diff options
Diffstat (limited to 'patches/source')
691 files changed, 99876 insertions, 0 deletions
diff --git a/patches/source/MPlayer/MPlayer.SlackBuild b/patches/source/MPlayer/MPlayer.SlackBuild new file mode 100755 index 000000000..ae64cb98d --- /dev/null +++ b/patches/source/MPlayer/MPlayer.SlackBuild @@ -0,0 +1,488 @@ +#!/bin/sh +# $Id: MPlayer.SlackBuild,v 1.27 2012/07/01 13:07:08 root Exp root $ +# Copyright 2006, 2007, 2008, 2010, 2011, 2012 Eric Hameleers, Eindhoven, NL +# Copyright 2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Permission to use, copy, modify, and distribute this software for +# any purpose with or without fee is hereby granted, provided that +# the above copyright notice and this permission notice appear in all +# copies. +# +# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# ----------------------------------------------------------------------------- +# +# Slackware SlackBuild script +# =========================== +# By: Eric Hameleers <alien@slackware.com> +# For: MPlayer +# Descr: a movie player for LINUX +# URL: http://www.mplayerhq.hu/ +# Needs: +# Changelog: +# 1.0rc1-1: 05/Nov/2006 by Eric Hameleers <alien@slackware.com> +# * Initial build. +# 1.0rc1-2: 07/Nov/2006 by Eric Hameleers <alien@slackware.com> +# * Removed MPlayer's internal libdvdcss code from the build, so +# that MPlayer no longer plays encrypted DVD's by default (and the +# package is now safe to upload to public repositories). +# If it is allowed in your country, you can either install +# libdvdcss (which is picked up automatically by MPlayer), or +# rebuild MPlayer yourself using this SlackBuild - and set the +# variable REMOVECSS="no" first (see further down). +# Use this commandline if you can't or won't modify the script: +# REMOVECSS="no" ./MPlayer.SlackBuild +# 1.0rc1-3: 08/Nov/2006 by Eric Hameleers <alien@slackware.com> +# * Install the mplayer.conf into correct location '/etc/mplayer/' +# 1.0rc1-4: 15/mar/2007 by Eric Hameleers <alien@slackware.com> +# * Differentiate between versions of X11 (modular X has another +# install-prefix); update default skin; enable mplayer menu; +# add security fix +# 1.0rc1-5: 07/jun/2007 by Eric Hameleers <alien@slackware.com> +# * Add security fix. +# 1.0rc2-1: 09/oct/2007 by Eric Hameleers <alien@slackware.com> +# * New version. +# 1.0rc2-2: 01/feb/2008 by Eric Hameleers <alien@slackware.com> +# * Apply 4 security fixes. +# 1.0rc2-3: 10/mar/2008 by Eric Hameleers <alien@slackware.com> +# * Apply a patch that allows compilation against the ivtv driver +# in the 2.6.24.x kernels. +# r28148-1: 14/dec/2008 by Eric Hameleers <alien@slackware.com> +# * Build SVN snapshot - remove support for *all* patented or +# questionable software if "USE_PATENTS" is set to "NO" - think +# of DECSS dvd decryption code, and mp3/aac/amr audio encoders. +# r28929-1: 10/mar/2009 by Eric Hameleers <alien@slackware.com> +# * Update. +# r29301-1: 12/may/2009 by Eric Hameleers <alien@slackware.com> +# * Update. +# r29301-1: 12/may/2009 by Eric Hameleers <alien@slackware.com> +# * Update. +# 20100926-1: 26/sep/2010 by Eric Hameleers <alien@slackware.com> +# * Slackware has MPlayer now of course, but it does not hurt +# to have a full-featured binary package available. The 1.0rc3 +# was released recently but I prefer to build a snapshot. +# 20110624-1: 24/jun/2011 by Eric Hameleers <alien@slackware.com> +# * Provide an up-to-date snapshot to be used in conjunction +# with UMPlayer (a MPlayer GUI). New MPlayer source requires +# a separate ffmpeg download. +# 20120514-1: 14/may/2012 by volkerdi@slackware.com +# * Update. +# 1.1_20120701-1: 28/jun/2012 by alien@slackware.com +# * Update to the 1.1 branch (essentially this is MPlayer-1.1 but +# I like to check it out of SVN). +# 1.1_20130819-1: 19/aug/2013 by volkerdi@slackware.com +# * Update to the latest 1.1 branch, and the same ffmpeg that was +# shipped with the 1.1.1 tarball. The official 1.1.1 release +# did not start a new repo branch, so this is the latest. +# 20150308-1: 09/mar/2015 by pprkut@slackware.com +# * Update to latest version from trunk, together with ffmpeg 2.6, +# which was released roughly around that date as well. +# 20140403-1: 03/apr/2015 by volkerdi@slackware.com +# * Update to latest version from trunk and ffmpeg-2.6.1. +# +# Run 'sh MPlayer.SlackBuild' to build a Slackware package. +# The package (.txz) plus descriptive .txt file are created in /tmp . +# Install using 'installpkg'. +# +# ----------------------------------------------------------------------------- + +# Set initial variables: + +PRGNAM=MPlayer +VERSION=${VERSION:-20160125} +BRANCH=${BRANCH:-1.2} # leave empty if you want to build MPlayer trunk +FFMPEG=${FFMPEG:-2.8.5} +BUILD=${BUILD:-1_slack13.0} +TAG=${TAG:-} +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Show the branch version in the package name if we build from a branch: +[ -n "$BRANCH" ] && PKGVERSION=${BRANCH}_${VERSION} || PKGVERSION=${VERSION} + +DOCS="AUTHORS Changelog Copyright LICENSE README VERSION DOCS/HTML DOCS/tech" + +# MPlayer repository characteristics: +MPURI="svn://svn.mplayerhq.hu/mplayer/" +if [ -n "$BRANCH" ]; then + MPBRANCH="branches/$BRANCH" +else + MPBRANCH="trunk" +fi + +FFURI=git://git.videolan.org/ffmpeg.git + +DEFSKIN=${DEFSKIN:-"Blue"} # Download more skins at the following url: +SKINVER=${SKINVER:-"1.11"} # http://www.mplayerhq.hu/design7/dload.html + +# Available languages: all cs de en es fr hu it pl ru zh_CN +LANGUAGES="en,de,es,fr" + +# Automatically determine the architecture we're building on: +MARCH=$( uname -m ) +if [ -z "$ARCH" ]; then + case "$MARCH" in + i?86) export ARCH=i486 ;; + armv7hl) export ARCH=$MARCH ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$MARCH ;; + esac +fi + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" + # --enable-runtime-cpudetection is supported only for x86, x86_64, and PPC + EXTRACONFIGUREOPTIONS="--enable-runtime-cpudetection" +elif [ "$ARCH" = "i486" -o \ + "$ARCH" = "i586" -o \ + "$ARCH" = "i686" ]; then + LIBDIRSUFFIX="" + EXTRACONFIGUREOPTIONS="--enable-runtime-cpudetection" +else + LIBDIRSUFFIX="" + EXTRACONFIGUREOPTIONS="" +fi + +# Where the WIN32 codecs are expectedfor instance +CODECSDIR=/usr/lib${LIBDIRSUFFIX}/codecs + +# --------------------------------------------------------------------------- +# -- PATENT ALERT! -- +# MPLayer can be built with MP3 (lame) and AMR audio encoders +# (needed for FLV and .3GP videos) but these libraries are 'contaminated' +# with patents from Fraunhofer and GGP. +# Also, the AAC encoder has patent issues. +# You can build these patended algorithms into ffmpeg, and if you are an +# ordinary end user, no one will bother you for using them. +# For the binaries based on this SlackBuild that I distribute, it is a +# different story. I am not allowed to distribute binary packages that +# incorporate patented code. So here you go. My Slackware package was +# built with "USE_PATENTS=NO" i.e. without using +# the lame mp3, faac, AMR and dvdcss libraries. +# --------------------------------------------------------------------------- +USE_PATENTS=${USE_PATENTS:-"NO"} + +# MPlayer will try to use one of the TrueType fonts present on the target +# system for it's On Screen Display (OSD) font. +# Slackware 11.0 ships with the Vera and DejaVu fonts, you may want to add +# more fonts to this list. The first font found will be used by creating a +# symbolic link "/usr/share/mplayer/subfont.ttf" to it. +# The use of bitmapped fonts is considered deprecated, but you can still use +# those if you want. Read http://www.mplayerhq.hu/DOCS/HTML/en/fonts-osd.html +# if you want to know more about OSD font configuration. +OSDFONTS="LiberationSans-Regular.ttf \ + Arialuni.ttf arial.ttf \ + DejaVuSans.ttf Vera.ttf" + +# Where do we look for sources? +SRCDIR=$(cd $(dirname $0); pwd) + +SOURCE[0]="$SRCDIR/${PRGNAM}-${VERSION}.tar.xz" +SRCURL[0]="" + +# The default skin to use (we need to add at least one) +SOURCE[1]="$SRCDIR/${DEFSKIN}-${SKINVER}.tar.bz2" +SRCURL[1]="http://www.mplayerhq.hu/MPlayer/skins/${DEFSKIN}-${SKINVER}.tar.bz2" + +# Ffmpeg needs to be checked out separately now: +SOURCE[2]="$SRCDIR/ffmpeg-${FFMPEG}.tar.xz" +SRCURL[2]="" + +# Use the src_checkout() function if no downloadable tarball exists. +# This function checks out sources from SVN/CVS and creates a tarball of them. +src_checkout() { + # Param #1 : index in the SOURCE[] array. + # Param #2 : full path to where SOURCE[$1] tarball should be created. + # Determine the tarball extension: + PEXT=$(echo "${2}" | sed -r -e 's/.*[^.].(tar.xz|tar.gz|tar.bz2|tgz).*/\1/') + case "$PEXT" in + "tar.xz") TARCOMP="J" ;; + "tar.gz") TARCOMP="z" ;; + "tgz") TARCOMP="z" ;; + "tar.bz2") TARCOMP="j" ;; + *) echo "Archive can only have extension 'tar.xz', '.tar.gz' '.tar.bz2' or '.tgz'" ; exit 1 ;; + esac + case ${1} in + 0) # mplayer + if [ "$(echo ${VERSION}|cut -c1)" == 'r' ]; then # revision instead of date + echo "Only supported VERSION is a date - yyyymmdd - or 'HEAD'" + else + REV="{${VERSION}}" + fi + mkdir MPlayer-${VERSION} \ + && cd MPlayer-${VERSION} \ + && svn checkout --revision $REV ${MPURI}/${MPBRANCH} . \ + && svn propget svn:externals | sed -e 's/[[:space:]].*$//g' | xargs svn up --revision $REV \ + && chown -R root:root . \ + && cd .. \ + && tar --exclude-vcs -${TARCOMP}cf ${2} MPlayer-${VERSION} + rm -rf MPlayer-${VERSION} + ;; + 2) # ffmpeg-${FFMPEG} + mkdir ffmpeg_temp_checkout_$$ \ + && cd ffmpeg_temp_checkout_$$ + echo "Checking out tag n$FFMPEG from '$FFURI':" + git clone ${FFURI} ffmpeg \ + && cd ffmpeg \ + && git checkout n$FFMPEG \ + && cd .. + chown -R root:root . \ + && tar --exclude-vcs -${TARCOMP}cf ${2} ffmpeg + cd .. + rm -rf ffmpeg_temp_checkout_$$ + ;; + *) # Do nothing + ;; + esac +} + +# Place to build (TMP) package (PKG) and output (OUTPUT) the program: +TMP=${TMP:-/tmp/build} +PKG=$TMP/package-$PRGNAM +OUTPUT=${OUTPUT:-/tmp} + +## +## --- with a little luck, you won't have to edit below this point --- ## +## + +# Exit the script on errors: +set -e +trap 'echo "$0 FAILED at line $LINENO!" | tee $OUTPUT/error-${PRGNAM}.log' ERR +# Catch unitialized variables: +set -u +P1=${1:-1} + +# Create working directories: +mkdir -p $TMP/tmp-$PRGNAM # location to build the source +rm -rf $TMP/tmp-$PRGNAM/* # remove the remnants of previous build +mkdir -p $PKG # place for the package to be built +rm -rf $PKG/* # erase old package's contents +mkdir -p $OUTPUT # place for the package to be saved + +# Source file availability: +for (( i = 0; i < ${#SOURCE[*]}; i++ )) ; do + if ! [ -f ${SOURCE[$i]} ]; then + echo "Source '$(basename ${SOURCE[$i]})' not available yet..." + # Check if the $SRCDIR is writable at all - if not, download to $OUTPUT + [ -w "$SRCDIR" ] || SOURCE[$i]="$OUTPUT/$(basename ${SOURCE[$i]})" + if ! [ "x${SRCURL[$i]}" == "x" ]; then + echo "Will download file to $(dirname $SOURCE[$i])" + wget -nv -T 20 -O "${SOURCE[$i]}" "${SRCURL[$i]}" || true + if [ $? -ne 0 -o ! -s "${SOURCE[$i]}" ]; then + echo "Downloading '$(basename ${SOURCE[$i]})' failed.. aborting the build." + mv -f "${SOURCE[$i]}" "${SOURCE[$i]}".FAIL + exit 1 + fi + else + # Try if we have a SVN/CVS download routine for ${SOURCE[$i]} + echo "Will checkout sources to $(dirname $SOURCE[$i])" + src_checkout $i "${SOURCE[$i]}" 2>&1 > $OUTPUT/checkout-$(basename ${SOURCE[$i]}).log + fi + if [ ! -f "${SOURCE[$i]}" -o ! -s "${SOURCE[$i]}" ]; then + echo "File '$(basename ${SOURCE[$i]})' not available.. aborting the build." + exit 1 + fi + fi +done + +if [ "$P1" == "--download" ]; then + echo "Download complete." + exit 0 +fi + +# --- PACKAGE BUILDING --- + +echo "++" +echo "|| $PRGNAM-$VERSION" +echo "++" + +cd $TMP/tmp-$PRGNAM +echo "Extracting the source archive(s) for $PRGNAM..." +tar -xvf ${SOURCE[0]} + +cd ${PRGNAM}-${VERSION} + # remove MPlayer's copy of libswscale + rm -rf ffmpeg + + # Extract the ffmpeg source inside the MPlayer directory: + tar -xvf ${SOURCE[2]} + + # in case we build with an official tarball + if [ -e "ffmpeg-$FFMPEG" ]; then + mv "ffmpeg-$FFMPEG" ffmpeg + fi + +cd .. + +chown -R root:root * +chmod -R u+w,go+r-w,a+X-s * +cd ${PRGNAM}-${VERSION} + +# Determine what X we're running (the modular X returns the prefix +# in the next command, while older versions stay silent): +XPREF=$(pkg-config --variable=prefix x11) || true +[ "$XPREF" == "" ] && XPREF='/usr/X11R6' + +# Remove support for patent encumbered and possibly illegal code: +if [ "$USE_PATENTS" != "YES" ]; then + DO_PATENTED="--disable-mp3lame --disable-mp3lame-lavc \ + --disable-libopencore_amrnb \ + --disable-libopencore_amrwb" +else + DO_PATENTED="" +fi + +echo Building ... +# MPlayer wants to automatically determine compiler flags, +# so we don't provide CFLAGS. +./configure \ + --prefix=/usr \ + --mandir=/usr/man \ + --confdir=/etc/mplayer \ + --enable-gui \ + --enable-menu \ + --disable-arts \ + --disable-bitmap-font \ + --codecsdir=${CODECSDIR} \ + --language="${LANGUAGES}" \ + ${EXTRACONFIGUREOPTIONS} \ + ${DO_PATENTED} \ + 2>&1 | tee $OUTPUT/configure-${PRGNAM}.log +# So that MPlayer does not report "UNKNOWN" as it's version: +if [ ! -f VERSION ]; then + echo $VERSION > VERSION +fi +make $NUMJOBS 2>&1 | tee $OUTPUT/make-${PRGNAM}.log +make DESTDIR=$PKG install 2>&1 |tee $OUTPUT/install-${PRGNAM}.log + +# Build the html documentation (not all languages are available): +if [ "$LANGUAGES" = "all" ]; then + # make html-chunked + make html-single +else + for i in $(echo $LANGUAGES | tr , ' ') ; do + # make html-chunked-$i ; + make html-single-$i ; + done +fi + +# Prepare the configfile: +mkdir -p $PKG/etc/mplayer +cp etc/example.conf $PKG/etc/mplayer/mplayer.conf.new + +# Install our default skin: +cd $PKG/usr/share/mplayer/skins +tar -xvf ${SOURCE[1]} +chown -R root:root * +chmod -R u+w,go+r-w,a+X-s * +ln -s ${DEFSKIN} default +cd - + +# Add this to the doinst.sh: +mkdir -p $PKG/install +cat <<EOINS >> $PKG/install/doinst.sh +# Handle the incoming configuration files: +config() { + for infile in \$1; do + NEW="\$infile" + OLD="\`dirname \$NEW\`/\`basename \$NEW .new\`" + # If there's no config file by that name, mv it over: + if [ ! -r \$OLD ]; then + mv \$NEW \$OLD + elif [ "\`cat \$OLD | md5sum\`" = "\`cat \$NEW | md5sum\`" ]; then + # toss the redundant copy + rm \$NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... + done +} + +# Installing a bitmap font is considered deprecated; use a TTF font instead. +# We try to link to an installed TTF font at install time. +# Configure a default TrueType font to use for the OSD : +if [ ! -f usr/share/mplayer/subfont.ttf ]; then + for font in ${OSDFONTS}; do + if [ -f .${XPREF}/lib${LIBDIRSUFFIX}/X11/fonts/TTF/\${font} ]; then + ( cd usr/share/mplayer/ + ln -sf ${XPREF}/lib${LIBDIRSUFFIX}/X11/fonts/TTF/\${font} subfont.ttf + ) + break + fi + done +fi + +# Prepare the new configuration file +config etc/mplayer/mplayer.conf.new + +# Update the desktop database: +if [ -x usr/bin/update-desktop-database ]; then + chroot . /usr/bin/update-desktop-database usr/share/applications 1> /dev/null 2> /dev/null +fi + +# Update hicolor theme cache: +if [ -e usr/share/icons/hicolor/icon-theme.cache ]; then + if [ -x usr/bin/gtk-update-icon-cache ]; then + chroot . /usr/bin/gtk-update-icon-cache /usr/share/icons/hicolor >/dev/null 2>&1 + fi +fi + +# Update the mime database: +if [ -x usr/bin/update-mime-database ]; then + chroot . /usr/bin/update-mime-database usr/share/mime >/dev/null 2>&1 +fi + +EOINS + +# Add documentation: +mkdir -p $PKG/usr/doc/$PRGNAM-$PKGVERSION +cp -a $DOCS $PKG/usr/doc/$PRGNAM-$PKGVERSION || true +cp -a $SRCDIR/$(basename $0) $PKG/usr/doc/$PRGNAM-$PKGVERSION/$PRGNAM.SlackBuild +mv $PKG/usr/doc/$PRGNAM-$PKGVERSION/HTML $PKG/usr/doc/$PRGNAM-$PKGVERSION/html +# Save a sample of all configuration files: +for i in etc/*.conf ; do + cp $i $PKG/usr/doc/$PRGNAM-$PKGVERSION/$(basename $i)-sample +done +# Save a transcript of all configured options for this specific build: +if [ -n $OUTPUT/configure-${PRGNAM}.log ]; then + cat $OUTPUT/configure-${PRGNAM}.log \ + | sed -n "/^Config files successfully generated/,/^'config.h' and 'config.mak' contain your configuration options./p" \ + > $PKG/usr/doc/$PRGNAM-$PKGVERSION/${PRGNAM}.configuration +fi +find $PKG/usr/doc -type f -exec chmod 644 {} \; + +# Compress the man page(s): +if [ -d $PKG/usr/man ]; then + find $PKG/usr/man -type f -name "*.?" -exec gzip -9f {} \; + for i in $(find $PKG/usr/man -type l -name "*.?") ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +fi + +# Strip binaries: +( find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null ) + +# Add a package description: +mkdir -p $PKG/install +cat $SRCDIR/slack-desc > $PKG/install/slack-desc +if [ -f $SRCDIR/doinst.sh ]; then + cat $SRCDIR/doinst.sh >> $PKG/install/doinst.sh +fi + +# Build the package: +cd $PKG +makepkg --linkadd y --chown n $OUTPUT/${PRGNAM}-${PKGVERSION}-${ARCH}-${BUILD}${TAG}.txz 2>&1 | tee $OUTPUT/makepkg-${PRGNAM}.log +cd $OUTPUT +md5sum ${PRGNAM}-${PKGVERSION}-${ARCH}-${BUILD}${TAG}.txz > ${PRGNAM}-${PKGVERSION}-${ARCH}-${BUILD}${TAG}.txz.md5 +cd - +cat $PKG/install/slack-desc | grep "^${PRGNAM}" > $OUTPUT/${PRGNAM}-${PKGVERSION}-${ARCH}-${BUILD}${TAG}.txt + diff --git a/patches/source/MPlayer/slack-desc b/patches/source/MPlayer/slack-desc new file mode 100644 index 000000000..033b41706 --- /dev/null +++ b/patches/source/MPlayer/slack-desc @@ -0,0 +1,20 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +MPlayer: MPlayer (Linux movie player) +MPlayer: +MPlayer: MPlayer is a movie player for Linux. It plays most MPEG, VOB, AVI, +MPlayer: Ogg/OGM, VIVO, ASF/WMA/WMV, QT/MOV/MP4, FLI, RM, NuppelVideo, +MPlayer: YUV4MPEG, FILM, RoQ, PVA files, supported by many native, XAnim, +MPlayer: and Win32 DLL codecs. You can watch VideoCD, SVCD, DVD, 3ivx, +MPlayer: DivX 3/4/5 and even WMV movies, too (without the avifile library). +MPlayer: MPlayer supports 10 types of subtitles formats: VobSub, +MPlayer: MicroDVD, SubRip, SubViewer, Sami, VPlayer, RT, SSA, AQTitle, MPsub. +MPlayer: +MPlayer: Homepage for MPLayer is http://www.mplayerhq.hu/ + diff --git a/patches/source/acl/acl.SlackBuild b/patches/source/acl/acl.SlackBuild new file mode 100755 index 000000000..3b2302681 --- /dev/null +++ b/patches/source/acl/acl.SlackBuild @@ -0,0 +1,120 @@ +#!/bin/sh + +# Copyright 2005-2011 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=acl +VERSION=2.2.50 +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-acl + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP + +rm -rf acl-$(echo $VERSION | cut -f 1 -d '-') +tar xzvf $CWD/acl-$VERSION.src.tar.gz || exit 1 +cd acl-$(echo $VERSION | cut -f 1 -d '-') || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Add DESTDIR support and improve docs install location: +zcat $CWD/acl.destdir.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit + +# Make sure you have the same version of autoconf as the +# developers did... ;-) +autoconf + +./configure \ + --prefix=/ \ + --exec-prefix=/ \ + --sbindir=/bin \ + --bindir=/usr/bin \ + --libdir=/lib${LIBDIRSUFFIX} \ + --libexecdir=/usr/lib${LIBDIRSUFFIX} \ + --includedir=/usr/include \ + --mandir=/usr/man \ + --datadir=/usr/share + +make || exit 1 +make install DESTDIR=$PKG +make install-dev DESTDIR=$PKG +make install-lib DESTDIR=$PKG + +mv $PKG/usr/share/doc $PKG/usr +( cd $PKG/usr/doc ; mv acl acl-$VERSION ) +#It would be nice to keep the same timestamps that the files have in the source: +cp -a \ + README doc/COPYING* doc/PORTING \ + $PKG/usr/doc/acl-$VERSION + +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) +strip -g $PKG/usr/lib${LIBDIRSUFFIX}/*.a + +# Remove bogus files: +rm -f $PKG/lib${LIBDIRSUFFIX}/*.a $PKG/lib${LIBDIRSUFFIX}/libacl.so $PKG/lib${LIBDIRSUFFIX}/*.la $PKG/usr/lib${LIBDIRSUFFIX}/*.la +# Make /usr/lib${LIBDIRSUFFIX}/libacl.so a symlink to /lib${LIBDIRSUFFIX}: +( cd $PKG/usr/lib${LIBDIRSUFFIX} + rm -f libacl.so + ln -sf /lib${LIBDIRSUFFIX}/libacl.so.1 libacl.so +) +# Fix shared library perms: +chmod 755 $PKG/lib${LIBDIRSUFFIX}/* + +# Gzip the man pages: +( cd $PKG/usr/man + for i in `find . -type l` ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done + gzip -9 */*.? +) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +makepkg -l y -c n $TMP/acl-$(echo $VERSION | tr - _ )-$ARCH-$BUILD.txz + diff --git a/patches/source/acl/acl.destdir.diff b/patches/source/acl/acl.destdir.diff new file mode 100644 index 000000000..aa4b42e83 --- /dev/null +++ b/patches/source/acl/acl.destdir.diff @@ -0,0 +1,36 @@ +--- ./include/builddefs.in.orig 2011-04-08 11:55:52.000000000 -0500 ++++ ./include/builddefs.in 2011-04-18 13:41:25.000000000 -0500 +@@ -28,14 +28,14 @@ + PKG_VERSION = @pkg_version@ + PKG_PLATFORM = @pkg_platform@ + PKG_DISTRIBUTION= @pkg_distribution@ +-PKG_BIN_DIR = @bindir@ +-PKG_SBIN_DIR = @sbindir@ +-PKG_LIB_DIR = @libdir@@libdirsuffix@ +-PKG_DEVLIB_DIR = @libexecdir@@libdirsuffix@ +-PKG_INC_DIR = @includedir@ +-PKG_MAN_DIR = @mandir@ +-PKG_DOC_DIR = @datadir@/doc/@pkg_name@ +-PKG_LOCALE_DIR = @datadir@/locale ++PKG_BIN_DIR = $(DESTDIR)@bindir@ ++PKG_SBIN_DIR = $(DESTDIR)@sbindir@ ++PKG_LIB_DIR = $(DESTDIR)@libdir@@libdirsuffix@ ++PKG_DEVLIB_DIR = $(DESTDIR)@libexecdir@@libdirsuffix@ ++PKG_INC_DIR = $(DESTDIR)@includedir@ ++PKG_MAN_DIR = $(DESTDIR)@mandir@ ++PKG_DOC_DIR = $(DESTDIR)@datadir@/doc/@pkg_name@ ++PKG_LOCALE_DIR = $(DESTDIR)@datadir@/locale + + CC = @cc@ + AWK = @awk@ +--- ./include/buildmacros.orig 2011-04-08 11:55:52.000000000 -0500 ++++ ./include/buildmacros 2011-04-18 13:41:54.000000000 -0500 +@@ -40,7 +40,7 @@ + $(LFILES:.l=.o) \ + $(YFILES:%.y=%.tab.o) + +-INSTALL = $(TOPDIR)/include/install-sh -o $(PKG_USER) -g $(PKG_GROUP) ++INSTALL = $(TOPDIR)/include/install-sh + + SHELL = /bin/sh + IMAGES_DIR = $(TOPDIR)/all-images diff --git a/patches/source/acl/slack-desc b/patches/source/acl/slack-desc new file mode 100644 index 000000000..93484df35 --- /dev/null +++ b/patches/source/acl/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +acl: acl (tools for using POSIX Access Control Lists) +acl: +acl: This package contains a set of tools and libraries for manipulating +acl: POSIX Access Control Lists. POSIX Access Control Lists (defined in +acl: POSIX 1003.1e draft standard 17) are used to define more fine-grained +acl: discretionary access rights for files and directories. +acl: +acl: +acl: +acl: Homepage: http://savannah.nongnu.org/projects/acl +acl: diff --git a/patches/source/apr-util/apr-util.SlackBuild b/patches/source/apr-util/apr-util.SlackBuild new file mode 100755 index 000000000..b0ca944bd --- /dev/null +++ b/patches/source/apr-util/apr-util.SlackBuild @@ -0,0 +1,112 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo apr-util-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-apr-util + +rm -rf $PKG +mkdir -p $TMP $PKG +NUMJOBS=${NUMJOBS:-" -j7 "} + +cd $TMP +rm -rf apr-util-$VERSION +tar xvf $CWD/apr-util-$VERSION.tar.bz2 || exit 1 +cd apr-util-$VERSION + +# For now, this isn't working with svn (here, anyway) and is probably +# more trouble than it's worth. Could be a grey area in regards to +# licensing, too -- the Apache people say it's fine for third parties +# to link this and distribute the result, but there are usually some +# differing opinions when it comes to this sort of thing... +#( cd dbd ; lftpget http://apache.webthing.com/svn/apache/apr/apr_dbd_mysql.c ) +# --with-mysql=/usr \ +# + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-apr=/usr \ + --with-dbm=db44 \ + --with-berkeley-db \ + --disable-util-dso \ + --without-gdbm \ + --with-ldap \ + --disable-static \ + --without-sqlite2 \ + $ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make dox || exit 1 +make install DESTDIR=$PKG + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc/apr-util-$VERSION +cp -a \ + CHANGES INSTALL.MySQL LICENSE NOTICE \ + $PKG/usr/doc/apr-util-$VERSION + +# This just seems like way too much stuff... +#mv docs/dox/html $PKG/usr/doc/apr-util-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/apr-util-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/apr-util/slack-desc b/patches/source/apr-util/slack-desc new file mode 100644 index 000000000..cec19063e --- /dev/null +++ b/patches/source/apr-util/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +apr-util: apr-util (Apache Portable Runtime utilities) +apr-util: +apr-util: The mission of the Apache Portable Runtime (APR) is to provide a +apr-util: free library of C data structures and routines, forming a system +apr-util: portability layer to as many operating systems as possible. +apr-util: +apr-util: This package contains additional utility interfaces for APR; +apr-util: including support for XML, LDAP, database interfaces, URI parsing, +apr-util: and more. +apr-util: +apr-util: diff --git a/patches/source/apr/apr.SlackBuild b/patches/source/apr/apr.SlackBuild new file mode 100755 index 000000000..f1f01ded7 --- /dev/null +++ b/patches/source/apr/apr.SlackBuild @@ -0,0 +1,98 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo apr-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-apr +NUMJOBS=${NUMJOBS:-" -j7 "} + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf apr-$VERSION +tar xvf $CWD/apr-$VERSION.tar.bz2 || exit 1 +cd apr-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-installbuilddir=/usr/lib${LIBDIRSUFFIX}/apr-${VERSION}/build-1 \ + --disable-static \ + --with-devrandom=/dev/urandom \ + $ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make dox || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc/apr-$VERSION +cp -a \ + CHANGES LICENSE NOTICE README.dev \ + $PKG/usr/doc/apr-$VERSION + +# This just seems like way too much stuff... +#mv docs/dox/html $PKG/usr/doc/apr-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/apr-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/apr/slack-desc b/patches/source/apr/slack-desc new file mode 100644 index 000000000..2e52660d5 --- /dev/null +++ b/patches/source/apr/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +apr: apr (Apache Portable Runtime) +apr: +apr: The mission of the Apache Portable Runtime (APR) is to provide a +apr: free library of C data structures and routines, forming a system +apr: portability layer to as many operating systems as possible. +apr: +apr: +apr: +apr: +apr: +apr: diff --git a/patches/source/bash/bash.SlackBuild b/patches/source/bash/bash.SlackBuild new file mode 100755 index 000000000..11a1820cc --- /dev/null +++ b/patches/source/bash/bash.SlackBuild @@ -0,0 +1,107 @@ +#!/bin/sh + +# Copyright 2005-2014 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +VERSION=3.1 +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i486 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7lh ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-bash + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +# Determine bash patchlevel: +PATCHLEVEL=`( cd $CWD/patches ; /bin/ls *gz | tail -1 | cut -f 2 -d - | cut -f 1 -d . 2> /dev/null )` +if [ "$PATCHLEVEL" = "" ]; then + PATCHLEVEL=0 +fi + +cd $TMP +rm -rf bash-$VERSION +tar xzvf $CWD/bash-$VERSION.tar.gz || exit 1 +cd bash-$VERSION +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +for patch in $CWD/patches/bash*gz ; do + zcat $patch | patch -p0 --verbose || exit 1 +done +CFLAGS="$SLKCFLAGS" \ +./configure --prefix=/usr $ARCH-slackware-linux +make -j3 || exit 1 +make install DESTDIR=$PKG +mkdir -p $PKG/bin +mv $PKG/usr/bin/bash $PKG/bin/bash2.new +strip --strip-unneeded $PKG/bin/bash2.new +# We don't include the "bashbug" script. +rm -rf $PKG/usr/bin $PKG/usr/man/man1/bashbug.1 +gzip -9 $PKG/usr/man/man1/* +mkdir -p $PKG/usr/doc/bash-$VERSION +cp -a AUTHORS CHANGES COMPAT COPYING INSTALL MANIFEST NEWS NOTES \ + README Y2K doc/FAQ doc/INTRO $PKG/usr/doc/bash-$VERSION +cd doc +groff -ms -Tascii article.ms > $PKG/usr/doc/bash-$VERSION/article.txt +# bash.1 is already installed by "make install" +for page in builtins.1 rbash.1 ; do + cat $page | gzip -9c > $PKG/usr/man/man1/$page.gz +done +rm -f $PKG/usr/info/dir +gzip -9 $PKG/usr/info/* +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +makepkg -l y -c n $TMP/bash-$VERSION.$PATCHLEVEL-$ARCH-$BUILD.txz + +# Clean up the extra stuff: +if [ "$1" = "--cleanup" ]; then + rm -rf $TMP/bash-$VERSION + rm -rf $PKG +fi diff --git a/patches/source/bash/doinst.sh b/patches/source/bash/doinst.sh new file mode 100644 index 000000000..21760838d --- /dev/null +++ b/patches/source/bash/doinst.sh @@ -0,0 +1,18 @@ +if [ -r bin/bash ]; then + mv bin/bash bin/bash.old +fi +mv bin/bash2.new bin/bash +if [ -f bin/bash.old ]; then + rm -f bin/bash.old +fi +if [ ! -r etc/shells ]; then + touch etc/shells + chmod 644 etc/shells +fi +if fgrep "/bin/bash" etc/shells 1> /dev/null 2> /dev/null ; then + true +else + echo "/bin/bash" >> etc/shells +fi +( cd usr/bin ; rm -rf bash ) +( cd usr/bin ; ln -sf /bin/bash bash ) diff --git a/patches/source/bash/patches/bash31-001 b/patches/source/bash/patches/bash31-001 new file mode 100644 index 000000000..4a10a02c1 --- /dev/null +++ b/patches/source/bash/patches/bash31-001 @@ -0,0 +1,104 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-001 + +Bug-Reported-by: Mike Frysinger <vapier@gentoo.org> +Bug-Reference-ID: <20051212015924.GA820@toucan.gentoo.org> <20051214034438.GK1863@toucan.gentoo.org> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2005-12/msg00030.html http://lists.gnu.org/archive/html/bug-bash/2005-12/msg00041.html + +Bug-Description: + +There are parsing problems with compound assignments in several contexts, +including as arguments to builtins like `local', `eval', and `let', and +as multiple assignments in a single command. + +Patch: + +*** ../bash-3.1/parse.y Fri Nov 11 23:14:18 2005 +--- parse.y Fri Dec 16 20:43:07 2005 +*************** +*** 3696,3700 **** + b = builtin_address_internal (token, 0); + if (b && (b->flags & ASSIGNMENT_BUILTIN)) +! parser_state |= PST_ASSIGNOK; + } + +--- 3696,3702 ---- + b = builtin_address_internal (token, 0); + if (b && (b->flags & ASSIGNMENT_BUILTIN)) +! parser_state |= PST_ASSIGNOK; +! else if (STREQ (token, "eval") || STREQ (token, "let")) +! parser_state |= PST_ASSIGNOK; + } + +*************** +*** 4687,4691 **** + { + WORD_LIST *wl, *rl; +! int tok, orig_line_number, orig_token_size; + char *saved_token, *ret; + +--- 4689,4693 ---- + { + WORD_LIST *wl, *rl; +! int tok, orig_line_number, orig_token_size, orig_last_token, assignok; + char *saved_token, *ret; + +*************** +*** 4693,4696 **** +--- 4695,4699 ---- + orig_token_size = token_buffer_size; + orig_line_number = line_number; ++ orig_last_token = last_read_token; + + last_read_token = WORD; /* WORD to allow reserved words here */ +*************** +*** 4699,4702 **** +--- 4702,4707 ---- + token_buffer_size = 0; + ++ assignok = parser_state&PST_ASSIGNOK; /* XXX */ ++ + wl = (WORD_LIST *)NULL; /* ( */ + parser_state |= PST_COMPASSIGN; +*************** +*** 4741,4745 **** + } + +! last_read_token = WORD; + if (wl) + { +--- 4746,4750 ---- + } + +! last_read_token = orig_last_token; /* XXX - was WORD? */ + if (wl) + { +*************** +*** 4753,4756 **** +--- 4758,4765 ---- + if (retlenp) + *retlenp = (ret && *ret) ? strlen (ret) : 0; ++ ++ if (assignok) ++ parser_state |= PST_ASSIGNOK; ++ + return ret; + } +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 0 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 1 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-002 b/patches/source/bash/patches/bash31-002 new file mode 100644 index 000000000..fac9a99af --- /dev/null +++ b/patches/source/bash/patches/bash31-002 @@ -0,0 +1,239 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-002 + +Bug-Reported-by: vapier@gentoo.org +Bug-Reference-ID: <20051210223218.GD3324@toucan.gentoo.org> +Bug-Reference-URL:http://lists.gnu.org/archive/html/bug-bash/2005-12/msg00021.html + +Bug-Description: + +This corrects several omissions in the bash documentation: It adds the new +options to `ulimit', the exact expansions for `case' patterns, clarification +of the language concerning the return value of `[[', and updated version +information. + +Patch: + +*** ../bash-3.1/doc/bash.1 Wed Oct 12 11:40:52 2005 +--- doc/bash.1 Wed Dec 28 19:58:54 2005 +*************** +*** 7,16 **** + .\" chet@po.cwru.edu + .\" +! .\" Last Change: Sat Aug 27 13:28:44 EDT 2005 + .\" + .\" bash_builtins, strip all but Built-Ins section + .if \n(zZ=1 .ig zZ + .if \n(zY=1 .ig zY +! .TH BASH 1 "2005 Aug 27" "GNU Bash-3.1-beta1" + .\" + .\" There's some problem with having a `@' +--- 7,16 ---- + .\" chet@po.cwru.edu + .\" +! .\" Last Change: Wed Dec 28 19:58:45 EST 2005 + .\" + .\" bash_builtins, strip all but Built-Ins section + .if \n(zZ=1 .ig zZ + .if \n(zY=1 .ig zY +! .TH BASH 1 "2005 Dec 28" "GNU Bash-3.1" + .\" + .\" There's some problem with having a `@' +*************** +*** 678,683 **** + is enabled, the match is performed without regard to the case + of alphabetic characters. +! The return value is 0 if the string matches or does not match +! the pattern, respectively, and 1 otherwise. + Any part of the pattern may be quoted to force it to be matched as a + string. +--- 678,683 ---- + is enabled, the match is performed without regard to the case + of alphabetic characters. +! The return value is 0 if the string matches (\fB==\fP) or does not match +! (\fB!=\fP) the pattern, and 1 otherwise. + Any part of the pattern may be quoted to force it to be matched as a + string. +*************** +*** 808,811 **** +--- 808,817 ---- + .B Pathname Expansion + below). ++ The \fIword\fP is expanded using tilde ++ expansion, parameter and variable expansion, arithmetic substituion, ++ command substitution, process substitution and quote removal. ++ Each \fIpattern\fP examined is expanded using tilde ++ expansion, parameter and variable expansion, arithmetic substituion, ++ command substitution, and process substitution. + If the shell option + .B nocasematch +*************** +*** 8485,8489 **** + none are found. + .TP +! \fBulimit\fP [\fB\-SHacdflmnpstuv\fP [\fIlimit\fP]] + Provides control over the resources available to the shell and to + processes started by it, on systems that allow such control. +--- 8485,8489 ---- + none are found. + .TP +! \fBulimit\fP [\fB\-SHacdfilmnpqstuvx\fP [\fIlimit\fP]] + Provides control over the resources available to the shell and to + processes started by it, on systems that allow such control. +*************** +*** 8524,8527 **** +--- 8524,8530 ---- + The maximum size of files created by the shell + .TP ++ .B \-i ++ The maximum number of pending signals ++ .TP + .B \-l + The maximum size that may be locked into memory +*************** +*** 8537,8540 **** +--- 8540,8546 ---- + The pipe size in 512-byte blocks (this may not be set) + .TP ++ .B \-q ++ The maximum number of bytes in POSIX message queues ++ .TP + .B \-s + The maximum stack size +*************** +*** 8548,8551 **** +--- 8554,8560 ---- + .B \-v + The maximum amount of virtual memory available to the shell ++ .TP ++ .B \-x ++ The maximum number of file locks + .PD + .PP +*** ../bash-3.1/doc/bashref.texi Mon Oct 3 15:07:21 2005 +--- doc/bashref.texi Fri Dec 30 10:50:39 2005 +*************** +*** 962,967 **** + is enabled, the match is performed without regard to the case + of alphabetic characters. +! The return value is 0 if the string matches or does not match +! the pattern, respectively, and 1 otherwise. + Any part of the pattern may be quoted to force it to be matched as a + string. +--- 962,967 ---- + is enabled, the match is performed without regard to the case + of alphabetic characters. +! The return value is 0 if the string matches (@samp{==}) or does not +! match (@samp{!=})the pattern, and 1 otherwise. + Any part of the pattern may be quoted to force it to be matched as a + string. +*************** +*** 2599,2603 **** + or inconvenient to obtain with separate utilities. + +! This section briefly the builtins which Bash inherits from + the Bourne Shell, as well as the builtin commands which are unique + to or have been extended in Bash. +--- 2597,2601 ---- + or inconvenient to obtain with separate utilities. + +! This section briefly describes the builtins which Bash inherits from + the Bourne Shell, as well as the builtin commands which are unique + to or have been extended in Bash. +*************** +*** 3834,3838 **** + @btindex ulimit + @example +! ulimit [-acdflmnpstuvSH] [@var{limit}] + @end example + @code{ulimit} provides control over the resources available to processes +--- 3834,3838 ---- + @btindex ulimit + @example +! ulimit [-acdfilmnpqstuvxSH] [@var{limit}] + @end example + @code{ulimit} provides control over the resources available to processes +*************** +*** 3858,3861 **** +--- 3858,3864 ---- + The maximum size of files created by the shell. + ++ @item -i ++ The maximum number of pending signals. ++ + @item -l + The maximum size that may be locked into memory. +*************** +*** 3870,3873 **** +--- 3873,3879 ---- + The pipe buffer size. + ++ @item -q ++ The maximum number of bytes in POSIX message queues. ++ + @item -s + The maximum stack size. +*************** +*** 3882,3885 **** +--- 3888,3894 ---- + The maximum amount of virtual memory available to the process. + ++ @item -x ++ The maximum number of file locks. ++ + @end table + +*************** +*** 4090,4095 **** + + @item -x +! Print a trace of simple commands, \fBfor\fP commands, \fBcase\fP +! commands, \fBselect\fP commands, and arithmetic \fBfor\fP commands + and their arguments or associated word lists after they are + expanded and before they are executed. The value of the @env{PS4} +--- 4103,4108 ---- + + @item -x +! Print a trace of simple commands, @code{for} commands, @code{case} +! commands, @code{select} commands, and arithmetic @code{for} commands + and their arguments or associated word lists after they are + expanded and before they are executed. The value of the @env{PS4} +*** ../bash-3.1/doc/version.texi Tue Sep 20 14:52:56 2005 +--- doc/version.texi Fri Dec 30 10:50:58 2005 +*************** +*** 3,10 **** + @end ignore + +! @set LASTCHANGE Mon Sep 5 11:47:04 EDT 2005 + +! @set EDITION 3.1-beta1 +! @set VERSION 3.1-beta1 +! @set UPDATED 5 September 2005 +! @set UPDATED-MONTH September 2005 +--- 3,10 ---- + @end ignore + +! @set LASTCHANGE Fri Dec 30 10:50:51 EST 2005 + +! @set EDITION 3.1 +! @set VERSION 3.1 +! @set UPDATED 30 December 2005 +! @set UPDATED-MONTH December 2005 +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 1 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 2 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-003 b/patches/source/bash/patches/bash31-003 new file mode 100644 index 000000000..cd36dc83e --- /dev/null +++ b/patches/source/bash/patches/bash31-003 @@ -0,0 +1,47 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-003 + +Bug-Reported-by: Adam Buraczewski <adamb@nor.pl> +Bug-Reference-ID: <200512210950.jBL9o4C2008608@localhost.localdomain> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2005-12/msg00055.html + +Bug-Description: + +A missing #define guard causes bash to not compile when readline is not +configured in, either as the result of explicit disabling or when the +`--enable-minimal-config' option is given to configure. + +Patch: + +*** ../bash-3.1/variables.c Sat Nov 12 21:22:37 2005 +--- variables.c Mon Dec 26 13:34:03 2005 +*************** +*** 861,867 **** +--- 863,871 ---- + char val[INT_STRLEN_BOUND(int) + 1], *v; + ++ #if defined (READLINE) + /* If we are currently assigning to LINES or COLUMNS, don't do anything. */ + if (winsize_assignment) + return; ++ #endif + + v = inttostr (lines, val, sizeof (val)); +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 2 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 3 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-004 b/patches/source/bash/patches/bash31-004 new file mode 100644 index 000000000..4f9d578ef --- /dev/null +++ b/patches/source/bash/patches/bash31-004 @@ -0,0 +1,48 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-004 + +Bug-Reported-by: Mike Frysinger <vapier@gentoo.org> +Bug-Reference-ID: <20051223172359.GF14579@toucan.gentoo.org> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2005-12/msg00062.html + +Bug-Description: + +A local array variable declared at function scope that shadows a variable +of the same name declared in a previous scope did not create a separate +variable instance, but used the previous one. + +Patch: + +*** ../bash-3.1/subst.c Mon Oct 24 09:51:13 2005 +--- subst.c Fri Dec 30 12:11:53 2005 +*************** +*** 2188,2192 **** + { + v = find_variable (name); +! if (v == 0 || array_p (v) == 0) + v = make_local_array_variable (name); + v = assign_array_var_from_string (v, value, flags); +--- 2188,2192 ---- + { + v = find_variable (name); +! if (v == 0 || array_p (v) == 0 || v->context != variable_context) + v = make_local_array_variable (name); + v = assign_array_var_from_string (v, value, flags); +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 3 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 4 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-005 b/patches/source/bash/patches/bash31-005 new file mode 100644 index 000000000..b6d5cdca8 --- /dev/null +++ b/patches/source/bash/patches/bash31-005 @@ -0,0 +1,54 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-005 + +Bug-Reported-by: +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +When tilde expansion fails, POSIX leaves it unspecified whether or not the +word undergoes the additional word expansions. Bash-3.1 as distributed +skipped the rest of the expansions; this patch restores the bash-3.0 behavior. + +This means that something like + USER=ratbert + echo ~$USER + +will echo `~ratbert' rather than `~$USER'. + +Patch: + +*** ../bash-3.1/subst.c Mon Oct 24 09:51:13 2005 +--- subst.c Fri Dec 30 12:11:53 2005 +*************** +*** 6796,6799 **** +--- 6823,6832 ---- + { + temp1 = bash_tilde_expand (temp, tflag); ++ if (temp1 && *temp1 == '~' && STREQ (temp, temp1)) ++ { ++ FREE (temp); ++ FREE (temp1); ++ goto add_character; /* tilde expansion failed */ ++ } + free (temp); + temp = temp1; +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 4 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 5 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-006 b/patches/source/bash/patches/bash31-006 new file mode 100644 index 000000000..8d7499381 --- /dev/null +++ b/patches/source/bash/patches/bash31-006 @@ -0,0 +1,58 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-006 + +Bug-Reported-by: Mike Frysinger <vapier@gentoo.org> +Bug-Reference-ID: <200601120613.11907.vapier@gentoo.org> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2006-01/msg00045.html + +Bug-Description: + +Under some circumstances, Bash can use an incorrect setting for the flag +that indicates whether or not the terminal can auto-wrap, resulting in line- +wrapping errors. + +Patch: + +*** ../bash-3.1/lib/readline/terminal.c Sat Nov 12 20:46:54 2005 +--- lib/readline/terminal.c Tue Jan 31 10:57:54 2006 +*************** +*** 123,127 **** + + /* Non-zero means the terminal can auto-wrap lines. */ +! int _rl_term_autowrap; + + /* Non-zero means that this terminal has a meta key. */ +--- 126,130 ---- + + /* Non-zero means the terminal can auto-wrap lines. */ +! int _rl_term_autowrap = -1; + + /* Non-zero means that this terminal has a meta key. */ +*************** +*** 275,278 **** +--- 278,284 ---- + int rows, cols; + { ++ if (_rl_term_autowrap == -1) ++ _rl_init_terminal_io (rl_terminal_name); ++ + if (rows > 0) + _rl_screenheight = rows; +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 5 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 6 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-007 b/patches/source/bash/patches/bash31-007 new file mode 100644 index 000000000..6233786c4 --- /dev/null +++ b/patches/source/bash/patches/bash31-007 @@ -0,0 +1,121 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-007 + +Bug-Reported-by: Tim Waugh <twaugh@redhat.com>, Laird Breyer <laird@lbreyer.com> +Bug-Reference-ID: <20060105174434.GY16000@redhat.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2006-01/msg00009.html + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=347695 + +Bug-Description: + +When the number of saved jobs exceeds the initial size of the jobs array +(4096 slots), the array must be compacted and reallocated. An error in +the code to do that could cause a segmentation fault. + +Patch: + +*** ../bash-3.1/jobs.c Fri Nov 11 23:13:27 2005 +--- jobs.c Wed Feb 1 13:55:38 2006 +*************** +*** 845,851 **** + { + sigset_t set, oset; +! int nsize, i, j; + JOB **nlist; + + nsize = ((js.j_njobs + JOB_SLOTS - 1) / JOB_SLOTS); + nsize *= JOB_SLOTS; +--- 888,895 ---- + { + sigset_t set, oset; +! int nsize, i, j, ncur, nprev; + JOB **nlist; + ++ ncur = nprev = NO_JOB; + nsize = ((js.j_njobs + JOB_SLOTS - 1) / JOB_SLOTS); + nsize *= JOB_SLOTS; +*************** +*** 855,869 **** + + BLOCK_CHILD (set, oset); +! nlist = (JOB **) xmalloc (nsize * sizeof (JOB *)); + for (i = j = 0; i < js.j_jobslots; i++) + if (jobs[i]) +! nlist[j++] = jobs[i]; + + js.j_firstj = 0; +! js.j_lastj = (j > 0) ? j - 1: 0; + js.j_jobslots = nsize; + +! free (jobs); +! jobs = nlist; + + UNBLOCK_CHILD (oset); +--- 899,947 ---- + + BLOCK_CHILD (set, oset); +! nlist = (js.j_jobslots == nsize) ? jobs : (JOB **) xmalloc (nsize * sizeof (JOB *)); +! + for (i = j = 0; i < js.j_jobslots; i++) + if (jobs[i]) +! { +! if (i == js.j_current) +! ncur = j; +! if (i == js.j_previous) +! nprev = j; +! nlist[j++] = jobs[i]; +! } +! +! #if defined (DEBUG) +! itrace ("realloc_jobs_list: resize jobs list from %d to %d", js.j_jobslots, nsize); +! itrace ("realloc_jobs_list: j_lastj changed from %d to %d", js.j_lastj, (j > 0) ? j - 1 : 0); +! itrace ("realloc_jobs_list: j_njobs changed from %d to %d", js.j_njobs, (j > 0) ? j - 1 : 0); +! #endif + + js.j_firstj = 0; +! js.j_lastj = (j > 0) ? j - 1 : 0; +! js.j_njobs = j; + js.j_jobslots = nsize; + +! /* Zero out remaining slots in new jobs list */ +! for ( ; j < nsize; j++) +! nlist[j] = (JOB *)NULL; +! +! if (jobs != nlist) +! { +! free (jobs); +! jobs = nlist; +! } +! +! if (ncur != NO_JOB) +! js.j_current = ncur; +! if (nprev != NO_JOB) +! js.j_previous = nprev; +! +! /* Need to reset these */ +! if (js.j_current == NO_JOB || js.j_previous == NO_JOB || js.j_current > js.j_lastj || js.j_previous > js.j_lastj) +! reset_current (); +! +! #ifdef DEBUG +! itrace ("realloc_jobs_list: reset js.j_current (%d) and js.j_previous (%d)", js.j_current, js.j_previous); +! #endif + + UNBLOCK_CHILD (oset); +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 6 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 7 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-008 b/patches/source/bash/patches/bash31-008 new file mode 100644 index 000000000..3427b64e0 --- /dev/null +++ b/patches/source/bash/patches/bash31-008 @@ -0,0 +1,51 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-008 + +Bug-Reported-by: Ingemar Nilsson <init@kth.se> +Bug-Reference-ID: <43C38D35.7020404@kth.se> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2006-01/msg00044.html + +Bug-Description: + +In some cases, bash inappropriately allows SIGINT from the terminal to +reach background processes. + +Patch: + +*** ../bash-3.1/jobs.c Fri Nov 11 23:13:27 2005 +--- jobs.c Wed Feb 1 13:55:38 2006 +*************** +*** 2199,2203 **** + wait_sigint_received = 0; + if (job_control == 0) +! old_sigint_handler = set_signal_handler (SIGINT, wait_sigint_handler); + + termination_state = last_command_exit_value; +--- 2298,2306 ---- + wait_sigint_received = 0; + if (job_control == 0) +! { +! old_sigint_handler = set_signal_handler (SIGINT, wait_sigint_handler); +! if (old_sigint_handler == SIG_IGN) +! set_signal_handler (SIGINT, old_sigint_handler); +! } + + termination_state = last_command_exit_value; +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 7 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 8 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-009 b/patches/source/bash/patches/bash31-009 new file mode 100644 index 000000000..8ef229585 --- /dev/null +++ b/patches/source/bash/patches/bash31-009 @@ -0,0 +1,66 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-009 + +Bug-Reported-by: Joshua Neuheisel <jneuheisel@gmail.com> +Bug-Reference-ID: <25d873330601140820v4ad8efd2t8bf683b073c138b3@mail.gmail.com> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2006-01/msg00062.html + +Bug-Description: + +Under some circumstances, background (asynchronous) jobs can set the terminal +process group incorrectly. This can cause a foreground process (including +the foreground shell) to get read errors and exit. + +Patch: + +*** ../bash-3.1/jobs.c Fri Nov 11 23:13:27 2005 +--- jobs.c Wed Feb 1 13:55:38 2006 +*************** +*** 620,625 **** + * the parent gives it away. + * + */ +! if (job_control && newjob->pgrp) + give_terminal_to (newjob->pgrp, 0); + } +--- 634,642 ---- + * the parent gives it away. + * ++ * Don't give the terminal away if this shell is an asynchronous ++ * subshell. ++ * + */ +! if (job_control && newjob->pgrp && (subshell_environment&SUBSHELL_ASYNC) == 0) + give_terminal_to (newjob->pgrp, 0); + } +*************** +*** 1656,1660 **** + shell's process group (we could be in the middle of a + pipeline, for example). */ +! if (async_p == 0 && pipeline_pgrp != shell_pgrp) + give_terminal_to (pipeline_pgrp, 0); + +--- 1743,1747 ---- + shell's process group (we could be in the middle of a + pipeline, for example). */ +! if (async_p == 0 && pipeline_pgrp != shell_pgrp && ((subshell_environment&SUBSHELL_ASYNC) == 0)) + give_terminal_to (pipeline_pgrp, 0); + +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 8 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 9 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-010 b/patches/source/bash/patches/bash31-010 new file mode 100644 index 000000000..066a3242d --- /dev/null +++ b/patches/source/bash/patches/bash31-010 @@ -0,0 +1,54 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-010 + +Bug-Reported-by: vw@vonwolff.de +Bug-Reference-ID: <20060123135234.1AC2F1D596@wst07.vonwolff.de> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2006-01/msg00090.html + +Bug-Description: + +There is a difference in behavior between bash-3.0 and bash-3.1 involving +parsing of single- and double-quoted strings occurring in old-style +command substitution. The difference has to do with how backslashes are +processed. This patch restores a measure of backwards compatibility while +the question of POSIX conformance and ultimately correct behavior is discussed. + +Patch: + +*** ../bash-3.1/parse.y Fri Nov 11 23:14:18 2005 +--- parse.y Wed Jan 25 14:55:18 2006 +*************** +*** 2899,2903 **** + else if MBTEST(qc == '`' && (ch == '"' || ch == '\'') && in_comment == 0) + { +! nestret = parse_matched_pair (0, ch, ch, &nestlen, rflags); + goto add_nestret; + } +--- 2901,2909 ---- + else if MBTEST(qc == '`' && (ch == '"' || ch == '\'') && in_comment == 0) + { +! /* Add P_ALLOWESC so backslash quotes the next character and +! shell_getc does the right thing with \<newline>. We do this for +! a measure of backwards compatibility -- it's not strictly the +! right POSIX thing. */ +! nestret = parse_matched_pair (0, ch, ch, &nestlen, rflags|P_ALLOWESC); + goto add_nestret; + } +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 9 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 10 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-011 b/patches/source/bash/patches/bash31-011 new file mode 100644 index 000000000..025b83907 --- /dev/null +++ b/patches/source/bash/patches/bash31-011 @@ -0,0 +1,47 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-011 + +Bug-Reported-by: Mike Stroyan <mike.stroyan@hp.com> +Bug-Reference-ID: <E1EvwxP-0004LD-GC@localhost.localdomain> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2006-01/msg00033.html + +Bug-Description: + +A change in bash-3.1 caused the single quotes to be stripped from ANSI-C +quoting inside double-quoted command substitutions. + +Patch: + +*** ../bash-3.1/parse.y Fri Nov 11 23:14:18 2005 +--- parse.y Wed Jan 25 14:55:18 2006 +*************** +*** 2908,2912 **** + count--; + if (ch == '(') /* ) */ +! nestret = parse_matched_pair (0, '(', ')', &nestlen, rflags); + else if (ch == '{') /* } */ + nestret = parse_matched_pair (0, '{', '}', &nestlen, P_FIRSTCLOSE|rflags); +--- 2914,2918 ---- + count--; + if (ch == '(') /* ) */ +! nestret = parse_matched_pair (0, '(', ')', &nestlen, rflags & ~P_DQUOTE); + else if (ch == '{') /* } */ + nestret = parse_matched_pair (0, '{', '}', &nestlen, P_FIRSTCLOSE|rflags); +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 10 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 11 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-012 b/patches/source/bash/patches/bash31-012 new file mode 100644 index 000000000..b0ddb3a48 --- /dev/null +++ b/patches/source/bash/patches/bash31-012 @@ -0,0 +1,47 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-012 + +Bug-Reported-by: Alexander Kshevetskiy <alex@dgap.mipt.ru> +Bug-Reference-ID: <308374997.20060124175849@dgap.mipt.ru> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2006-01/msg00097.html + +Bug-Description: + +There is a parsing problem involving parentheses in assignment statements +that causes words to be terminated prematurely. + +Patch: + +*** ../bash-3.1/parse.y Fri Nov 11 23:14:18 2005 +--- parse.y Wed Jan 25 14:55:18 2006 +*************** +*** 3579,3583 **** + all_digit_token = 0; + compound_assignment = 1; +! #if 0 + goto next_character; + #else +--- 3584,3588 ---- + all_digit_token = 0; + compound_assignment = 1; +! #if 1 + goto next_character; + #else +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 11 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 12 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-013 b/patches/source/bash/patches/bash31-013 new file mode 100644 index 000000000..93c7c8fc8 --- /dev/null +++ b/patches/source/bash/patches/bash31-013 @@ -0,0 +1,44 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-013 + +Bug-Reported-by: Bob Rossi <bob@brasko.net> +Bug-Reference-ID: <43F60606.80708@case.edu> +Bug-Reference-URL: + +Bug-Description: + +In some cases, readline will reference freed memory when attempting to +display a portion of the prompt. + +Patch: + +*** ../bash-3.1-patched/lib/readline/readline.c Mon Jul 4 22:29:35 2005 +--- lib/readline/readline.c Fri Feb 17 22:54:22 2006 +*************** +*** 282,287 **** +--- 282,288 ---- + { + FREE (rl_prompt); + rl_prompt = prompt ? savestring (prompt) : (char *)NULL; ++ rl_display_prompt = rl_prompt ? rl_prompt : ""; + + rl_visible_prompt_length = rl_expand_prompt (rl_prompt); + return 0; +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 12 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 13 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-014 b/patches/source/bash/patches/bash31-014 new file mode 100644 index 000000000..82ff9b408 --- /dev/null +++ b/patches/source/bash/patches/bash31-014 @@ -0,0 +1,105 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-014 + +Bug-Reported-by: Mike Stroyan <mike.stroyan@hp.com> +Bug-Reference-ID: <20060203191607.GC27614@localhost> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2006-02/msg00004.html + +Bug-Description: + +The displayed search prompt is corrupted when using non-incremental +searches in vi and emacs mode if the prompt contains non-printing +characters or spans multiple lines. The prompt is expanded more than +once; the second time without the escape sequences that protect non- +printing characters from the length calculations. + +Patch: + +*** ../bash-3.1-patched/lib/readline/display.c Wed Nov 30 14:05:02 2005 +--- lib/readline/display.c Sat Feb 18 12:14:58 2006 +*************** +*** 1983,1993 **** + int pchar; + { + int len; +! char *pmt; + + rl_save_prompt (); + +! if (saved_local_prompt == 0) + { + len = (rl_prompt && *rl_prompt) ? strlen (rl_prompt) : 0; + pmt = (char *)xmalloc (len + 2); +--- 1998,2012 ---- + int pchar; + { + int len; +! char *pmt, *p; + + rl_save_prompt (); + +! /* We've saved the prompt, and can do anything with the various prompt +! strings we need before they're restored. We want the unexpanded +! portion of the prompt string after any final newline. */ +! p = rl_prompt ? strrchr (rl_prompt, '\n') : 0; +! if (p == 0) + { + len = (rl_prompt && *rl_prompt) ? strlen (rl_prompt) : 0; + pmt = (char *)xmalloc (len + 2); +*************** +*** 1998,2016 **** + } + else + { +! len = *saved_local_prompt ? strlen (saved_local_prompt) : 0; + pmt = (char *)xmalloc (len + 2); + if (len) +! strcpy (pmt, saved_local_prompt); + pmt[len] = pchar; + pmt[len+1] = '\0'; +! local_prompt = savestring (pmt); +! prompt_last_invisible = saved_last_invisible; +! prompt_visible_length = saved_visible_length + 1; +! } + + prompt_physical_chars = saved_physical_chars + 1; +- + return pmt; + } + +--- 2017,2033 ---- + } + else + { +! p++; +! len = strlen (p); + pmt = (char *)xmalloc (len + 2); + if (len) +! strcpy (pmt, p); + pmt[len] = pchar; + pmt[len+1] = '\0'; +! } + ++ /* will be overwritten by expand_prompt, called from rl_message */ + prompt_physical_chars = saved_physical_chars + 1; + return pmt; + } + +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 13 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 14 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-015 b/patches/source/bash/patches/bash31-015 new file mode 100644 index 000000000..deb9eed58 --- /dev/null +++ b/patches/source/bash/patches/bash31-015 @@ -0,0 +1,106 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-015 + +Bug-Reported-by: Benoit Vila +Bug-Reference-ID: <43FCA614.1090108@free.fr> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2006-02/msg00058.html + +Bug-Description: + +A problem with the extended globbing code prevented dots from matching +filenames when used in some extended matching patterns. + +Patch: + +*** ../bash-3.1-patched/lib/glob/sm_loop.c Sun Oct 16 21:21:04 2005 +--- lib/glob/sm_loop.c Mon Feb 27 17:18:43 2006 +*************** +*** 639,643 **** + CHAR *pnext; /* pointer to next sub-pattern */ + CHAR *srest; /* pointer to rest of string */ +! int m1, m2; + + #if DEBUG_MATCHING +--- 638,642 ---- + CHAR *pnext; /* pointer to next sub-pattern */ + CHAR *srest; /* pointer to rest of string */ +! int m1, m2, xflags; /* xflags = flags passed to recursive matches */ + + #if DEBUG_MATCHING +*************** +*** 645,648 **** +--- 644,648 ---- + fprintf(stderr, "extmatch: s = %s; se = %s\n", s, se); + fprintf(stderr, "extmatch: p = %s; pe = %s\n", p, pe); ++ fprintf(stderr, "extmatch: flags = %d\n", flags); + #endif + +*************** +*** 678,683 **** + multiple matches of the pattern. */ + if (m1) +! m2 = (GMATCH (srest, se, prest, pe, flags) == 0) || +! (s != srest && GMATCH (srest, se, p - 1, pe, flags) == 0); + if (m1 && m2) + return (0); +--- 678,687 ---- + multiple matches of the pattern. */ + if (m1) +! { +! /* if srest > s, we are not at start of string */ +! xflags = (srest > s) ? (flags & ~FNM_PERIOD) : flags; +! m2 = (GMATCH (srest, se, prest, pe, xflags) == 0) || +! (s != srest && GMATCH (srest, se, p - 1, pe, xflags) == 0); +! } + if (m1 && m2) + return (0); +*************** +*** 705,710 **** + for ( ; srest <= se; srest++) + { + if (GMATCH (s, srest, psub, pnext - 1, flags) == 0 && +! GMATCH (srest, se, prest, pe, flags) == 0) + return (0); + } +--- 709,716 ---- + for ( ; srest <= se; srest++) + { ++ /* if srest > s, we are not at start of string */ ++ xflags = (srest > s) ? (flags & ~FNM_PERIOD) : flags; + if (GMATCH (s, srest, psub, pnext - 1, flags) == 0 && +! GMATCH (srest, se, prest, pe, xflags) == 0) + return (0); + } +*************** +*** 727,731 **** + break; + } +! if (m1 == 0 && GMATCH (srest, se, prest, pe, flags) == 0) + return (0); + } +--- 733,739 ---- + break; + } +! /* if srest > s, we are not at start of string */ +! xflags = (srest > s) ? (flags & ~FNM_PERIOD) : flags; +! if (m1 == 0 && GMATCH (srest, se, prest, pe, xflags) == 0) + return (0); + } +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 14 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 15 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-016 b/patches/source/bash/patches/bash31-016 new file mode 100644 index 000000000..fa0ffe1c7 --- /dev/null +++ b/patches/source/bash/patches/bash31-016 @@ -0,0 +1,51 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-016 + +Bug-Reported-by: Nikita Danilov <nikita@clusterfs.com> +Bug-Reference-ID: <17397.51015.769854.541057@gargle.gargle.HOWL> +Bug-Reference-URL: http://lists.gnu.org/archive/html/bug-bash/2006-02/msg00064.html + +Bug-Description: + +Bash will dump core when attempting to perform globbing in directories with +very large numbers of files. + +Patch: + +*** ../bash-3.1-patched/lib/glob/glob.c Thu Mar 24 12:42:27 2005 +--- lib/glob/glob.c Fri Mar 3 16:54:12 2006 +*************** +*** 361,364 **** +--- 361,365 ---- + + firstmalloc = 0; ++ nalloca = 0; + + /* If PAT is empty, skip the loop, but return one (empty) filename. */ +*************** +*** 547,550 **** +--- 551,556 ---- + tmplink = lastlink; + } ++ else ++ tmplink = 0; + free (lastlink->name); + lastlink = lastlink->next; +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 15 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 16 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-017 b/patches/source/bash/patches/bash31-017 new file mode 100644 index 000000000..84f891551 --- /dev/null +++ b/patches/source/bash/patches/bash31-017 @@ -0,0 +1,131 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-017 + +Bug-Reported-by: syphir@syphir.sytes.net +Bug-Reference-ID: <442421F5.3010105@syphir.sytes.net> +Bug-Reference-URL: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=358831 + +Bug-Description: + +Array expansion fails with an arithmetic syntax error when the subscript +appears within double quotes. For example: ${a["4"]}. + +Patch: + +*** ../bash-3.1-patched/subst.c Wed Apr 12 08:47:08 2006 +--- subst.c Wed Apr 12 08:49:02 2006 +*************** +*** 2576,2579 **** +--- 2576,2586 ---- + } + ++ char * ++ expand_arith_string (string, quoted) ++ char *string; ++ { ++ return (expand_string_if_necessary (string, quoted, expand_string)); ++ } ++ + #if defined (COND_COMMAND) + /* Just remove backslashes in STRING. Returns a new string. */ +*************** +*** 5249,5253 **** + t = (char *)0; + +! temp1 = expand_string_if_necessary (substr, Q_DOUBLE_QUOTES, expand_string); + *e1p = evalexp (temp1, &expok); + free (temp1); +--- 5256,5260 ---- + t = (char *)0; + +! temp1 = expand_arith_string (substr, Q_DOUBLE_QUOTES); + *e1p = evalexp (temp1, &expok); + free (temp1); +*************** +*** 5294,5298 **** + t++; + temp2 = savestring (t); +! temp1 = expand_string_if_necessary (temp2, Q_DOUBLE_QUOTES, expand_string); + free (temp2); + t[-1] = ':'; +--- 5301,5305 ---- + t++; + temp2 = savestring (t); +! temp1 = expand_arith_string (temp2, Q_DOUBLE_QUOTES); + free (temp2); + t[-1] = ':'; +*************** +*** 6436,6440 **** + + /* Expand variables found inside the expression. */ +! temp1 = expand_string_if_necessary (temp2, Q_DOUBLE_QUOTES, expand_string); + free (temp2); + +--- 6443,6447 ---- + + /* Expand variables found inside the expression. */ +! temp1 = expand_arith_string (temp2, Q_DOUBLE_QUOTES); + free (temp2); + +*************** +*** 6478,6482 **** + + /* Do initial variable expansion. */ +! temp1 = expand_string_if_necessary (temp, Q_DOUBLE_QUOTES, expand_string); + + goto arithsub; +--- 6485,6489 ---- + + /* Do initial variable expansion. */ +! temp1 = expand_arith_string (temp, Q_DOUBLE_QUOTES); + + goto arithsub; +*** ../bash-3.1-patched/subst.h Sun Nov 7 15:12:28 2004 +--- subst.h Mon Mar 27 09:10:38 2006 +*************** +*** 152,155 **** +--- 152,158 ---- + extern char *expand_assignment_string_to_string __P((char *, int)); + ++ /* Expand an arithmetic expression string */ ++ extern char *expand_arith_string __P((char *, int)); ++ + /* De-quoted quoted characters in STRING. */ + extern char *dequote_string __P((char *)); +*** ../bash-3.1-patched/arrayfunc.c Mon Jul 4 20:25:58 2005 +--- arrayfunc.c Mon Mar 27 09:10:47 2006 +*************** +*** 593,601 **** + strncpy (exp, s, len - 1); + exp[len - 1] = '\0'; +! #if 0 +! t = expand_string_to_string (exp, 0); +! #else +! t = expand_string_to_string (exp, Q_DOUBLE_QUOTES); +! #endif + this_command_name = (char *)NULL; + val = evalexp (t, &expok); +--- 591,595 ---- + strncpy (exp, s, len - 1); + exp[len - 1] = '\0'; +! t = expand_arith_string (exp, 0); + this_command_name = (char *)NULL; + val = evalexp (t, &expok); +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 16 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 17 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-018 b/patches/source/bash/patches/bash31-018 new file mode 100644 index 000000000..38510f902 --- /dev/null +++ b/patches/source/bash/patches/bash31-018 @@ -0,0 +1,104 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-018 + +Bug-Reported-by: Stephane Chazelas <stephane.chazelas@gmail.com> +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +Under certain circumstances, bash will execute user code while processing the +environment for exported function definitions. + +Patch: + +*** ../bash-3.1.17/builtins/common.h 2004-09-09 13:21:08.000000000 -0400 +--- builtins/common.h 2014-09-16 22:00:02.000000000 -0400 +*************** +*** 34,37 **** +--- 34,39 ---- + + /* Flags for describe_command, shared between type.def and command.def */ ++ #define SEVAL_FUNCDEF 0x080 /* only allow function definitions */ ++ #define SEVAL_ONECMD 0x100 /* only allow a single command */ + #define CDESC_ALL 0x001 /* type -a */ + #define CDESC_SHORTDESC 0x002 /* command -V */ +*** ../bash-3.1.17/builtins/evalstring.c 2005-10-30 18:28:24.000000000 -0500 +--- builtins/evalstring.c 2014-09-16 22:00:02.000000000 -0400 +*************** +*** 224,227 **** +--- 224,235 ---- + struct fd_bitmap *bitmap; + ++ if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def) ++ { ++ internal_warning ("%s: ignoring function definition attempt", from_file); ++ should_jump_to_top_level = 0; ++ last_result = last_command_exit_value = EX_BADUSAGE; ++ break; ++ } ++ + bitmap = new_fd_bitmap (FD_BITMAP_SIZE); + begin_unwind_frame ("pe_dispose"); +*************** +*** 279,282 **** +--- 287,293 ---- + dispose_fd_bitmap (bitmap); + discard_unwind_frame ("pe_dispose"); ++ ++ if (flags & SEVAL_ONECMD) ++ break; + } + } +*** ../bash-3.1.17/variables.c 2006-03-10 16:56:29.000000000 -0500 +--- variables.c 2014-09-16 22:00:02.000000000 -0400 +*************** +*** 311,320 **** + strcpy (temp_string + char_index + 1, string); + +! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST); +! +! /* Ancient backwards compatibility. Old versions of bash exported +! functions like name()=() {...} */ +! if (name[char_index - 1] == ')' && name[char_index - 2] == '(') +! name[char_index - 2] = '\0'; + + if (temp_var = find_function (name)) +--- 311,318 ---- + strcpy (temp_string + char_index + 1, string); + +! /* Don't import function names that are invalid identifiers from the +! environment. */ +! if (legal_identifier (name)) +! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); + + if (temp_var = find_function (name)) +*************** +*** 325,332 **** + else + report_error (_("error importing function definition for `%s'"), name); +- +- /* ( */ +- if (name[char_index - 1] == ')' && name[char_index - 2] == '\0') +- name[char_index - 2] = '('; /* ) */ + } + #if defined (ARRAY_VARS) +--- 323,326 ---- +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 17 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 18 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-019 b/patches/source/bash/patches/bash31-019 new file mode 100644 index 000000000..d39f63b45 --- /dev/null +++ b/patches/source/bash/patches/bash31-019 @@ -0,0 +1,43 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-019 + +Bug-Reported-by: Tavis Ormandy <taviso@cmpxchg8b.com> +Bug-Reference-ID: +Bug-Reference-URL: http://twitter.com/taviso/statuses/514887394294652929 + +Bug-Description: + +Under certain circumstances, bash can incorrectly save a lookahead character and +return it on a subsequent call, even when reading a new line. + +Patch: + +*** ../bash-3.1.18/parse.y 2006-04-12 08:40:35.000000000 -0400 +--- parse.y 2014-09-25 16:40:46.000000000 -0400 +*************** +*** 2501,2504 **** +--- 2501,2506 ---- + word_desc_to_read = (WORD_DESC *)NULL; + ++ eol_ungetc_lookahead = 0; ++ + last_read_token = '\n'; + token_to_read = '\n'; +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 18 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 19 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-020 b/patches/source/bash/patches/bash31-020 new file mode 100644 index 000000000..8a488a4f3 --- /dev/null +++ b/patches/source/bash/patches/bash31-020 @@ -0,0 +1,217 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-020 + +Bug-Reported-by: Florian Weimer <fweimer@redhat.com> +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +This patch changes the encoding bash uses for exported functions to avoid +clashes with shell variables and to avoid depending only on an environment +variable's contents to determine whether or not to interpret it as a shell +function. + +Patch: + +*** ../bash-3.1.19/variables.c 2014-09-16 22:00:02.000000000 -0400 +--- variables.c 2014-09-27 21:02:50.000000000 -0400 +*************** +*** 75,78 **** +--- 75,83 ---- + #define ifsname(s) ((s)[0] == 'I' && (s)[1] == 'F' && (s)[2] == 'S' && (s)[3] == '\0') + ++ #define BASHFUNC_PREFIX "BASH_FUNC_" ++ #define BASHFUNC_PREFLEN 10 /* == strlen(BASHFUNC_PREFIX */ ++ #define BASHFUNC_SUFFIX "%%" ++ #define BASHFUNC_SUFFLEN 2 /* == strlen(BASHFUNC_SUFFIX) */ ++ + extern char **environ; + +*************** +*** 240,244 **** + static void dispose_temporary_env __P((sh_free_func_t *)); + +! static inline char *mk_env_string __P((const char *, const char *)); + static char **make_env_array_from_var_list __P((SHELL_VAR **)); + static char **make_var_export_array __P((VAR_CONTEXT *)); +--- 245,249 ---- + static void dispose_temporary_env __P((sh_free_func_t *)); + +! static inline char *mk_env_string __P((const char *, const char *, int)); + static char **make_env_array_from_var_list __P((SHELL_VAR **)); + static char **make_var_export_array __P((VAR_CONTEXT *)); +*************** +*** 302,320 **** + /* If exported function, define it now. Don't import functions from + the environment in privileged mode. */ +! if (privmode == 0 && read_but_dont_execute == 0 && STREQN ("() {", string, 4)) + { + string_length = strlen (string); +! temp_string = (char *)xmalloc (3 + string_length + char_index); + +! strcpy (temp_string, name); +! temp_string[char_index] = ' '; +! strcpy (temp_string + char_index + 1, string); + + /* Don't import function names that are invalid identifiers from the + environment. */ +! if (legal_identifier (name)) +! parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); + +! if (temp_var = find_function (name)) + { + VSETATTR (temp_var, (att_exported|att_imported)); +--- 307,336 ---- + /* If exported function, define it now. Don't import functions from + the environment in privileged mode. */ +! if (privmode == 0 && read_but_dont_execute == 0 && +! STREQN (BASHFUNC_PREFIX, name, BASHFUNC_PREFLEN) && +! STREQ (BASHFUNC_SUFFIX, name + char_index - BASHFUNC_SUFFLEN) && +! STREQN ("() {", string, 4)) + { ++ size_t namelen; ++ char *tname; /* desired imported function name */ ++ ++ namelen = char_index - BASHFUNC_PREFLEN - BASHFUNC_SUFFLEN; ++ ++ tname = name + BASHFUNC_PREFLEN; /* start of func name */ ++ tname[namelen] = '\0'; /* now tname == func name */ ++ + string_length = strlen (string); +! temp_string = (char *)xmalloc (namelen + string_length + 2); + +! memcpy (temp_string, tname, namelen); +! temp_string[namelen] = ' '; +! memcpy (temp_string + namelen + 1, string, string_length + 1); + + /* Don't import function names that are invalid identifiers from the + environment. */ +! if (absolute_program (tname) == 0 && (posixly_correct == 0 || legal_identifier (tname))) +! parse_and_execute (temp_string, tname, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD); + +! if (temp_var = find_function (tname)) + { + VSETATTR (temp_var, (att_exported|att_imported)); +*************** +*** 322,326 **** + } + else +! report_error (_("error importing function definition for `%s'"), name); + } + #if defined (ARRAY_VARS) +--- 338,345 ---- + } + else +! report_error (_("error importing function definition for `%s'"), tname); +! +! /* Restore original suffix */ +! tname[namelen] = BASHFUNC_SUFFIX[0]; + } + #if defined (ARRAY_VARS) +*************** +*** 2215,2219 **** + + INVALIDATE_EXPORTSTR (var); +! var->exportstr = mk_env_string (name, value); + + array_needs_making = 1; +--- 2234,2238 ---- + + INVALIDATE_EXPORTSTR (var); +! var->exportstr = mk_env_string (name, value, 0); + + array_needs_making = 1; +*************** +*** 3003,3021 **** + + static inline char * +! mk_env_string (name, value) + const char *name, *value; + { +! int name_len, value_len; +! char *p; + + name_len = strlen (name); + value_len = STRLEN (value); +! p = (char *)xmalloc (2 + name_len + value_len); +! strcpy (p, name); +! p[name_len] = '='; + if (value && *value) +! strcpy (p + name_len + 1, value); + else +! p[name_len + 1] = '\0'; + return (p); + } +--- 3022,3061 ---- + + static inline char * +! mk_env_string (name, value, isfunc) + const char *name, *value; ++ int isfunc; + { +! size_t name_len, value_len; +! char *p, *q; + + name_len = strlen (name); + value_len = STRLEN (value); +! +! /* If we are exporting a shell function, construct the encoded function +! name. */ +! if (isfunc && value) +! { +! p = (char *)xmalloc (BASHFUNC_PREFLEN + name_len + BASHFUNC_SUFFLEN + value_len + 2); +! q = p; +! memcpy (q, BASHFUNC_PREFIX, BASHFUNC_PREFLEN); +! q += BASHFUNC_PREFLEN; +! memcpy (q, name, name_len); +! q += name_len; +! memcpy (q, BASHFUNC_SUFFIX, BASHFUNC_SUFFLEN); +! q += BASHFUNC_SUFFLEN; +! } +! else +! { +! p = (char *)xmalloc (2 + name_len + value_len); +! memcpy (p, name, name_len); +! q = p + name_len; +! } +! +! q[0] = '='; + if (value && *value) +! memcpy (q + 1, value, value_len + 1); + else +! q[1] = '\0'; +! + return (p); + } +*************** +*** 3092,3096 **** + using the cached exportstr... */ + list[list_index] = USE_EXPORTSTR ? savestring (value) +! : mk_env_string (var->name, value); + + if (USE_EXPORTSTR == 0) +--- 3132,3136 ---- + using the cached exportstr... */ + list[list_index] = USE_EXPORTSTR ? savestring (value) +! : mk_env_string (var->name, value, function_p (var)); + + if (USE_EXPORTSTR == 0) +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 19 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 20 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-021 b/patches/source/bash/patches/bash31-021 new file mode 100644 index 000000000..9e07c2868 --- /dev/null +++ b/patches/source/bash/patches/bash31-021 @@ -0,0 +1,147 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-021 + +Bug-Reported-by: Florian Weimer <fweimer@redhat.com> +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +There are two local buffer overflows in parse.y that can cause the shell +to dump core when given many here-documents attached to a single command +or many nested loops. + +Patch: + +*** ../bash-3.1.20/parse.y 2014-09-27 12:16:39.000000000 -0400 +--- parse.y 2014-09-30 19:49:41.000000000 -0400 +*************** +*** 167,170 **** +--- 167,173 ---- + static int reserved_word_acceptable __P((int)); + static int yylex __P((void)); ++ ++ static void push_heredoc __P((REDIRECT *)); ++ static char *mk_alexpansion __P((char *)); + static int alias_expand_token __P((char *)); + static int time_command_acceptable __P((void)); +*************** +*** 259,263 **** + /* Variables to manage the task of reading here documents, because we need to + defer the reading until after a complete command has been collected. */ +! static REDIRECT *redir_stack[10]; + int need_here_doc; + +--- 262,268 ---- + /* Variables to manage the task of reading here documents, because we need to + defer the reading until after a complete command has been collected. */ +! #define HEREDOC_MAX 16 +! +! static REDIRECT *redir_stack[HEREDOC_MAX]; + int need_here_doc; + +*************** +*** 285,289 **** + index is decremented after a case, select, or for command is parsed. */ + #define MAX_CASE_NEST 128 +! static int word_lineno[MAX_CASE_NEST]; + static int word_top = -1; + +--- 290,294 ---- + index is decremented after a case, select, or for command is parsed. */ + #define MAX_CASE_NEST 128 +! static int word_lineno[MAX_CASE_NEST+1]; + static int word_top = -1; + +*************** +*** 430,434 **** + redir.filename = $2; + $$ = make_redirection (0, r_reading_until, redir); +! redir_stack[need_here_doc++] = $$; + } + | NUMBER LESS_LESS WORD +--- 435,439 ---- + redir.filename = $2; + $$ = make_redirection (0, r_reading_until, redir); +! push_heredoc ($$); + } + | NUMBER LESS_LESS WORD +*************** +*** 436,440 **** + redir.filename = $3; + $$ = make_redirection ($1, r_reading_until, redir); +! redir_stack[need_here_doc++] = $$; + } + | LESS_LESS_LESS WORD +--- 441,445 ---- + redir.filename = $3; + $$ = make_redirection ($1, r_reading_until, redir); +! push_heredoc ($$); + } + | LESS_LESS_LESS WORD +*************** +*** 493,497 **** + $$ = make_redirection + (0, r_deblank_reading_until, redir); +! redir_stack[need_here_doc++] = $$; + } + | NUMBER LESS_LESS_MINUS WORD +--- 498,502 ---- + $$ = make_redirection + (0, r_deblank_reading_until, redir); +! push_heredoc ($$); + } + | NUMBER LESS_LESS_MINUS WORD +*************** +*** 500,504 **** + $$ = make_redirection + ($1, r_deblank_reading_until, redir); +! redir_stack[need_here_doc++] = $$; + } + | GREATER_AND '-' +--- 505,509 ---- + $$ = make_redirection + ($1, r_deblank_reading_until, redir); +! push_heredoc ($$); + } + | GREATER_AND '-' +*************** +*** 2211,2214 **** +--- 2216,2234 ---- + static int esacs_needed_count; + ++ static void ++ push_heredoc (r) ++ REDIRECT *r; ++ { ++ if (need_here_doc >= HEREDOC_MAX) ++ { ++ last_command_exit_value = EX_BADUSAGE; ++ need_here_doc = 0; ++ report_syntax_error (_("maximum here-document count exceeded")); ++ reset_parser (); ++ exit_shell (last_command_exit_value); ++ } ++ redir_stack[need_here_doc++] = r; ++ } ++ + void + gather_here_documents () +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 20 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 21 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-022 b/patches/source/bash/patches/bash31-022 new file mode 100644 index 000000000..503ad0f9e --- /dev/null +++ b/patches/source/bash/patches/bash31-022 @@ -0,0 +1,59 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-022 + +Bug-Reported-by: Michal Zalewski <lcamtuf@coredump.cx> +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +When bash is parsing a function definition that contains a here-document +delimited by end-of-file (or end-of-string), it leaves the closing delimiter +uninitialized. This can result in an invalid memory access when the parsed +function is later copied. + +Patch: + +*** ../bash-3.1.21/make_cmd.c 2005-07-07 08:14:57.000000000 -0400 +--- make_cmd.c 2014-10-02 20:33:47.000000000 -0400 +*************** +*** 672,675 **** +--- 672,676 ---- + temp->redirector = source; + temp->redirectee = dest_and_filename; ++ temp->here_doc_eof = 0; + temp->instruction = instruction; + temp->flags = 0; +*** ../bash-3.1.21/copy_cmd.c 2003-10-07 11:43:44.000000000 -0400 +--- copy_cmd.c 2014-10-02 20:33:47.000000000 -0400 +*************** +*** 117,121 **** + case r_reading_until: + case r_deblank_reading_until: +! new_redirect->here_doc_eof = savestring (redirect->here_doc_eof); + /*FALLTHROUGH*/ + case r_reading_string: +--- 117,121 ---- + case r_reading_until: + case r_deblank_reading_until: +! new_redirect->here_doc_eof = redirect->here_doc_eof ? savestring (redirect->here_doc_eof) : 0; + /*FALLTHROUGH*/ + case r_reading_string: +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 21 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 22 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/patches/bash31-023 b/patches/source/bash/patches/bash31-023 new file mode 100644 index 000000000..4dbbf78b7 --- /dev/null +++ b/patches/source/bash/patches/bash31-023 @@ -0,0 +1,125 @@ + BASH PATCH REPORT + ================= + +Bash-Release: 3.1 +Patch-ID: bash31-023 + +Bug-Reported-by: Michal Zalewski <lcamtuf@coredump.cx> +Bug-Reference-ID: +Bug-Reference-URL: + +Bug-Description: + +A combination of nested command substitutions and function importing from +the environment can cause bash to execute code appearing in the environment +variable value following the function definition. + +Patch: + +*** ../bash-3.1.22/builtins/evalstring.c 2014-09-16 22:00:02.000000000 -0400 +--- builtins/evalstring.c 2014-10-04 16:10:47.000000000 -0400 +*************** +*** 44,47 **** +--- 44,48 ---- + #include "../redir.h" + #include "../trap.h" ++ #include "../bashintl.h" + + #if defined (HISTORY) +*************** +*** 224,233 **** + struct fd_bitmap *bitmap; + +! if ((flags & SEVAL_FUNCDEF) && command->type != cm_function_def) + { +! internal_warning ("%s: ignoring function definition attempt", from_file); +! should_jump_to_top_level = 0; +! last_result = last_command_exit_value = EX_BADUSAGE; +! break; + } + +--- 225,247 ---- + struct fd_bitmap *bitmap; + +! if (flags & SEVAL_FUNCDEF) + { +! char *x; +! +! /* If the command parses to something other than a straight +! function definition, or if we have not consumed the entire +! string, or if the parser has transformed the function +! name (as parsing will if it begins or ends with shell +! whitespace, for example), reject the attempt */ +! if (command->type != cm_function_def || +! ((x = parser_remaining_input ()) && *x) || +! (STREQ (from_file, command->value.Function_def->name->word) == 0)) +! { +! internal_warning (_("%s: ignoring function definition attempt"), from_file); +! should_jump_to_top_level = 0; +! last_result = last_command_exit_value = EX_BADUSAGE; +! reset_parser (); +! break; +! } + } + +*************** +*** 289,293 **** + + if (flags & SEVAL_ONECMD) +! break; + } + } +--- 303,310 ---- + + if (flags & SEVAL_ONECMD) +! { +! reset_parser (); +! break; +! } + } + } +*** ../bash-3.1.22/parse.y 2014-09-30 19:49:41.000000000 -0400 +--- parse.y 2014-10-04 16:10:47.000000000 -0400 +*************** +*** 2122,2125 **** +--- 2122,2135 ---- + } + ++ char * ++ parser_remaining_input () ++ { ++ if (shell_input_line == 0) ++ return 0; ++ if (shell_input_line_index < 0 || shell_input_line_index >= shell_input_line_len) ++ return '\0'; /* XXX */ ++ return (shell_input_line + shell_input_line_index); ++ } ++ + #ifdef INCLUDE_UNUSED + /* Back the input pointer up by one, effectively `ungetting' a character. */ +*** ../bash-3.1.22/shell.h 2003-06-01 15:04:36.000000000 -0400 +--- shell.h 2014-10-04 16:10:47.000000000 -0400 +*************** +*** 160,163 **** +--- 160,165 ---- + + /* Let's try declaring these here. */ ++ extern char *parser_remaining_input __P((void)); ++ + extern sh_parser_state_t *save_parser_state __P((sh_parser_state_t *)); + extern void restore_parser_state __P((sh_parser_state_t *)); +*** ../bash-3.1/patchlevel.h Wed Jul 20 13:58:20 2005 +--- patchlevel.h Wed Dec 7 13:48:42 2005 +*************** +*** 26,30 **** + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 22 + + #endif /* _PATCHLEVEL_H_ */ +--- 26,30 ---- + looks for to find the patch level (for the sccs version string). */ + +! #define PATCHLEVEL 23 + + #endif /* _PATCHLEVEL_H_ */ diff --git a/patches/source/bash/slack-desc b/patches/source/bash/slack-desc new file mode 100644 index 000000000..f2fdb9292 --- /dev/null +++ b/patches/source/bash/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +bash: bash (sh-compatible shell) +bash: +bash: The GNU Bourne-Again SHell. Bash is a sh-compatible command +bash: interpreter that executes commands read from the standard input or +bash: from a file. Bash also incorporates useful features from the Korn +bash: and C shells (ksh and csh). Bash is ultimately intended to be a +bash: conformant implementation of the IEEE Posix Shell and Tools +bash: specification (IEEE Working Group 1003.2). +bash: +bash: Bash must be present for the system to boot properly. +bash: diff --git a/patches/source/bind/3link.sh b/patches/source/bind/3link.sh new file mode 100644 index 000000000..ec8ba4d19 --- /dev/null +++ b/patches/source/bind/3link.sh @@ -0,0 +1,136 @@ +rm -f lwres_addr_parse.3 +ln -sf lwres_resutil.3 lwres_addr_parse.3 +rm -f lwres_buffer_add.3 +ln -sf lwres_buffer.3 lwres_buffer_add.3 +rm -f lwres_buffer_back.3 +ln -sf lwres_buffer.3 lwres_buffer_back.3 +rm -f lwres_buffer_clear.3 +ln -sf lwres_buffer.3 lwres_buffer_clear.3 +rm -f lwres_buffer_first.3 +ln -sf lwres_buffer.3 lwres_buffer_first.3 +rm -f lwres_buffer_forward.3 +ln -sf lwres_buffer.3 lwres_buffer_forward.3 +rm -f lwres_buffer_getmem.3 +ln -sf lwres_buffer.3 lwres_buffer_getmem.3 +rm -f lwres_buffer_getuint16.3 +ln -sf lwres_buffer.3 lwres_buffer_getuint16.3 +rm -f lwres_buffer_getuint32.3 +ln -sf lwres_buffer.3 lwres_buffer_getuint32.3 +rm -f lwres_buffer_getuint8.3 +ln -sf lwres_buffer.3 lwres_buffer_getuint8.3 +rm -f lwres_buffer_init.3 +ln -sf lwres_buffer.3 lwres_buffer_init.3 +rm -f lwres_buffer_invalidate.3 +ln -sf lwres_buffer.3 lwres_buffer_invalidate.3 +rm -f lwres_buffer_putmem.3 +ln -sf lwres_buffer.3 lwres_buffer_putmem.3 +rm -f lwres_buffer_putuint16.3 +ln -sf lwres_buffer.3 lwres_buffer_putuint16.3 +rm -f lwres_buffer_putuint32.3 +ln -sf lwres_buffer.3 lwres_buffer_putuint32.3 +rm -f lwres_buffer_putuint8.3 +ln -sf lwres_buffer.3 lwres_buffer_putuint8.3 +rm -f lwres_buffer_subtract.3 +ln -sf lwres_buffer.3 lwres_buffer_subtract.3 +rm -f lwres_conf_clear.3 +ln -sf lwres_config.3 lwres_conf_clear.3 +rm -f lwres_conf_get.3 +ln -sf lwres_config.3 lwres_conf_get.3 +rm -f lwres_conf_init.3 +ln -sf lwres_config.3 lwres_conf_init.3 +rm -f lwres_conf_parse.3 +ln -sf lwres_config.3 lwres_conf_parse.3 +rm -f lwres_conf_print.3 +ln -sf lwres_config.3 lwres_conf_print.3 +rm -f lwres_context_allocmem.3 +ln -sf lwres_context.3 lwres_context_allocmem.3 +rm -f lwres_context_create.3 +ln -sf lwres_context.3 lwres_context_create.3 +rm -f lwres_context_destroy.3 +ln -sf lwres_context.3 lwres_context_destroy.3 +rm -f lwres_context_freemem.3 +ln -sf lwres_context.3 lwres_context_freemem.3 +rm -f lwres_context_initserial.3 +ln -sf lwres_context.3 lwres_context_initserial.3 +rm -f lwres_context_nextserial.3 +ln -sf lwres_context.3 lwres_context_nextserial.3 +rm -f lwres_context_sendrecv.3 +ln -sf lwres_context.3 lwres_context_sendrecv.3 +rm -f lwres_endhostent.3 +ln -sf lwres_gethostent.3 lwres_endhostent.3 +rm -f lwres_endhostent_r.3 +ln -sf lwres_gethostent.3 lwres_endhostent_r.3 +rm -f lwres_freeaddrinfo.3 +ln -sf lwres_getaddrinfo.3 lwres_freeaddrinfo.3 +rm -f lwres_freehostent.3 +ln -sf lwres_getipnode.3 lwres_freehostent.3 +rm -f lwres_gabnrequest_free.3 +ln -sf lwres_gabn.3 lwres_gabnrequest_free.3 +rm -f lwres_gabnrequest_parse.3 +ln -sf lwres_gabn.3 lwres_gabnrequest_parse.3 +rm -f lwres_gabnrequest_render.3 +ln -sf lwres_gabn.3 lwres_gabnrequest_render.3 +rm -f lwres_gabnresponse_free.3 +ln -sf lwres_gabn.3 lwres_gabnresponse_free.3 +rm -f lwres_gabnresponse_parse.3 +ln -sf lwres_gabn.3 lwres_gabnresponse_parse.3 +rm -f lwres_gabnresponse_render.3 +ln -sf lwres_gabn.3 lwres_gabnresponse_render.3 +rm -f lwres_getaddrsbyname.3 +ln -sf lwres_resutil.3 lwres_getaddrsbyname.3 +rm -f lwres_gethostbyaddr.3 +ln -sf lwres_gethostent.3 lwres_gethostbyaddr.3 +rm -f lwres_gethostbyaddr_r.3 +ln -sf lwres_gethostent.3 lwres_gethostbyaddr_r.3 +rm -f lwres_gethostbyname.3 +ln -sf lwres_gethostent.3 lwres_gethostbyname.3 +rm -f lwres_gethostbyname2.3 +ln -sf lwres_gethostent.3 lwres_gethostbyname2.3 +rm -f lwres_gethostbyname_r.3 +ln -sf lwres_gethostent.3 lwres_gethostbyname_r.3 +rm -f lwres_gethostent_r.3 +ln -sf lwres_gethostent.3 lwres_gethostent_r.3 +rm -f lwres_getipnodebyaddr.3 +ln -sf lwres_getipnode.3 lwres_getipnodebyaddr.3 +rm -f lwres_getipnodebyname.3 +ln -sf lwres_getipnode.3 lwres_getipnodebyname.3 +rm -f lwres_getnamebyaddr.3 +ln -sf lwres_resutil.3 lwres_getnamebyaddr.3 +rm -f lwres_gnbarequest_free.3 +ln -sf lwres_gnba.3 lwres_gnbarequest_free.3 +rm -f lwres_gnbarequest_parse.3 +ln -sf lwres_gnba.3 lwres_gnbarequest_parse.3 +rm -f lwres_gnbarequest_render.3 +ln -sf lwres_gnba.3 lwres_gnbarequest_render.3 +rm -f lwres_gnbaresponse_free.3 +ln -sf lwres_gnba.3 lwres_gnbaresponse_free.3 +rm -f lwres_gnbaresponse_parse.3 +ln -sf lwres_gnba.3 lwres_gnbaresponse_parse.3 +rm -f lwres_gnbaresponse_render.3 +ln -sf lwres_gnba.3 lwres_gnbaresponse_render.3 +rm -f lwres_herror.3 +ln -sf lwres_hstrerror.3 lwres_herror.3 +rm -f lwres_lwpacket_parseheader.3 +ln -sf lwres_packet.3 lwres_lwpacket_parseheader.3 +rm -f lwres_lwpacket_renderheader.3 +ln -sf lwres_packet.3 lwres_lwpacket_renderheader.3 +rm -f lwres_net_ntop.3 +ln -sf lwres_inetntop.3 lwres_net_ntop.3 +rm -f lwres_nooprequest_free.3 +ln -sf lwres_noop.3 lwres_nooprequest_free.3 +rm -f lwres_nooprequest_parse.3 +ln -sf lwres_noop.3 lwres_nooprequest_parse.3 +rm -f lwres_nooprequest_render.3 +ln -sf lwres_noop.3 lwres_nooprequest_render.3 +rm -f lwres_noopresponse_free.3 +ln -sf lwres_noop.3 lwres_noopresponse_free.3 +rm -f lwres_noopresponse_parse.3 +ln -sf lwres_noop.3 lwres_noopresponse_parse.3 +rm -f lwres_noopresponse_render.3 +ln -sf lwres_noop.3 lwres_noopresponse_render.3 +rm -f lwres_sethostent.3 +ln -sf lwres_gethostent.3 lwres_sethostent.3 +rm -f lwres_sethostent_r.3 +ln -sf lwres_gethostent.3 lwres_sethostent_r.3 +rm -f lwres_string_parse.3 +ln -sf lwres_resutil.3 lwres_string_parse.3 diff --git a/patches/source/bind/bind.SlackBuild b/patches/source/bind/bind.SlackBuild new file mode 100755 index 000000000..3f059213e --- /dev/null +++ b/patches/source/bind/bind.SlackBuild @@ -0,0 +1,165 @@ +#!/bin/sh + +# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=bind +VERSION=${VERSION:-9.9.11-P1} +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=/bind-$(mcookie) +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG/etc/default + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +cd $TMP +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.gz || exit 1 +cd ${PKGNAM}-$VERSION || exit 1 + +# Remove use of SO_BSDCOMPAT which has been obsolete since the 2.2.x kernel +# series, and generates warnings under 2.6.x kernels. This _might_ be fixed +# upstream already, but an explicit #undef SO_BSDCOMPAT does not hurt: +zcat $CWD/bind.so_bsdcompat.diff.gz | patch -p1 --verbose || exit + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Configure: +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --with-libtool \ + --mandir=/usr/man \ + --enable-shared \ + --disable-static \ + --enable-threads \ + --with-openssl=/usr \ + --build=$ARCH-slackware-linux || exit 1 + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# We like symlinks. +( cd $PKG/usr/sbin + ln -sf named lwresd +) + +# We like a lot of symlinks. +( cd $PKG/usr/man/man3 + sh $CWD/3link.sh +) + +# Install init script: +mkdir -p $PKG/etc/rc.d +cp -a $CWD/rc.bind $PKG/etc/rc.d/rc.bind.new +chmod 644 $PKG/etc/rc.d/rc.bind.new + +# Add /var/run/named directory: +mkdir -p $PKG/var/run/named + +# Fix library perms: +chmod 755 $PKG/usr/lib${LIBDIRSUFFIX}/* + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* 2> /dev/null + ) + done + ) +fi + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a \ + CHANGES COPYRIGHT FAQ* README* \ + doc/arm doc/misc \ + $PKG/usr/doc/${PKGNAM}-$VERSION + +# This one should have the correct perms of the config file: +chmod 644 $PKG/usr/doc/${PKGNAM}-$VERSION/misc/rndc.conf-sample + +# One format of this is plenty. Especially get rid of the bloated PDF. +( cd $PKG/usr/doc/bind-$VERSION/arm + rm -f Makefile* *.pdf *.xml README.SGML latex-fixup.pl +) + +# Add sample config files for a simple caching nameserver: +mkdir -p $PKG/var/named/caching-example +cat $CWD/caching-example/named.conf > $PKG/etc/named.conf.new +cat $CWD/caching-example/localhost.zone > $PKG/var/named/caching-example/localhost.zone +cat $CWD/caching-example/named.local > $PKG/var/named/caching-example/named.local +cat $CWD/caching-example/named.root > $PKG/var/named/caching-example/named.root +# This name is deprecated, but having it here doesn't hurt in case +# an old configuration file wants it: +cat $CWD/caching-example/named.root > $PKG/var/named/caching-example/named.ca + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$(echo $VERSION | tr - _)-$ARCH-$BUILD.txz + diff --git a/patches/source/bind/bind.so_bsdcompat.diff b/patches/source/bind/bind.so_bsdcompat.diff new file mode 100644 index 000000000..5d78031b7 --- /dev/null +++ b/patches/source/bind/bind.so_bsdcompat.diff @@ -0,0 +1,11 @@ +--- ./lib/isc/unix/socket.c.orig 2005-11-03 17:08:42.000000000 -0600 ++++ ./lib/isc/unix/socket.c 2006-02-18 13:09:15.000000000 -0600 +@@ -245,6 +245,8 @@ + + #define SOCK_DEAD(s) ((s)->references == 0) + ++#undef SO_BSDCOMPAT ++ + static void + manager_log(isc_socketmgr_t *sockmgr, + isc_logcategory_t *category, isc_logmodule_t *module, int level, diff --git a/patches/source/bind/caching-example/localhost.zone b/patches/source/bind/caching-example/localhost.zone new file mode 100644 index 000000000..c47baf5f1 --- /dev/null +++ b/patches/source/bind/caching-example/localhost.zone @@ -0,0 +1,11 @@ +$TTL 86400 +$ORIGIN localhost. +@ 1D IN SOA @ root ( + 42 ; serial (d. adams) + 3H ; refresh + 15M ; retry + 1W ; expiry + 1D ) ; minimum + + 1D IN NS @ + 1D IN A 127.0.0.1 diff --git a/patches/source/bind/caching-example/named.conf b/patches/source/bind/caching-example/named.conf new file mode 100644 index 000000000..a8ee2795f --- /dev/null +++ b/patches/source/bind/caching-example/named.conf @@ -0,0 +1,31 @@ +options { + directory "/var/named"; + /* + * If there is a firewall between you and nameservers you want + * to talk to, you might need to uncomment the query-source + * directive below. Previous versions of BIND always asked + * questions using port 53, but BIND 8.1 uses an unprivileged + * port by default. + */ + // query-source address * port 53; +}; + +// +// a caching only nameserver config +// +zone "." IN { + type hint; + file "caching-example/named.root"; +}; + +zone "localhost" IN { + type master; + file "caching-example/localhost.zone"; + allow-update { none; }; +}; + +zone "0.0.127.in-addr.arpa" IN { + type master; + file "caching-example/named.local"; + allow-update { none; }; +}; diff --git a/patches/source/bind/caching-example/named.local b/patches/source/bind/caching-example/named.local new file mode 100644 index 000000000..8f40bcf36 --- /dev/null +++ b/patches/source/bind/caching-example/named.local @@ -0,0 +1,10 @@ +$TTL 86400 +@ IN SOA localhost. root.localhost. ( + 2011032500 ; Serial + 28800 ; Refresh + 14400 ; Retry + 3600000 ; Expire + 86400 ) ; Minimum + IN NS localhost. + +1 IN PTR localhost. diff --git a/patches/source/bind/caching-example/named.root b/patches/source/bind/caching-example/named.root new file mode 100644 index 000000000..9cc20228c --- /dev/null +++ b/patches/source/bind/caching-example/named.root @@ -0,0 +1,90 @@ +; This file holds the information on root name servers needed to +; initialize cache of Internet domain name servers +; (e.g. reference this file in the "cache . <file>" +; configuration file of BIND domain name servers). +; +; This file is made available by InterNIC +; under anonymous FTP as +; file /domain/named.cache +; on server FTP.INTERNIC.NET +; -OR- RS.INTERNIC.NET +; +; last update: November 05, 2014 +; related version of root zone: 2014110501 +; +; formerly NS.INTERNIC.NET +; +. 3600000 NS A.ROOT-SERVERS.NET. +A.ROOT-SERVERS.NET. 3600000 A 198.41.0.4 +A.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:ba3e::2:30 +; +; FORMERLY NS1.ISI.EDU +; +. 3600000 NS B.ROOT-SERVERS.NET. +B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 +B.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:84::b +; +; FORMERLY C.PSI.NET +; +. 3600000 NS C.ROOT-SERVERS.NET. +C.ROOT-SERVERS.NET. 3600000 A 192.33.4.12 +C.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2::c +; +; FORMERLY TERP.UMD.EDU +; +. 3600000 NS D.ROOT-SERVERS.NET. +D.ROOT-SERVERS.NET. 3600000 A 199.7.91.13 +D.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2d::d +; +; FORMERLY NS.NASA.GOV +; +. 3600000 NS E.ROOT-SERVERS.NET. +E.ROOT-SERVERS.NET. 3600000 A 192.203.230.10 +; +; FORMERLY NS.ISC.ORG +; +. 3600000 NS F.ROOT-SERVERS.NET. +F.ROOT-SERVERS.NET. 3600000 A 192.5.5.241 +F.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:2f::f +; +; FORMERLY NS.NIC.DDN.MIL +; +. 3600000 NS G.ROOT-SERVERS.NET. +G.ROOT-SERVERS.NET. 3600000 A 192.112.36.4 +; +; FORMERLY AOS.ARL.ARMY.MIL +; +. 3600000 NS H.ROOT-SERVERS.NET. +H.ROOT-SERVERS.NET. 3600000 A 128.63.2.53 +H.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:1::803f:235 +; +; FORMERLY NIC.NORDU.NET +; +. 3600000 NS I.ROOT-SERVERS.NET. +I.ROOT-SERVERS.NET. 3600000 A 192.36.148.17 +I.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fe::53 +; +; OPERATED BY VERISIGN, INC. +; +. 3600000 NS J.ROOT-SERVERS.NET. +J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 +J.ROOT-SERVERS.NET. 3600000 AAAA 2001:503:c27::2:30 +; +; OPERATED BY RIPE NCC +; +. 3600000 NS K.ROOT-SERVERS.NET. +K.ROOT-SERVERS.NET. 3600000 A 193.0.14.129 +K.ROOT-SERVERS.NET. 3600000 AAAA 2001:7fd::1 +; +; OPERATED BY ICANN +; +. 3600000 NS L.ROOT-SERVERS.NET. +L.ROOT-SERVERS.NET. 3600000 A 199.7.83.42 +L.ROOT-SERVERS.NET. 3600000 AAAA 2001:500:3::42 +; +; OPERATED BY WIDE +; +. 3600000 NS M.ROOT-SERVERS.NET. +M.ROOT-SERVERS.NET. 3600000 A 202.12.27.33 +M.ROOT-SERVERS.NET. 3600000 AAAA 2001:dc3::35 +; End of file diff --git a/patches/source/bind/doinst.sh b/patches/source/bind/doinst.sh new file mode 100644 index 000000000..afeff946f --- /dev/null +++ b/patches/source/bind/doinst.sh @@ -0,0 +1,36 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +# Keep same perms on rc.bind.new: +if [ -e etc/rc.d/rc.bind ]; then + cp -a etc/rc.d/rc.bind etc/rc.d/rc.bind.new.incoming + cat etc/rc.d/rc.bind.new > etc/rc.d/rc.bind.new.incoming + mv etc/rc.d/rc.bind.new.incoming etc/rc.d/rc.bind.new +fi + +config etc/named.conf.new +config etc/rc.d/rc.bind.new + +# Add a /var/named if it doesn't exist: +if [ ! -d var/named ]; then + mkdir -p var/named + chmod 755 var/named +fi + +# Generate /etc/rndc.key if there's none there, +# and there also no /etc/rndc.conf (the other +# way to set this up). +if [ ! -r etc/rndc.key -a ! -r /etc/rndc.conf ]; then + chroot . /sbin/ldconfig + chroot . /usr/sbin/rndc-confgen -r /dev/urandom -a 2> /dev/null +fi diff --git a/patches/source/bind/rc.bind b/patches/source/bind/rc.bind new file mode 100644 index 000000000..6d77d73d9 --- /dev/null +++ b/patches/source/bind/rc.bind @@ -0,0 +1,112 @@ +#!/bin/sh +# Start/stop/restart the BIND name server daemon (named). + + +# Start bind. In the past it was more secure to run BIND as a non-root +# user (for example, with '-u daemon'), but the modern version of BIND +# knows how to use the kernel's capability mechanism to drop all root +# privileges except the ability to bind() to a privileged port and set +# process resource limits, so -u should not be needed. If you wish to +# use it anyway, chown the /var/run/named and /var/named directories to +# the non-root user. The command options can be set like this in +# /etc/default/named : +# NAMED_OPTIONS="-u daemon" +# So you will not have to edit this script. + +# You might also consider running BIND in a "chroot jail", +# a discussion of which may be found in +# /usr/doc/Linux-HOWTOs/Chroot-BIND-HOWTO. + +# One last note: rndc has a lot of other nice features that it is not +# within the scope of this start/stop/restart script to support. +# For more details, see "man rndc" or just type "rndc" to see the options. + +# Load command defaults: +if [ -f /etc/default/named ] ; then . /etc/default/named ; fi +if [ -f /etc/default/rndc ] ; then . /etc/default/rndc ; fi + +# Sanity check. If /usr/sbin/named is missing then it +# doesn't make much sense to try to run this script: +if [ ! -x /usr/sbin/named ]; then + echo "/etc/rc.d/rc.bind: no /usr/sbin/named found (or not executable); cannot start." + exit 1 +fi + +# Start BIND. As many times as you like. ;-) +# Seriously, don't run "rc.bind start" if BIND is already +# running or you'll get more than one copy running. +bind_start() { + if [ -x /usr/sbin/named ]; then + echo "Starting BIND: /usr/sbin/named $NAMED_OPTIONS" + /usr/sbin/named $NAMED_OPTIONS + sleep 1 + fi + if ! ps axc | grep -q named ; then + echo "WARNING: named did not start." + echo "Attempting to start named again: /usr/sbin/named $NAMED_OPTIONS" + /usr/sbin/named $NAMED_OPTIONS + sleep 1 + if ps axc | grep -q named ; then + echo "SUCCESS: named started." + else + echo "FAILED: Sorry, a second attempt to start named has also failed." + echo "There may be a configuration error that needs fixing. Good luck!" + fi + fi +} + +# Stop all running copies of BIND (/usr/sbin/named): +bind_stop() { + echo "Stopping BIND: /usr/sbin/rndc $RDNC_OPTIONS stop" + /usr/sbin/rndc $RDNC_OPTIONS stop + # A problem with using "/usr/sbin/rndc stop" is that if you + # managed to get multiple copies of named running it will + # only stop one of them and then can't stop the others even + # if you run it again. So, after doing things the nice way + # we'll do them the old-fashioned way. If you don't like + # it you can comment it out, but unless you have a lot of + # other programs you run called "named" this is unlikely + # to have any ill effects: + sleep 1 + if ps axc | grep -q named ; then + echo "Using "killall named" on additional BIND processes..." + /bin/killall named 2> /dev/null + fi +} + +# Reload BIND: +bind_reload() { + /usr/sbin/rndc $RDNC_OPTIONS reload +} + +# Restart BIND: +bind_restart() { + bind_stop + bind_start +} + +# Get BIND status: +bind_status() { + /usr/sbin/rndc $RDNC_OPTIONS status +} + +case "$1" in +'start') + bind_start + ;; +'stop') + bind_stop + ;; +'reload') + bind_reload + ;; +'restart') + bind_restart + ;; +'status') + bind_status + ;; +*) + echo "usage $0 start|stop|reload|restart|status" +esac + diff --git a/patches/source/bind/slack-desc b/patches/source/bind/slack-desc new file mode 100644 index 000000000..9e9b15d11 --- /dev/null +++ b/patches/source/bind/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +bind: bind (DNS server and utilities) +bind: +bind: The named daemon and support utilities such as dig, host, and +bind: nslookup. Sample configuration files for running a simple caching +bind: nameserver are included. Documentation for advanced name server +bind: setup can be found in /usr/doc/bind-9.x.x/. +bind: +bind: +bind: +bind: +bind: diff --git a/patches/source/bzip2/bzip2.SlackBuild b/patches/source/bzip2/bzip2.SlackBuild new file mode 100755 index 000000000..a3c848be5 --- /dev/null +++ b/patches/source/bzip2/bzip2.SlackBuild @@ -0,0 +1,121 @@ +#!/bin/sh + +# Copyright 2005-2009, 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=bzip2 +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +SOLIB=1.0.6 +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-bzip2 + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf bzip2-$VERSION +tar xzvf $CWD/bzip2-$VERSION.tar.gz || exit 1 +cd bzip2-$VERSION || exit 1 +chown -R root:root . +# This should be ok, since libbz2.so.1.0 will still exist. +zcat $CWD/bzip2.saneso.diff.gz | patch -p1 || exit +make -f Makefile-libbz2_so || exit 1 +make -j3 || make || exit 1 +mkdir -p $PKG/usr/include +cp -a bzlib.h $PKG/usr/include +chown root:root $PKG/usr/include/bzlib.h +chmod 644 $PKG/usr/include/bzlib.h +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX} +cp -a libbz2.a $PKG/usr/lib${LIBDIRSUFFIX}/libbz2.a +mkdir -p $PKG/lib${LIBDIRSUFFIX} +cp -a libbz2.so.$SOLIB $PKG/lib${LIBDIRSUFFIX}/libbz2.so.$SOLIB +chmod 644 $PKG/usr/lib${LIBDIRSUFFIX}/libbz2.a +chmod 755 $PKG/lib${LIBDIRSUFFIX}/libbz2.so.$SOLIB +mkdir -p $PKG/bin +cat bzip2-shared > $PKG/bin/bzip2 +cat bzip2recover > $PKG/bin/bzip2recover +mkdir -p $PKG/usr/man/man1 +cat bzip2.1 | gzip -9c > $PKG/usr/man/man1/bzip2.1.gz +echo '.so man1/bzip2.1' | gzip -9c > $PKG/usr/man/man1/bzip2recover.1.gz +mkdir -p $PKG/usr/doc/bzip2-$VERSION +cp -a CHANGES LICENSE README* \ + bzip2.txt *.html $PKG/usr/doc/bzip2-$VERSION +chmod 644 $PKG/usr/doc/bzip2-$VERSION/* +# Link up them links +( cd $PKG + ( cd lib${LIBDIRSUFFIX} + rm -f libbz2.so.1.0 libbz2.so.1 + ln -sf libbz2.so.$SOLIB libbz2.so.1.0 + ln -sf libbz2.so.1.0 libbz2.so.1 + ) + ( cd usr/lib${LIBDIRSUFFIX} + ln -sf ../../lib${LIBDIRSUFFIX}/libbz2.so.1 libbz2.so + ) + ( cd bin ; ln -sf bzip2 bunzip2 ) + ( cd bin ; ln -sf bzip2 bzcat ) + mkdir -p usr/bin + ( cd usr/bin + ln -sf ../../bin/bzip2 . + ln -sf ../../bin/bzip2 bunzip2 + ln -sf ../../bin/bzip2 bzcat + ln -sf bzmore bzless + ) +) +# Here are some optional scripts: +for file in bzdiff bzgrep bzmore ; do + cat $file > $PKG/usr/bin/$file + cat ${file}.1 | gzip -9c > $PKG/usr/man/man1/${file}.1.gz +done +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) +chmod 755 $PKG/bin/* $PKG/usr/bin/* +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +makepkg -l y -c n $TMP/bzip2-$VERSION-$ARCH-$BUILD.txz + +# Clean up the extra stuff: +if [ "$1" = "--cleanup" ]; then + rm -rf $TMP/bzip2-$VERSION + rm -rf $PKG +fi diff --git a/patches/source/bzip2/bzip2.saneso.diff b/patches/source/bzip2/bzip2.saneso.diff new file mode 100644 index 000000000..4f0acc6e1 --- /dev/null +++ b/patches/source/bzip2/bzip2.saneso.diff @@ -0,0 +1,20 @@ +--- ./Makefile-libbz2_so.orig 2010-09-10 18:07:52.000000000 -0500 ++++ ./Makefile-libbz2_so 2010-09-20 12:30:10.475525363 -0500 +@@ -35,13 +35,13 @@ + bzlib.o + + all: $(OBJS) +- $(CC) -shared -Wl,-soname -Wl,libbz2.so.1.0 -o libbz2.so.1.0.6 $(OBJS) ++ $(CC) -shared -Wl,-soname -Wl,libbz2.so.1 -o libbz2.so.1.0.6 $(OBJS) + $(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.6 +- rm -f libbz2.so.1.0 +- ln -s libbz2.so.1.0.6 libbz2.so.1.0 ++ rm -f libbz2.so.1 ++ ln -s libbz2.so.1.0.6 libbz2.so.1 + + clean: +- rm -f $(OBJS) bzip2.o libbz2.so.1.0.6 libbz2.so.1.0 bzip2-shared ++ rm -f $(OBJS) bzip2.o libbz2.so.1.0.6 libbz2.so.1 bzip2-shared + + blocksort.o: blocksort.c + $(CC) $(CFLAGS) -c blocksort.c diff --git a/patches/source/bzip2/slack-desc b/patches/source/bzip2/slack-desc new file mode 100644 index 000000000..8026e7553 --- /dev/null +++ b/patches/source/bzip2/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +bzip2: bzip2 (a block-sorting file compressor) +bzip2: +bzip2: Bzip2 compresses files using the Burrows-Wheeler block sorting text +bzip2: compression algorithm, and Huffman coding. Compression is generally +bzip2: considerably better than that achieved by more conventional LZ77/LZ78- +bzip2: based compressors, and approaches the performance of the PPM family of +bzip2: statistical compressors. +bzip2: +bzip2: Julian Seward <jseward@acm.org> is the author of bzip2. +bzip2: +bzip2: diff --git a/patches/source/cairo/cairo.SlackBuild b/patches/source/cairo/cairo.SlackBuild new file mode 100755 index 000000000..870ca4564 --- /dev/null +++ b/patches/source/cairo/cairo.SlackBuild @@ -0,0 +1,98 @@ +#!/bin/sh + +# Copyright 2008, 2009 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=1.8.8 +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-cairo +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf cairo-$VERSION +tar xvf $CWD/cairo-$VERSION.tar.?z* || exit 1 +cd cairo-$VERSION +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Time to try leaving this out again? +# --disable-xcb + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --sysconfdir=/etc \ + --disable-gtk-doc \ + --disable-glitz \ + --disable-quartz \ + --disable-static \ + --disable-win32 +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc/cairo-$VERSION +cp -a \ + AUTHORS COPYING* NEWS README TODO \ + $PKG/usr/doc/cairo-$VERSION +( cd $PKG/usr/doc/cairo-$VERSION ; ln -sf /usr/share/gtk-doc/html/cairo html ) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/cairo-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/cairo/slack-desc b/patches/source/cairo/slack-desc new file mode 100644 index 000000000..b70ae035b --- /dev/null +++ b/patches/source/cairo/slack-desc @@ -0,0 +1,20 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +cairo: cairo (graphics library used by GTK+) +cairo: +cairo: Cairo is a vector graphics library designed to provide high-quality +cairo: display and print output. Cairo is designed to produce +cairo: identical output on all output media while taking advantage of display +cairo: hardware acceleration when available (eg. through the X Render +cairo: Extension or OpenGL). +cairo: +cairo: +cairo: +cairo: + diff --git a/patches/source/coreutils/DIR_COLORS b/patches/source/coreutils/DIR_COLORS new file mode 100644 index 000000000..fd77f5630 --- /dev/null +++ b/patches/source/coreutils/DIR_COLORS @@ -0,0 +1,235 @@ +# Configuration file for dircolors, a utility to help you set the +# LS_COLORS environment variable used by GNU ls with the --color option. + +# The keywords COLOR, OPTIONS, and EIGHTBIT (honored by the +# slackware version of dircolors) are recognized but ignored. +# (see the scripts in /etc/profile.d/coreutils-dircolors.* to change default +# options in the Slackware aliases) + +# Below, there should be one TERM entry for each termtype that is colorizable +TERM Eterm +TERM ansi +TERM color-xterm +TERM con132x25 +TERM con132x30 +TERM con132x43 +TERM con132x60 +TERM con80x25 +TERM con80x28 +TERM con80x30 +TERM con80x43 +TERM con80x50 +TERM con80x60 +TERM cons25 +TERM console +TERM cygwin +TERM dtterm +TERM eterm-color +TERM gnome +TERM gnome-256color +TERM jfbterm +TERM konsole +TERM kterm +TERM linux +TERM linux-c +TERM mach-color +TERM mlterm +TERM putty +TERM rxvt +TERM rxvt-256color +TERM rxvt-cygwin +TERM rxvt-cygwin-native +TERM rxvt-unicode +TERM rxvt-unicode-256color +TERM rxvt-unicode256 +TERM screen +TERM screen-256color +TERM screen-256color-bce +TERM screen-bce +TERM screen-w +TERM screen.linux +TERM screen.rxvt +TERM terminator +TERM vt100 +TERM xterm +TERM xterm-16color +TERM xterm-256color +TERM xterm-88color +TERM xterm-color +TERM xterm-debian + +# Below are the color init strings for the basic file types. A color init +# string consists of one or more of the following numeric codes: +# Attribute codes: +# 00=none 01=bold 04=underscore 05=blink 07=reverse 08=concealed +# Text color codes: +# 30=black 31=red 32=green 33=yellow 34=blue 35=magenta 36=cyan 37=white +# Background color codes: +# 40=black 41=red 42=green 43=yellow 44=blue 45=magenta 46=cyan 47=white +NORMAL 00 # global default, although everything should be something. +FILE 00 # normal file +# RESET 0 # reset to "normal" color +DIR 01;34 # directory +LINK 01;36 # symbolic link. (If you set this to 'target' instead of a + # numerical value, the color is as for the file pointed to.) +# HARDLINK 44;37 # regular file with more than one link +FIFO 40;33 # pipe +SOCK 01;35 # socket +DOOR 01;35 # door +BLK 40;33;01 # block device driver +CHR 40;33;01 # character device driver +ORPHAN 40;31;01 # symlink to nonexistent file +SETUID 37;41 # file that is setuid (u+s) +SETGID 30;43 # file that is setgid (g+s) +CAPABILITY 30;41 # file with capability +STICKY_OTHER_WRITABLE 30;42 # dir that is sticky and other-writable (+t,o+w) +OTHER_WRITABLE 34;42 # dir that is other-writable (o+w) and not sticky +STICKY 37;44 # dir with the sticky bit set (+t) and not other-writable +EXEC 01;32 # This is for files with execute permission: + +# List any file extensions like '.gz' or '.tar' that you would like ls +# to colorize below. Put the extension, a space, and the color init string. +# (and any comments you want to add after a '#') + +# DOS-style executables (bright green) +.bat 01;32 +.BAT 01;32 +.btm 01;32 +.BTM 01;32 +.cmd 01;32 +.CMD 01;32 +.com 01;32 +.COM 01;32 +.dll 01;32 +.DLL 01;32 +.exe 01;32 +.EXE 01;32 + +# archives or compressed (bright red) +.7z 01;31 +.ace 01;31 +.ACE 01;31 +.arj 01;31 +.bz2 01;31 +.cpio 01;31 +.deb 01;31 +.dz 01;31 +.gz 01;31 +.jar 01;31 +.lzh 01;31 +.lzma 01;31 +.rar 01;31 +.RAR 01;31 +.rpm 01;31 +.rz 01;31 +.tar 01;31 +.taz 01;31 +.tb2 01;31 +.tbz2 01;31 +.tbz 01;31 +.tgz 01;31 +.tlz 01;31 +.trz 01;31 +.txz 01;31 +.tz 01;31 +.tz2 01;31 +.xz 01;31 +.z 01;31 +.Z 01;31 +.zip 01;31 +.ZIP 01;31 +.zoo 01;31 + +# multimedia (video/image/sound) file formats +.aac 01;35 +.AAC 01;35 +.anx 01;35 +.asf 01;35 +.ASF 01;35 +.au 01;35 +.axa 01;35 +.axv 01;35 +.avi 01;35 +.AVI 01;35 +.bmp 01;35 +.BMP 01;35 +.divx 01;35 +.DIVX 01;35 +.flac 01;35 +.FLAC 01;35 +.gif 01;35 +.GIF 01;35 +.jpg 01;35 +.JPG 01;35 +.jpeg 01;35 +.JPEG 01;35 +.m2a 01;35 +.M2A 01;35 +.m2v 01;35 +.M2V 01;35 +.m4a 01;35 +.M4A 01;35 +.m4p 01;35 +.M4P 01;35 +.m4v 01;35 +.M4V 01;35 +.mid 01;35 +.midi 01;35 +.mka 01;35 +.mkv 01;35 +.MKV 01;35 +.mov 01;35 +.MOV 01;35 +.mp3 01;35 +.MP3 01;35 +.mp4 01;35 +.MP4 01;35 +.mp4v 01;35 +.mpc 01;35 +.MPC 01;35 +.mpeg 01;35 +.MPEG 01;35 +.mpg 01;35 +.MPG 01;35 +.nuv 01;35 +.oga 01;35 +.ogv 01;35 +.ogx 01;35 +.ogg 01;35 +.OGG 01;35 +.pbm 01;35 +.pgm 01;35 +.png 01;35 +.PNG 01;35 +.ppm 01;35 +.qt 01;35 +.ra 01;35 +.RA 01;35 +.ram 01;35 +.RAM 01;35 +.rm 01;35 +.RM 01;35 +.spx 01;35 +.svg 01;35 +.svgz 01;35 +.tga 01;35 +.TGA 01;35 +.tif 01;35 +.TIF 01;35 +.tiff 01;35 +.TIFF 01;35 +.vob 01;35 +.VOB 01;35 +.wav 01;35 +.WAV 01;35 +.wma 01;35 +.WMA 01;35 +.wmv 01;35 +.WMV 01;35 +.xbm 01;35 +.xcf 01;35 +.xpm 01;35 +.xspf 01;35 +.xwd 01;35 +.XWD 01;35 +.xvid 01;35 diff --git a/patches/source/coreutils/coreutils-dircolors.csh b/patches/source/coreutils/coreutils-dircolors.csh new file mode 100644 index 000000000..d7234c855 --- /dev/null +++ b/patches/source/coreutils/coreutils-dircolors.csh @@ -0,0 +1,48 @@ +# Slackware color ls profile script for /bin/csh-like shells. + +# Set up LS_OPTIONS environment variable. +# This contains extra command line options to use with ls. +# The default ones are: +# -F = show '/' for dirs, '*' for executables, etc. +# -T 0 = don't trust tab spacing when formatting ls output. +# -b = better support for special characters +setenv OPTIONS "-F -b -T 0" + +# COLOR needs one of these arguments: +# 'auto' colorizes output to ttys, but not pipes. +# 'always' adds color characters to all output. +# 'never' shuts colorization off. +setenv COLOR auto + +# This section shouldn't require any user adjustment since it is +# simply setting the LS_OPTIONS variable using the information +# already given above: +setenv LS_OPTIONS " $OPTIONS --color=$COLOR " +unsetenv COLOR +unsetenv OPTIONS + +# Set up aliases to use color ls by default. A few additional +# aliases like 'dir', 'vdir', etc, are some ancient artifacts +# from 1992 or so... possibly they should be disabled, but maybe +# someone out there is actually using them? :-) +alias ls '/bin/ls $LS_OPTIONS'; +alias dir '/bin/ls $LS_OPTIONS --format=vertical'; +alias vdir '/bin/ls $LS_OPTIONS --format=long'; +alias d dir; +alias v vdir; +unsetenv noglob; + +# Set up the LS_COLORS environment: +[ -f $HOME/.dir_colors ] +if ($status == 0) then + eval `/bin/dircolors -c $HOME/.dir_colors` +endif +[ -f /etc/DIR_COLORS ] +if ($status == 0) then + eval `/bin/dircolors -c /etc/DIR_COLORS` +endif +[ ! -f $HOME/.dir_colors -a ! -f /etc/DIR_COLORS ] +if ($status == 0) then + eval `/bin/dircolors -c` +endif + diff --git a/patches/source/coreutils/coreutils-dircolors.sh b/patches/source/coreutils/coreutils-dircolors.sh new file mode 100644 index 000000000..fc848c6fc --- /dev/null +++ b/patches/source/coreutils/coreutils-dircolors.sh @@ -0,0 +1,54 @@ +# Slackware color ls profile script for /bin/sh-like shells. + +# Set up LS_OPTIONS environment variable. +# This contains extra command line options to use with ls. +# The default ones are: +# -F = show '/' for dirs, '*' for executables, etc. +# -T 0 = don't trust tab spacing when formatting ls output. +# -b = better support for special characters +OPTIONS="-F -b -T 0" + +# COLOR needs one of these arguments: +# 'auto' colorizes output to ttys, but not pipes. +# 'always' adds color characters to all output. +# 'never' shuts colorization off. +COLOR=auto + + +# This section shouldn't require any user adjustment since it is +# simply setting the LS_OPTIONS variable using the information +# already given above: +LS_OPTIONS="$OPTIONS --color=$COLOR"; +export LS_OPTIONS; +unset COLOR +unset OPTIONS + +# Set up aliases to use color ls by default. A few additional +# aliases like 'dir', 'vdir', etc, are some ancient artifacts +# from 1992 or so... possibly they should be disabled, but maybe +# someone out there is actually using them? :-) +# Assume shell aliases are supported. +if [ "$SHELL" = "/bin/zsh" ] ; then + # By default, zsh doesn't split parameters into separate words + # when it encounters whitespace. The '=' flag will fix this. + # see zshexpn(1) man-page regarding SH_WORD_SPLIT. + alias ls='/bin/ls ${=LS_OPTIONS}' + alias dir='/bin/ls ${=LS_OPTIONS} --format=vertical' + alias vdir='/bin/ls ${=LS_OPTIONS} --format=long' +else + alias ls='/bin/ls $LS_OPTIONS' + alias dir='/bin/ls $LS_OPTIONS --format=vertical' + alias vdir='/bin/ls $LS_OPTIONS --format=long' +fi +alias d=dir +alias v=vdir + +# Set up the LS_COLORS environment: +if [ -f $HOME/.dir_colors ]; then + eval `/bin/dircolors -b $HOME/.dir_colors` +elif [ -f /etc/DIR_COLORS ]; then + eval `/bin/dircolors -b /etc/DIR_COLORS` +else + eval `/bin/dircolors -b` +fi + diff --git a/patches/source/coreutils/coreutils.SlackBuild b/patches/source/coreutils/coreutils.SlackBuild new file mode 100755 index 000000000..f804dfc9c --- /dev/null +++ b/patches/source/coreutils/coreutils.SlackBuild @@ -0,0 +1,195 @@ +#!/bin/sh + +# Copyright 2005-2010, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=coreutils +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | cut -d - -f 2 | rev | cut -f 3- -d . | rev)} +BUILD=${BUILD:-1_slack13.0} + +NUMJOBS=${NUMJOBS:--j6} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +elif [ "$ARCH" = "arm" ]; then + SLKCFLAGS="-O2 -march=armv4 -mtune=xscale" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "armel" ]; then + SLKCFLAGS="-O2 -march=armv4t" + LIBDIRSUFFIX="" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP + +rm -rf $PKGNAM-$VERSION +if [ -r $CWD/$PKGNAM-$VERSION.tar.gz ]; then + tar xf $CWD/$PKGNAM-$VERSION.tar.gz || exit 1 +elif [ -r $CWD/$PKGNAM-$VERSION.tar.bz2 ]; then + tar xf $CWD/$PKGNAM-$VERSION.tar.bz2 || exit 1 +elif [ -r $CWD/$PKGNAM-$VERSION.tar.xz ]; then + tar xf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +elif [ -r $CWD/$PKGNAM-$VERSION.tar.lzma ]; then + tar xf $CWD/$PKGNAM-$VERSION.tar.lzma || exit 1 +else + exit 1 +fi + +cd $PKGNAM-$VERSION +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Patch uname to correctly display CPU information: +zcat $CWD/$PKGNAM.uname.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 + +# Compilation with glibc version later than 2.3.2 needs the environment +# variable DEFAULT_POSIX2_VERSION set to 199209. +# Without the next line, the coreutils will start complaining about 'obsolete' +# command switches, like "tail -20" will be considered obsolete. +# This behaviour breaks many other packages... the 'obsolete' parameters are +# too commonly used to disregard them. Better to stick with the older more +# widely accepted standards until things begin to demand the new way. + +CFLAGS="$SLKCFLAGS" \ +DEFAULT_POSIX2_VERSION=199209 \ +./configure \ + --prefix=/usr \ + --bindir=/bin \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --sysconfdir=/etc \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --without-gmp \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# We have had the mktemp from debianutils included with Slackware for quite a +# long time, and certain options are changed here, like changing -u to mean a +# dry-run rather than to unlink the tempfile when finished. Since this could +# break existing scripts, unless someone can tell me a good reason why we +# should start using a new version of mktemp, we will continue to use the +# one we've been using. If the new one starts to become expected, let me know. +# We'll figure out what the best options are and go from there. +mv $PKG/bin/mktemp $PKG/bin/mktemp-gnu +mv $PKG/usr/man/man1/mktemp.1 $PKG/usr/man/man1/mktemp-gnu.1 + +# This seems wrong, and it stomps on files in the ksh93 package, though I'm +# not sure the placement of those is correct, either... The ksh93 package +# installs them as flat text files, while coreutils installs empty directories +# Oh well, this is what we've done for years, and nobody's complained... +rm -rf $PKG/usr/share/locale/*/LC_TIME + +# These are important enough that they should probably all go into /bin at this +# point... Having some of them unavailable when /usr isn't mounted is just a +# source of unending bug reports for various third party applications. +# Time to end those reports. :-) +mkdir -p $PKG/bin $PKG/usr/bin +( cd $PKG/usr/bin + for file in ../../bin/* ; do + ln --verbose -sf $file . + done +) + +# Add some defaults, although a very slack-like set of default options are built +# into /bin/ls now anyway: +mkdir -p $PKG/etc +zcat $CWD/DIR_COLORS.gz > $PKG/etc/DIR_COLORS.new + +# Since dircolors no longer provides any default aliases these scripts +# will be needed for ls to act as expected: +mkdir -p $PKG/etc/profile.d +zcat $CWD/coreutils-dircolors.csh.gz > $PKG/etc/profile.d/coreutils-dircolors.csh +zcat $CWD/coreutils-dircolors.sh.gz > $PKG/etc/profile.d/coreutils-dircolors.sh +chmod 755 $PKG/etc/profile.d/* + +# Remove things that are provided by other Slackware packages: +for dupe in hostname kill su uptime ; do + rm -f $PKG/bin/${dupe} $PKG/usr/bin/${dupe} \ + $PKG/usr/sbin/${dupe} $PKG/usr/man/man?/${dupe}.* ; +done + +# Add ginstall links (there's still a lot of stuff that needs this to compile): +( cd $PKG/bin ; ln -sf install ginstall ) +( cd $PKG/usr/bin ; ln -sf ../../bin/ginstall ginstall ) +( cd $PKG/usr/man/man1 ; ln -sf install.1 ginstall.1 ) + +( cd $PKG/usr/man + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done +) + +rm -f $PKG/usr/info/dir +gzip -9 $PKG/usr/info/* + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + AUTHORS COPYING* NEWS README* THANKS THANKS-to-translators TODO \ + $PKG/usr/doc/$PKGNAM-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/coreutils/coreutils.uname.diff b/patches/source/coreutils/coreutils.uname.diff new file mode 100644 index 000000000..699110318 --- /dev/null +++ b/patches/source/coreutils/coreutils.uname.diff @@ -0,0 +1,152 @@ +diff -Nur coreutils-7.6.orig/src/uname.c coreutils-7.6/src/uname.c +--- coreutils-7.6.orig/src/uname.c 2009-09-01 06:01:16.000000000 -0500 ++++ coreutils-7.6/src/uname.c 2009-09-15 08:55:26.239452858 -0500 +@@ -50,6 +50,11 @@ + # include <mach-o/arch.h> + #endif + ++#if defined (__linux__) ++# define USE_PROCINFO ++# define UNAME_HARDWARE_PLATFORM ++#endif ++ + #include "system.h" + #include "error.h" + #include "quote.h" +@@ -155,6 +160,106 @@ + exit (status); + } + ++#if defined(USE_PROCINFO) ++ ++# if defined(__s390__) || defined(__s390x__) ++# define CPUINFO_FILE "/proc/sysinfo" ++# define CPUINFO_FORMAT "%64[^\t :]%*[ :]%256[^\n]%c" ++# else ++# define CPUINFO_FILE "/proc/cpuinfo" ++# define CPUINFO_FORMAT "%64[^\t:]\t:%256[^\n]%c" ++# endif ++ ++# define PROCINFO_PROCESSOR 0 ++# define PROCINFO_HARDWARE_PLATFORM 1 ++ ++static void __eat_cpuinfo_space(char *buf) ++{ ++ /* first eat trailing space */ ++ char *tmp = buf + strlen(buf) - 1; ++ while (tmp > buf && isspace(*tmp)) ++ *tmp-- = '\0'; ++ /* then eat leading space */ ++ tmp = buf; ++ while (*tmp && isspace(*tmp)) ++ tmp++; ++ if (tmp != buf) ++ memmove(buf, tmp, strlen(tmp)+1); ++} ++ ++static int __linux_procinfo (int x, char *fstr, size_t s) ++{ ++ FILE *fp; ++ ++ char *procinfo_keys[] = { ++ /* --processor --hardware-platform */ ++ #if defined(__alpha__) ++ "cpu model", "system type" ++ #elif defined(__arm__) ++ "Processor", "Hardware" ++ #elif defined(bfin) ++ "CPU", "BOARD Name" ++ #elif defined(__cris__) ++ "cpu", "cpu model" ++ #elif defined(__frv__) ++ "CPU-Core", "System" ++ #elif defined(__i386__) || defined(__x86_64__) ++ "model name", "vendor_id" ++ #elif defined(__ia64__) ++ "family", "vendor" ++ #elif defined(__hppa__) ++ "cpu", "model" ++ #elif defined(__m68k__) ++ "CPU", "MMU" ++ #elif defined(__mips__) ++ "cpu model", "system type" ++ #elif defined(__powerpc__) || defined(__powerpc64__) ++ "cpu", "machine" ++ #elif defined(__s390__) || defined(__s390x__) ++ "Type", "Manufacturer" ++ #elif defined(__sh__) ++ "cpu type", "machine" ++ #elif defined(sparc) || defined(__sparc__) ++ "type", "cpu" ++ #elif defined(__vax__) ++ "cpu type", "cpu" ++ #else ++ "unknown", "unknown" ++ #endif ++ }; ++ ++ if ((fp = fopen(CPUINFO_FILE, "r")) != NULL) { ++ char key[65], value[257], eol, *ret = NULL; ++ ++ while (fscanf(fp, CPUINFO_FORMAT, key, value, &eol) != EOF) { ++ __eat_cpuinfo_space(key); ++ if (!strcmp(key, procinfo_keys[x])) { ++ __eat_cpuinfo_space(value); ++ ret = value; ++ break; ++ } ++ if (eol != '\n') { ++ /* we need two fscanf's here in case the previous ++ * length limit caused us to read right up to the ++ * newline ... doing "%*[^\n]\n" wont eat the newline ++ */ ++ fscanf(fp, "%*[^\n]"); ++ fscanf(fp, "\n"); ++ } ++ } ++ fclose(fp); ++ ++ if (ret) { ++ strncpy(fstr, ret, s); ++ return 0; ++ } ++ } ++ ++ return -1; ++} ++ ++#endif ++ + /* Print ELEMENT, preceded by a space if something has already been + printed. */ + +@@ -302,10 +407,14 @@ + if (toprint & PRINT_PROCESSOR) + { + char const *element = unknown; +-#if HAVE_SYSINFO && defined SI_ARCHITECTURE ++#if ( HAVE_SYSINFO && defined SI_ARCHITECTURE ) || defined(USE_PROCINFO) + { + static char processor[257]; ++#if defined(USE_PROCINFO) ++ if (0 <= __linux_procinfo (PROCINFO_PROCESSOR, processor, sizeof processor)) ++#else + if (0 <= sysinfo (SI_ARCHITECTURE, processor, sizeof processor)) ++#endif + element = processor; + } + #endif +@@ -358,9 +467,13 @@ + if (element == unknown) + { + static char hardware_platform[257]; ++#if defined(USE_PROCINFO) ++ if (0 <= __linux_procinfo (PROCINFO_HARDWARE_PLATFORM, hardware_platform, sizeof hardware_platform)) ++#else + size_t s = sizeof hardware_platform; + static int mib[] = { CTL_HW, UNAME_HARDWARE_PLATFORM }; + if (sysctl (mib, 2, hardware_platform, &s, 0, 0) >= 0) ++#endif + element = hardware_platform; + } + #endif diff --git a/patches/source/coreutils/doinst.sh b/patches/source/coreutils/doinst.sh new file mode 100644 index 000000000..b1a6112ff --- /dev/null +++ b/patches/source/coreutils/doinst.sh @@ -0,0 +1,13 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/DIR_COLORS.new + diff --git a/patches/source/coreutils/slack-desc b/patches/source/coreutils/slack-desc new file mode 100644 index 000000000..57e562d34 --- /dev/null +++ b/patches/source/coreutils/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +coreutils: coreutils (core GNU utilities) +coreutils: +coreutils: These are the GNU core utilities, the basic command line programs +coreutils: such as 'mkdir', 'ls', and 'rm' that are needed for the system to +coreutils: run. This package is the union of the GNU fileutils, sh-utils, and +coreutils: textutils packages. Most of these programs have significant +coreutils: advantages over their Unix counterparts, such as greater speed, +coreutils: additional options, and fewer arbitrary limits. +coreutils: +coreutils: +coreutils: diff --git a/patches/source/cups/cups-1.3.x.CVE-2010-0542.diff b/patches/source/cups/cups-1.3.x.CVE-2010-0542.diff new file mode 100644 index 000000000..6c234f03d --- /dev/null +++ b/patches/source/cups/cups-1.3.x.CVE-2010-0542.diff @@ -0,0 +1,25 @@ +--- ./filter/texttops.c.orig 2008-10-09 15:12:03.000000000 -0500 ++++ ./filter/texttops.c 2010-11-27 12:42:33.000000000 -0600 +@@ -181,8 +181,20 @@ + exit(1); + } + +- Page = calloc(sizeof(lchar_t *), SizeLines); +- Page[0] = calloc(sizeof(lchar_t), SizeColumns * SizeLines); ++ if ((Page = calloc(sizeof(lchar_t *), SizeLines)) == NULL) ++ { ++ _cupsLangPrintf(stderr, _("ERROR: Unable to print %dx%d text page.\n"), ++ SizeColumns, SizeLines); ++ exit(1); ++ } ++ ++ if ((Page[0] = calloc(sizeof(lchar_t), SizeColumns * SizeLines)) == NULL) ++ { ++ _cupsLangPrintf(stderr, _("ERROR: Unable to print %dx%d text page.\n"), ++ SizeColumns, SizeLines); ++ exit(1); ++ } ++ + for (i = 1; i < SizeLines; i ++) + Page[i] = Page[0] + i * SizeColumns; + diff --git a/patches/source/cups/cups-1.3.x.CVE-2010-2941.diff b/patches/source/cups/cups-1.3.x.CVE-2010-2941.diff new file mode 100644 index 000000000..5dd4d7c08 --- /dev/null +++ b/patches/source/cups/cups-1.3.x.CVE-2010-2941.diff @@ -0,0 +1,44 @@ +--- ./cups/ipp.c.orig 2009-01-21 17:43:53.000000000 -0600 ++++ ./cups/ipp.c 2010-11-27 13:05:25.000000000 -0600 +@@ -1187,15 +1187,18 @@ + + attr->value_tag = tag; + } +- else if (value_tag >= IPP_TAG_TEXTLANG && +- value_tag <= IPP_TAG_MIMETYPE) ++ else if (value_tag == IPP_TAG_TEXTLANG || ++ value_tag == IPP_TAG_NAMELANG || ++ (value_tag >= IPP_TAG_TEXT && ++ value_tag <= IPP_TAG_MIMETYPE)) + { + /* + * String values can sometimes come across in different + * forms; accept sets of differing values... + */ + +- if (tag < IPP_TAG_TEXTLANG || tag > IPP_TAG_MIMETYPE) ++ if (tag != IPP_TAG_TEXTLANG && tag != IPP_TAG_NAMELANG && ++ (tag < IPP_TAG_TEXT || tag > IPP_TAG_MIMETYPE)) + return (IPP_ERROR); + } + else if (value_tag != tag) +@@ -2529,6 +2532,7 @@ + { + case IPP_TAG_TEXT : + case IPP_TAG_NAME : ++ case IPP_TAG_RESERVED_STRING : + case IPP_TAG_KEYWORD : + case IPP_TAG_URI : + case IPP_TAG_URISCHEME : +--- ./cups/ipp.h.orig 2008-07-11 17:48:49.000000000 -0500 ++++ ./cups/ipp.h 2010-11-27 13:05:25.000000000 -0600 +@@ -94,7 +94,8 @@ + IPP_TAG_END_COLLECTION, /* End of collection value */ + IPP_TAG_TEXT = 0x41, /* Text value */ + IPP_TAG_NAME, /* Name value */ +- IPP_TAG_KEYWORD = 0x44, /* Keyword value */ ++ IPP_TAG_RESERVED_STRING, /* Reserved for future string value @private@ */ ++ IPP_TAG_KEYWORD, /* Keyword value */ + IPP_TAG_URI, /* URI value */ + IPP_TAG_URISCHEME, /* URI scheme value */ + IPP_TAG_CHARSET, /* Character set value */ diff --git a/patches/source/cups/cups.SlackBuild b/patches/source/cups/cups.SlackBuild new file mode 100755 index 000000000..fc60430df --- /dev/null +++ b/patches/source/cups/cups.SlackBuild @@ -0,0 +1,185 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# CUPS build script by volkerdi@slackware.com. + +VERSION=1.3.11 +BUILD=${BUILD:-3_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-cups + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf cups-$VERSION +tar xvf $CWD/cups-$VERSION-source.tar.?z* || exit 1 +cd cups-$VERSION + +zcat $CWD/cups.firefox.desktop.diff.gz | patch -p1 --verbose || exit 1 + +zcat $CWD/cups-1.3.x.CVE-2010-0542.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/cups-1.3.x.CVE-2010-2941.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/str4609-1.3.patch.gz | patch -p0 --verbose --ignore-whitespace || exit 1 + +sed -i.orig -e 's#$exec_prefix/lib/cups#$libdir/cups#g' configure +./configure \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --enable-ssl \ + --enable-openssl=yes \ + --enable-gnutls=no \ + --enable-cdsassl=no \ + --docdir=/usr/doc \ + --without-php \ + --disable-pam \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || exit 1 +mkdir -p $PKG/etc/cups +mkdir -p $PKG/var/spool +make BUILDROOT=$PKG install || exit 1 + +# I've added so many things like /etc/init.d/ to Slackware that CUPS +# is now installing init scripts to the Red Hat locations. We'll move +# them to the usual locations: +mkdir -p $PKG/etc/rc.d +# Handle this as a config file, and non-executable in a default install: +mv $PKG/etc/init.d/cups $PKG/etc/rc.d/rc.cups.new +chmod 644 $PKG/etc/rc.d/rc.cups.new +# Clear out the additions: +rm -rf $PKG/etc/init.d $PKG/etc/rc{0,2,3,5}.d + +# I'm not sure if overwriting this blindly could have ill effects, +# but it never hurts to play it safe. According to the dbus-daemon +# manpage, only files ending in .conf will be used, so there won't +# be any unintended doubling up. +mv $PKG/etc/dbus-1/system.d/cups.conf $PKG/etc/dbus-1/system.d/cups.conf.new + +# For full CUPS SMB support, you'll need to install the cups-samba +# package from the source in this directory. There's no easy way +# to add that to a package build, and the requests aren't pouring in, +# so you'll have to install it yourself. It's easy to do. + +# However, this will get you the most useful SMB support for free. +# Thanks to Boris Kurktchiev for the tip. :-) +( cd $PKG/usr/lib${LIBDIRSUFFIX}/cups/backend + if [ ! -e smb ]; then + ln -sf /usr/bin/smbspool smb + fi +) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Remove preformatted manpages and move the manpages to /usr/man: +( cd $PKG/usr/share/man + find . -type d -name "cat*" | xargs rm -rf + cd .. + mv man .. +) + +# Adjust/expand docs: +( mkdir -p $PKG/usr/doc + mv $PKG/usr/share/doc/cups $PKG/usr/doc/cups-$VERSION + rmdir $PKG/usr/share/doc + cd $PKG/usr/doc + ln -sf cups-$VERSION cups ) + +# I'm sorry, but PDF files are almost as bloated and annoying as +# MS Word documents. We'll retain the HTML files in /usr/doc. +( cd $PKG/usr/doc + find . -name "*.pdf" -exec rm -f {} \; ) + +# Apply no-clobber fix to conffiles: +( cd $PKG/etc/cups + for file in * ; do + if [ -f $file ]; then + mv $file $file.new + fi + done ) + +# Strip stuff: +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Use symlinks to certain binaries so that CUPS and LPRng can coexist: +SUFFIX=cups +for file in \ +usr/bin/cancel \ +usr/bin/lp \ +usr/bin/lpq \ +usr/bin/lpr \ +usr/bin/lprm \ +usr/bin/lpstat \ +usr/sbin/lpc ; do + ( cd $PKG + mv ${file} ${file}-${SUFFIX} + ( cd `dirname ${file}` ; ln -sf `basename ${file}`-${SUFFIX} `basename ${file}` ) + ) +done +# Now fix the associated man pages: +mv $PKG/usr/man/man1/cancel.1.gz $PKG/usr/man/man1/cancel-${SUFFIX}.1.gz +mv $PKG/usr/man/man1/lp.1.gz $PKG/usr/man/man1/lp-${SUFFIX}.1.gz +mv $PKG/usr/man/man1/lpq.1.gz $PKG/usr/man/man1/lpq-${SUFFIX}.1.gz +mv $PKG/usr/man/man1/lpr.1.gz $PKG/usr/man/man1/lpr-${SUFFIX}.1.gz +mv $PKG/usr/man/man1/lprm.1.gz $PKG/usr/man/man1/lprm-${SUFFIX}.1.gz +mv $PKG/usr/man/man1/lpstat.1.gz $PKG/usr/man/man1/lpstat-${SUFFIX}.1.gz +mv $PKG/usr/man/man8/lpc.8.gz $PKG/usr/man/man8/lpc-${SUFFIX}.8.gz +( cd $PKG/usr/man/man1 + ln -sf cancel-${SUFFIX}.1.gz cancel.1.gz + ln -sf lp-${SUFFIX}.1.gz lp.1.gz + ln -sf lpq-${SUFFIX}.1.gz lpq.1.gz + ln -sf lpr-${SUFFIX}.1.gz lpr.1.gz + ln -sf lprm-${SUFFIX}.1.gz lprm.1.gz + ln -sf lpstat-${SUFFIX}.1.gz lpstat.1.gz +) +( cd $PKG/usr/man/man8 + ln -sf lpc-${SUFFIX}.8.gz lpc.8.gz +) + +# Add the doinst.sh that installs the .new conffiles: +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/cups-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/cups/cups.firefox.desktop.diff b/patches/source/cups/cups.firefox.desktop.diff new file mode 100644 index 000000000..96affd5a3 --- /dev/null +++ b/patches/source/cups/cups.firefox.desktop.diff @@ -0,0 +1,11 @@ +diff -u -r --new-file cups-1.3.11.orig/desktop/cups.desktop cups-1.3.11/desktop/cups.desktop +--- cups-1.3.11.orig/desktop/cups.desktop 2008-09-05 19:30:39.000000000 -0500 ++++ cups-1.3.11/desktop/cups.desktop 2009-08-21 20:18:23.604682681 -0500 +@@ -1,6 +1,6 @@ + [Desktop Entry] + Categories=System;Printing;HardwareSettings;X-Red-Hat-Base; +-Exec=htmlview http://localhost:631/ ++Exec=firefox http://localhost:631/ + Icon=cups + StartupNotify=false + Terminal=false diff --git a/patches/source/cups/doinst.sh b/patches/source/cups/doinst.sh new file mode 100644 index 000000000..3f56dab3f --- /dev/null +++ b/patches/source/cups/doinst.sh @@ -0,0 +1,28 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +for file in etc/cups/*.new ; do + config $file +done +config etc/dbus-1/system.d/cups.conf.new + +# Leave any new rc.cups with the same permissions as the old one: +# This is a kludge, but it's because there's no --reference option +# on busybox's 'chmod': +if [ -e etc/rc.d/rc.cups ]; then + if [ -x etc/rc.d/rc.cups ]; then + chmod 755 etc/rc.d/rc.cups.new + else + chmod 644 etc/rc.d/rc.cups.new + fi +fi +# Then config() it: +config etc/rc.d/rc.cups.new diff --git a/patches/source/cups/slack-desc b/patches/source/cups/slack-desc new file mode 100644 index 000000000..c2e1643c9 --- /dev/null +++ b/patches/source/cups/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +cups: CUPS (Common UNIX Printing System) +cups: +cups: The Common UNIX Printing System provides a portable printing layer for +cups: UNIX(R)-like operating systems. It has been developed by Easy Software +cups: Products to promote a standard printing solution for all UNIX vendors +cups: and users. CUPS uses the Internet Printing Protocol ("IPP") as the +cups: basis for managing print jobs and queues. The CUPS package includes +cups: System V and Berkeley command-line interfaces, a PostScript RIP +cups: package for supporting non-PostScript printer drivers, and tools for +cups: creating additional printer drivers and other CUPS services. +cups: diff --git a/patches/source/cups/str4609-1.3.patch b/patches/source/cups/str4609-1.3.patch new file mode 100644 index 000000000..da4664a08 --- /dev/null +++ b/patches/source/cups/str4609-1.3.patch @@ -0,0 +1,324 @@ +Index: cgi-bin/ipp-var.c +=================================================================== +--- cgi-bin/ipp-var.c (revision 12588) ++++ cgi-bin/ipp-var.c (working copy) +@@ -1048,21 +1048,7 @@ + * Rewrite URIs... + */ + +- if (!strcmp(name, "member_uris")) +- { +- char url[1024]; /* URL for class member... */ +- +- +- cgiRewriteURL(attr->values[i].string.text, url, +- sizeof(url), NULL); +- +- snprintf(valptr, sizeof(value) - (valptr - value), +- "<A HREF=\"%s\">%s</A>", url, +- strrchr(attr->values[i].string.text, '/') + 1); +- } +- else +- cgiRewriteURL(attr->values[i].string.text, valptr, +- sizeof(value) - (valptr - value), NULL); ++ cgiRewriteURL(attr->values[i].string.text, valptr, sizeof(value) - (valptr - value), NULL); + break; + } + +Index: cgi-bin/template.c +=================================================================== +--- cgi-bin/template.c (revision 12588) ++++ cgi-bin/template.c (working copy) +@@ -602,39 +602,7 @@ + while (*s) + { + if (*s == '<') +- { +- /* +- * Pass <A HREF="url"> and </A>, otherwise quote it... +- */ +- +- if (!strncasecmp(s, "<A HREF=\"", 9)) +- { +- fputs("<A HREF=\"", out); +- s += 9; +- +- while (*s && *s != '\"') +- { +- if (*s == '&') +- fputs("&", out); +- else +- putc(*s, out); +- +- s ++; +- } +- +- if (*s) +- s ++; +- +- fputs("\">", out); +- } +- else if (!strncasecmp(s, "</A>", 4)) +- { +- fputs("</A>", out); +- s += 3; +- } +- else +- fputs("<", out); +- } ++ fputs("<", out); + else if (*s == '>') + fputs(">", out); + else if (*s == '\"') +Index: scheduler/ipp.c +=================================================================== +--- scheduler/ipp.c (revision 12588) ++++ scheduler/ipp.c (working copy) +@@ -463,8 +463,8 @@ + * Remote unauthenticated user masquerading as local root... + */ + +- _cupsStrFree(username->values[0].string.text); +- username->values[0].string.text = _cupsStrAlloc(RemoteRoot); ++ _cupsStrFree(username->values[0].string.text); ++ username->values[0].string.text = _cupsStrAlloc(RemoteRoot); + } + } + +@@ -1517,7 +1517,10 @@ + cupsdSetString(&job->username, con->username); + + if (attr) +- cupsdSetString(&attr->values[0].string.text, con->username); ++ { ++ _cupsStrFree(attr->values[0].string.text); ++ attr->values[0].string.text = _cupsStrAlloc(con->username); ++ } + } + else if (attr) + { +@@ -1568,48 +1571,11 @@ + * Also, we can only have 1 value and it must be a name value. + */ + +- switch (attr->value_tag) +- { +- case IPP_TAG_STRING : +- case IPP_TAG_TEXTLANG : +- case IPP_TAG_NAMELANG : +- case IPP_TAG_TEXT : +- case IPP_TAG_NAME : +- case IPP_TAG_KEYWORD : +- case IPP_TAG_URI : +- case IPP_TAG_URISCHEME : +- case IPP_TAG_CHARSET : +- case IPP_TAG_LANGUAGE : +- case IPP_TAG_MIMETYPE : +- /* +- * Free old strings... +- */ +- +- for (i = 0; i < attr->num_values; i ++) +- { +- _cupsStrFree(attr->values[i].string.text); +- attr->values[i].string.text = NULL; +- if (attr->values[i].string.charset) +- { +- _cupsStrFree(attr->values[i].string.charset); +- attr->values[i].string.charset = NULL; +- } +- } +- +- default : +- break; +- } +- +- /* +- * Use the default connection hostname instead... +- */ +- +- attr->value_tag = IPP_TAG_NAME; +- attr->num_values = 1; +- attr->values[0].string.text = _cupsStrAlloc(con->http.hostname); ++ ippDeleteAttribute(job->attrs, attr); ++ ippAddString(job->attrs, IPP_TAG_JOB, IPP_TAG_NAME, "job-originating-host-name", NULL, con->http.hostname); + } +- +- attr->group_tag = IPP_TAG_JOB; ++ else ++ attr->group_tag = IPP_TAG_JOB; + } + else + { +@@ -1731,7 +1697,8 @@ + * Force the leading banner to have the classification on it... + */ + +- cupsdSetString(&attr->values[0].string.text, Classification); ++ _cupsStrFree(attr->values[0].string.text); ++ attr->values[0].string.text = _cupsStrAlloc(Classification); + + cupsdLogMessage(CUPSD_LOG_NOTICE, "[Job %d] CLASSIFICATION FORCED " + "job-sheets=\"%s,none\", " +@@ -1748,7 +1715,8 @@ + * Can't put two different security markings on the same document! + */ + +- cupsdSetString(&attr->values[1].string.text, attr->values[0].string.text); ++ _cupsStrFree(attr->values[1].string.text); ++ attr->values[1].string.text = _cupsStrAlloc(attr->values[0].string.text); + + cupsdLogMessage(CUPSD_LOG_NOTICE, "[Job %d] CLASSIFICATION FORCED " + "job-sheets=\"%s,%s\", " +@@ -1788,18 +1756,26 @@ + if (attr->num_values > 1 && + !strcmp(attr->values[0].string.text, attr->values[1].string.text)) + { +- cupsdSetString(&(attr->values[0].string.text), Classification); +- cupsdSetString(&(attr->values[1].string.text), Classification); ++ _cupsStrFree(attr->values[0].string.text); ++ attr->values[0].string.text = _cupsStrAlloc(Classification); ++ _cupsStrFree(attr->values[1].string.text); ++ attr->values[1].string.text = _cupsStrAlloc(Classification); + } + else + { + if (attr->num_values == 1 || + strcmp(attr->values[0].string.text, "none")) +- cupsdSetString(&(attr->values[0].string.text), Classification); ++ { ++ _cupsStrFree(attr->values[0].string.text); ++ attr->values[0].string.text = _cupsStrAlloc(Classification); ++ } + + if (attr->num_values > 1 && + strcmp(attr->values[1].string.text, "none")) +- cupsdSetString(&(attr->values[1].string.text), Classification); ++ { ++ _cupsStrFree(attr->values[1].string.text); ++ attr->values[1].string.text = _cupsStrAlloc(Classification); ++ } + } + + if (attr->num_values > 1) +@@ -3088,7 +3064,8 @@ + if (attr) + { + attr->value_tag = IPP_TAG_KEYWORD; +- cupsdSetString(&(attr->values[0].string.text), "no-hold"); ++ _cupsStrFree(attr->values[0].string.text); ++ attr->values[0].string.text = _cupsStrAlloc("no-hold"); + } + + /* +@@ -7665,7 +7642,6 @@ + if (format) + { + _cupsStrFree(format->values[0].string.text); +- + format->values[0].string.text = _cupsStrAlloc(mimetype); + } + else +@@ -8137,9 +8113,8 @@ + + if (attr) + { ++ attr->value_tag = IPP_TAG_KEYWORD; + _cupsStrFree(attr->values[0].string.text); +- +- attr->value_tag = IPP_TAG_KEYWORD; + attr->values[0].string.text = _cupsStrAlloc("no-hold"); + + cupsdAddEvent(CUPSD_EVENT_JOB_CONFIG_CHANGED, job->printer, job, +@@ -8894,7 +8869,6 @@ + if (jformat) + { + _cupsStrFree(jformat->values[0].string.text); +- + jformat->values[0].string.text = _cupsStrAlloc(mimetype); + } + else +Index: scheduler/job.c +=================================================================== +--- scheduler/job.c (revision 12588) ++++ scheduler/job.c (working copy) +@@ -393,7 +393,8 @@ + if (attr) + { + attr->value_tag = IPP_TAG_KEYWORD; +- cupsdSetString(&(attr->values[0].string.text), "no-hold"); ++ _cupsStrFree(attr->values[0].string.text); ++ attr->values[0].string.text = _cupsStrAlloc("no-hold"); + cupsdSaveJob(job); + } + } +@@ -457,7 +458,10 @@ + + if ((attr = ippFindAttribute(job->attrs, "job-actual-printer-uri", + IPP_TAG_URI)) != NULL) +- cupsdSetString(&attr->values[0].string.text, printer->uri); ++ { ++ _cupsStrFree(attr->values[0].string.text); ++ attr->values[0].string.text = _cupsStrAlloc(printer->uri); ++ } + else + ippAddString(job->attrs, IPP_TAG_JOB, IPP_TAG_URI, + "job-actual-printer-uri", NULL, printer->uri); +@@ -468,7 +472,7 @@ + ((printer->type & CUPS_PRINTER_DISCOVERED) && /* Printer is remote */ + !printer->job)) /* and not printing */ + { +- /* ++ /* + * Clear any message and reasons for the queue... + */ + +@@ -761,8 +765,8 @@ + if (attr) + { + attr->value_tag = IPP_TAG_KEYWORD; +- cupsdSetString(&(attr->values[0].string.text), +- "auth-info-required"); ++ _cupsStrFree(attr->values[0].string.text); ++ attr->values[0].string.text = _cupsStrAlloc("auth-info-required"); + } + + job->state->values[0].integer = IPP_JOB_HELD; +@@ -1350,7 +1354,10 @@ + + if ((attr = ippFindAttribute(job->attrs, "job-printer-uri", + IPP_TAG_URI)) != NULL) +- cupsdSetString(&(attr->values[0].string.text), p->uri); ++ { ++ _cupsStrFree(attr->values[0].string.text); ++ attr->values[0].string.text = _cupsStrAlloc(p->uri); ++ } + + cupsdAddEvent(CUPSD_EVENT_JOB_STOPPED, p, job, + "Job #%d moved from %s to %s.", job->id, olddest, +@@ -2425,7 +2432,10 @@ + ippAddString(job->attrs, IPP_TAG_JOB, IPP_TAG_KEYWORD, "job-hold-until", + NULL, holdstr); + else +- cupsdSetString(&attr->values[0].string.text, holdstr); ++ { ++ _cupsStrFree(attr->values[0].string.text); ++ attr->values[0].string.text = _cupsStrAlloc(holdstr); ++ } + + cupsdSaveJob(job); + } +@@ -3880,9 +3890,10 @@ + */ + + if (job->printer->state_message[0]) +- cupsdSetString(&(job->printer_message->values[0].string.text), +- job->printer->state_message); +- ++ { ++ _cupsStrFree(job->printer_message->values[0].string.text); ++ job->printer_message->values[0].string.text = _cupsStrAlloc(job->printer->state_message); ++ } + /* + * ... and the printer-state-reasons value... + */ diff --git a/patches/source/curl/cacert-fetch.sh b/patches/source/curl/cacert-fetch.sh new file mode 100755 index 000000000..d0f156e2d --- /dev/null +++ b/patches/source/curl/cacert-fetch.sh @@ -0,0 +1 @@ +lftpget http://curl.haxx.se/ca/cacert.pem && rm cacert.pem.bz2 && bzip2 -9 cacert.pem diff --git a/patches/source/curl/cacert.pem b/patches/source/curl/cacert.pem new file mode 100644 index 000000000..8f1357b66 --- /dev/null +++ b/patches/source/curl/cacert.pem @@ -0,0 +1,3955 @@ +## +## Bundle of CA Root Certificates +## +## Certificate data from Mozilla as of: Wed Jun 7 03:12:05 2017 GMT +## +## This is a bundle of X.509 certificates of public Certificate Authorities +## (CA). These were automatically extracted from Mozilla's root certificates +## file (certdata.txt). This file can be found in the mozilla source tree: +## https://hg.mozilla.org/releases/mozilla-release/raw-file/default/security/nss/lib/ckfw/builtins/certdata.txt +## +## It contains the certificates in PEM format and therefore +## can be directly used with curl / libcurl / php_curl, or with +## an Apache+mod_ssl webserver for SSL client authentication. +## Just configure this file as the SSLCACertificateFile. +## +## Conversion done with mk-ca-bundle.pl version 1.27. +## SHA256: 93753268e1c596aee21893fb1c6975338389132f15c942ed65fc394a904371d7 +## + + +GlobalSign Root CA +================== +-----BEGIN CERTIFICATE----- +MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkGA1UEBhMCQkUx +GTAXBgNVBAoTEEdsb2JhbFNpZ24gbnYtc2ExEDAOBgNVBAsTB1Jvb3QgQ0ExGzAZBgNVBAMTEkds +b2JhbFNpZ24gUm9vdCBDQTAeFw05ODA5MDExMjAwMDBaFw0yODAxMjgxMjAwMDBaMFcxCzAJBgNV +BAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYD +VQQDExJHbG9iYWxTaWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa +DuaZjc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavpxy0Sy6sc +THAHoT0KMM0VjU/43dSMUBUc71DuxC73/OlS8pF94G3VNTCOXkNz8kHp1Wrjsok6Vjk4bwY8iGlb +Kk3Fp1S4bInMm/k8yuX9ifUSPJJ4ltbcdG6TRGHRjcdGsnUOhugZitVtbNV4FpWi6cgKOOvyJBNP +c1STE4U6G7weNLWLBYy5d4ux2x8gkasJU26Qzns3dLlwR5EiUWMWea6xrkEmCMgZK9FGqkjWZCrX +gzT/LCrBbBlDSgeF59N89iFo7+ryUp9/k5DPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV +HRMBAf8EBTADAQH/MB0GA1UdDgQWBBRge2YaRQ2XyolQL30EzTSo//z9SzANBgkqhkiG9w0BAQUF +AAOCAQEA1nPnfE920I2/7LqivjTFKDK1fPxsnCwrvQmeU79rXqoRSLblCKOzyj1hTdNGCbM+w6Dj +Y1Ub8rrvrTnhQ7k4o+YviiY776BQVvnGCv04zcQLcFGUl5gE38NflNUVyRRBnMRddWQVDf9VMOyG +j/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymPAbEVtQwdpf5pLGkkeB6zpxxxYu7KyJesF12KwvhH +hm4qxFYxldBniYUr+WymXUadDKqC5JlR3XC321Y9YeRq4VzW9v493kHMB65jUr9TU/Qr6cf9tveC +X4XSQRjbgbMEHMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A== +-----END CERTIFICATE----- + +GlobalSign Root CA - R2 +======================= +-----BEGIN CERTIFICATE----- +MIIDujCCAqKgAwIBAgILBAAAAAABD4Ym5g0wDQYJKoZIhvcNAQEFBQAwTDEgMB4GA1UECxMXR2xv +YmFsU2lnbiBSb290IENBIC0gUjIxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2Jh +bFNpZ24wHhcNMDYxMjE1MDgwMDAwWhcNMjExMjE1MDgwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxT +aWduIFJvb3QgQ0EgLSBSMjETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2ln +bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKbPJA6+Lm8omUVCxKs+IVSbC9N/hHD6 +ErPLv4dfxn+G07IwXNb9rfF73OX4YJYJkhD10FPe+3t+c4isUoh7SqbKSaZeqKeMWhG8eoLrvozp +s6yWJQeXSpkqBy+0Hne/ig+1AnwblrjFuTosvNYSuetZfeLQBoZfXklqtTleiDTsvHgMCJiEbKjN +S7SgfQx5TfC4LcshytVsW33hoCmEofnTlEnLJGKRILzdC9XZzPnqJworc5HGnRusyMvo4KD0L5CL +TfuwNhv2GXqF4G3yYROIXJ/gkwpRl4pazq+r1feqCapgvdzZX99yqWATXgAByUr6P6TqBwMhAo6C +ygPCm48CAwEAAaOBnDCBmTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E +FgQUm+IHV2ccHsBqBt5ZtJot39wZhi4wNgYDVR0fBC8wLTAroCmgJ4YlaHR0cDovL2NybC5nbG9i +YWxzaWduLm5ldC9yb290LXIyLmNybDAfBgNVHSMEGDAWgBSb4gdXZxwewGoG3lm0mi3f3BmGLjAN +BgkqhkiG9w0BAQUFAAOCAQEAmYFThxxol4aR7OBKuEQLq4GsJ0/WwbgcQ3izDJr86iw8bmEbTUsp +9Z8FHSbBuOmDAGJFtqkIk7mpM0sYmsL4h4hO291xNBrBVNpGP+DTKqttVCL1OmLNIG+6KYnX3ZHu +01yiPqFbQfXf5WRDLenVOavSot+3i9DAgBkcRcAtjOj4LaR0VknFBbVPFd5uRHg5h6h+u/N5GJG7 +9G+dwfCMNYxdAfvDbbnvRG15RjF+Cv6pgsH/76tuIMRQyV+dTZsXjAzlAcmgQWpzU/qlULRuJQ/7 +TBj0/VLZjmmx6BEP3ojY+x1J96relc8geMJgEtslQIxq/H5COEBkEveegeGTLg== +-----END CERTIFICATE----- + +Verisign Class 3 Public Primary Certification Authority - G3 +============================================================ +-----BEGIN CERTIFICATE----- +MIIEGjCCAwICEQCbfgZJoz5iudXukEhxKe9XMA0GCSqGSIb3DQEBBQUAMIHKMQswCQYDVQQGEwJV +UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv +cmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl +IG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkgLSBHMzAeFw05OTEwMDEwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMIHKMQsw +CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy +dXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAxOTk5IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhv +cml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDMgUHVibGljIFByaW1hcnkg +Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAMu6nFL8eB8aHm8bN3O9+MlrlBIwT/A2R/XQkQr1F8ilYcEWQE37imGQ5XYgwREGfassbqb1 +EUGO+i2tKmFZpGcmTNDovFJbcCAEWNF6yaRpvIMXZK0Fi7zQWM6NjPXr8EJJC52XJ2cybuGukxUc +cLwgTS8Y3pKI6GyFVxEa6X7jJhFUokWWVYPKMIno3Nij7SqAP395ZVc+FSBmCC+Vk7+qRy+oRpfw +EuL+wgorUeZ25rdGt+INpsyow0xZVYnm6FNcHOqd8GIWC6fJXwzw3sJ2zq/3avL6QaaiMxTJ5Xpj +055iN9WFZZ4O5lMkdBteHRJTW8cs54NJOxWuimi5V5cCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEA +ERSWwauSCPc/L8my/uRan2Te2yFPhpk0djZX3dAVL8WtfxUfN2JzPtTnX84XA9s1+ivbrmAJXx5f +j267Cz3qWhMeDGBvtcC1IyIuBwvLqXTLR7sdwdela8wv0kL9Sd2nic9TutoAWii/gt/4uhMdUIaC +/Y4wjylGsB49Ndo4YhYYSq3mtlFs3q9i6wHQHiT+eo8SGhJouPtmmRQURVyu565pF4ErWjfJXir0 +xuKhXFSbplQAz/DxwceYMBo7Nhbbo27q/a2ywtrvAkcTisDxszGtTxzhT5yvDwyd93gN2PQ1VoDa +t20Xj50egWTh/sVFuq1ruQp6Tk9LhO5L8X3dEQ== +-----END CERTIFICATE----- + +Entrust.net Premium 2048 Secure Server CA +========================================= +-----BEGIN CERTIFICATE----- +MIIEKjCCAxKgAwIBAgIEOGPe+DANBgkqhkiG9w0BAQUFADCBtDEUMBIGA1UEChMLRW50cnVzdC5u +ZXQxQDA+BgNVBAsUN3d3dy5lbnRydXN0Lm5ldC9DUFNfMjA0OCBpbmNvcnAuIGJ5IHJlZi4gKGxp +bWl0cyBsaWFiLikxJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExpbWl0ZWQxMzAxBgNV +BAMTKkVudHJ1c3QubmV0IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ICgyMDQ4KTAeFw05OTEyMjQx +NzUwNTFaFw0yOTA3MjQxNDE1MTJaMIG0MRQwEgYDVQQKEwtFbnRydXN0Lm5ldDFAMD4GA1UECxQ3 +d3d3LmVudHJ1c3QubmV0L0NQU18yMDQ4IGluY29ycC4gYnkgcmVmLiAobGltaXRzIGxpYWIuKTEl +MCMGA1UECxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5u +ZXQgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgKDIwNDgpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEArU1LqRKGsuqjIAcVFmQqK0vRvwtKTY7tgHalZ7d4QMBzQshowNtTK91euHaYNZOL +Gp18EzoOH1u3Hs/lJBQesYGpjX24zGtLA/ECDNyrpUAkAH90lKGdCCmziAv1h3edVc3kw37XamSr +hRSGlVuXMlBvPci6Zgzj/L24ScF2iUkZ/cCovYmjZy/Gn7xxGWC4LeksyZB2ZnuU4q941mVTXTzW +nLLPKQP5L6RQstRIzgUyVYr9smRMDuSYB3Xbf9+5CFVghTAp+XtIpGmG4zU/HoZdenoVve8AjhUi +VBcAkCaTvA5JaJG/+EfTnZVCwQ5N328mz8MYIWJmQ3DW1cAH4QIDAQABo0IwQDAOBgNVHQ8BAf8E +BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUVeSB0RGAvtiJuQijMfmhJAkWuXAwDQYJ +KoZIhvcNAQEFBQADggEBADubj1abMOdTmXx6eadNl9cZlZD7Bh/KM3xGY4+WZiT6QBshJ8rmcnPy +T/4xmf3IDExoU8aAghOY+rat2l098c5u9hURlIIM7j+VrxGrD9cv3h8Dj1csHsm7mhpElesYT6Yf +zX1XEC+bBAlahLVu2B064dae0Wx5XnkcFMXj0EyTO2U87d89vqbllRrDtRnDvV5bu/8j72gZyxKT +J1wDLW8w0B62GqzeWvfRqqgnpv55gcR5mTNXuhKwqeBCbJPKVt7+bYQLCIt+jerXmCHG8+c8eS9e +nNFMFY3h7CI3zJpDC5fcgJCNs2ebb0gIFVbPv/ErfF6adulZkMV8gzURZVE= +-----END CERTIFICATE----- + +Baltimore CyberTrust Root +========================= +-----BEGIN CERTIFICATE----- +MIIDdzCCAl+gAwIBAgIEAgAAuTANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJJRTESMBAGA1UE +ChMJQmFsdGltb3JlMRMwEQYDVQQLEwpDeWJlclRydXN0MSIwIAYDVQQDExlCYWx0aW1vcmUgQ3li +ZXJUcnVzdCBSb290MB4XDTAwMDUxMjE4NDYwMFoXDTI1MDUxMjIzNTkwMFowWjELMAkGA1UEBhMC +SUUxEjAQBgNVBAoTCUJhbHRpbW9yZTETMBEGA1UECxMKQ3liZXJUcnVzdDEiMCAGA1UEAxMZQmFs +dGltb3JlIEN5YmVyVHJ1c3QgUm9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKME +uyKrmD1X6CZymrV51Cni4eiVgLGw41uOKymaZN+hXe2wCQVt2yguzmKiYv60iNoS6zjrIZ3AQSsB +UnuId9Mcj8e6uYi1agnnc+gRQKfRzMpijS3ljwumUNKoUMMo6vWrJYeKmpYcqWe4PwzV9/lSEy/C +G9VwcPCPwBLKBsua4dnKM3p31vjsufFoREJIE9LAwqSuXmD+tqYF/LTdB1kC1FkYmGP1pWPgkAx9 +XbIGevOF6uvUA65ehD5f/xXtabz5OTZydc93Uk3zyZAsuT3lySNTPx8kmCFcB5kpvcY67Oduhjpr +l3RjM71oGDHweI12v/yejl0qhqdNkNwnGjkCAwEAAaNFMEMwHQYDVR0OBBYEFOWdWTCCR1jMrPoI +VDaGezq1BE3wMBIGA1UdEwEB/wQIMAYBAf8CAQMwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEB +BQUAA4IBAQCFDF2O5G9RaEIFoN27TyclhAO992T9Ldcw46QQF+vaKSm2eT929hkTI7gQCvlYpNRh +cL0EYWoSihfVCr3FvDB81ukMJY2GQE/szKN+OMY3EU/t3WgxjkzSswF07r51XgdIGn9w/xZchMB5 +hbgF/X++ZRGjD8ACtPhSNzkE1akxehi/oCr0Epn3o0WC4zxe9Z2etciefC7IpJ5OCBRLbf1wbWsa +Y71k5h+3zvDyny67G7fyUIhzksLi4xaNmjICq44Y3ekQEe5+NauQrz4wlHrQMz2nZQ/1/I6eYs9H +RCwBXbsdtTLSR9I4LtD+gdwyah617jzV/OeBHRnDJELqYzmp +-----END CERTIFICATE----- + +AddTrust Low-Value Services Root +================================ +-----BEGIN CERTIFICATE----- +MIIEGDCCAwCgAwIBAgIBATANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJTRTEUMBIGA1UEChML +QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEwHwYDVQQDExhBZGRU +cnVzdCBDbGFzcyAxIENBIFJvb3QwHhcNMDAwNTMwMTAzODMxWhcNMjAwNTMwMTAzODMxWjBlMQsw +CQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBO +ZXR3b3JrMSEwHwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3QwggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQCWltQhSWDia+hBBwzexODcEyPNwTXH+9ZOEQpnXvUGW2ulCDtbKRY6 +54eyNAbFvAWlA3yCyykQruGIgb3WntP+LVbBFc7jJp0VLhD7Bo8wBN6ntGO0/7Gcrjyvd7ZWxbWr +oulpOj0OM3kyP3CCkplhbY0wCI9xP6ZIVxn4JdxLZlyldI+Yrsj5wAYi56xz36Uu+1LcsRVlIPo1 +Zmne3yzxbrww2ywkEtvrNTVokMsAsJchPXQhI2U0K7t4WaPW4XY5mqRJjox0r26kmqPZm9I4XJui +GMx1I4S+6+JNM3GOGvDC+Mcdoq0Dlyz4zyXG9rgkMbFjXZJ/Y/AlyVMuH79NAgMBAAGjgdIwgc8w +HQYDVR0OBBYEFJWxtPCUtr3H2tERCSG+wa9J/RB7MAsGA1UdDwQEAwIBBjAPBgNVHRMBAf8EBTAD +AQH/MIGPBgNVHSMEgYcwgYSAFJWxtPCUtr3H2tERCSG+wa9J/RB7oWmkZzBlMQswCQYDVQQGEwJT +RTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSEw +HwYDVQQDExhBZGRUcnVzdCBDbGFzcyAxIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBACxt +ZBsfzQ3duQH6lmM0MkhHma6X7f1yFqZzR1r0693p9db7RcwpiURdv0Y5PejuvE1Uhh4dbOMXJ0Ph +iVYrqW9yTkkz43J8KiOavD7/KCrto/8cI7pDVwlnTUtiBi34/2ydYB7YHEt9tTEv2dB8Xfjea4MY +eDdXL+gzB2ffHsdrKpV2ro9Xo/D0UrSpUwjP4E/TelOL/bscVjby/rK25Xa71SJlpz/+0WatC7xr +mYbvP33zGDLKe8bjq2RGlfgmadlVg3sslgf/WSxEo8bl6ancoWOAWiFeIc9TVPC6b4nbqKqVz4vj +ccweGyBECMB6tkD9xOQ14R0WHNC8K47Wcdk= +-----END CERTIFICATE----- + +AddTrust External Root +====================== +-----BEGIN CERTIFICATE----- +MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEUMBIGA1UEChML +QWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYD +VQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEw +NDgzOFowbzELMAkGA1UEBhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRU +cnVzdCBFeHRlcm5hbCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0Eg +Um9vdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvtH7xsD821 ++iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9uMq/NzgtHj6RQa1wVsfw +Tz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzXmk6vBbOmcZSccbNQYArHE504B4YCqOmo +aSYYkKtMsE8jqzpPhNjfzp/haW+710LXa0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy +2xSoRcRdKn23tNbE7qzNE0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv7 +7+ldU9U0WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYDVR0P +BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0Jvf6xCZU7wO94CTL +VBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEmMCQGA1UECxMdQWRk +VHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsxIjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENB +IFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZl +j7DYd7usQWxHYINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5 +6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvCNr4TDea9Y355 +e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEXc4g/VhsxOBi0cQ+azcgOno4u +G+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5amnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ= +-----END CERTIFICATE----- + +AddTrust Public Services Root +============================= +-----BEGIN CERTIFICATE----- +MIIEFTCCAv2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJTRTEUMBIGA1UEChML +QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSAwHgYDVQQDExdBZGRU +cnVzdCBQdWJsaWMgQ0EgUm9vdDAeFw0wMDA1MzAxMDQxNTBaFw0yMDA1MzAxMDQxNTBaMGQxCzAJ +BgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQIE5l +dHdvcmsxIDAeBgNVBAMTF0FkZFRydXN0IFB1YmxpYyBDQSBSb290MIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEA6Rowj4OIFMEg2Dybjxt+A3S72mnTRqX4jsIMEZBRpS9mVEBV6tsfSlbu +nyNu9DnLoblv8n75XYcmYZ4c+OLspoH4IcUkzBEMP9smcnrHAZcHF/nXGCwwfQ56HmIexkvA/X1i +d9NEHif2P0tEs7c42TkfYNVRknMDtABp4/MUTu7R3AnPdzRGULD4EfL+OHn3Bzn+UZKXC1sIXzSG +Aa2Il+tmzV7R/9x98oTaunet3IAIx6eH1lWfl2royBFkuucZKT8Rs3iQhCBSWxHveNCD9tVIkNAw +HM+A+WD+eeSI8t0A65RF62WUaUC6wNW0uLp9BBGo6zEFlpROWCGOn9Bg/QIDAQABo4HRMIHOMB0G +A1UdDgQWBBSBPjfYkrAfd59ctKtzquf2NGAv+jALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB +/zCBjgYDVR0jBIGGMIGDgBSBPjfYkrAfd59ctKtzquf2NGAv+qFopGYwZDELMAkGA1UEBhMCU0Ux +FDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRUcnVzdCBUVFAgTmV0d29yazEgMB4G +A1UEAxMXQWRkVHJ1c3QgUHVibGljIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQADggEBAAP3FUr4 +JNojVhaTdt02KLmuG7jD8WS6IBh4lSknVwW8fCr0uVFV2ocC3g8WFzH4qnkuCRO7r7IgGRLlk/lL ++YPoRNWyQSW/iHVv/xD8SlTQX/D67zZzfRs2RcYhbbQVuE7PnFylPVoAjgbjPGsye/Kf8Lb93/Ao +GEjwxrzQvzSAlsJKsW2Ox5BF3i9nrEUEo3rcVZLJR2bYGozH7ZxOmuASu7VqTITh4SINhwBk/ox9 +Yjllpu9CtoAlEmEBqCQTcAARJl/6NVDFSMwGR+gn2HCNX2TmoUQmXiLsks3/QppEIW1cxeMiHV9H +EufOX1362KqxMy3ZdvJOOjMMK7MtkAY= +-----END CERTIFICATE----- + +AddTrust Qualified Certificates Root +==================================== +-----BEGIN CERTIFICATE----- +MIIEHjCCAwagAwIBAgIBATANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwJTRTEUMBIGA1UEChML +QWRkVHJ1c3QgQUIxHTAbBgNVBAsTFEFkZFRydXN0IFRUUCBOZXR3b3JrMSMwIQYDVQQDExpBZGRU +cnVzdCBRdWFsaWZpZWQgQ0EgUm9vdDAeFw0wMDA1MzAxMDQ0NTBaFw0yMDA1MzAxMDQ0NTBaMGcx +CzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRUcnVzdCBBQjEdMBsGA1UECxMUQWRkVHJ1c3QgVFRQ +IE5ldHdvcmsxIzAhBgNVBAMTGkFkZFRydXN0IFF1YWxpZmllZCBDQSBSb290MIIBIjANBgkqhkiG +9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5B6a/twJWoekn0e+EV+vhDTbYjx5eLfpMLXsDBwqxBb/4Oxx +64r1EW7tTw2R0hIYLUkVAcKkIhPHEWT/IhKauY5cLwjPcWqzZwFZ8V1G87B4pfYOQnrjfxvM0PC3 +KP0q6p6zsLkEqv32x7SxuCqg+1jxGaBvcCV+PmlKfw8i2O+tCBGaKZnhqkRFmhJePp1tUvznoD1o +L/BLcHwTOK28FSXx1s6rosAx1i+f4P8UWfyEk9mHfExUE+uf0S0R+Bg6Ot4l2ffTQO2kBhLEO+GR +wVY18BTcZTYJbqukB8c10cIDMzZbdSZtQvESa0NvS3GU+jQd7RNuyoB/mC9suWXY6QIDAQABo4HU +MIHRMB0GA1UdDgQWBBQ5lYtii1zJ1IC6WA+XPxUIQ8yYpzALBgNVHQ8EBAMCAQYwDwYDVR0TAQH/ +BAUwAwEB/zCBkQYDVR0jBIGJMIGGgBQ5lYtii1zJ1IC6WA+XPxUIQ8yYp6FrpGkwZzELMAkGA1UE +BhMCU0UxFDASBgNVBAoTC0FkZFRydXN0IEFCMR0wGwYDVQQLExRBZGRUcnVzdCBUVFAgTmV0d29y +azEjMCEGA1UEAxMaQWRkVHJ1c3QgUXVhbGlmaWVkIENBIFJvb3SCAQEwDQYJKoZIhvcNAQEFBQAD +ggEBABmrder4i2VhlRO6aQTvhsoToMeqT2QbPxj2qC0sVY8FtzDqQmodwCVRLae/DLPt7wh/bDxG +GuoYQ992zPlmhpwsaPXpF/gxsxjE1kh9I0xowX67ARRvxdlu3rsEQmr49lx95dr6h+sNNVJn0J6X +dgWTP5XHAeZpVTh/EGGZyeNfpso+gmNIquIISD6q8rKFYqa0p9m9N5xotS1WfbC3P6CxB9bpT9ze +RXEwMn8bLgn5v1Kh7sKAPgZcLlVAwRv1cEWw3F369nJad9Jjzc9YiQBCYz95OdBEsIJuQRno3eDB +iFrRHnGTHyQwdOUeqN48Jzd/g66ed8/wMLH/S5noxqE= +-----END CERTIFICATE----- + +Entrust Root Certification Authority +==================================== +-----BEGIN CERTIFICATE----- +MIIEkTCCA3mgAwIBAgIERWtQVDANBgkqhkiG9w0BAQUFADCBsDELMAkGA1UEBhMCVVMxFjAUBgNV +BAoTDUVudHJ1c3QsIEluYy4xOTA3BgNVBAsTMHd3dy5lbnRydXN0Lm5ldC9DUFMgaXMgaW5jb3Jw +b3JhdGVkIGJ5IHJlZmVyZW5jZTEfMB0GA1UECxMWKGMpIDIwMDYgRW50cnVzdCwgSW5jLjEtMCsG +A1UEAxMkRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA2MTEyNzIwMjM0 +MloXDTI2MTEyNzIwNTM0MlowgbAxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1FbnRydXN0LCBJbmMu +MTkwNwYDVQQLEzB3d3cuZW50cnVzdC5uZXQvQ1BTIGlzIGluY29ycG9yYXRlZCBieSByZWZlcmVu +Y2UxHzAdBgNVBAsTFihjKSAyMDA2IEVudHJ1c3QsIEluYy4xLTArBgNVBAMTJEVudHJ1c3QgUm9v +dCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +ALaVtkNC+sZtKm9I35RMOVcF7sN5EUFoNu3s/poBj6E4KPz3EEZmLk0eGrEaTsbRwJWIsMn/MYsz +A9u3g3s+IIRe7bJWKKf44LlAcTfFy0cOlypowCKVYhXbR9n10Cv/gkvJrT7eTNuQgFA/CYqEAOww +Cj0Yzfv9KlmaI5UXLEWeH25DeW0MXJj+SKfFI0dcXv1u5x609mhF0YaDW6KKjbHjKYD+JXGIrb68 +j6xSlkuqUY3kEzEZ6E5Nn9uss2rVvDlUccp6en+Q3X0dgNmBu1kmwhH+5pPi94DkZfs0Nw4pgHBN +rziGLp5/V6+eF67rHMsoIV+2HNjnogQi+dPa2MsCAwEAAaOBsDCBrTAOBgNVHQ8BAf8EBAMCAQYw +DwYDVR0TAQH/BAUwAwEB/zArBgNVHRAEJDAigA8yMDA2MTEyNzIwMjM0MlqBDzIwMjYxMTI3MjA1 +MzQyWjAfBgNVHSMEGDAWgBRokORnpKZTgMeGZqTx90tD+4S9bTAdBgNVHQ4EFgQUaJDkZ6SmU4DH +hmak8fdLQ/uEvW0wHQYJKoZIhvZ9B0EABBAwDhsIVjcuMTo0LjADAgSQMA0GCSqGSIb3DQEBBQUA +A4IBAQCT1DCw1wMgKtD5Y+iRDAUgqV8ZyntyTtSx29CW+1RaGSwMCPeyvIWonX9tO1KzKtvn1ISM +Y/YPyyYBkVBs9F8U4pN0wBOeMDpQ47RgxRzwIkSNcUesyBrJ6ZuaAGAT/3B+XxFNSRuzFVJ7yVTa +v52Vr2ua2J7p8eRDjeIRRDq/r72DQnNSi6q7pynP9WQcCk3RvKqsnyrQ/39/2n3qse0wJcGE2jTS +W3iDVuycNsMm4hH2Z0kdkquM++v/eu6FSqdQgPCnXEqULl8FmTxSQeDNtGPPAUO6nIPcj2A781q0 +tHuu2guQOHXvgR1m0vdXcDazv/wor3ElhVsT/h5/WrQ8 +-----END CERTIFICATE----- + +GeoTrust Global CA +================== +-----BEGIN CERTIFICATE----- +MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVTMRYwFAYDVQQK +Ew1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9iYWwgQ0EwHhcNMDIwNTIxMDQw +MDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5j +LjEbMBkGA1UEAxMSR2VvVHJ1c3QgR2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEA2swYYzD99BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjo +BbdqfnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDviS2Aelet +8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU1XupGc1V3sjs0l44U+Vc +T4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+bw8HHa8sHo9gOeL6NlMTOdReJivbPagU +vTLrGAMoUgRx5aszPeE4uwc2hGKceeoWMPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBTAephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVk +DBF9qn1luMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKInZ57Q +zxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfStQWVYrmm3ok9Nns4 +d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcFPseKUgzbFbS9bZvlxrFUaKnjaZC2 +mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Unhw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6p +XE0zX5IJL4hmXXeXxx12E6nV5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvm +Mw== +-----END CERTIFICATE----- + +GeoTrust Global CA 2 +==================== +-----BEGIN CERTIFICATE----- +MIIDZjCCAk6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN +R2VvVHJ1c3QgSW5jLjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFsIENBIDIwHhcNMDQwMzA0MDUw +MDAwWhcNMTkwMzA0MDUwMDAwWjBEMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5j +LjEdMBsGA1UEAxMUR2VvVHJ1c3QgR2xvYmFsIENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQDvPE1APRDfO1MA4Wf+lGAVPoWI8YkNkMgoI5kF6CsgncbzYEbYwbLVjDHZ3CB5JIG/ +NTL8Y2nbsSpr7iFY8gjpeMtvy/wWUsiRxP89c96xPqfCfWbB9X5SJBri1WeR0IIQ13hLTytCOb1k +LUCgsBDTOEhGiKEMuzozKmKY+wCdE1l/bztyqu6mD4b5BWHqZ38MN5aL5mkWRxHCJ1kDs6ZgwiFA +Vvqgx306E+PsV8ez1q6diYD3Aecs9pYrEw15LNnA5IZ7S4wMcoKK+xfNAGw6EzywhIdLFnopsk/b +HdQL82Y3vdj2V7teJHq4PIu5+pIaGoSe2HSPqht/XvT+RSIhAgMBAAGjYzBhMA8GA1UdEwEB/wQF +MAMBAf8wHQYDVR0OBBYEFHE4NvICMVNHK266ZUapEBVYIAUJMB8GA1UdIwQYMBaAFHE4NvICMVNH +K266ZUapEBVYIAUJMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOCAQEAA/e1K6tdEPx7 +srJerJsOflN4WT5CBP51o62sgU7XAotexC3IUnbHLB/8gTKY0UvGkpMzNTEv/NgdRN3ggX+d6Yvh +ZJFiCzkIjKx0nVnZellSlxG5FntvRdOW2TF9AjYPnDtuzywNA0ZF66D0f0hExghAzN4bcLUprbqL +OzRldRtxIR0sFAqwlpW41uryZfspuk/qkZN0abby/+Ea0AzRdoXLiiW9l14sbxWZJue2Kf8i7MkC +x1YAzUm5s2x7UwQa4qjJqhIFI8LO57sEAszAR6LkxCkvW0VXiVHuPOtSCP8HNR6fNWpHSlaY0VqF +H4z1Ir+rzoPz4iIprn2DQKi6bA== +-----END CERTIFICATE----- + +GeoTrust Universal CA +===================== +-----BEGIN CERTIFICATE----- +MIIFaDCCA1CgAwIBAgIBATANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN +R2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgVW5pdmVyc2FsIENBMB4XDTA0MDMwNDA1 +MDAwMFoXDTI5MDMwNDA1MDAwMFowRTELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IElu +Yy4xHjAcBgNVBAMTFUdlb1RydXN0IFVuaXZlcnNhbCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIP +ADCCAgoCggIBAKYVVaCjxuAfjJ0hUNfBvitbtaSeodlyWL0AG0y/YckUHUWCq8YdgNY96xCcOq9t +JPi8cQGeBvV8Xx7BDlXKg5pZMK4ZyzBIle0iN430SppyZj6tlcDgFgDgEB8rMQ7XlFTTQjOgNB0e +RXbdT8oYN+yFFXoZCPzVx5zw8qkuEKmS5j1YPakWaDwvdSEYfyh3peFhF7em6fgemdtzbvQKoiFs +7tqqhZJmr/Z6a4LauiIINQ/PQvE1+mrufislzDoR5G2vc7J2Ha3QsnhnGqQ5HFELZ1aD/ThdDc7d +8Lsrlh/eezJS/R27tQahsiFepdaVaH/wmZ7cRQg+59IJDTWU3YBOU5fXtQlEIGQWFwMCTFMNaN7V +qnJNk22CDtucvc+081xdVHppCZbW2xHBjXWotM85yM48vCR85mLK4b19p71XZQvk/iXttmkQ3Cga +Rr0BHdCXteGYO8A3ZNY9lO4L4fUorgtWv3GLIylBjobFS1J72HGrH4oVpjuDWtdYAVHGTEHZf9hB +Z3KiKN9gg6meyHv8U3NyWfWTehd2Ds735VzZC1U0oqpbtWpU5xPKV+yXbfReBi9Fi1jUIxaS5BZu +KGNZMN9QAZxjiRqf2xeUgnA3wySemkfWWspOqGmJch+RbNt+nhutxx9z3SxPGWX9f5NAEC7S8O08 +ni4oPmkmM8V7AgMBAAGjYzBhMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNq7LqqwDLiIJlF0 +XG0D08DYj3rWMB8GA1UdIwQYMBaAFNq7LqqwDLiIJlF0XG0D08DYj3rWMA4GA1UdDwEB/wQEAwIB +hjANBgkqhkiG9w0BAQUFAAOCAgEAMXjmx7XfuJRAyXHEqDXsRh3ChfMoWIawC/yOsjmPRFWrZIRc +aanQmjg8+uUfNeVE44B5lGiku8SfPeE0zTBGi1QrlaXv9z+ZhP015s8xxtxqv6fXIwjhmF7DWgh2 +qaavdy+3YL1ERmrvl/9zlcGO6JP7/TG37FcREUWbMPEaiDnBTzynANXH/KttgCJwpQzgXQQpAvvL +oJHRfNbDflDVnVi+QTjruXU8FdmbyUqDWcDaU/0zuzYYm4UPFd3uLax2k7nZAY1IEKj79TiG8dsK +xr2EoyNB3tZ3b4XUhRxQ4K5RirqNPnbiucon8l+f725ZDQbYKxek0nxru18UGkiPGkzns0ccjkxF +KyDuSN/n3QmOGKjaQI2SJhFTYXNd673nxE0pN2HrrDktZy4W1vUAg4WhzH92xH3kt0tm7wNFYGm2 +DFKWkoRepqO1pD4r2czYG0eq8kTaT/kD6PAUyz/zg97QwVTjt+gKN02LIFkDMBmhLMi9ER/frslK +xfMnZmaGrGiR/9nmUxwPi1xpZQomyB40w11Re9epnAahNt3ViZS82eQtDF4JbAiXfKM9fJP/P6EU +p8+1Xevb2xzEdt+Iub1FBZUbrvxGakyvSOPOrg/SfuvmbJxPgWp6ZKy7PtXny3YuxadIwVyQD8vI +P/rmMuGNG2+k5o7Y+SlIis5z/iw= +-----END CERTIFICATE----- + +GeoTrust Universal CA 2 +======================= +-----BEGIN CERTIFICATE----- +MIIFbDCCA1SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBHMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN +R2VvVHJ1c3QgSW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVyc2FsIENBIDIwHhcNMDQwMzA0 +MDUwMDAwWhcNMjkwMzA0MDUwMDAwWjBHMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3Qg +SW5jLjEgMB4GA1UEAxMXR2VvVHJ1c3QgVW5pdmVyc2FsIENBIDIwggIiMA0GCSqGSIb3DQEBAQUA +A4ICDwAwggIKAoICAQCzVFLByT7y2dyxUxpZKeexw0Uo5dfR7cXFS6GqdHtXr0om/Nj1XqduGdt0 +DE81WzILAePb63p3NeqqWuDW6KFXlPCQo3RWlEQwAx5cTiuFJnSCegx2oG9NzkEtoBUGFF+3Qs17 +j1hhNNwqCPkuwwGmIkQcTAeC5lvO0Ep8BNMZcyfwqph/Lq9O64ceJHdqXbboW0W63MOhBW9Wjo8Q +JqVJwy7XQYci4E+GymC16qFjwAGXEHm9ADwSbSsVsaxLse4YuU6W3Nx2/zu+z18DwPw76L5GG//a +QMJS9/7jOvdqdzXQ2o3rXhhqMcceujwbKNZrVMaqW9eiLBsZzKIC9ptZvTdrhrVtgrrY6slWvKk2 +WP0+GfPtDCapkzj4T8FdIgbQl+rhrcZV4IErKIM6+vR7IVEAvlI4zs1meaj0gVbi0IMJR1FbUGrP +20gaXT73y/Zl92zxlfgCOzJWgjl6W70viRu/obTo/3+NjN8D8WBOWBFM66M/ECuDmgFz2ZRthAAn +ZqzwcEAJQpKtT5MNYQlRJNiS1QuUYbKHsu3/mjX/hVTK7URDrBs8FmtISgocQIgfksILAAX/8sgC +SqSqqcyZlpwvWOB94b67B9xfBHJcMTTD7F8t4D1kkCLm0ey4Lt1ZrtmhN79UNdxzMk+MBB4zsslG +8dhcyFVQyWi9qLo2CQIDAQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR281Xh+qQ2 ++/CfXGJx7Tz0RzgQKzAfBgNVHSMEGDAWgBR281Xh+qQ2+/CfXGJx7Tz0RzgQKzAOBgNVHQ8BAf8E +BAMCAYYwDQYJKoZIhvcNAQEFBQADggIBAGbBxiPz2eAubl/oz66wsCVNK/g7WJtAJDday6sWSf+z +dXkzoS9tcBc0kf5nfo/sm+VegqlVHy/c1FEHEv6sFj4sNcZj/NwQ6w2jqtB8zNHQL1EuxBRa3ugZ +4T7GzKQp5y6EqgYweHZUcyiYWTjgAA1i00J9IZ+uPTqM1fp3DRgrFg5fNuH8KrUwJM/gYwx7WBr+ +mbpCErGR9Hxo4sjoryzqyX6uuyo9DRXcNJW2GHSoag/HtPQTxORb7QrSpJdMKu0vbBKJPfEncKpq +A1Ihn0CoZ1Dy81of398j9tx4TuaYT1U6U+Pv8vSfx3zYWK8pIpe44L2RLrB27FcRz+8pRPPphXpg +Y+RdM4kX2TGq2tbzGDVyz4crL2MjhF2EjD9XoIj8mZEoJmmZ1I+XRL6O1UixpCgp8RW04eWe3fiP +pm8m1wk8OhwRDqZsN/etRIcsKMfYdIKz0G9KV7s1KSegi+ghp4dkNl3M2Basx7InQJJVOCiNUW7d +FGdTbHFcJoRNdVq2fmBWqU2t+5sel/MN2dKXVHfaPRK34B7vCAas+YWH6aLcr34YEoP9VhdBLtUp +gn2Z9DH2canPLAEnpQW5qrJITirvn5NSUZU8UnOOVkwXQMAJKOSLakhT2+zNVVXxxvjpoixMptEm +X36vWkzaH6byHCx+rgIW0lbQL1dTR+iS +-----END CERTIFICATE----- + +Visa eCommerce Root +=================== +-----BEGIN CERTIFICATE----- +MIIDojCCAoqgAwIBAgIQE4Y1TR0/BvLB+WUF1ZAcYjANBgkqhkiG9w0BAQUFADBrMQswCQYDVQQG +EwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMmVmlzYSBJbnRlcm5hdGlvbmFsIFNlcnZpY2Ug +QXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNvbW1lcmNlIFJvb3QwHhcNMDIwNjI2MDIxODM2 +WhcNMjIwNjI0MDAxNjEyWjBrMQswCQYDVQQGEwJVUzENMAsGA1UEChMEVklTQTEvMC0GA1UECxMm +VmlzYSBJbnRlcm5hdGlvbmFsIFNlcnZpY2UgQXNzb2NpYXRpb24xHDAaBgNVBAMTE1Zpc2EgZUNv +bW1lcmNlIFJvb3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvV95WHm6h2mCxlCfL +F9sHP4CFT8icttD0b0/Pmdjh28JIXDqsOTPHH2qLJj0rNfVIsZHBAk4ElpF7sDPwsRROEW+1QK8b +RaVK7362rPKgH1g/EkZgPI2h4H3PVz4zHvtH8aoVlwdVZqW1LS7YgFmypw23RuwhY/81q6UCzyr0 +TP579ZRdhE2o8mCP2w4lPJ9zcc+U30rq299yOIzzlr3xF7zSujtFWsan9sYXiwGd/BmoKoMWuDpI +/k4+oKsGGelT84ATB+0tvz8KPFUgOSwsAGl0lUq8ILKpeeUYiZGo3BxN77t+Nwtd/jmliFKMAGzs +GHxBvfaLdXe6YJ2E5/4tAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG +MB0GA1UdDgQWBBQVOIMPPyw/cDMezUb+B4wg4NfDtzANBgkqhkiG9w0BAQUFAAOCAQEAX/FBfXxc +CLkr4NWSR/pnXKUTwwMhmytMiUbPWU3J/qVAtmPN3XEolWcRzCSs00Rsca4BIGsDoo8Ytyk6feUW +YFN4PMCvFYP3j1IzJL1kk5fui/fbGKhtcbP3LBfQdCVp9/5rPJS+TUtBjE7ic9DjkCJzQ83z7+pz +zkWKsKZJ/0x9nXGIxHYdkFsd7v3M9+79YKWxehZx0RbQfBI8bGmX265fOZpwLwU8GUYEmSA20GBu +YQa7FkKMcPcw++DbZqMAAb3mLNqRX6BGi01qnD093QVG/na/oAo85ADmJ7f/hC3euiInlhBx6yLt +398znM/jra6O1I7mT1GvFpLgXPYHDw== +-----END CERTIFICATE----- + +Certum Root CA +============== +-----BEGIN CERTIFICATE----- +MIIDDDCCAfSgAwIBAgIDAQAgMA0GCSqGSIb3DQEBBQUAMD4xCzAJBgNVBAYTAlBMMRswGQYDVQQK +ExJVbml6ZXRvIFNwLiB6IG8uby4xEjAQBgNVBAMTCUNlcnR1bSBDQTAeFw0wMjA2MTExMDQ2Mzla +Fw0yNzA2MTExMDQ2MzlaMD4xCzAJBgNVBAYTAlBMMRswGQYDVQQKExJVbml6ZXRvIFNwLiB6IG8u +by4xEjAQBgNVBAMTCUNlcnR1bSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM6x +wS7TT3zNJc4YPk/EjG+AanPIW1H4m9LcuwBcsaD8dQPugfCI7iNS6eYVM42sLQnFdvkrOYCJ5JdL +kKWoePhzQ3ukYbDYWMzhbGZ+nPMJXlVjhNWo7/OxLjBos8Q82KxujZlakE403Daaj4GIULdtlkIJ +89eVgw1BS7Bqa/j8D35in2fE7SZfECYPCE/wpFcozo+47UX2bu4lXapuOb7kky/ZR6By6/qmW6/K +Uz/iDsaWVhFu9+lmqSbYf5VT7QqFiLpPKaVCjF62/IUgAKpoC6EahQGcxEZjgoi2IrHu/qpGWX7P +NSzVttpd90gzFFS269lvzs2I1qsb2pY7HVkCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkq +hkiG9w0BAQUFAAOCAQEAuI3O7+cUus/usESSbLQ5PqKEbq24IXfS1HeCh+YgQYHu4vgRt2PRFze+ +GXYkHAQaTOs9qmdvLdTN/mUxcMUbpgIKumB7bVjCmkn+YzILa+M6wKyrO7Do0wlRjBCDxjTgxSvg +GrZgFCdsMneMvLJymM/NzD+5yCRCFNZX/OYmQ6kd5YCQzgNUKD73P9P4Te1qCjqTE5s7FCMTY5w/ +0YcneeVMUeMBrYVdGjux1XMQpNPyvG5k9VpWkKjHDkx0Dy5xO/fIR/RpbxXyEV6DHpx8Uq79AtoS +qFlnGNu8cN2bsWntgM6JQEhqDjXKKWYVIZQs6GAqm4VKQPNriiTsBhYscw== +-----END CERTIFICATE----- + +Comodo AAA Services root +======================== +-----BEGIN CERTIFICATE----- +MIIEMjCCAxqgAwIBAgIBATANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJHQjEbMBkGA1UECAwS +R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0Eg +TGltaXRlZDEhMB8GA1UEAwwYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAwMDAw +MFoXDTI4MTIzMTIzNTk1OVowezELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFuY2hl +c3RlcjEQMA4GA1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV +BAMMGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAL5AnfRu4ep2hxxNRUSOvkbIgwadwSr+GB+O5AL686tdUIoWMQuaBtDFcCLNSS1UY8y2bmhG +C1Pqy0wkwLxyTurxFa70VJoSCsN6sjNg4tqJVfMiWPPe3M/vg4aijJRPn2jymJBGhCfHdr/jzDUs +i14HZGWCwEiwqJH5YZ92IFCokcdmtet4YgNW8IoaE+oxox6gmf049vYnMlhvB/VruPsUK6+3qszW +Y19zjNoFmag4qMsXeDZRrOme9Hg6jc8P2ULimAyrL58OAd7vn5lJ8S3frHRNG5i1R8XlKdH5kBjH +Ypy+g8cmez6KJcfA3Z3mNWgQIJ2P2N7Sw4ScDV7oL8kCAwEAAaOBwDCBvTAdBgNVHQ4EFgQUoBEK +Iz6W8Qfs4q8p74Klf9AwpLQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wewYDVR0f +BHQwcjA4oDagNIYyaHR0cDovL2NybC5jb21vZG9jYS5jb20vQUFBQ2VydGlmaWNhdGVTZXJ2aWNl +cy5jcmwwNqA0oDKGMGh0dHA6Ly9jcmwuY29tb2RvLm5ldC9BQUFDZXJ0aWZpY2F0ZVNlcnZpY2Vz +LmNybDANBgkqhkiG9w0BAQUFAAOCAQEACFb8AvCb6P+k+tZ7xkSAzk/ExfYAWMymtrwUSWgEdujm +7l3sAg9g1o1QGE8mTgHj5rCl7r+8dFRBv/38ErjHT1r0iWAFf2C3BUrz9vHCv8S5dIa2LX1rzNLz +Rt0vxuBqw8M0Ayx9lt1awg6nCpnBBYurDC/zXDrPbDdVCYfeU0BsWO/8tqtlbgT2G9w84FoVxp7Z +8VlIMCFlA2zs6SFz7JsDoeA3raAVGI/6ugLOpyypEBMs1OUIJqsil2D4kF501KKaU73yqWjgom7C +12yxow+ev+to51byrvLjKzg6CYG1a4XXvi3tPxq3smPi9WIsgtRqAEFQ8TmDn5XpNpaYbg== +-----END CERTIFICATE----- + +Comodo Secure Services root +=========================== +-----BEGIN CERTIFICATE----- +MIIEPzCCAyegAwIBAgIBATANBgkqhkiG9w0BAQUFADB+MQswCQYDVQQGEwJHQjEbMBkGA1UECAwS +R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0Eg +TGltaXRlZDEkMCIGA1UEAwwbU2VjdXJlIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTA0MDEwMTAw +MDAwMFoXDTI4MTIzMTIzNTk1OVowfjELMAkGA1UEBhMCR0IxGzAZBgNVBAgMEkdyZWF0ZXIgTWFu +Y2hlc3RlcjEQMA4GA1UEBwwHU2FsZm9yZDEaMBgGA1UECgwRQ29tb2RvIENBIExpbWl0ZWQxJDAi +BgNVBAMMG1NlY3VyZSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAMBxM4KK0HDrc4eCQNUd5MvJDkKQ+d40uaG6EfQlhfPMcm3ye5drswfxdySRXyWP +9nQ95IDC+DwN879A6vfIUtFyb+/Iq0G4bi4XKpVpDM3SHpR7LZQdqnXXs5jLrLxkU0C8j6ysNstc +rbvd4JQX7NFc0L/vpZXJkMWwrPsbQ996CF23uPJAGysnnlDOXmWCiIxe004MeuoIkbY2qitC++rC +oznl2yY4rYsK7hljxxwk3wN42ubqwUcaCwtGCd0C/N7Lh1/XMGNooa7cMqG6vv5Eq2i2pRcV/b3V +p6ea5EQz6YiO/O1R65NxTq0B50SOqy3LqP4BSUjwwN3HaNiS/j0CAwEAAaOBxzCBxDAdBgNVHQ4E +FgQUPNiTiMLAggnMAZkGkyDpnnAJY08wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w +gYEGA1UdHwR6MHgwO6A5oDeGNWh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL1NlY3VyZUNlcnRpZmlj +YXRlU2VydmljZXMuY3JsMDmgN6A1hjNodHRwOi8vY3JsLmNvbW9kby5uZXQvU2VjdXJlQ2VydGlm +aWNhdGVTZXJ2aWNlcy5jcmwwDQYJKoZIhvcNAQEFBQADggEBAIcBbSMdflsXfcFhMs+P5/OKlFlm +4J4oqF7Tt/Q05qo5spcWxYJvMqTpjOev/e/C6LlLqqP05tqNZSH7uoDrJiiFGv45jN5bBAS0VPmj +Z55B+glSzAVIqMk/IQQezkhr/IXownuvf7fM+F86/TXGDe+X3EyrEeFryzHRbPtIgKvcnDe4IRRL +DXE97IMzbtFuMhbsmMcWi1mmNKsFVy2T96oTy9IT4rcuO81rUBcJaD61JlfutuC23bkpgHl9j6Pw +pCikFcSF9CfUa7/lXORlAnZUtOM3ZiTTGWHIUhDlizeauan5Hb/qmZJhlv8BzaFfDbxxvA6sCx1H +RR3B7Hzs/Sk= +-----END CERTIFICATE----- + +Comodo Trusted Services root +============================ +-----BEGIN CERTIFICATE----- +MIIEQzCCAyugAwIBAgIBATANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJHQjEbMBkGA1UECAwS +R3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHDAdTYWxmb3JkMRowGAYDVQQKDBFDb21vZG8gQ0Eg +TGltaXRlZDElMCMGA1UEAwwcVHJ1c3RlZCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0wNDAxMDEw +MDAwMDBaFw0yODEyMzEyMzU5NTlaMH8xCzAJBgNVBAYTAkdCMRswGQYDVQQIDBJHcmVhdGVyIE1h +bmNoZXN0ZXIxEDAOBgNVBAcMB1NhbGZvcmQxGjAYBgNVBAoMEUNvbW9kbyBDQSBMaW1pdGVkMSUw +IwYDVQQDDBxUcnVzdGVkIENlcnRpZmljYXRlIFNlcnZpY2VzMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEA33FvNlhTWvI2VFeAxHQIIO0Yfyod5jWaHiWsnOWWfnJSoBVC21ndZHoa0Lh7 +3TkVvFVIxO06AOoxEbrycXQaZ7jPM8yoMa+j49d/vzMtTGo87IvDktJTdyR0nAducPy9C1t2ul/y +/9c3S0pgePfw+spwtOpZqqPOSC+pw7ILfhdyFgymBwwbOM/JYrc/oJOlh0Hyt3BAd9i+FHzjqMB6 +juljatEPmsbS9Is6FARW1O24zG71++IsWL1/T2sr92AkWCTOJu80kTrV44HQsvAEAtdbtz6SrGsS +ivnkBbA7kUlcsutT6vifR4buv5XAwAaf0lteERv0xwQ1KdJVXOTt6wIDAQABo4HJMIHGMB0GA1Ud +DgQWBBTFe1i97doladL3WRaoszLAeydb9DAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB +/zCBgwYDVR0fBHwwejA8oDqgOIY2aHR0cDovL2NybC5jb21vZG9jYS5jb20vVHJ1c3RlZENlcnRp +ZmljYXRlU2VydmljZXMuY3JsMDqgOKA2hjRodHRwOi8vY3JsLmNvbW9kby5uZXQvVHJ1c3RlZENl +cnRpZmljYXRlU2VydmljZXMuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQDIk4E7ibSvuIQSTI3S8Ntw +uleGFTQQuS9/HrCoiWChisJ3DFBKmwCL2Iv0QeLQg4pKHBQGsKNoBXAxMKdTmw7pSqBYaWcOrp32 +pSxBvzwGa+RZzG0Q8ZZvH9/0BAKkn0U+yNj6NkZEUD+Cl5EfKNsYEYwq5GWDVxISjBc/lDb+XbDA +BHcTuPQV1T84zJQ6VdCsmPW6AF/ghhmBeC8owH7TzEIK9a5QoNE+xqFx7D+gIIxmOom0jtTYsU0l +R+4viMi14QVFwL4Ucd56/Y57fU0IlqUSc/AtyjcndBInTMu2l+nZrghtWjlA3QVHdWpaIbOjGM9O +9y5Xt5hwXsjEeLBi +-----END CERTIFICATE----- + +QuoVadis Root CA +================ +-----BEGIN CERTIFICATE----- +MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJCTTEZMBcGA1UE +ChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0 +eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAz +MTkxODMzMzNaFw0yMTAzMTcxODMzMzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRp +cyBMaW1pdGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQD +EyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Ypli4kVEAkOPcahdxYTMuk +J0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2DrOpm2RgbaIr1VxqYuvXtdj182d6UajtL +F8HVj71lODqV0D1VNk7feVcxKh7YWWVJWCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeL +YzcS19Dsw3sgQUSj7cugF+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWen +AScOospUxbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCCAk4w +PQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVvdmFkaXNvZmZzaG9y +ZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREwggENMIIBCQYJKwYBBAG+WAABMIH7 +MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNlIG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmlj +YXRlIGJ5IGFueSBwYXJ0eSBhc3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJs +ZSBzdGFuZGFyZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh +Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYIKwYBBQUHAgEW +Fmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3TKbkGGew5Oanwl4Rqy+/fMIGu +BgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rqy+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkw +FwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0 +aG9yaXR5MS4wLAYDVQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6 +tlCLMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSkfnIYj9lo +fFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf87C9TqnN7Az10buYWnuul +LsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1RcHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2x +gI4JVrmcGmD+XcHXetwReNDWXcG31a0ymQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi +5upZIof4l/UO/erMkqQWxFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi +5nrQNiOKSnQ2+Q== +-----END CERTIFICATE----- + +QuoVadis Root CA 2 +================== +-----BEGIN CERTIFICATE----- +MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoT +EFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMjAeFw0wNjExMjQx +ODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM +aW1pdGVkMRswGQYDVQQDExJRdW9WYWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4IC +DwAwggIKAoICAQCaGMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6 +XJxgFyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55JWpzmM+Yk +lvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bBrrcCaoF6qUWD4gXmuVbB +lDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp+ARz8un+XJiM9XOva7R+zdRcAitMOeGy +lZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt +66/3FsvbzSUr5R/7mp/iUcw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1Jdxn +wQ5hYIizPtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og/zOh +D7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UHoycR7hYQe7xFSkyy +BNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuIyV77zGHcizN300QyNQliBJIWENie +J0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1Ud +DgQWBBQahGK8SEwzJQTU7tD2A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGU +a6FJpEcwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMT +ElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2fBluornFdLwUv +Z+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzng/iN/Ae42l9NLmeyhP3ZRPx3 +UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2BlfF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodm +VjB3pjd4M1IQWK4/YY7yarHvGH5KWWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK ++JDSV6IZUaUtl0HaB0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrW +IozchLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPRTUIZ3Ph1 +WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWDmbA4CD/pXvk1B+TJYm5X +f6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0ZohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II +4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8 +VCLAAVBpQ570su9t+Oza8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u +-----END CERTIFICATE----- + +QuoVadis Root CA 3 +================== +-----BEGIN CERTIFICATE----- +MIIGnTCCBIWgAwIBAgICBcYwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0xGTAXBgNVBAoT +EFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJvb3QgQ0EgMzAeFw0wNjExMjQx +OTExMjNaFw0zMTExMjQxOTA2NDRaMEUxCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBM +aW1pdGVkMRswGQYDVQQDExJRdW9WYWRpcyBSb290IENBIDMwggIiMA0GCSqGSIb3DQEBAQUAA4IC +DwAwggIKAoICAQDMV0IWVJzmmNPTTe7+7cefQzlKZbPoFog02w1ZkXTPkrgEQK0CSzGrvI2RaNgg +DhoB4hp7Thdd4oq3P5kazethq8Jlph+3t723j/z9cI8LoGe+AaJZz3HmDyl2/7FWeUUrH556VOij +KTVopAFPD6QuN+8bv+OPEKhyq1hX51SGyMnzW9os2l2ObjyjPtr7guXd8lyyBTNvijbO0BNO/79K +DDRMpsMhvVAEVeuxu537RR5kFd5VAYwCdrXLoT9CabwvvWhDFlaJKjdhkf2mrk7AyxRllDdLkgbv +BNDInIjbC3uBr7E9KsRlOni27tyAsdLTmZw67mtaa7ONt9XOnMK+pUsvFrGeaDsGb659n/je7Mwp +p5ijJUMv7/FfJuGITfhebtfZFG4ZM2mnO4SJk8RTVROhUXhA+LjJou57ulJCg54U7QVSWllWp5f8 +nT8KKdjcT5EOE7zelaTfi5m+rJsziO+1ga8bxiJTyPbH7pcUsMV8eFLI8M5ud2CEpukqdiDtWAEX +MJPpGovgc2PZapKUSU60rUqFxKMiMPwJ7Wgic6aIDFUhWMXhOp8q3crhkODZc6tsgLjoC2SToJyM +Gf+z0gzskSaHirOi4XCPLArlzW1oUevaPwV/izLmE1xr/l9A4iLItLRkT9a6fUg+qGkM17uGcclz +uD87nSVL2v9A6wIDAQABo4IBlTCCAZEwDwYDVR0TAQH/BAUwAwEB/zCB4QYDVR0gBIHZMIHWMIHT +BgkrBgEEAb5YAAMwgcUwgZMGCCsGAQUFBwICMIGGGoGDQW55IHVzZSBvZiB0aGlzIENlcnRpZmlj +YXRlIGNvbnN0aXR1dGVzIGFjY2VwdGFuY2Ugb2YgdGhlIFF1b1ZhZGlzIFJvb3QgQ0EgMyBDZXJ0 +aWZpY2F0ZSBQb2xpY3kgLyBDZXJ0aWZpY2F0aW9uIFByYWN0aWNlIFN0YXRlbWVudC4wLQYIKwYB +BQUHAgEWIWh0dHA6Ly93d3cucXVvdmFkaXNnbG9iYWwuY29tL2NwczALBgNVHQ8EBAMCAQYwHQYD +VR0OBBYEFPLAE+CCQz777i9nMpY1XNu4ywLQMG4GA1UdIwRnMGWAFPLAE+CCQz777i9nMpY1XNu4 +ywLQoUmkRzBFMQswCQYDVQQGEwJCTTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDEbMBkGA1UE +AxMSUXVvVmFkaXMgUm9vdCBDQSAzggIFxjANBgkqhkiG9w0BAQUFAAOCAgEAT62gLEz6wPJv92ZV +qyM07ucp2sNbtrCD2dDQ4iH782CnO11gUyeim/YIIirnv6By5ZwkajGxkHon24QRiSemd1o417+s +hvzuXYO8BsbRd2sPbSQvS3pspweWyuOEn62Iix2rFo1bZhfZFvSLgNLd+LJ2w/w4E6oM3kJpK27z +POuAJ9v1pkQNn1pVWQvVDVJIxa6f8i+AxeoyUDUSly7B4f/xI4hROJ/yZlZ25w9Rl6VSDE1JUZU2 +Pb+iSwwQHYaZTKrzchGT5Or2m9qoXadNt54CrnMAyNojA+j56hl0YgCUyyIgvpSnWbWCar6ZeXqp +8kokUvd0/bpO5qgdAm6xDYBEwa7TIzdfu4V8K5Iu6H6li92Z4b8nby1dqnuH/grdS/yO9SbkbnBC +bjPsMZ57k8HkyWkaPcBrTiJt7qtYTcbQQcEr6k8Sh17rRdhs9ZgC06DYVYoGmRmioHfRMJ6szHXu +g/WwYjnPbFfiTNKRCw51KBuav/0aQ/HKd/s7j2G4aSgWQgRecCocIdiP4b0jWy10QJLZYxkNc91p +vGJHvOB0K7Lrfb5BG7XARsWhIstfTsEokt4YutUqKLsRixeTmJlglFwjz1onl14LBQaTNx47aTbr +qZ5hHY8y2o4M1nQ+ewkk2gF3R8Q7zTSMmfXK4SVhM7JZG+Ju1zdXtg2pEto= +-----END CERTIFICATE----- + +Security Communication Root CA +============================== +-----BEGIN CERTIFICATE----- +MIIDWjCCAkKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMP +U0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEw +HhcNMDMwOTMwMDQyMDQ5WhcNMjMwOTMwMDQyMDQ5WjBQMQswCQYDVQQGEwJKUDEYMBYGA1UEChMP +U0VDT00gVHJ1c3QubmV0MScwJQYDVQQLEx5TZWN1cml0eSBDb21tdW5pY2F0aW9uIFJvb3RDQTEw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzs/5/022x7xZ8V6UMbXaKL0u/ZPtM7orw +8yl89f/uKuDp6bpbZCKamm8sOiZpUQWZJtzVHGpxxpp9Hp3dfGzGjGdnSj74cbAZJ6kJDKaVv0uM +DPpVmDvY6CKhS3E4eayXkmmziX7qIWgGmBSWh9JhNrxtJ1aeV+7AwFb9Ms+k2Y7CI9eNqPPYJayX +5HA49LY6tJ07lyZDo6G8SVlyTCMwhwFY9k6+HGhWZq/NQV3Is00qVUarH9oe4kA92819uZKAnDfd +DJZkndwi92SL32HeFZRSFaB9UslLqCHJxrHty8OVYNEP8Ktw+N/LTX7s1vqr2b1/VPKl6Xn62dZ2 +JChzAgMBAAGjPzA9MB0GA1UdDgQWBBSgc0mZaNyFW2XjmygvV5+9M7wHSDALBgNVHQ8EBAMCAQYw +DwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAaECpqLvkT115swW1F7NgE+vGkl3g +0dNq/vu+m22/xwVtWSDEHPC32oRYAmP6SBbvT6UL90qY8j+eG61Ha2POCEfrUj94nK9NrvjVT8+a +mCoQQTlSxN3Zmw7vkwGusi7KaEIkQmywszo+zenaSMQVy+n5Bw+SUEmK3TGXX8npN6o7WWWXlDLJ +s58+OmJYxUmtYg5xpTKqL8aJdkNAExNnPaJUJRDL8Try2frbSVa7pv6nQTXD4IhhyYjH3zYQIphZ +6rBK+1YWc26sTfcioU+tHXotRSflMMFe8toTyyVCUZVHA4xsIcx0Qu1T/zOLjw9XARYvz6buyXAi +FL39vmwLAw== +-----END CERTIFICATE----- + +Sonera Class 2 Root CA +====================== +-----BEGIN CERTIFICATE----- +MIIDIDCCAgigAwIBAgIBHTANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGSTEPMA0GA1UEChMG +U29uZXJhMRkwFwYDVQQDExBTb25lcmEgQ2xhc3MyIENBMB4XDTAxMDQwNjA3Mjk0MFoXDTIxMDQw +NjA3Mjk0MFowOTELMAkGA1UEBhMCRkkxDzANBgNVBAoTBlNvbmVyYTEZMBcGA1UEAxMQU29uZXJh +IENsYXNzMiBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJAXSjWdyvANlsdE+hY3 +/Ei9vX+ALTU74W+oZ6m/AxxNjG8yR9VBaKQTBME1DJqEQ/xcHf+Js+gXGM2RX/uJ4+q/Tl18GybT +dXnt5oTjV+WtKcT0OijnpXuENmmz/V52vaMtmdOQTiMofRhj8VQ7Jp12W5dCsv+u8E7s3TmVToMG +f+dJQMjFAbJUWmYdPfz56TwKnoG4cPABi+QjVHzIrviQHgCWctRUz2EjvOr7nQKV0ba5cTppCD8P +tOFCx4j1P5iop7oc4HFx71hXgVB6XGt0Rg6DA5jDjqhu8nYybieDwnPz3BjotJPqdURrBGAgcVeH +nfO+oJAjPYok4doh28MCAwEAAaMzMDEwDwYDVR0TAQH/BAUwAwEB/zARBgNVHQ4ECgQISqCqWITT +XjwwCwYDVR0PBAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBazof5FnIVV0sd2ZvnoiYw7JNn39Yt +0jSv9zilzqsWuasvfDXLrNAPtEwr/IDva4yRXzZ299uzGxnq9LIR/WFxRL8oszodv7ND6J+/3DEI +cbCdjdY0RzKQxmUk96BKfARzjzlvF4xytb1LyHr4e4PDKE6cCepnP7JnBBvDFNr450kkkdAdavph +Oe9r5yF1BgfYErQhIHBCcYHaPJo2vqZbDWpsmh+Re/n570K6Tk6ezAyNlNzZRZxe7EJQY670XcSx +EtzKO6gunRRaBXW37Ndj4ro1tgQIkejanZz2ZrUYrAqmVCY0M9IbwdR/GjqOC6oybtv8TyWf2TLH +llpwrN9M +-----END CERTIFICATE----- + +UTN USERFirst Hardware Root CA +============================== +-----BEGIN CERTIFICATE----- +MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCBlzELMAkGA1UE +BhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwGA1UEChMVVGhl +IFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAd +BgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgx +OTIyWjCBlzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0 +eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVz +ZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdhcmUwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlI +wrthdBKWHTxqctU8EGc6Oe0rE81m65UJM6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFd +tqdt++BxF2uiiPsA3/4aMXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8 +i4fDidNdoI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqIDsjf +Pe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9KsyoUhbAgMBAAGjgbkw +gbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFKFyXyYbKJhDlV0HN9WF +lp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNF +UkZpcnN0LUhhcmR3YXJlLmNybDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUF +BwMGBggrBgEFBQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM +//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28GpgoiskliCE7/yMgUsogW +XecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gECJChicsZUN/KHAG8HQQZexB2 +lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kn +iCrVWFCVH/A7HFe7fRQ5YiuayZSSKqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67 +nfhmqA== +-----END CERTIFICATE----- + +Camerfirma Chambers of Commerce Root +==================================== +-----BEGIN CERTIFICATE----- +MIIEvTCCA6WgAwIBAgIBADANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJFVTEnMCUGA1UEChMe +QUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1i +ZXJzaWduLm9yZzEiMCAGA1UEAxMZQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdDAeFw0wMzA5MzAx +NjEzNDNaFw0zNzA5MzAxNjEzNDRaMH8xCzAJBgNVBAYTAkVVMScwJQYDVQQKEx5BQyBDYW1lcmZp +cm1hIFNBIENJRiBBODI3NDMyODcxIzAhBgNVBAsTGmh0dHA6Ly93d3cuY2hhbWJlcnNpZ24ub3Jn +MSIwIAYDVQQDExlDaGFtYmVycyBvZiBDb21tZXJjZSBSb290MIIBIDANBgkqhkiG9w0BAQEFAAOC +AQ0AMIIBCAKCAQEAtzZV5aVdGDDg2olUkfzIx1L4L1DZ77F1c2VHfRtbunXF/KGIJPov7coISjlU +xFF6tdpg6jg8gbLL8bvZkSM/SAFwdakFKq0fcfPJVD0dBmpAPrMMhe5cG3nCYsS4No41XQEMIwRH +NaqbYE6gZj3LJgqcQKH0XZi/caulAGgq7YN6D6IUtdQis4CwPAxaUWktWBiP7Zme8a7ileb2R6jW +DA+wWFjbw2Y3npuRVDM30pQcakjJyfKl2qUMI/cjDpwyVV5xnIQFUZot/eZOKjRa3spAN2cMVCFV +d9oKDMyXroDclDZK9D7ONhMeU+SsTjoF7Nuucpw4i9A5O4kKPnf+dQIBA6OCAUQwggFAMBIGA1Ud +EwEB/wQIMAYBAf8CAQwwPAYDVR0fBDUwMzAxoC+gLYYraHR0cDovL2NybC5jaGFtYmVyc2lnbi5v +cmcvY2hhbWJlcnNyb290LmNybDAdBgNVHQ4EFgQU45T1sU3p26EpW1eLTXYGduHRooowDgYDVR0P +AQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzAnBgNVHREEIDAegRxjaGFtYmVyc3Jvb3RAY2hh +bWJlcnNpZ24ub3JnMCcGA1UdEgQgMB6BHGNoYW1iZXJzcm9vdEBjaGFtYmVyc2lnbi5vcmcwWAYD +VR0gBFEwTzBNBgsrBgEEAYGHLgoDATA+MDwGCCsGAQUFBwIBFjBodHRwOi8vY3BzLmNoYW1iZXJz +aWduLm9yZy9jcHMvY2hhbWJlcnNyb290Lmh0bWwwDQYJKoZIhvcNAQEFBQADggEBAAxBl8IahsAi +fJ/7kPMa0QOx7xP5IV8EnNrJpY0nbJaHkb5BkAFyk+cefV/2icZdp0AJPaxJRUXcLo0waLIJuvvD +L8y6C98/d3tGfToSJI6WjzwFCm/SlCgdbQzALogi1djPHRPH8EjX1wWnz8dHnjs8NMiAT9QUu/wN +UPf6s+xCX6ndbcj0dc97wXImsQEcXCz9ek60AcUFV7nnPKoF2YjpB0ZBzu9Bga5Y34OirsrXdx/n +ADydb47kMgkdTXg0eDQ8lJsm7U9xxhl6vSAiSFr+S30Dt+dYvsYyTnQeaN2oaFuzPu5ifdmA6Ap1 +erfutGWaIZDgqtCYvDi1czyL+Nw= +-----END CERTIFICATE----- + +Camerfirma Global Chambersign Root +================================== +-----BEGIN CERTIFICATE----- +MIIExTCCA62gAwIBAgIBADANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJFVTEnMCUGA1UEChMe +QUMgQ2FtZXJmaXJtYSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1i +ZXJzaWduLm9yZzEgMB4GA1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwHhcNMDMwOTMwMTYx +NDE4WhcNMzcwOTMwMTYxNDE4WjB9MQswCQYDVQQGEwJFVTEnMCUGA1UEChMeQUMgQ2FtZXJmaXJt +YSBTQSBDSUYgQTgyNzQzMjg3MSMwIQYDVQQLExpodHRwOi8vd3d3LmNoYW1iZXJzaWduLm9yZzEg +MB4GA1UEAxMXR2xvYmFsIENoYW1iZXJzaWduIFJvb3QwggEgMA0GCSqGSIb3DQEBAQUAA4IBDQAw +ggEIAoIBAQCicKLQn0KuWxfH2H3PFIP8T8mhtxOviteePgQKkotgVvq0Mi+ITaFgCPS3CU6gSS9J +1tPfnZdan5QEcOw/Wdm3zGaLmFIoCQLfxS+EjXqXd7/sQJ0lcqu1PzKY+7e3/HKE5TWH+VX6ox8O +by4o3Wmg2UIQxvi1RMLQQ3/bvOSiPGpVeAp3qdjqGTK3L/5cPxvusZjsyq16aUXjlg9V9ubtdepl +6DJWk0aJqCWKZQbua795B9Dxt6/tLE2Su8CoX6dnfQTyFQhwrJLWfQTSM/tMtgsL+xrJxI0DqX5c +8lCrEqWhz0hQpe/SyBoT+rB/sYIcd2oPX9wLlY/vQ37mRQklAgEDo4IBUDCCAUwwEgYDVR0TAQH/ +BAgwBgEB/wIBDDA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3JsLmNoYW1iZXJzaWduLm9yZy9j +aGFtYmVyc2lnbnJvb3QuY3JsMB0GA1UdDgQWBBRDnDafsJ4wTcbOX60Qq+UDpfqpFDAOBgNVHQ8B +Af8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgAHMCoGA1UdEQQjMCGBH2NoYW1iZXJzaWducm9vdEBj +aGFtYmVyc2lnbi5vcmcwKgYDVR0SBCMwIYEfY2hhbWJlcnNpZ25yb290QGNoYW1iZXJzaWduLm9y +ZzBbBgNVHSAEVDBSMFAGCysGAQQBgYcuCgEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly9jcHMuY2hh +bWJlcnNpZ24ub3JnL2Nwcy9jaGFtYmVyc2lnbnJvb3QuaHRtbDANBgkqhkiG9w0BAQUFAAOCAQEA +PDtwkfkEVCeR4e3t/mh/YV3lQWVPMvEYBZRqHN4fcNs+ezICNLUMbKGKfKX0j//U2K0X1S0E0T9Y +gOKBWYi+wONGkyT+kL0mojAt6JcmVzWJdJYY9hXiryQZVgICsroPFOrGimbBhkVVi76SvpykBMdJ +PJ7oKXqJ1/6v/2j1pReQvayZzKWGVwlnRtvWFsJG8eSpUPWP0ZIV018+xgBJOm5YstHRJw0lyDL4 +IBHNfTIzSJRUTN3cecQwn+uOuFW114hcxWokPbLTBQNRxgfvzBRydD1ucs4YKIxKoHflCStFREes +t2d/AYoFWpO+ocH/+OcOZ6RHSXZddZAa9SaP8A== +-----END CERTIFICATE----- + +XRamp Global CA Root +==================== +-----BEGIN CERTIFICATE----- +MIIEMDCCAxigAwIBAgIQUJRs7Bjq1ZxN1ZfvdY+grTANBgkqhkiG9w0BAQUFADCBgjELMAkGA1UE +BhMCVVMxHjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2Vj +dXJpdHkgU2VydmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBB +dXRob3JpdHkwHhcNMDQxMTAxMTcxNDA0WhcNMzUwMTAxMDUzNzE5WjCBgjELMAkGA1UEBhMCVVMx +HjAcBgNVBAsTFXd3dy54cmFtcHNlY3VyaXR5LmNvbTEkMCIGA1UEChMbWFJhbXAgU2VjdXJpdHkg +U2VydmljZXMgSW5jMS0wKwYDVQQDEyRYUmFtcCBHbG9iYWwgQ2VydGlmaWNhdGlvbiBBdXRob3Jp +dHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYJB69FbS638eMpSe2OAtp87ZOqCwu +IR1cRN8hXX4jdP5efrRKt6atH67gBhbim1vZZ3RrXYCPKZ2GG9mcDZhtdhAoWORlsH9KmHmf4MMx +foArtYzAQDsRhtDLooY2YKTVMIJt2W7QDxIEM5dfT2Fa8OT5kavnHTu86M/0ay00fOJIYRyO82FE +zG+gSqmUsE3a56k0enI4qEHMPJQRfevIpoy3hsvKMzvZPTeL+3o+hiznc9cKV6xkmxnr9A8ECIqs +AxcZZPRaJSKNNCyy9mgdEm3Tih4U2sSPpuIjhdV6Db1q4Ons7Be7QhtnqiXtRYMh/MHJfNViPvry +xS3T/dRlAgMBAAGjgZ8wgZwwEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1Ud +EwEB/wQFMAMBAf8wHQYDVR0OBBYEFMZPoj0GY4QJnM5i5ASsjVy16bYbMDYGA1UdHwQvMC0wK6Ap +oCeGJWh0dHA6Ly9jcmwueHJhbXBzZWN1cml0eS5jb20vWEdDQS5jcmwwEAYJKwYBBAGCNxUBBAMC +AQEwDQYJKoZIhvcNAQEFBQADggEBAJEVOQMBG2f7Shz5CmBbodpNl2L5JFMn14JkTpAuw0kbK5rc +/Kh4ZzXxHfARvbdI4xD2Dd8/0sm2qlWkSLoC295ZLhVbO50WfUfXN+pfTXYSNrsf16GBBEYgoyxt +qZ4Bfj8pzgCT3/3JknOJiWSe5yvkHJEs0rnOfc5vMZnT5r7SHpDwCRR5XCOrTdLaIR9NmXmd4c8n +nxCbHIgNsIpkQTG4DmyQJKSbXHGPurt+HBvbaoAPIbzp26a3QPSyi6mx5O+aGtA9aZnuqCij4Tyz +8LIRnM98QObd50N9otg6tamN8jSZxNQQ4Qb9CYQQO+7ETPTsJ3xCwnR8gooJybQDJbw= +-----END CERTIFICATE----- + +Go Daddy Class 2 CA +=================== +-----BEGIN CERTIFICATE----- +MIIEADCCAuigAwIBAgIBADANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMY +VGhlIEdvIERhZGR5IEdyb3VwLCBJbmMuMTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRp +ZmljYXRpb24gQXV0aG9yaXR5MB4XDTA0MDYyOTE3MDYyMFoXDTM0MDYyOTE3MDYyMFowYzELMAkG +A1UEBhMCVVMxITAfBgNVBAoTGFRoZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28g +RGFkZHkgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCASAwDQYJKoZIhvcNAQEBBQAD +ggENADCCAQgCggEBAN6d1+pXGEmhW+vXX0iG6r7d/+TvZxz0ZWizV3GgXne77ZtJ6XCAPVYYYwhv +2vLM0D9/AlQiVBDYsoHUwHU9S3/Hd8M+eKsaA7Ugay9qK7HFiH7Eux6wwdhFJ2+qN1j3hybX2C32 +qRe3H3I2TqYXP2WYktsqbl2i/ojgC95/5Y0V4evLOtXiEqITLdiOr18SPaAIBQi2XKVlOARFmR6j +YGB0xUGlcmIbYsUfb18aQr4CUWWoriMYavx4A6lNf4DD+qta/KFApMoZFv6yyO9ecw3ud72a9nmY +vLEHZ6IVDd2gWMZEewo+YihfukEHU1jPEX44dMX4/7VpkI+EdOqXG68CAQOjgcAwgb0wHQYDVR0O +BBYEFNLEsNKR1EwRcbNhyz2h/t2oatTjMIGNBgNVHSMEgYUwgYKAFNLEsNKR1EwRcbNhyz2h/t2o +atTjoWekZTBjMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYVGhlIEdvIERhZGR5IEdyb3VwLCBJbmMu +MTEwLwYDVQQLEyhHbyBEYWRkeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMAwG +A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBADJL87LKPpH8EsahB4yOd6AzBhRckB4Y9wim +PQoZ+YeAEW5p5JYXMP80kWNyOO7MHAGjHZQopDH2esRU1/blMVgDoszOYtuURXO1v0XJJLXVggKt +I3lpjbi2Tc7PTMozI+gciKqdi0FuFskg5YmezTvacPd+mSYgFFQlq25zheabIZ0KbIIOqPjCDPoQ +HmyW74cNxA9hi63ugyuV+I6ShHI56yDqg+2DzZduCLzrTia2cyvk0/ZM/iZx4mERdEr/VxqHD3VI +Ls9RaRegAhJhldXRQLIQTO7ErBBDpqWeCtWVYpoNz4iCxTIM5CufReYNnyicsbkqWletNw+vHX/b +vZ8= +-----END CERTIFICATE----- + +Starfield Class 2 CA +==================== +-----BEGIN CERTIFICATE----- +MIIEDzCCAvegAwIBAgIBADANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJVUzElMCMGA1UEChMc +U3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAGA1UECxMpU3RhcmZpZWxkIENsYXNzIDIg +Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDQwNjI5MTczOTE2WhcNMzQwNjI5MTczOTE2WjBo +MQswCQYDVQQGEwJVUzElMCMGA1UEChMcU3RhcmZpZWxkIFRlY2hub2xvZ2llcywgSW5jLjEyMDAG +A1UECxMpU3RhcmZpZWxkIENsYXNzIDIgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEgMA0GCSqG +SIb3DQEBAQUAA4IBDQAwggEIAoIBAQC3Msj+6XGmBIWtDBFk385N78gDGIc/oav7PKaf8MOh2tTY +bitTkPskpD6E8J7oX+zlJ0T1KKY/e97gKvDIr1MvnsoFAZMej2YcOadN+lq2cwQlZut3f+dZxkqZ +JRRU6ybH838Z1TBwj6+wRir/resp7defqgSHo9T5iaU0X9tDkYI22WY8sbi5gv2cOj4QyDvvBmVm +epsZGD3/cVE8MC5fvj13c7JdBmzDI1aaK4UmkhynArPkPw2vCHmCuDY96pzTNbO8acr1zJ3o/WSN +F4Azbl5KXZnJHoe0nRrA1W4TNSNe35tfPe/W93bC6j67eA0cQmdrBNj41tpvi/JEoAGrAgEDo4HF +MIHCMB0GA1UdDgQWBBS/X7fRzt0fhvRbVazc1xDCDqmI5zCBkgYDVR0jBIGKMIGHgBS/X7fRzt0f +hvRbVazc1xDCDqmI56FspGowaDELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNo +bm9sb2dpZXMsIEluYy4xMjAwBgNVBAsTKVN0YXJmaWVsZCBDbGFzcyAyIENlcnRpZmljYXRpb24g +QXV0aG9yaXR5ggEAMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAAWdP4id0ckaVaGs +afPzWdqbAYcaT1epoXkJKtv3L7IezMdeatiDh6GX70k1PncGQVhiv45YuApnP+yz3SFmH8lU+nLM +PUxA2IGvd56Deruix/U0F47ZEUD0/CwqTRV/p2JdLiXTAAsgGh1o+Re49L2L7ShZ3U0WixeDyLJl +xy16paq8U4Zt3VekyvggQQto8PT7dL5WXXp59fkdheMtlb71cZBDzI0fmgAKhynpVSJYACPq4xJD +KVtHCN2MQWplBqjlIapBtJUhlbl90TSrE9atvNziPTnNvT51cKEYWQPJIrSPnNVeKtelttQKbfi3 +QBFGmh95DmK/D5fs4C8fF5Q= +-----END CERTIFICATE----- + +StartCom Certification Authority +================================ +-----BEGIN CERTIFICATE----- +MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMN +U3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmlu +ZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0 +NjM2WhcNMzYwOTE3MTk0NjM2WjB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRk +LjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMg +U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw +ggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZkpMyONvg45iPwbm2xPN1y +o4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rfOQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/ +Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/CJi/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/d +eMotHweXMAEtcnn6RtYTKqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt +2PZE4XNiHzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMMAv+Z +6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w+2OqqGwaVLRcJXrJ +osmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/ +untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVc +UjyJthkqcwEKDwOzEmDyei+B26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT +37uMdBNSSwIDAQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE +FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9jZXJ0LnN0YXJ0 +Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3JsLnN0YXJ0Y29tLm9yZy9zZnNj +YS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFMBgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUH +AgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRw +Oi8vY2VydC5zdGFydGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYg +U3RhcnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlhYmlsaXR5 +LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2YgdGhlIFN0YXJ0Q29tIENl +cnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFpbGFibGUgYXQgaHR0cDovL2NlcnQuc3Rh +cnRjb20ub3JnL3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilT +dGFydENvbSBGcmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOC +AgEAFmyZ9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8jhvh +3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUWFjgKXlf2Ysd6AgXm +vB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJzewT4F+irsfMuXGRuczE6Eri8sxHk +fY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3 +fsNrarnDy0RLrHiQi+fHLB5LEUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZ +EoalHmdkrQYuL6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq +yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuCO3NJo2pXh5Tl +1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6Vum0ABj6y6koQOdjQK/W/7HW/ +lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkyShNOsF/5oirpt9P/FlUQqmMGqz9IgcgA38coro +g14= +-----END CERTIFICATE----- + +Taiwan GRCA +=========== +-----BEGIN CERTIFICATE----- +MIIFcjCCA1qgAwIBAgIQH51ZWtcvwgZEpYAIaeNe9jANBgkqhkiG9w0BAQUFADA/MQswCQYDVQQG +EwJUVzEwMC4GA1UECgwnR292ZXJubWVudCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4X +DTAyMTIwNTEzMjMzM1oXDTMyMTIwNTEzMjMzM1owPzELMAkGA1UEBhMCVFcxMDAuBgNVBAoMJ0dv +dmVybm1lbnQgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTCCAiIwDQYJKoZIhvcNAQEBBQAD +ggIPADCCAgoCggIBAJoluOzMonWoe/fOW1mKydGGEghU7Jzy50b2iPN86aXfTEc2pBsBHH8eV4qN +w8XRIePaJD9IK/ufLqGU5ywck9G/GwGHU5nOp/UKIXZ3/6m3xnOUT0b3EEk3+qhZSV1qgQdW8or5 +BtD3cCJNtLdBuTK4sfCxw5w/cP1T3YGq2GN49thTbqGsaoQkclSGxtKyyhwOeYHWtXBiCAEuTk8O +1RGvqa/lmr/czIdtJuTJV6L7lvnM4T9TjGxMfptTCAtsF/tnyMKtsc2AtJfcdgEWFelq16TheEfO +htX7MfP6Mb40qij7cEwdScevLJ1tZqa2jWR+tSBqnTuBto9AAGdLiYa4zGX+FVPpBMHWXx1E1wov +J5pGfaENda1UhhXcSTvxls4Pm6Dso3pdvtUqdULle96ltqqvKKyskKw4t9VoNSZ63Pc78/1Fm9G7 +Q3hub/FCVGqY8A2tl+lSXunVanLeavcbYBT0peS2cWeqH+riTcFCQP5nRhc4L0c/cZyu5SHKYS1t +B6iEfC3uUSXxY5Ce/eFXiGvviiNtsea9P63RPZYLhY3Naye7twWb7LuRqQoHEgKXTiCQ8P8NHuJB +O9NAOueNXdpm5AKwB1KYXA6OM5zCppX7VRluTI6uSw+9wThNXo+EHWbNxWCWtFJaBYmOlXqYwZE8 +lSOyDvR5tMl8wUohAgMBAAGjajBoMB0GA1UdDgQWBBTMzO/MKWCkO7GStjz6MmKPrCUVOzAMBgNV +HRMEBTADAQH/MDkGBGcqBwAEMTAvMC0CAQAwCQYFKw4DAhoFADAHBgVnKgMAAAQUA5vwIhP/lSg2 +09yewDL7MTqKUWUwDQYJKoZIhvcNAQEFBQADggIBAECASvomyc5eMN1PhnR2WPWus4MzeKR6dBcZ +TulStbngCnRiqmjKeKBMmo4sIy7VahIkv9Ro04rQ2JyftB8M3jh+Vzj8jeJPXgyfqzvS/3WXy6Tj +Zwj/5cAWtUgBfen5Cv8b5Wppv3ghqMKnI6mGq3ZW6A4M9hPdKmaKZEk9GhiHkASfQlK3T8v+R0F2 +Ne//AHY2RTKbxkaFXeIksB7jSJaYV0eUVXoPQbFEJPPB/hprv4j9wabak2BegUqZIJxIZhm1AHlU +D7gsL0u8qV1bYH+Mh6XgUmMqvtg7hUAV/h62ZT/FS9p+tXo1KaMuephgIqP0fSdOLeq0dDzpD6Qz +DxARvBMB1uUO07+1EqLhRSPAzAhuYbeJq4PjJB7mXQfnHyA+z2fI56wwbSdLaG5LKlwCCDTb+Hbk +Z6MmnD+iMsJKxYEYMRBWqoTvLQr/uB930r+lWKBi5NdLkXWNiYCYfm3LU05er/ayl4WXudpVBrkk +7tfGOB5jGxI7leFYrPLfhNVfmS8NVVvmONsuP3LpSIXLuykTjx44VbnzssQwmSNOXfJIoRIM3BKQ +CZBUkQM8R+XVyWXgt0t97EfTsws+rZ7QdAAO671RrcDeLMDDav7v3Aun+kbfYNucpllQdSNpc5Oy ++fwC00fmcc4QAu4njIT/rEUNE1yDMuAlpYYsfPQS +-----END CERTIFICATE----- + +Swisscom Root CA 1 +================== +-----BEGIN CERTIFICATE----- +MIIF2TCCA8GgAwIBAgIQXAuFXAvnWUHfV8w/f52oNjANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQG +EwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2VydGlmaWNhdGUgU2Vy +dmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3QgQ0EgMTAeFw0wNTA4MTgxMjA2MjBaFw0yNTA4 +MTgyMjA2MjBaMGQxCzAJBgNVBAYTAmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGln +aXRhbCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAxMIIC +IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0LmwqAzZuz8h+BvVM5OAFmUgdbI9m2BtRsiM +MW8Xw/qabFbtPMWRV8PNq5ZJkCoZSx6jbVfd8StiKHVFXqrWW/oLJdihFvkcxC7mlSpnzNApbjyF +NDhhSbEAn9Y6cV9Nbc5fuankiX9qUvrKm/LcqfmdmUc/TilftKaNXXsLmREDA/7n29uj/x2lzZAe +AR81sH8A25Bvxn570e56eqeqDFdvpG3FEzuwpdntMhy0XmeLVNxzh+XTF3xmUHJd1BpYwdnP2IkC +b6dJtDZd0KTeByy2dbcokdaXvij1mB7qWybJvbCXc9qukSbraMH5ORXWZ0sKbU/Lz7DkQnGMU3nn +7uHbHaBuHYwadzVcFh4rUx80i9Fs/PJnB3r1re3WmquhsUvhzDdf/X/NTa64H5xD+SpYVUNFvJbN +cA78yeNmuk6NO4HLFWR7uZToXTNShXEuT46iBhFRyePLoW4xCGQMwtI89Tbo19AOeCMgkckkKmUp +WyL3Ic6DXqTz3kvTaI9GdVyDCW4pa8RwjPWd1yAv/0bSKzjCL3UcPX7ape8eYIVpQtPM+GP+HkM5 +haa2Y0EQs3MevNP6yn0WR+Kn1dCjigoIlmJWbjTb2QK5MHXjBNLnj8KwEUAKrNVxAmKLMb7dxiNY +MUJDLXT5xp6mig/p/r+D5kNXJLrvRjSq1xIBOO0CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYw +HQYDVR0hBBYwFDASBgdghXQBUwABBgdghXQBUwABMBIGA1UdEwEB/wQIMAYBAf8CAQcwHwYDVR0j +BBgwFoAUAyUv3m+CATpcLNwroWm1Z9SM0/0wHQYDVR0OBBYEFAMlL95vggE6XCzcK6FptWfUjNP9 +MA0GCSqGSIb3DQEBBQUAA4ICAQA1EMvspgQNDQ/NwNurqPKIlwzfky9NfEBWMXrrpA9gzXrzvsMn +jgM+pN0S734edAY8PzHyHHuRMSG08NBsl9Tpl7IkVh5WwzW9iAUPWxAaZOHHgjD5Mq2eUCzneAXQ +MbFamIp1TpBcahQq4FJHgmDmHtqBsfsUC1rxn9KVuj7QG9YVHaO+htXbD8BJZLsuUBlL0iT43R4H +VtA4oJVwIHaM190e3p9xxCPvgxNcoyQVTSlAPGrEqdi3pkSlDfTgnXceQHAm/NrZNuR55LU/vJtl +vrsRls/bxig5OgjOR1tTWsWZ/l2p3e9M1MalrQLmjAcSHm8D0W+go/MpvRLHUKKwf4ipmXeascCl +OS5cfGniLLDqN2qk4Vrh9VDlg++luyqI54zb/W1elxmofmZ1a3Hqv7HHb6D0jqTsNFFbjCYDcKF3 +1QESVwA12yPeDooomf2xEG9L/zgtYE4snOtnta1J7ksfrK/7DZBaZmBwXarNeNQk7shBoJMBkpxq +nvy5JMWzFYJ+vq6VK+uxwNrjAWALXmmshFZhvnEX/h0TD/7Gh0Xp/jKgGg0TpJRVcaUWi7rKibCy +x/yP2FS1k2Kdzs9Z+z0YzirLNRWCXf9UIltxUvu3yf5gmwBBZPCqKuy2QkPOiWaByIufOVQDJdMW +NY6E0F/6MBr1mmz0DlP5OlvRHA== +-----END CERTIFICATE----- + +DigiCert Assured ID Root CA +=========================== +-----BEGIN CERTIFICATE----- +MIIDtzCCAp+gAwIBAgIQDOfg5RfYRv6P5WD8G/AwOTANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSQw +IgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0EwHhcNMDYxMTEwMDAwMDAwWhcNMzEx +MTEwMDAwMDAwWjBlMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQL +ExB3d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgQ0Ew +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtDhXO5EOAXLGH87dg+XESpa7cJpSIqvTO +9SA5KFhgDPiA2qkVlTJhPLWxKISKityfCgyDF3qPkKyK53lTXDGEKvYPmDI2dsze3Tyoou9q+yHy +UmHfnyDXH+Kx2f4YZNISW1/5WBg1vEfNoTb5a3/UsDg+wRvDjDPZ2C8Y/igPs6eD1sNuRMBhNZYW +/lmci3Zt1/GiSw0r/wty2p5g0I6QNcZ4VYcgoc/lbQrISXwxmDNsIumH0DJaoroTghHtORedmTpy +oeb6pNnVFzF1roV9Iq4/AUaG9ih5yLHa5FcXxH4cDrC0kqZWs72yl+2qp/C3xag/lRbQ/6GW6whf +GHdPAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRF +66Kv9JLLgjEtUYunpyGd823IDzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzANBgkq +hkiG9w0BAQUFAAOCAQEAog683+Lt8ONyc3pklL/3cmbYMuRCdWKuh+vy1dneVrOfzM4UKLkNl2Bc +EkxY5NM9g0lFWJc1aRqoR+pWxnmrEthngYTffwk8lOa4JiwgvT2zKIn3X/8i4peEH+ll74fg38Fn +SbNd67IJKusm7Xi+fT8r87cmNW1fiQG2SVufAQWbqz0lwcy2f8Lxb4bG+mRo64EtlOtCt/qMHt1i +8b5QZ7dsvfPxH2sMNgcWfzd8qVttevESRmCD1ycEvkvOl77DZypoEd+A5wwzZr8TDRRu838fYxAe ++o0bJW1sj6W3YQGx0qMmoRBxna3iw/nDmVG3KwcIzi7mULKn+gpFL6Lw8g== +-----END CERTIFICATE----- + +DigiCert Global Root CA +======================= +-----BEGIN CERTIFICATE----- +MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBhMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAw +HgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBDQTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAw +MDAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3 +dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsBCSDMAZOn +TjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97nh6Vfe63SKMI2tavegw5 +BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt43C/dxC//AH2hdmoRBBYMql1GNXRor5H +4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7PT19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y +7vrTC0LUq7dBMtoM1O/4gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQAB +o2MwYTAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbRTLtm +8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUwDQYJKoZIhvcNAQEF +BQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/EsrhMAtudXH/vTBH1jLuG2cenTnmCmr +EbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIt +tep3Sp+dWOIrWcBAI+0tKIJFPnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886 +UAb3LujEV0lsYSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk +CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4= +-----END CERTIFICATE----- + +DigiCert High Assurance EV Root CA +================================== +-----BEGIN CERTIFICATE----- +MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBsMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSsw +KQYDVQQDEyJEaWdpQ2VydCBIaWdoIEFzc3VyYW5jZSBFViBSb290IENBMB4XDTA2MTExMDAwMDAw +MFoXDTMxMTExMDAwMDAwMFowbDELMAkGA1UEBhMCVVMxFTATBgNVBAoTDERpZ2lDZXJ0IEluYzEZ +MBcGA1UECxMQd3d3LmRpZ2ljZXJ0LmNvbTErMCkGA1UEAxMiRGlnaUNlcnQgSGlnaCBBc3N1cmFu +Y2UgRVYgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMbM5XPm+9S75S0t +Mqbf5YE/yc0lSbZxKsPVlDRnogocsF9ppkCxxLeyj9CYpKlBWTrT3JTWPNt0OKRKzE0lgvdKpVMS +OO7zSW1xkX5jtqumX8OkhPhPYlG++MXs2ziS4wblCJEMxChBVfvLWokVfnHoNb9Ncgk9vjo4UFt3 +MRuNs8ckRZqnrG0AFFoEt7oT61EKmEFBIk5lYYeBQVCmeVyJ3hlKV9Uu5l0cUyx+mM0aBhakaHPQ +NAQTXKFx01p8VdteZOE3hzBWBOURtCmAEvF5OYiiAhF8J2a3iLd48soKqDirCmTCv2ZdlYTBoSUe +h10aUAsgEsxBu24LUTi4S8sCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMB +Af8wHQYDVR0OBBYEFLE+w2kD+L9HAdSYJhoIAu9jZCvDMB8GA1UdIwQYMBaAFLE+w2kD+L9HAdSY +JhoIAu9jZCvDMA0GCSqGSIb3DQEBBQUAA4IBAQAcGgaX3NecnzyIZgYIVyHbIUf4KmeqvxgydkAQ +V8GK83rZEWWONfqe/EW1ntlMMUu4kehDLI6zeM7b41N5cdblIZQB2lWHmiRk9opmzN6cN82oNLFp +myPInngiK3BD41VHMWEZ71jFhS9OMPagMRYjyOfiZRYzy78aG6A9+MpeizGLYAiJLQwGXFK3xPkK +mNEVX58Svnw2Yzi9RKR/5CYrCsSXaQ3pjOLAEFe4yHYSkVXySGnYvCoCWw9E1CAx2/S6cCZdkGCe +vEsXCS+0yx5DaMkHJ8HSXPfqIbloEpw8nL+e/IBcm2PN7EeqJSdnoDfzAIJ9VNep+OkuE6N36B9K +-----END CERTIFICATE----- + +Certplus Class 2 Primary CA +=========================== +-----BEGIN CERTIFICATE----- +MIIDkjCCAnqgAwIBAgIRAIW9S/PY2uNp9pTXX8OlRCMwDQYJKoZIhvcNAQEFBQAwPTELMAkGA1UE +BhMCRlIxETAPBgNVBAoTCENlcnRwbHVzMRswGQYDVQQDExJDbGFzcyAyIFByaW1hcnkgQ0EwHhcN +OTkwNzA3MTcwNTAwWhcNMTkwNzA2MjM1OTU5WjA9MQswCQYDVQQGEwJGUjERMA8GA1UEChMIQ2Vy +dHBsdXMxGzAZBgNVBAMTEkNsYXNzIDIgUHJpbWFyeSBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBANxQltAS+DXSCHh6tlJw/W/uz7kRy1134ezpfgSN1sxvc0NXYKwzCkTsA18cgCSR +5aiRVhKC9+Ar9NuuYS6JEI1rbLqzAr3VNsVINyPi8Fo3UjMXEuLRYE2+L0ER4/YXJQyLkcAbmXuZ +Vg2v7tK8R1fjeUl7NIknJITesezpWE7+Tt9avkGtrAjFGA7v0lPubNCdEgETjdyAYveVqUSISnFO +YFWe2yMZeVYHDD9jC1yw4r5+FfyUM1hBOHTE4Y+L3yasH7WLO7dDWWuwJKZtkIvEcupdM5i3y95e +e++U8Rs+yskhwcWYAqqi9lt3m/V+llU0HGdpwPFC40es/CgcZlUCAwEAAaOBjDCBiTAPBgNVHRME +CDAGAQH/AgEKMAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQU43Mt38sOKAze3bOkynm4jrvoMIkwEQYJ +YIZIAYb4QgEBBAQDAgEGMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly93d3cuY2VydHBsdXMuY29t +L0NSTC9jbGFzczIuY3JsMA0GCSqGSIb3DQEBBQUAA4IBAQCnVM+IRBnL39R/AN9WM2K191EBkOvD +P9GIROkkXe/nFL0gt5o8AP5tn9uQ3Nf0YtaLcF3n5QRIqWh8yfFC82x/xXp8HVGIutIKPidd3i1R +TtMTZGnkLuPT55sJmabglZvOGtd/vjzOUrMRFcEPF80Du5wlFbqidon8BvEY0JNLDnyCt6X09l/+ +7UCmnYR0ObncHoUW2ikbhiMAybuJfm6AiB4vFLQDJKgybwOaRywwvlbGp0ICcBvqQNi6BQNwB6SW +//1IMwrh3KWBkJtN3X3n57LNXMhqlfil9o3EXXgIvnsG1knPGTZQIy4I5p4FTUcY1Rbpsda2ENW7 +l7+ijrRU +-----END CERTIFICATE----- + +DST Root CA X3 +============== +-----BEGIN CERTIFICATE----- +MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/MSQwIgYDVQQK +ExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMTDkRTVCBSb290IENBIFgzMB4X +DTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVowPzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1 +cmUgVHJ1c3QgQ28uMRcwFQYDVQQDEw5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQAD +ggEPADCCAQoCggEBAN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmT +rE4Orz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEqOLl5CjH9 +UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9bxiqKqy69cK3FCxolkHRy +xXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40d +utolucbY38EVAjqr2m7xPi71XAicPNaDaeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0T +AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQ +MA0GCSqGSIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69ikug +dB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXrAvHRAosZy5Q6XkjE +GB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZzR8srzJmwN0jP41ZL9c8PDHIyh8bw +RLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubS +fZGL+T0yjWW06XyxV3bqxbYoOb8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ +-----END CERTIFICATE----- + +DST ACES CA X6 +============== +-----BEGIN CERTIFICATE----- +MIIECTCCAvGgAwIBAgIQDV6ZCtadt3js2AdWO4YV2TANBgkqhkiG9w0BAQUFADBbMQswCQYDVQQG +EwJVUzEgMB4GA1UEChMXRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QxETAPBgNVBAsTCERTVCBBQ0VT +MRcwFQYDVQQDEw5EU1QgQUNFUyBDQSBYNjAeFw0wMzExMjAyMTE5NThaFw0xNzExMjAyMTE5NTha +MFsxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdDERMA8GA1UE +CxMIRFNUIEFDRVMxFzAVBgNVBAMTDkRTVCBBQ0VTIENBIFg2MIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAuT31LMmU3HWKlV1j6IR3dma5WZFcRt2SPp/5DgO0PWGSvSMmtWPuktKe1jzI +DZBfZIGxqAgNTNj50wUoUrQBJcWVHAx+PhCEdc/BGZFjz+iokYi5Q1K7gLFViYsx+tC3dr5BPTCa +pCIlF3PoHuLTrCq9Wzgh1SpL11V94zpVvddtawJXa+ZHfAjIgrrep4c9oW24MFbCswKBXy314pow +GCi4ZtPLAZZv6opFVdbgnf9nKxcCpk4aahELfrd755jWjHZvwTvbUJN+5dCOHze4vbrGn2zpfDPy +MjwmR/onJALJfh1biEITajV8fTXpLmaRcpPVMibEdPVTo7NdmvYJywIDAQABo4HIMIHFMA8GA1Ud +EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgHGMB8GA1UdEQQYMBaBFHBraS1vcHNAdHJ1c3Rkc3Qu +Y29tMGIGA1UdIARbMFkwVwYKYIZIAWUDAgEBATBJMEcGCCsGAQUFBwIBFjtodHRwOi8vd3d3LnRy +dXN0ZHN0LmNvbS9jZXJ0aWZpY2F0ZXMvcG9saWN5L0FDRVMtaW5kZXguaHRtbDAdBgNVHQ4EFgQU +CXIGThhDD+XWzMNqizF7eI+og7gwDQYJKoZIhvcNAQEFBQADggEBAKPYjtay284F5zLNAdMEA+V2 +5FYrnJmQ6AgwbN99Pe7lv7UkQIRJ4dEorsTCOlMwiPH1d25Ryvr/ma8kXxug/fKshMrfqfBfBC6t +Fr8hlxCBPeP/h40y3JTlR4peahPJlJU90u7INJXQgNStMgiAVDzgvVJT11J8smk/f3rPanTK+gQq +nExaBqXpIK1FZg9p8d2/6eMyi/rgwYZNcjwu2JN4Cir42NInPRmJX1p7ijvMDNpRrscL9yuwNwXs +vFcj4jjSm2jzVhKIT0J8uDHEtdvkyCE06UgRNe76x5JXxZ805Mf29w4LTJxoeHtxMcfrHuBnQfO3 +oKfN5XozNmr6mis= +-----END CERTIFICATE----- + +SwissSign Gold CA - G2 +====================== +-----BEGIN CERTIFICATE----- +MIIFujCCA6KgAwIBAgIJALtAHEP1Xk+wMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAkNIMRUw +EwYDVQQKEwxTd2lzc1NpZ24gQUcxHzAdBgNVBAMTFlN3aXNzU2lnbiBHb2xkIENBIC0gRzIwHhcN +MDYxMDI1MDgzMDM1WhcNMzYxMDI1MDgzMDM1WjBFMQswCQYDVQQGEwJDSDEVMBMGA1UEChMMU3dp +c3NTaWduIEFHMR8wHQYDVQQDExZTd2lzc1NpZ24gR29sZCBDQSAtIEcyMIICIjANBgkqhkiG9w0B +AQEFAAOCAg8AMIICCgKCAgEAr+TufoskDhJuqVAtFkQ7kpJcyrhdhJJCEyq8ZVeCQD5XJM1QiyUq +t2/876LQwB8CJEoTlo8jE+YoWACjR8cGp4QjK7u9lit/VcyLwVcfDmJlD909Vopz2q5+bbqBHH5C +jCA12UNNhPqE21Is8w4ndwtrvxEvcnifLtg+5hg3Wipy+dpikJKVyh+c6bM8K8vzARO/Ws/BtQpg +vd21mWRTuKCWs2/iJneRjOBiEAKfNA+k1ZIzUd6+jbqEemA8atufK+ze3gE/bk3lUIbLtK/tREDF +ylqM2tIrfKjuvqblCqoOpd8FUrdVxyJdMmqXl2MT28nbeTZ7hTpKxVKJ+STnnXepgv9VHKVxaSvR +AiTysybUa9oEVeXBCsdtMDeQKuSeFDNeFhdVxVu1yzSJkvGdJo+hB9TGsnhQ2wwMC3wLjEHXuend +jIj3o02yMszYF9rNt85mndT9Xv+9lz4pded+p2JYryU0pUHHPbwNUMoDAw8IWh+Vc3hiv69yFGkO +peUDDniOJihC8AcLYiAQZzlG+qkDzAQ4embvIIO1jEpWjpEA/I5cgt6IoMPiaG59je883WX0XaxR +7ySArqpWl2/5rX3aYT+YdzylkbYcjCbaZaIJbcHiVOO5ykxMgI93e2CaHt+28kgeDrpOVG2Y4OGi +GqJ3UM/EY5LsRxmd6+ZrzsECAwEAAaOBrDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQUWyV7lqRlUX64OfPAeGZe6Drn8O4wHwYDVR0jBBgwFoAUWyV7lqRlUX64 +OfPAeGZe6Drn8O4wRgYDVR0gBD8wPTA7BglghXQBWQECAQEwLjAsBggrBgEFBQcCARYgaHR0cDov +L3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBACe645R88a7A3hfm +5djV9VSwg/S7zV4Fe0+fdWavPOhWfvxyeDgD2StiGwC5+OlgzczOUYrHUDFu4Up+GC9pWbY9ZIEr +44OE5iKHjn3g7gKZYbge9LgriBIWhMIxkziWMaa5O1M/wySTVltpkuzFwbs4AOPsF6m43Md8AYOf +Mke6UiI0HTJ6CVanfCU2qT1L2sCCbwq7EsiHSycR+R4tx5M/nttfJmtS2S6K8RTGRI0Vqbe/vd6m +Gu6uLftIdxf+u+yvGPUqUfA5hJeVbG4bwyvEdGB5JbAKJ9/fXtI5z0V9QkvfsywexcZdylU6oJxp +mo/a77KwPJ+HbBIrZXAVUjEaJM9vMSNQH4xPjyPDdEFjHFWoFN0+4FFQz/EbMFYOkrCChdiDyyJk +vC24JdVUorgG6q2SpCSgwYa1ShNqR88uC1aVVMvOmttqtKay20EIhid392qgQmwLOM7XdVAyksLf +KzAiSNDVQTglXaTpXZ/GlHXQRf0wl0OPkKsKx4ZzYEppLd6leNcG2mqeSz53OiATIgHQv2ieY2Br +NU0LbbqhPcCT4H8js1WtciVORvnSFu+wZMEBnunKoGqYDs/YYPIvSbjkQuE4NRb0yG5P94FW6Lqj +viOvrv1vA+ACOzB2+httQc8Bsem4yWb02ybzOqR08kkkW8mw0FfB+j564ZfJ +-----END CERTIFICATE----- + +SwissSign Silver CA - G2 +======================== +-----BEGIN CERTIFICATE----- +MIIFvTCCA6WgAwIBAgIITxvUL1S7L0swDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCQ0gxFTAT +BgNVBAoTDFN3aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMB4X +DTA2MTAyNTA4MzI0NloXDTM2MTAyNTA4MzI0NlowRzELMAkGA1UEBhMCQ0gxFTATBgNVBAoTDFN3 +aXNzU2lnbiBBRzEhMB8GA1UEAxMYU3dpc3NTaWduIFNpbHZlciBDQSAtIEcyMIICIjANBgkqhkiG +9w0BAQEFAAOCAg8AMIICCgKCAgEAxPGHf9N4Mfc4yfjDmUO8x/e8N+dOcbpLj6VzHVxumK4DV644 +N0MvFz0fyM5oEMF4rhkDKxD6LHmD9ui5aLlV8gREpzn5/ASLHvGiTSf5YXu6t+WiE7brYT7QbNHm ++/pe7R20nqA1W6GSy/BJkv6FCgU+5tkL4k+73JU3/JHpMjUi0R86TieFnbAVlDLaYQ1HTWBCrpJH +6INaUFjpiou5XaHc3ZlKHzZnu0jkg7Y360g6rw9njxcH6ATK72oxh9TAtvmUcXtnZLi2kUpCe2Uu +MGoM9ZDulebyzYLs2aFK7PayS+VFheZteJMELpyCbTapxDFkH4aDCyr0NQp4yVXPQbBH6TCfmb5h +qAaEuSh6XzjZG6k4sIN/c8HDO0gqgg8hm7jMqDXDhBuDsz6+pJVpATqJAHgE2cn0mRmrVn5bi4Y5 +FZGkECwJMoBgs5PAKrYYC51+jUnyEEp/+dVGLxmSo5mnJqy7jDzmDrxHB9xzUfFwZC8I+bRHHTBs +ROopN4WSaGa8gzj+ezku01DwH/teYLappvonQfGbGHLy9YR0SslnxFSuSGTfjNFusB3hB48IHpmc +celM2KX3RxIfdNFRnobzwqIjQAtz20um53MGjMGg6cFZrEb65i/4z3GcRm25xBWNOHkDRUjvxF3X +CO6HOSKGsg0PWEP3calILv3q1h8CAwEAAaOBrDCBqTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/ +BAUwAwEB/zAdBgNVHQ4EFgQUF6DNweRBtjpbO8tFnb0cwpj6hlgwHwYDVR0jBBgwFoAUF6DNweRB +tjpbO8tFnb0cwpj6hlgwRgYDVR0gBD8wPTA7BglghXQBWQEDAQEwLjAsBggrBgEFBQcCARYgaHR0 +cDovL3JlcG9zaXRvcnkuc3dpc3NzaWduLmNvbS8wDQYJKoZIhvcNAQEFBQADggIBAHPGgeAn0i0P +4JUw4ppBf1AsX19iYamGamkYDHRJ1l2E6kFSGG9YrVBWIGrGvShpWJHckRE1qTodvBqlYJ7YH39F +kWnZfrt4csEGDyrOj4VwYaygzQu4OSlWhDJOhrs9xCrZ1x9y7v5RoSJBsXECYxqCsGKrXlcSH9/L +3XWgwF15kIwb4FDm3jH+mHtwX6WQ2K34ArZv02DdQEsixT2tOnqfGhpHkXkzuoLcMmkDlm4fS/Bx +/uNncqCxv1yL5PqZIseEuRuNI5c/7SXgz2W79WEE790eslpBIlqhn10s6FvJbakMDHiqYMZWjwFa +DGi8aRl5xB9+lwW/xekkUV7U1UtT7dkjWjYDZaPBA61BMPNGG4WQr2W11bHkFlt4dR2Xem1ZqSqP +e97Dh4kQmUlzeMg9vVE1dCrV8X5pGyq7O70luJpaPXJhkGaH7gzWTdQRdAtq/gsD/KNVV4n+Ssuu +WxcFyPKNIzFTONItaj+CuY0IavdeQXRuwxF+B6wpYJE/OMpXEA29MC/HpeZBoNquBYeaoKRlbEwJ +DIm6uNO5wJOKMPqN5ZprFQFOZ6raYlY+hAhm0sQ2fac+EPyI4NSA5QC9qvNOBqN6avlicuMJT+ub +DgEj8Z+7fNzcbBGXJbLytGMU0gYqZ4yD9c7qB9iaah7s5Aq7KkzrCWA5zspi2C5u +-----END CERTIFICATE----- + +GeoTrust Primary Certification Authority +======================================== +-----BEGIN CERTIFICATE----- +MIIDfDCCAmSgAwIBAgIQGKy1av1pthU6Y2yv2vrEoTANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQG +EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjExMC8GA1UEAxMoR2VvVHJ1c3QgUHJpbWFyeSBD +ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNjExMjcwMDAwMDBaFw0zNjA3MTYyMzU5NTlaMFgx +CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTEwLwYDVQQDEyhHZW9UcnVzdCBQ +cmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEAvrgVe//UfH1nrYNke8hCUy3f9oQIIGHWAVlqnEQRr+92/ZV+zmEwu3qDXwK9AWbK7hWN +b6EwnL2hhZ6UOvNWiAAxz9juapYC2e0DjPt1befquFUWBRaa9OBesYjAZIVcFU2Ix7e64HXprQU9 +nceJSOC7KMgD4TCTZF5SwFlwIjVXiIrxlQqD17wxcwE07e9GceBrAqg1cmuXm2bgyxx5X9gaBGge +RwLmnWDiNpcB3841kt++Z8dtd1k7j53WkBWUvEI0EME5+bEnPn7WinXFsq+W06Lem+SYvn3h6YGt +tm/81w7a4DSwDRp35+MImO9Y+pyEtzavwt+s0vQQBnBxNQIDAQABo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQULNVQQZcVi/CPNmFbSvtr2ZnJM5IwDQYJKoZI +hvcNAQEFBQADggEBAFpwfyzdtzRP9YZRqSa+S7iq8XEN3GHHoOo0Hnp3DwQ16CePbJC/kRYkRj5K +Ts4rFtULUh38H2eiAkUxT87z+gOneZ1TatnaYzr4gNfTmeGl4b7UVXGYNTq+k+qurUKykG/g/CFN +NWMziUnWm07Kx+dOCQD32sfvmWKZd7aVIl6KoKv0uHiYyjgZmclynnjNS6yvGaBzEi38wkG6gZHa +Floxt/m0cYASSJlyc1pZU8FjUjPtp8nSOQJw+uCxQmYpqptR7TBUIhRf2asdweSU8Pj1K/fqynhG +1riR/aYNKxoUAT6A8EKglQdebc3MS6RFjasS6LPeWuWgfOgPIh1a6Vk= +-----END CERTIFICATE----- + +thawte Primary Root CA +====================== +-----BEGIN CERTIFICATE----- +MIIEIDCCAwigAwIBAgIQNE7VVyDV7exJ9C/ON9srbTANBgkqhkiG9w0BAQUFADCBqTELMAkGA1UE +BhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2 +aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhv +cml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMDYxMTE3 +MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwg +SW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMv +KGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAMT +FnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs +oPD7gFnUnMekz52hWXMJEEUMDSxuaPFsW0hoSVk3/AszGcJ3f8wQLZU0HObrTQmnHNK4yZc2AreJ +1CRfBsDMRJSUjQJib+ta3RGNKJpchJAQeg29dGYvajig4tVUROsdB58Hum/u6f1OCyn1PoSgAfGc +q/gcfomk6KHYcWUNo1F77rzSImANuVud37r8UVsLr5iy6S7pBOhih94ryNdOwUxkHt3Ph1i6Sk/K +aAcdHJ1KxtUvkcx8cXIcxcBn6zL9yZJclNqFwJu/U30rCfSMnZEfl2pSy94JNqR32HuHUETVPm4p +afs5SSYeCaWAe0At6+gnhcn+Yf1+5nyXHdWdAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYD +VR0PAQH/BAQDAgEGMB0GA1UdDgQWBBR7W0XPr87Lev0xkhpqtvNG61dIUDANBgkqhkiG9w0BAQUF +AAOCAQEAeRHAS7ORtvzw6WfUDW5FvlXok9LOAz/t2iWwHVfLHjp2oEzsUHboZHIMpKnxuIvW1oeE +uzLlQRHAd9mzYJ3rG9XRbkREqaYB7FViHXe4XI5ISXycO1cRrK1zN44veFyQaEfZYGDm/Ac9IiAX +xPcW6cTYcvnIc3zfFi8VqT79aie2oetaupgf1eNNZAqdE8hhuvU5HIe6uL17In/2/qxAeeWsEG89 +jxt5dovEN7MhGITlNgDrYyCZuen+MwS7QcjBAvlEYyCegc5C09Y/LHbTY5xZ3Y+m4Q6gLkH3LpVH +z7z9M/P2C2F+fpErgUfCJzDupxBdN49cOSvkBPB7jVaMaA== +-----END CERTIFICATE----- + +VeriSign Class 3 Public Primary Certification Authority - G5 +============================================================ +-----BEGIN CERTIFICATE----- +MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE +BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBO +ZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVk +IHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRp +ZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCB +yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2ln +biBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZvciBh +dXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmlt +YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKz +j/i5Vbext0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhD +Y2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/ +Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNHiDxpg8v+R70r +fk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/ +BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2Uv +Z2lmMCEwHzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy +aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKvMzEzMA0GCSqG +SIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzEp6B4Eq1iDkVwZMXnl2YtmAl+ +X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKE +KQsTb47bDN0lAtukixlE0kF6BWlKWE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiC +Km0oHw0LxOXnGiYZ4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vE +ZV8NhnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq +-----END CERTIFICATE----- + +SecureTrust CA +============== +-----BEGIN CERTIFICATE----- +MIIDuDCCAqCgAwIBAgIQDPCOXAgWpa1Cf/DrJxhZ0DANBgkqhkiG9w0BAQUFADBIMQswCQYDVQQG +EwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24xFzAVBgNVBAMTDlNlY3VyZVRy +dXN0IENBMB4XDTA2MTEwNzE5MzExOFoXDTI5MTIzMTE5NDA1NVowSDELMAkGA1UEBhMCVVMxIDAe +BgNVBAoTF1NlY3VyZVRydXN0IENvcnBvcmF0aW9uMRcwFQYDVQQDEw5TZWN1cmVUcnVzdCBDQTCC +ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKukgeWVzfX2FI7CT8rU4niVWJxB4Q2ZQCQX +OZEzZum+4YOvYlyJ0fwkW2Gz4BERQRwdbvC4u/jep4G6pkjGnx29vo6pQT64lO0pGtSO0gMdA+9t +DWccV9cGrcrI9f4Or2YlSASWC12juhbDCE/RRvgUXPLIXgGZbf2IzIaowW8xQmxSPmjL8xk037uH +GFaAJsTQ3MBv396gwpEWoGQRS0S8Hvbn+mPeZqx2pHGj7DaUaHp3pLHnDi+BeuK1cobvomuL8A/b +01k/unK8RCSc43Oz969XL0Imnal0ugBS8kvNU3xHCzaFDmapCJcWNFfBZveA4+1wVMeT4C4oFVmH +ursCAwEAAaOBnTCBmjATBgkrBgEEAYI3FAIEBh4EAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/ +BAUwAwEB/zAdBgNVHQ4EFgQUQjK2FvoE/f5dS3rD/fdMQB1aQ68wNAYDVR0fBC0wKzApoCegJYYj +aHR0cDovL2NybC5zZWN1cmV0cnVzdC5jb20vU1RDQS5jcmwwEAYJKwYBBAGCNxUBBAMCAQAwDQYJ +KoZIhvcNAQEFBQADggEBADDtT0rhWDpSclu1pqNlGKa7UTt36Z3q059c4EVlew3KW+JwULKUBRSu +SceNQQcSc5R+DCMh/bwQf2AQWnL1mA6s7Ll/3XpvXdMc9P+IBWlCqQVxyLesJugutIxq/3HcuLHf +mbx8IVQr5Fiiu1cprp6poxkmD5kuCLDv/WnPmRoJjeOnnyvJNjR7JLN4TJUXpAYmHrZkUjZfYGfZ +nMUFdAvnZyPSCPyI6a6Lf+Ew9Dd+/cYy2i2eRDAwbO4H3tI0/NL/QPZL9GZGBlSm8jIKYyYwa5vR +3ItHuuG51WLQoqD0ZwV4KWMabwTW+MZMo5qxN7SN5ShLHZ4swrhovO0C7jE= +-----END CERTIFICATE----- + +Secure Global CA +================ +-----BEGIN CERTIFICATE----- +MIIDvDCCAqSgAwIBAgIQB1YipOjUiolN9BPI8PjqpTANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQG +EwJVUzEgMB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBH +bG9iYWwgQ0EwHhcNMDYxMTA3MTk0MjI4WhcNMjkxMjMxMTk1MjA2WjBKMQswCQYDVQQGEwJVUzEg +MB4GA1UEChMXU2VjdXJlVHJ1c3QgQ29ycG9yYXRpb24xGTAXBgNVBAMTEFNlY3VyZSBHbG9iYWwg +Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvNS7YrGxVaQZx5RNoJLNP2MwhR/jx +YDiJiQPpvepeRlMJ3Fz1Wuj3RSoC6zFh1ykzTM7HfAo3fg+6MpjhHZevj8fcyTiW89sa/FHtaMbQ +bqR8JNGuQsiWUGMu4P51/pinX0kuleM5M2SOHqRfkNJnPLLZ/kG5VacJjnIFHovdRIWCQtBJwB1g +8NEXLJXr9qXBkqPFwqcIYA1gBBCWeZ4WNOaptvolRTnIHmX5k/Wq8VLcmZg9pYYaDDUz+kulBAYV +HDGA76oYa8J719rO+TMg1fW9ajMtgQT7sFzUnKPiXB3jqUJ1XnvUd+85VLrJChgbEplJL4hL/VBi +0XPnj3pDAgMBAAGjgZ0wgZowEwYJKwYBBAGCNxQCBAYeBABDAEEwCwYDVR0PBAQDAgGGMA8GA1Ud +EwEB/wQFMAMBAf8wHQYDVR0OBBYEFK9EBMJBfkiD2045AuzshHrmzsmkMDQGA1UdHwQtMCswKaAn +oCWGI2h0dHA6Ly9jcmwuc2VjdXJldHJ1c3QuY29tL1NHQ0EuY3JsMBAGCSsGAQQBgjcVAQQDAgEA +MA0GCSqGSIb3DQEBBQUAA4IBAQBjGghAfaReUw132HquHw0LURYD7xh8yOOvaliTFGCRsoTciE6+ +OYo68+aCiV0BN7OrJKQVDpI1WkpEXk5X+nXOH0jOZvQ8QCaSmGwb7iRGDBezUqXbpZGRzzfTb+cn +CDpOGR86p1hcF895P4vkp9MmI50mD1hp/Ed+stCNi5O/KU9DaXR2Z0vPB4zmAve14bRDtUstFJ/5 +3CYNv6ZHdAbYiNE6KTCEztI5gGIbqMdXSbxqVVFnFUq+NQfk1XWYN3kwFNspnWzFacxHVaIw98xc +f8LDmBxrThaA63p4ZUWiABqvDA1VZDRIuJK58bRQKfJPIx/abKwfROHdI3hRW8cW +-----END CERTIFICATE----- + +COMODO Certification Authority +============================== +-----BEGIN CERTIFICATE----- +MIIEHTCCAwWgAwIBAgIQToEtioJl4AsC7j41AkblPTANBgkqhkiG9w0BAQUFADCBgTELMAkGA1UE +BhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgG +A1UEChMRQ09NT0RPIENBIExpbWl0ZWQxJzAlBgNVBAMTHkNPTU9ETyBDZXJ0aWZpY2F0aW9uIEF1 +dGhvcml0eTAeFw0wNjEyMDEwMDAwMDBaFw0yOTEyMzEyMzU5NTlaMIGBMQswCQYDVQQGEwJHQjEb +MBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFD +T01PRE8gQ0EgTGltaXRlZDEnMCUGA1UEAxMeQ09NT0RPIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ECLi3LjkRv3UcEbVASY06m/weaKXTuH ++7uIzg3jLz8GlvCiKVCZrts7oVewdFFxze1CkU1B/qnI2GqGd0S7WWaXUF601CxwRM/aN5VCaTww +xHGzUvAhTaHYujl8HJ6jJJ3ygxaYqhZ8Q5sVW7euNJH+1GImGEaaP+vB+fGQV+useg2L23IwambV +4EajcNxo2f8ESIl33rXp+2dtQem8Ob0y2WIC8bGoPW43nOIv4tOiJovGuFVDiOEjPqXSJDlqR6sA +1KGzqSX+DT+nHbrTUcELpNqsOO9VUCQFZUaTNE8tja3G1CEZ0o7KBWFxB3NH5YoZEr0ETc5OnKVI +rLsm9wIDAQABo4GOMIGLMB0GA1UdDgQWBBQLWOWLxkwVN6RAqTCpIb5HNlpW/zAOBgNVHQ8BAf8E +BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zBJBgNVHR8EQjBAMD6gPKA6hjhodHRwOi8vY3JsLmNvbW9k +b2NhLmNvbS9DT01PRE9DZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDANBgkqhkiG9w0BAQUFAAOC +AQEAPpiem/Yb6dc5t3iuHXIYSdOH5EOC6z/JqvWote9VfCFSZfnVDeFs9D6Mk3ORLgLETgdxb8CP +OGEIqB6BCsAvIC9Bi5HcSEW88cbeunZrM8gALTFGTO3nnc+IlP8zwFboJIYmuNg4ON8qa90SzMc/ +RxdMosIGlgnW2/4/PEZB31jiVg88O8EckzXZOFKs7sjsLjBOlDW0JB9LeGna8gI4zJVSk/BwJVmc +IGfE7vmLV2H0knZ9P4SNVbfo5azV8fUZVqZa+5Acr5Pr5RzUZ5ddBA6+C4OmF4O5MBKgxTMVBbkN ++8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IBZQ== +-----END CERTIFICATE----- + +Network Solutions Certificate Authority +======================================= +-----BEGIN CERTIFICATE----- +MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBiMQswCQYDVQQG +EwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMuMTAwLgYDVQQDEydOZXR3b3Jr +IFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDYxMjAxMDAwMDAwWhcNMjkxMjMx +MjM1OTU5WjBiMQswCQYDVQQGEwJVUzEhMB8GA1UEChMYTmV0d29yayBTb2x1dGlvbnMgTC5MLkMu +MTAwLgYDVQQDEydOZXR3b3JrIFNvbHV0aW9ucyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkwggEiMA0G +CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkvH6SMG3G2I4rC7xGzuAnlt7e+foS0zwzc7MEL7xx +jOWftiJgPl9dzgn/ggwbmlFQGiaJ3dVhXRncEg8tCqJDXRfQNJIg6nPPOCwGJgl6cvf6UDL4wpPT +aaIjzkGxzOTVHzbRijr4jGPiFFlp7Q3Tf2vouAPlT2rlmGNpSAW+Lv8ztumXWWn4Zxmuk2GWRBXT +crA/vGp97Eh/jcOrqnErU2lBUzS1sLnFBgrEsEX1QV1uiUV7PTsmjHTC5dLRfbIR1PtYMiKagMnc +/Qzpf14Dl847ABSHJ3A4qY5usyd2mFHgBeMhqxrVhSI8KbWaFsWAqPS7azCPL0YCorEMIuDTAgMB +AAGjgZcwgZQwHQYDVR0OBBYEFCEwyfsA106Y2oeqKtCnLrFAMadMMA4GA1UdDwEB/wQEAwIBBjAP +BgNVHRMBAf8EBTADAQH/MFIGA1UdHwRLMEkwR6BFoEOGQWh0dHA6Ly9jcmwubmV0c29sc3NsLmNv +bS9OZXR3b3JrU29sdXRpb25zQ2VydGlmaWNhdGVBdXRob3JpdHkuY3JsMA0GCSqGSIb3DQEBBQUA +A4IBAQC7rkvnt1frf6ott3NHhWrB5KUd5Oc86fRZZXe1eltajSU24HqXLjjAV2CDmAaDn7l2em5Q +4LqILPxFzBiwmZVRDuwduIj/h1AcgsLj4DKAv6ALR8jDMe+ZZzKATxcheQxpXN5eNK4CtSbqUN9/ +GGUsyfJj4akH/nxxH2szJGoeBfcFaMBqEssuXmHLrijTfsK0ZpEmXzwuJF/LWA/rKOyvEZbz3Htv +wKeI8lN3s2Berq4o2jUsbzRF0ybh3uxbTydrFny9RAQYgrOJeRcQcT16ohZO9QHNpGxlaKFJdlxD +ydi8NmdspZS11My5vWo1ViHe2MPr+8ukYEywVaCge1ey +-----END CERTIFICATE----- + +COMODO ECC Certification Authority +================================== +-----BEGIN CERTIFICATE----- +MIICiTCCAg+gAwIBAgIQH0evqmIAcFBUTAGem2OZKjAKBggqhkjOPQQDAzCBhTELMAkGA1UEBhMC +R0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UE +ChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBB +dXRob3JpdHkwHhcNMDgwMzA2MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMCR0Ix +GzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR +Q09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBFQ0MgQ2VydGlmaWNhdGlvbiBBdXRo +b3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQDR3svdcmCFYX7deSRFtSrYpn1PlILBs5BAH+X +4QokPB0BBO490o0JlwzgdeT6+3eKKvUDYEs2ixYjFq0JcfRK9ChQtP6IHG4/bC8vCVlbpVsLM5ni +wz2J+Wos77LTBumjQjBAMB0GA1UdDgQWBBR1cacZSBm8nZ3qQUfflMRId5nTeTAOBgNVHQ8BAf8E +BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjEA7wNbeqy3eApyt4jf/7VG +FAkK+qDmfQjGGoe9GKhzvSbKYAydzpmfz1wPMOG+FDHqAjAU9JM8SaczepBGR7NjfRObTrdvGDeA +U/7dIOA1mjbRxwG55tzd8/8dLDoWV9mSOdY= +-----END CERTIFICATE----- + +Security Communication EV RootCA1 +================================= +-----BEGIN CERTIFICATE----- +MIIDfTCCAmWgAwIBAgIBADANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJKUDElMCMGA1UEChMc +U0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEqMCgGA1UECxMhU2VjdXJpdHkgQ29tbXVuaWNh +dGlvbiBFViBSb290Q0ExMB4XDTA3MDYwNjAyMTIzMloXDTM3MDYwNjAyMTIzMlowYDELMAkGA1UE +BhMCSlAxJTAjBgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xKjAoBgNVBAsTIVNl +Y3VyaXR5IENvbW11bmljYXRpb24gRVYgUm9vdENBMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC +AQoCggEBALx/7FebJOD+nLpCeamIivqA4PUHKUPqjgo0No0c+qe1OXj/l3X3L+SqawSERMqm4miO +/VVQYg+kcQ7OBzgtQoVQrTyWb4vVog7P3kmJPdZkLjjlHmy1V4qe70gOzXppFodEtZDkBp2uoQSX +WHnvIEqCa4wiv+wfD+mEce3xDuS4GBPMVjZd0ZoeUWs5bmB2iDQL87PRsJ3KYeJkHcFGB7hj3R4z +ZbOOCVVSPbW9/wfrrWFVGCypaZhKqkDFMxRldAD5kd6vA0jFQFTcD4SQaCDFkpbcLuUCRarAX1T4 +bepJz11sS6/vmsJWXMY1VkJqMF/Cq/biPT+zyRGPMUzXn0kCAwEAAaNCMEAwHQYDVR0OBBYEFDVK +9U2vP9eCOKyrcWUXdYydVZPmMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqG +SIb3DQEBBQUAA4IBAQCoh+ns+EBnXcPBZsdAS5f8hxOQWsTvoMpfi7ent/HWtWS3irO4G8za+6xm +iEHO6Pzk2x6Ipu0nUBsCMCRGef4Eh3CXQHPRwMFXGZpppSeZq51ihPZRwSzJIxXYKLerJRO1RuGG +Av8mjMSIkh1W/hln8lXkgKNrnKt34VFxDSDbEJrbvXZ5B3eZKK2aXtqxT0QsNY6llsf9g/BYxnnW +mHyojf6GPgcWkuF75x3sM3Z+Qi5KhfmRiWiEA4Glm5q+4zfFVKtWOxgtQaQM+ELbmaDgcm+7XeEW +T1MKZPlO9L9OVL14bIjqv5wTJMJwaaJ/D8g8rQjJsJhAoyrniIPtd490 +-----END CERTIFICATE----- + +OISTE WISeKey Global Root GA CA +=============================== +-----BEGIN CERTIFICATE----- +MIID8TCCAtmgAwIBAgIQQT1yx/RrH4FDffHSKFTfmjANBgkqhkiG9w0BAQUFADCBijELMAkGA1UE +BhMCQ0gxEDAOBgNVBAoTB1dJU2VLZXkxGzAZBgNVBAsTEkNvcHlyaWdodCAoYykgMjAwNTEiMCAG +A1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNlZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBH +bG9iYWwgUm9vdCBHQSBDQTAeFw0wNTEyMTExNjAzNDRaFw0zNzEyMTExNjA5NTFaMIGKMQswCQYD +VQQGEwJDSDEQMA4GA1UEChMHV0lTZUtleTEbMBkGA1UECxMSQ29weXJpZ2h0IChjKSAyMDA1MSIw +IAYDVQQLExlPSVNURSBGb3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5 +IEdsb2JhbCBSb290IEdBIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0+zAJs9 +Nt350UlqaxBJH+zYK7LG+DKBKUOVTJoZIyEVRd7jyBxRVVuuk+g3/ytr6dTqvirdqFEr12bDYVxg +Asj1znJ7O7jyTmUIms2kahnBAbtzptf2w93NvKSLtZlhuAGio9RN1AU9ka34tAhxZK9w8RxrfvbD +d50kc3vkDIzh2TbhmYsFmQvtRTEJysIA2/dyoJaqlYfQjse2YXMNdmaM3Bu0Y6Kff5MTMPGhJ9vZ +/yxViJGg4E8HsChWjBgbl0SOid3gF27nKu+POQoxhILYQBRJLnpB5Kf+42TMwVlxSywhp1t94B3R +LoGbw9ho972WG6xwsRYUC9tguSYBBQIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUw +AwEB/zAdBgNVHQ4EFgQUswN+rja8sHnR3JQmthG+IbJphpQwEAYJKwYBBAGCNxUBBAMCAQAwDQYJ +KoZIhvcNAQEFBQADggEBAEuh/wuHbrP5wUOxSPMowB0uyQlB+pQAHKSkq0lPjz0e701vvbyk9vIm +MMkQyh2I+3QZH4VFvbBsUfk2ftv1TDI6QU9bR8/oCy22xBmddMVHxjtqD6wU2zz0c5ypBd8A3HR4 ++vg1YFkCExh8vPtNsCBtQ7tgMHpnM1zFmdH4LTlSc/uMqpclXHLZCB6rTjzjgTGfA6b7wP4piFXa +hNVQA7bihKOmNqoROgHhGEvWRGizPflTdISzRpFGlgC3gCy24eMQ4tui5yiPAZZiFj4A4xylNoEY +okxSdsARo27mHbrjWr42U8U+dY+GaSlYU7Wcu2+fXMUY7N0v4ZjJ/L7fCg0= +-----END CERTIFICATE----- + +Certigna +======== +-----BEGIN CERTIFICATE----- +MIIDqDCCApCgAwIBAgIJAP7c4wEPyUj/MA0GCSqGSIb3DQEBBQUAMDQxCzAJBgNVBAYTAkZSMRIw +EAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hMB4XDTA3MDYyOTE1MTMwNVoXDTI3 +MDYyOTE1MTMwNVowNDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCURoaW15b3RpczERMA8GA1UEAwwI +Q2VydGlnbmEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIaPHJ1tazNHUmgh7stL7q +XOEm7RFHYeGifBZ4QCHkYJ5ayGPhxLGWkv8YbWkj4Sti993iNi+RB7lIzw7sebYs5zRLcAglozyH +GxnygQcPOJAZ0xH+hrTy0V4eHpbNgGzOOzGTtvKg0KmVEn2lmsxryIRWijOp5yIVUxbwzBfsV1/p +ogqYCd7jX5xv3EjjhQsVWqa6n6xI4wmy9/Qy3l40vhx4XUJbzg4ij02Q130yGLMLLGq/jj8UEYkg +DncUtT2UCIf3JR7VsmAA7G8qKCVuKj4YYxclPz5EIBb2JsglrgVKtOdjLPOMFlN+XPsRGgjBRmKf +Irjxwo1p3Po6WAbfAgMBAAGjgbwwgbkwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUGu3+QTmQ +tCRZvgHyUtVF9lo53BEwZAYDVR0jBF0wW4AUGu3+QTmQtCRZvgHyUtVF9lo53BGhOKQ2MDQxCzAJ +BgNVBAYTAkZSMRIwEAYDVQQKDAlEaGlteW90aXMxETAPBgNVBAMMCENlcnRpZ25hggkA/tzjAQ/J +SP8wDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIBAQQEAwIABzANBgkqhkiG9w0BAQUFAAOCAQEA +hQMeknH2Qq/ho2Ge6/PAD/Kl1NqV5ta+aDY9fm4fTIrv0Q8hbV6lUmPOEvjvKtpv6zf+EwLHyzs+ +ImvaYS5/1HI93TDhHkxAGYwP15zRgzB7mFncfca5DClMoTOi62c6ZYTTluLtdkVwj7Ur3vkj1klu +PBS1xp81HlDQwY9qcEQCYsuuHWhBp6pX6FOqB9IG9tUUBguRA3UsbHK1YZWaDYu5Def131TN3ubY +1gkIl2PlwS6wt0QmwCbAr1UwnjvVNioZBPRcHv/PLLf/0P2HQBHVESO7SMAhqaQoLf0V+LBOK/Qw +WyH8EZE0vkHve52Xdf+XlcCWWC/qu0bXu+TZLg== +-----END CERTIFICATE----- + +Deutsche Telekom Root CA 2 +========================== +-----BEGIN CERTIFICATE----- +MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEcMBoGA1UEChMT +RGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2VjIFRydXN0IENlbnRlcjEjMCEG +A1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290IENBIDIwHhcNOTkwNzA5MTIxMTAwWhcNMTkwNzA5 +MjM1OTAwWjBxMQswCQYDVQQGEwJERTEcMBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0G +A1UECxMWVC1UZWxlU2VjIFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBS +b290IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrC6M14IspFLEUha88EOQ5 +bzVdSq7d6mGNlUn0b2SjGmBmpKlAIoTZ1KXleJMOaAGtuU1cOs7TuKhCQN/Po7qCWWqSG6wcmtoI +KyUn+WkjR/Hg6yx6m/UTAtB+NHzCnjwAWav12gz1MjwrrFDa1sPeg5TKqAyZMg4ISFZbavva4VhY +AUlfckE8FQYBjl2tqriTtM2e66foai1SNNs671x1Udrb8zH57nGYMsRUFUQM+ZtV7a3fGAigo4aK +Se5TBY8ZTNXeWHmb0mocQqvF1afPaA+W5OFhmHZhyJF81j4A4pFQh+GdCuatl9Idxjp9y7zaAzTV +jlsB9WoHtxa2bkp/AgMBAAGjQjBAMB0GA1UdDgQWBBQxw3kbuvVT1xfgiXotF2wKsyudMzAPBgNV +HRMECDAGAQH/AgEFMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAlGRZrTlk5ynr +E/5aw4sTV8gEJPB0d8Bg42f76Ymmg7+Wgnxu1MM9756AbrsptJh6sTtU6zkXR34ajgv8HzFZMQSy +zhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpaIzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8 +rZ7/gFnkm0W09juwzTkZmDLl6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4G +dyd1Lx+4ivn+xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU +Cm26OWMohpLzGITY+9HPBVZkVw== +-----END CERTIFICATE----- + +Cybertrust Global Root +====================== +-----BEGIN CERTIFICATE----- +MIIDoTCCAomgAwIBAgILBAAAAAABD4WqLUgwDQYJKoZIhvcNAQEFBQAwOzEYMBYGA1UEChMPQ3li +ZXJ0cnVzdCwgSW5jMR8wHQYDVQQDExZDeWJlcnRydXN0IEdsb2JhbCBSb290MB4XDTA2MTIxNTA4 +MDAwMFoXDTIxMTIxNTA4MDAwMFowOzEYMBYGA1UEChMPQ3liZXJ0cnVzdCwgSW5jMR8wHQYDVQQD +ExZDeWJlcnRydXN0IEdsb2JhbCBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA ++Mi8vRRQZhP/8NN57CPytxrHjoXxEnOmGaoQ25yiZXRadz5RfVb23CO21O1fWLE3TdVJDm71aofW +0ozSJ8bi/zafmGWgE07GKmSb1ZASzxQG9Dvj1Ci+6A74q05IlG2OlTEQXO2iLb3VOm2yHLtgwEZL +AfVJrn5GitB0jaEMAs7u/OePuGtm839EAL9mJRQr3RAwHQeWP032a7iPt3sMpTjr3kfb1V05/Iin +89cqdPHoWqI7n1C6poxFNcJQZZXcY4Lv3b93TZxiyWNzFtApD0mpSPCzqrdsxacwOUBdrsTiXSZT +8M4cIwhhqJQZugRiQOwfOHB3EgZxpzAYXSUnpQIDAQABo4GlMIGiMA4GA1UdDwEB/wQEAwIBBjAP +BgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBS2CHsNesysIEyGVjJez6tuhS1wVzA/BgNVHR8EODA2 +MDSgMqAwhi5odHRwOi8vd3d3Mi5wdWJsaWMtdHJ1c3QuY29tL2NybC9jdC9jdHJvb3QuY3JsMB8G +A1UdIwQYMBaAFLYIew16zKwgTIZWMl7Pq26FLXBXMA0GCSqGSIb3DQEBBQUAA4IBAQBW7wojoFRO +lZfJ+InaRcHUowAl9B8Tq7ejhVhpwjCt2BWKLePJzYFa+HMjWqd8BfP9IjsO0QbE2zZMcwSO5bAi +5MXzLqXZI+O4Tkogp24CJJ8iYGd7ix1yCcUxXOl5n4BHPa2hCwcUPUf/A2kaDAtE52Mlp3+yybh2 +hO0j9n0Hq0V+09+zv+mKts2oomcrUtW3ZfA5TGOgkXmTUg9U3YO7n9GPp1Nzw8v/MOx8BLjYRB+T +X3EJIrduPuocA06dGiBh+4E37F78CkWr1+cXVdCg6mCbpvbjjFspwgZgFJ0tl0ypkxWdYcQBX0jW +WL1WMRJOEcgh4LMRkWXbtKaIOM5V +-----END CERTIFICATE----- + +ePKI Root Certification Authority +================================= +-----BEGIN CERTIFICATE----- +MIIFsDCCA5igAwIBAgIQFci9ZUdcr7iXAF7kBtK8nTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQG +EwJUVzEjMCEGA1UECgwaQ2h1bmdod2EgVGVsZWNvbSBDby4sIEx0ZC4xKjAoBgNVBAsMIWVQS0kg +Um9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wNDEyMjAwMjMxMjdaFw0zNDEyMjAwMjMx +MjdaMF4xCzAJBgNVBAYTAlRXMSMwIQYDVQQKDBpDaHVuZ2h3YSBUZWxlY29tIENvLiwgTHRkLjEq +MCgGA1UECwwhZVBLSSBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0B +AQEFAAOCAg8AMIICCgKCAgEA4SUP7o3biDN1Z82tH306Tm2d0y8U82N0ywEhajfqhFAHSyZbCUNs +IZ5qyNUD9WBpj8zwIuQf5/dqIjG3LBXy4P4AakP/h2XGtRrBp0xtInAhijHyl3SJCRImHJ7K2RKi +lTza6We/CKBk49ZCt0Xvl/T29de1ShUCWH2YWEtgvM3XDZoTM1PRYfl61dd4s5oz9wCGzh1NlDiv +qOx4UXCKXBCDUSH3ET00hl7lSM2XgYI1TBnsZfZrxQWh7kcT1rMhJ5QQCtkkO7q+RBNGMD+XPNjX +12ruOzjjK9SXDrkb5wdJfzcq+Xd4z1TtW0ado4AOkUPB1ltfFLqfpo0kR0BZv3I4sjZsN/+Z0V0O +WQqraffAsgRFelQArr5T9rXn4fg8ozHSqf4hUmTFpmfwdQcGlBSBVcYn5AGPF8Fqcde+S/uUWH1+ +ETOxQvdibBjWzwloPn9s9h6PYq2lY9sJpx8iQkEeb5mKPtf5P0B6ebClAZLSnT0IFaUQAS2zMnao +lQ2zepr7BxB4EW/hj8e6DyUadCrlHJhBmd8hh+iVBmoKs2pHdmX2Os+PYhcZewoozRrSgx4hxyy/ +vv9haLdnG7t4TY3OZ+XkwY63I2binZB1NJipNiuKmpS5nezMirH4JYlcWrYvjB9teSSnUmjDhDXi +Zo1jDiVN1Rmy5nk3pyKdVDECAwEAAaNqMGgwHQYDVR0OBBYEFB4M97Zn8uGSJglFwFU5Lnc/Qkqi +MAwGA1UdEwQFMAMBAf8wOQYEZyoHAAQxMC8wLQIBADAJBgUrDgMCGgUAMAcGBWcqAwAABBRFsMLH +ClZ87lt4DJX5GFPBphzYEDANBgkqhkiG9w0BAQUFAAOCAgEACbODU1kBPpVJufGBuvl2ICO1J2B0 +1GqZNF5sAFPZn/KmsSQHRGoqxqWOeBLoR9lYGxMqXnmbnwoqZ6YlPwZpVnPDimZI+ymBV3QGypzq +KOg4ZyYr8dW1P2WT+DZdjo2NQCCHGervJ8A9tDkPJXtoUHRVnAxZfVo9QZQlUgjgRywVMRnVvwdV +xrsStZf0X4OFunHB2WyBEXYKCrC/gpf36j36+uwtqSiUO1bd0lEursC9CBWMd1I0ltabrNMdjmEP +NXubrjlpC2JgQCA2j6/7Nu4tCEoduL+bXPjqpRugc6bY+G7gMwRfaKonh+3ZwZCc7b3jajWvY9+r +GNm65ulK6lCKD2GTHuItGeIwlDWSXQ62B68ZgI9HkFFLLk3dheLSClIKF5r8GrBQAuUBo2M3IUxE +xJtRmREOc5wGj1QupyheRDmHVi03vYVElOEMSyycw5KFNGHLD7ibSkNS/jQ6fbjpKdx2qcgw+BRx +gMYeNkh0IkFch4LoGHGLQYlE535YW6i4jRPpp2zDR+2zGp1iro2C6pSe3VkQw63d4k3jMdXH7Ojy +sP6SHhYKGvzZ8/gntsm+HbRsZJB/9OTEW9c3rkIO3aQab3yIVMUWbuF6aC74Or8NpDyJO3inTmOD +BCEIZ43ygknQW/2xzQ+DhNQ+IIX3Sj0rnP0qCglN6oH4EZw= +-----END CERTIFICATE----- + +T\xc3\x9c\x42\xC4\xB0TAK UEKAE K\xC3\xB6k Sertifika Hizmet Sa\xC4\x9Flay\xc4\xb1\x63\xc4\xb1s\xc4\xb1 - S\xC3\xBCr\xC3\xBCm 3 +============================================================================================================================= +-----BEGIN CERTIFICATE----- +MIIFFzCCA/+gAwIBAgIBETANBgkqhkiG9w0BAQUFADCCASsxCzAJBgNVBAYTAlRSMRgwFgYDVQQH +DA9HZWJ6ZSAtIEtvY2FlbGkxRzBFBgNVBAoMPlTDvHJraXllIEJpbGltc2VsIHZlIFRla25vbG9q +aWsgQXJhxZ90xLFybWEgS3VydW11IC0gVMOcQsSwVEFLMUgwRgYDVQQLDD9VbHVzYWwgRWxla3Ry +b25payB2ZSBLcmlwdG9sb2ppIEFyYcWfdMSxcm1hIEVuc3RpdMO8c8O8IC0gVUVLQUUxIzAhBgNV +BAsMGkthbXUgU2VydGlmaWthc3lvbiBNZXJrZXppMUowSAYDVQQDDEFUw5xCxLBUQUsgVUVLQUUg +S8O2ayBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSAtIFPDvHLDvG0gMzAeFw0wNzA4 +MjQxMTM3MDdaFw0xNzA4MjExMTM3MDdaMIIBKzELMAkGA1UEBhMCVFIxGDAWBgNVBAcMD0dlYnpl +IC0gS29jYWVsaTFHMEUGA1UECgw+VMO8cmtpeWUgQmlsaW1zZWwgdmUgVGVrbm9sb2ppayBBcmHF +n3TEsXJtYSBLdXJ1bXUgLSBUw5xCxLBUQUsxSDBGBgNVBAsMP1VsdXNhbCBFbGVrdHJvbmlrIHZl +IEtyaXB0b2xvamkgQXJhxZ90xLFybWEgRW5zdGl0w7xzw7wgLSBVRUtBRTEjMCEGA1UECwwaS2Ft +dSBTZXJ0aWZpa2FzeW9uIE1lcmtlemkxSjBIBgNVBAMMQVTDnELEsFRBSyBVRUtBRSBLw7ZrIFNl +cnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIC0gU8O8csO8bSAzMIIBIjANBgkqhkiG9w0B +AQEFAAOCAQ8AMIIBCgKCAQEAim1L/xCIOsP2fpTo6iBkcK4hgb46ezzb8R1Sf1n68yJMlaCQvEhO +Eav7t7WNeoMojCZG2E6VQIdhn8WebYGHV2yKO7Rm6sxA/OOqbLLLAdsyv9Lrhc+hDVXDWzhXcLh1 +xnnRFDDtG1hba+818qEhTsXOfJlfbLm4IpNQp81McGq+agV/E5wrHur+R84EpW+sky58K5+eeROR +6Oqeyjh1jmKwlZMq5d/pXpduIF9fhHpEORlAHLpVK/swsoHvhOPc7Jg4OQOFCKlUAwUp8MmPi+oL +hmUZEdPpCSPeaJMDyTYcIW7OjGbxmTDY17PDHfiBLqi9ggtm/oLL4eAagsNAgQIDAQABo0IwQDAd +BgNVHQ4EFgQUvYiHyY/2pAoLquvF/pEjnatKijIwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF +MAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAB18+kmPNOm3JpIWmgV050vQbTlswyb2zrgxvMTfvCr4 +N5EY3ATIZJkrGG2AA1nJrvhY0D7twyOfaTyGOBye79oneNGEN3GKPEs5z35FBtYt2IpNeBLWrcLT +y9LQQfMmNkqblWwM7uXRQydmwYj3erMgbOqwaSvHIOgMA8RBBZniP+Rr+KCGgceExh/VS4ESshYh +LBOhgLJeDEoTniDYYkCrkOpkSi+sDQESeUWoL4cZaMjihccwsnX5OD+ywJO0a+IDRM5noN+J1q2M +dqMTw5RhK2vZbMEHCiIHhWyFJEapvj+LeISCfiQMnf2BN+MlqO02TpUsyZyQ2uypQjyttgI= +-----END CERTIFICATE----- + +certSIGN ROOT CA +================ +-----BEGIN CERTIFICATE----- +MIIDODCCAiCgAwIBAgIGIAYFFnACMA0GCSqGSIb3DQEBBQUAMDsxCzAJBgNVBAYTAlJPMREwDwYD +VQQKEwhjZXJ0U0lHTjEZMBcGA1UECxMQY2VydFNJR04gUk9PVCBDQTAeFw0wNjA3MDQxNzIwMDRa +Fw0zMTA3MDQxNzIwMDRaMDsxCzAJBgNVBAYTAlJPMREwDwYDVQQKEwhjZXJ0U0lHTjEZMBcGA1UE +CxMQY2VydFNJR04gUk9PVCBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALczuX7I +JUqOtdu0KBuqV5Do0SLTZLrTk+jUrIZhQGpgV2hUhE28alQCBf/fm5oqrl0Hj0rDKH/v+yv6efHH +rfAQUySQi2bJqIirr1qjAOm+ukbuW3N7LBeCgV5iLKECZbO9xSsAfsT8AzNXDe3i+s5dRdY4zTW2 +ssHQnIFKquSyAVwdj1+ZxLGt24gh65AIgoDzMKND5pCCrlUoSe1b16kQOA7+j0xbm0bqQfWwCHTD +0IgztnzXdN/chNFDDnU5oSVAKOp4yw4sLjmdjItuFhwvJoIQ4uNllAoEwF73XVv4EOLQunpL+943 +AAAaWyjj0pxzPjKHmKHJUS/X3qwzs08CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8B +Af8EBAMCAcYwHQYDVR0OBBYEFOCMm9slSbPxfIbWskKHC9BroNnkMA0GCSqGSIb3DQEBBQUAA4IB +AQA+0hyJLjX8+HXd5n9liPRyTMks1zJO890ZeUe9jjtbkw9QSSQTaxQGcu8J06Gh40CEyecYMnQ8 +SG4Pn0vU9x7Tk4ZkVJdjclDVVc/6IJMCopvDI5NOFlV2oHB5bc0hH88vLbwZ44gx+FkagQnIl6Z0 +x2DEW8xXjrJ1/RsCCdtZb3KTafcxQdaIOL+Hsr0Wefmq5L6IJd1hJyMctTEHBDa0GpC9oHRxUIlt +vBTjD4au8as+x6AJzKNI0eDbZOeStc+vckNwi/nDhDwTqn6Sm1dTk/pwwpEOMfmbZ13pljheX7Nz +TogVZ96edhBiIL5VaZVDADlN9u6wWk5JRFRYX0KD +-----END CERTIFICATE----- + +CNNIC ROOT +========== +-----BEGIN CERTIFICATE----- +MIIDVTCCAj2gAwIBAgIESTMAATANBgkqhkiG9w0BAQUFADAyMQswCQYDVQQGEwJDTjEOMAwGA1UE +ChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1QwHhcNMDcwNDE2MDcwOTE0WhcNMjcwNDE2MDcw +OTE0WjAyMQswCQYDVQQGEwJDTjEOMAwGA1UEChMFQ05OSUMxEzARBgNVBAMTCkNOTklDIFJPT1Qw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTNfc/c3et6FtzF8LRb+1VvG7q6KR5smzD +o+/hn7E7SIX1mlwhIhAsxYLO2uOabjfhhyzcuQxauohV3/2q2x8x6gHx3zkBwRP9SFIhxFXf2tiz +VHa6dLG3fdfA6PZZxU3Iva0fFNrfWEQlMhkqx35+jq44sDB7R3IJMfAw28Mbdim7aXZOV/kbZKKT +VrdvmW7bCgScEeOAH8tjlBAKqeFkgjH5jCftppkA9nCTGPihNIaj3XrCGHn2emU1z5DrvTOTn1Or +czvmmzQgLx3vqR1jGqCA2wMv+SYahtKNu6m+UjqHZ0gNv7Sg2Ca+I19zN38m5pIEo3/PIKe38zrK +y5nLAgMBAAGjczBxMBEGCWCGSAGG+EIBAQQEAwIABzAfBgNVHSMEGDAWgBRl8jGtKvf33VKWCscC +wQ7vptU7ETAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIB/jAdBgNVHQ4EFgQUZfIxrSr3991S +lgrHAsEO76bVOxEwDQYJKoZIhvcNAQEFBQADggEBAEs17szkrr/Dbq2flTtLP1se31cpolnKOOK5 +Gv+e5m4y3R6u6jW39ZORTtpC4cMXYFDy0VwmuYK36m3knITnA3kXr5g9lNvHugDnuL8BV8F3RTIM +O/G0HAiw/VGgod2aHRM2mm23xzy54cXZF/qD1T0VoDy7HgviyJA/qIYM/PmLXoXLT1tLYhFHxUV8 +BS9BsZ4QaRuZluBVeftOhpm4lNqGOGqTo+fLbuXf6iFViZx9fX+Y9QCJ7uOEwFyWtcVG6kbghVW2 +G8kS1sHNzYDzAgE8yGnLRUhj2JTQ7IUOO04RZfSCjKY9ri4ilAnIXOo8gV0WKgOXFlUJ24pBgp5m +mxE= +-----END CERTIFICATE----- + +GeoTrust Primary Certification Authority - G3 +============================================= +-----BEGIN CERTIFICATE----- +MIID/jCCAuagAwIBAgIQFaxulBmyeUtB9iepwxgPHzANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UE +BhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChjKSAyMDA4IEdlb1RydXN0 +IEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFy +eSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEczMB4XDTA4MDQwMjAwMDAwMFoXDTM3MTIwMTIz +NTk1OVowgZgxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAo +YykgMjAwOCBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNVBAMT +LUdlb1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMzCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBANziXmJYHTNXOTIz+uvLh4yn1ErdBojqZI4xmKU4kB6Yzy5j +K/BGvESyiaHAKAxJcCGVn2TAppMSAmUmhsalifD614SgcK9PGpc/BkTVyetyEH3kMSj7HGHmKAdE +c5IiaacDiGydY8hS2pgn5whMcD60yRLBxWeDXTPzAxHsatBT4tG6NmCUgLthY2xbF37fQJQeqw3C +IShwiP/WJmxsYAQlTlV+fe+/lEjetx3dcI0FX4ilm/LC7urRQEFtYjgdVgbFA0dRIBn8exALDmKu +dlW/X3e+PkkBUz2YJQN2JFodtNuJ6nnltrM7P7pMKEF/BqxqjsHQ9gUdfeZChuOl1UcCAwEAAaNC +MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMR5yo6hTgMdHNxr +2zFblD4/MH8tMA0GCSqGSIb3DQEBCwUAA4IBAQAtxRPPVoB7eni9n64smefv2t+UXglpp+duaIy9 +cr5HqQ6XErhK8WTTOd8lNNTBzU6B8A8ExCSzNJbGpqow32hhc9f5joWJ7w5elShKKiePEI4ufIbE +Ap7aDHdlDkQNkv39sxY2+hENHYwOB4lqKVb3cvTdFZx3NWZXqxNT2I7BQMXXExZacse3aQHEerGD +AWh9jUGhlBjBJVz88P6DAod8DQ3PLghcSkANPuyBYeYk28rgDi0Hsj5W3I31QYUHSJsMC8tJP33s +t/3LjWeJGqvtux6jAAgIFyqCXDFdRootD4abdNlF+9RAsXqqaC2Gspki4cErx5z481+oghLrGREt +-----END CERTIFICATE----- + +thawte Primary Root CA - G2 +=========================== +-----BEGIN CERTIFICATE----- +MIICiDCCAg2gAwIBAgIQNfwmXNmET8k9Jj1Xm67XVjAKBggqhkjOPQQDAzCBhDELMAkGA1UEBhMC +VVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjE4MDYGA1UECxMvKGMpIDIwMDcgdGhhd3RlLCBJbmMu +IC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxJDAiBgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3Qg +Q0EgLSBHMjAeFw0wNzExMDUwMDAwMDBaFw0zODAxMTgyMzU5NTlaMIGEMQswCQYDVQQGEwJVUzEV +MBMGA1UEChMMdGhhd3RlLCBJbmMuMTgwNgYDVQQLEy8oYykgMjAwNyB0aGF3dGUsIEluYy4gLSBG +b3IgYXV0aG9yaXplZCB1c2Ugb25seTEkMCIGA1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAt +IEcyMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEotWcgnuVnfFSeIf+iha/BebfowJPDQfGAFG6DAJS +LSKkQjnE/o/qycG+1E3/n3qe4rF8mq2nhglzh9HnmuN6papu+7qzcMBniKI11KOasf2twu8x+qi5 +8/sIxpHR+ymVo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU +mtgAMADna3+FGO6Lts6KDPgR4bswCgYIKoZIzj0EAwMDaQAwZgIxAN344FdHW6fmCsO99YCKlzUN +G4k8VIZ3KMqh9HneteY4sPBlcIx/AlTCv//YoT7ZzwIxAMSNlPzcU9LcnXgWHxUzI1NS41oxXZ3K +rr0TKUQNJ1uo52icEvdYPy5yAlejj6EULg== +-----END CERTIFICATE----- + +thawte Primary Root CA - G3 +=========================== +-----BEGIN CERTIFICATE----- +MIIEKjCCAxKgAwIBAgIQYAGXt0an6rS0mtZLL/eQ+zANBgkqhkiG9w0BAQsFADCBrjELMAkGA1UE +BhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2 +aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMvKGMpIDIwMDggdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhv +cml6ZWQgdXNlIG9ubHkxJDAiBgNVBAMTG3RoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EgLSBHMzAeFw0w +ODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIGuMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhh +d3RlLCBJbmMuMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMTgwNgYD +VQQLEy8oYykgMjAwOCB0aGF3dGUsIEluYy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTEkMCIG +A1UEAxMbdGhhd3RlIFByaW1hcnkgUm9vdCBDQSAtIEczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAsr8nLPvb2FvdeHsbnndmgcs+vHyu86YnmjSjaDFxODNi5PNxZnmxqWWjpYvVj2At +P0LMqmsywCPLLEHd5N/8YZzic7IilRFDGF/Eth9XbAoFWCLINkw6fKXRz4aviKdEAhN0cXMKQlkC ++BsUa0Lfb1+6a4KinVvnSr0eAXLbS3ToO39/fR8EtCab4LRarEc9VbjXsCZSKAExQGbY2SS99irY +7CFJXJv2eul/VTV+lmuNk5Mny5K76qxAwJ/C+IDPXfRa3M50hqY+bAtTyr2SzhkGcuYMXDhpxwTW +vGzOW/b3aJzcJRVIiKHpqfiYnODz1TEoYRFsZ5aNOZnLwkUkOQIDAQABo0IwQDAPBgNVHRMBAf8E +BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUrWyqlGCc7eT/+j4KdCtjA/e2Wb8wDQYJ +KoZIhvcNAQELBQADggEBABpA2JVlrAmSicY59BDlqQ5mU1143vokkbvnRFHfxhY0Cu9qRFHqKweK +A3rD6z8KLFIWoCtDuSWQP3CpMyVtRRooOyfPqsMpQhvfO0zAMzRbQYi/aytlryjvsvXDqmbOe1bu +t8jLZ8HJnBoYuMTDSQPxYA5QzUbF83d597YV4Djbxy8ooAw/dyZ02SUS2jHaGh7cKUGRIjxpp7sC +8rZcJwOJ9Abqm+RyguOhCcHpABnTPtRwa7pxpqpYrvS76Wy274fMm7v/OeZWYdMKp8RcTGB7BXcm +er/YB1IsYvdwY9k5vG8cwnncdimvzsUsZAReiDZuMdRAGmI0Nj81Aa6sY6A= +-----END CERTIFICATE----- + +GeoTrust Primary Certification Authority - G2 +============================================= +-----BEGIN CERTIFICATE----- +MIICrjCCAjWgAwIBAgIQPLL0SAoA4v7rJDteYD7DazAKBggqhkjOPQQDAzCBmDELMAkGA1UEBhMC +VVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4xOTA3BgNVBAsTMChjKSAyMDA3IEdlb1RydXN0IElu +Yy4gLSBGb3IgYXV0aG9yaXplZCB1c2Ugb25seTE2MDQGA1UEAxMtR2VvVHJ1c3QgUHJpbWFyeSBD +ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEcyMB4XDTA3MTEwNTAwMDAwMFoXDTM4MDExODIzNTk1 +OVowgZgxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMTkwNwYDVQQLEzAoYykg +MjAwNyBHZW9UcnVzdCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxNjA0BgNVBAMTLUdl +b1RydXN0IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHMjB2MBAGByqGSM49AgEG +BSuBBAAiA2IABBWx6P0DFUPlrOuHNxFi79KDNlJ9RVcLSo17VDs6bl8VAsBQps8lL33KSLjHUGMc +KiEIfJo22Av+0SbFWDEwKCXzXV2juLaltJLtbCyf691DiaI8S0iRHVDsJt/WYC69IaNCMEAwDwYD +VR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBVfNVdRVfslsq0DafwBo/q+ +EVXVMAoGCCqGSM49BAMDA2cAMGQCMGSWWaboCd6LuvpaiIjwH5HTRqjySkwCY/tsXzjbLkGTqQ7m +ndwxHLKgpxgceeHHNgIwOlavmnRs9vuD4DPTCF+hnMJbn0bWtsuRBmOiBuczrD6ogRLQy7rQkgu2 +npaqBA+K +-----END CERTIFICATE----- + +VeriSign Universal Root Certification Authority +=============================================== +-----BEGIN CERTIFICATE----- +MIIEuTCCA6GgAwIBAgIQQBrEZCGzEyEDDrvkEhrFHTANBgkqhkiG9w0BAQsFADCBvTELMAkGA1UE +BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBO +ZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwOCBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVk +IHVzZSBvbmx5MTgwNgYDVQQDEy9WZXJpU2lnbiBVbml2ZXJzYWwgUm9vdCBDZXJ0aWZpY2F0aW9u +IEF1dGhvcml0eTAeFw0wODA0MDIwMDAwMDBaFw0zNzEyMDEyMzU5NTlaMIG9MQswCQYDVQQGEwJV +UzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdv +cmsxOjA4BgNVBAsTMShjKSAyMDA4IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNl +IG9ubHkxODA2BgNVBAMTL1ZlcmlTaWduIFVuaXZlcnNhbCBSb290IENlcnRpZmljYXRpb24gQXV0 +aG9yaXR5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2E3XrEBNNti1xWb/1hajCMj +1mCOkdeQmIN65lgZOIzF9uVkhbSicfvtvbnazU0AtMgtc6XHaXGVHzk8skQHnOgO+k1KxCHfKWGP +MiJhgsWHH26MfF8WIFFE0XBPV+rjHOPMee5Y2A7Cs0WTwCznmhcrewA3ekEzeOEz4vMQGn+HLL72 +9fdC4uW/h2KJXwBL38Xd5HVEMkE6HnFuacsLdUYI0crSK5XQz/u5QGtkjFdN/BMReYTtXlT2NJ8I +AfMQJQYXStrxHXpma5hgZqTZ79IugvHw7wnqRMkVauIDbjPTrJ9VAMf2CGqUuV/c4DPxhGD5WycR +tPwW8rtWaoAljQIDAQABo4GyMIGvMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMG0G +CCsGAQUFBwEMBGEwX6FdoFswWTBXMFUWCWltYWdlL2dpZjAhMB8wBwYFKw4DAhoEFI/l0xqGrI2O +a8PPgGrUSBgsexkuMCUWI2h0dHA6Ly9sb2dvLnZlcmlzaWduLmNvbS92c2xvZ28uZ2lmMB0GA1Ud +DgQWBBS2d/ppSEefUxLVwuoHMnYH0ZcHGTANBgkqhkiG9w0BAQsFAAOCAQEASvj4sAPmLGd75JR3 +Y8xuTPl9Dg3cyLk1uXBPY/ok+myDjEedO2Pzmvl2MpWRsXe8rJq+seQxIcaBlVZaDrHC1LGmWazx +Y8u4TB1ZkErvkBYoH1quEPuBUDgMbMzxPcP1Y+Oz4yHJJDnp/RVmRvQbEdBNc6N9Rvk97ahfYtTx +P/jgdFcrGJ2BtMQo2pSXpXDrrB2+BxHw1dvd5Yzw1TKwg+ZX4o+/vqGqvz0dtdQ46tewXDpPaj+P +wGZsY6rp2aQW9IHRlRQOfc2VNNnSj3BzgXucfr2YYdhFh5iQxeuGMMY1v/D/w1WIg0vvBZIGcfK4 +mJO37M2CYfE45k+XmCpajQ== +-----END CERTIFICATE----- + +VeriSign Class 3 Public Primary Certification Authority - G4 +============================================================ +-----BEGIN CERTIFICATE----- +MIIDhDCCAwqgAwIBAgIQL4D+I4wOIg9IZxIokYesszAKBggqhkjOPQQDAzCByjELMAkGA1UEBhMC +VVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3 +b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVz +ZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmlj +YXRpb24gQXV0aG9yaXR5IC0gRzQwHhcNMDcxMTA1MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCByjEL +MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBU +cnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNyBWZXJpU2lnbiwgSW5jLiAtIEZvciBhdXRo +b3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5 +IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzQwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASnVnp8 +Utpkmw4tXNherJI9/gHmGUo9FANL+mAnINmDiWn6VMaaGF5VKmTeBvaNSjutEDxlPZCIBIngMGGz +rl0Bp3vefLK+ymVhAIau2o970ImtTR1ZmkGxvEeA3J5iw/mjgbIwga8wDwYDVR0TAQH/BAUwAwEB +/zAOBgNVHQ8BAf8EBAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEw +HzAHBgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24u +Y29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFLMWkf3upm7ktS5Jj4d4gYDs5bG1MAoGCCqGSM49BAMD +A2gAMGUCMGYhDBgmYFo4e1ZC4Kf8NoRRkSAsdk1DPcQdhCPQrNZ8NQbOzWm9kA3bbEhCHQ6qQgIx +AJw9SDkjOVgaFRJZap7v1VmyHVIsmXHNxynfGyphe3HR3vPA5Q06Sqotp9iGKt0uEA== +-----END CERTIFICATE----- + +NetLock Arany (Class Gold) FÅ‘tanúsÃtvány +======================================== +-----BEGIN CERTIFICATE----- +MIIEFTCCAv2gAwIBAgIGSUEs5AAQMA0GCSqGSIb3DQEBCwUAMIGnMQswCQYDVQQGEwJIVTERMA8G +A1UEBwwIQnVkYXBlc3QxFTATBgNVBAoMDE5ldExvY2sgS2Z0LjE3MDUGA1UECwwuVGFuw7pzw610 +dsOhbnlraWFkw7NrIChDZXJ0aWZpY2F0aW9uIFNlcnZpY2VzKTE1MDMGA1UEAwwsTmV0TG9jayBB +cmFueSAoQ2xhc3MgR29sZCkgRsWRdGFuw7pzw610dsOhbnkwHhcNMDgxMjExMTUwODIxWhcNMjgx +MjA2MTUwODIxWjCBpzELMAkGA1UEBhMCSFUxETAPBgNVBAcMCEJ1ZGFwZXN0MRUwEwYDVQQKDAxO +ZXRMb2NrIEtmdC4xNzA1BgNVBAsMLlRhbsO6c8OtdHbDoW55a2lhZMOzayAoQ2VydGlmaWNhdGlv +biBTZXJ2aWNlcykxNTAzBgNVBAMMLE5ldExvY2sgQXJhbnkgKENsYXNzIEdvbGQpIEbFkXRhbsO6 +c8OtdHbDoW55MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCRec75LbRTDofTjl5Bu +0jBFHjzuZ9lk4BqKf8owyoPjIMHj9DrTlF8afFttvzBPhCf2nx9JvMaZCpDyD/V/Q4Q3Y1GLeqVw +/HpYzY6b7cNGbIRwXdrzAZAj/E4wqX7hJ2Pn7WQ8oLjJM2P+FpD/sLj916jAwJRDC7bVWaaeVtAk +H3B5r9s5VA1lddkVQZQBr17s9o3x/61k/iCa11zr/qYfCGSji3ZVrR47KGAuhyXoqq8fxmRGILdw +fzzeSNuWU7c5d+Qa4scWhHaXWy+7GRWF+GmF9ZmnqfI0p6m2pgP8b4Y9VHx2BJtr+UBdADTHLpl1 +neWIA6pN+APSQnbAGwIDAKiLo0UwQzASBgNVHRMBAf8ECDAGAQH/AgEEMA4GA1UdDwEB/wQEAwIB +BjAdBgNVHQ4EFgQUzPpnk/C2uNClwB7zU/2MU9+D15YwDQYJKoZIhvcNAQELBQADggEBAKt/7hwW +qZw8UQCgwBEIBaeZ5m8BiFRhbvG5GK1Krf6BQCOUL/t1fC8oS2IkgYIL9WHxHG64YTjrgfpioTta +YtOUZcTh5m2C+C8lcLIhJsFyUR+MLMOEkMNaj7rP9KdlpeuY0fsFskZ1FSNqb4VjMIDw1Z4fKRzC +bLBQWV2QWzuoDTDPv31/zvGdg73JRm4gpvlhUbohL3u+pRVjodSVh/GeufOJ8z2FuLjbvrW5Kfna +NwUASZQDhETnv0Mxz3WLJdH0pmT1kvarBes96aULNmLazAZfNou2XjG4Kvte9nHfRCaexOYNkbQu +dZWAUWpLMKawYqGT8ZvYzsRjdT9ZR7E= +-----END CERTIFICATE----- + +Staat der Nederlanden Root CA - G2 +================================== +-----BEGIN CERTIFICATE----- +MIIFyjCCA7KgAwIBAgIEAJiWjDANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJOTDEeMBwGA1UE +CgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFhdCBkZXIgTmVkZXJsYW5kZW4g +Um9vdCBDQSAtIEcyMB4XDTA4MDMyNjExMTgxN1oXDTIwMDMyNTExMDMxMFowWjELMAkGA1UEBhMC +TkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5l +ZGVybGFuZGVuIFJvb3QgQ0EgLSBHMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMVZ +5291qj5LnLW4rJ4L5PnZyqtdj7U5EILXr1HgO+EASGrP2uEGQxGZqhQlEq0i6ABtQ8SpuOUfiUtn +vWFI7/3S4GCI5bkYYCjDdyutsDeqN95kWSpGV+RLufg3fNU254DBtvPUZ5uW6M7XxgpT0GtJlvOj +CwV3SPcl5XCsMBQgJeN/dVrlSPhOewMHBPqCYYdu8DvEpMfQ9XQ+pV0aCPKbJdL2rAQmPlU6Yiil +e7Iwr/g3wtG61jj99O9JMDeZJiFIhQGp5Rbn3JBV3w/oOM2ZNyFPXfUib2rFEhZgF1XyZWampzCR +OME4HYYEhLoaJXhena/MUGDWE4dS7WMfbWV9whUYdMrhfmQpjHLYFhN9C0lK8SgbIHRrxT3dsKpI +CT0ugpTNGmXZK4iambwYfp/ufWZ8Pr2UuIHOzZgweMFvZ9C+X+Bo7d7iscksWXiSqt8rYGPy5V65 +48r6f1CGPqI0GAwJaCgRHOThuVw+R7oyPxjMW4T182t0xHJ04eOLoEq9jWYv6q012iDTiIJh8BIi +trzQ1aTsr1SIJSQ8p22xcik/Plemf1WvbibG/ufMQFxRRIEKeN5KzlW/HdXZt1bv8Hb/C3m1r737 +qWmRRpdogBQ2HbN/uymYNqUg+oJgYjOk7Na6B6duxc8UpufWkjTYgfX8HV2qXB72o007uPc5AgMB +AAGjgZcwgZQwDwYDVR0TAQH/BAUwAwEB/zBSBgNVHSAESzBJMEcGBFUdIAAwPzA9BggrBgEFBQcC +ARYxaHR0cDovL3d3dy5wa2lvdmVyaGVpZC5ubC9wb2xpY2llcy9yb290LXBvbGljeS1HMjAOBgNV +HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJFoMocVHYnitfGsNig0jQt8YojrMA0GCSqGSIb3DQEBCwUA +A4ICAQCoQUpnKpKBglBu4dfYszk78wIVCVBR7y29JHuIhjv5tLySCZa59sCrI2AGeYwRTlHSeYAz ++51IvuxBQ4EffkdAHOV6CMqqi3WtFMTC6GY8ggen5ieCWxjmD27ZUD6KQhgpxrRW/FYQoAUXvQwj +f/ST7ZwaUb7dRUG/kSS0H4zpX897IZmflZ85OkYcbPnNe5yQzSipx6lVu6xiNGI1E0sUOlWDuYaN +kqbG9AclVMwWVxJKgnjIFNkXgiYtXSAfea7+1HAWFpWD2DU5/1JddRwWxRNVz0fMdWVSSt7wsKfk +CpYL+63C4iWEst3kvX5ZbJvw8NjnyvLplzh+ib7M+zkXYT9y2zqR2GUBGR2tUKRXCnxLvJxxcypF +URmFzI79R6d0lR2o0a9OF7FpJsKqeFdbxU2n5Z4FF5TKsl+gSRiNNOkmbEgeqmiSBeGCc1qb3Adb +CG19ndeNIdn8FCCqwkXfP+cAslHkwvgFuXkajDTznlvkN1trSt8sV4pAWja63XVECDdCcAz+3F4h +oKOKwJCcaNpQ5kUQR3i2TtJlycM33+FCY7BXN0Ute4qcvwXqZVUz9zkQxSgqIXobisQk+T8VyJoV +IPVVYpbtbZNQvOSqeK3Zywplh6ZmwcSBo3c6WB4L7oOLnR7SUqTMHW+wmG2UMbX4cQrcufx9MmDm +66+KAQ== +-----END CERTIFICATE----- + +Hongkong Post Root CA 1 +======================= +-----BEGIN CERTIFICATE----- +MIIDMDCCAhigAwIBAgICA+gwDQYJKoZIhvcNAQEFBQAwRzELMAkGA1UEBhMCSEsxFjAUBgNVBAoT +DUhvbmdrb25nIFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3QgUm9vdCBDQSAxMB4XDTAzMDUx +NTA1MTMxNFoXDTIzMDUxNTA0NTIyOVowRzELMAkGA1UEBhMCSEsxFjAUBgNVBAoTDUhvbmdrb25n +IFBvc3QxIDAeBgNVBAMTF0hvbmdrb25nIFBvc3QgUm9vdCBDQSAxMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEArP84tulmAknjorThkPlAj3n54r15/gK97iSSHSL22oVyaf7XPwnU3ZG1 +ApzQjVrhVcNQhrkpJsLj2aDxaQMoIIBFIi1WpztUlVYiWR8o3x8gPW2iNr4joLFutbEnPzlTCeqr +auh0ssJlXI6/fMN4hM2eFvz1Lk8gKgifd/PFHsSaUmYeSF7jEAaPIpjhZY4bXSNmO7ilMlHIhqqh +qZ5/dpTCpmy3QfDVyAY45tQM4vM7TG1QjMSDJ8EThFk9nnV0ttgCXjqQesBCNnLsak3c78QA3xMY +V18meMjWCnl3v/evt3a5pQuEF10Q6m/hq5URX208o1xNg1vysxmKgIsLhwIDAQABoyYwJDASBgNV +HRMBAf8ECDAGAQH/AgEDMA4GA1UdDwEB/wQEAwIBxjANBgkqhkiG9w0BAQUFAAOCAQEADkbVPK7i +h9legYsCmEEIjEy82tvuJxuC52pF7BaLT4Wg87JwvVqWuspube5Gi27nKi6Wsxkz67SfqLI37pio +l7Yutmcn1KZJ/RyTZXaeQi/cImyaT/JaFTmxcdcrUehtHJjA2Sr0oYJ71clBoiMBdDhViw+5Lmei +IAQ32pwL0xch4I+XeTRvhEgCIDMb5jREn5Fw9IBehEPCKdJsEhTkYY2sEJCehFC78JZvRZ+K88ps +T/oROhUVRsPNH4NbLUES7VBnQRM9IauUiqpOfMGx+6fWtScvl6tu4B3i0RwsH0Ti/L6RoZz71ilT +c4afU9hDDl3WY4JxHYB0yvbiAmvZWg== +-----END CERTIFICATE----- + +SecureSign RootCA11 +=================== +-----BEGIN CERTIFICATE----- +MIIDbTCCAlWgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJKUDErMCkGA1UEChMi +SmFwYW4gQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcywgSW5jLjEcMBoGA1UEAxMTU2VjdXJlU2lnbiBS +b290Q0ExMTAeFw0wOTA0MDgwNDU2NDdaFw0yOTA0MDgwNDU2NDdaMFgxCzAJBgNVBAYTAkpQMSsw +KQYDVQQKEyJKYXBhbiBDZXJ0aWZpY2F0aW9uIFNlcnZpY2VzLCBJbmMuMRwwGgYDVQQDExNTZWN1 +cmVTaWduIFJvb3RDQTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/XeqpRyQBTvL +TJszi1oURaTnkBbR31fSIRCkF/3frNYfp+TbfPfs37gD2pRY/V1yfIw/XwFndBWW4wI8h9uuywGO +wvNmxoVF9ALGOrVisq/6nL+k5tSAMJjzDbaTj6nU2DbysPyKyiyhFTOVMdrAG/LuYpmGYz+/3ZMq +g6h2uRMft85OQoWPIucuGvKVCbIFtUROd6EgvanyTgp9UK31BQ1FT0Zx/Sg+U/sE2C3XZR1KG/rP +O7AxmjVuyIsG0wCR8pQIZUyxNAYAeoni8McDWc/V1uinMrPmmECGxc0nEovMe863ETxiYAcjPitA +bpSACW22s293bzUIUPsCh8U+iQIDAQABo0IwQDAdBgNVHQ4EFgQUW/hNT7KlhtQ60vFjmqC+CfZX +t94wDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAKCh +OBZmLqdWHyGcBvod7bkixTgm2E5P7KN/ed5GIaGHd48HCJqypMWvDzKYC3xmKbabfSVSSUOrTC4r +bnpwrxYO4wJs+0LmGJ1F2FXI6Dvd5+H0LgscNFxsWEr7jIhQX5Ucv+2rIrVls4W6ng+4reV6G4pQ +Oh29Dbx7VFALuUKvVaAYga1lme++5Jy/xIWrQbJUb9wlze144o4MjQlJ3WN7WmmWAiGovVJZ6X01 +y8hSyn+B/tlr0/cR7SXf+Of5pPpyl4RTDaXQMhhRdlkUbA/r7F+AjHVDg8OFmP9Mni0N5HeDk061 +lgeLKBObjBmNQSdJQO7e5iNEOdyhIta6A/I= +-----END CERTIFICATE----- + +ACEDICOM Root +============= +-----BEGIN CERTIFICATE----- +MIIFtTCCA52gAwIBAgIIYY3HhjsBggUwDQYJKoZIhvcNAQEFBQAwRDEWMBQGA1UEAwwNQUNFRElD +T00gUm9vdDEMMAoGA1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00xCzAJBgNVBAYTAkVTMB4XDTA4 +MDQxODE2MjQyMloXDTI4MDQxMzE2MjQyMlowRDEWMBQGA1UEAwwNQUNFRElDT00gUm9vdDEMMAoG +A1UECwwDUEtJMQ8wDQYDVQQKDAZFRElDT00xCzAJBgNVBAYTAkVTMIICIjANBgkqhkiG9w0BAQEF +AAOCAg8AMIICCgKCAgEA/5KV4WgGdrQsyFhIyv2AVClVYyT/kGWbEHV7w2rbYgIB8hiGtXxaOLHk +WLn709gtn70yN78sFW2+tfQh0hOR2QetAQXW8713zl9CgQr5auODAKgrLlUTY4HKRxx7XBZXehuD +YAQ6PmXDzQHe3qTWDLqO3tkE7hdWIpuPY/1NFgu3e3eM+SW10W2ZEi5PGrjm6gSSrj0RuVFCPYew +MYWveVqc/udOXpJPQ/yrOq2lEiZmueIM15jO1FillUAKt0SdE3QrwqXrIhWYENiLxQSfHY9g5QYb +m8+5eaA9oiM/Qj9r+hwDezCNzmzAv+YbX79nuIQZ1RXve8uQNjFiybwCq0Zfm/4aaJQ0PZCOrfbk +HQl/Sog4P75n/TSW9R28MHTLOO7VbKvU/PQAtwBbhTIWdjPp2KOZnQUAqhbm84F9b32qhm2tFXTT +xKJxqvQUfecyuB+81fFOvW8XAjnXDpVCOscAPukmYxHqC9FK/xidstd7LzrZlvvoHpKuE1XI2Sf2 +3EgbsCTBheN3nZqk8wwRHQ3ItBTutYJXCb8gWH8vIiPYcMt5bMlL8qkqyPyHK9caUPgn6C9D4zq9 +2Fdx/c6mUlv53U3t5fZvie27k5x2IXXwkkwp9y+cAS7+UEaeZAwUswdbxcJzbPEHXEUkFDWug/Fq +TYl6+rPYLWbwNof1K1MCAwEAAaOBqjCBpzAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKaz +4SsrSbbXc6GqlPUB53NlTKxQMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUprPhKytJttdzoaqU +9QHnc2VMrFAwRAYDVR0gBD0wOzA5BgRVHSAAMDEwLwYIKwYBBQUHAgEWI2h0dHA6Ly9hY2VkaWNv +bS5lZGljb21ncm91cC5jb20vZG9jMA0GCSqGSIb3DQEBBQUAA4ICAQDOLAtSUWImfQwng4/F9tqg +aHtPkl7qpHMyEVNEskTLnewPeUKzEKbHDZ3Ltvo/Onzqv4hTGzz3gvoFNTPhNahXwOf9jU8/kzJP +eGYDdwdY6ZXIfj7QeQCM8htRM5u8lOk6e25SLTKeI6RF+7YuE7CLGLHdztUdp0J/Vb77W7tH1Pwk +zQSulgUV1qzOMPPKC8W64iLgpq0i5ALudBF/TP94HTXa5gI06xgSYXcGCRZj6hitoocf8seACQl1 +ThCojz2GuHURwCRiipZ7SkXp7FnFvmuD5uHorLUwHv4FB4D54SMNUI8FmP8sX+g7tq3PgbUhh8oI +KiMnMCArz+2UW6yyetLHKKGKC5tNSixthT8Jcjxn4tncB7rrZXtaAWPWkFtPF2Y9fwsZo5NjEFIq +nxQWWOLcpfShFosOkYuByptZ+thrkQdlVV9SH686+5DdaaVbnG0OLLb6zqylfDJKZ0DcMDQj3dcE +I2bw/FWAp/tmGYI1Z2JwOV5vx+qQQEQIHriy1tvuWacNGHk0vFQYXlPKNFHtRQrmjseCNj6nOGOp +MCwXEGCSn1WHElkQwg9naRHMTh5+Spqtr0CodaxWkHS4oJyleW/c6RrIaQXpuvoDs3zk4E7Czp3o +tkYNbn5XOmeUwssfnHdKZ05phkOTOPu220+DkdRgfks+KzgHVZhepA== +-----END CERTIFICATE----- + +Microsec e-Szigno Root CA 2009 +============================== +-----BEGIN CERTIFICATE----- +MIIECjCCAvKgAwIBAgIJAMJ+QwRORz8ZMA0GCSqGSIb3DQEBCwUAMIGCMQswCQYDVQQGEwJIVTER +MA8GA1UEBwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jv +c2VjIGUtU3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5o +dTAeFw0wOTA2MTYxMTMwMThaFw0yOTEyMzAxMTMwMThaMIGCMQswCQYDVQQGEwJIVTERMA8GA1UE +BwwIQnVkYXBlc3QxFjAUBgNVBAoMDU1pY3Jvc2VjIEx0ZC4xJzAlBgNVBAMMHk1pY3Jvc2VjIGUt +U3ppZ25vIFJvb3QgQ0EgMjAwOTEfMB0GCSqGSIb3DQEJARYQaW5mb0BlLXN6aWduby5odTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOn4j/NjrdqG2KfgQvvPkd6mJviZpWNwrZuuyjNA +fW2WbqEORO7hE52UQlKavXWFdCyoDh2Tthi3jCyoz/tccbna7P7ofo/kLx2yqHWH2Leh5TvPmUpG +0IMZfcChEhyVbUr02MelTTMuhTlAdX4UfIASmFDHQWe4oIBhVKZsTh/gnQ4H6cm6M+f+wFUoLAKA +pxn1ntxVUwOXewdI/5n7N4okxFnMUBBjjqqpGrCEGob5X7uxUG6k0QrM1XF+H6cbfPVTbiJfyyvm +1HxdrtbCxkzlBQHZ7Vf8wSN5/PrIJIOV87VqUQHQd9bpEqH5GoP7ghu5sJf0dgYzQ0mg/wu1+rUC +AwEAAaOBgDB+MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTLD8bf +QkPMPcu1SCOhGnqmKrs0aDAfBgNVHSMEGDAWgBTLD8bfQkPMPcu1SCOhGnqmKrs0aDAbBgNVHREE +FDASgRBpbmZvQGUtc3ppZ25vLmh1MA0GCSqGSIb3DQEBCwUAA4IBAQDJ0Q5eLtXMs3w+y/w9/w0o +lZMEyL/azXm4Q5DwpL7v8u8hmLzU1F0G9u5C7DBsoKqpyvGvivo/C3NqPuouQH4frlRheesuCDfX +I/OMn74dseGkddug4lQUsbocKaQY9hK6ohQU4zE1yED/t+AFdlfBHFny+L/k7SViXITwfn4fs775 +tyERzAMBVnCnEJIeGzSBHq2cGsMEPO0CYdYeBvNfOofyK/FFh+U9rNHHV4S9a67c2Pm2G2JwCz02 +yULyMtd6YebS2z3PyKnJm9zbWETXbzivf3jTo60adbocwTZ8jx5tHMN1Rq41Bab2XD0h7lbwyYIi +LXpUq3DDfSJlgnCW +-----END CERTIFICATE----- + +GlobalSign Root CA - R3 +======================= +-----BEGIN CERTIFICATE----- +MIIDXzCCAkegAwIBAgILBAAAAAABIVhTCKIwDQYJKoZIhvcNAQELBQAwTDEgMB4GA1UECxMXR2xv +YmFsU2lnbiBSb290IENBIC0gUjMxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2Jh +bFNpZ24wHhcNMDkwMzE4MTAwMDAwWhcNMjkwMzE4MTAwMDAwWjBMMSAwHgYDVQQLExdHbG9iYWxT +aWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UEAxMKR2xvYmFsU2ln +bjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMwldpB5BngiFvXAg7aEyiie/QV2EcWt +iHL8RgJDx7KKnQRfJMsuS+FggkbhUqsMgUdwbN1k0ev1LKMPgj0MK66X17YUhhB5uzsTgHeMCOFJ +0mpiLx9e+pZo34knlTifBtc+ycsmWQ1z3rDI6SYOgxXG71uL0gRgykmmKPZpO/bLyCiR5Z2KYVc3 +rHQU3HTgOu5yLy6c+9C7v/U9AOEGM+iCK65TpjoWc4zdQQ4gOsC0p6Hpsk+QLjJg6VfLuQSSaGjl +OCZgdbKfd/+RFO+uIEn8rUAVSNECMWEZXriX7613t2Saer9fwRPvm2L7DWzgVGkWqQPabumDk3F2 +xmmFghcCAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE +FI/wS3+oLkUkrk1Q+mOai97i3Ru8MA0GCSqGSIb3DQEBCwUAA4IBAQBLQNvAUKr+yAzv95ZURUm7 +lgAJQayzE4aGKAczymvmdLm6AC2upArT9fHxD4q/c2dKg8dEe3jgr25sbwMpjjM5RcOO5LlXbKr8 +EpbsU8Yt5CRsuZRj+9xTaGdWPoO4zzUhw8lo/s7awlOqzJCK6fBdRoyV3XpYKBovHd7NADdBj+1E +bddTKJd+82cEHhXXipa0095MJ6RMG3NzdvQXmcIfeg7jLQitChws/zyrVQ4PkX4268NXSb7hLi18 +YIvDQVETI53O9zJrlAGomecsMx86OyXShkDOOyyGeMlhLxS67ttVb9+E7gUJTb0o2HLO02JQZR7r +kpeDMdmztcpHWD9f +-----END CERTIFICATE----- + +Autoridad de Certificacion Firmaprofesional CIF A62634068 +========================================================= +-----BEGIN CERTIFICATE----- +MIIGFDCCA/ygAwIBAgIIU+w77vuySF8wDQYJKoZIhvcNAQEFBQAwUTELMAkGA1UEBhMCRVMxQjBA +BgNVBAMMOUF1dG9yaWRhZCBkZSBDZXJ0aWZpY2FjaW9uIEZpcm1hcHJvZmVzaW9uYWwgQ0lGIEE2 +MjYzNDA2ODAeFw0wOTA1MjAwODM4MTVaFw0zMDEyMzEwODM4MTVaMFExCzAJBgNVBAYTAkVTMUIw +QAYDVQQDDDlBdXRvcmlkYWQgZGUgQ2VydGlmaWNhY2lvbiBGaXJtYXByb2Zlc2lvbmFsIENJRiBB +NjI2MzQwNjgwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDKlmuO6vj78aI14H9M2uDD +Utd9thDIAl6zQyrET2qyyhxdKJp4ERppWVevtSBC5IsP5t9bpgOSL/UR5GLXMnE42QQMcas9UX4P +B99jBVzpv5RvwSmCwLTaUbDBPLutN0pcyvFLNg4kq7/DhHf9qFD0sefGL9ItWY16Ck6WaVICqjaY +7Pz6FIMMNx/Jkjd/14Et5cS54D40/mf0PmbR0/RAz15iNA9wBj4gGFrO93IbJWyTdBSTo3OxDqqH +ECNZXyAFGUftaI6SEspd/NYrspI8IM/hX68gvqB2f3bl7BqGYTM+53u0P6APjqK5am+5hyZvQWyI +plD9amML9ZMWGxmPsu2bm8mQ9QEM3xk9Dz44I8kvjwzRAv4bVdZO0I08r0+k8/6vKtMFnXkIoctX +MbScyJCyZ/QYFpM6/EfY0XiWMR+6KwxfXZmtY4laJCB22N/9q06mIqqdXuYnin1oKaPnirjaEbsX +LZmdEyRG98Xi2J+Of8ePdG1asuhy9azuJBCtLxTa/y2aRnFHvkLfuwHb9H/TKI8xWVvTyQKmtFLK +bpf7Q8UIJm+K9Lv9nyiqDdVF8xM6HdjAeI9BZzwelGSuewvF6NkBiDkal4ZkQdU7hwxu+g/GvUgU +vzlN1J5Bto+WHWOWk9mVBngxaJ43BjuAiUVhOSPHG0SjFeUc+JIwuwIDAQABo4HvMIHsMBIGA1Ud +EwEB/wQIMAYBAf8CAQEwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRlzeurNR4APn7VdMActHNH +DhpkLzCBpgYDVR0gBIGeMIGbMIGYBgRVHSAAMIGPMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmZp +cm1hcHJvZmVzaW9uYWwuY29tL2NwczBcBggrBgEFBQcCAjBQHk4AUABhAHMAZQBvACAAZABlACAA +bABhACAAQgBvAG4AYQBuAG8AdgBhACAANAA3ACAAQgBhAHIAYwBlAGwAbwBuAGEAIAAwADgAMAAx +ADcwDQYJKoZIhvcNAQEFBQADggIBABd9oPm03cXF661LJLWhAqvdpYhKsg9VSytXjDvlMd3+xDLx +51tkljYyGOylMnfX40S2wBEqgLk9am58m9Ot/MPWo+ZkKXzR4Tgegiv/J2Wv+xYVxC5xhOW1//qk +R71kMrv2JYSiJ0L1ILDCExARzRAVukKQKtJE4ZYm6zFIEv0q2skGz3QeqUvVhyj5eTSSPi5E6PaP +T481PyWzOdxjKpBrIF/EUhJOlywqrJ2X3kjyo2bbwtKDlaZmp54lD+kLM5FlClrD2VQS3a/DTg4f +Jl4N3LON7NWBcN7STyQF82xO9UxJZo3R/9ILJUFI/lGExkKvgATP0H5kSeTy36LssUzAKh3ntLFl +osS88Zj0qnAHY7S42jtM+kAiMFsRpvAFDsYCA0irhpuF3dvd6qJ2gHN99ZwExEWN57kci57q13XR +crHedUTnQn3iV2t93Jm8PYMo6oCTjcVMZcFwgbg4/EMxsvYDNEeyrPsiBsse3RdHHF9mudMaotoR +saS8I8nkvof/uZS2+F0gStRf571oe2XyFR7SOqkt6dhrJKyXWERHrVkY8SFlcN7ONGCoQPHzPKTD +KCOM/iczQ0CgFzzr6juwcqajuUpLXhZI9LK8yIySxZ2frHI2vDSANGupi5LAuBft7HZT9SQBjLMi +6Et8Vcad+qMUu2WFbm5PEn4KPJ2V +-----END CERTIFICATE----- + +Izenpe.com +========== +-----BEGIN CERTIFICATE----- +MIIF8TCCA9mgAwIBAgIQALC3WhZIX7/hy/WL1xnmfTANBgkqhkiG9w0BAQsFADA4MQswCQYDVQQG +EwJFUzEUMBIGA1UECgwLSVpFTlBFIFMuQS4xEzARBgNVBAMMCkl6ZW5wZS5jb20wHhcNMDcxMjEz +MTMwODI4WhcNMzcxMjEzMDgyNzI1WjA4MQswCQYDVQQGEwJFUzEUMBIGA1UECgwLSVpFTlBFIFMu +QS4xEzARBgNVBAMMCkl6ZW5wZS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDJ +03rKDx6sp4boFmVqscIbRTJxldn+EFvMr+eleQGPicPK8lVx93e+d5TzcqQsRNiekpsUOqHnJJAK +ClaOxdgmlOHZSOEtPtoKct2jmRXagaKH9HtuJneJWK3W6wyyQXpzbm3benhB6QiIEn6HLmYRY2xU ++zydcsC8Lv/Ct90NduM61/e0aL6i9eOBbsFGb12N4E3GVFWJGjMxCrFXuaOKmMPsOzTFlUFpfnXC +PCDFYbpRR6AgkJOhkEvzTnyFRVSa0QUmQbC1TR0zvsQDyCV8wXDbO/QJLVQnSKwv4cSsPsjLkkxT +OTcj7NMB+eAJRE1NZMDhDVqHIrytG6P+JrUV86f8hBnp7KGItERphIPzidF0BqnMC9bC3ieFUCbK +F7jJeodWLBoBHmy+E60QrLUk9TiRodZL2vG70t5HtfG8gfZZa88ZU+mNFctKy6lvROUbQc/hhqfK +0GqfvEyNBjNaooXlkDWgYlwWTvDjovoDGrQscbNYLN57C9saD+veIR8GdwYDsMnvmfzAuU8Lhij+ +0rnq49qlw0dpEuDb8PYZi+17cNcC1u2HGCgsBCRMd+RIihrGO5rUD8r6ddIBQFqNeb+Lz0vPqhbB +leStTIo+F5HUsWLlguWABKQDfo2/2n+iD5dPDNMN+9fR5XJ+HMh3/1uaD7euBUbl8agW7EekFwID +AQABo4H2MIHzMIGwBgNVHREEgagwgaWBD2luZm9AaXplbnBlLmNvbaSBkTCBjjFHMEUGA1UECgw+ +SVpFTlBFIFMuQS4gLSBDSUYgQTAxMzM3MjYwLVJNZXJjLlZpdG9yaWEtR2FzdGVpeiBUMTA1NSBG +NjIgUzgxQzBBBgNVBAkMOkF2ZGEgZGVsIE1lZGl0ZXJyYW5lbyBFdG9yYmlkZWEgMTQgLSAwMTAx +MCBWaXRvcmlhLUdhc3RlaXowDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0O +BBYEFB0cZQ6o8iV7tJHP5LGx5r1VdGwFMA0GCSqGSIb3DQEBCwUAA4ICAQB4pgwWSp9MiDrAyw6l +Fn2fuUhfGI8NYjb2zRlrrKvV9pF9rnHzP7MOeIWblaQnIUdCSnxIOvVFfLMMjlF4rJUT3sb9fbga +kEyrkgPH7UIBzg/YsfqikuFgba56awmqxinuaElnMIAkejEWOVt+8Rwu3WwJrfIxwYJOubv5vr8q +hT/AQKM6WfxZSzwoJNu0FXWuDYi6LnPAvViH5ULy617uHjAimcs30cQhbIHsvm0m5hzkQiCeR7Cs +g1lwLDXWrzY0tM07+DKo7+N4ifuNRSzanLh+QBxh5z6ikixL8s36mLYp//Pye6kfLqCTVyvehQP5 +aTfLnnhqBbTFMXiJ7HqnheG5ezzevh55hM6fcA5ZwjUukCox2eRFekGkLhObNA5me0mrZJfQRsN5 +nXJQY6aYWwa9SG3YOYNw6DXwBdGqvOPbyALqfP2C2sJbUjWumDqtujWTI6cfSN01RpiyEGjkpTHC +ClguGYEQyVB1/OpaFs4R1+7vUIgtYf8/QnMFlEPVjjxOAToZpR9GTnfQXeWBIiGH/pR9hNiTrdZo +Q0iy2+tzJOeRf1SktoA+naM8THLCV8Sg1Mw4J87VBp6iSNnpn86CcDaTmjvfliHjWbcM2pE38P1Z +WrOZyGlsQyYBNWNgVYkDOnXYukrZVP/u3oDYLdE41V4tC5h9Pmzb/CaIxw== +-----END CERTIFICATE----- + +Chambers of Commerce Root - 2008 +================================ +-----BEGIN CERTIFICATE----- +MIIHTzCCBTegAwIBAgIJAKPaQn6ksa7aMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYDVQQGEwJFVTFD +MEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNv +bS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMu +QS4xKTAnBgNVBAMTIENoYW1iZXJzIG9mIENvbW1lcmNlIFJvb3QgLSAyMDA4MB4XDTA4MDgwMTEy +Mjk1MFoXDTM4MDczMTEyMjk1MFowga4xCzAJBgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNl +ZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNhbWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQF +EwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENhbWVyZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJl +cnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDgwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC +AQCvAMtwNyuAWko6bHiUfaN/Gh/2NdW928sNRHI+JrKQUrpjOyhYb6WzbZSm891kDFX29ufyIiKA +XuFixrYp4YFs8r/lfTJqVKAyGVn+H4vXPWCGhSRv4xGzdz4gljUha7MI2XAuZPeEklPWDrCQiorj +h40G072QDuKZoRuGDtqaCrsLYVAGUvGef3bsyw/QHg3PmTA9HMRFEFis1tPo1+XqxQEHd9ZR5gN/ +ikilTWh1uem8nk4ZcfUyS5xtYBkL+8ydddy/Js2Pk3g5eXNeJQ7KXOt3EgfLZEFHcpOrUMPrCXZk +NNI5t3YRCQ12RcSprj1qr7V9ZS+UWBDsXHyvfuK2GNnQm05aSd+pZgvMPMZ4fKecHePOjlO+Bd5g +D2vlGts/4+EhySnB8esHnFIbAURRPHsl18TlUlRdJQfKFiC4reRB7noI/plvg6aRArBsNlVq5331 +lubKgdaX8ZSD6e2wsWsSaR6s+12pxZjptFtYer49okQ6Y1nUCyXeG0+95QGezdIp1Z8XGQpvvwyQ +0wlf2eOKNcx5Wk0ZN5K3xMGtr/R5JJqyAQuxr1yW84Ay+1w9mPGgP0revq+ULtlVmhduYJ1jbLhj +ya6BXBg14JC7vjxPNyK5fuvPnnchpj04gftI2jE9K+OJ9dC1vX7gUMQSibMjmhAxhduub+84Mxh2 +EQIDAQABo4IBbDCCAWgwEgYDVR0TAQH/BAgwBgEB/wIBDDAdBgNVHQ4EFgQU+SSsD7K1+HnA+mCI +G8TZTQKeFxkwgeMGA1UdIwSB2zCB2IAU+SSsD7K1+HnA+mCIG8TZTQKeFxmhgbSkgbEwga4xCzAJ +BgNVBAYTAkVVMUMwQQYDVQQHEzpNYWRyaWQgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LmNh +bWVyZmlybWEuY29tL2FkZHJlc3MpMRIwEAYDVQQFEwlBODI3NDMyODcxGzAZBgNVBAoTEkFDIENh +bWVyZmlybWEgUy5BLjEpMCcGA1UEAxMgQ2hhbWJlcnMgb2YgQ29tbWVyY2UgUm9vdCAtIDIwMDiC +CQCj2kJ+pLGu2jAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUH +AgEWHGh0dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZIhvcNAQEFBQADggIBAJASryI1 +wqM58C7e6bXpeHxIvj99RZJe6dqxGfwWPJ+0W2aeaufDuV2I6A+tzyMP3iU6XsxPpcG1Lawk0lgH +3qLPaYRgM+gQDROpI9CF5Y57pp49chNyM/WqfcZjHwj0/gF/JM8rLFQJ3uIrbZLGOU8W6jx+ekbU +RWpGqOt1glanq6B8aBMz9p0w8G8nOSQjKpD9kCk18pPfNKXG9/jvjA9iSnyu0/VU+I22mlaHFoI6 +M6taIgj3grrqLuBHmrS1RaMFO9ncLkVAO+rcf+g769HsJtg1pDDFOqxXnrN2pSB7+R5KBWIBpih1 +YJeSDW4+TTdDDZIVnBgizVGZoCkaPF+KMjNbMMeJL0eYD6MDxvbxrN8y8NmBGuScvfaAFPDRLLmF +9dijscilIeUcE5fuDr3fKanvNFNb0+RqE4QGtjICxFKuItLcsiFCGtpA8CnJ7AoMXOLQusxI0zcK +zBIKinmwPQN/aUv0NCB9szTqjktk9T79syNnFQ0EuPAtwQlRPLJsFfClI9eDdOTlLsn+mCdCxqvG +nrDQWzilm1DefhiYtUU79nm06PcaewaD+9CL2rvHvRirCG88gGtAPxkZumWK5r7VXNM21+9AUiRg +OGcEMeyP84LG3rlV8zsxkVrctQgVrXYlCg17LofiDKYGvCYQbTed7N14jHyAxfDZd0jQ +-----END CERTIFICATE----- + +Global Chambersign Root - 2008 +============================== +-----BEGIN CERTIFICATE----- +MIIHSTCCBTGgAwIBAgIJAMnN0+nVfSPOMA0GCSqGSIb3DQEBBQUAMIGsMQswCQYDVQQGEwJFVTFD +MEEGA1UEBxM6TWFkcmlkIChzZWUgY3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNv +bS9hZGRyZXNzKTESMBAGA1UEBRMJQTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMu +QS4xJzAlBgNVBAMTHkdsb2JhbCBDaGFtYmVyc2lnbiBSb290IC0gMjAwODAeFw0wODA4MDExMjMx +NDBaFw0zODA3MzExMjMxNDBaMIGsMQswCQYDVQQGEwJFVTFDMEEGA1UEBxM6TWFkcmlkIChzZWUg +Y3VycmVudCBhZGRyZXNzIGF0IHd3dy5jYW1lcmZpcm1hLmNvbS9hZGRyZXNzKTESMBAGA1UEBRMJ +QTgyNzQzMjg3MRswGQYDVQQKExJBQyBDYW1lcmZpcm1hIFMuQS4xJzAlBgNVBAMTHkdsb2JhbCBD +aGFtYmVyc2lnbiBSb290IC0gMjAwODCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMDf +VtPkOpt2RbQT2//BthmLN0EYlVJH6xedKYiONWwGMi5HYvNJBL99RDaxccy9Wglz1dmFRP+RVyXf +XjaOcNFccUMd2drvXNL7G706tcuto8xEpw2uIRU/uXpbknXYpBI4iRmKt4DS4jJvVpyR1ogQC7N0 +ZJJ0YPP2zxhPYLIj0Mc7zmFLmY/CDNBAspjcDahOo7kKrmCgrUVSY7pmvWjg+b4aqIG7HkF4ddPB +/gBVsIdU6CeQNR1MM62X/JcumIS/LMmjv9GYERTtY/jKmIhYF5ntRQOXfjyGHoiMvvKRhI9lNNgA +TH23MRdaKXoKGCQwoze1eqkBfSbW+Q6OWfH9GzO1KTsXO0G2Id3UwD2ln58fQ1DJu7xsepeY7s2M +H/ucUa6LcL0nn3HAa6x9kGbo1106DbDVwo3VyJ2dwW3Q0L9R5OP4wzg2rtandeavhENdk5IMagfe +Ox2YItaswTXbo6Al/3K1dh3ebeksZixShNBFks4c5eUzHdwHU1SjqoI7mjcv3N2gZOnm3b2u/GSF +HTynyQbehP9r6GsaPMWis0L7iwk+XwhSx2LE1AVxv8Rk5Pihg+g+EpuoHtQ2TS9x9o0o9oOpE9Jh +wZG7SMA0j0GMS0zbaRL/UJScIINZc+18ofLx/d33SdNDWKBWY8o9PeU1VlnpDsogzCtLkykPAgMB +AAGjggFqMIIBZjASBgNVHRMBAf8ECDAGAQH/AgEMMB0GA1UdDgQWBBS5CcqcHtvTbDprru1U8VuT +BjUuXjCB4QYDVR0jBIHZMIHWgBS5CcqcHtvTbDprru1U8VuTBjUuXqGBsqSBrzCBrDELMAkGA1UE +BhMCRVUxQzBBBgNVBAcTOk1hZHJpZCAoc2VlIGN1cnJlbnQgYWRkcmVzcyBhdCB3d3cuY2FtZXJm +aXJtYS5jb20vYWRkcmVzcykxEjAQBgNVBAUTCUE4Mjc0MzI4NzEbMBkGA1UEChMSQUMgQ2FtZXJm +aXJtYSBTLkEuMScwJQYDVQQDEx5HbG9iYWwgQ2hhbWJlcnNpZ24gUm9vdCAtIDIwMDiCCQDJzdPp +1X0jzjAOBgNVHQ8BAf8EBAMCAQYwPQYDVR0gBDYwNDAyBgRVHSAAMCowKAYIKwYBBQUHAgEWHGh0 +dHA6Ly9wb2xpY3kuY2FtZXJmaXJtYS5jb20wDQYJKoZIhvcNAQEFBQADggIBAICIf3DekijZBZRG +/5BXqfEv3xoNa/p8DhxJJHkn2EaqbylZUohwEurdPfWbU1Rv4WCiqAm57OtZfMY18dwY6fFn5a+6 +ReAJ3spED8IXDneRRXozX1+WLGiLwUePmJs9wOzL9dWCkoQ10b42OFZyMVtHLaoXpGNR6woBrX/s +dZ7LoR/xfxKxueRkf2fWIyr0uDldmOghp+G9PUIadJpwr2hsUF1Jz//7Dl3mLEfXgTpZALVza2Mg +9jFFCDkO9HB+QHBaP9BrQql0PSgvAm11cpUJjUhjxsYjV5KTXjXBjfkK9yydYhz2rXzdpjEetrHH +foUm+qRqtdpjMNHvkzeyZi99Bffnt0uYlDXA2TopwZ2yUDMdSqlapskD7+3056huirRXhOukP9Du +qqqHW2Pok+JrqNS4cnhrG+055F3Lm6qH1U9OAP7Zap88MQ8oAgF9mOinsKJknnn4SPIVqczmyETr +P3iZ8ntxPjzxmKfFGBI/5rsoM0LpRQp8bfKGeS/Fghl9CYl8slR2iK7ewfPM4W7bMdaTrpmg7yVq +c5iJWzouE4gev8CSlDQb4ye3ix5vQv/n6TebUB0tovkC7stYWDpxvGjjqsGvHCgfotwjZT+B6q6Z +09gwzxMNTxXJhLynSC34MCN32EZLeW32jO06f2ARePTpm67VVMB0gNELQp/B +-----END CERTIFICATE----- + +Go Daddy Root Certificate Authority - G2 +======================================== +-----BEGIN CERTIFICATE----- +MIIDxTCCAq2gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBgzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT +B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAYBgNVBAoTEUdvRGFkZHkuY29tLCBJbmMu +MTEwLwYDVQQDEyhHbyBEYWRkeSBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTA5 +MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgYMxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6 +b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjExMC8G +A1UEAxMoR28gRGFkZHkgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAL9xYgjx+lk09xvJGKP3gElY6SKDE6bFIEMBO4Tx5oVJnyfq +9oQbTqC023CYxzIBsQU+B07u9PpPL1kwIuerGVZr4oAH/PMWdYA5UXvl+TW2dE6pjYIT5LY/qQOD ++qK+ihVqf94Lw7YZFAXK6sOoBJQ7RnwyDfMAZiLIjWltNowRGLfTshxgtDj6AozO091GB94KPutd +fMh8+7ArU6SSYmlRJQVhGkSBjCypQ5Yj36w6gZoOKcUcqeldHraenjAKOc7xiID7S13MMuyFYkMl +NAJWJwGRtDtwKj9useiciAF9n9T521NtYJ2/LOdYq7hfRvzOxBsDPAnrSTFcaUaz4EcCAwEAAaNC +MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFDqahQcQZyi27/a9 +BUFuIMGU2g/eMA0GCSqGSIb3DQEBCwUAA4IBAQCZ21151fmXWWcDYfF+OwYxdS2hII5PZYe096ac +vNjpL9DbWu7PdIxztDhC2gV7+AJ1uP2lsdeu9tfeE8tTEH6KRtGX+rcuKxGrkLAngPnon1rpN5+r +5N9ss4UXnT3ZJE95kTXWXwTrgIOrmgIttRD02JDHBHNA7XIloKmf7J6raBKZV8aPEjoJpL1E/QYV +N8Gb5DKj7Tjo2GTzLH4U/ALqn83/B2gX2yKQOC16jdFU8WnjXzPKej17CuPKf1855eJ1usV2GDPO +LPAvTK33sefOT6jEm0pUBsV/fdUID+Ic/n4XuKxe9tQWskMJDE32p2u0mYRlynqI4uJEvlz36hz1 +-----END CERTIFICATE----- + +Starfield Root Certificate Authority - G2 +========================================= +-----BEGIN CERTIFICATE----- +MIID3TCCAsWgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCVVMxEDAOBgNVBAgT +B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9s +b2dpZXMsIEluYy4xMjAwBgNVBAMTKVN0YXJmaWVsZCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0 +eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgY8xCzAJBgNVBAYTAlVTMRAw +DgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxTdGFyZmllbGQg +VGVjaG5vbG9naWVzLCBJbmMuMTIwMAYDVQQDEylTdGFyZmllbGQgUm9vdCBDZXJ0aWZpY2F0ZSBB +dXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL3twQP89o/8ArFv +W59I2Z154qK3A2FWGMNHttfKPTUuiUP3oWmb3ooa/RMgnLRJdzIpVv257IzdIvpy3Cdhl+72WoTs +bhm5iSzchFvVdPtrX8WJpRBSiUZV9Lh1HOZ/5FSuS/hVclcCGfgXcVnrHigHdMWdSL5stPSksPNk +N3mSwOxGXn/hbVNMYq/NHwtjuzqd+/x5AJhhdM8mgkBj87JyahkNmcrUDnXMN/uLicFZ8WJ/X7Nf +ZTD4p7dNdloedl40wOiWVpmKs/B/pM293DIxfJHP4F8R+GuqSVzRmZTRouNjWwl2tVZi4Ut0HZbU +JtQIBFnQmA4O5t78w+wfkPECAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC +AQYwHQYDVR0OBBYEFHwMMh+n2TB/xH1oo2Kooc6rB1snMA0GCSqGSIb3DQEBCwUAA4IBAQARWfol +TwNvlJk7mh+ChTnUdgWUXuEok21iXQnCoKjUsHU48TRqneSfioYmUeYs0cYtbpUgSpIB7LiKZ3sx +4mcujJUDJi5DnUox9g61DLu34jd/IroAow57UvtruzvE03lRTs2Q9GcHGcg8RnoNAX3FWOdt5oUw +F5okxBDgBPfg8n/Uqgr/Qh037ZTlZFkSIHc40zI+OIF1lnP6aI+xy84fxez6nH7PfrHxBy22/L/K +pL/QlwVKvOoYKAKQvVR4CSFx09F9HdkWsKlhPdAKACL8x3vLCWRFCztAgfd9fDL1mMpYjn0q7pBZ +c2T5NnReJaH1ZgUufzkVqSr7UIuOhWn0 +-----END CERTIFICATE----- + +Starfield Services Root Certificate Authority - G2 +================================================== +-----BEGIN CERTIFICATE----- +MIID7zCCAtegAwIBAgIBADANBgkqhkiG9w0BAQsFADCBmDELMAkGA1UEBhMCVVMxEDAOBgNVBAgT +B0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxJTAjBgNVBAoTHFN0YXJmaWVsZCBUZWNobm9s +b2dpZXMsIEluYy4xOzA5BgNVBAMTMlN0YXJmaWVsZCBTZXJ2aWNlcyBSb290IENlcnRpZmljYXRl +IEF1dGhvcml0eSAtIEcyMB4XDTA5MDkwMTAwMDAwMFoXDTM3MTIzMTIzNTk1OVowgZgxCzAJBgNV +BAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMSUwIwYDVQQKExxT +dGFyZmllbGQgVGVjaG5vbG9naWVzLCBJbmMuMTswOQYDVQQDEzJTdGFyZmllbGQgU2VydmljZXMg +Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgLSBHMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC +AQoCggEBANUMOsQq+U7i9b4Zl1+OiFOxHz/Lz58gE20pOsgPfTz3a3Y4Y9k2YKibXlwAgLIvWX/2 +h/klQ4bnaRtSmpDhcePYLQ1Ob/bISdm28xpWriu2dBTrz/sm4xq6HZYuajtYlIlHVv8loJNwU4Pa +hHQUw2eeBGg6345AWh1KTs9DkTvnVtYAcMtS7nt9rjrnvDH5RfbCYM8TWQIrgMw0R9+53pBlbQLP +LJGmpufehRhJfGZOozptqbXuNC66DQO4M99H67FrjSXZm86B0UVGMpZwh94CDklDhbZsc7tk6mFB +rMnUVN+HL8cisibMn1lUaJ/8viovxFUcdUBgF4UCVTmLfwUCAwEAAaNCMEAwDwYDVR0TAQH/BAUw +AwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFJxfAN+qAdcwKziIorhtSpzyEZGDMA0GCSqG +SIb3DQEBCwUAA4IBAQBLNqaEd2ndOxmfZyMIbw5hyf2E3F/YNoHN2BtBLZ9g3ccaaNnRbobhiCPP +E95Dz+I0swSdHynVv/heyNXBve6SbzJ08pGCL72CQnqtKrcgfU28elUSwhXqvfdqlS5sdJ/PHLTy +xQGjhdByPq1zqwubdQxtRbeOlKyWN7Wg0I8VRw7j6IPdj/3vQQF3zCepYoUz8jcI73HPdwbeyBkd +iEDPfUYd/x7H4c7/I9vG+o1VTqkC50cRRj70/b17KSa7qWFiNyi2LSr2EIZkyXCn0q23KXB56jza +YyWf/Wi3MOxw+3WKt21gZ7IeyLnp2KhvAotnDU0mV3HaIPzBSlCNsSi6 +-----END CERTIFICATE----- + +AffirmTrust Commercial +====================== +-----BEGIN CERTIFICATE----- +MIIDTDCCAjSgAwIBAgIId3cGJyapsXwwDQYJKoZIhvcNAQELBQAwRDELMAkGA1UEBhMCVVMxFDAS +BgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBDb21tZXJjaWFsMB4XDTEw +MDEyOTE0MDYwNloXDTMwMTIzMTE0MDYwNlowRDELMAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmly +bVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBDb21tZXJjaWFsMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEA9htPZwcroRX1BiLLHwGy43NFBkRJLLtJJRTWzsO3qyxPxkEylFf6Eqdb +DuKPHx6GGaeqtS25Xw2Kwq+FNXkyLbscYjfysVtKPcrNcV/pQr6U6Mje+SJIZMblq8Yrba0F8PrV +C8+a5fBQpIs7R6UjW3p6+DM/uO+Zl+MgwdYoic+U+7lF7eNAFxHUdPALMeIrJmqbTFeurCA+ukV6 +BfO9m2kVrn1OIGPENXY6BwLJN/3HR+7o8XYdcxXyl6S1yHp52UKqK39c/s4mT6NmgTWvRLpUHhww +MmWd5jyTXlBOeuM61G7MGvv50jeuJCqrVwMiKA1JdX+3KNp1v47j3A55MQIDAQABo0IwQDAdBgNV +HQ4EFgQUnZPGU4teyq8/nx4P5ZmVvCT2lI8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC +AQYwDQYJKoZIhvcNAQELBQADggEBAFis9AQOzcAN/wr91LoWXym9e2iZWEnStB03TX8nfUYGXUPG +hi4+c7ImfU+TqbbEKpqrIZcUsd6M06uJFdhrJNTxFq7YpFzUf1GO7RgBsZNjvbz4YYCanrHOQnDi +qX0GJX0nof5v7LMeJNrjS1UaADs1tDvZ110w/YETifLCBivtZ8SOyUOyXGsViQK8YvxO8rUzqrJv +0wqiUOP2O+guRMLbZjipM1ZI8W0bM40NjD9gN53Tym1+NH4Nn3J2ixufcv1SNUFFApYvHLKac0kh +sUlHRUe072o0EclNmsxZt9YCnlpOZbWUrhvfKbAW8b8Angc6F2S1BLUjIZkKlTuXfO8= +-----END CERTIFICATE----- + +AffirmTrust Networking +====================== +-----BEGIN CERTIFICATE----- +MIIDTDCCAjSgAwIBAgIIfE8EORzUmS0wDQYJKoZIhvcNAQEFBQAwRDELMAkGA1UEBhMCVVMxFDAS +BgNVBAoMC0FmZmlybVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBOZXR3b3JraW5nMB4XDTEw +MDEyOTE0MDgyNFoXDTMwMTIzMTE0MDgyNFowRDELMAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmly +bVRydXN0MR8wHQYDVQQDDBZBZmZpcm1UcnVzdCBOZXR3b3JraW5nMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEAtITMMxcua5Rsa2FSoOujz3mUTOWUgJnLVWREZY9nZOIG41w3SfYvm4SE +Hi3yYJ0wTsyEheIszx6e/jarM3c1RNg1lho9Nuh6DtjVR6FqaYvZ/Ls6rnla1fTWcbuakCNrmreI +dIcMHl+5ni36q1Mr3Lt2PpNMCAiMHqIjHNRqrSK6mQEubWXLviRmVSRLQESxG9fhwoXA3hA/Pe24 +/PHxI1Pcv2WXb9n5QHGNfb2V1M6+oF4nI979ptAmDgAp6zxG8D1gvz9Q0twmQVGeFDdCBKNwV6gb +h+0t+nvujArjqWaJGctB+d1ENmHP4ndGyH329JKBNv3bNPFyfvMMFr20FQIDAQABo0IwQDAdBgNV +HQ4EFgQUBx/S55zawm6iQLSwelAQUHTEyL0wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC +AQYwDQYJKoZIhvcNAQEFBQADggEBAIlXshZ6qML91tmbmzTCnLQyFE2npN/svqe++EPbkTfOtDIu +UFUaNU52Q3Eg75N3ThVwLofDwR1t3Mu1J9QsVtFSUzpE0nPIxBsFZVpikpzuQY0x2+c06lkh1QF6 +12S4ZDnNye2v7UsDSKegmQGA3GWjNq5lWUhPgkvIZfFXHeVZLgo/bNjR9eUJtGxUAArgFU2HdW23 +WJZa3W3SAKD0m0i+wzekujbgfIeFlxoVot4uolu9rxj5kFDNcFn4J2dHy8egBzp90SxdbBk6ZrV9 +/ZFvgrG+CJPbFEfxojfHRZ48x3evZKiT3/Zpg4Jg8klCNO1aAFSFHBY2kgxc+qatv9s= +-----END CERTIFICATE----- + +AffirmTrust Premium +=================== +-----BEGIN CERTIFICATE----- +MIIFRjCCAy6gAwIBAgIIbYwURrGmCu4wDQYJKoZIhvcNAQEMBQAwQTELMAkGA1UEBhMCVVMxFDAS +BgNVBAoMC0FmZmlybVRydXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVzdCBQcmVtaXVtMB4XDTEwMDEy +OTE0MTAzNloXDTQwMTIzMTE0MTAzNlowQTELMAkGA1UEBhMCVVMxFDASBgNVBAoMC0FmZmlybVRy +dXN0MRwwGgYDVQQDDBNBZmZpcm1UcnVzdCBQcmVtaXVtMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A +MIICCgKCAgEAxBLfqV/+Qd3d9Z+K4/as4Tx4mrzY8H96oDMq3I0gW64tb+eT2TZwamjPjlGjhVtn +BKAQJG9dKILBl1fYSCkTtuG+kU3fhQxTGJoeJKJPj/CihQvL9Cl/0qRY7iZNyaqoe5rZ+jjeRFcV +5fiMyNlI4g0WJx0eyIOFJbe6qlVBzAMiSy2RjYvmia9mx+n/K+k8rNrSs8PhaJyJ+HoAVt70VZVs ++7pk3WKL3wt3MutizCaam7uqYoNMtAZ6MMgpv+0GTZe5HMQxK9VfvFMSF5yZVylmd2EhMQcuJUmd +GPLu8ytxjLW6OQdJd/zvLpKQBY0tL3d770O/Nbua2Plzpyzy0FfuKE4mX4+QaAkvuPjcBukumj5R +p9EixAqnOEhss/n/fauGV+O61oV4d7pD6kh/9ti+I20ev9E2bFhc8e6kGVQa9QPSdubhjL08s9NI +S+LI+H+SqHZGnEJlPqQewQcDWkYtuJfzt9WyVSHvutxMAJf7FJUnM7/oQ0dG0giZFmA7mn7S5u04 +6uwBHjxIVkkJx0w3AJ6IDsBz4W9m6XJHMD4Q5QsDyZpCAGzFlH5hxIrff4IaC1nEWTJ3s7xgaVY5 +/bQGeyzWZDbZvUjthB9+pSKPKrhC9IK31FOQeE4tGv2Bb0TXOwF0lkLgAOIua+rF7nKsu7/+6qqo ++Nz2snmKtmcCAwEAAaNCMEAwHQYDVR0OBBYEFJ3AZ6YMItkm9UWrpmVSESfYRaxjMA8GA1UdEwEB +/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBDAUAA4ICAQCzV00QYk465KzquByv +MiPIs0laUZx2KI15qldGF9X1Uva3ROgIRL8YhNILgM3FEv0AVQVhh0HctSSePMTYyPtwni94loMg +Nt58D2kTiKV1NpgIpsbfrM7jWNa3Pt668+s0QNiigfV4Py/VpfzZotReBA4Xrf5B8OWycvpEgjNC +6C1Y91aMYj+6QrCcDFx+LmUmXFNPALJ4fqENmS2NuB2OosSw/WDQMKSOyARiqcTtNd56l+0OOF6S +L5Nwpamcb6d9Ex1+xghIsV5n61EIJenmJWtSKZGc0jlzCFfemQa0W50QBuHCAKi4HEoCChTQwUHK ++4w1IX2COPKpVJEZNZOUbWo6xbLQu4mGk+ibyQ86p3q4ofB4Rvr8Ny/lioTz3/4E2aFooC8k4gmV +BtWVyuEklut89pMFu+1z6S3RdTnX5yTb2E5fQ4+e0BQ5v1VwSJlXMbSc7kqYA5YwH2AG7hsj/oFg +IxpHYoWlzBk0gG+zrBrjn/B7SK3VAdlntqlyk+otZrWyuOQ9PLLvTIzq6we/qzWaVYa8GKa1qF60 +g2xraUDTn9zxw2lrueFtCfTxqlB2Cnp9ehehVZZCmTEJ3WARjQUwfuaORtGdFNrHF+QFlozEJLUb +zxQHskD4o55BhrwE0GuWyCqANP2/7waj3VjFhT0+j/6eKeC2uAloGRwYQw== +-----END CERTIFICATE----- + +AffirmTrust Premium ECC +======================= +-----BEGIN CERTIFICATE----- +MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMCVVMxFDASBgNV +BAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQcmVtaXVtIEVDQzAeFw0xMDAx +MjkxNDIwMjRaFw00MDEyMzExNDIwMjRaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1U +cnVzdDEgMB4GA1UEAwwXQWZmaXJtVHJ1c3QgUHJlbWl1bSBFQ0MwdjAQBgcqhkjOPQIBBgUrgQQA +IgNiAAQNMF4bFZ0D0KF5Nbc6PJJ6yhUczWLznCZcBz3lVPqj1swS6vQUX+iOGasvLkjmrBhDeKzQ +N8O9ss0s5kfiGuZjuD0uL3jET9v0D6RoTFVya5UdThhClXjMNzyR4ptlKymjQjBAMB0GA1UdDgQW +BBSaryl6wBE1NSZRMADDav5A1a7WPDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAK +BggqhkjOPQQDAwNnADBkAjAXCfOHiFBar8jAQr9HX/VsaobgxCd05DhT1wV/GzTjxi+zygk8N53X +57hG8f2h4nECMEJZh0PUUd+60wkyWs6Iflc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKM +eQ== +-----END CERTIFICATE----- + +Certum Trusted Network CA +========================= +-----BEGIN CERTIFICATE----- +MIIDuzCCAqOgAwIBAgIDBETAMA0GCSqGSIb3DQEBBQUAMH4xCzAJBgNVBAYTAlBMMSIwIAYDVQQK +ExlVbml6ZXRvIFRlY2hub2xvZ2llcyBTLkEuMScwJQYDVQQLEx5DZXJ0dW0gQ2VydGlmaWNhdGlv +biBBdXRob3JpdHkxIjAgBgNVBAMTGUNlcnR1bSBUcnVzdGVkIE5ldHdvcmsgQ0EwHhcNMDgxMDIy +MTIwNzM3WhcNMjkxMjMxMTIwNzM3WjB+MQswCQYDVQQGEwJQTDEiMCAGA1UEChMZVW5pemV0byBU +ZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5 +MSIwIAYDVQQDExlDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENBMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEA4/t9o3K6wvDJFIf1awFO4W5AB7ptJ11/91sts1rHUV+rpDKmYYe2bg+G0jAC +l/jXaVehGDldamR5xgFZrDwxSjh80gTSSyjoIF87B6LMTXPb865Px1bVWqeWifrzq2jUI4ZZJ88J +J7ysbnKDHDBy3+Ci6dLhdHUZvSqeexVUBBvXQzmtVSjF4hq79MDkrjhJM8x2hZ85RdKknvISjFH4 +fOQtf/WsX+sWn7Et0brMkUJ3TCXJkDhv2/DM+44el1k+1WBO5gUo7Ul5E0u6SNsv+XLTOcr+H9g0 +cvW0QM8xAcPs3hEtF10fuFDRXhmnad4HMyjKUJX5p1TLVIZQRan5SQIDAQABo0IwQDAPBgNVHRMB +Af8EBTADAQH/MB0GA1UdDgQWBBQIds3LB/8k9sXN7buQvOKEN0Z19zAOBgNVHQ8BAf8EBAMCAQYw +DQYJKoZIhvcNAQEFBQADggEBAKaorSLOAT2mo/9i0Eidi15ysHhE49wcrwn9I0j6vSrEuVUEtRCj +jSfeC4Jj0O7eDDd5QVsisrCaQVymcODU0HfLI9MA4GxWL+FpDQ3Zqr8hgVDZBqWo/5U30Kr+4rP1 +mS1FhIrlQgnXdAIv94nYmem8J9RHjboNRhx3zxSkHLmkMcScKHQDNP8zGSal6Q10tz6XxnboJ5aj +Zt3hrvJBW8qYVoNzcOSGGtIxQbovvi0TWnZvTuhOgQ4/WwMioBK+ZlgRSssDxLQqKi2WF+A5VLxI +03YnnZotBqbJ7DnSq9ufmgsnAjUpsUCV5/nonFWIGUbWtzT1fs45mtk48VH3Tyw= +-----END CERTIFICATE----- + +Certinomis - Autorité Racine +============================ +-----BEGIN CERTIFICATE----- +MIIFnDCCA4SgAwIBAgIBATANBgkqhkiG9w0BAQUFADBjMQswCQYDVQQGEwJGUjETMBEGA1UEChMK +Q2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxJjAkBgNVBAMMHUNlcnRpbm9taXMg +LSBBdXRvcml0w6kgUmFjaW5lMB4XDTA4MDkxNzA4Mjg1OVoXDTI4MDkxNzA4Mjg1OVowYzELMAkG +A1UEBhMCRlIxEzARBgNVBAoTCkNlcnRpbm9taXMxFzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMSYw +JAYDVQQDDB1DZXJ0aW5vbWlzIC0gQXV0b3JpdMOpIFJhY2luZTCCAiIwDQYJKoZIhvcNAQEBBQAD +ggIPADCCAgoCggIBAJ2Fn4bT46/HsmtuM+Cet0I0VZ35gb5j2CN2DpdUzZlMGvE5x4jYF1AMnmHa +wE5V3udauHpOd4cN5bjr+p5eex7Ezyh0x5P1FMYiKAT5kcOrJ3NqDi5N8y4oH3DfVS9O7cdxbwly +Lu3VMpfQ8Vh30WC8Tl7bmoT2R2FFK/ZQpn9qcSdIhDWerP5pqZ56XjUl+rSnSTV3lqc2W+HN3yNw +2F1MpQiD8aYkOBOo7C+ooWfHpi2GR+6K/OybDnT0K0kCe5B1jPyZOQE51kqJ5Z52qz6WKDgmi92N +jMD2AR5vpTESOH2VwnHu7XSu5DaiQ3XV8QCb4uTXzEIDS3h65X27uK4uIJPT5GHfceF2Z5c/tt9q +c1pkIuVC28+BA5PY9OMQ4HL2AHCs8MF6DwV/zzRpRbWT5BnbUhYjBYkOjUjkJW+zeL9i9Qf6lSTC +lrLooyPCXQP8w9PlfMl1I9f09bze5N/NgL+RiH2nE7Q5uiy6vdFrzPOlKO1Enn1So2+WLhl+HPNb +xxaOu2B9d2ZHVIIAEWBsMsGoOBvrbpgT1u449fCfDu/+MYHB0iSVL1N6aaLwD4ZFjliCK0wi1F6g +530mJ0jfJUaNSih8hp75mxpZuWW/Bd22Ql095gBIgl4g9xGC3srYn+Y3RyYe63j3YcNBZFgCQfna +4NH4+ej9Uji29YnfAgMBAAGjWzBZMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G +A1UdDgQWBBQNjLZh2kS40RR9w759XkjwzspqsDAXBgNVHSAEEDAOMAwGCiqBegFWAgIAAQEwDQYJ +KoZIhvcNAQEFBQADggIBACQ+YAZ+He86PtvqrxyaLAEL9MW12Ukx9F1BjYkMTv9sov3/4gbIOZ/x +WqndIlgVqIrTseYyCYIDbNc/CMf4uboAbbnW/FIyXaR/pDGUu7ZMOH8oMDX/nyNTt7buFHAAQCva +R6s0fl6nVjBhK4tDrP22iCj1a7Y+YEq6QpA0Z43q619FVDsXrIvkxmUP7tCMXWY5zjKn2BCXwH40 +nJ+U8/aGH88bc62UeYdocMMzpXDn2NU4lG9jeeu/Cg4I58UvD0KgKxRA/yHgBcUn4YQRE7rWhh1B +CxMjidPJC+iKunqjo3M3NYB9Ergzd0A4wPpeMNLytqOx1qKVl4GbUu1pTP+A5FPbVFsDbVRfsbjv +JL1vnxHDx2TCDyhihWZeGnuyt++uNckZM6i4J9szVb9o4XVIRFb7zdNIu0eJOqxp9YDG5ERQL1TE +qkPFMTFYvZbF6nVsmnWxTfj3l/+WFvKXTej28xH5On2KOG4Ey+HTRRWqpdEdnV1j6CTmNhTih60b +WfVEm/vXd3wfAXBioSAaosUaKPQhA+4u2cGA6rnZgtZbdsLLO7XSAPCjDuGtbkD326C00EauFddE +wk01+dIL8hf2rGbVJLJP0RyZwG71fet0BLj5TXcJ17TPBzAJ8bgAVtkXFhYKK4bfjwEZGuW7gmP/ +vgt2Fl43N+bYdJeimUV5 +-----END CERTIFICATE----- + +TWCA Root Certification Authority +================================= +-----BEGIN CERTIFICATE----- +MIIDezCCAmOgAwIBAgIBATANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQGEwJUVzESMBAGA1UECgwJ +VEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NBIFJvb3QgQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkwHhcNMDgwODI4MDcyNDMzWhcNMzAxMjMxMTU1OTU5WjBfMQswCQYDVQQG +EwJUVzESMBAGA1UECgwJVEFJV0FOLUNBMRAwDgYDVQQLDAdSb290IENBMSowKAYDVQQDDCFUV0NB +IFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK +AoIBAQCwfnK4pAOU5qfeCTiRShFAh6d8WWQUe7UREN3+v9XAu1bihSX0NXIP+FPQQeFEAcK0HMMx +QhZHhTMidrIKbw/lJVBPhYa+v5guEGcevhEFhgWQxFnQfHgQsIBct+HHK3XLfJ+utdGdIzdjp9xC +oi2SBBtQwXu4PhvJVgSLL1KbralW6cH/ralYhzC2gfeXRfwZVzsrb+RH9JlF/h3x+JejiB03HFyP +4HYlmlD4oFT/RJB2I9IyxsOrBr/8+7/zrX2SYgJbKdM1o5OaQ2RgXbL6Mv87BK9NQGr5x+PvI/1r +y+UPizgN7gr8/g+YnzAx3WxSZfmLgb4i4RxYA7qRG4kHAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIB +BjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqOFsmjd6LWvJPelSDGRjjCDWmujANBgkqhkiG +9w0BAQUFAAOCAQEAPNV3PdrfibqHDAhUaiBQkr6wQT25JmSDCi/oQMCXKCeCMErJk/9q56YAf4lC +mtYR5VPOL8zy2gXE/uJQxDqGfczafhAJO5I1KlOy/usrBdlsXebQ79NqZp4VKIV66IIArB6nCWlW +QtNoURi+VJq/REG6Sb4gumlc7rh3zc5sH62Dlhh9DrUUOYTxKOkto557HnpyWoOzeW/vtPzQCqVY +T0bf+215WfKEIlKuD8z7fDvnaspHYcN6+NOSBB+4IIThNlQWx0DeO4pz3N/GCUzf7Nr/1FNCocny +Yh0igzyXxfkZYiesZSLX0zzG5Y6yU8xJzrww/nsOM5D77dIUkR8Hrw== +-----END CERTIFICATE----- + +Security Communication RootCA2 +============================== +-----BEGIN CERTIFICATE----- +MIIDdzCCAl+gAwIBAgIBADANBgkqhkiG9w0BAQsFADBdMQswCQYDVQQGEwJKUDElMCMGA1UEChMc +U0VDT00gVHJ1c3QgU3lzdGVtcyBDTy4sTFRELjEnMCUGA1UECxMeU2VjdXJpdHkgQ29tbXVuaWNh +dGlvbiBSb290Q0EyMB4XDTA5MDUyOTA1MDAzOVoXDTI5MDUyOTA1MDAzOVowXTELMAkGA1UEBhMC +SlAxJTAjBgNVBAoTHFNFQ09NIFRydXN0IFN5c3RlbXMgQ08uLExURC4xJzAlBgNVBAsTHlNlY3Vy +aXR5IENvbW11bmljYXRpb24gUm9vdENBMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +ANAVOVKxUrO6xVmCxF1SrjpDZYBLx/KWvNs2l9amZIyoXvDjChz335c9S672XewhtUGrzbl+dp++ ++T42NKA7wfYxEUV0kz1XgMX5iZnK5atq1LXaQZAQwdbWQonCv/Q4EpVMVAX3NuRFg3sUZdbcDE3R +3n4MqzvEFb46VqZab3ZpUql6ucjrappdUtAtCms1FgkQhNBqyjoGADdH5H5XTz+L62e4iKrFvlNV +spHEfbmwhRkGeC7bYRr6hfVKkaHnFtWOojnflLhwHyg/i/xAXmODPIMqGplrz95Zajv8bxbXH/1K +EOtOghY6rCcMU/Gt1SSwawNQwS08Ft1ENCcadfsCAwEAAaNCMEAwHQYDVR0OBBYEFAqFqXdlBZh8 +QIH4D5csOPEK7DzPMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEB +CwUAA4IBAQBMOqNErLlFsceTfsgLCkLfZOoc7llsCLqJX2rKSpWeeo8HxdpFcoJxDjrSzG+ntKEj +u/Ykn8sX/oymzsLS28yN/HH8AynBbF0zX2S2ZTuJbxh2ePXcokgfGT+Ok+vx+hfuzU7jBBJV1uXk +3fs+BXziHV7Gp7yXT2g69ekuCkO2r1dcYmh8t/2jioSgrGK+KwmHNPBqAbubKVY8/gA3zyNs8U6q +tnRGEmyR7jTV7JqR50S+kDFy1UkC9gLl9B/rfNmWVan/7Ir5mUf/NVoCqgTLiluHcSmRvaS0eg29 +mvVXIwAHIRc/SjnRBUkLp7Y3gaVdjKozXoEofKd9J+sAro03 +-----END CERTIFICATE----- + +EC-ACC +====== +-----BEGIN CERTIFICATE----- +MIIFVjCCBD6gAwIBAgIQ7is969Qh3hSoYqwE893EATANBgkqhkiG9w0BAQUFADCB8zELMAkGA1UE +BhMCRVMxOzA5BgNVBAoTMkFnZW5jaWEgQ2F0YWxhbmEgZGUgQ2VydGlmaWNhY2lvIChOSUYgUS0w +ODAxMTc2LUkpMSgwJgYDVQQLEx9TZXJ2ZWlzIFB1YmxpY3MgZGUgQ2VydGlmaWNhY2lvMTUwMwYD +VQQLEyxWZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5ldC92ZXJhcnJlbCAoYykwMzE1MDMGA1UE +CxMsSmVyYXJxdWlhIEVudGl0YXRzIGRlIENlcnRpZmljYWNpbyBDYXRhbGFuZXMxDzANBgNVBAMT +BkVDLUFDQzAeFw0wMzAxMDcyMzAwMDBaFw0zMTAxMDcyMjU5NTlaMIHzMQswCQYDVQQGEwJFUzE7 +MDkGA1UEChMyQWdlbmNpYSBDYXRhbGFuYSBkZSBDZXJ0aWZpY2FjaW8gKE5JRiBRLTA4MDExNzYt +SSkxKDAmBgNVBAsTH1NlcnZlaXMgUHVibGljcyBkZSBDZXJ0aWZpY2FjaW8xNTAzBgNVBAsTLFZl +Z2V1IGh0dHBzOi8vd3d3LmNhdGNlcnQubmV0L3ZlcmFycmVsIChjKTAzMTUwMwYDVQQLEyxKZXJh +cnF1aWEgRW50aXRhdHMgZGUgQ2VydGlmaWNhY2lvIENhdGFsYW5lczEPMA0GA1UEAxMGRUMtQUND +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyLHT+KXQpWIR4NA9h0X84NzJB5R85iK +w5K4/0CQBXCHYMkAqbWUZRkiFRfCQ2xmRJoNBD45b6VLeqpjt4pEndljkYRm4CgPukLjbo73FCeT +ae6RDqNfDrHrZqJyTxIThmV6PttPB/SnCWDaOkKZx7J/sxaVHMf5NLWUhdWZXqBIoH7nF2W4onW4 +HvPlQn2v7fOKSGRdghST2MDk/7NQcvJ29rNdQlB50JQ+awwAvthrDk4q7D7SzIKiGGUzE3eeml0a +E9jD2z3Il3rucO2n5nzbcc8tlGLfbdb1OL4/pYUKGbio2Al1QnDE6u/LDsg0qBIimAy4E5S2S+zw +0JDnJwIDAQABo4HjMIHgMB0GA1UdEQQWMBSBEmVjX2FjY0BjYXRjZXJ0Lm5ldDAPBgNVHRMBAf8E +BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUoMOLRKo3pUW/l4Ba0fF4opvpXY0wfwYD +VR0gBHgwdjB0BgsrBgEEAfV4AQMBCjBlMCwGCCsGAQUFBwIBFiBodHRwczovL3d3dy5jYXRjZXJ0 +Lm5ldC92ZXJhcnJlbDA1BggrBgEFBQcCAjApGidWZWdldSBodHRwczovL3d3dy5jYXRjZXJ0Lm5l +dC92ZXJhcnJlbCAwDQYJKoZIhvcNAQEFBQADggEBAKBIW4IB9k1IuDlVNZyAelOZ1Vr/sXE7zDkJ +lF7W2u++AVtd0x7Y/X1PzaBB4DSTv8vihpw3kpBWHNzrKQXlxJ7HNd+KDM3FIUPpqojlNcAZQmNa +Al6kSBg6hW/cnbw/nZzBh7h6YQjpdwt/cKt63dmXLGQehb+8dJahw3oS7AwaboMMPOhyRp/7SNVe +l+axofjk70YllJyJ22k4vuxcDlbHZVHlUIiIv0LVKz3l+bqeLrPK9HOSAgu+TGbrIP65y7WZf+a2 +E/rKS03Z7lNGBjvGTq2TWoF+bCpLagVFjPIhpDGQh2xlnJ2lYJU6Un/10asIbvPuW/mIPX64b24D +5EI= +-----END CERTIFICATE----- + +Hellenic Academic and Research Institutions RootCA 2011 +======================================================= +-----BEGIN CERTIFICATE----- +MIIEMTCCAxmgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBlTELMAkGA1UEBhMCR1IxRDBCBgNVBAoT +O0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9y +aXR5MUAwPgYDVQQDEzdIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25z +IFJvb3RDQSAyMDExMB4XDTExMTIwNjEzNDk1MloXDTMxMTIwMTEzNDk1MlowgZUxCzAJBgNVBAYT +AkdSMUQwQgYDVQQKEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25z +IENlcnQuIEF1dGhvcml0eTFAMD4GA1UEAxM3SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNo +IEluc3RpdHV0aW9ucyBSb290Q0EgMjAxMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +AKlTAOMupvaO+mDYLZU++CwqVE7NuYRhlFhPjz2L5EPzdYmNUeTDN9KKiE15HrcS3UN4SoqS5tdI +1Q+kOilENbgH9mgdVc04UfCMJDGFr4PJfel3r+0ae50X+bOdOFAPplp5kYCvN66m0zH7tSYJnTxa +71HFK9+WXesyHgLacEnsbgzImjeN9/E2YEsmLIKe0HjzDQ9jpFEw4fkrJxIH2Oq9GGKYsFk3fb7u +8yBRQlqD75O6aRXxYp2fmTmCobd0LovUxQt7L/DICto9eQqakxylKHJzkUOap9FNhYS5qXSPFEDH +3N6sQWRstBmbAmNtJGSPRLIl6s5ddAxjMlyNh+UCAwEAAaOBiTCBhjAPBgNVHRMBAf8EBTADAQH/ +MAsGA1UdDwQEAwIBBjAdBgNVHQ4EFgQUppFC/RNhSiOeCKQp5dgTBCPuQSUwRwYDVR0eBEAwPqA8 +MAWCAy5ncjAFggMuZXUwBoIELmVkdTAGggQub3JnMAWBAy5ncjAFgQMuZXUwBoEELmVkdTAGgQQu +b3JnMA0GCSqGSIb3DQEBBQUAA4IBAQAf73lB4XtuP7KMhjdCSk4cNx6NZrokgclPEg8hwAOXhiVt +XdMiKahsog2p6z0GW5k6x8zDmjR/qw7IThzh+uTczQ2+vyT+bOdrwg3IBp5OjWEopmr95fZi6hg8 +TqBTnbI6nOulnJEWtk2C4AwFSKls9cz4y51JtPACpf1wA+2KIaWuE4ZJwzNzvoc7dIsXRSZMFpGD +/md9zU1jZ/rzAxKWeAaNsWftjj++n08C9bMJL/NMh98qy5V8AcysNnq/onN694/BtZqhFLKPM58N +7yLcZnuEvUUXBj08yrl3NI/K6s8/MT7jiOOASSXIl7WdmplNsDz4SgCbZN2fOUvRJ9e4 +-----END CERTIFICATE----- + +Actalis Authentication Root CA +============================== +-----BEGIN CERTIFICATE----- +MIIFuzCCA6OgAwIBAgIIVwoRl0LE48wwDQYJKoZIhvcNAQELBQAwazELMAkGA1UEBhMCSVQxDjAM +BgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlzIFMucC5BLi8wMzM1ODUyMDk2NzEnMCUGA1UE +AwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290IENBMB4XDTExMDkyMjExMjIwMloXDTMwMDky +MjExMjIwMlowazELMAkGA1UEBhMCSVQxDjAMBgNVBAcMBU1pbGFuMSMwIQYDVQQKDBpBY3RhbGlz +IFMucC5BLi8wMzM1ODUyMDk2NzEnMCUGA1UEAwweQWN0YWxpcyBBdXRoZW50aWNhdGlvbiBSb290 +IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAp8bEpSmkLO/lGMWwUKNvUTufClrJ +wkg4CsIcoBh/kbWHuUA/3R1oHwiD1S0eiKD4j1aPbZkCkpAW1V8IbInX4ay8IMKx4INRimlNAJZa +by/ARH6jDuSRzVju3PvHHkVH3Se5CAGfpiEd9UEtL0z9KK3giq0itFZljoZUj5NDKd45RnijMCO6 +zfB9E1fAXdKDa0hMxKufgFpbOr3JpyI/gCczWw63igxdBzcIy2zSekciRDXFzMwujt0q7bd9Zg1f +YVEiVRvjRuPjPdA1YprbrxTIW6HMiRvhMCb8oJsfgadHHwTrozmSBp+Z07/T6k9QnBn+locePGX2 +oxgkg4YQ51Q+qDp2JE+BIcXjDwL4k5RHILv+1A7TaLndxHqEguNTVHnd25zS8gebLra8Pu2Fbe8l +EfKXGkJh90qX6IuxEAf6ZYGyojnP9zz/GPvG8VqLWeICrHuS0E4UT1lF9gxeKF+w6D9Fz8+vm2/7 +hNN3WpVvrJSEnu68wEqPSpP4RCHiMUVhUE4Q2OM1fEwZtN4Fv6MGn8i1zeQf1xcGDXqVdFUNaBr8 +EBtiZJ1t4JWgw5QHVw0U5r0F+7if5t+L4sbnfpb2U8WANFAoWPASUHEXMLrmeGO89LKtmyuy/uE5 +jF66CyCU3nuDuP/jVo23Eek7jPKxwV2dpAtMK9myGPW1n0sCAwEAAaNjMGEwHQYDVR0OBBYEFFLY +iDrIn3hm7YnzezhwlMkCAjbQMA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAUUtiIOsifeGbt +ifN7OHCUyQICNtAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBCwUAA4ICAQALe3KHwGCmSUyI +WOYdiPcUZEim2FgKDk8TNd81HdTtBjHIgT5q1d07GjLukD0R0i70jsNjLiNmsGe+b7bAEzlgqqI0 +JZN1Ut6nna0Oh4lScWoWPBkdg/iaKWW+9D+a2fDzWochcYBNy+A4mz+7+uAwTc+G02UQGRjRlwKx +K3JCaKygvU5a2hi/a5iB0P2avl4VSM0RFbnAKVy06Ij3Pjaut2L9HmLecHgQHEhb2rykOLpn7VU+ +Xlff1ANATIGk0k9jpwlCCRT8AKnCgHNPLsBA2RF7SOp6AsDT6ygBJlh0wcBzIm2Tlf05fbsq4/aC +4yyXX04fkZT6/iyj2HYauE2yOE+b+h1IYHkm4vP9qdCa6HCPSXrW5b0KDtst842/6+OkfcvHlXHo +2qN8xcL4dJIEG4aspCJTQLas/kx2z/uUMsA1n3Y/buWQbqCmJqK4LL7RK4X9p2jIugErsWx0Hbhz +lefut8cl8ABMALJ+tguLHPPAUJ4lueAI3jZm/zel0btUZCzJJ7VLkn5l/9Mt4blOvH+kQSGQQXem +OR/qnuOf0GZvBeyqdn6/axag67XH/JJULysRJyU3eExRarDzzFhdFPFqSBX/wge2sY0PjlxQRrM9 +vwGYT7JZVEc+NHt4bVaTLnPqZih4zR0Uv6CPLy64Lo7yFIrM6bV8+2ydDKXhlg== +-----END CERTIFICATE----- + +Trustis FPS Root CA +=================== +-----BEGIN CERTIFICATE----- +MIIDZzCCAk+gAwIBAgIQGx+ttiD5JNM2a/fH8YygWTANBgkqhkiG9w0BAQUFADBFMQswCQYDVQQG +EwJHQjEYMBYGA1UEChMPVHJ1c3RpcyBMaW1pdGVkMRwwGgYDVQQLExNUcnVzdGlzIEZQUyBSb290 +IENBMB4XDTAzMTIyMzEyMTQwNloXDTI0MDEyMTExMzY1NFowRTELMAkGA1UEBhMCR0IxGDAWBgNV +BAoTD1RydXN0aXMgTGltaXRlZDEcMBoGA1UECxMTVHJ1c3RpcyBGUFMgUm9vdCBDQTCCASIwDQYJ +KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMVQe547NdDfxIzNjpvto8A2mfRC6qc+gIMPpqdZh8mQ +RUN+AOqGeSoDvT03mYlmt+WKVoaTnGhLaASMk5MCPjDSNzoiYYkchU59j9WvezX2fihHiTHcDnlk +H5nSW7r+f2C/revnPDgpai/lkQtV/+xvWNUtyd5MZnGPDNcE2gfmHhjjvSkCqPoc4Vu5g6hBSLwa +cY3nYuUtsuvffM/bq1rKMfFMIvMFE/eC+XN5DL7XSxzA0RU8k0Fk0ea+IxciAIleH2ulrG6nS4zt +o3Lmr2NNL4XSFDWaLk6M6jKYKIahkQlBOrTh4/L68MkKokHdqeMDx4gVOxzUGpTXn2RZEm0CAwEA +AaNTMFEwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBS6+nEleYtXQSUhhgtx67JkDoshZzAd +BgNVHQ4EFgQUuvpxJXmLV0ElIYYLceuyZA6LIWcwDQYJKoZIhvcNAQEFBQADggEBAH5Y//01GX2c +GE+esCu8jowU/yyg2kdbw++BLa8F6nRIW/M+TgfHbcWzk88iNVy2P3UnXwmWzaD+vkAMXBJV+JOC +yinpXj9WV4s4NvdFGkwozZ5BuO1WTISkQMi4sKUraXAEasP41BIy+Q7DsdwyhEQsb8tGD+pmQQ9P +8Vilpg0ND2HepZ5dfWWhPBfnqFVO76DH7cZEf1T1o+CP8HxVIo8ptoGj4W1OLBuAZ+ytIJ8MYmHV +l/9D7S3B2l0pKoU/rGXuhg8FjZBf3+6f9L/uHfuY5H+QK4R4EA5sSVPvFVtlRkpdr7r7OnIdzfYl +iB6XzCGcKQENZetX2fNXlrtIzYE= +-----END CERTIFICATE----- + +StartCom Certification Authority +================================ +-----BEGIN CERTIFICATE----- +MIIHhzCCBW+gAwIBAgIBLTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMN +U3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmlu +ZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0 +NjM3WhcNMzYwOTE3MTk0NjM2WjB9MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRk +LjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMg +U3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAw +ggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZkpMyONvg45iPwbm2xPN1y +o4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rfOQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/ +Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/CJi/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/d +eMotHweXMAEtcnn6RtYTKqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt +2PZE4XNiHzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMMAv+Z +6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w+2OqqGwaVLRcJXrJ +osmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/ +untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVc +UjyJthkqcwEKDwOzEmDyei+B26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT +37uMdBNSSwIDAQABo4ICEDCCAgwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD +VR0OBBYEFE4L7xqkQFulF2mHMMo0aEPQQa7yMB8GA1UdIwQYMBaAFE4L7xqkQFulF2mHMMo0aEPQ +Qa7yMIIBWgYDVR0gBIIBUTCCAU0wggFJBgsrBgEEAYG1NwEBATCCATgwLgYIKwYBBQUHAgEWImh0 +dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cu +c3RhcnRzc2wuY29tL2ludGVybWVkaWF0ZS5wZGYwgc8GCCsGAQUFBwICMIHCMCcWIFN0YXJ0IENv +bW1lcmNpYWwgKFN0YXJ0Q29tKSBMdGQuMAMCAQEagZZMaW1pdGVkIExpYWJpbGl0eSwgcmVhZCB0 +aGUgc2VjdGlvbiAqTGVnYWwgTGltaXRhdGlvbnMqIG9mIHRoZSBTdGFydENvbSBDZXJ0aWZpY2F0 +aW9uIEF1dGhvcml0eSBQb2xpY3kgYXZhaWxhYmxlIGF0IGh0dHA6Ly93d3cuc3RhcnRzc2wuY29t +L3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBG +cmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQsFAAOCAgEAjo/n3JR5 +fPGFf59Jb2vKXfuM/gTFwWLRfUKKvFO3lANmMD+x5wqnUCBVJX92ehQN6wQOQOY+2IirByeDqXWm +N3PH/UvSTa0XQMhGvjt/UfzDtgUx3M2FIk5xt/JxXrAaxrqTi3iSSoX4eA+D/i+tLPfkpLst0OcN +Org+zvZ49q5HJMqjNTbOx8aHmNrs++myziebiMMEofYLWWivydsQD032ZGNcpRJvkrKTlMeIFw6T +tn5ii5B/q06f/ON1FE8qMt9bDeD1e5MNq6HPh+GlBEXoPBKlCcWw0bdT82AUuoVpaiF8H3VhFyAX +e2w7QSlc4axa0c2Mm+tgHRns9+Ww2vl5GKVFP0lDV9LdJNUso/2RjSe15esUBppMeyG7Oq0wBhjA +2MFrLH9ZXF2RsXAiV+uKa0hK1Q8p7MZAwC+ITGgBF3f0JBlPvfrhsiAhS90a2Cl9qrjeVOwhVYBs +HvUwyKMQ5bLmKhQxw4UtjJixhlpPiVktucf3HMiKf8CdBUrmQk9io20ppB+Fq9vlgcitKj1MXVuE +JnHEhV5xJMqlG2zYYdMa4FTbzrqpMrUi9nNBCV24F10OD5mQ1kfabwo6YigUZ4LZ8dCAWZvLMdib +D4x3TrVoivJs9iQOLWxwxXPR3hTQcY+203sC9uO41Alua551hDnmfyWl8kgAwKQB2j8= +-----END CERTIFICATE----- + +StartCom Certification Authority G2 +=================================== +-----BEGIN CERTIFICATE----- +MIIFYzCCA0ugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBTMQswCQYDVQQGEwJJTDEWMBQGA1UEChMN +U3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkg +RzIwHhcNMTAwMTAxMDEwMDAxWhcNMzkxMjMxMjM1OTAxWjBTMQswCQYDVQQGEwJJTDEWMBQGA1UE +ChMNU3RhcnRDb20gTHRkLjEsMCoGA1UEAxMjU3RhcnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3Jp +dHkgRzIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2iTZbB7cgNr2Cu+EWIAOVeq8O +o1XJJZlKxdBWQYeQTSFgpBSHO839sj60ZwNq7eEPS8CRhXBF4EKe3ikj1AENoBB5uNsDvfOpL9HG +4A/LnooUCri99lZi8cVytjIl2bLzvWXFDSxu1ZJvGIsAQRSCb0AgJnooD/Uefyf3lLE3PbfHkffi +Aez9lInhzG7TNtYKGXmu1zSCZf98Qru23QumNK9LYP5/Q0kGi4xDuFby2X8hQxfqp0iVAXV16iul +Q5XqFYSdCI0mblWbq9zSOdIxHWDirMxWRST1HFSr7obdljKF+ExP6JV2tgXdNiNnvP8V4so75qbs +O+wmETRIjfaAKxojAuuKHDp2KntWFhxyKrOq42ClAJ8Em+JvHhRYW6Vsi1g8w7pOOlz34ZYrPu8H +vKTlXcxNnw3h3Kq74W4a7I/htkxNeXJdFzULHdfBR9qWJODQcqhaX2YtENwvKhOuJv4KHBnM0D4L +nMgJLvlblnpHnOl68wVQdJVznjAJ85eCXuaPOQgeWeU1FEIT/wCc976qUM/iUUjXuG+v+E5+M5iS +FGI6dWPPe/regjupuznixL0sAA7IF6wT700ljtizkC+p2il9Ha90OrInwMEePnWjFqmveiJdnxMa +z6eg6+OGCtP95paV1yPIN93EfKo2rJgaErHgTuixO/XWb/Ew1wIDAQABo0IwQDAPBgNVHRMBAf8E +BTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUS8W0QGutHLOlHGVuRjaJhwUMDrYwDQYJ +KoZIhvcNAQELBQADggIBAHNXPyzVlTJ+N9uWkusZXn5T50HsEbZH77Xe7XRcxfGOSeD8bpkTzZ+K +2s06Ctg6Wgk/XzTQLwPSZh0avZyQN8gMjgdalEVGKua+etqhqaRpEpKwfTbURIfXUfEpY9Z1zRbk +J4kd+MIySP3bmdCPX1R0zKxnNBFi2QwKN4fRoxdIjtIXHfbX/dtl6/2o1PXWT6RbdejF0mCy2wl+ +JYt7ulKSnj7oxXehPOBKc2thz4bcQ///If4jXSRK9dNtD2IEBVeC2m6kMyV5Sy5UGYvMLD0w6dEG +/+gyRr61M3Z3qAFdlsHB1b6uJcDJHgoJIIihDsnzb02CVAAgp9KP5DlUFy6NHrgbuxu9mk47EDTc +nIhT76IxW1hPkWLIwpqazRVdOKnWvvgTtZ8SafJQYqz7Fzf07rh1Z2AQ+4NQ+US1dZxAF7L+/Xld +blhYXzD8AK6vM8EOTmy6p6ahfzLbOOCxchcKK5HsamMm7YnUeMx0HgX4a/6ManY5Ka5lIxKVCCIc +l85bBu4M4ru8H0ST9tg4RQUh7eStqxK2A6RCLi3ECToDZ2mEmuFZkIoohdVddLHRDiBYmxOlsGOm +7XtH/UVVMKTumtTm4ofvmMkyghEpIrwACjFeLQ/Ajulrso8uBtjRkcfGEvRM/TAXw8HaOFvjqerm +obp573PYtlNXLfbQ4ddI +-----END CERTIFICATE----- + +Buypass Class 2 Root CA +======================= +-----BEGIN CERTIFICATE----- +MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEdMBsGA1UECgwU +QnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3MgQ2xhc3MgMiBSb290IENBMB4X +DTEwMTAyNjA4MzgwM1oXDTQwMTAyNjA4MzgwM1owTjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1 +eXBhc3MgQVMtOTgzMTYzMzI3MSAwHgYDVQQDDBdCdXlwYXNzIENsYXNzIDIgUm9vdCBDQTCCAiIw +DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANfHXvfBB9R3+0Mh9PT1aeTuMgHbo4Yf5FkNuud1 +g1Lr6hxhFUi7HQfKjK6w3Jad6sNgkoaCKHOcVgb/S2TwDCo3SbXlzwx87vFKu3MwZfPVL4O2fuPn +9Z6rYPnT8Z2SdIrkHJasW4DptfQxh6NR/Md+oW+OU3fUl8FVM5I+GC911K2GScuVr1QGbNgGE41b +/+EmGVnAJLqBcXmQRFBoJJRfuLMR8SlBYaNByyM21cHxMlAQTn/0hpPshNOOvEu/XAFOBz3cFIqU +CqTqc/sLUegTBxj6DvEr0VQVfTzh97QZQmdiXnfgolXsttlpF9U6r0TtSsWe5HonfOV116rLJeff +awrbD02TTqigzXsu8lkBarcNuAeBfos4GzjmCleZPe4h6KP1DBbdi+w0jpwqHAAVF41og9JwnxgI +zRFo1clrUs3ERo/ctfPYV3Me6ZQ5BL/T3jjetFPsaRyifsSP5BtwrfKi+fv3FmRmaZ9JUaLiFRhn +Bkp/1Wy1TbMz4GHrXb7pmA8y1x1LPC5aAVKRCfLf6o3YBkBjqhHk/sM3nhRSP/TizPJhk9H9Z2vX +Uq6/aKtAQ6BXNVN48FP4YUIHZMbXb5tMOA1jrGKvNouicwoN9SG9dKpN6nIDSdvHXx1iY8f93ZHs +M+71bbRuMGjeyNYmsHVee7QHIJihdjK4TWxPAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYD +VR0OBBYEFMmAd+BikoL1RpzzuvdMw964o605MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsF +AAOCAgEAU18h9bqwOlI5LJKwbADJ784g7wbylp7ppHR/ehb8t/W2+xUbP6umwHJdELFx7rxP462s +A20ucS6vxOOto70MEae0/0qyexAQH6dXQbLArvQsWdZHEIjzIVEpMMpghq9Gqx3tOluwlN5E40EI +osHsHdb9T7bWR9AUC8rmyrV7d35BH16Dx7aMOZawP5aBQW9gkOLo+fsicdl9sz1Gv7SEr5AcD48S +aq/v7h56rgJKihcrdv6sVIkkLE8/trKnToyokZf7KcZ7XC25y2a2t6hbElGFtQl+Ynhw/qlqYLYd +DnkM/crqJIByw5c/8nerQyIKx+u2DISCLIBrQYoIwOula9+ZEsuK1V6ADJHgJgg2SMX6OBE1/yWD +LfJ6v9r9jv6ly0UsH8SIU653DtmadsWOLB2jutXsMq7Aqqz30XpN69QH4kj3Io6wpJ9qzo6ysmD0 +oyLQI+uUWnpp3Q+/QFesa1lQ2aOZ4W7+jQF5JyMV3pKdewlNWudLSDBaGOYKbeaP4NK75t98biGC +wWg5TbSYWGZizEqQXsP6JwSxeRV0mcy+rSDeJmAc61ZRpqPq5KM/p/9h3PFaTWwyI0PurKju7koS +CTxdccK+efrCh2gdC/1cacwG0Jp9VJkqyTkaGa9LKkPzY11aWOIv4x3kqdbQCtCev9eBCfHJxyYN +rJgWVqA= +-----END CERTIFICATE----- + +Buypass Class 3 Root CA +======================= +-----BEGIN CERTIFICATE----- +MIIFWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJOTzEdMBsGA1UECgwU +QnV5cGFzcyBBUy05ODMxNjMzMjcxIDAeBgNVBAMMF0J1eXBhc3MgQ2xhc3MgMyBSb290IENBMB4X +DTEwMTAyNjA4Mjg1OFoXDTQwMTAyNjA4Mjg1OFowTjELMAkGA1UEBhMCTk8xHTAbBgNVBAoMFEJ1 +eXBhc3MgQVMtOTgzMTYzMzI3MSAwHgYDVQQDDBdCdXlwYXNzIENsYXNzIDMgUm9vdCBDQTCCAiIw +DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKXaCpUWUOOV8l6ddjEGMnqb8RB2uACatVI2zSRH +sJ8YZLya9vrVediQYkwiL944PdbgqOkcLNt4EemOaFEVcsfzM4fkoF0LXOBXByow9c3EN3coTRiR +5r/VUv1xLXA+58bEiuPwKAv0dpihi4dVsjoT/Lc+JzeOIuOoTyrvYLs9tznDDgFHmV0ST9tD+leh +7fmdvhFHJlsTmKtdFoqwNxxXnUX/iJY2v7vKB3tvh2PX0DJq1l1sDPGzbjniazEuOQAnFN44wOwZ +ZoYS6J1yFhNkUsepNxz9gjDthBgd9K5c/3ATAOux9TN6S9ZV+AWNS2mw9bMoNlwUxFFzTWsL8TQH +2xc519woe2v1n/MuwU8XKhDzzMro6/1rqy6any2CbgTUUgGTLT2G/H783+9CHaZr77kgxve9oKeV +/afmiSTYzIw0bOIjL9kSGiG5VZFvC5F5GQytQIgLcOJ60g7YaEi7ghM5EFjp2CoHxhLbWNvSO1UQ +RwUVZ2J+GGOmRj8JDlQyXr8NYnon74Do29lLBlo3WiXQCBJ31G8JUJc9yB3D34xFMFbG02SrZvPA +Xpacw8Tvw3xrizp5f7NJzz3iiZ+gMEuFuZyUJHmPfWupRWgPK9Dx2hzLabjKSWJtyNBjYt1gD1iq +j6G8BaVmos8bdrKEZLFMOVLAMLrwjEsCsLa3AgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wHQYD +VR0OBBYEFEe4zf/lb+74suwvTg75JbCOPGvDMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsF +AAOCAgEAACAjQTUEkMJAYmDv4jVM1z+s4jSQuKFvdvoWFqRINyzpkMLyPPgKn9iB5btb2iUspKdV +cSQy9sgL8rxq+JOssgfCX5/bzMiKqr5qb+FJEMwx14C7u8jYog5kV+qi9cKpMRXSIGrs/CIBKM+G +uIAeqcwRpTzyFrNHnfzSgCHEy9BHcEGhyoMZCCxt8l13nIoUE9Q2HJLw5QY33KbmkJs4j1xrG0aG +Q0JfPgEHU1RdZX33inOhmlRaHylDFCfChQ+1iHsaO5S3HWCntZznKWlXWpuTekMwGwPXYshApqr8 +ZORK15FTAaggiG6cX0S5y2CBNOxv033aSF/rtJC8LakcC6wc1aJoIIAE1vyxjy+7SjENSoYc6+I2 +KSb12tjE8nVhz36udmNKekBlk4f4HoCMhuWG1o8O/FMsYOgWYRqiPkN7zTlgVGr18okmAWiDSKIz +6MkEkbIRNBE+6tBDGR8Dk5AM/1E9V/RBbuHLoL7ryWPNbczk+DaqaJ3tvV2XcEQNtg413OEMXbug +UZTLfhbrES+jkkXITHHZvMmZUldGL1DPvTVp9D0VzgalLA8+9oG6lLvDu79leNKGef9JOxqDDPDe +eOzI8k1MGt6CKfjBWtrt7uYnXuhF0J0cUahoq0Tj0Itq4/g7u9xN12TyUb7mqqta6THuBrxzvxNi +Cp/HuZc= +-----END CERTIFICATE----- + +T-TeleSec GlobalRoot Class 3 +============================ +-----BEGIN CERTIFICATE----- +MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoM +IlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBU +cnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwHhcNMDgx +MDAxMTAyOTU2WhcNMzMxMDAxMjM1OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lz +dGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBD +ZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDMwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQC9dZPwYiJvJK7genasfb3ZJNW4t/zN8ELg63iIVl6bmlQdTQyK +9tPPcPRStdiTBONGhnFBSivwKixVA9ZIw+A5OO3yXDw/RLyTPWGrTs0NvvAgJ1gORH8EGoel15YU +NpDQSXuhdfsaa3Ox+M6pCSzyU9XDFES4hqX2iys52qMzVNn6chr3IhUciJFrf2blw2qAsCTz34ZF +iP0Zf3WHHx+xGwpzJFu5ZeAsVMhg02YXP+HMVDNzkQI6pn97djmiH5a2OK61yJN0HZ65tOVgnS9W +0eDrXltMEnAMbEQgqxHY9Bn20pxSN+f6tsIxO0rUFJmtxxr1XV/6B7h8DR/Wgx6zAgMBAAGjQjBA +MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS1A/d2O2GCahKqGFPr +AyGUv/7OyjANBgkqhkiG9w0BAQsFAAOCAQEAVj3vlNW92nOyWL6ukK2YJ5f+AbGwUgC4TeQbIXQb +fsDuXmkqJa9c1h3a0nnJ85cp4IaH3gRZD/FZ1GSFS5mvJQQeyUapl96Cshtwn5z2r3Ex3XsFpSzT +ucpH9sry9uetuUg/vBa3wW306gmv7PO15wWeph6KU1HWk4HMdJP2udqmJQV0eVp+QD6CSyYRMG7h +P0HHRwA11fXT91Q+gT3aSWqas+8QPebrb9HIIkfLzM8BMZLZGOMivgkeGj5asuRrDFR6fUNOuIml +e9eiPZaGzPImNC1qkp2aGtAw4l1OBLBfiyB+d8E9lYLRRpo7PHi4b6HQDWSieB4pTpPDpFQUWw== +-----END CERTIFICATE----- + +EE Certification Centre Root CA +=============================== +-----BEGIN CERTIFICATE----- +MIIEAzCCAuugAwIBAgIQVID5oHPtPwBMyonY43HmSjANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQG +EwJFRTEiMCAGA1UECgwZQVMgU2VydGlmaXRzZWVyaW1pc2tlc2t1czEoMCYGA1UEAwwfRUUgQ2Vy +dGlmaWNhdGlvbiBDZW50cmUgUm9vdCBDQTEYMBYGCSqGSIb3DQEJARYJcGtpQHNrLmVlMCIYDzIw +MTAxMDMwMTAxMDMwWhgPMjAzMDEyMTcyMzU5NTlaMHUxCzAJBgNVBAYTAkVFMSIwIAYDVQQKDBlB +UyBTZXJ0aWZpdHNlZXJpbWlza2Vza3VzMSgwJgYDVQQDDB9FRSBDZXJ0aWZpY2F0aW9uIENlbnRy +ZSBSb290IENBMRgwFgYJKoZIhvcNAQkBFglwa2lAc2suZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQDIIMDs4MVLqwd4lfNE7vsLDP90jmG7sWLqI9iroWUyeuuOF0+W2Ap7kaJjbMeM +TC55v6kF/GlclY1i+blw7cNRfdCT5mzrMEvhvH2/UpvObntl8jixwKIy72KyaOBhU8E2lf/slLo2 +rpwcpzIP5Xy0xm90/XsY6KxX7QYgSzIwWFv9zajmofxwvI6Sc9uXp3whrj3B9UiHbCe9nyV0gVWw +93X2PaRka9ZP585ArQ/dMtO8ihJTmMmJ+xAdTX7Nfh9WDSFwhfYggx/2uh8Ej+p3iDXE/+pOoYtN +P2MbRMNE1CV2yreN1x5KZmTNXMWcg+HCCIia7E6j8T4cLNlsHaFLAgMBAAGjgYowgYcwDwYDVR0T +AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFBLyWj7qVhy/zQas8fElyalL1BSZ +MEUGA1UdJQQ+MDwGCCsGAQUFBwMCBggrBgEFBQcDAQYIKwYBBQUHAwMGCCsGAQUFBwMEBggrBgEF +BQcDCAYIKwYBBQUHAwkwDQYJKoZIhvcNAQEFBQADggEBAHv25MANqhlHt01Xo/6tu7Fq1Q+e2+Rj +xY6hUFaTlrg4wCQiZrxTFGGVv9DHKpY5P30osxBAIWrEr7BSdxjhlthWXePdNl4dp1BUoMUq5KqM +lIpPnTX/dqQGE5Gion0ARD9V04I8GtVbvFZMIi5GQ4okQC3zErg7cBqklrkar4dBGmoYDQZPxz5u +uSlNDUmJEYcyW+ZLBMjkXOZ0c5RdFpgTlf7727FE5TpwrDdr5rMzcijJs1eg9gIWiAYLtqZLICjU +3j2LrTcFU3T+bsy8QxdxXvnFzBqpYe73dgzzcvRyrc9yAjYHR8/vGVCJYMzpJJUPwssd8m92kMfM +dcGWxZ0= +-----END CERTIFICATE----- + +TURKTRUST Certificate Services Provider Root 2007 +================================================= +-----BEGIN CERTIFICATE----- +MIIEPTCCAyWgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBvzE/MD0GA1UEAww2VMOcUktUUlVTVCBF +bGVrdHJvbmlrIFNlcnRpZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxMQswCQYDVQQGEwJUUjEP +MA0GA1UEBwwGQW5rYXJhMV4wXAYDVQQKDFVUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUg +QmlsacWfaW0gR8O8dmVubGnEn2kgSGl6bWV0bGVyaSBBLsWeLiAoYykgQXJhbMSxayAyMDA3MB4X +DTA3MTIyNTE4MzcxOVoXDTE3MTIyMjE4MzcxOVowgb8xPzA9BgNVBAMMNlTDnFJLVFJVU1QgRWxl +a3Ryb25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsTELMAkGA1UEBhMCVFIxDzAN +BgNVBAcMBkFua2FyYTFeMFwGA1UECgxVVMOcUktUUlVTVCBCaWxnaSDEsGxldGnFn2ltIHZlIEJp +bGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7Fni4gKGMpIEFyYWzEsWsgMjAwNzCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKu3PgqMyKVYFeaK7yc9SrToJdPNM8Ig3BnuiD9N +YvDdE3ePYakqtdTyuTFYKTsvP2qcb3N2Je40IIDu6rfwxArNK4aUyeNgsURSsloptJGXg9i3phQv +KUmi8wUG+7RP2qFsmmaf8EMJyupyj+sA1zU511YXRxcw9L6/P8JorzZAwan0qafoEGsIiveGHtya +KhUG9qPw9ODHFNRRf8+0222vR5YXm3dx2KdxnSQM9pQ/hTEST7ruToK4uT6PIzdezKKqdfcYbwnT +rqdUKDT74eA7YH2gvnmJhsifLfkKS8RQouf9eRbHegsYz85M733WB2+Y8a+xwXrXgTW4qhe04MsC +AwEAAaNCMEAwHQYDVR0OBBYEFCnFkKslrxHkYb+j/4hhkeYO/pyBMA4GA1UdDwEB/wQEAwIBBjAP +BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAQDdr4Ouwo0RSVgrESLFF6QSU2TJ/s +Px+EnWVUXKgWAkD6bho3hO9ynYYKVZ1WKKxmLNA6VpM0ByWtCLCPyA8JWcqdmBzlVPi5RX9ql2+I +aE1KBiY3iAIOtsbWcpnOa3faYjGkVh+uX4132l32iPwa2Z61gfAyuOOI0JzzaqC5mxRZNTZPz/OO +Xl0XrRWV2N2y1RVuAE6zS89mlOTgzbUF2mNXi+WzqtvALhyQRNsaXRik7r4EW5nVcV9VZWRi1aKb +BFmGyGJ353yCRWo9F7/snXUMrqNvWtMvmDb08PUZqxFdyKbjKlhqQgnDvZImZjINXQhVdP+MmNAK +poRq0Tl9 +-----END CERTIFICATE----- + +D-TRUST Root Class 3 CA 2 2009 +============================== +-----BEGIN CERTIFICATE----- +MIIEMzCCAxugAwIBAgIDCYPzMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQK +DAxELVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTAe +Fw0wOTExMDUwODM1NThaFw0yOTExMDUwODM1NThaME0xCzAJBgNVBAYTAkRFMRUwEwYDVQQKDAxE +LVRydXN0IEdtYkgxJzAlBgNVBAMMHkQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgMjAwOTCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANOySs96R+91myP6Oi/WUEWJNTrGa9v+2wBoqOAD +ER03UAifTUpolDWzU9GUY6cgVq/eUXjsKj3zSEhQPgrfRlWLJ23DEE0NkVJD2IfgXU42tSHKXzlA +BF9bfsyjxiupQB7ZNoTWSPOSHjRGICTBpFGOShrvUD9pXRl/RcPHAY9RySPocq60vFYJfxLLHLGv +KZAKyVXMD9O0Gu1HNVpK7ZxzBCHQqr0ME7UAyiZsxGsMlFqVlNpQmvH/pStmMaTJOKDfHR+4CS7z +p+hnUquVH+BGPtikw8paxTGA6Eian5Rp/hnd2HN8gcqW3o7tszIFZYQ05ub9VxC1X3a/L7AQDcUC +AwEAAaOCARowggEWMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFP3aFMSfMN4hvR5COfyrYyNJ +4PGEMA4GA1UdDwEB/wQEAwIBBjCB0wYDVR0fBIHLMIHIMIGAoH6gfIZ6bGRhcDovL2RpcmVjdG9y +eS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwUm9vdCUyMENsYXNzJTIwMyUyMENBJTIwMiUyMDIw +MDksTz1ELVRydXN0JTIwR21iSCxDPURFP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3QwQ6BBoD+G +PWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3JsL2QtdHJ1c3Rfcm9vdF9jbGFzc18zX2NhXzJfMjAw +OS5jcmwwDQYJKoZIhvcNAQELBQADggEBAH+X2zDI36ScfSF6gHDOFBJpiBSVYEQBrLLpME+bUMJm +2H6NMLVwMeniacfzcNsgFYbQDfC+rAF1hM5+n02/t2A7nPPKHeJeaNijnZflQGDSNiH+0LS4F9p0 +o3/U37CYAqxva2ssJSRyoWXuJVrl5jLn8t+rSfrzkGkj2wTZ51xY/GXUl77M/C4KzCUqNQT4YJEV +dT1B/yMfGchs64JTBKbkTCJNjYy6zltz7GRUUG3RnFX7acM2w4y8PIWmawomDeCTmGCufsYkl4ph +X5GOZpIJhzbNi5stPvZR1FDUWSi9g/LMKHtThm3YJohw1+qRzT65ysCQblrGXnRl11z+o+I= +-----END CERTIFICATE----- + +D-TRUST Root Class 3 CA 2 EV 2009 +================================= +-----BEGIN CERTIFICATE----- +MIIEQzCCAyugAwIBAgIDCYP0MA0GCSqGSIb3DQEBCwUAMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQK +DAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAw +OTAeFw0wOTExMDUwODUwNDZaFw0yOTExMDUwODUwNDZaMFAxCzAJBgNVBAYTAkRFMRUwEwYDVQQK +DAxELVRydXN0IEdtYkgxKjAoBgNVBAMMIUQtVFJVU1QgUm9vdCBDbGFzcyAzIENBIDIgRVYgMjAw +OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJnxhDRwui+3MKCOvXwEz75ivJn9gpfS +egpnljgJ9hBOlSJzmY3aFS3nBfwZcyK3jpgAvDw9rKFs+9Z5JUut8Mxk2og+KbgPCdM03TP1YtHh +zRnp7hhPTFiu4h7WDFsVWtg6uMQYZB7jM7K1iXdODL/ZlGsTl28So/6ZqQTMFexgaDbtCHu39b+T +7WYxg4zGcTSHThfqr4uRjRxWQa4iN1438h3Z0S0NL2lRp75mpoo6Kr3HGrHhFPC+Oh25z1uxav60 +sUYgovseO3Dvk5h9jHOW8sXvhXCtKSb8HgQ+HKDYD8tSg2J87otTlZCpV6LqYQXY+U3EJ/pure35 +11H3a6UCAwEAAaOCASQwggEgMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNOUikxiEyoZLsyv +cop9NteaHNxnMA4GA1UdDwEB/wQEAwIBBjCB3QYDVR0fBIHVMIHSMIGHoIGEoIGBhn9sZGFwOi8v +ZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBSb290JTIwQ2xhc3MlMjAzJTIwQ0El +MjAyJTIwRVYlMjAyMDA5LE89RC1UcnVzdCUyMEdtYkgsQz1ERT9jZXJ0aWZpY2F0ZXJldm9jYXRp +b25saXN0MEagRKBChkBodHRwOi8vd3d3LmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X3Jvb3RfY2xh +c3NfM19jYV8yX2V2XzIwMDkuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQA07XtaPKSUiO8aEXUHL7P+ +PPoeUSbrh/Yp3uDx1MYkCenBz1UbtDDZzhr+BlGmFaQt77JLvyAoJUnRpjZ3NOhk31KxEcdzes05 +nsKtjHEh8lprr988TlWvsoRlFIm5d8sqMb7Po23Pb0iUMkZv53GMoKaEGTcH8gNFCSuGdXzfX2lX +ANtu2KZyIktQ1HWYVt+3GP9DQ1CuekR78HlR10M9p9OB0/DJT7naxpeG0ILD5EJt/rDiZE4OJudA +NCa1CInXCGNjOCd1HjPqbqjdn5lPdE2BiYBL3ZqXKVwvvoFBuYz/6n1gBp7N1z3TLqMVvKjmJuVv +w9y4AyHqnxbxLFS1 +-----END CERTIFICATE----- + +PSCProcert +========== +-----BEGIN CERTIFICATE----- +MIIJhjCCB26gAwIBAgIBCzANBgkqhkiG9w0BAQsFADCCAR4xPjA8BgNVBAMTNUF1dG9yaWRhZCBk +ZSBDZXJ0aWZpY2FjaW9uIFJhaXogZGVsIEVzdGFkbyBWZW5lem9sYW5vMQswCQYDVQQGEwJWRTEQ +MA4GA1UEBxMHQ2FyYWNhczEZMBcGA1UECBMQRGlzdHJpdG8gQ2FwaXRhbDE2MDQGA1UEChMtU2lz +dGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMUMwQQYDVQQLEzpTdXBl +cmludGVuZGVuY2lhIGRlIFNlcnZpY2lvcyBkZSBDZXJ0aWZpY2FjaW9uIEVsZWN0cm9uaWNhMSUw +IwYJKoZIhvcNAQkBFhZhY3JhaXpAc3VzY2VydGUuZ29iLnZlMB4XDTEwMTIyODE2NTEwMFoXDTIw +MTIyNTIzNTk1OVowgdExJjAkBgkqhkiG9w0BCQEWF2NvbnRhY3RvQHByb2NlcnQubmV0LnZlMQ8w +DQYDVQQHEwZDaGFjYW8xEDAOBgNVBAgTB01pcmFuZGExKjAoBgNVBAsTIVByb3ZlZWRvciBkZSBD +ZXJ0aWZpY2Fkb3MgUFJPQ0VSVDE2MDQGA1UEChMtU2lzdGVtYSBOYWNpb25hbCBkZSBDZXJ0aWZp +Y2FjaW9uIEVsZWN0cm9uaWNhMQswCQYDVQQGEwJWRTETMBEGA1UEAxMKUFNDUHJvY2VydDCCAiIw +DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANW39KOUM6FGqVVhSQ2oh3NekS1wwQYalNo97BVC +wfWMrmoX8Yqt/ICV6oNEolt6Vc5Pp6XVurgfoCfAUFM+jbnADrgV3NZs+J74BCXfgI8Qhd19L3uA +3VcAZCP4bsm+lU/hdezgfl6VzbHvvnpC2Mks0+saGiKLt38GieU89RLAu9MLmV+QfI4tL3czkkoh +RqipCKzx9hEC2ZUWno0vluYC3XXCFCpa1sl9JcLB/KpnheLsvtF8PPqv1W7/U0HU9TI4seJfxPmO +EO8GqQKJ/+MMbpfg353bIdD0PghpbNjU5Db4g7ayNo+c7zo3Fn2/omnXO1ty0K+qP1xmk6wKImG2 +0qCZyFSTXai20b1dCl53lKItwIKOvMoDKjSuc/HUtQy9vmebVOvh+qBa7Dh+PsHMosdEMXXqP+UH +0quhJZb25uSgXTcYOWEAM11G1ADEtMo88aKjPvM6/2kwLkDd9p+cJsmWN63nOaK/6mnbVSKVUyqU +td+tFjiBdWbjxywbk5yqjKPK2Ww8F22c3HxT4CAnQzb5EuE8XL1mv6JpIzi4mWCZDlZTOpx+FIyw +Bm/xhnaQr/2v/pDGj59/i5IjnOcVdo/Vi5QTcmn7K2FjiO/mpF7moxdqWEfLcU8UC17IAggmosvp +r2uKGcfLFFb14dq12fy/czja+eevbqQ34gcnAgMBAAGjggMXMIIDEzASBgNVHRMBAf8ECDAGAQH/ +AgEBMDcGA1UdEgQwMC6CD3N1c2NlcnRlLmdvYi52ZaAbBgVghl4CAqASDBBSSUYtRy0yMDAwNDAz +Ni0wMB0GA1UdDgQWBBRBDxk4qpl/Qguk1yeYVKIXTC1RVDCCAVAGA1UdIwSCAUcwggFDgBStuyId +xuDSAaj9dlBSk+2YwU2u06GCASakggEiMIIBHjE+MDwGA1UEAxM1QXV0b3JpZGFkIGRlIENlcnRp +ZmljYWNpb24gUmFpeiBkZWwgRXN0YWRvIFZlbmV6b2xhbm8xCzAJBgNVBAYTAlZFMRAwDgYDVQQH +EwdDYXJhY2FzMRkwFwYDVQQIExBEaXN0cml0byBDYXBpdGFsMTYwNAYDVQQKEy1TaXN0ZW1hIE5h +Y2lvbmFsIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExQzBBBgNVBAsTOlN1cGVyaW50ZW5k +ZW5jaWEgZGUgU2VydmljaW9zIGRlIENlcnRpZmljYWNpb24gRWxlY3Ryb25pY2ExJTAjBgkqhkiG +9w0BCQEWFmFjcmFpekBzdXNjZXJ0ZS5nb2IudmWCAQowDgYDVR0PAQH/BAQDAgEGME0GA1UdEQRG +MESCDnByb2NlcnQubmV0LnZloBUGBWCGXgIBoAwMClBTQy0wMDAwMDKgGwYFYIZeAgKgEgwQUklG +LUotMzE2MzUzNzMtNzB2BgNVHR8EbzBtMEagRKBChkBodHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52 +ZS9sY3IvQ0VSVElGSUNBRE8tUkFJWi1TSEEzODRDUkxERVIuY3JsMCOgIaAfhh1sZGFwOi8vYWNy +YWl6LnN1c2NlcnRlLmdvYi52ZTA3BggrBgEFBQcBAQQrMCkwJwYIKwYBBQUHMAGGG2h0dHA6Ly9v +Y3NwLnN1c2NlcnRlLmdvYi52ZTBBBgNVHSAEOjA4MDYGBmCGXgMBAjAsMCoGCCsGAQUFBwIBFh5o +dHRwOi8vd3d3LnN1c2NlcnRlLmdvYi52ZS9kcGMwDQYJKoZIhvcNAQELBQADggIBACtZ6yKZu4Sq +T96QxtGGcSOeSwORR3C7wJJg7ODU523G0+1ng3dS1fLld6c2suNUvtm7CpsR72H0xpkzmfWvADmN +g7+mvTV+LFwxNG9s2/NkAZiqlCxB3RWGymspThbASfzXg0gTB1GEMVKIu4YXx2sviiCtxQuPcD4q +uxtxj7mkoP3YldmvWb8lK5jpY5MvYB7Eqvh39YtsL+1+LrVPQA3uvFd359m21D+VJzog1eWuq2w1 +n8GhHVnchIHuTQfiSLaeS5UtQbHh6N5+LwUeaO6/u5BlOsju6rEYNxxik6SgMexxbJHmpHmJWhSn +FFAFTKQAVzAswbVhltw+HoSvOULP5dAssSS830DD7X9jSr3hTxJkhpXzsOfIt+FTvZLm8wyWuevo +5pLtp4EJFAv8lXrPj9Y0TzYS3F7RNHXGRoAvlQSMx4bEqCaJqD8Zm4G7UaRKhqsLEQ+xrmNTbSjq +3TNWOByyrYDT13K9mmyZY+gAu0F2BbdbmRiKw7gSXFbPVgx96OLP7bx0R/vu0xdOIk9W/1DzLuY5 +poLWccret9W6aAjtmcz9opLLabid+Qqkpj5PkygqYWwHJgD/ll9ohri4zspV4KuxPX+Y1zMOWj3Y +eMLEYC/HYvBhkdI4sPaeVdtAgAUSM84dkpvRabP/v/GSCmE1P93+hvS84Bpxs2Km +-----END CERTIFICATE----- + +China Internet Network Information Center EV Certificates Root +============================================================== +-----BEGIN CERTIFICATE----- +MIID9zCCAt+gAwIBAgIESJ8AATANBgkqhkiG9w0BAQUFADCBijELMAkGA1UEBhMCQ04xMjAwBgNV +BAoMKUNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyMUcwRQYDVQQDDD5D +aGluYSBJbnRlcm5ldCBOZXR3b3JrIEluZm9ybWF0aW9uIENlbnRlciBFViBDZXJ0aWZpY2F0ZXMg +Um9vdDAeFw0xMDA4MzEwNzExMjVaFw0zMDA4MzEwNzExMjVaMIGKMQswCQYDVQQGEwJDTjEyMDAG +A1UECgwpQ2hpbmEgSW50ZXJuZXQgTmV0d29yayBJbmZvcm1hdGlvbiBDZW50ZXIxRzBFBgNVBAMM +PkNoaW5hIEludGVybmV0IE5ldHdvcmsgSW5mb3JtYXRpb24gQ2VudGVyIEVWIENlcnRpZmljYXRl +cyBSb290MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm35z7r07eKpkQ0H1UN+U8i6y +jUqORlTSIRLIOTJCBumD1Z9S7eVnAztUwYyZmczpwA//DdmEEbK40ctb3B75aDFk4Zv6dOtouSCV +98YPjUesWgbdYavi7NifFy2cyjw1l1VxzUOFsUcW9SxTgHbP0wBkvUCZ3czY28Sf1hNfQYOL+Q2H +klY0bBoQCxfVWhyXWIQ8hBouXJE0bhlffxdpxWXvayHG1VA6v2G5BY3vbzQ6sm8UY78WO5upKv23 +KzhmBsUs4qpnHkWnjQRmQvaPK++IIGmPMowUc9orhpFjIpryp9vOiYurXccUwVswah+xt54ugQEC +7c+WXmPbqOY4twIDAQABo2MwYTAfBgNVHSMEGDAWgBR8cks5x8DbYqVPm6oYNJKiyoOCWTAPBgNV +HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUfHJLOcfA22KlT5uqGDSSosqD +glkwDQYJKoZIhvcNAQEFBQADggEBACrDx0M3j92tpLIM7twUbY8opJhJywyA6vPtI2Z1fcXTIWd5 +0XPFtQO3WKwMVC/GVhMPMdoG52U7HW8228gd+f2ABsqjPWYWqJ1MFn3AlUa1UeTiH9fqBk1jjZaM +7+czV0I664zBechNdn3e9rG3geCg+aF4RhcaVpjwTj2rHO3sOdwHSPdj/gauwqRcalsyiMXHM4Ws +ZkJHwlgkmeHlPuV1LI5D1l08eB6olYIpUNHRFrrvwb562bTYzB5MRuF3sTGrvSrIzo9uoV1/A3U0 +5K2JRVRevq4opbs/eHnrc7MKDf2+yfdWrPa37S+bISnHOLaVxATywy39FCqQmbkHzJ8= +-----END CERTIFICATE----- + +Swisscom Root CA 2 +================== +-----BEGIN CERTIFICATE----- +MIIF2TCCA8GgAwIBAgIQHp4o6Ejy5e/DfEoeWhhntjANBgkqhkiG9w0BAQsFADBkMQswCQYDVQQG +EwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsTHERpZ2l0YWwgQ2VydGlmaWNhdGUgU2Vy +dmljZXMxGzAZBgNVBAMTElN3aXNzY29tIFJvb3QgQ0EgMjAeFw0xMTA2MjQwODM4MTRaFw0zMTA2 +MjUwNzM4MTRaMGQxCzAJBgNVBAYTAmNoMREwDwYDVQQKEwhTd2lzc2NvbTElMCMGA1UECxMcRGln +aXRhbCBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEbMBkGA1UEAxMSU3dpc3Njb20gUm9vdCBDQSAyMIIC +IjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAlUJOhJ1R5tMJ6HJaI2nbeHCOFvErjw0DzpPM +LgAIe6szjPTpQOYXTKueuEcUMncy3SgM3hhLX3af+Dk7/E6J2HzFZ++r0rk0X2s682Q2zsKwzxNo +ysjL67XiPS4h3+os1OD5cJZM/2pYmLcX5BtS5X4HAB1f2uY+lQS3aYg5oUFgJWFLlTloYhyxCwWJ +wDaCFCE/rtuh/bxvHGCGtlOUSbkrRsVPACu/obvLP+DHVxxX6NZp+MEkUp2IVd3Chy50I9AU/SpH +Wrumnf2U5NGKpV+GY3aFy6//SSj8gO1MedK75MDvAe5QQQg1I3ArqRa0jG6F6bYRzzHdUyYb3y1a +SgJA/MTAtukxGggo5WDDH8SQjhBiYEQN7Aq+VRhxLKX0srwVYv8c474d2h5Xszx+zYIdkeNL6yxS +NLCK/RJOlrDrcH+eOfdmQrGrrFLadkBXeyq96G4DsguAhYidDMfCd7Camlf0uPoTXGiTOmekl9Ab +mbeGMktg2M7v0Ax/lZ9vh0+Hio5fCHyqW/xavqGRn1V9TrALacywlKinh/LTSlDcX3KwFnUey7QY +Ypqwpzmqm59m2I2mbJYV4+by+PGDYmy7Velhk6M99bFXi08jsJvllGov34zflVEpYKELKeRcVVi3 +qPyZ7iVNTA6z00yPhOgpD/0QVAKFyPnlw4vP5w8CAwEAAaOBhjCBgzAOBgNVHQ8BAf8EBAMCAYYw +HQYDVR0hBBYwFDASBgdghXQBUwIBBgdghXQBUwIBMBIGA1UdEwEB/wQIMAYBAf8CAQcwHQYDVR0O +BBYEFE0mICKJS9PVpAqhb97iEoHF8TwuMB8GA1UdIwQYMBaAFE0mICKJS9PVpAqhb97iEoHF8Twu +MA0GCSqGSIb3DQEBCwUAA4ICAQAyCrKkG8t9voJXiblqf/P0wS4RfbgZPnm3qKhyN2abGu2sEzsO +v2LwnN+ee6FTSA5BesogpxcbtnjsQJHzQq0Qw1zv/2BZf82Fo4s9SBwlAjxnffUy6S8w5X2lejjQ +82YqZh6NM4OKb3xuqFp1mrjX2lhIREeoTPpMSQpKwhI3qEAMw8jh0FcNlzKVxzqfl9NX+Ave5XLz +o9v/tdhZsnPdTSpxsrpJ9csc1fV5yJmz/MFMdOO0vSk3FQQoHt5FRnDsr7p4DooqzgB53MBfGWcs +a0vvaGgLQ+OswWIJ76bdZWGgr4RVSJFSHMYlkSrQwSIjYVmvRRGFHQEkNI/Ps/8XciATwoCqISxx +OQ7Qj1zB09GOInJGTB2Wrk9xseEFKZZZ9LuedT3PDTcNYtsmjGOpI99nBjx8Oto0QuFmtEYE3saW +mA9LSHokMnWRn6z3aOkquVVlzl1h0ydw2Df+n7mvoC5Wt6NlUe07qxS/TFED6F+KBZvuim6c779o ++sjaC+NCydAXFJy3SuCvkychVSa1ZC+N8f+mQAWFBVzKBxlcCxMoTFh/wqXvRdpg065lYZ1Tg3TC +rvJcwhbtkj6EPnNgiLx29CzP0H1907he0ZESEOnN3col49XtmS++dYFLJPlFRpTJKSFTnCZFqhMX +5OfNeOI5wSsSnqaeG8XmDtkx2Q== +-----END CERTIFICATE----- + +Swisscom Root EV CA 2 +===================== +-----BEGIN CERTIFICATE----- +MIIF4DCCA8igAwIBAgIRAPL6ZOJ0Y9ON/RAdBB92ylgwDQYJKoZIhvcNAQELBQAwZzELMAkGA1UE +BhMCY2gxETAPBgNVBAoTCFN3aXNzY29tMSUwIwYDVQQLExxEaWdpdGFsIENlcnRpZmljYXRlIFNl +cnZpY2VzMR4wHAYDVQQDExVTd2lzc2NvbSBSb290IEVWIENBIDIwHhcNMTEwNjI0MDk0NTA4WhcN +MzEwNjI1MDg0NTA4WjBnMQswCQYDVQQGEwJjaDERMA8GA1UEChMIU3dpc3Njb20xJTAjBgNVBAsT +HERpZ2l0YWwgQ2VydGlmaWNhdGUgU2VydmljZXMxHjAcBgNVBAMTFVN3aXNzY29tIFJvb3QgRVYg +Q0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMT3HS9X6lds93BdY7BxUglgRCgz +o3pOCvrY6myLURYaVa5UJsTMRQdBTxB5f3HSek4/OE6zAMaVylvNwSqD1ycfMQ4jFrclyxy0uYAy +Xhqdk/HoPGAsp15XGVhRXrwsVgu42O+LgrQ8uMIkqBPHoCE2G3pXKSinLr9xJZDzRINpUKTk4Rti +GZQJo/PDvO/0vezbE53PnUgJUmfANykRHvvSEaeFGHR55E+FFOtSN+KxRdjMDUN/rhPSays/p8Li +qG12W0OfvrSdsyaGOx9/5fLoZigWJdBLlzin5M8J0TbDC77aO0RYjb7xnglrPvMyxyuHxuxenPaH +Za0zKcQvidm5y8kDnftslFGXEBuGCxobP/YCfnvUxVFkKJ3106yDgYjTdLRZncHrYTNaRdHLOdAG +alNgHa/2+2m8atwBz735j9m9W8E6X47aD0upm50qKGsaCnw8qyIL5XctcfaCNYGu+HuB5ur+rPQa +m3Rc6I8k9l2dRsQs0h4rIWqDJ2dVSqTjyDKXZpBy2uPUZC5f46Fq9mDU5zXNysRojddxyNMkM3Ox +bPlq4SjbX8Y96L5V5jcb7STZDxmPX2MYWFCBUWVv8p9+agTnNCRxunZLWB4ZvRVgRaoMEkABnRDi +xzgHcgplwLa7JSnaFp6LNYth7eVxV4O1PHGf40+/fh6Bn0GXAgMBAAGjgYYwgYMwDgYDVR0PAQH/ +BAQDAgGGMB0GA1UdIQQWMBQwEgYHYIV0AVMCAgYHYIV0AVMCAjASBgNVHRMBAf8ECDAGAQH/AgED +MB0GA1UdDgQWBBRF2aWBbj2ITY1x0kbBbkUe88SAnTAfBgNVHSMEGDAWgBRF2aWBbj2ITY1x0kbB +bkUe88SAnTANBgkqhkiG9w0BAQsFAAOCAgEAlDpzBp9SSzBc1P6xXCX5145v9Ydkn+0UjrgEjihL +j6p7jjm02Vj2e6E1CqGdivdj5eu9OYLU43otb98TPLr+flaYC/NUn81ETm484T4VvwYmneTwkLbU +wp4wLh/vx3rEUMfqe9pQy3omywC0Wqu1kx+AiYQElY2NfwmTv9SoqORjbdlk5LgpWgi/UOGED1V7 +XwgiG/W9mR4U9s70WBCCswo9GcG/W6uqmdjyMb3lOGbcWAXH7WMaLgqXfIeTK7KK4/HsGOV1timH +59yLGn602MnTihdsfSlEvoqq9X46Lmgxk7lq2prg2+kupYTNHAq4Sgj5nPFhJpiTt3tm7JFe3VE/ +23MPrQRYCd0EApUKPtN236YQHoA96M2kZNEzx5LH4k5E4wnJTsJdhw4Snr8PyQUQ3nqjsTzyP6Wq +J3mtMX0f/fwZacXduT98zca0wjAefm6S139hdlqP65VNvBFuIXxZN5nQBrz5Bm0yFqXZaajh3DyA +HmBR3NdUIR7KYndP+tiPsys6DXhyyWhBWkdKwqPrGtcKqzwyVcgKEZzfdNbwQBUdyLmPtTbFr/gi +uMod89a2GQ+fYWVq6nTIfI/DT11lgh/ZDYnadXL77/FHZxOzyNEZiCcmmpl5fx7kLD977vHeTYuW +l8PVP3wbI+2ksx0WckNLIOFZfsLorSa/ovc= +-----END CERTIFICATE----- + +CA Disig Root R1 +================ +-----BEGIN CERTIFICATE----- +MIIFaTCCA1GgAwIBAgIJAMMDmu5QkG4oMA0GCSqGSIb3DQEBBQUAMFIxCzAJBgNVBAYTAlNLMRMw +EQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMuMRkwFwYDVQQDExBDQSBEaXNp +ZyBSb290IFIxMB4XDTEyMDcxOTA5MDY1NloXDTQyMDcxOTA5MDY1NlowUjELMAkGA1UEBhMCU0sx +EzARBgNVBAcTCkJyYXRpc2xhdmExEzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERp +c2lnIFJvb3QgUjEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCqw3j33Jijp1pedxiy +3QRkD2P9m5YJgNXoqqXinCaUOuiZc4yd39ffg/N4T0Dhf9Kn0uXKE5Pn7cZ3Xza1lK/oOI7bm+V8 +u8yN63Vz4STN5qctGS7Y1oprFOsIYgrY3LMATcMjfF9DCCMyEtztDK3AfQ+lekLZWnDZv6fXARz2 +m6uOt0qGeKAeVjGu74IKgEH3G8muqzIm1Cxr7X1r5OJeIgpFy4QxTaz+29FHuvlglzmxZcfe+5nk +CiKxLU3lSCZpq+Kq8/v8kiky6bM+TR8noc2OuRf7JT7JbvN32g0S9l3HuzYQ1VTW8+DiR0jm3hTa +YVKvJrT1cU/J19IG32PK/yHoWQbgCNWEFVP3Q+V8xaCJmGtzxmjOZd69fwX3se72V6FglcXM6pM6 +vpmumwKjrckWtc7dXpl4fho5frLABaTAgqWjR56M6ly2vGfb5ipN0gTco65F97yLnByn1tUD3AjL +LhbKXEAz6GfDLuemROoRRRw1ZS0eRWEkG4IupZ0zXWX4Qfkuy5Q/H6MMMSRE7cderVC6xkGbrPAX +ZcD4XW9boAo0PO7X6oifmPmvTiT6l7Jkdtqr9O3jw2Dv1fkCyC2fg69naQanMVXVz0tv/wQFx1is +XxYb5dKj6zHbHzMVTdDypVP1y+E9Tmgt2BLdqvLmTZtJ5cUoobqwWsagtQIDAQABo0IwQDAPBgNV +HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUiQq0OJMa5qvum5EY+fU8PjXQ +04IwDQYJKoZIhvcNAQEFBQADggIBADKL9p1Kyb4U5YysOMo6CdQbzoaz3evUuii+Eq5FLAR0rBNR +xVgYZk2C2tXck8An4b58n1KeElb21Zyp9HWc+jcSjxyT7Ff+Bw+r1RL3D65hXlaASfX8MPWbTx9B +LxyE04nH4toCdu0Jz2zBuByDHBb6lM19oMgY0sidbvW9adRtPTXoHqJPYNcHKfyyo6SdbhWSVhlM +CrDpfNIZTUJG7L399ldb3Zh+pE3McgODWF3vkzpBemOqfDqo9ayk0d2iLbYq/J8BjuIQscTK5Gfb +VSUZP/3oNn6z4eGBrxEWi1CXYBmCAMBrTXO40RMHPuq2MU/wQppt4hF05ZSsjYSVPCGvxdpHyN85 +YmLLW1AL14FABZyb7bq2ix4Eb5YgOe2kfSnbSM6C3NQCjR0EMVrHS/BsYVLXtFHCgWzN4funodKS +ds+xDzdYpPJScWc/DIh4gInByLUfkmO+p3qKViwaqKactV2zY9ATIKHrkWzQjX2v3wvkF7mGnjix +lAxYjOBVqjtjbZqJYLhkKpLGN/R+Q0O3c+gB53+XD9fyexn9GtePyfqFa3qdnom2piiZk4hA9z7N +UaPK6u95RyG1/jLix8NRb76AdPCkwzryT+lf3xkK8jsTQ6wxpLPn6/wY1gGp8yqPNg7rtLG8t0zJ +a7+h89n07eLw4+1knj0vllJPgFOL +-----END CERTIFICATE----- + +CA Disig Root R2 +================ +-----BEGIN CERTIFICATE----- +MIIFaTCCA1GgAwIBAgIJAJK4iNuwisFjMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNVBAYTAlNLMRMw +EQYDVQQHEwpCcmF0aXNsYXZhMRMwEQYDVQQKEwpEaXNpZyBhLnMuMRkwFwYDVQQDExBDQSBEaXNp +ZyBSb290IFIyMB4XDTEyMDcxOTA5MTUzMFoXDTQyMDcxOTA5MTUzMFowUjELMAkGA1UEBhMCU0sx +EzARBgNVBAcTCkJyYXRpc2xhdmExEzARBgNVBAoTCkRpc2lnIGEucy4xGTAXBgNVBAMTEENBIERp +c2lnIFJvb3QgUjIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCio8QACdaFXS1tFPbC +w3OeNcJxVX6B+6tGUODBfEl45qt5WDza/3wcn9iXAng+a0EE6UG9vgMsRfYvZNSrXaNHPWSb6Wia +xswbP7q+sos0Ai6YVRn8jG+qX9pMzk0DIaPY0jSTVpbLTAwAFjxfGs3Ix2ymrdMxp7zo5eFm1tL7 +A7RBZckQrg4FY8aAamkw/dLukO8NJ9+flXP04SXabBbeQTg06ov80egEFGEtQX6sx3dOy1FU+16S +GBsEWmjGycT6txOgmLcRK7fWV8x8nhfRyyX+hk4kLlYMeE2eARKmK6cBZW58Yh2EhN/qwGu1pSqV +g8NTEQxzHQuyRpDRQjrOQG6Vrf/GlK1ul4SOfW+eioANSW1z4nuSHsPzwfPrLgVv2RvPN3YEyLRa +5Beny912H9AZdugsBbPWnDTYltxhh5EF5EQIM8HauQhl1K6yNg3ruji6DOWbnuuNZt2Zz9aJQfYE +koopKW1rOhzndX0CcQ7zwOe9yxndnWCywmZgtrEE7snmhrmaZkCo5xHtgUUDi/ZnWejBBhG93c+A +Ak9lQHhcR1DIm+YfgXvkRKhbhZri3lrVx/k6RGZL5DJUfORsnLMOPReisjQS1n6yqEm70XooQL6i +Fh/f5DcfEXP7kAplQ6INfPgGAVUzfbANuPT1rqVCV3w2EYx7XsQDnYx5nQIDAQABo0IwQDAPBgNV +HRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUtZn4r7CU9eMg1gqtzk5WpC5u +Qu0wDQYJKoZIhvcNAQELBQADggIBACYGXnDnZTPIgm7ZnBc6G3pmsgH2eDtpXi/q/075KMOYKmFM +tCQSin1tERT3nLXK5ryeJ45MGcipvXrA1zYObYVybqjGom32+nNjf7xueQgcnYqfGopTpti72TVV +sRHFqQOzVju5hJMiXn7B9hJSi+osZ7z+Nkz1uM/Rs0mSO9MpDpkblvdhuDvEK7Z4bLQjb/D907Je +dR+Zlais9trhxTF7+9FGs9K8Z7RiVLoJ92Owk6Ka+elSLotgEqv89WBW7xBci8QaQtyDW2QOy7W8 +1k/BfDxujRNt+3vrMNDcTa/F1balTFtxyegxvug4BkihGuLq0t4SOVga/4AOgnXmt8kHbA7v/zjx +mHHEt38OFdAlab0inSvtBfZGR6ztwPDUO+Ls7pZbkBNOHlY667DvlruWIxG68kOGdGSVyCh13x01 +utI3gzhTODY7z2zp+WsO0PsE6E9312UBeIYMej4hYvF/Y3EMyZ9E26gnonW+boE+18DrG5gPcFw0 +sorMwIUY6256s/daoQe/qUKS82Ail+QUoQebTnbAjn39pCXHR+3/H3OszMOl6W8KjptlwlCFtaOg +UxLMVYdh84GuEEZhvUQhuMI9dM9+JDX6HAcOmz0iyu8xL4ysEr3vQCj8KWefshNPZiTEUxnpHikV +7+ZtsH8tZ/3zbBt1RqPlShfppNcL +-----END CERTIFICATE----- + +ACCVRAIZ1 +========= +-----BEGIN CERTIFICATE----- +MIIH0zCCBbugAwIBAgIIXsO3pkN/pOAwDQYJKoZIhvcNAQEFBQAwQjESMBAGA1UEAwwJQUNDVlJB +SVoxMRAwDgYDVQQLDAdQS0lBQ0NWMQ0wCwYDVQQKDARBQ0NWMQswCQYDVQQGEwJFUzAeFw0xMTA1 +MDUwOTM3MzdaFw0zMDEyMzEwOTM3MzdaMEIxEjAQBgNVBAMMCUFDQ1ZSQUlaMTEQMA4GA1UECwwH +UEtJQUNDVjENMAsGA1UECgwEQUNDVjELMAkGA1UEBhMCRVMwggIiMA0GCSqGSIb3DQEBAQUAA4IC +DwAwggIKAoICAQCbqau/YUqXry+XZpp0X9DZlv3P4uRm7x8fRzPCRKPfmt4ftVTdFXxpNRFvu8gM +jmoYHtiP2Ra8EEg2XPBjs5BaXCQ316PWywlxufEBcoSwfdtNgM3802/J+Nq2DoLSRYWoG2ioPej0 +RGy9ocLLA76MPhMAhN9KSMDjIgro6TenGEyxCQ0jVn8ETdkXhBilyNpAlHPrzg5XPAOBOp0KoVdD +aaxXbXmQeOW1tDvYvEyNKKGno6e6Ak4l0Squ7a4DIrhrIA8wKFSVf+DuzgpmndFALW4ir50awQUZ +0m/A8p/4e7MCQvtQqR0tkw8jq8bBD5L/0KIV9VMJcRz/RROE5iZe+OCIHAr8Fraocwa48GOEAqDG +WuzndN9wrqODJerWx5eHk6fGioozl2A3ED6XPm4pFdahD9GILBKfb6qkxkLrQaLjlUPTAYVtjrs7 +8yM2x/474KElB0iryYl0/wiPgL/AlmXz7uxLaL2diMMxs0Dx6M/2OLuc5NF/1OVYm3z61PMOm3WR +5LpSLhl+0fXNWhn8ugb2+1KoS5kE3fj5tItQo05iifCHJPqDQsGH+tUtKSpacXpkatcnYGMN285J +9Y0fkIkyF/hzQ7jSWpOGYdbhdQrqeWZ2iE9x6wQl1gpaepPluUsXQA+xtrn13k/c4LOsOxFwYIRK +Q26ZIMApcQrAZQIDAQABo4ICyzCCAscwfQYIKwYBBQUHAQEEcTBvMEwGCCsGAQUFBzAChkBodHRw +Oi8vd3d3LmFjY3YuZXMvZmlsZWFkbWluL0FyY2hpdm9zL2NlcnRpZmljYWRvcy9yYWl6YWNjdjEu +Y3J0MB8GCCsGAQUFBzABhhNodHRwOi8vb2NzcC5hY2N2LmVzMB0GA1UdDgQWBBTSh7Tj3zcnk1X2 +VuqB5TbMjB4/vTAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFNKHtOPfNyeTVfZW6oHlNsyM +Hj+9MIIBcwYDVR0gBIIBajCCAWYwggFiBgRVHSAAMIIBWDCCASIGCCsGAQUFBwICMIIBFB6CARAA +QQB1AHQAbwByAGkAZABhAGQAIABkAGUAIABDAGUAcgB0AGkAZgBpAGMAYQBjAGkA8wBuACAAUgBh +AO0AegAgAGQAZQAgAGwAYQAgAEEAQwBDAFYAIAAoAEEAZwBlAG4AYwBpAGEAIABkAGUAIABUAGUA +YwBuAG8AbABvAGcA7QBhACAAeQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzAG4AIABFAGwAZQBj +AHQAcgDzAG4AaQBjAGEALAAgAEMASQBGACAAUQA0ADYAMAAxADEANQA2AEUAKQAuACAAQwBQAFMA +IABlAG4AIABoAHQAdABwADoALwAvAHcAdwB3AC4AYQBjAGMAdgAuAGUAczAwBggrBgEFBQcCARYk +aHR0cDovL3d3dy5hY2N2LmVzL2xlZ2lzbGFjaW9uX2MuaHRtMFUGA1UdHwROMEwwSqBIoEaGRGh0 +dHA6Ly93d3cuYWNjdi5lcy9maWxlYWRtaW4vQXJjaGl2b3MvY2VydGlmaWNhZG9zL3JhaXphY2N2 +MV9kZXIuY3JsMA4GA1UdDwEB/wQEAwIBBjAXBgNVHREEEDAOgQxhY2N2QGFjY3YuZXMwDQYJKoZI +hvcNAQEFBQADggIBAJcxAp/n/UNnSEQU5CmH7UwoZtCPNdpNYbdKl02125DgBS4OxnnQ8pdpD70E +R9m+27Up2pvZrqmZ1dM8MJP1jaGo/AaNRPTKFpV8M9xii6g3+CfYCS0b78gUJyCpZET/LtZ1qmxN +YEAZSUNUY9rizLpm5U9EelvZaoErQNV/+QEnWCzI7UiRfD+mAM/EKXMRNt6GGT6d7hmKG9Ww7Y49 +nCrADdg9ZuM8Db3VlFzi4qc1GwQA9j9ajepDvV+JHanBsMyZ4k0ACtrJJ1vnE5Bc5PUzolVt3OAJ +TS+xJlsndQAJxGJ3KQhfnlmstn6tn1QwIgPBHnFk/vk4CpYY3QIUrCPLBhwepH2NDd4nQeit2hW3 +sCPdK6jT2iWH7ehVRE2I9DZ+hJp4rPcOVkkO1jMl1oRQQmwgEh0q1b688nCBpHBgvgW1m54ERL5h +I6zppSSMEYCUWqKiuUnSwdzRp+0xESyeGabu4VXhwOrPDYTkF7eifKXeVSUG7szAh1xA2syVP1Xg +Nce4hL60Xc16gwFy7ofmXx2utYXGJt/mwZrpHgJHnyqobalbz+xFd3+YJ5oyXSrjhO7FmGYvliAd +3djDJ9ew+f7Zfc3Qn48LFFhRny+Lwzgt3uiP1o2HpPVWQxaZLPSkVrQ0uGE3ycJYgBugl6H8WY3p +EfbRD0tVNEYqi4Y7 +-----END CERTIFICATE----- + +TWCA Global Root CA +=================== +-----BEGIN CERTIFICATE----- +MIIFQTCCAymgAwIBAgICDL4wDQYJKoZIhvcNAQELBQAwUTELMAkGA1UEBhMCVFcxEjAQBgNVBAoT +CVRBSVdBTi1DQTEQMA4GA1UECxMHUm9vdCBDQTEcMBoGA1UEAxMTVFdDQSBHbG9iYWwgUm9vdCBD +QTAeFw0xMjA2MjcwNjI4MzNaFw0zMDEyMzExNTU5NTlaMFExCzAJBgNVBAYTAlRXMRIwEAYDVQQK +EwlUQUlXQU4tQ0ExEDAOBgNVBAsTB1Jvb3QgQ0ExHDAaBgNVBAMTE1RXQ0EgR2xvYmFsIFJvb3Qg +Q0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCwBdvI64zEbooh745NnHEKH1Jw7W2C +nJfF10xORUnLQEK1EjRsGcJ0pDFfhQKX7EMzClPSnIyOt7h52yvVavKOZsTuKwEHktSz0ALfUPZV +r2YOy+BHYC8rMjk1Ujoog/h7FsYYuGLWRyWRzvAZEk2tY/XTP3VfKfChMBwqoJimFb3u/Rk28OKR +Q4/6ytYQJ0lM793B8YVwm8rqqFpD/G2Gb3PpN0Wp8DbHzIh1HrtsBv+baz4X7GGqcXzGHaL3SekV +tTzWoWH1EfcFbx39Eb7QMAfCKbAJTibc46KokWofwpFFiFzlmLhxpRUZyXx1EcxwdE8tmx2RRP1W +KKD+u4ZqyPpcC1jcxkt2yKsi2XMPpfRaAok/T54igu6idFMqPVMnaR1sjjIsZAAmY2E2TqNGtz99 +sy2sbZCilaLOz9qC5wc0GZbpuCGqKX6mOL6OKUohZnkfs8O1CWfe1tQHRvMq2uYiN2DLgbYPoA/p +yJV/v1WRBXrPPRXAb94JlAGD1zQbzECl8LibZ9WYkTunhHiVJqRaCPgrdLQABDzfuBSO6N+pjWxn +kjMdwLfS7JLIvgm/LCkFbwJrnu+8vyq8W8BQj0FwcYeyTbcEqYSjMq+u7msXi7Kx/mzhkIyIqJdI +zshNy/MGz19qCkKxHh53L46g5pIOBvwFItIm4TFRfTLcDwIDAQABoyMwITAOBgNVHQ8BAf8EBAMC +AQYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAgEAXzSBdu+WHdXltdkCY4QWwa6g +cFGn90xHNcgL1yg9iXHZqjNB6hQbbCEAwGxCGX6faVsgQt+i0trEfJdLjbDorMjupWkEmQqSpqsn +LhpNgb+E1HAerUf+/UqdM+DyucRFCCEK2mlpc3INvjT+lIutwx4116KD7+U4x6WFH6vPNOw/KP4M +8VeGTslV9xzU2KV9Bnpv1d8Q34FOIWWxtuEXeZVFBs5fzNxGiWNoRI2T9GRwoD2dKAXDOXC4Ynsg +/eTb6QihuJ49CcdP+yz4k3ZB3lLg4VfSnQO8d57+nile98FRYB/e2guyLXW3Q0iT5/Z5xoRdgFlg +lPx4mI88k1HtQJAH32RjJMtOcQWh15QaiDLxInQirqWm2BJpTGCjAu4r7NRjkgtevi92a6O2JryP +A9gK8kxkRr05YuWW6zRjESjMlfGt7+/cgFhI6Uu46mWs6fyAtbXIRfmswZ/ZuepiiI7E8UuDEq3m +i4TWnsLrgxifarsbJGAzcMzs9zLzXNl5fe+epP7JI8Mk7hWSsT2RTyaGvWZzJBPqpK5jwa19hAM8 +EHiGG3njxPPyBJUgriOCxLM6AGK/5jYk4Ve6xx6QddVfP5VhK8E7zeWzaGHQRiapIVJpLesux+t3 +zqY6tQMzT3bR51xUAV3LePTJDL/PEo4XLSNolOer/qmyKwbQBM0= +-----END CERTIFICATE----- + +TeliaSonera Root CA v1 +====================== +-----BEGIN CERTIFICATE----- +MIIFODCCAyCgAwIBAgIRAJW+FqD3LkbxezmCcvqLzZYwDQYJKoZIhvcNAQEFBQAwNzEUMBIGA1UE +CgwLVGVsaWFTb25lcmExHzAdBgNVBAMMFlRlbGlhU29uZXJhIFJvb3QgQ0EgdjEwHhcNMDcxMDE4 +MTIwMDUwWhcNMzIxMDE4MTIwMDUwWjA3MRQwEgYDVQQKDAtUZWxpYVNvbmVyYTEfMB0GA1UEAwwW +VGVsaWFTb25lcmEgUm9vdCBDQSB2MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMK+ +6yfwIaPzaSZVfp3FVRaRXP3vIb9TgHot0pGMYzHw7CTww6XScnwQbfQ3t+XmfHnqjLWCi65ItqwA +3GV17CpNX8GH9SBlK4GoRz6JI5UwFpB/6FcHSOcZrr9FZ7E3GwYq/t75rH2D+1665I+XZ75Ljo1k +B1c4VWk0Nj0TSO9P4tNmHqTPGrdeNjPUtAa9GAH9d4RQAEX1jF3oI7x+/jXh7VB7qTCNGdMJjmhn +Xb88lxhTuylixcpecsHHltTbLaC0H2kD7OriUPEMPPCs81Mt8Bz17Ww5OXOAFshSsCPN4D7c3TxH +oLs1iuKYaIu+5b9y7tL6pe0S7fyYGKkmdtwoSxAgHNN/Fnct7W+A90m7UwW7XWjH1Mh1Fj+JWov3 +F0fUTPHSiXk+TT2YqGHeOh7S+F4D4MHJHIzTjU3TlTazN19jY5szFPAtJmtTfImMMsJu7D0hADnJ +oWjiUIMusDor8zagrC/kb2HCUQk5PotTubtn2txTuXZZNp1D5SDgPTJghSJRt8czu90VL6R4pgd7 +gUY2BIbdeTXHlSw7sKMXNeVzH7RcWe/a6hBle3rQf5+ztCo3O3CLm1u5K7fsslESl1MpWtTwEhDc +TwK7EpIvYtQ/aUN8Ddb8WHUBiJ1YFkveupD/RwGJBmr2X7KQarMCpgKIv7NHfirZ1fpoeDVNAgMB +AAGjPzA9MA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBTwj1k4ALP1j5qW +DNXr+nuqF+gTEjANBgkqhkiG9w0BAQUFAAOCAgEAvuRcYk4k9AwI//DTDGjkk0kiP0Qnb7tt3oNm +zqjMDfz1mgbldxSR651Be5kqhOX//CHBXfDkH1e3damhXwIm/9fH907eT/j3HEbAek9ALCI18Bmx +0GtnLLCo4MBANzX2hFxc469CeP6nyQ1Q6g2EdvZR74NTxnr/DlZJLo961gzmJ1TjTQpgcmLNkQfW +pb/ImWvtxBnmq0wROMVvMeJuScg/doAmAyYp4Db29iBT4xdwNBedY2gea+zDTYa4EzAvXUYNR0PV +G6pZDrlcjQZIrXSHX8f8MVRBE+LHIQ6e4B4N4cB7Q4WQxYpYxmUKeFfyxiMPAdkgS94P+5KFdSpc +c41teyWRyu5FrgZLAMzTsVlQ2jqIOylDRl6XK1TOU2+NSueW+r9xDkKLfP0ooNBIytrEgUy7onOT +JsjrDNYmiLbAJM+7vVvrdX3pCI6GMyx5dwlppYn8s3CQh3aP0yK7Qs69cwsgJirQmz1wHiRszYd2 +qReWt88NkvuOGKmYSdGe/mBEciG5Ge3C9THxOUiIkCR1VBatzvT4aRRkOfujuLpwQMcnHL/EVlP6 +Y2XQ8xwOFvVrhlhNGNTkDY6lnVuR3HYkUD/GKvvZt5y11ubQ2egZixVxSK236thZiNSQvxaz2ems +WWFUyBy6ysHK4bkgTI86k4mloMy/0/Z1pHWWbVY= +-----END CERTIFICATE----- + +E-Tugra Certification Authority +=============================== +-----BEGIN CERTIFICATE----- +MIIGSzCCBDOgAwIBAgIIamg+nFGby1MwDQYJKoZIhvcNAQELBQAwgbIxCzAJBgNVBAYTAlRSMQ8w +DQYDVQQHDAZBbmthcmExQDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamls +ZXJpIHZlIEhpem1ldGxlcmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBN +ZXJrZXppMSgwJgYDVQQDDB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTEzMDMw +NTEyMDk0OFoXDTIzMDMwMzEyMDk0OFowgbIxCzAJBgNVBAYTAlRSMQ8wDQYDVQQHDAZBbmthcmEx +QDA+BgNVBAoMN0UtVHXEn3JhIEVCRyBCaWxpxZ9pbSBUZWtub2xvamlsZXJpIHZlIEhpem1ldGxl +cmkgQS7Fni4xJjAkBgNVBAsMHUUtVHVncmEgU2VydGlmaWthc3lvbiBNZXJrZXppMSgwJgYDVQQD +DB9FLVR1Z3JhIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkqhkiG9w0BAQEFAAOCAg8A +MIICCgKCAgEA4vU/kwVRHoViVF56C/UYB4Oufq9899SKa6VjQzm5S/fDxmSJPZQuVIBSOTkHS0vd +hQd2h8y/L5VMzH2nPbxHD5hw+IyFHnSOkm0bQNGZDbt1bsipa5rAhDGvykPL6ys06I+XawGb1Q5K +CKpbknSFQ9OArqGIW66z6l7LFpp3RMih9lRozt6Plyu6W0ACDGQXwLWTzeHxE2bODHnv0ZEoq1+g +ElIwcxmOj+GMB6LDu0rw6h8VqO4lzKRG+Bsi77MOQ7osJLjFLFzUHPhdZL3Dk14opz8n8Y4e0ypQ +BaNV2cvnOVPAmJ6MVGKLJrD3fY185MaeZkJVgkfnsliNZvcHfC425lAcP9tDJMW/hkd5s3kc91r0 +E+xs+D/iWR+V7kI+ua2oMoVJl0b+SzGPWsutdEcf6ZG33ygEIqDUD13ieU/qbIWGvaimzuT6w+Gz +rt48Ue7LE3wBf4QOXVGUnhMMti6lTPk5cDZvlsouDERVxcr6XQKj39ZkjFqzAQqptQpHF//vkUAq +jqFGOjGY5RH8zLtJVor8udBhmm9lbObDyz51Sf6Pp+KJxWfXnUYTTjF2OySznhFlhqt/7x3U+Lzn +rFpct1pHXFXOVbQicVtbC/DP3KBhZOqp12gKY6fgDT+gr9Oq0n7vUaDmUStVkhUXU8u3Zg5mTPj5 +dUyQ5xJwx0UCAwEAAaNjMGEwHQYDVR0OBBYEFC7j27JJ0JxUeVz6Jyr+zE7S6E5UMA8GA1UdEwEB +/wQFMAMBAf8wHwYDVR0jBBgwFoAULuPbsknQnFR5XPonKv7MTtLoTlQwDgYDVR0PAQH/BAQDAgEG +MA0GCSqGSIb3DQEBCwUAA4ICAQAFNzr0TbdF4kV1JI+2d1LoHNgQk2Xz8lkGpD4eKexd0dCrfOAK +kEh47U6YA5n+KGCRHTAduGN8qOY1tfrTYXbm1gdLymmasoR6d5NFFxWfJNCYExL/u6Au/U5Mh/jO +XKqYGwXgAEZKgoClM4so3O0409/lPun++1ndYYRP0lSWE2ETPo+Aab6TR7U1Q9Jauz1c77NCR807 +VRMGsAnb/WP2OogKmW9+4c4bU2pEZiNRCHu8W1Ki/QY3OEBhj0qWuJA3+GbHeJAAFS6LrVE1Uweo +a2iu+U48BybNCAVwzDk/dr2l02cmAYamU9JgO3xDf1WKvJUawSg5TB9D0pH0clmKuVb8P7Sd2nCc +dlqMQ1DujjByTd//SffGqWfZbawCEeI6FiWnWAjLb1NBnEg4R2gz0dfHj9R0IdTDBZB6/86WiLEV +KV0jq9BgoRJP3vQXzTLlyb/IQ639Lo7xr+L0mPoSHyDYwKcMhcWQ9DstliaxLL5Mq+ux0orJ23gT +Dx4JnW2PAJ8C2sH6H3p6CcRK5ogql5+Ji/03X186zjhZhkuvcQu02PJwT58yE+Owp1fl2tpDy4Q0 +8ijE6m30Ku/Ba3ba+367hTzSU8JNvnHhRdH9I2cNE3X7z2VnIp2usAnRCf8dNL/+I5c30jn6PQ0G +C7TbO6Orb1wdtn7os4I07QZcJA== +-----END CERTIFICATE----- + +T-TeleSec GlobalRoot Class 2 +============================ +-----BEGIN CERTIFICATE----- +MIIDwzCCAqugAwIBAgIBATANBgkqhkiG9w0BAQsFADCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoM +IlQtU3lzdGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBU +cnVzdCBDZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwHhcNMDgx +MDAxMTA0MDE0WhcNMzMxMDAxMjM1OTU5WjCBgjELMAkGA1UEBhMCREUxKzApBgNVBAoMIlQtU3lz +dGVtcyBFbnRlcnByaXNlIFNlcnZpY2VzIEdtYkgxHzAdBgNVBAsMFlQtU3lzdGVtcyBUcnVzdCBD +ZW50ZXIxJTAjBgNVBAMMHFQtVGVsZVNlYyBHbG9iYWxSb290IENsYXNzIDIwggEiMA0GCSqGSIb3 +DQEBAQUAA4IBDwAwggEKAoIBAQCqX9obX+hzkeXaXPSi5kfl82hVYAUdAqSzm1nzHoqvNK38DcLZ +SBnuaY/JIPwhqgcZ7bBcrGXHX+0CfHt8LRvWurmAwhiCFoT6ZrAIxlQjgeTNuUk/9k9uN0goOA/F +vudocP05l03Sx5iRUKrERLMjfTlH6VJi1hKTXrcxlkIF+3anHqP1wvzpesVsqXFP6st4vGCvx970 +2cu+fjOlbpSD8DT6IavqjnKgP6TeMFvvhk1qlVtDRKgQFRzlAVfFmPHmBiiRqiDFt1MmUUOyCxGV +WOHAD3bZwI18gfNycJ5v/hqO2V81xrJvNHy+SE/iWjnX2J14np+GPgNeGYtEotXHAgMBAAGjQjBA +MA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBS/WSA2AHmgoCJrjNXy +YdK4LMuCSjANBgkqhkiG9w0BAQsFAAOCAQEAMQOiYQsfdOhyNsZt+U2e+iKo4YFWz827n+qrkRk4 +r6p8FU3ztqONpfSO9kSpp+ghla0+AGIWiPACuvxhI+YzmzB6azZie60EI4RYZeLbK4rnJVM3YlNf +vNoBYimipidx5joifsFvHZVwIEoHNN/q/xWA5brXethbdXwFeilHfkCoMRN3zUA7tFFHei4R40cR +3p1m0IvVVGb6g1XqfMIpiRvpb7PO4gWEyS8+eIVibslfwXhjdFjASBgMmTnrpMwatXlajRWc2BQN +9noHV8cigwUtPJslJj0Ys6lDfMjIq2SPDqO/nBudMNva0Bkuqjzx+zOAduTNrRlPBSeOE6Fuwg== +-----END CERTIFICATE----- + +Atos TrustedRoot 2011 +===================== +-----BEGIN CERTIFICATE----- +MIIDdzCCAl+gAwIBAgIIXDPLYixfszIwDQYJKoZIhvcNAQELBQAwPDEeMBwGA1UEAwwVQXRvcyBU +cnVzdGVkUm9vdCAyMDExMQ0wCwYDVQQKDARBdG9zMQswCQYDVQQGEwJERTAeFw0xMTA3MDcxNDU4 +MzBaFw0zMDEyMzEyMzU5NTlaMDwxHjAcBgNVBAMMFUF0b3MgVHJ1c3RlZFJvb3QgMjAxMTENMAsG +A1UECgwEQXRvczELMAkGA1UEBhMCREUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV +hTuXbyo7LjvPpvMpNb7PGKw+qtn4TaA+Gke5vJrf8v7MPkfoepbCJI419KkM/IL9bcFyYie96mvr +54rMVD6QUM+A1JX76LWC1BTFtqlVJVfbsVD2sGBkWXppzwO3bw2+yj5vdHLqqjAqc2K+SZFhyBH+ +DgMq92og3AIVDV4VavzjgsG1xZ1kCWyjWZgHJ8cblithdHFsQ/H3NYkQ4J7sVaE3IqKHBAUsR320 +HLliKWYoyrfhk/WklAOZuXCFteZI6o1Q/NnezG8HDt0Lcp2AMBYHlT8oDv3FdU9T1nSatCQujgKR +z3bFmx5VdJx4IbHwLfELn8LVlhgf8FQieowHAgMBAAGjfTB7MB0GA1UdDgQWBBSnpQaxLKYJYO7R +l+lwrrw7GWzbITAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFKelBrEspglg7tGX6XCuvDsZ +bNshMBgGA1UdIAQRMA8wDQYLKwYBBAGwLQMEAQEwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEB +CwUAA4IBAQAmdzTblEiGKkGdLD4GkGDEjKwLVLgfuXvTBznk+j57sj1O7Z8jvZfza1zv7v1Apt+h +k6EKhqzvINB5Ab149xnYJDE0BAGmuhWawyfc2E8PzBhj/5kPDpFrdRbhIfzYJsdHt6bPWHJxfrrh +TZVHO8mvbaG0weyJ9rQPOLXiZNwlz6bb65pcmaHFCN795trV1lpFDMS3wrUU77QR/w4VtfX128a9 +61qn8FYiqTxlVMYVqL2Gns2Dlmh6cYGJ4Qvh6hEbaAjMaZ7snkGeRDImeuKHCnE96+RapNLbxc3G +3mB/ufNPRJLvKrcYPqcZ2Qt9sTdBQrC6YB3y/gkRsPCHe6ed +-----END CERTIFICATE----- + +QuoVadis Root CA 1 G3 +===================== +-----BEGIN CERTIFICATE----- +MIIFYDCCA0igAwIBAgIUeFhfLq0sGUvjNwc1NBMotZbUZZMwDQYJKoZIhvcNAQELBQAwSDELMAkG +A1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAcBgNVBAMTFVF1b1ZhZGlzIFJv +b3QgQ0EgMSBHMzAeFw0xMjAxMTIxNzI3NDRaFw00MjAxMTIxNzI3NDRaMEgxCzAJBgNVBAYTAkJN +MRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDEg +RzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCgvlAQjunybEC0BJyFuTHK3C3kEakE +PBtVwedYMB0ktMPvhd6MLOHBPd+C5k+tR4ds7FtJwUrVu4/sh6x/gpqG7D0DmVIB0jWerNrwU8lm +PNSsAgHaJNM7qAJGr6Qc4/hzWHa39g6QDbXwz8z6+cZM5cOGMAqNF34168Xfuw6cwI2H44g4hWf6 +Pser4BOcBRiYz5P1sZK0/CPTz9XEJ0ngnjybCKOLXSoh4Pw5qlPafX7PGglTvF0FBM+hSo+LdoIN +ofjSxxR3W5A2B4GbPgb6Ul5jxaYA/qXpUhtStZI5cgMJYr2wYBZupt0lwgNm3fME0UDiTouG9G/l +g6AnhF4EwfWQvTA9xO+oabw4m6SkltFi2mnAAZauy8RRNOoMqv8hjlmPSlzkYZqn0ukqeI1RPToV +7qJZjqlc3sX5kCLliEVx3ZGZbHqfPT2YfF72vhZooF6uCyP8Wg+qInYtyaEQHeTTRCOQiJ/GKubX +9ZqzWB4vMIkIG1SitZgj7Ah3HJVdYdHLiZxfokqRmu8hqkkWCKi9YSgxyXSthfbZxbGL0eUQMk1f +iyA6PEkfM4VZDdvLCXVDaXP7a3F98N/ETH3Goy7IlXnLc6KOTk0k+17kBL5yG6YnLUlamXrXXAkg +t3+UuU/xDRxeiEIbEbfnkduebPRq34wGmAOtzCjvpUfzUwIDAQABo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUo5fW816iEOGrRZ88F2Q87gFwnMwwDQYJKoZI +hvcNAQELBQADggIBABj6W3X8PnrHX3fHyt/PX8MSxEBd1DKquGrX1RUVRpgjpeaQWxiZTOOtQqOC +MTaIzen7xASWSIsBx40Bz1szBpZGZnQdT+3Btrm0DWHMY37XLneMlhwqI2hrhVd2cDMT/uFPpiN3 +GPoajOi9ZcnPP/TJF9zrx7zABC4tRi9pZsMbj/7sPtPKlL92CiUNqXsCHKnQO18LwIE6PWThv6ct +Tr1NxNgpxiIY0MWscgKCP6o6ojoilzHdCGPDdRS5YCgtW2jgFqlmgiNR9etT2DGbe+m3nUvriBbP ++V04ikkwj+3x6xn0dxoxGE1nVGwvb2X52z3sIexe9PSLymBlVNFxZPT5pqOBMzYzcfCkeF9OrYMh +3jRJjehZrJ3ydlo28hP0r+AJx2EqbPfgna67hkooby7utHnNkDPDs3b69fBsnQGQ+p6Q9pxyz0fa +wx/kNSBT8lTR32GDpgLiJTjehTItXnOQUl1CxM49S+H5GYQd1aJQzEH7QRTDvdbJWqNjZgKAvQU6 +O0ec7AAmTPWIUb+oI38YB7AL7YsmoWTTYUrrXJ/es69nA7Mf3W1daWhpq1467HxpvMc7hU6eFbm0 +FU/DlXpY18ls6Wy58yljXrQs8C097Vpl4KlbQMJImYFtnh8GKjwStIsPm6Ik8KaN1nrgS7ZklmOV +hMJKzRwuJIczYOXD +-----END CERTIFICATE----- + +QuoVadis Root CA 2 G3 +===================== +-----BEGIN CERTIFICATE----- +MIIFYDCCA0igAwIBAgIURFc0JFuBiZs18s64KztbpybwdSgwDQYJKoZIhvcNAQELBQAwSDELMAkG +A1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAcBgNVBAMTFVF1b1ZhZGlzIFJv +b3QgQ0EgMiBHMzAeFw0xMjAxMTIxODU5MzJaFw00MjAxMTIxODU5MzJaMEgxCzAJBgNVBAYTAkJN +MRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDIg +RzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQChriWyARjcV4g/Ruv5r+LrI3HimtFh +ZiFfqq8nUeVuGxbULX1QsFN3vXg6YOJkApt8hpvWGo6t/x8Vf9WVHhLL5hSEBMHfNrMWn4rjyduY +NM7YMxcoRvynyfDStNVNCXJJ+fKH46nafaF9a7I6JaltUkSs+L5u+9ymc5GQYaYDFCDy54ejiK2t +oIz/pgslUiXnFgHVy7g1gQyjO/Dh4fxaXc6AcW34Sas+O7q414AB+6XrW7PFXmAqMaCvN+ggOp+o +MiwMzAkd056OXbxMmO7FGmh77FOm6RQ1o9/NgJ8MSPsc9PG/Srj61YxxSscfrf5BmrODXfKEVu+l +V0POKa2Mq1W/xPtbAd0jIaFYAI7D0GoT7RPjEiuA3GfmlbLNHiJuKvhB1PLKFAeNilUSxmn1uIZo +L1NesNKqIcGY5jDjZ1XHm26sGahVpkUG0CM62+tlXSoREfA7T8pt9DTEceT/AFr2XK4jYIVz8eQQ +sSWu1ZK7E8EM4DnatDlXtas1qnIhO4M15zHfeiFuuDIIfR0ykRVKYnLP43ehvNURG3YBZwjgQQvD +6xVu+KQZ2aKrr+InUlYrAoosFCT5v0ICvybIxo/gbjh9Uy3l7ZizlWNof/k19N+IxWA1ksB8aRxh +lRbQ694Lrz4EEEVlWFA4r0jyWbYW8jwNkALGcC4BrTwV1wIDAQABo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQU7edvdlq/YOxJW8ald7tyFnGbxD0wDQYJKoZI +hvcNAQELBQADggIBAJHfgD9DCX5xwvfrs4iP4VGyvD11+ShdyLyZm3tdquXK4Qr36LLTn91nMX66 +AarHakE7kNQIXLJgapDwyM4DYvmL7ftuKtwGTTwpD4kWilhMSA/ohGHqPHKmd+RCroijQ1h5fq7K +pVMNqT1wvSAZYaRsOPxDMuHBR//47PERIjKWnML2W2mWeyAMQ0GaW/ZZGYjeVYg3UQt4XAoeo0L9 +x52ID8DyeAIkVJOviYeIyUqAHerQbj5hLja7NQ4nlv1mNDthcnPxFlxHBlRJAHpYErAK74X9sbgz +dWqTHBLmYF5vHX/JHyPLhGGfHoJE+V+tYlUkmlKY7VHnoX6XOuYvHxHaU4AshZ6rNRDbIl9qxV6X +U/IyAgkwo1jwDQHVcsaxfGl7w/U2Rcxhbl5MlMVerugOXou/983g7aEOGzPuVBj+D77vfoRrQ+Nw +mNtddbINWQeFFSM51vHfqSYP1kjHs6Yi9TM3WpVHn3u6GBVv/9YUZINJ0gpnIdsPNWNgKCLjsZWD +zYWm3S8P52dSbrsvhXz1SnPnxT7AvSESBT/8twNJAlvIJebiVDj1eYeMHVOyToV7BjjHLPj4sHKN +JeV3UvQDHEimUF+IIDBu8oJDqz2XhOdT+yHBTw8imoa4WSr2Rz0ZiC3oheGe7IUIarFsNMkd7Egr +O3jtZsSOeWmD3n+M +-----END CERTIFICATE----- + +QuoVadis Root CA 3 G3 +===================== +-----BEGIN CERTIFICATE----- +MIIFYDCCA0igAwIBAgIULvWbAiin23r/1aOp7r0DoM8Sah0wDQYJKoZIhvcNAQELBQAwSDELMAkG +A1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHjAcBgNVBAMTFVF1b1ZhZGlzIFJv +b3QgQ0EgMyBHMzAeFw0xMjAxMTIyMDI2MzJaFw00MjAxMTIyMDI2MzJaMEgxCzAJBgNVBAYTAkJN +MRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMR4wHAYDVQQDExVRdW9WYWRpcyBSb290IENBIDMg +RzMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCzyw4QZ47qFJenMioKVjZ/aEzHs286 +IxSR/xl/pcqs7rN2nXrpixurazHb+gtTTK/FpRp5PIpM/6zfJd5O2YIyC0TeytuMrKNuFoM7pmRL +Mon7FhY4futD4tN0SsJiCnMK3UmzV9KwCoWdcTzeo8vAMvMBOSBDGzXRU7Ox7sWTaYI+FrUoRqHe +6okJ7UO4BUaKhvVZR74bbwEhELn9qdIoyhA5CcoTNs+cra1AdHkrAj80//ogaX3T7mH1urPnMNA3 +I4ZyYUUpSFlob3emLoG+B01vr87ERRORFHAGjx+f+IdpsQ7vw4kZ6+ocYfx6bIrc1gMLnia6Et3U +VDmrJqMz6nWB2i3ND0/kA9HvFZcba5DFApCTZgIhsUfei5pKgLlVj7WiL8DWM2fafsSntARE60f7 +5li59wzweyuxwHApw0BiLTtIadwjPEjrewl5qW3aqDCYz4ByA4imW0aucnl8CAMhZa634RylsSqi +Md5mBPfAdOhx3v89WcyWJhKLhZVXGqtrdQtEPREoPHtht+KPZ0/l7DxMYIBpVzgeAVuNVejH38DM +dyM0SXV89pgR6y3e7UEuFAUCf+D+IOs15xGsIs5XPd7JMG0QA4XN8f+MFrXBsj6IbGB/kE+V9/Yt +rQE5BwT6dYB9v0lQ7e/JxHwc64B+27bQ3RP+ydOc17KXqQIDAQABo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUxhfQvKjqAkPyGwaZXSuQILnXnOQwDQYJKoZI +hvcNAQELBQADggIBADRh2Va1EodVTd2jNTFGu6QHcrxfYWLopfsLN7E8trP6KZ1/AvWkyaiTt3px +KGmPc+FSkNrVvjrlt3ZqVoAh313m6Tqe5T72omnHKgqwGEfcIHB9UqM+WXzBusnIFUBhynLWcKzS +t/Ac5IYp8M7vaGPQtSCKFWGafoaYtMnCdvvMujAWzKNhxnQT5WvvoxXqA/4Ti2Tk08HS6IT7SdEQ +TXlm66r99I0xHnAUrdzeZxNMgRVhvLfZkXdxGYFgu/BYpbWcC/ePIlUnwEsBbTuZDdQdm2NnL9Du +DcpmvJRPpq3t/O5jrFc/ZSXPsoaP0Aj/uHYUbt7lJ+yreLVTubY/6CD50qi+YUbKh4yE8/nxoGib +Ih6BJpsQBJFxwAYf3KDTuVan45gtf4Od34wrnDKOMpTwATwiKp9Dwi7DmDkHOHv8XgBCH/MyJnmD +hPbl8MFREsALHgQjDFSlTC9JxUrRtm5gDWv8a4uFJGS3iQ6rJUdbPM9+Sb3H6QrG2vd+DhcI00iX +0HGS8A85PjRqHH3Y8iKuu2n0M7SmSFXRDw4m6Oy2Cy2nhTXN/VnIn9HNPlopNLk9hM6xZdRZkZFW +dSHBd575euFgndOtBBj0fOtek49TSiIp+EgrPk2GrFt/ywaZWWDYWGWVjUTR939+J399roD1B0y2 +PpxxVJkES/1Y+Zj0 +-----END CERTIFICATE----- + +DigiCert Assured ID Root G2 +=========================== +-----BEGIN CERTIFICATE----- +MIIDljCCAn6gAwIBAgIQC5McOtY5Z+pnI7/Dr5r0SzANBgkqhkiG9w0BAQsFADBlMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSQw +IgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIwHhcNMTMwODAxMTIwMDAwWhcNMzgw +MTE1MTIwMDAwWjBlMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQL +ExB3d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzIw +ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ5ygvUj82ckmIkzTz+GoeMVSAn61UQbVH +35ao1K+ALbkKz3X9iaV9JPrjIgwrvJUXCzO/GU1BBpAAvQxNEP4HteccbiJVMWWXvdMX0h5i89vq +bFCMP4QMls+3ywPgym2hFEwbid3tALBSfK+RbLE4E9HpEgjAALAcKxHad3A2m67OeYfcgnDmCXRw +VWmvo2ifv922ebPynXApVfSr/5Vh88lAbx3RvpO704gqu52/clpWcTs/1PPRCv4o76Pu2ZmvA9OP +YLfykqGxvYmJHzDNw6YuYjOuFgJ3RFrngQo8p0Quebg/BLxcoIfhG69Rjs3sLPr4/m3wOnyqi+Rn +lTGNAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBTO +w0q5mVXyuNtgv6l+vVa1lzan1jANBgkqhkiG9w0BAQsFAAOCAQEAyqVVjOPIQW5pJ6d1Ee88hjZv +0p3GeDgdaZaikmkuOGybfQTUiaWxMTeKySHMq2zNixya1r9I0jJmwYrA8y8678Dj1JGG0VDjA9tz +d29KOVPt3ibHtX2vK0LRdWLjSisCx1BL4GnilmwORGYQRI+tBev4eaymG+g3NJ1TyWGqolKvSnAW +hsI6yLETcDbYz+70CjTVW0z9B5yiutkBclzzTcHdDrEcDcRjvq30FPuJ7KJBDkzMyFdA0G4Dqs0M +jomZmWzwPDCvON9vvKO+KSAnq3T/EyJ43pdSVR6DtVQgA+6uwE9W3jfMw3+qBCe703e4YtsXfJwo +IhNzbM8m9Yop5w== +-----END CERTIFICATE----- + +DigiCert Assured ID Root G3 +=========================== +-----BEGIN CERTIFICATE----- +MIICRjCCAc2gAwIBAgIQC6Fa+h3foLVJRK/NJKBs7DAKBggqhkjOPQQDAzBlMQswCQYDVQQGEwJV +UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSQwIgYD +VQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1 +MTIwMDAwWjBlMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSQwIgYDVQQDExtEaWdpQ2VydCBBc3N1cmVkIElEIFJvb3QgRzMwdjAQ +BgcqhkjOPQIBBgUrgQQAIgNiAAQZ57ysRGXtzbg/WPuNsVepRC0FFfLvC/8QdJ+1YlJfZn4f5dwb +RXkLzMZTCp2NXQLZqVneAlr2lSoOjThKiknGvMYDOAdfVdp+CW7if17QRSAPWXYQ1qAk8C3eNvJs +KTmjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBTL0L2p4ZgF +UaFNN6KDec6NHSrkhDAKBggqhkjOPQQDAwNnADBkAjAlpIFFAmsSS3V0T8gj43DydXLefInwz5Fy +YZ5eEJJZVrmDxxDnOOlYJjZ91eQ0hjkCMHw2U/Aw5WJjOpnitqM7mzT6HtoQknFekROn3aRukswy +1vUhZscv6pZjamVFkpUBtA== +-----END CERTIFICATE----- + +DigiCert Global Root G2 +======================= +-----BEGIN CERTIFICATE----- +MIIDjjCCAnagAwIBAgIQAzrx5qcRqaC7KGSxHQn65TANBgkqhkiG9w0BAQsFADBhMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAw +HgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMjAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUx +MjAwMDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3 +dy5kaWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEcyMIIBIjANBgkq +hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzfNNNx7a8myaJCtSnX/RrohCgiN9RlUyfuI2/Ou8jqJ +kTx65qsGGmvPrC3oXgkkRLpimn7Wo6h+4FR1IAWsULecYxpsMNzaHxmx1x7e/dfgy5SDN67sH0NO +3Xss0r0upS/kqbitOtSZpLYl6ZtrAGCSYP9PIUkY92eQq2EGnI/yuum06ZIya7XzV+hdG82MHauV +BJVJ8zUtluNJbd134/tJS7SsVQepj5WztCO7TG1F8PapspUwtP1MVYwnSlcUfIKdzXOS0xZKBgyM +UNGPHgm+F6HmIcr9g+UQvIOlCsRnKPZzFBQ9RnbDhxSJITRNrw9FDKZJobq7nMWxM4MphQIDAQAB +o0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUTiJUIBiV5uNu +5g/6+rkS7QYXjzkwDQYJKoZIhvcNAQELBQADggEBAGBnKJRvDkhj6zHd6mcY1Yl9PMWLSn/pvtsr +F9+wX3N3KjITOYFnQoQj8kVnNeyIv/iPsGEMNKSuIEyExtv4NeF22d+mQrvHRAiGfzZ0JFrabA0U +WTW98kndth/Jsw1HKj2ZL7tcu7XUIOGZX1NGFdtom/DzMNU+MeKNhJ7jitralj41E6Vf8PlwUHBH +QRFXGU7Aj64GxJUTFy8bJZ918rGOmaFvE7FBcf6IKshPECBV1/MUReXgRPTqh5Uykw7+U0b6LJ3/ +iyK5S9kJRaTepLiaWN0bfVKfjllDiIGknibVb63dDcY3fe0Dkhvld1927jyNxF1WW6LZZm6zNTfl +MrY= +-----END CERTIFICATE----- + +DigiCert Global Root G3 +======================= +-----BEGIN CERTIFICATE----- +MIICPzCCAcWgAwIBAgIQBVVWvPJepDU1w6QP1atFcjAKBggqhkjOPQQDAzBhMQswCQYDVQQGEwJV +UzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSAwHgYD +VQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBHMzAeFw0xMzA4MDExMjAwMDBaFw0zODAxMTUxMjAw +MDBaMGExCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5k +aWdpY2VydC5jb20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IEczMHYwEAYHKoZIzj0C +AQYFK4EEACIDYgAE3afZu4q4C/sLfyHS8L6+c/MzXRq8NOrexpu80JX28MzQC7phW1FGfp4tn+6O +YwwX7Adw9c+ELkCDnOg/QW07rdOkFFk2eJ0DQ+4QE2xy3q6Ip6FrtUPOZ9wj/wMco+I+o0IwQDAP +BgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUs9tIpPmhxdiuNkHMEWNp +Yim8S8YwCgYIKoZIzj0EAwMDaAAwZQIxAK288mw/EkrRLTnDCgmXc/SINoyIJ7vmiI1Qhadj+Z4y +3maTD/HMsQmP3Wyr+mt/oAIwOWZbwmSNuJ5Q3KjVSaLtx9zRSX8XAbjIho9OjIgrqJqpisXRAL34 +VOKa5Vt8sycX +-----END CERTIFICATE----- + +DigiCert Trusted Root G4 +======================== +-----BEGIN CERTIFICATE----- +MIIFkDCCA3igAwIBAgIQBZsbV56OITLiOQe9p3d1XDANBgkqhkiG9w0BAQwFADBiMQswCQYDVQQG +EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSEw +HwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwHhcNMTMwODAxMTIwMDAwWhcNMzgwMTE1 +MTIwMDAwWjBiMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 +d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhEaWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwggIiMA0G +CSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC/5pBzaN675F1KPDAiMGkz7MKnJS7JIT3yithZwuEp +pz1Yq3aaza57G4QNxDAf8xukOBbrVsaXbR2rsnnyyhHS5F/WBTxSD1Ifxp4VpX6+n6lXFllVcq9o +k3DCsrp1mWpzMpTREEQQLt+C8weE5nQ7bXHiLQwb7iDVySAdYyktzuxeTsiT+CFhmzTrBcZe7Fsa +vOvJz82sNEBfsXpm7nfISKhmV1efVFiODCu3T6cw2Vbuyntd463JT17lNecxy9qTXtyOj4DatpGY +QJB5w3jHtrHEtWoYOAMQjdjUN6QuBX2I9YI+EJFwq1WCQTLX2wRzKm6RAXwhTNS8rhsDdV14Ztk6 +MUSaM0C/CNdaSaTC5qmgZ92kJ7yhTzm1EVgX9yRcRo9k98FpiHaYdj1ZXUJ2h4mXaXpI8OCiEhtm +mnTK3kse5w5jrubU75KSOp493ADkRSWJtppEGSt+wJS00mFt6zPZxd9LBADMfRyVw4/3IbKyEbe7 +f/LVjHAsQWCqsWMYRJUadmJ+9oCw++hkpjPRiQfhvbfmQ6QYuKZ3AeEPlAwhHbJUKSWJbOUOUlFH +dL4mrLZBdd56rF+NP8m800ERElvlEFDrMcXKchYiCd98THU/Y+whX8QgUWtvsauGi0/C1kVfnSD8 +oR7FwI+isX4KJpn15GkvmB0t9dmpsh3lGwIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1Ud +DwEB/wQEAwIBhjAdBgNVHQ4EFgQU7NfjgtJxXWRM3y5nP+e6mK4cD08wDQYJKoZIhvcNAQEMBQAD +ggIBALth2X2pbL4XxJEbw6GiAI3jZGgPVs93rnD5/ZpKmbnJeFwMDF/k5hQpVgs2SV1EY+CtnJYY +ZhsjDT156W1r1lT40jzBQ0CuHVD1UvyQO7uYmWlrx8GnqGikJ9yd+SeuMIW59mdNOj6PWTkiU0Tr +yF0Dyu1Qen1iIQqAyHNm0aAFYF/opbSnr6j3bTWcfFqK1qI4mfN4i/RN0iAL3gTujJtHgXINwBQy +7zBZLq7gcfJW5GqXb5JQbZaNaHqasjYUegbyJLkJEVDXCLG4iXqEI2FCKeWjzaIgQdfRnGTZ6iah +ixTXTBmyUEFxPT9NcCOGDErcgdLMMpSEDQgJlxxPwO5rIHQw0uA5NBCFIRUBCOhVMt5xSdkoF1BN +5r5N0XWs0Mr7QbhDparTwwVETyw2m+L64kW4I1NsBm9nVX9GtUw/bihaeSbSpKhil9Ie4u1Ki7wb +/UdKDd9nZn6yW0HQO+T0O/QEY+nvwlQAUaCKKsnOeMzV6ocEGLPOr0mIr/OSmbaz5mEP0oUA51Aa +5BuVnRmhuZyxm7EAHu/QD09CbMkKvO5D+jpxpchNJqU1/YldvIViHTLSoCtU7ZpXwdv6EM8Zt4tK +G48BtieVU+i2iW1bvGjUI+iLUaJW+fCmgKDWHrO8Dw9TdSmq6hN35N6MgSGtBxBHEa2HPQfRdbzP +82Z+ +-----END CERTIFICATE----- + +WoSign +====== +-----BEGIN CERTIFICATE----- +MIIFdjCCA16gAwIBAgIQXmjWEXGUY1BWAGjzPsnFkTANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQG +EwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxKjAoBgNVBAMTIUNlcnRpZmljYXRpb24g +QXV0aG9yaXR5IG9mIFdvU2lnbjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgwMTAwMDFaMFUxCzAJ +BgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEqMCgGA1UEAxMhQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkgb2YgV29TaWduMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA +vcqNrLiRFVaXe2tcesLea9mhsMMQI/qnobLMMfo+2aYpbxY94Gv4uEBf2zmoAHqLoE1UfcIiePyO +CbiohdfMlZdLdNiefvAA5A6JrkkoRBoQmTIPJYhTpA2zDxIIFgsDcSccf+Hb0v1naMQFXQoOXXDX +2JegvFNBmpGN9J42Znp+VsGQX+axaCA2pIwkLCxHC1l2ZjC1vt7tj/id07sBMOby8w7gLJKA84X5 +KIq0VC6a7fd2/BVoFutKbOsuEo/Uz/4Mx1wdC34FMr5esAkqQtXJTpCzWQ27en7N1QhatH/YHGkR ++ScPewavVIMYe+HdVHpRaG53/Ma/UkpmRqGyZxq7o093oL5d//xWC0Nyd5DKnvnyOfUNqfTq1+ez +EC8wQjchzDBwyYaYD8xYTYO7feUapTeNtqwylwA6Y3EkHp43xP901DfA4v6IRmAR3Qg/UDaruHqk +lWJqbrDKaiFaafPz+x1wOZXzp26mgYmhiMU7ccqjUu6Du/2gd/Tkb+dC221KmYo0SLwX3OSACCK2 +8jHAPwQ+658geda4BmRkAjHXqc1S+4RFaQkAKtxVi8QGRkvASh0JWzko/amrzgD5LkhLJuYwTKVY +yrREgk/nkR4zw7CT/xH8gdLKH3Ep3XZPkiWvHYG3Dy+MwwbMLyejSuQOmbp8HkUff6oZRZb9/D0C +AwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFOFmzw7R +8bNLtwYgFP6HEtX2/vs+MA0GCSqGSIb3DQEBBQUAA4ICAQCoy3JAsnbBfnv8rWTjMnvMPLZdRtP1 +LOJwXcgu2AZ9mNELIaCJWSQBnfmvCX0KI4I01fx8cpm5o9dU9OpScA7F9dY74ToJMuYhOZO9sxXq +T2r09Ys/L3yNWC7F4TmgPsc9SnOeQHrAK2GpZ8nzJLmzbVUsWh2eJXLOC62qx1ViC777Y7NhRCOj +y+EaDveaBk3e1CNOIZZbOVtXHS9dCF4Jef98l7VNg64N1uajeeAz0JmWAjCnPv/So0M/BVoG6kQC +2nz4SNAzqfkHx5Xh9T71XXG68pWpdIhhWeO/yloTunK0jF02h+mmxTwTv97QRCbut+wucPrXnbes +5cVAWubXbHssw1abR80LzvobtCHXt2a49CUwi1wNuepnsvRtrtWhnk/Yn+knArAdBtaP4/tIEp9/ +EaEQPkxROpaw0RPxx9gmrjrKkcRpnd8BKWRRb2jaFOwIQZeQjdCygPLPwj2/kWjFgGcexGATVdVh +mVd8upUPYUk6ynW8yQqTP2cOEvIo4jEbwFcW3wh8GcF+Dx+FHgo2fFt+J7x6v+Db9NpSvd4MVHAx +kUOVyLzwPt0JfjBkUO1/AaQzZ01oT74V77D2AhGiGxMlOtzCWfHjXEa7ZywCRuoeSKbmW9m1vFGi +kpbbqsY3Iqb+zCB0oy2pLmvLwIIRIbWTee5Ehr7XHuQe+w== +-----END CERTIFICATE----- + +WoSign China +============ +-----BEGIN CERTIFICATE----- +MIIFWDCCA0CgAwIBAgIQUHBrzdgT/BtOOzNy0hFIjTANBgkqhkiG9w0BAQsFADBGMQswCQYDVQQG +EwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMMEkNBIOayg+mAmuagueiv +geS5pjAeFw0wOTA4MDgwMTAwMDFaFw0zOTA4MDgwMTAwMDFaMEYxCzAJBgNVBAYTAkNOMRowGAYD +VQQKExFXb1NpZ24gQ0EgTGltaXRlZDEbMBkGA1UEAwwSQ0Eg5rKD6YCa5qC56K+B5LmmMIICIjAN +BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA0EkhHiX8h8EqwqzbdoYGTufQdDTc7WU1/FDWiD+k +8H/rD195L4mx/bxjWDeTmzj4t1up+thxx7S8gJeNbEvxUNUqKaqoGXqW5pWOdO2XCld19AXbbQs5 +uQF/qvbW2mzmBeCkTVL829B0txGMe41P/4eDrv8FAxNXUDf+jJZSEExfv5RxadmWPgxDT74wwJ85 +dE8GRV2j1lY5aAfMh09Qd5Nx2UQIsYo06Yms25tO4dnkUkWMLhQfkWsZHWgpLFbE4h4TV2TwYeO5 +Ed+w4VegG63XX9Gv2ystP9Bojg/qnw+LNVgbExz03jWhCl3W6t8Sb8D7aQdGctyB9gQjF+BNdeFy +b7Ao65vh4YOhn0pdr8yb+gIgthhid5E7o9Vlrdx8kHccREGkSovrlXLp9glk3Kgtn3R46MGiCWOc +76DbT52VqyBPt7D3h1ymoOQ3OMdc4zUPLK2jgKLsLl3Az+2LBcLmc272idX10kaO6m1jGx6KyX2m ++Jzr5dVjhU1zZmkR/sgO9MHHZklTfuQZa/HpelmjbX7FF+Ynxu8b22/8DU0GAbQOXDBGVWCvOGU6 +yke6rCzMRh+yRpY/8+0mBe53oWprfi1tWFxK1I5nuPHa1UaKJ/kR8slC/k7e3x9cxKSGhxYzoacX +GKUN5AXlK8IrC6KVkLn9YDxOiT7nnO4fuwECAwEAAaNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1Ud +EwEB/wQFMAMBAf8wHQYDVR0OBBYEFOBNv9ybQV0T6GTwp+kVpOGBwboxMA0GCSqGSIb3DQEBCwUA +A4ICAQBqinA4WbbaixjIvirTthnVZil6Xc1bL3McJk6jfW+rtylNpumlEYOnOXOvEESS5iVdT2H6 +yAa+Tkvv/vMx/sZ8cApBWNromUuWyXi8mHwCKe0JgOYKOoICKuLJL8hWGSbueBwj/feTZU7n85iY +r83d2Z5AiDEoOqsuC7CsDCT6eiaY8xJhEPRdF/d+4niXVOKM6Cm6jBAyvd0zaziGfjk9DgNyp115 +j0WKWa5bIW4xRtVZjc8VX90xJc/bYNaBRHIpAlf2ltTW/+op2znFuCyKGo3Oy+dCMYYFaA6eFN0A +kLppRQjbbpCBhqcqBT/mhDn4t/lXX0ykeVoQDF7Va/81XwVRHmyjdanPUIPTfPRm94KNPQx96N97 +qA4bLJyuQHCH2u2nFoJavjVsIE4iYdm8UXrNemHcSxH5/mc0zy4EZmFcV5cjjPOGG0jfKq+nwf/Y +jj4Du9gqsPoUJbJRa4ZDhS4HIxaAjUz7tGM7zMN07RujHv41D198HRaG9Q7DlfEvr10lO1Hm13ZB +ONFLAzkopR6RctR9q5czxNM+4Gm2KHmgCY0c0f9BckgG/Jou5yD5m6Leie2uPAmvylezkolwQOQv +T8Jwg0DXJCxr5wkf09XHwQj02w47HAcLQxGEIYbpgNR12KvxAmLBsX5VYc8T1yaw15zLKYs4SgsO +kI26oQ== +-----END CERTIFICATE----- + +COMODO RSA Certification Authority +================================== +-----BEGIN CERTIFICATE----- +MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCBhTELMAkGA1UE +BhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgG +A1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlv +biBBdXRob3JpdHkwHhcNMTAwMTE5MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMC +R0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UE +ChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBB +dXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR6FSS0gpWsawNJN3Fz0Rn +dJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8Xpz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZ +FGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+ +5eNu/Nio5JIk2kNrYrhV/erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pG +x8cgoLEfZd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z+pUX +2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7wqP/0uK3pN/u6uPQL +OvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZahSL0896+1DSJMwBGB7FY79tOi4lu3 +sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVICu9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+C +GCe01a60y1Dma/RMhnEw6abfFobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5 +WdYgGq/yapiqcrxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E +FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w +DQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvlwFTPoCWOAvn9sKIN9SCYPBMt +rFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+ +nq6PK7o9mfjYcwlYRm6mnPTXJ9OV2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSg +tZx8jb8uk2IntznaFxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwW +sRqZCuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiKboHGhfKp +pC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmckejkk9u+UJueBPSZI9FoJA +zMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yLS0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHq +ZJx64SIDqZxubw5lT2yHh17zbqD5daWbQOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk52 +7RH89elWsn2/x20Kk4yl0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7I +LaZRfyHBNVOFBkpdn627G190 +-----END CERTIFICATE----- + +USERTrust RSA Certification Authority +===================================== +-----BEGIN CERTIFICATE----- +MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCBiDELMAkGA1UE +BhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQK +ExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkwHhcNMTAwMjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UE +BhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQK +ExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNh +dGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCAEmUXNg7D2wiz +0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2j +Y0K2dvKpOyuR+OJv0OwWIJAJPuLodMkYtJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFn +RghRy4YUVD+8M/5+bJz/Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O ++T23LLb2VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT79uq +/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6c0Plfg6lZrEpfDKE +Y1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmTYo61Zs8liM2EuLE/pDkP2QKe6xJM +lXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97lc6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8 +yexDJtC/QV9AqURE9JnnV4eeUB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+ +eLf8ZxXhyVeEHg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAd +BgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQF +MAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPFUp/L+M+ZBn8b2kMVn54CVVeW +FPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KOVWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ +7l8wXEskEVX/JJpuXior7gtNn3/3ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQ +Eg9zKC7F4iRO/Fjs8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM +8WcRiQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYzeSf7dNXGi +FSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZXHlKYC6SQK5MNyosycdi +yA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9c +J2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRBVXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGw +sAvgnEzDHNb842m1R0aBL6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gx +Q+6IHdfGjjxDah2nGN59PRbxYvnKkKj9 +-----END CERTIFICATE----- + +USERTrust ECC Certification Authority +===================================== +-----BEGIN CERTIFICATE----- +MIICjzCCAhWgAwIBAgIQXIuZxVqUxdJxVt7NiYDMJjAKBggqhkjOPQQDAzCBiDELMAkGA1UEBhMC +VVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU +aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlv +biBBdXRob3JpdHkwHhcNMTAwMjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMC +VVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVU +aGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBFQ0MgQ2VydGlmaWNhdGlv +biBBdXRob3JpdHkwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQarFRaqfloI+d61SRvU8Za2EurxtW2 +0eZzca7dnNYMYf3boIkDuAUU7FfO7l0/4iGzzvfUinngo4N+LZfQYcTxmdwlkWOrfzCjtHDix6Ez +nPO/LlxTsV+zfTJ/ijTjeXmjQjBAMB0GA1UdDgQWBBQ64QmG1M8ZwpZ2dEl23OA1xmNjmjAOBgNV +HQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAKBggqhkjOPQQDAwNoADBlAjA2Z6EWCNzklwBB +HU6+4WMBzzuqQhFkoJ2UOQIReVx7Hfpkue4WQrO/isIJxOzksU0CMQDpKmFHjFJKS04YcPbWRNZu +9YO6bVi9JNlWSOrvxKJGgYhqOkbRqZtNyWHa0V1Xahg= +-----END CERTIFICATE----- + +GlobalSign ECC Root CA - R4 +=========================== +-----BEGIN CERTIFICATE----- +MIIB4TCCAYegAwIBAgIRKjikHJYKBN5CsiilC+g0mAIwCgYIKoZIzj0EAwIwUDEkMCIGA1UECxMb +R2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQD +EwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoXDTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMb +R2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI0MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQD +EwpHbG9iYWxTaWduMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuMZ5049sJQ6fLjkZHAOkrprl +OQcJFspjsbmG+IpXwVfOQvpzofdlQv8ewQCybnMO/8ch5RikqtlxP6jUuc6MHaNCMEAwDgYDVR0P +AQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFFSwe61FuOJAf/sKbvu+M8k8o4TV +MAoGCCqGSM49BAMCA0gAMEUCIQDckqGgE6bPA7DmxCGXkPoUVy0D7O48027KqGx2vKLeuwIgJ6iF +JzWbVsaj8kfSt24bAgAXqmemFZHe+pTsewv4n4Q= +-----END CERTIFICATE----- + +GlobalSign ECC Root CA - R5 +=========================== +-----BEGIN CERTIFICATE----- +MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEkMCIGA1UECxMb +R2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQD +EwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoXDTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMb +R2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQD +EwpHbG9iYWxTaWduMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAER0UOlvt9Xb/pOdEh+J8LttV7HpI6 +SFkc8GIxLcB6KP4ap1yztsyX50XUWPrRd21DosCHZTQKH3rd6zwzocWdTaRvQZU4f8kehOvRnkmS +h5SHDDqFSmafnVmTTZdhBoZKo0IwQDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAd +BgNVHQ4EFgQUPeYpSJvqB8ohREom3m7e0oPQn1kwCgYIKoZIzj0EAwMDaAAwZQIxAOVpEslu28Yx +uglB4Zf4+/2a4n0Sye18ZNPLBSWLVtmg515dTguDnFt2KaAJJiFqYgIwcdK1j1zqO+F4CYWodZI7 +yFz9SO8NdCKoCOJuxUnOxwy8p2Fp8fc74SrL+SvzZpA3 +-----END CERTIFICATE----- + +Staat der Nederlanden Root CA - G3 +================================== +-----BEGIN CERTIFICATE----- +MIIFdDCCA1ygAwIBAgIEAJiiOTANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJOTDEeMBwGA1UE +CgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSswKQYDVQQDDCJTdGFhdCBkZXIgTmVkZXJsYW5kZW4g +Um9vdCBDQSAtIEczMB4XDTEzMTExNDExMjg0MloXDTI4MTExMzIzMDAwMFowWjELMAkGA1UEBhMC +TkwxHjAcBgNVBAoMFVN0YWF0IGRlciBOZWRlcmxhbmRlbjErMCkGA1UEAwwiU3RhYXQgZGVyIE5l +ZGVybGFuZGVuIFJvb3QgQ0EgLSBHMzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAL4y +olQPcPssXFnrbMSkUeiFKrPMSjTysF/zDsccPVMeiAho2G89rcKezIJnByeHaHE6n3WWIkYFsO2t +x1ueKt6c/DrGlaf1F2cY5y9JCAxcz+bMNO14+1Cx3Gsy8KL+tjzk7FqXxz8ecAgwoNzFs21v0IJy +EavSgWhZghe3eJJg+szeP4TrjTgzkApyI/o1zCZxMdFyKJLZWyNtZrVtB0LrpjPOktvA9mxjeM3K +Tj215VKb8b475lRgsGYeCasH/lSJEULR9yS6YHgamPfJEf0WwTUaVHXvQ9Plrk7O53vDxk5hUUur +mkVLoR9BvUhTFXFkC4az5S6+zqQbwSmEorXLCCN2QyIkHxcE1G6cxvx/K2Ya7Irl1s9N9WMJtxU5 +1nus6+N86U78dULI7ViVDAZCopz35HCz33JvWjdAidiFpNfxC95DGdRKWCyMijmev4SH8RY7Ngzp +07TKbBlBUgmhHbBqv4LvcFEhMtwFdozL92TkA1CvjJFnq8Xy7ljY3r735zHPbMk7ccHViLVlvMDo +FxcHErVc0qsgk7TmgoNwNsXNo42ti+yjwUOH5kPiNL6VizXtBznaqB16nzaeErAMZRKQFWDZJkBE +41ZgpRDUajz9QdwOWke275dhdU/Z/seyHdTtXUmzqWrLZoQT1Vyg3N9udwbRcXXIV2+vD3dbAgMB +AAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBRUrfrHkleu +yjWcLhL75LpdINyUVzANBgkqhkiG9w0BAQsFAAOCAgEAMJmdBTLIXg47mAE6iqTnB/d6+Oea31BD +U5cqPco8R5gu4RV78ZLzYdqQJRZlwJ9UXQ4DO1t3ApyEtg2YXzTdO2PCwyiBwpwpLiniyMMB8jPq +KqrMCQj3ZWfGzd/TtiunvczRDnBfuCPRy5FOCvTIeuXZYzbB1N/8Ipf3YF3qKS9Ysr1YvY2WTxB1 +v0h7PVGHoTx0IsL8B3+A3MSs/mrBcDCw6Y5p4ixpgZQJut3+TcCDjJRYwEYgr5wfAvg1VUkvRtTA +8KCWAg8zxXHzniN9lLf9OtMJgwYh/WA9rjLA0u6NpvDntIJ8CsxwyXmA+P5M9zWEGYox+wrZ13+b +8KKaa8MFSu1BYBQw0aoRQm7TIwIEC8Zl3d1Sd9qBa7Ko+gE4uZbqKmxnl4mUnrzhVNXkanjvSr0r +mj1AfsbAddJu+2gw7OyLnflJNZoaLNmzlTnVHpL3prllL+U9bTpITAjc5CgSKL59NVzq4BZ+Extq +1z7XnvwtdbLBFNUjA9tbbws+eC8N3jONFrdI54OagQ97wUNNVQQXOEpR1VmiiXTTn74eS9fGbbeI +JG9gkaSChVtWQbzQRKtqE77RLFi3EjNYsjdj3BP1lB0/QFH1T/U67cjF68IeHRaVesd+QnGTbksV +tzDfqu1XhUisHWrdOWnk4Xl4vs4Fv6EM94B7IWcnMFk= +-----END CERTIFICATE----- + +Staat der Nederlanden EV Root CA +================================ +-----BEGIN CERTIFICATE----- +MIIFcDCCA1igAwIBAgIEAJiWjTANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQGEwJOTDEeMBwGA1UE +CgwVU3RhYXQgZGVyIE5lZGVybGFuZGVuMSkwJwYDVQQDDCBTdGFhdCBkZXIgTmVkZXJsYW5kZW4g +RVYgUm9vdCBDQTAeFw0xMDEyMDgxMTE5MjlaFw0yMjEyMDgxMTEwMjhaMFgxCzAJBgNVBAYTAk5M +MR4wHAYDVQQKDBVTdGFhdCBkZXIgTmVkZXJsYW5kZW4xKTAnBgNVBAMMIFN0YWF0IGRlciBOZWRl +cmxhbmRlbiBFViBSb290IENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA48d+ifkk +SzrSM4M1LGns3Amk41GoJSt5uAg94JG6hIXGhaTK5skuU6TJJB79VWZxXSzFYGgEt9nCUiY4iKTW +O0Cmws0/zZiTs1QUWJZV1VD+hq2kY39ch/aO5ieSZxeSAgMs3NZmdO3dZ//BYY1jTw+bbRcwJu+r +0h8QoPnFfxZpgQNH7R5ojXKhTbImxrpsX23Wr9GxE46prfNeaXUmGD5BKyF/7otdBwadQ8QpCiv8 +Kj6GyzyDOvnJDdrFmeK8eEEzduG/L13lpJhQDBXd4Pqcfzho0LKmeqfRMb1+ilgnQ7O6M5HTp5gV +XJrm0w912fxBmJc+qiXbj5IusHsMX/FjqTf5m3VpTCgmJdrV8hJwRVXj33NeN/UhbJCONVrJ0yPr +08C+eKxCKFhmpUZtcALXEPlLVPxdhkqHz3/KRawRWrUgUY0viEeXOcDPusBCAUCZSCELa6fS/ZbV +0b5GnUngC6agIk440ME8MLxwjyx1zNDFjFE7PZQIZCZhfbnDZY8UnCHQqv0XcgOPvZuM5l5Tnrmd +74K74bzickFbIZTTRTeU0d8JOV3nI6qaHcptqAqGhYqCvkIH1vI4gnPah1vlPNOePqc7nvQDs/nx +fRN0Av+7oeX6AHkcpmZBiFxgV6YuCcS6/ZrPpx9Aw7vMWgpVSzs4dlG4Y4uElBbmVvMCAwEAAaNC +MEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFP6rAJCYniT8qcwa +ivsnuL8wbqg7MA0GCSqGSIb3DQEBCwUAA4ICAQDPdyxuVr5Os7aEAJSrR8kN0nbHhp8dB9O2tLsI +eK9p0gtJ3jPFrK3CiAJ9Brc1AsFgyb/E6JTe1NOpEyVa/m6irn0F3H3zbPB+po3u2dfOWBfoqSmu +c0iH55vKbimhZF8ZE/euBhD/UcabTVUlT5OZEAFTdfETzsemQUHSv4ilf0X8rLiltTMMgsT7B/Zq +5SWEXwbKwYY5EdtYzXc7LMJMD16a4/CrPmEbUCTCwPTxGfARKbalGAKb12NMcIxHowNDXLldRqAN +b/9Zjr7dn3LDWyvfjFvO5QxGbJKyCqNMVEIYFRIYvdr8unRu/8G2oGTYqV9Vrp9canaW2HNnh/tN +f1zuacpzEPuKqf2evTY4SUmH9A4U8OmHuD+nT3pajnnUk+S7aFKErGzp85hwVXIy+TSrK0m1zSBi +5Dp6Z2Orltxtrpfs/J92VoguZs9btsmksNcFuuEnL5O7Jiqik7Ab846+HUCjuTaPPoIaGl6I6lD4 +WeKDRikL40Rc4ZW2aZCaFG+XroHPaO+Zmr615+F/+PoTRxZMzG0IQOeLeG9QgkRQP2YGiqtDhFZK +DyAthg710tvSeopLzaXoTvFeJiUBWSOgftL2fiFX1ye8FVdMpEbB4IMeDExNH08GGeL5qPQ6gqGy +eUN51q1veieQA6TqJIc/2b3Z6fJfUEkc7uzXLg== +-----END CERTIFICATE----- + +IdenTrust Commercial Root CA 1 +============================== +-----BEGIN CERTIFICATE----- +MIIFYDCCA0igAwIBAgIQCgFCgAAAAUUjyES1AAAAAjANBgkqhkiG9w0BAQsFADBKMQswCQYDVQQG +EwJVUzESMBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBS +b290IENBIDEwHhcNMTQwMTE2MTgxMjIzWhcNMzQwMTE2MTgxMjIzWjBKMQswCQYDVQQGEwJVUzES +MBAGA1UEChMJSWRlblRydXN0MScwJQYDVQQDEx5JZGVuVHJ1c3QgQ29tbWVyY2lhbCBSb290IENB +IDEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCnUBneP5k91DNG8W9RYYKyqU+PZ4ld +hNlT3Qwo2dfw/66VQ3KZ+bVdfIrBQuExUHTRgQ18zZshq0PirK1ehm7zCYofWjK9ouuU+ehcCuz/ +mNKvcbO0U59Oh++SvL3sTzIwiEsXXlfEU8L2ApeN2WIrvyQfYo3fw7gpS0l4PJNgiCL8mdo2yMKi +1CxUAGc1bnO/AljwpN3lsKImesrgNqUZFvX9t++uP0D1bVoE/c40yiTcdCMbXTMTEl3EASX2MN0C +XZ/g1Ue9tOsbobtJSdifWwLziuQkkORiT0/Br4sOdBeo0XKIanoBScy0RnnGF7HamB4HWfp1IYVl +3ZBWzvurpWCdxJ35UrCLvYf5jysjCiN2O/cz4ckA82n5S6LgTrx+kzmEB/dEcH7+B1rlsazRGMzy +NeVJSQjKVsk9+w8YfYs7wRPCTY/JTw436R+hDmrfYi7LNQZReSzIJTj0+kuniVyc0uMNOYZKdHzV +WYfCP04MXFL0PfdSgvHqo6z9STQaKPNBiDoT7uje/5kdX7rL6B7yuVBgwDHTc+XvvqDtMwt0viAg +xGds8AgDelWAf0ZOlqf0Hj7h9tgJ4TNkK2PXMl6f+cB7D3hvl7yTmvmcEpB4eoCHFddydJxVdHix +uuFucAS6T6C6aMN7/zHwcz09lCqxC0EOoP5NiGVreTO01wIDAQABo0IwQDAOBgNVHQ8BAf8EBAMC +AQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU7UQZwNPwBovupHu+QucmVMiONnYwDQYJKoZI +hvcNAQELBQADggIBAA2ukDL2pkt8RHYZYR4nKM1eVO8lvOMIkPkp165oCOGUAFjvLi5+U1KMtlwH +6oi6mYtQlNeCgN9hCQCTrQ0U5s7B8jeUeLBfnLOic7iPBZM4zY0+sLj7wM+x8uwtLRvM7Kqas6pg +ghstO8OEPVeKlh6cdbjTMM1gCIOQ045U8U1mwF10A0Cj7oV+wh93nAbowacYXVKV7cndJZ5t+qnt +ozo00Fl72u1Q8zW/7esUTTHHYPTa8Yec4kjixsU3+wYQ+nVZZjFHKdp2mhzpgq7vmrlR94gjmmmV +YjzlVYA211QC//G5Xc7UI2/YRYRKW2XviQzdFKcgyxilJbQN+QHwotL0AMh0jqEqSI5l2xPE4iUX +feu+h1sXIFRRk0pTAwvsXcoz7WL9RccvW9xYoIA55vrX/hMUpu09lEpCdNTDd1lzzY9GvlU47/ro +kTLql1gEIt44w8y8bckzOmoKaT+gyOpyj4xjhiO9bTyWnpXgSUyqorkqG5w2gXjtw+hG4iZZRHUe +2XWJUc0QhJ1hYMtd+ZciTY6Y5uN/9lu7rs3KSoFrXgvzUeF0K+l+J6fZmUlO+KWA2yUPHGNiiskz +Z2s8EIPGrd6ozRaOjfAHN3Gf8qv8QfXBi+wAN10J5U6A7/qxXDgGpRtK4dw4LTzcqx+QGtVKnO7R +cGzM7vRX+Bi6hG6H +-----END CERTIFICATE----- + +IdenTrust Public Sector Root CA 1 +================================= +-----BEGIN CERTIFICATE----- +MIIFZjCCA06gAwIBAgIQCgFCgAAAAUUjz0Z8AAAAAjANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQG +EwJVUzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3Rv +ciBSb290IENBIDEwHhcNMTQwMTE2MTc1MzMyWhcNMzQwMTE2MTc1MzMyWjBNMQswCQYDVQQGEwJV +UzESMBAGA1UEChMJSWRlblRydXN0MSowKAYDVQQDEyFJZGVuVHJ1c3QgUHVibGljIFNlY3RvciBS +b290IENBIDEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC2IpT8pEiv6EdrCvsnduTy +P4o7ekosMSqMjbCpwzFrqHd2hCa2rIFCDQjrVVi7evi8ZX3yoG2LqEfpYnYeEe4IFNGyRBb06tD6 +Hi9e28tzQa68ALBKK0CyrOE7S8ItneShm+waOh7wCLPQ5CQ1B5+ctMlSbdsHyo+1W/CD80/HLaXI +rcuVIKQxKFdYWuSNG5qrng0M8gozOSI5Cpcu81N3uURF/YTLNiCBWS2ab21ISGHKTN9T0a9SvESf +qy9rg3LvdYDaBjMbXcjaY8ZNzaxmMc3R3j6HEDbhuaR672BQssvKplbgN6+rNBM5Jeg5ZuSYeqoS +mJxZZoY+rfGwyj4GD3vwEUs3oERte8uojHH01bWRNszwFcYr3lEXsZdMUD2xlVl8BX0tIdUAvwFn +ol57plzy9yLxkA2T26pEUWbMfXYD62qoKjgZl3YNa4ph+bz27nb9cCvdKTz4Ch5bQhyLVi9VGxyh +LrXHFub4qjySjmm2AcG1hp2JDws4lFTo6tyePSW8Uybt1as5qsVATFSrsrTZ2fjXctscvG29ZV/v +iDUqZi/u9rNl8DONfJhBaUYPQxxp+pu10GFqzcpL2UyQRqsVWaFHVCkugyhfHMKiq3IXAAaOReyL +4jM9f9oZRORicsPfIsbyVtTdX5Vy7W1f90gDW/3FKqD2cyOEEBsB5wIDAQABo0IwQDAOBgNVHQ8B +Af8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU43HgntinQtnbcZFrlJPrw6PRFKMw +DQYJKoZIhvcNAQELBQADggIBAEf63QqwEZE4rU1d9+UOl1QZgkiHVIyqZJnYWv6IAcVYpZmxI1Qj +t2odIFflAWJBF9MJ23XLblSQdf4an4EKwt3X9wnQW3IV5B4Jaj0z8yGa5hV+rVHVDRDtfULAj+7A +mgjVQdZcDiFpboBhDhXAuM/FSRJSzL46zNQuOAXeNf0fb7iAaJg9TaDKQGXSc3z1i9kKlT/YPyNt +GtEqJBnZhbMX73huqVjRI9PHE+1yJX9dsXNw0H8GlwmEKYBhHfpe/3OsoOOJuBxxFcbeMX8S3OFt +m6/n6J91eEyrRjuazr8FGF1NFTwWmhlQBJqymm9li1JfPFgEKCXAZmExfrngdbkaqIHWchezxQMx +NRF4eKLg6TCMf4DfWN88uieW4oA0beOY02QnrEh+KHdcxiVhJfiFDGX6xDIvpZgF5PgLZxYWxoK4 +Mhn5+bl53B/N66+rDt0b20XkeucC4pVd/GnwU2lhlXV5C15V5jgclKlZM57IcXR5f1GJtshquDDI +ajjDbp7hNxbqBWJMWxJH7ae0s1hWx0nzfxJoCTFx8G34Tkf71oXuxVhAGaQdp/lLQzfcaFpPz+vC +ZHTetBXZ9FRUGi8c15dxVJCO2SCdUyt/q4/i6jC8UDfv8Ue1fXwsBOxonbRJRBD0ckscZOf85muQ +3Wl9af0AVqW3rLatt8o+Ae+c +-----END CERTIFICATE----- + +Entrust Root Certification Authority - G2 +========================================= +-----BEGIN CERTIFICATE----- +MIIEPjCCAyagAwIBAgIESlOMKDANBgkqhkiG9w0BAQsFADCBvjELMAkGA1UEBhMCVVMxFjAUBgNV +BAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVy +bXMxOTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ug +b25seTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIw +HhcNMDkwNzA3MTcyNTU0WhcNMzAxMjA3MTc1NTU0WjCBvjELMAkGA1UEBhMCVVMxFjAUBgNVBAoT +DUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMx +OTA3BgNVBAsTMChjKSAyMDA5IEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25s +eTEyMDAGA1UEAxMpRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6hLZy254Ma+KZ6TABp3bqMriVQRrJ2mFOWHLP +/vaCeb9zYQYKpSfYs1/TRU4cctZOMvJyig/3gxnQaoCAAEUesMfnmr8SVycco2gvCoe9amsOXmXz +HHfV1IWNcCG0szLni6LVhjkCsbjSR87kyUnEO6fe+1R9V77w6G7CebI6C1XiUJgWMhNcL3hWwcKU +s/Ja5CeanyTXxuzQmyWC48zCxEXFjJd6BmsqEZ+pCm5IO2/b1BEZQvePB7/1U1+cPvQXLOZprE4y +TGJ36rfo5bs0vBmLrpxR57d+tVOxMyLlbc9wPBr64ptntoP0jaWvYkxN4FisZDQSA/i2jZRjJKRx +AgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRqciZ6 +0B7vfec7aVHUbI2fkBJmqzANBgkqhkiG9w0BAQsFAAOCAQEAeZ8dlsa2eT8ijYfThwMEYGprmi5Z +iXMRrEPR9RP/jTkrwPK9T3CMqS/qF8QLVJ7UG5aYMzyorWKiAHarWWluBh1+xLlEjZivEtRh2woZ +Rkfz6/djwUAFQKXSt/S1mja/qYh2iARVBCuch38aNzx+LaUa2NSJXsq9rD1s2G2v1fN2D807iDgi +nWyTmsQ9v4IbZT+mD12q/OWyFcq1rca8PdCE6OoGcrBNOTJ4vz4RnAuknZoh8/CbCzB428Hch0P+ +vGOaysXCHMnHjf87ElgI5rY97HosTvuDls4MPGmHVHOkc8KT/1EQrBVUAdj8BbGJoX90g5pJ19xO +e4pIb4tF9g== +-----END CERTIFICATE----- + +Entrust Root Certification Authority - EC1 +========================================== +-----BEGIN CERTIFICATE----- +MIIC+TCCAoCgAwIBAgINAKaLeSkAAAAAUNCR+TAKBggqhkjOPQQDAzCBvzELMAkGA1UEBhMCVVMx +FjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsTH1NlZSB3d3cuZW50cnVzdC5uZXQvbGVn +YWwtdGVybXMxOTA3BgNVBAsTMChjKSAyMDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXpl +ZCB1c2Ugb25seTEzMDEGA1UEAxMqRW50cnVzdCBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5 +IC0gRUMxMB4XDTEyMTIxODE1MjUzNloXDTM3MTIxODE1NTUzNlowgb8xCzAJBgNVBAYTAlVTMRYw +FAYDVQQKEw1FbnRydXN0LCBJbmMuMSgwJgYDVQQLEx9TZWUgd3d3LmVudHJ1c3QubmV0L2xlZ2Fs +LXRlcm1zMTkwNwYDVQQLEzAoYykgMjAxMiBFbnRydXN0LCBJbmMuIC0gZm9yIGF1dGhvcml6ZWQg +dXNlIG9ubHkxMzAxBgNVBAMTKkVudHJ1c3QgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAt +IEVDMTB2MBAGByqGSM49AgEGBSuBBAAiA2IABIQTydC6bUF74mzQ61VfZgIaJPRbiWlH47jCffHy +AsWfoPZb1YsGGYZPUxBtByQnoaD41UcZYUx9ypMn6nQM72+WCf5j7HBdNq1nd67JnXxVRDqiY1Ef +9eNi1KlHBz7MIKNCMEAwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYE +FLdj5xrdjekIplWDpOBqUEFlEUJJMAoGCCqGSM49BAMDA2cAMGQCMGF52OVCR98crlOZF7ZvHH3h +vxGU0QOIdeSNiaSKd0bebWHvAvX7td/M/k7//qnmpwIwW5nXhTcGtXsI/esni0qU+eH6p44mCOh8 +kmhtc9hvJqwhAriZtyZBWyVgrtBIGu4G +-----END CERTIFICATE----- + +CFCA EV ROOT +============ +-----BEGIN CERTIFICATE----- +MIIFjTCCA3WgAwIBAgIEGErM1jANBgkqhkiG9w0BAQsFADBWMQswCQYDVQQGEwJDTjEwMC4GA1UE +CgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQDDAxDRkNB +IEVWIFJPT1QwHhcNMTIwODA4MDMwNzAxWhcNMjkxMjMxMDMwNzAxWjBWMQswCQYDVQQGEwJDTjEw +MC4GA1UECgwnQ2hpbmEgRmluYW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRUwEwYDVQQD +DAxDRkNBIEVWIFJPT1QwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDXXWvNED8fBVnV +BU03sQ7smCuOFR36k0sXgiFxEFLXUWRwFsJVaU2OFW2fvwwbwuCjZ9YMrM8irq93VCpLTIpTUnrD +7i7es3ElweldPe6hL6P3KjzJIx1qqx2hp/Hz7KDVRM8Vz3IvHWOX6Jn5/ZOkVIBMUtRSqy5J35DN +uF++P96hyk0g1CXohClTt7GIH//62pCfCqktQT+x8Rgp7hZZLDRJGqgG16iI0gNyejLi6mhNbiyW +ZXvKWfry4t3uMCz7zEasxGPrb382KzRzEpR/38wmnvFyXVBlWY9ps4deMm/DGIq1lY+wejfeWkU7 +xzbh72fROdOXW3NiGUgthxwG+3SYIElz8AXSG7Ggo7cbcNOIabla1jj0Ytwli3i/+Oh+uFzJlU9f +py25IGvPa931DfSCt/SyZi4QKPaXWnuWFo8BGS1sbn85WAZkgwGDg8NNkt0yxoekN+kWzqotaK8K +gWU6cMGbrU1tVMoqLUuFG7OA5nBFDWteNfB/O7ic5ARwiRIlk9oKmSJgamNgTnYGmE69g60dWIol +hdLHZR4tjsbftsbhf4oEIRUpdPA+nJCdDC7xij5aqgwJHsfVPKPtl8MeNPo4+QgO48BdK4PRVmrJ +tqhUUy54Mmc9gn900PvhtgVguXDbjgv5E1hvcWAQUhC5wUEJ73IfZzF4/5YFjQIDAQABo2MwYTAf +BgNVHSMEGDAWgBTj/i39KNALtbq2osS/BqoFjJP7LzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB +/wQEAwIBBjAdBgNVHQ4EFgQU4/4t/SjQC7W6tqLEvwaqBYyT+y8wDQYJKoZIhvcNAQELBQADggIB +ACXGumvrh8vegjmWPfBEp2uEcwPenStPuiB/vHiyz5ewG5zz13ku9Ui20vsXiObTej/tUxPQ4i9q +ecsAIyjmHjdXNYmEwnZPNDatZ8POQQaIxffu2Bq41gt/UP+TqhdLjOztUmCypAbqTuv0axn96/Ua +4CUqmtzHQTb3yHQFhDmVOdYLO6Qn+gjYXB74BGBSESgoA//vU2YApUo0FmZ8/Qmkrp5nGm9BC2sG +E5uPhnEFtC+NiWYzKXZUmhH4J/qyP5Hgzg0b8zAarb8iXRvTvyUFTeGSGn+ZnzxEk8rUQElsgIfX +BDrDMlI1Dlb4pd19xIsNER9Tyx6yF7Zod1rg1MvIB671Oi6ON7fQAUtDKXeMOZePglr4UeWJoBjn +aH9dCi77o0cOPaYjesYBx4/IXr9tgFa+iiS6M+qf4TIRnvHST4D2G0CvOJ4RUHlzEhLN5mydLIhy +PDCBBpEi6lmt2hkuIsKNuYyH4Ga8cyNfIWRjgEj1oDwYPZTISEEdQLpe/v5WOaHIz16eGWRGENoX +kbcFgKyLmZJ956LYBws2J+dIeWCKw9cTXPhyQN9Ky8+ZAAoACxGV2lZFA4gKn2fQ1XmxqI1AbQ3C +ekD6819kR5LLU7m7Wc5P/dAVUwHY3+vZ5nbv0CO7O6l5s9UCKc2Jo5YPSjXnTkLAdc0Hz+Ys63su +-----END CERTIFICATE----- + +TÃœRKTRUST Elektronik Sertifika Hizmet SaÄŸlayıcısı H5 +==================================================== +-----BEGIN CERTIFICATE----- +MIIEJzCCAw+gAwIBAgIHAI4X/iQggTANBgkqhkiG9w0BAQsFADCBsTELMAkGA1UEBhMCVFIxDzAN +BgNVBAcMBkFua2FyYTFNMEsGA1UECgxEVMOcUktUUlVTVCBCaWxnaSDEsGxldGnFn2ltIHZlIEJp +bGnFn2ltIEfDvHZlbmxpxJ9pIEhpem1ldGxlcmkgQS7Fni4xQjBABgNVBAMMOVTDnFJLVFJVU1Qg +RWxla3Ryb25payBTZXJ0aWZpa2EgSGl6bWV0IFNhxJ9sYXnEsWPEsXPEsSBINTAeFw0xMzA0MzAw +ODA3MDFaFw0yMzA0MjgwODA3MDFaMIGxMQswCQYDVQQGEwJUUjEPMA0GA1UEBwwGQW5rYXJhMU0w +SwYDVQQKDERUw5xSS1RSVVNUIEJpbGdpIMSwbGV0acWfaW0gdmUgQmlsacWfaW0gR8O8dmVubGnE +n2kgSGl6bWV0bGVyaSBBLsWeLjFCMEAGA1UEAww5VMOcUktUUlVTVCBFbGVrdHJvbmlrIFNlcnRp +ZmlrYSBIaXptZXQgU2HEn2xhecSxY8Sxc8SxIEg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEApCUZ4WWe60ghUEoI5RHwWrom/4NZzkQqL/7hzmAD/I0Dpe3/a6i6zDQGn1k19uwsu537 +jVJp45wnEFPzpALFp/kRGml1bsMdi9GYjZOHp3GXDSHHmflS0yxjXVW86B8BSLlg/kJK9siArs1m +ep5Fimh34khon6La8eHBEJ/rPCmBp+EyCNSgBbGM+42WAA4+Jd9ThiI7/PS98wl+d+yG6w8z5UNP +9FR1bSmZLmZaQ9/LXMrI5Tjxfjs1nQ/0xVqhzPMggCTTV+wVunUlm+hkS7M0hO8EuPbJbKoCPrZV +4jI3X/xml1/N1p7HIL9Nxqw/dV8c7TKcfGkAaZHjIxhT6QIDAQABo0IwQDAdBgNVHQ4EFgQUVpkH +HtOsDGlktAxQR95DLL4gwPswDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI +hvcNAQELBQADggEBAJ5FdnsXSDLyOIspve6WSk6BGLFRRyDN0GSxDsnZAdkJzsiZ3GglE9Rc8qPo +BP5yCccLqh0lVX6Wmle3usURehnmp349hQ71+S4pL+f5bFgWV1Al9j4uPqrtd3GqqpmWRgqujuwq +URawXs3qZwQcWDD1YIq9pr1N5Za0/EKJAWv2cMhQOQwt1WbZyNKzMrcbGW3LM/nfpeYVhDfwwvJl +lpKQd/Ct9JDpEXjXk4nAPQu6KfTomZ1yju2dL+6SfaHx/126M2CFYv4HAqGEVka+lgqaE9chTLd8 +B59OTj+RdPsnnRHM3eaxynFNExc5JsUpISuTKWqW+qtB4Uu2NQvAmxU= +-----END CERTIFICATE----- + +Certinomis - Root CA +==================== +-----BEGIN CERTIFICATE----- +MIIFkjCCA3qgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJGUjETMBEGA1UEChMK +Q2VydGlub21pczEXMBUGA1UECxMOMDAwMiA0MzM5OTg5MDMxHTAbBgNVBAMTFENlcnRpbm9taXMg +LSBSb290IENBMB4XDTEzMTAyMTA5MTcxOFoXDTMzMTAyMTA5MTcxOFowWjELMAkGA1UEBhMCRlIx +EzARBgNVBAoTCkNlcnRpbm9taXMxFzAVBgNVBAsTDjAwMDIgNDMzOTk4OTAzMR0wGwYDVQQDExRD +ZXJ0aW5vbWlzIC0gUm9vdCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANTMCQos +P5L2fxSeC5yaah1AMGT9qt8OHgZbn1CF6s2Nq0Nn3rD6foCWnoR4kkjW4znuzuRZWJflLieY6pOo +d5tK8O90gC3rMB+12ceAnGInkYjwSond3IjmFPnVAy//ldu9n+ws+hQVWZUKxkd8aRi5pwP5ynap +z8dvtF4F/u7BUrJ1Mofs7SlmO/NKFoL21prbcpjp3vDFTKWrteoB4owuZH9kb/2jJZOLyKIOSY00 +8B/sWEUuNKqEUL3nskoTuLAPrjhdsKkb5nPJWqHZZkCqqU2mNAKthH6yI8H7KsZn9DS2sJVqM09x +RLWtwHkziOC/7aOgFLScCbAK42C++PhmiM1b8XcF4LVzbsF9Ri6OSyemzTUK/eVNfaoqoynHWmgE +6OXWk6RiwsXm9E/G+Z8ajYJJGYrKWUM66A0ywfRMEwNvbqY/kXPLynNvEiCL7sCCeN5LLsJJwx3t +FvYk9CcbXFcx3FXuqB5vbKziRcxXV4p1VxngtViZSTYxPDMBbRZKzbgqg4SGm/lg0h9tkQPTYKbV +PZrdd5A9NaSfD171UkRpucC63M9933zZxKyGIjK8e2uR73r4F2iw4lNVYC2vPsKD2NkJK/DAZNuH +i5HMkesE/Xa0lZrmFAYb1TQdvtj/dBxThZngWVJKYe2InmtJiUZ+IFrZ50rlau7SZRFDAgMBAAGj +YzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTvkUz1pcMw6C8I +6tNxIqSSaHh02TAfBgNVHSMEGDAWgBTvkUz1pcMw6C8I6tNxIqSSaHh02TANBgkqhkiG9w0BAQsF +AAOCAgEAfj1U2iJdGlg+O1QnurrMyOMaauo++RLrVl89UM7g6kgmJs95Vn6RHJk/0KGRHCwPT5iV +WVO90CLYiF2cN/z7ZMF4jIuaYAnq1fohX9B0ZedQxb8uuQsLrbWwF6YSjNRieOpWauwK0kDDPAUw +Pk2Ut59KA9N9J0u2/kTO+hkzGm2kQtHdzMjI1xZSg081lLMSVX3l4kLr5JyTCcBMWwerx20RoFAX +lCOotQqSD7J6wWAsOMwaplv/8gzjqh8c3LigkyfeY+N/IZ865Z764BNqdeuWXGKRlI5nU7aJ+BIJ +y29SWwNyhlCVCNSNh4YVH5Uk2KRvms6knZtt0rJ2BobGVgjF6wnaNsIbW0G+YSrjcOa4pvi2WsS9 +Iff/ql+hbHY5ZtbqTFXhADObE5hjyW/QASAJN1LnDE8+zbz1X5YnpyACleAu6AdBBR8Vbtaw5Bng +DwKTACdyxYvRVB9dSsNAl35VpnzBMwQUAR1JIGkLGZOdblgi90AMRgwjY/M50n92Uaf0yKHxDHYi +I0ZSKS3io0EHVmmY0gUJvGnHWmHNj4FgFU2A3ZDifcRQ8ow7bkrHxuaAKzyBvBGAFhAn1/DNP3nM +cyrDflOR1m749fPH0FFNjkulW+YZFzvWgQncItzujrnEj1PhZ7szuIgVRs/taTX/dQ1G885x4cVr +hkIGuUE= +-----END CERTIFICATE----- + +OISTE WISeKey Global Root GB CA +=============================== +-----BEGIN CERTIFICATE----- +MIIDtTCCAp2gAwIBAgIQdrEgUnTwhYdGs/gjGvbCwDANBgkqhkiG9w0BAQsFADBtMQswCQYDVQQG +EwJDSDEQMA4GA1UEChMHV0lTZUtleTEiMCAGA1UECxMZT0lTVEUgRm91bmRhdGlvbiBFbmRvcnNl +ZDEoMCYGA1UEAxMfT0lTVEUgV0lTZUtleSBHbG9iYWwgUm9vdCBHQiBDQTAeFw0xNDEyMDExNTAw +MzJaFw0zOTEyMDExNTEwMzFaMG0xCzAJBgNVBAYTAkNIMRAwDgYDVQQKEwdXSVNlS2V5MSIwIAYD +VQQLExlPSVNURSBGb3VuZGF0aW9uIEVuZG9yc2VkMSgwJgYDVQQDEx9PSVNURSBXSVNlS2V5IEds +b2JhbCBSb290IEdCIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Be3HEokKtaX +scriHvt9OO+Y9bI5mE4nuBFde9IllIiCFSZqGzG7qFshISvYD06fWvGxWuR51jIjK+FTzJlFXHtP +rby/h0oLS5daqPZI7H17Dc0hBt+eFf1Biki3IPShehtX1F1Q/7pn2COZH8g/497/b1t3sWtuuMlk +9+HKQUYOKXHQuSP8yYFfTvdv37+ErXNku7dCjmn21HYdfp2nuFeKUWdy19SouJVUQHMD9ur06/4o +Qnc/nSMbsrY9gBQHTC5P99UKFg29ZkM3fiNDecNAhvVMKdqOmq0NpQSHiB6F4+lT1ZvIiwNjeOvg +GUpuuy9rM2RYk61pv48b74JIxwIDAQABo1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB +/zAdBgNVHQ4EFgQUNQ/INmNe4qPs+TtmFc5RUuORmj0wEAYJKwYBBAGCNxUBBAMCAQAwDQYJKoZI +hvcNAQELBQADggEBAEBM+4eymYGQfp3FsLAmzYh7KzKNbrghcViXfa43FK8+5/ea4n32cZiZBKpD +dHij40lhPnOMTZTg+XHEthYOU3gf1qKHLwI5gSk8rxWYITD+KJAAjNHhy/peyP34EEY7onhCkRd0 +VQreUGdNZtGn//3ZwLWoo4rOZvUPQ82nK1d7Y0Zqqi5S2PTt4W2tKZB4SLrhI6qjiey1q5bAtEui +HZeeevJuQHHfaPFlTc58Bd9TZaml8LGXBHAVRgOY1NK/VLSgWH1Sb9pWJmLU2NuJMW8c8CLC02Ic +Nc1MaRVUGpCY3useX8p3x8uOPUNpnJpY0CQ73xtAln41rYHHTnG6iBM= +-----END CERTIFICATE----- + +Certification Authority of WoSign G2 +==================================== +-----BEGIN CERTIFICATE----- +MIIDfDCCAmSgAwIBAgIQayXaioidfLwPBbOxemFFRDANBgkqhkiG9w0BAQsFADBYMQswCQYDVQQG +EwJDTjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxLTArBgNVBAMTJENlcnRpZmljYXRpb24g +QXV0aG9yaXR5IG9mIFdvU2lnbiBHMjAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4NThaMFgx +CzAJBgNVBAYTAkNOMRowGAYDVQQKExFXb1NpZ24gQ0EgTGltaXRlZDEtMCsGA1UEAxMkQ2VydGlm +aWNhdGlvbiBBdXRob3JpdHkgb2YgV29TaWduIEcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB +CgKCAQEAvsXEoCKASU+/2YcRxlPhuw+9YH+v9oIOH9ywjj2X4FA8jzrvZjtFB5sg+OPXJYY1kBai +XW8wGQiHC38Gsp1ij96vkqVg1CuAmlI/9ZqD6TRay9nVYlzmDuDfBpgOgHzKtB0TiGsOqCR3A9Du +W/PKaZE1OVbFbeP3PU9ekzgkyhjpJMuSA93MHD0JcOQg5PGurLtzaaNjOg9FD6FKmsLRY6zLEPg9 +5k4ot+vElbGs/V6r+kHLXZ1L3PR8du9nfwB6jdKgGlxNIuG12t12s9R23164i5jIFFTMaxeSt+BK +v0mUYQs4kI9dJGwlezt52eJ+na2fmKEG/HgUYFf47oB3sQIDAQABo0IwQDAOBgNVHQ8BAf8EBAMC +AQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU+mCp62XF3RYUCE4MD42b4Pdkr2cwDQYJKoZI +hvcNAQELBQADggEBAFfDejaCnI2Y4qtAqkePx6db7XznPWZaOzG73/MWM5H8fHulwqZm46qwtyeY +P0nXYGdnPzZPSsvxFPpahygc7Y9BMsaV+X3avXtbwrAh449G3CE4Q3RM+zD4F3LBMvzIkRfEzFg3 +TgvMWvchNSiDbGAtROtSjFA9tWwS1/oJu2yySrHFieT801LYYRf+epSEj3m2M1m6D8QL4nCgS3gu ++sif/a+RZQp4OBXllxcU3fngLDT4ONCEIgDAFFEYKwLcMFrw6AF8NTojrwjkr6qOKEJJLvD1mTS+ +7Q9LGOHSJDy7XUe3IfKN0QqZjuNuPq1w4I+5ysxugTH2e5x6eeRncRg= +-----END CERTIFICATE----- + +CA WoSign ECC Root +================== +-----BEGIN CERTIFICATE----- +MIICCTCCAY+gAwIBAgIQaEpYcIBr8I8C+vbe6LCQkDAKBggqhkjOPQQDAzBGMQswCQYDVQQGEwJD +TjEaMBgGA1UEChMRV29TaWduIENBIExpbWl0ZWQxGzAZBgNVBAMTEkNBIFdvU2lnbiBFQ0MgUm9v +dDAeFw0xNDExMDgwMDU4NThaFw00NDExMDgwMDU4NThaMEYxCzAJBgNVBAYTAkNOMRowGAYDVQQK +ExFXb1NpZ24gQ0EgTGltaXRlZDEbMBkGA1UEAxMSQ0EgV29TaWduIEVDQyBSb290MHYwEAYHKoZI +zj0CAQYFK4EEACIDYgAE4f2OuEMkq5Z7hcK6C62N4DrjJLnSsb6IOsq/Srj57ywvr1FQPEd1bPiU +t5v8KB7FVMxjnRZLU8HnIKvNrCXSf4/CwVqCXjCLelTOA7WRf6qU0NGKSMyCBSah1VES1ns2o0Iw +QDAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUqv3VWqP2h4syhf3R +MluARZPzA7gwCgYIKoZIzj0EAwMDaAAwZQIxAOSkhLCB1T2wdKyUpOgOPQB0TKGXa/kNUTyh2Tv0 +Daupn75OcsqF1NnstTJFGG+rrQIwfcf3aWMvoeGY7xMQ0Xk/0f7qO3/eVvSQsRUR2LIiFdAvwyYu +a/GRspBl9JrmkO5K +-----END CERTIFICATE----- + +SZAFIR ROOT CA2 +=============== +-----BEGIN CERTIFICATE----- +MIIDcjCCAlqgAwIBAgIUPopdB+xV0jLVt+O2XwHrLdzk1uQwDQYJKoZIhvcNAQELBQAwUTELMAkG +A1UEBhMCUEwxKDAmBgNVBAoMH0tyYWpvd2EgSXpiYSBSb3psaWN6ZW5pb3dhIFMuQS4xGDAWBgNV +BAMMD1NaQUZJUiBST09UIENBMjAeFw0xNTEwMTkwNzQzMzBaFw0zNTEwMTkwNzQzMzBaMFExCzAJ +BgNVBAYTAlBMMSgwJgYDVQQKDB9LcmFqb3dhIEl6YmEgUm96bGljemVuaW93YSBTLkEuMRgwFgYD +VQQDDA9TWkFGSVIgUk9PVCBDQTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3vD5Q +qEvNQLXOYeeWyrSh2gwisPq1e3YAd4wLz32ohswmUeQgPYUM1ljj5/QqGJ3a0a4m7utT3PSQ1hNK +DJA8w/Ta0o4NkjrcsbH/ON7Dui1fgLkCvUqdGw+0w8LBZwPd3BucPbOw3gAeqDRHu5rr/gsUvTaE +2g0gv/pby6kWIK05YO4vdbbnl5z5Pv1+TW9NL++IDWr63fE9biCloBK0TXC5ztdyO4mTp4CEHCdJ +ckm1/zuVnsHMyAHs6A6KCpbns6aH5db5BSsNl0BwPLqsdVqc1U2dAgrSS5tmS0YHF2Wtn2yIANwi +ieDhZNRnvDF5YTy7ykHNXGoAyDw4jlivAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P +AQH/BAQDAgEGMB0GA1UdDgQWBBQuFqlKGLXLzPVvUPMjX/hd56zwyDANBgkqhkiG9w0BAQsFAAOC +AQEAtXP4A9xZWx126aMqe5Aosk3AM0+qmrHUuOQn/6mWmc5G4G18TKI4pAZw8PRBEew/R40/cof5 +O/2kbytTAOD/OblqBw7rHRz2onKQy4I9EYKL0rufKq8h5mOGnXkZ7/e7DDWQw4rtTw/1zBLZpD67 +oPwglV9PJi8RI4NOdQcPv5vRtB3pEAT+ymCPoky4rc/hkA/NrgrHXXu3UNLUYfrVFdvXn4dRVOul +4+vJhaAlIDf7js4MNIThPIGyd05DpYhfhmehPea0XGG2Ptv+tyjFogeutcrKjSoS75ftwjCkySp6 ++/NNIxuZMzSgLvWpCz/UXeHPhJ/iGcJfitYgHuNztw== +-----END CERTIFICATE----- + +Certum Trusted Network CA 2 +=========================== +-----BEGIN CERTIFICATE----- +MIIF0jCCA7qgAwIBAgIQIdbQSk8lD8kyN/yqXhKN6TANBgkqhkiG9w0BAQ0FADCBgDELMAkGA1UE +BhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMuQS4xJzAlBgNVBAsTHkNlcnR1 +bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEkMCIGA1UEAxMbQ2VydHVtIFRydXN0ZWQgTmV0d29y +ayBDQSAyMCIYDzIwMTExMDA2MDgzOTU2WhgPMjA0NjEwMDYwODM5NTZaMIGAMQswCQYDVQQGEwJQ +TDEiMCAGA1UEChMZVW5pemV0byBUZWNobm9sb2dpZXMgUy5BLjEnMCUGA1UECxMeQ2VydHVtIENl +cnRpZmljYXRpb24gQXV0aG9yaXR5MSQwIgYDVQQDExtDZXJ0dW0gVHJ1c3RlZCBOZXR3b3JrIENB +IDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC9+Xj45tWADGSdhhuWZGc/IjoedQF9 +7/tcZ4zJzFxrqZHmuULlIEub2pt7uZld2ZuAS9eEQCsn0+i6MLs+CRqnSZXvK0AkwpfHp+6bJe+o +CgCXhVqqndwpyeI1B+twTUrWwbNWuKFBOJvR+zF/j+Bf4bE/D44WSWDXBo0Y+aomEKsq09DRZ40b +Rr5HMNUuctHFY9rnY3lEfktjJImGLjQ/KUxSiyqnwOKRKIm5wFv5HdnnJ63/mgKXwcZQkpsCLL2p +uTRZCr+ESv/f/rOf69me4Jgj7KZrdxYq28ytOxykh9xGc14ZYmhFV+SQgkK7QtbwYeDBoz1mo130 +GO6IyY0XRSmZMnUCMe4pJshrAua1YkV/NxVaI2iJ1D7eTiew8EAMvE0Xy02isx7QBlrd9pPPV3WZ +9fqGGmd4s7+W/jTcvedSVuWz5XV710GRBdxdaeOVDUO5/IOWOZV7bIBaTxNyxtd9KXpEulKkKtVB +Rgkg/iKgtlswjbyJDNXXcPiHUv3a76xRLgezTv7QCdpw75j6VuZt27VXS9zlLCUVyJ4ueE742pye +hizKV/Ma5ciSixqClnrDvFASadgOWkaLOusm+iPJtrCBvkIApPjW/jAux9JG9uWOdf3yzLnQh1vM +BhBgu4M1t15n3kfsmUjxpKEV/q2MYo45VU85FrmxY53/twIDAQABo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MB0GA1UdDgQWBBS2oVQ5AsOgP46KvPrU+Bym0ToO/TAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZI +hvcNAQENBQADggIBAHGlDs7k6b8/ONWJWsQCYftMxRQXLYtPU2sQF/xlhMcQSZDe28cmk4gmb3DW +Al45oPePq5a1pRNcgRRtDoGCERuKTsZPpd1iHkTfCVn0W3cLN+mLIMb4Ck4uWBzrM9DPhmDJ2vuA +L55MYIR4PSFk1vtBHxgP58l1cb29XN40hz5BsA72udY/CROWFC/emh1auVbONTqwX3BNXuMp8SMo +clm2q8KMZiYcdywmdjWLKKdpoPk79SPdhRB0yZADVpHnr7pH1BKXESLjokmUbOe3lEu6LaTaM4tM +pkT/WjzGHWTYtTHkpjx6qFcL2+1hGsvxznN3Y6SHb0xRONbkX8eftoEq5IVIeVheO/jbAoJnwTnb +w3RLPTYe+SmTiGhbqEQZIfCn6IENLOiTNrQ3ssqwGyZ6miUfmpqAnksqP/ujmv5zMnHCnsZy4Ypo +J/HkD7TETKVhk/iXEAcqMCWpuchxuO9ozC1+9eB+D4Kob7a6bINDd82Kkhehnlt4Fj1F4jNy3eFm +ypnTycUm/Q1oBEauttmbjL4ZvrHG8hnjXALKLNhvSgfZyTXaQHXyxKcZb55CEJh15pWLYLztxRLX +is7VmFxWlgPF7ncGNf/P5O4/E2Hu29othfDNrp2yGAlFw5Khchf8R7agCyzxxN5DaAhqXzvwdmP7 +zAYspsbiDrW5viSP +-----END CERTIFICATE----- + +Hellenic Academic and Research Institutions RootCA 2015 +======================================================= +-----BEGIN CERTIFICATE----- +MIIGCzCCA/OgAwIBAgIBADANBgkqhkiG9w0BAQsFADCBpjELMAkGA1UEBhMCR1IxDzANBgNVBAcT +BkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0 +aW9ucyBDZXJ0LiBBdXRob3JpdHkxQDA+BgNVBAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNl +YXJjaCBJbnN0aXR1dGlvbnMgUm9vdENBIDIwMTUwHhcNMTUwNzA3MTAxMTIxWhcNNDAwNjMwMTAx +MTIxWjCBpjELMAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0aGVuczFEMEIGA1UEChM7SGVsbGVuaWMg +QWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9ucyBDZXJ0LiBBdXRob3JpdHkxQDA+BgNV +BAMTN0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgUm9vdENBIDIw +MTUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDC+Kk/G4n8PDwEXT2QNrCROnk8Zlrv +bTkBSRq0t89/TSNTt5AA4xMqKKYx8ZEA4yjsriFBzh/a/X0SWwGDD7mwX5nh8hKDgE0GPt+sr+eh +iGsxr/CL0BgzuNtFajT0AoAkKAoCFZVedioNmToUW/bLy1O8E00BiDeUJRtCvCLYjqOWXjrZMts+ +6PAQZe104S+nfK8nNLspfZu2zwnI5dMK/IhlZXQK3HMcXM1AsRzUtoSMTFDPaI6oWa7CJ06CojXd +FPQf/7J31Ycvqm59JCfnxssm5uX+Zwdj2EUN3TpZZTlYepKZcj2chF6IIbjV9Cz82XBST3i4vTwr +i5WY9bPRaM8gFH5MXF/ni+X1NYEZN9cRCLdmvtNKzoNXADrDgfgXy5I2XdGj2HUb4Ysn6npIQf1F +GQatJ5lOwXBH3bWfgVMS5bGMSF0xQxfjjMZ6Y5ZLKTBOhE5iGV48zpeQpX8B653g+IuJ3SWYPZK2 +fu/Z8VFRfS0myGlZYeCsargqNhEEelC9MoS+L9xy1dcdFkfkR2YgP/SWxa+OAXqlD3pk9Q0Yh9mu +iNX6hME6wGkoLfINaFGq46V3xqSQDqE3izEjR8EJCOtu93ib14L8hCCZSRm2Ekax+0VVFqmjZayc +Bw/qa9wfLgZy7IaIEuQt218FL+TwA9MmM+eAws1CoRc0CwIDAQABo0IwQDAPBgNVHRMBAf8EBTAD +AQH/MA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUcRVnyMjJvXVdctA4GGqd83EkVAswDQYJKoZI +hvcNAQELBQADggIBAHW7bVRLqhBYRjTyYtcWNl0IXtVsyIe9tC5G8jH4fOpCtZMWVdyhDBKg2mF+ +D1hYc2Ryx+hFjtyp8iY/xnmMsVMIM4GwVhO+5lFc2JsKT0ucVlMC6U/2DWDqTUJV6HwbISHTGzrM +d/K4kPFox/la/vot9L/J9UUbzjgQKjeKeaO04wlshYaT/4mWJ3iBj2fjRnRUjtkNaeJK9E10A/+y +d+2VZ5fkscWrv2oj6NSU4kQoYsRL4vDY4ilrGnB+JGGTe08DMiUNRSQrlrRGar9KC/eaj8GsGsVn +82800vpzY4zvFrCopEYq+OsS7HK07/grfoxSwIuEVPkvPuNVqNxmsdnhX9izjFk0WaSrT2y7Hxjb +davYy5LNlDhhDgcGH0tGEPEVvo2FXDtKK4F5D7Rpn0lQl033DlZdwJVqwjbDG2jJ9SrcR5q+ss7F +Jej6A7na+RZukYT1HCjI/CbM1xyQVqdfbzoEvM14iQuODy+jqk+iGxI9FghAD/FGTNeqewjBCvVt +J94Cj8rDtSvK6evIIVM4pcw72Hc3MKJP2W/R8kCtQXoXxdZKNYm3QdV8hn9VTYNKpXMgwDqvkPGa +JI7ZjnHKe7iG2rKPmT4dEw0SEe7Uq/DpFXYC5ODfqiAeW2GFZECpkJcNrVPSWh2HagCXZWK0vm9q +p/UsQu0yrbYhnr68 +-----END CERTIFICATE----- + +Hellenic Academic and Research Institutions ECC RootCA 2015 +=========================================================== +-----BEGIN CERTIFICATE----- +MIICwzCCAkqgAwIBAgIBADAKBggqhkjOPQQDAjCBqjELMAkGA1UEBhMCR1IxDzANBgNVBAcTBkF0 +aGVuczFEMEIGA1UEChM7SGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9u +cyBDZXJ0LiBBdXRob3JpdHkxRDBCBgNVBAMTO0hlbGxlbmljIEFjYWRlbWljIGFuZCBSZXNlYXJj +aCBJbnN0aXR1dGlvbnMgRUNDIFJvb3RDQSAyMDE1MB4XDTE1MDcwNzEwMzcxMloXDTQwMDYzMDEw +MzcxMlowgaoxCzAJBgNVBAYTAkdSMQ8wDQYDVQQHEwZBdGhlbnMxRDBCBgNVBAoTO0hlbGxlbmlj +IEFjYWRlbWljIGFuZCBSZXNlYXJjaCBJbnN0aXR1dGlvbnMgQ2VydC4gQXV0aG9yaXR5MUQwQgYD +VQQDEztIZWxsZW5pYyBBY2FkZW1pYyBhbmQgUmVzZWFyY2ggSW5zdGl0dXRpb25zIEVDQyBSb290 +Q0EgMjAxNTB2MBAGByqGSM49AgEGBSuBBAAiA2IABJKgQehLgoRc4vgxEZmGZE4JJS+dQS8KrjVP +dJWyUWRrjWvmP3CV8AVER6ZyOFB2lQJajq4onvktTpnvLEhvTCUp6NFxW98dwXU3tNf6e3pCnGoK +Vlp8aQuqgAkkbH7BRqNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0O +BBYEFLQiC4KZJAEOnLvkDv2/+5cgk5kqMAoGCCqGSM49BAMCA2cAMGQCMGfOFmI4oqxiRaeplSTA +GiecMjvAwNW6qef4BENThe5SId6d9SWDPp5YSy/XZxMOIQIwBeF1Ad5o7SofTUwJCA3sS61kFyjn +dc5FZXIhF8siQQ6ME5g4mlRtm8rifOoCWCKR +-----END CERTIFICATE----- + +Certplus Root CA G1 +=================== +-----BEGIN CERTIFICATE----- +MIIFazCCA1OgAwIBAgISESBVg+QtPlRWhS2DN7cs3EYRMA0GCSqGSIb3DQEBDQUAMD4xCzAJBgNV +BAYTAkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBsdXMgUm9vdCBDQSBHMTAe +Fw0xNDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBaMD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhD +ZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBsdXMgUm9vdCBDQSBHMTCCAiIwDQYJKoZIhvcNAQEBBQAD +ggIPADCCAgoCggIBANpQh7bauKk+nWT6VjOaVj0W5QOVsjQcmm1iBdTYj+eJZJ+622SLZOZ5KmHN +r49aiZFluVj8tANfkT8tEBXgfs+8/H9DZ6itXjYj2JizTfNDnjl8KvzsiNWI7nC9hRYt6kuJPKNx +Qv4c/dMcLRC4hlTqQ7jbxofaqK6AJc96Jh2qkbBIb6613p7Y1/oA/caP0FG7Yn2ksYyy/yARujVj +BYZHYEMzkPZHogNPlk2dT8Hq6pyi/jQu3rfKG3akt62f6ajUeD94/vI4CTYd0hYCyOwqaK/1jpTv +LRN6HkJKHRUxrgwEV/xhc/MxVoYxgKDEEW4wduOU8F8ExKyHcomYxZ3MVwia9Az8fXoFOvpHgDm2 +z4QTd28n6v+WZxcIbekN1iNQMLAVdBM+5S//Ds3EC0pd8NgAM0lm66EYfFkuPSi5YXHLtaW6uOrc +4nBvCGrch2c0798wct3zyT8j/zXhviEpIDCB5BmlIOklynMxdCm+4kLV87ImZsdo/Rmz5yCTmehd +4F6H50boJZwKKSTUzViGUkAksnsPmBIgJPaQbEfIDbsYIC7Z/fyL8inqh3SV4EJQeIQEQWGw9CEj +jy3LKCHyamz0GqbFFLQ3ZU+V/YDI+HLlJWvEYLF7bY5KinPOWftwenMGE9nTdDckQQoRb5fc5+R+ +ob0V8rqHDz1oihYHAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0G +A1UdDgQWBBSowcCbkahDFXxdBie0KlHYlwuBsTAfBgNVHSMEGDAWgBSowcCbkahDFXxdBie0KlHY +lwuBsTANBgkqhkiG9w0BAQ0FAAOCAgEAnFZvAX7RvUz1isbwJh/k4DgYzDLDKTudQSk0YcbX8ACh +66Ryj5QXvBMsdbRX7gp8CXrc1cqh0DQT+Hern+X+2B50ioUHj3/MeXrKls3N/U/7/SMNkPX0XtPG +YX2eEeAC7gkE2Qfdpoq3DIMku4NQkv5gdRE+2J2winq14J2by5BSS7CTKtQ+FjPlnsZlFT5kOwQ/ +2wyPX1wdaR+v8+khjPPvl/aatxm2hHSco1S1cE5j2FddUyGbQJJD+tZ3VTNPZNX70Cxqjm0lpu+F +6ALEUz65noe8zDUa3qHpimOHZR4RKttjd5cUvpoUmRGywO6wT/gUITJDT5+rosuoD6o7BlXGEilX +CNQ314cnrUlZp5GrRHpejXDbl85IULFzk/bwg2D5zfHhMf1bfHEhYxQUqq/F3pN+aLHsIqKqkHWe +tUNy6mSjhEv9DKgma3GX7lZjZuhCVPnHHd/Qj1vfyDBviP4NxDMcU6ij/UgQ8uQKTuEVV/xuZDDC +VRHc6qnNSlSsKWNEz0pAoNZoWRsz+e86i9sgktxChL8Bq4fA1SCC28a5g4VCXA9DO2pJNdWY9BW/ ++mGBDAkgGNLQFwzLSABQ6XaCjGTXOqAHVcweMcDvOrRl++O/QmueD6i9a5jc2NvLi6Td11n0bt3+ +qsOR0C5CB8AMTVPNJLFMWx5R9N/pkvo= +-----END CERTIFICATE----- + +Certplus Root CA G2 +=================== +-----BEGIN CERTIFICATE----- +MIICHDCCAaKgAwIBAgISESDZkc6uo+jF5//pAq/Pc7xVMAoGCCqGSM49BAMDMD4xCzAJBgNVBAYT +AkZSMREwDwYDVQQKDAhDZXJ0cGx1czEcMBoGA1UEAwwTQ2VydHBsdXMgUm9vdCBDQSBHMjAeFw0x +NDA1MjYwMDAwMDBaFw0zODAxMTUwMDAwMDBaMD4xCzAJBgNVBAYTAkZSMREwDwYDVQQKDAhDZXJ0 +cGx1czEcMBoGA1UEAwwTQ2VydHBsdXMgUm9vdCBDQSBHMjB2MBAGByqGSM49AgEGBSuBBAAiA2IA +BM0PW1aC3/BFGtat93nwHcmsltaeTpwftEIRyoa/bfuFo8XlGVzX7qY/aWfYeOKmycTbLXku54uN +Am8xIk0G42ByRZ0OQneezs/lf4WbGOT8zC5y0xaTTsqZY1yhBSpsBqNjMGEwDgYDVR0PAQH/BAQD +AgEGMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFNqDYwJ5jtpMxjwjFNiPwyCrKGBZMB8GA1Ud +IwQYMBaAFNqDYwJ5jtpMxjwjFNiPwyCrKGBZMAoGCCqGSM49BAMDA2gAMGUCMHD+sAvZ94OX7PNV +HdTcswYO/jOYnYs5kGuUIe22113WTNchp+e/IQ8rzfcq3IUHnQIxAIYUFuXcsGXCwI4Un78kFmjl +vPl5adytRSv3tjFzzAalU5ORGpOucGpnutee5WEaXw== +-----END CERTIFICATE----- + +OpenTrust Root CA G1 +==================== +-----BEGIN CERTIFICATE----- +MIIFbzCCA1egAwIBAgISESCzkFU5fX82bWTCp59rY45nMA0GCSqGSIb3DQEBCwUAMEAxCzAJBgNV +BAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5UcnVzdCBSb290IENBIEcx +MB4XDTE0MDUyNjA4NDU1MFoXDTM4MDExNTAwMDAwMFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoM +CU9wZW5UcnVzdDEdMBsGA1UEAwwUT3BlblRydXN0IFJvb3QgQ0EgRzEwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQD4eUbalsUwXopxAy1wpLuwxQjczeY1wICkES3d5oeuXT2R0odsN7fa +Yp6bwiTXj/HbpqbfRm9RpnHLPhsxZ2L3EVs0J9V5ToybWL0iEA1cJwzdMOWo010hOHQX/uMftk87 +ay3bfWAfjH1MBcLrARYVmBSO0ZB3Ij/swjm4eTrwSSTilZHcYTSSjFR077F9jAHiOH3BX2pfJLKO +YheteSCtqx234LSWSE9mQxAGFiQD4eCcjsZGT44ameGPuY4zbGneWK2gDqdkVBFpRGZPTBKnjix9 +xNRbxQA0MMHZmf4yzgeEtE7NCv82TWLxp2NX5Ntqp66/K7nJ5rInieV+mhxNaMbBGN4zK1FGSxyO +9z0M+Yo0FMT7MzUj8czxKselu7Cizv5Ta01BG2Yospb6p64KTrk5M0ScdMGTHPjgniQlQ/GbI4Kq +3ywgsNw2TgOzfALU5nsaqocTvz6hdLubDuHAk5/XpGbKuxs74zD0M1mKB3IDVedzagMxbm+WG+Oi +n6+Sx+31QrclTDsTBM8clq8cIqPQqwWyTBIjUtz9GVsnnB47ev1CI9sjgBPwvFEVVJSmdz7QdFG9 +URQIOTfLHzSpMJ1ShC5VkLG631UAC9hWLbFJSXKAqWLXwPYYEQRVzXR7z2FwefR7LFxckvzluFqr +TJOVoSfupb7PcSNCupt2LQIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB +/zAdBgNVHQ4EFgQUl0YhVyE12jZVx/PxN3DlCPaTKbYwHwYDVR0jBBgwFoAUl0YhVyE12jZVx/Px +N3DlCPaTKbYwDQYJKoZIhvcNAQELBQADggIBAB3dAmB84DWn5ph76kTOZ0BP8pNuZtQ5iSas000E +PLuHIT839HEl2ku6q5aCgZG27dmxpGWX4m9kWaSW7mDKHyP7Rbr/jyTwyqkxf3kfgLMtMrpkZ2Cv +uVnN35pJ06iCsfmYlIrM4LvgBBuZYLFGZdwIorJGnkSI6pN+VxbSFXJfLkur1J1juONI5f6ELlgK +n0Md/rcYkoZDSw6cMoYsYPXpSOqV7XAp8dUv/TW0V8/bhUiZucJvbI/NeJWsZCj9VrDDb8O+WVLh +X4SPgPL0DTatdrOjteFkdjpY3H1PXlZs5VVZV6Xf8YpmMIzUUmI4d7S+KNfKNsSbBfD4Fdvb8e80 +nR14SohWZ25g/4/Ii+GOvUKpMwpZQhISKvqxnUOOBZuZ2mKtVzazHbYNeS2WuOvyDEsMpZTGMKcm +GS3tTAZQMPH9WD25SxdfGbRqhFS0OE85og2WaMMolP3tLR9Ka0OWLpABEPs4poEL0L9109S5zvE/ +bw4cHjdx5RiHdRk/ULlepEU0rbDK5uUTdg8xFKmOLZTW1YVNcxVPS/KyPu1svf0OnWZzsD2097+o +4BGkxK51CUpjAEggpsadCwmKtODmzj7HPiY46SvepghJAwSQiumPv+i2tCqjI40cHLI5kqiPAlxA +OXXUc0ECd97N4EOH1uS6SsNsEn/+KuYj1oxx +-----END CERTIFICATE----- + +OpenTrust Root CA G2 +==================== +-----BEGIN CERTIFICATE----- +MIIFbzCCA1egAwIBAgISESChaRu/vbm9UpaPI+hIvyYRMA0GCSqGSIb3DQEBDQUAMEAxCzAJBgNV +BAYTAkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5UcnVzdCBSb290IENBIEcy +MB4XDTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAwMFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoM +CU9wZW5UcnVzdDEdMBsGA1UEAwwUT3BlblRydXN0IFJvb3QgQ0EgRzIwggIiMA0GCSqGSIb3DQEB +AQUAA4ICDwAwggIKAoICAQDMtlelM5QQgTJT32F+D3Y5z1zCU3UdSXqWON2ic2rxb95eolq5cSG+ +Ntmh/LzubKh8NBpxGuga2F8ORAbtp+Dz0mEL4DKiltE48MLaARf85KxP6O6JHnSrT78eCbY2albz +4e6WiWYkBuTNQjpK3eCasMSCRbP+yatcfD7J6xcvDH1urqWPyKwlCm/61UWY0jUJ9gNDlP7ZvyCV +eYCYitmJNbtRG6Q3ffyZO6v/v6wNj0OxmXsWEH4db0fEFY8ElggGQgT4hNYdvJGmQr5J1WqIP7wt +UdGejeBSzFfdNTVY27SPJIjki9/ca1TSgSuyzpJLHB9G+h3Ykst2Z7UJmQnlrBcUVXDGPKBWCgOz +3GIZ38i1MH/1PCZ1Eb3XG7OHngevZXHloM8apwkQHZOJZlvoPGIytbU6bumFAYueQ4xncyhZW+vj +3CzMpSZyYhK05pyDRPZRpOLAeiRXyg6lPzq1O4vldu5w5pLeFlwoW5cZJ5L+epJUzpM5ChaHvGOz +9bGTXOBut9Dq+WIyiET7vycotjCVXRIouZW+j1MY5aIYFuJWpLIsEPUdN6b4t/bQWVyJ98LVtZR0 +0dX+G7bw5tYee9I8y6jj9RjzIR9u701oBnstXW5DiabA+aC/gh7PU3+06yzbXfZqfUAkBXKJOAGT +y3HCOV0GEfZvePg3DTmEJwIDAQABo2MwYTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUwAwEB +/zAdBgNVHQ4EFgQUajn6QiL35okATV59M4PLuG53hq8wHwYDVR0jBBgwFoAUajn6QiL35okATV59 +M4PLuG53hq8wDQYJKoZIhvcNAQENBQADggIBAJjLq0A85TMCl38th6aP1F5Kr7ge57tx+4BkJamz +Gj5oXScmp7oq4fBXgwpkTx4idBvpkF/wrM//T2h6OKQQbA2xx6R3gBi2oihEdqc0nXGEL8pZ0keI +mUEiyTCYYW49qKgFbdEfwFFEVn8nNQLdXpgKQuswv42hm1GqO+qTRmTFAHneIWv2V6CG1wZy7HBG +S4tz3aAhdT7cHcCP009zHIXZ/n9iyJVvttN7jLpTwm+bREx50B1ws9efAvSyB7DH5fitIw6mVskp +EndI2S9G/Tvw/HRwkqWOOAgfZDC2t0v7NqwQjqBSM2OdAzVWxWm9xiNaJ5T2pBL4LTM8oValX9YZ +6e18CL13zSdkzJTaTkZQh+D5wVOAHrut+0dSixv9ovneDiK3PTNZbNTe9ZUGMg1RGUFcPk8G97kr +gCf2o6p6fAbhQ8MTOWIaNr3gKC6UAuQpLmBVrkA9sHSSXvAgZJY/X0VdiLWK2gKgW0VU3jg9CcCo +SmVGFvyqv1ROTVu+OEO3KMqLM6oaJbolXCkvW0pujOotnCr2BXbgd5eAiN1nE28daCSLT7d0geX0 +YJ96Vdc+N9oWaz53rK4YcJUIeSkDiv7BO7M/Gg+kO14fWKGVyasvc0rQLW6aWQ9VGHgtPFGml4vm +u7JwqkwR3v98KzfUetF3NI/n+UL3PIEMS1IK +-----END CERTIFICATE----- + +OpenTrust Root CA G3 +==================== +-----BEGIN CERTIFICATE----- +MIICITCCAaagAwIBAgISESDm+Ez8JLC+BUCs2oMbNGA/MAoGCCqGSM49BAMDMEAxCzAJBgNVBAYT +AkZSMRIwEAYDVQQKDAlPcGVuVHJ1c3QxHTAbBgNVBAMMFE9wZW5UcnVzdCBSb290IENBIEczMB4X +DTE0MDUyNjAwMDAwMFoXDTM4MDExNTAwMDAwMFowQDELMAkGA1UEBhMCRlIxEjAQBgNVBAoMCU9w +ZW5UcnVzdDEdMBsGA1UEAwwUT3BlblRydXN0IFJvb3QgQ0EgRzMwdjAQBgcqhkjOPQIBBgUrgQQA +IgNiAARK7liuTcpm3gY6oxH84Bjwbhy6LTAMidnW7ptzg6kjFYwvWYpa3RTqnVkrQ7cG7DK2uu5B +ta1doYXM6h0UZqNnfkbilPPntlahFVmhTzeXuSIevRHr9LIfXsMUmuXZl5mjYzBhMA4GA1UdDwEB +/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRHd8MUi2I5DMlv4VBN0BBY3JWIbTAf +BgNVHSMEGDAWgBRHd8MUi2I5DMlv4VBN0BBY3JWIbTAKBggqhkjOPQQDAwNpADBmAjEAj6jcnboM +BBf6Fek9LykBl7+BFjNAk2z8+e2AcG+qj9uEwov1NcoG3GRvaBbhj5G5AjEA2Euly8LQCGzpGPta +3U1fJAuwACEl74+nBCZx4nxp5V2a+EEfOzmTk51V6s2N8fvB +-----END CERTIFICATE----- + +ISRG Root X1 +============ +-----BEGIN CERTIFICATE----- +MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UE +BhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQD +EwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQG +EwJVUzEpMCcGA1UEChMgSW50ZXJuZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMT +DElTUkcgUm9vdCBYMTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54r +Vygch77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+0TM8ukj1 +3Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6UA5/TR5d8mUgjU+g4rk8K +b4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sWT8KOEUt+zwvo/7V3LvSye0rgTBIlDHCN +Aymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyHB5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ +4Q7e2RCOFvu396j3x+UCB5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf +1b0SHzUvKBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWnOlFu +hjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTnjh8BCNAw1FtxNrQH +usEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbwqHyGO0aoSCqI3Haadr8faqU9GY/r +OPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CIrU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4G +A1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY +9umbbjANBgkqhkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL +ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ3BebYhtF8GaV +0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KKNFtY2PwByVS5uCbMiogziUwt +hDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJw +TdwJx4nLCgdNbOhdjsnvzqvHu7UrTkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nx +e5AW0wdeRlN8NwdCjNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZA +JzVcoyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq4RgqsahD +YVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPAmRGunUHBcnWEvgJBQl9n +JEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57demyPxgcYxn/eR44/KJ4EBs+lVDR3veyJ +m+kXQ99b21/+jh5Xos1AnX5iItreGCc= +-----END CERTIFICATE----- + +AC RAIZ FNMT-RCM +================ +-----BEGIN CERTIFICATE----- +MIIFgzCCA2ugAwIBAgIPXZONMGc2yAYdGsdUhGkHMA0GCSqGSIb3DQEBCwUAMDsxCzAJBgNVBAYT +AkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBGTk1ULVJDTTAeFw0wODEw +MjkxNTU5NTZaFw0zMDAxMDEwMDAwMDBaMDsxCzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJD +TTEZMBcGA1UECwwQQUMgUkFJWiBGTk1ULVJDTTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC +ggIBALpxgHpMhm5/yBNtwMZ9HACXjywMI7sQmkCpGreHiPibVmr75nuOi5KOpyVdWRHbNi63URcf +qQgfBBckWKo3Shjf5TnUV/3XwSyRAZHiItQDwFj8d0fsjz50Q7qsNI1NOHZnjrDIbzAzWHFctPVr +btQBULgTfmxKo0nRIBnuvMApGGWn3v7v3QqQIecaZ5JCEJhfTzC8PhxFtBDXaEAUwED653cXeuYL +j2VbPNmaUtu1vZ5Gzz3rkQUCwJaydkxNEJY7kvqcfw+Z374jNUUeAlz+taibmSXaXvMiwzn15Cou +08YfxGyqxRxqAQVKL9LFwag0Jl1mpdICIfkYtwb1TplvqKtMUejPUBjFd8g5CSxJkjKZqLsXF3mw +WsXmo8RZZUc1g16p6DULmbvkzSDGm0oGObVo/CK67lWMK07q87Hj/LaZmtVC+nFNCM+HHmpxffnT +tOmlcYF7wk5HlqX2doWjKI/pgG6BU6VtX7hI+cL5NqYuSf+4lsKMB7ObiFj86xsc3i1w4peSMKGJ +47xVqCfWS+2QrYv6YyVZLag13cqXM7zlzced0ezvXg5KkAYmY6252TUtB7p2ZSysV4999AeU14EC +ll2jB0nVetBX+RvnU0Z1qrB5QstocQjpYL05ac70r8NWQMetUqIJ5G+GR4of6ygnXYMgrwTJbFaa +i0b1AgMBAAGjgYMwgYAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYE +FPd9xf3E6Jobd2Sn9R2gzL+HYJptMD4GA1UdIAQ3MDUwMwYEVR0gADArMCkGCCsGAQUFBwIBFh1o +dHRwOi8vd3d3LmNlcnQuZm5tdC5lcy9kcGNzLzANBgkqhkiG9w0BAQsFAAOCAgEAB5BK3/MjTvDD +nFFlm5wioooMhfNzKWtN/gHiqQxjAb8EZ6WdmF/9ARP67Jpi6Yb+tmLSbkyU+8B1RXxlDPiyN8+s +D8+Nb/kZ94/sHvJwnvDKuO+3/3Y3dlv2bojzr2IyIpMNOmqOFGYMLVN0V2Ue1bLdI4E7pWYjJ2cJ +j+F3qkPNZVEI7VFY/uY5+ctHhKQV8Xa7pO6kO8Rf77IzlhEYt8llvhjho6Tc+hj507wTmzl6NLrT +Qfv6MooqtyuGC2mDOL7Nii4LcK2NJpLuHvUBKwrZ1pebbuCoGRw6IYsMHkCtA+fdZn71uSANA+iW ++YJF1DngoABd15jmfZ5nc8OaKveri6E6FO80vFIOiZiaBECEHX5FaZNXzuvO+FB8TxxuBEOb+dY7 +Ixjp6o7RTUaN8Tvkasq6+yO3m/qZASlaWFot4/nUbQ4mrcFuNLwy+AwF+mWj2zs3gyLp1txyM/1d +8iC9djwj2ij3+RvrWWTV3F9yfiD8zYm1kGdNYno/Tq0dwzn+evQoFt9B9kiABdcPUXmsEKvU7ANm +5mqwujGSQkBqvjrTcuFqN1W8rB2Vt2lh8kORdOag0wokRqEIr9baRRmW1FMdW4R58MD3R++Lj8UG +rp1MYp3/RgT408m2ECVAdf4WqslKYIYvuu8wd+RU4riEmViAqhOLUTpPSPaLtrM= +-----END CERTIFICATE----- + +Amazon Root CA 1 +================ +-----BEGIN CERTIFICATE----- +MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsFADA5MQswCQYD +VQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24gUm9vdCBDQSAxMB4XDTE1 +MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpv +bjEZMBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBALJ4gHHKeNXjca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgH +FzZM9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qwIFAGbHrQ +gLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6VOujw5H5SNz/0egwLX0t +dHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L93FcXmn/6pUCyziKrlA4b9v7LWIbxcce +VOF34GfID5yHI9Y/QCB/IIDEgEw+OyQmjgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB +/zAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3 +DQEBCwUAA4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDIU5PM +CCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUsN+gDS63pYaACbvXy +8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vvo/ufQJVtMVT8QtPHRh8jrdkPSHCa +2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2 +xJNDd2ZhwLnoQdeXeGADbkpyrqXRfboQnoZsG4q5WTP468SQvvG5 +-----END CERTIFICATE----- + +Amazon Root CA 2 +================ +-----BEGIN CERTIFICATE----- +MIIFQTCCAymgAwIBAgITBmyf0pY1hp8KD+WGePhbJruKNzANBgkqhkiG9w0BAQwFADA5MQswCQYD +VQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24gUm9vdCBDQSAyMB4XDTE1 +MDUyNjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpv +bjEZMBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgMjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC +ggIBAK2Wny2cSkxKgXlRmeyKy2tgURO8TW0G/LAIjd0ZEGrHJgw12MBvIITplLGbhQPDW9tK6Mj4 +kHbZW0/jTOgGNk3Mmqw9DJArktQGGWCsN0R5hYGCrVo34A3MnaZMUnbqQ523BNFQ9lXg1dKmSYXp +N+nKfq5clU1Imj+uIFptiJXZNLhSGkOQsL9sBbm2eLfq0OQ6PBJTYv9K8nu+NQWpEjTj82R0Yiw9 +AElaKP4yRLuH3WUnAnE72kr3H9rN9yFVkE8P7K6C4Z9r2UXTu/Bfh+08LDmG2j/e7HJV63mjrdvd +fLC6HM783k81ds8P+HgfajZRRidhW+mez/CiVX18JYpvL7TFz4QuK/0NURBs+18bvBt+xa47mAEx +kv8LV/SasrlX6avvDXbR8O70zoan4G7ptGmh32n2M8ZpLpcTnqWHsFcQgTfJU7O7f/aS0ZzQGPSS +btqDT6ZjmUyl+17vIWR6IF9sZIUVyzfpYgwLKhbcAS4y2j5L9Z469hdAlO+ekQiG+r5jqFoz7Mt0 +Q5X5bGlSNscpb/xVA1wf+5+9R+vnSUeVC06JIglJ4PVhHvG/LopyboBZ/1c6+XUyo05f7O0oYtlN +c/LMgRdg7c3r3NunysV+Ar3yVAhU/bQtCSwXVEqY0VThUWcI0u1ufm8/0i2BWSlmy5A5lREedCf+ +3euvAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSw +DPBMMPQFWAJI/TPlUq9LhONmUjANBgkqhkiG9w0BAQwFAAOCAgEAqqiAjw54o+Ci1M3m9Zh6O+oA +A7CXDpO8Wqj2LIxyh6mx/H9z/WNxeKWHWc8w4Q0QshNabYL1auaAn6AFC2jkR2vHat+2/XcycuUY ++gn0oJMsXdKMdYV2ZZAMA3m3MSNjrXiDCYZohMr/+c8mmpJ5581LxedhpxfL86kSk5Nrp+gvU5LE +YFiwzAJRGFuFjWJZY7attN6a+yb3ACfAXVU3dJnJUH/jWS5E4ywl7uxMMne0nxrpS10gxdr9HIcW +xkPo1LsmmkVwXqkLN1PiRnsn/eBG8om3zEK2yygmbtmlyTrIQRNg91CMFa6ybRoVGld45pIq2WWQ +gj9sAq+uEjonljYE1x2igGOpm/HlurR8FLBOybEfdF849lHqm/osohHUqS0nGkWxr7JOcQ3AWEbW +aQbLU8uz/mtBzUF+fUwPfHJ5elnNXkoOrJupmHN5fLT0zLm4BwyydFy4x2+IoZCn9Kr5v2c69BoV +Yh63n749sSmvZ6ES8lgQGVMDMBu4Gon2nL2XA46jCfMdiyHxtN/kHNGfZQIG6lzWE7OE76KlXIx3 +KadowGuuQNKotOrN8I1LOJwZmhsoVLiJkO/KdYE+HvJkJMcYr07/R54H9jVlpNMKVv/1F2Rs76gi +JUmTtt8AF9pYfl3uxRuw0dFfIRDH+fO6AgonB8Xx1sfT4PsJYGw= +-----END CERTIFICATE----- + +Amazon Root CA 3 +================ +-----BEGIN CERTIFICATE----- +MIIBtjCCAVugAwIBAgITBmyf1XSXNmY/Owua2eiedgPySjAKBggqhkjOPQQDAjA5MQswCQYDVQQG +EwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24gUm9vdCBDQSAzMB4XDTE1MDUy +NjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZ +MBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgMzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABCmXp8ZB +f8ANm+gBG1bG8lKlui2yEujSLtf6ycXYqm0fc4E7O5hrOXwzpcVOho6AF2hiRVd9RFgdszflZwjr +Zt6jQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBSrttvXBp43 +rDCGB5Fwx5zEGbF4wDAKBggqhkjOPQQDAgNJADBGAiEA4IWSoxe3jfkrBqWTrBqYaGFy+uGh0Psc +eGCmQ5nFuMQCIQCcAu/xlJyzlvnrxir4tiz+OpAUFteMYyRIHN8wfdVoOw== +-----END CERTIFICATE----- + +Amazon Root CA 4 +================ +-----BEGIN CERTIFICATE----- +MIIB8jCCAXigAwIBAgITBmyf18G7EEwpQ+Vxe3ssyBrBDjAKBggqhkjOPQQDAzA5MQswCQYDVQQG +EwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6b24gUm9vdCBDQSA0MB4XDTE1MDUy +NjAwMDAwMFoXDTQwMDUyNjAwMDAwMFowOTELMAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZ +MBcGA1UEAxMQQW1hem9uIFJvb3QgQ0EgNDB2MBAGByqGSM49AgEGBSuBBAAiA2IABNKrijdPo1MN +/sGKe0uoe0ZLY7Bi9i0b2whxIdIA6GO9mif78DluXeo9pcmBqqNbIJhFXRbb/egQbeOc4OO9X4Ri +83BkM6DLJC9wuoihKqB1+IGuYgbEgds5bimwHvouXKNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV +HQ8BAf8EBAMCAYYwHQYDVR0OBBYEFNPsxzplbszh2naaVvuc84ZtV+WBMAoGCCqGSM49BAMDA2gA +MGUCMDqLIfG9fhGt0O9Yli/W651+kI0rz2ZVwyzjKKlwCkcO8DdZEv8tmZQoTipPNU0zWgIxAOp1 +AE47xDqUEpHJWEadIRNyp4iciuRMStuW1KyLa2tJElMzrdfkviT8tQp21KW8EA== +-----END CERTIFICATE----- + +LuxTrust Global Root 2 +====================== +-----BEGIN CERTIFICATE----- +MIIFwzCCA6ugAwIBAgIUCn6m30tEntpqJIWe5rgV0xZ/u7EwDQYJKoZIhvcNAQELBQAwRjELMAkG +A1UEBhMCTFUxFjAUBgNVBAoMDUx1eFRydXN0IFMuQS4xHzAdBgNVBAMMFkx1eFRydXN0IEdsb2Jh +bCBSb290IDIwHhcNMTUwMzA1MTMyMTU3WhcNMzUwMzA1MTMyMTU3WjBGMQswCQYDVQQGEwJMVTEW +MBQGA1UECgwNTHV4VHJ1c3QgUy5BLjEfMB0GA1UEAwwWTHV4VHJ1c3QgR2xvYmFsIFJvb3QgMjCC +AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANeFl78RmOnwYoNMPIf5U2o3C/IPPIfOb9wm +Kb3FibrJgz337spbxm1Jc7TJRqMbNBM/wYlFV/TZsfs2ZUv7COJIcRHIbjuend+JZTemhfY7RBi2 +xjcwYkSSl2l9QjAk5A0MiWtj3sXh306pFGxT4GHO9hcvHTy95iJMHZP1EMShduxq3sVs35a0VkBC +wGKSMKEtFZSg0iAGCW5qbeXrt77U8PEVfIvmTroTzEsnXpk8F12PgX8zPU/TPxvsXD/wPEx1bvKm +1Z3aLQdjAsZy6ZS8TEmVT4hSyNvoaYL4zDRbIvCGp4m9SAptZoFtyMhk+wHh9OHe2Z7d21vUKpkm +FRseTJIpgp7VkoGSQXAZ96Tlk0u8d2cx3Rz9MXANF5kM+Qw5GSoXtTBxVdUPrljhPS80m8+f9niF +wpN6cj5mj5wWEWCPnolvZ77gR1o7DJpni89Gxq44o/KnvObWhWszJHAiS8sIm7vI+AIpHb4gDEa/ +a4ebsypmQjVGbKq6rfmYe+lQVRQxv7HaLe2ArWgk+2mr2HETMOZns4dA/Yl+8kPREd8vZS9kzl8U +ubG/Mb2HeFpZZYiq/FkySIbWTLkpS5XTdvN3JW1CHDiDTf2jX5t/Lax5Gw5CMZdjpPuKadUiDTSQ +MC6otOBttpSsvItO13D8xTiOZCXhTTmQzsmHhFhxAgMBAAGjgagwgaUwDwYDVR0TAQH/BAUwAwEB +/zBCBgNVHSAEOzA5MDcGByuBKwEBAQowLDAqBggrBgEFBQcCARYeaHR0cHM6Ly9yZXBvc2l0b3J5 +Lmx1eHRydXN0Lmx1MA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAWgBT/GCh2+UgFLKGu8SsbK7JT ++Et8szAdBgNVHQ4EFgQU/xgodvlIBSyhrvErGyuyU/hLfLMwDQYJKoZIhvcNAQELBQADggIBAGoZ +FO1uecEsh9QNcH7X9njJCwROxLHOk3D+sFTAMs2ZMGQXvw/l4jP9BzZAcg4atmpZ1gDlaCDdLnIN +H2pkMSCEfUmmWjfrRcmF9dTHF5kH5ptV5AzoqbTOjFu1EVzPig4N1qx3gf4ynCSecs5U89BvolbW +7MM3LGVYvlcAGvI1+ut7MV3CwRI9loGIlonBWVx65n9wNOeD4rHh4bhY79SV5GCc8JaXcozrhAIu +ZY+kt9J/Z93I055cqqmkoCUUBpvsT34tC38ddfEz2O3OuHVtPlu5mB0xDVbYQw8wkbIEa91WvpWA +VWe+2M2D2RjuLg+GLZKecBPs3lHJQ3gCpU3I+V/EkVhGFndadKpAvAefMLmx9xIX3eP/JEAdemrR +TxgKqpAd60Ae36EeRJIQmvKN4dFLRp7oRUKX6kWZ8+xm1QL68qZKJKrezrnK+T+Tb/mjuuqlPpmt +/f97mfVl7vBZKGfXkJWkE4SphMHozs51k2MavDzq1WQfLSoSOcbDWjLtR5EWDrw4wVDej8oqkDQc +7kGUnF4ZLvhFSZl0kbAEb+MEWrGrKqv+x9CWttrhSmQGbmBNvUJO/3jaJMobtNeWOWyu8Q6qp31I +iyBMz2TWuJdGsE7RKlY6oJO9r4Ak4Ap+58rVyuiFVdw2KuGUaJPHZnJED4AhMmwlxyOAgwrr +-----END CERTIFICATE----- + +TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1 +============================================= +-----BEGIN CERTIFICATE----- +MIIEYzCCA0ugAwIBAgIBATANBgkqhkiG9w0BAQsFADCB0jELMAkGA1UEBhMCVFIxGDAWBgNVBAcT +D0dlYnplIC0gS29jYWVsaTFCMEAGA1UEChM5VHVya2l5ZSBCaWxpbXNlbCB2ZSBUZWtub2xvamlr +IEFyYXN0aXJtYSBLdXJ1bXUgLSBUVUJJVEFLMS0wKwYDVQQLEyRLYW11IFNlcnRpZmlrYXN5b24g +TWVya2V6aSAtIEthbXUgU00xNjA0BgNVBAMTLVRVQklUQUsgS2FtdSBTTSBTU0wgS29rIFNlcnRp +ZmlrYXNpIC0gU3VydW0gMTAeFw0xMzExMjUwODI1NTVaFw00MzEwMjUwODI1NTVaMIHSMQswCQYD +VQQGEwJUUjEYMBYGA1UEBxMPR2ViemUgLSBLb2NhZWxpMUIwQAYDVQQKEzlUdXJraXllIEJpbGlt +c2VsIHZlIFRla25vbG9qaWsgQXJhc3Rpcm1hIEt1cnVtdSAtIFRVQklUQUsxLTArBgNVBAsTJEth +bXUgU2VydGlmaWthc3lvbiBNZXJrZXppIC0gS2FtdSBTTTE2MDQGA1UEAxMtVFVCSVRBSyBLYW11 +IFNNIFNTTCBLb2sgU2VydGlmaWthc2kgLSBTdXJ1bSAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A +MIIBCgKCAQEAr3UwM6q7a9OZLBI3hNmNe5eA027n/5tQlT6QlVZC1xl8JoSNkvoBHToP4mQ4t4y8 +6Ij5iySrLqP1N+RAjhgleYN1Hzv/bKjFxlb4tO2KRKOrbEz8HdDc72i9z+SqzvBV96I01INrN3wc +wv61A+xXzry0tcXtAA9TNypN9E8Mg/uGz8v+jE69h/mniyFXnHrfA2eJLJ2XYacQuFWQfw4tJzh0 +3+f92k4S400VIgLI4OD8D62K18lUUMw7D8oWgITQUVbDjlZ/iSIzL+aFCr2lqBs23tPcLG07xxO9 +WSMs5uWk99gL7eqQQESolbuT1dCANLZGeA4fAJNG4e7p+exPFwIDAQABo0IwQDAdBgNVHQ4EFgQU +ZT/HiobGPN08VFw1+DrtUgxHV8gwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJ +KoZIhvcNAQELBQADggEBACo/4fEyjq7hmFxLXs9rHmoJ0iKpEsdeV31zVmSAhHqT5Am5EM2fKifh +AHe+SMg1qIGf5LgsyX8OsNJLN13qudULXjS99HMpw+0mFZx+CFOKWI3QSyjfwbPfIPP54+M638yc +lNhOT8NrF7f3cuitZjO1JVOr4PhMqZ398g26rrnZqsZr+ZO7rqu4lzwDGrpDxpa5RXI4s6ehlj2R +e37AIVNMh+3yC1SVUZPVIqUNivGTDj5UDrDYyU7c8jEyVupk+eq1nRZmQnLzf9OxMUP8pI4X8W0j +q5Rm+K37DwhuJi1/FwcJsoz7UMCflo3Ptv0AnVoUmr8CRPXBwp8iXqIPoeM= +-----END CERTIFICATE----- diff --git a/patches/source/curl/curl.SlackBuild b/patches/source/curl/curl.SlackBuild new file mode 100755 index 000000000..9c5cd620b --- /dev/null +++ b/patches/source/curl/curl.SlackBuild @@ -0,0 +1,152 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2013, 2014, 2016, 2017 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=curl +VERSION=${VERSION:-$(echo curl-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-curl + +# Uncomment to build a no-SSL version: +#SSLOPT=--without-ssl + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $PKG +cd $TMP +rm -rf curl-$VERSION +tar xvf $CWD/curl-$VERSION.tar.xz || exit 1 +cd curl-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --with-ca-bundle=/usr/share/curl/ca-bundle.crt \ + --enable-static=no \ + $SSLOPT || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# We have always installed the man3 documentation, so we'll keep doing it +# even though these are no longer installed by default. No || exit 1, if +# it works, it works, and if it doesn't, we tried. +( cd docs/libcurl + make install-man3 DESTDIR=$PKG + cd opts + make install-man3 DESTDIR=$PKG +) + +mkdir -p $PKG/usr/share/curl +cp -a $CWD/cacert.pem.bz2 $PKG/usr/share/curl +( cd $PKG/usr/share/curl + bzip2 -d cacert.pem.bz2 + mv cacert.pem ca-bundle.crt + chown root:root ca-bundle.crt + chmod 644 ca-bundle.crt +) + +# We don't ship the related perl script (yet): +rm -f $PKG/usr/man/man1/mk-ca-bundle.1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +strip -g $PKG/usr/lib${LIBDIRSUFFIX}/libcurl.a + +mkdir -p $PKG/usr/doc/curl-$VERSION +cp -a \ + COPYING* README* UPGRADE \ + $PKG/usr/doc/curl-$VERSION +( cd docs + cp -a \ + BUGS CONTRIBUTE FAQ FEATURES INSTALL INTERNALS MANUAL README* RESOURCES THANKS TODO examples \ + $PKG/usr/doc/curl-$VERSION ) +# Get rid of .deps cruft: +rm -rf $PKG/usr/doc/curl-$VERSION/examples/.deps + +# If there's a CHANGES file, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGES ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat CHANGES | head -n 1000 > $DOCSDIR/ChangeLog + touch -r CHANGES $DOCSDIR/ChangeLog +fi + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/curl-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/curl/slack-desc b/patches/source/curl/slack-desc new file mode 100644 index 000000000..0fe5c532c --- /dev/null +++ b/patches/source/curl/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +curl: curl (command line URL data transfer tool) +curl: +curl: Curl is a command line tool for transferring data specified with URL +curl: syntax. The command is designed to work without user interaction or +curl: any kind of interactivity. Curl offers a busload of useful tricks +curl: like proxy support, user authentication, ftp upload, HTTP post, SSL +curl: (https:) connections, cookies, file transfer resume and more. +curl: +curl: libcurl is a library that Curl uses to do its job. It is readily +curl: available to be used by your software, too. +curl: diff --git a/patches/source/dhcp/dhclient-script.PATH.diff b/patches/source/dhcp/dhclient-script.PATH.diff new file mode 100644 index 000000000..567ed2a4f --- /dev/null +++ b/patches/source/dhcp/dhclient-script.PATH.diff @@ -0,0 +1,13 @@ +--- ./client/scripts/linux.orig 2017-07-25 08:39:54.000000000 -0500 ++++ ./client/scripts/linux 2017-08-03 15:31:41.067873392 -0500 +@@ -22,6 +22,10 @@ + # 4. TIMEOUT not tested. ping has a flag I don't know, and I'm suspicious + # of the $1 in its args. + ++# Set a reasonable default path for Linux: ++PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin ++export PATH ++ + # 5. Script refresh in 2017. The aliasing code was too convoluted and needs + # to go away. Migrated DHCPv4 script to ip command from iproute2 suite. + # This is based on Debian script with some tweaks. ifconfig is no longer diff --git a/patches/source/dhcp/dhcp-remove-bind-tarball.sh b/patches/source/dhcp/dhcp-remove-bind-tarball.sh new file mode 100755 index 000000000..5249f9679 --- /dev/null +++ b/patches/source/dhcp/dhcp-remove-bind-tarball.sh @@ -0,0 +1,49 @@ +#!/bin/sh + +# Copyright 2011 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=dhcp +VERSION=${VERSION:-4.2.1-P1} +BUILD=${BUILD:-1} + +# This is not yet used, but eventually we would like to be able to purge +# the bundled BIND and use the system's instead. Maybe wishful thinking. + +CWD=$(pwd) +TMP=${TMP:-/tmp} + +cd $TMP +rm -rf dhcp-$VERSION +tar xvf $CWD/dhcp-$VERSION.tar.?z* || exit 1 +cd dhcp-$VERSION || exit 1 + +# good "bob" why? ... +rm -rf bind/* + +# Generate a new .xz compressed tarball in /tmp: +cd $TMP +rm -f dhcp-$VERSION.tar* +tar cf dhcp-$VERSION.tar dhcp-$VERSION +xz -9 dhcp-$VERSION.tar + +echo "$TMP/dhcp-$VERSION.tar.xz created" + diff --git a/patches/source/dhcp/dhcp.SlackBuild b/patches/source/dhcp/dhcp.SlackBuild new file mode 100755 index 000000000..3a6957d90 --- /dev/null +++ b/patches/source/dhcp/dhcp.SlackBuild @@ -0,0 +1,179 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=dhcp +# Leave this one .gz as other compressors do not help much and we can keep +# the original upstream .asc +VERSION=${VERSION:-$(basename $(echo $PKGNAM-*.tar.gz | cut -f 2- -d -) .tar.gz)} +BUILD=${BUILD:-1_slack13.0} + +PKG_VERSION=$(echo $VERSION | tr - _) + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-dhcp + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf dhcp-$VERSION +tar xvf $CWD/dhcp-$VERSION.tar.gz || exit 1 +cd dhcp-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Add PATH setting to /sbin/dhclient-script +zcat $CWD/dhclient-script.PATH.diff.gz | patch -p1 || exit 1 + +# Fix paths in manual pages +sed -i \ + -e "s,ETCDIR,/etc,g" \ + -e "s,DBDIR,/var/state/dhcp,g" \ + -e "s,RUNDIR,/var/run,g" \ + client/*.{5,8} \ + server/*.{5,8} \ + doc/*/*.{5,8} + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --docdir=/usr/doc/dhcp-$VERSION \ + --build=$ARCH-slackware-linux \ + --with-srv-lease-file=/var/state/dhcp/dhcpd.leases \ + --with-srv6-lease-file=/var/state/dhcp/dhcpd6.leases \ + --with-cli-lease-file=/var/state/dhcp/dhclient.leases \ + --with-cli6-lease-file=/var/state/dhcp/dhclient6.leases +# Default pid dir is still /var/run, so no need to declare it + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# DHCP libraries need not be included, yet. +rm -rf $PKG/usr/{include,lib${LIBDIRSUFFIX}} + +# We need this in /sbin +mkdir -p $PKG/sbin +mv $PKG/usr/sbin/dhclient $PKG/sbin + +# Install the dhclient-script for linux +cat client/scripts/linux > $PKG/sbin/dhclient-script +chmod 700 $PKG/sbin/dhclient-script + +# Create the initial *.leases files: +mkdir -p $PKG/var/state/dhcp +touch $PKG/var/state/dhcp/dhcpd.leases.new +touch $PKG/var/state/dhcp/dhcpd6.leases.new +touch $PKG/var/state/dhcp/dhclient.leases.new +touch $PKG/var/state/dhcp/dhclient6.leases.new + +cat << EOF > $PKG/etc/dhcpd.conf.new +# dhcpd.conf +# +# Configuration file for ISC dhcpd (see 'man dhcpd.conf') +# +EOF + +cat << EOF > $PKG/etc/dhclient.conf.new +# dhclient.conf +# +# Configuration file for ISC dhclient (see 'man dhclient.conf') +# +EOF + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc/dhcp-$VERSION/examples +cp -a \ + LICENSE README RELNOTES \ + $PKG/usr/doc/dhcp-$VERSION +mv $PKG/etc/dhcpd.conf $PKG/etc/dhclient.conf \ + $PKG/usr/doc/dhcp-$VERSION/examples + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/dhcp-$PKG_VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/dhcp/doinst.sh b/patches/source/dhcp/doinst.sh new file mode 100644 index 000000000..a376034a5 --- /dev/null +++ b/patches/source/dhcp/doinst.sh @@ -0,0 +1,21 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/dhcpd.conf.new +config etc/dhclient.conf.new +config var/state/dhcp/dhcpd.leases.new +config var/state/dhcp/dhcpd6.leases.new +config var/state/dhcp/dhclient.leases.new +config var/state/dhcp/dhclient6.leases.new +rm -f var/state/dhcp/*.leases.new + diff --git a/patches/source/dhcp/slack-desc b/patches/source/dhcp/slack-desc new file mode 100644 index 000000000..f586e4e1b --- /dev/null +++ b/patches/source/dhcp/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +dhcp: dhcp (DHCP server and client utilities) +dhcp: +dhcp: This package provides the ISC's DHCP utilities, including both a +dhcp: server and client. The DHCP protocol allows a host to contact a +dhcp: central server which maintains a list of IP addresses which may be +dhcp: assigned on one or more subnets. A DHCP client may request an +dhcp: address from this pool, and then use it temporarily for communication +dhcp: on the network. The DHCP protocol also provides a mechanism whereby +dhcp: a client can learn important details about the network to which it is +dhcp: attached, such as the location of a default router or name server. +dhcp: diff --git a/patches/source/dhcpcd/COPYRIGHT b/patches/source/dhcpcd/COPYRIGHT new file mode 100644 index 000000000..07d9e683b --- /dev/null +++ b/patches/source/dhcpcd/COPYRIGHT @@ -0,0 +1,26 @@ +/* + * dhcpcd - DHCP client daemon + * Copyright 2006-2008 Roy Marples <roy@marples.name> + * All rights reserved + + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ diff --git a/patches/source/dhcpcd/dhcpcd.SlackBuild b/patches/source/dhcpcd/dhcpcd.SlackBuild new file mode 100755 index 000000000..75ec85a21 --- /dev/null +++ b/patches/source/dhcpcd/dhcpcd.SlackBuild @@ -0,0 +1,127 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-3.2.3} +BUILD=${BUILD:-2_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-dhcpcd + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf dhcpcd-$VERSION +tar xvf $CWD/dhcpcd-$VERSION.tar.bz2 || exit 1 +cd dhcpcd-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Sanitize shell metacharacters from strings provided by the DHCP server: +zcat $CWD/patches/dhcpcd3.sanitize_strings.diff.gz | patch -p1 --verbose || exit 1 + +# This changes the default locations where *.pid and other files are +# written - instead of various locations, use /etc/dhcpc +# The latter directory was long traditional, and (more importantly) +# you can't be sure that /var is mounted yet when dhcpcd is invoked. +zcat $CWD/patches/config.h.diff.gz | patch -p1 || exit 1 + +# Fixup the sample dhcpcd.sh script to reflect our changes +zcat $CWD/patches/dhcpcd.sh.diff.gz | patch -p1 || exit 1 + +# Fix a typo in the manpage +zcat $CWD/patches/dhcpcd.8.in.diff.gz | patch -p1 || exit 1 + +# Disable zeroconf support +# I'm not sure if this is necessary, to be honest. If we do this though, +# I think we'll want to edit the man page to remove references to it. +#sed -i 's%#define ENABLE_IPV4LL%#undef ENABLE_IPV4LL%' config.h + +# Fix segfaulting on x86_64. Apparently i?86 is more forgiving +#zcat $CWD/dhcpcd.vararg.diff.gz | patch -p1 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ + make INFODIR=/etc/dhcpc || exit 1 + +# We'll install this manually, as the only thing "make install" actually +# installs is the executable and the man page, and the man page goes to +# the wrong place :-) +mkdir -p $PKG/sbin +cp -a dhcpcd $PKG/sbin + +mkdir -p $PKG/usr/man/man8 +gzip -9c dhcpcd.8 > $PKG/usr/man/man8/dhcpcd.8.gz + +# This script (or its equivalent) has been installed non-executable for +# several dhcpcd releases leading me to believe this is intentional on the +# part of the developers. Indeed, the script is called a "sample" in the +# included comments, and there's been at least one security issue related +# to its use in the past, so it's probably a safer bet to not install it so +# that it works "out of the box". However, making it non-executable is not +# the best solution for this as it leads to error messages in the system +# logs which I hear about from time to time. Instead, we'll make it +# executable, but will give it a suffix of -sample so that dhcpcd won't +# attempt to run it unless the admin specifically configure it to do so. +# As far as I can tell it does nothing more than add some extra verbosity +# to the logs anyway, and rc.inet1 already does that. There's really no +# need that I can see to enable the script. +mkdir -p $PKG/etc/dhcpc +cp -a dhcpcd.sh $PKG/etc/dhcpc/dhcpcd.sh-sample +chmod 755 $PKG/etc/dhcpc/dhcpcd.sh-sample + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc/dhcpcd-$VERSION +cp -a README $PKG/usr/doc/dhcpcd-$VERSION +zcat $CWD/COPYRIGHT.gz > $PKG/usr/doc/dhcpcd-$VERSION/COPYRIGHT + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/dhcpcd-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/dhcpcd/dhcpcd.vararg.diff b/patches/source/dhcpcd/dhcpcd.vararg.diff new file mode 100644 index 000000000..b3ac81ca5 --- /dev/null +++ b/patches/source/dhcpcd/dhcpcd.vararg.diff @@ -0,0 +1,30 @@ +--- dhcpcd-2.0.8.orig/src/logger.c 2008-11-07 00:10:23.000000000 +0000 ++++ dhcpcd-2.0.8/src/logger.c 2008-11-07 00:13:46.000000000 +0000 +@@ -46,21 +46,25 @@ + { + va_list p; + va_list p2; ++ va_list p3; + FILE *f = stderr; + + va_start(p, fmt); + va_copy(p2, p); ++ va_copy(p3, p); + /* The default to send debug to stderr is just WAY too much console noise, IMHO */ + if(!Daemonized && strcmp(syslog_level_msg[level],"Info")) { + f = stdout; + /* fprintf(f, "%s, ", syslog_level_msg[level]); */ + vfprintf(f, fmt, p); + fputc('\n', f); +- vsyslog(level, fmt, p); ++ vsyslog(level, fmt, p2); + } + if ( level <= LogLevel ) +- vsyslog(level, fmt, p2); ++ vsyslog(level, fmt, p3); + va_end(p); ++ va_end(p2); ++ va_end(p3); + } + + // vim: set ts=4 : diff --git a/patches/source/dhcpcd/patches/config.h.diff b/patches/source/dhcpcd/patches/config.h.diff new file mode 100644 index 000000000..7bdefb600 --- /dev/null +++ b/patches/source/dhcpcd/patches/config.h.diff @@ -0,0 +1,17 @@ +diff -Nur dhcpcd-3.2.3.orig/config.h dhcpcd-3.2.3/config.h +--- dhcpcd-3.2.3.orig/config.h 2008-02-25 02:28:19.000000000 -0600 ++++ dhcpcd-3.2.3/config.h 2009-03-06 14:55:01.998436374 -0600 +@@ -71,10 +71,10 @@ + + #define OPENNTPFILE ETCDIR "/ntpd.conf" + +-#define DEFAULT_SCRIPT ETCDIR "/" PACKAGE ".sh" ++#define DEFAULT_SCRIPT INFODIR "/" PACKAGE ".sh" + +-#define STATEDIR "/var" +-#define PIDFILE STATEDIR "/run/" PACKAGE "-%s.pid" ++#define STATEDIR INFODIR ++#define PIDFILE INFODIR "/" PACKAGE "-%s.pid" + + #ifndef INFODIR + # define INFODIR "/var/lib/dhcpcd" diff --git a/patches/source/dhcpcd/patches/dhcpcd.8.in.diff b/patches/source/dhcpcd/patches/dhcpcd.8.in.diff new file mode 100644 index 000000000..7486c769a --- /dev/null +++ b/patches/source/dhcpcd/patches/dhcpcd.8.in.diff @@ -0,0 +1,12 @@ +diff -Nur dhcpcd-3.2.3.orig/dhcpcd.8.in dhcpcd-3.2.3/dhcpcd.8.in +--- dhcpcd-3.2.3.orig/dhcpcd.8.in 2008-02-25 02:28:19.000000000 -0600 ++++ dhcpcd-3.2.3/dhcpcd.8.in 2009-03-06 19:36:02.207109931 -0600 +@@ -117,7 +117,7 @@ + up, down or new depending on the state of + .Nm . + .Nm +-ignores the exist code of the script. ++ignores the exit code of the script. + .Ss Fine tuning + You can fine tune the behaviour of + .Nm diff --git a/patches/source/dhcpcd/patches/dhcpcd.sh.diff b/patches/source/dhcpcd/patches/dhcpcd.sh.diff new file mode 100644 index 000000000..290665a98 --- /dev/null +++ b/patches/source/dhcpcd/patches/dhcpcd.sh.diff @@ -0,0 +1,17 @@ +--- a/dhcpcd.sh 2009-03-06 19:22:41.247171672 -0600 ++++ b/dhcpcd.sh 2009-03-06 19:24:19.186014526 -0600 +@@ -1,10 +1,10 @@ + #!/bin/sh + # +-# This is a sample /etc/dhcpcd.sh script. +-# /etc/dhcpcd.sh script is executed by dhcpcd daemon ++# This is a sample /etc/dhcpc/dhcpcd.sh script. ++# /etc/dhcpc/dhcpcd.sh script is executed by dhcpcd daemon + # any time it configures or shuts down interface. +-# The following parameters are passed to dhcpcd.exe script: +-# $1 = HostInfoFilePath, e.g "/var/lib/dhcpcd/dhcpcd-eth0.info" ++# The following parameters are passed to the dhcpcd.sh script: ++# $1 = HostInfoFilePath, e.g "/etc/dhcpc/dhcpcd-eth0.info" + # $2 = "up" if interface has been configured with the same + # IP address as before reboot; + # $2 = "down" if interface has been shut down; diff --git a/patches/source/dhcpcd/patches/dhcpcd3.sanitize_strings.diff b/patches/source/dhcpcd/patches/dhcpcd3.sanitize_strings.diff new file mode 100644 index 000000000..406846f3f --- /dev/null +++ b/patches/source/dhcpcd/patches/dhcpcd3.sanitize_strings.diff @@ -0,0 +1,346 @@ +From 1e664b472a2a915ad31567de729ee0a521db93d0 Mon Sep 17 00:00:00 2001 +From: Marius Tomaschewski <mt@suse.de> +Date: Thu, 17 Mar 2011 22:18:16 +0100 +Subject: [PATCH] Discard string options with incorrect values + +Discard string options such as host and domain names +containing disallowed characters or beeing too long. +This proctive patch limits root-path to the a-zA-Z0-9, +space and the #%+-_:.,@~/\[]= characters. + +Signed-off-by: Marius Tomaschewski <mt@suse.de> +--- + configure.c | 15 +++--- + dhcp.c | 160 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++-- + dhcp.h | 8 +++ + dhcpcd.c | 9 +++- + 4 files changed, 177 insertions(+), 15 deletions(-) + +diff --git a/configure.c b/configure.c +index 0969f73..24dd6e8 100644 +--- a/configure.c ++++ b/configure.c +@@ -453,7 +453,7 @@ static char *lookuphostname (char *hostname, const dhcp_t *dhcp, + char *addr; + struct addrinfo hints; + struct addrinfo *res = NULL; +- int result; ++ int result, check; + char *p; + + logger (LOG_DEBUG, "Looking up hostname via DNS"); +@@ -479,9 +479,10 @@ static char *lookuphostname (char *hostname, const dhcp_t *dhcp, + result = getaddrinfo (addr, "0", &hints, &res); + if (res) + freeaddrinfo (res); +- if (result == 0) ++ check = check_domain_name(addr, strlen(addr), 0); ++ if (result == 0 || check != 0) + logger (LOG_ERR, "malicious PTR record detected"); +- if (result == 0 || ! *addr) { ++ if (result == 0 || ! *addr || check != 0) { + free (addr); + return (NULL); + } +@@ -758,12 +759,12 @@ int configure (const options_t *options, interface_t *iface, + #endif + + curhostname = xmalloc (sizeof (char) * MAXHOSTNAMELEN); +- *curhostname = '\0'; ++ memset(curhostname, 0, MAXHOSTNAMELEN); + +- gethostname (curhostname, MAXHOSTNAMELEN); ++ gethostname (curhostname, MAXHOSTNAMELEN - 1); ++ curhostname[MAXHOSTNAMELEN - 1] = '\0'; + if (options->dohostname || +- strlen (curhostname) == 0 || +- strcmp (curhostname, "(none)") == 0 || ++ check_domain_name(curhostname, strlen (curhostname), 0) != 0 || + strcmp (curhostname, "localhost") == 0) + { + newhostname = xmalloc (sizeof (char) * MAXHOSTNAMELEN); +diff --git a/dhcp.c b/dhcp.c +index 8ed66da..5165078 100644 +--- a/dhcp.c ++++ b/dhcp.c +@@ -41,6 +41,8 @@ + #include <stdint.h> + #include <stdlib.h> + #include <string.h> ++#include <stddef.h> ++#include <ctype.h> + + #include "config.h" + +@@ -618,6 +620,106 @@ static struct route_head *decode_routers (const unsigned char *data, int length) + return (head); + } + ++int check_domain_name(const char *ptr, size_t len, int dots) ++{ ++ const char *p; ++ ++ /* not empty or complete length not over 255 characters */ ++ if (len == 0 || len > 256) ++ return -1; ++ ++ /* consists of [[:alnum:]-]+ labels separated by [.] */ ++ /* a [_] is against RFC but seems to be "widely used"... */ ++ for (p=ptr; *p && len-- > 0; p++) { ++ if ( *p == '-' || *p == '_') { ++ /* not allowed at begin or end of a label */ ++ if ((p - ptr) == 0 || len == 0 || p[1] == '.') ++ return -1; ++ } else ++ if ( *p == '.') { ++ /* each label has to be 1-63 characters; ++ we allow [.] at the end ('foo.bar.') */ ++ ptrdiff_t d = p - ptr; ++ if( d <= 0 || d >= 64) ++ return -1; ++ ptr = p + 1; /* jump to the next label */ ++ if(dots > 0 && len > 0) ++ dots--; ++ } else ++ if ( !isalnum((int)*p)) { ++ /* also numbers at the begin are fine */ ++ return -1; ++ } ++ } ++ return dots ? -1 : 0; ++} ++ ++int check_domain_name_list(const char *ptr, size_t len, int dots) ++{ ++ const char *p; ++ int ret = -1; /* at least one needed */ ++ ++ if (!ptr || !len) ++ return -1; ++ ++ for (p=ptr; *p && len > 0; p++, len--) { ++ if (*p != ' ') ++ continue; ++ if (p > ptr) { ++ if (check_domain_name(ptr, p - ptr, dots) != 0) ++ return -1; ++ ret = 0; ++ } ++ ptr = p + 1; ++ } ++ if (p > ptr) ++ return check_domain_name(ptr, p - ptr, dots); ++ else ++ return ret; ++} ++ ++int check_dhcpoption(unsigned char option, const char *ptr, size_t len) ++{ ++ if( !ptr) ++ return -1; ++ ++ switch (option) { ++ case DHCP_NETBIOSNODETYPE: ++ if(len == 1 && ((int)*ptr == 1 || (int)*ptr == 2 || ++ (int)*ptr == 4 || (int)*ptr == 8)) ++ return 0; ++ break; ++ case DHCP_HOSTNAME: ++ case DHCP_DNSDOMAIN: ++ case DHCP_NISDOMAIN: ++ case DHCP_NETBIOSSCOPE: ++ return check_domain_name(ptr, len, 0); ++ break; ++ case DHCP_SIPSERVER: ++ case DHCP_DNSSEARCH: ++ return check_domain_name_list(ptr, len, 0); ++ break; ++ case DHCP_ROOTPATH: ++ if( len == 0) ++ return -1; ++ for (; *ptr && len-- > 0; ptr++) { ++ if( !(isalnum((int)*ptr) || ++ *ptr == '#' || *ptr == '%' || ++ *ptr == '+' || *ptr == '-' || ++ *ptr == '_' || *ptr == ':' || ++ *ptr == '.' || *ptr == ',' || ++ *ptr == '@' || *ptr == '~' || ++ *ptr == '\\' || *ptr == '/' || ++ *ptr == '[' || *ptr == ']' || ++ *ptr == '=' || *ptr == ' ')) ++ return -1; ++ } ++ return 0; ++ break; ++ } ++ return -1; ++} ++ + int parse_dhcpmessage (dhcp_t *dhcp, const dhcpmessage_t *message) + { + const unsigned char *p = message->options; +@@ -646,8 +748,16 @@ int parse_dhcpmessage (dhcp_t *dhcp, const dhcpmessage_t *message) + dhcp->leasedfrom = tv.tv_sec; + dhcp->frominfo = false; + dhcp->address.s_addr = message->yiaddr; +- strlcpy (dhcp->servername, (char *) message->servername, +- sizeof (dhcp->servername)); ++ if (message->servername[0] != '\0' && ++ check_domain_name((const char *)message->servername, ++ strlen((const char *)message->servername), 0) != 0) ++ { ++ logger (LOG_ERR, "suspect value in SERVERNAME - discarded"); ++ dhcp->servername[0] = '\0'; ++ } else { ++ strlcpy (dhcp->servername, (char *) message->servername, ++ sizeof (dhcp->servername)); ++ } + + #define LEN_ERR \ + { \ +@@ -768,10 +878,20 @@ parse_start: + memcpy (_var, p, (size_t) length); \ + memset (_var + length, 0, 1); \ + } ++#define CHECKOPT(_opt,_var) \ ++ if(check_dhcpoption(_opt, (const char *)p, length) != 0) { \ ++ logger (LOG_ERR, "suspect value in option %s - discarded", #_opt); \ ++ if (_var) free (_var); \ ++ _var = NULL; \ ++ } + case DHCP_HOSTNAME: ++ CHECKOPT (DHCP_HOSTNAME, dhcp->hostname) ++ else + GETSTR (dhcp->hostname); + break; + case DHCP_DNSDOMAIN: ++ CHECKOPT (DHCP_DNSDOMAIN, dhcp->dnsdomain) ++ else + GETSTR (dhcp->dnsdomain); + break; + case DHCP_MESSAGE: +@@ -779,11 +899,15 @@ parse_start: + break; + #ifdef ENABLE_INFO + case DHCP_ROOTPATH: ++ CHECKOPT (DHCP_ROOTPATH, dhcp->rootpath) ++ else + GETSTR (dhcp->rootpath); + break; + #endif + #ifdef ENABLE_NIS + case DHCP_NISDOMAIN: ++ CHECKOPT (DHCP_NISDOMAIN, dhcp->nisdomain) ++ else + GETSTR (dhcp->nisdomain); + break; + #endif +@@ -814,11 +938,21 @@ parse_start: + case DHCP_DNSSEARCH: + MIN_LENGTH (1); + free (dhcp->dnssearch); ++ dhcp->dnssearch = NULL; + len = decode_search (p, length, NULL); + if (len > 0) { +- dhcp->dnssearch = xmalloc (len); +- decode_search (p, length, +- dhcp->dnssearch); ++ char *str = xmalloc (len); ++ decode_search (p, length, str); ++ if(check_dhcpoption(DHCP_DNSSEARCH, ++ str, len - 1) != 0) { ++ logger (LOG_ERR, ++ "suspect value in " ++ "option %s - discarded", ++ "DHCP_DNSSEARCH"); ++ free(str); ++ } else { ++ dhcp->dnssearch = str; ++ } + } + break; + +@@ -837,7 +971,20 @@ parse_start: + #ifdef ENABLE_INFO + case DHCP_SIPSERVER: + free (dhcp->sipservers); +- dhcp->sipservers = decode_sipservers (p,length); ++ dhcp->sipservers = NULL; ++ { ++ char *str = decode_sipservers (p,length); ++ if(check_dhcpoption(DHCP_SIPSERVER, ++ str, strlen(str)) != 0) { ++ logger (LOG_ERR, ++ "suspect value in " ++ "option %s - discarded", ++ "DHCP_SIPSERVER"); ++ free(str); ++ } else { ++ dhcp->sipservers = str; ++ } ++ } + break; + #endif + +@@ -873,6 +1020,7 @@ parse_start: + #undef LENGTH + #undef MIN_LENGTH + #undef MULT_LENGTH ++#undef CHECKOPT + + default: + logger (LOG_DEBUG, +diff --git a/dhcp.h b/dhcp.h +index cc66d13..d2cdc45 100644 +--- a/dhcp.h ++++ b/dhcp.h +@@ -86,6 +86,10 @@ enum DHCP_OPTIONS + DHCP_NISDOMAIN = 40, + DHCP_NISSERVER = 41, + DHCP_NTPSERVER = 42, ++ DHCP_NETBIOSNAMESERVER = 44, ++ DHCP_NETBIOSDDSERVER = 45, ++ DHCP_NETBIOSNODETYPE = 46, ++ DHCP_NETBIOSSCOPE = 47, + DHCP_ADDRESS = 50, + DHCP_LEASETIME = 51, + DHCP_OPTIONSOVERLOADED = 52, +@@ -213,4 +217,8 @@ ssize_t send_message (const interface_t *iface, const dhcp_t *dhcp, + void free_dhcp (dhcp_t *dhcp); + int parse_dhcpmessage (dhcp_t *dhcp, const dhcpmessage_t *message); + ++int check_dhcpoption (unsigned char option, const char *ptr, size_t len); ++int check_domain_name(const char *ptr, size_t len, int dots); ++int check_domain_name_list(const char *ptr, size_t len, int dots); ++ + #endif +diff --git a/dhcpcd.c b/dhcpcd.c +index e101847..318dd7f 100644 +--- a/dhcpcd.c ++++ b/dhcpcd.c +@@ -178,8 +178,10 @@ int main(int argc, char **argv) + options->doduid = true; + options->timeout = DEFAULT_TIMEOUT; + +- gethostname (options->hostname, sizeof (options->hostname)); +- if (strcmp (options->hostname, "(none)") == 0 || ++ memset (options->hostname, 0, sizeof (options->hostname)); ++ gethostname (options->hostname, sizeof (options->hostname) - 1); ++ options->hostname[sizeof (options->hostname) - 1] = '\0'; ++ if (check_domain_name(options->hostname, strlen(options->hostname), 0) != 0 || + strcmp (options->hostname, "localhost") == 0) + memset (options->hostname, 0, sizeof (options->hostname)); + +@@ -228,6 +230,9 @@ int main(int argc, char **argv) + "`%s' too long for HostName string, max is %d", + optarg, MAXHOSTNAMELEN); + goto abort; ++ } else if(check_domain_name(optarg, strlen(optarg), 0) != 0) { ++ logger (LOG_ERR, "suspect string in hostname argument"); ++ goto abort; + } else + strlcpy (options->hostname, optarg, + sizeof (options->hostname)); +-- +1.7.1 + diff --git a/patches/source/dhcpcd/slack-desc b/patches/source/dhcpcd/slack-desc new file mode 100644 index 000000000..04859d7cb --- /dev/null +++ b/patches/source/dhcpcd/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +dhcpcd: dhcpcd (DHCP client daemon) +dhcpcd: +dhcpcd: The DHCP client program dhcpcd is used to connect to a network by +dhcpcd: contacting a DHCP server. dhcpcd gets an IP address and other +dhcpcd: information from a corresponding DHCP server, configures the network +dhcpcd: interface automatically, and tries to renew the lease time according +dhcpcd: to RFC2131 or RFC1541 depending on the command line option. +dhcpcd: +dhcpcd: +dhcpcd: +dhcpcd: diff --git a/patches/source/dnsmasq/dnsmasq.SlackBuild b/patches/source/dnsmasq/dnsmasq.SlackBuild new file mode 100755 index 000000000..a9c5c046f --- /dev/null +++ b/patches/source/dnsmasq/dnsmasq.SlackBuild @@ -0,0 +1,107 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2015, 2017 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo dnsmasq-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.0} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-dnsmasq + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf dnsmasq-$VERSION +tar xvf $CWD/dnsmasq-$VERSION.tar.xz || exit 1 +cd dnsmasq-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/dnsmasq.leasedir.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 + +make $NUMJOBS all-i18n PREFIX=/usr MANDIR=/usr/man || exit 1 +make install-i18n PREFIX=/usr DESTDIR=$PKG MANDIR=/usr/man || exit 1 +chmod 0755 $PKG/usr/sbin/dnsmasq + +mkdir -p $PKG/etc/dnsmasq.d + +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/var/state/dnsmasq + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/etc +cat dnsmasq.conf.example > $PKG/etc/dnsmasq.conf.new +mkdir -p $PKG/etc/rc.d +zcat $CWD/rc.dnsmasq.gz > $PKG/etc/rc.d/rc.dnsmasq.new + +mkdir -p $PKG/usr/doc/dnsmasq-$VERSION +cp -a \ + COPYING FAQ doc.html setup.html \ + $PKG/usr/doc/dnsmasq-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGELOG ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat CHANGELOG | head -n 1000 > $DOCSDIR/CHANGELOG + touch -r CHANGELOG $DOCSDIR/CHANGELOG +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/dnsmasq-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/dnsmasq/dnsmasq.leasedir.diff b/patches/source/dnsmasq/dnsmasq.leasedir.diff new file mode 100644 index 000000000..9fec6b439 --- /dev/null +++ b/patches/source/dnsmasq/dnsmasq.leasedir.diff @@ -0,0 +1,24 @@ +diff -Nur dnsmasq-2.52.orig/dnsmasq.conf.example dnsmasq-2.52/dnsmasq.conf.example +--- dnsmasq-2.52.orig/dnsmasq.conf.example 2009-11-25 06:55:16.000000000 -0600 ++++ dnsmasq-2.52/dnsmasq.conf.example 2010-01-22 15:32:41.137807274 -0600 +@@ -415,7 +415,7 @@ + # The DHCP server needs somewhere on disk to keep its lease database. + # This defaults to a sane location, but if you want to change it, use + # the line below. +-#dhcp-leasefile=/var/lib/misc/dnsmasq.leases ++#dhcp-leasefile=/var/state/dnsmasq/dnsmasq.leases + + # Set the DHCP server to authoritative mode. In this mode it will barge in + # and take over the lease for any client which broadcasts on the network, +diff -Nur dnsmasq-2.52.orig/src/config.h dnsmasq-2.52/src/config.h +--- dnsmasq-2.52.orig/src/config.h 2010-01-21 08:22:06.000000000 -0600 ++++ dnsmasq-2.52/src/config.h 2010-01-22 15:32:41.136833058 -0600 +@@ -47,7 +47,7 @@ + # elif defined(__sun__) || defined (__sun) + # define LEASEFILE "/var/cache/dnsmasq.leases" + # else +-# define LEASEFILE "/var/lib/misc/dnsmasq.leases" ++# define LEASEFILE "/var/state/dnsmasq/dnsmasq.leases" + # endif + #endif + diff --git a/patches/source/dnsmasq/doinst.sh b/patches/source/dnsmasq/doinst.sh new file mode 100644 index 000000000..9aadc3e55 --- /dev/null +++ b/patches/source/dnsmasq/doinst.sh @@ -0,0 +1,26 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +preserve_perms() { + NEW="$1" + OLD="$(dirname ${NEW})/$(basename ${NEW} .new)" + if [ -e ${OLD} ]; then + cp -a ${OLD} ${NEW}.incoming + cat ${NEW} > ${NEW}.incoming + mv ${NEW}.incoming ${NEW} + fi + config ${NEW} +} +config etc/dnsmasq.conf.new +preserve_perms etc/rc.d/rc.dnsmasq.new + +# This should be mostly useless... +rm -f etc/rc.d/rc.dnsmasq.new diff --git a/patches/source/dnsmasq/rc.dnsmasq b/patches/source/dnsmasq/rc.dnsmasq new file mode 100644 index 000000000..ce584cbd2 --- /dev/null +++ b/patches/source/dnsmasq/rc.dnsmasq @@ -0,0 +1,36 @@ +#!/bin/sh +# Start/stop/restart dnsmasq (a small DNS/DHCP server): + +# Start dnsmasq: +dnsmasq_start() { + if [ -x /usr/sbin/dnsmasq ]; then + echo "Starting dnsmasq: /usr/sbin/dnsmasq" + /usr/sbin/dnsmasq + fi +} + +# Stop dnsmasq: +dnsmasq_stop() { + killall dnsmasq +} + +# Restart dnsmasq: +dnsmasq_restart() { + dnsmasq_stop + sleep 1 + dnsmasq_start +} + +case "$1" in +'start') + dnsmasq_start + ;; +'stop') + dnsmasq_stop + ;; +'restart') + dnsmasq_restart + ;; +*) + echo "usage rc.dnsmasq: start|stop|restart" +esac diff --git a/patches/source/dnsmasq/slack-desc b/patches/source/dnsmasq/slack-desc new file mode 100644 index 000000000..3db2c42e3 --- /dev/null +++ b/patches/source/dnsmasq/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +dnsmasq: dnsmasq (small DNS and DHCP server) +dnsmasq: +dnsmasq: Dnsmasq is a lightweight, easy to configure DNS forwarder and DHCP +dnsmasq: server. It is designed to provide DNS (and optionally DHCP) to a +dnsmasq: small network, and can serve the names of local machines which are not +dnsmasq: in the global DNS. +dnsmasq: +dnsmasq: Dnsmasq was written by Simon Kelley. +dnsmasq: +dnsmasq: Homepage: http://www.thekelleys.org.uk/dnsmasq/ +dnsmasq: diff --git a/patches/source/emacs/doinst.sh b/patches/source/emacs/doinst.sh new file mode 100644 index 000000000..64a3adff1 --- /dev/null +++ b/patches/source/emacs/doinst.sh @@ -0,0 +1,10 @@ +# Vim ships a better (IMHO) version of ctags, and we don't want +# to overwrite it with this one. If you really want emacs' ctags +# either copy or link it into place yourself, or remove the vim +# packages and reinstall emacs. Besides, does anyone know/use +# *both* emacs and vi? I'd think that would bring the universe +# to an end. ;-) +if [ ! -e usr/bin/ctags ]; then + cp -a usr/bin/ctags-emacs usr/bin/ctags + cp -a usr/man/man1/ctags-emacs.1.gz usr/man/man1/ctags.1.gz +fi diff --git a/patches/source/emacs/emacs.SlackBuild b/patches/source/emacs/emacs.SlackBuild new file mode 100755 index 000000000..ecc972e6f --- /dev/null +++ b/patches/source/emacs/emacs.SlackBuild @@ -0,0 +1,190 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012, 2014, 2015, 2017 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# Slackware build script for emacs-22 + +# Written by DuÅ¡an Stefanović (stefanovic.dusan@gmail.com) +# Modified by Robby Workman <rworkman@slackbuilds.org> +# Modified by Patrick Volkerding <volkerdi@slackware.com> + +PKGNAM=emacs +BUILD=${BUILD:-1_slack13.0} +# Determine version number the tarball is labeled with: +TARBALLVER=${TARBALLVER:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +# OK, now what's being used as the source directory version number... account +# for subversions a, b, c, and d in the $TARBALLVER: +SRCDIRVER=$(echo $TARBALLVER | tr -d a | tr -d b | tr -d c | tr -d d) +# I guess this is the main "version"... we don't use this variable anywhere below, but +# defining it is traditional: +VERSION=$SRCDIRVER + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i486 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +elif [ "$ARCH" = "armv7hl" ]; then + SLKCFLAGS="-O2 -march=armv7-a -mfpu=vfpv3-d16" +else + SLKCFLAGS="-O2" +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$TARBALLVER +tar xvf $CWD/$PKGNAM-$TARBALLVER.tar.xz || exit 1 +cd $PKGNAM-$SRCDIRVER || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --program-prefix="" \ + --program-suffix="" \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --without-gconf \ + --without-gsettings \ + --with-x \ + --with-x-toolkit=gtk2 \ + --build=${ARCH}-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +( cd $PKG/usr/bin + rm emacs + mv emacs-${SRCDIRVER} emacs-${TARBALLVER}-with-x11 + ln -sf emacs-${TARBALLVER}-with-x11 emacs +) + +# Also add a version of the binary that is not linked to X11: +cd $TMP +rm -rf $PKGNAM-$TARBALLVER +tar xvf $CWD/$PKGNAM-$TARBALLVER.tar.xz || exit 1 +cd $PKGNAM-$SRCDIRVER || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --program-prefix="" \ + --program-suffix="" \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --without-gconf \ + --without-gsettings \ + --with-x=no \ + --build=${ARCH}-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 + +# Install the non-x version: +cat src/emacs > $PKG/usr/bin/emacs-${TARBALLVER}-no-x11 +chown root:root $PKG/usr/bin/emacs-${TARBALLVER}-no-x11 +chmod 1755 $PKG/usr/bin/emacs-${TARBALLVER}-no-x11 + +# I don't care for broken permissions. +chmod 755 $PKG/var/games/emacs +chown -R root:games $PKG/var/games/emacs +chmod 664 $PKG/var/games/emacs/* + +# This avoids a collision with Exuberant Ctags... +mv $PKG/usr/bin/ctags $PKG/usr/bin/ctags-emacs +if [ -r $PKG/usr/man/man1/ctags.1 ]; then + mv $PKG/usr/man/man1/ctags.1 $PKG/usr/man/man1/ctags-emacs.1 +elif [ -r $PKG/usr/man/man1/ctags.1.gz ]; then + mv $PKG/usr/man/man1/ctags.1.gz $PKG/usr/man/man1/ctags-emacs.1.gz +fi + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +( cd $PKG/usr/man + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +) + +( cd $PKG/usr/info + rm -f dir + gzip -9 * +) + +mkdir -p $PKG/usr/doc/$PKGNAM-$TARBALLVER +cp -a \ + AUTHORS COPYING* INSTALL README* \ + $PKG/usr/doc/$PKGNAM-$TARBALLVER + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$TARBALLVER) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$TARBALLVER-$ARCH-$BUILD.txz + diff --git a/patches/source/emacs/slack-desc b/patches/source/emacs/slack-desc new file mode 100644 index 000000000..94ba8e13e --- /dev/null +++ b/patches/source/emacs/slack-desc @@ -0,0 +1,12 @@ + |-----handy-ruler------------------------------------------------------| +emacs: emacs (GNU Emacs) +emacs: +emacs: Emacs is the extensible, customizable, self-documenting real-time +emacs: display editor. If this seems to be a bit of a mouthful, an +emacs: easier explanation is that Emacs is a text editor and more. At +emacs: its core is an interpreter for Emacs Lisp, a dialect of the Lisp +emacs: programming language with extensions to support text editing. +emacs: This version supports X. +emacs: +emacs: http://www.gnu.org/software/emacs/ +emacs: diff --git a/patches/source/expat/expat.SlackBuild b/patches/source/expat/expat.SlackBuild new file mode 100755 index 000000000..96aea5215 --- /dev/null +++ b/patches/source/expat/expat.SlackBuild @@ -0,0 +1,101 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2013, 2017 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=expat +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# Choose an entropy source: +if [ "$ENTROPY" = "" ]; then + #ENTROPY="-DHAVE_GETRANDOM" + #ENTROPY="-DHAVE_SYSCALL_GETRANDOM" + #ENTROPY="-DHAVE_ARC4RANDOM_BUF" + ENTROPY="-DXML_POOR_ENTROPY" +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686 $ENTROPY" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2 $ENTROPY" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC $ENTROPY" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2 $ENTROPY" + LIBDIRSUFFIX="" +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-expat + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf expat-$VERSION +tar xvf $CWD/expat-$VERSION.tar.?z* || exit 1 +cd expat-$VERSION + +chown -R root:root . +find . -perm 777 -exec chmod 755 {} \; +find . -perm 664 -exec chmod 644 {} \; +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --disable-static \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || exit 1 +make install DESTDIR=$PKG || exit 1 + +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +mkdir -p $PKG/usr/doc/expat-$VERSION +cp -a \ + COPYING* Changes README* doc/reference.html \ + $PKG/usr/doc/expat-$VERSION +gzip -9 $PKG/usr/man/man?/*.? +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +makepkg -l y -c n $TMP/expat-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/expat/slack-desc b/patches/source/expat/slack-desc new file mode 100644 index 000000000..348df3c3b --- /dev/null +++ b/patches/source/expat/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +expat: expat (C library for parsing XML) +expat: +expat: This is Expat, a C library for parsing XML, written by James Clark. +expat: Expat is a stream-oriented XML parser used by Python, GNOME, Xft2, +expat: and other things. +expat: +expat: +expat: +expat: +expat: +expat: diff --git a/patches/source/fetchmail/fetchmail.SlackBuild b/patches/source/fetchmail/fetchmail.SlackBuild new file mode 100755 index 000000000..a65f25295 --- /dev/null +++ b/patches/source/fetchmail/fetchmail.SlackBuild @@ -0,0 +1,107 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=fetchmail +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-fetchmail + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf fetchmail-$VERSION +tar xvf $CWD/fetchmail-$VERSION.tar.bz2 || exit 1 +cd fetchmail-$VERSION || exit 1 + +# this is the sloppiest source tarball ever +# [NOTE: *was*... the new maintainers are much better] +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --mandir=/usr/man \ + --enable-nls \ + --with-ssl \ + --program-prefix="" \ + --program-suffix="" \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +( cd $PKG/usr/man/man1 + rm fetchmailconf.1 + gzip -9 * + ln -sf fetchmail.1.gz fetchmailconf.1.gz +) + +mkdir -p $PKG/usr/doc/fetchmail-$VERSION +cp -a \ + ABOUT-NLS COPYING* FAQ FEATURES INSTALL NEWS* NOTES* README* TODO \ + *.html contrib *.lsm \ + $PKG/usr/doc/fetchmail-$VERSION + +rm -rf $PKG/usr/doc/fetchmail-$VERSION/RCS \ + $PKG/usr/doc/fetchmail-$VERSION/contrib/RCS \ + $PKG/usr/doc/fetchmail-$VERSION/fetchmail-man.html + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/fetchmail-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/fetchmail/slack-desc b/patches/source/fetchmail/slack-desc new file mode 100644 index 000000000..7be0c1e4b --- /dev/null +++ b/patches/source/fetchmail/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +fetchmail: fetchmail (mail retrieval and forwarding utility) +fetchmail: +fetchmail: fetchmail is a mail retrieval and forwarding utility. It fetches +fetchmail: mail from a POP, IMAP, or ETRN-capable remote mailserver and forwards +fetchmail: it to your local (client) machine's delivery system. You can then +fetchmail: handle the retrieved mail using normal mail user agents such as elm, +fetchmail: pine, or mutt. The fetchmail utility can be run in a daemon mode to +fetchmail: repeatedly poll one or more systems at a specified interval. +fetchmail: +fetchmail: fetchmail is probably not secure. +fetchmail: diff --git a/patches/source/fixesproto/arch.use.flags b/patches/source/fixesproto/arch.use.flags new file mode 100644 index 000000000..11087c884 --- /dev/null +++ b/patches/source/fixesproto/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/fixesproto/build/fixesproto b/patches/source/fixesproto/build/fixesproto new file mode 100644 index 000000000..1551cb6a4 --- /dev/null +++ b/patches/source/fixesproto/build/fixesproto @@ -0,0 +1 @@ +1_slack13.0 diff --git a/patches/source/fixesproto/configure/configure b/patches/source/fixesproto/configure/configure new file mode 100644 index 000000000..dcb1109bd --- /dev/null +++ b/patches/source/fixesproto/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/fixesproto/fixesproto.SlackBuild b/patches/source/fixesproto/fixesproto.SlackBuild new file mode 100755 index 000000000..260a042ab --- /dev/null +++ b/patches/source/fixesproto/fixesproto.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild proto fixesproto +mv /tmp/x11-build/fixesproto*txz /tmp diff --git a/patches/source/fixesproto/modularize b/patches/source/fixesproto/modularize new file mode 100644 index 000000000..8a28ed93e --- /dev/null +++ b/patches/source/fixesproto/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/fixesproto/noarch b/patches/source/fixesproto/noarch new file mode 100644 index 000000000..8785ee527 --- /dev/null +++ b/patches/source/fixesproto/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/fixesproto/package-blacklist b/patches/source/fixesproto/package-blacklist new file mode 100644 index 000000000..603b8c31f --- /dev/null +++ b/patches/source/fixesproto/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/fixesproto/slack-desc/fixesproto b/patches/source/fixesproto/slack-desc/fixesproto new file mode 100644 index 000000000..83cfded02 --- /dev/null +++ b/patches/source/fixesproto/slack-desc/fixesproto @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +fixesproto: fixesproto (C prototypes for X11 X Fixes Extension) +fixesproto: +fixesproto: fixesproto is part of X11. +fixesproto: +fixesproto: For more information about the X.Org Foundation (the providers of the +fixesproto: X.Org implementation of the X Window System), see their website: +fixesproto: +fixesproto: http://www.x.org +fixesproto: +fixesproto: +fixesproto: diff --git a/patches/source/fixesproto/x11.SlackBuild b/patches/source/fixesproto/x11.SlackBuild new file mode 100755 index 000000000..c3887dff2 --- /dev/null +++ b/patches/source/fixesproto/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/freetype/freetype.CVE-2017-8287.diff b/patches/source/freetype/freetype.CVE-2017-8287.diff new file mode 100644 index 000000000..4f4b67b1d --- /dev/null +++ b/patches/source/freetype/freetype.CVE-2017-8287.diff @@ -0,0 +1,31 @@ +From 3774fc08b502c3e685afca098b6e8a195aded6a0 Mon Sep 17 00:00:00 2001 +From: Werner Lemberg <wl@gnu.org> +Date: Sun, 26 Mar 2017 08:32:09 +0200 +Subject: * src/psaux/psobjs.c (t1_builder_close_contour): Add safety guard. + +Reported as + + https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941 + +diff --git a/src/psaux/psobjs.c b/src/psaux/psobjs.c +index d18e821..0baf836 100644 +--- a/src/psaux/psobjs.c ++++ b/src/psaux/psobjs.c +@@ -1718,6 +1718,14 @@ + first = outline->n_contours <= 1 + ? 0 : outline->contours[outline->n_contours - 2] + 1; + ++ /* in malformed fonts it can happen that a contour was started */ ++ /* but no points were added */ ++ if ( outline->n_contours && first == outline->n_points ) ++ { ++ outline->n_contours--; ++ return; ++ } ++ + /* We must not include the last point in the path if it */ + /* is located on the first point. */ + if ( outline->n_points > 1 ) +-- +cgit v1.0-41-gc330 + diff --git a/patches/source/freetype/freetype.SlackBuild b/patches/source/freetype/freetype.SlackBuild new file mode 100755 index 000000000..08aeed4d2 --- /dev/null +++ b/patches/source/freetype/freetype.SlackBuild @@ -0,0 +1,123 @@ +#!/bin/sh + +# Copyright 2005-2012 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=freetype +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | cut -d - -f 2 | rev | cut -f 3- -d . | rev)} +BUILD=${BUILD:-2_slack13.0} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-freetype + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf freetype-$VERSION +tar xvf $CWD/freetype-$VERSION.tar.xz || exit 1 +cd freetype-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# This breaks far too many things. Freetype2 developers will have to get their +# punishment on someone else's distribution. +zcat $CWD/freetype.illadvisederror.diff.gz | patch -p1 --verbose || exit 1 + +# The line below enables code patented by Microsoft, so don't uncomment it +# unless you have a license to use the code and take all legal responsibility +# for doing so. +# Please see this web site for more details: +# http://www.freetype.org/patents.html +#zcat $CWD/freetype.subpixel.rendering.diff.gz | patch -p1 --verbose || exit 1 + +# Security fix: +zcat $CWD/freetype.CVE-2017-8287.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +CFLAGS="$SLKCFLAGS" make setup CFG="--prefix=/usr --libdir=/usr/lib${LIBDIRSUFFIX} --build=$ARCH-slackware-linux" +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG + +# This shouldn't be needed (apps should pick up -I/usr/include/freetype2 from +# `freetype-config --cflags` while compiling), but it's so often reported as +# a bug that I'll give in to the point. Now that Freetype1 is pretty much gone +# having this link shouldn't hurt anything. Try not to rely on it, though. +mkdir -p $PKG/usr/include +( cd $PKG/usr/include + rm -rf freetype + ln -sf freetype2 freetype +) + +# Can't imagine a lot of use for this: +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.a + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mv $PKG/usr/share/man $PKG/usr/man +find $PKG/usr/man -type f -exec gzip -9 {} \; + +mkdir -p $PKG/usr/doc/freetype-$VERSION +cp -a \ + docs \ + README \ + $PKG/usr/doc/freetype-$VERSION +# too much +rm -rf $PKG/usr/doc/freetype-$VERSION/docs/reference + +mkdir $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/freetype-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/freetype/freetype.illadvisederror.diff b/patches/source/freetype/freetype.illadvisederror.diff new file mode 100644 index 000000000..b0a33694a --- /dev/null +++ b/patches/source/freetype/freetype.illadvisederror.diff @@ -0,0 +1,31 @@ +diff -Nur freetype-2.5.3.orig/include/freetype.h freetype-2.5.3/include/freetype.h +--- freetype-2.5.3.orig/include/freetype.h 2014-03-06 12:10:31.661681917 -0600 ++++ freetype-2.5.3/include/freetype.h 2014-05-12 01:41:42.002526416 -0500 +@@ -20,13 +20,20 @@ + #define __FREETYPE_H__ + + +-#ifndef FT_FREETYPE_H +-#error "`ft2build.h' hasn't been included yet!" +-#error "Please always use macros to include FreeType header files." +-#error "Example:" +-#error " #include <ft2build.h>" +-#error " #include FT_FREETYPE_H" +-#endif ++/***************************************************************************/ ++/* */ ++/* If you think breaking almost 100% of all source that links with */ ++/* freetype (anything using a configure file for sure) is a good idea, */ ++/* then feel free to uncomment this block. */ ++/* */ ++/* #ifndef FT_FREETYPE_H */ ++/* #error "`ft2build.h' hasn't been included yet!" */ ++/* #error "Please always use macros to include FreeType header files." */ ++/* #error "Example:" */ ++/* #error " #include <ft2build.h>" */ ++/* #error " #include FT_FREETYPE_H" */ ++/* #endif */ ++/***************************************************************************/ + + + #include <ft2build.h> diff --git a/patches/source/freetype/freetype.subpixel.rendering.diff b/patches/source/freetype/freetype.subpixel.rendering.diff new file mode 100644 index 000000000..ab3d479e4 --- /dev/null +++ b/patches/source/freetype/freetype.subpixel.rendering.diff @@ -0,0 +1,11 @@ +--- ./include/config/ftoption.h.orig 2014-03-01 05:27:34.842960857 -0600 ++++ ./include/config/ftoption.h 2014-08-27 13:43:07.351974078 -0500 +@@ -92,7 +92,7 @@ + /* This is done to allow FreeType clients to run unmodified, forcing */ + /* them to display normal gray-level anti-aliased glyphs. */ + /* */ +-/* #define FT_CONFIG_OPTION_SUBPIXEL_RENDERING */ ++#define FT_CONFIG_OPTION_SUBPIXEL_RENDERING + + + /*************************************************************************/ diff --git a/patches/source/freetype/slack-desc b/patches/source/freetype/slack-desc new file mode 100644 index 000000000..0d179401f --- /dev/null +++ b/patches/source/freetype/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +freetype: freetype (A Free, High-Quality, and Portable Font Engine) +freetype: +freetype: The FreeType engine is a free and portable TrueType font rendering +freetype: engine. It has been developed to provide TrueType support to a +freetype: great variety of platforms and environments. +freetype: +freetype: +freetype: +freetype: +freetype: +freetype: diff --git a/patches/source/gimp/gimp.SlackBuild b/patches/source/gimp/gimp.SlackBuild new file mode 100755 index 000000000..3707e5358 --- /dev/null +++ b/patches/source/gimp/gimp.SlackBuild @@ -0,0 +1,114 @@ +#!/bin/sh + +# Copyright 2008, 2009 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=2.6.8 +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-gimp +rm -rf $PKG +mkdir -p $TMP $PKG + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +cd $TMP +rm -rf gimp-$VERSION +tar xvf $CWD/gimp-$VERSION.tar.?z* || exit 1 +cd gimp-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var/lib \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --docdir=/usr/doc/gimp-$VERSION \ + --disable-static \ + --enable-gimp-remote \ + --without-gvfs \ + --with-libcurl \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +mkdir -p $PKG/usr/share/applications $PKG/usr/share/application-registry +make install DESTDIR=$PKG || exit 1 + +# Add a manpage symlink for POLA-compliance +( cd $PKG/usr/man/man1 ; ln -sf gimptool-2.?.1 gimptool.1 ) + +( cd $PKG/usr/man + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done +) + +mkdir -p $PKG/usr/doc/gimp-$VERSION +cp -a \ + AUTHORS COPYING HACKING INSTALL LICENSE NEWS README* docs/Wilber* \ + $PKG/usr/doc/gimp-$VERSION +( cd $PKG/usr/doc/gimp-$VERSION + for i in \ + libgimp libgimpbase libgimpcolor libgimpconfig libgimpmath \ + libgimpmodule libgimpthumb libgimpwidgets ; do \ + ln -s /usr/share/gtk-doc/html/$i $i-html ; + done +) + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/gimp-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/gimp/slack-desc b/patches/source/gimp/slack-desc new file mode 100644 index 000000000..9f9aca385 --- /dev/null +++ b/patches/source/gimp/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +gimp: gimp (The GNU Image Manipulation Program) +gimp: +gimp: The GIMP is a powerful tool for the preparation and manipulation of +gimp: digital images. The GIMP provides the user with a wide variety of +gimp: image manipulation, painting, processing, and rendering tools. The +gimp: GIMP's open design and extensible architecture make for a very +gimp: powerful end product for photo and image retouching, web graphics +gimp: design, or digital illustration. +gimp: +gimp: +gimp: diff --git a/patches/source/git/git-2.14.1.tar.sign b/patches/source/git/git-2.14.1.tar.sign Binary files differnew file mode 100644 index 000000000..2dffd4d31 --- /dev/null +++ b/patches/source/git/git-2.14.1.tar.sign diff --git a/patches/source/git/git.SlackBuild b/patches/source/git/git.SlackBuild new file mode 100755 index 000000000..f5422d1d3 --- /dev/null +++ b/patches/source/git/git.SlackBuild @@ -0,0 +1,170 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2016 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +BUILD=${BUILD:-1_slack13.0} + +PKGNAM=git +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | cut -d - -f 2 | rev | cut -f 3- -d . | rev)} +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +eval $(perl '-V:installvendorlib') +PERLDIR=$installvendorlib/$ARCH-linux-thread-multi/auto + +if ls /var/log/packages/git-* 1> /dev/null 2> /dev/null ; then + echo "The git package needs to be removed before building to ensure that" + echo "the perl modules are included in the new package." + echo + echo "Removing the git package in 15 seconds, and then continuing with the build." + sleep 15 + removepkg git +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-git + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf git-$VERSION +tar xvf $CWD/git-$VERSION.tar.?z* || exit 1 +cd git-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +mkdir -p $PKG/usr/doc/git-$VERSION +cp -a \ + COPYING* INSTALL README \ + Documentation \ + contrib \ + $PKG/usr/doc/git-$VERSION +( cd $PKG/usr/doc/git-$VERSION/Documentation ; rm *.1 *.3 *.7 ) +( cd $PKG/usr/doc/git-$VERSION && find . -name ".git*" -exec rm -r "{}" \; ) + +make $NUMJOBS \ + prefix=/usr \ + mandir=/usr/man \ + CFLAGS="$SLKCFLAGS" \ + INSTALLDIRS=vendor \ + ASCIIDOC8=YesPlease \ + all doc || exit 1 + +make \ + prefix=/usr \ + mandir=/usr/man \ + "CFLAGS=$SLKCFLAGS" \ + INSTALLDIRS=vendor \ + ASCIIDOC8=YesPlease \ + install \ + install-doc \ + DESTDIR=$PKG || exit 1 + +mv $PKG/usr/share/man/man3 $PKG/usr/man +rmdir $PKG/usr/share/man + +# Don't stomp on perl's file: +rm -f $PKG/usr/lib*/perl5/perllocal.pod + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Since Stuart Winter hates hard links. ;-) +# +# Switch a hard link with a soft link: +( cd $PKG/usr/bin + find . -links +1 -not -name git | while read gitfile ; do + if [ git -ef $gitfile ]; then + rm -vf $gitfile + ln -vfs git $gitfile + fi + done +) + +# This removes our DESTDIR from the packlist filenames, to keep perl's +# internal inventories consistent and correct. +find $PKG -name .packlist | while read plist ; do + sed -e "s%/share/man%/man%g" \ + -e "s%$PKG%%g" \ + -e "s%\.1$%\.1\.gz%g" \ + -e "s%\.2$%\.2\.gz%g" \ + -e "s%\.3$%\.3\.gz%g" \ + -e "s%\.3pm$%\.3pm\.gz%g" \ + -e "s%\.4$%\.4\.gz%g" \ + -e "s%\.5$%\.5\.gz%g" \ + -e "s%\.6$%\.6\.gz%g" \ + -e "s%\.7$%\.7\.gz%g" \ + -e "s%\.8$%\.8\.gz%g" \ + ${plist} > ${plist}.new + mv -f ${plist}.new ${plist} +done + +# This is junk: +eval $(perl '-V:privlib') +( cd $PKG$(dirname $privlib) && rm -rf 5.* ) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/git-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/git/git.url b/patches/source/git/git.url new file mode 100644 index 000000000..a4c15db38 --- /dev/null +++ b/patches/source/git/git.url @@ -0,0 +1 @@ +https://www.kernel.org/pub/software/scm/git/ diff --git a/patches/source/git/slack-desc b/patches/source/git/slack-desc new file mode 100644 index 000000000..271b863a2 --- /dev/null +++ b/patches/source/git/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +git: git (the stupid content tracker) +git: +git: Git is a fast, scalable, distributed revision control system with an +git: unusually rich command set that provides both high-level operations +git: and full access to internals. +git: +git: "git" can mean anything, depending on your mood. +git: +git: Git was originally written by Linus Torvalds and is currently +git: maintained by Junio C. Hamano. +git: diff --git a/patches/source/glibc-zoneinfo/doinst.sh b/patches/source/glibc-zoneinfo/doinst.sh new file mode 100644 index 000000000..3c86f65e4 --- /dev/null +++ b/patches/source/glibc-zoneinfo/doinst.sh @@ -0,0 +1,57 @@ +# In order to properly handle time before /usr is mounted (in +# the event that /usr is a separate partition, which for a number +# of reasons isn't really a great idea), the /etc/localtime file +# should be a copy of the desired zoneinfo file and not a symlink +# to a file in /usr/share/zoneinfo. But if we find a symlink here +# we should defer to the admin's wishes and leave it alone. +# +# Note that setting the timezone with timeconfig will wipe both +# /etc/localtime and /etc/localtime-copied from. +# /etc/localtime-copied-from will be a symlink to a file under +# /usr/share/zoneinfo, and /etc/localtime will be a copy of that file. + +# In a special case, we will handle the removal of the US/Pacific-New +# timezone. A bit of background information on this: +# +# "US/Pacific-New' stands for 'Pacific Presidential Election Time', +# which was passed by the House in April 1989 but never signed into law. +# In presidential election years, this rule would have delayed the +# PDT-to-PST switchover until after the election, to lessen the effect +# of broadcast news election projections on last-minute west-coast +# voters. " +# +# In nearly all cases, a machine that uses the US/Pacific-New timezone +# has chosen it by mistake. In 2016, having this as the system timezone +# actually led to clock errors, and after that it was decided that the +# timezone (only of historical interest anyway) should be removed from +# the timezone database. +# +# If we see that the machine's localtime-copied-from symlink is pointing +# to US/Pacific-New, change it to point to US/Pacific instead. +if [ "$(/bin/ls -l etc/localtime-copied-from | rev | cut -f 1,2 -d / | rev)" = "US/Pacific-New" ]; then + ( cd etc ; rm -rf localtime-copied-from ) + ( cd etc ; ln -sf /usr/share/zoneinfo/US/Pacific localtime-copied-from ) +fi + +# If we have no /etc/localtime, but we do have a localtime-copied-from +# symlink to locate what we would want there, then add a copy now: +if [ ! -r etc/localtime -a -L etc/localtime-copied-from ]; then + chroot . /bin/cp etc/localtime-copied-from etc/localtime +fi + +# Add the default timezone in /etc, if none exists: +if [ ! -r etc/localtime -a ! -L etc/localtime-copied-from ]; then + ( cd etc ; rm -rf localtime localtime-copied-from ) + ( cd etc ; ln -sf /usr/share/zoneinfo/Factory localtime-copied-from ) +fi + +# Make sure /etc/localtime is updated, unless it is a symlink (in which +# case leave it alone): +if [ ! -L etc/localtime ]; then + chroot . /bin/cp etc/localtime-copied-from etc/localtime +fi + +# Add a link to the timeconfig script in /usr/share/zoneinfo: +( cd usr/share/zoneinfo ; rm -rf timeconfig ) +( cd usr/share/zoneinfo ; ln -sf /usr/sbin/timeconfig timeconfig ) +### Make the rest of the symbolic links in the zoneinfo database: diff --git a/patches/source/glibc-zoneinfo/glibc-zoneinfo.SlackBuild b/patches/source/glibc-zoneinfo/glibc-zoneinfo.SlackBuild new file mode 100755 index 000000000..060858be5 --- /dev/null +++ b/patches/source/glibc-zoneinfo/glibc-zoneinfo.SlackBuild @@ -0,0 +1,147 @@ +#!/bin/sh + +# Copyright 2015, 2016, 2018 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=glibc-zoneinfo +ZONE_VERSIONS="$(echo tzdata* | cut -f1 -d . | cut -b7-11)" +BUILD=${BUILD:-2_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i486 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-DHAVE_SNPRINTF=1 -O2 -march=i386 -mcpu=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-DHAVE_SNPRINTF=1 -O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-DHAVE_SNPRINTF=1 -O2 -march=i586 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-DHAVE_SNPRINTF=1 -O2 -march=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-DHAVE_SNPRINTF=1 -O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-DHAVE_SNPRINTF=1 -O2 -fPIC" + LIBDIRSUFFIX="64" +elif [ "$ARCH" = "armv7hl" ]; then + SLKCFLAGS="-DHAVE_SNPRINTF=1 -O3 -march=armv7-a -mfpu=vfpv3-d16" + LIBDIRSUFFIX="" +else + SLKCFLAGS="-DHAVE_SNPRINTF=1 -O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG/etc + +# Build and install the zoneinfo database: +cd $TMP +rm -rf tzcodedata-build +mkdir tzcodedata-build +cd tzcodedata-build +tar xzf $CWD/tzdata?????.tar.gz +tar xzf $CWD/tzcode?????.tar.gz + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +sed -i "s,/usr/local,$(pwd),g" Makefile +sed -i "s,/etc/zoneinfo,/zoneinfo,g" Makefile +sed -i "s,^CFLAGS=,CFLAGS= $SLKCFLAGS,g" Makefile +make +make install DESTDIR=$PKG/stage + +# Install the primary zone files: +mkdir -p $PKG/usr/share +mv $PKG/stage/usr/share/zoneinfo $PKG/usr/share + +# These are all identical to the normal zoneinfo files, so let's hard link +# them to save space: +cp -al $PKG/usr/share/zoneinfo $PKG/usr/share/posix +mv $PKG/usr/share/posix $PKG/usr/share/zoneinfo + +# Install the "right" files: +mkdir -p $PKG/usr/share/zoneinfo/right +cp -a $PKG/stage/usr/share/zoneinfo-leaps/* $PKG/usr/share/zoneinfo/right + +# Clean up staged file residue: +rm -rf $PKG/stage + +# Remove $PKG/usr/share/zoneinfo/localtime -- the install script will +# create it as a link to /etc/localtime. +rm -f $PKG/usr/share/zoneinfo/localtime + +# Install some scripts to help select a timezone: +mkdir -p $PKG/var/log/setup +cp -a $CWD/timezone-scripts/setup.timeconfig $PKG/var/log/setup +chown root:root $PKG/var/log/setup/setup.timeconfig +chmod 755 $PKG/var/log/setup/setup.timeconfig +mkdir -p $PKG/usr/sbin +cp -a $CWD/timezone-scripts/timeconfig $PKG/usr/sbin +chown root:root $PKG/usr/sbin/timeconfig +chmod 755 $PKG/usr/sbin/timeconfig +( cd $CWD/timezone-scripts + # Try to rebuild this: + sh output-updated-timeconfig.sh $PKG/usr/share/zoneinfo > $PKG/usr/sbin/timeconfig 2> /dev/null +) +# Note in timeconfig which zoneinfo database was used: +sed -i "s/# ChangeLog:/# ChangeLog:\n# $(date '+%Y-%m-%d'): Updated timezones from tzdata${ZONE_VERSIONS}./g" $PKG/usr/sbin/timeconfig + +# Don't forget to add the /usr/share/zoneinfo/localtime -> /etc/localtime symlink! :) +if [ ! -r $PKG/usr/share/zoneinfo/localtime ]; then + ( cd $PKG/usr/share/zoneinfo ; ln -sf /etc/localtime . ) +fi + +mkdir -p $PKG/usr/doc/glibc-zoneinfo-$ZONE_VERSIONS +cp -a \ + CONTRIBUTING NEWS README Theory \ + $PKG/usr/doc/glibc-zoneinfo-$ZONE_VERSIONS + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +makepkg -l y -c n $TMP/glibc-zoneinfo-$ZONE_VERSIONS-noarch-$BUILD.txz + diff --git a/patches/source/glibc-zoneinfo/slack-desc b/patches/source/glibc-zoneinfo/slack-desc new file mode 100644 index 000000000..69420f78d --- /dev/null +++ b/patches/source/glibc-zoneinfo/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +glibc-zoneinfo: glibc-zoneinfo (timezone database) +glibc-zoneinfo: +glibc-zoneinfo: This package allows you to configure your time zone. +glibc-zoneinfo: +glibc-zoneinfo: This timezone database comes from the tzdata and tzcode packages by +glibc-zoneinfo: Arthur David Olson et.al. The latest version and more information +glibc-zoneinfo: may be found at: http://www.iana.org/time-zones +glibc-zoneinfo: +glibc-zoneinfo: Use the timeconfig utility to set your local time zone. +glibc-zoneinfo: +glibc-zoneinfo: diff --git a/patches/source/glibc-zoneinfo/timezone-scripts/output-updated-timeconfig.sh b/patches/source/glibc-zoneinfo/timezone-scripts/output-updated-timeconfig.sh new file mode 100755 index 000000000..268e4c6cc --- /dev/null +++ b/patches/source/glibc-zoneinfo/timezone-scripts/output-updated-timeconfig.sh @@ -0,0 +1,60 @@ +#!/bin/sh +# Copyright 2000, 2001, 2006, 2007, 2008, 2012 Patrick J. Volkerding, Sebeka, MN, USA. +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +if [ ! "$(basename "$1")" = "zoneinfo" -o ! -d "$1" ]; then + echo " Usage: output-updated-timeconfig.sh <zoneinfo directory>" + exit 1 +fi + +CWD=$(pwd) +cat $CWD/parts/00 +# Sorry, I'd rather not be US-centric but some people here have a hard +# time finding things. ;-) +( cd $1 + find . -type f | xargs file | grep "timezone data" | cut -f 1 -d : | cut -f 2- -d / | sort | grep "^US/" | while read zone ; do + echo "\"${zone}\" \" \" \\" + done +) +# Don't list right/ and posix/ zones, as these are wrong choices for most +# people. posix/ is just a duplicate of the normal zones, while right/ do +# not include leap seconds. Anyone actually needing something from one of +# those trees will have no problem selecting it by manually adjusting +# /etc/localtime. +( cd $1 + find . -type f | xargs file | grep "timezone data" | cut -f 1 -d : | cut -f 2- -d / | sort | grep -v "^US/" | grep -v "^posix/" | grep -v "^right/" | while read zone ; do + echo "\"${zone}\" \" \" \\" + done +) +cat $CWD/parts/02 +# US/ first: +( cd $1 + find . -type f | xargs file | grep "timezone data" | cut -f 1 -d : | cut -f 2- -d / | sort | grep "^US/" | while read zone ; do + echo "${zone}" + done +) +# Don't list right/ and posix/ zones: +( cd $1 + find . -type f | xargs file | grep "timezone data" | cut -f 1 -d : | cut -f 2- -d / | sort | grep -v "^US/" | grep -v "^posix/" | grep -v "^right/" | while read zone ; do + echo "${zone}" + done +) +cat $CWD/parts/04 diff --git a/patches/source/glibc-zoneinfo/timezone-scripts/parts/00 b/patches/source/glibc-zoneinfo/timezone-scripts/parts/00 new file mode 100644 index 000000000..678094e16 --- /dev/null +++ b/patches/source/glibc-zoneinfo/timezone-scripts/parts/00 @@ -0,0 +1,132 @@ +#!/bin/sh +# +# timeconfig Slackware Linux timezone configuration utility. +# +# Author: Patrick Volkerding <volkerdi@slackware.com> +# Modified by: David Cantrell <david@slackware.com>, 06-Oct-2000 +# +# ChangeLog: +# 2014-10-22: Updated timezones from tzdata2014i. <pjv> +# 2012-12-12: Updated timezones from tzdata2012j. <pjv> +# 2008-03-10: Updated timezones from tzdata2008a. <pjv> +# 2007-12-21: Updated timezones from tzdata2007j. <pjv> +# 2006-12-03: Updated timezones from tzdata2006p. <pjv> +# 2006-09-14: Updated timezones from tzdata2006k. <pjv> +# 2006-08-22: Updated timezones from tzdata2006j. +# 2006-08-13: Updated timezones from tzdata2006g. +# 2006-03-13: Updated timezones from tzdata2006c. +# 19-Feb-2001 Add new timezones from glibc-2.2.2. +# 06-Oct-2000 Fixed a problem with selecting UTC time. It was writing +# the hardwareclock file to the root disk and not your dest +# partition. Changed the HWCLOCK_CONF variable to be +# $T_PX/etc/hardwareclock to fix this. Thanks to David L. +# Dickman <softbear@optonline.net> for finding this and +# submitting a patch. +# +# 15-Mar-2000 Added the writeconf function to write out the +# /etc/hardwareclock file which tells what the hardware clock +# is set to (UTC or localtime). +# +# 03-Mar-2000 Reorganized script. Made one timezone set block, added +# stage that asks the user if the hardware clock is set to +# UTC. + +# setup our temp locations and variables +TMP=/var/log/setup/tmp +if [ -r $TMP/SeTT_PX ]; then + T_PX="`cat $TMP/SeTT_PX`" +elif [ ! "$!" = "" ]; then + T_PX=$1 +else + T_PX=/ +fi + +# the hardware clock configuration file +HWCLOCK_CONF=$T_PX/etc/hardwareclock + +# setzone( $TIMEZONE ) +# +# This function accepts a time zone as the only parameter and sets it as +# the default system time zone. +setzone() +{ + TZ=$1 + + cd $T_PX/etc + if [ -r $T_PX/usr/share/zoneinfo/$TZ -o \ + -r /var/log/mount/usr/share/zoneinfo/$TZ -o \ + -L $T_PX/usr/share/zoneinfo/$TZ -o \ + -L /var/log/mount/usr/share/zoneinfo/$TZ ]; then + rm -f localtime-copied-from + ln -sf /usr/share/zoneinfo/$TZ localtime-copied-from + rm -f localtime + cd .. + chroot . cp etc/localtime-copied-from etc/localtime + fi +} + +# writeconf( $CLOCK_SET_TO ) +# +# Writes out $HWCLOCK_CONF that tells rc.S how the hardware clock +# value is stored. +writeconf() +{ + echo "# /etc/hardwareclock" > $HWCLOCK_CONF + echo "#" >> $HWCLOCK_CONF + echo "# Tells how the hardware clock time is stored." >> $HWCLOCK_CONF + echo "# You should run timeconfig to edit this file." >> $HWCLOCK_CONF + echo >> $HWCLOCK_CONF + echo $1 >> $HWCLOCK_CONF +} + +# ask the user if the hardware clock is set for UTC/GMT +if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then + ### + ### use color menus here + ### + dialog --title "HARDWARE CLOCK SET TO UTC?" --menu "Is the hardware clock set \ +to Coordinated Universal Time (UTC/GMT)? If it is, select YES here. If the \ +hardware clock is set to the current local time (this is how most PCs are set \ +up), then say NO here. If you are not sure what this is, you should answer NO \ +here." 13 60 2 \ + "NO" "Hardware clock is set to local time" \ + "YES" "Hardware clock is set to UTC" \ + 2> $TMP/utc + if [ $? = 1 -o $? = 255 ]; then + rm -f $TMP/utc + exit + fi + if [ "`cat $TMP/utc`" = "YES" ]; then + # yes, the hardware clock is UTC + writeconf "UTC" + else # must be NO + writeconf "localtime" + fi + rm -f $TMP/utc +else + ### + ### use text prompts + ### + echo "Is the hardware clock set to Coordinated Universal Time (UTC/GMT)?" + echo "If it is, select 'y' here. If the hardware clock is set to the" + echo "current local time (this is how most PCs are set up), then say 'n'" + echo "here. If you are not sure what this is, you should answer 'n' here." + echo + echo -n "Is your hardware clock set to UTC ([y]es, [n]o)? " + read HEJAZ + + if [ "$HEJAZ" = "y" -o "$HEJAZ" = "Y" -o "$HEJAZ" = "YES" -o "$HEJAZ" = "yes" ]; then + # yes, the hardware clock is UTC + writeconf "UTC" + else + # default to localtime + writeconf "localtime" + fi +fi + +# Now set the correct timezone link: +if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then + ### + ### use color menus here + ### + dialog --title "TIMEZONE CONFIGURATION" --menu "Please select one of the following timezones for your machine:" 21 50 13 \ diff --git a/patches/source/glibc-zoneinfo/timezone-scripts/parts/01 b/patches/source/glibc-zoneinfo/timezone-scripts/parts/01 new file mode 100644 index 000000000..999f67d77 --- /dev/null +++ b/patches/source/glibc-zoneinfo/timezone-scripts/parts/01 @@ -0,0 +1,585 @@ +"US/Alaska" " " \ +"US/Aleutian" " " \ +"US/Arizona" " " \ +"US/Central" " " \ +"US/East-Indiana" " " \ +"US/Eastern" " " \ +"US/Hawaii" " " \ +"US/Indiana-Starke" " " \ +"US/Michigan" " " \ +"US/Mountain" " " \ +"US/Pacific" " " \ +"US/Pacific-New" " " \ +"US/Samoa" " " \ +"Africa/Abidjan" " " \ +"Africa/Accra" " " \ +"Africa/Addis_Ababa" " " \ +"Africa/Algiers" " " \ +"Africa/Asmara" " " \ +"Africa/Asmera" " " \ +"Africa/Bamako" " " \ +"Africa/Bangui" " " \ +"Africa/Banjul" " " \ +"Africa/Bissau" " " \ +"Africa/Blantyre" " " \ +"Africa/Brazzaville" " " \ +"Africa/Bujumbura" " " \ +"Africa/Cairo" " " \ +"Africa/Casablanca" " " \ +"Africa/Ceuta" " " \ +"Africa/Conakry" " " \ +"Africa/Dakar" " " \ +"Africa/Dar_es_Salaam" " " \ +"Africa/Djibouti" " " \ +"Africa/Douala" " " \ +"Africa/El_Aaiun" " " \ +"Africa/Freetown" " " \ +"Africa/Gaborone" " " \ +"Africa/Harare" " " \ +"Africa/Johannesburg" " " \ +"Africa/Juba" " " \ +"Africa/Kampala" " " \ +"Africa/Khartoum" " " \ +"Africa/Kigali" " " \ +"Africa/Kinshasa" " " \ +"Africa/Lagos" " " \ +"Africa/Libreville" " " \ +"Africa/Lome" " " \ +"Africa/Luanda" " " \ +"Africa/Lubumbashi" " " \ +"Africa/Lusaka" " " \ +"Africa/Malabo" " " \ +"Africa/Maputo" " " \ +"Africa/Maseru" " " \ +"Africa/Mbabane" " " \ +"Africa/Mogadishu" " " \ +"Africa/Monrovia" " " \ +"Africa/Nairobi" " " \ +"Africa/Ndjamena" " " \ +"Africa/Niamey" " " \ +"Africa/Nouakchott" " " \ +"Africa/Ouagadougou" " " \ +"Africa/Porto-Novo" " " \ +"Africa/Sao_Tome" " " \ +"Africa/Timbuktu" " " \ +"Africa/Tripoli" " " \ +"Africa/Tunis" " " \ +"Africa/Windhoek" " " \ +"America/Adak" " " \ +"America/Anchorage" " " \ +"America/Anguilla" " " \ +"America/Antigua" " " \ +"America/Araguaina" " " \ +"America/Argentina/Buenos_Aires" " " \ +"America/Argentina/Catamarca" " " \ +"America/Argentina/ComodRivadavia" " " \ +"America/Argentina/Cordoba" " " \ +"America/Argentina/Jujuy" " " \ +"America/Argentina/La_Rioja" " " \ +"America/Argentina/Mendoza" " " \ +"America/Argentina/Rio_Gallegos" " " \ +"America/Argentina/Salta" " " \ +"America/Argentina/San_Juan" " " \ +"America/Argentina/San_Luis" " " \ +"America/Argentina/Tucuman" " " \ +"America/Argentina/Ushuaia" " " \ +"America/Aruba" " " \ +"America/Asuncion" " " \ +"America/Atikokan" " " \ +"America/Atka" " " \ +"America/Bahia" " " \ +"America/Bahia_Banderas" " " \ +"America/Barbados" " " \ +"America/Belem" " " \ +"America/Belize" " " \ +"America/Blanc-Sablon" " " \ +"America/Boa_Vista" " " \ +"America/Bogota" " " \ +"America/Boise" " " \ +"America/Buenos_Aires" " " \ +"America/Cambridge_Bay" " " \ +"America/Campo_Grande" " " \ +"America/Cancun" " " \ +"America/Caracas" " " \ +"America/Catamarca" " " \ +"America/Cayenne" " " \ +"America/Cayman" " " \ +"America/Chicago" " " \ +"America/Chihuahua" " " \ +"America/Coral_Harbour" " " \ +"America/Cordoba" " " \ +"America/Costa_Rica" " " \ +"America/Creston" " " \ +"America/Cuiaba" " " \ +"America/Curacao" " " \ +"America/Danmarkshavn" " " \ +"America/Dawson" " " \ +"America/Dawson_Creek" " " \ +"America/Denver" " " \ +"America/Detroit" " " \ +"America/Dominica" " " \ +"America/Edmonton" " " \ +"America/Eirunepe" " " \ +"America/El_Salvador" " " \ +"America/Ensenada" " " \ +"America/Fort_Nelson" " " \ +"America/Fort_Wayne" " " \ +"America/Fortaleza" " " \ +"America/Glace_Bay" " " \ +"America/Godthab" " " \ +"America/Goose_Bay" " " \ +"America/Grand_Turk" " " \ +"America/Grenada" " " \ +"America/Guadeloupe" " " \ +"America/Guatemala" " " \ +"America/Guayaquil" " " \ +"America/Guyana" " " \ +"America/Halifax" " " \ +"America/Havana" " " \ +"America/Hermosillo" " " \ +"America/Indiana/Indianapolis" " " \ +"America/Indiana/Knox" " " \ +"America/Indiana/Marengo" " " \ +"America/Indiana/Petersburg" " " \ +"America/Indiana/Tell_City" " " \ +"America/Indiana/Vevay" " " \ +"America/Indiana/Vincennes" " " \ +"America/Indiana/Winamac" " " \ +"America/Indianapolis" " " \ +"America/Inuvik" " " \ +"America/Iqaluit" " " \ +"America/Jamaica" " " \ +"America/Jujuy" " " \ +"America/Juneau" " " \ +"America/Kentucky/Louisville" " " \ +"America/Kentucky/Monticello" " " \ +"America/Knox_IN" " " \ +"America/Kralendijk" " " \ +"America/La_Paz" " " \ +"America/Lima" " " \ +"America/Los_Angeles" " " \ +"America/Louisville" " " \ +"America/Lower_Princes" " " \ +"America/Maceio" " " \ +"America/Managua" " " \ +"America/Manaus" " " \ +"America/Marigot" " " \ +"America/Martinique" " " \ +"America/Matamoros" " " \ +"America/Mazatlan" " " \ +"America/Mendoza" " " \ +"America/Menominee" " " \ +"America/Merida" " " \ +"America/Metlakatla" " " \ +"America/Mexico_City" " " \ +"America/Miquelon" " " \ +"America/Moncton" " " \ +"America/Monterrey" " " \ +"America/Montevideo" " " \ +"America/Montreal" " " \ +"America/Montserrat" " " \ +"America/Nassau" " " \ +"America/New_York" " " \ +"America/Nipigon" " " \ +"America/Nome" " " \ +"America/Noronha" " " \ +"America/North_Dakota/Beulah" " " \ +"America/North_Dakota/Center" " " \ +"America/North_Dakota/New_Salem" " " \ +"America/Ojinaga" " " \ +"America/Panama" " " \ +"America/Pangnirtung" " " \ +"America/Paramaribo" " " \ +"America/Phoenix" " " \ +"America/Port-au-Prince" " " \ +"America/Port_of_Spain" " " \ +"America/Porto_Acre" " " \ +"America/Porto_Velho" " " \ +"America/Puerto_Rico" " " \ +"America/Rainy_River" " " \ +"America/Rankin_Inlet" " " \ +"America/Recife" " " \ +"America/Regina" " " \ +"America/Resolute" " " \ +"America/Rio_Branco" " " \ +"America/Rosario" " " \ +"America/Santa_Isabel" " " \ +"America/Santarem" " " \ +"America/Santiago" " " \ +"America/Santo_Domingo" " " \ +"America/Sao_Paulo" " " \ +"America/Scoresbysund" " " \ +"America/Shiprock" " " \ +"America/Sitka" " " \ +"America/St_Barthelemy" " " \ +"America/St_Johns" " " \ +"America/St_Kitts" " " \ +"America/St_Lucia" " " \ +"America/St_Thomas" " " \ +"America/St_Vincent" " " \ +"America/Swift_Current" " " \ +"America/Tegucigalpa" " " \ +"America/Thule" " " \ +"America/Thunder_Bay" " " \ +"America/Tijuana" " " \ +"America/Toronto" " " \ +"America/Tortola" " " \ +"America/Vancouver" " " \ +"America/Virgin" " " \ +"America/Whitehorse" " " \ +"America/Winnipeg" " " \ +"America/Yakutat" " " \ +"America/Yellowknife" " " \ +"Antarctica/Casey" " " \ +"Antarctica/Davis" " " \ +"Antarctica/DumontDUrville" " " \ +"Antarctica/Macquarie" " " \ +"Antarctica/Mawson" " " \ +"Antarctica/McMurdo" " " \ +"Antarctica/Palmer" " " \ +"Antarctica/Rothera" " " \ +"Antarctica/South_Pole" " " \ +"Antarctica/Syowa" " " \ +"Antarctica/Troll" " " \ +"Antarctica/Vostok" " " \ +"Arctic/Longyearbyen" " " \ +"Asia/Aden" " " \ +"Asia/Almaty" " " \ +"Asia/Amman" " " \ +"Asia/Anadyr" " " \ +"Asia/Aqtau" " " \ +"Asia/Aqtobe" " " \ +"Asia/Ashgabat" " " \ +"Asia/Ashkhabad" " " \ +"Asia/Baghdad" " " \ +"Asia/Bahrain" " " \ +"Asia/Baku" " " \ +"Asia/Bangkok" " " \ +"Asia/Beirut" " " \ +"Asia/Bishkek" " " \ +"Asia/Brunei" " " \ +"Asia/Calcutta" " " \ +"Asia/Chita" " " \ +"Asia/Choibalsan" " " \ +"Asia/Chongqing" " " \ +"Asia/Chungking" " " \ +"Asia/Colombo" " " \ +"Asia/Dacca" " " \ +"Asia/Damascus" " " \ +"Asia/Dhaka" " " \ +"Asia/Dili" " " \ +"Asia/Dubai" " " \ +"Asia/Dushanbe" " " \ +"Asia/Gaza" " " \ +"Asia/Harbin" " " \ +"Asia/Hebron" " " \ +"Asia/Ho_Chi_Minh" " " \ +"Asia/Hong_Kong" " " \ +"Asia/Hovd" " " \ +"Asia/Irkutsk" " " \ +"Asia/Istanbul" " " \ +"Asia/Jakarta" " " \ +"Asia/Jayapura" " " \ +"Asia/Jerusalem" " " \ +"Asia/Kabul" " " \ +"Asia/Kamchatka" " " \ +"Asia/Karachi" " " \ +"Asia/Kashgar" " " \ +"Asia/Kathmandu" " " \ +"Asia/Katmandu" " " \ +"Asia/Khandyga" " " \ +"Asia/Kolkata" " " \ +"Asia/Krasnoyarsk" " " \ +"Asia/Kuala_Lumpur" " " \ +"Asia/Kuching" " " \ +"Asia/Kuwait" " " \ +"Asia/Macao" " " \ +"Asia/Macau" " " \ +"Asia/Magadan" " " \ +"Asia/Makassar" " " \ +"Asia/Manila" " " \ +"Asia/Muscat" " " \ +"Asia/Nicosia" " " \ +"Asia/Novokuznetsk" " " \ +"Asia/Novosibirsk" " " \ +"Asia/Omsk" " " \ +"Asia/Oral" " " \ +"Asia/Phnom_Penh" " " \ +"Asia/Pontianak" " " \ +"Asia/Pyongyang" " " \ +"Asia/Qatar" " " \ +"Asia/Qyzylorda" " " \ +"Asia/Rangoon" " " \ +"Asia/Riyadh" " " \ +"Asia/Saigon" " " \ +"Asia/Sakhalin" " " \ +"Asia/Samarkand" " " \ +"Asia/Seoul" " " \ +"Asia/Shanghai" " " \ +"Asia/Singapore" " " \ +"Asia/Srednekolymsk" " " \ +"Asia/Taipei" " " \ +"Asia/Tashkent" " " \ +"Asia/Tbilisi" " " \ +"Asia/Tehran" " " \ +"Asia/Tel_Aviv" " " \ +"Asia/Thimbu" " " \ +"Asia/Thimphu" " " \ +"Asia/Tokyo" " " \ +"Asia/Ujung_Pandang" " " \ +"Asia/Ulaanbaatar" " " \ +"Asia/Ulan_Bator" " " \ +"Asia/Urumqi" " " \ +"Asia/Ust-Nera" " " \ +"Asia/Vientiane" " " \ +"Asia/Vladivostok" " " \ +"Asia/Yakutsk" " " \ +"Asia/Yekaterinburg" " " \ +"Asia/Yerevan" " " \ +"Atlantic/Azores" " " \ +"Atlantic/Bermuda" " " \ +"Atlantic/Canary" " " \ +"Atlantic/Cape_Verde" " " \ +"Atlantic/Faeroe" " " \ +"Atlantic/Faroe" " " \ +"Atlantic/Jan_Mayen" " " \ +"Atlantic/Madeira" " " \ +"Atlantic/Reykjavik" " " \ +"Atlantic/South_Georgia" " " \ +"Atlantic/St_Helena" " " \ +"Atlantic/Stanley" " " \ +"Australia/ACT" " " \ +"Australia/Adelaide" " " \ +"Australia/Brisbane" " " \ +"Australia/Broken_Hill" " " \ +"Australia/Canberra" " " \ +"Australia/Currie" " " \ +"Australia/Darwin" " " \ +"Australia/Eucla" " " \ +"Australia/Hobart" " " \ +"Australia/LHI" " " \ +"Australia/Lindeman" " " \ +"Australia/Lord_Howe" " " \ +"Australia/Melbourne" " " \ +"Australia/NSW" " " \ +"Australia/North" " " \ +"Australia/Perth" " " \ +"Australia/Queensland" " " \ +"Australia/South" " " \ +"Australia/Sydney" " " \ +"Australia/Tasmania" " " \ +"Australia/Victoria" " " \ +"Australia/West" " " \ +"Australia/Yancowinna" " " \ +"Brazil/Acre" " " \ +"Brazil/DeNoronha" " " \ +"Brazil/East" " " \ +"Brazil/West" " " \ +"CET" " " \ +"CST6CDT" " " \ +"Canada/Atlantic" " " \ +"Canada/Central" " " \ +"Canada/East-Saskatchewan" " " \ +"Canada/Eastern" " " \ +"Canada/Mountain" " " \ +"Canada/Newfoundland" " " \ +"Canada/Pacific" " " \ +"Canada/Saskatchewan" " " \ +"Canada/Yukon" " " \ +"Chile/Continental" " " \ +"Chile/EasterIsland" " " \ +"Cuba" " " \ +"EET" " " \ +"EST" " " \ +"EST5EDT" " " \ +"Egypt" " " \ +"Eire" " " \ +"Etc/GMT" " " \ +"Etc/GMT+0" " " \ +"Etc/GMT+1" " " \ +"Etc/GMT+10" " " \ +"Etc/GMT+11" " " \ +"Etc/GMT+12" " " \ +"Etc/GMT+2" " " \ +"Etc/GMT+3" " " \ +"Etc/GMT+4" " " \ +"Etc/GMT+5" " " \ +"Etc/GMT+6" " " \ +"Etc/GMT+7" " " \ +"Etc/GMT+8" " " \ +"Etc/GMT+9" " " \ +"Etc/GMT-0" " " \ +"Etc/GMT-1" " " \ +"Etc/GMT-10" " " \ +"Etc/GMT-11" " " \ +"Etc/GMT-12" " " \ +"Etc/GMT-13" " " \ +"Etc/GMT-14" " " \ +"Etc/GMT-2" " " \ +"Etc/GMT-3" " " \ +"Etc/GMT-4" " " \ +"Etc/GMT-5" " " \ +"Etc/GMT-6" " " \ +"Etc/GMT-7" " " \ +"Etc/GMT-8" " " \ +"Etc/GMT-9" " " \ +"Etc/GMT0" " " \ +"Etc/Greenwich" " " \ +"Etc/UCT" " " \ +"Etc/UTC" " " \ +"Etc/Universal" " " \ +"Etc/Zulu" " " \ +"Europe/Amsterdam" " " \ +"Europe/Andorra" " " \ +"Europe/Athens" " " \ +"Europe/Belfast" " " \ +"Europe/Belgrade" " " \ +"Europe/Berlin" " " \ +"Europe/Bratislava" " " \ +"Europe/Brussels" " " \ +"Europe/Bucharest" " " \ +"Europe/Budapest" " " \ +"Europe/Busingen" " " \ +"Europe/Chisinau" " " \ +"Europe/Copenhagen" " " \ +"Europe/Dublin" " " \ +"Europe/Gibraltar" " " \ +"Europe/Guernsey" " " \ +"Europe/Helsinki" " " \ +"Europe/Isle_of_Man" " " \ +"Europe/Istanbul" " " \ +"Europe/Jersey" " " \ +"Europe/Kaliningrad" " " \ +"Europe/Kiev" " " \ +"Europe/Lisbon" " " \ +"Europe/Ljubljana" " " \ +"Europe/London" " " \ +"Europe/Luxembourg" " " \ +"Europe/Madrid" " " \ +"Europe/Malta" " " \ +"Europe/Mariehamn" " " \ +"Europe/Minsk" " " \ +"Europe/Monaco" " " \ +"Europe/Moscow" " " \ +"Europe/Nicosia" " " \ +"Europe/Oslo" " " \ +"Europe/Paris" " " \ +"Europe/Podgorica" " " \ +"Europe/Prague" " " \ +"Europe/Riga" " " \ +"Europe/Rome" " " \ +"Europe/Samara" " " \ +"Europe/San_Marino" " " \ +"Europe/Sarajevo" " " \ +"Europe/Simferopol" " " \ +"Europe/Skopje" " " \ +"Europe/Sofia" " " \ +"Europe/Stockholm" " " \ +"Europe/Tallinn" " " \ +"Europe/Tirane" " " \ +"Europe/Tiraspol" " " \ +"Europe/Uzhgorod" " " \ +"Europe/Vaduz" " " \ +"Europe/Vatican" " " \ +"Europe/Vienna" " " \ +"Europe/Vilnius" " " \ +"Europe/Volgograd" " " \ +"Europe/Warsaw" " " \ +"Europe/Zagreb" " " \ +"Europe/Zaporozhye" " " \ +"Europe/Zurich" " " \ +"Factory" " " \ +"GB" " " \ +"GB-Eire" " " \ +"GMT" " " \ +"GMT+0" " " \ +"GMT-0" " " \ +"GMT0" " " \ +"Greenwich" " " \ +"HST" " " \ +"Hongkong" " " \ +"Iceland" " " \ +"Indian/Antananarivo" " " \ +"Indian/Chagos" " " \ +"Indian/Christmas" " " \ +"Indian/Cocos" " " \ +"Indian/Comoro" " " \ +"Indian/Kerguelen" " " \ +"Indian/Mahe" " " \ +"Indian/Maldives" " " \ +"Indian/Mauritius" " " \ +"Indian/Mayotte" " " \ +"Indian/Reunion" " " \ +"Iran" " " \ +"Israel" " " \ +"Jamaica" " " \ +"Japan" " " \ +"Kwajalein" " " \ +"Libya" " " \ +"MET" " " \ +"MST" " " \ +"MST7MDT" " " \ +"Mexico/BajaNorte" " " \ +"Mexico/BajaSur" " " \ +"Mexico/General" " " \ +"NZ" " " \ +"NZ-CHAT" " " \ +"Navajo" " " \ +"PRC" " " \ +"PST8PDT" " " \ +"Pacific/Apia" " " \ +"Pacific/Auckland" " " \ +"Pacific/Bougainville" " " \ +"Pacific/Chatham" " " \ +"Pacific/Chuuk" " " \ +"Pacific/Easter" " " \ +"Pacific/Efate" " " \ +"Pacific/Enderbury" " " \ +"Pacific/Fakaofo" " " \ +"Pacific/Fiji" " " \ +"Pacific/Funafuti" " " \ +"Pacific/Galapagos" " " \ +"Pacific/Gambier" " " \ +"Pacific/Guadalcanal" " " \ +"Pacific/Guam" " " \ +"Pacific/Honolulu" " " \ +"Pacific/Johnston" " " \ +"Pacific/Kiritimati" " " \ +"Pacific/Kosrae" " " \ +"Pacific/Kwajalein" " " \ +"Pacific/Majuro" " " \ +"Pacific/Marquesas" " " \ +"Pacific/Midway" " " \ +"Pacific/Nauru" " " \ +"Pacific/Niue" " " \ +"Pacific/Norfolk" " " \ +"Pacific/Noumea" " " \ +"Pacific/Pago_Pago" " " \ +"Pacific/Palau" " " \ +"Pacific/Pitcairn" " " \ +"Pacific/Pohnpei" " " \ +"Pacific/Ponape" " " \ +"Pacific/Port_Moresby" " " \ +"Pacific/Rarotonga" " " \ +"Pacific/Saipan" " " \ +"Pacific/Samoa" " " \ +"Pacific/Tahiti" " " \ +"Pacific/Tarawa" " " \ +"Pacific/Tongatapu" " " \ +"Pacific/Truk" " " \ +"Pacific/Wake" " " \ +"Pacific/Wallis" " " \ +"Pacific/Yap" " " \ +"Poland" " " \ +"Portugal" " " \ +"ROC" " " \ +"ROK" " " \ +"Singapore" " " \ +"Turkey" " " \ +"UCT" " " \ +"UTC" " " \ +"Universal" " " \ +"W-SU" " " \ +"WET" " " \ +"Zulu" " " \ +"posixrules" " " \ diff --git a/patches/source/glibc-zoneinfo/timezone-scripts/parts/02 b/patches/source/glibc-zoneinfo/timezone-scripts/parts/02 new file mode 100644 index 000000000..bd5a50bb0 --- /dev/null +++ b/patches/source/glibc-zoneinfo/timezone-scripts/parts/02 @@ -0,0 +1,28 @@ + 2> $TMP/tz + + if [ $? = 1 -o $? = 255 ]; then + rm -f $TMP/tz + exit + fi + + TIMEZONE="`cat $TMP/tz`" + rm -f $TMP/tz + + setzone $TIMEZONE + exit +else + ### + ### use text prompts + ### + while [ 0 ]; do + echo -n "Would you like to configure your timezone ([y]es, [n]o)? " + read TIMECONF; + echo + + if [ "$TIMECONF" = "n" ]; then + break + fi + + cat << EOF +Select one of these timezones: + diff --git a/patches/source/glibc-zoneinfo/timezone-scripts/parts/03 b/patches/source/glibc-zoneinfo/timezone-scripts/parts/03 new file mode 100644 index 000000000..f595dfab0 --- /dev/null +++ b/patches/source/glibc-zoneinfo/timezone-scripts/parts/03 @@ -0,0 +1,585 @@ +US/Alaska +US/Aleutian +US/Arizona +US/Central +US/East-Indiana +US/Eastern +US/Hawaii +US/Indiana-Starke +US/Michigan +US/Mountain +US/Pacific +US/Pacific-New +US/Samoa +Africa/Abidjan +Africa/Accra +Africa/Addis_Ababa +Africa/Algiers +Africa/Asmara +Africa/Asmera +Africa/Bamako +Africa/Bangui +Africa/Banjul +Africa/Bissau +Africa/Blantyre +Africa/Brazzaville +Africa/Bujumbura +Africa/Cairo +Africa/Casablanca +Africa/Ceuta +Africa/Conakry +Africa/Dakar +Africa/Dar_es_Salaam +Africa/Djibouti +Africa/Douala +Africa/El_Aaiun +Africa/Freetown +Africa/Gaborone +Africa/Harare +Africa/Johannesburg +Africa/Juba +Africa/Kampala +Africa/Khartoum +Africa/Kigali +Africa/Kinshasa +Africa/Lagos +Africa/Libreville +Africa/Lome +Africa/Luanda +Africa/Lubumbashi +Africa/Lusaka +Africa/Malabo +Africa/Maputo +Africa/Maseru +Africa/Mbabane +Africa/Mogadishu +Africa/Monrovia +Africa/Nairobi +Africa/Ndjamena +Africa/Niamey +Africa/Nouakchott +Africa/Ouagadougou +Africa/Porto-Novo +Africa/Sao_Tome +Africa/Timbuktu +Africa/Tripoli +Africa/Tunis +Africa/Windhoek +America/Adak +America/Anchorage +America/Anguilla +America/Antigua +America/Araguaina +America/Argentina/Buenos_Aires +America/Argentina/Catamarca +America/Argentina/ComodRivadavia +America/Argentina/Cordoba +America/Argentina/Jujuy +America/Argentina/La_Rioja +America/Argentina/Mendoza +America/Argentina/Rio_Gallegos +America/Argentina/Salta +America/Argentina/San_Juan +America/Argentina/San_Luis +America/Argentina/Tucuman +America/Argentina/Ushuaia +America/Aruba +America/Asuncion +America/Atikokan +America/Atka +America/Bahia +America/Bahia_Banderas +America/Barbados +America/Belem +America/Belize +America/Blanc-Sablon +America/Boa_Vista +America/Bogota +America/Boise +America/Buenos_Aires +America/Cambridge_Bay +America/Campo_Grande +America/Cancun +America/Caracas +America/Catamarca +America/Cayenne +America/Cayman +America/Chicago +America/Chihuahua +America/Coral_Harbour +America/Cordoba +America/Costa_Rica +America/Creston +America/Cuiaba +America/Curacao +America/Danmarkshavn +America/Dawson +America/Dawson_Creek +America/Denver +America/Detroit +America/Dominica +America/Edmonton +America/Eirunepe +America/El_Salvador +America/Ensenada +America/Fort_Nelson +America/Fort_Wayne +America/Fortaleza +America/Glace_Bay +America/Godthab +America/Goose_Bay +America/Grand_Turk +America/Grenada +America/Guadeloupe +America/Guatemala +America/Guayaquil +America/Guyana +America/Halifax +America/Havana +America/Hermosillo +America/Indiana/Indianapolis +America/Indiana/Knox +America/Indiana/Marengo +America/Indiana/Petersburg +America/Indiana/Tell_City +America/Indiana/Vevay +America/Indiana/Vincennes +America/Indiana/Winamac +America/Indianapolis +America/Inuvik +America/Iqaluit +America/Jamaica +America/Jujuy +America/Juneau +America/Kentucky/Louisville +America/Kentucky/Monticello +America/Knox_IN +America/Kralendijk +America/La_Paz +America/Lima +America/Los_Angeles +America/Louisville +America/Lower_Princes +America/Maceio +America/Managua +America/Manaus +America/Marigot +America/Martinique +America/Matamoros +America/Mazatlan +America/Mendoza +America/Menominee +America/Merida +America/Metlakatla +America/Mexico_City +America/Miquelon +America/Moncton +America/Monterrey +America/Montevideo +America/Montreal +America/Montserrat +America/Nassau +America/New_York +America/Nipigon +America/Nome +America/Noronha +America/North_Dakota/Beulah +America/North_Dakota/Center +America/North_Dakota/New_Salem +America/Ojinaga +America/Panama +America/Pangnirtung +America/Paramaribo +America/Phoenix +America/Port-au-Prince +America/Port_of_Spain +America/Porto_Acre +America/Porto_Velho +America/Puerto_Rico +America/Rainy_River +America/Rankin_Inlet +America/Recife +America/Regina +America/Resolute +America/Rio_Branco +America/Rosario +America/Santa_Isabel +America/Santarem +America/Santiago +America/Santo_Domingo +America/Sao_Paulo +America/Scoresbysund +America/Shiprock +America/Sitka +America/St_Barthelemy +America/St_Johns +America/St_Kitts +America/St_Lucia +America/St_Thomas +America/St_Vincent +America/Swift_Current +America/Tegucigalpa +America/Thule +America/Thunder_Bay +America/Tijuana +America/Toronto +America/Tortola +America/Vancouver +America/Virgin +America/Whitehorse +America/Winnipeg +America/Yakutat +America/Yellowknife +Antarctica/Casey +Antarctica/Davis +Antarctica/DumontDUrville +Antarctica/Macquarie +Antarctica/Mawson +Antarctica/McMurdo +Antarctica/Palmer +Antarctica/Rothera +Antarctica/South_Pole +Antarctica/Syowa +Antarctica/Troll +Antarctica/Vostok +Arctic/Longyearbyen +Asia/Aden +Asia/Almaty +Asia/Amman +Asia/Anadyr +Asia/Aqtau +Asia/Aqtobe +Asia/Ashgabat +Asia/Ashkhabad +Asia/Baghdad +Asia/Bahrain +Asia/Baku +Asia/Bangkok +Asia/Beirut +Asia/Bishkek +Asia/Brunei +Asia/Calcutta +Asia/Chita +Asia/Choibalsan +Asia/Chongqing +Asia/Chungking +Asia/Colombo +Asia/Dacca +Asia/Damascus +Asia/Dhaka +Asia/Dili +Asia/Dubai +Asia/Dushanbe +Asia/Gaza +Asia/Harbin +Asia/Hebron +Asia/Ho_Chi_Minh +Asia/Hong_Kong +Asia/Hovd +Asia/Irkutsk +Asia/Istanbul +Asia/Jakarta +Asia/Jayapura +Asia/Jerusalem +Asia/Kabul +Asia/Kamchatka +Asia/Karachi +Asia/Kashgar +Asia/Kathmandu +Asia/Katmandu +Asia/Khandyga +Asia/Kolkata +Asia/Krasnoyarsk +Asia/Kuala_Lumpur +Asia/Kuching +Asia/Kuwait +Asia/Macao +Asia/Macau +Asia/Magadan +Asia/Makassar +Asia/Manila +Asia/Muscat +Asia/Nicosia +Asia/Novokuznetsk +Asia/Novosibirsk +Asia/Omsk +Asia/Oral +Asia/Phnom_Penh +Asia/Pontianak +Asia/Pyongyang +Asia/Qatar +Asia/Qyzylorda +Asia/Rangoon +Asia/Riyadh +Asia/Saigon +Asia/Sakhalin +Asia/Samarkand +Asia/Seoul +Asia/Shanghai +Asia/Singapore +Asia/Srednekolymsk +Asia/Taipei +Asia/Tashkent +Asia/Tbilisi +Asia/Tehran +Asia/Tel_Aviv +Asia/Thimbu +Asia/Thimphu +Asia/Tokyo +Asia/Ujung_Pandang +Asia/Ulaanbaatar +Asia/Ulan_Bator +Asia/Urumqi +Asia/Ust-Nera +Asia/Vientiane +Asia/Vladivostok +Asia/Yakutsk +Asia/Yekaterinburg +Asia/Yerevan +Atlantic/Azores +Atlantic/Bermuda +Atlantic/Canary +Atlantic/Cape_Verde +Atlantic/Faeroe +Atlantic/Faroe +Atlantic/Jan_Mayen +Atlantic/Madeira +Atlantic/Reykjavik +Atlantic/South_Georgia +Atlantic/St_Helena +Atlantic/Stanley +Australia/ACT +Australia/Adelaide +Australia/Brisbane +Australia/Broken_Hill +Australia/Canberra +Australia/Currie +Australia/Darwin +Australia/Eucla +Australia/Hobart +Australia/LHI +Australia/Lindeman +Australia/Lord_Howe +Australia/Melbourne +Australia/NSW +Australia/North +Australia/Perth +Australia/Queensland +Australia/South +Australia/Sydney +Australia/Tasmania +Australia/Victoria +Australia/West +Australia/Yancowinna +Brazil/Acre +Brazil/DeNoronha +Brazil/East +Brazil/West +CET +CST6CDT +Canada/Atlantic +Canada/Central +Canada/East-Saskatchewan +Canada/Eastern +Canada/Mountain +Canada/Newfoundland +Canada/Pacific +Canada/Saskatchewan +Canada/Yukon +Chile/Continental +Chile/EasterIsland +Cuba +EET +EST +EST5EDT +Egypt +Eire +Etc/GMT +Etc/GMT+0 +Etc/GMT+1 +Etc/GMT+10 +Etc/GMT+11 +Etc/GMT+12 +Etc/GMT+2 +Etc/GMT+3 +Etc/GMT+4 +Etc/GMT+5 +Etc/GMT+6 +Etc/GMT+7 +Etc/GMT+8 +Etc/GMT+9 +Etc/GMT-0 +Etc/GMT-1 +Etc/GMT-10 +Etc/GMT-11 +Etc/GMT-12 +Etc/GMT-13 +Etc/GMT-14 +Etc/GMT-2 +Etc/GMT-3 +Etc/GMT-4 +Etc/GMT-5 +Etc/GMT-6 +Etc/GMT-7 +Etc/GMT-8 +Etc/GMT-9 +Etc/GMT0 +Etc/Greenwich +Etc/UCT +Etc/UTC +Etc/Universal +Etc/Zulu +Europe/Amsterdam +Europe/Andorra +Europe/Athens +Europe/Belfast +Europe/Belgrade +Europe/Berlin +Europe/Bratislava +Europe/Brussels +Europe/Bucharest +Europe/Budapest +Europe/Busingen +Europe/Chisinau +Europe/Copenhagen +Europe/Dublin +Europe/Gibraltar +Europe/Guernsey +Europe/Helsinki +Europe/Isle_of_Man +Europe/Istanbul +Europe/Jersey +Europe/Kaliningrad +Europe/Kiev +Europe/Lisbon +Europe/Ljubljana +Europe/London +Europe/Luxembourg +Europe/Madrid +Europe/Malta +Europe/Mariehamn +Europe/Minsk +Europe/Monaco +Europe/Moscow +Europe/Nicosia +Europe/Oslo +Europe/Paris +Europe/Podgorica +Europe/Prague +Europe/Riga +Europe/Rome +Europe/Samara +Europe/San_Marino +Europe/Sarajevo +Europe/Simferopol +Europe/Skopje +Europe/Sofia +Europe/Stockholm +Europe/Tallinn +Europe/Tirane +Europe/Tiraspol +Europe/Uzhgorod +Europe/Vaduz +Europe/Vatican +Europe/Vienna +Europe/Vilnius +Europe/Volgograd +Europe/Warsaw +Europe/Zagreb +Europe/Zaporozhye +Europe/Zurich +Factory +GB +GB-Eire +GMT +GMT+0 +GMT-0 +GMT0 +Greenwich +HST +Hongkong +Iceland +Indian/Antananarivo +Indian/Chagos +Indian/Christmas +Indian/Cocos +Indian/Comoro +Indian/Kerguelen +Indian/Mahe +Indian/Maldives +Indian/Mauritius +Indian/Mayotte +Indian/Reunion +Iran +Israel +Jamaica +Japan +Kwajalein +Libya +MET +MST +MST7MDT +Mexico/BajaNorte +Mexico/BajaSur +Mexico/General +NZ +NZ-CHAT +Navajo +PRC +PST8PDT +Pacific/Apia +Pacific/Auckland +Pacific/Bougainville +Pacific/Chatham +Pacific/Chuuk +Pacific/Easter +Pacific/Efate +Pacific/Enderbury +Pacific/Fakaofo +Pacific/Fiji +Pacific/Funafuti +Pacific/Galapagos +Pacific/Gambier +Pacific/Guadalcanal +Pacific/Guam +Pacific/Honolulu +Pacific/Johnston +Pacific/Kiritimati +Pacific/Kosrae +Pacific/Kwajalein +Pacific/Majuro +Pacific/Marquesas +Pacific/Midway +Pacific/Nauru +Pacific/Niue +Pacific/Norfolk +Pacific/Noumea +Pacific/Pago_Pago +Pacific/Palau +Pacific/Pitcairn +Pacific/Pohnpei +Pacific/Ponape +Pacific/Port_Moresby +Pacific/Rarotonga +Pacific/Saipan +Pacific/Samoa +Pacific/Tahiti +Pacific/Tarawa +Pacific/Tongatapu +Pacific/Truk +Pacific/Wake +Pacific/Wallis +Pacific/Yap +Poland +Portugal +ROC +ROK +Singapore +Turkey +UCT +UTC +Universal +W-SU +WET +Zulu +posixrules diff --git a/patches/source/glibc-zoneinfo/timezone-scripts/parts/04 b/patches/source/glibc-zoneinfo/timezone-scripts/parts/04 new file mode 100644 index 000000000..5b0da0e83 --- /dev/null +++ b/patches/source/glibc-zoneinfo/timezone-scripts/parts/04 @@ -0,0 +1,33 @@ + +Type it at the prompt below exactly as it appears above. (NOTE: If you don't +see your timezone, use "timeconfig" again after booting for the verbose list) + +EOF + echo -n "Timezone? " + read TIMEZONE; + echo + + if [ -n "$TIMEZONE" -a \ + -r $T_PX/usr/share/zoneinfo/$TIMEZONE -o \ + -r /var/log/mount/usr/share/zoneinfo/$TIMEZONE -o \ + -L $T_PX/usr/share/zoneinfo/$TIMEZONE -o \ + -L /var/log/mount/usr/share/zoneinfo/$TIMEZONE ]; then + echo "Creating link from $TIMEZONE to localtime in /etc..." + echo + setzone $TIMEZONE + exit + else + cat << EOF + +Timezone $TIMEZONE could not be found. You may try again if you wish. +Make sure you type the name exactly as it appears - this configuration script +is case sensitive. + +Press [enter] to continue. + +EOF + read JUNK; + fi + done +fi + diff --git a/patches/source/glibc-zoneinfo/timezone-scripts/parts/README b/patches/source/glibc-zoneinfo/timezone-scripts/parts/README new file mode 100644 index 000000000..80d5cf5b4 --- /dev/null +++ b/patches/source/glibc-zoneinfo/timezone-scripts/parts/README @@ -0,0 +1,2 @@ +Files 01 and 03 are samples, showing the format, and are +not necessarily up to date... diff --git a/patches/source/glibc-zoneinfo/timezone-scripts/setup.timeconfig b/patches/source/glibc-zoneinfo/timezone-scripts/setup.timeconfig new file mode 100644 index 000000000..81ff7055f --- /dev/null +++ b/patches/source/glibc-zoneinfo/timezone-scripts/setup.timeconfig @@ -0,0 +1,3 @@ +#!/bin/sh +#BLURB="Select your timezone" +sh usr/sbin/timeconfig $* diff --git a/patches/source/glibc-zoneinfo/timezone-scripts/timeconfig b/patches/source/glibc-zoneinfo/timezone-scripts/timeconfig new file mode 100644 index 000000000..0fa59ac02 --- /dev/null +++ b/patches/source/glibc-zoneinfo/timezone-scripts/timeconfig @@ -0,0 +1,1363 @@ +#!/bin/sh +# +# timeconfig Slackware Linux timezone configuration utility. +# +# Author: Patrick Volkerding <volkerdi@slackware.com> +# Modified by: David Cantrell <david@slackware.com>, 06-Oct-2000 +# +# ChangeLog: +# 2014-10-22: Updated timezones from tzdata2014i. <pjv> +# 2012-12-12: Updated timezones from tzdata2012j. <pjv> +# 2008-03-10: Updated timezones from tzdata2008a. <pjv> +# 2007-12-21: Updated timezones from tzdata2007j. <pjv> +# 2006-12-03: Updated timezones from tzdata2006p. <pjv> +# 2006-09-14: Updated timezones from tzdata2006k. <pjv> +# 2006-08-22: Updated timezones from tzdata2006j. +# 2006-08-13: Updated timezones from tzdata2006g. +# 2006-03-13: Updated timezones from tzdata2006c. +# 19-Feb-2001 Add new timezones from glibc-2.2.2. +# 06-Oct-2000 Fixed a problem with selecting UTC time. It was writing +# the hardwareclock file to the root disk and not your dest +# partition. Changed the HWCLOCK_CONF variable to be +# $T_PX/etc/hardwareclock to fix this. Thanks to David L. +# Dickman <softbear@optonline.net> for finding this and +# submitting a patch. +# +# 15-Mar-2000 Added the writeconf function to write out the +# /etc/hardwareclock file which tells what the hardware clock +# is set to (UTC or localtime). +# +# 03-Mar-2000 Reorganized script. Made one timezone set block, added +# stage that asks the user if the hardware clock is set to +# UTC. + +# setup our temp locations and variables +TMP=/var/log/setup/tmp +if [ -r $TMP/SeTT_PX ]; then + T_PX="`cat $TMP/SeTT_PX`" +elif [ ! "$!" = "" ]; then + T_PX=$1 +else + T_PX=/ +fi + +# the hardware clock configuration file +HWCLOCK_CONF=$T_PX/etc/hardwareclock + +# setzone( $TIMEZONE ) +# +# This function accepts a time zone as the only parameter and sets it as +# the default system time zone. +setzone() +{ + TZ=$1 + + cd $T_PX/etc + if [ -r $T_PX/usr/share/zoneinfo/$TZ -o \ + -r /var/log/mount/usr/share/zoneinfo/$TZ -o \ + -L $T_PX/usr/share/zoneinfo/$TZ -o \ + -L /var/log/mount/usr/share/zoneinfo/$TZ ]; then + rm -f localtime-copied-from + ln -sf /usr/share/zoneinfo/$TZ localtime-copied-from + rm -f localtime + cd .. + chroot . cp etc/localtime-copied-from etc/localtime + fi +} + +# writeconf( $CLOCK_SET_TO ) +# +# Writes out $HWCLOCK_CONF that tells rc.S how the hardware clock +# value is stored. +writeconf() +{ + echo "# /etc/hardwareclock" > $HWCLOCK_CONF + echo "#" >> $HWCLOCK_CONF + echo "# Tells how the hardware clock time is stored." >> $HWCLOCK_CONF + echo "# You should run timeconfig to edit this file." >> $HWCLOCK_CONF + echo >> $HWCLOCK_CONF + echo $1 >> $HWCLOCK_CONF +} + +# ask the user if the hardware clock is set for UTC/GMT +if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then + ### + ### use color menus here + ### + dialog --title "HARDWARE CLOCK SET TO UTC?" --menu "Is the hardware clock set \ +to Coordinated Universal Time (UTC/GMT)? If it is, select YES here. If the \ +hardware clock is set to the current local time (this is how most PCs are set \ +up), then say NO here. If you are not sure what this is, you should answer NO \ +here." 13 60 2 \ + "NO" "Hardware clock is set to local time" \ + "YES" "Hardware clock is set to UTC" \ + 2> $TMP/utc + if [ $? = 1 -o $? = 255 ]; then + rm -f $TMP/utc + exit + fi + if [ "`cat $TMP/utc`" = "YES" ]; then + # yes, the hardware clock is UTC + writeconf "UTC" + else # must be NO + writeconf "localtime" + fi + rm -f $TMP/utc +else + ### + ### use text prompts + ### + echo "Is the hardware clock set to Coordinated Universal Time (UTC/GMT)?" + echo "If it is, select 'y' here. If the hardware clock is set to the" + echo "current local time (this is how most PCs are set up), then say 'n'" + echo "here. If you are not sure what this is, you should answer 'n' here." + echo + echo -n "Is your hardware clock set to UTC ([y]es, [n]o)? " + read HEJAZ + + if [ "$HEJAZ" = "y" -o "$HEJAZ" = "Y" -o "$HEJAZ" = "YES" -o "$HEJAZ" = "yes" ]; then + # yes, the hardware clock is UTC + writeconf "UTC" + else + # default to localtime + writeconf "localtime" + fi +fi + +# Now set the correct timezone link: +if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then + ### + ### use color menus here + ### + dialog --title "TIMEZONE CONFIGURATION" --menu "Please select one of the following timezones for your machine:" 21 50 13 \ +"US/Alaska" " " \ +"US/Aleutian" " " \ +"US/Arizona" " " \ +"US/Central" " " \ +"US/East-Indiana" " " \ +"US/Eastern" " " \ +"US/Hawaii" " " \ +"US/Indiana-Starke" " " \ +"US/Michigan" " " \ +"US/Mountain" " " \ +"US/Pacific" " " \ +"US/Pacific-New" " " \ +"US/Samoa" " " \ +"Africa/Abidjan" " " \ +"Africa/Accra" " " \ +"Africa/Addis_Ababa" " " \ +"Africa/Algiers" " " \ +"Africa/Asmara" " " \ +"Africa/Asmera" " " \ +"Africa/Bamako" " " \ +"Africa/Bangui" " " \ +"Africa/Banjul" " " \ +"Africa/Bissau" " " \ +"Africa/Blantyre" " " \ +"Africa/Brazzaville" " " \ +"Africa/Bujumbura" " " \ +"Africa/Cairo" " " \ +"Africa/Casablanca" " " \ +"Africa/Ceuta" " " \ +"Africa/Conakry" " " \ +"Africa/Dakar" " " \ +"Africa/Dar_es_Salaam" " " \ +"Africa/Djibouti" " " \ +"Africa/Douala" " " \ +"Africa/El_Aaiun" " " \ +"Africa/Freetown" " " \ +"Africa/Gaborone" " " \ +"Africa/Harare" " " \ +"Africa/Johannesburg" " " \ +"Africa/Juba" " " \ +"Africa/Kampala" " " \ +"Africa/Khartoum" " " \ +"Africa/Kigali" " " \ +"Africa/Kinshasa" " " \ +"Africa/Lagos" " " \ +"Africa/Libreville" " " \ +"Africa/Lome" " " \ +"Africa/Luanda" " " \ +"Africa/Lubumbashi" " " \ +"Africa/Lusaka" " " \ +"Africa/Malabo" " " \ +"Africa/Maputo" " " \ +"Africa/Maseru" " " \ +"Africa/Mbabane" " " \ +"Africa/Mogadishu" " " \ +"Africa/Monrovia" " " \ +"Africa/Nairobi" " " \ +"Africa/Ndjamena" " " \ +"Africa/Niamey" " " \ +"Africa/Nouakchott" " " \ +"Africa/Ouagadougou" " " \ +"Africa/Porto-Novo" " " \ +"Africa/Sao_Tome" " " \ +"Africa/Timbuktu" " " \ +"Africa/Tripoli" " " \ +"Africa/Tunis" " " \ +"Africa/Windhoek" " " \ +"America/Adak" " " \ +"America/Anchorage" " " \ +"America/Anguilla" " " \ +"America/Antigua" " " \ +"America/Araguaina" " " \ +"America/Argentina/Buenos_Aires" " " \ +"America/Argentina/Catamarca" " " \ +"America/Argentina/ComodRivadavia" " " \ +"America/Argentina/Cordoba" " " \ +"America/Argentina/Jujuy" " " \ +"America/Argentina/La_Rioja" " " \ +"America/Argentina/Mendoza" " " \ +"America/Argentina/Rio_Gallegos" " " \ +"America/Argentina/Salta" " " \ +"America/Argentina/San_Juan" " " \ +"America/Argentina/San_Luis" " " \ +"America/Argentina/Tucuman" " " \ +"America/Argentina/Ushuaia" " " \ +"America/Aruba" " " \ +"America/Asuncion" " " \ +"America/Atikokan" " " \ +"America/Atka" " " \ +"America/Bahia" " " \ +"America/Bahia_Banderas" " " \ +"America/Barbados" " " \ +"America/Belem" " " \ +"America/Belize" " " \ +"America/Blanc-Sablon" " " \ +"America/Boa_Vista" " " \ +"America/Bogota" " " \ +"America/Boise" " " \ +"America/Buenos_Aires" " " \ +"America/Cambridge_Bay" " " \ +"America/Campo_Grande" " " \ +"America/Cancun" " " \ +"America/Caracas" " " \ +"America/Catamarca" " " \ +"America/Cayenne" " " \ +"America/Cayman" " " \ +"America/Chicago" " " \ +"America/Chihuahua" " " \ +"America/Coral_Harbour" " " \ +"America/Cordoba" " " \ +"America/Costa_Rica" " " \ +"America/Creston" " " \ +"America/Cuiaba" " " \ +"America/Curacao" " " \ +"America/Danmarkshavn" " " \ +"America/Dawson" " " \ +"America/Dawson_Creek" " " \ +"America/Denver" " " \ +"America/Detroit" " " \ +"America/Dominica" " " \ +"America/Edmonton" " " \ +"America/Eirunepe" " " \ +"America/El_Salvador" " " \ +"America/Ensenada" " " \ +"America/Fort_Nelson" " " \ +"America/Fort_Wayne" " " \ +"America/Fortaleza" " " \ +"America/Glace_Bay" " " \ +"America/Godthab" " " \ +"America/Goose_Bay" " " \ +"America/Grand_Turk" " " \ +"America/Grenada" " " \ +"America/Guadeloupe" " " \ +"America/Guatemala" " " \ +"America/Guayaquil" " " \ +"America/Guyana" " " \ +"America/Halifax" " " \ +"America/Havana" " " \ +"America/Hermosillo" " " \ +"America/Indiana/Indianapolis" " " \ +"America/Indiana/Knox" " " \ +"America/Indiana/Marengo" " " \ +"America/Indiana/Petersburg" " " \ +"America/Indiana/Tell_City" " " \ +"America/Indiana/Vevay" " " \ +"America/Indiana/Vincennes" " " \ +"America/Indiana/Winamac" " " \ +"America/Indianapolis" " " \ +"America/Inuvik" " " \ +"America/Iqaluit" " " \ +"America/Jamaica" " " \ +"America/Jujuy" " " \ +"America/Juneau" " " \ +"America/Kentucky/Louisville" " " \ +"America/Kentucky/Monticello" " " \ +"America/Knox_IN" " " \ +"America/Kralendijk" " " \ +"America/La_Paz" " " \ +"America/Lima" " " \ +"America/Los_Angeles" " " \ +"America/Louisville" " " \ +"America/Lower_Princes" " " \ +"America/Maceio" " " \ +"America/Managua" " " \ +"America/Manaus" " " \ +"America/Marigot" " " \ +"America/Martinique" " " \ +"America/Matamoros" " " \ +"America/Mazatlan" " " \ +"America/Mendoza" " " \ +"America/Menominee" " " \ +"America/Merida" " " \ +"America/Metlakatla" " " \ +"America/Mexico_City" " " \ +"America/Miquelon" " " \ +"America/Moncton" " " \ +"America/Monterrey" " " \ +"America/Montevideo" " " \ +"America/Montreal" " " \ +"America/Montserrat" " " \ +"America/Nassau" " " \ +"America/New_York" " " \ +"America/Nipigon" " " \ +"America/Nome" " " \ +"America/Noronha" " " \ +"America/North_Dakota/Beulah" " " \ +"America/North_Dakota/Center" " " \ +"America/North_Dakota/New_Salem" " " \ +"America/Ojinaga" " " \ +"America/Panama" " " \ +"America/Pangnirtung" " " \ +"America/Paramaribo" " " \ +"America/Phoenix" " " \ +"America/Port-au-Prince" " " \ +"America/Port_of_Spain" " " \ +"America/Porto_Acre" " " \ +"America/Porto_Velho" " " \ +"America/Puerto_Rico" " " \ +"America/Rainy_River" " " \ +"America/Rankin_Inlet" " " \ +"America/Recife" " " \ +"America/Regina" " " \ +"America/Resolute" " " \ +"America/Rio_Branco" " " \ +"America/Rosario" " " \ +"America/Santa_Isabel" " " \ +"America/Santarem" " " \ +"America/Santiago" " " \ +"America/Santo_Domingo" " " \ +"America/Sao_Paulo" " " \ +"America/Scoresbysund" " " \ +"America/Shiprock" " " \ +"America/Sitka" " " \ +"America/St_Barthelemy" " " \ +"America/St_Johns" " " \ +"America/St_Kitts" " " \ +"America/St_Lucia" " " \ +"America/St_Thomas" " " \ +"America/St_Vincent" " " \ +"America/Swift_Current" " " \ +"America/Tegucigalpa" " " \ +"America/Thule" " " \ +"America/Thunder_Bay" " " \ +"America/Tijuana" " " \ +"America/Toronto" " " \ +"America/Tortola" " " \ +"America/Vancouver" " " \ +"America/Virgin" " " \ +"America/Whitehorse" " " \ +"America/Winnipeg" " " \ +"America/Yakutat" " " \ +"America/Yellowknife" " " \ +"Antarctica/Casey" " " \ +"Antarctica/Davis" " " \ +"Antarctica/DumontDUrville" " " \ +"Antarctica/Macquarie" " " \ +"Antarctica/Mawson" " " \ +"Antarctica/McMurdo" " " \ +"Antarctica/Palmer" " " \ +"Antarctica/Rothera" " " \ +"Antarctica/South_Pole" " " \ +"Antarctica/Syowa" " " \ +"Antarctica/Troll" " " \ +"Antarctica/Vostok" " " \ +"Arctic/Longyearbyen" " " \ +"Asia/Aden" " " \ +"Asia/Almaty" " " \ +"Asia/Amman" " " \ +"Asia/Anadyr" " " \ +"Asia/Aqtau" " " \ +"Asia/Aqtobe" " " \ +"Asia/Ashgabat" " " \ +"Asia/Ashkhabad" " " \ +"Asia/Baghdad" " " \ +"Asia/Bahrain" " " \ +"Asia/Baku" " " \ +"Asia/Bangkok" " " \ +"Asia/Beirut" " " \ +"Asia/Bishkek" " " \ +"Asia/Brunei" " " \ +"Asia/Calcutta" " " \ +"Asia/Chita" " " \ +"Asia/Choibalsan" " " \ +"Asia/Chongqing" " " \ +"Asia/Chungking" " " \ +"Asia/Colombo" " " \ +"Asia/Dacca" " " \ +"Asia/Damascus" " " \ +"Asia/Dhaka" " " \ +"Asia/Dili" " " \ +"Asia/Dubai" " " \ +"Asia/Dushanbe" " " \ +"Asia/Gaza" " " \ +"Asia/Harbin" " " \ +"Asia/Hebron" " " \ +"Asia/Ho_Chi_Minh" " " \ +"Asia/Hong_Kong" " " \ +"Asia/Hovd" " " \ +"Asia/Irkutsk" " " \ +"Asia/Istanbul" " " \ +"Asia/Jakarta" " " \ +"Asia/Jayapura" " " \ +"Asia/Jerusalem" " " \ +"Asia/Kabul" " " \ +"Asia/Kamchatka" " " \ +"Asia/Karachi" " " \ +"Asia/Kashgar" " " \ +"Asia/Kathmandu" " " \ +"Asia/Katmandu" " " \ +"Asia/Khandyga" " " \ +"Asia/Kolkata" " " \ +"Asia/Krasnoyarsk" " " \ +"Asia/Kuala_Lumpur" " " \ +"Asia/Kuching" " " \ +"Asia/Kuwait" " " \ +"Asia/Macao" " " \ +"Asia/Macau" " " \ +"Asia/Magadan" " " \ +"Asia/Makassar" " " \ +"Asia/Manila" " " \ +"Asia/Muscat" " " \ +"Asia/Nicosia" " " \ +"Asia/Novokuznetsk" " " \ +"Asia/Novosibirsk" " " \ +"Asia/Omsk" " " \ +"Asia/Oral" " " \ +"Asia/Phnom_Penh" " " \ +"Asia/Pontianak" " " \ +"Asia/Pyongyang" " " \ +"Asia/Qatar" " " \ +"Asia/Qyzylorda" " " \ +"Asia/Rangoon" " " \ +"Asia/Riyadh" " " \ +"Asia/Saigon" " " \ +"Asia/Sakhalin" " " \ +"Asia/Samarkand" " " \ +"Asia/Seoul" " " \ +"Asia/Shanghai" " " \ +"Asia/Singapore" " " \ +"Asia/Srednekolymsk" " " \ +"Asia/Taipei" " " \ +"Asia/Tashkent" " " \ +"Asia/Tbilisi" " " \ +"Asia/Tehran" " " \ +"Asia/Tel_Aviv" " " \ +"Asia/Thimbu" " " \ +"Asia/Thimphu" " " \ +"Asia/Tokyo" " " \ +"Asia/Ujung_Pandang" " " \ +"Asia/Ulaanbaatar" " " \ +"Asia/Ulan_Bator" " " \ +"Asia/Urumqi" " " \ +"Asia/Ust-Nera" " " \ +"Asia/Vientiane" " " \ +"Asia/Vladivostok" " " \ +"Asia/Yakutsk" " " \ +"Asia/Yekaterinburg" " " \ +"Asia/Yerevan" " " \ +"Atlantic/Azores" " " \ +"Atlantic/Bermuda" " " \ +"Atlantic/Canary" " " \ +"Atlantic/Cape_Verde" " " \ +"Atlantic/Faeroe" " " \ +"Atlantic/Faroe" " " \ +"Atlantic/Jan_Mayen" " " \ +"Atlantic/Madeira" " " \ +"Atlantic/Reykjavik" " " \ +"Atlantic/South_Georgia" " " \ +"Atlantic/St_Helena" " " \ +"Atlantic/Stanley" " " \ +"Australia/ACT" " " \ +"Australia/Adelaide" " " \ +"Australia/Brisbane" " " \ +"Australia/Broken_Hill" " " \ +"Australia/Canberra" " " \ +"Australia/Currie" " " \ +"Australia/Darwin" " " \ +"Australia/Eucla" " " \ +"Australia/Hobart" " " \ +"Australia/LHI" " " \ +"Australia/Lindeman" " " \ +"Australia/Lord_Howe" " " \ +"Australia/Melbourne" " " \ +"Australia/NSW" " " \ +"Australia/North" " " \ +"Australia/Perth" " " \ +"Australia/Queensland" " " \ +"Australia/South" " " \ +"Australia/Sydney" " " \ +"Australia/Tasmania" " " \ +"Australia/Victoria" " " \ +"Australia/West" " " \ +"Australia/Yancowinna" " " \ +"Brazil/Acre" " " \ +"Brazil/DeNoronha" " " \ +"Brazil/East" " " \ +"Brazil/West" " " \ +"CET" " " \ +"CST6CDT" " " \ +"Canada/Atlantic" " " \ +"Canada/Central" " " \ +"Canada/East-Saskatchewan" " " \ +"Canada/Eastern" " " \ +"Canada/Mountain" " " \ +"Canada/Newfoundland" " " \ +"Canada/Pacific" " " \ +"Canada/Saskatchewan" " " \ +"Canada/Yukon" " " \ +"Chile/Continental" " " \ +"Chile/EasterIsland" " " \ +"Cuba" " " \ +"EET" " " \ +"EST" " " \ +"EST5EDT" " " \ +"Egypt" " " \ +"Eire" " " \ +"Etc/GMT" " " \ +"Etc/GMT+0" " " \ +"Etc/GMT+1" " " \ +"Etc/GMT+10" " " \ +"Etc/GMT+11" " " \ +"Etc/GMT+12" " " \ +"Etc/GMT+2" " " \ +"Etc/GMT+3" " " \ +"Etc/GMT+4" " " \ +"Etc/GMT+5" " " \ +"Etc/GMT+6" " " \ +"Etc/GMT+7" " " \ +"Etc/GMT+8" " " \ +"Etc/GMT+9" " " \ +"Etc/GMT-0" " " \ +"Etc/GMT-1" " " \ +"Etc/GMT-10" " " \ +"Etc/GMT-11" " " \ +"Etc/GMT-12" " " \ +"Etc/GMT-13" " " \ +"Etc/GMT-14" " " \ +"Etc/GMT-2" " " \ +"Etc/GMT-3" " " \ +"Etc/GMT-4" " " \ +"Etc/GMT-5" " " \ +"Etc/GMT-6" " " \ +"Etc/GMT-7" " " \ +"Etc/GMT-8" " " \ +"Etc/GMT-9" " " \ +"Etc/GMT0" " " \ +"Etc/Greenwich" " " \ +"Etc/UCT" " " \ +"Etc/UTC" " " \ +"Etc/Universal" " " \ +"Etc/Zulu" " " \ +"Europe/Amsterdam" " " \ +"Europe/Andorra" " " \ +"Europe/Athens" " " \ +"Europe/Belfast" " " \ +"Europe/Belgrade" " " \ +"Europe/Berlin" " " \ +"Europe/Bratislava" " " \ +"Europe/Brussels" " " \ +"Europe/Bucharest" " " \ +"Europe/Budapest" " " \ +"Europe/Busingen" " " \ +"Europe/Chisinau" " " \ +"Europe/Copenhagen" " " \ +"Europe/Dublin" " " \ +"Europe/Gibraltar" " " \ +"Europe/Guernsey" " " \ +"Europe/Helsinki" " " \ +"Europe/Isle_of_Man" " " \ +"Europe/Istanbul" " " \ +"Europe/Jersey" " " \ +"Europe/Kaliningrad" " " \ +"Europe/Kiev" " " \ +"Europe/Lisbon" " " \ +"Europe/Ljubljana" " " \ +"Europe/London" " " \ +"Europe/Luxembourg" " " \ +"Europe/Madrid" " " \ +"Europe/Malta" " " \ +"Europe/Mariehamn" " " \ +"Europe/Minsk" " " \ +"Europe/Monaco" " " \ +"Europe/Moscow" " " \ +"Europe/Nicosia" " " \ +"Europe/Oslo" " " \ +"Europe/Paris" " " \ +"Europe/Podgorica" " " \ +"Europe/Prague" " " \ +"Europe/Riga" " " \ +"Europe/Rome" " " \ +"Europe/Samara" " " \ +"Europe/San_Marino" " " \ +"Europe/Sarajevo" " " \ +"Europe/Simferopol" " " \ +"Europe/Skopje" " " \ +"Europe/Sofia" " " \ +"Europe/Stockholm" " " \ +"Europe/Tallinn" " " \ +"Europe/Tirane" " " \ +"Europe/Tiraspol" " " \ +"Europe/Uzhgorod" " " \ +"Europe/Vaduz" " " \ +"Europe/Vatican" " " \ +"Europe/Vienna" " " \ +"Europe/Vilnius" " " \ +"Europe/Volgograd" " " \ +"Europe/Warsaw" " " \ +"Europe/Zagreb" " " \ +"Europe/Zaporozhye" " " \ +"Europe/Zurich" " " \ +"Factory" " " \ +"GB" " " \ +"GB-Eire" " " \ +"GMT" " " \ +"GMT+0" " " \ +"GMT-0" " " \ +"GMT0" " " \ +"Greenwich" " " \ +"HST" " " \ +"Hongkong" " " \ +"Iceland" " " \ +"Indian/Antananarivo" " " \ +"Indian/Chagos" " " \ +"Indian/Christmas" " " \ +"Indian/Cocos" " " \ +"Indian/Comoro" " " \ +"Indian/Kerguelen" " " \ +"Indian/Mahe" " " \ +"Indian/Maldives" " " \ +"Indian/Mauritius" " " \ +"Indian/Mayotte" " " \ +"Indian/Reunion" " " \ +"Iran" " " \ +"Israel" " " \ +"Jamaica" " " \ +"Japan" " " \ +"Kwajalein" " " \ +"Libya" " " \ +"MET" " " \ +"MST" " " \ +"MST7MDT" " " \ +"Mexico/BajaNorte" " " \ +"Mexico/BajaSur" " " \ +"Mexico/General" " " \ +"NZ" " " \ +"NZ-CHAT" " " \ +"Navajo" " " \ +"PRC" " " \ +"PST8PDT" " " \ +"Pacific/Apia" " " \ +"Pacific/Auckland" " " \ +"Pacific/Bougainville" " " \ +"Pacific/Chatham" " " \ +"Pacific/Chuuk" " " \ +"Pacific/Easter" " " \ +"Pacific/Efate" " " \ +"Pacific/Enderbury" " " \ +"Pacific/Fakaofo" " " \ +"Pacific/Fiji" " " \ +"Pacific/Funafuti" " " \ +"Pacific/Galapagos" " " \ +"Pacific/Gambier" " " \ +"Pacific/Guadalcanal" " " \ +"Pacific/Guam" " " \ +"Pacific/Honolulu" " " \ +"Pacific/Johnston" " " \ +"Pacific/Kiritimati" " " \ +"Pacific/Kosrae" " " \ +"Pacific/Kwajalein" " " \ +"Pacific/Majuro" " " \ +"Pacific/Marquesas" " " \ +"Pacific/Midway" " " \ +"Pacific/Nauru" " " \ +"Pacific/Niue" " " \ +"Pacific/Norfolk" " " \ +"Pacific/Noumea" " " \ +"Pacific/Pago_Pago" " " \ +"Pacific/Palau" " " \ +"Pacific/Pitcairn" " " \ +"Pacific/Pohnpei" " " \ +"Pacific/Ponape" " " \ +"Pacific/Port_Moresby" " " \ +"Pacific/Rarotonga" " " \ +"Pacific/Saipan" " " \ +"Pacific/Samoa" " " \ +"Pacific/Tahiti" " " \ +"Pacific/Tarawa" " " \ +"Pacific/Tongatapu" " " \ +"Pacific/Truk" " " \ +"Pacific/Wake" " " \ +"Pacific/Wallis" " " \ +"Pacific/Yap" " " \ +"Poland" " " \ +"Portugal" " " \ +"ROC" " " \ +"ROK" " " \ +"Singapore" " " \ +"Turkey" " " \ +"UCT" " " \ +"UTC" " " \ +"Universal" " " \ +"W-SU" " " \ +"WET" " " \ +"Zulu" " " \ +"posixrules" " " \ + 2> $TMP/tz + + if [ $? = 1 -o $? = 255 ]; then + rm -f $TMP/tz + exit + fi + + TIMEZONE="`cat $TMP/tz`" + rm -f $TMP/tz + + setzone $TIMEZONE + exit +else + ### + ### use text prompts + ### + while [ 0 ]; do + echo -n "Would you like to configure your timezone ([y]es, [n]o)? " + read TIMECONF; + echo + + if [ "$TIMECONF" = "n" ]; then + break + fi + + cat << EOF +Select one of these timezones: + +US/Alaska +US/Aleutian +US/Arizona +US/Central +US/East-Indiana +US/Eastern +US/Hawaii +US/Indiana-Starke +US/Michigan +US/Mountain +US/Pacific +US/Pacific-New +US/Samoa +Africa/Abidjan +Africa/Accra +Africa/Addis_Ababa +Africa/Algiers +Africa/Asmara +Africa/Asmera +Africa/Bamako +Africa/Bangui +Africa/Banjul +Africa/Bissau +Africa/Blantyre +Africa/Brazzaville +Africa/Bujumbura +Africa/Cairo +Africa/Casablanca +Africa/Ceuta +Africa/Conakry +Africa/Dakar +Africa/Dar_es_Salaam +Africa/Djibouti +Africa/Douala +Africa/El_Aaiun +Africa/Freetown +Africa/Gaborone +Africa/Harare +Africa/Johannesburg +Africa/Juba +Africa/Kampala +Africa/Khartoum +Africa/Kigali +Africa/Kinshasa +Africa/Lagos +Africa/Libreville +Africa/Lome +Africa/Luanda +Africa/Lubumbashi +Africa/Lusaka +Africa/Malabo +Africa/Maputo +Africa/Maseru +Africa/Mbabane +Africa/Mogadishu +Africa/Monrovia +Africa/Nairobi +Africa/Ndjamena +Africa/Niamey +Africa/Nouakchott +Africa/Ouagadougou +Africa/Porto-Novo +Africa/Sao_Tome +Africa/Timbuktu +Africa/Tripoli +Africa/Tunis +Africa/Windhoek +America/Adak +America/Anchorage +America/Anguilla +America/Antigua +America/Araguaina +America/Argentina/Buenos_Aires +America/Argentina/Catamarca +America/Argentina/ComodRivadavia +America/Argentina/Cordoba +America/Argentina/Jujuy +America/Argentina/La_Rioja +America/Argentina/Mendoza +America/Argentina/Rio_Gallegos +America/Argentina/Salta +America/Argentina/San_Juan +America/Argentina/San_Luis +America/Argentina/Tucuman +America/Argentina/Ushuaia +America/Aruba +America/Asuncion +America/Atikokan +America/Atka +America/Bahia +America/Bahia_Banderas +America/Barbados +America/Belem +America/Belize +America/Blanc-Sablon +America/Boa_Vista +America/Bogota +America/Boise +America/Buenos_Aires +America/Cambridge_Bay +America/Campo_Grande +America/Cancun +America/Caracas +America/Catamarca +America/Cayenne +America/Cayman +America/Chicago +America/Chihuahua +America/Coral_Harbour +America/Cordoba +America/Costa_Rica +America/Creston +America/Cuiaba +America/Curacao +America/Danmarkshavn +America/Dawson +America/Dawson_Creek +America/Denver +America/Detroit +America/Dominica +America/Edmonton +America/Eirunepe +America/El_Salvador +America/Ensenada +America/Fort_Nelson +America/Fort_Wayne +America/Fortaleza +America/Glace_Bay +America/Godthab +America/Goose_Bay +America/Grand_Turk +America/Grenada +America/Guadeloupe +America/Guatemala +America/Guayaquil +America/Guyana +America/Halifax +America/Havana +America/Hermosillo +America/Indiana/Indianapolis +America/Indiana/Knox +America/Indiana/Marengo +America/Indiana/Petersburg +America/Indiana/Tell_City +America/Indiana/Vevay +America/Indiana/Vincennes +America/Indiana/Winamac +America/Indianapolis +America/Inuvik +America/Iqaluit +America/Jamaica +America/Jujuy +America/Juneau +America/Kentucky/Louisville +America/Kentucky/Monticello +America/Knox_IN +America/Kralendijk +America/La_Paz +America/Lima +America/Los_Angeles +America/Louisville +America/Lower_Princes +America/Maceio +America/Managua +America/Manaus +America/Marigot +America/Martinique +America/Matamoros +America/Mazatlan +America/Mendoza +America/Menominee +America/Merida +America/Metlakatla +America/Mexico_City +America/Miquelon +America/Moncton +America/Monterrey +America/Montevideo +America/Montreal +America/Montserrat +America/Nassau +America/New_York +America/Nipigon +America/Nome +America/Noronha +America/North_Dakota/Beulah +America/North_Dakota/Center +America/North_Dakota/New_Salem +America/Ojinaga +America/Panama +America/Pangnirtung +America/Paramaribo +America/Phoenix +America/Port-au-Prince +America/Port_of_Spain +America/Porto_Acre +America/Porto_Velho +America/Puerto_Rico +America/Rainy_River +America/Rankin_Inlet +America/Recife +America/Regina +America/Resolute +America/Rio_Branco +America/Rosario +America/Santa_Isabel +America/Santarem +America/Santiago +America/Santo_Domingo +America/Sao_Paulo +America/Scoresbysund +America/Shiprock +America/Sitka +America/St_Barthelemy +America/St_Johns +America/St_Kitts +America/St_Lucia +America/St_Thomas +America/St_Vincent +America/Swift_Current +America/Tegucigalpa +America/Thule +America/Thunder_Bay +America/Tijuana +America/Toronto +America/Tortola +America/Vancouver +America/Virgin +America/Whitehorse +America/Winnipeg +America/Yakutat +America/Yellowknife +Antarctica/Casey +Antarctica/Davis +Antarctica/DumontDUrville +Antarctica/Macquarie +Antarctica/Mawson +Antarctica/McMurdo +Antarctica/Palmer +Antarctica/Rothera +Antarctica/South_Pole +Antarctica/Syowa +Antarctica/Troll +Antarctica/Vostok +Arctic/Longyearbyen +Asia/Aden +Asia/Almaty +Asia/Amman +Asia/Anadyr +Asia/Aqtau +Asia/Aqtobe +Asia/Ashgabat +Asia/Ashkhabad +Asia/Baghdad +Asia/Bahrain +Asia/Baku +Asia/Bangkok +Asia/Beirut +Asia/Bishkek +Asia/Brunei +Asia/Calcutta +Asia/Chita +Asia/Choibalsan +Asia/Chongqing +Asia/Chungking +Asia/Colombo +Asia/Dacca +Asia/Damascus +Asia/Dhaka +Asia/Dili +Asia/Dubai +Asia/Dushanbe +Asia/Gaza +Asia/Harbin +Asia/Hebron +Asia/Ho_Chi_Minh +Asia/Hong_Kong +Asia/Hovd +Asia/Irkutsk +Asia/Istanbul +Asia/Jakarta +Asia/Jayapura +Asia/Jerusalem +Asia/Kabul +Asia/Kamchatka +Asia/Karachi +Asia/Kashgar +Asia/Kathmandu +Asia/Katmandu +Asia/Khandyga +Asia/Kolkata +Asia/Krasnoyarsk +Asia/Kuala_Lumpur +Asia/Kuching +Asia/Kuwait +Asia/Macao +Asia/Macau +Asia/Magadan +Asia/Makassar +Asia/Manila +Asia/Muscat +Asia/Nicosia +Asia/Novokuznetsk +Asia/Novosibirsk +Asia/Omsk +Asia/Oral +Asia/Phnom_Penh +Asia/Pontianak +Asia/Pyongyang +Asia/Qatar +Asia/Qyzylorda +Asia/Rangoon +Asia/Riyadh +Asia/Saigon +Asia/Sakhalin +Asia/Samarkand +Asia/Seoul +Asia/Shanghai +Asia/Singapore +Asia/Srednekolymsk +Asia/Taipei +Asia/Tashkent +Asia/Tbilisi +Asia/Tehran +Asia/Tel_Aviv +Asia/Thimbu +Asia/Thimphu +Asia/Tokyo +Asia/Ujung_Pandang +Asia/Ulaanbaatar +Asia/Ulan_Bator +Asia/Urumqi +Asia/Ust-Nera +Asia/Vientiane +Asia/Vladivostok +Asia/Yakutsk +Asia/Yekaterinburg +Asia/Yerevan +Atlantic/Azores +Atlantic/Bermuda +Atlantic/Canary +Atlantic/Cape_Verde +Atlantic/Faeroe +Atlantic/Faroe +Atlantic/Jan_Mayen +Atlantic/Madeira +Atlantic/Reykjavik +Atlantic/South_Georgia +Atlantic/St_Helena +Atlantic/Stanley +Australia/ACT +Australia/Adelaide +Australia/Brisbane +Australia/Broken_Hill +Australia/Canberra +Australia/Currie +Australia/Darwin +Australia/Eucla +Australia/Hobart +Australia/LHI +Australia/Lindeman +Australia/Lord_Howe +Australia/Melbourne +Australia/NSW +Australia/North +Australia/Perth +Australia/Queensland +Australia/South +Australia/Sydney +Australia/Tasmania +Australia/Victoria +Australia/West +Australia/Yancowinna +Brazil/Acre +Brazil/DeNoronha +Brazil/East +Brazil/West +CET +CST6CDT +Canada/Atlantic +Canada/Central +Canada/East-Saskatchewan +Canada/Eastern +Canada/Mountain +Canada/Newfoundland +Canada/Pacific +Canada/Saskatchewan +Canada/Yukon +Chile/Continental +Chile/EasterIsland +Cuba +EET +EST +EST5EDT +Egypt +Eire +Etc/GMT +Etc/GMT+0 +Etc/GMT+1 +Etc/GMT+10 +Etc/GMT+11 +Etc/GMT+12 +Etc/GMT+2 +Etc/GMT+3 +Etc/GMT+4 +Etc/GMT+5 +Etc/GMT+6 +Etc/GMT+7 +Etc/GMT+8 +Etc/GMT+9 +Etc/GMT-0 +Etc/GMT-1 +Etc/GMT-10 +Etc/GMT-11 +Etc/GMT-12 +Etc/GMT-13 +Etc/GMT-14 +Etc/GMT-2 +Etc/GMT-3 +Etc/GMT-4 +Etc/GMT-5 +Etc/GMT-6 +Etc/GMT-7 +Etc/GMT-8 +Etc/GMT-9 +Etc/GMT0 +Etc/Greenwich +Etc/UCT +Etc/UTC +Etc/Universal +Etc/Zulu +Europe/Amsterdam +Europe/Andorra +Europe/Athens +Europe/Belfast +Europe/Belgrade +Europe/Berlin +Europe/Bratislava +Europe/Brussels +Europe/Bucharest +Europe/Budapest +Europe/Busingen +Europe/Chisinau +Europe/Copenhagen +Europe/Dublin +Europe/Gibraltar +Europe/Guernsey +Europe/Helsinki +Europe/Isle_of_Man +Europe/Istanbul +Europe/Jersey +Europe/Kaliningrad +Europe/Kiev +Europe/Lisbon +Europe/Ljubljana +Europe/London +Europe/Luxembourg +Europe/Madrid +Europe/Malta +Europe/Mariehamn +Europe/Minsk +Europe/Monaco +Europe/Moscow +Europe/Nicosia +Europe/Oslo +Europe/Paris +Europe/Podgorica +Europe/Prague +Europe/Riga +Europe/Rome +Europe/Samara +Europe/San_Marino +Europe/Sarajevo +Europe/Simferopol +Europe/Skopje +Europe/Sofia +Europe/Stockholm +Europe/Tallinn +Europe/Tirane +Europe/Tiraspol +Europe/Uzhgorod +Europe/Vaduz +Europe/Vatican +Europe/Vienna +Europe/Vilnius +Europe/Volgograd +Europe/Warsaw +Europe/Zagreb +Europe/Zaporozhye +Europe/Zurich +Factory +GB +GB-Eire +GMT +GMT+0 +GMT-0 +GMT0 +Greenwich +HST +Hongkong +Iceland +Indian/Antananarivo +Indian/Chagos +Indian/Christmas +Indian/Cocos +Indian/Comoro +Indian/Kerguelen +Indian/Mahe +Indian/Maldives +Indian/Mauritius +Indian/Mayotte +Indian/Reunion +Iran +Israel +Jamaica +Japan +Kwajalein +Libya +MET +MST +MST7MDT +Mexico/BajaNorte +Mexico/BajaSur +Mexico/General +NZ +NZ-CHAT +Navajo +PRC +PST8PDT +Pacific/Apia +Pacific/Auckland +Pacific/Bougainville +Pacific/Chatham +Pacific/Chuuk +Pacific/Easter +Pacific/Efate +Pacific/Enderbury +Pacific/Fakaofo +Pacific/Fiji +Pacific/Funafuti +Pacific/Galapagos +Pacific/Gambier +Pacific/Guadalcanal +Pacific/Guam +Pacific/Honolulu +Pacific/Johnston +Pacific/Kiritimati +Pacific/Kosrae +Pacific/Kwajalein +Pacific/Majuro +Pacific/Marquesas +Pacific/Midway +Pacific/Nauru +Pacific/Niue +Pacific/Norfolk +Pacific/Noumea +Pacific/Pago_Pago +Pacific/Palau +Pacific/Pitcairn +Pacific/Pohnpei +Pacific/Ponape +Pacific/Port_Moresby +Pacific/Rarotonga +Pacific/Saipan +Pacific/Samoa +Pacific/Tahiti +Pacific/Tarawa +Pacific/Tongatapu +Pacific/Truk +Pacific/Wake +Pacific/Wallis +Pacific/Yap +Poland +Portugal +ROC +ROK +Singapore +Turkey +UCT +UTC +Universal +W-SU +WET +Zulu +posixrules + +Type it at the prompt below exactly as it appears above. (NOTE: If you don't +see your timezone, use "timeconfig" again after booting for the verbose list) + +EOF + echo -n "Timezone? " + read TIMEZONE; + echo + + if [ -n "$TIMEZONE" -a \ + -r $T_PX/usr/share/zoneinfo/$TIMEZONE -o \ + -r /var/log/mount/usr/share/zoneinfo/$TIMEZONE -o \ + -L $T_PX/usr/share/zoneinfo/$TIMEZONE -o \ + -L /var/log/mount/usr/share/zoneinfo/$TIMEZONE ]; then + echo "Creating link from $TIMEZONE to localtime in /etc..." + echo + setzone $TIMEZONE + exit + else + cat << EOF + +Timezone $TIMEZONE could not be found. You may try again if you wish. +Make sure you type the name exactly as it appears - this configuration script +is case sensitive. + +Press [enter] to continue. + +EOF + read JUNK; + fi + done +fi + diff --git a/patches/source/glibc/doinst.sh-glibc b/patches/source/glibc/doinst.sh-glibc new file mode 100644 index 000000000..e85810f7a --- /dev/null +++ b/patches/source/glibc/doinst.sh-glibc @@ -0,0 +1,193 @@ +#!/bin/sh +# Copyright (C) 2002, 2005 Slackware Linux, Inc. +# Copyright 2005, 2006, 2007 Patrick J. Volkerding, Sebeka, Minnesota, USA +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# Swap glibc on the fly. +# +# If we're on a running system we have to handle this _very_ carefully. :-) +# The tricks involved here get trickier every time... + +# OK, now we have to be sure of a few things. First, you do have a 2.6 +# kernel running, right? + +if [ -r /proc/ksyms ]; then + echo "FATAL: you need to be running a 2.6.x kernel in order to upgrade" + echo "to this version of glibc." + echo + sleep 999 + exit 1 +fi + +# Next, stop using the /lib/ntpl libraries. These are now obsolete and +# will break the installation if present: +if [ -d lib/tls ]; then + mkdir -p lib/obsolete + mv lib/tls lib/obsolete +fi +if [ -x sbin/ldconfig ]; then + sbin/ldconfig -r . +fi + +# Install NPTL glibc libraries: +if [ -x /sbin/ldconfig -a -d lib/incoming ]; then # swap on the fly + # First create copies of the incoming libraries: + ( cd lib/incoming + for file in * ; do + if [ ! -r ../${file}.incoming ]; then + cp -a $file ../${file}.incoming + fi + done + ) + # Then switch to them all at once: + /sbin/ldconfig -l lib/*.incoming 2> /dev/null + # Finally, rename them and clean up: + ( cd lib + for file in *.incoming ; do + rm -f `basename $file .incoming` + cp -a $file `basename $file .incoming` + /sbin/ldconfig -l `basename $file .incoming` + rm -f $file + done + ) +else # no ldconfig? Good, it's safe to just jam it on home (and make links below): + ( cd lib/incoming + for file in * ; do + cp -a $file .. + done + ) +fi +# Now, get rid of the temporary directory: +rm -rf lib/incoming +# Done installing NPTL glibc libraries. + +# Timezone stuff: +if [ -L etc/localtime -a ! -r etc/localtime-copied-from ]; then + mv etc/localtime etc/localtime-copied-from + chroot . /bin/cp etc/localtime-copied-from etc/localtime +fi +# Add the default timezone in /etc, if none exists: +if [ ! -r etc/localtime ]; then + ( cd etc ; rm -rf localtime localtime-copied-from ) + ( cd etc ; ln -sf /usr/share/zoneinfo/Factory localtime-copied-from ) + chroot . /bin/cp etc/localtime-copied-from etc/localtime +fi +# Add the default link in /usr/share/zoneinfo, if none exists: +if [ ! -L usr/share/zoneinfo/localtime ]; then + ( cd usr/share/zoneinfo ; rm -rf localtime ) + ( cd usr/share/zoneinfo ; ln -sf /etc/localtime localtime ) +fi +( cd usr/share/zoneinfo ; rm -rf timeconfig ) +( cd usr/share/zoneinfo ; ln -sf /usr/sbin/timeconfig timeconfig ) + +# Handle config files: +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/nscd.conf.new +config etc/profile.d/glibc.csh.new +config etc/profile.d/glibc.sh.new +# Clearly you already decided this issue. :-) +rm -f etc/profile.d/glibc.csh.new +rm -f etc/profile.d/glibc.sh.new + +# In case there's no ldconfig, make the links manually: +if [ ! -x /sbin/ldconfig ]; then +# linuxthreads: +( cd lib ; rm -rf libnss_nis.so.2 ) +( cd lib ; ln -sf libnss_nis-2.9.so libnss_nis.so.2 ) +( cd lib ; rm -rf libm.so.6 ) +( cd lib ; ln -sf libm-2.9.so libm.so.6 ) +( cd lib ; rm -rf libnss_files.so.2 ) +( cd lib ; ln -sf libnss_files-2.9.so libnss_files.so.2 ) +( cd lib ; rm -rf libresolv.so.2 ) +( cd lib ; ln -sf libresolv-2.9.so libresolv.so.2 ) +( cd lib ; rm -rf libnsl.so.1 ) +( cd lib ; ln -sf libnsl-2.9.so libnsl.so.1 ) +( cd lib ; rm -rf libutil.so.1 ) +( cd lib ; ln -sf libutil-2.9.so libutil.so.1 ) +( cd lib ; rm -rf libnss_compat.so.2 ) +( cd lib ; ln -sf libnss_compat-2.9.so libnss_compat.so.2 ) +( cd lib ; rm -rf libthread_db.so.1 ) +( cd lib ; ln -sf libthread_db-1.0.so libthread_db.so.1 ) +( cd lib ; rm -rf libnss_hesiod.so.2 ) +( cd lib ; ln -sf libnss_hesiod-2.9.so libnss_hesiod.so.2 ) +( cd lib ; rm -rf libanl.so.1 ) +( cd lib ; ln -sf libanl-2.9.so libanl.so.1 ) +( cd lib ; rm -rf libcrypt.so.1 ) +( cd lib ; ln -sf libcrypt-2.9.so libcrypt.so.1 ) +( cd lib ; rm -rf libBrokenLocale.so.1 ) +( cd lib ; ln -sf libBrokenLocale-2.9.so libBrokenLocale.so.1 ) +( cd lib ; rm -rf ld-linux.so.2 ) +( cd lib ; ln -sf ld-2.9.so ld-linux.so.2 ) +( cd lib ; rm -rf libdl.so.2 ) +( cd lib ; ln -sf libdl-2.9.so libdl.so.2 ) +( cd lib ; rm -rf libnss_dns.so.2 ) +( cd lib ; ln -sf libnss_dns-2.9.so libnss_dns.so.2 ) +( cd lib ; rm -rf libpthread.so.0 ) +( cd lib ; ln -sf libpthread-2.9.so libpthread.so.0 ) +( cd lib ; rm -rf libnss_nisplus.so.2 ) +( cd lib ; ln -sf libnss_nisplus-2.9.so libnss_nisplus.so.2 ) +( cd lib ; rm -rf libc.so.6 ) +( cd lib ; ln -sf libc-2.9.so libc.so.6 ) +( cd lib ; rm -rf librt.so.1 ) +( cd lib ; ln -sf librt-2.9.so librt.so.1 ) +fi + +# More links: +( cd usr/lib ; rm -rf libnss_nisplus.so ) +( cd usr/lib ; ln -sf ../../lib/libnss_nisplus.so.2 libnss_nisplus.so ) +# This is now a linker script: +#( cd usr/lib ; rm -rf libpthread.so ) +#( cd usr/lib ; ln -sf ../../lib/libpthread.so.0 libpthread.so ) +( cd usr/lib ; rm -rf libresolv.so ) +( cd usr/lib ; ln -sf ../../lib/libresolv.so.2 libresolv.so ) +( cd usr/lib ; rm -rf libnsl.so ) +( cd usr/lib ; ln -sf ../../lib/libnsl.so.1 libnsl.so ) +( cd usr/lib ; rm -rf libnss_hesiod.so ) +( cd usr/lib ; ln -sf ../../lib/libnss_hesiod.so.2 libnss_hesiod.so ) +( cd usr/lib ; rm -rf libnss_files.so ) +( cd usr/lib ; ln -sf ../../lib/libnss_files.so.2 libnss_files.so ) +( cd usr/lib ; rm -rf libm.so ) +( cd usr/lib ; ln -sf ../../lib/libm.so.6 libm.so ) +( cd usr/lib ; rm -rf libutil.so ) +( cd usr/lib ; ln -sf ../../lib/libutil.so.1 libutil.so ) +( cd usr/lib ; rm -rf libnss_compat.so ) +( cd usr/lib ; ln -sf ../../lib/libnss_compat.so.2 libnss_compat.so ) +( cd usr/lib ; rm -rf libthread_db.so ) +( cd usr/lib ; ln -sf ../../lib/libthread_db.so.1 libthread_db.so ) +( cd usr/lib ; rm -rf libcrypt.so ) +( cd usr/lib ; ln -sf ../../lib/libcrypt.so.1 libcrypt.so ) +( cd usr/lib ; rm -rf libBrokenLocale.so ) +( cd usr/lib ; ln -sf ../../lib/libBrokenLocale.so.1 libBrokenLocale.so ) +( cd usr/lib ; rm -rf libdl.so ) +( cd usr/lib ; ln -sf ../../lib/libdl.so.2 libdl.so ) +( cd usr/lib ; rm -rf libnss_dns.so ) +( cd usr/lib ; ln -sf ../../lib/libnss_dns.so.2 libnss_dns.so ) +( cd usr/lib ; rm -rf librt.so ) +( cd usr/lib ; ln -sf ../../lib/librt.so.1 librt.so ) +( cd usr/lib ; rm -rf libanl.so ) +( cd usr/lib ; ln -sf ../../lib/libanl.so.1 libanl.so ) +( cd usr/lib ; rm -rf libnss_nis.so ) +( cd usr/lib ; ln -sf ../../lib/libnss_nis.so.2 libnss_nis.so ) +( cd usr/share/zoneinfo ; rm -rf localtime ) +( cd usr/share/zoneinfo ; ln -sf /etc/localtime localtime ) +( cd bin ; rm -rf sln ) +( cd bin ; ln -sf /sbin/sln sln ) diff --git a/patches/source/glibc/doinst.sh-glibc-solibs b/patches/source/glibc/doinst.sh-glibc-solibs new file mode 100644 index 000000000..bfc7ad85c --- /dev/null +++ b/patches/source/glibc/doinst.sh-glibc-solibs @@ -0,0 +1,132 @@ +#!