From 8e9ac4d7443939ed0d152708d3877b29252d16fe Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Wed, 17 Feb 2010 09:14:40 -0500 Subject: Eliminate separate build tree for sss_client --- Makefile.am | 2 +- configure.ac | 2 +- server/Makefile.am | 46 +- server/configure.ac | 13 + server/po/POTFILES.in | 5 + server/providers/data_provider.h | 2 +- server/responder/common/responder.h | 2 +- server/responder/common/responder_packet.h | 2 +- server/sss_client/Makefile.am | 88 ++ server/sss_client/autogen.sh | 14 + server/sss_client/common.c | 669 ++++++++++++ server/sss_client/conf_macros.m4 | 52 + server/sss_client/config.guess | 1464 ++++++++++++++++++++++++++ server/sss_client/config.sub | 1577 ++++++++++++++++++++++++++++ server/sss_client/configure.ac | 54 + server/sss_client/external/docbook.m4 | 35 + server/sss_client/group.c | 435 ++++++++ server/sss_client/install-sh | 238 +++++ server/sss_client/m4/.dir | 0 server/sss_client/man/pam_sss.8.xml | 97 ++ server/sss_client/pam_sss.c | 1166 ++++++++++++++++++++ server/sss_client/pam_test_client.c | 95 ++ server/sss_client/passwd.c | 373 +++++++ server/sss_client/po/LINGUAS | 10 + server/sss_client/po/Makevars | 41 + server/sss_client/po/POTFILES.in | 6 + server/sss_client/po/de.po | 46 + server/sss_client/po/es.po | 46 + server/sss_client/po/fr.po | 44 + server/sss_client/po/it.po | 47 + server/sss_client/po/ja.po | 46 + server/sss_client/po/nl.po | 46 + server/sss_client/po/pl.po | 42 + server/sss_client/po/pt.po | 46 + server/sss_client/po/sss_client.pot | 45 + server/sss_client/po/sv.po | 44 + server/sss_client/protos.h | 137 +++ server/sss_client/sss_cli.h | 220 ++++ server/sss_client/sss_nss.exports | 73 ++ server/sss_client/sss_pam.exports | 4 + server/sss_client/sss_pam_macros.h | 30 + server/util/user_info_msg.c | 2 +- sss_client/Makefile.am | 88 -- sss_client/autogen.sh | 14 - sss_client/common.c | 669 ------------ sss_client/conf_macros.m4 | 52 - sss_client/config.guess | 1464 -------------------------- sss_client/config.sub | 1577 ---------------------------- sss_client/configure.ac | 54 - sss_client/external/docbook.m4 | 35 - sss_client/group.c | 435 -------- sss_client/install-sh | 238 ----- sss_client/m4/.dir | 0 sss_client/man/pam_sss.8.xml | 97 -- sss_client/pam_sss.c | 1166 -------------------- sss_client/pam_test_client.c | 95 -- sss_client/passwd.c | 373 ------- sss_client/po/LINGUAS | 10 - sss_client/po/Makevars | 41 - sss_client/po/POTFILES.in | 6 - sss_client/po/de.po | 46 - sss_client/po/es.po | 46 - sss_client/po/fr.po | 44 - sss_client/po/it.po | 47 - sss_client/po/ja.po | 46 - sss_client/po/nl.po | 46 - sss_client/po/pl.po | 42 - sss_client/po/pt.po | 46 - sss_client/po/sss_client.pot | 45 - sss_client/po/sv.po | 44 - sss_client/protos.h | 137 --- sss_client/sss_cli.h | 220 ---- sss_client/sss_nss.exports | 73 -- sss_client/sss_pam.exports | 4 - sss_client/sss_pam_macros.h | 30 - 75 files changed, 7399 insertions(+), 7337 deletions(-) create mode 100644 server/sss_client/Makefile.am create mode 100755 server/sss_client/autogen.sh create mode 100644 server/sss_client/common.c create mode 100644 server/sss_client/conf_macros.m4 create mode 100755 server/sss_client/config.guess create mode 100755 server/sss_client/config.sub create mode 100644 server/sss_client/configure.ac create mode 100644 server/sss_client/external/docbook.m4 create mode 100644 server/sss_client/group.c create mode 100755 server/sss_client/install-sh create mode 100644 server/sss_client/m4/.dir create mode 100644 server/sss_client/man/pam_sss.8.xml create mode 100644 server/sss_client/pam_sss.c create mode 100644 server/sss_client/pam_test_client.c create mode 100644 server/sss_client/passwd.c create mode 100644 server/sss_client/po/LINGUAS create mode 100644 server/sss_client/po/Makevars create mode 100644 server/sss_client/po/POTFILES.in create mode 100644 server/sss_client/po/de.po create mode 100644 server/sss_client/po/es.po create mode 100644 server/sss_client/po/fr.po create mode 100644 server/sss_client/po/it.po create mode 100644 server/sss_client/po/ja.po create mode 100644 server/sss_client/po/nl.po create mode 100644 server/sss_client/po/pl.po create mode 100644 server/sss_client/po/pt.po create mode 100644 server/sss_client/po/sss_client.pot create mode 100644 server/sss_client/po/sv.po create mode 100644 server/sss_client/protos.h create mode 100644 server/sss_client/sss_cli.h create mode 100644 server/sss_client/sss_nss.exports create mode 100644 server/sss_client/sss_pam.exports create mode 100644 server/sss_client/sss_pam_macros.h delete mode 100644 sss_client/Makefile.am delete mode 100755 sss_client/autogen.sh delete mode 100644 sss_client/common.c delete mode 100644 sss_client/conf_macros.m4 delete mode 100755 sss_client/config.guess delete mode 100755 sss_client/config.sub delete mode 100644 sss_client/configure.ac delete mode 100644 sss_client/external/docbook.m4 delete mode 100644 sss_client/group.c delete mode 100755 sss_client/install-sh delete mode 100644 sss_client/m4/.dir delete mode 100644 sss_client/man/pam_sss.8.xml delete mode 100644 sss_client/pam_sss.c delete mode 100644 sss_client/pam_test_client.c delete mode 100644 sss_client/passwd.c delete mode 100644 sss_client/po/LINGUAS delete mode 100644 sss_client/po/Makevars delete mode 100644 sss_client/po/POTFILES.in delete mode 100644 sss_client/po/de.po delete mode 100644 sss_client/po/es.po delete mode 100644 sss_client/po/fr.po delete mode 100644 sss_client/po/it.po delete mode 100644 sss_client/po/ja.po delete mode 100644 sss_client/po/nl.po delete mode 100644 sss_client/po/pl.po delete mode 100644 sss_client/po/pt.po delete mode 100644 sss_client/po/sss_client.pot delete mode 100644 sss_client/po/sv.po delete mode 100644 sss_client/protos.h delete mode 100644 sss_client/sss_cli.h delete mode 100644 sss_client/sss_nss.exports delete mode 100644 sss_client/sss_pam.exports delete mode 100644 sss_client/sss_pam_macros.h diff --git a/Makefile.am b/Makefile.am index 45275dce2..f20fc5600 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,4 +1,4 @@ -SUBDIRS = common server sss_client +SUBDIRS = common server DISTCHECK_CONFIGURE_FLAGS = --with-ldb-lib-dir="$$dc_install_base"/lib/ldb diff --git a/configure.ac b/configure.ac index a48c583b5..030ebc92a 100644 --- a/configure.ac +++ b/configure.ac @@ -8,7 +8,7 @@ AM_INIT_AUTOMAKE([-Wall -Werror foreign]) AC_CONFIG_MACRO_DIR([m4]) AC_PROG_INSTALL -AC_CONFIG_SUBDIRS([common server sss_client]) +AC_CONFIG_SUBDIRS([common server]) AC_SUBST([PRERELEASE_VERSION], PRERELEASE_VERSION_NUMBER) diff --git a/server/Makefile.am b/server/Makefile.am index 21ae79ae3..eeb8cfef6 100644 --- a/server/Makefile.am +++ b/server/Makefile.am @@ -17,6 +17,8 @@ sssdapiplugindir = $(sssdconfdir)/sssd.api.d dbusintrospectdir = $(datarootdir)/sssd/introspect dbuspolicydir = $(sysconfdir)/dbus-1/system.d localedir = @localedir@ +nsslibdir = @nsslibdir@ +pamlibdir = $(nsslibdir)/security dbpath = @dbpath@ pluginpath = @pluginpath@ @@ -179,6 +181,7 @@ AM_CPPFLAGS = -Wall \ -Iinclude \ -I.. \ -I$(srcdir)/include \ + -I$(srcdir)/sss_client \ -Iinclude \ -I. \ $(POPT_CFLAGS) \ @@ -619,6 +622,42 @@ stress_tests_SOURCES = \ stress_tests_LDADD = \ $(SSSD_LIBS) +noinst_PROGRAMS = pam_test_client +pam_test_client_SOURCES = sss_client/pam_test_client.c +pam_test_client_LDFLAGS = -lpam -lpam_misc + +#################### +# Client Libraries # +#################### + +nsslib_LTLIBRARIES = libnss_sss.la +libnss_sss_la_SOURCES = \ + sss_client/common.c \ + sss_client/passwd.c \ + sss_client/group.c \ + sss_client/sss_cli.h +libnss_sss_la_LDFLAGS = \ + -module \ + -version-info 2:0:0 \ + -Wl,--version-script,$(srcdir)/sss_client/sss_nss.exports + +pamlib_LTLIBRARIES = pam_sss.la +pam_sss_la_SOURCES = \ + sss_client/pam_sss.c \ + sss_client/common.c \ + sss_client/sss_cli.h \ + sss_client/sss_pam_macros.h + +pam_sss_la_LDFLAGS = \ + -lpam \ + -module \ + -avoid-version \ + -Wl,--version-script,$(srcdir)/sss_client/sss_pam.exports + +dist_noinst_DATA += \ + sss_client/sss_nss.exports \ + sss_client/sss_pam.exports + #################### # Plugin Libraries # #################### @@ -799,7 +838,7 @@ dist_man_MANS = man/sss_useradd.8 man/sss_userdel.8 man/sss_usermod.8 \ man/sss_groupadd.8 man/sss_groupdel.8 man/sss_groupmod.8 \ man/sssd.8 man/sssd.conf.5 man/sssd-ldap.5 man/sssd-krb5.5 \ man/sssd-ipa.5 man/sssd_krb5_locator_plugin.8 \ - man/sss_groupshow.8 + man/sss_groupshow.8 sss_client/man/pam_sss.8 SUFFIXES = .1.xml .1 .3.xml .3 .5.xml .5 .8.xml .8 .1.xml.1: @@ -881,6 +920,11 @@ install-exec-hook: installsssddirs fi mkdir -p doc $(DESTDIR)/$(docdir); cp -a doc $(DESTDIR)/$(docdir)/ +install-data-hook: + rm $(DESTDIR)/$(nsslibdir)/libnss_sss.so.2 \ + $(DESTDIR)/$(nsslibdir)/libnss_sss.so + mv $(DESTDIR)/$(nsslibdir)/libnss_sss.so.2.0.0 $(DESTDIR)/$(nsslibdir)/libnss_sss.so.2 + uninstall-hook: if [ -f $(abs_builddir)/config/.files ]; then \ cat $(abs_builddir)/config/.files | xargs -iq rm -f $(DESTDIR)/q; \ diff --git a/server/configure.ac b/server/configure.ac index f24debb69..4198ee952 100644 --- a/server/configure.ac +++ b/server/configure.ac @@ -43,6 +43,19 @@ AC_CHECK_TYPES([errno_t], [], [], [[#include ]]) m4_include([build_macros.m4]) BUILD_WITH_SHARED_BUILD_DIR +#Check for PAM headers +AC_CHECK_HEADERS([security/pam_appl.h security/pam_misc.h security/pam_modules.h], + [AC_CHECK_LIB(pam, pam_get_item, [ PAM_LIBS="-lpam" ], [AC_MSG_ERROR([PAM must support pam_get_item])])], + [AC_MSG_ERROR([PAM development libraries not installed])] +) + +#Set the NSS library install path +AC_ARG_ENABLE([nsslibdir], [AS_HELP_STRING([--enable-nsslibdir], + [Where to install nss libraries ($libdir)])], + [nsslibdir=$enableval], + [nsslibdir=$libdir]) +AC_SUBST(nsslibdir) + m4_include(conf_macros.m4) WITH_DB_PATH WITH_PLUGIN_PATH diff --git a/server/po/POTFILES.in b/server/po/POTFILES.in index 2dacfe8bb..e317161f0 100644 --- a/server/po/POTFILES.in +++ b/server/po/POTFILES.in @@ -9,3 +9,8 @@ tools/tools_util.h tools/sss_useradd.c tools/sss_groupadd.c tools/sss_usermod.c +sss_client/common.c +sss_client/group.c +sss_client/pam_sss.c +sss_client/pam_test_client.c +sss_client/passwd.c diff --git a/server/providers/data_provider.h b/server/providers/data_provider.h index c52466238..76ba4cffb 100644 --- a/server/providers/data_provider.h +++ b/server/providers/data_provider.h @@ -34,7 +34,7 @@ #include "dbus/dbus.h" #include "sbus/sssd_dbus.h" #include "sbus/sbus_client.h" -#include "../sss_client/sss_cli.h" +#include "sss_client/sss_cli.h" #define DATA_PROVIDER_VERSION 0x0001 #define DATA_PROVIDER_SERVICE_NAME "dp" diff --git a/server/responder/common/responder.h b/server/responder/common/responder.h index 9294f4022..ea6ba5831 100644 --- a/server/responder/common/responder.h +++ b/server/responder/common/responder.h @@ -31,7 +31,7 @@ #include "ldb.h" #include "dhash.h" #include "sbus/sssd_dbus.h" -#include "../sss_client/sss_cli.h" +#include "sss_client/sss_cli.h" extern hash_table_t *dp_requests; diff --git a/server/responder/common/responder_packet.h b/server/responder/common/responder_packet.h index e98707a63..2bfdc8a32 100644 --- a/server/responder/common/responder_packet.h +++ b/server/responder/common/responder_packet.h @@ -22,7 +22,7 @@ #ifndef __SSSSRV_PACKET_H__ #define __SSSSRV_PACKET_H__ -#include "../sss_client/sss_cli.h" +#include "sss_client/sss_cli.h" #define SSS_PACKET_MAX_RECV_SIZE 1024 diff --git a/server/sss_client/Makefile.am b/server/sss_client/Makefile.am new file mode 100644 index 000000000..b430af6b7 --- /dev/null +++ b/server/sss_client/Makefile.am @@ -0,0 +1,88 @@ +SUBDIRS = po + +pipepath=@pipepath@ +localedir = @localedir@ + +topdir=. +AM_CPPFLAGS = \ + -I$(topdir) \ + -DLOCALEDIR=\"$(localedir)\" \ + -DSSS_NSS_SOCKET_NAME=\"$(pipepath)/nss\" \ + -DSSS_PAM_SOCKET_NAME=\"$(pipepath)/pam\" \ + -DSSS_PAM_PRIV_SOCKET_NAME=\"$(pipepath)/private/pam\" +ACLOCAL_AMFLAGS = -I m4 + +AM_CFLAGS = +if WANT_AUX_INFO + AM_CFLAGS += -aux-info $@.X +endif + +if HAVE_GCC + AM_CFLAGS += -Wall -Wshadow -Wstrict-prototypes -Wpointer-arith \ + -Wcast-qual -Wcast-align -Wwrite-strings +endif + +nsslibdir = @nsslibdir@ +pamlibdir = $(nsslibdir)/security + +nsslib_LTLIBRARIES = libnss_sss.la +pamlib_LTLIBRARIES = pam_sss.la + +libnss_sss_la_SOURCES = \ + common.c \ + passwd.c \ + group.c \ + sss_cli.h +libnss_sss_la_LDFLAGS = \ + -module \ + -version-info 2:0:0 \ + -Wl,--version-script,$(srcdir)/sss_nss.exports + +pam_sss_la_SOURCES = \ + pam_sss.c \ + common.c \ + sss_cli.h \ + sss_pam_macros.h + +pam_sss_la_LDFLAGS = \ + -lpam \ + -module \ + -avoid-version \ + -Wl,--version-script,$(srcdir)/sss_pam.exports + +noinst_PROGRAMS = pam_test_client +pam_test_client_SOURCES = pam_test_client.c +pam_test_client_LDFLAGS = -lpam -lpam_misc + + +EXTRA_DIST = build/config.rpath +dist_noinst_DATA = \ + sss_nss.exports \ + sss_pam.exports \ + m4 + +install-data-hook: + rm $(DESTDIR)/$(nsslibdir)/libnss_sss.so.2 \ + $(DESTDIR)/$(nsslibdir)/libnss_sss.so + mv $(DESTDIR)/$(nsslibdir)/libnss_sss.so.2.0.0 $(DESTDIR)/$(nsslibdir)/libnss_sss.so.2 + +############ +# MANPAGES # +############ + +#Special Rules: +export SGML_CATALOG_FILES +DOCBOOK_XSLT = http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl +XMLLINT_FLAGS = --catalogs --postvalid --nonet --xinclude --noout +XSLTPROC_FLAGS = --catalogs --xinclude --nonet + +dist_man_MANS = man/pam_sss.8 + +SUFFIXES = .8.xml .8 +.8.xml.8: + $(XMLLINT) $(XMLLINT_FLAGS) $< + $(XSLTPROC) -o $@ $(XSLTPROC_FLAGS) $(DOCBOOK_XSLT) $< +CLEANFILES = *.X + +tests: all $(check_PROGRAMS) + diff --git a/server/sss_client/autogen.sh b/server/sss_client/autogen.sh new file mode 100755 index 000000000..bf84eeee1 --- /dev/null +++ b/server/sss_client/autogen.sh @@ -0,0 +1,14 @@ +#!/bin/sh + +rm -rf autom4te.cache +rm -f configure config.h.in + +IPATHS="-I libreplace -I lib/replace -I ../libreplace -I ../replace" +autoconf $IPATHS || exit 1 +autoheader $IPATHS || exit 1 + +rm -rf autom4te.cache + +echo "Now run ./configure and then make." +exit 0 + diff --git a/server/sss_client/common.c b/server/sss_client/common.c new file mode 100644 index 000000000..6732c24fc --- /dev/null +++ b/server/sss_client/common.c @@ -0,0 +1,669 @@ +/* + * System Security Services Daemon. NSS client interface + * + * Copyright (C) Simo Sorce 2007 + * + * Winbind derived code: + * Copyright (C) Tim Potter 2000 + * Copyright (C) Andrew Tridgell 2000 + * Copyright (C) Andrew Bartlett 2002 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "sss_cli.h" + +/* common functions */ + +int sss_cli_sd = -1; /* the sss client socket descriptor */ + +static void sss_cli_close_socket(void) +{ + if (sss_cli_sd != -1) { + close(sss_cli_sd); + sss_cli_sd = -1; + } +} + +/* Requests: + * + * byte 0-3: 32bit unsigned with length (the complete packet length: 0 to X) + * byte 4-7: 32bit unsigned with command code + * byte 8-11: 32bit unsigned (reserved) + * byte 12-15: 32bit unsigned (reserved) + * byte 16-X: (optional) request structure associated to the command code used + */ +static enum nss_status sss_nss_send_req(enum sss_cli_command cmd, + struct sss_cli_req_data *rd, + int *errnop) +{ + uint32_t header[4]; + size_t datasent; + + header[0] = SSS_NSS_HEADER_SIZE + (rd?rd->len:0); + header[1] = cmd; + header[2] = 0; + header[3] = 0; + + datasent = 0; + + while (datasent < header[0]) { + struct pollfd pfd; + int rdsent; + int res, error; + + *errnop = 0; + pfd.fd = sss_cli_sd; + pfd.events = POLLOUT; + + do { + errno = 0; + res = poll(&pfd, 1, SSS_CLI_SOCKET_TIMEOUT); + error = errno; + + /* If error is EINTR here, we'll try again + * If it's any other error, we'll catch it + * below. + */ + } while (error == EINTR); + + switch (res) { + case -1: + *errnop = error; + break; + case 0: + *errnop = ETIME; + break; + case 1: + if (pfd.revents & (POLLERR | POLLHUP | POLLNVAL)) { + *errnop = EPIPE; + } + if (!(pfd.revents & POLLOUT)) { + *errnop = EBUSY; + } + break; + default: /* more than one avail ?? */ + *errnop = EBADF; + break; + } + if (*errnop) { + sss_cli_close_socket(); + return NSS_STATUS_UNAVAIL; + } + + if (datasent < SSS_NSS_HEADER_SIZE) { + res = write(sss_cli_sd, + (char *)header + datasent, + SSS_NSS_HEADER_SIZE - datasent); + } else { + rdsent = datasent - SSS_NSS_HEADER_SIZE; + res = write(sss_cli_sd, + (const char *)rd->data + rdsent, + rd->len - rdsent); + } + + if ((res == -1) || (res == 0)) { + + /* Write failed */ + sss_cli_close_socket(); + *errnop = errno; + return NSS_STATUS_UNAVAIL; + } + + datasent += res; + } + + return NSS_STATUS_SUCCESS; +} + +/* Replies: + * + * byte 0-3: 32bit unsigned with length (the complete packet length: 0 to X) + * byte 4-7: 32bit unsigned with command code + * byte 8-11: 32bit unsigned with the request status (server errno) + * byte 12-15: 32bit unsigned (reserved) + * byte 16-X: (optional) reply structure associated to the command code used + */ + +static enum nss_status sss_nss_recv_rep(enum sss_cli_command cmd, + uint8_t **buf, int *len, + int *errnop) +{ + uint32_t header[4]; + size_t datarecv; + + header[0] = SSS_NSS_HEADER_SIZE; /* unitl we know the real lenght */ + header[1] = 0; + header[2] = 0; + header[3] = 0; + + datarecv = 0; + *buf = NULL; + *len = 0; + *errnop = 0; + + while (datarecv < header[0]) { + struct pollfd pfd; + int bufrecv; + int res, error; + + pfd.fd = sss_cli_sd; + pfd.events = POLLIN; + + do { + errno = 0; + res = poll(&pfd, 1, SSS_CLI_SOCKET_TIMEOUT); + error = errno; + + /* If error is EINTR here, we'll try again + * If it's any other error, we'll catch it + * below. + */ + } while (error == EINTR); + + switch (res) { + case -1: + *errnop = error; + break; + case 0: + *errnop = ETIME; + break; + case 1: + if (pfd.revents & (POLLERR | POLLHUP | POLLNVAL)) { + *errnop = EPIPE; + } + if (!(pfd.revents & POLLIN)) { + *errnop = EBUSY; + } + break; + default: /* more than one avail ?? */ + *errnop = EBADF; + break; + } + if (*errnop) { + sss_cli_close_socket(); + return NSS_STATUS_UNAVAIL; + } + + if (datarecv < SSS_NSS_HEADER_SIZE) { + res = read(sss_cli_sd, + (char *)header + datarecv, + SSS_NSS_HEADER_SIZE - datarecv); + } else { + bufrecv = datarecv - SSS_NSS_HEADER_SIZE; + res = read(sss_cli_sd, + (char *)(*buf) + bufrecv, + header[0] - datarecv); + } + + if ((res == -1) || (res == 0)) { + + /* Read failed. I think the only useful thing + * we can do here is just return -1 and fail + * since the transaction has failed half way + * through. */ + + sss_cli_close_socket(); + *errnop = errno; + return NSS_STATUS_UNAVAIL; + } + + datarecv += res; + + if (datarecv == SSS_NSS_HEADER_SIZE && *len == 0) { + /* at this point recv buf is not yet + * allocated and the header has just + * been read, do checks and proceed */ + if (header[2] != 0) { + /* server side error */ + sss_cli_close_socket(); + *errnop = header[2]; + if (*errnop == EAGAIN) { + return NSS_STATUS_TRYAGAIN; + } else { + return NSS_STATUS_UNAVAIL; + } + } + if (header[1] != cmd) { + /* wrong command id */ + sss_cli_close_socket(); + *errnop = EBADMSG; + return NSS_STATUS_UNAVAIL; + } + if (header[0] > SSS_NSS_HEADER_SIZE) { + *len = header[0] - SSS_NSS_HEADER_SIZE; + *buf = malloc(*len); + if (!*buf) { + sss_cli_close_socket(); + *errnop = ENOMEM; + return NSS_STATUS_UNAVAIL; + } + } + } + } + + return NSS_STATUS_SUCCESS; +} + +/* this function will check command codes match and returned length is ok */ +/* repbuf and replen report only the data section not the header */ +static enum nss_status sss_nss_make_request_nochecks( + enum sss_cli_command cmd, + struct sss_cli_req_data *rd, + uint8_t **repbuf, size_t *replen, + int *errnop) +{ + enum nss_status ret; + uint8_t *buf = NULL; + int len = 0; + + /* send data */ + ret = sss_nss_send_req(cmd, rd, errnop); + if (ret != NSS_STATUS_SUCCESS) { + return ret; + } + + /* data sent, now get reply */ + ret = sss_nss_recv_rep(cmd, &buf, &len, errnop); + if (ret != NSS_STATUS_SUCCESS) { + return ret; + } + + /* we got through, now we have the custom data in buf if any, + * return it if requested */ + if (repbuf && buf) { + *repbuf = buf; + if (replen) { + *replen = len; + } + } else { + free(buf); + if (replen) { + *replen = 0; + } + } + + return NSS_STATUS_SUCCESS; +} + +/* GET_VERSION Reply: + * 0-3: 32bit unsigned version number + */ + +static int sss_nss_check_version(const char *socket_name) +{ + uint8_t *repbuf; + size_t replen; + enum nss_status nret; + int errnop; + int res = NSS_STATUS_UNAVAIL; + uint32_t expected_version; + struct sss_cli_req_data req; + + if (strcmp(socket_name, SSS_NSS_SOCKET_NAME) == 0) { + expected_version = SSS_NSS_PROTOCOL_VERSION; + } else if (strcmp(socket_name, SSS_PAM_SOCKET_NAME) == 0 || + strcmp(socket_name, SSS_PAM_PRIV_SOCKET_NAME) == 0) { + expected_version = SSS_PAM_PROTOCOL_VERSION; + } else { + return NSS_STATUS_UNAVAIL; + } + + req.len = sizeof(expected_version); + req.data = &expected_version; + + nret = sss_nss_make_request_nochecks(SSS_GET_VERSION, &req, + &repbuf, &replen, &errnop); + if (nret != NSS_STATUS_SUCCESS) { + return nret; + } + + if (!repbuf) { + return res; + } + + if (((uint32_t *)repbuf)[0] == expected_version) { + res = NSS_STATUS_SUCCESS; + } + + free(repbuf); + return res; +} + +/* this 2 functions are adapted from samba3 winbinbd's wb_common.c */ + +/* Make sure socket handle isn't stdin (0), stdout(1) or stderr(2) by setting + * the limit to 3 */ +#define RECURSION_LIMIT 3 + +static int make_nonstd_fd_internals(int fd, int limit) +{ + int new_fd; + if (fd >= 0 && fd <= 2) { +#ifdef F_DUPFD + if ((new_fd = fcntl(fd, F_DUPFD, 3)) == -1) { + return -1; + } + /* Paranoia */ + if (new_fd < 3) { + close(new_fd); + return -1; + } + close(fd); + return new_fd; +#else + if (limit <= 0) + return -1; + + new_fd = dup(fd); + if (new_fd == -1) + return -1; + + /* use the program stack to hold our list of FDs to close */ + new_fd = make_nonstd_fd_internals(new_fd, limit - 1); + close(fd); + return new_fd; +#endif + } + return fd; +} + +/**************************************************************************** + Set a fd into blocking/nonblocking mode. Uses POSIX O_NONBLOCK if available, + else + if SYSV use O_NDELAY + if BSD use FNDELAY + Set close on exec also. +****************************************************************************/ + +static int make_safe_fd(int fd) +{ + int result, flags; + int new_fd = make_nonstd_fd_internals(fd, RECURSION_LIMIT); + if (new_fd == -1) { + close(fd); + return -1; + } + + /* Socket should be nonblocking. */ +#ifdef O_NONBLOCK +#define FLAG_TO_SET O_NONBLOCK +#else +#ifdef SYSV +#define FLAG_TO_SET O_NDELAY +#else /* BSD */ +#define FLAG_TO_SET FNDELAY +#endif +#endif + + if ((flags = fcntl(new_fd, F_GETFL)) == -1) { + close(new_fd); + return -1; + } + + flags |= FLAG_TO_SET; + if (fcntl(new_fd, F_SETFL, flags) == -1) { + close(new_fd); + return -1; + } + +#undef FLAG_TO_SET + + /* Socket should be closed on exec() */ +#ifdef FD_CLOEXEC + result = flags = fcntl(new_fd, F_GETFD, 0); + if (flags >= 0) { + flags |= FD_CLOEXEC; + result = fcntl( new_fd, F_SETFD, flags ); + } + if (result < 0) { + close(new_fd); + return -1; + } +#endif + return new_fd; +} + +static int sss_nss_open_socket(int *errnop, const char *socket_name) +{ + struct sockaddr_un nssaddr; + int inprogress = 1; + int wait_time, sleep_time; + int sd; + + memset(&nssaddr, 0, sizeof(struct sockaddr_un)); + nssaddr.sun_family = AF_UNIX; + strncpy(nssaddr.sun_path, socket_name, + strlen(socket_name) + 1); + + sd = socket(AF_UNIX, SOCK_STREAM, 0); + if (sd == -1) { + *errnop = errno; + return -1; + } + + /* set as non-blocking, close on exec, and make sure standard + * descriptors are not used */ + sd = make_safe_fd(sd); + if (sd == -1) { + *errnop = errno; + return -1; + } + + /* this piece is adapted from winbind client code */ + wait_time = 0; + sleep_time = 0; + while(inprogress) { + int connect_errno = 0; + socklen_t errnosize; + struct timeval tv; + fd_set w_fds; + int ret; + + wait_time += sleep_time; + + ret = connect(sd, (struct sockaddr *)&nssaddr, + sizeof(nssaddr)); + if (ret == 0) { + return sd; + } + + switch(errno) { + case EINPROGRESS: + FD_ZERO(&w_fds); + FD_SET(sd, &w_fds); + tv.tv_sec = SSS_CLI_SOCKET_TIMEOUT - wait_time; + tv.tv_usec = 0; + + ret = select(sd + 1, NULL, &w_fds, NULL, &tv); + + if (ret > 0) { + errnosize = sizeof(connect_errno); + ret = getsockopt(sd, SOL_SOCKET, SO_ERROR, + &connect_errno, &errnosize); + if (ret >= 0 && connect_errno == 0) { + return sd; + } + } + wait_time += SSS_CLI_SOCKET_TIMEOUT; + break; + case EAGAIN: + if (wait_time < SSS_CLI_SOCKET_TIMEOUT) { + sleep_time = rand() % 2 + 1; + sleep(sleep_time); + } + break; + default: + *errnop = errno; + inprogress = 0; + break; + } + + if (wait_time >= SSS_CLI_SOCKET_TIMEOUT) { + inprogress = 0; + } + } + + /* if we get here connect() failed or we timed out */ + + close(sd); + return -1; +} + +static enum sss_status sss_cli_check_socket(int *errnop, const char *socket_name) +{ + static pid_t mypid; + int mysd; + + if (getpid() != mypid) { + sss_cli_close_socket(); + mypid = getpid(); + } + + /* check if the socket has been closed on the other side */ + if (sss_cli_sd != -1) { + struct pollfd pfd; + int res, error; + + *errnop = 0; + pfd.fd = sss_cli_sd; + pfd.events = POLLIN | POLLOUT; + + do { + errno = 0; + res = poll(&pfd, 1, SSS_CLI_SOCKET_TIMEOUT); + error = errno; + + /* If error is EINTR here, we'll try again + * If it's any other error, we'll catch it + * below. + */ + } while (error == EINTR); + + switch (res) { + case -1: + *errnop = error; + break; + case 0: + *errnop = ETIME; + break; + case 1: + if (pfd.revents & (POLLERR | POLLHUP | POLLNVAL)) { + *errnop = EPIPE; + } + if (!(pfd.revents & (POLLIN | POLLOUT))) { + *errnop = EBUSY; + } + break; + default: /* more than one avail ?? */ + *errnop = EBADF; + break; + } + if (*errnop) { + sss_cli_close_socket(); + return SSS_STATUS_UNAVAIL; + } + + return SSS_STATUS_SUCCESS; + } + + mysd = sss_nss_open_socket(errnop, socket_name); + if (mysd == -1) { + return SSS_STATUS_UNAVAIL; + } + + sss_cli_sd = mysd; + + if (sss_nss_check_version(socket_name) == NSS_STATUS_SUCCESS) { + return SSS_STATUS_SUCCESS; + } + + sss_cli_close_socket(); + *errnop = EFAULT; + return SSS_STATUS_UNAVAIL; +} + +/* this function will check command codes match and returned length is ok */ +/* repbuf and replen report only the data section not the header */ +enum nss_status sss_nss_make_request(enum sss_cli_command cmd, + struct sss_cli_req_data *rd, + uint8_t **repbuf, size_t *replen, + int *errnop) +{ + enum nss_status ret; + char *envval; + + /* avoid looping in the nss daemon */ + envval = getenv("_SSS_LOOPS"); + if (envval && strcmp(envval, "NO") == 0) { + return NSS_STATUS_NOTFOUND; + } + + ret = sss_cli_check_socket(errnop, SSS_NSS_SOCKET_NAME); + if (ret != SSS_STATUS_SUCCESS) { + return NSS_STATUS_UNAVAIL; + } + + return sss_nss_make_request_nochecks(cmd, rd, repbuf, replen, errnop); +} + +int sss_pam_make_request(enum sss_cli_command cmd, + struct sss_cli_req_data *rd, + uint8_t **repbuf, size_t *replen, + int *errnop) +{ + int ret; + char *envval; + struct stat stat_buf; + + /* avoid looping in the pam daemon */ + envval = getenv("_SSS_LOOPS"); + if (envval && strcmp(envval, "NO") == 0) { + return PAM_SERVICE_ERR; + } + + /* only root shall use the privileged pipe */ + if (getuid() == 0 && getgid() == 0) { + ret = stat(SSS_PAM_PRIV_SOCKET_NAME, &stat_buf); + if (ret != 0) return PAM_SERVICE_ERR; + if ( ! (stat_buf.st_uid == 0 && + stat_buf.st_gid == 0 && + (stat_buf.st_mode&(S_IFSOCK|S_IRUSR|S_IWUSR)) == stat_buf.st_mode)) { + return PAM_SERVICE_ERR; + } + + ret = sss_cli_check_socket(errnop, SSS_PAM_PRIV_SOCKET_NAME); + } else { + ret = sss_cli_check_socket(errnop, SSS_PAM_SOCKET_NAME); + } + if (ret != NSS_STATUS_SUCCESS) { + return PAM_SERVICE_ERR; + } + + return sss_nss_make_request_nochecks(cmd, rd, repbuf, replen, errnop); +} diff --git a/server/sss_client/conf_macros.m4 b/server/sss_client/conf_macros.m4 new file mode 100644 index 000000000..cff961bc8 --- /dev/null +++ b/server/sss_client/conf_macros.m4 @@ -0,0 +1,52 @@ +AC_DEFUN([BUILD_WITH_AUX_INFO], + [ AC_ARG_WITH([aux-info], + [AC_HELP_STRING([--with-aux-info], + [Build with -aux-info output])]) + ]) +AM_CONDITIONAL([WANT_AUX_INFO], [test x$with_aux_info = xyes]) + +AC_DEFUN([WITH_PIPE_PATH], + [ AC_ARG_WITH([pipe-path], + [AC_HELP_STRING([--with-pipe-path=PATH], + [Where to store pipe files for the SSSD interconnects [/var/lib/sss/pipes]] + ) + ] + ) + config_pipepath="\"VARDIR\"/lib/sss/pipes" + pipepath="${localstatedir}/lib/sss/pipes" + if test x"$with_pipe_path" != x; then + config_pipepath=$with_pipe_path + pipepath=$with_pipe_path + fi + AC_SUBST(pipepath) + AC_DEFINE_UNQUOTED(PIPE_PATH, "$config_pipepath", [Where to store pipe files for the SSSD interconnects]) + ]) +AC_DEFUN([WITH_MANPAGES], + [ AC_ARG_WITH([manpages], + [AC_HELP_STRING([--with-manpages], + [Whether to regenerate man pages from DocBook sources [yes]] + ) + ], + [], + with_manpages=yes + ) + if test x"$with_manpages" == xyes; then + HAVE_MANPAGES=1 + AC_SUBST(HAVE_MANPAGES) + fi + ]) +AM_CONDITIONAL([BUILD_MANPAGES], [test x$with_manpages = xyes]) + +AC_DEFUN([WITH_XML_CATALOG], + [ AC_ARG_WITH([xml-catalog-path], + [AC_HELP_STRING([--with-xml-catalog-path=PATH], + [Where to look for XML catalog [/etc/xml/catalog]] + ) + ] + ) + SGML_CATALOG_FILES="/etc/xml/catalog" + if test x"$with_xml_catalog_path" != x; then + SGML_CATALOG_FILES="$with_xml_catalog_path" + fi + AC_SUBST([SGML_CATALOG_FILES]) + ]) diff --git a/server/sss_client/config.guess b/server/sss_client/config.guess new file mode 100755 index 000000000..354dbe175 --- /dev/null +++ b/server/sss_client/config.guess @@ -0,0 +1,1464 @@ +#! /bin/sh +# Attempt to guess a canonical system name. +# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, +# 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. + +timestamp='2005-08-03' + +# This file is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, see . +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + + +# Originally written by Per Bothner . +# Please send patches to . Submit a context +# diff and a properly formatted ChangeLog entry. +# +# This script attempts to guess a canonical system name similar to +# config.sub. If it succeeds, it prints the system name on stdout, and +# exits with 0. Otherwise, it exits with 1. +# +# The plan is that this can be called by configure scripts if you +# don't specify an explicit build system type. + +me=`echo "$0" | sed -e 's,.*/,,'` + +usage="\ +Usage: $0 [OPTION] + +Output the configuration name of the system \`$me' is run on. + +Operation modes: + -h, --help print this help, then exit + -t, --time-stamp print date of last modification, then exit + -v, --version print version number, then exit + +Report bugs and patches to ." + +version="\ +GNU config.guess ($timestamp) + +Originally written by Per Bothner. +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 +Free Software Foundation, Inc. + +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." + +help=" +Try \`$me --help' for more information." + +# Parse command line +while test $# -gt 0 ; do + case $1 in + --time-stamp | --time* | -t ) + echo "$timestamp" ; exit ;; + --version | -v ) + echo "$version" ; exit ;; + --help | --h* | -h ) + echo "$usage"; exit ;; + -- ) # Stop option processing + shift; break ;; + - ) # Use stdin as input. + break ;; + -* ) + echo "$me: invalid option $1$help" >&2 + exit 1 ;; + * ) + break ;; + esac +done + +if test $# != 0; then + echo "$me: too many arguments$help" >&2 + exit 1 +fi + +trap 'exit 1' 1 2 15 + +# CC_FOR_BUILD -- compiler used by this script. Note that the use of a +# compiler to aid in system detection is discouraged as it requires +# temporary files to be created and, as you can see below, it is a +# headache to deal with in a portable fashion. + +# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still +# use `HOST_CC' if defined, but it is deprecated. + +# Portable tmp directory creation inspired by the Autoconf team. + +set_cc_for_build=' +trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; +trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; +: ${TMPDIR=/tmp} ; + { tmp=`(umask 077 && mktemp -d -q "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || + { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || + { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || + { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; +dummy=$tmp/dummy ; +tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; +case $CC_FOR_BUILD,$HOST_CC,$CC in + ,,) echo "int x;" > $dummy.c ; + for c in cc gcc c89 c99 ; do + if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then + CC_FOR_BUILD="$c"; break ; + fi ; + done ; + if test x"$CC_FOR_BUILD" = x ; then + CC_FOR_BUILD=no_compiler_found ; + fi + ;; + ,,*) CC_FOR_BUILD=$CC ;; + ,*,*) CC_FOR_BUILD=$HOST_CC ;; +esac ; set_cc_for_build= ;' + +# This is needed to find uname on a Pyramid OSx when run in the BSD universe. +# (ghazi@noc.rutgers.edu 1994-08-24) +if (test -f /.attbin/uname) >/dev/null 2>&1 ; then + PATH=$PATH:/.attbin ; export PATH +fi + +UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown +UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown +UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown +UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown + +# Note: order is significant - the case branches are not exclusive. + +case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in + *:NetBSD:*:*) + # NetBSD (nbsd) targets should (where applicable) match one or + # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, + # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently + # switched to ELF, *-*-netbsd* would select the old + # object file format. This provides both forward + # compatibility and a consistent mechanism for selecting the + # object file format. + # + # Note: NetBSD doesn't particularly care about the vendor + # portion of the name. We always set it to "unknown". + sysctl="sysctl -n hw.machine_arch" + UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \ + /usr/sbin/$sysctl 2>/dev/null || echo unknown)` + case "${UNAME_MACHINE_ARCH}" in + armeb) machine=armeb-unknown ;; + arm*) machine=arm-unknown ;; + sh3el) machine=shl-unknown ;; + sh3eb) machine=sh-unknown ;; + *) machine=${UNAME_MACHINE_ARCH}-unknown ;; + esac + # The Operating System including object format, if it has switched + # to ELF recently, or will in the future. + case "${UNAME_MACHINE_ARCH}" in + arm*|i386|m68k|ns32k|sh3*|sparc|vax) + eval $set_cc_for_build + if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep __ELF__ >/dev/null + then + # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). + # Return netbsd for either. FIX? + os=netbsd + else + os=netbsdelf + fi + ;; + *) + os=netbsd + ;; + esac + # The OS release + # Debian GNU/NetBSD machines have a different userland, and + # thus, need a distinct triplet. However, they do not need + # kernel version information, so it can be replaced with a + # suitable tag, in the style of linux-gnu. + case "${UNAME_VERSION}" in + Debian*) + release='-gnu' + ;; + *) + release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` + ;; + esac + # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: + # contains redundant information, the shorter form: + # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. + echo "${machine}-${os}${release}" + exit ;; + *:OpenBSD:*:*) + UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` + echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} + exit ;; + *:ekkoBSD:*:*) + echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} + exit ;; + macppc:MirBSD:*:*) + echo powerppc-unknown-mirbsd${UNAME_RELEASE} + exit ;; + *:MirBSD:*:*) + echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE} + exit ;; + alpha:OSF1:*:*) + case $UNAME_RELEASE in + *4.0) + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` + ;; + *5.*) + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` + ;; + esac + # According to Compaq, /usr/sbin/psrinfo has been available on + # OSF/1 and Tru64 systems produced since 1995. I hope that + # covers most systems running today. This code pipes the CPU + # types through head -n 1, so we only detect the type of CPU 0. + ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` + case "$ALPHA_CPU_TYPE" in + "EV4 (21064)") + UNAME_MACHINE="alpha" ;; + "EV4.5 (21064)") + UNAME_MACHINE="alpha" ;; + "LCA4 (21066/21068)") + UNAME_MACHINE="alpha" ;; + "EV5 (21164)") + UNAME_MACHINE="alphaev5" ;; + "EV5.6 (21164A)") + UNAME_MACHINE="alphaev56" ;; + "EV5.6 (21164PC)") + UNAME_MACHINE="alphapca56" ;; + "EV5.7 (21164PC)") + UNAME_MACHINE="alphapca57" ;; + "EV6 (21264)") + UNAME_MACHINE="alphaev6" ;; + "EV6.7 (21264A)") + UNAME_MACHINE="alphaev67" ;; + "EV6.8CB (21264C)") + UNAME_MACHINE="alphaev68" ;; + "EV6.8AL (21264B)") + UNAME_MACHINE="alphaev68" ;; + "EV6.8CX (21264D)") + UNAME_MACHINE="alphaev68" ;; + "EV6.9A (21264/EV69A)") + UNAME_MACHINE="alphaev69" ;; + "EV7 (21364)") + UNAME_MACHINE="alphaev7" ;; + "EV7.9 (21364A)") + UNAME_MACHINE="alphaev79" ;; + esac + # A Pn.n version is a patched version. + # A Vn.n version is a released version. + # A Tn.n version is a released field test version. + # A Xn.n version is an unreleased experimental baselevel. + # 1.2 uses "1.2" for uname -r. + echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` + exit ;; + Alpha\ *:Windows_NT*:*) + # How do we know it's Interix rather than the generic POSIX subsystem? + # Should we change UNAME_MACHINE based on the output of uname instead + # of the specific Alpha model? + echo alpha-pc-interix + exit ;; + 21064:Windows_NT:50:3) + echo alpha-dec-winnt3.5 + exit ;; + Amiga*:UNIX_System_V:4.0:*) + echo m68k-unknown-sysv4 + exit ;; + *:[Aa]miga[Oo][Ss]:*:*) + echo ${UNAME_MACHINE}-unknown-amigaos + exit ;; + *:[Mm]orph[Oo][Ss]:*:*) + echo ${UNAME_MACHINE}-unknown-morphos + exit ;; + *:OS/390:*:*) + echo i370-ibm-openedition + exit ;; + *:z/VM:*:*) + echo s390-ibm-zvmoe + exit ;; + *:OS400:*:*) + echo powerpc-ibm-os400 + exit ;; + arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) + echo arm-acorn-riscix${UNAME_RELEASE} + exit ;; + arm:riscos:*:*|arm:RISCOS:*:*) + echo arm-unknown-riscos + exit ;; + SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) + echo hppa1.1-hitachi-hiuxmpp + exit ;; + Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) + # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. + if test "`(/bin/universe) 2>/dev/null`" = att ; then + echo pyramid-pyramid-sysv3 + else + echo pyramid-pyramid-bsd + fi + exit ;; + NILE*:*:*:dcosx) + echo pyramid-pyramid-svr4 + exit ;; + DRS?6000:unix:4.0:6*) + echo sparc-icl-nx6 + exit ;; + DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) + case `/usr/bin/uname -p` in + sparc) echo sparc-icl-nx7; exit ;; + esac ;; + sun4H:SunOS:5.*:*) + echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) + echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + i86pc:SunOS:5.*:*) + echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:6*:*) + # According to config.sub, this is the proper way to canonicalize + # SunOS6. Hard to guess exactly what SunOS6 will be like, but + # it's likely to be more like Solaris than SunOS4. + echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + sun4*:SunOS:*:*) + case "`/usr/bin/arch -k`" in + Series*|S4*) + UNAME_RELEASE=`uname -v` + ;; + esac + # Japanese Language versions have a version number like `4.1.3-JL'. + echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` + exit ;; + sun3*:SunOS:*:*) + echo m68k-sun-sunos${UNAME_RELEASE} + exit ;; + sun*:*:4.2BSD:*) + UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` + test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 + case "`/bin/arch`" in + sun3) + echo m68k-sun-sunos${UNAME_RELEASE} + ;; + sun4) + echo sparc-sun-sunos${UNAME_RELEASE} + ;; + esac + exit ;; + aushp:SunOS:*:*) + echo sparc-auspex-sunos${UNAME_RELEASE} + exit ;; + # The situation for MiNT is a little confusing. The machine name + # can be virtually everything (everything which is not + # "atarist" or "atariste" at least should have a processor + # > m68000). The system name ranges from "MiNT" over "FreeMiNT" + # to the lowercase version "mint" (or "freemint"). Finally + # the system name "TOS" denotes a system which is actually not + # MiNT. But MiNT is downward compatible to TOS, so this should + # be no problem. + atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) + echo m68k-atari-mint${UNAME_RELEASE} + exit ;; + milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) + echo m68k-milan-mint${UNAME_RELEASE} + exit ;; + hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) + echo m68k-hades-mint${UNAME_RELEASE} + exit ;; + *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) + echo m68k-unknown-mint${UNAME_RELEASE} + exit ;; + m68k:machten:*:*) + echo m68k-apple-machten${UNAME_RELEASE} + exit ;; + powerpc:machten:*:*) + echo powerpc-apple-machten${UNAME_RELEASE} + exit ;; + RISC*:Mach:*:*) + echo mips-dec-mach_bsd4.3 + exit ;; + RISC*:ULTRIX:*:*) + echo mips-dec-ultrix${UNAME_RELEASE} + exit ;; + VAX*:ULTRIX*:*:*) + echo vax-dec-ultrix${UNAME_RELEASE} + exit ;; + 2020:CLIX:*:* | 2430:CLIX:*:*) + echo clipper-intergraph-clix${UNAME_RELEASE} + exit ;; + mips:*:*:UMIPS | mips:*:*:RISCos) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c +#ifdef __cplusplus +#include /* for printf() prototype */ + int main (int argc, char *argv[]) { +#else + int main (argc, argv) int argc; char *argv[]; { +#endif + #if defined (host_mips) && defined (MIPSEB) + #if defined (SYSTYPE_SYSV) + printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0); + #endif + #if defined (SYSTYPE_SVR4) + printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0); + #endif + #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD) + printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0); + #endif + #endif + exit (-1); + } +EOF + $CC_FOR_BUILD -o $dummy $dummy.c && + dummyarg=`echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` && + SYSTEM_NAME=`$dummy $dummyarg` && + { echo "$SYSTEM_NAME"; exit; } + echo mips-mips-riscos${UNAME_RELEASE} + exit ;; + Motorola:PowerMAX_OS:*:*) + echo powerpc-motorola-powermax + exit ;; + Motorola:*:4.3:PL8-*) + echo powerpc-harris-powermax + exit ;; + Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) + echo powerpc-harris-powermax + exit ;; + Night_Hawk:Power_UNIX:*:*) + echo powerpc-harris-powerunix + exit ;; + m88k:CX/UX:7*:*) + echo m88k-harris-cxux7 + exit ;; + m88k:*:4*:R4*) + echo m88k-motorola-sysv4 + exit ;; + m88k:*:3*:R3*) + echo m88k-motorola-sysv3 + exit ;; + AViiON:dgux:*:*) + # DG/UX returns AViiON for all architectures + UNAME_PROCESSOR=`/usr/bin/uname -p` + if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] + then + if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ + [ ${TARGET_BINARY_INTERFACE}x = x ] + then + echo m88k-dg-dgux${UNAME_RELEASE} + else + echo m88k-dg-dguxbcs${UNAME_RELEASE} + fi + else + echo i586-dg-dgux${UNAME_RELEASE} + fi + exit ;; + M88*:DolphinOS:*:*) # DolphinOS (SVR3) + echo m88k-dolphin-sysv3 + exit ;; + M88*:*:R3*:*) + # Delta 88k system running SVR3 + echo m88k-motorola-sysv3 + exit ;; + XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) + echo m88k-tektronix-sysv3 + exit ;; + Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) + echo m68k-tektronix-bsd + exit ;; + *:IRIX*:*:*) + echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` + exit ;; + ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. + echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id + exit ;; # Note that: echo "'`uname -s`'" gives 'AIX ' + i*86:AIX:*:*) + echo i386-ibm-aix + exit ;; + ia64:AIX:*:*) + if [ -x /usr/bin/oslevel ] ; then + IBM_REV=`/usr/bin/oslevel` + else + IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} + fi + echo ${UNAME_MACHINE}-ibm-aix${IBM_REV} + exit ;; + *:AIX:2:3) + if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #include + + main() + { + if (!