx29CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX +5OfNeOI5wSsSnqaeG8XmDtkx2Q== +-----END CERTIFICATE----- + +Swisscom Root EV CA 2 +===================== +-----BEGIN CERTIFICATE----- +MIIF4DCCA8igAwIBAgIRAPL6ZOJ0Y9ON/RAdBB92ylgwDQYJKoZIhvcNAQELBQAwZzELMAkGA1UE +BhMCY2gxETAPBgNVBAoTCFN3aXNzY29tMSUwIwYDVQQLExxEaWdpdGFsIENlcnRpZmljYXRlIFNl +cnZpY2VzMR4wHAYDVQQDExVTd2lzc2NvbSBSb290IEVWIENBIDIwHhcNMTEwNjI0MDk0NTA4WhcN +MzEwNjI1MDg0NTA4WjBnMQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsT +HERpZ2l0YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxHjAcBgNVBAMTFVN3aXNzY29tIFJvb3QgRVYg +Q0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMT3HS9X6lds93BdY7BxUglgRCgz +o3pOCvrY6myLURYaVa5UJsTMRQdBTxB5f3HSek4/OE6zAMaVylvNwSqD1ycfMQ4jFrclyxy0uYAy +Xhqdk/HoPGAsp15XGVhRXrwsVgu42O+LgrQ8uMIkqBPHoCE2G3pXKSinLr9xJZDzRINpUKTk4Rti +GZQJo/PDvO/0vezbE53PnUgJUmfANykRHvvSEaeFGHR55E+FFOtSN+KxRdjMDUN/rhPSays/p8Li +qG12W0OfvrSdsyaGOx9/5fLoZigWJdBLlzin5M8J0TbDC77aO0RYjb7xnglrPvMyxyuHxuxenPaH +Za0zKcQvidm5y8kDnftslFGXEBuGCxobP/YCfnvUxVFkKJ3106yDgYjTdLRZncHrYTNaRdHLOdAG +alNgHa/2+2m8atwBz735j9m9W8E6X47aD0upm50qKGsaCnw8qyIL5XctcfaCNYGu+HuB5ur+rPQa +m3Rc6I8k9l2dRsQs0h4rIWqDJ2dVSqTjyDKXZpBy2uPUZC5f46Fq9mDU5zXNysRojddxyNMkM3Ox +bPlq4SjbX8Y96L5V5jcb7STZDxmPX2MYWFCBUWVv8p9+agTnNCRxunZLWB4ZvRVgRaoMEkABnRDi +xzgHcgplwLa7JSnaFp6LNYth7eVxV4O1PHGf40+/fh6Bn0GXAgMBAAGjgYYwgYMwDgYDVR0PAQH/ +BAQDAgGGMB0GA1UdIQQWMBQwEgYHYIV0AVMCAgYHYIV0AVMCAjASBgNVHRMBAf8ECDAGAQH/AgED +MB0GA1UdDgQWBBRF2aWBbj2ITY1x0kbBbkUe88SAnTAfBgNVHSMEGDAWgBRF2aWBbj2ITY1x0kbB +bkUe88SAnTANBgkqhkiG9w0BAQsFAAOCAgEAlDpzBp9SSzBc1P6xXCX5145v9Ydkn+0UjrgEjihL +j6p7jjm02Vj2e6E1CqGdivdj5eu9OYLU43otb98TPLr+flaYC/NUn81ETm484T4VvwYmneTwkLbU +wp4wLh/vx3rEUMfqe9pQy3omywC0Wqu1kx+AiYQElY2NfwmTv9SoqORjbdlk5LgpWgi/UOGED1V7 +XwgiG/W9mR4U9s70WBCCswo9GcG/W6uqmdjyMb3lOGbcWAXH7WMaLgqXfIeTK7KK4/HsGOV1timH +59yLGn602MnTihdsfSlEvoqq9X46Lmgxk7lq2prg2+kupYTNHAq4Sgj5nPFhJpiTt3tm7JFe3VE/ +23MPrQRYCd0EApUKPtN236YQHoA96M2kZNEzx5LH4k5E4wnJTsJdhw4Snr8PyQUQ3nqjsTzyP6Wq +J3mtMX0f/fwZacXduT98zca0wjAefm6S139hdlqP65VNvBFuIXxZN5nQBrz5Bm0yFqXZaajh3DyA +HmBR3NdUIR7KYndP+tiPsys6DXhyyWhBWkdKwqPrGtcKqzwyVcgKEZzfdNbwQBUdyLmPtTbFr/gi +uMod89a2GQ+fYWVq6nTIfI/DT11lgh/ZDYnadXL77/FHZxOzyNEZiCcmmpl5fx7kLD977vHeTYuW +l8PVP3wbI+2ksx0WckNLIOFZfsLorSa/ovc= +-----END CERTIFICATE----- + +CA Disig Root R1 +================ +-----BEGIN CERTIFICATE----- +MIIFaTCCA1GgAwIBAgIJAMMDmu5QkG4oMA0GCSqGSIb3DQEBBQUAMFIxCzAJBgNVBAYTAlNLMRMw +EQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMuMRkwFwYDVQQDExBDQSBEaXNp +ZyBSb290IFIxMB4XDTEyMDcxOTA5MDY1NloXDTQyMDcxOTA5MDY1NlowUjELMAkGA1UEBhMCU0sx +EzARBgNVBAcTCkJyYXRpc2xhdmExEzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERp +c2lnIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqw3j33Jijp1pedxiy +3QRkD2P9m5YJgNXoqqXinCaUOuiZc4yd39ffg/N4T0Dhf9Kn0uXKE5Pn7cZ3Xza1lK/oOI7bm+V8 +u8yN63Vz4STN5qctGS7Y1oprFOsIYgrY3LMATcMjfF9DCCMyEtztDK3AfQ+lekLZWnDZv6fXARz2 +m6uOt0qGeKAeVjGu74IKgEH3G8muqzIm1Cxr7X1r5OJeIgpFy4QxTaz+29FHuvlglzmxZcfe+5nk +CiKxLU3lSCZpq+Kq8/v8kiky6bM+TR8noc2OuRf7JT7JbvN32g0S9l3HuzYQ1VTW8+DiR0jm3hTa +YVKvJrT1cU/J19IG32PK/yHoWQbgCNWEFVP3Q+V8xaCJmGtzxmjOZd69fwX3se72V6FglcXM6pM6 +vpmumwKjrckWtc7dXpl4fho5frLABaTAgqWjR56M6ly2vGfb5ipN0gTco65F97yLnByn1tUD3AjL +LhbKXEAz6GfDLuemROoRRRw1ZS0eRWEkG4IupZ0zXWX4Qfkuy5Q/H6MMMSRE7cderVC6xkGbrPAX +ZcD4XW9boAo0PO7X6oifmPmvTiT6l7Jkdtqr9O3jw2Dv1fkCyC2fg69naQanMVXVz0tv/wQFx1is +XxYb5dKj6zHbHzMVTdDypVP1y+E9Tmgt2BLdqvLmTZtJ5cUoobqwWsagtQIDAQABo0IwQDAPBgNV +HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUiQq0OJMa5qvum5EY+fU8PjXQ +04IwDQYJKoZIhvcNAQEFBQADggIBADKL9p1Kyb4U5YysOMo6CdQbzoaz3evUuii+Eq5FLAR0rBNR +xVgYZk2C2tXck8An4b58n1KeElb21Zyp9HWc+jcSjxyT7Ff+Bw+r1RL3D65hXlaASfX8MPWbTx9B +LxyE04nH4toCdu0Jz2zBuByDHBb6lM19oMgY0sidbvW9adRtPTXoHqJPYNcHKfyyo6SdbhWSVhlM +CrDpfNIZTUJG7L399ldb3Zh+pE3McgODWF3vkzpBemOqfDqo9ayk0d2iLbYq/J8BjuIQscTK5Gfb +VSUZP/3oNn6z4eGBrxEWi1CXYBmCAMBrTXO40RMHPuq2MU/wQppt4hF05ZSsjYSVPCGvxdpHyN85 +YmLLW1AL14FABZyb7bq2ix4Eb5YgOe2kfSnbSM6C3NQCjR0EMVrHS/BsYVLXtFHCgWzN4funodKS +ds+xDzdYpPJScWc/DIh4gInByLUfkmO+p3qKViwaqKactV2zY9ATIKHrkWzQjX2v3wvkF7mGnjix +lAxYjOBVqjtjbZqJYLhkKpLGN/R+Q0O3c+gB53+XD9fyexn9GtePyfqFa3qdnom2piiZk4hA9z7N +UaPK6u95RyG1/jLix8NRb76AdPCkwzryT+lf3xkK8jsTQ6wxpLPn6/wY1gGp8yqPNg7rtLG8t0zJ +a7+h89n07eLw4+1knj0vllJPgFOL +-----END CERTIFICATE----- + +CA Disig Root R2 +================ +-----BEGIN CERTIFICATE----- +MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNVBAYTAlNLMRMw +EQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMuMRkwFwYDVQQDExBDQSBEaXNp +ZyBSb290IFIyMB4XDTEyMDcxOTA5MTUzMFoXDTQyMDcxOTA5MTUzMFowUjELMAkGA1UEBhMCU0sx +EzARBgNVBAcTCkJyYXRpc2xhdmExEzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERp +c2lnIFJvb3QgUjIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCio8QACdaFXS1tFPbC +w3OeNcJxVX6B+6tGUODBfEl45qt5WDza/3wcn9iXAng+a0EE6UG9vgMsRfYvZNSrXaNHPWSb6Wia +xswbP7q+sos0Ai6YVRn8jG+qX9pMzk0DIaPY0jSTVpbLTAwAFjxfGs3Ix2ymrdMxp7zo5eFm1tL7 +A7RBZckQrg4FY8aAamkw/dLukO8NJ9+flXP04SXabBbeQTg06ov80egEFGEtQX6sx3dOy1FU+16S +GBsEWmjGycT6txOgmLcRK7fWV8x8nhfRyyX+hk4kLlYMeE2eARKmK6cBZW58Yh2EhN/qwGu1pSqV +g8NTEQxzHQuyRpDRQjrOQG6Vrf/GlK1ul4SOfW+eioANSW1z4nuSHsPzwfPrLgVv2RvPN3YEyLRa +5Beny912H9AZdugsBbPWnDTYltxhh5EF5EQIM8HauQhl1K6yNg3ruji6DOWbnuuNZt2Zz9aJQfYE +koopKW1rOhzndX0CcQ7zwOe9yxndnWCywmZgtrEE7snmhrmaZkCo5xHtgUUDi/ZnWejBBhG93c+A +Ak9lQHhcR1DIm+YfgXvkRKhbhZri3lrVx/k6RGZL5DJUfORsnLMOPReisjQS1n6yqEm70XooQL6i +Fh/f5DcfEXP7kAplQ6INfPgGAVUzfbANuPT1rqVCV3w2EYx7XsQDnYx5nQIDAQABo0IwQDAPBgNV +HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUtZn4r7CU9eMg1gqtzk5WpC5u +Qu0wDQYJKoZIhvcNAQELBQADggIBACYGXnDnZTPIgm7ZnBc6G3pmsgH2eDtpXi/q/075KMOYKmFM +tCQSin1tERT3nLXK5ryeJ45MGcipvXrA1zYObYVybqjGom32+nNjf7xueQgcnYqfGopTpti72TVV +sRHFqQOzVju5hJMiXn7B9hJSi+osZ7z+Nkz1uM/Rs0mSO9MpDpkblvdhuDvEK7Z4bLQjb/D907Je +dR+Zlais9trhxTF7+9FGs9K8Z7RiVLoJ92Owk6Ka+elSLotgEqv89WBW7xBci8QaQtyDW2QOy7W8 +1k/BfDxujRNt+3vrMNDcTa/F1balTFtxyegxvug4BkihGuLq0t4SOVga/4AOgnXmt8kHbA7v/zjx +mHHEt38OFdAlab0inSvtBfZGR6ztwPDUO+Ls7pZbkBNOHlY667DvlruWIxG68kOGdGSVyCh13x01 +utI3gzhTODY7z2zp+WsO0PsE6E9312UBeIYMej4hYvF/Y3EMyZ9E26gnonW+boE+18DrG5gPcFw0 +sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3OszMOl6W8KjptlwlCFtaOg +UxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8xL4ysEr3vQCj8KWefshNPZiTEUxnpHikV +7+ZtsH8tZ/3zbBt1RqPlShfppNcL +-----END CERTIFICATE----- + +ACCVRAIZ1 +========= +-----BEGIN CERTIFICATE----- +MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UEAwwJQUNDVlJB +SVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQswCQYDVQQGEwJFUzAeFw0xMTA1 +MDUwOTM3MzdaFw0zMDEyMzEwOTM3MzdaMEIxEjAQBgNVBAMMCUFDQ1ZSQUlaMTEQMA4GA1UECwwH +UEtJQUNDVjENMAsGA1UECgwEQUNDVjELMAkGA1UEBhMCRVMwggIiMA0GCSqGSIb3DQEBAQUAA4IC +DwAwggIKAoICAQCbqau/YUqXry+XZpp0X9DZlv3P4uRm7x8fRzPCRKPfmt4ftVTdFXxpNRFvu8gM +jmoYHtiP2Ra8EEg2XPBjs5BaXCQ316PWywlxufEBcoSwfdtNgM3802/J+Nq2DoLSRYWoG2ioPej0 +RGy9ocLLA76MPhMAhN9KSMDjIgro6TenGEyxCQ0jVn8ETdkXhBilyNpAlHPrzg5XPAOBOp0KoVdD +aaxXbXmQeOW1tDvYvEyNKKGno6e6Ak4l0Squ7a4DIrhrIA8wKFSVf+DuzgpmndFALW4ir50awQUZ +0m/A8p/4e7MCQvtQqR0tkw8jq8bBD5L/0KIV9VMJcRz/RROE5iZe+OCIHAr8Fraocwa48GOEAqDG +WuzndN9wrqODJerWx5eHk6fGioozl2A3ED6XPm4pFdahD9GILBKfb6qkxkLrQaLjlUPTAYVtjrs7 +8yM2x/474KElB0iryYl0/wiPgL/AlmXz7uxLaL2diMMxs0Dx6M/2OLuc5NF/1OVYm3z61PMOm3WR +5LpSLhl+0fXNWhn8ugb2+1KoS5kE3fj5tItQo05iifCHJPqDQsGH+tUtKSpacXpkatcnYGMN285J +9Y0fkIkyF/hzQ7jSWpOGYdbhdQrqeWZ2iE9x6wQl1gpaepPluUsXQA+xtrn13k/c4LOsOxFwYIRK +Q26ZIMApcQrAZQIDAQABo4ICyzCCAscwfQYIKwYBBQUHAQEEcTBvMEwGCCsGAQUFBzAChkBodHRw +Oi8vd3d3LmFjY3YuZXMvZmlsZWFkbWluL0FyY2hpdm9zL2NlcnRpZmljYWRvcy9yYWl6YWNjdjEu +Y3J0MB8GCCsGAQUFBzABhhNodHRwOi8vb2NzcC5hY2N2LmVzMB0GA1UdDgQWBBTSh7Tj3zcnk1X2 +VuqB5TbMjB4/vTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNKHtOPfNyeTVfZW6oHlNsyM +Hj+9MIIBcwYDVR0gBIIBajCCAWYwggFiBgRVHSAAMIIBWDCCASIGCCsGAQUFBwICMIIBFB6CARAA +QQB1AHQAbwByAGkAZABhAGQAIABkAGUAIABDAGUAcgB0AGkAZgBpAGMAYQBjAGkA8wBuACAAUgBh +AO0AegAgAGQAZQAgAGwAYQAgAEEAQwBDAFYAIAAoAEEAZwBlAG4AYwBpAGEAIABkAGUAIABUAGUA +YwBuAG8AbABvAGcA7QBhACAAeQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzAG4AIABFAGwAZQBj +AHQAcgDzAG4AaQBjAGEALAAgAEMASQBGACAAUQA0ADYAMAAxADEANQA2AEUAKQAuACAAQwBQAFMA +IABlAG4AIABoAHQAdABwADoALwAvAHcAdwB3AC4AYQBjAGMAdgAuAGUAczAwBggrBgEFBQcCARYk +aHR0cDovL3d3dy5hY2N2LmVzL2xlZ2lzbGFjaW9uX2MuaHRtMFUGA1UdHwROMEwwSqBIoEaGRGh0 +dHA6Ly93d3cuYWNjdi5lcy9maWxlYWRtaW4vQXJjaGl2b3MvY2VydGlmaWNhZG9zL3JhaXphY2N2 +MV9kZXIuY3JsMA4GA1UdDwEB/wQEAwIBBjAXBgNVHREEEDAOgQxhY2N2QGFjY3YuZXMwDQYJKoZI +hvcNAQEFBQADggIBAJcxAp/n/UNnSEQU5CmH7UwoZtCPNdpNYbdKl02125DgBS4OxnnQ8pdpD70E +R9m+27Up2pvZrqmZ1dM8MJP1jaGo/AaNRPTKFpV8M9xii6g3+CfYCS0b78gUJyCpZET/LtZ1qmxN +YEAZSUNUY9rizLpm5U9EelvZaoErQNV/+QEnWCzI7UiRfD+mAM/EKXMRNt6GGT6d7hmKG9Ww7Y49 +nCrADdg9ZuM8Db3VlFzi4qc1GwQA9j9ajepDvV+JHanBsMyZ4k0ACtrJJ1vnE5Bc5PUzolVt3OAJ +TS+xJlsndQAJxGJ3KQhfnlmstn6tn1QwIgPBHnFk/vk4CpYY3QIUrCPLBhwepH2NDd4nQeit2hW3 +sCPdK6jT2iWH7ehVRE2I9DZ+hJp4rPcOVkkO1jMl1oRQQmwgEh0q1b688nCBpHBgvgW1m54ERL5h +I6zppSSMEYCUWqKiuUnSwdzRp+0xESyeGabu4VXhwOrPDYTkF7eifKXeVSUG7szAh1xA2syVP1Xg +Nce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xFd3+YJ5oyXSrjhO7FmGYvliAd +3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2HpPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3p +EfbRD0tVNEYqi4Y7 +-----END CERTIFICATE----- + +TWCA Global Root CA +=================== +-----BEGIN CERTIFICATE----- +MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcxEjAQBgNVBAoT +CVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMTVFdDQSBHbG9iYWwgUm9vdCBD +QTAeFw0xMjA2MjcwNjI4MzNaFw0zMDEyMzExNTU5NTlaMFExCzAJBgNVBAYTAlRXMRIwEAYDVQQK +EwlUQUlXQU4tQ0ExEDAOBgNVBAsTB1Jvb3QgQ0ExHDAaBgNVBAMTE1RXQ0EgR2xvYmFsIFJvb3Qg +Q0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCwBdvI64zEbooh745NnHEKH1Jw7W2C +nJfF10xORUnLQEK1EjRsGcJ0pDFfhQKX7EMzClPSnIyOt7h52yvVavKOZsTuKwEHktSz0ALfUPZV +r2YOy+BHYC8rMjk1Ujoog/h7FsYYuGLWRyWRzvAZEk2tY/XTP3VfKfChMBwqoJimFb3u/Rk28OKR +Q4/6ytYQJ0lM793B8YVwm8rqqFpD/G2Gb3PpN0Wp8DbHzIh1HrtsBv+baz4X7GGqcXzGHaL3SekV +tTzWoWH1EfcFbx39Eb7QMAfCKbAJTibc46KokWofwpFFiFzlmLhxpRUZyXx1EcxwdE8tmx2RRP1W +KKD+u4ZqyPpcC1jcxkt2yKsi2XMPpfRaAok/T54igu6idFMqPVMnaR1sjjIsZAAmY2E2TqNGtz99 +sy2sbZCilaLOz9qC5wc0GZbpuCGqKX6mOL6OKUohZnkfs8O1CWfe1tQHRvMq2uYiN2DLgbYPoA/p +yJV/v1WRBXrPPRXAb94JlAGD1zQbzECl8LibZ9WYkTunhHiVJqRaCPgrdLQABDzfuBSO6N+pjWxn +kjMdwLfS7JLIvgm/LCkFbwJrnu+8vyq8W8BQj0FwcYeyTbcEqYSjMq+u7msXi7Kx/mzhkIyIqJdI +zshNy/MGz19qCkKxHh53L46g5pIOBvwFItIm4TFRfTLcDwIDAQABoyMwITAOBgNVHQ8BAf8EBAMC +AQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAXzSBdu+WHdXltdkCY4QWwa6g +cFGn90xHNcgL1yg9iXHZqjNB6hQbbCEAwGxCGX6faVsgQt+i0trEfJdLjbDorMjupWkEmQqSpqsn +LhpNgb+E1HAerUf+/UqdM+DyucRFCCEK2mlpc3INvjT+lIutwx4116KD7+U4x6WFH6vPNOw/KP4M +8VeGTslV9xzU2KV9Bnpv1d8Q34FOIWWxtuEXeZVFBs5fzNxGiWNoRI2T9GRwoD2dKAXDOXC4Ynsg +/eTb6QihuJ49CcdP+yz4k3ZB3lLg4VfSnQO8d57+nile98FRYB/e2guyLXW3Q0iT5/Z5xoRdgFlg +lPx4mI88k1HtQJAH32RjJMtOcQWh15QaiDLxInQirqWm2BJpTGCjAu4r7NRjkgtevi92a6O2JryP +A9gK8kxkRr05YuWW6zRjESjMlfGt7+/cgFhI6Uu46mWs6fyAtbXIRfmswZ/ZuepiiI7E8UuDEq3m +i4TWnsLrgxifarsbJGAzcMzs9zLzXNl5fe+epP7JI8Mk7hWSsT2RTyaGvWZzJBPqpK5jwa19hAM8 +EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWzaGHQRiapIVJpLesux+t3 +zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmyKwbQBM0= +-----END CERTIFICATE----- + +TeliaSonera Root CA v1 +====================== +-----BEGIN CERTIFICATE----- +MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAwNzEUMBIGA1UE +CgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJvb3QgQ0EgdjEwHhcNMDcxMDE4 +MTIwMDUwWhcNMzIxMDE4MTIwMDUwWjA3MRQwEgYDVQQKDAtUZWxpYVNvbmVyYTEfMB0GA1UEAwwW +VGVsaWFTb25lcmEgUm9vdCBDQSB2MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMK+ +6yfwIaPzaSZVfp3FVRaRXP3vIb9TgHot0pGMYzHw7CTww6XScnwQbfQ3t+XmfHnqjLWCi65ItqwA +3GV17CpNX8GH9SBlK4GoRz6JI5UwFpB/6FcHSOcZrr9FZ7E3GwYq/t75rH2D+1665I+XZ75Ljo1k +B1c4VWk0Nj0TSO9P4tNmHqTPGrdeNjPUtAa9GAH9d4RQAEX1jF3oI7x+/jXh7VB7qTCNGdMJjmhn +Xb88lxhTuylixcpecsHHltTbLaC0H2kD7OriUPEMPPCs81Mt8Bz17Ww5OXOAFshSsCPN4D7c3TxH +oLs1iuKYaIu+5b9y7tL6pe0S7fyYGKkmdtwoSxAgHNN/Fnct7W+A90m7UwW7XWjH1Mh1Fj+JWov3 +F0fUTPHSiXk+TT2YqGHeOh7S+F4D4MHJHIzTjU3TlTazN19jY5szFPAtJmtTfImMMsJu7D0hADnJ +oWjiUIMusDor8zagrC/kb2HCUQk5PotTubtn2txTuXZZNp1D5SDgPTJghSJRt8czu90VL6R4pgd7 +gUY2BIbdeTXHlSw7sKMXNeVzH7RcWe/a6hBle3rQf5+ztCo3O3CLm1u5K7fsslESl1MpWtTwEhDc +TwK7EpIvYtQ/aUN8Ddb8WHUBiJ1YFkveupD/RwGJBmr2X7KQarMCpgKIv7NHfirZ1fpoeDVNAgMB +AAGjPzA9MA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBTwj1k4ALP1j5qW +DNXr+nuqF+gTEjANBgkqhkiG9w0BAQUFAAOCAgEAvuRcYk4k9AwI//DTDGjkk0kiP0Qnb7tt3oNm +zqjMDfz1mgbldxSR651Be5kqhOX//CHBXfDkH1e3damhXwIm/9fH907eT/j3HEbAek9ALCI18Bmx +0GtnLLCo4MBANzX2hFxc469CeP6nyQ1Q6g2EdvZR74NTxnr/DlZJLo961gzmJ1TjTQpgcmLNkQfW +pb/ImWvtxBnmq0wROMVvMeJuScg/doAmAyYp4Db29iBT4xdwNBedY2gea+zDTYa4EzAvXUYNR0PV +G6pZDrlcjQZIrXSHX8f8MVRBE+LHIQ6e4B4N4cB7Q4WQxYpYxmUKeFfyxiMPAdkgS94P+5KFdSpc +c41teyWRyu5FrgZLAMzTsVlQ2jqIOylDRl6XK1TOU2+NSueW+r9xDkKLfP0ooNBIytrEgUy7onOT +JsjrDNYmiLbAJM+7vVvrdX3pCI6GMyx5dwlppYn8s3CQh3aP0yK7Qs69cwsgJirQmz1wHiRszYd2 +qReWt88NkvuOGKmYSdGe/mBEciG5Ge3C9THxOUiIkCR1VBatzvT4aRRkOfujuLpwQMcnHL/EVlP6 +Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVxSK236thZiNSQvxaz2ems +WWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVY= +-----END CERTIFICATE----- + +E-Tugra Certification Authority +=============================== +-----BEGIN CERTIFICATE----- +MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNVBAYTAlRSMQ8w +DQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamls +ZXJpIHZlIEhpem1ldGxlcmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBN +ZXJrZXppMSgwJgYDVQQDDB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEzMDMw +NTEyMDk0OFoXDTIzMDMwMzEyMDk0OFowgbIxCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmEx +QDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhpem1ldGxl +cmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBNZXJrZXppMSgwJgYDVQQD +DB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEFAAOCAg8A +MIICCgKCAgEA4vU/kwVRHoViVF56C/UYB4Oufq9899SKa6VjQzm5S/fDxmSJPZQuVIBSOTkHS0vd +hQd2h8y/L5VMzH2nPbxHD5hw+IyFHnSOkm0bQNGZDbt1bsipa5rAhDGvykPL6ys06I+XawGb1Q5K +CKpbknSFQ9OArqGIW66z6l7LFpp3RMih9lRozt6Plyu6W0ACDGQXwLWTzeHxE2bODHnv0ZEoq1+g +ElIwcxmOj+GMB6LDu0rw6h8VqO4lzKRG+Bsi77MOQ7osJLjFLFzUHPhdZL3Dk14opz8n8Y4e0ypQ +BaNV2cvnOVPAmJ6MVGKLJrD3fY185MaeZkJVgkfnsliNZvcHfC425lAcP9tDJMW/hkd5s3kc91r0 +E+xs+D/iWR+V7kI+ua2oMoVJl0b+SzGPWsutdEcf6ZG33ygEIqDUD13ieU/qbIWGvaimzuT6w+Gz +rt48Ue7LE3wBf4QOXVGUnhMMti6lTPk5cDZvlsouDERVxcr6XQKj39ZkjFqzAQqptQpHF//vkUAq +jqFGOjGY5RH8zLtJVor8udBhmm9lbObDyz51Sf6Pp+KJxWfXnUYTTjF2OySznhFlhqt/7x3U+Lzn +rFpct1pHXFXOVbQicVtbC/DP3KBhZOqp12gKY6fgDT+gr9Oq0n7vUaDmUStVkhUXU8u3Zg5mTPj5 +dUyQ5xJwx0UCAwEAAaNjMGEwHQYDVR0OBBYEFC7j27JJ0JxUeVz6Jyr+zE7S6E5UMA8GA1UdEwEB +/wQFMAMBAf8wHwYDVR0jBBgwFoAULuPbsknQnFR5XPonKv7MTtLoTlQwDgYDVR0PAQH/BAQDAgEG +MA0GCSqGSIb3DQEBCwUAA4ICAQAFNzr0TbdF4kV1JI+2d1LoHNgQk2Xz8lkGpD4eKexd0dCrfOAK +kEh47U6YA5n+KGCRHTAduGN8qOY1tfrTYXbm1gdLymmasoR6d5NFFxWfJNCYExL/u6Au/U5Mh/jO +XKqYGwXgAEZKgoClM4so3O0409/lPun++1ndYYRP0lSWE2ETPo+Aab6TR7U1Q9Jauz1c77NCR807 +VRMGsAnb/WP2OogKmW9+4c4bU2pEZiNRCHu8W1Ki/QY3OEBhj0qWuJA3+GbHeJAAFS6LrVE1Uweo +a2iu+U48BybNCAVwzDk/dr2l02cmAYamU9JgO3xDf1WKvJUawSg5TB9D0pH0clmKuVb8P7Sd2nCc +dlqMQ1DujjByTd//SffGqWfZbawCEeI6FiWnWAjLb1NBnEg4R2gz0dfHj9R0IdTDBZB6/86WiLEV +KV0jq9BgoRJP3vQXzTLlyb/IQ639Lo7xr+L0mPoSHyDYwKcMhcWQ9DstliaxLL5Mq+ux0orJ23gT +Dx4JnW2PAJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpDy4Q0 +8ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8dNL/+I5c30jn6PQ0G +C7TbO6Orb1wdtn7os4I07QZcJA== +-----END CERTIFICATE----- + +T-TeleSec GlobalRoot Class 2 +============================ +-----BEGIN CERTIFICATE----- +MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoM +IlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBU +cnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgx +MDAxMTA0MDE0WhcNMzMxMDAxMjM1OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lz +dGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBD +ZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUdAqSzm1nzHoqvNK38DcLZ +SBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiCFoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/F +vudocP05l03Sx5iRUKrERLMjfTlH6VJi1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx970 +2cu+fjOlbpSD8DT6IavqjnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGV +WOHAD3bZwI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGjQjBA +MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/WSA2AHmgoCJrjNXy +YdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhyNsZt+U2e+iKo4YFWz827n+qrkRk4 +r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPACuvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNf +vNoBYimipidx5joifsFvHZVwIEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR +3p1m0IvVVGb6g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN +9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlPBSeOE6Fuwg== +-----END CERTIFICATE----- + +Atos TrustedRoot 2011 +===================== +-----BEGIN CERTIFICATE----- +MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UEAwwVQXRvcyBU +cnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQGEwJERTAeFw0xMTA3MDcxNDU4 +MzBaFw0zMDEyMzEyMzU5NTlaMDwxHjAcBgNVBAMMFUF0b3MgVHJ1c3RlZFJvb3QgMjAxMTENMAsG +A1UECgwEQXRvczELMAkGA1UEBhMCREUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV +hTuXbyo7LjvPpvMpNb7PGKw+qtn4TaA+Gke5vJrf8v7MPkfoepbCJI419KkM/IL9bcFyYie96mvr +54rMVD6QUM+A1JX76LWC1BTFtqlVJVfbsVD2sGBkWXppzwO3bw2+yj5vdHLqqjAqc2K+SZFhyBH+ +DgMq92og3AIVDV4VavzjgsG1xZ1kCWyjWZgHJ8cblithdHFsQ/H3NYkQ4J7sVaE3IqKHBAUsR320 +HLliKWYoyrfhk/WklAOZuXCFteZI6o1Q/NnezG8HDt0Lcp2AMBYHlT8oDv3FdU9T1nSatCQujgKR +z3bFmx5VdJx4IbHwLfELn8LVlhgf8FQieowHAgMBAAGjfTB7MB0GA1UdDgQWBBSnpQaxLKYJYO7R +l+lwrrw7GWzbITAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKelBrEspglg7tGX6XCuvDsZ +bNshMBgGA1UdIAQRMA8wDQYLKwYBBAGwLQMEAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEB +CwUAA4IBAQAmdzTblEiGKkGdLD4GkGDEjKwLVLgfuXvTBznk+j57sj1O7Z8jvZfza1zv7v1Apt+h +k6EKhqzvINB5Ab149xnYJDE0BAGmuhWawyfc2E8PzBhj/5kPDpFrdRbhIfzYJsdHt6bPWHJxfrrh +TZVHO8mvbaG0weyJ9rQPOLXiZNwlz6bb65pcmaHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a9 +61qn8FYiqTxlVMYVqL2Gns2Dlmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G +3mB/ufNPRJLvKrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed +-----END CERTIFICATE----- + +QuoVadis Root CA 1 G3 +===================== +-----BEGIN CERTIFICATE----- +MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQELBQAwSDELMAkG +A1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAcBgNVBAMTFVF1b1ZhZGlzIFJv +b3QgQ0EgMSBHMzAeFw0xMjAxMTIxNzI3NDRaFw00MjAxMTIxNzI3NDRaMEgxCzAJBgNVBAYTAkJN +MRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDEg +RzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCgvlAQjunybEC0BJyFuTHK3C3kEakE +PBtVwedYMB0ktMPvhd6MLOHBPd+C5k+tR4ds7FtJwUrVu4/sh6x/gpqG7D0DmVIB0jWerNrwU8lm +PNSsAgHaJNM7qAJGr6Qc4/hzWHa39g6QDbXwz8z6+cZM5cOGMAqNF34168Xfuw6cwI2H44g4hWf6 +Pser4BOcBRiYz5P1sZK0/CPTz9XEJ0ngnjybCKOLXSoh4Pw5qlPafX7PGglTvF0FBM+hSo+LdoIN +ofjSxxR3W5A2B4GbPgb6Ul5jxaYA/qXpUhtStZI5cgMJYr2wYBZupt0lwgNm3fME0UDiTouG9G/l +g6AnhF4EwfWQvTA9xO+oabw4m6SkltFi2mnAAZauy8RRNOoMqv8hjlmPSlzkYZqn0ukqeI1RPToV +7qJZjqlc3sX5kCLliEVx3ZGZbHqfPT2YfF72vhZooF6uCyP8Wg+qInYtyaEQHeTTRCOQiJ/GKubX +9ZqzWB4vMIkIG1SitZgj7Ah3HJVdYdHLiZxfokqRmu8hqkkWCKi9YSgxyXSthfbZxbGL0eUQMk1f +iyA6PEkfM4VZDdvLCXVDaXP7a3F98N/ETH3Goy7IlXnLc6KOTk0k+17kBL5yG6YnLUlamXrXXAkg +t3+UuU/xDRxeiEIbEbfnkduebPRq34wGmAOtzCjvpUfzUwIDAQABo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUo5fW816iEOGrRZ88F2Q87gFwnMwwDQYJKoZI +hvcNAQELBQADggIBABj6W3X8PnrHX3fHyt/PX8MSxEBd1DKquGrX1RUVRpgjpeaQWxiZTOOtQqOC +MTaIzen7xASWSIsBx40Bz1szBpZGZnQdT+3Btrm0DWHMY37XLneMlhwqI2hrhVd2cDMT/uFPpiN3 +GPoajOi9ZcnPP/TJF9zrx7zABC4tRi9pZsMbj/7sPtPKlL92CiUNqXsCHKnQO18LwIE6PWThv6ct +Tr1NxNgpxiIY0MWscgKCP6o6ojoilzHdCGPDdRS5YCgtW2jgFqlmgiNR9etT2DGbe+m3nUvriBbP ++V04ikkwj+3x6xn0dxoxGE1nVGwvb2X52z3sIexe9PSLymBlVNFxZPT5pqOBMzYzcfCkeF9OrYMh +3jRJjehZrJ3ydlo28hP0r+AJx2EqbPfgna67hkooby7utHnNkDPDs3b69fBsnQGQ+p6Q9pxyz0fa +wx/kNSBT8lTR32GDpgLiJTjehTItXnOQUl1CxM49S+H5GYQd1aJQzEH7QRTDvdbJWqNjZgKAvQU6 +O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhpq1467HxpvMc7hU6eFbm0 +FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFtnh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOV +hMJKzRwuJIczYOXD +-----END CERTIFICATE----- + +QuoVadis Root CA 2 G3 +===================== +-----BEGIN CERTIFICATE----- +MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQELBQAwSDELMAkG +A1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAcBgNVBAMTFVF1b1ZhZGlzIFJv +b3QgQ0EgMiBHMzAeFw0xMjAxMTIxODU5MzJaFw00MjAxMTIxODU5MzJaMEgxCzAJBgNVBAYTAkJN +MRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDIg +RzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQChriWyARjcV4g/Ruv5r+LrI3HimtFh +ZiFfqq8nUeVuGxbULX1QsFN3vXg6YOJkApt8hpvWGo6t/x8Vf9WVHhLL5hSEBMHfNrMWn4rjyduY +NM7YMxcoRvynyfDStNVNCXJJ+fKH46nafaF9a7I6JaltUkSs+L5u+9ymc5GQYaYDFCDy54ejiK2t +oIz/pgslUiXnFgHVy7g1gQyjO/Dh4fxaXc6AcW34Sas+O7q414AB+6XrW7PFXmAqMaCvN+ggOp+o +MiwMzAkd056OXbxMmO7FGmh77FOm6RQ1o9/NgJ8MSPsc9PG/Srj61YxxSscfrf5BmrODXfKEVu+l +V0POKa2Mq1W/xPtbAd0jIaFYAI7D0GoT7RPjEiuA3GfmlbLNHiJuKvhB1PLKFAeNilUSxmn1uIZo +L1NesNKqIcGY5jDjZ1XHm26sGahVpkUG0CM62+tlXSoREfA7T8pt9DTEceT/AFr2XK4jYIVz8eQQ +sSWu1ZK7E8EM4DnatDlXtas1qnIhO4M15zHfeiFuuDIIfR0ykRVKYnLP43ehvNURG3YBZwjgQQvD +6xVu+KQZ2aKrr+InUlYrAoosFCT5v0ICvybIxo/gbjh9Uy3l7ZizlWNof/k19N+IxWA1ksB8aRxh +lRbQ694Lrz4EEEVlWFA4r0jyWbYW8jwNkALGcC4BrTwV1wIDAQABo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU7edvdlq/YOxJW8ald7tyFnGbxD0wDQYJKoZI +hvcNAQELBQADggIBAJHfgD9DCX5xwvfrs4iP4VGyvD11+ShdyLyZm3tdquXK4Qr36LLTn91nMX66 +AarHakE7kNQIXLJgapDwyM4DYvmL7ftuKtwGTTwpD4kWilhMSA/ohGHqPHKmd+RCroijQ1h5fq7K +pVMNqT1wvSAZYaRsOPxDMuHBR//47PERIjKWnML2W2mWeyAMQ0GaW/ZZGYjeVYg3UQt4XAoeo0L9 +x52ID8DyeAIkVJOviYeIyUqAHerQbj5hLja7NQ4nlv1mNDthcnPxFlxHBlRJAHpYErAK74X9sbgz +dWqTHBLmYF5vHX/JHyPLhGGfHoJE+V+tYlUkmlKY7VHnoX6XOuYvHxHaU4AshZ6rNRDbIl9qxV6X +U/IyAgkwo1jwDQHVcsaxfGl7w/U2Rcxhbl5MlMVerugOXou/983g7aEOGzPuVBj+D77vfoRrQ+Nw +mNtddbINWQeFFSM51vHfqSYP1kjHs6Yi9TM3WpVHn3u6GBVv/9YUZINJ0gpnIdsPNWNgKCLjsZWD +zYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeMHVOyToV7BjjHLPj4sHKN +JeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4WSr2Rz0ZiC3oheGe7IUIarFsNMkd7Egr +O3jtZsSOeWmD3n+M +-----END CERTIFICATE----- + +QuoVadis Root CA 3 G3 +===================== +-----BEGIN CERTIFICATE----- +MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQELBQAwSDELMAkG +A1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAcBgNVBAMTFVF1b1ZhZGlzIFJv +b3QgQ0EgMyBHMzAeFw0xMjAxMTIyMDI2MzJaFw00MjAxMTIyMDI2MzJaMEgxCzAJBgNVBAYTAkJN +MRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDMg +RzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCzyw4QZ47qFJenMioKVjZ/aEzHs286 +IxSR/xl/pcqs7rN2nXrpixurazHb+gtTTK/FpRp5PIpM/6zfJd5O2YIyC0TeytuMrKNuFoM7pmRL +Mon7FhY4futD4tN0SsJiCnMK3UmzV9KwCoWdcTzeo8vAMvMBOSBDGzXRU7Ox7sWTaYI+FrUoRqHe +6okJ7UO4BUaKhvVZR74bbwEhELn9qdIoyhA5CcoTNs+cra1AdHkrAj80//ogaX3T7mH1urPnMNA3 +I4ZyYUUpSFlob3emLoG+B01vr87ERRORFHAGjx+f+IdpsQ7vw4kZ6+ocYfx6bIrc1gMLnia6Et3U +VDmrJqMz6nWB2i3ND0/kA9HvFZcba5DFApCTZgIhsUfei5pKgLlVj7WiL8DWM2fafsSntARE60f7 +5li59wzweyuxwHApw0BiLTtIadwjPEjrewl5qW3aqDCYz4ByA4imW0aucnl8CAMhZa634RylsSqi +Md5mBPfAdOhx3v89WcyWJhKLhZVXGqtrdQtEPREoPHtht+KPZ0/l7DxMYIBpVzgeAVuNVejH38DM +dyM0SXV89pgR6y3e7UEuFAUCf+D+IOs15xGsIs5XPd7JMG0QA4XN8f+MFrXBsj6IbGB/kE+V9/Yt +rQE5BwT6dYB9v0lQ7e/JxHwc64B+27bQ3RP+ydOc17KXqQIDAQABo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUxhfQvKjqAkPyGwaZXSuQILnXnOQwDQYJKoZI +hvcNAQELBQADggIBADRh2Va1EodVTd2jNTFGu6QHcrxfYWLopfsLN7E8trP6KZ1/AvWkyaiTt3px +KGmPc+FSkNrVvjrlt3ZqVoAh313m6Tqe5T72omnHKgqwGEfcIHB9UqM+WXzBusnIFUBhynLWcKzS +t/Ac5IYp8M7vaGPQtSCKFWGafoaYtMnCdvvMujAWzKNhxnQT5WvvoxXqA/4Ti2Tk08HS6IT7SdEQ +TXlm66r99I0xHnAUrdzeZxNMgRVhvLfZkXdxGYFgu/BYpbWcC/ePIlUnwEsBbTuZDdQdm2NnL9Du +DcpmvJRPpq3t/O5jrFc/ZSXPsoaP0Aj/uHYUbt7lJ+yreLVTubY/6CD50qi+YUbKh4yE8/nxoGib +Ih6BJpsQBJFxwAYf3KDTuVan45gtf4Od34wrnDKOMpTwATwiKp9Dwi7DmDkHOHv8XgBCH/MyJnmD +hPbl8MFREsALHgQjDFSlTC9JxUrRtm5gDWv8a4uFJGS3iQ6rJUdbPM9+Sb3H6QrG2vd+DhcI00iX +0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HNPlopNLk9hM6xZdRZkZFW +dSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/ywaZWWDYWGWVjUTR939+J399roD1B0y2 +PpxxVJkES/1Y+Zj0 +-----END CERTIFICATE----- + +DigiCert Assured ID Root G2 +=========================== +-----BEGIN CERTIFICATE----- +MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSQw +IgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIwHhcNMTMwODAxMTIwMDAwWhcNMzgw +MTE1MTIwMDAwWjBlMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQL +ExB3d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ5ygvUj82ckmIkzTz+GoeMVSAn61UQbVH +35ao1K+ALbkKz3X9iaV9JPrjIgwrvJUXCzO/GU1BBpAAvQxNEP4HteccbiJVMWWXvdMX0h5i89vq +bFCMP4QMls+3ywPgym2hFEwbid3tALBSfK+RbLE4E9HpEgjAALAcKxHad3A2m67OeYfcgnDmCXRw +VWmvo2ifv922ebPynXApVfSr/5Vh88lAbx3RvpO704gqu52/clpWcTs/1PPRCv4o76Pu2ZmvA9OP +YLfykqGxvYmJHzDNw6YuYjOuFgJ3RFrngQo8p0Quebg/BLxcoIfhG69Rjs3sLPr4/m3wOnyqi+Rn +lTGNAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBTO +w0q5mVXyuNtgv6l+vVa1lzan1jANBgkqhkiG9w0BAQsFAAOCAQEAyqVVjOPIQW5pJ6d1Ee88hjZv +0p3GeDgdaZaikmkuOGybfQTUiaWxMTeKySHMq2zNixya1r9I0jJmwYrA8y8678Dj1JGG0VDjA9tz +d29KOVPt3ibHtX2vK0LRdWLjSisCx1BL4GnilmwORGYQRI+tBev4eaymG+g3NJ1TyWGqolKvSnAW +hsI6yLETcDbYz+70CjTVW0z9B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0M +jomZmWzwPDCvON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo +IhNzbM8m9Yop5w== +-----END CERTIFICATE----- + +DigiCert Assured ID Root G3 +=========================== +-----BEGIN CERTIFICATE----- +MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQswCQYDVQQGEwJV +UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSQwIgYD +VQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1 +MTIwMDAwWjBlMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwdjAQ +BgcqhkjOPQIBBgUrgQQAIgNiAAQZ57ysRGXtzbg/WPuNsVepRC0FFfLvC/8QdJ+1YlJfZn4f5dwb +RXkLzMZTCp2NXQLZqVneAlr2lSoOjThKiknGvMYDOAdfVdp+CW7if17QRSAPWXYQ1qAk8C3eNvJs +KTmjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBTL0L2p4ZgF +UaFNN6KDec6NHSrkhDAKBggqhkjOPQQDAwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5Fy +YZ5eEJJZVrmDxxDnOOlYJjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy +1vUhZscv6pZjamVFkpUBtA== +-----END CERTIFICATE----- + +DigiCert Global Root G2 +======================= +-----BEGIN CERTIFICATE----- +MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAw +HgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUx +MjAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3 +dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI2/Ou8jqJ +kTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx1x7e/dfgy5SDN67sH0NO +3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQq2EGnI/yuum06ZIya7XzV+hdG82MHauV +BJVJ8zUtluNJbd134/tJS7SsVQepj5WztCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyM +UNGPHgm+F6HmIcr9g+UQvIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQAB +o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV5uNu +5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY1Yl9PMWLSn/pvtsr +F9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4NeF22d+mQrvHRAiGfzZ0JFrabA0U +WTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NGFdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBH +QRFXGU7Aj64GxJUTFy8bJZ918rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/ +iyK5S9kJRaTepLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl +MrY= +-----END CERTIFICATE----- + +DigiCert Global Root G3 +======================= +-----BEGIN CERTIFICATE----- +MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQswCQYDVQQGEwJV +UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYD +VQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAw +MDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5k +aWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEczMHYwEAYHKoZIzj0C +AQYFK4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOrexpu80JX28MzQC7phW1FGfp4tn+6O +YwwX7Adw9c+ELkCDnOg/QW07rdOkFFk2eJ0DQ+4QE2xy3q6Ip6FrtUPOZ9wj/wMco+I+o0IwQDAP +BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNp +Yim8S8YwCgYIKoZIzj0EAwMDaAAwZQIxAK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y +3maTD/HMsQmP3Wyr+mt/oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34 +VOKa5Vt8sycX +-----END CERTIFICATE----- + +DigiCert Trusted Root G4 +======================== +-----BEGIN CERTIFICATE----- +MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBiMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSEw +HwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1 +MTIwMDAwWjBiMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0G +CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3yithZwuEp +pz1Yq3aaza57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1Ifxp4VpX6+n6lXFllVcq9o +k3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDVySAdYyktzuxeTsiT+CFhmzTrBcZe7Fsa +vOvJz82sNEBfsXpm7nfISKhmV1efVFiODCu3T6cw2Vbuyntd463JT17lNecxy9qTXtyOj4DatpGY +QJB5w3jHtrHEtWoYOAMQjdjUN6QuBX2I9YI+EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6 +MUSaM0C/CNdaSaTC5qmgZ92kJ7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCiEhtm +mnTK3kse5w5jrubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADMfRyVw4/3IbKyEbe7 +f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QYuKZ3AeEPlAwhHbJUKSWJbOUOUlFH +dL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXKchYiCd98THU/Y+whX8QgUWtvsauGi0/C1kVfnSD8 +oR7FwI+isX4KJpn15GkvmB0t9dmpsh3lGwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud +DwEB/wQEAwIBhjAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZIhvcNAQEMBQAD +ggIBALth2X2pbL4XxJEbw6GiAI3jZGgPVs93rnD5/ZpKmbnJeFwMDF/k5hQpVgs2SV1EY+CtnJYY +ZhsjDT156W1r1lT40jzBQ0CuHVD1UvyQO7uYmWlrx8GnqGikJ9yd+SeuMIW59mdNOj6PWTkiU0Tr +yF0Dyu1Qen1iIQqAyHNm0aAFYF/opbSnr6j3bTWcfFqK1qI4mfN4i/RN0iAL3gTujJtHgXINwBQy +7zBZLq7gcfJW5GqXb5JQbZaNaHqasjYUegbyJLkJEVDXCLG4iXqEI2FCKeWjzaIgQdfRnGTZ6iah +ixTXTBmyUEFxPT9NcCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN +5r5N0XWs0Mr7QbhDparTwwVETyw2m+L64kW4I1NsBm9nVX9GtUw/bihaeSbSpKhil9Ie4u1Ki7wb +/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mIr/OSmbaz5mEP0oUA51Aa +5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1/YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tK +G48BtieVU+i2iW1bvGjUI+iLUaJW+fCmgKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP +82Z+ +-----END CERTIFICATE----- + +WoSign +====== +-----BEGIN CERTIFICATE----- +MIIFdjCCA16gAwIBAgIQXmjWEXGUY1BWAGjzPsnFkTANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQG +EwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxKjAoBgNVBAMTIUNlcnRpZmljYXRpb24g +QXV0aG9yaXR5IG9mIFdvU2lnbjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgwMTAwMDFaMFUxCzAJ +BgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEqMCgGA1UEAxMhQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkgb2YgV29TaWduMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA +vcqNrLiRFVaXe2tcesLea9mhsMMQI/qnobLMMfo+2aYpbxY94Gv4uEBf2zmoAHqLoE1UfcIiePyO +CbiohdfMlZdLdNiefvAA5A6JrkkoRBoQmTIPJYhTpA2zDxIIFgsDcSccf+Hb0v1naMQFXQoOXXDX +2JegvFNBmpGN9J42Znp+VsGQX+axaCA2pIwkLCxHC1l2ZjC1vt7tj/id07sBMOby8w7gLJKA84X5 +KIq0VC6a7fd2/BVoFutKbOsuEo/Uz/4Mx1wdC34FMr5esAkqQtXJTpCzWQ27en7N1QhatH/YHGkR ++ScPewavVIMYe+HdVHpRaG53/Ma/UkpmRqGyZxq7o093oL5d//xWC0Nyd5DKnvnyOfUNqfTq1+ez +EC8wQjchzDBwyYaYD8xYTYO7feUapTeNtqwylwA6Y3EkHp43xP901DfA4v6IRmAR3Qg/UDaruHqk +lWJqbrDKaiFaafPz+x1wOZXzp26mgYmhiMU7ccqjUu6Du/2gd/Tkb+dC221KmYo0SLwX3OSACCK2 +8jHAPwQ+658geda4BmRkAjHXqc1S+4RFaQkAKtxVi8QGRkvASh0JWzko/amrzgD5LkhLJuYwTKVY +yrREgk/nkR4zw7CT/xH8gdLKH3Ep3XZPkiWvHYG3Dy+MwwbMLyejSuQOmbp8HkUff6oZRZb9/D0C +AwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOFmzw7R +8bNLtwYgFP6HEtX2/vs+MA0GCSqGSIb3DQEBBQUAA4ICAQCoy3JAsnbBfnv8rWTjMnvMPLZdRtP1 +LOJwXcgu2AZ9mNELIaCJWSQBnfmvCX0KI4I01fx8cpm5o9dU9OpScA7F9dY74ToJMuYhOZO9sxXq +T2r09Ys/L3yNWC7F4TmgPsc9SnOeQHrAK2GpZ8nzJLmzbVUsWh2eJXLOC62qx1ViC777Y7NhRCOj +y+EaDveaBk3e1CNOIZZbOVtXHS9dCF4Jef98l7VNg64N1uajeeAz0JmWAjCnPv/So0M/BVoG6kQC +2nz4SNAzqfkHx5Xh9T71XXG68pWpdIhhWeO/yloTunK0jF02h+mmxTwTv97QRCbut+wucPrXnbes +5cVAWubXbHssw1abR80LzvobtCHXt2a49CUwi1wNuepnsvRtrtWhnk/Yn+knArAdBtaP4/tIEp9/ +EaEQPkxROpaw0RPxx9gmrjrKkcRpnd8BKWRRb2jaFOwIQZeQjdCygPLPwj2/kWjFgGcexGATVdVh +mVd8upUPYUk6ynW8yQqTP2cOEvIo4jEbwFcW3wh8GcF+Dx+FHgo2fFt+J7x6v+Db9NpSvd4MVHAx +kUOVyLzwPt0JfjBkUO1/AaQzZ01oT74V77D2AhGiGxMlOtzCWfHjXEa7ZywCRuoeSKbmW9m1vFGi +kpbbqsY3Iqb+zCB0oy2pLmvLwIIRIbWTee5Ehr7XHuQe+w== +-----END CERTIFICATE----- + +WoSign China +============ +-----BEGIN CERTIFICATE----- +MIIFWDCCA0CgAwIBAgIQUHBrzdgT/BtOOzNy0hFIjTANBgkqhkiG9w0BAQsFADBGMQswCQYDVQQG +EwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMMEkNBIOayg+mAmuagueiv +geS5pjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgwMTAwMDFaMEYxCzAJBgNVBAYTAkNOMRowGAYD +VQQKExFXb1NpZ24gQ0EgTGltaXRlZDEbMBkGA1UEAwwSQ0Eg5rKD6YCa5qC56K+B5LmmMIICIjAN +BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0EkhHiX8h8EqwqzbdoYGTufQdDTc7WU1/FDWiD+k +8H/rD195L4mx/bxjWDeTmzj4t1up+thxx7S8gJeNbEvxUNUqKaqoGXqW5pWOdO2XCld19AXbbQs5 +uQF/qvbW2mzmBeCkTVL829B0txGMe41P/4eDrv8FAxNXUDf+jJZSEExfv5RxadmWPgxDT74wwJ85 +dE8GRV2j1lY5aAfMh09Qd5Nx2UQIsYo06Yms25tO4dnkUkWMLhQfkWsZHWgpLFbE4h4TV2TwYeO5 +Ed+w4VegG63XX9Gv2ystP9Bojg/qnw+LNVgbExz03jWhCl3W6t8Sb8D7aQdGctyB9gQjF+BNdeFy +b7Ao65vh4YOhn0pdr8yb+gIgthhid5E7o9Vlrdx8kHccREGkSovrlXLp9glk3Kgtn3R46MGiCWOc +76DbT52VqyBPt7D3h1ymoOQ3OMdc4zUPLK2jgKLsLl3Az+2LBcLmc272idX10kaO6m1jGx6KyX2m ++Jzr5dVjhU1zZmkR/sgO9MHHZklTfuQZa/HpelmjbX7FF+Ynxu8b22/8DU0GAbQOXDBGVWCvOGU6 +yke6rCzMRh+yRpY/8+0mBe53oWprfi1tWFxK1I5nuPHa1UaKJ/kR8slC/k7e3x9cxKSGhxYzoacX +GKUN5AXlK8IrC6KVkLn9YDxOiT7nnO4fuwECAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1Ud +EwEB/wQFMAMBAf8wHQYDVR0OBBYEFOBNv9ybQV0T6GTwp+kVpOGBwboxMA0GCSqGSIb3DQEBCwUA +A4ICAQBqinA4WbbaixjIvirTthnVZil6Xc1bL3McJk6jfW+rtylNpumlEYOnOXOvEESS5iVdT2H6 +yAa+Tkvv/vMx/sZ8cApBWNromUuWyXi8mHwCKe0JgOYKOoICKuLJL8hWGSbueBwj/feTZU7n85iY +r83d2Z5AiDEoOqsuC7CsDCT6eiaY8xJhEPRdF/d+4niXVOKM6Cm6jBAyvd0zaziGfjk9DgNyp115 +j0WKWa5bIW4xRtVZjc8VX90xJc/bYNaBRHIpAlf2ltTW/+op2znFuCyKGo3Oy+dCMYYFaA6eFN0A +kLppRQjbbpCBhqcqBT/mhDn4t/lXX0ykeVoQDF7Va/81XwVRHmyjdanPUIPTfPRm94KNPQx96N97 +qA4bLJyuQHCH2u2nFoJavjVsIE4iYdm8UXrNemHcSxH5/mc0zy4EZmFcV5cjjPOGG0jfKq+nwf/Y +jj4Du9gqsPoUJbJRa4ZDhS4HIxaAjUz7tGM7zMN07RujHv41D198HRaG9Q7DlfEvr10lO1Hm13ZB +ONFLAzkopR6RctR9q5czxNM+4Gm2KHmgCY0c0f9BckgG/Jou5yD5m6Leie2uPAmvylezkolwQOQv +T8Jwg0DXJCxr5wkf09XHwQj02w47HAcLQxGEIYbpgNR12KvxAmLBsX5VYc8T1yaw15zLKYs4SgsO +kI26oQ== +-----END CERTIFICATE----- + +COMODO RSA Certification Authority +================================== +-----BEGIN CERTIFICATE----- +MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCBhTELMAkGA1UE +BhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgG +A1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlv +biBBdXRob3JpdHkwHhcNMTAwMTE5MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMC +R0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UE +ChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBB +dXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR6FSS0gpWsawNJN3Fz0Rn +dJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8Xpz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZ +FGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+ +5eNu/Nio5JIk2kNrYrhV/erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pG +x8cgoLEfZd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z+pUX +2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7wqP/0uK3pN/u6uPQL +OvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZahSL0896+1DSJMwBGB7FY79tOi4lu3 +sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVICu9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+C +GCe01a60y1Dma/RMhnEw6abfFobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5 +WdYgGq/yapiqcrxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E +FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w +DQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvlwFTPoCWOAvn9sKIN9SCYPBMt +rFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+ +nq6PK7o9mfjYcwlYRm6mnPTXJ9OV2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSg +tZx8jb8uk2IntznaFxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwW +sRqZCuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiKboHGhfKp +pC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmckejkk9u+UJueBPSZI9FoJA +zMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yLS0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHq +ZJx64SIDqZxubw5lT2yHh17zbqD5daWbQOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk52 +7RH89elWsn2/x20Kk4yl0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7I +LaZRfyHBNVOFBkpdn627G190 +-----END CERTIFICATE----- + +USERTrust RSA Certification Authority +===================================== +-----BEGIN CERTIFICATE----- +MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCBiDELMAkGA1UE +BhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQK +ExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkwHhcNMTAwMjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UE +BhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQK +ExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCAEmUXNg7D2wiz +0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2j +Y0K2dvKpOyuR+OJv0OwWIJAJPuLodMkYtJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFn +RghRy4YUVD+8M/5+bJz/Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O ++T23LLb2VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT79uq +/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6c0Plfg6lZrEpfDKE +Y1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmTYo61Zs8liM2EuLE/pDkP2QKe6xJM +lXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97lc6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8 +yexDJtC/QV9AqURE9JnnV4eeUB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+ +eLf8ZxXhyVeEHg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd +BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF +MAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPFUp/L+M+ZBn8b2kMVn54CVVeW +FPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KOVWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ +7l8wXEskEVX/JJpuXior7gtNn3/3ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQ +Eg9zKC7F4iRO/Fjs8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM +8WcRiQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYzeSf7dNXGi +FSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZXHlKYC6SQK5MNyosycdi +yA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9c +J2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRBVXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGw +sAvgnEzDHNb842m1R0aBL6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gx +Q+6IHdfGjjxDah2nGN59PRbxYvnKkKj9 +-----END CERTIFICATE----- + +USERTrust ECC Certification Authority +===================================== +-----BEGIN CERTIFICATE----- +MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDELMAkGA1UEBhMC +VVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU +aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlv +biBBdXRob3JpdHkwHhcNMTAwMjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMC +VVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU +aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlv +biBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQarFRaqfloI+d61SRvU8Za2EurxtW2 +0eZzca7dnNYMYf3boIkDuAUU7FfO7l0/4iGzzvfUinngo4N+LZfQYcTxmdwlkWOrfzCjtHDix6Ez +nPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0GA1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNV +HQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBB +HU6+4WMBzzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbWRNZu +9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg= +-----END CERTIFICATE----- + +GlobalSign ECC Root CA - R4 +=========================== +-----BEGIN CERTIFICATE----- +MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEkMCIGA1UECxMb +R2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQD +EwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoXDTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMb +R2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQD +EwpHbG9iYWxTaWduMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuMZ5049sJQ6fLjkZHAOkrprl +OQcJFspjsbmG+IpXwVfOQvpzofdlQv8ewQCybnMO/8ch5RikqtlxP6jUuc6MHaNCMEAwDgYDVR0P +AQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFSwe61FuOJAf/sKbvu+M8k8o4TV +MAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGXkPoUVy0D7O48027KqGx2vKLeuwIgJ6iF +JzWbVsaj8kfSt24bAgAXqmemFZHe+pTsewv4n4Q= +-----END CERTIFICATE----- + +GlobalSign ECC Root CA - R5 +=========================== +-----BEGIN CERTIFICATE----- +MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEkMCIGA1UECxMb +R2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQD +EwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoXDTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMb +R2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQD +EwpHbG9iYWxTaWduMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAER0UOlvt9Xb/pOdEh+J8LttV7HpI6 +SFkc8GIxLcB6KP4ap1yztsyX50XUWPrRd21DosCHZTQKH3rd6zwzocWdTaRvQZU4f8kehOvRnkmS +h5SHDDqFSmafnVmTTZdhBoZKo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAd +BgNVHQ4EFgQUPeYpSJvqB8ohREom3m7e0oPQn1kwCgYIKoZIzj0EAwMDaAAwZQIxAOVpEslu28Yx +uglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7 +yFz9SO8NdCKoCOJuxUnOxwy8p2Fp8fc74SrL+SvzZpA3 +-----END CERTIFICATE----- + +Staat der Nederlanden Root CA - G3 +================================== +-----BEGIN CERTIFICATE----- +MIIFdDCCA1ygAwIBAgIEAJiiOTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJOTDEeMBwGA1UE +CgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFhdCBkZXIgTmVkZXJsYW5kZW4g +Um9vdCBDQSAtIEczMB4XDTEzMTExNDExMjg0MloXDTI4MTExMzIzMDAwMFowWjELMAkGA1UEBhMC +TkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5l +ZGVybGFuZGVuIFJvb3QgQ0EgLSBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL4y +olQPcPssXFnrbMSkUeiFKrPMSjTysF/zDsccPVMeiAho2G89rcKezIJnByeHaHE6n3WWIkYFsO2t +x1ueKt6c/DrGlaf1F2cY5y9JCAxcz+bMNO14+1Cx3Gsy8KL+tjzk7FqXxz8ecAgwoNzFs21v0IJy +EavSgWhZghe3eJJg+szeP4TrjTgzkApyI/o1zCZxMdFyKJLZWyNtZrVtB0LrpjPOktvA9mxjeM3K +Tj215VKb8b475lRgsGYeCasH/lSJEULR9yS6YHgamPfJEf0WwTUaVHXvQ9Plrk7O53vDxk5hUUur +mkVLoR9BvUhTFXFkC4az5S6+zqQbwSmEorXLCCN2QyIkHxcE1G6cxvx/K2Ya7Irl1s9N9WMJtxU5 +1nus6+N86U78dULI7ViVDAZCopz35HCz33JvWjdAidiFpNfxC95DGdRKWCyMijmev4SH8RY7Ngzp +07TKbBlBUgmhHbBqv4LvcFEhMtwFdozL92TkA1CvjJFnq8Xy7ljY3r735zHPbMk7ccHViLVlvMDo +FxcHErVc0qsgk7TmgoNwNsXNo42ti+yjwUOH5kPiNL6VizXtBznaqB16nzaeErAMZRKQFWDZJkBE +41ZgpRDUajz9QdwOWke275dhdU/Z/seyHdTtXUmzqWrLZoQT1Vyg3N9udwbRcXXIV2+vD3dbAgMB +AAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRUrfrHkleu +yjWcLhL75LpdINyUVzANBgkqhkiG9w0BAQsFAAOCAgEAMJmdBTLIXg47mAE6iqTnB/d6+Oea31BD +U5cqPco8R5gu4RV78ZLzYdqQJRZlwJ9UXQ4DO1t3ApyEtg2YXzTdO2PCwyiBwpwpLiniyMMB8jPq +KqrMCQj3ZWfGzd/TtiunvczRDnBfuCPRy5FOCvTIeuXZYzbB1N/8Ipf3YF3qKS9Ysr1YvY2WTxB1 +v0h7PVGHoTx0IsL8B3+A3MSs/mrBcDCw6Y5p4ixpgZQJut3+TcCDjJRYwEYgr5wfAvg1VUkvRtTA +8KCWAg8zxXHzniN9lLf9OtMJgwYh/WA9rjLA0u6NpvDntIJ8CsxwyXmA+P5M9zWEGYox+wrZ13+b +8KKaa8MFSu1BYBQw0aoRQm7TIwIEC8Zl3d1Sd9qBa7Ko+gE4uZbqKmxnl4mUnrzhVNXkanjvSr0r +mj1AfsbAddJu+2gw7OyLnflJNZoaLNmzlTnVHpL3prllL+U9bTpITAjc5CgSKL59NVzq4BZ+Extq +1z7XnvwtdbLBFNUjA9tbbws+eC8N3jONFrdI54OagQ97wUNNVQQXOEpR1VmiiXTTn74eS9fGbbeI +JG9gkaSChVtWQbzQRKtqE77RLFi3EjNYsjdj3BP1lB0/QFH1T/U67cjF68IeHRaVesd+QnGTbksV +tzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM94B7IWcnMFk= +-----END CERTIFICATE----- + +Staat der Nederlanden EV Root CA +================================ +-----BEGIN CERTIFICATE----- +MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJOTDEeMBwGA1UE +CgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFhdCBkZXIgTmVkZXJsYW5kZW4g +RVYgUm9vdCBDQTAeFw0xMDEyMDgxMTE5MjlaFw0yMjEyMDgxMTEwMjhaMFgxCzAJBgNVBAYTAk5M +MR4wHAYDVQQKDBVTdGFhdCBkZXIgTmVkZXJsYW5kZW4xKTAnBgNVBAMMIFN0YWF0IGRlciBOZWRl +cmxhbmRlbiBFViBSb290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA48d+ifkk +SzrSM4M1LGns3Amk41GoJSt5uAg94JG6hIXGhaTK5skuU6TJJB79VWZxXSzFYGgEt9nCUiY4iKTW +O0Cmws0/zZiTs1QUWJZV1VD+hq2kY39ch/aO5ieSZxeSAgMs3NZmdO3dZ//BYY1jTw+bbRcwJu+r +0h8QoPnFfxZpgQNH7R5ojXKhTbImxrpsX23Wr9GxE46prfNeaXUmGD5BKyF/7otdBwadQ8QpCiv8 +Kj6GyzyDOvnJDdrFmeK8eEEzduG/L13lpJhQDBXd4Pqcfzho0LKmeqfRMb1+ilgnQ7O6M5HTp5gV +XJrm0w912fxBmJc+qiXbj5IusHsMX/FjqTf5m3VpTCgmJdrV8hJwRVXj33NeN/UhbJCONVrJ0yPr +08C+eKxCKFhmpUZtcALXEPlLVPxdhkqHz3/KRawRWrUgUY0viEeXOcDPusBCAUCZSCELa6fS/ZbV +0b5GnUngC6agIk440ME8MLxwjyx1zNDFjFE7PZQIZCZhfbnDZY8UnCHQqv0XcgOPvZuM5l5Tnrmd +74K74bzickFbIZTTRTeU0d8JOV3nI6qaHcptqAqGhYqCvkIH1vI4gnPah1vlPNOePqc7nvQDs/nx +fRN0Av+7oeX6AHkcpmZBiFxgV6YuCcS6/ZrPpx9Aw7vMWgpVSzs4dlG4Y4uElBbmVvMCAwEAAaNC +MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFP6rAJCYniT8qcwa +ivsnuL8wbqg7MA0GCSqGSIb3DQEBCwUAA4ICAQDPdyxuVr5Os7aEAJSrR8kN0nbHhp8dB9O2tLsI +eK9p0gtJ3jPFrK3CiAJ9Brc1AsFgyb/E6JTe1NOpEyVa/m6irn0F3H3zbPB+po3u2dfOWBfoqSmu +c0iH55vKbimhZF8ZE/euBhD/UcabTVUlT5OZEAFTdfETzsemQUHSv4ilf0X8rLiltTMMgsT7B/Zq +5SWEXwbKwYY5EdtYzXc7LMJMD16a4/CrPmEbUCTCwPTxGfARKbalGAKb12NMcIxHowNDXLldRqAN +b/9Zjr7dn3LDWyvfjFvO5QxGbJKyCqNMVEIYFRIYvdr8unRu/8G2oGTYqV9Vrp9canaW2HNnh/tN +f1zuacpzEPuKqf2evTY4SUmH9A4U8OmHuD+nT3pajnnUk+S7aFKErGzp85hwVXIy+TSrK0m1zSBi +5Dp6Z2Orltxtrpfs/J92VoguZs9btsmksNcFuuEnL5O7Jiqik7Ab846+HUCjuTaPPoIaGl6I6lD4 +WeKDRikL40Rc4ZW2aZCaFG+XroHPaO+Zmr615+F/+PoTRxZMzG0IQOeLeG9QgkRQP2YGiqtDhFZK +DyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGy +eUN51q1veieQA6TqJIc/2b3Z6fJfUEkc7uzXLg== +-----END CERTIFICATE----- + +IdenTrust Commercial Root CA 1 +============================== +-----BEGIN CERTIFICATE----- +MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBKMQswCQYDVQQG +EwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBS +b290IENBIDEwHhcNMTQwMTE2MTgxMjIzWhcNMzQwMTE2MTgxMjIzWjBKMQswCQYDVQQGEwJVUzES +MBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBSb290IENB +IDEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCnUBneP5k91DNG8W9RYYKyqU+PZ4ld +hNlT3Qwo2dfw/66VQ3KZ+bVdfIrBQuExUHTRgQ18zZshq0PirK1ehm7zCYofWjK9ouuU+ehcCuz/ +mNKvcbO0U59Oh++SvL3sTzIwiEsXXlfEU8L2ApeN2WIrvyQfYo3fw7gpS0l4PJNgiCL8mdo2yMKi +1CxUAGc1bnO/AljwpN3lsKImesrgNqUZFvX9t++uP0D1bVoE/c40yiTcdCMbXTMTEl3EASX2MN0C +XZ/g1Ue9tOsbobtJSdifWwLziuQkkORiT0/Br4sOdBeo0XKIanoBScy0RnnGF7HamB4HWfp1IYVl +3ZBWzvurpWCdxJ35UrCLvYf5jysjCiN2O/cz4ckA82n5S6LgTrx+kzmEB/dEcH7+B1rlsazRGMzy +NeVJSQjKVsk9+w8YfYs7wRPCTY/JTw436R+hDmrfYi7LNQZReSzIJTj0+kuniVyc0uMNOYZKdHzV +WYfCP04MXFL0PfdSgvHqo6z9STQaKPNBiDoT7uje/5kdX7rL6B7yuVBgwDHTc+XvvqDtMwt0viAg +xGds8AgDelWAf0ZOlqf0Hj7h9tgJ4TNkK2PXMl6f+cB7D3hvl7yTmvmcEpB4eoCHFddydJxVdHix +uuFucAS6T6C6aMN7/zHwcz09lCqxC0EOoP5NiGVreTO01wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMC +AQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU7UQZwNPwBovupHu+QucmVMiONnYwDQYJKoZI +hvcNAQELBQADggIBAA2ukDL2pkt8RHYZYR4nKM1eVO8lvOMIkPkp165oCOGUAFjvLi5+U1KMtlwH +6oi6mYtQlNeCgN9hCQCTrQ0U5s7B8jeUeLBfnLOic7iPBZM4zY0+sLj7wM+x8uwtLRvM7Kqas6pg +ghstO8OEPVeKlh6cdbjTMM1gCIOQ045U8U1mwF10A0Cj7oV+wh93nAbowacYXVKV7cndJZ5t+qnt +ozo00Fl72u1Q8zW/7esUTTHHYPTa8Yec4kjixsU3+wYQ+nVZZjFHKdp2mhzpgq7vmrlR94gjmmmV +YjzlVYA211QC//G5Xc7UI2/YRYRKW2XviQzdFKcgyxilJbQN+QHwotL0AMh0jqEqSI5l2xPE4iUX +feu+h1sXIFRRk0pTAwvsXcoz7WL9RccvW9xYoIA55vrX/hMUpu09lEpCdNTDd1lzzY9GvlU47/ro +kTLql1gEIt44w8y8bckzOmoKaT+gyOpyj4xjhiO9bTyWnpXgSUyqorkqG5w2gXjtw+hG4iZZRHUe +2XWJUc0QhJ1hYMtd+ZciTY6Y5uN/9lu7rs3KSoFrXgvzUeF0K+l+J6fZmUlO+KWA2yUPHGNiiskz +Z2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7R +cGzM7vRX+Bi6hG6H +-----END CERTIFICATE----- + +IdenTrust Public Sector Root CA 1 +================================= +-----BEGIN CERTIFICATE----- +MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQG +EwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3Rv +ciBSb290IENBIDEwHhcNMTQwMTE2MTc1MzMyWhcNMzQwMTE2MTc1MzMyWjBNMQswCQYDVQQGEwJV +UzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3RvciBS +b290IENBIDEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2IpT8pEiv6EdrCvsnduTy +P4o7ekosMSqMjbCpwzFrqHd2hCa2rIFCDQjrVVi7evi8ZX3yoG2LqEfpYnYeEe4IFNGyRBb06tD6 +Hi9e28tzQa68ALBKK0CyrOE7S8ItneShm+waOh7wCLPQ5CQ1B5+ctMlSbdsHyo+1W/CD80/HLaXI +rcuVIKQxKFdYWuSNG5qrng0M8gozOSI5Cpcu81N3uURF/YTLNiCBWS2ab21ISGHKTN9T0a9SvESf +qy9rg3LvdYDaBjMbXcjaY8ZNzaxmMc3R3j6HEDbhuaR672BQssvKplbgN6+rNBM5Jeg5ZuSYeqoS +mJxZZoY+rfGwyj4GD3vwEUs3oERte8uojHH01bWRNszwFcYr3lEXsZdMUD2xlVl8BX0tIdUAvwFn +ol57plzy9yLxkA2T26pEUWbMfXYD62qoKjgZl3YNa4ph+bz27nb9cCvdKTz4Ch5bQhyLVi9VGxyh +LrXHFub4qjySjmm2AcG1hp2JDws4lFTo6tyePSW8Uybt1as5qsVATFSrsrTZ2fjXctscvG29ZV/v +iDUqZi/u9rNl8DONfJhBaUYPQxxp+pu10GFqzcpL2UyQRqsVWaFHVCkugyhfHMKiq3IXAAaOReyL +4jM9f9oZRORicsPfIsbyVtTdX5Vy7W1f90gDW/3FKqD2cyOEEBsB5wIDAQABo0IwQDAOBgNVHQ8B +Af8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU43HgntinQtnbcZFrlJPrw6PRFKMw +DQYJKoZIhvcNAQELBQADggIBAEf63QqwEZE4rU1d9+UOl1QZgkiHVIyqZJnYWv6IAcVYpZmxI1Qj +t2odIFflAWJBF9MJ23XLblSQdf4an4EKwt3X9wnQW3IV5B4Jaj0z8yGa5hV+rVHVDRDtfULAj+7A +mgjVQdZcDiFpboBhDhXAuM/FSRJSzL46zNQuOAXeNf0fb7iAaJg9TaDKQGXSc3z1i9kKlT/YPyNt +GtEqJBnZhbMX73huqVjRI9PHE+1yJX9dsXNw0H8GlwmEKYBhHfpe/3OsoOOJuBxxFcbeMX8S3OFt +m6/n6J91eEyrRjuazr8FGF1NFTwWmhlQBJqymm9li1JfPFgEKCXAZmExfrngdbkaqIHWchezxQMx +NRF4eKLg6TCMf4DfWN88uieW4oA0beOY02QnrEh+KHdcxiVhJfiFDGX6xDIvpZgF5PgLZxYWxoK4 +Mhn5+bl53B/N66+rDt0b20XkeucC4pVd/GnwU2lhlXV5C15V5jgclKlZM57IcXR5f1GJtshquDDI +ajjDbp7hNxbqBWJMWxJH7ae0s1hWx0nzfxJoCTFx8G34Tkf71oXuxVhAGaQdp/lLQzfcaFpPz+vC +ZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv8Ue1fXwsBOxonbRJRBD0ckscZOf85muQ +3Wl9af0AVqW3rLatt8o+Ae+c +-----END CERTIFICATE----- + +Entrust Root Certification Authority - G2 +========================================= +-----BEGIN CERTIFICATE----- +MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMCVVMxFjAUBgNV +BAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVy +bXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ug +b25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIw +HhcNMDkwNzA3MTcyNTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoT +DUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMx +OTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25s +eTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP +/vaCeb9zYQYKpSfYs1/TRU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXz +HHfV1IWNcCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hWwcKU +s/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1U1+cPvQXLOZprE4y +TGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0jaWvYkxN4FisZDQSA/i2jZRjJKRx +AgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ6 +0B7vfec7aVHUbI2fkBJmqzANBgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5Z +iXMRrEPR9RP/jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ +Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v1fN2D807iDgi +nWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4RnAuknZoh8/CbCzB428Hch0P+ +vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmHVHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xO +e4pIb4tF9g== +-----END CERTIFICATE----- + +Entrust Root Certification Authority - EC1 +========================================== +-----BEGIN CERTIFICATE----- +MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkGA1UEBhMCVVMx +FjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVn +YWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXpl +ZCB1c2Ugb25seTEzMDEGA1UEAxMqRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 +IC0gRUMxMB4XDTEyMTIxODE1MjUzNloXDTM3MTIxODE1NTUzNlowgb8xCzAJBgNVBAYTAlVTMRYw +FAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2Fs +LXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQg +dXNlIG9ubHkxMzAxBgNVBAMTKkVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt +IEVDMTB2MBAGByqGSM49AgEGBSuBBAAiA2IABIQTydC6bUF74mzQ61VfZgIaJPRbiWlH47jCffHy +AsWfoPZb1YsGGYZPUxBtByQnoaD41UcZYUx9ypMn6nQM72+WCf5j7HBdNq1nd67JnXxVRDqiY1Ef +9eNi1KlHBz7MIKNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE +FLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVCR98crlOZF7ZvHH3h +vxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nXhTcGtXsI/esni0qU+eH6p44mCOh8 +kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G +-----END CERTIFICATE----- + +CFCA EV ROOT +============ +-----BEGIN CERTIFICATE----- +MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJDTjEwMC4GA1UE +CgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQDDAxDRkNB +IEVWIFJPT1QwHhcNMTIwODA4MDMwNzAxWhcNMjkxMjMxMDMwNzAxWjBWMQswCQYDVQQGEwJDTjEw +MC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQD +DAxDRkNBIEVWIFJPT1QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDXXWvNED8fBVnV +BU03sQ7smCuOFR36k0sXgiFxEFLXUWRwFsJVaU2OFW2fvwwbwuCjZ9YMrM8irq93VCpLTIpTUnrD +7i7es3ElweldPe6hL6P3KjzJIx1qqx2hp/Hz7KDVRM8Vz3IvHWOX6Jn5/ZOkVIBMUtRSqy5J35DN +uF++P96hyk0g1CXohClTt7GIH//62pCfCqktQT+x8Rgp7hZZLDRJGqgG16iI0gNyejLi6mhNbiyW +ZXvKWfry4t3uMCz7zEasxGPrb382KzRzEpR/38wmnvFyXVBlWY9ps4deMm/DGIq1lY+wejfeWkU7 +xzbh72fROdOXW3NiGUgthxwG+3SYIElz8AXSG7Ggo7cbcNOIabla1jj0Ytwli3i/+Oh+uFzJlU9f +py25IGvPa931DfSCt/SyZi4QKPaXWnuWFo8BGS1sbn85WAZkgwGDg8NNkt0yxoekN+kWzqotaK8K +gWU6cMGbrU1tVMoqLUuFG7OA5nBFDWteNfB/O7ic5ARwiRIlk9oKmSJgamNgTnYGmE69g60dWIol +hdLHZR4tjsbftsbhf4oEIRUpdPA+nJCdDC7xij5aqgwJHsfVPKPtl8MeNPo4+QgO48BdK4PRVmrJ +tqhUUy54Mmc9gn900PvhtgVguXDbjgv5E1hvcWAQUhC5wUEJ73IfZzF4/5YFjQIDAQABo2MwYTAf +BgNVHSMEGDAWgBTj/i39KNALtbq2osS/BqoFjJP7LzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB +/wQEAwIBBjAdBgNVHQ4EFgQU4/4t/SjQC7W6tqLEvwaqBYyT+y8wDQYJKoZIhvcNAQELBQADggIB +ACXGumvrh8vegjmWPfBEp2uEcwPenStPuiB/vHiyz5ewG5zz13ku9Ui20vsXiObTej/tUxPQ4i9q +ecsAIyjmHjdXNYmEwnZPNDatZ8POQQaIxffu2Bq41gt/UP+TqhdLjOztUmCypAbqTuv0axn96/Ua +4CUqmtzHQTb3yHQFhDmVOdYLO6Qn+gjYXB74BGBSESgoA//vU2YApUo0FmZ8/Qmkrp5nGm9BC2sG +E5uPhnEFtC+NiWYzKXZUmhH4J/qyP5Hgzg0b8zAarb8iXRvTvyUFTeGSGn+ZnzxEk8rUQElsgIfX +BDrDMlI1Dlb4pd19xIsNER9Tyx6yF7Zod1rg1MvIB671Oi6ON7fQAUtDKXeMOZePglr4UeWJoBjn +aH9dCi77o0cOPaYjesYBx4/IXr9tgFa+iiS6M+qf4TIRnvHST4D2G0CvOJ4RUHlzEhLN5mydLIhy +PDCBBpEi6lmt2hkuIsKNuYyH4Ga8cyNfIWRjgEj1oDwYPZTISEEdQLpe/v5WOaHIz16eGWRGENoX +kbcFgKyLmZJ956LYBws2J+dIeWCKw9cTXPhyQN9Ky8+ZAAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3C +ekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su +-----END CERTIFICATE----- + +TÃœRKTRUST Elektronik Sertifika Hizmet SaÄŸlayıcısı H5 +========================================================= +-----BEGIN CERTIFICATE----- +MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UEBhMCVFIxDzAN +BgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxnaSDEsGxldGnFn2ltIHZlIEJp +bGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7Fni4xQjBABgNVBAMMOVTDnFJLVFJVU1Qg +RWxla3Ryb25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSBINTAeFw0xMzA0MzAw +ODA3MDFaFw0yMzA0MjgwODA3MDFaMIGxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMU0w +SwYDVQQKDERUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnE +n2kgSGl6bWV0bGVyaSBBLsWeLjFCMEAGA1UEAww5VMOcUktUUlVTVCBFbGVrdHJvbmlrIFNlcnRp +ZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIEg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEApCUZ4WWe60ghUEoI5RHwWrom/4NZzkQqL/7hzmAD/I0Dpe3/a6i6zDQGn1k19uwsu537 +jVJp45wnEFPzpALFp/kRGml1bsMdi9GYjZOHp3GXDSHHmflS0yxjXVW86B8BSLlg/kJK9siArs1m +ep5Fimh34khon6La8eHBEJ/rPCmBp+EyCNSgBbGM+42WAA4+Jd9ThiI7/PS98wl+d+yG6w8z5UNP +9FR1bSmZLmZaQ9/LXMrI5Tjxfjs1nQ/0xVqhzPMggCTTV+wVunUlm+hkS7M0hO8EuPbJbKoCPrZV +4jI3X/xml1/N1p7HIL9Nxqw/dV8c7TKcfGkAaZHjIxhT6QIDAQABo0IwQDAdBgNVHQ4EFgQUVpkH +HtOsDGlktAxQR95DLL4gwPswDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAJ5FdnsXSDLyOIspve6WSk6BGLFRRyDN0GSxDsnZAdkJzsiZ3GglE9Rc8qPo +BP5yCccLqh0lVX6Wmle3usURehnmp349hQ71+S4pL+f5bFgWV1Al9j4uPqrtd3GqqpmWRgqujuwq +URawXs3qZwQcWDD1YIq9pr1N5Za0/EKJAWv2cMhQOQwt1WbZyNKzMrcbGW3LM/nfpeYVhDfwwvJl +lpKQd/Ct9JDpEXjXk4nAPQu6KfTomZ1yju2dL+6SfaHx/126M2CFYv4HAqGEVka+lgqaE9chTLd8 +B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW+qtB4Uu2NQvAmxU= +-----END CERTIFICATE----- + +TÃœRKTRUST Elektronik Sertifika Hizmet SaÄŸlayıcısı H6 +========================================================= +-----BEGIN CERTIFICATE----- +MIIEJjCCAw6gAwIBAgIGfaHyZeyKMA0GCSqGSIb3DQEBCwUAMIGxMQswCQYDVQQGEwJUUjEPMA0G +A1UEBwwGQW5rYXJhMU0wSwYDVQQKDERUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmls +acWfaW0gR8O8dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLjFCMEAGA1UEAww5VMOcUktUUlVTVCBF +bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIEg2MB4XDTEzMTIxODA5 +MDQxMFoXDTIzMTIxNjA5MDQxMFowgbExCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmExTTBL +BgNVBAoMRFTDnFJLVFJVU1QgQmlsZ2kgxLBsZXRpxZ9pbSB2ZSBCaWxpxZ9pbSBHw7x2ZW5sacSf +aSBIaXptZXRsZXJpIEEuxZ4uMUIwQAYDVQQDDDlUw5xSS1RSVVNUIEVsZWt0cm9uaWsgU2VydGlm +aWthIEhpem1ldCBTYcSfbGF5xLFjxLFzxLEgSDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQCdsGjW6L0UlqMACprx9MfMkU1xeHe59yEmFXNRFpQJRwXiM/VomjX/3EsvMsew7eKC5W/a +2uqsxgbPJQ1BgfbBOCK9+bGlprMBvD9QFyv26WZV1DOzXPhDIHiTVRZwGTLmiddk671IUP320EED +wnS3/faAz1vFq6TWlRKb55cTMgPp1KtDWxbtMyJkKbbSk60vbNg9tvYdDjTu0n2pVQ8g9P0pu5Fb +HH3GQjhtQiht1AH7zYiXSX6484P4tZgvsycLSF5W506jM7NE1qXyGJTtHB6plVxiSvgNZ1GpryHV ++DKdeboaX+UEVU0TRv/yz3THGmNtwx8XEsMeED5gCLMxAgMBAAGjQjBAMB0GA1UdDgQWBBTdVRcT +9qzoSCHK77Wv0QAy7Z6MtTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG +9w0BAQsFAAOCAQEAb1gNl0OqFlQ+v6nfkkU/hQu7VtMMUszIv3ZnXuaqs6fvuay0EBQNdH49ba3R +fdCaqaXKGDsCQC4qnFAUi/5XfldcEQlLNkVS9z2sFP1E34uXI9TDwe7UU5X+LEr+DXCqu4svLcsy +o4LyVN/Y8t3XSHLuSqMplsNEzm61kod2pLv0kmzOLBQJZo6NrRa1xxsJYTvjIKIDgI6tflEATseW +hvtDmHd9KMeP2Cpu54Rvl0EpABZeTeIT6lnAY2c6RPuY/ATTMHKm9ocJV612ph1jmv3XZch4gyt1 +O6VbuA1df74jrlZVlFjvH4GMKrLN5ptjnhi85WsGtAuYSyher4hYyw== +-----END CERTIFICATE----- + +Certinomis - Root CA +==================== +-----BEGIN CERTIFICATE----- +MIIFkjCCA3qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjETMBEGA1UEChMK +Q2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxHTAbBgNVBAMTFENlcnRpbm9taXMg +LSBSb290IENBMB4XDTEzMTAyMTA5MTcxOFoXDTMzMTAyMTA5MTcxOFowWjELMAkGA1UEBhMCRlIx +EzARBgNVBAoTCkNlcnRpbm9taXMxFzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMR0wGwYDVQQDExRD +ZXJ0aW5vbWlzIC0gUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANTMCQos +P5L2fxSeC5yaah1AMGT9qt8OHgZbn1CF6s2Nq0Nn3rD6foCWnoR4kkjW4znuzuRZWJflLieY6pOo +d5tK8O90gC3rMB+12ceAnGInkYjwSond3IjmFPnVAy//ldu9n+ws+hQVWZUKxkd8aRi5pwP5ynap +z8dvtF4F/u7BUrJ1Mofs7SlmO/NKFoL21prbcpjp3vDFTKWrteoB4owuZH9kb/2jJZOLyKIOSY00 +8B/sWEUuNKqEUL3nskoTuLAPrjhdsKkb5nPJWqHZZkCqqU2mNAKthH6yI8H7KsZn9DS2sJVqM09x +RLWtwHkziOC/7aOgFLScCbAK42C++PhmiM1b8XcF4LVzbsF9Ri6OSyemzTUK/eVNfaoqoynHWmgE +6OXWk6RiwsXm9E/G+Z8ajYJJGYrKWUM66A0ywfRMEwNvbqY/kXPLynNvEiCL7sCCeN5LLsJJwx3t +FvYk9CcbXFcx3FXuqB5vbKziRcxXV4p1VxngtViZSTYxPDMBbRZKzbgqg4SGm/lg0h9tkQPTYKbV +PZrdd5A9NaSfD171UkRpucC63M9933zZxKyGIjK8e2uR73r4F2iw4lNVYC2vPsKD2NkJK/DAZNuH +i5HMkesE/Xa0lZrmFAYb1TQdvtj/dBxThZngWVJKYe2InmtJiUZ+IFrZ50rlau7SZRFDAgMBAAGj +YzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTvkUz1pcMw6C8I +6tNxIqSSaHh02TAfBgNVHSMEGDAWgBTvkUz1pcMw6C8I6tNxIqSSaHh02TANBgkqhkiG9w0BAQsF +AAOCAgEAfj1U2iJdGlg+O1QnurrMyOMaauo++RLrVl89UM7g6kgmJs95Vn6RHJk/0KGRHCwPT5iV +WVO90CLYiF2cN/z7ZMF4jIuaYAnq1fohX9B0ZedQxb8uuQsLrbWwF6YSjNRieOpWauwK0kDDPAUw +Pk2Ut59KA9N9J0u2/kTO+hkzGm2kQtHdzMjI1xZSg081lLMSVX3l4kLr5JyTCcBMWwerx20RoFAX +lCOotQqSD7J6wWAsOMwaplv/8gzjqh8c3LigkyfeY+N/IZ865Z764BNqdeuWXGKRlI5nU7aJ+BIJ +y29SWwNyhlCVCNSNh4YVH5Uk2KRvms6knZtt0rJ2BobGVgjF6wnaNsIbW0G+YSrjcOa4pvi2WsS9 +Iff/ql+hbHY5ZtbqTFXhADObE5hjyW/QASAJN1LnDE8+zbz1X5YnpyACleAu6AdBBR8Vbtaw5Bng +DwKTACdyxYvRVB9dSsNAl35VpnzBMwQUAR1JIGkLGZOdblgi90AMRgwjY/M50n92Uaf0yKHxDHYi +I0ZSKS3io0EHVmmY0gUJvGnHWmHNj4FgFU2A3ZDifcRQ8ow7bkrHxuaAKzyBvBGAFhAn1/DNP3nM +cyrDflOR1m749fPH0FFNjkulW+YZFzvWgQncItzujrnEj1PhZ7szuIgVRs/taTX/dQ1G885x4cVr +hkIGuUE= +-----END CERTIFICATE----- + +OISTE WISeKey Global Root GB CA +=============================== +-----BEGIN CERTIFICATE----- +MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBtMQswCQYDVQQG +EwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNl +ZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwgUm9vdCBHQiBDQTAeFw0xNDEyMDExNTAw +MzJaFw0zOTEyMDExNTEwMzFaMG0xCzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYD +VQQLExlPSVNURSBGb3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEds +b2JhbCBSb290IEdCIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Be3HEokKtaX +scriHvt9OO+Y9bI5mE4nuBFde9IllIiCFSZqGzG7qFshISvYD06fWvGxWuR51jIjK+FTzJlFXHtP +rby/h0oLS5daqPZI7H17Dc0hBt+eFf1Biki3IPShehtX1F1Q/7pn2COZH8g/497/b1t3sWtuuMlk +9+HKQUYOKXHQuSP8yYFfTvdv37+ErXNku7dCjmn21HYdfp2nuFeKUWdy19SouJVUQHMD9ur06/4o +Qnc/nSMbsrY9gBQHTC5P99UKFg29ZkM3fiNDecNAhvVMKdqOmq0NpQSHiB6F4+lT1ZvIiwNjeOvg +GUpuuy9rM2RYk61pv48b74JIxwIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB +/zAdBgNVHQ4EFgQUNQ/INmNe4qPs+TtmFc5RUuORmj0wEAYJKwYBBAGCNxUBBAMCAQAwDQYJKoZI +hvcNAQELBQADggEBAEBM+4eymYGQfp3FsLAmzYh7KzKNbrghcViXfa43FK8+5/ea4n32cZiZBKpD +dHij40lhPnOMTZTg+XHEthYOU3gf1qKHLwI5gSk8rxWYITD+KJAAjNHhy/peyP34EEY7onhCkRd0 +VQreUGdNZtGn//3ZwLWoo4rOZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEui +HZeeevJuQHHfaPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic +Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM= +-----END CERTIFICATE----- + +Certification Authority of WoSign G2 +==================================== +-----BEGIN CERTIFICATE----- +MIIDfDCCAmSgAwIBAgIQayXaioidfLwPBbOxemFFRDANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQG +EwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxLTArBgNVBAMTJENlcnRpZmljYXRpb24g +QXV0aG9yaXR5IG9mIFdvU2lnbiBHMjAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4NThaMFgx +CzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEtMCsGA1UEAxMkQ2VydGlm +aWNhdGlvbiBBdXRob3JpdHkgb2YgV29TaWduIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEAvsXEoCKASU+/2YcRxlPhuw+9YH+v9oIOH9ywjj2X4FA8jzrvZjtFB5sg+OPXJYY1kBai +XW8wGQiHC38Gsp1ij96vkqVg1CuAmlI/9ZqD6TRay9nVYlzmDuDfBpgOgHzKtB0TiGsOqCR3A9Du +W/PKaZE1OVbFbeP3PU9ekzgkyhjpJMuSA93MHD0JcOQg5PGurLtzaaNjOg9FD6FKmsLRY6zLEPg9 +5k4ot+vElbGs/V6r+kHLXZ1L3PR8du9nfwB6jdKgGlxNIuG12t12s9R23164i5jIFFTMaxeSt+BK +v0mUYQs4kI9dJGwlezt52eJ+na2fmKEG/HgUYFf47oB3sQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMC +AQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU+mCp62XF3RYUCE4MD42b4Pdkr2cwDQYJKoZI +hvcNAQELBQADggEBAFfDejaCnI2Y4qtAqkePx6db7XznPWZaOzG73/MWM5H8fHulwqZm46qwtyeY +P0nXYGdnPzZPSsvxFPpahygc7Y9BMsaV+X3avXtbwrAh449G3CE4Q3RM+zD4F3LBMvzIkRfEzFg3 +TgvMWvchNSiDbGAtROtSjFA9tWwS1/oJu2yySrHFieT801LYYRf+epSEj3m2M1m6D8QL4nCgS3gu ++sif/a+RZQp4OBXllxcU3fngLDT4ONCEIgDAFFEYKwLcMFrw6AF8NTojrwjkr6qOKEJJLvD1mTS+ +7Q9LGOHSJDy7XUe3IfKN0QqZjuNuPq1w4I+5ysxugTH2e5x6eeRncRg= +-----END CERTIFICATE----- + +CA WoSign ECC Root +================== +-----BEGIN CERTIFICATE----- +MIICCTCCAY+gAwIBAgIQaEpYcIBr8I8C+vbe6LCQkDAKBggqhkjOPQQDAzBGMQswCQYDVQQGEwJD +TjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMTEkNBIFdvU2lnbiBFQ0MgUm9v +dDAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4NThaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQK +ExFXb1NpZ24gQ0EgTGltaXRlZDEbMBkGA1UEAxMSQ0EgV29TaWduIEVDQyBSb290MHYwEAYHKoZI +zj0CAQYFK4EEACIDYgAE4f2OuEMkq5Z7hcK6C62N4DrjJLnSsb6IOsq/Srj57ywvr1FQPEd1bPiU +t5v8KB7FVMxjnRZLU8HnIKvNrCXSf4/CwVqCXjCLelTOA7WRf6qU0NGKSMyCBSah1VES1ns2o0Iw +QDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUqv3VWqP2h4syhf3R +MluARZPzA7gwCgYIKoZIzj0EAwMDaAAwZQIxAOSkhLCB1T2wdKyUpOgOPQB0TKGXa/kNUTyh2Tv0 +Daupn75OcsqF1NnstTJFGG+rrQIwfcf3aWMvoeGY7xMQ0Xk/0f7qO3/eVvSQsRUR2LIiFdAvwyYu +a/GRspBl9JrmkO5K +-----END CERTIFICATE----- + +SZAFIR ROOT CA2 +=============== +-----BEGIN CERTIFICATE----- +MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQELBQAwUTELMAkG +A1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6ZW5pb3dhIFMuQS4xGDAWBgNV +BAMMD1NaQUZJUiBST09UIENBMjAeFw0xNTEwMTkwNzQzMzBaFw0zNTEwMTkwNzQzMzBaMFExCzAJ +BgNVBAYTAlBMMSgwJgYDVQQKDB9LcmFqb3dhIEl6YmEgUm96bGljemVuaW93YSBTLkEuMRgwFgYD +VQQDDA9TWkFGSVIgUk9PVCBDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3vD5Q +qEvNQLXOYeeWyrSh2gwisPq1e3YAd4wLz32ohswmUeQgPYUM1ljj5/QqGJ3a0a4m7utT3PSQ1hNK +DJA8w/Ta0o4NkjrcsbH/ON7Dui1fgLkCvUqdGw+0w8LBZwPd3BucPbOw3gAeqDRHu5rr/gsUvTaE +2g0gv/pby6kWIK05YO4vdbbnl5z5Pv1+TW9NL++IDWr63fE9biCloBK0TXC5ztdyO4mTp4CEHCdJ +ckm1/zuVnsHMyAHs6A6KCpbns6aH5db5BSsNl0BwPLqsdVqc1U2dAgrSS5tmS0YHF2Wtn2yIANwi +ieDhZNRnvDF5YTy7ykHNXGoAyDw4jlivAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P +AQH/BAQDAgEGMB0GA1UdDgQWBBQuFqlKGLXLzPVvUPMjX/hd56zwyDANBgkqhkiG9w0BAQsFAAOC +AQEAtXP4A9xZWx126aMqe5Aosk3AM0+qmrHUuOQn/6mWmc5G4G18TKI4pAZw8PRBEew/R40/cof5 +O/2kbytTAOD/OblqBw7rHRz2onKQy4I9EYKL0rufKq8h5mOGnXkZ7/e7DDWQw4rtTw/1zBLZpD67 +oPwglV9PJi8RI4NOdQcPv5vRtB3pEAT+ymCPoky4rc/hkA/NrgrHXXu3UNLUYfrVFdvXn4dRVOul +4+vJhaAlIDf7js4MNIThPIGyd05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6 ++/NNIxuZMzSgLvWpCz/UXeHPhJ/iGcJfitYgHuNztw== +-----END CERTIFICATE----- + +Certum Trusted Network CA 2 +=========================== +-----BEGIN CERTIFICATE----- +MIIF0jCCA7qgAwIBAgIQIdbQSk8lD8kyN/yqXhKN6TANBgkqhkiG9w0BAQ0FADCBgDELMAkGA1UE +BhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMuQS4xJzAlBgNVBAsTHkNlcnR1 +bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEkMCIGA1UEAxMbQ2VydHVtIFRydXN0ZWQgTmV0d29y +ayBDQSAyMCIYDzIwMTExMDA2MDgzOTU2WhgPMjA0NjEwMDYwODM5NTZaMIGAMQswCQYDVQQGEwJQ +TDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENl +cnRpZmljYXRpb24gQXV0aG9yaXR5MSQwIgYDVQQDExtDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENB +IDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC9+Xj45tWADGSdhhuWZGc/IjoedQF9 +7/tcZ4zJzFxrqZHmuULlIEub2pt7uZld2ZuAS9eEQCsn0+i6MLs+CRqnSZXvK0AkwpfHp+6bJe+o +CgCXhVqqndwpyeI1B+twTUrWwbNWuKFBOJvR+zF/j+Bf4bE/D44WSWDXBo0Y+aomEKsq09DRZ40b +Rr5HMNUuctHFY9rnY3lEfktjJImGLjQ/KUxSiyqnwOKRKIm5wFv5HdnnJ63/mgKXwcZQkpsCLL2p +uTRZCr+ESv/f/rOf69me4Jgj7KZrdxYq28ytOxykh9xGc14ZYmhFV+SQgkK7QtbwYeDBoz1mo130 +GO6IyY0XRSmZMnUCMe4pJshrAua1YkV/NxVaI2iJ1D7eTiew8EAMvE0Xy02isx7QBlrd9pPPV3WZ +9fqGGmd4s7+W/jTcvedSVuWz5XV710GRBdxdaeOVDUO5/IOWOZV7bIBaTxNyxtd9KXpEulKkKtVB +Rgkg/iKgtlswjbyJDNXXcPiHUv3a76xRLgezTv7QCdpw75j6VuZt27VXS9zlLCUVyJ4ueE742pye +hizKV/Ma5ciSixqClnrDvFASadgOWkaLOusm+iPJtrCBvkIApPjW/jAux9JG9uWOdf3yzLnQh1vM +BhBgu4M1t15n3kfsmUjxpKEV/q2MYo45VU85FrmxY53/twIDAQABo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBS2oVQ5AsOgP46KvPrU+Bym0ToO/TAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZI +hvcNAQENBQADggIBAHGlDs7k6b8/ONWJWsQCYftMxRQXLYtPU2sQF/xlhMcQSZDe28cmk4gmb3DW +Al45oPePq5a1pRNcgRRtDoGCERuKTsZPpd1iHkTfCVn0W3cLN+mLIMb4Ck4uWBzrM9DPhmDJ2vuA +L55MYIR4PSFk1vtBHxgP58l1cb29XN40hz5BsA72udY/CROWFC/emh1auVbONTqwX3BNXuMp8SMo +clm2q8KMZiYcdywmdjWLKKdpoPk79SPdhRB0yZADVpHnr7pH1BKXESLjokmUbOe3lEu6LaTaM4tM +pkT/WjzGHWTYtTHkpjx6qFcL2+1hGsvxznN3Y6SHb0xRONbkX8eftoEq5IVIeVheO/jbAoJnwTnb +w3RLPTYe+SmTiGhbqEQZIfCn6IENLOiTNrQ3ssqwGyZ6miUfmpqAnksqP/ujmv5zMnHCnsZy4Ypo +J/HkD7TETKVhk/iXEAcqMCWpuchxuO9ozC1+9eB+D4Kob7a6bINDd82Kkhehnlt4Fj1F4jNy3eFm +ypnTycUm/Q1oBEauttmbjL4ZvrHG8hnjXALKLNhvSgfZyTXaQHXyxKcZb55CEJh15pWLYLztxRLX +is7VmFxWlgPF7ncGNf/P5O4/E2Hu29othfDNrp2yGAlFw5Khchf8R7agCyzxxN5DaAhqXzvwdmP7 +zAYspsbiDrW5viSP +-----END CERTIFICATE----- diff --git a/source/n/curl/curl.SlackBuild b/source/n/curl/curl.SlackBuild index 16535a4e..ef271cfd 100755 --- a/source/n/curl/curl.SlackBuild +++ b/source/n/curl/curl.