/bin/sh +# Copyright (C) 2002, 2005 Slackware Linux, Inc. +# Copyright 2005, 2006 Patrick J. Volkerding, Sebeka, Minnesota, USA +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# Swap glibc on the fly. +# +# If we're on a running system we have to handle this _very_ carefully. :-) +# The tricks involved here get trickier every time... + +# OK, now we have to be sure of a few things. First, you do have a 2.6 +# kernel running, right? + +if [ -r /proc/ksyms ]; then + echo "FATAL: you need to be running a 2.6.x kernel in order to upgrade" + echo "to this version of glibc." + echo + sleep 999 + exit 1 +fi + +# Next, stop using the /lib/ntpl libraries. These are now obsolete and +# will break the installation if present: +if [ -d lib/tls ]; then + mkdir -p lib/obsolete + mv lib/tls lib/obsolete +fi +if [ -x sbin/ldconfig ]; then + sbin/ldconfig -r . +fi + +# Install NPTL glibc libraries: +if [ -x /sbin/ldconfig -a -d lib/incoming ]; then # swap on the fly + # First create copies of the incoming libraries: + ( cd lib/incoming + for file in * ; do + if [ ! -r ../${file}.incoming ]; then + cp -a $file ../${file}.incoming + fi + done + ) + # Then switch to them all at once: + /sbin/ldconfig -l lib/*.incoming 2> /dev/null + # Finally, rename them and clean up: + ( cd lib + for file in *.incoming ; do + rm -f `basename $file .incoming` + cp -a $file `basename $file .incoming` + /sbin/ldconfig -l `basename $file .incoming` + rm -f $file + done + ) +else # no ldconfig? Good, it's safe to just jam it on home (and make links below): + ( cd lib/incoming + for file in * ; do + cp -a $file .. + done + ) +fi +# Now, get rid of the temporary directory: +rm -rf lib/incoming +# Done installing NPTL glibc libraries. + +# Handle config files: +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/profile.d/glibc.csh.new +config etc/profile.d/glibc.sh.new +# Clearly you already decided this issue. :-) +rm -f etc/profile.d/glibc.csh.new +rm -f etc/profile.d/glibc.sh.new + +# In case there's no ldconfig, make the links manually: +if [ ! -x /sbin/ldconfig ]; then +# linuxthreads: +( cd lib ; rm -rf libnss_nis.so.2 ) +( cd lib ; ln -sf libnss_nis-2.9.so libnss_nis.so.2 ) +( cd lib ; rm -rf libm.so.6 ) +( cd lib ; ln -sf libm-2.9.so libm.so.6 ) +( cd lib ; rm -rf libnss_files.so.2 ) +( cd lib ; ln -sf libnss_files-2.9.so libnss_files.so.2 ) +( cd lib ; rm -rf libresolv.so.2 ) +( cd lib ; ln -sf libresolv-2.9.so libresolv.so.2 ) +( cd lib ; rm -rf libnsl.so.1 ) +( cd lib ; ln -sf libnsl-2.9.so libnsl.so.1 ) +( cd lib ; rm -rf libutil.so.1 ) +( cd lib ; ln -sf libutil-2.9.so libutil.so.1 ) +( cd lib ; rm -rf libnss_compat.so.2 ) +( cd lib ; ln -sf libnss_compat-2.9.so libnss_compat.so.2 ) +( cd lib ; rm -rf libthread_db.so.1 ) +( cd lib ; ln -sf libthread_db-1.0.so libthread_db.so.1 ) +( cd lib ; rm -rf libnss_hesiod.so.2 ) +( cd lib ; ln -sf libnss_hesiod-2.9.so libnss_hesiod.so.2 ) +( cd lib ; rm -rf libanl.so.1 ) +( cd lib ; ln -sf libanl-2.9.so libanl.so.1 ) +( cd lib ; rm -rf libcrypt.so.1 ) +( cd lib ; ln -sf libcrypt-2.9.so libcrypt.so.1 ) +( cd lib ; rm -rf libBrokenLocale.so.1 ) +( cd lib ; ln -sf libBrokenLocale-2.9.so libBrokenLocale.so.1 ) +( cd lib ; rm -rf ld-linux.so.2 ) +( cd lib ; ln -sf ld-2.9.so ld-linux.so.2 ) +( cd lib ; rm -rf libdl.so.2 ) +( cd lib ; ln -sf libdl-2.9.so libdl.so.2 ) +( cd lib ; rm -rf libnss_dns.so.2 ) +( cd lib ; ln -sf libnss_dns-2.9.so libnss_dns.so.2 ) +( cd lib ; rm -rf libpthread.so.0 ) +( cd lib ; ln -sf libpthread-2.9.so libpthread.so.0 ) +( cd lib ; rm -rf libnss_nisplus.so.2 ) +( cd lib ; ln -sf libnss_nisplus-2.9.so libnss_nisplus.so.2 ) +( cd lib ; rm -rf libc.so.6 ) +( cd lib ; ln -sf libc-2.9.so libc.so.6 ) +( cd lib ; rm -rf librt.so.1 ) +( cd lib ; ln -sf librt-2.9.so librt.so.1 ) +fi diff --git a/patches/source/glibc/doinst.sh-glibc-zoneinfo b/patches/source/glibc/doinst.sh-glibc-zoneinfo new file mode 100644 index 000000000..7afabf898 --- /dev/null +++ b/patches/source/glibc/doinst.sh-glibc-zoneinfo @@ -0,0 +1,23 @@ +# Prep the library links: +ldconfig -r . +# Fix existing old style /etc/localtime symlink: +if [ -L etc/localtime -a ! -r etc/localtime-copied-from ]; then + mv etc/localtime etc/localtime-copied-from + chroot . /bin/cp etc/localtime-copied-from etc/localtime +fi +# Add the default timezone in /etc, if none exists: +if [ ! -r etc/localtime ]; then + ( cd etc ; rm -rf localtime localtime-copied-from ) + ( cd etc ; ln -sf /usr/share/zoneinfo/Factory localtime-copied-from ) + chroot . /bin/cp etc/localtime-copied-from etc/localtime +fi +# Add the default link in /usr/share/zoneinfo, if none exists: +if [ ! -L usr/share/zoneinfo/localtime ]; then + ( cd usr/share/zoneinfo ; rm -rf localtime ) + ( cd usr/share/zoneinfo ; ln -sf /etc/localtime localtime ) +fi +# Make sure /etc/localtime is updated: +chroot . /bin/cp etc/localtime-copied-from etc/localtime +( cd usr/share/zoneinfo ; rm -rf timeconfig ) +( cd usr/share/zoneinfo ; ln -sf /usr/sbin/timeconfig timeconfig ) +### Make the rest of the symbolic links in the zoneinfo database: diff --git a/patches/source/glibc/glibc-2.10-dns-no-gethostbyname4.diff b/patches/source/glibc/glibc-2.10-dns-no-gethostbyname4.diff new file mode 100644 index 000000000..3fa365afa --- /dev/null +++ b/patches/source/glibc/glibc-2.10-dns-no-gethostbyname4.diff @@ -0,0 +1,26 @@ +The gethostbyname4() lookup method is problematic since it fires out both +the A and AAAA DNS queries in parallel and over the same socket. This +should work in theory, but it turns out that many cheap DSL modems and +similar devices have buggy DNS servers - if the AAAA query arrives too +quickly after the A query, the server will generate only a single reply +with the A query id but returning an error for the AAAA query; we get +stuck waiting for the second reply. + +For gethostbyname4() users affected, disabling IPv6 in the system might +work around the issue, unfortunately it only helps with applications +using AI_ADDRCONFIG (e.g. Firefox); some (notably e.g. Pidgin) neglect +to do that. + +Real fix should be using separate ports for the A and AAAA queries. + +--- resolv/Versions 2008-08-02 10:26:09.000000000 +0200 ++++ resolv/Versions 2008-12-08 12:51:53.000000000 +0100 +@@ -102,7 +102,7 @@ libnss_dns { + _nss_dns_gethostbyname_r; _nss_dns_getnetbyaddr_r; + _nss_dns_getnetbyname_r; _nss_dns_getcanonname_r; + _nss_dns_gethostbyaddr2_r; +- _nss_dns_gethostbyname4_r; ++# _nss_dns_gethostbyname4_r; + } + } + diff --git a/patches/source/glibc/glibc-cvs-checkout.sh b/patches/source/glibc/glibc-cvs-checkout.sh new file mode 100755 index 000000000..022d0117b --- /dev/null +++ b/patches/source/glibc/glibc-cvs-checkout.sh @@ -0,0 +1,3 @@ +echo "The password below is \"anoncvs\":" +cvs -z 9 -d :pserver:anoncvs@sources.redhat.com:/cvs/glibc login +cvs -z 9 -d :pserver:anoncvs@sources.redhat.com:/cvs/glibc co libc diff --git a/patches/source/glibc/glibc.CVE-2010-3847.diff b/patches/source/glibc/glibc.CVE-2010-3847.diff new file mode 100644 index 000000000..89af16fa9 --- /dev/null +++ b/patches/source/glibc/glibc.CVE-2010-3847.diff @@ -0,0 +1,70 @@ +--- ./elf/dl-load.c.orig 2010-07-27 06:34:39.000000000 -0500 ++++ ./elf/dl-load.c 2010-10-19 12:30:16.366002034 -0500 +@@ -169,8 +169,7 @@ + + + static size_t +-is_dst (const char *start, const char *name, const char *str, +- int is_path, int secure) ++is_dst (const char *start, const char *name, const char *str, int is_path) + { + size_t len; + bool is_curly = false; +@@ -199,11 +198,6 @@ + && (!is_path || name[len] != ':')) + return 0; + +- if (__builtin_expect (secure, 0) +- && ((name[len] != '\0' && (!is_path || name[len] != ':')) +- || (name != start + 1 && (!is_path || name[-2] != ':')))) +- return 0; +- + return len; + } + +@@ -218,13 +212,12 @@ + { + size_t len; + +- /* $ORIGIN is not expanded for SUID/GUID programs (except if it +- is $ORIGIN alone) and it must always appear first in path. */ ++ /* $ORIGIN is not expanded for SUID/GUID programs. */ + ++name; +- if ((len = is_dst (start, name, "ORIGIN", is_path, +- INTUSE(__libc_enable_secure))) != 0 +- || (len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0 +- || (len = is_dst (start, name, "LIB", is_path, 0)) != 0) ++ if (((len = is_dst (start, name, "ORIGIN", is_path)) != 0 ++ && !INTUSE(__libc_enable_secure)) ++ || (len = is_dst (start, name, "PLATFORM", is_path)) != 0 ++ || (len = is_dst (start, name, "LIB", is_path)) != 0) + ++cnt; + + name = strchr (name + len, '$'); +@@ -256,9 +249,12 @@ + size_t len; + + ++name; +- if ((len = is_dst (start, name, "ORIGIN", is_path, +- INTUSE(__libc_enable_secure))) != 0) ++ if ((len = is_dst (start, name, "ORIGIN", is_path)) != 0) + { ++ /* Ignore this path element in SUID/SGID programs. */ ++ if (INTUSE(__libc_enable_secure)) ++ repl = (const char *) -1; ++ else + #ifndef SHARED + if (l == NULL) + repl = _dl_get_origin (); +@@ -266,9 +262,9 @@ + #endif + repl = l->l_origin; + } +- else if ((len = is_dst (start, name, "PLATFORM", is_path, 0)) != 0) ++ else if ((len = is_dst (start, name, "PLATFORM", is_path)) != 0) + repl = GLRO(dl_platform); +- else if ((len = is_dst (start, name, "LIB", is_path, 0)) != 0) ++ else if ((len = is_dst (start, name, "LIB", is_path)) != 0) + repl = DL_DST_LIB; + + if (repl != NULL && repl != (const char *) -1) diff --git a/patches/source/glibc/glibc.CVE-2010-3856.diff b/patches/source/glibc/glibc.CVE-2010-3856.diff new file mode 100644 index 000000000..49b452962 --- /dev/null +++ b/patches/source/glibc/glibc.CVE-2010-3856.diff @@ -0,0 +1,188 @@ +--- ./include/dlfcn.h.orig 2005-06-12 11:23:41.000000000 -0500 ++++ ./include/dlfcn.h 2010-10-28 12:16:36.000000000 -0500 +@@ -9,6 +9,7 @@ + #define __RTLD_OPENEXEC 0x20000000 + #define __RTLD_CALLMAP 0x10000000 + #define __RTLD_AUDIT 0x08000000 ++#define __RTLD_SECURE 0x04000000 /* Apply additional security checks. */ + + #define __LM_ID_CALLER -2 + +--- ./elf/dl-deps.c.orig 2006-06-17 11:51:56.000000000 -0500 ++++ ./elf/dl-deps.c 2010-10-28 12:16:36.000000000 -0500 +@@ -60,7 +60,7 @@ + { + struct openaux_args *args = (struct openaux_args *) a; + +- args->aux = _dl_map_object (args->map, args->name, 0, ++ args->aux = _dl_map_object (args->map, args->name, + (args->map->l_type == lt_executable + ? lt_library : args->map->l_type), + args->trace_mode, args->open_mode, +--- ./elf/dl-open.c.orig 2006-08-28 17:56:50.000000000 -0500 ++++ ./elf/dl-open.c 2010-10-28 12:17:30.000000000 -0500 +@@ -245,7 +245,7 @@ + } + + /* Load the named object. */ +- args->map = new = _dl_map_object (call_map, file, 0, lt_loaded, 0, ++ args->map = new = _dl_map_object (call_map, file, lt_loaded, 0, + mode | __RTLD_CALLMAP, args->nsid); + + /* If the pointer returned is NULL this means the RTLD_NOLOAD flag is +--- ./elf/rtld.c.orig 2006-09-29 11:56:15.000000000 -0500 ++++ ./elf/rtld.c 2010-10-28 12:16:36.000000000 -0500 +@@ -578,7 +578,6 @@ + /* Argument to map_doit. */ + char *str; + struct link_map *loader; +- int is_preloaded; + int mode; + /* Return value of map_doit. */ + struct link_map *map; +@@ -616,16 +615,17 @@ + map_doit (void *a) + { + struct map_args *args = (struct map_args *) a; +- args->map = _dl_map_object (args->loader, args->str, +- args->is_preloaded, lt_library, 0, args->mode, +- LM_ID_BASE); ++ args->map = _dl_map_object (args->loader, args->str, lt_library, 0, ++ args->mode, LM_ID_BASE); + } + + static void + dlmopen_doit (void *a) + { + struct dlmopen_args *args = (struct dlmopen_args *) a; +- args->map = _dl_open (args->fname, RTLD_LAZY | __RTLD_DLOPEN | __RTLD_AUDIT, ++ args->map = _dl_open (args->fname, ++ (RTLD_LAZY | __RTLD_DLOPEN | __RTLD_AUDIT ++ | __RTLD_SECURE), + dl_main, LM_ID_NEWLM, _dl_argc, INTUSE(_dl_argv), + __environ); + } +@@ -797,8 +797,7 @@ + + args.str = fname; + args.loader = main_map; +- args.is_preloaded = 1; +- args.mode = 0; ++ args.mode = __RTLD_SECURE; + + unsigned int old_nloaded = GL(dl_ns)[LM_ID_BASE]._ns_nloaded; + +@@ -1018,7 +1017,6 @@ + + args.str = rtld_progname; + args.loader = NULL; +- args.is_preloaded = 0; + args.mode = __RTLD_OPENEXEC; + (void) _dl_catch_error (&objname, &err_str, &malloced, map_doit, + &args); +@@ -1030,7 +1028,7 @@ + else + { + HP_TIMING_NOW (start); +- _dl_map_object (NULL, rtld_progname, 0, lt_library, 0, ++ _dl_map_object (NULL, rtld_progname, lt_library, 0, + __RTLD_OPENEXEC, LM_ID_BASE); + HP_TIMING_NOW (stop); + +--- ./elf/dl-load.c.orig 2010-10-28 12:16:14.000000000 -0500 ++++ ./elf/dl-load.c 2010-10-28 12:16:36.000000000 -0500 +@@ -1798,7 +1798,7 @@ + if MAY_FREE_DIRS is true. */ + + static int +-open_path (const char *name, size_t namelen, int preloaded, ++open_path (const char *name, size_t namelen, int secure, + struct r_search_path_struct *sps, char **realname, + struct filebuf *fbp, struct link_map *loader, int whatcode, + bool *found_other_class) +@@ -1880,7 +1880,7 @@ + /* Remember whether we found any existing directory. */ + here_any |= this_dir->status[cnt] != nonexisting; + +- if (fd != -1 && __builtin_expect (preloaded, 0) ++ if (fd != -1 && __builtin_expect (secure, 0) + && INTUSE(__libc_enable_secure)) + { + /* This is an extra security effort to make sure nobody can +@@ -1950,7 +1950,7 @@ + + struct link_map * + internal_function +-_dl_map_object (struct link_map *loader, const char *name, int preloaded, ++_dl_map_object (struct link_map *loader, const char *name, + int type, int trace_mode, int mode, Lmid_t nsid) + { + int fd; +@@ -2054,7 +2054,8 @@ + for (l = loader; l; l = l->l_loader) + if (cache_rpath (l, &l->l_rpath_dirs, DT_RPATH, "RPATH")) + { +- fd = open_path (name, namelen, preloaded, &l->l_rpath_dirs, ++ fd = open_path (name, namelen, mode & __RTLD_SECURE, ++ &l->l_rpath_dirs, + &realname, &fb, loader, LA_SER_RUNPATH, + &found_other_class); + if (fd != -1) +@@ -2069,14 +2070,15 @@ + && main_map != NULL && main_map->l_type != lt_loaded + && cache_rpath (main_map, &main_map->l_rpath_dirs, DT_RPATH, + "RPATH")) +- fd = open_path (name, namelen, preloaded, &main_map->l_rpath_dirs, ++ fd = open_path (name, namelen, mode & __RTLD_SECURE, ++ &main_map->l_rpath_dirs, + &realname, &fb, loader ?: main_map, LA_SER_RUNPATH, + &found_other_class); + } + + /* Try the LD_LIBRARY_PATH environment variable. */ + if (fd == -1 && env_path_list.dirs != (void *) -1) +- fd = open_path (name, namelen, preloaded, &env_path_list, ++ fd = open_path (name, namelen, mode & __RTLD_SECURE, &env_path_list, + &realname, &fb, + loader ?: GL(dl_ns)[LM_ID_BASE]._ns_loaded, + LA_SER_LIBPATH, &found_other_class); +@@ -2085,12 +2087,12 @@ + if (fd == -1 && loader != NULL + && cache_rpath (loader, &loader->l_runpath_dirs, + DT_RUNPATH, "RUNPATH")) +- fd = open_path (name, namelen, preloaded, ++ fd = open_path (name, namelen, mode & __RTLD_SECURE, + &loader->l_runpath_dirs, &realname, &fb, loader, + LA_SER_RUNPATH, &found_other_class); + + if (fd == -1 +- && (__builtin_expect (! preloaded, 1) ++ && (__builtin_expect (! (mode & __RTLD_SECURE), 1) + || ! INTUSE(__libc_enable_secure))) + { + /* Check the list of libraries in the file /etc/ld.so.cache, +@@ -2156,7 +2158,7 @@ + && ((l = loader ?: GL(dl_ns)[nsid]._ns_loaded) == NULL + || __builtin_expect (!(l->l_flags_1 & DF_1_NODEFLIB), 1)) + && rtld_search_dirs.dirs != (void *) -1) +- fd = open_path (name, namelen, preloaded, &rtld_search_dirs, ++ fd = open_path (name, namelen, mode & __RTLD_SECURE, &rtld_search_dirs, + &realname, &fb, l, LA_SER_DEFAULT, &found_other_class); + + /* Add another newline when we are tracing the library loading. */ +--- ./sysdeps/generic/ldsodefs.h.orig 2006-08-24 15:27:05.000000000 -0500 ++++ ./sysdeps/generic/ldsodefs.h 2010-10-28 12:16:36.000000000 -0500 +@@ -804,11 +804,9 @@ + + /* Open the shared object NAME and map in its segments. + LOADER's DT_RPATH is used in searching for NAME. +- If the object is already opened, returns its existing map. +- For preloaded shared objects PRELOADED is set to a non-zero +- value to allow additional security checks. */ ++ If the object is already opened, returns its existing map. */ + extern struct link_map *_dl_map_object (struct link_map *loader, +- const char *name, int preloaded, ++ const char *name, + int type, int trace_mode, int mode, + Lmid_t nsid) + internal_function attribute_hidden; diff --git a/patches/source/glibc/glibc.CVE-2013-4332.diff b/patches/source/glibc/glibc.CVE-2013-4332.diff new file mode 100644 index 000000000..9f7f5886c --- /dev/null +++ b/patches/source/glibc/glibc.CVE-2013-4332.diff @@ -0,0 +1,64 @@ +From 0d6085cb1b4330b835ad08a3ec8f80b30f0cadb4 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Wed, 11 Sep 2013 +Subject: CVE-2013-4332 + +malloc: Check for integer overflow in pvalloc, valloc, and memalign. + +A large bytes parameter to pvalloc, valloc, or memalign could cause +an integer overflow and corrupt allocator internals. Check the +overflow does not occur before continuing with the allocation. + +Note: This is a backport to glibc 2.17 of the following three commits: + * https://sourceware.org/git/?p=glibc.git;a=commit;h=1159a193696a + * https://sourceware.org/git/?p=glibc.git;a=commit;h=55e17aadc1ef + * https://sourceware.org/git/?p=glibc.git;a=commit;h=b73ed247781d +--- + +malloc.c | 21 +++++++++++++++++++++ + 1 file changed, 21 insertions(+) + +--- a/malloc/malloc.c ++++ b/malloc/malloc.c +@@ -3020,6 +3020,13 @@ __libc_memalign(size_t alignment, size_t + /* Otherwise, ensure that it is at least a minimum chunk size */ + if (alignment < MINSIZE) alignment = MINSIZE; + ++ /* Check for overflow. */ ++ if (bytes > SIZE_MAX - alignment - MINSIZE) ++ { ++ __set_errno (ENOMEM); ++ return 0; ++ } ++ + arena_get(ar_ptr, bytes + alignment + MINSIZE); + if(!ar_ptr) + return 0; +@@ -3051,6 +3058,13 @@ __libc_valloc(size_t bytes) + + size_t pagesz = GLRO(dl_pagesize); + ++ /* Check for overflow. */ ++ if (bytes > SIZE_MAX - pagesz - MINSIZE) ++ { ++ __set_errno (ENOMEM); ++ return 0; ++ } ++ + __malloc_ptr_t (*hook) __MALLOC_PMT ((size_t, size_t, + const __malloc_ptr_t)) = + force_reg (__memalign_hook); +@@ -3088,6 +3102,13 @@ __libc_pvalloc(size_t bytes) + size_t page_mask = GLRO(dl_pagesize) - 1; + size_t rounded_bytes = (bytes + page_mask) & ~(page_mask); + ++ /* Check for overflow. */ ++ if (bytes > SIZE_MAX - 2*pagesz - MINSIZE) ++ { ++ __set_errno (ENOMEM); ++ return 0; ++ } ++ + __malloc_ptr_t (*hook) __MALLOC_PMT ((size_t, size_t, + const __malloc_ptr_t)) = + force_reg (__memalign_hook); diff --git a/patches/source/glibc/glibc.CVE-2015-0235.glibc29.diff b/patches/source/glibc/glibc.CVE-2015-0235.glibc29.diff new file mode 100644 index 000000000..d2e7bbde7 --- /dev/null +++ b/patches/source/glibc/glibc.CVE-2015-0235.glibc29.diff @@ -0,0 +1,208 @@ +--- ./nss/getXXbyYY_r.c.orig 2007-10-29 19:47:26.000000000 -0500 ++++ ./nss/getXXbyYY_r.c 2015-01-27 17:52:55.081039748 -0600 +@@ -178,6 +178,9 @@ + case -1: + return errno; + case 1: ++#ifdef NEED_H_ERRNO ++ any_service = true; ++#endif + goto done; + } + #endif +--- ./nss/digits_dots.c.orig 2004-08-05 18:32:09.000000000 -0500 ++++ ./nss/digits_dots.c 2015-01-27 17:52:55.083039748 -0600 +@@ -47,7 +47,10 @@ + { + if (h_errnop) + *h_errnop = NETDB_INTERNAL; +- *result = NULL; ++ if (buffer_size == NULL) ++ *status = NSS_STATUS_TRYAGAIN; ++ else ++ *result = NULL; + return -1; + } + +@@ -84,14 +87,16 @@ + } + + size_needed = (sizeof (*host_addr) +- + sizeof (*h_addr_ptrs) + strlen (name) + 1); ++ + sizeof (*h_addr_ptrs) ++ + sizeof (*h_alias_ptr) + strlen (name) + 1); + + if (buffer_size == NULL) + { + if (buflen < size_needed) + { ++ *status = NSS_STATUS_TRYAGAIN; + if (h_errnop != NULL) +- *h_errnop = TRY_AGAIN; ++ *h_errnop = NETDB_INTERNAL; + __set_errno (ERANGE); + goto done; + } +@@ -110,7 +115,7 @@ + *buffer_size = 0; + __set_errno (save); + if (h_errnop != NULL) +- *h_errnop = TRY_AGAIN; ++ *h_errnop = NETDB_INTERNAL; + *result = NULL; + goto done; + } +@@ -150,7 +155,9 @@ + if (! ok) + { + *h_errnop = HOST_NOT_FOUND; +- if (buffer_size) ++ if (buffer_size == NULL) ++ *status = NSS_STATUS_NOTFOUND; ++ else + *result = NULL; + goto done; + } +@@ -191,7 +198,7 @@ + if (buffer_size == NULL) + *status = NSS_STATUS_SUCCESS; + else +- *result = resbuf; ++ *result = resbuf; + goto done; + } + +@@ -202,15 +209,6 @@ + + if ((isxdigit (name[0]) && strchr (name, ':') != NULL) || name[0] == ':') + { +- const char *cp; +- char *hostname; +- typedef unsigned char host_addr_t[16]; +- host_addr_t *host_addr; +- typedef char *host_addr_list_t[2]; +- host_addr_list_t *h_addr_ptrs; +- size_t size_needed; +- int addr_size; +- + switch (af) + { + default: +@@ -226,7 +224,10 @@ + /* This is not possible. We cannot represent an IPv6 address + in an `struct in_addr' variable. */ + *h_errnop = HOST_NOT_FOUND; +- *result = NULL; ++ if (buffer_size == NULL) ++ *status = NSS_STATUS_NOTFOUND; ++ else ++ *result = NULL; + goto done; + + case AF_INET6: +@@ -234,42 +235,6 @@ + break; + } + +- size_needed = (sizeof (*host_addr) +- + sizeof (*h_addr_ptrs) + strlen (name) + 1); +- +- if (buffer_size == NULL && buflen < size_needed) +- { +- if (h_errnop != NULL) +- *h_errnop = TRY_AGAIN; +- __set_errno (ERANGE); +- goto done; +- } +- else if (buffer_size != NULL && *buffer_size < size_needed) +- { +- char *new_buf; +- *buffer_size = size_needed; +- new_buf = realloc (*buffer, *buffer_size); +- +- if (new_buf == NULL) +- { +- save = errno; +- free (*buffer); +- __set_errno (save); +- *buffer = NULL; +- *buffer_size = 0; +- *result = NULL; +- goto done; +- } +- *buffer = new_buf; +- } +- +- memset (*buffer, '\0', size_needed); +- +- host_addr = (host_addr_t *) *buffer; +- h_addr_ptrs = (host_addr_list_t *) +- ((char *) host_addr + sizeof (*host_addr)); +- hostname = (char *) h_addr_ptrs + sizeof (*h_addr_ptrs); +- + for (cp = name;; ++cp) + { + if (!*cp) +@@ -282,7 +247,9 @@ + if (inet_pton (AF_INET6, name, host_addr) <= 0) + { + *h_errnop = HOST_NOT_FOUND; +- if (buffer_size) ++ if (buffer_size == NULL) ++ *status = NSS_STATUS_NOTFOUND; ++ else + *result = NULL; + goto done; + } +--- ./nss/test-digits-dots.c.orig 2015-01-27 17:52:55.084039748 -0600 ++++ ./nss/test-digits-dots.c 2015-01-27 17:52:55.084039748 -0600 +@@ -0,0 +1,38 @@ ++/* Copyright (C) 2013 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ <http://www.gnu.org/licenses/>. */ ++ ++/* Testcase for BZ #15014 */ ++ ++#include <stdlib.h> ++#include <netdb.h> ++#include <errno.h> ++ ++static int ++do_test (void) ++{ ++ char buf[32]; ++ struct hostent *result = NULL; ++ struct hostent ret; ++ int h_err = 0; ++ int err; ++ ++ err = gethostbyname_r ("1.2.3.4", &ret, buf, sizeof (buf), &result, &h_err); ++ return err == ERANGE && h_err == NETDB_INTERNAL ? EXIT_SUCCESS : EXIT_FAILURE; ++} ++ ++#define TEST_FUNCTION do_test () ++#include "../test-skeleton.c" +--- ./nss/Makefile.orig 2007-08-10 18:39:41.000000000 -0500 ++++ ./nss/Makefile 2015-01-27 17:52:55.085039748 -0600 +@@ -39,7 +39,7 @@ + others := getent + install-bin := getent + +-tests = test-netdb ++tests = test-netdb test-digits-dots + xtests = bug-erange + + include ../Makeconfig diff --git a/patches/source/glibc/glibc.SlackBuild b/patches/source/glibc/glibc.SlackBuild new file mode 100755 index 000000000..639307dd1 --- /dev/null +++ b/patches/source/glibc/glibc.SlackBuild @@ -0,0 +1,475 @@ +#!/bin/sh + +# Copyright 2006, 2008, 2009, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +## build glibc-$VERSION for Slackware + + +VERSION=${VERSION:-2.9} +CHECKOUT=${CHECKOUT:--20090316} +BUILD=${BUILD:-7_slack13.0} + +# $ARCH may be preset, otherwise i486 compatibility with i686 binary +# structuring is the Slackware default, since this is what gcc-3.2+ +# requires for binary compatibility with previous releases. +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CVSVER=${VERSION}${CHECKOUT} + +# NOTE!!! glibc needs to be built against the sanitized kernel headers, +# which will be installed under /usr/include by the kernel-headers package. +# Be sure the correct version of the headers package is installed BEFORE +# building glibc! + +CWD=$(pwd) +# Temporary build location. This should not be a directory +# path a non-root user could create later... +TMP=${TMP:-/glibc-tmp-$(mcookie)} +mkdir -p $TMP + +# Sanity check on the version number in the install scripts: +if ! grep -vq libutil-$VERSION}.so $CWD/doinst.sh-glibc ; then + echo "FATAL: doinst.sh scripts have wrong version numbers." + exit 1 +fi + +case $ARCH in + x86_64) + TARGET=${TARGET:-x86_64} + ;; + i486) + # This should be i486 for all 32-bit x86 arch: + TARGET=${TARGET:-i486} + ;; +esac + +# This function fixes a doinst.sh file for x86_64. +# With thanks to Fred Emmott. +fix_doinst() { + if [ "x$LIBDIRSUFFIX" = "x" ]; then + return; + fi; + # Fix "( cd usr/lib ;" occurrences + sed -i "s#lib ;#lib${LIBDIRSUFFIX} ;#" install/doinst.sh + # Fix "lib/" occurrences + sed -i "s#lib/#lib${LIBDIRSUFFIX}/#g" install/doinst.sh + # Fix "( cd lib" occurrences + sed -i "s#( cd lib\$#( cd lib${LIBDIRSUFFIX}#" install/doinst.sh + + if [ "$ARCH" = "x86_64" ]; then + sed -i 's#ld-linux.so.2#ld-linux-x86-64.so.2#' install/doinst.sh + fi +} + +# This is a patch function to put all glibc patches in the build script +# up near the top. +apply_patches() { + # Use old-style locale directories rather than a single (and strangely + # formatted) /usr/lib/locale/locale-archive file: + zcat $CWD/glibc.locale.no-archive.diff.gz | patch -p1 --verbose || exit 1 + # The is_IS locale is causing a strange error about the "echn" command + # not existing. This patch reverts is_IS to the version shipped in + # glibc-2.5: + zcat $CWD/is_IS.diff.gz | patch -p1 --verbose || exit 1 + # Fix NIS netgroups: + zcat $CWD/glibc.nis-netgroups.diff.gz | patch -p1 --verbose || exit 1 + # Support ru_RU.CP1251 locale: + zcat $CWD/glibc.ru_RU.CP1251.diff.gz | patch -p1 --verbose || exit 1 + # Fix missing MAX macro in getcwd.c: + zcat $CWD/glibc.getcwd.max.macro.diff.gz | patch -p1 --verbose || exit 1 + # Fix resolver problem with glibc-2.9: + zcat $CWD/glibc-2.10-dns-no-gethostbyname4.diff.gz | patch -p0 --verbose || exit 1 + # This reverts a patch that was made to glibc to fix "namespace leakage", + # which seems to cause some build failures (e.g. with conntrack): + zcat $CWD/glibc.revert.to.fix.build.breakages.diff.gz | patch -p1 --verbose || exit 1 + # This fixes a security issue in glibc 2.12.1 and earlier: + zcat $CWD/glibc.CVE-2010-3847.diff.gz | patch -p1 --verbose || exit 1 + # This fixes a security issue in glibc 2.12.1 and earlier: + zcat $CWD/glibc.CVE-2010-3856.diff.gz | patch -p1 --verbose || exit 1 + # Patch integer overflows in pvalloc, valloc, and + # posix_memalign/memalign/aligned_alloc (CVE-2013-4332). + zcat $CWD/glibc.CVE-2013-4332.diff.gz | patch -p1 --verbose || exit 1 + # Fix parsing of numeric hosts in gethostbyname_r: + zcat $CWD/glibc.CVE-2015-0235.glibc29.diff.gz | patch -p1 --verbose || exit 1 +} + +# I'll break this out as an option for fun :-) +case $ARCH in + i386) + OPTIMIZ="-O3 -march=i386 -mcpu=i686" + LIBDIRSUFFIX="" + ;; + i486) + OPTIMIZ="-O3 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" + ;; + i586) + OPTIMIZ="-O3 -march=i586" + LIBDIRSUFFIX="" + ;; + i686) + OPTIMIZ="-O3 -march=i686" + LIBDIRSUFFIX="" + ;; + athlon) + OPTIMIZ="-O3 -march=athlon" + LIBDIRSUFFIX="" + ;; + s390) + OPTIMIZ="-O3" + LIBDIRSUFFIX="" + ;; + x86_64) + OPTIMIZ="-O3 -fPIC" + LIBDIRSUFFIX="64" + ;; + *) + OPTIMIZ="-O3" + LIBDIRSUFFIX="" + ;; +esac + +# This is going to be the initial $DESTDIR: +export PKG=$TMP/package-glibc-incoming-tree +PGLIBC=$TMP/package-glibc +PSOLIBS=$TMP/package-glibc-solibs +PZONE=$TMP/package-glibc-zoneinfo +PI18N=$TMP/package-glibc-i18n +PPROFILE=$TMP/package-glibc-profile +PDEBUG=$TMP/package-glibc-debug + +# Empty these locations first: +for dir in $PKG $PGLIBC $PSOLIBS $PZONE $PI18N $PPROFILE $PDEBUG ; do + if [ -d $dir ]; then + rm -rf $dir + fi + mkdir -p $dir +done +if [ -d $TMP/glibc-$VERSION ]; then + rm -rf $TMP/glibc-$VERSION +fi + +# Create an incoming directory structure for glibc to be built into: +mkdir -p $PKG/lib${LIBDIRSUFFIX} +mkdir -p $PKG/sbin +mkdir -p $PKG/usr/bin +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX} +mkdir -p $PKG/usr/sbin +mkdir -p $PKG/usr/include +mkdir -p $PKG/usr/doc +mkdir -p $PKG/usr/man +mkdir -p $PKG/usr/share +mkdir -p $PKG/var/db/nscd +mkdir -p $PKG/var/run/nscd + +# Begin extract/compile: +cd $TMP +rm -rf glibc-$CVSVER +tar xjvf $CWD/glibc-$CVSVER.tar.bz2 +cd glibc-$CVSVER + +chown -R root:root . +find . -perm 666 -exec chmod 644 {} \; +find . -perm 664 -exec chmod 644 {} \; +find . -perm 600 -exec chmod 644 {} \; +find . -perm 444 -exec chmod 644 {} \; +find . -perm 400 -exec chmod 644 {} \; +find . -perm 440 -exec chmod 644 {} \; +find . -perm 777 -exec chmod 755 {} \; +find . -perm 775 -exec chmod 755 {} \; +find . -perm 511 -exec chmod 755 {} \; +find . -perm 711 -exec chmod 755 {} \; +find . -perm 555 -exec chmod 755 {} \; + +# Clean up leftover CVS directories: +find . -type d -name CVS -exec rm -r {} \; 2> /dev/null + +# Apply patches; exit if any fail. +apply_patches +if [ ! $? = 0 ]; then + exit 1 +fi + +# Make build directory: +mkdir build-glibc-$VERSION +cd build-glibc-$VERSION + +echo "BUILDING DAS NPTL GLIBC" +CFLAGS="-g $OPTIMIZ" \ +../configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --enable-kernel=2.6.18 \ + --with-headers=/usr/include \ + --enable-add-ons=libidn,nptl \ + --enable-profile \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --with-tls \ + --with-__thread \ + --without-cvs \ + $TARGET-slackware-linux + +make -j4 || exit 1 +make install install_root=$PKG || exit 1 +make localedata/install-locales install_root=$PKG || exit 1 + +# The prevailing standard seems to be putting unstripped libraries in +# /usr/lib/debug/ and stripping the debugging symbols from all the other +# libraries. +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/debug +cp -a $PKG/lib${LIBDIRSUFFIX}/l*.so* $PKG/usr/lib${LIBDIRSUFFIX}/debug +cp -a $PKG/usr/lib${LIBDIRSUFFIX}/*.a $PKG/usr/lib${LIBDIRSUFFIX}/debug +# Don't need debug+profile: +( cd $PKG/usr/lib${LIBDIRSUFFIX}/debug ; rm -f *_p.* ) +# NOTE: Is there really a reason for the glibc-debug package? +# If you're debugging glibc, you can also compile it, right? + +## COMMENTED OUT: There's no reason for profile libs to include -g information. +## Put back unstripped profiling libraries: +#mv $PKG/usr/lib${LIBDIRSUFFIX}/debug/*_p.a $PKG/usr/lib${LIBDIRSUFFIX} +# It might be best to put the unstripped and profiling libraries in glibc-debug and glibc-profile. + +# I don't think "strip -g" causes the pthread problems. It's --strip-unneeded that does. +strip -g $PKG/lib${LIBDIRSUFFIX}/l*.so* +strip -g $PKG/usr/lib${LIBDIRSUFFIX}/l*.so* +strip -g $PKG/usr/lib${LIBDIRSUFFIX}/lib*.a + +# Build and install the zoneinfo database: +cd $TMP +rm -rf tzcodedata-build +mkdir tzcodedata-build +cd tzcodedata-build +tar xzf $CWD/tzdata?????.tar.gz +tar xzf $CWD/tzcode?????.tar.gz +sed -i "s,/usr/local,$(pwd),g" Makefile +sed -i "s,/etc/zoneinfo,/zoneinfo,g" Makefile +make +make install +mkdir -p $PKG/usr/share/zoneinfo/{posix,right} +cp -a zoneinfo/* $PKG/usr/share/zoneinfo +cp -a zoneinfo-posix/* $PKG/usr/share/zoneinfo/posix +cp -a zoneinfo-leaps/* $PKG/usr/share/zoneinfo/right +# Remove $PKG/usr/share/zoneinfo/localtime -- the install script will +# create it as a link to /etc/localtime. +rm -f $PKG/usr/share/zoneinfo/localtime + +# Back to the sources dir to add some files/docs: +cd $TMP/glibc-$CVSVER + +# We'll automatically install the config file for the Name Server Cache Daemon. +# Perhaps this should also have some commented-out startup code in rc.inet2... +mkdir -p $PKG/etc +cat nscd/nscd.conf > $PKG/etc/nscd.conf.new + +# Install some scripts to help select a timezone: +mkdir -p $PKG/var/log/setup +cp -a $CWD/timezone-scripts/setup.timeconfig $PKG/var/log/setup +chown root:root $PKG/var/log/setup/setup.timeconfig +chmod 755 $PKG/var/log/setup/setup.timeconfig +mkdir -p $PKG/usr/sbin +cp -a $CWD/timezone-scripts/timeconfig $PKG/usr/sbin +chown root:root $PKG/usr/sbin/timeconfig +chmod 755 $PKG/usr/sbin/timeconfig + +## Install docs: +( mkdir -p $PKG/usr/doc/glibc-$VERSION + cp -a \ + BUGS CONFORMANCE COPYING COPYING.LIB FAQ INSTALL LICENSES NAMESPACE \ + NEWS NOTES PROJECTS README README.libm \ + $PKG/usr/doc/glibc-$VERSION +) + +# Don't forget to add the /usr/share/zoneinfo/localtime -> /etc/localtime symlink! :) +if [ ! -r $PKG/usr/share/zoneinfo/localtime ]; then + ( cd $PKG/usr/share/zoneinfo ; ln -sf /etc/localtime . ) +fi + +# OK, there are some very old Linux standards that say that any binaries in a /bin or +# /sbin directory (and the directories themselves) should be group bin rather than +# group root, unless a specific group is really needed for some reason. +# +# I can't find any mention of this in more recent standards docs, and always thought +# that it was pretty cosmetic anyway (hey, if there's a reason -- fill me in!), so +# it's possible that this ownership change won't be followed in the near future +# (it's a PITA, and causes many bug reports when the perms change is occasionally +# forgotten). +# +# But, it's hard to get me to break old habits, so we'll continue the tradition here: +# +# No, no we won't. You know how we love to break traditions. + +# Strip most binaries: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-debug 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null +) + +# Fix info dir: +rm $PKG/usr/info/dir +gzip -9 $PKG/usr/info/* + +# This is junk +rm $PKG/etc/ld.so.cache +( cd $PKG + find . -name "*.orig" -exec rm {} \; +) + +################################## +# OK, time to make some packages # +################################## + +# glibc-zoneinfo. We will start with an easy one to avoid breaking a sweat. ;-) +cd $CWD +ZONE_VERSIONS="$(echo tzdata* | cut -f1 -d . | cut -b7-11)" +echo $ZONE_VERSIONS +cd $PZONE +# Install some scripts to help select a timezone: +mkdir -p $PZONE/var/log/setup +cp -a $CWD/timezone-scripts/setup.timeconfig $PZONE/var/log/setup +chown root:root $PZONE/var/log/setup/setup.timeconfig +chmod 755 $PZONE/var/log/setup/setup.timeconfig +mkdir -p $PZONE/usr/sbin +cp -a $CWD/timezone-scripts/timeconfig $PZONE/usr/sbin +chown root:root $PZONE/usr/sbin/timeconfig +chmod 755 $PZONE/usr/sbin/timeconfig +mkdir $PZONE/install +cat $CWD/doinst.sh-glibc-zoneinfo > $PZONE/install/doinst.sh +cat $CWD/slack-desc.glibc-zoneinfo > $PZONE/install/slack-desc +mkdir -p $PZONE/usr/share +cd $PZONE/usr/share +cp -a --verbose $PKG/usr/share/zoneinfo . +cd $PZONE +mkdir -p $PZONE/etc +# This is already hard-coded into doinst.sh (like it'll be there anyway ;-): +rm -f etc/localtime +# Wrap it up: +makepkg -l y -c n $TMP/glibc-zoneinfo-$ZONE_VERSIONS-noarch-$BUILD.txz + +# glibc-profile: +cd $PPROFILE +mkdir -p usr/lib${LIBDIRSUFFIX} +# Might as well just grab these with 'mv' to simplify things later: +mv $PKG/usr/lib${LIBDIRSUFFIX}/lib*_p.a usr/lib${LIBDIRSUFFIX} +# Profile libs should be stripped. Use the debug libs to debug... +( cd usr/lib${LIBDIRSUFFIX} ; strip -g *.a ) +mkdir install +cp -a $CWD/slack-desc.glibc-profile install/slack-desc +makepkg -l y -c n $TMP/glibc-profile-$VERSION-$ARCH-$BUILD.txz + +# THIS IS NO LONGER PACKAGED (or is it? might be better to let it be made, and then ship it or not...) +# glibc-debug: +cd $PDEBUG +mkdir -p usr/lib${LIBDIRSUFFIX} +# Might as well just grab these with 'mv' to simplify things later: +mv $PKG/usr/lib${LIBDIRSUFFIX}/debug usr/lib${LIBDIRSUFFIX} +mkdir install +cp -a $CWD/slack-desc.glibc-debug install/slack-desc +makepkg -l y -c n $TMP/glibc-debug-$VERSION-$ARCH-$BUILD.txz +## INSTEAD, NUKE THESE LIBS +#rm -rf $PKG/usr/lib${LIBDIRSUFFIX}/debug + +# glibc-i18n: +cd $PI18N +mkdir -p usr/lib${LIBDIRSUFFIX} +rm -rf usr/lib${LIBDIRSUFFIX}/locale +cp -a $PKG/usr/lib${LIBDIRSUFFIX}/locale usr/lib${LIBDIRSUFFIX} +mkdir -p usr/share +cp -a $PKG/usr/share/i18n usr/share +cp -a $PKG/usr/share/locale usr/share +mkdir install +cp -a $CWD/slack-desc.glibc-i18n install/slack-desc +makepkg -l y -c n $TMP/glibc-i18n-$VERSION-$ARCH-$BUILD.txz + +# glibc-solibs: +cd $PSOLIBS +mkdir -p etc/profile.d +cp -a $CWD/profile.d/* etc/profile.d +chown -R root:root etc +chmod 755 etc/profile.d/* +mkdir -p lib${LIBDIRSUFFIX} +cp -a $PKG/lib${LIBDIRSUFFIX}/* lib${LIBDIRSUFFIX} +( cd lib${LIBDIRSUFFIX} + mkdir incoming + mv *so* incoming + mv incoming/libSegFault.so . +) +mkdir -p usr +cp -a $PKG/usr/bin usr +mv usr/bin/ldd . +rm usr/bin/* +mv ldd usr/bin +mkdir -p usr/lib${LIBDIRSUFFIX} +# The gconv directory has a lot of stuff, but including it here will save some problems. +# Seems standard elsewhere. +cp -a $PKG/usr/lib${LIBDIRSUFFIX}/gconv usr/lib${LIBDIRSUFFIX} +# Another manpage abandoned by GNU... +#mkdir -p usr/man/man1 +#cp -a $PKG/usr/man/man1/ldd.1.gz usr/man/man1 +mkdir -p usr/libexec +cp -a $PKG/usr/libexec/pt_chown usr/libexec +# Same usr.bin deal: +cp -a $PKG/sbin . +mv sbin/ldconfig . +rm sbin/* +mv ldconfig sbin +mkdir install +cp -a $CWD/slack-desc.glibc-solibs install/slack-desc +cp -a $CWD/doinst.sh-glibc-solibs install/doinst.sh +fix_doinst +# Ditch links: +find . -type l -exec rm {} \; +# Build the package: +makepkg -l y -c n $TMP/glibc-solibs-$VERSION-$ARCH-$BUILD.txz + +# And finally, the complete "all-in-one" glibc package is created +# from whatever was leftover: +cd $PGLIBC +mv $PKG/* . +mkdir -p etc/profile.d +cp -a $CWD/profile.d/* etc/profile.d +chown -R root:root etc +chmod 755 etc/profile.d/* +# Ditch links (these are in doinst.sh-glibc): +find . -type l -exec rm {} \; +mkdir install +cp -a $CWD/slack-desc.glibc install/slack-desc +cp -a $CWD/doinst.sh-glibc install/doinst.sh +fix_doinst +( cd lib${LIBDIRSUFFIX} + mkdir incoming + mv *so* incoming + mv incoming/libSegFault.so . +) +# Build the package: +makepkg -l y -c n $TMP/glibc-$VERSION-$ARCH-$BUILD.txz + +# Done! +echo +echo "glibc packages built in $TMP!" + diff --git a/patches/source/glibc/glibc.getcwd.max.macro.diff b/patches/source/glibc/glibc.getcwd.max.macro.diff new file mode 100644 index 000000000..e26e14d95 --- /dev/null +++ b/patches/source/glibc/glibc.getcwd.max.macro.diff @@ -0,0 +1,10 @@ +--- ./sysdeps/unix/sysv/linux/getcwd.c.orig 2006-04-02 12:58:28.000000000 -0500 ++++ ./sysdeps/unix/sysv/linux/getcwd.c 2006-10-10 22:11:02.000000000 -0500 +@@ -28,6 +28,7 @@ + #include <sysdep.h> + #include <sys/syscall.h> + #include <bp-checks.h> ++#include <sys/param.h> + + #include <kernel-features.h> + diff --git a/patches/source/glibc/glibc.locale.no-archive.diff b/patches/source/glibc/glibc.locale.no-archive.diff new file mode 100644 index 000000000..bf1a83b71 --- /dev/null +++ b/patches/source/glibc/glibc.locale.no-archive.diff @@ -0,0 +1,10 @@ +--- ./localedata/Makefile.orig 2003-11-20 15:31:38.000000000 -0800 ++++ ./localedata/Makefile 2004-08-03 17:20:54.000000000 -0700 +@@ -222,6 +222,7 @@ + echo -n '...'; \ + input=`echo $$locale | sed 's/\([^.]*\)[^@]*\(.*\)/\1\2/'`; \ + $(LOCALEDEF) --alias-file=../intl/locale.alias \ ++ --no-archive \ + -i locales/$$input -c -f charmaps/$$charset \ + $(addprefix --prefix=,$(install_root)) $$locale; \ + echo ' done'; \ diff --git a/patches/source/glibc/glibc.nis-netgroups.diff b/patches/source/glibc/glibc.nis-netgroups.diff new file mode 100644 index 000000000..2473e9766 --- /dev/null +++ b/patches/source/glibc/glibc.nis-netgroups.diff @@ -0,0 +1,12 @@ +--- ./nis/nss_nis/nis-netgrp.c.orig 2006-04-08 21:08:28.000000000 -0500 ++++ ./nis/nss_nis/nis-netgrp.c 2006-10-10 20:49:11.000000000 -0500 +@@ -72,7 +72,8 @@ + and the last byte is filled with NUL. So we can simply + use that buffer. */ + assert (len >= 0); +- assert (malloc_usable_size (netgrp->data) >= len + 1); ++ /* The next line break NIS netgroups on non-PAM systems, so we will comment it out */ ++ /* assert (malloc_usable_size (netgrp->data) >= len + 1); */ + assert (netgrp->data[len] == '\0'); + + netgrp->data_size = len; diff --git a/patches/source/glibc/glibc.revert.to.fix.build.breakages.diff b/patches/source/glibc/glibc.revert.to.fix.build.breakages.diff new file mode 100644 index 000000000..9c8e93b9b --- /dev/null +++ b/patches/source/glibc/glibc.revert.to.fix.build.breakages.diff @@ -0,0 +1,13 @@ +--- ./sysdeps/unix/sysv/linux/bits/socket.h.orig 2008-07-27 03:25:30.000000000 -0500 ++++ ./sysdeps/unix/sysv/linux/bits/socket.h 2009-02-24 17:38:52.000000000 -0600 +@@ -26,8 +26,9 @@ + #endif + + #define __need_size_t ++#define __need_NULL + #include <stddef.h> +- ++#include <limits.h> + #include <sys/types.h> + + /* Type for length arguments in socket calls. */ diff --git a/patches/source/glibc/glibc.ru_RU.CP1251.diff b/patches/source/glibc/glibc.ru_RU.CP1251.diff new file mode 100644 index 000000000..376cf76a7 --- /dev/null +++ b/patches/source/glibc/glibc.ru_RU.CP1251.diff @@ -0,0 +1,10 @@ +--- ./localedata/SUPPORTED.orig 2005-07-17 20:50:35.000000000 -0500 ++++ ./localedata/SUPPORTED 2006-08-22 01:33:09.000000000 -0500 +@@ -270,6 +270,7 @@ + ro_RO/ISO-8859-2 \ + ru_RU.KOI8-R/KOI8-R \ + ru_RU.UTF-8/UTF-8 \ ++ru_RU.CP1251/CP1251 \ + ru_RU/ISO-8859-5 \ + ru_UA.UTF-8/UTF-8 \ + ru_UA/KOI8-U \ diff --git a/patches/source/glibc/is_IS.diff b/patches/source/glibc/is_IS.diff new file mode 100644 index 000000000..52a99696c --- /dev/null +++ b/patches/source/glibc/is_IS.diff @@ -0,0 +1,19 @@ +--- ./localedata/locales/is_IS.orig 2007-09-30 17:30:17.000000000 -0500 ++++ ./localedata/locales/is_IS 2006-07-30 17:19:43.000000000 -0500 +@@ -947,6 +947,7 @@ + <UE00D> IGNORE;IGNORE;IGNORE;<UE00D> + <UE00E> IGNORE;IGNORE;IGNORE;<UE00E> + <UE00F> IGNORE;IGNORE;IGNORE;<UE00F> ++<"=> IGNORE;IGNORE;IGNORE;<"=> + <UE011> IGNORE;IGNORE;IGNORE;<UE011> + <UE012> IGNORE;IGNORE;IGNORE;<UE012> + <UE013> IGNORE;IGNORE;IGNORE;<UE013> +@@ -955,6 +956,8 @@ + <UE017> IGNORE;IGNORE;IGNORE;<UE017> + <UE018> IGNORE;IGNORE;IGNORE;<UE018> + <UE019> IGNORE;IGNORE;IGNORE;<UE019> ++<Mc> IGNORE;IGNORE;IGNORE;<Mc> ++<Fl> IGNORE;IGNORE;IGNORE;<Fl> + UNDEFINED IGNORE;IGNORE;IGNORE + + <U0030> <U0030>;<U0030>;IGNORE;IGNORE diff --git a/patches/source/glibc/profile.d/glibc.csh.new b/patches/source/glibc/profile.d/glibc.csh.new new file mode 100755 index 000000000..adcc4060b --- /dev/null +++ b/patches/source/glibc/profile.d/glibc.csh.new @@ -0,0 +1,9 @@ +#!/bin/csh +# Set more relaxed (glibc-2.3.5 like) malloc() checking. +# +# This relaxes the default paranoia level so that it reports +# bugs, but does not kill the questionable process. You can +# get away with running broken programs with this setting, +# but at a possible performance and security cost. +# +#setenv MALLOC_CHECK_=1 diff --git a/patches/source/glibc/profile.d/glibc.sh.new b/patches/source/glibc/profile.d/glibc.sh.new new file mode 100755 index 000000000..979f4879e --- /dev/null +++ b/patches/source/glibc/profile.d/glibc.sh.new @@ -0,0 +1,8 @@ +#!/bin/sh +# Set more relaxed (glibc-2.3.5 like) malloc() checking. +# +# This relaxes the default paranoia level so that it reports +# bugs, but does not kill the questionable process. You can +# get away with running broken programs with this setting, +# but at a possible performance and security cost. +#export MALLOC_CHECK_=1 diff --git a/patches/source/glibc/slack-desc.glibc b/patches/source/glibc/slack-desc.glibc new file mode 100644 index 000000000..c9c35c2da --- /dev/null +++ b/patches/source/glibc/slack-desc.glibc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +glibc: glibc (GNU C libraries) +glibc: +glibc: This package contains the GNU C libraries and header files. The GNU +glibc: C library was written originally by Roland McGrath, and is currently +glibc: maintained by Ulrich Drepper. Some parts of the library were +glibc: contributed or worked on by other people. +glibc: +glibc: You'll need this package to compile programs. +glibc: +glibc: +glibc: diff --git a/patches/source/glibc/slack-desc.glibc-debug b/patches/source/glibc/slack-desc.glibc-debug new file mode 100644 index 000000000..79398d0b6 --- /dev/null +++ b/patches/source/glibc/slack-desc.glibc-debug @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +glibc-debug: glibc-debug (GNU C libraries with debugging symbols) +glibc-debug: +glibc-debug: This package contains versions of the GNU C libraries with debugging +glibc-debug: information. These are needed only if you wish to be able to step +glibc-debug: through C library routines while debugging programs. Most debugging +glibc-debug: efforts will not require these. +glibc-debug: To use these libraries, set LD_LIBRARY_PATH when calling the debugger: +glibc-debug: LD_LIBRARY_PATH=/usr/lib/debug gdb <executable> +glibc-debug: +glibc-debug: Or, use this approach if you need to debug a setuid binary: +glibc-debug: su user -c "LD_LIBRARY_PATH=/usr/lib/debug gdb <executable>" diff --git a/patches/source/glibc/slack-desc.glibc-i18n b/patches/source/glibc/slack-desc.glibc-i18n new file mode 100644 index 000000000..71f5336c0 --- /dev/null +++ b/patches/source/glibc/slack-desc.glibc-i18n @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +glibc-i18n: glibc-i18n (locale files from glibc) +glibc-i18n: +glibc-i18n: These files go in /usr/lib/locale and /usr/share/i18n/ to provide +glibc-i18n: internationalization support. You'll need this package unless you +glibc-i18n: will be using US English only. +glibc-i18n: +glibc-i18n: +glibc-i18n: +glibc-i18n: +glibc-i18n: +glibc-i18n: diff --git a/patches/source/glibc/slack-desc.glibc-profile b/patches/source/glibc/slack-desc.glibc-profile new file mode 100644 index 000000000..8c873fd92 --- /dev/null +++ b/patches/source/glibc/slack-desc.glibc-profile @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +glibc-profile: glibc-profile (GNU C libraries with profiling support) +glibc-profile: +glibc-profile: This package contains static versions of the GNU C libraries with +glibc-profile: support for profiling binaries using gprof. gprof calculates how +glibc-profile: much time a program spends in each routine which can suggest where +glibc-profile: to concentrate efforts to improve performance. +glibc-profile: +glibc-profile: See the gprof man page for more details. +glibc-profile: +glibc-profile: +glibc-profile: diff --git a/patches/source/glibc/slack-desc.glibc-solibs b/patches/source/glibc/slack-desc.glibc-solibs new file mode 100644 index 000000000..807df645a --- /dev/null +++ b/patches/source/glibc/slack-desc.glibc-solibs @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +glibc-solibs: glibc-solibs (shared GNU C libraries) +glibc-solibs: +glibc-solibs: This package contains the shared libraries, binaries, and support +glibc-solibs: files required to run most Linux applications linked with glibc. +glibc-solibs: +glibc-solibs: +glibc-solibs: +glibc-solibs: +glibc-solibs: +glibc-solibs: +glibc-solibs: diff --git a/patches/source/glibc/slack-desc.glibc-solibs-linuxthreads b/patches/source/glibc/slack-desc.glibc-solibs-linuxthreads new file mode 100644 index 000000000..9efe3bf1d --- /dev/null +++ b/patches/source/glibc/slack-desc.glibc-solibs-linuxthreads @@ -0,0 +1,18 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +glibc-solibs-linuxthreads: glibc-solibs-linuxthreads (LinuxThreads shared GNU C libraries) +glibc-solibs-linuxthreads: +glibc-solibs-linuxthreads: This package contains the shared libraries for glibc that uses +glibc-solibs-linuxthreads: LinuxThreads, the threading implementation in Linux 2.4.x and +glibc-solibs-linuxthreads: earlier kernels. In some cases you'll need to use these libraries +glibc-solibs-linuxthreads: to run old binaries by setting these environment variables: +glibc-solibs-linuxthreads: export LD_ASSUME_KERNEL=2.4.33 +glibc-solibs-linuxthreads: export LD_LIBRARY_PATH=/lib/obsolete/linuxthreads +glibc-solibs-linuxthreads: old-program +glibc-solibs-linuxthreads: Most users should have no need for this package. Recompile. :-) diff --git a/patches/source/glibc/slack-desc.glibc-zoneinfo b/patches/source/glibc/slack-desc.glibc-zoneinfo new file mode 100644 index 000000000..24dfd0e9f --- /dev/null +++ b/patches/source/glibc/slack-desc.glibc-zoneinfo @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +glibc-zoneinfo: glibc-zoneinfo (timezone database) +glibc-zoneinfo: +glibc-zoneinfo: This package allows you to configure your time zone. +glibc-zoneinfo: +glibc-zoneinfo: This timezone database comes from the tzdata and tzcode packages by +glibc-zoneinfo: Arthur David Olson et.al. The latest version and more information +glibc-zoneinfo: may be found at ftp://elsie.nci.nih.gov/pub/ +glibc-zoneinfo: +glibc-zoneinfo: Use the timeconfig utility to set your local time zone. +glibc-zoneinfo: +glibc-zoneinfo: diff --git a/patches/source/glibc/timezone-scripts/output-updated-timeconfig.sh b/patches/source/glibc/timezone-scripts/output-updated-timeconfig.sh new file mode 100644 index 000000000..a04f1b67f --- /dev/null +++ b/patches/source/glibc/timezone-scripts/output-updated-timeconfig.sh @@ -0,0 +1,53 @@ +#!/bin/sh +# Copyright 2000, 2001, 2006, 2007, 2008, 2012 Patrick J. Volkerding, Sebeka, MN, USA. +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +if [ ! "$(basename "$1")" = "zoneinfo" -o ! -d "$1" ]; then + echo " Usage: output-updated-timeconfig.sh <zoneinfo directory>" + exit 1 +fi + +CWD=$(pwd) +cat $CWD/parts/00 +# Sorry, I'd rather not be US-centric but some people here have a hard +# time finding things. ;-) +( cd $1 + find . -type f | xargs file | grep "timezone data" | cut -f 1 -d : | cut -f 2- -d / | sort | grep "^US/" | while read zone ; do + echo "\"${zone}\" \" \" \\" + done +) +( cd $1 + find . -type f | xargs file | grep "timezone data" | cut -f 1 -d : | cut -f 2- -d / | sort | grep -v "^US/" | while read zone ; do + echo "\"${zone}\" \" \" \\" + done +) +cat $CWD/parts/02 +( cd $1 + find . -type f | xargs file | grep "timezone data" | cut -f 1 -d : | cut -f 2- -d / | sort | grep "^US/" | while read zone ; do + echo "${zone}" + done +) +( cd $1 + find . -type f | xargs file | grep "timezone data" | cut -f 1 -d : | cut -f 2- -d / | sort | grep -v "^US/" | while read zone ; do + echo "${zone}" + done +) +cat $CWD/parts/04 diff --git a/patches/source/glibc/timezone-scripts/parts/00 b/patches/source/glibc/timezone-scripts/parts/00 new file mode 100644 index 000000000..a1601faaf --- /dev/null +++ b/patches/source/glibc/timezone-scripts/parts/00 @@ -0,0 +1,131 @@ +#!/bin/sh +# +# timeconfig Slackware Linux timezone configuration utility. +# +# Author: Patrick Volkerding <volkerdi@slackware.com> +# Modified by: David Cantrell <david@slackware.com>, 06-Oct-2000 +# +# ChangeLog: +# 2014-10-22: Updated timezones from tzdata2014i. <pjv> +# 2012-12-12: Updated timezones from tzdata2012j. <pjv> +# 2008-03-10: Updated timezones from tzdata2008a. <pjv> +# 2007-12-21: Updated timezones from tzdata2007j. <pjv> +# 2006-12-03: Updated timezones from tzdata2006p. <pjv> +# 2006-09-14: Updated timezones from tzdata2006k. <pjv> +# 2006-08-22: Updated timezones from tzdata2006j. +# 2006-08-13: Updated timezones from tzdata2006g. +# 2006-03-13: Updated timezones from tzdata2006c. +# 19-Feb-2001 Add new timezones from glibc-2.2.2. +# 06-Oct-2000 Fixed a problem with selecting UTC time. It was writing +# the hardwareclock file to the root disk and not your dest +# partition. Changed the HWCLOCK_CONF variable to be +# $T_PX/etc/hardwareclock to fix this. Thanks to David L. +# Dickman <softbear@optonline.net> for finding this and +# submitting a patch. +# +# 15-Mar-2000 Added the writeconf function to write out the +# /etc/hardwareclock file which tells what the hardware clock +# is set to (UTC or localtime). +# +# 03-Mar-2000 Reorganized script. Made one timezone set block, added +# stage that asks the user if the hardware clock is set to +# UTC. + +# setup our temp locations and variables +TMP=/var/log/setup/tmp +if [ -r $TMP/SeTT_PX ]; then + T_PX="`cat $TMP/SeTT_PX`" +elif [ ! "$!" = "" ]; then + T_PX=$1 +else + T_PX=/ +fi + +# the hardware clock configuration file +HWCLOCK_CONF=$T_PX/etc/hardwareclock + +# setzone( $TIMEZONE ) +# +# This function accepts a time zone as the only parameter and sets it as +# the default system time zone. +setzone() +{ + TZ=$1 + + cd $T_PX/etc + if [ -r $T_PX/usr/share/zoneinfo/$TZ -o \ + -r /var/log/mount/usr/share/zoneinfo/$TZ -o \ + -L $T_PX/usr/share/zoneinfo/$TZ -o \ + -L /var/log/mount/usr/share/zoneinfo/$TZ ]; then + ln -sf /usr/share/zoneinfo/$TZ localtime-copied-from + rm -f localtime + cd .. + chroot . cp etc/localtime-copied-from etc/localtime + fi +} + +# writeconf( $CLOCK_SET_TO ) +# +# Writes out $HWCLOCK_CONF that tells rc.S how the hardware clock +# value is stored. +writeconf() +{ + echo "# /etc/hardwareclock" > $HWCLOCK_CONF + echo "#" >> $HWCLOCK_CONF + echo "# Tells how the hardware clock time is stored." >> $HWCLOCK_CONF + echo "# You should run timeconfig to edit this file." >> $HWCLOCK_CONF + echo >> $HWCLOCK_CONF + echo $1 >> $HWCLOCK_CONF +} + +# ask the user if the hardware clock is set for UTC/GMT +if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then + ### + ### use color menus here + ### + dialog --title "HARDWARE CLOCK SET TO UTC?" --menu "Is the hardware clock set \ +to Coordinated Universal Time (UTC/GMT)? If it is, select YES here. If the \ +hardware clock is set to the current local time (this is how most PCs are set \ +up), then say NO here. If you are not sure what this is, you should answer NO \ +here." 13 60 2 \ + "NO" "Hardware clock is set to local time" \ + "YES" "Hardware clock is set to UTC" \ + 2> $TMP/utc + if [ $? = 1 -o $? = 255 ]; then + rm -f $TMP/utc + exit + fi + if [ "`cat $TMP/utc`" = "YES" ]; then + # yes, the hardware clock is UTC + writeconf "UTC" + else # must be NO + writeconf "localtime" + fi + rm -f $TMP/utc +else + ### + ### use text prompts + ### + echo "Is the hardware clock set to Coordinated Universal Time (UTC/GMT)?" + echo "If it is, select 'y' here. If the hardware clock is set to the" + echo "current local time (this is how most PCs are set up), then say 'n'" + echo "here. If you are not sure what this is, you should answer 'n' here." + echo + echo -n "Is your hardware clock set to UTC ([y]es, [n]o)? " + read HEJAZ + + if [ "$HEJAZ" = "y" -o "$HEJAZ" = "Y" -o "$HEJAZ" = "YES" -o "$HEJAZ" = "yes" ]; then + # yes, the hardware clock is UTC + writeconf "UTC" + else + # default to localtime + writeconf "localtime" + fi +fi + +# Now set the correct timezone link: +if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then + ### + ### use color menus here + ### + dialog --title "TIMEZONE CONFIGURATION" --menu "Please select one of the following timezones for your machine:" 21 50 13 \ diff --git a/patches/source/glibc/timezone-scripts/parts/01 b/patches/source/glibc/timezone-scripts/parts/01 new file mode 100644 index 000000000..7fc8fb1d4 --- /dev/null +++ b/patches/source/glibc/timezone-scripts/parts/01 @@ -0,0 +1,1658 @@ +"US/Alaska" " " \ +"US/Aleutian" " " \ +"US/Arizona" " " \ +"US/Central" " " \ +"US/East-Indiana" " " \ +"US/Eastern" " " \ +"US/Hawaii" " " \ +"US/Indiana-Starke" " " \ +"US/Michigan" " " \ +"US/Mountain" " " \ +"US/Pacific" " " \ +"US/Pacific-New" " " \ +"US/Samoa" " " \ +"Africa/Abidjan" " " \ +"Africa/Accra" " " \ +"Africa/Addis_Ababa" " " \ +"Africa/Algiers" " " \ +"Africa/Asmera" " " \ +"Africa/Bamako" " " \ +"Africa/Bangui" " " \ +"Africa/Banjul" " " \ +"Africa/Bissau" " " \ +"Africa/Blantyre" " " \ +"Africa/Brazzaville" " " \ +"Africa/Bujumbura" " " \ +"Africa/Cairo" " " \ +"Africa/Casablanca" " " \ +"Africa/Ceuta" " " \ +"Africa/Conakry" " " \ +"Africa/Dakar" " " \ +"Africa/Dar_es_Salaam" " " \ +"Africa/Djibouti" " " \ +"Africa/Douala" " " \ +"Africa/El_Aaiun" " " \ +"Africa/Freetown" " " \ +"Africa/Gaborone" " " \ +"Africa/Harare" " " \ +"Africa/Johannesburg" " " \ +"Africa/Kampala" " " \ +"Africa/Khartoum" " " \ +"Africa/Kigali" " " \ +"Africa/Kinshasa" " " \ +"Africa/Lagos" " " \ +"Africa/Libreville" " " \ +"Africa/Lome" " " \ +"Africa/Luanda" " " \ +"Africa/Lubumbashi" " " \ +"Africa/Lusaka" " " \ +"Africa/Malabo" " " \ +"Africa/Maputo" " " \ +"Africa/Maseru" " " \ +"Africa/Mbabane" " " \ +"Africa/Mogadishu" " " \ +"Africa/Monrovia" " " \ +"Africa/Nairobi" " " \ +"Africa/Ndjamena" " " \ +"Africa/Niamey" " " \ +"Africa/Nouakchott" " " \ +"Africa/Ouagadougou" " " \ +"Africa/Porto-Novo" " " \ +"Africa/Sao_Tome" " " \ +"Africa/Timbuktu" " " \ +"Africa/Tripoli" " " \ +"Africa/Tunis" " " \ +"Africa/Windhoek" " " \ +"America/Adak" " " \ +"America/Anchorage" " " \ +"America/Anguilla" " " \ +"America/Antigua" " " \ +"America/Araguaina" " " \ +"America/Argentina/Buenos_Aires" " " \ +"America/Argentina/Catamarca" " " \ +"America/Argentina/ComodRivadavia" " " \ +"America/Argentina/Cordoba" " " \ +"America/Argentina/Jujuy" " " \ +"America/Argentina/La_Rioja" " " \ +"America/Argentina/Mendoza" " " \ +"America/Argentina/Rio_Gallegos" " " \ +"America/Argentina/San_Juan" " " \ +"America/Argentina/Tucuman" " " \ +"America/Argentina/Ushuaia" " " \ +"America/Aruba" " " \ +"America/Asuncion" " " \ +"America/Atikokan" " " \ +"America/Atka" " " \ +"America/Bahia" " " \ +"America/Barbados" " " \ +"America/Belem" " " \ +"America/Belize" " " \ +"America/Blanc-Sablon" " " \ +"America/Boa_Vista" " " \ +"America/Bogota" " " \ +"America/Boise" " " \ +"America/Buenos_Aires" " " \ +"America/Cambridge_Bay" " " \ +"America/Campo_Grande" " " \ +"America/Cancun" " " \ +"America/Caracas" " " \ +"America/Catamarca" " " \ +"America/Cayenne" " " \ +"America/Cayman" " " \ +"America/Chicago" " " \ +"America/Chihuahua" " " \ +"America/Coral_Harbour" " " \ +"America/Cordoba" " " \ +"America/Costa_Rica" " " \ +"America/Cuiaba" " " \ +"America/Curacao" " " \ +"America/Danmarkshavn" " " \ +"America/Dawson" " " \ +"America/Dawson_Creek" " " \ +"America/Denver" " " \ +"America/Detroit" " " \ +"America/Dominica" " " \ +"America/Edmonton" " " \ +"America/Eirunepe" " " \ +"America/El_Salvador" " " \ +"America/Ensenada" " " \ +"America/Fort_Wayne" " " \ +"America/Fortaleza" " " \ +"America/Glace_Bay" " " \ +"America/Godthab" " " \ +"America/Goose_Bay" " " \ +"America/Grand_Turk" " " \ +"America/Grenada" " " \ +"America/Guadeloupe" " " \ +"America/Guatemala" " " \ +"America/Guayaquil" " " \ +"America/Guyana" " " \ +"America/Halifax" " " \ +"America/Havana" " " \ +"America/Hermosillo" " " \ +"America/Indiana/Indianapolis" " " \ +"America/Indiana/Knox" " " \ +"America/Indiana/Marengo" " " \ +"America/Indiana/Petersburg" " " \ +"America/Indiana/Tell_City" " " \ +"America/Indiana/Vevay" " " \ +"America/Indiana/Vincennes" " " \ +"America/Indianapolis" " " \ +"America/Inuvik" " " \ +"America/Iqaluit" " " \ +"America/Jamaica" " " \ +"America/Jujuy" " " \ +"America/Juneau" " " \ +"America/Kentucky/Louisville" " " \ +"America/Kentucky/Monticello" " " \ +"America/Knox_IN" " " \ +"America/La_Paz" " " \ +"America/Lima" " " \ +"America/Los_Angeles" " " \ +"America/Louisville" " " \ +"America/Maceio" " " \ +"America/Managua" " " \ +"America/Manaus" " " \ +"America/Martinique" " " \ +"America/Mazatlan" " " \ +"America/Mendoza" " " \ +"America/Menominee" " " \ +"America/Merida" " " \ +"America/Mexico_City" " " \ +"America/Miquelon" " " \ +"America/Moncton" " " \ +"America/Monterrey" " " \ +"America/Montevideo" " " \ +"America/Montreal" " " \ +"America/Montserrat" " " \ +"America/Nassau" " " \ +"America/New_York" " " \ +"America/Nipigon" " " \ +"America/Nome" " " \ +"America/Noronha" " " \ +"America/North_Dakota/Center" " " \ +"America/North_Dakota/New_Salem" " " \ +"America/Panama" " " \ +"America/Pangnirtung" " " \ +"America/Paramaribo" " " \ +"America/Phoenix" " " \ +"America/Port-au-Prince" " " \ +"America/Port_of_Spain" " " \ +"America/Porto_Acre" " " \ +"America/Porto_Velho" " " \ +"America/Puerto_Rico" " " \ +"America/Rainy_River" " " \ +"America/Rankin_Inlet" " " \ +"America/Recife" " " \ +"America/Regina" " " \ +"America/Rio_Branco" " " \ +"America/Rosario" " " \ +"America/Santiago" " " \ +"America/Santo_Domingo" " " \ +"America/Sao_Paulo" " " \ +"America/Scoresbysund" " " \ +"America/Shiprock" " " \ +"America/St_Johns" " " \ +"America/St_Kitts" " " \ +"America/St_Lucia" " " \ +"America/St_Thomas" " " \ +"America/St_Vincent" " " \ +"America/Swift_Current" " " \ +"America/Tegucigalpa" " " \ +"America/Thule" " " \ +"America/Thunder_Bay" " " \ +"America/Tijuana" " " \ +"America/Toronto" " " \ +"America/Tortola" " " \ +"America/Vancouver" " " \ +"America/Virgin" " " \ +"America/Whitehorse" " " \ +"America/Winnipeg" " " \ +"America/Yakutat" " " \ +"America/Yellowknife" " " \ +"Antarctica/Casey" " " \ +"Antarctica/Davis" " " \ +"Antarctica/DumontDUrville" " " \ +"Antarctica/Mawson" " " \ +"Antarctica/McMurdo" " " \ +"Antarctica/Palmer" " " \ +"Antarctica/Rothera" " " \ +"Antarctica/South_Pole" " " \ +"Antarctica/Syowa" " " \ +"Antarctica/Troll" " " \ +"Antarctica/Vostok" " " \ +"Arctic/Longyearbyen" " " \ +"Asia/Aden" " " \ +"Asia/Almaty" " " \ +"Asia/Amman" " " \ +"Asia/Anadyr" " " \ +"Asia/Aqtau" " " \ +"Asia/Aqtobe" " " \ +"Asia/Ashgabat" " " \ +"Asia/Ashkhabad" " " \ +"Asia/Baghdad" " " \ +"Asia/Bahrain" " " \ +"Asia/Baku" " " \ +"Asia/Bangkok" " " \ +"Asia/Beirut" " " \ +"Asia/Bishkek" " " \ +"Asia/Brunei" " " \ +"Asia/Calcutta" " " \ +"Asia/Chita" " " \ +"Asia/Choibalsan" " " \ +"Asia/Chongqing" " " \ +"Asia/Chungking" " " \ +"Asia/Colombo" " " \ +"Asia/Dacca" " " \ +"Asia/Damascus" " " \ +"Asia/Dhaka" " " \ +"Asia/Dili" " " \ +"Asia/Dubai" " " \ +"Asia/Dushanbe" " " \ +"Asia/Gaza" " " \ +"Asia/Harbin" " " \ +"Asia/Hong_Kong" " " \ +"Asia/Hovd" " " \ +"Asia/Irkutsk" " " \ +"Asia/Istanbul" " " \ +"Asia/Jakarta" " " \ +"Asia/Jayapura" " " \ +"Asia/Jerusalem" " " \ +"Asia/Kabul" " " \ +"Asia/Kamchatka" " " \ +"Asia/Karachi" " " \ +"Asia/Kashgar" " " \ +"Asia/Katmandu" " " \ +"Asia/Khandyga" " " \ +"Asia/Khandyga" " " \ +"Asia/Krasnoyarsk" " " \ +"Asia/Kuala_Lumpur" " " \ +"Asia/Kuching" " " \ +"Asia/Kuwait" " " \ +"Asia/Macao" " " \ +"Asia/Macau" " " \ +"Asia/Magadan" " " \ +"Asia/Makassar" " " \ +"Asia/Manila" " " \ +"Asia/Muscat" " " \ +"Asia/Nicosia" " " \ +"Asia/Novosibirsk" " " \ +"Asia/Omsk" " " \ +"Asia/Oral" " " \ +"Asia/Phnom_Penh" " " \ +"Asia/Pontianak" " " \ +"Asia/Pyongyang" " " \ +"Asia/Qatar" " " \ +"Asia/Qyzylorda" " " \ +"Asia/Rangoon" " " \ +"Asia/Riyadh" " " \ +"Asia/Saigon" " " \ +"Asia/Sakhalin" " " \ +"Asia/Samarkand" " " \ +"Asia/Seoul" " " \ +"Asia/Shanghai" " " \ +"Asia/Singapore" " " \ +"Asia/Srednekolymsk" " " \ +"Asia/Taipei" " " \ +"Asia/Tashkent" " " \ +"Asia/Tbilisi" " " \ +"Asia/Tehran" " " \ +"Asia/Tel_Aviv" " " \ +"Asia/Thimbu" " " \ +"Asia/Thimphu" " " \ +"Asia/Tokyo" " " \ +"Asia/Ujung_Pandang" " " \ +"Asia/Ulaanbaatar" " " \ +"Asia/Ulan_Bator" " " \ +"Asia/Urumqi" " " \ +"Asia/Ust-Nera" " " \ +"Asia/Vientiane" " " \ +"Asia/Vladivostok" " " \ +"Asia/Yakutsk" " " \ +"Asia/Yekaterinburg" " " \ +"Asia/Yerevan" " " \ +"Atlantic/Azores" " " \ +"Atlantic/Bermuda" " " \ +"Atlantic/Canary" " " \ +"Atlantic/Cape_Verde" " " \ +"Atlantic/Faeroe" " " \ +"Atlantic/Jan_Mayen" " " \ +"Atlantic/Madeira" " " \ +"Atlantic/Reykjavik" " " \ +"Atlantic/South_Georgia" " " \ +"Atlantic/St_Helena" " " \ +"Atlantic/Stanley" " " \ +"Australia/ACT" " " \ +"Australia/Adelaide" " " \ +"Australia/Brisbane" " " \ +"Australia/Broken_Hill" " " \ +"Australia/Canberra" " " \ +"Australia/Currie" " " \ +"Australia/Darwin" " " \ +"Australia/Hobart" " " \ +"Australia/LHI" " " \ +"Australia/Lindeman" " " \ +"Australia/Lord_Howe" " " \ +"Australia/Melbourne" " " \ +"Australia/NSW" " " \ +"Australia/North" " " \ +"Australia/Perth" " " \ +"Australia/Queensland" " " \ +"Australia/South" " " \ +"Australia/Sydney" " " \ +"Australia/Tasmania" " " \ +"Australia/Victoria" " " \ +"Australia/West" " " \ +"Australia/Yancowinna" " " \ +"Brazil/Acre" " " \ +"Brazil/DeNoronha" " " \ +"Brazil/East" " " \ +"Brazil/West" " " \ +"CET" " " \ +"CST6CDT" " " \ +"Canada/Atlantic" " " \ +"Canada/Central" " " \ +"Canada/East-Saskatchewan" " " \ +"Canada/Eastern" " " \ +"Canada/Mountain" " " \ +"Canada/Newfoundland" " " \ +"Canada/Pacific" " " \ +"Canada/Saskatchewan" " " \ +"Canada/Yukon" " " \ +"Chile/Continental" " " \ +"Chile/EasterIsland" " " \ +"Cuba" " " \ +"EET" " " \ +"EST" " " \ +"EST5EDT" " " \ +"Egypt" " " \ +"Eire" " " \ +"Etc/GMT" " " \ +"Etc/GMT+0" " " \ +"Etc/GMT+1" " " \ +"Etc/GMT+10" " " \ +"Etc/GMT+11" " " \ +"Etc/GMT+12" " " \ +"Etc/GMT+2" " " \ +"Etc/GMT+3" " " \ +"Etc/GMT+4" " " \ +"Etc/GMT+5" " " \ +"Etc/GMT+6" " " \ +"Etc/GMT+7" " " \ +"Etc/GMT+8" " " \ +"Etc/GMT+9" " " \ +"Etc/GMT-0" " " \ +"Etc/GMT-1" " " \ +"Etc/GMT-10" " " \ +"Etc/GMT-11" " " \ +"Etc/GMT-12" " " \ +"Etc/GMT-13" " " \ +"Etc/GMT-14" " " \ +"Etc/GMT-2" " " \ +"Etc/GMT-3" " " \ +"Etc/GMT-4" " " \ +"Etc/GMT-5" " " \ +"Etc/GMT-6" " " \ +"Etc/GMT-7" " " \ +"Etc/GMT-8" " " \ +"Etc/GMT-9" " " \ +"Etc/GMT0" " " \ +"Etc/Greenwich" " " \ +"Etc/UCT" " " \ +"Etc/UTC" " " \ +"Etc/Universal" " " \ +"Etc/Zulu" " " \ +"Europe/Amsterdam" " " \ +"Europe/Andorra" " " \ +"Europe/Athens" " " \ +"Europe/Belfast" " " \ +"Europe/Belgrade" " " \ +"Europe/Berlin" " " \ +"Europe/Bratislava" " " \ +"Europe/Brussels" " " \ +"Europe/Bucharest" " " \ +"Europe/Budapest" " " \ +"Europe/Busingen" " " \ +"Europe/Chisinau" " " \ +"Europe/Copenhagen" " " \ +"Europe/Dublin" " " \ +"Europe/Gibraltar" " " \ +"Europe/Guernsey" " " \ +"Europe/Helsinki" " " \ +"Europe/Isle_of_Man" " " \ +"Europe/Istanbul" " " \ +"Europe/Jersey" " " \ +"Europe/Kaliningrad" " " \ +"Europe/Kiev" " " \ +"Europe/Lisbon" " " \ +"Europe/Ljubljana" " " \ +"Europe/London" " " \ +"Europe/Luxembourg" " " \ +"Europe/Madrid" " " \ +"Europe/Malta" " " \ +"Europe/Mariehamn" " " \ +"Europe/Minsk" " " \ +"Europe/Monaco" " " \ +"Europe/Moscow" " " \ +"Europe/Nicosia" " " \ +"Europe/Oslo" " " \ +"Europe/Paris" " " \ +"Europe/Podgorica" " " \ +"Europe/Prague" " " \ +"Europe/Riga" " " \ +"Europe/Rome" " " \ +"Europe/Samara" " " \ +"Europe/San_Marino" " " \ +"Europe/Sarajevo" " " \ +"Europe/Simferopol" " " \ +"Europe/Skopje" " " \ +"Europe/Sofia" " " \ +"Europe/Stockholm" " " \ +"Europe/Tallinn" " " \ +"Europe/Tirane" " " \ +"Europe/Tiraspol" " " \ +"Europe/Uzhgorod" " " \ +"Europe/Vaduz" " " \ +"Europe/Vatican" " " \ +"Europe/Vienna" " " \ +"Europe/Vilnius" " " \ +"Europe/Volgograd" " " \ +"Europe/Warsaw" " " \ +"Europe/Zagreb" " " \ +"Europe/Zaporozhye" " " \ +"Europe/Zurich" " " \ +"Factory" " " \ +"GB" " " \ +"GB-Eire" " " \ +"GMT" " " \ +"GMT+0" " " \ +"GMT-0" " " \ +"GMT0" " " \ +"Greenwich" " " \ +"HST" " " \ +"Hongkong" " " \ +"Iceland" " " \ +"Indian/Antananarivo" " " \ +"Indian/Chagos" " " \ +"Indian/Christmas" " " \ +"Indian/Cocos" " " \ +"Indian/Comoro" " " \ +"Indian/Kerguelen" " " \ +"Indian/Mahe" " " \ +"Indian/Maldives" " " \ +"Indian/Mauritius" " " \ +"Indian/Mayotte" " " \ +"Indian/Reunion" " " \ +"Iran" " " \ +"Israel" " " \ +"Jamaica" " " \ +"Japan" " " \ +"Kwajalein" " " \ +"Libya" " " \ +"MET" " " \ +"MST" " " \ +"MST7MDT" " " \ +"Mexico/BajaNorte" " " \ +"Mexico/BajaSur" " " \ +"Mexico/General" " " \ +"NZ" " " \ +"NZ-CHAT" " " \ +"Navajo" " " \ +"PRC" " " \ +"PST8PDT" " " \ +"Pacific/Apia" " " \ +"Pacific/Auckland" " " \ +"Pacific/Bougainville" " " \ +"Pacific/Chatham" " " \ +"Pacific/Easter" " " \ +"Pacific/Efate" " " \ +"Pacific/Enderbury" " " \ +"Pacific/Fakaofo" " " \ +"Pacific/Fiji" " " \ +"Pacific/Funafuti" " " \ +"Pacific/Galapagos" " " \ +"Pacific/Gambier" " " \ +"Pacific/Guadalcanal" " " \ +"Pacific/Guam" " " \ +"Pacific/Honolulu" " " \ +"Pacific/Johnston" " " \ +"Pacific/Kiritimati" " " \ +"Pacific/Kosrae" " " \ +"Pacific/Kwajalein" " " \ +"Pacific/Majuro" " " \ +"Pacific/Marquesas" " " \ +"Pacific/Midway" " " \ +"Pacific/Nauru" " " \ +"Pacific/Niue" " " \ +"Pacific/Norfolk" " " \ +"Pacific/Noumea" " " \ +"Pacific/Pago_Pago" " " \ +"Pacific/Palau" " " \ +"Pacific/Pitcairn" " " \ +"Pacific/Ponape" " " \ +"Pacific/Port_Moresby" " " \ +"Pacific/Rarotonga" " " \ +"Pacific/Saipan" " " \ +"Pacific/Samoa" " " \ +"Pacific/Tahiti" " " \ +"Pacific/Tarawa" " " \ +"Pacific/Tongatapu" " " \ +"Pacific/Truk" " " \ +"Pacific/Wake" " " \ +"Pacific/Wallis" " " \ +"Pacific/Yap" " " \ +"Poland" " " \ +"Portugal" " " \ +"ROC" " " \ +"ROK" " " \ +"Singapore" " " \ +"Turkey" " " \ +"UCT" " " \ +"UTC" " " \ +"Universal" " " \ +"W-SU" " " \ +"WET" " " \ +"Zulu" " " \ +"posix/Africa/Abidjan" " " \ +"posix/Africa/Accra" " " \ +"posix/Africa/Addis_Ababa" " " \ +"posix/Africa/Algiers" " " \ +"posix/Africa/Asmera" " " \ +"posix/Africa/Bamako" " " \ +"posix/Africa/Bangui" " " \ +"posix/Africa/Banjul" " " \ +"posix/Africa/Bissau" " " \ +"posix/Africa/Blantyre" " " \ +"posix/Africa/Brazzaville" " " \ +"posix/Africa/Bujumbura" " " \ +"posix/Africa/Cairo" " " \ +"posix/Africa/Casablanca" " " \ +"posix/Africa/Ceuta" " " \ +"posix/Africa/Conakry" " " \ +"posix/Africa/Dakar" " " \ +"posix/Africa/Dar_es_Salaam" " " \ +"posix/Africa/Djibouti" " " \ +"posix/Africa/Douala" " " \ +"posix/Africa/El_Aaiun" " " \ +"posix/Africa/Freetown" " " \ +"posix/Africa/Gaborone" " " \ +"posix/Africa/Harare" " " \ +"posix/Africa/Johannesburg" " " \ +"posix/Africa/Kampala" " " \ +"posix/Africa/Khartoum" " " \ +"posix/Africa/Kigali" " " \ +"posix/Africa/Kinshasa" " " \ +"posix/Africa/Lagos" " " \ +"posix/Africa/Libreville" " " \ +"posix/Africa/Lome" " " \ +"posix/Africa/Luanda" " " \ +"posix/Africa/Lubumbashi" " " \ +"posix/Africa/Lusaka" " " \ +"posix/Africa/Malabo" " " \ +"posix/Africa/Maputo" " " \ +"posix/Africa/Maseru" " " \ +"posix/Africa/Mbabane" " " \ +"posix/Africa/Mogadishu" " " \ +"posix/Africa/Monrovia" " " \ +"posix/Africa/Nairobi" " " \ +"posix/Africa/Ndjamena" " " \ +"posix/Africa/Niamey" " " \ +"posix/Africa/Nouakchott" " " \ +"posix/Africa/Ouagadougou" " " \ +"posix/Africa/Porto-Novo" " " \ +"posix/Africa/Sao_Tome" " " \ +"posix/Africa/Timbuktu" " " \ +"posix/Africa/Tripoli" " " \ +"posix/Africa/Tunis" " " \ +"posix/Africa/Windhoek" " " \ +"posix/America/Adak" " " \ +"posix/America/Anchorage" " " \ +"posix/America/Anguilla" " " \ +"posix/America/Antigua" " " \ +"posix/America/Araguaina" " " \ +"posix/America/Argentina/Buenos_Aires" " " \ +"posix/America/Argentina/Catamarca" " " \ +"posix/America/Argentina/ComodRivadavia" " " \ +"posix/America/Argentina/Cordoba" " " \ +"posix/America/Argentina/Jujuy" " " \ +"posix/America/Argentina/La_Rioja" " " \ +"posix/America/Argentina/Mendoza" " " \ +"posix/America/Argentina/Rio_Gallegos" " " \ +"posix/America/Argentina/San_Juan" " " \ +"posix/America/Argentina/Tucuman" " " \ +"posix/America/Argentina/Ushuaia" " " \ +"posix/America/Aruba" " " \ +"posix/America/Asuncion" " " \ +"posix/America/Atikokan" " " \ +"posix/America/Atka" " " \ +"posix/America/Bahia" " " \ +"posix/America/Barbados" " " \ +"posix/America/Belem" " " \ +"posix/America/Belize" " " \ +"posix/America/Blanc-Sablon" " " \ +"posix/America/Boa_Vista" " " \ +"posix/America/Bogota" " " \ +"posix/America/Boise" " " \ +"posix/America/Buenos_Aires" " " \ +"posix/America/Cambridge_Bay" " " \ +"posix/America/Campo_Grande" " " \ +"posix/America/Cancun" " " \ +"posix/America/Caracas" " " \ +"posix/America/Catamarca" " " \ +"posix/America/Cayenne" " " \ +"posix/America/Cayman" " " \ +"posix/America/Chicago" " " \ +"posix/America/Chihuahua" " " \ +"posix/America/Coral_Harbour" " " \ +"posix/America/Cordoba" " " \ +"posix/America/Costa_Rica" " " \ +"posix/America/Cuiaba" " " \ +"posix/America/Curacao" " " \ +"posix/America/Danmarkshavn" " " \ +"posix/America/Dawson" " " \ +"posix/America/Dawson_Creek" " " \ +"posix/America/Denver" " " \ +"posix/America/Detroit" " " \ +"posix/America/Dominica" " " \ +"posix/America/Edmonton" " " \ +"posix/America/Eirunepe" " " \ +"posix/America/El_Salvador" " " \ +"posix/America/Ensenada" " " \ +"posix/America/Fort_Wayne" " " \ +"posix/America/Fortaleza" " " \ +"posix/America/Glace_Bay" " " \ +"posix/America/Godthab" " " \ +"posix/America/Goose_Bay" " " \ +"posix/America/Grand_Turk" " " \ +"posix/America/Grenada" " " \ +"posix/America/Guadeloupe" " " \ +"posix/America/Guatemala" " " \ +"posix/America/Guayaquil" " " \ +"posix/America/Guyana" " " \ +"posix/America/Halifax" " " \ +"posix/America/Havana" " " \ +"posix/America/Hermosillo" " " \ +"posix/America/Indiana/Indianapolis" " " \ +"posix/America/Indiana/Knox" " " \ +"posix/America/Indiana/Marengo" " " \ +"posix/America/Indiana/Petersburg" " " \ +"posix/America/Indiana/Tell_City" " " \ +"posix/America/Indiana/Vevay" " " \ +"posix/America/Indiana/Vincennes" " " \ +"posix/America/Indianapolis" " " \ +"posix/America/Inuvik" " " \ +"posix/America/Iqaluit" " " \ +"posix/America/Jamaica" " " \ +"posix/America/Jujuy" " " \ +"posix/America/Juneau" " " \ +"posix/America/Kentucky/Louisville" " " \ +"posix/America/Kentucky/Monticello" " " \ +"posix/America/Knox_IN" " " \ +"posix/America/La_Paz" " " \ +"posix/America/Lima" " " \ +"posix/America/Los_Angeles" " " \ +"posix/America/Louisville" " " \ +"posix/America/Maceio" " " \ +"posix/America/Managua" " " \ +"posix/America/Manaus" " " \ +"posix/America/Martinique" " " \ +"posix/America/Mazatlan" " " \ +"posix/America/Mendoza" " " \ +"posix/America/Menominee" " " \ +"posix/America/Merida" " " \ +"posix/America/Mexico_City" " " \ +"posix/America/Miquelon" " " \ +"posix/America/Moncton" " " \ +"posix/America/Monterrey" " " \ +"posix/America/Montevideo" " " \ +"posix/America/Montreal" " " \ +"posix/America/Montserrat" " " \ +"posix/America/Nassau" " " \ +"posix/America/New_York" " " \ +"posix/America/Nipigon" " " \ +"posix/America/Nome" " " \ +"posix/America/Noronha" " " \ +"posix/America/North_Dakota/Center" " " \ +"posix/America/North_Dakota/New_Salem" " " \ +"posix/America/Panama" " " \ +"posix/America/Pangnirtung" " " \ +"posix/America/Paramaribo" " " \ +"posix/America/Phoenix" " " \ +"posix/America/Port-au-Prince" " " \ +"posix/America/Port_of_Spain" " " \ +"posix/America/Porto_Acre" " " \ +"posix/America/Porto_Velho" " " \ +"posix/America/Puerto_Rico" " " \ +"posix/America/Rainy_River" " " \ +"posix/America/Rankin_Inlet" " " \ +"posix/America/Recife" " " \ +"posix/America/Regina" " " \ +"posix/America/Rio_Branco" " " \ +"posix/America/Rosario" " " \ +"posix/America/Santiago" " " \ +"posix/America/Santo_Domingo" " " \ +"posix/America/Sao_Paulo" " " \ +"posix/America/Scoresbysund" " " \ +"posix/America/Shiprock" " " \ +"posix/America/St_Johns" " " \ +"posix/America/St_Kitts" " " \ +"posix/America/St_Lucia" " " \ +"posix/America/St_Thomas" " " \ +"posix/America/St_Vincent" " " \ +"posix/America/Swift_Current" " " \ +"posix/America/Tegucigalpa" " " \ +"posix/America/Thule" " " \ +"posix/America/Thunder_Bay" " " \ +"posix/America/Tijuana" " " \ +"posix/America/Toronto" " " \ +"posix/America/Tortola" " " \ +"posix/America/Vancouver" " " \ +"posix/America/Virgin" " " \ +"posix/America/Whitehorse" " " \ +"posix/America/Winnipeg" " " \ +"posix/America/Yakutat" " " \ +"posix/America/Yellowknife" " " \ +"posix/Antarctica/Casey" " " \ +"posix/Antarctica/Davis" " " \ +"posix/Antarctica/DumontDUrville" " " \ +"posix/Antarctica/Mawson" " " \ +"posix/Antarctica/McMurdo" " " \ +"posix/Antarctica/Palmer" " " \ +"posix/Antarctica/Rothera" " " \ +"posix/Antarctica/South_Pole" " " \ +"posix/Antarctica/Syowa" " " \ +"posix/Antarctica/Troll" " " \ +"posix/Antarctica/Vostok" " " \ +"posix/Arctic/Longyearbyen" " " \ +"posix/Asia/Aden" " " \ +"posix/Asia/Almaty" " " \ +"posix/Asia/Amman" " " \ +"posix/Asia/Anadyr" " " \ +"posix/Asia/Aqtau" " " \ +"posix/Asia/Aqtobe" " " \ +"posix/Asia/Ashgabat" " " \ +"posix/Asia/Ashkhabad" " " \ +"posix/Asia/Baghdad" " " \ +"posix/Asia/Bahrain" " " \ +"posix/Asia/Baku" " " \ +"posix/Asia/Bangkok" " " \ +"posix/Asia/Beirut" " " \ +"posix/Asia/Bishkek" " " \ +"posix/Asia/Brunei" " " \ +"posix/Asia/Calcutta" " " \ +"posix/Asia/Chita" " " \ +"posix/Asia/Choibalsan" " " \ +"posix/Asia/Chongqing" " " \ +"posix/Asia/Chungking" " " \ +"posix/Asia/Colombo" " " \ +"posix/Asia/Dacca" " " \ +"posix/Asia/Damascus" " " \ +"posix/Asia/Dhaka" " " \ +"posix/Asia/Dili" " " \ +"posix/Asia/Dubai" " " \ +"posix/Asia/Dushanbe" " " \ +"posix/Asia/Gaza" " " \ +"posix/Asia/Harbin" " " \ +"posix/Asia/Hong_Kong" " " \ +"posix/Asia/Hovd" " " \ +"posix/Asia/Irkutsk" " " \ +"posix/Asia/Istanbul" " " \ +"posix/Asia/Jakarta" " " \ +"posix/Asia/Jayapura" " " \ +"posix/Asia/Jerusalem" " " \ +"posix/Asia/Kabul" " " \ +"posix/Asia/Kamchatka" " " \ +"posix/Asia/Karachi" " " \ +"posix/Asia/Kashgar" " " \ +"posix/Asia/Katmandu" " " \ +"posix/Asia/Krasnoyarsk" " " \ +"posix/Asia/Kuala_Lumpur" " " \ +"posix/Asia/Kuching" " " \ +"posix/Asia/Kuwait" " " \ +"posix/Asia/Macao" " " \ +"posix/Asia/Macau" " " \ +"posix/Asia/Magadan" " " \ +"posix/Asia/Makassar" " " \ +"posix/Asia/Manila" " " \ +"posix/Asia/Muscat" " " \ +"posix/Asia/Nicosia" " " \ +"posix/Asia/Novosibirsk" " " \ +"posix/Asia/Omsk" " " \ +"posix/Asia/Oral" " " \ +"posix/Asia/Phnom_Penh" " " \ +"posix/Asia/Pontianak" " " \ +"posix/Asia/Pyongyang" " " \ +"posix/Asia/Qatar" " " \ +"posix/Asia/Qyzylorda" " " \ +"posix/Asia/Rangoon" " " \ +"posix/Asia/Riyadh" " " \ +"posix/Asia/Saigon" " " \ +"posix/Asia/Sakhalin" " " \ +"posix/Asia/Samarkand" " " \ +"posix/Asia/Seoul" " " \ +"posix/Asia/Shanghai" " " \ +"posix/Asia/Singapore" " " \ +"posix/Asia/Srednekolymsk" " " \ +"posix/Asia/Taipei" " " \ +"posix/Asia/Tashkent" " " \ +"posix/Asia/Tbilisi" " " \ +"posix/Asia/Tehran" " " \ +"posix/Asia/Tel_Aviv" " " \ +"posix/Asia/Thimbu" " " \ +"posix/Asia/Thimphu" " " \ +"posix/Asia/Tokyo" " " \ +"posix/Asia/Ujung_Pandang" " " \ +"posix/Asia/Ulaanbaatar" " " \ +"posix/Asia/Ulan_Bator" " " \ +"posix/Asia/Urumqi" " " \ +"posix/Asia/Vientiane" " " \ +"posix/Asia/Vladivostok" " " \ +"posix/Asia/Yakutsk" " " \ +"posix/Asia/Yekaterinburg" " " \ +"posix/Asia/Yerevan" " " \ +"posix/Atlantic/Azores" " " \ +"posix/Atlantic/Bermuda" " " \ +"posix/Atlantic/Canary" " " \ +"posix/Atlantic/Cape_Verde" " " \ +"posix/Atlantic/Faeroe" " " \ +"posix/Atlantic/Jan_Mayen" " " \ +"posix/Atlantic/Madeira" " " \ +"posix/Atlantic/Reykjavik" " " \ +"posix/Atlantic/South_Georgia" " " \ +"posix/Atlantic/St_Helena" " " \ +"posix/Atlantic/Stanley" " " \ +"posix/Australia/ACT" " " \ +"posix/Australia/Adelaide" " " \ +"posix/Australia/Brisbane" " " \ +"posix/Australia/Broken_Hill" " " \ +"posix/Australia/Canberra" " " \ +"posix/Australia/Currie" " " \ +"posix/Australia/Darwin" " " \ +"posix/Australia/Hobart" " " \ +"posix/Australia/LHI" " " \ +"posix/Australia/Lindeman" " " \ +"posix/Australia/Lord_Howe" " " \ +"posix/Australia/Melbourne" " " \ +"posix/Australia/NSW" " " \ +"posix/Australia/North" " " \ +"posix/Australia/Perth" " " \ +"posix/Australia/Queensland" " " \ +"posix/Australia/South" " " \ +"posix/Australia/Sydney" " " \ +"posix/Australia/Tasmania" " " \ +"posix/Australia/Victoria" " " \ +"posix/Australia/West" " " \ +"posix/Australia/Yancowinna" " " \ +"posix/Brazil/Acre" " " \ +"posix/Brazil/DeNoronha" " " \ +"posix/Brazil/East" " " \ +"posix/Brazil/West" " " \ +"posix/CET" " " \ +"posix/CST6CDT" " " \ +"posix/Canada/Atlantic" " " \ +"posix/Canada/Central" " " \ +"posix/Canada/East-Saskatchewan" " " \ +"posix/Canada/Eastern" " " \ +"posix/Canada/Mountain" " " \ +"posix/Canada/Newfoundland" " " \ +"posix/Canada/Pacific" " " \ +"posix/Canada/Saskatchewan" " " \ +"posix/Canada/Yukon" " " \ +"posix/Chile/Continental" " " \ +"posix/Chile/EasterIsland" " " \ +"posix/Cuba" " " \ +"posix/EET" " " \ +"posix/EST" " " \ +"posix/EST5EDT" " " \ +"posix/Egypt" " " \ +"posix/Eire" " " \ +"posix/Etc/GMT" " " \ +"posix/Etc/GMT+0" " " \ +"posix/Etc/GMT+1" " " \ +"posix/Etc/GMT+10" " " \ +"posix/Etc/GMT+11" " " \ +"posix/Etc/GMT+12" " " \ +"posix/Etc/GMT+2" " " \ +"posix/Etc/GMT+3" " " \ +"posix/Etc/GMT+4" " " \ +"posix/Etc/GMT+5" " " \ +"posix/Etc/GMT+6" " " \ +"posix/Etc/GMT+7" " " \ +"posix/Etc/GMT+8" " " \ +"posix/Etc/GMT+9" " " \ +"posix/Etc/GMT-0" " " \ +"posix/Etc/GMT-1" " " \ +"posix/Etc/GMT-10" " " \ +"posix/Etc/GMT-11" " " \ +"posix/Etc/GMT-12" " " \ +"posix/Etc/GMT-13" " " \ +"posix/Etc/GMT-14" " " \ +"posix/Etc/GMT-2" " " \ +"posix/Etc/GMT-3" " " \ +"posix/Etc/GMT-4" " " \ +"posix/Etc/GMT-5" " " \ +"posix/Etc/GMT-6" " " \ +"posix/Etc/GMT-7" " " \ +"posix/Etc/GMT-8" " " \ +"posix/Etc/GMT-9" " " \ +"posix/Etc/GMT0" " " \ +"posix/Etc/Greenwich" " " \ +"posix/Etc/UCT" " " \ +"posix/Etc/UTC" " " \ +"posix/Etc/Universal" " " \ +"posix/Etc/Zulu" " " \ +"posix/Europe/Amsterdam" " " \ +"posix/Europe/Andorra" " " \ +"posix/Europe/Athens" " " \ +"posix/Europe/Belfast" " " \ +"posix/Europe/Belgrade" " " \ +"posix/Europe/Berlin" " " \ +"posix/Europe/Bratislava" " " \ +"posix/Europe/Brussels" " " \ +"posix/Europe/Bucharest" " " \ +"posix/Europe/Budapest" " " \ +"posix/Europe/Chisinau" " " \ +"posix/Europe/Copenhagen" " " \ +"posix/Europe/Dublin" " " \ +"posix/Europe/Gibraltar" " " \ +"posix/Europe/Guernsey" " " \ +"posix/Europe/Helsinki" " " \ +"posix/Europe/Isle_of_Man" " " \ +"posix/Europe/Istanbul" " " \ +"posix/Europe/Jersey" " " \ +"posix/Europe/Kaliningrad" " " \ +"posix/Europe/Kiev" " " \ +"posix/Europe/Lisbon" " " \ +"posix/Europe/Ljubljana" " " \ +"posix/Europe/London" " " \ +"posix/Europe/Luxembourg" " " \ +"posix/Europe/Madrid" " " \ +"posix/Europe/Malta" " " \ +"posix/Europe/Mariehamn" " " \ +"posix/Europe/Minsk" " " \ +"posix/Europe/Monaco" " " \ +"posix/Europe/Moscow" " " \ +"posix/Europe/Nicosia" " " \ +"posix/Europe/Oslo" " " \ +"posix/Europe/Paris" " " \ +"posix/Europe/Podgorica" " " \ +"posix/Europe/Prague" " " \ +"posix/Europe/Riga" " " \ +"posix/Europe/Rome" " " \ +"posix/Europe/Samara" " " \ +"posix/Europe/San_Marino" " " \ +"posix/Europe/Sarajevo" " " \ +"posix/Europe/Simferopol" " " \ +"posix/Europe/Skopje" " " \ +"posix/Europe/Sofia" " " \ +"posix/Europe/Stockholm" " " \ +"posix/Europe/Tallinn" " " \ +"posix/Europe/Tirane" " " \ +"posix/Europe/Tiraspol" " " \ +"posix/Europe/Uzhgorod" " " \ +"posix/Europe/Vaduz" " " \ +"posix/Europe/Vatican" " " \ +"posix/Europe/Vienna" " " \ +"posix/Europe/Vilnius" " " \ +"posix/Europe/Volgograd" " " \ +"posix/Europe/Warsaw" " " \ +"posix/Europe/Zagreb" " " \ +"posix/Europe/Zaporozhye" " " \ +"posix/Europe/Zurich" " " \ +"posix/Factory" " " \ +"posix/GB" " " \ +"posix/GB-Eire" " " \ +"posix/GMT" " " \ +"posix/GMT+0" " " \ +"posix/GMT-0" " " \ +"posix/GMT0" " " \ +"posix/Greenwich" " " \ +"posix/HST" " " \ +"posix/Hongkong" " " \ +"posix/Iceland" " " \ +"posix/Indian/Antananarivo" " " \ +"posix/Indian/Chagos" " " \ +"posix/Indian/Christmas" " " \ +"posix/Indian/Cocos" " " \ +"posix/Indian/Comoro" " " \ +"posix/Indian/Kerguelen" " " \ +"posix/Indian/Mahe" " " \ +"posix/Indian/Maldives" " " \ +"posix/Indian/Mauritius" " " \ +"posix/Indian/Mayotte" " " \ +"posix/Indian/Reunion" " " \ +"posix/Iran" " " \ +"posix/Israel" " " \ +"posix/Jamaica" " " \ +"posix/Japan" " " \ +"posix/Kwajalein" " " \ +"posix/Libya" " " \ +"posix/MET" " " \ +"posix/MST" " " \ +"posix/MST7MDT" " " \ +"posix/Mexico/BajaNorte" " " \ +"posix/Mexico/BajaSur" " " \ +"posix/Mexico/General" " " \ +"posix/NZ" " " \ +"posix/NZ-CHAT" " " \ +"posix/Navajo" " " \ +"posix/PRC" " " \ +"posix/PST8PDT" " " \ +"posix/Pacific/Apia" " " \ +"posix/Pacific/Auckland" " " \ +"posix/Pacific/Bougainville" " " \ +"posix/Pacific/Chatham" " " \ +"posix/Pacific/Easter" " " \ +"posix/Pacific/Efate" " " \ +"posix/Pacific/Enderbury" " " \ +"posix/Pacific/Fakaofo" " " \ +"posix/Pacific/Fiji" " " \ +"posix/Pacific/Funafuti" " " \ +"posix/Pacific/Galapagos" " " \ +"posix/Pacific/Gambier" " " \ +"posix/Pacific/Guadalcanal" " " \ +"posix/Pacific/Guam" " " \ +"posix/Pacific/Honolulu" " " \ +"posix/Pacific/Johnston" " " \ +"posix/Pacific/Kiritimati" " " \ +"posix/Pacific/Kosrae" " " \ +"posix/Pacific/Kwajalein" " " \ +"posix/Pacific/Majuro" " " \ +"posix/Pacific/Marquesas" " " \ +"posix/Pacific/Midway" " " \ +"posix/Pacific/Nauru" " " \ +"posix/Pacific/Niue" " " \ +"posix/Pacific/Norfolk" " " \ +"posix/Pacific/Noumea" " " \ +"posix/Pacific/Pago_Pago" " " \ +"posix/Pacific/Palau" " " \ +"posix/Pacific/Pitcairn" " " \ +"posix/Pacific/Ponape" " " \ +"posix/Pacific/Port_Moresby" " " \ +"posix/Pacific/Rarotonga" " " \ +"posix/Pacific/Saipan" " " \ +"posix/Pacific/Samoa" " " \ +"posix/Pacific/Tahiti" " " \ +"posix/Pacific/Tarawa" " " \ +"posix/Pacific/Tongatapu" " " \ +"posix/Pacific/Truk" " " \ +"posix/Pacific/Wake" " " \ +"posix/Pacific/Wallis" " " \ +"posix/Pacific/Yap" " " \ +"posix/Poland" " " \ +"posix/Portugal" " " \ +"posix/ROC" " " \ +"posix/ROK" " " \ +"posix/Singapore" " " \ +"posix/Turkey" " " \ +"posix/UCT" " " \ +"posix/US/Alaska" " " \ +"posix/US/Aleutian" " " \ +"posix/US/Arizona" " " \ +"posix/US/Central" " " \ +"posix/US/East-Indiana" " " \ +"posix/US/Eastern" " " \ +"posix/US/Hawaii" " " \ +"posix/US/Indiana-Starke" " " \ +"posix/US/Michigan" " " \ +"posix/US/Mountain" " " \ +"posix/US/Pacific" " " \ +"posix/US/Pacific-New" " " \ +"posix/US/Samoa" " " \ +"posix/UTC" " " \ +"posix/Universal" " " \ +"posix/W-SU" " " \ +"posix/WET" " " \ +"posix/Zulu" " " \ +"posixrules" " " \ +"right/Africa/Abidjan" " " \ +"right/Africa/Accra" " " \ +"right/Africa/Addis_Ababa" " " \ +"right/Africa/Algiers" " " \ +"right/Africa/Asmera" " " \ +"right/Africa/Bamako" " " \ +"right/Africa/Bangui" " " \ +"right/Africa/Banjul" " " \ +"right/Africa/Bissau" " " \ +"right/Africa/Blantyre" " " \ +"right/Africa/Brazzaville" " " \ +"right/Africa/Bujumbura" " " \ +"right/Africa/Cairo" " " \ +"right/Africa/Casablanca" " " \ +"right/Africa/Ceuta" " " \ +"right/Africa/Conakry" " " \ +"right/Africa/Dakar" " " \ +"right/Africa/Dar_es_Salaam" " " \ +"right/Africa/Djibouti" " " \ +"right/Africa/Douala" " " \ +"right/Africa/El_Aaiun" " " \ +"right/Africa/Freetown" " " \ +"right/Africa/Gaborone" " " \ +"right/Africa/Harare" " " \ +"right/Africa/Johannesburg" " " \ +"right/Africa/Kampala" " " \ +"right/Africa/Khartoum" " " \ +"right/Africa/Kigali" " " \ +"right/Africa/Kinshasa" " " \ +"right/Africa/Lagos" " " \ +"right/Africa/Libreville" " " \ +"right/Africa/Lome" " " \ +"right/Africa/Luanda" " " \ +"right/Africa/Lubumbashi" " " \ +"right/Africa/Lusaka" " " \ +"right/Africa/Malabo" " " \ +"right/Africa/Maputo" " " \ +"right/Africa/Maseru" " " \ +"right/Africa/Mbabane" " " \ +"right/Africa/Mogadishu" " " \ +"right/Africa/Monrovia" " " \ +"right/Africa/Nairobi" " " \ +"right/Africa/Ndjamena" " " \ +"right/Africa/Niamey" " " \ +"right/Africa/Nouakchott" " " \ +"right/Africa/Ouagadougou" " " \ +"right/Africa/Porto-Novo" " " \ +"right/Africa/Sao_Tome" " " \ +"right/Africa/Timbuktu" " " \ +"right/Africa/Tripoli" " " \ +"right/Africa/Tunis" " " \ +"right/Africa/Windhoek" " " \ +"right/America/Adak" " " \ +"right/America/Anchorage" " " \ +"right/America/Anguilla" " " \ +"right/America/Antigua" " " \ +"right/America/Araguaina" " " \ +"right/America/Argentina/Buenos_Aires" " " \ +"right/America/Argentina/Catamarca" " " \ +"right/America/Argentina/ComodRivadavia" " " \ +"right/America/Argentina/Cordoba" " " \ +"right/America/Argentina/Jujuy" " " \ +"right/America/Argentina/La_Rioja" " " \ +"right/America/Argentina/Mendoza" " " \ +"right/America/Argentina/Rio_Gallegos" " " \ +"right/America/Argentina/San_Juan" " " \ +"right/America/Argentina/Tucuman" " " \ +"right/America/Argentina/Ushuaia" " " \ +"right/America/Aruba" " " \ +"right/America/Asuncion" " " \ +"right/America/Atikokan" " " \ +"right/America/Atka" " " \ +"right/America/Bahia" " " \ +"right/America/Barbados" " " \ +"right/America/Belem" " " \ +"right/America/Belize" " " \ +"right/America/Blanc-Sablon" " " \ +"right/America/Boa_Vista" " " \ +"right/America/Bogota" " " \ +"right/America/Boise" " " \ +"right/America/Buenos_Aires" " " \ +"right/America/Cambridge_Bay" " " \ +"right/America/Campo_Grande" " " \ +"right/America/Cancun" " " \ +"right/America/Caracas" " " \ +"right/America/Catamarca" " " \ +"right/America/Cayenne" " " \ +"right/America/Cayman" " " \ +"right/America/Chicago" " " \ +"right/America/Chihuahua" " " \ +"right/America/Coral_Harbour" " " \ +"right/America/Cordoba" " " \ +"right/America/Costa_Rica" " " \ +"right/America/Cuiaba" " " \ +"right/America/Curacao" " " \ +"right/America/Danmarkshavn" " " \ +"right/America/Dawson" " " \ +"right/America/Dawson_Creek" " " \ +"right/America/Denver" " " \ +"right/America/Detroit" " " \ +"right/America/Dominica" " " \ +"right/America/Edmonton" " " \ +"right/America/Eirunepe" " " \ +"right/America/El_Salvador" " " \ +"right/America/Ensenada" " " \ +"right/America/Fort_Wayne" " " \ +"right/America/Fortaleza" " " \ +"right/America/Glace_Bay" " " \ +"right/America/Godthab" " " \ +"right/America/Goose_Bay" " " \ +"right/America/Grand_Turk" " " \ +"right/America/Grenada" " " \ +"right/America/Guadeloupe" " " \ +"right/America/Guatemala" " " \ +"right/America/Guayaquil" " " \ +"right/America/Guyana" " " \ +"right/America/Halifax" " " \ +"right/America/Havana" " " \ +"right/America/Hermosillo" " " \ +"right/America/Indiana/Indianapolis" " " \ +"right/America/Indiana/Knox" " " \ +"right/America/Indiana/Marengo" " " \ +"right/America/Indiana/Petersburg" " " \ +"right/America/Indiana/Tell_City" " " \ +"right/America/Indiana/Vevay" " " \ +"right/America/Indiana/Vincennes" " " \ +"right/America/Indianapolis" " " \ +"right/America/Inuvik" " " \ +"right/America/Iqaluit" " " \ +"right/America/Jamaica" " " \ +"right/America/Jujuy" " " \ +"right/America/Juneau" " " \ +"right/America/Kentucky/Louisville" " " \ +"right/America/Kentucky/Monticello" " " \ +"right/America/Knox_IN" " " \ +"right/America/La_Paz" " " \ +"right/America/Lima" " " \ +"right/America/Los_Angeles" " " \ +"right/America/Louisville" " " \ +"right/America/Maceio" " " \ +"right/America/Managua" " " \ +"right/America/Manaus" " " \ +"right/America/Martinique" " " \ +"right/America/Mazatlan" " " \ +"right/America/Mendoza" " " \ +"right/America/Menominee" " " \ +"right/America/Merida" " " \ +"right/America/Mexico_City" " " \ +"right/America/Miquelon" " " \ +"right/America/Moncton" " " \ +"right/America/Monterrey" " " \ +"right/America/Montevideo" " " \ +"right/America/Montreal" " " \ +"right/America/Montserrat" " " \ +"right/America/Nassau" " " \ +"right/America/New_York" " " \ +"right/America/Nipigon" " " \ +"right/America/Nome" " " \ +"right/America/Noronha" " " \ +"right/America/North_Dakota/Center" " " \ +"right/America/North_Dakota/New_Salem" " " \ +"right/America/Panama" " " \ +"right/America/Pangnirtung" " " \ +"right/America/Paramaribo" " " \ +"right/America/Phoenix" " " \ +"right/America/Port-au-Prince" " " \ +"right/America/Port_of_Spain" " " \ +"right/America/Porto_Acre" " " \ +"right/America/Porto_Velho" " " \ +"right/America/Puerto_Rico" " " \ +"right/America/Rainy_River" " " \ +"right/America/Rankin_Inlet" " " \ +"right/America/Recife" " " \ +"right/America/Regina" " " \ +"right/America/Rio_Branco" " " \ +"right/America/Rosario" " " \ +"right/America/Santiago" " " \ +"right/America/Santo_Domingo" " " \ +"right/America/Sao_Paulo" " " \ +"right/America/Scoresbysund" " " \ +"right/America/Shiprock" " " \ +"right/America/St_Johns" " " \ +"right/America/St_Kitts" " " \ +"right/America/St_Lucia" " " \ +"right/America/St_Thomas" " " \ +"right/America/St_Vincent" " " \ +"right/America/Swift_Current" " " \ +"right/America/Tegucigalpa" " " \ +"right/America/Thule" " " \ +"right/America/Thunder_Bay" " " \ +"right/America/Tijuana" " " \ +"right/America/Toronto" " " \ +"right/America/Tortola" " " \ +"right/America/Vancouver" " " \ +"right/America/Virgin" " " \ +"right/America/Whitehorse" " " \ +"right/America/Winnipeg" " " \ +"right/America/Yakutat" " " \ +"right/America/Yellowknife" " " \ +"right/Antarctica/Casey" " " \ +"right/Antarctica/Davis" " " \ +"right/Antarctica/DumontDUrville" " " \ +"right/Antarctica/Mawson" " " \ +"right/Antarctica/McMurdo" " " \ +"right/Antarctica/Palmer" " " \ +"right/Antarctica/Rothera" " " \ +"right/Antarctica/South_Pole" " " \ +"right/Antarctica/Syowa" " " \ +"right/Antarctica/Troll" " " \ +"right/Antarctica/Vostok" " " \ +"right/Arctic/Longyearbyen" " " \ +"right/Asia/Aden" " " \ +"right/Asia/Almaty" " " \ +"right/Asia/Amman" " " \ +"right/Asia/Anadyr" " " \ +"right/Asia/Aqtau" " " \ +"right/Asia/Aqtobe" " " \ +"right/Asia/Ashgabat" " " \ +"right/Asia/Ashkhabad" " " \ +"right/Asia/Baghdad" " " \ +"right/Asia/Bahrain" " " \ +"right/Asia/Baku" " " \ +"right/Asia/Bangkok" " " \ +"right/Asia/Beirut" " " \ +"right/Asia/Bishkek" " " \ +"right/Asia/Brunei" " " \ +"right/Asia/Calcutta" " " \ +"right/Asia/Chita" " " \ +"right/Asia/Choibalsan" " " \ +"right/Asia/Chongqing" " " \ +"right/Asia/Chungking" " " \ +"right/Asia/Colombo" " " \ +"right/Asia/Dacca" " " \ +"right/Asia/Damascus" " " \ +"right/Asia/Dhaka" " " \ +"right/Asia/Dili" " " \ +"right/Asia/Dubai" " " \ +"right/Asia/Dushanbe" " " \ +"right/Asia/Gaza" " " \ +"right/Asia/Harbin" " " \ +"right/Asia/Hong_Kong" " " \ +"right/Asia/Hovd" " " \ +"right/Asia/Irkutsk" " " \ +"right/Asia/Istanbul" " " \ +"right/Asia/Jakarta" " " \ +"right/Asia/Jayapura" " " \ +"right/Asia/Jerusalem" " " \ +"right/Asia/Kabul" " " \ +"right/Asia/Kamchatka" " " \ +"right/Asia/Karachi" " " \ +"right/Asia/Kashgar" " " \ +"right/Asia/Katmandu" " " \ +"right/Asia/Krasnoyarsk" " " \ +"right/Asia/Kuala_Lumpur" " " \ +"right/Asia/Kuching" " " \ +"right/Asia/Kuwait" " " \ +"right/Asia/Macao" " " \ +"right/Asia/Macau" " " \ +"right/Asia/Magadan" " " \ +"right/Asia/Makassar" " " \ +"right/Asia/Manila" " " \ +"right/Asia/Muscat" " " \ +"right/Asia/Nicosia" " " \ +"right/Asia/Novosibirsk" " " \ +"right/Asia/Omsk" " " \ +"right/Asia/Oral" " " \ +"right/Asia/Phnom_Penh" " " \ +"right/Asia/Pontianak" " " \ +"right/Asia/Pyongyang" " " \ +"right/Asia/Qatar" " " \ +"right/Asia/Qyzylorda" " " \ +"right/Asia/Rangoon" " " \ +"right/Asia/Riyadh" " " \ +"right/Asia/Saigon" " " \ +"right/Asia/Sakhalin" " " \ +"right/Asia/Samarkand" " " \ +"right/Asia/Seoul" " " \ +"right/Asia/Shanghai" " " \ +"right/Asia/Singapore" " " \ +"right/Asia/Srednekolymsk" " " \ +"right/Asia/Taipei" " " \ +"right/Asia/Tashkent" " " \ +"right/Asia/Tbilisi" " " \ +"right/Asia/Tehran" " " \ +"right/Asia/Tel_Aviv" " " \ +"right/Asia/Thimbu" " " \ +"right/Asia/Thimphu" " " \ +"right/Asia/Tokyo" " " \ +"right/Asia/Ujung_Pandang" " " \ +"right/Asia/Ulaanbaatar" " " \ +"right/Asia/Ulan_Bator" " " \ +"right/Asia/Urumqi" " " \ +"right/Asia/Vientiane" " " \ +"right/Asia/Vladivostok" " " \ +"right/Asia/Yakutsk" " " \ +"right/Asia/Yekaterinburg" " " \ +"right/Asia/Yerevan" " " \ +"right/Atlantic/Azores" " " \ +"right/Atlantic/Bermuda" " " \ +"right/Atlantic/Canary" " " \ +"right/Atlantic/Cape_Verde" " " \ +"right/Atlantic/Faeroe" " " \ +"right/Atlantic/Jan_Mayen" " " \ +"right/Atlantic/Madeira" " " \ +"right/Atlantic/Reykjavik" " " \ +"right/Atlantic/South_Georgia" " " \ +"right/Atlantic/St_Helena" " " \ +"right/Atlantic/Stanley" " " \ +"right/Australia/ACT" " " \ +"right/Australia/Adelaide" " " \ +"right/Australia/Brisbane" " " \ +"right/Australia/Broken_Hill" " " \ +"right/Australia/Canberra" " " \ +"right/Australia/Currie" " " \ +"right/Australia/Darwin" " " \ +"right/Australia/Hobart" " " \ +"right/Australia/LHI" " " \ +"right/Australia/Lindeman" " " \ +"right/Australia/Lord_Howe" " " \ +"right/Australia/Melbourne" " " \ +"right/Australia/NSW" " " \ +"right/Australia/North" " " \ +"right/Australia/Perth" " " \ +"right/Australia/Queensland" " " \ +"right/Australia/South" " " \ +"right/Australia/Sydney" " " \ +"right/Australia/Tasmania" " " \ +"right/Australia/Victoria" " " \ +"right/Australia/West" " " \ +"right/Australia/Yancowinna" " " \ +"right/Brazil/Acre" " " \ +"right/Brazil/DeNoronha" " " \ +"right/Brazil/East" " " \ +"right/Brazil/West" " " \ +"right/CET" " " \ +"right/CST6CDT" " " \ +"right/Canada/Atlantic" " " \ +"right/Canada/Central" " " \ +"right/Canada/East-Saskatchewan" " " \ +"right/Canada/Eastern" " " \ +"right/Canada/Mountain" " " \ +"right/Canada/Newfoundland" " " \ +"right/Canada/Pacific" " " \ +"right/Canada/Saskatchewan" " " \ +"right/Canada/Yukon" " " \ +"right/Chile/Continental" " " \ +"right/Chile/EasterIsland" " " \ +"right/Cuba" " " \ +"right/EET" " " \ +"right/EST" " " \ +"right/EST5EDT" " " \ +"right/Egypt" " " \ +"right/Eire" " " \ +"right/Etc/GMT" " " \ +"right/Etc/GMT+0" " " \ +"right/Etc/GMT+1" " " \ +"right/Etc/GMT+10" " " \ +"right/Etc/GMT+11" " " \ +"right/Etc/GMT+12" " " \ +"right/Etc/GMT+2" " " \ +"right/Etc/GMT+3" " " \ +"right/Etc/GMT+4" " " \ +"right/Etc/GMT+5" " " \ +"right/Etc/GMT+6" " " \ +"right/Etc/GMT+7" " " \ +"right/Etc/GMT+8" " " \ +"right/Etc/GMT+9" " " \ +"right/Etc/GMT-0" " " \ +"right/Etc/GMT-1" " " \ +"right/Etc/GMT-10" " " \ +"right/Etc/GMT-11" " " \ +"right/Etc/GMT-12" " " \ +"right/Etc/GMT-13" " " \ +"right/Etc/GMT-14" " " \ +"right/Etc/GMT-2" " " \ +"right/Etc/GMT-3" " " \ +"right/Etc/GMT-4" " " \ +"right/Etc/GMT-5" " " \ +"right/Etc/GMT-6" " " \ +"right/Etc/GMT-7" " " \ +"right/Etc/GMT-8" " " \ +"right/Etc/GMT-9" " " \ +"right/Etc/GMT0" " " \ +"right/Etc/Greenwich" " " \ +"right/Etc/UCT" " " \ +"right/Etc/UTC" " " \ +"right/Etc/Universal" " " \ +"right/Etc/Zulu" " " \ +"right/Europe/Amsterdam" " " \ +"right/Europe/Andorra" " " \ +"right/Europe/Athens" " " \ +"right/Europe/Belfast" " " \ +"right/Europe/Belgrade" " " \ +"right/Europe/Berlin" " " \ +"right/Europe/Bratislava" " " \ +"right/Europe/Brussels" " " \ +"right/Europe/Bucharest" " " \ +"right/Europe/Budapest" " " \ +"right/Europe/Chisinau" " " \ +"right/Europe/Copenhagen" " " \ +"right/Europe/Dublin" " " \ +"right/Europe/Gibraltar" " " \ +"right/Europe/Guernsey" " " \ +"right/Europe/Helsinki" " " \ +"right/Europe/Isle_of_Man" " " \ +"right/Europe/Istanbul" " " \ +"right/Europe/Jersey" " " \ +"right/Europe/Kaliningrad" " " \ +"right/Europe/Kiev" " " \ +"right/Europe/Lisbon" " " \ +"right/Europe/Ljubljana" " " \ +"right/Europe/London" " " \ +"right/Europe/Luxembourg" " " \ +"right/Europe/Madrid" " " \ +"right/Europe/Malta" " " \ +"right/Europe/Mariehamn" " " \ +"right/Europe/Minsk" " " \ +"right/Europe/Monaco" " " \ +"right/Europe/Moscow" " " \ +"right/Europe/Nicosia" " " \ +"right/Europe/Oslo" " " \ +"right/Europe/Paris" " " \ +"right/Europe/Podgorica" " " \ +"right/Europe/Prague" " " \ +"right/Europe/Riga" " " \ +"right/Europe/Rome" " " \ +"right/Europe/Samara" " " \ +"right/Europe/San_Marino" " " \ +"right/Europe/Sarajevo" " " \ +"right/Europe/Simferopol" " " \ +"right/Europe/Skopje" " " \ +"right/Europe/Sofia" " " \ +"right/Europe/Stockholm" " " \ +"right/Europe/Tallinn" " " \ +"right/Europe/Tirane" " " \ +"right/Europe/Tiraspol" " " \ +"right/Europe/Uzhgorod" " " \ +"right/Europe/Vaduz" " " \ +"right/Europe/Vatican" " " \ +"right/Europe/Vienna" " " \ +"right/Europe/Vilnius" " " \ +"right/Europe/Volgograd" " " \ +"right/Europe/Warsaw" " " \ +"right/Europe/Zagreb" " " \ +"right/Europe/Zaporozhye" " " \ +"right/Europe/Zurich" " " \ +"right/Factory" " " \ +"right/GB" " " \ +"right/GB-Eire" " " \ +"right/GMT" " " \ +"right/GMT+0" " " \ +"right/GMT-0" " " \ +"right/GMT0" " " \ +"right/Greenwich" " " \ +"right/HST" " " \ +"right/Hongkong" " " \ +"right/Iceland" " " \ +"right/Indian/Antananarivo" " " \ +"right/Indian/Chagos" " " \ +"right/Indian/Christmas" " " \ +"right/Indian/Cocos" " " \ +"right/Indian/Comoro" " " \ +"right/Indian/Kerguelen" " " \ +"right/Indian/Mahe" " " \ +"right/Indian/Maldives" " " \ +"right/Indian/Mauritius" " " \ +"right/Indian/Mayotte" " " \ +"right/Indian/Reunion" " " \ +"right/Iran" " " \ +"right/Israel" " " \ +"right/Jamaica" " " \ +"right/Japan" " " \ +"right/Kwajalein" " " \ +"right/Libya" " " \ +"right/MET" " " \ +"right/MST" " " \ +"right/MST7MDT" " " \ +"right/Mexico/BajaNorte" " " \ +"right/Mexico/BajaSur" " " \ +"right/Mexico/General" " " \ +"right/NZ" " " \ +"right/NZ-CHAT" " " \ +"right/Navajo" " " \ +"right/PRC" " " \ +"right/PST8PDT" " " \ +"right/Pacific/Apia" " " \ +"right/Pacific/Auckland" " " \ +"right/Pacific/Bougainville" " " \ +"right/Pacific/Chatham" " " \ +"right/Pacific/Easter" " " \ +"right/Pacific/Efate" " " \ +"right/Pacific/Enderbury" " " \ +"right/Pacific/Fakaofo" " " \ +"right/Pacific/Fiji" " " \ +"right/Pacific/Funafuti" " " \ +"right/Pacific/Galapagos" " " \ +"right/Pacific/Gambier" " " \ +"right/Pacific/Guadalcanal" " " \ +"right/Pacific/Guam" " " \ +"right/Pacific/Honolulu" " " \ +"right/Pacific/Johnston" " " \ +"right/Pacific/Kiritimati" " " \ +"right/Pacific/Kosrae" " " \ +"right/Pacific/Kwajalein" " " \ +"right/Pacific/Majuro" " " \ +"right/Pacific/Marquesas" " " \ +"right/Pacific/Midway" " " \ +"right/Pacific/Nauru" " " \ +"right/Pacific/Niue" " " \ +"right/Pacific/Norfolk" " " \ +"right/Pacific/Noumea" " " \ +"right/Pacific/Pago_Pago" " " \ +"right/Pacific/Palau" " " \ +"right/Pacific/Pitcairn" " " \ +"right/Pacific/Ponape" " " \ +"right/Pacific/Port_Moresby" " " \ +"right/Pacific/Rarotonga" " " \ +"right/Pacific/Saipan" " " \ +"right/Pacific/Samoa" " " \ +"right/Pacific/Tahiti" " " \ +"right/Pacific/Tarawa" " " \ +"right/Pacific/Tongatapu" " " \ +"right/Pacific/Truk" " " \ +"right/Pacific/Wake" " " \ +"right/Pacific/Wallis" " " \ +"right/Pacific/Yap" " " \ +"right/Poland" " " \ +"right/Portugal" " " \ +"right/ROC" " " \ +"right/ROK" " " \ +"right/Singapore" " " \ +"right/Turkey" " " \ +"right/UCT" " " \ +"right/US/Alaska" " " \ +"right/US/Aleutian" " " \ +"right/US/Arizona" " " \ +"right/US/Central" " " \ +"right/US/East-Indiana" " " \ +"right/US/Eastern" " " \ +"right/US/Hawaii" " " \ +"right/US/Indiana-Starke" " " \ +"right/US/Michigan" " " \ +"right/US/Mountain" " " \ +"right/US/Pacific" " " \ +"right/US/Pacific-New" " " \ +"right/US/Samoa" " " \ +"right/UTC" " " \ +"right/Universal" " " \ +"right/W-SU" " " \ +"right/WET" " " \ +"right/Zulu" " " \ diff --git a/patches/source/glibc/timezone-scripts/parts/02 b/patches/source/glibc/timezone-scripts/parts/02 new file mode 100644 index 000000000..bd5a50bb0 --- /dev/null +++ b/patches/source/glibc/timezone-scripts/parts/02 @@ -0,0 +1,28 @@ + 2> $TMP/tz + + if [ $? = 1 -o $? = 255 ]; then + rm -f $TMP/tz + exit + fi + + TIMEZONE="`cat $TMP/tz`" + rm -f $TMP/tz + + setzone $TIMEZONE + exit +else + ### + ### use text prompts + ### + while [ 0 ]; do + echo -n "Would you like to configure your timezone ([y]es, [n]o)? " + read TIMECONF; + echo + + if [ "$TIMECONF" = "n" ]; then + break + fi + + cat << EOF +Select one of these timezones: + diff --git a/patches/source/glibc/timezone-scripts/parts/03 b/patches/source/glibc/timezone-scripts/parts/03 new file mode 100644 index 000000000..7da2043d8 --- /dev/null +++ b/patches/source/glibc/timezone-scripts/parts/03 @@ -0,0 +1,1658 @@ +US/Alaska +US/Aleutian +US/Arizona +US/Central +US/East-Indiana +US/Eastern +US/Hawaii +US/Indiana-Starke +US/Michigan +US/Mountain +US/Pacific +US/Pacific-New +US/Samoa +Africa/Abidjan +Africa/Accra +Africa/Addis_Ababa +Africa/Algiers +Africa/Asmera +Africa/Bamako +Africa/Bangui +Africa/Banjul +Africa/Bissau +Africa/Blantyre +Africa/Brazzaville +Africa/Bujumbura +Africa/Cairo +Africa/Casablanca +Africa/Ceuta +Africa/Conakry +Africa/Dakar +Africa/Dar_es_Salaam +Africa/Djibouti +Africa/Douala +Africa/El_Aaiun +Africa/Freetown +Africa/Gaborone +Africa/Harare +Africa/Johannesburg +Africa/Kampala +Africa/Khartoum +Africa/Kigali +Africa/Kinshasa +Africa/Lagos +Africa/Libreville +Africa/Lome +Africa/Luanda +Africa/Lubumbashi +Africa/Lusaka +Africa/Malabo +Africa/Maputo +Africa/Maseru +Africa/Mbabane +Africa/Mogadishu +Africa/Monrovia +Africa/Nairobi +Africa/Ndjamena +Africa/Niamey +Africa/Nouakchott +Africa/Ouagadougou +Africa/Porto-Novo +Africa/Sao_Tome +Africa/Timbuktu +Africa/Tripoli +Africa/Tunis +Africa/Windhoek +America/Adak +America/Anchorage +America/Anguilla +America/Antigua +America/Araguaina +America/Argentina/Buenos_Aires +America/Argentina/Catamarca +America/Argentina/ComodRivadavia +America/Argentina/Cordoba +America/Argentina/Jujuy +America/Argentina/La_Rioja +America/Argentina/Mendoza +America/Argentina/Rio_Gallegos +America/Argentina/San_Juan +America/Argentina/Tucuman +America/Argentina/Ushuaia +America/Aruba +America/Asuncion +America/Atikokan +America/Atka +America/Bahia +America/Barbados +America/Belem +America/Belize +America/Blanc-Sablon +America/Boa_Vista +America/Bogota +America/Boise +America/Buenos_Aires +America/Cambridge_Bay +America/Campo_Grande +America/Cancun +America/Caracas +America/Catamarca +America/Cayenne +America/Cayman +America/Chicago +America/Chihuahua +America/Coral_Harbour +America/Cordoba +America/Costa_Rica +America/Cuiaba +America/Curacao +America/Danmarkshavn +America/Dawson +America/Dawson_Creek +America/Denver +America/Detroit +America/Dominica +America/Edmonton +America/Eirunepe +America/El_Salvador +America/Ensenada +America/Fort_Wayne +America/Fortaleza +America/Glace_Bay +America/Godthab +America/Goose_Bay +America/Grand_Turk +America/Grenada +America/Guadeloupe +America/Guatemala +America/Guayaquil +America/Guyana +America/Halifax +America/Havana +America/Hermosillo +America/Indiana/Indianapolis +America/Indiana/Knox +America/Indiana/Marengo +America/Indiana/Petersburg +America/Indiana/Tell_City +America/Indiana/Vevay +America/Indiana/Vincennes +America/Indianapolis +America/Inuvik +America/Iqaluit +America/Jamaica +America/Jujuy +America/Juneau +America/Kentucky/Louisville +America/Kentucky/Monticello +America/Knox_IN +America/La_Paz +America/Lima +America/Los_Angeles +America/Louisville +America/Maceio +America/Managua +America/Manaus +America/Martinique +America/Mazatlan +America/Mendoza +America/Menominee +America/Merida +America/Mexico_City +America/Miquelon +America/Moncton +America/Monterrey +America/Montevideo +America/Montreal +America/Montserrat +America/Nassau +America/New_York +America/Nipigon +America/Nome +America/Noronha +America/North_Dakota/Center +America/North_Dakota/New_Salem +America/Panama +America/Pangnirtung +America/Paramaribo +America/Phoenix +America/Port-au-Prince +America/Port_of_Spain +America/Porto_Acre +America/Porto_Velho +America/Puerto_Rico +America/Rainy_River +America/Rankin_Inlet +America/Recife +America/Regina +America/Rio_Branco +America/Rosario +America/Santiago +America/Santo_Domingo +America/Sao_Paulo +America/Scoresbysund +America/Shiprock +America/St_Johns +America/St_Kitts +America/St_Lucia +America/St_Thomas +America/St_Vincent +America/Swift_Current +America/Tegucigalpa +America/Thule +America/Thunder_Bay +America/Tijuana +America/Toronto +America/Tortola +America/Vancouver +America/Virgin +America/Whitehorse +America/Winnipeg +America/Yakutat +America/Yellowknife +Antarctica/Casey +Antarctica/Davis +Antarctica/DumontDUrville +Antarctica/Mawson +Antarctica/McMurdo +Antarctica/Palmer +Antarctica/Rothera +Antarctica/South_Pole +Antarctica/Syowa +Antarctica/Troll +Antarctica/Vostok +Arctic/Longyearbyen +Asia/Aden +Asia/Almaty +Asia/Amman +Asia/Anadyr +Asia/Aqtau +Asia/Aqtobe +Asia/Ashgabat +Asia/Ashkhabad +Asia/Baghdad +Asia/Bahrain +Asia/Baku +Asia/Bangkok +Asia/Beirut +Asia/Bishkek +Asia/Brunei +Asia/Calcutta +Asia/Chita +Asia/Choibalsan +Asia/Chongqing +Asia/Chungking +Asia/Colombo +Asia/Dacca +Asia/Damascus +Asia/Dhaka +Asia/Dili +Asia/Dubai +Asia/Dushanbe +Asia/Gaza +Asia/Harbin +Asia/Hong_Kong +Asia/Hovd +Asia/Irkutsk +Asia/Istanbul +Asia/Jakarta +Asia/Jayapura +Asia/Jerusalem +Asia/Kabul +Asia/Kamchatka +Asia/Karachi +Asia/Kashgar +Asia/Katmandu +Asia/Khandyga +Asia/Kolkata +Asia/Krasnoyarsk +Asia/Kuala_Lumpur +Asia/Kuching +Asia/Kuwait +Asia/Macao +Asia/Macau +Asia/Magadan +Asia/Makassar +Asia/Manila +Asia/Muscat +Asia/Nicosia +Asia/Novosibirsk +Asia/Omsk +Asia/Oral +Asia/Phnom_Penh +Asia/Pontianak +Asia/Pyongyang +Asia/Qatar +Asia/Qyzylorda +Asia/Rangoon +Asia/Riyadh +Asia/Saigon +Asia/Sakhalin +Asia/Samarkand +Asia/Seoul +Asia/Shanghai +Asia/Singapore +Asia/Srednekolymsk +Asia/Taipei +Asia/Tashkent +Asia/Tbilisi +Asia/Tehran +Asia/Tel_Aviv +Asia/Thimbu +Asia/Thimphu +Asia/Tokyo +Asia/Ujung_Pandang +Asia/Ulaanbaatar +Asia/Ulan_Bator +Asia/Urumqi +Asia/Ust-Nera +Asia/Vientiane +Asia/Vladivostok +Asia/Yakutsk +Asia/Yekaterinburg +Asia/Yerevan +Atlantic/Azores +Atlantic/Bermuda +Atlantic/Canary +Atlantic/Cape_Verde +Atlantic/Faeroe +Atlantic/Jan_Mayen +Atlantic/Madeira +Atlantic/Reykjavik +Atlantic/South_Georgia +Atlantic/St_Helena +Atlantic/Stanley +Australia/ACT +Australia/Adelaide +Australia/Brisbane +Australia/Broken_Hill +Australia/Canberra +Australia/Currie +Australia/Darwin +Australia/Hobart +Australia/LHI +Australia/Lindeman +Australia/Lord_Howe +Australia/Melbourne +Australia/NSW +Australia/North +Australia/Perth +Australia/Queensland +Australia/South +Australia/Sydney +Australia/Tasmania +Australia/Victoria +Australia/West +Australia/Yancowinna +Brazil/Acre +Brazil/DeNoronha +Brazil/East +Brazil/West +CET +CST6CDT +Canada/Atlantic +Canada/Central +Canada/East-Saskatchewan +Canada/Eastern +Canada/Mountain +Canada/Newfoundland +Canada/Pacific +Canada/Saskatchewan +Canada/Yukon +Chile/Continental +Chile/EasterIsland +Cuba +EET +EST +EST5EDT +Egypt +Eire +Etc/GMT +Etc/GMT+0 +Etc/GMT+1 +Etc/GMT+10 +Etc/GMT+11 +Etc/GMT+12 +Etc/GMT+2 +Etc/GMT+3 +Etc/GMT+4 +Etc/GMT+5 +Etc/GMT+6 +Etc/GMT+7 +Etc/GMT+8 +Etc/GMT+9 +Etc/GMT-0 +Etc/GMT-1 +Etc/GMT-10 +Etc/GMT-11 +Etc/GMT-12 +Etc/GMT-13 +Etc/GMT-14 +Etc/GMT-2 +Etc/GMT-3 +Etc/GMT-4 +Etc/GMT-5 +Etc/GMT-6 +Etc/GMT-7 +Etc/GMT-8 +Etc/GMT-9 +Etc/GMT0 +Etc/Greenwich +Etc/UCT +Etc/UTC +Etc/Universal +Etc/Zulu +Europe/Amsterdam +Europe/Andorra +Europe/Athens +Europe/Belfast +Europe/Belgrade +Europe/Berlin +Europe/Bratislava +Europe/Brussels +Europe/Bucharest +Europe/Budapest +Europe/Busingen +Europe/Chisinau +Europe/Copenhagen +Europe/Dublin +Europe/Gibraltar +Europe/Guernsey +Europe/Helsinki +Europe/Isle_of_Man +Europe/Istanbul +Europe/Jersey +Europe/Kaliningrad +Europe/Kiev +Europe/Lisbon +Europe/Ljubljana +Europe/London +Europe/Luxembourg +Europe/Madrid +Europe/Malta +Europe/Mariehamn +Europe/Minsk +Europe/Monaco +Europe/Moscow +Europe/Nicosia +Europe/Oslo +Europe/Paris +Europe/Podgorica +Europe/Prague +Europe/Riga +Europe/Rome +Europe/Samara +Europe/San_Marino +Europe/Sarajevo +Europe/Simferopol +Europe/Skopje +Europe/Sofia +Europe/Stockholm +Europe/Tallinn +Europe/Tirane +Europe/Tiraspol +Europe/Uzhgorod +Europe/Vaduz +Europe/Vatican +Europe/Vienna +Europe/Vilnius +Europe/Volgograd +Europe/Warsaw +Europe/Zagreb +Europe/Zaporozhye +Europe/Zurich +Factory +GB +GB-Eire +GMT +GMT+0 +GMT-0 +GMT0 +Greenwich +HST +Hongkong +Iceland +Indian/Antananarivo +Indian/Chagos +Indian/Christmas +Indian/Cocos +Indian/Comoro +Indian/Kerguelen +Indian/Mahe +Indian/Maldives +Indian/Mauritius +Indian/Mayotte +Indian/Reunion +Iran +Israel +Jamaica +Japan +Kwajalein +Libya +MET +MST +MST7MDT +Mexico/BajaNorte +Mexico/BajaSur +Mexico/General +NZ +NZ-CHAT +Navajo +PRC +PST8PDT +Pacific/Apia +Pacific/Auckland +Pacific/Bougainville +Pacific/Chatham +Pacific/Easter +Pacific/Efate +Pacific/Enderbury +Pacific/Fakaofo +Pacific/Fiji +Pacific/Funafuti +Pacific/Galapagos +Pacific/Gambier +Pacific/Guadalcanal +Pacific/Guam +Pacific/Honolulu +Pacific/Johnston +Pacific/Kiritimati +Pacific/Kosrae +Pacific/Kwajalein +Pacific/Majuro +Pacific/Marquesas +Pacific/Midway +Pacific/Nauru +Pacific/Niue +Pacific/Norfolk +Pacific/Noumea +Pacific/Pago_Pago +Pacific/Palau +Pacific/Pitcairn +Pacific/Ponape +Pacific/Port_Moresby +Pacific/Rarotonga +Pacific/Saipan +Pacific/Samoa +Pacific/Tahiti +Pacific/Tarawa +Pacific/Tongatapu +Pacific/Truk +Pacific/Wake +Pacific/Wallis +Pacific/Yap +Poland +Portugal +ROC +ROK +Singapore +Turkey +UCT +UTC +Universal +W-SU +WET +Zulu +posix/Africa/Abidjan +posix/Africa/Accra +posix/Africa/Addis_Ababa +posix/Africa/Algiers +posix/Africa/Asmera +posix/Africa/Bamako +posix/Africa/Bangui +posix/Africa/Banjul +posix/Africa/Bissau +posix/Africa/Blantyre +posix/Africa/Brazzaville +posix/Africa/Bujumbura +posix/Africa/Cairo +posix/Africa/Casablanca +posix/Africa/Ceuta +posix/Africa/Conakry +posix/Africa/Dakar +posix/Africa/Dar_es_Salaam +posix/Africa/Djibouti +posix/Africa/Douala +posix/Africa/El_Aaiun +posix/Africa/Freetown +posix/Africa/Gaborone +posix/Africa/Harare +posix/Africa/Johannesburg +posix/Africa/Kampala +posix/Africa/Khartoum +posix/Africa/Kigali +posix/Africa/Kinshasa +posix/Africa/Lagos +posix/Africa/Libreville +posix/Africa/Lome +posix/Africa/Luanda +posix/Africa/Lubumbashi +posix/Africa/Lusaka +posix/Africa/Malabo +posix/Africa/Maputo +posix/Africa/Maseru +posix/Africa/Mbabane +posix/Africa/Mogadishu +posix/Africa/Monrovia +posix/Africa/Nairobi +posix/Africa/Ndjamena +posix/Africa/Niamey +posix/Africa/Nouakchott +posix/Africa/Ouagadougou +posix/Africa/Porto-Novo +posix/Africa/Sao_Tome +posix/Africa/Timbuktu +posix/Africa/Tripoli +posix/Africa/Tunis +posix/Africa/Windhoek +posix/America/Adak +posix/America/Anchorage +posix/America/Anguilla +posix/America/Antigua +posix/America/Araguaina +posix/America/Argentina/Buenos_Aires +posix/America/Argentina/Catamarca +posix/America/Argentina/ComodRivadavia +posix/America/Argentina/Cordoba +posix/America/Argentina/Jujuy +posix/America/Argentina/La_Rioja +posix/America/Argentina/Mendoza +posix/America/Argentina/Rio_Gallegos +posix/America/Argentina/San_Juan +posix/America/Argentina/Tucuman +posix/America/Argentina/Ushuaia +posix/America/Aruba +posix/America/Asuncion +posix/America/Atikokan +posix/America/Atka +posix/America/Bahia +posix/America/Barbados +posix/America/Belem +posix/America/Belize +posix/America/Blanc-Sablon +posix/America/Boa_Vista +posix/America/Bogota +posix/America/Boise +posix/America/Buenos_Aires +posix/America/Cambridge_Bay +posix/America/Campo_Grande +posix/America/Cancun +posix/America/Caracas +posix/America/Catamarca +posix/America/Cayenne +posix/America/Cayman +posix/America/Chicago +posix/America/Chihuahua +posix/America/Coral_Harbour +posix/America/Cordoba +posix/America/Costa_Rica +posix/America/Cuiaba +posix/America/Curacao +posix/America/Danmarkshavn +posix/America/Dawson +posix/America/Dawson_Creek +posix/America/Denver +posix/America/Detroit +posix/America/Dominica +posix/America/Edmonton +posix/America/Eirunepe +posix/America/El_Salvador +posix/America/Ensenada +posix/America/Fort_Wayne +posix/America/Fortaleza +posix/America/Glace_Bay +posix/America/Godthab +posix/America/Goose_Bay +posix/America/Grand_Turk +posix/America/Grenada +posix/America/Guadeloupe +posix/America/Guatemala +posix/America/Guayaquil +posix/America/Guyana +posix/America/Halifax +posix/America/Havana +posix/America/Hermosillo +posix/America/Indiana/Indianapolis +posix/America/Indiana/Knox +posix/America/Indiana/Marengo +posix/America/Indiana/Petersburg +posix/America/Indiana/Tell_City +posix/America/Indiana/Vevay +posix/America/Indiana/Vincennes +posix/America/Indianapolis +posix/America/Inuvik +posix/America/Iqaluit +posix/America/Jamaica +posix/America/Jujuy +posix/America/Juneau +posix/America/Kentucky/Louisville +posix/America/Kentucky/Monticello +posix/America/Knox_IN +posix/America/La_Paz +posix/America/Lima +posix/America/Los_Angeles +posix/America/Louisville +posix/America/Maceio +posix/America/Managua +posix/America/Manaus +posix/America/Martinique +posix/America/Mazatlan +posix/America/Mendoza +posix/America/Menominee +posix/America/Merida +posix/America/Mexico_City +posix/America/Miquelon +posix/America/Moncton +posix/America/Monterrey +posix/America/Montevideo +posix/America/Montreal +posix/America/Montserrat +posix/America/Nassau +posix/America/New_York +posix/America/Nipigon +posix/America/Nome +posix/America/Noronha +posix/America/North_Dakota/Center +posix/America/North_Dakota/New_Salem +posix/America/Panama +posix/America/Pangnirtung +posix/America/Paramaribo +posix/America/Phoenix +posix/America/Port-au-Prince +posix/America/Port_of_Spain +posix/America/Porto_Acre +posix/America/Porto_Velho +posix/America/Puerto_Rico +posix/America/Rainy_River +posix/America/Rankin_Inlet +posix/America/Recife +posix/America/Regina +posix/America/Rio_Branco +posix/America/Rosario +posix/America/Santiago +posix/America/Santo_Domingo +posix/America/Sao_Paulo +posix/America/Scoresbysund +posix/America/Shiprock +posix/America/St_Johns +posix/America/St_Kitts +posix/America/St_Lucia +posix/America/St_Thomas +posix/America/St_Vincent +posix/America/Swift_Current +posix/America/Tegucigalpa +posix/America/Thule +posix/America/Thunder_Bay +posix/America/Tijuana +posix/America/Toronto +posix/America/Tortola +posix/America/Vancouver +posix/America/Virgin +posix/America/Whitehorse +posix/America/Winnipeg +posix/America/Yakutat +posix/America/Yellowknife +posix/Antarctica/Casey +posix/Antarctica/Davis +posix/Antarctica/DumontDUrville +posix/Antarctica/Mawson +posix/Antarctica/McMurdo +posix/Antarctica/Palmer +posix/Antarctica/Rothera +posix/Antarctica/South_Pole +posix/Antarctica/Syowa +posix/Antarctica/Troll +posix/Antarctica/Vostok +posix/Arctic/Longyearbyen +posix/Asia/Aden +posix/Asia/Almaty +posix/Asia/Amman +posix/Asia/Anadyr +posix/Asia/Aqtau +posix/Asia/Aqtobe +posix/Asia/Ashgabat +posix/Asia/Ashkhabad +posix/Asia/Baghdad +posix/Asia/Bahrain +posix/Asia/Baku +posix/Asia/Bangkok +posix/Asia/Beirut +posix/Asia/Bishkek +posix/Asia/Brunei +posix/Asia/Calcutta +posix/Asia/Chita +posix/Asia/Choibalsan +posix/Asia/Chongqing +posix/Asia/Chungking +posix/Asia/Colombo +posix/Asia/Dacca +posix/Asia/Damascus +posix/Asia/Dhaka +posix/Asia/Dili +posix/Asia/Dubai +posix/Asia/Dushanbe +posix/Asia/Gaza +posix/Asia/Harbin +posix/Asia/Hong_Kong +posix/Asia/Hovd +posix/Asia/Irkutsk +posix/Asia/Istanbul +posix/Asia/Jakarta +posix/Asia/Jayapura +posix/Asia/Jerusalem +posix/Asia/Kabul +posix/Asia/Kamchatka +posix/Asia/Karachi +posix/Asia/Kashgar +posix/Asia/Katmandu +posix/Asia/Krasnoyarsk +posix/Asia/Kuala_Lumpur +posix/Asia/Kuching +posix/Asia/Kuwait +posix/Asia/Macao +posix/Asia/Macau +posix/Asia/Magadan +posix/Asia/Makassar +posix/Asia/Manila +posix/Asia/Muscat +posix/Asia/Nicosia +posix/Asia/Novosibirsk +posix/Asia/Omsk +posix/Asia/Oral +posix/Asia/Phnom_Penh +posix/Asia/Pontianak +posix/Asia/Pyongyang +posix/Asia/Qatar +posix/Asia/Qyzylorda +posix/Asia/Rangoon +posix/Asia/Riyadh +posix/Asia/Saigon +posix/Asia/Sakhalin +posix/Asia/Samarkand +posix/Asia/Seoul +posix/Asia/Shanghai +posix/Asia/Singapore +posix/Asia/Srednekolymsk +posix/Asia/Taipei +posix/Asia/Tashkent +posix/Asia/Tbilisi +posix/Asia/Tehran +posix/Asia/Tel_Aviv +posix/Asia/Thimbu +posix/Asia/Thimphu +posix/Asia/Tokyo +posix/Asia/Ujung_Pandang +posix/Asia/Ulaanbaatar +posix/Asia/Ulan_Bator +posix/Asia/Urumqi +posix/Asia/Vientiane +posix/Asia/Vladivostok +posix/Asia/Yakutsk +posix/Asia/Yekaterinburg +posix/Asia/Yerevan +posix/Atlantic/Azores +posix/Atlantic/Bermuda +posix/Atlantic/Canary +posix/Atlantic/Cape_Verde +posix/Atlantic/Faeroe +posix/Atlantic/Jan_Mayen +posix/Atlantic/Madeira +posix/Atlantic/Reykjavik +posix/Atlantic/South_Georgia +posix/Atlantic/St_Helena +posix/Atlantic/Stanley +posix/Australia/ACT +posix/Australia/Adelaide +posix/Australia/Brisbane +posix/Australia/Broken_Hill +posix/Australia/Canberra +posix/Australia/Currie +posix/Australia/Darwin +posix/Australia/Hobart +posix/Australia/LHI +posix/Australia/Lindeman +posix/Australia/Lord_Howe +posix/Australia/Melbourne +posix/Australia/NSW +posix/Australia/North +posix/Australia/Perth +posix/Australia/Queensland +posix/Australia/South +posix/Australia/Sydney +posix/Australia/Tasmania +posix/Australia/Victoria +posix/Australia/West +posix/Australia/Yancowinna +posix/Brazil/Acre +posix/Brazil/DeNoronha +posix/Brazil/East +posix/Brazil/West +posix/CET +posix/CST6CDT +posix/Canada/Atlantic +posix/Canada/Central +posix/Canada/East-Saskatchewan +posix/Canada/Eastern +posix/Canada/Mountain +posix/Canada/Newfoundland +posix/Canada/Pacific +posix/Canada/Saskatchewan +posix/Canada/Yukon +posix/Chile/Continental +posix/Chile/EasterIsland +posix/Cuba +posix/EET +posix/EST +posix/EST5EDT +posix/Egypt +posix/Eire +posix/Etc/GMT +posix/Etc/GMT+0 +posix/Etc/GMT+1 +posix/Etc/GMT+10 +posix/Etc/GMT+11 +posix/Etc/GMT+12 +posix/Etc/GMT+2 +posix/Etc/GMT+3 +posix/Etc/GMT+4 +posix/Etc/GMT+5 +posix/Etc/GMT+6 +posix/Etc/GMT+7 +posix/Etc/GMT+8 +posix/Etc/GMT+9 +posix/Etc/GMT-0 +posix/Etc/GMT-1 +posix/Etc/GMT-10 +posix/Etc/GMT-11 +posix/Etc/GMT-12 +posix/Etc/GMT-13 +posix/Etc/GMT-14 +posix/Etc/GMT-2 +posix/Etc/GMT-3 +posix/Etc/GMT-4 +posix/Etc/GMT-5 +posix/Etc/GMT-6 +posix/Etc/GMT-7 +posix/Etc/GMT-8 +posix/Etc/GMT-9 +posix/Etc/GMT0 +posix/Etc/Greenwich +posix/Etc/UCT +posix/Etc/UTC +posix/Etc/Universal +posix/Etc/Zulu +posix/Europe/Amsterdam +posix/Europe/Andorra +posix/Europe/Athens +posix/Europe/Belfast +posix/Europe/Belgrade +posix/Europe/Berlin +posix/Europe/Bratislava +posix/Europe/Brussels +posix/Europe/Bucharest +posix/Europe/Budapest +posix/Europe/Chisinau +posix/Europe/Copenhagen +posix/Europe/Dublin +posix/Europe/Gibraltar +posix/Europe/Guernsey +posix/Europe/Helsinki +posix/Europe/Isle_of_Man +posix/Europe/Istanbul +posix/Europe/Jersey +posix/Europe/Kaliningrad +posix/Europe/Kiev +posix/Europe/Lisbon +posix/Europe/Ljubljana +posix/Europe/London +posix/Europe/Luxembourg +posix/Europe/Madrid +posix/Europe/Malta +posix/Europe/Mariehamn +posix/Europe/Minsk +posix/Europe/Monaco +posix/Europe/Moscow +posix/Europe/Nicosia +posix/Europe/Oslo +posix/Europe/Paris +posix/Europe/Podgorica +posix/Europe/Prague +posix/Europe/Riga +posix/Europe/Rome +posix/Europe/Samara +posix/Europe/San_Marino +posix/Europe/Sarajevo +posix/Europe/Simferopol +posix/Europe/Skopje +posix/Europe/Sofia +posix/Europe/Stockholm +posix/Europe/Tallinn +posix/Europe/Tirane +posix/Europe/Tiraspol +posix/Europe/Uzhgorod +posix/Europe/Vaduz +posix/Europe/Vatican +posix/Europe/Vienna +posix/Europe/Vilnius +posix/Europe/Volgograd +posix/Europe/Warsaw +posix/Europe/Zagreb +posix/Europe/Zaporozhye +posix/Europe/Zurich +posix/Factory +posix/GB +posix/GB-Eire +posix/GMT +posix/GMT+0 +posix/GMT-0 +posix/GMT0 +posix/Greenwich +posix/HST +posix/Hongkong +posix/Iceland +posix/Indian/Antananarivo +posix/Indian/Chagos +posix/Indian/Christmas +posix/Indian/Cocos +posix/Indian/Comoro +posix/Indian/Kerguelen +posix/Indian/Mahe +posix/Indian/Maldives +posix/Indian/Mauritius +posix/Indian/Mayotte +posix/Indian/Reunion +posix/Iran +posix/Israel +posix/Jamaica +posix/Japan +posix/Kwajalein +posix/Libya +posix/MET +posix/MST +posix/MST7MDT +posix/Mexico/BajaNorte +posix/Mexico/BajaSur +posix/Mexico/General +posix/NZ +posix/NZ-CHAT +posix/Navajo +posix/PRC +posix/PST8PDT +posix/Pacific/Apia +posix/Pacific/Auckland +posix/Pacific/Bougainville +posix/Pacific/Chatham +posix/Pacific/Easter +posix/Pacific/Efate +posix/Pacific/Enderbury +posix/Pacific/Fakaofo +posix/Pacific/Fiji +posix/Pacific/Funafuti +posix/Pacific/Galapagos +posix/Pacific/Gambier +posix/Pacific/Guadalcanal +posix/Pacific/Guam +posix/Pacific/Honolulu +posix/Pacific/Johnston +posix/Pacific/Kiritimati +posix/Pacific/Kosrae +posix/Pacific/Kwajalein +posix/Pacific/Majuro +posix/Pacific/Marquesas +posix/Pacific/Midway +posix/Pacific/Nauru +posix/Pacific/Niue +posix/Pacific/Norfolk +posix/Pacific/Noumea +posix/Pacific/Pago_Pago +posix/Pacific/Palau +posix/Pacific/Pitcairn +posix/Pacific/Ponape +posix/Pacific/Port_Moresby +posix/Pacific/Rarotonga +posix/Pacific/Saipan +posix/Pacific/Samoa +posix/Pacific/Tahiti +posix/Pacific/Tarawa +posix/Pacific/Tongatapu +posix/Pacific/Truk +posix/Pacific/Wake +posix/Pacific/Wallis +posix/Pacific/Yap +posix/Poland +posix/Portugal +posix/ROC +posix/ROK +posix/Singapore +posix/Turkey +posix/UCT +posix/US/Alaska +posix/US/Aleutian +posix/US/Arizona +posix/US/Central +posix/US/East-Indiana +posix/US/Eastern +posix/US/Hawaii +posix/US/Indiana-Starke +posix/US/Michigan +posix/US/Mountain +posix/US/Pacific +posix/US/Pacific-New +posix/US/Samoa +posix/UTC +posix/Universal +posix/W-SU +posix/WET +posix/Zulu +posixrules +right/Africa/Abidjan +right/Africa/Accra +right/Africa/Addis_Ababa +right/Africa/Algiers +right/Africa/Asmera +right/Africa/Bamako +right/Africa/Bangui +right/Africa/Banjul +right/Africa/Bissau +right/Africa/Blantyre +right/Africa/Brazzaville +right/Africa/Bujumbura +right/Africa/Cairo +right/Africa/Casablanca +right/Africa/Ceuta +right/Africa/Conakry +right/Africa/Dakar +right/Africa/Dar_es_Salaam +right/Africa/Djibouti +right/Africa/Douala +right/Africa/El_Aaiun +right/Africa/Freetown +right/Africa/Gaborone +right/Africa/Harare +right/Africa/Johannesburg +right/Africa/Kampala +right/Africa/Khartoum +right/Africa/Kigali +right/Africa/Kinshasa +right/Africa/Lagos +right/Africa/Libreville +right/Africa/Lome +right/Africa/Luanda +right/Africa/Lubumbashi +right/Africa/Lusaka +right/Africa/Malabo +right/Africa/Maputo +right/Africa/Maseru +right/Africa/Mbabane +right/Africa/Mogadishu +right/Africa/Monrovia +right/Africa/Nairobi +right/Africa/Ndjamena +right/Africa/Niamey +right/Africa/Nouakchott +right/Africa/Ouagadougou +right/Africa/Porto-Novo +right/Africa/Sao_Tome +right/Africa/Timbuktu +right/Africa/Tripoli +right/Africa/Tunis +right/Africa/Windhoek +right/America/Adak +right/America/Anchorage +right/America/Anguilla +right/America/Antigua +right/America/Araguaina +right/America/Argentina/Buenos_Aires +right/America/Argentina/Catamarca +right/America/Argentina/ComodRivadavia +right/America/Argentina/Cordoba +right/America/Argentina/Jujuy +right/America/Argentina/La_Rioja +right/America/Argentina/Mendoza +right/America/Argentina/Rio_Gallegos +right/America/Argentina/San_Juan +right/America/Argentina/Tucuman +right/America/Argentina/Ushuaia +right/America/Aruba +right/America/Asuncion +right/America/Atikokan +right/America/Atka +right/America/Bahia +right/America/Barbados +right/America/Belem +right/America/Belize +right/America/Blanc-Sablon +right/America/Boa_Vista +right/America/Bogota +right/America/Boise +right/America/Buenos_Aires +right/America/Cambridge_Bay +right/America/Campo_Grande +right/America/Cancun +right/America/Caracas +right/America/Catamarca +right/America/Cayenne +right/America/Cayman +right/America/Chicago +right/America/Chihuahua +right/America/Coral_Harbour +right/America/Cordoba +right/America/Costa_Rica +right/America/Cuiaba +right/America/Curacao +right/America/Danmarkshavn +right/America/Dawson +right/America/Dawson_Creek +right/America/Denver +right/America/Detroit +right/America/Dominica +right/America/Edmonton +right/America/Eirunepe +right/America/El_Salvador +right/America/Ensenada +right/America/Fort_Wayne +right/America/Fortaleza +right/America/Glace_Bay +right/America/Godthab +right/America/Goose_Bay +right/America/Grand_Turk +right/America/Grenada +right/America/Guadeloupe +right/America/Guatemala +right/America/Guayaquil +right/America/Guyana +right/America/Halifax +right/America/Havana +right/America/Hermosillo +right/America/Indiana/Indianapolis +right/America/Indiana/Knox +right/America/Indiana/Marengo +right/America/Indiana/Petersburg +right/America/Indiana/Tell_City +right/America/Indiana/Vevay +right/America/Indiana/Vincennes +right/America/Indianapolis +right/America/Inuvik +right/America/Iqaluit +right/America/Jamaica +right/America/Jujuy +right/America/Juneau +right/America/Kentucky/Louisville +right/America/Kentucky/Monticello +right/America/Knox_IN +right/America/La_Paz +right/America/Lima +right/America/Los_Angeles +right/America/Louisville +right/America/Maceio +right/America/Managua +right/America/Manaus +right/America/Martinique +right/America/Mazatlan +right/America/Mendoza +right/America/Menominee +right/America/Merida +right/America/Mexico_City +right/America/Miquelon +right/America/Moncton +right/America/Monterrey +right/America/Montevideo +right/America/Montreal +right/America/Montserrat +right/America/Nassau +right/America/New_York +right/America/Nipigon +right/America/Nome +right/America/Noronha +right/America/North_Dakota/Center +right/America/North_Dakota/New_Salem +right/America/Panama +right/America/Pangnirtung +right/America/Paramaribo +right/America/Phoenix +right/America/Port-au-Prince +right/America/Port_of_Spain +right/America/Porto_Acre +right/America/Porto_Velho +right/America/Puerto_Rico +right/America/Rainy_River +right/America/Rankin_Inlet +right/America/Recife +right/America/Regina +right/America/Rio_Branco +right/America/Rosario +right/America/Santiago +right/America/Santo_Domingo +right/America/Sao_Paulo +right/America/Scoresbysund +right/America/Shiprock +right/America/St_Johns +right/America/St_Kitts +right/America/St_Lucia +right/America/St_Thomas +right/America/St_Vincent +right/America/Swift_Current +right/America/Tegucigalpa +right/America/Thule +right/America/Thunder_Bay +right/America/Tijuana +right/America/Toronto +right/America/Tortola +right/America/Vancouver +right/America/Virgin +right/America/Whitehorse +right/America/Winnipeg +right/America/Yakutat +right/America/Yellowknife +right/Antarctica/Casey +right/Antarctica/Davis +right/Antarctica/DumontDUrville +right/Antarctica/Mawson +right/Antarctica/McMurdo +right/Antarctica/Palmer +right/Antarctica/Rothera +right/Antarctica/South_Pole +right/Antarctica/Syowa +right/Antarctica/Troll +right/Antarctica/Vostok +right/Arctic/Longyearbyen +right/Asia/Aden +right/Asia/Almaty +right/Asia/Amman +right/Asia/Anadyr +right/Asia/Aqtau +right/Asia/Aqtobe +right/Asia/Ashgabat +right/Asia/Ashkhabad +right/Asia/Baghdad +right/Asia/Bahrain +right/Asia/Baku +right/Asia/Bangkok +right/Asia/Beirut +right/Asia/Bishkek +right/Asia/Brunei +right/Asia/Calcutta +right/Asia/Chita +right/Asia/Choibalsan +right/Asia/Chongqing +right/Asia/Chungking +right/Asia/Colombo +right/Asia/Dacca +right/Asia/Damascus +right/Asia/Dhaka +right/Asia/Dili +right/Asia/Dubai +right/Asia/Dushanbe +right/Asia/Gaza +right/Asia/Harbin +right/Asia/Hong_Kong +right/Asia/Hovd +right/Asia/Irkutsk +right/Asia/Istanbul +right/Asia/Jakarta +right/Asia/Jayapura +right/Asia/Jerusalem +right/Asia/Kabul +right/Asia/Kamchatka +right/Asia/Karachi +right/Asia/Kashgar +right/Asia/Katmandu +right/Asia/Krasnoyarsk +right/Asia/Kuala_Lumpur +right/Asia/Kuching +right/Asia/Kuwait +right/Asia/Macao +right/Asia/Macau +right/Asia/Magadan +right/Asia/Makassar +right/Asia/Manila +right/Asia/Muscat +right/Asia/Nicosia +right/Asia/Novosibirsk +right/Asia/Omsk +right/Asia/Oral +right/Asia/Phnom_Penh +right/Asia/Pontianak +right/Asia/Pyongyang +right/Asia/Qatar +right/Asia/Qyzylorda +right/Asia/Rangoon +right/Asia/Riyadh +right/Asia/Saigon +right/Asia/Sakhalin +right/Asia/Samarkand +right/Asia/Seoul +right/Asia/Shanghai +right/Asia/Singapore +right/Asia/Srednekolymsk +right/Asia/Taipei +right/Asia/Tashkent +right/Asia/Tbilisi +right/Asia/Tehran +right/Asia/Tel_Aviv +right/Asia/Thimbu +right/Asia/Thimphu +right/Asia/Tokyo +right/Asia/Ujung_Pandang +right/Asia/Ulaanbaatar +right/Asia/Ulan_Bator +right/Asia/Urumqi +right/Asia/Vientiane +right/Asia/Vladivostok +right/Asia/Yakutsk +right/Asia/Yekaterinburg +right/Asia/Yerevan +right/Atlantic/Azores +right/Atlantic/Bermuda +right/Atlantic/Canary +right/Atlantic/Cape_Verde +right/Atlantic/Faeroe +right/Atlantic/Jan_Mayen +right/Atlantic/Madeira +right/Atlantic/Reykjavik +right/Atlantic/South_Georgia +right/Atlantic/St_Helena +right/Atlantic/Stanley +right/Australia/ACT +right/Australia/Adelaide +right/Australia/Brisbane +right/Australia/Broken_Hill +right/Australia/Canberra +right/Australia/Currie +right/Australia/Darwin +right/Australia/Hobart +right/Australia/LHI +right/Australia/Lindeman +right/Australia/Lord_Howe +right/Australia/Melbourne +right/Australia/NSW +right/Australia/North +right/Australia/Perth +right/Australia/Queensland +right/Australia/South +right/Australia/Sydney +right/Australia/Tasmania +right/Australia/Victoria +right/Australia/West +right/Australia/Yancowinna +right/Brazil/Acre +right/Brazil/DeNoronha +right/Brazil/East +right/Brazil/West +right/CET +right/CST6CDT +right/Canada/Atlantic +right/Canada/Central +right/Canada/East-Saskatchewan +right/Canada/Eastern +right/Canada/Mountain +right/Canada/Newfoundland +right/Canada/Pacific +right/Canada/Saskatchewan +right/Canada/Yukon +right/Chile/Continental +right/Chile/EasterIsland +right/Cuba +right/EET +right/EST +right/EST5EDT +right/Egypt +right/Eire +right/Etc/GMT +right/Etc/GMT+0 +right/Etc/GMT+1 +right/Etc/GMT+10 +right/Etc/GMT+11 +right/Etc/GMT+12 +right/Etc/GMT+2 +right/Etc/GMT+3 +right/Etc/GMT+4 +right/Etc/GMT+5 +right/Etc/GMT+6 +right/Etc/GMT+7 +right/Etc/GMT+8 +right/Etc/GMT+9 +right/Etc/GMT-0 +right/Etc/GMT-1 +right/Etc/GMT-10 +right/Etc/GMT-11 +right/Etc/GMT-12 +right/Etc/GMT-13 +right/Etc/GMT-14 +right/Etc/GMT-2 +right/Etc/GMT-3 +right/Etc/GMT-4 +right/Etc/GMT-5 +right/Etc/GMT-6 +right/Etc/GMT-7 +right/Etc/GMT-8 +right/Etc/GMT-9 +right/Etc/GMT0 +right/Etc/Greenwich +right/Etc/UCT +right/Etc/UTC +right/Etc/Universal +right/Etc/Zulu +right/Europe/Amsterdam +right/Europe/Andorra +right/Europe/Athens +right/Europe/Belfast +right/Europe/Belgrade +right/Europe/Berlin +right/Europe/Bratislava +right/Europe/Brussels +right/Europe/Bucharest +right/Europe/Budapest +right/Europe/Chisinau +right/Europe/Copenhagen +right/Europe/Dublin +right/Europe/Gibraltar +right/Europe/Guernsey +right/Europe/Helsinki +right/Europe/Isle_of_Man +right/Europe/Istanbul +right/Europe/Jersey +right/Europe/Kaliningrad +right/Europe/Kiev +right/Europe/Lisbon +right/Europe/Ljubljana +right/Europe/London +right/Europe/Luxembourg +right/Europe/Madrid +right/Europe/Malta +right/Europe/Mariehamn +right/Europe/Minsk +right/Europe/Monaco +right/Europe/Moscow +right/Europe/Nicosia +right/Europe/Oslo +right/Europe/Paris +right/Europe/Podgorica +right/Europe/Prague +right/Europe/Riga +right/Europe/Rome +right/Europe/Samara +right/Europe/San_Marino +right/Europe/Sarajevo +right/Europe/Simferopol +right/Europe/Skopje +right/Europe/Sofia +right/Europe/Stockholm +right/Europe/Tallinn +right/Europe/Tirane +right/Europe/Tiraspol +right/Europe/Uzhgorod +right/Europe/Vaduz +right/Europe/Vatican +right/Europe/Vienna +right/Europe/Vilnius +right/Europe/Volgograd +right/Europe/Warsaw +right/Europe/Zagreb +right/Europe/Zaporozhye +right/Europe/Zurich +right/Factory +right/GB +right/GB-Eire +right/GMT +right/GMT+0 +right/GMT-0 +right/GMT0 +right/Greenwich +right/HST +right/Hongkong +right/Iceland +right/Indian/Antananarivo +right/Indian/Chagos +right/Indian/Christmas +right/Indian/Cocos +right/Indian/Comoro +right/Indian/Kerguelen +right/Indian/Mahe +right/Indian/Maldives +right/Indian/Mauritius +right/Indian/Mayotte +right/Indian/Reunion +right/Iran +right/Israel +right/Jamaica +right/Japan +right/Kwajalein +right/Libya +right/MET +right/MST +right/MST7MDT +right/Mexico/BajaNorte +right/Mexico/BajaSur +right/Mexico/General +right/NZ +right/NZ-CHAT +right/Navajo +right/PRC +right/PST8PDT +right/Pacific/Apia +right/Pacific/Auckland +right/Pacific/Bougainville +right/Pacific/Chatham +right/Pacific/Easter +right/Pacific/Efate +right/Pacific/Enderbury +right/Pacific/Fakaofo +right/Pacific/Fiji +right/Pacific/Funafuti +right/Pacific/Galapagos +right/Pacific/Gambier +right/Pacific/Guadalcanal +right/Pacific/Guam +right/Pacific/Honolulu +right/Pacific/Johnston +right/Pacific/Kiritimati +right/Pacific/Kosrae +right/Pacific/Kwajalein +right/Pacific/Majuro +right/Pacific/Marquesas +right/Pacific/Midway +right/Pacific/Nauru +right/Pacific/Niue +right/Pacific/Norfolk +right/Pacific/Noumea +right/Pacific/Pago_Pago +right/Pacific/Palau +right/Pacific/Pitcairn +right/Pacific/Ponape +right/Pacific/Port_Moresby +right/Pacific/Rarotonga +right/Pacific/Saipan +right/Pacific/Samoa +right/Pacific/Tahiti +right/Pacific/Tarawa +right/Pacific/Tongatapu +right/Pacific/Truk +right/Pacific/Wake +right/Pacific/Wallis +right/Pacific/Yap +right/Poland +right/Portugal +right/ROC +right/ROK +right/Singapore +right/Turkey +right/UCT +right/US/Alaska +right/US/Aleutian +right/US/Arizona +right/US/Central +right/US/East-Indiana +right/US/Eastern +right/US/Hawaii +right/US/Indiana-Starke +right/US/Michigan +right/US/Mountain +right/US/Pacific +right/US/Pacific-New +right/US/Samoa +right/UTC +right/Universal +right/W-SU +right/WET +right/Zulu diff --git a/patches/source/glibc/timezone-scripts/parts/04 b/patches/source/glibc/timezone-scripts/parts/04 new file mode 100644 index 000000000..ec36338b1 --- /dev/null +++ b/patches/source/glibc/timezone-scripts/parts/04 @@ -0,0 +1,32 @@ + +Type it at the prompt below exactly as it appears above. (NOTE: If you don't +see your timezone, use "timeconfig" again after booting for the verbose list) + +EOF + echo -n "Timezone? " + read TIMEZONE; + echo + + if [ -r $T_PX/usr/share/zoneinfo/$TIMEZONE -o \ + -r /var/log/mount/usr/share/zoneinfo/$TIMEZONE -o \ + -L $T_PX/usr/share/zoneinfo/$TIMEZONE -o \ + -L /var/log/mount/usr/share/zoneinfo/$TIMEZONE ]; then + echo "Creating link from $TIMEZONE to localtime in /etc..." + echo + setzone $TIMEZONE + exit + else + cat << EOF + +Timezone $TIMEZONE could not be found. You may try again if you wish. +Make sure you type the name exactly as it appears - this configuration script +is case sensitive. + +Press [enter] to continue. + +EOF + read JUNK; + fi + done +fi + diff --git a/patches/source/glibc/timezone-scripts/parts/README b/patches/source/glibc/timezone-scripts/parts/README new file mode 100644 index 000000000..80d5cf5b4 --- /dev/null +++ b/patches/source/glibc/timezone-scripts/parts/README @@ -0,0 +1,2 @@ +Files 01 and 03 are samples, showing the format, and are +not necessarily up to date... diff --git a/patches/source/glibc/timezone-scripts/setup.timeconfig b/patches/source/glibc/timezone-scripts/setup.timeconfig new file mode 100644 index 000000000..81ff7055f --- /dev/null +++ b/patches/source/glibc/timezone-scripts/setup.timeconfig @@ -0,0 +1,3 @@ +#!/bin/sh +#BLURB="Select your timezone" +sh usr/sbin/timeconfig $* diff --git a/patches/source/glibc/timezone-scripts/timeconfig b/patches/source/glibc/timezone-scripts/timeconfig new file mode 100644 index 000000000..9f939b360 --- /dev/null +++ b/patches/source/glibc/timezone-scripts/timeconfig @@ -0,0 +1,3695 @@ +#!/bin/sh +# +# timeconfig Slackware Linux timezone configuration utility. +# +# Author: Patrick Volkerding <volkerdi@slackware.com> +# Modified by: David Cantrell <david@slackware.com>, 06-Oct-2000 +# +# ChangeLog: +# 2014-10-22: Updated timezones from tzdata2014i. <pjv> +# 2012-12-12: Updated timezones from tzdata2012j. <pjv> +# 2008-03-10: Updated timezones from tzdata2008a. <pjv> +# 2007-12-21: Updated timezones from tzdata2007j. <pjv> +# 2006-12-03: Updated timezones from tzdata2006p. <pjv> +# 2006-09-14: Updated timezones from tzdata2006k. <pjv> +# 2006-08-22: Updated timezones from tzdata2006j. +# 2006-08-13: Updated timezones from tzdata2006g. +# 2006-03-13: Updated timezones from tzdata2006c. +# 19-Feb-2001 Add new timezones from glibc-2.2.2. +# 06-Oct-2000 Fixed a problem with selecting UTC time. It was writing +# the hardwareclock file to the root disk and not your dest +# partition. Changed the HWCLOCK_CONF variable to be +# $T_PX/etc/hardwareclock to fix this. Thanks to David L. +# Dickman <softbear@optonline.net> for finding this and +# submitting a patch. +# +# 15-Mar-2000 Added the writeconf function to write out the +# /etc/hardwareclock file which tells what the hardware clock +# is set to (UTC or localtime). +# +# 03-Mar-2000 Reorganized script. Made one timezone set block, added +# stage that asks the user if the hardware clock is set to +# UTC. + +# setup our temp locations and variables +TMP=/var/log/setup/tmp +if [ -r $TMP/SeTT_PX ]; then + T_PX="`cat $TMP/SeTT_PX`" +elif [ ! "$!" = "" ]; then + T_PX=$1 +else + T_PX=/ +fi + +# the hardware clock configuration file +HWCLOCK_CONF=$T_PX/etc/hardwareclock + +# setzone( $TIMEZONE ) +# +# This function accepts a time zone as the only parameter and sets it as +# the default system time zone. +setzone() +{ + TZ=$1 + + cd $T_PX/etc + if [ -r $T_PX/usr/share/zoneinfo/$TZ -o \ + -r /var/log/mount/usr/share/zoneinfo/$TZ -o \ + -L $T_PX/usr/share/zoneinfo/$TZ -o \ + -L /var/log/mount/usr/share/zoneinfo/$TZ ]; then + ln -sf /usr/share/zoneinfo/$TZ localtime-copied-from + rm -f localtime + cd .. + chroot . cp etc/localtime-copied-from etc/localtime + fi +} + +# writeconf( $CLOCK_SET_TO ) +# +# Writes out $HWCLOCK_CONF that tells rc.S how the hardware clock +# value is stored. +writeconf() +{ + echo "# /etc/hardwareclock" > $HWCLOCK_CONF + echo "#" >> $HWCLOCK_CONF + echo "# Tells how the hardware clock time is stored." >> $HWCLOCK_CONF + echo "# You should run timeconfig to edit this file." >> $HWCLOCK_CONF + echo >> $HWCLOCK_CONF + echo $1 >> $HWCLOCK_CONF +} + +# ask the user if the hardware clock is set for UTC/GMT +if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then + ### + ### use color menus here + ### + dialog --title "HARDWARE CLOCK SET TO UTC?" --menu "Is the hardware clock set \ +to Coordinated Universal Time (UTC/GMT)? If it is, select YES here. If the \ +hardware clock is set to the current local time (this is how most PCs are set \ +up), then say NO here. If you are not sure what this is, you should answer NO \ +here." 13 60 2 \ + "NO" "Hardware clock is set to local time" \ + "YES" "Hardware clock is set to UTC" \ + 2> $TMP/utc + if [ $? = 1 -o $? = 255 ]; then + rm -f $TMP/utc + exit + fi + if [ "`cat $TMP/utc`" = "YES" ]; then + # yes, the hardware clock is UTC + writeconf "UTC" + else # must be NO + writeconf "localtime" + fi + rm -f $TMP/utc +else + ### + ### use text prompts + ### + echo "Is the hardware clock set to Coordinated Universal Time (UTC/GMT)?" + echo "If it is, select 'y' here. If the hardware clock is set to the" + echo "current local time (this is how most PCs are set up), then say 'n'" + echo "here. If you are not sure what this is, you should answer 'n' here." + echo + echo -n "Is your hardware clock set to UTC ([y]es, [n]o)? " + read HEJAZ + + if [ "$HEJAZ" = "y" -o "$HEJAZ" = "Y" -o "$HEJAZ" = "YES" -o "$HEJAZ" = "yes" ]; then + # yes, the hardware clock is UTC + writeconf "UTC" + else + # default to localtime + writeconf "localtime" + fi +fi + +# Now set the correct timezone link: +if [ "$COLOR" = "on" -o -r $TMP/SeTcolor -o "$T_PX" = "/" ]; then + ### + ### use color menus here + ### + dialog --title "TIMEZONE CONFIGURATION" --menu "Please select one of the following timezones for your machine:" 21 50 13 \ +"US/Alaska" " " \ +"US/Aleutian" " " \ +"US/Arizona" " " \ +"US/Central" " " \ +"US/East-Indiana" " " \ +"US/Eastern" " " \ +"US/Hawaii" " " \ +"US/Indiana-Starke" " " \ +"US/Michigan" " " \ +"US/Mountain" " " \ +"US/Pacific" " " \ +"US/Pacific-New" " " \ +"US/Samoa" " " \ +"Africa/Abidjan" " " \ +"Africa/Accra" " " \ +"Africa/Addis_Ababa" " " \ +"Africa/Algiers" " " \ +"Africa/Asmara" " " \ +"Africa/Asmera" " " \ +"Africa/Bamako" " " \ +"Africa/Bangui" " " \ +"Africa/Banjul" " " \ +"Africa/Bissau" " " \ +"Africa/Blantyre" " " \ +"Africa/Brazzaville" " " \ +"Africa/Bujumbura" " " \ +"Africa/Cairo" " " \ +"Africa/Casablanca" " " \ +"Africa/Ceuta" " " \ +"Africa/Conakry" " " \ +"Africa/Dakar" " " \ +"Africa/Dar_es_Salaam" " " \ +"Africa/Djibouti" " " \ +"Africa/Douala" " " \ +"Africa/El_Aaiun" " " \ +"Africa/Freetown" " " \ +"Africa/Gaborone" " " \ +"Africa/Harare" " " \ +"Africa/Johannesburg" " " \ +"Africa/Juba" " " \ +"Africa/Kampala" " " \ +"Africa/Khartoum" " " \ +"Africa/Kigali" " " \ +"Africa/Kinshasa" " " \ +"Africa/Lagos" " " \ +"Africa/Libreville" " " \ +"Africa/Lome" " " \ +"Africa/Luanda" " " \ +"Africa/Lubumbashi" " " \ +"Africa/Lusaka" " " \ +"Africa/Malabo" " " \ +"Africa/Maputo" " " \ +"Africa/Maseru" " " \ +"Africa/Mbabane" " " \ +"Africa/Mogadishu" " " \ +"Africa/Monrovia" " " \ +"Africa/Nairobi" " " \ +"Africa/Ndjamena" " " \ +"Africa/Niamey" " " \ +"Africa/Nouakchott" " " \ +"Africa/Ouagadougou" " " \ +"Africa/Porto-Novo" " " \ +"Africa/Sao_Tome" " " \ +"Africa/Timbuktu" " " \ +"Africa/Tripoli" " " \ +"Africa/Tunis" " " \ +"Africa/Windhoek" " " \ +"America/Adak" " " \ +"America/Anchorage" " " \ +"America/Anguilla" " " \ +"America/Antigua" " " \ +"America/Araguaina" " " \ +"America/Argentina/Buenos_Aires" " " \ +"America/Argentina/Catamarca" " " \ +"America/Argentina/ComodRivadavia" " " \ +"America/Argentina/Cordoba" " " \ +"America/Argentina/Jujuy" " " \ +"America/Argentina/La_Rioja" " " \ +"America/Argentina/Mendoza" " " \ +"America/Argentina/Rio_Gallegos" " " \ +"America/Argentina/Salta" " " \ +"America/Argentina/San_Juan" " " \ +"America/Argentina/San_Luis" " " \ +"America/Argentina/Tucuman" " " \ +"America/Argentina/Ushuaia" " " \ +"America/Aruba" " " \ +"America/Asuncion" " " \ +"America/Atikokan" " " \ +"America/Atka" " " \ +"America/Bahia" " " \ +"America/Bahia_Banderas" " " \ +"America/Barbados" " " \ +"America/Belem" " " \ +"America/Belize" " " \ +"America/Blanc-Sablon" " " \ +"America/Boa_Vista" " " \ +"America/Bogota" " " \ +"America/Boise" " " \ +"America/Buenos_Aires" " " \ +"America/Cambridge_Bay" " " \ +"America/Campo_Grande" " " \ +"America/Cancun" " " \ +"America/Caracas" " " \ +"America/Catamarca" " " \ +"America/Cayenne" " " \ +"America/Cayman" " " \ +"America/Chicago" " " \ +"America/Chihuahua" " " \ +"America/Coral_Harbour" " " \ +"America/Cordoba" " " \ +"America/Costa_Rica" " " \ +"America/Creston" " " \ +"America/Cuiaba" " " \ +"America/Curacao" " " \ +"America/Danmarkshavn" " " \ +"America/Dawson" " " \ +"America/Dawson_Creek" " " \ +"America/Denver" " " \ +"America/Detroit" " " \ +"America/Dominica" " " \ +"America/Edmonton" " " \ +"America/Eirunepe" " " \ +"America/El_Salvador" " " \ +"America/Ensenada" " " \ +"America/Fort_Wayne" " " \ +"America/Fortaleza" " " \ +"America/Glace_Bay" " " \ +"America/Godthab" " " \ +"America/Goose_Bay" " " \ +"America/Grand_Turk" " " \ +"America/Grenada" " " \ +"America/Guadeloupe" " " \ +"America/Guatemala" " " \ +"America/Guayaquil" " " \ +"America/Guyana" " " \ +"America/Halifax" " " \ +"America/Havana" " " \ +"America/Hermosillo" " " \ +"America/Indiana/Indianapolis" " " \ +"America/Indiana/Knox" " " \ +"America/Indiana/Marengo" " " \ +"America/Indiana/Petersburg" " " \ +"America/Indiana/Tell_City" " " \ +"America/Indiana/Vevay" " " \ +"America/Indiana/Vincennes" " " \ +"America/Indiana/Winamac" " " \ +"America/Indianapolis" " " \ +"America/Inuvik" " " \ +"America/Iqaluit" " " \ +"America/Jamaica" " " \ +"America/Jujuy" " " \ +"America/Juneau" " " \ +"America/Kentucky/Louisville" " " \ +"America/Kentucky/Monticello" " " \ +"America/Knox_IN" " " \ +"America/Kralendijk" " " \ +"America/La_Paz" " " \ +"America/Lima" " " \ +"America/Los_Angeles" " " \ +"America/Louisville" " " \ +"America/Lower_Princes" " " \ +"America/Maceio" " " \ +"America/Managua" " " \ +"America/Manaus" " " \ +"America/Marigot" " " \ +"America/Martinique" " " \ +"America/Matamoros" " " \ +"America/Mazatlan" " " \ +"America/Mendoza" " " \ +"America/Menominee" " " \ +"America/Merida" " " \ +"America/Metlakatla" " " \ +"America/Mexico_City" " " \ +"America/Miquelon" " " \ +"America/Moncton" " " \ +"America/Monterrey" " " \ +"America/Montevideo" " " \ +"America/Montreal" " " \ +"America/Montserrat" " " \ +"America/Nassau" " " \ +"America/New_York" " " \ +"America/Nipigon" " " \ +"America/Nome" " " \ +"America/Noronha" " " \ +"America/North_Dakota/Beulah" " " \ +"America/North_Dakota/Center" " " \ +"America/North_Dakota/New_Salem" " " \ +"America/Ojinaga" " " \ +"America/Panama" " " \ +"America/Pangnirtung" " " \ +"America/Paramaribo" " " \ +"America/Phoenix" " " \ +"America/Port-au-Prince" " " \ +"America/Port_of_Spain" " " \ +"America/Porto_Acre" " " \ +"America/Porto_Velho" " " \ +"America/Puerto_Rico" " " \ +"America/Rainy_River" " " \ +"America/Rankin_Inlet" " " \ +"America/Recife" " " \ +"America/Regina" " " \ +"America/Resolute" " " \ +"America/Rio_Branco" " " \ +"America/Rosario" " " \ +"America/Santa_Isabel" " " \ +"America/Santarem" " " \ +"America/Santiago" " " \ +"America/Santo_Domingo" " " \ +"America/Sao_Paulo" " " \ +"America/Scoresbysund" " " \ +"America/Shiprock" " " \ +"America/Sitka" " " \ +"America/St_Barthelemy" " " \ +"America/St_Johns" " " \ +"America/St_Kitts" " " \ +"America/St_Lucia" " " \ +"America/St_Thomas" " " \ +"America/St_Vincent" " " \ +"America/Swift_Current" " " \ +"America/Tegucigalpa" " " \ +"America/Thule" " " \ +"America/Thunder_Bay" " " \ +"America/Tijuana" " " \ +"America/Toronto" " " \ +"America/Tortola" " " \ +"America/Vancouver" " " \ +"America/Virgin" " " \ +"America/Whitehorse" " " \ +"America/Winnipeg" " " \ +"America/Yakutat" " " \ +"America/Yellowknife" " " \ +"Antarctica/Casey" " " \ +"Antarctica/Davis" " " \ +"Antarctica/DumontDUrville" " " \ +"Antarctica/Macquarie" " " \ +"Antarctica/Mawson" " " \ +"Antarctica/McMurdo" " " \ +"Antarctica/Palmer" " " \ +"Antarctica/Rothera" " " \ +"Antarctica/South_Pole" " " \ +"Antarctica/Syowa" " " \ +"Antarctica/Troll" " " \ +"Antarctica/Vostok" " " \ +"Arctic/Longyearbyen" " " \ +"Asia/Aden" " " \ +"Asia/Almaty" " " \ +"Asia/Amman" " " \ +"Asia/Anadyr" " " \ +"Asia/Aqtau" " " \ +"Asia/Aqtobe" " " \ +"Asia/Ashgabat" " " \ +"Asia/Ashkhabad" " " \ +"Asia/Baghdad" " " \ +"Asia/Bahrain" " " \ +"Asia/Baku" " " \ +"Asia/Bangkok" " " \ +"Asia/Beirut" " " \ +"Asia/Bishkek" " " \ +"Asia/Brunei" " " \ +"Asia/Calcutta" " " \ +"Asia/Chita" " " \ +"Asia/Choibalsan" " " \ +"Asia/Chongqing" " " \ +"Asia/Chungking" " " \ +"Asia/Colombo" " " \ +"Asia/Dacca" " " \ +"Asia/Damascus" " " \ +"Asia/Dhaka" " " \ +"Asia/Dili" " " \ +"Asia/Dubai" " " \ +"Asia/Dushanbe" " " \ +"Asia/Gaza" " " \ +"Asia/Harbin" " " \ +"Asia/Hebron" " " \ +"Asia/Ho_Chi_Minh" " " \ +"Asia/Hong_Kong" " " \ +"Asia/Hovd" " " \ +"Asia/Irkutsk" " " \ +"Asia/Istanbul" " " \ +"Asia/Jakarta" " " \ +"Asia/Jayapura" " " \ +"Asia/Jerusalem" " " \ +"Asia/Kabul" " " \ +"Asia/Kamchatka" " " \ +"Asia/Karachi" " " \ +"Asia/Kashgar" " " \ +"Asia/Kathmandu" " " \ +"Asia/Katmandu" " " \ +"Asia/Khandyga" " " \ +"Asia/Kolkata" " " \ +"Asia/Krasnoyarsk" " " \ +"Asia/Kuala_Lumpur" " " \ +"Asia/Kuching" " " \ +"Asia/Kuwait" " " \ +"Asia/Macao" " " \ +"Asia/Macau" " " \ +"Asia/Magadan" " " \ +"Asia/Makassar" " " \ +"Asia/Manila" " " \ +"Asia/Muscat" " " \ +"Asia/Nicosia" " " \ +"Asia/Novokuznetsk" " " \ +"Asia/Novosibirsk" " " \ +"Asia/Omsk" " " \ +"Asia/Oral" " " \ +"Asia/Phnom_Penh" " " \ +"Asia/Pontianak" " " \ +"Asia/Pyongyang" " " \ +"Asia/Qatar" " " \ +"Asia/Qyzylorda" " " \ +"Asia/Rangoon" " " \ +"Asia/Riyadh" " " \ +"Asia/Saigon" " " \ +"Asia/Sakhalin" " " \ +"Asia/Samarkand" " " \ +"Asia/Seoul" " " \ +"Asia/Shanghai" " " \ +"Asia/Singapore" " " \ +"Asia/Srednekolymsk" " " \ +"Asia/Taipei" " " \ +"Asia/Tashkent" " " \ +"Asia/Tbilisi" " " \ +"Asia/Tehran" " " \ +"Asia/Tel_Aviv" " " \ +"Asia/Thimbu" " " \ +"Asia/Thimphu" " " \ +"Asia/Tokyo" " " \ +"Asia/Ujung_Pandang" " " \ +"Asia/Ulaanbaatar" " " \ +"Asia/Ulan_Bator" " " \ +"Asia/Urumqi" " " \ +"Asia/Ust-Nera" " " \ +"Asia/Vientiane" " " \ +"Asia/Vladivostok" " " \ +"Asia/Yakutsk" " " \ +"Asia/Yekaterinburg" " " \ +"Asia/Yerevan" " " \ +"Atlantic/Azores" " " \ +"Atlantic/Bermuda" " " \ +"Atlantic/Canary" " " \ +"Atlantic/Cape_Verde" " " \ +"Atlantic/Faeroe" " " \ +"Atlantic/Faroe" " " \ +"Atlantic/Jan_Mayen" " " \ +"Atlantic/Madeira" " " \ +"Atlantic/Reykjavik" " " \ +"Atlantic/South_Georgia" " " \ +"Atlantic/St_Helena" " " \ +"Atlantic/Stanley" " " \ +"Australia/ACT" " " \ +"Australia/Adelaide" " " \ +"Australia/Brisbane" " " \ +"Australia/Broken_Hill" " " \ +"Australia/Canberra" " " \ +"Australia/Currie" " " \ +"Australia/Darwin" " " \ +"Australia/Eucla" " " \ +"Australia/Hobart" " " \ +"Australia/LHI" " " \ +"Australia/Lindeman" " " \ +"Australia/Lord_Howe" " " \ +"Australia/Melbourne" " " \ +"Australia/NSW" " " \ +"Australia/North" " " \ +"Australia/Perth" " " \ +"Australia/Queensland" " " \ +"Australia/South" " " \ +"Australia/Sydney" " " \ +"Australia/Tasmania" " " \ +"Australia/Victoria" " " \ +"Australia/West" " " \ +"Australia/Yancowinna" " " \ +"Brazil/Acre" " " \ +"Brazil/DeNoronha" " " \ +"Brazil/East" " " \ +"Brazil/West" " " \ +"CET" " " \ +"CST6CDT" " " \ +"Canada/Atlantic" " " \ +"Canada/Central" " " \ +"Canada/East-Saskatchewan" " " \ +"Canada/Eastern" " " \ +"Canada/Mountain" " " \ +"Canada/Newfoundland" " " \ +"Canada/Pacific" " " \ +"Canada/Saskatchewan" " " \ +"Canada/Yukon" " " \ +"Chile/Continental" " " \ +"Chile/EasterIsland" " " \ +"Cuba" " " \ +"EET" " " \ +"EST" " " \ +"EST5EDT" " " \ +"Egypt" " " \ +"Eire" " " \ +"Etc/GMT" " " \ +"Etc/GMT+0" " " \ +"Etc/GMT+1" " " \ +"Etc/GMT+10" " " \ +"Etc/GMT+11" " " \ +"Etc/GMT+12" " " \ +"Etc/GMT+2" " " \ +"Etc/GMT+3" " " \ +"Etc/GMT+4" " " \ +"Etc/GMT+5" " " \ +"Etc/GMT+6" " " \ +"Etc/GMT+7" " " \ +"Etc/GMT+8" " " \ +"Etc/GMT+9" " " \ +"Etc/GMT-0" " " \ +"Etc/GMT-1" " " \ +"Etc/GMT-10" " " \ +"Etc/GMT-11" " " \ +"Etc/GMT-12" " " \ +"Etc/GMT-13" " " \ +"Etc/GMT-14" " " \ +"Etc/GMT-2" " " \ +"Etc/GMT-3" " " \ +"Etc/GMT-4" " " \ +"Etc/GMT-5" " " \ +"Etc/GMT-6" " " \ +"Etc/GMT-7" " " \ +"Etc/GMT-8" " " \ +"Etc/GMT-9" " " \ +"Etc/GMT0" " " \ +"Etc/Greenwich" " " \ +"Etc/UCT" " " \ +"Etc/UTC" " " \ +"Etc/Universal" " " \ +"Etc/Zulu" " " \ +"Europe/Amsterdam" " " \ +"Europe/Andorra" " " \ +"Europe/Athens" " " \ +"Europe/Belfast" " " \ +"Europe/Belgrade" " " \ +"Europe/Berlin" " " \ +"Europe/Bratislava" " " \ +"Europe/Brussels" " " \ +"Europe/Bucharest" " " \ +"Europe/Budapest" " " \ +"Europe/Busingen" " " \ +"Europe/Chisinau" " " \ +"Europe/Copenhagen" " " \ +"Europe/Dublin" " " \ +"Europe/Gibraltar" " " \ +"Europe/Guernsey" " " \ +"Europe/Helsinki" " " \ +"Europe/Isle_of_Man" " " \ +"Europe/Istanbul" " " \ +"Europe/Jersey" " " \ +"Europe/Kaliningrad" " " \ +"Europe/Kiev" " " \ +"Europe/Lisbon" " " \ +"Europe/Ljubljana" " " \ +"Europe/London" " " \ +"Europe/Luxembourg" " " \ +"Europe/Madrid" " " \ +"Europe/Malta" " " \ +"Europe/Mariehamn" " " \ +"Europe/Minsk" " " \ +"Europe/Monaco" " " \ +"Europe/Moscow" " " \ +"Europe/Nicosia" " " \ +"Europe/Oslo" " " \ +"Europe/Paris" " " \ +"Europe/Podgorica" " " \ +"Europe/Prague" " " \ +"Europe/Riga" " " \ +"Europe/Rome" " " \ +"Europe/Samara" " " \ +"Europe/San_Marino" " " \ +"Europe/Sarajevo" " " \ +"Europe/Simferopol" " " \ +"Europe/Skopje" " " \ +"Europe/Sofia" " " \ +"Europe/Stockholm" " " \ +"Europe/Tallinn" " " \ +"Europe/Tirane" " " \ +"Europe/Tiraspol" " " \ +"Europe/Uzhgorod" " " \ +"Europe/Vaduz" " " \ +"Europe/Vatican" " " \ +"Europe/Vienna" " " \ +"Europe/Vilnius" " " \ +"Europe/Volgograd" " " \ +"Europe/Warsaw" " " \ +"Europe/Zagreb" " " \ +"Europe/Zaporozhye" " " \ +"Europe/Zurich" " " \ +"Factory" " " \ +"GB" " " \ +"GB-Eire" " " \ +"GMT" " " \ +"GMT+0" " " \ +"GMT-0" " " \ +"GMT0" " " \ +"Greenwich" " " \ +"HST" " " \ +"Hongkong" " " \ +"Iceland" " " \ +"Indian/Antananarivo" " " \ +"Indian/Chagos" " " \ +"Indian/Christmas" " " \ +"Indian/Cocos" " " \ +"Indian/Comoro" " " \ +"Indian/Kerguelen" " " \ +"Indian/Mahe" " " \ +"Indian/Maldives" " " \ +"Indian/Mauritius" " " \ +"Indian/Mayotte" " " \ +"Indian/Reunion" " " \ +"Iran" " " \ +"Israel" " " \ +"Jamaica" " " \ +"Japan" " " \ +"Kwajalein" " " \ +"Libya" " " \ +"MET" " " \ +"MST" " " \ +"MST7MDT" " " \ +"Mexico/BajaNorte" " " \ +"Mexico/BajaSur" " " \ +"Mexico/General" " " \ +"NZ" " " \ +"NZ-CHAT" " " \ +"Navajo" " " \ +"PRC" " " \ +"PST8PDT" " " \ +"Pacific/Apia" " " \ +"Pacific/Auckland" " " \ +"Pacific/Bougainville" " " \ +"Pacific/Chatham" " " \ +"Pacific/Chuuk" " " \ +"Pacific/Easter" " " \ +"Pacific/Efate" " " \ +"Pacific/Enderbury" " " \ +"Pacific/Fakaofo" " " \ +"Pacific/Fiji" " " \ +"Pacific/Funafuti" " " \ +"Pacific/Galapagos" " " \ +"Pacific/Gambier" " " \ +"Pacific/Guadalcanal" " " \ +"Pacific/Guam" " " \ +"Pacific/Honolulu" " " \ +"Pacific/Johnston" " " \ +"Pacific/Kiritimati" " " \ +"Pacific/Kosrae" " " \ +"Pacific/Kwajalein" " " \ +"Pacific/Majuro" " " \ +"Pacific/Marquesas" " " \ +"Pacific/Midway" " " \ +"Pacific/Nauru" " " \ +"Pacific/Niue" " " \ +"Pacific/Norfolk" " " \ +"Pacific/Noumea" " " \ +"Pacific/Pago_Pago" " " \ +"Pacific/Palau" " " \ +"Pacific/Pitcairn" " " \ +"Pacific/Pohnpei" " " \ +"Pacific/Ponape" " " \ +"Pacific/Port_Moresby" " " \ +"Pacific/Rarotonga" " " \ +"Pacific/Saipan" " " \ +"Pacific/Samoa" " " \ +"Pacific/Tahiti" " " \ +"Pacific/Tarawa" " " \ +"Pacific/Tongatapu" " " \ +"Pacific/Truk" " " \ +"Pacific/Wake" " " \ +"Pacific/Wallis" " " \ +"Pacific/Yap" " " \ +"Poland" " " \ +"Portugal" " " \ +"ROC" " " \ +"ROK" " " \ +"Singapore" " " \ +"Turkey" " " \ +"UCT" " " \ +"UTC" " " \ +"Universal" " " \ +"W-SU" " " \ +"WET" " " \ +"Zulu" " " \ +"posix/Africa/Abidjan" " " \ +"posix/Africa/Accra" " " \ +"posix/Africa/Addis_Ababa" " " \ +"posix/Africa/Algiers" " " \ +"posix/Africa/Asmara" " " \ +"posix/Africa/Asmera" " " \ +"posix/Africa/Bamako" " " \ +"posix/Africa/Bangui" " " \ +"posix/Africa/Banjul" " " \ +"posix/Africa/Bissau" " " \ +"posix/Africa/Blantyre" " " \ +"posix/Africa/Brazzaville" " " \ +"posix/Africa/Bujumbura" " " \ +"posix/Africa/Cairo" " " \ +"posix/Africa/Casablanca" " " \ +"posix/Africa/Ceuta" " " \ +"posix/Africa/Conakry" " " \ +"posix/Africa/Dakar" " " \ +"posix/Africa/Dar_es_Salaam" " " \ +"posix/Africa/Djibouti" " " \ +"posix/Africa/Douala" " " \ +"posix/Africa/El_Aaiun" " " \ +"posix/Africa/Freetown" " " \ +"posix/Africa/Gaborone" " " \ +"posix/Africa/Harare" " " \ +"posix/Africa/Johannesburg" " " \ +"posix/Africa/Juba" " " \ +"posix/Africa/Kampala" " " \ +"posix/Africa/Khartoum" " " \ +"posix/Africa/Kigali" " " \ +"posix/Africa/Kinshasa" " " \ +"posix/Africa/Lagos" " " \ +"posix/Africa/Libreville" " " \ +"posix/Africa/Lome" " " \ +"posix/Africa/Luanda" " " \ +"posix/Africa/Lubumbashi" " " \ +"posix/Africa/Lusaka" " " \ +"posix/Africa/Malabo" " " \ +"posix/Africa/Maputo" " " \ +"posix/Africa/Maseru" " " \ +"posix/Africa/Mbabane" " " \ +"posix/Africa/Mogadishu" " " \ +"posix/Africa/Monrovia" " " \ +"posix/Africa/Nairobi" " " \ +"posix/Africa/Ndjamena" " " \ +"posix/Africa/Niamey" " " \ +"posix/Africa/Nouakchott" " " \ +"posix/Africa/Ouagadougou" " " \ +"posix/Africa/Porto-Novo" " " \ +"posix/Africa/Sao_Tome" " " \ +"posix/Africa/Timbuktu" " " \ +"posix/Africa/Tripoli" " " \ +"posix/Africa/Tunis" " " \ +"posix/Africa/Windhoek" " " \ +"posix/America/Adak" " " \ +"posix/America/Anchorage" " " \ +"posix/America/Anguilla" " " \ +"posix/America/Antigua" " " \ +"posix/America/Araguaina" " " \ +"posix/America/Argentina/Buenos_Aires" " " \ +"posix/America/Argentina/Catamarca" " " \ +"posix/America/Argentina/ComodRivadavia" " " \ +"posix/America/Argentina/Cordoba" " " \ +"posix/America/Argentina/Jujuy" " " \ +"posix/America/Argentina/La_Rioja" " " \ +"posix/America/Argentina/Mendoza" " " \ +"posix/America/Argentina/Rio_Gallegos" " " \ +"posix/America/Argentina/Salta" " " \ +"posix/America/Argentina/San_Juan" " " \ +"posix/America/Argentina/San_Luis" " " \ +"posix/America/Argentina/Tucuman" " " \ +"posix/America/Argentina/Ushuaia" " " \ +"posix/America/Aruba" " " \ +"posix/America/Asuncion" " " \ +"posix/America/Atikokan" " " \ +"posix/America/Atka" " " \ +"posix/America/Bahia" " " \ +"posix/America/Bahia_Banderas" " " \ +"posix/America/Barbados" " " \ +"posix/America/Belem" " " \ +"posix/America/Belize" " " \ +"posix/America/Blanc-Sablon" " " \ +"posix/America/Boa_Vista" " " \ +"posix/America/Bogota" " " \ +"posix/America/Boise" " " \ +"posix/America/Buenos_Aires" " " \ +"posix/America/Cambridge_Bay" " " \ +"posix/America/Campo_Grande" " " \ +"posix/America/Cancun" " " \ +"posix/America/Caracas" " " \ +"posix/America/Catamarca" " " \ +"posix/America/Cayenne" " " \ +"posix/America/Cayman" " " \ +"posix/America/Chicago" " " \ +"posix/America/Chihuahua" " " \ +"posix/America/Coral_Harbour" " " \ +"posix/America/Cordoba" " " \ +"posix/America/Costa_Rica" " " \ +"posix/America/Creston" " " \ +"posix/America/Cuiaba" " " \ +"posix/America/Curacao" " " \ +"posix/America/Danmarkshavn" " " \ +"posix/America/Dawson" " " \ +"posix/America/Dawson_Creek" " " \ +"posix/America/Denver" " " \ +"posix/America/Detroit" " " \ +"posix/America/Dominica" " " \ +"posix/America/Edmonton" " " \ +"posix/America/Eirunepe" " " \ +"posix/America/El_Salvador" " " \ +"posix/America/Ensenada" " " \ +"posix/America/Fort_Wayne" " " \ +"posix/America/Fortaleza" " " \ +"posix/America/Glace_Bay" " " \ +"posix/America/Godthab" " " \ +"posix/America/Goose_Bay" " " \ +"posix/America/Grand_Turk" " " \ +"posix/America/Grenada" " " \ +"posix/America/Guadeloupe" " " \ +"posix/America/Guatemala" " " \ +"posix/America/Guayaquil" " " \ +"posix/America/Guyana" " " \ +"posix/America/Halifax" " " \ +"posix/America/Havana" " " \ +"posix/America/Hermosillo" " " \ +"posix/America/Indiana/Indianapolis" " " \ +"posix/America/Indiana/Knox" " " \ +"posix/America/Indiana/Marengo" " " \ +"posix/America/Indiana/Petersburg" " " \ +"posix/America/Indiana/Tell_City" " " \ +"posix/America/Indiana/Vevay" " " \ +"posix/America/Indiana/Vincennes" " " \ +"posix/America/Indiana/Winamac" " " \ +"posix/America/Indianapolis" " " \ +"posix/America/Inuvik" " " \ +"posix/America/Iqaluit" " " \ +"posix/America/Jamaica" " " \ +"posix/America/Jujuy" " " \ +"posix/America/Juneau" " " \ +"posix/America/Kentucky/Louisville" " " \ +"posix/America/Kentucky/Monticello" " " \ +"posix/America/Knox_IN" " " \ +"posix/America/Kralendijk" " " \ +"posix/America/La_Paz" " " \ +"posix/America/Lima" " " \ +"posix/America/Los_Angeles" " " \ +"posix/America/Louisville" " " \ +"posix/America/Lower_Princes" " " \ +"posix/America/Maceio" " " \ +"posix/America/Managua" " " \ +"posix/America/Manaus" " " \ +"posix/America/Marigot" " " \ +"posix/America/Martinique" " " \ +"posix/America/Matamoros" " " \ +"posix/America/Mazatlan" " " \ +"posix/America/Mendoza" " " \ +"posix/America/Menominee" " " \ +"posix/America/Merida" " " \ +"posix/America/Metlakatla" " " \ +"posix/America/Mexico_City" " " \ +"posix/America/Miquelon" " " \ +"posix/America/Moncton" " " \ +"posix/America/Monterrey" " " \ +"posix/America/Montevideo" " " \ +"posix/America/Montreal" " " \ +"posix/America/Montserrat" " " \ +"posix/America/Nassau" " " \ +"posix/America/New_York" " " \ +"posix/America/Nipigon" " " \ +"posix/America/Nome" " " \ +"posix/America/Noronha" " " \ +"posix/America/North_Dakota/Beulah" " " \ +"posix/America/North_Dakota/Center" " " \ +"posix/America/North_Dakota/New_Salem" " " \ +"posix/America/Ojinaga" " " \ +"posix/America/Panama" " " \ +"posix/America/Pangnirtung" " " \ +"posix/America/Paramaribo" " " \ +"posix/America/Phoenix" " " \ +"posix/America/Port-au-Prince" " " \ +"posix/America/Port_of_Spain" " " \ +"posix/America/Porto_Acre" " " \ +"posix/America/Porto_Velho" " " \ +"posix/America/Puerto_Rico" " " \ +"posix/America/Rainy_River" " " \ +"posix/America/Rankin_Inlet" " " \ +"posix/America/Recife" " " \ +"posix/America/Regina" " " \ +"posix/America/Resolute" " " \ +"posix/America/Rio_Branco" " " \ +"posix/America/Rosario" " " \ +"posix/America/Santa_Isabel" " " \ +"posix/America/Santarem" " " \ +"posix/America/Santiago" " " \ +"posix/America/Santo_Domingo" " " \ +"posix/America/Sao_Paulo" " " \ +"posix/America/Scoresbysund" " " \ +"posix/America/Shiprock" " " \ +"posix/America/Sitka" " " \ +"posix/America/St_Barthelemy" " " \ +"posix/America/St_Johns" " " \ +"posix/America/St_Kitts" " " \ +"posix/America/St_Lucia" " " \ +"posix/America/St_Thomas" " " \ +"posix/America/St_Vincent" " " \ +"posix/America/Swift_Current" " " \ +"posix/America/Tegucigalpa" " " \ +"posix/America/Thule" " " \ +"posix/America/Thunder_Bay" " " \ +"posix/America/Tijuana" " " \ +"posix/America/Toronto" " " \ +"posix/America/Tortola" " " \ +"posix/America/Vancouver" " " \ +"posix/America/Virgin" " " \ +"posix/America/Whitehorse" " " \ +"posix/America/Winnipeg" " " \ +"posix/America/Yakutat" " " \ +"posix/America/Yellowknife" " " \ +"posix/Antarctica/Casey" " " \ +"posix/Antarctica/Davis" " " \ +"posix/Antarctica/DumontDUrville" " " \ +"posix/Antarctica/Macquarie" " " \ +"posix/Antarctica/Mawson" " " \ +"posix/Antarctica/McMurdo" " " \ +"posix/Antarctica/Palmer" " " \ +"posix/Antarctica/Rothera" " " \ +"posix/Antarctica/South_Pole" " " \ +"posix/Antarctica/Syowa" " " \ +"posix/Antarctica/Troll" " " \ +"posix/Antarctica/Vostok" " " \ +"posix/Arctic/Longyearbyen" " " \ +"posix/Asia/Aden" " " \ +"posix/Asia/Almaty" " " \ +"posix/Asia/Amman" " " \ +"posix/Asia/Anadyr" " " \ +"posix/Asia/Aqtau" " " \ +"posix/Asia/Aqtobe" " " \ +"posix/Asia/Ashgabat" " " \ +"posix/Asia/Ashkhabad" " " \ +"posix/Asia/Baghdad" " " \ +"posix/Asia/Bahrain" " " \ +"posix/Asia/Baku" " " \ +"posix/Asia/Bangkok" " " \ +"posix/Asia/Beirut" " " \ +"posix/Asia/Bishkek" " " \ +"posix/Asia/Brunei" " " \ +"posix/Asia/Calcutta" " " \ +"posix/Asia/Chita" " " \ +"posix/Asia/Choibalsan" " " \ +"posix/Asia/Chongqing" " " \ +"posix/Asia/Chungking" " " \ +"posix/Asia/Colombo" " " \ +"posix/Asia/Dacca" " " \ +"posix/Asia/Damascus" " " \ +"posix/Asia/Dhaka" " " \ +"posix/Asia/Dili" " " \ +"posix/Asia/Dubai" " " \ +"posix/Asia/Dushanbe" " " \ +"posix/Asia/Gaza" " " \ +"posix/Asia/Harbin" " " \ +"posix/Asia/Hebron" " " \ +"posix/Asia/Ho_Chi_Minh" " " \ +"posix/Asia/Hong_Kong" " " \ +"posix/Asia/Hovd" " " \ +"posix/Asia/Irkutsk" " " \ +"posix/Asia/Istanbul" " " \ +"posix/Asia/Jakarta" " " \ +"posix/Asia/Jayapura" " " \ +"posix/Asia/Jerusalem" " " \ +"posix/Asia/Kabul" " " \ +"posix/Asia/Kamchatka" " " \ +"posix/Asia/Karachi" " " \ +"posix/Asia/Kashgar" " " \ +"posix/Asia/Kathmandu" " " \ +"posix/Asia/Katmandu" " " \ +"posix/Asia/Khandyga" " " \ +"posix/Asia/Kolkata" " " \ +"posix/Asia/Krasnoyarsk" " " \ +"posix/Asia/Kuala_Lumpur" " " \ +"posix/Asia/Kuching" " " \ +"posix/Asia/Kuwait" " " \ +"posix/Asia/Macao" " " \ +"posix/Asia/Macau" " " \ +"posix/Asia/Magadan" " " \ +"posix/Asia/Makassar" " " \ +"posix/Asia/Manila" " " \ +"posix/Asia/Muscat" " " \ +"posix/Asia/Nicosia" " " \ +"posix/Asia/Novokuznetsk" " " \ +"posix/Asia/Novosibirsk" " " \ +"posix/Asia/Omsk" " " \ +"posix/Asia/Oral" " " \ +"posix/Asia/Phnom_Penh" " " \ +"posix/Asia/Pontianak" " " \ +"posix/Asia/Pyongyang" " " \ +"posix/Asia/Qatar" " " \ +"posix/Asia/Qyzylorda" " " \ +"posix/Asia/Rangoon" " " \ +"posix/Asia/Riyadh" " " \ +"posix/Asia/Saigon" " " \ +"posix/Asia/Sakhalin" " " \ +"posix/Asia/Samarkand" " " \ +"posix/Asia/Seoul" " " \ +"posix/Asia/Shanghai" " " \ +"posix/Asia/Singapore" " " \ +"posix/Asia/Srednekolymsk" " " \ +"posix/Asia/Taipei" " " \ +"posix/Asia/Tashkent" " " \ +"posix/Asia/Tbilisi" " " \ +"posix/Asia/Tehran" " " \ +"posix/Asia/Tel_Aviv" " " \ +"posix/Asia/Thimbu" " " \ +"posix/Asia/Thimphu" " " \ +"posix/Asia/Tokyo" " " \ +"posix/Asia/Ujung_Pandang" " " \ +"posix/Asia/Ulaanbaatar" " " \ +"posix/Asia/Ulan_Bator" " " \ +"posix/Asia/Urumqi" " " \ +"posix/Asia/Ust-Nera" " " \ +"posix/Asia/Vientiane" " " \ +"posix/Asia/Vladivostok" " " \ +"posix/Asia/Yakutsk" " " \ +"posix/Asia/Yekaterinburg" " " \ +"posix/Asia/Yerevan" " " \ +"posix/Atlantic/Azores" " " \ +"posix/Atlantic/Bermuda" " " \ +"posix/Atlantic/Canary" " " \ +"posix/Atlantic/Cape_Verde" " " \ +"posix/Atlantic/Faeroe" " " \ +"posix/Atlantic/Faroe" " " \ +"posix/Atlantic/Jan_Mayen" " " \ +"posix/Atlantic/Madeira" " " \ +"posix/Atlantic/Reykjavik" " " \ +"posix/Atlantic/South_Georgia" " " \ +"posix/Atlantic/St_Helena" " " \ +"posix/Atlantic/Stanley" " " \ +"posix/Australia/ACT" " " \ +"posix/Australia/Adelaide" " " \ +"posix/Australia/Brisbane" " " \ +"posix/Australia/Broken_Hill" " " \ +"posix/Australia/Canberra" " " \ +"posix/Australia/Currie" " " \ +"posix/Australia/Darwin" " " \ +"posix/Australia/Eucla" " " \ +"posix/Australia/Hobart" " " \ +"posix/Australia/LHI" " " \ +"posix/Australia/Lindeman" " " \ +"posix/Australia/Lord_Howe" " " \ +"posix/Australia/Melbourne" " " \ +"posix/Australia/NSW" " " \ +"posix/Australia/North" " " \ +"posix/Australia/Perth" " " \ +"posix/Australia/Queensland" " " \ +"posix/Australia/South" " " \ +"posix/Australia/Sydney" " " \ +"posix/Australia/Tasmania" " " \ +"posix/Australia/Victoria" " " \ +"posix/Australia/West" " " \ +"posix/Australia/Yancowinna" " " \ +"posix/Brazil/Acre" " " \ +"posix/Brazil/DeNoronha" " " \ +"posix/Brazil/East" " " \ +"posix/Brazil/West" " " \ +"posix/CET" " " \ +"posix/CST6CDT" " " \ +"posix/Canada/Atlantic" " " \ +"posix/Canada/Central" " " \ +"posix/Canada/East-Saskatchewan" " " \ +"posix/Canada/Eastern" " " \ +"posix/Canada/Mountain" " " \ +"posix/Canada/Newfoundland" " " \ +"posix/Canada/Pacific" " " \ +"posix/Canada/Saskatchewan" " " \ +"posix/Canada/Yukon" " " \ +"posix/Chile/Continental" " " \ +"posix/Chile/EasterIsland" " " \ +"posix/Cuba" " " \ +"posix/EET" " " \ +"posix/EST" " " \ +"posix/EST5EDT" " " \ +"posix/Egypt" " " \ +"posix/Eire" " " \ +"posix/Etc/GMT" " " \ +"posix/Etc/GMT+0" " " \ +"posix/Etc/GMT+1" " " \ +"posix/Etc/GMT+10" " " \ +"posix/Etc/GMT+11" " " \ +"posix/Etc/GMT+12" " " \ +"posix/Etc/GMT+2" " " \ +"posix/Etc/GMT+3" " " \ +"posix/Etc/GMT+4" " " \ +"posix/Etc/GMT+5" " " \ +"posix/Etc/GMT+6" " " \ +"posix/Etc/GMT+7" " " \ +"posix/Etc/GMT+8" " " \ +"posix/Etc/GMT+9" " " \ +"posix/Etc/GMT-0" " " \ +"posix/Etc/GMT-1" " " \ +"posix/Etc/GMT-10" " " \ +"posix/Etc/GMT-11" " " \ +"posix/Etc/GMT-12" " " \ +"posix/Etc/GMT-13" " " \ +"posix/Etc/GMT-14" " " \ +"posix/Etc/GMT-2" " " \ +"posix/Etc/GMT-3" " " \ +"posix/Etc/GMT-4" " " \ +"posix/Etc/GMT-5" " " \ +"posix/Etc/GMT-6" " " \ +"posix/Etc/GMT-7" " " \ +"posix/Etc/GMT-8" " " \ +"posix/Etc/GMT-9" " " \ +"posix/Etc/GMT0" " " \ +"posix/Etc/Greenwich" " " \ +"posix/Etc/UCT" " " \ +"posix/Etc/UTC" " " \ +"posix/Etc/Universal" " " \ +"posix/Etc/Zulu" " " \ +"posix/Europe/Amsterdam" " " \ +"posix/Europe/Andorra" " " \ +"posix/Europe/Athens" " " \ +"posix/Europe/Belfast" " " \ +"posix/Europe/Belgrade" " " \ +"posix/Europe/Berlin" " " \ +"posix/Europe/Bratislava" " " \ +"posix/Europe/Brussels" " " \ +"posix/Europe/Bucharest" " " \ +"posix/Europe/Budapest" " " \ +"posix/Europe/Busingen" " " \ +"posix/Europe/Chisinau" " " \ +"posix/Europe/Copenhagen" " " \ +"posix/Europe/Dublin" " " \ +"posix/Europe/Gibraltar" " " \ +"posix/Europe/Guernsey" " " \ +"posix/Europe/Helsinki" " " \ +"posix/Europe/Isle_of_Man" " " \ +"posix/Europe/Istanbul" " " \ +"posix/Europe/Jersey" " " \ +"posix/Europe/Kaliningrad" " " \ +"posix/Europe/Kiev" " " \ +"posix/Europe/Lisbon" " " \ +"posix/Europe/Ljubljana" " " \ +"posix/Europe/London" " " \ +"posix/Europe/Luxembourg" " " \ +"posix/Europe/Madrid" " " \ +"posix/Europe/Malta" " " \ +"posix/Europe/Mariehamn" " " \ +"posix/Europe/Minsk" " " \ +"posix/Europe/Monaco" " " \ +"posix/Europe/Moscow" " " \ +"posix/Europe/Nicosia" " " \ +"posix/Europe/Oslo" " " \ +"posix/Europe/Paris" " " \ +"posix/Europe/Podgorica" " " \ +"posix/Europe/Prague" " " \ +"posix/Europe/Riga" " " \ +"posix/Europe/Rome" " " \ +"posix/Europe/Samara" " " \ +"posix/Europe/San_Marino" " " \ +"posix/Europe/Sarajevo" " " \ +"posix/Europe/Simferopol" " " \ +"posix/Europe/Skopje" " " \ +"posix/Europe/Sofia" " " \ +"posix/Europe/Stockholm" " " \ +"posix/Europe/Tallinn" " " \ +"posix/Europe/Tirane" " " \ +"posix/Europe/Tiraspol" " " \ +"posix/Europe/Uzhgorod" " " \ +"posix/Europe/Vaduz" " " \ +"posix/Europe/Vatican" " " \ +"posix/Europe/Vienna" " " \ +"posix/Europe/Vilnius" " " \ +"posix/Europe/Volgograd" " " \ +"posix/Europe/Warsaw" " " \ +"posix/Europe/Zagreb" " " \ +"posix/Europe/Zaporozhye" " " \ +"posix/Europe/Zurich" " " \ +"posix/Factory" " " \ +"posix/GB" " " \ +"posix/GB-Eire" " " \ +"posix/GMT" " " \ +"posix/GMT+0" " " \ +"posix/GMT-0" " " \ +"posix/GMT0" " " \ +"posix/Greenwich" " " \ +"posix/HST" " " \ +"posix/Hongkong" " " \ +"posix/Iceland" " " \ +"posix/Indian/Antananarivo" " " \ +"posix/Indian/Chagos" " " \ +"posix/Indian/Christmas" " " \ +"posix/Indian/Cocos" " " \ +"posix/Indian/Comoro" " " \ +"posix/Indian/Kerguelen" " " \ +"posix/Indian/Mahe" " " \ +"posix/Indian/Maldives" " " \ +"posix/Indian/Mauritius" " " \ +"posix/Indian/Mayotte" " " \ +"posix/Indian/Reunion" " " \ +"posix/Iran" " " \ +"posix/Israel" " " \ +"posix/Jamaica" " " \ +"posix/Japan" " " \ +"posix/Kwajalein" " " \ +"posix/Libya" " " \ +"posix/MET" " " \ +"posix/MST" " " \ +"posix/MST7MDT" " " \ +"posix/Mexico/BajaNorte" " " \ +"posix/Mexico/BajaSur" " " \ +"posix/Mexico/General" " " \ +"posix/NZ" " " \ +"posix/NZ-CHAT" " " \ +"posix/Navajo" " " \ +"posix/PRC" " " \ +"posix/PST8PDT" " " \ +"posix/Pacific/Apia" " " \ +"posix/Pacific/Auckland" " " \ +"posix/Pacific/Bougainville" " " \ +"posix/Pacific/Chatham" " " \ +"posix/Pacific/Chuuk" " " \ +"posix/Pacific/Easter" " " \ +"posix/Pacific/Efate" " " \ +"posix/Pacific/Enderbury" " " \ +"posix/Pacific/Fakaofo" " " \ +"posix/Pacific/Fiji" " " \ +"posix/Pacific/Funafuti" " " \ +"posix/Pacific/Galapagos" " " \ +"posix/Pacific/Gambier" " " \ +"posix/Pacific/Guadalcanal" " " \ +"posix/Pacific/Guam" " " \ +"posix/Pacific/Honolulu" " " \ +"posix/Pacific/Johnston" " " \ +"posix/Pacific/Kiritimati" " " \ +"posix/Pacific/Kosrae" " " \ +"posix/Pacific/Kwajalein" " " \ +"posix/Pacific/Majuro" " " \ +"posix/Pacific/Marquesas" " " \ +"posix/Pacific/Midway" " " \ +"posix/Pacific/Nauru" " " \ +"posix/Pacific/Niue" " " \ +"posix/Pacific/Norfolk" " " \ +"posix/Pacific/Noumea" " " \ +"posix/Pacific/Pago_Pago" " " \ +"posix/Pacific/Palau" " " \ +"posix/Pacific/Pitcairn" " " \ +"posix/Pacific/Pohnpei" " " \ +"posix/Pacific/Ponape" " " \ +"posix/Pacific/Port_Moresby" " " \ +"posix/Pacific/Rarotonga" " " \ +"posix/Pacific/Saipan" " " \ +"posix/Pacific/Samoa" " " \ +"posix/Pacific/Tahiti" " " \ +"posix/Pacific/Tarawa" " " \ +"posix/Pacific/Tongatapu" " " \ +"posix/Pacific/Truk" " " \ +"posix/Pacific/Wake" " " \ +"posix/Pacific/Wallis" " " \ +"posix/Pacific/Yap" " " \ +"posix/Poland" " " \ +"posix/Portugal" " " \ +"posix/ROC" " " \ +"posix/ROK" " " \ +"posix/Singapore" " " \ +"posix/Turkey" " " \ +"posix/UCT" " " \ +"posix/US/Alaska" " " \ +"posix/US/Aleutian" " " \ +"posix/US/Arizona" " " \ +"posix/US/Central" " " \ +"posix/US/East-Indiana" " " \ +"posix/US/Eastern" " " \ +"posix/US/Hawaii" " " \ +"posix/US/Indiana-Starke" " " \ +"posix/US/Michigan" " " \ +"posix/US/Mountain" " " \ +"posix/US/Pacific" " " \ +"posix/US/Pacific-New" " " \ +"posix/US/Samoa" " " \ +"posix/UTC" " " \ +"posix/Universal" " " \ +"posix/W-SU" " " \ +"posix/WET" " " \ +"posix/Zulu" " " \ +"posix/localtime" " " \ +"posix/posixrules" " " \ +"posixrules" " " \ +"right/Africa/Abidjan" " " \ +"right/Africa/Accra" " " \ +"right/Africa/Addis_Ababa" " " \ +"right/Africa/Algiers" " " \ +"right/Africa/Asmara" " " \ +"right/Africa/Asmera" " " \ +"right/Africa/Bamako" " " \ +"right/Africa/Bangui" " " \ +"right/Africa/Banjul" " " \ +"right/Africa/Bissau" " " \ +"right/Africa/Blantyre" " " \ +"right/Africa/Brazzaville" " " \ +"right/Africa/Bujumbura" " " \ +"right/Africa/Cairo" " " \ +"right/Africa/Casablanca" " " \ +"right/Africa/Ceuta" " " \ +"right/Africa/Conakry" " " \ +"right/Africa/Dakar" " " \ +"right/Africa/Dar_es_Salaam" " " \ +"right/Africa/Djibouti" " " \ +"right/Africa/Douala" " " \ +"right/Africa/El_Aaiun" " " \ +"right/Africa/Freetown" " " \ +"right/Africa/Gaborone" " " \ +"right/Africa/Harare" " " \ +"right/Africa/Johannesburg" " " \ +"right/Africa/Juba" " " \ +"right/Africa/Kampala" " " \ +"right/Africa/Khartoum" " " \ +"right/Africa/Kigali" " " \ +"right/Africa/Kinshasa" " " \ +"right/Africa/Lagos" " " \ +"right/Africa/Libreville" " " \ +"right/Africa/Lome" " " \ +"right/Africa/Luanda" " " \ +"right/Africa/Lubumbashi" " " \ +"right/Africa/Lusaka" " " \ +"right/Africa/Malabo" " " \ +"right/Africa/Maputo" " " \ +"right/Africa/Maseru" " " \ +"right/Africa/Mbabane" " " \ +"right/Africa/Mogadishu" " " \ +"right/Africa/Monrovia" " " \ +"right/Africa/Nairobi" " " \ +"right/Africa/Ndjamena" " " \ +"right/Africa/Niamey" " " \ +"right/Africa/Nouakchott" " " \ +"right/Africa/Ouagadougou" " " \ +"right/Africa/Porto-Novo" " " \ +"right/Africa/Sao_Tome" " " \ +"right/Africa/Timbuktu" " " \ +"right/Africa/Tripoli" " " \ +"right/Africa/Tunis" " " \ +"right/Africa/Windhoek" " " \ +"right/America/Adak" " " \ +"right/America/Anchorage" " " \ +"right/America/Anguilla" " " \ +"right/America/Antigua" " " \ +"right/America/Araguaina" " " \ +"right/America/Argentina/Buenos_Aires" " " \ +"right/America/Argentina/Catamarca" " " \ +"right/America/Argentina/ComodRivadavia" " " \ +"right/America/Argentina/Cordoba" " " \ +"right/America/Argentina/Jujuy" " " \ +"right/America/Argentina/La_Rioja" " " \ +"right/America/Argentina/Mendoza" " " \ +"right/America/Argentina/Rio_Gallegos" " " \ +"right/America/Argentina/Salta" " " \ +"right/America/Argentina/San_Juan" " " \ +"right/America/Argentina/San_Luis" " " \ +"right/America/Argentina/Tucuman" " " \ +"right/America/Argentina/Ushuaia" " " \ +"right/America/Aruba" " " \ +"right/America/Asuncion" " " \ +"right/America/Atikokan" " " \ +"right/America/Atka" " " \ +"right/America/Bahia" " " \ +"right/America/Bahia_Banderas" " " \ +"right/America/Barbados" " " \ +"right/America/Belem" " " \ +"right/America/Belize" " " \ +"right/America/Blanc-Sablon" " " \ +"right/America/Boa_Vista" " " \ +"right/America/Bogota" " " \ +"right/America/Boise" " " \ +"right/America/Buenos_Aires" " " \ +"right/America/Cambridge_Bay" " " \ +"right/America/Campo_Grande" " " \ +"right/America/Cancun" " " \ +"right/America/Caracas" " " \ +"right/America/Catamarca" " " \ +"right/America/Cayenne" " " \ +"right/America/Cayman" " " \ +"right/America/Chicago" " " \ +"right/America/Chihuahua" " " \ +"right/America/Coral_Harbour" " " \ +"right/America/Cordoba" " " \ +"right/America/Costa_Rica" " " \ +"right/America/Creston" " " \ +"right/America/Cuiaba" " " \ +"right/America/Curacao" " " \ +"right/America/Danmarkshavn" " " \ +"right/America/Dawson" " " \ +"right/America/Dawson_Creek" " " \ +"right/America/Denver" " " \ +"right/America/Detroit" " " \ +"right/America/Dominica" " " \ +"right/America/Edmonton" " " \ +"right/America/Eirunepe" " " \ +"right/America/El_Salvador" " " \ +"right/America/Ensenada" " " \ +"right/America/Fort_Wayne" " " \ +"right/America/Fortaleza" " " \ +"right/America/Glace_Bay" " " \ +"right/America/Godthab" " " \ +"right/America/Goose_Bay" " " \ +"right/America/Grand_Turk" " " \ +"right/America/Grenada" " " \ +"right/America/Guadeloupe" " " \ +"right/America/Guatemala" " " \ +"right/America/Guayaquil" " " \ +"right/America/Guyana" " " \ +"right/America/Halifax" " " \ +"right/America/Havana" " " \ +"right/America/Hermosillo" " " \ +"right/America/Indiana/Indianapolis" " " \ +"right/America/Indiana/Knox" " " \ +"right/America/Indiana/Marengo" " " \ +"right/America/Indiana/Petersburg" " " \ +"right/America/Indiana/Tell_City" " " \ +"right/America/Indiana/Vevay" " " \ +"right/America/Indiana/Vincennes" " " \ +"right/America/Indiana/Winamac" " " \ +"right/America/Indianapolis" " " \ +"right/America/Inuvik" " " \ +"right/America/Iqaluit" " " \ +"right/America/Jamaica" " " \ +"right/America/Jujuy" " " \ +"right/America/Juneau" " " \ +"right/America/Kentucky/Louisville" " " \ +"right/America/Kentucky/Monticello" " " \ +"right/America/Knox_IN" " " \ +"right/America/Kralendijk" " " \ +"right/America/La_Paz" " " \ +"right/America/Lima" " " \ +"right/America/Los_Angeles" " " \ +"right/America/Louisville" " " \ +"right/America/Lower_Princes" " " \ +"right/America/Maceio" " " \ +"right/America/Managua" " " \ +"right/America/Manaus" " " \ +"right/America/Marigot" " " \ +"right/America/Martinique" " " \ +"right/America/Matamoros" " " \ +"right/America/Mazatlan" " " \ +"right/America/Mendoza" " " \ +"right/America/Menominee" " " \ +"right/America/Merida" " " \ +"right/America/Metlakatla" " " \ +"right/America/Mexico_City" " " \ +"right/America/Miquelon" " " \ +"right/America/Moncton" " " \ +"right/America/Monterrey" " " \ +"right/America/Montevideo" " " \ +"right/America/Montreal" " " \ +"right/America/Montserrat" " " \ +"right/America/Nassau" " " \ +"right/America/New_York" " " \ +"right/America/Nipigon" " " \ +"right/America/Nome" " " \ +"right/America/Noronha" " " \ +"right/America/North_Dakota/Beulah" " " \ +"right/America/North_Dakota/Center" " " \ +"right/America/North_Dakota/New_Salem" " " \ +"right/America/Ojinaga" " " \ +"right/America/Panama" " " \ +"right/America/Pangnirtung" " " \ +"right/America/Paramaribo" " " \ +"right/America/Phoenix" " " \ +"right/America/Port-au-Prince" " " \ +"right/America/Port_of_Spain" " " \ +"right/America/Porto_Acre" " " \ +"right/America/Porto_Velho" " " \ +"right/America/Puerto_Rico" " " \ +"right/America/Rainy_River" " " \ +"right/America/Rankin_Inlet" " " \ +"right/America/Recife" " " \ +"right/America/Regina" " " \ +"right/America/Resolute" " " \ +"right/America/Rio_Branco" " " \ +"right/America/Rosario" " " \ +"right/America/Santa_Isabel" " " \ +"right/America/Santarem" " " \ +"right/America/Santiago" " " \ +"right/America/Santo_Domingo" " " \ +"right/America/Sao_Paulo" " " \ +"right/America/Scoresbysund" " " \ +"right/America/Shiprock" " " \ +"right/America/Sitka" " " \ +"right/America/St_Barthelemy" " " \ +"right/America/St_Johns" " " \ +"right/America/St_Kitts" " " \ +"right/America/St_Lucia" " " \ +"right/America/St_Thomas" " " \ +"right/America/St_Vincent" " " \ +"right/America/Swift_Current" " " \ +"right/America/Tegucigalpa" " " \ +"right/America/Thule" " " \ +"right/America/Thunder_Bay" " " \ +"right/America/Tijuana" " " \ +"right/America/Toronto" " " \ +"right/America/Tortola" " " \ +"right/America/Vancouver" " " \ +"right/America/Virgin" " " \ +"right/America/Whitehorse" " " \ +"right/America/Winnipeg" " " \ +"right/America/Yakutat" " " \ +"right/America/Yellowknife" " " \ +"right/Antarctica/Casey" " " \ +"right/Antarctica/Davis" " " \ +"right/Antarctica/DumontDUrville" " " \ +"right/Antarctica/Macquarie" " " \ +"right/Antarctica/Mawson" " " \ +"right/Antarctica/McMurdo" " " \ +"right/Antarctica/Palmer" " " \ +"right/Antarctica/Rothera" " " \ +"right/Antarctica/South_Pole" " " \ +"right/Antarctica/Syowa" " " \ +"right/Antarctica/Troll" " " \ +"right/Antarctica/Vostok" " " \ +"right/Arctic/Longyearbyen" " " \ +"right/Asia/Aden" " " \ +"right/Asia/Almaty" " " \ +"right/Asia/Amman" " " \ +"right/Asia/Anadyr" " " \ +"right/Asia/Aqtau" " " \ +"right/Asia/Aqtobe" " " \ +"right/Asia/Ashgabat" " " \ +"right/Asia/Ashkhabad" " " \ +"right/Asia/Baghdad" " " \ +"right/Asia/Bahrain" " " \ +"right/Asia/Baku" " " \ +"right/Asia/Bangkok" " " \ +"right/Asia/Beirut" " " \ +"right/Asia/Bishkek" " " \ +"right/Asia/Brunei" " " \ +"right/Asia/Calcutta" " " \ +"right/Asia/Chita" " " \ +"right/Asia/Choibalsan" " " \ +"right/Asia/Chongqing" " " \ +"right/Asia/Chungking" " " \ +"right/Asia/Colombo" " " \ +"right/Asia/Dacca" " " \ +"right/Asia/Damascus" " " \ +"right/Asia/Dhaka" " " \ +"right/Asia/Dili" " " \ +"right/Asia/Dubai" " " \ +"right/Asia/Dushanbe" " " \ +"right/Asia/Gaza" " " \ +"right/Asia/Harbin" " " \ +"right/Asia/Hebron" " " \ +"right/Asia/Ho_Chi_Minh" " " \ +"right/Asia/Hong_Kong" " " \ +"right/Asia/Hovd" " " \ +"right/Asia/Irkutsk" " " \ +"right/Asia/Istanbul" " " \ +"right/Asia/Jakarta" " " \ +"right/Asia/Jayapura" " " \ +"right/Asia/Jerusalem" " " \ +"right/Asia/Kabul" " " \ +"right/Asia/Kamchatka" " " \ +"right/Asia/Karachi" " " \ +"right/Asia/Kashgar" " " \ +"right/Asia/Kathmandu" " " \ +"right/Asia/Katmandu" " " \ +"right/Asia/Khandyga" " " \ +"right/Asia/Kolkata" " " \ +"right/Asia/Krasnoyarsk" " " \ +"right/Asia/Kuala_Lumpur" " " \ +"right/Asia/Kuching" " " \ +"right/Asia/Kuwait" " " \ +"right/Asia/Macao" " " \ +"right/Asia/Macau" " " \ +"right/Asia/Magadan" " " \ +"right/Asia/Makassar" " " \ +"right/Asia/Manila" " " \ +"right/Asia/Muscat" " " \ +"right/Asia/Nicosia" " " \ +"right/Asia/Novokuznetsk" " " \ +"right/Asia/Novosibirsk" " " \ +"right/Asia/Omsk" " " \ +"right/Asia/Oral" " " \ +"right/Asia/Phnom_Penh" " " \ +"right/Asia/Pontianak" " " \ +"right/Asia/Pyongyang" " " \ +"right/Asia/Qatar" " " \ +"right/Asia/Qyzylorda" " " \ +"right/Asia/Rangoon" " " \ +"right/Asia/Riyadh" " " \ +"right/Asia/Saigon" " " \ +"right/Asia/Sakhalin" " " \ +"right/Asia/Samarkand" " " \ +"right/Asia/Seoul" " " \ +"right/Asia/Shanghai" " " \ +"right/Asia/Singapore" " " \ +"right/Asia/Srednekolymsk" " " \ +"right/Asia/Taipei" " " \ +"right/Asia/Tashkent" " " \ +"right/Asia/Tbilisi" " " \ +"right/Asia/Tehran" " " \ +"right/Asia/Tel_Aviv" " " \ +"right/Asia/Thimbu" " " \ +"right/Asia/Thimphu" " " \ +"right/Asia/Tokyo" " " \ +"right/Asia/Ujung_Pandang" " " \ +"right/Asia/Ulaanbaatar" " " \ +"right/Asia/Ulan_Bator" " " \ +"right/Asia/Urumqi" " " \ +"right/Asia/Ust-Nera" " " \ +"right/Asia/Vientiane" " " \ +"right/Asia/Vladivostok" " " \ +"right/Asia/Yakutsk" " " \ +"right/Asia/Yekaterinburg" " " \ +"right/Asia/Yerevan" " " \ +"right/Atlantic/Azores" " " \ +"right/Atlantic/Bermuda" " " \ +"right/Atlantic/Canary" " " \ +"right/Atlantic/Cape_Verde" " " \ +"right/Atlantic/Faeroe" " " \ +"right/Atlantic/Faroe" " " \ +"right/Atlantic/Jan_Mayen" " " \ +"right/Atlantic/Madeira" " " \ +"right/Atlantic/Reykjavik" " " \ +"right/Atlantic/South_Georgia" " " \ +"right/Atlantic/St_Helena" " " \ +"right/Atlantic/Stanley" " " \ +"right/Australia/ACT" " " \ +"right/Australia/Adelaide" " " \ +"right/Australia/Brisbane" " " \ +"right/Australia/Broken_Hill" " " \ +"right/Australia/Canberra" " " \ +"right/Australia/Currie" " " \ +"right/Australia/Darwin" " " \ +"right/Australia/Eucla" " " \ +"right/Australia/Hobart" " " \ +"right/Australia/LHI" " " \ +"right/Australia/Lindeman" " " \ +"right/Australia/Lord_Howe" " " \ +"right/Australia/Melbourne" " " \ +"right/Australia/NSW" " " \ +"right/Australia/North" " " \ +"right/Australia/Perth" " " \ +"right/Australia/Queensland" " " \ +"right/Australia/South" " " \ +"right/Australia/Sydney" " " \ +"right/Australia/Tasmania" " " \ +"right/Australia/Victoria" " " \ +"right/Australia/West" " " \ +"right/Australia/Yancowinna" " " \ +"right/Brazil/Acre" " " \ +"right/Brazil/DeNoronha" " " \ +"right/Brazil/East" " " \ +"right/Brazil/West" " " \ +"right/CET" " " \ +"right/CST6CDT" " " \ +"right/Canada/Atlantic" " " \ +"right/Canada/Central" " " \ +"right/Canada/East-Saskatchewan" " " \ +"right/Canada/Eastern" " " \ +"right/Canada/Mountain" " " \ +"right/Canada/Newfoundland" " " \ +"right/Canada/Pacific" " " \ +"right/Canada/Saskatchewan" " " \ +"right/Canada/Yukon" " " \ +"right/Chile/Continental" " " \ +"right/Chile/EasterIsland" " " \ +"right/Cuba" " " \ +"right/EET" " " \ +"right/EST" " " \ +"right/EST5EDT" " " \ +"right/Egypt" " " \ +"right/Eire" " " \ +"right/Etc/GMT" " " \ +"right/Etc/GMT+0" " " \ +"right/Etc/GMT+1" " " \ +"right/Etc/GMT+10" " " \ +"right/Etc/GMT+11" " " \ +"right/Etc/GMT+12" " " \ +"right/Etc/GMT+2" " " \ +"right/Etc/GMT+3" " " \ +"right/Etc/GMT+4" " " \ +"right/Etc/GMT+5" " " \ +"right/Etc/GMT+6" " " \ +"right/Etc/GMT+7" " " \ +"right/Etc/GMT+8" " " \ +"right/Etc/GMT+9" " " \ +"right/Etc/GMT-0" " " \ +"right/Etc/GMT-1" " " \ +"right/Etc/GMT-10" " " \ +"right/Etc/GMT-11" " " \ +"right/Etc/GMT-12" " " \ +"right/Etc/GMT-13" " " \ +"right/Etc/GMT-14" " " \ +"right/Etc/GMT-2" " " \ +"right/Etc/GMT-3" " " \ +"right/Etc/GMT-4" " " \ +"right/Etc/GMT-5" " " \ +"right/Etc/GMT-6" " " \ +"right/Etc/GMT-7" " " \ +"right/Etc/GMT-8" " " \ +"right/Etc/GMT-9" " " \ +"right/Etc/GMT0" " " \ +"right/Etc/Greenwich" " " \ +"right/Etc/UCT" " " \ +"right/Etc/UTC" " " \ +"right/Etc/Universal" " " \ +"right/Etc/Zulu" " " \ +"right/Europe/Amsterdam" " " \ +"right/Europe/Andorra" " " \ +"right/Europe/Athens" " " \ +"right/Europe/Belfast" " " \ +"right/Europe/Belgrade" " " \ +"right/Europe/Berlin" " " \ +"right/Europe/Bratislava" " " \ +"right/Europe/Brussels" " " \ +"right/Europe/Bucharest" " " \ +"right/Europe/Budapest" " " \ +"right/Europe/Busingen" " " \ +"right/Europe/Chisinau" " " \ +"right/Europe/Copenhagen" " " \ +"right/Europe/Dublin" " " \ +"right/Europe/Gibraltar" " " \ +"right/Europe/Guernsey" " " \ +"right/Europe/Helsinki" " " \ +"right/Europe/Isle_of_Man" " " \ +"right/Europe/Istanbul" " " \ +"right/Europe/Jersey" " " \ +"right/Europe/Kaliningrad" " " \ +"right/Europe/Kiev" " " \ +"right/Europe/Lisbon" " " \ +"right/Europe/Ljubljana" " " \ +"right/Europe/London" " " \ +"right/Europe/Luxembourg" " " \ +"right/Europe/Madrid" " " \ +"right/Europe/Malta" " " \ +"right/Europe/Mariehamn" " " \ +"right/Europe/Minsk" " " \ +"right/Europe/Monaco" " " \ +"right/Europe/Moscow" " " \ +"right/Europe/Nicosia" " " \ +"right/Europe/Oslo" " " \ +"right/Europe/Paris" " " \ +"right/Europe/Podgorica" " " \ +"right/Europe/Prague" " " \ +"right/Europe/Riga" " " \ +"right/Europe/Rome" " " \ +"right/Europe/Samara" " " \ +"right/Europe/San_Marino" " " \ +"right/Europe/Sarajevo" " " \ +"right/Europe/Simferopol" " " \ +"right/Europe/Skopje" " " \ +"right/Europe/Sofia" " " \ +"right/Europe/Stockholm" " " \ +"right/Europe/Tallinn" " " \ +"right/Europe/Tirane" " " \ +"right/Europe/Tiraspol" " " \ +"right/Europe/Uzhgorod" " " \ +"right/Europe/Vaduz" " " \ +"right/Europe/Vatican" " " \ +"right/Europe/Vienna" " " \ +"right/Europe/Vilnius" " " \ +"right/Europe/Volgograd" " " \ +"right/Europe/Warsaw" " " \ +"right/Europe/Zagreb" " " \ +"right/Europe/Zaporozhye" " " \ +"right/Europe/Zurich" " " \ +"right/Factory" " " \ +"right/GB" " " \ +"right/GB-Eire" " " \ +"right/GMT" " " \ +"right/GMT+0" " " \ +"right/GMT-0" " " \ +"right/GMT0" " " \ +"right/Greenwich" " " \ +"right/HST" " " \ +"right/Hongkong" " " \ +"right/Iceland" " " \ +"right/Indian/Antananarivo" " " \ +"right/Indian/Chagos" " " \ +"right/Indian/Christmas" " " \ +"right/Indian/Cocos" " " \ +"right/Indian/Comoro" " " \ +"right/Indian/Kerguelen" " " \ +"right/Indian/Mahe" " " \ +"right/Indian/Maldives" " " \ +"right/Indian/Mauritius" " " \ +"right/Indian/Mayotte" " " \ +"right/Indian/Reunion" " " \ +"right/Iran" " " \ +"right/Israel" " " \ +"right/Jamaica" " " \ +"right/Japan" " " \ +"right/Kwajalein" " " \ +"right/Libya" " " \ +"right/MET" " " \ +"right/MST" " " \ +"right/MST7MDT" " " \ +"right/Mexico/BajaNorte" " " \ +"right/Mexico/BajaSur" " " \ +"right/Mexico/General" " " \ +"right/NZ" " " \ +"right/NZ-CHAT" " " \ +"right/Navajo" " " \ +"right/PRC" " " \ +"right/PST8PDT" " " \ +"right/Pacific/Apia" " " \ +"right/Pacific/Auckland" " " \ +"right/Pacific/Bougainville" " " \ +"right/Pacific/Chatham" " " \ +"right/Pacific/Chuuk" " " \ +"right/Pacific/Easter" " " \ +"right/Pacific/Efate" " " \ +"right/Pacific/Enderbury" " " \ +"right/Pacific/Fakaofo" " " \ +"right/Pacific/Fiji" " " \ +"right/Pacific/Funafuti" " " \ +"right/Pacific/Galapagos" " " \ +"right/Pacific/Gambier" " " \ +"right/Pacific/Guadalcanal" " " \ +"right/Pacific/Guam" " " \ +"right/Pacific/Honolulu" " " \ +"right/Pacific/Johnston" " " \ +"right/Pacific/Kiritimati" " " \ +"right/Pacific/Kosrae" " " \ +"right/Pacific/Kwajalein" " " \ +"right/Pacific/Majuro" " " \ +"right/Pacific/Marquesas" " " \ +"right/Pacific/Midway" " " \ +"right/Pacific/Nauru" " " \ +"right/Pacific/Niue" " " \ +"right/Pacific/Norfolk" " " \ +"right/Pacific/Noumea" " " \ +"right/Pacific/Pago_Pago" " " \ +"right/Pacific/Palau" " " \ +"right/Pacific/Pitcairn" " " \ +"right/Pacific/Pohnpei" " " \ +"right/Pacific/Ponape" " " \ +"right/Pacific/Port_Moresby" " " \ +"right/Pacific/Rarotonga" " " \ +"right/Pacific/Saipan" " " \ +"right/Pacific/Samoa" " " \ +"right/Pacific/Tahiti" " " \ +"right/Pacific/Tarawa" " " \ +"right/Pacific/Tongatapu" " " \ +"right/Pacific/Truk" " " \ +"right/Pacific/Wake" " " \ +"right/Pacific/Wallis" " " \ +"right/Pacific/Yap" " " \ +"right/Poland" " " \ +"right/Portugal" " " \ +"right/ROC" " " \ +"right/ROK" " " \ +"right/Singapore" " " \ +"right/Turkey" " " \ +"right/UCT" " " \ +"right/US/Alaska" " " \ +"right/US/Aleutian" " " \ +"right/US/Arizona" " " \ +"right/US/Central" " " \ +"right/US/East-Indiana" " " \ +"right/US/Eastern" " " \ +"right/US/Hawaii" " " \ +"right/US/Indiana-Starke" " " \ +"right/US/Michigan" " " \ +"right/US/Mountain" " " \ +"right/US/Pacific" " " \ +"right/US/Pacific-New" " " \ +"right/US/Samoa" " " \ +"right/UTC" " " \ +"right/Universal" " " \ +"right/W-SU" " " \ +"right/WET" " " \ +"right/Zulu" " " \ + 2> $TMP/tz + + if [ $? = 1 -o $? = 255 ]; then + rm -f $TMP/tz + exit + fi + + TIMEZONE="`cat $TMP/tz`" + rm -f $TMP/tz + + setzone $TIMEZONE + exit +else + ### + ### use text prompts + ### + while [ 0 ]; do + echo -n "Would you like to configure your timezone ([y]es, [n]o)? " + read TIMECONF; + echo + + if [ "$TIMECONF" = "n" ]; then + break + fi + + cat << EOF +Select one of these timezones: + +US/Alaska +US/Aleutian +US/Arizona +US/Central +US/East-Indiana +US/Eastern +US/Hawaii +US/Indiana-Starke +US/Michigan +US/Mountain +US/Pacific +US/Pacific-New +US/Samoa +Africa/Abidjan +Africa/Accra +Africa/Addis_Ababa +Africa/Algiers +Africa/Asmara +Africa/Asmera +Africa/Bamako +Africa/Bangui +Africa/Banjul +Africa/Bissau +Africa/Blantyre +Africa/Brazzaville +Africa/Bujumbura +Africa/Cairo +Africa/Casablanca +Africa/Ceuta +Africa/Conakry +Africa/Dakar +Africa/Dar_es_Salaam +Africa/Djibouti +Africa/Douala +Africa/El_Aaiun +Africa/Freetown +Africa/Gaborone +Africa/Harare +Africa/Johannesburg +Africa/Juba +Africa/Kampala +Africa/Khartoum +Africa/Kigali +Africa/Kinshasa +Africa/Lagos +Africa/Libreville +Africa/Lome +Africa/Luanda +Africa/Lubumbashi +Africa/Lusaka +Africa/Malabo +Africa/Maputo +Africa/Maseru +Africa/Mbabane +Africa/Mogadishu +Africa/Monrovia +Africa/Nairobi +Africa/Ndjamena +Africa/Niamey +Africa/Nouakchott +Africa/Ouagadougou +Africa/Porto-Novo +Africa/Sao_Tome +Africa/Timbuktu +Africa/Tripoli +Africa/Tunis +Africa/Windhoek +America/Adak +America/Anchorage +America/Anguilla +America/Antigua +America/Araguaina +America/Argentina/Buenos_Aires +America/Argentina/Catamarca +America/Argentina/ComodRivadavia +America/Argentina/Cordoba +America/Argentina/Jujuy +America/Argentina/La_Rioja +America/Argentina/Mendoza +America/Argentina/Rio_Gallegos +America/Argentina/Salta +America/Argentina/San_Juan +America/Argentina/San_Luis +America/Argentina/Tucuman +America/Argentina/Ushuaia +America/Aruba +America/Asuncion +America/Atikokan +America/Atka +America/Bahia +America/Bahia_Banderas +America/Barbados +America/Belem +America/Belize +America/Blanc-Sablon +America/Boa_Vista +America/Bogota +America/Boise +America/Buenos_Aires +America/Cambridge_Bay +America/Campo_Grande +America/Cancun +America/Caracas +America/Catamarca +America/Cayenne +America/Cayman +America/Chicago +America/Chihuahua +America/Coral_Harbour +America/Cordoba +America/Costa_Rica +America/Creston +America/Cuiaba +America/Curacao +America/Danmarkshavn +America/Dawson +America/Dawson_Creek +America/Denver +America/Detroit +America/Dominica +America/Edmonton +America/Eirunepe +America/El_Salvador +America/Ensenada +America/Fort_Wayne +America/Fortaleza +America/Glace_Bay +America/Godthab +America/Goose_Bay +America/Grand_Turk +America/Grenada +America/Guadeloupe +America/Guatemala +America/Guayaquil +America/Guyana +America/Halifax +America/Havana +America/Hermosillo +America/Indiana/Indianapolis +America/Indiana/Knox +America/Indiana/Marengo +America/Indiana/Petersburg +America/Indiana/Tell_City +America/Indiana/Vevay +America/Indiana/Vincennes +America/Indiana/Winamac +America/Indianapolis +America/Inuvik +America/Iqaluit +America/Jamaica +America/Jujuy +America/Juneau +America/Kentucky/Louisville +America/Kentucky/Monticello +America/Knox_IN +America/Kralendijk +America/La_Paz +America/Lima +America/Los_Angeles +America/Louisville +America/Lower_Princes +America/Maceio +America/Managua +America/Manaus +America/Marigot +America/Martinique +America/Matamoros +America/Mazatlan +America/Mendoza +America/Menominee +America/Merida +America/Metlakatla +America/Mexico_City +America/Miquelon +America/Moncton +America/Monterrey +America/Montevideo +America/Montreal +America/Montserrat +America/Nassau +America/New_York +America/Nipigon +America/Nome +America/Noronha +America/North_Dakota/Beulah +America/North_Dakota/Center +America/North_Dakota/New_Salem +America/Ojinaga +America/Panama +America/Pangnirtung +America/Paramaribo +America/Phoenix +America/Port-au-Prince +America/Port_of_Spain +America/Porto_Acre +America/Porto_Velho +America/Puerto_Rico +America/Rainy_River +America/Rankin_Inlet +America/Recife +America/Regina +America/Resolute +America/Rio_Branco +America/Rosario +America/Santa_Isabel +America/Santarem +America/Santiago +America/Santo_Domingo +America/Sao_Paulo +America/Scoresbysund +America/Shiprock +America/Sitka +America/St_Barthelemy +America/St_Johns +America/St_Kitts +America/St_Lucia +America/St_Thomas +America/St_Vincent +America/Swift_Current +America/Tegucigalpa +America/Thule +America/Thunder_Bay +America/Tijuana +America/Toronto +America/Tortola +America/Vancouver +America/Virgin +America/Whitehorse +America/Winnipeg +America/Yakutat +America/Yellowknife +Antarctica/Casey +Antarctica/Davis +Antarctica/DumontDUrville +Antarctica/Macquarie +Antarctica/Mawson +Antarctica/McMurdo +Antarctica/Palmer +Antarctica/Rothera +Antarctica/South_Pole +Antarctica/Syowa +Antarctica/Troll +Antarctica/Vostok +Arctic/Longyearbyen +Asia/Aden +Asia/Almaty +Asia/Amman +Asia/Anadyr +Asia/Aqtau +Asia/Aqtobe +Asia/Ashgabat +Asia/Ashkhabad +Asia/Baghdad +Asia/Bahrain +Asia/Baku +Asia/Bangkok +Asia/Beirut +Asia/Bishkek +Asia/Brunei +Asia/Calcutta +Asia/Chita +Asia/Choibalsan +Asia/Chongqing +Asia/Chungking +Asia/Colombo +Asia/Dacca +Asia/Damascus +Asia/Dhaka +Asia/Dili +Asia/Dubai +Asia/Dushanbe +Asia/Gaza +Asia/Harbin +Asia/Hebron +Asia/Ho_Chi_Minh +Asia/Hong_Kong +Asia/Hovd +Asia/Irkutsk +Asia/Istanbul +Asia/Jakarta +Asia/Jayapura +Asia/Jerusalem +Asia/Kabul +Asia/Kamchatka +Asia/Karachi +Asia/Kashgar +Asia/Kathmandu +Asia/Katmandu +Asia/Khandyga +Asia/Kolkata +Asia/Krasnoyarsk +Asia/Kuala_Lumpur +Asia/Kuching +Asia/Kuwait +Asia/Macao +Asia/Macau +Asia/Magadan +Asia/Makassar +Asia/Manila +Asia/Muscat +Asia/Nicosia +Asia/Novokuznetsk +Asia/Novosibirsk +Asia/Omsk +Asia/Oral +Asia/Phnom_Penh +Asia/Pontianak +Asia/Pyongyang +Asia/Qatar +Asia/Qyzylorda +Asia/Rangoon +Asia/Riyadh +Asia/Saigon +Asia/Sakhalin +Asia/Samarkand +Asia/Seoul +Asia/Shanghai +Asia/Singapore +Asia/Srednekolymsk +Asia/Taipei +Asia/Tashkent +Asia/Tbilisi +Asia/Tehran +Asia/Tel_Aviv +Asia/Thimbu +Asia/Thimphu +Asia/Tokyo +Asia/Ujung_Pandang +Asia/Ulaanbaatar +Asia/Ulan_Bator +Asia/Urumqi +Asia/Ust-Nera +Asia/Vientiane +Asia/Vladivostok +Asia/Yakutsk +Asia/Yekaterinburg +Asia/Yerevan +Atlantic/Azores +Atlantic/Bermuda +Atlantic/Canary +Atlantic/Cape_Verde +Atlantic/Faeroe +Atlantic/Faroe +Atlantic/Jan_Mayen +Atlantic/Madeira +Atlantic/Reykjavik +Atlantic/South_Georgia +Atlantic/St_Helena +Atlantic/Stanley +Australia/ACT +Australia/Adelaide +Australia/Brisbane +Australia/Broken_Hill +Australia/Canberra +Australia/Currie +Australia/Darwin +Australia/Eucla +Australia/Hobart +Australia/LHI +Australia/Lindeman +Australia/Lord_Howe +Australia/Melbourne +Australia/NSW +Australia/North +Australia/Perth +Australia/Queensland +Australia/South +Australia/Sydney +Australia/Tasmania +Australia/Victoria +Australia/West +Australia/Yancowinna +Brazil/Acre +Brazil/DeNoronha +Brazil/East +Brazil/West +CET +CST6CDT +Canada/Atlantic +Canada/Central +Canada/East-Saskatchewan +Canada/Eastern +Canada/Mountain +Canada/Newfoundland +Canada/Pacific +Canada/Saskatchewan +Canada/Yukon +Chile/Continental +Chile/EasterIsland +Cuba +EET +EST +EST5EDT +Egypt +Eire +Etc/GMT +Etc/GMT+0 +Etc/GMT+1 +Etc/GMT+10 +Etc/GMT+11 +Etc/GMT+12 +Etc/GMT+2 +Etc/GMT+3 +Etc/GMT+4 +Etc/GMT+5 +Etc/GMT+6 +Etc/GMT+7 +Etc/GMT+8 +Etc/GMT+9 +Etc/GMT-0 +Etc/GMT-1 +Etc/GMT-10 +Etc/GMT-11 +Etc/GMT-12 +Etc/GMT-13 +Etc/GMT-14 +Etc/GMT-2 +Etc/GMT-3 +Etc/GMT-4 +Etc/GMT-5 +Etc/GMT-6 +Etc/GMT-7 +Etc/GMT-8 +Etc/GMT-9 +Etc/GMT0 +Etc/Greenwich +Etc/UCT +Etc/UTC +Etc/Universal +Etc/Zulu +Europe/Amsterdam +Europe/Andorra +Europe/Athens +Europe/Belfast +Europe/Belgrade +Europe/Berlin +Europe/Bratislava +Europe/Brussels +Europe/Bucharest +Europe/Budapest +Europe/Busingen +Europe/Chisinau +Europe/Copenhagen +Europe/Dublin +Europe/Gibraltar +Europe/Guernsey +Europe/Helsinki +Europe/Isle_of_Man +Europe/Istanbul +Europe/Jersey +Europe/Kaliningrad +Europe/Kiev +Europe/Lisbon +Europe/Ljubljana +Europe/London +Europe/Luxembourg +Europe/Madrid +Europe/Malta +Europe/Mariehamn +Europe/Minsk +Europe/Monaco +Europe/Moscow +Europe/Nicosia +Europe/Oslo +Europe/Paris +Europe/Podgorica +Europe/Prague +Europe/Riga +Europe/Rome +Europe/Samara +Europe/San_Marino +Europe/Sarajevo +Europe/Simferopol +Europe/Skopje +Europe/Sofia +Europe/Stockholm +Europe/Tallinn +Europe/Tirane +Europe/Tiraspol +Europe/Uzhgorod +Europe/Vaduz +Europe/Vatican +Europe/Vienna +Europe/Vilnius +Europe/Volgograd +Europe/Warsaw +Europe/Zagreb +Europe/Zaporozhye +Europe/Zurich +Factory +GB +GB-Eire +GMT +GMT+0 +GMT-0 +GMT0 +Greenwich +HST +Hongkong +Iceland +Indian/Antananarivo +Indian/Chagos +Indian/Christmas +Indian/Cocos +Indian/Comoro +Indian/Kerguelen +Indian/Mahe +Indian/Maldives +Indian/Mauritius +Indian/Mayotte +Indian/Reunion +Iran +Israel +Jamaica +Japan +Kwajalein +Libya +MET +MST +MST7MDT +Mexico/BajaNorte +Mexico/BajaSur +Mexico/General +NZ +NZ-CHAT +Navajo +PRC +PST8PDT +Pacific/Apia +Pacific/Auckland +Pacific/Bougainville +Pacific/Chatham +Pacific/Chuuk +Pacific/Easter +Pacific/Efate +Pacific/Enderbury +Pacific/Fakaofo +Pacific/Fiji +Pacific/Funafuti +Pacific/Galapagos +Pacific/Gambier +Pacific/Guadalcanal +Pacific/Guam +Pacific/Honolulu +Pacific/Johnston +Pacific/Kiritimati +Pacific/Kosrae +Pacific/Kwajalein +Pacific/Majuro +Pacific/Marquesas +Pacific/Midway +Pacific/Nauru +Pacific/Niue +Pacific/Norfolk +Pacific/Noumea +Pacific/Pago_Pago +Pacific/Palau +Pacific/Pitcairn +Pacific/Pohnpei +Pacific/Ponape +Pacific/Port_Moresby +Pacific/Rarotonga +Pacific/Saipan +Pacific/Samoa +Pacific/Tahiti +Pacific/Tarawa +Pacific/Tongatapu +Pacific/Truk +Pacific/Wake +Pacific/Wallis +Pacific/Yap +Poland +Portugal +ROC +ROK +Singapore +Turkey +UCT +UTC +Universal +W-SU +WET +Zulu +posix/Africa/Abidjan +posix/Africa/Accra +posix/Africa/Addis_Ababa +posix/Africa/Algiers +posix/Africa/Asmara +posix/Africa/Asmera +posix/Africa/Bamako +posix/Africa/Bangui +posix/Africa/Banjul +posix/Africa/Bissau +posix/Africa/Blantyre +posix/Africa/Brazzaville +posix/Africa/Bujumbura +posix/Africa/Cairo +posix/Africa/Casablanca +posix/Africa/Ceuta +posix/Africa/Conakry +posix/Africa/Dakar +posix/Africa/Dar_es_Salaam +posix/Africa/Djibouti +posix/Africa/Douala +posix/Africa/El_Aaiun +posix/Africa/Freetown +posix/Africa/Gaborone +posix/Africa/Harare +posix/Africa/Johannesburg +posix/Africa/Juba +posix/Africa/Kampala +posix/Africa/Khartoum +posix/Africa/Kigali +posix/Africa/Kinshasa +posix/Africa/Lagos +posix/Africa/Libreville +posix/Africa/Lome +posix/Africa/Luanda +posix/Africa/Lubumbashi +posix/Africa/Lusaka +posix/Africa/Malabo +posix/Africa/Maputo +posix/Africa/Maseru +posix/Africa/Mbabane +posix/Africa/Mogadishu +posix/Africa/Monrovia +posix/Africa/Nairobi +posix/Africa/Ndjamena +posix/Africa/Niamey +posix/Africa/Nouakchott +posix/Africa/Ouagadougou +posix/Africa/Porto-Novo +posix/Africa/Sao_Tome +posix/Africa/Timbuktu +posix/Africa/Tripoli +posix/Africa/Tunis +posix/Africa/Windhoek +posix/America/Adak +posix/America/Anchorage +posix/America/Anguilla +posix/America/Antigua +posix/America/Araguaina +posix/America/Argentina/Buenos_Aires +posix/America/Argentina/Catamarca +posix/America/Argentina/ComodRivadavia +posix/America/Argentina/Cordoba +posix/America/Argentina/Jujuy +posix/America/Argentina/La_Rioja +posix/America/Argentina/Mendoza +posix/America/Argentina/Rio_Gallegos +posix/America/Argentina/Salta +posix/America/Argentina/San_Juan +posix/America/Argentina/San_Luis +posix/America/Argentina/Tucuman +posix/America/Argentina/Ushuaia +posix/America/Aruba +posix/America/Asuncion +posix/America/Atikokan +posix/America/Atka +posix/America/Bahia +posix/America/Bahia_Banderas +posix/America/Barbados +posix/America/Belem +posix/America/Belize +posix/America/Blanc-Sablon +posix/America/Boa_Vista +posix/America/Bogota +posix/America/Boise +posix/America/Buenos_Aires +posix/America/Cambridge_Bay +posix/America/Campo_Grande +posix/America/Cancun +posix/America/Caracas +posix/America/Catamarca +posix/America/Cayenne +posix/America/Cayman +posix/America/Chicago +posix/America/Chihuahua +posix/America/Coral_Harbour +posix/America/Cordoba +posix/America/Costa_Rica +posix/America/Creston +posix/America/Cuiaba +posix/America/Curacao +posix/America/Danmarkshavn +posix/America/Dawson +posix/America/Dawson_Creek +posix/America/Denver +posix/America/Detroit +posix/America/Dominica +posix/America/Edmonton +posix/America/Eirunepe +posix/America/El_Salvador +posix/America/Ensenada +posix/America/Fort_Wayne +posix/America/Fortaleza +posix/America/Glace_Bay +posix/America/Godthab +posix/America/Goose_Bay +posix/America/Grand_Turk +posix/America/Grenada +posix/America/Guadeloupe +posix/America/Guatemala +posix/America/Guayaquil +posix/America/Guyana +posix/America/Halifax +posix/America/Havana +posix/America/Hermosillo +posix/America/Indiana/Indianapolis +posix/America/Indiana/Knox +posix/America/Indiana/Marengo +posix/America/Indiana/Petersburg +posix/America/Indiana/Tell_City +posix/America/Indiana/Vevay +posix/America/Indiana/Vincennes +posix/America/Indiana/Winamac +posix/America/Indianapolis +posix/America/Inuvik +posix/America/Iqaluit +posix/America/Jamaica +posix/America/Jujuy +posix/America/Juneau +posix/America/Kentucky/Louisville +posix/America/Kentucky/Monticello +posix/America/Knox_IN +posix/America/Kralendijk +posix/America/La_Paz +posix/America/Lima +posix/America/Los_Angeles +posix/America/Louisville +posix/America/Lower_Princes +posix/America/Maceio +posix/America/Managua +posix/America/Manaus +posix/America/Marigot +posix/America/Martinique +posix/America/Matamoros +posix/America/Mazatlan +posix/America/Mendoza +posix/America/Menominee +posix/America/Merida +posix/America/Metlakatla +posix/America/Mexico_City +posix/America/Miquelon +posix/America/Moncton +posix/America/Monterrey +posix/America/Montevideo +posix/America/Montreal +posix/America/Montserrat +posix/America/Nassau +posix/America/New_York +posix/America/Nipigon +posix/America/Nome +posix/America/Noronha +posix/America/North_Dakota/Beulah +posix/America/North_Dakota/Center +posix/America/North_Dakota/New_Salem +posix/America/Ojinaga +posix/America/Panama +posix/America/Pangnirtung +posix/America/Paramaribo +posix/America/Phoenix +posix/America/Port-au-Prince +posix/America/Port_of_Spain +posix/America/Porto_Acre +posix/America/Porto_Velho +posix/America/Puerto_Rico +posix/America/Rainy_River +posix/America/Rankin_Inlet +posix/America/Recife +posix/America/Regina +posix/America/Resolute +posix/America/Rio_Branco +posix/America/Rosario +posix/America/Santa_Isabel +posix/America/Santarem +posix/America/Santiago +posix/America/Santo_Domingo +posix/America/Sao_Paulo +posix/America/Scoresbysund +posix/America/Shiprock +posix/America/Sitka +posix/America/St_Barthelemy +posix/America/St_Johns +posix/America/St_Kitts +posix/America/St_Lucia +posix/America/St_Thomas +posix/America/St_Vincent +posix/America/Swift_Current +posix/America/Tegucigalpa +posix/America/Thule +posix/America/Thunder_Bay +posix/America/Tijuana +posix/America/Toronto +posix/America/Tortola +posix/America/Vancouver +posix/America/Virgin +posix/America/Whitehorse +posix/America/Winnipeg +posix/America/Yakutat +posix/America/Yellowknife +posix/Antarctica/Casey +posix/Antarctica/Davis +posix/Antarctica/DumontDUrville +posix/Antarctica/Macquarie +posix/Antarctica/Mawson +posix/Antarctica/McMurdo +posix/Antarctica/Palmer +posix/Antarctica/Rothera +posix/Antarctica/South_Pole +posix/Antarctica/Syowa +posix/Antarctica/Troll +posix/Antarctica/Vostok +posix/Arctic/Longyearbyen +posix/Asia/Aden +posix/Asia/Almaty +posix/Asia/Amman +posix/Asia/Anadyr +posix/Asia/Aqtau +posix/Asia/Aqtobe +posix/Asia/Ashgabat +posix/Asia/Ashkhabad +posix/Asia/Baghdad +posix/Asia/Bahrain +posix/Asia/Baku +posix/Asia/Bangkok +posix/Asia/Beirut +posix/Asia/Bishkek +posix/Asia/Brunei +posix/Asia/Calcutta +posix/Asia/Chita +posix/Asia/Choibalsan +posix/Asia/Chongqing +posix/Asia/Chungking +posix/Asia/Colombo +posix/Asia/Dacca +posix/Asia/Damascus +posix/Asia/Dhaka +posix/Asia/Dili +posix/Asia/Dubai +posix/Asia/Dushanbe +posix/Asia/Gaza +posix/Asia/Harbin +posix/Asia/Hebron +posix/Asia/Ho_Chi_Minh +posix/Asia/Hong_Kong +posix/Asia/Hovd +posix/Asia/Irkutsk +posix/Asia/Istanbul +posix/Asia/Jakarta +posix/Asia/Jayapura +posix/Asia/Jerusalem +posix/Asia/Kabul +posix/Asia/Kamchatka +posix/Asia/Karachi +posix/Asia/Kashgar +posix/Asia/Kathmandu +posix/Asia/Katmandu +posix/Asia/Khandyga +posix/Asia/Kolkata +posix/Asia/Krasnoyarsk +posix/Asia/Kuala_Lumpur +posix/Asia/Kuching +posix/Asia/Kuwait +posix/Asia/Macao +posix/Asia/Macau +posix/Asia/Magadan +posix/Asia/Makassar +posix/Asia/Manila +posix/Asia/Muscat +posix/Asia/Nicosia +posix/Asia/Novokuznetsk +posix/Asia/Novosibirsk +posix/Asia/Omsk +posix/Asia/Oral +posix/Asia/Phnom_Penh +posix/Asia/Pontianak +posix/Asia/Pyongyang +posix/Asia/Qatar +posix/Asia/Qyzylorda +posix/Asia/Rangoon +posix/Asia/Riyadh +posix/Asia/Saigon +posix/Asia/Sakhalin +posix/Asia/Samarkand +posix/Asia/Seoul +posix/Asia/Shanghai +posix/Asia/Singapore +posix/Asia/Srednekolymsk +posix/Asia/Taipei +posix/Asia/Tashkent +posix/Asia/Tbilisi +posix/Asia/Tehran +posix/Asia/Tel_Aviv +posix/Asia/Thimbu +posix/Asia/Thimphu +posix/Asia/Tokyo +posix/Asia/Ujung_Pandang +posix/Asia/Ulaanbaatar +posix/Asia/Ulan_Bator +posix/Asia/Urumqi +posix/Asia/Ust-Nera +posix/Asia/Vientiane +posix/Asia/Vladivostok +posix/Asia/Yakutsk +posix/Asia/Yekaterinburg +posix/Asia/Yerevan +posix/Atlantic/Azores +posix/Atlantic/Bermuda +posix/Atlantic/Canary +posix/Atlantic/Cape_Verde +posix/Atlantic/Faeroe +posix/Atlantic/Faroe +posix/Atlantic/Jan_Mayen +posix/Atlantic/Madeira +posix/Atlantic/Reykjavik +posix/Atlantic/South_Georgia +posix/Atlantic/St_Helena +posix/Atlantic/Stanley +posix/Australia/ACT +posix/Australia/Adelaide +posix/Australia/Brisbane +posix/Australia/Broken_Hill +posix/Australia/Canberra +posix/Australia/Currie +posix/Australia/Darwin +posix/Australia/Eucla +posix/Australia/Hobart +posix/Australia/LHI +posix/Australia/Lindeman +posix/Australia/Lord_Howe +posix/Australia/Melbourne +posix/Australia/NSW +posix/Australia/North +posix/Australia/Perth +posix/Australia/Queensland +posix/Australia/South +posix/Australia/Sydney +posix/Australia/Tasmania +posix/Australia/Victoria +posix/Australia/West +posix/Australia/Yancowinna +posix/Brazil/Acre +posix/Brazil/DeNoronha +posix/Brazil/East +posix/Brazil/West +posix/CET +posix/CST6CDT +posix/Canada/Atlantic +posix/Canada/Central +posix/Canada/East-Saskatchewan +posix/Canada/Eastern +posix/Canada/Mountain +posix/Canada/Newfoundland +posix/Canada/Pacific +posix/Canada/Saskatchewan +posix/Canada/Yukon +posix/Chile/Continental +posix/Chile/EasterIsland +posix/Cuba +posix/EET +posix/EST +posix/EST5EDT +posix/Egypt +posix/Eire +posix/Etc/GMT +posix/Etc/GMT+0 +posix/Etc/GMT+1 +posix/Etc/GMT+10 +posix/Etc/GMT+11 +posix/Etc/GMT+12 +posix/Etc/GMT+2 +posix/Etc/GMT+3 +posix/Etc/GMT+4 +posix/Etc/GMT+5 +posix/Etc/GMT+6 +posix/Etc/GMT+7 +posix/Etc/GMT+8 +posix/Etc/GMT+9 +posix/Etc/GMT-0 +posix/Etc/GMT-1 +posix/Etc/GMT-10 +posix/Etc/GMT-11 +posix/Etc/GMT-12 +posix/Etc/GMT-13 +posix/Etc/GMT-14 +posix/Etc/GMT-2 +posix/Etc/GMT-3 +posix/Etc/GMT-4 +posix/Etc/GMT-5 +posix/Etc/GMT-6 +posix/Etc/GMT-7 +posix/Etc/GMT-8 +posix/Etc/GMT-9 +posix/Etc/GMT0 +posix/Etc/Greenwich +posix/Etc/UCT +posix/Etc/UTC +posix/Etc/Universal +posix/Etc/Zulu +posix/Europe/Amsterdam +posix/Europe/Andorra +posix/Europe/Athens +posix/Europe/Belfast +posix/Europe/Belgrade +posix/Europe/Berlin +posix/Europe/Bratislava +posix/Europe/Brussels +posix/Europe/Bucharest +posix/Europe/Budapest +posix/Europe/Busingen +posix/Europe/Chisinau +posix/Europe/Copenhagen +posix/Europe/Dublin +posix/Europe/Gibraltar +posix/Europe/Guernsey +posix/Europe/Helsinki +posix/Europe/Isle_of_Man +posix/Europe/Istanbul +posix/Europe/Jersey +posix/Europe/Kaliningrad +posix/Europe/Kiev +posix/Europe/Lisbon +posix/Europe/Ljubljana +posix/Europe/London +posix/Europe/Luxembourg +posix/Europe/Madrid +posix/Europe/Malta +posix/Europe/Mariehamn +posix/Europe/Minsk +posix/Europe/Monaco +posix/Europe/Moscow +posix/Europe/Nicosia +posix/Europe/Oslo +posix/Europe/Paris +posix/Europe/Podgorica +posix/Europe/Prague +posix/Europe/Riga +posix/Europe/Rome +posix/Europe/Samara +posix/Europe/San_Marino +posix/Europe/Sarajevo +posix/Europe/Simferopol +posix/Europe/Skopje +posix/Europe/Sofia +posix/Europe/Stockholm +posix/Europe/Tallinn +posix/Europe/Tirane +posix/Europe/Tiraspol +posix/Europe/Uzhgorod +posix/Europe/Vaduz +posix/Europe/Vatican +posix/Europe/Vienna +posix/Europe/Vilnius +posix/Europe/Volgograd +posix/Europe/Warsaw +posix/Europe/Zagreb +posix/Europe/Zaporozhye +posix/Europe/Zurich +posix/Factory +posix/GB +posix/GB-Eire +posix/GMT +posix/GMT+0 +posix/GMT-0 +posix/GMT0 +posix/Greenwich +posix/HST +posix/Hongkong +posix/Iceland +posix/Indian/Antananarivo +posix/Indian/Chagos +posix/Indian/Christmas +posix/Indian/Cocos +posix/Indian/Comoro +posix/Indian/Kerguelen +posix/Indian/Mahe +posix/Indian/Maldives +posix/Indian/Mauritius +posix/Indian/Mayotte +posix/Indian/Reunion +posix/Iran +posix/Israel +posix/Jamaica +posix/Japan +posix/Kwajalein +posix/Libya +posix/MET +posix/MST +posix/MST7MDT +posix/Mexico/BajaNorte +posix/Mexico/BajaSur +posix/Mexico/General +posix/NZ +posix/NZ-CHAT +posix/Navajo +posix/PRC +posix/PST8PDT +posix/Pacific/Apia +posix/Pacific/Auckland +posix/Pacific/Bougainville +posix/Pacific/Chatham +posix/Pacific/Chuuk +posix/Pacific/Easter +posix/Pacific/Efate +posix/Pacific/Enderbury +posix/Pacific/Fakaofo +posix/Pacific/Fiji +posix/Pacific/Funafuti +posix/Pacific/Galapagos +posix/Pacific/Gambier +posix/Pacific/Guadalcanal +posix/Pacific/Guam +posix/Pacific/Honolulu +posix/Pacific/Johnston +posix/Pacific/Kiritimati +posix/Pacific/Kosrae +posix/Pacific/Kwajalein +posix/Pacific/Majuro +posix/Pacific/Marquesas +posix/Pacific/Midway +posix/Pacific/Nauru +posix/Pacific/Niue +posix/Pacific/Norfolk +posix/Pacific/Noumea +posix/Pacific/Pago_Pago +posix/Pacific/Palau +posix/Pacific/Pitcairn +posix/Pacific/Pohnpei +posix/Pacific/Ponape +posix/Pacific/Port_Moresby +posix/Pacific/Rarotonga +posix/Pacific/Saipan +posix/Pacific/Samoa +posix/Pacific/Tahiti +posix/Pacific/Tarawa +posix/Pacific/Tongatapu +posix/Pacific/Truk +posix/Pacific/Wake +posix/Pacific/Wallis +posix/Pacific/Yap +posix/Poland +posix/Portugal +posix/ROC +posix/ROK +posix/Singapore +posix/Turkey +posix/UCT +posix/US/Alaska +posix/US/Aleutian +posix/US/Arizona +posix/US/Central +posix/US/East-Indiana +posix/US/Eastern +posix/US/Hawaii +posix/US/Indiana-Starke +posix/US/Michigan +posix/US/Mountain +posix/US/Pacific +posix/US/Pacific-New +posix/US/Samoa +posix/UTC +posix/Universal +posix/W-SU +posix/WET +posix/Zulu +posix/localtime +posix/posixrules +posixrules +right/Africa/Abidjan +right/Africa/Accra +right/Africa/Addis_Ababa +right/Africa/Algiers +right/Africa/Asmara +right/Africa/Asmera +right/Africa/Bamako +right/Africa/Bangui +right/Africa/Banjul +right/Africa/Bissau +right/Africa/Blantyre +right/Africa/Brazzaville +right/Africa/Bujumbura +right/Africa/Cairo +right/Africa/Casablanca +right/Africa/Ceuta +right/Africa/Conakry +right/Africa/Dakar +right/Africa/Dar_es_Salaam +right/Africa/Djibouti +right/Africa/Douala +right/Africa/El_Aaiun +right/Africa/Freetown +right/Africa/Gaborone +right/Africa/Harare +right/Africa/Johannesburg +right/Africa/Juba +right/Africa/Kampala +right/Africa/Khartoum +right/Africa/Kigali +right/Africa/Kinshasa +right/Africa/Lagos +right/Africa/Libreville +right/Africa/Lome +right/Africa/Luanda +right/Africa/Lubumbashi +right/Africa/Lusaka +right/Africa/Malabo +right/Africa/Maputo +right/Africa/Maseru +right/Africa/Mbabane +right/Africa/Mogadishu +right/Africa/Monrovia +right/Africa/Nairobi +right/Africa/Ndjamena +right/Africa/Niamey +right/Africa/Nouakchott +right/Africa/Ouagadougou +right/Africa/Porto-Novo +right/Africa/Sao_Tome +right/Africa/Timbuktu +right/Africa/Tripoli +right/Africa/Tunis +right/Africa/Windhoek +right/America/Adak +right/America/Anchorage +right/America/Anguilla +right/America/Antigua +right/America/Araguaina +right/America/Argentina/Buenos_Aires +right/America/Argentina/Catamarca +right/America/Argentina/ComodRivadavia +right/America/Argentina/Cordoba +right/America/Argentina/Jujuy +right/America/Argentina/La_Rioja +right/America/Argentina/Mendoza +right/America/Argentina/Rio_Gallegos +right/America/Argentina/Salta +right/America/Argentina/San_Juan +right/America/Argentina/San_Luis +right/America/Argentina/Tucuman +right/America/Argentina/Ushuaia +right/America/Aruba +right/America/Asuncion +right/America/Atikokan +right/America/Atka +right/America/Bahia +right/America/Bahia_Banderas +right/America/Barbados +right/America/Belem +right/America/Belize +right/America/Blanc-Sablon +right/America/Boa_Vista +right/America/Bogota +right/America/Boise +right/America/Buenos_Aires +right/America/Cambridge_Bay +right/America/Campo_Grande +right/America/Cancun +right/America/Caracas +right/America/Catamarca +right/America/Cayenne +right/America/Cayman +right/America/Chicago +right/America/Chihuahua +right/America/Coral_Harbour +right/America/Cordoba +right/America/Costa_Rica +right/America/Creston +right/America/Cuiaba +right/America/Curacao +right/America/Danmarkshavn +right/America/Dawson +right/America/Dawson_Creek +right/America/Denver +right/America/Detroit +right/America/Dominica +right/America/Edmonton +right/America/Eirunepe +right/America/El_Salvador +right/America/Ensenada +right/America/Fort_Wayne +right/America/Fortaleza +right/America/Glace_Bay +right/America/Godthab +right/America/Goose_Bay +right/America/Grand_Turk +right/America/Grenada +right/America/Guadeloupe +right/America/Guatemala +right/America/Guayaquil +right/America/Guyana +right/America/Halifax +right/America/Havana +right/America/Hermosillo +right/America/Indiana/Indianapolis +right/America/Indiana/Knox +right/America/Indiana/Marengo +right/America/Indiana/Petersburg +right/America/Indiana/Tell_City +right/America/Indiana/Vevay +right/America/Indiana/Vincennes +right/America/Indiana/Winamac +right/America/Indianapolis +right/America/Inuvik +right/America/Iqaluit +right/America/Jamaica +right/America/Jujuy +right/America/Juneau +right/America/Kentucky/Louisville +right/America/Kentucky/Monticello +right/America/Knox_IN +right/America/Kralendijk +right/America/La_Paz +right/America/Lima +right/America/Los_Angeles +right/America/Louisville +right/America/Lower_Princes +right/America/Maceio +right/America/Managua +right/America/Manaus +right/America/Marigot +right/America/Martinique +right/America/Matamoros +right/America/Mazatlan +right/America/Mendoza +right/America/Menominee +right/America/Merida +right/America/Metlakatla +right/America/Mexico_City +right/America/Miquelon +right/America/Moncton +right/America/Monterrey +right/America/Montevideo +right/America/Montreal +right/America/Montserrat +right/America/Nassau +right/America/New_York +right/America/Nipigon +right/America/Nome +right/America/Noronha +right/America/North_Dakota/Beulah +right/America/North_Dakota/Center +right/America/North_Dakota/New_Salem +right/America/Ojinaga +right/America/Panama +right/America/Pangnirtung +right/America/Paramaribo +right/America/Phoenix +right/America/Port-au-Prince +right/America/Port_of_Spain +right/America/Porto_Acre +right/America/Porto_Velho +right/America/Puerto_Rico +right/America/Rainy_River +right/America/Rankin_Inlet +right/America/Recife +right/America/Regina +right/America/Resolute +right/America/Rio_Branco +right/America/Rosario +right/America/Santa_Isabel +right/America/Santarem +right/America/Santiago +right/America/Santo_Domingo +right/America/Sao_Paulo +right/America/Scoresbysund +right/America/Shiprock +right/America/Sitka +right/America/St_Barthelemy +right/America/St_Johns +right/America/St_Kitts +right/America/St_Lucia +right/America/St_Thomas +right/America/St_Vincent +right/America/Swift_Current +right/America/Tegucigalpa +right/America/Thule +right/America/Thunder_Bay +right/America/Tijuana +right/America/Toronto +right/America/Tortola +right/America/Vancouver +right/America/Virgin +right/America/Whitehorse +right/America/Winnipeg +right/America/Yakutat +right/America/Yellowknife +right/Antarctica/Casey +right/Antarctica/Davis +right/Antarctica/DumontDUrville +right/Antarctica/Macquarie +right/Antarctica/Mawson +right/Antarctica/McMurdo +right/Antarctica/Palmer +right/Antarctica/Rothera +right/Antarctica/South_Pole +right/Antarctica/Syowa +right/Antarctica/Troll +right/Antarctica/Vostok +right/Arctic/Longyearbyen +right/Asia/Aden +right/Asia/Almaty +right/Asia/Amman +right/Asia/Anadyr +right/Asia/Aqtau +right/Asia/Aqtobe +right/Asia/Ashgabat +right/Asia/Ashkhabad +right/Asia/Baghdad +right/Asia/Bahrain +right/Asia/Baku +right/Asia/Bangkok +right/Asia/Beirut +right/Asia/Bishkek +right/Asia/Brunei +right/Asia/Calcutta +right/Asia/Chita +right/Asia/Choibalsan +right/Asia/Chongqing +right/Asia/Chungking +right/Asia/Colombo +right/Asia/Dacca +right/Asia/Damascus +right/Asia/Dhaka +right/Asia/Dili +right/Asia/Dubai +right/Asia/Dushanbe +right/Asia/Gaza +right/Asia/Harbin +right/Asia/Hebron +right/Asia/Ho_Chi_Minh +right/Asia/Hong_Kong +right/Asia/Hovd +right/Asia/Irkutsk +right/Asia/Istanbul +right/Asia/Jakarta +right/Asia/Jayapura +right/Asia/Jerusalem +right/Asia/Kabul +right/Asia/Kamchatka +right/Asia/Karachi +right/Asia/Kashgar +right/Asia/Kathmandu +right/Asia/Katmandu +right/Asia/Khandyga +right/Asia/Kolkata +right/Asia/Krasnoyarsk +right/Asia/Kuala_Lumpur +right/Asia/Kuching +right/Asia/Kuwait +right/Asia/Macao +right/Asia/Macau +right/Asia/Magadan +right/Asia/Makassar +right/Asia/Manila +right/Asia/Muscat +right/Asia/Nicosia +right/Asia/Novokuznetsk +right/Asia/Novosibirsk +right/Asia/Omsk +right/Asia/Oral +right/Asia/Phnom_Penh +right/Asia/Pontianak +right/Asia/Pyongyang +right/Asia/Qatar +right/Asia/Qyzylorda +right/Asia/Rangoon +right/Asia/Riyadh +right/Asia/Saigon +right/Asia/Sakhalin +right/Asia/Samarkand +right/Asia/Seoul +right/Asia/Shanghai +right/Asia/Singapore +right/Asia/Srednekolymsk +right/Asia/Taipei +right/Asia/Tashkent +right/Asia/Tbilisi +right/Asia/Tehran +right/Asia/Tel_Aviv +right/Asia/Thimbu +right/Asia/Thimphu +right/Asia/Tokyo +right/Asia/Ujung_Pandang +right/Asia/Ulaanbaatar +right/Asia/Ulan_Bator +right/Asia/Urumqi +right/Asia/Ust-Nera +right/Asia/Vientiane +right/Asia/Vladivostok +right/Asia/Yakutsk +right/Asia/Yekaterinburg +right/Asia/Yerevan +right/Atlantic/Azores +right/Atlantic/Bermuda +right/Atlantic/Canary +right/Atlantic/Cape_Verde +right/Atlantic/Faeroe +right/Atlantic/Faroe +right/Atlantic/Jan_Mayen +right/Atlantic/Madeira +right/Atlantic/Reykjavik +right/Atlantic/South_Georgia +right/Atlantic/St_Helena +right/Atlantic/Stanley +right/Australia/ACT +right/Australia/Adelaide +right/Australia/Brisbane +right/Australia/Broken_Hill +right/Australia/Canberra +right/Australia/Currie +right/Australia/Darwin +right/Australia/Eucla +right/Australia/Hobart +right/Australia/LHI +right/Australia/Lindeman +right/Australia/Lord_Howe +right/Australia/Melbourne +right/Australia/NSW +right/Australia/North +right/Australia/Perth +right/Australia/Queensland +right/Australia/South +right/Australia/Sydney +right/Australia/Tasmania +right/Australia/Victoria +right/Australia/West +right/Australia/Yancowinna +right/Brazil/Acre +right/Brazil/DeNoronha +right/Brazil/East +right/Brazil/West +right/CET +right/CST6CDT +right/Canada/Atlantic +right/Canada/Central +right/Canada/East-Saskatchewan +right/Canada/Eastern +right/Canada/Mountain +right/Canada/Newfoundland +right/Canada/Pacific +right/Canada/Saskatchewan +right/Canada/Yukon +right/Chile/Continental +right/Chile/EasterIsland +right/Cuba +right/EET +right/EST +right/EST5EDT +right/Egypt +right/Eire +right/Etc/GMT +right/Etc/GMT+0 +right/Etc/GMT+1 +right/Etc/GMT+10 +right/Etc/GMT+11 +right/Etc/GMT+12 +right/Etc/GMT+2 +right/Etc/GMT+3 +right/Etc/GMT+4 +right/Etc/GMT+5 +right/Etc/GMT+6 +right/Etc/GMT+7 +right/Etc/GMT+8 +right/Etc/GMT+9 +right/Etc/GMT-0 +right/Etc/GMT-1 +right/Etc/GMT-10 +right/Etc/GMT-11 +right/Etc/GMT-12 +right/Etc/GMT-13 +right/Etc/GMT-14 +right/Etc/GMT-2 +right/Etc/GMT-3 +right/Etc/GMT-4 +right/Etc/GMT-5 +right/Etc/GMT-6 +right/Etc/GMT-7 +right/Etc/GMT-8 +right/Etc/GMT-9 +right/Etc/GMT0 +right/Etc/Greenwich +right/Etc/UCT +right/Etc/UTC +right/Etc/Universal +right/Etc/Zulu +right/Europe/Amsterdam +right/Europe/Andorra +right/Europe/Athens +right/Europe/Belfast +right/Europe/Belgrade +right/Europe/Berlin +right/Europe/Bratislava +right/Europe/Brussels +right/Europe/Bucharest +right/Europe/Budapest +right/Europe/Busingen +right/Europe/Chisinau +right/Europe/Copenhagen +right/Europe/Dublin +right/Europe/Gibraltar +right/Europe/Guernsey +right/Europe/Helsinki +right/Europe/Isle_of_Man +right/Europe/Istanbul +right/Europe/Jersey +right/Europe/Kaliningrad +right/Europe/Kiev +right/Europe/Lisbon +right/Europe/Ljubljana +right/Europe/London +right/Europe/Luxembourg +right/Europe/Madrid +right/Europe/Malta +right/Europe/Mariehamn +right/Europe/Minsk +right/Europe/Monaco +right/Europe/Moscow +right/Europe/Nicosia +right/Europe/Oslo +right/Europe/Paris +right/Europe/Podgorica +right/Europe/Prague +right/Europe/Riga +right/Europe/Rome +right/Europe/Samara +right/Europe/San_Marino +right/Europe/Sarajevo +right/Europe/Simferopol +right/Europe/Skopje +right/Europe/Sofia +right/Europe/Stockholm +right/Europe/Tallinn +right/Europe/Tirane +right/Europe/Tiraspol +right/Europe/Uzhgorod +right/Europe/Vaduz +right/Europe/Vatican +right/Europe/Vienna +right/Europe/Vilnius +right/Europe/Volgograd +right/Europe/Warsaw +right/Europe/Zagreb +right/Europe/Zaporozhye +right/Europe/Zurich +right/Factory +right/GB +right/GB-Eire +right/GMT +right/GMT+0 +right/GMT-0 +right/GMT0 +right/Greenwich +right/HST +right/Hongkong +right/Iceland +right/Indian/Antananarivo +right/Indian/Chagos +right/Indian/Christmas +right/Indian/Cocos +right/Indian/Comoro +right/Indian/Kerguelen +right/Indian/Mahe +right/Indian/Maldives +right/Indian/Mauritius +right/Indian/Mayotte +right/Indian/Reunion +right/Iran +right/Israel +right/Jamaica +right/Japan +right/Kwajalein +right/Libya +right/MET +right/MST +right/MST7MDT +right/Mexico/BajaNorte +right/Mexico/BajaSur +right/Mexico/General +right/NZ +right/NZ-CHAT +right/Navajo +right/PRC +right/PST8PDT +right/Pacific/Apia +right/Pacific/Auckland +right/Pacific/Bougainville +right/Pacific/Chatham +right/Pacific/Chuuk +right/Pacific/Easter +right/Pacific/Efate +right/Pacific/Enderbury +right/Pacific/Fakaofo +right/Pacific/Fiji +right/Pacific/Funafuti +right/Pacific/Galapagos +right/Pacific/Gambier +right/Pacific/Guadalcanal +right/Pacific/Guam +right/Pacific/Honolulu +right/Pacific/Johnston +right/Pacific/Kiritimati +right/Pacific/Kosrae +right/Pacific/Kwajalein +right/Pacific/Majuro +right/Pacific/Marquesas +right/Pacific/Midway +right/Pacific/Nauru +right/Pacific/Niue +right/Pacific/Norfolk +right/Pacific/Noumea +right/Pacific/Pago_Pago +right/Pacific/Palau +right/Pacific/Pitcairn +right/Pacific/Pohnpei +right/Pacific/Ponape +right/Pacific/Port_Moresby +right/Pacific/Rarotonga +right/Pacific/Saipan +right/Pacific/Samoa +right/Pacific/Tahiti +right/Pacific/Tarawa +right/Pacific/Tongatapu +right/Pacific/Truk +right/Pacific/Wake +right/Pacific/Wallis +right/Pacific/Yap +right/Poland +right/Portugal +right/ROC +right/ROK +right/Singapore +right/Turkey +right/UCT +right/US/Alaska +right/US/Aleutian +right/US/Arizona +right/US/Central +right/US/East-Indiana +right/US/Eastern +right/US/Hawaii +right/US/Indiana-Starke +right/US/Michigan +right/US/Mountain +right/US/Pacific +right/US/Pacific-New +right/US/Samoa +right/UTC +right/Universal +right/W-SU +right/WET +right/Zulu + +Type it at the prompt below exactly as it appears above. (NOTE: If you don't +see your timezone, use "timeconfig" again after booting for the verbose list) + +EOF + echo -n "Timezone? " + read TIMEZONE; + echo + + if [ -r $T_PX/usr/share/zoneinfo/$TIMEZONE -o \ + -r /var/log/mount/usr/share/zoneinfo/$TIMEZONE -o \ + -L $T_PX/usr/share/zoneinfo/$TIMEZONE -o \ + -L /var/log/mount/usr/share/zoneinfo/$TIMEZONE ]; then + echo "Creating link from $TIMEZONE to localtime in /etc..." + echo + setzone $TIMEZONE + exit + else + cat << EOF + +Timezone $TIMEZONE could not be found. You may try again if you wish. +Make sure you type the name exactly as it appears - this configuration script +is case sensitive. + +Press [enter] to continue. + +EOF + read JUNK; + fi + done +fi + diff --git a/patches/source/gnupg/gnupg.SlackBuild b/patches/source/gnupg/gnupg.SlackBuild new file mode 100755 index 000000000..0a8144921 --- /dev/null +++ b/patches/source/gnupg/gnupg.SlackBuild @@ -0,0 +1,105 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2015 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=gnupg +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i486 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7lh ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-gnupg + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi + +rm -rf $PKG +mkdir -p $PKG $PKG + +cd $TMP +rm -rf gnupg-$VERSION +tar xvf $CWD/gnupg-$VERSION.tar.?z* || exit 1 +cd gnupg-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +rm -f $PKG/usr/info/dir +gzip -9 $PKG/usr/info/* + +gzip -9 $PKG/usr/man/*/* + +mkdir -p $PKG/usr/doc/gnupg-$VERSION +cp -a \ + ABOUT-NLS AUTHORS BUGS COPYING INSTALL NEWS PROJECTS README THANKS TODO VERSION \ + $PKG/usr/doc/gnupg-$VERSION +( cd $PKG/usr/doc/gnupg-$VERSION + ln -sf /usr/share/gnupg/FAQ . + ln -sf /usr/share/gnupg/faq.html . ) + +# Add slack-desc files: +mkdir -p $PKG/install +cat $CWD/slack-desc.gnupg > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/gnupg-$VERSION-$ARCH-$BUILD.txz + +# Clean up the extra stuff: +if [ "$1" = "--cleanup" ]; then + rm -rf $TMP/gnupg-$VERSION + rm -rf $PKG +fi diff --git a/patches/source/gnupg/slack-desc.gnupg b/patches/source/gnupg/slack-desc.gnupg new file mode 100644 index 000000000..496005e9b --- /dev/null +++ b/patches/source/gnupg/slack-desc.gnupg @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +gnupg: gnupg (The GNU Privacy Guard) +gnupg: +gnupg: GnuPG is GNU's tool for secure communication and data storage. It can +gnupg: be used to encrypt data and to create digital signatures. It includes +gnupg: an advanced key management facility and is compliant with the proposed +gnupg: OpenPGP Internet standard as described in RFC2440. +gnupg: +gnupg: +gnupg: +gnupg: +gnupg: diff --git a/patches/source/gnupg2/gnupg2.CVE-2010-2547.diff b/patches/source/gnupg2/gnupg2.CVE-2010-2547.diff new file mode 100644 index 000000000..14c2de7e3 --- /dev/null +++ b/patches/source/gnupg2/gnupg2.CVE-2010-2547.diff @@ -0,0 +1,10 @@ +--- ./kbx/keybox-blob.c.orig 2009-09-21 11:53:44.000000000 -0500 ++++ ./kbx/keybox-blob.c 2010-08-18 20:10:19.000000000 -0500 +@@ -898,6 +898,7 @@ + rc = gpg_error_from_syserror (); + goto leave; + } ++ names = tmp; + } + names[blob->nuids++] = p; + if (!i && (p=x509_email_kludge (p))) diff --git a/patches/source/gnupg2/gnupg2.SlackBuild b/patches/source/gnupg2/gnupg2.SlackBuild new file mode 100755 index 000000000..d9bb49cb0 --- /dev/null +++ b/patches/source/gnupg2/gnupg2.SlackBuild @@ -0,0 +1,139 @@ +#!/bin/sh + +# Copyright 2006-2009 Robby Workman, Northport, AL, USA +# Copyright 2007, 2008, 2009 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SCRIPT IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SCRIPT, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAME=gnupg2 +VERSION=2.0.12 +BUILD=${BUILD:-2_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-gnupg + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf gnupg-$VERSION +tar xvf $CWD/gnupg-$VERSION.tar.bz2 || exit 1 +cd gnupg-$VERSION + +zcat $CWD/gnupg2.CVE-2010-2547.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --docdir=/usr/doc/gnupg2-$VERSION \ + --program-prefix="" \ + --program-suffix="" \ + --build=$ARCH-slackware-linux \ + --host=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +( cd $PKG/usr/man + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done +) + +rm -f $PKG/usr/info/dir +gzip -9 $PKG/usr/info/* + +mkdir -p $PKG/usr/doc/gnupg2-$VERSION +cp -a \ + ABOUT-NLS AUTHORS COPYING* INSTALL NEWS README* THANKS TODO VERSION \ + $PKG/usr/doc/gnupg2-$VERSION +# Build html docs +( cd doc + make gnupg.html + mv gnupg.html $PKG/usr/doc/gnupg2-$VERSION/html +) +# Fix some filenames in the html directory +( cd $PKG/usr/doc/gnupg2-$VERSION/html +mv how_002dto_002dspecify_002da_002duser_002did.html howto_specify_user_id.html +mv GnuPG_002d1-and-GnuPG_002d2.html GnuPG_1-and-GnuPG_2.html +mv gpg_002dpreset_002dpassphrase.html gpg_preset_passphrase.html +mv gpgsm_002dgencert_002esh.html gpgsm_gencert_sh.html +mv Invoking-gpg_002dpreset_002dpassphrase.html Invoking-gpg_preset_passphrase.html +mv Invoking-gpg_002dconnect_002dagent.html Invoking-gpg_connect_agent.html +mv gpg_002dconnect_002dagent.html gpg_connect_agent.html +mv Agent-GET_005fCONFIRMATION.html Agent-GET_CONFIRMATION.html +mv option-_002d_002denable_002dssh_002dsupport.html option-enable_ssh_support.html +mv option-_002d_002doptions.html option-options.html +mv Invoking-GPG_002dAGENT.html Invoking-GPG_AGENT.html +mv gpg_002dzip.html gpg_zip.html +mv option-_002d_002dp12_002dcharset.html option-p12_charset.html +mv option-_002d_002dallow_002dmark_002dtrusted.html option-allow_mark_trusted.html +mv Controlling-gpg_002dconnect_002dagent.html Controlling-gpg_connect_agent.html +mv Agent-GET_005fPASSPHRASE.html Agent-GET_PASSPHRASE.html +mv option-_002d_002dhomedir.html option-homedir.html +mv PKCS_002315-Card.html PKCS-15-Card.html +) +# Move html doc to the proper location +mv $PKG/usr/doc/gnupg2-$VERSION/faq.html $PKG/usr/doc/gnupg2-$VERSION/html/ + + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAME-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/gnupg2/slack-desc b/patches/source/gnupg2/slack-desc new file mode 100644 index 000000000..c64d7fb67 --- /dev/null +++ b/patches/source/gnupg2/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +gnupg2: GnuPG2 (The GNU Privacy Guard version 2.x) +gnupg2: +gnupg2: GnuPG is GNU's tool for secure communication and data storage. It can +gnupg2: be used to encrypt data and to create digital signatures. It includes +gnupg2: an advanced key management facility and is compliant with the proposed +gnupg2: OpenPGP Internet standard as described in RFC2440 and the S/MIME +gnupg2: standard as described by several RFCs. +gnupg2: +gnupg2: GnuPG 2.0 is the stable version of GnuPG integrating support for +gnupg2: OpenPGP and S/MIME. It does not conflict with an installed 1.4.x +gnupg2: OpenPGP-only version. diff --git a/patches/source/gnutls/gnutls-2.8.4_CVE-2009-3555.diff b/patches/source/gnutls/gnutls-2.8.4_CVE-2009-3555.diff new file mode 100644 index 000000000..3eb1cebd5 --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.4_CVE-2009-3555.diff @@ -0,0 +1,7376 @@ +From 1799ec5c820c421947633bc2f0516236f12d0dca Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Sun, 29 Sep 2013 +Subject: CVE-2009-3555 [GNUTLS-SA-2009-5] + +Adds safe renegotiation patch from Steve Dispensa, modified by GnuTLS +to conform with project style guidelines, error checking, and RFC 5746. + +This is a backport adaptation for use with GnuTLS 2.8.4. + +For background, read Marsh Ray & Steve Dispensa's 2009 paper: +http://ww1.prweb.com/prfiles/2009/11/05/104435/RenegotiatingTLS.pdf + +Relevant upstream commits: +-------------------------- +https://gitorious.org/gnutls/gnutls/commit/03249cd537c0b5 +https://gitorious.org/gnutls/gnutls/commit/1344b312402d3b +https://gitorious.org/gnutls/gnutls/commit/15090a5f52a5f5 +https://gitorious.org/gnutls/gnutls/commit/17e65babe44763 +https://gitorious.org/gnutls/gnutls/commit/1875dca5e0f6d7 +https://gitorious.org/gnutls/gnutls/commit/1a338cbaaeec11 +https://gitorious.org/gnutls/gnutls/commit/1ac2d2d55d8411 +https://gitorious.org/gnutls/gnutls/commit/1ced4c4d68cf33 +https://gitorious.org/gnutls/gnutls/commit/1d6766cda39a57 +https://gitorious.org/gnutls/gnutls/commit/1e42526790e54d +https://gitorious.org/gnutls/gnutls/commit/22553a5d48bcf0 +https://gitorious.org/gnutls/gnutls/commit/250e4ddf478910 +https://gitorious.org/gnutls/gnutls/commit/2d303d2076f53a +https://gitorious.org/gnutls/gnutls/commit/30748a9bcbfb76 +https://gitorious.org/gnutls/gnutls/commit/36693266659a6d +https://gitorious.org/gnutls/gnutls/commit/3deda2c2f0c2ac +https://gitorious.org/gnutls/gnutls/commit/3ee73d04c2a503 +https://gitorious.org/gnutls/gnutls/commit/4ceabba9547dc3 +https://gitorious.org/gnutls/gnutls/commit/4e5d5518c6cb58 +https://gitorious.org/gnutls/gnutls/commit/4f31d28f160a59 +https://gitorious.org/gnutls/gnutls/commit/530fa2957535be +https://gitorious.org/gnutls/gnutls/commit/555ddcdcf363ca +https://gitorious.org/gnutls/gnutls/commit/58604f748d324c +https://gitorious.org/gnutls/gnutls/commit/5cf6a95171b1a8 +https://gitorious.org/gnutls/gnutls/commit/5dfa0b28334e36 +https://gitorious.org/gnutls/gnutls/commit/5fc3704e32462f +https://gitorious.org/gnutls/gnutls/commit/62e03fb4b0f307 +https://gitorious.org/gnutls/gnutls/commit/705aa8cd3da09a +https://gitorious.org/gnutls/gnutls/commit/78149b946d3cff +https://gitorious.org/gnutls/gnutls/commit/783bfc6415ca0a +https://gitorious.org/gnutls/gnutls/commit/7b6ae740e8e8a4 +https://gitorious.org/gnutls/gnutls/commit/87ff666e310cfa +https://gitorious.org/gnutls/gnutls/commit/8cb3fee16deb3f +https://gitorious.org/gnutls/gnutls/commit/987076c0b8fce9 +https://gitorious.org/gnutls/gnutls/commit/a23f37448755d8 +https://gitorious.org/gnutls/gnutls/commit/a4d4458cf2ec08 +https://gitorious.org/gnutls/gnutls/commit/ae2540986ed382 +https://gitorious.org/gnutls/gnutls/commit/bbc7b93c9e1720 +https://gitorious.org/gnutls/gnutls/commit/bef37bc1f17c83 +https://gitorious.org/gnutls/gnutls/commit/bfe6ede9843c0c +https://gitorious.org/gnutls/gnutls/commit/c1953c310b347b +https://gitorious.org/gnutls/gnutls/commit/caab2fd62fdd32 +https://gitorious.org/gnutls/gnutls/commit/ce53777e3ad877 +https://gitorious.org/gnutls/gnutls/commit/d20cd80b62148c +https://gitorious.org/gnutls/gnutls/commit/dc468cee92c5ae +https://gitorious.org/gnutls/gnutls/commit/de9bc9b3dc1ec0 +https://gitorious.org/gnutls/gnutls/commit/dea2ff7150f00f +https://gitorious.org/gnutls/gnutls/commit/df861cb8ae9728 +https://gitorious.org/gnutls/gnutls/commit/e543db08dc98d4 +https://gitorious.org/gnutls/gnutls/commit/ed8a5c018ea46d +https://gitorious.org/gnutls/gnutls/commit/f623b9904535b8 +https://gitorious.org/gnutls/gnutls/commit/d4ea78c390dff6 +https://gitorious.org/gnutls/gnutls/commit/b2fca85c8fe5db +https://gitorious.org/gnutls/gnutls/commit/100563a343b9e3 +https://gitorious.org/gnutls/gnutls/commit/67ff3f2cedabcf +https://gitorious.org/gnutls/gnutls/commit/8a39da8c8eba54 +https://gitorious.org/gnutls/gnutls/commit/dc5a475674af59 + +--- + AUTHORS | 3 + NEWS | 17 + configure | 3 + configure.ac | 1 + doc/gnutls-api.texi | 14 + doc/gnutls.texi | 94 + + doc/manpages/Makefile.in | 4 + doc/manpages/gnutls-cli.1 | 9 + doc/manpages/gnutls-serv.1 | 9 + doc/manpages/gnutls_priority_init.3 | 15 + doc/manpages/gnutls_safe_renegotiation_status.3 | 41 + lib/Makefile.am | 4 + lib/Makefile.in | 7 + lib/ext_safe_renegotiation.c | 139 ++ + lib/ext_safe_renegotiation.h | 33 + lib/gnutls_alert.c | 6 + lib/gnutls_algorithms.c | 7 + lib/gnutls_algorithms.h | 3 + lib/gnutls_constate.c | 15 + lib/gnutls_errors.c | 6 + lib/gnutls_extensions.c | 20 + lib/gnutls_extensions.h | 4 + lib/gnutls_handshake.c | 391 +++++-- + lib/gnutls_int.h | 39 + lib/gnutls_priority.c | 105 + + lib/gnutls_record.c | 12 + lib/gnutls_state.c | 6 + lib/includes/gnutls/gnutls.h.in | 10 + lib/libgnutls.map | 6 + src/cli-gaa.c | 19 + src/cli-gaa.h | 1 + src/cli.c | 25 + src/cli.gaa | 5 + src/serv.c | 59 - + src/tests.c | 513 ++------- + src/tests.h | 5 + src/tls_test.c | 11 + tests/Makefile.am | 2 + tests/Makefile.in | 4 + tests/resume.c | 22 + tests/safe-renegotiation/Makefile.am | 37 + tests/safe-renegotiation/Makefile.in | 1299 ++++++++++++++++++++++++ + tests/safe-renegotiation/README | 93 + + tests/safe-renegotiation/params.dh | 35 + tests/safe-renegotiation/srn0.c | 338 ++++++ + tests/safe-renegotiation/srn1.c | 341 ++++++ + tests/safe-renegotiation/srn2.c | 341 ++++++ + tests/safe-renegotiation/srn3.c | 264 ++++ + tests/safe-renegotiation/srn4.c | 263 ++++ + tests/safe-renegotiation/srn5.c | 337 ++++++ + tests/safe-renegotiation/srn6.c | 337 ++++++ + tests/safe-renegotiation/srn7.c | 336 ++++++ + tests/safe-renegotiation/testsrn | 103 + + tests/simple.c | 4 + 54 files changed, 5330 insertions(+), 487 deletions(-) + +--- a/AUTHORS 2009-06-02 ++++ b/AUTHORS 2013-09-26 +@@ -51,6 +51,9 @@ OpenPGP discussion and improvements. + David MarÃn Carreño <davefx@gmail.com> + Added gnutls_x509_crq_get_key_id. + ++Steve Dispensa <dispensa@phonefactor.com> ++TLS safe renegotiation fix. ++ + -----BEGIN PGP PUBLIC KEY BLOCK----- + URL: http://josefsson.org/key.txt (always latest version) + Comment: This 0xB565716F key is used to sign releases of GnuTLS. +--- a/configure.ac 2009-11-06 ++++ b/configure.ac 2013-09-26 +@@ -275,6 +275,7 @@ AC_CONFIG_FILES([ + tests/pkcs8-decode/Makefile + tests/rsa-md5-collision/Makefile + tests/sha2/Makefile ++ tests/safe-renegotiation/Makefile + tests/userid/Makefile + ]) + AC_OUTPUT +--- a/configure 2010-03-15 ++++ b/configure 2013-09-26 +@@ -28310,7 +28310,7 @@ subdirs="$subdirs libextra" + + ac_config_files="$ac_config_files guile/pre-inst-guile" + +-ac_config_files="$ac_config_files Makefile doc/Makefile doc/credentials/Makefile doc/credentials/openpgp/Makefile doc/credentials/srp/Makefile doc/credentials/x509/Makefile doc/cyclo/Makefile doc/doxygen/Doxyfile doc/examples/Makefile doc/manpages/Makefile doc/reference/Makefile doc/scripts/Makefile gl/Makefile gl/tests/Makefile guile/Makefile guile/modules/Makefile guile/src/Makefile guile/tests/Makefile src/Makefile src/cfg/Makefile src/cfg/platon/Makefile src/cfg/platon/str/Makefile tests/Makefile tests/key-id/Makefile tests/openpgp-certs/Makefile tests/pathlen/Makefile tests/pkcs1-padding/Makefile tests/pkcs12-decode/Makefile tests/pkcs8-decode/Makefile tests/rsa-md5-collision/Makefile tests/sha2/Makefile tests/userid/Makefile" ++ac_config_files="$ac_config_files Makefile doc/Makefile doc/credentials/Makefile doc/credentials/openpgp/Makefile doc/credentials/srp/Makefile doc/credentials/x509/Makefile doc/cyclo/Makefile doc/doxygen/Doxyfile doc/examples/Makefile doc/manpages/Makefile doc/reference/Makefile doc/scripts/Makefile gl/Makefile gl/tests/Makefile guile/Makefile guile/modules/Makefile guile/src/Makefile guile/tests/Makefile src/Makefile src/cfg/Makefile src/cfg/platon/Makefile src/cfg/platon/str/Makefile tests/Makefile tests/key-id/Makefile tests/openpgp-certs/Makefile tests/safe-renegotiation/Makefile tests/pathlen/Makefile tests/pkcs1-padding/Makefile tests/pkcs12-decode/Makefile tests/pkcs8-decode/Makefile tests/rsa-md5-collision/Makefile tests/sha2/Makefile tests/userid/Makefile" + + cat >confcache <<\_ACEOF + # This file is a shell script that caches the results of configure +@@ -29529,6 +29529,7 @@ do + "tests/Makefile") CONFIG_FILES="$CONFIG_FILES tests/Makefile" ;; + "tests/key-id/Makefile") CONFIG_FILES="$CONFIG_FILES tests/key-id/Makefile" ;; + "tests/openpgp-certs/Makefile") CONFIG_FILES="$CONFIG_FILES tests/openpgp-certs/Makefile" ;; ++ "tests/safe-renegotiation/Makefile") CONFIG_FILES="$CONFIG_FILES tests/safe-renegotiation/Makefile" ;; + "tests/pathlen/Makefile") CONFIG_FILES="$CONFIG_FILES tests/pathlen/Makefile" ;; + "tests/pkcs1-padding/Makefile") CONFIG_FILES="$CONFIG_FILES tests/pkcs1-padding/Makefile" ;; + "tests/pkcs12-decode/Makefile") CONFIG_FILES="$CONFIG_FILES tests/pkcs12-decode/Makefile" ;; +--- a/doc/gnutls-api.texi 2010-03-15 ++++ b/doc/gnutls-api.texi 2013-09-26 +@@ -3307,6 +3307,20 @@ This function will initialize the tempor + @strong{Returns:} @code{GNUTLS_E_SUCCESS} on success, or an negative error code. + @end deftypefun + ++@subheading gnutls_safe_renegotiation_status ++@anchor{gnutls_safe_renegotiation_status} ++@deftypefun {int} {gnutls_safe_renegotiation_status} (gnutls_session_t @var{session}) ++@var{session}: is a @code{gnutls_session_t} structure. ++ ++Can be used to check whether safe renegotiation is being used ++in the current session. ++ ++@strong{Returns:} 0 when safe renegotiation is not used and non zero when ++safe renegotiation is used. ++ ++@strong{Since:} 2.10.0 ++@end deftypefun ++ + @subheading gnutls_server_name_get + @anchor{gnutls_server_name_get} + @deftypefun {int} {gnutls_server_name_get} (gnutls_session_t @var{session}, void * @var{data}, size_t * @var{data_length}, unsigned int * @var{type}, unsigned int @var{indx}) +--- a/doc/gnutls.texi 2009-06-02 ++++ b/doc/gnutls.texi 2013-09-26 +@@ -565,6 +565,7 @@ also supports @acronym{X.509} and @acron + * Selecting cryptographic key sizes:: + * On SSL 2 and older protocols:: + * On Record Padding:: ++* Safe Renegotiation:: + @end menu + + @node TLS layers +@@ -1202,6 +1203,94 @@ here are some links: + + @url{http://thread.gmane.org/gmane.ietf.tls/3079} + ++@node Safe Renegotiation ++@section Safe Renegotiation ++@cindex renegotiation ++ ++Some application protocols and implementations uses the TLS ++renegotiation feature in a manner that enables attackers to insert ++content of his choice in the beginning of a TLS session. ++ ++One easy to understand vulnerability is HTTPS when servers request ++client certificates optionally for certain parts of a web site. The ++attack works by having the attacker simulate a client and connect to a ++server, with server-only authentication, and send some data intended ++to cause harm. When the proper client attempts to contact the server, ++the attacker hijacks that connection and uses the TLS renegotiation ++feature with the server and splices in the client connection to the ++already established connection between the attacker and server. The ++attacker will not be able to read the data exchanged between the ++client and the server. However, the server will (incorrectly) assume ++that the data sent by the attacker was sent by the now authenticated ++client. The result is a prefix plain-text injection attack. ++ ++The above is just one example. Other vulnerabilities exists that do ++not rely on the TLS renegotiation to change the client's authenticated ++status (either TLS or application layer). ++ ++While fixing these application protocols and implementations would be ++one natural reaction, an extension to TLS has been designed that ++cryptographically binds together any renegotiated handshakes with the ++initial negotiation. When the extension is used, the attack is ++detected and the session can be terminated. The extension is ++specified in @xcite{RFC5746}. ++ ++GnuTLS supports the safe renegotiation extension. The default ++behavior is as follows. Clients will attempt to negotiate the safe ++renegotiation extension when talking to servers. Servers will accept ++the extension when presented by clients. Clients and servers will ++permit an initial handshake to complete even when the other side does ++not support the safe renegotiation extension. Clients and servers ++will refuse renegotiation attempts when the extension has not been ++negotiated. ++ ++Note that permitting clients to connect to servers even when the safe ++renegotiation extension is not negotiated open up for some attacks. ++Changing this default behaviour would prevent interoperability against ++the majority of deployed servers out there. We will reconsider this ++default behaviour in the future when more servers have been upgraded. ++Note that it is easy to configure clients to always require the safe ++renegotiation extension from servers (see below on the ++%SAFE_RENEGOTIATION priority string). ++ ++To modify the default behaviour, we have introduced some new priority ++strings. The priority strings can be used by applications ++(@pxref{gnutls_priority_set}) and end users (e.g., @code{--priority} ++parameter to @code{gnutls-cli} and @code{gnutls-serv}). ++ ++The @code{%UNSAFE_RENEGOTIATION} priority string permits ++(re-)handshakes even when the safe renegotiation extension was not ++negotiated. The default behavior is @code{%PARTIAL_RENEGOTIATION} that will ++prevent renegotiation with clients and servers not supporting the ++extension. This is secure for servers but leaves clients vulnerable ++to some attacks, but this is a tradeoff between security and compatibility ++with old servers. The @code{%SAFE_RENEGOTIATION} priority string makes ++clients and servers require the extension for every handshake. The latter ++is the most secure option for clients, at the cost of not being able ++to connect to legacy servers. Servers will also deny clients that ++do not support the extension from connecting. ++ ++It is possible to disable use of the extension completely, in both ++clients and servers, by using the @code{%DISABLE_SAFE_RENEGOTIATION} ++priority string however we strongly recommend you to only do this for ++debugging and test purposes. ++ ++The default values if the flags above are not specified are: ++@table @code ++ ++@item Server: ++%PARTIAL_RENEGOTIATION ++ ++@item Client: ++%PARTIAL_RENEGOTIATION ++ ++@end table ++ ++For applications we have introduced a new API related to safe ++renegotiation. The @ref{gnutls_safe_renegotiation_status} function is ++used to check if the extension has been negotiated on a session, and ++can be used both by clients and servers. ++ + @node Authentication methods + @chapter Authentication Methods + +@@ -4179,6 +4268,11 @@ Pasi Eronen and Hannes Tschofenig, "Pre- + TLS", December 2005, Available from + @url{http://www.ietf.org/rfc/rfc4279.txt}. + ++@item @anchor{RFC5746}[RFC5746] ++E. Rescorla, M. Ray, S. Dispensa, and N. Oskov, "Transport Layer ++Security (TLS) Renegotiation Indication Extension", February 2010, ++available from @url{http://www.ietf.org/rfc/rfc5746}. ++ + @item @anchor{TOMSRP}[TOMSRP] + Tom Wu, "The Stanford SRP Authentication Project", Available at + @url{http://srp.stanford.edu/}. +--- a/doc/manpages/gnutls-cli.1 2009-06-02 ++++ b/doc/manpages/gnutls-cli.1 2013-09-26 +@@ -75,6 +75,15 @@ Special keywords: + "%SSL3_RECORD_VERSION" force SSL3.0 record version in the first client + hello. This is to avoid buggy servers from terminating connection. + .IP ++"%UNSAFE_RENEGOTIATION" Permits (re-)handshakes even unsafe ones. ++.IP ++"%PARTIAL_RENEGOTIATION" Prevents renegotiation with clients and servers not ++supporting the safe renegotiation extension. (default) ++.IP ++"%SAFE_RENEGOTIATION" will enable safe renegotiation. This is the most ++secure and recommended option for clients. However this will prevent from ++connecting to legacy servers. ++.IP + To avoid collisions in order to specify a compression algorithm in + this string you have to prefix it with "COMP-", protocol versions + with "VERS-" and certificate types with "CTYPE-". All other +--- a/doc/manpages/gnutls-serv.1 2009-06-02 ++++ b/doc/manpages/gnutls-serv.1 2013-09-26 +@@ -75,6 +75,15 @@ Special keywords: + .IP + '%COMPAT' will enable compatibility features for a server. + .IP ++"%UNSAFE_RENEGOTIATION" Permits (re-)handshakes even unsafe ones. ++.IP ++"%PARTIAL_RENEGOTIATION" Prevents renegotiation with clients and servers not ++supporting the safe renegotiation extension. (default) ++.IP ++"%SAFE_RENEGOTIATION" will enable safe renegotiation. This is the most ++secure and recommended option for clients. However this will prevent from ++connecting to legacy servers. ++.IP + To avoid collisions in order to specify a compression algorithm in + this string you have to prefix it with "COMP-", protocol versions + with "VERS-" and certificate types with "CTYPE-". All other +--- a/doc/manpages/gnutls_priority_init.3 2010-03-15 ++++ b/doc/manpages/gnutls_priority_init.3 2013-09-26 +@@ -67,6 +67,21 @@ compression methods. + + "%COMPAT" will enable compatibility features for a server. + ++"%UNSAFE_RENEGOTIATION" will allow unsafe renegotiation (this is now ++the default for clients, but will change once more servers support the safe renegotiation ++TLS fix). ++ ++"%SAFE_RENEGOTIATION" will allow safe renegotiation only (this is the ++default for servers \- that will reject clients trying to perform an ++unsafe renegotiation). ++ ++"%INITIAL_SAFE_RENEGOTIATION" will force initial safe negotiation even if ++renegotiation wasn't requested. Only valid for server side and implies ++"%SAFE_RENEGOTIATION". ++ ++"%DISABLE_SAFE_RENEGOTIATION" will disable safe renegotiation completely. Do not use ++unless you know what you are doing. Testing purposes only. ++ + "%SSL3_RECORD_VERSION" will use SSL3.0 record version in client hello. + + "%VERIFY_ALLOW_SIGN_RSA_MD5" will allow RSA\-MD5 signatures in +--- /dev/null 2013-09-26 ++++ b/doc/manpages/gnutls_safe_renegotiation_status.3 2013-09-26 +@@ -0,0 +1,41 @@ ++.\" DO NOT MODIFY THIS FILE! It was generated by gdoc. ++.TH "gnutls_safe_renegotiation_status" 3 "2.9.11" "gnutls" "gnutls" ++.SH NAME ++gnutls_safe_renegotiation_status \- API function ++.SH SYNOPSIS ++.B #include <gnutls/gnutls.h> ++.sp ++.BI "int gnutls_safe_renegotiation_status(gnutls_session_t " session ");" ++.SH ARGUMENTS ++.IP "gnutls_session_t session" 12 ++is a \fBgnutls_session_t\fP structure. ++.SH "DESCRIPTION" ++Can be used to check whether safe renegotiation is being used ++in the current session. ++.SH "RETURNS" ++0 when safe renegotiation is not used and non zero when ++safe renegotiation is used. ++.SH "SINCE" ++2.10.0 ++.SH "REPORTING BUGS" ++Report bugs to <bug-gnutls@gnu.org>. ++GnuTLS home page: http://www.gnu.org/software/gnutls/ ++General help using GNU software: http://www.gnu.org/gethelp/ ++.SH COPYRIGHT ++Copyright \(co 2008 Free Software Foundation. ++.br ++Copying and distribution of this file, with or without modification, ++are permitted in any medium without royalty provided the copyright ++notice and this notice are preserved. ++.SH "SEE ALSO" ++The full documentation for ++.B gnutls ++is maintained as a Texinfo manual. If the ++.B info ++and ++.B gnutls ++programs are properly installed at your site, the command ++.IP ++.B info gnutls ++.PP ++should give you access to the complete manual. +--- a/doc/manpages/Makefile.in 2010-03-15 ++++ b/doc/manpages/Makefile.in 2013-09-26 +@@ -523,7 +523,6 @@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ + PACKAGE_NAME = @PACKAGE_NAME@ + PACKAGE_STRING = @PACKAGE_STRING@ + PACKAGE_TARNAME = @PACKAGE_TARNAME@ +-PACKAGE_URL = @PACKAGE_URL@ + PACKAGE_VERSION = @PACKAGE_VERSION@ + PATH_SEPARATOR = @PATH_SEPARATOR@ + PKG_CONFIG = @PKG_CONFIG@ +@@ -682,7 +681,8 @@ APIMANS = gnutls_crypto_single_cipher_re + gnutls_crypto_bigint_register2.3 gnutls_crypto_pk_register2.3 \ + gnutls_crypto_cipher_register2.3 gnutls_crypto_mac_register2.3 \ + gnutls_crypto_digest_register2.3 gnutls_oprfi_enable_client.3 \ +- gnutls_oprfi_enable_server.3 gnutls_server_name_get.3 \ ++ gnutls_oprfi_enable_server.3 \ ++ gnutls_safe_renegotiation_status.3 gnutls_server_name_get.3 \ + gnutls_server_name_set.3 gnutls_alert_get_name.3 \ + gnutls_alert_send.3 gnutls_error_to_alert.3 \ + gnutls_alert_send_appropriate.3 gnutls_alert_get.3 \ +--- /dev/null 2013-09-26 ++++ b/lib/ext_safe_renegotiation.c 2013-09-26 +@@ -0,0 +1,139 @@ ++/* ++ * Copyright (C) 2009 Free Software Foundation ++ * ++ * Author: Steve Dispensa (<dispensa@phonefactor.com>) ++ * ++ * This file is part of GNUTLS. ++ * ++ * The GNUTLS library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public License ++ * as published by the Free Software Foundation; either version 2.1 of ++ * the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, ++ * USA ++ * ++ */ ++ ++#include <gnutls_int.h> ++#include <ext_safe_renegotiation.h> ++#include <gnutls_errors.h> ++ ++int ++_gnutls_safe_renegotiation_recv_params (gnutls_session_t session, ++ const opaque * data, size_t _data_size) ++{ ++ tls_ext_st *ext = &session->security_parameters.extensions; ++ int len = data[0]; ++ ssize_t data_size = _data_size; ++ ++ DECR_LEN (data_size, len+1 /* count the first byte and payload */); ++ ++ if (session->internals.priorities.safe_renegotiation == SR_DISABLED) ++ { ++ gnutls_assert (); ++ return 0; ++ } ++ ++ /* It is not legal to receive this extension on a renegotiation and ++ * not receive it on the initial negotiation. ++ */ ++ if (session->internals.initial_negotiation_completed != 0 && ++ session->internals.connection_using_safe_renegotiation == 0) ++ { ++ gnutls_assert(); ++ return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; ++ } ++ ++ if (len > sizeof (ext->ri_extension_data)) ++ { ++ gnutls_assert(); ++ return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; ++ } ++ ++ if (len > 0) ++ memcpy (ext->ri_extension_data, &data[1], len); ++ ext->ri_extension_data_len = len; ++ ++ /* "safe renegotiation received" means on *this* handshake; "connection using ++ * safe renegotiation" means that the initial hello received on the connection ++ * indicated safe renegotiation. ++ */ ++ session->internals.safe_renegotiation_received = 1; ++ session->internals.connection_using_safe_renegotiation = 1; ++ ++ return 0; ++} ++ ++int ++_gnutls_safe_renegotiation_send_params (gnutls_session_t session, ++ opaque * data, size_t _data_size) ++{ ++ /* The format of this extension is a one-byte length of verify data followed ++ * by the verify data itself. Note that the length byte does not include ++ * itself; IOW, empty verify data is represented as a length of 0. That means ++ * the minimum extension is one byte: 0x00. ++ */ ++ ssize_t data_size = _data_size; ++ tls_ext_st *ext = &session->security_parameters.extensions; ++ ++ ++ if (session->internals.priorities.safe_renegotiation == SR_DISABLED) ++ { ++ gnutls_assert(); ++ return 0; ++ } ++ ++ data[0] = 0; ++ ++ /* Always offer the extension if we're a client */ ++ if (session->internals.connection_using_safe_renegotiation || ++ session->security_parameters.entity == GNUTLS_CLIENT) ++ { ++ DECR_LEN (data_size, 1); ++ data[0] = ext->client_verify_data_len; ++ ++ DECR_LEN (data_size, ext->client_verify_data_len); ++ ++ if (ext->client_verify_data_len > 0) ++ memcpy(&data[1], ++ ext->client_verify_data, ++ ext->client_verify_data_len); ++ ++ if (session->security_parameters.entity == GNUTLS_SERVER) ++ { ++ data[0] += ext->server_verify_data_len; ++ ++ DECR_LEN (data_size, ext->server_verify_data_len); ++ ++ if (ext->server_verify_data_len > 0) ++ memcpy(&data[1 + ext->client_verify_data_len], ++ ext->server_verify_data, ++ ext->server_verify_data_len); ++ } ++ } ++ else ++ return 0; ++ ++ return 1 + data[0]; /* don't forget the length byte */ ++} ++ ++/** ++ * gnutls_safe_renegotiation_status: ++ * @session: is a #gnutls_session_t structure. ++ * ++ * Can be used to check whether safe renegotiation is being used ++ * in the current session. Returns 0 when not and non zero when ++ * used. ++ **/ ++int gnutls_safe_renegotiation_status (gnutls_session_t session) ++{ ++ return session->internals.connection_using_safe_renegotiation; ++} +--- /dev/null 2013-09-26 ++++ b/lib/ext_safe_renegotiation.h 2013-09-26 +@@ -0,0 +1,33 @@ ++/* ++ * Copyright (C) 2009 Free Software Foundation ++ * ++ * Author: Steve Dispensa (<dispensa@phonefactor.com>) ++ * ++ * This file is part of GNUTLS. ++ * ++ * The GNUTLS library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public License ++ * as published by the Free Software Foundation; either version 2.1 of ++ * the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, write to the Free Software ++ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, ++ * USA ++ * ++ */ ++ ++#ifndef EXT_SAFE_RENEGOTIATION_H ++# define EXT_SAFE_RENEGOTIATION_H ++ ++int _gnutls_safe_renegotiation_recv_params (gnutls_session_t state, ++ const opaque * data, size_t data_size); ++int _gnutls_safe_renegotiation_send_params (gnutls_session_t state, ++ opaque * data, size_t); ++ ++#endif /* EXT_SAFE_RENEGOTIATION_H */ +--- a/lib/gnutls_alert.c 2009-06-02 ++++ b/lib/gnutls_alert.c 2013-09-26 +@@ -180,6 +180,10 @@ gnutls_error_to_alert (int err, int *lev + ret = GNUTLS_A_ILLEGAL_PARAMETER; + _level = GNUTLS_AL_FATAL; + break; ++ case GNUTLS_E_UNKNOWN_SRP_USERNAME: ++ ret = GNUTLS_A_UNKNOWN_PSK_IDENTITY; ++ _level = GNUTLS_AL_FATAL; ++ break; + case GNUTLS_E_ASN1_ELEMENT_NOT_FOUND: + case GNUTLS_E_ASN1_IDENTIFIER_NOT_FOUND: + case GNUTLS_E_ASN1_DER_ERROR: +@@ -199,6 +203,7 @@ gnutls_error_to_alert (int err, int *lev + case GNUTLS_E_INSUFFICIENT_CREDENTIALS: + case GNUTLS_E_NO_CIPHER_SUITES: + case GNUTLS_E_NO_COMPRESSION_ALGORITHMS: ++ case GNUTLS_E_SAFE_RENEGOTIATION_FAILED: + ret = GNUTLS_A_HANDSHAKE_FAILURE; + _level = GNUTLS_AL_FATAL; + break; +@@ -212,6 +217,7 @@ gnutls_error_to_alert (int err, int *lev + _level = GNUTLS_AL_FATAL; + break; + case GNUTLS_E_REHANDSHAKE: ++ case GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED: + ret = GNUTLS_A_NO_RENEGOTIATION; + _level = GNUTLS_AL_WARNING; + break; +--- a/lib/gnutls_algorithms.c 2009-08-12 ++++ b/lib/gnutls_algorithms.c 2013-09-26 +@@ -457,6 +457,10 @@ typedef struct + #define GNUTLS_DHE_RSA_CAMELLIA_256_CBC_SHA1 { 0x00,0x88 } + #endif + ++/* Safe renegotiation */ ++ ++#define GNUTLS_RENEGO_PROTECTION_REQUEST { GNUTLS_RENEGO_PROTECTION_REQUEST_MAJOR, GNUTLS_RENEGO_PROTECTION_REQUEST_MINOR } ++ + #define CIPHER_SUITES_COUNT sizeof(cs_algorithms)/sizeof(gnutls_cipher_suite_entry)-1 + + static const gnutls_cipher_suite_entry cs_algorithms[] = { +@@ -624,6 +628,9 @@ static const gnutls_cipher_suite_entry c + GNUTLS_CIPHER_CAMELLIA_256_CBC, GNUTLS_KX_RSA, + GNUTLS_MAC_SHA1, GNUTLS_TLS1), + #endif ++ GNUTLS_CIPHER_SUITE_ENTRY (GNUTLS_RENEGO_PROTECTION_REQUEST, ++ GNUTLS_CIPHER_UNKNOWN, GNUTLS_KX_UNKNOWN, ++ GNUTLS_MAC_UNKNOWN, GNUTLS_SSL3), + {0, {{0, 0}}, 0, 0, 0, 0} + }; + +--- a/lib/gnutls_algorithms.h 2009-06-02 ++++ b/lib/gnutls_algorithms.h 2013-09-26 +@@ -27,6 +27,9 @@ + + #include "gnutls_auth.h" + ++#define GNUTLS_RENEGO_PROTECTION_REQUEST_MAJOR 0x00 ++#define GNUTLS_RENEGO_PROTECTION_REQUEST_MINOR 0xFF ++ + /* Functions for version handling. */ + gnutls_protocol_t _gnutls_version_lowest (gnutls_session_t session); + gnutls_protocol_t _gnutls_version_max (gnutls_session_t session); +--- a/lib/gnutls_constate.c 2009-11-06 ++++ b/lib/gnutls_constate.c 2013-09-26 +@@ -380,6 +380,17 @@ _gnutls_set_write_keys (gnutls_session_t + export_flag); + } + ++#define CPY_EXTENSIONS \ ++ memcpy(dst->extensions.server_names, src->extensions.server_names, sizeof(src->extensions.server_names)); \ ++ dst->extensions.server_names_size = src->extensions.server_names_size; \ ++ memcpy(dst->extensions.srp_username, src->extensions.srp_username, sizeof(src->extensions.srp_username)); \ ++ dst->extensions.gnutls_ia_enable = src->extensions.gnutls_ia_enable; \ ++ dst->extensions.gnutls_ia_peer_enable = src->extensions.gnutls_ia_peer_enable; \ ++ dst->extensions.gnutls_ia_allowskip = src->extensions.gnutls_ia_allowskip; \ ++ dst->extensions.gnutls_ia_peer_allowskip = src->extensions.gnutls_ia_peer_allowskip; \ ++ dst->extensions.do_recv_supplemental = src->extensions.do_recv_supplemental; \ ++ dst->extensions.do_send_supplemental = src->extensions.do_send_supplemental ++ + #define CPY_COMMON dst->entity = src->entity; \ + dst->kx_algorithm = src->kx_algorithm; \ + memcpy( &dst->current_cipher_suite, &src->current_cipher_suite, sizeof(cipher_suite_st)); \ +@@ -393,8 +404,8 @@ _gnutls_set_write_keys (gnutls_session_t + dst->max_record_recv_size = src->max_record_recv_size; \ + dst->max_record_send_size = src->max_record_send_size; \ + dst->version = src->version; \ +- memcpy( &dst->extensions, &src->extensions, sizeof(tls_ext_st)); \ +- memcpy( &dst->inner_secret, &src->inner_secret, GNUTLS_MASTER_SIZE); ++ CPY_EXTENSIONS; \ ++ memcpy( &dst->inner_secret, &src->inner_secret, GNUTLS_MASTER_SIZE) + + static void + _gnutls_cpy_read_security_parameters (security_parameters_st * +--- a/lib/gnutls_errors.c 2009-06-02 ++++ b/lib/gnutls_errors.c 2013-09-26 +@@ -220,9 +220,15 @@ static const gnutls_error_entry error_al + GNUTLS_E_OPENPGP_GETKEY_FAILED, 1), + ERROR_ENTRY (N_("Could not find OpenPGP subkey."), + GNUTLS_E_OPENPGP_SUBKEY_ERROR, 1), ++ ERROR_ENTRY (N_("Safe renegotiation failed."), ++ GNUTLS_E_SAFE_RENEGOTIATION_FAILED, 1), ++ ERROR_ENTRY (N_("Unsafe renegotiation denied."), ++ GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED, 1), + + ERROR_ENTRY (N_("The SRP username supplied is illegal."), + GNUTLS_E_ILLEGAL_SRP_USERNAME, 1), ++ ERROR_ENTRY (N_("The SRP username supplied is unknown."), ++ GNUTLS_E_UNKNOWN_SRP_USERNAME, 1), + + ERROR_ENTRY (N_("The OpenPGP fingerprint is not supported."), + GNUTLS_E_OPENPGP_FINGERPRINT_UNSUPPORTED, 1), +--- a/lib/gnutls_extensions.c 2009-06-08 ++++ b/lib/gnutls_extensions.c 2013-09-26 +@@ -35,6 +35,7 @@ + #include <ext_server_name.h> + #include <ext_oprfi.h> + #include <ext_srp.h> ++#include <ext_safe_renegotiation.h> + #include <gnutls_num.h> + + typedef struct +@@ -133,7 +134,7 @@ _gnutls_parse_extensions (gnutls_session + type = _gnutls_read_uint16 (&data[pos]); + pos += 2; + +- _gnutls_debug_log ("EXT[%p]: Received extension '%s/%d'\n", session, ++ _gnutls_debug_log ("EXT[%p]: Found extension '%s/%d'\n", session, + _gnutls_extension_get_name (type), type); + + if ((ret = _gnutls_extension_list_check (session, type)) < 0) +@@ -153,6 +154,8 @@ _gnutls_parse_extensions (gnutls_session + ext_recv = _gnutls_ext_func_recv (type, parse_type); + if (ext_recv == NULL) + continue; ++ ++ + if ((ret = ext_recv (session, sdata, size)) < 0) + { + gnutls_assert (); +@@ -170,7 +173,7 @@ _gnutls_parse_extensions (gnutls_session + * This list is used to check whether the (later) received + * extensions are the ones we requested. + */ +-static void ++void + _gnutls_extension_list_add (gnutls_session_t session, uint16_t type) + { + +@@ -192,7 +195,7 @@ _gnutls_extension_list_add (gnutls_sessi + + int + _gnutls_gen_extensions (gnutls_session_t session, opaque * data, +- size_t data_size) ++ size_t data_size, gnutls_ext_parse_type_t parse_type) + { + int size; + uint16_t pos = 0; +@@ -223,6 +226,9 @@ _gnutls_gen_extensions (gnutls_session_t + + if (p->send_func == NULL) + continue; ++ ++ if (parse_type != GNUTLS_EXT_ANY && p->parse_type != parse_type) ++ continue; + + size = p->send_func (session, sdata, sdata_size); + if (size > 0) +@@ -304,6 +310,14 @@ _gnutls_ext_init (void) + if (ret != GNUTLS_E_SUCCESS) + return ret; + ++ ret = gnutls_ext_register (GNUTLS_EXTENSION_SAFE_RENEGOTIATION, ++ "SAFE_RENEGOTIATION", ++ GNUTLS_EXT_MANDATORY, ++ _gnutls_safe_renegotiation_recv_params, ++ _gnutls_safe_renegotiation_send_params); ++ if (ret != GNUTLS_E_SUCCESS) ++ return ret; ++ + #ifdef ENABLE_OPRFI + ret = gnutls_ext_register (GNUTLS_EXTENSION_OPAQUE_PRF_INPUT, + "OPAQUE_PRF_INPUT", +--- a/lib/gnutls_extensions.h 2009-06-02 ++++ b/lib/gnutls_extensions.h 2013-09-26 +@@ -26,6 +26,8 @@ int _gnutls_parse_extensions (gnutls_ses + gnutls_ext_parse_type_t parse_type, + const opaque *data, int data_size); + int _gnutls_gen_extensions (gnutls_session_t session, opaque * data, +- size_t data_size); ++ size_t data_size, gnutls_ext_parse_type_t); + int _gnutls_ext_init (void); + void _gnutls_ext_deinit (void); ++ ++void _gnutls_extension_list_add (gnutls_session_t session, uint16_t type); +--- a/lib/gnutls_handshake.c 2009-11-02 ++++ b/lib/gnutls_handshake.c 2013-09-26 +@@ -48,6 +48,7 @@ + #include <gnutls_record.h> + #include <gnutls_state.h> + #include <ext_srp.h> ++#include <ext_safe_renegotiation.h> + #include <gnutls_rsa_export.h> /* for gnutls_get_rsa_params() */ + #include <auth_anon.h> /* for gnutls_anon_server_credentials_t */ + #include <auth_psk.h> /* for gnutls_psk_server_credentials_t */ +@@ -119,6 +120,7 @@ resume_copy_required_values (gnutls_sess + sizeof (session->security_parameters.session_id)); + session->security_parameters.session_id_size = + session->internals.resumed_security_parameters.session_id_size; ++ + } + + void +@@ -404,8 +406,36 @@ _gnutls_read_client_hello (gnutls_sessio + + if (ret == 0) + { /* resumed! */ ++ /* Parse only the safe renegotiation extension ++ * We don't want to parse any other extensions since ++ * we don't want new extension values to overwrite the ++ * resumed ones. ++ */ ++ ++ /* move forward to extensions */ ++ DECR_LEN (len, 2); ++ suite_size = _gnutls_read_uint16 (&data[pos]); ++ pos += 2; ++ ++ DECR_LEN (len, suite_size); ++ pos += suite_size; ++ ++ DECR_LEN (len, 1); ++ comp_size = data[pos++]; /* z is the number of compression methods */ ++ DECR_LEN (len, comp_size); ++ pos += comp_size; ++ ++ ret = _gnutls_parse_extensions (session, GNUTLS_EXT_MANDATORY, ++ &data[pos], len); ++ if (ret < 0) ++ { ++ gnutls_assert (); ++ return ret; ++ } ++ + resume_copy_required_values (session); + session->internals.resumed = RESUME_TRUE; ++ + return _gnutls_user_hello_func (session, adv_version); + } + else +@@ -437,17 +467,17 @@ _gnutls_read_client_hello (gnutls_sessio + pos += comp_size; + + /* Parse the extensions (if any) +- */ +- if (neg_version >= GNUTLS_TLS1) ++ * ++ * Unconditionally try to parse extensions; safe renegotiation uses them in ++ * sslv3 and higher, even though sslv3 doesn't officially support them. ++ */ ++ ret = _gnutls_parse_extensions (session, GNUTLS_EXT_APPLICATION, ++ &data[pos], len); ++ /* len is the rest of the parsed length */ ++ if (ret < 0) + { +- ret = _gnutls_parse_extensions (session, GNUTLS_EXT_APPLICATION, +- &data[pos], len); +- /* len is the rest of the parsed length */ +- if (ret < 0) +- { +- gnutls_assert (); +- return ret; +- } ++ gnutls_assert (); ++ return ret; + } + + ret = _gnutls_user_hello_func (session, adv_version); +@@ -457,16 +487,20 @@ _gnutls_read_client_hello (gnutls_sessio + return ret; + } + +- if (neg_version >= GNUTLS_TLS1) ++ ret = _gnutls_parse_extensions (session, GNUTLS_EXT_MANDATORY, ++ &data[pos], len); ++ if (ret < 0) + { +- ret = _gnutls_parse_extensions (session, GNUTLS_EXT_TLS, +- &data[pos], len); +- /* len is the rest of the parsed length */ +- if (ret < 0) +- { +- gnutls_assert (); +- return ret; +- } ++ gnutls_assert (); ++ return ret; ++ } ++ ++ ret = _gnutls_parse_extensions (session, GNUTLS_EXT_TLS, ++ &data[pos], len); ++ if (ret < 0) ++ { ++ gnutls_assert (); ++ return ret; + } + + /* select an appropriate cipher suite +@@ -531,7 +565,7 @@ _gnutls_handshake_hash_pending (gnutls_s + static int + _gnutls_send_finished (gnutls_session_t session, int again) + { +- uint8_t data[36]; ++ uint8_t data[MAX_VERIFY_DATA_SIZE]; + int ret; + int data_size = 0; + +@@ -556,7 +590,7 @@ _gnutls_send_finished (gnutls_session_t + data_size = 36; + } + else +- { /* TLS 1.0 */ ++ { /* TLS 1.0+ */ + ret = _gnutls_finished (session, + session->security_parameters.entity, data); + data_size = 12; +@@ -572,6 +606,31 @@ _gnutls_send_finished (gnutls_session_t + session->internals.finished_func (session, data, data_size); + } + ++ /* Save data for safe renegotiation. ++ */ ++ if (data_size > MAX_VERIFY_DATA_SIZE) ++ { ++ gnutls_assert (); ++ return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; ++ } ++ ++ if (session->security_parameters.entity == GNUTLS_CLIENT) ++ { ++ session->security_parameters.extensions.client_verify_data_len = ++ data_size; ++ ++ memcpy (session->security_parameters.extensions.client_verify_data, ++ data, data_size); ++ } ++ else ++ { ++ session->security_parameters.extensions.server_verify_data_len = ++ data_size; ++ ++ memcpy (session->security_parameters.extensions.server_verify_data, ++ data, data_size); ++ } ++ + ret = + _gnutls_send_handshake (session, data_size ? data : NULL, data_size, + GNUTLS_HANDSHAKE_FINISHED); +@@ -585,10 +644,11 @@ _gnutls_send_finished (gnutls_session_t + static int + _gnutls_recv_finished (gnutls_session_t session) + { +- uint8_t data[36], *vrfy; ++ uint8_t data[MAX_VERIFY_DATA_SIZE], *vrfy; + int data_size; + int ret; + int vrfysize; ++ tls_ext_st *ext; + + ret = + _gnutls_recv_handshake (session, &vrfy, &vrfysize, +@@ -640,13 +700,38 @@ _gnutls_recv_finished (gnutls_session_t + } + + if (memcmp (vrfy, data, data_size) != 0) ++ ret = memcmp (vrfy, data, data_size); ++ gnutls_free (vrfy); ++ ++ if (ret != 0) + { + gnutls_assert (); +- ret = GNUTLS_E_ERROR_IN_FINISHED_PACKET; ++ return GNUTLS_E_ERROR_IN_FINISHED_PACKET; + } +- gnutls_free (vrfy); + +- return ret; ++ /* Save peer's verify data for safe renegotiation */ ++ if (data_size > MAX_VERIFY_DATA_SIZE) ++ { ++ gnutls_assert (); ++ return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; ++ } ++ ++ ext = &session->security_parameters.extensions; ++ ++ if (session->security_parameters.entity == GNUTLS_CLIENT) ++ { ++ memcpy (ext->server_verify_data, data, data_size); ++ ext->server_verify_data_len = data_size; ++ } ++ else ++ { ++ memcpy (ext->client_verify_data, data, data_size); ++ ext->client_verify_data_len = data_size; ++ } ++ ++ session->internals.initial_negotiation_completed = 1; ++ ++ return 0; + } + + /* returns PK_RSA if the given cipher suite list only supports, +@@ -685,7 +767,6 @@ _gnutls_server_find_pk_algos_in_ciphersu + return algo; + } + +- + /* This selects the best supported ciphersuite from the given ones. Then + * it adds the suite to the session and performs some checks. + */ +@@ -700,11 +784,31 @@ _gnutls_server_select_suite (gnutls_sess + * supported by the peer. + */ + ++ /* First, check for safe renegotiation SCSV. ++ */ ++ if (session->internals.priorities.safe_renegotiation != SR_DISABLED) ++ { ++ int offset; ++ ++ for(offset = 0; offset < datalen; offset += 2) ++ { ++ /* TLS_RENEGO_PROTECTION_REQUEST = { 0x00, 0xff } */ ++ if (data[offset] == GNUTLS_RENEGO_PROTECTION_REQUEST_MAJOR && ++ data[offset+1] == GNUTLS_RENEGO_PROTECTION_REQUEST_MINOR) ++ { ++ _gnutls_handshake_log ("HSK[%p]: Received safe renegotiation CS\n", session); ++ session->internals.safe_renegotiation_received = 1; ++ session->internals.connection_using_safe_renegotiation = 1; ++ break; ++ } ++ } ++ } ++ + pk_algo = _gnutls_server_find_pk_algos_in_ciphersuites (data, datalen); + + x = _gnutls_supported_ciphersuites (session, &ciphers); + if (x < 0) +- { /* the case x==0 is handled within the function. */ ++ { /* the case x==0 is handled within the function. */ + gnutls_assert (); + return x; + } +@@ -752,21 +856,21 @@ _gnutls_server_select_suite (gnutls_sess + + for (j = 0; j < datalen; j += 2) + { +- for (i = 0; i < x; i++) +- { +- if (memcmp (ciphers[i].suite, &data[j], 2) == 0) +- { +- memcpy (&cs.suite, &data[j], 2); +- +- _gnutls_handshake_log +- ("HSK[%p]: Selected cipher suite: %s\n", session, +- _gnutls_cipher_suite_get_name (&cs)); +- memcpy (session->security_parameters.current_cipher_suite.suite, +- ciphers[i].suite, 2); +- retval = 0; +- goto finish; +- } +- } ++ for (i = 0; i < x; i++) ++ { ++ if (memcmp (ciphers[i].suite, &data[j], 2) == 0) ++ { ++ memcpy (&cs.suite, &data[j], 2); ++ ++ _gnutls_handshake_log ++ ("HSK[%p]: Selected cipher suite: %s\n", session, ++ _gnutls_cipher_suite_get_name (&cs)); ++ memcpy (session->security_parameters.current_cipher_suite.suite, ++ ciphers[i].suite, 2); ++ retval = 0; ++ goto finish; ++ } ++ } + } + + finish: +@@ -960,7 +1064,7 @@ _gnutls_send_handshake (gnutls_session_t + if (i_datasize > 0) + memcpy (&data[pos], i_data, i_datasize); + +- _gnutls_handshake_log ("HSK[%p]: %s was send [%ld bytes]\n", ++ _gnutls_handshake_log ("HSK[%p]: %s was sent [%ld bytes]\n", + session, _gnutls_handshake2str (type), + (long) datasize); + +@@ -1042,7 +1146,6 @@ _gnutls_recv_handshake_header (gnutls_se + + if (ret < 0) + { +- gnutls_assert (); + return ret; + } + +@@ -1525,15 +1628,26 @@ _gnutls_read_server_hello (gnutls_sessio + } + DECR_LEN (len, session_id_len); + +- + /* check if we are resuming and set the appropriate + * values; + */ + if (_gnutls_client_check_if_resuming + (session, &data[pos], session_id_len) == 0) +- return 0; +- pos += session_id_len; ++ { ++ pos += session_id_len + 2 + 1; ++ DECR_LEN (len, 2+1); ++ ++ ret = _gnutls_parse_extensions (session, GNUTLS_EXT_MANDATORY, ++ &data[pos], len); ++ if (ret < 0) ++ { ++ gnutls_assert (); ++ return ret; ++ } ++ return 0; ++ } + ++ pos += session_id_len; + + /* Check if the given cipher suite is supported and copy + * it to the session. +@@ -1548,8 +1662,6 @@ _gnutls_read_server_hello (gnutls_sessio + } + pos += 2; + +- +- + /* move to compression + */ + DECR_LEN (len, 1); +@@ -1563,32 +1675,32 @@ _gnutls_read_server_hello (gnutls_sessio + + /* Parse extensions. + */ +- if (version >= GNUTLS_TLS1) ++ ret = _gnutls_parse_extensions (session, GNUTLS_EXT_ANY, ++ &data[pos], len); ++ if (ret < 0) + { +- ret = _gnutls_parse_extensions (session, GNUTLS_EXT_ANY, +- &data[pos], len); +- /* len is the rest of the parsed length */ +- if (ret < 0) +- { +- gnutls_assert (); +- return ret; +- } ++ gnutls_assert (); ++ return ret; + } ++ + return ret; + } + + + /* This function copies the appropriate ciphersuites to a locally allocated buffer +- * Needed in client hello messages. Returns the new data length. ++ * Needed in client hello messages. Returns the new data length. If add_scsv is ++ * true, add the special safe renegotiation CS. + */ + static int + _gnutls_copy_ciphersuites (gnutls_session_t session, +- opaque * ret_data, size_t ret_data_size) ++ opaque * ret_data, size_t ret_data_size, ++ int add_scsv) + { + int ret, i; + cipher_suite_st *cipher_suites; + uint16_t cipher_num; + int datalen, pos; ++ uint16_t loop_max; + + ret = _gnutls_supported_ciphersuites_sorted (session, &cipher_suites); + if (ret < 0) +@@ -1619,6 +1731,9 @@ _gnutls_copy_ciphersuites (gnutls_sessio + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + ++ if (add_scsv) ++ ++ret; ++ + cipher_num = ret; + + cipher_num *= sizeof (uint16_t); /* in order to get bytes */ +@@ -1636,11 +1751,21 @@ _gnutls_copy_ciphersuites (gnutls_sessio + _gnutls_write_uint16 (cipher_num, ret_data); + pos += 2; + +- for (i = 0; i < (cipher_num / 2); i++) ++ loop_max = add_scsv ? cipher_num - 2 : cipher_num; ++ ++ for (i = 0; i < (loop_max / 2); i++) + { + memcpy (&ret_data[pos], cipher_suites[i].suite, 2); + pos += 2; + } ++ ++ if (add_scsv) ++ { ++ /* Safe renegotiation signalling CS value is { 0x00, 0xff } */ ++ ret_data[pos++] = 0x00; ++ ret_data[pos++] = 0xff; ++ } ++ + gnutls_free (cipher_suites); + + return datalen; +@@ -1700,7 +1825,7 @@ _gnutls_send_client_hello (gnutls_sessio + { + opaque *data = NULL; + int extdatalen; +- int pos = 0; ++ int pos = 0, type; + int datalen = 0, ret = 0; + opaque rnd[GNUTLS_RANDOM_SIZE]; + gnutls_protocol_t hver; +@@ -1807,9 +1932,21 @@ _gnutls_send_client_hello (gnutls_sessio + + + /* Copy the ciphersuites. ++ * ++ * If using SSLv3 Send TLS_RENEGO_PROTECTION_REQUEST SCSV for MITM ++ * prevention on initial negotiation (but not renegotiation; that's ++ * handled with the RI extension below). + */ +- extdatalen = +- _gnutls_copy_ciphersuites (session, extdata, sizeof (extdata)); ++ if(!session->internals.initial_negotiation_completed && ++ session->security_parameters.entity == GNUTLS_CLIENT && ++ gnutls_protocol_get_version (session) == GNUTLS_SSL3) ++ { ++ extdatalen = _gnutls_copy_ciphersuites (session, extdata, sizeof (extdata), TRUE); ++ _gnutls_extension_list_add (session, GNUTLS_EXTENSION_SAFE_RENEGOTIATION); ++ } ++ else ++ extdatalen = _gnutls_copy_ciphersuites (session, extdata, sizeof (extdata), FALSE); ++ + if (extdatalen > 0) + { + datalen += extdatalen; +@@ -1864,11 +2001,19 @@ _gnutls_send_client_hello (gnutls_sessio + /* Generate and copy TLS extensions. + */ + if (hver >= GNUTLS_TLS1) ++ type = GNUTLS_EXT_ANY; ++ else + { +- extdatalen = +- _gnutls_gen_extensions (session, extdata, sizeof (extdata)); ++ if (session->internals.initial_negotiation_completed != 0) ++ type = GNUTLS_EXT_MANDATORY; ++ else ++ type = GNUTLS_EXT_NONE; ++ } ++ ++ extdatalen = ++ _gnutls_gen_extensions (session, extdata, sizeof (extdata), type); + +- if (extdatalen > 0) ++ if (extdatalen > 0) + { + datalen += extdatalen; + data = gnutls_realloc_fast (data, datalen); +@@ -1880,13 +2025,12 @@ _gnutls_send_client_hello (gnutls_sessio + + memcpy (&data[pos], extdata, extdatalen); + } +- else if (extdatalen < 0) ++ else if (extdatalen < 0) + { + gnutls_assert (); + gnutls_free (data); + return extdatalen; + } +- } + } + + ret = +@@ -1932,15 +2076,7 @@ _gnutls_send_server_hello (gnutls_sessio + * alert and abort. + */ + gnutls_assert (); +- ret = gnutls_alert_send (session, GNUTLS_AL_FATAL, +- GNUTLS_A_UNKNOWN_PSK_IDENTITY); +- if (ret < 0) +- { +- gnutls_assert (); +- return ret; +- } +- +- return GNUTLS_E_ILLEGAL_SRP_USERNAME; ++ return GNUTLS_E_UNKNOWN_SRP_USERNAME; + } + } + #endif +@@ -1949,7 +2085,7 @@ _gnutls_send_server_hello (gnutls_sessio + { + datalen = 2 + session_id_len + 1 + GNUTLS_RANDOM_SIZE + 3; + extdatalen = +- _gnutls_gen_extensions (session, extdata, sizeof (extdata)); ++ _gnutls_gen_extensions (session, extdata, sizeof (extdata), GNUTLS_EXT_ANY); + + if (extdatalen < 0) + { +@@ -2015,6 +2151,8 @@ _gnutls_send_hello (gnutls_session_t ses + { + int ret; + ++ session->internals.safe_renegotiation_received = 0; ++ + if (session->security_parameters.entity == GNUTLS_CLIENT) + { + ret = _gnutls_send_client_hello (session, again); +@@ -2036,6 +2174,7 @@ int + _gnutls_recv_hello (gnutls_session_t session, opaque * data, int datalen) + { + int ret; ++ tls_ext_st *ext; + + if (session->security_parameters.entity == GNUTLS_CLIENT) + { +@@ -2047,7 +2186,7 @@ _gnutls_recv_hello (gnutls_session_t ses + } + } + else +- { /* Server side reading a client hello */ ++ { /* Server side reading a client hello */ + + ret = _gnutls_read_client_hello (session, data, datalen); + if (ret < 0) +@@ -2057,7 +2196,90 @@ _gnutls_recv_hello (gnutls_session_t ses + } + } + +- return ret; ++ if (session->internals.priorities.safe_renegotiation == SR_DISABLED) ++ { ++ gnutls_assert(); ++ return 0; ++ } ++ ++ /* Safe renegotiation */ ++ ext = &session->security_parameters.extensions; ++ ++ if (session->internals.safe_renegotiation_received) ++ { ++ if ((ext->ri_extension_data_len < ext->client_verify_data_len) || ++ (memcmp (ext->ri_extension_data, ++ ext->client_verify_data, ++ ext->client_verify_data_len))) ++ { ++ gnutls_assert(); ++ _gnutls_handshake_log ("Safe renegotiation failed [1]\n"); ++ return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; ++ } ++ if (session->security_parameters.entity == GNUTLS_CLIENT) ++ { ++ if ((ext->ri_extension_data_len != ++ ext->client_verify_data_len + ext->server_verify_data_len) || ++ memcmp (ext->ri_extension_data + ext->client_verify_data_len, ++ ext->server_verify_data, ext->server_verify_data_len) != 0) ++ { ++ gnutls_assert(); ++ _gnutls_handshake_log ("Safe renegotiation failed [2]\n"); ++ return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; ++ } ++ } ++ else /* Make sure there are 0 extra bytes */ ++ { ++ if (ext->ri_extension_data_len != ext->client_verify_data_len) ++ { ++ gnutls_assert(); ++ _gnutls_handshake_log ("Safe renegotiation failed [3]\n"); ++ return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; ++ } ++ } ++ ++ _gnutls_handshake_log ("Safe renegotiation succeeded.\n"); ++ } ++ else /* safe renegotiation not received... */ ++ { ++ if (session->internals.connection_using_safe_renegotiation) ++ { ++ gnutls_assert(); ++ _gnutls_handshake_log ("Peer previously asked for safe renegotiation!\n"); ++ return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; ++ } ++ ++ /* Clients can't tell if it's an initial negotiation */ ++ if (session->internals.initial_negotiation_completed) ++ { ++ ++ if (session->internals.priorities.safe_renegotiation < SR_PARTIAL) ++ { ++ _gnutls_handshake_log ("Allowing unsafe (re)negotiation!\n"); ++ } ++ else ++ { ++ gnutls_assert(); ++ _gnutls_handshake_log ("Denying unsafe (re)negotiation.\n"); ++ return GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED; ++ } ++ } ++ else ++ { ++ if (session->internals.priorities.safe_renegotiation < SR_SAFE) ++ { ++ _gnutls_handshake_log ("Allowing unsafe initial negotiation!\n"); ++ } ++ else ++ { ++ gnutls_assert(); ++ _gnutls_handshake_log ("Denying unsafe initial negotiation.\n"); ++ return GNUTLS_E_SAFE_RENEGOTIATION_FAILED; ++ } ++ } ++ } ++ ++ return 0; + } + + /* The packets in gnutls_handshake (it's more broad than original TLS handshake) +@@ -2097,6 +2319,13 @@ _gnutls_recv_hello (gnutls_session_t ses + * gnutls_handshake() function in order to negotiate the new + * parameters. + * ++ * Since TLS is full duplex some application data might have been ++ * sent during peer's processing of this message. In that case ++ * one should call gnutls_record_recv() until GNUTLS_E_REHANDSHAKE ++ * is returned to clear any pending data. Care must be taken if ++ * rehandshake is mandatory to terminate if it does not start after ++ * some threshold. ++ * + * If the client does not wish to renegotiate parameters he will + * should with an alert message, thus the return code will be + * %GNUTLS_E_WARNING_ALERT_RECEIVED and the alert will be +--- a/lib/gnutls_int.h 2009-11-02 ++++ b/lib/gnutls_int.h 2013-09-26 +@@ -171,7 +171,8 @@ typedef enum extensions_t + GNUTLS_EXTENSION_OPAQUE_PRF_INPUT = ENABLE_OPRFI, + #endif + GNUTLS_EXTENSION_SRP = 12, +- GNUTLS_EXTENSION_INNER_APPLICATION = 37703 ++ GNUTLS_EXTENSION_INNER_APPLICATION = 37703, ++ GNUTLS_EXTENSION_SAFE_RENEGOTIATION = 65281, /* aka: 0xff01 */ + } extensions_t; + + typedef enum +@@ -282,6 +283,11 @@ typedef struct + + #define MAX_SERVER_NAME_EXTENSIONS 3 + ++#define MAX_VERIFY_DATA_SIZE 36 /* in SSL 3.0, 12 in TLS 1.0 */ ++ ++/* If you want the extension data to be kept across resuming sessions ++ * then modify CPY_EXTENSIONS in gnutls_constate.c ++ */ + typedef struct + { + server_name_st server_names[MAX_SERVER_NAME_EXTENSIONS]; +@@ -297,6 +303,9 @@ typedef struct + /* Used by extensions that enable supplemental data. */ + int do_recv_supplemental, do_send_supplemental; + ++ /*** Those below do not get copied when resuming session ++ ***/ ++ + /* Opaque PRF input. */ + gnutls_oprfi_callback_func oprfi_cb; + void *oprfi_userdata; +@@ -304,6 +313,15 @@ typedef struct + uint16_t oprfi_client_len; + opaque *oprfi_server; + uint16_t oprfi_server_len; ++ ++ /* Safe renegotiation. */ ++ uint8_t client_verify_data[MAX_VERIFY_DATA_SIZE]; ++ size_t client_verify_data_len; ++ uint8_t server_verify_data[MAX_VERIFY_DATA_SIZE]; ++ size_t server_verify_data_len; ++ uint8_t ri_extension_data[MAX_VERIFY_DATA_SIZE*2]; /* max signal is 72 bytes in s->c sslv3 */ ++ size_t ri_extension_data_len; ++ + } tls_ext_st; + + /* auth_info_t structures now MAY contain malloced +@@ -317,7 +335,7 @@ typedef struct + */ + + /* if you add anything in Security_Parameters struct, then +- * also modify CPY_COMMON in gnutls_constate.c ++ * also modify CPY_COMMON in gnutls_constate.c. + */ + + /* Note that the security parameters structure is set up after the +@@ -361,6 +379,7 @@ typedef struct + /* holds the negotiated certificate type */ + gnutls_certificate_type_t cert_type; + gnutls_protocol_t version; /* moved here */ ++ + /* For TLS/IA. XXX: Move to IA credential? */ + opaque inner_secret[GNUTLS_MASTER_SIZE]; + } security_parameters_st; +@@ -400,6 +419,13 @@ typedef struct + unsigned int algorithms; + } priority_st; + ++typedef enum { ++ SR_DISABLED, ++ SR_UNSAFE, ++ SR_PARTIAL, ++ SR_SAFE, ++} safe_renegotiation_t; ++ + /* For the external api */ + struct gnutls_priority_st + { +@@ -409,9 +435,12 @@ struct gnutls_priority_st + priority_st compression; + priority_st protocol; + priority_st cert_type; ++ priority_st sign_algo; + + /* to disable record padding */ +- int no_padding; ++ int no_padding:1; ++ safe_renegotiation_t safe_renegotiation; ++ int allow_large_records:1; + int ssl3_record_version; + int additional_verify_flags; + }; +@@ -673,6 +702,10 @@ typedef struct + */ + uint16_t srp_prime_bits; + ++ int safe_renegotiation_received:1; ++ int initial_negotiation_completed:1; ++ int connection_using_safe_renegotiation:1; ++ + /* If you add anything here, check _gnutls_handshake_internal_state_clear(). + */ + } internals_st; +--- a/lib/gnutls_priority.c 2009-06-02 ++++ b/lib/gnutls_priority.c 2013-09-26 +@@ -338,6 +338,27 @@ static const int comp_priority[] = { + 0 + }; + ++static const int sign_priority_default[] = { ++ GNUTLS_SIGN_RSA_SHA1, ++ GNUTLS_SIGN_DSA_SHA1, ++ GNUTLS_SIGN_RSA_SHA256, ++ GNUTLS_SIGN_RSA_SHA384, ++ GNUTLS_SIGN_RSA_SHA512, ++ 0 ++}; ++ ++static const int sign_priority_secure128[] = { ++ GNUTLS_SIGN_RSA_SHA256, ++ GNUTLS_SIGN_RSA_SHA384, ++ GNUTLS_SIGN_RSA_SHA512, ++ GNUTLS_SIGN_DSA_SHA1, ++ 0 ++}; ++ ++static const int sign_priority_secure256[] = { ++ GNUTLS_SIGN_RSA_SHA512, ++ 0 ++}; + + static const int mac_priority_performance[] = { + GNUTLS_MAC_MD5, +@@ -425,6 +446,14 @@ gnutls_priority_set (gnutls_session_t se + memcpy (&session->internals.priorities, priority, + sizeof (struct gnutls_priority_st)); + ++ /* set the current version to the first in the chain. ++ * * This will be overridden later. ++ * */ ++ if (session->internals.priorities.protocol.algorithms > 0) ++ _gnutls_set_current_version (session, ++ session->internals.priorities.protocol. ++ priority[0]); ++ + return 0; + } + +@@ -491,6 +520,21 @@ gnutls_priority_set (gnutls_session_t se + * + * "%COMPAT" will enable compatibility features for a server. + * ++ * "%DISABLE_SAFE_RENEGOTIATION" will disable safe renegotiation completely. Do not use ++ * unless you know what you are doing. Testing purposes only. ++ * ++ * "%UNSAFE_RENEGOTIATION" will allow unsafe renegotiation (this is now ++ * the default for clients, but will change once more servers support the safe renegotiation ++ * TLS fix). ++ * ++ * "%PARTIAL_SAFE_RENEGOTIATION" In server side it will enable safe renegotiation ++ * and will protect all clients from known attacks, but will not prevent insecure clients ++ * from connecting. In client side it will disallow from renegotiating with an insecure server ++ * but will not prevent connecting to one (this leaves the client vulnerable to attacks). ++ * ++ * "%SAFE_RENEGOTIATION" will enforce safe renegotiation. Clients and Servers will refuse ++ * to talk to an insecure peer. ++ * + * "%SSL3_RECORD_VERSION" will use SSL3.0 record version in client hello. + * + * "%VERIFY_ALLOW_SIGN_RSA_MD5" will allow RSA-MD5 signatures in +@@ -523,7 +567,7 @@ gnutls_priority_init (gnutls_priority_t + { + char *broken_list[MAX_ELEMENTS]; + int broken_list_size, i, j; +- char *darg; ++ char *darg = NULL; + int algo; + rmadd_func *fn; + +@@ -533,6 +577,11 @@ gnutls_priority_init (gnutls_priority_t + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } ++ ++ /* for now unsafe renegotiation is default on everyone. To be removed ++ * when we make it the default. ++ */ ++ (*priority_cache)->safe_renegotiation = SR_PARTIAL; + + if (priorities == NULL) + priorities = "NORMAL"; +@@ -541,9 +590,10 @@ gnutls_priority_init (gnutls_priority_t + if (darg == NULL) + { + gnutls_assert (); +- return GNUTLS_E_MEMORY_ERROR; ++ goto error; + } + ++ + break_comma_list (darg, broken_list, &broken_list_size, MAX_ELEMENTS, ':'); + /* This is our default set of protocol version, certificate types and + * compression methods. +@@ -553,6 +603,7 @@ gnutls_priority_init (gnutls_priority_t + _set_priority (&(*priority_cache)->protocol, protocol_priority); + _set_priority (&(*priority_cache)->compression, comp_priority); + _set_priority (&(*priority_cache)->cert_type, cert_type_priority); ++ _set_priority (&(*priority_cache)->sign_algo, sign_priority_default); + i = 0; + } + else +@@ -568,12 +619,16 @@ gnutls_priority_init (gnutls_priority_t + cipher_priority_performance); + _set_priority (&(*priority_cache)->kx, kx_priority_performance); + _set_priority (&(*priority_cache)->mac, mac_priority_performance); ++ _set_priority (&(*priority_cache)->sign_algo, ++ sign_priority_default); + } + else if (strcasecmp (broken_list[i], "NORMAL") == 0) + { + _set_priority (&(*priority_cache)->cipher, cipher_priority_normal); + _set_priority (&(*priority_cache)->kx, kx_priority_secure); + _set_priority (&(*priority_cache)->mac, mac_priority_secure); ++ _set_priority (&(*priority_cache)->sign_algo, ++ sign_priority_default); + } + else if (strcasecmp (broken_list[i], "SECURE256") == 0 + || strcasecmp (broken_list[i], "SECURE") == 0) +@@ -582,6 +637,8 @@ gnutls_priority_init (gnutls_priority_t + cipher_priority_secure256); + _set_priority (&(*priority_cache)->kx, kx_priority_secure); + _set_priority (&(*priority_cache)->mac, mac_priority_secure); ++ _set_priority (&(*priority_cache)->sign_algo, ++ sign_priority_secure256); + } + else if (strcasecmp (broken_list[i], "SECURE128") == 0) + { +@@ -589,12 +646,16 @@ gnutls_priority_init (gnutls_priority_t + cipher_priority_secure128); + _set_priority (&(*priority_cache)->kx, kx_priority_secure); + _set_priority (&(*priority_cache)->mac, mac_priority_secure); ++ _set_priority (&(*priority_cache)->sign_algo, ++ sign_priority_secure128); + } + else if (strcasecmp (broken_list[i], "EXPORT") == 0) + { + _set_priority (&(*priority_cache)->cipher, cipher_priority_export); + _set_priority (&(*priority_cache)->kx, kx_priority_export); + _set_priority (&(*priority_cache)->mac, mac_priority_secure); ++ _set_priority (&(*priority_cache)->sign_algo, ++ sign_priority_default); + } /* now check if the element is something like -ALGO */ + else if (broken_list[i][0] == '!' || broken_list[i][0] == '+' + || broken_list[i][0] == '-') +@@ -619,6 +680,8 @@ gnutls_priority_init (gnutls_priority_t + gnutls_protocol_get_id (&broken_list[i][6])) != + GNUTLS_VERSION_UNKNOWN) + fn (&(*priority_cache)->protocol, algo); ++ else ++ goto error; + } /* now check if the element is something like -ALGO */ + else if (strncasecmp (&broken_list[i][1], "COMP-", 5) == 0) + { +@@ -626,6 +689,8 @@ gnutls_priority_init (gnutls_priority_t + gnutls_compression_get_id (&broken_list[i][6])) != + GNUTLS_COMP_UNKNOWN) + fn (&(*priority_cache)->compression, algo); ++ else ++ goto error; + } /* now check if the element is something like -ALGO */ + else if (strncasecmp (&broken_list[i][1], "CTYPE-", 6) == 0) + { +@@ -633,18 +698,34 @@ gnutls_priority_init (gnutls_priority_t + gnutls_certificate_type_get_id (&broken_list[i][7])) != + GNUTLS_CRT_UNKNOWN) + fn (&(*priority_cache)->cert_type, algo); ++ else ++ goto error; + } /* now check if the element is something like -ALGO */ ++ else if (strncasecmp (&broken_list[i][1], "SIGN-", 5) == 0) ++ { ++ if ((algo = gnutls_sign_get_id (&broken_list[i][6])) != ++ GNUTLS_SIGN_UNKNOWN) ++ fn (&(*priority_cache)->sign_algo, algo); ++ else ++ goto error; ++ } /* now check if the element is something like -ALGO */ + else + goto error; + } + else if (broken_list[i][0] == '%') + { + if (strcasecmp (&broken_list[i][1], "COMPAT") == 0) ++ { + (*priority_cache)->no_padding = 1; ++ (*priority_cache)->allow_large_records = 1; ++ } + else if (strcasecmp (&broken_list[i][1], + "VERIFY_ALLOW_SIGN_RSA_MD5") == 0) ++ { ++ prio_add (&(*priority_cache)->sign_algo, GNUTLS_SIGN_RSA_MD5); + (*priority_cache)->additional_verify_flags |= + GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5; ++ } + else if (strcasecmp (&broken_list[i][1], + "SSL3_RECORD_VERSION") == 0) + (*priority_cache)->ssl3_record_version = 1; +@@ -652,6 +733,25 @@ gnutls_priority_init (gnutls_priority_t + "VERIFY_ALLOW_X509_V1_CA_CRT") == 0) + (*priority_cache)->additional_verify_flags |= + GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT; ++ else if (strcasecmp (&broken_list[i][1], ++ "UNSAFE_RENEGOTIATION") == 0) ++ { ++ (*priority_cache)->safe_renegotiation = SR_UNSAFE; ++ } ++ else if (strcasecmp (&broken_list[i][1], "SAFE_RENEGOTIATION") == 0) ++ { ++ (*priority_cache)->safe_renegotiation = SR_SAFE; ++ } ++ else if (strcasecmp (&broken_list[i][1], ++ "PARTIAL_RENEGOTIATION") == 0) ++ { ++ (*priority_cache)->safe_renegotiation = SR_PARTIAL; ++ } ++ else if (strcasecmp (&broken_list[i][1], ++ "DISABLE_SAFE_RENEGOTIATION") == 0) ++ { ++ (*priority_cache)->safe_renegotiation = SR_DISABLED; ++ } + else + goto error; + } +@@ -672,6 +772,7 @@ error: + } + } + gnutls_free (darg); ++ gnutls_free(*priority_cache); + + return GNUTLS_E_INVALID_REQUEST; + +--- a/lib/gnutls_record.c 2009-06-02 ++++ b/lib/gnutls_record.c 2013-09-26 +@@ -744,6 +744,14 @@ record_check_type (gnutls_session_t sess + if (session->security_parameters.entity == GNUTLS_SERVER) + { + gnutls_assert (); ++ ret = ++ _gnutls_record_buffer_put (recv_type, session, (void *) data, ++ data_size); ++ if (ret < 0) ++ { ++ gnutls_assert (); ++ return ret; ++ } + return GNUTLS_E_REHANDSHAKE; + } + +@@ -896,9 +904,13 @@ begin: + _gnutls_io_read_buffered (session, &headers, header_size, + -1)) != header_size) + { ++ _gnutls_handshake_log ("XXX[]: ret: %d %s\n", ret, gnutls_strerror(ret)); ++ + if (ret < 0 && gnutls_error_is_fatal (ret) == 0) + return ret; + ++ _gnutls_handshake_log ("XXX2[]: ret: %d %s\n", ret, gnutls_strerror(ret)); ++ + session_invalidate (session); + if (type == GNUTLS_ALERT) + { +--- a/lib/gnutls_state.c 2009-11-02 ++++ b/lib/gnutls_state.c 2013-09-26 +@@ -223,6 +223,7 @@ _gnutls_handshake_internal_state_clear ( + session->internals.adv_version_minor = 0; + session->internals.adv_version_minor = 0; + session->internals.direction = 0; ++ session->internals.safe_renegotiation_received = 0; + + /* use out of band data for the last + * handshake messages received. +@@ -338,6 +339,11 @@ gnutls_init (gnutls_session_t * session, + + _gnutls_handshake_internal_state_clear (*session); + ++ /* emulate old gnutls behavior for old applications that do not use the priority_* ++ * functions. ++ */ ++ (*session)->internals.priorities.safe_renegotiation = SR_PARTIAL; ++ + return 0; + } + +--- a/lib/includes/gnutls/gnutls.h.in 2009-06-02 ++++ b/lib/includes/gnutls/gnutls.h.in 2013-09-26 +@@ -503,7 +503,9 @@ extern "C" { + { + GNUTLS_EXT_ANY, + GNUTLS_EXT_APPLICATION, +- GNUTLS_EXT_TLS ++ GNUTLS_EXT_TLS, ++ GNUTLS_EXT_MANDATORY, /* parse even if resuming or extensions disabled */ ++ GNUTLS_EXT_NONE, + } gnutls_ext_parse_type_t; + + int gnutls_ext_register (int type, +@@ -525,6 +527,9 @@ extern "C" { + void *data, size_t * data_length, + unsigned int *type, unsigned int indx); + ++ /* Safe renegotiation */ ++ int gnutls_safe_renegotiation_status (gnutls_session_t session); ++ + /* Opaque PRF Input + * http://tools.ietf.org/id/draft-rescorla-tls-opaque-prf-input-00.txt + */ +@@ -1368,6 +1373,9 @@ extern "C" { + #define GNUTLS_E_IA_VERIFY_FAILED -104 + + #define GNUTLS_E_UNKNOWN_ALGORITHM -105 ++#define GNUTLS_E_SAFE_RENEGOTIATION_FAILED -107 ++#define GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED -108 ++#define GNUTLS_E_UNKNOWN_SRP_USERNAME -109 + + #define GNUTLS_E_BASE64_ENCODING_ERROR -201 + #define GNUTLS_E_INCOMPATIBLE_GCRYPT_LIBRARY -202 /* obsolete */ +--- a/lib/libgnutls.map 2009-06-02 ++++ b/lib/libgnutls.map 2013-09-26 +@@ -567,6 +567,12 @@ GNUTLS_2_8 + gnutls_x509_crt_verify_hash; + } GNUTLS_1_4; + ++GNUTLS_2_10 ++{ ++ global: ++ gnutls_safe_renegotiation_status; ++} GNUTLS_2_8; ++ + GNUTLS_PRIVATE { + global: + # Internal symbols needed by libgnutls-extra: +--- a/lib/Makefile.am 2009-06-02 ++++ b/lib/Makefile.am 2013-09-26 +@@ -79,7 +79,7 @@ COBJECTS = gnutls_record.c gnutls_compre + gnutls_rsa_export.c auth_rsa_export.c ext_server_name.c \ + auth_dh_common.c gnutls_helper.c gnutls_supplemental.c \ + crypto.c random.c pk-libgcrypt.c mpi-libgcrypt.c \ +- rnd-libgcrypt.c cipher-libgcrypt.c mac-libgcrypt.c ++ rnd-libgcrypt.c cipher-libgcrypt.c mac-libgcrypt.c ext_safe_renegotiation.c + + if ENABLE_OPRFI + COBJECTS += $(OPRFI_COBJECTS) +@@ -98,7 +98,7 @@ HFILES = debug.h gnutls_compress.h gnutl + gnutls_rsa_export.h ext_server_name.h auth_dh_common.h \ + ext_srp.h gnutls_srp.h auth_srp.h auth_srp_passwd.h \ + gnutls_helper.h auth_psk.h auth_psk_passwd.h \ +- gnutls_supplemental.h ext_oprfi.h crypto.h random.h ++ gnutls_supplemental.h ext_oprfi.h crypto.h random.h ext_safe_renegotiation.h + + # Separate so we can create the documentation + +--- a/lib/Makefile.in 2010-03-15 ++++ b/lib/Makefile.in 2013-09-26 +@@ -214,7 +214,7 @@ am__objects_4 = gnutls_record.lo gnutls_ + ext_server_name.lo auth_dh_common.lo gnutls_helper.lo \ + gnutls_supplemental.lo crypto.lo random.lo pk-libgcrypt.lo \ + mpi-libgcrypt.lo rnd-libgcrypt.lo cipher-libgcrypt.lo \ +- mac-libgcrypt.lo $(am__objects_3) ++ mac-libgcrypt.lo ext_safe_renegotiation.lo $(am__objects_3) + am__objects_5 = ext_srp.lo gnutls_srp.lo auth_srp.lo \ + auth_srp_passwd.lo auth_srp_sb64.lo auth_srp_rsa.lo + am__objects_6 = auth_psk.lo auth_psk_passwd.lo gnutls_psk.lo \ +@@ -854,6 +854,7 @@ COBJECTS = gnutls_record.c gnutls_compre + auth_dh_common.c gnutls_helper.c gnutls_supplemental.c \ + crypto.c random.c pk-libgcrypt.c mpi-libgcrypt.c \ + rnd-libgcrypt.c cipher-libgcrypt.c mac-libgcrypt.c \ ++ ext_safe_renegotiation.c \ + $(am__append_5) + HFILES = debug.h gnutls_compress.h gnutls_cipher.h gnutls_buffers.h \ + gnutls_errors.h gnutls_int.h gnutls_handshake.h gnutls_num.h \ +@@ -868,7 +869,8 @@ HFILES = debug.h gnutls_compress.h gnutl + gnutls_rsa_export.h ext_server_name.h auth_dh_common.h \ + ext_srp.h gnutls_srp.h auth_srp.h auth_srp_passwd.h \ + gnutls_helper.h auth_psk.h auth_psk_passwd.h \ +- gnutls_supplemental.h ext_oprfi.h crypto.h random.h ++ gnutls_supplemental.h ext_oprfi.h crypto.h random.h \ ++ ext_safe_renegotiation.h + + + # Separate so we can create the documentation +@@ -1058,6 +1060,7 @@ distclean-compile: + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gnutls_x509.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libgnutlsxx_la-gnutlsxx.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mac-libgcrypt.Plo@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ext_safe_renegotiation.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mpi-libgcrypt.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pk-libgcrypt.Plo@am__quote@ + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pkix_asn1_tab.Plo@am__quote@ +--- a/NEWS 2009-09-18 ++++ b/NEWS 2013-09-26 +@@ -3,6 +3,23 @@ + Copyright (C) 2000, 2001, 2002, 2003, 2004 Nikos Mavrogiannopoulos + See the end for copying conditions. + ++** libgnutls: Added Steve Dispensa's patch for safe renegotiation (RFC 5746) ++Solves the issue discussed in: ++<http://www.ietf.org/mail-archive/web/tls/current/msg03928.html> and ++<http://www.ietf.org/mail-archive/web/tls/current/msg03948.html>. ++Note that to allow connecting to unpatched servers the full protection ++is only enabled if the priority string %SAFE_RENEGOTIATION is ++specified. You can check whether protection is in place by querying ++gnutls_safe_renegotiation_status(). New error codes ++GNUTLS_E_SAFE_RENEGOTIATION_FAILED and ++GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED added. ++ ++gnutls_safe_renegotiation_status: Added ++ ++%UNSAFE_RENEGOTIATION: Added to priority strings ++%INITIAL_SAFE_RENEGOTIATION: Added to priority strings ++%DISABLE_SAFE_RENEGOTIATION: Added to priority strings (do not use) ++ + * Version 2.8.4 (released 2009-09-18) + + ** libgnutls: Enable Camellia ciphers by default. +--- a/src/cli-gaa.c 2009-06-02 ++++ b/src/cli-gaa.c 2013-09-26 +@@ -129,6 +129,7 @@ void gaa_help(void) + printf("GNU TLS test client\nUsage: gnutls-cli [options] hostname\n\n\n"); + __gaa_helpsingle('d', "debug", "integer ", "Enable debugging"); + __gaa_helpsingle('r', "resume", "", "Connect, establish a session. Connect again and resume this session."); ++ __gaa_helpsingle('e', "rehandshake", "", "Connect, establish a session and rehandshake immediately."); + __gaa_helpsingle('s', "starttls", "", "Connect, establish a plain session and start TLS when EOF or a SIGALRM is received."); + __gaa_helpsingle(0, "crlf", "", "Send CR LF instead of LF."); + __gaa_helpsingle(0, "x509fmtder", "", "Use DER format for certificates to read from."); +@@ -250,6 +251,8 @@ struct _gaainfo + int crlf; + #line 20 "cli.gaa" + int starttls; ++#line 20 "cli.gaa" ++ int rehandshake; + #line 17 "cli.gaa" + int resume; + #line 14 "cli.gaa" +@@ -342,8 +345,9 @@ static int gaa_error = 0; + #define GAAOPTID_x509fmtder 31 + #define GAAOPTID_crlf 32 + #define GAAOPTID_starttls 33 +-#define GAAOPTID_resume 34 +-#define GAAOPTID_debug 35 ++#define GAAOPTID_rehandshake 34 ++#define GAAOPTID_resume 35 ++#define GAAOPTID_debug 36 + + #line 168 "gaa.skel" + +@@ -721,6 +725,7 @@ static int gaa_get_option_num(char *str, + GAA_CHECK1STR("", GAAOPTID_x509fmtder); + GAA_CHECK1STR("", GAAOPTID_crlf); + GAA_CHECK1STR("s", GAAOPTID_starttls); ++ GAA_CHECK1STR("e", GAAOPTID_rehandshake); + GAA_CHECK1STR("r", GAAOPTID_resume); + + #line 277 "gaa.skel" +@@ -759,6 +764,7 @@ static int gaa_get_option_num(char *str, + GAA_CHECKSTR("x509fmtder", GAAOPTID_x509fmtder); + GAA_CHECKSTR("crlf", GAAOPTID_crlf); + GAA_CHECKSTR("starttls", GAAOPTID_starttls); ++ GAA_CHECKSTR("rehandshake", GAAOPTID_rehandshake); + GAA_CHECKSTR("resume", GAAOPTID_resume); + GAA_CHECKSTR("debug", GAAOPTID_debug); + +@@ -1101,6 +1107,13 @@ static int gaa_try(int gaa_num, int gaa_ + + return GAA_OK; + break; ++ case GAAOPTID_rehandshake: ++ OK = 0; ++#line 21 "cli.gaa" ++{ gaaval->rehandshake = 1 ;}; ++ ++ return GAA_OK; ++ break; + case GAAOPTID_resume: + OK = 0; + #line 18 "cli.gaa" +@@ -1164,7 +1177,7 @@ int gaa(int argc, char **argv, gaainfo * + gaaval->srp_username=NULL; gaaval->srp_passwd=NULL; gaaval->fmtder = 0; gaaval->starttls =0; + gaaval->debug = 0; gaaval->print_cert = 0; gaaval->verbose = 0; gaaval->psk_key = NULL; + gaaval->psk_username = NULL; gaaval->priorities = NULL; +- gaaval->opaque_prf_input = NULL; gaaval->pgp_subkey = NULL; ;}; ++ gaaval->opaque_prf_input = NULL; gaaval->pgp_subkey = NULL; gaaval->rehandshake = 0; ;}; + + } + inited = 1; +--- a/src/cli-gaa.h 2009-06-02 ++++ b/src/cli-gaa.h 2013-09-26 +@@ -82,6 +82,7 @@ struct _gaainfo + int crlf; + #line 20 "cli.gaa" + int starttls; ++ int rehandshake; + #line 17 "cli.gaa" + int resume; + #line 14 "cli.gaa" +--- a/src/cli.c 2009-06-02 ++++ b/src/cli.c 2013-09-26 +@@ -53,7 +53,7 @@ + #define MAX_BUF 4096 + + /* global stuff here */ +-int resume, starttls, insecure; ++int resume, starttls, insecure, rehandshake; + const char *hostname = NULL; + char *service; + int record_max_size; +@@ -674,6 +674,23 @@ after_handshake: + programs to search for when gnutls-cli has reached this point. */ + printf ("\n- Simple Client Mode:\n\n"); + ++ if (rehandshake) ++ { ++ ret = do_handshake (&hd); ++ ++ if (ret < 0) ++ { ++ fprintf (stderr, "*** ReHandshake has failed\n"); ++ gnutls_perror (ret); ++ gnutls_deinit (hd.session); ++ return 1; ++ } ++ else ++ { ++ printf ("- ReHandshake was completed\n"); ++ } ++ } ++ + #ifndef _WIN32 + signal (SIGALRM, &starttls_alarm); + #endif +@@ -838,6 +855,7 @@ gaa_parser (int argc, char **argv) + print_cert = info.print_cert; + starttls = info.starttls; + resume = info.resume; ++ rehandshake = info.rehandshake; + insecure = info.insecure; + service = info.port; + record_max_size = info.record_size; +@@ -962,6 +980,11 @@ do_handshake (socket_st * socket) + socket->secure = 1; + + } ++ else ++ { ++ gnutls_alert_send_appropriate(socket->session, ret); ++ shutdown (socket->fd, SHUT_RDWR); ++ } + return ret; + } + +--- a/src/cli.gaa 2009-06-02 ++++ b/src/cli.gaa 2013-09-26 +@@ -17,6 +17,9 @@ option (d, debug) INT "integer" { $debug + #int resume; + option (r, resume) { $resume = 1 } "Connect, establish a session. Connect again and resume this session." + ++#int rehandshake; ++option (e, rehandshake) { $rehandshake = 1 } "Connect, establish a session and rehandshake immediately." ++ + #int starttls; + option (s, starttls) { $starttls = 1 } "Connect, establish a plain session and start TLS when EOF or a SIGALRM is received." + +@@ -130,4 +133,4 @@ init { $resume=0; $port="443"; $rest_arg + $srp_username=NULL; $srp_passwd=NULL; $fmtder = 0; $starttls =0; + $debug = 0; $print_cert = 0; $verbose = 0; $psk_key = NULL; + $psk_username = NULL; $priorities = NULL; +- $opaque_prf_input = NULL; $pgp_subkey = NULL; } ++ $opaque_prf_input = NULL; $pgp_subkey = NULL; $rehandshake = 0; } +--- a/src/serv.c 2009-11-06 ++++ b/src/serv.c 2013-09-26 +@@ -760,6 +760,18 @@ get_response (gnutls_session_t session, + } + else + { ++ fprintf(stderr, "received: %s\n", request); ++ if (request[0] == request[1] && request[0] == '*') ++ { ++ if (strncmp(request, "**REHANDSHAKE**", sizeof("**REHANDSHAKE**")-1)==0) ++ { ++ fprintf(stderr, "*** Sending rehandshake request\n"); ++ gnutls_rehandshake(session); ++ } ++ *response = NULL; ++ *response_length = 0; ++ return; ++ } + *response = strdup (request); + *response_length = ((*response) ? strlen (*response) : 0); + } +@@ -1173,7 +1185,7 @@ main (int argc, char **argv) + ret = + gnutls_alert_send_appropriate (j->tls_session, r); + } +- while (ret == GNUTLS_E_AGAIN); ++ while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); + j->http_state = HTTP_STATE_CLOSING; + } + else if (r == 0) +@@ -1206,14 +1218,37 @@ main (int argc, char **argv) + } + else if (r <= 0) + { +- j->http_state = HTTP_STATE_CLOSING; +- if (r < 0 && r != GNUTLS_E_UNEXPECTED_PACKET_LENGTH) ++ if (r == GNUTLS_E_REHANDSHAKE) + { +- check_alert (j->tls_session, r); +- fprintf (stderr, "Error while receiving data\n"); +- GERR (r); +- } +- ++ fprintf(stderr, "*** Received hello message\n"); ++ do ++ { ++ r = gnutls_handshake (j->tls_session); ++ } ++ while (r == GNUTLS_E_INTERRUPTED || r == GNUTLS_E_AGAIN); ++ if (r < 0) ++ { ++ ++ do ++ { ++ ret = gnutls_alert_send_appropriate (j->tls_session, r); ++ } ++ while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED); ++ ++ GERR (r); ++ j->http_state = HTTP_STATE_CLOSING; ++ } ++ } ++ else ++ { ++ j->http_state = HTTP_STATE_CLOSING; ++ if (r < 0 && r != GNUTLS_E_UNEXPECTED_PACKET_LENGTH) ++ { ++ check_alert (j->tls_session, r); ++ fprintf (stderr, "Error while receiving data\n"); ++ GERR (r); ++ } ++ } + } + else + { +@@ -1295,7 +1330,7 @@ main (int argc, char **argv) + } + } + +- if (j->handshake_ok == 1) ++ if (j->handshake_ok == 1 && j->http_response != NULL) + { + /* FIXME if j->http_response == NULL? */ + r = gnutls_record_send (j->tls_session, +@@ -1347,6 +1382,12 @@ main (int argc, char **argv) + } + } + } ++ else ++ { ++ j->request_length = 0; ++ j->http_request[0] = 0; ++ j->http_state = HTTP_STATE_REQUEST; ++ } + } + } + lloopend (listener_list, j); +--- a/src/tests.c 2009-06-02 ++++ b/src/tests.c 2013-09-26 +@@ -45,6 +45,7 @@ extern int verbose; + int tls1_ok = 0; + int ssl3_ok = 0; + int tls1_1_ok = 0; ++int tls1_2_ok = 0; + + /* keep session info */ + static char *session_data = NULL; +@@ -103,158 +104,28 @@ do_handshake (gnutls_session_t session) + return TEST_SUCCEED; + } + +-static int protocol_priority[16] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 }; ++char protocol_str[] = "+VERS-TLS1.0:+VERS-SSL3.0"; ++char prio_str[256] = ""; + +-static const int kx_priority[16] = +- { GNUTLS_KX_RSA, GNUTLS_KX_DHE_DSS, GNUTLS_KX_DHE_RSA, +- GNUTLS_KX_ANON_DH, +- GNUTLS_KX_RSA_EXPORT, 0 +-}; +- +-static const int cipher_priority[16] = +- { GNUTLS_CIPHER_3DES_CBC, GNUTLS_CIPHER_ARCFOUR_128, +- GNUTLS_CIPHER_ARCFOUR_40, 0 +-}; +-static const int comp_priority[16] = { GNUTLS_COMP_NULL, 0 }; +-static const int mac_priority[16] = { GNUTLS_MAC_SHA1, GNUTLS_MAC_MD5, 0 }; +-static const int cert_type_priority[16] = { GNUTLS_CRT_X509, 0 }; +- +-#define ADD_ALL_CIPHERS(session) gnutls_cipher_set_priority(session, cipher_priority) +-#define ADD_ALL_COMP(session) gnutls_compression_set_priority(session, comp_priority) +-#define ADD_ALL_MACS(session) gnutls_mac_set_priority(session, mac_priority) +-#define ADD_ALL_KX(session) gnutls_kx_set_priority(session, kx_priority) +-#define ADD_ALL_PROTOCOLS(session) gnutls_protocol_set_priority(session, protocol_priority) +-#define ADD_ALL_CERTTYPES(session) gnutls_certificate_type_set_priority(session, cert_type_priority) +- +-static void +-ADD_KX (gnutls_session_t session, int kx) +-{ +- static int _kx_priority[] = { 0, 0 }; +- _kx_priority[0] = kx; +- +- gnutls_kx_set_priority (session, _kx_priority); +-} +- +-static void +-ADD_KX2 (gnutls_session_t session, int kx1, int kx2) +-{ +- static int _kx_priority[] = { 0, 0, 0 }; +- _kx_priority[0] = kx1; +- _kx_priority[1] = kx2; +- +- gnutls_kx_set_priority (session, _kx_priority); +-} +- +-static void +-ADD_CIPHER (gnutls_session_t session, int cipher) +-{ +- static int _cipher_priority[] = { 0, 0 }; +- _cipher_priority[0] = cipher; +- +- gnutls_cipher_set_priority (session, _cipher_priority); +-} +- +-static void +-ADD_CIPHER4 (gnutls_session_t session, int cipher1, int cipher2, int cipher3, +- int cipher4) +-{ +- static int _cipher_priority[] = { 0, 0, 0, 0, 0 }; +- _cipher_priority[0] = cipher1; +- _cipher_priority[1] = cipher2; +- _cipher_priority[2] = cipher3; +- _cipher_priority[3] = cipher4; +- +- gnutls_cipher_set_priority (session, _cipher_priority); +-} +- +-static void +-ADD_MAC (gnutls_session_t session, int mac) +-{ +- static int _mac_priority[] = { 0, 0 }; +- _mac_priority[0] = mac; +- +- gnutls_mac_set_priority (session, _mac_priority); +-} +- +-static void +-ADD_COMP (gnutls_session_t session, int c) +-{ +- static int _comp_priority[] = { 0, 0 }; +- _comp_priority[0] = c; +- +- gnutls_compression_set_priority (session, _comp_priority); +-} +- +-static void +-ADD_CERTTYPE (gnutls_session_t session, int ctype) +-{ +- static int _ct_priority[] = { 0, 0 }; +- _ct_priority[0] = ctype; +- +- gnutls_certificate_type_set_priority (session, _ct_priority); +-} +- +-static void +-ADD_PROTOCOL (gnutls_session_t session, int protocol) +-{ +- static int _proto_priority[] = { 0, 0 }; +- _proto_priority[0] = protocol; +- +- gnutls_protocol_set_priority (session, _proto_priority); +-} +- +-static void +-ADD_PROTOCOL3 (gnutls_session_t session, int p1, int p2, int p3) +-{ +- static int _proto_priority[] = { 0, 0, 0, 0 }; +- _proto_priority[0] = p1; +- _proto_priority[1] = p2; +- _proto_priority[2] = p3; +- +- gnutls_protocol_set_priority (session, _proto_priority); +-} +- +-#ifdef ENABLE_SRP +-static int srp_detected; +- +-int +-_test_srp_username_callback (gnutls_session_t session, +- char **username, char **password) +-{ +- srp_detected = 1; +- +- return -1; +-} +- +-test_code_t +-test_srp (gnutls_session_t session) +-{ +- int ret; +- +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- +- ADD_KX (session, GNUTLS_KX_SRP); +- srp_detected = 0; +- +- gnutls_srp_set_client_credentials_function (srp_cred, +- _test_srp_username_callback); +- +- gnutls_credentials_set (session, GNUTLS_CRD_SRP, srp_cred); +- +- ret = do_handshake (session); +- +- gnutls_srp_set_client_credentials_function (srp_cred, NULL); +- +- if (srp_detected != 0) +- return TEST_SUCCEED; +- else +- return TEST_FAILED; ++#define ALL_CIPHERS "+3DES-CBC:+ARCFOUR-128:+ARCFOUR-40" ++#define ALL_COMP "+COMP-NULL" ++#define ALL_MACS "+SHA1:+MD5" ++#define ALL_CERTTYPES "+CTYPE-X509" ++#define REST "%%UNSAFE_RENEGOTIATION" ++#define ALL_KX "+RSA:+DHE-RSA:+DHE-DSS:+ANON-DH:+RSA-EXPORT" ++#define INIT_STR "NONE:" ++ ++static inline void _gnutls_priority_set_direct(gnutls_session_t session, const char* str) ++{ ++ const char* err; ++ int ret = gnutls_priority_set_direct(session, str, &err); ++ ++ if (ret < 0) ++ { ++ fprintf(stderr, "Error in %s\n", err); ++ exit(1); ++ } + } +-#endif + + test_code_t + test_server (gnutls_session_t session) +@@ -269,12 +140,8 @@ test_server (gnutls_session_t session) + + buf[sizeof (buf) - 1] = 0; + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + +@@ -318,13 +185,9 @@ test_export (gnutls_session_t session) + { + int ret; + +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); ++ sprintf(prio_str, INIT_STR "+ARCFOUR-40:+RSA-EXPORT:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + +- ADD_KX (session, GNUTLS_KX_RSA_EXPORT); +- ADD_CIPHER (session, GNUTLS_CIPHER_ARCFOUR_40); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -348,13 +211,9 @@ test_export_info (gnutls_session_t sessi + if (verbose == 0 || export_true == 0) + return TEST_IGNORE; + +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); ++ sprintf(prio_str, INIT_STR "+ARCFOUR-40:+RSA-EXPORT:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + +- ADD_KX (session, GNUTLS_KX_RSA_EXPORT); +- ADD_CIPHER (session, GNUTLS_CIPHER_ARCFOUR_40); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -395,13 +254,9 @@ test_dhe (gnutls_session_t session) + { + int ret; + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":+DHE-RSA:+DHE-DSS:" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + +- ADD_KX2 (session, GNUTLS_KX_DHE_RSA, GNUTLS_KX_DHE_DSS); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -411,6 +266,37 @@ test_dhe (gnutls_session_t session) + return ret; + } + ++ ++test_code_t ++test_safe_renegotiation (gnutls_session_t session) ++{ ++ int ret; ++ ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":%%SAFE_RENEGOTIATION", protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); ++ ++ gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); ++ ++ ret = do_handshake (session); ++ ++ return ret; ++} ++ ++test_code_t ++test_safe_renegotiation_scsv (gnutls_session_t session) ++{ ++ int ret; ++ ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":+VERS-SSL3.0:" ALL_MACS ":" ALL_KX ":%%SAFE_RENEGOTIATION"); ++ _gnutls_priority_set_direct (session, prio_str); ++ ++ gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); ++ ++ ret = do_handshake (session); ++ ++ return ret; ++} ++ + test_code_t + test_dhe_group (gnutls_session_t session) + { +@@ -421,13 +307,8 @@ test_dhe_group (gnutls_session_t session + if (verbose == 0 || pubkey.data == NULL) + return TEST_IGNORE; + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":+DHE-RSA:+DHE-DSS:" REST, protocol_str); + +- ADD_KX2 (session, GNUTLS_KX_DHE_RSA, GNUTLS_KX_DHE_DSS); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -463,12 +344,9 @@ test_code_t + test_ssl3 (gnutls_session_t session) + { + int ret; +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_PROTOCOL (session, GNUTLS_SSL3); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":+VERS-SSL3.0:" ALL_MACS ":" ALL_KX ":" REST); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -496,12 +374,9 @@ test_bye (gnutls_session_t session) + signal (SIGALRM, got_alarm); + #endif + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -548,12 +423,10 @@ test_code_t + test_aes (gnutls_session_t session) + { + int ret; +- ADD_CIPHER (session, GNUTLS_CIPHER_AES_128_CBC); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR "+AES-128-CBC:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST , protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -565,12 +438,10 @@ test_code_t + test_camellia (gnutls_session_t session) + { + int ret; +- ADD_CIPHER (session, GNUTLS_CIPHER_CAMELLIA_128_CBC); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR "+CAMELLIA-128-CBC:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -582,12 +453,10 @@ test_code_t + test_openpgp1 (gnutls_session_t session) + { + int ret; +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_CERTTYPE (session, GNUTLS_CRT_OPENPGP); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":+CTYPE-OPENPGP:%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -604,18 +473,16 @@ test_code_t + test_unknown_ciphersuites (gnutls_session_t session) + { + int ret; ++ ++ + #ifdef ENABLE_CAMELLIA +- ADD_CIPHER4 (session, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_CIPHER_3DES_CBC, +- GNUTLS_CIPHER_CAMELLIA_128_CBC, GNUTLS_CIPHER_ARCFOUR_128); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + #else +- ADD_CIPHER4 (session, GNUTLS_CIPHER_AES_128_CBC, GNUTLS_CIPHER_3DES_CBC, +- GNUTLS_CIPHER_ARCFOUR_128, 0); ++ sprintf(prio_str, INIT_STR "+AES-128-CBC:" ALL_CIPHERS ":"ALL_COMP":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + #endif +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -626,12 +493,10 @@ test_code_t + test_md5 (gnutls_session_t session) + { + int ret; +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_MAC (session, GNUTLS_MAC_MD5); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR "+AES-128-CBC:" ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:+MD5:" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -643,12 +508,10 @@ test_code_t + test_zlib (gnutls_session_t session) + { + int ret; +- ADD_ALL_CIPHERS (session); +- ADD_COMP (session, GNUTLS_COMP_ZLIB); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":+COMP-ZLIB:" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -657,34 +520,25 @@ test_zlib (gnutls_session_t session) + #endif + + test_code_t +-test_lzo (gnutls_session_t session) ++test_sha (gnutls_session_t session) + { + int ret; +- gnutls_handshake_set_private_extensions (session, 1); + +- ADD_ALL_CIPHERS (session); +- ADD_COMP (session, GNUTLS_COMP_LZO); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR "+AES-128-CBC:" ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:+SHA1:" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +- + return ret; + } + + test_code_t +-test_sha (gnutls_session_t session) ++test_3des (gnutls_session_t session) + { + int ret; +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_MAC (session, GNUTLS_MAC_SHA1); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR "+3DES-CBC:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -692,15 +546,12 @@ test_sha (gnutls_session_t session) + } + + test_code_t +-test_3des (gnutls_session_t session) ++test_arcfour (gnutls_session_t session) + { + int ret; +- ADD_CIPHER (session, GNUTLS_CIPHER_3DES_CBC); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR "+ARCFOUR-128:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -708,15 +559,13 @@ test_3des (gnutls_session_t session) + } + + test_code_t +-test_arcfour (gnutls_session_t session) ++test_arcfour_40 (gnutls_session_t session) + { + int ret; +- ADD_CIPHER (session, GNUTLS_CIPHER_ARCFOUR_128); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR "+ARCFOUR-40:" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" "+RSA-EXPORT" ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -724,36 +573,36 @@ test_arcfour (gnutls_session_t session) + } + + test_code_t +-test_arcfour_40 (gnutls_session_t session) ++test_tls1 (gnutls_session_t session) + { + int ret; +- ADD_CIPHER (session, GNUTLS_CIPHER_ARCFOUR_40); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":+VERS-TLS1.0:" ALL_MACS ":" ALL_KX ":" REST); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); ++ if (ret == TEST_SUCCEED) ++ tls1_ok = 1; ++ + return ret; ++ + } + + test_code_t +-test_tls1 (gnutls_session_t session) ++test_tls1_2 (gnutls_session_t session) + { + int ret; +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_PROTOCOL (session, GNUTLS_TLS1); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":+VERS-TLS1.2:" ALL_MACS ":" ALL_KX ":" REST); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); + if (ret == TEST_SUCCEED) +- tls1_ok = 1; ++ tls1_2_ok = 1; + + return ret; + +@@ -763,12 +612,10 @@ test_code_t + test_tls1_1 (gnutls_session_t session) + { + int ret; +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_PROTOCOL (session, GNUTLS_TLS1_1); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":+VERS-TLS1.1:" ALL_MACS ":" ALL_KX ":" REST); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -786,12 +633,9 @@ test_tls1_1_fallback (gnutls_session_t s + if (tls1_1_ok) + return TEST_IGNORE; + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_PROTOCOL3 (session, GNUTLS_TLS1_1, GNUTLS_TLS1, GNUTLS_SSL3); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":+VERS-TLS1.1:+VERS-TLS1.0:+VERS-SSL3.0:" ALL_MACS ":" ALL_KX ":" REST); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -817,12 +661,9 @@ test_tls_disable (gnutls_session_t sessi + if (tls1_ok != 0) + return TEST_IGNORE; + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); ++ + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -831,8 +672,7 @@ test_tls_disable (gnutls_session_t sessi + /* disable TLS 1.0 */ + if (ssl3_ok != 0) + { +- protocol_priority[0] = GNUTLS_SSL3; +- protocol_priority[1] = 0; ++ strcpy(protocol_str, "+VERS-SSL3.0"); + } + } + return ret; +@@ -849,12 +689,8 @@ test_rsa_pms (gnutls_session_t session) + * If the server is old, buggy and only supports + * SSL 3.0 then the handshake will fail. + */ +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_KX (session, GNUTLS_KX_RSA); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":+RSA:" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + + ret = do_handshake (session); +@@ -870,12 +706,8 @@ test_code_t + test_max_record_size (gnutls_session_t session) + { + int ret; +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + gnutls_record_set_max_size (session, 512); + +@@ -894,12 +726,9 @@ test_code_t + test_hello_extension (gnutls_session_t session) + { + int ret; +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + gnutls_record_set_max_size (session, 512); + +@@ -925,12 +754,8 @@ test_version_rollback (gnutls_session_t + * attacks which allow a version downgrade) and this + * connection will fail. + */ +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + _gnutls_record_set_default_version (session, 3, 0); + +@@ -955,12 +780,8 @@ test_version_oob (gnutls_session_t sessi + /* here we enable both SSL 3.0 and TLS 1.0 + * and we connect using a 5.5 record version. + */ +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + _gnutls_record_set_default_version (session, 5, 5); + +@@ -980,12 +801,8 @@ test_rsa_pms_version_check (gnutls_sessi + * + * A normal server would abort this handshake. + */ +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + _gnutls_rsa_pms_set_version (session, 5, 5); /* use SSL 5.5 version */ + +@@ -1000,12 +817,8 @@ test_anonymous (gnutls_session_t session + { + int ret; + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_KX (session, GNUTLS_KX_ANON_DH); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":+ANON-DH:" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + gnutls_credentials_set (session, GNUTLS_CRD_ANON, anon_cred); + + ret = do_handshake (session); +@@ -1027,12 +840,8 @@ test_session_resume2 (gnutls_session_t s + if (session == NULL) + return TEST_IGNORE; + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + gnutls_credentials_set (session, GNUTLS_CRD_ANON, anon_cred); +@@ -1074,12 +883,8 @@ test_certificate (gnutls_session_t sessi + if (verbose == 0) + return TEST_IGNORE; + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + +@@ -1143,12 +948,8 @@ test_server_cas (gnutls_session_t sessio + if (verbose == 0) + return TEST_IGNORE; + +- ADD_ALL_CIPHERS (session); +- ADD_ALL_COMP (session); +- ADD_ALL_CERTTYPES (session); +- ADD_ALL_PROTOCOLS (session); +- ADD_ALL_MACS (session); +- ADD_ALL_KX (session); ++ sprintf(prio_str, INIT_STR ALL_CIPHERS ":" ALL_COMP ":" ALL_CERTTYPES ":%s:" ALL_MACS ":" ALL_KX ":" REST, protocol_str); ++ _gnutls_priority_set_direct (session, prio_str); + + gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred); + gnutls_certificate_client_set_retrieve_function (xcred, cert_callback); +--- a/src/tests.h 2009-06-02 ++++ b/src/tests.h 2013-09-26 +@@ -3,7 +3,6 @@ typedef enum + TEST_SUCCEED, TEST_FAILED, TEST_UNSURE, TEST_IGNORE + } test_code_t; + +-test_code_t test_srp (gnutls_session_t state); + test_code_t test_server (gnutls_session_t state); + test_code_t test_export (gnutls_session_t state); + test_code_t test_export_info (gnutls_session_t state); +@@ -21,7 +20,10 @@ test_code_t test_3des (gnutls_session_t + test_code_t test_arcfour (gnutls_session_t state); + test_code_t test_arcfour_40 (gnutls_session_t state); + test_code_t test_tls1 (gnutls_session_t state); ++test_code_t test_safe_renegotiation (gnutls_session_t state); ++test_code_t test_safe_renegotiation_scsv (gnutls_session_t state); + test_code_t test_tls1_1 (gnutls_session_t state); ++test_code_t test_tls1_2 (gnutls_session_t state); + test_code_t test_tls1_1_fallback (gnutls_session_t state); + test_code_t test_tls_disable (gnutls_session_t state); + test_code_t test_rsa_pms (gnutls_session_t state); +@@ -37,6 +39,5 @@ test_code_t test_session_resume2 (gnutls + test_code_t test_rsa_pms_version_check (gnutls_session_t session); + test_code_t test_version_oob (gnutls_session_t session); + test_code_t test_zlib (gnutls_session_t session); +-test_code_t test_lzo (gnutls_session_t session); + int _test_srp_username_callback (gnutls_session_t session, + char **username, char **password); +--- a/src/tls_test.c 2009-06-02 ++++ b/src/tls_test.c 2013-09-26 +@@ -79,6 +79,9 @@ typedef struct + } TLS_TEST; + + static const TLS_TEST tls_tests[] = { ++ {"for Safe renegotiation support", test_safe_renegotiation, "yes", "no", "dunno"}, ++ {"for Safe renegotiation support (SCSV)", test_safe_renegotiation_scsv, "yes", "no", "dunno"}, ++ {"for TLS 1.2 support", test_tls1_2, "yes", "no", "dunno"}, + {"for TLS 1.1 support", test_tls1_1, "yes", "no", "dunno"}, + {"fallback from TLS 1.1 to", test_tls1_1_fallback, "TLS 1.0", "failed", + "SSL 3.0"}, +@@ -139,14 +142,8 @@ static const TLS_TEST tls_tests[] = { + {"for ZLIB compression support (TLS extension)", test_zlib, "yes", + "no", "dunno"}, + #endif +- {"for LZO compression support (GnuTLS extension)", test_lzo, "yes", +- "no", "dunno"}, + {"for max record size (TLS extension)", test_max_record_size, "yes", + "no", "dunno"}, +-#ifdef ENABLE_SRP +- {"for SRP authentication support (TLS extension)", test_srp, "yes", +- "no", "dunno"}, +-#endif + {"for OpenPGP authentication support (TLS extension)", test_openpgp1, + "yes", "no", "dunno"}, + {NULL, NULL, NULL, NULL, NULL} +@@ -233,7 +230,7 @@ main (int argc, char **argv) + + /* if neither of SSL3 and TLSv1 are supported, exit + */ +- if (i > 3 && tls1_1_ok == 0 && tls1_ok == 0 && ssl3_ok == 0) ++ if (i > 6 && tls1_1_ok == 0 && tls1_ok == 0 && ssl3_ok == 0) + { + fprintf (stderr, + "\nServer does not support any of SSL 3.0, TLS 1.0 and TLS 1.1\n"); +--- a/tests/Makefile.am 2010-01-24 ++++ b/tests/Makefile.am 2013-09-26 +@@ -20,7 +20,7 @@ + # Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + + SUBDIRS = . rsa-md5-collision pkcs1-padding pkcs8-decode pkcs12-decode \ +- userid pathlen key-id sha2 ++ userid pathlen key-id sha2 safe-renegotiation + + if ENABLE_OPENPGP + SUBDIRS += openpgp-certs +--- a/tests/Makefile.in 2010-03-15 ++++ b/tests/Makefile.in 2013-09-26 +@@ -388,7 +388,7 @@ CTAGS = ctags + am__tty_colors = \ + red=; grn=; lgn=; blu=; std= + DIST_SUBDIRS = . rsa-md5-collision pkcs1-padding pkcs8-decode \ +- pkcs12-decode userid pathlen key-id sha2 openpgp-certs ++ pkcs12-decode userid pathlen key-id sha2 openpgp-certs safe-renegotiation + DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) + am__relativize = \ + dir0=`pwd`; \ +@@ -936,7 +936,7 @@ top_build_prefix = @top_build_prefix@ + top_builddir = @top_builddir@ + top_srcdir = @top_srcdir@ + SUBDIRS = . rsa-md5-collision pkcs1-padding pkcs8-decode pkcs12-decode \ +- userid pathlen key-id sha2 $(am__append_1) ++ userid pathlen key-id sha2 safe-renegotiation $(am__append_1) + EXTRA_DIST = libgcrypt.supp hostname-check.README + AM_CFLAGS = $(WARN_CFLAGS) $(WERROR_CFLAGS) + AM_CPPFLAGS = -I$(top_srcdir)/gl -I$(top_builddir)/gl \ +--- a/tests/resume.c 2009-06-02 ++++ b/tests/resume.c 2013-09-26 +@@ -47,6 +47,8 @@ static int wrap_db_store (void *dbf, gnu + static gnutls_datum_t wrap_db_fetch (void *dbf, gnutls_datum_t key); + static int wrap_db_delete (void *dbf, gnutls_datum_t key); + ++pid_t child; ++ + #define TLS_SESSION_CACHE 50 + + /* A very basic TLS client, with anonymous authentication. +@@ -56,6 +58,12 @@ static int wrap_db_delete (void *dbf, gn + #define MSG "Hello TLS" + + static void ++tls_log_func (int level, const char *str) ++{ ++ fprintf (stderr, "%s |<%d>| %s", child ? "server" : "client", level, str); ++} ++ ++static void + client (void) + { + int ret, sd, ii; +@@ -70,6 +78,11 @@ client (void) + int t; + gnutls_datum session_data; + ++ if (debug) ++ { ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (2); ++ } + gnutls_global_init (); + + gnutls_anon_allocate_client_credentials (&anoncred); +@@ -298,8 +311,13 @@ server (void) + + /* this must be called once in the program, it is mostly for the server. + */ +- gnutls_global_init (); ++ if (debug) ++ { ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (2); ++ } + ++ gnutls_global_init (); + gnutls_anon_allocate_server_credentials (&anoncred); + + success ("Launched, generating DH parameters...\n"); +@@ -385,8 +403,6 @@ server (void) + void + doit (void) + { +- pid_t child; +- + global_start (); + if (error_count) + return; +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/Makefile.am 2013-09-26 +@@ -0,0 +1,37 @@ ++## Process this file with automake to produce Makefile.in ++# Copyright (C) 2010 Free Software Foundation, Inc. ++# ++# This file is part of GnuTLS. ++# ++# This file is free software; you can redistribute it and/or modify it ++# under the terms of the GNU General Public License as published by ++# the Free Software Foundation; either version 3 of the License, or ++# (at your option) any later version. ++# ++# This file is distributed in the hope that it will be useful, but ++# WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++# General Public License for more details. ++# ++# You should have received a copy of the GNU General Public License ++# along with this file; if not, write to the Free Software Foundation, ++# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. ++ ++AM_CFLAGS = $(WARN_CFLAGS) $(WERROR_CFLAGS) ++AM_CPPFLAGS = \ ++ -I$(top_srcdir)/lib/includes \ ++ -I$(top_builddir)/lib/includes ++ ++AM_LDFLAGS = -no-install ++LDADD = ../../lib/libgnutls.la $(LTLIBGCRYPT) $(LIBSOCKET) ++ ++ctests = srn0 srn1 srn2 srn3 srn4 srn5 srn6 srn7 ++ ++check_PROGRAMS = $(ctests) ++TESTS = $(ctests) ++TESTS_ENVIRONMENT = $(VALGRIND) ++ ++EXTRA_DIST = README params.dh ++ ++dist_check_SCRIPTS = testsrn ++#TESTS = testsrn +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/Makefile.in 2013-09-26 +@@ -0,0 +1,1299 @@ ++# Makefile.in generated by automake 1.11.1 from Makefile.am. ++# @configure_input@ ++ ++# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, ++# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, ++# Inc. ++# This Makefile.in is free software; the Free Software Foundation ++# gives unlimited permission to copy and/or distribute it, ++# with or without modifications, as long as this notice is preserved. ++ ++# This program is distributed in the hope that it will be useful, ++# but WITHOUT ANY WARRANTY, to the extent permitted by law; without ++# even the implied warranty of MERCHANTABILITY or FITNESS FOR A ++# PARTICULAR PURPOSE. ++ ++@SET_MAKE@ ++ ++# Copyright (C) 2010 Free Software Foundation, Inc. ++# ++# This file is part of GnuTLS. ++# ++# This file is free software; you can redistribute it and/or modify it ++# under the terms of the GNU General Public License as published by ++# the Free Software Foundation; either version 3 of the License, or ++# (at your option) any later version. ++# ++# This file is distributed in the hope that it will be useful, but ++# WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++# General Public License for more details. ++# ++# You should have received a copy of the GNU General Public License ++# along with this file; if not, write to the Free Software Foundation, ++# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. ++VPATH = @srcdir@ ++pkgdatadir = $(datadir)/@PACKAGE@ ++pkgincludedir = $(includedir)/@PACKAGE@ ++pkglibdir = $(libdir)/@PACKAGE@ ++pkglibexecdir = $(libexecdir)/@PACKAGE@ ++am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd ++install_sh_DATA = $(install_sh) -c -m 644 ++install_sh_PROGRAM = $(install_sh) -c ++install_sh_SCRIPT = $(install_sh) -c ++INSTALL_HEADER = $(INSTALL_DATA) ++transform = $(program_transform_name) ++NORMAL_INSTALL = : ++PRE_INSTALL = : ++POST_INSTALL = : ++NORMAL_UNINSTALL = : ++PRE_UNINSTALL = : ++POST_UNINSTALL = : ++build_triplet = @build@ ++host_triplet = @host@ ++check_PROGRAMS = $(am__EXEEXT_1) ++TESTS = $(am__EXEEXT_1) ++subdir = tests/safe-renegotiation ++DIST_COMMON = README $(dist_check_SCRIPTS) $(srcdir)/Makefile.am \ ++ $(srcdir)/Makefile.in ++ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 ++am__aclocal_m4_deps = $(top_srcdir)/libextra/m4/hooks.m4 \ ++ $(top_srcdir)/lib/m4/hooks.m4 $(top_srcdir)/lib/gl/m4/po.m4 \ ++ $(top_srcdir)/gl/m4/00gnulib.m4 $(top_srcdir)/gl/m4/alloca.m4 \ ++ $(top_srcdir)/gl/m4/arpa_inet_h.m4 \ ++ $(top_srcdir)/gl/m4/asm-underscore.m4 \ ++ $(top_srcdir)/gl/m4/autobuild.m4 \ ++ $(top_srcdir)/gl/m4/clock_time.m4 $(top_srcdir)/gl/m4/close.m4 \ ++ $(top_srcdir)/gl/m4/errno_h.m4 $(top_srcdir)/gl/m4/error.m4 \ ++ $(top_srcdir)/gl/m4/extensions.m4 \ ++ $(top_srcdir)/gl/m4/fclose.m4 $(top_srcdir)/gl/m4/float_h.m4 \ ++ $(top_srcdir)/gl/m4/fseeko.m4 \ ++ $(top_srcdir)/gl/m4/getaddrinfo.m4 \ ++ $(top_srcdir)/gl/m4/getdelim.m4 $(top_srcdir)/gl/m4/getline.m4 \ ++ $(top_srcdir)/gl/m4/getpass.m4 $(top_srcdir)/gl/m4/gettime.m4 \ ++ $(top_srcdir)/gl/m4/gettimeofday.m4 \ ++ $(top_srcdir)/gl/m4/gnulib-common.m4 \ ++ $(top_srcdir)/gl/m4/gnulib-comp.m4 \ ++ $(top_srcdir)/gl/m4/hostent.m4 \ ++ $(top_srcdir)/gl/m4/include_next.m4 \ ++ $(top_srcdir)/gl/m4/inet_ntop.m4 \ ++ $(top_srcdir)/gl/m4/inet_pton.m4 \ ++ $(top_srcdir)/gl/m4/intmax_t.m4 \ ++ $(top_srcdir)/gl/m4/inttypes_h.m4 $(top_srcdir)/gl/m4/ioctl.m4 \ ++ $(top_srcdir)/gl/m4/lib-ld.m4 $(top_srcdir)/gl/m4/lib-link.m4 \ ++ $(top_srcdir)/gl/m4/lib-prefix.m4 \ ++ $(top_srcdir)/gl/m4/longlong.m4 $(top_srcdir)/gl/m4/lseek.m4 \ ++ $(top_srcdir)/gl/m4/malloc.m4 \ ++ $(top_srcdir)/gl/m4/manywarnings.m4 \ ++ $(top_srcdir)/gl/m4/memchr.m4 $(top_srcdir)/gl/m4/minmax.m4 \ ++ $(top_srcdir)/gl/m4/mmap-anon.m4 \ ++ $(top_srcdir)/gl/m4/multiarch.m4 \ ++ $(top_srcdir)/gl/m4/netdb_h.m4 \ ++ $(top_srcdir)/gl/m4/netinet_in_h.m4 \ ++ $(top_srcdir)/gl/m4/onceonly_2_57.m4 \ ++ $(top_srcdir)/gl/m4/perror.m4 $(top_srcdir)/gl/m4/printf.m4 \ ++ $(top_srcdir)/gl/m4/read-file.m4 \ ++ $(top_srcdir)/gl/m4/readline.m4 $(top_srcdir)/gl/m4/realloc.m4 \ ++ $(top_srcdir)/gl/m4/select.m4 $(top_srcdir)/gl/m4/servent.m4 \ ++ $(top_srcdir)/gl/m4/size_max.m4 \ ++ $(top_srcdir)/gl/m4/snprintf.m4 $(top_srcdir)/gl/m4/sockets.m4 \ ++ $(top_srcdir)/gl/m4/socklen.m4 $(top_srcdir)/gl/m4/sockpfaf.m4 \ ++ $(top_srcdir)/gl/m4/stdarg.m4 $(top_srcdir)/gl/m4/stdbool.m4 \ ++ $(top_srcdir)/gl/m4/stddef_h.m4 $(top_srcdir)/gl/m4/stdint.m4 \ ++ $(top_srcdir)/gl/m4/stdint_h.m4 $(top_srcdir)/gl/m4/stdio_h.m4 \ ++ $(top_srcdir)/gl/m4/stdlib_h.m4 \ ++ $(top_srcdir)/gl/m4/strerror.m4 \ ++ $(top_srcdir)/gl/m4/string_h.m4 \ ++ $(top_srcdir)/gl/m4/sys_ioctl_h.m4 \ ++ $(top_srcdir)/gl/m4/sys_select_h.m4 \ ++ $(top_srcdir)/gl/m4/sys_socket_h.m4 \ ++ $(top_srcdir)/gl/m4/sys_stat_h.m4 \ ++ $(top_srcdir)/gl/m4/sys_time_h.m4 \ ++ $(top_srcdir)/gl/m4/time_h.m4 $(top_srcdir)/gl/m4/timespec.m4 \ ++ $(top_srcdir)/gl/m4/ungetc.m4 $(top_srcdir)/gl/m4/unistd_h.m4 \ ++ $(top_srcdir)/gl/m4/valgrind-tests.m4 \ ++ $(top_srcdir)/gl/m4/vasnprintf.m4 \ ++ $(top_srcdir)/gl/m4/version-etc.m4 \ ++ $(top_srcdir)/gl/m4/warn-on-use.m4 \ ++ $(top_srcdir)/gl/m4/warnings.m4 $(top_srcdir)/gl/m4/wchar_h.m4 \ ++ $(top_srcdir)/gl/m4/wchar_t.m4 $(top_srcdir)/gl/m4/wint_t.m4 \ ++ $(top_srcdir)/gl/m4/xsize.m4 $(top_srcdir)/m4/gtk-doc.m4 \ ++ $(top_srcdir)/m4/guile.m4 $(top_srcdir)/m4/libtool.m4 \ ++ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ ++ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ ++ $(top_srcdir)/m4/pkg.m4 $(top_srcdir)/configure.ac ++am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ ++ $(ACLOCAL_M4) ++mkinstalldirs = $(install_sh) -d ++CONFIG_HEADER = $(top_builddir)/config.h ++CONFIG_CLEAN_FILES = ++CONFIG_CLEAN_VPATH_FILES = ++am__EXEEXT_1 = srn0$(EXEEXT) srn1$(EXEEXT) srn2$(EXEEXT) srn3$(EXEEXT) \ ++ srn4$(EXEEXT) srn5$(EXEEXT) srn6$(EXEEXT) srn7$(EXEEXT) ++srn0_SOURCES = srn0.c ++srn0_OBJECTS = srn0.$(OBJEXT) ++srn0_LDADD = $(LDADD) ++am__DEPENDENCIES_1 = ++srn0_DEPENDENCIES = ../../lib/libgnutls.la $(am__DEPENDENCIES_1) \ ++ $(am__DEPENDENCIES_1) ++srn1_SOURCES = srn1.c ++srn1_OBJECTS = srn1.$(OBJEXT) ++srn1_LDADD = $(LDADD) ++srn1_DEPENDENCIES = ../../lib/libgnutls.la $(am__DEPENDENCIES_1) \ ++ $(am__DEPENDENCIES_1) ++srn2_SOURCES = srn2.c ++srn2_OBJECTS = srn2.$(OBJEXT) ++srn2_LDADD = $(LDADD) ++srn2_DEPENDENCIES = ../../lib/libgnutls.la $(am__DEPENDENCIES_1) \ ++ $(am__DEPENDENCIES_1) ++srn3_SOURCES = srn3.c ++srn3_OBJECTS = srn3.$(OBJEXT) ++srn3_LDADD = $(LDADD) ++srn3_DEPENDENCIES = ../../lib/libgnutls.la $(am__DEPENDENCIES_1) \ ++ $(am__DEPENDENCIES_1) ++srn4_SOURCES = srn4.c ++srn4_OBJECTS = srn4.$(OBJEXT) ++srn4_LDADD = $(LDADD) ++srn4_DEPENDENCIES = ../../lib/libgnutls.la $(am__DEPENDENCIES_1) \ ++ $(am__DEPENDENCIES_1) ++srn5_SOURCES = srn5.c ++srn5_OBJECTS = srn5.$(OBJEXT) ++srn5_LDADD = $(LDADD) ++srn5_DEPENDENCIES = ../../lib/libgnutls.la $(am__DEPENDENCIES_1) \ ++ $(am__DEPENDENCIES_1) ++srn6_SOURCES = srn6.c ++srn6_OBJECTS = srn6.$(OBJEXT) ++srn6_LDADD = $(LDADD) ++srn6_DEPENDENCIES = ../../lib/libgnutls.la $(am__DEPENDENCIES_1) \ ++ $(am__DEPENDENCIES_1) ++srn7_SOURCES = srn7.c ++srn7_OBJECTS = srn7.$(OBJEXT) ++srn7_LDADD = $(LDADD) ++srn7_DEPENDENCIES = ../../lib/libgnutls.la $(am__DEPENDENCIES_1) \ ++ $(am__DEPENDENCIES_1) ++DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) ++depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp ++am__depfiles_maybe = depfiles ++am__mv = mv -f ++COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ ++ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) ++LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ ++ --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ ++ $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) ++CCLD = $(CC) ++LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ ++ --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ ++ $(LDFLAGS) -o $@ ++SOURCES = srn0.c srn1.c srn2.c srn3.c srn4.c srn5.c srn6.c srn7.c ++DIST_SOURCES = srn0.c srn1.c srn2.c srn3.c srn4.c srn5.c srn6.c srn7.c ++ETAGS = etags ++CTAGS = ctags ++am__tty_colors = \ ++red=; grn=; lgn=; blu=; std= ++DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ++ACLOCAL = @ACLOCAL@ ++ALLOCA = @ALLOCA@ ++ALLOCA_H = @ALLOCA_H@ ++AMTAR = @AMTAR@ ++APPLE_UNIVERSAL_BUILD = @APPLE_UNIVERSAL_BUILD@ ++AR = @AR@ ++AS = @AS@ ++ASM_SYMBOL_PREFIX = @ASM_SYMBOL_PREFIX@ ++AUTOCONF = @AUTOCONF@ ++AUTOHEADER = @AUTOHEADER@ ++AUTOMAKE = @AUTOMAKE@ ++AWK = @AWK@ ++BITSIZEOF_PTRDIFF_T = @BITSIZEOF_PTRDIFF_T@ ++BITSIZEOF_SIG_ATOMIC_T = @BITSIZEOF_SIG_ATOMIC_T@ ++BITSIZEOF_SIZE_T = @BITSIZEOF_SIZE_T@ ++BITSIZEOF_WCHAR_T = @BITSIZEOF_WCHAR_T@ ++BITSIZEOF_WINT_T = @BITSIZEOF_WINT_T@ ++CC = @CC@ ++CCDEPMODE = @CCDEPMODE@ ++CFLAGS = @CFLAGS@ ++CONFIG_INCLUDE = @CONFIG_INCLUDE@ ++CPP = @CPP@ ++CPPFLAGS = @CPPFLAGS@ ++CXX = @CXX@ ++CXXCPP = @CXXCPP@ ++CXXDEPMODE = @CXXDEPMODE@ ++CXXFLAGS = @CXXFLAGS@ ++CYGPATH_W = @CYGPATH_W@ ++DEFS = @DEFS@ ++DEPDIR = @DEPDIR@ ++DLLTOOL = @DLLTOOL@ ++DLL_VERSION = @DLL_VERSION@ ++DSYMUTIL = @DSYMUTIL@ ++DUMPBIN = @DUMPBIN@ ++ECHO_C = @ECHO_C@ ++ECHO_N = @ECHO_N@ ++ECHO_T = @ECHO_T@ ++EGREP = @EGREP@ ++EMULTIHOP_HIDDEN = @EMULTIHOP_HIDDEN@ ++EMULTIHOP_VALUE = @EMULTIHOP_VALUE@ ++ENOLINK_HIDDEN = @ENOLINK_HIDDEN@ ++ENOLINK_VALUE = @ENOLINK_VALUE@ ++EOVERFLOW_HIDDEN = @EOVERFLOW_HIDDEN@ ++EOVERFLOW_VALUE = @EOVERFLOW_VALUE@ ++ERRNO_H = @ERRNO_H@ ++EXEEXT = @EXEEXT@ ++FGREP = @FGREP@ ++FLOAT_H = @FLOAT_H@ ++GAA = @GAA@ ++GETADDRINFO_LIB = @GETADDRINFO_LIB@ ++GNULIB_ACCEPT = @GNULIB_ACCEPT@ ++GNULIB_ACCEPT4 = @GNULIB_ACCEPT4@ ++GNULIB_ATOLL = @GNULIB_ATOLL@ ++GNULIB_BIND = @GNULIB_BIND@ ++GNULIB_BTOWC = @GNULIB_BTOWC@ ++GNULIB_CALLOC_POSIX = @GNULIB_CALLOC_POSIX@ ++GNULIB_CANONICALIZE_FILE_NAME = @GNULIB_CANONICALIZE_FILE_NAME@ ++GNULIB_CHOWN = @GNULIB_CHOWN@ ++GNULIB_CLOSE = @GNULIB_CLOSE@ ++GNULIB_CONNECT = @GNULIB_CONNECT@ ++GNULIB_DPRINTF = @GNULIB_DPRINTF@ ++GNULIB_DUP2 = @GNULIB_DUP2@ ++GNULIB_DUP3 = @GNULIB_DUP3@ ++GNULIB_ENVIRON = @GNULIB_ENVIRON@ ++GNULIB_EUIDACCESS = @GNULIB_EUIDACCESS@ ++GNULIB_FACCESSAT = @GNULIB_FACCESSAT@ ++GNULIB_FCHDIR = @GNULIB_FCHDIR@ ++GNULIB_FCHMODAT = @GNULIB_FCHMODAT@ ++GNULIB_FCHOWNAT = @GNULIB_FCHOWNAT@ ++GNULIB_FCLOSE = @GNULIB_FCLOSE@ ++GNULIB_FFLUSH = @GNULIB_FFLUSH@ ++GNULIB_FOPEN = @GNULIB_FOPEN@ ++GNULIB_FPRINTF = @GNULIB_FPRINTF@ ++GNULIB_FPRINTF_POSIX = @GNULIB_FPRINTF_POSIX@ ++GNULIB_FPURGE = @GNULIB_FPURGE@ ++GNULIB_FPUTC = @GNULIB_FPUTC@ ++GNULIB_FPUTS = @GNULIB_FPUTS@ ++GNULIB_FREOPEN = @GNULIB_FREOPEN@ ++GNULIB_FSEEK = @GNULIB_FSEEK@ ++GNULIB_FSEEKO = @GNULIB_FSEEKO@ ++GNULIB_FSTATAT = @GNULIB_FSTATAT@ ++GNULIB_FSYNC = @GNULIB_FSYNC@ ++GNULIB_FTELL = @GNULIB_FTELL@ ++GNULIB_FTELLO = @GNULIB_FTELLO@ ++GNULIB_FTRUNCATE = @GNULIB_FTRUNCATE@ ++GNULIB_FUTIMENS = @GNULIB_FUTIMENS@ ++GNULIB_FWRITE = @GNULIB_FWRITE@ ++GNULIB_GETADDRINFO = @GNULIB_GETADDRINFO@ ++GNULIB_GETCWD = @GNULIB_GETCWD@ ++GNULIB_GETDELIM = @GNULIB_GETDELIM@ ++GNULIB_GETDOMAINNAME = @GNULIB_GETDOMAINNAME@ ++GNULIB_GETDTABLESIZE = @GNULIB_GETDTABLESIZE@ ++GNULIB_GETGROUPS = @GNULIB_GETGROUPS@ ++GNULIB_GETHOSTNAME = @GNULIB_GETHOSTNAME@ ++GNULIB_GETLINE = @GNULIB_GETLINE@ ++GNULIB_GETLOADAVG = @GNULIB_GETLOADAVG@ ++GNULIB_GETLOGIN = @GNULIB_GETLOGIN@ ++GNULIB_GETLOGIN_R = @GNULIB_GETLOGIN_R@ ++GNULIB_GETPAGESIZE = @GNULIB_GETPAGESIZE@ ++GNULIB_GETPEERNAME = @GNULIB_GETPEERNAME@ ++GNULIB_GETSOCKNAME = @GNULIB_GETSOCKNAME@ ++GNULIB_GETSOCKOPT = @GNULIB_GETSOCKOPT@ ++GNULIB_GETSUBOPT = @GNULIB_GETSUBOPT@ ++GNULIB_GETTIMEOFDAY = @GNULIB_GETTIMEOFDAY@ ++GNULIB_GETUSERSHELL = @GNULIB_GETUSERSHELL@ ++GNULIB_GRANTPT = @GNULIB_GRANTPT@ ++GNULIB_INET_NTOP = @GNULIB_INET_NTOP@ ++GNULIB_INET_PTON = @GNULIB_INET_PTON@ ++GNULIB_IOCTL = @GNULIB_IOCTL@ ++GNULIB_LCHMOD = @GNULIB_LCHMOD@ ++GNULIB_LCHOWN = @GNULIB_LCHOWN@ ++GNULIB_LINK = @GNULIB_LINK@ ++GNULIB_LINKAT = @GNULIB_LINKAT@ ++GNULIB_LISTEN = @GNULIB_LISTEN@ ++GNULIB_LSEEK = @GNULIB_LSEEK@ ++GNULIB_LSTAT = @GNULIB_LSTAT@ ++GNULIB_MALLOC_POSIX = @GNULIB_MALLOC_POSIX@ ++GNULIB_MBRLEN = @GNULIB_MBRLEN@ ++GNULIB_MBRTOWC = @GNULIB_MBRTOWC@ ++GNULIB_MBSCASECMP = @GNULIB_MBSCASECMP@ ++GNULIB_MBSCASESTR = @GNULIB_MBSCASESTR@ ++GNULIB_MBSCHR = @GNULIB_MBSCHR@ ++GNULIB_MBSCSPN = @GNULIB_MBSCSPN@ ++GNULIB_MBSINIT = @GNULIB_MBSINIT@ ++GNULIB_MBSLEN = @GNULIB_MBSLEN@ ++GNULIB_MBSNCASECMP = @GNULIB_MBSNCASECMP@ ++GNULIB_MBSNLEN = @GNULIB_MBSNLEN@ ++GNULIB_MBSNRTOWCS = @GNULIB_MBSNRTOWCS@ ++GNULIB_MBSPBRK = @GNULIB_MBSPBRK@ ++GNULIB_MBSPCASECMP = @GNULIB_MBSPCASECMP@ ++GNULIB_MBSRCHR = @GNULIB_MBSRCHR@ ++GNULIB_MBSRTOWCS = @GNULIB_MBSRTOWCS@ ++GNULIB_MBSSEP = @GNULIB_MBSSEP@ ++GNULIB_MBSSPN = @GNULIB_MBSSPN@ ++GNULIB_MBSSTR = @GNULIB_MBSSTR@ ++GNULIB_MBSTOK_R = @GNULIB_MBSTOK_R@ ++GNULIB_MEMCHR = @GNULIB_MEMCHR@ ++GNULIB_MEMMEM = @GNULIB_MEMMEM@ ++GNULIB_MEMPCPY = @GNULIB_MEMPCPY@ ++GNULIB_MEMRCHR = @GNULIB_MEMRCHR@ ++GNULIB_MKDIRAT = @GNULIB_MKDIRAT@ ++GNULIB_MKDTEMP = @GNULIB_MKDTEMP@ ++GNULIB_MKFIFO = @GNULIB_MKFIFO@ ++GNULIB_MKFIFOAT = @GNULIB_MKFIFOAT@ ++GNULIB_MKNOD = @GNULIB_MKNOD@ ++GNULIB_MKNODAT = @GNULIB_MKNODAT@ ++GNULIB_MKOSTEMP = @GNULIB_MKOSTEMP@ ++GNULIB_MKOSTEMPS = @GNULIB_MKOSTEMPS@ ++GNULIB_MKSTEMP = @GNULIB_MKSTEMP@ ++GNULIB_MKSTEMPS = @GNULIB_MKSTEMPS@ ++GNULIB_MKTIME = @GNULIB_MKTIME@ ++GNULIB_NANOSLEEP = @GNULIB_NANOSLEEP@ ++GNULIB_OBSTACK_PRINTF = @GNULIB_OBSTACK_PRINTF@ ++GNULIB_OBSTACK_PRINTF_POSIX = @GNULIB_OBSTACK_PRINTF_POSIX@ ++GNULIB_PERROR = @GNULIB_PERROR@ ++GNULIB_PIPE2 = @GNULIB_PIPE2@ ++GNULIB_POPEN = @GNULIB_POPEN@ ++GNULIB_PREAD = @GNULIB_PREAD@ ++GNULIB_PRINTF = @GNULIB_PRINTF@ ++GNULIB_PRINTF_POSIX = @GNULIB_PRINTF_POSIX@ ++GNULIB_PTSNAME = @GNULIB_PTSNAME@ ++GNULIB_PUTC = @GNULIB_PUTC@ ++GNULIB_PUTCHAR = @GNULIB_PUTCHAR@ ++GNULIB_PUTENV = @GNULIB_PUTENV@ ++GNULIB_PUTS = @GNULIB_PUTS@ ++GNULIB_PWRITE = @GNULIB_PWRITE@ ++GNULIB_RANDOM_R = @GNULIB_RANDOM_R@ ++GNULIB_RAWMEMCHR = @GNULIB_RAWMEMCHR@ ++GNULIB_READLINK = @GNULIB_READLINK@ ++GNULIB_READLINKAT = @GNULIB_READLINKAT@ ++GNULIB_REALLOC_POSIX = @GNULIB_REALLOC_POSIX@ ++GNULIB_REALPATH = @GNULIB_REALPATH@ ++GNULIB_RECV = @GNULIB_RECV@ ++GNULIB_RECVFROM = @GNULIB_RECVFROM@ ++GNULIB_REMOVE = @GNULIB_REMOVE@ ++GNULIB_RENAME = @GNULIB_RENAME@ ++GNULIB_RENAMEAT = @GNULIB_RENAMEAT@ ++GNULIB_RMDIR = @GNULIB_RMDIR@ ++GNULIB_RPMATCH = @GNULIB_RPMATCH@ ++GNULIB_SELECT = @GNULIB_SELECT@ ++GNULIB_SEND = @GNULIB_SEND@ ++GNULIB_SENDTO = @GNULIB_SENDTO@ ++GNULIB_SETENV = @GNULIB_SETENV@ ++GNULIB_SETSOCKOPT = @GNULIB_SETSOCKOPT@ ++GNULIB_SHUTDOWN = @GNULIB_SHUTDOWN@ ++GNULIB_SLEEP = @GNULIB_SLEEP@ ++GNULIB_SNPRINTF = @GNULIB_SNPRINTF@ ++GNULIB_SOCKET = @GNULIB_SOCKET@ ++GNULIB_SPRINTF_POSIX = @GNULIB_SPRINTF_POSIX@ ++GNULIB_STAT = @GNULIB_STAT@ ++GNULIB_STDIO_H_SIGPIPE = @GNULIB_STDIO_H_SIGPIPE@ ++GNULIB_STPCPY = @GNULIB_STPCPY@ ++GNULIB_STPNCPY = @GNULIB_STPNCPY@ ++GNULIB_STRCASESTR = @GNULIB_STRCASESTR@ ++GNULIB_STRCHRNUL = @GNULIB_STRCHRNUL@ ++GNULIB_STRDUP = @GNULIB_STRDUP@ ++GNULIB_STRERROR = @GNULIB_STRERROR@ ++GNULIB_STRNCAT = @GNULIB_STRNCAT@ ++GNULIB_STRNDUP = @GNULIB_STRNDUP@ ++GNULIB_STRNLEN = @GNULIB_STRNLEN@ ++GNULIB_STRPBRK = @GNULIB_STRPBRK@ ++GNULIB_STRPTIME = @GNULIB_STRPTIME@ ++GNULIB_STRSEP = @GNULIB_STRSEP@ ++GNULIB_STRSIGNAL = @GNULIB_STRSIGNAL@ ++GNULIB_STRSTR = @GNULIB_STRSTR@ ++GNULIB_STRTOD = @GNULIB_STRTOD@ ++GNULIB_STRTOK_R = @GNULIB_STRTOK_R@ ++GNULIB_STRTOLL = @GNULIB_STRTOLL@ ++GNULIB_STRTOULL = @GNULIB_STRTOULL@ ++GNULIB_STRVERSCMP = @GNULIB_STRVERSCMP@ ++GNULIB_SYMLINK = @GNULIB_SYMLINK@ ++GNULIB_SYMLINKAT = @GNULIB_SYMLINKAT@ ++GNULIB_TIMEGM = @GNULIB_TIMEGM@ ++GNULIB_TIME_R = @GNULIB_TIME_R@ ++GNULIB_TMPFILE = @GNULIB_TMPFILE@ ++GNULIB_TTYNAME_R = @GNULIB_TTYNAME_R@ ++GNULIB_UNISTD_H_GETOPT = @GNULIB_UNISTD_H_GETOPT@ ++GNULIB_UNISTD_H_SIGPIPE = @GNULIB_UNISTD_H_SIGPIPE@ ++GNULIB_UNLINK = @GNULIB_UNLINK@ ++GNULIB_UNLINKAT = @GNULIB_UNLINKAT@ ++GNULIB_UNLOCKPT = @GNULIB_UNLOCKPT@ ++GNULIB_UNSETENV = @GNULIB_UNSETENV@ ++GNULIB_USLEEP = @GNULIB_USLEEP@ ++GNULIB_UTIMENSAT = @GNULIB_UTIMENSAT@ ++GNULIB_VASPRINTF = @GNULIB_VASPRINTF@ ++GNULIB_VDPRINTF = @GNULIB_VDPRINTF@ ++GNULIB_VFPRINTF = @GNULIB_VFPRINTF@ ++GNULIB_VFPRINTF_POSIX = @GNULIB_VFPRINTF_POSIX@ ++GNULIB_VPRINTF = @GNULIB_VPRINTF@ ++GNULIB_VPRINTF_POSIX = @GNULIB_VPRINTF_POSIX@ ++GNULIB_VSNPRINTF = @GNULIB_VSNPRINTF@ ++GNULIB_VSPRINTF_POSIX = @GNULIB_VSPRINTF_POSIX@ ++GNULIB_WCRTOMB = @GNULIB_WCRTOMB@ ++GNULIB_WCSNRTOMBS = @GNULIB_WCSNRTOMBS@ ++GNULIB_WCSRTOMBS = @GNULIB_WCSRTOMBS@ ++GNULIB_WCTOB = @GNULIB_WCTOB@ ++GNULIB_WCWIDTH = @GNULIB_WCWIDTH@ ++GNULIB_WRITE = @GNULIB_WRITE@ ++GREP = @GREP@ ++GTKDOC_CHECK = @GTKDOC_CHECK@ ++GTKDOC_MKPDF = @GTKDOC_MKPDF@ ++GTKDOC_REBASE = @GTKDOC_REBASE@ ++GUILE = @GUILE@ ++GUILE_CFLAGS = @GUILE_CFLAGS@ ++GUILE_CONFIG = @GUILE_CONFIG@ ++GUILE_LDFLAGS = @GUILE_LDFLAGS@ ++GUILE_SITE = @GUILE_SITE@ ++GUILE_TOOLS = @GUILE_TOOLS@ ++HAVE_ACCEPT4 = @HAVE_ACCEPT4@ ++HAVE_ARPA_INET_H = @HAVE_ARPA_INET_H@ ++HAVE_ATOLL = @HAVE_ATOLL@ ++HAVE_BTOWC = @HAVE_BTOWC@ ++HAVE_CALLOC_POSIX = @HAVE_CALLOC_POSIX@ ++HAVE_CANONICALIZE_FILE_NAME = @HAVE_CANONICALIZE_FILE_NAME@ ++HAVE_CHOWN = @HAVE_CHOWN@ ++HAVE_DECL_ENVIRON = @HAVE_DECL_ENVIRON@ ++HAVE_DECL_FPURGE = @HAVE_DECL_FPURGE@ ++HAVE_DECL_FREEADDRINFO = @HAVE_DECL_FREEADDRINFO@ ++HAVE_DECL_GAI_STRERROR = @HAVE_DECL_GAI_STRERROR@ ++HAVE_DECL_GETADDRINFO = @HAVE_DECL_GETADDRINFO@ ++HAVE_DECL_GETDELIM = @HAVE_DECL_GETDELIM@ ++HAVE_DECL_GETLINE = @HAVE_DECL_GETLINE@ ++HAVE_DECL_GETLOADAVG = @HAVE_DECL_GETLOADAVG@ ++HAVE_DECL_GETLOGIN_R = @HAVE_DECL_GETLOGIN_R@ ++HAVE_DECL_GETNAMEINFO = @HAVE_DECL_GETNAMEINFO@ ++HAVE_DECL_GETPAGESIZE = @HAVE_DECL_GETPAGESIZE@ ++HAVE_DECL_GETUSERSHELL = @HAVE_DECL_GETUSERSHELL@ ++HAVE_DECL_INET_NTOP = @HAVE_DECL_INET_NTOP@ ++HAVE_DECL_INET_PTON = @HAVE_DECL_INET_PTON@ ++HAVE_DECL_MEMMEM = @HAVE_DECL_MEMMEM@ ++HAVE_DECL_MEMRCHR = @HAVE_DECL_MEMRCHR@ ++HAVE_DECL_OBSTACK_PRINTF = @HAVE_DECL_OBSTACK_PRINTF@ ++HAVE_DECL_SNPRINTF = @HAVE_DECL_SNPRINTF@ ++HAVE_DECL_STRDUP = @HAVE_DECL_STRDUP@ ++HAVE_DECL_STRNDUP = @HAVE_DECL_STRNDUP@ ++HAVE_DECL_STRNLEN = @HAVE_DECL_STRNLEN@ ++HAVE_DECL_STRSIGNAL = @HAVE_DECL_STRSIGNAL@ ++HAVE_DECL_STRTOK_R = @HAVE_DECL_STRTOK_R@ ++HAVE_DECL_VSNPRINTF = @HAVE_DECL_VSNPRINTF@ ++HAVE_DECL_WCTOB = @HAVE_DECL_WCTOB@ ++HAVE_DECL_WCWIDTH = @HAVE_DECL_WCWIDTH@ ++HAVE_DPRINTF = @HAVE_DPRINTF@ ++HAVE_DUP2 = @HAVE_DUP2@ ++HAVE_DUP3 = @HAVE_DUP3@ ++HAVE_EUIDACCESS = @HAVE_EUIDACCESS@ ++HAVE_FACCESSAT = @HAVE_FACCESSAT@ ++HAVE_FCHDIR = @HAVE_FCHDIR@ ++HAVE_FCHMODAT = @HAVE_FCHMODAT@ ++HAVE_FCHOWNAT = @HAVE_FCHOWNAT@ ++HAVE_FSEEKO = @HAVE_FSEEKO@ ++HAVE_FSTATAT = @HAVE_FSTATAT@ ++HAVE_FSYNC = @HAVE_FSYNC@ ++HAVE_FTELLO = @HAVE_FTELLO@ ++HAVE_FTRUNCATE = @HAVE_FTRUNCATE@ ++HAVE_FUTIMENS = @HAVE_FUTIMENS@ ++HAVE_GETDOMAINNAME = @HAVE_GETDOMAINNAME@ ++HAVE_GETDTABLESIZE = @HAVE_GETDTABLESIZE@ ++HAVE_GETGROUPS = @HAVE_GETGROUPS@ ++HAVE_GETHOSTNAME = @HAVE_GETHOSTNAME@ ++HAVE_GETLOGIN = @HAVE_GETLOGIN@ ++HAVE_GETPAGESIZE = @HAVE_GETPAGESIZE@ ++HAVE_GETSUBOPT = @HAVE_GETSUBOPT@ ++HAVE_GETTIMEOFDAY = @HAVE_GETTIMEOFDAY@ ++HAVE_GRANTPT = @HAVE_GRANTPT@ ++HAVE_INTTYPES_H = @HAVE_INTTYPES_H@ ++HAVE_LCHMOD = @HAVE_LCHMOD@ ++HAVE_LCHOWN = @HAVE_LCHOWN@ ++HAVE_LIBGCRYPT = @HAVE_LIBGCRYPT@ ++HAVE_LIBTASN1 = @HAVE_LIBTASN1@ ++HAVE_LINK = @HAVE_LINK@ ++HAVE_LINKAT = @HAVE_LINKAT@ ++HAVE_LOCALTIME_R = @HAVE_LOCALTIME_R@ ++HAVE_LONG_LONG_INT = @HAVE_LONG_LONG_INT@ ++HAVE_LSTAT = @HAVE_LSTAT@ ++HAVE_MALLOC_POSIX = @HAVE_MALLOC_POSIX@ ++HAVE_MBRLEN = @HAVE_MBRLEN@ ++HAVE_MBRTOWC = @HAVE_MBRTOWC@ ++HAVE_MBSINIT = @HAVE_MBSINIT@ ++HAVE_MBSLEN = @HAVE_MBSLEN@ ++HAVE_MBSNRTOWCS = @HAVE_MBSNRTOWCS@ ++HAVE_MBSRTOWCS = @HAVE_MBSRTOWCS@ ++HAVE_MEMCHR = @HAVE_MEMCHR@ ++HAVE_MEMPCPY = @HAVE_MEMPCPY@ ++HAVE_MKDIRAT = @HAVE_MKDIRAT@ ++HAVE_MKDTEMP = @HAVE_MKDTEMP@ ++HAVE_MKFIFO = @HAVE_MKFIFO@ ++HAVE_MKFIFOAT = @HAVE_MKFIFOAT@ ++HAVE_MKNOD = @HAVE_MKNOD@ ++HAVE_MKNODAT = @HAVE_MKNODAT@ ++HAVE_MKOSTEMP = @HAVE_MKOSTEMP@ ++HAVE_MKOSTEMPS = @HAVE_MKOSTEMPS@ ++HAVE_MKSTEMP = @HAVE_MKSTEMP@ ++HAVE_MKSTEMPS = @HAVE_MKSTEMPS@ ++HAVE_NANOSLEEP = @HAVE_NANOSLEEP@ ++HAVE_NETDB_H = @HAVE_NETDB_H@ ++HAVE_NETINET_IN_H = @HAVE_NETINET_IN_H@ ++HAVE_OS_H = @HAVE_OS_H@ ++HAVE_PIPE2 = @HAVE_PIPE2@ ++HAVE_PREAD = @HAVE_PREAD@ ++HAVE_PTSNAME = @HAVE_PTSNAME@ ++HAVE_PWRITE = @HAVE_PWRITE@ ++HAVE_RANDOM_H = @HAVE_RANDOM_H@ ++HAVE_RANDOM_R = @HAVE_RANDOM_R@ ++HAVE_RAWMEMCHR = @HAVE_RAWMEMCHR@ ++HAVE_READLINK = @HAVE_READLINK@ ++HAVE_READLINKAT = @HAVE_READLINKAT@ ++HAVE_REALLOC_POSIX = @HAVE_REALLOC_POSIX@ ++HAVE_REALPATH = @HAVE_REALPATH@ ++HAVE_RENAMEAT = @HAVE_RENAMEAT@ ++HAVE_RPMATCH = @HAVE_RPMATCH@ ++HAVE_SA_FAMILY_T = @HAVE_SA_FAMILY_T@ ++HAVE_SETENV = @HAVE_SETENV@ ++HAVE_SIGNED_SIG_ATOMIC_T = @HAVE_SIGNED_SIG_ATOMIC_T@ ++HAVE_SIGNED_WCHAR_T = @HAVE_SIGNED_WCHAR_T@ ++HAVE_SIGNED_WINT_T = @HAVE_SIGNED_WINT_T@ ++HAVE_SLEEP = @HAVE_SLEEP@ ++HAVE_STDINT_H = @HAVE_STDINT_H@ ++HAVE_STPCPY = @HAVE_STPCPY@ ++HAVE_STPNCPY = @HAVE_STPNCPY@ ++HAVE_STRCASESTR = @HAVE_STRCASESTR@ ++HAVE_STRCHRNUL = @HAVE_STRCHRNUL@ ++HAVE_STRPBRK = @HAVE_STRPBRK@ ++HAVE_STRPTIME = @HAVE_STRPTIME@ ++HAVE_STRSEP = @HAVE_STRSEP@ ++HAVE_STRTOD = @HAVE_STRTOD@ ++HAVE_STRTOLL = @HAVE_STRTOLL@ ++HAVE_STRTOULL = @HAVE_STRTOULL@ ++HAVE_STRUCT_ADDRINFO = @HAVE_STRUCT_ADDRINFO@ ++HAVE_STRUCT_RANDOM_DATA = @HAVE_STRUCT_RANDOM_DATA@ ++HAVE_STRUCT_SOCKADDR_STORAGE = @HAVE_STRUCT_SOCKADDR_STORAGE@ ++HAVE_STRUCT_TIMEVAL = @HAVE_STRUCT_TIMEVAL@ ++HAVE_STRVERSCMP = @HAVE_STRVERSCMP@ ++HAVE_SYMLINK = @HAVE_SYMLINK@ ++HAVE_SYMLINKAT = @HAVE_SYMLINKAT@ ++HAVE_SYS_BITYPES_H = @HAVE_SYS_BITYPES_H@ ++HAVE_SYS_INTTYPES_H = @HAVE_SYS_INTTYPES_H@ ++HAVE_SYS_IOCTL_H = @HAVE_SYS_IOCTL_H@ ++HAVE_SYS_LOADAVG_H = @HAVE_SYS_LOADAVG_H@ ++HAVE_SYS_PARAM_H = @HAVE_SYS_PARAM_H@ ++HAVE_SYS_SELECT_H = @HAVE_SYS_SELECT_H@ ++HAVE_SYS_SOCKET_H = @HAVE_SYS_SOCKET_H@ ++HAVE_SYS_TIME_H = @HAVE_SYS_TIME_H@ ++HAVE_SYS_TYPES_H = @HAVE_SYS_TYPES_H@ ++HAVE_TIMEGM = @HAVE_TIMEGM@ ++HAVE_TTYNAME_R = @HAVE_TTYNAME_R@ ++HAVE_UNISTD_H = @HAVE_UNISTD_H@ ++HAVE_UNLINKAT = @HAVE_UNLINKAT@ ++HAVE_UNLOCKPT = @HAVE_UNLOCKPT@ ++HAVE_UNSETENV = @HAVE_UNSETENV@ ++HAVE_UNSIGNED_LONG_LONG_INT = @HAVE_UNSIGNED_LONG_LONG_INT@ ++HAVE_USLEEP = @HAVE_USLEEP@ ++HAVE_UTIMENSAT = @HAVE_UTIMENSAT@ ++HAVE_VASPRINTF = @HAVE_VASPRINTF@ ++HAVE_VDPRINTF = @HAVE_VDPRINTF@ ++HAVE_WCHAR_H = @HAVE_WCHAR_H@ ++HAVE_WCHAR_T = @HAVE_WCHAR_T@ ++HAVE_WCRTOMB = @HAVE_WCRTOMB@ ++HAVE_WCSNRTOMBS = @HAVE_WCSNRTOMBS@ ++HAVE_WCSRTOMBS = @HAVE_WCSRTOMBS@ ++HAVE_WINSOCK2_H = @HAVE_WINSOCK2_H@ ++HAVE_WINT_T = @HAVE_WINT_T@ ++HAVE_WS2TCPIP_H = @HAVE_WS2TCPIP_H@ ++HAVE__BOOL = @HAVE__BOOL@ ++HOSTENT_LIB = @HOSTENT_LIB@ ++HTML_DIR = @HTML_DIR@ ++INCLUDE_NEXT = @INCLUDE_NEXT@ ++INCLUDE_NEXT_AS_FIRST_DIRECTIVE = @INCLUDE_NEXT_AS_FIRST_DIRECTIVE@ ++INET_NTOP_LIB = @INET_NTOP_LIB@ ++INET_PTON_LIB = @INET_PTON_LIB@ ++INSTALL = @INSTALL@ ++INSTALL_DATA = @INSTALL_DATA@ ++INSTALL_PROGRAM = @INSTALL_PROGRAM@ ++INSTALL_SCRIPT = @INSTALL_SCRIPT@ ++INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ ++LD = @LD@ ++LDFLAGS = @LDFLAGS@ ++LIBGCRYPT = @LIBGCRYPT@ ++LIBGCRYPT_PREFIX = @LIBGCRYPT_PREFIX@ ++LIBINTL = @LIBINTL@ ++LIBOBJS = @LIBOBJS@ ++LIBREADLINE = @LIBREADLINE@ ++LIBS = @LIBS@ ++LIBSOCKET = @LIBSOCKET@ ++LIBTASN1 = @LIBTASN1@ ++LIBTASN1_PREFIX = @LIBTASN1_PREFIX@ ++LIBTESTS_LIBDEPS = @LIBTESTS_LIBDEPS@ ++LIBTOOL = @LIBTOOL@ ++LIB_CLOCK_GETTIME = @LIB_CLOCK_GETTIME@ ++LIPO = @LIPO@ ++LN_S = @LN_S@ ++LTALLOCA = @LTALLOCA@ ++LTLIBGCRYPT = @LTLIBGCRYPT@ ++LTLIBINTL = @LTLIBINTL@ ++LTLIBOBJS = @LTLIBOBJS@ ++LTLIBREADLINE = @LTLIBREADLINE@ ++LTLIBTASN1 = @LTLIBTASN1@ ++LT_AGE = @LT_AGE@ ++LT_CURRENT = @LT_CURRENT@ ++LT_REVISION = @LT_REVISION@ ++LZO_LIBS = @LZO_LIBS@ ++MAKEINFO = @MAKEINFO@ ++MKDIR_P = @MKDIR_P@ ++NETINET_IN_H = @NETINET_IN_H@ ++NEXT_ARPA_INET_H = @NEXT_ARPA_INET_H@ ++NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H = @NEXT_AS_FIRST_DIRECTIVE_ARPA_INET_H@ ++NEXT_AS_FIRST_DIRECTIVE_ERRNO_H = @NEXT_AS_FIRST_DIRECTIVE_ERRNO_H@ ++NEXT_AS_FIRST_DIRECTIVE_FLOAT_H = @NEXT_AS_FIRST_DIRECTIVE_FLOAT_H@ ++NEXT_AS_FIRST_DIRECTIVE_NETDB_H = @NEXT_AS_FIRST_DIRECTIVE_NETDB_H@ ++NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H = @NEXT_AS_FIRST_DIRECTIVE_NETINET_IN_H@ ++NEXT_AS_FIRST_DIRECTIVE_STDARG_H = @NEXT_AS_FIRST_DIRECTIVE_STDARG_H@ ++NEXT_AS_FIRST_DIRECTIVE_STDDEF_H = @NEXT_AS_FIRST_DIRECTIVE_STDDEF_H@ ++NEXT_AS_FIRST_DIRECTIVE_STDINT_H = @NEXT_AS_FIRST_DIRECTIVE_STDINT_H@ ++NEXT_AS_FIRST_DIRECTIVE_STDIO_H = @NEXT_AS_FIRST_DIRECTIVE_STDIO_H@ ++NEXT_AS_FIRST_DIRECTIVE_STDLIB_H = @NEXT_AS_FIRST_DIRECTIVE_STDLIB_H@ ++NEXT_AS_FIRST_DIRECTIVE_STRING_H = @NEXT_AS_FIRST_DIRECTIVE_STRING_H@ ++NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_IOCTL_H@ ++NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SELECT_H@ ++NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_SOCKET_H@ ++NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_STAT_H@ ++NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_SYS_TIME_H@ ++NEXT_AS_FIRST_DIRECTIVE_TIME_H = @NEXT_AS_FIRST_DIRECTIVE_TIME_H@ ++NEXT_AS_FIRST_DIRECTIVE_UNISTD_H = @NEXT_AS_FIRST_DIRECTIVE_UNISTD_H@ ++NEXT_AS_FIRST_DIRECTIVE_WCHAR_H = @NEXT_AS_FIRST_DIRECTIVE_WCHAR_H@ ++NEXT_ERRNO_H = @NEXT_ERRNO_H@ ++NEXT_FLOAT_H = @NEXT_FLOAT_H@ ++NEXT_NETDB_H = @NEXT_NETDB_H@ ++NEXT_NETINET_IN_H = @NEXT_NETINET_IN_H@ ++NEXT_STDARG_H = @NEXT_STDARG_H@ ++NEXT_STDDEF_H = @NEXT_STDDEF_H@ ++NEXT_STDINT_H = @NEXT_STDINT_H@ ++NEXT_STDIO_H = @NEXT_STDIO_H@ ++NEXT_STDLIB_H = @NEXT_STDLIB_H@ ++NEXT_STRING_H = @NEXT_STRING_H@ ++NEXT_SYS_IOCTL_H = @NEXT_SYS_IOCTL_H@ ++NEXT_SYS_SELECT_H = @NEXT_SYS_SELECT_H@ ++NEXT_SYS_SOCKET_H = @NEXT_SYS_SOCKET_H@ ++NEXT_SYS_STAT_H = @NEXT_SYS_STAT_H@ ++NEXT_SYS_TIME_H = @NEXT_SYS_TIME_H@ ++NEXT_TIME_H = @NEXT_TIME_H@ ++NEXT_UNISTD_H = @NEXT_UNISTD_H@ ++NEXT_WCHAR_H = @NEXT_WCHAR_H@ ++NM = @NM@ ++NMEDIT = @NMEDIT@ ++OBJDUMP = @OBJDUMP@ ++OBJEXT = @OBJEXT@ ++OTOOL = @OTOOL@ ++OTOOL64 = @OTOOL64@ ++PACKAGE = @PACKAGE@ ++PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ ++PACKAGE_NAME = @PACKAGE_NAME@ ++PACKAGE_STRING = @PACKAGE_STRING@ ++PACKAGE_TARNAME = @PACKAGE_TARNAME@ ++PACKAGE_URL = @PACKAGE_URL@ ++PACKAGE_VERSION = @PACKAGE_VERSION@ ++PATH_SEPARATOR = @PATH_SEPARATOR@ ++PKG_CONFIG = @PKG_CONFIG@ ++PMCCABE = @PMCCABE@ ++PRAGMA_SYSTEM_HEADER = @PRAGMA_SYSTEM_HEADER@ ++PTHREAD_H_DEFINES_STRUCT_TIMESPEC = @PTHREAD_H_DEFINES_STRUCT_TIMESPEC@ ++PTRDIFF_T_SUFFIX = @PTRDIFF_T_SUFFIX@ ++RANLIB = @RANLIB@ ++REPLACE_BTOWC = @REPLACE_BTOWC@ ++REPLACE_CANONICALIZE_FILE_NAME = @REPLACE_CANONICALIZE_FILE_NAME@ ++REPLACE_CHOWN = @REPLACE_CHOWN@ ++REPLACE_CLOSE = @REPLACE_CLOSE@ ++REPLACE_DPRINTF = @REPLACE_DPRINTF@ ++REPLACE_DUP = @REPLACE_DUP@ ++REPLACE_DUP2 = @REPLACE_DUP2@ ++REPLACE_FCHOWNAT = @REPLACE_FCHOWNAT@ ++REPLACE_FCLOSE = @REPLACE_FCLOSE@ ++REPLACE_FFLUSH = @REPLACE_FFLUSH@ ++REPLACE_FOPEN = @REPLACE_FOPEN@ ++REPLACE_FPRINTF = @REPLACE_FPRINTF@ ++REPLACE_FPURGE = @REPLACE_FPURGE@ ++REPLACE_FREOPEN = @REPLACE_FREOPEN@ ++REPLACE_FSEEK = @REPLACE_FSEEK@ ++REPLACE_FSEEKO = @REPLACE_FSEEKO@ ++REPLACE_FSTAT = @REPLACE_FSTAT@ ++REPLACE_FSTATAT = @REPLACE_FSTATAT@ ++REPLACE_FTELL = @REPLACE_FTELL@ ++REPLACE_FTELLO = @REPLACE_FTELLO@ ++REPLACE_FUTIMENS = @REPLACE_FUTIMENS@ ++REPLACE_GETCWD = @REPLACE_GETCWD@ ++REPLACE_GETDELIM = @REPLACE_GETDELIM@ ++REPLACE_GETGROUPS = @REPLACE_GETGROUPS@ ++REPLACE_GETLINE = @REPLACE_GETLINE@ ++REPLACE_GETPAGESIZE = @REPLACE_GETPAGESIZE@ ++REPLACE_GETTIMEOFDAY = @REPLACE_GETTIMEOFDAY@ ++REPLACE_IOCTL = @REPLACE_IOCTL@ ++REPLACE_LCHOWN = @REPLACE_LCHOWN@ ++REPLACE_LINK = @REPLACE_LINK@ ++REPLACE_LINKAT = @REPLACE_LINKAT@ ++REPLACE_LOCALTIME_R = @REPLACE_LOCALTIME_R@ ++REPLACE_LSEEK = @REPLACE_LSEEK@ ++REPLACE_LSTAT = @REPLACE_LSTAT@ ++REPLACE_MBRLEN = @REPLACE_MBRLEN@ ++REPLACE_MBRTOWC = @REPLACE_MBRTOWC@ ++REPLACE_MBSINIT = @REPLACE_MBSINIT@ ++REPLACE_MBSNRTOWCS = @REPLACE_MBSNRTOWCS@ ++REPLACE_MBSRTOWCS = @REPLACE_MBSRTOWCS@ ++REPLACE_MBSTATE_T = @REPLACE_MBSTATE_T@ ++REPLACE_MEMCHR = @REPLACE_MEMCHR@ ++REPLACE_MEMMEM = @REPLACE_MEMMEM@ ++REPLACE_MKDIR = @REPLACE_MKDIR@ ++REPLACE_MKFIFO = @REPLACE_MKFIFO@ ++REPLACE_MKNOD = @REPLACE_MKNOD@ ++REPLACE_MKSTEMP = @REPLACE_MKSTEMP@ ++REPLACE_MKTIME = @REPLACE_MKTIME@ ++REPLACE_NANOSLEEP = @REPLACE_NANOSLEEP@ ++REPLACE_NULL = @REPLACE_NULL@ ++REPLACE_OBSTACK_PRINTF = @REPLACE_OBSTACK_PRINTF@ ++REPLACE_PERROR = @REPLACE_PERROR@ ++REPLACE_POPEN = @REPLACE_POPEN@ ++REPLACE_PREAD = @REPLACE_PREAD@ ++REPLACE_PRINTF = @REPLACE_PRINTF@ ++REPLACE_PUTENV = @REPLACE_PUTENV@ ++REPLACE_PWRITE = @REPLACE_PWRITE@ ++REPLACE_READLINK = @REPLACE_READLINK@ ++REPLACE_REALPATH = @REPLACE_REALPATH@ ++REPLACE_REMOVE = @REPLACE_REMOVE@ ++REPLACE_RENAME = @REPLACE_RENAME@ ++REPLACE_RENAMEAT = @REPLACE_RENAMEAT@ ++REPLACE_RMDIR = @REPLACE_RMDIR@ ++REPLACE_SELECT = @REPLACE_SELECT@ ++REPLACE_SETENV = @REPLACE_SETENV@ ++REPLACE_SLEEP = @REPLACE_SLEEP@ ++REPLACE_SNPRINTF = @REPLACE_SNPRINTF@ ++REPLACE_SPRINTF = @REPLACE_SPRINTF@ ++REPLACE_STAT = @REPLACE_STAT@ ++REPLACE_STDIO_WRITE_FUNCS = @REPLACE_STDIO_WRITE_FUNCS@ ++REPLACE_STPNCPY = @REPLACE_STPNCPY@ ++REPLACE_STRCASESTR = @REPLACE_STRCASESTR@ ++REPLACE_STRDUP = @REPLACE_STRDUP@ ++REPLACE_STRERROR = @REPLACE_STRERROR@ ++REPLACE_STRNCAT = @REPLACE_STRNCAT@ ++REPLACE_STRNDUP = @REPLACE_STRNDUP@ ++REPLACE_STRNLEN = @REPLACE_STRNLEN@ ++REPLACE_STRSIGNAL = @REPLACE_STRSIGNAL@ ++REPLACE_STRSTR = @REPLACE_STRSTR@ ++REPLACE_STRTOD = @REPLACE_STRTOD@ ++REPLACE_STRTOK_R = @REPLACE_STRTOK_R@ ++REPLACE_SYMLINK = @REPLACE_SYMLINK@ ++REPLACE_TIMEGM = @REPLACE_TIMEGM@ ++REPLACE_TMPFILE = @REPLACE_TMPFILE@ ++REPLACE_TTYNAME_R = @REPLACE_TTYNAME_R@ ++REPLACE_UNLINK = @REPLACE_UNLINK@ ++REPLACE_UNLINKAT = @REPLACE_UNLINKAT@ ++REPLACE_UNSETENV = @REPLACE_UNSETENV@ ++REPLACE_USLEEP = @REPLACE_USLEEP@ ++REPLACE_UTIMENSAT = @REPLACE_UTIMENSAT@ ++REPLACE_VASPRINTF = @REPLACE_VASPRINTF@ ++REPLACE_VDPRINTF = @REPLACE_VDPRINTF@ ++REPLACE_VFPRINTF = @REPLACE_VFPRINTF@ ++REPLACE_VPRINTF = @REPLACE_VPRINTF@ ++REPLACE_VSNPRINTF = @REPLACE_VSNPRINTF@ ++REPLACE_VSPRINTF = @REPLACE_VSPRINTF@ ++REPLACE_WCRTOMB = @REPLACE_WCRTOMB@ ++REPLACE_WCSNRTOMBS = @REPLACE_WCSNRTOMBS@ ++REPLACE_WCSRTOMBS = @REPLACE_WCSRTOMBS@ ++REPLACE_WCTOB = @REPLACE_WCTOB@ ++REPLACE_WCWIDTH = @REPLACE_WCWIDTH@ ++REPLACE_WRITE = @REPLACE_WRITE@ ++SED = @SED@ ++SERVENT_LIB = @SERVENT_LIB@ ++SET_MAKE = @SET_MAKE@ ++SHELL = @SHELL@ ++SIG_ATOMIC_T_SUFFIX = @SIG_ATOMIC_T_SUFFIX@ ++SIZE_T_SUFFIX = @SIZE_T_SUFFIX@ ++STDARG_H = @STDARG_H@ ++STDBOOL_H = @STDBOOL_H@ ++STDDEF_H = @STDDEF_H@ ++STDINT_H = @STDINT_H@ ++STRIP = @STRIP@ ++SYS_IOCTL_H_HAVE_WINSOCK2_H = @SYS_IOCTL_H_HAVE_WINSOCK2_H@ ++SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @SYS_IOCTL_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@ ++SYS_TIME_H_DEFINES_STRUCT_TIMESPEC = @SYS_TIME_H_DEFINES_STRUCT_TIMESPEC@ ++TIME_H_DEFINES_STRUCT_TIMESPEC = @TIME_H_DEFINES_STRUCT_TIMESPEC@ ++UNDEFINE_STRTOK_R = @UNDEFINE_STRTOK_R@ ++UNISTD_H_HAVE_WINSOCK2_H = @UNISTD_H_HAVE_WINSOCK2_H@ ++UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS = @UNISTD_H_HAVE_WINSOCK2_H_AND_USE_SOCKETS@ ++VALGRIND = @VALGRIND@ ++VERSION = @VERSION@ ++WARN_CFLAGS = @WARN_CFLAGS@ ++WCHAR_T_SUFFIX = @WCHAR_T_SUFFIX@ ++WERROR_CFLAGS = @WERROR_CFLAGS@ ++WINT_T_SUFFIX = @WINT_T_SUFFIX@ ++WSTACK_CFLAGS = @WSTACK_CFLAGS@ ++abs_aux_dir = @abs_aux_dir@ ++abs_builddir = @abs_builddir@ ++abs_srcdir = @abs_srcdir@ ++abs_top_builddir = @abs_top_builddir@ ++abs_top_srcdir = @abs_top_srcdir@ ++ac_ct_CC = @ac_ct_CC@ ++ac_ct_CXX = @ac_ct_CXX@ ++ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ ++am__include = @am__include@ ++am__leading_dot = @am__leading_dot@ ++am__quote = @am__quote@ ++am__tar = @am__tar@ ++am__untar = @am__untar@ ++bindir = @bindir@ ++build = @build@ ++build_alias = @build_alias@ ++build_cpu = @build_cpu@ ++build_os = @build_os@ ++build_vendor = @build_vendor@ ++builddir = @builddir@ ++datadir = @datadir@ ++datarootdir = @datarootdir@ ++docdir = @docdir@ ++dvidir = @dvidir@ ++exec_prefix = @exec_prefix@ ++gl_LIBOBJS = @gl_LIBOBJS@ ++gl_LTLIBOBJS = @gl_LTLIBOBJS@ ++gltests_LIBOBJS = @gltests_LIBOBJS@ ++gltests_LTLIBOBJS = @gltests_LTLIBOBJS@ ++gltests_WITNESS = @gltests_WITNESS@ ++guile_snarf = @guile_snarf@ ++host = @host@ ++host_alias = @host_alias@ ++host_cpu = @host_cpu@ ++host_os = @host_os@ ++host_vendor = @host_vendor@ ++htmldir = @htmldir@ ++includedir = @includedir@ ++infodir = @infodir@ ++install_sh = @install_sh@ ++libdir = @libdir@ ++libexecdir = @libexecdir@ ++localedir = @localedir@ ++localstatedir = @localstatedir@ ++mandir = @mandir@ ++mkdir_p = @mkdir_p@ ++oldincludedir = @oldincludedir@ ++pdfdir = @pdfdir@ ++prefix = @prefix@ ++program_transform_name = @program_transform_name@ ++psdir = @psdir@ ++sbindir = @sbindir@ ++sharedstatedir = @sharedstatedir@ ++srcdir = @srcdir@ ++subdirs = @subdirs@ ++sysconfdir = @sysconfdir@ ++target_alias = @target_alias@ ++top_build_prefix = @top_build_prefix@ ++top_builddir = @top_builddir@ ++top_srcdir = @top_srcdir@ ++AM_CFLAGS = $(WARN_CFLAGS) $(WERROR_CFLAGS) ++AM_CPPFLAGS = \ ++ -I$(top_srcdir)/lib/includes \ ++ -I$(top_builddir)/lib/includes ++ ++AM_LDFLAGS = -no-install ++LDADD = ../../lib/libgnutls.la $(LTLIBGCRYPT) $(LIBSOCKET) ++ctests = srn0 srn1 srn2 srn3 srn4 srn5 srn6 srn7 ++TESTS_ENVIRONMENT = $(VALGRIND) ++EXTRA_DIST = README params.dh ++dist_check_SCRIPTS = testsrn ++all: all-am ++ ++.SUFFIXES: ++.SUFFIXES: .c .lo .o .obj ++$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) ++ @for dep in $?; do \ ++ case '$(am__configure_deps)' in \ ++ *$$dep*) \ ++ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \ ++ && { if test -f $@; then exit 0; else break; fi; }; \ ++ exit 1;; \ ++ esac; \ ++ done; \ ++ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu tests/safe-renegotiation/Makefile'; \ ++ $(am__cd) $(top_srcdir) && \ ++ $(AUTOMAKE) --gnu tests/safe-renegotiation/Makefile ++.PRECIOUS: Makefile ++Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status ++ @case '$?' in \ ++ *config.status*) \ ++ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ ++ *) \ ++ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ ++ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ ++ esac; ++ ++$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) ++ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ++ ++$(top_srcdir)/configure: $(am__configure_deps) ++ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ++$(ACLOCAL_M4): $(am__aclocal_m4_deps) ++ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ++$(am__aclocal_m4_deps): ++ ++clean-checkPROGRAMS: ++ @list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \ ++ echo " rm -f" $$list; \ ++ rm -f $$list || exit $$?; \ ++ test -n "$(EXEEXT)" || exit 0; \ ++ list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ ++ echo " rm -f" $$list; \ ++ rm -f $$list ++srn0$(EXEEXT): $(srn0_OBJECTS) $(srn0_DEPENDENCIES) ++ @rm -f srn0$(EXEEXT) ++ $(LINK) $(srn0_OBJECTS) $(srn0_LDADD) $(LIBS) ++srn1$(EXEEXT): $(srn1_OBJECTS) $(srn1_DEPENDENCIES) ++ @rm -f srn1$(EXEEXT) ++ $(LINK) $(srn1_OBJECTS) $(srn1_LDADD) $(LIBS) ++srn2$(EXEEXT): $(srn2_OBJECTS) $(srn2_DEPENDENCIES) ++ @rm -f srn2$(EXEEXT) ++ $(LINK) $(srn2_OBJECTS) $(srn2_LDADD) $(LIBS) ++srn3$(EXEEXT): $(srn3_OBJECTS) $(srn3_DEPENDENCIES) ++ @rm -f srn3$(EXEEXT) ++ $(LINK) $(srn3_OBJECTS) $(srn3_LDADD) $(LIBS) ++srn4$(EXEEXT): $(srn4_OBJECTS) $(srn4_DEPENDENCIES) ++ @rm -f srn4$(EXEEXT) ++ $(LINK) $(srn4_OBJECTS) $(srn4_LDADD) $(LIBS) ++srn5$(EXEEXT): $(srn5_OBJECTS) $(srn5_DEPENDENCIES) ++ @rm -f srn5$(EXEEXT) ++ $(LINK) $(srn5_OBJECTS) $(srn5_LDADD) $(LIBS) ++srn6$(EXEEXT): $(srn6_OBJECTS) $(srn6_DEPENDENCIES) ++ @rm -f srn6$(EXEEXT) ++ $(LINK) $(srn6_OBJECTS) $(srn6_LDADD) $(LIBS) ++srn7$(EXEEXT): $(srn7_OBJECTS) $(srn7_DEPENDENCIES) ++ @rm -f srn7$(EXEEXT) ++ $(LINK) $(srn7_OBJECTS) $(srn7_LDADD) $(LIBS) ++ ++mostlyclean-compile: ++ -rm -f *.