__power_pc()) + exit(1); + puts("powerpc-ibm-aix3.2.5"); + exit(0); + } +EOF + if $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` + then + echo "$SYSTEM_NAME" + else + echo rs6000-ibm-aix3.2.5 + fi + elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then + echo rs6000-ibm-aix3.2.4 + else + echo rs6000-ibm-aix3.2 + fi + exit ;; + *:AIX:*:[45]) + IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` + if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then + IBM_ARCH=rs6000 + else + IBM_ARCH=powerpc + fi + if [ -x /usr/bin/oslevel ] ; then + IBM_REV=`/usr/bin/oslevel` + else + IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} + fi + echo ${IBM_ARCH}-ibm-aix${IBM_REV} + exit ;; + *:AIX:*:*) + echo rs6000-ibm-aix + exit ;; + ibmrt:4.4BSD:*|romp-ibm:BSD:*) + echo romp-ibm-bsd4.4 + exit ;; + ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and + echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to + exit ;; # report: romp-ibm BSD 4.3 + *:BOSX:*:*) + echo rs6000-bull-bosx + exit ;; + DPX/2?00:B.O.S.:*:*) + echo m68k-bull-sysv3 + exit ;; + 9000/[34]??:4.3bsd:1.*:*) + echo m68k-hp-bsd + exit ;; + hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) + echo m68k-hp-bsd4.4 + exit ;; + 9000/[34678]??:HP-UX:*:*) + HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` + case "${UNAME_MACHINE}" in + 9000/31? ) HP_ARCH=m68000 ;; + 9000/[34]?? ) HP_ARCH=m68k ;; + 9000/[678][0-9][0-9]) + if [ -x /usr/bin/getconf ]; then + sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` + sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` + case "${sc_cpu_version}" in + 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 + 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 + 532) # CPU_PA_RISC2_0 + case "${sc_kernel_bits}" in + 32) HP_ARCH="hppa2.0n" ;; + 64) HP_ARCH="hppa2.0w" ;; + '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 + esac ;; + esac + fi + if [ "${HP_ARCH}" = "" ]; then + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + + #define _HPUX_SOURCE + #include + #include + + int main () + { + #if defined(_SC_KERNEL_BITS) + long bits = sysconf(_SC_KERNEL_BITS); + #endif + long cpu = sysconf (_SC_CPU_VERSION); + + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1"); break; + case CPU_PA_RISC2_0: + #if defined(_SC_KERNEL_BITS) + switch (bits) + { + case 64: puts ("hppa2.0w"); break; + case 32: puts ("hppa2.0n"); break; + default: puts ("hppa2.0"); break; + } break; + #else /* !defined(_SC_KERNEL_BITS) */ + puts ("hppa2.0"); break; + #endif + default: puts ("hppa1.0"); break; + } + exit (0); + } +EOF + (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` + test -z "$HP_ARCH" && HP_ARCH=hppa + fi ;; + esac + if [ ${HP_ARCH} = "hppa2.0w" ] + then + eval $set_cc_for_build + + # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating + # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler + # generating 64-bit code. GNU and HP use different nomenclature: + # + # $ CC_FOR_BUILD=cc ./config.guess + # => hppa2.0w-hp-hpux11.23 + # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess + # => hppa64-hp-hpux11.23 + + if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | + grep __LP64__ >/dev/null + then + HP_ARCH="hppa2.0w" + else + HP_ARCH="hppa64" + fi + fi + echo ${HP_ARCH}-hp-hpux${HPUX_REV} + exit ;; + ia64:HP-UX:*:*) + HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` + echo ia64-hp-hpux${HPUX_REV} + exit ;; + 3050*:HI-UX:*:*) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #include + int + main () + { + long cpu = sysconf (_SC_CPU_VERSION); + /* The order matters, because CPU_IS_HP_MC68K erroneously returns + true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct + results, however. */ + if (CPU_IS_PA_RISC (cpu)) + { + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break; + case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break; + default: puts ("hppa-hitachi-hiuxwe2"); break; + } + } + else if (CPU_IS_HP_MC68K (cpu)) + puts ("m68k-hitachi-hiuxwe2"); + else puts ("unknown-hitachi-hiuxwe2"); + exit (0); + } +EOF + $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` && + { echo "$SYSTEM_NAME"; exit; } + echo unknown-hitachi-hiuxwe2 + exit ;; + 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) + echo hppa1.1-hp-bsd + exit ;; + 9000/8??:4.3bsd:*:*) + echo hppa1.0-hp-bsd + exit ;; + *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) + echo hppa1.0-hp-mpeix + exit ;; + hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) + echo hppa1.1-hp-osf + exit ;; + hp8??:OSF1:*:*) + echo hppa1.0-hp-osf + exit ;; + i*86:OSF1:*:*) + if [ -x /usr/sbin/sysversion ] ; then + echo ${UNAME_MACHINE}-unknown-osf1mk + else + echo ${UNAME_MACHINE}-unknown-osf1 + fi + exit ;; + parisc*:Lites*:*:*) + echo hppa1.1-hp-lites + exit ;; + C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) + echo c1-convex-bsd + exit ;; + C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) + if getsysinfo -f scalar_acc + then echo c32-convex-bsd + else echo c2-convex-bsd + fi + exit ;; + C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) + echo c34-convex-bsd + exit ;; + C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) + echo c38-convex-bsd + exit ;; + C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) + echo c4-convex-bsd + exit ;; + CRAY*Y-MP:*:*:*) + echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*[A-Z]90:*:*:*) + echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ + | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ + -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \ + -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*TS:*:*:*) + echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*T3E:*:*:*) + echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + CRAY*SV1:*:*:*) + echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + *:UNICOS/mp:*:*) + echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' + exit ;; + F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) + FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` + echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + exit ;; + 5000:UNIX_System_V:4.*:*) + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` + echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + exit ;; + i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) + echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} + exit ;; + sparc*:BSD/OS:*:*) + echo sparc-unknown-bsdi${UNAME_RELEASE} + exit ;; + *:BSD/OS:*:*) + echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} + exit ;; + *:FreeBSD:*:*) + echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` + exit ;; + i*:CYGWIN*:*) + echo ${UNAME_MACHINE}-pc-cygwin + exit ;; + i*:MINGW*:*) + echo ${UNAME_MACHINE}-pc-mingw32 + exit ;; + i*:windows32*:*) + # uname -m includes "-pc" on this system. + echo ${UNAME_MACHINE}-mingw32 + exit ;; + i*:PW*:*) + echo ${UNAME_MACHINE}-pc-pw32 + exit ;; + x86:Interix*:[34]*) + echo i586-pc-interix${UNAME_RELEASE}|sed -e 's/\..*//' + exit ;; + [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) + echo i${UNAME_MACHINE}-pc-mks + exit ;; + i*:Windows_NT*:* | Pentium*:Windows_NT*:*) + # How do we know it's Interix rather than the generic POSIX subsystem? + # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we + # UNAME_MACHINE based on the output of uname instead of i386? + echo i586-pc-interix + exit ;; + i*:UWIN*:*) + echo ${UNAME_MACHINE}-pc-uwin + exit ;; + amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*) + echo x86_64-unknown-cygwin + exit ;; + p*:CYGWIN*:*) + echo powerpcle-unknown-cygwin + exit ;; + prep*:SunOS:5.*:*) + echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; + *:GNU:*:*) + # the GNU system + echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` + exit ;; + *:GNU/*:*:*) + # other systems with GNU libc and userland + echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu + exit ;; + i*86:Minix:*:*) + echo ${UNAME_MACHINE}-pc-minix + exit ;; + arm*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + cris:Linux:*:*) + echo cris-axis-linux-gnu + exit ;; + crisv32:Linux:*:*) + echo crisv32-axis-linux-gnu + exit ;; + frv:Linux:*:*) + echo frv-unknown-linux-gnu + exit ;; + ia64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + m32r*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + m68*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + mips:Linux:*:*) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #undef CPU + #undef mips + #undef mipsel + #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) + CPU=mipsel + #else + #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) + CPU=mips + #else + CPU= + #endif + #endif +EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=` + test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } + ;; + mips64:Linux:*:*) + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #undef CPU + #undef mips64 + #undef mips64el + #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) + CPU=mips64el + #else + #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) + CPU=mips64 + #else + CPU= + #endif + #endif +EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=` + test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } + ;; + or32:Linux:*:*) + echo or32-unknown-linux-gnu + exit ;; + ppc:Linux:*:*) + echo powerpc-unknown-linux-gnu + exit ;; + ppc64:Linux:*:*) + echo powerpc64-unknown-linux-gnu + exit ;; + alpha:Linux:*:*) + case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in + EV5) UNAME_MACHINE=alphaev5 ;; + EV56) UNAME_MACHINE=alphaev56 ;; + PCA56) UNAME_MACHINE=alphapca56 ;; + PCA57) UNAME_MACHINE=alphapca56 ;; + EV6) UNAME_MACHINE=alphaev6 ;; + EV67) UNAME_MACHINE=alphaev67 ;; + EV68*) UNAME_MACHINE=alphaev68 ;; + esac + objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null + if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi + echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} + exit ;; + parisc:Linux:*:* | hppa:Linux:*:*) + # Look for CPU level + case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in + PA7*) echo hppa1.1-unknown-linux-gnu ;; + PA8*) echo hppa2.0-unknown-linux-gnu ;; + *) echo hppa-unknown-linux-gnu ;; + esac + exit ;; + parisc64:Linux:*:* | hppa64:Linux:*:*) + echo hppa64-unknown-linux-gnu + exit ;; + s390:Linux:*:* | s390x:Linux:*:*) + echo ${UNAME_MACHINE}-ibm-linux + exit ;; + sh64*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + sh*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + sparc:Linux:*:* | sparc64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-gnu + exit ;; + x86_64:Linux:*:*) + echo x86_64-unknown-linux-gnu + exit ;; + i*86:Linux:*:*) + # The BFD linker knows what the default object file format is, so + # first see if it will tell us. cd to the root directory to prevent + # problems with other programs or directories called `ld' in the path. + # Set LC_ALL=C to ensure ld outputs messages in English. + ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \ + | sed -ne '/supported targets:/!d + s/[ ][ ]*/ /g + s/.*supported targets: *// + s/ .*// + p'` + case "$ld_supported_targets" in + elf32-i386) + TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu" + ;; + a.out-i386-linux) + echo "${UNAME_MACHINE}-pc-linux-gnuaout" + exit ;; + coff-i386) + echo "${UNAME_MACHINE}-pc-linux-gnucoff" + exit ;; + "") + # Either a pre-BFD a.out linker (linux-gnuoldld) or + # one that does not give us useful --help. + echo "${UNAME_MACHINE}-pc-linux-gnuoldld" + exit ;; + esac + # Determine whether the default compiler is a.out or elf + eval $set_cc_for_build + sed 's/^ //' << EOF >$dummy.c + #include + #ifdef __ELF__ + # ifdef __GLIBC__ + # if __GLIBC__ >= 2 + LIBC=gnu + # else + LIBC=gnulibc1 + # endif + # else + LIBC=gnulibc1 + # endif + #else + #ifdef __INTEL_COMPILER + LIBC=gnu + #else + LIBC=gnuaout + #endif + #endif + #ifdef __dietlibc__ + LIBC=dietlibc + #endif +EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^LIBC=` + test x"${LIBC}" != x && { + echo "${UNAME_MACHINE}-pc-linux-${LIBC}" + exit + } + test x"${TENTATIVE}" != x && { echo "${TENTATIVE}"; exit; } + ;; + i*86:DYNIX/ptx:4*:*) + # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. + # earlier versions are messed up and put the nodename in both + # sysname and nodename. + echo i386-sequent-sysv4 + exit ;; + i*86:UNIX_SV:4.2MP:2.*) + # Unixware is an offshoot of SVR4, but it has its own version + # number series starting with 2... + # I am not positive that other SVR4 systems won't match this, + # I just have to hope. -- rms. + # Use sysv4.2uw... so that sysv4* matches it. + echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} + exit ;; + i*86:OS/2:*:*) + # If we were able to find `uname', then EMX Unix compatibility + # is probably installed. + echo ${UNAME_MACHINE}-pc-os2-emx + exit ;; + i*86:XTS-300:*:STOP) + echo ${UNAME_MACHINE}-unknown-stop + exit ;; + i*86:atheos:*:*) + echo ${UNAME_MACHINE}-unknown-atheos + exit ;; + i*86:syllable:*:*) + echo ${UNAME_MACHINE}-pc-syllable + exit ;; + i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*) + echo i386-unknown-lynxos${UNAME_RELEASE} + exit ;; + i*86:*DOS:*:*) + echo ${UNAME_MACHINE}-pc-msdosdjgpp + exit ;; + i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*) + UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` + if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then + echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL} + else + echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} + fi + exit ;; + i*86:*:5:[678]*) + # UnixWare 7.x, OpenUNIX and OpenServer 6. + case `/bin/uname -X | grep "^Machine"` in + *486*) UNAME_MACHINE=i486 ;; + *Pentium) UNAME_MACHINE=i586 ;; + *Pent*|*Celeron) UNAME_MACHINE=i686 ;; + esac + echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} + exit ;; + i*86:*:3.2:*) + if test -f /usr/options/cb.name; then + UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then + UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')` + (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486 + (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \ + && UNAME_MACHINE=i586 + (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \ + && UNAME_MACHINE=i686 + (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \ + && UNAME_MACHINE=i686 + echo ${UNAME_MACHINE}-pc-sco$UNAME_REL + else + echo ${UNAME_MACHINE}-pc-sysv32 + fi + exit ;; + pc:*:*:*) + # Left here for compatibility: + # uname -m prints for DJGPP always 'pc', but it prints nothing about + # the processor, so we play safe by assuming i386. + echo i386-pc-msdosdjgpp + exit ;; + Intel:Mach:3*:*) + echo i386-pc-mach3 + exit ;; + paragon:*:*:*) + echo i860-intel-osf1 + exit ;; + i860:*:4.*:*) # i860-SVR4 + if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then + echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 + else # Add other i860-SVR4 vendors below as they are discovered. + echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 + fi + exit ;; + mini*:CTIX:SYS*5:*) + # "miniframe" + echo m68010-convergent-sysv + exit ;; + mc68k:UNIX:SYSTEM5:3.51m) + echo m68k-convergent-sysv + exit ;; + M680?0:D-NIX:5.3:*) + echo m68k-diab-dnix + exit ;; + M68*:*:R3V[5678]*:*) + test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;; + 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) + OS_REL='' + test -r /etc/.relid \ + && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; + 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4; exit; } ;; + m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) + echo m68k-unknown-lynxos${UNAME_RELEASE} + exit ;; + mc68030:UNIX_System_V:4.*:*) + echo m68k-atari-sysv4 + exit ;; + TSUNAMI:LynxOS:2.*:*) + echo sparc-unknown-lynxos${UNAME_RELEASE} + exit ;; + rs6000:LynxOS:2.*:*) + echo rs6000-unknown-lynxos${UNAME_RELEASE} + exit ;; + PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*) + echo powerpc-unknown-lynxos${UNAME_RELEASE} + exit ;; + SM[BE]S:UNIX_SV:*:*) + echo mips-dde-sysv${UNAME_RELEASE} + exit ;; + RM*:ReliantUNIX-*:*:*) + echo mips-sni-sysv4 + exit ;; + RM*:SINIX-*:*:*) + echo mips-sni-sysv4 + exit ;; + *:SINIX-*:*:*) + if uname -p 2>/dev/null >/dev/null ; then + UNAME_MACHINE=`(uname -p) 2>/dev/null` + echo ${UNAME_MACHINE}-sni-sysv4 + else + echo ns32k-sni-sysv + fi + exit ;; + PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort + # says + echo i586-unisys-sysv4 + exit ;; + *:UNIX_System_V:4*:FTX*) + # From Gerald Hewes . + # How about differentiating between stratus architectures? -djm + echo hppa1.1-stratus-sysv4 + exit ;; + *:*:*:FTX*) + # From seanf@swdc.stratus.com. + echo i860-stratus-sysv4 + exit ;; + i*86:VOS:*:*) + # From Paul.Green@stratus.com. + echo ${UNAME_MACHINE}-stratus-vos + exit ;; + *:VOS:*:*) + # From Paul.Green@stratus.com. + echo hppa1.1-stratus-vos + exit ;; + mc68*:A/UX:*:*) + echo m68k-apple-aux${UNAME_RELEASE} + exit ;; + news*:NEWS-OS:6*:*) + echo mips-sony-newsos6 + exit ;; + R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) + if [ -d /usr/nec ]; then + echo mips-nec-sysv${UNAME_RELEASE} + else + echo mips-unknown-sysv${UNAME_RELEASE} + fi + exit ;; + BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. + echo powerpc-be-beos + exit ;; + BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. + echo powerpc-apple-beos + exit ;; + BePC:BeOS:*:*) # BeOS running on Intel PC compatible. + echo i586-pc-beos + exit ;; + SX-4:SUPER-UX:*:*) + echo sx4-nec-superux${UNAME_RELEASE} + exit ;; + SX-5:SUPER-UX:*:*) + echo sx5-nec-superux${UNAME_RELEASE} + exit ;; + SX-6:SUPER-UX:*:*) + echo sx6-nec-superux${UNAME_RELEASE} + exit ;; + Power*:Rhapsody:*:*) + echo powerpc-apple-rhapsody${UNAME_RELEASE} + exit ;; + *:Rhapsody:*:*) + echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} + exit ;; + *:Darwin:*:*) + UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown + case $UNAME_PROCESSOR in + *86) UNAME_PROCESSOR=i686 ;; + unknown) UNAME_PROCESSOR=powerpc ;; + esac + echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} + exit ;; + *:procnto*:*:* | *:QNX:[0123456789]*:*) + UNAME_PROCESSOR=`uname -p` + if test "$UNAME_PROCESSOR" = "x86"; then + UNAME_PROCESSOR=i386 + UNAME_MACHINE=pc + fi + echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE} + exit ;; + *:QNX:*:4*) + echo i386-pc-qnx + exit ;; + NSE-?:NONSTOP_KERNEL:*:*) + echo nse-tandem-nsk${UNAME_RELEASE} + exit ;; + NSR-?:NONSTOP_KERNEL:*:*) + echo nsr-tandem-nsk${UNAME_RELEASE} + exit ;; + *:NonStop-UX:*:*) + echo mips-compaq-nonstopux + exit ;; + BS2000:POSIX*:*:*) + echo bs2000-siemens-sysv + exit ;; + DS/*:UNIX_System_V:*:*) + echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} + exit ;; + *:Plan9:*:*) + # "uname -m" is not consistent, so use $cputype instead. 386 + # is converted to i386 for consistency with other x86 + # operating systems. + if test "$cputype" = "386"; then + UNAME_MACHINE=i386 + else + UNAME_MACHINE="$cputype" + fi + echo ${UNAME_MACHINE}-unknown-plan9 + exit ;; + *:TOPS-10:*:*) + echo pdp10-unknown-tops10 + exit ;; + *:TENEX:*:*) + echo pdp10-unknown-tenex + exit ;; + KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) + echo pdp10-dec-tops20 + exit ;; + XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) + echo pdp10-xkl-tops20 + exit ;; + *:TOPS-20:*:*) + echo pdp10-unknown-tops20 + exit ;; + *:ITS:*:*) + echo pdp10-unknown-its + exit ;; + SEI:*:*:SEIUX) + echo mips-sei-seiux${UNAME_RELEASE} + exit ;; + *:DragonFly:*:*) + echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` + exit ;; + *:*VMS:*:*) + UNAME_MACHINE=`(uname -p) 2>/dev/null` + case "${UNAME_MACHINE}" in + A*) echo alpha-dec-vms ; exit ;; + I*) echo ia64-dec-vms ; exit ;; + V*) echo vax-dec-vms ; exit ;; + esac ;; + *:XENIX:*:SysV) + echo i386-pc-xenix + exit ;; + i*86:skyos:*:*) + echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//' + exit ;; +esac + +#echo '(No uname command or uname output not recognized.)' 1>&2 +#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 + +eval $set_cc_for_build +cat >$dummy.c < +# include +#endif +main () +{ +#if defined (sony) +#if defined (MIPSEB) + /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, + I don't know.... */ + printf ("mips-sony-bsd\n"); exit (0); +#else +#include + printf ("m68k-sony-newsos%s\n", +#ifdef NEWSOS4 + "4" +#else + "" +#endif + ); exit (0); +#endif +#endif + +#if defined (__arm) && defined (__acorn) && defined (__unix) + printf ("arm-acorn-riscix\n"); exit (0); +#endif + +#if defined (hp300) && !defined (hpux) + printf ("m68k-hp-bsd\n"); exit (0); +#endif + +#if defined (NeXT) +#if !defined (__ARCHITECTURE__) +#define __ARCHITECTURE__ "m68k" +#endif + int version; + version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; + if (version < 4) + printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); + else + printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); + exit (0); +#endif + +#if defined (MULTIMAX) || defined (n16) +#if defined (UMAXV) + printf ("ns32k-encore-sysv\n"); exit (0); +#else +#if defined (CMU) + printf ("ns32k-encore-mach\n"); exit (0); +#else + printf ("ns32k-encore-bsd\n"); exit (0); +#endif +#endif +#endif + +#if defined (__386BSD__) + printf ("i386-pc-bsd\n"); exit (0); +#endif + +#if defined (sequent) +#if defined (i386) + printf ("i386-sequent-dynix\n"); exit (0); +#endif +#if defined (ns32000) + printf ("ns32k-sequent-dynix\n"); exit (0); +#endif +#endif + +#if defined (_SEQUENT_) + struct utsname un; + + uname(&un); + + if (strncmp(un.version, "V2", 2) == 0) { + printf ("i386-sequent-ptx2\n"); exit (0); + } + if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ + printf ("i386-sequent-ptx1\n"); exit (0); + } + printf ("i386-sequent-ptx\n"); exit (0); + +#endif + +#if defined (vax) +# if !defined (ultrix) +# include +# if defined (BSD) +# if BSD == 43 + printf ("vax-dec-bsd4.3\n"); exit (0); +# else +# if BSD == 199006 + printf ("vax-dec-bsd4.3reno\n"); exit (0); +# else + printf ("vax-dec-bsd\n"); exit (0); +# endif +# endif +# else + printf ("vax-dec-bsd\n"); exit (0); +# endif +# else + printf ("vax-dec-ultrix\n"); exit (0); +# endif +#endif + +#if defined (alliant) && defined (i860) + printf ("i860-alliant-bsd\n"); exit (0); +#endif + + exit (1); +} +EOF + +$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` && + { echo "$SYSTEM_NAME"; exit; } + +# Apollos put the system type in the environment. + +test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; } + +# Convex versions that predate uname can use getsysinfo(1) + +if [ -x /usr/convex/getsysinfo ] +then + case `getsysinfo -f cpu_type` in + c1*) + echo c1-convex-bsd + exit ;; + c2*) + if getsysinfo -f scalar_acc + then echo c32-convex-bsd + else echo c2-convex-bsd + fi + exit ;; + c34*) + echo c34-convex-bsd + exit ;; + c38*) + echo c38-convex-bsd + exit ;; + c4*) + echo c4-convex-bsd + exit ;; + esac +fi + +cat >&2 < in order to provide the needed +information to handle your system. + +config.guess timestamp = $timestamp + +uname -m = `(uname -m) 2>/dev/null || echo unknown` +uname -r = `(uname -r) 2>/dev/null || echo unknown` +uname -s = `(uname -s) 2>/dev/null || echo unknown` +uname -v = `(uname -v) 2>/dev/null || echo unknown` + +/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null` +/bin/uname -X = `(/bin/uname -X) 2>/dev/null` + +hostinfo = `(hostinfo) 2>/dev/null` +/bin/universe = `(/bin/universe) 2>/dev/null` +/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null` +/bin/arch = `(/bin/arch) 2>/dev/null` +/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null` +/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null` + +UNAME_MACHINE = ${UNAME_MACHINE} +UNAME_RELEASE = ${UNAME_RELEASE} +UNAME_SYSTEM = ${UNAME_SYSTEM} +UNAME_VERSION = ${UNAME_VERSION} +EOF + +exit 1 + +# Local variables: +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "timestamp='" +# time-stamp-format: "%:y-%02m-%02d" +# time-stamp-end: "'" +# End: diff --git a/server/sss_client/config.sub b/server/sss_client/config.sub new file mode 100755 index 000000000..23cd6fd75 --- /dev/null +++ b/server/sss_client/config.sub @@ -0,0 +1,1577 @@ +#! /bin/sh +# Configuration validation subroutine script. +# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, +# 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. + +timestamp='2005-07-08' + +# This file is (in principle) common to ALL GNU software. +# The presence of a machine in this file suggests that SOME GNU software +# can handle that machine. It does not imply ALL GNU software can. +# +# This file is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, see . +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + + +# Please send patches to . Submit a context +# diff and a properly formatted ChangeLog entry. +# +# Configuration subroutine to validate and canonicalize a configuration type. +# Supply the specified configuration type as an argument. +# If it is invalid, we print an error message on stderr and exit with code 1. +# Otherwise, we print the canonical config type on stdout and succeed. + +# This file is supposed to be the same for all GNU packages +# and recognize all the CPU types, system types and aliases +# that are meaningful with *any* GNU software. +# Each package is responsible for reporting which valid configurations +# it does not support. The user should be able to distinguish +# a failure to support a valid configuration from a meaningless +# configuration. + +# The goal of this file is to map all the various variations of a given +# machine specification into a single specification in the form: +# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM +# or in some cases, the newer four-part form: +# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM +# It is wrong to echo any other type of specification. + +me=`echo "$0" | sed -e 's,.*/,,'` + +usage="\ +Usage: $0 [OPTION] CPU-MFR-OPSYS + $0 [OPTION] ALIAS + +Canonicalize a configuration name. + +Operation modes: + -h, --help print this help, then exit + -t, --time-stamp print date of last modification, then exit + -v, --version print version number, then exit + +Report bugs and patches to ." + +version="\ +GNU config.sub ($timestamp) + +Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 +Free Software Foundation, Inc. + +This is free software; see the source for copying conditions. There is NO +warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." + +help=" +Try \`$me --help' for more information." + +# Parse command line +while test $# -gt 0 ; do + case $1 in + --time-stamp | --time* | -t ) + echo "$timestamp" ; exit ;; + --version | -v ) + echo "$version" ; exit ;; + --help | --h* | -h ) + echo "$usage"; exit ;; + -- ) # Stop option processing + shift; break ;; + - ) # Use stdin as input. + break ;; + -* ) + echo "$me: invalid option $1$help" + exit 1 ;; + + *local*) + # First pass through any local machine types. + echo $1 + exit ;; + + * ) + break ;; + esac +done + +case $# in + 0) echo "$me: missing argument$help" >&2 + exit 1;; + 1) ;; + *) echo "$me: too many arguments$help" >&2 + exit 1;; +esac + +# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). +# Here we must recognize all the valid KERNEL-OS combinations. +maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` +case $maybe_os in + nto-qnx* | linux-gnu* | linux-dietlibc | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | \ + kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | storm-chaos* | os2-emx* | rtmk-nova*) + os=-$maybe_os + basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` + ;; + *) + basic_machine=`echo $1 | sed 's/-[^-]*$//'` + if [ $basic_machine != $1 ] + then os=`echo $1 | sed 's/.*-/-/'` + else os=; fi + ;; +esac + +### Let's recognize common machines as not being operating systems so +### that things like config.sub decstation-3100 work. We also +### recognize some manufacturers as not being operating systems, so we +### can provide default operating systems below. +case $os in + -sun*os*) + # Prevent following clause from handling this invalid input. + ;; + -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ + -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ + -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ + -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ + -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ + -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ + -apple | -axis | -knuth | -cray) + os= + basic_machine=$1 + ;; + -sim | -cisco | -oki | -wec | -winbond) + os= + basic_machine=$1 + ;; + -scout) + ;; + -wrs) + os=-vxworks + basic_machine=$1 + ;; + -chorusos*) + os=-chorusos + basic_machine=$1 + ;; + -chorusrdb) + os=-chorusrdb + basic_machine=$1 + ;; + -hiux*) + os=-hiuxwe2 + ;; + -sco5) + os=-sco3.2v5 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco4) + os=-sco3.2v4 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco3.2.[4-9]*) + os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco3.2v[4-9]*) + # Don't forget version if it is 3.2v4 or newer. + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -sco*) + os=-sco3.2v2 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -udk*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -isc) + os=-isc2.2 + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -clix*) + basic_machine=clipper-intergraph + ;; + -isc*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` + ;; + -lynx*) + os=-lynxos + ;; + -ptx*) + basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'` + ;; + -windowsnt*) + os=`echo $os | sed -e 's/windowsnt/winnt/'` + ;; + -psos*) + os=-psos + ;; + -mint | -mint[0-9]*) + basic_machine=m68k-atari + os=-mint + ;; +esac + +# Decode aliases for certain CPU-COMPANY combinations. +case $basic_machine in + # Recognize the basic CPU types without company name. + # Some are omitted here because they have special meanings below. + 1750a | 580 \ + | a29k \ + | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ + | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ + | am33_2.0 \ + | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr \ + | bfin \ + | c4x | clipper \ + | d10v | d30v | dlx | dsp16xx \ + | fr30 | frv \ + | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ + | i370 | i860 | i960 | ia64 \ + | ip2k | iq2000 \ + | m32r | m32rle | m68000 | m68k | m88k | maxq | mcore \ + | mips | mipsbe | mipseb | mipsel | mipsle \ + | mips16 \ + | mips64 | mips64el \ + | mips64vr | mips64vrel \ + | mips64orion | mips64orionel \ + | mips64vr4100 | mips64vr4100el \ + | mips64vr4300 | mips64vr4300el \ + | mips64vr5000 | mips64vr5000el \ + | mips64vr5900 | mips64vr5900el \ + | mipsisa32 | mipsisa32el \ + | mipsisa32r2 | mipsisa32r2el \ + | mipsisa64 | mipsisa64el \ + | mipsisa64r2 | mipsisa64r2el \ + | mipsisa64sb1 | mipsisa64sb1el \ + | mipsisa64sr71k | mipsisa64sr71kel \ + | mipstx39 | mipstx39el \ + | mn10200 | mn10300 \ + | ms1 \ + | msp430 \ + | ns16k | ns32k \ + | or32 \ + | pdp10 | pdp11 | pj | pjl \ + | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ + | pyramid \ + | sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \ + | sh64 | sh64le \ + | sparc | sparc64 | sparc64b | sparc86x | sparclet | sparclite \ + | sparcv8 | sparcv9 | sparcv9b \ + | strongarm \ + | tahoe | thumb | tic4x | tic80 | tron \ + | v850 | v850e \ + | we32k \ + | x86 | xscale | xscalee[bl] | xstormy16 | xtensa \ + | z8k) + basic_machine=$basic_machine-unknown + ;; + m32c) + basic_machine=$basic_machine-unknown + ;; + m6811 | m68hc11 | m6812 | m68hc12) + # Motorola 68HC11/12. + basic_machine=$basic_machine-unknown + os=-none + ;; + m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k) + ;; + + # We use `pc' rather than `unknown' + # because (1) that's what they normally are, and + # (2) the word "unknown" tends to confuse beginning users. + i*86 | x86_64) + basic_machine=$basic_machine-pc + ;; + # Object if more than one company name word. + *-*-*) + echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 + exit 1 + ;; + # Recognize the basic CPU types with company name. + 580-* \ + | a29k-* \ + | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ + | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ + | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ + | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ + | avr-* \ + | bfin-* | bs2000-* \ + | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \ + | clipper-* | craynv-* | cydra-* \ + | d10v-* | d30v-* | dlx-* \ + | elxsi-* \ + | f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \ + | h8300-* | h8500-* \ + | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ + | i*86-* | i860-* | i960-* | ia64-* \ + | ip2k-* | iq2000-* \ + | m32r-* | m32rle-* \ + | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ + | m88110-* | m88k-* | maxq-* | mcore-* \ + | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ + | mips16-* \ + | mips64-* | mips64el-* \ + | mips64vr-* | mips64vrel-* \ + | mips64orion-* | mips64orionel-* \ + | mips64vr4100-* | mips64vr4100el-* \ + | mips64vr4300-* | mips64vr4300el-* \ + | mips64vr5000-* | mips64vr5000el-* \ + | mips64vr5900-* | mips64vr5900el-* \ + | mipsisa32-* | mipsisa32el-* \ + | mipsisa32r2-* | mipsisa32r2el-* \ + | mipsisa64-* | mipsisa64el-* \ + | mipsisa64r2-* | mipsisa64r2el-* \ + | mipsisa64sb1-* | mipsisa64sb1el-* \ + | mipsisa64sr71k-* | mipsisa64sr71kel-* \ + | mipstx39-* | mipstx39el-* \ + | mmix-* \ + | ms1-* \ + | msp430-* \ + | none-* | np1-* | ns16k-* | ns32k-* \ + | orion-* \ + | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ + | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ + | pyramid-* \ + | romp-* | rs6000-* \ + | sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | shbe-* \ + | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ + | sparc-* | sparc64-* | sparc64b-* | sparc86x-* | sparclet-* \ + | sparclite-* \ + | sparcv8-* | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \ + | tahoe-* | thumb-* \ + | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ + | tron-* \ + | v850-* | v850e-* | vax-* \ + | we32k-* \ + | x86-* | x86_64-* | xps100-* | xscale-* | xscalee[bl]-* \ + | xstormy16-* | xtensa-* \ + | ymp-* \ + | z8k-*) + ;; + m32c-*) + ;; + # Recognize the various machine names and aliases which stand + # for a CPU type and a company and sometimes even an OS. + 386bsd) + basic_machine=i386-unknown + os=-bsd + ;; + 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) + basic_machine=m68000-att + ;; + 3b*) + basic_machine=we32k-att + ;; + a29khif) + basic_machine=a29k-amd + os=-udi + ;; + abacus) + basic_machine=abacus-unknown + ;; + adobe68k) + basic_machine=m68010-adobe + os=-scout + ;; + alliant | fx80) + basic_machine=fx80-alliant + ;; + altos | altos3068) + basic_machine=m68k-altos + ;; + am29k) + basic_machine=a29k-none + os=-bsd + ;; + amd64) + basic_machine=x86_64-pc + ;; + amd64-*) + basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + amdahl) + basic_machine=580-amdahl + os=-sysv + ;; + amiga | amiga-*) + basic_machine=m68k-unknown + ;; + amigaos | amigados) + basic_machine=m68k-unknown + os=-amigaos + ;; + amigaunix | amix) + basic_machine=m68k-unknown + os=-sysv4 + ;; + apollo68) + basic_machine=m68k-apollo + os=-sysv + ;; + apollo68bsd) + basic_machine=m68k-apollo + os=-bsd + ;; + aux) + basic_machine=m68k-apple + os=-aux + ;; + balance) + basic_machine=ns32k-sequent + os=-dynix + ;; + c90) + basic_machine=c90-cray + os=-unicos + ;; + convex-c1) + basic_machine=c1-convex + os=-bsd + ;; + convex-c2) + basic_machine=c2-convex + os=-bsd + ;; + convex-c32) + basic_machine=c32-convex + os=-bsd + ;; + convex-c34) + basic_machine=c34-convex + os=-bsd + ;; + convex-c38) + basic_machine=c38-convex + os=-bsd + ;; + cray | j90) + basic_machine=j90-cray + os=-unicos + ;; + craynv) + basic_machine=craynv-cray + os=-unicosmp + ;; + cr16c) + basic_machine=cr16c-unknown + os=-elf + ;; + crds | unos) + basic_machine=m68k-crds + ;; + crisv32 | crisv32-* | etraxfs*) + basic_machine=crisv32-axis + ;; + cris | cris-* | etrax*) + basic_machine=cris-axis + ;; + crx) + basic_machine=crx-unknown + os=-elf + ;; + da30 | da30-*) + basic_machine=m68k-da30 + ;; + decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) + basic_machine=mips-dec + ;; + decsystem10* | dec10*) + basic_machine=pdp10-dec + os=-tops10 + ;; + decsystem20* | dec20*) + basic_machine=pdp10-dec + os=-tops20 + ;; + delta | 3300 | motorola-3300 | motorola-delta \ + | 3300-motorola | delta-motorola) + basic_machine=m68k-motorola + ;; + delta88) + basic_machine=m88k-motorola + os=-sysv3 + ;; + djgpp) + basic_machine=i586-pc + os=-msdosdjgpp + ;; + dpx20 | dpx20-*) + basic_machine=rs6000-bull + os=-bosx + ;; + dpx2* | dpx2*-bull) + basic_machine=m68k-bull + os=-sysv3 + ;; + ebmon29k) + basic_machine=a29k-amd + os=-ebmon + ;; + elxsi) + basic_machine=elxsi-elxsi + os=-bsd + ;; + encore | umax | mmax) + basic_machine=ns32k-encore + ;; + es1800 | OSE68k | ose68k | ose | OSE) + basic_machine=m68k-ericsson + os=-ose + ;; + fx2800) + basic_machine=i860-alliant + ;; + genix) + basic_machine=ns32k-ns + ;; + gmicro) + basic_machine=tron-gmicro + os=-sysv + ;; + go32) + basic_machine=i386-pc + os=-go32 + ;; + h3050r* | hiux*) + basic_machine=hppa1.1-hitachi + os=-hiuxwe2 + ;; + h8300hms) + basic_machine=h8300-hitachi + os=-hms + ;; + h8300xray) + basic_machine=h8300-hitachi + os=-xray + ;; + h8500hms) + basic_machine=h8500-hitachi + os=-hms + ;; + harris) + basic_machine=m88k-harris + os=-sysv3 + ;; + hp300-*) + basic_machine=m68k-hp + ;; + hp300bsd) + basic_machine=m68k-hp + os=-bsd + ;; + hp300hpux) + basic_machine=m68k-hp + os=-hpux + ;; + hp3k9[0-9][0-9] | hp9[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hp9k2[0-9][0-9] | hp9k31[0-9]) + basic_machine=m68000-hp + ;; + hp9k3[2-9][0-9]) + basic_machine=m68k-hp + ;; + hp9k6[0-9][0-9] | hp6[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hp9k7[0-79][0-9] | hp7[0-79][0-9]) + basic_machine=hppa1.1-hp + ;; + hp9k78[0-9] | hp78[0-9]) + # FIXME: really hppa2.0-hp + basic_machine=hppa1.1-hp + ;; + hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) + # FIXME: really hppa2.0-hp + basic_machine=hppa1.1-hp + ;; + hp9k8[0-9][13679] | hp8[0-9][13679]) + basic_machine=hppa1.1-hp + ;; + hp9k8[0-9][0-9] | hp8[0-9][0-9]) + basic_machine=hppa1.0-hp + ;; + hppa-next) + os=-nextstep3 + ;; + hppaosf) + basic_machine=hppa1.1-hp + os=-osf + ;; + hppro) + basic_machine=hppa1.1-hp + os=-proelf + ;; + i370-ibm* | ibm*) + basic_machine=i370-ibm + ;; +# I'm not sure what "Sysv32" means. Should this be sysv3.2? + i*86v32) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv32 + ;; + i*86v4*) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv4 + ;; + i*86v) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-sysv + ;; + i*86sol2) + basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` + os=-solaris2 + ;; + i386mach) + basic_machine=i386-mach + os=-mach + ;; + i386-vsta | vsta) + basic_machine=i386-unknown + os=-vsta + ;; + iris | iris4d) + basic_machine=mips-sgi + case $os in + -irix*) + ;; + *) + os=-irix4 + ;; + esac + ;; + isi68 | isi) + basic_machine=m68k-isi + os=-sysv + ;; + m88k-omron*) + basic_machine=m88k-omron + ;; + magnum | m3230) + basic_machine=mips-mips + os=-sysv + ;; + merlin) + basic_machine=ns32k-utek + os=-sysv + ;; + mingw32) + basic_machine=i386-pc + os=-mingw32 + ;; + miniframe) + basic_machine=m68000-convergent + ;; + *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) + basic_machine=m68k-atari + os=-mint + ;; + mips3*-*) + basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` + ;; + mips3*) + basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown + ;; + monitor) + basic_machine=m68k-rom68k + os=-coff + ;; + morphos) + basic_machine=powerpc-unknown + os=-morphos + ;; + msdos) + basic_machine=i386-pc + os=-msdos + ;; + mvs) + basic_machine=i370-ibm + os=-mvs + ;; + ncr3000) + basic_machine=i486-ncr + os=-sysv4 + ;; + netbsd386) + basic_machine=i386-unknown + os=-netbsd + ;; + netwinder) + basic_machine=armv4l-rebel + os=-linux + ;; + news | news700 | news800 | news900) + basic_machine=m68k-sony + os=-newsos + ;; + news1000) + basic_machine=m68030-sony + os=-newsos + ;; + news-3600 | risc-news) + basic_machine=mips-sony + os=-newsos + ;; + necv70) + basic_machine=v70-nec + os=-sysv + ;; + next | m*-next ) + basic_machine=m68k-next + case $os in + -nextstep* ) + ;; + -ns2*) + os=-nextstep2 + ;; + *) + os=-nextstep3 + ;; + esac + ;; + nh3000) + basic_machine=m68k-harris + os=-cxux + ;; + nh[45]000) + basic_machine=m88k-harris + os=-cxux + ;; + nindy960) + basic_machine=i960-intel + os=-nindy + ;; + mon960) + basic_machine=i960-intel + os=-mon960 + ;; + nonstopux) + basic_machine=mips-compaq + os=-nonstopux + ;; + np1) + basic_machine=np1-gould + ;; + nsr-tandem) + basic_machine=nsr-tandem + ;; + op50n-* | op60c-*) + basic_machine=hppa1.1-oki + os=-proelf + ;; + openrisc | openrisc-*) + basic_machine=or32-unknown + ;; + os400) + basic_machine=powerpc-ibm + os=-os400 + ;; + OSE68000 | ose68000) + basic_machine=m68000-ericsson + os=-ose + ;; + os68k) + basic_machine=m68k-none + os=-os68k + ;; + pa-hitachi) + basic_machine=hppa1.1-hitachi + os=-hiuxwe2 + ;; + paragon) + basic_machine=i860-intel + os=-osf + ;; + pbd) + basic_machine=sparc-tti + ;; + pbb) + basic_machine=m68k-tti + ;; + pc532 | pc532-*) + basic_machine=ns32k-pc532 + ;; + pentium | p5 | k5 | k6 | nexgen | viac3) + basic_machine=i586-pc + ;; + pentiumpro | p6 | 6x86 | athlon | athlon_*) + basic_machine=i686-pc + ;; + pentiumii | pentium2 | pentiumiii | pentium3) + basic_machine=i686-pc + ;; + pentium4) + basic_machine=i786-pc + ;; + pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) + basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentiumpro-* | p6-* | 6x86-* | athlon-*) + basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) + basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pentium4-*) + basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + pn) + basic_machine=pn-gould + ;; + power) basic_machine=power-ibm + ;; + ppc) basic_machine=powerpc-unknown + ;; + ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppcle | powerpclittle | ppc-le | powerpc-little) + basic_machine=powerpcle-unknown + ;; + ppcle-* | powerpclittle-*) + basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppc64) basic_machine=powerpc64-unknown + ;; + ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ppc64le | powerpc64little | ppc64-le | powerpc64-little) + basic_machine=powerpc64le-unknown + ;; + ppc64le-* | powerpc64little-*) + basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + ps2) + basic_machine=i386-ibm + ;; + pw32) + basic_machine=i586-unknown + os=-pw32 + ;; + rom68k) + basic_machine=m68k-rom68k + os=-coff + ;; + rm[46]00) + basic_machine=mips-siemens + ;; + rtpc | rtpc-*) + basic_machine=romp-ibm + ;; + s390 | s390-*) + basic_machine=s390-ibm + ;; + s390x | s390x-*) + basic_machine=s390x-ibm + ;; + sa29200) + basic_machine=a29k-amd + os=-udi + ;; + sb1) + basic_machine=mipsisa64sb1-unknown + ;; + sb1el) + basic_machine=mipsisa64sb1el-unknown + ;; + sei) + basic_machine=mips-sei + os=-seiux + ;; + sequent) + basic_machine=i386-sequent + ;; + sh) + basic_machine=sh-hitachi + os=-hms + ;; + sh64) + basic_machine=sh64-unknown + ;; + sparclite-wrs | simso-wrs) + basic_machine=sparclite-wrs + os=-vxworks + ;; + sps7) + basic_machine=m68k-bull + os=-sysv2 + ;; + spur) + basic_machine=spur-unknown + ;; + st2000) + basic_machine=m68k-tandem + ;; + stratus) + basic_machine=i860-stratus + os=-sysv4 + ;; + sun2) + basic_machine=m68000-sun + ;; + sun2os3) + basic_machine=m68000-sun + os=-sunos3 + ;; + sun2os4) + basic_machine=m68000-sun + os=-sunos4 + ;; + sun3os3) + basic_machine=m68k-sun + os=-sunos3 + ;; + sun3os4) + basic_machine=m68k-sun + os=-sunos4 + ;; + sun4os3) + basic_machine=sparc-sun + os=-sunos3 + ;; + sun4os4) + basic_machine=sparc-sun + os=-sunos4 + ;; + sun4sol2) + basic_machine=sparc-sun + os=-solaris2 + ;; + sun3 | sun3-*) + basic_machine=m68k-sun + ;; + sun4) + basic_machine=sparc-sun + ;; + sun386 | sun386i | roadrunner) + basic_machine=i386-sun + ;; + sv1) + basic_machine=sv1-cray + os=-unicos + ;; + symmetry) + basic_machine=i386-sequent + os=-dynix + ;; + t3e) + basic_machine=alphaev5-cray + os=-unicos + ;; + t90) + basic_machine=t90-cray + os=-unicos + ;; + tic54x | c54x*) + basic_machine=tic54x-unknown + os=-coff + ;; + tic55x | c55x*) + basic_machine=tic55x-unknown + os=-coff + ;; + tic6x | c6x*) + basic_machine=tic6x-unknown + os=-coff + ;; + tx39) + basic_machine=mipstx39-unknown + ;; + tx39el) + basic_machine=mipstx39el-unknown + ;; + toad1) + basic_machine=pdp10-xkl + os=-tops20 + ;; + tower | tower-32) + basic_machine=m68k-ncr + ;; + tpf) + basic_machine=s390x-ibm + os=-tpf + ;; + udi29k) + basic_machine=a29k-amd + os=-udi + ;; + ultra3) + basic_machine=a29k-nyu + os=-sym1 + ;; + v810 | necv810) + basic_machine=v810-nec + os=-none + ;; + vaxv) + basic_machine=vax-dec + os=-sysv + ;; + vms) + basic_machine=vax-dec + os=-vms + ;; + vpp*|vx|vx-*) + basic_machine=f301-fujitsu + ;; + vxworks960) + basic_machine=i960-wrs + os=-vxworks + ;; + vxworks68) + basic_machine=m68k-wrs + os=-vxworks + ;; + vxworks29k) + basic_machine=a29k-wrs + os=-vxworks + ;; + w65*) + basic_machine=w65-wdc + os=-none + ;; + w89k-*) + basic_machine=hppa1.1-winbond + os=-proelf + ;; + xbox) + basic_machine=i686-pc + os=-mingw32 + ;; + xps | xps100) + basic_machine=xps100-honeywell + ;; + ymp) + basic_machine=ymp-cray + os=-unicos + ;; + z8k-*-coff) + basic_machine=z8k-unknown + os=-sim + ;; + none) + basic_machine=none-none + os=-none + ;; + +# Here we handle the default manufacturer of certain CPU types. It is in +# some cases the only manufacturer, in others, it is the most popular. + w89k) + basic_machine=hppa1.1-winbond + ;; + op50n) + basic_machine=hppa1.1-oki + ;; + op60c) + basic_machine=hppa1.1-oki + ;; + romp) + basic_machine=romp-ibm + ;; + mmix) + basic_machine=mmix-knuth + ;; + rs6000) + basic_machine=rs6000-ibm + ;; + vax) + basic_machine=vax-dec + ;; + pdp10) + # there are many clones, so DEC is not a safe bet + basic_machine=pdp10-unknown + ;; + pdp11) + basic_machine=pdp11-dec + ;; + we32k) + basic_machine=we32k-att + ;; + sh[1234] | sh[24]a | sh[34]eb | sh[1234]le | sh[23]ele) + basic_machine=sh-unknown + ;; + sparc | sparcv8 | sparcv9 | sparcv9b) + basic_machine=sparc-sun + ;; + cydra) + basic_machine=cydra-cydrome + ;; + orion) + basic_machine=orion-highlevel + ;; + orion105) + basic_machine=clipper-highlevel + ;; + mac | mpw | mac-mpw) + basic_machine=m68k-apple + ;; + pmac | pmac-mpw) + basic_machine=powerpc-apple + ;; + *-unknown) + # Make sure to match an already-canonicalized machine name. + ;; + *) + echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 + exit 1 + ;; +esac + +# Here we canonicalize certain aliases for manufacturers. +case $basic_machine in + *-digital*) + basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'` + ;; + *-commodore*) + basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'` + ;; + *) + ;; +esac + +# Decode manufacturer-specific aliases for certain operating systems. + +if [ x"$os" != x"" ] +then +case $os in + # First match some system type aliases + # that might get confused with valid system types. + # -solaris* is a basic system type, with this one exception. + -solaris1 | -solaris1.