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2013, 2014, 2016 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -28,7 +28,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -44,8 +44,8 @@ PKG=$TMP/package-curl # Uncomment to build a no-SSL version: #SSLOPT=--without-ssl -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -78,6 +78,7 @@ CFLAGS="$SLKCFLAGS" \ --libdir=/usr/lib${LIBDIRSUFFIX} \ --mandir=/usr/man \ --with-ca-bundle=/usr/share/curl/ca-bundle.crt \ + --enable-static=no \ $SSLOPT make $NUMJOBS || make || exit 1 @@ -109,6 +110,8 @@ cp -a \ cp -a \ BUGS CONTRIBUTE FAQ FEATURES INSTALL INTERNALS MANUAL README* RESOURCES THANKS TODO examples \ $PKG/usr/doc/curl-$VERSION ) +# Get rid of .deps cruft: +rm -rf $PKG/usr/doc/curl-$VERSION/examples/.deps # If there's a CHANGES file, installing at least part of the recent history # is useful, but don't let it get totally out of control: diff --git a/source/n/cyrus-sasl/cyrus-sasl-2.1.23-glibc217-crypt.diff b/source/n/cyrus-sasl/cyrus-sasl-2.1.23-glibc217-crypt.diff deleted file mode 100644 index 2cbb4860..00000000 --- a/source/n/cyrus-sasl/cyrus-sasl-2.1.23-glibc217-crypt.diff +++ /dev/null @@ -1,105 +0,0 @@ -From 0626e86d2e1d0be63a56918371a15d98cfad19d1 Mon Sep 17 00:00:00 2001 -From: mancha <mancha1@hush.com> -Date: Tue, 9 Jul 2013 -Subject: Handle NULL returns from glibc 2.17+ crypt(). - -Starting with glibc 2.17 (eglibc 2.17), crypt() fails with EINVAL -(w/ NULL return) if the salt violates specifications. Additionally, -on FIPS-140 enabled Linux systems, DES/MD5-encrypted passwords -passed to crypt() fail with EPERM (w/ NULL return). - -When using glibc's crypt(), check return value to avoid a possible -NULL pointer dereference. ---- - pwcheck/pwcheck_getpwnam.c | 3 ++- - pwcheck/pwcheck_getspnam.c | 3 ++- - saslauthd/auth_getpwent.c | 3 ++- - saslauthd/auth_shadow.c | 7 ++----- - 4 files changed, 8 insertions(+), 8 deletions(-) - ---- a/pwcheck/pwcheck_getpwnam.c -+++ b/pwcheck/pwcheck_getpwnam.c -@@ -32,6 +32,7 @@ extern char *crypt(); - char *password; - { - char* r; -+ char* crpt_passwd; - struct passwd *pwd; - - pwd = getpwnam(userid); -@@ -41,7 +42,7 @@ char *password; - else if (pwd->pw_passwd[0] == '*') { - r = "Account disabled"; - } -- else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) { -+ else if (!(crpt_passwd = crypt(password, pwd->pw_passwd)) || strcmp(pwd->pw_passwd, (const char *)crpt_passwd) != 0) { - r = "Incorrect password"; - } - else { ---- a/pwcheck/pwcheck_getspnam.c -+++ b/pwcheck/pwcheck_getspnam.c -@@ -30,6 +30,7 @@ extern char *crypt(); - char *pwcheck(userid, password) - char *userid; - char *password; -+char *crpt_passwd; - { - struct spwd *pwd; - -@@ -38,7 +39,7 @@ char *password; - return "Userid not found"; - } - -- if (strcmp(pwd->sp_pwdp, crypt(password, pwd->sp_pwdp)) != 0) { -+ if (!(crpt_passwd = crypt(password, pwd->sp_pwdp)) || strcmp(pwd->sp_pwdp, (const char *)crpt_passwd) != 0) { - return "Incorrect password"; - } - else { ---- a/saslauthd/auth_getpwent.c -+++ b/saslauthd/auth_getpwent.c -@@ -70,6 +70,7 @@ auth_getpwent ( - { - /* VARIABLES */ - struct passwd *pw; /* pointer to passwd file entry */ -+ char *crpt_passwd; /* encrypted password */ - /* END VARIABLES */ - - pw = getpwnam(login); -@@ -79,7 +80,7 @@ auth_getpwent ( - RETURN("NO"); - } - -- if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) { -+ if (!(crpt_passwd = crypt(password, pw->pw_passwd)) || strcmp(pw->pw_passwd, (const char *)crpt_passwd)) { - RETURN("NO"); - } - ---- a/saslauthd/auth_shadow.c -+++ b/saslauthd/auth_shadow.c -@@ -180,16 +180,13 @@ auth_shadow ( - * not returning any information about a login until we have validated - * the password. - */ -- cpw = strdup((const char *)crypt(password, sp->sp_pwdp)); -- if (strcmp(sp->sp_pwdp, cpw)) { -+ if (!(cpw = crypt(password, sp->sp_pwdp)) || strcmp(sp->sp_pwdp, (const char *)cpw)) { - if (flags & VERBOSE) { - syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'", - sp->sp_pwdp, cpw); - } -- free(cpw); - RETURN("NO"); - } -- free(cpw); - - /* - * The following fields will be set to -1 if: -@@ -251,7 +250,7 @@ auth_shadow ( - RETURN("NO"); - } - -- if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) { -+ if (!(cpw = crypt(password, upw->upw_passwd)) || (strcmp(upw->upw_passwd, (const char *)cpw) != 0)) { - if (flags & VERBOSE) { - syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s", - password, upw->upw_passwd); diff --git a/source/n/cyrus-sasl/cyrus-sasl-2.1.26-null-crypt.patch b/source/n/cyrus-sasl/cyrus-sasl-2.1.26-null-crypt.patch new file mode 100644 index 00000000..ce9b5e25 --- /dev/null +++ b/source/n/cyrus-sasl/cyrus-sasl-2.1.26-null-crypt.patch @@ -0,0 +1,86 @@ +diff -up cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c.null-crypt cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c +--- cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c.null-crypt 2012-01-28 00:31:36.000000000 +0100 ++++ cyrus-sasl-2.1.26/pwcheck/pwcheck_getpwnam.c 2012-12-20 17:00:14.614580310 +0100 +@@ -31,7 +31,7 @@ char *pwcheck(userid, password) + char *userid; + char *password; + { +- char* r; ++ char* r, *cryptbuf; + struct passwd *pwd; + + pwd = getpwnam(userid); +@@ -41,11 +41,13 @@ char *password; + else if (pwd->pw_passwd[0] == '*') { + r = "Account disabled"; + } +- else if (strcmp(pwd->pw_passwd, crypt(password, pwd->pw_passwd)) != 0) { +- r = "Incorrect password"; +- } + else { +- r = "OK"; ++ cryptbuf = crypt(password, pwd->pw_passwd); ++ if((cryptbuf == NULL) || (strcmp(pwd->pw_passwd, cryptbuf) != 0)) { ++ r = "Incorrect password"; ++ } else { ++ r = "OK"; ++ } + } + + endpwent(); +diff -up cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c.null-crypt cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c +--- cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c.null-crypt 2012-10-12 16:05:48.000000000 +0200 ++++ cyrus-sasl-2.1.26/saslauthd/auth_getpwent.c 2012-12-20 17:03:17.940793653 +0100 +@@ -78,6 +78,7 @@ auth_getpwent ( + /* VARIABLES */ + struct passwd *pw; /* pointer to passwd file entry */ + int errnum; ++ char *cryptbuf; + /* END VARIABLES */ + + errno = 0; +@@ -105,7 +106,8 @@ auth_getpwent ( + } + } + +- if (strcmp(pw->pw_passwd, (const char *)crypt(password, pw->pw_passwd))) { ++ cryptbuf = crypt(password, pw->pw_passwd); ++ if ((cryptbuf == NULL) || strcmp(pw->pw_passwd, cryptbuf)) { + if (flags & VERBOSE) { + syslog(LOG_DEBUG, "DEBUG: auth_getpwent: %s: invalid password", login); + } +diff -up cyrus-sasl-2.1.26/saslauthd/auth_shadow.c.null-crypt cyrus-sasl-2.1.26/saslauthd/auth_shadow.c +--- cyrus-sasl-2.1.26/saslauthd/auth_shadow.c.null-crypt 2012-12-20 17:00:14.000000000 +0100 ++++ cyrus-sasl-2.1.26/saslauthd/auth_shadow.c 2012-12-20 17:16:44.190360006 +0100 +@@ -214,8 +214,8 @@ auth_shadow ( + RETURN("NO Insufficient permission to access NIS authentication database (saslauthd)"); + } + +- cpw = strdup((const char *)crypt(password, sp->sp_pwdp)); +- if (strcmp(sp->sp_pwdp, cpw)) { ++ cpw = crypt(password, sp->sp_pwdp); ++ if ((cpw == NULL) || strcmp(sp->sp_pwdp, cpw)) { + if (flags & VERBOSE) { + /* + * This _should_ reveal the SHADOW_PW_LOCKED prefix to an +@@ -225,10 +225,8 @@ auth_shadow ( + syslog(LOG_DEBUG, "DEBUG: auth_shadow: pw mismatch: '%s' != '%s'", + sp->sp_pwdp, cpw); + } +- free(cpw); + RETURN("NO Incorrect password"); + } +- free(cpw); + + /* + * The following fields will be set to -1 if: +@@ -290,7 +288,8 @@ auth_shadow ( + RETURN("NO Invalid username"); + } + +- if (strcmp(upw->upw_passwd, crypt(password, upw->upw_passwd)) != 0) { ++ cpw = crypt(password, upw->upw_passwd); ++ if ((cpw == NULL) || strcmp(upw->upw_passwd, cpw) != 0) { + if (flags & VERBOSE) { + syslog(LOG_DEBUG, "auth_shadow: pw mismatch: %s != %s", + password, upw->upw_passwd); diff --git a/source/n/cyrus-sasl/cyrus-sasl-2.1.26-size_t.patch b/source/n/cyrus-sasl/cyrus-sasl-2.1.26-size_t.patch new file mode 100644 index 00000000..cde82383 --- /dev/null +++ b/source/n/cyrus-sasl/cyrus-sasl-2.1.26-size_t.patch @@ -0,0 +1,12 @@ +diff -up cyrus-sasl-2.1.26/include/sasl.h.size_t cyrus-sasl-2.1.26/include/sasl.h +--- cyrus-sasl-2.1.26/include/sasl.h.size_t 2012-10-12 09:05:48.000000000 -0500 ++++ cyrus-sasl-2.1.26/include/sasl.h 2013-01-31 13:21:04.007739327 -0600 +@@ -223,6 +223,8 @@ extern "C" { + * they must be called before all other SASL functions: + */ + ++#include <sys/types.h> ++ + /* memory allocation functions which may optionally be replaced: + */ + typedef void *sasl_malloc_t(size_t); diff --git a/source/n/cyrus-sasl/cyrus-sasl.SlackBuild b/source/n/cyrus-sasl/cyrus-sasl.SlackBuild index c47821d5..0cbad20a 100755 --- a/source/n/cyrus-sasl/cyrus-sasl.SlackBuild +++ b/source/n/cyrus-sasl/cyrus-sasl.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2008, 2009, 2010, 2013, 2015 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,12 +22,12 @@ PKGNAM=cyrus-sasl VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-5} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -38,8 +38,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-cyrus-sasl -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -59,11 +59,9 @@ rm -rf cyrus-sasl-$VERSION tar xvf $CWD/cyrus-sasl-$VERSION.tar.?z* || exit 1 cd cyrus-sasl-$VERSION || exit 1 -# Fix compiling: -zcat $CWD/cyrus-sasl.bad_elif.diff.gz | patch -p1 --verbose || exit 1 - # Fix for glibc-2.17 crypt() NULL return: -zcat $CWD/cyrus-sasl-2.1.23-glibc217-crypt.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/cyrus-sasl-2.1.26-null-crypt.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/cyrus-sasl-2.1.26-size_t.patch.gz | patch -p1 --verbose || exit 1 chown -R root:root . find . -perm 777 -exec chmod 755 {} \; diff --git a/source/n/cyrus-sasl/cyrus-sasl.bad_elif.diff b/source/n/cyrus-sasl/cyrus-sasl.bad_elif.diff deleted file mode 100644 index a7196b3b..00000000 --- a/source/n/cyrus-sasl/cyrus-sasl.bad_elif.diff +++ /dev/null @@ -1,22 +0,0 @@ -Index: cyrus-sasl-2.1.23/plugins/digestmd5.c -=================================================================== ---- cyrus-sasl-2.1.23.orig/plugins/digestmd5.c -+++ cyrus-sasl-2.1.23/plugins/digestmd5.c -@@ -2715,7 +2715,7 @@ static sasl_server_plug_t digestmd5_serv - "DIGEST-MD5", /* mech_name */ - #ifdef WITH_RC4 - 128, /* max_ssf */ --#elif WITH_DES -+#elif defined(WITH_DES) - 112, - #else - 1, -@@ -4034,7 +4034,7 @@ static sasl_client_plug_t digestmd5_clie - "DIGEST-MD5", - #ifdef WITH_RC4 /* mech_name */ - 128, /* max ssf */ --#elif WITH_DES -+#elif defined(WITH_DES) - 112, - #else - 1, diff --git a/source/n/dhcp/dhcp.SlackBuild b/source/n/dhcp/dhcp.SlackBuild index 894a323a..ba3b6392 100755 --- a/source/n/dhcp/dhcp.SlackBuild +++ b/source/n/dhcp/dhcp.SlackBuild @@ -34,7 +34,7 @@ NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -45,8 +45,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-dhcp -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" diff --git a/source/n/dhcpcd/dhcpcd.SlackBuild b/source/n/dhcpcd/dhcpcd.SlackBuild index f9196658..f8b937d3 100755 --- a/source/n/dhcpcd/dhcpcd.SlackBuild +++ b/source/n/dhcpcd/dhcpcd.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2013, 2014 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -29,7 +29,7 @@ NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -40,8 +40,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-dhcpcd -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -67,7 +67,6 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -patch -p1 < $CWD/patches/Actually-validate-the-search-list.patch || exit 1 patch -p1 < $CWD/patches/dhcpcd.conf-Don-t-invoke-wpa_supplicant-by-default.patch || exit 1 # At this point, it should be safe to assume that /var will be mounted by the @@ -85,6 +84,7 @@ CFLAGS="$SLKCFLAGS" \ --dbdir=/var/lib/dhcpcd \ --libexecdir=/lib/dhcpcd \ --mandir=/usr/man \ + --rundir=/run/dhcpcd \ --build=$ARCH-slackware-linux make $NUMJOBS || make || exit 1 diff --git a/source/n/dhcpcd/patches/Actually-validate-the-search-list.patch b/source/n/dhcpcd/patches/Actually-validate-the-search-list.patch deleted file mode 100644 index 3d84a6d6..00000000 --- a/source/n/dhcpcd/patches/Actually-validate-the-search-list.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 118b94bdffca7e33a5e0d6b596eb7e51e7109e68 Mon Sep 17 00:00:00 2001 -From: Roy Marples <roy@marples.name> -Date: Tue, 6 Aug 2013 12:34:08 +0100 -Subject: [PATCH 1/2] Actually validate the search list. Fixes #280 - ---- - dhcpcd-hooks/20-resolv.conf | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/dhcpcd-hooks/20-resolv.conf b/dhcpcd-hooks/20-resolv.conf -index d0dce41..05316c9 100644 ---- a/dhcpcd-hooks/20-resolv.conf -+++ b/dhcpcd-hooks/20-resolv.conf -@@ -115,7 +115,7 @@ add_resolv_conf() - if [ -n "$new_domain_search" -a \ - "$new_domain_search" != "$new_domain_name" ] - then -- if valid_domainname_list; then -+ if valid_domainname_list $new_domain_search; then - conf="${conf}search $new_domain_search$NL" - else - syslog err "Invalid domain name in list: $new_domain_search" --- -1.8.3.2 - diff --git a/source/n/dirmngr/dirmngr-pth-fix.patch b/source/n/dirmngr/dirmngr-pth-fix.patch new file mode 100644 index 00000000..862458ed --- /dev/null +++ b/source/n/dirmngr/dirmngr-pth-fix.patch @@ -0,0 +1,17 @@ +Index: src/dirmngr.c +=================================================================== +--- src/dirmngr.c (revision 348) ++++ src/dirmngr.c (working copy) +@@ -665,8 +665,11 @@ + the option parsing may need services of the libraries. */ + + /* Libgcrypt requires us to register the threading model first. +- Note that this will also do the pth_init. */ ++ Note that this will also do the pth_init for libgcrypt < 1.6 */ + ++#if GCRYPT_VERSION_NUMBER >= 0x010600 ++ pth_init (); ++#endif + /* Init Libgcrypt. */ + rc = gcry_control (GCRYCTL_SET_THREAD_CBS, &gcry_threads_pth); + if (rc) diff --git a/source/n/dirmngr/dirmngr.SlackBuild b/source/n/dirmngr/dirmngr.SlackBuild index 4c1b4a72..5ca697c5 100755 --- a/source/n/dirmngr/dirmngr.SlackBuild +++ b/source/n/dirmngr/dirmngr.SlackBuild @@ -24,12 +24,12 @@ PKGNAM=dirmngr VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-3} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -38,8 +38,8 @@ fi NUMJOBS=${NUMJOBS:-" -j7 "} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -69,6 +69,8 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; +zcat $CWD/dirmngr-pth-fix.patch.gz | patch -p0 --verbose || exit 1 + CFLAGS="$SLKCFLAGS" \ CXXFLAGS="$SLKCFLAGS" \ ./configure \ diff --git a/source/n/dnsmasq/dnsmasq.SlackBuild b/source/n/dnsmasq/dnsmasq.SlackBuild index 7b89d3ef..7003af14 100755 --- a/source/n/dnsmasq/dnsmasq.SlackBuild +++ b/source/n/dnsmasq/dnsmasq.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2015 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -21,7 +21,7 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=${VERSION:-$(echo dnsmasq-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +VERSION=${VERSION:-$(echo dnsmasq-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} BUILD=${BUILD:-1} NUMJOBS=${NUMJOBS:-" -j7 "} @@ -29,7 +29,7 @@ NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -44,7 +44,7 @@ rm -rf $PKG mkdir -p $TMP $PKG cd $TMP rm -rf dnsmasq-$VERSION -tar xvf $CWD/dnsmasq-$VERSION.tar.?*z || exit 1 +tar xvf $CWD/dnsmasq-$VERSION.tar.xz || exit 1 cd dnsmasq-$VERSION || exit 1 chown -R root:root . find . \ diff --git a/source/n/epic5/epic5.SlackBuild b/source/n/epic5/epic5.SlackBuild index 095e8f35..36265841 100755 --- a/source/n/epic5/epic5.SlackBuild +++ b/source/n/epic5/epic5.SlackBuild @@ -29,7 +29,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -38,8 +38,8 @@ fi NUMJOBS=${NUMJOBS:-" -j7 "} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" diff --git a/source/n/ethtool/ethtool-3.10.tar.sign b/source/n/ethtool/ethtool-3.10.tar.sign deleted file mode 100644 index 11d803c5..00000000 --- a/source/n/ethtool/ethtool-3.10.tar.sign +++ /dev/null @@ -1,11 +0,0 @@ ------BEGIN PGP SIGNATURE----- -Version: GnuPG v1.4.13 (GNU/Linux) - -iQEcBAABAgAGBQJR0ayaAAoJEGkILBsOca601+MH/0RBWsj7W+Co1ZC7IdvH+4NB -mQkJsZYxFuaN4hj9uOBnlg1GntOvo1PLEeu1vp1Id+jnak0GQ+a+funNMF1Qplq4 -sfHdKKrPseM3Jhxx+pG0Ai+ANrEvOCaxw5my2huBzvw5IAfCmXVKhXOV4a5xSJfC -4YgfGwFP/x8GV9+AiBxU6I5tfX0BLlg5cZhrKLoeQXTGBdc3uvaiXbef9tW4eG3g -nhei/J+ekHRAfQtvcAUEfVr2VciKhx+G4il6OaZ3JBM94XFuOozzuAxRs23sWNlp -oeS0W9BkENTqiZA6qxUMBCdHrlK046aM1Mt9JdIaWwU0UV5ATvHnVjJDURdUC/w= -=x5fp ------END PGP SIGNATURE----- diff --git a/source/n/ethtool/ethtool-4.5.tar.sign b/source/n/ethtool/ethtool-4.5.tar.sign new file mode 100644 index 00000000..75a72f30 --- /dev/null +++ b/source/n/ethtool/ethtool-4.5.tar.sign @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1 + +iQIVAwUAVuYakOe/yOyVhhEJAQqVIg//R9TIh1/lWBbC6qwJkEHMqmle/wx+Oinz +OrIf1bRsMMj6lKiIulAGo7sYkol6egw2NRHrOupPxjkX8WhEGCe1HmrTq5Fkink9 +g30rZUw3rnadnBoi2ZDkZ7apfpCj9pRJBKGuzoQNoAjkSmhnqFlPpINFULsAGZQI +6iE6iWz7eqPrnTml57GY28ZJDyLPvaCE/BXWzZZjDHRfGwAUjAHsqdoAqDfzqOzW +ymPm4GCDjJGEugQ5l8Dvo6vp4uqwrBjXeDU7kCSDb6d/GLrNfGvCUg0e4K4mU79j +JwEFP3fImsCgQ1chkcdFA8SRRtHOJsyOm8diNrUhufHNe3Kjt5BvJraFE9anmZgT +Urmn4yeupkEixcQOHq9vN38Nz2Qscz9LOOWC1txQ8IytTjBOsWbMPD3ktF2kZ+xd +jtM8r7UykNciVrf+r0qtGfmWkoLUGKdzrR5oEzmrGVFL9v3Gd4HrAFfYbUA3AlVX +KUQl6wJXEtS+wC3onRCg9Ksb91/wAdNROBM2yXMnj3z4xS7nap9E+JEIH6jOa9ol +f4RS4cLGAtf8E+vZMiFcrH0fkvlQTdcVc4z2xBm4BsDZYSzpXLIYtlaVS4/qO9yQ +cdMTBKxl3nA4IfQT0VMUsB6fH32auOkTG8NEBP75ypLremn+vG8Ws+cdUy0Hy6bV +Pa3PalUpQgM= +=O3ii +-----END PGP SIGNATURE----- diff --git a/source/n/ethtool/ethtool.SlackBuild b/source/n/ethtool/ethtool.SlackBuild index 388f46e8..6e6f8988 100755 --- a/source/n/ethtool/ethtool.SlackBuild +++ b/source/n/ethtool/ethtool.SlackBuild @@ -28,7 +28,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -39,21 +39,40 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-ethtool +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + rm -rf $PKG mkdir -p $TMP $PKG - cd $TMP rm -rf ethtool-$VERSION tar xvf $CWD/ethtool-$VERSION.tar.?z* || exit 1 cd ethtool-$VERSION || exit 1 chown -R root:root . + +CFLAGS="$SLKCFLAGS" \ ./configure \ --prefix=/usr \ - --mandir=/usr/man + --mandir=/usr/man \ + --build=$ARCH-slackware-linux + make || exit 1 make install DESTDIR=$PKG -strip $PKG/usr/sbin/ethtool + +strip --strip-unneeded $PKG/usr/sbin/ethtool gzip -9 $PKG/usr/man/man8/ethtool.8 + mkdir -p $PKG/usr/doc/ethtool-$VERSION cp -a \ AUTHORS COPYING* LICENSE NEWS README* \ diff --git a/source/n/fetchmail/fetchmail.SlackBuild b/source/n/fetchmail/fetchmail.SlackBuild index e7bca0fd..14c867da 100755 --- a/source/n/fetchmail/fetchmail.SlackBuild +++ b/source/n/fetchmail/fetchmail.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2016 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -27,15 +27,15 @@ BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac fi -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" elif [ "$ARCH" = "x86_64" ]; then diff --git a/source/n/fetchmail/fetchmail.url b/source/n/fetchmail/fetchmail.url index 7c51f8e8..c552cc66 100644 --- a/source/n/fetchmail/fetchmail.url +++ b/source/n/fetchmail/fetchmail.url @@ -1,4 +1,2 @@ -lftpget http://download.berlios.de/fetchmail/fetchmail-6.3.20.tar.xz -lftpget http://download.berlios.de/fetchmail/fetchmail-6.3.20.tar.xz.asc -lftpget http://download.berlios.de/fetchmail/fetchmail-6.3.20.tar.bz2 -lftpget http://download.berlios.de/fetchmail/fetchmail-6.3.20.tar.bz2.asc +lftpget http://sourceforge.net/projects/fetchmail/files/branch_6.3/fetchmail-6.3.26.tar.xz +lftpget http://sourceforge.net/projects/fetchmail/files/branch_6.3/fetchmail-6.3.26.tar.xz.asc diff --git a/source/n/gnupg/gnupg.SlackBuild b/source/n/gnupg/gnupg.SlackBuild index 8cd3f025..de2228ad 100755 --- a/source/n/gnupg/gnupg.SlackBuild +++ b/source/n/gnupg/gnupg.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2008, 2009, 2010, 2011, 2013, 2015, 2016 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -27,7 +27,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -40,8 +40,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-gnupg -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" elif [ "$ARCH" = "x86_64" ]; then @@ -57,6 +57,7 @@ cd $TMP rm -rf gnupg-$VERSION tar xvf $CWD/gnupg-$VERSION.tar.?z* || exit 1 cd gnupg-$VERSION + chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ diff --git a/source/n/gnupg2/gnupg2.SlackBuild b/source/n/gnupg2/gnupg2.SlackBuild index 3c48e3d5..0f41877c 100755 --- a/source/n/gnupg2/gnupg2.SlackBuild +++ b/source/n/gnupg2/gnupg2.SlackBuild @@ -31,7 +31,7 @@ NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -42,8 +42,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-gnupg -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" diff --git a/source/n/gnutls/gnutls.SlackBuild b/source/n/gnutls/gnutls.SlackBuild index 52acab6d..9b1a00b1 100755 --- a/source/n/gnutls/gnutls.SlackBuild +++ b/source/n/gnutls/gnutls.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2007, 2008, 2009, 2010 Patrick Volkerding, Sebeka, MN, USA +# Copyright 2007, 2008, 2009, 2010, 2016 Patrick Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,13 +22,13 @@ PKGNAM=gnutls -VERSION=${VERSION:-$(echo gnutls-*.tar.?z* | rev | cut -f 4- -d . | cut -f 1 -d - | rev)} +VERSION=${VERSION:-$(echo gnutls-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -37,8 +37,8 @@ fi NUMJOBS=${NUMJOBS:-" -j7 "} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -60,20 +60,9 @@ mkdir -p $TMP $PKG cd $TMP rm -rf $PKGNAM-$VERSION -if [ -r $CWD/$PKGNAM-$VERSION.tar.gz ]; then - tar xf $CWD/$PKGNAM-$VERSION.tar.gz || exit 1 -elif [ -r $CWD/$PKGNAM-$VERSION.tar.bz2 ]; then - tar xf $CWD/$PKGNAM-$VERSION.tar.bz2 || exit 1 -elif [ -r $CWD/$PKGNAM-$VERSION.tar.xz ]; then - tar xf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 -elif [ -r $CWD/$PKGNAM-$VERSION.tar.lzma ]; then - tar xf $CWD/$PKGNAM-$VERSION.tar.lzma || exit 1 -else - exit 1 -fi - +tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 -cd $PKGNAM-$VERSION chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ @@ -93,6 +82,7 @@ CXXFLAGS="$SLKCFLAGS" \ --enable-static=no \ --disable-rpath \ --with-included-libtasn1 \ + --enable-openssl-compatibility \ --build=$ARCH-slackware-linux \ --host=$ARCH-slackware-linux diff --git a/source/n/gpa/gpa.SlackBuild b/source/n/gpa/gpa.SlackBuild index 8bf3ac00..c86c87b9 100755 --- a/source/n/gpa/gpa.SlackBuild +++ b/source/n/gpa/gpa.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2006-2007 Robby Workman (http://rlworkman.net) +# Copyright 2006-2007, 2014 Robby Workman, Tuscaloosa, AL, USA # Copyright 2007, 2008, 2009, 2010, 2012 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # @@ -29,7 +29,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -42,8 +42,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/pkg-$PKGNAM -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" diff --git a/source/n/gpgme/gpgme.SlackBuild b/source/n/gpgme/gpgme.SlackBuild index b0ff93d6..3bf092f0 100755 --- a/source/n/gpgme/gpgme.SlackBuild +++ b/source/n/gpgme/gpgme.SlackBuild @@ -28,7 +28,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -41,8 +41,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/pkg-$PKGNAM -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" diff --git a/source/n/httpd/httpd.SlackBuild b/source/n/httpd/httpd.SlackBuild index 249d8fc6..cbabd7a9 100755 --- a/source/n/httpd/httpd.SlackBuild +++ b/source/n/httpd/httpd.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -31,7 +31,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -46,8 +46,8 @@ PKG=$TMP/package-${PKGNAM} rm -rf $PKG mkdir -p $TMP $PKG -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" diff --git a/source/n/httpd/httpd.url b/source/n/httpd/httpd.url index dc1231b4..fe13f34e 100644 --- a/source/n/httpd/httpd.url +++ b/source/n/httpd/httpd.url @@ -1,2 +1,2 @@ -http://www.apache.org/dist/httpd/httpd-2.4.6.tar.bz2 -http://www.apache.org/dist/httpd/httpd-2.4.6.tar.bz2.asc +http://www.apache.org/dist/httpd/httpd-2.4.17.tar.bz2 +http://www.apache.org/dist/httpd/httpd-2.4.17.tar.bz2.asc diff --git a/source/n/icmpinfo/icmpinfo-1.11-time.diff b/source/n/icmpinfo/icmpinfo-1.11-time.diff new file mode 100644 index 00000000..71f8807b --- /dev/null +++ b/source/n/icmpinfo/icmpinfo-1.11-time.diff @@ -0,0 +1,45 @@ +diff -uri icmpinfo-1.11/defs.h icmpinfo-1.11.fixed/defs.h +--- icmpinfo-1.11/defs.h 1994-05-26 15:36:40.000000000 +0200 ++++ icmpinfo-1.11.fixed/defs.h 2008-04-07 20:13:09.000000000 +0200 +@@ -3,10 +3,11 @@ + */ + + #include <stdio.h> ++#include <stdlib.h> /* exit */ + #include <errno.h> + extern int errno; + +-#include <sys/time.h> ++#include <time.h> + #include <sys/param.h> + #include <sys/socket.h> + #include <sys/file.h> +diff -uri icmpinfo-1.11/err.c icmpinfo-1.11.fixed/err.c +--- icmpinfo-1.11/err.c 1994-04-22 19:44:48.000000000 +0200 ++++ icmpinfo-1.11.fixed/err.c 2008-04-07 20:13:47.000000000 +0200 +@@ -1,4 +1,5 @@ + #include <stdio.h> ++#include <stdlib.h> /* exit */ + + extern char *pname; + +diff -uri icmpinfo-1.11/pid.c icmpinfo-1.11.fixed/pid.c +--- icmpinfo-1.11/pid.c 2008-04-07 20:16:58.000000000 +0200 ++++ icmpinfo-1.11.fixed/pid.c 2008-04-07 20:14:12.000000000 +0200 +@@ -1,4 +1,5 @@ + #include <stdio.h> ++#include <stdlib.h> /* exit */ + #include <signal.h> + + #define PIDFILE "/var/run/icmpinfo.pid" +diff -uri icmpinfo-1.11/print.c icmpinfo-1.11.fixed/print.c +--- icmpinfo-1.11/print.c 2008-04-07 20:16:58.000000000 +0200 ++++ icmpinfo-1.11.fixed/print.c 2008-04-07 20:15:23.000000000 +0200 +@@ -9,6 +9,7 @@ + it should be ok, now */ + + #include <string.h> ++#include <stddef.h> /* offsetof */ + #include "defs.h" + + #ifndef ANSI_OFFSETOF diff --git a/source/n/icmpinfo/icmpinfo.SlackBuild b/source/n/icmpinfo/icmpinfo.SlackBuild index c783e78f..fb1f9023 100755 --- a/source/n/icmpinfo/icmpinfo.SlackBuild +++ b/source/n/icmpinfo/icmpinfo.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2015 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -21,12 +21,12 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. VERSION=1.11 -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -43,6 +43,7 @@ rm -rf $PKG mkdir -p $TMP $PKG cd $TMP +rm -rf icmpinfo-$VERSION tar xvf $CWD/icmpinfo-$VERSION.tar.gz || exit 1 cd icmpinfo-$VERSION || exit 1 @@ -53,7 +54,10 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -zcat $CWD/icmpinfo-1.11.diff.gz | patch -p1 --backup || exit +zcat $CWD/icmpinfo-1.11.diff.gz | patch -p1 --backup || exit 1 + +# Patch to prevent segfault: +zcat $CWD/icmpinfo-1.11-time.diff.gz | patch -p1 --backup || exit 1 make $NUMJOBS || make || exit 1 diff --git a/source/n/inetd/fix-x86_64-daytime-segfault.diff b/source/n/inetd/fix-x86_64-daytime-segfault.diff new file mode 100644 index 00000000..21262da8 --- /dev/null +++ b/source/n/inetd/fix-x86_64-daytime-segfault.diff @@ -0,0 +1,28 @@ +--- a/inetd.c 2013-11-14 10:34:46.604127237 +0100 ++++ b/inetd.c 2013-11-14 10:35:56.168907312 +0100 +@@ -165,6 +165,7 @@ static char xtraid[] = "$Slackware: inet + #include <stdlib.h> + #include <unistd.h> + #include <string.h> ++#include <time.h> + /* #include <login_cap.h> */ + #include <rpc/rpc.h> + #include <rpc/pmap_clnt.h> +@@ -2096,7 +2097,7 @@ daytime_stream(s, sep) /* Return human- + struct servtab *sep; + { + char buffer[256]; +- time_t time(), clock; ++ time_t clock; + + clock = time(NULL); + +@@ -2111,7 +2112,7 @@ daytime_dg(s, sep) /* Return human-read + struct servtab *sep; + { + char buffer[256]; +- time_t time(), clock; ++ time_t clock; + /* struct sockaddr_storage ss; */ + struct sockaddr sa; + int size; diff --git a/source/n/inetd/inetd.SlackBuild b/source/n/inetd/inetd.SlackBuild index 479b5ebb..e2186401 100755 --- a/source/n/inetd/inetd.SlackBuild +++ b/source/n/inetd/inetd.SlackBuild @@ -21,12 +21,12 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. VERSION=1.79s -BUILD=${BUILD:-8} +BUILD=${BUILD:-9} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -57,6 +57,9 @@ zcat $CWD/inetd.loopingdos.diff.gz | patch -p1 --backup --suffix=.orig --verbose # GCC 4 fix (thanks Fred Emmott) sed -i 's#(type)\([a-z]\)=(type)\([a-z]\)#\1=(type)\2#g' inetd.c +# Fix segfault of daytime on x86_64 (thanks tfonz on LQ) +zcat $CWD/fix-x86_64-daytime-segfault.diff.gz | patch -p1 || exit 1 + make || exit 1 strip inetd diff --git a/source/n/iproute2/doinst.sh b/source/n/iproute2/doinst.sh index a283373d..19f75595 100644 --- a/source/n/iproute2/doinst.sh +++ b/source/n/iproute2/doinst.sh @@ -16,4 +16,4 @@ config etc/iproute2/rt_protos.new config etc/iproute2/rt_realms.new config etc/iproute2/rt_scopes.new config etc/iproute2/rt_tables.new - +config etc/iproute2/nl_protos.new diff --git a/source/n/iproute2/iproute2-3.10.0.tar.sign b/source/n/iproute2/iproute2-3.10.0.tar.sign Binary files differdeleted file mode 100644 index 48ea348c..00000000 --- a/source/n/iproute2/iproute2-3.10.0.tar.sign +++ /dev/null diff --git a/source/n/iproute2/iproute2-4.4.0.tar.sign b/source/n/iproute2/iproute2-4.4.0.tar.sign Binary files differnew file mode 100644 index 00000000..129ba437 --- /dev/null +++ b/source/n/iproute2/iproute2-4.4.0.tar.sign diff --git a/source/n/iproute2/iproute2.SlackBuild b/source/n/iproute2/iproute2.SlackBuild index 40ce1258..942c6120 100755 --- a/source/n/iproute2/iproute2.SlackBuild +++ b/source/n/iproute2/iproute2.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2005-2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2005-2016 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -20,23 +20,24 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=${VERSION:-3.10.0} -BUILD=${BUILD:-2} +PKGNAM=iproute2 +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} #NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac fi -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" diff --git a/source/n/iptables/iptables.SlackBuild b/source/n/iptables/iptables.SlackBuild index 5f6c4a08..a21e7f9e 100755 --- a/source/n/iptables/iptables.SlackBuild +++ b/source/n/iptables/iptables.SlackBuild @@ -21,14 +21,14 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. VERSION=${VERSION:-$(echo iptables-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -39,8 +39,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-iptables -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -71,11 +71,13 @@ CFLAGS="$SLKCFLAGS" \ ./configure \ --prefix=/usr \ --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ --mandir=/usr/man \ --docdir=/usr/doc/iptables-$VERSION \ --enable-devel \ --enable-libipq \ --enable-bpf-compiler \ + --enable-nfsynproxy \ --disable-static \ --build=$ARCH-slackware-linux || exit 1 diff --git a/source/n/iputils/iputils.SlackBuild b/source/n/iputils/iputils.SlackBuild index 30f4a71a..c6a8f696 100755 --- a/source/n/iputils/iputils.SlackBuild +++ b/source/n/iputils/iputils.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2013, 2015 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -20,20 +20,20 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=s20121221 +VERSION=s20140519 BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac fi -if [ "$ARCH" = "i486" ]; then +if [ "$ARCH" = "i586" ]; then LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then LIBDIRSUFFIX="" diff --git a/source/n/irssi/irssi.SlackBuild b/source/n/irssi/irssi.SlackBuild index 59be8b1e..067db156 100755 --- a/source/n/irssi/irssi.SlackBuild +++ b/source/n/irssi/irssi.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2016 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -25,14 +25,14 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-irssi -VERSION=0.8.15 -DIRCD=0.8.15 -BUILD=${BUILD:-7} +VERSION=0.8.19 +DIRCD=0.8.19 +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -41,8 +41,8 @@ fi NUMJOBS=${NUMJOBS:-" -j7 "} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -59,7 +59,7 @@ rm -rf $PKG mkdir -p $TMP $PKG cd $TMP rm -rf irssi-$VERSION -tar xvf $CWD/irssi-$VERSION.tar.bz2 || exit 1 +tar xvf $CWD/irssi-$VERSION.tar.xz || exit 1 cd irssi-$DIRCD chown -R root:root . @@ -69,12 +69,6 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -# Fix an error in the manual page: -zcat $CWD/irssi.manpage_fix.diff.gz | patch -p1 --verbose || exit 1 - -# Fix an SSL proxy bug in 0.8.15: -zcat $CWD/irssi.ssl_proxy.diff.gz | patch -p1 --verbose || exit 1 - CFLAGS="$SLKCFLAGS" \ ./configure \ --prefix=/usr \ diff --git a/source/n/irssi/irssi.manpage_fix.diff b/source/n/irssi/irssi.manpage_fix.diff deleted file mode 100644 index 2219652d..00000000 --- a/source/n/irssi/irssi.manpage_fix.diff +++ /dev/null @@ -1,16 +0,0 @@ -Author: Gerfried Fuchs <rhonda@debian.at> vim:ft=diff: -Description: Fix the hyphens in the synopsis - -Index: irssi-0.8.14/docs/irssi.1 -=================================================================== ---- irssi-0.8.14.orig/docs/irssi.1 -+++ irssi-0.8.14/docs/irssi.1 -@@ -3,7 +3,7 @@ - Irssi \- a modular IRC client for UNIX - .SH SYNOPSIS - .B irssi --[-dv!?] [-c server] [-p port] [-n nickname] [-w password] [-h hostname] -+[\-dv!?] [\-c server] [\-p port] [\-n nickname] [\-w password] [\-h hostname] - .SH DESCRIPTION - .B Irssi - is a modular Internet Relay Chat client. It is highly extensible and diff --git a/source/n/irssi/irssi.ssl_proxy.diff b/source/n/irssi/irssi.ssl_proxy.diff deleted file mode 100644 index 401e0717..00000000 --- a/source/n/irssi/irssi.ssl_proxy.diff +++ /dev/null @@ -1,24 +0,0 @@ -Index: irssi-0.8.14/src/core/servers.c -=================================================================== ---- irssi-0.8.14.orig/src/core/servers.c -+++ irssi-0.8.14/src/core/servers.c -@@ -209,6 +209,7 @@ - char *errmsg2; - char ipaddr[MAX_IP_LEN]; - int port; -+ char *hostname; - - g_return_if_fail(ip != NULL || unix_socket != NULL); - -@@ -223,8 +224,10 @@ - server->connrec->own_ip4); - port = server->connrec->proxy != NULL ? - server->connrec->proxy_port : server->connrec->port; -+ hostname = server->connrec->proxy != NULL ? -+ server->connrec->proxy : server->connrec->address; - handle = server->connrec->use_ssl ? -- net_connect_ip_ssl(ip, port, server->connrec->address, own_ip, server->connrec->ssl_cert, server->connrec->ssl_pkey, -+ net_connect_ip_ssl(ip, port, hostname, own_ip, server->connrec->ssl_cert, server->connrec->ssl_pkey, - server->connrec->ssl_cafile, server->connrec->ssl_capath, server->connrec->ssl_verify) : - net_connect_ip(ip, port, own_ip); - } else { diff --git a/source/n/iw/iw.SlackBuild b/source/n/iw/iw.SlackBuild index 10211173..6ccba9cd 100755 --- a/source/n/iw/iw.SlackBuild +++ b/source/n/iw/iw.SlackBuild @@ -29,7 +29,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -42,8 +42,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-$PKGNAM -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" elif [ "$ARCH" = "i686" ]; then SLKCFLAGS="-O2 -march=i686 -mtune=i686" elif [ "$ARCH" = "x86_64" ]; then diff --git a/source/n/iw/iw.info b/source/n/iw/iw.info deleted file mode 100644 index 325189b8..00000000 --- a/source/n/iw/iw.info +++ /dev/null @@ -1,2 +0,0 @@ -HOMEPAGE="http://wireless.kernel.org/en/users/Documentation/iw" -DOWNLOAD="http://wireless.kernel.org/download/iw/iw-3.0.tar.bz2" diff --git a/source/n/iw/iw.url b/source/n/iw/iw.url new file mode 100644 index 00000000..b9e9c8c8 --- /dev/null +++ b/source/n/iw/iw.url @@ -0,0 +1,2 @@ +HOMEPAGE="http://wireless.kernel.org/en/users/Documentation/iw" +DOWNLOAD="https://www.kernel.org/pub/software/network/iw/iw-4.3.tar.xz" diff --git a/source/n/lftp/lftp.SlackBuild b/source/n/lftp/lftp.SlackBuild index ba7229c4..b1aad69f 100755 --- a/source/n/lftp/lftp.SlackBuild +++ b/source/n/lftp/lftp.SlackBuild @@ -29,7 +29,7 @@ NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -40,8 +40,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-lftp -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" diff --git a/source/n/libassuan/libassuan.SlackBuild b/source/n/libassuan/libassuan.SlackBuild index 426464e5..5cc18b9d 100755 --- a/source/n/libassuan/libassuan.SlackBuild +++ b/source/n/libassuan/libassuan.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2006-2007 Robby Workman (http://rlworkman.net) +# Copyright 2006-2007, 2014 Robby Workman, Tuscaloosa, AL, USA # Copyright 2007, 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # @@ -28,7 +28,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -41,8 +41,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/pkg-$PKGNAM -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -74,6 +74,7 @@ CXXFLAGS="$SLKCFLAGS" \ --prefix=/usr \ --libdir=/usr/lib${LIBDIRSUFFIX} \ --infodir=/usr/info \ + --mandir=/usr/man \ --build=$ARCH-slackware-linux \ --host=$ARCH-slackware-linux @@ -83,6 +84,8 @@ make install DESTDIR=$PKG || exit 1 find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +find $PKG/usr/man -type f -exec gzip -9 {} \; + gzip -9 $PKG/usr/info/*.info rm -rf $PKG/usr/info/dir diff --git a/source/n/libgcrypt/libgcrypt.SlackBuild b/source/n/libgcrypt/libgcrypt.SlackBuild index 42b1b419..1188af89 100755 --- a/source/n/libgcrypt/libgcrypt.SlackBuild +++ b/source/n/libgcrypt/libgcrypt.SlackBuild @@ -29,7 +29,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -42,8 +42,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-$PKGNAM -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -75,6 +75,7 @@ CXXFLAGS="$SLKCFLAGS" \ --prefix=/usr \ --libdir=/usr/lib${LIBDIRSUFFIX} \ --infodir=/usr/info \ + --mandir=/usr/man \ --docdir=/usr/doc/libgcrypt-$VERSION \ --enable-shared=yes \ --enable-static=no \ @@ -99,6 +100,8 @@ mkdir -p $PKG/lib${LIBDIRSUFFIX} find $PKG | xargs file | grep -e "executable" -e "shared object" \ | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +find $PKG/usr/man -type f -exec gzip -9 {} \; + rm -f $PKG/usr/info/dir gzip -9 $PKG/usr/info/* diff --git a/source/n/libgpg-error/libgpg-error.SlackBuild b/source/n/libgpg-error/libgpg-error.SlackBuild index 73397d93..c47d9813 100755 --- a/source/n/libgpg-error/libgpg-error.SlackBuild +++ b/source/n/libgpg-error/libgpg-error.SlackBuild @@ -1,7 +1,7 @@ #!/bin/sh # Copyright 2006, 2009 Robby Workman, Northport, AL, USA -# Copyright 2007, 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2007, 2008, 2009, 2010, 2015 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -29,7 +29,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -42,8 +42,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-$PKGNAM -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -75,9 +75,10 @@ CXXFLAGS="$SLKCFLAGS" \ --prefix=/usr \ --libdir=/usr/lib${LIBDIRSUFFIX} \ --infodir=/usr/info \ + --mandir=/usr/man \ --docdir=/usr/doc/$PKGNAM-$VERSION \ --enable-shared=yes \ - --enable-static=yes \ + --enable-static=no \ --build=$ARCH-slackware-linux \ --host=$ARCH-slackware-linux @@ -94,8 +95,34 @@ mkdir -p $PKG/lib${LIBDIRSUFFIX} cp -a lib*.so.? ../../lib${LIBDIRSUFFIX} ) -find $PKG | xargs file | grep -e "executable" -e "shared object" \ - | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +# Strip binaries: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Compress info files, if any: +if [ -d $PKG/usr/info ]; then + ( cd $PKG/usr/info + rm -f dir + gzip -9 * + ) +fi mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION cp -a \ diff --git a/source/n/libksba/libksba.SlackBuild b/source/n/libksba/libksba.SlackBuild index 5cbc4093..de5c1441 100755 --- a/source/n/libksba/libksba.SlackBuild +++ b/source/n/libksba/libksba.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2006,2009 Robby Workman, Northport, AL, USA +# Copyright 2006,2009, 2014 Robby Workman, Northport, AL, USA # Copyright 2007, 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # @@ -28,7 +28,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -41,8 +41,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/pkg-$PKGNAM -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -76,6 +76,7 @@ CXXFLAGS="$SLKCFLAGS" \ --sysconfdir=/etc \ --localstatedir=/var \ --infodir=/usr/info \ + --mandir=/usr/man \ --docdir=/usr/doc/$PKGNAM-$VERSION \ --enable-shared=yes \ --enable-static=no \ @@ -88,6 +89,8 @@ make install DESTDIR=$PKG find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +find $PKG/usr/man -type -f -exec gzip -9 {} \; + rm -f $PKG/usr/info/dir gzip -9 $PKG/usr/info/* diff --git a/source/n/libmbim/libmbim.SlackBuild b/source/n/libmbim/libmbim.SlackBuild index ce866160..9fda168d 100755 --- a/source/n/libmbim/libmbim.SlackBuild +++ b/source/n/libmbim/libmbim.SlackBuild @@ -24,22 +24,22 @@ PKGNAM=libmbim VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac fi -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" diff --git a/source/n/obexfs/obexfs.SlackBuild b/source/n/libndp/libndp.SlackBuild index 05c9ceb3..c29cbda4 100755 --- a/source/n/obexfs/obexfs.SlackBuild +++ b/source/n/libndp/libndp.SlackBuild @@ -1,9 +1,9 @@ -#!/bin/bash +#!/bin/sh -# Slackware build script for obexfs +# Slackware build script for libndp -# Copyright 2009 Robby Workman, Northport, Alabama, USA -# Copyright 2010 Patrick Volkerding, Sebeka, MN, USA +# Copyright 2014 Robby Workman, Northport, Alabama, USA +# Copyright 2015, 2016 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -12,7 +12,7 @@ # 1. Redistributions of this script must retain the above copyright # notice, this list of conditions and the following disclaimer. # -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED # WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF # MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO # EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, @@ -23,19 +23,15 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -PKGNAM=obexfs +PKGNAM=libndp VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} BUILD=${BUILD:-1} -NUMJOBS=${NUMJOBS:-" -j7 "} - -# Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; - arm*) export ARCH=arm ;; - # Unless $ARCH is already set, use uname -m for all other archs: - *) export ARCH=$( uname -m ) ;; + i?86) ARCH=i586 ;; + arm*) ARCH=arm ;; + *) ARCH=$( uname -m ) ;; esac fi @@ -43,8 +39,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-$PKGNAM -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "i686" ]; then SLKCFLAGS="-O2 -march=i686 -mtune=i686" @@ -57,18 +53,20 @@ else LIBDIRSUFFIX="" fi +NUMJOBS=${NUMJOBS:-" -j7 "} + rm -rf $PKG mkdir -p $TMP $PKG cd $TMP rm -rf $PKGNAM-$VERSION -tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1 -cd $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 chown -R root:root . -find . \ - \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ - -exec chmod 755 {} \; -o \ - \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ - -exec chmod 644 {} \; +find -L . \ + \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 711 -o -perm 555 \ + -o -perm 511 \) -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \ + -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \; CFLAGS="$SLKCFLAGS" \ CXXFLAGS="$SLKCFLAGS" \ @@ -78,26 +76,21 @@ CXXFLAGS="$SLKCFLAGS" \ --sysconfdir=/etc \ --localstatedir=/var \ --mandir=/usr/man \ + --disable-static \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ --build=$ARCH-slackware-linux -make $NUMJOBS || make || exit 1 +make $NUMJOBS || exit 1 make install DESTDIR=$PKG || exit 1 -find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ - | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \ + grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true -mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION -cp -a \ - AUTHORS COPYING* INSTALL NEWS README* \ - $PKG/usr/doc/$PKGNAM-$VERSION +find $PKG/usr/man -type f -exec gzip -9 {} \; +for i in $( find $PKG/usr/man -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done -# If there's a ChangeLog, installing at least part of the recent history -# is useful, but don't let it get totally out of control: -if [ -r ChangeLog ]; then - DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) - cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog - touch -r ChangeLog $DOCSDIR/ChangeLog -fi +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a COPYING README $PKG/usr/doc/$PKGNAM-$VERSION mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc diff --git a/source/n/libndp/slack-desc b/source/n/libndp/slack-desc new file mode 100644 index 00000000..9808c0d4 --- /dev/null +++ b/source/n/libndp/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +libndp: libndp (library for Neighbor Discovery Protocol) +libndp: +libndp: libndp contains a library which provides a wrapper for IPv6 Neighbor +libndp: Discovery Protocol. It also provides a tool named ndptool for sending +libndp: and receiving NDP messages. +libndp: +libndp: Homepage: http://libndp.org/ +libndp: +libndp: +libndp: +libndp: diff --git a/source/n/libnetfilter_conntrack/libnetfilter_conntrack.SlackBuild b/source/n/libnetfilter_conntrack/libnetfilter_conntrack.SlackBuild index 6abe6f1b..29f58a23 100755 --- a/source/n/libnetfilter_conntrack/libnetfilter_conntrack.SlackBuild +++ b/source/n/libnetfilter_conntrack/libnetfilter_conntrack.SlackBuild @@ -2,7 +2,7 @@ # Slackware build script for libnetfilter_conntrack -# Copyright 2006-2013 Robby Workman, Northport, Alabama, USA +# Copyright 2006-2015 Robby Workman, Tuscaloosa, Alabama, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -31,7 +31,7 @@ NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -42,8 +42,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-$PKGNAM -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "i686" ]; then SLKCFLAGS="-O2 -march=i686 -mtune=i686" diff --git a/source/n/bluez-hcidump/bluez-hcidump.SlackBuild b/source/n/libnftnl/libnftnl.SlackBuild index 247e67dc..8f1cca8c 100755 --- a/source/n/bluez-hcidump/bluez-hcidump.SlackBuild +++ b/source/n/libnftnl/libnftnl.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2006-2011 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2014 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -9,7 +9,7 @@ # 1. Redistributions of this script must retain the above copyright # notice, this list of conditions and the following disclaimer. # -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED # WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF # MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO # EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, @@ -20,9 +20,8 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -PKGNAM=bluez-hcidump -VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +PKGNAM=libnftnl +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} BUILD=${BUILD:-1} NUMJOBS=${NUMJOBS:-" -j7 "} @@ -30,15 +29,15 @@ NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac fi -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -53,16 +52,16 @@ fi CWD=$(pwd) TMP=${TMP:-/tmp} -PKG=$TMP/package-${PKGNAM} +PKG=$TMP/package-$PKGNAM + rm -rf $PKG mkdir -p $TMP $PKG cd $TMP -rm -rf ${PKGNAM}-${VERSION} -tar xvf $CWD/${PKGNAM}-$VERSION.tar.xz || exit 1 -cd ${PKGNAM}-$VERSION || exit 1 +rm -rf $PKGNAM-$VERSION +tar xf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 -# Make sure ownerships and permissions are sane: chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ @@ -70,23 +69,27 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -# Configure: CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ ./configure \ --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ --sysconfdir=/etc \ + --localstatedir=/var \ --mandir=/usr/man \ - --build=$ARCH-slackware-linux + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --disable-static \ + --build=$ARCH-slackware-linux || exit 1 -# Build and install: make $NUMJOBS || make || exit 1 make install DESTDIR=$PKG || exit 1 -# Strip binaries: -find $PKG | xargs file | grep -e "executable" -e "shared object" \ - | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.la -# Compress and link manpages, if any: +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \ + grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +# Compress and if needed symlink the man pages: if [ -d $PKG/usr/man ]; then ( cd $PKG/usr/man for manpagedir in $(find . -type d -name "man*") ; do @@ -95,38 +98,17 @@ if [ -d $PKG/usr/man ]; then ln -s $( readlink $eachpage ).gz $eachpage.gz rm $eachpage done - gzip -9 *.* + gzip -9 *.? ) done ) fi -# Compress info files, if any: -if [ -d $PKG/usr/info ]; then - ( cd $PKG/usr/info - rm -f dir - gzip -9 * - ) -fi - -# Add a documentation directory: -mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION -cp -a \ - AUTHORS COPYING* INSTALL NEWS README* \ - $PKG/usr/doc/${PKGNAM}-$VERSION - -# If there's a ChangeLog, installing at least part of the recent history -# is useful, but don't let it get totally out of control: -if [ -r ChangeLog ]; then - DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) - cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog - touch -r ChangeLog $DOCSDIR/ChangeLog -fi +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a COPYING* README* $PKG/usr/doc/$PKGNAM-$VERSION mkdir -p $PKG/install -#zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh cat $CWD/slack-desc > $PKG/install/slack-desc cd $PKG -/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz - +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/source/n/libnftnl/slack-desc b/source/n/libnftnl/slack-desc new file mode 100644 index 00000000..2b30721c --- /dev/null +++ b/source/n/libnftnl/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +libnftnl: libnftnl (user-space interface to the kernel nf_tables subsystem) +libnftnl: +libnftnl: libnftnl is a userspace library providing a low-level netlink +libnftnl: programming interface (API) to the in-kernel nf_tables subsystem. +libnftnl: This library is currently used by nftables. +libnftnl: +libnftnl: Homepage: http://www.netfilter.org/projects/libnftnl/ +libnftnl: +libnftnl: +libnftnl: +libnftnl: diff --git a/source/n/portmap/doinst.sh b/source/n/libtirpc/doinst.sh index 9307abfd..409cfbe7 100644 --- a/source/n/portmap/doinst.sh +++ b/source/n/libtirpc/doinst.sh @@ -10,4 +10,4 @@ config() { fi # Otherwise, we leave the .new copy for the admin to consider... } -config etc/rc.d/rc.rpc.new +config etc/netconfig.new diff --git a/source/n/libtirpc/libtirpc.SlackBuild b/source/n/libtirpc/libtirpc.SlackBuild new file mode 100755 index 00000000..997dd813 --- /dev/null +++ b/source/n/libtirpc/libtirpc.SlackBuild @@ -0,0 +1,164 @@ +#!/bin/sh + +# Copyright 2015 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# Thanks to Jan Rafaj for contributing the original reference script. +# Remark: - The GSS support (for secure RPC) is currently not built, as it +# Remark: requires Kerberos 5 libraries. If you need it, install +# Remark: Kerberos 5, remove '--disable-gssapi' from the configure flags +# Remark: below and rebuild. + +PKGNAM=libtirpc +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2} + +# To build with GSS support (requires Kerberos 5 libraries), pass any value +# other than "NO" in the environment, or edit the line below: +WITH_GSS=${WITH_GSS:-NO} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i586 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +elif [ "$ARCH" = "armv7hl" ]; then + SLKCFLAGS="-O3 -march=armv7-a -mfpu=vfpv3-d16" + LIBDIRSUFFIX="" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1 +cd $PKGNAM-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Set proper GSS option: +if [ "$WITH_GSS" = "NO" ]; then + GSSAPI="--disable-gssapi" +else + GSSAPI="--enable-gssapi" +fi + +# Configure: +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --disable-static \ + $GSSAPI \ + --build=$ARCH-slackware-linux + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Make etc/netconfig file a .new: +mv $PKG/etc/netconfig $PKG/etc/netconfig.new + +# Move library to /lib${LIBDIRSUFFIX} as it might be needed to mount /usr: +mkdir $PKG/lib${LIBDIRSUFFIX} +( cd $PKG/usr/lib${LIBDIRSUFFIX} + for file in lib*.so.?.* ; do + mv $file ../../lib${LIBDIRSUFFIX} + ln -sf ../../lib${LIBDIRSUFFIX}/$file . + done + cp -a lib*.so.? ../../lib${LIBDIRSUFFIX} +) + +# Strip binaries: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a \ + AUTHORS COPYING* NEWS README* THANKS TODO \ + $PKG/usr/doc/${PKGNAM}-$VERSION + +# Don't use .3t man page suffix: +if [ -d $PKG/usr/man/man3 ]; then + ( cd $PKG/usr/man/man3 + for file in *.3t ; do + mv $file $(basename $file .3t).3 + done + ) +fi + +# Compress manual pages: +find $PKG/usr/man -type f -exec gzip -9 {} \; +for i in $( find $PKG/usr/man -type l ) ; do + ln -s $( readlink $i ).gz $i.gz + rm $i +done + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/source/n/libtirpc/slack-desc b/source/n/libtirpc/slack-desc new file mode 100644 index 00000000..426c7917 --- /dev/null +++ b/source/n/libtirpc/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libtirpc: libtirpc (Transport-Independent RPC library) +libtirpc: +libtirpc: Libtirpc is a port of Sun's Transport-Independent RPC library to +libtirpc: Linux. It is being developed by Bull GNU/Linux NFSv4 project. +libtirpc: +libtirpc: You will need this library if you plan to use RPC with a GLIBC +libtirpc: version newer than 2.13, because the RPC stack has been removed +libtirpc: from GLIBC versions newer than 2.13. The library is required +libtirpc: by the 'rpcbind' package. +libtirpc: +libtirpc: http://sourceforge.net/projects/libtirpc/ diff --git a/source/n/links/links.SlackBuild b/source/n/links/links.SlackBuild index 0131bdd6..be6dac9e 100755 --- a/source/n/links/links.SlackBuild +++ b/source/n/links/links.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2013, 2015 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -20,13 +20,14 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=2.8 -BUILD=${BUILD:-1} +PKGNAM=links +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -39,8 +40,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-links -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" elif [ "$ARCH" = "x86_64" ]; then diff --git a/source/n/lynx/lynx.SlackBuild b/source/n/lynx/lynx.SlackBuild index 9c5062c3..9ee032f9 100755 --- a/source/n/lynx/lynx.SlackBuild +++ b/source/n/lynx/lynx.