$(OBJEXT) ++ ++distclean-compile: ++ -rm -f *.tab.c ++ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srn0.Po@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srn1.Po@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srn2.Po@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srn3.Po@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srn4.Po@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srn5.Po@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srn6.Po@am__quote@ ++@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/srn7.Po@am__quote@ ++ ++.c.o: ++@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< ++@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ ++@am__fastdepCC_FALSE@ $(COMPILE) -c $< ++ ++.c.obj: ++@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` ++@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ ++@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` ++ ++.c.lo: ++@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< ++@am__fastdepCC_TRUE@ $(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ ++@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ ++@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< ++ ++mostlyclean-libtool: ++ -rm -f *.lo ++ ++clean-libtool: ++ -rm -rf .libs _libs ++ ++ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) ++ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ ++ unique=`for i in $$list; do \ ++ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ ++ done | \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ ++ mkid -fID $$unique ++tags: TAGS ++ ++TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ ++ $(TAGS_FILES) $(LISP) ++ set x; \ ++ here=`pwd`; \ ++ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ ++ unique=`for i in $$list; do \ ++ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ ++ done | \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ ++ shift; \ ++ if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ ++ test -n "$$unique" || unique=$$empty_fix; \ ++ if test $$# -gt 0; then \ ++ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ ++ "$$@" $$unique; \ ++ else \ ++ $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ ++ $$unique; \ ++ fi; \ ++ fi ++ctags: CTAGS ++CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ ++ $(TAGS_FILES) $(LISP) ++ list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ ++ unique=`for i in $$list; do \ ++ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ ++ done | \ ++ $(AWK) '{ files[$$0] = 1; nonempty = 1; } \ ++ END { if (nonempty) { for (i in files) print i; }; }'`; \ ++ test -z "$(CTAGS_ARGS)$$unique" \ ++ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ ++ $$unique ++ ++GTAGS: ++ here=`$(am__cd) $(top_builddir) && pwd` \ ++ && $(am__cd) $(top_srcdir) \ ++ && gtags -i $(GTAGS_ARGS) "$$here" ++ ++distclean-tags: ++ -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags ++ ++check-TESTS: $(TESTS) ++ @failed=0; all=0; xfail=0; xpass=0; skip=0; \ ++ srcdir=$(srcdir); export srcdir; \ ++ list=' $(TESTS) '; \ ++ $(am__tty_colors); \ ++ if test -n "$$list"; then \ ++ for tst in $$list; do \ ++ if test -f ./$$tst; then dir=./; \ ++ elif test -f $$tst; then dir=; \ ++ else dir="$(srcdir)/"; fi; \ ++ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ ++ all=`expr $$all + 1`; \ ++ case " $(XFAIL_TESTS) " in \ ++ *[\ \ ]$$tst[\ \ ]*) \ ++ xpass=`expr $$xpass + 1`; \ ++ failed=`expr $$failed + 1`; \ ++ col=$$red; res=XPASS; \ ++ ;; \ ++ *) \ ++ col=$$grn; res=PASS; \ ++ ;; \ ++ esac; \ ++ elif test $$? -ne 77; then \ ++ all=`expr $$all + 1`; \ ++ case " $(XFAIL_TESTS) " in \ ++ *[\ \ ]$$tst[\ \ ]*) \ ++ xfail=`expr $$xfail + 1`; \ ++ col=$$lgn; res=XFAIL; \ ++ ;; \ ++ *) \ ++ failed=`expr $$failed + 1`; \ ++ col=$$red; res=FAIL; \ ++ ;; \ ++ esac; \ ++ else \ ++ skip=`expr $$skip + 1`; \ ++ col=$$blu; res=SKIP; \ ++ fi; \ ++ echo "$${col}$$res$${std}: $$tst"; \ ++ done; \ ++ if test "$$all" -eq 1; then \ ++ tests="test"; \ ++ All=""; \ ++ else \ ++ tests="tests"; \ ++ All="All "; \ ++ fi; \ ++ if test "$$failed" -eq 0; then \ ++ if test "$$xfail" -eq 0; then \ ++ banner="$$All$$all $$tests passed"; \ ++ else \ ++ if test "$$xfail" -eq 1; then failures=failure; else failures=failures; fi; \ ++ banner="$$All$$all $$tests behaved as expected ($$xfail expected $$failures)"; \ ++ fi; \ ++ else \ ++ if test "$$xpass" -eq 0; then \ ++ banner="$$failed of $$all $$tests failed"; \ ++ else \ ++ if test "$$xpass" -eq 1; then passes=pass; else passes=passes; fi; \ ++ banner="$$failed of $$all $$tests did not behave as expected ($$xpass unexpected $$passes)"; \ ++ fi; \ ++ fi; \ ++ dashes="$$banner"; \ ++ skipped=""; \ ++ if test "$$skip" -ne 0; then \ ++ if test "$$skip" -eq 1; then \ ++ skipped="($$skip test was not run)"; \ ++ else \ ++ skipped="($$skip tests were not run)"; \ ++ fi; \ ++ test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ ++ dashes="$$skipped"; \ ++ fi; \ ++ report=""; \ ++ if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ ++ report="Please report to $(PACKAGE_BUGREPORT)"; \ ++ test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ ++ dashes="$$report"; \ ++ fi; \ ++ dashes=`echo "$$dashes" | sed s/./=/g`; \ ++ if test "$$failed" -eq 0; then \ ++ echo "$$grn$$dashes"; \ ++ else \ ++ echo "$$red$$dashes"; \ ++ fi; \ ++ echo "$$banner"; \ ++ test -z "$$skipped" || echo "$$skipped"; \ ++ test -z "$$report" || echo "$$report"; \ ++ echo "$$dashes$$std"; \ ++ test "$$failed" -eq 0; \ ++ else :; fi ++ ++distdir: $(DISTFILES) ++ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ ++ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ ++ list='$(DISTFILES)'; \ ++ dist_files=`for file in $$list; do echo $$file; done | \ ++ sed -e "s|^$$srcdirstrip/||;t" \ ++ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ ++ case $$dist_files in \ ++ */*) $(MKDIR_P) `echo "$$dist_files" | \ ++ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ ++ sort -u` ;; \ ++ esac; \ ++ for file in $$dist_files; do \ ++ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ ++ if test -d $$d/$$file; then \ ++ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ ++ if test -d "$(distdir)/$$file"; then \ ++ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ ++ fi; \ ++ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ ++ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ ++ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ ++ fi; \ ++ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ ++ else \ ++ test -f "$(distdir)/$$file" \ ++ || cp -p $$d/$$file "$(distdir)/$$file" \ ++ || exit 1; \ ++ fi; \ ++ done ++check-am: all-am ++ $(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS) \ ++ $(dist_check_SCRIPTS) ++ $(MAKE) $(AM_MAKEFLAGS) check-TESTS ++check: check-am ++all-am: Makefile ++installdirs: ++install: install-am ++install-exec: install-exec-am ++install-data: install-data-am ++uninstall: uninstall-am ++ ++install-am: all-am ++ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am ++ ++installcheck: installcheck-am ++install-strip: ++ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ ++ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ ++ `test -z '$(STRIP)' || \ ++ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install ++mostlyclean-generic: ++ ++clean-generic: ++ ++distclean-generic: ++ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) ++ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) ++ ++maintainer-clean-generic: ++ @echo "This command is intended for maintainers to use" ++ @echo "it deletes files that may require special tools to rebuild." ++clean: clean-am ++ ++clean-am: clean-checkPROGRAMS clean-generic clean-libtool \ ++ mostlyclean-am ++ ++distclean: distclean-am ++ -rm -rf ./$(DEPDIR) ++ -rm -f Makefile ++distclean-am: clean-am distclean-compile distclean-generic \ ++ distclean-tags ++ ++dvi: dvi-am ++ ++dvi-am: ++ ++html: html-am ++ ++html-am: ++ ++info: info-am ++ ++info-am: ++ ++install-data-am: ++ ++install-dvi: install-dvi-am ++ ++install-dvi-am: ++ ++install-exec-am: ++ ++install-html: install-html-am ++ ++install-html-am: ++ ++install-info: install-info-am ++ ++install-info-am: ++ ++install-man: ++ ++install-pdf: install-pdf-am ++ ++install-pdf-am: ++ ++install-ps: install-ps-am ++ ++install-ps-am: ++ ++installcheck-am: ++ ++maintainer-clean: maintainer-clean-am ++ -rm -rf ./$(DEPDIR) ++ -rm -f Makefile ++maintainer-clean-am: distclean-am maintainer-clean-generic ++ ++mostlyclean: mostlyclean-am ++ ++mostlyclean-am: mostlyclean-compile mostlyclean-generic \ ++ mostlyclean-libtool ++ ++pdf: pdf-am ++ ++pdf-am: ++ ++ps: ps-am ++ ++ps-am: ++ ++uninstall-am: ++ ++.MAKE: check-am install-am install-strip ++ ++.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \ ++ clean-checkPROGRAMS clean-generic clean-libtool ctags \ ++ distclean distclean-compile distclean-generic \ ++ distclean-libtool distclean-tags distdir dvi dvi-am html \ ++ html-am info info-am install install-am install-data \ ++ install-data-am install-dvi install-dvi-am install-exec \ ++ install-exec-am install-html install-html-am install-info \ ++ install-info-am install-man install-pdf install-pdf-am \ ++ install-ps install-ps-am install-strip installcheck \ ++ installcheck-am installdirs maintainer-clean \ ++ maintainer-clean-generic mostlyclean mostlyclean-compile \ ++ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ ++ tags uninstall uninstall-am ++ ++#TESTS = testsrn ++ ++# Tell versions [3.59,3.63) of GNU make to not export all variables. ++# Otherwise a system limit (for SysV at least) may be exceeded. ++.NOEXPORT: +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/params.dh 2013-09-26 +@@ -0,0 +1,35 @@ ++ ++Generator: 05 ++ ++Prime: c9:e9:2d:fc:94:15:1a:10:4f:3c:b5:16 ++ 7e:34:10:7d:eb:3d:d5:7d:61:ff:b0:ce ++ da:7f:6e:0c:ea:db:b4:87:f6:c6:34:a8 ++ 3c:f8:84:52:14:59:ab:17:5c:d0:f0:86 ++ c4:02:93:dc:09:83:57:16:98:21:d0:42 ++ 8e:33:fc:48:69:e6:04:0d:4e:50:09:33 ++ 2e:28:60:4f:05:08:7c:ce:2f:a6:1a:4c ++ 41:d1:a3:dd:f6:37:56:44:1d:b0:54:af ++ f7:4a:a0:c2:19:5d:ce:62:b0:7a:1b:e1 ++ 5c:7f:bb:4d:7e:9e:28:48:00:a4:9a:86 ++ 3e:6e:6e:9c:57:41:c7:ec:bf:7f:09:fc ++ da:25:c2:1e:e0:52:dc:65:8c:40:a3:6e ++ bd:99:4e:0b:1a:04:e0:23:20:46:5a:d0 ++ 3f:b3:a4:d6:76:73:b7:cc:61:33:11:54 ++ a6:32:ff:94:08:d5:66:36:fd:99:69:21 ++ cc:28:5d:11:52:32:48:b6:a5:b5:c3:b0 ++ 21:3f:f9:69:25:83:b1:3d:79:a6:ed:ae ++ db:95:62:fc:72:ca:ad:46:fc:b6:b1:ea ++ 98:68:97:ba:f2:54:aa:86:ed:62:b1:78 ++ 5f:d5:19:80:ce:41:ee:98:a1:71:9f:fa ++ 5b:6b:d8:5e:7e:b3:18:0a:f0:4c:96:76 ++ 6c:0c:b0:a3 ++ ++ ++-----BEGIN DH PARAMETERS----- ++MIIBCAKCAQEAyekt/JQVGhBPPLUWfjQQfes91X1h/7DO2n9uDOrbtIf2xjSoPPiE ++UhRZqxdc0PCGxAKT3AmDVxaYIdBCjjP8SGnmBA1OUAkzLihgTwUIfM4vphpMQdGj ++3fY3VkQdsFSv90qgwhldzmKwehvhXH+7TX6eKEgApJqGPm5unFdBx+y/fwn82iXC ++HuBS3GWMQKNuvZlOCxoE4CMgRlrQP7Ok1nZzt8xhMxFUpjL/lAjVZjb9mWkhzChd ++EVIySLaltcOwIT/5aSWDsT15pu2u25Vi/HLKrUb8trHqmGiXuvJUqobtYrF4X9UZ ++gM5B7pihcZ/6W2vYXn6zGArwTJZ2bAywowIBBQ== ++-----END DH PARAMETERS----- +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/README 2013-09-26 +@@ -0,0 +1,93 @@ ++Testing safe renegotiation is relatively complex, here is a summary of ++what we test and what how we believe it should work. ++ ++ Client setting ++ Server setting ++ Initial handshake outcome ++ Rehandshake outcome ++srn0.c ++ ++ This tests that the safe renegotiation extension is negotiated ++ properly by default on initial connections and on rehandshaked ++ connections. Consequently, it also verifies that rehandshaked ++ connections work with the extension enabled. ++ ++ NORMAL ++ NORMAL ++ OK ++ OK ++ ++srn1.c ++ ++ This tests that clients without support for safe renegotiation is ++ able to handshake against servers with support, but not able to ++ rehandshake (server will refuse rehandshake). ++ ++ NORMAL:%DISABLE_SAFE_RENEGOTIATION ++ NORMAL ++ OK ++ Server refuses ++ ++srn2.c ++ ++ This tests that clients with support for safe renegotiation is able ++ to handshake against servers without support, but not able to ++ rehandshake (client will refuse rehandshake). ++ ++ NORMAL ++ NORMAL:%DISABLE_SAFE_RENEGOTIATION ++ OK ++ Client refuses ++ ++srn3.c ++ ++ This tests that a %SAFE_RENEGOTIATION client will reject handshakes ++ against servers that do not support the extension (server uses ++ %DISABLE_SAFE_RENEGOTIATION). ++ ++ NORMAL:%SAFE_RENEGOTIATION ++ NORMAL:%DISABLE_SAFE_RENEGOTIATION ++ Client refuses ++ N/A ++ ++srn4.c ++ ++ This tests that a %SAFE_RENEGOTIATION server will reject handshakes ++ against clients that do not support the extension. ++ ++ NORMAL:%DISABLE_SAFE_RENEGOTIATION ++ NORMAL:%SAFE_RENEGOTIATION ++ Server refuses ++ N/A ++ ++srn5.c ++ ++ This tests that a client with a permissive policy ++ (%UNSAFE_RENEGOTIATION) is able to handshake and rehandshake with a ++ server with no support for the extension. ++ ++ NORMAL:%DISABLE_SAFE_RENEGOTIATION ++ NORMAL:%UNSAFE_RENEGOTIATION ++ OK ++ OK ++ ++srn6.c ++ ++ This tests that a server with a permissive policy ++ (%UNSAFE_RENEGOTIATION) is able to handshake and rehandshake with a ++ client with no support for the extension. ++ ++ NORMAL:%UNSAFE_RENEGOTIATION ++ NORMAL:%DISABLE_SAFE_RENEGOTIATION ++ OK ++ OK ++ ++srn7.c ++ ++ This tests that clients and servers in %SAFE_RENEGOTIATION mode are ++ able to handshake and rehandshake. ++ ++ NORMAL:%SAFE_RENEGOTIATION ++ NORMAL:%SAFE_RENEGOTIATION ++ OK ++ OK +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/srn0.c 2013-09-26 +@@ -0,0 +1,338 @@ ++/* ++ * Copyright (C) 2008, 2010 Free Software Foundation, Inc. ++ * ++ * Author: Simon Josefsson ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ */ ++ ++/* Code based on ../mini-x509-rehandshake.c. ++ * ++ * This tests that the safe renegotiation extension is negotiated ++ * properly by default on initial connections and on rehandshaked ++ * connections. Consequently, it also verifies that rehandshaked ++ * connections work with the extension enabled. ++ */ ++ ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <errno.h> ++#include <gnutls/gnutls.h> ++ ++static void ++tls_log_func (int level, const char *str) ++{ ++ fprintf (stderr, "|<%d>| %s", level, str); ++} ++ ++static char *to_server; ++static size_t to_server_len; ++ ++static char *to_client; ++static size_t to_client_len; ++ ++static ssize_t ++client_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_client_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_client, len); ++ ++ memmove (to_client, to_client + len, to_client_len - len); ++ to_client_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++client_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_server_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_server, newlen); ++ if (!tmp) ++ abort (); ++ to_server = tmp; ++ ++ memcpy (to_server + to_server_len, data, len); ++ to_server_len = newlen; ++ ++ return len; ++} ++ ++static ssize_t ++server_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_server_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_server, len); ++ ++ memmove (to_server, to_server + len, to_server_len - len); ++ to_server_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++server_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_client_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_client, newlen); ++ if (!tmp) ++ abort (); ++ to_client = tmp; ++ ++ memcpy (to_client + to_client_len, data, len); ++ to_client_len = newlen; ++ ++ return len; ++} ++ ++static unsigned char server_cert_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" ++ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" ++ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" ++ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" ++ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" ++ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" ++ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" ++ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" ++ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" ++ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" ++ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" ++ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" ++ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; ++ ++const gnutls_datum_t server_cert = { server_cert_pem, ++ sizeof (server_cert_pem) ++}; ++ ++static unsigned char server_key_pem[] = ++ "-----BEGIN RSA PRIVATE KEY-----\n" ++ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" ++ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" ++ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" ++ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" ++ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" ++ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" ++ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" ++ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" ++ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" ++ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" ++ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" ++ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" ++ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" ++ "-----END RSA PRIVATE KEY-----\n"; ++ ++const gnutls_datum_t server_key = { server_key_pem, ++ sizeof (server_key_pem) ++}; ++ ++int ++main (int argc, char *argv[]) ++{ ++ int debug_level = argc - 1; ++ int exit_code = EXIT_SUCCESS; ++ /* Server stuff. */ ++ gnutls_certificate_credentials_t serverx509cred; ++ gnutls_session_t server; ++ int sret = GNUTLS_E_AGAIN; ++ /* Client stuff. */ ++ gnutls_certificate_credentials_t clientx509cred; ++ gnutls_session_t client; ++ int cret = GNUTLS_E_AGAIN; ++ ++ /* General init. */ ++ gnutls_global_init (); ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (debug_level); ++ ++ /* Init server */ ++ gnutls_certificate_allocate_credentials (&serverx509cred); ++ gnutls_certificate_set_x509_key_mem (serverx509cred, ++ &server_cert, &server_key, ++ GNUTLS_X509_FMT_PEM); ++ gnutls_init (&server, GNUTLS_SERVER); ++ gnutls_credentials_set (server, GNUTLS_CRD_CERTIFICATE, serverx509cred); ++ gnutls_priority_set_direct (server, "NORMAL", NULL); ++ gnutls_transport_set_push_function (server, server_push); ++ gnutls_transport_set_pull_function (server, server_pull); ++ ++ /* Init client */ ++ gnutls_certificate_allocate_credentials (&clientx509cred); ++ gnutls_init (&client, GNUTLS_CLIENT); ++ gnutls_credentials_set (client, GNUTLS_CRD_CERTIFICATE, clientx509cred); ++ gnutls_priority_set_direct (client, "NORMAL", NULL); ++ gnutls_transport_set_push_function (client, client_push); ++ gnutls_transport_set_pull_function (client, client_pull); ++ ++ /* Check that initially no session use the extension. */ ++ if (gnutls_safe_renegotiation_status (server) ++ || gnutls_safe_renegotiation_status (client)) ++ { ++ puts ("Client or server using extension before handshake?"); ++ abort (); ++ } ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = EXIT_FAILURE; ++ ++ if (!gnutls_safe_renegotiation_status (client) || ++ !gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Session not using safe renegotiation!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ sret = gnutls_rehandshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_rehandshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ ++ { ++ ssize_t n; ++ char b[1]; ++ n = gnutls_record_recv (client, b, 1); ++ if (n != GNUTLS_E_REHANDSHAKE) ++ abort (); ++ } ++ ++ cret = GNUTLS_E_AGAIN; ++ sret = GNUTLS_E_AGAIN; ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = 1; ++ ++ if (!gnutls_safe_renegotiation_status (client) || ++ !gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, ++ "Rehandshaked session not using safe renegotiation!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ gnutls_bye (client, GNUTLS_SHUT_RDWR); ++ gnutls_bye (server, GNUTLS_SHUT_RDWR); ++ ++ gnutls_deinit (client); ++ gnutls_deinit (server); ++ ++ free (to_server); ++ free (to_client); ++ ++ gnutls_certificate_free_credentials (serverx509cred); ++ ++ gnutls_global_deinit (); ++ ++ if (debug_level > 0) ++ { ++ if (exit_code == 0) ++ puts ("Self-test successful"); ++ else ++ puts ("Self-test failed"); ++ } ++ ++ return exit_code; ++} +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/srn1.c 2013-09-26 +@@ -0,0 +1,341 @@ ++/* ++ * Copyright (C) 2008, 2010 Free Software Foundation, Inc. ++ * ++ * Author: Simon Josefsson ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ */ ++ ++/* Code based on ./srn0.c. ++ * ++ * This tests that clients without support for safe renegotiation is ++ * able to handshake against servers with support, but not able to ++ * rehandshake (server will refuse rehandshake). ++ */ ++ ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <errno.h> ++#include <gnutls/gnutls.h> ++ ++static void ++tls_log_func (int level, const char *str) ++{ ++ fprintf (stderr, "|<%d>| %s", level, str); ++} ++ ++static char *to_server; ++static size_t to_server_len; ++ ++static char *to_client; ++static size_t to_client_len; ++ ++static ssize_t ++client_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_client_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_client, len); ++ ++ memmove (to_client, to_client + len, to_client_len - len); ++ to_client_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++client_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_server_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_server, newlen); ++ if (!tmp) ++ abort (); ++ to_server = tmp; ++ ++ memcpy (to_server + to_server_len, data, len); ++ to_server_len = newlen; ++ ++ return len; ++} ++ ++static ssize_t ++server_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_server_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_server, len); ++ ++ memmove (to_server, to_server + len, to_server_len - len); ++ to_server_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++server_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_client_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_client, newlen); ++ if (!tmp) ++ abort (); ++ to_client = tmp; ++ ++ memcpy (to_client + to_client_len, data, len); ++ to_client_len = newlen; ++ ++ return len; ++} ++ ++static unsigned char server_cert_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" ++ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" ++ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" ++ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" ++ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" ++ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" ++ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" ++ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" ++ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" ++ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" ++ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" ++ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" ++ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; ++ ++const gnutls_datum_t server_cert = { server_cert_pem, ++ sizeof (server_cert_pem) ++}; ++ ++static unsigned char server_key_pem[] = ++ "-----BEGIN RSA PRIVATE KEY-----\n" ++ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" ++ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" ++ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" ++ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" ++ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" ++ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" ++ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" ++ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" ++ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" ++ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" ++ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" ++ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" ++ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" ++ "-----END RSA PRIVATE KEY-----\n"; ++ ++const gnutls_datum_t server_key = { server_key_pem, ++ sizeof (server_key_pem) ++}; ++ ++int ++main (int argc, char *argv[]) ++{ ++ int debug_level = argc - 1; ++ int exit_code = EXIT_SUCCESS; ++ /* Server stuff. */ ++ gnutls_certificate_credentials_t serverx509cred; ++ gnutls_session_t server; ++ int sret = GNUTLS_E_AGAIN; ++ /* Client stuff. */ ++ gnutls_certificate_credentials_t clientx509cred; ++ gnutls_session_t client; ++ int cret = GNUTLS_E_AGAIN; ++ ++ /* General init. */ ++ gnutls_global_init (); ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (debug_level); ++ ++ /* Init server */ ++ gnutls_certificate_allocate_credentials (&serverx509cred); ++ gnutls_certificate_set_x509_key_mem (serverx509cred, ++ &server_cert, &server_key, ++ GNUTLS_X509_FMT_PEM); ++ gnutls_init (&server, GNUTLS_SERVER); ++ gnutls_credentials_set (server, GNUTLS_CRD_CERTIFICATE, serverx509cred); ++ gnutls_priority_set_direct (server, "NORMAL", NULL); ++ gnutls_transport_set_push_function (server, server_push); ++ gnutls_transport_set_pull_function (server, server_pull); ++ ++ /* Init client */ ++ gnutls_certificate_allocate_credentials (&clientx509cred); ++ gnutls_init (&client, GNUTLS_CLIENT); ++ gnutls_credentials_set (client, GNUTLS_CRD_CERTIFICATE, clientx509cred); ++ gnutls_priority_set_direct (client, "NORMAL:%DISABLE_SAFE_RENEGOTIATION", ++ NULL); ++ gnutls_transport_set_push_function (client, client_push); ++ gnutls_transport_set_pull_function (client, client_pull); ++ ++ /* Check that initially no session use the extension. */ ++ if (gnutls_safe_renegotiation_status (server) ++ || gnutls_safe_renegotiation_status (client)) ++ { ++ puts ("Client or server using extension before handshake?"); ++ abort (); ++ } ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = EXIT_FAILURE; ++ ++ if (gnutls_safe_renegotiation_status (client) || ++ gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Session using safe renegotiation but shouldn't?!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ sret = gnutls_rehandshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_rehandshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ ++ { ++ ssize_t n; ++ char b[1]; ++ n = gnutls_record_recv (client, b, 1); ++ if (n != GNUTLS_E_REHANDSHAKE) ++ abort (); ++ } ++ ++ cret = GNUTLS_E_AGAIN; ++ sret = GNUTLS_E_AGAIN; ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED) ++ break; ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS ++ && sret != GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED) ++ exit_code = 1; ++ ++ if (gnutls_safe_renegotiation_status (client) || ++ gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Rehandshaked worked and uses safe reneg?!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ gnutls_bye (client, GNUTLS_SHUT_RDWR); ++ gnutls_bye (server, GNUTLS_SHUT_RDWR); ++ ++ gnutls_deinit (client); ++ gnutls_deinit (server); ++ ++ free (to_server); ++ free (to_client); ++ ++ gnutls_certificate_free_credentials (serverx509cred); ++ ++ gnutls_global_deinit (); ++ ++ if (debug_level > 0) ++ { ++ if (exit_code == 0) ++ puts ("Self-test successful"); ++ else ++ puts ("Self-test failed"); ++ } ++ ++ return exit_code; ++} +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/srn2.c 2013-09-26 +@@ -0,0 +1,341 @@ ++/* ++ * Copyright (C) 2008, 2010 Free Software Foundation, Inc. ++ * ++ * Author: Simon Josefsson ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ */ ++ ++/* Code based on ./srn1.c. ++ * ++ * This tests that clients with support for safe renegotiation is able ++ * to handshake against servers without support, but not able to ++ * rehandshake (client will refuse rehandshake). ++ */ ++ ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <errno.h> ++#include <gnutls/gnutls.h> ++ ++static void ++tls_log_func (int level, const char *str) ++{ ++ fprintf (stderr, "|<%d>| %s", level, str); ++} ++ ++static char *to_server; ++static size_t to_server_len; ++ ++static char *to_client; ++static size_t to_client_len; ++ ++static ssize_t ++client_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_client_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_client, len); ++ ++ memmove (to_client, to_client + len, to_client_len - len); ++ to_client_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++client_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_server_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_server, newlen); ++ if (!tmp) ++ abort (); ++ to_server = tmp; ++ ++ memcpy (to_server + to_server_len, data, len); ++ to_server_len = newlen; ++ ++ return len; ++} ++ ++static ssize_t ++server_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_server_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_server, len); ++ ++ memmove (to_server, to_server + len, to_server_len - len); ++ to_server_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++server_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_client_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_client, newlen); ++ if (!tmp) ++ abort (); ++ to_client = tmp; ++ ++ memcpy (to_client + to_client_len, data, len); ++ to_client_len = newlen; ++ ++ return len; ++} ++ ++static unsigned char server_cert_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" ++ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" ++ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" ++ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" ++ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" ++ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" ++ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" ++ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" ++ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" ++ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" ++ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" ++ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" ++ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; ++ ++const gnutls_datum_t server_cert = { server_cert_pem, ++ sizeof (server_cert_pem) ++}; ++ ++static unsigned char server_key_pem[] = ++ "-----BEGIN RSA PRIVATE KEY-----\n" ++ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" ++ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" ++ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" ++ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" ++ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" ++ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" ++ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" ++ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" ++ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" ++ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" ++ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" ++ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" ++ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" ++ "-----END RSA PRIVATE KEY-----\n"; ++ ++const gnutls_datum_t server_key = { server_key_pem, ++ sizeof (server_key_pem) ++}; ++ ++int ++main (int argc, char *argv[]) ++{ ++ int debug_level = argc - 1; ++ int exit_code = EXIT_SUCCESS; ++ /* Server stuff. */ ++ gnutls_certificate_credentials_t serverx509cred; ++ gnutls_session_t server; ++ int sret = GNUTLS_E_AGAIN; ++ /* Client stuff. */ ++ gnutls_certificate_credentials_t clientx509cred; ++ gnutls_session_t client; ++ int cret = GNUTLS_E_AGAIN; ++ ++ /* General init. */ ++ gnutls_global_init (); ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (debug_level); ++ ++ /* Init server */ ++ gnutls_certificate_allocate_credentials (&serverx509cred); ++ gnutls_certificate_set_x509_key_mem (serverx509cred, ++ &server_cert, &server_key, ++ GNUTLS_X509_FMT_PEM); ++ gnutls_init (&server, GNUTLS_SERVER); ++ gnutls_credentials_set (server, GNUTLS_CRD_CERTIFICATE, serverx509cred); ++ gnutls_priority_set_direct (server, "NORMAL:%DISABLE_SAFE_RENEGOTIATION", ++ NULL); ++ gnutls_transport_set_push_function (server, server_push); ++ gnutls_transport_set_pull_function (server, server_pull); ++ ++ /* Init client */ ++ gnutls_certificate_allocate_credentials (&clientx509cred); ++ gnutls_init (&client, GNUTLS_CLIENT); ++ gnutls_credentials_set (client, GNUTLS_CRD_CERTIFICATE, clientx509cred); ++ gnutls_priority_set_direct (client, "NORMAL", NULL); ++ gnutls_transport_set_push_function (client, client_push); ++ gnutls_transport_set_pull_function (client, client_pull); ++ ++ /* Check that initially no session use the extension. */ ++ if (gnutls_safe_renegotiation_status (server) ++ || gnutls_safe_renegotiation_status (client)) ++ { ++ puts ("Client or server using extension before handshake?"); ++ abort (); ++ } ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = EXIT_FAILURE; ++ ++ if (gnutls_safe_renegotiation_status (client) || ++ gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Session using safe renegotiation but shouldn't?!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ sret = gnutls_rehandshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_rehandshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ ++ { ++ ssize_t n; ++ char b[1]; ++ n = gnutls_record_recv (client, b, 1); ++ if (n != GNUTLS_E_REHANDSHAKE) ++ abort (); ++ } ++ ++ cret = GNUTLS_E_AGAIN; ++ sret = GNUTLS_E_AGAIN; ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (cret == GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED) ++ break; ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_UNSAFE_RENEGOTIATION_DENIED ++ && sret != GNUTLS_E_SUCCESS) ++ exit_code = 1; ++ ++ if (gnutls_safe_renegotiation_status (client) || ++ gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Rehandshaked worked and uses safe reneg?!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ gnutls_bye (client, GNUTLS_SHUT_RDWR); ++ gnutls_bye (server, GNUTLS_SHUT_RDWR); ++ ++ gnutls_deinit (client); ++ gnutls_deinit (server); ++ ++ free (to_server); ++ free (to_client); ++ ++ gnutls_certificate_free_credentials (serverx509cred); ++ ++ gnutls_global_deinit (); ++ ++ if (debug_level > 0) ++ { ++ if (exit_code == 0) ++ puts ("Self-test successful"); ++ else ++ puts ("Self-test failed"); ++ } ++ ++ return exit_code; ++} +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/srn3.c 2013-09-26 +@@ -0,0 +1,264 @@ ++/* ++ * Copyright (C) 2008, 2010 Free Software Foundation, Inc. ++ * ++ * Author: Simon Josefsson ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ */ ++ ++/* Code based on ../mini-x509.c. ++ * ++ * This tests that a %SAFE_RENEGOTIATION client will reject handshakes ++ * against servers that do not support the extension (server uses ++ * %DISABLE_SAFE_RENEGOTIATION). ++ */ ++ ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <errno.h> ++#include <gnutls/gnutls.h> ++ ++static void ++tls_log_func (int level, const char *str) ++{ ++ fprintf (stderr, "|<%d>| %s", level, str); ++} ++ ++static char *to_server; ++static size_t to_server_len; ++ ++static char *to_client; ++static size_t to_client_len; ++ ++static ssize_t ++client_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_client_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_client, len); ++ ++ memmove (to_client, to_client + len, to_client_len - len); ++ to_client_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++client_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_server_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_server, newlen); ++ if (!tmp) ++ abort (); ++ to_server = tmp; ++ ++ memcpy (to_server + to_server_len, data, len); ++ to_server_len = newlen; ++ ++ return len; ++} ++ ++static ssize_t ++server_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_server_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_server, len); ++ ++ memmove (to_server, to_server + len, to_server_len - len); ++ to_server_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++server_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_client_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_client, newlen); ++ if (!tmp) ++ abort (); ++ to_client = tmp; ++ ++ memcpy (to_client + to_client_len, data, len); ++ to_client_len = newlen; ++ ++ return len; ++} ++ ++static unsigned char server_cert_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" ++ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" ++ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" ++ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" ++ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" ++ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" ++ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" ++ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" ++ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" ++ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" ++ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" ++ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" ++ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; ++ ++const gnutls_datum_t server_cert = { server_cert_pem, ++ sizeof (server_cert_pem) ++}; ++ ++static unsigned char server_key_pem[] = ++ "-----BEGIN RSA PRIVATE KEY-----\n" ++ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" ++ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" ++ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" ++ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" ++ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" ++ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" ++ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" ++ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" ++ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" ++ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" ++ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" ++ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" ++ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" ++ "-----END RSA PRIVATE KEY-----\n"; ++ ++const gnutls_datum_t server_key = { server_key_pem, ++ sizeof (server_key_pem) ++}; ++ ++int ++main (int argc, char *argv[]) ++{ ++ int debug_level = argc - 1; ++ int exit_code = EXIT_SUCCESS; ++ /* Server stuff. */ ++ gnutls_certificate_credentials_t serverx509cred; ++ gnutls_session_t server; ++ int sret = GNUTLS_E_AGAIN; ++ /* Client stuff. */ ++ gnutls_certificate_credentials_t clientx509cred; ++ gnutls_session_t client; ++ int cret = GNUTLS_E_AGAIN; ++ ++ /* General init. */ ++ gnutls_global_init (); ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (debug_level); ++ ++ /* Init server */ ++ gnutls_certificate_allocate_credentials (&serverx509cred); ++ gnutls_certificate_set_x509_key_mem (serverx509cred, ++ &server_cert, &server_key, ++ GNUTLS_X509_FMT_PEM); ++ gnutls_init (&server, GNUTLS_SERVER); ++ gnutls_credentials_set (server, GNUTLS_CRD_CERTIFICATE, serverx509cred); ++ gnutls_priority_set_direct (server, "NORMAL:%DISABLE_SAFE_RENEGOTIATION", ++ NULL); ++ gnutls_transport_set_push_function (server, server_push); ++ gnutls_transport_set_pull_function (server, server_pull); ++ ++ /* Init client */ ++ gnutls_certificate_allocate_credentials (&clientx509cred); ++ gnutls_init (&client, GNUTLS_CLIENT); ++ gnutls_credentials_set (client, GNUTLS_CRD_CERTIFICATE, clientx509cred); ++ gnutls_priority_set_direct (client, "NORMAL:%SAFE_RENEGOTIATION", NULL); ++ gnutls_transport_set_push_function (client, client_push); ++ gnutls_transport_set_pull_function (client, client_pull); ++ ++ /* Check that initially no session use the extension. */ ++ if (gnutls_safe_renegotiation_status (server) ++ || gnutls_safe_renegotiation_status (client)) ++ { ++ puts ("Client or server using extension before handshake?"); ++ abort (); ++ } ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ((cret == GNUTLS_E_AGAIN || cret == GNUTLS_E_SUCCESS) ++ && (sret == GNUTLS_E_AGAIN || sret == GNUTLS_E_SUCCESS)); ++ ++ if (cret != GNUTLS_E_SAFE_RENEGOTIATION_FAILED && sret != GNUTLS_E_SUCCESS) ++ exit_code = EXIT_FAILURE; ++ ++ gnutls_bye (client, GNUTLS_SHUT_RDWR); ++ gnutls_bye (server, GNUTLS_SHUT_RDWR); ++ ++ gnutls_deinit (client); ++ gnutls_deinit (server); ++ ++ free (to_server); ++ free (to_client); ++ ++ gnutls_certificate_free_credentials (serverx509cred); ++ ++ gnutls_global_deinit (); ++ ++ if (debug_level > 0) ++ { ++ if (exit_code == 0) ++ puts ("Self-test successful"); ++ else ++ puts ("Self-test failed"); ++ } ++ ++ return exit_code; ++} +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/srn4.c 2013-09-26 +@@ -0,0 +1,263 @@ ++/* ++ * Copyright (C) 2008, 2010 Free Software Foundation, Inc. ++ * ++ * Author: Simon Josefsson ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ */ ++ ++/* Code based on ../mini-x509.c. ++ * ++ * This tests that a %SAFE_RENEGOTIATION server will reject handshakes ++ * against clients that do not support the extension. ++ */ ++ ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <errno.h> ++#include <gnutls/gnutls.h> ++ ++static void ++tls_log_func (int level, const char *str) ++{ ++ fprintf (stderr, "|<%d>| %s", level, str); ++} ++ ++static char *to_server; ++static size_t to_server_len; ++ ++static char *to_client; ++static size_t to_client_len; ++ ++static ssize_t ++client_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_client_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_client, len); ++ ++ memmove (to_client, to_client + len, to_client_len - len); ++ to_client_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++client_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_server_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_server, newlen); ++ if (!tmp) ++ abort (); ++ to_server = tmp; ++ ++ memcpy (to_server + to_server_len, data, len); ++ to_server_len = newlen; ++ ++ return len; ++} ++ ++static ssize_t ++server_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_server_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_server, len); ++ ++ memmove (to_server, to_server + len, to_server_len - len); ++ to_server_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++server_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_client_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_client, newlen); ++ if (!tmp) ++ abort (); ++ to_client = tmp; ++ ++ memcpy (to_client + to_client_len, data, len); ++ to_client_len = newlen; ++ ++ return len; ++} ++ ++static unsigned char server_cert_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" ++ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" ++ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" ++ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" ++ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" ++ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" ++ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" ++ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" ++ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" ++ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" ++ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" ++ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" ++ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; ++ ++const gnutls_datum_t server_cert = { server_cert_pem, ++ sizeof (server_cert_pem) ++}; ++ ++static unsigned char server_key_pem[] = ++ "-----BEGIN RSA PRIVATE KEY-----\n" ++ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" ++ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" ++ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" ++ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" ++ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" ++ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" ++ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" ++ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" ++ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" ++ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" ++ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" ++ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" ++ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" ++ "-----END RSA PRIVATE KEY-----\n"; ++ ++const gnutls_datum_t server_key = { server_key_pem, ++ sizeof (server_key_pem) ++}; ++ ++int ++main (int argc, char *argv[]) ++{ ++ int debug_level = argc - 1; ++ int exit_code = EXIT_SUCCESS; ++ /* Server stuff. */ ++ gnutls_certificate_credentials_t serverx509cred; ++ gnutls_session_t server; ++ int sret = GNUTLS_E_AGAIN; ++ /* Client stuff. */ ++ gnutls_certificate_credentials_t clientx509cred; ++ gnutls_session_t client; ++ int cret = GNUTLS_E_AGAIN; ++ ++ /* General init. */ ++ gnutls_global_init (); ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (debug_level); ++ ++ /* Init server */ ++ gnutls_certificate_allocate_credentials (&serverx509cred); ++ gnutls_certificate_set_x509_key_mem (serverx509cred, ++ &server_cert, &server_key, ++ GNUTLS_X509_FMT_PEM); ++ gnutls_init (&server, GNUTLS_SERVER); ++ gnutls_credentials_set (server, GNUTLS_CRD_CERTIFICATE, serverx509cred); ++ gnutls_priority_set_direct (server, "NORMAL:%SAFE_RENEGOTIATION", NULL); ++ gnutls_transport_set_push_function (server, server_push); ++ gnutls_transport_set_pull_function (server, server_pull); ++ ++ /* Init client */ ++ gnutls_certificate_allocate_credentials (&clientx509cred); ++ gnutls_init (&client, GNUTLS_CLIENT); ++ gnutls_credentials_set (client, GNUTLS_CRD_CERTIFICATE, clientx509cred); ++ gnutls_priority_set_direct (client, "NORMAL:%DISABLE_SAFE_RENEGOTIATION", ++ NULL); ++ gnutls_transport_set_push_function (client, client_push); ++ gnutls_transport_set_pull_function (client, client_pull); ++ ++ /* Check that initially no session use the extension. */ ++ if (gnutls_safe_renegotiation_status (server) ++ || gnutls_safe_renegotiation_status (client)) ++ { ++ puts ("Client or server using extension before handshake?"); ++ abort (); ++ } ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ((cret == GNUTLS_E_AGAIN || cret == GNUTLS_E_SUCCESS) ++ && (sret == GNUTLS_E_AGAIN || sret == GNUTLS_E_SUCCESS)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SAFE_RENEGOTIATION_FAILED) ++ exit_code = EXIT_FAILURE; ++ ++ gnutls_bye (client, GNUTLS_SHUT_RDWR); ++ gnutls_bye (server, GNUTLS_SHUT_RDWR); ++ ++ gnutls_deinit (client); ++ gnutls_deinit (server); ++ ++ free (to_server); ++ free (to_client); ++ ++ gnutls_certificate_free_credentials (serverx509cred); ++ ++ gnutls_global_deinit (); ++ ++ if (debug_level > 0) ++ { ++ if (exit_code == 0) ++ puts ("Self-test successful"); ++ else ++ puts ("Self-test failed"); ++ } ++ ++ return exit_code; ++} +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/srn5.c 2013-09-26 +@@ -0,0 +1,337 @@ ++/* ++ * Copyright (C) 2008, 2010 Free Software Foundation, Inc. ++ * ++ * Author: Simon Josefsson ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ */ ++ ++/* Code based on ./srn0.c. ++ * ++ * This tests that a client with a permissive policy ++ * (%UNSAFE_RENEGOTIATION) is able to handshake and rehandshake with a ++ * server with no support for the extension. ++ */ ++ ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <errno.h> ++#include <gnutls/gnutls.h> ++ ++static void ++tls_log_func (int level, const char *str) ++{ ++ fprintf (stderr, "|<%d>| %s", level, str); ++} ++ ++static char *to_server; ++static size_t to_server_len; ++ ++static char *to_client; ++static size_t to_client_len; ++ ++static ssize_t ++client_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_client_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_client, len); ++ ++ memmove (to_client, to_client + len, to_client_len - len); ++ to_client_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++client_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_server_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_server, newlen); ++ if (!tmp) ++ abort (); ++ to_server = tmp; ++ ++ memcpy (to_server + to_server_len, data, len); ++ to_server_len = newlen; ++ ++ return len; ++} ++ ++static ssize_t ++server_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_server_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_server, len); ++ ++ memmove (to_server, to_server + len, to_server_len - len); ++ to_server_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++server_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_client_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_client, newlen); ++ if (!tmp) ++ abort (); ++ to_client = tmp; ++ ++ memcpy (to_client + to_client_len, data, len); ++ to_client_len = newlen; ++ ++ return len; ++} ++ ++static unsigned char server_cert_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" ++ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" ++ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" ++ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" ++ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" ++ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" ++ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" ++ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" ++ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" ++ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" ++ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" ++ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" ++ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; ++ ++const gnutls_datum_t server_cert = { server_cert_pem, ++ sizeof (server_cert_pem) ++}; ++ ++static unsigned char server_key_pem[] = ++ "-----BEGIN RSA PRIVATE KEY-----\n" ++ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" ++ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" ++ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" ++ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" ++ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" ++ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" ++ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" ++ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" ++ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" ++ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" ++ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" ++ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" ++ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" ++ "-----END RSA PRIVATE KEY-----\n"; ++ ++const gnutls_datum_t server_key = { server_key_pem, ++ sizeof (server_key_pem) ++}; ++ ++int ++main (int argc, char *argv[]) ++{ ++ int debug_level = argc - 1; ++ int exit_code = EXIT_SUCCESS; ++ /* Server stuff. */ ++ gnutls_certificate_credentials_t serverx509cred; ++ gnutls_session_t server; ++ int sret = GNUTLS_E_AGAIN; ++ /* Client stuff. */ ++ gnutls_certificate_credentials_t clientx509cred; ++ gnutls_session_t client; ++ int cret = GNUTLS_E_AGAIN; ++ ++ /* General init. */ ++ gnutls_global_init (); ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (debug_level); ++ ++ /* Init server */ ++ gnutls_certificate_allocate_credentials (&serverx509cred); ++ gnutls_certificate_set_x509_key_mem (serverx509cred, ++ &server_cert, &server_key, ++ GNUTLS_X509_FMT_PEM); ++ gnutls_init (&server, GNUTLS_SERVER); ++ gnutls_credentials_set (server, GNUTLS_CRD_CERTIFICATE, serverx509cred); ++ gnutls_priority_set_direct (server, "NORMAL:%DISABLE_SAFE_RENEGOTIATION", ++ NULL); ++ gnutls_transport_set_push_function (server, server_push); ++ gnutls_transport_set_pull_function (server, server_pull); ++ ++ /* Init client */ ++ gnutls_certificate_allocate_credentials (&clientx509cred); ++ gnutls_init (&client, GNUTLS_CLIENT); ++ gnutls_credentials_set (client, GNUTLS_CRD_CERTIFICATE, clientx509cred); ++ gnutls_priority_set_direct (client, "NORMAL:%UNSAFE_RENEGOTIATION", NULL); ++ gnutls_transport_set_push_function (client, client_push); ++ gnutls_transport_set_pull_function (client, client_pull); ++ ++ /* Check that initially no session use the extension. */ ++ if (gnutls_safe_renegotiation_status (server) ++ || gnutls_safe_renegotiation_status (client)) ++ { ++ puts ("Client or server using extension before handshake?"); ++ abort (); ++ } ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = EXIT_FAILURE; ++ ++ if (gnutls_safe_renegotiation_status (client) || ++ gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Session using safe renegotiation?!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ sret = gnutls_rehandshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_rehandshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ ++ { ++ ssize_t n; ++ char b[1]; ++ n = gnutls_record_recv (client, b, 1); ++ if (n != GNUTLS_E_REHANDSHAKE) ++ abort (); ++ } ++ ++ cret = GNUTLS_E_AGAIN; ++ sret = GNUTLS_E_AGAIN; ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = 1; ++ ++ if (gnutls_safe_renegotiation_status (client) || ++ gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Rehandshaked using safe renegotiation?!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ gnutls_bye (client, GNUTLS_SHUT_RDWR); ++ gnutls_bye (server, GNUTLS_SHUT_RDWR); ++ ++ gnutls_deinit (client); ++ gnutls_deinit (server); ++ ++ free (to_server); ++ free (to_client); ++ ++ gnutls_certificate_free_credentials (serverx509cred); ++ ++ gnutls_global_deinit (); ++ ++ if (debug_level > 0) ++ { ++ if (exit_code == 0) ++ puts ("Self-test successful"); ++ else ++ puts ("Self-test failed"); ++ } ++ ++ return exit_code; ++} +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/srn6.c 2013-09-26 +@@ -0,0 +1,337 @@ ++/* ++ * Copyright (C) 2008, 2010 Free Software Foundation, Inc. ++ * ++ * Author: Simon Josefsson ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ */ ++ ++/* Code based on ./srn5.c. ++ * ++ * This tests that a server with a permissive policy ++ * (%UNSAFE_RENEGOTIATION) is able to handshake and rehandshake with a ++ * client with no support for the extension. ++ */ ++ ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <errno.h> ++#include <gnutls/gnutls.h> ++ ++static void ++tls_log_func (int level, const char *str) ++{ ++ fprintf (stderr, "|<%d>| %s", level, str); ++} ++ ++static char *to_server; ++static size_t to_server_len; ++ ++static char *to_client; ++static size_t to_client_len; ++ ++static ssize_t ++client_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_client_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_client, len); ++ ++ memmove (to_client, to_client + len, to_client_len - len); ++ to_client_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++client_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_server_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_server, newlen); ++ if (!tmp) ++ abort (); ++ to_server = tmp; ++ ++ memcpy (to_server + to_server_len, data, len); ++ to_server_len = newlen; ++ ++ return len; ++} ++ ++static ssize_t ++server_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_server_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_server, len); ++ ++ memmove (to_server, to_server + len, to_server_len - len); ++ to_server_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++server_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_client_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_client, newlen); ++ if (!tmp) ++ abort (); ++ to_client = tmp; ++ ++ memcpy (to_client + to_client_len, data, len); ++ to_client_len = newlen; ++ ++ return len; ++} ++ ++static unsigned char server_cert_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" ++ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" ++ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" ++ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" ++ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" ++ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" ++ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" ++ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" ++ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" ++ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" ++ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" ++ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" ++ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; ++ ++const gnutls_datum_t server_cert = { server_cert_pem, ++ sizeof (server_cert_pem) ++}; ++ ++static unsigned char server_key_pem[] = ++ "-----BEGIN RSA PRIVATE KEY-----\n" ++ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" ++ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" ++ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" ++ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" ++ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" ++ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" ++ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" ++ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" ++ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" ++ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" ++ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" ++ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" ++ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" ++ "-----END RSA PRIVATE KEY-----\n"; ++ ++const gnutls_datum_t server_key = { server_key_pem, ++ sizeof (server_key_pem) ++}; ++ ++int ++main (int argc, char *argv[]) ++{ ++ int debug_level = argc - 1; ++ int exit_code = EXIT_SUCCESS; ++ /* Server stuff. */ ++ gnutls_certificate_credentials_t serverx509cred; ++ gnutls_session_t server; ++ int sret = GNUTLS_E_AGAIN; ++ /* Client stuff. */ ++ gnutls_certificate_credentials_t clientx509cred; ++ gnutls_session_t client; ++ int cret = GNUTLS_E_AGAIN; ++ ++ /* General init. */ ++ gnutls_global_init (); ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (debug_level); ++ ++ /* Init server */ ++ gnutls_certificate_allocate_credentials (&serverx509cred); ++ gnutls_certificate_set_x509_key_mem (serverx509cred, ++ &server_cert, &server_key, ++ GNUTLS_X509_FMT_PEM); ++ gnutls_init (&server, GNUTLS_SERVER); ++ gnutls_credentials_set (server, GNUTLS_CRD_CERTIFICATE, serverx509cred); ++ gnutls_priority_set_direct (server, "NORMAL:%UNSAFE_RENEGOTIATION", NULL); ++ gnutls_transport_set_push_function (server, server_push); ++ gnutls_transport_set_pull_function (server, server_pull); ++ ++ /* Init client */ ++ gnutls_certificate_allocate_credentials (&clientx509cred); ++ gnutls_init (&client, GNUTLS_CLIENT); ++ gnutls_credentials_set (client, GNUTLS_CRD_CERTIFICATE, clientx509cred); ++ gnutls_priority_set_direct (client, "NORMAL:%DISABLE_SAFE_RENEGOTIATION", ++ NULL); ++ gnutls_transport_set_push_function (client, client_push); ++ gnutls_transport_set_pull_function (client, client_pull); ++ ++ /* Check that initially no session use the extension. */ ++ if (gnutls_safe_renegotiation_status (server) ++ || gnutls_safe_renegotiation_status (client)) ++ { ++ puts ("Client or server using extension before handshake?"); ++ abort (); ++ } ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = EXIT_FAILURE; ++ ++ if (gnutls_safe_renegotiation_status (client) || ++ gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Session using safe renegotiation?!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ sret = gnutls_rehandshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_rehandshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ ++ { ++ ssize_t n; ++ char b[1]; ++ n = gnutls_record_recv (client, b, 1); ++ if (n != GNUTLS_E_REHANDSHAKE) ++ abort (); ++ } ++ ++ cret = GNUTLS_E_AGAIN; ++ sret = GNUTLS_E_AGAIN; ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = 1; ++ ++ if (gnutls_safe_renegotiation_status (client) || ++ gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Rehandshaked using safe renegotiation?!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ gnutls_bye (client, GNUTLS_SHUT_RDWR); ++ gnutls_bye (server, GNUTLS_SHUT_RDWR); ++ ++ gnutls_deinit (client); ++ gnutls_deinit (server); ++ ++ free (to_server); ++ free (to_client); ++ ++ gnutls_certificate_free_credentials (serverx509cred); ++ ++ gnutls_global_deinit (); ++ ++ if (debug_level > 0) ++ { ++ if (exit_code == 0) ++ puts ("Self-test successful"); ++ else ++ puts ("Self-test failed"); ++ } ++ ++ return exit_code; ++} +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/srn7.c 2013-09-26 +@@ -0,0 +1,336 @@ ++/* ++ * Copyright (C) 2008, 2010 Free Software Foundation, Inc. ++ * ++ * Author: Simon Josefsson ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ */ ++ ++/* Code based on ../srn0.c. ++ * ++ * This tests that clients and servers in %SAFE_RENEGOTIATION mode are ++ * able to handshake and rehandshake. ++ */ ++ ++#ifdef HAVE_CONFIG_H ++# include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++#include <string.h> ++#include <errno.h> ++#include <gnutls/gnutls.h> ++ ++static void ++tls_log_func (int level, const char *str) ++{ ++ fprintf (stderr, "|<%d>| %s", level, str); ++} ++ ++static char *to_server; ++static size_t to_server_len; ++ ++static char *to_client; ++static size_t to_client_len; ++ ++static ssize_t ++client_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_client_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_client, len); ++ ++ memmove (to_client, to_client + len, to_client_len - len); ++ to_client_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++client_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_server_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_server, newlen); ++ if (!tmp) ++ abort (); ++ to_server = tmp; ++ ++ memcpy (to_server + to_server_len, data, len); ++ to_server_len = newlen; ++ ++ return len; ++} ++ ++static ssize_t ++server_pull (gnutls_transport_ptr_t tr, void *data, size_t len) ++{ ++ if (to_server_len < len) ++ { ++ gnutls_transport_set_global_errno (EAGAIN); ++ return -1; ++ } ++ ++ memcpy (data, to_server, len); ++ ++ memmove (to_server, to_server + len, to_server_len - len); ++ to_server_len -= len; ++ ++ return len; ++} ++ ++static ssize_t ++server_push (gnutls_transport_ptr_t tr, const void *data, size_t len) ++{ ++ size_t newlen = to_client_len + len; ++ char *tmp; ++ ++ tmp = realloc (to_client, newlen); ++ if (!tmp) ++ abort (); ++ to_client = tmp; ++ ++ memcpy (to_client + to_client_len, data, len); ++ to_client_len = newlen; ++ ++ return len; ++} ++ ++static unsigned char server_cert_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" ++ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" ++ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" ++ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" ++ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" ++ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" ++ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" ++ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" ++ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" ++ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" ++ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" ++ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" ++ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; ++ ++const gnutls_datum_t server_cert = { server_cert_pem, ++ sizeof (server_cert_pem) ++}; ++ ++static unsigned char server_key_pem[] = ++ "-----BEGIN RSA PRIVATE KEY-----\n" ++ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" ++ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" ++ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" ++ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" ++ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" ++ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" ++ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" ++ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" ++ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" ++ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" ++ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" ++ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" ++ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" ++ "-----END RSA PRIVATE KEY-----\n"; ++ ++const gnutls_datum_t server_key = { server_key_pem, ++ sizeof (server_key_pem) ++}; ++ ++int ++main (int argc, char *argv[]) ++{ ++ int debug_level = argc - 1; ++ int exit_code = EXIT_SUCCESS; ++ /* Server stuff. */ ++ gnutls_certificate_credentials_t serverx509cred; ++ gnutls_session_t server; ++ int sret = GNUTLS_E_AGAIN; ++ /* Client stuff. */ ++ gnutls_certificate_credentials_t clientx509cred; ++ gnutls_session_t client; ++ int cret = GNUTLS_E_AGAIN; ++ ++ /* General init. */ ++ gnutls_global_init (); ++ gnutls_global_set_log_function (tls_log_func); ++ gnutls_global_set_log_level (debug_level); ++ ++ /* Init server */ ++ gnutls_certificate_allocate_credentials (&serverx509cred); ++ gnutls_certificate_set_x509_key_mem (serverx509cred, ++ &server_cert, &server_key, ++ GNUTLS_X509_FMT_PEM); ++ gnutls_init (&server, GNUTLS_SERVER); ++ gnutls_credentials_set (server, GNUTLS_CRD_CERTIFICATE, serverx509cred); ++ gnutls_priority_set_direct (server, "NORMAL:%SAFE_RENEGOTIATION", NULL); ++ gnutls_transport_set_push_function (server, server_push); ++ gnutls_transport_set_pull_function (server, server_pull); ++ ++ /* Init client */ ++ gnutls_certificate_allocate_credentials (&clientx509cred); ++ gnutls_init (&client, GNUTLS_CLIENT); ++ gnutls_credentials_set (client, GNUTLS_CRD_CERTIFICATE, clientx509cred); ++ gnutls_priority_set_direct (client, "NORMAL:%SAFE_RENEGOTIATION", NULL); ++ gnutls_transport_set_push_function (client, client_push); ++ gnutls_transport_set_pull_function (client, client_pull); ++ ++ /* Check that initially no session use the extension. */ ++ if (gnutls_safe_renegotiation_status (server) ++ || gnutls_safe_renegotiation_status (client)) ++ { ++ puts ("Client or server using extension before handshake?"); ++ abort (); ++ } ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = EXIT_FAILURE; ++ ++ if (!gnutls_safe_renegotiation_status (client) || ++ !gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, "Session not using safe renegotiation!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ sret = gnutls_rehandshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "gnutls_rehandshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ ++ { ++ ssize_t n; ++ char b[1]; ++ n = gnutls_record_recv (client, b, 1); ++ if (n != GNUTLS_E_REHANDSHAKE) ++ abort (); ++ } ++ ++ cret = GNUTLS_E_AGAIN; ++ sret = GNUTLS_E_AGAIN; ++ ++ do ++ { ++ static int max_iter = 0; ++ if (max_iter++ > 10) ++ abort (); ++ ++ if (cret == GNUTLS_E_AGAIN) ++ { ++ cret = gnutls_handshake (client); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (client)...\n"); ++ tls_log_func (0, gnutls_strerror (cret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ ++ if (sret == GNUTLS_E_AGAIN) ++ { ++ sret = gnutls_handshake (server); ++ if (debug_level > 0) ++ { ++ tls_log_func (0, "second gnutls_handshake (server)...\n"); ++ tls_log_func (0, gnutls_strerror (sret)); ++ tls_log_func (0, "\n"); ++ } ++ } ++ } ++ while ( ++ /* Not done: */ ++ !(cret == GNUTLS_E_SUCCESS && sret == GNUTLS_E_SUCCESS) ++ /* No error: */ ++ && (cret == GNUTLS_E_AGAIN || sret == GNUTLS_E_AGAIN)); ++ ++ if (cret != GNUTLS_E_SUCCESS && sret != GNUTLS_E_SUCCESS) ++ exit_code = 1; ++ ++ if (!gnutls_safe_renegotiation_status (client) || ++ !gnutls_safe_renegotiation_status (server)) ++ { ++ tls_log_func (0, ++ "Rehandshaked session not using safe renegotiation!\n"); ++ exit_code = EXIT_FAILURE; ++ } ++ ++ gnutls_bye (client, GNUTLS_SHUT_RDWR); ++ gnutls_bye (server, GNUTLS_SHUT_RDWR); ++ ++ gnutls_deinit (client); ++ gnutls_deinit (server); ++ ++ free (to_server); ++ free (to_client); ++ ++ gnutls_certificate_free_credentials (serverx509cred); ++ ++ gnutls_global_deinit (); ++ ++ if (debug_level > 0) ++ { ++ if (exit_code == 0) ++ puts ("Self-test successful"); ++ else ++ puts ("Self-test failed"); ++ } ++ ++ return exit_code; ++} +--- /dev/null 2013-09-26 ++++ b/tests/safe-renegotiation/testsrn 2013-09-26 +@@ -0,0 +1,103 @@ ++#!/bin/sh ++ ++# Copyright (C) 2010 Free Software Foundation, Inc. ++# ++# Author: Nikos Mavrogiannopoulos ++# ++# This file is part of GnuTLS. ++# ++# GnuTLS is free software; you can redistribute it and/or modify it ++# under the terms of the GNU General Public License as published by the ++# Free Software Foundation; either version 3 of the License, or (at ++# your option) any later version. ++# ++# GnuTLS is distributed in the hope that it will be useful, but ++# WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++# General Public License for more details. ++# ++# You should have received a copy of the GNU General Public License ++# along with GnuTLS; if not, write to the Free Software Foundation, ++# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. ++ ++srcdir="${srcdir:-.}" ++SERV="${SERV:-../../src/gnutls-serv$EXEEXT} -q" ++CLI="${CLI:-../../src/gnutls-cli$EXEEXT}" ++PORT="${PORT:-5558}" ++unset RETCODE ++ ++fail() { ++ echo "Failure: $1" >&2 ++ RETCODE=${RETCODE:-${2:-1}} ++} ++ ++echo "Checking Safe renegotiation" ++ ++$SERV -p $PORT --echo --priority NORMAL:+ANON-DH:%PARTIAL_RENEGOTIATION --dhparams $srcdir/params.dh >/dev/null 2>&1 & ++pid=$! ++ ++# give the server a chance to initialize ++sleep 2 ++ ++$CLI -p $PORT 127.0.0.1 --rehandshake --priority NONE:+AES-128-CBC:+MD5:+SHA1:+VERS-SSL3.0:+ANON-DH:+COMP-NULL:%SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 || \ ++ fail "0. Renegotiation should have succeeded!" ++ ++$CLI -p $PORT 127.0.0.1 --rehandshake --priority NORMAL:+ANON-DH:%SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 || \ ++ fail "1. Safe rehandshake should have succeeded!" ++ ++$CLI -p $PORT 127.0.0.1 --rehandshake --priority NORMAL:+ANON-DH:%UNSAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 || \ ++ fail "2. Unsafe rehandshake should have succeeded!" ++ ++$CLI -p $PORT 127.0.0.1 --priority NORMAL:+ANON-DH:%DISABLE_SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 || \ ++ fail "3. Unsafe negotiation should have succeeded!" ++ ++$CLI -p $PORT 127.0.0.1 --rehandshake --priority NORMAL:+ANON-DH:%DISABLE_SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 && \ ++ fail "4. Unsafe renegotiation should have failed!" ++ ++ ++kill $pid ++wait ++ ++$SERV -p $PORT --echo --priority NORMAL:+ANON-DH:%SAFE_RENEGOTIATION --dhparams $srcdir/params.dh >/dev/null 2>&1 & ++pid=$! ++ ++# give the server a chance to initialize ++sleep 2 ++ ++$CLI -p $PORT 127.0.0.1 --rehandshake --priority NORMAL:+ANON-DH:%SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 || \ ++ fail "5. Safe rehandshake should have succeeded!" ++ ++$CLI -p $PORT 127.0.0.1 --rehandshake --priority NORMAL:+ANON-DH:%UNSAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 || \ ++ fail "6. Unsafe rehandshake should have succeeded!" ++ ++$CLI -p $PORT 127.0.0.1 --priority NORMAL:+ANON-DH:%DISABLE_SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 && \ ++ fail "7. Unsafe negotiation should have failed!" ++ ++$CLI -p $PORT 127.0.0.1 --rehandshake --priority NORMAL:+ANON-DH:%DISABLE_SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 && \ ++ fail "8. Unsafe renegotiation should have failed!" ++ ++kill $pid ++wait ++ ++$SERV -p $PORT --echo --priority NORMAL:+ANON-DH:%DISABLE_SAFE_RENEGOTIATION --dhparams $srcdir/params.dh >/dev/null 2>&1 & ++pid=$! ++ ++# give the server a chance to initialize ++sleep 2 ++ ++$CLI -p $PORT 127.0.0.1 --priority NORMAL:+ANON-DH:%SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 && \ ++ fail "9. Initial connection should have failed!" ++ ++$CLI -p $PORT 127.0.0.1 --priority NORMAL:+ANON-DH:%UNSAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 || \ ++ fail "10. Unsafe connection should have succeeded!" ++ ++$CLI -p $PORT 127.0.0.1 --priority NORMAL:+ANON-DH:%DISABLE_SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 || \ ++ fail "11. Unsafe negotiation should have succeeded!" ++ ++$CLI -p $PORT 127.0.0.1 --rehandshake --priority NORMAL:+ANON-DH:%DISABLE_SAFE_RENEGOTIATION </dev/null >/dev/null 2>&1 || \ ++ fail "12. Unsafe renegotiation should have succeeded!" ++ ++kill $pid ++wait ++ ++exit ${RETCODE:-0} +--- a/tests/simple.c 2009-06-02 ++++ b/tests/simple.c 2013-09-26 +@@ -50,7 +50,7 @@ doit (void) + + for (i = 0; algs[i]; i++) + { +- printf ("pk_list[%d] = %d = %s = %d\n", i, algs[i], ++ printf ("pk_list[%d] = %d = %s = %d\n", (int)i, algs[i], + gnutls_pk_algorithm_get_name (algs[i]), + gnutls_pk_get_id (gnutls_pk_algorithm_get_name (algs[i]))); + if (gnutls_pk_get_id (gnutls_pk_algorithm_get_name (algs[i])) +@@ -76,7 +76,7 @@ doit (void) + + for (i = 0; algs[i]; i++) + { +- printf ("sign_list[%d] = %d = %s = %d\n", i, algs[i], ++ printf ("sign_list[%d] = %d = %s = %d\n", (int)i, algs[i], + gnutls_sign_algorithm_get_name (algs[i]), + gnutls_sign_get_id (gnutls_sign_algorithm_get_name + (algs[i]))); diff --git a/patches/source/gnutls/gnutls-2.8.4_CVE-2011-4128.diff b/patches/source/gnutls/gnutls-2.8.4_CVE-2011-4128.diff new file mode 100644 index 000000000..0f933d179 --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.4_CVE-2011-4128.diff @@ -0,0 +1,36 @@ +From 944118eba2ba7d1ffae2402e50e143e34d3a42ba Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Sun, 29 Sep 2013 +Subject: CVE-2011-4128 [GNUTLS-SA-2011-2] + +gnutls_session_get_data: fix possible buffer overflow + +This is a backport adaptation for use with GnuTLS 2.8.4. + +Relevant upstream commits: +-------------------------- +https://gitorious.org/gnutls/gnutls/commit/190cef6eed37d0 +https://gitorious.org/gnutls/gnutls/commit/e82ef4545e9e98 + +--- + gnutls_session.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/lib/gnutls_session.c 2013-09-27 ++++ b/lib/gnutls_session.c 2013-09-27 +@@ -64,13 +64,14 @@ gnutls_session_get_data (gnutls_session_ + gnutls_assert (); + return ret; + } +- *session_data_size = psession.size; + + if (psession.size > *session_data_size) + { ++ *session_data_size = psession.size; + ret = GNUTLS_E_SHORT_MEMORY_BUFFER; + goto error; + } ++ *session_data_size = psession.size; + + if (session_data != NULL) + memcpy (session_data, psession.data, psession.size); diff --git a/patches/source/gnutls/gnutls-2.8.4_CVE-2012-1569.diff b/patches/source/gnutls/gnutls-2.8.4_CVE-2012-1569.diff new file mode 100644 index 000000000..98ae99ff3 --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.4_CVE-2012-1569.diff @@ -0,0 +1,62 @@ +From 6f3bce4bdaf45c23107ba07b65eeaa00c1436346 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Thu, 3 Oct 2013 +Subject: CVE-2012-1569 [GNUTLS-SA-2012-3] + +asn1_get_length_der() in decoding.c in GNU Libtasn1 before 2.12 +does not properly handle certain large length values. This can be +exploited by attackers to cause a DoS or other impacts via a +crafted ASN.1 structure. + +Fix adapted for use with libtasn1 embedded in GnuTLS 2.8.4. + +Relevant upstream patch: +------------------------ +http://article.gmane.org/gmane.comp.gnu.libtasn1.general/54 + +--- + decoding.c | 12 ++++++++---- + 1 file changed, 8 insertions(+), 4 deletions(-) + +--- a/lib/minitasn1/decoding.c ++++ b/lib/minitasn1/decoding.c +@@ -55,12 +55,13 @@ _asn1_error_description_tag_error (ASN1_TYPE node, char *ErrorDescription) + * Extract a length field from DER data. + * + * Return value: Return the decoded length value, or -1 on indefinite +- * length, or -2 when the value was too big. ++ * length, or -2 when the value was too big to fit in a int, or -4 ++ * when the decoded length value plus @len would exceed @der_len. + **/ + signed long + asn1_get_length_der (const unsigned char *der, int der_len, int *len) + { +- unsigned long ans; ++ int ans; + int k, punt; + + *len = 0; +@@ -83,7 +84,7 @@ asn1_get_length_der (const unsigned char *der, int der_len, int *len) + ans = 0; + while (punt <= k && punt < der_len) + { +- unsigned long last = ans; ++ int last = ans; + + ans = ans * 256 + der[punt++]; + if (ans < last) +@@ -93,10 +94,13 @@ asn1_get_length_der (const unsigned char *der, int der_len, int *len) + } + else + { /* indefinite length method */ +- ans = -1; ++ *len = punt; ++ return -1; + } + + *len = punt; ++ if (ans + *len < ans || ans + *len > der_len) ++ return -4; + return ans; + } + } diff --git a/patches/source/gnutls/gnutls-2.8.4_CVE-2012-1573.diff b/patches/source/gnutls/gnutls-2.8.4_CVE-2012-1573.diff new file mode 100644 index 000000000..f135ac335 --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.4_CVE-2012-1573.diff @@ -0,0 +1,39 @@ +From d33a1132a5e53ce2c8e5957a587ee28f4f0ccfcb Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Sun, 29 Sep 2013 +Subject: CVE-2012-1573 [GNUTLS-SA-2012-2] + +Address a TLS record handling vulnerability in GnuTLS. + +This is a backport adaptation for use with GnuTLS 2.8.4. + +Relevant upstream commit: +------------------------- +https://gitorious.org/gnutls/gnutls/commit/42221486806137 + +--- + gnutls_cipher.c | 11 +++++------ + 1 file changed, 5 insertions(+), 6 deletions(-) + +--- a/lib/gnutls_cipher.c 2013-09-27 ++++ b/lib/gnutls_cipher.c 2013-09-27 +@@ -501,14 +501,13 @@ _gnutls_ciphertext2compressed (gnutls_se + { + ciphertext.size -= blocksize; + ciphertext.data += blocksize; +- +- if (ciphertext.size == 0) +- { +- gnutls_assert (); +- return GNUTLS_E_DECRYPTION_FAILED; +- } + } + ++ if (ciphertext.size < hash_size) ++ { ++ gnutls_assert (); ++ return GNUTLS_E_DECRYPTION_FAILED; ++ } + pad = ciphertext.data[ciphertext.size - 1] + 1; /* pad */ + + if ((int) pad > (int) ciphertext.size - hash_size) diff --git a/patches/source/gnutls/gnutls-2.8.4_CVE-2013-1619_CVE-2013-2116.diff b/patches/source/gnutls/gnutls-2.8.4_CVE-2013-1619_CVE-2013-2116.diff new file mode 100644 index 000000000..3b3ccf7f5 --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.4_CVE-2013-1619_CVE-2013-2116.diff @@ -0,0 +1,381 @@ +From e9e4cb4ed045a12c984a367bee0ddcbb3f27ae0d Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Sun, 29 Sep 2013 +Subject: CVE-2013-1619 and CVE-2013-2116 [GNUTLS-SA-2013-1,GNUTLS-SA-2013-2] + +Fix to avoid a timing attack in TLS CBC record parsing (aka Lucky 13). + +For background, see http://www.isg.rhul.ac.uk/tls/Lucky13.html + +The fix for CVE-2013-2116 is folded into this patch since it addresses +a problem introduced by the fix for CVE-2013-1619. + +This is a backport adaptation for use with GnuTLS 2.8.4. + +Relevant upstream commits: +-------------------------- +https://gitorious.org/gnutls/gnutls/commit/458c67cf98740e +https://gitorious.org/gnutls/gnutls/commit/93b7fcfa3297a9 +https://gitorious.org/gnutls/gnutls/commit/32a7367601a3fd +https://gitorious.org/gnutls/gnutls/commit/63a331df6aa0ec + +--- + gnutls_algorithms.c | 14 +++++ + gnutls_algorithms.h | 3 + + gnutls_cipher.c | 132 ++++++++++++++++++++++++++++++++-------------------- + gnutls_hash_int.h | 21 ++++++++ + 4 files changed, 121 insertions(+), 49 deletions(-) + +--- a/lib/gnutls_cipher.c 2013-09-27 ++++ b/lib/gnutls_cipher.c 2013-09-27 +@@ -287,6 +287,26 @@ calc_enc_length (gnutls_session_t sessio + return length; + } + ++#define PREAMBLE_SIZE 16 ++static inline int make_preamble(opaque* uint64_data, opaque type, uint16_t c_length, opaque ver, opaque* preamble) ++{ ++ opaque minor = _gnutls_version_get_minor (ver); ++ opaque major = _gnutls_version_get_major (ver); ++ opaque *p = preamble; ++ ++ memcpy(p, uint64_data, 8); ++ p+=8; ++ *p=type; p++; ++ if (_gnutls_version_has_variable_padding (ver)) ++ { /* TLS 1.0 or higher */ ++ *p = major; p++; ++ *p = minor; p++; ++ } ++ memcpy(p, &c_length, 2); ++ p+=2; ++ return p-preamble; ++} ++ + /* This is the actual encryption + * Encrypts the given compressed datum, and puts the result to cipher_data, + * which has cipher_size size. +@@ -304,11 +324,11 @@ _gnutls_compressed2ciphertext (gnutls_se + int length, ret; + digest_hd_st td; + uint8_t type = _type; +- uint8_t major, minor; ++ opaque preamble[PREAMBLE_SIZE]; ++ int preamble_size; + int hash_size = + _gnutls_hash_get_algo_len (session->security_parameters. + write_mac_algorithm); +- gnutls_protocol_t ver; + int blocksize = + _gnutls_cipher_get_block_size (session->security_parameters. + write_bulk_cipher_algorithm); +@@ -316,40 +336,27 @@ _gnutls_compressed2ciphertext (gnutls_se + _gnutls_cipher_is_block (session->security_parameters. + write_bulk_cipher_algorithm); + opaque *data_ptr; +- +- +- ver = gnutls_protocol_get_version (session); +- minor = _gnutls_version_get_minor (ver); +- major = _gnutls_version_get_major (ver); +- ++ int ver = gnutls_protocol_get_version (session); + + /* Initialize MAC */ +- ret = mac_init (&td, session->security_parameters.write_mac_algorithm, +- session->connection_state.write_mac_secret.data, +- session->connection_state.write_mac_secret.size, ver); +- +- if (ret < 0 +- && session->security_parameters.write_mac_algorithm != GNUTLS_MAC_NULL) +- { +- gnutls_assert (); +- return ret; +- } + + c_length = _gnutls_conv_uint16 (compressed.size); + + if (session->security_parameters.write_mac_algorithm != GNUTLS_MAC_NULL) + { /* actually when the algorithm in not the NULL one */ +- _gnutls_hmac (&td, +- UINT64DATA (session->connection_state. +- write_sequence_number), 8); +- +- _gnutls_hmac (&td, &type, 1); +- if (ver >= GNUTLS_TLS1) +- { /* TLS 1.0 or higher */ +- _gnutls_hmac (&td, &major, 1); +- _gnutls_hmac (&td, &minor, 1); +- } +- _gnutls_hmac (&td, &c_length, 2); ++ digest_hd_st td; ++ ++ ret = mac_init (&td, session->security_parameters.write_mac_algorithm, ++ session->connection_state.write_mac_secret.data, ++ session->connection_state.write_mac_secret.size, ver); ++ ++ if (ret < 0) ++ { ++ gnutls_assert (); ++ return ret; ++ } ++ preamble_size = make_preamble( UINT64DATA (session->connection_state.write_sequence_number), type, c_length, ver, preamble); ++ _gnutls_hmac (&td, preamble, preamble_size); + _gnutls_hmac (&td, compressed.data, compressed.size); + mac_deinit (&td, MAC, ver); + } +@@ -418,6 +425,49 @@ _gnutls_compressed2ciphertext (gnutls_se + return length; + } + ++static void dummy_wait(gnutls_session_t session, gnutls_datum_t* plaintext, ++ unsigned pad_failed, unsigned int pad, unsigned total, int ver) ++{ ++ /* this hack is only needed on CBC ciphers */ ++ if (_gnutls_cipher_is_block (session->security_parameters.read_bulk_cipher_algorithm) == CIPHER_BLOCK) ++ { ++ uint8_t MAC[MAX_HASH_SIZE]; ++ unsigned len; ++ digest_hd_st td; ++ int ret; ++ ++ ret = mac_init (&td, session->security_parameters.read_mac_algorithm, ++ session->connection_state.read_mac_secret.data, ++ session->connection_state.read_mac_secret.size, ver); ++ ++ if (ret < 0) ++ return; ++ ++ /* force an additional hash compression function evaluation to prevent timing ++ * attacks that distinguish between wrong-mac + correct pad, from wrong-mac + incorrect pad. ++ */ ++ if (pad_failed == 0 && pad > 0) ++ { ++ len = _gnutls_get_hash_block_len(session->security_parameters.read_mac_algorithm); ++ if (len > 0) ++ { ++ /* This is really specific to the current hash functions. ++ * It should be removed once a protocol fix is in place. ++ */ ++ if ((pad+total) % len > len-9 && total % len <= len-9) ++ { ++ if (len < plaintext->size) ++ _gnutls_hmac (&td, plaintext->data, len); ++ else ++ _gnutls_hmac (&td, plaintext->data, plaintext->size); ++ } ++ } ++ } ++ ++ mac_deinit (&td, MAC, ver); ++ } ++} ++ + /* Deciphers the ciphertext packet, and puts the result to compress_data, of compress_size. + * Returns the actual compressed packet size. + */ +@@ -429,38 +479,22 @@ _gnutls_ciphertext2compressed (gnutls_se + { + uint8_t MAC[MAX_HASH_SIZE]; + uint16_t c_length; +- uint8_t pad; ++ unsigned int pad = 0; + int length; + digest_hd_st td; + uint16_t blocksize; + int ret, i, pad_failed = 0; +- uint8_t major, minor; +- gnutls_protocol_t ver; ++ opaque preamble[PREAMBLE_SIZE]; ++ int preamble_size = 0; ++ int ver = gnutls_protocol_get_version (session); + int hash_size = + _gnutls_hash_get_algo_len (session->security_parameters. + read_mac_algorithm); + +- ver = gnutls_protocol_get_version (session); +- minor = _gnutls_version_get_minor (ver); +- major = _gnutls_version_get_major (ver); +- + blocksize = + _gnutls_cipher_get_block_size (session->security_parameters. + read_bulk_cipher_algorithm); + +- /* initialize MAC +- */ +- ret = mac_init (&td, session->security_parameters.read_mac_algorithm, +- session->connection_state.read_mac_secret.data, +- session->connection_state.read_mac_secret.size, ver); +- +- if (ret < 0 +- && session->security_parameters.read_mac_algorithm != GNUTLS_MAC_NULL) +- { +- gnutls_assert (); +- return GNUTLS_E_INTERNAL_ERROR; +- } +- + /* actual decryption (inplace) + */ + switch (_gnutls_cipher_is_block +@@ -508,31 +542,25 @@ _gnutls_ciphertext2compressed (gnutls_se + gnutls_assert (); + return GNUTLS_E_DECRYPTION_FAILED; + } +- pad = ciphertext.data[ciphertext.size - 1] + 1; /* pad */ +- +- if ((int) pad > (int) ciphertext.size - hash_size) +- { +- gnutls_assert (); +- _gnutls_record_log +- ("REC[%p]: Short record length %d > %d - %d (under attack?)\n", +- session, pad, ciphertext.size, hash_size); +- /* We do not fail here. We check below for the +- * the pad_failed. If zero means success. +- */ +- pad_failed = GNUTLS_E_DECRYPTION_FAILED; +- } +- +- length = ciphertext.size - hash_size - pad; +- +- /* Check the pading bytes (TLS 1.x) ++ pad = ciphertext.data[ciphertext.size - 1]; /* pad */ ++ if (pad+1 > ciphertext.size-hash_size) ++ pad_failed = GNUTLS_E_DECRYPTION_FAILED; ++ ++ /* Check the pading bytes (TLS 1.x). ++ * Note that we access all 256 bytes of ciphertext for padding check ++ * because there is a timing channel in that memory access (in certain CPUs + */ + if (ver >= GNUTLS_TLS1 && pad_failed == 0) + for (i = 2; i < pad; i++) + { +- if (ciphertext.data[ciphertext.size - i] != +- ciphertext.data[ciphertext.size - 1]) ++ if (ciphertext.data[ciphertext.size - i] != pad) + pad_failed = GNUTLS_E_DECRYPTION_FAILED; + } ++ ++ if (pad_failed) ++ pad = 0; ++ length = ciphertext.size - hash_size - pad - 1; ++ + break; + default: + gnutls_assert (); +@@ -548,17 +576,20 @@ _gnutls_ciphertext2compressed (gnutls_se + */ + if (session->security_parameters.read_mac_algorithm != GNUTLS_MAC_NULL) + { +- _gnutls_hmac (&td, +- UINT64DATA (session->connection_state. +- read_sequence_number), 8); +- +- _gnutls_hmac (&td, &type, 1); +- if (ver >= GNUTLS_TLS1) +- { /* TLS 1.x */ +- _gnutls_hmac (&td, &major, 1); +- _gnutls_hmac (&td, &minor, 1); +- } +- _gnutls_hmac (&td, &c_length, 2); ++ digest_hd_st td; ++ ++ ret = mac_init (&td, session->security_parameters.read_mac_algorithm, ++ session->connection_state.read_mac_secret.data, ++ session->connection_state.read_mac_secret.size, ver); ++ ++ if (ret < 0) ++ { ++ gnutls_assert (); ++ return GNUTLS_E_INTERNAL_ERROR; ++ } ++ ++ preamble_size = make_preamble( UINT64DATA (session->connection_state.read_sequence_number), type, c_length, ver, preamble); ++ _gnutls_hmac (&td, preamble, preamble_size); + + if (length > 0) + _gnutls_hmac (&td, ciphertext.data, length); +@@ -566,16 +597,14 @@ _gnutls_ciphertext2compressed (gnutls_se + mac_deinit (&td, MAC, ver); + } + +- /* This one was introduced to avoid a timing attack against the TLS +- * 1.0 protocol. +- */ +- if (pad_failed != 0) +- return pad_failed; +- + /* HMAC was not the same. + */ +- if (memcmp (MAC, &ciphertext.data[length], hash_size) != 0) ++ if (memcmp (MAC, &ciphertext.data[length], hash_size) != 0 || pad_failed != 0) + { ++ gnutls_datum_t compressed = {compress_data, compress_size}; ++ /* HMAC was not the same. */ ++ dummy_wait(session, &compressed, pad_failed, pad, length+preamble_size, ver); ++ + gnutls_assert (); + return GNUTLS_E_DECRYPTION_FAILED; + } +--- a/lib/gnutls_hash_int.h 2013-09-27 ++++ b/lib/gnutls_hash_int.h 2013-09-27 +@@ -92,4 +92,25 @@ void _gnutls_mac_deinit_ssl3_handshake ( + + int _gnutls_hash_copy (digest_hd_st* dst_handle, digest_hd_st * src_handle); + ++/* We shouldn't need to know that, but a work-around in decoding ++ * TLS record padding requires that. ++ */ ++inline static size_t ++_gnutls_get_hash_block_len (gnutls_digest_algorithm_t algo) ++{ ++ switch (algo) ++ { ++ case GNUTLS_DIG_MD5: ++ case GNUTLS_DIG_SHA1: ++ case GNUTLS_DIG_RMD160: ++ case GNUTLS_DIG_SHA256: ++ case GNUTLS_DIG_SHA384: ++ case GNUTLS_DIG_SHA512: ++ case GNUTLS_DIG_SHA224: ++ return 64; ++ default: ++ return 0; ++ } ++} ++ + #endif /* GNUTLS_HASH_INT_H */ +--- a/lib/gnutls_algorithms.c 2013-09-27 ++++ b/lib/gnutls_algorithms.c 2013-09-27 +@@ -1185,6 +1185,20 @@ _gnutls_version_is_supported (gnutls_ses + return 1; + } + ++/* This function determines if the version specified can have ++ non-minimal padding. */ ++int _gnutls_version_has_variable_padding (gnutls_protocol_t version) ++{ ++ switch(version) { ++ case GNUTLS_TLS1_0: ++ case GNUTLS_TLS1_1: ++ case GNUTLS_TLS1_2: ++ return 1; ++ default: ++ return 0; ++ } ++} ++ + /* Type to KX mappings */ + gnutls_kx_algorithm_t + _gnutls_map_kx_get_kx (gnutls_credentials_type_t type, int server) +--- a/lib/gnutls_algorithms.h 2013-09-27 ++++ b/lib/gnutls_algorithms.h 2013-09-27 +@@ -41,6 +41,9 @@ int _gnutls_version_get_major (gnutls_pr + int _gnutls_version_get_minor (gnutls_protocol_t ver); + gnutls_protocol_t _gnutls_version_get (int major, int minor); + ++/* Functions for feature checks */ ++int _gnutls_version_has_variable_padding (gnutls_protocol_t version); ++ + /* Functions for MACs. */ + int _gnutls_mac_is_ok (gnutls_mac_algorithm_t algorithm); + gnutls_mac_algorithm_t _gnutls_x509_oid2mac_algorithm (const char *oid); diff --git a/patches/source/gnutls/gnutls-2.8.4_CVE-2014-0092.diff b/patches/source/gnutls/gnutls-2.8.4_CVE-2014-0092.diff new file mode 100644 index 000000000..a6da6edc6 --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.4_CVE-2014-0092.diff @@ -0,0 +1,108 @@ +From 9ae432113c485518a6ea5c68e15b4a18e87cf878 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Mon, 03 Mar 2014 +Subject: CVE-2014-0092 (GNUTLS-SA-2014-2) + +Fix vulnerabilities in the certificate verification code path. +The vulnerabilities can be exploited such that specially-crafted +certificates can bypass certificate validation checks. + +This is a backport adaptation for use with GnuTLS 2.8.4. + +Relevant upstream commit: +------------------------- +https://gitorious.org/gnutls/gnutls/commit/6aa26f78150ccb + +--- + lib/x509/verify.c | 17 +++++++++++------ + 1 file changed, 11 insertions(+), 6 deletions(-) + +--- a/lib/x509/verify.c ++++ b/lib/x509/verify.c +@@ -112,7 +112,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnu + if (result < 0) + { + gnutls_assert (); +- goto cleanup; ++ goto fail; + } + + result = +@@ -121,7 +121,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnu + if (result < 0) + { + gnutls_assert (); +- goto cleanup; ++ goto fail; + } + + result = +@@ -129,7 +129,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnu + if (result < 0) + { + gnutls_assert (); +- goto cleanup; ++ goto fail; + } + + result = +@@ -137,7 +137,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnu + if (result < 0) + { + gnutls_assert (); +- goto cleanup; ++ goto fail; + } + + /* If the subject certificate is the same as the issuer +@@ -177,6 +177,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnu + else + gnutls_assert (); + ++fail: + result = 0; + + cleanup: +@@ -269,7 +270,7 @@ _gnutls_verify_certificate2 (gnutls_x509 + gnutls_datum_t cert_signed_data = { NULL, 0 }; + gnutls_datum_t cert_signature = { NULL, 0 }; + gnutls_x509_crt_t issuer; +- int ret, issuer_version, result; ++ int ret, issuer_version, result = 0; + + if (output) + *output = 0; +@@ -299,7 +300,7 @@ _gnutls_verify_certificate2 (gnutls_x509 + if (issuer_version < 0) + { + gnutls_assert (); +- return issuer_version; ++ return 0; + } + + if (!(flags & GNUTLS_VERIFY_DISABLE_CA_SIGN) && +@@ -320,6 +321,7 @@ _gnutls_verify_certificate2 (gnutls_x509 + if (result < 0) + { + gnutls_assert (); ++ result = 0; + goto cleanup; + } + +@@ -328,6 +330,7 @@ _gnutls_verify_certificate2 (gnutls_x509 + if (result < 0) + { + gnutls_assert (); ++ result = 0; + goto cleanup; + } + +@@ -337,6 +340,8 @@ _gnutls_verify_certificate2 (gnutls_x509 + if (ret < 0) + { + gnutls_assert (); ++ result = 0; ++ goto cleanup; + } + else if (ret == 0) + { diff --git a/patches/source/gnutls/gnutls-2.8.4_CVE-2014-3466.diff b/patches/source/gnutls/gnutls-2.8.4_CVE-2014-3466.diff new file mode 100644 index 000000000..b135bbc10 --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.4_CVE-2014-3466.diff @@ -0,0 +1,312 @@ +From 7fc8bb1f29a2ca1ddedc7f5aa0204ab091c69431 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@zoho.com> +Date: Mon, 2 Jun 2014 +Subject: CVE-2014-3466 + +This is a backport adaptation for use with GnuTLS 2.8.4. + +Relevant upstream commit(s): +------------------------- +https://gitorious.org/gnutls/gnutls/commit/688ea6428a432c +https://gitorious.org/gnutls/gnutls/commit/a7be326f0e33cf + +--- + lib/gnutls_handshake.c | 2 + tests/Makefile.am | 2 + tests/long-session-id.c | 268 ++++++++++++++++++++++++++++++++++++++++ + 3 files changed, 270 insertions(+), 2 deletions(-) + +--- a/lib/gnutls_handshake.c ++++ b/lib/gnutls_handshake.c +@@ -1518,7 +1518,7 @@ _gnutls_read_server_hello (gnutls_sessio + DECR_LEN (len, 1); + session_id_len = data[pos++]; + +- if (len < session_id_len) ++ if (len < session_id_len || session_id_len > TLS_MAX_SESSION_ID_SIZE) + { + gnutls_assert (); + return GNUTLS_E_UNSUPPORTED_VERSION_PACKET; +--- a/tests/Makefile.am ++++ b/tests/Makefile.am +@@ -56,7 +56,8 @@ + ctests = simple gc set_pkcs12_cred certder mpi \ + certificate_set_x509_crl dn parse_ca moredn crypto_rng mini \ + finished hostname-check cve-2008-4989 pkcs12_s2k chainverify \ +- crq_key_id x509sign-verify cve-2009-1415 cve-2009-1416 mini-eagain ++ crq_key_id x509sign-verify cve-2009-1415 cve-2009-1416 \ ++ mini-eagain long-session-id + + if ENABLE_OPENSSL + ctests += openssl +--- /dev/null ++++ b/tests/long-session-id.c +@@ -0,0 +1,268 @@ ++/* ++ * Copyright (C) 2012 Free Software Foundation, Inc. ++ * ++ * Author: Nikos Mavrogiannopoulos ++ * ++ * This file is part of GnuTLS. ++ * ++ * GnuTLS is free software; you can redistribute it and/or modify it ++ * under the terms of the GNU General Public License as published by ++ * the Free Software Foundation; either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * GnuTLS is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with GnuTLS; if not, write to the Free Software Foundation, ++ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA ++ */ ++ ++#ifdef HAVE_CONFIG_H ++#include <config.h> ++#endif ++ ++#include <stdio.h> ++#include <stdlib.h> ++ ++#if defined(_WIN32) ++ ++int main() ++{ ++ exit(77); ++} ++ ++#else ++ ++#include <string.h> ++#include <sys/types.h> ++#include <netinet/in.h> ++#include <sys/socket.h> ++#include <sys/wait.h> ++#include <arpa/inet.h> ++#include <unistd.h> ++#include <gnutls/gnutls.h> ++#include <signal.h> ++ ++static int debug = 0; ++static void terminate(int); ++ ++/* This program tests the robustness of record ++ * decoding. ++ */ ++ ++static void client_log_func(int level, const char *str) ++{ ++ fprintf(stderr, "client|<%d>| %s", level, str); ++} ++ ++static unsigned char server_cert_pem[] = ++ "-----BEGIN CERTIFICATE-----\n" ++ "MIICVjCCAcGgAwIBAgIERiYdMTALBgkqhkiG9w0BAQUwGTEXMBUGA1UEAxMOR251\n" ++ "VExTIHRlc3QgQ0EwHhcNMDcwNDE4MTMyOTIxWhcNMDgwNDE3MTMyOTIxWjA3MRsw\n" ++ "GQYDVQQKExJHbnVUTFMgdGVzdCBzZXJ2ZXIxGDAWBgNVBAMTD3Rlc3QuZ251dGxz\n" ++ "Lm9yZzCBnDALBgkqhkiG9w0BAQEDgYwAMIGIAoGA17pcr6MM8C6pJ1aqU46o63+B\n" ++ "dUxrmL5K6rce+EvDasTaDQC46kwTHzYWk95y78akXrJutsoKiFV1kJbtple8DDt2\n" ++ "DZcevensf9Op7PuFZKBroEjOd35znDET/z3IrqVgbtm2jFqab7a+n2q9p/CgMyf1\n" ++ "tx2S5Zacc1LWn9bIjrECAwEAAaOBkzCBkDAMBgNVHRMBAf8EAjAAMBoGA1UdEQQT\n" ++ "MBGCD3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHQ8B\n" ++ "Af8EBQMDB6AAMB0GA1UdDgQWBBTrx0Vu5fglyoyNgw106YbU3VW0dTAfBgNVHSME\n" ++ "GDAWgBTpPBz7rZJu5gakViyi4cBTJ8jylTALBgkqhkiG9w0BAQUDgYEAaFEPTt+7\n" ++ "bzvBuOf7+QmeQcn29kT6Bsyh1RHJXf8KTk5QRfwp6ogbp94JQWcNQ/S7YDFHglD1\n" ++ "AwUNBRXwd3riUsMnsxgeSDxYBfJYbDLeohNBsqaPDJb7XailWbMQKfAbFQ8cnOxg\n" ++ "rOKLUQRWJ0K3HyXRMhbqjdLIaQiCvQLuizo=\n" "-----END CERTIFICATE-----\n"; ++ ++const gnutls_datum_t server_cert = { server_cert_pem, ++ sizeof(server_cert_pem) ++}; ++ ++static unsigned char server_key_pem[] = ++ "-----BEGIN RSA PRIVATE KEY-----\n" ++ "MIICXAIBAAKBgQDXulyvowzwLqknVqpTjqjrf4F1TGuYvkrqtx74S8NqxNoNALjq\n" ++ "TBMfNhaT3nLvxqResm62ygqIVXWQlu2mV7wMO3YNlx696ex/06ns+4VkoGugSM53\n" ++ "fnOcMRP/PciupWBu2baMWppvtr6far2n8KAzJ/W3HZLllpxzUtaf1siOsQIDAQAB\n" ++ "AoGAYAFyKkAYC/PYF8e7+X+tsVCHXppp8AoP8TEZuUqOZz/AArVlle/ROrypg5kl\n" ++ "8YunrvUdzH9R/KZ7saNZlAPLjZyFG9beL/am6Ai7q7Ma5HMqjGU8kTEGwD7K+lbG\n" ++ "iomokKMOl+kkbY/2sI5Czmbm+/PqLXOjtVc5RAsdbgvtmvkCQQDdV5QuU8jap8Hs\n" ++ "Eodv/tLJ2z4+SKCV2k/7FXSKWe0vlrq0cl2qZfoTUYRnKRBcWxc9o92DxK44wgPi\n" ++ "oMQS+O7fAkEA+YG+K9e60sj1K4NYbMPAbYILbZxORDecvP8lcphvwkOVUqbmxOGh\n" ++ "XRmTZUuhBrJhJKKf6u7gf3KWlPl6ShKEbwJASC118cF6nurTjuLf7YKARDjNTEws\n" ++ "qZEeQbdWYINAmCMj0RH2P0mvybrsXSOD5UoDAyO7aWuqkHGcCLv6FGG+qwJAOVqq\n" ++ "tXdUucl6GjOKKw5geIvRRrQMhb/m5scb+5iw8A4LEEHPgGiBaF5NtJZLALgWfo5n\n" ++ "hmC8+G8F0F78znQtPwJBANexu+Tg5KfOnzSILJMo3oXiXhf5PqXIDmbN0BKyCKAQ\n" ++ "LfkcEcUbVfmDaHpvzwY9VEaoMOKVLitETXdNSxVpvWM=\n" ++ "-----END RSA PRIVATE KEY-----\n"; ++ ++const gnutls_datum_t server_key = { server_key_pem, ++ sizeof(server_key_pem) ++}; ++ ++ ++/* A very basic TLS client, with anonymous authentication. ++ */ ++ ++static void client(int fd, const char *prio) ++{ ++ int ret; ++ gnutls_anon_client_credentials_t anoncred; ++ gnutls_certificate_credentials_t x509_cred; ++ gnutls_session_t session; ++ /* Need to enable anonymous KX specifically. */ ++ ++ gnutls_global_init(); ++ ++ if (debug) { ++ gnutls_global_set_log_function(client_log_func); ++ gnutls_global_set_log_level(7); ++ } ++ ++ gnutls_anon_allocate_client_credentials(&anoncred); ++ gnutls_certificate_allocate_credentials(&x509_cred); ++ ++ /* Initialize TLS session ++ */ ++ gnutls_init(&session, GNUTLS_CLIENT); ++ ++ /* Use default priorities */ ++ gnutls_priority_set_direct(session, prio, NULL); ++ ++ /* put the anonymous credentials to the current session ++ */ ++ gnutls_credentials_set(session, GNUTLS_CRD_ANON, anoncred); ++ gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred); ++ ++ gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) fd); ++ ++ /* Perform the TLS handshake ++ */ ++ do { ++ ret = gnutls_handshake(session); ++ } ++ while (ret < 0 && gnutls_error_is_fatal(ret) == 0); ++ ++ if (ret < 0) { ++ fprintf(stderr, "client: Handshake failed (expected)\n"); ++ gnutls_perror(ret); ++ exit(0); ++ } else { ++ if (debug) ++ fprintf(stderr, "client: Handshake was completed\n"); ++ } ++ ++ close(fd); ++ ++ gnutls_deinit(session); ++ ++ gnutls_anon_free_client_credentials(anoncred); ++ gnutls_certificate_free_credentials(x509_cred); ++ ++ gnutls_global_deinit(); ++} ++ ++ ++/* These are global */ ++pid_t child; ++ ++static void terminate(int ret) ++{ ++ kill(child, SIGTERM); ++ exit(ret); ++} ++ ++static void server(int fd, const char *prio) ++{ ++ int ret; ++ uint8_t id[255]; ++ uint8_t buffer[] = "\x16\x03\x00\x01\x25" ++ "\x02\x00\x01\x21" ++ "\x03\x00"/*Server Version */ ++ /*Random*/"\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00\x00\x00\x01\x00\x00" ++ /*SessionID*/"\xfe"; ++ ++ ret = read(fd, id, sizeof(id)); ++ if (ret < 0) { ++ abort(); ++ } ++ ++ ret = write(fd, buffer, sizeof(buffer)); ++ if (ret < 0) { ++ return; ++ } ++ ++ memset(id, 0xff, sizeof(id)); ++ ret = write(fd, id, sizeof(id)); ++ if (ret < 0) { ++ return; ++ } ++ ++ memset(id, 0xff, sizeof(id)); ++ ret = write(fd, id, sizeof(id)); ++ if (ret < 0) { ++ return; ++ } ++ sleep(3); ++ ++ return; ++} ++ ++static void start(const char *prio) ++{ ++ int fd[2]; ++ int ret; ++ ++ ret = socketpair(AF_UNIX, SOCK_STREAM, 0, fd); ++ if (ret < 0) { ++ perror("socketpair"); ++ exit(1); ++ } ++ ++ child = fork(); ++ if (child < 0) { ++ perror("fork"); ++ exit(1); ++ } ++ ++ if (child) { ++ /* parent */ ++ close(fd[1]); ++ server(fd[0], prio); ++ kill(child, SIGTERM); ++ } else { ++ close(fd[0]); ++ client(fd[1], prio); ++ exit(0); ++ } ++} ++ ++static void ch_handler(int sig) ++{ ++ int status, ret = 0; ++ wait(&status); ++ if (WEXITSTATUS(status) != 0 || ++ (WIFSIGNALED(status) && WTERMSIG(status) == SIGSEGV)) { ++ if (WIFSIGNALED(status)) { ++ fprintf(stderr, "Child died with sigsegv\n"); ++ ret = 1; ++ } else { ++ fprintf(stderr, "Child died with status %d\n", ++ WEXITSTATUS(status)); ++ } ++ terminate(ret); ++ } ++ return; ++} ++ ++int main(int argc, char **argv) ++{ ++ signal(SIGCHLD, ch_handler); ++ ++ if (argc > 1) ++ debug = 1; ++ ++ start("NORMAL"); ++ return 0; ++} ++ ++#endif /* _WIN32 */ diff --git a/patches/source/gnutls/gnutls-2.8.4_CVE-2014-3467.diff b/patches/source/gnutls/gnutls-2.8.4_CVE-2014-3467.diff new file mode 100644 index 000000000..368e9ed9d --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.4_CVE-2014-3467.diff @@ -0,0 +1,45 @@ +From 314dc68b64bbc62cab5fd1b6a76a324e3cc8398b Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@zoho.com> +Date: Mon, 2 Jun 2014 +Subject: CVE-2014-3467 + +This is a backport adaptation for use with GnuTLS 2.8.4. + +Relevant upstream commit(s): +------------------------- +http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=ff3b5c68cc32e3 +http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=51612fca32dda4 + +--- + lib/minitasn1/decoding.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +--- a/lib/minitasn1/decoding.c ++++ b/lib/minitasn1/decoding.c +@@ -135,7 +135,7 @@ asn1_get_tag_der (const unsigned char *d + /* Long form */ + punt = 1; + ris = 0; +- while (punt <= der_len && der[punt] & 128) ++ while (punt < der_len && der[punt] & 128) + { + int last = ris; + ris = ris * 128 + (der[punt++] & 0x7F); +@@ -245,7 +245,7 @@ _asn1_get_time_der (const unsigned char + if (der_len <= 0 || str == NULL) + return ASN1_DER_ERROR; + str_len = asn1_get_length_der (der, der_len, &len_len); +- if (str_len < 0 || str_size < str_len) ++ if (str_len <= 0 || str_size < str_len) + return ASN1_DER_ERROR; + memcpy (str, der + len_len, str_len); + str[str_len] = 0; +@@ -273,7 +273,7 @@ _asn1_get_objectid_der (const unsigned c + return ASN1_GENERIC_ERROR; + len = asn1_get_length_der (der, der_len, &len_len); + +- if (len < 0 || len > der_len || len_len > der_len) ++ if (len <= 0 || len > der_len || len_len > der_len) + return ASN1_DER_ERROR; + + val1 = der[len_len] / 40; diff --git a/patches/source/gnutls/gnutls-2.8.4_CVE-2014-3468.diff b/patches/source/gnutls/gnutls-2.8.4_CVE-2014-3468.diff new file mode 100644 index 000000000..1a4549e54 --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.4_CVE-2014-3468.diff @@ -0,0 +1,45 @@ +From d5a10d4ff449621eed08a5c32d4390d49578602f Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@zoho.com> +Date: Mon, 2 Jun 2014 +Subject: CVE-2014-3468 + +This is a backport adaptation for use with GnuTLS 2.8.4. + +Relevant upstream commit(s): +------------------------- +http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=1c3ccb3e040bf1 + +--- + lib/minitasn1/decoding.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +--- a/lib/minitasn1/decoding.c ++++ b/lib/minitasn1/decoding.c +@@ -210,7 +210,7 @@ asn1_get_octet_der (const unsigned char + int *ret_len, unsigned char *str, int str_size, + int *str_len) + { +- int len_len; ++ int len_len = 0; + + if (der_len <= 0) + return ASN1_GENERIC_ERROR; +@@ -335,7 +335,7 @@ asn1_get_bit_der (const unsigned char *d + int *ret_len, unsigned char *str, int str_size, + int *bit_len) + { +- int len_len, len_byte; ++ int len_len = 0, len_byte; + + if (der_len <= 0) + return ASN1_GENERIC_ERROR; +@@ -346,6 +346,9 @@ asn1_get_bit_der (const unsigned char *d + *ret_len = len_byte + len_len + 1; + *bit_len = len_byte * 8 - der[len_len]; + ++ if (*bit_len <= 0) ++ return ASN1_DER_ERROR; ++ + if (str_size >= len_byte) + memcpy (str, der + len_len + 1, len_byte); + else diff --git a/patches/source/gnutls/gnutls-2.8.4_CVE-2014-3469.diff b/patches/source/gnutls/gnutls-2.8.4_CVE-2014-3469.diff new file mode 100644 index 000000000..91522847f --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.4_CVE-2014-3469.diff @@ -0,0 +1,122 @@ +From aac80016867869e7eca20954db36a9d466daa43c Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@zoho.com> +Date: Mon, 2 Jun 2014 +Subject: CVE-2014-3469 + +This is a backport adaptation for use with GnuTLS 2.8.4. + +Relevant upstream commit(s): +------------------------- +http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=a8b3e14f84174e +http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=3d6a02f19ff15a +http://git.savannah.gnu.org/cgit/libtasn1.git/commit/?id=53958290ab731c + +--- + lib/minitasn1/decoding.c | 11 ++++++++--- + lib/minitasn1/element.c | 27 ++++++++++++++++++--------- + 2 files changed, 26 insertions(+), 12 deletions(-) + +--- a/lib/minitasn1/decoding.c ++++ b/lib/minitasn1/decoding.c +@@ -215,7 +215,6 @@ asn1_get_octet_der (const unsigned char + if (der_len <= 0) + return ASN1_GENERIC_ERROR; + +- /* if(str==NULL) return ASN1_SUCCESS; */ + *str_len = asn1_get_length_der (der, der_len, &len_len); + + if (*str_len < 0) +@@ -223,7 +222,10 @@ asn1_get_octet_der (const unsigned char + + *ret_len = *str_len + len_len; + if (str_size >= *str_len) +- memcpy (str, der + len_len, *str_len); ++ { ++ if (*str_len > 0 && str != NULL) ++ memcpy (str, der + len_len, *str_len); ++ } + else + { + return ASN1_MEM_ERROR; +@@ -350,7 +352,10 @@ asn1_get_bit_der (const unsigned char *d + return ASN1_DER_ERROR; + + if (str_size >= len_byte) +- memcpy (str, der + len_len + 1, len_byte); ++ { ++ if (len_byte > 0 && str) ++ memcpy (str, der + len_len + 1, len_byte); ++ } + else + { + return ASN1_MEM_ERROR; +--- a/lib/minitasn1/element.c ++++ b/lib/minitasn1/element.c +@@ -113,8 +113,11 @@ _asn1_convert_integer (const unsigned ch + /* VALUE_OUT is too short to contain the value conversion */ + return ASN1_MEM_ERROR; + +- for (k2 = k; k2 < SIZEOF_UNSIGNED_LONG_INT; k2++) +- value_out[k2 - k] = val[k2]; ++ if (value_out != NULL) ++ { ++ for (k2 = k; k2 < SIZEOF_UNSIGNED_LONG_INT; k2++) ++ value_out[k2 - k] = val[k2]; ++ } + + #if 0 + printf ("_asn1_convert_integer: valueIn=%s, lenOut=%d", value, *len); +@@ -623,7 +626,8 @@ asn1_write_value (asn1_node node_root, c + if (ptr_size < data_size) { \ + return ASN1_MEM_ERROR; \ + } else { \ +- memcpy( ptr, data, data_size); \ ++ if (ptr && data_size > 0) \ ++ memcpy( ptr, data, data_size); \ + } + + #define PUT_STR_VALUE( ptr, ptr_size, data) \ +@@ -632,16 +626,19 @@ asn1_write_value (asn1_node node_root, c + return ASN1_MEM_ERROR; \ + } else { \ + /* this strcpy is checked */ \ +- strcpy(ptr, data); \ ++ if (ptr) { \ ++ strcpy(ptr, data); \ ++ } \ + } + + #define ADD_STR_VALUE( ptr, ptr_size, data) \ +- *len = (int) strlen(data) + 1; \ +- if (ptr_size < (int) strlen(ptr)+(*len)) { \ ++ *len += strlen(data); \ ++ if (ptr_size < (int) *len) { \ ++ (*len)++; \ + return ASN1_MEM_ERROR; \ + } else { \ + /* this strcat is checked */ \ +- strcat(ptr, data); \ ++ if (ptr) strcat (ptr, data); \ + } + + /** +@@ -803,7 +810,9 @@ asn1_read_value (asn1_node root, const c + case TYPE_OBJECT_ID: + if (node->type & CONST_ASSIGN) + { +- value[0] = 0; ++ *len = 0; ++ if (value) ++ value[0] = 0; + p = node->down; + while (p) + { +@@ -817,7 +826,7 @@ asn1_read_value (asn1_node root, const c + } + p = p->right; + } +- *len = strlen (value) + 1; ++ (*len)++; + } + else if ((node->type & CONST_DEFAULT) && (node->value == NULL)) + { diff --git a/patches/source/gnutls/gnutls-2.8.4_fix-expired-cert.diff b/patches/source/gnutls/gnutls-2.8.4_fix-expired-cert.diff new file mode 100644 index 000000000..cb0a8d567 --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.4_fix-expired-cert.diff @@ -0,0 +1,23 @@ +commit 45c1fd2912e1680e7aafda931a6acdf97c8f3c00 +Author: Simon Josefsson <simon@josefsson.org> +Date: Tue Oct 20 11:27:13 2009 +0200 + + Fix expired cert. + +diff --git a/tests/chainverify.c b/tests/chainverify.c +index 745cd7c..0192da2 100644 +--- a/tests/chainverify.c ++++ b/tests/chainverify.c +@@ -701,8 +701,11 @@ static struct + { "rsa-md5 not ok", mayfirst_chain, &mayfirst_chain[1], + GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD2, + GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID }, ++ { "rsa-md5 not ok2", mayfirst_chain, &mayfirst_chain[1], ++ GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5, ++ GNUTLS_CERT_EXPIRED | GNUTLS_CERT_INVALID }, + { "rsa-md5 ok", mayfirst_chain, &mayfirst_chain[1], +- GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5, 0 }, ++ GNUTLS_VERIFY_DISABLE_TIME_CHECKS | GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5, 0 }, + { "v1ca fail", v1ca, &v1ca[2], + 0, GNUTLS_CERT_SIGNER_NOT_CA | GNUTLS_CERT_INVALID }, + { "v1ca expired", v1ca, &v1ca[2], diff --git a/patches/source/gnutls/gnutls-2.8.4_fix-timebomb.diff b/patches/source/gnutls/gnutls-2.8.4_fix-timebomb.diff new file mode 100644 index 000000000..38e144294 --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.4_fix-timebomb.diff @@ -0,0 +1,35 @@ +commit 087fdeec5076ae1270f460685d8d36a50d9c3822 +Author: Simon Josefsson <simon@josefsson.org> +Date: Mon Nov 2 11:25:27 2009 +0100 + + Fix time bomb in chainverify self-test. + + Reported by Andreas Metzler <ametzler@downhill.at.eu.org> + in <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3925>. + +diff --git a/tests/chainverify.c b/tests/chainverify.c +index 0192da2..16c59ee 100644 +--- a/tests/chainverify.c ++++ b/tests/chainverify.c +@@ -32,6 +32,21 @@ + #include <gnutls/gnutls.h> + #include <gnutls/x509.h> + ++/* GnuTLS internally calls time() to find out the current time when ++ verifying certificates. To avoid a time bomb, we hard code the ++ current time. This should work fine on systems where the library ++ call to time is resolved at run-time. */ ++time_t ++time (time_t *t) ++{ ++ time_t then = 1256803113; ++ ++ if (t) ++ *t = then; ++ ++ return then; ++} ++ + /* *INDENT-OFF* */ + + /* Triggers incorrect verification success on older versions */ diff --git a/patches/source/gnutls/gnutls-2.8.4_ipv6.diff b/patches/source/gnutls/gnutls-2.8.4_ipv6.diff new file mode 100644 index 000000000..f6b2ac11f --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.4_ipv6.diff @@ -0,0 +1,51 @@ +From a32fb84bcc1b15b184b4fb0905be18532c04ecb3 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Sun, 29 Sep 2013 +Subject: Fix binding of IPV6 address in gnutls-serv + +On Linux with /proc/sys/net/ipv6/bindv6only == 0 (which is now the +default), gnutls-serv cannot listen on ipv6. + +Fix adapted for use with GnuTLS 2.8.4. + +Relevant upstream commits: +-------------------------- +https://gitorious.org/gnutls/gnutls/commit/1c315602306afc +https://gitorious.org/gnutls/gnutls/commit/9c1536d514dd83 + +--- + serv.c | 16 ++++++++++++++++ + 1 file changed, 16 insertions(+) + +--- a/src/serv.c 2013-09-29 ++++ b/src/serv.c 2013-09-29 +@@ -673,6 +673,11 @@ listen_socket (const char *name, int lis + + for (ptr = res; ptr != NULL; ptr = ptr->ai_next) + { ++#ifndef HAVE_IPV6 ++ if (ptr->ai_family != AF_INET) ++ continue; ++#endif ++ + /* Print what we are doing. */ + { + char topbuf[512]; +@@ -690,6 +695,17 @@ listen_socket (const char *name, int lis + continue; + } + ++#if defined(HAVE_IPV6) && !defined(_WIN32) ++ if (ptr->ai_family == AF_INET6) ++ { ++ yes = 1; ++ /* avoid listen on ipv6 addresses failing ++ * because already listening on ipv4 addresses: */ ++ setsockopt (s, IPPROTO_IPV6, IPV6_V6ONLY, ++ (const void *) &yes, sizeof (yes)); ++ } ++#endif ++ + yes = 1; + if (setsockopt (s, SOL_SOCKET, SO_REUSEADDR, + (const void *) &yes, sizeof (yes)) < 0) diff --git a/patches/source/gnutls/gnutls-2.8.4_libgcrypt150-fix.diff b/patches/source/gnutls/gnutls-2.8.4_libgcrypt150-fix.diff new file mode 100644 index 000000000..6f1f19c50 --- /dev/null +++ b/patches/source/gnutls/gnutls-2.8.4_libgcrypt150-fix.diff @@ -0,0 +1,162 @@ +From 96fb09172b20200d5f7c5a2f883d482510993f19 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Sun, 29 Sep 2013 +Subject: Fix problem when using libgcrypt 1.5.0+ + +Fix GnuTLS to not rely on a bug present in libgcrypt before 1.5.0 +in gcry_sexp_nth_mpi(). + +Relevant discussion: +-------------------- +https://lists.gnu.org/archive/html/gnutls-devel/2011-07/msg00006.html + +--- + pk-libgcrypt.c | 32 ++++++++++++++++---------------- + 1 file changed, 16 insertions(+), 16 deletions(-) + +--- a/lib/pk-libgcrypt.c 2013-09-27 ++++ b/lib/pk-libgcrypt.c 2013-09-27 +@@ -112,7 +112,7 @@ _wrap_gcry_pk_encrypt (gnutls_pk_algorit + goto cleanup; + } + +- res = gcry_sexp_nth_mpi (list, 1, 0); ++ res = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + if (res == NULL) + { +@@ -202,7 +202,7 @@ _wrap_gcry_pk_decrypt (gnutls_pk_algorit + goto cleanup; + } + +- res = gcry_sexp_nth_mpi (s_plain, 0, 0); ++ res = gcry_sexp_nth_mpi (s_plain, 0, GCRYMPI_FMT_USG); + if (res == NULL) + { + gnutls_assert (); +@@ -327,7 +327,7 @@ _wrap_gcry_pk_sign (gnutls_pk_algorithm_ + goto cleanup; + } + +- res[0] = gcry_sexp_nth_mpi (list, 1, 0); ++ res[0] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (s_sig, "s", 0); +@@ -338,7 +338,7 @@ _wrap_gcry_pk_sign (gnutls_pk_algorithm_ + goto cleanup; + } + +- res[1] = gcry_sexp_nth_mpi (list, 1, 0); ++ res[1] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + ret = _gnutls_encode_ber_rs (signature, res[0], res[1]); +@@ -360,7 +360,7 @@ _wrap_gcry_pk_sign (gnutls_pk_algorithm_ + goto cleanup; + } + +- res[0] = gcry_sexp_nth_mpi (list, 1, 0); ++ res[0] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + ret = _gnutls_mpi_dprint (res[0], signature); +@@ -559,7 +559,7 @@ _dsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[0] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[0] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "q", 0); +@@ -570,7 +570,7 @@ _dsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[1] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[1] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "g", 0); +@@ -581,7 +581,7 @@ _dsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[2] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[2] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "y", 0); +@@ -592,7 +592,7 @@ _dsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[3] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[3] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + +@@ -604,7 +604,7 @@ _dsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[4] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[4] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + + gcry_sexp_release (list); + gcry_sexp_release (key); +@@ -653,7 +653,7 @@ _rsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[0] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[0] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "e", 0); +@@ -664,7 +664,7 @@ _rsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[1] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[1] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "d", 0); +@@ -675,7 +675,7 @@ _rsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[2] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[2] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + list = gcry_sexp_find_token (key, "p", 0); +@@ -686,7 +686,7 @@ _rsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[3] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[3] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + +@@ -698,7 +698,7 @@ _rsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[4] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[4] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + gcry_sexp_release (list); + + +@@ -710,7 +710,7 @@ _rsa_generate_params (bigint_t * resarr, + return GNUTLS_E_INTERNAL_ERROR; + } + +- resarr[5] = gcry_sexp_nth_mpi (list, 1, 0); ++ resarr[5] = gcry_sexp_nth_mpi (list, 1, GCRYMPI_FMT_USG); + + gcry_sexp_release (list); + gcry_sexp_release (key); diff --git a/patches/source/gnutls/gnutls.SlackBuild b/patches/source/gnutls/gnutls.SlackBuild new file mode 100755 index 000000000..2473e2175 --- /dev/null +++ b/patches/source/gnutls/gnutls.SlackBuild @@ -0,0 +1,138 @@ +#!/bin/sh + +# Copyright 2007 Robby Workman (http://rlworkman.net) +# Copyright 2007, 2008, 2009, 2014 Patrick Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=gnutls +VERSION=2.8.4 +BUILD=${BUILD:-4_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i486 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7lh ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP + +rm -rf $PKGNAM-$VERSION +if [ -r $CWD/$PKGNAM-$VERSION.tar.gz ]; then + tar xf $CWD/$PKGNAM-$VERSION.tar.gz || exit 1 +elif [ -r $CWD/$PKGNAM-$VERSION.tar.bz2 ]; then + tar xf $CWD/$PKGNAM-$VERSION.tar.bz2 || exit 1 +elif [ -r $CWD/$PKGNAM-$VERSION.tar.xz ]; then + tar xf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +elif [ -r $CWD/$PKGNAM-$VERSION.tar.lzma ]; then + tar xf $CWD/$PKGNAM-$VERSION.tar.lzma || exit 1 +else + exit 1 +fi + + +cd $PKGNAM-$VERSION +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/gnutls-2.8.4_CVE-2009-3555.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.4_CVE-2011-4128.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.4_CVE-2012-1569.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.4_CVE-2012-1573.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.4_CVE-2013-1619_CVE-2013-2116.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.4_libgcrypt150-fix.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.4_fix-expired-cert.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.4_fix-timebomb.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.4_ipv6.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.4_CVE-2014-0092.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.4_CVE-2014-3466.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.4_CVE-2014-3467.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.4_CVE-2014-3468.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/gnutls-2.8.4_CVE-2014-3469.diff.gz | patch -p1 --verbose || exit 1 + + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --enable-static=no \ + --build=$ARCH-slackware-linux \ + --host=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +( cd $PKG/usr/man + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +) + +( cd $PKG/usr/info + rm -f dir + gzip -9 *.info* +) + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + ABOUT-NLS AUTHORS COPYING* INSTALL NEWS README* THANKS \ + $PKG/usr/doc/$PKGNAM-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n -p $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/gnutls/slack-desc b/patches/source/gnutls/slack-desc new file mode 100644 index 000000000..49fdb9f0c --- /dev/null +++ b/patches/source/gnutls/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +gnutls: gnutls (GNU TLS library) +gnutls: +gnutls: This is a TLS (Transport Layer Security) 1.0 and SSL (Secure Sockets +gnutls: Layer) 3.0 implementation. In brief, GnuTLS can be described as a +gnutls: library which offers an API to access secure communication protocols. +gnutls: These protocols provide privacy over insecure lines, and were designed +gnutls: to prevent eavesdropping, tampering, or message forgery. +gnutls: +gnutls: Homepage: http://www.gnu.org/software/gnutls/ +gnutls: +gnutls: diff --git a/patches/source/gzip/gzip.SlackBuild b/patches/source/gzip/gzip.SlackBuild new file mode 100755 index 000000000..0eb42649e --- /dev/null +++ b/patches/source/gzip/gzip.SlackBuild @@ -0,0 +1,170 @@ +#!/bin/sh + +# Copyright 2006-2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=gzip +VERSION=${VERSION:-1.4} +BUILD=${BUILD:-1_slack13.0} + +NUMJOBS=${NUMJOBS:--j6} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-${PKGNAM} + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.xz || exit 1 +cd ${PKGNAM}-$VERSION + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# The following command renames the internal implementation of futimens +# to gl_futimens as newer versions of Glibc provide an incompatible version: +sed -i -e "s/futimens/gl_&/" $(grep -lr futimens *) + +# Configure: +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --bindir=/bin \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --build=$ARCH-slackware-linux + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# The ncompress package already has this: +rm -f $PKG/bin/uncompress + +# Strip binaries: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | \ + xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | \ + xargs strip --strip-unneeded 2> /dev/null +) + +# Fix locations: +#( cd $PKG + #mkdir bin + #mv usr/bin/gzip bin + #( cd bin ; rm -rf gunzip ) + #( cd bin ; ln -sf gzip gunzip ) + #( cd bin ; rm -rf zcat ) + #( cd bin ; ln -sf gzip zcat ) + #( cd usr/bin ; rm -rf gzip ) + #( cd usr/bin ; ln -sf ../../bin/gzip gzip ) + #( cd usr/bin ; rm -rf gunzip ) + #( cd usr/bin ; ln -sf ../../bin/gunzip gunzip ) + #( cd usr/bin ; rm -rf zcat ) + #( cd usr/bin ; ln -sf ../../bin/zcat zcat ) + #( cd usr/bin ; rm -rf zcmp ) + #( cd usr/bin ; ln -sf zdiff zcmp ) + #( cd usr/bin ; rm -rf zegrep ) + #( cd usr/bin ; ln -sf zgrep zegrep ) + #( cd usr/bin ; rm -rf zfgrep ) + #( cd usr/bin ; ln -sf zgrep zfgrep ) +#) + +mkdir -p $PKG/usr/bin +( cd $PKG/bin + for file in * ; do + ( cd $PKG/usr/bin ; ln -sf ../../bin/$file . ) + done +) + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Compress info files, if any: +if [ -d $PKG/usr/info ]; then + ( cd $PKG/usr/info + rm -f dir + gzip -9 * + ) +fi + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a \ + AUTHORS COPYING INSTALL NEWS README README-alpha THANKS TODO \ + $PKG/usr/doc/${PKGNAM}-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $TMP/package-${PKGNAM} +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.tgz + diff --git a/patches/source/gzip/slack-desc b/patches/source/gzip/slack-desc new file mode 100644 index 000000000..ef26d586e --- /dev/null +++ b/patches/source/gzip/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +gzip: gzip (file compression utility) +gzip: +gzip: Gzip reduces the size of the named files using Lempel-Ziv coding +gzip: (LZ77). Whenever possible, each file is replaced by one with the +gzip: extension .gz, while keeping the same ownership modes, access and +gzip: modification times. +gzip: +gzip: +gzip: +gzip: +gzip: diff --git a/patches/source/hplip/doinst.sh b/patches/source/hplip/doinst.sh new file mode 100644 index 000000000..8f9648e07 --- /dev/null +++ b/patches/source/hplip/doinst.sh @@ -0,0 +1,4 @@ +if [ -x /usr/bin/update-desktop-database ]; then + /usr/bin/update-desktop-database /usr/share/applications >/dev/null 2>&1 +fi + diff --git a/patches/source/hplip/hplip.CVE-2010-4267.diff b/patches/source/hplip/hplip.CVE-2010-4267.diff new file mode 100644 index 000000000..d7adcdba2 --- /dev/null +++ b/patches/source/hplip/hplip.CVE-2010-4267.diff @@ -0,0 +1,12 @@ +--- hplip-3.10.2.orig/io/hpmud/pml.c 2010-12-06 13:35:12.046894255 -0500 ++++ hplip-3.10.2.orig/io/hpmud/pml.c 2010-12-06 13:34:35.018894207 -0500 +@@ -504,6 +504,8 @@ enum HPMUD_RESULT hpmud_get_pml(HPMUD_DE + p += 2; /* eat type and length */ + } + ++ if (dLen > buf_size) ++ dLen = buf_size; + memcpy(buf, p, dLen); + *bytes_read = dLen; + *type = dt; + diff --git a/patches/source/hplip/hplip.SlackBuild b/patches/source/hplip/hplip.SlackBuild new file mode 100755 index 000000000..7f8e421cd --- /dev/null +++ b/patches/source/hplip/hplip.SlackBuild @@ -0,0 +1,123 @@ +#!/bin/sh + +# Slackware build script for hplip + +# Copyright 2006-2009 Robby Workman, Northport, Alabama, USA +# Copyright 2006-2009 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PRGNAM=hplip +VERSION=${VERSION:-3.9.4b} +BUILD=${BUILD:-3_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PRGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf $PRGNAM-$VERSION +tar xvf $CWD/$PRGNAM-$VERSION.tar.bz2 || exit 1 +cd $PRGNAM-$VERSION || exit 1 + +zcat $CWD/hplip.CVE-2010-4267.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Fix a segfault bug +zcat $CWD/hplip.prevent_segfault.diff.gz | patch -p1 || exit 1 + +# Fix udev rules for current versions of udev +sed -i 's/SYSFS/ATTR/g' data/rules/*.rules +# Fix ownership in udev rules file +sed -i 's%OWNER="lp"%OWNER="root"%g' data/rules/*.rules + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-cupsbackenddir=/usr/lib${LIBDIRSUFFIX}/cups/backend \ + --with-cupsfilterdir=/usr/lib${LIBDIRSUFFIX}/cups/filter \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --docdir=/usr/doc/hplip-$VERSION \ + --with-docdir=/usr/doc/hplip-$VERSION \ + --with-hpppddir=/usr/share/cups/model/HP \ + --with-drvdir=/usr/share/cups/drv/hp \ + --enable-shadow-build \ + --enable-scan-build \ + --enable-gui-build \ + --enable-fax-build \ + --enable-foomatic-rip-hplip-install \ + --disable-foomatic-ppd-install \ + --enable-foomatic-drv-install \ + --enable-network-build=yes \ + --enable-qt4 \ + --build=$ARCH-slackware-linux \ + --host=$ARCH-slackware-linux \ + || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG rulesdir=/lib/udev/rules.d || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# No thanks, we don't replace/add files which are part of other packages +rm -rf $PKG/etc/sane.d + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PRGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/hplip/hplip.prevent_segfault.diff b/patches/source/hplip/hplip.prevent_segfault.diff new file mode 100644 index 000000000..1021a2e65 --- /dev/null +++ b/patches/source/hplip/hplip.prevent_segfault.diff @@ -0,0 +1,23 @@ +Thanks to Tim Waugh <twaugh redhat com> for the patch +Prevent crash when DEVICE_URI/PRINTER environment variables are not + set (https://bugzilla.redhat.com/show_bug.cgi?id=479808 comment 6) + +diff -Nur hplip-3.9.4b.old/prnt/hpijs/hpijs.cpp hplip-3.9.4b.new/prnt/hpijs/hpijs.cpp +--- hplip-3.9.4b.old/prnt/hpijs/hpijs.cpp 2009-04-29 15:36:54.000000000 -0500 ++++ hplip-3.9.4b.new/prnt/hpijs/hpijs.cpp 2009-06-09 00:41:44.684172840 -0500 +@@ -218,8 +218,14 @@ + // call dbus here + const char *user_name = " "; + const char *title = " "; ++ char *device_uri = getenv ("DEVICE_URI"); ++ char *printer = getenv("PRINTER"); + int job_id = 0; +- SendDbusMessage (getenv ("DEVICE_URI"), getenv("PRINTER"), ++ if (!device_uri) ++ device_uri = ""; ++ if (!printer) ++ printer = ""; ++ SendDbusMessage (device_uri, printer, + EVENT_PRINT_FAILED_MISSING_PLUGIN, + user_name, job_id, title); + BUG("unable to set device=%s, err=%d\n", svalue, r); diff --git a/patches/source/hplip/slack-desc b/patches/source/hplip/slack-desc new file mode 100644 index 000000000..874e6ed69 --- /dev/null +++ b/patches/source/hplip/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler--------------------------------------------------------| +hplip: hplip (HP print/scan/fax support) +hplip: +hplip: HPLIP is an HP developed solution for printing, scanning, and faxing +hplip: with HP inkjet and laser based printers in Linux. The HPLIP project +hplip: provides printing support for more than 1400 HP printer models, +hplip: including Deskjet, Officejet, Photosmart, PSC (Print Scan Copy), +hplip: Business Inkjet, LaserJet, and LaserJet MFP. +hplip: +hplip: For more information, see: http://hplipopensource.com +hplip: +hplip: diff --git a/patches/source/httpd/README b/patches/source/httpd/README new file mode 100644 index 000000000..796bb29a9 --- /dev/null +++ b/patches/source/httpd/README @@ -0,0 +1,34 @@ +WARNING + +This script builds a package that conflicts with apache1. Before +attempting to install this package, you should uninstall any of +these packages that you find on your system: + +apache +mod_ssl +php + +Really though, the only points of overlap are in /usr/sbin, so if you +leave your old packages in place apache2 will still work, but the +apache1 httpd will have been overwritten (along with other files) + +Apache is the most popular web server in the known universe; over half +the servers on the Internet are running Apache or one of its variants. + +By default, we build apache2 with the traditional "apache prefork" multi +processing module (MPM). This is somewhat safer for the use of mod_php, +but can still carry some security risks (all your php scripts run as the +user configured to run apache2). + +For enhanced multi-threaded performance, use "apache worker", but using +mod_php with "worker" is considered dangerous. PHP Core is multi-thread +safe, but many PHP extensions are *NOT*. To build apache2 with the +worker MPM, change the option to: --with-mpm=worker + +Please note that this script does not build apache2 with SuEXEC support. +The Apache group feels SuEXEC should not be part of a default install. +If you need this functionality, please read the following documentation +and make the necessary changes to the ./configure options in the script. + + http://httpd.apache.org/docs/2.0/suexec.html + diff --git a/patches/source/httpd/apache-2.2.CVE-2017-9798.optionsbleed.patch b/patches/source/httpd/apache-2.2.CVE-2017-9798.optionsbleed.patch new file mode 100644 index 000000000..4c3ebaabc --- /dev/null +++ b/patches/source/httpd/apache-2.2.CVE-2017-9798.optionsbleed.patch @@ -0,0 +1,21 @@ +CVE-2017-9798 + +Backport from https://svn.apache.org/viewvc?view=revision&revision=1807655 + +diff --git a/server/core.c b/server/core.c +index f61699e..d24542e 100644 +--- a/server/core.c ++++ b/server/core.c +@@ -1809,6 +1809,12 @@ AP_CORE_DECLARE_NONSTD(const char *) ap_limit_section(cmd_parms *cmd, + /* method has not been registered yet, but resorce restriction + * is always checked before method handling, so register it. + */ ++ if (cmd->pool == cmd->temp_pool) { ++ /* In .htaccess, we can't globally register new methods. */ ++ return apr_psprintf(cmd->pool, "Could not register method '%s' " ++ "for %s from .htaccess configuration", ++ method, cmd->cmd->name); ++ } + methnum = ap_method_register(cmd->pool, method); + } + diff --git a/patches/source/httpd/config.layout.diff b/patches/source/httpd/config.layout.diff new file mode 100644 index 000000000..c302515fe --- /dev/null +++ b/patches/source/httpd/config.layout.diff @@ -0,0 +1,30 @@ +--- ./config.layout.orig 2004-11-21 12:50:36.000000000 -0600 ++++ ./config.layout 2007-05-23 13:35:20.000000000 -0500 +@@ -322,3 +322,27 @@ + installbuilddir: ${prefix}/etc/apache2/build + errordir: ${datadir}/error + </Layout> ++ ++# FHS layout ++<Layout Slackware-FHS> ++ prefix: /usr ++ exec_prefix: ${prefix} ++ bindir: ${prefix}/bin ++ sbindir: ${prefix}/sbin ++ libdir: ${prefix}/lib/httpd ++ libexecdir: ${prefix}/lib/httpd/modules ++ installbuilddir: ${prefix}/lib/httpd/build ++ mandir: ${prefix}/man ++ sysconfdir: /etc/httpd ++ datadir: /srv/httpd ++ iconsdir: ${datadir}/icons ++ htdocsdir: ${datadir}/htdocs ++ manualdir: ${htdocsdir}/manual ++ cgidir: ${datadir}/cgi-bin ++ errordir: ${datadir}/error ++ includedir: ${prefix}/include/httpd ++ localstatedir: /var ++ runtimedir: ${localstatedir}/run/httpd ++ logfiledir: ${localstatedir}/log/httpd ++ proxycachedir: ${localstatedir}/cache/httpd ++</Layout> diff --git a/patches/source/httpd/doinst.sh b/patches/source/httpd/doinst.sh new file mode 100644 index 000000000..e233c362b --- /dev/null +++ b/patches/source/httpd/doinst.sh @@ -0,0 +1,71 @@ +#!/bin/sh + +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +preserve_perms() { + NEW="$1" + OLD="$(dirname ${NEW})/$(basename ${NEW} .new)" + if [ -e ${OLD} ]; then + cp -a ${OLD} ${NEW}.incoming + cat ${NEW} > ${NEW}.incoming + mv ${NEW}.incoming ${NEW} + fi + # Don't use config() -- we always want to install this, changed or unchanged. + #config ${NEW} +} + +if [ ! -e var/log/httpd ]; then + mkdir -p var/log/httpd + chmod 755 var/log/httpd +fi + +# Don't wipe out an existing document root with symlinks. If someone has +# replaced the symlinks that are created on a fresh installation, assume +# that they know what they are doing and leave things as-is. +if [ ! -e srv/www ]; then + ( cd srv ; ln -sf /var/www www ) +fi +if [ ! -e srv/httpd ]; then + ( cd srv ; ln -sf /var/www httpd ) +fi + +# Once again, our intent is not to wipe out anyone's +# site, but building in Apache's docs tree is not as +# good an idea as picking a unique DocumentRoot. +# +# Still, we will do what we can here to mitigate +# possible site damage: +if [ -r var/www/htdocs/index.html ]; then + if [ ! -r "var/log/packages/httpd-*upgraded*" ]; then + if [ var/www/htdocs/index.html -nt var/log/packages/httpd-*-? ]; then + cp -a var/www/htdocs/index.html var/www/htdocs/index.html.bak.$$ + fi + fi +fi + +# Keep same perms when installing rc.httpd.new: +preserve_perms etc/rc.d/rc.httpd.new +# Always install the new rc.httpd: +mv etc/rc.d/rc.httpd.new etc/rc.d/rc.httpd + +# Handle config files. Unless this is a fresh installation, the +# admin will have to move the .new files into place to complete +# the package installation, as we don't want to clobber files that +# may contain local customizations. +config etc/httpd/httpd.conf.new +config etc/logrotate.d/httpd.new +for conf_file in etc/httpd/extra/*.new; do + config $conf_file +done +config var/www/htdocs/index.html.new + diff --git a/patches/source/httpd/httpd.SlackBuild b/patches/source/httpd/httpd.SlackBuild new file mode 100755 index 000000000..ea7e196b2 --- /dev/null +++ b/patches/source/httpd/httpd.SlackBuild @@ -0,0 +1,227 @@ +#!/bin/sh + +# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2017 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# This script was written using the one from slackbuilds.org as a reference, +# so thanks to Adis Nezirovic ( adis _at_ linux.org.ba ) for the original work. + + +PKGNAM=httpd +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +cd $TMP +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.bz2 || exit 1 +cd ${PKGNAM}-$VERSION + +# Patch CVE-2017-9798 ("optionsbleed"): +zcat $CWD/apache-2.2.CVE-2017-9798.optionsbleed.patch.gz | patch -p1 --verbose || exit 1 + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# "prefork" is the default, safe, mpm type. If you *are not* using PHP, and you +# like to live on the bleeding edge, you may wish to change the --with-mpm option +# to "worker", which is the new way of doing things, but is multithreaded and +# many scripts (especially PHP ones) are not multithread safe. +# +# I'd leave this option the way is it on any production box that's keeping up +# with HTTP requests. No reason to chance it, IMHO. + +zcat $CWD/config.layout.diff.gz | sed -e "s#lib/httpd#lib${LIBDIRSUFFIX}/httpd#" | patch --verbose -p1 || exit 1 + +# Patch to fix aliasing issue exposed by gcc-4.5.1: +zcat $CWD/httpd.brigade_move.__noinline__.gcc451.diff.gz | patch --verbose -p1 || exit 1 + +# Configure: +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --enable-layout=Slackware-FHS \ + --with-mpm=prefork \ + --with-apr=/usr \ + --with-apr-util=/usr \ + --enable-mods-shared=all \ + --enable-so \ + --enable-pie \ + --enable-cgi \ + --with-pcre \ + --enable-ssl \ + --enable-rewrite \ + --enable-vhost-alias \ + --enable-proxy \ + --enable-proxy-http \ + --enable-proxy-ftp \ + --enable-proxy-balancer \ + --enable-cache \ + --enable-mem-cache \ + --enable-file-cache \ + --enable-disk-cache \ + --disable-speling \ + --enable-dav \ + --enable-ldap \ + --enable-authnz-ldap \ + --enable-authn-anon \ + --enable-authn-alias \ + --build=$ARCH-slackware-linux || exit 1 + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +rmdir $PKG/usr/bin + +# Tweak default apache configuration +( cd $PKG + zcat $CWD/httpd.nossldefault.diff.gz | sed -e "s#lib/httpd#lib${LIBDIRSUFFIX}/httpd#" | patch -p1 --verbose || exit 1 + zcat $CWD/httpd.runasapache.diff.gz | patch -p1 --verbose || exit 1 + rm -f $PKG/etc/httpd/httpd.conf~ $PKG/etc/httpd/httpd.conf.orig +) || exit 1 +# Change config files to .new: +( cd $PKG/etc/httpd + mv httpd.conf httpd.conf.new + for file in extra/*; do + mv $file "${file}.new" + done +) + +cat << EOF >> $PKG/etc/httpd/httpd.conf.new + +# Uncomment the following line to enable PHP: +# +#Include /etc/httpd/mod_php.conf + +# Uncomment the following lines to enable svn support: +# +#LoadModule dav_svn_module lib${LIBDIRSUFFIX}/httpd/modules/mod_dav_svn.so +#LoadModule authz_svn_module lib${LIBDIRSUFFIX}/httpd/modules/mod_authz_svn.so + +EOF + +rmdir $PKG/var/log/httpd + +mkdir -p $PKG/etc/rc.d +cat $CWD/rc.httpd > $PKG/etc/rc.d/rc.httpd.new + +mkdir -p $PKG/etc/logrotate.d +cat $CWD/logrotate.httpd > $PKG/etc/logrotate.d/httpd.new + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION/ +cp -a \ + ABOUT_APACHE Apache.dsw BuildBin.dsp CHANGES INSTALL InstallBin.dsp LAYOUT LICENSE NOTICE NWGNUmakefile README* ROADMAP VERSIONING \ + $PKG/usr/doc/$PKGNAM-$VERSION + +# Other distributions also strip the manual down to just English. +# If this isn't your language of choice, mea culpa. +( cd $PKG/srv/httpd/htdocs/manual + for file in $(find . -type f -name "*.html") ; do + if [ -f ${file}.en ]; then + cp ${file}.en ${file} + rm -f ${file}.* + fi + done +) + +# On Slackware, the traditional location for the Apache document root has always +# been "/var/www/htdocs/". We can avoid an unpleasant surprise for people by +# leaving things where they've always been, and comply with the FHS by providing +# symlinks allowing access through the FHS-approved pathnames. KDE, for example, +# will look for htdig's htsearch here: /var/www/cgi-bin/htsearch +mv $PKG/srv/httpd $PKG/var/www + +## DISABLED. Don't make these symlinks prior to packaging any more, as it is +## possibly dangerous to an existing document root created in the place where +## these symlinks are normally found. Instead, we make them in the install +## script (only if nothing exists there already) +#( cd $PKG/srv +# ln -sf /var/www . +# ln -sf /var/www httpd +#) + +# OK, it's just not generally good form to put your web site in /var/www/htdocs, +# but people do it every day. Like all new .new files, this won't save them this +# time, but if they don't learn their lesson now then it will the next time: +mv $PKG/var/www/htdocs/index.html $PKG/var/www/htdocs/index.html.new + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) +fi + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/httpd/httpd.brigade_move.__noinline__.gcc451.diff b/patches/source/httpd/httpd.brigade_move.__noinline__.gcc451.diff new file mode 100644 index 000000000..e8915ae43 --- /dev/null +++ b/patches/source/httpd/httpd.brigade_move.__noinline__.gcc451.diff @@ -0,0 +1,10 @@ +--- ./server/core_filters.c.orig 2010-02-26 03:32:15.000000000 -0600 ++++ ./server/core_filters.c 2011-02-12 13:23:22.000000000 -0600 +@@ -83,6 +83,7 @@ + * + * XXXX: Should this function be added to APR-Util? + */ ++__attribute__((__noinline__)) + static void brigade_move(apr_bucket_brigade *b, apr_bucket_brigade *a, + apr_bucket *e) + { diff --git a/patches/source/httpd/httpd.nossldefault.diff b/patches/source/httpd/httpd.nossldefault.diff new file mode 100644 index 000000000..bcf891f85 --- /dev/null +++ b/patches/source/httpd/httpd.nossldefault.diff @@ -0,0 +1,11 @@ +--- ./etc/httpd/httpd.conf.orig 2007-05-17 23:40:15.000000000 -0500 ++++ ./etc/httpd/httpd.conf 2007-05-18 15:55:38.000000000 -0500 +@@ -88,7 +88,7 @@ + LoadModule proxy_http_module lib/httpd/modules/mod_proxy_http.so + LoadModule proxy_ajp_module lib/httpd/modules/mod_proxy_ajp.so + LoadModule proxy_balancer_module lib/httpd/modules/mod_proxy_balancer.so +-LoadModule ssl_module lib/httpd/modules/mod_ssl.so ++#LoadModule ssl_module lib/httpd/modules/mod_ssl.so + LoadModule mime_module lib/httpd/modules/mod_mime.so + LoadModule dav_module lib/httpd/modules/mod_dav.so + LoadModule status_module lib/httpd/modules/mod_status.so diff --git a/patches/source/httpd/httpd.runasapache.diff b/patches/source/httpd/httpd.runasapache.diff new file mode 100644 index 000000000..c1954ec33 --- /dev/null +++ b/patches/source/httpd/httpd.runasapache.diff @@ -0,0 +1,13 @@ +--- ./etc/httpd/httpd.conf.orig 2008-02-14 15:24:21.000000000 -0600 ++++ ./etc/httpd/httpd.conf 2008-02-14 15:34:58.000000000 -0600 +@@ -125,8 +125,8 @@ + # It is usually good practice to create a dedicated user and group for + # running httpd, as with most system services. + # +-User daemon +-Group daemon ++User apache ++Group apache + + </IfModule> + </IfModule> diff --git a/patches/source/httpd/httpd.url b/patches/source/httpd/httpd.url new file mode 100644 index 000000000..36beb7d89 --- /dev/null +++ b/patches/source/httpd/httpd.url @@ -0,0 +1,2 @@ +http://www.apache.org/dist/httpd/httpd-2.2.32.tar.bz2 +http://www.apache.org/dist/httpd/httpd-2.2.32.tar.bz2.asc diff --git a/patches/source/httpd/logrotate.httpd b/patches/source/httpd/logrotate.httpd new file mode 100644 index 000000000..cc6383674 --- /dev/null +++ b/patches/source/httpd/logrotate.httpd @@ -0,0 +1,12 @@ +/var/log/httpd/*_log { + rotate 10 + notifempty + missingok + size=5M + compress + delaycompress + sharedscripts + postrotate + /etc/rc.d/rc.httpd restart + endscript +} diff --git a/patches/source/httpd/rc.httpd b/patches/source/httpd/rc.httpd new file mode 100644 index 000000000..064f6ea44 --- /dev/null +++ b/patches/source/httpd/rc.httpd @@ -0,0 +1,35 @@ +#!/bin/sh +# +# /etc/rc.d/rc.httpd +# +# Start/stop/restart/graceful[ly restart]/graceful[ly]-stop +# the Apache (httpd) web server. +# +# To make Apache start automatically at boot, make this +# file executable: chmod 755 /etc/rc.d/rc.httpd +# +# For information on these options, "man apachectl". + +case "$1" in + 'start') + /usr/sbin/apachectl -k start + ;; + 'stop') + /usr/sbin/apachectl -k stop + killall httpd + rm -f /var/run/httpd/*.pid + ;; + 'restart') + /usr/sbin/apachectl -k restart + ;; + 'graceful') + /usr/sbin/apachectl -k graceful + ;; + 'graceful-stop') + /usr/sbin/apachectl -k graceful-stop + ;; + *) + echo "Usage: $0 {start|stop|restart|graceful|graceful-stop}" + ;; +esac + diff --git a/patches/source/httpd/slack-desc b/patches/source/httpd/slack-desc new file mode 100644 index 000000000..38d240b6b --- /dev/null +++ b/patches/source/httpd/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +httpd: httpd (The Apache HTTP Server) +httpd: +httpd: Apache is an HTTP server designed as a plug-in replacement for the +httpd: NCSA HTTP server. It fixes numerous bugs in the NCSA server and +httpd: includes many frequently requested new features, and has an API which +httpd: allows it to be extended to meet users' needs more easily. +httpd: +httpd: Apache is the most popular web server in the known universe; over +httpd: half of the servers on the Internet are running Apache or one of +httpd: its variants. +httpd: diff --git a/patches/source/inputproto/arch.use.flags b/patches/source/inputproto/arch.use.flags new file mode 100644 index 000000000..11087c884 --- /dev/null +++ b/patches/source/inputproto/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/inputproto/build/inputproto b/patches/source/inputproto/build/inputproto new file mode 100644 index 000000000..1551cb6a4 --- /dev/null +++ b/patches/source/inputproto/build/inputproto @@ -0,0 +1 @@ +1_slack13.0 diff --git a/patches/source/inputproto/configure/configure b/patches/source/inputproto/configure/configure new file mode 100644 index 000000000..dcb1109bd --- /dev/null +++ b/patches/source/inputproto/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/inputproto/inputproto.SlackBuild b/patches/source/inputproto/inputproto.SlackBuild new file mode 100755 index 000000000..d5fe7abae --- /dev/null +++ b/patches/source/inputproto/inputproto.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild proto inputproto +mv /tmp/x11-build/inputproto*txz /tmp diff --git a/patches/source/inputproto/modularize b/patches/source/inputproto/modularize new file mode 100644 index 000000000..8a28ed93e --- /dev/null +++ b/patches/source/inputproto/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/inputproto/noarch b/patches/source/inputproto/noarch new file mode 100644 index 000000000..8785ee527 --- /dev/null +++ b/patches/source/inputproto/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/inputproto/package-blacklist b/patches/source/inputproto/package-blacklist new file mode 100644 index 000000000..603b8c31f --- /dev/null +++ b/patches/source/inputproto/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/inputproto/slack-desc/inputproto b/patches/source/inputproto/slack-desc/inputproto new file mode 100644 index 000000000..d5e586792 --- /dev/null +++ b/patches/source/inputproto/slack-desc/inputproto @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +inputproto: inputproto (C prototypes for X Input extension) +inputproto: +inputproto: inputproto is part of X11. +inputproto: +inputproto: For more information about the X.Org Foundation (the providers of the +inputproto: X.Org implementation of the X Window System), see their website: +inputproto: +inputproto: http://www.x.org +inputproto: +inputproto: +inputproto: diff --git a/patches/source/inputproto/x11.SlackBuild b/patches/source/inputproto/x11.SlackBuild new file mode 100755 index 000000000..c3887dff2 --- /dev/null +++ b/patches/source/inputproto/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/irssi/doinst.sh b/patches/source/irssi/doinst.sh new file mode 100644 index 000000000..197eddcef --- /dev/null +++ b/patches/source/irssi/doinst.sh @@ -0,0 +1,12 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/irssi.conf.new diff --git a/patches/source/irssi/irssi.SlackBuild b/patches/source/irssi/irssi.SlackBuild new file mode 100755 index 000000000..79fdf1faf --- /dev/null +++ b/patches/source/irssi/irssi.SlackBuild @@ -0,0 +1,146 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2016, 2017 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-irssi + +VERSION=0.8.21 +DIRCD=0.8.21 +BUILD=${BUILD:-2_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf irssi-$VERSION +tar xvf $CWD/irssi-$VERSION.tar.xz || exit 1 +cd irssi-$DIRCD + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 -o -perm 2777 -o -perm 2775 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/patch-src_irc_dcc_dcc-get_c.diff.gz | patch -p0 --verbose || exit 1 +zcat $CWD/patch-src_irc_dcc_dcc-resume_c.diff.gz | patch -p0 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --sysconfdir=/etc \ + --docdir=/usr/doc/irssi-$VERSION \ + --enable-ipv6 \ + --with-textui \ + --with-proxy \ + --with-perl-lib=vendor \ + --build=$ARCH-slackware-linux + +make \ + docdir=/usr/doc/irssi-$VERSION \ + $NUMJOBS || make || exit 1 +make install \ + docdir=/usr/doc/irssi-$VERSION \ + DESTDIR=$PKG || exit 1 + +# This removes our DESTDIR from the packlist filenames, to keep perl's +# internal inventories consistent and correct. +find $PKG -name .packlist | while read plist ; do + sed -e "s%$PKG%%g" \ + -e "s%/share/man%/man%g" \ + -re "s%\.([1-9]n?|3pm)$%&.gz%g # extend man filenames for .gz" \ + ${plist} > ${plist}.new + mv -f ${plist}.new ${plist} +done + +mv $PKG/etc/irssi.conf $PKG/etc/irssi.conf.new + +find $PKG -name perllocal.pod | xargs rm -f +eval $(perl '-V:archlib') ; rmdir -p $PKG/$archlib + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +cp -a \ + AUTHORS COPYING INSTALL NEWS README TODO \ + $PKG/usr/doc/irssi-$VERSION +( cd $PKG/usr/doc/irssi-$VERSION ; ln -sf /usr/share/irssi/help . ) + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/irssi-$VERSION-$ARCH-$BUILD.txz diff --git a/patches/source/irssi/patch-src_irc_dcc_dcc-get_c.diff b/patches/source/irssi/patch-src_irc_dcc_dcc-get_c.diff new file mode 100644 index 000000000..88a065988 --- /dev/null +++ b/patches/source/irssi/patch-src_irc_dcc_dcc-get_c.diff @@ -0,0 +1,23 @@ +$OpenBSD$ +--- src/irc/dcc/dcc-get.c.orig Tue Jun 6 18:03:29 2017 ++++ src/irc/dcc/dcc-get.c Tue Jun 6 18:03:00 2017 +@@ -374,6 +374,8 @@ int get_file_params_count(char **params, int paramcoun + if (*params[0] == '"') { + /* quoted file name? */ + for (pos = 0; pos < paramcount-3; pos++) { ++ if (strlen(params[pos]) == 0) ++ continue; + if (params[pos][strlen(params[pos])-1] == '"' && + get_params_match(params, pos+1)) + return pos+1; +@@ -419,6 +421,10 @@ static void ctcp_msg_dcc_send(IRC_SERVER_REC *server, + uoff_t size; + int p_id = -1; + int passive = FALSE; ++ ++ if (addr == NULL) { ++ addr = ""; ++ } + + /* SEND <file name> <address> <port> <size> [...] */ + /* SEND <file name> <address> 0 <size> <id> (DCC SEND passive protocol) */ diff --git a/patches/source/irssi/patch-src_irc_dcc_dcc-resume_c.diff b/patches/source/irssi/patch-src_irc_dcc_dcc-resume_c.diff new file mode 100644 index 000000000..5b1994a60 --- /dev/null +++ b/patches/source/irssi/patch-src_irc_dcc_dcc-resume_c.diff @@ -0,0 +1,12 @@ +$OpenBSD$ +--- src/irc/dcc/dcc-resume.c.orig Tue Jun 6 18:03:50 2017 ++++ src/irc/dcc/dcc-resume.c Tue Jun 6 18:03:00 2017 +@@ -62,6 +62,8 @@ int get_file_params_count_resume(char **params, int pa + if (*params[0] == '"') { + /* quoted file name? */ + for (pos = 0; pos < paramcount-2; pos++) { ++ if (strlen(params[pos]) == 0) ++ continue; + if (params[pos][strlen(params[pos])-1] == '"' && + get_params_match_resume(params, pos+1)) + return pos+1; diff --git a/patches/source/irssi/slack-desc b/patches/source/irssi/slack-desc new file mode 100644 index 000000000..2a0578921 --- /dev/null +++ b/patches/source/irssi/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +irssi: irssi (Internet Relay Chat client) +irssi: +irssi: Irssi is an Internet Relay Chat client. Designed to be both secure +irssi: and expandable, irssi is easily customized using modules and scripts. +irssi: +irssi: For more information, visit: http://irssi.org +irssi: +irssi: irssi was written by Timo Sirainen. +irssi: +irssi: +irssi: diff --git a/patches/source/jasper/jasper.SlackBuild b/patches/source/jasper/jasper.SlackBuild new file mode 100755 index 000000000..0d425606f --- /dev/null +++ b/patches/source/jasper/jasper.SlackBuild @@ -0,0 +1,137 @@ +#!/bin/sh + +# Copyright 2007, 2008 Eric Hameleers, Eijdhoven, NL +# Copyright 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. + +# Permission to use, copy, modify, and distribute this software for +# any purpose with or without fee is hereby granted, provided that +# the above copyright notice and this permission notice appear in all +# copies. +# +# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. + + +PKGNAM=jasper +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-3_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +case "$ARCH" in + i486) SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" + ;; + s390) SLKCFLAGS="-O2" + LIBDIRSUFFIX="" + ;; + powerpc) SLKCFLAGS="-O2" + LIBDIRSUFFIX="" + ;; + x86_64) SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" + ;; + athlon-xp) SLKCFLAGS="-march=athlon-xp -O3 -pipe -fomit-frame-pointer" + LIBDIRSUFFIX="" + ;; + *) SLKCFLAGS="-O2" + LIBDIRSUFFIX="" + ;; +esac + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.?z* || exit 1 +cd $PKGNAM-$VERSION +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Taken from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=469786 +zcat $CWD/patches/jpc_dec.c.patch.gz | patch -p1 --verbose || exit 1 + +# Taken from http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413041;msg=88 +zcat $CWD/patches/patch-libjasper-stepsizes-overflow.diff.gz | patch -p1 --verbose || exit 1 + +# Apply security fixes - taken from fedora +zcat $CWD/patches/jasper-1.900.1-CVE-2008-3520.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-1.900.1-CVE-2008-3522.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-1.900.1-CVE-2011-4516-CVE-2011-4517-CERT-VU-887409.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-CVE-2014-8138.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-CVE-2014-8157.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-CVE-2014-8158.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-CVE-2014-8137.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-CVE-2014-9029.patch.gz | patch -p1 --verbose || exit 1 + +# Apply fixes for issues discovered by coverity - taken from fedora +zcat $CWD/patches/jasper-1.900.1-Coverity-BAD_SIZEOF.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-1.900.1-Coverity-CHECKED_RETURN.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-1.900.1-Coverity-FORWARD_NULL.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-1.900.1-Coverity-NULL_RETURNS.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-1.900.1-Coverity-RESOURCE_LEAKS.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-1.900.1-Coverity-UNREACHABLE.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/jasper-1.900.1-Coverity-UNUSED_VALUE.patch.gz | patch -p1 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS -fno-strict-overflow" \ +CXXFLAGS="$SLKCFLAGS -fno-strict-overflow" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --localstatedir=/var \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --enable-shared \ + --disable-static \ + --program-prefix= \ + --program-suffix= \ + --build=$ARCH-slackware-linux + +make || exit 1 +make DESTDIR=$PKG install + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + COPYRIGHT INSTALL LICENSE NEWS README \ + $PKG/usr/doc/$PKGNAM-$VERSION +find $PKG/usr/doc -type f -exec chmod 644 {} \; + +find $PKG/usr/man -type f -name "*.?" -exec gzip -9f {} \; +for i in $(find $PKG/usr/man -type l -name "*.?") ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-${VERSION}-${ARCH}-${BUILD}.txz + diff --git a/patches/source/jasper/patches/jasper-1.900.1-CVE-2008-3520.patch b/patches/source/jasper/patches/jasper-1.900.1-CVE-2008-3520.patch new file mode 100644 index 000000000..0f5e3b746 --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-CVE-2008-3520.patch @@ -0,0 +1,928 @@ +https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3520 + +OpenBSD jas_malloc hardening patches + +diff -pruN jasper-1.900.1.orig/src/libjasper/base/jas_cm.c jasper-1.900.1/src/libjasper/base/jas_cm.c +--- jasper-1.900.1.orig/src/libjasper/base/jas_cm.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_cm.c 2009-10-22 10:27:45.000000000 +0200 +@@ -704,8 +704,7 @@ static int jas_cmpxformseq_resize(jas_cm + { + jas_cmpxform_t **p; + assert(n >= pxformseq->numpxforms); +- p = (!pxformseq->pxforms) ? jas_malloc(n * sizeof(jas_cmpxform_t *)) : +- jas_realloc(pxformseq->pxforms, n * sizeof(jas_cmpxform_t *)); ++ p = jas_realloc2(pxformseq->pxforms, n, sizeof(jas_cmpxform_t *)); + if (!p) { + return -1; + } +@@ -889,13 +888,13 @@ static int jas_cmshapmatlut_set(jas_cmsh + jas_cmshapmatlut_cleanup(lut); + if (curv->numents == 0) { + lut->size = 2; +- if (!(lut->data = jas_malloc(lut->size * sizeof(jas_cmreal_t)))) ++ if (!(lut->data = jas_alloc2(lut->size, sizeof(jas_cmreal_t)))) + goto error; + lut->data[0] = 0.0; + lut->data[1] = 1.0; + } else if (curv->numents == 1) { + lut->size = 256; +- if (!(lut->data = jas_malloc(lut->size * sizeof(jas_cmreal_t)))) ++ if (!(lut->data = jas_alloc2(lut->size, sizeof(jas_cmreal_t)))) + goto error; + gamma = curv->ents[0] / 256.0; + for (i = 0; i < lut->size; ++i) { +@@ -903,7 +902,7 @@ static int jas_cmshapmatlut_set(jas_cmsh + } + } else { + lut->size = curv->numents; +- if (!(lut->data = jas_malloc(lut->size * sizeof(jas_cmreal_t)))) ++ if (!(lut->data = jas_alloc2(lut->size, sizeof(jas_cmreal_t)))) + goto error; + for (i = 0; i < lut->size; ++i) { + lut->data[i] = curv->ents[i] / 65535.0; +@@ -953,7 +952,7 @@ static int jas_cmshapmatlut_invert(jas_c + return -1; + } + } +- if (!(invlut->data = jas_malloc(n * sizeof(jas_cmreal_t)))) ++ if (!(invlut->data = jas_alloc2(n, sizeof(jas_cmreal_t)))) + return -1; + invlut->size = n; + for (i = 0; i < invlut->size; ++i) { +diff -pruN jasper-1.900.1.orig/src/libjasper/base/jas_icc.c jasper-1.900.1/src/libjasper/base/jas_icc.c +--- jasper-1.900.1.orig/src/libjasper/base/jas_icc.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_icc.c 2009-10-22 10:27:45.000000000 +0200 +@@ -373,7 +373,7 @@ int jas_iccprof_save(jas_iccprof_t *prof + jas_icctagtab_t *tagtab; + + tagtab = &prof->tagtab; +- if (!(tagtab->ents = jas_malloc(prof->attrtab->numattrs * ++ if (!(tagtab->ents = jas_alloc2(prof->attrtab->numattrs, + sizeof(jas_icctagtabent_t)))) + goto error; + tagtab->numents = prof->attrtab->numattrs; +@@ -522,7 +522,7 @@ static int jas_iccprof_gettagtab(jas_str + } + if (jas_iccgetuint32(in, &tagtab->numents)) + goto error; +- if (!(tagtab->ents = jas_malloc(tagtab->numents * ++ if (!(tagtab->ents = jas_alloc2(tagtab->numents, + sizeof(jas_icctagtabent_t)))) + goto error; + tagtabent = tagtab->ents; +@@ -743,8 +743,7 @@ static int jas_iccattrtab_resize(jas_icc + { + jas_iccattr_t *newattrs; + assert(maxents >= tab->numattrs); +- newattrs = tab->attrs ? jas_realloc(tab->attrs, maxents * +- sizeof(jas_iccattr_t)) : jas_malloc(maxents * sizeof(jas_iccattr_t)); ++ newattrs = jas_realloc2(tab->attrs, maxents, sizeof(jas_iccattr_t)); + if (!newattrs) + return -1; + tab->attrs = newattrs; +@@ -999,7 +998,7 @@ static int jas_icccurv_input(jas_iccattr + + if (jas_iccgetuint32(in, &curv->numents)) + goto error; +- if (!(curv->ents = jas_malloc(curv->numents * sizeof(jas_iccuint16_t)))) ++ if (!(curv->ents = jas_alloc2(curv->numents, sizeof(jas_iccuint16_t)))) + goto error; + for (i = 0; i < curv->numents; ++i) { + if (jas_iccgetuint16(in, &curv->ents[i])) +@@ -1100,7 +1099,7 @@ static int jas_icctxtdesc_input(jas_icca + if (jas_iccgetuint32(in, &txtdesc->uclangcode) || + jas_iccgetuint32(in, &txtdesc->uclen)) + goto error; +- if (!(txtdesc->ucdata = jas_malloc(txtdesc->uclen * 2))) ++ if (!(txtdesc->ucdata = jas_alloc2(txtdesc->uclen, 2))) + goto error; + if (jas_stream_read(in, txtdesc->ucdata, txtdesc->uclen * 2) != + JAS_CAST(int, txtdesc->uclen * 2)) +@@ -1292,17 +1291,17 @@ static int jas_icclut8_input(jas_iccattr + jas_iccgetuint16(in, &lut8->numouttabents)) + goto error; + clutsize = jas_iccpowi(lut8->clutlen, lut8->numinchans) * lut8->numoutchans; +- if (!(lut8->clut = jas_malloc(clutsize * sizeof(jas_iccuint8_t))) || +- !(lut8->intabsbuf = jas_malloc(lut8->numinchans * +- lut8->numintabents * sizeof(jas_iccuint8_t))) || +- !(lut8->intabs = jas_malloc(lut8->numinchans * ++ if (!(lut8->clut = jas_alloc2(clutsize, sizeof(jas_iccuint8_t))) || ++ !(lut8->intabsbuf = jas_alloc3(lut8->numinchans, ++ lut8->numintabents, sizeof(jas_iccuint8_t))) || ++ !(lut8->intabs = jas_alloc2(lut8->numinchans, + sizeof(jas_iccuint8_t *)))) + goto error; + for (i = 0; i < lut8->numinchans; ++i) + lut8->intabs[i] = &lut8->intabsbuf[i * lut8->numintabents]; +- if (!(lut8->outtabsbuf = jas_malloc(lut8->numoutchans * +- lut8->numouttabents * sizeof(jas_iccuint8_t))) || +- !(lut8->outtabs = jas_malloc(lut8->numoutchans * ++ if (!(lut8->outtabsbuf = jas_alloc3(lut8->numoutchans, ++ lut8->numouttabents, sizeof(jas_iccuint8_t))) || ++ !(lut8->outtabs = jas_alloc2(lut8->numoutchans, + sizeof(jas_iccuint8_t *)))) + goto error; + for (i = 0; i < lut8->numoutchans; ++i) +@@ -1461,17 +1460,17 @@ static int jas_icclut16_input(jas_iccatt + jas_iccgetuint16(in, &lut16->numouttabents)) + goto error; + clutsize = jas_iccpowi(lut16->clutlen, lut16->numinchans) * lut16->numoutchans; +- if (!(lut16->clut = jas_malloc(clutsize * sizeof(jas_iccuint16_t))) || +- !(lut16->intabsbuf = jas_malloc(lut16->numinchans * +- lut16->numintabents * sizeof(jas_iccuint16_t))) || +- !(lut16->intabs = jas_malloc(lut16->numinchans * ++ if (!(lut16->clut = jas_alloc2(clutsize, sizeof(jas_iccuint16_t))) || ++ !(lut16->intabsbuf = jas_alloc3(lut16->numinchans, ++ lut16->numintabents, sizeof(jas_iccuint16_t))) || ++ !(lut16->intabs = jas_alloc2(lut16->numinchans, + sizeof(jas_iccuint16_t *)))) + goto error; + for (i = 0; i < lut16->numinchans; ++i) + lut16->intabs[i] = &lut16->intabsbuf[i * lut16->numintabents]; +- if (!(lut16->outtabsbuf = jas_malloc(lut16->numoutchans * +- lut16->numouttabents * sizeof(jas_iccuint16_t))) || +- !(lut16->outtabs = jas_malloc(lut16->numoutchans * ++ if (!(lut16->outtabsbuf = jas_alloc3(lut16->numoutchans, ++ lut16->numouttabents, sizeof(jas_iccuint16_t))) || ++ !(lut16->outtabs = jas_alloc2(lut16->numoutchans, + sizeof(jas_iccuint16_t *)))) + goto error; + for (i = 0; i < lut16->numoutchans; ++i) +diff -pruN jasper-1.900.1.orig/src/libjasper/base/jas_image.c jasper-1.900.1/src/libjasper/base/jas_image.c +--- jasper-1.900.1.orig/src/libjasper/base/jas_image.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_image.c 2009-10-22 10:27:45.000000000 +0200 +@@ -142,7 +142,7 @@ jas_image_t *jas_image_create(int numcmp + image->inmem_ = true; + + /* Allocate memory for the per-component information. */ +- if (!(image->cmpts_ = jas_malloc(image->maxcmpts_ * ++ if (!(image->cmpts_ = jas_alloc2(image->maxcmpts_, + sizeof(jas_image_cmpt_t *)))) { + jas_image_destroy(image); + return 0; +@@ -774,8 +774,7 @@ static int jas_image_growcmpts(jas_image + jas_image_cmpt_t **newcmpts; + int cmptno; + +- newcmpts = (!image->cmpts_) ? jas_malloc(maxcmpts * sizeof(jas_image_cmpt_t *)) : +- jas_realloc(image->cmpts_, maxcmpts * sizeof(jas_image_cmpt_t *)); ++ newcmpts = jas_realloc2(image->cmpts_, maxcmpts, sizeof(jas_image_cmpt_t *)); + if (!newcmpts) { + return -1; + } +diff -pruN jasper-1.900.1.orig/src/libjasper/base/jas_malloc.c jasper-1.900.1/src/libjasper/base/jas_malloc.c +--- jasper-1.900.1.orig/src/libjasper/base/jas_malloc.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_malloc.c 2009-10-22 10:27:45.000000000 +0200 +@@ -76,6 +76,9 @@ + + /* We need the prototype for memset. */ + #include <string.h> ++#include <limits.h> ++#include <errno.h> ++#include <stdint.h> + + #include "jasper/jas_malloc.h" + +@@ -113,18 +116,50 @@ void jas_free(void *ptr) + + void *jas_realloc(void *ptr, size_t size) + { +- return realloc(ptr, size); ++ return ptr ? realloc(ptr, size) : malloc(size); + } + +-void *jas_calloc(size_t nmemb, size_t size) ++void *jas_realloc2(void *ptr, size_t nmemb, size_t size) ++{ ++ if (!ptr) ++ return jas_alloc2(nmemb, size); ++ if (nmemb && SIZE_MAX / nmemb < size) { ++ errno = ENOMEM; ++ return NULL; ++ } ++ return jas_realloc(ptr, nmemb * size); ++ ++} ++ ++void *jas_alloc2(size_t nmemb, size_t size) ++{ ++ if (nmemb && SIZE_MAX / nmemb < size) { ++ errno = ENOMEM; ++ return NULL; ++ } ++ ++ return jas_malloc(nmemb * size); ++} ++ ++void *jas_alloc3(size_t a, size_t b, size_t c) + { +- void *ptr; + size_t n; +- n = nmemb * size; +- if (!(ptr = jas_malloc(n * sizeof(char)))) { +- return 0; ++ ++ if (a && SIZE_MAX / a < b) { ++ errno = ENOMEM; ++ return NULL; + } +- memset(ptr, 0, n); ++ ++ return jas_alloc2(a*b, c); ++} ++ ++void *jas_calloc(size_t nmemb, size_t size) ++{ ++ void *ptr; ++ ++ ptr = jas_alloc2(nmemb, size); ++ if (ptr) ++ memset(ptr, 0, nmemb*size); + return ptr; + } + +diff -pruN jasper-1.900.1.orig/src/libjasper/base/jas_seq.c jasper-1.900.1/src/libjasper/base/jas_seq.c +--- jasper-1.900.1.orig/src/libjasper/base/jas_seq.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_seq.c 2009-10-22 10:27:45.000000000 +0200 +@@ -114,7 +114,7 @@ jas_matrix_t *jas_matrix_create(int numr + matrix->datasize_ = numrows * numcols; + + if (matrix->maxrows_ > 0) { +- if (!(matrix->rows_ = jas_malloc(matrix->maxrows_ * ++ if (!(matrix->rows_ = jas_alloc2(matrix->maxrows_, + sizeof(jas_seqent_t *)))) { + jas_matrix_destroy(matrix); + return 0; +@@ -122,7 +122,7 @@ jas_matrix_t *jas_matrix_create(int numr + } + + if (matrix->datasize_ > 0) { +- if (!(matrix->data_ = jas_malloc(matrix->datasize_ * ++ if (!(matrix->data_ = jas_alloc2(matrix->datasize_, + sizeof(jas_seqent_t)))) { + jas_matrix_destroy(matrix); + return 0; +@@ -220,7 +220,7 @@ void jas_matrix_bindsub(jas_matrix_t *ma + mat0->numrows_ = r1 - r0 + 1; + mat0->numcols_ = c1 - c0 + 1; + mat0->maxrows_ = mat0->numrows_; +- mat0->rows_ = jas_malloc(mat0->maxrows_ * sizeof(jas_seqent_t *)); ++ mat0->rows_ = jas_alloc2(mat0->maxrows_, sizeof(jas_seqent_t *)); + for (i = 0; i < mat0->numrows_; ++i) { + mat0->rows_[i] = mat1->rows_[r0 + i] + c0; + } +diff -pruN jasper-1.900.1.orig/src/libjasper/base/jas_stream.c jasper-1.900.1/src/libjasper/base/jas_stream.c +--- jasper-1.900.1.orig/src/libjasper/base/jas_stream.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_stream.c 2009-10-22 10:27:45.000000000 +0200 +@@ -212,7 +212,7 @@ jas_stream_t *jas_stream_memopen(char *b + if (buf) { + obj->buf_ = (unsigned char *) buf; + } else { +- obj->buf_ = jas_malloc(obj->bufsize_ * sizeof(char)); ++ obj->buf_ = jas_malloc(obj->bufsize_); + obj->myalloc_ = 1; + } + if (!obj->buf_) { +@@ -992,7 +992,7 @@ static int mem_resize(jas_stream_memobj_ + unsigned char *buf; + + assert(m->buf_); +- if (!(buf = jas_realloc(m->buf_, bufsize * sizeof(unsigned char)))) { ++ if (!(buf = jas_realloc(m->buf_, bufsize))) { + return -1; + } + m->buf_ = buf; +diff -pruN jasper-1.900.1.orig/src/libjasper/bmp/bmp_dec.c jasper-1.900.1/src/libjasper/bmp/bmp_dec.c +--- jasper-1.900.1.orig/src/libjasper/bmp/bmp_dec.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/bmp/bmp_dec.c 2009-10-22 10:27:45.000000000 +0200 +@@ -283,7 +283,7 @@ static bmp_info_t *bmp_getinfo(jas_strea + } + + if (info->numcolors > 0) { +- if (!(info->palents = jas_malloc(info->numcolors * ++ if (!(info->palents = jas_alloc2(info->numcolors, + sizeof(bmp_palent_t)))) { + bmp_info_destroy(info); + return 0; +diff -pruN jasper-1.900.1.orig/src/libjasper/include/jasper/jas_malloc.h jasper-1.900.1/src/libjasper/include/jasper/jas_malloc.h +--- jasper-1.900.1.orig/src/libjasper/include/jasper/jas_malloc.h 2007-01-19 22:43:04.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/include/jasper/jas_malloc.h 2009-10-22 10:27:45.000000000 +0200 +@@ -95,6 +95,9 @@ extern "C" { + #define jas_free MEMFREE + #define jas_realloc MEMREALLOC + #define jas_calloc MEMCALLOC ++#define jas_alloc2(a, b) MEMALLOC((a)*(b)) ++#define jas_alloc3(a, b, c) MEMALLOC((a)*(b)*(c)) ++#define jas_realloc2(p, a, b) MEMREALLOC((p), (a)*(b)) + #endif + + /******************************************************************************\ +@@ -115,6 +118,12 @@ void *jas_realloc(void *ptr, size_t size + /* Allocate a block of memory and initialize the contents to zero. */ + void *jas_calloc(size_t nmemb, size_t size); + ++/* size-checked double allocation .*/ ++void *jas_alloc2(size_t, size_t); ++ ++void *jas_alloc3(size_t, size_t, size_t); ++ ++void *jas_realloc2(void *, size_t, size_t); + #endif + + #ifdef __cplusplus +diff -pruN jasper-1.900.1.orig/src/libjasper/jp2/jp2_cod.c jasper-1.900.1/src/libjasper/jp2/jp2_cod.c +--- jasper-1.900.1.orig/src/libjasper/jp2/jp2_cod.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jp2/jp2_cod.c 2009-10-22 10:30:24.000000000 +0200 +@@ -247,7 +247,7 @@ jp2_box_t *jp2_box_get(jas_stream_t *in) + box = 0; + tmpstream = 0; + +- if (!(box = jas_malloc(sizeof(jp2_box_t)))) { ++ if (!(box = jas_calloc(1, sizeof(jp2_box_t)))) { + goto error; + } + box->ops = &jp2_boxinfo_unk.ops; +@@ -372,7 +372,7 @@ static int jp2_bpcc_getdata(jp2_box_t *b + jp2_bpcc_t *bpcc = &box->data.bpcc; + unsigned int i; + bpcc->numcmpts = box->datalen; +- if (!(bpcc->bpcs = jas_malloc(bpcc->numcmpts * sizeof(uint_fast8_t)))) { ++ if (!(bpcc->bpcs = jas_alloc2(bpcc->numcmpts, sizeof(uint_fast8_t)))) { + return -1; + } + for (i = 0; i < bpcc->numcmpts; ++i) { +@@ -416,7 +416,7 @@ static int jp2_colr_getdata(jp2_box_t *b + break; + case JP2_COLR_ICC: + colr->iccplen = box->datalen - 3; +- if (!(colr->iccp = jas_malloc(colr->iccplen * sizeof(uint_fast8_t)))) { ++ if (!(colr->iccp = jas_alloc2(colr->iccplen, sizeof(uint_fast8_t)))) { + return -1; + } + if (jas_stream_read(in, colr->iccp, colr->iccplen) != colr->iccplen) { +@@ -453,7 +453,7 @@ static int jp2_cdef_getdata(jp2_box_t *b + if (jp2_getuint16(in, &cdef->numchans)) { + return -1; + } +- if (!(cdef->ents = jas_malloc(cdef->numchans * sizeof(jp2_cdefchan_t)))) { ++ if (!(cdef->ents = jas_alloc2(cdef->numchans, sizeof(jp2_cdefchan_t)))) { + return -1; + } + for (channo = 0; channo < cdef->numchans; ++channo) { +@@ -766,7 +766,7 @@ static int jp2_cmap_getdata(jp2_box_t *b + unsigned int i; + + cmap->numchans = (box->datalen) / 4; +- if (!(cmap->ents = jas_malloc(cmap->numchans * sizeof(jp2_cmapent_t)))) { ++ if (!(cmap->ents = jas_alloc2(cmap->numchans, sizeof(jp2_cmapent_t)))) { + return -1; + } + for (i = 0; i < cmap->numchans; ++i) { +@@ -828,10 +828,10 @@ static int jp2_pclr_getdata(jp2_box_t *b + return -1; + } + lutsize = pclr->numlutents * pclr->numchans; +- if (!(pclr->lutdata = jas_malloc(lutsize * sizeof(int_fast32_t)))) { ++ if (!(pclr->lutdata = jas_alloc2(lutsize, sizeof(int_fast32_t)))) { + return -1; + } +- if (!(pclr->bpc = jas_malloc(pclr->numchans * sizeof(uint_fast8_t)))) { ++ if (!(pclr->bpc = jas_alloc2(pclr->numchans, sizeof(uint_fast8_t)))) { + return -1; + } + for (i = 0; i < pclr->numchans; ++i) { +diff -pruN jasper-1.900.1.orig/src/libjasper/jp2/jp2_dec.c jasper-1.900.1/src/libjasper/jp2/jp2_dec.c +--- jasper-1.900.1.orig/src/libjasper/jp2/jp2_dec.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jp2/jp2_dec.c 2009-10-22 10:27:45.000000000 +0200 +@@ -336,7 +336,7 @@ jas_image_t *jp2_decode(jas_stream_t *in + } + + /* Allocate space for the channel-number to component-number LUT. */ +- if (!(dec->chantocmptlut = jas_malloc(dec->numchans * sizeof(uint_fast16_t)))) { ++ if (!(dec->chantocmptlut = jas_alloc2(dec->numchans, sizeof(uint_fast16_t)))) { + jas_eprintf("error: no memory\n"); + goto error; + } +@@ -354,7 +354,7 @@ jas_image_t *jp2_decode(jas_stream_t *in + if (cmapent->map == JP2_CMAP_DIRECT) { + dec->chantocmptlut[channo] = channo; + } else if (cmapent->map == JP2_CMAP_PALETTE) { +- lutents = jas_malloc(pclrd->numlutents * sizeof(int_fast32_t)); ++ lutents = jas_alloc2(pclrd->numlutents, sizeof(int_fast32_t)); + for (i = 0; i < pclrd->numlutents; ++i) { + lutents[i] = pclrd->lutdata[cmapent->pcol + i * pclrd->numchans]; + } +diff -pruN jasper-1.900.1.orig/src/libjasper/jp2/jp2_enc.c jasper-1.900.1/src/libjasper/jp2/jp2_enc.c +--- jasper-1.900.1.orig/src/libjasper/jp2/jp2_enc.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jp2/jp2_enc.c 2009-10-22 10:27:45.000000000 +0200 +@@ -191,7 +191,7 @@ int sgnd; + } + bpcc = &box->data.bpcc; + bpcc->numcmpts = jas_image_numcmpts(image); +- if (!(bpcc->bpcs = jas_malloc(bpcc->numcmpts * ++ if (!(bpcc->bpcs = jas_alloc2(bpcc->numcmpts, + sizeof(uint_fast8_t)))) { + goto error; + } +@@ -285,7 +285,7 @@ int sgnd; + } + cdef = &box->data.cdef; + cdef->numchans = jas_image_numcmpts(image); +- cdef->ents = jas_malloc(cdef->numchans * sizeof(jp2_cdefchan_t)); ++ cdef->ents = jas_alloc2(cdef->numchans, sizeof(jp2_cdefchan_t)); + for (i = 0; i < jas_image_numcmpts(image); ++i) { + cdefchanent = &cdef->ents[i]; + cdefchanent->channo = i; +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_cs.c jasper-1.900.1/src/libjasper/jpc/jpc_cs.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_cs.c 2009-10-22 09:58:16.000000000 +0200 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_cs.c 2009-10-22 10:27:45.000000000 +0200 +@@ -502,7 +502,7 @@ static int jpc_siz_getparms(jpc_ms_t *ms + !siz->tileheight || !siz->numcomps) { + return -1; + } +- if (!(siz->comps = jas_malloc(siz->numcomps * sizeof(jpc_sizcomp_t)))) { ++ if (!(siz->comps = jas_alloc2(siz->numcomps, sizeof(jpc_sizcomp_t)))) { + return -1; + } + for (i = 0; i < siz->numcomps; ++i) { +@@ -986,7 +986,7 @@ static int jpc_qcx_getcompparms(jpc_qcxc + jpc_qcx_destroycompparms(compparms); + return -1; + } else if (compparms->numstepsizes > 0) { +- compparms->stepsizes = jas_malloc(compparms->numstepsizes * ++ compparms->stepsizes = jas_alloc2(compparms->numstepsizes, + sizeof(uint_fast16_t)); + assert(compparms->stepsizes); + for (i = 0; i < compparms->numstepsizes; ++i) { +@@ -1094,7 +1094,7 @@ static int jpc_ppm_getparms(jpc_ms_t *ms + + ppm->len = ms->len - 1; + if (ppm->len > 0) { +- if (!(ppm->data = jas_malloc(ppm->len * sizeof(unsigned char)))) { ++ if (!(ppm->data = jas_malloc(ppm->len))) { + goto error; + } + if (JAS_CAST(uint, jas_stream_read(in, ppm->data, ppm->len)) != ppm->len) { +@@ -1163,7 +1163,7 @@ static int jpc_ppt_getparms(jpc_ms_t *ms + } + ppt->len = ms->len - 1; + if (ppt->len > 0) { +- if (!(ppt->data = jas_malloc(ppt->len * sizeof(unsigned char)))) { ++ if (!(ppt->data = jas_malloc(ppt->len))) { + goto error; + } + if (jas_stream_read(in, (char *) ppt->data, ppt->len) != JAS_CAST(int, ppt->len)) { +@@ -1226,7 +1226,7 @@ static int jpc_poc_getparms(jpc_ms_t *ms + uint_fast8_t tmp; + poc->numpchgs = (cstate->numcomps > 256) ? (ms->len / 9) : + (ms->len / 7); +- if (!(poc->pchgs = jas_malloc(poc->numpchgs * sizeof(jpc_pocpchg_t)))) { ++ if (!(poc->pchgs = jas_alloc2(poc->numpchgs, sizeof(jpc_pocpchg_t)))) { + goto error; + } + for (pchgno = 0, pchg = poc->pchgs; pchgno < poc->numpchgs; ++pchgno, +@@ -1331,7 +1331,7 @@ static int jpc_crg_getparms(jpc_ms_t *ms + jpc_crgcomp_t *comp; + uint_fast16_t compno; + crg->numcomps = cstate->numcomps; +- if (!(crg->comps = jas_malloc(cstate->numcomps * sizeof(uint_fast16_t)))) { ++ if (!(crg->comps = jas_alloc2(cstate->numcomps, sizeof(uint_fast16_t)))) { + return -1; + } + for (compno = 0, comp = crg->comps; compno < cstate->numcomps; +@@ -1470,7 +1470,7 @@ static int jpc_unk_getparms(jpc_ms_t *ms + cstate = 0; + + if (ms->len > 0) { +- if (!(unk->data = jas_malloc(ms->len * sizeof(unsigned char)))) { ++ if (!(unk->data = jas_malloc(ms->len))) { + return -1; + } + if (jas_stream_read(in, (char *) unk->data, ms->len) != JAS_CAST(int, ms->len)) { +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_dec.c jasper-1.900.1/src/libjasper/jpc/jpc_dec.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_dec.c 2009-10-22 09:58:16.000000000 +0200 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_dec.c 2009-10-22 10:30:50.000000000 +0200 +@@ -449,7 +449,7 @@ static int jpc_dec_process_sot(jpc_dec_t + + if (dec->state == JPC_MH) { + +- compinfos = jas_malloc(dec->numcomps * sizeof(jas_image_cmptparm_t)); ++ compinfos = jas_alloc2(dec->numcomps, sizeof(jas_image_cmptparm_t)); + assert(compinfos); + for (cmptno = 0, cmpt = dec->cmpts, compinfo = compinfos; + cmptno < dec->numcomps; ++cmptno, ++cmpt, ++compinfo) { +@@ -692,7 +692,7 @@ static int jpc_dec_tileinit(jpc_dec_t *d + tile->realmode = 1; + } + tcomp->numrlvls = ccp->numrlvls; +- if (!(tcomp->rlvls = jas_malloc(tcomp->numrlvls * ++ if (!(tcomp->rlvls = jas_alloc2(tcomp->numrlvls, + sizeof(jpc_dec_rlvl_t)))) { + return -1; + } +@@ -764,7 +764,7 @@ rlvl->bands = 0; + rlvl->cbgheightexpn); + + rlvl->numbands = (!rlvlno) ? 1 : 3; +- if (!(rlvl->bands = jas_malloc(rlvl->numbands * ++ if (!(rlvl->bands = jas_alloc2(rlvl->numbands, + sizeof(jpc_dec_band_t)))) { + return -1; + } +@@ -797,7 +797,7 @@ rlvl->bands = 0; + + assert(rlvl->numprcs); + +- if (!(band->prcs = jas_malloc(rlvl->numprcs * sizeof(jpc_dec_prc_t)))) { ++ if (!(band->prcs = jas_alloc2(rlvl->numprcs, sizeof(jpc_dec_prc_t)))) { + return -1; + } + +@@ -834,7 +834,7 @@ rlvl->bands = 0; + if (!(prc->numimsbstagtree = jpc_tagtree_create(prc->numhcblks, prc->numvcblks))) { + return -1; + } +- if (!(prc->cblks = jas_malloc(prc->numcblks * sizeof(jpc_dec_cblk_t)))) { ++ if (!(prc->cblks = jas_alloc2(prc->numcblks, sizeof(jpc_dec_cblk_t)))) { + return -1; + } + +@@ -1181,7 +1181,7 @@ static int jpc_dec_process_siz(jpc_dec_t + return -1; + } + +- if (!(dec->cmpts = jas_malloc(dec->numcomps * sizeof(jpc_dec_cmpt_t)))) { ++ if (!(dec->cmpts = jas_alloc2(dec->numcomps, sizeof(jpc_dec_cmpt_t)))) { + return -1; + } + +@@ -1204,7 +1204,7 @@ static int jpc_dec_process_siz(jpc_dec_t + dec->numhtiles = JPC_CEILDIV(dec->xend - dec->tilexoff, dec->tilewidth); + dec->numvtiles = JPC_CEILDIV(dec->yend - dec->tileyoff, dec->tileheight); + dec->numtiles = dec->numhtiles * dec->numvtiles; +- if (!(dec->tiles = jas_malloc(dec->numtiles * sizeof(jpc_dec_tile_t)))) { ++ if (!(dec->tiles = jas_calloc(dec->numtiles, sizeof(jpc_dec_tile_t)))) { + return -1; + } + +@@ -1228,7 +1228,7 @@ static int jpc_dec_process_siz(jpc_dec_t + tile->pkthdrstreampos = 0; + tile->pptstab = 0; + tile->cp = 0; +- if (!(tile->tcomps = jas_malloc(dec->numcomps * ++ if (!(tile->tcomps = jas_calloc(dec->numcomps, + sizeof(jpc_dec_tcomp_t)))) { + return -1; + } +@@ -1489,7 +1489,7 @@ static jpc_dec_cp_t *jpc_dec_cp_create(u + cp->numlyrs = 0; + cp->mctid = 0; + cp->csty = 0; +- if (!(cp->ccps = jas_malloc(cp->numcomps * sizeof(jpc_dec_ccp_t)))) { ++ if (!(cp->ccps = jas_alloc2(cp->numcomps, sizeof(jpc_dec_ccp_t)))) { + return 0; + } + if (!(cp->pchglist = jpc_pchglist_create())) { +@@ -2048,7 +2048,7 @@ jpc_streamlist_t *jpc_streamlist_create( + } + streamlist->numstreams = 0; + streamlist->maxstreams = 100; +- if (!(streamlist->streams = jas_malloc(streamlist->maxstreams * ++ if (!(streamlist->streams = jas_alloc2(streamlist->maxstreams, + sizeof(jas_stream_t *)))) { + jas_free(streamlist); + return 0; +@@ -2068,8 +2068,8 @@ int jpc_streamlist_insert(jpc_streamlist + /* Grow the array of streams if necessary. */ + if (streamlist->numstreams >= streamlist->maxstreams) { + newmaxstreams = streamlist->maxstreams + 1024; +- if (!(newstreams = jas_realloc(streamlist->streams, +- (newmaxstreams + 1024) * sizeof(jas_stream_t *)))) { ++ if (!(newstreams = jas_realloc2(streamlist->streams, ++ (newmaxstreams + 1024), sizeof(jas_stream_t *)))) { + return -1; + } + for (i = streamlist->numstreams; i < streamlist->maxstreams; ++i) { +@@ -2155,8 +2155,7 @@ int jpc_ppxstab_grow(jpc_ppxstab_t *tab, + { + jpc_ppxstabent_t **newents; + if (tab->maxents < maxents) { +- newents = (tab->ents) ? jas_realloc(tab->ents, maxents * +- sizeof(jpc_ppxstabent_t *)) : jas_malloc(maxents * sizeof(jpc_ppxstabent_t *)); ++ newents = jas_realloc2(tab->ents, maxents, sizeof(jpc_ppxstabent_t *)); + if (!newents) { + return -1; + } +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_enc.c jasper-1.900.1/src/libjasper/jpc/jpc_enc.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_enc.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_enc.c 2009-10-22 10:27:45.000000000 +0200 +@@ -403,7 +403,7 @@ static jpc_enc_cp_t *cp_create(char *opt + vsteplcm *= jas_image_cmptvstep(image, cmptno); + } + +- if (!(cp->ccps = jas_malloc(cp->numcmpts * sizeof(jpc_enc_ccp_t)))) { ++ if (!(cp->ccps = jas_alloc2(cp->numcmpts, sizeof(jpc_enc_ccp_t)))) { + goto error; + } + for (cmptno = 0, ccp = cp->ccps; cmptno < JAS_CAST(int, cp->numcmpts); ++cmptno, +@@ -656,7 +656,7 @@ static jpc_enc_cp_t *cp_create(char *opt + + if (ilyrrates && numilyrrates > 0) { + tcp->numlyrs = numilyrrates + 1; +- if (!(tcp->ilyrrates = jas_malloc((tcp->numlyrs - 1) * ++ if (!(tcp->ilyrrates = jas_alloc2((tcp->numlyrs - 1), + sizeof(jpc_fix_t)))) { + goto error; + } +@@ -940,7 +940,7 @@ startoff = jas_stream_getrwcount(enc->ou + siz->tilewidth = cp->tilewidth; + siz->tileheight = cp->tileheight; + siz->numcomps = cp->numcmpts; +- siz->comps = jas_malloc(siz->numcomps * sizeof(jpc_sizcomp_t)); ++ siz->comps = jas_alloc2(siz->numcomps, sizeof(jpc_sizcomp_t)); + assert(siz->comps); + for (i = 0; i < JAS_CAST(int, cp->numcmpts); ++i) { + siz->comps[i].prec = cp->ccps[i].prec; +@@ -977,7 +977,7 @@ startoff = jas_stream_getrwcount(enc->ou + return -1; + } + crg = &enc->mrk->parms.crg; +- crg->comps = jas_malloc(crg->numcomps * sizeof(jpc_crgcomp_t)); ++ crg->comps = jas_alloc2(crg->numcomps, sizeof(jpc_crgcomp_t)); + if (jpc_putms(enc->out, enc->cstate, enc->mrk)) { + jas_eprintf("cannot write CRG marker\n"); + return -1; +@@ -1955,7 +1955,7 @@ jpc_enc_tile_t *jpc_enc_tile_create(jpc_ + tile->mctid = cp->tcp.mctid; + + tile->numlyrs = cp->tcp.numlyrs; +- if (!(tile->lyrsizes = jas_malloc(tile->numlyrs * ++ if (!(tile->lyrsizes = jas_alloc2(tile->numlyrs, + sizeof(uint_fast32_t)))) { + goto error; + } +@@ -1964,7 +1964,7 @@ jpc_enc_tile_t *jpc_enc_tile_create(jpc_ + } + + /* Allocate an array for the per-tile-component information. */ +- if (!(tile->tcmpts = jas_malloc(cp->numcmpts * sizeof(jpc_enc_tcmpt_t)))) { ++ if (!(tile->tcmpts = jas_alloc2(cp->numcmpts, sizeof(jpc_enc_tcmpt_t)))) { + goto error; + } + /* Initialize a few members critical for error recovery. */ +@@ -2110,7 +2110,7 @@ static jpc_enc_tcmpt_t *tcmpt_create(jpc + jas_seq2d_ystart(tcmpt->data), jas_seq2d_xend(tcmpt->data), + jas_seq2d_yend(tcmpt->data), bandinfos); + +- if (!(tcmpt->rlvls = jas_malloc(tcmpt->numrlvls * sizeof(jpc_enc_rlvl_t)))) { ++ if (!(tcmpt->rlvls = jas_alloc2(tcmpt->numrlvls, sizeof(jpc_enc_rlvl_t)))) { + goto error; + } + for (rlvlno = 0, rlvl = tcmpt->rlvls; rlvlno < tcmpt->numrlvls; +@@ -2213,7 +2213,7 @@ static jpc_enc_rlvl_t *rlvl_create(jpc_e + rlvl->numvprcs = JPC_FLOORDIVPOW2(brprcbry - tlprctly, rlvl->prcheightexpn); + rlvl->numprcs = rlvl->numhprcs * rlvl->numvprcs; + +- if (!(rlvl->bands = jas_malloc(rlvl->numbands * sizeof(jpc_enc_band_t)))) { ++ if (!(rlvl->bands = jas_alloc2(rlvl->numbands, sizeof(jpc_enc_band_t)))) { + goto error; + } + for (bandno = 0, band = rlvl->bands; bandno < rlvl->numbands; +@@ -2290,7 +2290,7 @@ if (bandinfo->xstart != bandinfo->xend & + band->synweight = bandinfo->synenergywt; + + if (band->data) { +- if (!(band->prcs = jas_malloc(rlvl->numprcs * sizeof(jpc_enc_prc_t)))) { ++ if (!(band->prcs = jas_alloc2(rlvl->numprcs, sizeof(jpc_enc_prc_t)))) { + goto error; + } + for (prcno = 0, prc = band->prcs; prcno < rlvl->numprcs; ++prcno, +@@ -2422,7 +2422,7 @@ if (!rlvlno) { + goto error; + } + +- if (!(prc->cblks = jas_malloc(prc->numcblks * sizeof(jpc_enc_cblk_t)))) { ++ if (!(prc->cblks = jas_alloc2(prc->numcblks, sizeof(jpc_enc_cblk_t)))) { + goto error; + } + for (cblkno = 0, cblk = prc->cblks; cblkno < prc->numcblks; +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_mqdec.c jasper-1.900.1/src/libjasper/jpc/jpc_mqdec.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_mqdec.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_mqdec.c 2009-10-22 10:27:45.000000000 +0200 +@@ -118,7 +118,7 @@ jpc_mqdec_t *jpc_mqdec_create(int maxctx + mqdec->in = in; + mqdec->maxctxs = maxctxs; + /* Allocate memory for the per-context state information. */ +- if (!(mqdec->ctxs = jas_malloc(mqdec->maxctxs * sizeof(jpc_mqstate_t *)))) { ++ if (!(mqdec->ctxs = jas_alloc2(mqdec->maxctxs, sizeof(jpc_mqstate_t *)))) { + goto error; + } + /* Set the current context to the first context. */ +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_mqenc.c jasper-1.900.1/src/libjasper/jpc/jpc_mqenc.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_mqenc.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_mqenc.c 2009-10-22 10:27:45.000000000 +0200 +@@ -197,7 +197,7 @@ jpc_mqenc_t *jpc_mqenc_create(int maxctx + mqenc->maxctxs = maxctxs; + + /* Allocate memory for the per-context state information. */ +- if (!(mqenc->ctxs = jas_malloc(mqenc->maxctxs * sizeof(jpc_mqstate_t *)))) { ++ if (!(mqenc->ctxs = jas_alloc2(mqenc->maxctxs, sizeof(jpc_mqstate_t *)))) { + goto error; + } + +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_qmfb.c jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_qmfb.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c 2009-10-22 10:27:45.000000000 +0200 +@@ -321,7 +321,7 @@ void jpc_qmfb_split_row(jpc_fix_t *a, in + #if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { +- if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) { ++ if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { + /* We have no choice but to commit suicide in this case. */ + abort(); + } +@@ -389,7 +389,7 @@ void jpc_qmfb_split_col(jpc_fix_t *a, in + #if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { +- if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) { ++ if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { + /* We have no choice but to commit suicide in this case. */ + abort(); + } +@@ -460,7 +460,7 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a, + #if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { +- if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) { ++ if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { + /* We have no choice but to commit suicide in this case. */ + abort(); + } +@@ -549,7 +549,7 @@ void jpc_qmfb_split_colres(jpc_fix_t *a, + #if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { +- if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) { ++ if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { + /* We have no choice but to commit suicide in this case. */ + abort(); + } +@@ -633,7 +633,7 @@ void jpc_qmfb_join_row(jpc_fix_t *a, int + #if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { +- if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) { ++ if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { + /* We have no choice but to commit suicide. */ + abort(); + } +@@ -698,7 +698,7 @@ void jpc_qmfb_join_col(jpc_fix_t *a, int + #if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { +- if (!(buf = jas_malloc(bufsize * sizeof(jpc_fix_t)))) { ++ if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { + /* We have no choice but to commit suicide. */ + abort(); + } +@@ -766,7 +766,7 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a, + #if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { +- if (!(buf = jas_malloc(bufsize * JPC_QMFB_COLGRPSIZE * sizeof(jpc_fix_t)))) { ++ if (!(buf = jas_alloc2(bufsize, JPC_QMFB_COLGRPSIZE * sizeof(jpc_fix_t)))) { + /* We have no choice but to commit suicide. */ + abort(); + } +@@ -852,7 +852,7 @@ void jpc_qmfb_join_colres(jpc_fix_t *a, + #if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { +- if (!(buf = jas_malloc(bufsize * numcols * sizeof(jpc_fix_t)))) { ++ if (!(buf = jas_alloc3(bufsize, numcols, sizeof(jpc_fix_t)))) { + /* We have no choice but to commit suicide. */ + abort(); + } +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_t1enc.c jasper-1.900.1/src/libjasper/jpc/jpc_t1enc.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_t1enc.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_t1enc.c 2009-10-22 10:27:45.000000000 +0200 +@@ -219,7 +219,7 @@ int jpc_enc_enccblk(jpc_enc_t *enc, jas_ + + cblk->numpasses = (cblk->numbps > 0) ? (3 * cblk->numbps - 2) : 0; + if (cblk->numpasses > 0) { +- cblk->passes = jas_malloc(cblk->numpasses * sizeof(jpc_enc_pass_t)); ++ cblk->passes = jas_alloc2(cblk->numpasses, sizeof(jpc_enc_pass_t)); + assert(cblk->passes); + } else { + cblk->passes = 0; +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_t2cod.c jasper-1.900.1/src/libjasper/jpc/jpc_t2cod.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_t2cod.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_t2cod.c 2009-10-22 10:27:45.000000000 +0200 +@@ -573,7 +573,7 @@ int jpc_pchglist_insert(jpc_pchglist_t * + } + if (pchglist->numpchgs >= pchglist->maxpchgs) { + newmaxpchgs = pchglist->maxpchgs + 128; +- if (!(newpchgs = jas_realloc(pchglist->pchgs, newmaxpchgs * sizeof(jpc_pchg_t *)))) { ++ if (!