*) + os=`echo $os | sed -e 's|solaris1|sunos4|'` + ;; + -solaris) + os=-solaris2 + ;; + -svr4*) + os=-sysv4 + ;; + -unixware*) + os=-sysv4.2uw + ;; + -gnu/linux*) + os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'` + ;; + # First accept the basic system types. + # The portable systems comes first. + # Each alternative MUST END IN A *, to match a version number. + # -sysv* is not here because it comes later, after sysvr4. + -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ + | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\ + | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \ + | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ + | -aos* \ + | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ + | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ + | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* | -openbsd* \ + | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ + | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ + | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ + | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ + | -chorusos* | -chorusrdb* \ + | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ + | -mingw32* | -linux-gnu* | -linux-uclibc* | -uxpv* | -beos* | -mpeix* | -udk* \ + | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ + | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ + | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ + | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ + | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ + | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ + | -skyos* | -haiku*) + # Remember, each alternative MUST END IN *, to match a version number. + ;; + -qnx*) + case $basic_machine in + x86-* | i*86-*) + ;; + *) + os=-nto$os + ;; + esac + ;; + -nto-qnx*) + ;; + -nto*) + os=`echo $os | sed -e 's|nto|nto-qnx|'` + ;; + -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ + | -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \ + | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) + ;; + -mac*) + os=`echo $os | sed -e 's|mac|macos|'` + ;; + -linux-dietlibc) + os=-linux-dietlibc + ;; + -linux*) + os=`echo $os | sed -e 's|linux|linux-gnu|'` + ;; + -sunos5*) + os=`echo $os | sed -e 's|sunos5|solaris2|'` + ;; + -sunos6*) + os=`echo $os | sed -e 's|sunos6|solaris3|'` + ;; + -opened*) + os=-openedition + ;; + -os400*) + os=-os400 + ;; + -wince*) + os=-wince + ;; + -osfrose*) + os=-osfrose + ;; + -osf*) + os=-osf + ;; + -utek*) + os=-bsd + ;; + -dynix*) + os=-bsd + ;; + -acis*) + os=-aos + ;; + -atheos*) + os=-atheos + ;; + -syllable*) + os=-syllable + ;; + -386bsd) + os=-bsd + ;; + -ctix* | -uts*) + os=-sysv + ;; + -nova*) + os=-rtmk-nova + ;; + -ns2 ) + os=-nextstep2 + ;; + -nsk*) + os=-nsk + ;; + # Preserve the version number of sinix5. + -sinix5.*) + os=`echo $os | sed -e 's|sinix|sysv|'` + ;; + -sinix*) + os=-sysv4 + ;; + -tpf*) + os=-tpf + ;; + -triton*) + os=-sysv3 + ;; + -oss*) + os=-sysv3 + ;; + -svr4) + os=-sysv4 + ;; + -svr3) + os=-sysv3 + ;; + -sysvr4) + os=-sysv4 + ;; + # This must come after -sysvr4. + -sysv*) + ;; + -ose*) + os=-ose + ;; + -es1800*) + os=-ose + ;; + -xenix) + os=-xenix + ;; + -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) + os=-mint + ;; + -aros*) + os=-aros + ;; + -kaos*) + os=-kaos + ;; + -zvmoe) + os=-zvmoe + ;; + -none) + ;; + *) + # Get rid of the `-' at the beginning of $os. + os=`echo $os | sed 's/[^-]*-//'` + echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2 + exit 1 + ;; +esac +else + +# Here we handle the default operating systems that come with various machines. +# The value should be what the vendor currently ships out the door with their +# machine or put another way, the most popular os provided with the machine. + +# Note that if you're going to try to match "-MANUFACTURER" here (say, +# "-sun"), then you have to tell the case statement up towards the top +# that MANUFACTURER isn't an operating system. Otherwise, code above +# will signal an error saying that MANUFACTURER isn't an operating +# system, and we'll never get to this point. + +case $basic_machine in + *-acorn) + os=-riscix1.2 + ;; + arm*-rebel) + os=-linux + ;; + arm*-semi) + os=-aout + ;; + c4x-* | tic4x-*) + os=-coff + ;; + # This must come before the *-dec entry. + pdp10-*) + os=-tops20 + ;; + pdp11-*) + os=-none + ;; + *-dec | vax-*) + os=-ultrix4.2 + ;; + m68*-apollo) + os=-domain + ;; + i386-sun) + os=-sunos4.0.2 + ;; + m68000-sun) + os=-sunos3 + # This also exists in the configure program, but was not the + # default. + # os=-sunos4 + ;; + m68*-cisco) + os=-aout + ;; + mips*-cisco) + os=-elf + ;; + mips*-*) + os=-elf + ;; + or32-*) + os=-coff + ;; + *-tti) # must be before sparc entry or we get the wrong os. + os=-sysv3 + ;; + sparc-* | *-sun) + os=-sunos4.1.1 + ;; + *-be) + os=-beos + ;; + *-haiku) + os=-haiku + ;; + *-ibm) + os=-aix + ;; + *-knuth) + os=-mmixware + ;; + *-wec) + os=-proelf + ;; + *-winbond) + os=-proelf + ;; + *-oki) + os=-proelf + ;; + *-hp) + os=-hpux + ;; + *-hitachi) + os=-hiux + ;; + i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) + os=-sysv + ;; + *-cbm) + os=-amigaos + ;; + *-dg) + os=-dgux + ;; + *-dolphin) + os=-sysv3 + ;; + m68k-ccur) + os=-rtu + ;; + m88k-omron*) + os=-luna + ;; + *-next ) + os=-nextstep + ;; + *-sequent) + os=-ptx + ;; + *-crds) + os=-unos + ;; + *-ns) + os=-genix + ;; + i370-*) + os=-mvs + ;; + *-next) + os=-nextstep3 + ;; + *-gould) + os=-sysv + ;; + *-highlevel) + os=-bsd + ;; + *-encore) + os=-bsd + ;; + *-sgi) + os=-irix + ;; + *-siemens) + os=-sysv4 + ;; + *-masscomp) + os=-rtu + ;; + f30[01]-fujitsu | f700-fujitsu) + os=-uxpv + ;; + *-rom68k) + os=-coff + ;; + *-*bug) + os=-coff + ;; + *-apple) + os=-macos + ;; + *-atari*) + os=-mint + ;; + *) + os=-none + ;; +esac +fi + +# Here we handle the case where we know the os, and the CPU type, but not the +# manufacturer. We pick the logical manufacturer. +vendor=unknown +case $basic_machine in + *-unknown) + case $os in + -riscix*) + vendor=acorn + ;; + -sunos*) + vendor=sun + ;; + -aix*) + vendor=ibm + ;; + -beos*) + vendor=be + ;; + -hpux*) + vendor=hp + ;; + -mpeix*) + vendor=hp + ;; + -hiux*) + vendor=hitachi + ;; + -unos*) + vendor=crds + ;; + -dgux*) + vendor=dg + ;; + -luna*) + vendor=omron + ;; + -genix*) + vendor=ns + ;; + -mvs* | -opened*) + vendor=ibm + ;; + -os400*) + vendor=ibm + ;; + -ptx*) + vendor=sequent + ;; + -tpf*) + vendor=ibm + ;; + -vxsim* | -vxworks* | -windiss*) + vendor=wrs + ;; + -aux*) + vendor=apple + ;; + -hms*) + vendor=hitachi + ;; + -mpw* | -macos*) + vendor=apple + ;; + -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) + vendor=atari + ;; + -vos*) + vendor=stratus + ;; + esac + basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"` + ;; +esac + +echo $basic_machine$os +exit + +# Local variables: +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "timestamp='" +# time-stamp-format: "%:y-%02m-%02d" +# time-stamp-end: "'" +# End: diff --git a/server/sss_client/configure.ac b/server/sss_client/configure.ac new file mode 100644 index 000000000..c32bb6fd6 --- /dev/null +++ b/server/sss_client/configure.ac @@ -0,0 +1,54 @@ +AC_PREREQ(2.50) +m4_include([../version.m4]) +AC_INIT([sss_client], + VERSION_NUMBER, + [sssd-devel@lists.fedorahosted.org]) +AC_CONFIG_SRCDIR([common.c]) +AC_CONFIG_HEADER(config.h) +AC_CONFIG_AUX_DIR([build]) +AM_INIT_AUTOMAKE([-Wall foreign subdir-objects]) +AM_PROG_CC_C_O +AC_DISABLE_STATIC +AC_PROG_LIBTOOL +AC_CONFIG_MACRO_DIR([m4]) +AM_GNU_GETTEXT([external]) +AM_GNU_GETTEXT_VERSION([0.14]) + +AM_CONDITIONAL([HAVE_GCC], [test "$ac_cv_prog_gcc" = yes]) + +AC_CHECK_TYPES([errno_t], [], [], [[#include ]]) + +m4_pattern_allow([AM_SILENT_RULES]) +AM_SILENT_RULES + +AC_SUBST(PAM_LIBS) + +#Check for PAM headers +AC_CHECK_HEADERS([security/pam_appl.h security/pam_misc.h security/pam_modules.h], + [AC_CHECK_LIB(pam, pam_get_item, [ PAM_LIBS="-lpam" ], [AC_MSG_ERROR([PAM must support pam_get_item])])], + [AC_MSG_ERROR([PAM development libraries not installed])] +) + +#Set the NSS library install path +AC_ARG_ENABLE([nsslibdir], [AS_HELP_STRING([--enable-nsslibdir], + [Where to install nss libraries ($libdir)])], + [nsslibdir=$enableval], + [nsslibdir=$libdir]) +AC_SUBST(nsslibdir) + +m4_include([conf_macros.m4]) +BUILD_WITH_AUX_INFO +WITH_PIPE_PATH +WITH_MANPAGES +WITH_XML_CATALOG + +m4_include([external/docbook.m4]) +if test x$HAVE_MANPAGES != x; then + CHECK_XML_TOOLS + CHECK_STYLESHEET([$SGML_CATALOG_FILES], + [http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl], + [Docbook XSL templates]) +fi + +AC_CONFIG_FILES([Makefile po/Makefile.in]) +AC_OUTPUT diff --git a/server/sss_client/external/docbook.m4 b/server/sss_client/external/docbook.m4 new file mode 100644 index 000000000..cae89feb1 --- /dev/null +++ b/server/sss_client/external/docbook.m4 @@ -0,0 +1,35 @@ +dnl Checks for tools needed to generate manual pages +AC_DEFUN([CHECK_XML_TOOLS], +[ + AC_PATH_PROG([XSLTPROC], [xsltproc]) + if test ! -x "$XSLTPROC"; then + AC_MSG_ERROR([Could not find xsltproc]) + fi + + AC_PATH_PROG([XMLLINT], [xmllint]) + if test ! -x "$XMLLINT"; then + AC_MSG_ERROR([Could not find xmllint]) + fi + + AC_PATH_PROG([XMLCATALOG], [xmlcatalog]) + if test ! -x "$XMLCATALOG"; then + AC_MSG_ERROR([Could not find xmlcatalog]) + fi +]) + +dnl Usage: +dnl CHECK_STYLESHEET_URI(FILE, URI, [FRIENDLY-NAME]) +dnl Checks if the XML catalog given by FILE exists and +dnl if a particular URI appears in the XML catalog +AC_DEFUN([CHECK_STYLESHEET], +[ + AC_CHECK_FILE($1, [], [AC_MSG_ERROR([could not find XML catalog])]) + + AC_MSG_CHECKING([for ifelse([$3],,[$2],[$3]) in XML catalog]) + if AC_RUN_LOG([$XMLCATALOG --noout "$1" "$2" >&2]); then + AC_MSG_RESULT([yes]) + else + AC_MSG_ERROR([could not find ifelse([$3],,[$2],[$3]) in XML catalog]) + fi +]) + diff --git a/server/sss_client/group.c b/server/sss_client/group.c new file mode 100644 index 000000000..675b8b71e --- /dev/null +++ b/server/sss_client/group.c @@ -0,0 +1,435 @@ +/* + * System Security Services Daemon. NSS client interface + * + * Copyright (C) Simo Sorce 2007 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +/* GROUP database NSS interface */ + +#include +#include +#include +#include +#include +#include +#include +#include "sss_cli.h" + +static struct sss_nss_getgrent_data { + size_t len; + size_t ptr; + uint8_t *data; +} sss_nss_getgrent_data; + +static void sss_nss_getgrent_data_clean(void) { + + if (sss_nss_getgrent_data.data != NULL) { + free(sss_nss_getgrent_data.data); + sss_nss_getgrent_data.data = NULL; + } + sss_nss_getgrent_data.len = 0; + sss_nss_getgrent_data.ptr = 0; +} + +/* GETGRNAM Request: + * + * 0-X: string with name + * + * GERTGRGID Request: + * + * 0-7: 32bit number with gid + * + * INITGROUPS Request: + * + * 0-3: 32bit number with gid + * 4-7: 32bit unsigned with max num of entries + * + * Replies: + * + * 0-3: 32bit unsigned number of results + * 4-7: 32bit unsigned (reserved/padding) + * For each result (64bit padded ?): + * 0-3: 32bit number gid + * 4-7: 32bit unsigned number of members + * 8-X: sequence of 0 terminated strings (name, passwd, mem..) + * + * FIXME: do we need to pad so that each result is 32 bit aligned ? + */ +struct sss_nss_gr_rep { + struct group *result; + char *buffer; + size_t buflen; +}; + +static int sss_nss_getgr_readrep(struct sss_nss_gr_rep *pr, + uint8_t *buf, size_t *len) +{ + size_t i, l, slen, ptmem; + ssize_t dlen; + char *sbuf; + uint32_t mem_num; + + if (*len < 11) { /* not enough space for data, bad packet */ + return EBADMSG; + } + + pr->result->gr_gid = ((uint32_t *)buf)[0]; + mem_num = ((uint32_t *)buf)[1]; + + sbuf = (char *)&buf[8]; + slen = *len - 8; + dlen = pr->buflen; + + pr->result->gr_name = &(pr->buffer[0]); + i = 0; + while (slen > i && dlen > 0) { + pr->buffer[i] = sbuf[i]; + if (pr->buffer[i] == '\0') break; + i++; + dlen--; + } + if (slen <= i) { /* premature end of buf */ + return EBADMSG; + } + if (dlen <= 0) { /* not enough memory */ + return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ + } + i++; + dlen--; + + pr->result->gr_passwd = &(pr->buffer[i]); + while (slen > i && dlen > 0) { + pr->buffer[i] = sbuf[i]; + if (pr->buffer[i] == '\0') break; + i++; + dlen--; + } + if (slen <= i) { /* premature end of buf */ + return EBADMSG; + } + if (dlen <= 0) { /* not enough memory */ + return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ + } + i++; + dlen--; + + /* now members */ + pr->result->gr_mem = (char **)&(pr->buffer[i]); + ptmem = sizeof(char *) * (mem_num + 1); + if (ptmem > dlen) { + return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ + } + dlen -= ptmem; + ptmem += i; + pr->result->gr_mem[mem_num] = NULL; /* terminate array */ + + for (l = 0; l < mem_num; l++) { + pr->result->gr_mem[l] = &(pr->buffer[ptmem]); + while ((slen > i) && (dlen > 0)) { + pr->buffer[ptmem] = sbuf[i]; + if (pr->buffer[ptmem] == '\0') break; + i++; + dlen--; + ptmem++; + } + if (slen <= i) { /* premature end of buf */ + return EBADMSG; + } + if (dlen <= 0) { /* not enough memory */ + return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ + } + i++; + dlen--; + ptmem++; + } + + *len = slen -i; + return 0; +} + +/* INITGROUP Reply: + * + * 0-3: 32bit unsigned number of results + * 4-7: 32bit unsigned (reserved/padding) + * For each result: + * 0-4: 32bit number with gid + */ + + +enum nss_status _nss_sss_initgroups_dyn(const char *user, gid_t group, + long int *start, long int *size, + gid_t **groups, long int limit, + int *errnop) +{ + struct sss_cli_req_data rd; + uint8_t *repbuf; + size_t replen; + enum nss_status nret; + uint32_t *rbuf; + uint32_t num_ret; + long int l, max_ret; + + rd.len = strlen(user) +1; + rd.data = user; + + nret = sss_nss_make_request(SSS_NSS_INITGR, &rd, + &repbuf, &replen, errnop); + if (nret != NSS_STATUS_SUCCESS) { + return nret; + } + + /* no results if not found */ + num_ret = ((uint32_t *)repbuf)[0]; + if (num_ret == 0) { + free(repbuf); + return NSS_STATUS_NOTFOUND; + } + max_ret = num_ret; + + /* check we have enough space in the buffer */ + if ((*size - *start) < num_ret) { + long int newsize; + gid_t *newgroups; + + newsize = *size + num_ret; + if ((limit > 0) && (newsize > limit)) { + newsize = limit; + max_ret = newsize - *start; + } + + newgroups = (gid_t *)realloc((*groups), newsize * sizeof(**groups)); + if (!newgroups) { + *errnop = ENOMEM; + free(repbuf); + return NSS_STATUS_TRYAGAIN; + } + *groups = newgroups; + *size = newsize; + } + + rbuf = &((uint32_t *)repbuf)[2]; + for (l = 0; l < max_ret; l++) { + (*groups)[*start] = rbuf[l]; + *start += 1; + } + + return NSS_STATUS_SUCCESS; +} + + +enum nss_status _nss_sss_getgrnam_r(const char *name, struct group *result, + char *buffer, size_t buflen, int *errnop) +{ + struct sss_cli_req_data rd; + struct sss_nss_gr_rep grrep; + uint8_t *repbuf; + size_t replen, len; + enum nss_status nret; + int ret; + + /* Caught once glibc passing in buffer == 0x0 */ + if (!buffer || !buflen) return ERANGE; + + rd.len = strlen(name) + 1; + rd.data = name; + + nret = sss_nss_make_request(SSS_NSS_GETGRNAM, &rd, + &repbuf, &replen, errnop); + if (nret != NSS_STATUS_SUCCESS) { + return nret; + } + + grrep.result = result; + grrep.buffer = buffer; + grrep.buflen = buflen; + + /* no results if not found */ + if (((uint32_t *)repbuf)[0] == 0) { + free(repbuf); + return NSS_STATUS_NOTFOUND; + } + + /* only 1 result is accepted for this function */ + if (((uint32_t *)repbuf)[0] != 1) { + *errnop = EBADMSG; + return NSS_STATUS_TRYAGAIN; + } + + len = replen - 8; + ret = sss_nss_getgr_readrep(&grrep, repbuf+8, &len); + free(repbuf); + if (ret) { + *errnop = ret; + return NSS_STATUS_TRYAGAIN; + } + + return NSS_STATUS_SUCCESS; +} + +enum nss_status _nss_sss_getgrgid_r(gid_t gid, struct group *result, + char *buffer, size_t buflen, int *errnop) +{ + struct sss_cli_req_data rd; + struct sss_nss_gr_rep grrep; + uint8_t *repbuf; + size_t replen, len; + enum nss_status nret; + uint32_t group_gid; + int ret; + + /* Caught once glibc passing in buffer == 0x0 */ + if (!buffer || !buflen) return ERANGE; + + group_gid = gid; + rd.len = sizeof(uint32_t); + rd.data = &group_gid; + + nret = sss_nss_make_request(SSS_NSS_GETGRGID, &rd, + &repbuf, &replen, errnop); + if (nret != NSS_STATUS_SUCCESS) { + return nret; + } + + grrep.result = result; + grrep.buffer = buffer; + grrep.buflen = buflen; + + /* no results if not found */ + if (((uint32_t *)repbuf)[0] == 0) { + free(repbuf); + return NSS_STATUS_NOTFOUND; + } + + /* only 1 result is accepted for this function */ + if (((uint32_t *)repbuf)[0] != 1) { + *errnop = EBADMSG; + return NSS_STATUS_TRYAGAIN; + } + + len = replen - 8; + ret = sss_nss_getgr_readrep(&grrep, repbuf+8, &len); + free(repbuf); + if (ret) { + *errnop = ret; + return NSS_STATUS_TRYAGAIN; + } + + return NSS_STATUS_SUCCESS; +} + +enum nss_status _nss_sss_setgrent(void) +{ + enum nss_status nret; + int errnop; + + /* make sure we do not have leftovers, and release memory */ + sss_nss_getgrent_data_clean(); + + nret = sss_nss_make_request(SSS_NSS_SETGRENT, + NULL, NULL, NULL, &errnop); + if (nret != NSS_STATUS_SUCCESS) { + errno = errnop; + return nret; + } + + return NSS_STATUS_SUCCESS; +} + +enum nss_status _nss_sss_getgrent_r(struct group *result, + char *buffer, size_t buflen, int *errnop) +{ + struct sss_cli_req_data rd; + struct sss_nss_gr_rep grrep; + uint8_t *repbuf; + size_t replen; + enum nss_status nret; + uint32_t num_entries; + int ret; + + /* Caught once glibc passing in buffer == 0x0 */ + if (!buffer || !buflen) return ERANGE; + + /* if there are leftovers return the next one */ + if (sss_nss_getgrent_data.data != NULL && + sss_nss_getgrent_data.ptr < sss_nss_getgrent_data.len) { + + repbuf = (uint8_t *)sss_nss_getgrent_data.data + + sss_nss_getgrent_data.ptr; + replen = sss_nss_getgrent_data.len - + sss_nss_getgrent_data.ptr; + + grrep.result = result; + grrep.buffer = buffer; + grrep.buflen = buflen; + + ret = sss_nss_getgr_readrep(&grrep, repbuf, &replen); + if (ret) { + *errnop = ret; + return NSS_STATUS_TRYAGAIN; + } + + /* advance buffer pointer */ + sss_nss_getgrent_data.ptr = sss_nss_getgrent_data.len - replen; + + return NSS_STATUS_SUCCESS; + } + + /* release memory if any */ + sss_nss_getgrent_data_clean(); + + /* retrieve no more than SSS_NSS_MAX_ENTRIES at a time */ + num_entries = SSS_NSS_MAX_ENTRIES; + rd.len = sizeof(uint32_t); + rd.data = &num_entries; + + nret = sss_nss_make_request(SSS_NSS_GETGRENT, &rd, + &repbuf, &replen, errnop); + if (nret != NSS_STATUS_SUCCESS) { + return nret; + } + + /* no results if not found */ + if ((((uint32_t *)repbuf)[0] == 0) || (replen - 8 == 0)) { + free(repbuf); + return NSS_STATUS_NOTFOUND; + } + + sss_nss_getgrent_data.data = repbuf; + sss_nss_getgrent_data.len = replen; + sss_nss_getgrent_data.ptr = 8; /* skip metadata fields */ + + /* call again ourselves, this will return the first result */ + return _nss_sss_getgrent_r(result, buffer, buflen, errnop); +} + +enum nss_status _nss_sss_endgrent(void) +{ + enum nss_status nret; + int errnop; + + /* make sure we do not have leftovers, and release memory */ + sss_nss_getgrent_data_clean(); + + nret = sss_nss_make_request(SSS_NSS_ENDGRENT, + NULL, NULL, NULL, &errnop); + if (nret != NSS_STATUS_SUCCESS) { + errno = errnop; + return nret; + } + + return NSS_STATUS_SUCCESS; +} diff --git a/server/sss_client/install-sh b/server/sss_client/install-sh new file mode 100755 index 000000000..58719246f --- /dev/null +++ b/server/sss_client/install-sh @@ -0,0 +1,238 @@ +#! /bin/sh +# +# install - install a program, script, or datafile +# This comes from X11R5. +# +# Calling this script install-sh is preferred over install.sh, to prevent +# `make' implicit rules from creating a file called install from it +# when there is no Makefile. +# +# This script is compatible with the BSD install script, but was written +# from scratch. +# + + +# set DOITPROG to echo to test this script + +# Don't use :- since 4.3BSD and earlier shells don't like it. +doit="${DOITPROG-}" + + +# put in absolute paths if you don't have them in your path; or use env. vars. + +mvprog="${MVPROG-mv}" +cpprog="${CPPROG-cp}" +chmodprog="${CHMODPROG-chmod}" +chownprog="${CHOWNPROG-chown}" +chgrpprog="${CHGRPPROG-chgrp}" +stripprog="${STRIPPROG-strip}" +rmprog="${RMPROG-rm}" +mkdirprog="${MKDIRPROG-mkdir}" + +transformbasename="" +transform_arg="" +instcmd="$mvprog" +chmodcmd="$chmodprog 0755" +chowncmd="" +chgrpcmd="" +stripcmd="" +rmcmd="$rmprog -f" +mvcmd="$mvprog" +src="" +dst="" +dir_arg="" + +while [ x"$1" != x ]; do + case $1 in + -c) instcmd="$cpprog" + shift + continue;; + + -d) dir_arg=true + shift + continue;; + + -m) chmodcmd="$chmodprog $2" + shift + shift + continue;; + + -o) chowncmd="$chownprog $2" + shift + shift + continue;; + + -g) chgrpcmd="$chgrpprog $2" + shift + shift + continue;; + + -s) stripcmd="$stripprog" + shift + continue;; + + -t=*) transformarg=`echo $1 | sed 's/-t=//'` + shift + continue;; + + -b=*) transformbasename=`echo $1 | sed 's/-b=//'` + shift + continue;; + + *) if [ x"$src" = x ] + then + src=$1 + else + # this colon is to work around a 386BSD /bin/sh bug + : + dst=$1 + fi + shift + continue;; + esac +done + +if [ x"$src" = x ] +then + echo "install: no input file specified" + exit 1 +else + true +fi + +if [ x"$dir_arg" != x ]; then + dst=$src + src="" + + if [ -d $dst ]; then + instcmd=: + else + instcmd=mkdir + fi +else + +# Waiting for this to be detected by the "$instcmd $src $dsttmp" command +# might cause directories to be created, which would be especially bad +# if $src (and thus $dsttmp) contains '*'. + + if [ -f $src -o -d $src ] + then + true + else + echo "install: $src does not exist" + exit 1 + fi + + if [ x"$dst" = x ] + then + echo "install: no destination specified" + exit 1 + else + true + fi + +# If destination is a directory, append the input filename; if your system +# does not like double slashes in filenames, you may need to add some logic + + if [ -d $dst ] + then + dst="$dst"/`basename $src` + else + true + fi +fi + +## this sed command emulates the dirname command +dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'` + +# Make sure that the destination directory exists. +# this part is taken from Noah Friedman's mkinstalldirs script + +# Skip lots of stat calls in the usual case. +if [ ! -d "$dstdir" ]; then +defaultIFS=' +' +IFS="${IFS-${defaultIFS}}" + +oIFS="${IFS}" +# Some sh's can't handle IFS=/ for some reason. +IFS='%' +set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'` +IFS="${oIFS}" + +pathcomp='' + +while [ $# -ne 0 ] ; do + pathcomp="${pathcomp}${1}" + shift + + if [ ! -d "${pathcomp}" ] ; + then + $mkdirprog "${pathcomp}" + else + true + fi + + pathcomp="${pathcomp}/" +done +fi + +if [ x"$dir_arg" != x ] +then + $doit $instcmd $dst && + + if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi && + if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi && + if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi && + if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi +else + +# If we're going to rename the final executable, determine the name now. + + if [ x"$transformarg" = x ] + then + dstfile=`basename $dst` + else + dstfile=`basename $dst $transformbasename | + sed $transformarg`$transformbasename + fi + +# don't allow the sed command to completely eliminate the filename + + if [ x"$dstfile" = x ] + then + dstfile=`basename $dst` + else + true + fi + +# Make a temp file name in the proper directory. + + dsttmp=$dstdir/#inst.$$# + +# Move or copy the file name to the temp name + + $doit $instcmd $src $dsttmp && + + trap "rm -f ${dsttmp}" 0 && + +# and set any options; do chmod last to preserve setuid bits + +# If any of these fail, we abort the whole thing. If we want to +# ignore errors from any of these, just make sure not to ignore +# errors from the above "$doit $instcmd $src $dsttmp" command. + + if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi && + if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi && + if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi && + if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi && + +# Now rename the file to the real destination. + + $doit $rmcmd -f $dstdir/$dstfile && + $doit $mvcmd $dsttmp $dstdir/$dstfile + +fi && + + +exit 0 diff --git a/server/sss_client/m4/.dir b/server/sss_client/m4/.dir new file mode 100644 index 000000000..e69de29bb diff --git a/server/sss_client/man/pam_sss.8.xml b/server/sss_client/man/pam_sss.8.xml new file mode 100644 index 000000000..f6ac9f477 --- /dev/null +++ b/server/sss_client/man/pam_sss.8.xml @@ -0,0 +1,97 @@ + + + +SSSD Manual pages + + + SSSD + The SSSD upstream - http://fedorahosted.org/sssd + + + + pam_sss + 8 + + + + pam_sss + PAM module for SSSD + + + + + pam_sss.so + + forward_pass + + + use_first_pass + + + use_authtok + + + + + + DESCRIPTION + pam_sss.so is the PAM interface to the System + Security Services daemon (SSSD). Errors and results are logged through + syslog(3) with the LOG_AUTHPRIV facility. + + + + OPTIONS + + + + + + + If is set the entered + password is put on the stack for other PAM modules to use. + + + + + + + + + The argument use_first_pass forces the module to use + a previous stacked modules password and will never prompt + the user - if no password is available or the password is + not appropriate, the user will be denied access. + + + + + + + + When password changing enforce the module to set the + new password to the one provided by a previously stacked + password module. + + + + + + + MODULE TYPES PROVIDED + All module types (, , + and ) are provided. + + + + + SEE ALSO + + + sssd.conf8 + + + + + diff --git a/server/sss_client/pam_sss.c b/server/sss_client/pam_sss.c new file mode 100644 index 000000000..8a1e3129a --- /dev/null +++ b/server/sss_client/pam_sss.c @@ -0,0 +1,1166 @@ +/* + Authors: + Sumit Bose + + Copyright (C) 2009 Red Hat + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#define PAM_SM_AUTH +#define PAM_SM_ACCOUNT +#define PAM_SM_SESSION +#define PAM_SM_PASSWORD + +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include "sss_pam_macros.h" + +#include "sss_cli.h" + +#include +#define _(STRING) dgettext (PACKAGE, STRING) +#include "config.h" + +#define FLAGS_USE_FIRST_PASS (1 << 0) +#define FLAGS_FORWARD_PASS (1 << 1) +#define FLAGS_USE_AUTHTOK (1 << 2) + +struct pam_items { + const char* pam_service; + const char* pam_user; + const char* pam_tty; + const char* pam_ruser; + const char* pam_rhost; + char* pam_authtok; + char* pam_newauthtok; + const char* pamstack_authtok; + const char* pamstack_oldauthtok; + size_t pam_service_size; + size_t pam_user_size; + size_t pam_tty_size; + size_t pam_ruser_size; + size_t pam_rhost_size; + int pam_authtok_type; + size_t pam_authtok_size; + int pam_newauthtok_type; + size_t pam_newauthtok_size; + pid_t cli_pid; + const char *login_name; +}; + +#define DEBUG_MGS_LEN 1024 +#define MAX_AUTHTOK_SIZE (1024*1024) +#define CHECK_AND_RETURN_PI_STRING(s) ((s != NULL && *s != '\0')? s : "(not available)") + +static void logger(pam_handle_t *pamh, int level, const char *fmt, ...) { + va_list ap; + + va_start(ap, fmt); + +#ifdef DEBUG + va_list apd; + char debug_msg[DEBUG_MGS_LEN]; + int ret; + va_copy(apd, ap); + + ret = vsnprintf(debug_msg, DEBUG_MGS_LEN, fmt, apd); + if (ret >= DEBUG_MGS_LEN) { + D(("the following message is truncated: %s", debug_msg)); + } else if (ret < 0) { + D(("vsnprintf failed to format debug message!")); + } else { + D((debug_msg)); + } + + va_end(apd); +#endif + + pam_vsyslog(pamh, LOG_AUTHPRIV|level, fmt, ap); + + va_end(ap); +} + + +static size_t add_authtok_item(enum pam_item_type type, + enum sss_authtok_type authtok_type, + const char *tok, const size_t size, + uint8_t *buf) { + size_t rp=0; + uint32_t c; + + if (tok == NULL) return 0; + + c = type; + memcpy(&buf[rp], &c, sizeof(uint32_t)); + rp += sizeof(uint32_t); + + c = size + sizeof(uint32_t); + memcpy(&buf[rp], &c, sizeof(uint32_t)); + rp += sizeof(uint32_t); + + c = authtok_type; + memcpy(&buf[rp], &c, sizeof(uint32_t)); + rp += sizeof(uint32_t); + + memcpy(&buf[rp], tok, size); + rp += size; + + return rp; +} + + +static size_t add_uint32_t_item(enum pam_item_type type, const uint32_t val, + uint8_t *buf) { + size_t rp=0; + uint32_t c; + + c = type; + memcpy(&buf[rp], &c, sizeof(uint32_t)); + rp += sizeof(uint32_t); + + c = sizeof(uint32_t); + memcpy(&buf[rp], &c, sizeof(uint32_t)); + rp += sizeof(uint32_t); + + c = val; + memcpy(&buf[rp], &c, sizeof(uint32_t)); + rp += sizeof(uint32_t); + + return rp; +} + +static size_t add_string_item(enum pam_item_type type, const char *str, + const size_t size, uint8_t *buf) { + size_t rp=0; + uint32_t c; + + if (str == NULL || *str == '\0') return 0; + + c = type; + memcpy(&buf[rp], &c, sizeof(uint32_t)); + rp += sizeof(uint32_t); + + c = size; + memcpy(&buf[rp], &c, sizeof(uint32_t)); + rp += sizeof(uint32_t); + + memcpy(&buf[rp], str, size); + rp += size; + + return rp; +} + +static void overwrite_and_free_authtoks(struct pam_items *pi) +{ + if (pi->pam_authtok != NULL) { + _pam_overwrite_n((void *)pi->pam_authtok, pi->pam_authtok_size); + free((void *)pi->pam_authtok); + pi->pam_authtok = NULL; + } + + if (pi->pam_newauthtok != NULL) { + _pam_overwrite_n((void *)pi->pam_newauthtok, pi->pam_newauthtok_size); + free((void *)pi->pam_newauthtok); + pi->pam_newauthtok = NULL; + } +} + +static int pack_message_v3(struct pam_items *pi, size_t *size, + uint8_t **buffer) { + int len; + uint8_t *buf; + int rp; + uint32_t terminator = SSS_END_OF_PAM_REQUEST; + + len = sizeof(uint32_t) + + 2*sizeof(uint32_t) + pi->pam_user_size + + sizeof(uint32_t); + len += *pi->pam_service != '\0' ? + 2*sizeof(uint32_t) + pi->pam_service_size : 0; + len += *pi->pam_tty != '\0' ? + 2*sizeof(uint32_t) + pi->pam_tty_size : 0; + len += *pi->pam_ruser != '\0' ? + 2*sizeof(uint32_t) + pi->pam_ruser_size : 0; + len += *pi->pam_rhost != '\0' ? + 2*sizeof(uint32_t) + pi->pam_rhost_size : 0; + len += pi->pam_authtok != NULL ? + 3*sizeof(uint32_t) + pi->pam_authtok_size : 0; + len += pi->pam_newauthtok != NULL ? + 3*sizeof(uint32_t) + pi->pam_newauthtok_size : 0; + len += 3*sizeof(uint32_t); /* cli_pid */ + + buf = malloc(len); + if (buf == NULL) { + D(("malloc failed.")); + return PAM_BUF_ERR; + } + + rp = 0; + ((uint32_t *)(&buf[rp]))[0] = SSS_START_OF_PAM_REQUEST; + rp += sizeof(uint32_t); + + rp += add_string_item(SSS_PAM_ITEM_USER, pi->pam_user, pi->pam_user_size, + &buf[rp]); + + rp += add_string_item(SSS_PAM_ITEM_SERVICE, pi->pam_service, + pi->pam_service_size, &buf[rp]); + + rp += add_string_item(SSS_PAM_ITEM_TTY, pi->pam_tty, pi->pam_tty_size, + &buf[rp]); + + rp += add_string_item(SSS_PAM_ITEM_RUSER, pi->pam_ruser, pi->pam_ruser_size, + &buf[rp]); + + rp += add_string_item(SSS_PAM_ITEM_RHOST, pi->pam_rhost, pi->pam_rhost_size, + &buf[rp]); + + rp += add_uint32_t_item(SSS_PAM_ITEM_CLI_PID, (uint32_t) pi->cli_pid, + &buf[rp]); + + rp += add_authtok_item(SSS_PAM_ITEM_AUTHTOK, pi->pam_authtok_type, + pi->pam_authtok, pi->pam_authtok_size, &buf[rp]); + + rp += add_authtok_item(SSS_PAM_ITEM_NEWAUTHTOK, pi->pam_newauthtok_type, + pi->pam_newauthtok, pi->pam_newauthtok_size, + &buf[rp]); + + memcpy(&buf[rp], &terminator, sizeof(uint32_t)); + rp += sizeof(uint32_t); + + if (rp != len) { + D(("error during packet creation.")); + return PAM_BUF_ERR; + } + + *size = len; + *buffer = buf; + + return 0; +} + +static int null_strcmp(const char *s1, const char *s2) { + if (s1 == NULL && s2 == NULL) return 0; + if (s1 == NULL && s2 != NULL) return -1; + if (s1 != NULL && s2 == NULL) return 1; + return strcmp(s1, s2); +} + +enum { + SSS_PAM_CONV_DONE = 0, + SSS_PAM_CONV_STD, + SSS_PAM_CONV_REENTER, +}; + +static int do_pam_conversation(pam_handle_t *pamh, const int msg_style, + const char *msg, + const char *reenter_msg, + char **answer) +{ + int ret; + int state = SSS_PAM_CONV_STD; + struct pam_conv *conv; + struct pam_message *mesg[1]; + struct pam_response *resp=NULL; + + if ((msg_style == PAM_TEXT_INFO || msg_style == PAM_ERROR_MSG) && + msg == NULL) return PAM_SYSTEM_ERR; + + if ((msg_style == PAM_PROMPT_ECHO_OFF || + msg_style == PAM_PROMPT_ECHO_ON) && + (msg == NULL || answer == NULL)) return PAM_SYSTEM_ERR; + + if (msg_style == PAM_TEXT_INFO || msg_style == PAM_ERROR_MSG) { + logger(pamh, LOG_INFO, "User %s message: %s", + msg_style == PAM_TEXT_INFO ? "info" : "error", + msg); + } + + ret=pam_get_item(pamh, PAM_CONV, (const void **) &conv); + if (ret != PAM_SUCCESS) return ret; + + do { + mesg[0] = malloc(sizeof(struct pam_message)); + if (mesg[0] == NULL) { + D(("Malloc failed.")); + return PAM_SYSTEM_ERR; + } + + mesg[0]->msg_style = msg_style; + if (state == SSS_PAM_CONV_REENTER) { + mesg[0]->msg = reenter_msg; + } else { + mesg[0]->msg = msg; + } + + ret=conv->conv(1, (const struct pam_message **) mesg, &resp, + conv->appdata_ptr); + free(mesg[0]); + if (ret != PAM_SUCCESS) { + D(("Conversation failure: %s.", pam_strerror(pamh,ret))); + return ret; + } + + if (msg_style == PAM_PROMPT_ECHO_OFF || + msg_style == PAM_PROMPT_ECHO_ON) { + if (resp == NULL) { + D(("response expected, but resp==NULL")); + return PAM_SYSTEM_ERR; + } + + if (state == SSS_PAM_CONV_REENTER) { + if (null_strcmp(*answer, resp[0].resp) != 0) { + logger(pamh, LOG_NOTICE, "Passwords do not match."); + _pam_overwrite((void *)resp[0].resp); + free(resp[0].resp); + if (*answer != NULL) { + _pam_overwrite((void *)*answer); + free(*answer); + *answer = NULL; + } + ret = do_pam_conversation(pamh, PAM_ERROR_MSG, + _("Passwords do not match"), + NULL, NULL); + if (ret != PAM_SUCCESS) { + D(("do_pam_conversation failed.")); + return PAM_SYSTEM_ERR; + } + return PAM_CRED_ERR; + } + _pam_overwrite((void *)resp[0].resp); + free(resp[0].resp); + } else { + if (resp[0].resp == NULL) { + D(("Empty password")); + *answer = NULL; + } else { + *answer = strndup(resp[0].resp, MAX_AUTHTOK_SIZE); + _pam_overwrite((void *)resp[0].resp); + free(resp[0].resp); + if(*answer == NULL) { + D(("strndup failed")); + return PAM_BUF_ERR; + } + } + } + free(resp); + resp = NULL; + } + + if (reenter_msg != NULL && state == SSS_PAM_CONV_STD) { + state = SSS_PAM_CONV_REENTER; + } else { + state = SSS_PAM_CONV_DONE; + } + } while (state != SSS_PAM_CONV_DONE); + + return PAM_SUCCESS; +} + +static int user_info_offline_auth(pam_handle_t *pamh, size_t buflen, + uint8_t *buf) +{ + int ret; + long long expire_date; + struct tm tm; + char expire_str[128]; + char user_msg[256]; + + expire_str[0] = '\0'; + + if (buflen != sizeof(uint32_t) + sizeof(long long)) { + D(("User info response data has the wrong size")); + return PAM_BUF_ERR; + } + + memcpy(&expire_date, buf + sizeof(uint32_t), sizeof(long long)); + + if (expire_date > 0) { + if (localtime_r((time_t *) &expire_date, &tm) != NULL) { + ret = strftime(expire_str, sizeof(expire_str), "%c", &tm); + if (ret == 0) { + D(("strftime failed.")); + expire_str[0] = '\0'; + } + } else { + D(("localtime_r failed")); + } + } + + ret = snprintf(user_msg, sizeof(user_msg), "%s%s%s.", + _("Offline authentication"), + expire_str[0] ? _(", your cached password will expire at: ") : "", + expire_str[0] ? expire_str : ""); + if (ret < 0 || ret >= sizeof(user_msg)) { + D(("snprintf failed.")); + return PAM_SYSTEM_ERR; + } + + ret = do_pam_conversation(pamh, PAM_TEXT_INFO, user_msg, NULL, NULL); + if (ret != PAM_SUCCESS) { + D(("do_pam_conversation failed.")); + return PAM_SYSTEM_ERR; + } + + return PAM_SUCCESS; +} + +static int user_info_offline_auth_delayed(pam_handle_t *pamh, size_t buflen, + uint8_t *buf) +{ + int ret; + long long delayed_until; + struct tm tm; + char delay_str[128]; + char user_msg[256]; + + delay_str[0] = '\0'; + + if (buflen != sizeof(uint32_t) + sizeof(long long)) { + D(("User info response data has the wrong size")); + return PAM_BUF_ERR; + } + + memcpy(&delayed_until, buf + sizeof(uint32_t), sizeof(long long)); + + if (delayed_until <= 0) { + D(("User info response data has an invalid value")); + return PAM_BUF_ERR; + } + + if (localtime_r((time_t *) &delayed_until, &tm) != NULL) { + ret = strftime(delay_str, sizeof(delay_str), "%c", &tm); + if (ret == 0) { + D(("strftime failed.")); + delay_str[0] = '\0'; + } + } else { + D(("localtime_r failed")); + } + + ret = snprintf(user_msg, sizeof(user_msg), "%s%s.", + _("Offline authentication, authentication is denied until: "), + delay_str); + if (ret < 0 || ret >= sizeof(user_msg)) { + D(("snprintf failed.")); + return PAM_SYSTEM_ERR; + } + + ret = do_pam_conversation(pamh, PAM_TEXT_INFO, user_msg, NULL, NULL); + if (ret != PAM_SUCCESS) { + D(("do_pam_conversation failed.")); + return PAM_SYSTEM_ERR; + } + + return PAM_SUCCESS; +} + +static int user_info_offline_chpass(pam_handle_t *pamh, size_t buflen, + uint8_t *buf) +{ + int ret; + + if (buflen != sizeof(uint32_t)) { + D(("User info response data has the wrong size")); + return PAM_BUF_ERR; + } + + ret = do_pam_conversation(pamh, PAM_TEXT_INFO, + _("System is offline, password change not possible"), + NULL, NULL); + if (ret != PAM_SUCCESS) { + D(("do_pam_conversation failed.")); + return PAM_SYSTEM_ERR; + } + + return PAM_SUCCESS; +} + +static int user_info_chpass_error(pam_handle_t *pamh, size_t buflen, + uint8_t *buf) +{ + int ret; + uint32_t msg_len; + char user_msg[256]; + + if (buflen < 2* sizeof(uint32_t)) { + D(("User info response data is too short")); + return PAM_BUF_ERR; + } + + memcpy(&msg_len, buf + sizeof(uint32_t), sizeof(uint32_t)); + + if (buflen != 2* sizeof(uint32_t) + msg_len) { + D(("User info response data has the wrong size")); + return PAM_BUF_ERR; + } + + ret = snprintf(user_msg, sizeof(user_msg), "%s%s%.