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2008, 2009, 2010, 2012, 2016 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -21,24 +21,24 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -SRCVER=2.8.7 -PKGVER=2.8.7 -BUILD=${BUILD:-3} +PKGVER=2.8.8rel.2 +DIRVER=2-8-8 +BUILD=${BUILD:-1} NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac fi -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -58,9 +58,9 @@ PKG=$TMP/package-lynx rm -rf $PKG mkdir -p $TMP $PKG/usr/lib${LIBDIRSUFFIX}/lynx cd $TMP -rm -rf lynx2-8-7 -tar xvf $CWD/lynx${SRCVER}.tar.?z* || exit 1 -cd lynx2-8-7 +rm -rf lynx$DIRVER +tar xvf $CWD/lynx${PKGVER}.tar.?z* || exit 1 +cd lynx$DIRVER || exit 1 find . -name "*~" -exec rm -f {} \; chown -R root:root . @@ -70,11 +70,6 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -# Fix /usr/local paths and libdir paths -zcat $CWD/lynx.path.diff.gz | \ - sed -e "s#@SLACK_LIBDIR@#/usr/lib${LIBDIRSUFFIX}/#g" | \ - patch -p1 --verbose || exit 1 - # Apply recolorizing patch: zcat $CWD/lynx.cfg.diff.gz | patch -p1 --verbose --backup || exit 1 @@ -84,6 +79,7 @@ CFLAGS="$SLKCFLAGS" \ --sysconfdir=/etc \ --libdir=/usr/lib${LIBDIRSUFFIX}/lynx \ --datadir=/usr/share/lynx \ + --mandir=/usr/man \ --enable-default-colors \ --with-screen=ncursesw \ --enable-widec \ @@ -140,7 +136,7 @@ find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ # If there's a ChangeLog, installing at least part of the recent history # is useful, but don't let it get totally out of control: if [ -r CHANGES ]; then - DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + DOCSDIR=$(echo $PKG/usr/share/lynx/lynx_doc) cat CHANGES | head -n 1000 > $DOCSDIR/CHANGES touch -r CHANGES $DOCSDIR/CHANGES fi diff --git a/source/n/lynx/lynx.path.diff b/source/n/lynx/lynx.path.diff deleted file mode 100644 index 045405c9..00000000 --- a/source/n/lynx/lynx.path.diff +++ /dev/null @@ -1,39 +0,0 @@ -diff -Nur lynx2-8-7.orig/userdefs.h lynx2-8-7/userdefs.h ---- lynx2-8-7.orig/userdefs.h 2009-06-06 19:30:35.000000000 -0500 -+++ lynx2-8-7/userdefs.h 2009-12-03 15:47:54.596486242 -0600 -@@ -289,7 +289,7 @@ - #ifdef DOSPATH - #define LYNX_CFG_FILE "./lynx.cfg" - #else --#define LYNX_CFG_FILE "/usr/local/lib/lynx.cfg" -+#define LYNX_CFG_FILE "/etc/lynx.cfg" - #endif /* DOSPATH */ - #endif /* LYNX_CFG_FILE */ - #endif /* HAVE_CONFIG_H */ -@@ -305,7 +305,7 @@ - * Mappings in these global and personal files override any SUFFIX - * definitions in lynx.cfg and built-in defaults from src/HTInit.c. - */ --#define GLOBAL_EXTENSION_MAP MIME_LIBDIR "mime.types" -+#define GLOBAL_EXTENSION_MAP "@SLACK_LIBDIR@/lynx/mime.types" - #define PERSONAL_EXTENSION_MAP "~/.mime.types" - - /************************** -@@ -315,7 +315,7 @@ - * Mappings in these global and personal files override any VIEWER - * definitions in lynx.cfg and built-in defaults from src/HTInit.c. - */ --#define GLOBAL_MAILCAP MIME_LIBDIR "mailcap" -+#define GLOBAL_MAILCAP MIME_LIBDIR "/etc/mailcap" - #define PERSONAL_MAILCAP "~/.mailcap" - - /************************** -@@ -445,7 +445,7 @@ - * -lss command line switch will override these definitions. - */ - #ifndef LYNX_LSS_FILE --#define LYNX_LSS_FILE "/usr/local/lib/lynx.lss" -+#define LYNX_LSS_FILE "/etc/lynx.lss" - #endif /* LYNX_LSS_FILE */ - - #endif /* VMS OR UNIX */ diff --git a/source/n/mailx/heirloom-mailx-12.5-fixes-1.patch b/source/n/mailx/heirloom-mailx-12.5-fixes-1.patch new file mode 100644 index 00000000..fa6d5119 --- /dev/null +++ b/source/n/mailx/heirloom-mailx-12.5-fixes-1.patch @@ -0,0 +1,232 @@ +Submitted By: Ken Moffat <ken at linuxfromscratch dot org> +Date: 2014-12-27 +Initial Package Version: 12.5 +Upstream Status: Unknown +Origin: Changes to remove SSL2 found at debian, remainder from redhat. +Description: Removes support for SSL2 (openssl no longer supports it) +and fixes CVE-2004-2771 [sic] and CVE-2014-7844. + +diff -Naur heirloom-mailx-12.5/extern.h heirloom-mailx-12.5-patched/extern.h +--- heirloom-mailx-12.5/extern.h 2011-04-26 22:23:22.000000000 +0100 ++++ heirloom-mailx-12.5-patched/extern.h 2014-12-27 01:26:59.654169487 +0000 +@@ -396,7 +396,7 @@ + int is_fileaddr(char *name); + struct name *usermap(struct name *names); + struct name *cat(struct name *n1, struct name *n2); +-char **unpack(struct name *np); ++char **unpack(struct name *smopts, struct name *np); + struct name *elide(struct name *names); + int count(struct name *np); + struct name *delete_alternates(struct name *np); +diff -Naur heirloom-mailx-12.5/fio.c heirloom-mailx-12.5-patched/fio.c +--- heirloom-mailx-12.5/fio.c 2011-04-26 22:23:22.000000000 +0100 ++++ heirloom-mailx-12.5-patched/fio.c 2014-12-27 01:27:15.634561413 +0000 +@@ -43,12 +43,15 @@ + #endif /* not lint */ + + #include "rcv.h" ++ ++#ifndef HAVE_WORDEXP ++#error wordexp support is required ++#endif ++ + #include <sys/stat.h> + #include <sys/file.h> + #include <sys/wait.h> +-#ifdef HAVE_WORDEXP + #include <wordexp.h> +-#endif /* HAVE_WORDEXP */ + #include <unistd.h> + + #if defined (USE_NSS) +@@ -481,7 +484,6 @@ + static char * + globname(char *name) + { +-#ifdef HAVE_WORDEXP + wordexp_t we; + char *cp; + sigset_t nset; +@@ -495,7 +497,7 @@ + sigemptyset(&nset); + sigaddset(&nset, SIGCHLD); + sigprocmask(SIG_BLOCK, &nset, NULL); +- i = wordexp(name, &we, 0); ++ i = wordexp(name, &we, WRDE_NOCMD); + sigprocmask(SIG_UNBLOCK, &nset, NULL); + switch (i) { + case 0: +@@ -527,65 +529,6 @@ + } + wordfree(&we); + return cp; +-#else /* !HAVE_WORDEXP */ +- char xname[PATHSIZE]; +- char cmdbuf[PATHSIZE]; /* also used for file names */ +- int pid, l; +- char *cp, *shell; +- int pivec[2]; +- extern int wait_status; +- struct stat sbuf; +- +- if (pipe(pivec) < 0) { +- perror("pipe"); +- return name; +- } +- snprintf(cmdbuf, sizeof cmdbuf, "echo %s", name); +- if ((shell = value("SHELL")) == NULL) +- shell = SHELL; +- pid = start_command(shell, 0, -1, pivec[1], "-c", cmdbuf, NULL); +- if (pid < 0) { +- close(pivec[0]); +- close(pivec[1]); +- return NULL; +- } +- close(pivec[1]); +-again: +- l = read(pivec[0], xname, sizeof xname); +- if (l < 0) { +- if (errno == EINTR) +- goto again; +- perror("read"); +- close(pivec[0]); +- return NULL; +- } +- close(pivec[0]); +- if (wait_child(pid) < 0 && WTERMSIG(wait_status) != SIGPIPE) { +- fprintf(stderr, catgets(catd, CATSET, 81, +- "\"%s\": Expansion failed.\n"), name); +- return NULL; +- } +- if (l == 0) { +- fprintf(stderr, catgets(catd, CATSET, 82, +- "\"%s\": No match.\n"), name); +- return NULL; +- } +- if (l == sizeof xname) { +- fprintf(stderr, catgets(catd, CATSET, 83, +- "\"%s\": Expansion buffer overflow.\n"), name); +- return NULL; +- } +- xname[l] = 0; +- for (cp = &xname[l-1]; *cp == '\n' && cp > xname; cp--) +- ; +- cp[1] = '\0'; +- if (strchr(xname, ' ') && stat(xname, &sbuf) < 0) { +- fprintf(stderr, catgets(catd, CATSET, 84, +- "\"%s\": Ambiguous.\n"), name); +- return NULL; +- } +- return savestr(xname); +-#endif /* !HAVE_WORDEXP */ + } + + /* +diff -Naur heirloom-mailx-12.5/mailx.1 heirloom-mailx-12.5-patched/mailx.1 +--- heirloom-mailx-12.5/mailx.1 2011-04-26 22:23:22.000000000 +0100 ++++ heirloom-mailx-12.5-patched/mailx.1 2014-12-27 01:26:53.838026857 +0000 +@@ -656,6 +656,14 @@ + will have the system wide alias expanded + as all mail goes through sendmail. + .SS "Recipient address specifications" ++If the ++.I expandaddr ++option is not set (the default), recipient addresses must be names of ++local mailboxes or Internet mail addresses. ++.PP ++If the ++.I expandaddr ++option is set, the following rules apply: + When an address is used to name a recipient + (in any of To, Cc, or Bcc), + names of local mail folders +@@ -2391,6 +2399,12 @@ + If this option is set, + \fImailx\fR starts even with an empty mailbox. + .TP ++.B expandaddr ++Causes ++.I mailx ++to expand message recipient addresses, as explained in the section, ++Recipient address specifications. ++.TP + .B flipr + Exchanges the + .I Respond +@@ -3575,7 +3589,7 @@ + .TP + .B ssl-method + Selects a SSL/TLS protocol version; +-valid values are `ssl2', `ssl3', and `tls1'. ++valid values are `ssl3', and `tls1'. + If unset, the method is selected automatically, + if possible. + .TP +diff -Naur heirloom-mailx-12.5/names.c heirloom-mailx-12.5-patched/names.c +--- heirloom-mailx-12.5/names.c 2011-04-26 22:23:22.000000000 +0100 ++++ heirloom-mailx-12.5-patched/names.c 2014-12-27 01:26:59.654169487 +0000 +@@ -268,6 +268,9 @@ + FILE *fout, *fin; + int ispipe; + ++ if (value("expandaddr") == NULL) ++ return names; ++ + top = names; + np = names; + time(&now); +@@ -546,7 +549,7 @@ + * Return an error if the name list won't fit. + */ + char ** +-unpack(struct name *np) ++unpack(struct name *smopts, struct name *np) + { + char **ap, **top; + struct name *n; +@@ -561,7 +564,7 @@ + * the terminating 0 pointer. Additional spots may be needed + * to pass along -f to the host mailer. + */ +- extra = 2; ++ extra = 3 + count(smopts); + extra++; + metoo = value("metoo") != NULL; + if (metoo) +@@ -578,6 +581,10 @@ + *ap++ = "-m"; + if (verbose) + *ap++ = "-v"; ++ for (; smopts != NULL; smopts = smopts->n_flink) ++ if ((smopts->n_type & GDEL) == 0) ++ *ap++ = smopts->n_name; ++ *ap++ = "--"; + for (; n != NULL; n = n->n_flink) + if ((n->n_type & GDEL) == 0) + *ap++ = n->n_name; +diff -Naur heirloom-mailx-12.5/openssl.c heirloom-mailx-12.5-patched/openssl.c +--- heirloom-mailx-12.5/openssl.c 2011-04-26 22:23:22.000000000 +0100 ++++ heirloom-mailx-12.5-patched/openssl.c 2014-12-27 01:26:34.385549867 +0000 +@@ -216,9 +216,7 @@ + + cp = ssl_method_string(uhp); + if (cp != NULL) { +- if (equal(cp, "ssl2")) +- method = SSLv2_client_method(); +- else if (equal(cp, "ssl3")) ++ if (equal(cp, "ssl3")) + method = SSLv3_client_method(); + else if (equal(cp, "tls1")) + method = TLSv1_client_method(); +diff -Naur heirloom-mailx-12.5/sendout.c heirloom-mailx-12.5-patched/sendout.c +--- heirloom-mailx-12.5/sendout.c 2011-04-26 22:23:22.000000000 +0100 ++++ heirloom-mailx-12.5-patched/sendout.c 2014-12-27 01:26:59.654169487 +0000 +@@ -835,7 +835,7 @@ + #endif /* HAVE_SOCKETS */ + + if ((smtp = value("smtp")) == NULL) { +- args = unpack(cat(mailargs, to)); ++ args = unpack(mailargs, to); + if (debug || value("debug")) { + printf(catgets(catd, CATSET, 181, + "Sendmail arguments:")); diff --git a/source/n/mailx/mailx.SlackBuild b/source/n/mailx/mailx.SlackBuild index 30c20ea1..1495b41e 100755 --- a/source/n/mailx/mailx.SlackBuild +++ b/source/n/mailx/mailx.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2016 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,12 +22,12 @@ VERSION=12.5 -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -36,8 +36,8 @@ fi NUMJOBS=${NUMJOBS:-" -j7 "} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" elif [ "$ARCH" = "x86_64" ]; then @@ -56,6 +56,9 @@ cd $TMP rm -rf mailx-$VERSION tar xvf $CWD/mailx-$VERSION.tar.?z* || exit 1 cd mailx-$VERSION || exit 1 + +zcat $CWD/heirloom-mailx-12.5-fixes-1.patch.gz | patch -p1 --verbose || exit 1 + chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ diff --git a/source/n/mcabber/mcabber.SlackBuild b/source/n/mcabber/mcabber.SlackBuild index db46ac67..bef6c821 100755 --- a/source/n/mcabber/mcabber.SlackBuild +++ b/source/n/mcabber/mcabber.SlackBuild @@ -30,7 +30,7 @@ NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -43,8 +43,8 @@ PKG=$TMP/package-${PKGNAM} rm -rf $PKG mkdir -p $TMP $PKG -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" diff --git a/source/n/mobile-broadband-provider-info/mobile-broadband-provider-info.SlackBuild b/source/n/mobile-broadband-provider-info/mobile-broadband-provider-info.SlackBuild index 63dc5959..1ba342b3 100755 --- a/source/n/mobile-broadband-provider-info/mobile-broadband-provider-info.SlackBuild +++ b/source/n/mobile-broadband-provider-info/mobile-broadband-provider-info.SlackBuild @@ -2,7 +2,7 @@ # Slackware build script for mobile-broadband-provider-info -# Copyright 2010, 2011 Robby Workman, Northport, Alabama, USA +# Copyright 2010, 2011, 2015 Robby Workman, Tuscaloosa, Alabama, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -33,7 +33,7 @@ TAG=${TAG:-} MARCH=$( uname -m ) if [ -z "$ARCH" ]; then case "$MARCH" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; armv7hl) export ARCH=$MARCH ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: @@ -46,8 +46,8 @@ TMP=${TMP:-/tmp} PKG=$TMP/package-$PKGNAM OUTPUT=${OUTPUT:-/tmp} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "i686" ]; then SLKCFLAGS="-O2 -march=i686 -mtune=i686" @@ -77,9 +77,6 @@ rm -rf $PKGNAM-$VERSION tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* cd $PKGNAM-$VERSION -# Fix missing @ in .pc file: -zcat $CWD/mobile-broadband-provider-info.pc.diff.gz | patch -p1 --verbose || exit 1 - chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ diff --git a/source/n/mtr/mtr.SlackBuild b/source/n/mtr/mtr.SlackBuild index 203af85c..c3b4ded8 100755 --- a/source/n/mtr/mtr.SlackBuild +++ b/source/n/mtr/mtr.SlackBuild @@ -29,7 +29,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -38,8 +38,8 @@ fi NUMJOBS=${NUMJOBS:-" -j7 "} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" elif [ "$ARCH" = "x86_64" ]; then diff --git a/source/n/mutt/mutt.SlackBuild b/source/n/mutt/mutt.SlackBuild index e7574980..dddc2cb8 100755 --- a/source/n/mutt/mutt.SlackBuild +++ b/source/n/mutt/mutt.SlackBuild @@ -1,5 +1,5 @@ #!/bin/sh -# Copyright 2002-2010 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2002-2015 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -26,7 +26,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -37,10 +37,10 @@ TMP=${TMP:-/tmp} CWD=`pwd` NUMJOBS=${NUMJOBS:-" -j7 "} -if [ "$ARCH" = "i386" ]; then - SLKCFLAGS="-O2 -march=i386 -mcpu=i686" -elif [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mcpu=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" elif [ "$ARCH" = "x86_64" ]; then diff --git a/source/n/net-snmp/net-snmp.SlackBuild b/source/n/net-snmp/net-snmp.SlackBuild index 3214d47d..864fdd5a 100755 --- a/source/n/net-snmp/net-snmp.SlackBuild +++ b/source/n/net-snmp/net-snmp.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2014 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -23,12 +23,12 @@ PKGNAM=net-snmp VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-3} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -41,8 +41,8 @@ PKG=$TMP/package-${PKGNAM} rm -rf $PKG mkdir -p $TMP $PKG -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -70,6 +70,10 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; +# Fix destdir for python modules +sed -i "s|\$(PYMAKE) install|\$(PYMAKE) install --root=$PKG|" \ + Makefile.in + # Configure: CFLAGS="$SLKCFLAGS" \ ./configure \ @@ -90,12 +94,9 @@ CFLAGS="$SLKCFLAGS" \ --without-rpm \ --program-suffix= \ --program-prefix= \ - --with-mib-modules="ucd-snmp/lmsensorsMib" \ - --build=$ARCH-slackware-linux - -# This appears to require additional third-party python modules? -# Maybe something for later. -# --with-python-modules + --with-mib-modules="ucd-snmp/lmsensorsMib ucd-snmp/diskio" \ + --with-python-modules \ + --build=$ARCH-slackware-linux || exit 1 # Build and install: # This seems to not play well with "-j N"... @@ -111,7 +112,7 @@ fi mkdir -p $PKG/usr mv $PKG/usr/share/man $PKG/usr -mkdir -p $PKG/var/lib/net-snmp +mkdir -p $PKG/var/lib/net-snmp/{cert,mib}_indexes mkdir -p $PKG/etc/snmp zcat $CWD/snmpd.conf.gz > $PKG/etc/snmp/snmpd.conf.new mkdir -p $PKG/etc/rc.d diff --git a/source/n/netatalk/netatalk.SlackBuild b/source/n/netatalk/netatalk.SlackBuild index 1311736a..e3bed0c9 100755 --- a/source/n/netatalk/netatalk.SlackBuild +++ b/source/n/netatalk/netatalk.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2012, 2015 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,22 +22,22 @@ VERSION=${VERSION:-$(echo netatalk-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-4} +BUILD=${BUILD:-6} NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac fi -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -72,6 +72,7 @@ zcat $CWD/netatalk.etc2ps.diff.gz | patch -p1 || exit 1 autoreconf -vif CFLAGS="$SLKCFLAGS" \ +CPPFLAGS="-D_IPP_PRIVATE_STRUCTURES" \ ./configure \ --prefix=/usr \ --libdir=/usr/lib${LIBDIRSUFFIX} \ diff --git a/source/n/netkit-ftp/netkit-ftp.SlackBuild b/source/n/netkit-ftp/netkit-ftp.SlackBuild index cb3deecd..f71e5ab6 100755 --- a/source/n/netkit-ftp/netkit-ftp.SlackBuild +++ b/source/n/netkit-ftp/netkit-ftp.SlackBuild @@ -22,7 +22,7 @@ VERSION=0.17 -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -46,7 +46,8 @@ rm -rf netkit-ftp-$VERSION tar xzvf $CWD/netkit-ftp-$VERSION.tar.gz || exit 1 cd netkit-ftp-$VERSION chown -R root:root . -./configure --prefix=/usr +for patch in $CWD/patches/* ; do patch -p1 < $patch ; done +./configure --prefix=/usr --enable-ipv6 make || exit 1 cd ftp strip ftp diff --git a/source/n/netkit-ftp/patches/01-netkit-ftp-0.17-pre20000412.pasv-security.patch b/source/n/netkit-ftp/patches/01-netkit-ftp-0.17-pre20000412.pasv-security.patch new file mode 100644 index 00000000..215d8269 --- /dev/null +++ b/source/n/netkit-ftp/patches/01-netkit-ftp-0.17-pre20000412.pasv-security.patch @@ -0,0 +1,49 @@ +diff -urN netkit-ftp-0.17-pre20000412/ftp/ftp.1 netkit-ftp-0.17-pre20000412.new/ftp/ftp.1 +--- netkit-ftp-0.17-pre20000412/ftp/ftp.1 Thu Apr 13 03:56:03 2000 ++++ netkit-ftp-0.17-pre20000412.new/ftp/ftp.1 Wed Aug 16 14:13:10 2000 +@@ -62,8 +62,10 @@ + Use passive mode for data transfers. Allows use of ftp in environments + where a firewall prevents connections from the outside world back to + the client machine. Requires that the ftp server support the PASV +-command. This is the default if invoked as +-.Nm pftp. ++command. This is the default now for ++.Nm all ++clients (ftp and pftp) due to security concerns using the PORT transfer mode. ++The flag is kept for compatibility only and has no effect anymore. + .It Fl i + Turns off interactive prompting during multiple file transfers. + .It Fl n +diff -urN netkit-ftp-0.17-pre20000412/ftp/ftp.c netkit-ftp-0.17-pre20000412.new/ftp/ftp.c +--- netkit-ftp-0.17-pre20000412/ftp/ftp.c Mon Dec 13 21:33:20 1999 ++++ netkit-ftp-0.17-pre20000412.new/ftp/ftp.c Wed Aug 16 14:12:50 2000 +@@ -883,7 +883,7 @@ + } + if (fstat(fileno(fout), &st) < 0 || st.st_blksize == 0) + st.st_blksize = BUFSIZ; +- if (st.st_blksize > bufsize) { ++ if ((unsigned)st.st_blksize > bufsize) { + if (buf) + (void) free(buf); + buf = malloc((unsigned)st.st_blksize); +diff -urN netkit-ftp-0.17-pre20000412/ftp/main.c netkit-ftp-0.17-pre20000412.new/ftp/main.c +--- netkit-ftp-0.17-pre20000412/ftp/main.c Sat Oct 2 15:25:23 1999 ++++ netkit-ftp-0.17-pre20000412.new/ftp/main.c Wed Aug 16 13:58:57 2000 +@@ -87,7 +87,7 @@ + usage(void) + { + printf("\n\tUsage: { ftp | pftp } [-pinegvtd] [hostname]\n"); +- printf("\t -p: enable passive mode (default for pftp)\n"); ++ printf("\t -p: enable passive mode (default for ftp and pftp)\n"); + printf("\t -i: turn off prompting during mget\n"); + printf("\t -n: inhibit auto-login\n"); + printf("\t -e: disable readline support, if present\n"); +@@ -118,7 +118,7 @@ + doglob = 1; + interactive = 1; + autologin = 1; +- passivemode = 0; ++ passivemode = 1; + + cp = strrchr(argv[0], '/'); + cp = (cp == NULL) ? argv[0] : cp+1; diff --git a/source/n/netkit-ftp/patches/02-netkit-ftp-0.17-acct.patch b/source/n/netkit-ftp/patches/02-netkit-ftp-0.17-acct.patch new file mode 100644 index 00000000..aaadc1f0 --- /dev/null +++ b/source/n/netkit-ftp/patches/02-netkit-ftp-0.17-acct.patch @@ -0,0 +1,12 @@ +--- netkit-ftp-0.17/ftp/ftp.c.acct Sun Jan 21 00:08:29 2001 ++++ netkit-ftp-0.17/ftp/ftp.c Sun Jan 21 00:09:04 2001 +@@ -254,7 +254,8 @@ + if (n == CONTINUE) { + aflag++; + /* fflush(stdout); */ +- zacct = getpass("Account:"); ++ if(zacct==NULL) ++ zacct = getpass("Account:"); + n = command("ACCT %s", zacct); + } + if (n != COMPLETE) { diff --git a/source/n/netkit-ftp/patches/03-netkit-ftp.usagi-ipv6.patch b/source/n/netkit-ftp/patches/03-netkit-ftp.usagi-ipv6.patch new file mode 100644 index 00000000..59a51009 --- /dev/null +++ b/source/n/netkit-ftp/patches/03-netkit-ftp.usagi-ipv6.patch @@ -0,0 +1,928 @@ +diff -uNr netkit-ftp-0.17/CVS/Entries netkit-ftp/CVS/Entries +diff -uNr netkit-ftp-0.17/ChangeLog netkit-ftp/ChangeLog +--- netkit-ftp-0.17/ChangeLog Sun Jul 23 04:38:08 2000 ++++ netkit-ftp/ChangeLog Tue Nov 28 03:50:10 2000 +@@ -1,3 +1,6 @@ ++28-Nov-2000: ++ IPv6 support. (Hiroyuki YAMAMORI <h-yamamo@db3.so-net.ne.jp>) ++ + 8-Jul-2000: + Fix misused printf-function call (not %n-exploitable though). + +diff -uNr netkit-ftp-0.17/configure netkit-ftp/configure +--- netkit-ftp-0.17/configure Sat Jul 29 21:00:28 2000 ++++ netkit-ftp/configure Sat Jan 27 06:14:54 2001 +@@ -24,6 +24,7 @@ + --binmode=mode Mode for binaries [755] + --manmode=mode Mode for manual pages [644] + --with-c-compiler=cc Program for compiling C source [guessed] ++ --enable-ipv6 Enable IPv6 support + EOF + exit 0;; + --verbose) ;; +@@ -39,6 +40,11 @@ + --manmode=*) MANMODE=`echo $1 | sed 's/^[^=]*=//'` ;; + --with-c-compiler=*) CC=`echo $1 | sed 's/^[^=]*=//'` ;; + --without-readline|--disable-readline) WITHOUT_READLINE=1;; ++ ++ --disable-ipv6) ENABLE_IPV6=no;; ++ --enable-ipv6=*) ENABLE_IPV6=`echo $1 | sed 's/^[^=]*=//'`;; ++ --enable-ipv6) ENABLE_IPV6=yes;; ++ + *) echo "Unrecognized option: $1"; exit 1;; + esac + shift +@@ -142,6 +148,42 @@ + + LDFLAGS= + LIBS= ++ ++rm -f __conftest* ++ ++################################################## ++## Enable IPv6 ++echo -n "Whether to enable IPv6 support... " ++if [ x"$ENABLE_IPV6" = x"yes" ]; then ++ echo yes ++ CFLAGS="$CFLAGS -DINET6" ++else ++ echo no ++fi ++ ++rm -f __conftest* ++ ++## Search IPv6 Library / Headers ++if [ x"$ENABLE_IPV6" = x"yes" ]; then ++ echo -n "Search for IPv6 library... " ++ inet6libdirs="/usr/local/v6/lib /usr/local/lib /usr /usr/inet6/lib" ++ inet6libs="inet6" ++ inet6found=no ++ for inet6libdir in $inet6libdirs; do ++ for inet6lib in $inet6libs; do ++ if [ -d $inet6libdir ] && [ -f $inet6libdir/lib$inet6lib.a ]; then ++ inet6found=yes ++ break 2 ++ fi ++ done ++ done ++ if [ x"$inet6found" = x"yes" ]; then ++ echo "$inet6libdir/lib$inet6lib.a" ++ LIBS="$LIBS -L$inet6libdir -l$inet6lib" ++ else ++ echo "not found" ++ fi ++fi + + rm -f __conftest* + +diff -uNr netkit-ftp-0.17/ftp/CVS/Entries netkit-ftp/ftp/CVS/Entries +--- netkit-ftp-0.17/ftp/CVS/Entries Thu Jan 1 02:00:00 1970 ++++ netkit-ftp/ftp/CVS/Entries Mon Feb 19 06:50:49 2001 +@@ -0,0 +1,16 @@ ++/.cvsignore/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/Makefile/1.4/Sat Jan 27 05:57:08 2001// ++/cmds.c/1.3/Fri Jan 12 21:36:27 2001// ++/cmds.h/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/cmdtab.c/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/domacro.c/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/ftp.1/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/ftp.c/1.11/Sun Feb 11 12:26:59 2001// ++/ftp_var.h/1.3/Fri Jan 12 21:36:27 2001// ++/glob.c/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/glob.h/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/main.c/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/netrc.5/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/pathnames.h/1.1.1.1/Fri Nov 3 19:18:15 2000// ++/ruserpass.c/1.1.1.1/Fri Nov 3 19:18:15 2000// ++D +diff -uNr netkit-ftp-0.17/ftp/CVS/Repository netkit-ftp/ftp/CVS/Repository +--- netkit-ftp-0.17/ftp/CVS/Repository Thu Jan 1 02:00:00 1970 ++++ netkit-ftp/ftp/CVS/Repository Mon Feb 19 06:50:49 2001 +@@ -0,0 +1 @@ ++usagi/src/netkit-ftp/ftp +diff -uNr netkit-ftp-0.17/ftp/CVS/Root netkit-ftp/ftp/CVS/Root +--- netkit-ftp-0.17/ftp/CVS/Root Thu Jan 1 02:00:00 1970 ++++ netkit-ftp/ftp/CVS/Root Mon Feb 19 06:50:49 2001 +@@ -0,0 +1 @@ ++:pserver:anoncvs@anoncvs.linux-ipv6.org:/cvsroot/usagi +diff -uNr netkit-ftp-0.17/ftp/Makefile netkit-ftp/ftp/Makefile +--- netkit-ftp-0.17/ftp/Makefile Sun Aug 1 09:00:12 1999 ++++ netkit-ftp/ftp/Makefile Sat Jan 27 07:57:08 2001 +@@ -16,10 +16,13 @@ + cmds.o glob.o: glob.h + + install: ftp ++ install -d $(INSTALLROOT)$(BINDIR) + install -s -m$(BINMODE) ftp $(INSTALLROOT)$(BINDIR) + ln -sf ftp $(INSTALLROOT)$(BINDIR)/pftp ++ install -d $(INSTALLROOT)$(MANDIR)/man1 + install -m$(MANMODE) ftp.1 $(INSTALLROOT)$(MANDIR)/man1 + ln -sf ftp.1 $(INSTALLROOT)$(MANDIR)/man1/pftp.1 ++ install -d $(INSTALLROOT)$(MANDIR)/man5 + install -m$(MANMODE) netrc.5 $(INSTALLROOT)$(MANDIR)/man5 + + clean: +diff -uNr netkit-ftp-0.17/ftp/cmds.c netkit-ftp/ftp/cmds.c +--- netkit-ftp-0.17/ftp/cmds.c Sun Jul 23 04:36:59 2000 ++++ netkit-ftp/ftp/cmds.c Fri Jan 12 23:36:27 2001 +@@ -1,3 +1,5 @@ ++/* $USAGI$ */ ++ + /* + * Copyright (c) 1985, 1989 Regents of the University of California. + * All rights reserved. +@@ -35,7 +37,7 @@ + * from: @(#)cmds.c 5.26 (Berkeley) 3/5/91 + */ + char cmds_rcsid[] = +- "$Id: cmds.c,v 1.33 2000/07/23 01:36:59 dholland Exp $"; ++ "$Id: cmds.c,v 1.3 2001/01/12 21:36:27 sekiya Exp $"; + + /* + * FTP User Program -- Command Routines. +@@ -190,7 +192,7 @@ + setpeer(int argc, char *argv[]) + { + char *host; +- unsigned short port; ++ char *port; + + if (connected) { + printf("Already connected to %s, use close first.\n", +@@ -205,22 +207,17 @@ + code = -1; + return; + } +- port = ftp_port; ++ port = NULL; + if (argc > 2) { +- port = atoi(argv[2]); +- if (port < 1) { +- printf("%s: bad port number-- %s\n", argv[1], argv[2]); +- printf ("usage: %s host-name [port]\n", argv[0]); +- code = -1; +- return; +- } +- port = htons(port); ++ port = argv[2]; + } + host = hookup(argv[1], port); + if (host) { + int overbose; + + connected = 1; ++ try_epsv = 1; ++ try_eprt = 1; + /* + * Set up defaults for FTP. + */ +diff -uNr netkit-ftp-0.17/ftp/cmdtab.c netkit-ftp/ftp/cmdtab.c +--- netkit-ftp-0.17/ftp/cmdtab.c Tue Sep 28 18:36:05 1999 ++++ netkit-ftp/ftp/cmdtab.c Fri Nov 3 21:18:15 2000 +@@ -35,7 +35,7 @@ + * from: @(#)cmdtab.c 5.10 (Berkeley) 6/1/90 + */ + char cmdtab_rcsid[] = +- "$Id: cmdtab.c,v 1.8 1999/09/28 15:36:05 dholland Exp $"; ++ "$Id: cmdtab.c,v 1.1.1.1 2000/11/03 19:18:15 mk Exp $"; + + #include <string.h> /* for NULL */ + #include "ftp_var.h" +diff -uNr netkit-ftp-0.17/ftp/domacro.c netkit-ftp/ftp/domacro.c +--- netkit-ftp-0.17/ftp/domacro.c Thu Aug 15 02:27:28 1996 ++++ netkit-ftp/ftp/domacro.c Fri Nov 3 21:18:15 2000 +@@ -35,7 +35,7 @@ + * from: @(#)domacro.c 1.8 (Berkeley) 9/28/90 + */ + char domacro_rcsid[] = +- "$Id: domacro.c,v 1.4 1996/08/14 23:27:28 dholland Exp $"; ++ "$Id: domacro.c,v 1.1.1.1 2000/11/03 19:18:15 mk Exp $"; + + #include <errno.h> + #include <ctype.h> +diff -uNr netkit-ftp-0.17/ftp/ftp.1 netkit-ftp/ftp/ftp.1 +--- netkit-ftp-0.17/ftp/ftp.1 Mon Jul 31 02:56:59 2000 ++++ netkit-ftp/ftp/ftp.1 Fri Nov 3 21:18:15 2000 +@@ -30,7 +30,7 @@ + .\" SUCH DAMAGE. + .\" + .\" from: @(#)ftp.1 6.18 (Berkeley) 7/30/91 +-.\" $Id: ftp.1,v 1.14 2000/07/30 23:56:59 dholland Exp $ ++.\" $Id: ftp.1,v 1.1.1.1 2000/11/03 19:18:15 mk Exp $ + .\" + .Dd August 15, 1999 + .Dt FTP 1 +diff -uNr netkit-ftp-0.17/ftp/ftp.c netkit-ftp/ftp/ftp.c +--- netkit-ftp-0.17/ftp/ftp.c Mon Dec 13 22:33:20 1999 ++++ netkit-ftp/ftp/ftp.c Sun Feb 11 14:26:59 2001 +@@ -1,3 +1,34 @@ ++/* $USAGI$ */ ++ ++/* ++ * Copyright (C) 1997 and 1998 WIDE Project. ++ * All rights reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions ++ * are met: ++ * 1. Redistributions of source code must retain the above copyright ++ * notice, this list of conditions and the following disclaimer. ++ * 2. Redistributions in binary form must reproduce the above copyright ++ * notice, this list of conditions and the following disclaimer in the ++ * documentation and/or other materials provided with the distribution. ++ * 3. Neither the name of the project nor the names of its contributors ++ * may be used to endorse or promote products derived from this software ++ * without specific prior written permission. ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND ++ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ++ * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE ++ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL ++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS ++ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) ++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT ++ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY ++ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF ++ * SUCH DAMAGE. ++ */ ++ + /* + * Copyright (c) 1985, 1989 Regents of the University of California. + * All rights reserved. +@@ -35,7 +66,7 @@ + * From: @(#)ftp.c 5.38 (Berkeley) 4/22/91 + */ + char ftp_rcsid[] = +- "$Id: ftp.c,v 1.25 1999/12/13 20:33:20 dholland Exp $"; ++ "$Id: ftp.c,v 1.11 2001/02/11 12:26:59 yoshfuji Exp $"; + + #include <sys/param.h> + #include <sys/stat.h> +@@ -63,14 +94,38 @@ + #include "ftp_var.h" + #include "cmds.h" + ++#ifdef _USAGI ++#include "version.h" ++#else + #include "../version.h" ++#endif ++ ++union sockunion { ++ struct sockinet { ++ u_short si_family; ++ u_short si_port; ++ } su_si; ++ struct sockaddr su_sa; ++ struct sockaddr_in su_sin; ++#ifdef INET6 ++ struct sockaddr_in6 su_sin6; ++#endif ++}; ++#define su_family su_sa.sa_family ++#define su_port su_si.si_port ++ ++#ifdef INET6 ++#define ex_af2prot(a) (a == AF_INET ? 1 : (a == AF_INET6 ? 2 : 0)) ++#else ++#define ex_af2prot(a) (a == AF_INET ? 1 : 0) ++#endif + + int data = -1; + off_t restart_point = 0; + +-static struct sockaddr_in hisctladdr; +-static struct sockaddr_in data_addr; +-static struct sockaddr_in myctladdr; ++static union sockunion hisctladdr; ++static union sockunion data_addr; ++static union sockunion myctladdr; + static int ptflag = 0; + static sigjmp_buf recvabort; + static sigjmp_buf sendabort; +@@ -96,79 +151,119 @@ + static FILE *dataconn(const char *); + + char * +-hookup(char *host, int port) ++hookup(const char *host, const char *port) + { +- register struct hostent *hp = 0; +- int s, tos; ++ int s, tos, error; + socklen_t len; + static char hostnamebuf[256]; +- ++ struct addrinfo hints, *res, *res0; ++ char hbuf[MAXHOSTNAMELEN], pbuf[NI_MAXSERV]; ++ char *cause = "ftp: unknown"; ++ ++ if (port) { ++ strncpy(pbuf, port, sizeof(pbuf) - 1); ++ pbuf[sizeof(pbuf) - 1] = '\0'; ++ } else { ++ sprintf(pbuf, "%d", ntohs(ftp_port)); ++ } + memset(&hisctladdr, 0, sizeof(hisctladdr)); +- if (inet_aton(host, &hisctladdr.sin_addr)) { +- hisctladdr.sin_family = AF_INET; +- strncpy(hostnamebuf, host, sizeof(hostnamebuf)); +- hostnamebuf[sizeof(hostnamebuf)-1]=0; +- } +- else { +- hp = gethostbyname(host); +- if (hp == NULL) { +- fprintf(stderr, "ftp: %s: ", host); +- herror((char *)NULL); +- code = -1; +- return((char *) 0); ++ memset(&hints, 0, sizeof(hints)); ++ hints.ai_flags = AI_CANONNAME; ++ hints.ai_socktype = SOCK_STREAM; ++ error = getaddrinfo(host, pbuf, &hints, &res0); ++ if (error) { ++ if (port) { ++ strcpy(hbuf, " "); ++ } else { ++ hbuf[0] = '\0'; ++ pbuf[0] = '\0'; + } +- hisctladdr.sin_family = hp->h_addrtype; +- if (hp->h_length > (int)sizeof(hisctladdr.sin_addr)) { +- hp->h_length = sizeof(hisctladdr.sin_addr); +- } +- memcpy(&hisctladdr.sin_addr, hp->h_addr_list[0], hp->h_length); +- (void) strncpy(hostnamebuf, hp->h_name, sizeof(hostnamebuf)); +- hostnamebuf[sizeof(hostnamebuf)-1] = 0; +- } +- hostname = hostnamebuf; +- s = socket(hisctladdr.sin_family, SOCK_STREAM, 0); +- if (s < 0) { +- perror("ftp: socket"); ++ fprintf(stderr, "ftp: %s%s%s: %s\n", host, hbuf, pbuf, ++ gai_strerror(error)); + code = -1; + return (0); + } +- hisctladdr.sin_port = port; +- while (connect(s, (struct sockaddr *)&hisctladdr, sizeof (hisctladdr)) < 0) { +- if (hp && hp->h_addr_list[1]) { +- int oerrno = errno; +- +- fprintf(stderr, "ftp: connect to address %s: ", +- inet_ntoa(hisctladdr.sin_addr)); +- errno = oerrno; +- perror((char *) 0); +- hp->h_addr_list++; +- memcpy(&hisctladdr.sin_addr, hp->h_addr_list[0], +- hp->h_length); +- fprintf(stdout, "Trying %s...\n", +- inet_ntoa(hisctladdr.sin_addr)); +- (void) close(s); +- s = socket(hisctladdr.sin_family, SOCK_STREAM, 0); +- if (s < 0) { +- perror("ftp: socket"); +- code = -1; +- return (0); ++ ++ if (res0->ai_canonname) { ++ struct addrinfo h, *a; ++ memset(&h, 0, sizeof(h)); ++ h.ai_family = PF_UNSPEC; ++ h.ai_socktype = SOCK_STREAM; ++ h.ai_flags = AI_NUMERICHOST; ++ if (!getaddrinfo(res0->ai_canonname, NULL, &h, &a)) { ++ strncpy(hostnamebuf, res0->ai_canonname, sizeof(hostnamebuf)); ++ freeaddrinfo(a); ++ } else ++ strncpy(hostnamebuf, host, sizeof(hostnamebuf)); ++ } ++ else ++ strncpy(hostnamebuf, host, sizeof(hostnamebuf)); ++ hostnamebuf[sizeof(hostnamebuf) - 1] = '\0'; ++ hostname = hostnamebuf; ++ ++ s = -1; ++ for (res = res0; res; res = res->ai_next) { ++ if (!ex_af2prot(res->ai_family)) { ++ cause = "ftp: mismatch address family"; ++ errno = EPROTONOSUPPORT; ++ continue; ++ } ++ if ((size_t)res->ai_addrlen > sizeof(hisctladdr)) { ++ cause = "ftp: mismatch struct sockaddr size"; ++ errno = EPROTO; ++ continue; ++ } ++ if (getnameinfo(res->ai_addr, res->ai_addrlen, ++ hbuf, sizeof(hbuf), NULL, 0, ++ NI_NUMERICHOST)) ++ strcpy(hbuf, "???"); ++ if (res0->ai_next) /* if we have multiple possibilities */ ++ fprintf(stdout, "Trying %s...\n", hbuf); ++ s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); ++ if (s < 0) { ++ cause = "ftp: socket"; ++ continue; ++ } ++ while ((error = connect(s, res->ai_addr, res->ai_addrlen)) < 0 ++ && errno == EINTR) { ++ ; ++ } ++ if (error) { ++ /* this "if" clause is to prevent print warning twice */ ++ if (res->ai_next) { ++ fprintf(stderr, ++ "ftp: connect to address %s", hbuf); ++ perror(""); + } ++ cause = "ftp: connect"; ++ close(s); ++ s = -1; + continue; + } +- perror("ftp: connect"); ++ /* finally we got one */ ++ break; ++ } ++ if (s < 0) { ++ perror(cause); + code = -1; +- goto bad; ++ freeaddrinfo(res0); ++ return NULL; + } +- len = sizeof (myctladdr); ++ len = res->ai_addrlen; ++ memcpy(&hisctladdr, res->ai_addr, len); ++ freeaddrinfo(res0); + if (getsockname(s, (struct sockaddr *)&myctladdr, &len) < 0) { + perror("ftp: getsockname"); + code = -1; + goto bad; + } + #ifdef IP_TOS ++ if (hisctladdr.su_family == AF_INET) ++ { + tos = IPTOS_LOWDELAY; + if (setsockopt(s, IPPROTO_IP, IP_TOS, (char *)&tos, sizeof(int)) < 0) + perror("ftp: setsockopt TOS (ignored)"); ++ } + #endif + cin = fdopen(s, "r"); + cout = fdopen(s, "w"); +@@ -182,7 +277,7 @@ + goto bad; + } + if (verbose) +- printf("Connected to %s.\n", hostname); ++ printf("Connected to %s (%s).\n", hostname, hbuf); + if (getreply(0) > 2) { /* read startup message from server */ + if (cin) + (void) fclose(cin); +@@ -392,8 +487,10 @@ + } + if (dig < 4 && isdigit(c)) + code = code * 10 + (c - '0'); +- if (!pflag && code == 227) ++ if (!pflag && (code == 227 || code == 228)) + pflag = 1; ++ else if (!pflag && code == 229) ++ pflag = 100; + if (dig > 4 && pflag == 1 && isdigit(c)) + pflag = 2; + if (pflag == 2) { +@@ -405,6 +502,8 @@ + pflag = 3; + } + } ++ if (pflag == 100 && c == '(') ++ pflag = 2; + if (dig == 4 && c == '-') { + if (continuation) + code = 0; +@@ -1083,15 +1182,25 @@ + static int + initconn(void) + { +- register char *p, *a; ++ u_char *p, *a; + int result, tmpno = 0; + socklen_t len; + int on = 1; +- int tos; +- u_long a1,a2,a3,a4,p1,p2; +- ++ int tos, error = 0; ++ u_int ad[16], po[2], af, alen, plen; ++ char *pasvcmd = NULL; ++ char hbuf[MAXHOSTNAMELEN], pbuf[NI_MAXSERV]; ++ ++#ifdef INET6 ++ if (myctladdr.su_family == AF_INET6 ++ && (IN6_IS_ADDR_LINKLOCAL(&myctladdr.su_sin6.sin6_addr) ++ || IN6_IS_ADDR_SITELOCAL(&myctladdr.su_sin6.sin6_addr))) { ++ fprintf(stderr, "use of scoped address can be troublesome\n"); ++ } ++#endif + if (passivemode) { +- data = socket(AF_INET, SOCK_STREAM, 0); ++ data_addr = hisctladdr; ++ data = socket(data_addr.su_family, SOCK_STREAM, 0); + if (data < 0) { + perror("ftp: socket"); + return(1); +@@ -1100,52 +1209,203 @@ + setsockopt(data, SOL_SOCKET, SO_DEBUG, (char *)&on, + sizeof (on)) < 0) + perror("ftp: setsockopt (ignored)"); +- if (command("PASV") != COMPLETE) { ++ switch (data_addr.su_family) { ++ case AF_INET: ++#if 0 ++ if (try_epsv) { ++ result = command(pasvcmd = "EPSV 1"); ++ if (code / 10 == 22 && code != 229) { ++ fprintf(stderr, ++ "wrong server: return code must be 229\n"); ++ result = COMPLETE + 1; ++ } ++ } else { ++#endif ++ result = COMPLETE + 1; ++ ++ if (result != COMPLETE) { ++ try_epsv = 0; ++ result = command(pasvcmd = "PASV"); ++ } ++ break; ++#ifdef INET6 ++ case AF_INET6: ++ if (try_epsv) { ++ result = command(pasvcmd = "EPSV 2"); ++ if (code / 10 == 22 && code != 229) { ++ fprintf(stderr, ++ "wrong server: return code must be 229\n"); ++ result = COMPLETE + 1; ++ } ++ } else { ++ result = COMPLETE + 1; ++ } ++ if (result != COMPLETE) { ++ try_epsv = 0; ++ result = command(pasvcmd = "LPSV"); ++ } ++ break; ++#endif ++ default: ++ result = COMPLETE + 1; ++ break; ++ } ++ if (result != COMPLETE) { + printf("Passive mode refused.\n"); +- return(1); ++ goto bad; + } + ++#define pack2(var) \ ++ (((var[0] & 0xff) << 8) | ((var[1] & 0xff) << 0)) ++#define pack4(var) \ ++ ((((var)[0] & 0xff) << 24) | (((var)[1] & 0xff) << 16) | \ ++ (((var)[2] & 0xff) << 8) | (((var)[3] & 0xff) << 0)) ++ + /* + * What we've got at this point is a string of comma separated + * one-byte unsigned integer values, separated by commas. +- * The first four are the an IP address. The fifth is the MSB +- * of the port number, the sixth is the LSB. From that we'll +- * prepare a sockaddr_in. + */ +- +- if (sscanf(pasv,"%ld,%ld,%ld,%ld,%ld,%ld", +- &a1,&a2,&a3,&a4,&p1,&p2) +- != 6) +- { +- printf("Passive mode address scan failure. Shouldn't happen!\n"); +- return(1); ++ error = 0; ++ if (strcmp(pasvcmd, "PASV") == 0) { ++ if (data_addr.su_family != AF_INET) { ++ error = 2; ++ goto psv_done; ++ } ++ if (code / 10 == 22 && code != 227) { ++ error = 227; ++ goto psv_done; ++ } ++ if (sscanf(pasv, "%u,%u,%u,%u,%u,%u", ++ &ad[0], &ad[1], &ad[2], &ad[3], ++ &po[0], &po[1]) != 6) { ++ error = 1; ++ goto psv_done; ++ } ++ data_addr.su_sin.sin_addr.s_addr = htonl(pack4(ad)); ++ data_addr.su_port = htons(pack2(po)); ++ } else ++ if (strcmp(pasvcmd, "LPSV") == 0) { ++ if (code / 10 == 22 && code != 228) { ++ error = 228; ++ goto psv_done; ++ } ++ switch (data_addr.su_family) { ++ case AF_INET: ++ if (sscanf(pasv, "%u,%u,%u,%u,%u,%u,%u,%u,%u", ++ &af, &alen, ++ &ad[0], &ad[1], &ad[2], &ad[3], ++ &plen, &po[0], &po[1]) != 9) { ++ error = 1; ++ goto psv_done; ++ } ++ if (af != 4 || alen != 4 || plen != 2) { ++ error = 2; ++ goto psv_done; ++ } ++ data_addr.su_sin.sin_addr.s_addr = ++ htonl(pack4(ad)); ++ data_addr.su_port = htons(pack2(po)); ++ break; ++#ifdef INET6 ++ case AF_INET6: ++ if (sscanf(pasv, ++ "%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u,%u", ++ &af, &alen, ++ &ad[0], &ad[1], &ad[2], &ad[3], ++ &ad[4], &ad[5], &ad[6], &ad[7], ++ &ad[8], &ad[9], &ad[10], &ad[11], ++ &ad[12], &ad[13], &ad[14], &ad[15], ++ &plen, &po[0], &po[1]) != 21) { ++ error = 1; ++ goto psv_done; ++ } ++ if (af != 6 || alen != 16 || plen != 2) { ++ error = 2; ++ goto psv_done; ++ } ++ data_addr.su_sin6.sin6_addr.s6_addr32[0] = ++ htonl(pack4(ad)); ++ data_addr.su_sin6.sin6_addr.s6_addr32[1] = ++ htonl(pack4(ad+4)); ++ data_addr.su_sin6.sin6_addr.s6_addr32[2] = ++ htonl(pack4(ad+8)); ++ data_addr.su_sin6.sin6_addr.s6_addr32[3] = ++ htonl(pack4(ad+12)); ++ data_addr.su_port = htons(pack2(po)); ++ break; ++#endif ++ default: ++ error = 1; ++ } ++ } else if (strncmp(pasvcmd, "EPSV", 4) == 0) { ++ char delim[4]; ++ u_int epsvpo; ++ ++ if (code / 10 == 22 && code != 229) { ++ error = 229; ++ goto psv_done; ++ } ++ if (sscanf(pasv, "%c%c%c%u%c", &delim[0], &delim[1], ++ &delim[2], &epsvpo, &delim[3]) != 5) { ++ error = 1; ++ goto psv_done; ++ } ++ if (delim[0] != delim[1] || delim[0] != delim[2] ++ || delim[0] != delim[3]) { ++ error = 1; ++ goto psv_done; ++ } ++ data_addr.su_port = htons(epsvpo); ++ } else { ++ error = 1; ++ } ++psv_done: ++ switch (error) { ++ case 0: ++ break; ++ case 1: ++ fprintf(stderr, ++ "Passive mode address scan failure. Shouldn't happen!\n"); ++ goto bad; ++ case 2: ++ fprintf(stderr, ++ "Passive mode AF mismatch. Shouldn't happen!\n"); ++ goto bad; ++ case 227: ++ case 228: ++ case 229: ++ fprintf(stderr, ++ "wrong server: return code must be %d\n", error); ++ goto bad; ++ default: ++ fprintf(stderr, "Bug\n"); + } + +- data_addr.sin_family = AF_INET; +- data_addr.sin_addr.s_addr = htonl((a1 << 24) | (a2 << 16) | +- (a3 << 8) | a4); +- data_addr.sin_port = htons((p1 << 8) | p2); +- + if (connect(data, (struct sockaddr *) &data_addr, +- sizeof(data_addr))<0) { ++ (data_addr.su_family == AF_INET ? ++ sizeof(data_addr.su_sin) : ++ sizeof(data_addr.su_sin6)))<0) { + perror("ftp: connect"); + return(1); + } + #ifdef IP_TOS ++ if (data_addr.su_family == AF_INET) ++ { + tos = IPTOS_THROUGHPUT; + if (setsockopt(data, IPPROTO_IP, IP_TOS, (char *)&tos, + sizeof(tos)) < 0) + perror("ftp: setsockopt TOS (ignored)"); ++ } + #endif + return(0); + } + noport: + data_addr = myctladdr; + if (sendport) +- data_addr.sin_port = 0; /* let system pick one */ ++ data_addr.su_port = 0; /* let system pick one */ + if (data != -1) + (void) close(data); +- data = socket(AF_INET, SOCK_STREAM, 0); ++ data = socket(data_addr.su_family, SOCK_STREAM, 0); + if (data < 0) { + perror("ftp: socket"); + if (tmpno) +@@ -1172,13 +1432,47 @@ + if (listen(data, 1) < 0) + perror("ftp: listen"); + if (sendport) { +- a = (char *)&data_addr.sin_addr; +- p = (char *)&data_addr.sin_port; +-#define UC(b) (((int)b)&0xff) +- result = +- command("PORT %d,%d,%d,%d,%d,%d", +- UC(a[0]), UC(a[1]), UC(a[2]), UC(a[3]), +- UC(p[0]), UC(p[1])); ++ af = ex_af2prot(data_addr.su_family); ++ if (try_eprt && af > 1) { /* only IPv6 */ ++ if (getnameinfo((struct sockaddr *)&data_addr, len, ++ hbuf, sizeof(hbuf), pbuf, sizeof(pbuf), ++ NI_NUMERICHOST | NI_NUMERICSERV) == 0) { ++ result = command("EPRT |%d|%s|%s|", ++ af, hbuf, pbuf); ++ if (result != COMPLETE) { ++ try_eprt = 0; ++ } ++ } else { ++ result = ERROR; ++ } ++ } else { ++ result = COMPLETE + 1; ++ } ++ if (result == COMPLETE) ++ goto prt_done; ++ ++ p = (u_char *)&data_addr.su_port; ++ switch (data_addr.su_family) { ++ case AF_INET: ++ a = (u_char *)&data_addr.su_sin.sin_addr; ++ result = command("PORT %u,%u,%u,%u,%u,%u", ++ a[0], a[1], a[2], a[3], p[0], p[1]); ++ break; ++#ifdef INET6 ++ case AF_INET6: ++ a = (u_char *)&data_addr.su_sin6.sin6_addr; ++ result = command( ++ "LPRT 6,16,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,2,%d,%d", ++ a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], ++ a[8], a[9],a[10],a[11],a[12],a[13],a[14],a[15], ++ p[0], p[1]); ++ break; ++#endif ++ default: ++ result = COMPLETE + 1; /* xxx */ ++ } ++ ++ prt_done: + if (result == ERROR && sendport == -1) { + sendport = 0; + tmpno = 1; +@@ -1189,9 +1483,12 @@ + if (tmpno) + sendport = 1; + #ifdef IP_TOS ++ if (data_addr.su_family == AF_INET) ++ { + on = IPTOS_THROUGHPUT; + if (setsockopt(data, IPPROTO_IP, IP_TOS, (char *)&on, sizeof(int)) < 0) + perror("ftp: setsockopt TOS (ignored)"); ++ } + #endif + return (0); + bad: +@@ -1204,7 +1501,7 @@ + static FILE * + dataconn(const char *lmode) + { +- struct sockaddr_in from; ++ union sockunion from; + int s, tos; + socklen_t fromlen = sizeof(from); + +@@ -1220,9 +1517,12 @@ + (void) close(data); + data = s; + #ifdef IP_TOS ++ if (from.su_family == AF_INET) ++ { + tos = IPTOS_THROUGHPUT; + if (setsockopt(s, IPPROTO_IP, IP_TOS, (char *)&tos, sizeof(int)) < 0) + perror("ftp: setsockopt TOS (ignored)"); ++ } + #endif + return (fdopen(data, lmode)); + } +@@ -1284,8 +1584,8 @@ + static struct comvars { + int connect; + char name[MAXHOSTNAMELEN]; +- struct sockaddr_in mctl; +- struct sockaddr_in hctl; ++ union sockunion mctl; ++ union sockunion hctl; + FILE *in; + FILE *out; + int tpe; +@@ -1323,7 +1623,7 @@ + connected = op->connect; + if (hostname) { + (void) strncpy(ip->name, hostname, sizeof(ip->name) - 1); +- ip->name[strlen(ip->name)] = '\0'; ++ ip->name[sizeof(ip->name) - 1] = '\0'; + } + else { + ip->name[0] = 0; +@@ -1352,18 +1652,18 @@ + ip->ntflg = ntflag; + ntflag = op->ntflg; + (void) strncpy(ip->nti, ntin, 16); +- (ip->nti)[strlen(ip->nti)] = '\0'; ++ (ip->nti)[16] = '\0'; /* shouldn't use strlen */ + (void) strcpy(ntin, op->nti); + (void) strncpy(ip->nto, ntout, 16); +- (ip->nto)[strlen(ip->nto)] = '\0'; ++ (ip->nto)[16] = '\0'; + (void) strcpy(ntout, op->nto); + ip->mapflg = mapflag; + mapflag = op->mapflg; + (void) strncpy(ip->mi, mapin, MAXPATHLEN - 1); +- (ip->mi)[strlen(ip->mi)] = '\0'; ++ (ip->mi)[MAXPATHLEN - 1] = '\0'; + (void) strcpy(mapin, op->mi); + (void) strncpy(ip->mo, mapout, MAXPATHLEN - 1); +- (ip->mo)[strlen(ip->mo)] = '\0'; ++ (ip->mo)[MAXPATHLEN - 1] = '\0'; + (void) strcpy(mapout, op->mo); + (void) signal(SIGINT, oldintr); + if (abrtflag) { +diff -uNr netkit-ftp-0.17/ftp/ftp_var.h netkit-ftp/ftp/ftp_var.h +--- netkit-ftp-0.17/ftp/ftp_var.h Sat Oct 2 21:39:17 1999 ++++ netkit-ftp/ftp/ftp_var.h Fri Jan 12 23:36:27 2001 +@@ -1,3 +1,5 @@ ++/* $USAGI$ */ ++ + /* + * Copyright (c) 1985, 1989 Regents of the University of California. + * All rights reserved. +@@ -31,7 +33,7 @@ + * SUCH DAMAGE. + * + * from: @(#)ftp_var.h 5.9 (Berkeley) 6/1/90 +- * $Id: ftp_var.h,v 1.12 1999/10/02 18:39:17 dholland Exp $ ++ * $Id: ftp_var.h,v 1.3 2001/01/12 21:36:27 sekiya Exp $ + */ + + /* +@@ -112,6 +114,8 @@ + Extern int mflag; /* flag: if != 0, then active multi command */ + + Extern int options; /* used during socket creation */ ++Extern int try_epsv; /* try EPSV for this session */ ++Extern int try_eprt; /* try EPRT for this session */ + + /* + * Format of command table. +@@ -140,7 +144,7 @@ + Extern char macbuf[4096]; + #define MACBUF_SIZE 4096 + +-char *hookup(char *host, int port); ++char *hookup(const char *host, const char *port); + struct cmd *getcmd(const char *); + char **makeargv(int *pargc, char **parg); + int dologin(const char *host); diff --git a/source/n/netkit-ftp/patches/04-netkit-ftp-0.17-segv.patch b/source/n/netkit-ftp/patches/04-netkit-ftp-0.17-segv.patch new file mode 100644 index 00000000..12d59608 --- /dev/null +++ b/source/n/netkit-ftp/patches/04-netkit-ftp-0.17-segv.patch @@ -0,0 +1,82 @@ +--- netkit-ftp-0.17/ftp/ftp.c.segv 2004-06-14 11:04:38.000000000 -0400 ++++ netkit-ftp-0.17/ftp/ftp.c 2004-06-14 11:06:46.000000000 -0400 +@@ -472,6 +472,8 @@ + return (0); + } + lostpeer(0); ++ fclose(cout); ++ cout = NULL; + if (verbose) { + printf("421 Service not available, remote server has closed connection\n"); + (void) fflush(stdout); +@@ -529,7 +531,14 @@ + cpend = 0; + (void) signal(SIGINT,oldintr); + if (code == 421 || originalcode == 421) ++ { + lostpeer(0); ++ if(cout) ++ { ++ fclose(cout); ++ cout = NULL; ++ } ++ } + if (abrtflag && oldintr != cmdabort && oldintr != SIG_IGN) + (*oldintr)(SIGINT); + return (n - '0'); +@@ -1790,6 +1799,11 @@ + if (ptabflg) + code = -1; + lostpeer(0); ++ if(cout != NULL) ++ { ++ fclose(cout); ++ cout = NULL; ++ } + } + (void) getreply(0); + (void) getreply(0); +@@ -1815,6 +1829,11 @@ + perror("reset"); + code = -1; + lostpeer(0); ++ if(cout != NULL) ++ { ++ fclose(cout); ++ cout = NULL; ++ } + } + else if (nfnd) { + (void) getreply(0); +@@ -1897,6 +1916,11 @@ + if (ptabflg) + code = -1; + lostpeer(0); ++ if(cout != NULL) ++ { ++ fclose(cout); ++ cout = NULL; ++ } + } + if (din && FD_ISSET(fileno(din), &mask)) { + while (read(fileno(din), buf, BUFSIZ) > 0) +--- netkit-ftp-0.17/ftp/main.c.segv 2004-06-14 11:03:18.000000000 -0400 ++++ netkit-ftp-0.17/ftp/main.c 2004-06-14 11:03:42.000000000 -0400 +@@ -235,8 +235,6 @@ + if (connected) { + if (cout != NULL) { + shutdown(fileno(cout), 1+1); +- fclose(cout); +- cout = NULL; + } + if (data >= 0) { + shutdown(data, 1+1); +@@ -249,8 +247,6 @@ + if (connected) { + if (cout != NULL) { + shutdown(fileno(cout), 1+1); +- fclose(cout); +- cout = NULL; + } + connected = 0; + } diff --git a/source/n/netkit-ftp/patches/05-netkit-ftp-0.17-volatile.patch b/source/n/netkit-ftp/patches/05-netkit-ftp-0.17-volatile.patch new file mode 100644 index 00000000..e7a3431e --- /dev/null +++ b/source/n/netkit-ftp/patches/05-netkit-ftp-0.17-volatile.patch @@ -0,0 +1,39 @@ +--- netkit-ftp-0.17/configure.volatile 2004-06-14 12:08:26.000000000 -0400 ++++ netkit-ftp-0.17/configure 2004-06-14 12:52:41.000000000 -0400 +@@ -193,8 +193,8 @@ + cat <<EOF >__conftest.c + #include <unistd.h> + #include <signal.h> +-int count=0; +-void handle(int foo) { count++; } ++volatile int count=0; ++void handle(int foo) { count++; write(1,"X",1);} + int main() { + int pid=getpid(); + signal(SIGINT, handle); +@@ -209,20 +209,20 @@ + if ( + $CC $CFLAGS __conftest.c -o __conftest || exit 1 + ./__conftest || exit 1 +- ) >/dev/null 2>&1; then ++ ); then + echo 'yes' + else + if ( + $CC $CFLAGS -D__USE_BSD_SIGNAL __conftest.c -o __conftest || exit 1 + ./__conftest || exit 1 +- ) >/dev/null 2>&1; then ++ ); then + echo '-D__USE_BSD_SIGNAL' + CFLAGS="$CFLAGS -D__USE_BSD_SIGNAL" + else + echo 'no' +- echo 'This package needs BSD signal semantics to run.' +- rm -f __conftest* +- exit ++ echo '***WARNING***: This package needs BSD signal semantics to run.' ++ echo '***WARNING***: Assuming its just ia64 buildroot breakage.' ++ CFLAGS="$CFLAGS -D__USE_BSD_SIGNAL" + fi + fi + rm -f __conftest* diff --git a/source/n/netkit-ftp/patches/06-netkit-ftp-0.17-runique_mget.patch b/source/n/netkit-ftp/patches/06-netkit-ftp-0.17-runique_mget.patch new file mode 100644 index 00000000..8ba1152d --- /dev/null +++ b/source/n/netkit-ftp/patches/06-netkit-ftp-0.17-runique_mget.patch @@ -0,0 +1,13 @@ +--- netkit-ftp-0.17/ftp/ftp.c.runique_mget 2004-12-07 12:05:49.360133092 +0100 ++++ netkit-ftp-0.17/ftp/ftp.c 2004-12-07 12:06:48.480883902 +0100 +@@ -923,7 +923,9 @@ + return; + } + } +- else if (runique && (local = gunique(local)) == NULL) { ++ else if (runique && (strcmp(cmd, "NLST") != 0) && ++ (local = gunique(local)) == NULL) ++ { + (void) signal(SIGINT, oldintr); + code = -1; + return; diff --git a/source/n/netkit-ftp/patches/06-netkit-ftp-locale.patch b/source/n/netkit-ftp/patches/06-netkit-ftp-locale.patch new file mode 100644 index 00000000..ed6e28a0 --- /dev/null +++ b/source/n/netkit-ftp/patches/06-netkit-ftp-locale.patch @@ -0,0 +1,18 @@ +--- netkit-ftp-0.17/ftp/main.c.locale 2004-12-15 16:52:14.504193752 +0000 ++++ netkit-ftp-0.17/ftp/main.c 2004-12-15 16:52:51.719133655 +0000 +@@ -51,6 +51,7 @@ + + /* #include <arpa/ftp.h> <--- unused? */ + ++#include <locale.h> + #include <signal.h> + #include <unistd.h> + #include <string.h> +@@ -109,6 +110,7 @@ + + tick = 0; + ++ setlocale (LC_ALL, ""); + sp = getservbyname("ftp", "tcp"); + if (sp == 0) { + fprintf(stderr, "ftp: ftp/tcp: unknown service\n"); diff --git a/source/n/netkit-ftp/patches/07-netkit-ftp-0.17-printf.patch b/source/n/netkit-ftp/patches/07-netkit-ftp-0.17-printf.patch new file mode 100644 index 00000000..2d7ecc4c --- /dev/null +++ b/source/n/netkit-ftp/patches/07-netkit-ftp-0.17-printf.patch @@ -0,0 +1,11 @@ +--- netkit-ftp-0.17/ftp/cmds.c.printf 2005-05-24 22:12:24.000000000 +0200 ++++ netkit-ftp-0.17/ftp/cmds.c 2005-05-24 22:12:37.000000000 +0200 +@@ -2223,7 +2223,7 @@ + printf("restart: offset not specified\n"); + else { + restart_point = atol(argv[1]); +- printf("restarting at %ld. %s\n", restart_point, ++ printf("restarting at %ld. %s\n", (long)restart_point, + "execute get, put or append to initiate transfer"); + } + } diff --git a/source/n/netkit-ftp/patches/08-netkit-ftp-0.17-longint.patch b/source/n/netkit-ftp/patches/08-netkit-ftp-0.17-longint.patch new file mode 100644 index 00000000..c7b9f91d --- /dev/null +++ b/source/n/netkit-ftp/patches/08-netkit-ftp-0.17-longint.patch @@ -0,0 +1,135 @@ +--- netkit-ftp-0.17/ftp/ftp.c.rasold 2005-08-22 14:22:50.000000000 +0200 ++++ netkit-ftp-0.17/ftp/ftp.c 2005-08-22 14:23:02.000000000 +0200 +@@ -139,7 +139,7 @@ + static char *gunique(char *); + static void proxtrans(const char *cmd, char *local, char *remote); + static int initconn(void); +-static void ptransfer(const char *direction, long bytes, ++static void ptransfer(const char *direction, long long bytes, + const struct timeval *t0, + const struct timeval *t1); + static void tvsub(struct timeval *tdiff, +@@ -579,7 +579,7 @@ + int (*volatile closefunc)(FILE *); + void (*volatile oldintr)(int); + void (*volatile oldintp)(int); +- volatile long bytes = 0, hashbytes = HASHBYTES; ++ volatile long long bytes = 0, hashbytes = HASHBYTES; + char buf[BUFSIZ], *bufp; + const char *volatile lmode; + +@@ -713,14 +713,14 @@ + if ((d = write(fileno(dout), bufp, c)) <= 0) + break; + if (hash) { +- while (bytes >= hashbytes) { +- (void) putchar('#'); +- hashbytes += HASHBYTES; +- } +- (void) fflush(stdout); +- } ++ while (bytes >= hashbytes) { /* <-- 'long long' signed overflow is */ ++ (void) putchar('#'); /* possible. In this case, we can */ ++ hashbytes += HASHBYTES; /* 'cycle' there for very long time. */ ++ } /* Search 'hasbytes' in file down, */ ++ (void) fflush(stdout); /* there are similar parts. */ ++ } /* <praszyk@redhat.com> */ + if (tick && (bytes >= hashbytes)) { +- printf("\rBytes transferred: %ld", bytes); ++ printf("\rBytes transferred: %lld", bytes); + (void) fflush(stdout); + while (bytes >= hashbytes) + hashbytes += TICKBYTES; +@@ -733,7 +733,7 @@ + (void) fflush(stdout); + } + if (tick) { +- (void) printf("\rBytes transferred: %ld\n", bytes); ++ (void) printf("\rBytes transferred: %lld\n", bytes); + (void) fflush(stdout); + } + if (c < 0) +@@ -755,7 +755,7 @@ + hashbytes += HASHBYTES; + } + if (tick && (bytes >= hashbytes)) { +- (void) printf("\rBytes transferred: %ld", ++ (void) printf("\rBytes transferred: %lld", + bytes); + (void) fflush(stdout); + while (bytes >= hashbytes) +@@ -780,7 +780,7 @@ + (void) fflush(stdout); + } + if (tick) { +- (void) printf("\rBytes transferred: %ld\n", bytes); ++ (void) printf("\rBytes transferred: %lld\n", bytes); + (void) fflush(stdout); + } + if (ferror(fin)) +@@ -853,9 +853,9 @@ + void (*volatile oldintp)(int); + void (*volatile oldintr)(int); + volatile int is_retr, tcrflag, bare_lfs = 0; +- static unsigned bufsize; ++ static unsigned bufsize=0; + static char *buf; +- volatile long bytes = 0, hashbytes = HASHBYTES; ++ volatile long long bytes = 0, hashbytes = HASHBYTES; + register int c, d; + struct timeval start, stop; + struct stat st; +@@ -1031,7 +1031,7 @@ + (void) fflush(stdout); + } + if (tick && (bytes >= hashbytes) && is_retr) { +- (void) printf("\rBytes transferred: %ld", ++ (void) printf("\rBytes transferred: %lld", + bytes); + (void) fflush(stdout); + while (bytes >= hashbytes) +@@ -1045,7 +1045,7 @@ + (void) fflush(stdout); + } + if (tick && is_retr) { +- (void) printf("\rBytes transferred: %ld\n", bytes); ++ (void) printf("\rBytes transferred: %lld\n", bytes); + (void) fflush(stdout); + } + if (c < 0) { +@@ -1095,7 +1095,7 @@ + hashbytes += HASHBYTES; + } + if (tick && (bytes >= hashbytes) && is_retr) { +- printf("\rBytes transferred: %ld", ++ printf("\rBytes transferred: %lld", + bytes); + fflush(stdout); + while (bytes >= hashbytes) +@@ -1126,7 +1126,7 @@ + (void) fflush(stdout); + } + if (tick && is_retr) { +- (void) printf("\rBytes transferred: %ld\n", bytes); ++ (void) printf("\rBytes transferred: %lld\n", bytes); + (void) fflush(stdout); + } + if (bare_lfs) { +@@ -1540,7 +1540,7 @@ + } + + static void +-ptransfer(const char *direction, long bytes, ++ptransfer(const char *direction, long long bytes, + const struct timeval *t0, + const struct timeval *t1) + { +@@ -1552,7 +1552,7 @@ + s = td.tv_sec + (td.tv_usec / 1000000.); + #define nz(x) ((x) == 0 ? 1 : (x)) + bs = bytes / nz(s); +- printf("%ld bytes %s in %.3g secs (%.2g Kbytes/sec)\n", ++ printf("%lld bytes %s in %.3g secs (%.2g Kbytes/sec)\n", + bytes, direction, s, bs / 1024.0); + } + } diff --git a/source/n/netkit-ftp/patches/09-netkit-ftp-0.17-vsftp165083.patch b/source/n/netkit-ftp/patches/09-netkit-ftp-0.17-vsftp165083.patch new file mode 100644 index 00000000..8dcd9057 --- /dev/null +++ b/source/n/netkit-ftp/patches/09-netkit-ftp-0.17-vsftp165083.patch @@ -0,0 +1,47 @@ +--- netkit-ftp-0.17/ftp/ftp.c.vsftp 2005-08-29 16:07:35.000000000 +0200 ++++ netkit-ftp-0.17/ftp/ftp.c 2005-08-30 10:58:10.000000000 +0200 +@@ -582,6 +582,7 @@ + volatile long long bytes = 0, hashbytes = HASHBYTES; + char buf[BUFSIZ], *bufp; + const char *volatile lmode; ++ int old_code_l; + + if (verbose && printnames) { + if (local && *local != '-') +@@ -799,7 +800,35 @@ + (void) fclose(dout); + /* closes data as well, so discard it */ + data = -1; +- (void) getreply(0); ++ old_code_l = code; ++ (void) getreply(0); ++ ++ /* Following "if" will avoid a bug #165083 in ftp-server */ ++ /* It can be later removed. */ ++ if (old_code_l == 150 && code == 150 && cpend == 1 ++ && sunique == 1 && cin != NULL && fileno (cin) >= 0 ) { ++ #include <sys/poll.h> ++ struct pollfd fds_events_l [2] ; ++ int rc; ++ ++ fds_events_l [0] .fd = fileno (cin); ++ fds_events_l [0] .events = POLLIN | POLLERR | POLLHUP; ++ ++ rc = poll (fds_events_l, 1, 5000); ++ switch (rc) { ++ case 1: ++ (void) getreply (0); ++ break; ++ case 0: ++ fprintf (stderr, "ftp: no answer from ftp-server " ++ "(more than 5 sec).\n"); ++ break; ++ case -1: ++ perror("ftp: poll"); ++ break; ++ } ++ } ++ + (void) signal(SIGINT, oldintr); + if (oldintp) + (void) signal(SIGPIPE, oldintp); diff --git a/source/n/netkit-ftp/patches/10-netkit-ftp-0.17-C-Frame121.patch b/source/n/netkit-ftp/patches/10-netkit-ftp-0.17-C-Frame121.patch new file mode 100644 index 00000000..f687d166 --- /dev/null +++ b/source/n/netkit-ftp/patches/10-netkit-ftp-0.17-C-Frame121.patch @@ -0,0 +1,25 @@ +--- netkit-ftp-0.17/ftp/ftp.c.rasold 2005-10-26 16:56:09.000000000 +0200 ++++ netkit-ftp-0.17/ftp/ftp.c 2005-10-26 16:56:46.000000000 +0200 +@@ -1253,14 +1253,14 @@ + switch (data_addr.su_family) { + case AF_INET: + #if 0 +- if (try_epsv) { +- result = command(pasvcmd = "EPSV 1"); +- if (code / 10 == 22 && code != 229) { +- fprintf(stderr, +- "wrong server: return code must be 229\n"); +- result = COMPLETE + 1; +- } +- } else { ++/*@*/ if (try_epsv) { ++/*@*/ result = command(pasvcmd = "EPSV 1"); ++/*@*/ if (code / 10 == 22 && code != 229) { ++/*@*/ fprintf(stderr, ++/*@*/ "wrong server: return code must be 229\n"); ++/*@*/ result = COMPLETE + 1; ++/*@*/ } ++/*@*/ } else { + #endif + result = COMPLETE + 1; + diff --git a/source/n/netkit-ftp/patches/11-netkit-ftp-0.17-data.patch b/source/n/netkit-ftp/patches/11-netkit-ftp-0.17-data.patch new file mode 100644 index 00000000..43157f87 --- /dev/null +++ b/source/n/netkit-ftp/patches/11-netkit-ftp-0.17-data.patch @@ -0,0 +1,24 @@ +--- netkit-ftp-0.17/ftp/ftp.c.data 2005-12-02 15:31:27.000000000 +0100 ++++ netkit-ftp-0.17/ftp/ftp.c 2005-12-02 15:35:46.000000000 +0100 +@@ -1223,6 +1223,7 @@ + static int + initconn(void) + { ++ int rc; + u_char *p, *a; + int result, tmpno = 0; + socklen_t len; +@@ -1240,6 +1241,13 @@ + } + #endif + if (passivemode) { ++ if (data >= 0){ ++ rc = close (data); ++ data = -1; ++ if (rc == -1){ ++ perror ("ftp: close"); ++ } ++ } + data_addr = hisctladdr; + data = socket(data_addr.su_family, SOCK_STREAM, 0); + if (data < 0) { diff --git a/source/n/netkit-ftp/patches/12-netkit-ftp-0.17-multihome.patch b/source/n/netkit-ftp/patches/12-netkit-ftp-0.17-multihome.patch new file mode 100644 index 00000000..9000937e --- /dev/null +++ b/source/n/netkit-ftp/patches/12-netkit-ftp-0.17-multihome.patch @@ -0,0 +1,98 @@ +--- netkit-ftp-0.17/ftp/ftp_var.h.rasold 2006-01-12 11:23:16.000000000 +0100 ++++ netkit-ftp-0.17/ftp/ftp_var.h 2006-01-12 11:24:06.000000000 +0100 +@@ -69,6 +69,7 @@ + Extern int bell; /* ring bell on cmd completion */ + Extern int doglob; /* glob local file names */ + Extern int autologin; /* establish user account on connection */ ++Extern int multihome; /* multi homed host, use same interface for cmd and data channels */ + Extern int proxy; /* proxy server connection active */ + Extern int proxflag; /* proxy connection exists */ + Extern int sunique; /* store files on server with unique name */ +--- netkit-ftp-0.17/ftp/ftp.c.rasold 2006-01-12 11:14:55.000000000 +0100 ++++ netkit-ftp-0.17/ftp/ftp.c 2006-01-12 11:22:42.000000000 +0100 +@@ -132,6 +132,7 @@ + static sigjmp_buf ptabort; + static int ptabflg = 0; + static int abrtflag = 0; ++struct sockaddr_in source; + + void lostpeer(int); + extern int connected; +@@ -153,7 +154,7 @@ + char * + hookup(const char *host, const char *port) + { +- int s, tos, error; ++ int s, tos, error, alen; + socklen_t len; + static char hostnamebuf[256]; + struct addrinfo hints, *res, *res0; +@@ -278,7 +279,11 @@ + } + if (verbose) + printf("Connected to %s (%s).