*s", + _("Password change failed. "), + msg_len > 0 ? _("Server message: ") : "", + msg_len, + msg_len > 0 ? (char *)(buf + 2 * sizeof(uint32_t)) : "" ); + if (ret < 0 || ret >= sizeof(user_msg)) { + D(("snprintf failed.")); + return PAM_SYSTEM_ERR; + } + + ret = do_pam_conversation(pamh, PAM_TEXT_INFO, user_msg, NULL, NULL); + if (ret != PAM_SUCCESS) { + D(("do_pam_conversation failed.")); + return PAM_SYSTEM_ERR; + } + + return PAM_SUCCESS; +} + + +static int eval_user_info_response(pam_handle_t *pamh, size_t buflen, + uint8_t *buf) +{ + int ret; + uint32_t type; + + if (buflen < sizeof(uint32_t)) { + D(("User info response data is too short")); + return PAM_BUF_ERR; + } + + memcpy(&type, buf, sizeof(uint32_t)); + + switch(type) { + case SSS_PAM_USER_INFO_OFFLINE_AUTH: + ret = user_info_offline_auth(pamh, buflen, buf); + break; + case SSS_PAM_USER_INFO_OFFLINE_AUTH_DELAYED: + ret = user_info_offline_auth_delayed(pamh, buflen, buf); + break; + case SSS_PAM_USER_INFO_OFFLINE_CHPASS: + ret = user_info_offline_chpass(pamh, buflen, buf); + break; + case SSS_PAM_USER_INFO_CHPASS_ERROR: + ret = user_info_chpass_error(pamh, buflen, buf); + break; + default: + D(("Unknown user info type [%d]", type)); + ret = PAM_SYSTEM_ERR; + } + + return ret; +} + +static int eval_response(pam_handle_t *pamh, size_t buflen, uint8_t *buf) +{ + int ret; + size_t p=0; + char *env_item; + int32_t c; + int32_t type; + int32_t len; + int32_t pam_status; + + if (buflen < (2*sizeof(int32_t))) { + D(("response buffer is too small")); + return PAM_BUF_ERR; + } + + memcpy(&pam_status, buf+p, sizeof(int32_t)); + p += sizeof(int32_t); + + + memcpy(&c, buf+p, sizeof(int32_t)); + p += sizeof(int32_t); + + while(c>0) { + if (buflen < (p+2*sizeof(int32_t))) { + D(("response buffer is too small")); + return PAM_BUF_ERR; + } + + memcpy(&type, buf+p, sizeof(int32_t)); + p += sizeof(int32_t); + + memcpy(&len, buf+p, sizeof(int32_t)); + p += sizeof(int32_t); + + if (buflen < (p + len)) { + D(("response buffer is too small")); + return PAM_BUF_ERR; + } + + switch(type) { + case SSS_PAM_SYSTEM_INFO: + if (buf[p + (len -1)] != '\0') { + D(("user info does not end with \\0.")); + break; + } + logger(pamh, LOG_INFO, "system info: [%s]", &buf[p]); + break; + case SSS_PAM_DOMAIN_NAME: + D(("domain name: [%s]", &buf[p])); + break; + case SSS_ENV_ITEM: + case SSS_PAM_ENV_ITEM: + case SSS_ALL_ENV_ITEM: + if (buf[p + (len -1)] != '\0') { + D(("env item does not end with \\0.")); + break; + } + + D(("env item: [%s]", &buf[p])); + if (type == SSS_PAM_ENV_ITEM || type == SSS_ALL_ENV_ITEM) { + ret = pam_putenv(pamh, (char *)&buf[p]); + if (ret != PAM_SUCCESS) { + D(("pam_putenv failed.")); + break; + } + } + + if (type == SSS_ENV_ITEM || type == SSS_ALL_ENV_ITEM) { + env_item = strdup((char *)&buf[p]); + if (env_item == NULL) { + D(("strdup failed")); + break; + } + ret = putenv(env_item); + if (ret == -1) { + D(("putenv failed.")); + break; + } + } + break; + case SSS_PAM_USER_INFO: + ret = eval_user_info_response(pamh, len, &buf[p]); + if (ret != PAM_SUCCESS) { + D(("eval_user_info_response failed")); + } + break; + default: + D(("Unknown response type [%d]", type)); + } + p += len; + + --c; + } + + return PAM_SUCCESS; +} + +static int get_pam_items(pam_handle_t *pamh, struct pam_items *pi) +{ + int ret; + + pi->pam_authtok_type = SSS_AUTHTOK_TYPE_EMPTY; + pi->pam_authtok = NULL; + pi->pam_authtok_size = 0; + pi->pam_newauthtok_type = SSS_AUTHTOK_TYPE_EMPTY; + pi->pam_newauthtok = NULL; + pi->pam_newauthtok_size = 0; + + ret = pam_get_item(pamh, PAM_SERVICE, (const void **) &(pi->pam_service)); + if (ret != PAM_SUCCESS) return ret; + if (pi->pam_service == NULL) pi->pam_service=""; + pi->pam_service_size=strlen(pi->pam_service)+1; + + ret = pam_get_item(pamh, PAM_USER, (const void **) &(pi->pam_user)); + if (ret != PAM_SUCCESS) return ret; + if (pi->pam_user == NULL) { + D(("No user found, aborting.")); + return PAM_BAD_ITEM; + } + if (strcmp(pi->pam_user, "root") == 0) { + D(("pam_sss will not handle root.")); + return PAM_USER_UNKNOWN; + } + pi->pam_user_size=strlen(pi->pam_user)+1; + + + ret = pam_get_item(pamh, PAM_TTY, (const void **) &(pi->pam_tty)); + if (ret != PAM_SUCCESS) return ret; + if (pi->pam_tty == NULL) pi->pam_tty=""; + pi->pam_tty_size=strlen(pi->pam_tty)+1; + + ret = pam_get_item(pamh, PAM_RUSER, (const void **) &(pi->pam_ruser)); + if (ret != PAM_SUCCESS) return ret; + if (pi->pam_ruser == NULL) pi->pam_ruser=""; + pi->pam_ruser_size=strlen(pi->pam_ruser)+1; + + ret = pam_get_item(pamh, PAM_RHOST, (const void **) &(pi->pam_rhost)); + if (ret != PAM_SUCCESS) return ret; + if (pi->pam_rhost == NULL) pi->pam_rhost=""; + pi->pam_rhost_size=strlen(pi->pam_rhost)+1; + + ret = pam_get_item(pamh, PAM_AUTHTOK, + (const void **) &(pi->pamstack_authtok)); + if (ret != PAM_SUCCESS) return ret; + if (pi->pamstack_authtok == NULL) pi->pamstack_authtok=""; + + ret = pam_get_item(pamh, PAM_OLDAUTHTOK, + (const void **) &(pi->pamstack_oldauthtok)); + if (ret != PAM_SUCCESS) return ret; + if (pi->pamstack_oldauthtok == NULL) pi->pamstack_oldauthtok=""; + + pi->cli_pid = getpid(); + + pi->login_name = pam_modutil_getlogin(pamh); + if (pi->login_name == NULL) pi->login_name=""; + + return PAM_SUCCESS; +} + +static void print_pam_items(struct pam_items *pi) +{ + if (pi == NULL) return; + + D(("Service: %s", CHECK_AND_RETURN_PI_STRING(pi->pam_service))); + D(("User: %s", CHECK_AND_RETURN_PI_STRING(pi->pam_user))); + D(("Tty: %s", CHECK_AND_RETURN_PI_STRING(pi->pam_tty))); + D(("Ruser: %s", CHECK_AND_RETURN_PI_STRING(pi->pam_ruser))); + D(("Rhost: %s", CHECK_AND_RETURN_PI_STRING(pi->pam_rhost))); + D(("Pamstack_Authtok: %s", + CHECK_AND_RETURN_PI_STRING(pi->pamstack_authtok))); + D(("Pamstack_Oldauthtok: %s", + CHECK_AND_RETURN_PI_STRING(pi->pamstack_oldauthtok))); + D(("Authtok: %s", CHECK_AND_RETURN_PI_STRING(pi->pam_authtok))); + D(("Newauthtok: %s", CHECK_AND_RETURN_PI_STRING(pi->pam_newauthtok))); + D(("Cli_PID: %d", pi->cli_pid)); +} + +static int send_and_receive(pam_handle_t *pamh, struct pam_items *pi, + enum sss_cli_command task) +{ + int ret; + int errnop; + struct sss_cli_req_data rd; + uint8_t *buf = NULL; + uint8_t *repbuf = NULL; + size_t replen; + int pam_status = PAM_SYSTEM_ERR; + + print_pam_items(pi); + + ret = pack_message_v3(pi, &rd.len, &buf); + if (ret != 0) { + D(("pack_message failed.")); + pam_status = PAM_SYSTEM_ERR; + goto done; + } + rd.data = buf; + + ret = sss_pam_make_request(task, &rd, &repbuf, &replen, &errnop); + + if (ret != NSS_STATUS_SUCCESS) { + logger(pamh, LOG_ERR, "Request to sssd failed."); + pam_status = PAM_SYSTEM_ERR; + goto done; + } + +/* FIXME: add an end signature */ + if (replen < (2*sizeof(int32_t))) { + D(("response not in expected format.")); + pam_status = PAM_SYSTEM_ERR; + goto done; + } + + pam_status = ((int32_t *)repbuf)[0]; + ret = eval_response(pamh, replen, repbuf); + if (ret != PAM_SUCCESS) { + D(("eval_response failed.")); + pam_status = ret; + goto done; + } + + switch (task) { + case SSS_PAM_AUTHENTICATE: + logger(pamh, (pam_status == PAM_SUCCESS ? LOG_INFO : LOG_NOTICE), + "authentication %s; logname=%s uid=%lu euid=%d tty=%s " + "ruser=%s rhost=%s user=%s", + pam_status == PAM_SUCCESS ? "success" : "failure", + pi->login_name, getuid(), (unsigned long) geteuid(), + pi->pam_tty, pi->pam_ruser, pi->pam_rhost, pi->pam_user); + if (pam_status != PAM_SUCCESS) { + logger(pamh, LOG_NOTICE, "received for user %s: %d (%s)", + pi->pam_user, pam_status, + pam_strerror(pamh,pam_status)); + } + break; + case SSS_PAM_CHAUTHTOK_PRELIM: + if (pam_status != PAM_SUCCESS) { + logger(pamh, LOG_NOTICE, + "Authentication failed for user %s: %d (%s)", + pi->pam_user, pam_status, + pam_strerror(pamh,pam_status)); + } + break; + case SSS_PAM_CHAUTHTOK: + if (pam_status != PAM_SUCCESS) { + logger(pamh, LOG_NOTICE, + "Password change failed for user %s: %d (%s)", + pi->pam_user, pam_status, + pam_strerror(pamh,pam_status)); + } + break; + case SSS_PAM_ACCT_MGMT: + if (pam_status != PAM_SUCCESS) { + logger(pamh, LOG_NOTICE, + "Access denied for user %s: %d (%s)", + pi->pam_user, pam_status, + pam_strerror(pamh,pam_status)); + } + break; + case SSS_PAM_SETCRED: + case SSS_PAM_OPEN_SESSION: + case SSS_PAM_CLOSE_SESSION: + break; + default: + D(("Illegal task [%d]", task)); + return PAM_SYSTEM_ERR; + } + +done: + if (buf != NULL ) { + _pam_overwrite_n((void *)buf, rd.len); + free(buf); + } + free(repbuf); + + return pam_status; +} + +static int prompt_password(pam_handle_t *pamh, struct pam_items *pi) +{ + int ret; + char *answer = NULL; + + ret = do_pam_conversation(pamh, PAM_PROMPT_ECHO_OFF, _("Password: "), + NULL, &answer); + if (ret != PAM_SUCCESS) { + D(("do_pam_conversation failed.")); + return ret; + } + + if (answer == NULL) { + pi->pam_authtok = NULL; + pi->pam_authtok_type = SSS_AUTHTOK_TYPE_EMPTY; + pi->pam_authtok_size=0; + } else { + pi->pam_authtok = strdup(answer); + _pam_overwrite((void *)answer); + free(answer); + answer=NULL; + if (pi->pam_authtok == NULL) { + return PAM_BUF_ERR; + } + pi->pam_authtok_type = SSS_AUTHTOK_TYPE_PASSWORD; + pi->pam_authtok_size=strlen(pi->pam_authtok); + } + + return PAM_SUCCESS; +} + +static int prompt_new_password(pam_handle_t *pamh, struct pam_items *pi) +{ + int ret; + char *answer = NULL; + + ret = do_pam_conversation(pamh, PAM_PROMPT_ECHO_OFF, + _("New Password: "), + _("Reenter new Password: "), + &answer); + if (ret != PAM_SUCCESS) { + D(("do_pam_conversation failed.")); + return ret; + } + if (answer == NULL) { + pi->pam_newauthtok = NULL; + pi->pam_newauthtok_type = SSS_AUTHTOK_TYPE_EMPTY; + pi->pam_newauthtok_size=0; + } else { + pi->pam_newauthtok = strdup(answer); + _pam_overwrite((void *)answer); + free(answer); + answer=NULL; + if (pi->pam_newauthtok == NULL) { + return PAM_BUF_ERR; + } + pi->pam_newauthtok_type = SSS_AUTHTOK_TYPE_PASSWORD; + pi->pam_newauthtok_size=strlen(pi->pam_newauthtok); + } + + return PAM_SUCCESS; +} + +static void eval_argv(pam_handle_t *pamh, int argc, const char **argv, + uint32_t *flags) +{ + for (; argc-- > 0; ++argv) { + if (strcmp(*argv, "forward_pass") == 0) { + *flags |= FLAGS_FORWARD_PASS; + } else if (strcmp(*argv, "use_first_pass") == 0) { + *flags |= FLAGS_USE_FIRST_PASS; + } else if (strcmp(*argv, "use_authtok") == 0) { + *flags |= FLAGS_USE_AUTHTOK; + } else { + logger(pamh, LOG_WARNING, "unknown option: %s", *argv); + } + } + + return; +} + +static int get_authtok_for_authentication(pam_handle_t *pamh, + struct pam_items *pi, + uint32_t flags) +{ + int ret; + + if (flags & FLAGS_USE_FIRST_PASS) { + pi->pam_authtok_type = SSS_AUTHTOK_TYPE_PASSWORD; + pi->pam_authtok = strdup(pi->pamstack_authtok); + if (pi->pam_authtok == NULL) { + D(("option use_first_pass set, but no password found")); + return PAM_BUF_ERR; + } + pi->pam_authtok_size = strlen(pi->pam_authtok); + } else { + ret = prompt_password(pamh, pi); + if (ret != PAM_SUCCESS) { + D(("failed to get password from user")); + return ret; + } + + if (flags & FLAGS_FORWARD_PASS) { + ret = pam_set_item(pamh, PAM_AUTHTOK, pi->pam_authtok); + if (ret != PAM_SUCCESS) { + D(("Failed to set PAM_AUTHTOK [%s], " + "authtok may not be available for other modules", + pam_strerror(pamh,ret))); + } + } + } + + return PAM_SUCCESS; +} + +static int get_authtok_for_password_change(pam_handle_t *pamh, + struct pam_items *pi, + uint32_t flags, + int pam_flags) +{ + int ret; + + /* we query for the old password during PAM_PRELIM_CHECK to make + * pam_sss work e.g. with pam_cracklib */ + if (pam_flags & PAM_PRELIM_CHECK) { + if (getuid() != 0 && !(flags & FLAGS_USE_FIRST_PASS)) { + ret = prompt_password(pamh, pi); + if (ret != PAM_SUCCESS) { + D(("failed to get password from user")); + return ret; + } + + ret = pam_set_item(pamh, PAM_OLDAUTHTOK, pi->pam_authtok); + if (ret != PAM_SUCCESS) { + D(("Failed to set PAM_OLDAUTHTOK [%s], " + "oldauthtok may not be available", + pam_strerror(pamh,ret))); + return ret; + } + } + + return PAM_SUCCESS; + } + + if (pi->pamstack_oldauthtok == NULL) { + if (getuid() != 0) { + D(("no password found for chauthtok")); + return PAM_BUF_ERR; + } else { + pi->pam_authtok_type = SSS_AUTHTOK_TYPE_EMPTY; + pi->pam_authtok = NULL; + pi->pam_authtok_size = 0; + } + } else { + pi->pam_authtok = strdup(pi->pamstack_oldauthtok); + pi->pam_authtok_type = SSS_AUTHTOK_TYPE_PASSWORD; + pi->pam_authtok_size = strlen(pi->pam_authtok); + } + + if (flags & FLAGS_USE_AUTHTOK) { + pi->pam_newauthtok_type = SSS_AUTHTOK_TYPE_PASSWORD; + pi->pam_newauthtok = strdup(pi->pamstack_authtok); + if (pi->pam_newauthtok == NULL) { + D(("option use_authtok set, but no new password found")); + return PAM_BUF_ERR; + } + pi->pam_newauthtok_size = strlen(pi->pam_newauthtok); + } else { + ret = prompt_new_password(pamh, pi); + if (ret != PAM_SUCCESS) { + D(("failed to get new password from user")); + return ret; + } + + if (flags & FLAGS_FORWARD_PASS) { + ret = pam_set_item(pamh, PAM_AUTHTOK, pi->pam_newauthtok); + if (ret != PAM_SUCCESS) { + D(("Failed to set PAM_AUTHTOK [%s], " + "oldauthtok may not be available", + pam_strerror(pamh,ret))); + } + } + } + + return PAM_SUCCESS; +} + +static int pam_sss(enum sss_cli_command task, pam_handle_t *pamh, + int pam_flags, int argc, const char **argv) +{ + int ret; + struct pam_items pi; + uint32_t flags = 0; + + bindtextdomain(PACKAGE, LOCALEDIR); + + D(("Hello pam_sssd: %d", task)); + + eval_argv(pamh, argc, argv, &flags); + + ret = get_pam_items(pamh, &pi); + if (ret != PAM_SUCCESS) { + D(("get items returned error: %s", pam_strerror(pamh,ret))); + return ret; + } + + + switch(task) { + case SSS_PAM_AUTHENTICATE: + ret = get_authtok_for_authentication(pamh, &pi, flags); + if (ret != PAM_SUCCESS) { + D(("failed to get authentication token: %s", + pam_strerror(pamh, ret))); + return ret; + } + break; + case SSS_PAM_CHAUTHTOK: + ret = get_authtok_for_password_change(pamh, &pi, flags, pam_flags); + if (ret != PAM_SUCCESS) { + D(("failed to get tokens for password change: %s", + pam_strerror(pamh, ret))); + return ret; + } + if (pam_flags & PAM_PRELIM_CHECK) { + task = SSS_PAM_CHAUTHTOK_PRELIM; + } + break; + case SSS_PAM_ACCT_MGMT: + case SSS_PAM_SETCRED: + case SSS_PAM_OPEN_SESSION: + case SSS_PAM_CLOSE_SESSION: + break; + default: + D(("Illegal task [%d]", task)); + return PAM_SYSTEM_ERR; + } + + ret = send_and_receive(pamh, &pi, task); + + if (ret == PAM_AUTHTOK_EXPIRED && task == SSS_PAM_AUTHENTICATE) { + D(("Authtoken expired, trying to change it")); + ret = do_pam_conversation(pamh, PAM_ERROR_MSG, + _("Password has expired."), NULL, NULL); + if (ret != PAM_SUCCESS) { + D(("do_pam_conversation failed.")); + return PAM_SYSTEM_ERR; + } + + pi.pamstack_oldauthtok = pi.pam_authtok; + ret = get_authtok_for_password_change(pamh, &pi, flags, pam_flags); + if (ret != PAM_SUCCESS) { + D(("failed to get tokens for password change: %s", + pam_strerror(pamh, ret))); + return ret; + } + + ret = send_and_receive(pamh, &pi, SSS_PAM_CHAUTHTOK); + } + + overwrite_and_free_authtoks(&pi); + + return ret; +} + +PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, + const char **argv ) +{ + return pam_sss(SSS_PAM_AUTHENTICATE, pamh, flags, argc, argv); +} + + +PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, + const char **argv ) +{ + return pam_sss(SSS_PAM_SETCRED, pamh, flags, argc, argv); +} + +PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, + const char **argv ) +{ + return pam_sss(SSS_PAM_ACCT_MGMT, pamh, flags, argc, argv); +} + +PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, + const char **argv ) +{ + return pam_sss(SSS_PAM_CHAUTHTOK, pamh, flags, argc, argv); +} + +PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, + const char **argv ) +{ + return pam_sss(SSS_PAM_OPEN_SESSION, pamh, flags, argc, argv); +} + +PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, + const char **argv ) +{ + return pam_sss(SSS_PAM_CLOSE_SESSION, pamh, flags, argc, argv); +} + + +#ifdef PAM_STATIC + +/* static module data */ + +struct pam_module _pam_sssd_modstruct ={ + "pam_sssd", + pam_sm_authenticate, + pam_sm_setcred, + pam_sm_acct_mgmt, + pam_sm_open_session, + pam_sm_close_session, + pam_sm_chauthtok +}; + +#endif diff --git a/server/sss_client/pam_test_client.c b/server/sss_client/pam_test_client.c new file mode 100644 index 000000000..a088981bc --- /dev/null +++ b/server/sss_client/pam_test_client.c @@ -0,0 +1,95 @@ +/* + Authors: + Sumit Bose + + Copyright (C) 2009 Red Hat + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . +*/ + +#ifdef HAVE_CONFIG_H +#include +#endif + +#include +#include + +#include +#include + +static struct pam_conv conv = { + misc_conv, + NULL +}; + +int main(int argc, char *argv[]) { + + pam_handle_t *pamh; + char *user; + char *action; + int ret; + + if (argc == 1) { + fprintf(stderr, "missing action and user name, using default\n"); + action = strdup("auth"); + user = strdup("dummy"); + } else if (argc == 2) { + fprintf(stdout, "using first argument as action and default user name\n"); + action = strdup(argv[1]); + user = strdup("dummy"); + } else { + action = strdup(argv[1]); + user = strdup(argv[2]); + } + + fprintf(stdout, "action: %s\nuser: %s\n", action,user); + + ret = pam_start("sss_test", user, &conv, &pamh); + if (ret != PAM_SUCCESS) { + fprintf(stderr, "pam_start failed: %s\n", pam_strerror(pamh, ret)); + return 1; + } + + if ( strncmp(action, "auth", 4)== 0 ) { + fprintf(stdout, "testing pam_authenticate\n"); + ret = pam_authenticate(pamh, 0); + fprintf(stderr, "pam_authenticate: %s\n", pam_strerror(pamh, ret)); + } else if ( strncmp(action, "chau", 4)== 0 ) { + fprintf(stdout, "testing pam_chauthtok\n"); + ret = pam_chauthtok(pamh, 0); + fprintf(stderr, "pam_chauthtok: %s\n", pam_strerror(pamh, ret)); + } else if ( strncmp(action, "acct", 4)== 0 ) { + fprintf(stdout, "testing pam_acct_mgmt\n"); + ret = pam_acct_mgmt(pamh, 0); + fprintf(stderr, "pam_acct_mgmt: %s\n", pam_strerror(pamh, ret)); + } else if ( strncmp(action, "setc", 4)== 0 ) { + fprintf(stdout, "testing pam_setcred\n"); + ret = pam_setcred(pamh, 0); + fprintf(stderr, "pam_setcred: %d[%s]\n", ret, pam_strerror(pamh, ret)); + } else if ( strncmp(action, "open", 4)== 0 ) { + fprintf(stdout, "testing pam_open_session\n"); + ret = pam_open_session(pamh, 0); + fprintf(stderr, "pam_open_session: %s\n", pam_strerror(pamh, ret)); + } else if ( strncmp(action, "clos", 4)== 0 ) { + fprintf(stdout, "testing pam_close_session\n"); + ret = pam_close_session(pamh, 0); + fprintf(stderr, "pam_close_session: %s\n", pam_strerror(pamh, ret)); + } else { + fprintf(stderr, "unknown action\n"); + } + + pam_end(pamh, ret); + + return 0; +} diff --git a/server/sss_client/passwd.c b/server/sss_client/passwd.c new file mode 100644 index 000000000..0d70b6843 --- /dev/null +++ b/server/sss_client/passwd.c @@ -0,0 +1,373 @@ +/* + * System Security Services Daemon. NSS client interface + * + * Copyright (C) Simo Sorce 2007 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +/* PASSWD database NSS interface */ + +#include +#include +#include +#include +#include +#include +#include +#include "sss_cli.h" + +static struct sss_nss_getpwent_data { + size_t len; + size_t ptr; + uint8_t *data; +} sss_nss_getpwent_data; + +static void sss_nss_getpwent_data_clean(void) { + + if (sss_nss_getpwent_data.data != NULL) { + free(sss_nss_getpwent_data.data); + sss_nss_getpwent_data.data = NULL; + } + sss_nss_getpwent_data.len = 0; + sss_nss_getpwent_data.ptr = 0; +} + +/* GETPWNAM Request: + * + * 0-X: string with name + * + * GERTPWUID Request: + * + * 0-3: 32bit number with uid + * + * Replies: + * + * 0-3: 32bit unsigned number of results + * 4-7: 32bit unsigned (reserved/padding) + * For each result: + * 0-3: 32bit number uid + * 4-7: 32bit number gid + * 8-X: sequence of 5, 0 terminated, strings (name, passwd, gecos, dir, shell) + */ + +struct sss_nss_pw_rep { + struct passwd *result; + char *buffer; + size_t buflen; +}; + +static int sss_nss_getpw_readrep(struct sss_nss_pw_rep *pr, + uint8_t *buf, size_t *len) +{ + size_t i, slen, dlen; + char *sbuf; + + if (*len < 13) { /* not enough space for data, bad packet */ + return EBADMSG; + } + + pr->result->pw_uid = ((uint32_t *)buf)[0]; + pr->result->pw_gid = ((uint32_t *)buf)[1]; + + sbuf = (char *)&buf[8]; + slen = *len - 8; + dlen = pr->buflen; + + i = 0; + pr->result->pw_name = &(pr->buffer[i]); + while (slen > i && dlen > 0) { + pr->buffer[i] = sbuf[i]; + if (pr->buffer[i] == '\0') break; + i++; + dlen--; + } + if (slen <= i) { /* premature end of buf */ + return EBADMSG; + } + if (dlen <= 0) { /* not enough memory */ + return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ + } + i++; + dlen--; + + pr->result->pw_passwd = &(pr->buffer[i]); + while (slen > i && dlen > 0) { + pr->buffer[i] = sbuf[i]; + if (pr->buffer[i] == '\0') break; + i++; + dlen--; + } + if (slen <= i) { /* premature end of buf */ + return EBADMSG; + } + if (dlen <= 0) { /* not enough memory */ + return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ + } + i++; + dlen--; + + pr->result->pw_gecos = &(pr->buffer[i]); + while (slen > i && dlen > 0) { + pr->buffer[i] = sbuf[i]; + if (pr->buffer[i] == '\0') break; + i++; + dlen--; + } + if (slen <= i) { /* premature end of buf */ + return EBADMSG; + } + if (dlen <= 0) { /* not enough memory */ + return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ + } + i++; + dlen--; + + pr->result->pw_dir = &(pr->buffer[i]); + while (slen > i && dlen > 0) { + pr->buffer[i] = sbuf[i]; + if (pr->buffer[i] == '\0') break; + i++; + dlen--; + } + if (slen <= i) { /* premature end of buf */ + return EBADMSG; + } + if (dlen <= 0) { /* not enough memory */ + return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ + } + i++; + dlen--; + + pr->result->pw_shell = &(pr->buffer[i]); + while (slen > i && dlen > 0) { + pr->buffer[i] = sbuf[i]; + if (pr->buffer[i] == '\0') break; + i++; + dlen--; + } + if (slen <= i) { /* premature end of buf */ + return EBADMSG; + } + if (dlen <= 0) { /* not enough memory */ + return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ + } + + *len = slen -i -1; + + return 0; +} + +enum nss_status _nss_sss_getpwnam_r(const char *name, struct passwd *result, + char *buffer, size_t buflen, int *errnop) +{ + struct sss_cli_req_data rd; + struct sss_nss_pw_rep pwrep; + uint8_t *repbuf; + size_t replen, len; + enum nss_status nret; + int ret; + + /* Caught once glibc passing in buffer == 0x0 */ + if (!buffer || !buflen) return ERANGE; + + rd.len = strlen(name) + 1; + rd.data = name; + + nret = sss_nss_make_request(SSS_NSS_GETPWNAM, &rd, + &repbuf, &replen, errnop); + if (nret != NSS_STATUS_SUCCESS) { + return nret; + } + + pwrep.result = result; + pwrep.buffer = buffer; + pwrep.buflen = buflen; + + /* no results if not found */ + if (((uint32_t *)repbuf)[0] == 0) { + free(repbuf); + return NSS_STATUS_NOTFOUND; + } + + /* only 1 result is accepted for this function */ + if (((uint32_t *)repbuf)[0] != 1) { + *errnop = EBADMSG; + return NSS_STATUS_TRYAGAIN; + } + + len = replen - 8; + ret = sss_nss_getpw_readrep(&pwrep, repbuf+8, &len); + free(repbuf); + if (ret) { + *errnop = ret; + return NSS_STATUS_TRYAGAIN; + } + + return NSS_STATUS_SUCCESS; +} + +enum nss_status _nss_sss_getpwuid_r(uid_t uid, struct passwd *result, + char *buffer, size_t buflen, int *errnop) +{ + struct sss_cli_req_data rd; + struct sss_nss_pw_rep pwrep; + uint8_t *repbuf; + size_t replen, len; + enum nss_status nret; + uint32_t user_uid; + int ret; + + /* Caught once glibc passing in buffer == 0x0 */ + if (!buffer || !buflen) return ERANGE; + + user_uid = uid; + rd.len = sizeof(uint32_t); + rd.data = &user_uid; + + nret = sss_nss_make_request(SSS_NSS_GETPWUID, &rd, + &repbuf, &replen, errnop); + if (nret != NSS_STATUS_SUCCESS) { + return nret; + } + + pwrep.result = result; + pwrep.buffer = buffer; + pwrep.buflen = buflen; + + /* no results if not found */ + if (((uint32_t *)repbuf)[0] == 0) { + free(repbuf); + return NSS_STATUS_NOTFOUND; + } + + /* only 1 result is accepted for this function */ + if (((uint32_t *)repbuf)[0] != 1) { + *errnop = EBADMSG; + return NSS_STATUS_TRYAGAIN; + } + + len = replen - 8; + ret = sss_nss_getpw_readrep(&pwrep, repbuf+8, &len); + free(repbuf); + if (ret) { + *errnop = ret; + return NSS_STATUS_TRYAGAIN; + } + + return NSS_STATUS_SUCCESS; +} + +enum nss_status _nss_sss_setpwent(void) +{ + enum nss_status nret; + int errnop; + + /* make sure we do not have leftovers, and release memory */ + sss_nss_getpwent_data_clean(); + + nret = sss_nss_make_request(SSS_NSS_SETPWENT, + NULL, NULL, NULL, &errnop); + if (nret != NSS_STATUS_SUCCESS) { + errno = errnop; + return nret; + } + + return NSS_STATUS_SUCCESS; +} + +enum nss_status _nss_sss_getpwent_r(struct passwd *result, + char *buffer, size_t buflen, + int *errnop) +{ + struct sss_cli_req_data rd; + struct sss_nss_pw_rep pwrep; + uint8_t *repbuf; + size_t replen; + enum nss_status nret; + uint32_t num_entries; + int ret; + + /* Caught once glibc passing in buffer == 0x0 */ + if (!buffer || !buflen) return ERANGE; + + /* if there are leftovers return the next one */ + if (sss_nss_getpwent_data.data != NULL && + sss_nss_getpwent_data.ptr < sss_nss_getpwent_data.len) { + + repbuf = sss_nss_getpwent_data.data + sss_nss_getpwent_data.ptr; + replen = sss_nss_getpwent_data.len - sss_nss_getpwent_data.ptr; + + pwrep.result = result; + pwrep.buffer = buffer; + pwrep.buflen = buflen; + + ret = sss_nss_getpw_readrep(&pwrep, repbuf, &replen); + if (ret) { + *errnop = ret; + return NSS_STATUS_TRYAGAIN; + } + + /* advance buffer pointer */ + sss_nss_getpwent_data.ptr = sss_nss_getpwent_data.len - replen; + + return NSS_STATUS_SUCCESS; + } + + /* release memory if any */ + sss_nss_getpwent_data_clean(); + + /* retrieve no more than SSS_NSS_MAX_ENTRIES at a time */ + num_entries = SSS_NSS_MAX_ENTRIES; + rd.len = sizeof(uint32_t); + rd.data = &num_entries; + + nret = sss_nss_make_request(SSS_NSS_GETPWENT, &rd, + &repbuf, &replen, errnop); + if (nret != NSS_STATUS_SUCCESS) { + return nret; + } + + /* no results if not found */ + if ((((uint32_t *)repbuf)[0] == 0) || (replen - 8 == 0)) { + free(repbuf); + return NSS_STATUS_NOTFOUND; + } + + sss_nss_getpwent_data.data = repbuf; + sss_nss_getpwent_data.len = replen; + sss_nss_getpwent_data.ptr = 8; /* skip metadata fields */ + + /* call again ourselves, this will return the first result */ + return _nss_sss_getpwent_r(result, buffer, buflen, errnop); +} + +enum nss_status _nss_sss_endpwent(void) +{ + enum nss_status nret; + int errnop; + + /* make sure we do not have leftovers, and release memory */ + sss_nss_getpwent_data_clean(); + + nret = sss_nss_make_request(SSS_NSS_ENDPWENT, + NULL, NULL, NULL, &errnop); + if (nret != NSS_STATUS_SUCCESS) { + errno = errnop; + return nret; + } + + return NSS_STATUS_SUCCESS; +} diff --git a/server/sss_client/po/LINGUAS b/server/sss_client/po/LINGUAS new file mode 100644 index 000000000..123c64cac --- /dev/null +++ b/server/sss_client/po/LINGUAS @@ -0,0 +1,10 @@ +es +pl +fr +it +ja +nl +pt +de +sv + diff --git a/server/sss_client/po/Makevars b/server/sss_client/po/Makevars new file mode 100644 index 000000000..1c2ad2ba3 --- /dev/null +++ b/server/sss_client/po/Makevars @@ -0,0 +1,41 @@ +# Makefile variables for PO directory in any package using GNU gettext. + +# Usually the message domain is the same as the package name. +DOMAIN = $(PACKAGE) + +# These two variables depend on the location of this directory. +subdir = po +top_builddir = .. + +# These options get passed to xgettext. +XGETTEXT_OPTIONS = --keyword=_ --keyword=N_ + +# This is the copyright holder that gets inserted into the header of the +# $(DOMAIN).pot file. Set this to the copyright holder of the surrounding +# package. (Note that the msgstr strings, extracted from the package's +# sources, belong to the copyright holder of the package.) Translators are +# expected to transfer the copyright for their translations to this person +# or entity, or to disclaim their copyright. The empty string stands for +# the public domain; in this case the translators are expected to disclaim +# their copyright. +COPYRIGHT_HOLDER = Red Hat, Inc. + +# This is the email address or URL to which the translators shall report +# bugs in the untranslated strings: +# - Strings which are not entire sentences, see the maintainer guidelines +# in the GNU gettext documentation, section 'Preparing Strings'. +# - Strings which use unclear terms or require additional context to be +# understood. +# - Strings which make invalid assumptions about notation of date, time or +# money. +# - Pluralisation problems. +# - Incorrect English spelling. +# - Incorrect formatting. +# It can be your email address, or a mailing list address where translators +# can write to without being subscribed, or the URL of a web page through +# which the translators can contact you. +MSGID_BUGS_ADDRESS = sssd-devel@lists.fedorahosted.org + +# This is the list of locale categories, beyond LC_MESSAGES, for which the +# message catalogs shall be used. It is usually empty. +EXTRA_LOCALE_CATEGORIES = diff --git a/server/sss_client/po/POTFILES.in b/server/sss_client/po/POTFILES.in new file mode 100644 index 000000000..feeb0049c --- /dev/null +++ b/server/sss_client/po/POTFILES.in @@ -0,0 +1,6 @@ +# List of source files which contain translatable strings. +common.c +group.c +pam_sss.c +pam_test_client.c +passwd.c diff --git a/server/sss_client/po/de.po b/server/sss_client/po/de.po new file mode 100644 index 000000000..68f344266 --- /dev/null +++ b/server/sss_client/po/de.po @@ -0,0 +1,46 @@ +# German translation of SSSd client. +# Copyright (C) 2009 Red Hat, Inc. +# This file is distributed under the same license as the sssd package. +# +# Fabian Affolter , 2009. +# +msgid "" +msgstr "" +"Project-Id-Version: SSSD Client\n" +"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" +"POT-Creation-Date: 2010-02-05 09:37-0500\n" +"PO-Revision-Date: 2009-12-09 11:18+0100\n" +"Last-Translator: Fabian Affolter \n" +"Language-Team: German \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Poedit-Language: German\n" + +#: pam_sss.c:336 +msgid "Passwords do not match" +msgstr "Passwörter stimmen nicht überein" + +#: pam_sss.c:405 +msgid "Offline authentication" +msgstr "" + +#: pam_sss.c:406 +msgid ", your cached password will expire at: " +msgstr "" + +#: pam_sss.c:730 +msgid "Password: " +msgstr "Passwort: " + +#: pam_sss.c:762 +msgid "New Password: " +msgstr "Neues Passwort: " + +#: pam_sss.c:763 +msgid "Reenter new Password: " +msgstr "Neues Passwort noch einmal eingeben: " + +#: pam_sss.c:967 +msgid "Password has expired." +msgstr "Passwort ist abgelaufen." diff --git a/server/sss_client/po/es.po b/server/sss_client/po/es.po new file mode 100644 index 000000000..be67efe3b --- /dev/null +++ b/server/sss_client/po/es.po @@ -0,0 +1,46 @@ +# English translations for sss_client package. +# Copyright (C) 2009 Red Hat, Inc. +# This file is distributed under the same license as the sss_client package. +# Automatically generated, 2009. +# +msgid "" +msgstr "" +"Project-Id-Version: sss_client 0.4.0\n" +"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" +"POT-Creation-Date: 2010-02-05 09:37-0500\n" +"PO-Revision-Date: 2009-12-08 15:37-0300\n" +"Last-Translator: Domingo Becker \n" +"Language-Team: Transifex Spanish\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" +"X-Poedit-Language: Spanish\n" + +#: pam_sss.c:336 +msgid "Passwords do not match" +msgstr "Las contraseñas no coinciden" + +#: pam_sss.c:405 +msgid "Offline authentication" +msgstr "" + +#: pam_sss.c:406 +msgid ", your cached password will expire at: " +msgstr "" + +#: pam_sss.c:730 +msgid "Password: " +msgstr "Contraseña: " + +#: pam_sss.c:762 +msgid "New Password: " +msgstr "Nueva contraseña: " + +#: pam_sss.c:763 +msgid "Reenter new Password: " +msgstr "Reingrese la contraseña nueva:" + +#: pam_sss.c:967 +msgid "Password has expired." +msgstr "La contraseña ha expirado." diff --git a/server/sss_client/po/fr.po b/server/sss_client/po/fr.po new file mode 100644 index 000000000..657e3f403 --- /dev/null +++ b/server/sss_client/po/fr.po @@ -0,0 +1,44 @@ +# French translation of SSS Client +# Copyright (C) 2009 Red Hat, Inc. +# This file is distributed under the same license as the SSSD package. +# Pablo Martin-Gomez , 2009. +# +msgid "" +msgstr "" +"Project-Id-Version: fr\n" +"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" +"POT-Creation-Date: 2010-02-05 09:37-0500\n" +"PO-Revision-Date: 2009-11-17 21:05+0100\n" +"Last-Translator: Pablo Martin-Gomez \n" +"Language-Team: Français \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#: pam_sss.c:336 +msgid "Passwords do not match" +msgstr "Les mots de passe ne correspondent pas" + +#: pam_sss.c:405 +msgid "Offline authentication" +msgstr "" + +#: pam_sss.c:406 +msgid ", your cached password will expire at: " +msgstr "" + +#: pam_sss.c:730 +msgid "Password: " +msgstr "Mot de passe : " + +#: pam_sss.c:762 +msgid "New Password: " +msgstr "Nouveau mot de passe : " + +#: pam_sss.c:763 +msgid "Reenter new Password: " +msgstr "Retaper le nouveau mot de passe : " + +#: pam_sss.c:967 +msgid "Password has expired." +msgstr "Le mot de passe a expiré." diff --git a/server/sss_client/po/it.po b/server/sss_client/po/it.po new file mode 100644 index 000000000..a78bb2435 --- /dev/null +++ b/server/sss_client/po/it.po @@ -0,0 +1,47 @@ +# Italian translations for sss_client package. +# Copyright (C) 2009 Red Hat, Inc. +# This file is distributed under the same license as the sss_client package. +# Marina Latini , 2009. +# +msgid "" +msgstr "" +"Project-Id-Version: it\n" +"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" +"POT-Creation-Date: 2010-02-05 09:37-0500\n" +"PO-Revision-Date: \n" +"Last-Translator: Marina Latini \n" +"Language-Team: Italian \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Poedit-Language: Italian\n" +"X-Poedit-Country: ITALY\n" +"X-Poedit-SourceCharset: utf-8\n" + +#: pam_sss.c:336 +msgid "Passwords do not match" +msgstr "Le password non coincidono" + +#: pam_sss.c:405 +msgid "Offline authentication" +msgstr "" + +#: pam_sss.c:406 +msgid ", your cached password will expire at: " +msgstr "" + +#: pam_sss.c:730 +msgid "Password: " +msgstr "Password: " + +#: pam_sss.c:762 +msgid "New Password: " +msgstr "Nuova password: " + +#: pam_sss.c:763 +msgid "Reenter new Password: " +msgstr "reinserire la nuova password: " + +#: pam_sss.c:967 +msgid "Password has expired." +msgstr "La password è scaduta." diff --git a/server/sss_client/po/ja.po b/server/sss_client/po/ja.po new file mode 100644 index 000000000..527815b96 --- /dev/null +++ b/server/sss_client/po/ja.po @@ -0,0 +1,46 @@ +# translation of sss_client_ja.po to Japanese +# Copyright (C) YEAR Red Hat, Inc. +# This file is distributed under the same license as the PACKAGE package. +# +# Noriko Mizumoto , 2009. +msgid "" +msgstr "" +"Project-Id-Version: sss_client_ja\n" +"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" +"POT-Creation-Date: 2010-02-05 09:37-0500\n" +"PO-Revision-Date: 2009-11-18 09:47+1000\n" +"Last-Translator: Noriko Mizumoto \n" +"Language-Team: Japanese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.11.4\n" +"Plural-Forms: nplurals=1; plural=0;\n" + +#: pam_sss.c:336 +msgid "Passwords do not match" +msgstr "" + +#: pam_sss.c:405 +msgid "Offline authentication" +msgstr "" + +#: pam_sss.c:406 +msgid ", your cached password will expire at: " +msgstr "" + +#: pam_sss.c:730 +msgid "Password: " +msgstr "" + +#: pam_sss.c:762 +msgid "New Password: " +msgstr "" + +#: pam_sss.c:763 +msgid "Reenter new Password: " +msgstr "" + +#: pam_sss.c:967 +msgid "Password has expired." +msgstr "" diff --git a/server/sss_client/po/nl.po b/server/sss_client/po/nl.po new file mode 100644 index 000000000..5c2d39719 --- /dev/null +++ b/server/sss_client/po/nl.po @@ -0,0 +1,46 @@ +# translation of sssd.master.sss_client.po to Dutch +# Copyright (C) YEAR Red Hat, Inc. +# This file is distributed under the same license as the PACKAGE package. +# +# Richard van der Luit , 2009. +msgid "" +msgstr "" +"Project-Id-Version: sssd.master.sss_client\n" +"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" +"POT-Creation-Date: 2010-02-05 09:37-0500\n" +"PO-Revision-Date: 2009-11-19 13:14+0100\n" +"Last-Translator: Richard van der Luit \n" +"Language-Team: Dutch \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.11.4\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#: pam_sss.c:336 +msgid "Passwords do not match" +msgstr "Wachtwoorden komen niet overeen" + +#: pam_sss.c:405 +msgid "Offline authentication" +msgstr "" + +#: pam_sss.c:406 +msgid ", your cached password will expire at: " +msgstr "" + +#: pam_sss.c:730 +msgid "Password: " +msgstr "Wachtwoord: " + +#: pam_sss.c:762 +msgid "New Password: " +msgstr "Nieuw Wachtwoord: " + +#: pam_sss.c:763 +msgid "Reenter new Password: " +msgstr "Voer nieuw wachtwoord nogmaals in: " + +#: pam_sss.c:967 +msgid "Password has expired." +msgstr "Wachtwoord is verlopen." diff --git a/server/sss_client/po/pl.po b/server/sss_client/po/pl.po new file mode 100644 index 000000000..c8b1b479c --- /dev/null +++ b/server/sss_client/po/pl.po @@ -0,0 +1,42 @@ +# translation of pl.po to Polish +# Piotr Drąg , 2009. +# +msgid "" +msgstr "" +"Project-Id-Version: pl\n" +"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" +"POT-Creation-Date: 2010-02-05 09:37-0500\n" +"PO-Revision-Date: 2010-02-06 01:00+0100\n" +"Last-Translator: Piotr Drąg \n" +"Language-Team: Polish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#: pam_sss.c:336 +msgid "Passwords do not match" +msgstr "Hasła nie zgadzają się" + +#: pam_sss.c:405 +msgid "Offline authentication" +msgstr "Uwierzytelnienie w trybie offline" + +#: pam_sss.c:406 +msgid ", your cached password will expire at: " +msgstr ", hasło w pamięci podręcznej wygaśnie za: " + +#: pam_sss.c:730 +msgid "Password: " +msgstr "Hasło: " + +#: pam_sss.c:762 +msgid "New Password: " +msgstr "Nowe hasło: " + +#: pam_sss.c:763 +msgid "Reenter new Password: " +msgstr "Proszę ponownie podać nowe hasło: " + +#: pam_sss.c:967 +msgid "Password has expired." +msgstr "Hasło wygasło." diff --git a/server/sss_client/po/pt.po b/server/sss_client/po/pt.po new file mode 100644 index 000000000..9fd869020 --- /dev/null +++ b/server/sss_client/po/pt.po @@ -0,0 +1,46 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR Red Hat, Inc. +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR , YEAR. +# +msgid "" +msgstr "" +"Project-Id-Version: sssd.master.sss_client\n" +"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" +"POT-Creation-Date: 2010-02-05 09:37-0500\n" +"PO-Revision-Date: 2009-12-08 17:32+0100\n" +"Last-Translator: Rui Gouveia \n" +"Language-Team: PT \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Poedit-Language: Portuguese\n" +"X-Poedit-Country: PORTUGAL\n" + +#: pam_sss.c:336 +msgid "Passwords do not match" +msgstr "Senhas não coincidem" + +#: pam_sss.c:405 +msgid "Offline authentication" +msgstr "" + +#: pam_sss.c:406 +msgid ", your cached password will expire at: " +msgstr "" + +#: pam_sss.c:730 +msgid "Password: " +msgstr "Senha: " + +#: pam_sss.c:762 +msgid "New Password: " +msgstr "Nova Senha: " + +#: pam_sss.c:763 +msgid "Reenter new Password: " +msgstr "Digite a senha novamente: " + +#: pam_sss.c:967 +msgid "Password has expired." +msgstr "Senha expirou." diff --git a/server/sss_client/po/sss_client.pot b/server/sss_client/po/sss_client.pot new file mode 100644 index 000000000..6d8e2a67c --- /dev/null +++ b/server/sss_client/po/sss_client.pot @@ -0,0 +1,45 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR Red Hat, Inc. +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR , YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" +"POT-Creation-Date: 2010-02-05 09:37-0500\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language-Team: LANGUAGE \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=CHARSET\n" +"Content-Transfer-Encoding: 8bit\n" + +#: pam_sss.c:336 +msgid "Passwords do not match" +msgstr "" + +#: pam_sss.c:405 +msgid "Offline authentication" +msgstr "" + +#: pam_sss.c:406 +msgid ", your cached password will expire at: " +msgstr "" + +#: pam_sss.c:730 +msgid "Password: " +msgstr "" + +#: pam_sss.c:762 +msgid "New Password: " +msgstr "" + +#: pam_sss.c:763 +msgid "Reenter new Password: " +msgstr "" + +#: pam_sss.c:967 +msgid "Password has expired." +msgstr "" diff --git a/server/sss_client/po/sv.po b/server/sss_client/po/sv.po new file mode 100644 index 000000000..32c45e1aa --- /dev/null +++ b/server/sss_client/po/sv.po @@ -0,0 +1,44 @@ +# Swedish messages for sssd client. +# Copyright 2009 Red Hat, Inc. +# This file is distributed under the same license as the sssd package. +# Göran Uddeborg , 2009. +# +msgid "" +msgstr "" +"Project-Id-Version: sss_client\n" +"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" +"POT-Creation-Date: 2010-02-05 09:37-0500\n" +"PO-Revision-Date: 2009-12-09 20:52+0100\n" +"Last-Translator: Göran Uddeborg \n" +"Language-Team: Swedish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#: pam_sss.c:336 +msgid "Passwords do not match" +msgstr "Lösenorden stämmer inte överens" + +#: pam_sss.c:405 +msgid "Offline authentication" +msgstr "" + +#: pam_sss.c:406 +msgid ", your cached password will expire at: " +msgstr "" + +#: pam_sss.c:730 +msgid "Password: " +msgstr "Lösenord: " + +#: pam_sss.c:762 +msgid "New Password: " +msgstr "Nytt lösenord: " + +#: pam_sss.c:763 +msgid "Reenter new Password: " +msgstr "Skriv det nya lösenordet igen: " + +#: pam_sss.c:967 +msgid "Password has expired." +msgstr "Lösenordet har gått ut." diff --git a/server/sss_client/protos.h b/server/sss_client/protos.h new file mode 100644 index 000000000..adb0b7bb7 --- /dev/null +++ b/server/sss_client/protos.h @@ -0,0 +1,137 @@ +/* + * System Security Services Daemon. NSS Interface + * + * Copyright (C) Simo Sorce 2007 + * + * You can used this header file in any way you see fit provided copyright + * notices are preserved. + * + */ + +#if 0 +/* SHADOW database NSS interface */ +enum nss_status _nss_sss_getspnam_r(const char *name, struct spwd *result, + char *buffer, size_t buflen, int *errnop); +enum nss_status _nss_sss_setspent(void); +enum nss_status _nss_sss_getspent_r(struct spwd *result, + char *buffer, size_t buflen, int *errnop); +enum nss_status _nss_sss_endspent(void); + + +/* HOSTS database NSS interface */ +enum nss_status _nss_sss_gethostbyname_r(const char *name, + struct hostent *result, + char *buffer, size_t buflen, + int *errnop, int *h_errnop); +enum nss_status _nss_sss_gethostbyname2_r(const char *name, int af, + struct hostent *result, + char *buffer, size_t buflen, + int *errnop, int *h_errnop); +enum nss_status _nss_sss_gethostbyaddr_r(const void *addr, socklen_t len, + int af, struct hostent *result, + char *buffer, size_t buflen, + int *errnop, int *h_errnop); +enum nss_status _nss_sss_sethostent(void); +enum nss_status _nss_sss_gethostent_r(struct hostent *result, + char *buffer, size_t buflen, + int *errnop, int *h_errnop); +enum nss_status _nss_sss_endhostent(void); + +/* NETGROUP database NSS interface */ +enum nss_status _nss_sss_setnetgrent(const char *netgroup, + struct __netgrent *result); +enum nss_status _nss_sss_getnetgrent_r(struct __netgrent *result, + char *buffer, size_t buflen, + int *errnop); +enum nss_status _nss_ldap_endnetgrent(void); +/* too bad innetgr is currently implemented as an iteration over + * {set|get|end}netgroup ... */ + +/* NETWORKS database NSS interface */ +enum nss_status _nss_sss_getnetbyname_r(const char *name, + struct netent *result, + char *buffer, size_t buflen, + int *errnop, int *h_errnop); +enum nss_status _nss_sss_getnetbyaddr_r(uint32_t addr, int af, + struct netent *result, + char *buffer, size_t buflen, + int *errnop, int *h_errnop); +enum nss_status _nss_sss_setnetent(void); +enum nss_status _nss_sss_getnetent_r(struct netent *result, + char *buffer, size_t buflen, + int *errnop, int *h_errnop); +enum nss_status _nss_sss_endnetent(void); + + +/* PROTOCOLS database NSS interface */ +enum nss_status _nss_sss_getprotobyname_r(const char *name, + struct protoent *result, + char *buffer, size_t buflen, + int *errnop); +enum nss_status _nss_sss_getprotobynumber_r(int number, + struct protoent *result, + char *buffer, size_t buflen, + int *errnop); +enum nss_status _nss_sss_setprotoent(void); +enum nss_status _nss_sss_getprotoent_r(struct protoent *result, + char *buffer, size_t buflen, + int *errnop); +enum nss_status _nss_sss_endprotoent(void); + +/* SERVICES database NSS interface */ +enum nss_status _nss_sss_getservbyname_r(const char *name, + const char *protocol, + struct servent *result, + char *buffer, size_t buflen, + int *errnop); +enum nss_status _nss_sss_getservbyport_r(int port, const char *protocol, + struct servent *result, + char *buffer, size_t buflen, + int *errnop); +enum nss_status _nss_sss_setservent(void); +enum nss_status _nss_sss_getservent_r(struct servent *result, + char *buffer, size_t buflen, + int *errnop); +enum nss_status _nss_sss_endservent(void); + +/* ALIASES database NSS interface */ +enum nss_status _nss_sss_getaliasbyname_r(const char *name, + struct aliasent *result, + char *buffer, size_t buflen, + int *errnop); +enum nss_status _nss_sss_setaliasent(void); +enum nss_status _nss_sss_getaliasent_r(struct aliasent *result, + char *buffer, size_t buflen, + int *errnop); +enum nss_status _nss_sss_endaliasent(void); + +/* ETHERS database NSS interface */ +enum nss_status _nss_sss_gethostton_r(const char *name, + struct etherent *result, + char *buffer, size_t buflen, + int *errnop); +enum nss_status _nss_sss_getntohost_r(const struct ether_addr *addr, + struct etherent *result, + char *buffer, size_t buflen, + int *errnop); +enum nss_status _nss_sss_setetherent(void); +enum nss_status _nss_sss_getetherent_r(struct etherent *result, + char *buffer, size_t buflen, + int *errnop); +enum nss_status _nss_sss_endetherent(void); + +/* RPC database NSS interface */ +enum nss_status _nss_sss_getrpcbyname_r(const char *name, + struct rpcent *result, + char *buffer, size_t buflen, + int *errnop); +enum nss_status _nss_sss_getrpcbynumber_r(int number, struct rpcent *result, + char *buffer, size_t buflen, + int *errnop); +enum nss_status _nss_sss_setrpcent(void); +enum nss_status _nss_sss_getrpcent_r(struct rpcent *result, + char *buffer, size_t buflen, + int *errnop); +enum nss_status _nss_sss_endrpcent(void); + +#endif diff --git a/server/sss_client/sss_cli.h b/server/sss_client/sss_cli.h new file mode 100644 index 000000000..7e9a81ff3 --- /dev/null +++ b/server/sss_client/sss_cli.h @@ -0,0 +1,220 @@ +/* + * System Security Services Daemon. Client Interface for NSS and PAM. + * + * Copyright (C) Simo Sorce 2007 + * + * You can used this header file in any way you see fit provided copyright + * notices are preserved. + * + */ + +#ifndef _SSSCLI_H +#define _SSSCLI_H + +#include +#include +#include + +#ifndef HAVE_ERRNO_T +#define HAVE_ERRNO_T +typedef int errno_t; +#endif + +#define SSS_NSS_PROTOCOL_VERSION 1 +#define SSS_PAM_PROTOCOL_VERSION 3 + +enum sss_cli_command { +/* null */ + SSS_CLI_NULL = 0x0000, + +/* version */ + SSS_GET_VERSION = 0x0001, + +/* passwd */ + + SSS_NSS_GETPWNAM = 0x0011, + SSS_NSS_GETPWUID = 0x0012, + SSS_NSS_SETPWENT = 0x0013, + SSS_NSS_GETPWENT = 0x0014, + SSS_NSS_ENDPWENT = 0x0015, + +/* group */ + + SSS_NSS_GETGRNAM = 0x0021, + SSS_NSS_GETGRGID = 0x0022, + SSS_NSS_SETGRENT = 0x0023, + SSS_NSS_GETGRENT = 0x0024, + SSS_NSS_ENDGRENT = 0x0025, + SSS_NSS_INITGR = 0x0026, + +#if 0 +/* aliases */ + + SSS_NSS_GETALIASBYNAME = 0x0031, + SSS_NSS_GETALIASBYPORT = 0x0032, + SSS_NSS_SETALIASENT = 0x0033, + SSS_NSS_GETALIASENT = 0x0034, + SSS_NSS_ENDALIASENT = 0x0035, + +/* ethers */ + + SSS_NSS_GETHOSTTON = 0x0041, + SSS_NSS_GETNTOHOST = 0x0042, + SSS_NSS_SETETHERENT = 0x0043, + SSS_NSS_GETETHERENT = 0x0044, + SSS_NSS_ENDETHERENT = 0x0045, + +/* hosts */ + + SSS_NSS_GETHOSTBYNAME = 0x0051, + SSS_NSS_GETHOSTBYNAME2 = 0x0052, + SSS_NSS_GETHOSTBYADDR = 0x0053, + SSS_NSS_SETHOSTENT = 0x0054, + SSS_NSS_GETHOSTENT = 0x0055, + SSS_NSS_ENDHOSTENT = 0x0056, + +/* netgroup */ + + SSS_NSS_SETNETGRENT = 0x0061, + SSS_NSS_GETNETGRENT = 0x0062, + SSS_NSS_ENDNETGRENT = 0x0063, + /* SSS_NSS_INNETGR = 0x0064, */ + +/* networks */ + + SSS_NSS_GETNETBYNAME = 0x0071, + SSS_NSS_GETNETBYADDR = 0x0072, + SSS_NSS_SETNETENT = 0x0073, + SSS_NSS_GETNETENT = 0x0074, + SSS_NSS_ENDNETENT = 0x0075, + +/* protocols */ + + SSS_NSS_GETPROTOBYNAME = 0x0081, + SSS_NSS_GETPROTOBYNUM = 0x0082, + SSS_NSS_SETPROTOENT = 0x0083, + SSS_NSS_GETPROTOENT = 0x0084, + SSS_NSS_ENDPROTOENT = 0x0085, + +/* rpc */ + + SSS_NSS_GETRPCBYNAME = 0x0091, + SSS_NSS_GETRPCBYNUM = 0x0092, + SSS_NSS_SETRPCENT = 0x0093, + SSS_NSS_GETRPCENT = 0x0094, + SSS_NSS_ENDRPCENT = 0x0095, + +/* services */ + + SSS_NSS_GETSERVBYNAME = 0x00A1, + SSS_NSS_GETSERVBYPORT = 0x00A2, + SSS_NSS_SETSERVENT = 0x00A3, + SSS_NSS_GETSERVENT = 0x00A4, + SSS_NSS_ENDSERVENT = 0x00A5, + +/* shadow */ + + SSS_NSS_GETSPNAM = 0x00B1, + SSS_NSS_GETSPUID = 0x00B2, + SSS_NSS_SETSPENT = 0x00B3, + SSS_NSS_GETSPENT = 0x00B4, + SSS_NSS_ENDSPENT = 0x00B5, +#endif + +/* PAM related calls */ + SSS_PAM_AUTHENTICATE = 0x00F1, + SSS_PAM_SETCRED = 0x00F2, + SSS_PAM_ACCT_MGMT = 0x00F3, + SSS_PAM_OPEN_SESSION = 0x00F4, + SSS_PAM_CLOSE_SESSION = 0x00F5, + SSS_PAM_CHAUTHTOK = 0x00F6, + SSS_PAM_CHAUTHTOK_PRELIM = 0x00F7, + +}; + +enum sss_authtok_type { + SSS_AUTHTOK_TYPE_EMPTY = 0x0000, + SSS_AUTHTOK_TYPE_PASSWORD = 0x0001, +}; + +#define SSS_START_OF_PAM_REQUEST 0x4d415049 +#define SSS_END_OF_PAM_REQUEST 0x4950414d + +enum pam_item_type { + SSS_PAM_ITEM_EMPTY = 0x0000, + SSS_PAM_ITEM_USER, + SSS_PAM_ITEM_SERVICE, + SSS_PAM_ITEM_TTY, + SSS_PAM_ITEM_RUSER, + SSS_PAM_ITEM_RHOST, + SSS_PAM_ITEM_AUTHTOK, + SSS_PAM_ITEM_NEWAUTHTOK, + SSS_PAM_ITEM_CLI_LOCALE, + SSS_PAM_ITEM_CLI_PID, +}; + +#define SSS_NSS_MAX_ENTRIES 256 +#define SSS_NSS_HEADER_SIZE (sizeof(uint32_t) * 4) +struct sss_cli_req_data { + size_t len; + const void *data; +}; + +/* this is in milliseconds, wait up to 300 seconds */ +#define SSS_CLI_SOCKET_TIMEOUT 300000 + +enum sss_status { + SSS_STATUS_UNAVAIL, + SSS_STATUS_SUCCESS +}; + +enum response_type { + SSS_PAM_SYSTEM_INFO = 0x01, + SSS_PAM_DOMAIN_NAME, + SSS_PAM_ENV_ITEM, /* only pam environment */ + SSS_ENV_ITEM, /* only user environment */ + SSS_ALL_ENV_ITEM, /* pam and user environment */ + SSS_PAM_USER_INFO +}; + +enum user_info_type { + SSS_PAM_USER_INFO_OFFLINE_AUTH = 0x01, + SSS_PAM_USER_INFO_OFFLINE_AUTH_DELAYED, + SSS_PAM_USER_INFO_OFFLINE_CHPASS, + SSS_PAM_USER_INFO_CHPASS_ERROR +}; + +enum nss_status sss_nss_make_request(enum sss_cli_command cmd, + struct sss_cli_req_data *rd, + uint8_t **repbuf, size_t *replen, + int *errnop); + +int sss_pam_make_request(enum sss_cli_command cmd, + struct sss_cli_req_data *rd, + uint8_t **repbuf, size_t *replen, + int *errnop); + +#endif /* _SSSCLI_H */ + +#if 0 + +/* GETSPNAM Request: + * + * 0-X: string with name + * + * Replies: + * + * 0-3: 32bit unsigned number of results + * 4-7: 32bit unsigned (reserved/padding) + * For each result: + * 0-7: 64bit unsigned with Date of last change + * 8-15: 64bit unsigned with Min #days between changes + * 16-23: 64bit unsigned with Max #days between changes + * 24-31: 64bit unsigned with #days before pwd expires + * 32-39: 64bit unsigned with #days after pwd expires until account is disabled + * 40-47: 64bit unsigned with expiration date in days since 1970-01-01 + * 48-55: 64bit unsigned (flags/reserved) + * 56-X: sequence of 2, 0 terminated, strings (name, pwd) 64bit padded + */ +#endif + diff --git a/server/sss_client/sss_nss.exports b/server/sss_client/sss_nss.exports new file mode 100644 index 000000000..bcc6b10e1 --- /dev/null +++ b/server/sss_client/sss_nss.exports @@ -0,0 +1,73 @@ +EXPORTED { + + # public functions + global: + + _nss_sss_getpwnam_r; + _nss_sss_getpwuid_r; + _nss_sss_setpwent; + _nss_sss_getpwent_r; + _nss_sss_endpwent; + + _nss_sss_getgrnam_r; + _nss_sss_getgrgid_r; + _nss_sss_setgrent; + _nss_sss_getgrent_r; + _nss_sss_endgrent; + _nss_sss_initgroups_dyn; + + #_nss_sss_getaliasbyname_r; + #_nss_sss_setaliasent; + #_nss_sss_getaliasent_r; + #_nss_sss_endaliasent; + + #_nss_sss_gethostton_r; + #_nss_sss_getntohost_r; + #_nss_sss_setetherent; + #_nss_sss_getetherent_r; + #_nss_sss_endetherent; + + #_nss_sss_gethostbyname_r; + #_nss_sss_gethostbyname2_r; + #_nss_sss_gethostbyaddr_r; + #_nss_sss_sethostent; + #_nss_sss_gethostent_r; + #_nss_sss_endhostent; + + #_nss_sss_setnetgrent; + #_nss_sss_getnetgrent_r; + #_nss_sss_endnetgrent; + + #_nss_sss_getnetbyname_r; + #_nss_sss_getnetbyaddr_r; + #_nss_sss_setnetent; + #_nss_sss_getnetent_r; + #_nss_sss_endnetent; + + #_nss_sss_getprotobyname_r; + #_nss_sss_getprotobynumber_r; + #_nss_sss_setprotoent; + #_nss_sss_getprotoent_r; + #_nss_sss_endprotoent; + + #_nss_sss_getrpcbyname_r; + #_nss_sss_getrpcbynumber_r; + #_nss_sss_setrpcent; + #_nss_sss_getrpcent_r; + #_nss_sss_endrpcent; + + #_nss_sss_getservbyname_r; + #_nss_sss_getservbyport_r; + #_nss_sss_setservent; + #_nss_sss_getservent_r; + #_nss_sss_endservent; + + #_nss_sss_getspnam_r; + #_nss_sss_setspent; + #_nss_sss_getspent_r; + #_nss_sss_endspent; + + # everything else is local + local: + *; +}; diff --git a/server/sss_client/sss_pam.exports b/server/sss_client/sss_pam.exports new file mode 100644 index 000000000..9afa106be --- /dev/null +++ b/server/sss_client/sss_pam.exports @@ -0,0 +1,4 @@ +{ + global: + *; +}; diff --git a/server/sss_client/sss_pam_macros.h b/server/sss_client/sss_pam_macros.h new file mode 100644 index 000000000..5277acd0f --- /dev/null +++ b/server/sss_client/sss_pam_macros.h @@ -0,0 +1,30 @@ +/* + * System Security Services Daemon. Client Interface for NSS and PAM. + * + * Copyright (C) Stephen Gallagher 2009 + * + * You can used this header file in any way you see fit provided copyright + * notices are preserved. + * + */ + +#ifndef _SSS_PAM_MACROS_H +#define _SSS_PAM_MACROS_H + +/* Older versions of the pam development headers do not include the + * _pam_overwrite_n(n,x) macro. This implementation is copied from + * the Fedora 11 _pam_macros.h. + */ +#include +#ifndef _pam_overwrite_n +#define _pam_overwrite_n(x,n) \ +do { \ + register char *__xx__; \ + register unsigned int __i__ = 0; \ + if ((__xx__=(x))) \ + for (;__i__ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "sss_cli.h" - -/* common functions */ - -int sss_cli_sd = -1; /* the sss client socket descriptor */ - -static void sss_cli_close_socket(void) -{ - if (sss_cli_sd != -1) { - close(sss_cli_sd); - sss_cli_sd = -1; - } -} - -/* Requests: - * - * byte 0-3: 32bit unsigned with length (the complete packet length: 0 to X) - * byte 4-7: 32bit unsigned with command code - * byte 8-11: 32bit unsigned (reserved) - * byte 12-15: 32bit unsigned (reserved) - * byte 16-X: (optional) request structure associated to the command code used - */ -static enum nss_status sss_nss_send_req(enum sss_cli_command cmd, - struct sss_cli_req_data *rd, - int *errnop) -{ - uint32_t header[4]; - size_t datasent; - - header[0] = SSS_NSS_HEADER_SIZE + (rd?rd->len:0); - header[1] = cmd; - header[2] = 0; - header[3] = 0; - - datasent = 0; - - while (datasent < header[0]) { - struct pollfd pfd; - int rdsent; - int res, error; - - *errnop = 0; - pfd.fd = sss_cli_sd; - pfd.events = POLLOUT; - - do { - errno = 0; - res = poll(&pfd, 1, SSS_CLI_SOCKET_TIMEOUT); - error = errno; - - /* If error is EINTR here, we'll try again - * If it's any other error, we'll catch it - * below. - */ - } while (error == EINTR); - - switch (res) { - case -1: - *errnop = error; - break; - case 0: - *errnop = ETIME; - break; - case 1: - if (pfd.revents & (POLLERR | POLLHUP | POLLNVAL)) { - *errnop = EPIPE; - } - if (!(pfd.revents & POLLOUT)) { - *errnop = EBUSY; - } - break; - default: /* more than one avail ?? */ - *errnop = EBADF; - break; - } - if (*errnop) { - sss_cli_close_socket(); - return NSS_STATUS_UNAVAIL; - } - - if (datasent < SSS_NSS_HEADER_SIZE) { - res = write(sss_cli_sd, - (char *)header + datasent, - SSS_NSS_HEADER_SIZE - datasent); - } else { - rdsent = datasent - SSS_NSS_HEADER_SIZE; - res = write(sss_cli_sd, - (const char *)rd->data + rdsent, - rd->len - rdsent); - } - - if ((res == -1) || (res == 0)) { - - /* Write failed */ - sss_cli_close_socket(); - *errnop = errno; - return NSS_STATUS_UNAVAIL; - } - - datasent += res; - } - - return NSS_STATUS_SUCCESS; -} - -/* Replies: - * - * byte 0-3: 32bit unsigned with length (the complete packet length: 0 to X) - * byte 4-7: 32bit unsigned with command code - * byte 8-11: 32bit unsigned with the request status (server errno) - * byte 12-15: 32bit unsigned (reserved) - * byte 16-X: (optional) reply structure associated to the command code used - */ - -static enum nss_status sss_nss_recv_rep(enum sss_cli_command cmd, - uint8_t **buf, int *len, - int *errnop) -{ - uint32_t header[4]; - size_t datarecv; - - header[0] = SSS_NSS_HEADER_SIZE; /* unitl we know the real lenght */ - header[1] = 0; - header[2] = 0; - header[3] = 0; - - datarecv = 0; - *buf = NULL; - *len = 0; - *errnop = 0; - - while (datarecv < header[0]) { - struct pollfd pfd; - int bufrecv; - int res, error; - - pfd.fd = sss_cli_sd; - pfd.events = POLLIN; - - do { - errno = 0; - res = poll(&pfd, 1, SSS_CLI_SOCKET_TIMEOUT); - error = errno; - - /* If error is EINTR here, we'll try again - * If it's any other error, we'll catch it - * below. - */ - } while (error == EINTR); - - switch (res) { - case -1: - *errnop = error; - break; - case 0: - *errnop = ETIME; - break; - case 1: - if (pfd.revents & (POLLERR | POLLHUP | POLLNVAL)) { - *errnop = EPIPE; - } - if (!(pfd.revents & POLLIN)) { - *errnop = EBUSY; - } - break; - default: /* more than one avail ?? */ - *errnop = EBADF; - break; - } - if (*errnop) { - sss_cli_close_socket(); - return NSS_STATUS_UNAVAIL; - } - - if (datarecv < SSS_NSS_HEADER_SIZE) { - res = read(sss_cli_sd, - (char *)header + datarecv, - SSS_NSS_HEADER_SIZE - datarecv); - } else { - bufrecv = datarecv - SSS_NSS_HEADER_SIZE; - res = read(sss_cli_sd, - (char *)(*buf) + bufrecv, - header[0] - datarecv); - } - - if ((res == -1) || (res == 0)) { - - /* Read failed. I think the only useful thing - * we can do here is just return -1 and fail - * since the transaction has failed half way - * through. */ - - sss_cli_close_socket(); - *errnop = errno; - return NSS_STATUS_UNAVAIL; - } - - datarecv += res; - - if (datarecv == SSS_NSS_HEADER_SIZE && *len == 0) { - /* at this point recv buf is not yet - * allocated and the header has just - * been read, do checks and proceed */ - if (header[2] != 0) { - /* server side error */ - sss_cli_close_socket(); - *errnop = header[2]; - if (*errnop == EAGAIN) { - return NSS_STATUS_TRYAGAIN; - } else { - return NSS_STATUS_UNAVAIL; - } - } - if (header[1] != cmd) { - /* wrong command id */ - sss_cli_close_socket(); - *errnop = EBADMSG; - return NSS_STATUS_UNAVAIL; - } - if (header[0] > SSS_NSS_HEADER_SIZE) { - *len = header[0] - SSS_NSS_HEADER_SIZE; - *buf = malloc(*len); - if (!*buf) { - sss_cli_close_socket(); - *errnop = ENOMEM; - return NSS_STATUS_UNAVAIL; - } - } - } - } - - return NSS_STATUS_SUCCESS; -} - -/* this function will check command codes match and returned length is ok */ -/* repbuf and replen report only the data section not the header */ -static enum nss_status sss_nss_make_request_nochecks( - enum sss_cli_command cmd, - struct sss_cli_req_data *rd, - uint8_t **repbuf, size_t *replen, - int *errnop) -{ - enum nss_status ret; - uint8_t *buf = NULL; - int len = 0; - - /* send data */ - ret = sss_nss_send_req(cmd, rd, errnop); - if (ret != NSS_STATUS_SUCCESS) { - return ret; - } - - /* data sent, now get reply */ - ret = sss_nss_recv_rep(cmd, &buf, &len, errnop); - if (ret != NSS_STATUS_SUCCESS) { - return ret; - } - - /* we got through, now we have the custom data in buf if any, - * return it if requested */ - if (repbuf && buf) { - *repbuf = buf; - if (replen) { - *replen = len; - } - } else { - free(buf); - if (replen) { - *replen = 0; - } - } - - return NSS_STATUS_SUCCESS; -} - -/* GET_VERSION Reply: - * 0-3: 32bit unsigned version number - */ - -static int sss_nss_check_version(const char *socket_name) -{ - uint8_t *repbuf; - size_t replen; - enum nss_status nret; - int errnop; - int res = NSS_STATUS_UNAVAIL; - uint32_t expected_version; - struct sss_cli_req_data req; - - if (strcmp(socket_name, SSS_NSS_SOCKET_NAME) == 0) { - expected_version = SSS_NSS_PROTOCOL_VERSION; - } else if (strcmp(socket_name, SSS_PAM_SOCKET_NAME) == 0 || - strcmp(socket_name, SSS_PAM_PRIV_SOCKET_NAME) == 0) { - expected_version = SSS_PAM_PROTOCOL_VERSION; - } else { - return NSS_STATUS_UNAVAIL; - } - - req.len = sizeof(expected_version); - req.data = &expected_version; - - nret = sss_nss_make_request_nochecks(SSS_GET_VERSION, &req, - &repbuf, &replen, &errnop); - if (nret != NSS_STATUS_SUCCESS) { - return nret; - } - - if (!repbuf) { - return res; - } - - if (((uint32_t *)repbuf)[0] == expected_version) { - res = NSS_STATUS_SUCCESS; - } - - free(repbuf); - return res; -} - -/* this 2 functions are adapted from samba3 winbinbd's wb_common.c */ - -/* Make sure socket handle isn't stdin (0), stdout(1) or stderr(2) by setting - * the limit to 3 */ -#define RECURSION_LIMIT 3 - -static int make_nonstd_fd_internals(int fd, int limit) -{ - int new_fd; - if (fd >= 0 && fd <= 2) { -#ifdef F_DUPFD - if ((new_fd = fcntl(fd, F_DUPFD, 3)) == -1) { - return -1; - } - /* Paranoia */ - if (new_fd < 3) { - close(new_fd); - return -1; - } - close(fd); - return new_fd; -#else - if (limit <= 0) - return -1; - - new_fd = dup(fd); - if (new_fd == -1) - return -1; - - /* use the program stack to hold our list of FDs to close */ - new_fd = make_nonstd_fd_internals(new_fd, limit - 1); - close(fd); - return new_fd; -#endif - } - return fd; -} - -/**************************************************************************** - Set a fd into blocking/nonblocking mode. Uses POSIX O_NONBLOCK if available, - else - if SYSV use O_NDELAY - if BSD use FNDELAY - Set close on exec also. -****************************************************************************/ - -static int make_safe_fd(int fd) -{ - int result, flags; - int new_fd = make_nonstd_fd_internals(fd, RECURSION_LIMIT); - if (new_fd == -1) { - close(fd); - return -1; - } - - /* Socket should be nonblocking. */ -#ifdef O_NONBLOCK -#define FLAG_TO_SET O_NONBLOCK -#else -#ifdef SYSV -#define FLAG_TO_SET O_NDELAY -#else /* BSD */ -#define FLAG_TO_SET FNDELAY -#endif -#endif - - if ((flags = fcntl(new_fd, F_GETFL)) == -1) { - close(new_fd); - return -1; - } - - flags |= FLAG_TO_SET; - if (fcntl(new_fd, F_SETFL, flags) == -1) { - close(new_fd); - return -1; - } - -#undef FLAG_TO_SET - - /* Socket should be closed on exec() */ -#ifdef FD_CLOEXEC - result = flags = fcntl(new_fd, F_GETFD, 0); - if (flags >= 0) { - flags |= FD_CLOEXEC; - result = fcntl( new_fd, F_SETFD, flags ); - } - if (result < 0) { - close(new_fd); - return -1; - } -#endif - return new_fd; -} - -static int sss_nss_open_socket(int *errnop, const char *socket_name) -{ - struct sockaddr_un nssaddr; - int inprogress = 1; - int wait_time, sleep_time; - int sd; - - memset(&nssaddr, 0, sizeof(struct sockaddr_un)); - nssaddr.sun_family = AF_UNIX; - strncpy(nssaddr.sun_path, socket_name, - strlen(socket_name) + 1); - - sd = socket(AF_UNIX, SOCK_STREAM, 0); - if (sd == -1) { - *errnop = errno; - return -1; - } - - /* set as non-blocking, close on exec, and make sure standard - * descriptors are not used */ - sd = make_safe_fd(sd); - if (sd == -1) { - *errnop = errno; - return -1; - } - - /* this piece is adapted from winbind client code */ - wait_time = 0; - sleep_time = 0; - while(inprogress) { - int connect_errno = 0; - socklen_t errnosize; - struct timeval tv; - fd_set w_fds; - int ret; - - wait_time += sleep_time; - - ret = connect(sd, (struct sockaddr *)&nssaddr, - sizeof(nssaddr)); - if (ret == 0) { - return sd; - } - - switch(errno) { - case EINPROGRESS: - FD_ZERO(&w_fds); - FD_SET(sd, &w_fds); - tv.tv_sec = SSS_CLI_SOCKET_TIMEOUT - wait_time; - tv.tv_usec = 0; - - ret = select(sd + 1, NULL, &w_fds, NULL, &tv); - - if (ret > 0) { - errnosize = sizeof(connect_errno); - ret = getsockopt(sd, SOL_SOCKET, SO_ERROR, - &connect_errno, &errnosize); - if (ret >= 0 && connect_errno == 0) { - return sd; - } - } - wait_time += SSS_CLI_SOCKET_TIMEOUT; - break; - case EAGAIN: - if (wait_time < SSS_CLI_SOCKET_TIMEOUT) { - sleep_time = rand() % 2 + 1; - sleep(sleep_time); - } - break; - default: - *errnop = errno; - inprogress = 0; - break; - } - - if (wait_time >= SSS_CLI_SOCKET_TIMEOUT) { - inprogress = 0; - } - } - - /* if we get here connect() failed or we timed out */ - - close(sd); - return -1; -} - -static enum sss_status sss_cli_check_socket(int *errnop, const char *socket_name) -{ - static pid_t mypid; - int mysd; - - if (getpid() != mypid) { - sss_cli_close_socket(); - mypid = getpid(); - } - - /* check if the socket has been closed on the other side */ - if (sss_cli_sd != -1) { - struct pollfd pfd; - int res, error; - - *errnop = 0; - pfd.fd = sss_cli_sd; - pfd.events = POLLIN | POLLOUT; - - do { - errno = 0; - res = poll(&pfd, 1, SSS_CLI_SOCKET_TIMEOUT); - error = errno; - - /* If error is EINTR here, we'll try again - * If it's any other error, we'll catch it - * below. - */ - } while (error == EINTR); - - switch (res) { - case -1: - *errnop = error; - break; - case 0: - *errnop = ETIME; - break; - case 1: - if (pfd.revents & (POLLERR | POLLHUP | POLLNVAL)) { - *errnop = EPIPE; - } - if (!(pfd.revents & (POLLIN | POLLOUT))) { - *errnop = EBUSY; - } - break; - default: /* more than one avail ?? */ - *errnop = EBADF; - break; - } - if (*errnop) { - sss_cli_close_socket(); - return SSS_STATUS_UNAVAIL; - } - - return SSS_STATUS_SUCCESS; - } - - mysd = sss_nss_open_socket(errnop, socket_name); - if (mysd == -1) { - return SSS_STATUS_UNAVAIL; - } - - sss_cli_sd = mysd; - - if (sss_nss_check_version(socket_name) == NSS_STATUS_SUCCESS) { - return SSS_STATUS_SUCCESS; - } - - sss_cli_close_socket(); - *errnop = EFAULT; - return SSS_STATUS_UNAVAIL; -} - -/* this function will check command codes match and returned length is ok */ -/* repbuf and replen report only the data section not the header */ -enum nss_status sss_nss_make_request(enum sss_cli_command cmd, - struct sss_cli_req_data *rd, - uint8_t **repbuf, size_t *replen, - int *errnop) -{ - enum nss_status ret; - char *envval; - - /* avoid looping in the nss daemon */ - envval = getenv("_SSS_LOOPS"); - if (envval && strcmp(envval, "NO") == 0) { - return NSS_STATUS_NOTFOUND; - } - - ret = sss_cli_check_socket(errnop, SSS_NSS_SOCKET_NAME); - if (ret != SSS_STATUS_SUCCESS) { - return NSS_STATUS_UNAVAIL; - } - - return sss_nss_make_request_nochecks(cmd, rd, repbuf, replen, errnop); -} - -int sss_pam_make_request(enum sss_cli_command cmd, - struct sss_cli_req_data *rd, - uint8_t **repbuf, size_t *replen, - int *errnop) -{ - int ret; - char *envval; - struct stat stat_buf; - - /* avoid looping in the pam daemon */ - envval = getenv("_SSS_LOOPS"); - if (envval && strcmp(envval, "NO") == 0) { - return PAM_SERVICE_ERR; - } - - /* only root shall use the privileged pipe */ - if (getuid() == 0 && getgid() == 0) { - ret = stat(SSS_PAM_PRIV_SOCKET_NAME, &stat_buf); - if (ret != 0) return PAM_SERVICE_ERR; - if ( ! (stat_buf.st_uid == 0 && - stat_buf.st_gid == 0 && - (stat_buf.st_mode&(S_IFSOCK|S_IRUSR|S_IWUSR)) == stat_buf.st_mode)) { - return PAM_SERVICE_ERR; - } - - ret = sss_cli_check_socket(errnop, SSS_PAM_PRIV_SOCKET_NAME); - } else { - ret = sss_cli_check_socket(errnop, SSS_PAM_SOCKET_NAME); - } - if (ret != NSS_STATUS_SUCCESS) { - return PAM_SERVICE_ERR; - } - - return sss_nss_make_request_nochecks(cmd, rd, repbuf, replen, errnop); -} diff --git a/sss_client/conf_macros.m4 b/sss_client/conf_macros.m4 deleted file mode 100644 index cff961bc8..000000000 --- a/sss_client/conf_macros.m4 +++ /dev/null @@ -1,52 +0,0 @@ -AC_DEFUN([BUILD_WITH_AUX_INFO], - [ AC_ARG_WITH([aux-info], - [AC_HELP_STRING([--with-aux-info], - [Build with -aux-info output])]) - ]) -AM_CONDITIONAL([WANT_AUX_INFO], [test x$with_aux_info = xyes]) - -AC_DEFUN([WITH_PIPE_PATH], - [ AC_ARG_WITH([pipe-path], - [AC_HELP_STRING([--with-pipe-path=PATH], - [Where to store pipe files for the SSSD interconnects [/var/lib/sss/pipes]] - ) - ] - ) - config_pipepath="\"VARDIR\"/lib/sss/pipes" - pipepath="${localstatedir}/lib/sss/pipes" - if test x"$with_pipe_path" != x; then - config_pipepath=$with_pipe_path - pipepath=$with_pipe_path - fi - AC_SUBST(pipepath) - AC_DEFINE_UNQUOTED(PIPE_PATH, "$config_pipepath", [Where to store pipe files for the SSSD interconnects]) - ]) -AC_DEFUN([WITH_MANPAGES], - [ AC_ARG_WITH([manpages], - [AC_HELP_STRING([--with-manpages], - [Whether to regenerate man pages from DocBook sources [yes]] - ) - ], - [], - with_manpages=yes - ) - if test x"$with_manpages" == xyes; then - HAVE_MANPAGES=1 - AC_SUBST(HAVE_MANPAGES) - fi - ]) -AM_CONDITIONAL([BUILD_MANPAGES], [test x$with_manpages = xyes]) - -AC_DEFUN([WITH_XML_CATALOG], - [ AC_ARG_WITH([xml-catalog-path], - [AC_HELP_STRING([--with-xml-catalog-path=PATH], - [Where to look for XML catalog [/etc/xml/catalog]] - ) - ] - ) - SGML_CATALOG_FILES="/etc/xml/catalog" - if test x"$with_xml_catalog_path" != x; then - SGML_CATALOG_FILES="$with_xml_catalog_path" - fi - AC_SUBST([SGML_CATALOG_FILES]) - ]) diff --git a/sss_client/config.guess b/sss_client/config.guess deleted file mode 100755 index 354dbe175..000000000 --- a/sss_client/config.guess +++ /dev/null @@ -1,1464 +0,0 @@ -#! /bin/sh -# Attempt to guess a canonical system name. -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. - -timestamp='2005-08-03' - -# This file is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, see . -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - - -# Originally written by Per Bothner . -# Please send patches to . Submit a context -# diff and a properly formatted ChangeLog entry. -# -# This script attempts to guess a canonical system name similar to -# config.sub. If it succeeds, it prints the system name on stdout, and -# exits with 0. Otherwise, it exits with 1. -# -# The plan is that this can be called by configure scripts if you -# don't specify an explicit build system type. - -me=`echo "$0" | sed -e 's,.*/,,'` - -usage="\ -Usage: $0 [OPTION] - -Output the configuration name of the system \`$me' is run on. - -Operation modes: - -h, --help print this help, then exit - -t, --time-stamp print date of last modification, then exit - -v, --version print version number, then exit - -Report bugs and patches to ." - -version="\ -GNU config.guess ($timestamp) - -Originally written by Per Bothner. -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 -Free Software Foundation, Inc. - -This is free software; see the source for copying conditions. There is NO -warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." - -help=" -Try \`$me --help' for more information." - -# Parse command line -while test $# -gt 0 ; do - case $1 in - --time-stamp | --time* | -t ) - echo "$timestamp" ; exit ;; - --version | -v ) - echo "$version" ; exit ;; - --help | --h* | -h ) - echo "$usage"; exit ;; - -- ) # Stop option processing - shift; break ;; - - ) # Use stdin as input. - break ;; - -* ) - echo "$me: invalid option $1$help" >&2 - exit 1 ;; - * ) - break ;; - esac -done - -if test $# != 0; then - echo "$me: too many arguments$help" >&2 - exit 1 -fi - -trap 'exit 1' 1 2 15 - -# CC_FOR_BUILD -- compiler used by this script. Note that the use of a -# compiler to aid in system detection is discouraged as it requires -# temporary files to be created and, as you can see below, it is a -# headache to deal with in a portable fashion. - -# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still -# use `HOST_CC' if defined, but it is deprecated. - -# Portable tmp directory creation inspired by the Autoconf team. - -set_cc_for_build=' -trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ; -trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ; -: ${TMPDIR=/tmp} ; - { tmp=`(umask 077 && mktemp -d -q "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } || - { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } || - { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } || - { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ; -dummy=$tmp/dummy ; -tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ; -case $CC_FOR_BUILD,$HOST_CC,$CC in - ,,) echo "int x;" > $dummy.c ; - for c in cc gcc c89 c99 ; do - if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then - CC_FOR_BUILD="$c"; break ; - fi ; - done ; - if test x"$CC_FOR_BUILD" = x ; then - CC_FOR_BUILD=no_compiler_found ; - fi - ;; - ,,*) CC_FOR_BUILD=$CC ;; - ,*,*) CC_FOR_BUILD=$HOST_CC ;; -esac ; set_cc_for_build= ;' - -# This is needed to find uname on a Pyramid OSx when run in the BSD universe. -# (ghazi@noc.rutgers.edu 1994-08-24) -if (test -f /.attbin/uname) >/dev/null 2>&1 ; then - PATH=$PATH:/.attbin ; export PATH -fi - -UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown -UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown -UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown -UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown - -# Note: order is significant - the case branches are not exclusive. - -case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in - *:NetBSD:*:*) - # NetBSD (nbsd) targets should (where applicable) match one or - # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, - # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently - # switched to ELF, *-*-netbsd* would select the old - # object file format. This provides both forward - # compatibility and a consistent mechanism for selecting the - # object file format. - # - # Note: NetBSD doesn't particularly care about the vendor - # portion of the name. We always set it to "unknown". - sysctl="sysctl -n hw.machine_arch" - UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \ - /usr/sbin/$sysctl 2>/dev/null || echo unknown)` - case "${UNAME_MACHINE_ARCH}" in - armeb) machine=armeb-unknown ;; - arm*) machine=arm-unknown ;; - sh3el) machine=shl-unknown ;; - sh3eb) machine=sh-unknown ;; - *) machine=${UNAME_MACHINE_ARCH}-unknown ;; - esac - # The Operating System including object format, if it has switched - # to ELF recently, or will in the future. - case "${UNAME_MACHINE_ARCH}" in - arm*|i386|m68k|ns32k|sh3*|sparc|vax) - eval $set_cc_for_build - if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ - | grep __ELF__ >/dev/null - then - # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). - # Return netbsd for either. FIX? - os=netbsd - else - os=netbsdelf - fi - ;; - *) - os=netbsd - ;; - esac - # The OS release - # Debian GNU/NetBSD machines have a different userland, and - # thus, need a distinct triplet. However, they do not need - # kernel version information, so it can be replaced with a - # suitable tag, in the style of linux-gnu. - case "${UNAME_VERSION}" in - Debian*) - release='-gnu' - ;; - *) - release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` - ;; - esac - # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: - # contains redundant information, the shorter form: - # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. - echo "${machine}-${os}${release}" - exit ;; - *:OpenBSD:*:*) - UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` - echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} - exit ;; - *:ekkoBSD:*:*) - echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE} - exit ;; - macppc:MirBSD:*:*) - echo powerppc-unknown-mirbsd${UNAME_RELEASE} - exit ;; - *:MirBSD:*:*) - echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE} - exit ;; - alpha:OSF1:*:*) - case $UNAME_RELEASE in - *4.0) - UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` - ;; - *5.*) - UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` - ;; - esac - # According to Compaq, /usr/sbin/psrinfo has been available on - # OSF/1 and Tru64 systems produced since 1995. I hope that - # covers most systems running today. This code pipes the CPU - # types through head -n 1, so we only detect the type of CPU 0. - ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^ The alpha \(.*\) processor.*$/\1/p' | head -n 1` - case "$ALPHA_CPU_TYPE" in - "EV4 (21064)") - UNAME_MACHINE="alpha" ;; - "EV4.5 (21064)") - UNAME_MACHINE="alpha" ;; - "LCA4 (21066/21068)") - UNAME_MACHINE="alpha" ;; - "EV5 (21164)") - UNAME_MACHINE="alphaev5" ;; - "EV5.6 (21164A)") - UNAME_MACHINE="alphaev56" ;; - "EV5.6 (21164PC)") - UNAME_MACHINE="alphapca56" ;; - "EV5.7 (21164PC)") - UNAME_MACHINE="alphapca57" ;; - "EV6 (21264)") - UNAME_MACHINE="alphaev6" ;; - "EV6.7 (21264A)") - UNAME_MACHINE="alphaev67" ;; - "EV6.8CB (21264C)") - UNAME_MACHINE="alphaev68" ;; - "EV6.8AL (21264B)") - UNAME_MACHINE="alphaev68" ;; - "EV6.8CX (21264D)") - UNAME_MACHINE="alphaev68" ;; - "EV6.9A (21264/EV69A)") - UNAME_MACHINE="alphaev69" ;; - "EV7 (21364)") - UNAME_MACHINE="alphaev7" ;; - "EV7.9 (21364A)") - UNAME_MACHINE="alphaev79" ;; - esac - # A Pn.n version is a patched version. - # A Vn.n version is a released version. - # A Tn.n version is a released field test version. - # A Xn.n version is an unreleased experimental baselevel. - # 1.2 uses "1.2" for uname -r. - echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - exit ;; - Alpha\ *:Windows_NT*:*) - # How do we know it's Interix rather than the generic POSIX subsystem? - # Should we change UNAME_MACHINE based on the output of uname instead - # of the specific Alpha model? - echo alpha-pc-interix - exit ;; - 21064:Windows_NT:50:3) - echo alpha-dec-winnt3.5 - exit ;; - Amiga*:UNIX_System_V:4.0:*) - echo m68k-unknown-sysv4 - exit ;; - *:[Aa]miga[Oo][Ss]:*:*) - echo ${UNAME_MACHINE}-unknown-amigaos - exit ;; - *:[Mm]orph[Oo][Ss]:*:*) - echo ${UNAME_MACHINE}-unknown-morphos - exit ;; - *:OS/390:*:*) - echo i370-ibm-openedition - exit ;; - *:z/VM:*:*) - echo s390-ibm-zvmoe - exit ;; - *:OS400:*:*) - echo powerpc-ibm-os400 - exit ;; - arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) - echo arm-acorn-riscix${UNAME_RELEASE} - exit ;; - arm:riscos:*:*|arm:RISCOS:*:*) - echo arm-unknown-riscos - exit ;; - SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) - echo hppa1.1-hitachi-hiuxmpp - exit ;; - Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) - # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. - if test "`(/bin/universe) 2>/dev/null`" = att ; then - echo pyramid-pyramid-sysv3 - else - echo pyramid-pyramid-bsd - fi - exit ;; - NILE*:*:*:dcosx) - echo pyramid-pyramid-svr4 - exit ;; - DRS?6000:unix:4.0:6*) - echo sparc-icl-nx6 - exit ;; - DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*) - case `/usr/bin/uname -p` in - sparc) echo sparc-icl-nx7; exit ;; - esac ;; - sun4H:SunOS:5.*:*) - echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) - echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - i86pc:SunOS:5.*:*) - echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - sun4*:SunOS:6*:*) - # According to config.sub, this is the proper way to canonicalize - # SunOS6. Hard to guess exactly what SunOS6 will be like, but - # it's likely to be more like Solaris than SunOS4. - echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - sun4*:SunOS:*:*) - case "`/usr/bin/arch -k`" in - Series*|S4*) - UNAME_RELEASE=`uname -v` - ;; - esac - # Japanese Language versions have a version number like `4.1.3-JL'. - echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` - exit ;; - sun3*:SunOS:*:*) - echo m68k-sun-sunos${UNAME_RELEASE} - exit ;; - sun*:*:4.2BSD:*) - UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` - test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 - case "`/bin/arch`" in - sun3) - echo m68k-sun-sunos${UNAME_RELEASE} - ;; - sun4) - echo sparc-sun-sunos${UNAME_RELEASE} - ;; - esac - exit ;; - aushp:SunOS:*:*) - echo sparc-auspex-sunos${UNAME_RELEASE} - exit ;; - # The situation for MiNT is a little confusing. The machine name - # can be virtually everything (everything which is not - # "atarist" or "atariste" at least should have a processor - # > m68000). The system name ranges from "MiNT" over "FreeMiNT" - # to the lowercase version "mint" (or "freemint"). Finally - # the system name "TOS" denotes a system which is actually not - # MiNT. But MiNT is downward compatible to TOS, so this should - # be no problem. - atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} - exit ;; - atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} - exit ;; - *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} - exit ;; - milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) - echo m68k-milan-mint${UNAME_RELEASE} - exit ;; - hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) - echo m68k-hades-mint${UNAME_RELEASE} - exit ;; - *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) - echo m68k-unknown-mint${UNAME_RELEASE} - exit ;; - m68k:machten:*:*) - echo m68k-apple-machten${UNAME_RELEASE} - exit ;; - powerpc:machten:*:*) - echo powerpc-apple-machten${UNAME_RELEASE} - exit ;; - RISC*:Mach:*:*) - echo mips-dec-mach_bsd4.3 - exit ;; - RISC*:ULTRIX:*:*) - echo mips-dec-ultrix${UNAME_RELEASE} - exit ;; - VAX*:ULTRIX*:*:*) - echo vax-dec-ultrix${UNAME_RELEASE} - exit ;; - 2020:CLIX:*:* | 2430:CLIX:*:*) - echo clipper-intergraph-clix${UNAME_RELEASE} - exit ;; - mips:*:*:UMIPS | mips:*:*:RISCos) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c -#ifdef __cplusplus -#include /* for printf() prototype */ - int main (int argc, char *argv[]) { -#else - int main (argc, argv) int argc; char *argv[]; { -#endif - #if defined (host_mips) && defined (MIPSEB) - #if defined (SYSTYPE_SYSV) - printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0); - #endif - #if defined (SYSTYPE_SVR4) - printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0); - #endif - #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD) - printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0); - #endif - #endif - exit (-1); - } -EOF - $CC_FOR_BUILD -o $dummy $dummy.c && - dummyarg=`echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` && - SYSTEM_NAME=`$dummy $dummyarg` && - { echo "$SYSTEM_NAME"; exit; } - echo mips-mips-riscos${UNAME_RELEASE} - exit ;; - Motorola:PowerMAX_OS:*:*) - echo powerpc-motorola-powermax - exit ;; - Motorola:*:4.3:PL8-*) - echo powerpc-harris-powermax - exit ;; - Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*) - echo powerpc-harris-powermax - exit ;; - Night_Hawk:Power_UNIX:*:*) - echo powerpc-harris-powerunix - exit ;; - m88k:CX/UX:7*:*) - echo m88k-harris-cxux7 - exit ;; - m88k:*:4*:R4*) - echo m88k-motorola-sysv4 - exit ;; - m88k:*:3*:R3*) - echo m88k-motorola-sysv3 - exit ;; - AViiON:dgux:*:*) - # DG/UX returns AViiON for all architectures - UNAME_PROCESSOR=`/usr/bin/uname -p` - if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] - then - if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ - [ ${TARGET_BINARY_INTERFACE}x = x ] - then - echo m88k-dg-dgux${UNAME_RELEASE} - else - echo m88k-dg-dguxbcs${UNAME_RELEASE} - fi - else - echo i586-dg-dgux${UNAME_RELEASE} - fi - exit ;; - M88*:DolphinOS:*:*) # DolphinOS (SVR3) - echo m88k-dolphin-sysv3 - exit ;; - M88*:*:R3*:*) - # Delta 88k system running SVR3 - echo m88k-motorola-sysv3 - exit ;; - XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) - echo m88k-tektronix-sysv3 - exit ;; - Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) - echo m68k-tektronix-bsd - exit ;; - *:IRIX*:*:*) - echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` - exit ;; - ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. - echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id - exit ;; # Note that: echo "'`uname -s`'" gives 'AIX ' - i*86:AIX:*:*) - echo i386-ibm-aix - exit ;; - ia64:AIX:*:*) - if [ -x /usr/bin/oslevel ] ; then - IBM_REV=`/usr/bin/oslevel` - else - IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} - fi - echo ${UNAME_MACHINE}-ibm-aix${IBM_REV} - exit ;; - *:AIX:2:3) - if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #include - - main() - { - if (!__power_pc()) - exit(1); - puts("powerpc-ibm-aix3.2.5"); - exit(0); - } -EOF - if $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` - then - echo "$SYSTEM_NAME" - else - echo rs6000-ibm-aix3.2.5 - fi - elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then - echo rs6000-ibm-aix3.2.4 - else - echo rs6000-ibm-aix3.2 - fi - exit ;; - *:AIX:*:[45]) - IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` - if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then - IBM_ARCH=rs6000 - else - IBM_ARCH=powerpc - fi - if [ -x /usr/bin/oslevel ] ; then - IBM_REV=`/usr/bin/oslevel` - else - IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE} - fi - echo ${IBM_ARCH}-ibm-aix${IBM_REV} - exit ;; - *:AIX:*:*) - echo rs6000-ibm-aix - exit ;; - ibmrt:4.4BSD:*|romp-ibm:BSD:*) - echo romp-ibm-bsd4.4 - exit ;; - ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and - echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to - exit ;; # report: romp-ibm BSD 4.3 - *:BOSX:*:*) - echo rs6000-bull-bosx - exit ;; - DPX/2?00:B.O.S.:*:*) - echo m68k-bull-sysv3 - exit ;; - 9000/[34]??:4.3bsd:1.*:*) - echo m68k-hp-bsd - exit ;; - hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) - echo m68k-hp-bsd4.4 - exit ;; - 9000/[34678]??:HP-UX:*:*) - HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` - case "${UNAME_MACHINE}" in - 9000/31? ) HP_ARCH=m68000 ;; - 9000/[34]?? ) HP_ARCH=m68k ;; - 9000/[678][0-9][0-9]) - if [ -x /usr/bin/getconf ]; then - sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` - sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` - case "${sc_cpu_version}" in - 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 - 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 - 532) # CPU_PA_RISC2_0 - case "${sc_kernel_bits}" in - 32) HP_ARCH="hppa2.0n" ;; - 64) HP_ARCH="hppa2.0w" ;; - '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 - esac ;; - esac - fi - if [ "${HP_ARCH}" = "" ]; then - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - - #define _HPUX_SOURCE - #include - #include - - int main () - { - #if defined(_SC_KERNEL_BITS) - long bits = sysconf(_SC_KERNEL_BITS); - #endif - long cpu = sysconf (_SC_CPU_VERSION); - - switch (cpu) - { - case CPU_PA_RISC1_0: puts ("hppa1.0"); break; - case CPU_PA_RISC1_1: puts ("hppa1.1"); break; - case CPU_PA_RISC2_0: - #if defined(_SC_KERNEL_BITS) - switch (bits) - { - case 64: puts ("hppa2.0w"); break; - case 32: puts ("hppa2.0n"); break; - default: puts ("hppa2.0"); break; - } break; - #else /* !defined(_SC_KERNEL_BITS) */ - puts ("hppa2.0"); break; - #endif - default: puts ("hppa1.0"); break; - } - exit (0); - } -EOF - (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` - test -z "$HP_ARCH" && HP_ARCH=hppa - fi ;; - esac - if [ ${HP_ARCH} = "hppa2.0w" ] - then - eval $set_cc_for_build - - # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating - # 32-bit code. hppa64-hp-hpux* has the same kernel and a compiler - # generating 64-bit code. GNU and HP use different nomenclature: - # - # $ CC_FOR_BUILD=cc ./config.guess - # => hppa2.0w-hp-hpux11.23 - # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess - # => hppa64-hp-hpux11.23 - - if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | - grep __LP64__ >/dev/null - then - HP_ARCH="hppa2.0w" - else - HP_ARCH="hppa64" - fi - fi - echo ${HP_ARCH}-hp-hpux${HPUX_REV} - exit ;; - ia64:HP-UX:*:*) - HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` - echo ia64-hp-hpux${HPUX_REV} - exit ;; - 3050*:HI-UX:*:*) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #include - int - main () - { - long cpu = sysconf (_SC_CPU_VERSION); - /* The order matters, because CPU_IS_HP_MC68K erroneously returns - true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct - results, however. */ - if (CPU_IS_PA_RISC (cpu)) - { - switch (cpu) - { - case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break; - case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break; - case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break; - default: puts ("hppa-hitachi-hiuxwe2"); break; - } - } - else if (CPU_IS_HP_MC68K (cpu)) - puts ("m68k-hitachi-hiuxwe2"); - else puts ("unknown-hitachi-hiuxwe2"); - exit (0); - } -EOF - $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` && - { echo "$SYSTEM_NAME"; exit; } - echo unknown-hitachi-hiuxwe2 - exit ;; - 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) - echo hppa1.1-hp-bsd - exit ;; - 9000/8??:4.3bsd:*:*) - echo hppa1.0-hp-bsd - exit ;; - *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*) - echo hppa1.0-hp-mpeix - exit ;; - hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) - echo hppa1.1-hp-osf - exit ;; - hp8??:OSF1:*:*) - echo hppa1.0-hp-osf - exit ;; - i*86:OSF1:*:*) - if [ -x /usr/sbin/sysversion ] ; then - echo ${UNAME_MACHINE}-unknown-osf1mk - else - echo ${UNAME_MACHINE}-unknown-osf1 - fi - exit ;; - parisc*:Lites*:*:*) - echo hppa1.1-hp-lites - exit ;; - C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) - echo c1-convex-bsd - exit ;; - C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) - if getsysinfo -f scalar_acc - then echo c32-convex-bsd - else echo c2-convex-bsd - fi - exit ;; - C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) - echo c34-convex-bsd - exit ;; - C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) - echo c38-convex-bsd - exit ;; - C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) - echo c4-convex-bsd - exit ;; - CRAY*Y-MP:*:*:*) - echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*[A-Z]90:*:*:*) - echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ - | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ - -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \ - -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*TS:*:*:*) - echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*T3E:*:*:*) - echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - CRAY*SV1:*:*:*) - echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - *:UNICOS/mp:*:*) - echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit ;; - F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) - FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` - echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; - 5000:UNIX_System_V:4.*:*) - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` - echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; - i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) - echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} - exit ;; - sparc*:BSD/OS:*:*) - echo sparc-unknown-bsdi${UNAME_RELEASE} - exit ;; - *:BSD/OS:*:*) - echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} - exit ;; - *:FreeBSD:*:*) - echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` - exit ;; - i*:CYGWIN*:*) - echo ${UNAME_MACHINE}-pc-cygwin - exit ;; - i*:MINGW*:*) - echo ${UNAME_MACHINE}-pc-mingw32 - exit ;; - i*:windows32*:*) - # uname -m includes "-pc" on this system. - echo ${UNAME_MACHINE}-mingw32 - exit ;; - i*:PW*:*) - echo ${UNAME_MACHINE}-pc-pw32 - exit ;; - x86:Interix*:[34]*) - echo i586-pc-interix${UNAME_RELEASE}|sed -e 's/\..*//' - exit ;; - [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) - echo i${UNAME_MACHINE}-pc-mks - exit ;; - i*:Windows_NT*:* | Pentium*:Windows_NT*:*) - # How do we know it's Interix rather than the generic POSIX subsystem? - # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we - # UNAME_MACHINE based on the output of uname instead of i386? - echo i586-pc-interix - exit ;; - i*:UWIN*:*) - echo ${UNAME_MACHINE}-pc-uwin - exit ;; - amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*) - echo x86_64-unknown-cygwin - exit ;; - p*:CYGWIN*:*) - echo powerpcle-unknown-cygwin - exit ;; - prep*:SunOS:5.*:*) - echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit ;; - *:GNU:*:*) - # the GNU system - echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` - exit ;; - *:GNU/*:*:*) - # other systems with GNU libc and userland - echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu - exit ;; - i*86:Minix:*:*) - echo ${UNAME_MACHINE}-pc-minix - exit ;; - arm*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - cris:Linux:*:*) - echo cris-axis-linux-gnu - exit ;; - crisv32:Linux:*:*) - echo crisv32-axis-linux-gnu - exit ;; - frv:Linux:*:*) - echo frv-unknown-linux-gnu - exit ;; - ia64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - m32r*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - m68*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - mips:Linux:*:*) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #undef CPU - #undef mips - #undef mipsel - #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) - CPU=mipsel - #else - #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) - CPU=mips - #else - CPU= - #endif - #endif -EOF - eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=` - test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } - ;; - mips64:Linux:*:*) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #undef CPU - #undef mips64 - #undef mips64el - #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) - CPU=mips64el - #else - #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) - CPU=mips64 - #else - CPU= - #endif - #endif -EOF - eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^CPU=` - test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } - ;; - or32:Linux:*:*) - echo or32-unknown-linux-gnu - exit ;; - ppc:Linux:*:*) - echo powerpc-unknown-linux-gnu - exit ;; - ppc64:Linux:*:*) - echo powerpc64-unknown-linux-gnu - exit ;; - alpha:Linux:*:*) - case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in - EV5) UNAME_MACHINE=alphaev5 ;; - EV56) UNAME_MACHINE=alphaev56 ;; - PCA56) UNAME_MACHINE=alphapca56 ;; - PCA57) UNAME_MACHINE=alphapca56 ;; - EV6) UNAME_MACHINE=alphaev6 ;; - EV67) UNAME_MACHINE=alphaev67 ;; - EV68*) UNAME_MACHINE=alphaev68 ;; - esac - objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null - if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi - echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} - exit ;; - parisc:Linux:*:* | hppa:Linux:*:*) - # Look for CPU level - case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in - PA7*) echo hppa1.1-unknown-linux-gnu ;; - PA8*) echo hppa2.0-unknown-linux-gnu ;; - *) echo hppa-unknown-linux-gnu ;; - esac - exit ;; - parisc64:Linux:*:* | hppa64:Linux:*:*) - echo hppa64-unknown-linux-gnu - exit ;; - s390:Linux:*:* | s390x:Linux:*:*) - echo ${UNAME_MACHINE}-ibm-linux - exit ;; - sh64*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - sh*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - sparc:Linux:*:* | sparc64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu - exit ;; - x86_64:Linux:*:*) - echo x86_64-unknown-linux-gnu - exit ;; - i*86:Linux:*:*) - # The BFD linker knows what the default object file format is, so - # first see if it will tell us. cd to the root directory to prevent - # problems with other programs or directories called `ld' in the path. - # Set LC_ALL=C to ensure ld outputs messages in English. - ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \ - | sed -ne '/supported targets:/!d - s/[ ][ ]*/ /g - s/.*supported targets: *// - s/ .*// - p'` - case "$ld_supported_targets" in - elf32-i386) - TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu" - ;; - a.out-i386-linux) - echo "${UNAME_MACHINE}-pc-linux-gnuaout" - exit ;; - coff-i386) - echo "${UNAME_MACHINE}-pc-linux-gnucoff" - exit ;; - "") - # Either a pre-BFD a.out linker (linux-gnuoldld) or - # one that does not give us useful --help. - echo "${UNAME_MACHINE}-pc-linux-gnuoldld" - exit ;; - esac - # Determine whether the default compiler is a.out or elf - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #include - #ifdef __ELF__ - # ifdef __GLIBC__ - # if __GLIBC__ >= 2 - LIBC=gnu - # else - LIBC=gnulibc1 - # endif - # else - LIBC=gnulibc1 - # endif - #else - #ifdef __INTEL_COMPILER - LIBC=gnu - #else - LIBC=gnuaout - #endif - #endif - #ifdef __dietlibc__ - LIBC=dietlibc - #endif -EOF - eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep ^LIBC=` - test x"${LIBC}" != x && { - echo "${UNAME_MACHINE}-pc-linux-${LIBC}" - exit - } - test x"${TENTATIVE}" != x && { echo "${TENTATIVE}"; exit; } - ;; - i*86:DYNIX/ptx:4*:*) - # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. - # earlier versions are messed up and put the nodename in both - # sysname and nodename. - echo i386-sequent-sysv4 - exit ;; - i*86:UNIX_SV:4.2MP:2.*) - # Unixware is an offshoot of SVR4, but it has its own version - # number series starting with 2... - # I am not positive that other SVR4 systems won't match this, - # I just have to hope. -- rms. - # Use sysv4.2uw... so that sysv4* matches it. - echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} - exit ;; - i*86:OS/2:*:*) - # If we were able to find `uname', then EMX Unix compatibility - # is probably installed. - echo ${UNAME_MACHINE}-pc-os2-emx - exit ;; - i*86:XTS-300:*:STOP) - echo ${UNAME_MACHINE}-unknown-stop - exit ;; - i*86:atheos:*:*) - echo ${UNAME_MACHINE}-unknown-atheos - exit ;; - i*86:syllable:*:*) - echo ${UNAME_MACHINE}-pc-syllable - exit ;; - i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*) - echo i386-unknown-lynxos${UNAME_RELEASE} - exit ;; - i*86:*DOS:*:*) - echo ${UNAME_MACHINE}-pc-msdosdjgpp - exit ;; - i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*) - UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` - if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then - echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL} - else - echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} - fi - exit ;; - i*86:*:5:[678]*) - # UnixWare 7.x, OpenUNIX and OpenServer 6. - case `/bin/uname -X | grep "^Machine"` in - *486*) UNAME_MACHINE=i486 ;; - *Pentium) UNAME_MACHINE=i586 ;; - *Pent*|*Celeron) UNAME_MACHINE=i686 ;; - esac - echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION} - exit ;; - i*86:*:3.2:*) - if test -f /usr/options/cb.name; then - UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then - UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')` - (/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486 - (/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \ - && UNAME_MACHINE=i586 - (/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \ - && UNAME_MACHINE=i686 - (/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \ - && UNAME_MACHINE=i686 - echo ${UNAME_MACHINE}-pc-sco$UNAME_REL - else - echo ${UNAME_MACHINE}-pc-sysv32 - fi - exit ;; - pc:*:*:*) - # Left here for compatibility: - # uname -m prints for DJGPP always 'pc', but it prints nothing about - # the processor, so we play safe by assuming i386. - echo i386-pc-msdosdjgpp - exit ;; - Intel:Mach:3*:*) - echo i386-pc-mach3 - exit ;; - paragon:*:*:*) - echo i860-intel-osf1 - exit ;; - i860:*:4.*:*) # i860-SVR4 - if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then - echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 - else # Add other i860-SVR4 vendors below as they are discovered. - echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 - fi - exit ;; - mini*:CTIX:SYS*5:*) - # "miniframe" - echo m68010-convergent-sysv - exit ;; - mc68k:UNIX:SYSTEM5:3.51m) - echo m68k-convergent-sysv - exit ;; - M680?0:D-NIX:5.3:*) - echo m68k-diab-dnix - exit ;; - M68*:*:R3V[5678]*:*) - test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;; - 3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0) - OS_REL='' - test -r /etc/.relid \ - && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` - /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && { echo i486-ncr-sysv4.3${OS_REL}; exit; } - /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ - && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; - 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) - /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && { echo i486-ncr-sysv4; exit; } ;; - m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) - echo m68k-unknown-lynxos${UNAME_RELEASE} - exit ;; - mc68030:UNIX_System_V:4.*:*) - echo m68k-atari-sysv4 - exit ;; - TSUNAMI:LynxOS:2.*:*) - echo sparc-unknown-lynxos${UNAME_RELEASE} - exit ;; - rs6000:LynxOS:2.*:*) - echo rs6000-unknown-lynxos${UNAME_RELEASE} - exit ;; - PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*) - echo powerpc-unknown-lynxos${UNAME_RELEASE} - exit ;; - SM[BE]S:UNIX_SV:*:*) - echo mips-dde-sysv${UNAME_RELEASE} - exit ;; - RM*:ReliantUNIX-*:*:*) - echo mips-sni-sysv4 - exit ;; - RM*:SINIX-*:*:*) - echo mips-sni-sysv4 - exit ;; - *:SINIX-*:*:*) - if uname -p 2>/dev/null >/dev/null ; then - UNAME_MACHINE=`(uname -p) 2>/dev/null` - echo ${UNAME_MACHINE}-sni-sysv4 - else - echo ns32k-sni-sysv - fi - exit ;; - PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort - # says - echo i586-unisys-sysv4 - exit ;; - *:UNIX_System_V:4*:FTX*) - # From Gerald Hewes . - # How about differentiating between stratus architectures? -djm - echo hppa1.1-stratus-sysv4 - exit ;; - *:*:*:FTX*) - # From seanf@swdc.stratus.com. - echo i860-stratus-sysv4 - exit ;; - i*86:VOS:*:*) - # From Paul.Green@stratus.com. - echo ${UNAME_MACHINE}-stratus-vos - exit ;; - *:VOS:*:*) - # From Paul.Green@stratus.com. - echo hppa1.1-stratus-vos - exit ;; - mc68*:A/UX:*:*) - echo m68k-apple-aux${UNAME_RELEASE} - exit ;; - news*:NEWS-OS:6*:*) - echo mips-sony-newsos6 - exit ;; - R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) - if [ -d /usr/nec ]; then - echo mips-nec-sysv${UNAME_RELEASE} - else - echo mips-unknown-sysv${UNAME_RELEASE} - fi - exit ;; - BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. - echo powerpc-be-beos - exit ;; - BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. - echo powerpc-apple-beos - exit ;; - BePC:BeOS:*:*) # BeOS running on Intel PC compatible. - echo i586-pc-beos - exit ;; - SX-4:SUPER-UX:*:*) - echo sx4-nec-superux${UNAME_RELEASE} - exit ;; - SX-5:SUPER-UX:*:*) - echo sx5-nec-superux${UNAME_RELEASE} - exit ;; - SX-6:SUPER-UX:*:*) - echo sx6-nec-superux${UNAME_RELEASE} - exit ;; - Power*:Rhapsody:*:*) - echo powerpc-apple-rhapsody${UNAME_RELEASE} - exit ;; - *:Rhapsody:*:*) - echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} - exit ;; - *:Darwin:*:*) - UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown - case $UNAME_PROCESSOR in - *86) UNAME_PROCESSOR=i686 ;; - unknown) UNAME_PROCESSOR=powerpc ;; - esac - echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} - exit ;; - *:procnto*:*:* | *:QNX:[0123456789]*:*) - UNAME_PROCESSOR=`uname -p` - if test "$UNAME_PROCESSOR" = "x86"; then - UNAME_PROCESSOR=i386 - UNAME_MACHINE=pc - fi - echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE} - exit ;; - *:QNX:*:4*) - echo i386-pc-qnx - exit ;; - NSE-?:NONSTOP_KERNEL:*:*) - echo nse-tandem-nsk${UNAME_RELEASE} - exit ;; - NSR-?:NONSTOP_KERNEL:*:*) - echo nsr-tandem-nsk${UNAME_RELEASE} - exit ;; - *:NonStop-UX:*:*) - echo mips-compaq-nonstopux - exit ;; - BS2000:POSIX*:*:*) - echo bs2000-siemens-sysv - exit ;; - DS/*:UNIX_System_V:*:*) - echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} - exit ;; - *:Plan9:*:*) - # "uname -m" is not consistent, so use $cputype instead. 386 - # is converted to i386 for consistency with other x86 - # operating systems. - if test "$cputype" = "386"; then - UNAME_MACHINE=i386 - else - UNAME_MACHINE="$cputype" - fi - echo ${UNAME_MACHINE}-unknown-plan9 - exit ;; - *:TOPS-10:*:*) - echo pdp10-unknown-tops10 - exit ;; - *:TENEX:*:*) - echo pdp10-unknown-tenex - exit ;; - KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*) - echo pdp10-dec-tops20 - exit ;; - XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*) - echo pdp10-xkl-tops20 - exit ;; - *:TOPS-20:*:*) - echo pdp10-unknown-tops20 - exit ;; - *:ITS:*:*) - echo pdp10-unknown-its - exit ;; - SEI:*:*:SEIUX) - echo mips-sei-seiux${UNAME_RELEASE} - exit ;; - *:DragonFly:*:*) - echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` - exit ;; - *:*VMS:*:*) - UNAME_MACHINE=`(uname -p) 2>/dev/null` - case "${UNAME_MACHINE}" in - A*) echo alpha-dec-vms ; exit ;; - I*) echo ia64-dec-vms ; exit ;; - V*) echo vax-dec-vms ; exit ;; - esac ;; - *:XENIX:*:SysV) - echo i386-pc-xenix - exit ;; - i*86:skyos:*:*) - echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//' - exit ;; -esac - -#echo '(No uname command or uname output not recognized.)' 1>&2 -#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 - -eval $set_cc_for_build -cat >$dummy.c < -# include -#endif -main () -{ -#if defined (sony) -#if defined (MIPSEB) - /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, - I don't know.... */ - printf ("mips-sony-bsd\n"); exit (0); -#else -#include - printf ("m68k-sony-newsos%s\n", -#ifdef NEWSOS4 - "4" -#else - "" -#endif - ); exit (0); -#endif -#endif - -#if defined (__arm) && defined (__acorn) && defined (__unix) - printf ("arm-acorn-riscix\n"); exit (0); -#endif - -#if defined (hp300) && !defined (hpux) - printf ("m68k-hp-bsd\n"); exit (0); -#endif - -#if defined (NeXT) -#if !defined (__ARCHITECTURE__) -#define __ARCHITECTURE__ "m68k" -#endif - int version; - version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; - if (version < 4) - printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); - else - printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); - exit (0); -#endif - -#if defined (MULTIMAX) || defined (n16) -#if defined (UMAXV) - printf ("ns32k-encore-sysv\n"); exit (0); -#else -#if defined (CMU) - printf ("ns32k-encore-mach\n"); exit (0); -#else - printf ("ns32k-encore-bsd\n"); exit (0); -#endif -#endif -#endif - -#if defined (__386BSD__) - printf ("i386-pc-bsd\n"); exit (0); -#endif - -#if defined (sequent) -#if defined (i386) - printf ("i386-sequent-dynix\n"); exit (0); -#endif -#if defined (ns32000) - printf ("ns32k-sequent-dynix\n"); exit (0); -#endif -#endif - -#if defined (_SEQUENT_) - struct utsname un; - - uname(&un); - - if (strncmp(un.version, "V2", 2) == 0) { - printf ("i386-sequent-ptx2\n"); exit (0); - } - if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ - printf ("i386-sequent-ptx1\n"); exit (0); - } - printf ("i386-sequent-ptx\n"); exit (0); - -#endif - -#if defined (vax) -# if !defined (ultrix) -# include -# if defined (BSD) -# if BSD == 43 - printf ("vax-dec-bsd4.3\n"); exit (0); -# else -# if BSD == 199006 - printf ("vax-dec-bsd4.3reno\n"); exit (0); -# else - printf ("vax-dec-bsd\n"); exit (0); -# endif -# endif -# else - printf ("vax-dec-bsd\n"); exit (0); -# endif -# else - printf ("vax-dec-ultrix\n"); exit (0); -# endif -#endif - -#if defined (alliant) && defined (i860) - printf ("i860-alliant-bsd\n"); exit (0); -#endif - - exit (1); -} -EOF - -$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` && - { echo "$SYSTEM_NAME"; exit; } - -# Apollos put the system type in the environment. - -test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; } - -# Convex versions that predate uname can use getsysinfo(1) - -if [ -x /usr/convex/getsysinfo ] -then - case `getsysinfo -f cpu_type` in - c1*) - echo c1-convex-bsd - exit ;; - c2*) - if getsysinfo -f scalar_acc - then echo c32-convex-bsd - else echo c2-convex-bsd - fi - exit ;; - c34*) - echo c34-convex-bsd - exit ;; - c38*) - echo c38-convex-bsd - exit ;; - c4*) - echo c4-convex-bsd - exit ;; - esac -fi - -cat >&2 < in order to provide the needed -information to handle your system. - -config.guess timestamp = $timestamp - -uname -m = `(uname -m) 2>/dev/null || echo unknown` -uname -r = `(uname -r) 2>/dev/null || echo unknown` -uname -s = `(uname -s) 2>/dev/null || echo unknown` -uname -v = `(uname -v) 2>/dev/null || echo unknown` - -/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null` -/bin/uname -X = `(/bin/uname -X) 2>/dev/null` - -hostinfo = `(hostinfo) 2>/dev/null` -/bin/universe = `(/bin/universe) 2>/dev/null` -/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null` -/bin/arch = `(/bin/arch) 2>/dev/null` -/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null` -/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null` - -UNAME_MACHINE = ${UNAME_MACHINE} -UNAME_RELEASE = ${UNAME_RELEASE} -UNAME_SYSTEM = ${UNAME_SYSTEM} -UNAME_VERSION = ${UNAME_VERSION} -EOF - -exit 1 - -# Local variables: -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "timestamp='" -# time-stamp-format: "%:y-%02m-%02d" -# time-stamp-end: "'" -# End: diff --git a/sss_client/config.sub b/sss_client/config.sub deleted file mode 100755 index 23cd6fd75..000000000 --- a/sss_client/config.sub +++ /dev/null @@ -1,1577 +0,0 @@ -#! /bin/sh -# Configuration validation subroutine script. -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005 Free Software Foundation, Inc. - -timestamp='2005-07-08' - -# This file is (in principle) common to ALL GNU software. -# The presence of a machine in this file suggests that SOME GNU software -# can handle that machine. It does not imply ALL GNU software can. -# -# This file is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, see . -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - - -# Please send patches to . Submit a context -# diff and a properly formatted ChangeLog entry. -# -# Configuration subroutine to validate and canonicalize a configuration type. -# Supply the specified configuration type as an argument. -# If it is invalid, we print an error message on stderr and exit with code 1. -# Otherwise, we print the canonical config type on stdout and succeed. - -# This file is supposed to be the same for all GNU packages -# and recognize all the CPU types, system types and aliases -# that are meaningful with *any* GNU software. -# Each package is responsible for reporting which valid configurations -# it does not support. The user should be able to distinguish -# a failure to support a valid configuration from a meaningless -# configuration. - -# The goal of this file is to map all the various variations of a given -# machine specification into a single specification in the form: -# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM -# or in some cases, the newer four-part form: -# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM -# It is wrong to echo any other type of specification. - -me=`echo "$0" | sed -e 's,.*/,,'` - -usage="\ -Usage: $0 [OPTION] CPU-MFR-OPSYS - $0 [OPTION] ALIAS - -Canonicalize a configuration name. - -Operation modes: - -h, --help print this help, then exit - -t, --time-stamp print date of last modification, then exit - -v, --version print version number, then exit - -Report bugs and patches to ." - -version="\ -GNU config.sub ($timestamp) - -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 -Free Software Foundation, Inc. - -This is free software; see the source for copying conditions. There is NO -warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." - -help=" -Try \`$me --help' for more information." - -# Parse command line -while test $# -gt 0 ; do - case $1 in - --time-stamp | --time* | -t ) - echo "$timestamp" ; exit ;; - --version | -v ) - echo "$version" ; exit ;; - --help | --h* | -h ) - echo "$usage"; exit ;; - -- ) # Stop option processing - shift; break ;; - - ) # Use stdin as input. - break ;; - -* ) - echo "$me: invalid option $1$help" - exit 1 ;; - - *local*) - # First pass through any local machine types. - echo $1 - exit ;; - - * ) - break ;; - esac -done - -case $# in - 0) echo "$me: missing argument$help" >&2 - exit 1;; - 1) ;; - *) echo "$me: too many arguments$help" >&2 - exit 1;; -esac - -# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). -# Here we must recognize all the valid KERNEL-OS combinations. -maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` -case $maybe_os in - nto-qnx* | linux-gnu* | linux-dietlibc | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | \ - kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | storm-chaos* | os2-emx* | rtmk-nova*) - os=-$maybe_os - basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` - ;; - *) - basic_machine=`echo $1 | sed 's/-[^-]*$//'` - if [ $basic_machine != $1 ] - then os=`echo $1 | sed 's/.*-/-/'` - else os=; fi - ;; -esac - -### Let's recognize common machines as not being operating systems so -### that things like config.sub decstation-3100 work. We also -### recognize some manufacturers as not being operating systems, so we -### can provide default operating systems below. -case $os in - -sun*os*) - # Prevent following clause from handling this invalid input. - ;; - -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ - -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ - -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ - -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ - -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ - -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ - -apple | -axis | -knuth | -cray) - os= - basic_machine=$1 - ;; - -sim | -cisco | -oki | -wec | -winbond) - os= - basic_machine=$1 - ;; - -scout) - ;; - -wrs) - os=-vxworks - basic_machine=$1 - ;; - -chorusos*) - os=-chorusos - basic_machine=$1 - ;; - -chorusrdb) - os=-chorusrdb - basic_machine=$1 - ;; - -hiux*) - os=-hiuxwe2 - ;; - -sco5) - os=-sco3.2v5 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco4) - os=-sco3.2v4 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco3.2.[4-9]*) - os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco3.2v[4-9]*) - # Don't forget version if it is 3.2v4 or newer. - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco*) - os=-sco3.2v2 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -udk*) - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -isc) - os=-isc2.2 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -clix*) - basic_machine=clipper-intergraph - ;; - -isc*) - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -lynx*) - os=-lynxos - ;; - -ptx*) - basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'` - ;; - -windowsnt*) - os=`echo $os | sed -e 's/windowsnt/winnt/'` - ;; - -psos*) - os=-psos - ;; - -mint | -mint[0-9]*) - basic_machine=m68k-atari - os=-mint - ;; -esac - -# Decode aliases for certain CPU-COMPANY combinations. -case $basic_machine in - # Recognize the basic CPU types without company name. - # Some are omitted here because they have special meanings below. - 1750a | 580 \ - | a29k \ - | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ - | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ - | am33_2.0 \ - | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr \ - | bfin \ - | c4x | clipper \ - | d10v | d30v | dlx | dsp16xx \ - | fr30 | frv \ - | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ - | i370 | i860 | i960 | ia64 \ - | ip2k | iq2000 \ - | m32r | m32rle | m68000 | m68k | m88k | maxq | mcore \ - | mips | mipsbe | mipseb | mipsel | mipsle \ - | mips16 \ - | mips64 | mips64el \ - | mips64vr | mips64vrel \ - | mips64orion | mips64orionel \ - | mips64vr4100 | mips64vr4100el \ - | mips64vr4300 | mips64vr4300el \ - | mips64vr5000 | mips64vr5000el \ - | mips64vr5900 | mips64vr5900el \ - | mipsisa32 | mipsisa32el \ - | mipsisa32r2 | mipsisa32r2el \ - | mipsisa64 | mipsisa64el \ - | mipsisa64r2 | mipsisa64r2el \ - | mipsisa64sb1 | mipsisa64sb1el \ - | mipsisa64sr71k | mipsisa64sr71kel \ - | mipstx39 | mipstx39el \ - | mn10200 | mn10300 \ - | ms1 \ - | msp430 \ - | ns16k | ns32k \ - | or32 \ - | pdp10 | pdp11 | pj | pjl \ - | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ - | pyramid \ - | sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | shbe | shle | sh[1234]le | sh3ele \ - | sh64 | sh64le \ - | sparc | sparc64 | sparc64b | sparc86x | sparclet | sparclite \ - | sparcv8 | sparcv9 | sparcv9b \ - | strongarm \ - | tahoe | thumb | tic4x | tic80 | tron \ - | v850 | v850e \ - | we32k \ - | x86 | xscale | xscalee[bl] | xstormy16 | xtensa \ - | z8k) - basic_machine=$basic_machine-unknown - ;; - m32c) - basic_machine=$basic_machine-unknown - ;; - m6811 | m68hc11 | m6812 | m68hc12) - # Motorola 68HC11/12. - basic_machine=$basic_machine-unknown - os=-none - ;; - m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k) - ;; - - # We use `pc' rather than `unknown' - # because (1) that's what they normally are, and - # (2) the word "unknown" tends to confuse beginning users. - i*86 | x86_64) - basic_machine=$basic_machine-pc - ;; - # Object if more than one company name word. - *-*-*) - echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 - exit 1 - ;; - # Recognize the basic CPU types with company name. - 580-* \ - | a29k-* \ - | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ - | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ - | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ - | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ - | avr-* \ - | bfin-* | bs2000-* \ - | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \ - | clipper-* | craynv-* | cydra-* \ - | d10v-* | d30v-* | dlx-* \ - | elxsi-* \ - | f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \ - | h8300-* | h8500-* \ - | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ - | i*86-* | i860-* | i960-* | ia64-* \ - | ip2k-* | iq2000-* \ - | m32r-* | m32rle-* \ - | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ - | m88110-* | m88k-* | maxq-* | mcore-* \ - | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ - | mips16-* \ - | mips64-* | mips64el-* \ - | mips64vr-* | mips64vrel-* \ - | mips64orion-* | mips64orionel-* \ - | mips64vr4100-* | mips64vr4100el-* \ - | mips64vr4300-* | mips64vr4300el-* \ - | mips64vr5000-* | mips64vr5000el-* \ - | mips64vr5900-* | mips64vr5900el-* \ - | mipsisa32-* | mipsisa32el-* \ - | mipsisa32r2-* | mipsisa32r2el-* \ - | mipsisa64-* | mipsisa64el-* \ - | mipsisa64r2-* | mipsisa64r2el-* \ - | mipsisa64sb1-* | mipsisa64sb1el-* \ - | mipsisa64sr71k-* | mipsisa64sr71kel-* \ - | mipstx39-* | mipstx39el-* \ - | mmix-* \ - | ms1-* \ - | msp430-* \ - | none-* | np1-* | ns16k-* | ns32k-* \ - | orion-* \ - | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ - | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ - | pyramid-* \ - | romp-* | rs6000-* \ - | sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | shbe-* \ - | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ - | sparc-* | sparc64-* | sparc64b-* | sparc86x-* | sparclet-* \ - | sparclite-* \ - | sparcv8-* | sparcv9-* | sparcv9b-* | strongarm-* | sv1-* | sx?-* \ - | tahoe-* | thumb-* \ - | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ - | tron-* \ - | v850-* | v850e-* | vax-* \ - | we32k-* \ - | x86-* | x86_64-* | xps100-* | xscale-* | xscalee[bl]-* \ - | xstormy16-* | xtensa-* \ - | ymp-* \ - | z8k-*) - ;; - m32c-*) - ;; - # Recognize the various machine names and aliases which stand - # for a CPU type and a company and sometimes even an OS. - 386bsd) - basic_machine=i386-unknown - os=-bsd - ;; - 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) - basic_machine=m68000-att - ;; - 3b*) - basic_machine=we32k-att - ;; - a29khif) - basic_machine=a29k-amd - os=-udi - ;; - abacus) - basic_machine=abacus-unknown - ;; - adobe68k) - basic_machine=m68010-adobe - os=-scout - ;; - alliant | fx80) - basic_machine=fx80-alliant - ;; - altos | altos3068) - basic_machine=m68k-altos - ;; - am29k) - basic_machine=a29k-none - os=-bsd - ;; - amd64) - basic_machine=x86_64-pc - ;; - amd64-*) - basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - amdahl) - basic_machine=580-amdahl - os=-sysv - ;; - amiga | amiga-*) - basic_machine=m68k-unknown - ;; - amigaos | amigados) - basic_machine=m68k-unknown - os=-amigaos - ;; - amigaunix | amix) - basic_machine=m68k-unknown - os=-sysv4 - ;; - apollo68) - basic_machine=m68k-apollo - os=-sysv - ;; - apollo68bsd) - basic_machine=m68k-apollo - os=-bsd - ;; - aux) - basic_machine=m68k-apple - os=-aux - ;; - balance) - basic_machine=ns32k-sequent - os=-dynix - ;; - c90) - basic_machine=c90-cray - os=-unicos - ;; - convex-c1) - basic_machine=c1-convex - os=-bsd - ;; - convex-c2) - basic_machine=c2-convex - os=-bsd - ;; - convex-c32) - basic_machine=c32-convex - os=-bsd - ;; - convex-c34) - basic_machine=c34-convex - os=-bsd - ;; - convex-c38) - basic_machine=c38-convex - os=-bsd - ;; - cray | j90) - basic_machine=j90-cray - os=-unicos - ;; - craynv) - basic_machine=craynv-cray - os=-unicosmp - ;; - cr16c) - basic_machine=cr16c-unknown - os=-elf - ;; - crds | unos) - basic_machine=m68k-crds - ;; - crisv32 | crisv32-* | etraxfs*) - basic_machine=crisv32-axis - ;; - cris | cris-* | etrax*) - basic_machine=cris-axis - ;; - crx) - basic_machine=crx-unknown - os=-elf - ;; - da30 | da30-*) - basic_machine=m68k-da30 - ;; - decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) - basic_machine=mips-dec - ;; - decsystem10* | dec10*) - basic_machine=pdp10-dec - os=-tops10 - ;; - decsystem20* | dec20*) - basic_machine=pdp10-dec - os=-tops20 - ;; - delta | 3300 | motorola-3300 | motorola-delta \ - | 3300-motorola | delta-motorola) - basic_machine=m68k-motorola - ;; - delta88) - basic_machine=m88k-motorola - os=-sysv3 - ;; - djgpp) - basic_machine=i586-pc - os=-msdosdjgpp - ;; - dpx20 | dpx20-*) - basic_machine=rs6000-bull - os=-bosx - ;; - dpx2* | dpx2*-bull) - basic_machine=m68k-bull - os=-sysv3 - ;; - ebmon29k) - basic_machine=a29k-amd - os=-ebmon - ;; - elxsi) - basic_machine=elxsi-elxsi - os=-bsd - ;; - encore | umax | mmax) - basic_machine=ns32k-encore - ;; - es1800 | OSE68k | ose68k | ose | OSE) - basic_machine=m68k-ericsson - os=-ose - ;; - fx2800) - basic_machine=i860-alliant - ;; - genix) - basic_machine=ns32k-ns - ;; - gmicro) - basic_machine=tron-gmicro - os=-sysv - ;; - go32) - basic_machine=i386-pc - os=-go32 - ;; - h3050r* | hiux*) - basic_machine=hppa1.1-hitachi - os=-hiuxwe2 - ;; - h8300hms) - basic_machine=h8300-hitachi - os=-hms - ;; - h8300xray) - basic_machine=h8300-hitachi - os=-xray - ;; - h8500hms) - basic_machine=h8500-hitachi - os=-hms - ;; - harris) - basic_machine=m88k-harris - os=-sysv3 - ;; - hp300-*) - basic_machine=m68k-hp - ;; - hp300bsd) - basic_machine=m68k-hp - os=-bsd - ;; - hp300hpux) - basic_machine=m68k-hp - os=-hpux - ;; - hp3k9[0-9][0-9] | hp9[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hp9k2[0-9][0-9] | hp9k31[0-9]) - basic_machine=m68000-hp - ;; - hp9k3[2-9][0-9]) - basic_machine=m68k-hp - ;; - hp9k6[0-9][0-9] | hp6[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hp9k7[0-79][0-9] | hp7[0-79][0-9]) - basic_machine=hppa1.1-hp - ;; - hp9k78[0-9] | hp78[0-9]) - # FIXME: really hppa2.0-hp - basic_machine=hppa1.1-hp - ;; - hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) - # FIXME: really hppa2.0-hp - basic_machine=hppa1.1-hp - ;; - hp9k8[0-9][13679] | hp8[0-9][13679]) - basic_machine=hppa1.1-hp - ;; - hp9k8[0-9][0-9] | hp8[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hppa-next) - os=-nextstep3 - ;; - hppaosf) - basic_machine=hppa1.1-hp - os=-osf - ;; - hppro) - basic_machine=hppa1.1-hp - os=-proelf - ;; - i370-ibm* | ibm*) - basic_machine=i370-ibm - ;; -# I'm not sure what "Sysv32" means. Should this be sysv3.2? - i*86v32) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-sysv32 - ;; - i*86v4*) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-sysv4 - ;; - i*86v) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-sysv - ;; - i*86sol2) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-solaris2 - ;; - i386mach) - basic_machine=i386-mach - os=-mach - ;; - i386-vsta | vsta) - basic_machine=i386-unknown - os=-vsta - ;; - iris | iris4d) - basic_machine=mips-sgi - case $os in - -irix*) - ;; - *) - os=-irix4 - ;; - esac - ;; - isi68 | isi) - basic_machine=m68k-isi - os=-sysv - ;; - m88k-omron*) - basic_machine=m88k-omron - ;; - magnum | m3230) - basic_machine=mips-mips - os=-sysv - ;; - merlin) - basic_machine=ns32k-utek - os=-sysv - ;; - mingw32) - basic_machine=i386-pc - os=-mingw32 - ;; - miniframe) - basic_machine=m68000-convergent - ;; - *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) - basic_machine=m68k-atari - os=-mint - ;; - mips3*-*) - basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` - ;; - mips3*) - basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown - ;; - monitor) - basic_machine=m68k-rom68k - os=-coff - ;; - morphos) - basic_machine=powerpc-unknown - os=-morphos - ;; - msdos) - basic_machine=i386-pc - os=-msdos - ;; - mvs) - basic_machine=i370-ibm - os=-mvs - ;; - ncr3000) - basic_machine=i486-ncr - os=-sysv4 - ;; - netbsd386) - basic_machine=i386-unknown - os=-netbsd - ;; - netwinder) - basic_machine=armv4l-rebel - os=-linux - ;; - news | news700 | news800 | news900) - basic_machine=m68k-sony - os=-newsos - ;; - news1000) - basic_machine=m68030-sony - os=-newsos - ;; - news-3600 | risc-news) - basic_machine=mips-sony - os=-newsos - ;; - necv70) - basic_machine=v70-nec - os=-sysv - ;; - next | m*-next ) - basic_machine=m68k-next - case $os in - -nextstep* ) - ;; - -ns2*) - os=-nextstep2 - ;; - *) - os=-nextstep3 - ;; - esac - ;; - nh3000) - basic_machine=m68k-harris - os=-cxux - ;; - nh[45]000) - basic_machine=m88k-harris - os=-cxux - ;; - nindy960) - basic_machine=i960-intel - os=-nindy - ;; - mon960) - basic_machine=i960-intel - os=-mon960 - ;; - nonstopux) - basic_machine=mips-compaq - os=-nonstopux - ;; - np1) - basic_machine=np1-gould - ;; - nsr-tandem) - basic_machine=nsr-tandem - ;; - op50n-* | op60c-*) - basic_machine=hppa1.1-oki - os=-proelf - ;; - openrisc | openrisc-*) - basic_machine=or32-unknown - ;; - os400) - basic_machine=powerpc-ibm - os=-os400 - ;; - OSE68000 | ose68000) - basic_machine=m68000-ericsson - os=-ose - ;; - os68k) - basic_machine=m68k-none - os=-os68k - ;; - pa-hitachi) - basic_machine=hppa1.1-hitachi - os=-hiuxwe2 - ;; - paragon) - basic_machine=i860-intel - os=-osf - ;; - pbd) - basic_machine=sparc-tti - ;; - pbb) - basic_machine=m68k-tti - ;; - pc532 | pc532-*) - basic_machine=ns32k-pc532 - ;; - pentium | p5 | k5 | k6 | nexgen | viac3) - basic_machine=i586-pc - ;; - pentiumpro | p6 | 6x86 | athlon | athlon_*) - basic_machine=i686-pc - ;; - pentiumii | pentium2 | pentiumiii | pentium3) - basic_machine=i686-pc - ;; - pentium4) - basic_machine=i786-pc - ;; - pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*) - basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentiumpro-* | p6-* | 6x86-* | athlon-*) - basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*) - basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentium4-*) - basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pn) - basic_machine=pn-gould - ;; - power) basic_machine=power-ibm - ;; - ppc) basic_machine=powerpc-unknown - ;; - ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ppcle | powerpclittle | ppc-le | powerpc-little) - basic_machine=powerpcle-unknown - ;; - ppcle-* | powerpclittle-*) - basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ppc64) basic_machine=powerpc64-unknown - ;; - ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ppc64le | powerpc64little | ppc64-le | powerpc64-little) - basic_machine=powerpc64le-unknown - ;; - ppc64le-* | powerpc64little-*) - basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ps2) - basic_machine=i386-ibm - ;; - pw32) - basic_machine=i586-unknown - os=-pw32 - ;; - rom68k) - basic_machine=m68k-rom68k - os=-coff - ;; - rm[46]00) - basic_machine=mips-siemens - ;; - rtpc | rtpc-*) - basic_machine=romp-ibm - ;; - s390 | s390-*) - basic_machine=s390-ibm - ;; - s390x | s390x-*) - basic_machine=s390x-ibm - ;; - sa29200) - basic_machine=a29k-amd - os=-udi - ;; - sb1) - basic_machine=mipsisa64sb1-unknown - ;; - sb1el) - basic_machine=mipsisa64sb1el-unknown - ;; - sei) - basic_machine=mips-sei - os=-seiux - ;; - sequent) - basic_machine=i386-sequent - ;; - sh) - basic_machine=sh-hitachi - os=-hms - ;; - sh64) - basic_machine=sh64-unknown - ;; - sparclite-wrs | simso-wrs) - basic_machine=sparclite-wrs - os=-vxworks - ;; - sps7) - basic_machine=m68k-bull - os=-sysv2 - ;; - spur) - basic_machine=spur-unknown - ;; - st2000) - basic_machine=m68k-tandem - ;; - stratus) - basic_machine=i860-stratus - os=-sysv4 - ;; - sun2) - basic_machine=m68000-sun - ;; - sun2os3) - basic_machine=m68000-sun - os=-sunos3 - ;; - sun2os4) - basic_machine=m68000-sun - os=-sunos4 - ;; - sun3os3) - basic_machine=m68k-sun - os=-sunos3 - ;; - sun3os4) - basic_machine=m68k-sun - os=-sunos4 - ;; - sun4os3) - basic_machine=sparc-sun - os=-sunos3 - ;; - sun4os4) - basic_machine=sparc-sun - os=-sunos4 - ;; - sun4sol2) - basic_machine=sparc-sun - os=-solaris2 - ;; - sun3 | sun3-*) - basic_machine=m68k-sun - ;; - sun4) - basic_machine=sparc-sun - ;; - sun386 | sun386i | roadrunner) - basic_machine=i386-sun - ;; - sv1) - basic_machine=sv1-cray - os=-unicos - ;; - symmetry) - basic_machine=i386-sequent - os=-dynix - ;; - t3e) - basic_machine=alphaev5-cray - os=-unicos - ;; - t90) - basic_machine=t90-cray - os=-unicos - ;; - tic54x | c54x*) - basic_machine=tic54x-unknown - os=-coff - ;; - tic55x | c55x*) - basic_machine=tic55x-unknown - os=-coff - ;; - tic6x | c6x*) - basic_machine=tic6x-unknown - os=-coff - ;; - tx39) - basic_machine=mipstx39-unknown - ;; - tx39el) - basic_machine=mipstx39el-unknown - ;; - toad1) - basic_machine=pdp10-xkl - os=-tops20 - ;; - tower | tower-32) - basic_machine=m68k-ncr - ;; - tpf) - basic_machine=s390x-ibm - os=-tpf - ;; - udi29k) - basic_machine=a29k-amd - os=-udi - ;; - ultra3) - basic_machine=a29k-nyu - os=-sym1 - ;; - v810 | necv810) - basic_machine=v810-nec - os=-none - ;; - vaxv) - basic_machine=vax-dec - os=-sysv - ;; - vms) - basic_machine=vax-dec - os=-vms - ;; - vpp*|vx|vx-*) - basic_machine=f301-fujitsu - ;; - vxworks960) - basic_machine=i960-wrs - os=-vxworks - ;; - vxworks68) - basic_machine=m68k-wrs - os=-vxworks - ;; - vxworks29k) - basic_machine=a29k-wrs - os=-vxworks - ;; - w65*) - basic_machine=w65-wdc - os=-none - ;; - w89k-*) - basic_machine=hppa1.1-winbond - os=-proelf - ;; - xbox) - basic_machine=i686-pc - os=-mingw32 - ;; - xps | xps100) - basic_machine=xps100-honeywell - ;; - ymp) - basic_machine=ymp-cray - os=-unicos - ;; - z8k-*-coff) - basic_machine=z8k-unknown - os=-sim - ;; - none) - basic_machine=none-none - os=-none - ;; - -# Here we handle the default manufacturer of certain CPU types. It is in -# some cases the only manufacturer, in others, it is the most popular. - w89k) - basic_machine=hppa1.1-winbond - ;; - op50n) - basic_machine=hppa1.1-oki - ;; - op60c) - basic_machine=hppa1.1-oki - ;; - romp) - basic_machine=romp-ibm - ;; - mmix) - basic_machine=mmix-knuth - ;; - rs6000) - basic_machine=rs6000-ibm - ;; - vax) - basic_machine=vax-dec - ;; - pdp10) - # there are many clones, so DEC is not a safe bet - basic_machine=pdp10-unknown - ;; - pdp11) - basic_machine=pdp11-dec - ;; - we32k) - basic_machine=we32k-att - ;; - sh[1234] | sh[24]a | sh[34]eb | sh[1234]le | sh[23]ele) - basic_machine=sh-unknown - ;; - sparc | sparcv8 | sparcv9 | sparcv9b) - basic_machine=sparc-sun - ;; - cydra) - basic_machine=cydra-cydrome - ;; - orion) - basic_machine=orion-highlevel - ;; - orion105) - basic_machine=clipper-highlevel - ;; - mac | mpw | mac-mpw) - basic_machine=m68k-apple - ;; - pmac | pmac-mpw) - basic_machine=powerpc-apple - ;; - *-unknown) - # Make sure to match an already-canonicalized machine name. - ;; - *) - echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 - exit 1 - ;; -esac - -# Here we canonicalize certain aliases for manufacturers. -case $basic_machine in - *-digital*) - basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'` - ;; - *-commodore*) - basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'` - ;; - *) - ;; -esac - -# Decode manufacturer-specific aliases for certain operating systems. - -if [ x"$os" != x"" ] -then -case $os in - # First match some system type aliases - # that might get confused with valid system types. - # -solaris* is a basic system type, with this one exception. - -solaris1 | -solaris1.*) - os=`echo $os | sed -e 's|solaris1|sunos4|'` - ;; - -solaris) - os=-solaris2 - ;; - -svr4*) - os=-sysv4 - ;; - -unixware*) - os=-sysv4.2uw - ;; - -gnu/linux*) - os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'` - ;; - # First accept the basic system types. - # The portable systems comes first. - # Each alternative MUST END IN A *, to match a version number. - # -sysv* is not here because it comes later, after sysvr4. - -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ - | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\ - | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \ - | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ - | -aos* \ - | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ - | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ - | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* | -openbsd* \ - | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ - | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ - | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ - | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ - | -chorusos* | -chorusrdb* \ - | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ - | -mingw32* | -linux-gnu* | -linux-uclibc* | -uxpv* | -beos* | -mpeix* | -udk* \ - | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ - | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ - | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \ - | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ - | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ - | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ - | -skyos* | -haiku*) - # Remember, each alternative MUST END IN *, to match a version number. - ;; - -qnx*) - case $basic_machine in - x86-* | i*86-*) - ;; - *) - os=-nto$os - ;; - esac - ;; - -nto-qnx*) - ;; - -nto*) - os=`echo $os | sed -e 's|nto|nto-qnx|'` - ;; - -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ - | -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \ - | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) - ;; - -mac*) - os=`echo $os | sed -e 's|mac|macos|'` - ;; - -linux-dietlibc) - os=-linux-dietlibc - ;; - -linux*) - os=`echo $os | sed -e 's|linux|linux-gnu|'` - ;; - -sunos5*) - os=`echo $os | sed -e 's|sunos5|solaris2|'` - ;; - -sunos6*) - os=`echo $os | sed -e 's|sunos6|solaris3|'` - ;; - -opened*) - os=-openedition - ;; - -os400*) - os=-os400 - ;; - -wince*) - os=-wince - ;; - -osfrose*) - os=-osfrose - ;; - -osf*) - os=-osf - ;; - -utek*) - os=-bsd - ;; - -dynix*) - os=-bsd - ;; - -acis*) - os=-aos - ;; - -atheos*) - os=-atheos - ;; - -syllable*) - os=-syllable - ;; - -386bsd) - os=-bsd - ;; - -ctix* | -uts*) - os=-sysv - ;; - -nova*) - os=-rtmk-nova - ;; - -ns2 ) - os=-nextstep2 - ;; - -nsk*) - os=-nsk - ;; - # Preserve the version number of sinix5. - -sinix5.