\n", hostname, hbuf); +- if (getreply(0) > 2) { /* read startup message from server */ ++ alen = sizeof(source); ++ getsockname(s,(struct sockaddr*)&source, &alen); ++ source.sin_port = 0; /* We just want the addr, not the port */ ++ ++ if (getreply(0) > 2) { /* read startup message from server */ + if (cin) + (void) fclose(cin); + if (cout) +@@ -1254,6 +1259,13 @@ + perror("ftp: socket"); + return(1); + } ++ if((multihome) && ++ bind(data, (struct sockaddr*)&source, sizeof(source)) == -1) { ++ close(data); ++ data = -1; ++ perror("ftp multihome bind"); ++ return(1); ++ } + if (options & SO_DEBUG && + setsockopt(data, SOL_SOCKET, SO_DEBUG, (char *)&on, + sizeof (on)) < 0) +--- netkit-ftp-0.17/ftp/main.c.rasold 2006-01-12 11:24:27.000000000 +0100 ++++ netkit-ftp-0.17/ftp/main.c 2006-01-12 11:27:20.000000000 +0100 +@@ -93,6 +93,7 @@ + printf("\t -n: inhibit auto-login\n"); + printf("\t -e: disable readline support, if present\n"); + printf("\t -g: disable filename globbing\n"); ++ printf("\t -m: don't force data channel interface to the same as control channel\n"); + printf("\t -v: verbose mode\n"); + printf("\t -t: enable packet tracing [nonfunctional]\n"); + printf("\t -d: enable debugging\n"); +@@ -120,6 +121,7 @@ + doglob = 1; + interactive = 1; + autologin = 1; ++ multihome = 1; + passivemode = 1; + + cp = strrchr(argv[0], '/'); +@@ -172,6 +174,10 @@ + rl_inhibit = 1; + break; + ++ case 'm': ++ multihome = 0; ++ break; ++ + case 'h': + usage(); + exit(0); +--- netkit-ftp-0.17/ftp/ftp.1.rasold 2006-01-12 11:14:09.000000000 +0100 ++++ netkit-ftp-0.17/ftp/ftp.1 2006-01-12 11:15:48.000000000 +0100 +@@ -92,6 +92,10 @@ + executable. Otherwise, does nothing. + .It Fl g + Disables file name globbing. ++.It Fl m ++The default requires that ftp explicitly binds to the same interface for the data ++channel as the control channel in passive mode. Useful on multi-homed ++clients. This option disables this behavior. + .It Fl v + Verbose option forces + .Nm ftp diff --git a/source/n/netkit-ftp/patches/13-netkit-ftp-0.17-longnames.patch b/source/n/netkit-ftp/patches/13-netkit-ftp-0.17-longnames.patch new file mode 100644 index 00000000..66e4a5a0 --- /dev/null +++ b/source/n/netkit-ftp/patches/13-netkit-ftp-0.17-longnames.patch @@ -0,0 +1,106 @@ +--- netkit-ftp-0.17/ftp/cmds.c.longnames 2006-07-25 11:13:55.000000000 +0200 ++++ netkit-ftp-0.17/ftp/cmds.c 2006-07-24 17:52:10.000000000 +0200 +@@ -1057,10 +1057,9 @@ + status(void) + { + int i; +- +- if (connected) ++ if (connected) + printf("Connected to %s.\n", hostname); +- else ++ else + printf("Not connected.\n"); + if (!proxy) { + pswitch(1); +@@ -1081,7 +1080,7 @@ + onoff(runique)); + printf("Case: %s; CR stripping: %s\n",onoff(mcase),onoff(crflag)); + if (ntflag) { +- printf("Ntrans: (in) %s (out) %s\n", ntin,ntout); ++ printf("Ntrans: (in) %s (out) %s\n",ntin,ntout); + } + else { + printf("Ntrans: off\n"); +@@ -1948,14 +1947,14 @@ + } + ntflag++; + code = ntflag; +- (void) strncpy(ntin, argv[1], 16); +- ntin[16] = '\0'; ++ (void) strncpy(ntin, argv[1], NTRANS_MAX); ++ ntin[NTRANS_MAX] = '\0'; + if (argc == 2) { + ntout[0] = '\0'; + return; + } +- (void) strncpy(ntout, argv[2], 16); +- ntout[16] = '\0'; ++ (void) strncpy(ntout, argv[2], NTRANS_MAX); ++ ntout[NTRANS_MAX] = '\0'; + } + + static char * +@@ -1965,10 +1964,10 @@ + char *cp1, *cp2 = new; + register int i, ostop, found; + +- for (ostop = 0; *(ntout + ostop) && ostop < 16; ostop++); ++ for (ostop = 0; *(ntout + ostop) && ostop < NTRANS_MAX; ostop++); + for (cp1 = name; *cp1; cp1++) { + found = 0; +- for (i = 0; *(ntin + i) && i < 16; i++) { ++ for (i = 0; *(ntin + i) && i < NTRANS_MAX; i++) { + if (*cp1 == *(ntin + i)) { + found++; + if (i < ostop) { +--- netkit-ftp-0.17/ftp/ftp.c.longnames 2006-07-25 11:13:56.000000000 +0200 ++++ netkit-ftp-0.17/ftp/ftp.c 2006-07-24 17:46:14.000000000 +0200 +@@ -1656,8 +1656,8 @@ + int runqe; + int mcse; + int ntflg; +- char nti[17]; +- char nto[17]; ++ char nti[NTRANS_MAX+1]; ++ char nto[NTRANS_MAX+1]; + int mapflg; + char mi[MAXPATHLEN]; + char mo[MAXPATHLEN]; +@@ -1712,11 +1712,11 @@ + mcase = op->mcse; + ip->ntflg = ntflag; + ntflag = op->ntflg; +- (void) strncpy(ip->nti, ntin, 16); +- (ip->nti)[16] = '\0'; /* shouldn't use strlen */ ++ (void) strncpy(ip->nti, ntin, NTRANS_MAX); ++ (ip->nti)[NTRANS_MAX] = '\0'; /* shouldn't use strlen */ + (void) strcpy(ntin, op->nti); +- (void) strncpy(ip->nto, ntout, 16); +- (ip->nto)[16] = '\0'; ++ (void) strncpy(ip->nto, ntout, NTRANS_MAX); ++ (ip->nto)[NTRANS_MAX] = '\0'; + (void) strcpy(ntout, op->nto); + ip->mapflg = mapflag; + mapflag = op->mapflg; +--- netkit-ftp-0.17/ftp/ftp_var.h.longnames 2006-07-25 11:13:56.000000000 +0200 ++++ netkit-ftp-0.17/ftp/ftp_var.h 2006-07-24 15:49:37.000000000 +0200 +@@ -42,6 +42,7 @@ + + #include <setjmp.h> + #include <sys/param.h> ++#define NTRANS_MAX 64 + + /* + * Tick counter step size. +@@ -82,8 +83,8 @@ + Extern char pasv[64]; /* passive port for proxy data connection */ + Extern int passivemode; /* passive mode enabled */ + Extern char *altarg; /* argv[1] with no shell-like preprocessing */ +-Extern char ntin[17]; /* input translation table */ +-Extern char ntout[17]; /* output translation table */ ++Extern char ntin[NTRANS_MAX+1]; /* input translation table */ ++Extern char ntout[NTRANS_MAX+1]; /* output translation table */ + Extern char mapin[MAXPATHLEN]; /* input map template */ + Extern char mapout[MAXPATHLEN]; /* output map template */ + Extern char typename[32]; /* name of file transfer type */ diff --git a/source/n/netkit-ftp/patches/14-netkit-ftp-0.17-multiipv6.patch b/source/n/netkit-ftp/patches/14-netkit-ftp-0.17-multiipv6.patch new file mode 100644 index 00000000..ee93e32b --- /dev/null +++ b/source/n/netkit-ftp/patches/14-netkit-ftp-0.17-multiipv6.patch @@ -0,0 +1,66 @@ +--- netkit-ftp-0.17/ftp/ftp.c.multiipv6 2006-08-02 15:03:26.000000000 +0200 ++++ netkit-ftp-0.17/ftp/ftp.c 2006-08-02 15:06:19.000000000 +0200 +@@ -78,9 +78,7 @@ + #include <netinet/in.h> + #include <netinet/ip.h> + #include <arpa/ftp.h> +-#include <arpa/inet.h> + #include <arpa/telnet.h> +- + #include <stdio.h> + #include <signal.h> + #include <string.h> +@@ -132,7 +130,7 @@ + static sigjmp_buf ptabort; + static int ptabflg = 0; + static int abrtflag = 0; +-struct sockaddr_in source; ++struct sockaddr_storage source; + + void lostpeer(int); + extern int connected; +@@ -154,8 +152,8 @@ + char * + hookup(const char *host, const char *port) + { +- int s, tos, error, alen; +- socklen_t len; ++ int s, tos, error; ++ socklen_t len, alen; + static char hostnamebuf[256]; + struct addrinfo hints, *res, *res0; + char hbuf[MAXHOSTNAMELEN], pbuf[NI_MAXSERV]; +@@ -281,7 +279,15 @@ + printf("Connected to %s (%s).\n", hostname, hbuf); + alen = sizeof(source); + getsockname(s,(struct sockaddr*)&source, &alen); +- source.sin_port = 0; /* We just want the addr, not the port */ ++ switch (source.ss_family) { ++ /* We just want the addr, not the port */ ++ case AF_INET: ++ ((struct sockaddr_in *) &source)->sin_port = 0; ++ break; ++ case AF_INET6: ++ ((struct sockaddr_in6 *) &source)->sin6_port = 0; ++ break; ++ } + + if (getreply(0) > 2) { /* read startup message from server */ + if (cin) +@@ -1260,11 +1266,11 @@ + return(1); + } + if((multihome) && +- bind(data, (struct sockaddr*)&source, sizeof(source)) == -1) { +- close(data); +- data = -1; +- perror("ftp multihome bind"); +- return(1); ++ bind(data, (struct sockaddr *)&source, sizeof(source)) == -1) { ++ close(data); ++ data = -1; ++ perror("ftp multihome bind"); ++ return(1); + } + if (options & SO_DEBUG && + setsockopt(data, SOL_SOCKET, SO_DEBUG, (char *)&on, diff --git a/source/n/netkit-ftp/patches/15-netkit-ftp-0.17-nodebug.patch b/source/n/netkit-ftp/patches/15-netkit-ftp-0.17-nodebug.patch new file mode 100644 index 00000000..520808f1 --- /dev/null +++ b/source/n/netkit-ftp/patches/15-netkit-ftp-0.17-nodebug.patch @@ -0,0 +1,11 @@ +--- netkit-ftp-0.17/ftp/Makefile.nodebug 2006-11-14 15:02:36.000000000 +0100 ++++ netkit-ftp-0.17/ftp/Makefile 2007-01-30 13:58:15.000000000 +0100 +@@ -17,7 +17,7 @@ + + install: ftp + install -d $(INSTALLROOT)$(BINDIR) +- install -s -m$(BINMODE) ftp $(INSTALLROOT)$(BINDIR) ++ install -m$(BINMODE) ftp $(INSTALLROOT)$(BINDIR) + ln -sf ftp $(INSTALLROOT)$(BINDIR)/pftp + install -d $(INSTALLROOT)$(MANDIR)/man1 + install -m$(MANMODE) ftp.1 $(INSTALLROOT)$(MANDIR)/man1 diff --git a/source/n/netkit-ftp/patches/16-netkit-ftp-0.17-stamp.patch b/source/n/netkit-ftp/patches/16-netkit-ftp-0.17-stamp.patch new file mode 100644 index 00000000..afbb5f27 --- /dev/null +++ b/source/n/netkit-ftp/patches/16-netkit-ftp-0.17-stamp.patch @@ -0,0 +1,23 @@ +--- netkit-ftp-0.17/ftp/Makefile.stamp 2007-02-07 05:21:13.000000000 -0500 ++++ netkit-ftp-0.17/ftp/Makefile 2007-02-07 05:26:13.453244000 -0500 +@@ -16,14 +16,14 @@ + cmds.o glob.o: glob.h + + install: ftp +- install -d $(INSTALLROOT)$(BINDIR) +- install -m$(BINMODE) ftp $(INSTALLROOT)$(BINDIR) ++ install -p -d $(INSTALLROOT)$(BINDIR) ++ install -p -m$(BINMODE) ftp $(INSTALLROOT)$(BINDIR) + ln -sf ftp $(INSTALLROOT)$(BINDIR)/pftp +- install -d $(INSTALLROOT)$(MANDIR)/man1 +- install -m$(MANMODE) ftp.1 $(INSTALLROOT)$(MANDIR)/man1 ++ install -p -d $(INSTALLROOT)$(MANDIR)/man1 ++ install -p -m$(MANMODE) ftp.1 $(INSTALLROOT)$(MANDIR)/man1 + ln -sf ftp.1 $(INSTALLROOT)$(MANDIR)/man1/pftp.1 +- install -d $(INSTALLROOT)$(MANDIR)/man5 +- install -m$(MANMODE) netrc.5 $(INSTALLROOT)$(MANDIR)/man5 ++ install -p -d $(INSTALLROOT)$(MANDIR)/man5 ++ install -p -m$(MANMODE) netrc.5 $(INSTALLROOT)$(MANDIR)/man5 + + clean: + rm -f *.o ftp diff --git a/source/n/netkit-ftp/patches/17-netkit-ftp-0.17-sigseg.patch b/source/n/netkit-ftp/patches/17-netkit-ftp-0.17-sigseg.patch new file mode 100644 index 00000000..0972eb19 --- /dev/null +++ b/source/n/netkit-ftp/patches/17-netkit-ftp-0.17-sigseg.patch @@ -0,0 +1,16 @@ +--- netkit-ftp-0.17-orig/ftp/ftp.c 2007-08-06 23:32:49.000000000 +0200 ++++ netkit-ftp-0.17/ftp/ftp.c 2007-08-06 23:31:06.000000000 +0200 +@@ -483,8 +483,10 @@ getreply(int expecteof) + return (0); + } + lostpeer(0); +- fclose(cout); +- cout = NULL; ++ if (cout) { ++ fclose(cout); ++ cout = NULL; ++ } + if (verbose) { + printf("421 Service not available, remote server has closed connection\n"); + (void) fflush(stdout); + diff --git a/source/n/netkit-ftp/patches/18-netkit-ftp-0.17-size.patch b/source/n/netkit-ftp/patches/18-netkit-ftp-0.17-size.patch new file mode 100644 index 00000000..22e08069 --- /dev/null +++ b/source/n/netkit-ftp/patches/18-netkit-ftp-0.17-size.patch @@ -0,0 +1,12 @@ +diff -up netkit-ftp-0.17/ftp/cmds.c.size netkit-ftp-0.17/ftp/cmds.c +--- netkit-ftp-0.17/ftp/cmds.c.size 2007-10-10 14:17:18.000000000 +0200 ++++ netkit-ftp-0.17/ftp/cmds.c 2007-10-10 14:17:18.000000000 +0200 +@@ -1650,6 +1650,8 @@ quote1(const char *initial, int argc, ch + register int i, len; + char buf[BUFSIZ]; /* must be >= sizeof(line) */ + ++ if (strncmp(argv[1],"size",4) == 0) ++ changetype(TYPE_I, 1); + (void) strcpy(buf, initial); + if (argc > 1) { + len = strlen(buf); diff --git a/source/n/netkit-ftp/patches/19-netkit-ftp-0.17-fdleak.patch b/source/n/netkit-ftp/patches/19-netkit-ftp-0.17-fdleak.patch new file mode 100644 index 00000000..0f995c5d --- /dev/null +++ b/source/n/netkit-ftp/patches/19-netkit-ftp-0.17-fdleak.patch @@ -0,0 +1,11 @@ +diff -up netkit-ftp-0.17/ftp/cmds.c.old netkit-ftp-0.17/ftp/cmds.c +--- netkit-ftp-0.17/ftp/cmds.c.old 2007-10-17 16:28:57.000000000 +0200 ++++ netkit-ftp-0.17/ftp/cmds.c 2007-10-17 16:33:41.000000000 +0200 +@@ -764,6 +764,7 @@ usage: + + recvrequest("RETR", argv[2], argv[1], modestr, + argv[1] != oldargv1 || argv[2] != oldargv2); ++ (void) close(data), data = -1; + restart_point = 0; + return (0); + } diff --git a/source/n/netkit-ftp/patches/20-netkit-ftp-0.17-fprintf.patch b/source/n/netkit-ftp/patches/20-netkit-ftp-0.17-fprintf.patch new file mode 100644 index 00000000..f0c81e79 --- /dev/null +++ b/source/n/netkit-ftp/patches/20-netkit-ftp-0.17-fprintf.patch @@ -0,0 +1,225 @@ +diff -up netkit-ftp-0.17/ftp/cmds.c.old netkit-ftp-0.17/ftp/cmds.c +--- netkit-ftp-0.17/ftp/cmds.c.old 2007-11-15 13:34:31.000000000 +0100 ++++ netkit-ftp-0.17/ftp/cmds.c 2007-11-15 13:44:44.000000000 +0100 +@@ -137,7 +137,7 @@ static char *pathprotect(char *name) + if (name[i]=='.' && gotdots>=0) gotdots++; + else if (name[i]=='/' && gotdots<0) gotdots=0; + else if (name[i]=='/' && gotdots==2) { +- printf("Warning: embedded .. in %.*s (changing to !!)\n", ++ fprintf(stderr, "Warning: embedded .. in %.*s (changing to !!)\n", + len-1, name); + name[i-1] = '!'; + name[i-2] = '!'; +@@ -167,7 +167,7 @@ another(int *pargc, char ***pargv, const + int ret; + + if (len >= sizeof(line) - 3) { +- printf("sorry, arguments too long\n"); ++ fprintf(stderr, "sorry, arguments too long\n"); + intr(0); + } + printf("(%s) ", prompt); +@@ -195,7 +195,7 @@ setpeer(int argc, char *argv[]) + char *port; + + if (connected) { +- printf("Already connected to %s, use close first.\n", ++ fprintf(stderr, "Already connected to %s, use close first.\n", + hostname); + code = -1; + return; +@@ -278,7 +278,7 @@ setpeer(int argc, char *argv[]) + unix_server = 0; + if (overbose && + !strncmp(reply_string, "215 TOPS20", 10)) +- printf( ++ fprintf(stderr, + "Remember to set tenex mode when transfering binary files from this machine.\n"); + } + verbose = overbose; +@@ -316,7 +316,7 @@ do_settype(const char *thetype) + if (strcmp(thetype, p->t_name) == 0) + break; + if (p->t_name == 0) { +- printf("%s: unknown mode\n", thetype); ++ fprintf(stderr, "%s: unknown mode\n", thetype); + code = -1; + return; + } +@@ -378,7 +378,7 @@ changetype(int newtype, int show) + if (newtype == p->t_type) + break; + if (p->t_name == 0) { +- printf("ftp: internal error: unknown type %d\n", newtype); ++ fprintf(stderr, "ftp: internal error: unknown type %d\n", newtype); + return; + } + if (newtype == TYPE_L && bytename[0] != '\0') +@@ -428,7 +428,7 @@ settenex(void) + void + setmode(void) + { +- printf("We only support %s mode, sorry.\n", modename); ++ fprintf(stderr, "We only support %s mode, sorry.\n", modename); + code = -1; + } + +@@ -439,7 +439,7 @@ setmode(void) + void + setform(void) + { +- printf("We only support %s format, sorry.\n", formname); ++ fprintf(stderr, "We only support %s format, sorry.\n", formname); + code = -1; + } + +@@ -449,7 +449,7 @@ setform(void) + void + setstruct(void) + { +- printf("We only support %s structure, sorry.\n", structname); ++ fprintf(stderr, "We only support %s structure, sorry.\n", structname); + code = -1; + } + +@@ -594,7 +594,7 @@ mput(int argc, char *argv[]) + } + gargs = ftpglob(argv[i]); + if (globerr != NULL) { +- printf("%s\n", globerr); ++ fprintf(stderr, "%s\n", globerr); + if (gargs) { + blkfree(gargs); + free((char *)gargs); +@@ -906,7 +906,7 @@ remglob(char *argv[], int doswitch) + umask(oldumask); + + if (fd<0) { +- printf("Error creating temporary file, oops\n"); ++ fprintf(stderr, "Error creating temporary file, oops\n"); + return NULL; + } + +@@ -931,13 +931,13 @@ remglob(char *argv[], int doswitch) + } + verbose = oldverbose; hash = oldhash; + if (badglob) { +- printf("Refusing to handle insecure file list\n"); ++ fprintf(stderr, "Refusing to handle insecure file list\n"); + close(fd); + return NULL; + } + ftemp = fdopen(fd, "r"); + if (ftemp == NULL) { +- printf("fdopen failed, oops\n"); ++ fprintf(stderr, "fdopen failed, oops\n"); + return NULL; + } + rewind(ftemp); +@@ -1006,7 +1006,7 @@ checkglob(int fd, const char *pattern) + while (*sp == '/') + sp++; + if (nrslash >= MAXPATHLEN) { +- printf("Incredible pattern: %s\n", pattern); ++ fprintf(stderr, "Incredible pattern: %s\n", pattern); + return 0; + } + dotdot[nrslash++] = isdotdotglob(sp); +@@ -1019,7 +1019,7 @@ checkglob(int fd, const char *pattern) + if ((sp = strchr(buffer, '\n')) != 0) { + *sp = '\0'; + } else { +- printf("Extremely long filename from server: %s", ++ fprintf(stderr, "Extremely long filename from server: %s", + buffer); + okay = 0; + break; +@@ -1038,7 +1038,7 @@ checkglob(int fd, const char *pattern) + } + + if (!okay) +- printf("Filename provided by server " ++ fprintf(stderr, "Filename provided by server " + "doesn't match pattern `%s': %s\n", pattern, buffer); + + fclose(fp); +@@ -1061,14 +1061,14 @@ status(void) + if (connected) + printf("Connected to %s.\n", hostname); + else +- printf("Not connected.\n"); ++ fprintf(stderr, "Not connected.\n"); + if (!proxy) { + pswitch(1); + if (connected) { + printf("Connected for proxy commands to %s.\n", hostname); + } + else { +- printf("No proxy connection.\n"); ++ fprintf(stderr, "No proxy connection.\n"); + } + pswitch(0); + } +@@ -1218,7 +1218,7 @@ setdebug(int argc, char *argv[]) + if (argc > 1) { + val = atoi(argv[1]); + if (val < 0) { +- printf("%s: bad debugging value.\n", argv[1]); ++ fprintf(stderr, "%s: bad debugging value.\n", argv[1]); + code = -1; + return; + } +@@ -1248,7 +1248,7 @@ cd(int argc, char *argv[]) + } + if (command("CWD %s", argv[1]) == ERROR && code == 500) { + if (verbose) +- printf("CWD command not recognized, trying XCWD\n"); ++ fprintf(stderr, "CWD command not recognized, trying XCWD\n"); + (void) command("XCWD %s", argv[1]); + } + } +@@ -1546,7 +1546,7 @@ user(int argc, char *argv[]) + aflag++; + } + if (n != COMPLETE) { +- fprintf(stdout, "Login failed.\n"); ++ fprintf(stderr, "Login failed.\n"); + return; + } + if (!aflag && argc == 4) { +@@ -1567,7 +1567,7 @@ pwd(void) + */ + verbose = 1; + if (command("PWD") == ERROR && code == 500) { +- printf("PWD command not recognized, trying XPWD\n"); ++ fprintf(stderr, "PWD command not recognized, trying XPWD\n"); + (void) command("XPWD"); + } + verbose = oldverbose; +@@ -1587,7 +1587,7 @@ makedir(int argc, char *argv[]) + } + if (command("MKD %s", argv[1]) == ERROR && code == 500) { + if (verbose) +- printf("MKD command not recognized, trying XMKD\n"); ++ fprintf(stderr, "MKD command not recognized, trying XMKD\n"); + (void) command("XMKD %s", argv[1]); + } + } +@@ -1606,7 +1606,7 @@ removedir(int argc, char *argv[]) + } + if (command("RMD %s", argv[1]) == ERROR && code == 500) { + if (verbose) +- printf("RMD command not recognized, trying XRMD\n"); ++ fprintf(stderr, "RMD command not recognized, trying XRMD\n"); + (void) command("XRMD %s", argv[1]); + } + } +@@ -2212,7 +2212,7 @@ cdup(void) + { + if (command("CDUP") == ERROR && code == 500) { + if (verbose) +- printf("CDUP command not recognized, trying XCUP\n"); ++ fprintf(stderr, "CDUP command not recognized, trying XCUP\n"); + (void) command("XCUP"); + } + } diff --git a/source/n/netkit-ftp/patches/21-netkit-ftp-0.17-bitrate.patch b/source/n/netkit-ftp/patches/21-netkit-ftp-0.17-bitrate.patch new file mode 100644 index 00000000..eb2506e1 --- /dev/null +++ b/source/n/netkit-ftp/patches/21-netkit-ftp-0.17-bitrate.patch @@ -0,0 +1,14 @@ +diff -up netkit-ftp-0.17/ftp/ftp.c.old netkit-ftp-0.17/ftp/ftp.c +--- netkit-ftp-0.17/ftp/ftp.c.old 2008-01-28 10:23:17.000000000 +0100 ++++ netkit-ftp-0.17/ftp/ftp.c 2008-01-28 10:32:01.000000000 +0100 +@@ -1609,8 +1609,8 @@ ptransfer(const char *direction, long lo + s = td.tv_sec + (td.tv_usec / 1000000.); + #define nz(x) ((x) == 0 ? 1 : (x)) + bs = bytes / nz(s); +- printf("%lld bytes %s in %.3g secs (%.2g Kbytes/sec)\n", +- bytes, direction, s, bs / 1024.0); ++ printf("%lld bytes %s in %.3g secs (%.2f Kbytes/sec)\n", ++ bytes, direction, s, bs / 1000.0); + } + } + diff --git a/source/n/netkit-ftp/patches/22-netkit-ftp-0.17-arg_max.patch b/source/n/netkit-ftp/patches/22-netkit-ftp-0.17-arg_max.patch new file mode 100644 index 00000000..08a88bb5 --- /dev/null +++ b/source/n/netkit-ftp/patches/22-netkit-ftp-0.17-arg_max.patch @@ -0,0 +1,55 @@ +diff -up netkit-ftp-0.17/ftp/glob.c.arg_max netkit-ftp-0.17/ftp/glob.c +--- netkit-ftp-0.17/ftp/glob.c.arg_max 2008-04-07 11:41:14.000000000 +0200 ++++ netkit-ftp-0.17/ftp/glob.c 2008-04-07 12:01:53.000000000 +0200 +@@ -50,6 +50,7 @@ char glob_rcsid[] = + #include <stdio.h> + #include <stdlib.h> + #include <string.h> ++#include <unistd.h> + + #include "ftp_var.h" /* for protos only */ + #include "glob.h" +@@ -57,7 +58,7 @@ char glob_rcsid[] = + #define QUOTE 0200 + #define TRIM 0177 + #define eq(a,b) (strcmp(a, b)==0) +-#define GAVSIZ (ARG_MAX/6) ++#define GAVSIZ (sysconf(_SC_ARG_MAX)/6) + #define isdir(d) ((d.st_mode & S_IFMT) == S_IFDIR) + + const char *globerr; +@@ -115,7 +116,7 @@ char ** + ftpglob(const char *v) + { + char agpath[BUFSIZ]; +- entry agargv[GAVSIZ]; ++ entry *agargv; + centry vv[2]; + vv[0].text = v; + vv[1].text = NULL; +@@ -133,6 +134,8 @@ ftpglob(const char *v) + /* added ()'s to sizeof, (ambigious math for the compiler) */ + lastgpathp = agpath + (sizeof(agpath)- 2); + ++ agargv = (entry *)malloc(sizeof (entry) * GAVSIZ); ++ if (agargv == NULL) fatal("Out of memory"); + ginit(agargv); + globcnt = 0; + collect(v); +@@ -156,7 +159,7 @@ ginit(entry *agargv) + gargv = agargv; + sortbas = agargv; + gargc = 0; +- gnleft = ARG_MAX - 4; ++ gnleft = sysconf(_SC_ARG_MAX) - 4; + } + + static +@@ -674,6 +677,7 @@ efree(entry *av) + { + int i; + for (i=0; av[i].text; i++) free(av[i].text); ++ free((void *)av); + } + + static diff --git a/source/n/netkit-ftp/patches/23-netkit-ftp-0.17-case.patch b/source/n/netkit-ftp/patches/23-netkit-ftp-0.17-case.patch new file mode 100644 index 00000000..a6eb166b --- /dev/null +++ b/source/n/netkit-ftp/patches/23-netkit-ftp-0.17-case.patch @@ -0,0 +1,16 @@ +diff -up netkit-ftp-0.17/ftp/cmds.c.case netkit-ftp-0.17/ftp/cmds.c +--- netkit-ftp-0.17/ftp/cmds.c.case 2008-04-23 14:52:59.000000000 +0200 ++++ netkit-ftp-0.17/ftp/cmds.c 2008-04-23 14:58:07.000000000 +0200 +@@ -831,8 +831,11 @@ mget(int argc, char **argv) + tp++; + tp2++; + } ++ tp = tmpbuf; ++ } ++ else { ++ tp = cp; + } +- tp = tmpbuf; + } + if (ntflag) { + tp = dotrans(tp); diff --git a/source/n/netkit-ftp/patches/24-netkit-ftp-0.17-chkmalloc.patch b/source/n/netkit-ftp/patches/24-netkit-ftp-0.17-chkmalloc.patch new file mode 100644 index 00000000..f9a12107 --- /dev/null +++ b/source/n/netkit-ftp/patches/24-netkit-ftp-0.17-chkmalloc.patch @@ -0,0 +1,33 @@ +diff -up netkit-ftp-0.17/ftp/ruserpass.c.chkmalloc netkit-ftp-0.17/ftp/ruserpass.c +--- netkit-ftp-0.17/ftp/ruserpass.c.chkmalloc 2008-12-01 11:54:15.000000000 +0100 ++++ netkit-ftp-0.17/ftp/ruserpass.c 2008-12-01 11:56:06.000000000 +0100 +@@ -137,7 +137,8 @@ next: + if (token()) { + if (*aname == 0) { + *aname = malloc((unsigned) strlen(tokval) + 1); +- (void) strcpy(*aname, tokval); ++ if (*aname != NULL) ++ (void) strcpy(*aname, tokval); + } else { + if (strcmp(*aname, tokval)) + goto next; +@@ -158,7 +159,8 @@ next: + } + if (token() && *apass == 0) { + *apass = malloc((unsigned) strlen(tokval) + 1); +- (void) strcpy(*apass, tokval); ++ if (*apass != NULL) ++ (void) strcpy(*apass, tokval); + } + break; + case ACCOUNT: +@@ -170,7 +172,8 @@ next: + } + if (token() && *aacct == 0) { + *aacct = malloc((unsigned) strlen(tokval) + 1); +- (void) strcpy(*aacct, tokval); ++ if (*aacct != NULL) ++ (void) strcpy(*aacct, tokval); + } + break; + case MACDEF: diff --git a/source/n/netkit-ftp/patches/25-netkit-ftp-0.17-man.patch b/source/n/netkit-ftp/patches/25-netkit-ftp-0.17-man.patch new file mode 100644 index 00000000..13bc0a62 --- /dev/null +++ b/source/n/netkit-ftp/patches/25-netkit-ftp-0.17-man.patch @@ -0,0 +1,30 @@ +diff -up netkit-ftp-0.17/ftp/ftp.1.man netkit-ftp-0.17/ftp/ftp.1 +--- netkit-ftp-0.17/ftp/ftp.1.man 2011-03-29 09:35:52.588039000 +0200 ++++ netkit-ftp-0.17/ftp/ftp.1 2011-03-29 09:36:45.365651621 +0200 +@@ -197,7 +197,7 @@ current remote machine working directory + Change the permission modes of the file + .Ar file-name + on the remote +-sytem to ++system to + .Ar mode . + .It Ic close + Terminate the +@@ -342,7 +342,7 @@ Set the inactivity timer on the remote s + seconds. + If + .Ar seconds +-is ommitted, the current inactivity timer is printed. ++is omitted, the current inactivity timer is printed. + .It Ic lcd Op Ar directory + Change the working directory on the local machine. + If +@@ -850,7 +850,7 @@ Set the default umask on the remote serv + .Ar newmask . + If + .Ar newmask +-is ommitted, the current umask is printed. ++is omitted, the current umask is printed. + .It Xo + .Ic user Ar user-name + .Op Ar password diff --git a/source/n/netkit-ftp/patches/26-netkit-ftp-0.17-acct_ovl.patch b/source/n/netkit-ftp/patches/26-netkit-ftp-0.17-acct_ovl.patch new file mode 100644 index 00000000..ebff49c1 --- /dev/null +++ b/source/n/netkit-ftp/patches/26-netkit-ftp-0.17-acct_ovl.patch @@ -0,0 +1,13 @@ +diff -up netkit-ftp-0.17/ftp/cmds.c.acct_ovl netkit-ftp-0.17/ftp/cmds.c +--- netkit-ftp-0.17/ftp/cmds.c.acct_ovl 2011-09-09 15:36:36.087956561 +0200 ++++ netkit-ftp-0.17/ftp/cmds.c 2011-09-09 15:41:16.457495370 +0200 +@@ -1837,8 +1837,7 @@ account(int argc, char *argv[]) + while (argc > 1) { + --argc; + ++argv; +- strncat(buf, *argv, sizeof(buf)-strlen(buf)); +- buf[sizeof(buf)-1] = 0; ++ strncat(buf, *argv, sizeof(buf)-strlen(buf)-1); + } + ap = buf; + } diff --git a/source/n/netkit-ftp/patches/27-netkit-ftp-0.17-remove-nested-include.patch b/source/n/netkit-ftp/patches/27-netkit-ftp-0.17-remove-nested-include.patch new file mode 100644 index 00000000..97cf1360 --- /dev/null +++ b/source/n/netkit-ftp/patches/27-netkit-ftp-0.17-remove-nested-include.patch @@ -0,0 +1,18 @@ +--- netkit-ftp-0.17/ftp/ftp.c 2012-07-20 07:55:48.545151322 +0200 ++++ netkit-ftp-0.17-new/ftp/ftp.c 2012-07-20 08:05:07.941468914 +0200 +@@ -74,6 +74,7 @@ char ftp_rcsid[] = + #include <sys/socket.h> + #include <sys/time.h> + #include <sys/file.h> ++#include <sys/poll.h> + + #include <netinet/in.h> + #include <netinet/ip.h> +@@ -820,7 +821,6 @@ sendrequest(const char *cmd, char *local + /* It can be later removed. */ + if (old_code_l == 150 && code == 150 && cpend == 1 + && sunique == 1 && cin != NULL && fileno (cin) >= 0 ) { +- #include <sys/poll.h> + struct pollfd fds_events_l [2] ; + int rc; + diff --git a/source/n/netkit-ftp/patches/28-netkit-ftp-0.17-linelen.patch b/source/n/netkit-ftp/patches/28-netkit-ftp-0.17-linelen.patch new file mode 100644 index 00000000..2e80a3f1 --- /dev/null +++ b/source/n/netkit-ftp/patches/28-netkit-ftp-0.17-linelen.patch @@ -0,0 +1,33 @@ +--- netkit-ftp-0.17-dist/ftp/ftp_var.h 2012-10-29 10:02:44.455342130 +0100 ++++ netkit-ftp-0.17-new/ftp/ftp_var.h 2012-10-29 10:02:31.292342775 +0100 +@@ -54,6 +54,7 @@ + #define Extern extern + #endif + ++#define LINELEN PATH_MAX+200 + + /* + * Options and other state info. +@@ -109,9 +110,9 @@ Extern int ftp_port; /* htons'd port num + + Extern sigjmp_buf toplevel; /* non-local goto stuff for cmd scanner */ + +-Extern char line[200]; /* input line buffer */ ++Extern char line[LINELEN]; /* input line buffer */ + Extern char *stringbase; /* current scan point in line buffer */ +-Extern char argbuf[200]; /* argument storage buffer */ ++Extern char argbuf[LINELEN]; /* argument storage buffer */ + Extern char *argbase; /* current storage point in arg buffer */ + Extern int cpend; /* flag: if != 0, then pending server reply */ + Extern int mflag; /* flag: if != 0, then active multi command */ +--- netkit-ftp-0.17/ftp/domacro.c 2012-10-29 10:02:44.394342130 +0100 ++++ netkit-ftp-0.17-new/ftp/domacro.c 2012-10-29 10:02:31.292342775 +0100 +@@ -53,7 +53,7 @@ domacro(int argc, char *argv[]) + register int i, j; + register char *cp1, *cp2; + int count = 2, loopflg = 0; +- char line2[200]; ++ char line2[LINELEN]; + struct cmd *c; + + if (argc < 2 && !another(&argc, &argv, "macro name")) { diff --git a/source/n/netkit-ftp/patches/29-netkit-ftp-0.17-active-mode-option.patch b/source/n/netkit-ftp/patches/29-netkit-ftp-0.17-active-mode-option.patch new file mode 100644 index 00000000..c3226a62 --- /dev/null +++ b/source/n/netkit-ftp/patches/29-netkit-ftp-0.17-active-mode-option.patch @@ -0,0 +1,35 @@ +--- netkit-ftp-0.17/ftp/main.c.orig 2012-08-22 14:13:47.452058828 +0200 ++++ netkit-ftp-0.17/ftp/main.c 2012-08-22 14:16:47.964124112 +0200 +@@ -87,7 +87,8 @@ static + void + usage(void) + { +- printf("\n\tUsage: { ftp | pftp } [-pinegvtd] [hostname]\n"); ++ printf("\n\tUsage: { ftp | pftp } [-Apinegvtd] [hostname]\n"); ++ printf("\t -A: enable active mode\n"); + printf("\t -p: enable passive mode (default for ftp and pftp)\n"); + printf("\t -i: turn off prompting during mget\n"); + printf("\t -n: inhibit auto-login\n"); +@@ -166,6 +167,10 @@ main(volatile int argc, char **volatile + passivemode = 1; + break; + ++ case 'A': ++ passivemode = 0; ++ break; ++ + case 'g': + doglob = 0; + break; +--- netkit-ftp-0.17/ftp/ftp.1.orig 2009-10-26 15:38:34.000000000 -0500 ++++ netkit-ftp-0.17/ftp/ftp.1 2009-10-26 15:41:12.000000000 -0500 +@@ -58,6 +58,9 @@ + Options may be specified at the command line, or to the + command interpreter. + .Bl -tag -width flag ++.It Fl A ++Use active mode for data transfers. This is useful for transmissions ++to servers which do not support passive connections (for whatever reason.) + .It Fl p + Use passive mode for data transfers. Allows use of ftp in environments + where a firewall prevents connections from the outside world back to diff --git a/source/n/netkit-ftp/patches/30-netkit-ftp-0.17-commands-leaks.patch b/source/n/netkit-ftp/patches/30-netkit-ftp-0.17-commands-leaks.patch new file mode 100644 index 00000000..a2bd2647 --- /dev/null +++ b/source/n/netkit-ftp/patches/30-netkit-ftp-0.17-commands-leaks.patch @@ -0,0 +1,13 @@ +diff -up netkit-ftp-0.17/ftp/cmds.c.orig netkit-ftp-0.17/ftp/cmds.c +--- netkit-ftp-0.17/ftp/cmds.c.orig 2011-09-05 14:41:34.000000000 +0200 ++++ netkit-ftp-0.17/ftp/cmds.c 2011-09-05 14:44:44.000000000 +0200 +@@ -499,6 +499,9 @@ usage: + } + sendrequest(cmd, argv[1], argv[2], + argv[1] != oldargv1 || argv[2] != oldargv2); ++ if (argv[1] != oldargv1) { ++ free(argv[1]); ++ } + } + + void mabort(int); diff --git a/source/n/netkit-ftp/patches/31-netkit-ftp-0.17-lsn-timeout.patch b/source/n/netkit-ftp/patches/31-netkit-ftp-0.17-lsn-timeout.patch new file mode 100644 index 00000000..561ccdbb --- /dev/null +++ b/source/n/netkit-ftp/patches/31-netkit-ftp-0.17-lsn-timeout.patch @@ -0,0 +1,24 @@ +--- netkit-ftp-0.17/ftp/ftp.c.to 2012-08-10 15:49:08.510257542 +0200 ++++ netkit-ftp-0.17/ftp/ftp.c 2012-08-10 15:49:32.386220785 +0200 +@@ -1245,6 +1245,10 @@ initconn(void) + u_int ad[16], po[2], af, alen, plen; + char *pasvcmd = NULL; + char hbuf[MAXHOSTNAMELEN], pbuf[NI_MAXSERV]; ++ struct timeval timeout; ++ ++ timeout.tv_sec = 30; ++ timeout.tv_usec = 0; + + #ifdef INET6 + if (myctladdr.su_family == AF_INET6 +@@ -1486,6 +1490,10 @@ noport: + perror("ftp: setsockopt (reuse address)"); + goto bad; + } ++ if (setsockopt (data, SOL_SOCKET, SO_RCVTIMEO, (char *)&timeout, ++ sizeof(timeout)) < 0) { ++ perror("ftp: setsockopt failed\n"); ++ } + if (bind(data, (struct sockaddr *)&data_addr, sizeof (data_addr)) < 0) { + perror("ftp: bind"); + goto bad; diff --git a/source/n/netkit-ftp/patches/32-netkit-ftp-0.17-getlogin.patch b/source/n/netkit-ftp/patches/32-netkit-ftp-0.17-getlogin.patch new file mode 100644 index 00000000..9feb3159 --- /dev/null +++ b/source/n/netkit-ftp/patches/32-netkit-ftp-0.17-getlogin.patch @@ -0,0 +1,37 @@ +--- netkit-ftp-0.17-dist/ftp/ftp.c 2012-10-02 14:44:06.328343277 +0200 ++++ netkit-ftp-0.17-new/ftp/ftp.c 2012-10-03 09:07:47.381868330 +0200 +@@ -328,14 +328,12 @@ dologin(const char *host) + return(0); + } + while (luser == NULL) { +- char *myname = getlogin(); ++ char *myname = NULL; + +- if (myname == NULL) { +- struct passwd *pp = getpwuid(getuid()); ++ struct passwd *pp = getpwuid(getuid()); + +- if (pp != NULL) +- myname = pp->pw_name; +- } ++ if (pp != NULL) ++ myname = pp->pw_name; + if (myname) + printf("Name (%s:%s): ", host, myname); + else +--- netkit-ftp-0.17-dist/ftp/main.c 2012-10-02 14:44:06.330343274 +0200 ++++ netkit-ftp-0.17-new/ftp/main.c 2012-10-03 09:07:36.849862227 +0200 +@@ -204,12 +204,7 @@ main(volatile int argc, char **volatile + /* + * Set up the home directory in case we're globbing. + */ +- cp = getlogin(); +- if (cp != NULL) { +- pw = getpwnam(cp); +- } +- if (pw == NULL) +- pw = getpwuid(getuid()); ++ pw = getpwuid(getuid()); + if (pw != NULL) { + strncpy(homedir, pw->pw_dir, sizeof(homedir)); + homedir[sizeof(homedir)-1] = 0; diff --git a/source/n/netkit-ftp/patches/33-netkit-ftp-0.17-token.patch b/source/n/netkit-ftp/patches/33-netkit-ftp-0.17-token.patch new file mode 100644 index 00000000..d8883009 --- /dev/null +++ b/source/n/netkit-ftp/patches/33-netkit-ftp-0.17-token.patch @@ -0,0 +1,75 @@ +diff -rup netkit-ftp-0.17/ftp/ruserpass.c netkit-ftp-0.17-new/ftp/ruserpass.c +--- netkit-ftp-0.17/ftp/ruserpass.c 2012-10-29 15:11:10.593841089 +0100 ++++ netkit-ftp-0.17-new/ftp/ruserpass.c 2012-10-29 15:13:14.379822697 +0100 +@@ -58,7 +58,8 @@ static int token(void); + #define ID 10 + #define MACH 11 + +-static char tokval[100]; ++#define MAXTOKENLEN 4096 ++static char tokval[MAXTOKENLEN]; + + static struct toktab { + const char *tokstr; +@@ -249,13 +250,16 @@ bad: + return(-1); + } + +-static ++static + int + token(void) + { + char *cp; + int c; + struct toktab *t; ++ size_t toklen = 0; ++ int showwarn = 1; ++ int quote = 0; + + if (feof(cfile)) + return (0); +@@ -266,20 +270,32 @@ token(void) + return (0); + cp = tokval; + if (c == '"') { +- while ((c = getc(cfile)) != EOF && c != '"') { +- if (c == '\\') +- c = getc(cfile); +- *cp++ = c; +- } +- } else { ++ quote = 1; ++ } ++ else { + *cp++ = c; +- while ((c = getc(cfile)) != EOF +- && c != '\n' && c != '\t' && c != ' ' && c != ',') { +- if (c == '\\') +- c = getc(cfile); +- *cp++ = c; ++ toklen++; ++ } ++ while ((c = getc(cfile)) != EOF) { ++ if (c == '"') ++ break; ++ if (c == '\\') ++ c = getc(cfile); ++ if (!quote && (c == '\n' || c == '\t' || c == ' ' || c == ',')) ++ break; ++ if (toklen >= MAXTOKENLEN) { ++ if (showwarn) { ++ fprintf(stderr, ++ "Warning: .netrc token too long, will be trunctated to %zd characters\n", ++ toklen); ++ showwarn = 0; ++ } ++ continue; + } ++ *cp++ = c; ++ toklen++; + } ++ + *cp = 0; + if (tokval[0] == 0) + return (0); diff --git a/source/n/nettle/nettle.SlackBuild b/source/n/nettle/nettle.SlackBuild index 599b7a9a..b938c642 100755 --- a/source/n/nettle/nettle.SlackBuild +++ b/source/n/nettle/nettle.SlackBuild @@ -30,7 +30,7 @@ NUMJOBS=${NUMJOBS:--j6} if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) ARCH=i486 ;; + i?86) ARCH=i586 ;; arm*) ARCH=arm ;; *) ARCH=$( uname -m ) ;; esac @@ -40,8 +40,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-$PKGNAM -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "i686" ]; then SLKCFLAGS="-O2 -march=i686 -mtune=i686" diff --git a/source/n/netwatch/netwatch.SlackBuild b/source/n/netwatch/netwatch.SlackBuild index dd87b1d6..40338d61 100755 --- a/source/n/netwatch/netwatch.SlackBuild +++ b/source/n/netwatch/netwatch.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2016 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -21,14 +21,14 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=1.3.0 -EXTRAVERSION=${EXTRAVERSION:-1} -BUILD=${BUILD:-2} +VERSION=1.3.1 +EXTRAVERSION=${EXTRAVERSION:-2} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -37,8 +37,8 @@ fi NUMJOBS=${NUMJOBS:-" -j7 "} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" elif [ "$ARCH" = "i686" ]; then SLKCFLAGS="-O2 -march=i686 -mtune=i686" elif [ "$ARCH" = "x86_64" ]; then @@ -54,9 +54,9 @@ rm -rf $PKG mkdir -p $TMP $PKG/usr cd $TMP -rm -rf netwatch-$VERSION -tar xvf $CWD/netwatch-$VERSION-$EXTRAVERSION.tar.gz || exit 1 -cd netwatch-$VERSION || exit 1 +rm -rf netwatch-$VERSION-$EXTRAVERSION +tar xvf $CWD/netwatch-$VERSION-$EXTRAVERSION.tar.xz || exit 1 +cd netwatch-$VERSION-$EXTRAVERSION || exit 1 chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ @@ -97,16 +97,16 @@ find $PKG | xargs file | grep -e "executable" -e "shared object" \ ) # Copy program documentation into the package -mkdir -p $PKG/usr/doc/netwatch-$VERSION +mkdir -p $PKG/usr/doc/netwatch-${VERSION}_${EXTRAVERSION} cp -a \ BUGS CHANGES COPYING README README.performance TODO \ netwatch-$VERSION.lsm NetwatchKeyCommands.html \ - $PKG/usr/doc/netwatch-$VERSION + $PKG/usr/doc/netwatch-${VERSION}_${EXTRAVERSION} # Copy the slack-desc mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc cd $PKG -/sbin/makepkg -l y -c n $TMP/netwatch-$VERSION-$ARCH-$BUILD.txz +/sbin/makepkg -l y -c n $TMP/netwatch-${VERSION}_${EXTRAVERSION}-$ARCH-$BUILD.txz diff --git a/source/n/network-scripts/manpages/rc.inet1.8 b/source/n/network-scripts/manpages/rc.inet1.8 index 3e5222cc..9b4d9149 100644 --- a/source/n/network-scripts/manpages/rc.inet1.8 +++ b/source/n/network-scripts/manpages/rc.inet1.8 @@ -24,21 +24,21 @@ The way to start your network (the configuration of your nics and bringing the interfaces up, and creating a default route if required) is by running the command: .LP -.B /etc/rc.d.rc.inet1 +.B /etc/rc.d/rc.inet1 .LP Restarting the whole network (all available network interfaces) is done in a similar fashion: .LP -.B /etc/rc.d.rc.inet1 restart +.B /etc/rc.d/rc.inet1 restart .LP More generically speaking, you can start/stop/restart any network interface yourself by running one of the commands: .LP -.B /etc/rc.d.rc.inet1 INTERFACE_start +.B /etc/rc.d/rc.inet1 INTERFACE_start .LP -.B /etc/rc.d.rc.inet1 INTERFACE_stop +.B /etc/rc.d/rc.inet1 INTERFACE_stop .LP -.B /etc/rc.d.rc.inet1 INTERFACE_restart +.B /etc/rc.d/rc.inet1 INTERFACE_restart .LP where .I `INTERFACE' diff --git a/source/n/network-scripts/network-scripts.SlackBuild b/source/n/network-scripts/network-scripts.SlackBuild index 7b4b06e0..d19c6022 100755 --- a/source/n/network-scripts/network-scripts.SlackBuild +++ b/source/n/network-scripts/network-scripts.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2006, 2007, 2008, 2009, 2010, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2006, 2007, 2008, 2009, 2010, 2012, 2013, 2015 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,9 +22,9 @@ PKGNAM=network-scripts -VERSION=${VERSION:-14.1} +VERSION=${VERSION:-14.2} ARCH=noarch -BUILD=${BUILD:-2} +BUILD=${BUILD:-1} CWD=$(pwd) TMP=${TMP:-/tmp} diff --git a/source/n/network-scripts/scripts/rc.inet1 b/source/n/network-scripts/scripts/rc.inet1 index dc325f47..f2d85a6d 100644 --- a/source/n/network-scripts/scripts/rc.inet1 +++ b/source/n/network-scripts/scripts/rc.inet1 @@ -208,7 +208,9 @@ if_down() { . /etc/rc.d/rc.wireless ${1} stop # Kill wireless daemons if any. fi # If the interface is a bridge, then destroy it now: - [ -n "${BRNICS[$i]}" ] && br_close $i + if [ -n "${BRNICS[$i]}" ]; then + br_close $i + fi fi } @@ -268,11 +270,17 @@ case "$1" in stop start ;; +'lo_start') # Start the loopback interface: + lo_up + ;; *_start) # Example: "eth1_start" will start the specified interface 'eth1' INTERFACE=`echo $1 | /bin/cut -d '_' -f 1` if_up $INTERFACE gateway_up ;; +'lo_stop') # Stop the loopback interface: + lo_down + ;; *_stop) # Example: "eth0_stop" will stop the specified interface 'eth0' INTERFACE=`echo $1 | /bin/cut -d '_' -f 1` if_down $INTERFACE @@ -290,11 +298,17 @@ case "$1" in 'down') # "down" does the same thing as "stop" stop ;; +'lo_up') # Start the loopback interface: + lo_up + ;; *_up) # "*_up" does the same thing as "*_start" INTERFACE=`echo $1 | /bin/cut -d '_' -f 1` if_up $INTERFACE gateway_up ;; +'lo_down') # Stop the loopback interface: + lo_down + ;; *_down) # "*_down" does the same thing as "*_stop" INTERFACE=`echo $1 | /bin/cut -d '_' -f 1` if_down $INTERFACE diff --git a/source/n/nfs-utils/ignore_unsupported_address_types_in_nfssvc_setfds.diff b/source/n/nfs-utils/ignore_unsupported_address_types_in_nfssvc_setfds.diff new file mode 100644 index 00000000..6384888e --- /dev/null +++ b/source/n/nfs-utils/ignore_unsupported_address_types_in_nfssvc_setfds.diff @@ -0,0 +1,37 @@ +From: Christoph Hellwig <hch at lst.de> +Subject: nfsd: ignore unsupported address types in nfssvc_setfds + +Just continue and try a different record returned from getaddrinfo +if the kernel does not support an address family. This fixes nfsd +startup on kernels without IPv6 support. + +Suggested-by: Chuck Lever <chuck.lever at oracle.com> +Signed-off-by: Christoph Hellwig <hch at lst.de> + +diff --git a/utils/nfsd/nfssvc.c b/utils/nfsd/nfssvc.c +index a2b11d8..fc11d23 100644 +--- a/utils/nfsd/nfssvc.c ++++ b/utils/nfsd/nfssvc.c +@@ -174,15 +174,14 @@ nfssvc_setfds(const struct addrinfo *hints, const char *node, const char *port) + sockfd = socket(addr->ai_family, addr->ai_socktype, + addr->ai_protocol); + if (sockfd < 0) { +- if (errno == EAFNOSUPPORT) +- xlog(L_NOTICE, "address family %s not " +- "supported by protocol %s", +- family, proto); +- else ++ if (errno != EAFNOSUPPORT) { + xlog(L_ERROR, "unable to create %s %s socket: " + "errno %d (%m)", family, proto, errno); +- rc = errno; +- goto error; ++ rc = errno; ++ goto error; ++ } ++ addr = addr->ai_next; ++ continue; + } + #ifdef IPV6_SUPPORTED + if (addr->ai_family == AF_INET6 && +-- diff --git a/source/n/nfs-utils/nfs-utils-1.2.8.tar.sign b/source/n/nfs-utils/nfs-utils-1.2.8.tar.sign Binary files differdeleted file mode 100644 index c2cde499..00000000 --- a/source/n/nfs-utils/nfs-utils-1.2.8.tar.sign +++ /dev/null diff --git a/source/n/nfs-utils/nfs-utils-1.3.3.tar.sign b/source/n/nfs-utils/nfs-utils-1.3.3.tar.sign Binary files differnew file mode 100644 index 00000000..0fcb786f --- /dev/null +++ b/source/n/nfs-utils/nfs-utils-1.3.3.tar.sign diff --git a/source/n/nfs-utils/nfs-utils.SlackBuild b/source/n/nfs-utils/nfs-utils.SlackBuild index d3305c12..e8800479 100755 --- a/source/n/nfs-utils/nfs-utils.SlackBuild +++ b/source/n/nfs-utils/nfs-utils.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2013, 2016 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -21,13 +21,13 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=1.2.8 -BUILD=${BUILD:-1} +VERSION=1.3.3 +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -36,8 +36,8 @@ fi NUMJOBS=${NUMJOBS:-" -j7 "} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" elif [ "$ARCH" = "x86_64" ]; then @@ -68,6 +68,8 @@ tar xvf $CWD/nfs-utils-$VERSION.tar.xz || exit 1 cd nfs-utils-$VERSION || exit 1 zcat $CWD/nfs-utils.lwrap.needs.lnsl.diff.gz | patch -p1 --verbose || exit 1 +# Fix problems on machines without IPv6: +zcat $CWD/ignore_unsupported_address_types_in_nfssvc_setfds.diff.gz | patch -p1 -l --verbose || exit 1 chown -R root:root . find . \ @@ -83,11 +85,10 @@ CFLAGS="$SLKCFLAGS" \ --prefix=/usr \ --mandir=/usr/man \ --with-statedir=/var/lib/nfs \ - --enable-nfsv3 \ --enable-mountconfig \ --enable-nfsv4=no \ --enable-gss=no \ - --enable-tirpc=no \ + --enable-tirpc=yes \ --program-prefix= \ --program-suffix= \ --build=$ARCH-slackware-linux diff --git a/source/n/nfs-utils/slack-desc b/source/n/nfs-utils/slack-desc index 158b4a97..09eefaa4 100644 --- a/source/n/nfs-utils/slack-desc +++ b/source/n/nfs-utils/slack-desc @@ -11,7 +11,7 @@ nfs-utils: nfs-utils: The nfs-utils package contains the necessary daemons and utilities to nfs-utils: run an NFS server on Linux. nfs-utils: -nfs-utils: You'll also need the portmap package to use NFS. +nfs-utils: You'll also need the rpcbind package to use NFS. nfs-utils: nfs-utils: nfs-utils: diff --git a/source/n/obex-data-server/obex-data-server.SlackBuild b/source/n/nftables/nftables.SlackBuild index 0f8aed13..b9a04f1b 100755 --- a/source/n/obex-data-server/obex-data-server.SlackBuild +++ b/source/n/nftables/nftables.SlackBuild @@ -1,7 +1,6 @@ -#!/bin/bash +#!/bin/sh -# Copyright 2009 Robby Workman, Northport, Alabama, USA -# Copyright 2010, 2012 Patrick Volkerding, Sebeka, MN, USA +# Copyright 2014 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -10,7 +9,7 @@ # 1. Redistributions of this script must retain the above copyright # notice, this list of conditions and the following disclaimer. # -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED # WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF # MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO # EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, @@ -21,59 +20,48 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -# Modified 2012 by Eric Hameleers <alien at slackware.com> for ARM port. - - -PKGNAM=obex-data-server -VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +PKGNAM=nftables +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: -MARCH=$( uname -m ) if [ -z "$ARCH" ]; then - case "$MARCH" in - i?86) export ARCH=i486 ;; - armv7hl) export ARCH=$MARCH ;; - arm*) export ARCH=arm ;; + case "$( uname -m )" in + i?86) export ARCH=i586 ;; + arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: - *) export ARCH=$MARCH ;; + *) export ARCH=$( uname -m ) ;; esac fi -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" -elif [ "$ARCH" = "i686" ]; then - SLKCFLAGS="-O2 -march=i686 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" LIBDIRSUFFIX="" elif [ "$ARCH" = "x86_64" ]; then SLKCFLAGS="-O2 -fPIC" LIBDIRSUFFIX="64" -elif [ "$ARCH" = "armv7hl" ]; then - SLKCFLAGS="-O2 -march=armv7-a -mfpu=vfpv3-d16" - LIBDIRSUFFIX="" else SLKCFLAGS="-O2" LIBDIRSUFFIX="" fi -case "$ARCH" in - arm*) TARGET=$ARCH-slackware-linux-gnueabi ;; - *) TARGET=$ARCH-slackware-linux ;; -esac - CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-$PKGNAM rm -rf $PKG mkdir -p $TMP $PKG + cd $TMP rm -rf $PKGNAM-$VERSION -tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1 -cd $PKGNAM-$VERSION +tar xf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 + chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ @@ -83,45 +71,45 @@ find . \ CFLAGS="$SLKCFLAGS" \ CXXFLAGS="$SLKCFLAGS" \ +LIBS="-lncursesw" \ ./configure \ --prefix=/usr \ --libdir=/usr/lib${LIBDIRSUFFIX} \ --sysconfdir=/etc \ --localstatedir=/var \ --mandir=/usr/man \ - --build=$TARGET + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --disable-static \ + --build=$ARCH-slackware-linux || exit 1 make $NUMJOBS || make || exit 1 make install DESTDIR=$PKG || exit 1 -find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ - | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null - -# Don't clobber config files -mv $PKG/etc/obex-data-server/imaging_capabilities.xml \ - $PKG/etc/obex-data-server/imaging_capabilities.xml.new -mv $PKG/etc/obex-data-server/capability.xml \ - $PKG/etc/obex-data-server/capability.xml.new - -gzip -9 $PKG/usr/man/man?/*.? +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.la + +find $PKG -print0 | xargs -0 file | grep -e "executable" -e "shared object" | \ + grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION -cp -a \ - AUTHORS COPYING* NEWS README* \ - $PKG/usr/doc/$PKGNAM-$VERSION - -# If there's a ChangeLog, installing at least part of the recent history -# is useful, but don't let it get totally out of control: -if [ -r ChangeLog ]; then - DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) - cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog - touch -r ChangeLog $DOCSDIR/ChangeLog -fi +cp -a COPYING* README* $PKG/usr/doc/$PKGNAM-$VERSION mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc -zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh cd $PKG /sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz - diff --git a/source/n/nftables/slack-desc b/source/n/nftables/slack-desc new file mode 100644 index 00000000..7071141d --- /dev/null +++ b/source/n/nftables/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. +# Line up the first '|' above the ':' following the base package name, and +# the '|' on the right side marks the last column you can put a character in. +# You must make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':' except on otherwise blank lines. + + |-----handy-ruler------------------------------------------------------| +nftables: nftables (packet filtering and classification) +nftables: +nftables: nftables provides a new packet filtering framework, a new userspace +nftables: utility, and also a compatibility layer for {ip,ip6}tables. nftables +nftables: is built upon the building blocks of the Netfilter infrastructure such +nftables: as the existing hooks, the connection tracking system, the userspace +nftables: queueing component, and the logging subsystem. +nftables: +nftables: Homepage: http://www.netfilter.org/projects/nftables/ +nftables: +nftables: diff --git a/source/n/nmap/nmap.SlackBuild b/source/n/nmap/nmap.SlackBuild index 0f331516..1a20178a 100755 --- a/source/n/nmap/nmap.SlackBuild +++ b/source/n/nmap/nmap.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2015 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -20,21 +20,22 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=${VERSION:-6.40} +PKGNAM=nmap +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac fi -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "i686" ]; then SLKCFLAGS="-O2 -march=i686 -mtune=i686" @@ -63,8 +64,6 @@ rm -rf nmap-$VERSION tar xvf $CWD/nmap-$VERSION.tar.?z* || exit 1 cd nmap-$VERSION || exit 1 -zcat $CWD/nmap.ndiff.mandir.diff.gz | patch -p1 || exit 1 - chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ @@ -72,6 +71,8 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; +sed -i "s,share/man/man1,man/man1,g" ndiff/setup.py + # --without-nmap-update is needed below to avoid depending on apr and subversion libraries. # It's not worth the feature IMHO. LIBS="-lnl" \ diff --git a/source/n/nmap/nmap.ndiff.mandir.diff b/source/n/nmap/nmap.ndiff.mandir.diff deleted file mode 100644 index 597a31b9..00000000 --- a/source/n/nmap/nmap.ndiff.mandir.diff +++ /dev/null @@ -1,9 +0,0 @@ ---- ./ndiff/setup.py.orig 2009-04-20 14:15:00.000000000 -0500 -+++ ./ndiff/setup.py 2009-04-30 17:28:56.000000000 -0500 -@@ -29,5 +29,5 @@ - + "Installing your distribution's python-dev package may solve this problem.") - - distutils.core.setup(name = u"ndiff", scripts = [u"ndiff"], -- data_files = [(u"share/man/man1", [u"docs/ndiff.1"])], -+ data_files = [(u"man/man1", [u"docs/ndiff.1"])], - cmdclass = {"install_egg_info": null_command, "install": checked_install}) diff --git a/source/n/ntp/ntp.SlackBuild b/source/n/ntp/ntp.SlackBuild index f514aa6c..21ca6248 100755 --- a/source/n/ntp/ntp.SlackBuild +++ b/source/n/ntp/ntp.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2012, 2014, 2015 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,12 +22,12 @@ PKGNAM=ntp VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-4} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -36,8 +36,8 @@ fi NUMJOBS=${NUMJOBS:-" -j7 "} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" elif [ "$ARCH" = "x86_64" ]; then @@ -61,10 +61,10 @@ zcat $CWD/ntp.nano.diff.gz | patch -p1 --verbose || exit 1 chown -R root:root . find . \ - \( -perm 2777 -o -perm 2755 \) \ - -exec chmod 755 {} \; -o \ + \( -perm 2777 -o -perm 2755 -o -perm 2775 \) \ + -exec chmod u+rwx,g-sw,g+rx,o-w,o+rx {} \; -o \ \( -perm 777 -o -perm 775 -o -perm 774 -o -perm 711 -o -perm 555 -o -perm 511 \) \ - -exec chmod 755 {} \; -o \ + -exec chmod u+rwx,g-sw,g+rx,o-w,o+rx {} \; -o \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; @@ -76,6 +76,8 @@ CFLAGS="$SLKCFLAGS" \ --bindir=/usr/sbin \ --sbindir=/usr/sbin \ --mandir=/usr/man \ + --docdir=/usr/doc/ntp-$VERSION \ + --htmldir=/usr/doc/ntp-$VERSION \ --enable-ipv6 \ --with-crypto \ --program-prefix= \ @@ -90,8 +92,11 @@ make -i install DESTDIR=$PKG || exit 1 mv $PKG/usr/bin/* $PKG/usr/sbin rmdir $PKG/usr/bin -# This is just epty: -rmdir $PKG/usr/lib || exit 1 +# This might only be an empty directory: +rmdir $PKG/usr/lib/pkgconfig + +# This should be empty. Try to remove it, and error out if it's not actually empty: +rmdir $PKG/usr/libexec || exit 1 mkdir -p $PKG/etc/ntp cat $CWD/ntp.conf > $PKG/etc/ntp.conf.new @@ -102,10 +107,10 @@ touch $PKG/etc/ntp/step-tickers mkdir -p $PKG/etc/rc.d cat $CWD/rc.ntpd > $PKG/etc/rc.d/rc.ntpd.new -mkdir -p $PKG/usr/doc/ntp-$VERSION +mv $PKG/usr/doc/ntp-$VERSION/*.html $PKG/usr/doc/ntp-$VERSION/html || exit 1 cp -a \ COPYRIGHT NEWS README* TODO WHERE-TO-START \ - *.y2kfixes clockstuff conf html scripts \ + *.y2kfixes clockstuff conf scripts \ $PKG/usr/doc/ntp-$VERSION mkdir $PKG/usr/doc/ntp-$VERSION/util cp -a util/README $PKG/usr/doc/ntp-$VERSION/util diff --git a/source/n/ntp/ntp.conf b/source/n/ntp/ntp.conf index 74aae4c1..1844fb91 100644 --- a/source/n/ntp/ntp.conf +++ b/source/n/ntp/ntp.conf @@ -16,7 +16,10 @@ fudge 127.127.1.0 stratum 10 # # NTP server (list one or more) to synchronize with: -#server pool.ntp.org iburst +#server 0.pool.ntp.org iburst +#server 1.pool.ntp.org iburst +#server 2.pool.ntp.org iburst +#server 3.pool.ntp.org iburst # # Drift file. Put this in a directory which the daemon can write to. @@ -46,9 +49,24 @@ driftfile /etc/ntp/drift # # Don't serve time or stats to anyone else by default (more secure) -restrict default noquery nomodify +restrict default limited kod nomodify notrap nopeer noquery +restrict -6 default limited kod nomodify notrap nopeer noquery + +# +# Use these lines instead if you do want to serve time and stats to +# other machines on the network: +#restrict default limited kod nomodify notrap nopeer +#restrict -6 default limited kod nomodify notrap nopeer + +# +# Disable the ntpdc -c monlist command, which is insecure and can be used +# to cause a denial of service attack (CVE-2013-5211). Future versions of +# NTP will remove this command. +# (this feature was disabled by default with ntpd 4.2.7p230) +disable monitor # # Trust ourselves. :-) restrict 127.0.0.1 +restrict ::1 diff --git a/source/n/ntp/rc.ntpd b/source/n/ntp/rc.ntpd index c1d1411c..7cf3d50b 100644 --- a/source/n/ntp/rc.ntpd +++ b/source/n/ntp/rc.ntpd @@ -7,21 +7,6 @@ ntpd_start() { echo -n "Starting NTP daemon: $CMDLINE" $CMDLINE -p /var/run/ntpd.pid echo - # The kernel is now mocking around with the the hardware clock if - # ntpd is running, so if the hardware clock (wall clock) is set to - # 'localtime' execute hwclock --localtime --systohc to disable the - # 11 minute mode kernel function: - if [ -x /sbin/hwclock ]; then - # Check for a broken motherboard RTC clock (where ioports for rtc are - # unknown) to prevent hwclock causing a hang: - if ! grep -q -w rtc /proc/ioports ; then - CLOCK_OPT="--directisa" - fi - if ! grep -q "^UTC" /etc/hardwareclock 2> /dev/null ; then - echo "Saving system time to the hardware clock (localtime)." - /sbin/hwclock $CLOCK_OPT --localtime --systohc - fi - fi } # Stop ntpd: diff --git a/source/n/obex-data-server/doinst.sh b/source/n/obex-data-server/doinst.sh deleted file mode 100644 index 6c2a2f1c..00000000 --- a/source/n/obex-data-server/doinst.sh +++ /dev/null @@ -1,16 +0,0 @@ -config() { - NEW="$1" - OLD="$(dirname $NEW)/$(basename $NEW .new)" - # If there's no config file by that name, mv it over: - if [ ! -r $OLD ]; then - mv $NEW $OLD - elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then - # toss the redundant copy - rm $NEW - fi - # Otherwise, we leave the .new copy for the admin to consider... -} - -config etc/obex-data-server/imaging_capabilities.xml.new -config etc/obex-data-server/capability.xml.new - diff --git a/source/n/obex-data-server/obex-data-server.url b/source/n/obex-data-server/obex-data-server.url deleted file mode 100644 index 8b6e257c..00000000 --- a/source/n/obex-data-server/obex-data-server.url +++ /dev/null @@ -1 +0,0 @@ -http://tadas.dailyda.com/software/ diff --git a/source/n/obex-data-server/slack-desc b/source/n/obex-data-server/slack-desc deleted file mode 100644 index 418beba0..00000000 --- a/source/n/obex-data-server/slack-desc +++ /dev/null @@ -1,19 +0,0 @@ -# HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line -# up the first '|' above the ':' following the base package name, and the '|' -# on the right side marks the last column you can put a character in. You must -# make exactly 11 lines for the formatting to be correct. It's also -# customary to leave one space after the ':'. - - |-----handy-ruler------------------------------------------------------| -obex-data-server: obex-data-server (Obex D-Bus Service Support) -obex-data-server: -obex-data-server: Obex-data-server is a D-Bus service providing high-level OBEX client -obex-data-server: and server side functionality, and currently supports OPP, FTP -obex-data-server: profiles and Bluetooth transport. -obex-data-server: -obex-data-server: -obex-data-server: -obex-data-server: -obex-data-server: -obex-data-server: diff --git a/source/n/obexfs/slack-desc b/source/n/obexfs/slack-desc deleted file mode 100644 index 73971edc..00000000 --- a/source/n/obexfs/slack-desc +++ /dev/null @@ -1,19 +0,0 @@ -# HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line -# up the first '|' above the ':' following the base package name, and the '|' -# on the right side marks the last column you can put a character in. You must -# make exactly 11 lines for the formatting to be correct. It's also -# customary to leave one space after the ':'. - - |-----handy-ruler------------------------------------------------------| -obexfs: obexfs (mount filesystem of ObexFTP capable devices) -obexfs: -obexfs: ObexFS uses FUSE to mount filesystems of ObexFTP capable devices -obexfs: either manually or in autofs style mode. It can handle all devices -obexfs: that the obexftp package can handle, connected via serial cable, -obexfs: IrDA, bluetooth, or USB. -obexfs: -obexfs: http://dev.zuckschwerdt.org/openobex/wiki/ObexDownloads -obexfs: -obexfs: -obexfs: diff --git a/source/n/obexftp/obexftp.SlackBuild b/source/n/obexftp/obexftp.SlackBuild index e8edb1c0..13eba4bc 100755 --- a/source/n/obexftp/obexftp.SlackBuild +++ b/source/n/obexftp/obexftp.SlackBuild @@ -1,5 +1,5 @@ #!/bin/sh -# Copyright 2006, 2007, 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2015 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -21,15 +21,15 @@ PKGNAM=obexftp -VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-9} +VERSION=${VERSION:-$(echo $PKGNAM-*-Source.tar.?z* | rev | cut -f 3- -d . | cut -f 2 -d - | rev)} +BUILD=${BUILD:-1} NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -40,8 +40,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-${PKGNAM} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -57,9 +57,9 @@ fi rm -rf $PKG mkdir -p $TMP $PKG cd $TMP -rm -rf ${PKGNAM}-${VERSION} -tar xvf $CWD/${PKGNAM}-$VERSION.tar.?z* || exit 1 -cd ${PKGNAM}-$VERSION || exit 1 +rm -rf ${PKGNAM}-${VERSION}-Source +tar xvf $CWD/${PKGNAM}-${VERSION}-Source.tar.?z* || exit 1 +cd ${PKGNAM}-${VERSION}-Source || exit 1 # Make sure ownerships and permissions are sane: chown -R root:root . @@ -69,24 +69,29 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -# Fixes the RSTRINGLEN for ruby-1.9 -zcat $CWD/ruby_rstringlen.diff.gz | patch -p1 --verbose || exit 1 - -# Configure: -CFLAGS="$SLKCFLAGS" \ -./configure \ - --prefix=/usr \ - --libdir=/usr/lib${LIBDIRSUFFIX} \ - --sysconfdir=/etc \ - --disable-static \ - --mandir=/usr/man \ - --program-prefix= \ - --program-suffix= \ - --build=$ARCH-slackware-linux - -# Build and install: -make $NUMJOBS INSTALLDIRS=vendor || exit 1 -make install INSTALLDIRS=vendor DESTDIR=$PKG || exit 1 +# Thanks to Fedora for these +zcat $CWD/patches/obexftp-0.24-fix-absurd-install-path.patch.gz | patch -p1 || exit 1 +zcat $CWD/patches/obexftp-0.24-fuse.patch.gz | patch -p1 || exit 1 +zcat $CWD/patches/obexftp-norpath.patch.gz | patch -p1 || exit 1 +zcat $CWD/patches/obexftp-pkgconfig_requires.patch.gz | patch -p1 || exit 1 + +mkdir -p build +cd build + cmake \ + -DCMAKE_C_FLAGS:STRING="$SLKCFLAGS" \ + -DCMAKE_CXX_FLAGS:STRING="$SLKCFLAGS" \ + -DCMAKE_INSTALL_PREFIX=/usr \ + -DLIB_SUFFIX=${LIBDIRSUFFIX} \ + -DCMAKE_INSTALL_DOCDIR=/usr/doc/$PKGNAM-$VERSION \ + -DCMAKE_BUILD_TYPE=Release .. + make $NUMJOBS || make || exit 1 + make doc || exit 1 + make install DESTDIR=$PKG || exit 1 +cd .. + +# Relocate man pages: +mv $PKG/usr/share/man $PKG/usr +rmdir $PKG/usr/share 2> /dev/null if [ -e $PKG/usr/bin/obexftpd ]; then mkdir -p $PKG/usr/sbin @@ -128,6 +133,7 @@ cp -a \ AUTHORS COPYING* INSTALL NEWS README* THANKS TODO contrib \ $PKG/usr/doc/${PKGNAM}-$VERSION rm -f $PKG/usr/doc/${PKGNAM}-$VERSION/contrib/Makefile* +find $PKG/usr/doc/${PKGNAM}-$VERSION -type f -exec chmod 0644 {} \; # If there's a ChangeLog, installing at least part of the recent history # is useful, but don't let it get totally out of control: diff --git a/source/n/obexftp/patches/obexftp-0.24-fix-absurd-install-path.patch b/source/n/obexftp/patches/obexftp-0.24-fix-absurd-install-path.patch new file mode 100644 index 00000000..0f5bebdb --- /dev/null +++ b/source/n/obexftp/patches/obexftp-0.24-fix-absurd-install-path.patch @@ -0,0 +1,20 @@ +Index: obexftp-0.24-Source/swig/python/CMakeLists.txt +=================================================================== +--- obexftp-0.24-Source.orig/swig/python/CMakeLists.txt ++++ obexftp-0.24-Source/swig/python/CMakeLists.txt +@@ -36,13 +36,13 @@ swig_link_libraries ( obexftp-python + # + execute_process ( + COMMAND ${PYTHON_EXECUTABLE} -c +- "import site, sys; sys.stdout.write(site.PREFIXES[-1])" ++ "import site, sys; sys.stdout.write(site.PREFIXES[0])" + OUTPUT_VARIABLE PYTHON_PREFIX + ) + file ( TO_CMAKE_PATH "${PYTHON_PREFIX}" PYTHON_PREFIX ) + execute_process ( + COMMAND ${PYTHON_EXECUTABLE} -c +- "import site, sys; sys.stdout.write(site.getsitepackages()[-1])" ++ "import site, sys; sys.stdout.write(site.getsitepackages()[0])" + OUTPUT_VARIABLE PYTHON_SITE_DIR + ) + file ( TO_CMAKE_PATH "${PYTHON_SITE_DIR}" PYTHON_SITE_DIR ) diff --git a/source/n/obexftp/patches/obexftp-0.24-fuse.patch b/source/n/obexftp/patches/obexftp-0.24-fuse.patch new file mode 100644 index 00000000..260cfc2d --- /dev/null +++ b/source/n/obexftp/patches/obexftp-0.24-fuse.patch @@ -0,0 +1,35 @@ +From 2cc82e0ab5a30eaab5461dcc4eed41b095edba3f Mon Sep 17 00:00:00 2001 +From: Hendrik Sattler <post@hendrik-sattler.de> +Date: Sun, 11 Aug 2013 20:27:29 +0200 +Subject: [PATCH] Install fuse apps + +--- + fuse/CMakeLists.txt | 7 ++++++- + 1 files changed, 6 insertions(+), 1 deletions(-) + +diff --git a/fuse/CMakeLists.txt b/fuse/CMakeLists.txt +index c31a5fc..7d5f7ea 100644 +--- a/fuse/CMakeLists.txt ++++ b/fuse/CMakeLists.txt +@@ -14,7 +14,6 @@ if ( Fuse_FOUND ) + ${Fuse_LIBRARIES} + ) + +- + add_executable ( obexautofs + obexautofs.c + ) +@@ -23,4 +22,10 @@ if ( Fuse_FOUND ) + obexftp + ${Fuse_LIBRARIES} + ) ++ ++ install ( TARGETS obexfs obexautofs ++ RUNTIME ++ DESTINATION ${CMAKE_INSTALL_BINDIR} ++ COMPONENT applications ++ ) + endif ( Fuse_FOUND ) +-- +1.7.1 + diff --git a/source/n/obexftp/patches/obexftp-norpath.patch b/source/n/obexftp/patches/obexftp-norpath.patch new file mode 100644 index 00000000..75a24017 --- /dev/null +++ b/source/n/obexftp/patches/obexftp-norpath.patch @@ -0,0 +1,11 @@ +--- obexftp-0.22/swig/perl/Makefile.PL.in.norpath 2007-07-11 21:22:30.000000000 +0200 ++++ obexftp-0.22/swig/perl/Makefile.PL.in 2007-08-06 20:17:39.000000000 +0200 +@@ -11,7 +11,7 @@ WriteMakefile( + 'INC' => q[-I@top_srcdir@ @CPPFLAGS@], + # Default value for LDDLFLAGS is $Config{lddlflags}="-shared -L/usr/local/lib" + # but we want rpath to be @libdir@ or @exec_prefix@/lib +- 'LDDLFLAGS' => q[-shared -Wl,-rpath=@prefix@/lib], ++ 'LDDLFLAGS' => q[-shared], + 'LIBS' => q[-L@top_builddir@/obexftp/.libs -lobexftp + -L@top_builddir@/multicobex/.libs -lmulticobex + -L@top_builddir@/bfb/.libs -lbfb diff --git a/source/n/obexftp/patches/obexftp-pkgconfig_requires.patch b/source/n/obexftp/patches/obexftp-pkgconfig_requires.patch new file mode 100644 index 00000000..ded4a583 --- /dev/null +++ b/source/n/obexftp/patches/obexftp-pkgconfig_requires.patch @@ -0,0 +1,11 @@ +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -71,7 +71,7 @@ + set ( exec_prefix "\${prefix}" ) + set ( libdir "\${prefix}/${CMAKE_INSTALL_LIBDIR}" ) + set ( includedir "\${prefix}/${CMAKE_INSTALL_INCLUDEDIR}" ) +-set ( REQUIRES "bluetooth openobex" ) ++set ( REQUIRES "bluez openobex" ) + configure_file ( + ${CMAKE_CURRENT_SOURCE_DIR}/obexftp.pc.in + ${CMAKE_CURRENT_BINARY_DIR}/obexftp.pc diff --git a/source/n/obexftp/ruby_rstringlen.diff b/source/n/obexftp/ruby_rstringlen.diff deleted file mode 100644 index c406b44c..00000000 --- a/source/n/obexftp/ruby_rstringlen.diff +++ /dev/null @@ -1,15 +0,0 @@ -diff -Naur obexftp-0.23.orig/swig/ruby/ruby_wrap.c obexftp-0.23/swig/ruby/ruby_wrap.c ---- obexftp-0.23.orig/swig/ruby/ruby_wrap.c 2009-02-17 12:30:40.000000000 -0600 -+++ obexftp-0.23/swig/ruby/ruby_wrap.c 2010-04-19 12:55:10.445810800 -0500 -@@ -2580,7 +2580,11 @@ - - /* VALUE str = StringValue(argv[0]); // perhaps better? */ - arg2 = STR2CSTR(argv[0]); -+#ifdef RSTRING_LEN -+ arg3 = (int) RSTRING_LEN(argv[0]); -+#else - arg3 = (int) RSTRING(argv[0])->len; -+#endif - - - diff --git a/source/n/obexftp/slack-desc b/source/n/obexftp/slack-desc index a37d672e..a90f0461 100644 --- a/source/n/obexftp/slack-desc +++ b/source/n/obexftp/slack-desc @@ -13,7 +13,7 @@ obexftp: library. Using OpenOBEX it enables you to transfer data via IrDA, obexftp: Bluetooth, as well as some custom (Siemens, Ericsson) serial port obexftp: protocols. obexftp: -obexftp: ObexFTP was written by Christian W. Zuckschwerdt. -obexftp: -obexftp: The project site is: http://triq.net/obexftp.html +obexftp: ObexFTP was written by Christian W. Zuckschwerdt and is currently +obexftp: maintained by Hendrik Sattler. obexftp: +obexftp: Project Site: http://sourceforge.net/projects/openobex/files/obexftp/ diff --git a/source/n/openldap-client/openldap-client.SlackBuild b/source/n/openldap-client/openldap-client.SlackBuild index 798536b1..80ec373f 100755 --- a/source/n/openldap-client/openldap-client.SlackBuild +++ b/source/n/openldap-client/openldap-client.SlackBuild @@ -24,20 +24,20 @@ VERSION=${VERSION:-$(echo openldap-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac fi -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" diff --git a/source/n/openobex/openobex.SlackBuild b/source/n/openobex/openobex.SlackBuild index 5559d9d2..858e58dc 100755 --- a/source/n/openobex/openobex.SlackBuild +++ b/source/n/openobex/openobex.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2006, 2007, 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2006, 2007, 2008, 2009, 2010, 2015 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,7 +22,7 @@ PKGNAM=openobex -VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +VERSION=${VERSION:-$(echo $PKGNAM-*-Source.tar.?z* | rev | cut -f 3- -d . | cut -f 2 -d - | rev)} BUILD=${BUILD:-1} NUMJOBS=${NUMJOBS:-" -j7 "} @@ -30,7 +30,7 @@ NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine architecture for build & packaging: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac @@ -40,8 +40,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-${PKGNAM} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -57,9 +57,9 @@ fi rm -rf $PKG mkdir -p $TMP $PKG cd $TMP -rm -rf ${PKGNAM}-${VERSION} -tar xvf $CWD/${PKGNAM}-$VERSION.tar.?z* || exit 1 -cd ${PKGNAM}-$VERSION || exit 1 +rm -rf ${PKGNAM}-${VERSION}-Source +tar xvf $CWD/${PKGNAM}-${VERSION}-Source.tar.?z* || exit 1 +cd ${PKGNAM}-${VERSION}-Source || exit 1 # Make sure ownerships and permissions are sane: chown -R root:root . @@ -69,27 +69,28 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -# Configure: -CFLAGS="$SLKCFLAGS" \ -./configure \ - --prefix=/usr \ - --libdir=/usr/lib${LIBDIRSUFFIX} \ - --sysconfdir=/etc \ - --mandir=/usr/man \ - --enable-static=no \ - --enable-apps \ - --program-prefix= \ - --program-suffix= \ - --build=$ARCH-slackware-linux - -# Build and install: -make $NUMJOBS || make || exit 1 -make install DESTDIR=$PKG || exit 1 +mkdir -p build +cd build + cmake \ + -DCMAKE_C_FLAGS:STRING="$SLKCFLAGS" \ + -DCMAKE_CXX_FLAGS:STRING="$SLKCFLAGS" \ + -DCMAKE_INSTALL_PREFIX=/usr \ + -DLIB_SUFFIX=${LIBDIRSUFFIX} \ + -DCMAKE_INSTALL_DOCDIR=/usr/doc/$PKGNAM-$VERSION \ + -DCMAKE_BUILD_TYPE=Release .. + make $NUMJOBS || make || exit 1 + make doc || exit 1 + make install DESTDIR=$PKG || exit 1 +cd .. # Strip binaries: find $PKG | xargs file | grep -e "executable" -e "shared object" \ | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +# Relocate man pages: +mv $PKG/usr/share/man $PKG/usr +rmdir $PKG/usr/share 2> /dev/null + # Compress and link manpages, if any: if [ -d $PKG/usr/man ]; then ( cd $PKG/usr/man diff --git a/source/n/openssh/doinst.sh b/source/n/openssh/doinst.sh index d696245d..73ce6283 100644 --- a/source/n/openssh/doinst.sh +++ b/source/n/openssh/doinst.sh @@ -9,10 +9,24 @@ config() { fi # Otherwise, we leave the .new copy for the admin to consider... } +preserve_perms() { + NEW="$1" + OLD="$(dirname ${NEW})/$(basename ${NEW} .new)" + if [ -e ${OLD} ]; then + cp -a ${OLD} ${NEW}.incoming + cat ${NEW} > ${NEW}.incoming + touch -r ${NEW} ${NEW}.incoming + mv ${NEW}.incoming ${NEW} + fi + config ${NEW} +} config etc/ssh/ssh_config.new config etc/ssh/sshd_config.new -config etc/rc.d/rc.sshd.new +preserve_perms etc/rc.d/rc.sshd.new +if [ -e etc/rc.d/rc.sshd.new ]; then + mv etc/rc.d/rc.sshd.new etc/rc.d/rc.sshd +fi # If the sshd user/group/shadow don't exist, add them: diff --git a/source/n/openssh/openssh-7.2p1-libwrap.diff b/source/n/openssh/openssh-7.2p1-libwrap.diff new file mode 100644 index 00000000..546e63ce --- /dev/null +++ b/source/n/openssh/openssh-7.2p1-libwrap.diff @@ -0,0 +1,156 @@ +From 8c59bae0e4bdc0e3456d1802b391370bdf9975f3 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1 AT zoho DOT com> +Date: Mon, 6 Oct 2014 +Subject: Re-introduce TCP Wrappers support + +Support for TCP Wrappers was dropped as of OpenSSH 6.7. This patch +resurrects the feature. + +Relevant upstream commits: + + https://anongit.mindrot.org/openssh.git/commit/?id=f2719b7c2b8a + https://anongit.mindrot.org/openssh.git/commit/?id=f9696566fb41 + +--- + configure.ac | 57 +++++++++++++++++++++++++++++++++++++++++++++++++++++ + sshd.8 | 7 +++++++ + sshd.c | 25 +++++++++++++++++++++++ + 3 files changed, 89 insertions(+) + +--- a/configure.ac ++++ b/configure.ac +@@ -1380,6 +1380,62 @@ AC_ARG_WITH([skey], + ] + ) + ++# Check whether user wants TCP wrappers support ++TCPW_MSG="no" ++AC_ARG_WITH([tcp-wrappers], ++ [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)], ++ [ ++ if test "x$withval" != "xno" ; then ++ saved_LIBS="$LIBS" ++ saved_LDFLAGS="$LDFLAGS" ++ saved_CPPFLAGS="$CPPFLAGS" ++ if test -n "${withval}" && \ ++ test "x${withval}" != "xyes"; then ++ if test -d "${withval}/lib"; then ++ if test -n "${need_dash_r}"; then ++ LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" ++ else ++ LDFLAGS="-L${withval}/lib ${LDFLAGS}" ++ fi ++ else ++ if test -n "${need_dash_r}"; then ++ LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" ++ else ++ LDFLAGS="-L${withval} ${LDFLAGS}" ++ fi ++ fi ++ if test -d "${withval}/include"; then ++ CPPFLAGS="-I${withval}/include ${CPPFLAGS}" ++ else ++ CPPFLAGS="-I${withval} ${CPPFLAGS}" ++ fi ++ fi ++ LIBS="-lwrap -lnsl $LIBS" ++ AC_MSG_CHECKING([for libwrap]) ++ AC_LINK_IFELSE([AC_LANG_PROGRAM([[ ++#include <sys/types.h> ++#include <sys/socket.h> ++#include <netinet/in.h> ++#include <tcpd.h> ++int deny_severity = 0, allow_severity = 0; ++ ]], [[ ++ hosts_access(0); ++ ]])], [ ++ AC_MSG_RESULT([yes]) ++ AC_DEFINE([LIBWRAP], [1], ++ [Define if you want ++ TCP Wrappers support]) ++ SSHDLIBS="$SSHDLIBS -lwrap -lnsl" ++ TCPW_MSG="yes" ++ ], [ ++ AC_MSG_ERROR([*** libwrap missing]) ++ ++ ]) ++ LIBS="$saved_LIBS" ++ fi ++ ] ++) ++ + # Check whether user wants to use ldns + LDNS_MSG="no" + AC_ARG_WITH(ldns, +@@ -4829,6 +4885,7 @@ echo " KerberosV support + echo " SELinux support: $SELINUX_MSG" + echo " Smartcard support: $SCARD_MSG" + echo " S/KEY support: $SKEY_MSG" ++echo " TCP Wrappers support: $TCPW_MSG" + echo " MD5 password support: $MD5_MSG" + echo " libedit support: $LIBEDIT_MSG" + echo " Solaris process contract support: $SPC_MSG" +--- a/sshd.8 ++++ b/sshd.8 +@@ -851,6 +851,12 @@ the user's home directory becomes access + This file should be writable only by the user, and need not be + readable by anyone else. + .Pp ++.It Pa /etc/hosts.allow ++.It Pa /etc/hosts.deny ++Access controls that should be enforced by tcp-wrappers are defined here. ++Further details are described in ++.Xr hosts_access 5 . ++.Pp + .It Pa /etc/hosts.equiv + This file is for host-based authentication (see + .Xr ssh 1 ) . +@@ -954,6 +960,7 @@ The content of this file is not sensitiv + .Xr ssh-keygen 1 , + .Xr ssh-keyscan 1 , + .Xr chroot 2 , ++.Xr hosts_access 5 , + .Xr login.conf 5 , + .Xr moduli 5 , + .Xr sshd_config 5 , +--- a/sshd.c ++++ b/sshd.c +@@ -123,6 +123,13 @@ + #include "ssh-sandbox.h" + #include "version.h" + ++#ifdef LIBWRAP ++#include <tcpd.h> ++#include <syslog.h> ++int allow_severity; ++int deny_severity; ++#endif /* LIBWRAP */ ++ + #ifndef O_NOCTTY + #define O_NOCTTY 0 + #endif +@@ -2054,6 +2061,24 @@ main(int ac, char **av) + #ifdef SSH_AUDIT_EVENTS + audit_connection_from(remote_ip, remote_port); + #endif ++#ifdef LIBWRAP ++ allow_severity = options.log_facility|LOG_INFO; ++ deny_severity = options.log_facility|LOG_WARNING; ++ /* Check whether logins are denied from this host. */ ++ if (packet_connection_is_on_socket()) { ++ struct request_info req; ++ ++ request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, 0); ++ fromhost(&req); ++ ++ if (!hosts_access(&req)) { ++ debug("Connection refused by tcp wrapper"); ++ refuse(&req); ++ /* NOTREACHED */ ++ fatal("libwrap refuse returns"); ++ } ++ } ++#endif /* LIBWRAP */ + + /* Log the connection. */ + verbose("Connection from %s port %d on %s port %d", diff --git a/source/n/openssh/openssh.SlackBuild b/source/n/openssh/openssh.SlackBuild index 07ea1615..a917ee80 100755 --- a/source/n/openssh/openssh.SlackBuild +++ b/source/n/openssh/openssh.SlackBuild @@ -36,15 +36,15 @@ NUMJOBS=${NUMJOBS:--j6} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac fi -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" elif [ "$ARCH" = "x86_64" ]; then @@ -68,6 +68,10 @@ tar xvf $CWD/openssh-$VERSION.tar.gz || tar xvf $CWD/openssh-$VERSION.tar.?z* || cd openssh-$VERSION chown -R root:root . +# Restore support for tcpwrappers: +zcat $CWD/openssh-7.2p1-libwrap.diff.gz | patch -p1 --verbose || exit 1 +autoreconf -vif + # Compile package: CFLAGS="$SLKCFLAGS" \ ./configure \ diff --git a/source/n/openssh/rc.sshd b/source/n/openssh/rc.sshd index cb2dfa41..2da2ab30 100644 --- a/source/n/openssh/rc.sshd +++ b/source/n/openssh/rc.sshd @@ -3,9 +3,6 @@ sshd_start() { # Create host keys if needed. - if [ ! -r /etc/ssh/ssh_host_key ]; then - /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N '' - fi if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' fi @@ -15,6 +12,12 @@ sshd_start() { if [ ! -f /etc/ssh/ssh_host_ecdsa_key ]; then /usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' fi + if [ ! -f /etc/ssh/ssh_host_ed25519_key ]; then + /usr/bin/ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N '' + fi + # Catch any new host key types not yet created above: + /usr/bin/ssh-keygen -A + # Start the sshd daemon: /usr/sbin/sshd } diff --git a/source/n/openssl/openssl.SlackBuild b/source/n/openssl/openssl.SlackBuild index 7af51352..00b80226 100755 --- a/source/n/openssl/openssl.SlackBuild +++ b/source/n/openssl/openssl.SlackBuild @@ -2,7 +2,7 @@ # Copyright 2000 BSDi, Inc. Concord, CA, USA # Copyright 2001, 2002 Slackware Linux, Inc. Concord, CA, USA -# Copyright 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -33,7 +33,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -57,11 +57,19 @@ rm -rf $PKG1 $PKG2 openssl-$VERSION tar xvf $CWD/openssl-$VERSION.tar.gz || exit 1 cd openssl-$VERSION +# Fix pod syntax errors which are fatal wih a newer perl: +find . -name "*.pod" -exec sed -i "s/^\=item \([0-9]\)\(\ \|$\)/\=item C<\1>/g" {} \; + # Use .so.1, not .so.1.0.0: -zcat $CWD/openssl.soname.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit 1 -if [ "$ARCH" = "i486" ]; then - # Build with -march=i486 -mtune=i686: - zcat $CWD/openssl.optsx86.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit 1 +sed -i "s/soname=\$\$SHLIB\$\$SHLIB_SOVER\$\$SHLIB_SUFFIX/soname=\$\$SHLIB.1/g" Makefile.shared + +if [ "$ARCH" = "i586" ]; then + # Build with -march=i586 -mtune=i686: + sed -i "/linux-elf/s/fomit-frame-pointer/fomit-frame-pointer -march=i586 -mtune=i686/g" Configure + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + # Build with -march=i686 -mtune=i686: + sed -i "/linux-elf/s/fomit-frame-pointer/fomit-frame-pointer -march=i686 -mtune=i686/g" Configure LIBDIRSUFFIX="" elif [ "$ARCH" = "x86_64" ]; then LIBDIRSUFFIX="64" @@ -72,9 +80,9 @@ fi # paranoid that they won't run against a different OpenSSL version than # what they were compiled against, whether or not the ABI has changed. # -# So, we will use the OPENSSL_VERSION_NUMBER from openssl-1.0.1c unless ABI +# So, we will use the OPENSSL_VERSION_NUMBER from openssl-1.0.2e unless ABI # breakage forces it to change. Yes, we're finally using this old trick. :) -sed -i "s/#define OPENSSL_VERSION_NUMBER.*/\/* Use 0x1000103fL (1.0.1c) below to avoid pointlessly breaking the ABI *\/\n#define OPENSSL_VERSION_NUMBER 0x1000103fL/g" crypto/opensslv.h || exit 1 +sed -i "s/#define OPENSSL_VERSION_NUMBER.*/\/* Use 0x1000205fL (1.0.2e) below to avoid pointlessly breaking the ABI *\/\n#define OPENSSL_VERSION_NUMBER 0x1000205fL/g" crypto/opensslv.h || exit 1 chown -R root:root . mkdir -p $PKG1/usr/doc/openssl-$VERSION @@ -93,16 +101,23 @@ fi # These are the known patent issues with OpenSSL: # name # expires -# MDC-2: 4,908,861 2007-03-13, included. :-) +# MDC-2: 4,908,861 2007-03-13, not included. # IDEA: 5,214,703 2010-05-25, not included. # RC5: 5,724,428 2015-03-03, not included. +# +# Although all of the above are expired, it's still probably +# not a good idea to include them as there are better +# algorithms to use. ./config \ --prefix=/usr \ --openssldir=/etc/ssl \ + no-mdc2 \ no-idea \ no-rc5 \ no-sse2 \ + no-ssl2 \ + no-weak-ssl-ciphers \ shared make $NUMJOBS depend || make depend || exit 1 @@ -190,16 +205,15 @@ mkdir -p $PKG2/usr/doc/openssl-$VERSION ( cd $TMP/openssl-$VERSION cp -a CHANGES CHANGES.SSLeay FAQ INSTALL INSTALL.MacOS INSTALL.VMS INSTALL.W32 \ LICENSE NEWS README README.ENGINE $PKG2/usr/doc/openssl-$VERSION + # If there's a CHANGES file, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r CHANGES ]; then + DOCSDIR=$(echo $PKG2/usr/doc/*-$VERSION) + cat CHANGES | head -n 2000 > $DOCSDIR/CHANGES + touch -r CHANGES $DOCSDIR/CHANGES + fi ) -# If there's a CHANGES file, installing at least part of the recent history -# is useful, but don't let it get totally out of control: -if [ -r CHANGES ]; then - DOCSDIR=$(echo $PKG2/usr/doc/*-$VERSION) - cat CHANGES | head -n 2000 > $DOCSDIR/CHANGES - touch -r CHANGES $DOCSDIR/CHANGES -fi - find $PKG2/usr/doc/openssl-$VERSION -type d -exec chmod 755 {} \; find $PKG2/usr/doc/openssl-$VERSION -type f -exec chmod 644 {} \; cd $PKG2 diff --git a/source/n/openssl/openssl.optsx86.diff b/source/n/openssl/openssl.optsx86.diff deleted file mode 100644 index 330e5097..00000000 --- a/source/n/openssl/openssl.optsx86.diff +++ /dev/null @@ -1,11 +0,0 @@ ---- ./Configure.orig 2012-03-14 17:20:40.000000000 -0500 -+++ ./Configure 2012-07-03 18:30:19.962011710 -0500 -@@ -350,7 +350,7 @@ - "linux-armv4", "gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${armv4_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - #### IA-32 targets... - "linux-ia32-icc", "icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", --"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -mtune=i686 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_asm}:a.out", - #### - "linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", diff --git a/source/n/openssl/openssl.soname.diff b/source/n/openssl/openssl.soname.diff deleted file mode 100644 index 308968d9..00000000 --- a/source/n/openssl/openssl.soname.diff +++ /dev/null @@ -1,11 +0,0 @@ ---- ./Makefile.shared.orig 2005-06-23 13:47:54.000000000 -0700 -+++ ./Makefile.shared 2005-10-12 20:02:28.000000000 -0700 -@@ -151,7 +151,7 @@ - SHLIB_SUFFIX=; \ - ALLSYMSFLAGS='-Wl,--whole-archive'; \ - NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ -- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX" -+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB.1" - - DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)" - diff --git a/source/n/openssl/openssl0/certwatch b/source/n/openssl/openssl0/certwatch deleted file mode 100644 index 8fef1509..00000000 --- a/source/n/openssl/openssl0/certwatch +++ /dev/null @@ -1,128 +0,0 @@ -#!/bin/sh -# -# Will check all certificates stored in $CERTDIR for their expiration date, -# and will display (if optional "stdout" argument is given), or mail a warning -# message to $MAILADDR (if script is executed without any parameter -# - unattended mode suitable for cron execution) for each particular certificate -# that is about to expire in time less to, or equal to $DAYS after this script -# has been executed, or if it has already expired. -# This stupid script (C) 2006,2007 Jan Rafaj - -########################## CONFIGURATION SECTION BEGIN ######################### -# Note: all settings are mandatory -# Warning will be sent if a certificate expires in time <= days given here -DAYS=7 -# E-mail address where to send warnings -MAILADDR=root -# Directory with certificates to check -CERTDIR=/etc/ssl/certs -# Directory where to keep state files if this script isnt executed with "stdout" -STATEDIR=/var/run -########################### CONFIGURATION SECTION END ########################## - -PATH=/bin:/usr/bin:/sbin:/usr/sbin -DAY_IN_SECS=$((60*60*24)) -DATE_CURRENT=$(date '+%s') - -usage() -{ - echo "Usage: $0 [stdout]" - echo - echo "Detailed description and configuration is embedded within the script." - exit 0 -} - -message() -{ - cat << EOF - WARNING: certificate $certfile - is about to expire in time equal to or less than $DAYS days from now on, - or has already expired - it might be a good idea to obtain/create new one. - -EOF -} - -message_mail() -{ - message - cat << EOF - NOTE: This message is being sent only once. - - A lock-file - $STATEDIR/certwatch-mailwarning-sent-$certfilebase - has been created, which will prevent this script from mailing you again - upon its subsequent executions by crond. You dont need to care about it; - the file will be auto-deleted as soon as you'll prolong your certificate. -EOF -} - -unset stdout -case $# in - 0) ;; - 1) if [ "$1" = "-h" -o "$1" == "--help" ]; then - usage - elif [ "$1" = "stdout" ]; then - stdout=1 - else - usage - fi - ;; - *) usage ;; -esac - -for dir in $STATEDIR $CERTDIR ; do - if [ ! -d $dir ]; then - echo "ERROR: directory $dir does not exist" - exit 1 - fi -done -for binary in basename date find grep mail openssl touch ; do - if [ ! \( -x /usr/bin/$binary -o -x /bin/$binary \) ]; then - echo "ERROR: /usr/bin/$binary not found" - exit 1 - fi -done - -find $CERTDIR -type f -maxdepth 1 | while read certfile ; do - certfilebase="$(basename "$certfile")" - inform=PEM - echo "$certfile" | grep -q -i '\.net$' - if [ $? -eq 0 ]; then - # This is based purely on filename extension, so may give false results. - # But lets assume noone uses NET format certs today, ok? - continue - fi - echo "$certfile" | grep -q -i '\.der$' - if [ $? -eq 0 -o "$(file "$certfile" | egrep '(ASCII|PEM)')" == "" ]; then - inform=DER - fi - # We wont use '-checkend' since it is not properly documented (as of - # OpenSSL 0.9.8e). - DATE_CERT_EXPIRES=$(openssl x509 -in "$certfile" -inform $inform -noout -enddate | sed 's/^notAfter=//') - DATE_CERT_EXPIRES=$(date -d"$DATE_CERT_EXPIRES" +%s) - if [ $(($DATE_CERT_EXPIRES - $DATE_CURRENT)) -le $(($DAYS * $DAY_IN_SECS)) ] - then - if [ $stdout ]; then - message - else - if [ ! -f $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" ]; then - subject="$0: certificate $certfile expiration warning" - message_mail | mail -r "certwatch@$HOSTNAME" \ - -s "$subject" \ - $MAILADDR 2>/dev/null - # echo "Mail about expiring certificate $certfile sent to $MAILADDR." - # echo "If you need to send it again, please remove lock-file" - # echo "$STATEDIR/certwatch-mailwarning-sent-$certfilebase ." - # echo - fi - touch $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" - fi - else - if [ ! $stdout ]; then - if [ -f $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" ]; then - rm $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" - fi - fi - fi -done - diff --git a/source/n/openssl/openssl0/doinst.sh-openssl b/source/n/openssl/openssl0/doinst.sh-openssl deleted file mode 100644 index c92e6076..00000000 --- a/source/n/openssl/openssl0/doinst.sh-openssl +++ /dev/null @@ -1,21 +0,0 @@ -config() { - NEW="$1" - OLD="`dirname $NEW`/`basename $NEW .new`" - # If there's no config file by that name, mv it over: - if [ ! -r $OLD ]; then - mv $NEW $OLD - elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy - rm $NEW - fi - # Otherwise, we leave the .new copy for the admin to consider... -} - -# If there is a known buggy certwatch script with no local -# modifications, just replace it: -if [ "$(md5sum etc/cron.daily/certwatch 2> /dev/null)" = "32556321806f1850d56cb2ef8384b7a1 etc/cron.daily/certwatch" ]; then - cat etc/cron.daily/certwatch.new > etc/cron.daily/certwatch - touch -r etc/cron.daily/certwatch.new etc/cron.daily/certwatch -fi - -config etc/ssl/openssl.cnf.new -config etc/cron.daily/certwatch.new diff --git a/source/n/openssl/openssl0/openssl.SlackBuild b/source/n/openssl/openssl0/openssl.SlackBuild deleted file mode 100755 index 6c4197d5..00000000 --- a/source/n/openssl/openssl0/openssl.SlackBuild +++ /dev/null @@ -1,195 +0,0 @@ -#!/bin/sh - -# Copyright 2000 BSDi, Inc. Concord, CA, USA -# Copyright 2001, 2002 Slackware Linux, Inc. Concord, CA, USA -# Copyright 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA -# All rights reserved. -# -# Redistribution and use of this script, with or without modification, is -# permitted provided that the following conditions are met: -# -# 1. Redistributions of this script must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; -# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - -# Set initial variables: -CWD=$(pwd) -TMP=${TMP:-/tmp} - -VERSION=${VERSION:-$(echo openssl-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} - -# Automatically determine the architecture we're building on: -if [ -z "$ARCH" ]; then - case "$( uname -m )" in - i?86) export ARCH=i486 ;; - arm*) export ARCH=arm ;; - # Unless $ARCH is already set, use uname -m for all other archs: - *) export ARCH=$( uname -m ) ;; - esac -fi - -PKG1=$TMP/package-openssl -PKG2=$TMP/package-ossllibs -NAME1=openssl-$VERSION-$ARCH-$BUILD -NAME2=openssl-solibs-$VERSION-$ARCH-$BUILD - -NUMJOBS=${NUMJOBS:--j6} - -# So that ls has the right field counts for parsing... -export LC_ALL=C - -cd $TMP -rm -rf $PKG1 $PKG2 openssl-$VERSION -tar xvf $CWD/openssl-$VERSION.tar.gz || exit 1 -cd openssl-$VERSION - -# Use .so.0, not .so.0.9.8: -zcat $CWD/openssl.soname.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit 1 -if [ "$ARCH" = "i486" ]; then - # Build with -march=i486 -mtune=i686: - zcat $CWD/openssl.optsx86.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit 1 - LIBDIRSUFFIX="" -elif [ "$ARCH" = "x86_64" ]; then - LIBDIRSUFFIX="64" -fi - -# OpenSSL has a (nasty?) habit of bumping the internal version number with -# every release. This wouldn't be so bad, but some applications are so -# paranoid that they won't run against a different OpenSSL version than -# what they were compiled against, whether or not the ABI has changed. -# -# So, we will use the OPENSSL_VERSION_NUMBER from openssl-0.9.8o unless ABI -# breakage forces it to change. Yes, we're finally using this old trick. :) -sed -i "s/#define OPENSSL_VERSION_NUMBER.*/\/* Use 0x009080efL (0.9.8o) below to avoid pointlessly breaking the ABI *\/\n#define OPENSSL_VERSION_NUMBER 0x009080efL/g" crypto/opensslv.h || exit 1 - -chown -R root:root . -mkdir -p $PKG1/usr/doc/openssl-$VERSION -cp -a CHANGES CHANGES.SSLeay FAQ INSTALL INSTALL.MacOS INSTALL.VMS INSTALL.W32 \ - LICENSE NEWS README README.ENGINE doc $PKG1/usr/doc/openssl-$VERSION -find $PKG1/usr/doc/openssl-$VERSION -type d -exec chmod 755 {} \; -find $PKG1/usr/doc/openssl-$VERSION -type f -exec chmod 644 {} \; - -# If there's a CHANGES file, installing at least part of the recent history -# is useful, but don't let it get totally out of control: -if [ -r CHANGES ]; then - DOCSDIR=$(echo $PKG1/usr/doc/*-$VERSION) - cat CHANGES | head -n 2000 > $DOCSDIR/CHANGES - touch -r CHANGES $DOCSDIR/CHANGES -fi - -# These are the known patent issues with OpenSSL: -# name # expires -# MDC-2: 4,908,861 2007-03-13, included. :-) -# IDEA: 5,214,703 2010-05-25, not included. -# RC5: 5,724,428 2015-03-03, not included. - -./config \ - --prefix=/usr \ - --openssldir=/etc/ssl \ - no-idea \ - no-rc5 \ - no-sse2 \ - shared - -make $NUMJOBS depend || make depend || exit 1 - -make $NUMJOBS || make || exit 1 - -make install INSTALL_PREFIX=$PKG1 || exit 1 - -# Use proper libdir: -( cd $PKG1/usr; mv lib lib${LIBDIRSUFFIX} ) - -# Make the .so.? library symlinks: -( cd $PKG1/usr/lib${LIBDIRSUFFIX} ; ldconfig -l lib*.so.* ) - -# Move libraries, as they might be needed by programs that bring a network -# mounted /usr online: - -mkdir $PKG1/lib${LIBDIRSUFFIX} -( cd $PKG1/usr/lib${LIBDIRSUFFIX} - for file in lib*.so.?.* ; do - mv $file ../../lib${LIBDIRSUFFIX} - ln -sf ../../lib${LIBDIRSUFFIX}/$file . - done - cp -a lib*.so.? ../../lib${LIBDIRSUFFIX} -) - -# Add a cron script to warn root if a certificate is going to expire soon: -mkdir -p $PKG1/etc/cron.daily -zcat $CWD/certwatch.gz > $PKG1/etc/cron.daily/certwatch.new -chmod 755 $PKG1/etc/cron.daily/certwatch.new - -mv $PKG1/etc/ssl/openssl.cnf $PKG1/etc/ssl/openssl.cnf.new - -( cd $PKG1 - find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null - find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null -) - -mv $PKG1/etc/ssl/man $PKG1/usr -( cd $PKG1/usr/man/man1 ; mv passwd.1 ssl_passwd.1 ) -( cd $PKG1/usr/man/man3 ; mv rand.3 ssl_rand.3 ) -( cd $PKG1/usr/man/man3 ; mv err.3 ssl_err.3 ) -# Compress and symlink the man pages: -if [ -d $PKG1/usr/man ]; then - ( cd $PKG1/usr/man - for manpagedir in $(find . -type d -name "man*") ; do - ( cd $manpagedir - for eachpage in $( find . -type l -maxdepth 1) ; do - ln -s $( readlink $eachpage ).gz $eachpage.gz - rm $eachpage - done - gzip -9 *.? - ) - done - ) -fi - -cd $PKG1 -chmod 755 usr/lib${LIBDIRSUFFIX}/pkgconfig -sed -i -e "s#lib\$#lib${LIBDIRSUFFIX}#" usr/lib${LIBDIRSUFFIX}/pkgconfig/*.pc -mkdir -p install -zcat $CWD/doinst.sh-openssl.gz > install/doinst.sh -cat $CWD/slack-desc.openssl > install/slack-desc -/sbin/makepkg -l y -c n $TMP/${NAME1}.txz - -# Make runtime package: -mkdir -p $PKG2/lib${LIBDIRSUFFIX} -( cd lib${LIBDIRSUFFIX} ; cp -a lib*.so.* $PKG2/lib${LIBDIRSUFFIX} ) -( cd $PKG2/lib${LIBDIRSUFFIX} ; ldconfig -l * ) -mkdir -p $PKG2/etc -( cd $PKG2/etc ; cp -a $PKG1/etc/ssl . ) -mkdir -p $PKG2/usr/doc/openssl-$VERSION -( cd $TMP/openssl-$VERSION - cp -a CHANGES CHANGES.SSLeay FAQ INSTALL INSTALL.MacOS INSTALL.VMS INSTALL.W32 \ - LICENSE NEWS README README.ENGINE $PKG2/usr/doc/openssl-$VERSION -) - -# If there's a CHANGES file, installing at least part of the recent history -# is useful, but don't let it get totally out of control: -if [ -r CHANGES ]; then - DOCSDIR=$(echo $PKG2/usr/doc/*-$VERSION) - cat CHANGES | head -n 2000 > $DOCSDIR/CHANGES - touch -r CHANGES $DOCSDIR/CHANGES -fi - -find $PKG2/usr/doc/openssl-$VERSION -type d -exec chmod 755 {} \; -find $PKG2/usr/doc/openssl-$VERSION -type f -exec chmod 644 {} \; -cd $PKG2 -mkdir -p install -zcat $CWD/doinst.sh-openssl-solibs.gz > install/doinst.sh -cat $CWD/slack-desc.openssl-solibs > install/slack-desc -/sbin/makepkg -l y -c n $TMP/${NAME2}.txz diff --git a/source/n/openssl/openssl0/openssl.optsx86.diff b/source/n/openssl/openssl0/openssl.optsx86.diff deleted file mode 100644 index a1a289a2..00000000 --- a/source/n/openssl/openssl0/openssl.optsx86.diff +++ /dev/null @@ -1,11 +0,0 @@ ---- ./Configure.orig 2005-08-02 03:59:42.000000000 -0700 -+++ ./Configure 2005-10-12 20:04:43.000000000 -0700 -@@ -317,7 +317,7 @@ - "linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc32.o::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - #### IA-32 targets... - "linux-ia32-icc", "icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", --"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -mtune=i686 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - "linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}", - #### - "linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", diff --git a/source/n/openssl/openssl0/openssl.soname.diff b/source/n/openssl/openssl0/openssl.soname.diff deleted file mode 100644 index f660e93b..00000000 --- a/source/n/openssl/openssl0/openssl.soname.diff +++ /dev/null @@ -1,11 +0,0 @@ ---- ./Makefile.shared.orig 2005-06-23 13:47:54.000000000 -0700 -+++ ./Makefile.shared 2005-10-12 20:02:28.000000000 -0700 -@@ -151,7 +151,7 @@ - SHLIB_SUFFIX=; \ - ALLSYMSFLAGS='-Wl,--whole-archive'; \ - NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ -- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX" -+ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB.0" - - DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)" - diff --git a/source/n/openssl/openssl0/openssl0.build b/source/n/openssl/openssl0/openssl0.build deleted file mode 100755 index 262a16a5..00000000 --- a/source/n/openssl/openssl0/openssl0.build +++ /dev/null @@ -1,198 +0,0 @@ -#!/bin/sh - -# Copyright 2000 BSDi, Inc. Concord, CA, USA -# Copyright 2001, 2002 Slackware Linux, Inc. Concord, CA, USA -# Copyright 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA -# All rights reserved. -# -# Redistribution and use of this script, with or without modification, is -# permitted provided that the following conditions are met: -# -# 1. Redistributions of this script must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; -# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - -# Set initial variables: -CWD=$(pwd) -TMP=${TMP:-/tmp} - -VERSION=${VERSION:-$(echo openssl-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} - -# Automatically determine the architecture we're building on: -if [ -z "$ARCH" ]; then - case "$( uname -m )" in - i?86) export ARCH=i486 ;; - arm*) export ARCH=arm ;; - # Unless $ARCH is already set, use uname -m for all other archs: - *) export ARCH=$( uname -m ) ;; - esac -fi - -PKG1=$TMP/package-openssl0 -PKG2=$TMP/package-ossllibs -NAME1=openssl-$VERSION-$ARCH-$BUILD -NAME2=openssl-solibs-$VERSION-$ARCH-$BUILD - -NUMJOBS=${NUMJOBS:--j6} - -# So that ls has the right field counts for parsing... -export LC_ALL=C - -cd $TMP -#rm -rf $PKG1 $PKG2 openssl-$VERSION -rm -rf $PKG1 openssl-$VERSION -tar xvf $CWD/openssl-$VERSION.tar.gz || exit 1 -cd openssl-$VERSION - -# Use .so.0, not .so.0.9.8: -zcat $CWD/openssl.soname.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit 1 -if [ "$ARCH" = "i486" ]; then - # Build with -march=i486 -mtune=i686: - zcat $CWD/openssl.optsx86.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit 1 - LIBDIRSUFFIX="" -elif [ "$ARCH" = "x86_64" ]; then - LIBDIRSUFFIX="64" -fi - -# OpenSSL has a (nasty?) habit of bumping the internal version number with -# every release. This wouldn't be so bad, but some applications are so -# paranoid that they won't run against a different OpenSSL version than -# what they were compiled against, whether or not the ABI has changed. -# -# So, we will use the OPENSSL_VERSION_NUMBER from openssl-0.9.8o unless ABI -# breakage forces it to change. Yes, we're finally using this old trick. :) -sed -i "s/#define OPENSSL_VERSION_NUMBER.*/\/* Use 0x009080efL (0.9.8o) below to avoid pointlessly breaking the ABI *\/\n#define OPENSSL_VERSION_NUMBER 0x009080efL/g" crypto/opensslv.h || exit 1 - -chown -R root:root . -mkdir -p $PKG1/usr/doc/openssl-$VERSION -cp -a CHANGES CHANGES.SSLeay FAQ INSTALL INSTALL.MacOS INSTALL.VMS INSTALL.W32 \ - LICENSE NEWS README README.ENGINE doc $PKG1/usr/doc/openssl-$VERSION -find $PKG1/usr/doc/openssl-$VERSION -type d -exec chmod 755 {} \; -find $PKG1/usr/doc/openssl-$VERSION -type f -exec chmod 644 {} \; - -# If there's a CHANGES file, installing at least part of the recent history -# is useful, but don't let it get totally out of control: -if [ -r CHANGES ]; then - DOCSDIR=$(echo $PKG1/usr/doc/*-$VERSION) - cat CHANGES | head -n 2000 > $DOCSDIR/CHANGES - touch -r CHANGES $DOCSDIR/CHANGES -fi - -# These are the known patent issues with OpenSSL: -# name # expires -# MDC-2: 4,908,861 2007-03-13, included. :-) -# IDEA: 5,214,703 2010-05-25, not included. -# RC5: 5,724,428 2015-03-03, not included. - -./config \ - --prefix=/usr \ - --openssldir=/etc/ssl \ - no-idea \ - no-rc5 \ - no-sse2 \ - shared - -make $NUMJOBS depend || make depend || exit 1 - -make $NUMJOBS || make || exit 1 - -make install INSTALL_PREFIX=$PKG1 || exit 1 - -exit 0 - -# Use proper libdir: -( cd $PKG1/usr; mv lib lib${LIBDIRSUFFIX} ) - -# Make the .so.? library symlinks: -( cd $PKG1/usr/lib${LIBDIRSUFFIX} ; ldconfig -l lib*.so.* ) - -# Move libraries, as they might be needed by programs that bring a network -# mounted /usr online: - -mkdir $PKG1/lib${LIBDIRSUFFIX} -( cd $PKG1/usr/lib${LIBDIRSUFFIX} - for file in lib*.so.?.* ; do - mv $file ../../lib${LIBDIRSUFFIX} - ln -sf ../../lib${LIBDIRSUFFIX}/$file . - done - cp -a lib*.so.? ../../lib${LIBDIRSUFFIX} -) - -# Add a cron script to warn root if a certificate is going to expire soon: -mkdir -p $PKG1/etc/cron.daily -zcat $CWD/certwatch.gz > $PKG1/etc/cron.daily/certwatch.new -chmod 755 $PKG1/etc/cron.daily/certwatch.new - -mv $PKG1/etc/ssl/openssl.cnf $PKG1/etc/ssl/openssl.cnf.new - -( cd $PKG1 - find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null - find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null -) - -mv $PKG1/etc/ssl/man $PKG1/usr -( cd $PKG1/usr/man/man1 ; mv passwd.1 ssl_passwd.1 ) -( cd $PKG1/usr/man/man3 ; mv rand.3 ssl_rand.3 ) -( cd $PKG1/usr/man/man3 ; mv err.3 ssl_err.3 ) -# Compress and symlink the man pages: -if [ -d $PKG1/usr/man ]; then - ( cd $PKG1/usr/man - for manpagedir in $(find . -type d -name "man*") ; do - ( cd $manpagedir - for eachpage in $( find . -type l -maxdepth 1) ; do - ln -s $( readlink $eachpage ).gz $eachpage.gz - rm $eachpage - done - gzip -9 *.? - ) - done - ) -fi - -cd $PKG1 -chmod 755 usr/lib${LIBDIRSUFFIX}/pkgconfig -sed -i -e "s#lib\$#lib${LIBDIRSUFFIX}#" usr/lib${LIBDIRSUFFIX}/pkgconfig/*.pc -mkdir -p install -zcat $CWD/doinst.sh-openssl.gz > install/doinst.sh -cat $CWD/slack-desc.openssl > install/slack-desc -/sbin/makepkg -l y -c n $TMP/${NAME1}.txz - -# Make runtime package: -mkdir -p $PKG2/lib${LIBDIRSUFFIX} -( cd lib${LIBDIRSUFFIX} ; cp -a lib*.so.* $PKG2/lib${LIBDIRSUFFIX} ) -( cd $PKG2/lib${LIBDIRSUFFIX} ; ldconfig -l * ) -mkdir -p $PKG2/etc -( cd $PKG2/etc ; cp -a $PKG1/etc/ssl . ) -mkdir -p $PKG2/usr/doc/openssl-$VERSION -( cd $TMP/openssl-$VERSION - cp -a CHANGES CHANGES.SSLeay FAQ INSTALL INSTALL.MacOS INSTALL.VMS INSTALL.W32 \ - LICENSE NEWS README README.ENGINE $PKG2/usr/doc/openssl-$VERSION -) - -# If there's a CHANGES file, installing at least part of the recent history -# is useful, but don't let it get totally out of control: -if [ -r CHANGES ]; then - DOCSDIR=$(echo $PKG2/usr/doc/*-$VERSION) - cat CHANGES | head -n 2000 > $DOCSDIR/CHANGES - touch -r CHANGES $DOCSDIR/CHANGES -fi - -find $PKG2/usr/doc/openssl-$VERSION -type d -exec chmod 755 {} \; -find $PKG2/usr/doc/openssl-$VERSION -type f -exec chmod 644 {} \; -cd $PKG2 -mkdir -p install -zcat $CWD/doinst.sh-openssl-solibs.gz > install/doinst.sh -cat $CWD/slack-desc.openssl-solibs > install/slack-desc -/sbin/makepkg -l y -c n $TMP/${NAME2}.txz diff --git a/source/n/openssl/openssl0/slack-desc.openssl b/source/n/openssl/openssl0/slack-desc.openssl deleted file mode 100644 index 57227c04..00000000 --- a/source/n/openssl/openssl0/slack-desc.openssl +++ /dev/null @@ -1,19 +0,0 @@ -# HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line -# up the first '|' above the ':' following the base package name, and the '|' on -# the right side marks the last column you can put a character in. You must make -# exactly 11 lines for the formatting to be correct. It's also customary to -# leave one space after the ':'. - - |-----handy-ruler------------------------------------------------------| -openssl: openssl (Secure Sockets Layer toolkit) -openssl: -openssl: The OpenSSL certificate management tool and the shared libraries that -openssl: provide various encryption and decryption algorithms and protocols. -openssl: -openssl: This product includes software developed by the OpenSSL Project for -openssl: use in the OpenSSL Toolkit (http://www.openssl.org). This product -openssl: includes cryptographic software written by Eric Young -openssl: (eay@cryptsoft.com). This product includes software written by Tim -openssl: Hudson (tjh@cryptsoft.com). -openssl: diff --git a/source/n/openssl/openssl0/slack-desc.openssl-solibs b/source/n/openssl/openssl0/slack-desc.openssl-solibs deleted file mode 100644 index 58609e68..00000000 --- a/source/n/openssl/openssl0/slack-desc.openssl-solibs +++ /dev/null @@ -1,19 +0,0 @@ -# HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line -# up the first '|' above the ':' following the base package name, and the '|' on -# the right side marks the last column you can put a character in. You must make -# exactly 11 lines for the formatting to be correct. It's also customary to -# leave one space after the ':'. - - |-----handy-ruler------------------------------------------------------| -openssl-solibs: openssl-solibs (OpenSSL shared libraries) -openssl-solibs: -openssl-solibs: These shared libraries provide encryption routines required by -openssl-solibs: programs such as openssh, bind, sendmail, and many others. -openssl-solibs: -openssl-solibs: This product includes software developed by the OpenSSL Project for -openssl-solibs: use in the OpenSSL Toolkit (http://www.openssl.org). This product -openssl-solibs: includes cryptographic software written by Eric Young -openssl-solibs: (eay@cryptsoft.com). This product includes software written by Tim -openssl-solibs: Hudson (tjh@cryptsoft.com). -openssl-solibs: diff --git a/source/n/openvpn/openvpn.SlackBuild b/source/n/openvpn/openvpn.SlackBuild index 7293806c..cb9efc4f 100755 --- a/source/n/openvpn/openvpn.SlackBuild +++ b/source/n/openvpn/openvpn.SlackBuild @@ -23,13 +23,13 @@ PKGNAM=openvpn -VERSION=2.3.2 +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -38,8 +38,8 @@ fi NUMJOBS=${NUMJOBS:-" -j7 "} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" diff --git a/source/n/openvpn/openvpn.url b/source/n/openvpn/openvpn.url new file mode 100644 index 00000000..0845c411 --- /dev/null +++ b/source/n/openvpn/openvpn.url @@ -0,0 +1 @@ +https://swupdate.openvpn.org/community/releases/ diff --git a/source/n/p11-kit/p11-kit.SlackBuild b/source/n/p11-kit/p11-kit.SlackBuild index cee35a1f..b9a9b21f 100755 --- a/source/n/p11-kit/p11-kit.SlackBuild +++ b/source/n/p11-kit/p11-kit.SlackBuild @@ -2,7 +2,7 @@ # Slackware build script for p11-kit -# Copyright 2011, 2012 Robby Workman, Northport, Alabama, USA +# Copyright 2011, 2012, 2014 Robby Workman, Northport, Alabama, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -23,14 +23,14 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. PKGNAM=p11-kit -VERSION=${VERSION:-0.16.4} +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} BUILD=${BUILD:-1} NUMJOBS=${NUMJOBS:--j6} if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) ARCH=i486 ;; + i?86) ARCH=i586 ;; arm*) ARCH=arm ;; *) ARCH=$( uname -m ) ;; esac @@ -40,8 +40,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-$PKGNAM -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "i686" ]; then SLKCFLAGS="-O2 -march=i686 -mtune=i686" diff --git a/source/n/php/doinst.sh b/source/n/php/doinst.sh index bf1b2170..a6f584ed 100644 --- a/source/n/php/doinst.sh +++ b/source/n/php/doinst.sh @@ -22,7 +22,9 @@ if [ -e etc/rc.d/rc.php-fpm ]; then mv etc/rc.d/rc.php-fpm.new.incoming etc/rc.d/rc.php-fpm.new fi config etc/rc.d/rc.php-fpm.new -cp -a etc/httpd/php.ini-production etc/httpd/php.ini.new -config etc/httpd/php.ini.new -cp -a etc/php-fpm/php-fpm.conf.default etc/php-fpm/php-fpm.conf.new -config etc/php-fpm/php-fpm.conf.new +cp -a etc/php.ini-production etc/php.ini.new +config etc/php.ini.new +cp -a etc/php-fpm.conf.default etc/php-fpm.conf.new +config etc/php-fpm.conf.new +cp -a etc/php-fpm.conf.default etc/php-fpm.conf.new +config etc/php-fpm.conf.new diff --git a/source/n/php/fetch-php.sh b/source/n/php/fetch-php.sh index 522214cc..a44015ed 100755 --- a/source/n/php/fetch-php.sh +++ b/source/n/php/fetch-php.sh @@ -1 +1 @@ -lftpget http://us.php.net/distributions/php-5.4.20.tar.bz2 +lftpget http://us.php.net/distributions/php-5.6.23.tar.xz diff --git a/source/n/php/init.d.php-fpm.in.diff b/source/n/php/init.d.php-fpm.in.diff deleted file mode 100644 index 00f88778..00000000 --- a/source/n/php/init.d.php-fpm.in.diff +++ /dev/null @@ -1,11 +0,0 @@ ---- ./sapi/fpm/init.d.php-fpm.in.orig 2013-05-08 00:41:20.000000000 -0500 -+++ ./sapi/fpm/init.d.php-fpm.in 2013-05-19 14:52:33.952089160 -0500 -@@ -14,7 +14,7 @@ - exec_prefix=@exec_prefix@ - - php_fpm_BIN=@sbindir@/php-fpm --php_fpm_CONF=@sysconfdir@/php-fpm.conf -+php_fpm_CONF=@sysconfdir@/php-fpm/php-fpm.conf - php_fpm_PID=@localstatedir@/run/php-fpm.pid - - diff --git a/source/n/php/php-fpm.conf.diff b/source/n/php/php-fpm.conf.diff index e749185b..38d0f9c6 100644 --- a/source/n/php/php-fpm.conf.diff +++ b/source/n/php/php-fpm.conf.diff @@ -5,8 +5,8 @@ ; - the global prefix if it's been set (-p arguement) ; - @prefix@ otherwise -;include=etc/fpm.d/*.conf -+;include=etc/php-fpm/*.conf - ++;include=etc/php-fpm.d/*.conf + ;;;;;;;;;;;;;;;;;; ; Global Options ; @@ -22,14 +22,14 @@ @@ -15,7 +15,7 @@ ; Default Value: none -;pid = run/php-fpm.pid +pid = run/php-fpm.pid - + ; Error log file ; If it's set to "syslog", log is sent to syslogd instead of being written ; in a local file. @@ -23,6 +23,6 @@ ; Default Value: log/php-fpm.log -;error_log = log/php-fpm.log +error_log = log/php-fpm.log - + ; syslog_facility is used to specify what type of program is logging the ; message. This lets syslogd specify that messages from different facilities diff --git a/source/n/php/php.SlackBuild b/source/n/php/php.SlackBuild index 9e263230..2e8748ce 100755 --- a/source/n/php/php.SlackBuild +++ b/source/n/php/php.SlackBuild @@ -3,7 +3,7 @@ # Build and package mod_php on Slackware. # by: David Cantrell <david@slackware.com> # Modified for PHP 4-5 by volkerdi@slackware.com -# Copyright 2007, 2008, 2009, 2010, 2011, 2012, 2013 Patrick Volkerding, Sebeka, MN, USA +# Copyright 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2015 Patrick Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -25,13 +25,13 @@ VERSION=${VERSION:-$(echo php-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -ALPINE=2.11 +ALPINE=2.20 BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -52,6 +52,9 @@ if [ "$ARCH" = "i386" ]; then elif [ "$ARCH" = "i486" ]; then SLKCFLAGS="-O2 -march=i486 -mtune=i686" LIBDIRSUFFIX="" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" + LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" LIBDIRSUFFIX="" @@ -75,14 +78,13 @@ else strip -g c-client.a mkdir -p $IMAPLIBDIR/lib${LIBDIRSUFFIX} cp c-client.a $IMAPLIBDIR/lib${LIBDIRSUFFIX} - ( cd $IMAPLIBDIR/lib${LIBDIRSUFFIX} ; ln -sf c-client.a libc-client.a ) mkdir -p $IMAPLIBDIR/include cp *.h $IMAPLIBDIR/include ) fi mkdir -p $PKG/etc/httpd -mkdir -p $PKG/etc/php +mkdir -p $PKG/etc/php.d # A trick from DaMouse to enable building php into $PKG. # We'll remove this later on. cat /etc/httpd/original/httpd.conf > $PKG/etc/httpd/httpd.conf @@ -96,8 +98,6 @@ rm -rf php-$VERSION tar xvf $CWD/php-$VERSION.tar.?z* || exit 1 cd php-$VERSION -zcat $CWD/init.d.php-fpm.in.diff.gz | patch -p1 --verbose || exit 1 - # cleanup: find . -name "*.orig" -delete @@ -158,8 +158,8 @@ CFLAGS="$SLKCFLAGS" \ --enable-pcntl \ --enable-mbregex \ --enable-tokenizer=shared \ - --with-config-file-scan-dir=/etc/php \ - --with-config-file-path=/etc/httpd \ + --with-config-file-scan-dir=/etc/php.d \ + --with-config-file-path=/etc \ --enable-mod_charset \ --with-layout=PHP \ --disable-sigchild \ @@ -178,7 +178,6 @@ CFLAGS="$SLKCFLAGS" \ --enable-calendar=shared \ --enable-ctype=shared \ --with-curl=shared \ - --with-curlwrappers \ --with-mcrypt=/usr \ --enable-dba=shared \ --with-gdbm=/usr \ @@ -188,6 +187,7 @@ CFLAGS="$SLKCFLAGS" \ --with-gd=shared \ --with-jpeg-dir=/usr \ --with-png-dir=/usr \ + --with-vpx-dir=/usr \ --with-zlib-dir=/usr \ --with-xpm-dir=/usr \ --with-freetype-dir=/usr \ @@ -204,9 +204,11 @@ CFLAGS="$SLKCFLAGS" \ --with-mysql=shared,mysqlnd \ --with-mysqli=shared,mysqlnd \ --with-mysql-sock=/var/run/mysql/mysql.sock \ + --with-iodbc=shared,/usr \ --enable-pdo=shared \ --with-pdo-mysql=shared,mysqlnd \ --with-pdo-sqlite=shared,/usr \ + --with-pdo-odbc=shared,iODBC,/usr \ --with-pspell=shared,/usr \ --with-enchant=shared,/usr \ --enable-shmop=shared \ @@ -223,10 +225,12 @@ CFLAGS="$SLKCFLAGS" \ --enable-zip=shared \ --with-tsrm-pthreads \ --enable-intl=shared \ + --enable-opcache \ --enable-shared=yes \ --enable-static=no \ --with-gnu-ld \ --with-pic \ + --enable-phpdbg \ --build=$ARCH-slackware-linux # I am told this option is worse than nothing. :-) @@ -238,11 +242,9 @@ CFLAGS="$SLKCFLAGS" \ make $NUMJOBS || make || exit 1 make install INSTALL_ROOT=$PKG || exit 1 -mkdir -p $PKG/etc/{rc.d,php-fpm} +mkdir -p $PKG/etc/{rc.d,php-fpm.d} cp sapi/fpm/init.d.php-fpm $PKG/etc/rc.d/rc.php-fpm.new chmod 644 $PKG/etc/rc.d/rc.php-fpm.new -mv $PKG/etc/php-fpm.conf.default $PKG/etc/php-fpm -chmod 644 $PKG/etc/php-fpm/php-fpm.conf.default # PHP (used to) install Pear with some strange permissions. chmod 755 $PKG/usr/bin/pear @@ -273,12 +275,15 @@ chown -R root:root $PKG/usr/doc/php-$VERSION chmod 644 $PKG/usr/doc/php-$VERSION/UPGRADING* mkdir -p $PKG/etc/httpd -cp -a php.ini-development php.ini-production $PKG/etc/httpd cat $CWD/mod_php.conf.example | sed -e "s#lib/httpd#lib${LIBDIRSUFFIX}/httpd#" \ > $PKG/etc/httpd/mod_php.conf.example chmod 644 $PKG/etc/httpd/* chown root:root $PKG/etc/httpd/* +cp -a php.ini-development php.ini-production $PKG/etc +chmod 755 $PKG/etc/php.d $PKG/etc/php-fpm.d $PKG/etc/httpd +chown root:root $PKG/etc/* + # This can go now. rm -f $PKG/etc/httpd/httpd* diff --git a/source/n/php/php.ini-development.diff b/source/n/php/php.ini-development.diff index 8c582e4d..ffa7c0c9 100644 --- a/source/n/php/php.ini-development.diff +++ b/source/n/php/php.ini-development.diff @@ -1,6 +1,6 @@ --- ./php.ini-development.orig 2012-07-18 01:19:16.000000000 -0500 +++ ./php.ini-development 2012-08-08 20:06:33.512546116 -0500 -@@ -859,6 +859,46 @@ +@@ -859,6 +859,49 @@ ; If you only provide the name of the extension, PHP will look for it in its ; default extension directory. ; @@ -28,10 +28,13 @@ +extension=mbstring.so +extension=mysql.so +extension=mysqli.so ++extension=odbc.so +extension=openssl.so ++zend_extension=opcache.so +extension=pdo.so +extension=pdo_mysql.so +extension=pdo_sqlite.so ++extension=pdo_odbc.so +extension=pspell.so +extension=shmop.so +extension=snmp.so diff --git a/source/n/pinentry/pinentry.SlackBuild b/source/n/pinentry/pinentry.SlackBuild index d01b1295..3329405b 100755 --- a/source/n/pinentry/pinentry.SlackBuild +++ b/source/n/pinentry/pinentry.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2006 Robby Workman (http://rlworkman.net) +# Copyright 2006, 2014 Robby Workman, Tuscaloosa, AL, USA # Copyright 2007, 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # @@ -29,7 +29,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -38,8 +38,8 @@ fi NUMJOBS=${NUMJOBS:-" -j7 "} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" ARCHQUADLET="" elif [ "$ARCH" = "s390" ]; then @@ -78,40 +78,31 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -# Needs to be done manually: -# http://lists.gnupg.org/pipermail/gnupg-devel/2009-June/025197.html -for file in qt4/*.moc ; do - moc ${file/.moc/.h} > $file -done - -# Note that building the gtk1 interface is disabled CFLAGS="$SLKCFLAGS" \ CXXFLAGS="$SLKCFLAGS" \ ./configure \ --prefix=/usr \ --libdir=/usr/lib${LIBDIRSUFFIX} \ --sysconfdir=/etc \ + --mandir=/usr/man \ --infodir=/usr/info \ - --enable-pinentry-gtk=no \ --enable-pinentry-curses \ --enable-fallback-curses \ --enable-pinentry-gtk2 \ - --enable-pinentry-qt4 \ --build=$ARCH-slackware-linux$ARCHQUADLET \ --host=$ARCH-slackware-linux$ARCHQUADLET || exit 1 make $NUMJOBS || make || exit 1 make install DESTDIR=$PKG || exit 1 -# Replace the qt3 version with a symlink to the qt4 one: -( cd $PKG/usr/bin - rm -f pinentry-qt - ln -sf pinentry-qt4 pinentry-qt -) - find $PKG | xargs file | grep -e "executable" -e "shared object" \ | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +# Just in case: a compat link +ln -s pinentry-qt $PKG/usr/bin/pinentry-qt4 + +find $PKG/usr/man -type f -exec gzip -9 {} \; + rm $PKG/usr/info/dir gzip -9 $PKG/usr/info/*.info diff --git a/source/n/popa3d/popa3d-1.0.2-crypt.diff b/source/n/popa3d/popa3d-1.0.2-crypt.diff deleted file mode 100644 index c6c006c7..00000000 --- a/source/n/popa3d/popa3d-1.0.2-crypt.diff +++ /dev/null @@ -1,50 +0,0 @@ ---- Owl/packages/popa3d/popa3d/auth_passwd.c 2002/03/20 17:08:45 1.1 -+++ Owl/packages/popa3d/popa3d/auth_passwd.c 2012/08/15 09:06:39 1.2 -@@ -26,9 +26,11 @@ struct passwd *auth_userpass(char *user, - if (!pw || !*pw->pw_passwd || - *pw->pw_passwd == '*' || *pw->pw_passwd == '!') - crypt(pass, AUTH_DUMMY_SALT); -- else -- if (!strcmp(crypt(pass, pw->pw_passwd), pw->pw_passwd)) -- result = pw; -+ else { -+ char *hash = crypt(pass, pw->pw_passwd); -+ if (hash && !strcmp(hash, pw->pw_passwd)) -+ result = pw; -+ } - - if (pw) - memset(pw->pw_passwd, 0, strlen(pw->pw_passwd)); ---- Owl/packages/popa3d/popa3d/auth_shadow.c 2006/03/05 13:18:32 1.2 -+++ Owl/packages/popa3d/popa3d/auth_shadow.c 2012/08/15 09:06:39 1.3 -@@ -52,9 +52,11 @@ struct passwd *auth_userpass(char *user, - if (!(spw = getspnam(user)) || !pw || !*spw->sp_pwdp || - *spw->sp_pwdp == '*' || *spw->sp_pwdp == '!') - crypt(pass, AUTH_DUMMY_SALT); -- else -- if (!strcmp(crypt(pass, spw->sp_pwdp), spw->sp_pwdp)) -- result = 1; -+ else { -+ char *hash = crypt(pass, spw->sp_pwdp); -+ if (hash && !strcmp(hash, spw->sp_pwdp)) -+ result = 1; -+ } - write(channel[1], &result, 1); - exit(0); - } ---- Owl/packages/popa3d/popa3d/virtual.c 2006/03/07 03:30:15 1.3 -+++ Owl/packages/popa3d/popa3d/virtual.c 2012/08/15 09:06:39 1.4 -@@ -175,8 +175,11 @@ struct passwd *virtual_userpass(char *us - endpwent(); - - result = NULL; -- if (!strcmp(crypt(pass, passwd), passwd) && !fail) -- result = pw; -+ { -+ char *computed_hash = crypt(pass, passwd); -+ if (computed_hash && !strcmp(computed_hash, passwd) && !fail) -+ result = pw; -+ } - - memset(auth, 0, sizeof(auth)); - diff --git a/source/n/popa3d/popa3d-1.0.2.tar.gz.sign b/source/n/popa3d/popa3d-1.0.2.tar.gz.sign deleted file mode 100644 index 44b2913b..00000000 --- a/source/n/popa3d/popa3d-1.0.2.tar.gz.sign +++ /dev/null @@ -1,10 +0,0 @@ ------BEGIN PGP MESSAGE----- -Version: 2.6.3ia -Comment: http://www.openwall.com/signatures/ - -iQCVAwUARHJblHK5fbEpUCnxAQEjyAP9HEydFlz7lFGoHI4SqBLlH7XRNFgs/sKg -biNYMBlohgU2YHilrX1wNiActrLqvv+wr1en6KZVKHhG7QtLZo0MWQsypylEIxVT -UVANL0wybUOnx+XRuQKKpCnkinS9Pic1dHXLTaXx1NkeHAYlUM6YRvdWSRpvkNHR -eAHZO3LYaWI= -=IGmS ------END PGP MESSAGE----- diff --git a/source/n/popa3d/popa3d-1.0.3.tar.gz.sign b/source/n/popa3d/popa3d-1.0.3.tar.gz.sign new file mode 100644 index 00000000..0e67ad15 --- /dev/null +++ b/source/n/popa3d/popa3d-1.0.3.tar.gz.sign @@ -0,0 +1,10 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.13 (GNU/Linux) +Comment: http://www.openwall.com/signatures/ + +iQCVAwUAUmU8wHK5fbEpUCnxAQIrvwP9F/DskhIFt/e2kUVSe5C43zfeIY/4kE1f +7TJj/Ip+ILiOqqNsKtYICx4JXQoDIuKTWU6EHUBOrrNYMwGeAfzl5Y/pKwx9IOa8 +7Fst2/ESOOsmz/na880JCosrMzJ8KjTAqhU6LxlUFvJfFqC14O1F8fjePQ2rhbZw +hdeg+PLw8nA= +=32vI +-----END PGP SIGNATURE----- diff --git a/source/n/popa3d/popa3d.SlackBuild b/source/n/popa3d/popa3d.SlackBuild index 3767fae6..78932c70 100755 --- a/source/n/popa3d/popa3d.SlackBuild +++ b/source/n/popa3d/popa3d.SlackBuild @@ -20,8 +20,8 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=1.0.2 -BUILD=${BUILD:-4} +VERSION=1.0.3 +BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -47,7 +47,6 @@ tar xvf $CWD/popa3d-$VERSION.tar.gz || exit 1 cd popa3d-$VERSION || exit 1 zcat $CWD/popa3d.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 -zcat $CWD/popa3d-1.0.2-crypt.diff.gz | patch -p4 --verbose || exit 1 chown -R root:root . find . \ diff --git a/source/n/portmap/portmap.SlackBuild b/source/n/portmap/portmap.SlackBuild deleted file mode 100755 index 544dc9af..00000000 --- a/source/n/portmap/portmap.SlackBuild +++ /dev/null @@ -1,102 +0,0 @@ -#!/bin/sh - -# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA -# All rights reserved. -# -# Redistribution and use of this script, with or without modification, is -# permitted provided that the following conditions are met: -# -# 1. Redistributions of this script must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, -# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; -# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF -# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -VERSION=${VERSION:-6.0} -BUILD=${BUILD:-1} - -# Automatically determine the architecture we're building on: -if [ -z "$ARCH" ]; then - case "$( uname -m )" in - i?86) export ARCH=i486 ;; - arm*) export ARCH=arm ;; - # Unless $ARCH is already set, use uname -m for all other archs: - *) export ARCH=$( uname -m ) ;; - esac -fi - -CWD=$(pwd) -TMP=${TMP:-/tmp} -PKG=$TMP/package-portmap - -rm -rf $PKG -mkdir -p $TMP $PKG - -cd $TMP -rm -rf portmap_$VERSION -tar xvf $CWD/portmap-$VERSION.tar.bz2 || exit 1 -cd portmap_$VERSION -chown -R root:root . -find . \ - \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ - -exec chmod 755 {} \; -o \ - \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ - -exec chmod 644 {} \; - -zcat $CWD/portmap.lwrap.needs.lnsl.diff.gz | patch -p1 --backup --suffix=.orig || exit 1 - -mkdir -p $PKG/usr/doc/portmap-$VERSION -cp -a \ - BLURB* CHANGES README* \ - $PKG/usr/doc/portmap-$VERSION -chmod 644 $PKG/usr/doc/portmap-$VERSION/* - -make || exit 1 - -strip portmap pmap_dump pmap_set -mkdir -p $PKG/sbin -cat portmap > $PKG/sbin/rpc.portmap -chmod 755 $PKG/sbin/rpc.portmap -mkdir -p $PKG/usr/sbin -cat pmap_dump > $PKG/usr/sbin/pmap_dump -cat pmap_set > $PKG/usr/sbin/pmap_set -chmod 755 $PKG/usr/sbin/* - -mkdir -p $PKG/usr/man/man8 -for file in *.8 ; do - cat ${file} | gzip -9c > $PKG/usr/man/man8/${file}.gz -done -( cd $PKG/usr/man/man8 ; ln -sf portmap.8.gz rpc.portmap.8.gz ) - -# Now let's add a recent version of /etc/rpc for good measure: -if [ -r /etc/rpc ]; then - mkdir -p $PKG/etc - cp -a /etc/rpc $PKG/etc/rpc -else - echo "WARNING: no /etc/rpc on this system, can't include!" - echo -n "hit enter..." - read errorfodder - echo -fi - -mkdir -p $PKG/etc/rc.d -zcat $CWD/rc.rpc.gz > $PKG/etc/rc.d/rc.rpc.new -# Off by default. -chmod 644 $PKG/etc/rc.d/rc.rpc.new - -mkdir -p $PKG/install -cat $CWD/slack-desc > $PKG/install/slack-desc -zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh - -# Build the package: -cd $PKG -/sbin/makepkg -l y -c n $TMP/portmap-$VERSION-$ARCH-$BUILD.txz - diff --git a/source/n/portmap/portmap.lwrap.needs.lnsl.diff b/source/n/portmap/portmap.lwrap.needs.lnsl.diff deleted file mode 100644 index 277c31d8..00000000 --- a/source/n/portmap/portmap.lwrap.needs.lnsl.diff +++ /dev/null @@ -1,11 +0,0 @@ ---- ./Makefile.orig 2007-05-10 22:02:10.000000000 -0500 -+++ ./Makefile 2007-05-17 17:44:18.000000000 -0500 -@@ -20,7 +20,7 @@ - - ifeq ($(NO_TCP_WRAPPER),) - CPPFLAGS += -DHOSTS_ACCESS --WRAP_LIB = -lwrap -+WRAP_LIB = -lwrap -lnsl - ifdef USE_DNS - CPPFLAGS += -DENABLE_DNS - MAN_SED += -e 's/USE_DNS/yes/' diff --git a/source/n/portmap/slack-desc b/source/n/portmap/slack-desc deleted file mode 100644 index bc513849..00000000 --- a/source/n/portmap/slack-desc +++ /dev/null @@ -1,19 +0,0 @@ -# HOW TO EDIT THIS FILE: -# The "handy ruler" below makes it easier to edit a package description. Line -# up the first '|' above the ':' following the base package name, and the '|' -# on the right side marks the last column you can put a character in. You must -# make exactly 11 lines for the formatting to be correct. It's also -# customary to leave one space after the ':'. - - |-----handy-ruler------------------------------------------------------| -portmap: portmap (a daemon to manage RPC connections) -portmap: -portmap: The portmapper (/sbin/rpc.portmap) is a network daemon used to manage -portmap: connections to RPC services. Daemons that offer RPC services (such -portmap: as the daemons for NFS) tell the portmapper on what port they listen. -portmap: Unlike the services registered with the inetd, RPC network port -portmap: numbers may change each time the system is booted. -portmap: -portmap: The portmapper is required to use NFS or other RPC services. -portmap: -portmap: diff --git a/source/n/ppp/ppp.CVE-2015-3310.diff b/source/n/ppp/ppp.CVE-2015-3310.diff new file mode 100644 index 00000000..ecf53ce4 --- /dev/null +++ b/source/n/ppp/ppp.CVE-2015-3310.diff @@ -0,0 +1,11 @@ +--- ./pppd/plugins/radius/util.c.orig 2015-04-17 11:43:59.687374237 -0500 ++++ ./pppd/plugins/radius/util.c 2015-04-17 11:45:12.612379499 -0500 +@@ -77,7 +77,7 @@ + static unsigned short int cnt = 0; + sprintf (buf, "%08lX%04X%02hX", + (unsigned long int) time (NULL), +- (unsigned int) getpid (), ++ (unsigned int) getpid () % 65535, + cnt & 0xFF); + cnt++; + return buf; diff --git a/source/n/ppp/ppp.SlackBuild b/source/n/ppp/ppp.SlackBuild index 3c229953..daaf1e3a 100755 --- a/source/n/ppp/ppp.SlackBuild +++ b/source/n/ppp/ppp.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2013, 2015 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -20,10 +20,10 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=2.4.5 -RADVER=0.3.2 +VERSION=2.4.7 +RADVER=1.1.6 PPPVER=1.98 -BUILD=${BUILD:-2} +BUILD=${BUILD:-1} NUMJOBS=${NUMJOBS:-" -j7 "} @@ -55,7 +55,7 @@ echo "| ppp-$VERSION |" echo "+============+" cd $TMP rm -rf ppp-$VERSION -tar xvf $CWD/ppp-$VERSION.tar.bz2 || exit 1 +tar xvf $CWD/ppp-$VERSION.tar.xz || exit 1 cd ppp-$VERSION || exit 1 chown -R root:root . find . \ @@ -66,20 +66,18 @@ find . \ zcat $CWD/ppp.slack.