*) - os=`echo $os | sed -e 's|sinix|sysv|'` - ;; - -sinix*) - os=-sysv4 - ;; - -tpf*) - os=-tpf - ;; - -triton*) - os=-sysv3 - ;; - -oss*) - os=-sysv3 - ;; - -svr4) - os=-sysv4 - ;; - -svr3) - os=-sysv3 - ;; - -sysvr4) - os=-sysv4 - ;; - # This must come after -sysvr4. - -sysv*) - ;; - -ose*) - os=-ose - ;; - -es1800*) - os=-ose - ;; - -xenix) - os=-xenix - ;; - -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) - os=-mint - ;; - -aros*) - os=-aros - ;; - -kaos*) - os=-kaos - ;; - -zvmoe) - os=-zvmoe - ;; - -none) - ;; - *) - # Get rid of the `-' at the beginning of $os. - os=`echo $os | sed 's/[^-]*-//'` - echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2 - exit 1 - ;; -esac -else - -# Here we handle the default operating systems that come with various machines. -# The value should be what the vendor currently ships out the door with their -# machine or put another way, the most popular os provided with the machine. - -# Note that if you're going to try to match "-MANUFACTURER" here (say, -# "-sun"), then you have to tell the case statement up towards the top -# that MANUFACTURER isn't an operating system. Otherwise, code above -# will signal an error saying that MANUFACTURER isn't an operating -# system, and we'll never get to this point. - -case $basic_machine in - *-acorn) - os=-riscix1.2 - ;; - arm*-rebel) - os=-linux - ;; - arm*-semi) - os=-aout - ;; - c4x-* | tic4x-*) - os=-coff - ;; - # This must come before the *-dec entry. - pdp10-*) - os=-tops20 - ;; - pdp11-*) - os=-none - ;; - *-dec | vax-*) - os=-ultrix4.2 - ;; - m68*-apollo) - os=-domain - ;; - i386-sun) - os=-sunos4.0.2 - ;; - m68000-sun) - os=-sunos3 - # This also exists in the configure program, but was not the - # default. - # os=-sunos4 - ;; - m68*-cisco) - os=-aout - ;; - mips*-cisco) - os=-elf - ;; - mips*-*) - os=-elf - ;; - or32-*) - os=-coff - ;; - *-tti) # must be before sparc entry or we get the wrong os. - os=-sysv3 - ;; - sparc-* | *-sun) - os=-sunos4.1.1 - ;; - *-be) - os=-beos - ;; - *-haiku) - os=-haiku - ;; - *-ibm) - os=-aix - ;; - *-knuth) - os=-mmixware - ;; - *-wec) - os=-proelf - ;; - *-winbond) - os=-proelf - ;; - *-oki) - os=-proelf - ;; - *-hp) - os=-hpux - ;; - *-hitachi) - os=-hiux - ;; - i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) - os=-sysv - ;; - *-cbm) - os=-amigaos - ;; - *-dg) - os=-dgux - ;; - *-dolphin) - os=-sysv3 - ;; - m68k-ccur) - os=-rtu - ;; - m88k-omron*) - os=-luna - ;; - *-next ) - os=-nextstep - ;; - *-sequent) - os=-ptx - ;; - *-crds) - os=-unos - ;; - *-ns) - os=-genix - ;; - i370-*) - os=-mvs - ;; - *-next) - os=-nextstep3 - ;; - *-gould) - os=-sysv - ;; - *-highlevel) - os=-bsd - ;; - *-encore) - os=-bsd - ;; - *-sgi) - os=-irix - ;; - *-siemens) - os=-sysv4 - ;; - *-masscomp) - os=-rtu - ;; - f30[01]-fujitsu | f700-fujitsu) - os=-uxpv - ;; - *-rom68k) - os=-coff - ;; - *-*bug) - os=-coff - ;; - *-apple) - os=-macos - ;; - *-atari*) - os=-mint - ;; - *) - os=-none - ;; -esac -fi - -# Here we handle the case where we know the os, and the CPU type, but not the -# manufacturer. We pick the logical manufacturer. -vendor=unknown -case $basic_machine in - *-unknown) - case $os in - -riscix*) - vendor=acorn - ;; - -sunos*) - vendor=sun - ;; - -aix*) - vendor=ibm - ;; - -beos*) - vendor=be - ;; - -hpux*) - vendor=hp - ;; - -mpeix*) - vendor=hp - ;; - -hiux*) - vendor=hitachi - ;; - -unos*) - vendor=crds - ;; - -dgux*) - vendor=dg - ;; - -luna*) - vendor=omron - ;; - -genix*) - vendor=ns - ;; - -mvs* | -opened*) - vendor=ibm - ;; - -os400*) - vendor=ibm - ;; - -ptx*) - vendor=sequent - ;; - -tpf*) - vendor=ibm - ;; - -vxsim* | -vxworks* | -windiss*) - vendor=wrs - ;; - -aux*) - vendor=apple - ;; - -hms*) - vendor=hitachi - ;; - -mpw* | -macos*) - vendor=apple - ;; - -*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*) - vendor=atari - ;; - -vos*) - vendor=stratus - ;; - esac - basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"` - ;; -esac - -echo $basic_machine$os -exit - -# Local variables: -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "timestamp='" -# time-stamp-format: "%:y-%02m-%02d" -# time-stamp-end: "'" -# End: diff --git a/sss_client/configure.ac b/sss_client/configure.ac deleted file mode 100644 index c32bb6fd6..000000000 --- a/sss_client/configure.ac +++ /dev/null @@ -1,54 +0,0 @@ -AC_PREREQ(2.50) -m4_include([../version.m4]) -AC_INIT([sss_client], - VERSION_NUMBER, - [sssd-devel@lists.fedorahosted.org]) -AC_CONFIG_SRCDIR([common.c]) -AC_CONFIG_HEADER(config.h) -AC_CONFIG_AUX_DIR([build]) -AM_INIT_AUTOMAKE([-Wall foreign subdir-objects]) -AM_PROG_CC_C_O -AC_DISABLE_STATIC -AC_PROG_LIBTOOL -AC_CONFIG_MACRO_DIR([m4]) -AM_GNU_GETTEXT([external]) -AM_GNU_GETTEXT_VERSION([0.14]) - -AM_CONDITIONAL([HAVE_GCC], [test "$ac_cv_prog_gcc" = yes]) - -AC_CHECK_TYPES([errno_t], [], [], [[#include ]]) - -m4_pattern_allow([AM_SILENT_RULES]) -AM_SILENT_RULES - -AC_SUBST(PAM_LIBS) - -#Check for PAM headers -AC_CHECK_HEADERS([security/pam_appl.h security/pam_misc.h security/pam_modules.h], - [AC_CHECK_LIB(pam, pam_get_item, [ PAM_LIBS="-lpam" ], [AC_MSG_ERROR([PAM must support pam_get_item])])], - [AC_MSG_ERROR([PAM development libraries not installed])] -) - -#Set the NSS library install path -AC_ARG_ENABLE([nsslibdir], [AS_HELP_STRING([--enable-nsslibdir], - [Where to install nss libraries ($libdir)])], - [nsslibdir=$enableval], - [nsslibdir=$libdir]) -AC_SUBST(nsslibdir) - -m4_include([conf_macros.m4]) -BUILD_WITH_AUX_INFO -WITH_PIPE_PATH -WITH_MANPAGES -WITH_XML_CATALOG - -m4_include([external/docbook.m4]) -if test x$HAVE_MANPAGES != x; then - CHECK_XML_TOOLS - CHECK_STYLESHEET([$SGML_CATALOG_FILES], - [http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl], - [Docbook XSL templates]) -fi - -AC_CONFIG_FILES([Makefile po/Makefile.in]) -AC_OUTPUT diff --git a/sss_client/external/docbook.m4 b/sss_client/external/docbook.m4 deleted file mode 100644 index cae89feb1..000000000 --- a/sss_client/external/docbook.m4 +++ /dev/null @@ -1,35 +0,0 @@ -dnl Checks for tools needed to generate manual pages -AC_DEFUN([CHECK_XML_TOOLS], -[ - AC_PATH_PROG([XSLTPROC], [xsltproc]) - if test ! -x "$XSLTPROC"; then - AC_MSG_ERROR([Could not find xsltproc]) - fi - - AC_PATH_PROG([XMLLINT], [xmllint]) - if test ! -x "$XMLLINT"; then - AC_MSG_ERROR([Could not find xmllint]) - fi - - AC_PATH_PROG([XMLCATALOG], [xmlcatalog]) - if test ! -x "$XMLCATALOG"; then - AC_MSG_ERROR([Could not find xmlcatalog]) - fi -]) - -dnl Usage: -dnl CHECK_STYLESHEET_URI(FILE, URI, [FRIENDLY-NAME]) -dnl Checks if the XML catalog given by FILE exists and -dnl if a particular URI appears in the XML catalog -AC_DEFUN([CHECK_STYLESHEET], -[ - AC_CHECK_FILE($1, [], [AC_MSG_ERROR([could not find XML catalog])]) - - AC_MSG_CHECKING([for ifelse([$3],,[$2],[$3]) in XML catalog]) - if AC_RUN_LOG([$XMLCATALOG --noout "$1" "$2" >&2]); then - AC_MSG_RESULT([yes]) - else - AC_MSG_ERROR([could not find ifelse([$3],,[$2],[$3]) in XML catalog]) - fi -]) - diff --git a/sss_client/group.c b/sss_client/group.c deleted file mode 100644 index 675b8b71e..000000000 --- a/sss_client/group.c +++ /dev/null @@ -1,435 +0,0 @@ -/* - * System Security Services Daemon. NSS client interface - * - * Copyright (C) Simo Sorce 2007 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - */ - -/* GROUP database NSS interface */ - -#include -#include -#include -#include -#include -#include -#include -#include "sss_cli.h" - -static struct sss_nss_getgrent_data { - size_t len; - size_t ptr; - uint8_t *data; -} sss_nss_getgrent_data; - -static void sss_nss_getgrent_data_clean(void) { - - if (sss_nss_getgrent_data.data != NULL) { - free(sss_nss_getgrent_data.data); - sss_nss_getgrent_data.data = NULL; - } - sss_nss_getgrent_data.len = 0; - sss_nss_getgrent_data.ptr = 0; -} - -/* GETGRNAM Request: - * - * 0-X: string with name - * - * GERTGRGID Request: - * - * 0-7: 32bit number with gid - * - * INITGROUPS Request: - * - * 0-3: 32bit number with gid - * 4-7: 32bit unsigned with max num of entries - * - * Replies: - * - * 0-3: 32bit unsigned number of results - * 4-7: 32bit unsigned (reserved/padding) - * For each result (64bit padded ?): - * 0-3: 32bit number gid - * 4-7: 32bit unsigned number of members - * 8-X: sequence of 0 terminated strings (name, passwd, mem..) - * - * FIXME: do we need to pad so that each result is 32 bit aligned ? - */ -struct sss_nss_gr_rep { - struct group *result; - char *buffer; - size_t buflen; -}; - -static int sss_nss_getgr_readrep(struct sss_nss_gr_rep *pr, - uint8_t *buf, size_t *len) -{ - size_t i, l, slen, ptmem; - ssize_t dlen; - char *sbuf; - uint32_t mem_num; - - if (*len < 11) { /* not enough space for data, bad packet */ - return EBADMSG; - } - - pr->result->gr_gid = ((uint32_t *)buf)[0]; - mem_num = ((uint32_t *)buf)[1]; - - sbuf = (char *)&buf[8]; - slen = *len - 8; - dlen = pr->buflen; - - pr->result->gr_name = &(pr->buffer[0]); - i = 0; - while (slen > i && dlen > 0) { - pr->buffer[i] = sbuf[i]; - if (pr->buffer[i] == '\0') break; - i++; - dlen--; - } - if (slen <= i) { /* premature end of buf */ - return EBADMSG; - } - if (dlen <= 0) { /* not enough memory */ - return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ - } - i++; - dlen--; - - pr->result->gr_passwd = &(pr->buffer[i]); - while (slen > i && dlen > 0) { - pr->buffer[i] = sbuf[i]; - if (pr->buffer[i] == '\0') break; - i++; - dlen--; - } - if (slen <= i) { /* premature end of buf */ - return EBADMSG; - } - if (dlen <= 0) { /* not enough memory */ - return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ - } - i++; - dlen--; - - /* now members */ - pr->result->gr_mem = (char **)&(pr->buffer[i]); - ptmem = sizeof(char *) * (mem_num + 1); - if (ptmem > dlen) { - return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ - } - dlen -= ptmem; - ptmem += i; - pr->result->gr_mem[mem_num] = NULL; /* terminate array */ - - for (l = 0; l < mem_num; l++) { - pr->result->gr_mem[l] = &(pr->buffer[ptmem]); - while ((slen > i) && (dlen > 0)) { - pr->buffer[ptmem] = sbuf[i]; - if (pr->buffer[ptmem] == '\0') break; - i++; - dlen--; - ptmem++; - } - if (slen <= i) { /* premature end of buf */ - return EBADMSG; - } - if (dlen <= 0) { /* not enough memory */ - return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ - } - i++; - dlen--; - ptmem++; - } - - *len = slen -i; - return 0; -} - -/* INITGROUP Reply: - * - * 0-3: 32bit unsigned number of results - * 4-7: 32bit unsigned (reserved/padding) - * For each result: - * 0-4: 32bit number with gid - */ - - -enum nss_status _nss_sss_initgroups_dyn(const char *user, gid_t group, - long int *start, long int *size, - gid_t **groups, long int limit, - int *errnop) -{ - struct sss_cli_req_data rd; - uint8_t *repbuf; - size_t replen; - enum nss_status nret; - uint32_t *rbuf; - uint32_t num_ret; - long int l, max_ret; - - rd.len = strlen(user) +1; - rd.data = user; - - nret = sss_nss_make_request(SSS_NSS_INITGR, &rd, - &repbuf, &replen, errnop); - if (nret != NSS_STATUS_SUCCESS) { - return nret; - } - - /* no results if not found */ - num_ret = ((uint32_t *)repbuf)[0]; - if (num_ret == 0) { - free(repbuf); - return NSS_STATUS_NOTFOUND; - } - max_ret = num_ret; - - /* check we have enough space in the buffer */ - if ((*size - *start) < num_ret) { - long int newsize; - gid_t *newgroups; - - newsize = *size + num_ret; - if ((limit > 0) && (newsize > limit)) { - newsize = limit; - max_ret = newsize - *start; - } - - newgroups = (gid_t *)realloc((*groups), newsize * sizeof(**groups)); - if (!newgroups) { - *errnop = ENOMEM; - free(repbuf); - return NSS_STATUS_TRYAGAIN; - } - *groups = newgroups; - *size = newsize; - } - - rbuf = &((uint32_t *)repbuf)[2]; - for (l = 0; l < max_ret; l++) { - (*groups)[*start] = rbuf[l]; - *start += 1; - } - - return NSS_STATUS_SUCCESS; -} - - -enum nss_status _nss_sss_getgrnam_r(const char *name, struct group *result, - char *buffer, size_t buflen, int *errnop) -{ - struct sss_cli_req_data rd; - struct sss_nss_gr_rep grrep; - uint8_t *repbuf; - size_t replen, len; - enum nss_status nret; - int ret; - - /* Caught once glibc passing in buffer == 0x0 */ - if (!buffer || !buflen) return ERANGE; - - rd.len = strlen(name) + 1; - rd.data = name; - - nret = sss_nss_make_request(SSS_NSS_GETGRNAM, &rd, - &repbuf, &replen, errnop); - if (nret != NSS_STATUS_SUCCESS) { - return nret; - } - - grrep.result = result; - grrep.buffer = buffer; - grrep.buflen = buflen; - - /* no results if not found */ - if (((uint32_t *)repbuf)[0] == 0) { - free(repbuf); - return NSS_STATUS_NOTFOUND; - } - - /* only 1 result is accepted for this function */ - if (((uint32_t *)repbuf)[0] != 1) { - *errnop = EBADMSG; - return NSS_STATUS_TRYAGAIN; - } - - len = replen - 8; - ret = sss_nss_getgr_readrep(&grrep, repbuf+8, &len); - free(repbuf); - if (ret) { - *errnop = ret; - return NSS_STATUS_TRYAGAIN; - } - - return NSS_STATUS_SUCCESS; -} - -enum nss_status _nss_sss_getgrgid_r(gid_t gid, struct group *result, - char *buffer, size_t buflen, int *errnop) -{ - struct sss_cli_req_data rd; - struct sss_nss_gr_rep grrep; - uint8_t *repbuf; - size_t replen, len; - enum nss_status nret; - uint32_t group_gid; - int ret; - - /* Caught once glibc passing in buffer == 0x0 */ - if (!buffer || !buflen) return ERANGE; - - group_gid = gid; - rd.len = sizeof(uint32_t); - rd.data = &group_gid; - - nret = sss_nss_make_request(SSS_NSS_GETGRGID, &rd, - &repbuf, &replen, errnop); - if (nret != NSS_STATUS_SUCCESS) { - return nret; - } - - grrep.result = result; - grrep.buffer = buffer; - grrep.buflen = buflen; - - /* no results if not found */ - if (((uint32_t *)repbuf)[0] == 0) { - free(repbuf); - return NSS_STATUS_NOTFOUND; - } - - /* only 1 result is accepted for this function */ - if (((uint32_t *)repbuf)[0] != 1) { - *errnop = EBADMSG; - return NSS_STATUS_TRYAGAIN; - } - - len = replen - 8; - ret = sss_nss_getgr_readrep(&grrep, repbuf+8, &len); - free(repbuf); - if (ret) { - *errnop = ret; - return NSS_STATUS_TRYAGAIN; - } - - return NSS_STATUS_SUCCESS; -} - -enum nss_status _nss_sss_setgrent(void) -{ - enum nss_status nret; - int errnop; - - /* make sure we do not have leftovers, and release memory */ - sss_nss_getgrent_data_clean(); - - nret = sss_nss_make_request(SSS_NSS_SETGRENT, - NULL, NULL, NULL, &errnop); - if (nret != NSS_STATUS_SUCCESS) { - errno = errnop; - return nret; - } - - return NSS_STATUS_SUCCESS; -} - -enum nss_status _nss_sss_getgrent_r(struct group *result, - char *buffer, size_t buflen, int *errnop) -{ - struct sss_cli_req_data rd; - struct sss_nss_gr_rep grrep; - uint8_t *repbuf; - size_t replen; - enum nss_status nret; - uint32_t num_entries; - int ret; - - /* Caught once glibc passing in buffer == 0x0 */ - if (!buffer || !buflen) return ERANGE; - - /* if there are leftovers return the next one */ - if (sss_nss_getgrent_data.data != NULL && - sss_nss_getgrent_data.ptr < sss_nss_getgrent_data.len) { - - repbuf = (uint8_t *)sss_nss_getgrent_data.data + - sss_nss_getgrent_data.ptr; - replen = sss_nss_getgrent_data.len - - sss_nss_getgrent_data.ptr; - - grrep.result = result; - grrep.buffer = buffer; - grrep.buflen = buflen; - - ret = sss_nss_getgr_readrep(&grrep, repbuf, &replen); - if (ret) { - *errnop = ret; - return NSS_STATUS_TRYAGAIN; - } - - /* advance buffer pointer */ - sss_nss_getgrent_data.ptr = sss_nss_getgrent_data.len - replen; - - return NSS_STATUS_SUCCESS; - } - - /* release memory if any */ - sss_nss_getgrent_data_clean(); - - /* retrieve no more than SSS_NSS_MAX_ENTRIES at a time */ - num_entries = SSS_NSS_MAX_ENTRIES; - rd.len = sizeof(uint32_t); - rd.data = &num_entries; - - nret = sss_nss_make_request(SSS_NSS_GETGRENT, &rd, - &repbuf, &replen, errnop); - if (nret != NSS_STATUS_SUCCESS) { - return nret; - } - - /* no results if not found */ - if ((((uint32_t *)repbuf)[0] == 0) || (replen - 8 == 0)) { - free(repbuf); - return NSS_STATUS_NOTFOUND; - } - - sss_nss_getgrent_data.data = repbuf; - sss_nss_getgrent_data.len = replen; - sss_nss_getgrent_data.ptr = 8; /* skip metadata fields */ - - /* call again ourselves, this will return the first result */ - return _nss_sss_getgrent_r(result, buffer, buflen, errnop); -} - -enum nss_status _nss_sss_endgrent(void) -{ - enum nss_status nret; - int errnop; - - /* make sure we do not have leftovers, and release memory */ - sss_nss_getgrent_data_clean(); - - nret = sss_nss_make_request(SSS_NSS_ENDGRENT, - NULL, NULL, NULL, &errnop); - if (nret != NSS_STATUS_SUCCESS) { - errno = errnop; - return nret; - } - - return NSS_STATUS_SUCCESS; -} diff --git a/sss_client/install-sh b/sss_client/install-sh deleted file mode 100755 index 58719246f..000000000 --- a/sss_client/install-sh +++ /dev/null @@ -1,238 +0,0 @@ -#! /bin/sh -# -# install - install a program, script, or datafile -# This comes from X11R5. -# -# Calling this script install-sh is preferred over install.sh, to prevent -# `make' implicit rules from creating a file called install from it -# when there is no Makefile. -# -# This script is compatible with the BSD install script, but was written -# from scratch. -# - - -# set DOITPROG to echo to test this script - -# Don't use :- since 4.3BSD and earlier shells don't like it. -doit="${DOITPROG-}" - - -# put in absolute paths if you don't have them in your path; or use env. vars. - -mvprog="${MVPROG-mv}" -cpprog="${CPPROG-cp}" -chmodprog="${CHMODPROG-chmod}" -chownprog="${CHOWNPROG-chown}" -chgrpprog="${CHGRPPROG-chgrp}" -stripprog="${STRIPPROG-strip}" -rmprog="${RMPROG-rm}" -mkdirprog="${MKDIRPROG-mkdir}" - -transformbasename="" -transform_arg="" -instcmd="$mvprog" -chmodcmd="$chmodprog 0755" -chowncmd="" -chgrpcmd="" -stripcmd="" -rmcmd="$rmprog -f" -mvcmd="$mvprog" -src="" -dst="" -dir_arg="" - -while [ x"$1" != x ]; do - case $1 in - -c) instcmd="$cpprog" - shift - continue;; - - -d) dir_arg=true - shift - continue;; - - -m) chmodcmd="$chmodprog $2" - shift - shift - continue;; - - -o) chowncmd="$chownprog $2" - shift - shift - continue;; - - -g) chgrpcmd="$chgrpprog $2" - shift - shift - continue;; - - -s) stripcmd="$stripprog" - shift - continue;; - - -t=*) transformarg=`echo $1 | sed 's/-t=//'` - shift - continue;; - - -b=*) transformbasename=`echo $1 | sed 's/-b=//'` - shift - continue;; - - *) if [ x"$src" = x ] - then - src=$1 - else - # this colon is to work around a 386BSD /bin/sh bug - : - dst=$1 - fi - shift - continue;; - esac -done - -if [ x"$src" = x ] -then - echo "install: no input file specified" - exit 1 -else - true -fi - -if [ x"$dir_arg" != x ]; then - dst=$src - src="" - - if [ -d $dst ]; then - instcmd=: - else - instcmd=mkdir - fi -else - -# Waiting for this to be detected by the "$instcmd $src $dsttmp" command -# might cause directories to be created, which would be especially bad -# if $src (and thus $dsttmp) contains '*'. - - if [ -f $src -o -d $src ] - then - true - else - echo "install: $src does not exist" - exit 1 - fi - - if [ x"$dst" = x ] - then - echo "install: no destination specified" - exit 1 - else - true - fi - -# If destination is a directory, append the input filename; if your system -# does not like double slashes in filenames, you may need to add some logic - - if [ -d $dst ] - then - dst="$dst"/`basename $src` - else - true - fi -fi - -## this sed command emulates the dirname command -dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'` - -# Make sure that the destination directory exists. -# this part is taken from Noah Friedman's mkinstalldirs script - -# Skip lots of stat calls in the usual case. -if [ ! -d "$dstdir" ]; then -defaultIFS=' -' -IFS="${IFS-${defaultIFS}}" - -oIFS="${IFS}" -# Some sh's can't handle IFS=/ for some reason. -IFS='%' -set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'` -IFS="${oIFS}" - -pathcomp='' - -while [ $# -ne 0 ] ; do - pathcomp="${pathcomp}${1}" - shift - - if [ ! -d "${pathcomp}" ] ; - then - $mkdirprog "${pathcomp}" - else - true - fi - - pathcomp="${pathcomp}/" -done -fi - -if [ x"$dir_arg" != x ] -then - $doit $instcmd $dst && - - if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi && - if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi && - if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi && - if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi -else - -# If we're going to rename the final executable, determine the name now. - - if [ x"$transformarg" = x ] - then - dstfile=`basename $dst` - else - dstfile=`basename $dst $transformbasename | - sed $transformarg`$transformbasename - fi - -# don't allow the sed command to completely eliminate the filename - - if [ x"$dstfile" = x ] - then - dstfile=`basename $dst` - else - true - fi - -# Make a temp file name in the proper directory. - - dsttmp=$dstdir/#inst.$$# - -# Move or copy the file name to the temp name - - $doit $instcmd $src $dsttmp && - - trap "rm -f ${dsttmp}" 0 && - -# and set any options; do chmod last to preserve setuid bits - -# If any of these fail, we abort the whole thing. If we want to -# ignore errors from any of these, just make sure not to ignore -# errors from the above "$doit $instcmd $src $dsttmp" command. - - if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi && - if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi && - if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi && - if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi && - -# Now rename the file to the real destination. - - $doit $rmcmd -f $dstdir/$dstfile && - $doit $mvcmd $dsttmp $dstdir/$dstfile - -fi && - - -exit 0 diff --git a/sss_client/m4/.dir b/sss_client/m4/.dir deleted file mode 100644 index e69de29bb..000000000 diff --git a/sss_client/man/pam_sss.8.xml b/sss_client/man/pam_sss.8.xml deleted file mode 100644 index f6ac9f477..000000000 --- a/sss_client/man/pam_sss.8.xml +++ /dev/null @@ -1,97 +0,0 @@ - - - -SSSD Manual pages - - - SSSD - The SSSD upstream - http://fedorahosted.org/sssd - - - - pam_sss - 8 - - - - pam_sss - PAM module for SSSD - - - - - pam_sss.so - - forward_pass - - - use_first_pass - - - use_authtok - - - - - - DESCRIPTION - pam_sss.so is the PAM interface to the System - Security Services daemon (SSSD). Errors and results are logged through - syslog(3) with the LOG_AUTHPRIV facility. - - - - OPTIONS - - - - - - - If is set the entered - password is put on the stack for other PAM modules to use. - - - - - - - - - The argument use_first_pass forces the module to use - a previous stacked modules password and will never prompt - the user - if no password is available or the password is - not appropriate, the user will be denied access. - - - - - - - - When password changing enforce the module to set the - new password to the one provided by a previously stacked - password module. - - - - - - - MODULE TYPES PROVIDED - All module types (, , - and ) are provided. - - - - - SEE ALSO - - - sssd.conf8 - - - - - diff --git a/sss_client/pam_sss.c b/sss_client/pam_sss.c deleted file mode 100644 index 8a1e3129a..000000000 --- a/sss_client/pam_sss.c +++ /dev/null @@ -1,1166 +0,0 @@ -/* - Authors: - Sumit Bose - - Copyright (C) 2009 Red Hat - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see . -*/ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD - -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include "sss_pam_macros.h" - -#include "sss_cli.h" - -#include -#define _(STRING) dgettext (PACKAGE, STRING) -#include "config.h" - -#define FLAGS_USE_FIRST_PASS (1 << 0) -#define FLAGS_FORWARD_PASS (1 << 1) -#define FLAGS_USE_AUTHTOK (1 << 2) - -struct pam_items { - const char* pam_service; - const char* pam_user; - const char* pam_tty; - const char* pam_ruser; - const char* pam_rhost; - char* pam_authtok; - char* pam_newauthtok; - const char* pamstack_authtok; - const char* pamstack_oldauthtok; - size_t pam_service_size; - size_t pam_user_size; - size_t pam_tty_size; - size_t pam_ruser_size; - size_t pam_rhost_size; - int pam_authtok_type; - size_t pam_authtok_size; - int pam_newauthtok_type; - size_t pam_newauthtok_size; - pid_t cli_pid; - const char *login_name; -}; - -#define DEBUG_MGS_LEN 1024 -#define MAX_AUTHTOK_SIZE (1024*1024) -#define CHECK_AND_RETURN_PI_STRING(s) ((s != NULL && *s != '\0')? s : "(not available)") - -static void logger(pam_handle_t *pamh, int level, const char *fmt, ...) { - va_list ap; - - va_start(ap, fmt); - -#ifdef DEBUG - va_list apd; - char debug_msg[DEBUG_MGS_LEN]; - int ret; - va_copy(apd, ap); - - ret = vsnprintf(debug_msg, DEBUG_MGS_LEN, fmt, apd); - if (ret >= DEBUG_MGS_LEN) { - D(("the following message is truncated: %s", debug_msg)); - } else if (ret < 0) { - D(("vsnprintf failed to format debug message!")); - } else { - D((debug_msg)); - } - - va_end(apd); -#endif - - pam_vsyslog(pamh, LOG_AUTHPRIV|level, fmt, ap); - - va_end(ap); -} - - -static size_t add_authtok_item(enum pam_item_type type, - enum sss_authtok_type authtok_type, - const char *tok, const size_t size, - uint8_t *buf) { - size_t rp=0; - uint32_t c; - - if (tok == NULL) return 0; - - c = type; - memcpy(&buf[rp], &c, sizeof(uint32_t)); - rp += sizeof(uint32_t); - - c = size + sizeof(uint32_t); - memcpy(&buf[rp], &c, sizeof(uint32_t)); - rp += sizeof(uint32_t); - - c = authtok_type; - memcpy(&buf[rp], &c, sizeof(uint32_t)); - rp += sizeof(uint32_t); - - memcpy(&buf[rp], tok, size); - rp += size; - - return rp; -} - - -static size_t add_uint32_t_item(enum pam_item_type type, const uint32_t val, - uint8_t *buf) { - size_t rp=0; - uint32_t c; - - c = type; - memcpy(&buf[rp], &c, sizeof(uint32_t)); - rp += sizeof(uint32_t); - - c = sizeof(uint32_t); - memcpy(&buf[rp], &c, sizeof(uint32_t)); - rp += sizeof(uint32_t); - - c = val; - memcpy(&buf[rp], &c, sizeof(uint32_t)); - rp += sizeof(uint32_t); - - return rp; -} - -static size_t add_string_item(enum pam_item_type type, const char *str, - const size_t size, uint8_t *buf) { - size_t rp=0; - uint32_t c; - - if (str == NULL || *str == '\0') return 0; - - c = type; - memcpy(&buf[rp], &c, sizeof(uint32_t)); - rp += sizeof(uint32_t); - - c = size; - memcpy(&buf[rp], &c, sizeof(uint32_t)); - rp += sizeof(uint32_t); - - memcpy(&buf[rp], str, size); - rp += size; - - return rp; -} - -static void overwrite_and_free_authtoks(struct pam_items *pi) -{ - if (pi->pam_authtok != NULL) { - _pam_overwrite_n((void *)pi->pam_authtok, pi->pam_authtok_size); - free((void *)pi->pam_authtok); - pi->pam_authtok = NULL; - } - - if (pi->pam_newauthtok != NULL) { - _pam_overwrite_n((void *)pi->pam_newauthtok, pi->pam_newauthtok_size); - free((void *)pi->pam_newauthtok); - pi->pam_newauthtok = NULL; - } -} - -static int pack_message_v3(struct pam_items *pi, size_t *size, - uint8_t **buffer) { - int len; - uint8_t *buf; - int rp; - uint32_t terminator = SSS_END_OF_PAM_REQUEST; - - len = sizeof(uint32_t) + - 2*sizeof(uint32_t) + pi->pam_user_size + - sizeof(uint32_t); - len += *pi->pam_service != '\0' ? - 2*sizeof(uint32_t) + pi->pam_service_size : 0; - len += *pi->pam_tty != '\0' ? - 2*sizeof(uint32_t) + pi->pam_tty_size : 0; - len += *pi->pam_ruser != '\0' ? - 2*sizeof(uint32_t) + pi->pam_ruser_size : 0; - len += *pi->pam_rhost != '\0' ? - 2*sizeof(uint32_t) + pi->pam_rhost_size : 0; - len += pi->pam_authtok != NULL ? - 3*sizeof(uint32_t) + pi->pam_authtok_size : 0; - len += pi->pam_newauthtok != NULL ? - 3*sizeof(uint32_t) + pi->pam_newauthtok_size : 0; - len += 3*sizeof(uint32_t); /* cli_pid */ - - buf = malloc(len); - if (buf == NULL) { - D(("malloc failed.")); - return PAM_BUF_ERR; - } - - rp = 0; - ((uint32_t *)(&buf[rp]))[0] = SSS_START_OF_PAM_REQUEST; - rp += sizeof(uint32_t); - - rp += add_string_item(SSS_PAM_ITEM_USER, pi->pam_user, pi->pam_user_size, - &buf[rp]); - - rp += add_string_item(SSS_PAM_ITEM_SERVICE, pi->pam_service, - pi->pam_service_size, &buf[rp]); - - rp += add_string_item(SSS_PAM_ITEM_TTY, pi->pam_tty, pi->pam_tty_size, - &buf[rp]); - - rp += add_string_item(SSS_PAM_ITEM_RUSER, pi->pam_ruser, pi->pam_ruser_size, - &buf[rp]); - - rp += add_string_item(SSS_PAM_ITEM_RHOST, pi->pam_rhost, pi->pam_rhost_size, - &buf[rp]); - - rp += add_uint32_t_item(SSS_PAM_ITEM_CLI_PID, (uint32_t) pi->cli_pid, - &buf[rp]); - - rp += add_authtok_item(SSS_PAM_ITEM_AUTHTOK, pi->pam_authtok_type, - pi->pam_authtok, pi->pam_authtok_size, &buf[rp]); - - rp += add_authtok_item(SSS_PAM_ITEM_NEWAUTHTOK, pi->pam_newauthtok_type, - pi->pam_newauthtok, pi->pam_newauthtok_size, - &buf[rp]); - - memcpy(&buf[rp], &terminator, sizeof(uint32_t)); - rp += sizeof(uint32_t); - - if (rp != len) { - D(("error during packet creation.")); - return PAM_BUF_ERR; - } - - *size = len; - *buffer = buf; - - return 0; -} - -static int null_strcmp(const char *s1, const char *s2) { - if (s1 == NULL && s2 == NULL) return 0; - if (s1 == NULL && s2 != NULL) return -1; - if (s1 != NULL && s2 == NULL) return 1; - return strcmp(s1, s2); -} - -enum { - SSS_PAM_CONV_DONE = 0, - SSS_PAM_CONV_STD, - SSS_PAM_CONV_REENTER, -}; - -static int do_pam_conversation(pam_handle_t *pamh, const int msg_style, - const char *msg, - const char *reenter_msg, - char **answer) -{ - int ret; - int state = SSS_PAM_CONV_STD; - struct pam_conv *conv; - struct pam_message *mesg[1]; - struct pam_response *resp=NULL; - - if ((msg_style == PAM_TEXT_INFO || msg_style == PAM_ERROR_MSG) && - msg == NULL) return PAM_SYSTEM_ERR; - - if ((msg_style == PAM_PROMPT_ECHO_OFF || - msg_style == PAM_PROMPT_ECHO_ON) && - (msg == NULL || answer == NULL)) return PAM_SYSTEM_ERR; - - if (msg_style == PAM_TEXT_INFO || msg_style == PAM_ERROR_MSG) { - logger(pamh, LOG_INFO, "User %s message: %s", - msg_style == PAM_TEXT_INFO ? "info" : "error", - msg); - } - - ret=pam_get_item(pamh, PAM_CONV, (const void **) &conv); - if (ret != PAM_SUCCESS) return ret; - - do { - mesg[0] = malloc(sizeof(struct pam_message)); - if (mesg[0] == NULL) { - D(("Malloc failed.")); - return PAM_SYSTEM_ERR; - } - - mesg[0]->msg_style = msg_style; - if (state == SSS_PAM_CONV_REENTER) { - mesg[0]->msg = reenter_msg; - } else { - mesg[0]->msg = msg; - } - - ret=conv->conv(1, (const struct pam_message **) mesg, &resp, - conv->appdata_ptr); - free(mesg[0]); - if (ret != PAM_SUCCESS) { - D(("Conversation failure: %s.", pam_strerror(pamh,ret))); - return ret; - } - - if (msg_style == PAM_PROMPT_ECHO_OFF || - msg_style == PAM_PROMPT_ECHO_ON) { - if (resp == NULL) { - D(("response expected, but resp==NULL")); - return PAM_SYSTEM_ERR; - } - - if (state == SSS_PAM_CONV_REENTER) { - if (null_strcmp(*answer, resp[0].resp) != 0) { - logger(pamh, LOG_NOTICE, "Passwords do not match."); - _pam_overwrite((void *)resp[0].resp); - free(resp[0].resp); - if (*answer != NULL) { - _pam_overwrite((void *)*answer); - free(*answer); - *answer = NULL; - } - ret = do_pam_conversation(pamh, PAM_ERROR_MSG, - _("Passwords do not match"), - NULL, NULL); - if (ret != PAM_SUCCESS) { - D(("do_pam_conversation failed.")); - return PAM_SYSTEM_ERR; - } - return PAM_CRED_ERR; - } - _pam_overwrite((void *)resp[0].resp); - free(resp[0].resp); - } else { - if (resp[0].resp == NULL) { - D(("Empty password")); - *answer = NULL; - } else { - *answer = strndup(resp[0].resp, MAX_AUTHTOK_SIZE); - _pam_overwrite((void *)resp[0].resp); - free(resp[0].resp); - if(*answer == NULL) { - D(("strndup failed")); - return PAM_BUF_ERR; - } - } - } - free(resp); - resp = NULL; - } - - if (reenter_msg != NULL && state == SSS_PAM_CONV_STD) { - state = SSS_PAM_CONV_REENTER; - } else { - state = SSS_PAM_CONV_DONE; - } - } while (state != SSS_PAM_CONV_DONE); - - return PAM_SUCCESS; -} - -static int user_info_offline_auth(pam_handle_t *pamh, size_t buflen, - uint8_t *buf) -{ - int ret; - long long expire_date; - struct tm tm; - char expire_str[128]; - char user_msg[256]; - - expire_str[0] = '\0'; - - if (buflen != sizeof(uint32_t) + sizeof(long long)) { - D(("User info response data has the wrong size")); - return PAM_BUF_ERR; - } - - memcpy(&expire_date, buf + sizeof(uint32_t), sizeof(long long)); - - if (expire_date > 0) { - if (localtime_r((time_t *) &expire_date, &tm) != NULL) { - ret = strftime(expire_str, sizeof(expire_str), "%c", &tm); - if (ret == 0) { - D(("strftime failed.")); - expire_str[0] = '\0'; - } - } else { - D(("localtime_r failed")); - } - } - - ret = snprintf(user_msg, sizeof(user_msg), "%s%s%s.", - _("Offline authentication"), - expire_str[0] ? _(", your cached password will expire at: ") : "", - expire_str[0] ? expire_str : ""); - if (ret < 0 || ret >= sizeof(user_msg)) { - D(("snprintf failed.")); - return PAM_SYSTEM_ERR; - } - - ret = do_pam_conversation(pamh, PAM_TEXT_INFO, user_msg, NULL, NULL); - if (ret != PAM_SUCCESS) { - D(("do_pam_conversation failed.")); - return PAM_SYSTEM_ERR; - } - - return PAM_SUCCESS; -} - -static int user_info_offline_auth_delayed(pam_handle_t *pamh, size_t buflen, - uint8_t *buf) -{ - int ret; - long long delayed_until; - struct tm tm; - char delay_str[128]; - char user_msg[256]; - - delay_str[0] = '\0'; - - if (buflen != sizeof(uint32_t) + sizeof(long long)) { - D(("User info response data has the wrong size")); - return PAM_BUF_ERR; - } - - memcpy(&delayed_until, buf + sizeof(uint32_t), sizeof(long long)); - - if (delayed_until <= 0) { - D(("User info response data has an invalid value")); - return PAM_BUF_ERR; - } - - if (localtime_r((time_t *) &delayed_until, &tm) != NULL) { - ret = strftime(delay_str, sizeof(delay_str), "%c", &tm); - if (ret == 0) { - D(("strftime failed.")); - delay_str[0] = '\0'; - } - } else { - D(("localtime_r failed")); - } - - ret = snprintf(user_msg, sizeof(user_msg), "%s%s.", - _("Offline authentication, authentication is denied until: "), - delay_str); - if (ret < 0 || ret >= sizeof(user_msg)) { - D(("snprintf failed.")); - return PAM_SYSTEM_ERR; - } - - ret = do_pam_conversation(pamh, PAM_TEXT_INFO, user_msg, NULL, NULL); - if (ret != PAM_SUCCESS) { - D(("do_pam_conversation failed.")); - return PAM_SYSTEM_ERR; - } - - return PAM_SUCCESS; -} - -static int user_info_offline_chpass(pam_handle_t *pamh, size_t buflen, - uint8_t *buf) -{ - int ret; - - if (buflen != sizeof(uint32_t)) { - D(("User info response data has the wrong size")); - return PAM_BUF_ERR; - } - - ret = do_pam_conversation(pamh, PAM_TEXT_INFO, - _("System is offline, password change not possible"), - NULL, NULL); - if (ret != PAM_SUCCESS) { - D(("do_pam_conversation failed.")); - return PAM_SYSTEM_ERR; - } - - return PAM_SUCCESS; -} - -static int user_info_chpass_error(pam_handle_t *pamh, size_t buflen, - uint8_t *buf) -{ - int ret; - uint32_t msg_len; - char user_msg[256]; - - if (buflen < 2* sizeof(uint32_t)) { - D(("User info response data is too short")); - return PAM_BUF_ERR; - } - - memcpy(&msg_len, buf + sizeof(uint32_t), sizeof(uint32_t)); - - if (buflen != 2* sizeof(uint32_t) + msg_len) { - D(("User info response data has the wrong size")); - return PAM_BUF_ERR; - } - - ret = snprintf(user_msg, sizeof(user_msg), "%s%s%.*s", - _("Password change failed. "), - msg_len > 0 ? _("Server message: ") : "", - msg_len, - msg_len > 0 ? (char *)(buf + 2 * sizeof(uint32_t)) : "" ); - if (ret < 0 || ret >= sizeof(user_msg)) { - D(("snprintf failed.")); - return PAM_SYSTEM_ERR; - } - - ret = do_pam_conversation(pamh, PAM_TEXT_INFO, user_msg, NULL, NULL); - if (ret != PAM_SUCCESS) { - D(("do_pam_conversation failed.")); - return PAM_SYSTEM_ERR; - } - - return PAM_SUCCESS; -} - - -static int eval_user_info_response(pam_handle_t *pamh, size_t buflen, - uint8_t *buf) -{ - int ret; - uint32_t type; - - if (buflen < sizeof(uint32_t)) { - D(("User info response data is too short")); - return PAM_BUF_ERR; - } - - memcpy(&type, buf, sizeof(uint32_t)); - - switch(type) { - case SSS_PAM_USER_INFO_OFFLINE_AUTH: - ret = user_info_offline_auth(pamh, buflen, buf); - break; - case SSS_PAM_USER_INFO_OFFLINE_AUTH_DELAYED: - ret = user_info_offline_auth_delayed(pamh, buflen, buf); - break; - case SSS_PAM_USER_INFO_OFFLINE_CHPASS: - ret = user_info_offline_chpass(pamh, buflen, buf); - break; - case SSS_PAM_USER_INFO_CHPASS_ERROR: - ret = user_info_chpass_error(pamh, buflen, buf); - break; - default: - D(("Unknown user info type [%d]", type)); - ret = PAM_SYSTEM_ERR; - } - - return ret; -} - -static int eval_response(pam_handle_t *pamh, size_t buflen, uint8_t *buf) -{ - int ret; - size_t p=0; - char *env_item; - int32_t c; - int32_t type; - int32_t len; - int32_t pam_status; - - if (buflen < (2*sizeof(int32_t))) { - D(("response buffer is too small")); - return PAM_BUF_ERR; - } - - memcpy(&pam_status, buf+p, sizeof(int32_t)); - p += sizeof(int32_t); - - - memcpy(&c, buf+p, sizeof(int32_t)); - p += sizeof(int32_t); - - while(c>0) { - if (buflen < (p+2*sizeof(int32_t))) { - D(("response buffer is too small")); - return PAM_BUF_ERR; - } - - memcpy(&type, buf+p, sizeof(int32_t)); - p += sizeof(int32_t); - - memcpy(&len, buf+p, sizeof(int32_t)); - p += sizeof(int32_t); - - if (buflen < (p + len)) { - D(("response buffer is too small")); - return PAM_BUF_ERR; - } - - switch(type) { - case SSS_PAM_SYSTEM_INFO: - if (buf[p + (len -1)] != '\0') { - D(("user info does not end with \\0.")); - break; - } - logger(pamh, LOG_INFO, "system info: [%s]", &buf[p]); - break; - case SSS_PAM_DOMAIN_NAME: - D(("domain name: [%s]", &buf[p])); - break; - case SSS_ENV_ITEM: - case SSS_PAM_ENV_ITEM: - case SSS_ALL_ENV_ITEM: - if (buf[p + (len -1)] != '\0') { - D(("env item does not end with \\0.")); - break; - } - - D(("env item: [%s]", &buf[p])); - if (type == SSS_PAM_ENV_ITEM || type == SSS_ALL_ENV_ITEM) { - ret = pam_putenv(pamh, (char *)&buf[p]); - if (ret != PAM_SUCCESS) { - D(("pam_putenv failed.")); - break; - } - } - - if (type == SSS_ENV_ITEM || type == SSS_ALL_ENV_ITEM) { - env_item = strdup((char *)&buf[p]); - if (env_item == NULL) { - D(("strdup failed")); - break; - } - ret = putenv(env_item); - if (ret == -1) { - D(("putenv failed.")); - break; - } - } - break; - case SSS_PAM_USER_INFO: - ret = eval_user_info_response(pamh, len, &buf[p]); - if (ret != PAM_SUCCESS) { - D(("eval_user_info_response failed")); - } - break; - default: - D(("Unknown response type [%d]", type)); - } - p += len; - - --c; - } - - return PAM_SUCCESS; -} - -static int get_pam_items(pam_handle_t *pamh, struct pam_items *pi) -{ - int ret; - - pi->pam_authtok_type = SSS_AUTHTOK_TYPE_EMPTY; - pi->pam_authtok = NULL; - pi->pam_authtok_size = 0; - pi->pam_newauthtok_type = SSS_AUTHTOK_TYPE_EMPTY; - pi->pam_newauthtok = NULL; - pi->pam_newauthtok_size = 0; - - ret = pam_get_item(pamh, PAM_SERVICE, (const void **) &(pi->pam_service)); - if (ret != PAM_SUCCESS) return ret; - if (pi->pam_service == NULL) pi->pam_service=""; - pi->pam_service_size=strlen(pi->pam_service)+1; - - ret = pam_get_item(pamh, PAM_USER, (const void **) &(pi->pam_user)); - if (ret != PAM_SUCCESS) return ret; - if (pi->pam_user == NULL) { - D(("No user found, aborting.")); - return PAM_BAD_ITEM; - } - if (strcmp(pi->pam_user, "root") == 0) { - D(("pam_sss will not handle root.")); - return PAM_USER_UNKNOWN; - } - pi->pam_user_size=strlen(pi->pam_user)+1; - - - ret = pam_get_item(pamh, PAM_TTY, (const void **) &(pi->pam_tty)); - if (ret != PAM_SUCCESS) return ret; - if (pi->pam_tty == NULL) pi->pam_tty=""; - pi->pam_tty_size=strlen(pi->pam_tty)+1; - - ret = pam_get_item(pamh, PAM_RUSER, (const void **) &(pi->pam_ruser)); - if (ret != PAM_SUCCESS) return ret; - if (pi->pam_ruser == NULL) pi->pam_ruser=""; - pi->pam_ruser_size=strlen(pi->pam_ruser)+1; - - ret = pam_get_item(pamh, PAM_RHOST, (const void **) &(pi->pam_rhost)); - if (ret != PAM_SUCCESS) return ret; - if (pi->pam_rhost == NULL) pi->pam_rhost=""; - pi->pam_rhost_size=strlen(pi->pam_rhost)+1; - - ret = pam_get_item(pamh, PAM_AUTHTOK, - (const void **) &(pi->pamstack_authtok)); - if (ret != PAM_SUCCESS) return ret; - if (pi->pamstack_authtok == NULL) pi->pamstack_authtok=""; - - ret = pam_get_item(pamh, PAM_OLDAUTHTOK, - (const void **) &(pi->pamstack_oldauthtok)); - if (ret != PAM_SUCCESS) return ret; - if (pi->pamstack_oldauthtok == NULL) pi->pamstack_oldauthtok=""; - - pi->cli_pid = getpid(); - - pi->login_name = pam_modutil_getlogin(pamh); - if (pi->login_name == NULL) pi->login_name=""; - - return PAM_SUCCESS; -} - -static void print_pam_items(struct pam_items *pi) -{ - if (pi == NULL) return; - - D(("Service: %s", CHECK_AND_RETURN_PI_STRING(pi->pam_service))); - D(("User: %s", CHECK_AND_RETURN_PI_STRING(pi->pam_user))); - D(("Tty: %s", CHECK_AND_RETURN_PI_STRING(pi->pam_tty))); - D(("Ruser: %s", CHECK_AND_RETURN_PI_STRING(pi->pam_ruser))); - D(("Rhost: %s", CHECK_AND_RETURN_PI_STRING(pi->pam_rhost))); - D(("Pamstack_Authtok: %s", - CHECK_AND_RETURN_PI_STRING(pi->pamstack_authtok))); - D(("Pamstack_Oldauthtok: %s", - CHECK_AND_RETURN_PI_STRING(pi->pamstack_oldauthtok))); - D(("Authtok: %s", CHECK_AND_RETURN_PI_STRING(pi->pam_authtok))); - D(("Newauthtok: %s", CHECK_AND_RETURN_PI_STRING(pi->pam_newauthtok))); - D(("Cli_PID: %d", pi->cli_pid)); -} - -static int send_and_receive(pam_handle_t *pamh, struct pam_items *pi, - enum sss_cli_command task) -{ - int ret; - int errnop; - struct sss_cli_req_data rd; - uint8_t *buf = NULL; - uint8_t *repbuf = NULL; - size_t replen; - int pam_status = PAM_SYSTEM_ERR; - - print_pam_items(pi); - - ret = pack_message_v3(pi, &rd.len, &buf); - if (ret != 0) { - D(("pack_message failed.")); - pam_status = PAM_SYSTEM_ERR; - goto done; - } - rd.data = buf; - - ret = sss_pam_make_request(task, &rd, &repbuf, &replen, &errnop); - - if (ret != NSS_STATUS_SUCCESS) { - logger(pamh, LOG_ERR, "Request to sssd failed."); - pam_status = PAM_SYSTEM_ERR; - goto done; - } - -/* FIXME: add an end signature */ - if (replen < (2*sizeof(int32_t))) { - D(("response not in expected format.")); - pam_status = PAM_SYSTEM_ERR; - goto done; - } - - pam_status = ((int32_t *)repbuf)[0]; - ret = eval_response(pamh, replen, repbuf); - if (ret != PAM_SUCCESS) { - D(("eval_response failed.")); - pam_status = ret; - goto done; - } - - switch (task) { - case SSS_PAM_AUTHENTICATE: - logger(pamh, (pam_status == PAM_SUCCESS ? LOG_INFO : LOG_NOTICE), - "authentication %s; logname=%s uid=%lu euid=%d tty=%s " - "ruser=%s rhost=%s user=%s", - pam_status == PAM_SUCCESS ? "success" : "failure", - pi->login_name, getuid(), (unsigned long) geteuid(), - pi->pam_tty, pi->pam_ruser, pi->pam_rhost, pi->pam_user); - if (pam_status != PAM_SUCCESS) { - logger(pamh, LOG_NOTICE, "received for user %s: %d (%s)", - pi->pam_user, pam_status, - pam_strerror(pamh,pam_status)); - } - break; - case SSS_PAM_CHAUTHTOK_PRELIM: - if (pam_status != PAM_SUCCESS) { - logger(pamh, LOG_NOTICE, - "Authentication failed for user %s: %d (%s)", - pi->pam_user, pam_status, - pam_strerror(pamh,pam_status)); - } - break; - case SSS_PAM_CHAUTHTOK: - if (pam_status != PAM_SUCCESS) { - logger(pamh, LOG_NOTICE, - "Password change failed for user %s: %d (%s)", - pi->pam_user, pam_status, - pam_strerror(pamh,pam_status)); - } - break; - case SSS_PAM_ACCT_MGMT: - if (pam_status != PAM_SUCCESS) { - logger(pamh, LOG_NOTICE, - "Access denied for user %s: %d (%s)", - pi->pam_user, pam_status, - pam_strerror(pamh,pam_status)); - } - break; - case SSS_PAM_SETCRED: - case SSS_PAM_OPEN_SESSION: - case SSS_PAM_CLOSE_SESSION: - break; - default: - D(("Illegal task [%d]", task)); - return PAM_SYSTEM_ERR; - } - -done: - if (buf != NULL ) { - _pam_overwrite_n((void *)buf, rd.len); - free(buf); - } - free(repbuf); - - return pam_status; -} - -static int prompt_password(pam_handle_t *pamh, struct pam_items *pi) -{ - int ret; - char *answer = NULL; - - ret = do_pam_conversation(pamh, PAM_PROMPT_ECHO_OFF, _("Password: "), - NULL, &answer); - if (ret != PAM_SUCCESS) { - D(("do_pam_conversation failed.")); - return ret; - } - - if (answer == NULL) { - pi->pam_authtok = NULL; - pi->pam_authtok_type = SSS_AUTHTOK_TYPE_EMPTY; - pi->pam_authtok_size=0; - } else { - pi->pam_authtok = strdup(answer); - _pam_overwrite((void *)answer); - free(answer); - answer=NULL; - if (pi->pam_authtok == NULL) { - return PAM_BUF_ERR; - } - pi->pam_authtok_type = SSS_AUTHTOK_TYPE_PASSWORD; - pi->pam_authtok_size=strlen(pi->pam_authtok); - } - - return PAM_SUCCESS; -} - -static int prompt_new_password(pam_handle_t *pamh, struct pam_items *pi) -{ - int ret; - char *answer = NULL; - - ret = do_pam_conversation(pamh, PAM_PROMPT_ECHO_OFF, - _("New Password: "), - _("Reenter new Password: "), - &answer); - if (ret != PAM_SUCCESS) { - D(("do_pam_conversation failed.")); - return ret; - } - if (answer == NULL) { - pi->pam_newauthtok = NULL; - pi->pam_newauthtok_type = SSS_AUTHTOK_TYPE_EMPTY; - pi->pam_newauthtok_size=0; - } else { - pi->pam_newauthtok = strdup(answer); - _pam_overwrite((void *)answer); - free(answer); - answer=NULL; - if (pi->pam_newauthtok == NULL) { - return PAM_BUF_ERR; - } - pi->pam_newauthtok_type = SSS_AUTHTOK_TYPE_PASSWORD; - pi->pam_newauthtok_size=strlen(pi->pam_newauthtok); - } - - return PAM_SUCCESS; -} - -static void eval_argv(pam_handle_t *pamh, int argc, const char **argv, - uint32_t *flags) -{ - for (; argc-- > 0; ++argv) { - if (strcmp(*argv, "forward_pass") == 0) { - *flags |= FLAGS_FORWARD_PASS; - } else if (strcmp(*argv, "use_first_pass") == 0) { - *flags |= FLAGS_USE_FIRST_PASS; - } else if (strcmp(*argv, "use_authtok") == 0) { - *flags |= FLAGS_USE_AUTHTOK; - } else { - logger(pamh, LOG_WARNING, "unknown option: %s", *argv); - } - } - - return; -} - -static int get_authtok_for_authentication(pam_handle_t *pamh, - struct pam_items *pi, - uint32_t flags) -{ - int ret; - - if (flags & FLAGS_USE_FIRST_PASS) { - pi->pam_authtok_type = SSS_AUTHTOK_TYPE_PASSWORD; - pi->pam_authtok = strdup(pi->pamstack_authtok); - if (pi->pam_authtok == NULL) { - D(("option use_first_pass set, but no password found")); - return PAM_BUF_ERR; - } - pi->pam_authtok_size = strlen(pi->pam_authtok); - } else { - ret = prompt_password(pamh, pi); - if (ret != PAM_SUCCESS) { - D(("failed to get password from user")); - return ret; - } - - if (flags & FLAGS_FORWARD_PASS) { - ret = pam_set_item(pamh, PAM_AUTHTOK, pi->pam_authtok); - if (ret != PAM_SUCCESS) { - D(("Failed to set PAM_AUTHTOK [%s], " - "authtok may not be available for other modules", - pam_strerror(pamh,ret))); - } - } - } - - return PAM_SUCCESS; -} - -static int get_authtok_for_password_change(pam_handle_t *pamh, - struct pam_items *pi, - uint32_t flags, - int pam_flags) -{ - int ret; - - /* we query for the old password during PAM_PRELIM_CHECK to make - * pam_sss work e.g. with pam_cracklib */ - if (pam_flags & PAM_PRELIM_CHECK) { - if (getuid() != 0 && !