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 sed -i -e "s#lib/pppd#lib${LIBDIRSUFFIX}/pppd#g" $(grep -lr 'lib/pppd' *) -zcat $CWD/ppp.crypt.diff.gz | patch -p1 --verbose || exit 1 # This conflicts with the header in 3.5+ kernels: rm -f include/linux/if_pppol2tp.h +zcat $CWD/ppp.CVE-2015-3310.diff.gz | patch -p1 --verbose || exit 1 + ./configure \ --prefix=/usr \ --libdir=/usr/lib${LIBDIRSUFFIX} make $NUMJOBS || make || exit 1 make install DESTDIR=$PKG/usr -mv $PKG/usr/share/man $PKG/usr -rmdir $PKG/usr/share - # Install PPP config files: mkdir -p $PKG/etc/ppp cp -a etc.ppp/* $PKG/etc/ppp @@ -102,24 +100,22 @@ cp -a \ $PKG/usr/doc/ppp-$VERSION echo "+====================+" -echo "| radiusclient-$RADVER |" +echo "| freeradius-client-$RADVER |" echo "+====================+" cd $TMP -rm -rf radiusclient-$RADVER -tar xf $CWD/radiusclient-$RADVER.tar.bz2 || exit 1 -cd radiusclient-$RADVER || exit 1 +rm -rf freeradius-client-$RADVER +tar xf $CWD/freeradius-client-$RADVER.tar.xz || exit 1 +cd freeradius-client-$RADVER || exit 1 chown -R root:root . -#cp /usr/share/libtool/config.{guess,sub} . # libtool-1.x -cp /usr/share/libtool/config/config.{guess,sub} . # libtool-2.x ./configure \ --prefix=/usr \ --libdir=/usr/lib${LIBDIRSUFFIX} \ - --sysconfdir=/etc + --sysconfdir=/etc \ + --build=$ARCH-slackware-linux make $NUMJOBS || make || exit 1 make install DESTDIR=$PKG || exit 1 zcat $CWD/radius.msdict.gz > $PKG/etc/radiusclient/dictionary.microsoft zcat $CWD/realms.gz > $PKG/etc/radiusclient/realms -zcat $CWD/servers.gz > $PKG/etc/radiusclient/servers ( cd $PKG/etc/radiusclient chmod 600 realms servers mv issue issue.new @@ -127,18 +123,18 @@ zcat $CWD/servers.gz > $PKG/etc/radiusclient/servers mv realms realms.new mv servers servers.new ) -mkdir -p $PKG/usr/doc/radiusclient-$RADVER +mkdir -p $PKG/usr/doc/freeradius-client-$RADVER cp -a \ BUGS CHANGES COPYRIGHT README README.radexample doc/instop.html \ - $PKG/usr/doc/radiusclient-$RADVER -chmod 644 $PKG/usr/doc/radiusclient-$RADVER/* + $PKG/usr/doc/freeradius-client-$RADVER +chmod 644 $PKG/usr/doc/freeradius-client-$RADVER/* echo "+===============+" echo "| pppsetup-$PPPVER |" echo "+===============+" cd $TMP rm -rf pppsetup-$PPPVER -tar xvf $CWD/pppsetup-$PPPVER.tar.gz || exit 1 +tar xvf $CWD/pppsetup-$PPPVER.tar.xz || exit 1 cd pppsetup-$PPPVER || exit 1 chown -R root:root . zcat $CWD/pppsetup-1.98.slack.diff.gz | patch -p1 --backup || exit diff --git a/source/n/ppp/ppp.crypt.diff b/source/n/ppp/ppp.crypt.diff deleted file mode 100644 index 2e39af2b..00000000 --- a/source/n/ppp/ppp.crypt.diff +++ /dev/null @@ -1,64 +0,0 @@ -From 04c4348108d847e034dd91066cc6843f60d71731 Mon Sep 17 00:00:00 2001 -From: Paul Mackerras <paulus@samba.org> -Date: Sun, 20 May 2012 14:14:55 +1000 -Subject: [PATCH] pppd: Don't crash if crypt() returns NULL - -It is possible for crypt() to return NULL under some circumstances, -so we need to check the return value before passing it to strcmp(). -If we do get NULL from crypt(), treat it as an authentication failure. - -Reported-by: Paul Wouters <pwouters@redhat.com> -Signed-off-by: Paul Mackerras <paulus@samba.org> ---- - pppd/auth.c | 8 +++++--- - pppd/session.c | 7 +++++-- - 2 files changed, 10 insertions(+), 5 deletions(-) - -diff --git a/pppd/auth.c b/pppd/auth.c -index fb71944..883b7f5 100644 ---- a/pppd/auth.c -+++ b/pppd/auth.c -@@ -1442,9 +1442,11 @@ check_passwd(unit, auser, userlen, apasswd, passwdlen, msg) - } - if (secret[0] != 0 && !login_secret) { - /* password given in pap-secrets - must match */ -- if ((cryptpap || strcmp(passwd, secret) != 0) -- && strcmp(crypt(passwd, secret), secret) != 0) -- ret = UPAP_AUTHNAK; -+ if (cryptpap || strcmp(passwd, secret) != 0) { -+ char *cbuf = crypt(passwd, secret); -+ if (!cbuf || strcmp(cbuf, secret) != 0) -+ ret = UPAP_AUTHNAK; -+ } - } - } - fclose(f); -diff --git a/pppd/session.c b/pppd/session.c -index 32901a2..56385dd 100644 ---- a/pppd/session.c -+++ b/pppd/session.c -@@ -178,6 +178,7 @@ session_start(flags, user, passwd, ttyName, msg) - bool try_session = 0; - #else /* #ifdef USE_PAM */ - struct passwd *pw; -+ char *cbuf; - #ifdef HAS_SHADOW - struct spwd *spwd; - struct spwd *getspnam(); -@@ -348,8 +349,10 @@ session_start(flags, user, passwd, ttyName, msg) - /* - * If no passwd, don't let them login if we're authenticating. - */ -- if (pw->pw_passwd == NULL || strlen(pw->pw_passwd) < 2 -- || strcmp(crypt(passwd, pw->pw_passwd), pw->pw_passwd) != 0) -+ if (pw->pw_passwd == NULL || strlen(pw->pw_passwd) < 2) -+ return SESSION_FAILED; -+ cbuf = crypt(passwd, pw->pw_passwd); -+ if (!cbuf || strcmp(cbuf, pw->pw_passwd) != 0) - return SESSION_FAILED; - } - --- -1.7.10.4 - - diff --git a/source/n/ppp/ppp.slack.diff b/source/n/ppp/ppp.slack.diff index dafd0d3e..6332324a 100644 --- a/source/n/ppp/ppp.slack.diff +++ b/source/n/ppp/ppp.slack.diff @@ -1,7 +1,40 @@ -diff -r -u ppp-2.4.2.orig/pppd/Makefile.linux ppp-2.4.2/pppd/Makefile.linux ---- ppp-2.4.2.orig/pppd/Makefile.linux 2003-11-27 13:55:19.000000000 -0800 -+++ ppp-2.4.2/pppd/Makefile.linux 2004-02-22 21:36:11.000000000 -0800 -@@ -31,7 +31,7 @@ +diff -Nur ppp-2.4.7.orig/chat/Makefile.linux ppp-2.4.7/chat/Makefile.linux +--- ppp-2.4.7.orig/chat/Makefile.linux 2014-08-09 07:31:39.000000000 -0500 ++++ ppp-2.4.7/chat/Makefile.linux 2014-08-09 17:10:27.423374415 -0500 +@@ -2,7 +2,7 @@ + + DESTDIR = $(INSTROOT)@DESTDIR@ + BINDIR = $(DESTDIR)/sbin +-MANDIR = $(DESTDIR)/share/man/man8 ++MANDIR = $(DESTDIR)/man/man8 + + CDEF1= -DTERMIOS # Use the termios structure + CDEF2= -DSIGTYPE=void # Standard definition +diff -Nur ppp-2.4.7.orig/linux/Makefile.top ppp-2.4.7/linux/Makefile.top +--- ppp-2.4.7.orig/linux/Makefile.top 2014-08-09 07:31:39.000000000 -0500 ++++ ppp-2.4.7/linux/Makefile.top 2014-08-09 17:11:14.156384165 -0500 +@@ -3,7 +3,7 @@ + DESTDIR = $(INSTROOT)@DESTDIR@ + BINDIR = $(DESTDIR)/sbin + INCDIR = $(DESTDIR)/include +-MANDIR = $(DESTDIR)/share/man ++MANDIR = $(DESTDIR)/man + ETCDIR = $(INSTROOT)@SYSCONF@/ppp + + # uid 0 = root +diff -Nur ppp-2.4.7.orig/pppd/Makefile.linux ppp-2.4.7/pppd/Makefile.linux +--- ppp-2.4.7.orig/pppd/Makefile.linux 2014-08-09 07:31:39.000000000 -0500 ++++ ppp-2.4.7/pppd/Makefile.linux 2014-08-09 17:07:27.458308345 -0500 +@@ -6,7 +6,7 @@ + # Default installation locations + DESTDIR = $(INSTROOT)@DESTDIR@ + BINDIR = $(DESTDIR)/sbin +-MANDIR = $(DESTDIR)/share/man/man8 ++MANDIR = $(DESTDIR)/man/man8 + INCDIR = $(DESTDIR)/include + + TARGETS = pppd +@@ -32,7 +32,7 @@ # CC = gcc # @@ -10,14 +43,7 @@ diff -r -u ppp-2.4.2.orig/pppd/Makefile.linux ppp-2.4.2/pppd/Makefile.linux LIBS = # Uncomment the next 2 lines to include support for Microsoft's -@@ -61,13 +61,13 @@ - - HAS_SHADOW=y - #USE_PAM=y --#HAVE_INET6=y -+HAVE_INET6=y - - # Enable plugins +@@ -68,7 +68,7 @@ PLUGIN=y # Enable Microsoft proprietary Callback Control Protocol @@ -26,3 +52,50 @@ diff -r -u ppp-2.4.2.orig/pppd/Makefile.linux ppp-2.4.2/pppd/Makefile.linux # Enable EAP SRP-SHA1 authentication (requires libsrp) #USE_SRP=y +diff -Nur ppp-2.4.7.orig/pppd/plugins/Makefile.linux ppp-2.4.7/pppd/plugins/Makefile.linux +--- ppp-2.4.7.orig/pppd/plugins/Makefile.linux 2014-08-09 07:31:39.000000000 -0500 ++++ ppp-2.4.7/pppd/plugins/Makefile.linux 2014-08-09 17:11:10.734383553 -0500 +@@ -6,7 +6,7 @@ + + DESTDIR = $(INSTROOT)@DESTDIR@ + BINDIR = $(DESTDIR)/sbin +-MANDIR = $(DESTDIR)/share/man/man8 ++MANDIR = $(DESTDIR)/man/man8 + LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION) + + SUBDIRS := rp-pppoe pppoatm pppol2tp +diff -Nur ppp-2.4.7.orig/pppd/plugins/radius/Makefile.linux ppp-2.4.7/pppd/plugins/radius/Makefile.linux +--- ppp-2.4.7.orig/pppd/plugins/radius/Makefile.linux 2014-08-09 07:31:39.000000000 -0500 ++++ ppp-2.4.7/pppd/plugins/radius/Makefile.linux 2014-08-09 17:11:08.470383139 -0500 +@@ -4,7 +4,7 @@ + # + + DESTDIR = $(INSTROOT)@DESTDIR@ +-MANDIR = $(DESTDIR)/share/man/man8 ++MANDIR = $(DESTDIR)/man/man8 + LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION) + + VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h) +diff -Nur ppp-2.4.7.orig/pppdump/Makefile.linux ppp-2.4.7/pppdump/Makefile.linux +--- ppp-2.4.7.orig/pppdump/Makefile.linux 2014-08-09 07:31:39.000000000 -0500 ++++ ppp-2.4.7/pppdump/Makefile.linux 2014-08-09 17:10:35.672376354 -0500 +@@ -1,6 +1,6 @@ + DESTDIR = $(INSTROOT)@DESTDIR@ + BINDIR = $(DESTDIR)/sbin +-MANDIR = $(DESTDIR)/share/man/man8 ++MANDIR = $(DESTDIR)/man/man8 + + CFLAGS= -O -I../include/net + OBJS = pppdump.o bsd-comp.o deflate.o zlib.o +diff -Nur ppp-2.4.7.orig/pppstats/Makefile.linux ppp-2.4.7/pppstats/Makefile.linux +--- ppp-2.4.7.orig/pppstats/Makefile.linux 2014-08-09 07:31:39.000000000 -0500 ++++ ppp-2.4.7/pppstats/Makefile.linux 2014-08-09 17:10:42.293377843 -0500 +@@ -4,7 +4,7 @@ + # + DESTDIR = $(INSTROOT)@DESTDIR@ + BINDIR = $(DESTDIR)/sbin +-MANDIR = $(DESTDIR)/share/man/man8 ++MANDIR = $(DESTDIR)/man/man8 + + PPPSTATSRCS = pppstats.c + PPPSTATOBJS = pppstats.o diff --git a/source/n/ppp/servers b/source/n/ppp/servers deleted file mode 100644 index b061bf93..00000000 --- a/source/n/ppp/servers +++ /dev/null @@ -1,4 +0,0 @@ -#Server Name or Client/Server pair Key -#---------------- --------------- -#portmaster.elemental.net hardlyasecret -#portmaster2.elemental.net donttellanyone diff --git a/source/n/proftpd/proftpd.SlackBuild b/source/n/proftpd/proftpd.SlackBuild index ded54ce5..db0d0d26 100755 --- a/source/n/proftpd/proftpd.SlackBuild +++ b/source/n/proftpd/proftpd.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2016 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -21,24 +21,26 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=1.3.4c -DIRVER=1.3.4c +VERSION=1.3.5b +DIRVER=1.3.5b BUILD=${BUILD:-1} NUMJOBS=${NUMJOBS:-" -j7 "} +PROFTPD_MODS="mod_radius:mod_ban:mod_readme:mod_ratio:mod_tls:mod_wrap:mod_ctrls_admin:mod_quotatab:mod_quotatab_file" + # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac fi -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -79,13 +81,12 @@ CXXFLAGS="$SLKCFLAGS" \ --sysconfdir=/etc \ --enable-autoshadow \ --enable-ctrls \ + --enable-dso \ --enable-ipv6 \ + --enable-nls \ --localstatedir=/var/run \ - --with-modules=mod_radius:mod_ban:mod_readme:mod_ratio:mod_tls:mod_wrap:mod_ctrls_admin \ + --with-modules="${PROFTPD_MODS}" \ --build=$ARCH-slackware-linux -# This caused funny messages about "Quotas off" with every FTP command, -# and mod_wrap gets a compile error: -# --with-modules= ... mod_quota ... make $NUMJOBS || make || exit 1 make install DESTDIR=$PKG || exit 1 diff --git a/source/n/rp-pppoe/rp-pppoe.SlackBuild b/source/n/rp-pppoe/rp-pppoe.SlackBuild index d23e97a0..6549149b 100755 --- a/source/n/rp-pppoe/rp-pppoe.SlackBuild +++ b/source/n/rp-pppoe/rp-pppoe.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2012, 2015 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -27,7 +27,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -36,8 +36,8 @@ fi NUMJOBS=${NUMJOBS:-" -j7 "} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" elif [ "$ARCH" = "x86_64" ]; then diff --git a/source/n/rpcbind/0001-security.c-removed-warning.patch b/source/n/rpcbind/0001-security.c-removed-warning.patch new file mode 100644 index 00000000..6ca5b6d0 --- /dev/null +++ b/source/n/rpcbind/0001-security.c-removed-warning.patch @@ -0,0 +1,29 @@ +From de47f6323d8fb20feefee21d0195cf0529151e04 Mon Sep 17 00:00:00 2001 +From: Steve Dickson <steved@redhat.com> +Date: Thu, 17 Sep 2015 15:57:35 -0400 +Subject: [PATCH 1/4] security.c: removed warning + +src/security.c:100:8: warning: implicit declaration of function 'xlog' +[-Wimplicit-function-declaration] + +Signed-off-by: Steve Dickson <steved@redhat.com> +--- + src/security.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/security.c b/src/security.c +index 0c9453f..c54ce26 100644 +--- a/src/security.c ++++ b/src/security.c +@@ -17,6 +17,8 @@ + #include <syslog.h> + #include <netdb.h> + ++#include "xlog.h" ++ + /* + * XXX for special case checks in check_callit. + */ +-- +2.6.4 + diff --git a/source/n/rpcbind/0002-Fix-memory-corruption-in-PMAP_CALLIT-code.patch b/source/n/rpcbind/0002-Fix-memory-corruption-in-PMAP_CALLIT-code.patch new file mode 100644 index 00000000..6a80742f --- /dev/null +++ b/source/n/rpcbind/0002-Fix-memory-corruption-in-PMAP_CALLIT-code.patch @@ -0,0 +1,82 @@ +From d5dace219953c45d26ae42db238052b68540649a Mon Sep 17 00:00:00 2001 +From: Olaf Kirch <okir@suse.de> +Date: Fri, 30 Oct 2015 10:18:20 -0400 +Subject: [PATCH 2/4] Fix memory corruption in PMAP_CALLIT code + + - A PMAP_CALLIT call comes in on IPv4 UDP + - rpcbind duplicates the caller's address to a netbuf and stores it in + FINFO[0].caller_addr. caller_addr->buf now points to a memory region A + with a size of 16 bytes + - rpcbind forwards the call to the local service, receives a reply + - when processing the reply, it does this in xprt_set_caller: + xprt->xp_rtaddr = *FINFO[0].caller_addr + It sends out the reply, and then frees the netbuf caller_addr and + caller_addr.buf. + However, it does not clear xp_rtaddr, so xp_rtaddr.buf now refers + to memory region A, which is free. + - When the next call comes in on the UDP/IPv4 socket, svc_dg_recv will + be called, which will set xp_rtaddr to the client's address. + It will reuse the buffer inside xp_rtaddr, ie it will write a + sockaddr_in to region A + +Some time down the road, an incoming TCP connection is accepted, +allocating a fresh SVCXPRT. The memory region A is inside the +new SVCXPRT + + - While processing the TCP call, another UDP call comes in, again + overwriting region A with the client's address + - TCP client closes connection. In svc_destroy, we now trip over + the garbage left in region A + +We ran into the case where a commercial scanner was triggering +occasional rpcbind segfaults. The core file that was captured showed +a corrupted xprt->xp_netid pointer that was really a sockaddr_in. + +Signed-off-by: Olaf Kirch <okir@suse.de> +Signed-off-by: Steve Dickson <steved@redhat.com> +--- + src/rpcb_svc_com.c | 23 ++++++++++++++++++++++- + 1 file changed, 22 insertions(+), 1 deletion(-) + +diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c +index ff9ce6b..4ae93f1 100644 +--- a/src/rpcb_svc_com.c ++++ b/src/rpcb_svc_com.c +@@ -1183,12 +1183,33 @@ check_rmtcalls(struct pollfd *pfds, int nfds) + return (ncallbacks_found); + } + ++/* ++ * This is really a helper function defined in libtirpc, ++ * but unfortunately, it hasn't been exported yet. ++ */ ++static struct netbuf * ++__rpc_set_netbuf(struct netbuf *nb, const void *ptr, size_t len) ++{ ++ if (nb->len != len) { ++ if (nb->len) ++ mem_free(nb->buf, nb->len); ++ nb->buf = mem_alloc(len); ++ if (nb->buf == NULL) ++ return NULL; ++ ++ nb->maxlen = nb->len = len; ++ } ++ memcpy(nb->buf, ptr, len); ++ return nb; ++} ++ + static void + xprt_set_caller(SVCXPRT *xprt, struct finfo *fi) + { ++ const struct netbuf *caller = fi->caller_addr; + u_int32_t *xidp; + +- *(svc_getrpccaller(xprt)) = *(fi->caller_addr); ++ __rpc_set_netbuf(svc_getrpccaller(xprt), caller->buf, caller->len); + xidp = __rpcb_get_dg_xidp(xprt); + *xidp = fi->caller_xid; + } +-- +2.6.4 + diff --git a/source/n/rpcbind/0003-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch b/source/n/rpcbind/0003-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch new file mode 100644 index 00000000..9aa64791 --- /dev/null +++ b/source/n/rpcbind/0003-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch @@ -0,0 +1,40 @@ +From 9194122389f2a56b1cd1f935e64307e2e963c2da Mon Sep 17 00:00:00 2001 +From: Steve Dickson <steved@redhat.com> +Date: Mon, 2 Nov 2015 17:05:18 -0500 +Subject: [PATCH 3/4] handle_reply: Don't use the xp_auth pointer directly + +In the latest libtirpc version to access the xp_auth +one must use the SVC_XP_AUTH macro. To be backwards +compatible a couple ifdefs were added to use the +macro when it exists. + +Signed-off-by: Steve Dickson <steved@redhat.com> +--- + src/rpcb_svc_com.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c +index 4ae93f1..22d6c84 100644 +--- a/src/rpcb_svc_com.c ++++ b/src/rpcb_svc_com.c +@@ -1295,10 +1295,17 @@ handle_reply(int fd, SVCXPRT *xprt) + a.rmt_localvers = fi->versnum; + + xprt_set_caller(xprt, fi); ++#if defined(SVC_XP_AUTH) ++ SVC_XP_AUTH(xprt) = svc_auth_none; ++#else + xprt->xp_auth = &svc_auth_none; ++#endif + svc_sendreply(xprt, (xdrproc_t) xdr_rmtcall_result, (char *) &a); ++#if !defined(SVC_XP_AUTH) + SVCAUTH_DESTROY(xprt->xp_auth); + xprt->xp_auth = NULL; ++#endif ++ + done: + if (buffer) + free(buffer); +-- +2.6.4 + diff --git a/source/n/rpcbind/0004-Delete-the-unix-socket-only-if-we-have-created-it.patch b/source/n/rpcbind/0004-Delete-the-unix-socket-only-if-we-have-created-it.patch new file mode 100644 index 00000000..c54d542e --- /dev/null +++ b/source/n/rpcbind/0004-Delete-the-unix-socket-only-if-we-have-created-it.patch @@ -0,0 +1,51 @@ +From 3a664b1b5a310df39bd0f325b0edb1deb31c2249 Mon Sep 17 00:00:00 2001 +From: Laurent Bigonville <bigon@bigon.be> +Date: Wed, 18 Nov 2015 14:34:26 -0500 +Subject: [PATCH 4/4] Delete the unix socket only if we have created it + +From: Laurent Bigonville <bigon@bigon.be> + +If systemd has created the unix socket on our behalf, we shouldn't try +to delete it. + +https://bugzilla.redhat.com/show_bug.cgi?id=1279076 + +Signed-off-by: Laurent Bigonville <bigon@bigon.be +Signed-off-by: Steve Dickson <steved@redhat.com> +--- + src/rpcbind.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/src/rpcbind.c b/src/rpcbind.c +index 045daa1..c4265cd 100644 +--- a/src/rpcbind.c ++++ b/src/rpcbind.c +@@ -87,6 +87,7 @@ static inline void __nss_configure_lookup(const char *db, const char *s) {} + int debugging = 0; /* Tell me what's going on */ + int doabort = 0; /* When debugging, do an abort on errors */ + int dofork = 1; /* fork? */ ++int createdsocket = 0; /* Did I create the socket or systemd did it for me? */ + + rpcblist_ptr list_rbl; /* A list of version 3/4 rpcbind services */ + +@@ -445,6 +446,7 @@ init_transport(struct netconfig *nconf) + memset(&sun, 0, sizeof sun); + sun.sun_family = AF_LOCAL; + unlink(_PATH_RPCBINDSOCK); ++ createdsocket = 1; /* We are now in the process of creating the unix socket */ + strcpy(sun.sun_path, _PATH_RPCBINDSOCK); + addrlen = SUN_LEN(&sun); + sa = (struct sockaddr *)&sun; +@@ -846,7 +848,8 @@ static void + terminate(int dummy /*__unused*/) + { + close(rpcbindlockfd); +- unlink(_PATH_RPCBINDSOCK); ++ if(createdsocket) ++ unlink(_PATH_RPCBINDSOCK); + unlink(RPCBINDDLOCK); + #ifdef WARMSTART + write_warmstart(); /* Dump yourself */ +-- +2.6.4 + diff --git a/source/n/rpcbind/01.rpcbind-manpage-statefile-explanation.patch b/source/n/rpcbind/01.rpcbind-manpage-statefile-explanation.patch new file mode 100644 index 00000000..946dd1bd --- /dev/null +++ b/source/n/rpcbind/01.rpcbind-manpage-statefile-explanation.patch @@ -0,0 +1,25 @@ +--- rpcbind-0.2.3/man/rpcbind.8 2015-04-27 16:07:43.000000000 +0200 ++++ rpcbind-0.2.3/man/rpcbind.8 2015-09-22 16:25:40.000000000 +0200 +@@ -132,11 +132,20 @@ + .It Fl w + Cause + .Nm +-to do a "warm start" by read a state file when ++to do a "warm start" by attempting to read *.xdr state files from the ++state directory ++.%T /var/state/rpcbind ++when + .Nm +-starts up. The state file is created when ++starts up. The state files are created when + .Nm + terminates. ++.Pp ++This allows for restarting ++.Nm ++without the need to restart all RPC services that have previously registered. ++The state file serves similar purpose like the file created/restored by ++pmap_dump and pmap_set utilities, distributed with old portmap server package. + .El + .Sh NOTES + All RPC servers must be restarted if diff --git a/source/n/openssl/openssl0/doinst.sh-openssl-solibs b/source/n/rpcbind/doinst.sh index ed4fdfac..5f7dfaf5 100644 --- a/source/n/openssl/openssl0/doinst.sh-openssl-solibs +++ b/source/n/rpcbind/doinst.sh @@ -9,4 +9,16 @@ config() { fi # Otherwise, we leave the .new copy for the admin to consider... } -config etc/ssl/openssl.cnf.new + +preserve_perms() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + if [ -e $OLD ]; then + cp -a $OLD ${NEW}.incoming + cat $NEW > ${NEW}.incoming + mv ${NEW}.incoming $NEW + fi + config $NEW +} + +preserve_perms etc/rc.d/rc.rpc.new diff --git a/source/n/portmap/rc.rpc b/source/n/rpcbind/rc.rpc index 43492329..c850c556 100644 --- a/source/n/portmap/rc.rpc +++ b/source/n/rpcbind/rc.rpc @@ -10,10 +10,10 @@ # rpc_start() { - if [ -x /sbin/rpc.portmap -a -x /sbin/rpc.statd ]; then - if ! ps axc | grep -q rpc.portmap ; then - echo "Starting RPC portmapper: /sbin/rpc.portmap" - /sbin/rpc.portmap + if [ -x /sbin/rpcbind -a -x /sbin/rpc.statd ]; then + if ! ps axc | grep -q rpcbind ; then + echo "Starting RPC portmapper: /sbin/rpcbind -l $1" + /sbin/rpcbind -l $1 fi if ! ps axc | grep -q rpc.statd ; then echo "Starting RPC NSM (Network Status Monitor): /sbin/rpc.statd" @@ -24,7 +24,7 @@ rpc_start() { echo " these required daemons is not executable or is not present" echo " on your system:" echo - echo " /sbin/rpc.portmap or /sbin/rpc.statd" + echo " /sbin/rpcbind or /sbin/rpc.statd" echo fi } @@ -32,11 +32,11 @@ rpc_start() { rpc_stop() { killall rpc.statd 2> /dev/null sleep 1 - killall rpc.portmap 2> /dev/null + killall rpcbind 2> /dev/null sleep 1 killall -9 rpc.statd 2> /dev/null # make sure :) sleep 1 - killall -9 rpc.portmap 2> /dev/null # make sure :) + killall -9 rpcbind 2> /dev/null # make sure :) sleep 1 } @@ -47,6 +47,10 @@ rpc_restart() { case "$1" in 'start') + # Warm restart by default (see "man rpcbind" for details about the -w option) + rpc_start -w + ;; +'cold_start') # Start without -w option rpc_start ;; 'stop') diff --git a/source/n/rpcbind/rpcbind.SlackBuild b/source/n/rpcbind/rpcbind.SlackBuild new file mode 100755 index 00000000..d10f5852 --- /dev/null +++ b/source/n/rpcbind/rpcbind.SlackBuild @@ -0,0 +1,149 @@ +#!/bin/sh + +# Copyright 2015 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=rpcbind +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i586 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +elif [ "$ARCH" = "armv7hl" ]; then + SLKCFLAGS="-O3 -march=armv7-a -mfpu=vfpv3-d16" + LIBDIRSUFFIX="" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1 +cd $PKGNAM-$VERSION || exit 1 + +zcat $CWD/0001-security.c-removed-warning.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/0002-Fix-memory-corruption-in-PMAP_CALLIT-code.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/0003-handle_reply-Don-t-use-the-xp_auth-pointer-directly.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/0004-Delete-the-unix-socket-only-if-we-have-created-it.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/01.rpcbind-manpage-statefile-explanation.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/rpcbind.lwrap.needs.lnsl.diff.gz | patch -p1 --verbose || exit 1 + +# This is needed after the patch above: +autoreconf -vif || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Configure: +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --bindir=/sbin \ + --libdir=/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --enable-libwrap \ + --enable-warmstarts \ + --with-statedir=/var/state/rpcbind \ + --with-rpcuser=bin \ + --with-nss-modules="files" \ + --without-systemdsystemunitdir \ + --build=$ARCH-slackware-linux || exit 1 + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Make state directory: +mkdir -p $PKG/var/state/rpcbind +chown bin:root $PKG/var/state/rpcbind + +# Install init script: +mkdir -p $PKG/etc/rc.d +zcat $CWD/rc.rpc.gz > $PKG/etc/rc.d/rc.rpc.new + +# Strip binaries: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a \ + AUTHORS COPYING* NEWS README* \ + $PKG/usr/doc/${PKGNAM}-$VERSION + +# Compress manual pages: +find $PKG/usr/man -type f -exec gzip -9 {} \; +for i in $( find $PKG/usr/man -type l ) ; do + ln -s $( readlink $i ).gz $i.gz + rm $i +done + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/source/n/rpcbind/rpcbind.lwrap.needs.lnsl.diff b/source/n/rpcbind/rpcbind.lwrap.needs.lnsl.diff new file mode 100644 index 00000000..43f2bdf8 --- /dev/null +++ b/source/n/rpcbind/rpcbind.lwrap.needs.lnsl.diff @@ -0,0 +1,14 @@ +--- ./configure.ac.orig 2015-04-27 09:07:43.000000000 -0500 ++++ ./configure.ac 2015-12-14 13:34:54.592931654 -0600 +@@ -52,6 +52,11 @@ + fi + AM_CONDITIONAL(SYSTEMD, [test -n "$with_systemdsystemunitdir" -a "x$with_systemdsystemunitdir" != xno ]) + ++AC_SEARCH_LIBS(yp_get_default_domain, nsl) ++AC_MSG_CHECKING([for hosts_access in -lwrap]) ++saved_LIBS="$LIBS" ++LIBS="$saved_LIBS -lwrap" ++ + AS_IF([test x$enable_libwrap = xyes], [ + AC_CHECK_LIB([wrap], [hosts_access], , + AC_MSG_ERROR([libwrap support requested but unable to find libwrap])) diff --git a/source/n/rpcbind/slack-desc b/source/n/rpcbind/slack-desc new file mode 100644 index 00000000..70adeb78 --- /dev/null +++ b/source/n/rpcbind/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +rpcbind: rpcbind (a daemon to manage RPC connections) +rpcbind: +rpcbind: This is a network daemon used to manage connections to RPC services. +rpcbind: It is meant as a replacement for the 'rpc.portmap' server from the +rpcbind: 'portmap' package. Daemons that offer RPC services (such as the +rpcbind: daemons for NFS) tell the rpcbind on what port they listen. +rpcbind: RPC network port numbers may change each time the system is booted. +rpcbind: +rpcbind: This package is required to use NFS or other RPC services. +rpcbind: +rpcbind: Homepage: http://sourceforge.net/projects/rpcbind/ diff --git a/source/n/rsync/rsync.SlackBuild b/source/n/rsync/rsync.SlackBuild index 5c48629a..767ad506 100755 --- a/source/n/rsync/rsync.SlackBuild +++ b/source/n/rsync/rsync.SlackBuild @@ -28,15 +28,15 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac fi -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" elif [ "$ARCH" = "x86_64" ]; then diff --git a/source/n/rsync/slack-desc b/source/n/rsync/slack-desc index 23284ae6..7e3b7089 100644 --- a/source/n/rsync/slack-desc +++ b/source/n/rsync/slack-desc @@ -13,7 +13,7 @@ rsync: uses the "rsync algorithm" which provides a very fast method for rsync: bringing remote files into sync. It does this by sending just the rsync: differences in the files across the link, without requiring that both rsync: sets of files are present at one of the ends of the link beforehand. -rsync: rsync: rsync was written by Andrew Tridgell and Paul Mackerras. rsync: +rsync: Homepage: http://rsync.samba.org rsync: diff --git a/source/n/samba/doinst.sh b/source/n/samba/doinst.sh index eb2b0b58..ff09d316 100644 --- a/source/n/samba/doinst.sh +++ b/source/n/samba/doinst.sh @@ -10,8 +10,33 @@ config() { fi # Otherwise, we leave the .new copy for the admin to consider... } -config etc/rc.d/rc.samba.new +preserve_perms() { + NEW="$1" + OLD="$(dirname ${NEW})/$(basename ${NEW} .new)" + if [ -e ${OLD} ]; then + cp -a ${OLD} ${NEW}.incoming + cat ${NEW} > ${NEW}.incoming + mv ${NEW}.incoming ${NEW} + fi + config ${NEW} +} + config etc/samba/lmhosts.new -# This won't be needed. The point here is to preserve the permissions of the existing -# file, if there is one. I don't see major new development happening in rc.samba... ;-) -rm -f etc/rc.d/rc.samba.new +preserve_perms etc/rc.d/rc.samba.new + +# Commented out 2014-09-15 just in case we do need to change this. +## This won't be needed. The point here is to preserve the permissions of the existing +## file, if there is one. I don't see major new development happening in rc.samba... ;-) +#rm -f etc/rc.d/rc.samba.new + +# Since /etc/samba/private/ has moved to /var/lib/samba/private, migrate any +# important files if possible: +if [ -d etc/samba/private -a -d var/lib/samba/private ]; then + for file in etc/samba/private/* ; do + if [ -r "$file" -a ! -r "var/lib/samba/private/$(basename $file)" ]; then + mv "$file" var/lib/samba/private + fi + done + # Might as well try to eliminate this directory, since it should be empty: + rmdir etc/samba/private 1> /dev/null 2> /dev/null +fi diff --git a/source/n/samba/rc.samba b/source/n/samba/rc.samba index 2a28f3e5..5b98b879 100644 --- a/source/n/samba/rc.samba +++ b/source/n/samba/rc.samba @@ -10,10 +10,13 @@ samba_start() { if [ -x /usr/sbin/smbd -a -x /usr/sbin/nmbd -a -r /etc/samba/smb.conf ]; then + mkdir -p /var/run/samba echo "Starting Samba: /usr/sbin/smbd -D" /usr/sbin/smbd -D echo " /usr/sbin/nmbd -D" /usr/sbin/nmbd -D + elif [ ! -r /etc/samba/smb.conf ]; then + echo "ERROR: cannot start Samba since /etc/samba/smb.conf does not exist" fi } diff --git a/source/n/samba/samba.SlackBuild b/source/n/samba/samba.SlackBuild index 2257abb8..a7406724 100755 --- a/source/n/samba/samba.SlackBuild +++ b/source/n/samba/samba.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2012, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2008, 2009, 2010, 2012, 2013, 2015, 2016 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -24,7 +24,7 @@ VERSION=${VERSION:-$(echo samba-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-3} if [ -e $CWD/machine.conf ]; then . $CWD/machine.conf ] @@ -34,15 +34,15 @@ else # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac fi # Set CFLAGS/CXXFLAGS and LIBDIRSUFFIX: - if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" + if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -81,6 +81,9 @@ rm -rf samba-$VERSION tar xvf $CWD/samba-$VERSION.tar.xz || exit 1 cd samba-$VERSION || exit 1 +# Patch to install talloc/tevent/tdb libraries and includes: +zcat $CWD/samba.install.talloc.tevent.tdb.diff.gz | patch -p1 --verbose || exit 1 + if [ ! -d source3/lib/cmdline ]; then ( cd source3/lib mkdir cmdline @@ -113,7 +116,7 @@ CFLAGS="$SLKCFLAGS" \ --sysconfdir=/etc \ --with-configdir=/etc/samba \ --with-piddir=/var/run \ - --with-privatedir=/etc/samba/private \ + --with-privatedir=/var/lib/samba/private \ --with-privatelibdir=/usr/lib${LIBDIRSUFFIX} \ --with-modulesdir=/usr/lib${LIBDIRSUFFIX} \ --with-lockdir=/var/cache/samba \ @@ -134,56 +137,23 @@ CFLAGS="$SLKCFLAGS" \ #--builtin-libraries=replace,ccan \ #--bundled-libraries=heimdal \ -# -j options don't seem to work... +# -j options don't seem to work... [Yes they do! At least try to use -j below...] JOBS=6 MAXJOBS=6 export JOBS MAXJOBS -make || exit 1 +make -j $MAXJOBS || make || exit 1 mkdir -p \ $PKG/usr/doc/samba-$VERSION \ $PKG/var/spool/samba \ $PKG/var/log/samba \ - $PKG/etc/samba/private \ + $PKG/var/lib/samba/private \ $PKG/var/cache/samba -chmod 700 $PKG/etc/samba/private +chmod 700 $PKG/var/lib/samba/private chmod 1777 $PKG/var/spool/samba make install DESTDIR=$PKG || exit 1 -# Install pkgconfig files: -mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig -if [ ! -r $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/talloc.pc ]; then - cat $CWD/talloc.pc | sed -e "s/\/lib/\/lib${LIBDIRSUFFIX}/" > $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/talloc.pc -fi -if [ ! -r $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/pytalloc-util.pc ]; then - cat $CWD/pytalloc-util.pc | sed -e "s/\/lib/\/lib${LIBDIRSUFFIX}/" > $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/pytalloc-util.pc -fi - -# Install talloc.h: -if [ ! -r $PKG/usr/include/talloc.h ]; then - cp -a lib/talloc/talloc.h $PKG/usr/include - chown root:root $PKG/usr/include/talloc.h - chmod 644 $PKG/usr/include/talloc.h -fi - -# Make symlink for pytalloc.h in /usr/include: -if [ ! -r $PKG/usr/include/pytalloc.h ]; then - if [ -r $PKG/usr/include/samba-4.0/pytalloc.h ]; then - ( cd $PKG/usr/include ; ln -sf samba-4.0/pytalloc.h . ) - fi -fi - -# Make symlink for libtalloc.so: -if [ ! -r $PKG/usr/lib${LIBDIRSUFFIX}/libtalloc.so -a -r $PKG/usr/lib${LIBDIRSUFFIX}/libtalloc.so.? ]; then - ( cd $PKG/usr/lib${LIBDIRSUFFIX} ; ln -sf libtalloc.so.? libtalloc.so ) -fi - -# Make symlink for libpytalloc-util.so: -if [ ! -r $PKG/usr/lib${LIBDIRSUFFIX}/libpytalloc-util.so -a -r $PKG/usr/lib${LIBDIRSUFFIX}/libpytalloc-util.so.? ]; then - ( cd $PKG/usr/lib${LIBDIRSUFFIX} ; ln -sf libpytalloc-util.so.? libpytalloc-util.so ) -fi - # Install the smbprint script: install -m0744 packaging/printing/smbprint $PKG/usr/bin/smbprint @@ -236,9 +206,9 @@ cat << EOF *** Be sure the package contains: -drwx------ 2 root root 1024 Mar 12 13:21 /etc/samba/private drwxr-xr-x 2 root root 4096 May 3 15:46 /var/cache/samba/ -drwxr-xr-x 2 root root 48 Aug 29 13:06 /var/log/samba/ +drwx------ 2 root root 1024 Mar 12 13:21 /var/lib/samba/private +drwxr-xr-x 2 root root 48 Aug 29 13:06 /var/log/samba/ drwxrwxrwt 2 root root 1024 Mar 12 13:21 /var/spool/samba/ EOF diff --git a/source/n/samba/samba.install.talloc.tevent.tdb.diff b/source/n/samba/samba.install.talloc.tevent.tdb.diff new file mode 100644 index 00000000..9410f2b7 --- /dev/null +++ b/source/n/samba/samba.install.talloc.tevent.tdb.diff @@ -0,0 +1,102 @@ +--- ./lib/tevent/wscript.orig 2016-03-08 05:07:45.000000000 -0600 ++++ ./lib/tevent/wscript 2016-04-11 12:45:14.299532166 -0500 +@@ -92,11 +92,8 @@ + if bld.CONFIG_SET('HAVE_SOLARIS_PORTS'): + SRC += ' tevent_port.c' + +- if bld.env.standalone_tevent: +- bld.env.PKGCONFIGDIR = '${LIBDIR}/pkgconfig' +- private_library = False +- else: +- private_library = True ++ bld.env.PKGCONFIGDIR = '${LIBDIR}/pkgconfig' ++ private_library = False + + if not bld.CONFIG_SET('USING_SYSTEM_TEVENT'): + bld.SAMBA_LIBRARY('tevent', +--- ./lib/tdb/wscript.orig 2016-01-26 05:45:46.000000000 -0600 ++++ ./lib/tdb/wscript 2016-04-11 12:45:14.301532166 -0500 +@@ -117,11 +117,8 @@ + + COMMON_SRC = bld.SUBDIR('common', COMMON_FILES) + +- if bld.env.standalone_tdb: +- bld.env.PKGCONFIGDIR = '${LIBDIR}/pkgconfig' +- private_library = False +- else: +- private_library = True ++ bld.env.PKGCONFIGDIR = '${LIBDIR}/pkgconfig' ++ private_library = False + + if not bld.CONFIG_SET('USING_SYSTEM_TDB'): + +--- ./lib/talloc/wscript.orig 2016-04-11 12:45:14.295532166 -0500 ++++ ./lib/talloc/wscript 2016-04-11 12:45:26.761531768 -0500 +@@ -77,41 +77,39 @@ + def build(bld): + bld.RECURSE('lib/replace') + +- if bld.env.standalone_talloc: +- bld.env.PKGCONFIGDIR = '${LIBDIR}/pkgconfig' +- bld.env.TALLOC_VERSION = VERSION +- private_library = False +- +- # should we also install the symlink to libtalloc1.so here? +- bld.SAMBA_LIBRARY('talloc-compat1-%s' % (VERSION), +- 'compat/talloc_compat1.c', +- public_deps='talloc', +- soname='libtalloc.so.1', +- pc_files=[], +- public_headers=[], +- enabled=bld.env.TALLOC_COMPAT1) +- +- testsuite_deps = 'talloc' +- if bld.CONFIG_SET('HAVE_PTHREAD'): +- testsuite_deps += ' pthread' +- +- bld.SAMBA_BINARY('talloc_testsuite', +- 'testsuite_main.c testsuite.c', +- testsuite_deps, +- install=False) +- +- bld.SAMBA_BINARY('talloc_test_magic_differs_helper', +- 'test_magic_differs_helper.c', +- 'talloc', install=False) ++ bld.env.PKGCONFIGDIR = '${LIBDIR}/pkgconfig' ++ bld.env.TALLOC_VERSION = VERSION ++ private_library = False ++ ++ # should we also install the symlink to libtalloc1.so here? ++ bld.SAMBA_LIBRARY('talloc-compat1-%s' % (VERSION), ++ 'compat/talloc_compat1.c', ++ public_deps='talloc', ++ soname='libtalloc.so.1', ++ pc_files=[], ++ public_headers=[], ++ enabled=bld.env.TALLOC_COMPAT1) ++ ++ testsuite_deps = 'talloc' ++ if bld.CONFIG_SET('HAVE_PTHREAD'): ++ testsuite_deps += ' pthread' ++ ++ bld.SAMBA_BINARY('talloc_testsuite', ++ 'testsuite_main.c testsuite.c', ++ testsuite_deps, ++ install=False) ++ ++ bld.SAMBA_BINARY('talloc_test_magic_differs_helper', ++ 'test_magic_differs_helper.c', ++ 'talloc', install=False) + +- else: +- private_library = True + + if not bld.CONFIG_SET('USING_SYSTEM_TALLOC'): + + bld.SAMBA_LIBRARY('talloc', + 'talloc.c', + deps='replace', ++ includes='.', + abi_directory='ABI', + abi_match='talloc* _talloc*', + hide_symbols=True, diff --git a/source/n/sendmail/SlackBuild-sendmail b/source/n/sendmail/SlackBuild-sendmail index 3a46a527..c3701746 100755 --- a/source/n/sendmail/SlackBuild-sendmail +++ b/source/n/sendmail/SlackBuild-sendmail @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2012, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2008, 2009, 2010, 2012, 2013, 2014, 2015 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -20,13 +20,13 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=8.14.7 -BUILD=${BUILD:-1} +VERSION=8.15.2 +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -37,8 +37,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-sendmail -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" diff --git a/source/n/sendmail/SlackBuild-sendmail-cf b/source/n/sendmail/SlackBuild-sendmail-cf index ad344fa7..69d1fef2 100755 --- a/source/n/sendmail/SlackBuild-sendmail-cf +++ b/source/n/sendmail/SlackBuild-sendmail-cf @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2012, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2008, 2009, 2012, 2013, 2014, 2015 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -20,9 +20,9 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=8.14.7 +VERSION=8.15.2 ARCH=noarch -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} CWD=$(pwd) TMP=${TMP:-/tmp} diff --git a/source/n/sendmail/SlackBuild b/source/n/sendmail/sendmail.SlackBuild index 462f16e9..462f16e9 100755 --- a/source/n/sendmail/SlackBuild +++ b/source/n/sendmail/sendmail.SlackBuild diff --git a/source/n/slrn/slrn.SlackBuild b/source/n/slrn/slrn.SlackBuild index 24a07fc8..487a6462 100755 --- a/source/n/slrn/slrn.SlackBuild +++ b/source/n/slrn/slrn.SlackBuild @@ -21,7 +21,7 @@ # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -VERSION=1.0.1 +VERSION=1.0.2 BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: diff --git a/source/n/stunnel/doinst.sh b/source/n/stunnel/doinst.sh index 0d6e8896..21f004b0 100644 --- a/source/n/stunnel/doinst.sh +++ b/source/n/stunnel/doinst.sh @@ -9,4 +9,4 @@ config() { fi # Otherwise, we leave the .new copy for the admin to consider... } -config etc/stunnel/stunnel.cnf.new +config etc/stunnel/openssl.cnf.new diff --git a/source/n/stunnel/generate-stunnel-key.sh b/source/n/stunnel/generate-stunnel-key.sh index e1e85280..6b344964 100644 --- a/source/n/stunnel/generate-stunnel-key.sh +++ b/source/n/stunnel/generate-stunnel-key.sh @@ -4,7 +4,7 @@ USE_DH=0 openssl req -new -x509 -days 365 -nodes \ -config ./stunnel.cnf -out stunnel.pem -keyout stunnel.pem -test $USE_DH -eq 0 || openssl gendh 512 >> stunnel.pem +test $USE_DH -eq 0 || openssl gendh >> stunnel.pem openssl x509 -subject -dates -fingerprint -noout \ -in stunnel.pem diff --git a/source/n/stunnel/stunnel.SlackBuild b/source/n/stunnel/stunnel.SlackBuild index f988a3c4..e8940bb3 100755 --- a/source/n/stunnel/stunnel.SlackBuild +++ b/source/n/stunnel/stunnel.SlackBuild @@ -28,7 +28,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -37,8 +37,8 @@ fi NUMJOBS=${NUMJOBS:-" -j7 "} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -98,7 +98,7 @@ make -i install DESTDIR=$PKG # Get rid of key, so nobody tries to use it: rm -f $PKG/etc/stunnel/stunnel.pem # Add cnf: -cat tools/stunnel.cnf > $PKG/etc/stunnel/stunnel.cnf.new +cat tools/openssl.cnf > $PKG/etc/stunnel/openssl.cnf.new cat $CWD/generate-stunnel-key.sh > $PKG/etc/stunnel/generate-stunnel-key.sh chmod 755 $PKG/etc/stunnel/generate-stunnel-key.sh diff --git a/source/n/tcpdump/tcpdump.SlackBuild b/source/n/tcpdump/tcpdump.SlackBuild index 2462d416..78cfae88 100755 --- a/source/n/tcpdump/tcpdump.SlackBuild +++ b/source/n/tcpdump/tcpdump.SlackBuild @@ -27,7 +27,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; diff --git a/source/n/tftp-hpa/tftp-hpa.SlackBuild b/source/n/tftp-hpa/tftp-hpa.SlackBuild index b5b36fbc..0e783c93 100755 --- a/source/n/tftp-hpa/tftp-hpa.SlackBuild +++ b/source/n/tftp-hpa/tftp-hpa.SlackBuild @@ -23,7 +23,7 @@ PKGNAM=tftp-hpa VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then diff --git a/source/n/tin/tin-2.2.1.tar.xz.sign b/source/n/tin/tin-2.2.1.tar.xz.sign new file mode 100644 index 00000000..382b3f9e --- /dev/null +++ b/source/n/tin/tin-2.2.1.tar.xz.sign @@ -0,0 +1,9 @@ +-----BEGIN PGP MESSAGE----- +Version: 2.6.3ia + +iQCVAwUAU2YiAFpJVQ60kLTRAQE5JAP/b5DEPA7cg3TPGX9tbu0wP1JELHPLz7i6 +4VW9l/jGLn+hE9Se3DIYa4uWVgSePDkjCbm1rLEaOK6ztu7pIejbT45zZyWyecvx +YmsnPoSWVxcA8AUBl4Xl16npRHRXOMz2WVnV1kpKPLS7Dhn06Iq25n/vXygTih68 +8V8r/w4DLMA= +=IK1p +-----END PGP MESSAGE----- diff --git a/source/n/tin/tin.SlackBuild b/source/n/tin/tin.SlackBuild index 1e0f2908..b8304b18 100755 --- a/source/n/tin/tin.SlackBuild +++ b/source/n/tin/tin.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2013, 2014 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,13 +22,13 @@ PKGNAM=tin -VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-3} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -44,7 +44,7 @@ mkdir -p $TMP $PKG cd $TMP rm -rf tin-$VERSION -tar xvf $CWD/tin-$VERSION.tar.?z* || exit 1 +tar xvf $CWD/tin-$VERSION.tar.xz || exit 1 cd tin-$VERSION || exit 1 chown -R root:root . find . \ diff --git a/source/n/traceroute/traceroute.SlackBuild b/source/n/traceroute/traceroute.SlackBuild index 069ce1f1..bf90465e 100755 --- a/source/n/traceroute/traceroute.SlackBuild +++ b/source/n/traceroute/traceroute.SlackBuild @@ -28,7 +28,7 @@ BUILD=${BUILD:-1} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; diff --git a/source/n/ulogd/ulogd.SlackBuild b/source/n/ulogd/ulogd.SlackBuild index 3e7eaade..3dac9082 100755 --- a/source/n/ulogd/ulogd.SlackBuild +++ b/source/n/ulogd/ulogd.SlackBuild @@ -31,7 +31,7 @@ NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) ARCH=i486 ;; + i?86) ARCH=i586 ;; arm*) ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) ARCH=$( uname -m ) ;; @@ -42,8 +42,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-$PKGNAM -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "i686" ]; then SLKCFLAGS="-O2 -march=i686 -mtune=i686" diff --git a/source/n/vsftpd/slack-desc b/source/n/vsftpd/slack-desc index 82b9f521..cc4b231e 100644 --- a/source/n/vsftpd/slack-desc +++ b/source/n/vsftpd/slack-desc @@ -13,7 +13,7 @@ vsftpd: Obviously this is not a guarantee, but a reflection that the entire vsftpd: codebase was written with security in mind, and carefully designed to vsftpd: be resilient to attack (as well as extremely fast and scalable). vsftpd: -vsftpd: The vsftpd homepage is http://vsftpd.beasts.org/ +vsftpd: The vsftpd homepage is https://security.appspot.com/vsftpd.html vsftpd: vsftpd: The Very Secure FTP Daemon was written by Chris Evans. vsftpd: diff --git a/source/n/vsftpd/vsftpd.SlackBuild b/source/n/vsftpd/vsftpd.SlackBuild index 9a2e7fc8..f03206b6 100755 --- a/source/n/vsftpd/vsftpd.SlackBuild +++ b/source/n/vsftpd/vsftpd.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2012, 2016 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,14 +22,14 @@ PKGNAM=vsftpd VERSION=${VERSION:-$(echo ${PKGNAM}-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-1} +BUILD=${BUILD:-3} NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -62,6 +62,7 @@ find . \ zcat $CWD/vsftpd.builddefs.diff.gz | patch -p1 --verbose || exit 1 zcat $CWD/vsftpd.conf.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/vsftpd.crypt.diff.gz | patch -p1 --verbose || exit 1 make $NUMJOBS || make || exit 1 diff --git a/source/n/vsftpd/vsftpd.conf.diff b/source/n/vsftpd/vsftpd.conf.diff index 1f410a7a..ac3c6ab2 100644 --- a/source/n/vsftpd/vsftpd.conf.diff +++ b/source/n/vsftpd/vsftpd.conf.diff @@ -1,6 +1,5 @@ -diff -Nur vsftpd-2.2.1.orig/vsftpd.conf vsftpd-2.2.1/vsftpd.conf ---- vsftpd-2.2.1.orig/vsftpd.conf 2009-10-18 21:04:23.000000000 -0500 -+++ vsftpd-2.2.1/vsftpd.conf 2009-10-19 10:22:16.609407947 -0500 +--- ./vsftpd.conf.orig 2011-12-17 12:24:40.000000000 -0600 ++++ ./vsftpd.conf 2016-04-11 18:34:26.772862375 -0500 @@ -19,7 +19,7 @@ # # Default umask for local users is 077. You may wish to change this to 022, @@ -24,7 +23,7 @@ diff -Nur vsftpd-2.2.1.orig/vsftpd.conf vsftpd-2.2.1/vsftpd.conf # # You may change the default value for timing out an idle session. #idle_session_timeout=600 -@@ -101,12 +101,13 @@ +@@ -104,14 +104,24 @@ # default to avoid remote users being able to cause excessive I/O on large # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume # the presence of the "-R" option, so there is a strong case for enabling it. @@ -43,3 +42,14 @@ diff -Nur vsftpd-2.2.1.orig/vsftpd.conf vsftpd-2.2.1/vsftpd.conf # # This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6 # sockets, you must run two copies of vsftpd with two configuration files. + # Make sure, that one of the listen options is commented !! + #listen_ipv6=YES ++# ++# The seccomp sandbox feature adds an additional layer of security, but has ++# been known to cause various problems depending on the kernel version. ++# Problems may include kernel audit warnings in the system logs, or even ++# failure to get a directory listing (or do much of anything in directories ++# with enough files to trigger the issue). ++# If you see errors like "OOPS: priv_sock_get_cmd" make sure this option is ++# set to NO. We'll set it to NO by default since we want a reliable ftpd. ++seccomp_sandbox=NO diff --git a/source/n/vsftpd/vsftpd.crypt.diff b/source/n/vsftpd/vsftpd.crypt.diff new file mode 100644 index 00000000..87503d57 --- /dev/null +++ b/source/n/vsftpd/vsftpd.crypt.diff @@ -0,0 +1,20 @@ +--- ./sysdeputil.c.orig 2012-09-15 23:18:04.000000000 -0500 ++++ ./sysdeputil.c 2016-06-12 23:49:19.539253144 -0500 +@@ -285,7 +285,7 @@ + return 0; + } + p_crypted = crypt(str_getbuf(p_pass_str), p_spwd->sp_pwdp); +- if (!vsf_sysutil_strcmp(p_crypted, p_spwd->sp_pwdp)) ++ if (p_crypted != NULL && !vsf_sysutil_strcmp(p_crypted, p_spwd->sp_pwdp)) + { + return 1; + } +@@ -293,7 +293,7 @@ + } + #endif /* VSF_SYSDEP_HAVE_SHADOW */ + p_crypted = crypt(str_getbuf(p_pass_str), p_pwd->pw_passwd); +- if (!vsf_sysutil_strcmp(p_crypted, p_pwd->pw_passwd)) ++ if (p_crypted != NULL && !vsf_sysutil_strcmp(p_crypted, p_pwd->pw_passwd)) + { + return 1; + } diff --git a/source/n/wget/wget.SlackBuild b/source/n/wget/wget.SlackBuild index c2954cbd..39c0c54c 100755 --- a/source/n/wget/wget.SlackBuild +++ b/source/n/wget/wget.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2012, 2013 Patrick J. Volkerding, Sebeka, Minnesota, USA +# Copyright 2008, 2009, 2010, 2012, 2013, 2014, 2015 Patrick J. Volkerding, Sebeka, Minnesota, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -22,14 +22,14 @@ VERSION=${VERSION:-$(echo wget-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-2} +BUILD=${BUILD:-1} NUMJOBS=${NUMJOBS:-" -j7 "} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -38,8 +38,8 @@ fi if [ "$ARCH" = "i386" ]; then SLKCFLAGS="-O2 -march=i386 -mtune=i686" -elif [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" elif [ "$ARCH" = "x86_64" ]; then @@ -58,6 +58,7 @@ cd $TMP rm -rf wget-$VERSION tar xvf $CWD/wget-$VERSION.tar.xz || exit 1 cd wget-$VERSION + chown -R root:root . find . \ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ @@ -73,7 +74,7 @@ CFLAGS="$SLKCFLAGS" \ --infodir=/usr/info \ --docdir=/usr/doc/wget-$VERSION \ --with-ssl=openssl \ - --build=${ARCH}-slackware-linux + --build=${ARCH}-slackware-linux || exit 1 make $NUMJOBS || make || exit 1 make install DESTDIR=$PKG || exit 1 diff --git a/source/n/whois/whois.SlackBuild b/source/n/whois/whois.SlackBuild index 7a98ac31..b2c02cbe 100755 --- a/source/n/whois/whois.SlackBuild +++ b/source/n/whois/whois.SlackBuild @@ -27,7 +27,7 @@ BUILD=${BUILD:-1} # Automatically determine architecture for build & packaging: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac @@ -54,7 +54,13 @@ make HAVE_LIBIDN=y || exit make install install-pos BASEDIR=$PKG || exit 1 mv $PKG/usr/share/man $PKG/usr -gzip -9 $PKG/usr/man/man1/*.1 + +# Compress manual pages: +find $PKG/usr/man -type f -exec gzip -9 {} \; +for i in $( find $PKG/usr/man -type l ) ; do + ln -s $( readlink $i ).gz $i.gz + rm $i +done # Remove mkpasswd stuff: find $PKG -iname "mkpasswd*" -exec rm -f {} \; diff --git a/source/n/wpa_supplicant/patches/assoc-timeout.diff b/source/n/wpa_supplicant/patches/assoc-timeout.diff index 5739705c..8be4d2cd 100644 --- a/source/n/wpa_supplicant/patches/assoc-timeout.diff +++ b/source/n/wpa_supplicant/patches/assoc-timeout.diff @@ -14,3803 +14,3 @@ diff -Nur wpa_supplicant-2.0.orig/wpa_supplicant/wpa_supplicant.c wpa_supplicant } wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); } -diff -Nur wpa_supplicant-2.0.orig/wpa_supplicant/wpa_supplicant.c.orig wpa_supplicant-2.0/wpa_supplicant/wpa_supplicant.c.orig ---- wpa_supplicant-2.0.orig/wpa_supplicant/wpa_supplicant.c.orig 1969-12-31 18:00:00.000000000 -0600 -+++ wpa_supplicant-2.0/wpa_supplicant/wpa_supplicant.c.orig 2013-01-12 09:42:53.000000000 -0600 -@@ -0,0 +1,3796 @@ -+/* -+ * WPA Supplicant -+ * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi> -+ * -+ * This software may be distributed under the terms of the BSD license. -+ * See README for more details. -+ * -+ * This file implements functions for registering and unregistering -+ * %wpa_supplicant interfaces. In addition, this file contains number of -+ * functions for managing network connections. -+ */ -+ -+#include "includes.h" -+ -+#include "common.h" -+#include "crypto/random.h" -+#include "crypto/sha1.h" -+#include "eapol_supp/eapol_supp_sm.h" -+#include "eap_peer/eap.h" -+#include "eap_server/eap_methods.h" -+#include "rsn_supp/wpa.h" -+#include "eloop.h" -+#include "config.h" -+#include "utils/ext_password.h" -+#include "l2_packet/l2_packet.h" -+#include "wpa_supplicant_i.h" -+#include "driver_i.h" -+#include "ctrl_iface.h" -+#include "pcsc_funcs.h" -+#include "common/version.h" -+#include "rsn_supp/preauth.h" -+#include "rsn_supp/pmksa_cache.h" -+#include "common/wpa_ctrl.h" -+#include "common/ieee802_11_defs.h" -+#include "p2p/p2p.h" -+#include "blacklist.h" -+#include "wpas_glue.h" -+#include "wps_supplicant.h" -+#include "ibss_rsn.h" -+#include "sme.h" -+#include "gas_query.h" -+#include "ap.h" -+#include "p2p_supplicant.h" -+#include "wifi_display.h" -+#include "notify.h" -+#include "bgscan.h" -+#include "autoscan.h" -+#include "bss.h" -+#include "scan.h" -+#include "offchannel.h" -+#include "hs20_supplicant.h" -+ -+const char *wpa_supplicant_version = -+"wpa_supplicant v" VERSION_STR "\n" -+"Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi> and contributors"; -+ -+const char *wpa_supplicant_license = -+"This software may be distributed under the terms of the BSD license.\n" -+"See README for more details.\n" -+#ifdef EAP_TLS_OPENSSL -+"\nThis product includes software developed by the OpenSSL Project\n" -+"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n" -+#endif /* EAP_TLS_OPENSSL */ -+; -+ -+#ifndef CONFIG_NO_STDOUT_DEBUG -+/* Long text divided into parts in order to fit in C89 strings size limits. */ -+const char *wpa_supplicant_full_license1 = -+""; -+const char *wpa_supplicant_full_license2 = -+"This software may be distributed under the terms of the BSD license.\n" -+"\n" -+"Redistribution and use in source and binary forms, with or without\n" -+"modification, are permitted provided that the following conditions are\n" -+"met:\n" -+"\n"; -+const char *wpa_supplicant_full_license3 = -+"1. Redistributions of source code must retain the above copyright\n" -+" notice, this list of conditions and the following disclaimer.\n" -+"\n" -+"2. Redistributions in binary form must reproduce the above copyright\n" -+" notice, this list of conditions and the following disclaimer in the\n" -+" documentation and/or other materials provided with the distribution.\n" -+"\n"; -+const char *wpa_supplicant_full_license4 = -+"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n" -+" names of its contributors may be used to endorse or promote products\n" -+" derived from this software without specific prior written permission.\n" -+"\n" -+"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n" -+"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n" -+"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n" -+"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n"; -+const char *wpa_supplicant_full_license5 = -+"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n" -+"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n" -+"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n" -+"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n" -+"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n" -+"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n" -+"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n" -+"\n"; -+#endif /* CONFIG_NO_STDOUT_DEBUG */ -+ -+extern int wpa_debug_level; -+extern int wpa_debug_show_keys; -+extern int wpa_debug_timestamp; -+extern struct wpa_driver_ops *wpa_drivers[]; -+ -+/* Configure default/group WEP keys for static WEP */ -+int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) -+{ -+ int i, set = 0; -+ -+ for (i = 0; i < NUM_WEP_KEYS; i++) { -+ if (ssid->wep_key_len[i] == 0) -+ continue; -+ -+ set = 1; -+ wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL, -+ i, i == ssid->wep_tx_keyidx, NULL, 0, -+ ssid->wep_key[i], ssid->wep_key_len[i]); -+ } -+ -+ return set; -+} -+ -+ -+static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s, -+ struct wpa_ssid *ssid) -+{ -+ u8 key[32]; -+ size_t keylen; -+ enum wpa_alg alg; -+ u8 seq[6] = { 0 }; -+ -+ /* IBSS/WPA-None uses only one key (Group) for both receiving and -+ * sending unicast and multicast packets. */ -+ -+ if (ssid->mode != WPAS_MODE_IBSS) { -+ wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not " -+ "IBSS/ad-hoc) for WPA-None", ssid->mode); -+ return -1; -+ } -+ -+ if (!ssid->psk_set) { -+ wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for " -+ "WPA-None"); -+ return -1; -+ } -+ -+ switch (wpa_s->group_cipher) { -+ case WPA_CIPHER_CCMP: -+ os_memcpy(key, ssid->psk, 16); -+ keylen = 16; -+ alg = WPA_ALG_CCMP; -+ break; -+ case WPA_CIPHER_GCMP: -+ os_memcpy(key, ssid->psk, 16); -+ keylen = 16; -+ alg = WPA_ALG_GCMP; -+ break; -+ case WPA_CIPHER_TKIP: -+ /* WPA-None uses the same Michael MIC key for both TX and RX */ -+ os_memcpy(key, ssid->psk, 16 + 8); -+ os_memcpy(key + 16 + 8, ssid->psk + 16, 8); -+ keylen = 32; -+ alg = WPA_ALG_TKIP; -+ break; -+ default: -+ wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for " -+ "WPA-None", wpa_s->group_cipher); -+ return -1; -+ } -+ -+ /* TODO: should actually remember the previously used seq#, both for TX -+ * and RX from each STA.. */ -+ -+ return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen); -+} -+ -+ -+static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx) -+{ -+ struct wpa_supplicant *wpa_s = eloop_ctx; -+ const u8 *bssid = wpa_s->bssid; -+ if (is_zero_ether_addr(bssid)) -+ bssid = wpa_s->pending_bssid; -+ wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.", -+ MAC2STR(bssid)); -+ wpa_blacklist_add(wpa_s, bssid); -+ wpa_sm_notify_disassoc(wpa_s->wpa); -+ wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING); -+ wpa_s->reassociate = 1; -+ -+ /* -+ * If we timed out, the AP or the local radio may be busy. -+ * So, wait a second until scanning again. -+ */ -+ wpa_supplicant_req_scan(wpa_s, 1, 0); -+ -+#ifdef CONFIG_P2P -+ if (wpa_s->global->p2p_cb_on_scan_complete && !wpa_s->global->p2p_disabled && -+ wpa_s->global->p2p != NULL) { -+ wpa_s->global->p2p_cb_on_scan_complete = 0; -+ if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation " -+ "continued after timed out authentication"); -+ } -+ } -+#endif /* CONFIG_P2P */ -+} -+ -+ -+/** -+ * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication -+ * @wpa_s: Pointer to wpa_supplicant data -+ * @sec: Number of seconds after which to time out authentication -+ * @usec: Number of microseconds after which to time out authentication -+ * -+ * This function is used to schedule a timeout for the current authentication -+ * attempt. -+ */ -+void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s, -+ int sec, int usec) -+{ -+ if (wpa_s->conf && wpa_s->conf->ap_scan == 0 && -+ (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)) -+ return; -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec " -+ "%d usec", sec, usec); -+ eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); -+ eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL); -+} -+ -+ -+/** -+ * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout -+ * @wpa_s: Pointer to wpa_supplicant data -+ * -+ * This function is used to cancel authentication timeout scheduled with -+ * wpa_supplicant_req_auth_timeout() and it is called when authentication has -+ * been completed. -+ */ -+void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s) -+{ -+ wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout"); -+ eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); -+ wpa_blacklist_del(wpa_s, wpa_s->bssid); -+} -+ -+ -+/** -+ * wpa_supplicant_initiate_eapol - Configure EAPOL state machine -+ * @wpa_s: Pointer to wpa_supplicant data -+ * -+ * This function is used to configure EAPOL state machine based on the selected -+ * authentication mode. -+ */ -+void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s) -+{ -+#ifdef IEEE8021X_EAPOL -+ struct eapol_config eapol_conf; -+ struct wpa_ssid *ssid = wpa_s->current_ssid; -+ -+#ifdef CONFIG_IBSS_RSN -+ if (ssid->mode == WPAS_MODE_IBSS && -+ wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && -+ wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) { -+ /* -+ * RSN IBSS authentication is per-STA and we can disable the -+ * per-BSSID EAPOL authentication. -+ */ -+ eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized); -+ eapol_sm_notify_eap_success(wpa_s->eapol, TRUE); -+ eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE); -+ return; -+ } -+#endif /* CONFIG_IBSS_RSN */ -+ -+ eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); -+ eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE); -+ -+ if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || -+ wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) -+ eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized); -+ else -+ eapol_sm_notify_portControl(wpa_s->eapol, Auto); -+ -+ os_memset(&eapol_conf, 0, sizeof(eapol_conf)); -+ if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { -+ eapol_conf.accept_802_1x_keys = 1; -+ eapol_conf.required_keys = 0; -+ if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) { -+ eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST; -+ } -+ if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) { -+ eapol_conf.required_keys |= -+ EAPOL_REQUIRE_KEY_BROADCAST; -+ } -+ -+ if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)) -+ eapol_conf.required_keys = 0; -+ } -+ if (wpa_s->conf) -+ eapol_conf.fast_reauth = wpa_s->conf->fast_reauth; -+ eapol_conf.workaround = ssid->eap_workaround; -+ eapol_conf.eap_disabled = -+ !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) && -+ wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA && -+ wpa_s->key_mgmt != WPA_KEY_MGMT_WPS; -+ eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf); -+#endif /* IEEE8021X_EAPOL */ -+} -+ -+ -+/** -+ * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode -+ * @wpa_s: Pointer to wpa_supplicant data -+ * @ssid: Configuration data for the network -+ * -+ * This function is used to configure WPA state machine and related parameters -+ * to a mode where WPA is not enabled. This is called as part of the -+ * authentication configuration when the selected network does not use WPA. -+ */ -+void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s, -+ struct wpa_ssid *ssid) -+{ -+ int i; -+ -+ if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) -+ wpa_s->key_mgmt = WPA_KEY_MGMT_WPS; -+ else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) -+ wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA; -+ else -+ wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; -+ wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0); -+ wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0); -+ wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); -+ wpa_s->pairwise_cipher = WPA_CIPHER_NONE; -+ wpa_s->group_cipher = WPA_CIPHER_NONE; -+ wpa_s->mgmt_group_cipher = 0; -+ -+ for (i = 0; i < NUM_WEP_KEYS; i++) { -+ if (ssid->wep_key_len[i] > 5) { -+ wpa_s->pairwise_cipher = WPA_CIPHER_WEP104; -+ wpa_s->group_cipher = WPA_CIPHER_WEP104; -+ break; -+ } else if (ssid->wep_key_len[i] > 0) { -+ wpa_s->pairwise_cipher = WPA_CIPHER_WEP40; -+ wpa_s->group_cipher = WPA_CIPHER_WEP40; -+ break; -+ } -+ } -+ -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0); -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, -+ wpa_s->pairwise_cipher); -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); -+#ifdef CONFIG_IEEE80211W -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, -+ wpa_s->mgmt_group_cipher); -+#endif /* CONFIG_IEEE80211W */ -+ -+ pmksa_cache_clear_current(wpa_s->wpa); -+} -+ -+ -+void free_hw_features(struct wpa_supplicant *wpa_s) -+{ -+ int i; -+ if (wpa_s->hw.modes == NULL) -+ return; -+ -+ for (i = 0; i < wpa_s->hw.num_modes; i++) { -+ os_free(wpa_s->hw.modes[i].channels); -+ os_free(wpa_s->hw.modes[i].rates); -+ } -+ -+ os_free(wpa_s->hw.modes); -+ wpa_s->hw.modes = NULL; -+} -+ -+ -+static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s) -+{ -+ bgscan_deinit(wpa_s); -+ autoscan_deinit(wpa_s); -+ scard_deinit(wpa_s->scard); -+ wpa_s->scard = NULL; -+ wpa_sm_set_scard_ctx(wpa_s->wpa, NULL); -+ eapol_sm_register_scard_ctx(wpa_s->eapol, NULL); -+ l2_packet_deinit(wpa_s->l2); -+ wpa_s->l2 = NULL; -+ if (wpa_s->l2_br) { -+ l2_packet_deinit(wpa_s->l2_br); -+ wpa_s->l2_br = NULL; -+ } -+ -+ if (wpa_s->conf != NULL) { -+ struct wpa_ssid *ssid; -+ for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) -+ wpas_notify_network_removed(wpa_s, ssid); -+ } -+ -+ os_free(wpa_s->confname); -+ wpa_s->confname = NULL; -+ -+ wpa_sm_set_eapol(wpa_s->wpa, NULL); -+ eapol_sm_deinit(wpa_s->eapol); -+ wpa_s->eapol = NULL; -+ -+ rsn_preauth_deinit(wpa_s->wpa); -+ -+#ifdef CONFIG_TDLS -+ wpa_tdls_deinit(wpa_s->wpa); -+#endif /* CONFIG_TDLS */ -+ -+ pmksa_candidate_free(wpa_s->wpa); -+ wpa_sm_deinit(wpa_s->wpa); -+ wpa_s->wpa = NULL; -+ wpa_blacklist_clear(wpa_s); -+ -+ wpa_bss_deinit(wpa_s); -+ -+ wpa_supplicant_cancel_scan(wpa_s); -+ wpa_supplicant_cancel_auth_timeout(wpa_s); -+ eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL); -+#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT -+ eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report, -+ wpa_s, NULL); -+#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */ -+ -+ wpas_wps_deinit(wpa_s); -+ -+ wpabuf_free(wpa_s->pending_eapol_rx); -+ wpa_s->pending_eapol_rx = NULL; -+ -+#ifdef CONFIG_IBSS_RSN -+ ibss_rsn_deinit(wpa_s->ibss_rsn); -+ wpa_s->ibss_rsn = NULL; -+#endif /* CONFIG_IBSS_RSN */ -+ -+ sme_deinit(wpa_s); -+ -+#ifdef CONFIG_AP -+ wpa_supplicant_ap_deinit(wpa_s); -+#endif /* CONFIG_AP */ -+ -+#ifdef CONFIG_P2P -+ wpas_p2p_deinit(wpa_s); -+#endif /* CONFIG_P2P */ -+ -+#ifdef CONFIG_OFFCHANNEL -+ offchannel_deinit(wpa_s); -+#endif /* CONFIG_OFFCHANNEL */ -+ -+ wpa_supplicant_cancel_sched_scan(wpa_s); -+ -+ os_free(wpa_s->next_scan_freqs); -+ wpa_s->next_scan_freqs = NULL; -+ -+ gas_query_deinit(wpa_s->gas); -+ wpa_s->gas = NULL; -+ -+ free_hw_features(wpa_s); -+ -+ os_free(wpa_s->bssid_filter); -+ wpa_s->bssid_filter = NULL; -+ -+ os_free(wpa_s->disallow_aps_bssid); -+ wpa_s->disallow_aps_bssid = NULL; -+ os_free(wpa_s->disallow_aps_ssid); -+ wpa_s->disallow_aps_ssid = NULL; -+ -+ wnm_bss_keep_alive_deinit(wpa_s); -+ -+ ext_password_deinit(wpa_s->ext_pw); -+ wpa_s->ext_pw = NULL; -+ -+ wpabuf_free(wpa_s->last_gas_resp); -+ -+ os_free(wpa_s->last_scan_res); -+ wpa_s->last_scan_res = NULL; -+} -+ -+ -+/** -+ * wpa_clear_keys - Clear keys configured for the driver -+ * @wpa_s: Pointer to wpa_supplicant data -+ * @addr: Previously used BSSID or %NULL if not available -+ * -+ * This function clears the encryption keys that has been previously configured -+ * for the driver. -+ */ -+void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr) -+{ -+ if (wpa_s->keys_cleared) { -+ /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have -+ * timing issues with keys being cleared just before new keys -+ * are set or just after association or something similar. This -+ * shows up in group key handshake failing often because of the -+ * client not receiving the first encrypted packets correctly. -+ * Skipping some of the extra key clearing steps seems to help -+ * in completing group key handshake more reliably. */ -+ wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - " -+ "skip key clearing"); -+ return; -+ } -+ -+ /* MLME-DELETEKEYS.request */ -+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0); -+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0); -+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0); -+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0); -+#ifdef CONFIG_IEEE80211W -+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0); -+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0); -+#endif /* CONFIG_IEEE80211W */ -+ if (addr) { -+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL, -+ 0); -+ /* MLME-SETPROTECTION.request(None) */ -+ wpa_drv_mlme_setprotection( -+ wpa_s, addr, -+ MLME_SETPROTECTION_PROTECT_TYPE_NONE, -+ MLME_SETPROTECTION_KEY_TYPE_PAIRWISE); -+ } -+ wpa_s->keys_cleared = 1; -+} -+ -+ -+/** -+ * wpa_supplicant_state_txt - Get the connection state name as a text string -+ * @state: State (wpa_state; WPA_*) -+ * Returns: The state name as a printable text string -+ */ -+const char * wpa_supplicant_state_txt(enum wpa_states state) -+{ -+ switch (state) { -+ case WPA_DISCONNECTED: -+ return "DISCONNECTED"; -+ case WPA_INACTIVE: -+ return "INACTIVE"; -+ case WPA_INTERFACE_DISABLED: -+ return "INTERFACE_DISABLED"; -+ case WPA_SCANNING: -+ return "SCANNING"; -+ case WPA_AUTHENTICATING: -+ return "AUTHENTICATING"; -+ case WPA_ASSOCIATING: -+ return "ASSOCIATING"; -+ case WPA_ASSOCIATED: -+ return "ASSOCIATED"; -+ case WPA_4WAY_HANDSHAKE: -+ return "4WAY_HANDSHAKE"; -+ case WPA_GROUP_HANDSHAKE: -+ return "GROUP_HANDSHAKE"; -+ case WPA_COMPLETED: -+ return "COMPLETED"; -+ default: -+ return "UNKNOWN"; -+ } -+} -+ -+ -+#ifdef CONFIG_BGSCAN -+ -+static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s) -+{ -+ if (wpas_driver_bss_selection(wpa_s)) -+ return; -+ if (wpa_s->current_ssid == wpa_s->bgscan_ssid) -+ return; -+ -+ bgscan_deinit(wpa_s); -+ if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) { -+ if (bgscan_init(wpa_s, wpa_s->current_ssid)) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize " -+ "bgscan"); -+ /* -+ * Live without bgscan; it is only used as a roaming -+ * optimization, so the initial connection is not -+ * affected. -+ */ -+ } else { -+ struct wpa_scan_results *scan_res; -+ wpa_s->bgscan_ssid = wpa_s->current_ssid; -+ scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, -+ 0); -+ if (scan_res) { -+ bgscan_notify_scan(wpa_s, scan_res); -+ wpa_scan_results_free(scan_res); -+ } -+ } -+ } else -+ wpa_s->bgscan_ssid = NULL; -+} -+ -+ -+static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s) -+{ -+ if (wpa_s->bgscan_ssid != NULL) { -+ bgscan_deinit(wpa_s); -+ wpa_s->bgscan_ssid = NULL; -+ } -+} -+ -+#endif /* CONFIG_BGSCAN */ -+ -+ -+static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s) -+{ -+ if (autoscan_init(wpa_s, 0)) -+ wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan"); -+} -+ -+ -+static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s) -+{ -+ autoscan_deinit(wpa_s); -+} -+ -+ -+void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s) -+{ -+ if (wpa_s->wpa_state == WPA_DISCONNECTED || -+ wpa_s->wpa_state == WPA_SCANNING) { -+ autoscan_deinit(wpa_s); -+ wpa_supplicant_start_autoscan(wpa_s); -+ } -+} -+ -+ -+/** -+ * wpa_supplicant_set_state - Set current connection state -+ * @wpa_s: Pointer to wpa_supplicant data -+ * @state: The new connection state -+ * -+ * This function is called whenever the connection state changes, e.g., -+ * association is completed for WPA/WPA2 4-Way Handshake is started. -+ */ -+void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, -+ enum wpa_states state) -+{ -+ enum wpa_states old_state = wpa_s->wpa_state; -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s", -+ wpa_supplicant_state_txt(wpa_s->wpa_state), -+ wpa_supplicant_state_txt(state)); -+ -+ if (state != WPA_SCANNING) -+ wpa_supplicant_notify_scanning(wpa_s, 0); -+ -+ if (state == WPA_COMPLETED && wpa_s->new_connection) { -+#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG) -+ struct wpa_ssid *ssid = wpa_s->current_ssid; -+ wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to " -+ MACSTR " completed [id=%d id_str=%s]", -+ MAC2STR(wpa_s->bssid), -+ ssid ? ssid->id : -1, -+ ssid && ssid->id_str ? ssid->id_str : ""); -+#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */ -+ wpas_clear_temp_disabled(wpa_s, ssid, 1); -+ wpa_s->extra_blacklist_count = 0; -+ wpa_s->new_connection = 0; -+ wpa_drv_set_operstate(wpa_s, 1); -+#ifndef IEEE8021X_EAPOL -+ wpa_drv_set_supp_port(wpa_s, 1); -+#endif /* IEEE8021X_EAPOL */ -+ wpa_s->after_wps = 0; -+#ifdef CONFIG_P2P -+ wpas_p2p_completed(wpa_s); -+#endif /* CONFIG_P2P */ -+ -+ sme_sched_obss_scan(wpa_s, 1); -+ } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING || -+ state == WPA_ASSOCIATED) { -+ wpa_s->new_connection = 1; -+ wpa_drv_set_operstate(wpa_s, 0); -+#ifndef IEEE8021X_EAPOL -+ wpa_drv_set_supp_port(wpa_s, 0); -+#endif /* IEEE8021X_EAPOL */ -+ sme_sched_obss_scan(wpa_s, 0); -+ } -+ wpa_s->wpa_state = state; -+ -+#ifdef CONFIG_BGSCAN -+ if (state == WPA_COMPLETED) -+ wpa_supplicant_start_bgscan(wpa_s); -+ else -+ wpa_supplicant_stop_bgscan(wpa_s); -+#endif /* CONFIG_BGSCAN */ -+ -+ if (state == WPA_AUTHENTICATING) -+ wpa_supplicant_stop_autoscan(wpa_s); -+ -+ if (state == WPA_DISCONNECTED || state == WPA_INACTIVE) -+ wpa_supplicant_start_autoscan(wpa_s); -+ -+ if (wpa_s->wpa_state != old_state) { -+ wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state); -+ -+ if (wpa_s->wpa_state == WPA_COMPLETED || -+ old_state == WPA_COMPLETED) -+ wpas_notify_auth_changed(wpa_s); -+ } -+} -+ -+ -+void wpa_supplicant_terminate_proc(struct wpa_global *global) -+{ -+ int pending = 0; -+#ifdef CONFIG_WPS -+ struct wpa_supplicant *wpa_s = global->ifaces; -+ while (wpa_s) { -+ if (wpas_wps_terminate_pending(wpa_s) == 1) -+ pending = 1; -+ wpa_s = wpa_s->next; -+ } -+#endif /* CONFIG_WPS */ -+ if (pending) -+ return; -+ eloop_terminate(); -+} -+ -+ -+static void wpa_supplicant_terminate(int sig, void *signal_ctx) -+{ -+ struct wpa_global *global = signal_ctx; -+ wpa_supplicant_terminate_proc(global); -+} -+ -+ -+void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s) -+{ -+ enum wpa_states old_state = wpa_s->wpa_state; -+ -+ wpa_s->pairwise_cipher = 0; -+ wpa_s->group_cipher = 0; -+ wpa_s->mgmt_group_cipher = 0; -+ wpa_s->key_mgmt = 0; -+ if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED) -+ wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); -+ -+ if (wpa_s->wpa_state != old_state) -+ wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state); -+} -+ -+ -+/** -+ * wpa_supplicant_reload_configuration - Reload configuration data -+ * @wpa_s: Pointer to wpa_supplicant data -+ * Returns: 0 on success or -1 if configuration parsing failed -+ * -+ * This function can be used to request that the configuration data is reloaded -+ * (e.g., after configuration file change). This function is reloading -+ * configuration only for one interface, so this may need to be called multiple -+ * times if %wpa_supplicant is controlling multiple interfaces and all -+ * interfaces need reconfiguration. -+ */ -+int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s) -+{ -+ struct wpa_config *conf; -+ int reconf_ctrl; -+ int old_ap_scan; -+ -+ if (wpa_s->confname == NULL) -+ return -1; -+ conf = wpa_config_read(wpa_s->confname); -+ if (conf == NULL) { -+ wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration " -+ "file '%s' - exiting", wpa_s->confname); -+ return -1; -+ } -+ conf->changed_parameters = (unsigned int) -1; -+ -+ reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface -+ || (conf->ctrl_interface && wpa_s->conf->ctrl_interface && -+ os_strcmp(conf->ctrl_interface, -+ wpa_s->conf->ctrl_interface) != 0); -+ -+ if (reconf_ctrl && wpa_s->ctrl_iface) { -+ wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface); -+ wpa_s->ctrl_iface = NULL; -+ } -+ -+ eapol_sm_invalidate_cached_session(wpa_s->eapol); -+ if (wpa_s->current_ssid) { -+ wpa_supplicant_deauthenticate(wpa_s, -+ WLAN_REASON_DEAUTH_LEAVING); -+ } -+ -+ /* -+ * TODO: should notify EAPOL SM about changes in opensc_engine_path, -+ * pkcs11_engine_path, pkcs11_module_path. -+ */ -+ if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { -+ /* -+ * Clear forced success to clear EAP state for next -+ * authentication. -+ */ -+ eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); -+ } -+ eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); -+ wpa_sm_set_config(wpa_s->wpa, NULL); -+ wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL); -+ wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); -+ rsn_preauth_deinit(wpa_s->wpa); -+ -+ old_ap_scan = wpa_s->conf->ap_scan; -+ wpa_config_free(wpa_s->conf); -+ wpa_s->conf = conf; -+ if (old_ap_scan != wpa_s->conf->ap_scan) -+ wpas_notify_ap_scan_changed(wpa_s); -+ -+ if (reconf_ctrl) -+ wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); -+ -+ wpa_supplicant_update_config(wpa_s); -+ -+ wpa_supplicant_clear_status(wpa_s); -+ if (wpa_supplicant_enabled_networks(wpa_s)) { -+ wpa_s->reassociate = 1; -+ wpa_supplicant_req_scan(wpa_s, 0, 0); -+ } -+ wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed"); -+ return 0; -+} -+ -+ -+static void wpa_supplicant_reconfig(int sig, void *signal_ctx) -+{ -+ struct wpa_global *global = signal_ctx; -+ struct wpa_supplicant *wpa_s; -+ for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring", -+ sig); -+ if (wpa_supplicant_reload_configuration(wpa_s) < 0) { -+ wpa_supplicant_terminate_proc(global); -+ } -+ } -+} -+ -+ -+enum wpa_cipher cipher_suite2driver(int cipher) -+{ -+ switch (cipher) { -+ case WPA_CIPHER_NONE: -+ return CIPHER_NONE; -+ case WPA_CIPHER_WEP40: -+ return CIPHER_WEP40; -+ case WPA_CIPHER_WEP104: -+ return CIPHER_WEP104; -+ case WPA_CIPHER_CCMP: -+ return CIPHER_CCMP; -+ case WPA_CIPHER_GCMP: -+ return CIPHER_GCMP; -+ case WPA_CIPHER_TKIP: -+ default: -+ return CIPHER_TKIP; -+ } -+} -+ -+ -+enum wpa_key_mgmt key_mgmt2driver(int key_mgmt) -+{ -+ switch (key_mgmt) { -+ case WPA_KEY_MGMT_NONE: -+ return KEY_MGMT_NONE; -+ case WPA_KEY_MGMT_IEEE8021X_NO_WPA: -+ return KEY_MGMT_802_1X_NO_WPA; -+ case WPA_KEY_MGMT_IEEE8021X: -+ return KEY_MGMT_802_1X; -+ case WPA_KEY_MGMT_WPA_NONE: -+ return KEY_MGMT_WPA_NONE; -+ case WPA_KEY_MGMT_FT_IEEE8021X: -+ return KEY_MGMT_FT_802_1X; -+ case WPA_KEY_MGMT_FT_PSK: -+ return KEY_MGMT_FT_PSK; -+ case WPA_KEY_MGMT_IEEE8021X_SHA256: -+ return KEY_MGMT_802_1X_SHA256; -+ case WPA_KEY_MGMT_PSK_SHA256: -+ return KEY_MGMT_PSK_SHA256; -+ case WPA_KEY_MGMT_WPS: -+ return KEY_MGMT_WPS; -+ case WPA_KEY_MGMT_PSK: -+ default: -+ return KEY_MGMT_PSK; -+ } -+} -+ -+ -+static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s, -+ struct wpa_ssid *ssid, -+ struct wpa_ie_data *ie) -+{ -+ int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie); -+ if (ret) { -+ if (ret == -2) { -+ wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE " -+ "from association info"); -+ } -+ return -1; -+ } -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set " -+ "cipher suites"); -+ if (!(ie->group_cipher & ssid->group_cipher)) { -+ wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group " -+ "cipher 0x%x (mask 0x%x) - reject", -+ ie->group_cipher, ssid->group_cipher); -+ return -1; -+ } -+ if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) { -+ wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise " -+ "cipher 0x%x (mask 0x%x) - reject", -+ ie->pairwise_cipher, ssid->pairwise_cipher); -+ return -1; -+ } -+ if (!(ie->key_mgmt & ssid->key_mgmt)) { -+ wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key " -+ "management 0x%x (mask 0x%x) - reject", -+ ie->key_mgmt, ssid->key_mgmt); -+ return -1; -+ } -+ -+#ifdef CONFIG_IEEE80211W -+ if (!(ie->capabilities & WPA_CAPABILITY_MFPC) && -+ (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ? -+ wpa_s->conf->pmf : ssid->ieee80211w) == -+ MGMT_FRAME_PROTECTION_REQUIRED) { -+ wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP " -+ "that does not support management frame protection - " -+ "reject"); -+ return -1; -+ } -+#endif /* CONFIG_IEEE80211W */ -+ -+ return 0; -+} -+ -+ -+/** -+ * wpa_supplicant_set_suites - Set authentication and encryption parameters -+ * @wpa_s: Pointer to wpa_supplicant data -+ * @bss: Scan results for the selected BSS, or %NULL if not available -+ * @ssid: Configuration data for the selected network -+ * @wpa_ie: Buffer for the WPA/RSN IE -+ * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the -+ * used buffer length in case the functions returns success. -+ * Returns: 0 on success or -1 on failure -+ * -+ * This function is used to configure authentication and encryption parameters -+ * based on the network configuration and scan result for the selected BSS (if -+ * available). -+ */ -+int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, -+ struct wpa_bss *bss, struct wpa_ssid *ssid, -+ u8 *wpa_ie, size_t *wpa_ie_len) -+{ -+ struct wpa_ie_data ie; -+ int sel, proto; -+ const u8 *bss_wpa, *bss_rsn; -+ -+ if (bss) { -+ bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); -+ bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); -+ } else -+ bss_wpa = bss_rsn = NULL; -+ -+ if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) && -+ wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 && -+ (ie.group_cipher & ssid->group_cipher) && -+ (ie.pairwise_cipher & ssid->pairwise_cipher) && -+ (ie.key_mgmt & ssid->key_mgmt)) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0"); -+ proto = WPA_PROTO_RSN; -+ } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) && -+ wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 && -+ (ie.group_cipher & ssid->group_cipher) && -+ (ie.pairwise_cipher & ssid->pairwise_cipher) && -+ (ie.key_mgmt & ssid->key_mgmt)) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0"); -+ proto = WPA_PROTO_WPA; -+ } else if (bss) { -+ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN"); -+ return -1; -+ } else { -+ if (ssid->proto & WPA_PROTO_RSN) -+ proto = WPA_PROTO_RSN; -+ else -+ proto = WPA_PROTO_WPA; -+ if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) { -+ os_memset(&ie, 0, sizeof(ie)); -+ ie.group_cipher = ssid->group_cipher; -+ ie.pairwise_cipher = ssid->pairwise_cipher; -+ ie.key_mgmt = ssid->key_mgmt; -+#ifdef CONFIG_IEEE80211W -+ ie.mgmt_group_cipher = -+ ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ? -+ WPA_CIPHER_AES_128_CMAC : 0; -+#endif /* CONFIG_IEEE80211W */ -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites " -+ "based on configuration"); -+ } else -+ proto = ie.proto; -+ } -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d " -+ "pairwise %d key_mgmt %d proto %d", -+ ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto); -+#ifdef CONFIG_IEEE80211W -+ if (ssid->ieee80211w) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d", -+ ie.mgmt_group_cipher); -+ } -+#endif /* CONFIG_IEEE80211W */ -+ -+ wpa_s->wpa_proto = proto; -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto); -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, -+ !!(ssid->proto & WPA_PROTO_RSN)); -+ -+ if (bss || !wpa_s->ap_ies_from_associnfo) { -+ if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa, -+ bss_wpa ? 2 + bss_wpa[1] : 0) || -+ wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn, -+ bss_rsn ? 2 + bss_rsn[1] : 0)) -+ return -1; -+ } -+ -+ sel = ie.group_cipher & ssid->group_cipher; -+ if (sel & WPA_CIPHER_CCMP) { -+ wpa_s->group_cipher = WPA_CIPHER_CCMP; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP"); -+ } else if (sel & WPA_CIPHER_GCMP) { -+ wpa_s->group_cipher = WPA_CIPHER_GCMP; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK GCMP"); -+ } else if (sel & WPA_CIPHER_TKIP) { -+ wpa_s->group_cipher = WPA_CIPHER_TKIP; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP"); -+ } else if (sel & WPA_CIPHER_WEP104) { -+ wpa_s->group_cipher = WPA_CIPHER_WEP104; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104"); -+ } else if (sel & WPA_CIPHER_WEP40) { -+ wpa_s->group_cipher = WPA_CIPHER_WEP40; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40"); -+ } else { -+ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group " -+ "cipher"); -+ return -1; -+ } -+ -+ sel = ie.pairwise_cipher & ssid->pairwise_cipher; -+ if (sel & WPA_CIPHER_CCMP) { -+ wpa_s->pairwise_cipher = WPA_CIPHER_CCMP; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP"); -+ } else if (sel & WPA_CIPHER_GCMP) { -+ wpa_s->pairwise_cipher = WPA_CIPHER_GCMP; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK GCMP"); -+ } else if (sel & WPA_CIPHER_TKIP) { -+ wpa_s->pairwise_cipher = WPA_CIPHER_TKIP; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP"); -+ } else if (sel & WPA_CIPHER_NONE) { -+ wpa_s->pairwise_cipher = WPA_CIPHER_NONE; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE"); -+ } else { -+ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise " -+ "cipher"); -+ return -1; -+ } -+ -+ sel = ie.key_mgmt & ssid->key_mgmt; -+#ifdef CONFIG_SAE -+ if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE)) -+ sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE); -+#endif /* CONFIG_SAE */ -+ if (0) { -+#ifdef CONFIG_IEEE80211R -+ } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) { -+ wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X"); -+ } else if (sel & WPA_KEY_MGMT_FT_PSK) { -+ wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK"); -+#endif /* CONFIG_IEEE80211R */ -+#ifdef CONFIG_SAE -+ } else if (sel & WPA_KEY_MGMT_SAE) { -+ wpa_s->key_mgmt = WPA_KEY_MGMT_SAE; -+ wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE"); -+ } else if (sel & WPA_KEY_MGMT_FT_SAE) { -+ wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE; -+ wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE"); -+#endif /* CONFIG_SAE */ -+#ifdef CONFIG_IEEE80211W -+ } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) { -+ wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256; -+ wpa_dbg(wpa_s, MSG_DEBUG, -+ "WPA: using KEY_MGMT 802.1X with SHA256"); -+ } else if (sel & WPA_KEY_MGMT_PSK_SHA256) { -+ wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256; -+ wpa_dbg(wpa_s, MSG_DEBUG, -+ "WPA: using KEY_MGMT PSK with SHA256"); -+#endif /* CONFIG_IEEE80211W */ -+ } else if (sel & WPA_KEY_MGMT_IEEE8021X) { -+ wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X"); -+ } else if (sel & WPA_KEY_MGMT_PSK) { -+ wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK"); -+ } else if (sel & WPA_KEY_MGMT_WPA_NONE) { -+ wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE"); -+ } else { -+ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select " -+ "authenticated key management type"); -+ return -1; -+ } -+ -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, -+ wpa_s->pairwise_cipher); -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); -+ -+#ifdef CONFIG_IEEE80211W -+ sel = ie.mgmt_group_cipher; -+ if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ? -+ wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION || -+ !(ie.capabilities & WPA_CAPABILITY_MFPC)) -+ sel = 0; -+ if (sel & WPA_CIPHER_AES_128_CMAC) { -+ wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher " -+ "AES-128-CMAC"); -+ } else { -+ wpa_s->mgmt_group_cipher = 0; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher"); -+ } -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, -+ wpa_s->mgmt_group_cipher); -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, -+ (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ? -+ wpa_s->conf->pmf : ssid->ieee80211w)); -+#endif /* CONFIG_IEEE80211W */ -+ -+ if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) { -+ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE"); -+ return -1; -+ } -+ -+ if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) { -+ wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN); -+#ifndef CONFIG_NO_PBKDF2 -+ if (bss && ssid->bssid_set && ssid->ssid_len == 0 && -+ ssid->passphrase) { -+ u8 psk[PMK_LEN]; -+ pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len, -+ 4096, psk, PMK_LEN); -+ wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)", -+ psk, PMK_LEN); -+ wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN); -+ } -+#endif /* CONFIG_NO_PBKDF2 */ -+#ifdef CONFIG_EXT_PASSWORD -+ if (ssid->ext_psk) { -+ struct wpabuf *pw = ext_password_get(wpa_s->ext_pw, -+ ssid->ext_psk); -+ char pw_str[64 + 1]; -+ u8 psk[PMK_LEN]; -+ -+ if (pw == NULL) { -+ wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK " -+ "found from external storage"); -+ return -1; -+ } -+ -+ if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) { -+ wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected " -+ "PSK length %d in external storage", -+ (int) wpabuf_len(pw)); -+ ext_password_free(pw); -+ return -1; -+ } -+ -+ os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw)); -+ pw_str[wpabuf_len(pw)] = '\0'; -+ -+#ifndef CONFIG_NO_PBKDF2 -+ if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss) -+ { -+ pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len, -+ 4096, psk, PMK_LEN); -+ os_memset(pw_str, 0, sizeof(pw_str)); -+ wpa_hexdump_key(MSG_MSGDUMP, "PSK (from " -+ "external passphrase)", -+ psk, PMK_LEN); -+ wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN); -+ } else -+#endif /* CONFIG_NO_PBKDF2 */ -+ if (wpabuf_len(pw) == 2 * PMK_LEN) { -+ if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) { -+ wpa_msg(wpa_s, MSG_INFO, "EXT PW: " -+ "Invalid PSK hex string"); -+ os_memset(pw_str, 0, sizeof(pw_str)); -+ ext_password_free(pw); -+ return -1; -+ } -+ wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN); -+ } else { -+ wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable " -+ "PSK available"); -+ os_memset(pw_str, 0, sizeof(pw_str)); -+ ext_password_free(pw); -+ return -1; -+ } -+ -+ os_memset(pw_str, 0, sizeof(pw_str)); -+ ext_password_free(pw); -+ } -+#endif /* CONFIG_EXT_PASSWORD */ -+ } else -+ wpa_sm_set_pmk_from_pmksa(wpa_s->wpa); -+ -+ return 0; -+} -+ -+ -+int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf) -+{ -+ u32 ext_capab = 0; -+ u8 *pos = buf; -+ -+#ifdef CONFIG_INTERWORKING -+ if (wpa_s->conf->interworking) -+ ext_capab |= BIT(31); /* Interworking */ -+#endif /* CONFIG_INTERWORKING */ -+ -+#ifdef CONFIG_WNM -+ ext_capab |= BIT(17); /* WNM-Sleep Mode */ -+ ext_capab |= BIT(19); /* BSS Transition */ -+#endif /* CONFIG_WNM */ -+ -+ if (!ext_capab) -+ return 0; -+ -+ *pos++ = WLAN_EID_EXT_CAPAB; -+ *pos++ = 4; -+ WPA_PUT_LE32(pos, ext_capab); -+ pos += 4; -+ -+ return pos - buf; -+} -+ -+ -+/** -+ * wpa_supplicant_associate - Request association -+ * @wpa_s: Pointer to wpa_supplicant data -+ * @bss: Scan results for the selected BSS, or %NULL if not available -+ * @ssid: Configuration data for the selected network -+ * -+ * This function is used to request %wpa_supplicant to associate with a BSS. -+ */ -+void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, -+ struct wpa_bss *bss, struct wpa_ssid *ssid) -+{ -+ u8 wpa_ie[200]; -+ size_t wpa_ie_len; -+ int use_crypt, ret, i, bssid_changed; -+ int algs = WPA_AUTH_ALG_OPEN; -+ enum wpa_cipher cipher_pairwise, cipher_group; -+ struct wpa_driver_associate_params params; -+ int wep_keys_set = 0; -+ struct wpa_driver_capa capa; -+ int assoc_failed = 0; -+ struct wpa_ssid *old_ssid; -+ u8 ext_capab[10]; -+ int ext_capab_len; -+#ifdef CONFIG_HT_OVERRIDES -+ struct ieee80211_ht_capabilities htcaps; -+ struct ieee80211_ht_capabilities htcaps_mask; -+#endif /* CONFIG_HT_OVERRIDES */ -+ -+#ifdef CONFIG_IBSS_RSN -+ ibss_rsn_deinit(wpa_s->ibss_rsn); -+ wpa_s->ibss_rsn = NULL; -+#endif /* CONFIG_IBSS_RSN */ -+ -+ if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO || -+ ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) { -+#ifdef CONFIG_AP -+ if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) { -+ wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP " -+ "mode"); -+ return; -+ } -+ if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) { -+ wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); -+ return; -+ } -+ wpa_s->current_bss = bss; -+#else /* CONFIG_AP */ -+ wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in " -+ "the build"); -+#endif /* CONFIG_AP */ -+ return; -+ } -+ -+#ifdef CONFIG_TDLS -+ if (bss) -+ wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1), -+ bss->ie_len); -+#endif /* CONFIG_TDLS */ -+ -+ if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && -+ ssid->mode == IEEE80211_MODE_INFRA) { -+ sme_authenticate(wpa_s, bss, ssid); -+ return; -+ } -+ -+ os_memset(¶ms, 0, sizeof(params)); -+ wpa_s->reassociate = 0; -+ if (bss && !wpas_driver_bss_selection(wpa_s)) { -+#ifdef CONFIG_IEEE80211R -+ const u8 *ie, *md = NULL; -+#endif /* CONFIG_IEEE80211R */ -+ wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR -+ " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid), -+ wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq); -+ bssid_changed = !is_zero_ether_addr(wpa_s->bssid); -+ os_memset(wpa_s->bssid, 0, ETH_ALEN); -+ os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); -+ if (bssid_changed) -+ wpas_notify_bssid_changed(wpa_s); -+#ifdef CONFIG_IEEE80211R -+ ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN); -+ if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN) -+ md = ie + 2; -+ wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0); -+ if (md) { -+ /* Prepare for the next transition */ -+ wpa_ft_prepare_auth_request(wpa_s->wpa, ie); -+ } -+#endif /* CONFIG_IEEE80211R */ -+#ifdef CONFIG_WPS -+ } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) && -+ wpa_s->conf->ap_scan == 2 && -+ (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { -+ /* Use ap_scan==1 style network selection to find the network -+ */ -+ wpa_s->scan_req = MANUAL_SCAN_REQ; -+ wpa_s->reassociate = 1; -+ wpa_supplicant_req_scan(wpa_s, 0, 0); -+ return; -+#endif /* CONFIG_WPS */ -+ } else { -+ wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'", -+ wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); -+ os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); -+ } -+ wpa_supplicant_cancel_sched_scan(wpa_s); -+ wpa_supplicant_cancel_scan(wpa_s); -+ -+ /* Starting new association, so clear the possibly used WPA IE from the -+ * previous association. */ -+ wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); -+ -+#ifdef IEEE8021X_EAPOL -+ if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) { -+ if (ssid->leap) { -+ if (ssid->non_leap == 0) -+ algs = WPA_AUTH_ALG_LEAP; -+ else -+ algs |= WPA_AUTH_ALG_LEAP; -+ } -+ } -+#endif /* IEEE8021X_EAPOL */ -+ wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs); -+ if (ssid->auth_alg) { -+ algs = ssid->auth_alg; -+ wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: " -+ "0x%x", algs); -+ } -+ -+ if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) || -+ wpa_bss_get_ie(bss, WLAN_EID_RSN)) && -+ wpa_key_mgmt_wpa(ssid->key_mgmt)) { -+ int try_opportunistic; -+ try_opportunistic = (ssid->proactive_key_caching < 0 ? -+ wpa_s->conf->okc : -+ ssid->proactive_key_caching) && -+ (ssid->proto & WPA_PROTO_RSN); -+ if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid, -+ wpa_s->current_ssid, -+ try_opportunistic) == 0) -+ eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1); -+ wpa_ie_len = sizeof(wpa_ie); -+ if (wpa_supplicant_set_suites(wpa_s, bss, ssid, -+ wpa_ie, &wpa_ie_len)) { -+ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " -+ "key management and encryption suites"); -+ return; -+ } -+ } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss && -+ wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) { -+ /* -+ * Both WPA and non-WPA IEEE 802.1X enabled in configuration - -+ * use non-WPA since the scan results did not indicate that the -+ * AP is using WPA or WPA2. -+ */ -+ wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); -+ wpa_ie_len = 0; -+ wpa_s->wpa_proto = 0; -+ } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) { -+ wpa_ie_len = sizeof(wpa_ie); -+ if (wpa_supplicant_set_suites(wpa_s, NULL, ssid, -+ wpa_ie, &wpa_ie_len)) { -+ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " -+ "key management and encryption suites (no " -+ "scan results)"); -+ return; -+ } -+#ifdef CONFIG_WPS -+ } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) { -+ struct wpabuf *wps_ie; -+ wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid)); -+ if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) { -+ wpa_ie_len = wpabuf_len(wps_ie); -+ os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len); -+ } else -+ wpa_ie_len = 0; -+ wpabuf_free(wps_ie); -+ wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); -+ if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY)) -+ params.wps = WPS_MODE_PRIVACY; -+ else -+ params.wps = WPS_MODE_OPEN; -+ wpa_s->wpa_proto = 0; -+#endif /* CONFIG_WPS */ -+ } else { -+ wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); -+ wpa_ie_len = 0; -+ wpa_s->wpa_proto = 0; -+ } -+ -+#ifdef CONFIG_P2P -+ if (wpa_s->global->p2p) { -+ u8 *pos; -+ size_t len; -+ int res; -+ pos = wpa_ie + wpa_ie_len; -+ len = sizeof(wpa_ie) - wpa_ie_len; -+ res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len, -+ ssid->p2p_group); -+ if (res >= 0) -+ wpa_ie_len += res; -+ } -+ -+ wpa_s->cross_connect_disallowed = 0; -+ if (bss) { -+ struct wpabuf *p2p; -+ p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE); -+ if (p2p) { -+ wpa_s->cross_connect_disallowed = -+ p2p_get_cross_connect_disallowed(p2p); -+ wpabuf_free(p2p); -+ wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross " -+ "connection", -+ wpa_s->cross_connect_disallowed ? -+ "disallows" : "allows"); -+ } -+ } -+#endif /* CONFIG_P2P */ -+ -+#ifdef CONFIG_HS20 -+ if (wpa_s->conf->hs20) { -+ struct wpabuf *hs20; -+ hs20 = wpabuf_alloc(20); -+ if (hs20) { -+ wpas_hs20_add_indication(hs20); -+ os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20), -+ wpabuf_len(hs20)); -+ wpa_ie_len += wpabuf_len(hs20); -+ wpabuf_free(hs20); -+ } -+ } -+#endif /* CONFIG_HS20 */ -+ -+ ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab); -+ if (ext_capab_len > 0) { -+ u8 *pos = wpa_ie; -+ if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN) -+ pos += 2 + pos[1]; -+ os_memmove(pos + ext_capab_len, pos, -+ wpa_ie_len - (pos - wpa_ie)); -+ wpa_ie_len += ext_capab_len; -+ os_memcpy(pos, ext_capab, ext_capab_len); -+ } -+ -+ wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL); -+ use_crypt = 1; -+ cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher); -+ cipher_group = cipher_suite2driver(wpa_s->group_cipher); -+ if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || -+ wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { -+ if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) -+ use_crypt = 0; -+ if (wpa_set_wep_keys(wpa_s, ssid)) { -+ use_crypt = 1; -+ wep_keys_set = 1; -+ } -+ } -+ if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) -+ use_crypt = 0; -+ -+#ifdef IEEE8021X_EAPOL -+ if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { -+ if ((ssid->eapol_flags & -+ (EAPOL_FLAG_REQUIRE_KEY_UNICAST | -+ EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 && -+ !wep_keys_set) { -+ use_crypt = 0; -+ } else { -+ /* Assume that dynamic WEP-104 keys will be used and -+ * set cipher suites in order for drivers to expect -+ * encryption. */ -+ cipher_pairwise = cipher_group = CIPHER_WEP104; -+ } -+ } -+#endif /* IEEE8021X_EAPOL */ -+ -+ if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { -+ /* Set the key before (and later after) association */ -+ wpa_supplicant_set_wpa_none_key(wpa_s, ssid); -+ } -+ -+ wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING); -+ if (bss) { -+ params.ssid = bss->ssid; -+ params.ssid_len = bss->ssid_len; -+ if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) { -+ wpa_printf(MSG_DEBUG, "Limit connection to BSSID " -+ MACSTR " freq=%u MHz based on scan results " -+ "(bssid_set=%d)", -+ MAC2STR(bss->bssid), bss->freq, -+ ssid->bssid_set); -+ params.bssid = bss->bssid; -+ params.freq = bss->freq; -+ } -+ } else { -+ params.ssid = ssid->ssid; -+ params.ssid_len = ssid->ssid_len; -+ } -+ -+ if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set && -+ wpa_s->conf->ap_scan == 2) { -+ params.bssid = ssid->bssid; -+ params.fixed_bssid = 1; -+ } -+ -+ if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 && -+ params.freq == 0) -+ params.freq = ssid->frequency; /* Initial channel for IBSS */ -+ params.wpa_ie = wpa_ie; -+ params.wpa_ie_len = wpa_ie_len; -+ params.pairwise_suite = cipher_pairwise; -+ params.group_suite = cipher_group; -+ params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt); -+ params.wpa_proto = wpa_s->wpa_proto; -+ params.auth_alg = algs; -+ params.mode = ssid->mode; -+ params.bg_scan_period = ssid->bg_scan_period; -+ for (i = 0; i < NUM_WEP_KEYS; i++) { -+ if (ssid->wep_key_len[i]) -+ params.wep_key[i] = ssid->wep_key[i]; -+ params.wep_key_len[i] = ssid->wep_key_len[i]; -+ } -+ params.wep_tx_keyidx = ssid->wep_tx_keyidx; -+ -+ if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) && -+ (params.key_mgmt_suite == KEY_MGMT_PSK || -+ params.key_mgmt_suite == KEY_MGMT_FT_PSK)) { -+ params.passphrase = ssid->passphrase; -+ if (ssid->psk_set) -+ params.psk = ssid->psk; -+ } -+ -+ params.drop_unencrypted = use_crypt; -+ -+#ifdef CONFIG_IEEE80211W -+ params.mgmt_frame_protection = -+ ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ? -+ wpa_s->conf->pmf : ssid->ieee80211w; -+ if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) { -+ const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); -+ struct wpa_ie_data ie; -+ if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 && -+ ie.capabilities & -+ (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports " -+ "MFP: require MFP"); -+ params.mgmt_frame_protection = -+ MGMT_FRAME_PROTECTION_REQUIRED; -+ } -+ } -+#endif /* CONFIG_IEEE80211W */ -+ -+ params.p2p = ssid->p2p_group; -+ -+ if (wpa_s->parent->set_sta_uapsd) -+ params.uapsd = wpa_s->parent->sta_uapsd; -+ else -+ params.uapsd = -1; -+ -+#ifdef CONFIG_HT_OVERRIDES -+ os_memset(&htcaps, 0, sizeof(htcaps)); -+ os_memset(&htcaps_mask, 0, sizeof(htcaps_mask)); -+ params.htcaps = (u8 *) &htcaps; -+ params.htcaps_mask = (u8 *) &htcaps_mask; -+ wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms); -+#endif /* CONFIG_HT_OVERRIDES */ -+ -+ ret = wpa_drv_associate(wpa_s, ¶ms); -+ if (ret < 0) { -+ wpa_msg(wpa_s, MSG_INFO, "Association request to the driver " -+ "failed"); -+ if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) { -+ /* -+ * The driver is known to mean what is saying, so we -+ * can stop right here; the association will not -+ * succeed. -+ */ -+ wpas_connection_failed(wpa_s, wpa_s->pending_bssid); -+ wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); -+ os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); -+ return; -+ } -+ /* try to continue anyway; new association will be tried again -+ * after timeout */ -+ assoc_failed = 1; -+ } -+ -+ if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { -+ /* Set the key after the association just in case association -+ * cleared the previously configured key. */ -+ wpa_supplicant_set_wpa_none_key(wpa_s, ssid); -+ /* No need to timeout authentication since there is no key -+ * management. */ -+ wpa_supplicant_cancel_auth_timeout(wpa_s); -+ wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); -+#ifdef CONFIG_IBSS_RSN -+ } else if (ssid->mode == WPAS_MODE_IBSS && -+ wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && -+ wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) { -+ /* -+ * RSN IBSS authentication is per-STA and we can disable the -+ * per-BSSID authentication. -+ */ -+ wpa_supplicant_cancel_auth_timeout(wpa_s); -+#endif /* CONFIG_IBSS_RSN */ -+ } else { -+ /* Timeout for IEEE 802.11 authentication and association */ -+ int timeout = 60; -+ -+ if (assoc_failed) { -+ /* give IBSS a bit more time */ -+ timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5; -+ } else if (wpa_s->conf->ap_scan == 1) { -+ /* give IBSS a bit more time */ -+ timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10; -+ } -+ wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); -+ } -+ -+ if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 && -+ capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) { -+ /* Set static WEP keys again */ -+ wpa_set_wep_keys(wpa_s, ssid); -+ } -+ -+ if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) { -+ /* -+ * Do not allow EAP session resumption between different -+ * network configurations. -+ */ -+ eapol_sm_invalidate_cached_session(wpa_s->eapol); -+ } -+ old_ssid = wpa_s->current_ssid; -+ wpa_s->current_ssid = ssid; -+ wpa_s->current_bss = bss; -+ wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); -+ wpa_supplicant_initiate_eapol(wpa_s); -+ if (old_ssid != wpa_s->current_ssid) -+ wpas_notify_network_changed(wpa_s); -+} -+ -+ -+static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s, -+ const u8 *addr) -+{ -+ struct wpa_ssid *old_ssid; -+ -+ wpa_clear_keys(wpa_s, addr); -+ old_ssid = wpa_s->current_ssid; -+ wpa_supplicant_mark_disassoc(wpa_s); -+ wpa_sm_set_config(wpa_s->wpa, NULL); -+ eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); -+ if (old_ssid != wpa_s->current_ssid) -+ wpas_notify_network_changed(wpa_s); -+ eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); -+} -+ -+ -+/** -+ * wpa_supplicant_deauthenticate - Deauthenticate the current connection -+ * @wpa_s: Pointer to wpa_supplicant data -+ * @reason_code: IEEE 802.11 reason code for the deauthenticate frame -+ * -+ * This function is used to request %wpa_supplicant to deauthenticate from the -+ * current AP. -+ */ -+void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s, -+ int reason_code) -+{ -+ u8 *addr = NULL; -+ union wpa_event_data event; -+ int zero_addr = 0; -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR -+ " pending_bssid=" MACSTR " reason=%d state=%s", -+ MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid), -+ reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state)); -+ -+ if (!is_zero_ether_addr(wpa_s->bssid)) -+ addr = wpa_s->bssid; -+ else if (!is_zero_ether_addr(wpa_s->pending_bssid) && -+ (wpa_s->wpa_state == WPA_AUTHENTICATING || -+ wpa_s->wpa_state == WPA_ASSOCIATING)) -+ addr = wpa_s->pending_bssid; -+ else if (wpa_s->wpa_state == WPA_ASSOCIATING) { -+ /* -+ * When using driver-based BSS selection, we may not know the -+ * BSSID with which we are currently trying to associate. We -+ * need to notify the driver of this disconnection even in such -+ * a case, so use the all zeros address here. -+ */ -+ addr = wpa_s->bssid; -+ zero_addr = 1; -+ } -+ -+ if (addr) { -+ wpa_drv_deauthenticate(wpa_s, addr, reason_code); -+ os_memset(&event, 0, sizeof(event)); -+ event.deauth_info.reason_code = (u16) reason_code; -+ event.deauth_info.locally_generated = 1; -+ wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event); -+ if (zero_addr) -+ addr = NULL; -+ } -+ -+ wpa_supplicant_clear_connection(wpa_s, addr); -+} -+ -+ -+/** -+ * wpa_supplicant_enable_network - Mark a configured network as enabled -+ * @wpa_s: wpa_supplicant structure for a network interface -+ * @ssid: wpa_ssid structure for a configured network or %NULL -+ * -+ * Enables the specified network or all networks if no network specified. -+ */ -+void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s, -+ struct wpa_ssid *ssid) -+{ -+ struct wpa_ssid *other_ssid; -+ int was_disabled; -+ -+ if (ssid == NULL) { -+ for (other_ssid = wpa_s->conf->ssid; other_ssid; -+ other_ssid = other_ssid->next) { -+ if (other_ssid->disabled == 2) -+ continue; /* do not change persistent P2P group -+ * data */ -+ if (other_ssid == wpa_s->current_ssid && -+ other_ssid->disabled) -+ wpa_s->reassociate = 1; -+ -+ was_disabled = other_ssid->disabled; -+ -+ other_ssid->disabled = 0; -+ if (was_disabled) -+ wpas_clear_temp_disabled(wpa_s, other_ssid, 0); -+ -+ if (was_disabled != other_ssid->disabled) -+ wpas_notify_network_enabled_changed( -+ wpa_s, other_ssid); -+ } -+ if (wpa_s->reassociate) -+ wpa_supplicant_req_scan(wpa_s, 0, 0); -+ } else if (ssid->disabled && ssid->disabled != 2) { -+ if (wpa_s->current_ssid == NULL) { -+ /* -+ * Try to reassociate since there is no current -+ * configuration and a new network was made available. -+ */ -+ wpa_s->reassociate = 1; -+ wpa_supplicant_req_scan(wpa_s, 0, 0); -+ } -+ -+ was_disabled = ssid->disabled; -+ -+ ssid->disabled = 0; -+ wpas_clear_temp_disabled(wpa_s, ssid, 1); -+ -+ if (was_disabled != ssid->disabled) -+ wpas_notify_network_enabled_changed(wpa_s, ssid); -+ } -+} -+ -+ -+/** -+ * wpa_supplicant_disable_network - Mark a configured network as disabled -+ * @wpa_s: wpa_supplicant structure for a network interface -+ * @ssid: wpa_ssid structure for a configured network or %NULL -+ * -+ * Disables the specified network or all networks if no network specified. -+ */ -+void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s, -+ struct wpa_ssid *ssid) -+{ -+ struct wpa_ssid *other_ssid; -+ int was_disabled; -+ -+ if (ssid == NULL) { -+ for (other_ssid = wpa_s->conf->ssid; other_ssid; -+ other_ssid = other_ssid->next) { -+ was_disabled = other_ssid->disabled; -+ if (was_disabled == 2) -+ continue; /* do not change persistent P2P group -+ * data */ -+ -+ other_ssid->disabled = 1; -+ -+ if (was_disabled != other_ssid->disabled) -+ wpas_notify_network_enabled_changed( -+ wpa_s, other_ssid); -+ } -+ if (wpa_s->current_ssid) -+ wpa_supplicant_deauthenticate( -+ wpa_s, WLAN_REASON_DEAUTH_LEAVING); -+ } else if (ssid->disabled != 2) { -+ if (ssid == wpa_s->current_ssid) -+ wpa_supplicant_deauthenticate( -+ wpa_s, WLAN_REASON_DEAUTH_LEAVING); -+ -+ was_disabled = ssid->disabled; -+ -+ ssid->disabled = 1; -+ -+ if (was_disabled != ssid->disabled) -+ wpas_notify_network_enabled_changed(wpa_s, ssid); -+ } -+} -+ -+ -+/** -+ * wpa_supplicant_select_network - Attempt association with a network -+ * @wpa_s: wpa_supplicant structure for a network interface -+ * @ssid: wpa_ssid structure for a configured network or %NULL for any network -+ */ -+void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s, -+ struct wpa_ssid *ssid) -+{ -+ -+ struct wpa_ssid *other_ssid; -+ int disconnected = 0; -+ -+ if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) { -+ wpa_supplicant_deauthenticate( -+ wpa_s, WLAN_REASON_DEAUTH_LEAVING); -+ disconnected = 1; -+ } -+ -+ if (ssid) -+ wpas_clear_temp_disabled(wpa_s, ssid, 1); -+ -+ /* -+ * Mark all other networks disabled or mark all networks enabled if no -+ * network specified. -+ */ -+ for (other_ssid = wpa_s->conf->ssid; other_ssid; -+ other_ssid = other_ssid->next) { -+ int was_disabled = other_ssid->disabled; -+ if (was_disabled == 2) -+ continue; /* do not change persistent P2P group data */ -+ -+ other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0; -+ if (was_disabled && !other_ssid->disabled) -+ wpas_clear_temp_disabled(wpa_s, other_ssid, 0); -+ -+ if (was_disabled != other_ssid->disabled) -+ wpas_notify_network_enabled_changed(wpa_s, other_ssid); -+ } -+ -+ if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) { -+ /* We are already associated with the selected network */ -+ wpa_printf(MSG_DEBUG, "Already associated with the " -+ "selected network - do nothing"); -+ return; -+ } -+ -+ if (ssid) -+ wpa_s->current_ssid = ssid; -+ wpa_s->connect_without_scan = NULL; -+ wpa_s->disconnected = 0; -+ wpa_s->reassociate = 1; -+ wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0); -+ -+ if (ssid) -+ wpas_notify_network_selected(wpa_s, ssid); -+} -+ -+ -+/** -+ * wpa_supplicant_set_ap_scan - Set AP scan mode for interface -+ * @wpa_s: wpa_supplicant structure for a network interface -+ * @ap_scan: AP scan mode -+ * Returns: 0 if succeed or -1 if ap_scan has an invalid value -+ * -+ */ -+int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan) -+{ -+ -+ int old_ap_scan; -+ -+ if (ap_scan < 0 || ap_scan > 2) -+ return -1; -+ -+#ifdef ANDROID -+ if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan && -+ wpa_s->wpa_state >= WPA_ASSOCIATING && -+ wpa_s->wpa_state < WPA_COMPLETED) { -+ wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while " -+ "associating", wpa_s->conf->ap_scan, ap_scan); -+ return 0; -+ } -+#endif /* ANDROID */ -+ -+ old_ap_scan = wpa_s->conf->ap_scan; -+ wpa_s->conf->ap_scan = ap_scan; -+ -+ if (old_ap_scan != wpa_s->conf->ap_scan) -+ wpas_notify_ap_scan_changed(wpa_s); -+ -+ return 0; -+} -+ -+ -+/** -+ * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age -+ * @wpa_s: wpa_supplicant structure for a network interface -+ * @expire_age: Expiration age in seconds -+ * Returns: 0 if succeed or -1 if expire_age has an invalid value -+ * -+ */ -+int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s, -+ unsigned int bss_expire_age) -+{ -+ if (bss_expire_age < 10) { -+ wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u", -+ bss_expire_age); -+ return -1; -+ } -+ wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec", -+ bss_expire_age); -+ wpa_s->conf->bss_expiration_age = bss_expire_age; -+ -+ return 0; -+} -+ -+ -+/** -+ * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count -+ * @wpa_s: wpa_supplicant structure for a network interface -+ * @expire_count: number of scans after which an unseen BSS is reclaimed -+ * Returns: 0 if succeed or -1 if expire_count has an invalid value -+ * -+ */ -+int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s, -+ unsigned int bss_expire_count) -+{ -+ if (bss_expire_count < 1) { -+ wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u", -+ bss_expire_count); -+ return -1; -+ } -+ wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u", -+ bss_expire_count); -+ wpa_s->conf->bss_expiration_scan_count = bss_expire_count; -+ -+ return 0; -+} -+ -+ -+/** -+ * wpa_supplicant_set_scan_interval - Set scan interval -+ * @wpa_s: wpa_supplicant structure for a network interface -+ * @scan_interval: scan interval in seconds -+ * Returns: 0 if succeed or -1 if scan_interval has an invalid value -+ * -+ */ -+int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s, -+ int scan_interval) -+{ -+ if (scan_interval < 0) { -+ wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d", -+ scan_interval); -+ return -1; -+ } -+ wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec", -+ scan_interval); -+ wpa_s->scan_interval = scan_interval; -+ -+ return 0; -+} -+ -+ -+/** -+ * wpa_supplicant_set_debug_params - Set global debug params -+ * @global: wpa_global structure -+ * @debug_level: debug level -+ * @debug_timestamp: determines if show timestamp in debug data -+ * @debug_show_keys: determines if show keys in debug data -+ * Returns: 0 if succeed or -1 if debug_level has wrong value -+ */ -+int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level, -+ int debug_timestamp, int debug_show_keys) -+{ -+ -+ int old_level, old_timestamp, old_show_keys; -+ -+ /* check for allowed debuglevels */ -+ if (debug_level != MSG_EXCESSIVE && -+ debug_level != MSG_MSGDUMP && -+ debug_level != MSG_DEBUG && -+ debug_level != MSG_INFO && -+ debug_level != MSG_WARNING && -+ debug_level != MSG_ERROR) -+ return -1; -+ -+ old_level = wpa_debug_level; -+ old_timestamp = wpa_debug_timestamp; -+ old_show_keys = wpa_debug_show_keys; -+ -+ wpa_debug_level = debug_level; -+ wpa_debug_timestamp = debug_timestamp ? 1 : 0; -+ wpa_debug_show_keys = debug_show_keys ? 1 : 0; -+ -+ if (wpa_debug_level != old_level) -+ wpas_notify_debug_level_changed(global); -+ if (wpa_debug_timestamp != old_timestamp) -+ wpas_notify_debug_timestamp_changed(global); -+ if (wpa_debug_show_keys != old_show_keys) -+ wpas_notify_debug_show_keys_changed(global); -+ -+ return 0; -+} -+ -+ -+/** -+ * wpa_supplicant_get_ssid - Get a pointer to the current network structure -+ * @wpa_s: Pointer to wpa_supplicant data -+ * Returns: A pointer to the current network structure or %NULL on failure -+ */ -+struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s) -+{ -+ struct wpa_ssid *entry; -+ u8 ssid[MAX_SSID_LEN]; -+ int res; -+ size_t ssid_len; -+ u8 bssid[ETH_ALEN]; -+ int wired; -+ -+ res = wpa_drv_get_ssid(wpa_s, ssid); -+ if (res < 0) { -+ wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from " -+ "driver"); -+ return NULL; -+ } -+ ssid_len = res; -+ -+ if (wpa_drv_get_bssid(wpa_s, bssid) < 0) { -+ wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from " -+ "driver"); -+ return NULL; -+ } -+ -+ wired = wpa_s->conf->ap_scan == 0 && -+ (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED); -+ -+ entry = wpa_s->conf->ssid; -+ while (entry) { -+ if (!wpas_network_disabled(wpa_s, entry) && -+ ((ssid_len == entry->ssid_len && -+ os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) && -+ (!entry->bssid_set || -+ os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) -+ return entry; -+#ifdef CONFIG_WPS -+ if (!wpas_network_disabled(wpa_s, entry) && -+ (entry->key_mgmt & WPA_KEY_MGMT_WPS) && -+ (entry->ssid == NULL || entry->ssid_len == 0) && -+ (!entry->bssid_set || -+ os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) -+ return entry; -+#endif /* CONFIG_WPS */ -+ -+ if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set && -+ entry->ssid_len == 0 && -+ os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0) -+ return entry; -+ -+ entry = entry->next; -+ } -+ -+ return NULL; -+} -+ -+ -+static int select_driver(struct wpa_supplicant *wpa_s, int i) -+{ -+ struct wpa_global *global = wpa_s->global; -+ -+ if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) { -+ global->drv_priv[i] = wpa_drivers[i]->global_init(); -+ if (global->drv_priv[i] == NULL) { -+ wpa_printf(MSG_ERROR, "Failed to initialize driver " -+ "'%s'", wpa_drivers[i]->name); -+ return -1; -+ } -+ } -+ -+ wpa_s->driver = wpa_drivers[i]; -+ wpa_s->global_drv_priv = global->drv_priv[i]; -+ -+ return 0; -+} -+ -+ -+static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s, -+ const char *name) -+{ -+ int i; -+ size_t len; -+ const char *pos, *driver = name; -+ -+ if (wpa_s == NULL) -+ return -1; -+ -+ if (wpa_drivers[0] == NULL) { -+ wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into " -+ "wpa_supplicant"); -+ return -1; -+ } -+ -+ if (name == NULL) { -+ /* default to first driver in the list */ -+ return select_driver(wpa_s, 0); -+ } -+ -+ do { -+ pos = os_strchr(driver, ','); -+ if (pos) -+ len = pos - driver; -+ else -+ len = os_strlen(driver); -+ -+ for (i = 0; wpa_drivers[i]; i++) { -+ if (os_strlen(wpa_drivers[i]->name) == len && -+ os_strncmp(driver, wpa_drivers[i]->name, len) == -+ 0) { -+ /* First driver that succeeds wins */ -+ if (select_driver(wpa_s, i) == 0) -+ return 0; -+ } -+ } -+ -+ driver = pos + 1; -+ } while (pos); -+ -+ wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name); -+ return -1; -+} -+ -+ -+/** -+ * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant -+ * @ctx: Context pointer (wpa_s); this is the ctx variable registered -+ * with struct wpa_driver_ops::init() -+ * @src_addr: Source address of the EAPOL frame -+ * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header) -+ * @len: Length of the EAPOL data -+ * -+ * This function is called for each received EAPOL frame. Most driver -+ * interfaces rely on more generic OS mechanism for receiving frames through -+ * l2_packet, but if such a mechanism is not available, the driver wrapper may -+ * take care of received EAPOL frames and deliver them to the core supplicant -+ * code by calling this function. -+ */ -+void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, -+ const u8 *buf, size_t len) -+{ -+ struct wpa_supplicant *wpa_s = ctx; -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr)); -+ wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len); -+ -+ if (wpa_s->wpa_state < WPA_ASSOCIATED || -+ (wpa_s->last_eapol_matches_bssid && -+#ifdef CONFIG_AP -+ !wpa_s->ap_iface && -+#endif /* CONFIG_AP */ -+ os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) { -+ /* -+ * There is possible race condition between receiving the -+ * association event and the EAPOL frame since they are coming -+ * through different paths from the driver. In order to avoid -+ * issues in trying to process the EAPOL frame before receiving -+ * association information, lets queue it for processing until -+ * the association event is received. This may also be needed in -+ * driver-based roaming case, so also use src_addr != BSSID as a -+ * trigger if we have previously confirmed that the -+ * Authenticator uses BSSID as the src_addr (which is not the -+ * case with wired IEEE 802.1X). -+ */ -+ wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing " -+ "of received EAPOL frame (state=%s bssid=" MACSTR ")", -+ wpa_supplicant_state_txt(wpa_s->wpa_state), -+ MAC2STR(wpa_s->bssid)); -+ wpabuf_free(wpa_s->pending_eapol_rx); -+ wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len); -+ if (wpa_s->pending_eapol_rx) { -+ os_get_time(&wpa_s->pending_eapol_rx_time); -+ os_memcpy(wpa_s->pending_eapol_rx_src, src_addr, -+ ETH_ALEN); -+ } -+ return; -+ } -+ -+ wpa_s->last_eapol_matches_bssid = -+ os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0; -+ -+#ifdef CONFIG_AP -+ if (wpa_s->ap_iface) { -+ wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len); -+ return; -+ } -+#endif /* CONFIG_AP */ -+ -+ if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since " -+ "no key management is configured"); -+ return; -+ } -+ -+ if (wpa_s->eapol_received == 0 && -+ (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) || -+ !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || -+ wpa_s->wpa_state != WPA_COMPLETED) && -+ (wpa_s->current_ssid == NULL || -+ wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) { -+ /* Timeout for completing IEEE 802.1X and WPA authentication */ -+ wpa_supplicant_req_auth_timeout( -+ wpa_s, -+ (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) || -+ wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA || -+ wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ? -+ 70 : 10, 0); -+ } -+ wpa_s->eapol_received++; -+ -+ if (wpa_s->countermeasures) { -+ wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped " -+ "EAPOL packet"); -+ return; -+ } -+ -+#ifdef CONFIG_IBSS_RSN -+ if (wpa_s->current_ssid && -+ wpa_s->current_ssid->mode == WPAS_MODE_IBSS) { -+ ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len); -+ return; -+ } -+#endif /* CONFIG_IBSS_RSN */ -+ -+ /* Source address of the incoming EAPOL frame could be compared to the -+ * current BSSID. However, it is possible that a centralized -+ * Authenticator could be using another MAC address than the BSSID of -+ * an AP, so just allow any address to be used for now. The replies are -+ * still sent to the current BSSID (if available), though. */ -+ -+ os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN); -+ if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) && -+ eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0) -+ return; -+ wpa_drv_poll(wpa_s); -+ if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE)) -+ wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len); -+ else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) { -+ /* -+ * Set portValid = TRUE here since we are going to skip 4-way -+ * handshake processing which would normally set portValid. We -+ * need this to allow the EAPOL state machines to be completed -+ * without going through EAPOL-Key handshake. -+ */ -+ eapol_sm_notify_portValid(wpa_s->eapol, TRUE); -+ } -+} -+ -+ -+int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s) -+{ -+ if (wpa_s->driver->send_eapol) { -+ const u8 *addr = wpa_drv_get_mac_addr(wpa_s); -+ if (addr) -+ os_memcpy(wpa_s->own_addr, addr, ETH_ALEN); -+ } else if (!(wpa_s->drv_flags & -+ WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) { -+ l2_packet_deinit(wpa_s->l2); -+ wpa_s->l2 = l2_packet_init(wpa_s->ifname, -+ wpa_drv_get_mac_addr(wpa_s), -+ ETH_P_EAPOL, -+ wpa_supplicant_rx_eapol, wpa_s, 0); -+ if (wpa_s->l2 == NULL) -+ return -1; -+ } else { -+ const u8 *addr = wpa_drv_get_mac_addr(wpa_s); -+ if (addr) -+ os_memcpy(wpa_s->own_addr, addr, ETH_ALEN); -+ } -+ -+ if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) { -+ wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address"); -+ return -1; -+ } -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR, -+ MAC2STR(wpa_s->own_addr)); -+ wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr); -+ -+ return 0; -+} -+ -+ -+static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr, -+ const u8 *buf, size_t len) -+{ -+ struct wpa_supplicant *wpa_s = ctx; -+ const struct l2_ethhdr *eth; -+ -+ if (len < sizeof(*eth)) -+ return; -+ eth = (const struct l2_ethhdr *) buf; -+ -+ if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 && -+ !