(flags & FLAGS_USE_FIRST_PASS)) { - ret = prompt_password(pamh, pi); - if (ret != PAM_SUCCESS) { - D(("failed to get password from user")); - return ret; - } - - ret = pam_set_item(pamh, PAM_OLDAUTHTOK, pi->pam_authtok); - if (ret != PAM_SUCCESS) { - D(("Failed to set PAM_OLDAUTHTOK [%s], " - "oldauthtok may not be available", - pam_strerror(pamh,ret))); - return ret; - } - } - - return PAM_SUCCESS; - } - - if (pi->pamstack_oldauthtok == NULL) { - if (getuid() != 0) { - D(("no password found for chauthtok")); - return PAM_BUF_ERR; - } else { - pi->pam_authtok_type = SSS_AUTHTOK_TYPE_EMPTY; - pi->pam_authtok = NULL; - pi->pam_authtok_size = 0; - } - } else { - pi->pam_authtok = strdup(pi->pamstack_oldauthtok); - pi->pam_authtok_type = SSS_AUTHTOK_TYPE_PASSWORD; - pi->pam_authtok_size = strlen(pi->pam_authtok); - } - - if (flags & FLAGS_USE_AUTHTOK) { - pi->pam_newauthtok_type = SSS_AUTHTOK_TYPE_PASSWORD; - pi->pam_newauthtok = strdup(pi->pamstack_authtok); - if (pi->pam_newauthtok == NULL) { - D(("option use_authtok set, but no new password found")); - return PAM_BUF_ERR; - } - pi->pam_newauthtok_size = strlen(pi->pam_newauthtok); - } else { - ret = prompt_new_password(pamh, pi); - if (ret != PAM_SUCCESS) { - D(("failed to get new password from user")); - return ret; - } - - if (flags & FLAGS_FORWARD_PASS) { - ret = pam_set_item(pamh, PAM_AUTHTOK, pi->pam_newauthtok); - if (ret != PAM_SUCCESS) { - D(("Failed to set PAM_AUTHTOK [%s], " - "oldauthtok may not be available", - pam_strerror(pamh,ret))); - } - } - } - - return PAM_SUCCESS; -} - -static int pam_sss(enum sss_cli_command task, pam_handle_t *pamh, - int pam_flags, int argc, const char **argv) -{ - int ret; - struct pam_items pi; - uint32_t flags = 0; - - bindtextdomain(PACKAGE, LOCALEDIR); - - D(("Hello pam_sssd: %d", task)); - - eval_argv(pamh, argc, argv, &flags); - - ret = get_pam_items(pamh, &pi); - if (ret != PAM_SUCCESS) { - D(("get items returned error: %s", pam_strerror(pamh,ret))); - return ret; - } - - - switch(task) { - case SSS_PAM_AUTHENTICATE: - ret = get_authtok_for_authentication(pamh, &pi, flags); - if (ret != PAM_SUCCESS) { - D(("failed to get authentication token: %s", - pam_strerror(pamh, ret))); - return ret; - } - break; - case SSS_PAM_CHAUTHTOK: - ret = get_authtok_for_password_change(pamh, &pi, flags, pam_flags); - if (ret != PAM_SUCCESS) { - D(("failed to get tokens for password change: %s", - pam_strerror(pamh, ret))); - return ret; - } - if (pam_flags & PAM_PRELIM_CHECK) { - task = SSS_PAM_CHAUTHTOK_PRELIM; - } - break; - case SSS_PAM_ACCT_MGMT: - case SSS_PAM_SETCRED: - case SSS_PAM_OPEN_SESSION: - case SSS_PAM_CLOSE_SESSION: - break; - default: - D(("Illegal task [%d]", task)); - return PAM_SYSTEM_ERR; - } - - ret = send_and_receive(pamh, &pi, task); - - if (ret == PAM_AUTHTOK_EXPIRED && task == SSS_PAM_AUTHENTICATE) { - D(("Authtoken expired, trying to change it")); - ret = do_pam_conversation(pamh, PAM_ERROR_MSG, - _("Password has expired."), NULL, NULL); - if (ret != PAM_SUCCESS) { - D(("do_pam_conversation failed.")); - return PAM_SYSTEM_ERR; - } - - pi.pamstack_oldauthtok = pi.pam_authtok; - ret = get_authtok_for_password_change(pamh, &pi, flags, pam_flags); - if (ret != PAM_SUCCESS) { - D(("failed to get tokens for password change: %s", - pam_strerror(pamh, ret))); - return ret; - } - - ret = send_and_receive(pamh, &pi, SSS_PAM_CHAUTHTOK); - } - - overwrite_and_free_authtoks(&pi); - - return ret; -} - -PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, - const char **argv ) -{ - return pam_sss(SSS_PAM_AUTHENTICATE, pamh, flags, argc, argv); -} - - -PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, - const char **argv ) -{ - return pam_sss(SSS_PAM_SETCRED, pamh, flags, argc, argv); -} - -PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, - const char **argv ) -{ - return pam_sss(SSS_PAM_ACCT_MGMT, pamh, flags, argc, argv); -} - -PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, - const char **argv ) -{ - return pam_sss(SSS_PAM_CHAUTHTOK, pamh, flags, argc, argv); -} - -PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, - const char **argv ) -{ - return pam_sss(SSS_PAM_OPEN_SESSION, pamh, flags, argc, argv); -} - -PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, - const char **argv ) -{ - return pam_sss(SSS_PAM_CLOSE_SESSION, pamh, flags, argc, argv); -} - - -#ifdef PAM_STATIC - -/* static module data */ - -struct pam_module _pam_sssd_modstruct ={ - "pam_sssd", - pam_sm_authenticate, - pam_sm_setcred, - pam_sm_acct_mgmt, - pam_sm_open_session, - pam_sm_close_session, - pam_sm_chauthtok -}; - -#endif diff --git a/sss_client/pam_test_client.c b/sss_client/pam_test_client.c deleted file mode 100644 index a088981bc..000000000 --- a/sss_client/pam_test_client.c +++ /dev/null @@ -1,95 +0,0 @@ -/* - Authors: - Sumit Bose - - Copyright (C) 2009 Red Hat - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see . -*/ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include - -#include -#include - -static struct pam_conv conv = { - misc_conv, - NULL -}; - -int main(int argc, char *argv[]) { - - pam_handle_t *pamh; - char *user; - char *action; - int ret; - - if (argc == 1) { - fprintf(stderr, "missing action and user name, using default\n"); - action = strdup("auth"); - user = strdup("dummy"); - } else if (argc == 2) { - fprintf(stdout, "using first argument as action and default user name\n"); - action = strdup(argv[1]); - user = strdup("dummy"); - } else { - action = strdup(argv[1]); - user = strdup(argv[2]); - } - - fprintf(stdout, "action: %s\nuser: %s\n", action,user); - - ret = pam_start("sss_test", user, &conv, &pamh); - if (ret != PAM_SUCCESS) { - fprintf(stderr, "pam_start failed: %s\n", pam_strerror(pamh, ret)); - return 1; - } - - if ( strncmp(action, "auth", 4)== 0 ) { - fprintf(stdout, "testing pam_authenticate\n"); - ret = pam_authenticate(pamh, 0); - fprintf(stderr, "pam_authenticate: %s\n", pam_strerror(pamh, ret)); - } else if ( strncmp(action, "chau", 4)== 0 ) { - fprintf(stdout, "testing pam_chauthtok\n"); - ret = pam_chauthtok(pamh, 0); - fprintf(stderr, "pam_chauthtok: %s\n", pam_strerror(pamh, ret)); - } else if ( strncmp(action, "acct", 4)== 0 ) { - fprintf(stdout, "testing pam_acct_mgmt\n"); - ret = pam_acct_mgmt(pamh, 0); - fprintf(stderr, "pam_acct_mgmt: %s\n", pam_strerror(pamh, ret)); - } else if ( strncmp(action, "setc", 4)== 0 ) { - fprintf(stdout, "testing pam_setcred\n"); - ret = pam_setcred(pamh, 0); - fprintf(stderr, "pam_setcred: %d[%s]\n", ret, pam_strerror(pamh, ret)); - } else if ( strncmp(action, "open", 4)== 0 ) { - fprintf(stdout, "testing pam_open_session\n"); - ret = pam_open_session(pamh, 0); - fprintf(stderr, "pam_open_session: %s\n", pam_strerror(pamh, ret)); - } else if ( strncmp(action, "clos", 4)== 0 ) { - fprintf(stdout, "testing pam_close_session\n"); - ret = pam_close_session(pamh, 0); - fprintf(stderr, "pam_close_session: %s\n", pam_strerror(pamh, ret)); - } else { - fprintf(stderr, "unknown action\n"); - } - - pam_end(pamh, ret); - - return 0; -} diff --git a/sss_client/passwd.c b/sss_client/passwd.c deleted file mode 100644 index 0d70b6843..000000000 --- a/sss_client/passwd.c +++ /dev/null @@ -1,373 +0,0 @@ -/* - * System Security Services Daemon. NSS client interface - * - * Copyright (C) Simo Sorce 2007 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of the - * License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - */ - -/* PASSWD database NSS interface */ - -#include -#include -#include -#include -#include -#include -#include -#include "sss_cli.h" - -static struct sss_nss_getpwent_data { - size_t len; - size_t ptr; - uint8_t *data; -} sss_nss_getpwent_data; - -static void sss_nss_getpwent_data_clean(void) { - - if (sss_nss_getpwent_data.data != NULL) { - free(sss_nss_getpwent_data.data); - sss_nss_getpwent_data.data = NULL; - } - sss_nss_getpwent_data.len = 0; - sss_nss_getpwent_data.ptr = 0; -} - -/* GETPWNAM Request: - * - * 0-X: string with name - * - * GERTPWUID Request: - * - * 0-3: 32bit number with uid - * - * Replies: - * - * 0-3: 32bit unsigned number of results - * 4-7: 32bit unsigned (reserved/padding) - * For each result: - * 0-3: 32bit number uid - * 4-7: 32bit number gid - * 8-X: sequence of 5, 0 terminated, strings (name, passwd, gecos, dir, shell) - */ - -struct sss_nss_pw_rep { - struct passwd *result; - char *buffer; - size_t buflen; -}; - -static int sss_nss_getpw_readrep(struct sss_nss_pw_rep *pr, - uint8_t *buf, size_t *len) -{ - size_t i, slen, dlen; - char *sbuf; - - if (*len < 13) { /* not enough space for data, bad packet */ - return EBADMSG; - } - - pr->result->pw_uid = ((uint32_t *)buf)[0]; - pr->result->pw_gid = ((uint32_t *)buf)[1]; - - sbuf = (char *)&buf[8]; - slen = *len - 8; - dlen = pr->buflen; - - i = 0; - pr->result->pw_name = &(pr->buffer[i]); - while (slen > i && dlen > 0) { - pr->buffer[i] = sbuf[i]; - if (pr->buffer[i] == '\0') break; - i++; - dlen--; - } - if (slen <= i) { /* premature end of buf */ - return EBADMSG; - } - if (dlen <= 0) { /* not enough memory */ - return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ - } - i++; - dlen--; - - pr->result->pw_passwd = &(pr->buffer[i]); - while (slen > i && dlen > 0) { - pr->buffer[i] = sbuf[i]; - if (pr->buffer[i] == '\0') break; - i++; - dlen--; - } - if (slen <= i) { /* premature end of buf */ - return EBADMSG; - } - if (dlen <= 0) { /* not enough memory */ - return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ - } - i++; - dlen--; - - pr->result->pw_gecos = &(pr->buffer[i]); - while (slen > i && dlen > 0) { - pr->buffer[i] = sbuf[i]; - if (pr->buffer[i] == '\0') break; - i++; - dlen--; - } - if (slen <= i) { /* premature end of buf */ - return EBADMSG; - } - if (dlen <= 0) { /* not enough memory */ - return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ - } - i++; - dlen--; - - pr->result->pw_dir = &(pr->buffer[i]); - while (slen > i && dlen > 0) { - pr->buffer[i] = sbuf[i]; - if (pr->buffer[i] == '\0') break; - i++; - dlen--; - } - if (slen <= i) { /* premature end of buf */ - return EBADMSG; - } - if (dlen <= 0) { /* not enough memory */ - return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ - } - i++; - dlen--; - - pr->result->pw_shell = &(pr->buffer[i]); - while (slen > i && dlen > 0) { - pr->buffer[i] = sbuf[i]; - if (pr->buffer[i] == '\0') break; - i++; - dlen--; - } - if (slen <= i) { /* premature end of buf */ - return EBADMSG; - } - if (dlen <= 0) { /* not enough memory */ - return ERANGE; /* not ENOMEM, ERANGE is what glibc looks for */ - } - - *len = slen -i -1; - - return 0; -} - -enum nss_status _nss_sss_getpwnam_r(const char *name, struct passwd *result, - char *buffer, size_t buflen, int *errnop) -{ - struct sss_cli_req_data rd; - struct sss_nss_pw_rep pwrep; - uint8_t *repbuf; - size_t replen, len; - enum nss_status nret; - int ret; - - /* Caught once glibc passing in buffer == 0x0 */ - if (!buffer || !buflen) return ERANGE; - - rd.len = strlen(name) + 1; - rd.data = name; - - nret = sss_nss_make_request(SSS_NSS_GETPWNAM, &rd, - &repbuf, &replen, errnop); - if (nret != NSS_STATUS_SUCCESS) { - return nret; - } - - pwrep.result = result; - pwrep.buffer = buffer; - pwrep.buflen = buflen; - - /* no results if not found */ - if (((uint32_t *)repbuf)[0] == 0) { - free(repbuf); - return NSS_STATUS_NOTFOUND; - } - - /* only 1 result is accepted for this function */ - if (((uint32_t *)repbuf)[0] != 1) { - *errnop = EBADMSG; - return NSS_STATUS_TRYAGAIN; - } - - len = replen - 8; - ret = sss_nss_getpw_readrep(&pwrep, repbuf+8, &len); - free(repbuf); - if (ret) { - *errnop = ret; - return NSS_STATUS_TRYAGAIN; - } - - return NSS_STATUS_SUCCESS; -} - -enum nss_status _nss_sss_getpwuid_r(uid_t uid, struct passwd *result, - char *buffer, size_t buflen, int *errnop) -{ - struct sss_cli_req_data rd; - struct sss_nss_pw_rep pwrep; - uint8_t *repbuf; - size_t replen, len; - enum nss_status nret; - uint32_t user_uid; - int ret; - - /* Caught once glibc passing in buffer == 0x0 */ - if (!buffer || !buflen) return ERANGE; - - user_uid = uid; - rd.len = sizeof(uint32_t); - rd.data = &user_uid; - - nret = sss_nss_make_request(SSS_NSS_GETPWUID, &rd, - &repbuf, &replen, errnop); - if (nret != NSS_STATUS_SUCCESS) { - return nret; - } - - pwrep.result = result; - pwrep.buffer = buffer; - pwrep.buflen = buflen; - - /* no results if not found */ - if (((uint32_t *)repbuf)[0] == 0) { - free(repbuf); - return NSS_STATUS_NOTFOUND; - } - - /* only 1 result is accepted for this function */ - if (((uint32_t *)repbuf)[0] != 1) { - *errnop = EBADMSG; - return NSS_STATUS_TRYAGAIN; - } - - len = replen - 8; - ret = sss_nss_getpw_readrep(&pwrep, repbuf+8, &len); - free(repbuf); - if (ret) { - *errnop = ret; - return NSS_STATUS_TRYAGAIN; - } - - return NSS_STATUS_SUCCESS; -} - -enum nss_status _nss_sss_setpwent(void) -{ - enum nss_status nret; - int errnop; - - /* make sure we do not have leftovers, and release memory */ - sss_nss_getpwent_data_clean(); - - nret = sss_nss_make_request(SSS_NSS_SETPWENT, - NULL, NULL, NULL, &errnop); - if (nret != NSS_STATUS_SUCCESS) { - errno = errnop; - return nret; - } - - return NSS_STATUS_SUCCESS; -} - -enum nss_status _nss_sss_getpwent_r(struct passwd *result, - char *buffer, size_t buflen, - int *errnop) -{ - struct sss_cli_req_data rd; - struct sss_nss_pw_rep pwrep; - uint8_t *repbuf; - size_t replen; - enum nss_status nret; - uint32_t num_entries; - int ret; - - /* Caught once glibc passing in buffer == 0x0 */ - if (!buffer || !buflen) return ERANGE; - - /* if there are leftovers return the next one */ - if (sss_nss_getpwent_data.data != NULL && - sss_nss_getpwent_data.ptr < sss_nss_getpwent_data.len) { - - repbuf = sss_nss_getpwent_data.data + sss_nss_getpwent_data.ptr; - replen = sss_nss_getpwent_data.len - sss_nss_getpwent_data.ptr; - - pwrep.result = result; - pwrep.buffer = buffer; - pwrep.buflen = buflen; - - ret = sss_nss_getpw_readrep(&pwrep, repbuf, &replen); - if (ret) { - *errnop = ret; - return NSS_STATUS_TRYAGAIN; - } - - /* advance buffer pointer */ - sss_nss_getpwent_data.ptr = sss_nss_getpwent_data.len - replen; - - return NSS_STATUS_SUCCESS; - } - - /* release memory if any */ - sss_nss_getpwent_data_clean(); - - /* retrieve no more than SSS_NSS_MAX_ENTRIES at a time */ - num_entries = SSS_NSS_MAX_ENTRIES; - rd.len = sizeof(uint32_t); - rd.data = &num_entries; - - nret = sss_nss_make_request(SSS_NSS_GETPWENT, &rd, - &repbuf, &replen, errnop); - if (nret != NSS_STATUS_SUCCESS) { - return nret; - } - - /* no results if not found */ - if ((((uint32_t *)repbuf)[0] == 0) || (replen - 8 == 0)) { - free(repbuf); - return NSS_STATUS_NOTFOUND; - } - - sss_nss_getpwent_data.data = repbuf; - sss_nss_getpwent_data.len = replen; - sss_nss_getpwent_data.ptr = 8; /* skip metadata fields */ - - /* call again ourselves, this will return the first result */ - return _nss_sss_getpwent_r(result, buffer, buflen, errnop); -} - -enum nss_status _nss_sss_endpwent(void) -{ - enum nss_status nret; - int errnop; - - /* make sure we do not have leftovers, and release memory */ - sss_nss_getpwent_data_clean(); - - nret = sss_nss_make_request(SSS_NSS_ENDPWENT, - NULL, NULL, NULL, &errnop); - if (nret != NSS_STATUS_SUCCESS) { - errno = errnop; - return nret; - } - - return NSS_STATUS_SUCCESS; -} diff --git a/sss_client/po/LINGUAS b/sss_client/po/LINGUAS deleted file mode 100644 index 123c64cac..000000000 --- a/sss_client/po/LINGUAS +++ /dev/null @@ -1,10 +0,0 @@ -es -pl -fr -it -ja -nl -pt -de -sv - diff --git a/sss_client/po/Makevars b/sss_client/po/Makevars deleted file mode 100644 index 1c2ad2ba3..000000000 --- a/sss_client/po/Makevars +++ /dev/null @@ -1,41 +0,0 @@ -# Makefile variables for PO directory in any package using GNU gettext. - -# Usually the message domain is the same as the package name. -DOMAIN = $(PACKAGE) - -# These two variables depend on the location of this directory. -subdir = po -top_builddir = .. - -# These options get passed to xgettext. -XGETTEXT_OPTIONS = --keyword=_ --keyword=N_ - -# This is the copyright holder that gets inserted into the header of the -# $(DOMAIN).pot file. Set this to the copyright holder of the surrounding -# package. (Note that the msgstr strings, extracted from the package's -# sources, belong to the copyright holder of the package.) Translators are -# expected to transfer the copyright for their translations to this person -# or entity, or to disclaim their copyright. The empty string stands for -# the public domain; in this case the translators are expected to disclaim -# their copyright. -COPYRIGHT_HOLDER = Red Hat, Inc. - -# This is the email address or URL to which the translators shall report -# bugs in the untranslated strings: -# - Strings which are not entire sentences, see the maintainer guidelines -# in the GNU gettext documentation, section 'Preparing Strings'. -# - Strings which use unclear terms or require additional context to be -# understood. -# - Strings which make invalid assumptions about notation of date, time or -# money. -# - Pluralisation problems. -# - Incorrect English spelling. -# - Incorrect formatting. -# It can be your email address, or a mailing list address where translators -# can write to without being subscribed, or the URL of a web page through -# which the translators can contact you. -MSGID_BUGS_ADDRESS = sssd-devel@lists.fedorahosted.org - -# This is the list of locale categories, beyond LC_MESSAGES, for which the -# message catalogs shall be used. It is usually empty. -EXTRA_LOCALE_CATEGORIES = diff --git a/sss_client/po/POTFILES.in b/sss_client/po/POTFILES.in deleted file mode 100644 index feeb0049c..000000000 --- a/sss_client/po/POTFILES.in +++ /dev/null @@ -1,6 +0,0 @@ -# List of source files which contain translatable strings. -common.c -group.c -pam_sss.c -pam_test_client.c -passwd.c diff --git a/sss_client/po/de.po b/sss_client/po/de.po deleted file mode 100644 index 68f344266..000000000 --- a/sss_client/po/de.po +++ /dev/null @@ -1,46 +0,0 @@ -# German translation of SSSd client. -# Copyright (C) 2009 Red Hat, Inc. -# This file is distributed under the same license as the sssd package. -# -# Fabian Affolter , 2009. -# -msgid "" -msgstr "" -"Project-Id-Version: SSSD Client\n" -"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2010-02-05 09:37-0500\n" -"PO-Revision-Date: 2009-12-09 11:18+0100\n" -"Last-Translator: Fabian Affolter \n" -"Language-Team: German \n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=utf-8\n" -"Content-Transfer-Encoding: 8bit\n" -"X-Poedit-Language: German\n" - -#: pam_sss.c:336 -msgid "Passwords do not match" -msgstr "Passwörter stimmen nicht überein" - -#: pam_sss.c:405 -msgid "Offline authentication" -msgstr "" - -#: pam_sss.c:406 -msgid ", your cached password will expire at: " -msgstr "" - -#: pam_sss.c:730 -msgid "Password: " -msgstr "Passwort: " - -#: pam_sss.c:762 -msgid "New Password: " -msgstr "Neues Passwort: " - -#: pam_sss.c:763 -msgid "Reenter new Password: " -msgstr "Neues Passwort noch einmal eingeben: " - -#: pam_sss.c:967 -msgid "Password has expired." -msgstr "Passwort ist abgelaufen." diff --git a/sss_client/po/es.po b/sss_client/po/es.po deleted file mode 100644 index be67efe3b..000000000 --- a/sss_client/po/es.po +++ /dev/null @@ -1,46 +0,0 @@ -# English translations for sss_client package. -# Copyright (C) 2009 Red Hat, Inc. -# This file is distributed under the same license as the sss_client package. -# Automatically generated, 2009. -# -msgid "" -msgstr "" -"Project-Id-Version: sss_client 0.4.0\n" -"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2010-02-05 09:37-0500\n" -"PO-Revision-Date: 2009-12-08 15:37-0300\n" -"Last-Translator: Domingo Becker \n" -"Language-Team: Transifex Spanish\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" -"X-Poedit-Language: Spanish\n" - -#: pam_sss.c:336 -msgid "Passwords do not match" -msgstr "Las contraseñas no coinciden" - -#: pam_sss.c:405 -msgid "Offline authentication" -msgstr "" - -#: pam_sss.c:406 -msgid ", your cached password will expire at: " -msgstr "" - -#: pam_sss.c:730 -msgid "Password: " -msgstr "Contraseña: " - -#: pam_sss.c:762 -msgid "New Password: " -msgstr "Nueva contraseña: " - -#: pam_sss.c:763 -msgid "Reenter new Password: " -msgstr "Reingrese la contraseña nueva:" - -#: pam_sss.c:967 -msgid "Password has expired." -msgstr "La contraseña ha expirado." diff --git a/sss_client/po/fr.po b/sss_client/po/fr.po deleted file mode 100644 index 657e3f403..000000000 --- a/sss_client/po/fr.po +++ /dev/null @@ -1,44 +0,0 @@ -# French translation of SSS Client -# Copyright (C) 2009 Red Hat, Inc. -# This file is distributed under the same license as the SSSD package. -# Pablo Martin-Gomez , 2009. -# -msgid "" -msgstr "" -"Project-Id-Version: fr\n" -"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2010-02-05 09:37-0500\n" -"PO-Revision-Date: 2009-11-17 21:05+0100\n" -"Last-Translator: Pablo Martin-Gomez \n" -"Language-Team: Français \n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" - -#: pam_sss.c:336 -msgid "Passwords do not match" -msgstr "Les mots de passe ne correspondent pas" - -#: pam_sss.c:405 -msgid "Offline authentication" -msgstr "" - -#: pam_sss.c:406 -msgid ", your cached password will expire at: " -msgstr "" - -#: pam_sss.c:730 -msgid "Password: " -msgstr "Mot de passe : " - -#: pam_sss.c:762 -msgid "New Password: " -msgstr "Nouveau mot de passe : " - -#: pam_sss.c:763 -msgid "Reenter new Password: " -msgstr "Retaper le nouveau mot de passe : " - -#: pam_sss.c:967 -msgid "Password has expired." -msgstr "Le mot de passe a expiré." diff --git a/sss_client/po/it.po b/sss_client/po/it.po deleted file mode 100644 index a78bb2435..000000000 --- a/sss_client/po/it.po +++ /dev/null @@ -1,47 +0,0 @@ -# Italian translations for sss_client package. -# Copyright (C) 2009 Red Hat, Inc. -# This file is distributed under the same license as the sss_client package. -# Marina Latini , 2009. -# -msgid "" -msgstr "" -"Project-Id-Version: it\n" -"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2010-02-05 09:37-0500\n" -"PO-Revision-Date: \n" -"Last-Translator: Marina Latini \n" -"Language-Team: Italian \n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"X-Poedit-Language: Italian\n" -"X-Poedit-Country: ITALY\n" -"X-Poedit-SourceCharset: utf-8\n" - -#: pam_sss.c:336 -msgid "Passwords do not match" -msgstr "Le password non coincidono" - -#: pam_sss.c:405 -msgid "Offline authentication" -msgstr "" - -#: pam_sss.c:406 -msgid ", your cached password will expire at: " -msgstr "" - -#: pam_sss.c:730 -msgid "Password: " -msgstr "Password: " - -#: pam_sss.c:762 -msgid "New Password: " -msgstr "Nuova password: " - -#: pam_sss.c:763 -msgid "Reenter new Password: " -msgstr "reinserire la nuova password: " - -#: pam_sss.c:967 -msgid "Password has expired." -msgstr "La password è scaduta." diff --git a/sss_client/po/ja.po b/sss_client/po/ja.po deleted file mode 100644 index 527815b96..000000000 --- a/sss_client/po/ja.po +++ /dev/null @@ -1,46 +0,0 @@ -# translation of sss_client_ja.po to Japanese -# Copyright (C) YEAR Red Hat, Inc. -# This file is distributed under the same license as the PACKAGE package. -# -# Noriko Mizumoto , 2009. -msgid "" -msgstr "" -"Project-Id-Version: sss_client_ja\n" -"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2010-02-05 09:37-0500\n" -"PO-Revision-Date: 2009-11-18 09:47+1000\n" -"Last-Translator: Noriko Mizumoto \n" -"Language-Team: Japanese \n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"X-Generator: KBabel 1.11.4\n" -"Plural-Forms: nplurals=1; plural=0;\n" - -#: pam_sss.c:336 -msgid "Passwords do not match" -msgstr "" - -#: pam_sss.c:405 -msgid "Offline authentication" -msgstr "" - -#: pam_sss.c:406 -msgid ", your cached password will expire at: " -msgstr "" - -#: pam_sss.c:730 -msgid "Password: " -msgstr "" - -#: pam_sss.c:762 -msgid "New Password: " -msgstr "" - -#: pam_sss.c:763 -msgid "Reenter new Password: " -msgstr "" - -#: pam_sss.c:967 -msgid "Password has expired." -msgstr "" diff --git a/sss_client/po/nl.po b/sss_client/po/nl.po deleted file mode 100644 index 5c2d39719..000000000 --- a/sss_client/po/nl.po +++ /dev/null @@ -1,46 +0,0 @@ -# translation of sssd.master.sss_client.po to Dutch -# Copyright (C) YEAR Red Hat, Inc. -# This file is distributed under the same license as the PACKAGE package. -# -# Richard van der Luit , 2009. -msgid "" -msgstr "" -"Project-Id-Version: sssd.master.sss_client\n" -"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2010-02-05 09:37-0500\n" -"PO-Revision-Date: 2009-11-19 13:14+0100\n" -"Last-Translator: Richard van der Luit \n" -"Language-Team: Dutch \n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"X-Generator: KBabel 1.11.4\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#: pam_sss.c:336 -msgid "Passwords do not match" -msgstr "Wachtwoorden komen niet overeen" - -#: pam_sss.c:405 -msgid "Offline authentication" -msgstr "" - -#: pam_sss.c:406 -msgid ", your cached password will expire at: " -msgstr "" - -#: pam_sss.c:730 -msgid "Password: " -msgstr "Wachtwoord: " - -#: pam_sss.c:762 -msgid "New Password: " -msgstr "Nieuw Wachtwoord: " - -#: pam_sss.c:763 -msgid "Reenter new Password: " -msgstr "Voer nieuw wachtwoord nogmaals in: " - -#: pam_sss.c:967 -msgid "Password has expired." -msgstr "Wachtwoord is verlopen." diff --git a/sss_client/po/pl.po b/sss_client/po/pl.po deleted file mode 100644 index c8b1b479c..000000000 --- a/sss_client/po/pl.po +++ /dev/null @@ -1,42 +0,0 @@ -# translation of pl.po to Polish -# Piotr Drąg , 2009. -# -msgid "" -msgstr "" -"Project-Id-Version: pl\n" -"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2010-02-05 09:37-0500\n" -"PO-Revision-Date: 2010-02-06 01:00+0100\n" -"Last-Translator: Piotr Drąg \n" -"Language-Team: Polish \n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" - -#: pam_sss.c:336 -msgid "Passwords do not match" -msgstr "Hasła nie zgadzają się" - -#: pam_sss.c:405 -msgid "Offline authentication" -msgstr "Uwierzytelnienie w trybie offline" - -#: pam_sss.c:406 -msgid ", your cached password will expire at: " -msgstr ", hasło w pamięci podręcznej wygaśnie za: " - -#: pam_sss.c:730 -msgid "Password: " -msgstr "Hasło: " - -#: pam_sss.c:762 -msgid "New Password: " -msgstr "Nowe hasło: " - -#: pam_sss.c:763 -msgid "Reenter new Password: " -msgstr "Proszę ponownie podać nowe hasło: " - -#: pam_sss.c:967 -msgid "Password has expired." -msgstr "Hasło wygasło." diff --git a/sss_client/po/pt.po b/sss_client/po/pt.po deleted file mode 100644 index 9fd869020..000000000 --- a/sss_client/po/pt.po +++ /dev/null @@ -1,46 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR Red Hat, Inc. -# This file is distributed under the same license as the PACKAGE package. -# FIRST AUTHOR , YEAR. -# -msgid "" -msgstr "" -"Project-Id-Version: sssd.master.sss_client\n" -"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2010-02-05 09:37-0500\n" -"PO-Revision-Date: 2009-12-08 17:32+0100\n" -"Last-Translator: Rui Gouveia \n" -"Language-Team: PT \n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" -"X-Poedit-Language: Portuguese\n" -"X-Poedit-Country: PORTUGAL\n" - -#: pam_sss.c:336 -msgid "Passwords do not match" -msgstr "Senhas não coincidem" - -#: pam_sss.c:405 -msgid "Offline authentication" -msgstr "" - -#: pam_sss.c:406 -msgid ", your cached password will expire at: " -msgstr "" - -#: pam_sss.c:730 -msgid "Password: " -msgstr "Senha: " - -#: pam_sss.c:762 -msgid "New Password: " -msgstr "Nova Senha: " - -#: pam_sss.c:763 -msgid "Reenter new Password: " -msgstr "Digite a senha novamente: " - -#: pam_sss.c:967 -msgid "Password has expired." -msgstr "Senha expirou." diff --git a/sss_client/po/sss_client.pot b/sss_client/po/sss_client.pot deleted file mode 100644 index 6d8e2a67c..000000000 --- a/sss_client/po/sss_client.pot +++ /dev/null @@ -1,45 +0,0 @@ -# SOME DESCRIPTIVE TITLE. -# Copyright (C) YEAR Red Hat, Inc. -# This file is distributed under the same license as the PACKAGE package. -# FIRST AUTHOR , YEAR. -# -#, fuzzy -msgid "" -msgstr "" -"Project-Id-Version: PACKAGE VERSION\n" -"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2010-02-05 09:37-0500\n" -"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" -"Last-Translator: FULL NAME \n" -"Language-Team: LANGUAGE \n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=CHARSET\n" -"Content-Transfer-Encoding: 8bit\n" - -#: pam_sss.c:336 -msgid "Passwords do not match" -msgstr "" - -#: pam_sss.c:405 -msgid "Offline authentication" -msgstr "" - -#: pam_sss.c:406 -msgid ", your cached password will expire at: " -msgstr "" - -#: pam_sss.c:730 -msgid "Password: " -msgstr "" - -#: pam_sss.c:762 -msgid "New Password: " -msgstr "" - -#: pam_sss.c:763 -msgid "Reenter new Password: " -msgstr "" - -#: pam_sss.c:967 -msgid "Password has expired." -msgstr "" diff --git a/sss_client/po/sv.po b/sss_client/po/sv.po deleted file mode 100644 index 32c45e1aa..000000000 --- a/sss_client/po/sv.po +++ /dev/null @@ -1,44 +0,0 @@ -# Swedish messages for sssd client. -# Copyright 2009 Red Hat, Inc. -# This file is distributed under the same license as the sssd package. -# Göran Uddeborg , 2009. -# -msgid "" -msgstr "" -"Project-Id-Version: sss_client\n" -"Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n" -"POT-Creation-Date: 2010-02-05 09:37-0500\n" -"PO-Revision-Date: 2009-12-09 20:52+0100\n" -"Last-Translator: Göran Uddeborg \n" -"Language-Team: Swedish \n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=UTF-8\n" -"Content-Transfer-Encoding: 8bit\n" - -#: pam_sss.c:336 -msgid "Passwords do not match" -msgstr "Lösenorden stämmer inte överens" - -#: pam_sss.c:405 -msgid "Offline authentication" -msgstr "" - -#: pam_sss.c:406 -msgid ", your cached password will expire at: " -msgstr "" - -#: pam_sss.c:730 -msgid "Password: " -msgstr "Lösenord: " - -#: pam_sss.c:762 -msgid "New Password: " -msgstr "Nytt lösenord: " - -#: pam_sss.c:763 -msgid "Reenter new Password: " -msgstr "Skriv det nya lösenordet igen: " - -#: pam_sss.c:967 -msgid "Password has expired." -msgstr "Lösenordet har gått ut." diff --git a/sss_client/protos.h b/sss_client/protos.h deleted file mode 100644 index adb0b7bb7..000000000 --- a/sss_client/protos.h +++ /dev/null @@ -1,137 +0,0 @@ -/* - * System Security Services Daemon. NSS Interface - * - * Copyright (C) Simo Sorce 2007 - * - * You can used this header file in any way you see fit provided copyright - * notices are preserved. - * - */ - -#if 0 -/* SHADOW database NSS interface */ -enum nss_status _nss_sss_getspnam_r(const char *name, struct spwd *result, - char *buffer, size_t buflen, int *errnop); -enum nss_status _nss_sss_setspent(void); -enum nss_status _nss_sss_getspent_r(struct spwd *result, - char *buffer, size_t buflen, int *errnop); -enum nss_status _nss_sss_endspent(void); - - -/* HOSTS database NSS interface */ -enum nss_status _nss_sss_gethostbyname_r(const char *name, - struct hostent *result, - char *buffer, size_t buflen, - int *errnop, int *h_errnop); -enum nss_status _nss_sss_gethostbyname2_r(const char *name, int af, - struct hostent *result, - char *buffer, size_t buflen, - int *errnop, int *h_errnop); -enum nss_status _nss_sss_gethostbyaddr_r(const void *addr, socklen_t len, - int af, struct hostent *result, - char *buffer, size_t buflen, - int *errnop, int *h_errnop); -enum nss_status _nss_sss_sethostent(void); -enum nss_status _nss_sss_gethostent_r(struct hostent *result, - char *buffer, size_t buflen, - int *errnop, int *h_errnop); -enum nss_status _nss_sss_endhostent(void); - -/* NETGROUP database NSS interface */ -enum nss_status _nss_sss_setnetgrent(const char *netgroup, - struct __netgrent *result); -enum nss_status _nss_sss_getnetgrent_r(struct __netgrent *result, - char *buffer, size_t buflen, - int *errnop); -enum nss_status _nss_ldap_endnetgrent(void); -/* too bad innetgr is currently implemented as an iteration over - * {set|get|end}netgroup ... */ - -/* NETWORKS database NSS interface */ -enum nss_status _nss_sss_getnetbyname_r(const char *name, - struct netent *result, - char *buffer, size_t buflen, - int *errnop, int *h_errnop); -enum nss_status _nss_sss_getnetbyaddr_r(uint32_t addr, int af, - struct netent *result, - char *buffer, size_t buflen, - int *errnop, int *h_errnop); -enum nss_status _nss_sss_setnetent(void); -enum nss_status _nss_sss_getnetent_r(struct netent *result, - char *buffer, size_t buflen, - int *errnop, int *h_errnop); -enum nss_status _nss_sss_endnetent(void); - - -/* PROTOCOLS database NSS interface */ -enum nss_status _nss_sss_getprotobyname_r(const char *name, - struct protoent *result, - char *buffer, size_t buflen, - int *errnop); -enum nss_status _nss_sss_getprotobynumber_r(int number, - struct protoent *result, - char *buffer, size_t buflen, - int *errnop); -enum nss_status _nss_sss_setprotoent(void); -enum nss_status _nss_sss_getprotoent_r(struct protoent *result, - char *buffer, size_t buflen, - int *errnop); -enum nss_status _nss_sss_endprotoent(void); - -/* SERVICES database NSS interface */ -enum nss_status _nss_sss_getservbyname_r(const char *name, - const char *protocol, - struct servent *result, - char *buffer, size_t buflen, - int *errnop); -enum nss_status _nss_sss_getservbyport_r(int port, const char *protocol, - struct servent *result, - char *buffer, size_t buflen, - int *errnop); -enum nss_status _nss_sss_setservent(void); -enum nss_status _nss_sss_getservent_r(struct servent *result, - char *buffer, size_t buflen, - int *errnop); -enum nss_status _nss_sss_endservent(void); - -/* ALIASES database NSS interface */ -enum nss_status _nss_sss_getaliasbyname_r(const char *name, - struct aliasent *result, - char *buffer, size_t buflen, - int *errnop); -enum nss_status _nss_sss_setaliasent(void); -enum nss_status _nss_sss_getaliasent_r(struct aliasent *result, - char *buffer, size_t buflen, - int *errnop); -enum nss_status _nss_sss_endaliasent(void); - -/* ETHERS database NSS interface */ -enum nss_status _nss_sss_gethostton_r(const char *name, - struct etherent *result, - char *buffer, size_t buflen, - int *errnop); -enum nss_status _nss_sss_getntohost_r(const struct ether_addr *addr, - struct etherent *result, - char *buffer, size_t buflen, - int *errnop); -enum nss_status _nss_sss_setetherent(void); -enum nss_status _nss_sss_getetherent_r(struct etherent *result, - char *buffer, size_t buflen, - int *errnop); -enum nss_status _nss_sss_endetherent(void); - -/* RPC database NSS interface */ -enum nss_status _nss_sss_getrpcbyname_r(const char *name, - struct rpcent *result, - char *buffer, size_t buflen, - int *errnop); -enum nss_status _nss_sss_getrpcbynumber_r(int number, struct rpcent *result, - char *buffer, size_t buflen, - int *errnop); -enum nss_status _nss_sss_setrpcent(void); -enum nss_status _nss_sss_getrpcent_r(struct rpcent *result, - char *buffer, size_t buflen, - int *errnop); -enum nss_status _nss_sss_endrpcent(void); - -#endif diff --git a/sss_client/sss_cli.h b/sss_client/sss_cli.h deleted file mode 100644 index 7e9a81ff3..000000000 --- a/sss_client/sss_cli.h +++ /dev/null @@ -1,220 +0,0 @@ -/* - * System Security Services Daemon. Client Interface for NSS and PAM. - * - * Copyright (C) Simo Sorce 2007 - * - * You can used this header file in any way you see fit provided copyright - * notices are preserved. - * - */ - -#ifndef _SSSCLI_H -#define _SSSCLI_H - -#include -#include -#include - -#ifndef HAVE_ERRNO_T -#define HAVE_ERRNO_T -typedef int errno_t; -#endif - -#define SSS_NSS_PROTOCOL_VERSION 1 -#define SSS_PAM_PROTOCOL_VERSION 3 - -enum sss_cli_command { -/* null */ - SSS_CLI_NULL = 0x0000, - -/* version */ - SSS_GET_VERSION = 0x0001, - -/* passwd */ - - SSS_NSS_GETPWNAM = 0x0011, - SSS_NSS_GETPWUID = 0x0012, - SSS_NSS_SETPWENT = 0x0013, - SSS_NSS_GETPWENT = 0x0014, - SSS_NSS_ENDPWENT = 0x0015, - -/* group */ - - SSS_NSS_GETGRNAM = 0x0021, - SSS_NSS_GETGRGID = 0x0022, - SSS_NSS_SETGRENT = 0x0023, - SSS_NSS_GETGRENT = 0x0024, - SSS_NSS_ENDGRENT = 0x0025, - SSS_NSS_INITGR = 0x0026, - -#if 0 -/* aliases */ - - SSS_NSS_GETALIASBYNAME = 0x0031, - SSS_NSS_GETALIASBYPORT = 0x0032, - SSS_NSS_SETALIASENT = 0x0033, - SSS_NSS_GETALIASENT = 0x0034, - SSS_NSS_ENDALIASENT = 0x0035, - -/* ethers */ - - SSS_NSS_GETHOSTTON = 0x0041, - SSS_NSS_GETNTOHOST = 0x0042, - SSS_NSS_SETETHERENT = 0x0043, - SSS_NSS_GETETHERENT = 0x0044, - SSS_NSS_ENDETHERENT = 0x0045, - -/* hosts */ - - SSS_NSS_GETHOSTBYNAME = 0x0051, - SSS_NSS_GETHOSTBYNAME2 = 0x0052, - SSS_NSS_GETHOSTBYADDR = 0x0053, - SSS_NSS_SETHOSTENT = 0x0054, - SSS_NSS_GETHOSTENT = 0x0055, - SSS_NSS_ENDHOSTENT = 0x0056, - -/* netgroup */ - - SSS_NSS_SETNETGRENT = 0x0061, - SSS_NSS_GETNETGRENT = 0x0062, - SSS_NSS_ENDNETGRENT = 0x0063, - /* SSS_NSS_INNETGR = 0x0064, */ - -/* networks */ - - SSS_NSS_GETNETBYNAME = 0x0071, - SSS_NSS_GETNETBYADDR = 0x0072, - SSS_NSS_SETNETENT = 0x0073, - SSS_NSS_GETNETENT = 0x0074, - SSS_NSS_ENDNETENT = 0x0075, - -/* protocols */ - - SSS_NSS_GETPROTOBYNAME = 0x0081, - SSS_NSS_GETPROTOBYNUM = 0x0082, - SSS_NSS_SETPROTOENT = 0x0083, - SSS_NSS_GETPROTOENT = 0x0084, - SSS_NSS_ENDPROTOENT = 0x0085, - -/* rpc */ - - SSS_NSS_GETRPCBYNAME = 0x0091, - SSS_NSS_GETRPCBYNUM = 0x0092, - SSS_NSS_SETRPCENT = 0x0093, - SSS_NSS_GETRPCENT = 0x0094, - SSS_NSS_ENDRPCENT = 0x0095, - -/* services */ - - SSS_NSS_GETSERVBYNAME = 0x00A1, - SSS_NSS_GETSERVBYPORT = 0x00A2, - SSS_NSS_SETSERVENT = 0x00A3, - SSS_NSS_GETSERVENT = 0x00A4, - SSS_NSS_ENDSERVENT = 0x00A5, - -/* shadow */ - - SSS_NSS_GETSPNAM = 0x00B1, - SSS_NSS_GETSPUID = 0x00B2, - SSS_NSS_SETSPENT = 0x00B3, - SSS_NSS_GETSPENT = 0x00B4, - SSS_NSS_ENDSPENT = 0x00B5, -#endif - -/* PAM related calls */ - SSS_PAM_AUTHENTICATE = 0x00F1, - SSS_PAM_SETCRED = 0x00F2, - SSS_PAM_ACCT_MGMT = 0x00F3, - SSS_PAM_OPEN_SESSION = 0x00F4, - SSS_PAM_CLOSE_SESSION = 0x00F5, - SSS_PAM_CHAUTHTOK = 0x00F6, - SSS_PAM_CHAUTHTOK_PRELIM = 0x00F7, - -}; - -enum sss_authtok_type { - SSS_AUTHTOK_TYPE_EMPTY = 0x0000, - SSS_AUTHTOK_TYPE_PASSWORD = 0x0001, -}; - -#define SSS_START_OF_PAM_REQUEST 0x4d415049 -#define SSS_END_OF_PAM_REQUEST 0x4950414d - -enum pam_item_type { - SSS_PAM_ITEM_EMPTY = 0x0000, - SSS_PAM_ITEM_USER, - SSS_PAM_ITEM_SERVICE, - SSS_PAM_ITEM_TTY, - SSS_PAM_ITEM_RUSER, - SSS_PAM_ITEM_RHOST, - SSS_PAM_ITEM_AUTHTOK, - SSS_PAM_ITEM_NEWAUTHTOK, - SSS_PAM_ITEM_CLI_LOCALE, - SSS_PAM_ITEM_CLI_PID, -}; - -#define SSS_NSS_MAX_ENTRIES 256 -#define SSS_NSS_HEADER_SIZE (sizeof(uint32_t) * 4) -struct sss_cli_req_data { - size_t len; - const void *data; -}; - -/* this is in milliseconds, wait up to 300 seconds */ -#define SSS_CLI_SOCKET_TIMEOUT 300000 - -enum sss_status { - SSS_STATUS_UNAVAIL, - SSS_STATUS_SUCCESS -}; - -enum response_type { - SSS_PAM_SYSTEM_INFO = 0x01, - SSS_PAM_DOMAIN_NAME, - SSS_PAM_ENV_ITEM, /* only pam environment */ - SSS_ENV_ITEM, /* only user environment */ - SSS_ALL_ENV_ITEM, /* pam and user environment */ - SSS_PAM_USER_INFO -}; - -enum user_info_type { - SSS_PAM_USER_INFO_OFFLINE_AUTH = 0x01, - SSS_PAM_USER_INFO_OFFLINE_AUTH_DELAYED, - SSS_PAM_USER_INFO_OFFLINE_CHPASS, - SSS_PAM_USER_INFO_CHPASS_ERROR -}; - -enum nss_status sss_nss_make_request(enum sss_cli_command cmd, - struct sss_cli_req_data *rd, - uint8_t **repbuf, size_t *replen, - int *errnop); - -int sss_pam_make_request(enum sss_cli_command cmd, - struct sss_cli_req_data *rd, - uint8_t **repbuf, size_t *replen, - int *errnop); - -#endif /* _SSSCLI_H */ - -#if 0 - -/* GETSPNAM Request: - * - * 0-X: string with name - * - * Replies: - * - * 0-3: 32bit unsigned number of results - * 4-7: 32bit unsigned (reserved/padding) - * For each result: - * 0-7: 64bit unsigned with Date of last change - * 8-15: 64bit unsigned with Min #days between changes - * 16-23: 64bit unsigned with Max #days between changes - * 24-31: 64bit unsigned with #days before pwd expires - * 32-39: 64bit unsigned with #days after pwd expires until account is disabled - * 40-47: 64bit unsigned with expiration date in days since 1970-01-01 - * 48-55: 64bit unsigned (flags/reserved) - * 56-X: sequence of 2, 0 terminated, strings (name, pwd) 64bit padded - */ -#endif - diff --git a/sss_client/sss_nss.exports b/sss_client/sss_nss.exports deleted file mode 100644 index bcc6b10e1..000000000 --- a/sss_client/sss_nss.exports +++ /dev/null @@ -1,73 +0,0 @@ -EXPORTED { - - # public functions - global: - - _nss_sss_getpwnam_r; - _nss_sss_getpwuid_r; - _nss_sss_setpwent; - _nss_sss_getpwent_r; - _nss_sss_endpwent; - - _nss_sss_getgrnam_r; - _nss_sss_getgrgid_r; - _nss_sss_setgrent; - _nss_sss_getgrent_r; - _nss_sss_endgrent; - _nss_sss_initgroups_dyn; - - #_nss_sss_getaliasbyname_r; - #_nss_sss_setaliasent; - #_nss_sss_getaliasent_r; - #_nss_sss_endaliasent; - - #_nss_sss_gethostton_r; - #_nss_sss_getntohost_r; - #_nss_sss_setetherent; - #_nss_sss_getetherent_r; - #_nss_sss_endetherent; - - #_nss_sss_gethostbyname_r; - #_nss_sss_gethostbyname2_r; - #_nss_sss_gethostbyaddr_r; - #_nss_sss_sethostent; - #_nss_sss_gethostent_r; - #_nss_sss_endhostent; - - #_nss_sss_setnetgrent; - #_nss_sss_getnetgrent_r; - #_nss_sss_endnetgrent; - - #_nss_sss_getnetbyname_r; - #_nss_sss_getnetbyaddr_r; - #_nss_sss_setnetent; - #_nss_sss_getnetent_r; - #_nss_sss_endnetent; - - #_nss_sss_getprotobyname_r; - #_nss_sss_getprotobynumber_r; - #_nss_sss_setprotoent; - #_nss_sss_getprotoent_r; - #_nss_sss_endprotoent; - - #_nss_sss_getrpcbyname_r; - #_nss_sss_getrpcbynumber_r; - #_nss_sss_setrpcent; - #_nss_sss_getrpcent_r; - #_nss_sss_endrpcent; - - #_nss_sss_getservbyname_r; - #_nss_sss_getservbyport_r; - #_nss_sss_setservent; - #_nss_sss_getservent_r; - #_nss_sss_endservent; - - #_nss_sss_getspnam_r; - #_nss_sss_setspent; - #_nss_sss_getspent_r; - #_nss_sss_endspent; - - # everything else is local - local: - *; -}; diff --git a/sss_client/sss_pam.exports b/sss_client/sss_pam.exports deleted file mode 100644 index 9afa106be..000000000 --- a/sss_client/sss_pam.exports +++ /dev/null @@ -1,4 +0,0 @@ -{ - global: - *; -}; diff --git a/sss_client/sss_pam_macros.h b/sss_client/sss_pam_macros.h deleted file mode 100644 index 5277acd0f..000000000 --- a/sss_client/sss_pam_macros.h +++ /dev/null @@ -1,30 +0,0 @@ -/* - * System Security Services Daemon. Client Interface for NSS and PAM. - * - * Copyright (C) Stephen Gallagher 2009 - * - * You can used this header file in any way you see fit provided copyright - * notices are preserved. - * - */ - -#ifndef _SSS_PAM_MACROS_H -#define _SSS_PAM_MACROS_H - -/* Older versions of the pam development headers do not include the - * _pam_overwrite_n(n,x) macro. This implementation is copied from - * the Fedora 11 _pam_macros.h. - */ -#include -#ifndef _pam_overwrite_n -#define _pam_overwrite_n(x,n) \ -do { \ - register char *__xx__; \ - register unsigned int __i__ = 0; \ - if ((__xx__=(x))) \ - for (;__i__