(eth->h_dest[0] & 0x01)) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR -+ " (bridge - not for this interface - ignore)", -+ MAC2STR(src_addr), MAC2STR(eth->h_dest)); -+ return; -+ } -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR -+ " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest)); -+ wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth), -+ len - sizeof(*eth)); -+} -+ -+ -+/** -+ * wpa_supplicant_driver_init - Initialize driver interface parameters -+ * @wpa_s: Pointer to wpa_supplicant data -+ * Returns: 0 on success, -1 on failure -+ * -+ * This function is called to initialize driver interface parameters. -+ * wpa_drv_init() must have been called before this function to initialize the -+ * driver interface. -+ */ -+int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s) -+{ -+ static int interface_count = 0; -+ -+ if (wpa_supplicant_update_mac_addr(wpa_s) < 0) -+ return -1; -+ -+ if (wpa_s->bridge_ifname[0]) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge " -+ "interface '%s'", wpa_s->bridge_ifname); -+ wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname, -+ wpa_s->own_addr, -+ ETH_P_EAPOL, -+ wpa_supplicant_rx_eapol_bridge, -+ wpa_s, 1); -+ if (wpa_s->l2_br == NULL) { -+ wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet " -+ "connection for the bridge interface '%s'", -+ wpa_s->bridge_ifname); -+ return -1; -+ } -+ } -+ -+ wpa_clear_keys(wpa_s, NULL); -+ -+ /* Make sure that TKIP countermeasures are not left enabled (could -+ * happen if wpa_supplicant is killed during countermeasures. */ -+ wpa_drv_set_countermeasures(wpa_s, 0); -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver"); -+ wpa_drv_flush_pmkid(wpa_s); -+ -+ wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN; -+ wpa_s->prev_scan_wildcard = 0; -+ -+ if (wpa_supplicant_enabled_networks(wpa_s)) { -+ if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count, -+ 100000)) -+ wpa_supplicant_req_scan(wpa_s, interface_count, -+ 100000); -+ interface_count++; -+ } else -+ wpa_supplicant_set_state(wpa_s, WPA_INACTIVE); -+ -+ return 0; -+} -+ -+ -+static int wpa_supplicant_daemon(const char *pid_file) -+{ -+ wpa_printf(MSG_DEBUG, "Daemonize.."); -+ return os_daemonize(pid_file); -+} -+ -+ -+static struct wpa_supplicant * wpa_supplicant_alloc(void) -+{ -+ struct wpa_supplicant *wpa_s; -+ -+ wpa_s = os_zalloc(sizeof(*wpa_s)); -+ if (wpa_s == NULL) -+ return NULL; -+ wpa_s->scan_req = INITIAL_SCAN_REQ; -+ wpa_s->scan_interval = 5; -+ wpa_s->new_connection = 1; -+ wpa_s->parent = wpa_s; -+ wpa_s->sched_scanning = 0; -+ -+ return wpa_s; -+} -+ -+ -+#ifdef CONFIG_HT_OVERRIDES -+ -+static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s, -+ struct ieee80211_ht_capabilities *htcaps, -+ struct ieee80211_ht_capabilities *htcaps_mask, -+ const char *ht_mcs) -+{ -+ /* parse ht_mcs into hex array */ -+ int i; -+ const char *tmp = ht_mcs; -+ char *end = NULL; -+ -+ /* If ht_mcs is null, do not set anything */ -+ if (!ht_mcs) -+ return 0; -+ -+ /* This is what we are setting in the kernel */ -+ os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN); -+ -+ wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs); -+ -+ for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) { -+ errno = 0; -+ long v = strtol(tmp, &end, 16); -+ if (errno == 0) { -+ wpa_msg(wpa_s, MSG_DEBUG, -+ "htcap value[%i]: %ld end: %p tmp: %p", -+ i, v, end, tmp); -+ if (end == tmp) -+ break; -+ -+ htcaps->supported_mcs_set[i] = v; -+ tmp = end; -+ } else { -+ wpa_msg(wpa_s, MSG_ERROR, -+ "Failed to parse ht-mcs: %s, error: %s\n", -+ ht_mcs, strerror(errno)); -+ return -1; -+ } -+ } -+ -+ /* -+ * If we were able to parse any values, then set mask for the MCS set. -+ */ -+ if (i) { -+ os_memset(&htcaps_mask->supported_mcs_set, 0xff, -+ IEEE80211_HT_MCS_MASK_LEN - 1); -+ /* skip the 3 reserved bits */ -+ htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] = -+ 0x1f; -+ } -+ -+ return 0; -+} -+ -+ -+static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s, -+ struct ieee80211_ht_capabilities *htcaps, -+ struct ieee80211_ht_capabilities *htcaps_mask, -+ int disabled) -+{ -+ u16 msk; -+ -+ wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled); -+ -+ if (disabled == -1) -+ return 0; -+ -+ msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE); -+ htcaps_mask->ht_capabilities_info |= msk; -+ if (disabled) -+ htcaps->ht_capabilities_info &= msk; -+ else -+ htcaps->ht_capabilities_info |= msk; -+ -+ return 0; -+} -+ -+ -+static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s, -+ struct ieee80211_ht_capabilities *htcaps, -+ struct ieee80211_ht_capabilities *htcaps_mask, -+ int factor) -+{ -+ wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor); -+ -+ if (factor == -1) -+ return 0; -+ -+ if (factor < 0 || factor > 3) { -+ wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. " -+ "Must be 0-3 or -1", factor); -+ return -EINVAL; -+ } -+ -+ htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */ -+ htcaps->a_mpdu_params &= ~0x3; -+ htcaps->a_mpdu_params |= factor & 0x3; -+ -+ return 0; -+} -+ -+ -+static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s, -+ struct ieee80211_ht_capabilities *htcaps, -+ struct ieee80211_ht_capabilities *htcaps_mask, -+ int density) -+{ -+ wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density); -+ -+ if (density == -1) -+ return 0; -+ -+ if (density < 0 || density > 7) { -+ wpa_msg(wpa_s, MSG_ERROR, -+ "ampdu_density: %d out of range. Must be 0-7 or -1.", -+ density); -+ return -EINVAL; -+ } -+ -+ htcaps_mask->a_mpdu_params |= 0x1C; -+ htcaps->a_mpdu_params &= ~(0x1C); -+ htcaps->a_mpdu_params |= (density << 2) & 0x1C; -+ -+ return 0; -+} -+ -+ -+static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s, -+ struct ieee80211_ht_capabilities *htcaps, -+ struct ieee80211_ht_capabilities *htcaps_mask, -+ int disabled) -+{ -+ /* Masking these out disables HT40 */ -+ u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET | -+ HT_CAP_INFO_SHORT_GI40MHZ); -+ -+ wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled); -+ -+ if (disabled) -+ htcaps->ht_capabilities_info &= ~msk; -+ else -+ htcaps->ht_capabilities_info |= msk; -+ -+ htcaps_mask->ht_capabilities_info |= msk; -+ -+ return 0; -+} -+ -+ -+static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s, -+ struct ieee80211_ht_capabilities *htcaps, -+ struct ieee80211_ht_capabilities *htcaps_mask, -+ int disabled) -+{ -+ /* Masking these out disables SGI */ -+ u16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ | -+ HT_CAP_INFO_SHORT_GI40MHZ); -+ -+ wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled); -+ -+ if (disabled) -+ htcaps->ht_capabilities_info &= ~msk; -+ else -+ htcaps->ht_capabilities_info |= msk; -+ -+ htcaps_mask->ht_capabilities_info |= msk; -+ -+ return 0; -+} -+ -+ -+void wpa_supplicant_apply_ht_overrides( -+ struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, -+ struct wpa_driver_associate_params *params) -+{ -+ struct ieee80211_ht_capabilities *htcaps; -+ struct ieee80211_ht_capabilities *htcaps_mask; -+ -+ if (!ssid) -+ return; -+ -+ params->disable_ht = ssid->disable_ht; -+ if (!params->htcaps || !params->htcaps_mask) -+ return; -+ -+ htcaps = (struct ieee80211_ht_capabilities *) params->htcaps; -+ htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask; -+ wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs); -+ wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask, -+ ssid->disable_max_amsdu); -+ wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor); -+ wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density); -+ wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40); -+ wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi); -+} -+ -+#endif /* CONFIG_HT_OVERRIDES */ -+ -+ -+static int pcsc_reader_init(struct wpa_supplicant *wpa_s) -+{ -+#ifdef PCSC_FUNCS -+ size_t len; -+ -+ if (!wpa_s->conf->pcsc_reader) -+ return 0; -+ -+ wpa_s->scard = scard_init(SCARD_TRY_BOTH, wpa_s->conf->pcsc_reader); -+ if (!wpa_s->scard) -+ return 1; -+ -+ if (wpa_s->conf->pcsc_pin && -+ scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) { -+ scard_deinit(wpa_s->scard); -+ wpa_s->scard = NULL; -+ wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed"); -+ return -1; -+ } -+ -+ len = sizeof(wpa_s->imsi) - 1; -+ if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) { -+ scard_deinit(wpa_s->scard); -+ wpa_s->scard = NULL; -+ wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI"); -+ return -1; -+ } -+ wpa_s->imsi[len] = '\0'; -+ -+ wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard); -+ -+ wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)", -+ wpa_s->imsi, wpa_s->mnc_len); -+ -+ wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard); -+ eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard); -+#endif /* PCSC_FUNCS */ -+ -+ return 0; -+} -+ -+ -+int wpas_init_ext_pw(struct wpa_supplicant *wpa_s) -+{ -+ char *val, *pos; -+ -+ ext_password_deinit(wpa_s->ext_pw); -+ wpa_s->ext_pw = NULL; -+ eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL); -+ -+ if (!wpa_s->conf->ext_password_backend) -+ return 0; -+ -+ val = os_strdup(wpa_s->conf->ext_password_backend); -+ if (val == NULL) -+ return -1; -+ pos = os_strchr(val, ':'); -+ if (pos) -+ *pos++ = '\0'; -+ -+ wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val); -+ -+ wpa_s->ext_pw = ext_password_init(val, pos); -+ os_free(val); -+ if (wpa_s->ext_pw == NULL) { -+ wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend"); -+ return -1; -+ } -+ eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw); -+ -+ return 0; -+} -+ -+ -+static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, -+ struct wpa_interface *iface) -+{ -+ const char *ifname, *driver; -+ struct wpa_driver_capa capa; -+ -+ wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver " -+ "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname, -+ iface->confname ? iface->confname : "N/A", -+ iface->driver ? iface->driver : "default", -+ iface->ctrl_interface ? iface->ctrl_interface : "N/A", -+ iface->bridge_ifname ? iface->bridge_ifname : "N/A"); -+ -+ if (iface->confname) { -+#ifdef CONFIG_BACKEND_FILE -+ wpa_s->confname = os_rel2abs_path(iface->confname); -+ if (wpa_s->confname == NULL) { -+ wpa_printf(MSG_ERROR, "Failed to get absolute path " -+ "for configuration file '%s'.", -+ iface->confname); -+ return -1; -+ } -+ wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'", -+ iface->confname, wpa_s->confname); -+#else /* CONFIG_BACKEND_FILE */ -+ wpa_s->confname = os_strdup(iface->confname); -+#endif /* CONFIG_BACKEND_FILE */ -+ wpa_s->conf = wpa_config_read(wpa_s->confname); -+ if (wpa_s->conf == NULL) { -+ wpa_printf(MSG_ERROR, "Failed to read or parse " -+ "configuration '%s'.", wpa_s->confname); -+ return -1; -+ } -+ -+ /* -+ * Override ctrl_interface and driver_param if set on command -+ * line. -+ */ -+ if (iface->ctrl_interface) { -+ os_free(wpa_s->conf->ctrl_interface); -+ wpa_s->conf->ctrl_interface = -+ os_strdup(iface->ctrl_interface); -+ } -+ -+ if (iface->driver_param) { -+ os_free(wpa_s->conf->driver_param); -+ wpa_s->conf->driver_param = -+ os_strdup(iface->driver_param); -+ } -+ } else -+ wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface, -+ iface->driver_param); -+ -+ if (wpa_s->conf == NULL) { -+ wpa_printf(MSG_ERROR, "\nNo configuration found."); -+ return -1; -+ } -+ -+ if (iface->ifname == NULL) { -+ wpa_printf(MSG_ERROR, "\nInterface name is required."); -+ return -1; -+ } -+ if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) { -+ wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.", -+ iface->ifname); -+ return -1; -+ } -+ os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname)); -+ -+ if (iface->bridge_ifname) { -+ if (os_strlen(iface->bridge_ifname) >= -+ sizeof(wpa_s->bridge_ifname)) { -+ wpa_printf(MSG_ERROR, "\nToo long bridge interface " -+ "name '%s'.", iface->bridge_ifname); -+ return -1; -+ } -+ os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname, -+ sizeof(wpa_s->bridge_ifname)); -+ } -+ -+ /* RSNA Supplicant Key Management - INITIALIZE */ -+ eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); -+ eapol_sm_notify_portValid(wpa_s->eapol, FALSE); -+ -+ /* Initialize driver interface and register driver event handler before -+ * L2 receive handler so that association events are processed before -+ * EAPOL-Key packets if both become available for the same select() -+ * call. */ -+ driver = iface->driver; -+next_driver: -+ if (wpa_supplicant_set_driver(wpa_s, driver) < 0) -+ return -1; -+ -+ wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname); -+ if (wpa_s->drv_priv == NULL) { -+ const char *pos; -+ pos = driver ? os_strchr(driver, ',') : NULL; -+ if (pos) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize " -+ "driver interface - try next driver wrapper"); -+ driver = pos + 1; -+ goto next_driver; -+ } -+ wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver " -+ "interface"); -+ return -1; -+ } -+ if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) { -+ wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected " -+ "driver_param '%s'", wpa_s->conf->driver_param); -+ return -1; -+ } -+ -+ ifname = wpa_drv_get_ifname(wpa_s); -+ if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced " -+ "interface name with '%s'", ifname); -+ os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname)); -+ } -+ -+ if (wpa_supplicant_init_wpa(wpa_s) < 0) -+ return -1; -+ -+ wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname, -+ wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname : -+ NULL); -+ wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); -+ -+ if (wpa_s->conf->dot11RSNAConfigPMKLifetime && -+ wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME, -+ wpa_s->conf->dot11RSNAConfigPMKLifetime)) { -+ wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " -+ "dot11RSNAConfigPMKLifetime"); -+ return -1; -+ } -+ -+ if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold && -+ wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD, -+ wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) { -+ wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " -+ "dot11RSNAConfigPMKReauthThreshold"); -+ return -1; -+ } -+ -+ if (wpa_s->conf->dot11RSNAConfigSATimeout && -+ wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT, -+ wpa_s->conf->dot11RSNAConfigSATimeout)) { -+ wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " -+ "dot11RSNAConfigSATimeout"); -+ return -1; -+ } -+ -+ wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s, -+ &wpa_s->hw.num_modes, -+ &wpa_s->hw.flags); -+ -+ if (wpa_drv_get_capa(wpa_s, &capa) == 0) { -+ wpa_s->drv_capa_known = 1; -+ wpa_s->drv_flags = capa.flags; -+ wpa_s->drv_enc = capa.enc; -+ wpa_s->probe_resp_offloads = capa.probe_resp_offloads; -+ wpa_s->max_scan_ssids = capa.max_scan_ssids; -+ wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids; -+ wpa_s->sched_scan_supported = capa.sched_scan_supported; -+ wpa_s->max_match_sets = capa.max_match_sets; -+ wpa_s->max_remain_on_chan = capa.max_remain_on_chan; -+ wpa_s->max_stations = capa.max_stations; -+ } -+ if (wpa_s->max_remain_on_chan == 0) -+ wpa_s->max_remain_on_chan = 1000; -+ -+ if (wpa_supplicant_driver_init(wpa_s) < 0) -+ return -1; -+ -+#ifdef CONFIG_TDLS -+ if (wpa_tdls_init(wpa_s->wpa)) -+ return -1; -+#endif /* CONFIG_TDLS */ -+ -+ if (wpa_s->conf->country[0] && wpa_s->conf->country[1] && -+ wpa_drv_set_country(wpa_s, wpa_s->conf->country)) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country"); -+ return -1; -+ } -+ -+ if (wpas_wps_init(wpa_s)) -+ return -1; -+ -+ if (wpa_supplicant_init_eapol(wpa_s) < 0) -+ return -1; -+ wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol); -+ -+ wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); -+ if (wpa_s->ctrl_iface == NULL) { -+ wpa_printf(MSG_ERROR, -+ "Failed to initialize control interface '%s'.\n" -+ "You may have another wpa_supplicant process " -+ "already running or the file was\n" -+ "left by an unclean termination of wpa_supplicant " -+ "in which case you will need\n" -+ "to manually remove this file before starting " -+ "wpa_supplicant again.\n", -+ wpa_s->conf->ctrl_interface); -+ return -1; -+ } -+ -+ wpa_s->gas = gas_query_init(wpa_s); -+ if (wpa_s->gas == NULL) { -+ wpa_printf(MSG_ERROR, "Failed to initialize GAS query"); -+ return -1; -+ } -+ -+#ifdef CONFIG_P2P -+ if (wpas_p2p_init(wpa_s->global, wpa_s) < 0) { -+ wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P"); -+ return -1; -+ } -+#endif /* CONFIG_P2P */ -+ -+ if (wpa_bss_init(wpa_s) < 0) -+ return -1; -+ -+ if (pcsc_reader_init(wpa_s) < 0) -+ return -1; -+ -+ if (wpas_init_ext_pw(wpa_s) < 0) -+ return -1; -+ -+ return 0; -+} -+ -+ -+static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s, -+ int notify, int terminate) -+{ -+ if (wpa_s->drv_priv) { -+ wpa_supplicant_deauthenticate(wpa_s, -+ WLAN_REASON_DEAUTH_LEAVING); -+ -+ wpa_drv_set_countermeasures(wpa_s, 0); -+ wpa_clear_keys(wpa_s, NULL); -+ } -+ -+ wpa_supplicant_cleanup(wpa_s); -+ -+#ifdef CONFIG_P2P -+ if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing " -+ "the management interface is being removed"); -+ wpas_p2p_deinit_global(wpa_s->global); -+ } -+#endif /* CONFIG_P2P */ -+ -+ if (wpa_s->drv_priv) -+ wpa_drv_deinit(wpa_s); -+ -+ if (notify) -+ wpas_notify_iface_removed(wpa_s); -+ -+ if (terminate) -+ wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING); -+ -+ if (wpa_s->ctrl_iface) { -+ wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface); -+ wpa_s->ctrl_iface = NULL; -+ } -+ -+ if (wpa_s->conf != NULL) { -+ wpa_config_free(wpa_s->conf); -+ wpa_s->conf = NULL; -+ } -+} -+ -+ -+/** -+ * wpa_supplicant_add_iface - Add a new network interface -+ * @global: Pointer to global data from wpa_supplicant_init() -+ * @iface: Interface configuration options -+ * Returns: Pointer to the created interface or %NULL on failure -+ * -+ * This function is used to add new network interfaces for %wpa_supplicant. -+ * This can be called before wpa_supplicant_run() to add interfaces before the -+ * main event loop has been started. In addition, new interfaces can be added -+ * dynamically while %wpa_supplicant is already running. This could happen, -+ * e.g., when a hotplug network adapter is inserted. -+ */ -+struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global, -+ struct wpa_interface *iface) -+{ -+ struct wpa_supplicant *wpa_s; -+ struct wpa_interface t_iface; -+ struct wpa_ssid *ssid; -+ -+ if (global == NULL || iface == NULL) -+ return NULL; -+ -+ wpa_s = wpa_supplicant_alloc(); -+ if (wpa_s == NULL) -+ return NULL; -+ -+ wpa_s->global = global; -+ -+ t_iface = *iface; -+ if (global->params.override_driver) { -+ wpa_printf(MSG_DEBUG, "Override interface parameter: driver " -+ "('%s' -> '%s')", -+ iface->driver, global->params.override_driver); -+ t_iface.driver = global->params.override_driver; -+ } -+ if (global->params.override_ctrl_interface) { -+ wpa_printf(MSG_DEBUG, "Override interface parameter: " -+ "ctrl_interface ('%s' -> '%s')", -+ iface->ctrl_interface, -+ global->params.override_ctrl_interface); -+ t_iface.ctrl_interface = -+ global->params.override_ctrl_interface; -+ } -+ if (wpa_supplicant_init_iface(wpa_s, &t_iface)) { -+ wpa_printf(MSG_DEBUG, "Failed to add interface %s", -+ iface->ifname); -+ wpa_supplicant_deinit_iface(wpa_s, 0, 0); -+ os_free(wpa_s); -+ return NULL; -+ } -+ -+ /* Notify the control interfaces about new iface */ -+ if (wpas_notify_iface_added(wpa_s)) { -+ wpa_supplicant_deinit_iface(wpa_s, 1, 0); -+ os_free(wpa_s); -+ return NULL; -+ } -+ -+ for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) -+ wpas_notify_network_added(wpa_s, ssid); -+ -+ wpa_s->next = global->ifaces; -+ global->ifaces = wpa_s; -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname); -+ wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); -+ -+ return wpa_s; -+} -+ -+ -+/** -+ * wpa_supplicant_remove_iface - Remove a network interface -+ * @global: Pointer to global data from wpa_supplicant_init() -+ * @wpa_s: Pointer to the network interface to be removed -+ * Returns: 0 if interface was removed, -1 if interface was not found -+ * -+ * This function can be used to dynamically remove network interfaces from -+ * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In -+ * addition, this function is used to remove all remaining interfaces when -+ * %wpa_supplicant is terminated. -+ */ -+int wpa_supplicant_remove_iface(struct wpa_global *global, -+ struct wpa_supplicant *wpa_s, -+ int terminate) -+{ -+ struct wpa_supplicant *prev; -+ -+ /* Remove interface from the global list of interfaces */ -+ prev = global->ifaces; -+ if (prev == wpa_s) { -+ global->ifaces = wpa_s->next; -+ } else { -+ while (prev && prev->next != wpa_s) -+ prev = prev->next; -+ if (prev == NULL) -+ return -1; -+ prev->next = wpa_s->next; -+ } -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname); -+ -+ if (global->p2p_group_formation == wpa_s) -+ global->p2p_group_formation = NULL; -+ wpa_supplicant_deinit_iface(wpa_s, 1, terminate); -+ os_free(wpa_s); -+ -+ return 0; -+} -+ -+ -+/** -+ * wpa_supplicant_get_eap_mode - Get the current EAP mode -+ * @wpa_s: Pointer to the network interface -+ * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found -+ */ -+const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s) -+{ -+ const char *eapol_method; -+ -+ if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 && -+ wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) { -+ return "NO-EAP"; -+ } -+ -+ eapol_method = eapol_sm_get_method_name(wpa_s->eapol); -+ if (eapol_method == NULL) -+ return "UNKNOWN-EAP"; -+ -+ return eapol_method; -+} -+ -+ -+/** -+ * wpa_supplicant_get_iface - Get a new network interface -+ * @global: Pointer to global data from wpa_supplicant_init() -+ * @ifname: Interface name -+ * Returns: Pointer to the interface or %NULL if not found -+ */ -+struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global, -+ const char *ifname) -+{ -+ struct wpa_supplicant *wpa_s; -+ -+ for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { -+ if (os_strcmp(wpa_s->ifname, ifname) == 0) -+ return wpa_s; -+ } -+ return NULL; -+} -+ -+ -+#ifndef CONFIG_NO_WPA_MSG -+static const char * wpa_supplicant_msg_ifname_cb(void *ctx) -+{ -+ struct wpa_supplicant *wpa_s = ctx; -+ if (wpa_s == NULL) -+ return NULL; -+ return wpa_s->ifname; -+} -+#endif /* CONFIG_NO_WPA_MSG */ -+ -+ -+/** -+ * wpa_supplicant_init - Initialize %wpa_supplicant -+ * @params: Parameters for %wpa_supplicant -+ * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure -+ * -+ * This function is used to initialize %wpa_supplicant. After successful -+ * initialization, the returned data pointer can be used to add and remove -+ * network interfaces, and eventually, to deinitialize %wpa_supplicant. -+ */ -+struct wpa_global * wpa_supplicant_init(struct wpa_params *params) -+{ -+ struct wpa_global *global; -+ int ret, i; -+ -+ if (params == NULL) -+ return NULL; -+ -+#ifdef CONFIG_DRIVER_NDIS -+ { -+ void driver_ndis_init_ops(void); -+ driver_ndis_init_ops(); -+ } -+#endif /* CONFIG_DRIVER_NDIS */ -+ -+#ifndef CONFIG_NO_WPA_MSG -+ wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb); -+#endif /* CONFIG_NO_WPA_MSG */ -+ -+ wpa_debug_open_file(params->wpa_debug_file_path); -+ if (params->wpa_debug_syslog) -+ wpa_debug_open_syslog(); -+ if (params->wpa_debug_tracing) { -+ ret = wpa_debug_open_linux_tracing(); -+ if (ret) { -+ wpa_printf(MSG_ERROR, -+ "Failed to enable trace logging"); -+ return NULL; -+ } -+ } -+ -+ ret = eap_register_methods(); -+ if (ret) { -+ wpa_printf(MSG_ERROR, "Failed to register EAP methods"); -+ if (ret == -2) -+ wpa_printf(MSG_ERROR, "Two or more EAP methods used " -+ "the same EAP type."); -+ return NULL; -+ } -+ -+ global = os_zalloc(sizeof(*global)); -+ if (global == NULL) -+ return NULL; -+ dl_list_init(&global->p2p_srv_bonjour); -+ dl_list_init(&global->p2p_srv_upnp); -+ global->params.daemonize = params->daemonize; -+ global->params.wait_for_monitor = params->wait_for_monitor; -+ global->params.dbus_ctrl_interface = params->dbus_ctrl_interface; -+ if (params->pid_file) -+ global->params.pid_file = os_strdup(params->pid_file); -+ if (params->ctrl_interface) -+ global->params.ctrl_interface = -+ os_strdup(params->ctrl_interface); -+ if (params->override_driver) -+ global->params.override_driver = -+ os_strdup(params->override_driver); -+ if (params->override_ctrl_interface) -+ global->params.override_ctrl_interface = -+ os_strdup(params->override_ctrl_interface); -+ wpa_debug_level = global->params.wpa_debug_level = -+ params->wpa_debug_level; -+ wpa_debug_show_keys = global->params.wpa_debug_show_keys = -+ params->wpa_debug_show_keys; -+ wpa_debug_timestamp = global->params.wpa_debug_timestamp = -+ params->wpa_debug_timestamp; -+ -+ wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR); -+ -+ if (eloop_init()) { -+ wpa_printf(MSG_ERROR, "Failed to initialize event loop"); -+ wpa_supplicant_deinit(global); -+ return NULL; -+ } -+ -+ random_init(params->entropy_file); -+ -+ global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global); -+ if (global->ctrl_iface == NULL) { -+ wpa_supplicant_deinit(global); -+ return NULL; -+ } -+ -+ if (wpas_notify_supplicant_initialized(global)) { -+ wpa_supplicant_deinit(global); -+ return NULL; -+ } -+ -+ for (i = 0; wpa_drivers[i]; i++) -+ global->drv_count++; -+ if (global->drv_count == 0) { -+ wpa_printf(MSG_ERROR, "No drivers enabled"); -+ wpa_supplicant_deinit(global); -+ return NULL; -+ } -+ global->drv_priv = os_zalloc(global->drv_count * sizeof(void *)); -+ if (global->drv_priv == NULL) { -+ wpa_supplicant_deinit(global); -+ return NULL; -+ } -+ -+#ifdef CONFIG_WIFI_DISPLAY -+ if (wifi_display_init(global) < 0) { -+ wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display"); -+ wpa_supplicant_deinit(global); -+ return NULL; -+ } -+#endif /* CONFIG_WIFI_DISPLAY */ -+ -+ return global; -+} -+ -+ -+/** -+ * wpa_supplicant_run - Run the %wpa_supplicant main event loop -+ * @global: Pointer to global data from wpa_supplicant_init() -+ * Returns: 0 after successful event loop run, -1 on failure -+ * -+ * This function starts the main event loop and continues running as long as -+ * there are any remaining events. In most cases, this function is running as -+ * long as the %wpa_supplicant process in still in use. -+ */ -+int wpa_supplicant_run(struct wpa_global *global) -+{ -+ struct wpa_supplicant *wpa_s; -+ -+ if (global->params.daemonize && -+ wpa_supplicant_daemon(global->params.pid_file)) -+ return -1; -+ -+ if (global->params.wait_for_monitor) { -+ for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) -+ if (wpa_s->ctrl_iface) -+ wpa_supplicant_ctrl_iface_wait( -+ wpa_s->ctrl_iface); -+ } -+ -+ eloop_register_signal_terminate(wpa_supplicant_terminate, global); -+ eloop_register_signal_reconfig(wpa_supplicant_reconfig, global); -+ -+ eloop_run(); -+ -+ return 0; -+} -+ -+ -+/** -+ * wpa_supplicant_deinit - Deinitialize %wpa_supplicant -+ * @global: Pointer to global data from wpa_supplicant_init() -+ * -+ * This function is called to deinitialize %wpa_supplicant and to free all -+ * allocated resources. Remaining network interfaces will also be removed. -+ */ -+void wpa_supplicant_deinit(struct wpa_global *global) -+{ -+ int i; -+ -+ if (global == NULL) -+ return; -+ -+#ifdef CONFIG_WIFI_DISPLAY -+ wifi_display_deinit(global); -+#endif /* CONFIG_WIFI_DISPLAY */ -+#ifdef CONFIG_P2P -+ wpas_p2p_deinit_global(global); -+#endif /* CONFIG_P2P */ -+ -+ while (global->ifaces) -+ wpa_supplicant_remove_iface(global, global->ifaces, 1); -+ -+ if (global->ctrl_iface) -+ wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface); -+ -+ wpas_notify_supplicant_deinitialized(global); -+ -+ eap_peer_unregister_methods(); -+#ifdef CONFIG_AP -+ eap_server_unregister_methods(); -+#endif /* CONFIG_AP */ -+ -+ for (i = 0; wpa_drivers[i] && global->drv_priv; i++) { -+ if (!global->drv_priv[i]) -+ continue; -+ wpa_drivers[i]->global_deinit(global->drv_priv[i]); -+ } -+ os_free(global->drv_priv); -+ -+ random_deinit(); -+ -+ eloop_destroy(); -+ -+ if (global->params.pid_file) { -+ os_daemonize_terminate(global->params.pid_file); -+ os_free(global->params.pid_file); -+ } -+ os_free(global->params.ctrl_interface); -+ os_free(global->params.override_driver); -+ os_free(global->params.override_ctrl_interface); -+ -+ os_free(global->p2p_disallow_freq); -+ -+ os_free(global); -+ wpa_debug_close_syslog(); -+ wpa_debug_close_file(); -+ wpa_debug_close_linux_tracing(); -+} -+ -+ -+void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s) -+{ -+ if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) && -+ wpa_s->conf->country[0] && wpa_s->conf->country[1]) { -+ char country[3]; -+ country[0] = wpa_s->conf->country[0]; -+ country[1] = wpa_s->conf->country[1]; -+ country[2] = '\0'; -+ if (wpa_drv_set_country(wpa_s, country) < 0) { -+ wpa_printf(MSG_ERROR, "Failed to set country code " -+ "'%s'", country); -+ } -+ } -+ -+ if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND) -+ wpas_init_ext_pw(wpa_s); -+ -+#ifdef CONFIG_WPS -+ wpas_wps_update_config(wpa_s); -+#endif /* CONFIG_WPS */ -+ -+#ifdef CONFIG_P2P -+ wpas_p2p_update_config(wpa_s); -+#endif /* CONFIG_P2P */ -+ -+ wpa_s->conf->changed_parameters = 0; -+} -+ -+ -+static void add_freq(int *freqs, int *num_freqs, int freq) -+{ -+ int i; -+ -+ for (i = 0; i < *num_freqs; i++) { -+ if (freqs[i] == freq) -+ return; -+ } -+ -+ freqs[*num_freqs] = freq; -+ (*num_freqs)++; -+} -+ -+ -+static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s) -+{ -+ struct wpa_bss *bss, *cbss; -+ const int max_freqs = 10; -+ int *freqs; -+ int num_freqs = 0; -+ -+ freqs = os_zalloc(sizeof(int) * (max_freqs + 1)); -+ if (freqs == NULL) -+ return NULL; -+ -+ cbss = wpa_s->current_bss; -+ -+ dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { -+ if (bss == cbss) -+ continue; -+ if (bss->ssid_len == cbss->ssid_len && -+ os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 && -+ wpa_blacklist_get(wpa_s, bss->bssid) == NULL) { -+ add_freq(freqs, &num_freqs, bss->freq); -+ if (num_freqs == max_freqs) -+ break; -+ } -+ } -+ -+ if (num_freqs == 0) { -+ os_free(freqs); -+ freqs = NULL; -+ } -+ -+ return freqs; -+} -+ -+ -+void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid) -+{ -+ int timeout; -+ int count; -+ int *freqs = NULL; -+ -+ /* -+ * Remove possible authentication timeout since the connection failed. -+ */ -+ eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); -+ -+ /* -+ * Add the failed BSSID into the blacklist and speed up next scan -+ * attempt if there could be other APs that could accept association. -+ * The current blacklist count indicates how many times we have tried -+ * connecting to this AP and multiple attempts mean that other APs are -+ * either not available or has already been tried, so that we can start -+ * increasing the delay here to avoid constant scanning. -+ */ -+ count = wpa_blacklist_add(wpa_s, bssid); -+ if (count == 1 && wpa_s->current_bss) { -+ /* -+ * This BSS was not in the blacklist before. If there is -+ * another BSS available for the same ESS, we should try that -+ * next. Otherwise, we may as well try this one once more -+ * before allowing other, likely worse, ESSes to be considered. -+ */ -+ freqs = get_bss_freqs_in_ess(wpa_s); -+ if (freqs) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS " -+ "has been seen; try it next"); -+ wpa_blacklist_add(wpa_s, bssid); -+ /* -+ * On the next scan, go through only the known channels -+ * used in this ESS based on previous scans to speed up -+ * common load balancing use case. -+ */ -+ os_free(wpa_s->next_scan_freqs); -+ wpa_s->next_scan_freqs = freqs; -+ } -+ } -+ -+ /* -+ * Add previous failure count in case the temporary blacklist was -+ * cleared due to no other BSSes being available. -+ */ -+ count += wpa_s->extra_blacklist_count; -+ -+ switch (count) { -+ case 1: -+ timeout = 100; -+ break; -+ case 2: -+ timeout = 500; -+ break; -+ case 3: -+ timeout = 1000; -+ break; -+ case 4: -+ timeout = 5000; -+ break; -+ default: -+ timeout = 10000; -+ break; -+ } -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d " -+ "ms", count, timeout); -+ -+ /* -+ * TODO: if more than one possible AP is available in scan results, -+ * could try the other ones before requesting a new scan. -+ */ -+ wpa_supplicant_req_scan(wpa_s, timeout / 1000, -+ 1000 * (timeout % 1000)); -+ -+#ifdef CONFIG_P2P -+ if (wpa_s->global->p2p_cb_on_scan_complete && !wpa_s->global->p2p_disabled && -+ wpa_s->global->p2p != NULL) { -+ wpa_s->global->p2p_cb_on_scan_complete = 0; -+ if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation " -+ "continued after failed association"); -+ } -+ } -+#endif /* CONFIG_P2P */ -+} -+ -+ -+int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s) -+{ -+ return wpa_s->conf->ap_scan == 2 || -+ (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION); -+} -+ -+ -+#if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW) -+int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s, -+ struct wpa_ssid *ssid, -+ const char *field, -+ const char *value) -+{ -+#ifdef IEEE8021X_EAPOL -+ struct eap_peer_config *eap = &ssid->eap; -+ -+ wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field); -+ wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value", -+ (const u8 *) value, os_strlen(value)); -+ -+ switch (wpa_supplicant_ctrl_req_from_string(field)) { -+ case WPA_CTRL_REQ_EAP_IDENTITY: -+ os_free(eap->identity); -+ eap->identity = (u8 *) os_strdup(value); -+ eap->identity_len = os_strlen(value); -+ eap->pending_req_identity = 0; -+ if (ssid == wpa_s->current_ssid) -+ wpa_s->reassociate = 1; -+ break; -+ case WPA_CTRL_REQ_EAP_PASSWORD: -+ os_free(eap->password); -+ eap->password = (u8 *) os_strdup(value); -+ eap->password_len = os_strlen(value); -+ eap->pending_req_password = 0; -+ if (ssid == wpa_s->current_ssid) -+ wpa_s->reassociate = 1; -+ break; -+ case WPA_CTRL_REQ_EAP_NEW_PASSWORD: -+ os_free(eap->new_password); -+ eap->new_password = (u8 *) os_strdup(value); -+ eap->new_password_len = os_strlen(value); -+ eap->pending_req_new_password = 0; -+ if (ssid == wpa_s->current_ssid) -+ wpa_s->reassociate = 1; -+ break; -+ case WPA_CTRL_REQ_EAP_PIN: -+ os_free(eap->pin); -+ eap->pin = os_strdup(value); -+ eap->pending_req_pin = 0; -+ if (ssid == wpa_s->current_ssid) -+ wpa_s->reassociate = 1; -+ break; -+ case WPA_CTRL_REQ_EAP_OTP: -+ os_free(eap->otp); -+ eap->otp = (u8 *) os_strdup(value); -+ eap->otp_len = os_strlen(value); -+ os_free(eap->pending_req_otp); -+ eap->pending_req_otp = NULL; -+ eap->pending_req_otp_len = 0; -+ break; -+ case WPA_CTRL_REQ_EAP_PASSPHRASE: -+ os_free(eap->private_key_passwd); -+ eap->private_key_passwd = (u8 *) os_strdup(value); -+ eap->pending_req_passphrase = 0; -+ if (ssid == wpa_s->current_ssid) -+ wpa_s->reassociate = 1; -+ break; -+ default: -+ wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field); -+ return -1; -+ } -+ -+ return 0; -+#else /* IEEE8021X_EAPOL */ -+ wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included"); -+ return -1; -+#endif /* IEEE8021X_EAPOL */ -+} -+#endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */ -+ -+ -+int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) -+{ -+ int i; -+ unsigned int drv_enc; -+ -+ if (ssid == NULL) -+ return 1; -+ -+ if (ssid->disabled) -+ return 1; -+ -+ if (wpa_s && wpa_s->drv_capa_known) -+ drv_enc = wpa_s->drv_enc; -+ else -+ drv_enc = (unsigned int) -1; -+ -+ for (i = 0; i < NUM_WEP_KEYS; i++) { -+ size_t len = ssid->wep_key_len[i]; -+ if (len == 0) -+ continue; -+ if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40)) -+ continue; -+ if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104)) -+ continue; -+ if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128)) -+ continue; -+ return 1; /* invalid WEP key */ -+ } -+ -+ if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set && -+ !ssid->ext_psk) -+ return 1; -+ -+ return 0; -+} -+ -+ -+int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s) -+{ -+ if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P) -+ return 1; -+ if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA) -+ return 0; -+ return -1; -+} -+ -+ -+void wpas_auth_failed(struct wpa_supplicant *wpa_s) -+{ -+ struct wpa_ssid *ssid = wpa_s->current_ssid; -+ int dur; -+ struct os_time now; -+ -+ if (ssid == NULL) { -+ wpa_printf(MSG_DEBUG, "Authentication failure but no known " -+ "SSID block"); -+ return; -+ } -+ -+ if (ssid->key_mgmt == WPA_KEY_MGMT_WPS) -+ return; -+ -+ ssid->auth_failures++; -+ if (ssid->auth_failures > 50) -+ dur = 300; -+ else if (ssid->auth_failures > 20) -+ dur = 120; -+ else if (ssid->auth_failures > 10) -+ dur = 60; -+ else if (ssid->auth_failures > 5) -+ dur = 30; -+ else if (ssid->auth_failures > 1) -+ dur = 20; -+ else -+ dur = 10; -+ -+ os_get_time(&now); -+ if (now.sec + dur <= ssid->disabled_until.sec) -+ return; -+ -+ ssid->disabled_until.sec = now.sec + dur; -+ -+ wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED -+ "id=%d ssid=\"%s\" auth_failures=%u duration=%d", -+ ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len), -+ ssid->auth_failures, dur); -+} -+ -+ -+void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s, -+ struct wpa_ssid *ssid, int clear_failures) -+{ -+ if (ssid == NULL) -+ return; -+ -+ if (ssid->disabled_until.sec) { -+ wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED -+ "id=%d ssid=\"%s\"", -+ ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); -+ } -+ ssid->disabled_until.sec = 0; -+ ssid->disabled_until.usec = 0; -+ if (clear_failures) -+ ssid->auth_failures = 0; -+} -+ -+ -+int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid) -+{ -+ size_t i; -+ -+ if (wpa_s->disallow_aps_bssid == NULL) -+ return 0; -+ -+ for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) { -+ if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN, -+ bssid, ETH_ALEN) == 0) -+ return 1; -+ } -+ -+ return 0; -+} -+ -+ -+int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid, -+ size_t ssid_len) -+{ -+ size_t i; -+ -+ if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL) -+ return 0; -+ -+ for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) { -+ struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i]; -+ if (ssid_len == s->ssid_len && -+ os_memcmp(ssid, s->ssid, ssid_len) == 0) -+ return 1; -+ } -+ -+ return 0; -+} -+ -+ -+/** -+ * wpas_request_connection - Request a new connection -+ * @wpa_s: Pointer to the network interface -+ * -+ * This function is used to request a new connection to be found. It will mark -+ * the interface to allow reassociation and request a new scan to find a -+ * suitable network to connect to. -+ */ -+void wpas_request_connection(struct wpa_supplicant *wpa_s) -+{ -+ wpa_s->normal_scans = 0; -+ wpa_supplicant_reinit_autoscan(wpa_s); -+ wpa_s->extra_blacklist_count = 0; -+ wpa_s->disconnected = 0; -+ wpa_s->reassociate = 1; -+ wpa_supplicant_req_scan(wpa_s, 0, 0); -+} diff --git a/source/n/wpa_supplicant/patches/flush-debug-output.diff b/source/n/wpa_supplicant/patches/flush-debug-output.diff index f85d3780..7d6af7b3 100644 --- a/source/n/wpa_supplicant/patches/flush-debug-output.diff +++ b/source/n/wpa_supplicant/patches/flush-debug-output.diff @@ -48,695 +48,3 @@ diff -Nur wpa_supplicant-2.0.orig/src/utils/wpa_debug.c wpa_supplicant-2.0/src/u } else { #endif /* CONFIG_DEBUG_FILE */ if (!show) { -diff -Nur wpa_supplicant-2.0.orig/src/utils/wpa_debug.c.orig wpa_supplicant-2.0/src/utils/wpa_debug.c.orig ---- wpa_supplicant-2.0.orig/src/utils/wpa_debug.c.orig 1969-12-31 18:00:00.000000000 -0600 -+++ wpa_supplicant-2.0/src/utils/wpa_debug.c.orig 2013-01-12 09:42:53.000000000 -0600 -@@ -0,0 +1,688 @@ -+/* -+ * wpa_supplicant/hostapd / Debug prints -+ * Copyright (c) 2002-2007, Jouni Malinen <j@w1.fi> -+ * -+ * This software may be distributed under the terms of the BSD license. -+ * See README for more details. -+ */ -+ -+#include "includes.h" -+ -+#include "common.h" -+ -+#ifdef CONFIG_DEBUG_SYSLOG -+#include <syslog.h> -+ -+static int wpa_debug_syslog = 0; -+#endif /* CONFIG_DEBUG_SYSLOG */ -+ -+#ifdef CONFIG_DEBUG_LINUX_TRACING -+#include <sys/types.h> -+#include <sys/stat.h> -+#include <fcntl.h> -+#include <string.h> -+#include <stdio.h> -+ -+static FILE *wpa_debug_tracing_file = NULL; -+ -+#define WPAS_TRACE_PFX "wpas <%d>: " -+#endif /* CONFIG_DEBUG_LINUX_TRACING */ -+ -+ -+int wpa_debug_level = MSG_INFO; -+int wpa_debug_show_keys = 0; -+int wpa_debug_timestamp = 0; -+ -+ -+#ifdef CONFIG_ANDROID_LOG -+ -+#include <android/log.h> -+ -+#ifndef ANDROID_LOG_NAME -+#define ANDROID_LOG_NAME "wpa_supplicant" -+#endif /* ANDROID_LOG_NAME */ -+ -+static int wpa_to_android_level(int level) -+{ -+ if (level == MSG_ERROR) -+ return ANDROID_LOG_ERROR; -+ if (level == MSG_WARNING) -+ return ANDROID_LOG_WARN; -+ if (level == MSG_INFO) -+ return ANDROID_LOG_INFO; -+ return ANDROID_LOG_DEBUG; -+} -+ -+#endif /* CONFIG_ANDROID_LOG */ -+ -+#ifndef CONFIG_NO_STDOUT_DEBUG -+ -+#ifdef CONFIG_DEBUG_FILE -+static FILE *out_file = NULL; -+#endif /* CONFIG_DEBUG_FILE */ -+ -+ -+void wpa_debug_print_timestamp(void) -+{ -+#ifndef CONFIG_ANDROID_LOG -+ struct os_time tv; -+ -+ if (!wpa_debug_timestamp) -+ return; -+ -+ os_get_time(&tv); -+#ifdef CONFIG_DEBUG_FILE -+ if (out_file) { -+ fprintf(out_file, "%ld.%06u: ", (long) tv.sec, -+ (unsigned int) tv.usec); -+ } else -+#endif /* CONFIG_DEBUG_FILE */ -+ printf("%ld.%06u: ", (long) tv.sec, (unsigned int) tv.usec); -+#endif /* CONFIG_ANDROID_LOG */ -+} -+ -+ -+#ifdef CONFIG_DEBUG_SYSLOG -+#ifndef LOG_HOSTAPD -+#define LOG_HOSTAPD LOG_DAEMON -+#endif /* LOG_HOSTAPD */ -+ -+void wpa_debug_open_syslog(void) -+{ -+ openlog("wpa_supplicant", LOG_PID | LOG_NDELAY, LOG_HOSTAPD); -+ wpa_debug_syslog++; -+} -+ -+ -+void wpa_debug_close_syslog(void) -+{ -+ if (wpa_debug_syslog) -+ closelog(); -+} -+ -+ -+static int syslog_priority(int level) -+{ -+ switch (level) { -+ case MSG_MSGDUMP: -+ case MSG_DEBUG: -+ return LOG_DEBUG; -+ case MSG_INFO: -+ return LOG_NOTICE; -+ case MSG_WARNING: -+ return LOG_WARNING; -+ case MSG_ERROR: -+ return LOG_ERR; -+ } -+ return LOG_INFO; -+} -+#endif /* CONFIG_DEBUG_SYSLOG */ -+ -+ -+#ifdef CONFIG_DEBUG_LINUX_TRACING -+ -+int wpa_debug_open_linux_tracing(void) -+{ -+ int mounts, trace_fd; -+ char buf[4096] = {}; -+ ssize_t buflen; -+ char *line, *tmp1, *path = NULL; -+ -+ mounts = open("/proc/mounts", O_RDONLY); -+ if (mounts < 0) { -+ printf("no /proc/mounts\n"); -+ return -1; -+ } -+ -+ buflen = read(mounts, buf, sizeof(buf) - 1); -+ close(mounts); -+ if (buflen < 0) { -+ printf("failed to read /proc/mounts\n"); -+ return -1; -+ } -+ -+ line = strtok_r(buf, "\n", &tmp1); -+ while (line) { -+ char *tmp2, *tmp_path, *fstype; -+ /* "<dev> <mountpoint> <fs type> ..." */ -+ strtok_r(line, " ", &tmp2); -+ tmp_path = strtok_r(NULL, " ", &tmp2); -+ fstype = strtok_r(NULL, " ", &tmp2); -+ if (strcmp(fstype, "debugfs") == 0) { -+ path = tmp_path; -+ break; -+ } -+ -+ line = strtok_r(NULL, "\n", &tmp1); -+ } -+ -+ if (path == NULL) { -+ printf("debugfs mountpoint not found\n"); -+ return -1; -+ } -+ -+ snprintf(buf, sizeof(buf) - 1, "%s/tracing/trace_marker", path); -+ -+ trace_fd = open(buf, O_WRONLY); -+ if (trace_fd < 0) { -+ printf("failed to open trace_marker file\n"); -+ return -1; -+ } -+ wpa_debug_tracing_file = fdopen(trace_fd, "w"); -+ if (wpa_debug_tracing_file == NULL) { -+ close(trace_fd); -+ printf("failed to fdopen()\n"); -+ return -1; -+ } -+ -+ return 0; -+} -+ -+ -+void wpa_debug_close_linux_tracing(void) -+{ -+ if (wpa_debug_tracing_file == NULL) -+ return; -+ fclose(wpa_debug_tracing_file); -+ wpa_debug_tracing_file = NULL; -+} -+ -+#endif /* CONFIG_DEBUG_LINUX_TRACING */ -+ -+ -+/** -+ * wpa_printf - conditional printf -+ * @level: priority level (MSG_*) of the message -+ * @fmt: printf format string, followed by optional arguments -+ * -+ * This function is used to print conditional debugging and error messages. The -+ * output may be directed to stdout, stderr, and/or syslog based on -+ * configuration. -+ * -+ * Note: New line '\n' is added to the end of the text when printing to stdout. -+ */ -+void wpa_printf(int level, const char *fmt, ...) -+{ -+ va_list ap; -+ -+ va_start(ap, fmt); -+ if (level >= wpa_debug_level) { -+#ifdef CONFIG_ANDROID_LOG -+ __android_log_vprint(wpa_to_android_level(level), -+ ANDROID_LOG_NAME, fmt, ap); -+#else /* CONFIG_ANDROID_LOG */ -+#ifdef CONFIG_DEBUG_SYSLOG -+ if (wpa_debug_syslog) { -+ vsyslog(syslog_priority(level), fmt, ap); -+ } else { -+#endif /* CONFIG_DEBUG_SYSLOG */ -+ wpa_debug_print_timestamp(); -+#ifdef CONFIG_DEBUG_FILE -+ if (out_file) { -+ vfprintf(out_file, fmt, ap); -+ fprintf(out_file, "\n"); -+ } else { -+#endif /* CONFIG_DEBUG_FILE */ -+ vprintf(fmt, ap); -+ printf("\n"); -+#ifdef CONFIG_DEBUG_FILE -+ } -+#endif /* CONFIG_DEBUG_FILE */ -+#ifdef CONFIG_DEBUG_SYSLOG -+ } -+#endif /* CONFIG_DEBUG_SYSLOG */ -+#endif /* CONFIG_ANDROID_LOG */ -+ } -+ va_end(ap); -+ -+#ifdef CONFIG_DEBUG_LINUX_TRACING -+ if (wpa_debug_tracing_file != NULL) { -+ va_start(ap, fmt); -+ fprintf(wpa_debug_tracing_file, WPAS_TRACE_PFX, level); -+ vfprintf(wpa_debug_tracing_file, fmt, ap); -+ fprintf(wpa_debug_tracing_file, "\n"); -+ fflush(wpa_debug_tracing_file); -+ va_end(ap); -+ } -+#endif /* CONFIG_DEBUG_LINUX_TRACING */ -+} -+ -+ -+static void _wpa_hexdump(int level, const char *title, const u8 *buf, -+ size_t len, int show) -+{ -+ size_t i; -+ -+#ifdef CONFIG_DEBUG_LINUX_TRACING -+ if (wpa_debug_tracing_file != NULL) { -+ fprintf(wpa_debug_tracing_file, -+ WPAS_TRACE_PFX "%s - hexdump(len=%lu):", -+ level, title, (unsigned long) len); -+ if (buf == NULL) { -+ fprintf(wpa_debug_tracing_file, " [NULL]\n"); -+ } else if (!show) { -+ fprintf(wpa_debug_tracing_file, " [REMOVED]\n"); -+ } else { -+ for (i = 0; i < len; i++) -+ fprintf(wpa_debug_tracing_file, -+ " %02x", buf[i]); -+ } -+ fflush(wpa_debug_tracing_file); -+ } -+#endif /* CONFIG_DEBUG_LINUX_TRACING */ -+ -+ if (level < wpa_debug_level) -+ return; -+#ifdef CONFIG_ANDROID_LOG -+ { -+ const char *display; -+ char *strbuf = NULL; -+ size_t slen = len; -+ if (buf == NULL) { -+ display = " [NULL]"; -+ } else if (len == 0) { -+ display = ""; -+ } else if (show && len) { -+ /* Limit debug message length for Android log */ -+ if (slen > 32) -+ slen = 32; -+ strbuf = os_malloc(1 + 3 * slen); -+ if (strbuf == NULL) { -+ wpa_printf(MSG_ERROR, "wpa_hexdump: Failed to " -+ "allocate message buffer"); -+ return; -+ } -+ -+ for (i = 0; i < slen; i++) -+ os_snprintf(&strbuf[i * 3], 4, " %02x", -+ buf[i]); -+ -+ display = strbuf; -+ } else { -+ display = " [REMOVED]"; -+ } -+ -+ __android_log_print(wpa_to_android_level(level), -+ ANDROID_LOG_NAME, -+ "%s - hexdump(len=%lu):%s%s", -+ title, (long unsigned int) len, display, -+ len > slen ? " ..." : ""); -+ os_free(strbuf); -+ return; -+ } -+#else /* CONFIG_ANDROID_LOG */ -+#ifdef CONFIG_DEBUG_SYSLOG -+ if (wpa_debug_syslog) { -+ const char *display; -+ char *strbuf = NULL; -+ -+ if (buf == NULL) { -+ display = " [NULL]"; -+ } else if (len == 0) { -+ display = ""; -+ } else if (show && len) { -+ strbuf = os_malloc(1 + 3 * len); -+ if (strbuf == NULL) { -+ wpa_printf(MSG_ERROR, "wpa_hexdump: Failed to " -+ "allocate message buffer"); -+ return; -+ } -+ -+ for (i = 0; i < len; i++) -+ os_snprintf(&strbuf[i * 3], 4, " %02x", -+ buf[i]); -+ -+ display = strbuf; -+ } else { -+ display = " [REMOVED]"; -+ } -+ -+ syslog(syslog_priority(level), "%s - hexdump(len=%lu):%s", -+ title, (unsigned long) len, display); -+ os_free(strbuf); -+ return; -+ } -+#endif /* CONFIG_DEBUG_SYSLOG */ -+ wpa_debug_print_timestamp(); -+#ifdef CONFIG_DEBUG_FILE -+ if (out_file) { -+ fprintf(out_file, "%s - hexdump(len=%lu):", -+ title, (unsigned long) len); -+ if (buf == NULL) { -+ fprintf(out_file, " [NULL]"); -+ } else if (show) { -+ for (i = 0; i < len; i++) -+ fprintf(out_file, " %02x", buf[i]); -+ } else { -+ fprintf(out_file, " [REMOVED]"); -+ } -+ fprintf(out_file, "\n"); -+ } else { -+#endif /* CONFIG_DEBUG_FILE */ -+ printf("%s - hexdump(len=%lu):", title, (unsigned long) len); -+ if (buf == NULL) { -+ printf(" [NULL]"); -+ } else if (show) { -+ for (i = 0; i < len; i++) -+ printf(" %02x", buf[i]); -+ } else { -+ printf(" [REMOVED]"); -+ } -+ printf("\n"); -+#ifdef CONFIG_DEBUG_FILE -+ } -+#endif /* CONFIG_DEBUG_FILE */ -+#endif /* CONFIG_ANDROID_LOG */ -+} -+ -+void wpa_hexdump(int level, const char *title, const u8 *buf, size_t len) -+{ -+ _wpa_hexdump(level, title, buf, len, 1); -+} -+ -+ -+void wpa_hexdump_key(int level, const char *title, const u8 *buf, size_t len) -+{ -+ _wpa_hexdump(level, title, buf, len, wpa_debug_show_keys); -+} -+ -+ -+static void _wpa_hexdump_ascii(int level, const char *title, const u8 *buf, -+ size_t len, int show) -+{ -+ size_t i, llen; -+ const u8 *pos = buf; -+ const size_t line_len = 16; -+ -+#ifdef CONFIG_DEBUG_LINUX_TRACING -+ if (wpa_debug_tracing_file != NULL) { -+ fprintf(wpa_debug_tracing_file, -+ WPAS_TRACE_PFX "%s - hexdump_ascii(len=%lu):", -+ level, title, (unsigned long) len); -+ if (buf == NULL) { -+ fprintf(wpa_debug_tracing_file, " [NULL]\n"); -+ } else if (!show) { -+ fprintf(wpa_debug_tracing_file, " [REMOVED]\n"); -+ } else { -+ /* can do ascii processing in userspace */ -+ for (i = 0; i < len; i++) -+ fprintf(wpa_debug_tracing_file, -+ " %02x", buf[i]); -+ } -+ fflush(wpa_debug_tracing_file); -+ } -+#endif /* CONFIG_DEBUG_LINUX_TRACING */ -+ -+ if (level < wpa_debug_level) -+ return; -+#ifdef CONFIG_ANDROID_LOG -+ _wpa_hexdump(level, title, buf, len, show); -+#else /* CONFIG_ANDROID_LOG */ -+ wpa_debug_print_timestamp(); -+#ifdef CONFIG_DEBUG_FILE -+ if (out_file) { -+ if (!show) { -+ fprintf(out_file, -+ "%s - hexdump_ascii(len=%lu): [REMOVED]\n", -+ title, (unsigned long) len); -+ return; -+ } -+ if (buf == NULL) { -+ fprintf(out_file, -+ "%s - hexdump_ascii(len=%lu): [NULL]\n", -+ title, (unsigned long) len); -+ return; -+ } -+ fprintf(out_file, "%s - hexdump_ascii(len=%lu):\n", -+ title, (unsigned long) len); -+ while (len) { -+ llen = len > line_len ? line_len : len; -+ fprintf(out_file, " "); -+ for (i = 0; i < llen; i++) -+ fprintf(out_file, " %02x", pos[i]); -+ for (i = llen; i < line_len; i++) -+ fprintf(out_file, " "); -+ fprintf(out_file, " "); -+ for (i = 0; i < llen; i++) { -+ if (isprint(pos[i])) -+ fprintf(out_file, "%c", pos[i]); -+ else -+ fprintf(out_file, "_"); -+ } -+ for (i = llen; i < line_len; i++) -+ fprintf(out_file, " "); -+ fprintf(out_file, "\n"); -+ pos += llen; -+ len -= llen; -+ } -+ } else { -+#endif /* CONFIG_DEBUG_FILE */ -+ if (!show) { -+ printf("%s - hexdump_ascii(len=%lu): [REMOVED]\n", -+ title, (unsigned long) len); -+ return; -+ } -+ if (buf == NULL) { -+ printf("%s - hexdump_ascii(len=%lu): [NULL]\n", -+ title, (unsigned long) len); -+ return; -+ } -+ printf("%s - hexdump_ascii(len=%lu):\n", title, (unsigned long) len); -+ while (len) { -+ llen = len > line_len ? line_len : len; -+ printf(" "); -+ for (i = 0; i < llen; i++) -+ printf(" %02x", pos[i]); -+ for (i = llen; i < line_len; i++) -+ printf(" "); -+ printf(" "); -+ for (i = 0; i < llen; i++) { -+ if (isprint(pos[i])) -+ printf("%c", pos[i]); -+ else -+ printf("_"); -+ } -+ for (i = llen; i < line_len; i++) -+ printf(" "); -+ printf("\n"); -+ pos += llen; -+ len -= llen; -+ } -+#ifdef CONFIG_DEBUG_FILE -+ } -+#endif /* CONFIG_DEBUG_FILE */ -+#endif /* CONFIG_ANDROID_LOG */ -+} -+ -+ -+void wpa_hexdump_ascii(int level, const char *title, const u8 *buf, size_t len) -+{ -+ _wpa_hexdump_ascii(level, title, buf, len, 1); -+} -+ -+ -+void wpa_hexdump_ascii_key(int level, const char *title, const u8 *buf, -+ size_t len) -+{ -+ _wpa_hexdump_ascii(level, title, buf, len, wpa_debug_show_keys); -+} -+ -+ -+#ifdef CONFIG_DEBUG_FILE -+static char *last_path = NULL; -+#endif /* CONFIG_DEBUG_FILE */ -+ -+int wpa_debug_reopen_file(void) -+{ -+#ifdef CONFIG_DEBUG_FILE -+ int rv; -+ if (last_path) { -+ char *tmp = os_strdup(last_path); -+ wpa_debug_close_file(); -+ rv = wpa_debug_open_file(tmp); -+ os_free(tmp); -+ } else { -+ wpa_printf(MSG_ERROR, "Last-path was not set, cannot " -+ "re-open log file."); -+ rv = -1; -+ } -+ return rv; -+#else /* CONFIG_DEBUG_FILE */ -+ return 0; -+#endif /* CONFIG_DEBUG_FILE */ -+} -+ -+ -+int wpa_debug_open_file(const char *path) -+{ -+#ifdef CONFIG_DEBUG_FILE -+ if (!path) -+ return 0; -+ -+ if (last_path == NULL || os_strcmp(last_path, path) != 0) { -+ /* Save our path to enable re-open */ -+ os_free(last_path); -+ last_path = os_strdup(path); -+ } -+ -+ out_file = fopen(path, "a"); -+ if (out_file == NULL) { -+ wpa_printf(MSG_ERROR, "wpa_debug_open_file: Failed to open " -+ "output file, using standard output"); -+ return -1; -+ } -+#ifndef _WIN32 -+ setvbuf(out_file, NULL, _IOLBF, 0); -+#endif /* _WIN32 */ -+#endif /* CONFIG_DEBUG_FILE */ -+ return 0; -+} -+ -+ -+void wpa_debug_close_file(void) -+{ -+#ifdef CONFIG_DEBUG_FILE -+ if (!out_file) -+ return; -+ fclose(out_file); -+ out_file = NULL; -+ os_free(last_path); -+ last_path = NULL; -+#endif /* CONFIG_DEBUG_FILE */ -+} -+ -+#endif /* CONFIG_NO_STDOUT_DEBUG */ -+ -+ -+#ifndef CONFIG_NO_WPA_MSG -+static wpa_msg_cb_func wpa_msg_cb = NULL; -+ -+void wpa_msg_register_cb(wpa_msg_cb_func func) -+{ -+ wpa_msg_cb = func; -+} -+ -+ -+static wpa_msg_get_ifname_func wpa_msg_ifname_cb = NULL; -+ -+void wpa_msg_register_ifname_cb(wpa_msg_get_ifname_func func) -+{ -+ wpa_msg_ifname_cb = func; -+} -+ -+ -+void wpa_msg(void *ctx, int level, const char *fmt, ...) -+{ -+ va_list ap; -+ char *buf; -+ const int buflen = 2048; -+ int len; -+ char prefix[130]; -+ -+ buf = os_malloc(buflen); -+ if (buf == NULL) { -+ wpa_printf(MSG_ERROR, "wpa_msg: Failed to allocate message " -+ "buffer"); -+ return; -+ } -+ va_start(ap, fmt); -+ prefix[0] = '\0'; -+ if (wpa_msg_ifname_cb) { -+ const char *ifname = wpa_msg_ifname_cb(ctx); -+ if (ifname) { -+ int res = os_snprintf(prefix, sizeof(prefix), "%s: ", -+ ifname); -+ if (res < 0 || res >= (int) sizeof(prefix)) -+ prefix[0] = '\0'; -+ } -+ } -+ len = vsnprintf(buf, buflen, fmt, ap); -+ va_end(ap); -+ wpa_printf(level, "%s%s", prefix, buf); -+ if (wpa_msg_cb) -+ wpa_msg_cb(ctx, level, buf, len); -+ os_free(buf); -+} -+ -+ -+void wpa_msg_ctrl(void *ctx, int level, const char *fmt, ...) -+{ -+ va_list ap; -+ char *buf; -+ const int buflen = 2048; -+ int len; -+ -+ if (!wpa_msg_cb) -+ return; -+ -+ buf = os_malloc(buflen); -+ if (buf == NULL) { -+ wpa_printf(MSG_ERROR, "wpa_msg_ctrl: Failed to allocate " -+ "message buffer"); -+ return; -+ } -+ va_start(ap, fmt); -+ len = vsnprintf(buf, buflen, fmt, ap); -+ va_end(ap); -+ wpa_msg_cb(ctx, level, buf, len); -+ os_free(buf); -+} -+#endif /* CONFIG_NO_WPA_MSG */ -+ -+ -+#ifndef CONFIG_NO_HOSTAPD_LOGGER -+static hostapd_logger_cb_func hostapd_logger_cb = NULL; -+ -+void hostapd_logger_register_cb(hostapd_logger_cb_func func) -+{ -+ hostapd_logger_cb = func; -+} -+ -+ -+void hostapd_logger(void *ctx, const u8 *addr, unsigned int module, int level, -+ const char *fmt, ...) -+{ -+ va_list ap; -+ char *buf; -+ const int buflen = 2048; -+ int len; -+ -+ buf = os_malloc(buflen); -+ if (buf == NULL) { -+ wpa_printf(MSG_ERROR, "hostapd_logger: Failed to allocate " -+ "message buffer"); -+ return; -+ } -+ va_start(ap, fmt); -+ len = vsnprintf(buf, buflen, fmt, ap); -+ va_end(ap); -+ if (hostapd_logger_cb) -+ hostapd_logger_cb(ctx, addr, module, level, buf, len); -+ else if (addr) -+ wpa_printf(MSG_DEBUG, "hostapd_logger: STA " MACSTR " - %s", -+ MAC2STR(addr), buf); -+ else -+ wpa_printf(MSG_DEBUG, "hostapd_logger: %s", buf); -+ os_free(buf); -+} -+#endif /* CONFIG_NO_HOSTAPD_LOGGER */ diff --git a/source/n/wpa_supplicant/patches/quiet-scan-results-message.diff b/source/n/wpa_supplicant/patches/quiet-scan-results-message.diff index eda38c77..533ad5cc 100644 --- a/source/n/wpa_supplicant/patches/quiet-scan-results-message.diff +++ b/source/n/wpa_supplicant/patches/quiet-scan-results-message.diff @@ -1,12 +1,16 @@ -diff -Nur wpa_supplicant-2.0.orig/wpa_supplicant/events.c wpa_supplicant-2.0/wpa_supplicant/events.c ---- wpa_supplicant-2.0.orig/wpa_supplicant/events.c 2013-01-12 09:42:53.000000000 -0600 -+++ wpa_supplicant-2.0/wpa_supplicant/events.c 2013-05-11 14:08:26.813457800 -0500 -@@ -1147,7 +1147,7 @@ +--- ./wpa_supplicant/events.c.orig 2014-10-09 09:41:31.000000000 -0500 ++++ ./wpa_supplicant/events.c 2014-12-04 13:09:49.477850355 -0600 +@@ -1330,11 +1330,11 @@ + wpa_s->own_scan_running, wpa_s->external_scan_running); + if (wpa_s->last_scan_req == MANUAL_SCAN_REQ && + wpa_s->manual_scan_use_id && wpa_s->own_scan_running) { +- wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS "id=%u", ++ wpa_msg_ctrl(wpa_s, MSG_DEBUG, WPA_EVENT_SCAN_RESULTS "id=%u", + wpa_s->manual_scan_id); + wpa_s->manual_scan_use_id = 0; + } else { +- wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS); ++ wpa_msg_ctrl(wpa_s, MSG_DEBUG, WPA_EVENT_SCAN_RESULTS); } - - wpa_dbg(wpa_s, MSG_DEBUG, "New scan results available"); -- wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS); -+ wpa_msg_ctrl(wpa_s, MSG_DEBUG, WPA_EVENT_SCAN_RESULTS); wpas_notify_scan_results(wpa_s); - wpas_notify_scan_done(wpa_s, 1); diff --git a/source/n/wpa_supplicant/wpa_supplicant.SlackBuild b/source/n/wpa_supplicant/wpa_supplicant.SlackBuild index 5cb22daa..8657c4a6 100755 --- a/source/n/wpa_supplicant/wpa_supplicant.SlackBuild +++ b/source/n/wpa_supplicant/wpa_supplicant.SlackBuild @@ -1,7 +1,7 @@ #!/bin/sh # Copyright 2004-2008 Eric Hameleers, Eindhoven, NL -# Copyright 2008-2010 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008-2015 Patrick J. Volkerding, Sebeka, MN, USA # Permission to use, copy, modify, and distribute this software for # any purpose with or without fee is hereby granted, provided that # the above copyright notice and this permission notice appear in all @@ -22,7 +22,7 @@ # ----------------------------------------------------------------------------- PKGNAM=wpa_supplicant -VERSION=2.0 +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} BUILD=${BUILD:-1} SRCVERSION=$(printf $VERSION | tr _ -) @@ -30,7 +30,7 @@ SRCVERSION=$(printf $VERSION | tr _ -) # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -39,8 +39,8 @@ fi NUMJOBS=${NUMJOBS:-" -j7 "} -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -78,14 +78,14 @@ find . \ # Fixup various paths in the dbus service file -patch -p1 < $CWD/patches/dbus-service-file-args.diff +cat $CWD/patches/dbus-service-file-args.diff | patch -p1 --verbose || exit 1 # Eliminate some logspam -patch -p1 < $CWD/patches/quiet-scan-results-message.diff +cat $CWD/patches/quiet-scan-results-message.diff | patch -p1 --verbose || exit 1 # Apply a couple of other patches from Fedora -patch -p1 < $CWD/patches/assoc-timeout.diff -patch -p1 < $CWD/patches/flush-debug-output.diff +cat $CWD/patches/assoc-timeout.diff | patch -p1 --verbose || exit 1 +cat $CWD/patches/flush-debug-output.diff | patch -p1 --verbose || exit 1 cd wpa_supplicant @@ -156,6 +156,14 @@ cp -a \ chown -R root:root $PKG/usr/doc/$PKGNAM-$VERSION/* chmod -R a-w $PKG/usr/doc/$PKGNAM-$VERSION/* +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc zcat $CWD/doinst.sh.gz >> $PKG/install/doinst.sh diff --git a/source/n/yptools/yp-tools-2.14-glibc217-crypt.diff b/source/n/yptools/yp-tools-2.14-glibc217-crypt.diff index cce3ad44..148b0663 100644 --- a/source/n/yptools/yp-tools-2.14-glibc217-crypt.diff +++ b/source/n/yptools/yp-tools-2.14-glibc217-crypt.diff @@ -74,7 +74,7 @@ Author: mancha - yppwd.newpw.pw_passwd = strdup (crypt (buf, salt)); + crypted_pass = crypt (buf, salt); -+ if (crypted_pass == NULL); ++ if (crypted_pass == NULL) + { + printf (_("crypt() call failed - password unchanged.\n")); + return 1; diff --git a/source/n/yptools/yptools.SlackBuild b/source/n/yptools/yptools.SlackBuild index 7baeeb61..3b876935 100755 --- a/source/n/yptools/yptools.SlackBuild +++ b/source/n/yptools/yptools.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2016 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -23,25 +23,25 @@ # Package version number: VERSION=2.14 -BUILD=${BUILD:-2} +BUILD=${BUILD:-7} YPTOOLS=$VERSION -YPBINDMT=1.37.1 +YPBINDMT=1.38 #YPMAKE=0.11 -YPSERV=2.31 +YPSERV=2.32.1 # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; esac fi -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -196,12 +196,14 @@ cd ypserv-$YPSERV || exit 1 # --enable-tcp-wrapper ./configure \ --libdir=/usr/lib${LIBDIRSUFFIX} \ + --libexecdir=/usr/lib${LIBDIRSUFFIX}/yp \ --enable-fqdn \ --enable-yppasswd \ $ARCH-slackware-linux make clean ./configure \ --libdir=/usr/lib${LIBDIRSUFFIX} \ + --libexecdir=/usr/lib${LIBDIRSUFFIX}/yp \ --enable-fqdn \ --enable-yppasswd \ $ARCH-slackware-linux @@ -229,7 +231,7 @@ for FILE in ypserv rpc.yppasswdd rpc.ypxfrd yppush ; do cat ${FILE}.8 | gzip -9c > $PKG/usr/man/man8/${FILE}.8.gz ) done cat rpc.yppasswdd/yppasswdd.8 | gzip -9c > $PKG/usr/man/man8/yppasswdd.8.gz -cat scripts/ypMakefile > $PKG/var/yp/Makefile.new +cat scripts/ypMakefile | sed "s,/usr/lib/yp,/usr/lib$LIBDIRSUFFIX/yp,g" > $PKG/var/yp/Makefile.new cat etc/securenets > $PKG/var/yp/securenets.new echo "# This file is part of the YP server package -- see 'man netgroup'" \ > $PKG/etc/netgroup.new @@ -281,7 +283,8 @@ config etc/rc.d/rc.yp.new config var/yp/nicknames.new config var/yp/Makefile.new config var/yp/securenets.new -rm -f etc/nsswitch.conf.new etc/nsswitch.conf-nis.new etc/netgroup.new etc/yp.conf.new var/yp/nicknames.new var/yp/Makefile.new var/yp/securenets.new +# No, don't delete these. They might have a few changes that need to be merged. +#rm -f etc/nsswitch.conf-nis.new etc/netgroup.new etc/yp.conf.new var/yp/nicknames.new var/yp/Makefile.new var/yp/securenets.new EOF cat $CWD/slack-desc > $PKG/install/slack-desc |