(newpchgs = jas_realloc2(pchglist->pchgs, newmaxpchgs, sizeof(jpc_pchg_t *)))) { + return -1; + } + pchglist->maxpchgs = newmaxpchgs; +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_t2dec.c jasper-1.900.1/src/libjasper/jpc/jpc_t2dec.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_t2dec.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_t2dec.c 2009-10-22 10:27:45.000000000 +0200 +@@ -478,7 +478,7 @@ jpc_pi_t *jpc_dec_pi_create(jpc_dec_t *d + return 0; + } + pi->numcomps = dec->numcomps; +- if (!(pi->picomps = jas_malloc(pi->numcomps * sizeof(jpc_picomp_t)))) { ++ if (!(pi->picomps = jas_alloc2(pi->numcomps, sizeof(jpc_picomp_t)))) { + jpc_pi_destroy(pi); + return 0; + } +@@ -490,7 +490,7 @@ jpc_pi_t *jpc_dec_pi_create(jpc_dec_t *d + for (compno = 0, tcomp = tile->tcomps, picomp = pi->picomps; + compno < pi->numcomps; ++compno, ++tcomp, ++picomp) { + picomp->numrlvls = tcomp->numrlvls; +- if (!(picomp->pirlvls = jas_malloc(picomp->numrlvls * ++ if (!(picomp->pirlvls = jas_alloc2(picomp->numrlvls, + sizeof(jpc_pirlvl_t)))) { + jpc_pi_destroy(pi); + return 0; +@@ -503,7 +503,7 @@ jpc_pi_t *jpc_dec_pi_create(jpc_dec_t *d + rlvlno < picomp->numrlvls; ++rlvlno, ++pirlvl, ++rlvl) { + /* XXX sizeof(long) should be sizeof different type */ + pirlvl->numprcs = rlvl->numprcs; +- if (!(pirlvl->prclyrnos = jas_malloc(pirlvl->numprcs * ++ if (!(pirlvl->prclyrnos = jas_alloc2(pirlvl->numprcs, + sizeof(long)))) { + jpc_pi_destroy(pi); + return 0; +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_t2enc.c jasper-1.900.1/src/libjasper/jpc/jpc_t2enc.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_t2enc.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_t2enc.c 2009-10-22 10:27:45.000000000 +0200 +@@ -565,7 +565,7 @@ jpc_pi_t *jpc_enc_pi_create(jpc_enc_cp_t + } + pi->pktno = -1; + pi->numcomps = cp->numcmpts; +- if (!(pi->picomps = jas_malloc(pi->numcomps * sizeof(jpc_picomp_t)))) { ++ if (!(pi->picomps = jas_alloc2(pi->numcomps, sizeof(jpc_picomp_t)))) { + jpc_pi_destroy(pi); + return 0; + } +@@ -577,7 +577,7 @@ jpc_pi_t *jpc_enc_pi_create(jpc_enc_cp_t + for (compno = 0, tcomp = tile->tcmpts, picomp = pi->picomps; + compno < pi->numcomps; ++compno, ++tcomp, ++picomp) { + picomp->numrlvls = tcomp->numrlvls; +- if (!(picomp->pirlvls = jas_malloc(picomp->numrlvls * ++ if (!(picomp->pirlvls = jas_alloc2(picomp->numrlvls, + sizeof(jpc_pirlvl_t)))) { + jpc_pi_destroy(pi); + return 0; +@@ -591,7 +591,7 @@ jpc_pi_t *jpc_enc_pi_create(jpc_enc_cp_t + /* XXX sizeof(long) should be sizeof different type */ + pirlvl->numprcs = rlvl->numprcs; + if (rlvl->numprcs) { +- if (!(pirlvl->prclyrnos = jas_malloc(pirlvl->numprcs * ++ if (!(pirlvl->prclyrnos = jas_alloc2(pirlvl->numprcs, + sizeof(long)))) { + jpc_pi_destroy(pi); + return 0; +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_tagtree.c jasper-1.900.1/src/libjasper/jpc/jpc_tagtree.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_tagtree.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_tagtree.c 2009-10-22 10:27:45.000000000 +0200 +@@ -125,7 +125,7 @@ jpc_tagtree_t *jpc_tagtree_create(int nu + ++numlvls; + } while (n > 1); + +- if (!(tree->nodes_ = jas_malloc(tree->numnodes_ * sizeof(jpc_tagtreenode_t)))) { ++ if (!(tree->nodes_ = jas_alloc2(tree->numnodes_, sizeof(jpc_tagtreenode_t)))) { + return 0; + } + +diff -pruN jasper-1.900.1.orig/src/libjasper/jpc/jpc_util.c jasper-1.900.1/src/libjasper/jpc/jpc_util.c +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_util.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_util.c 2009-10-22 10:27:45.000000000 +0200 +@@ -109,7 +109,7 @@ int jpc_atoaf(char *s, int *numvalues, d + } + + if (n) { +- if (!(vs = jas_malloc(n * sizeof(double)))) { ++ if (!(vs = jas_alloc2(n, sizeof(double)))) { + return -1; + } + +diff -pruN jasper-1.900.1.orig/src/libjasper/mif/mif_cod.c jasper-1.900.1/src/libjasper/mif/mif_cod.c +--- jasper-1.900.1.orig/src/libjasper/mif/mif_cod.c 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/mif/mif_cod.c 2009-10-22 10:27:45.000000000 +0200 +@@ -438,8 +438,7 @@ static int mif_hdr_growcmpts(mif_hdr_t * + int cmptno; + mif_cmpt_t **newcmpts; + assert(maxcmpts >= hdr->numcmpts); +- newcmpts = (!hdr->cmpts) ? jas_malloc(maxcmpts * sizeof(mif_cmpt_t *)) : +- jas_realloc(hdr->cmpts, maxcmpts * sizeof(mif_cmpt_t *)); ++ newcmpts = jas_realloc2(hdr->cmpts, maxcmpts, sizeof(mif_cmpt_t *)); + if (!newcmpts) { + return -1; + } diff --git a/patches/source/jasper/patches/jasper-1.900.1-CVE-2008-3522.patch b/patches/source/jasper/patches/jasper-1.900.1-CVE-2008-3522.patch new file mode 100644 index 000000000..4bf2e9b52 --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-CVE-2008-3522.patch @@ -0,0 +1,14 @@ +https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-3522 + +diff -pruN jasper-1.900.1.orig/src/libjasper/base/jas_stream.c jasper-1.900.1/src/libjasper/base/jas_stream.c +--- jasper-1.900.1.orig/src/libjasper/base/jas_stream.c 2009-10-22 10:27:45.000000000 +0200 ++++ jasper-1.900.1/src/libjasper/base/jas_stream.c 2009-10-22 10:35:53.000000000 +0200 +@@ -553,7 +553,7 @@ int jas_stream_printf(jas_stream_t *stre + int ret; + + va_start(ap, fmt); +- ret = vsprintf(buf, fmt, ap); ++ ret = vsnprintf(buf, sizeof buf, fmt, ap); + jas_stream_puts(stream, buf); + va_end(ap); + return ret; diff --git a/patches/source/jasper/patches/jasper-1.900.1-CVE-2011-4516-CVE-2011-4517-CERT-VU-887409.patch b/patches/source/jasper/patches/jasper-1.900.1-CVE-2011-4516-CVE-2011-4517-CERT-VU-887409.patch new file mode 100644 index 000000000..f753080a3 --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-CVE-2011-4516-CVE-2011-4517-CERT-VU-887409.patch @@ -0,0 +1,23 @@ +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_cs.c.CERT-VU-887409 jasper-1.900.1/src/libjasper/jpc/jpc_cs.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_cs.c.CERT-VU-887409 2011-10-25 17:25:39.000000000 +0200 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_cs.c 2011-10-25 17:29:14.379371908 +0200 +@@ -744,6 +744,10 @@ static int jpc_cox_getcompparms(jpc_ms_t + return -1; + } + compparms->numrlvls = compparms->numdlvls + 1; ++ if (compparms->numrlvls > JPC_MAXRLVLS) { ++ jpc_cox_destroycompparms(compparms); ++ return -1; ++ } + if (prtflag) { + for (i = 0; i < compparms->numrlvls; ++i) { + if (jpc_getuint8(in, &tmp)) { +@@ -1331,7 +1335,7 @@ static int jpc_crg_getparms(jpc_ms_t *ms + jpc_crgcomp_t *comp; + uint_fast16_t compno; + crg->numcomps = cstate->numcomps; +- if (!(crg->comps = jas_alloc2(cstate->numcomps, sizeof(uint_fast16_t)))) { ++ if (!(crg->comps = jas_alloc2(cstate->numcomps, sizeof(jpc_crgcomp_t)))) { + return -1; + } + for (compno = 0, comp = crg->comps; compno < cstate->numcomps; diff --git a/patches/source/jasper/patches/jasper-1.900.1-Coverity-BAD_SIZEOF.patch b/patches/source/jasper/patches/jasper-1.900.1-Coverity-BAD_SIZEOF.patch new file mode 100644 index 000000000..197740057 --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-Coverity-BAD_SIZEOF.patch @@ -0,0 +1,17 @@ +Error: BAD_SIZEOF +jpc/jpc_enc.c:2105: bad_sizeof: Taking the size of binary expression "tcmpt->numstepsizes * sizeof (uint_fast16_t) /*8*/" is suspicious. + Did you intend "sizeof(tcmpt->numstepsizes) * sizeof (uint_fast16_t) /*8*/"? + +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_enc.c.bad_sizeof jasper-1.900.1/src/libjasper/jpc/jpc_enc.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_enc.c.bad_sizeof 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_enc.c 2011-06-23 17:28:17.085690561 +0200 +@@ -2102,8 +2102,7 @@ static jpc_enc_tcmpt_t *tcmpt_create(jpc + + tcmpt->numstepsizes = tcmpt->numbands; + assert(tcmpt->numstepsizes <= JPC_MAXBANDS); +- memset(tcmpt->stepsizes, 0, sizeof(tcmpt->numstepsizes * +- sizeof(uint_fast16_t))); ++ memset(tcmpt->stepsizes, 0, tcmpt->numstepsizes * sizeof(uint_fast16_t)); + + /* Retrieve information about the various bands. */ + jpc_tsfb_getbands(tcmpt->tsfb, jas_seq2d_xstart(tcmpt->data), diff --git a/patches/source/jasper/patches/jasper-1.900.1-Coverity-CHECKED_RETURN.patch b/patches/source/jasper/patches/jasper-1.900.1-Coverity-CHECKED_RETURN.patch new file mode 100644 index 000000000..ea330f2c1 --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-Coverity-CHECKED_RETURN.patch @@ -0,0 +1,141 @@ +Error: CHECKED_RETURN +jpc/jpc_cs.c:924: check_return: Calling function "jpc_putuint16" without checking return value (as is done elsewhere 11 out of 13 times). +jpc/jpc_cs.c:924: unchecked_value: No check of the return value of "jpc_putuint16(out, qcc->compno)". + +jpc/jpc_cs.c:1021: check_return: Calling function "jpc_putuint16" without checking return value (as is done elsewhere 11 out of 13 times). +jpc/jpc_cs.c:1021: unchecked_value: No check of the return value of "jpc_putuint16(out, compparms->stepsizes[i])". + +jpc/jpc_cs.c:994: check_return: Calling function "jpc_getuint16" without checking return value (as is done elsewhere 14 out of 16 times). +jpc/jpc_cs.c:994: unchecked_value: No check of the return value of "jpc_getuint16(in, compparms->stepsizes + i)". + +jpc/jpc_cs.c:905: check_return: Calling function "jpc_getuint16" without checking return value (as is done elsewhere 14 out of 16 times). +jpc/jpc_cs.c:905: unchecked_value: No check of the return value of "jpc_getuint16(in, &qcc->compno)". + +jpc/jpc_cs.c:969: check_return: Calling function "jpc_getuint8" without checking return value (as is done elsewhere 17 out of 20 times). +jpc/jpc_cs.c:969: unchecked_value: No check of the return value of "jpc_getuint8(in, &tmp)". + +jpc/jpc_cs.c:991: check_return: Calling function "jpc_getuint8" without checking return value (as is done elsewhere 17 out of 20 times). +jpc/jpc_cs.c:991: unchecked_value: No check of the return value of "jpc_getuint8(in, &tmp)". + +jpc/jpc_cs.c:901: check_return: Calling function "jpc_getuint8" without checking return value (as is done elsewhere 17 out of 20 times). +jpc/jpc_cs.c:901: unchecked_value: No check of the return value of "jpc_getuint8(in, &tmp)". + +jpc/jpc_t2enc.c:338: check_return: Calling function "jpc_putms" without checking return value (as is done elsewhere 12 out of 13 times). +jpc/jpc_t2enc.c:338: unchecked_value: No check of the return value of "jpc_putms(out, enc->cstate, ms)". + +ras/ras_enc.c:245: check_return: Calling function "jas_image_readcmpt" without checking return value (as is done elsewhere 9 out of 10 times). +ras/ras_enc.c:245: unchecked_value: No check of the return value of "jas_image_readcmpt(image, cmpts[i], 0L, y, image->brx_ - image->tlx_, 1L, data[i])". + +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_cs.c.checked_return jasper-1.900.1/src/libjasper/jpc/jpc_cs.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_cs.c.checked_return 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_cs.c 2011-06-24 13:52:25.636551844 +0200 +@@ -898,11 +898,15 @@ static int jpc_qcc_getparms(jpc_ms_t *ms + int len; + len = ms->len; + if (cstate->numcomps <= 256) { +- jpc_getuint8(in, &tmp); ++ if (jpc_getuint8(in, &tmp)) { ++ return -1; ++ } + qcc->compno = tmp; + --len; + } else { +- jpc_getuint16(in, &qcc->compno); ++ if (jpc_getuint16(in, &qcc->compno)) { ++ return -1; ++ } + len -= 2; + } + if (jpc_qcx_getcompparms(&qcc->compparms, cstate, in, len)) { +@@ -919,9 +923,13 @@ static int jpc_qcc_putparms(jpc_ms_t *ms + { + jpc_qcc_t *qcc = &ms->parms.qcc; + if (cstate->numcomps <= 256) { +- jpc_putuint8(out, qcc->compno); ++ if (jpc_putuint8(out, qcc->compno)) { ++ return -1; ++ } + } else { +- jpc_putuint16(out, qcc->compno); ++ if (jpc_putuint16(out, qcc->compno)) { ++ return -1; ++ } + } + if (jpc_qcx_putcompparms(&qcc->compparms, cstate, out)) { + return -1; +@@ -966,7 +974,9 @@ static int jpc_qcx_getcompparms(jpc_qcxc + cstate = 0; + + n = 0; +- jpc_getuint8(in, &tmp); ++ if (jpc_getuint8(in, &tmp)) { ++ return -1; ++ } + ++n; + compparms->qntsty = tmp & 0x1f; + compparms->numguard = (tmp >> 5) & 7; +@@ -988,10 +998,14 @@ static int jpc_qcx_getcompparms(jpc_qcxc + assert(compparms->stepsizes); + for (i = 0; i < compparms->numstepsizes; ++i) { + if (compparms->qntsty == JPC_QCX_NOQNT) { +- jpc_getuint8(in, &tmp); ++ if (jpc_getuint8(in, &tmp)) { ++ return -1; ++ } + compparms->stepsizes[i] = JPC_QCX_EXPN(tmp >> 3); + } else { +- jpc_getuint16(in, &compparms->stepsizes[i]); ++ if (jpc_getuint16(in, &compparms->stepsizes[i])) { ++ return -1; ++ } + } + } + } else { +@@ -1015,10 +1029,14 @@ static int jpc_qcx_putcompparms(jpc_qcxc + jpc_putuint8(out, ((compparms->numguard & 7) << 5) | compparms->qntsty); + for (i = 0; i < compparms->numstepsizes; ++i) { + if (compparms->qntsty == JPC_QCX_NOQNT) { +- jpc_putuint8(out, JPC_QCX_GETEXPN( +- compparms->stepsizes[i]) << 3); ++ if (jpc_putuint8(out, JPC_QCX_GETEXPN( ++ compparms->stepsizes[i]) << 3)) { ++ return -1; ++ } + } else { +- jpc_putuint16(out, compparms->stepsizes[i]); ++ if (jpc_putuint16(out, compparms->stepsizes[i])) { ++ return -1; ++ } + } + } + return 0; +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_t2enc.c.checked_return jasper-1.900.1/src/libjasper/jpc/jpc_t2enc.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_t2enc.c.checked_return 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_t2enc.c 2011-06-24 12:29:32.069578992 +0200 +@@ -335,7 +335,9 @@ assert(jpc_firstone(datalen) < cblk->num + if (!(ms = jpc_ms_create(JPC_MS_EPH))) { + return -1; + } +- jpc_putms(out, enc->cstate, ms); ++ if (jpc_putms(out, enc->cstate, ms)) { ++ return -1; ++ } + jpc_ms_destroy(ms); + } + +diff -up jasper-1.900.1/src/libjasper/ras/ras_enc.c.checked_return jasper-1.900.1/src/libjasper/ras/ras_enc.c +--- jasper-1.900.1/src/libjasper/ras/ras_enc.c.checked_return 2007-01-19 22:43:04.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/ras/ras_enc.c 2011-06-24 14:05:31.233482612 +0200 +@@ -242,8 +242,10 @@ static int ras_putdatastd(jas_stream_t * + + for (y = 0; y < hdr->height; y++) { + for (i = 0; i < numcmpts; ++i) { +- jas_image_readcmpt(image, cmpts[i], 0, y, jas_image_width(image), +- 1, data[i]); ++ if (jas_image_readcmpt(image, cmpts[i], 0, y, ++ jas_image_width(image), 1, data[i])) { ++ return -1; ++ } + } + z = 0; + nz = 0; diff --git a/patches/source/jasper/patches/jasper-1.900.1-Coverity-FORWARD_NULL.patch b/patches/source/jasper/patches/jasper-1.900.1-Coverity-FORWARD_NULL.patch new file mode 100644 index 000000000..ff526b4d1 --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-Coverity-FORWARD_NULL.patch @@ -0,0 +1,44 @@ +Error: FORWARD_NULL +jpc/jpc_dec.c:2207: var_compare_op: Comparing "streams" to null implies that "streams" might be null. +jpc/jpc_dec.c:2270: var_deref_model: Passing null variable "streams" to function "jpc_streamlist_destroy", which dereferences it. +jpc/jpc_dec.c:2108: deref_parm: Directly dereferencing parameter "streamlist". + +jpc/jpc_t1enc.c:225: assign_zero: Assigning: "cblk->passes" = 0. +jpc/jpc_t1enc.c:228: alias_transfer: Assigning null: "pass" = "cblk->passes". +jpc/jpc_t1enc.c:229: var_deref_op: Dereferencing null variable "pass". + +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_dec.c.forward_null jasper-1.900.1/src/libjasper/jpc/jpc_dec.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_dec.c.forward_null 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_dec.c 2011-06-24 15:01:39.200600146 +0200 +@@ -2267,7 +2267,9 @@ jpc_streamlist_t *jpc_ppmstabtostreams(j + return streams; + + error: +- jpc_streamlist_destroy(streams); ++ if (streams) { ++ jpc_streamlist_destroy(streams); ++ } + return 0; + } + +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_t1enc.c.forward_null jasper-1.900.1/src/libjasper/jpc/jpc_t1enc.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_t1enc.c.forward_null 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_t1enc.c 2011-06-24 14:58:33.061248133 +0200 +@@ -224,7 +224,7 @@ int jpc_enc_enccblk(jpc_enc_t *enc, jas_ + } else { + cblk->passes = 0; + } +- endpasses = &cblk->passes[cblk->numpasses]; ++ endpasses = (cblk->passes) ? &cblk->passes[cblk->numpasses] : 0; + for (pass = cblk->passes; pass != endpasses; ++pass) { + pass->start = 0; + pass->end = 0; +@@ -352,7 +352,7 @@ dump_passes(cblk->passes, cblk->numpasse + #endif + + n = 0; +- endpasses = &cblk->passes[cblk->numpasses]; ++ endpasses = (cblk->passes) ? &cblk->passes[cblk->numpasses] : 0; + for (pass = cblk->passes; pass != endpasses; ++pass) { + if (pass->start < n) { + pass->start = n; diff --git a/patches/source/jasper/patches/jasper-1.900.1-Coverity-NULL_RETURNS.patch b/patches/source/jasper/patches/jasper-1.900.1-Coverity-NULL_RETURNS.patch new file mode 100644 index 000000000..4c7227028 --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-Coverity-NULL_RETURNS.patch @@ -0,0 +1,61 @@ +Error: NULL_RETURNS +base/jas_image.c:213: returned_null: Function "jas_image_create0" returns null (checked 6 out of 7 times). +base/jas_image.c:213: var_assigned: Assigning: "newimage" = null return value from "jas_image_create0". +base/jas_image.c:214: dereference: Dereferencing a pointer that might be null "newimage" when calling "jas_image_growcmpts". +base/jas_image.c:777: deref_parm: Directly dereferencing parameter "image". + +base/jas_seq.c:223: returned_null: Function "jas_malloc" returns null (checked 110 out of 119 times). +base/jas_seq.c:223: var_assigned: Assigning: "mat0->rows_" = null return value from "jas_malloc". +base/jas_seq.c:225: dereference: Dereferencing a null pointer "mat0->rows_". + +jp2/jp2_cod.c:484: returned_null: Function "jas_stream_memopen" returns null (checked 12 out of 15 times). +jp2/jp2_cod.c:484: var_assigned: Assigning: "tmpstream" = null return value from "jas_stream_memopen". +jp2/jp2_cod.c:490: dereference: Dereferencing a pointer that might be null "tmpstream" when calling "jas_stream_tell". +base/jas_stream.c:677: deref_parm: Directly dereferencing parameter "stream". + + +diff -up jasper-1.900.1/src/libjasper/base/jas_image.c.NULL_RETURNS jasper-1.900.1/src/libjasper/base/jas_image.c +--- jasper-1.900.1/src/libjasper/base/jas_image.c.NULL_RETURNS 2011-12-08 14:00:05.350020869 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_image.c 2011-12-08 14:00:06.638004766 +0100 +@@ -210,7 +210,10 @@ jas_image_t *jas_image_copy(jas_image_t + jas_image_t *newimage; + int cmptno; + +- newimage = jas_image_create0(); ++ if (!(newimage = jas_image_create0())) { ++ goto error; ++ } ++ + if (jas_image_growcmpts(newimage, image->numcmpts_)) { + goto error; + } +diff -up jasper-1.900.1/src/libjasper/base/jas_seq.c.NULL_RETURNS jasper-1.900.1/src/libjasper/base/jas_seq.c +--- jasper-1.900.1/src/libjasper/base/jas_seq.c.NULL_RETURNS 2011-12-08 14:00:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_seq.c 2011-12-08 14:15:12.449680562 +0100 +@@ -220,7 +220,11 @@ void jas_matrix_bindsub(jas_matrix_t *ma + mat0->numrows_ = r1 - r0 + 1; + mat0->numcols_ = c1 - c0 + 1; + mat0->maxrows_ = mat0->numrows_; +- mat0->rows_ = jas_alloc2(mat0->maxrows_, sizeof(jas_seqent_t *)); ++ if (!(mat0->rows_ = jas_alloc2(mat0->maxrows_, sizeof(jas_seqent_t *)))) { ++ jas_matrix_destroy(mat0); ++ return; ++ } ++ + for (i = 0; i < mat0->numrows_; ++i) { + mat0->rows_[i] = mat1->rows_[r0 + i] + c0; + } +diff -up jasper-1.900.1/src/libjasper/jp2/jp2_cod.c.NULL_RETURNS jasper-1.900.1/src/libjasper/jp2/jp2_cod.c +--- jasper-1.900.1/src/libjasper/jp2/jp2_cod.c.NULL_RETURNS 2011-12-08 14:00:05.633017331 +0100 ++++ jasper-1.900.1/src/libjasper/jp2/jp2_cod.c 2011-12-08 14:00:06.677004279 +0100 +@@ -481,7 +481,9 @@ int jp2_box_put(jp2_box_t *box, jas_stre + dataflag = !(box->info->flags & (JP2_BOX_SUPER | JP2_BOX_NODATA)); + + if (dataflag) { +- tmpstream = jas_stream_memopen(0, 0); ++ if (!(tmpstream = jas_stream_memopen(0, 0))) { ++ goto error; ++ } + if (box->ops->putdata) { + if ((*box->ops->putdata)(box, tmpstream)) { + goto error; diff --git a/patches/source/jasper/patches/jasper-1.900.1-Coverity-RESOURCE_LEAK.patch b/patches/source/jasper/patches/jasper-1.900.1-Coverity-RESOURCE_LEAK.patch new file mode 100644 index 000000000..76f5da77f --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-Coverity-RESOURCE_LEAK.patch @@ -0,0 +1,202 @@ +Error: RESOURCE_LEAK +src/appl/imgcmp.c:504: var_assign: Assigning: "diffimage" = storage returned from "jas_image_create(3, compparms, 1025)". +src/appl/imgcmp.c:511: leaked_storage: Variable "diffimage" going out of scope leaks the storage it points to. +src/appl/imgcmp.c:537: leaked_storage: Variable "diffimage" going out of scope leaks the storage it points to. + +base/jas_image.c:254: var_assign: Assigning: "newcmpt" = storage returned from "jas_image_cmpt_create0()". +base/jas_image.c:268: leaked_storage: Variable "newcmpt" going out of scope leaks the storage it points to. +base/jas_image.c:271: leaked_storage: Variable "newcmpt" going out of scope leaks the storage it points to. +base/jas_image.c:274: leaked_storage: Variable "newcmpt" going out of scope leaks the storage it points to. +base/jas_image.c:277: leaked_storage: Variable "newcmpt" going out of scope leaks the storage it points to. + +base/jas_cm.c:611: var_assign: Assigning: "newpxformseq" = storage returned from "jas_cmpxformseq_create()". +base/jas_cm.c:617: leaked_storage: Variable "newpxformseq" going out of scope leaks the storage it points to. + +base/jas_cm.c:343: var_assign: Assigning: "newprof" = storage returned from "jas_cmprof_create()". +base/jas_cm.c:358: leaked_storage: Variable "newprof" going out of scope leaks the storage it points to. + +base/jas_cm.c:380: var_assign: Assigning: "xform" = storage returned from "jas_malloc(sizeof (jas_cmxform_t) /*16*/)". +base/jas_cm.c:461: leaked_storage: Variable "xform" going out of scope leaks the storage it points to. + +base/jas_image.c:1379: var_assign: Assigning: "xform" = storage returned from "jas_cmxform_create(inprof, outprof, NULL, 0, intent, 0)". +base/jas_image.c:1444: leaked_storage: Variable "xform" going out of scope leaks the storage it points to. + +base/jas_image.c:1306: var_assign: Assigning: "inimage" = storage returned from "jas_image_copy(image)". +base/jas_image.c:1444: leaked_storage: Variable "inimage" going out of scope leaks the storage it points to. + +base/jas_image.c:1345: var_assign: Assigning: "outimage" = storage returned from "jas_image_create0()". +base/jas_image.c:1444: leaked_storage: Variable "outimage" going out of scope leaks the storage it points to. + +bmp/bmp_enc.c:187: var_assign: Assigning: "info" = storage returned from "bmp_info_create()". +bmp/bmp_enc.c:208: leaked_storage: Variable "info" going out of scope leaks the storage it points to. + +jpc/jpc_tagtree.c:111: var_assign: Assigning: "tree" = storage returned from "jpc_tagtree_alloc()". +jpc/jpc_tagtree.c:129: leaked_storage: Variable "tree" going out of scope leaks the storage it points to. + +jpc/jpc_dec.c:452: var_assign: Assigning: "compinfos" = storage returned from "jas_malloc(dec->numcomps * sizeof (jas_image_cmptparm_t) /*56*/)". +jpc/jpc_dec.c:468: leaked_storage: Variable "compinfos" going out of scope leaks the storage it points to. + +jpc/jpc_dec.c:1483: var_assign: Assigning: "cp" = storage returned from "jas_malloc(sizeof (jpc_dec_cp_t) /*48*/)". +jpc/jpc_dec.c:1493: leaked_storage: Variable "cp" going out of scope leaks the storage it points to. +jpc/jpc_dec.c:1497: leaked_storage: Variable "cp" going out of scope leaks the storage it points to. + +mif/mif_cod.c:523: var_assign: Assigning: "cmpt" = storage returned from "mif_cmpt_create()". +mif/mif_cod.c:568: leaked_storage: Variable "cmpt" going out of scope leaks the storage it points to. + +mif/mif_cod.c:568: leaked_storage: Variable "tvp" going out of scope leaks the storage it points to. + + +diff -up jasper-1.900.1/src/appl/imgcmp.c.RESOURCE_LEAK jasper-1.900.1/src/appl/imgcmp.c +--- jasper-1.900.1/src/appl/imgcmp.c.RESOURCE_LEAK 2007-01-19 22:43:08.000000000 +0100 ++++ jasper-1.900.1/src/appl/imgcmp.c 2011-12-08 14:16:04.727027007 +0100 +@@ -507,6 +507,7 @@ jas_image_t *makediffimage(jas_matrix_t + + for (i = 0; i < 3; ++i) { + if (!(diffdata[i] = jas_matrix_create(height, width))) { ++ jas_image_destroy(diffimage); + fprintf(stderr, "internal error\n"); + return 0; + } +@@ -534,6 +535,7 @@ jas_image_t *makediffimage(jas_matrix_t + + for (i = 0; i < 3; ++i) { + if (jas_image_writecmpt(diffimage, i, 0, 0, width, height, diffdata[i])) { ++ jas_image_destroy(diffimage); + return 0; + } + } +diff -up jasper-1.900.1/src/libjasper/base/jas_cm.c.RESOURCE_LEAK jasper-1.900.1/src/libjasper/base/jas_cm.c +--- jasper-1.900.1/src/libjasper/base/jas_cm.c.RESOURCE_LEAK 2011-12-08 14:16:03.387043758 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_cm.c 2011-12-08 14:16:04.728026994 +0100 +@@ -355,6 +355,8 @@ jas_cmprof_t *jas_cmprof_copy(jas_cmprof + } + return newprof; + error: ++ if (newprof) ++ jas_cmprof_destroy(newprof); + return 0; + } + +@@ -458,6 +460,8 @@ jas_cmxform_t *jas_cmxform_create(jas_cm + } + return xform; + error: ++ if (xform) ++ jas_cmxform_destroy(xform); + return 0; + } + +@@ -614,6 +618,8 @@ static jas_cmpxformseq_t *jas_cmpxformse + goto error; + return newpxformseq; + error: ++ if (newpxformseq) ++ jas_cmpxformseq_destroy(newpxformseq); + return 0; + } + +diff -up jasper-1.900.1/src/libjasper/base/jas_image.c.RESOURCE_LEAK jasper-1.900.1/src/libjasper/base/jas_image.c +--- jasper-1.900.1/src/libjasper/base/jas_image.c.RESOURCE_LEAK 2011-12-08 14:16:04.635028156 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_image.c 2011-12-08 14:16:04.776026394 +0100 +@@ -268,15 +268,19 @@ static jas_image_cmpt_t *jas_image_cmpt_ + newcmpt->cps_ = cmpt->cps_; + newcmpt->type_ = cmpt->type_; + if (!(newcmpt->stream_ = jas_stream_memopen(0, 0))) { ++ jas_image_cmpt_destroy(newcmpt); + return 0; + } + if (jas_stream_seek(cmpt->stream_, 0, SEEK_SET)) { ++ jas_image_cmpt_destroy(newcmpt); + return 0; + } + if (jas_stream_copy(newcmpt->stream_, cmpt->stream_, -1)) { ++ jas_image_cmpt_destroy(newcmpt); + return 0; + } + if (jas_stream_seek(newcmpt->stream_, 0, SEEK_SET)) { ++ jas_image_cmpt_destroy(newcmpt); + return 0; + } + return newcmpt; +@@ -1443,5 +1447,11 @@ jas_image_dump(outimage, stderr); + #endif + return outimage; + error: ++ if (xform) ++ jas_cmxform_destroy(xform); ++ if (inimage) ++ jas_image_destroy(inimage); ++ if (outimage) ++ jas_image_destroy(outimage); + return 0; + } +diff -up jasper-1.900.1/src/libjasper/bmp/bmp_enc.c.RESOURCE_LEAK jasper-1.900.1/src/libjasper/bmp/bmp_enc.c +--- jasper-1.900.1/src/libjasper/bmp/bmp_enc.c.RESOURCE_LEAK 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/bmp/bmp_enc.c 2011-12-08 14:16:04.826025768 +0100 +@@ -205,16 +205,19 @@ int bmp_encode(jas_image_t *image, jas_s + + /* Write the bitmap header. */ + if (bmp_puthdr(out, &hdr)) { ++ bmp_info_destroy(info); + return -1; + } + + /* Write the bitmap information. */ + if (bmp_putinfo(out, info)) { ++ bmp_info_destroy(info); + return -1; + } + + /* Write the bitmap data. */ + if (bmp_putdata(out, info, image, enc->cmpts)) { ++ bmp_info_destroy(info); + return -1; + } + +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_dec.c.RESOURCE_LEAK jasper-1.900.1/src/libjasper/jpc/jpc_dec.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_dec.c.RESOURCE_LEAK 2011-12-08 14:16:04.594028668 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_dec.c 2011-12-08 14:17:25.677014992 +0100 +@@ -465,6 +465,7 @@ static int jpc_dec_process_sot(jpc_dec_t + + if (!(dec->image = jas_image_create(dec->numcomps, compinfos, + JAS_CLRSPC_UNKNOWN))) { ++ jas_free(compinfos); + return -1; + } + jas_free(compinfos); +@@ -1490,10 +1491,11 @@ static jpc_dec_cp_t *jpc_dec_cp_create(u + cp->mctid = 0; + cp->csty = 0; + if (!(cp->ccps = jas_alloc2(cp->numcomps, sizeof(jpc_dec_ccp_t)))) { ++ jpc_dec_cp_destroy(cp); + return 0; + } + if (!(cp->pchglist = jpc_pchglist_create())) { +- jas_free(cp->ccps); ++ jpc_dec_cp_destroy(cp); + return 0; + } + for (compno = 0, ccp = cp->ccps; compno < cp->numcomps; +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_tagtree.c.RESOURCE_LEAK jasper-1.900.1/src/libjasper/jpc/jpc_tagtree.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_tagtree.c.RESOURCE_LEAK 2011-12-08 14:16:04.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_tagtree.c 2011-12-08 14:17:55.905637082 +0100 +@@ -126,6 +126,7 @@ jpc_tagtree_t *jpc_tagtree_create(int nu + } while (n > 1); + + if (!(tree->nodes_ = jas_alloc2(tree->numnodes_, sizeof(jpc_tagtreenode_t)))) { ++ jpc_tagtree_destroy(tree); + return 0; + } + +diff -up jasper-1.900.1/src/libjasper/mif/mif_cod.c.RESOURCE_LEAK jasper-1.900.1/src/libjasper/mif/mif_cod.c +--- jasper-1.900.1/src/libjasper/mif/mif_cod.c.RESOURCE_LEAK 2011-12-08 14:16:04.250032970 +0100 ++++ jasper-1.900.1/src/libjasper/mif/mif_cod.c 2011-12-08 14:16:04.967024005 +0100 +@@ -564,7 +564,7 @@ static int mif_process_cmpt(mif_hdr_t *h + break; + case MIF_DATA: + if (!(cmpt->data = jas_strdup(jas_tvparser_getval(tvp)))) { +- return -1; ++ goto error; + } + break; + } diff --git a/patches/source/jasper/patches/jasper-1.900.1-Coverity-UNREACHABLE.patch b/patches/source/jasper/patches/jasper-1.900.1-Coverity-UNREACHABLE.patch new file mode 100644 index 000000000..3cae29403 --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-Coverity-UNREACHABLE.patch @@ -0,0 +1,37 @@ +Error: UNREACHABLE +jp2/jp2_cod.c:304: unreachable: This code cannot be reached: "abort();". + +jp2/jp2_cod.c:514: unreachable: This code cannot be reached: "abort();". + +jp2/jp2_enc.c:354: unreachable: This code cannot be reached: "abort();". + +diff -up jasper-1.900.1/src/libjasper/jp2/jp2_cod.c.unreachable jasper-1.900.1/src/libjasper/jp2/jp2_cod.c +--- jasper-1.900.1/src/libjasper/jp2/jp2_cod.c.unreachable 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jp2/jp2_cod.c 2011-06-27 15:28:13.083137952 +0200 +@@ -301,7 +301,6 @@ jp2_box_t *jp2_box_get(jas_stream_t *in) + } + + return box; +- abort(); + + error: + if (box) { +@@ -511,7 +510,6 @@ int jp2_box_put(jp2_box_t *box, jas_stre + } + + return 0; +- abort(); + + error: + +diff -up jasper-1.900.1/src/libjasper/jp2/jp2_enc.c.unreachable jasper-1.900.1/src/libjasper/jp2/jp2_enc.c +--- jasper-1.900.1/src/libjasper/jp2/jp2_enc.c.unreachable 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jp2/jp2_enc.c 2011-06-27 15:27:58.858353979 +0200 +@@ -351,7 +351,6 @@ int sgnd; + } + + return 0; +- abort(); + + error: + diff --git a/patches/source/jasper/patches/jasper-1.900.1-Coverity-UNUSED_VALUE.patch b/patches/source/jasper/patches/jasper-1.900.1-Coverity-UNUSED_VALUE.patch new file mode 100644 index 000000000..e7d4cb591 --- /dev/null +++ b/patches/source/jasper/patches/jasper-1.900.1-Coverity-UNUSED_VALUE.patch @@ -0,0 +1,41 @@ +Error: UNUSED_VALUE +base/jas_icc.c:328: returned_pointer: Pointer "attrvalinfo" returned by "jas_iccattrvalinfo_lookup(type)" is never used. + +jpc/jpc_enc.c:788: returned_pointer: Pointer "cp" returned by "strchr(s, 66)" is never used. + +diff -up jasper-1.900.1/src/libjasper/base/jas_icc.c.unused_value jasper-1.900.1/src/libjasper/base/jas_icc.c +--- jasper-1.900.1/src/libjasper/base/jas_icc.c.unused_value 2007-01-19 22:43:05.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_icc.c 2011-06-27 15:35:52.815263000 +0200 +@@ -266,7 +266,6 @@ jas_iccprof_t *jas_iccprof_load(jas_stre + jas_iccattrval_t *attrval; + jas_iccattrval_t *prevattrval; + jas_icctagtabent_t *tagtabent; +- jas_iccattrvalinfo_t *attrvalinfo; + int i; + int len; + +@@ -325,7 +324,7 @@ jas_iccprof_t *jas_iccprof_load(jas_stre + goto error; + } + curoff += 8; +- if (!(attrvalinfo = jas_iccattrvalinfo_lookup(type))) { ++ if (!jas_iccattrvalinfo_lookup(type)) { + #if 0 + jas_eprintf("warning: skipping unknown tag type\n"); + #endif +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_enc.c.unused_value jasper-1.900.1/src/libjasper/jpc/jpc_enc.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_enc.c.unused_value 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_enc.c 2011-06-27 15:36:17.437900180 +0200 +@@ -781,11 +781,10 @@ void jpc_enc_cp_destroy(jpc_enc_cp_t *cp + + int ratestrtosize(char *s, uint_fast32_t rawsize, uint_fast32_t *size) + { +- char *cp; + jpc_flt_t f; + + /* Note: This function must not modify output size on failure. */ +- if ((cp = strchr(s, 'B'))) { ++ if (strchr(s, 'B')) { + *size = atoi(s); + } else { + f = atof(s); diff --git a/patches/source/jasper/patches/jasper-CVE-2014-8137.patch b/patches/source/jasper/patches/jasper-CVE-2014-8137.patch new file mode 100644 index 000000000..9600cd323 --- /dev/null +++ b/patches/source/jasper/patches/jasper-CVE-2014-8137.patch @@ -0,0 +1,57 @@ +--- jasper-1.900.1.orig/src/libjasper/base/jas_icc.c 2014-12-11 14:06:44.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/base/jas_icc.c 2014-12-11 15:16:37.971272386 +0100 +@@ -1009,7 +1009,6 @@ static int jas_icccurv_input(jas_iccattr + return 0; + + error: +- jas_icccurv_destroy(attrval); + return -1; + } + +@@ -1127,7 +1126,6 @@ static int jas_icctxtdesc_input(jas_icca + #endif + return 0; + error: +- jas_icctxtdesc_destroy(attrval); + return -1; + } + +@@ -1206,8 +1204,6 @@ static int jas_icctxt_input(jas_iccattrv + goto error; + return 0; + error: +- if (txt->string) +- jas_free(txt->string); + return -1; + } + +@@ -1328,7 +1324,6 @@ static int jas_icclut8_input(jas_iccattr + goto error; + return 0; + error: +- jas_icclut8_destroy(attrval); + return -1; + } + +@@ -1497,7 +1492,6 @@ static int jas_icclut16_input(jas_iccatt + goto error; + return 0; + error: +- jas_icclut16_destroy(attrval); + return -1; + } + +--- jasper-1.900.1.orig/src/libjasper/jp2/jp2_dec.c 2014-12-11 14:30:54.193209780 +0100 ++++ jasper-1.900.1/src/libjasper/jp2/jp2_dec.c 2014-12-11 14:36:46.313217814 +0100 +@@ -291,7 +291,10 @@ jas_image_t *jp2_decode(jas_stream_t *in + case JP2_COLR_ICC: + iccprof = jas_iccprof_createfrombuf(dec->colr->data.colr.iccp, + dec->colr->data.colr.iccplen); +- assert(iccprof); ++ if (!iccprof) { ++ jas_eprintf("error: failed to parse ICC profile\n"); ++ goto error; ++ } + jas_iccprof_gethdr(iccprof, &icchdr); + jas_eprintf("ICC Profile CS %08x\n", icchdr.colorspc); + jas_image_setclrspc(dec->image, fromiccpcs(icchdr.colorspc)); diff --git a/patches/source/jasper/patches/jasper-CVE-2014-8138.patch b/patches/source/jasper/patches/jasper-CVE-2014-8138.patch new file mode 100644 index 000000000..5aaf8abb1 --- /dev/null +++ b/patches/source/jasper/patches/jasper-CVE-2014-8138.patch @@ -0,0 +1,14 @@ +--- jasper-1.900.1.orig/src/libjasper/jp2/jp2_dec.c 2014-12-11 14:06:44.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jp2/jp2_dec.c 2014-12-11 14:06:26.000000000 +0100 +@@ -386,6 +386,11 @@ jas_image_t *jp2_decode(jas_stream_t *in + /* Determine the type of each component. */ + if (dec->cdef) { + for (i = 0; i < dec->numchans; ++i) { ++ /* Is the channel number reasonable? */ ++ if (dec->cdef->data.cdef.ents[i].channo >= dec->numchans) { ++ jas_eprintf("error: invalid channel number in CDEF box\n"); ++ goto error; ++ } + jas_image_setcmpttype(dec->image, + dec->chantocmptlut[dec->cdef->data.cdef.ents[i].channo], + jp2_getct(jas_image_clrspc(dec->image), diff --git a/patches/source/jasper/patches/jasper-CVE-2014-8157.patch b/patches/source/jasper/patches/jasper-CVE-2014-8157.patch new file mode 100644 index 000000000..ebfc1b2d0 --- /dev/null +++ b/patches/source/jasper/patches/jasper-CVE-2014-8157.patch @@ -0,0 +1,12 @@ +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_dec.c.CVE-2014-8157 jasper-1.900.1/src/libjasper/jpc/jpc_dec.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_dec.c.CVE-2014-8157 2015-01-19 16:59:36.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_dec.c 2015-01-19 17:07:41.609863268 +0100 +@@ -489,7 +489,7 @@ static int jpc_dec_process_sot(jpc_dec_t + dec->curtileendoff = 0; + } + +- if (JAS_CAST(int, sot->tileno) > dec->numtiles) { ++ if (JAS_CAST(int, sot->tileno) >= dec->numtiles) { + jas_eprintf("invalid tile number in SOT marker segment\n"); + return -1; + } diff --git a/patches/source/jasper/patches/jasper-CVE-2014-8158.patch b/patches/source/jasper/patches/jasper-CVE-2014-8158.patch new file mode 100644 index 000000000..ce9e4b497 --- /dev/null +++ b/patches/source/jasper/patches/jasper-CVE-2014-8158.patch @@ -0,0 +1,329 @@ +diff -up jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c.CVE-2014-8158 jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c.CVE-2014-8158 2015-01-19 17:25:28.730195502 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_qmfb.c 2015-01-19 17:27:20.214663127 +0100 +@@ -306,11 +306,7 @@ void jpc_qmfb_split_row(jpc_fix_t *a, in + { + + int bufsize = JPC_CEILDIVPOW2(numcols, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE]; +-#else +- jpc_fix_t splitbuf[bufsize]; +-#endif + jpc_fix_t *buf = splitbuf; + register jpc_fix_t *srcptr; + register jpc_fix_t *dstptr; +@@ -318,7 +314,6 @@ void jpc_qmfb_split_row(jpc_fix_t *a, in + register int m; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { +@@ -326,7 +321,6 @@ void jpc_qmfb_split_row(jpc_fix_t *a, in + abort(); + } + } +-#endif + + if (numcols >= 2) { + hstartcol = (numcols + 1 - parity) >> 1; +@@ -360,12 +354,10 @@ void jpc_qmfb_split_row(jpc_fix_t *a, in + } + } + +-#if !defined(HAVE_VLA) + /* If the split buffer was allocated on the heap, free this memory. */ + if (buf != splitbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -374,11 +366,7 @@ void jpc_qmfb_split_col(jpc_fix_t *a, in + { + + int bufsize = JPC_CEILDIVPOW2(numrows, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE]; +-#else +- jpc_fix_t splitbuf[bufsize]; +-#endif + jpc_fix_t *buf = splitbuf; + register jpc_fix_t *srcptr; + register jpc_fix_t *dstptr; +@@ -386,7 +374,6 @@ void jpc_qmfb_split_col(jpc_fix_t *a, in + register int m; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { +@@ -394,7 +381,6 @@ void jpc_qmfb_split_col(jpc_fix_t *a, in + abort(); + } + } +-#endif + + if (numrows >= 2) { + hstartcol = (numrows + 1 - parity) >> 1; +@@ -428,12 +414,10 @@ void jpc_qmfb_split_col(jpc_fix_t *a, in + } + } + +-#if !defined(HAVE_VLA) + /* If the split buffer was allocated on the heap, free this memory. */ + if (buf != splitbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -442,11 +426,7 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a, + { + + int bufsize = JPC_CEILDIVPOW2(numrows, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE * JPC_QMFB_COLGRPSIZE]; +-#else +- jpc_fix_t splitbuf[bufsize * JPC_QMFB_COLGRPSIZE]; +-#endif + jpc_fix_t *buf = splitbuf; + jpc_fix_t *srcptr; + jpc_fix_t *dstptr; +@@ -457,7 +437,6 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a, + int m; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { +@@ -465,7 +444,6 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a, + abort(); + } + } +-#endif + + if (numrows >= 2) { + hstartcol = (numrows + 1 - parity) >> 1; +@@ -517,12 +495,10 @@ void jpc_qmfb_split_colgrp(jpc_fix_t *a, + } + } + +-#if !defined(HAVE_VLA) + /* If the split buffer was allocated on the heap, free this memory. */ + if (buf != splitbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -531,11 +507,7 @@ void jpc_qmfb_split_colres(jpc_fix_t *a, + { + + int bufsize = JPC_CEILDIVPOW2(numrows, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE * JPC_QMFB_COLGRPSIZE]; +-#else +- jpc_fix_t splitbuf[bufsize * numcols]; +-#endif + jpc_fix_t *buf = splitbuf; + jpc_fix_t *srcptr; + jpc_fix_t *dstptr; +@@ -546,7 +518,6 @@ void jpc_qmfb_split_colres(jpc_fix_t *a, + int m; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Get a buffer. */ + if (bufsize > QMFB_SPLITBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { +@@ -554,7 +525,6 @@ void jpc_qmfb_split_colres(jpc_fix_t *a, + abort(); + } + } +-#endif + + if (numrows >= 2) { + hstartcol = (numrows + 1 - parity) >> 1; +@@ -606,12 +576,10 @@ void jpc_qmfb_split_colres(jpc_fix_t *a, + } + } + +-#if !defined(HAVE_VLA) + /* If the split buffer was allocated on the heap, free this memory. */ + if (buf != splitbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -619,18 +587,13 @@ void jpc_qmfb_join_row(jpc_fix_t *a, int + { + + int bufsize = JPC_CEILDIVPOW2(numcols, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t joinbuf[QMFB_JOINBUFSIZE]; +-#else +- jpc_fix_t joinbuf[bufsize]; +-#endif + jpc_fix_t *buf = joinbuf; + register jpc_fix_t *srcptr; + register jpc_fix_t *dstptr; + register int n; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { +@@ -638,7 +601,6 @@ void jpc_qmfb_join_row(jpc_fix_t *a, int + abort(); + } + } +-#endif + + hstartcol = (numcols + 1 - parity) >> 1; + +@@ -670,12 +632,10 @@ void jpc_qmfb_join_row(jpc_fix_t *a, int + ++srcptr; + } + +-#if !defined(HAVE_VLA) + /* If the join buffer was allocated on the heap, free this memory. */ + if (buf != joinbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -684,18 +644,13 @@ void jpc_qmfb_join_col(jpc_fix_t *a, int + { + + int bufsize = JPC_CEILDIVPOW2(numrows, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t joinbuf[QMFB_JOINBUFSIZE]; +-#else +- jpc_fix_t joinbuf[bufsize]; +-#endif + jpc_fix_t *buf = joinbuf; + register jpc_fix_t *srcptr; + register jpc_fix_t *dstptr; + register int n; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, sizeof(jpc_fix_t)))) { +@@ -703,7 +658,6 @@ void jpc_qmfb_join_col(jpc_fix_t *a, int + abort(); + } + } +-#endif + + hstartcol = (numrows + 1 - parity) >> 1; + +@@ -735,12 +689,10 @@ void jpc_qmfb_join_col(jpc_fix_t *a, int + ++srcptr; + } + +-#if !defined(HAVE_VLA) + /* If the join buffer was allocated on the heap, free this memory. */ + if (buf != joinbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -749,11 +701,7 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a, + { + + int bufsize = JPC_CEILDIVPOW2(numrows, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t joinbuf[QMFB_JOINBUFSIZE * JPC_QMFB_COLGRPSIZE]; +-#else +- jpc_fix_t joinbuf[bufsize * JPC_QMFB_COLGRPSIZE]; +-#endif + jpc_fix_t *buf = joinbuf; + jpc_fix_t *srcptr; + jpc_fix_t *dstptr; +@@ -763,7 +711,6 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a, + register int i; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { + if (!(buf = jas_alloc2(bufsize, JPC_QMFB_COLGRPSIZE * sizeof(jpc_fix_t)))) { +@@ -771,7 +718,6 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a, + abort(); + } + } +-#endif + + hstartcol = (numrows + 1 - parity) >> 1; + +@@ -821,12 +767,10 @@ void jpc_qmfb_join_colgrp(jpc_fix_t *a, + srcptr += JPC_QMFB_COLGRPSIZE; + } + +-#if !defined(HAVE_VLA) + /* If the join buffer was allocated on the heap, free this memory. */ + if (buf != joinbuf) { + jas_free(buf); + } +-#endif + + } + +@@ -835,11 +779,7 @@ void jpc_qmfb_join_colres(jpc_fix_t *a, + { + + int bufsize = JPC_CEILDIVPOW2(numrows, 1); +-#if !defined(HAVE_VLA) + jpc_fix_t joinbuf[QMFB_JOINBUFSIZE * JPC_QMFB_COLGRPSIZE]; +-#else +- jpc_fix_t joinbuf[bufsize * numcols]; +-#endif + jpc_fix_t *buf = joinbuf; + jpc_fix_t *srcptr; + jpc_fix_t *dstptr; +@@ -849,7 +789,6 @@ void jpc_qmfb_join_colres(jpc_fix_t *a, + register int i; + int hstartcol; + +-#if !defined(HAVE_VLA) + /* Allocate memory for the join buffer from the heap. */ + if (bufsize > QMFB_JOINBUFSIZE) { + if (!(buf = jas_alloc3(bufsize, numcols, sizeof(jpc_fix_t)))) { +@@ -857,7 +796,6 @@ void jpc_qmfb_join_colres(jpc_fix_t *a, + abort(); + } + } +-#endif + + hstartcol = (numrows + 1 - parity) >> 1; + +@@ -907,12 +845,10 @@ void jpc_qmfb_join_colres(jpc_fix_t *a, + srcptr += numcols; + } + +-#if !defined(HAVE_VLA) + /* If the join buffer was allocated on the heap, free this memory. */ + if (buf != joinbuf) { + jas_free(buf); + } +-#endif + + } + diff --git a/patches/source/jasper/patches/jasper-CVE-2014-9029.patch b/patches/source/jasper/patches/jasper-CVE-2014-9029.patch new file mode 100644 index 000000000..98a203599 --- /dev/null +++ b/patches/source/jasper/patches/jasper-CVE-2014-9029.patch @@ -0,0 +1,29 @@ +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_dec.c 2014-11-27 12:45:44.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_dec.c 2014-11-27 12:44:58.000000000 +0100 +@@ -1281,7 +1281,7 @@ static int jpc_dec_process_coc(jpc_dec_t + jpc_coc_t *coc = &ms->parms.coc; + jpc_dec_tile_t *tile; + +- if (JAS_CAST(int, coc->compno) > dec->numcomps) { ++ if (JAS_CAST(int, coc->compno) >= dec->numcomps) { + jas_eprintf("invalid component number in COC marker segment\n"); + return -1; + } +@@ -1307,7 +1307,7 @@ static int jpc_dec_process_rgn(jpc_dec_t + jpc_rgn_t *rgn = &ms->parms.rgn; + jpc_dec_tile_t *tile; + +- if (JAS_CAST(int, rgn->compno) > dec->numcomps) { ++ if (JAS_CAST(int, rgn->compno) >= dec->numcomps) { + jas_eprintf("invalid component number in RGN marker segment\n"); + return -1; + } +@@ -1356,7 +1356,7 @@ static int jpc_dec_process_qcc(jpc_dec_t + jpc_qcc_t *qcc = &ms->parms.qcc; + jpc_dec_tile_t *tile; + +- if (JAS_CAST(int, qcc->compno) > dec->numcomps) { ++ if (JAS_CAST(int, qcc->compno) >= dec->numcomps) { + jas_eprintf("invalid component number in QCC marker segment\n"); + return -1; + } diff --git a/patches/source/jasper/patches/jpc_dec.c.patch b/patches/source/jasper/patches/jpc_dec.c.patch new file mode 100644 index 000000000..ae1cd0617 --- /dev/null +++ b/patches/source/jasper/patches/jpc_dec.c.patch @@ -0,0 +1,18 @@ +diff -urN jasper-1.900.1/src/libjasper/jpc/jpc_dec.c jasper-1.900.1-fix/src/libjasper/jpc/jpc_dec.c +--- jasper-1.900.1/src/libjasper/jpc/jpc_dec.c 2007-01-19 14:43:07.000000000 -0700 ++++ jasper-1.900.1-fix/src/libjasper/jpc/jpc_dec.c 2008-03-06 16:51:12.000000000 -0700 +@@ -1069,12 +1069,12 @@ + /* Apply an inverse intercomponent transform if necessary. */ + switch (tile->cp->mctid) { + case JPC_MCT_RCT: +- assert(dec->numcomps == 3); ++ assert(dec->numcomps >= 3); + jpc_irct(tile->tcomps[0].data, tile->tcomps[1].data, + tile->tcomps[2].data); + break; + case JPC_MCT_ICT: +- assert(dec->numcomps == 3); ++ assert(dec->numcomps >= 3); + jpc_iict(tile->tcomps[0].data, tile->tcomps[1].data, + tile->tcomps[2].data); + break; diff --git a/patches/source/jasper/patches/patch-libjasper-stepsizes-overflow.diff b/patches/source/jasper/patches/patch-libjasper-stepsizes-overflow.diff new file mode 100644 index 000000000..097559f68 --- /dev/null +++ b/patches/source/jasper/patches/patch-libjasper-stepsizes-overflow.diff @@ -0,0 +1,14 @@ +--- jasper-1.900.1.orig/src/libjasper/jpc/jpc_cs.c 2007-01-19 22:43:07.000000000 +0100 ++++ jasper-1.900.1/src/libjasper/jpc/jpc_cs.c 2007-04-06 01:29:02.000000000 +0200 +@@ -982,7 +982,10 @@ static int jpc_qcx_getcompparms(jpc_qcxc + compparms->numstepsizes = (len - n) / 2; + break; + } +- if (compparms->numstepsizes > 0) { ++ if (compparms->numstepsizes > 3 * JPC_MAXRLVLS + 1) { ++ jpc_qcx_destroycompparms(compparms); ++ return -1; ++ } else if (compparms->numstepsizes > 0) { + compparms->stepsizes = jas_malloc(compparms->numstepsizes * + sizeof(uint_fast16_t)); + assert(compparms->stepsizes); diff --git a/patches/source/jasper/slack-desc b/patches/source/jasper/slack-desc new file mode 100644 index 000000000..c79751af3 --- /dev/null +++ b/patches/source/jasper/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +jasper: jasper (free implementation of the JPEG-2000 standard) +jasper: +jasper: The JasPer Project is an open-source initiative to provide a free +jasper: software-based reference implementation of the codec specified in the +jasper: JPEG-2000 Part-1 standard (i.e., ISO/IEC 15444-1).jasper: +jasper: +jasper: jasper home: http://www.ece.uvic.ca/~mdadams/jasper/ +jasper: +jasper: +jasper: +jasper: diff --git a/patches/source/kdebase-workspace/config/Xsession b/patches/source/kdebase-workspace/config/Xsession new file mode 100644 index 000000000..736f5d5c2 --- /dev/null +++ b/patches/source/kdebase-workspace/config/Xsession @@ -0,0 +1,88 @@ +#! /bin/sh +# Xsession - run as user + +# Merged in parts of the old Xsession to load defaults from +# Xresources and Xmodmap files, 2006-02-09 volkerdi +# Merged with the new Xsession (original) from KDE4, 20071220 rworkman + + session=$1 + +# This section is borrowed from the old X11 Xsession file: +userresources=$HOME/.Xresources +usermodmap=$HOME/.Xmodmap +sysresources=/usr/lib/X11/xinit/.Xresources +sysmodmap=/usr/lib/X11/xinit/.Xmodmap +# merge in defaults and keymaps +if [ -r $sysresources ]; then + /usr/bin/xrdb -merge $sysresources +fi +if [ -r $sysmodmap ]; then + /usr/bin/xmodmap $sysmodmap +fi +if [ -r $userresources ]; then + /usr/bin/xrdb -merge $userresources +fi +if [ -r $usermodmap ]; then + /usr/bin/xmodmap $usermodmap +fi + +# Note that the respective logout scripts are not sourced. +case $SHELL in + */bash) + [ -z "$BASH" ] && exec $SHELL $0 "$@" + set +o posix + [ -f /etc/profile ] && . /etc/profile + if [ -f $HOME/.bash_profile ]; then + . $HOME/.bash_profile + elif [ -f $HOME/.bash_login ]; then + . $HOME/.bash_login + elif [ -f $HOME/.profile ]; then + . $HOME/.profile + fi + ;; + */zsh) + [ -z "$ZSH_NAME" ] && exec $SHELL $0 "$@" + emulate -R zsh + [ -d /etc/zsh ] && zdir=/etc/zsh || zdir=/etc + zhome=${ZDOTDIR:-$HOME} + # zshenv is always sourced automatically. + [ -f $zdir/zprofile ] && . $zdir/zprofile + [ -f $zhome/.zprofile ] && . $zhome/.zprofile + [ -f $zdir/zlogin ] && . $zdir/zlogin + [ -f $zhome/.zlogin ] && . $zhome/.zlogin + ;; + */csh|*/tcsh) + # [t]cshrc is always sourced automatically. + # Note that sourcing csh.login after .cshrc is non-standard. + xsess_tmp=`mktemp /tmp/xsess-env-XXXXXX` + $SHELL -c "if (-f /etc/csh.login) source /etc/csh.login; if (-f ~/.login) source ~/.login; /bin/sh -c export -p >! $xsess_tmp" + . $xsess_tmp + rm -f $xsess_tmp + ;; + *) # Plain sh, ksh, and anything we do not know. + [ -f /etc/profile ] && . /etc/profile + [ -f $HOME/.profile ] && . $HOME/.profile + ;; +esac + +[ -f /etc/xprofile ] && . /etc/xprofile +[ -f $HOME/.xprofile ] && . $HOME/.xprofile + +case $session in + "") + exec xmessage -center -buttons OK:0 -default OK "Sorry, $DESKTOP_SESSION is no valid session." + ;; + failsafe) + exec xterm -geometry 80x24-0-0 + ;; + custom) + exec $HOME/.xsession + ;; + default) + exec /usr/bin/startkde + ;; + *) + eval exec "$session" + ;; +esac +exec xmessage -center -buttons OK:0 -default OK "Sorry, cannot execute $session. Check $DESKTOP_SESSION.desktop." diff --git a/patches/source/kdebase-workspace/config/Xsession.orig b/patches/source/kdebase-workspace/config/Xsession.orig new file mode 100644 index 000000000..43d78b8d9 --- /dev/null +++ b/patches/source/kdebase-workspace/config/Xsession.orig @@ -0,0 +1,65 @@ +#! /bin/sh +# Xsession - run as user + +session=$1 + +# Note that the respective logout scripts are not sourced. +case $SHELL in + */bash) + [ -z "$BASH" ] && exec $SHELL $0 "$@" + set +o posix + [ -f /etc/profile ] && . /etc/profile + if [ -f $HOME/.bash_profile ]; then + . $HOME/.bash_profile + elif [ -f $HOME/.bash_login ]; then + . $HOME/.bash_login + elif [ -f $HOME/.profile ]; then + . $HOME/.profile + fi + ;; + */zsh) + [ -z "$ZSH_NAME" ] && exec $SHELL $0 "$@" + emulate -R zsh + [ -d /etc/zsh ] && zdir=/etc/zsh || zdir=/etc + zhome=${ZDOTDIR:-$HOME} + # zshenv is always sourced automatically. + [ -f $zdir/zprofile ] && . $zdir/zprofile + [ -f $zhome/.zprofile ] && . $zhome/.zprofile + [ -f $zdir/zlogin ] && . $zdir/zlogin + [ -f $zhome/.zlogin ] && . $zhome/.zlogin + ;; + */csh|*/tcsh) + # [t]cshrc is always sourced automatically. + # Note that sourcing csh.login after .cshrc is non-standard. + xsess_tmp=`mktemp /tmp/xsess-env-XXXXXX` + $SHELL -c "if (-f /etc/csh.login) source /etc/csh.login; if (-f ~/.login) source ~/.login; /bin/sh -c export -p >! $xsess_tmp" + . $xsess_tmp + rm -f $xsess_tmp + ;; + *) # Plain sh, ksh, and anything we do not know. + [ -f /etc/profile ] && . /etc/profile + [ -f $HOME/.profile ] && . $HOME/.profile + ;; +esac + +[ -f /etc/xprofile ] && . /etc/xprofile +[ -f $HOME/.xprofile ] && . $HOME/.xprofile + +case $session in + "") + exec xmessage -center -buttons OK:0 -default OK "Sorry, $DESKTOP_SESSION is no valid session." + ;; + failsafe) + exec xterm -geometry 80x24-0-0 + ;; + custom) + exec $HOME/.xsession + ;; + default) + exec /usr/bin/startkde + ;; + *) + eval exec "$session" + ;; +esac +exec xmessage -center -buttons OK:0 -default OK "Sorry, cannot execute $session. Check $DESKTOP_SESSION.desktop." diff --git a/patches/source/kdebase-workspace/doinst.sh b/patches/source/kdebase-workspace/doinst.sh new file mode 100644 index 000000000..793bae742 --- /dev/null +++ b/patches/source/kdebase-workspace/doinst.sh @@ -0,0 +1,26 @@ +#!/bin/sh + +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/kde/kdm/backgroundrc.new +config etc/kde/kdm/kdmrc.new + +if [ -x usr/bin/update-desktop-database ]; then + usr/bin/update-desktop-database usr/share/applications >/dev/null 2>&1 +fi + +if [ -x usr/bin/update-mime-database ]; then + usr/bin/update-mime-database usr/share/mime >/dev/null 2>&1 +fi + diff --git a/patches/source/kdebase-workspace/kdebase-workspace-4.3.5-CVE-2010-0436-really-for-4.3.5.diff b/patches/source/kdebase-workspace/kdebase-workspace-4.3.5-CVE-2010-0436-really-for-4.3.5.diff new file mode 100644 index 000000000..3ec7f6430 --- /dev/null +++ b/patches/source/kdebase-workspace/kdebase-workspace-4.3.5-CVE-2010-0436-really-for-4.3.5.diff @@ -0,0 +1,193 @@ +--- ./kdm/ConfigureChecks.cmake.orig 2009-05-27 14:53:40.000000000 -0500 ++++ ./kdm/ConfigureChecks.cmake 2010-04-19 15:37:35.000000000 -0500 +@@ -37,6 +37,35 @@ + } + " HAVE_SETLOGIN) + ++check_c_source_runs(" ++#include <sys/socket.h> ++#include <sys/un.h> ++#include <sys/stat.h> ++#include <sys/types.h> ++#include <string.h> ++#include <unistd.h> ++#include <errno.h> ++int main() ++{ ++ int fd, fd2; ++ struct sockaddr_un sa; ++ ++ if ((fd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) ++ return 2; ++ sa.sun_family = AF_UNIX; ++ strcpy(sa.sun_path, \"testsock\"); ++ unlink(sa.sun_path); ++ if (bind(fd, (struct sockaddr *)&sa, sizeof(sa))) ++ return 2; ++ chmod(sa.sun_path, 0); ++ setuid(getuid() + 1000); ++ if ((fd2 = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) ++ return 2; ++ connect(fd2, (struct sockaddr *)&sa, sizeof(sa)); ++ return errno != EACCES; ++} ++" HONORS_SOCKET_PERMS) ++ + # for config-kdm.h + check_function_exists(seteuid HAVE_SETEUID) + +--- ./kdm/config-kdm.h.cmake.orig 2009-05-27 14:53:40.000000000 -0500 ++++ ./kdm/config-kdm.h.cmake 2010-04-19 15:37:35.000000000 -0500 +@@ -129,6 +129,9 @@ + /* Define to 1 if the ck-connector library is found */ + #cmakedefine HAVE_CKCONNECTOR 1 + ++/* Define to 1 if OS honors permission bits on socket inodes */ ++#cmakedefine HONORS_SOCKET_PERMS 1 ++ + /* $PATH defaults set by KDM */ + #cmakedefine KDM_DEF_USER_PATH "${KDM_DEF_USER_PATH}" + #cmakedefine KDM_DEF_SYSTEM_PATH "${KDM_DEF_SYSTEM_PATH}" +--- ./kdm/backend/dm.h.orig 2008-11-19 04:18:06.000000000 -0600 ++++ ./kdm/backend/dm.h 2010-04-19 15:37:35.000000000 -0500 +@@ -232,6 +232,9 @@ + struct cmdsock *css; /* open connections */ + + char *path; /* filename of the socket */ ++#ifndef HONORS_SOCKET_PERMS ++ char *realdir; /* real dirname of the socket */ ++#endif + int fd; /* fd of the socket */ + int gid; /* owner group of the socket */ + } CtrlRec; +--- ./kdm/backend/ctrl.c.orig 2009-03-18 04:59:20.000000000 -0500 ++++ ./kdm/backend/ctrl.c 2010-04-19 15:42:55.000000000 -0500 +@@ -78,7 +78,25 @@ + } + + ++#ifdef HONORS_SOCKET_PERMS + static CtrlRec ctrl = { 0, 0, -1, 0 }; ++#else ++static CtrlRec ctrl = { 0, 0, 0, -1, 0 }; ++ ++static int mkTempDir( char *dir ) ++{ ++ int i, l = strlen( dir ) - 6; ++ ++ for (i = 0; i < 100; i++) { ++ randomStr( dir + l ); ++ if (!mkdir( dir, 0700 )) ++ return True; ++ if (errno != EEXIST) ++ break; ++ } ++ return False; ++} ++#endif + + void + openCtrl( struct display *d ) +@@ -112,22 +130,50 @@ + if (strlen( cr->path ) >= sizeof(sa.sun_path)) + logError( "path %\"s too long; no control sockets will be available\n", + cr->path ); +- else if (mkdir( sockdir, 0755 ) && errno != EEXIST) ++ #ifdef HONORS_SOCKET_PERMS ++ else if (mkdir( sockdir, 0700 ) && errno != EEXIST) + logError( "mkdir %\"s failed; no control sockets will be available\n", + sockdir ); ++ else if (unlink( cr->path ) && errno != ENOENT) ++ logError( "unlink %\"s failed: %m; control socket will not be available\n", ++ cr->path ); + else { +- if (!d) +- chown( sockdir, -1, fifoGroup ); ++ #else ++ else if (unlink( sockdir ) && errno != ENOENT) ++ logError( "unlink %\"s failed: %m; control socket will not be available\n", ++ sockdir ); ++ else if (!strApp( &cr->realdir, sockdir, "-XXXXXX", (char *)0)) ++ ; ++ else if (!mkTempDir( cr->realdir )) { ++ logError( "mkdir %\"s failed: %m; control socket will not be available\n", ++ cr->realdir ); ++ free( cr->realdir ); ++ cr->realdir = 0; ++ } else if (symlink( cr->realdir, sockdir )) { ++ logError( "symlink %\"s => %\"s failed: %m; control socket will not be available\n", ++ sockdir, cr->realdir ); ++ rmdir( cr->realdir ); ++ free( cr->realdir ); ++ cr->realdir = 0; ++ } else { ++ chown( sockdir, 0, d ? 0 : fifoGroup ); + chmod( sockdir, 0750 ); ++ #endif + if ((cr->fd = socket( PF_UNIX, SOCK_STREAM, 0 )) < 0) + logError( "Cannot create control socket\n" ); + else { +- unlink( cr->path ); + sa.sun_family = AF_UNIX; + strcpy( sa.sun_path, cr->path ); + if (!bind( cr->fd, (struct sockaddr *)&sa, sizeof(sa) )) { + if (!listen( cr->fd, 5 )) { ++ #ifdef HONORS_SOCKET_PERMS ++ chmod( cr->path, 0660 ); ++ if (!d) ++ chown( cr->path, -1, fifoGroup ); ++ chmod( sockdir, 0755 ); ++ #else + chmod( cr->path, 0666 ); ++ #endif + registerCloseOnFork( cr->fd ); + registerInput( cr->fd ); + free( sockdir ); +@@ -142,6 +188,14 @@ + close( cr->fd ); + cr->fd = -1; + } ++#ifdef HONORS_SOCKET_PERMS ++ rmdir( sockdir ); ++#else ++ unlink( sockdir ); ++ rmdir( cr->realdir ); ++ free( cr->realdir ); ++ cr->realdir = 0; ++#endif + } + free( cr->path ); + cr->path = 0; +@@ -162,7 +216,14 @@ + cr->fd = -1; + unlink( cr->path ); + *strrchr( cr->path, '/' ) = 0; ++#ifdef HONORS_SOCKET_PERMS + rmdir( cr->path ); ++#else ++ unlink( cr->path ); ++ rmdir( cr->realdir ); ++ free( cr->realdir ); ++ cr->realdir = 0; ++#endif + free( cr->path ); + cr->path = 0; + while (cr->css) { +@@ -176,12 +237,12 @@ + void + chownCtrl( CtrlRec *cr, int uid ) + { +- if (cr->path) { +- char *ptr = strrchr( cr->path, '/' ); +- *ptr = 0; ++ if (cr->path) ++#ifdef HONORS_SOCKET_PERMS + chown( cr->path, uid, -1 ); +- *ptr = '/'; +- } ++#else ++ chown( cr->realdir, uid, -1 ); ++#endif + } + + void diff --git a/patches/source/kdebase-workspace/kdebase-workspace.SlackBuild b/patches/source/kdebase-workspace/kdebase-workspace.SlackBuild new file mode 100755 index 000000000..7b05faa72 --- /dev/null +++ b/patches/source/kdebase-workspace/kdebase-workspace.SlackBuild @@ -0,0 +1,117 @@ +#!/bin/sh + +# Copyright 2009 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-kdebase-workspace + +# Set the config option variables if they are not already set: +if [ -r ../KDE.options ]; then + . ../KDE.options +fi + +# The global options may be overridden here (if needed): +if [ -r ./local.options ]; then + . ./local.options +fi + +# Avoid a version number in .la files: +if [ -d /usr/lib${LIBDIRSUFFIX}/qt ]; then + QTDIR=/usr/lib${LIBDIRSUFFIX}/qt +fi + +rm -rf $PKG +mkdir -p $PKG/usr +cd $TMP +echo "Building kdebase-workspace-$VERSION..." +tar xvf $CWD/../src/kdebase-workspace-$VERSION.tar.?z* || exit 1 +cd kdebase-workspace-$VERSION + +cat $CWD/kdebase-workspace-4.3.5-CVE-2010-0436-really-for-4.3.5.diff | patch -p1 || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +mkdir -p build +cd build + cmake \ + -DCMAKE_C_FLAGS:STRING="$SLKCFLAGS" \ + -DCMAKE_CXX_FLAGS:STRING="$SLKCFLAGS" \ + -DCMAKE_BUILD_TYPE=Release \ + -DCMAKE_INSTALL_PREFIX=/usr \ + -DMAN_INSTALL_DIR=/usr/man \ + -DSYSCONF_INSTALL_DIR=/etc/kde \ + -DLIB_SUFFIX=${LIBDIRSUFFIX} \ + .. + make $NUMJOBS || exit 1 + make install DESTDIR=$PKG || exit 1 +cd - + +if [ -d $PKG/usr/man ]; then + gzip -9 $PKG/usr/man/man?/* +fi + +mkdir -p $PKG/etc/X11/xinit +cat $CWD/xinit/xinitrc.kde > $PKG/etc/X11/xinit/xinitrc.kde +chmod 0755 $PKG/etc/X11/xinit/xinitrc.kde + +# Setup config files for KDM: +$PKG/usr/bin/genkdmconf --no-old --no-old-scripts --no-backup --in $PKG/usr/share/config/kdm + +# Not allowing root to login at the console is just plain silly. If they +# have physical access to the machine, what's the point of trying to stop +# this? Even the kdmrc file says this is supposed to be the default. +sed -i 's/AllowRootLogin=false/AllowRootLogin=true/' \ + $PKG/usr/share/config/kdm/kdmrc +mv $PKG/usr/share/config/kdm/kdmrc $PKG/usr/share/config/kdm/kdmrc.new + +cp -a $PKG/usr/share/config/kdm/Xsession $PKG/usr/share/config/kdm/Xsession.orig +cat $CWD/config/Xsession | sed -e "s#/lib#/lib${LIBDIRSUFFIX}#" \ + > $PKG/usr/share/config/kdm/Xsession +mv $PKG/usr/share/config/kdm/backgroundrc $PKG/usr/share/config/kdm/backgroundrc.new + +# Move the KDM files someplace FHS compliant: +mkdir -p $PKG/etc/kde +mv $PKG/usr/share/config/kdm $PKG/etc/kde +( cd $PKG/usr/share/config ; ln -sf ../../../etc/kde/kdm . ) + +# This is fubar: +rm -f $PKG/usr/share/icons/hicolor/index.theme + +mkdir -p $PKG/usr/doc/kdebase-workspace-$VERSION +cp -a COPYING* README $PKG/usr/doc/kdebase-workspace-$VERSION + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/kdebase-workspace-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/kdebase-workspace/local.options b/patches/source/kdebase-workspace/local.options new file mode 100644 index 000000000..e7ebaaed2 --- /dev/null +++ b/patches/source/kdebase-workspace/local.options @@ -0,0 +1 @@ +BUILD=2_slack13.0 diff --git a/patches/source/kdebase-workspace/slack-desc b/patches/source/kdebase-workspace/slack-desc new file mode 100644 index 000000000..e828d208f --- /dev/null +++ b/patches/source/kdebase-workspace/slack-desc @@ -0,0 +1,12 @@ + |-----handy-ruler------------------------------------------------------| +kdebase-workspace: kdebase-workspace - the KDE Workspace +kdebase-workspace: +kdebase-workspace: The KDE Workspace (kdebase-workspace) package consists of what is +kdebase-workspace: essentially the KDE workspace presented to the user. +kdebase-workspace: +kdebase-workspace: +kdebase-workspace: +kdebase-workspace: +kdebase-workspace: +kdebase-workspace: +kdebase-workspace: diff --git a/patches/source/kdebase-workspace/xinit/xinitrc.kde b/patches/source/kdebase-workspace/xinit/xinitrc.kde new file mode 100755 index 000000000..2fda1fab2 --- /dev/null +++ b/patches/source/kdebase-workspace/xinit/xinitrc.kde @@ -0,0 +1,28 @@ +#!/bin/sh +# $XConsortium: xinitrc.cpp,v 1.4 91/08/22 11:41:34 rws Exp $ + +userresources=$HOME/.Xresources +usermodmap=$HOME/.Xmodmap +sysresources=/etc/X11/xinit/.Xresources +sysmodmap=/etc/X11/xinit/.Xmodmap + +# merge in defaults and keymaps + +if [ -f $sysresources ]; then + xrdb -merge $sysresources +fi + +if [ -f $sysmodmap ]; then + xmodmap $sysmodmap +fi + +if [ -f $userresources ]; then + xrdb -merge $userresources +fi + +if [ -f $usermodmap ]; then + xmodmap $usermodmap +fi + +# Start the window manager: +startkde diff --git a/patches/source/libX11/arch.use.flags b/patches/source/libX11/arch.use.flags new file mode 100644 index 000000000..11087c884 --- /dev/null +++ b/patches/source/libX11/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libX11/build/libX11 b/patches/source/libX11/build/libX11 new file mode 100644 index 000000000..1551cb6a4 --- /dev/null +++ b/patches/source/libX11/build/libX11 @@ -0,0 +1 @@ +1_slack13.0 diff --git a/patches/source/libX11/configure/libX11 b/patches/source/libX11/configure/libX11 new file mode 100644 index 000000000..cf85e58d4 --- /dev/null +++ b/patches/source/libX11/configure/libX11 @@ -0,0 +1,12 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libX11/libX11.SlackBuild b/patches/source/libX11/libX11.SlackBuild new file mode 100755 index 000000000..6db227798 --- /dev/null +++ b/patches/source/libX11/libX11.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild lib libX11 +mv /tmp/x11-build/libX11*txz /tmp diff --git a/patches/source/libX11/modularize b/patches/source/libX11/modularize new file mode 100644 index 000000000..8a28ed93e --- /dev/null +++ b/patches/source/libX11/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libX11/noarch b/patches/source/libX11/noarch new file mode 100644 index 000000000..8785ee527 --- /dev/null +++ b/patches/source/libX11/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libX11/package-blacklist b/patches/source/libX11/package-blacklist new file mode 100644 index 000000000..603b8c31f --- /dev/null +++ b/patches/source/libX11/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libX11/post-install/libX11.post-install b/patches/source/libX11/post-install/libX11.post-install new file mode 100644 index 000000000..7232b6802 --- /dev/null +++ b/patches/source/libX11/post-install/libX11.post-install @@ -0,0 +1,2 @@ +mkdir -p $PKG/usr/share/X11 +zcat $CWD/post-install/libX11/XKeysymDB.gz > $PKG/usr/share/X11/XKeysymDB diff --git a/patches/source/libX11/slack-desc/libX11 b/patches/source/libX11/slack-desc/libX11 new file mode 100644 index 000000000..2ec4f39a3 --- /dev/null +++ b/patches/source/libX11/slack-desc/libX11 @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libX11: libX11 (Core X11 protocol client library) +libX11: +libX11: libX11 is part of X11. +libX11: +libX11: For more information about the X.Org Foundation (the providers of the +libX11: X.Org implementation of the X Window System), see their website: +libX11: +libX11: http://www.x.org +libX11: +libX11: +libX11: diff --git a/patches/source/libX11/x11.SlackBuild b/patches/source/libX11/x11.SlackBuild new file mode 100755 index 000000000..c3887dff2 --- /dev/null +++ b/patches/source/libX11/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXcursor/arch.use.flags b/patches/source/libXcursor/arch.use.flags new file mode 100644 index 000000000..f28a6ccab --- /dev/null +++ b/patches/source/libXcursor/arch.use.flags @@ -0,0 +1,7 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXcursor/build/increment.sh b/patches/source/libXcursor/build/increment.sh new file mode 100755 index 000000000..6de5d0da6 --- /dev/null +++ b/patches/source/libXcursor/build/increment.sh @@ -0,0 +1,17 @@ +#!/bin/sh +# A script to increment build numbers. +# Call it with the list of the build numbers to increase by one: +# +# ./increment.sh xf86-input-acecad xf86-input-aiptek xf86-input-joystick +# +# If a build file does not exist, it will be created with a value of 2. + +for build in $* ; do + if [ ! -r $build ]; then + echo "Creating $build with value 2" + echo 2 > $build + else + echo "Incrementing $build $(cat $build) -> $(expr $(cat $build) + 1)" + echo $(expr $(cat $build) + 1) > $build + fi +done diff --git a/patches/source/libXcursor/build/libXcursor b/patches/source/libXcursor/build/libXcursor new file mode 100644 index 000000000..1551cb6a4 --- /dev/null +++ b/patches/source/libXcursor/build/libXcursor @@ -0,0 +1 @@ +1_slack13.0 diff --git a/patches/source/libXcursor/configure/configure b/patches/source/libXcursor/configure/configure new file mode 100644 index 000000000..0f3bccf24 --- /dev/null +++ b/patches/source/libXcursor/configure/configure @@ -0,0 +1,12 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXcursor/libXcursor.SlackBuild b/patches/source/libXcursor/libXcursor.SlackBuild new file mode 100755 index 000000000..4d4f81d27 --- /dev/null +++ b/patches/source/libXcursor/libXcursor.SlackBuild @@ -0,0 +1,26 @@ +#!/bin/sh + +# Copyright 2017 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +UPGRADE_PACKAGES=no sh x11-build-script.sh lib libXcursor +mv --verbose /tmp/x11-build/*.txz /tmp + diff --git a/patches/source/libXcursor/modularize b/patches/source/libXcursor/modularize new file mode 100644 index 000000000..38762ffda --- /dev/null +++ b/patches/source/libXcursor/modularize @@ -0,0 +1,272 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXcursor/noarch b/patches/source/libXcursor/noarch new file mode 100644 index 000000000..480ffc26c --- /dev/null +++ b/patches/source/libXcursor/noarch @@ -0,0 +1,76 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-cf-files +xorg-docs +xproto +xtrans diff --git a/patches/source/libXcursor/package-blacklist b/patches/source/libXcursor/package-blacklist new file mode 100644 index 000000000..8e2f3eb5c --- /dev/null +++ b/patches/source/libXcursor/package-blacklist @@ -0,0 +1,43 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXcursor/slack-desc/libXcursor b/patches/source/libXcursor/slack-desc/libXcursor new file mode 100644 index 000000000..2906c6aaf --- /dev/null +++ b/patches/source/libXcursor/slack-desc/libXcursor @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXcursor: libXcursor (X Window System Cursor management library) +libXcursor: +libXcursor: libXcursor is part of X11. +libXcursor: +libXcursor: For more information about the X.Org Foundation (the providers of the +libXcursor: X.Org implementation of the X Window System), see their website: +libXcursor: +libXcursor: http://www.x.org +libXcursor: +libXcursor: +libXcursor: diff --git a/patches/source/libXcursor/x11-build-script.sh b/patches/source/libXcursor/x11-build-script.sh new file mode 100755 index 000000000..6da53346f --- /dev/null +++ b/patches/source/libXcursor/x11-build-script.sh @@ -0,0 +1,374 @@ +#!/bin/sh +# Copyright 2007-2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# This is default. To not upgrade, pass UPGRADE_PACKAGES=no (or anything else). +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXext/arch.use.flags b/patches/source/libXext/arch.use.flags new file mode 100644 index 000000000..11087c884 --- /dev/null +++ b/patches/source/libXext/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXext/build/libXext b/patches/source/libXext/build/libXext new file mode 100644 index 000000000..1551cb6a4 --- /dev/null +++ b/patches/source/libXext/build/libXext @@ -0,0 +1 @@ +1_slack13.0 diff --git a/patches/source/libXext/configure/configure b/patches/source/libXext/configure/configure new file mode 100644 index 000000000..dcb1109bd --- /dev/null +++ b/patches/source/libXext/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXext/libXext.SlackBuild b/patches/source/libXext/libXext.SlackBuild new file mode 100755 index 000000000..1f6fdb31a --- /dev/null +++ b/patches/source/libXext/libXext.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild lib libXext +mv /tmp/x11-build/libXext*txz /tmp diff --git a/patches/source/libXext/modularize b/patches/source/libXext/modularize new file mode 100644 index 000000000..8a28ed93e --- /dev/null +++ b/patches/source/libXext/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXext/noarch b/patches/source/libXext/noarch new file mode 100644 index 000000000..8785ee527 --- /dev/null +++ b/patches/source/libXext/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libXext/package-blacklist b/patches/source/libXext/package-blacklist new file mode 100644 index 000000000..603b8c31f --- /dev/null +++ b/patches/source/libXext/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXext/slack-desc/libXext b/patches/source/libXext/slack-desc/libXext new file mode 100644 index 000000000..a636363a5 --- /dev/null +++ b/patches/source/libXext/slack-desc/libXext @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXext: libXext (library for common extensions to the X11 protocol) +libXext: +libXext: libXext is part of X11. +libXext: +libXext: For more information about the X.Org Foundation (the providers of the +libXext: X.Org implementation of the X Window System), see their website: +libXext: +libXext: http://www.x.org +libXext: +libXext: +libXext: diff --git a/patches/source/libXext/x11.SlackBuild b/patches/source/libXext/x11.SlackBuild new file mode 100755 index 000000000..c3887dff2 --- /dev/null +++ b/patches/source/libXext/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXfixes/arch.use.flags b/patches/source/libXfixes/arch.use.flags new file mode 100644 index 000000000..11087c884 --- /dev/null +++ b/patches/source/libXfixes/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXfixes/build/libXfixes b/patches/source/libXfixes/build/libXfixes new file mode 100644 index 000000000..1551cb6a4 --- /dev/null +++ b/patches/source/libXfixes/build/libXfixes @@ -0,0 +1 @@ +1_slack13.0 diff --git a/patches/source/libXfixes/configure/configure b/patches/source/libXfixes/configure/configure new file mode 100644 index 000000000..dcb1109bd --- /dev/null +++ b/patches/source/libXfixes/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXfixes/libXfixes.SlackBuild b/patches/source/libXfixes/libXfixes.SlackBuild new file mode 100755 index 000000000..8d5116f4e --- /dev/null +++ b/patches/source/libXfixes/libXfixes.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild lib libXfixes +mv /tmp/x11-build/libXfixes*txz /tmp diff --git a/patches/source/libXfixes/modularize b/patches/source/libXfixes/modularize new file mode 100644 index 000000000..8a28ed93e --- /dev/null +++ b/patches/source/libXfixes/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXfixes/noarch b/patches/source/libXfixes/noarch new file mode 100644 index 000000000..8785ee527 --- /dev/null +++ b/patches/source/libXfixes/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libXfixes/package-blacklist b/patches/source/libXfixes/package-blacklist new file mode 100644 index 000000000..603b8c31f --- /dev/null +++ b/patches/source/libXfixes/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXfixes/slack-desc/libXfixes b/patches/source/libXfixes/slack-desc/libXfixes new file mode 100644 index 000000000..3c44fa46f --- /dev/null +++ b/patches/source/libXfixes/slack-desc/libXfixes @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXfixes: libXfixes (client library for the Xfixes extension) +libXfixes: +libXfixes: libXfixes is part of X11. +libXfixes: +libXfixes: For more information about the X.Org Foundation (the providers of the +libXfixes: X.Org implementation of the X Window System), see their website: +libXfixes: +libXfixes: http://www.x.org +libXfixes: +libXfixes: +libXfixes: diff --git a/patches/source/libXfixes/x11.SlackBuild b/patches/source/libXfixes/x11.SlackBuild new file mode 100755 index 000000000..c3887dff2 --- /dev/null +++ b/patches/source/libXfixes/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXfont/arch.use.flags b/patches/source/libXfont/arch.use.flags new file mode 100644 index 000000000..f28a6ccab --- /dev/null +++ b/patches/source/libXfont/arch.use.flags @@ -0,0 +1,7 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXfont/build/increment.sh b/patches/source/libXfont/build/increment.sh new file mode 100755 index 000000000..6de5d0da6 --- /dev/null +++ b/patches/source/libXfont/build/increment.sh @@ -0,0 +1,17 @@ +#!/bin/sh +# A script to increment build numbers. +# Call it with the list of the build numbers to increase by one: +# +# ./increment.sh xf86-input-acecad xf86-input-aiptek xf86-input-joystick +# +# If a build file does not exist, it will be created with a value of 2. + +for build in $* ; do + if [ ! -r $build ]; then + echo "Creating $build with value 2" + echo 2 > $build + else + echo "Incrementing $build $(cat $build) -> $(expr $(cat $build) + 1)" + echo $(expr $(cat $build) + 1) > $build + fi +done diff --git a/patches/source/libXfont/build/libXfont b/patches/source/libXfont/build/libXfont new file mode 100644 index 000000000..682d1e1f9 --- /dev/null +++ b/patches/source/libXfont/build/libXfont @@ -0,0 +1 @@ +2_slack13.0 diff --git a/patches/source/libXfont/configure/configure b/patches/source/libXfont/configure/configure new file mode 100644 index 000000000..0f3bccf24 --- /dev/null +++ b/patches/source/libXfont/configure/configure @@ -0,0 +1,12 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXfont/libXfont.SlackBuild b/patches/source/libXfont/libXfont.SlackBuild new file mode 100755 index 000000000..25821f171 --- /dev/null +++ b/patches/source/libXfont/libXfont.SlackBuild @@ -0,0 +1,26 @@ +#!/bin/sh + +# Copyright 2014 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +UPGRADE_PACKAGES=no sh x11-build-script.sh lib libXfont +mv --verbose /tmp/x11-build/*.txz /tmp + diff --git a/patches/source/libXfont/modularize b/patches/source/libXfont/modularize new file mode 100644 index 000000000..38762ffda --- /dev/null +++ b/patches/source/libXfont/modularize @@ -0,0 +1,272 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXfont/noarch b/patches/source/libXfont/noarch new file mode 100644 index 000000000..480ffc26c --- /dev/null +++ b/patches/source/libXfont/noarch @@ -0,0 +1,76 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-cf-files +xorg-docs +xproto +xtrans diff --git a/patches/source/libXfont/package-blacklist b/patches/source/libXfont/package-blacklist new file mode 100644 index 000000000..8e2f3eb5c --- /dev/null +++ b/patches/source/libXfont/package-blacklist @@ -0,0 +1,43 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXfont/patch/libXfont.patch b/patches/source/libXfont/patch/libXfont.patch new file mode 100644 index 000000000..7b6e24570 --- /dev/null +++ b/patches/source/libXfont/patch/libXfont.patch @@ -0,0 +1 @@ +zcat $CWD/patch/libXfont/libXfont.CVE-2017-16611.diff.gz | patch -p1 || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } diff --git a/patches/source/libXfont/patch/libXfont/libXfont.CVE-2017-16611.diff b/patches/source/libXfont/patch/libXfont/libXfont.CVE-2017-16611.diff new file mode 100644 index 000000000..352d00f03 --- /dev/null +++ b/patches/source/libXfont/patch/libXfont/libXfont.CVE-2017-16611.diff @@ -0,0 +1,85 @@ +--- ./src/fontfile/fileio.c.orig 2014-01-07 10:25:08.000000000 -0600 ++++ ./src/fontfile/fileio.c 2017-11-29 00:37:05.450068487 -0600 +@@ -36,6 +36,9 @@ + #ifndef O_BINARY + #define O_BINARY O_RDONLY + #endif ++#ifndef O_NOFOLLOW ++#define O_NOFOLLOW 0 ++#endif + + FontFilePtr + FontFileOpen (const char *name) +@@ -44,7 +47,7 @@ + int len; + BufFilePtr raw, cooked; + +- fd = open (name, O_BINARY); ++ fd = open (name, O_BINARY|O_CLOEXEC|O_NOFOLLOW); + if (fd < 0) + return 0; + raw = BufFileOpenRead (fd); +--- ./src/fontfile/dirfile.c.orig 2014-01-07 10:25:08.000000000 -0600 ++++ ./src/fontfile/dirfile.c 2017-11-29 00:35:44.400069349 -0600 +@@ -41,6 +41,7 @@ + #include <stdio.h> + #include <sys/types.h> + #include <sys/stat.h> ++#include <fcntl.h> + #include <errno.h> + + static Bool AddFileNameAliases ( FontDirectoryPtr dir ); +@@ -57,8 +58,9 @@ + char dir_file[MAXFONTFILENAMELEN]; + char dir_path[MAXFONTFILENAMELEN]; + char *ptr; +- FILE *file; +- int count, ++ FILE *file = 0; ++ int file_fd, ++ count, + num_fonts, + status; + struct stat statb; +@@ -88,7 +90,14 @@ + if (dir_file[strlen(dir_file) - 1] != '/') + strcat(dir_file, "/"); + strcat(dir_file, FontDirFile); ++#ifndef WIN32 ++ file_fd = open(dir_file, O_RDONLY | O_NOFOLLOW); ++ if (file_fd >= 0) { ++ file = fdopen(file_fd, "rt"); ++ } ++#else + file = fopen(dir_file, "rt"); ++#endif + if (file) { + #ifndef WIN32 + if (fstat (fileno(file), &statb) == -1) +@@ -258,7 +267,8 @@ + char alias[MAXFONTNAMELEN]; + char font_name[MAXFONTNAMELEN]; + char alias_file[MAXFONTFILENAMELEN]; +- FILE *file; ++ int file_fd; ++ FILE *file = 0; + FontDirectoryPtr dir; + int token; + char *lexToken; +@@ -276,7 +286,16 @@ + strcat(alias_file, "/"); + strcat(alias_file, FontAliasFile); + } ++ ++#ifndef WIN32 ++ file_fd = open(alias_file, O_RDONLY | O_NOFOLLOW); ++ if (file_fd >= 0) { ++ file = fdopen(file_fd, "rt"); ++ } ++#else + file = fopen(alias_file, "rt"); ++#endif ++ + if (!file) + return ((errno == ENOENT) ? Successful : BadFontPath); + if (!dir) diff --git a/patches/source/libXfont/slack-desc/libXfont b/patches/source/libXfont/slack-desc/libXfont new file mode 100644 index 000000000..d78d6a0e9 --- /dev/null +++ b/patches/source/libXfont/slack-desc/libXfont @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXfont: libXfont (library for legacy X11 font system) +libXfont: +libXfont: libXfont provides the core of the legacy X11 font system, handling the +libXfont: index files (fonts.dir, fonts.alias, fonts.scale), the various font +libXfont: file formats, and rasterizing them. It is used by the X servers, the +libXfont: X Font Server (xfs), and some font utilities (bdftopcf for instance), +libXfont: but should not be used by normal X11 clients. X11 clients access fonts +libXfont: via either the new API's in libXft, or the legacy API's in libX11. +libXfont: +libXfont: +libXfont: diff --git a/patches/source/libXfont/x11-build-script.sh b/patches/source/libXfont/x11-build-script.sh new file mode 100755 index 000000000..6da53346f --- /dev/null +++ b/patches/source/libXfont/x11-build-script.sh @@ -0,0 +1,374 @@ +#!/bin/sh +# Copyright 2007-2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# This is default. To not upgrade, pass UPGRADE_PACKAGES=no (or anything else). +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXi/arch.use.flags b/patches/source/libXi/arch.use.flags new file mode 100644 index 000000000..11087c884 --- /dev/null +++ b/patches/source/libXi/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXi/build/libXi b/patches/source/libXi/build/libXi new file mode 100644 index 000000000..1551cb6a4 --- /dev/null +++ b/patches/source/libXi/build/libXi @@ -0,0 +1 @@ +1_slack13.0 diff --git a/patches/source/libXi/configure/configure b/patches/source/libXi/configure/configure new file mode 100644 index 000000000..dcb1109bd --- /dev/null +++ b/patches/source/libXi/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXi/libXi.SlackBuild b/patches/source/libXi/libXi.SlackBuild new file mode 100755 index 000000000..eea1be6d5 --- /dev/null +++ b/patches/source/libXi/libXi.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild lib libXi +mv /tmp/x11-build/libXi*txz /tmp diff --git a/patches/source/libXi/modularize b/patches/source/libXi/modularize new file mode 100644 index 000000000..8a28ed93e --- /dev/null +++ b/patches/source/libXi/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXi/noarch b/patches/source/libXi/noarch new file mode 100644 index 000000000..8785ee527 --- /dev/null +++ b/patches/source/libXi/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libXi/package-blacklist b/patches/source/libXi/package-blacklist new file mode 100644 index 000000000..603b8c31f --- /dev/null +++ b/patches/source/libXi/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXi/slack-desc/libXi b/patches/source/libXi/slack-desc/libXi new file mode 100644 index 000000000..4585f82e1 --- /dev/null +++ b/patches/source/libXi/slack-desc/libXi @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXi: libXi (library for the X Input Extension) +libXi: +libXi: libXi is part of X11. +libXi: +libXi: For more information about the X.Org Foundation (the providers of the +libXi: X.Org implementation of the X Window System), see their website: +libXi: +libXi: http://www.x.org +libXi: +libXi: +libXi: diff --git a/patches/source/libXi/slack-desc/libXinerama b/patches/source/libXi/slack-desc/libXinerama new file mode 100644 index 000000000..3b16b81f7 --- /dev/null +++ b/patches/source/libXi/slack-desc/libXinerama @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXinerama: libXinerama (library for Xinerama extension to X11 Protocol) +libXinerama: +libXinerama: libXinerama is part of X11. +libXinerama: +libXinerama: For more information about the X.Org Foundation (the providers of the +libXinerama: X.Org implementation of the X Window System), see their website: +libXinerama: +libXinerama: http://www.x.org +libXinerama: +libXinerama: +libXinerama: diff --git a/patches/source/libXi/x11.SlackBuild b/patches/source/libXi/x11.SlackBuild new file mode 100755 index 000000000..c3887dff2 --- /dev/null +++ b/patches/source/libXi/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXrandr/arch.use.flags b/patches/source/libXrandr/arch.use.flags new file mode 100644 index 000000000..11087c884 --- /dev/null +++ b/patches/source/libXrandr/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXrandr/build/libXrandr b/patches/source/libXrandr/build/libXrandr new file mode 100644 index 000000000..1551cb6a4 --- /dev/null +++ b/patches/source/libXrandr/build/libXrandr @@ -0,0 +1 @@ +1_slack13.0 diff --git a/patches/source/libXrandr/configure/configure b/patches/source/libXrandr/configure/configure new file mode 100644 index 000000000..dcb1109bd --- /dev/null +++ b/patches/source/libXrandr/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXrandr/libXrandr.SlackBuild b/patches/source/libXrandr/libXrandr.SlackBuild new file mode 100755 index 000000000..8bc75df35 --- /dev/null +++ b/patches/source/libXrandr/libXrandr.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild lib libXrandr +mv /tmp/x11-build/libXrandr*txz /tmp diff --git a/patches/source/libXrandr/modularize b/patches/source/libXrandr/modularize new file mode 100644 index 000000000..8a28ed93e --- /dev/null +++ b/patches/source/libXrandr/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXrandr/noarch b/patches/source/libXrandr/noarch new file mode 100644 index 000000000..8785ee527 --- /dev/null +++ b/patches/source/libXrandr/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libXrandr/package-blacklist b/patches/source/libXrandr/package-blacklist new file mode 100644 index 000000000..603b8c31f --- /dev/null +++ b/patches/source/libXrandr/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXrandr/slack-desc/libXrandr b/patches/source/libXrandr/slack-desc/libXrandr new file mode 100644 index 000000000..ad2e243b8 --- /dev/null +++ b/patches/source/libXrandr/slack-desc/libXrandr @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXrandr: libXrandr (X Resize, Rotate and Reflection extension library) +libXrandr: +libXrandr: libXrandr is part of X11. +libXrandr: +libXrandr: For more information about the X.Org Foundation (the providers of the +libXrandr: X.Org implementation of the X Window System), see their website: +libXrandr: +libXrandr: http://www.x.org +libXrandr: +libXrandr: +libXrandr: diff --git a/patches/source/libXrandr/x11.SlackBuild b/patches/source/libXrandr/x11.SlackBuild new file mode 100755 index 000000000..c3887dff2 --- /dev/null +++ b/patches/source/libXrandr/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXrender/arch.use.flags b/patches/source/libXrender/arch.use.flags new file mode 100644 index 000000000..11087c884 --- /dev/null +++ b/patches/source/libXrender/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXrender/build/libXrender b/patches/source/libXrender/build/libXrender new file mode 100644 index 000000000..1551cb6a4 --- /dev/null +++ b/patches/source/libXrender/build/libXrender @@ -0,0 +1 @@ +1_slack13.0 diff --git a/patches/source/libXrender/configure/configure b/patches/source/libXrender/configure/configure new file mode 100644 index 000000000..dcb1109bd --- /dev/null +++ b/patches/source/libXrender/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXrender/libXrender.SlackBuild b/patches/source/libXrender/libXrender.SlackBuild new file mode 100755 index 000000000..b18aef0ea --- /dev/null +++ b/patches/source/libXrender/libXrender.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild lib libXrender +mv /tmp/x11-build/libXrender*txz /tmp diff --git a/patches/source/libXrender/modularize b/patches/source/libXrender/modularize new file mode 100644 index 000000000..8a28ed93e --- /dev/null +++ b/patches/source/libXrender/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXrender/noarch b/patches/source/libXrender/noarch new file mode 100644 index 000000000..8785ee527 --- /dev/null +++ b/patches/source/libXrender/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libXrender/package-blacklist b/patches/source/libXrender/package-blacklist new file mode 100644 index 000000000..603b8c31f --- /dev/null +++ b/patches/source/libXrender/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXrender/slack-desc/libXrender b/patches/source/libXrender/slack-desc/libXrender new file mode 100644 index 000000000..c5fe72697 --- /dev/null +++ b/patches/source/libXrender/slack-desc/libXrender @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXrender: libXrender (library for the Render Extension to the X11 protocol) +libXrender: +libXrender: libXrender is part of X11. +libXrender: +libXrender: For more information about the X.Org Foundation (the providers of the +libXrender: X.Org implementation of the X Window System), see their website: +libXrender: +libXrender: http://www.x.org +libXrender: +libXrender: +libXrender: diff --git a/patches/source/libXrender/x11.SlackBuild b/patches/source/libXrender/x11.SlackBuild new file mode 100755 index 000000000..c3887dff2 --- /dev/null +++ b/patches/source/libXrender/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXtst/arch.use.flags b/patches/source/libXtst/arch.use.flags new file mode 100644 index 000000000..11087c884 --- /dev/null +++ b/patches/source/libXtst/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXtst/build/libXtst b/patches/source/libXtst/build/libXtst new file mode 100644 index 000000000..1551cb6a4 --- /dev/null +++ b/patches/source/libXtst/build/libXtst @@ -0,0 +1 @@ +1_slack13.0 diff --git a/patches/source/libXtst/configure/configure b/patches/source/libXtst/configure/configure new file mode 100644 index 000000000..dcb1109bd --- /dev/null +++ b/patches/source/libXtst/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXtst/libXtst.SlackBuild b/patches/source/libXtst/libXtst.SlackBuild new file mode 100755 index 000000000..0a4bb9400 --- /dev/null +++ b/patches/source/libXtst/libXtst.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild lib libXtst +mv /tmp/x11-build/libXtst*txz /tmp diff --git a/patches/source/libXtst/modularize b/patches/source/libXtst/modularize new file mode 100644 index 000000000..8a28ed93e --- /dev/null +++ b/patches/source/libXtst/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXtst/noarch b/patches/source/libXtst/noarch new file mode 100644 index 000000000..8785ee527 --- /dev/null +++ b/patches/source/libXtst/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libXtst/package-blacklist b/patches/source/libXtst/package-blacklist new file mode 100644 index 000000000..603b8c31f --- /dev/null +++ b/patches/source/libXtst/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXtst/slack-desc/libXtst b/patches/source/libXtst/slack-desc/libXtst new file mode 100644 index 000000000..63b93c019 --- /dev/null +++ b/patches/source/libXtst/slack-desc/libXtst @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXtst: libXtst (client library for the XTEST & RECORD extensions) +libXtst: +libXtst: libXtst is part of X11. +libXtst: +libXtst: For more information about the X.Org Foundation (the providers of the +libXtst: X.Org implementation of the X Window System), see their website: +libXtst: +libXtst: http://www.x.org +libXtst: +libXtst: +libXtst: diff --git a/patches/source/libXtst/x11.SlackBuild b/patches/source/libXtst/x11.SlackBuild new file mode 100755 index 000000000..c3887dff2 --- /dev/null +++ b/patches/source/libXtst/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXv/arch.use.flags b/patches/source/libXv/arch.use.flags new file mode 100644 index 000000000..11087c884 --- /dev/null +++ b/patches/source/libXv/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXv/build/libXv b/patches/source/libXv/build/libXv new file mode 100644 index 000000000..1551cb6a4 --- /dev/null +++ b/patches/source/libXv/build/libXv @@ -0,0 +1 @@ +1_slack13.0 diff --git a/patches/source/libXv/configure/configure b/patches/source/libXv/configure/configure new file mode 100644 index 000000000..dcb1109bd --- /dev/null +++ b/patches/source/libXv/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXv/libXv.SlackBuild b/patches/source/libXv/libXv.SlackBuild new file mode 100755 index 000000000..b4a99f6c8 --- /dev/null +++ b/patches/source/libXv/libXv.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild lib libXv +mv /tmp/x11-build/libXv*txz /tmp diff --git a/patches/source/libXv/modularize b/patches/source/libXv/modularize new file mode 100644 index 000000000..8a28ed93e --- /dev/null +++ b/patches/source/libXv/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXv/noarch b/patches/source/libXv/noarch new file mode 100644 index 000000000..8785ee527 --- /dev/null +++ b/patches/source/libXv/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libXv/package-blacklist b/patches/source/libXv/package-blacklist new file mode 100644 index 000000000..603b8c31f --- /dev/null +++ b/patches/source/libXv/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXv/slack-desc/libXv b/patches/source/libXv/slack-desc/libXv new file mode 100644 index 000000000..d72865bf0 --- /dev/null +++ b/patches/source/libXv/slack-desc/libXv @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXv: libXv (library for the X Video (Xv) extension to the X Window System) +libXv: +libXv: libXv is part of X11. +libXv: +libXv: For more information about the X.Org Foundation (the providers of the +libXv: X.Org implementation of the X Window System), see their website: +libXv: +libXv: http://www.x.org +libXv: +libXv: +libXv: diff --git a/patches/source/libXv/slack-desc/libXvMC b/patches/source/libXv/slack-desc/libXvMC new file mode 100644 index 000000000..aecd7f3aa --- /dev/null +++ b/patches/source/libXv/slack-desc/libXvMC @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXvMC: libXvMC (X.Org X11 libXvMC runtime library) +libXvMC: +libXvMC: libXvMC is part of X11. +libXvMC: +libXvMC: For more information about the X.Org Foundation (the providers of the +libXvMC: X.Org implementation of the X Window System), see their website: +libXvMC: +libXvMC: http://www.x.org +libXvMC: +libXvMC: +libXvMC: diff --git a/patches/source/libXv/x11.SlackBuild b/patches/source/libXv/x11.SlackBuild new file mode 100755 index 000000000..c3887dff2 --- /dev/null +++ b/patches/source/libXv/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libXvMC/arch.use.flags b/patches/source/libXvMC/arch.use.flags new file mode 100644 index 000000000..11087c884 --- /dev/null +++ b/patches/source/libXvMC/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libXvMC/build/libXvMC b/patches/source/libXvMC/build/libXvMC new file mode 100644 index 000000000..1551cb6a4 --- /dev/null +++ b/patches/source/libXvMC/build/libXvMC @@ -0,0 +1 @@ +1_slack13.0 diff --git a/patches/source/libXvMC/configure/configure b/patches/source/libXvMC/configure/configure new file mode 100644 index 000000000..dcb1109bd --- /dev/null +++ b/patches/source/libXvMC/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libXvMC/libXvMC.SlackBuild b/patches/source/libXvMC/libXvMC.SlackBuild new file mode 100755 index 000000000..2b6579726 --- /dev/null +++ b/patches/source/libXvMC/libXvMC.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild lib libXvMC +mv /tmp/x11-build/libXvMC*txz /tmp diff --git a/patches/source/libXvMC/modularize b/patches/source/libXvMC/modularize new file mode 100644 index 000000000..8a28ed93e --- /dev/null +++ b/patches/source/libXvMC/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libXvMC/noarch b/patches/source/libXvMC/noarch new file mode 100644 index 000000000..8785ee527 --- /dev/null +++ b/patches/source/libXvMC/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libXvMC/package-blacklist b/patches/source/libXvMC/package-blacklist new file mode 100644 index 000000000..603b8c31f --- /dev/null +++ b/patches/source/libXvMC/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libXvMC/slack-desc/libXvMC b/patches/source/libXvMC/slack-desc/libXvMC new file mode 100644 index 000000000..aecd7f3aa --- /dev/null +++ b/patches/source/libXvMC/slack-desc/libXvMC @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libXvMC: libXvMC (X.Org X11 libXvMC runtime library) +libXvMC: +libXvMC: libXvMC is part of X11. +libXvMC: +libXvMC: For more information about the X.Org Foundation (the providers of the +libXvMC: X.Org implementation of the X Window System), see their website: +libXvMC: +libXvMC: http://www.x.org +libXvMC: +libXvMC: +libXvMC: diff --git a/patches/source/libXvMC/x11.SlackBuild b/patches/source/libXvMC/x11.SlackBuild new file mode 100755 index 000000000..c3887dff2 --- /dev/null +++ b/patches/source/libXvMC/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libexif/libexif.SlackBuild b/patches/source/libexif/libexif.SlackBuild new file mode 100755 index 000000000..12d315962 --- /dev/null +++ b/patches/source/libexif/libexif.SlackBuild @@ -0,0 +1,97 @@ +#!/bin/sh + +# Copyright 2008, 2009 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=libexif +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +NUMJOBS=${NUMJOBS:-" -j7 "} +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i486 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7lh ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-libexif + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf libexif-$VERSION +tar xvf $CWD/libexif-$VERSION.tar.?z* || exit 1 +cd libexif-$VERSION +zcat $CWD/libexif.pc.diff.gz | patch -p1 --verbose || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --disable-static \ + --localstatedir=/var/lib \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +strip -g $PKG/usr/lib/*.a + +rm -rf $PKG/usr/share/doc +mkdir -p $PKG/usr/doc/libexif-$VERSION +cp -a \ + ABOUT-NLS AUTHORS COPYING NEWS README \ + $PKG/usr/doc/libexif-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/libexif-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/libexif/libexif.pc.diff b/patches/source/libexif/libexif.pc.diff new file mode 100644 index 000000000..9ccd12d89 --- /dev/null +++ b/patches/source/libexif/libexif.pc.diff @@ -0,0 +1,8 @@ +--- ./libexif.pc.in.orig 2011-05-18 23:41:01.000000000 -0500 ++++ ./libexif.pc.in 2012-07-17 22:23:32.283678691 -0500 +@@ -9,4 +9,4 @@ + Version: @VERSION@ + Libs: -L${libdir} -lexif + Libs.private: -lm +-Cflags: -I${includedir} ++Cflags: -I${includedir}/libexif diff --git a/patches/source/libexif/slack-desc b/patches/source/libexif/slack-desc new file mode 100644 index 000000000..992e1915d --- /dev/null +++ b/patches/source/libexif/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libexif: libexif (Exchangeable Image File Format library) +libexif: +libexif: EXIF stands for Exchangeable Image File Format, which is a format used +libexif: to store extra information in images such as the JPEG files produced +libexif: by digital cameras. The libexif library allows programs such as +libexif: gthumb to parse, edit, and save EXIF data. +libexif: +libexif: +libexif: +libexif: +libexif: diff --git a/patches/source/libgcrypt/libgcrypt.SlackBuild b/patches/source/libgcrypt/libgcrypt.SlackBuild new file mode 100755 index 000000000..e51baa2e9 --- /dev/null +++ b/patches/source/libgcrypt/libgcrypt.SlackBuild @@ -0,0 +1,104 @@ +#!/bin/sh + +# Copyright 2006-2009 Robby Workman, Northport, AL, USA +# Copyright 2007, 2008, 2009 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=libgcrypt +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i486 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7lh ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/pkg-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.bz2 || exit 1 +cd $PKGNAM-$VERSION +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --infodir=/usr/info \ + --docdir=/usr/doc/libgcrypt-$VERSION \ + --enable-shared=yes \ + --enable-static=yes \ + --program-prefix="" \ + --program-suffix="" \ + --build=$ARCH-slackware-linux \ + --host=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +rm -f $PKG/usr/info/dir +gzip -9 $PKG/usr/info/* + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + AUTHORS BUGS COPYING* ChangeLog INSTALL NEWS \ + README README.SVN THANKS TODO VERSION \ + $PKG/usr/doc/$PKGNAM-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/libgcrypt/slack-desc b/patches/source/libgcrypt/slack-desc new file mode 100644 index 000000000..365fab642 --- /dev/null +++ b/patches/source/libgcrypt/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libgcrypt: libgcrypt (General purpose crypto library) +libgcrypt: +libgcrypt: Libgcrypt is a general purpose crypto library based on the code +libgcrypt: used in GnuPG. +libgcrypt: +libgcrypt: +libgcrypt: +libgcrypt: +libgcrypt: +libgcrypt: +libgcrypt: diff --git a/patches/source/libgpg-error/libgpg-error.SlackBuild b/patches/source/libgpg-error/libgpg-error.SlackBuild new file mode 100755 index 000000000..c2dbb2688 --- /dev/null +++ b/patches/source/libgpg-error/libgpg-error.SlackBuild @@ -0,0 +1,118 @@ +#!/bin/sh + +# Copyright 2006, 2009 Robby Workman, Northport, AL, USA +# Copyright 2007, 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SCRIPT IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SCRIPT, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=libgpg-error +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.bz2 || exit 1 +cd $PKGNAM-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --infodir=/usr/info \ + --docdir=/usr/doc/$PKGNAM-$VERSION \ + --enable-shared=yes \ + --enable-static=yes \ + --build=$ARCH-slackware-linux \ + --host=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG + +# Move the shared library to $PKG/lib${LIBDIRSUFFIX}: +mkdir -p $PKG/lib${LIBDIRSUFFIX} +( cd $PKG/usr/lib${LIBDIRSUFFIX} + for file in lib*.so.?.* ; do + mv $file ../../lib${LIBDIRSUFFIX} + ln -sf ../../lib${LIBDIRSUFFIX}/$file . + done + cp -a lib*.so.? ../../lib${LIBDIRSUFFIX} +) + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a \ + AUTHORS COPYING* INSTALL NEWS README* THANKS VERSION \ + $PKG/usr/doc/$PKGNAM-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/libgpg-error/slack-desc b/patches/source/libgpg-error/slack-desc new file mode 100644 index 000000000..1d0969cd8 --- /dev/null +++ b/patches/source/libgpg-error/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libgpg-error: libgpg-error (GnuPG Error Definitions Library) +libgpg-error: +libgpg-error: This is a library that defines common error values for all GnuPG +libgpg-error: components. Among these are GPG, GPGSM, GPGME, GPG-Agent, +libgpg-error: libgcrypt, Libksba, DirMngr, Pinentry, SmartCard Daemon, and more. +libgpg-error: +libgpg-error: +libgpg-error: +libgpg-error: +libgpg-error: +libgpg-error: diff --git a/patches/source/libidn/libidn.SlackBuild b/patches/source/libidn/libidn.SlackBuild new file mode 100755 index 000000000..b9d7c23b1 --- /dev/null +++ b/patches/source/libidn/libidn.SlackBuild @@ -0,0 +1,137 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2018 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +cd $(dirname $0) ; CWD=$(pwd) + +PKGNAM=libidn +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz" + exit 0 +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +TMP=${TMP:-/tmp} +PKG=$TMP/package-libidn + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf libidn-$VERSION +tar xvf $CWD/libidn-$VERSION.tar.?z || exit 1 +cd libidn-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --disable-static \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Compress info pages and purge "dir" file from the package: +if [ -d $PKG/usr/info ]; then + ( cd $PKG/usr/info + rm -f dir + gzip -9 * + ) +fi + +mkdir -p $PKG/usr/doc/libidn-$VERSION +cp -a \ + ABOUT-NLS AUTHORS COPYING* FAQ INSTALL NEWS README* THANKS TODO \ + contrib \ + libidn/libidn.html \ + $PKG/usr/doc/libidn-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/libidn-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/libidn/slack-desc b/patches/source/libidn/slack-desc new file mode 100644 index 000000000..a10cfe7b5 --- /dev/null +++ b/patches/source/libidn/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libidn: libidn (GNU Internationalized Domain Name library) +libidn: +libidn: GNU Libidn is an implementation of the Stringprep, Punycode and IDNA +libidn: specifications defined by the IETF Internationalized Domain Names +libidn: (IDN) working group, used for internationalized domain names. +libidn: +libidn: +libidn: +libidn: +libidn: +libidn: diff --git a/patches/source/libjpeg/jpeg-6b.diff b/patches/source/libjpeg/jpeg-6b.diff new file mode 100644 index 000000000..8ad8bb5db --- /dev/null +++ b/patches/source/libjpeg/jpeg-6b.diff @@ -0,0 +1,59 @@ +--- makefile.cfg.orig Sat Mar 21 13:08:57 1998 ++++ makefile.cfg Tue Oct 6 19:15:26 1998 +@@ -21,6 +21,8 @@ + + # The name of your C compiler: + CC= @CC@ ++SONAME=libjpeg.so.62 ++SHLIBNAME=libjpeg.so.62.0.0 + + # You may need to adjust these cc options: + CFLAGS= @CFLAGS@ @CPPFLAGS@ @INCLUDEFLAGS@ +@@ -125,6 +127,7 @@ + jdsample.$(O) jdcolor.$(O) jquant1.$(O) jquant2.$(O) jdmerge.$(O) + # These objectfiles are included in libjpeg.a + LIBOBJECTS= $(CLIBOBJECTS) $(DLIBOBJECTS) $(COMOBJECTS) ++SHLIBOBJECTS= $(LIBOBJECTS:%.o=%.so) + # object files for sample applications (excluding library files) + COBJECTS= cjpeg.$(O) rdppm.$(O) rdgif.$(O) rdtarga.$(O) rdrle.$(O) \ + rdbmp.$(O) rdswitch.$(O) cdjpeg.$(O) +@@ -133,7 +136,7 @@ + TROBJECTS= jpegtran.$(O) rdswitch.$(O) cdjpeg.$(O) transupp.$(O) + + +-all: @A2K_DEPS@ libjpeg.$(A) cjpeg djpeg jpegtran rdjpgcom wrjpgcom ++all: @A2K_DEPS@ libjpeg.$(A) $(SHLIBNAME) cjpeg djpeg jpegtran rdjpgcom wrjpgcom + + # Special compilation rules to support ansi2knr and libtool. + .SUFFIXES: .lo .la +@@ -171,6 +174,11 @@ + $(LIBTOOL) --mode=link $(CC) -o libjpeg.la $(LIBOBJECTS) \ + -rpath $(libdir) -version-info $(JPEG_LIB_VERSION) + ++# shared library ++ ++$(SHLIBNAME): @A2K_DEPS@ $(SHLIBOBJECTS) ++ gcc -o $(SHLIBNAME) -Wl,-soname,$(SONAME) -shared $(SHLIBOBJECTS) ++ + # sample programs: + + cjpeg: $(COBJECTS) libjpeg.$(A) +@@ -214,7 +222,7 @@ + clean: + $(RM) *.o *.lo libjpeg.a libjpeg.la + $(RM) cjpeg djpeg jpegtran rdjpgcom wrjpgcom +- $(RM) ansi2knr core testout* config.log config.status ++ $(RM) ansi2knr core testout* config.log config.status $(SHLIBNAME) + $(RM) -r knr .libs _libs + + distclean: clean +@@ -289,6 +297,9 @@ + jidctfst.$(O): jidctfst.c jinclude.h jconfig.h jpeglib.h jmorecfg.h jpegint.h jerror.h jdct.h + jidctint.$(O): jidctint.c jinclude.h jconfig.h jpeglib.h jmorecfg.h jpegint.h jerror.h jdct.h + jidctred.$(O): jidctred.c jinclude.h jconfig.h jpeglib.h jmorecfg.h jpegint.h jerror.h jdct.h ++ ++%.so : %.c ++ $(CC) -c -fPIC $(CFLAGS) $(CPPFLAGS) $< -o $@ + jquant1.$(O): jquant1.c jinclude.h jconfig.h jpeglib.h jmorecfg.h jpegint.h jerror.h + jquant2.$(O): jquant2.c jinclude.h jconfig.h jpeglib.h jmorecfg.h jpegint.h jerror.h + jutils.$(O): jutils.c jinclude.h jconfig.h jpeglib.h jmorecfg.h jpegint.h jerror.h diff --git a/patches/source/libjpeg/jpeg.CVE-2013-6629.diff b/patches/source/libjpeg/jpeg.CVE-2013-6629.diff new file mode 100644 index 000000000..37c267a1d --- /dev/null +++ b/patches/source/libjpeg/jpeg.CVE-2013-6629.diff @@ -0,0 +1,32 @@ +From f457207b57d0e234cf7a174d20a7db424b82173d Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Fri, 22 Nov 2013 +Subject: CVE-2013-6629 + +get_sos() in jdmarker.c does not check for duplication of component data +while reading segments following Start Of Scan (SOS) JPEG markers. This +allows remote attackers to obtain sensitive information from uninitialized +memory locations via crafted JPEG images. + +Adapted from: +https://codereview.chromium.org/download/issue31603002_1.diff + +--- + jdmarker.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +--- a/jdmarker.c ++++ b/jdmarker.c +@@ -347,6 +347,12 @@ get_sos (j_decompress_ptr cinfo) + + TRACEMS3(cinfo, 1, JTRC_SOS_COMPONENT, cc, + compptr->dc_tbl_no, compptr->ac_tbl_no); ++ ++ /* This CSi (cc) should differ from the previous CSi */ ++ for (ci = 0; ci < i; ci++) { ++ if (cinfo->cur_comp_info[ci] == compptr) ++ ERREXIT1(cinfo, JERR_BAD_COMPONENT_ID, cc); ++ } + } + + /* Collect the additional scan parameters Ss, Se, Ah/Al. */ diff --git a/patches/source/libjpeg/libjpeg.SlackBuild b/patches/source/libjpeg/libjpeg.SlackBuild new file mode 100755 index 000000000..21063ce68 --- /dev/null +++ b/patches/source/libjpeg/libjpeg.SlackBuild @@ -0,0 +1,103 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-6b} +BUILD=${BUILD:-6_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i486 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7lh ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-libjpeg + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +# Explode the package framework: +cd $PKG +explodepkg $CWD/_libjpeg.tar.gz +if [ "$ARCH" = "x86_64" ]; then + mv usr/lib usr/lib${LIBDIRSUFFIX} + sed -i -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" install/doinst.sh +fi + +cd $TMP +rm -rf jpeg-6b +tar xzvf $CWD/jpegsrc.v6b.tar.gz +cd jpeg-6b +chown -R root:root . +zcat $CWD/jpeg-6b.diff.gz | patch -p0 -E +zcat $CWD/jpeg.CVE-2013-6629.diff.gz | patch -p1 --verbose || exit 1 +export CFLAGS="$SLKCFLAGS" +./configure \ + --libdir=/usr/lib${LIBDIRSUFFIX} +make -j3 || exit 1 +strip cjpeg djpeg rdjpgcom wrjpgcom jpegtran +cat cjpeg > $PKG/usr/bin/cjpeg +cat djpeg > $PKG/usr/bin/djpeg +cat jpegtran > $PKG/usr/bin/jpegtran +cat rdjpgcom > $PKG/usr/bin/rdjpgcom +cat wrjpgcom > $PKG/usr/bin/wrjpgcom +for page in cjpeg.1 djpeg.1 jpegtran.1 rdjpgcom.1 wrjpgcom.1 ; do + cat $page | gzip -9c > $PKG/usr/man/man1/$page.gz +done +strip --strip-unneeded libjpeg.so.62.0.0 +cat libjpeg.so.62.0.0 > $PKG/usr/lib${LIBDIRSUFFIX}/libjpeg.so.62.0.0 +cat libjpeg.a > $PKG/usr/lib${LIBDIRSUFFIX}/libjpeg.a +cp -a jconfig.h jpeglib.h jmorecfg.h jerror.h $PKG/usr/include +# KDE includes this complete header list, but the libjpeg source doesn't +# suggest it, and we trust them. :) +#for file in jchuff.h jdhuff.h jdct.h jerror.h jinclude.h jmemsys.h \ +# jmorecfg.h jpegint.h jpeglib.h jversion.h cdjpeg.h cderror.h jconfig.h ; do +# cp -a $file $PKG/usr/include +#done +mkdir -p $PKG/usr/doc/libjpeg-$VERSION +cp -a README *.doc $PKG/usr/doc/libjpeg-$VERSION +chmod 644 $PKG/usr/doc/libjpeg-$VERSION/* +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +makepkg -c y -l y $TMP/libjpeg-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/libjpeg/slack-desc b/patches/source/libjpeg/slack-desc new file mode 100644 index 000000000..d1add7fdf --- /dev/null +++ b/patches/source/libjpeg/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libjpeg: libjpeg (Independent JPEG Group's JPEG software) +libjpeg: +libjpeg: Software to implement JPEG image compression and decompression. JPEG +libjpeg: (pronounced 'jay-peg') is a standardized compression method for +libjpeg: full-color and gray-scale images. JPEG is intended for compressing +libjpeg: 'real-world' scenes; cartoons and other non-realistic images are not +libjpeg: its strong suit. JPEG is lossy, however, on typical images of +libjpeg: real-world scenes, very good compression levels can be obtained with +libjpeg: no visible change, and amazingly high compression levels are possible +libjpeg: if you can tolerate a low-quality image. +libjpeg: diff --git a/patches/source/libpng/libpng.SlackBuild b/patches/source/libpng/libpng.SlackBuild new file mode 100755 index 000000000..b5bcd8e6b --- /dev/null +++ b/patches/source/libpng/libpng.SlackBuild @@ -0,0 +1,102 @@ +#!/bin/sh + +# Copyright 2005-2009 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=1.2.57 +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-libpng +rm -rf $PKG +mkdir -p $TMP $PKG/usr + +cd $TMP +rm -rf libpng-$VERSION +tar xvf $CWD/libpng-$VERSION.tar.xz || exit 1 +cd libpng-$VERSION +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Might as well link to -lz -lm, since the ./configure seems +# to be doing it that way now... finally. That'll prevent +# a couple of emails a week. :-) +zcat $CWD/libpng.libs.diff.gz | patch -p1 --verbose || exit 1 + +# Need this to substitute macros, but we'll keep using the +# pre-built Makefile for now anyway... +./configure --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} + +# Link the custom makefile: +ln -sf scripts/makefile.linux ./Makefile + +make -j4 prefix=/usr LIBPATH=/usr/lib${LIBDIRSUFFIX} || exit 1 +make install prefix=/usr LIBPATH=/usr/lib${LIBDIRSUFFIX} DESTDIR=$PKG + +# This symlink is needed to keep old applications running: +# I guess the real lib used the major number 3, then 0 for +# a short while, and now .3 again. Hopefully it will stay +# this way as it was .3 in Slackware 10.2. One can hope. +( cd $PKG/usr/lib${LIBDIRSUFFIX} + if [ ! -e libpng.so.0 -a -e libpng.so.3 ]; then + ln -sf libpng.so.3 libpng.so.0 + fi +) + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +gzip -9 $PKG/usr/man/man?/* + +mkdir -p $PKG/usr/doc/libpng-$VERSION +cp -a \ + ANNOUNCE CHANGES INSTALL KNOWNBUG LICENSE README TODO Y2KINFO \ + libpng*.txt example.c \ + $PKG/usr/doc/libpng-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/libpng-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/libpng/libpng.libs.diff b/patches/source/libpng/libpng.libs.diff new file mode 100644 index 000000000..814365f6f --- /dev/null +++ b/patches/source/libpng/libpng.libs.diff @@ -0,0 +1,18 @@ +diff -ruN libpng-1.2.12/scripts/makefile.linux libpng-1.2.12-ldhack/scripts/makefile.linux
+--- libpng-1.2.12/scripts/makefile.linux 2006-06-27 22:22:40.000000000 +0200
++++ libpng-1.2.12-ldhack/scripts/makefile.linux 2006-08-25 14:27:08.000000000 +0200
+@@ -110,12 +110,12 @@
+ $(LN_SF) $(LIBSOVER) $(LIBSOMAJ)
+
+ $(LIBSOVER): $(OBJSDLL)
+- $(CC) -shared -Wl,-soname,$(LIBSOMAJ) -o $(LIBSOVER) $(OBJSDLL)
++ $(CC) -shared -Wl,-soname,$(LIBSOMAJ) -o $(LIBSOVER) $(OBJSDLL) -lm -lz
+
+ $(OLDSOVER): $(OBJSDLL)
+ $(CC) -shared -Wl,-soname,$(OLDSOMAJ) \
+ -o $(OLDSOVER) \
+- $(OBJSDLL)
++ $(OBJSDLL) -lm -lz
+
+ pngtest: pngtest.o $(LIBSO)
+ $(CC) -o pngtest $(CFLAGS) pngtest.o $(LDFLAGS)
diff --git a/patches/source/libpng/slack-desc b/patches/source/libpng/slack-desc new file mode 100644 index 000000000..54d1d0f92 --- /dev/null +++ b/patches/source/libpng/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libpng: libpng (Portable Network Graphics library) +libpng: +libpng: PNG (Portable Network Graphics) is an extensible file format for the +libpng: lossless, portable, well-compressed storage of raster images. PNG +libpng: provides a patent-free replacement for GIF and can also replace many +libpng: common uses of TIFF. Indexed-color, grayscale, and truecolor images +libpng: are supported, plus an optional alpha channel. Sample depths range +libpng: from 1 to 16 bits. +libpng: +libpng: +libpng: diff --git a/patches/source/libtiff/libtiff.SlackBuild b/patches/source/libtiff/libtiff.SlackBuild new file mode 100755 index 000000000..f6e18662c --- /dev/null +++ b/patches/source/libtiff/libtiff.SlackBuild @@ -0,0 +1,122 @@ +#!/bin/sh + +# Copyright 2005-2013 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +VERSION=${VERSION:-$(echo tiff-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=1_slack13.0 + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-libtiff + +rm -rf $PKG +mkdir -p $PKG +cd $TMP +rm -rf tiff-$VERSION +tar xvf $CWD/tiff-$VERSION.tar.?z* || exit 1 +cd tiff-$VERSION + +zcat $CWD/tiff-3.9.7_CVE-2012-4447_CVE-2012-4564_CVE-2013-1960_CVE-2013-1961.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/tiff-3.9.7_CVE-2013-4231.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/tiff-3.9.7_CVE-2013-4232.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/tiff-3.9.7_CVE-2013-4244.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --program-prefix="" \ + --program-suffix="" \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 +( cd man ; make install-man DESTDIR=$PKG || exit 1 ) || exit 1 +rm -r $PKG/usr/share +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) +strip -g $PKG/usr/lib${LIBDIRSUFFIX}/lib*.a +chmod 755 $PKG/usr/lib${LIBDIRSUFFIX}/libtiff*.so.* +mkdir -p $PKG/usr/doc/libtiff-$VERSION +cp -a \ + COPYRIGHT README RELEASE-DATE TODO VERSION \ + $PKG/usr/doc/libtiff-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mv $PKG/usr/local/man $PKG/usr +rmdir $PKG/usr/local + +# I'd use that shiny new manpage script here but all the +# .3 manpages end with '.3tiff'. +gzip -9 $PKG/usr/man/man?/* + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +makepkg -l y -c n $TMP/libtiff-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/libtiff/slack-desc b/patches/source/libtiff/slack-desc new file mode 100644 index 000000000..42c79f47d --- /dev/null +++ b/patches/source/libtiff/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libtiff: libtiff (a library for reading and writing TIFF files) +libtiff: +libtiff: This package provides support for the Tag Image File Format (TIFF), +libtiff: a widely used format for storing image data. Included is the libtiff +libtiff: library (for reading and writing TIFF files), and a collection of +libtiff: tools for working with TIFF images. +libtiff: +libtiff: +libtiff: +libtiff: +libtiff: diff --git a/patches/source/libtiff/tiff-3.9.7_CVE-2012-4447_CVE-2012-4564_CVE-2013-1960_CVE-2013-1961.diff b/patches/source/libtiff/tiff-3.9.7_CVE-2012-4447_CVE-2012-4564_CVE-2013-1960_CVE-2013-1961.diff new file mode 100644 index 000000000..2ee6847c6 --- /dev/null +++ b/patches/source/libtiff/tiff-3.9.7_CVE-2012-4447_CVE-2012-4564_CVE-2013-1960_CVE-2013-1961.diff @@ -0,0 +1,3813 @@ +From 304327d825c7ba6a9f560d0ca792304f0b03e3b3 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Sun, 11 Aug 2013 +Subject: Multiple CVEs addressed and bugs fixed. + +Mega-patch against libtiff-3.9.7 constructed from upstream commits +that syncs it to the last CVS revision (5/2/2013). It fixes: + + a. CVE-2012-4447 + b. CVE-2012-4564 + c. CVE-2013-1960 + d. CVE-2013-1961 + e. auto-rotate option bug + f. TIFFPrintDirectory bug +--- + ChangeLog | 781 ++++++++++++++++++++++-------------------- + Makefile.in | 2 + aclocal.m4 | 6 + build/Makefile.in | 2 + contrib/Makefile.in | 2 + contrib/acorn/Makefile.in | 2 + contrib/addtiffo/Makefile.in | 2 + contrib/dbs/Makefile.in | 2 + contrib/dbs/xtiff/Makefile.in | 2 + contrib/dbs/xtiff/xtiff.c | 6 + contrib/iptcutil/Makefile.in | 2 + contrib/mac-cw/Makefile.in | 2 + contrib/mac-mpw/Makefile.in | 2 + contrib/mfs/Makefile.in | 2 + contrib/pds/Makefile.in | 2 + contrib/ras/Makefile.in | 2 + contrib/stream/Makefile.in | 2 + contrib/tags/Makefile.in | 2 + contrib/win_dib/Makefile.in | 2 + html/Makefile.in | 2 + html/images/Makefile.in | 2 + html/man/Makefile.in | 2 + libtiff/Makefile.in | 2 + libtiff/tif_codec.c | 5 + libtiff/tif_dirinfo.c | 4 + libtiff/tif_pixarlog.c | 94 ++--- + libtiff/tif_print.c | 15 + man/Makefile.in | 2 + port/Makefile.in | 2 + test/Makefile.in | 2 + tools/Makefile.in | 2 + tools/ppm2tiff.c | 39 +- + tools/rgb2ycbcr.c | 5 + tools/tiff2bw.c | 4 + tools/tiff2pdf.c | 313 ++++++++-------- + tools/tiff2ps.c | 20 - + tools/tiffcrop.c | 12 + tools/tiffdither.c | 4 + 38 files changed, 728 insertions(+), 628 deletions(-) + +diff --git a/ChangeLog b/ChangeLog +index c18d495..2d8bc7c 100644 +--- a/ChangeLog ++++ b/ChangeLog +@@ -1,3 +1,51 @@ ++2013-05-02 Tom Lane <tgl@sss.pgh.pa.us> ++ ++ * tools/tiff2pdf.c: Rewrite JPEG marker parsing in ++ t2p_process_jpeg_strip to be at least marginally competent. The ++ approach is still fundamentally flawed, but at least now it won't ++ stomp all over memory when given bogus input. Fixes CVE-2013-1960. ++ ++2013-05-02 Tom Lane <tgl@sss.pgh.pa.us> ++ ++ * contrib/dbs/xtiff/xtiff.c, libtiff/tif_codec.c, ++ libtiff/tif_dirinfo.c, tools/rgb2ycbcr.c, tools/tiff2bw.c, ++ tools/tiff2pdf.c, tools/tiff2ps.c, tools/tiffcrop.c, ++ tools/tiffdither.c: Enlarge some fixed-size buffers that weren't ++ large enough, and eliminate substantially all uses of sprintf(buf, ++ ...) in favor of using snprintf(buf, sizeof(buf), ...), so as to ++ protect against overflow of fixed-size buffers. This responds in ++ particular to CVE-2013-1961 concerning overflow in tiff2pdf.c's ++ t2p_write_pdf_page(), but in general it seems like a good idea to ++ deprecate use of sprintf(). ++ ++2013-01-25 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> ++ ++ * tools/tiff2ps.c:Fix bug in auto rotate option code. Once a ++ rotation angle was set by the auto rotate check, it was retained ++ for all pages that followed instead of being retested for each ++ page. Patch by Richard Nolde. ++ ++2012-12-12 Tom Lane <tgl@sss.pgh.pa.us> ++ ++ * libtiff/tif_print.c: Back-patch recent fixes in ++ TIFFPrintDirectory to make it handle field_passcount fields sanely ++ for both TIFF_VARIABLE and TIFF_VARIABLE2 cases. ++ ++2012-12-10 Tom Lane <tgl@sss.pgh.pa.us> ++ ++ * tools/ppm2tiff.c: Back-patch fix for CVE-2012-4564. ++ ++2012-12-10 Tom Lane <tgl@sss.pgh.pa.us> ++ ++ * libtiff/tif_pixarlog.c: Back-patch recent security fixes for ++ tif_pixarlog.c, namely the fix for CVE-2012-4447 and protections ++ against accessing outside the lookup arrays for out of range ++ inputs. ++ ++2012-11-18 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> ++ ++ * automake: Update Automake to 1.12.5 release. ++ + 2012-09-22 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + + * libtiff 3.9.7 released. +@@ -31,7 +79,7 @@ + + * libtiff/tif_dirread.c: Avoid trusting samplesperpixel's default + of 1 for purposes of trimming tags. This is to get some super +- crappy OJPEG files to work again. Grr. ++ crappy OJPEG files to work again. Grr. + http://bugzilla.maptools.org/show_bug.cgi?id=2348 + + 2012-06-01 Frank Warmerdam <warmerdam@google.com> +@@ -101,8 +149,8 @@ + * libtiff/tiffiop.h: avoid declaring int64/uint64 on AIX with XLC + where they are already available. (#2301) + +- * libtiff/tif_thunder.c: Correct potential buffer overflow with +- thunder encoded files with wrong bitspersample set. The libtiff ++ * libtiff/tif_thunder.c: Correct potential buffer overflow with ++ thunder encoded files with wrong bitspersample set. The libtiff + development team would like to thank Marin Barbella and TippingPoint's + Zero Day Initiative for reporting this vulnerability (ZDI-CAN-1004, + CVE-2011-1167). +@@ -110,18 +158,18 @@ + + 2011-03-10 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_fax3.h: Fix to last change allowing zero length ++ * libtiff/tif_fax3.h: Fix to last change allowing zero length + runs at the start of a scanline - needed for legal cases. + + 2011-03-02 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_fax3.h: Protect against a fax VL(n) codeword commanding +- a move left. Without this, a malicious input file can generate an +- indefinitely large series of runs without a0 ever reaching the right ++ * libtiff/tif_fax3.h: Protect against a fax VL(n) codeword commanding ++ a move left. Without this, a malicious input file can generate an ++ indefinitely large series of runs without a0 ever reaching the right + margin, thus overrunning our buffer of run lengths. Per CVE-2011-0192. +- This is a modified version of a patch proposed by Drew Yao of Apple +- Product Security. It adds an unexpected() report, and disallows the +- equality case, since emitting a run without increasing a0 still allows ++ This is a modified version of a patch proposed by Drew Yao of Apple ++ Product Security. It adds an unexpected() report, and disallows the ++ equality case, since emitting a run without increasing a0 still allows + buffer overrun. + + 2011-02-25 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -133,7 +181,7 @@ + 2011-01-03 Lee Howard <faxguy@howardsilvan.com> + + * libtiff/tif_jpeg.c: Fix regressions with 2 and 3 band images +- caused by commit on 2010-12-14. Submitted by e-mail from ++ caused by commit on 2010-12-14. Submitted by e-mail from + Even Rouault <even.rouault@mines-paris.org> + + 2010-12-31 Olivier Paquet <olivier.paquet@gmail.com> +@@ -188,13 +236,13 @@ + + 2010-12-12 Lee Howard <faxguy@howardsilvan.com> + +- * tools/tiff2pdf.c: fix colors for images with RGBA ++ * tools/tiff2pdf.c: fix colors for images with RGBA + interleaved data + http://bugzilla.maptools.org/show_bug.cgi?id=2250 + + 2010-12-11 Lee Howard <faxguy@howardsilvan.com> + +- * tools/tiff2pdf.c: remove invalid duplication for Lab ++ * tools/tiff2pdf.c: remove invalid duplication for Lab + http://bugzilla.maptools.org/show_bug.cgi?id=2162 + + 2010-12-11 Lee Howard <faxguy@howardsilvan.com> +@@ -236,7 +284,7 @@ + + 2010-12-07 Lee Howard <faxguy@howardsilvan.com> + +- * libtiff/tif_jpeg.c, libtiff/tif_strip.c: apply patch for ++ * libtiff/tif_jpeg.c, libtiff/tif_strip.c: apply patch for + CVE-2010-3087 per bug + http://bugzilla.maptools.org/show_bug.cgi?id=2140 + +@@ -248,7 +296,7 @@ + 2010-09-25 Lee Howard <faxguy@howardsilvan.com> + + * tools/tiff2ps.c: improvements and enhancements from Richard Nolde +- with additional command line options for Document Title, ++ with additional command line options for Document Title, + Document Creator, and Page Orientation + + 2010-07-13 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> +@@ -349,14 +397,14 @@ + * libtiff/tif_dirread.c: Fixed bad handling of out of order tags + definated late by a codec (#2210) + +- * libtiff/tif_dirread.c: Fixed inadequate validation of the ++ * libtiff/tif_dirread.c: Fixed inadequate validation of the + SubjectDistance field (#2212). + +- * tiff2pdf.c: Fix assorted bugs in tiff2pdf: missing "return" +- in t2p_read_tiff_size() causes t2p->tiff_datasize to be set entirely +- wrong for COMPRESSION_JPEG case, resulting in memory stomp if actual +- size is larger. Also, there are a bunch of places that try to +- memset() a malloc'd buffer before checking for malloc failure, which ++ * tiff2pdf.c: Fix assorted bugs in tiff2pdf: missing "return" ++ in t2p_read_tiff_size() causes t2p->tiff_datasize to be set entirely ++ wrong for COMPRESSION_JPEG case, resulting in memory stomp if actual ++ size is larger. Also, there are a bunch of places that try to ++ memset() a malloc'd buffer before checking for malloc failure, which + would result in core dump if there actually were a failure. (#2211) + + 2010-06-11 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> +@@ -452,13 +500,13 @@ + + 2010-05-07 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_jpeg.c: Ensure that quality is always set in +- JPEGPreEncode(), not just when we want to output local tables. ++ * libtiff/tif_jpeg.c: Ensure that quality is always set in ++ JPEGPreEncode(), not just when we want to output local tables. + Otherwise the quality used during compression may not be right and + might not match the tables in the tables tag. This bug only occurs + when seeking between directories in the midst of writing blocks. + http://trac.osgeo.org/gdal/ticket/3539 +- ++ + 2010-05-05 Olivier Paquet <olivier.paquet@gmail.com> + + * libtiff/tif_print.c: Have TIFFTAG_REFERENCEBLACKWHITE always print 6 +@@ -476,11 +524,11 @@ + 2010-02-22 Lee Howard <faxguy@howardsilvan.com> + + * libtiff/tif_jpeg.c: Do not generate a JPEGTables tag when creating +- the JPEG TIFF as is is not required in order to prevent it from +- being unused and filled with invalid data. (Leave it to be ++ the JPEG TIFF as is is not required in order to prevent it from ++ being unused and filled with invalid data. (Leave it to be + generated by later activity.) + http://bugzilla.maptools.org/show_bug.cgi?id=2135 +- * tools/tiff2pdf.c: Write the JPEG SOI headers into the TIFF strip ++ * tools/tiff2pdf.c: Write the JPEG SOI headers into the TIFF strip + data rather than skipping them. This fixes the ability to view in + Acrobat Reader, Evince, and Ghostscript. + http://bugzilla.maptools.org/show_bug.cgi?id=2135 +@@ -491,13 +539,13 @@ + 2010-01-06 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_dir.c: Ensure tile and scanline sizes are reset +- when moving to new directories. ++ when moving to new directories. + http://bugzilla.maptools.org/show_bug.cgi?id=1936 + + 2009-12-03 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_jpeg.c: Fix a couple of issues that trigger failures in +- some cases when using TIFFReadScanline() with JPEG compressed ++ some cases when using TIFFReadScanline() with JPEG compressed + subsampled ycbcr images. + http://bugzilla.maptools.org/show_bug.cgi?id=1936 + +@@ -610,7 +658,7 @@ + + 2009-06-22 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_lzw.c: Fix buffer underflow bug. ++ * libtiff/tif_lzw.c: Fix buffer underflow bug. + http://bugzilla.maptools.org/show_bug.cgi?id=2065 + + 2009-06-03 Frank Warmerdam <warmerdam@pobox.com> +@@ -621,7 +669,7 @@ + + 2009-02-12 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_luv.c: Fix handling of tiled logluv images. ++ * libtiff/tif_luv.c: Fix handling of tiled logluv images. + http://bugzilla.maptools.org/show_bug.cgi?id=2005 + + 2009-01-23 Frank Warmerdam <warmerdam@pobox.com> +@@ -635,7 +683,7 @@ + + 2009-01-12 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + +- * tools/tiff2ps.c: Remove spurious message printed to stderr. ++ * tools/tiff2ps.c: Remove spurious message printed to stderr. + + 2009-01-11 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + +@@ -668,7 +716,7 @@ + 2008-12-31 Frank Warmerdam <warmerdam@pobox.com> + + * tools/tiffcrop.c, man/tiffcrop.1: A major update from Richard +- Nolde. ++ Nolde. + + 2008-12-21 Frank Warmerdam <warmerdam@pobox.com> + +@@ -678,7 +726,7 @@ + + 2008-12-21 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_getimage.c, tiffio.h: More ABI corrections. ++ * libtiff/tif_getimage.c, tiffio.h: More ABI corrections. + Removed SubsamplingHor/Ver from TIFFRGBAImage structure. + http://bugzilla.maptools.org/show_bug.cgi?id=1980 + +@@ -719,15 +767,15 @@ + + 2008-05-24 Frank Warmerdam <warmerdam@pobox.com> + +- * tif_codec.c: Avoid NULL pointer dereferencing for exotic ++ * tif_codec.c: Avoid NULL pointer dereferencing for exotic + compression codec codes. + + * tif_dirread.c: zero tif->tif_dir after freeing the directory + in TIFFReadCustomDirectory(). I don't exactly remember why this +- was important. ++ was important. + + * tif_dirwrite.c: Fix potential memory leak writing large double +- tags. ++ tags. + + * tif_dirread.c: Fix unchecked malloc result. + +@@ -747,12 +795,12 @@ + + 2007-11-22 Frank Warmerdam <warmerdam@pobox.com> + +- * tif_write.c: Rip out the fancy logic in TIFFAppendToStrip() for +- establishing if an existing tile can be rewritten to the same location +- by comparing the current size to all the other blocks in the same +- directory. This is dangerous in many situations and can easily ++ * tif_write.c: Rip out the fancy logic in TIFFAppendToStrip() for ++ establishing if an existing tile can be rewritten to the same location ++ by comparing the current size to all the other blocks in the same ++ directory. This is dangerous in many situations and can easily + corrupt a file. (observed in esoteric GDAL situation that's hard to +- document). This change involves leaving the stripbytecount[] values ++ document). This change involves leaving the stripbytecount[] values + unaltered till TIFFAppendToStrip(). Now we only write a block back + to the same location it used to be at if the new data is the same + size or smaller - otherwise we move it to the end of file. +@@ -760,17 +808,17 @@ + * tif_dirwrite.c: Try to avoid writing out a full readbuffer of tile + data when writing the directory just because we have BEENWRITING at + some point in the past. This was causing odd junk to be written out +- in a tile of data when a single tile had an interleaving of reading +- and writing with reading last. (highlighted by gdal +- autotest/gcore/tif_write.py test 7. ++ in a tile of data when a single tile had an interleaving of reading ++ and writing with reading last. (highlighted by gdal ++ autotest/gcore/tif_write.py test 7. + + * tif_predict.c: use working buffer in PredictorEncodeTile to avoid +- modifying callers buffer. ++ modifying callers buffer. + http://trac.osgeo.org/gdal/ticket/1965 + +- * tif_predict.c/h, tif_lzw.c, tif_zip.c: Improvements so that ++ * tif_predict.c/h, tif_lzw.c, tif_zip.c: Improvements so that + predictor based encoding and decoding works in read-write update +- mode properly. ++ mode properly. + http://trac.osgeo.org/gdal/ticket/1948 + + 2007-10-05 Frank Warmerdam <warmerdam@pobox.com> +@@ -785,7 +833,7 @@ + + 2007-07-18 Andrey Kiselev <dron@ak4719.spb.edu> + +- * libtiff/{Makefile.am, Makefile.v}: Do not distribute tiffconf.h, ++ * libtiff/{Makefile.am, Makefile.v}: Do not distribute tiffconf.h, + remove tif_config.h/tiffconf.h during cleaning. As per bug + + http://bugzilla.remotesensing.org/show_bug.cgi?id=1573 +@@ -803,14 +851,13 @@ + 2007-07-03 Andrey Kiselev <dron@ak4719.spb.edu> + + * tools/tiff2ps.c: Added support 16-bit images as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=1566 + + Patch from William Bader. + + * tools/tiff2pdf.c: Fix for TIFFTAG_JPEGTABLES tag fetching and + significant upgrade of the whole utility as per bug +- + http://bugzilla.remotesensing.org/show_bug.cgi?id=1560 + + Now we don't need tiffiop.h in tiff2pdf anymore and will open output +@@ -828,7 +875,7 @@ + + * libtiff/tif_dirwrite.c: Fixed problem introduced with a fix for a + byte swapping issue +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=1363 + + As per bug +@@ -846,7 +893,7 @@ + * libtiff/{tif_dir.h, tif_dirread.c, tif_dirinfo.c, tif_jpeg.c, + tif_fax3.c, tif_jbig.c, tif_luv.c, tif_ojpeg.c, tif_pixarlog.c, + tif_predict.c, tif_zip.c}: Finally fix bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=1274 + + by introducing _TIFFMergeFieldInfo() returning integer error status +@@ -857,7 +904,7 @@ + + 2007-04-07 Frank Warmerdam <warmerdam@pobox.com> + +- * contrib/addtiffo/tif_overview.c: Fix problems with odd sized output ++ * contrib/addtiffo/tif_overview.c: Fix problems with odd sized output + blocks in TIFF_DownSample_Subsampled() (bug 1542). + + 2007-04-06 Frank Warmerdam <warmerdam@pobox.com> +@@ -865,20 +912,20 @@ + * libtiff/tif_jpeg.c: Changed JPEGInitializeLibJPEG() so that it + will convert from decompressor to compressor or compress to decompress + if required by the force arguments. This works around a problem in +- where the JPEGFixupTestSubsampling() may cause a decompressor to ++ where the JPEGFixupTestSubsampling() may cause a decompressor to + be setup on a directory when later a compressor is required with the +- force flag set. Occurs with the addtiffo program for instance. ++ force flag set. Occurs with the addtiffo program for instance. + + 2007-04-06 Andrey Kiselev <dron@ak4719.spb.edu> + + * libtiff/tif_dirwrite.c: Fixed swapping of byte arrays stored + in-place in tag offsets as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=1363 + + * tools/tiffcrop.c, man/tiffcrop.1: Significant update in + functionality from Richard Nolde. As per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=1525 + + 2007-03-28 Frank Warmerdam <warmerdam@pobox.com> +@@ -886,15 +933,15 @@ + * libtiff/tif_fax3.c: "inline static" -> "static inline" for IRIC CC. + + 2007-03-07 Joris Van Damme <joris.at.lebbeke@skynet.be> +- ++ + * libtiff/tif_getimage.c: workaround for 'Fractional scanline' error reading + OJPEG images with rowsperstrip that is not a multiple of vertical subsampling + factor. This bug is mentioned in: + http://bugzilla.remotesensing.org/show_bug.cgi?id=1390 +- http://www.asmail.be/msg0054766825.html ++ http://www.asmail.be/msg0054766825.html + + 2007-03-07 Joris Van Damme <joris.at.lebbeke@skynet.be> +- ++ + * libtiff/tif_win32.c: made inclusion of windows.h unconditional + + * libtiff/tif_win32.c: replaced preprocessor indication for consiously +@@ -944,14 +991,14 @@ + larger than 2GB. Fixes bug + + http://bugzilla.remotesensing.org/show_bug.cgi?id=890 +- ++ + Idea submitted by Matt Hancher. + + 2007-01-31 Andrey Kiselev <dron@ak4719.spb.edu> + + * tools/tif2rgba.c: This utility does not work properly on big-endian + architectures. It was fixed including the bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=1149 + + 2007-01-15 Mateusz Loskot <mateusz@loskot.net> +@@ -968,15 +1015,15 @@ + + 2006-11-19 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_write.c: TIFFAppendToStrip() - clear sorted flag if +- we move a strip. +- http://bugzilla.remotesensing.org/show_bug.cgi?id=1359 ++ * libtiff/tif_write.c: TIFFAppendToStrip() - clear sorted flag if ++ we move a strip. ++ http://bugzilla.remotesensing.org/show_bug.cgi?id=1359 + + 2006-10-13 Andrey Kiselev <dron@ak4719.spb.edu> + + * libtiff/tif_dir.c: More fixes for vulnerabilities, reported + in Gentoo bug (): +- ++ + http://bugs.gentoo.org/show_bug.cgi?id=142383 + + * libtiff/contrib/dbs/xtiff/xtiff.c: Make xtiff utility compilable. +@@ -1010,12 +1057,12 @@ + * libtiff/tif_lzw.c, libtiff/tif_zip.c: Fixed problems with mixing + encoding and decoding on the same read-write TIFF handle. The LZW + code can now maintain encode and decode state at the same time. The +- ZIP code will switch back and forth as needed. ++ ZIP code will switch back and forth as needed. + http://bugzilla.remotesensing.org/show_bug.cgi?id=757 + + 2006-09-20 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff: Rename config.h.vc and tif_config.h.vc to config.vc.h and ++ * libtiff: Rename config.h.vc and tif_config.h.vc to config.vc.h and + tif_config.vc.h for easier identification by folks using an IDE. + + 2006-07-25 Frank Warmerdam <warmerdam@pobox.com> +@@ -1030,7 +1077,7 @@ + + 2006-07-12 Frank Warmerdam <warmerdam@pobox.com> + +- * tif_dirwrite.c: make sure to use uint32 for wordcount in ++ * tif_dirwrite.c: make sure to use uint32 for wordcount in + TIFFWriteNormanTag if writecount is VARIABLE2 for ASCII fields. + It already seems to have been done for other field types. Needed + for "tiffset" on files with geotiff ascii text. +@@ -1058,9 +1105,9 @@ + 2006-06-17 Frank Warmerdam <warmerdam@pobox.com> + + * tif_readdir.c: Added case in EstimateStripByteCounts() for tiled +- files. Modified TIFFReadDirectory() to not invoke ++ files. Modified TIFFReadDirectory() to not invoke + EstimateStripByteCounts() for case where entry 0 and 1 are unequal +- but one of them is zero. ++ but one of them is zero. + http://bugzilla.remotesensing.org/show_bug.cgi?id=1204 + + 2006-06-08 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -1088,7 +1135,7 @@ + * {configure, configure.ac, libtiff/tif_jbig.c, tools/tiffcp.c}: Added + support for JBIG compression scheme (34661 code) contributed by Lee + Howard. As per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=896 + + * configure, configure.ac: OJPEG support enabled by default. +@@ -1127,7 +1174,7 @@ + 2006-04-18 Frank Warmerdam <warmerdam@pobox.com> + + * nmake.opt: use /EHsc for VS2005 compatibility. Also define +- _CRT_SECURE_NO_DEPRECATE to avoid noise on VS2005. ++ _CRT_SECURE_NO_DEPRECATE to avoid noise on VS2005. + + 2006-04-12 Joris Van Damme <joris.at.lebbeke@skynet.be> + +@@ -1135,7 +1182,7 @@ + non-subsampled YCbCr (i.e. separate YCbCr with subsampling [1,1]) + + 2006-04-11 Joris Van Damme <joris.at.lebbeke@skynet.be> +- ++ + * libtiff/tif_getimage.c: Revision of all RGB(A) put routines + - Conversion of unassociated alpha to associated alpha now done with + more performant LUT, and calculation more correct +@@ -1144,21 +1191,21 @@ + - Bugfix of handling of 16bit RGB with unassociated alpha + + 2006-04-11 Joris Van Damme <joris.at.lebbeke@skynet.be> +- +- * libtiff/tif_getimage.c: +- - When there is no alpha, gtTileSeparate and gtStripSeparate allocated +- buffer for alpha strile and filled it, only to never read it back. ++ ++ * libtiff/tif_getimage.c: ++ - When there is no alpha, gtTileSeparate and gtStripSeparate allocated ++ buffer for alpha strile and filled it, only to never read it back. + Removed allocation and fill. +- - Minor rename of vars in gtTileSeparate and gtStripSeparate ++ - Minor rename of vars in gtTileSeparate and gtStripSeparate + anticipating planned functionality extension + + 2006-04-08 Joris Van Damme <joris.at.lebbeke@skynet.be> + +- * libtiff/tif_getimage.c: renamed pickTileContigCase to PickContigCase +- and pickTileSeparateCase to PickSeparateCase as both work on strips as ++ * libtiff/tif_getimage.c: renamed pickTileContigCase to PickContigCase ++ and pickTileSeparateCase to PickSeparateCase as both work on strips as + well + +- * libtiff/tif_getimage.c: moved img->get selection from ++ * libtiff/tif_getimage.c: moved img->get selection from + TIFFRGBAImageBegin into PickContigCase and PickSeparateCase to create + logical hook for planned functionality extension + +@@ -1169,9 +1216,9 @@ + + 2006-04-07 Joris Van Damme <joris.at.lebbeke@skynet.be> + +- * libtiff/tif_getimage.c: replaced usage of TIFFScanlineSize in ++ * libtiff/tif_getimage.c: replaced usage of TIFFScanlineSize in + gtStripContig with TIFFNewScanlineSize so as to fix buggy behaviour +- on subsampled images - this ought to get sorted when we feel brave ++ on subsampled images - this ought to get sorted when we feel brave + enough to replace TIFFScanlineSize alltogether + + * libtiff/tif_ojpeg.c: fixed bug in OJPEGReadSkip +@@ -1180,13 +1227,13 @@ + + * libtiff/tiffio.h: added new type tstrile_t + +- * libtiff/tif_dir.h: changed types of td_stripsperimage and td_nstrips +- to new tstrile_t, types of td_stripoffset and td_stripbytecount to ++ * libtiff/tif_dir.h: changed types of td_stripsperimage and td_nstrips ++ to new tstrile_t, types of td_stripoffset and td_stripbytecount to + toff_t* + + * libtiff/tif_ojpeg.c: totally new implementation + +- * libtiff/tif_dirread.c: added several hacks to suit new support of ++ * libtiff/tif_dirread.c: added several hacks to suit new support of + OJPEG + + * libtiff/tif_getimage.c: removed TIFFTAG_JPEGCOLORMODE handling +@@ -1226,7 +1273,7 @@ + + * libtiff/tif_getimage.c: added putcontig8bitYCbCr12tile + +- * libtiff/tif_read.c: added support for new TIFF_NOREADRAW flag to ++ * libtiff/tif_read.c: added support for new TIFF_NOREADRAW flag to + prepare the path for new tif_ojpeg.c + + 2006-03-23 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -1342,7 +1389,7 @@ + + * libtiff/tif_write.c: Small code rearrangement in TIFFWriteScanline() + to avoid crash as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=1081. + + 2006-02-26 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -1392,7 +1439,7 @@ + 2006-02-07 Frank Warmerdam <warmerdam@pobox.com> + + * tools/tiff2pdf.c: Fixed support for non-YCbCr encoded JPEG +- compressed TIFF files, per submission from Dan Cobra. ++ compressed TIFF files, per submission from Dan Cobra. + + 2006-02-07 Andrey Kiselev <dron@ak4719.spb.edu> + +@@ -1424,7 +1471,7 @@ + + * libtiff/tif_dirread.c: Use _TIFFGetExifFieldInfo() instead of + _TIFFGetFieldInfo() in TIFFReadEXIFDirectory() call as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=1026. + + 2006-01-23 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -1490,7 +1537,7 @@ + + 2005-12-26 Andrey Kiselev <dron@ak4719.spb.edu> + +- * libtiff/{tif_dir.c, tif_dir.h, tif_dirread.c, tif_dirinfo.c}: ++ * libtiff/{tif_dir.c, tif_dir.h, tif_dirread.c, tif_dirinfo.c}: + tiffFieldInfo and exifFieldInfo arrays definitions moved back to + tif_dirinfo.c; added _TIFFGetFieldInfo() and _TIFFGetExifFieldInfo() + private functions to retrieve FieldInfo arrays. +@@ -1517,10 +1564,10 @@ + + 2005-12-23 Joris Van Damme <joris.at.lebbeke@skynet.be> + +- * libtiff/tiffio.h: fixed typo that potentially resulted in ++ * libtiff/tiffio.h: fixed typo that potentially resulted in + redefininition of USE_WIN32_FILEIO + +- * libtiff/*: Added more 'dual-mode' error handling: Done TIFFWarning ++ * libtiff/*: Added more 'dual-mode' error handling: Done TIFFWarning + calls in core LibTiff. + + 2005-12-21 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -1530,10 +1577,10 @@ + + 2005-12-21 Joris Van Damme <joris.at.lebbeke@skynet.be> + +- * libtiff/*, contrib/*: Added 'dual-mode' error handling, enabling ++ * libtiff/*, contrib/*: Added 'dual-mode' error handling, enabling + newer code to get context indicator in error handler and still +- remain compatible with older code: Done TIFFError calls everywhere +- except in tools ++ remain compatible with older code: Done TIFFError calls everywhere ++ except in tools + + 2005-12-20 Andrey Kiselev <dron@ak4719.spb.edu> + +@@ -1606,7 +1653,7 @@ + http://bugzilla.remotesensing.org/show_bug.cgi?id=1002 + + * .cvsignore: many files added, and a few update according +- to suggestion of Brad HArds on tiff mailing list. ++ to suggestion of Brad HArds on tiff mailing list. + + 2005-11-03 Frank Warmerdam <warmerdam@pobox.com> + +@@ -1631,7 +1678,7 @@ + http://bugzilla.remotesensing.org/show_bug.cgi?id=946 + + * tools/bmp2tiff.c: Fixed possible integer overflow error as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=965 + + * libtiff/tif_dirinfo.c: Make XResolution, YResolution and +@@ -1641,7 +1688,7 @@ + + * tools/tiffsplit.c: Copy fax related fields over splitted parts + as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=983 + + 2005-10-21 Frank Warmerdam <warmerdam@pobox.com> +@@ -1697,7 +1744,7 @@ + + * libtiff/tif_dir.c: When prefreeing tv->value in TIFFSetFieldV + also set it to NULL to avoid double free when re-setting custom +- string fields as per: ++ string fields as per: + + http://bugzilla.remotesensing.org/show_bug.cgi?id=922 + +@@ -1733,7 +1780,7 @@ + http://bugzilla.remotesensing.org/show_bug.cgi?id=831 + + Remove TIFFFetchExtraSamples() function, use TIFFFetchNormalTag() +- instead. ++ instead. + + * libtiff/tiffconf.h.in: One more attempt to fix the AIX bug + +@@ -1904,7 +1951,7 @@ + + 2005-05-22 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_dirread.c: Changed the code that computes ++ * libtiff/tif_dirread.c: Changed the code that computes + stripbytecount[0] if it appears bogus to ignore if stripoffset[0] is + zero. This is a common case with GDAL indicating a "null" tile/strip. + +@@ -1914,8 +1961,8 @@ + + 2005-05-06 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_dirread.c: Applied similar change to +- TIFFFetchPerSampleLongs and TIFFFetchPerSampleAnys. ++ * libtiff/tif_dirread.c: Applied similar change to ++ TIFFFetchPerSampleLongs and TIFFFetchPerSampleAnys. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=843 + +@@ -1965,7 +2012,7 @@ + + * man/TIFFSetField.3tiff: Fixed definition of the TIFFTAG_INKNAMES tag + as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=816 + + 2005-03-30 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -2075,7 +2122,7 @@ + + * libtiff/tiffio.h: Move TIFFOpenW() function into the extern "C"{} + block as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=763 + + 2005-02-03 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> +@@ -2096,7 +2143,7 @@ + http://bugzilla.remotesensing.org/show_bug.cgi?id=320 + + * tools/tiff2ps.c: Fixed problem with page sizes as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=742 + + 2005-01-31 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> +@@ -2137,7 +2184,7 @@ + TIFFRGBAImageBegin() as per bug + + http://bugzilla.remotesensing.org/show_bug.cgi?id=739 +- ++ + 2005-01-12 Andrey Kiselev <dron@ak4719.spb.edu> + + * libtiff/tif_jpeg.c: Added ability to read/write the fax specific +@@ -2166,7 +2213,7 @@ + * libtiff/tiff.h: Restore back the workaround for AIX Visual Age C + compiler to avoid double definition of BSD types as per bug + +- http://bugzilla.remotesensing.org/show_bug.cgi?id=39 ++ http://bugzilla.remotesensing.org/show_bug.cgi?id=39 + + * libtiff/Makefile.am: Place the C++ stream API in the separate + library called libtiffxx to avoid unneeded dependencies. Probably +@@ -2190,7 +2237,7 @@ + + * libtiff/tif_getimage.c: More fixes for multiple-alpha-channelled + RGB-images as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=713 + + +@@ -2226,7 +2273,7 @@ + 2004-12-15 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_getimage.c: #define A1 bracketing for clean build on +- SunPro compiler. ++ SunPro compiler. + + 2004-12-11 Bob Friesenhahn <bfriesen@simple.dallas.tx.us> + +@@ -2238,7 +2285,7 @@ + + * libtiff/tif_dirwrite.c: Always write TIFFTAG_SUBIFD using LONG type + as per bugs +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=703 + + and +@@ -2258,9 +2305,9 @@ + + * libtiff/tif_config.in.vc: Removed unneded definitions for + read/open/close/lseek functions to fix the +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=680 +- ++ + 2004-12-03 Andrey Kiselev <dron@ak4719.spb.edu> + + * libtiff/{tif_dir.c, tif_dirread.c}: Remove TIFFReassignTagToIgnore() +@@ -2296,7 +2343,7 @@ + + 2004-11-26 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/makefile.vc: make it easier to rename the libtiff DLL. ++ * libtiff/makefile.vc: make it easier to rename the libtiff DLL. + + 2004-11-24 Andrey Kiselev <dron@ak4719.spb.edu> + +@@ -2393,7 +2440,7 @@ + per bug + + http://bugzilla.remotesensing.org/show_bug.cgi?id=648 +- ++ + * libtiff/{tif_jpeg.c, tif_ojpeg.c}: TIFFTAG_JPEGTABLES should have + uint32 count. Use this type everywhere. + +@@ -2406,7 +2453,7 @@ + * tools/tiff2rgba.c: removed extra newlines in usage message. + + 2004-10-30 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * libtiff/tif_dirwrite.c: Improvements in tag writing code. + + * tools/tiff2ps.c: Fixed wrong variable data type when read Position +@@ -2421,7 +2468,7 @@ + + * libtiff/tif_fax3.c: Fixed case with the wrong decode routines + choosing when the incorrect Group4Options tag set. As per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=323 + + * libtiff/tif_dirwrite.c: Fixed problem with passing count variable of +@@ -2440,7 +2487,7 @@ + * tools/tiff2pdf.c: added casts to avoid warnings. + + * libtiff/libtiff.def: Added several more entry points required +- to link fax2tiff.c against the DLL on windows. ++ to link fax2tiff.c against the DLL on windows. + + 2004-10-27 Andrey Kiselev <dron@ak4719.spb.edu> + +@@ -2511,7 +2558,7 @@ + 2004-10-08 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_dirinfo.c: Fix bug with tif_foundfield and reallocation +- of tif_fieldinfo. ++ of tif_fieldinfo. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=630 + +@@ -2543,7 +2590,7 @@ + + 2004-09-30 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_dirinfo.c: changed type of XMLPacket (tag 700) to ++ * libtiff/tif_dirinfo.c: changed type of XMLPacket (tag 700) to + TIFFTAG_BYTE instead of TIFFTAG_UNDEFINED to comply with the info + in the Adobe XMP Specification. + +@@ -2563,7 +2610,7 @@ + 2004-09-26 Andrey Kiselev <dron@ak4719.spb.edu> + + * libtiff/{tif_dir.h, tif_dir.c, tif_dirread.c, tif_write.c}: +- Optimize checking for the strip bounds. ++ Optimize checking for the strip bounds. + + * libtiff/{tif_dirread.c, tif_strip.c}: TIFFScanlineSize() and + TIFFRasterScanlineSize() functions report zero in the case of integer +@@ -2714,7 +2761,7 @@ + here + + http://www.asmail.be/msg0054799560.html +- ++ + for details. + + * tools/fax2tiff.c: Use the new functions in the code. +@@ -2842,11 +2889,11 @@ + * tools/tiffsplit.c: Fixed problem with unproperly written multibyte + files. Now output files will be written using the same byte order + flag as in the input image. See +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=574 +- ++ + for details. +- ++ + 2004-05-19 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_print.c: added (untested) support for printing +@@ -2858,7 +2905,7 @@ + + * libtiff/tif_fax3.c: Avoid reading CCITT compression options + if compression type mismatches. See +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=565 + + 2004-04-30 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -2903,7 +2950,7 @@ + 2004-04-04 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_open.c: close clientdata if TIFFClientOpen() fails +- via bad2. ++ via bad2. + + 2004-03-26 Andrey Kiselev <dron@ak4719.spb.edu> + +@@ -2930,10 +2977,10 @@ + + 2004-02-26 Andrey Kiselev <dron@ak4719.spb.edu> + +- * tools/tiffsplit.c: Copy JPEGTables tag contents for JPEG compressed ++ * tools/tiffsplit.c: Copy JPEGTables tag contents for JPEG compressed + images. Reported by Artem Mirolubov. + +- * libtiff/tif_dirread.c: Fixed problem with handling TIFF_UNDEFINED ++ * libtiff/tif_dirread.c: Fixed problem with handling TIFF_UNDEFINED + tag type in TIFFFetchNormalTag() as per bug + + http://bugzilla.remotesensing.org/show_bug.cgi?id=508 +@@ -2955,8 +3002,8 @@ + 2004-01-30 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/libtiff.def: Added TIFFCurrentDirOffset, TIFFWriteCheck, +- TIFFRGBAImageOK, and TIFFNumberOfDirectories as suggested by +- Scott Reynolds. ++ TIFFRGBAImageOK, and TIFFNumberOfDirectories as suggested by ++ Scott Reynolds. + + 2004-01-29 Andrey Kiselev <dron@ak4719.spb.edu> + +@@ -2974,7 +3021,7 @@ + file if TIFFFdOpen() failed as per bug + + http://bugzilla.remotesensing.org/show_bug.cgi?id=468 +- ++ + * libtiff/tif_open.c: More fixes for + + http://bugzilla.remotesensing.org/show_bug.cgi?id=468 +@@ -2998,7 +3045,7 @@ + * libtiff/tif_dirwrite.c: Fixed handling of writable ASCII tags that + are field_passcount=TRUE properly. Arguably anonymous custom tags + should be declared as passcount=FALSE, but I don't want to change +- that without a careful review. ++ that without a careful review. + + 2004-01-20 Andrey Kiselev <dron@ak4719.spb.edu> + +@@ -3161,8 +3208,8 @@ + + 2003-11-17 Frank Warmerdam <warmerdam@pobox.com> + +- * tif_dirread.c: do not mark all anonymously defined tags to be +- IGNOREd. ++ * tif_dirread.c: do not mark all anonymously defined tags to be ++ IGNOREd. + + 2003-11-17 Andrey Kiselev <dron@ak4719.spb.edu> + +@@ -3202,15 +3249,15 @@ + + 2003-11-09 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_tile.c: remove spurious use of "s" (sample) in the ++ * libtiff/tif_tile.c: remove spurious use of "s" (sample) in the + planarconfig_contig case in TIFFComputeTile(). + + http://bugzilla.remotesensing.org/show_bug.cgi?id=387 + + 2003-11-09 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * libtiff/tiffiop.h: New macros: TIFFmax, TIFFmin and TIFFrint. +- ++ + 2003-11-07 Andrey Kiselev <dron@ak4719.spb.edu> + + * libtiff/{tiffio.h, tif_strip.c}, man/{TIFFstrip.3t, libtiff.3t}: +@@ -3277,11 +3324,11 @@ + function TIFFReadRGBAImageOriented() implemented to retrieve raster + array with user-specified origin position as suggested by Jason Frank. + See +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=322 + + for details. +- ++ + * tools/tiff2rgba.c: Switched to use TIFFReadRGBAImageOriented() + instead of TIFFReadRGBAImage(). + +@@ -3362,9 +3409,9 @@ + encoded write functions use tif_postdecode() to apply byte order + swapping (swab) to the application passed data buffer if the same + would be done when reading. This allows us to write pixel data with +- more than 8 bits per sample to existing files of a non-native byte ++ more than 8 bits per sample to existing files of a non-native byte + order. One side effect of this change is the applications buffer +- itself is altered in this case by the act of writing. ++ itself is altered in this case by the act of writing. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=171 + +@@ -3390,9 +3437,9 @@ + 2003-07-08 Frank Warmerdam <warmerdam@pobox.com> + + * tif_aux.c, tif_codec.c, tif_dir.c, tif_dirread.c, tif_extension.c, +- tif_fax3.c, tif_getimage.c, tif_luv.c, tif_lzw.c, tif_next.c, ++ tif_fax3.c, tif_getimage.c, tif_luv.c, tif_lzw.c, tif_next.c, + tif_packbits.c, tif_predict.c, tif_print.c, tif_swab.c, tif_thunder.c: +- avoid casting warning at /W4. ++ avoid casting warning at /W4. + + 2003-07-03 Andrey Kiselev <dron@ak4719.spb.edu> + +@@ -3414,11 +3461,11 @@ + + * libtiff/tif_dirinfo.c: TIFFDataWidth() returns 0 in case of + unknown data type. +- ++ + 2003-06-19 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_print.c: fixed some serious bugs when printing +- custom tags ... almost certain to crash. ++ custom tags ... almost certain to crash. + + * libtiff/tif_dirread.c: Don't ignore custom fields that are + autodefined. Not sure how this got to be like this. +@@ -3429,12 +3476,12 @@ + + * tools/tiffcmp.c, man/tiffcmp.1: Fixed problem with unused data + comparing as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=349 + + `-z' option now can be used to set the number of reported different + bytes. +- ++ + 2003-06-09 Andrey Kiselev <dron@ak4719.spb.edu> + + * tools/tiffcp.c, man/tiffcp.1: Added possibility to specify value -1 +@@ -3460,7 +3507,7 @@ + 2003-05-25 Andrey Kiselev <dron@ak4719.spb.edu> + + * tools/fax2tiff.c: Page numbering fixed, as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=341 + + 2003-05-20 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -3526,7 +3573,7 @@ + + * tools/tiffcp.c: Fixed problem with colorspace conversion for JPEG + encoded images. See bug entries +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=275 + + and +@@ -3587,16 +3634,16 @@ + + * libtiff/tif_jpeg.c: Modified to defer initialization of jpeg + library so that we can check if there is already any tile/strip data +- before deciding between creating a compressor or a decompressor. ++ before deciding between creating a compressor or a decompressor. + + 2003-01-31 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_write.c: TIFFWriteCheck() now fails if the image is +- a pre-existing compressed image. That is, image writing to ++ a pre-existing compressed image. That is, image writing to + pre-existing compressed images is not allowed. + + * libtiff/tif_open.c: Removed error if opening a compressed file +- in update mode. ++ in update mode. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=198 + +@@ -3609,16 +3656,16 @@ + * cut 3.6.0 Beta release. + + 2002-12-20 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * tools/fax2ps.c, man/fax2ps.1: Page size was determined + in wrong way as per bug +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=239 + + 2002-12-17 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_dirread.c: Allow wrong sized arrays in +- TIFFFetchStripThing(). ++ * libtiff/tif_dirread.c: Allow wrong sized arrays in ++ TIFFFetchStripThing(). + + http://bugzilla.remotesensing.org/show_bug.cgi?id=49 + +@@ -3632,7 +3679,7 @@ + * libtiff/tif_dir.c: fixed bug with resetting an existing custom + field value. + +- * libtiff/tif_dir.c: Fixed potential problem with ascii "custom" ++ * libtiff/tif_dir.c: Fixed potential problem with ascii "custom" + tags in TIFFVGetField() ... added missing break. + + 2002-10-14 Frank Warmerdam <warmerdam@pobox.com> +@@ -3644,11 +3691,11 @@ + the eps by redefining the colorimage operator will get messed up. + Patch supplied by William Bader. + +- * Makefile.in: added tif_extension.c to file list as per ++ * Makefile.in: added tif_extension.c to file list as per + http://bugzilla.remotesensing.org/show_bug.cgi?id=218. + + 2002-10-11 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * configure, config.site, libtiff/{tif_unix.c, Makefile.in}: Fix for + large files (>2GiB) supporting. New option in the config.site: + LARGEFILE="yes". Should be enough for I/O of the large files. +@@ -3680,13 +3727,13 @@ + 2002-10-06 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_jpeg.c: fixed problem with boolean defined with wrong +- size on windows. Use #define boolean hack. ++ size on windows. Use #define boolean hack. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=188 + + * libtiff/tiff.h: Don't do special type handling in tiff.h unless + USING_VISUALAGE is defined. +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=39 + + 2002-10-03 Frank Warmerdam <warmerdam@pobox.com> +@@ -3697,30 +3744,30 @@ + + * libtiff/tif_dirread.c: Another fix for the fetching SBYTE arrays + by the TIFFFetchByteArray() function. Should finally resolve +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=52 +- ++ + * configure: Set -DPIXARLOG_SUPPORT option along with -DZIP_SUPPORT + + * html/Makefile.in: New targets added: html and groffhtml for + producing HTML representations of the manual pages automatically. + html target uses man2html tool, groffhtml uses groff tool. +- ++ + 2002-09-29 Frank Warmerdam <warmerdam@pobox.com> + + * configure, libtiff/Makefile.in: Added SCO OpenServer 5.0.6 support +- from John H. DuBois III. ++ from John H. DuBois III. + + 2002-09-15 Andrey Kiselev <dron@ak4719.spb.edu> + + * Makefile.in, /man/{raw2tiff.1, Makefile.in, libtiff.3}: Added + manual page for raw2tiff(1) tool. +- ++ + 2002-09-12 Andrey Kiselev <dron@ak4719.spb.edu> + + * /libtiff/{tiffio.h, tif_dir.h}: TIFFDataWidth() declaration moved to + the tiffio.h header file. +- ++ + * Makefile.in, /man/{TIFFDataWidth.3t, Makefile.in, libtiff.3}: Added + manual page for TIFFDataWidth() function + +@@ -3730,8 +3777,8 @@ + as per http://bugzilla.remotesensing.org/show_bug.cgi?id=196. + + * tools/tiff2ps.c: Don't emit BeginData/EndData DSC comments +- since we are unable to properly include the amount to skip. +- ++ since we are unable to properly include the amount to skip. ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=80 + + 2002-09-02 Andrey Kiselev <dron@ak4719.spb.edu> +@@ -3741,7 +3788,7 @@ + http://bugzilla.remotesensing.org/show_bug.cgi?id=52 + + 2002-08-22 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * /libtiff/tif_dirinfo.c: Further additions to free custom fields + in _TIFFSetupFieldInfo() function. + See http://bugzilla.remotesensing.org/show_bug.cgi?id=169 for details. +@@ -3750,14 +3797,14 @@ + LZWDecode() and LZWDecodeCompat(). + Fixes http://bugzilla.remotesensing.org/show_bug.cgi?id=190 + and http://bugzilla.remotesensing.org/show_bug.cgi?id=100 +- ++ + * /libtiff/tif_lzw.c: + Added check for valid code lengths in LZWDecode() and + LZWDecodeCompat(). Fixes + http://bugzilla.remotesensing.org/show_bug.cgi?id=115 + + 2002-08-16 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * /libtiff/{Makefile.vc, libtiff.def}: + Missed declarations added. + +@@ -3768,7 +3815,7 @@ + + http://bugzilla.remotesensing.org/show_bug.cgi?id=177 + +- * tif_dir.h: changed FIELD_CODEC to 66 from 64 to avoid overlap ++ * tif_dir.h: changed FIELD_CODEC to 66 from 64 to avoid overlap + with FIELD_CUSTOM as mentioned in bug 169. + + * tif_close.c: added logic to free dynamically created anonymous +@@ -3777,31 +3824,31 @@ + http://bugzilla.remotesensing.org/show_bug.cgi?id=169 + + 2002-08-10 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * /tools/{raw2tiff.c, Makefile.in, Makefile.lcc, Makefile.vc}: + New tool: raw2tiff --- raw images to TIFF converter. No manual page yet. + + 2002-07-31 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_jpeg.c: Fixed problem with setting of nrows in ++ * libtiff/tif_jpeg.c: Fixed problem with setting of nrows in + JPEGDecode() as per bugzilla bug (issue 1): + + http://bugzilla.remotesensing.org/show_bug.cgi?id=129 + + * libtiff/{tif_jpeg.c,tif_strip.c,tif_print.c}: Hacked tif_jpeg.c to + fetch TIFFTAG_YCBCRSUBSAMPLING from the jpeg data stream if it isn't +- present in the tiff tags. ++ present in the tiff tags. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=168 + + * libtiff/tif_read.c, libtiff/tif_write.c: TIFFReadScanline() and + TIFFWriteScanline() now set tif_row explicitly in case the codec has +- fooled with the value. ++ fooled with the value. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=129 + + 2002-06-22 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * /tools/tiff2ps.c: Added workaround for some software that may crash + when last strip of image contains fewer number of scanlines than + specified by the `/Height' variable. See +@@ -3817,8 +3864,8 @@ + + 2002-06-11 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/contrib/win95: renamed to contrib/win_dib. Added new +- Tiffile.cpp example of converting TIFF files into a DIB on Win32. ++ * libtiff/contrib/win95: renamed to contrib/win_dib. Added new ++ Tiffile.cpp example of converting TIFF files into a DIB on Win32. + This one is described in: + + http://bugzilla.remotesensing.org/show_bug.cgi?id=143 +@@ -3834,21 +3881,21 @@ + http://bugzilla.remotesensing.org/show_bug.cgi?id=131 + + 2002-04-26 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * libtiff/libtiff.def: Added missed declaration. +- ++ + 2002-04-22 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * tools/fax2tiff.c: Updated to reflect latest changes in libtiff. + Closes http://bugzilla.remotesensing.org/show_bug.cgi?id=125 + + 2002-04-20 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * libtiff/tif_open.c: Pointers to custom procedures + in TIFFClientOpen() are checked to be not NULL-pointers. +- ++ + 2002-04-18 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * libtiff/libtiff.def: Added missed declarations. + + * libtiff/tif_pixarlog.c: Updated for using tif_tagmethods structure. +@@ -3858,14 +3905,14 @@ + * libtiff/tif_lzw.c: Additional checks for data integrity introduced. + Should finally close + http://bugzilla.remotesensing.org/show_bug.cgi?id=100 +- ++ + 2002-04-10 Andrey Kiselev <dron@ak4719.spb.edu> + + * tools/tiff2ps: Division by zero fixed. + Closes http://bugzilla.remotesensing.org/show_bug.cgi?id=88 + + 2002-04-09 Andrey Kiselev <dron@ak4719.spb.edu> +- ++ + * libtiff/: tif_dirwrite.c, tif_write.c, tiffio.h: + TIFFCheckpointDirectory() routine added. + Closes http://bugzilla.remotesensing.org/show_bug.cgi?id=124 +@@ -3897,7 +3944,7 @@ + replaced by warnings. Now libtiff should read corrupted LZW-compressed + files by skipping bad strips. + Closes http://bugzilla.remotesensing.org/show_bug.cgi?id=100 +- ++ + 2002-04-03 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_dirwrite.c: Removed some dead code. +@@ -3919,18 +3966,18 @@ + + http://bugzilla.remotesensing.org/show_bug.cgi?id=111 + +- * tif_print.c: Fixed so that ASCII FIELD_CUSTOM values with ++ * tif_print.c: Fixed so that ASCII FIELD_CUSTOM values with + passcount set FALSE can be printed (such as TIFFTAG_SOFTWARE). + +- * libtiff/tif_dir.c,tif_dirinfo.c,tif_dir.h,tif_ojpeg.c: modified so ++ * libtiff/tif_dir.c,tif_dirinfo.c,tif_dir.h,tif_ojpeg.c: modified so + that TIFFTAG_SOFTWARE uses FIELD_CUSTOM as an example. + + 2002-03-26 Dwight Kelly <dbmalloc@remotesensing.org> + + * libtiff/: tiff.h, tif_dir.c, tif_dir.h, tif_dirinfo.c, tif_dirread.c, + tif_dirwrite.c: Added get/put code for new tag XMLPACKET as defined +- in Adobe XMP Technote. Added missing INKSET tag value from TIFF 6.0 spec +- INKSET_MULTIINK (=2). Added missing tags from Adobe TIFF technotes: ++ in Adobe XMP Technote. Added missing INKSET tag value from TIFF 6.0 spec ++ INKSET_MULTIINK (=2). Added missing tags from Adobe TIFF technotes: + CLIPPATH, XCLIPPATHUNITS, YCLIPPATHUNITS, OPIIMAGEID, OPIPROXY and + INDEXED. Added PHOTOMETRIC tag value from TIFF technote 4 ICCLAB (=9). + +@@ -3989,7 +4036,7 @@ + + http://bugzilla.remotesensing.org/show_bug.cgi?id=94 + +- * man/Makefile.in: Patch DESTDIR handling ++ * man/Makefile.in: Patch DESTDIR handling + + http://bugzilla.remotesensing.org/show_bug.cgi?id=95 + +@@ -4027,9 +4074,9 @@ + + 2002-01-04 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_jpeg.c: fixed computation of segment_width for +- tiles files to avoid error about it not matching the +- cinfo.d.image_width values ("JPEGPreDecode: Improper JPEG strip/tile ++ * libtiff/tif_jpeg.c: fixed computation of segment_width for ++ tiles files to avoid error about it not matching the ++ cinfo.d.image_width values ("JPEGPreDecode: Improper JPEG strip/tile + size.") for ITIFF files. Apparently the problem was incorporated since + 3.5.5, presumably during the OJPEG/JPEG work recently. + +@@ -4039,7 +4086,7 @@ + + http://bugzilla.remotesensing.org/show_bug.cgi?id=94 + +- * libtiff/tif_getimage.c: If DEFAULT_EXTRASAMPLE_AS_ALPHA is 1 ++ * libtiff/tif_getimage.c: If DEFAULT_EXTRASAMPLE_AS_ALPHA is 1 + (defined in tiffconf.h - 1 by default) then the RGBA interface + will assume that a fourth extra sample is ASSOCALPHA if the + EXTRASAMPLE value isn't set for it. This changes the behaviour of +@@ -4051,9 +4098,9 @@ + + 2001-12-12 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_jpeg.c: allow jpeg data stream sampling values to +- override those from tiff directory. This makes this work with +- ImageGear generated files. ++ * libtiff/tif_jpeg.c: allow jpeg data stream sampling values to ++ override those from tiff directory. This makes this work with ++ ImageGear generated files. + + 2001-12-07 Frank Warmerdam <warmerdam@pobox.com> + +@@ -4066,7 +4113,7 @@ + * Reissue 3.5.7 release. + + * libtiff/mkversion.c: Fix output of TIFF_VERSION to be +- YYYYMMDD so that it is increasing over time. ++ YYYYMMDD so that it is increasing over time. + + * Makefile.in: Ensure that tiffvers.h is regenerated in the + make release target. +@@ -4091,8 +4138,8 @@ + + 2001-10-10 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tiff.h: I have created COMPRESSION_CCITT_T4, +- COMPRESSION_CCITT_T6, TIFFTAG_T4OPTIONS and TIFFTAG_T6OPTIONS aliases ++ * libtiff/tiff.h: I have created COMPRESSION_CCITT_T4, ++ COMPRESSION_CCITT_T6, TIFFTAG_T4OPTIONS and TIFFTAG_T6OPTIONS aliases + in keeping with TIFF 6.0 standard in tiff.h + + http://bugzilla.remotesensing.org/show_bug.cgi?id=83 +@@ -4112,10 +4159,10 @@ + error about LZW not being available. + + * libtiff/tif_dir.c: propagate failure to initialize compression +- back from TIFFSetField() as an error status, so applications can ++ back from TIFFSetField() as an error status, so applications can + detect failure. + +- * libtiff/tif_dir.c: removed the auto replacement of ++ * libtiff/tif_dir.c: removed the auto replacement of + COMPRESSION_LZW with COMPRESSION_NONE in _TIFFVSetField(). + + * Removed Makefile, tools/Makefile, port/install.sh, man/Makefile +@@ -4123,7 +4170,7 @@ + + 2001-09-22 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_ojpeg.c: new update from Scott. ++ * libtiff/tif_ojpeg.c: new update from Scott. + + 2001-09-09 Frank Warmerdam <warmerdam@pobox.com> + +@@ -4142,7 +4189,7 @@ + + http://bugzilla.remotesensing.org/show_bug.cgi?id=47 + +- * tools/tiff2ps.c: added OJPEG YCbCr to RGB support. ++ * tools/tiff2ps.c: added OJPEG YCbCr to RGB support. + + * libtiff/tif_ojpeg.c: Applied substantial patch from Scott. + +@@ -4151,14 +4198,14 @@ + * libtiff/tif_packbits.c: fixed memory overrun error. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=77 +- ++ + 2001-08-31 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_getimage.c: relax handling of contig case where + there are extra samples that are supposed to be ignored. This +- should now work for 8bit greyscale or palletted images. ++ should now work for 8bit greyscale or palletted images. + +- http://bugzilla.remotesensing.org/show_bug.cgi?id=75 ++ http://bugzilla.remotesensing.org/show_bug.cgi?id=75 + + 2001-08-28 Frank Warmerdam <warmerdam@pobox.com> + +@@ -4171,15 +4218,15 @@ + + * libtiff/tif_getimage.c: Use memmove() instead of TIFFmemcpy() + in TIFFReadRGBATile() to avoid issues in cases of overlapping +- buffers. See Bug 69 in Bugzilla. ++ buffers. See Bug 69 in Bugzilla. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=69 +- ++ + * tools/tiff2rgba.c: fixed getopt() call so that -b works again. + + 2001-08-09 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tiff.h, libtiff/tif_fax3.c: added check for __LP64__ ++ * libtiff/tiff.h, libtiff/tif_fax3.c: added check for __LP64__ + when checking for 64 bit architectures as per bugzilla bug 67. + + 2001-07-27 Frank Warmerdam <warmerdam@pobox.com> +@@ -4189,7 +4236,7 @@ + + 2001-07-20 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_jpeg.c: Define HAVE_BOOLEAN on windows if RPCNDR.H ++ * libtiff/tif_jpeg.c: Define HAVE_BOOLEAN on windows if RPCNDR.H + has been included. + + 2001-07-19 Frank Warmerdam <warmerdam@pobox.com> +@@ -4201,11 +4248,11 @@ + + * libtiff/tif_ojpeg.c: updates from Scott. Handles colors + much better. Now depends on having patched libjpeg as per +- patch in contrib/ojpeg/*. ++ patch in contrib/ojpeg/*. + + 2001-07-17 Frank Warmerdam <warmerdam@pobox.com> + +- * */Makefile.in: added DESTDIR support. ++ * */Makefile.in: added DESTDIR support. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=60 + +@@ -4213,20 +4260,20 @@ + + * configure, libtiff/Makefile.in: applied OpenBSD patches + as per: +- ++ + http://bugzilla.remotesensing.org/show_bug.cgi?id=61 + + 2001-06-28 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/tif_getimage.c: Fixed so that failure is properly +- reported by gtTileContig, gtStripContig, gtTileSeparate and ++ reported by gtTileContig, gtStripContig, gtTileSeparate and + gtStripSeparate. + + See http://bugzilla.remotesensing.org/show_bug.cgi?id=51 + +- * tiffcmp.c: Fixed multi samples per pixel support for ContigCompare. ++ * tiffcmp.c: Fixed multi samples per pixel support for ContigCompare. + Updated bug section of tiffcmp.1 to note tiled file issues. +- ++ + See http://bugzilla.remotesensing.org/show_bug.cgi?id=53 + + 2001-06-22 Frank Warmerdam <warmerdam@pobox.com> +@@ -4267,10 +4314,10 @@ + + 2001-05-08 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tif_dirinfo.c: moved pixar and copyright flags to ++ * libtiff/tif_dirinfo.c: moved pixar and copyright flags to + ensure everything is in order. + +- * libtiff/libtiff.def: added TIFFCreateDirectory and ++ * libtiff/libtiff.def: added TIFFCreateDirectory and + TIFFDefaultStripSize as per: + + http://bugzilla.remotesensing.org/show_bug.cgi?id=46 +@@ -4279,10 +4326,10 @@ + + * libtiff/tif_dirinfo.c: Modified the TIFF_BYTE definition for + TIFFTAG_PHOTOSHOP to use a writecount of TIFF_VARIABLE2 (-3) to +- force use of uint32 counts instead of short counts. ++ force use of uint32 counts instead of short counts. + + * libtiff/tif_dirwrite.c: Added support for TIFF_VARIABLE2 in the +- case of writing TIFF_BYTE/TIFF_SBYTE fields. ++ case of writing TIFF_BYTE/TIFF_SBYTE fields. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=43 + +@@ -4318,20 +4365,20 @@ + with the inttypes.h include file on AIX. + + See http://bugzilla.remotesensing.org/show_bug.cgi?id=39 +- ++ + * VERSION: update to 3.5.7 beta in preparation for release. + + * configure/config.site: modified to check if -lm is needed for + MACHDEPLIBS if not supplied by config.site. Needed for Darwin. + +- * config.guess: updated wholesale to an FSF version apparently +- from 1998 (as opposed to 1994). This is mainly inspired by ++ * config.guess: updated wholesale to an FSF version apparently ++ from 1998 (as opposed to 1994). This is mainly inspired by + providing for MacOS X support. + + 2001-03-29 Frank Warmerdam <warmerdam@pobox.com> + + * configure, Makefile.in, etc: added support for OPTIMIZER being +- set from config.site. ++ set from config.site. + + 2001-03-28 Frank Warmerdam <warmerdam@pobox.com> + +@@ -4350,7 +4397,7 @@ + (in particular short ones) print properly. + + See http://bugzilla.remotesensing.org/show_bug.cgi?id=35 +- ++ + * tiff2ps.c/tiff2ps.1: Substantial changes to tiff2ps by + Bruce A. Mallett. See check message for detailed information + on all the changes, including a faster encoder, fixes for level +@@ -4358,7 +4405,7 @@ + + 2001-03-27 Frank Warmerdam <warmerdam@pobox.com> + +- * libtiff/tiffio.h: Changed "#if LOGLUV_PUBLIC" to ++ * libtiff/tiffio.h: Changed "#if LOGLUV_PUBLIC" to + "#ifdef LOGLUV_PUBLIC" so it will work with VisualAge on AIX. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=39 +@@ -4370,7 +4417,7 @@ + + 2001-03-13 Frank Warmerdam <warmerdam@pobox.com> + +- * tif_getimage.c: Added support for 16bit minisblack/miniswhite ++ * tif_getimage.c: Added support for 16bit minisblack/miniswhite + images in RGBA interface. + + 2001-03-02 Frank Warmerdam <warmerdam@pobox.com> +@@ -4381,29 +4428,29 @@ + + * Brent Roman contributed updated tiffcp utility (and tiffcp.1) + with support for extracting subimages with the ,n syntax, and also +- adding the -b bias removal flag. ++ adding the -b bias removal flag. + + 2001-02-16 Frank Warmerdam <warmerdam@pobox.com> + + * libtiff/libtiff.def: Brent Roman submitted new version adding +- serveral missing entry points. ++ serveral missing entry points. + + * libtiff/tif_dirinfo.c: don't declare tiffFieldInfo static on VMS. +- Some sort of weird VMS thing. ++ Some sort of weird VMS thing. + + http://bugzilla.remotesensing.org/show_bug.cgi?id=31 + +- * tif_luv.c/tiff.h/tiffio.h: +- New version of TIFF LogLuv (SGILOG) modules contributed by Greg Ward ++ * tif_luv.c/tiff.h/tiffio.h: ++ New version of TIFF LogLuv (SGILOG) modules contributed by Greg Ward + (greg@shutterfly.com). He writes: + + 1) I improved the gamut-mapping function in tif_luv.c for imaginary +- colors, because some images were being super-saturated on the input ++ colors, because some images were being super-saturated on the input + side and this resulted in some strange color shifts in the output. + + 2) I added a psuedotag in tiff.h to control random dithering during +- LogLuv encoding. This is turned off by default for 32-bit LogLuv and +- on for 24-bit LogLuv output. Dithering improves the average color ++ LogLuv encoding. This is turned off by default for 32-bit LogLuv and ++ on for 24-bit LogLuv output. Dithering improves the average color + accuracy over the image. + + 3) I added a #define for LOG_LUV_PUBLIC, which is enabled by default in +@@ -4416,20 +4463,20 @@ + 2001-01-23 Frank Warmerdam <warmerdam@pobox.com> + + * tif_fax3.c: keep rw_mode flag internal to fax3 state to remember +- whether we are encoding or decoding. This is to ensure graceful ++ whether we are encoding or decoding. This is to ensure graceful + recovery if TIFFClientOpen() discovers an attempt to open a compressed +- file for "r+" access, and subsequently close it, as it resets the ++ file for "r+" access, and subsequently close it, as it resets the + tif_mode flag to O_RDONLY in this case to avoid writes, confusing the + compressor's concept of whether it is in encode or decode mode. + +-2001-01-08 Mike Welles <mike@bangstate.com> ++2001-01-08 Mike Welles <mike@bangstate.com> + + * Makefile.in: Now cleaning up after itself after creating the .tar.gz and .zip +- ++ + 2001-01-07 Frank Warmerdam <warmerdam@pobox.com> + + * html/libtiff.html: Fixed arguments in example for TIFFRGBAImageGet() +- as per bug report by Patrick Connor. ++ as per bug report by Patrick Connor. + + 2000-12-28 Frank Warmerdam <warmerdam@pobox.com> + +@@ -4437,12 +4484,12 @@ + + * Fixed libtiff/makefile.vc to make tiffvers.h not version.h. + +-2000-12-22 Mike Welles <mike@bangstate.com> ++2000-12-22 Mike Welles <mike@bangstate.com> + * added link to CVS mirror from index.html +- +- * updated html/internals.html to note that LZW compression is +- not supported by default. +- ++ ++ * updated html/internals.html to note that LZW compression is ++ not supported by default. ++ + 2000-12-22 Frank Warmerdam <warmerdam@pobox.com> + + * updated html/libtiff.html to not point at Niles' old JPL web site +@@ -4454,19 +4501,19 @@ + Leonard Rosenthol <leonardr@lazerware.com>. May interfere + with correct building on older systems. If so, please let me know. + +-2000-12-19 Mike Welles <mike@bangsate.com> ++2000-12-19 Mike Welles <mike@bangsate.com> + +- * Took out LZW Encoding from tif_lzw.c ++ * Took out LZW Encoding from tif_lzw.c + + * Created HOWTO-RELEASE + + * Created html/v3.5.6.html + + * updated index.html +- ++ + 2000-12-01 Frank Warmerdam <warmerdam@pobox.com> + +- * Added patches for EOFB support in tif_fax3.c and tif_fax3.h. ++ * Added patches for EOFB support in tif_fax3.c and tif_fax3.h. + Patches supplied by Frank Cringle <fdc@cliwe.ping.de> + Example file at: ftp://ftp.remotesensing.org/pub/libtiff/eofb_396.tif + +@@ -4480,30 +4527,30 @@ + targets so libtiff.so will be built with an explicit dependency + on libm.so. + +- * libtiff/Makefile.in: Use softlinks to link libtiff.so.3 to +- libtiff.so.3.5.5. ++ * libtiff/Makefile.in: Use softlinks to link libtiff.so.3 to ++ libtiff.so.3.5.5. + +- * libtiff/Makefile.in & configure: Remove all references to the ALPHA +- file, or ALPHA version logic. Added stuff about DIST_POINT in ++ * libtiff/Makefile.in & configure: Remove all references to the ALPHA ++ file, or ALPHA version logic. Added stuff about DIST_POINT in + place of DIST_TYPE and the alpha release number stuff. + + 2000-11-22 Frank Warmerdam <warmerdam@pobox.com> + + * I have applied a patch from Steffen Moeller <moeller@ebi.ac.uk> to +- the configure script so that it now accepts the --prefix, and +- --exec-prefix directives. ++ the configure script so that it now accepts the --prefix, and ++ --exec-prefix directives. + + 2000-11-13 Frank Warmerdam <warmerda@cs46980-c> + +- * I have made a variety of modifications in an effort to ensure the ++ * I have made a variety of modifications in an effort to ensure the + TIFFLIB_VERSION macro is automatically generated from the RELEASE-DATE +- file which seems to be updated regularly. ++ file which seems to be updated regularly. + +- o mkversion.c now reads RELEASE-DATE and emits TIFFLIB_VERSION in +- version include file. +- o renamed version.h to tiffvers.h because we now have to install it +- with the public libtiff include files. +- o include tiffvers.h in tiffio.h. ++ o mkversion.c now reads RELEASE-DATE and emits TIFFLIB_VERSION in ++ version include file. ++ o renamed version.h to tiffvers.h because we now have to install it ++ with the public libtiff include files. ++ o include tiffvers.h in tiffio.h. + o updated tif_version.c to use tiffvers.h. + o Updated Makefile.in accordingly. + +@@ -4517,13 +4564,13 @@ + See http://bugzilla.remotesensing.org/show_bug.cgi?id=20 + Some patches from Rick LaMont of Dot C Software. + +- * Modified tif_packbits.c encoder to avoid compressing more ++ * Modified tif_packbits.c encoder to avoid compressing more + data than provided if rowsize doesn't factor into provided data + (such as occurs for YCbCr). + + 2000-10-19 Frank Warmerdam <warmerda@cs46980-c> + +- * tools/rgb2ycbcr.c: fixed output strip size to account for vertical ++ * tools/rgb2ycbcr.c: fixed output strip size to account for vertical + roundup if rows_per_strip not a multiple of vertical sample size. + + 2000-10-16 Frank Warmerdam <warmerda@cs46980-c> +@@ -4539,8 +4586,8 @@ + 2000-10-12 Frank Warmerdam <warmerda@cs46980-c> + + * Modified tiff2bw to ensure portions add to 100%, and that +- white is properly recovered. +- ++ white is properly recovered. ++ + See bug http://bugzilla.remotesensing.org/show_bug.cgi?id=15 + Patch c/o Stanislav Brabec <utx@penguin.cz> + +@@ -4554,26 +4601,26 @@ + + 2000-09-27 Frank Warmerdam <warmerda@cs46980-c> + +- * Added GNULDdso target an`d switched linux and freebsd to use it. ++ * Added GNULDdso target an`d switched linux and freebsd to use it. + + 2000-09-26 Frank Warmerdam <warmerda@cs46980-c> + + * Applied patch for 0x0000 sequences in tif_fax3.h's definition +- of EXPAND1D() as per bug 11 (from Roman). ++ of EXPAND1D() as per bug 11 (from Roman). + + 2000-09-25 Frank Warmerdam <warmerda@cs46980-c> + * Fixed tiffcomp.h to avoid win32 stuff if unix #defined, to improve + cygwin compatibility. + + * Applied patch from Roman Shpount to tif_fax3.c. This seems to +- be a proper fix to the buffer sizing problem. See ++ be a proper fix to the buffer sizing problem. See + http://bugzilla.remotesensing.org/show_bug.cgi?id=11 + + * Fixed tif_getimage.c to fix overrun bug with YCbCr images without + downsampling. http://bugzilla.remotesensing.org/show_bug.cgi?id=10 + Thanks to Nick Lamb <njl98r@ecs.soton.ac.uk> for reporting the + bug and proving the patch. +- ++ + 2000-09-18 Frank Warmerdam <warmerda@cs46980-c> + + * Fixed tif_jpeg.c so avoid destroying the decompressor before +@@ -4603,15 +4650,15 @@ + * Tentatively added support for SAMPLEFORMAT_COMPLEXIEEEFP, and + SAMPLEFORMAT_COMPLEXINT. + +-2000-07-13 Mike Welles <mike@onshore.com> ++2000-07-13 Mike Welles <mike@onshore.com> ++ ++ * index.html, bugs.html: added bugzilla info. + +- * index.html, bugs.html: added bugzilla info. +- + 2000-07-12 Frank Warmerdam <warmerda@rommel.atlsci.com> + + * tif_read.c: fix subtle bug with determining the number of + rows for strips that are the last strip in a separation but +- not the last strip of all in TIFFReadEncodedStrip(). ++ not the last strip of all in TIFFReadEncodedStrip(). + + * Applied 16/32 bit fix to tif_fax3.c. Fix supplied by + Peter Skarpetis <peters@serendipity-software.com.au> +@@ -4633,7 +4680,7 @@ + + * libtiff/tif_dirread.c: Don't use estimate strip byte count for + one tile/strip images with an offset, and byte count of zero. These +- could be "unpopulated" images. ++ could be "unpopulated" images. + + 2000-04-18 Frank Warmerdam <warmerda@rommel.atlsci.com> + +@@ -4648,17 +4695,17 @@ Tue Apr 18 16:18:08 2000 Frank Warmerdam <warmerda@esabot.atlsci.com> + 2000-04-12 Mike Welles <mike@onshore.com> + * configure: Fixed stupid mistake in libc6 test on Linux + +-2000-04-04 Mike Welles <mike@onshore.com> ++2000-04-04 Mike Welles <mike@onshore.com> + * tif_win32.c: Applied patch to fix overreads and ovverwrites +- caught by BoundsChecker. From Arvan Pritchard +- <arvan.pritchard@infomatix.co.uk> (untested). +- +- * tif_getimage.c: Applied patch to silence VC6 warnings. From ++ caught by BoundsChecker. From Arvan Pritchard ++ <arvan.pritchard@infomatix.co.uk> (untested). ++ ++ * tif_getimage.c: Applied patch to silence VC6 warnings. From + Arvan Pritchard <arvan.pritchard@informatix.co.uk> +- +- * tif_lzw.c: Applied patch to silence VC6 warnings. From ++ ++ * tif_lzw.c: Applied patch to silence VC6 warnings. From + Arvan Pritchard <arvan.pritchard@informatix.co.uk> +- ++ + 2000-03-28 Frank Warmerdam <warmerda@cs46980-c> + + * Added contrib/stream (stream io) code submitted by Avi Bleiweiss. +@@ -4668,34 +4715,34 @@ Tue Apr 18 16:18:08 2000 Frank Warmerdam <warmerda@esabot.atlsci.com> + * fax2ps: Fixed mixup of width and height in bounding box statement + as per submission by Nalin Dahyabhai <nalin@redhat.com>. + +-2000-03-27 Mike Welles <mike@onshore.com> ++2000-03-27 Mike Welles <mike@onshore.com> + +- * fax2ps: Modified printruns to take uint32 instead of uint16. +- Patch courtesy of Bernt Herd <herd@herdsoft.com> +- +-2000-03-20 Mike Welles <mike@onshore.com> ++ * fax2ps: Modified printruns to take uint32 instead of uint16. ++ Patch courtesy of Bernt Herd <herd@herdsoft.com> + +- * configure: added test for libc6 for linux targets. Bug reported by ++2000-03-20 Mike Welles <mike@onshore.com> ++ ++ * configure: added test for libc6 for linux targets. Bug reported by + Stanislav Brabec <utx@k332.feld.cvut.cz> + +- * Added 3.5 docs to html/Makefile.in. ++ * Added 3.5 docs to html/Makefile.in. + Thanks to Stanislav Brabec <utx@k332.feld.cvut.cz> + +- * configure: fixed bugs in sed scripts +- (applied sed script s:/@:s;@:;s:/s;;:;: to configure). ++ * configure: fixed bugs in sed scripts ++ (applied sed script s:/@:s;@:;s:/s;;:;: to configure). + fix submitted to Stanislav Brabec <utx@k332.feld.cvut.cz> + +- * tools/iptcutil was not in files list, and wasn't being ++ * tools/iptcutil was not in files list, and wasn't being + added to tar archive. Updated Makefile.in. + + 2000-03-17 Frank Warmerdam <warmerda@cs46980-c> + + * tif_fax3.c: Fixed serious bug introduced during the uint16->uint32 +- conversion for the run arrays. ++ conversion for the run arrays. + + 2000-03-03 Frank Warmerdam <warmerda@cs46980-c.mtnk1.on.wave.home.com> + +- * Set td_sampleformat default to SAMPLEFORMAT_UINT instead of ++ * Set td_sampleformat default to SAMPLEFORMAT_UINT instead of + SAMPLEFORMAT_VOID in TIFFDefaultDirectory() in tif_dir.c. + + 2000-03-02 Frank Warmerdam <warmerda@cs46980-c.mtnk1.on.wave.home.com> +@@ -4716,20 +4763,20 @@ Tue Feb 15 22:01:05 2000 Frank Warmerdam <warmerda@gdal.velocet.ca> + set to 1, and added default (off) setting in tiffconf.h. This + should eventually be set by the configure script somehow. + +- The original work on all these 2-4GB changes was done by ++ The original work on all these 2-4GB changes was done by + Peter Smith (psmith@creo.com). + + * Modified tif_win32.c to support 2-4GB seeks. + + * tentatively changed toff_t to be unsigned instead of signed to +- facilitate support for 2-4GB files. ++ facilitate support for 2-4GB files. + + * Updated a variety of files to use toff_t. Fixed some mixups + between toff_t and tsize_t. + + Fri Jan 28 10:13:49 2000 Frank Warmerdam <warmerda@gdal.velocet.ca> + +- * Largely reimplemented contrib/addtiffo to avoid temp files, ++ * Largely reimplemented contrib/addtiffo to avoid temp files, + updating the TIFF file in place. Fixed a few other bugs to. + + * Set tif_rawdatasize to zero when freeing raw data buffer in +@@ -4738,7 +4785,7 @@ Fri Jan 28 10:13:49 2000 Frank Warmerdam <warmerda@gdal.velocet.ca> + * Enabled "REWRITE_HACK" in tif_write.c by default. + + * Fix bug in tif_write.c when switching between reading one directory +- and writing to another. ++ and writing to another. + + * Made TIFFWriteCheck() public, and added TIFFCreateDirectory() + +@@ -4750,41 +4797,41 @@ Tue Jan 4 13:39:00 2000 Frank Warmerdam <warmerda@gdal.velocet.ca> + + * Added libtiff/libtiff.def to TIFFILES distribution list. + +-Mon Dec 27 12:13:39 EST 1999 Mike Welles <mike@onshore.com> ++Mon Dec 27 12:13:39 EST 1999 Mike Welles <mike@onshore.com> + +- * Created lzw compression kit, as a new module (libtiff-lzw-compression-kit). ++ * Created lzw compression kit, as a new module (libtiff-lzw-compression-kit). + + * Altered descriptions in tools to reflect "by default" lzw not supported + +- * Updated index.html to note lzw compression kit. +- ++ * Updated index.html to note lzw compression kit. ++ + Tue Dec 21 14:01:51 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + +- * Added fax3sm_winnt.c to distribution list in Makefile.in. ++ * Added fax3sm_winnt.c to distribution list in Makefile.in. + + Tue Dec 21 11:04:45 EST 1999 Mike Welles <mike@onshore.com> *** 3.5.4 release *** +- +- * Aadded Pixar tag support. Contributed by Phil Beffery <phil@pixar.com> + +- * Made one more change to tif_dir.c for removal of LZW compression. Also added notice +- when LZW compression invoked. ++ * Aadded Pixar tag support. Contributed by Phil Beffery <phil@pixar.com> ++ ++ * Made one more change to tif_dir.c for removal of LZW compression. Also added notice ++ when LZW compression invoked. + + * Changed default compression in tools to TIFF_PACKBITS, and changed usage descriptions + in tools to reflect removal of LZW compression +- ++ + Mon Dec 20 18:39:02 EST 1999 Mike Welles <mike@onshore.com> + +- * Fixed bug that caused LZW (non) compression to segfault. Added +- warning about LZW compression removed being removed, and why. ++ * Fixed bug that caused LZW (non) compression to segfault. Added ++ warning about LZW compression removed being removed, and why. ++ ++ * Added nostrip to install in tools/Makefile.in so that debugging ++ symbols are kept. + +- * Added nostrip to install in tools/Makefile.in so that debugging +- symbols are kept. +- + Tue Dec 7 12:04:47 EST 1999 Mike Welles <mike@onshore.com> + +- * Added patch from Ivo Penzar <ivo.penzar@infolink-software.com>, +- supporting Adobe ZIP deflate. Untested. +- ++ * Added patch from Ivo Penzar <ivo.penzar@infolink-software.com>, ++ supporting Adobe ZIP deflate. Untested. ++ + Sat Dec 4 15:47:11 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + + * Made Packbits the default compression in tools/tiff2rgba.c instead +@@ -4794,12 +4841,12 @@ Tue Nov 30 14:41:43 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> *** 3.5 + + * Added tif_luv to contrib/djgpp/Makefile.lib. + +-Tue Nov 30 14:15:32 EST 1999 Mike Welles <mike@onshore.com> ++Tue Nov 30 14:15:32 EST 1999 Mike Welles <mike@onshore.com> ++ ++ * Added zip creation to relase makefile target + +- * Added zip creation to relase makefile target ++ * Added html for TIFFWriteTile.3t man page. + +- * Added html for TIFFWriteTile.3t man page. +- + Tue Nov 30 09:20:16 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + + * Added some changes to tif_write.c to support rewriting existing +@@ -4812,26 +4859,26 @@ Mon Nov 29 11:43:42 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + + Sun Nov 28 20:36:18 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + +- * Added notes on use of makefile.vc in build.html, and fixed ++ * Added notes on use of makefile.vc in build.html, and fixed + email subscription address. + +-199-11-28 Mike Welles <mike@onshore.com> ++1999-11-28 Mike Welles <mike@onshore.com> + +- * Fixed apocalypse-inducing y2k bug in contrib/ras/ras2tiff.c ++ * Fixed apocalypse-inducing y2k bug in contrib/ras/ras2tiff.c + + * Did some casts cleaning up to reduce compiler warnings in tif_fax3.c, +- from Bruce Carmeron <cameron@petris.com> -- modifications of +- changes made by Frank (sun cc still complained on cast). ++ from Bruce Carmeron <cameron@petris.com> -- modifications of ++ changes made by Frank (sun cc still complained on cast). + + * Added tiffconf.h to install target per request from Bill + Radcliffe <billr@corbis.com>: "We need a way for ImageMagick to + know features have been compiled into the TIFF library in order to +- handle things properly". +- ++ handle things properly". ++ + Sat Nov 27 16:49:21 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + + * fixed various VC++ warnings as suggested by Gilles Vollant +- <info@winimage.com>. ++ <info@winimage.com>. + + Wed Nov 24 12:08:16 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + +@@ -4840,59 +4887,59 @@ Wed Nov 24 12:08:16 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + + 1999-11-22 Mike Welles <mike@onshore.com> + * HTML-ized the man pages, added to html/man +- +- * Removed LZW Compression to comply with Unisys patent extortion. +- +-1999-09-29 Mike Welles <mike@onshore.com> +- * Corrected one remaining 16 -> 32 bit value in tif_fax3.c, +- From Ivo Penzar <ivo.penzar@infolink-software.com. ++ ++ * Removed LZW Compression to comply with Unisys patent extortion. ++ ++1999-09-29 Mike Welles <mike@onshore.com> ++ * Corrected one remaining 16 -> 32 bit value in tif_fax3.c, ++ From Ivo Penzar <ivo.penzar@infolink-software.com. + + * Added patch from Ivo Penzar to have TiffAdvanceDirectory handle + memory mapped files. <ivo.penzar@infolink-software.com> +- ++ + 1999-09-26 Mike Welles <mike@onshore.com> *** 3.5.2 release *** +- * Corrected alpha versioning. ++ * Corrected alpha versioning. + +- * Removed distinction between alpha and release targets in Makefile.in. ++ * Removed distinction between alpha and release targets in Makefile.in. + +- * added release.stamp target, which tags cvs tree, and updates ++ * added release.stamp target, which tags cvs tree, and updates + "RELEASE-DATE" + +- * added releasediff target, which diffs tree with source as of ++ * added releasediff target, which diffs tree with source as of + date in "RELEASE-DATE" +- +- * Ticked up version to 3.5.2 (alpha 01 -- but I think we'll moving +- away from alpha/non-alpha distinctions). + +- * updated html to reflect release +- ++ * Ticked up version to 3.5.2 (alpha 01 -- but I think we'll moving ++ away from alpha/non-alpha distinctions). ++ ++ * updated html to reflect release ++ + 1999-09-23 <warmerda@CS46980-B> + + * Set O_BINARY for tif_unix.c open() ... used on cygwin for instance. + + * Added CYGWIN case in configure. + +-Fri Sep 17 00:13:51 CEST 1999 Mike Welles <mike@onshore.com> ++Fri Sep 17 00:13:51 CEST 1999 Mike Welles <mike@onshore.com> ++ ++ * Applied Francois Dagand's patch to handle fax decompression bug. ++ (sizes >= 65536 were failing) + +- * Applied Francois Dagand's patch to handle fax decompression bug. +- (sizes >= 65536 were failing) +- + Tue Sep 14 21:31:43 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + +- * Applied "a" mode fix to tif_win32.c/TIFFOpen() as suggested ++ * Applied "a" mode fix to tif_win32.c/TIFFOpen() as suggested + by Christopher Lawton <clawton@mathworks.com> + + Wed Sep 8 08:19:18 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + +- * Added IRIX/gcc, and OSF/1 4.x support on behalf of ++ * Added IRIX/gcc, and OSF/1 4.x support on behalf of + Albert Chin-A-Young <china@thewrittenword.com> + +- * Added TIFFReassignTagToIgnore() API on behalf of ++ * Added TIFFReassignTagToIgnore() API on behalf of + Bruce Cameron <cameron@petris.com>. Man page still pending. + + Wed Aug 25 11:39:07 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + +- * Added test target in Makefile, test_pics.sh script and pics/*.rpt ++ * Added test target in Makefile, test_pics.sh script and pics/*.rpt + files to provide for a rudimentary testsuite. + + * Added contrib/tags back from old distribution ... fixed up a bit. +@@ -4900,7 +4947,7 @@ Wed Aug 25 11:39:07 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + 1999-08-16 <warmerda@CS46980-B> + + * Added simple makefile.vc makefiles for building with MS VC++ +- on Windows NT/98/95 in console mode. Stuff in contrib/win* make give ++ on Windows NT/98/95 in console mode. Stuff in contrib/win* make give + better solutions for some users. + + Mon Aug 16 21:52:11 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> +@@ -4910,20 +4957,20 @@ Mon Aug 16 21:52:11 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + + 1999-08-16 Michael L. Welles <mike@kurtz.fake> + +- * Updated html/index.html with anon CVS instructions. ++ * Updated html/index.html with anon CVS instructions. + + Mon Aug 16 13:18:41 1999 Frank Warmerdam <warmerda@gdal.velocet.ca> + +- * pre-remove so link before softlink in LINUXdso action in ++ * pre-remove so link before softlink in LINUXdso action in + libtiff/Makefile.in to avoid failure on LINUXdso builds other than + the first. + + * Fixed problem with cvtcmap() in tif_getimage.c modifying the + colormaps owned by the TIFF handle itself when trying to fixup wrong + (eight bit) colormaps. Corrected by maintaining a private copy of +- the colormap. ++ the colormap. + +- * Added TIFFReadRGBATile()/TIFFReadRGBAStrip() support in ++ * Added TIFFReadRGBATile()/TIFFReadRGBAStrip() support in + tif_getimage.c. + + * CVS Repository placed at remotesensing.org. ChangeLog added. +diff --git a/Makefile.in b/Makefile.in +index 72fbbf3..2ed5682 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/aclocal.m4 b/aclocal.m4 +index d7d14c8..9293eda 100644 +--- a/aclocal.m4 ++++ b/aclocal.m4 +@@ -1,4 +1,4 @@ +-# generated automatically by aclocal 1.12.4 -*- Autoconf -*- ++# generated automatically by aclocal 1.12.5 -*- Autoconf -*- + + # Copyright (C) 1996-2012 Free Software Foundation, Inc. + +@@ -34,7 +34,7 @@ AC_DEFUN([AM_AUTOMAKE_VERSION], + [am__api_version='1.12' + dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to + dnl require some minimum version. Point them to the right macro. +-m4_if([$1], [1.12.4], [], ++m4_if([$1], [1.12.5], [], + [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl + ]) + +@@ -50,7 +50,7 @@ m4_define([_AM_AUTOCONF_VERSION], []) + # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. + # This function is AC_REQUIREd by AM_INIT_AUTOMAKE. + AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], +-[AM_AUTOMAKE_VERSION([1.12.4])dnl ++[AM_AUTOMAKE_VERSION([1.12.5])dnl + m4_ifndef([AC_AUTOCONF_VERSION], + [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl + _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) +diff --git a/build/Makefile.in b/build/Makefile.in +index 1a316b1..cea7a08 100644 +--- a/build/Makefile.in ++++ b/build/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/Makefile.in b/contrib/Makefile.in +index ae67554..72be7a3 100644 +--- a/contrib/Makefile.in ++++ b/contrib/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/acorn/Makefile.in b/contrib/acorn/Makefile.in +index 1e966b4..5a73941 100644 +--- a/contrib/acorn/Makefile.in ++++ b/contrib/acorn/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/addtiffo/Makefile.in b/contrib/addtiffo/Makefile.in +index 25a6e8b..e07640c 100644 +--- a/contrib/addtiffo/Makefile.in ++++ b/contrib/addtiffo/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/dbs/Makefile.in b/contrib/dbs/Makefile.in +index f5b3ee5..d5e7b40 100644 +--- a/contrib/dbs/Makefile.in ++++ b/contrib/dbs/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/dbs/xtiff/Makefile.in b/contrib/dbs/xtiff/Makefile.in +index 2d1ce94..c655c54 100644 +--- a/contrib/dbs/xtiff/Makefile.in ++++ b/contrib/dbs/xtiff/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/dbs/xtiff/xtiff.c b/contrib/dbs/xtiff/xtiff.c +index 7fe3977..de0b2a7 100644 +--- a/contrib/dbs/xtiff/xtiff.c ++++ b/contrib/dbs/xtiff/xtiff.c +@@ -1,5 +1,5 @@ + /* +- * $Id: xtiff.c,v 1.2.2.1 2010-06-08 18:50:40 bfriesen Exp $ ++ * $Id: xtiff.c,v 1.2.2.2 2013-05-02 14:44:43 tgl Exp $ + * + * xtiff - view a TIFF file in an X window + * +@@ -512,9 +512,9 @@ SetNameLabel() + Arg args[1]; + + if (tfMultiPage) +- sprintf(buffer, "%s - page %d", fileName, tfDirectory); ++ snprintf(buffer, sizeof(buffer), "%s - page %d", fileName, tfDirectory); + else +- strcpy(buffer, fileName); ++ snprintf(buffer, sizeof(buffer), "%s", fileName); + XtSetArg(args[0], XtNlabel, buffer); + XtSetValues(labelWidget, args, 1); + } +diff --git a/contrib/iptcutil/Makefile.in b/contrib/iptcutil/Makefile.in +index 75b1ca3..5858c03 100644 +--- a/contrib/iptcutil/Makefile.in ++++ b/contrib/iptcutil/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/mac-cw/Makefile.in b/contrib/mac-cw/Makefile.in +index a94a33a..054d44e 100644 +--- a/contrib/mac-cw/Makefile.in ++++ b/contrib/mac-cw/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/mac-mpw/Makefile.in b/contrib/mac-mpw/Makefile.in +index 8fdaae1..7dd27d7 100644 +--- a/contrib/mac-mpw/Makefile.in ++++ b/contrib/mac-mpw/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/mfs/Makefile.in b/contrib/mfs/Makefile.in +index 230c925..4ee41af 100644 +--- a/contrib/mfs/Makefile.in ++++ b/contrib/mfs/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/pds/Makefile.in b/contrib/pds/Makefile.in +index 3511f62..fa0bcf7 100644 +--- a/contrib/pds/Makefile.in ++++ b/contrib/pds/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/ras/Makefile.in b/contrib/ras/Makefile.in +index 88907bf..e33a00f 100644 +--- a/contrib/ras/Makefile.in ++++ b/contrib/ras/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/stream/Makefile.in b/contrib/stream/Makefile.in +index 9c9dffb..1c36a7f 100644 +--- a/contrib/stream/Makefile.in ++++ b/contrib/stream/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/tags/Makefile.in b/contrib/tags/Makefile.in +index e378f32..891d565 100644 +--- a/contrib/tags/Makefile.in ++++ b/contrib/tags/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/contrib/win_dib/Makefile.in b/contrib/win_dib/Makefile.in +index 0f68e76..45bf928 100644 +--- a/contrib/win_dib/Makefile.in ++++ b/contrib/win_dib/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/html/Makefile.in b/html/Makefile.in +index b9f86c8..a85ebd6 100644 +--- a/html/Makefile.in ++++ b/html/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/html/images/Makefile.in b/html/images/Makefile.in +index 1b96240..eaf50a3 100644 +--- a/html/images/Makefile.in ++++ b/html/images/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/html/man/Makefile.in b/html/man/Makefile.in +index 3a5278e..98226c3 100644 +--- a/html/man/Makefile.in ++++ b/html/man/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/libtiff/Makefile.in b/libtiff/Makefile.in +index 6a7c415..69e59c7 100644 +--- a/libtiff/Makefile.in ++++ b/libtiff/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/libtiff/tif_codec.c b/libtiff/tif_codec.c +index d5c6fd1..5a38184 100644 +--- a/libtiff/tif_codec.c ++++ b/libtiff/tif_codec.c +@@ -1,4 +1,4 @@ +-/* $Id: tif_codec.c,v 1.10.2.2 2010-06-08 18:50:41 bfriesen Exp $ */ ++/* $Id: tif_codec.c,v 1.10.2.3 2013-05-02 14:44:43 tgl Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -104,7 +104,8 @@ _notConfigured(TIFF* tif) + const TIFFCodec* c = TIFFFindCODEC(tif->tif_dir.td_compression); + char compression_code[20]; + +- sprintf( compression_code, "%d", tif->tif_dir.td_compression ); ++ snprintf(compression_code, sizeof(compression_code), "%d", ++ tif->tif_dir.td_compression ); + TIFFErrorExt(tif->tif_clientdata, tif->tif_name, + "%s compression support is not configured", + c ? c->name : compression_code ); +diff --git a/libtiff/tif_dirinfo.c b/libtiff/tif_dirinfo.c +index 76ef572..417a2e3 100644 +--- a/libtiff/tif_dirinfo.c ++++ b/libtiff/tif_dirinfo.c +@@ -1,4 +1,4 @@ +-/* $Id: tif_dirinfo.c,v 1.65.2.10 2010-07-06 14:14:41 dron Exp $ */ ++/* $Id: tif_dirinfo.c,v 1.65.2.11 2013-05-02 14:44:43 tgl Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -869,7 +869,7 @@ _TIFFCreateAnonFieldInfo(TIFF *tif, ttag_t tag, TIFFDataType field_type) + * note that this name is a special sign to TIFFClose() and + * _TIFFSetupFieldInfo() to free the field + */ +- sprintf(fld->field_name, "Tag %d", (int) tag); ++ snprintf(fld->field_name, 32, "Tag %d", (int) tag); + + return fld; + } +diff --git a/libtiff/tif_pixarlog.c b/libtiff/tif_pixarlog.c +index ed8eb40..6e127fb 100644 +--- a/libtiff/tif_pixarlog.c ++++ b/libtiff/tif_pixarlog.c +@@ -1,4 +1,4 @@ +-/* $Id: tif_pixarlog.c,v 1.15.2.4 2010-06-08 18:50:42 bfriesen Exp $ */ ++/* $Id: tif_pixarlog.c,v 1.15.2.5 2012-12-10 17:38:54 tgl Exp $ */ + + /* + * Copyright (c) 1996-1997 Sam Leffler +@@ -117,9 +117,9 @@ horizontalAccumulateF(uint16 *wp, int n, int stride, float *op, + if (n >= stride) { + mask = CODE_MASK; + if (stride == 3) { +- t0 = ToLinearF[cr = wp[0]]; +- t1 = ToLinearF[cg = wp[1]]; +- t2 = ToLinearF[cb = wp[2]]; ++ t0 = ToLinearF[cr = (wp[0] & mask)]; ++ t1 = ToLinearF[cg = (wp[1] & mask)]; ++ t2 = ToLinearF[cb = (wp[2] & mask)]; + op[0] = t0; + op[1] = t1; + op[2] = t2; +@@ -136,10 +136,10 @@ horizontalAccumulateF(uint16 *wp, int n, int stride, float *op, + op[2] = t2; + } + } else if (stride == 4) { +- t0 = ToLinearF[cr = wp[0]]; +- t1 = ToLinearF[cg = wp[1]]; +- t2 = ToLinearF[cb = wp[2]]; +- t3 = ToLinearF[ca = wp[3]]; ++ t0 = ToLinearF[cr = (wp[0] & mask)]; ++ t1 = ToLinearF[cg = (wp[1] & mask)]; ++ t2 = ToLinearF[cb = (wp[2] & mask)]; ++ t3 = ToLinearF[ca = (wp[3] & mask)]; + op[0] = t0; + op[1] = t1; + op[2] = t2; +@@ -183,9 +183,9 @@ horizontalAccumulate12(uint16 *wp, int n, int stride, int16 *op, + if (n >= stride) { + mask = CODE_MASK; + if (stride == 3) { +- t0 = ToLinearF[cr = wp[0]] * SCALE12; +- t1 = ToLinearF[cg = wp[1]] * SCALE12; +- t2 = ToLinearF[cb = wp[2]] * SCALE12; ++ t0 = ToLinearF[cr = (wp[0] & mask)] * SCALE12; ++ t1 = ToLinearF[cg = (wp[1] & mask)] * SCALE12; ++ t2 = ToLinearF[cb = (wp[2] & mask)] * SCALE12; + op[0] = CLAMP12(t0); + op[1] = CLAMP12(t1); + op[2] = CLAMP12(t2); +@@ -202,10 +202,10 @@ horizontalAccumulate12(uint16 *wp, int n, int stride, int16 *op, + op[2] = CLAMP12(t2); + } + } else if (stride == 4) { +- t0 = ToLinearF[cr = wp[0]] * SCALE12; +- t1 = ToLinearF[cg = wp[1]] * SCALE12; +- t2 = ToLinearF[cb = wp[2]] * SCALE12; +- t3 = ToLinearF[ca = wp[3]] * SCALE12; ++ t0 = ToLinearF[cr = (wp[0] & mask)] * SCALE12; ++ t1 = ToLinearF[cg = (wp[1] & mask)] * SCALE12; ++ t2 = ToLinearF[cb = (wp[2] & mask)] * SCALE12; ++ t3 = ToLinearF[ca = (wp[3] & mask)] * SCALE12; + op[0] = CLAMP12(t0); + op[1] = CLAMP12(t1); + op[2] = CLAMP12(t2); +@@ -247,9 +247,9 @@ horizontalAccumulate16(uint16 *wp, int n, int stride, uint16 *op, + if (n >= stride) { + mask = CODE_MASK; + if (stride == 3) { +- op[0] = ToLinear16[cr = wp[0]]; +- op[1] = ToLinear16[cg = wp[1]]; +- op[2] = ToLinear16[cb = wp[2]]; ++ op[0] = ToLinear16[cr = (wp[0] & mask)]; ++ op[1] = ToLinear16[cg = (wp[1] & mask)]; ++ op[2] = ToLinear16[cb = (wp[2] & mask)]; + n -= 3; + while (n > 0) { + wp += 3; +@@ -260,10 +260,10 @@ horizontalAccumulate16(uint16 *wp, int n, int stride, uint16 *op, + op[2] = ToLinear16[(cb += wp[2]) & mask]; + } + } else if (stride == 4) { +- op[0] = ToLinear16[cr = wp[0]]; +- op[1] = ToLinear16[cg = wp[1]]; +- op[2] = ToLinear16[cb = wp[2]]; +- op[3] = ToLinear16[ca = wp[3]]; ++ op[0] = ToLinear16[cr = (wp[0] & mask)]; ++ op[1] = ToLinear16[cg = (wp[1] & mask)]; ++ op[2] = ToLinear16[cb = (wp[2] & mask)]; ++ op[3] = ToLinear16[ca = (wp[3] & mask)]; + n -= 4; + while (n > 0) { + wp += 4; +@@ -342,9 +342,9 @@ horizontalAccumulate8(uint16 *wp, int n, int stride, unsigned char *op, + if (n >= stride) { + mask = CODE_MASK; + if (stride == 3) { +- op[0] = ToLinear8[cr = wp[0]]; +- op[1] = ToLinear8[cg = wp[1]]; +- op[2] = ToLinear8[cb = wp[2]]; ++ op[0] = ToLinear8[cr = (wp[0] & mask)]; ++ op[1] = ToLinear8[cg = (wp[1] & mask)]; ++ op[2] = ToLinear8[cb = (wp[2] & mask)]; + n -= 3; + while (n > 0) { + n -= 3; +@@ -355,10 +355,10 @@ horizontalAccumulate8(uint16 *wp, int n, int stride, unsigned char *op, + op[2] = ToLinear8[(cb += wp[2]) & mask]; + } + } else if (stride == 4) { +- op[0] = ToLinear8[cr = wp[0]]; +- op[1] = ToLinear8[cg = wp[1]]; +- op[2] = ToLinear8[cb = wp[2]]; +- op[3] = ToLinear8[ca = wp[3]]; ++ op[0] = ToLinear8[cr = (wp[0] & mask)]; ++ op[1] = ToLinear8[cg = (wp[1] & mask)]; ++ op[2] = ToLinear8[cb = (wp[2] & mask)]; ++ op[3] = ToLinear8[ca = (wp[3] & mask)]; + n -= 4; + while (n > 0) { + n -= 4; +@@ -393,9 +393,9 @@ horizontalAccumulate8abgr(uint16 *wp, int n, int stride, unsigned char *op, + mask = CODE_MASK; + if (stride == 3) { + op[0] = 0; +- t1 = ToLinear8[cb = wp[2]]; +- t2 = ToLinear8[cg = wp[1]]; +- t3 = ToLinear8[cr = wp[0]]; ++ t1 = ToLinear8[cb = (wp[2] & mask)]; ++ t2 = ToLinear8[cg = (wp[1] & mask)]; ++ t3 = ToLinear8[cr = (wp[0] & mask)]; + op[1] = t1; + op[2] = t2; + op[3] = t3; +@@ -413,10 +413,10 @@ horizontalAccumulate8abgr(uint16 *wp, int n, int stride, unsigned char *op, + op[3] = t3; + } + } else if (stride == 4) { +- t0 = ToLinear8[ca = wp[3]]; +- t1 = ToLinear8[cb = wp[2]]; +- t2 = ToLinear8[cg = wp[1]]; +- t3 = ToLinear8[cr = wp[0]]; ++ t0 = ToLinear8[ca = (wp[3] & mask)]; ++ t1 = ToLinear8[cb = (wp[2] & mask)]; ++ t2 = ToLinear8[cg = (wp[1] & mask)]; ++ t3 = ToLinear8[cr = (wp[0] & mask)]; + op[0] = t0; + op[1] = t1; + op[2] = t2; +@@ -630,10 +630,10 @@ PixarLogGuessDataFmt(TIFFDirectory *td) + return guess; + } + +-static uint32 +-multiply(size_t m1, size_t m2) ++static tsize_t ++multiply(tsize_t m1, tsize_t m2) + { +- uint32 bytes = m1 * m2; ++ tsize_t bytes = m1 * m2; + + if (m1 && bytes / m1 != m2) + bytes = 0; +@@ -641,6 +641,20 @@ multiply(size_t m1, size_t m2) + return bytes; + } + ++static tsize_t ++add_ms(tsize_t m1, tsize_t m2) ++{ ++ tsize_t bytes = m1 + m2; ++ ++ /* if either input is zero, assume overflow already occurred */ ++ if (m1 == 0 || m2 == 0) ++ bytes = 0; ++ else if (bytes <= m1 || bytes <= m2) ++ bytes = 0; ++ ++ return bytes; ++} ++ + static int + PixarLogSetupDecode(TIFF* tif) + { +@@ -661,6 +675,8 @@ PixarLogSetupDecode(TIFF* tif) + td->td_samplesperpixel : 1); + tbuf_size = multiply(multiply(multiply(sp->stride, td->td_imagewidth), + td->td_rowsperstrip), sizeof(uint16)); ++ /* add one more stride in case input ends mid-stride */ ++ tbuf_size = add_ms(tbuf_size, sizeof(uint16) * sp->stride); + if (tbuf_size == 0) + return (0); + sp->tbuf = (uint16 *) _TIFFmalloc(tbuf_size); +diff --git a/libtiff/tif_print.c b/libtiff/tif_print.c +index 7634f6e..2b255da 100644 +--- a/libtiff/tif_print.c ++++ b/libtiff/tif_print.c +@@ -1,4 +1,4 @@ +-/* $Id: tif_print.c,v 1.36.2.5 2010-07-06 14:05:30 dron Exp $ */ ++/* $Id: tif_print.c,v 1.36.2.6 2012-12-12 23:18:05 tgl Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -514,8 +514,19 @@ TIFFPrintDirectory(TIFF* tif, FILE* fd, long flags) + continue; + + if(fip->field_passcount) { +- if(TIFFGetField(tif, tag, &value_count, &raw_data) != 1) ++ if (fip->field_readcount == TIFF_VARIABLE2 ) { ++ if(TIFFGetField(tif, tag, &value_count, &raw_data) != 1) ++ continue; ++ } else if (fip->field_readcount == TIFF_VARIABLE ) { ++ uint16 small_value_count; ++ if(TIFFGetField(tif, tag, &small_value_count, &raw_data) != 1) ++ continue; ++ value_count = small_value_count; ++ } else { ++ assert (fip->field_readcount == TIFF_VARIABLE ++ || fip->field_readcount == TIFF_VARIABLE2); + continue; ++ } + } else { + if (fip->field_readcount == TIFF_VARIABLE + || fip->field_readcount == TIFF_VARIABLE2) +diff --git a/man/Makefile.in b/man/Makefile.in +index a007da7..cac0721 100644 +--- a/man/Makefile.in ++++ b/man/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/port/Makefile.in b/port/Makefile.in +index 6674109..f95d58f 100644 +--- a/port/Makefile.in ++++ b/port/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/test/Makefile.in b/test/Makefile.in +index 61ea1ff..f88959f 100644 +--- a/test/Makefile.in ++++ b/test/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/tools/Makefile.in b/tools/Makefile.in +index 47dcec8..6f3d517 100644 +--- a/tools/Makefile.in ++++ b/tools/Makefile.in +@@ -1,4 +1,4 @@ +-# Makefile.in generated by automake 1.12.4 from Makefile.am. ++# Makefile.in generated by automake 1.12.5 from Makefile.am. + # @configure_input@ + + # Copyright (C) 1994-2012 Free Software Foundation, Inc. +diff --git a/tools/ppm2tiff.c b/tools/ppm2tiff.c +index 6078459..ec8be5d 100644 +--- a/tools/ppm2tiff.c ++++ b/tools/ppm2tiff.c +@@ -1,4 +1,4 @@ +-/* $Id: ppm2tiff.c,v 1.13.2.2 2010-06-08 18:50:44 bfriesen Exp $ */ ++/* $Id: ppm2tiff.c,v 1.13.2.3 2012-12-10 18:27:35 tgl Exp $ */ + + /* + * Copyright (c) 1991-1997 Sam Leffler +@@ -68,6 +68,17 @@ BadPPM(char* file) + exit(-2); + } + ++static tsize_t ++multiply_ms(tsize_t m1, tsize_t m2) ++{ ++ tsize_t bytes = m1 * m2; ++ ++ if (m1 && bytes / m1 != m2) ++ bytes = 0; ++ ++ return bytes; ++} ++ + int + main(int argc, char* argv[]) + { +@@ -85,6 +96,7 @@ main(int argc, char* argv[]) + int c; + extern int optind; + extern char* optarg; ++ tsize_t scanline_size; + + if (argc < 2) { + fprintf(stderr, "%s: Too few arguments\n", argv[0]); +@@ -217,7 +229,8 @@ main(int argc, char* argv[]) + } + switch (bpp) { + case 1: +- linebytes = (spp * w + (8 - 1)) / 8; ++ /* if round-up overflows, result will be zero, OK */ ++ linebytes = (multiply_ms(spp, w) + (8 - 1)) / 8; + if (rowsperstrip == (uint32) -1) { + TIFFSetField(out, TIFFTAG_ROWSPERSTRIP, h); + } else { +@@ -226,15 +239,31 @@ main(int argc, char* argv[]) + } + break; + case 8: +- linebytes = spp * w; ++ linebytes = multiply_ms(spp, w); + TIFFSetField(out, TIFFTAG_ROWSPERSTRIP, + TIFFDefaultStripSize(out, rowsperstrip)); + break; + } +- if (TIFFScanlineSize(out) > linebytes) ++ if (linebytes == 0) { ++ fprintf(stderr, "%s: scanline size overflow\n", infile); ++ (void) TIFFClose(out); ++ exit(-2); ++ } ++ scanline_size = TIFFScanlineSize(out); ++ if (scanline_size == 0) { ++ /* overflow - TIFFScanlineSize already printed a message */ ++ (void) TIFFClose(out); ++ exit(-2); ++ } ++ if (scanline_size < linebytes) + buf = (unsigned char *)_TIFFmalloc(linebytes); + else +- buf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out)); ++ buf = (unsigned char *)_TIFFmalloc(scanline_size); ++ if (buf == NULL) { ++ fprintf(stderr, "%s: Not enough memory\n", infile); ++ (void) TIFFClose(out); ++ exit(-2); ++ } + if (resolution > 0) { + TIFFSetField(out, TIFFTAG_XRESOLUTION, resolution); + TIFFSetField(out, TIFFTAG_YRESOLUTION, resolution); +diff --git a/tools/rgb2ycbcr.c b/tools/rgb2ycbcr.c +index 0b30b51..527c036 100644 +--- a/tools/rgb2ycbcr.c ++++ b/tools/rgb2ycbcr.c +@@ -1,4 +1,4 @@ +-/* $Id: rgb2ycbcr.c,v 1.9.2.2 2010-06-08 18:50:44 bfriesen Exp $ */ ++/* $Id: rgb2ycbcr.c,v 1.9.2.3 2013-05-02 14:44:44 tgl Exp $ */ + + /* + * Copyright (c) 1991-1997 Sam Leffler +@@ -326,7 +326,8 @@ tiffcvt(TIFF* in, TIFF* out) + TIFFSetField(out, TIFFTAG_PLANARCONFIG, PLANARCONFIG_CONTIG); + { char buf[2048]; + char *cp = strrchr(TIFFFileName(in), '/'); +- sprintf(buf, "YCbCr conversion of %s", cp ? cp+1 : TIFFFileName(in)); ++ snprintf(buf, sizeof(buf), "YCbCr conversion of %s", ++ cp ? cp+1 : TIFFFileName(in)); + TIFFSetField(out, TIFFTAG_IMAGEDESCRIPTION, buf); + } + TIFFSetField(out, TIFFTAG_SOFTWARE, TIFFGetVersion()); +diff --git a/tools/tiff2bw.c b/tools/tiff2bw.c +index 8fbf061..98908d1 100644 +--- a/tools/tiff2bw.c ++++ b/tools/tiff2bw.c +@@ -1,4 +1,4 @@ +-/* $Id: tiff2bw.c,v 1.12.2.2 2010-07-02 12:03:27 dron Exp $ */ ++/* $Id: tiff2bw.c,v 1.12.2.3 2013-05-02 14:44:44 tgl Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -201,7 +201,7 @@ main(int argc, char* argv[]) + } + } + TIFFSetField(out, TIFFTAG_PHOTOMETRIC, PHOTOMETRIC_MINISBLACK); +- sprintf(thing, "B&W version of %s", argv[optind]); ++ snprintf(thing, sizeof(thing), "B&W version of %s", argv[optind]); + TIFFSetField(out, TIFFTAG_IMAGEDESCRIPTION, thing); + TIFFSetField(out, TIFFTAG_SOFTWARE, "tiff2bw"); + outbuf = (unsigned char *)_TIFFmalloc(TIFFScanlineSize(out)); +diff --git a/tools/tiff2pdf.c b/tools/tiff2pdf.c +index dee6435..c55b927 100644 +--- a/tools/tiff2pdf.c ++++ b/tools/tiff2pdf.c +@@ -1,4 +1,4 @@ +-/* $Id: tiff2pdf.c,v 1.37.2.22 2012-07-19 15:43:31 tgl Exp $ ++/* $Id: tiff2pdf.c,v 1.37.2.24 2013-05-02 14:54:18 tgl Exp $ + * + * tiff2pdf - converts a TIFF image to a PDF document + * +@@ -3337,33 +3337,56 @@ int t2p_process_jpeg_strip( + uint32 height){ + + tsize_t i=0; +- uint16 ri =0; +- uint16 v_samp=1; +- uint16 h_samp=1; +- int j=0; +- +- i++; +- +- while(i<(*striplength)){ ++ ++ while (i < *striplength) { ++ tsize_t datalen; ++ uint16 ri; ++ uint16 v_samp; ++ uint16 h_samp; ++ int j; ++ int ncomp; ++ ++ /* marker header: one or more FFs */ ++ if (strip[i] != 0xff) ++ return(0); ++ i++; ++ while (i < *striplength && strip[i] == 0xff) ++ i++; ++ if (i >= *striplength) ++ return(0); ++ /* SOI is the only pre-SOS marker without a length word */ ++ if (strip[i] == 0xd8) ++ datalen = 0; ++ else { ++ if ((*striplength - i) <= 2) ++ return(0); ++ datalen = (strip[i+1] << 8) | strip[i+2]; ++ if (datalen < 2 || datalen >= (*striplength - i)) ++ return(0); ++ } + switch( strip[i] ){ +- case 0xd8: +- /* SOI - start of image */ ++ case 0xd8: /* SOI - start of image */ + _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), 2); + *bufferoffset+=2; +- i+=2; + break; +- case 0xc0: +- case 0xc1: +- case 0xc3: +- case 0xc9: +- case 0xca: ++ case 0xc0: /* SOF0 */ ++ case 0xc1: /* SOF1 */ ++ case 0xc3: /* SOF3 */ ++ case 0xc9: /* SOF9 */ ++ case 0xca: /* SOF10 */ + if(no==0){ +- _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), strip[i+2]+2); +- for(j=0;j<buffer[*bufferoffset+9];j++){ +- if( (buffer[*bufferoffset+11+(2*j)]>>4) > h_samp) +- h_samp = (buffer[*bufferoffset+11+(2*j)]>>4); +- if( (buffer[*bufferoffset+11+(2*j)] & 0x0f) > v_samp) +- v_samp = (buffer[*bufferoffset+11+(2*j)] & 0x0f); ++ _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), datalen+2); ++ ncomp = buffer[*bufferoffset+9]; ++ if (ncomp < 1 || ncomp > 4) ++ return(0); ++ v_samp=1; ++ h_samp=1; ++ for(j=0;j<ncomp;j++){ ++ uint16 samp = buffer[*bufferoffset+11+(3*j)]; ++ if( (samp>>4) > h_samp) ++ h_samp = (samp>>4); ++ if( (samp & 0x0f) > v_samp) ++ v_samp = (samp & 0x0f); + } + v_samp*=8; + h_samp*=8; +@@ -3377,45 +3400,43 @@ int t2p_process_jpeg_strip( + (unsigned char) ((height>>8) & 0xff); + buffer[*bufferoffset+6]= + (unsigned char) (height & 0xff); +- *bufferoffset+=strip[i+2]+2; +- i+=strip[i+2]+2; +- ++ *bufferoffset+=datalen+2; ++ /* insert a DRI marker */ + buffer[(*bufferoffset)++]=0xff; + buffer[(*bufferoffset)++]=0xdd; + buffer[(*bufferoffset)++]=0x00; + buffer[(*bufferoffset)++]=0x04; + buffer[(*bufferoffset)++]=(ri >> 8) & 0xff; + buffer[(*bufferoffset)++]= ri & 0xff; +- } else { +- i+=strip[i+2]+2; + } + break; +- case 0xc4: +- case 0xdb: +- _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), strip[i+2]+2); +- *bufferoffset+=strip[i+2]+2; +- i+=strip[i+2]+2; ++ case 0xc4: /* DHT */ ++ case 0xdb: /* DQT */ ++ _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), datalen+2); ++ *bufferoffset+=datalen+2; + break; +- case 0xda: ++ case 0xda: /* SOS */ + if(no==0){ +- _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), strip[i+2]+2); +- *bufferoffset+=strip[i+2]+2; +- i+=strip[i+2]+2; ++ _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), datalen+2); ++ *bufferoffset+=datalen+2; + } else { + buffer[(*bufferoffset)++]=0xff; + buffer[(*bufferoffset)++]= + (unsigned char)(0xd0 | ((no-1)%8)); +- i+=strip[i+2]+2; + } +- _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i-1]), (*striplength)-i-1); +- *bufferoffset+=(*striplength)-i-1; ++ i += datalen + 1; ++ /* copy remainder of strip */ ++ _TIFFmemcpy(&(buffer[*bufferoffset]), &(strip[i]), *striplength - i); ++ *bufferoffset+= *striplength - i; + return(1); + default: +- i+=strip[i+2]+2; ++ /* ignore any other marker */ ++ break; + } ++ i += datalen + 1; + } +- + ++ /* failed to find SOS marker */ + return(0); + } + #endif +@@ -3605,7 +3626,9 @@ tsize_t t2p_write_pdf_header(T2P* t2p, TIFF* output){ + char buffer[16]; + int buflen=0; + +- buflen=sprintf(buffer, "%%PDF-%u.%u ", t2p->pdf_majorversion&0xff, t2p->pdf_minorversion&0xff); ++ buflen = snprintf(buffer, sizeof(buffer), "%%PDF-%u.%u ", ++ t2p->pdf_majorversion&0xff, ++ t2p->pdf_minorversion&0xff); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t)"\n%\342\343\317\323\n", 7); + +@@ -3619,10 +3642,10 @@ tsize_t t2p_write_pdf_header(T2P* t2p, TIFF* output){ + tsize_t t2p_write_pdf_obj_start(uint32 number, TIFF* output){ + + tsize_t written=0; +- char buffer[16]; ++ char buffer[32]; + int buflen=0; + +- buflen=sprintf(buffer, "%lu", (unsigned long)number); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)number); + written += t2pWriteFile(output, (tdata_t) buffer, buflen ); + written += t2pWriteFile(output, (tdata_t) " 0 obj\n", 7); + +@@ -3661,13 +3684,13 @@ tsize_t t2p_write_pdf_name(unsigned char* name, TIFF* output){ + written += t2pWriteFile(output, (tdata_t) "/", 1); + for (i=0;i<namelen;i++){ + if ( ((unsigned char)name[i]) < 0x21){ +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + nextchar=1; + } + if ( ((unsigned char)name[i]) > 0x7E){ +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + nextchar=1; +@@ -3675,57 +3698,57 @@ tsize_t t2p_write_pdf_name(unsigned char* name, TIFF* output){ + if (nextchar==0){ + switch (name[i]){ + case 0x23: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x25: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x28: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x29: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x2F: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x3C: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x3E: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x5B: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x5D: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x7B: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; + case 0x7D: +- sprintf(buffer, "#%.2X", name[i]); ++ snprintf(buffer, sizeof(buffer), "#%.2X", name[i]); + buffer[sizeof(buffer) - 1] = '\0'; + written += t2pWriteFile(output, (tdata_t) buffer, 3); + break; +@@ -3840,14 +3863,14 @@ tsize_t t2p_write_pdf_stream_end(TIFF* output){ + tsize_t t2p_write_pdf_stream_dict(tsize_t len, uint32 number, TIFF* output){ + + tsize_t written=0; +- char buffer[16]; ++ char buffer[32]; + int buflen=0; + + written += t2pWriteFile(output, (tdata_t) "/Length ", 8); + if(len!=0){ + written += t2p_write_pdf_stream_length(len, output); + } else { +- buflen=sprintf(buffer, "%lu", (unsigned long)number); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)number); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R \n", 6); + } +@@ -3888,10 +3911,10 @@ tsize_t t2p_write_pdf_stream_dict_end(TIFF* output){ + tsize_t t2p_write_pdf_stream_length(tsize_t len, TIFF* output){ + + tsize_t written=0; +- char buffer[16]; ++ char buffer[32]; + int buflen=0; + +- buflen=sprintf(buffer, "%lu", (unsigned long)len); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)len); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "\n", 1); + +@@ -3905,7 +3928,7 @@ tsize_t t2p_write_pdf_stream_length(tsize_t len, TIFF* output){ + tsize_t t2p_write_pdf_catalog(T2P* t2p, TIFF* output) + { + tsize_t written = 0; +- char buffer[16]; ++ char buffer[32]; + int buflen = 0; + + written += t2pWriteFile(output, +@@ -3944,7 +3967,6 @@ tsize_t t2p_write_pdf_info(T2P* t2p, TIFF* input, TIFF* output) + written += t2p_write_pdf_string(t2p->pdf_datetime, output); + } + written += t2pWriteFile(output, (tdata_t) "\n/Producer ", 11); +- _TIFFmemset((tdata_t)buffer, 0x00, sizeof(buffer)); + snprintf(buffer, sizeof(buffer), "libtiff / tiff2pdf - %d", TIFFLIB_VERSION); + written += t2p_write_pdf_string(buffer, output); + written += t2pWriteFile(output, (tdata_t) "\n", 1); +@@ -4085,7 +4107,7 @@ tsize_t t2p_write_pdf_pages(T2P* t2p, TIFF* output) + { + tsize_t written=0; + tdir_t i=0; +- char buffer[16]; ++ char buffer[32]; + int buflen=0; + + int page=0; +@@ -4093,7 +4115,7 @@ tsize_t t2p_write_pdf_pages(T2P* t2p, TIFF* output) + (tdata_t) "<< \n/Type /Pages \n/Kids [ ", 26); + page = t2p->pdf_pages+1; + for (i=0;i<t2p->tiff_pagecount;i++){ +- buflen=sprintf(buffer, "%d", page); ++ buflen=snprintf(buffer, sizeof(buffer), "%d", page); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); + if ( ((i+1)%8)==0 ) { +@@ -4108,8 +4130,7 @@ tsize_t t2p_write_pdf_pages(T2P* t2p, TIFF* output) + } + } + written += t2pWriteFile(output, (tdata_t) "] \n/Count ", 10); +- _TIFFmemset(buffer, 0x00, 16); +- buflen=sprintf(buffer, "%d", t2p->tiff_pagecount); ++ buflen=snprintf(buffer, sizeof(buffer), "%d", t2p->tiff_pagecount); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " \n>> \n", 6); + +@@ -4124,28 +4145,28 @@ tsize_t t2p_write_pdf_page(uint32 object, T2P* t2p, TIFF* output){ + + unsigned int i=0; + tsize_t written=0; +- char buffer[16]; ++ char buffer[256]; + int buflen=0; + + written += t2pWriteFile(output, (tdata_t) "<<\n/Type /Page \n/Parent ", 24); +- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_pages); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_pages); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R \n", 6); + written += t2pWriteFile(output, (tdata_t) "/MediaBox [", 11); +- buflen=sprintf(buffer, "%.4f",t2p->pdf_mediabox.x1); ++ buflen=snprintf(buffer, sizeof(buffer), "%.4f",t2p->pdf_mediabox.x1); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " ", 1); +- buflen=sprintf(buffer, "%.4f",t2p->pdf_mediabox.y1); ++ buflen=snprintf(buffer, sizeof(buffer), "%.4f",t2p->pdf_mediabox.y1); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " ", 1); +- buflen=sprintf(buffer, "%.4f",t2p->pdf_mediabox.x2); ++ buflen=snprintf(buffer, sizeof(buffer), "%.4f",t2p->pdf_mediabox.x2); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " ", 1); +- buflen=sprintf(buffer, "%.4f",t2p->pdf_mediabox.y2); ++ buflen=snprintf(buffer, sizeof(buffer), "%.4f",t2p->pdf_mediabox.y2); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "] \n", 3); + written += t2pWriteFile(output, (tdata_t) "/Contents ", 10); +- buflen=sprintf(buffer, "%lu", (unsigned long)(object + 1)); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)(object + 1)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R \n", 6); + written += t2pWriteFile(output, (tdata_t) "/Resources << \n", 15); +@@ -4153,15 +4174,13 @@ tsize_t t2p_write_pdf_page(uint32 object, T2P* t2p, TIFF* output){ + written += t2pWriteFile(output, (tdata_t) "/XObject <<\n", 12); + for(i=0;i<t2p->tiff_tiles[t2p->pdf_page].tiles_tilecount;i++){ + written += t2pWriteFile(output, (tdata_t) "/Im", 3); +- buflen = sprintf(buffer, "%u", t2p->pdf_page+1); ++ buflen = snprintf(buffer, sizeof(buffer), "%u", t2p->pdf_page+1); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "_", 1); +- buflen = sprintf(buffer, "%u", i+1); ++ buflen = snprintf(buffer, sizeof(buffer), "%u", i+1); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " ", 1); +- buflen = sprintf( +- buffer, +- "%lu", ++ buflen = snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)(object+3+(2*i)+t2p->tiff_pages[t2p->pdf_page].page_extra)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); +@@ -4173,12 +4192,10 @@ tsize_t t2p_write_pdf_page(uint32 object, T2P* t2p, TIFF* output){ + } else { + written += t2pWriteFile(output, (tdata_t) "/XObject <<\n", 12); + written += t2pWriteFile(output, (tdata_t) "/Im", 3); +- buflen = sprintf(buffer, "%u", t2p->pdf_page+1); ++ buflen = snprintf(buffer, sizeof(buffer), "%u", t2p->pdf_page+1); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " ", 1); +- buflen = sprintf( +- buffer, +- "%lu", ++ buflen = snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)(object+3+(2*i)+t2p->tiff_pages[t2p->pdf_page].page_extra)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); +@@ -4187,9 +4204,7 @@ tsize_t t2p_write_pdf_page(uint32 object, T2P* t2p, TIFF* output){ + if(t2p->tiff_transferfunctioncount != 0) { + written += t2pWriteFile(output, (tdata_t) "/ExtGState <<", 13); + t2pWriteFile(output, (tdata_t) "/GS1 ", 5); +- buflen = sprintf( +- buffer, +- "%lu", ++ buflen = snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)(object + 3)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); +@@ -4562,7 +4577,7 @@ tsize_t t2p_write_pdf_page_content_stream(T2P* t2p, TIFF* output){ + if(t2p->tiff_tiles[t2p->pdf_page].tiles_tilecount>0){ + for(i=0;i<t2p->tiff_tiles[t2p->pdf_page].tiles_tilecount; i++){ + box=t2p->tiff_tiles[t2p->pdf_page].tiles_tiles[i].tile_box; +- buflen=sprintf(buffer, ++ buflen=snprintf(buffer, sizeof(buffer), + "q %s %.4f %.4f %.4f %.4f %.4f %.4f cm /Im%d_%ld Do Q\n", + t2p->tiff_transferfunctioncount?"/GS1 gs ":"", + box.mat[0], +@@ -4577,7 +4592,7 @@ tsize_t t2p_write_pdf_page_content_stream(T2P* t2p, TIFF* output){ + } + } else { + box=t2p->pdf_imagebox; +- buflen=sprintf(buffer, ++ buflen=snprintf(buffer, sizeof(buffer), + "q %s %.4f %.4f %.4f %.4f %.4f %.4f cm /Im%d Do Q\n", + t2p->tiff_transferfunctioncount?"/GS1 gs ":"", + box.mat[0], +@@ -4602,59 +4617,48 @@ tsize_t t2p_write_pdf_xobject_stream_dict(ttile_t tile, + TIFF* output){ + + tsize_t written=0; +- char buffer[16]; ++ char buffer[32]; + int buflen=0; + + written += t2p_write_pdf_stream_dict(0, t2p->pdf_xrefcount+1, output); + written += t2pWriteFile(output, + (tdata_t) "/Type /XObject \n/Subtype /Image \n/Name /Im", + 42); +- buflen=sprintf(buffer, "%u", t2p->pdf_page+1); ++ buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->pdf_page+1); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + if(tile != 0){ + written += t2pWriteFile(output, (tdata_t) "_", 1); +- buflen=sprintf(buffer, "%lu", (unsigned long)tile); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)tile); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + } + written += t2pWriteFile(output, (tdata_t) "\n/Width ", 8); +- _TIFFmemset((tdata_t)buffer, 0x00, 16); + if(tile==0){ +- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->tiff_width); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->tiff_width); + } else { + if(t2p_tile_is_right_edge(t2p->tiff_tiles[t2p->pdf_page], tile-1)!=0){ +- buflen=sprintf( +- buffer, +- "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_edgetilewidth); + } else { +- buflen=sprintf( +- buffer, +- "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_tilewidth); + } + } + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "\n/Height ", 9); +- _TIFFmemset((tdata_t)buffer, 0x00, 16); + if(tile==0){ +- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->tiff_length); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->tiff_length); + } else { + if(t2p_tile_is_bottom_edge(t2p->tiff_tiles[t2p->pdf_page], tile-1)!=0){ +- buflen=sprintf( +- buffer, +- "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_edgetilelength); + } else { +- buflen=sprintf( +- buffer, +- "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_tilelength); + } + } + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "\n/BitsPerComponent ", 19); +- _TIFFmemset((tdata_t)buffer, 0x00, 16); +- buflen=sprintf(buffer, "%u", t2p->tiff_bitspersample); ++ buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->tiff_bitspersample); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "\n/ColorSpace ", 13); + written += t2p_write_pdf_xobject_cs(t2p, output); +@@ -4698,11 +4702,10 @@ tsize_t t2p_write_pdf_xobject_cs(T2P* t2p, TIFF* output){ + t2p->pdf_colorspace ^= T2P_CS_PALETTE; + written += t2p_write_pdf_xobject_cs(t2p, output); + t2p->pdf_colorspace |= T2P_CS_PALETTE; +- buflen=sprintf(buffer, "%u", (0x0001 << t2p->tiff_bitspersample)-1 ); ++ buflen=snprintf(buffer, sizeof(buffer), "%u", (0x0001 << t2p->tiff_bitspersample)-1 ); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " ", 1); +- _TIFFmemset(buffer, 0x00, 16); +- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_palettecs ); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_palettecs ); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R ]\n", 7); + return(written); +@@ -4736,10 +4739,10 @@ tsize_t t2p_write_pdf_xobject_cs(T2P* t2p, TIFF* output){ + X_W /= Y_W; + Z_W /= Y_W; + Y_W = 1.0F; +- buflen=sprintf(buffer, "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W); ++ buflen=snprintf(buffer, sizeof(buffer), "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "/Range ", 7); +- buflen=sprintf(buffer, "[%d %d %d %d] \n", ++ buflen=snprintf(buffer, sizeof(buffer), "[%d %d %d %d] \n", + t2p->pdf_labrange[0], + t2p->pdf_labrange[1], + t2p->pdf_labrange[2], +@@ -4755,26 +4758,26 @@ tsize_t t2p_write_pdf_xobject_cs(T2P* t2p, TIFF* output){ + tsize_t t2p_write_pdf_transfer(T2P* t2p, TIFF* output){ + + tsize_t written=0; +- char buffer[16]; ++ char buffer[32]; + int buflen=0; + + written += t2pWriteFile(output, (tdata_t) "<< /Type /ExtGState \n/TR ", 25); + if(t2p->tiff_transferfunctioncount == 1){ +- buflen=sprintf(buffer, "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)(t2p->pdf_xrefcount + 1)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); + } else { + written += t2pWriteFile(output, (tdata_t) "[ ", 2); +- buflen=sprintf(buffer, "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)(t2p->pdf_xrefcount + 1)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); +- buflen=sprintf(buffer, "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)(t2p->pdf_xrefcount + 2)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); +- buflen=sprintf(buffer, "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)(t2p->pdf_xrefcount + 3)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R ", 5); +@@ -4796,7 +4799,7 @@ tsize_t t2p_write_pdf_transfer_dict(T2P* t2p, TIFF* output, uint16 i){ + written += t2pWriteFile(output, (tdata_t) "/FunctionType 0 \n", 17); + written += t2pWriteFile(output, (tdata_t) "/Domain [0.0 1.0] \n", 19); + written += t2pWriteFile(output, (tdata_t) "/Range [0.0 1.0] \n", 18); +- buflen=sprintf(buffer, "/Size [%u] \n", (1<<t2p->tiff_bitspersample)); ++ buflen=snprintf(buffer, sizeof(buffer), "/Size [%u] \n", (1<<t2p->tiff_bitspersample)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "/BitsPerSample 16 \n", 19); + written += t2p_write_pdf_stream_dict(1<<(t2p->tiff_bitspersample+1), 0, output); +@@ -4823,7 +4826,7 @@ tsize_t t2p_write_pdf_transfer_stream(T2P* t2p, TIFF* output, uint16 i){ + tsize_t t2p_write_pdf_xobject_calcs(T2P* t2p, TIFF* output){ + + tsize_t written=0; +- char buffer[128]; ++ char buffer[256]; + int buflen=0; + + float X_W=0.0; +@@ -4891,16 +4894,16 @@ tsize_t t2p_write_pdf_xobject_calcs(T2P* t2p, TIFF* output){ + written += t2pWriteFile(output, (tdata_t) "<< \n", 4); + if(t2p->pdf_colorspace & T2P_CS_CALGRAY){ + written += t2pWriteFile(output, (tdata_t) "/WhitePoint ", 12); +- buflen=sprintf(buffer, "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W); ++ buflen=snprintf(buffer, sizeof(buffer), "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "/Gamma 2.2 \n", 12); + } + if(t2p->pdf_colorspace & T2P_CS_CALRGB){ + written += t2pWriteFile(output, (tdata_t) "/WhitePoint ", 12); +- buflen=sprintf(buffer, "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W); ++ buflen=snprintf(buffer, sizeof(buffer), "[%.4f %.4f %.4f] \n", X_W, Y_W, Z_W); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "/Matrix ", 8); +- buflen=sprintf(buffer, "[%.4f %.4f %.4f %.4f %.4f %.4f %.4f %.4f %.4f] \n", ++ buflen=snprintf(buffer, sizeof(buffer), "[%.4f %.4f %.4f %.4f %.4f %.4f %.4f %.4f %.4f] \n", + X_R, Y_R, Z_R, + X_G, Y_G, Z_G, + X_B, Y_B, Z_B); +@@ -4919,11 +4922,11 @@ tsize_t t2p_write_pdf_xobject_calcs(T2P* t2p, TIFF* output){ + tsize_t t2p_write_pdf_xobject_icccs(T2P* t2p, TIFF* output){ + + tsize_t written=0; +- char buffer[16]; ++ char buffer[32]; + int buflen=0; + + written += t2pWriteFile(output, (tdata_t) "[/ICCBased ", 11); +- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_icccs); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_icccs); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " 0 R] \n", 7); + +@@ -4933,11 +4936,11 @@ tsize_t t2p_write_pdf_xobject_icccs(T2P* t2p, TIFF* output){ + tsize_t t2p_write_pdf_xobject_icccs_dict(T2P* t2p, TIFF* output){ + + tsize_t written=0; +- char buffer[16]; ++ char buffer[32]; + int buflen=0; + + written += t2pWriteFile(output, (tdata_t) "/N ", 3); +- buflen=sprintf(buffer, "%u \n", t2p->tiff_samplesperpixel); ++ buflen=snprintf(buffer, sizeof(buffer), "%u \n", t2p->tiff_samplesperpixel); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) "/Alternate ", 11); + t2p->pdf_colorspace ^= T2P_CS_ICCBASED; +@@ -5002,7 +5005,7 @@ tsize_t t2p_write_pdf_xobject_decode(T2P* t2p, TIFF* output){ + tsize_t t2p_write_pdf_xobject_stream_filter(ttile_t tile, T2P* t2p, TIFF* output){ + + tsize_t written=0; +- char buffer[16]; ++ char buffer[32]; + int buflen=0; + + if(t2p->pdf_compression==T2P_COMPRESS_NONE){ +@@ -5017,41 +5020,33 @@ tsize_t t2p_write_pdf_xobject_stream_filter(ttile_t tile, T2P* t2p, TIFF* output + written += t2pWriteFile(output, (tdata_t) "<< /K -1 ", 9); + if(tile==0){ + written += t2pWriteFile(output, (tdata_t) "/Columns ", 9); +- buflen=sprintf(buffer, "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_width); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " /Rows ", 7); +- buflen=sprintf(buffer, "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_length); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + } else { + if(t2p_tile_is_right_edge(t2p->tiff_tiles[t2p->pdf_page], tile-1)==0){ + written += t2pWriteFile(output, (tdata_t) "/Columns ", 9); +- buflen=sprintf( +- buffer, +- "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_tilewidth); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + } else { + written += t2pWriteFile(output, (tdata_t) "/Columns ", 9); +- buflen=sprintf( +- buffer, +- "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_edgetilewidth); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + } + if(t2p_tile_is_bottom_edge(t2p->tiff_tiles[t2p->pdf_page], tile-1)==0){ + written += t2pWriteFile(output, (tdata_t) " /Rows ", 7); +- buflen=sprintf( +- buffer, +- "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_tilelength); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + } else { + written += t2pWriteFile(output, (tdata_t) " /Rows ", 7); +- buflen=sprintf( +- buffer, +- "%lu", ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_tiles[t2p->pdf_page].tiles_edgetilelength); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + } +@@ -5078,21 +5073,17 @@ tsize_t t2p_write_pdf_xobject_stream_filter(ttile_t tile, T2P* t2p, TIFF* output + if(t2p->pdf_compressionquality%100){ + written += t2pWriteFile(output, (tdata_t) "/DecodeParms ", 13); + written += t2pWriteFile(output, (tdata_t) "<< /Predictor ", 14); +- _TIFFmemset(buffer, 0x00, 16); +- buflen=sprintf(buffer, "%u", t2p->pdf_compressionquality%100); ++ buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->pdf_compressionquality%100); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " /Columns ", 10); +- _TIFFmemset(buffer, 0x00, 16); +- buflen = sprintf(buffer, "%lu", ++ buflen = snprintf(buffer, sizeof(buffer), "%lu", + (unsigned long)t2p->tiff_width); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " /Colors ", 9); +- _TIFFmemset(buffer, 0x00, 16); +- buflen=sprintf(buffer, "%u", t2p->tiff_samplesperpixel); ++ buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->tiff_samplesperpixel); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " /BitsPerComponent ", 19); +- _TIFFmemset(buffer, 0x00, 16); +- buflen=sprintf(buffer, "%u", t2p->tiff_bitspersample); ++ buflen=snprintf(buffer, sizeof(buffer), "%u", t2p->tiff_bitspersample); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) ">>\n", 3); + } +@@ -5112,16 +5103,16 @@ tsize_t t2p_write_pdf_xobject_stream_filter(ttile_t tile, T2P* t2p, TIFF* output + tsize_t t2p_write_pdf_xreftable(T2P* t2p, TIFF* output){ + + tsize_t written=0; +- char buffer[21]; ++ char buffer[64]; + int buflen=0; + uint32 i=0; + + written += t2pWriteFile(output, (tdata_t) "xref\n0 ", 7); +- buflen=sprintf(buffer, "%lu", (unsigned long)(t2p->pdf_xrefcount + 1)); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)(t2p->pdf_xrefcount + 1)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); + written += t2pWriteFile(output, (tdata_t) " \n0000000000 65535 f \n", 22); + for (i=0;i<t2p->pdf_xrefcount;i++){ +- sprintf(buffer, "%.10lu 00000 n \n", ++ snprintf(buffer, sizeof(buffer), "%.10lu 00000 n \n", + (unsigned long)t2p->pdf_xrefoffsets[i]); + written += t2pWriteFile(output, (tdata_t) buffer, 20); + } +@@ -5145,17 +5136,14 @@ tsize_t t2p_write_pdf_trailer(T2P* t2p, TIFF* output) + snprintf(t2p->pdf_fileid + i, 9, "%.8X", rand()); + + written += t2pWriteFile(output, (tdata_t) "trailer\n<<\n/Size ", 17); +- buflen = sprintf(buffer, "%lu", (unsigned long)(t2p->pdf_xrefcount+1)); ++ buflen = snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)(t2p->pdf_xrefcount+1)); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); +- _TIFFmemset(buffer, 0x00, 32); + written += t2pWriteFile(output, (tdata_t) "\n/Root ", 7); +- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_catalog); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_catalog); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); +- _TIFFmemset(buffer, 0x00, 32); + written += t2pWriteFile(output, (tdata_t) " 0 R \n/Info ", 12); +- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_info); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_info); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); +- _TIFFmemset(buffer, 0x00, 32); + written += t2pWriteFile(output, (tdata_t) " 0 R \n/ID[<", 11); + written += t2pWriteFile(output, (tdata_t) t2p->pdf_fileid, + sizeof(t2p->pdf_fileid) - 1); +@@ -5163,9 +5151,8 @@ tsize_t t2p_write_pdf_trailer(T2P* t2p, TIFF* output) + written += t2pWriteFile(output, (tdata_t) t2p->pdf_fileid, + sizeof(t2p->pdf_fileid) - 1); + written += t2pWriteFile(output, (tdata_t) ">]\n>>\nstartxref\n", 16); +- buflen=sprintf(buffer, "%lu", (unsigned long)t2p->pdf_startxref); ++ buflen=snprintf(buffer, sizeof(buffer), "%lu", (unsigned long)t2p->pdf_startxref); + written += t2pWriteFile(output, (tdata_t) buffer, buflen); +- _TIFFmemset(buffer, 0x00, 32); + written += t2pWriteFile(output, (tdata_t) "\n%%EOF\n", 7); + + return(written); +diff --git a/tools/tiff2ps.c b/tools/tiff2ps.c +index 2d02b23..b9befe7 100644 +--- a/tools/tiff2ps.c ++++ b/tools/tiff2ps.c +@@ -1,4 +1,4 @@ +-/* $Id: tiff2ps.c,v 1.35.2.7 2011-04-09 16:53:56 bfriesen Exp $ */ ++/* $Id: tiff2ps.c,v 1.35.2.9 2013-05-02 14:44:44 tgl Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -44,6 +44,11 @@ + + /* + * Revision history ++ * 2013-Jan-21 ++ * Richard Nolde: Fix bug in auto rotate option code. Once a ++ * rotation angle was set by the auto rotate check, it was ++ * retained for all pages that followed instead of being ++ * retested for each page. + * + * 2010-Sep-17 + * Richard Nolde: Reinstate code from Feb 2009 that never got +@@ -423,9 +428,10 @@ main(int argc, char* argv[]) + /* auto rotate requires a specified page width and height */ + if (auto_rotate == TRUE) + { ++ /* + if ((pageWidth == 0) || (pageHeight == 0)) + TIFFWarning ("-r auto", " requires page height and width specified with -h and -w"); +- ++ */ + if ((maxPageWidth > 0) || (maxPageHeight > 0)) + { + TIFFError ("-r auto", " is incompatible with maximum page width/height specified by -H or -W"); +@@ -1594,6 +1600,8 @@ int TIFF2PS(FILE* fd, TIFF* tif, double pgwidth, double pgheight, double lm, dou + } + if (generateEPSF) + break; ++ if (auto_rotate) ++ rotation = 0.0; + TIFFGetFieldDefaulted(tif, TIFFTAG_SUBFILETYPE, &subfiletype); + } while (((subfiletype & FILETYPE_PAGE) || printAll) && TIFFReadDirectory(tif)); + +@@ -1783,8 +1791,8 @@ PS_Lvl2ImageDict(FILE* fd, TIFF* tif, uint32 w, uint32 h) + imageOp = "imagemask"; + + (void)strcpy(im_x, "0"); +- (void)sprintf(im_y, "%lu", (long) h); +- (void)sprintf(im_h, "%lu", (long) h); ++ (void)snprintf(im_y, sizeof(im_y), "%lu", (long) h); ++ (void)snprintf(im_h, sizeof(im_h), "%lu", (long) h); + tile_width = w; + tile_height = h; + if (TIFFIsTiled(tif)) { +@@ -1805,7 +1813,7 @@ PS_Lvl2ImageDict(FILE* fd, TIFF* tif, uint32 w, uint32 h) + } + if (tile_height < h) { + fputs("/im_y 0 def\n", fd); +- (void)sprintf(im_y, "%lu im_y sub", (unsigned long) h); ++ (void)snprintf(im_y, sizeof(im_y), "%lu im_y sub", (unsigned long) h); + } + } else { + repeat_count = tf_numberstrips; +@@ -1817,7 +1825,7 @@ PS_Lvl2ImageDict(FILE* fd, TIFF* tif, uint32 w, uint32 h) + fprintf(fd, "/im_h %lu def\n", + (unsigned long) tile_height); + (void)strcpy(im_h, "im_h"); +- (void)sprintf(im_y, "%lu im_y sub", (unsigned long) h); ++ (void)snprintf(im_y, sizeof(im_y), "%lu im_y sub", (unsigned long) h); + } + } + +diff --git a/tools/tiffcrop.c b/tools/tiffcrop.c +index d00c912..6c53e74 100644 +--- a/tools/tiffcrop.c ++++ b/tools/tiffcrop.c +@@ -1,4 +1,4 @@ +-/* $Id: tiffcrop.c,v 1.3.2.15 2010-12-14 02:03:55 faxguy Exp $ */ ++/* $Id: tiffcrop.c,v 1.3.2.16 2013-05-02 14:44:44 tgl Exp $ */ + + /* tiffcrop.c -- a port of tiffcp.c extended to include manipulations of + * the image data through additional options listed below +@@ -2077,7 +2077,7 @@ update_output_file (TIFF **tiffout, char *mode, int autoindex, + return 1; + } + +- sprintf (filenum, "-%03d%s", findex, export_ext); ++ snprintf(filenum, sizeof(filenum), "-%03d%s", findex, export_ext); + filenum[14] = '\0'; + strncat (exportname, filenum, 15); + } +@@ -2230,8 +2230,8 @@ main(int argc, char* argv[]) + + /* dump.infilename is guaranteed to be NUL termimated and have 20 bytes + fewer than PATH_MAX */ +- memset (temp_filename, '\0', PATH_MAX + 1); +- sprintf (temp_filename, "%s-read-%03d.%s", dump.infilename, dump_images, ++ snprintf(temp_filename, sizeof(temp_filename), "%s-read-%03d.%s", ++ dump.infilename, dump_images, + (dump.format == DUMP_TEXT) ? "txt" : "raw"); + if ((dump.infile = fopen(temp_filename, dump.mode)) == NULL) + { +@@ -2249,8 +2249,8 @@ main(int argc, char* argv[]) + + /* dump.outfilename is guaranteed to be NUL termimated and have 20 bytes + fewer than PATH_MAX */ +- memset (temp_filename, '\0', PATH_MAX + 1); +- sprintf (temp_filename, "%s-write-%03d.%s", dump.outfilename, dump_images, ++ snprintf(temp_filename, sizeof(temp_filename), "%s-write-%03d.%s", ++ dump.outfilename, dump_images, + (dump.format == DUMP_TEXT) ? "txt" : "raw"); + if ((dump.outfile = fopen(temp_filename, dump.mode)) == NULL) + { +diff --git a/tools/tiffdither.c b/tools/tiffdither.c +index dee2a02..a0cb857 100644 +--- a/tools/tiffdither.c ++++ b/tools/tiffdither.c +@@ -1,4 +1,4 @@ +-/* $Id: tiffdither.c,v 1.9.2.1 2010-06-08 18:50:44 bfriesen Exp $ */ ++/* $Id: tiffdither.c,v 1.9.2.2 2013-05-02 14:44:45 tgl Exp $ */ + + /* + * Copyright (c) 1988-1997 Sam Leffler +@@ -256,7 +256,7 @@ main(int argc, char* argv[]) + TIFFSetField(out, TIFFTAG_FILLORDER, fillorder); + else + CopyField(TIFFTAG_FILLORDER, shortv); +- sprintf(thing, "Dithered B&W version of %s", argv[optind]); ++ snprintf(thing, sizeof(thing), "Dithered B&W version of %s", argv[optind]); + TIFFSetField(out, TIFFTAG_IMAGEDESCRIPTION, thing); + CopyField(TIFFTAG_PHOTOMETRIC, shortv); + CopyField(TIFFTAG_ORIENTATION, shortv); diff --git a/patches/source/libtiff/tiff-3.9.7_CVE-2013-4231.diff b/patches/source/libtiff/tiff-3.9.7_CVE-2013-4231.diff new file mode 100644 index 000000000..79eeb449f --- /dev/null +++ b/patches/source/libtiff/tiff-3.9.7_CVE-2013-4231.diff @@ -0,0 +1,23 @@ +From 5d19703933eaa59f97be9c88237fe00593f180ae Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Mon, 19 Aug 2013 +Subject: CVE-2013-4231 + +* tools/gif2tiff.c: Be more careful about corrupt or + hostile input files (#2450, CVE-2013-4231) + +--- + gif2tiff.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/tools/gif2tiff.c 2013-08-20 ++++ b/tools/gif2tiff.c 2013-08-20 +@@ -329,6 +329,8 @@ readraster(void) + int status = 1; + + datasize = getc(infile); ++ if (datasize > 12) ++ return 0; + clear = 1 << datasize; + eoi = clear + 1; + avail = clear + 2; diff --git a/patches/source/libtiff/tiff-3.9.7_CVE-2013-4232.diff b/patches/source/libtiff/tiff-3.9.7_CVE-2013-4232.diff new file mode 100644 index 000000000..b86f8f4a4 --- /dev/null +++ b/patches/source/libtiff/tiff-3.9.7_CVE-2013-4232.diff @@ -0,0 +1,24 @@ +From 8a2f9160cc4c52c73a62adef4d9282b2bd6e7ff1 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Mon, 19 Aug 2013 +Subject: CVE-2013-4232 + +* tools/tiff2pdf.c: terminate after failure of allocating + ycbcr buffer (bug #2449, CVE-2013-4232) + +--- + tiff2pdf.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +--- a/tools/tiff2pdf.c 2013-08-20 ++++ b/tools/tiff2pdf.c 2013-08-20 +@@ -2457,7 +2457,8 @@ tsize_t t2p_readwrite_pdf_image(T2P* t2p + t2p->tiff_datasize, + TIFFFileName(input)); + t2p->t2p_error = T2P_ERR_ERROR; +- _TIFFfree(buffer); ++ _TIFFfree(buffer); ++ return(0); + } else { + buffer=samplebuffer; + t2p->tiff_datasize *= t2p->tiff_samplesperpixel; diff --git a/patches/source/libtiff/tiff-3.9.7_CVE-2013-4244.diff b/patches/source/libtiff/tiff-3.9.7_CVE-2013-4244.diff new file mode 100644 index 000000000..4f8c54321 --- /dev/null +++ b/patches/source/libtiff/tiff-3.9.7_CVE-2013-4244.diff @@ -0,0 +1,24 @@ +From 7f4cfaec643863fcdc260da46af8d6581974101d Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Mon, 19 Aug 2013 +Subject: CVE-2013-4244 + +* tools/gif2tiff.c: fix possible OOB write (#2452, CVE-2013-4244) + +--- + gif2tiff.c | 4 ++++ + 1 file changed, 4 insertions(+) + +--- a/tools/gif2tiff.c 2013-08-20 ++++ b/tools/gif2tiff.c 2013-08-20 +@@ -396,6 +398,10 @@ process(register int code, unsigned char + } + + if (oldcode == -1) { ++ if (code >= clear) { ++ fprintf(stderr, "bad input: code=%d is larger than clear=%d\n",code, clear); ++ return 0; ++ } + *(*fill)++ = suffix[code]; + firstchar = oldcode = code; + return 1; diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2004-0941.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2004-0941.patch new file mode 100644 index 000000000..581e4e091 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2004-0941.patch @@ -0,0 +1,17 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd_png.c 2004-11-11 14:02:37.407589824 -0500 ++++ libwmf-0.2.8.4/src/extra/gd/gd_png.c 2004-11-11 14:04:29.672522960 -0500 +@@ -188,6 +188,14 @@ + + png_get_IHDR (png_ptr, info_ptr, &width, &height, &bit_depth, &color_type, + &interlace_type, NULL, NULL); ++ if (overflow2(sizeof (int), width)) ++ { ++ return NULL; ++ } ++ if (overflow2(sizeof (int) * width, height)) ++ { ++ return NULL; ++ } + if ((color_type == PNG_COLOR_TYPE_RGB) || + (color_type == PNG_COLOR_TYPE_RGB_ALPHA)) + { diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2006-3376.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2006-3376.patch new file mode 100644 index 000000000..507fe6622 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2006-3376.patch @@ -0,0 +1,27 @@ +--- libwmf-0.2.8.4.orig/src/player.c 2002-12-10 19:30:26.000000000 +0000 ++++ libwmf-0.2.8.4/src/player.c 2006-07-12 15:12:52.000000000 +0100 +@@ -42,6 +42,7 @@ + #include "player/defaults.h" /* Provides: default settings */ + #include "player/record.h" /* Provides: parameter mechanism */ + #include "player/meta.h" /* Provides: record interpreters */ ++#include <stdint.h> + + /** + * @internal +@@ -132,8 +134,14 @@ + } + } + +-/* P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API)-3) * 2 * sizeof (unsigned char)); +- */ P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char)); ++ if (MAX_REC_SIZE(API) > UINT32_MAX / 2) ++ { ++ API->err = wmf_E_InsMem; ++ WMF_DEBUG (API,"bailing..."); ++ return (API->err); ++ } ++ ++ P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char)); + + if (ERR (API)) + { WMF_DEBUG (API,"bailing..."); diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-0455.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-0455.patch new file mode 100644 index 000000000..0cc5abc71 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-0455.patch @@ -0,0 +1,11 @@ +--- libwmf-0.2.8.4/src/extra/gd/gdft.c 2010-12-06 11:18:26.000000000 +0000 ++++ libwmf-0.2.8.4/src/extra/gd/gdft.c 2010-12-06 11:21:09.000000000 +0000 +@@ -811,7 +811,7 @@ + { + ch = c & 0xFF; /* don't extend sign */ + } +- next++; ++ if (*next) next++; + } + else + { diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-2756.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-2756.patch new file mode 100644 index 000000000..eba8fac25 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-2756.patch @@ -0,0 +1,16 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd_png.c 1 Apr 2007 20:41:01 -0000 1.21.2.1 ++++ libwmf-0.2.8.4/src/extra/gd/gd_png.c 16 May 2007 19:06:11 -0000 +@@ -78,8 +78,11 @@ + gdPngReadData (png_structp png_ptr, + png_bytep data, png_size_t length) + { +- gdGetBuf (data, length, (gdIOCtx *) +- png_get_io_ptr (png_ptr)); ++ int check; ++ check = gdGetBuf (data, length, (gdIOCtx *) png_get_io_ptr (png_ptr)); ++ if (check != length) { ++ png_error(png_ptr, "Read Error: truncated data"); ++ } + } + + static void diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3472.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3472.patch new file mode 100644 index 000000000..2cd6d6040 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3472.patch @@ -0,0 +1,61 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd.c ++++ libwmf-0.2.8.4/src/extra/gd/gd.c +@@ -106,6 +106,18 @@ + gdImagePtr im; + unsigned long cpa_size; + ++ if (overflow2(sx, sy)) { ++ return NULL; ++ } ++ ++ if (overflow2(sizeof (int *), sy)) { ++ return NULL; ++ } ++ ++ if (overflow2(sizeof(int), sx)) { ++ return NULL; ++ } ++ + im = (gdImage *) gdMalloc (sizeof (gdImage)); + if (im == 0) return 0; + memset (im, 0, sizeof (gdImage)); +--- libwmf-0.2.8.4/src/extra/gd/gdhelpers.c 2010-12-06 11:47:31.000000000 +0000 ++++ libwmf-0.2.8.4/src/extra/gd/gdhelpers.c 2010-12-06 11:48:04.000000000 +0000 +@@ -2,6 +2,7 @@ + #include "gdhelpers.h" + #include <stdlib.h> + #include <string.h> ++#include <limits.h> + + /* TBB: gd_strtok_r is not portable; provide an implementation */ + +@@ -94,3 +95,18 @@ + { + free (ptr); + } ++ ++int overflow2(int a, int b) ++{ ++ if(a < 0 || b < 0) { ++ fprintf(stderr, "gd warning: one parameter to a memory allocation multiplication is negative, failing operation gracefully\n"); ++ return 1; ++ } ++ if(b == 0) ++ return 0; ++ if(a > 2147483647 / b) { ++ fprintf(stderr, "gd warning: product of memory allocation multiplication would exceed INT_MAX, failing operation gracefully\n"); ++ return 1; ++ } ++ return 0; ++} +--- libwmf-0.2.8.4/src/extra/gd/gdhelpers.h 2010-12-06 11:47:17.000000000 +0000 ++++ libwmf-0.2.8.4/src/extra/gd/gdhelpers.h 2010-12-06 11:48:36.000000000 +0000 +@@ -15,6 +15,8 @@ + void *gdMalloc(size_t size); + void *gdRealloc(void *ptr, size_t size); + ++int overflow2(int a, int b); ++ + #pragma GCC visibility pop + + #endif /* GDHELPERS_H */ diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3473.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3473.patch new file mode 100644 index 000000000..590189969 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3473.patch @@ -0,0 +1,13 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd.c ++++ libwmf-0.2.8.4/src/extra/gd/gd.c +@@ -2483,6 +2483,10 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFromXbm (FILE * fd) + } + bytes = (w * h / 8) + 1; + im = gdImageCreate (w, h); ++ if (!im) { ++ return 0; ++ } ++ + gdImageColorAllocate (im, 255, 255, 255); + gdImageColorAllocate (im, 0, 0, 0); + x = 0; diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3477.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3477.patch new file mode 100644 index 000000000..81ac03853 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2007-3477.patch @@ -0,0 +1,38 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd.c ++++ libwmf-0.2.8.4/src/extra/gd/gd.c +@@ -1335,10 +1335,31 @@ + int w2, h2; + w2 = w / 2; + h2 = h / 2; +- while (e < s) +- { +- e += 360; +- } ++ ++ if ((s % 360) == (e % 360)) { ++ s = 0; e = 360; ++ } else { ++ if (s > 360) { ++ s = s % 360; ++ } ++ ++ if (e > 360) { ++ e = e % 360; ++ } ++ ++ while (s < 0) { ++ s += 360; ++ } ++ ++ while (e < s) { ++ e += 360; ++ } ++ ++ if (s == e) { ++ s = 0; e = 360; ++ } ++ } ++ + for (i = s; (i <= e); i++) + { + int x, y; diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2009-3546.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2009-3546.patch new file mode 100644 index 000000000..d718976ad --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2009-3546.patch @@ -0,0 +1,13 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd_gd.c 2010-12-06 14:56:06.000000000 +0000 ++++ libwmf-0.2.8.4/src/extra/gd/gd_gd.c 2010-12-06 14:57:04.000000000 +0000 +@@ -42,6 +42,10 @@ + { + goto fail1; + } ++ if (&im->colorsTotal > gdMaxColors) ++ { ++ goto fail1; ++ } + } + /* Int to accommodate truecolor single-color transparency */ + if (!gdGetInt (&im->transparent, in)) diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-0848+CVE-2015-4588.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-0848+CVE-2015-4588.patch new file mode 100644 index 000000000..e8ba8db1e --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-0848+CVE-2015-4588.patch @@ -0,0 +1,118 @@ +--- libwmf-0.2.8.4/src/ipa/ipa/bmp.h 2015-06-08 14:46:24.591876404 +0100 ++++ libwmf-0.2.8.4/src/ipa/ipa/bmp.h 2015-06-08 14:46:35.345993247 +0100 +@@ -859,7 +859,7 @@ + % + % + */ +-static void DecodeImage (wmfAPI* API,wmfBMP* bmp,BMPSource* src,unsigned int compression,unsigned char* pixels) ++static int DecodeImage (wmfAPI* API,wmfBMP* bmp,BMPSource* src,unsigned int compression,unsigned char* pixels) + { int byte; + int count; + int i; +@@ -870,12 +870,14 @@ + U32 u; + + unsigned char* q; ++ unsigned char* end; + + for (u = 0; u < ((U32) bmp->width * (U32) bmp->height); u++) pixels[u] = 0; + + byte = 0; + x = 0; + q = pixels; ++ end = pixels + bmp->width * bmp->height; + + for (y = 0; y < bmp->height; ) + { count = ReadBlobByte (src); +@@ -884,7 +886,10 @@ + { /* Encoded mode. */ + byte = ReadBlobByte (src); + for (i = 0; i < count; i++) +- { if (compression == 1) ++ { ++ if (q == end) ++ return 0; ++ if (compression == 1) + { (*(q++)) = (unsigned char) byte; + } + else +@@ -896,13 +901,15 @@ + else + { /* Escape mode. */ + count = ReadBlobByte (src); +- if (count == 0x01) return; ++ if (count == 0x01) return 1; + switch (count) + { + case 0x00: + { /* End of line. */ + x = 0; + y++; ++ if (y >= bmp->height) ++ return 0; + q = pixels + y * bmp->width; + break; + } +@@ -910,13 +917,20 @@ + { /* Delta mode. */ + x += ReadBlobByte (src); + y += ReadBlobByte (src); ++ if (y >= bmp->height) ++ return 0; ++ if (x >= bmp->width) ++ return 0; + q = pixels + y * bmp->width + x; + break; + } + default: + { /* Absolute mode. */ + for (i = 0; i < count; i++) +- { if (compression == 1) ++ { ++ if (q == end) ++ return 0; ++ if (compression == 1) + { (*(q++)) = ReadBlobByte (src); + } + else +@@ -943,7 +957,7 @@ + byte = ReadBlobByte (src); /* end of line */ + byte = ReadBlobByte (src); + +- return; ++ return 1; + } + + /* +@@ -1143,8 +1157,18 @@ + } + } + else +- { /* Convert run-length encoded raster pixels. */ +- DecodeImage (API,bmp,src,(unsigned int) bmp_info.compression,data->image); ++ { ++ if (bmp_info.bits_per_pixel == 8) /* Convert run-length encoded raster pixels. */ ++ { ++ if (!DecodeImage (API,bmp,src,(unsigned int) bmp_info.compression,data->image)) ++ { WMF_ERROR (API,"corrupt bmp"); ++ API->err = wmf_E_BadFormat; ++ } ++ } ++ else ++ { WMF_ERROR (API,"Unexpected pixel depth"); ++ API->err = wmf_E_BadFormat; ++ } + } + + if (ERR (API)) +--- libwmf-0.2.8.4/src/ipa/ipa.h 2015-06-08 14:46:24.590876393 +0100 ++++ libwmf-0.2.8.4/src/ipa/ipa.h 2015-06-08 14:46:35.345993247 +0100 +@@ -48,7 +48,7 @@ + static unsigned short ReadBlobLSBShort (BMPSource*); + static unsigned long ReadBlobLSBLong (BMPSource*); + static long TellBlob (BMPSource*); +-static void DecodeImage (wmfAPI*,wmfBMP*,BMPSource*,unsigned int,unsigned char*); ++static int DecodeImage (wmfAPI*,wmfBMP*,BMPSource*,unsigned int,unsigned char*); + static void ReadBMPImage (wmfAPI*,wmfBMP*,BMPSource*); + static int ExtractColor (wmfAPI*,wmfBMP*,wmfRGB*,unsigned int,unsigned int); + static void SetColor (wmfAPI*,wmfBMP*,wmfRGB*,unsigned char,unsigned int,unsigned int); diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-4695.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-4695.patch new file mode 100644 index 000000000..b6d499da9 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-4695.patch @@ -0,0 +1,56 @@ +--- libwmf-0.2.8.4/src/player/meta.h ++++ libwmf-0.2.8.4/src/player/meta.h +@@ -1565,7 +1565,7 @@ static int meta_rgn_create (wmfAPI* API, + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -2142,7 +2142,7 @@ static int meta_dib_brush (wmfAPI* API,w + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -3067,7 +3067,7 @@ static int meta_pen_create (wmfAPI* API, + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -3181,7 +3181,7 @@ static int meta_brush_create (wmfAPI* AP + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -3288,7 +3288,7 @@ static int meta_font_create (wmfAPI* API + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); +@@ -3396,7 +3396,7 @@ static int meta_palette_create (wmfAPI* + objects = P->objects; + + i = 0; +- while (objects[i].type && (i < NUM_OBJECTS (API))) i++; ++ while ((i < NUM_OBJECTS (API)) && objects[i].type) i++; + + if (i == NUM_OBJECTS (API)) + { WMF_ERROR (API,"Object out of range!"); diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-4696.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-4696.patch new file mode 100644 index 000000000..331284125 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2015-4696.patch @@ -0,0 +1,23 @@ +--- libwmf-0.2.8.4/src/player/meta.h ++++ libwmf-0.2.8.4/src/player/meta.h +@@ -2585,6 +2585,8 @@ + polyrect.BR[i] = clip->rects[i].BR; + } + ++ if (FR->region_clip) FR->region_clip (API,&polyrect); ++ + wmf_free (API,polyrect.TL); + wmf_free (API,polyrect.BR); + } +@@ -2593,9 +2595,10 @@ + polyrect.BR = 0; + + polyrect.count = 0; ++ ++ if (FR->region_clip) FR->region_clip (API,&polyrect); + } + +- if (FR->region_clip) FR->region_clip (API,&polyrect); + + return (changed); + } diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-10167.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-10167.patch new file mode 100644 index 000000000..5e2819743 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-10167.patch @@ -0,0 +1,30 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd_gd2.c ++++ libwmf-0.2.8.4/src/extra/gd/gd_gd2.c +@@ -362,10 +362,9 @@ + { + if (!gdGetInt (&im->tpixels[y][x], in)) + { +- /*printf("EOF while reading\n"); */ +- /*gdImageDestroy(im); */ +- /*return 0; */ +- im->tpixels[y][x] = 0; ++ fprintf(stderr, "gd2: EOF while reading\n"); ++ gdImageDestroy(im); ++ return NULL; + } + } + else +@@ -373,10 +372,9 @@ + int ch; + if (!gdGetByte (&ch, in)) + { +- /*printf("EOF while reading\n"); */ +- /*gdImageDestroy(im); */ +- /*return 0; */ +- ch = 0; ++ fprintf(stderr, "gd2: EOF while reading\n"); ++ gdImageDestroy(im); ++ return NULL; + } + im->pixels[y][x] = ch; + } diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-10168.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-10168.patch new file mode 100644 index 000000000..b1578bb91 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-10168.patch @@ -0,0 +1,14 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd_gd2.c ++++ libwmf-0.2.8.4/src/extra/gd/gd_gd2.c +@@ -145,6 +145,11 @@ + + if ((*fmt) == GD2_FMT_COMPRESSED) + { ++ if (*ncx <= 0 || *ncy <= 0 || *ncx > 2147483647 / *ncy) { ++ GD2_DBG(printf ("Illegal chunk counts: %d * %d\n", *ncx, *ncy)); ++ goto fail1; ++ } ++ + nc = (*ncx) * (*ncy); + GD2_DBG (printf ("Reading %d chunk index entries\n", nc)); + sidx = sizeof (t_chunk_info) * nc; diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-9011.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-9011.patch new file mode 100644 index 000000000..c6bd017c2 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-9011.patch @@ -0,0 +1,36 @@ +--- libwmf-0.2.8.4/src/player.c ++++ libwmf-0.2.8.4/src/player.c +@@ -139,8 +139,31 @@ + WMF_DEBUG (API,"bailing..."); + return (API->err); + } +- +- P->Parameters = (unsigned char*) wmf_malloc (API,(MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char)); ++ ++ U32 nMaxRecordSize = (MAX_REC_SIZE(API) ) * 2 * sizeof (unsigned char); ++ if (nMaxRecordSize) ++ { ++ //before allocating memory do a sanity check on size by seeking ++ //to claimed end to see if its possible. We're constrained here ++ //by the api and existing implementations to not simply seeking ++ //to SEEK_END. So use what we have to skip to the last byte and ++ //try and read it. ++ const long nPos = WMF_TELL (API); ++ WMF_SEEK (API, nPos + nMaxRecordSize - 1); ++ if (ERR (API)) ++ { WMF_DEBUG (API,"bailing..."); ++ return (API->err); ++ } ++ int byte = WMF_READ (API); ++ if (byte == (-1)) ++ { WMF_ERROR (API,"Unexpected EOF!"); ++ API->err = wmf_E_EOF; ++ return (API->err); ++ } ++ WMF_SEEK (API, nPos); ++ } ++ ++ P->Parameters = (unsigned char*) wmf_malloc (API, nMaxRecordSize); + + if (ERR (API)) + { WMF_DEBUG (API,"bailing..."); diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-9317.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-9317.patch new file mode 100644 index 000000000..cf57734ed --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2016-9317.patch @@ -0,0 +1,21 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd.c ++++ libwmf-0.2.8.4/src/extra/gd/gd.c +@@ -65,6 +65,18 @@ + { + int i; + gdImagePtr im; ++ ++ if (overflow2(sx, sy)) { ++ return NULL; ++ } ++ ++ if (overflow2(sizeof (unsigned char *), sy)) { ++ return NULL; ++ } ++ if (overflow2(sizeof (unsigned char), sx)) { ++ return NULL; ++ } ++ + im = (gdImage *) gdMalloc (sizeof (gdImage)); + memset (im, 0, sizeof (gdImage)); + /* Row-major ever since gd 1.3 */ diff --git a/patches/source/libwmf/libwmf-0.2.8.4-CVE-2017-6362.patch b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2017-6362.patch new file mode 100644 index 000000000..2ad180d97 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-CVE-2017-6362.patch @@ -0,0 +1,32 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd_png.c ++++ libwmf-0.2.8.4/src/extra/gd/gd_png.c +@@ -435,17 +435,6 @@ + out->free (out); + } + +-void * +-gdImagePngPtr (gdImagePtr im, int *size) +-{ +- void *rv; +- gdIOCtx *out = gdNewDynamicCtx (2048, NULL); +- gdImagePngCtx (im, out); +- rv = gdDPExtractData (out, size); +- out->free (out); +- return rv; +-} +- + /* This routine is based in part on code from Dale Lutz (Safe Software Inc.) + * and in part on demo code from Chapter 15 of "PNG: The Definitive Guide" + * (http://www.cdrom.com/pub/png/pngbook.html). +--- libwmf-0.2.8.4/src/extra/gd/gd.h ++++ libwmf-0.2.8.4/src/extra/gd/gd.h +@@ -373,9 +373,6 @@ + void gdImageGd2(gdImagePtr im, FILE *out, int cs, int fmt); + + /* Best to free this memory with gdFree(), not free() */ +-void* gdImagePngPtr(gdImagePtr im, int *size); +- +-/* Best to free this memory with gdFree(), not free() */ + void* gdImageGdPtr(gdImagePtr im, int *size); + + /* Best to free this memory with gdFree(), not free() */ diff --git a/patches/source/libwmf/libwmf-0.2.8.4-fallbackfont.patch b/patches/source/libwmf/libwmf-0.2.8.4-fallbackfont.patch new file mode 100644 index 000000000..83383138a --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-fallbackfont.patch @@ -0,0 +1,18 @@ +diff -ru libwmf-0.2.8.4.orig/src/font.c libwmf-0.2.8.4/src/font.c +--- libwmf-0.2.8.4.orig/src/font.c 2005-07-27 21:35:06.000000000 +0100 ++++ libwmf-0.2.8.4/src/font.c 2006-01-03 12:53:38.000000000 +0000 +@@ -1429,11 +1429,9 @@ + if (GS->len == 0) return (0); + + name = font->lfFaceName; +- if (name == 0) +- { WMF_DEBUG (API,"No font name?"); +- API->err = wmf_E_Glitch; +- return (0); +- } ++ ++ if (name == 0 || name[0] == 0) ++ name = "Times"; + + /* Find first white-space character or eol + */ diff --git a/patches/source/libwmf/libwmf-0.2.8.4-pixbufloaderdir.patch b/patches/source/libwmf/libwmf-0.2.8.4-pixbufloaderdir.patch new file mode 100644 index 000000000..a03578581 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-pixbufloaderdir.patch @@ -0,0 +1,14 @@ +diff -up libwmf-0.2.8.4/configure.in.pixbufloaderdir libwmf-0.2.8.4/configure.in +--- libwmf-0.2.8.4/configure.in.pixbufloaderdir 2010-06-28 23:35:06.227167269 -0400 ++++ libwmf-0.2.8.4/configure.in 2010-06-28 23:36:00.948420306 -0400 +@@ -741,8 +741,8 @@ + + if test $LIBWMF_BUILDSTYLE != lite; then + PKG_CHECK_MODULES(GDK_PIXBUF,gdk-pixbuf-2.0 >= 2.1.2,[ +- GTK_VERSION=`$PKG_CONFIG --variable=gtk_binary_version gtk+-2.0` +- GDK_PIXBUF_DIR="gtk-2.0/$GTK_VERSION/loaders" ++ GDK_PIXBUF_VERSION=`$PKG_CONFIG --variable=gdk_pixbuf_binary_version gdk-pixbuf-2.0` ++ GDK_PIXBUF_DIR="gdk-pixbuf-2.0/$GDK_PIXBUF_VERSION/loaders" + wmf_gdk_pixbuf=yes + ],[ wmf_gdk_pixbuf=no + ]) diff --git a/patches/source/libwmf/libwmf-0.2.8.4-reducesymbols.patch b/patches/source/libwmf/libwmf-0.2.8.4-reducesymbols.patch new file mode 100644 index 000000000..45d82b327 --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-reducesymbols.patch @@ -0,0 +1,520 @@ +diff -ru libwmf-0.2.8.4/src/extra/gd/gd.c libwmf-0.2.8.4.symbols/src/extra/gd/gd.c +--- libwmf-0.2.8.4/src/extra/gd/gd.c 2005-07-27 21:35:05.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gd.c 2006-11-16 12:27:05.000000000 +0000 +@@ -249,6 +249,7 @@ + } + HWBType; + ++#if 0 + static HWBType * + RGB_to_HWB (RGBType RGB, HWBType * HWB) + { +@@ -308,7 +309,6 @@ + return diff; + } + +-#if 0 + /* + * This is not actually used, but is here for completeness, in case someone wants to + * use the HWB stuff for anything else... +@@ -355,6 +355,7 @@ + } + #endif + ++#if 0 + int + gdImageColorClosestHWB (gdImagePtr im, int r, int g, int b) + { +@@ -384,6 +385,7 @@ + } + return ct; + } ++#endif + + int + gdImageColorExact (gdImagePtr im, int r, int g, int b) +@@ -677,7 +679,7 @@ + } + } + +-int ++static int + gdImageGetTrueColorPixel (gdImagePtr im, int x, int y) + { + int p = gdImageGetPixel (im, x, y); +@@ -1286,11 +1288,11 @@ + return len; + } + +-#ifndef HAVE_LSQRT ++#if 0 + /* If you don't have a nice square root function for longs, you can use + ** this hack + */ +-long ++static long + lsqrt (long n) + { + long result = (long) sqrt ((double) n); +@@ -2250,7 +2252,7 @@ + } + } + +-int gdCompareInt (const void *a, const void *b); ++static int gdCompareInt (const void *a, const void *b); + + /* THANKS to Kirsten Schulz for the polygon fixes! */ + +diff -ru libwmf-0.2.8.4/src/extra/gd/gdcache.h libwmf-0.2.8.4.symbols/src/extra/gd/gdcache.h +--- libwmf-0.2.8.4/src/extra/gd/gdcache.h 2001-08-21 15:40:33.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdcache.h 2006-11-16 12:13:40.000000000 +0000 +@@ -41,6 +41,9 @@ + /*********************************************************/ + + /* #include <malloc.h> */ ++ ++#pragma GCC visibility push(hidden) ++ + #ifndef NULL + #define NULL (void *)0 + #endif +@@ -81,3 +84,5 @@ + + void * + gdCacheGet( gdCache_head_t *head, void *keydata ); ++ ++#pragma GCC visibility pop +diff -ru libwmf-0.2.8.4/src/extra/gd/gd_clip.h libwmf-0.2.8.4.symbols/src/extra/gd/gd_clip.h +--- libwmf-0.2.8.4/src/extra/gd/gd_clip.h 2001-03-28 10:37:30.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gd_clip.h 2006-11-16 12:11:49.000000000 +0000 +@@ -1,6 +1,8 @@ + #ifndef GD_CLIP_H + #define GD_CLIP_H 1 + ++#pragma GCC visibility push(hidden) ++ + #ifdef __cplusplus + extern "C" { + #endif +@@ -23,4 +25,6 @@ + } + #endif + ++#pragma GCC visibility pop ++ + #endif /* GD_CLIP_H */ +diff -ru libwmf-0.2.8.4/src/extra/gd/gdfontg.h libwmf-0.2.8.4.symbols/src/extra/gd/gdfontg.h +--- libwmf-0.2.8.4/src/extra/gd/gdfontg.h 2001-03-28 10:37:30.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdfontg.h 2006-11-16 12:12:03.000000000 +0000 +@@ -2,6 +2,8 @@ + #ifndef _GDFONTG_H_ + #define _GDFONTG_H_ 1 + ++#pragma GCC visibility push(hidden) ++ + #ifdef __cplusplus + extern "C" { + #endif +@@ -25,5 +27,7 @@ + } + #endif + ++#pragma GCC visibility pop ++ + #endif + +diff -ru libwmf-0.2.8.4/src/extra/gd/gdfontl.h libwmf-0.2.8.4.symbols/src/extra/gd/gdfontl.h +--- libwmf-0.2.8.4/src/extra/gd/gdfontl.h 2001-03-28 10:37:30.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdfontl.h 2006-11-16 12:12:11.000000000 +0000 +@@ -2,6 +2,8 @@ + #ifndef _GDFONTL_H_ + #define _GDFONTL_H_ 1 + ++#pragma GCC visibility push(hidden) ++ + #ifdef __cplusplus + extern "C" { + #endif +@@ -26,5 +28,7 @@ + } + #endif + ++#pragma GCC visibility pop ++ + #endif + +diff -ru libwmf-0.2.8.4/src/extra/gd/gdfontmb.h libwmf-0.2.8.4.symbols/src/extra/gd/gdfontmb.h +--- libwmf-0.2.8.4/src/extra/gd/gdfontmb.h 2001-03-28 10:37:30.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdfontmb.h 2006-11-16 12:12:19.000000000 +0000 +@@ -2,6 +2,8 @@ + #ifndef _GDFONTMB_H_ + #define _GDFONTMB_H_ 1 + ++#pragma GCC visibility push(hidden) ++ + #ifdef __cplusplus + extern "C" { + #endif +@@ -24,5 +26,7 @@ + } + #endif + ++#pragma GCC visibility pop ++ + #endif + +diff -ru libwmf-0.2.8.4/src/extra/gd/gdfonts.h libwmf-0.2.8.4.symbols/src/extra/gd/gdfonts.h +--- libwmf-0.2.8.4/src/extra/gd/gdfonts.h 2001-03-28 10:37:30.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdfonts.h 2006-11-16 12:12:28.000000000 +0000 +@@ -2,6 +2,8 @@ + #ifndef _GDFONTS_H_ + #define _GDFONTS_H_ 1 + ++#pragma GCC visibility push(hidden) ++ + #ifdef __cplusplus + extern "C" { + #endif +@@ -24,5 +26,7 @@ + } + #endif + ++#pragma GCC visibility pop ++ + #endif + +diff -ru libwmf-0.2.8.4/src/extra/gd/gdfontt.h libwmf-0.2.8.4.symbols/src/extra/gd/gdfontt.h +--- libwmf-0.2.8.4/src/extra/gd/gdfontt.h 2001-03-28 10:37:30.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdfontt.h 2006-11-16 12:12:36.000000000 +0000 +@@ -2,6 +2,8 @@ + #ifndef _GDFONTT_H_ + #define _GDFONTT_H_ 1 + ++#pragma GCC visibility push(hidden) ++ + #ifdef __cplusplus + extern "C" { + #endif +@@ -25,5 +27,7 @@ + } + #endif + ++#pragma GCC visibility pop ++ + #endif + +diff -ru libwmf-0.2.8.4/src/extra/gd/gdft.c libwmf-0.2.8.4.symbols/src/extra/gd/gdft.c +--- libwmf-0.2.8.4/src/extra/gd/gdft.c 2005-07-27 21:35:05.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdft.c 2006-11-16 12:24:50.000000000 +0000 +@@ -533,7 +533,7 @@ + } + + /* draw_bitmap - transfers glyph bitmap to GD image */ +-/* static */ char * ++static char * + gdft_draw_bitmap (gdImage * im, int fg, FT_Bitmap bitmap, int pen_x, int pen_y) + { + unsigned char *pixel = 0; +@@ -643,7 +643,7 @@ + return (char *) NULL; + } + +-int ++static int + gdroundupdown (FT_F26Dot6 v1, int updown) + { + return (!updown) +@@ -651,7 +651,9 @@ + : (v1 > 0 ? ((v1 + 63) >> 6) : v1 >> 6); + } + ++#pragma GCC visibility push(hidden) + extern int any2eucjp (char *, char *, unsigned int); ++#pragma GCC visibility pop + + /********************************************************************/ + /* gdImageStringFT - render a utf8 string onto a gd image */ +diff -ru libwmf-0.2.8.4/src/extra/gd/gd_gd2.c libwmf-0.2.8.4.symbols/src/extra/gd/gd_gd2.c +--- libwmf-0.2.8.4/src/extra/gd/gd_gd2.c 2005-07-27 21:35:05.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gd_gd2.c 2006-11-16 12:21:28.000000000 +0000 +@@ -34,8 +34,10 @@ + } + t_chunk_info; + ++#pragma GCC visibility push(hidden) + extern int _gdGetColors (gdIOCtx * in, gdImagePtr im, int gd2xFlag); + extern void _gdPutColors (gdImagePtr im, gdIOCtx * out); ++#pragma GCC visibility pop + + /* */ + /* Read the extra info in the gd2 header. */ +diff -ru libwmf-0.2.8.4/src/extra/gd/gd_gd.c libwmf-0.2.8.4.symbols/src/extra/gd/gd_gd.c +--- libwmf-0.2.8.4/src/extra/gd/gd_gd.c 2005-07-27 21:35:05.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gd_gd.c 2006-11-16 12:21:43.000000000 +0000 +@@ -11,6 +11,11 @@ + /* Exported functions: */ + extern void gdImageGd (gdImagePtr im, FILE * out); + ++#pragma GCC visibility push(hidden) ++int _gdGetColors (gdIOCtx * in, gdImagePtr im, int gd2xFlag); ++void _gdPutColors (gdImagePtr im, gdIOCtx * out); ++#pragma GCC visibility pop ++ + + /* Use this for commenting out debug-print statements. */ + /* Just use the first '#define' to allow all the prints... */ +diff -ru libwmf-0.2.8.4/src/extra/gd/gd.h libwmf-0.2.8.4.symbols/src/extra/gd/gd.h +--- libwmf-0.2.8.4/src/extra/gd/gd.h 2002-12-05 20:09:11.000000000 +0000 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gd.h 2006-11-16 12:14:11.000000000 +0000 +@@ -25,6 +25,8 @@ + #include <gd_io.h> + #include <gd_clip.h> + ++#pragma GCC visibility push(hidden) ++ + /* The maximum number of palette entries in palette-based images. + In the wonderful new world of gd 2.0, you can of course have + many more colors when using truecolor mode. */ +@@ -497,6 +499,8 @@ + /* resolution affects ttf font rendering, particularly hinting */ + #define GD_RESOLUTION 96 /* pixels per inch */ + ++#pragma GCC visibility pop ++ + #ifdef __cplusplus + } + #endif +diff -ru libwmf-0.2.8.4/src/extra/gd/gdhelpers.h libwmf-0.2.8.4.symbols/src/extra/gd/gdhelpers.h +--- libwmf-0.2.8.4/src/extra/gd/gdhelpers.h 2001-03-28 10:37:31.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdhelpers.h 2006-11-16 12:12:55.000000000 +0000 +@@ -1,6 +1,8 @@ + #ifndef GDHELPERS_H + #define GDHELPERS_H 1 + ++#pragma GCC visibility push(hidden) ++ + /* TBB: strtok_r is not universal; provide an implementation of it. */ + + extern char *gd_strtok_r(char *s, char *sep, char **state); +@@ -13,5 +15,7 @@ + void *gdMalloc(size_t size); + void *gdRealloc(void *ptr, size_t size); + ++#pragma GCC visibility pop ++ + #endif /* GDHELPERS_H */ + +diff -ru libwmf-0.2.8.4/src/extra/gd/gd_io.h libwmf-0.2.8.4.symbols/src/extra/gd/gd_io.h +--- libwmf-0.2.8.4/src/extra/gd/gd_io.h 2001-03-28 10:37:30.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gd_io.h 2006-11-16 12:13:08.000000000 +0000 +@@ -2,6 +2,8 @@ + #define GD_IO_H 1 + + #include <stdio.h> ++ ++#pragma GCC visibility push(hidden) + + typedef struct gdIOCtx { + int (*getC)(struct gdIOCtx*); +@@ -36,4 +38,6 @@ + int gdSeek(gdIOCtx *ctx, const int); + long gdTell(gdIOCtx *ctx); + ++#pragma GCC visibility pop ++ + #endif +diff -ru libwmf-0.2.8.4/src/extra/gd/gd_jpeg.c libwmf-0.2.8.4.symbols/src/extra/gd/gd_jpeg.c +--- libwmf-0.2.8.4/src/extra/gd/gd_jpeg.c 2005-07-27 21:35:06.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gd_jpeg.c 2006-11-16 12:28:13.000000000 +0000 +@@ -99,7 +99,7 @@ + return rv; + } + +-void jpeg_gdIOCtx_dest (j_compress_ptr cinfo, gdIOCtx * outfile); ++static void jpeg_gdIOCtx_dest (j_compress_ptr cinfo, gdIOCtx * outfile); + + void + gdImageJpegCtx (gdImagePtr im, gdIOCtx * outfile, int quality) +@@ -266,7 +266,7 @@ + return im; + } + +-void ++static void + jpeg_gdIOCtx_src (j_decompress_ptr cinfo, + gdIOCtx * infile); + +@@ -511,7 +511,7 @@ + * before any data is actually read. + */ + +-void ++static void + init_source (j_decompress_ptr cinfo) + { + my_src_ptr src = (my_src_ptr) cinfo->src; +@@ -559,7 +559,7 @@ +
+ #define END_JPEG_SEQUENCE "\r\n[*]--:END JPEG:--[*]\r\n"
+ +-safeboolean ++static safeboolean + fill_input_buffer (j_decompress_ptr cinfo) + { + my_src_ptr src = (my_src_ptr) cinfo->src; +@@ -627,7 +627,7 @@ + * buffer is the application writer's problem. + */ + +-void ++static void + skip_input_data (j_decompress_ptr cinfo, long num_bytes) + { + my_src_ptr src = (my_src_ptr) cinfo->src; +@@ -669,7 +669,7 @@ + * for error exit. + */ + +-void ++static void + term_source (j_decompress_ptr cinfo) + { +
+@@ -742,7 +742,7 @@ + * before any data is actually written. + */ + +-void ++static void + init_destination (j_compress_ptr cinfo) + { + my_dest_ptr dest = (my_dest_ptr) cinfo->dest; +@@ -780,7 +780,7 @@ + * write it out when emptying the buffer externally. + */ + +-safeboolean ++static safeboolean + empty_output_buffer (j_compress_ptr cinfo) + { + my_dest_ptr dest = (my_dest_ptr) cinfo->dest; +@@ -805,7 +805,7 @@ + * for error exit. + */ + +-void ++static void + term_destination (j_compress_ptr cinfo) + { + my_dest_ptr dest = (my_dest_ptr) cinfo->dest; +diff -ru libwmf-0.2.8.4/src/extra/gd/gdkanji.c libwmf-0.2.8.4.symbols/src/extra/gd/gdkanji.c +--- libwmf-0.2.8.4/src/extra/gd/gdkanji.c 2001-05-19 14:09:34.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdkanji.c 2006-11-16 12:29:42.000000000 +0000 +@@ -555,6 +555,11 @@ + return kanji; + } + ++#pragma GCC visibility push(hidden) ++int ++any2eucjp (unsigned char *dest, unsigned char *src, unsigned int dest_max); ++#pragma GCC visibility pop ++ + int + any2eucjp (unsigned char *dest, unsigned char *src, unsigned int dest_max) + { +diff -ru libwmf-0.2.8.4/src/extra/gd/gd_topal.c libwmf-0.2.8.4.symbols/src/extra/gd/gd_topal.c +--- libwmf-0.2.8.4/src/extra/gd/gd_topal.c 2005-07-27 21:35:06.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gd_topal.c 2006-11-16 12:25:45.000000000 +0000 +@@ -1129,7 +1129,7 @@ + * Map some rows of pixels to the output colormapped representation. + */ + +-void ++static void + pass2_no_dither (gdImagePtr im, my_cquantize_ptr cquantize) + /* This version performs no dithering */ + { +@@ -1217,7 +1217,7 @@ + #endif + + +-void ++static void + pass2_fs_dither (gdImagePtr im, my_cquantize_ptr cquantize) + + /* This version performs Floyd-Steinberg dithering */ +diff -ru libwmf-0.2.8.4/src/extra/gd/gd_wbmp.c libwmf-0.2.8.4.symbols/src/extra/gd/gd_wbmp.c +--- libwmf-0.2.8.4/src/extra/gd/gd_wbmp.c 2001-05-19 14:09:34.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gd_wbmp.c 2006-11-16 12:28:33.000000000 +0000 +@@ -67,7 +67,7 @@ + ** Wrapper around gdPutC for use with writewbmp + ** + */ +-void ++static void + gd_putout (int i, void *out) + { + gdPutC (i, (gdIOCtx *) out); +@@ -79,7 +79,7 @@ + ** Wrapper around gdGetC for use with readwbmp + ** + */ +-int ++static int + gd_getin (void *in) + { + return (gdGetC ((gdIOCtx *) in)); +diff -ru libwmf-0.2.8.4/src/extra/gd/gdxpm.c libwmf-0.2.8.4.symbols/src/extra/gd/gdxpm.c +--- libwmf-0.2.8.4/src/extra/gd/gdxpm.c 2001-05-19 14:09:34.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/gdxpm.c 2006-11-16 12:18:29.000000000 +0000 +@@ -10,6 +10,7 @@ + #include "gd.h" + #include "gdhelpers.h" + ++#if 0 + #ifndef HAVE_XPM + gdImagePtr + gdImageCreateFromXpm (char *filename) +@@ -146,3 +147,4 @@ + return (im); + } + #endif ++#endif +diff -ru libwmf-0.2.8.4/src/extra/gd/jisx0208.h libwmf-0.2.8.4.symbols/src/extra/gd/jisx0208.h +--- libwmf-0.2.8.4/src/extra/gd/jisx0208.h 2001-03-28 10:37:35.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/jisx0208.h 2006-11-16 12:13:19.000000000 +0000 +@@ -1,5 +1,8 @@ + #ifndef JISX0208_H + #define JISX0208_H ++ ++#pragma GCC visibility push(hidden) ++ + /* This file was derived from "src/VF_Ftype.c" in VFlib2-2.24.2 + by Dr. Kakugawa */ + +@@ -1202,4 +1205,6 @@ + 0x2170, 0x2171, 0x2172, 0x2173, 0x2174, 0x2175, 0x2176, 0x2177, + 0x2178, 0x2179, 0xFFE2, 0xFFE4, 0xFF07, 0xFF02}}; + ++#pragma GCC visibility pop ++ + #endif /* JISX0208_H */ +diff -ru libwmf-0.2.8.4/src/extra/gd/wbmp.h libwmf-0.2.8.4.symbols/src/extra/gd/wbmp.h +--- libwmf-0.2.8.4/src/extra/gd/wbmp.h 2001-03-28 10:37:37.000000000 +0100 ++++ libwmf-0.2.8.4.symbols/src/extra/gd/wbmp.h 2006-11-16 12:14:19.000000000 +0000 +@@ -12,6 +12,8 @@ + #ifndef __WBMP_H + #define __WBMP_H 1 + ++#pragma GCC visibility push(hidden) ++ + + /* WBMP struct + ** ----------- +@@ -44,4 +46,6 @@ + void freewbmp( Wbmp *wbmp ); + void printwbmp( Wbmp *wbmp ); + ++#pragma GCC visibility pop ++ + #endif diff --git a/patches/source/libwmf/libwmf-0.2.8.4-useafterfree.patch b/patches/source/libwmf/libwmf-0.2.8.4-useafterfree.patch new file mode 100644 index 000000000..328c5411f --- /dev/null +++ b/patches/source/libwmf/libwmf-0.2.8.4-useafterfree.patch @@ -0,0 +1,10 @@ +--- libwmf-0.2.8.4/src/extra/gd/gd_clip.c.CVE-2009-1364-im-clip-list 2009-04-24 04:06:44.000000000 -0400 ++++ libwmf-0.2.8.4/src/extra/gd/gd_clip.c 2009-04-24 04:08:30.000000000 -0400 +@@ -70,6 +70,7 @@ void gdClipSetAdd(gdImagePtr im,gdClipRe + { more = gdRealloc (im->clip->list,(im->clip->max + 8) * sizeof (gdClipRectangle)); + if (more == 0) return; + im->clip->max += 8; ++ im->clip->list = more; + } + im->clip->list[im->clip->count] = (*rect); + im->clip->count++; diff --git a/patches/source/libwmf/libwmf.SlackBuild b/patches/source/libwmf/libwmf.SlackBuild new file mode 100755 index 000000000..0425ebb61 --- /dev/null +++ b/patches/source/libwmf/libwmf.SlackBuild @@ -0,0 +1,142 @@ +#!/bin/bash + +# Copyright 2008, 2009, 2010, 2018 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +cd $(dirname $0) ; CWD=$(pwd) + +PKGNAM=libwmf +VERSION=0.2.8.4 +BUILD=${BUILD:-5_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz" + exit 0 +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} +TMP=${TMP:-/tmp} + +PKG=$TMP/package-libwmf + +rm -rf $PKG +mkdir -p $PKG + +cd $TMP +rm -rf libwmf-$VERSION +tar xvf $CWD/libwmf-$VERSION.tar.?z* || exit 1 +cd libwmf-$VERSION || exit 1 + +zcat $CWD/libwmf.png14.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Miscellaneous patches from Fedora: +zcat $CWD/libwmf-0.2.8.4-fallbackfont.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-pixbufloaderdir.patch.gz | patch -p1 --verbose || exit 1 + +# Don't export the modified embedded GD library symbols, to avoid conflicts with +# the system libgd: +zcat $CWD/libwmf-0.2.8.4-reducesymbols.patch.gz | patch -p1 --verbose || exit 1 + +# Patch security issues: +zcat $CWD/libwmf-0.2.8.4-useafterfree.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2006-3376.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2004-0941.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2007-0455.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2007-2756.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2007-3472.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2007-3473.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2007-3477.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2009-3546.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2015-0848+CVE-2015-4588.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2015-4695.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2015-4696.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2016-10167.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2016-10168.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2016-9011.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2016-9317.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libwmf-0.2.8.4-CVE-2017-6362.patch.gz | patch -p1 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --enable-static=no \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc +mv $PKG/usr/share/doc/libwmf $PKG/usr/doc/libwmf-$VERSION +rmdir $PKG/usr/share/doc +cp -a \ + AUTHORS BUILDING COPYING CREDITS NEWS README TODO \ + $PKG/usr/doc/libwmf-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/libwmf-$VERSION-$ARCH-$BUILD.txz diff --git a/patches/source/libwmf/libwmf.png14.diff b/patches/source/libwmf/libwmf.png14.diff new file mode 100644 index 000000000..c55b143c8 --- /dev/null +++ b/patches/source/libwmf/libwmf.png14.diff @@ -0,0 +1,11 @@ +--- ./src/extra/gd/gd_png.c.orig 2005-07-27 15:35:06.000000000 -0500 ++++ ./src/extra/gd/gd_png.c 2010-02-14 18:24:19.000000000 -0600 +@@ -136,7 +136,7 @@ + /* first do a quick check that the file really is a PNG image; could + * have used slightly more general png_sig_cmp() function instead */ + gdGetBuf (sig, 8, infile); +- if (!png_check_sig (sig, 8)) ++ if (!(png_sig_cmp(sig, 0, 8) == 0)) + return NULL; /* bad signature */ + + #ifndef PNG_SETJMP_NOT_SUPPORTED diff --git a/patches/source/libwmf/slack-desc b/patches/source/libwmf/slack-desc new file mode 100644 index 000000000..19f99a7de --- /dev/null +++ b/patches/source/libwmf/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libwmf: libwmf (WMF graphics format library) +libwmf: +libwmf: libwmf is a library for interpreting metafile images and either +libwmf: displaying them using X or converting them to standard formats such +libwmf: as PNG, JPEG, PS, EPS and SVG. +libwmf: +libwmf: +libwmf: +libwmf: +libwmf: +libwmf: diff --git a/patches/source/libxcb/arch.use.flags b/patches/source/libxcb/arch.use.flags new file mode 100644 index 000000000..11087c884 --- /dev/null +++ b/patches/source/libxcb/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/libxcb/build/libxcb b/patches/source/libxcb/build/libxcb new file mode 100644 index 000000000..682d1e1f9 --- /dev/null +++ b/patches/source/libxcb/build/libxcb @@ -0,0 +1 @@ +2_slack13.0 diff --git a/patches/source/libxcb/configure/libxcb b/patches/source/libxcb/configure/libxcb new file mode 100644 index 000000000..0c8a4a8c8 --- /dev/null +++ b/patches/source/libxcb/configure/libxcb @@ -0,0 +1,14 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --disable-static \ + --enable-xinput \ + --enable-xkb \ + --build=$ARCH-slackware-linux diff --git a/patches/source/libxcb/libxcb.SlackBuild b/patches/source/libxcb/libxcb.SlackBuild new file mode 100755 index 000000000..1c0b31650 --- /dev/null +++ b/patches/source/libxcb/libxcb.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild xcb libxcb +mv /tmp/x11-build/libxcb*txz /tmp diff --git a/patches/source/libxcb/modularize b/patches/source/libxcb/modularize new file mode 100644 index 000000000..8a28ed93e --- /dev/null +++ b/patches/source/libxcb/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/libxcb/noarch b/patches/source/libxcb/noarch new file mode 100644 index 000000000..8785ee527 --- /dev/null +++ b/patches/source/libxcb/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/libxcb/package-blacklist b/patches/source/libxcb/package-blacklist new file mode 100644 index 000000000..603b8c31f --- /dev/null +++ b/patches/source/libxcb/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/libxcb/post-install/libxcb.post-install b/patches/source/libxcb/post-install/libxcb.post-install new file mode 100644 index 000000000..14f8408a7 --- /dev/null +++ b/patches/source/libxcb/post-install/libxcb.post-install @@ -0,0 +1,67 @@ + +# Copyright 2009 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +# Add documentation: +mkdir -p $PKG/usr/doc/libxcb-$MODULAR_PACKAGE_VERSION +cp -a \ + COPYING INSTALL NEWS README \ + $PKG/usr/doc/libxcb-$MODULAR_PACKAGE_VERSION +mv $PKG/usr/share/doc/libxcb/tutorial $PKG/usr/doc/libxcb-$MODULAR_PACKAGE_VERSION +# The manual isn't building for now, so... +rm -rf $PKG/usr/share/doc/libxcb +rmdir $PKG/usr/share/doc +rmdir $PKG/usr/share + +# Older versions of libxcb shipped a poorly libtooled .la file that caused +# the now-gone libxcb-xlib.so module to be incorrectly linked with many +# binaries and libraries, and cause the module to be listed (again, +# incorrectly) in a lot of .la files. Rather than breaking a large amount +# of existing X programs, we will use this simple trick to allow old binaries +# to keep running, and new things to compile even if a bogus .la file +# referencing libxcb-xlib is in the development environment. +# +# References to libxcb-xlib will go away as things are recompiled in the +# future (we've eliminated any remaining references in Slackware itself). +# +# It's like letting a sliver work out instead of cutting off the finger. + +( cd $PKG/usr/lib + ln -sf libxcb.so.1 libxcb-xlib.so.0 + ln -sf libxcb-xlib.so.0 libxcb-xlib.so + ln -sf libxcb.la libxcb-xlib.la +) + +# Changes to the .soname versions have caused a few binaries to break when +# libxcb was updated to facilitate security fixes. While the old library +# versions could be included in the package to fix this, that might result +# in a binary loading both library versions at the same time. Past +# experience has shown that to cause segfaults or other issues. So, we'll +# add a few compatibility symlinks so that old binaries will load. If +# it turns out to be required, we'll recompile anything that happens to run +# into an ABI issue due to this, but the testing seems to indicate that it +# won't break anything. At least there will be less breakage with this +# fix. If anyone notices any, please let us know. +( cd $PKG/usr/lib + ln -sf libxcb-randr.so.0 libxcb-randr.so.1 + ln -sf libxcb-sync.so.1 libxcb-sync.so.0 +) + diff --git a/patches/source/libxcb/slack-desc/libxcb b/patches/source/libxcb/slack-desc/libxcb new file mode 100644 index 000000000..35182210a --- /dev/null +++ b/patches/source/libxcb/slack-desc/libxcb @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libxcb: libxcb (X protocol C-language Binding) +libxcb: +libxcb: The XCB library provides an interface to the X Window System protocol +libxcb: which is fully capable of replacing Xlib. In fact, libX11 makes use +libxcb: of libxcb as much as possible. :-) Porting to XCB has several +libxcb: advantages such as a smaller memory footprint, latency hiding, direct +libxcb: protocol access, and improved thread support. +libxcb: +libxcb: +libxcb: +libxcb: diff --git a/patches/source/libxcb/x11.SlackBuild b/patches/source/libxcb/x11.SlackBuild new file mode 100755 index 000000000..c3887dff2 --- /dev/null +++ b/patches/source/libxcb/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/libxml2/libxml.CVE-2011-3102.diff b/patches/source/libxml2/libxml.CVE-2011-3102.diff new file mode 100644 index 000000000..4f6a92cbe --- /dev/null +++ b/patches/source/libxml2/libxml.CVE-2011-3102.diff @@ -0,0 +1,39 @@ +From d8e1faeaa99c7a7c07af01c1c72de352eb590a3e Mon Sep 17 00:00:00 2001 +From: Jüri Aedla <asd@ut.ee> +Date: Mon, 07 May 2012 07:06:56 +0000 +Subject: Fix an off by one pointer access + +getting out of the range of memory allocated for xpointer decoding +--- +diff --git a/xpointer.c b/xpointer.c +index 37afa3a..0b463dd 100644 +--- a/xpointer.c ++++ b/xpointer.c +@@ -1007,21 +1007,14 @@ xmlXPtrEvalXPtrPart(xmlXPathParserContextPtr ctxt, xmlChar *name) { + NEXT; + break; + } +- *cur++ = CUR; + } else if (CUR == '(') { + level++; +- *cur++ = CUR; + } else if (CUR == '^') { +- NEXT; +- if ((CUR == ')') || (CUR == '(') || (CUR == '^')) { +- *cur++ = CUR; +- } else { +- *cur++ = '^'; +- *cur++ = CUR; +- } +- } else { +- *cur++ = CUR; ++ if ((NXT(1) == ')') || (NXT(1) == '(') || (NXT(1) == '^')) { ++ NEXT; ++ } + } ++ *cur++ = CUR; + NEXT; + } + *cur = 0; +-- +cgit v0.9.0.2 diff --git a/patches/source/libxml2/libxml2.CVE-2012-5134.diff b/patches/source/libxml2/libxml2.CVE-2012-5134.diff new file mode 100644 index 000000000..70905aaa7 --- /dev/null +++ b/patches/source/libxml2/libxml2.CVE-2012-5134.diff @@ -0,0 +1,21 @@ +From 6a36fbe3b3e001a8a840b5c1fdd81cefc9947f0d Mon Sep 17 00:00:00 2001 +From: Daniel Veillard <veillard@redhat.com> +Date: Mon, 29 Oct 2012 02:39:55 +0000 +Subject: Fix potential out of bound access + +--- +diff --git a/parser.c b/parser.c +index 0d8d7f2..bd634e9 100644 +--- a/parser.c ++++ b/parser.c +@@ -4076,7 +4076,7 @@ xmlParseAttValueComplex(xmlParserCtxtPtr ctxt, int *attlen, int normalize) { + goto error; + + if ((in_space) && (normalize)) { +- while (buf[len - 1] == 0x20) len--; ++ while ((len > 0) && (buf[len - 1] == 0x20)) len--; + } + buf[len] = 0; + if (RAW == '<') { +-- +cgit v0.9.0.2 diff --git a/patches/source/libxml2/libxml2.SlackBuild b/patches/source/libxml2/libxml2.SlackBuild new file mode 100755 index 000000000..cc0c37e91 --- /dev/null +++ b/patches/source/libxml2/libxml2.SlackBuild @@ -0,0 +1,109 @@ +#!/bin/sh + +# Copyright 2008, 2009 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=2.7.3 +BUILD=${BUILD:-5_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i486 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7lh ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-libxml2 +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf libxml2-$VERSION +tar xvf $CWD/libxml2-$VERSION.tar.?z* || exit 1 +cd libxml2-$VERSION +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/libxml.CVE-2011-3102.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/libxml2.CVE-2012-5134.diff.gz | patch -p1 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +#echo +#echo "Only the python bindings in /usr/lib/python__/site-packages/ should" +#echo "be kept... toss the other stuff" +#echo + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mv $PKG/usr/share/doc $PKG/usr +mv $PKG/usr/doc/libxml2-python-$VERSION $PKG/usr/doc/libxml2-$VERSION +cp -a \ + AUTHORS COPYING* INSTALL NEWS README \ + $PKG/usr/doc/libxml2-$VERSION +find $PKG/usr/doc/libxml2-$VERSION -type f | xargs chmod 644 + +gzip -9 $PKG/usr/man/man?/*.? + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +# Be sure to clobber any .pyc files that might have been generated so that +# the new .py files will be used instead of the already compiled copies +cat << EOF > $PKG/install/doinst.sh +rm -f /usr/lib${LIBDIRSUFFIX}/python26/site-packages/libxml2.pyc +rm -f /usr/lib${LIBDIRSUFFIX}/python26/site-packages/drv_libxml2.pyc +EOF + +cd $PKG +/sbin/makepkg -l y -c n $TMP/libxml2-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/libxml2/slack-desc b/patches/source/libxml2/slack-desc new file mode 100644 index 000000000..dfbc38dc3 --- /dev/null +++ b/patches/source/libxml2/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +libxml2: libxml2 (XML parser library) +libxml2: +libxml2: Libxml2 is the XML C parser library and toolkit. XML itself is a +libxml2: metalanguage to design markup languages -- i.e. a text language where +libxml2: structures are added to the content using extra "markup" information +libxml2: enclosed between angle brackets. HTML is the most well-known markup +libxml2: language. Though the library is written in C, a variety of language +libxml2: bindings make it available in other environments. +libxml2: +libxml2: +libxml2: diff --git a/patches/source/linux-2.6.29.6-3/linux-2.6.29.6-01-sendpage.diff b/patches/source/linux-2.6.29.6-3/linux-2.6.29.6-01-sendpage.diff new file mode 100644 index 000000000..d1e7a07af --- /dev/null +++ b/patches/source/linux-2.6.29.6-3/linux-2.6.29.6-01-sendpage.diff @@ -0,0 +1,11 @@ +--- ./net/socket.c.orig 2009-08-02 14:29:53.000000000 -0500 ++++ ./net/socket.c 2009-08-15 13:03:44.000000000 -0500 +@@ -694,7 +694,7 @@ + if (more) + flags |= MSG_MORE; + +- return sock->ops->sendpage(sock, page, offset, size, flags); ++ return kernel_sendpage(sock, page, offset, size, flags); + } + + static ssize_t sock_splice_read(struct file *file, loff_t *ppos, diff --git a/patches/source/linux-2.6.29.6-3/linux-2.6.29.6-02-default-mmap_min_addr-4096.diff b/patches/source/linux-2.6.29.6-3/linux-2.6.29.6-02-default-mmap_min_addr-4096.diff new file mode 100644 index 000000000..53d2b5a02 --- /dev/null +++ b/patches/source/linux-2.6.29.6-3/linux-2.6.29.6-02-default-mmap_min_addr-4096.diff @@ -0,0 +1,22 @@ +--- ./arch/x86/configs/i386_defconfig.orig 2009-07-02 18:41:20.000000000 -0500 ++++ ./arch/x86/configs/i386_defconfig 2009-08-16 21:03:21.000000000 -0500 +@@ -2127,7 +2127,7 @@ + # CONFIG_SECURITY_NETWORK_XFRM is not set + CONFIG_SECURITY_FILE_CAPABILITIES=y + # CONFIG_SECURITY_ROOTPLUG is not set +-CONFIG_SECURITY_DEFAULT_MMAP_MIN_ADDR=65536 ++CONFIG_SECURITY_DEFAULT_MMAP_MIN_ADDR=4096 + CONFIG_SECURITY_SELINUX=y + CONFIG_SECURITY_SELINUX_BOOTPARAM=y + CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1 +--- ./arch/x86/configs/x86_64_defconfig.orig 2009-07-02 18:41:20.000000000 -0500 ++++ ./arch/x86/configs/x86_64_defconfig 2009-08-16 21:03:33.000000000 -0500 +@@ -2096,7 +2096,7 @@ + # CONFIG_SECURITY_NETWORK_XFRM is not set + CONFIG_SECURITY_FILE_CAPABILITIES=y + # CONFIG_SECURITY_ROOTPLUG is not set +-CONFIG_SECURITY_DEFAULT_MMAP_MIN_ADDR=65536 ++CONFIG_SECURITY_DEFAULT_MMAP_MIN_ADDR=4096 + CONFIG_SECURITY_SELINUX=y + CONFIG_SECURITY_SELINUX_BOOTPARAM=y + CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1 diff --git a/patches/source/linux-2.6.29.6-3/linux-2.6.29.6-03-ip_fragment-CVE-2009-1298.diff b/patches/source/linux-2.6.29.6-3/linux-2.6.29.6-03-ip_fragment-CVE-2009-1298.diff new file mode 100644 index 000000000..bf49b3dcf --- /dev/null +++ b/patches/source/linux-2.6.29.6-3/linux-2.6.29.6-03-ip_fragment-CVE-2009-1298.diff @@ -0,0 +1,11 @@ +--- ./net/ipv4/ip_fragment.c.orig 2009-10-10 00:49:25.000000000 -0500 ++++ ./net/ipv4/ip_fragment.c 2009-12-07 14:07:28.000000000 -0600 +@@ -563,7 +563,7 @@ + printk(KERN_INFO "Oversized IP packet from %pI4.\n", + &qp->saddr); + out_fail: +- IP_INC_STATS_BH(dev_net(dev), IPSTATS_MIB_REASMFAILS); ++ IP_INC_STATS_BH(net, IPSTATS_MIB_REASMFAILS); + return err; + } + diff --git a/patches/source/lm_sensors/lm_sensors.SlackBuild b/patches/source/lm_sensors/lm_sensors.SlackBuild new file mode 100755 index 000000000..9382bc9eb --- /dev/null +++ b/patches/source/lm_sensors/lm_sensors.SlackBuild @@ -0,0 +1,125 @@ +#!/bin/sh + +# Copyright 2006, 2008, 2009, 2010, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=lm_sensors +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.bz2 | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.bz2 || exit 1 +cd ${PKGNAM}-$VERSION || exit 1 + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Configure: +zcat $CWD/lm_sensors.makefile.diff.gz | patch -p1 --verbose || exit 1 + +make user LIBDIR=/usr/lib${LIBDIRSUFFIX} || exit 1 +make user_install LIBDIR=/usr/lib${LIBDIRSUFFIX} || exit 1 + +# Nope. +rm -f $PKG/usr/lib${LIBDIRSUFFIX}/*.a + +# Nope. +rm -rf $PKG/usr/include/linux + +# Do the .new thing with the config file: +mv $PKG/etc/sensors3.conf $PKG/etc/sensors3.conf.new + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a \ + CHANGES CONTRIBUTORS COPYING* INSTALL README* doc \ + $PKG/usr/doc/${PKGNAM}-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +cat << EOF > $PKG/install/doinst.sh +#!/bin/sh +config() { + NEW="\$1" + OLD="\$(dirname \$NEW)/\$(basename \$NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r \$OLD ]; then + mv \$NEW \$OLD + elif [ "\$(cat \$OLD | md5sum)" = "\$(cat \$NEW | md5sum)" ]; then # toss the redundant copy + rm \$NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/sensors3.conf.new +EOF + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/lm_sensors/lm_sensors.makefile.diff b/patches/source/lm_sensors/lm_sensors.makefile.diff new file mode 100644 index 000000000..8216a8d1e --- /dev/null +++ b/patches/source/lm_sensors/lm_sensors.makefile.diff @@ -0,0 +1,15 @@ +--- ./Makefile.orig 2008-03-26 08:37:12.000000000 -0500 ++++ ./Makefile 2008-10-25 20:05:44.000000000 -0500 +@@ -39,10 +39,10 @@ + + # If you want to install at some other place then at from which you will run + # everything, set DESTDIR to the extra prefix. +-DESTDIR := ++DESTDIR := /tmp/package-lm_sensors + + # This is the prefix that will be used for almost all directories below. +-PREFIX := /usr/local ++PREFIX := /usr + + # Your C compiler + CC := gcc diff --git a/patches/source/lm_sensors/slack-desc b/patches/source/lm_sensors/slack-desc new file mode 100644 index 000000000..2f32f80d7 --- /dev/null +++ b/patches/source/lm_sensors/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +lm_sensors: lm_sensors (hardware monitoring package) +lm_sensors: +lm_sensors: lm_sensors provides tools for monitoring the temperatures, voltages, +lm_sensors: and fans of Linux systems with hardware monitoring devices. Included +lm_sensors: are text-based tools for sensor reporting, and a library for sensors +lm_sensors: access called libsensors. It also contains tools for sensor hardware +lm_sensors: identification and I2C bus probing. +lm_sensors: +lm_sensors: IMPORTANT NOTE: If you have a Thinkpad, please read the warnings in +lm_sensors: the README.thinkpad file. lm_sensors has been known to cause damage +lm_sensors: to some Thinkpads. diff --git a/patches/source/lynx/doinst.sh b/patches/source/lynx/doinst.sh new file mode 100644 index 000000000..79c367133 --- /dev/null +++ b/patches/source/lynx/doinst.sh @@ -0,0 +1,13 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/lynx.cfg.new diff --git a/patches/source/lynx/lynx.SlackBuild b/patches/source/lynx/lynx.SlackBuild new file mode 100755 index 000000000..ec8e3f09b --- /dev/null +++ b/patches/source/lynx/lynx.SlackBuild @@ -0,0 +1,155 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2012, 2016, 2017 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGVER=2.8.8rel.2 +DIRVER=2-8-8 +BUILD=${BUILD:-1_slack13.0} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-lynx + +rm -rf $PKG +mkdir -p $TMP $PKG/usr/lib${LIBDIRSUFFIX}/lynx +cd $TMP +rm -rf lynx$DIRVER +tar xvf $CWD/lynx${PKGVER}.tar.?z* || exit 1 +cd lynx$DIRVER || exit 1 + +find . -name "*~" -exec rm -f {} \; +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Change default colors and STARTFILE setting since the old site is gone: +zcat $CWD/lynx.cfg.diff.gz | patch -p1 --verbose --backup || exit 1 + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --libdir=/usr/lib${LIBDIRSUFFIX}/lynx \ + --datadir=/usr/share/lynx \ + --mandir=/usr/man \ + --enable-default-colors \ + --with-screen=ncursesw \ + --enable-widec \ + --enable-gzip-help \ + --with-zlib \ + --enable-read-eta \ + --enable-scrollbar \ + --with-ssl \ + --enable-ipv6 \ + --enable-color-style \ + --enable-prettysrc \ + --enable-source-cache \ + --enable-nsl-fork \ + --enable-nls \ + --enable-persistent-cookies \ + --enable-vertrace \ + --disable-full-paths \ + --enable-addrlist-page \ + --enable-charset-choice \ + --enable-cjk \ + --enable-htmlized-cfg \ + --enable-justify-elts \ + --enable-locale-charset \ + --enable-externs \ + --enable-cgi-links \ + --enable-change-exec \ + --enable-exec-links \ + --enable-exec-scripts \ + --enable-internal-links \ + --with-bzlib \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 +make install-help DESTDIR=$PKG || exit 1 +make install-doc DESTDIR=$PKG || exit 1 + +# Make lynx.cfg a preserved config file: +mv $PKG/etc/lynx.cfg $PKG/etc/lynx.cfg.new + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Correct $DESTDIR brokenness: +( cd $PKG/usr/share/lynx/lynx_help + rm -f COPYHEADER COPYING + ln -sf ../lynx_doc/COPYHEADER . + ln -sf ../lynx_doc/COPYING . +) +# Add documentation symlinks: +( mkdir -p $PKG/usr/doc/lynx-$PKGVER + cd $PKG/usr/doc/lynx-$PKGVER + ln -sf /usr/share/lynx/lynx_doc . + ln -sf /usr/share/lynx/lynx_help . +) + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGES ]; then + DOCSDIR=$(echo $PKG/usr/share/lynx/lynx_doc) + cat CHANGES | head -n 1000 > $DOCSDIR/CHANGES + touch -r CHANGES $DOCSDIR/CHANGES +fi + +gzip -9 $PKG/usr/man/man?/*.? + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/lynx-$PKGVER-$ARCH-$BUILD.txz + diff --git a/patches/source/lynx/lynx.cfg.diff b/patches/source/lynx/lynx.cfg.diff new file mode 100644 index 000000000..c2ecefd80 --- /dev/null +++ b/patches/source/lynx/lynx.cfg.diff @@ -0,0 +1,31 @@ +--- ./lynx.cfg.orig 2014-03-09 16:43:10.000000000 -0500 ++++ ./lynx.cfg 2017-05-29 14:35:52.629203408 -0500 +@@ -90,7 +90,7 @@ + # + # Normally we expect you will connect to a remote site, e.g., the Lynx starting + # site: +-STARTFILE:http://lynx.isc.org/ ++STARTFILE:http://lynx.invisible-island.net/ + # + # As an alternative, you may want to use a local URL. A good choice for this is + # the user's home directory: +@@ -2969,8 +2969,18 @@ + #COLOR:4:magenta:white + #COLOR:5:blue:white + #COLOR:6:red:white +-COLOR:6:brightred:black ++#COLOR:6:brightred:black + #COLOR:7:magenta:cyan ++COLOR:0:black:white ++COLOR:1:blue:white ++COLOR:2:yellow:blue ++COLOR:3:green:white ++COLOR:4:magenta:white ++COLOR:5:blue:white ++# This makes links a *lot* more visible. The default settings are like ++# "let's torture the color-blind" :^) ++COLOR:6:brightred:black ++COLOR:7:magenta:cyan + + .h2 COLOR_STYLE + # Also known as "lss" (lynx style-sheet), the color-style file assigns color diff --git a/patches/source/lynx/slack-desc b/patches/source/lynx/slack-desc new file mode 100644 index 000000000..c9209d298 --- /dev/null +++ b/patches/source/lynx/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +lynx: Lynx (text mode browser) +lynx: +lynx: Lynx is a distributed hypertext browser with full World Wide Web +lynx: capabilities. Lynx can be used to access information on the World +lynx: Wide Web, or to build information systems intended primarily for local +lynx: access. For example, Lynx has been used to build several Campus Wide +lynx: Information Systems (CWIS). +lynx: +lynx: Lynx's authors include Lou Montulli, Garrett Blythe, Craig Lavender, +lynx: Michael Grobe, and Charles Rezac. +lynx: diff --git a/patches/source/mailx/doinst.sh b/patches/source/mailx/doinst.sh new file mode 100644 index 000000000..62c288b48 --- /dev/null +++ b/patches/source/mailx/doinst.sh @@ -0,0 +1,14 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/nail.rc.new +# Make symlinks: diff --git a/patches/source/mailx/heirloom-mailx-12.5-fixes-1.patch b/patches/source/mailx/heirloom-mailx-12.5-fixes-1.patch new file mode 100644 index 000000000..fa6d51197 --- /dev/null +++ b/patches/source/mailx/heirloom-mailx-12.5-fixes-1.patch @@ -0,0 +1,232 @@ +Submitted By: Ken Moffat <ken at linuxfromscratch dot org> +Date: 2014-12-27 +Initial Package Version: 12.5 +Upstream Status: Unknown +Origin: Changes to remove SSL2 found at debian, remainder from redhat. +Description: Removes support for SSL2 (openssl no longer supports it) +and fixes CVE-2004-2771 [sic] and CVE-2014-7844. + +diff -Naur heirloom-mailx-12.5/extern.h heirloom-mailx-12.5-patched/extern.h +--- heirloom-mailx-12.5/extern.h 2011-04-26 22:23:22.000000000 +0100 ++++ heirloom-mailx-12.5-patched/extern.h 2014-12-27 01:26:59.654169487 +0000 +@@ -396,7 +396,7 @@ + int is_fileaddr(char *name); + struct name *usermap(struct name *names); + struct name *cat(struct name *n1, struct name *n2); +-char **unpack(struct name *np); ++char **unpack(struct name *smopts, struct name *np); + struct name *elide(struct name *names); + int count(struct name *np); + struct name *delete_alternates(struct name *np); +diff -Naur heirloom-mailx-12.5/fio.c heirloom-mailx-12.5-patched/fio.c +--- heirloom-mailx-12.5/fio.c 2011-04-26 22:23:22.000000000 +0100 ++++ heirloom-mailx-12.5-patched/fio.c 2014-12-27 01:27:15.634561413 +0000 +@@ -43,12 +43,15 @@ + #endif /* not lint */ + + #include "rcv.h" ++ ++#ifndef HAVE_WORDEXP ++#error wordexp support is required ++#endif ++ + #include <sys/stat.h> + #include <sys/file.h> + #include <sys/wait.h> +-#ifdef HAVE_WORDEXP + #include <wordexp.h> +-#endif /* HAVE_WORDEXP */ + #include <unistd.h> + + #if defined (USE_NSS) +@@ -481,7 +484,6 @@ + static char * + globname(char *name) + { +-#ifdef HAVE_WORDEXP + wordexp_t we; + char *cp; + sigset_t nset; +@@ -495,7 +497,7 @@ + sigemptyset(&nset); + sigaddset(&nset, SIGCHLD); + sigprocmask(SIG_BLOCK, &nset, NULL); +- i = wordexp(name, &we, 0); ++ i = wordexp(name, &we, WRDE_NOCMD); + sigprocmask(SIG_UNBLOCK, &nset, NULL); + switch (i) { + case 0: +@@ -527,65 +529,6 @@ + } + wordfree(&we); + return cp; +-#else /* !HAVE_WORDEXP */ +- char xname[PATHSIZE]; +- char cmdbuf[PATHSIZE]; /* also used for file names */ +- int pid, l; +- char *cp, *shell; +- int pivec[2]; +- extern int wait_status; +- struct stat sbuf; +- +- if (pipe(pivec) < 0) { +- perror("pipe"); +- return name; +- } +- snprintf(cmdbuf, sizeof cmdbuf, "echo %s", name); +- if ((shell = value("SHELL")) == NULL) +- shell = SHELL; +- pid = start_command(shell, 0, -1, pivec[1], "-c", cmdbuf, NULL); +- if (pid < 0) { +- close(pivec[0]); +- close(pivec[1]); +- return NULL; +- } +- close(pivec[1]); +-again: +- l = read(pivec[0], xname, sizeof xname); +- if (l < 0) { +- if (errno == EINTR) +- goto again; +- perror("read"); +- close(pivec[0]); +- return NULL; +- } +- close(pivec[0]); +- if (wait_child(pid) < 0 && WTERMSIG(wait_status) != SIGPIPE) { +- fprintf(stderr, catgets(catd, CATSET, 81, +- "\"%s\": Expansion failed.\n"), name); +- return NULL; +- } +- if (l == 0) { +- fprintf(stderr, catgets(catd, CATSET, 82, +- "\"%s\": No match.\n"), name); +- return NULL; +- } +- if (l == sizeof xname) { +- fprintf(stderr, catgets(catd, CATSET, 83, +- "\"%s\": Expansion buffer overflow.\n"), name); +- return NULL; +- } +- xname[l] = 0; +- for (cp = &xname[l-1]; *cp == '\n' && cp > xname; cp--) +- ; +- cp[1] = '\0'; +- if (strchr(xname, ' ') && stat(xname, &sbuf) < 0) { +- fprintf(stderr, catgets(catd, CATSET, 84, +- "\"%s\": Ambiguous.\n"), name); +- return NULL; +- } +- return savestr(xname); +-#endif /* !HAVE_WORDEXP */ + } + + /* +diff -Naur heirloom-mailx-12.5/mailx.1 heirloom-mailx-12.5-patched/mailx.1 +--- heirloom-mailx-12.5/mailx.1 2011-04-26 22:23:22.000000000 +0100 ++++ heirloom-mailx-12.5-patched/mailx.1 2014-12-27 01:26:53.838026857 +0000 +@@ -656,6 +656,14 @@ + will have the system wide alias expanded + as all mail goes through sendmail. + .SS "Recipient address specifications" ++If the ++.I expandaddr ++option is not set (the default), recipient addresses must be names of ++local mailboxes or Internet mail addresses. ++.PP ++If the ++.I expandaddr ++option is set, the following rules apply: + When an address is used to name a recipient + (in any of To, Cc, or Bcc), + names of local mail folders +@@ -2391,6 +2399,12 @@ + If this option is set, + \fImailx\fR starts even with an empty mailbox. + .TP ++.B expandaddr ++Causes ++.I mailx ++to expand message recipient addresses, as explained in the section, ++Recipient address specifications. ++.TP + .B flipr + Exchanges the + .I Respond +@@ -3575,7 +3589,7 @@ + .TP + .B ssl-method + Selects a SSL/TLS protocol version; +-valid values are `ssl2', `ssl3', and `tls1'. ++valid values are `ssl3', and `tls1'. + If unset, the method is selected automatically, + if possible. + .TP +diff -Naur heirloom-mailx-12.5/names.c heirloom-mailx-12.5-patched/names.c +--- heirloom-mailx-12.5/names.c 2011-04-26 22:23:22.000000000 +0100 ++++ heirloom-mailx-12.5-patched/names.c 2014-12-27 01:26:59.654169487 +0000 +@@ -268,6 +268,9 @@ + FILE *fout, *fin; + int ispipe; + ++ if (value("expandaddr") == NULL) ++ return names; ++ + top = names; + np = names; + time(&now); +@@ -546,7 +549,7 @@ + * Return an error if the name list won't fit. + */ + char ** +-unpack(struct name *np) ++unpack(struct name *smopts, struct name *np) + { + char **ap, **top; + struct name *n; +@@ -561,7 +564,7 @@ + * the terminating 0 pointer. Additional spots may be needed + * to pass along -f to the host mailer. + */ +- extra = 2; ++ extra = 3 + count(smopts); + extra++; + metoo = value("metoo") != NULL; + if (metoo) +@@ -578,6 +581,10 @@ + *ap++ = "-m"; + if (verbose) + *ap++ = "-v"; ++ for (; smopts != NULL; smopts = smopts->n_flink) ++ if ((smopts->n_type & GDEL) == 0) ++ *ap++ = smopts->n_name; ++ *ap++ = "--"; + for (; n != NULL; n = n->n_flink) + if ((n->n_type & GDEL) == 0) + *ap++ = n->n_name; +diff -Naur heirloom-mailx-12.5/openssl.c heirloom-mailx-12.5-patched/openssl.c +--- heirloom-mailx-12.5/openssl.c 2011-04-26 22:23:22.000000000 +0100 ++++ heirloom-mailx-12.5-patched/openssl.c 2014-12-27 01:26:34.385549867 +0000 +@@ -216,9 +216,7 @@ + + cp = ssl_method_string(uhp); + if (cp != NULL) { +- if (equal(cp, "ssl2")) +- method = SSLv2_client_method(); +- else if (equal(cp, "ssl3")) ++ if (equal(cp, "ssl3")) + method = SSLv3_client_method(); + else if (equal(cp, "tls1")) + method = TLSv1_client_method(); +diff -Naur heirloom-mailx-12.5/sendout.c heirloom-mailx-12.5-patched/sendout.c +--- heirloom-mailx-12.5/sendout.c 2011-04-26 22:23:22.000000000 +0100 ++++ heirloom-mailx-12.5-patched/sendout.c 2014-12-27 01:26:59.654169487 +0000 +@@ -835,7 +835,7 @@ + #endif /* HAVE_SOCKETS */ + + if ((smtp = value("smtp")) == NULL) { +- args = unpack(cat(mailargs, to)); ++ args = unpack(mailargs, to); + if (debug || value("debug")) { + printf(catgets(catd, CATSET, 181, + "Sendmail arguments:")); diff --git a/patches/source/mailx/mailx.SlackBuild b/patches/source/mailx/mailx.SlackBuild new file mode 100755 index 000000000..901c2be28 --- /dev/null +++ b/patches/source/mailx/mailx.SlackBuild @@ -0,0 +1,142 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2016 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=12.5 +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-mailx +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf mailx-$VERSION +tar xvf $CWD/mailx-$VERSION.tar.?z* || exit 1 +cd mailx-$VERSION || exit 1 + +zcat $CWD/heirloom-mailx-12.5-fixes-1.patch.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +make CFLAGS="$SLKCFLAGS" \ + PREFIX=/usr \ + MANDIR=/usr/man \ + MAILSPOOL=/var/spool/mail \ + UCBINSTALL=/usr/bin/install \ + SENDMAIL=/usr/sbin/sendmail + +make install DESTDIR=$PKG \ + CFLAGS="$SLKCFLAGS" \ + PREFIX=/usr \ + MANDIR=/usr/man \ + MAILSPOOL=/var/spool/mail \ + UCBINSTALL=/usr/bin/install \ + SENDMAIL=/usr/sbin/sendmail + +# We put symlinks in /bin since some things still expect '/bin/mail' or '/bin/Mail': +mkdir -p $PKG/bin +( cd $PKG/bin + ln -sf /usr/bin/mailx Mail + ln -sf /usr/bin/mailx mail + ln -sf /usr/bin/mailx nail +) +# Likewise, we make some compat symlinks in /usr/bin: +( cd $PKG/usr/bin + ln -sf mailx Mail + ln -sf mailx mail + ln -sf mailx nail +) +mv $PKG/etc/nail.rc $PKG/etc/nail.rc.new +strip $PKG/usr/bin/mailx + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Manpage links: +( cd $PKG/usr/man/man1 + ln -sf mailx.1.gz mail.1.gz + ln -sf mailx.1.gz nail.1.gz + ln -sf mailx.1.gz Mail.1.gz +) + +mkdir -p $PKG/usr/doc/mailx-$VERSION +cp -a \ + AUTHORS COPYING* INSTALL README TODO \ + $PKG/usr/doc/mailx-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/mailx-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/mailx/slack-desc b/patches/source/mailx/slack-desc new file mode 100644 index 000000000..d02c6f03f --- /dev/null +++ b/patches/source/mailx/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +mailx: mailx (a simple mail client) +mailx: +mailx: Mailx is derived from Berkeley Mail and is intended provide the +mailx: functionality of the POSIX mailx command with additional support +mailx: for MIME, IMAP, POP3, SMTP, and S/MIME. It provides enhanced +mailx: features for interactive use, such as caching and disconnected +mailx: operation for IMAP, message threading, scoring, and filtering. +mailx: It is also usable as a mail batch language, both for sending +mailx: and receiving mail. +mailx: +mailx: The maintainer and primary developer of mailx is Gunnar Ritter. diff --git a/patches/source/mercurial/doinst.sh b/patches/source/mercurial/doinst.sh new file mode 100644 index 000000000..4cefcc343 --- /dev/null +++ b/patches/source/mercurial/doinst.sh @@ -0,0 +1,13 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/mercurial/hgrc.d/hgk.rc.new +rm -f etc/mercurial/hgrc.d/hgk.rc.new diff --git a/patches/source/mercurial/mercurial.SlackBuild b/patches/source/mercurial/mercurial.SlackBuild new file mode 100755 index 000000000..57e4095a5 --- /dev/null +++ b/patches/source/mercurial/mercurial.SlackBuild @@ -0,0 +1,109 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +VERSION=${VERSION:-$(echo mercurial-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-mercurial + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf mercurial-$VERSION +tar xvf $CWD/mercurial-$VERSION.tar.?z* || exit 1 +cd mercurial-$VERSION +chown -R root.root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +python setup.py build install --root=$PKG || exit 1 + +# Ordinarily we will not add stuff that's not installed through the normal +# default installation method, but we've had a lot of requests, and it appears +# that installing at least the hgk extension is the ad-hoc standard. +mkdir -p $PKG/usr/libexec/mercurial +cp -a contrib/hgk $PKG/usr/libexec/mercurial +chmod 0755 $PKG/usr/libexec/mercurial/hgk + +mkdir -p $PKG/etc/mercurial/hgrc.d +cat << EOF > $PKG/etc/mercurial/hgrc.d/hgk.rc.new +[extensions] +# enable hgk extension ('hg help' shows 'view' as a command) +hgk = +[hgk] + +path=/usr/libexec/mercurial/hgk +EOF + +# Bash and zsh completion: +mkdir -p $PKG/usr/share/bash-completion/completions/ +cp -a contrib/bash_completion $PKG/usr/share/bash-completion/completions/hg +chmod 644 $PKG/usr/share/bash-completion/completions/hg +mkdir -p $PKG/usr/share/zsh/site-functions +cp -a contrib/zsh_completion $PKG/usr/share/zsh/site-functions/_mercurial +chmod 644 $PKG/usr/share/zsh/site-functions/_mercurial + +# Emacs Lisp extensions: +mkdir -p $PKG/usr/share/emacs/site-lisp +cp -a contrib/mercurial.el contrib/mq.el $PKG/usr/share/emacs/site-lisp +chmod 644 $PKG/usr/share/emacs/site-lisp/* + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +( cd doc + for dir in 1 5 ; do + mkdir -p $PKG/usr/man/man${dir} + for file in *.${dir} ; do + cat $file | gzip -9c > $PKG/usr/man/man${dir}/${file}.gz + done + done +) + +mkdir -p $PKG/usr/doc/mercurial-$VERSION +cp -a \ + CONTRIBUTORS COPYING* PKG-INFO README* \ + $PKG/usr/doc/mercurial-$VERSION + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/mercurial-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/mercurial/slack-desc b/patches/source/mercurial/slack-desc new file mode 100644 index 000000000..e770f6c31 --- /dev/null +++ b/patches/source/mercurial/slack-desc @@ -0,0 +1,22 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + +# This article is licensed under the GNU Free Documentation License. +# It uses material from the Wikipedia article "Mercurial". + + |-----handy-ruler------------------------------------------------------| +mercurial: mercurial (a distributed source management system) +mercurial: +mercurial: Mercurial is a cross-platform, distributed source management tool for +mercurial: software developers. It is written in Python, with a binary diff +mercurial: implementation written in C. Its major features include high- +mercurial: performance; serverless, fully distributed collaborative development; +mercurial: robust handling of both plain text and binary files; advanced +mercurial: branching and merging capabilities; and full source code available +mercurial: under the terms of the LGPL. +mercurial: +mercurial: Mercurial was written by Matt Mackall and other contributors. diff --git a/patches/source/mesa/README.GIT b/patches/source/mesa/README.GIT new file mode 100644 index 000000000..4e79f374c --- /dev/null +++ b/patches/source/mesa/README.GIT @@ -0,0 +1,16 @@ +Anonymous git Access + + To get the Mesa sources anonymously (read-only): + + 1. Install the git software on your computer if needed. + + 2. Get an initial, local copy of the repository with: + + git clone git://anongit.freedesktop.org/git/mesa/mesa + + + 3. Later, you can update your tree from the master repository with: + + git pull origin + + diff --git a/patches/source/mesa/get-mesa.sh b/patches/source/mesa/get-mesa.sh new file mode 100644 index 000000000..710043c64 --- /dev/null +++ b/patches/source/mesa/get-mesa.sh @@ -0,0 +1,8 @@ +rm -rf mesa +git clone git://anongit.freedesktop.org/git/mesa/mesa +# package the source archive and clean up: +( cd mesa ; find . -type d -name .git -exec rm -rf {} \; 2> /dev/null ) +DATE=$(date +%Y%m%d) +mv mesa mesa-${DATE}_git +tar cjf mesa-${DATE}_git.tar.bz2 mesa-${DATE}_git +rm -rf mesa-${DATE}_git diff --git a/patches/source/mesa/mesa.SlackBuild b/patches/source/mesa/mesa.SlackBuild new file mode 100755 index 000000000..31d15cb8d --- /dev/null +++ b/patches/source/mesa/mesa.SlackBuild @@ -0,0 +1,132 @@ +#!/bin/sh + +# Copyright 2006, 2007, 2008, 2009 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=mesa +VERSION=${VERSION:-7.5} +ARCH=${ARCH:-x86_64} +BUILD=${BUILD:-2} + +# Be sure this list is up-to-date: +#DRI_DRIVERS="i810,i915,i965,mach64,mga,nouveau,r128,r200,r300,radeon,s3v,savage,sis,tdfx,trident,unichrome,ffb,swrast" +DRI_DRIVERS="i810,i915,i965,mach64,mga,r128,r200,r300,radeon,s3v,savage,sis,tdfx,trident,unichrome,ffb,swrast" + +NUMJOBS=${NUMJOBS:--j8} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-mesa + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf Mesa-${VERSION} +tar xvf $CWD/MesaLib-$VERSION.tar.xz || exit 1 +tar xvf $CWD/MesaGLUT-$VERSION.tar.xz || exit 1 +tar xvf $CWD/MesaDemos-$VERSION.tar.xz || exit 1 +cd Mesa-$VERSION + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --docdir=/usr/doc/mesa-$VERSION \ + --with-dri-driverdir=/usr/lib${LIBDIRSUFFIX}/xorg/modules/dri \ + --with-dri-drivers="$DRI_DRIVERS" \ + --build=$ARCH-slackware-linux + +# Nobody else is enabling this. Seems like it's asking for trouble. +# --enable-xcb + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Install gears and glinfo: +mkdir -p $PKG/usr/bin +cp -a progs/demos/gears $PKG/usr/bin/gears +cp -a progs/demos/glinfo $PKG/usr/bin/glinfo + +# Install some "demos": +( cd progs/xdemos + cp glthreads glxcontexts glxdemo glxgears glxgears_fbconfig glxheads \ + glxinfo glxpbdemo glxpixmap \ + $PKG/usr/bin +) + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Compress info files, if any: +if [ -d $PKG/usr/info ]; then + ( cd $PKG/usr/info + rm -f dir + gzip -9 * + ) +fi + +mkdir -p $PKG/usr/doc/Mesa-$VERSION/html +cp -a COPYING docs/relnotes-$VERSION.html $PKG/usr/doc/Mesa-$VERSION +rm -f docs/relnotes*.html docs/RELNOTES* +cp -a docs/*.html $PKG/usr/doc/Mesa-$VERSION/html + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/mesa/slack-desc b/patches/source/mesa/slack-desc new file mode 100644 index 000000000..113964bd0 --- /dev/null +++ b/patches/source/mesa/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +mesa: mesa (a 3-D graphics library) +mesa: +mesa: Mesa is a 3-D graphics library with an API very similar to that of +mesa: another well-known 3-D graphics library. :-) The Mesa libraries are +mesa: used by X to provide both software and hardware accelerated graphics. +mesa: +mesa: Mesa was written by Brian Paul. +mesa: +mesa: +mesa: +mesa: diff --git a/patches/source/minicom/config.sub-x86_64.diff b/patches/source/minicom/config.sub-x86_64.diff new file mode 100644 index 000000000..fa89bb3c1 --- /dev/null +++ b/patches/source/minicom/config.sub-x86_64.diff @@ -0,0 +1,20 @@ +--- ./config.sub.orig 1998-04-26 17:20:59.000000000 +0400 ++++ ./config.sub 2007-08-30 09:48:46.000000000 +0400 +@@ -129,7 +129,7 @@ + case $basic_machine in + # Recognize the basic CPU types without company name. + # Some are omitted here because they have special meanings below. +- tahoe | i[345]86 | i860 | m68k | m68000 | m88k | ns32k | arm \ ++ tahoe | i[345]86 | x86_64 | i860 | m68k | m68000 | m88k | ns32k | arm \ + | arme[lb] | pyramid \ + | tron | a29k | 580 | i960 | h8300 | hppa1.0 | hppa1.1 \ + | alpha | we32k | ns16k | clipper | sparclite | i370 | sh \ +@@ -144,7 +144,7 @@ + exit 1 + ;; + # Recognize the basic CPU types with company name. +- vax-* | tahoe-* | i[345]86-* | i860-* | m68k-* | m68000-* | m88k-* \ ++ vax-* | tahoe-* | i[345]86-* | x86_64-* | i860-* | m68k-* | m68000-* | m88k-* \ + | sparc-* | ns32k-* | fx80-* | arm-* | c[123]* \ + | mips-* | pyramid-* | tron-* | a29k-* | romp-* | rs6000-* | power-* \ + | none-* | 580-* | cray2-* | h8300-* | i960-* | xmp-* | ymp-* \ diff --git a/patches/source/minicom/doinst.sh b/patches/source/minicom/doinst.sh new file mode 100644 index 000000000..5961829bc --- /dev/null +++ b/patches/source/minicom/doinst.sh @@ -0,0 +1,15 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/minicom.users.new +config etc/minirc.dfl.new +rm -f etc/minicom.users.new etc/minirc.dfl.new diff --git a/patches/source/minicom/lrzsz_0.12.21-5.diff b/patches/source/minicom/lrzsz_0.12.21-5.diff new file mode 100644 index 000000000..b2541a91b --- /dev/null +++ b/patches/source/minicom/lrzsz_0.12.21-5.diff @@ -0,0 +1,4194 @@ +--- lrzsz-0.12.21.orig/po/de.po ++++ lrzsz-0.12.21/po/de.po +@@ -28,21 +28,21 @@ + + #: src/lsz.c:422 + msgid "packetlength" +-msgstr "Paketlänge" ++msgstr "Paketl?nge" + + #: src/lsz.c:427 + #, c-format + msgid "packetlength out of range 24..%ld" +-msgstr "Argument der Option L außerhalb des Bereichs 24..%ld" ++msgstr "Argument der Option L au?erhalb des Bereichs 24..%ld" + + #: src/lsz.c:436 + msgid "framelength" +-msgstr "Framelänge" ++msgstr "Framel?nge" + + #: src/lsz.c:441 + #, c-format + msgid "framelength out of range 32..%ld" +-msgstr "Argument der Option l außerhalb des Bereichs 32..%ld" ++msgstr "Argument der Option l au?erhalb des Bereichs 32..%ld" + + #: src/lrz.c:318 src/lsz.c:450 + msgid "min_bps" +@@ -50,7 +50,7 @@ + + #: src/lsz.c:452 + msgid "min_bps must be >= 0" +-msgstr "minimale BPS-Rate muß >= 0 sein" ++msgstr "minimale BPS-Rate mu? >= 0 sein" + + #: src/lrz.c:324 src/lsz.c:458 + msgid "min_bps_time" +@@ -58,7 +58,7 @@ + + #: src/lrz.c:326 src/lsz.c:460 + msgid "min_bps_time must be > 1" +-msgstr "Zeitfenster für minimale BPS-Rate muß > 1 Sekunde sein" ++msgstr "Zeitfenster f?r minimale BPS-Rate mu? > 1 Sekunde sein" + + #: src/lrz.c:342 src/lsz.c:484 + msgid "hour to large (0..23)" +@@ -70,7 +70,7 @@ + + #: src/lrz.c:348 src/lsz.c:490 + msgid "minute to large (0..59)" +-msgstr "Minute zu groß (0..59)" ++msgstr "Minute zu gro? (0..59)" + + #: src/lrz.c:358 src/lrz.c:365 src/lsz.c:500 src/lsz.c:507 + msgid "stop time to small" +@@ -86,15 +86,15 @@ + + #: src/lrz.c:396 src/lsz.c:518 + msgid "timeout out of range 10..1000" +-msgstr "Argument der Option t außerhalb des Bereichs 10..1000" ++msgstr "Argument der Option t au?erhalb des Bereichs 10..1000" + + #: src/lrz.c:412 src/lsz.c:526 + msgid "security violation: can't do that under restricted shell\n" +-msgstr "Sicherheitsverstoß: Ausführung unter eingeschränkter Shell verboten\n" ++msgstr "Sicherheitsversto?: Ausf?hrung unter eingeschr?nkter Shell verboten\n" + + #: src/lrz.c:402 src/lsz.c:533 + msgid "window size" +-msgstr "Fenstergröße" ++msgstr "Fenstergr??e" + + #: src/lrz.c:427 src/lrz.c:434 src/lsz.c:556 src/lsz.c:563 + msgid "cannot turnoff syslog" +@@ -102,7 +102,7 @@ + + #: src/lrz.c:449 src/lsz.c:571 + msgid "startup delay" +-msgstr "Startverzögerung" ++msgstr "Startverz?gerung" + + #: src/lrz.c:465 src/lrz.c:483 src/lrz.c:760 src/lrz.c:1122 src/lrz.c:1244 + #: src/lrz.c:1292 src/lrz.c:1309 src/lrz.c:1324 src/lrz.c:1423 src/lsz.c:580 +@@ -117,11 +117,11 @@ + + #: src/lsz.c:612 src/lsz.c:627 + msgid "need at least one file to send" +-msgstr "es muß mindestens ein Name einer zu sendenden Datei angegeben werden" ++msgstr "es mu? mindestens ein Name einer zu sendenden Datei angegeben werden" + + #: src/lsz.c:629 + msgid "Can't send command in restricted mode\n" +-msgstr "Im eingeschränkten Modus ist das Senden von Kommandos verboten\n" ++msgstr "Im eingeschr?nkten Modus ist das Senden von Kommandos verboten\n" + + #: src/lrz.c:527 src/lsz.c:656 + msgid "hostname too long\n" +@@ -137,21 +137,21 @@ + + #: src/lrz.c:574 src/lsz.c:803 + msgid "Transfer incomplete\n" +-msgstr "Übertragung nicht abgeschlossen\n" ++msgstr "?bertragung nicht abgeschlossen\n" + + #: src/lrz.c:576 src/lsz.c:805 + msgid "Transfer complete\n" +-msgstr "Übertragung abgeschlossen\n" ++msgstr "?bertragung abgeschlossen\n" + + #: src/lsz.c:838 + #, c-format + msgid "send_pseudo %s: cannot open tmpfile %s: %s" +-msgstr "send_pseudo %s: kann temporäre Datei %s nicht öffnen: %s" ++msgstr "send_pseudo %s: kann tempor?re Datei %s nicht ?ffnen: %s" + + #: src/lsz.c:851 + #, c-format + msgid "send_pseudo %s: cannot lstat tmpfile %s: %s" +-msgstr "send_pseudo %s: kann lstat nicht auf temporäre Datei %s anwenden: %s" ++msgstr "send_pseudo %s: kann lstat nicht auf tempor?re Datei %s anwenden: %s" + + #: src/lsz.c:859 + #, c-format +@@ -161,7 +161,7 @@ + #: src/lsz.c:870 + #, c-format + msgid "send_pseudo %s: cannot write to tmpfile %s: %s" +-msgstr "send_pseudo %s: kann nicht in temporäre Datei %s schreiben: %s" ++msgstr "send_pseudo %s: kann nicht in tempor?re Datei %s schreiben: %s" + + #: src/lsz.c:879 + #, c-format +@@ -188,17 +188,17 @@ + + #: src/lsz.c:953 + msgid "Can't open any requested files." +-msgstr "Kann keine der angeforderten Dateien öffnen" ++msgstr "Kann keine der angeforderten Dateien ?ffnen" + + #: src/lsz.c:1009 + #, c-format + msgid "security violation: not allowed to upload from %s" +-msgstr "Sicherheitsverstoß: Ausführung unter eingeschränkter Shell verboten" ++msgstr "Sicherheitsversto?: Ausf?hrung unter eingeschr?nkter Shell verboten" + + #: src/lrz.c:1384 src/lsz.c:1027 + #, c-format + msgid "cannot open %s" +-msgstr "kann %s nicht öffnen" ++msgstr "kann %s nicht ?ffnen" + + #: src/lsz.c:1082 + #, c-format +@@ -213,12 +213,12 @@ + #: src/lsz.c:1119 + #, c-format + msgid "skipped: %s" +-msgstr "übersprungen: %s" ++msgstr "?bersprungen: %s" + + #: src/lsz.c:1122 + #, c-format + msgid "%s/%s: skipped" +-msgstr "%s/%s: übersprungen" ++msgstr "%s/%s: ?bersprungen" + + #: src/lsz.c:1149 + #, c-format +@@ -228,7 +228,7 @@ + #: src/lsz.c:1178 + #, c-format + msgid "Sending %s, %ld blocks: " +-msgstr "Sende %s, %ld Blöcke:" ++msgstr "Sende %s, %ld Bl?cke:" + + #: src/lsz.c:1181 + msgid "Give your local XMODEM receive command now." +@@ -245,11 +245,11 @@ + + #: src/lsz.c:1314 + msgid "Receiver Cancelled" +-msgstr "Empfänger brach ab" ++msgstr "Empf?nger brach ab" + + #: src/lsz.c:1340 + msgid "No ACK on EOT" +-msgstr "Keine Bestätigung für Übertragungsende erhalten" ++msgstr "Keine Best?tigung f?r ?bertragungsende erhalten" + + #: src/lsz.c:1361 + #, c-format +@@ -267,11 +267,11 @@ + + #: src/lsz.c:1399 + msgid "Timeout on sector ACK" +-msgstr "Timeout bei Sektorbestätigung" ++msgstr "Timeout bei Sektorbest?tigung" + + #: src/lsz.c:1404 + msgid "NAK on sector" +-msgstr "Sektor nicht bestätigt" ++msgstr "Sektor nicht best?tigt" + + #: src/lsz.c:1410 + msgid "Got burst for sector ACK" +@@ -280,11 +280,11 @@ + #: src/lsz.c:1412 + #, c-format + msgid "Got %02x for sector ACK" +-msgstr "Erhielt %02x als Sektorbestätigung" ++msgstr "Erhielt %02x als Sektorbest?tigung" + + #: src/lsz.c:1424 + msgid "Retry Count Exceeded" +-msgstr "Maximale Wiederholungsanzahl überschritten" ++msgstr "Maximale Wiederholungsanzahl ?berschritten" + + #: src/lrz.c:596 src/lsz.c:1502 + #, c-format +@@ -308,7 +308,7 @@ + + #: src/lsz.c:1513 + msgid "Send file(s) with ZMODEM/YMODEM/XMODEM protocol\n" +-msgstr "Dateien mit ZMODEM/YMODEM/XMODEM übertragen\n" ++msgstr "Dateien mit ZMODEM/YMODEM/XMODEM ?bertragen\n" + + # src/lrz.c:475 src/lsz.c:1330 xx + #: src/lrz.c:607 src/lsz.c:1515 +@@ -317,9 +317,9 @@ + " (Y) = option applies to YMODEM only\n" + " (Z) = option applies to ZMODEM only\n" + msgstr "" +-" (X) = Option gilt nur für XMODEM\n" +-" (Y) = Option gilt nur für YMODEM\n" +-" (Z) = Option gilt nur für ZMODEM\n" ++" (X) = Option gilt nur f?r XMODEM\n" ++" (Y) = Option gilt nur f?r YMODEM\n" ++" (Z) = Option gilt nur f?r ZMODEM\n" + + #: src/lsz.c:1521 + msgid "" +@@ -347,32 +347,32 @@ + " -m, --min-bps N stop transmission if BPS below N\n" + " -M, --min-bps-time N for at least N seconds (default: 120)\n" + msgstr "" +-" -+, --append an existierende Dateien anhängen (Z)\n" ++" -+, --append an existierende Dateien anh?ngen (Z)\n" + " -2, --twostop zwei Stopbits verwenden\n" +-" -4, --try-4k bis zu 4K Blockgröße verwenden\n" +-" --start-4k mit 4K Blockgröße starten (versucht nicht 8)\n" +-" -8, --try-8k bis zu 8K Blockgröße verwenden\n" +-" --start-8k mit 8K Blockgröße starten\n" ++" -4, --try-4k bis zu 4K Blockgr??e verwenden\n" ++" --start-4k mit 4K Blockgr??e starten (versucht nicht 8)\n" ++" -8, --try-8k bis zu 8K Blockgr??e verwenden\n" ++" --start-8k mit 8K Blockgr??e starten\n" + " -a, --ascii ASCII: NL nach CR/LF wandeln\n" +-" -b, --binary Binärübertragung erzwingen\n" ++" -b, --binary Bin?r?bertragung erzwingen\n" + " -B, --bufsize N N Bytes puffern (auto: ganze Datei puffern)\n" +-" -c, --command COMMAND Kommando KOMMANDO auf Gegenseite ausführen " ++" -c, --command COMMAND Kommando KOMMANDO auf Gegenseite ausf?hren " + "(Z)\n" +-" -C, --command-tries N N mal Kommandoausführung versuchen (Z)\n" ++" -C, --command-tries N N mal Kommandoausf?hrung versuchen (Z)\n" + " -d, --dot-to-slash C '.' in Dateinamen nach '/' wandeln (Y/Z)\n" + " --delay-startup N Bei Programmstart N Sek. schlafen (Debugging)\n" + " -e, --escape alle Steuerzeichen escapen (Z)\n" +-" -E, --rename Empfänger soll Datei umbenennen falls\n" ++" -E, --rename Empf?nger soll Datei umbenennen falls\n" + " Zieldatei schon existiert\n" + " -f, --full-path Dateien mit vollen Pfaden senden (Y/Z)\n" +-" -i, --immediate-command CMD wie `c', aber sofort zurückkehren (Z)\n" ++" -i, --immediate-command CMD wie `c', aber sofort zur?ckkehren (Z)\n" + " -h, --help diesen Hilfetext ausgeben\n" + " -k, --1k 1024 Bytes Pakete senden (Y)\n" +-" -L, --packetlen N Unterpaketlänge auf N Bytes beschränken (Z)\n" +-" -l, --framelen N Rahmenlänge auf N Bytes beschränken (l>=L) " ++" -L, --packetlen N Unterpaketl?nge auf N Bytes beschr?nken (Z)\n" ++" -l, --framelen N Rahmenl?nge auf N Bytes beschr?nken (l>=L) " + "(Z)\n" +-" -m, --min-bps N Übertragung abbrechen bei weniger als N BPS\n" +-" -M, --min-bps-time N für mindestens N Sekunden (Default: 120)\n" ++" -m, --min-bps N ?bertragung abbrechen bei weniger als N BPS\n" ++" -M, --min-bps-time N f?r mindestens N Sekunden (Default: 120)\n" + + #: src/lsz.c:1546 + msgid "" +@@ -400,28 +400,28 @@ + "short options use the same arguments as the long ones\n" + msgstr "" + " -n, --newer Datei senden wenn sie neuer ist (Z)\n" +-" -N, --newer-or-longer Datei senden wenn neuer oder länger (Z)\n" ++" -N, --newer-or-longer Datei senden wenn neuer oder l?nger (Z)\n" + " -o, --16-bit-crc 16Bit CRC statt 32Bit CRC verwenden (Z)\n" + " -O, --disable-timeouts Timeoutbehandlung abschalten\n" +-" -p, --protect existierende Dateien nicht verändern\n" +-" -r, --resume unterbrochene Übertragungen fortsetzen (Z)\n" +-" -R, --restricted eingeschränkter, sichererer Modus\n" ++" -p, --protect existierende Dateien nicht ver?ndern\n" ++" -r, --resume unterbrochene ?bertragungen fortsetzen (Z)\n" ++" -R, --restricted eingeschr?nkter, sichererer Modus\n" + " -q, --quiet leise, keine Ausgaben machen\n" +-" -s, --stop-at {HH:MM|+N} Übertragung um HH:MM oder in N Sek. abbrechen\n" +-" --tcp-server Socket öffnen und auf Verbindung warten\n" +-" --tcp-client ADDR:PORT Socket öffnen und verbindung mit ...\n" +-" -u, --unlink Datei nach Übertragung löschen\n" +-" -U, --unrestrict eingeschränkten Modus aufheben (falls " ++" -s, --stop-at {HH:MM|+N} ?bertragung um HH:MM oder in N Sek. abbrechen\n" ++" --tcp-server Socket ?ffnen und auf Verbindung warten\n" ++" --tcp-client ADDR:PORT Socket ?ffnen und verbindung mit ...\n" ++" -u, --unlink Datei nach ?bertragung l?schen\n" ++" -U, --unrestrict eingeschr?nkten Modus aufheben (falls " + "erlaubt)\n" + " -v, --verbose mehr ausgeben\n" +-" -w, --windowsize N Fenstergröße auf N Bytes setzen (Z)\n" ++" -w, --windowsize N Fenstergr??e auf N Bytes setzen (Z)\n" + " -X --xmodem XMODEM-Protokoll benutzen\n" +-" -y, --overwrite existierende Dateien überschreiben\n" +-" -Y, --overwrite-or-skip wie `y', aber nicht existierende überspringen\n" ++" -y, --overwrite existierende Dateien ?berschreiben\n" ++" -Y, --overwrite-or-skip wie `y', aber nicht existierende ?berspringen\n" + " --ymodem YMODEM-Protokoll benutzen\n" + " -Z, --zmodem ZMODEM-Protokoll benutzen\n" + "\n" +-"Kurze Optionen benötigen dieselben Argumente wie Lange.\n" ++"Kurze Optionen ben?tigen dieselben Argumente wie Lange.\n" + + #: src/lsz.c:1768 + msgid "got ZRQINIT" +@@ -434,7 +434,7 @@ + #: src/lsz.c:1991 + #, c-format + msgid "blklen now %d\n" +-msgstr "Blockgröße nun %d\n" ++msgstr "Blockgr??e nun %d\n" + + #: src/lsz.c:2053 + #, c-format +@@ -453,7 +453,7 @@ + #: src/lsz.c:2223 + #, c-format + msgid "calc_blklen: reduced to %d due to error\n" +-msgstr "calc_blklen: Blockgrösse auf %d reduziert wegen Fehler\n" ++msgstr "calc_blklen: Blockgr?sse auf %d reduziert wegen Fehler\n" + + #: src/lsz.c:2256 + #, c-format +@@ -473,7 +473,7 @@ + #: src/lsz.c:2278 + #, c-format + msgid "calc_blklen: blklen %d, ok %ld, failed %ld -> %lu\n" +-msgstr "calc_blklen: Blocklänge %d, ok %ld, fehlgeschlagen %ld -> %lu\n" ++msgstr "calc_blklen: Blockl?nge %d, ok %ld, fehlgeschlagen %ld -> %lu\n" + + #: src/lsz.c:2290 + #, c-format +@@ -512,7 +512,7 @@ + + #: src/zm.c:712 + msgid "Garbage count exceeded" +-msgstr "Maximale Wiederholungsanzahl überschritten" ++msgstr "Maximale Wiederholungsanzahl ?berschritten" + + #: src/zm.c:773 + #, c-format +@@ -526,11 +526,11 @@ + + #: src/lrz.c:382 + msgid "don't have settimeofday, will not set time\n" +-msgstr "Zeitsynchronisation nicht ausführbar, settimeofday() fehlt\n" ++msgstr "Zeitsynchronisation nicht ausf?hrbar, settimeofday() fehlt\n" + + #: src/lrz.c:386 + msgid "not running as root (this is good!), can not set time\n" +-msgstr "Zeitsynchronisation mangels Superuserrechten nicht ausführbar\n" ++msgstr "Zeitsynchronisation mangels Superuserrechten nicht ausf?hrbar\n" + + #: src/lrz.c:441 + msgid "bytes_per_error" +@@ -542,16 +542,16 @@ + + #: src/lrz.c:455 + msgid "O_SYNC not supported by the kernel" +-msgstr "O_SYNC vom Kernel nicht unterstützt" ++msgstr "O_SYNC vom Kernel nicht unterst?tzt" + + #: src/lrz.c:497 src/lrz.c:499 + msgid "garbage on commandline" +-msgstr "Müll auf der Kommandozeile" ++msgstr "M?ll auf der Kommandozeile" + + #: src/lrz.c:604 + #, c-format + msgid "Usage: %s [options] [filename.if.xmodem]\n" +-msgstr "Benutzung: %s [Optionen] [Dateiname.für.xmodem]\n" ++msgstr "Benutzung: %s [Optionen] [Dateiname.f?r.xmodem]\n" + + #: src/lrz.c:605 + msgid "Receive files with ZMODEM/YMODEM/XMODEM protocol\n" +@@ -596,44 +596,44 @@ + "\n" + "short options use the same arguments as the long ones\n" + msgstr "" +-" -+, --append an existierende Dateien anhängen\n" +-" -a, --ascii ASCII-Übertragung (CR/LF nach LF wandeln)\n" +-" -b, --binary Binärübertragung (keine Umwandlungen)\n" ++" -+, --append an existierende Dateien anh?ngen\n" ++" -a, --ascii ASCII-?bertragung (CR/LF nach LF wandeln)\n" ++" -b, --binary Bin?r?bertragung (keine Umwandlungen)\n" + " -B, --bufsize N N Bytes puffern (auto: ganze Datei puffern)\n" +-" -c, --with-crc 16bit CRC statt Prüfsumme verwenden (X)\n" +-" -C, --allow-remote-commands Ausführung von Kommandos erlauben (Z)\n" ++" -c, --with-crc 16bit CRC statt Pr?fsumme verwenden (X)\n" ++" -C, --allow-remote-commands Ausf?hrung von Kommandos erlauben (Z)\n" + " -D, --null empfangene Daten nach /dev/null schreiben\n" + " --delay-startup N Bei Programmstart N Sek. schlafen (Debugging)\n" + " -e, --escape Alle Steuerzeichen escapen (Z)\n" +-" -E, --rename Empfänger soll Datei umbenennen falls\n" ++" -E, --rename Empf?nger soll Datei umbenennen falls\n" + " Zieldatei schon existiert\n" + " --errors N Einen CRC-Fehler alle N Bytes erzeugen\n" + " -h, --help Diesen Hilfstext ausgeben\n" +-" -m, --min-bps N Übertragung abbrechen bei weniger als N BPS\n" +-" -M, --min-bps-time N für mindestens N Sekunden (Default: 120)\n" ++" -m, --min-bps N ?bertragung abbrechen bei weniger als N BPS\n" ++" -M, --min-bps-time N f?r mindestens N Sekunden (Default: 120)\n" + " -O, --disable-timeouts Timeoutbehandlung abschalten\n" + " --o-sync Ausgabedatei(en) im synchron schreiben\n" +-" -p, --protect existierende Dateien nicht verändern\n" ++" -p, --protect existierende Dateien nicht ver?ndern\n" + " -q, --quiet leise, keine Ausgaben machen\n" +-" -r, --resume unterbrochene Übertragungen fortsetzen (Z)\n" +-" -R, --restricted eingeschränkter, sichererer Modus\n" +-" -s, --stop-at {HH:MM|+N} Übertragung um HH:MM oder in N Sek. abbrechen\n" ++" -r, --resume unterbrochene ?bertragungen fortsetzen (Z)\n" ++" -R, --restricted eingeschr?nkter, sichererer Modus\n" ++" -s, --stop-at {HH:MM|+N} ?bertragung um HH:MM oder in N Sek. abbrechen\n" + " -S, --timesync Zeit anfordern (doppelt: lokale Zeit setzen)\n" +-" --syslog[=off] syslog an- oder ausschalten, wenn möglich\n" ++" --syslog[=off] syslog an- oder ausschalten, wenn m?glich\n" + " -t, --timeout N Timeout auf N Zehntelsekungen setzen\n" +-" --tcp-server Socket öffnen und auf Verbindung warten\n" +-" --tcp-client ADDR:PORT Socket öffnen und verbindung mit ...\n" ++" --tcp-server Socket ?ffnen und auf Verbindung warten\n" ++" --tcp-client ADDR:PORT Socket ?ffnen und verbindung mit ...\n" + " -u, --keep-uppercase GROSS geschrieben Dateinamen beibehalten\n" +-" -U, --unrestrict eingeschränkten Modus aufheben (falls " ++" -U, --unrestrict eingeschr?nkten Modus aufheben (falls " + "erlaubt)\n" + " -v, --verbose mehr ausgeben\n" +-" -w, --windowsize N Fenstergröße auf N Bytes setzen (Z)\n" ++" -w, --windowsize N Fenstergr??e auf N Bytes setzen (Z)\n" + " -X --xmodem XMODEM-Protokoll benutzen\n" +-" -y, --overwrite existierende Dateien überschreiben\n" ++" -y, --overwrite existierende Dateien ?berschreiben\n" + " --ymodem YMODEM-Protokoll benutzen\n" + " -Z, --zmodem ZMODEM-Protokoll benutzen\n" + "\n" +-"Kurze Optionen benötigen dieselben Argumente wie Lange.\n" ++"Kurze Optionen ben?tigen dieselben Argumente wie Lange.\n" + + #: src/lrz.c:676 + #, c-format +@@ -662,11 +662,11 @@ + "%s: %s removed.\r\n" + msgstr "" + "\r\n" +-"%s: %s gelöscht\r\n" ++"%s: %s gel?scht\r\n" + + #: src/lrz.c:856 + msgid "Pathname fetch returned EOT" +-msgstr "Ende der Übertragung beim Warten auf Dateinamen" ++msgstr "Ende der ?bertragung beim Warten auf Dateinamen" + + #: src/lrz.c:903 + msgid "Received dup Sector" +@@ -682,7 +682,7 @@ + + #: src/lrz.c:976 + msgid "Checksum" +-msgstr "Prüfsummenfehler" ++msgstr "Pr?fsummenfehler" + + #: src/lrz.c:979 + msgid "Sector number garbled" +@@ -695,12 +695,12 @@ + #: src/lrz.c:1005 + #, c-format + msgid "Got 0%o sector header" +-msgstr "Erhielt %02x als Sektorbestätigung" ++msgstr "Erhielt %02x als Sektorbest?tigung" + + #: src/lrz.c:1113 + #, c-format + msgid "file name ends with a /, skipped: %s\n" +-msgstr "Dateiname endet mit /, übersprungen: %s\n" ++msgstr "Dateiname endet mit /, ?bersprungen: %s\n" + + #: src/lrz.c:1127 + #, c-format +@@ -715,7 +715,7 @@ + #: src/lrz.c:1192 src/lrz.c:1226 + #, c-format + msgid "file exists, skipped: %s\n" +-msgstr "Datei existiert, übersprungen: %s\n" ++msgstr "Datei existiert, ?bersprungen: %s\n" + + #: src/lrz.c:1267 + #, c-format +@@ -739,7 +739,7 @@ + #: src/lrz.c:1545 + #, c-format + msgid "Blocks received: %d" +-msgstr "Blöcke empfangen: %d" ++msgstr "Bl?cke empfangen: %d" + + #: src/lrz.c:1599 + #, c-format +@@ -749,15 +749,15 @@ + #: src/lrz.c:1612 src/lrz.c:1620 + #, c-format + msgid "%s:\tSecurity Violation" +-msgstr "%s:\tSicherheitsverstoß" ++msgstr "%s:\tSicherheitsversto?" + + #: src/lrz.c:1730 + msgid "remote command execution requested" +-msgstr "Gegenseite versucht Kommandoausführung" ++msgstr "Gegenseite versucht Kommandoausf?hrung" + + #: src/lrz.c:1737 + msgid "not executed" +-msgstr "nicht ausgeführt" ++msgstr "nicht ausgef?hrt" + + #: src/lrz.c:1768 + msgid "got ZRINIT" +@@ -765,7 +765,7 @@ + + #: src/lrz.c:1817 + msgid "Skipped" +-msgstr "Übersprungen" ++msgstr "?bersprungen" + + #. too bad + #: src/lrz.c:2049 +@@ -785,7 +785,7 @@ + + #: src/lrz.c:2215 + msgid "file close error" +-msgstr "Fehler beim Schließen der Datei" ++msgstr "Fehler beim Schlie?en der Datei" + + #~ msgid "tcp protocol init failed\n" + #~ msgstr "TCP Protokoll Initialisierung fehlgeschlagen\n" +@@ -797,7 +797,7 @@ + #~ msgstr "fgets() bei tcp Protokoll Synchronisation fehlgeschlagen: " + + #~ msgid "Transfer complete." +-#~ msgstr "Übertragung abgeschlossen" ++#~ msgstr "?bertragung abgeschlossen" + + #~ msgid "at" + #~ msgstr "um" +@@ -809,4 +809,4 @@ + #~ msgstr "Zeitsynchronisation: ok\n" + + #~ msgid "Falldown to %ld blklen" +-#~ msgstr "Blockgröße auf %ld gesenkt" ++#~ msgstr "Blockgr??e auf %ld gesenkt" +--- lrzsz-0.12.21.orig/debian/copyright ++++ lrzsz-0.12.21/debian/copyright +@@ -0,0 +1,31 @@ ++This is the lrzsz Debian GNU/Linux package. It was first maintained by ++Michael Alan Dorman <mdorman@debian.org>, with help of Martin Mitchell ++and current upstream maintainer, Uwe Ohse <uwe@ohse.de>. ++ ++Current maintainer is Josip Rodin <jrodin@jagor.srce.hr> ++ ++Original source was downloaded from: ftp://tirka.ohse.de/uwe/ ++ ++Copyright (C) until 1988 Chuck Forsberg (Omen Technology INC) ++Copyright (C) 1994 Matt Porter, Michael D. Black ++Copyright (C) 1996, 1997 Uwe Ohse ++ ++Please note that credit should be given to Chuck Forsberg (rzsz) and ++Stephen Satchell/Satchell Evaluations (crc routines) for this package. ++ ++ This program is free software; you can redistribute it and/or modify ++ it under the terms of the GNU General Public License as published by ++ the Free Software Foundation; version 2 dated June, 1991. ++ ++ This program is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ GNU General Public License for more details. ++ ++ You should have received a copy of the GNU General Public License ++ along with this program; if not, write to the Free Software ++ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, ++ MA 02110-1301, USA. ++ ++On Debian systems, the complete text of the GNU General Public License ++can be found in /usr/share/common-licenses/GPL file. +--- lrzsz-0.12.21.orig/debian/control ++++ lrzsz-0.12.21/debian/control +@@ -0,0 +1,18 @@ ++Source: lrzsz ++Section: comm ++Priority: optional ++Maintainer: Martin A. Godisch <godisch@debian.org> ++Standards-Version: 3.8.3 ++Build-Depends: autotools-dev, gettext ++ ++Package: lrzsz ++Architecture: any ++Depends: ${shlibs:Depends} ++Suggests: minicom ++Description: Tools for zmodem/xmodem/ymodem file transfer ++ Lrzsz is a cosmetically modified zmodem/ymodem/xmodem package built ++ from the public-domain version of Chuck Forsberg's rzsz package. ++ . ++ These programs use error correcting protocols ({z,x,y}modem) to send ++ (sz, sx, sb) and receive (rz, rx, rb) files over a dial-in serial port ++ from a variety of programs running under various operating systems. +--- lrzsz-0.12.21.orig/debian/changelog ++++ lrzsz-0.12.21/debian/changelog +@@ -0,0 +1,104 @@ ++lrzsz (0.12.21-5) unstable; urgency=low ++ ++ * New maintainer upload, closes: #556238. ++ Thanks to Josip Rodin for his work. ++ * Removed build-dependency on debhelper. ++ * Added build-dependency on autotools-dev. ++ * Cut Debian diff.gz into pieces. ++ * Updated FSF address in copyright file. ++ * Updated German po file, added build-dependency on gettext. ++ Closes: #313992, thanks to Jens Seidel and Tobias Toedter. ++ * Fixed missing includes (compiler warnings). ++ * Fixed typo in sz manpage. ++ * Fixed linking to libnsl. ++ * Removed changelog emacs settings. ++ * Updated standards version. ++ ++ -- Martin A. Godisch <godisch@debian.org> Sun, 22 Nov 2009 09:35:13 +0100 ++ ++lrzsz (0.12.21-4.1) unstable; urgency=low ++ ++ * Non-maintainer upload. ++ * Rebuilt with current debhelper, finishing the /usr/doc transition. ++ Closes: #322762 ++ * Rebuilt with a current toolchain, now it's prelinkable. ++ Closes: #288084 ++ * Appled man page typo fix patch from A Costa. Closes: #311459 ++ ++ -- Joey Hess <joeyh@debian.org> Tue, 10 Jan 2006 01:35:00 -0500 ++ ++lrzsz (0.12.21-4) unstable; urgency=low ++ ++ * Updated for Standards-Version: 3.5.2. ++ * Added touch stamp-h.in before make invocation in order to stop ++ autoheader from running. ++ ++ -- Josip Rodin <jrodin@jagor.srce.hr> Sun, 25 Mar 2001 19:48:18 +0200 ++ ++lrzsz (0.12.21-3) unstable; urgency=low ++ ++ * Newish upstream version, (990823 in CVS). ++ * Updated for Policy 3.x. ++ * Misc. fixes for debian/*. ++ ++ -- Josip Rodin <jrodin@jagor.srce.hr> Sun, 19 Sep 1999 17:55:38 +0200 ++ ++lrzsz (0.12.21-2) unstable; urgency=low ++ ++ * Removed definition of strstr, advised by upstream maintainer, to ++ get it to compile on glibc2.1, as John Goerzen and Bart Warmerdam ++ noticed (fixes: #39429 #39812). ++ ++ -- Josip Rodin <jrodin@jagor.srce.hr> Sun, 20 Jun 1999 21:38:07 +0200 ++ ++lrzsz (0.12.21-1) unstable; urgency=low ++ ++ * New upstream version (990604 in CVS). ++ * Cleaned up the diff by removing unneeded .deps/ files and not changing ++ aclocal et al. ++ ++ -- Josip Rodin <jrodin@jagor.srce.hr> Sun, 6 Jun 1999 21:01:50 +0200 ++ ++lrzsz (0.12.20-2) unstable; urgency=low ++ ++ * Don't install ansi2knr.1 manpage, closing bug #33121 ++ ++ -- Josip Rodin <jrodin@jagor.srce.hr> Sun, 7 Feb 1999 01:32:31 +0100 ++ ++lrzsz (0.12.20-1) unstable; urgency=low ++ ++ * New maintainer. ++ * Althought version number doesn't indicate that, this version is ++ today's CVS snapshot from ftp://tirka.ohse.de/uwe/cvs-trees ++ * This release fixes following bugs: #8373 #11208 #16170 #16744 #17210. ++ * Package is lintian clean. ++ ++ -- Josip Rodin <jrodin@jagor.srce.hr> Sun, 7 Feb 1999 01:32:31 +0100 ++ ++lrzsz (0.12.17) unstable; urgency=low ++ ++ * sorry, see ../ChangeLog. automagically generated debian/changelog ++ ++ -- Uwe Ohse <uwe@ohse.de> Mon, 02 Jun 1997 10:06:05 +0200 ++ ++lrzsz (0.12.16) unstable; urgency=low ++ ++ * sorry, see ../ChangeLog. changelog is here just to make ++ dpkg happy. ++ * initial release ++ ++ -- Uwe Ohse <uwe@ohse.de> Sun, 2 Jun 1997 21:00:00 +0200 ++ ++lrzsz (0.12b-1.1) unstable; urgency=low ++ ++ * Non-maintainer release. ++ * Libc6 compile. ++ ++ -- Martin Mitchell <martin@debian.org> Sat, 18 Oct 1997 01:58:54 +1000 ++ ++lrzsz (0.12b-1) unstable; urgency=low ++ ++ * Converted to new source packaging format. ++ * New upstream version. ++ ++ -- Michael Alan Dorman <mdorman@calder.med.miami.edu> Tue, 17 Sep 1996 13:39:23 -0400 +--- lrzsz-0.12.21.orig/debian/rules ++++ lrzsz-0.12.21/debian/rules +@@ -0,0 +1,80 @@ ++#!/usr/bin/make -f ++ ++testdir = test -f src/lrz.c && test -f debian/rules ++testroot = test x`whoami` = xroot ++ ++# FOR AUTOCONF 2.13 ONLY ++ifeq ($(DEB_BUILD_GNU_TYPE), $(DEB_HOST_GNU_TYPE)) ++ confflags += $(DEB_HOST_GNU_TYPE) ++else ++ $(error Cannot cross-compile this package out-of-the-box) ++endif ++ ++CFLAGS = -Wall -g ++ifneq "$(findstring noopt,$(DEB_BUILD_OPTIONS))" "" ++ CFLAGS += -O0 ++else ++ CFLAGS += -O2 ++endif ++export CFLAGS ++ ++build: build-stamp ++build-stamp: ++ $(testdir) ++ cp -f /usr/share/misc/config.guess /usr/share/misc/config.sub . ++ -cat debian/patches/*.diff | patch -Ntp1 -r debian/rejected --no-backup-if-mismatch ++ ./configure $(CONFFLAGS) --prefix=/usr --mandir='$${prefix}/share/man' --program-transform-name=s/l// ++ touch stamp-h.in # to stop autoheader from running ++ touch -d yesterday aclocal.m4 # to stop automake from running ++ $(MAKE) ++ touch $@ ++ ++clean: ++ $(testdir) ++ $(testroot) ++ cp -f /usr/share/misc/config.guess /usr/share/misc/config.sub . ++ touch stamp-h.in # to stop autoheader from running ++ touch -d yesterday aclocal.m4 # to stop automake from running ++ [ ! -f Makefile ] || $(MAKE) distclean ++ -cat `ls -r debian/patches/*.diff` /dev/null | patch -RNtp1 -r debian/rejected --no-backup-if-mismatch ++ rm -rf debian/tmp ++ rm -f build-stamp config.guess config.sub po/lrzsz.pot po/*.gmo debian/files debian/rejected debian/substvars ++ ++binary: binary-arch ++ ++binary-indep: ++ ++binary-arch: build ++ $(testdir) ++ $(testroot) ++ rm -rf debian/tmp ++ ++ $(MAKE) prefix=$(CURDIR)/debian/tmp/usr install ++ ++ifeq "$(findstring nostrip,$(DEB_BUILD_OPTIONS))" "" ++ strip -R .comment -R .note debian/tmp/usr/bin/* ++endif ++ ++ install -d -m 0755 debian/tmp/usr/share/doc/lrzsz ++ install -p -m 0644 NEWS README README.cvs README.isdn4linux TODO debian/copyright debian/tmp/usr/share/doc/lrzsz ++ install -p -m 0644 -D ChangeLog debian/tmp/usr/share/doc/lrzsz/changelog ++ install -p -m 0644 -D debian/changelog debian/tmp/usr/share/doc/lrzsz/changelog.Debian ++ ++ find debian/tmp/usr/share/man -type f -print0 | xargs -0 gzip -9 ++ find debian/tmp/usr/share/doc -type f ! -name copyright ! -name '*.html' \ ++ \( -name 'changelog*' -o -size +8 \) -print0 | xargs -0 gzip -9 ++ ++ ln -s rz.1.gz debian/tmp/usr/share/man/man1/rb.1.gz ++ ln -s rz.1.gz debian/tmp/usr/share/man/man1/rx.1.gz ++ ln -s sz.1.gz debian/tmp/usr/share/man/man1/sb.1.gz ++ ln -s sz.1.gz debian/tmp/usr/share/man/man1/sx.1.gz ++ ++ install -d -m 0755 debian/tmp/DEBIAN ++ install -p -m 0644 debian/control debian/tmp/DEBIAN ++ cd debian/tmp && find usr -type f -print0 | xargs -0 md5sum > DEBIAN/md5sums ++ ++ dpkg-shlibdeps debian/tmp/usr/bin/* ++ dpkg-gencontrol -isp -plrzsz ++ dpkg --build debian/tmp .. ++ ++.PHONY: build clean binary binary-indep binary-arch +--- lrzsz-0.12.21.orig/debian/patches/206648_dszlog.diff.unchecked ++++ lrzsz-0.12.21/debian/patches/206648_dszlog.diff.unchecked +@@ -0,0 +1,311 @@ ++diff -ur lrzsz-0.12.21/src/lrz.c newlrzsz/src/lrz.c ++--- lrzsz-0.12.21/src/lrz.c 2003-08-21 16:22:01.000000000 -0500 +++++ newlrzsz/src/lrz.c 2003-08-21 17:05:53.000000000 -0500 ++@@ -68,6 +68,7 @@ ++ unsigned Baudrate = 2400; ++ ++ FILE *fout; +++char *dszlogpath; ++ ++ ++ int Lastrx; ++@@ -192,6 +193,9 @@ ++ zmputs(Attn); ++ canit(STDOUT_FILENO); ++ io_mode(0,0); +++ if (dszlogpath) { +++ dszlog(dszlogpath, 'L', 0, 0, 0, errors, 0, 0); +++ } ++ error(128+n,0,_("caught signal %d; exiting"), n); ++ } ++ ++@@ -265,6 +269,13 @@ ++ if ((cp=getenv("ZMODEM_RESTRICTED"))!=NULL) ++ Restricted=2; ++ +++ dszlogpath = getenv("DSZLOG"); +++ if (access(dszlogpath, F_OK) == 0) { +++ if (unlink(dszlogpath) != 0) { +++ perror("unlink dszlog"); +++ } +++ } +++ ++ /* make temporary and unfinished files */ ++ umask(0077); ++ ++@@ -559,6 +570,7 @@ ++ signal(SIGINT, bibi); ++ signal(SIGTERM, bibi); ++ signal(SIGPIPE, bibi); +++ signal(SIGHUP, bibi); ++ if (wcreceive(npats, patts)==ERROR) { ++ exitcode=0200; ++ canit(STDOUT_FILENO); ++@@ -685,9 +697,9 @@ ++ #endif ++ if (c) ++ goto fubar; ++- } else { +++ } else { /* Not Xmodem, not Zmodem, so Ymodem */ ++ for (;;) { ++- if (Verbose > 1 +++ if (Verbose > 1 || dszlogpath ++ #ifdef ENABLE_SYSLOG ++ || enable_syslog ++ #endif ++@@ -712,7 +724,7 @@ ++ if (wcrx(&zi)==ERROR) ++ goto fubar; ++ ++- if (Verbose > 1 +++ if (Verbose > 1 || dszlogpath ++ #ifdef ENABLE_SYSLOG ++ || enable_syslog ++ #endif ++@@ -734,16 +746,19 @@ ++ lsyslog(LOG_INFO,"%s/%s: %ld Bytes, %ld BPS", ++ shortname,protname(),zi.bytes_received, bps); ++ #endif +++ if (dszlogpath) dszlog(dszlogpath, 'R', +++ zi.bytes_received, zi.fname, +++ bps, errors, 0, 0); ++ } ++ } ++ } ++- } else { +++ } else { /* Xmodem */ ++ char dummy[128]; ++ dummy[0]='\0'; /* pre-ANSI HPUX cc demands this */ ++ dummy[1]='\0'; /* procheader uses name + 1 + strlen(name) */ ++ zi.bytes_total = DEFBYTL; ++ ++- if (Verbose > 1 +++ if (Verbose > 1 || dszlogpath ++ #ifdef ENABLE_SYSLOG ++ || enable_syslog ++ #endif ++@@ -782,7 +797,7 @@ ++ if (wcrx(&zi)==ERROR) { ++ goto fubar; ++ } ++- if (Verbose > 1 +++ if (Verbose > 1 || dszlogpath ++ #ifdef ENABLE_SYSLOG ++ || enable_syslog ++ #endif ++@@ -803,6 +818,10 @@ ++ lsyslog(LOG_INFO,"%s/%s: %ld Bytes, %ld BPS", ++ shortname,protname(),zi.bytes_received, bps); ++ #endif +++ if (dszlogpath) dszlog(dszlogpath, 'R', +++ zi.bytes_received, zi.fname, +++ bps, errors, 0, 0); +++ ++ } ++ } ++ return OK; ++@@ -812,6 +831,13 @@ ++ lsyslog(LOG_ERR,"%s/%s: got error", ++ shortname ? shortname : "no.name", protname()); ++ #endif +++ if (dszlogpath) { +++ double d = timing(0,NULL); +++ dszlog(dszlogpath, 'E', zi.bytes_received, zi.fname, +++ (zi.bytes_received-zi.bytes_skipped)/((d) ? d : 0.5), +++ errors, 0, 0); +++ } +++ ++ canit(STDOUT_FILENO); ++ if (Topipe && fout) { ++ pclose(fout); return ERROR; ++@@ -1783,10 +1809,18 @@ ++ rzfiles(struct zm_fileinfo *zi) ++ { ++ register int c; +++ long bps; ++ ++ for (;;) { ++ timing(1,NULL); ++ c = rzfile(zi); +++ { +++ double d; +++ d=timing(0,NULL); +++ if (d==0) +++ d=0.5; /* can happen if timing uses time() */ +++ bps=(zi->bytes_received-zi->bytes_skipped)/d; +++ } ++ switch (c) { ++ case ZEOF: ++ if (Verbose > 1 ++@@ -1794,12 +1828,6 @@ ++ || enable_syslog ++ #endif ++ ) { ++- double d; ++- long bps; ++- d=timing(0,NULL); ++- if (d==0) ++- d=0.5; /* can happen if timing uses time() */ ++- bps=(zi->bytes_received-zi->bytes_skipped)/d; ++ if (Verbose > 1) { ++ vstringf( ++ _("\rBytes received: %7ld/%7ld BPS:%-6ld \r\n"), ++@@ -1807,6 +1835,8 @@ ++ } ++ DO_SYSLOG_FNAME((LOG_INFO, "%s/%s: %ld Bytes, %ld BPS",shortname, ++ protname(), (long) zi->bytes_total,bps)); +++ if (dszlogpath) dszlog(dszlogpath, 'z', zi->bytes_received, +++ zi->fname, bps, errors, 0, 0); ++ } ++ /* FALL THROUGH */ ++ case ZSKIP: ++@@ -1815,6 +1845,8 @@ ++ if (Verbose) ++ vstringf(_("Skipped")); ++ DO_SYSLOG_FNAME((LOG_INFO, "%s/%s: skipped",shortname,protname())); +++ if (dszlogpath) dszlog(dszlogpath, 'E', zi->bytes_received, +++ zi->fname, bps, errors, 0, 0); ++ } ++ switch (tryz()) { ++ case ZCOMPL: ++@@ -1829,6 +1861,8 @@ ++ return c; ++ case ERROR: ++ DO_SYSLOG_FNAME((LOG_INFO, "%s/%s: error",shortname,protname())); +++ if (dszlogpath) dszlog(dszlogpath, 'E', zi->bytes_received, +++ zi->fname, bps, errors, 0, 0); ++ return ERROR; ++ } ++ } ++diff -ur lrzsz-0.12.21/src/lsyslog.c newlrzsz/src/lsyslog.c ++--- lrzsz-0.12.21/src/lsyslog.c 1998-12-29 11:27:55.000000000 -0600 +++++ newlrzsz/src/lsyslog.c 2003-08-21 16:47:53.000000000 -0500 ++@@ -26,6 +26,8 @@ ++ #include <string.h> ++ #endif ++ +++#include <stdio.h> +++ ++ #if __STDC__ ++ # include <stdarg.h> ++ # define VA_START(args, lastarg) va_start(args, lastarg) ++@@ -79,3 +81,23 @@ ++ #endif ++ } ++ +++void dszlog(char *logname, char status, unsigned long num_bytes, char *fname, +++ int cps, int retry_events, int flow_events, int blocksize) { +++ +++ FILE *mylog; +++ if ((mylog = fopen(logname, "a"))) { +++ fprintf(mylog, "%c %6ld %5ld bps %4ld cps %3d errors %5u %4d %s %ld\r\n", +++ status, +++ num_bytes, +++ cps*8, /* XXX where to get DTE from? */ +++ cps, +++ retry_events, +++ flow_events, /* XXX where is flow_control? */ +++ blocksize, +++ fname, +++ -1 /* serial number */ +++ ); +++ fclose(mylog); +++ } +++} +++ ++diff -ur lrzsz-0.12.21/src/lsz.c newlrzsz/src/lsz.c ++--- lrzsz-0.12.21/src/lsz.c 2003-08-21 16:22:01.000000000 -0500 +++++ newlrzsz/src/lsz.c 2003-08-21 17:02:18.000000000 -0500 ++@@ -59,6 +59,8 @@ ++ extern int errno; ++ #endif ++ +++char *dszlogpath; +++ ++ unsigned Baudrate=2400; /* Default, should be set by first mode() call */ ++ unsigned Txwindow; /* Control the size of the transmitted window */ ++ unsigned Txwspac; /* Spacing between zcrcq requests */ ++@@ -223,6 +225,9 @@ ++ canit(STDOUT_FILENO); ++ fflush (stdout); ++ io_mode (io_mode_fd,0); +++ if (dszlogpath) { +++ dszlog(dszlogpath, 'L', 0, 0, 0, errors, 0, 0); +++ } ++ if (n == 99) ++ error (0, 0, _ ("io_mode(,2) in rbsb.c not implemented\n")); ++ else ++@@ -332,6 +337,14 @@ ++ } ++ if ((cp=getenv("ZMODEM_RESTRICTED"))!=NULL) ++ Restricted=1; +++ +++ dszlogpath = getenv("DSZLOG"); +++ if (access(dszlogpath, F_OK) == 0) { +++ if (unlink(dszlogpath) != 0) { +++ perror("unlink dszlog"); +++ } +++ } +++ ++ from_cu(); ++ chkinvok(argv[0]); ++ ++@@ -1113,6 +1126,12 @@ ++ if (enable_syslog) ++ lsyslog(LOG_INFO, _("%s/%s: error occured"),protname(),shortname); ++ #endif +++ if (dszlogpath) { +++ double d = timing(0,NULL); +++ dszlog(dszlogpath, 'E', zi.bytes_sent, zi.fname, +++ zi.bytes_sent/((d) ? d : 0.5), +++ errors, 0, blklen); +++ } ++ return ERROR; ++ case ZSKIP: ++ error(0,0, _("skipped: %s"),name); ++@@ -1120,6 +1139,13 @@ ++ if (enable_syslog) ++ lsyslog(LOG_INFO, _("%s/%s: skipped"),protname(),shortname); ++ #endif +++ if (dszlogpath) { +++ double d = timing(0,NULL); +++ /* XXX is Zmodem skip really deserving a 'E' ? */ +++ dszlog(dszlogpath, 'E', zi.bytes_sent, zi.fname, +++ zi.bytes_sent/((d) ? d : 0.5), +++ errors, 0, blklen); +++ } ++ return OK; ++ } ++ if (!zmodem_requested && wctx(&zi)==ERROR) ++@@ -1128,12 +1154,18 @@ ++ if (enable_syslog) ++ lsyslog(LOG_INFO, _("%s/%s: error occured"),protname(),shortname); ++ #endif +++ if (dszlogpath) { +++ double d = timing(0,NULL); +++ dszlog(dszlogpath, 'E', zi.bytes_sent, zi.fname, +++ zi.bytes_sent/((d) ? d : 0.5), +++ errors, 0, blklen); +++ } ++ return ERROR; ++ } ++ if (Unlinkafter) ++ unlink(oname); ++ ++- if (Verbose > 1 +++ if (Verbose > 1 || dszlogpath ++ #ifdef ENABLE_SYSLOG ++ || enable_syslog ++ #endif ++@@ -1152,6 +1184,11 @@ ++ lsyslog(LOG_INFO, "%s/%s: %ld Bytes, %ld BPS",shortname, ++ protname(), (long) zi.bytes_sent,bps); ++ #endif +++ if (dszlogpath) { +++ char whichprot = (protocol==ZM_ZMODEM)? 'Z' : 'S'; +++ dszlog(dszlogpath, whichprot, zi.bytes_sent, +++ zi.fname, bps, errors, 0, blklen); +++ } ++ } ++ return 0; ++ } +--- lrzsz-0.12.21.orig/debian/patches/include.diff ++++ lrzsz-0.12.21/debian/patches/include.diff +@@ -0,0 +1,20 @@ ++--- lrzsz-0.12.21.orig/lib/long-options.c +++++ lrzsz-0.12.21/lib/long-options.c ++@@ -22,6 +22,7 @@ ++ #endif ++ ++ #include <stdio.h> +++#include <stdlib.h> ++ #include <getopt.h> ++ #include "long-options.h" ++ ++--- lrzsz-0.12.21.orig/src/lsyslog.c +++++ lrzsz-0.12.21/src/lsyslog.c ++@@ -22,6 +22,7 @@ ++ #ifdef ENABLE_SYSLOG ++ #include "zglobal.h" ++ #include <pwd.h> +++#include <stdio.h> ++ #include <stdlib.h> ++ #include <string.h> ++ #endif +--- lrzsz-0.12.21.orig/debian/patches/mantypos.diff ++++ lrzsz-0.12.21/debian/patches/mantypos.diff +@@ -0,0 +1,49 @@ ++--- lrzsz-0.12.21.orig/man/lsz.1 +++++ lrzsz-0.12.21/man/lsz.1 ++@@ -247,7 +247,7 @@ ++ Escape all control characters; ++ normally XON, XOFF, DLE, CR-@-CR, and Ctrl-X are escaped. ++ .TP ++-.B"-E, --rename" +++.B "-E, --rename" ++ Force the sender to rename the new file if a file with the same ++ name already exists. ++ .TP ++@@ -265,7 +265,7 @@ ++ .TP ++ .B "-i COMMAND, --immediate-command COMMAND" ++ Send COMMAND to the receiver for execution, return immediately ++-upon the receiving program's successful recption of the command. +++upon the receiving program's successful reception of the command. ++ .TP ++ .B "-k, --1k" ++ (XMODEM/YMODEM) Send files using 1024 byte blocks ++@@ -509,7 +509,7 @@ ++ .RB ( \-a ) ++ to end of line conventions appropriate to the receiving environment. ++ With ZMODEM AutoDownload enabled, Professional-YAM and ZCOMM ++-will automatically recieve +++will automatically receive ++ the files after performing a security check. ++ ++ .br ++@@ -592,8 +592,8 @@ ++ the source file. ++ .SH "VMS VERSION" ++ The VMS version does not support wild cards. ++-Because of VMS DCL, upper case option letters muse be represented ++-by \\ proceding the letter. +++Because of VMS DCL, upper case option letters must be represented +++by \\ preceding the letter. ++ ++ The current VMS version does not support XMODEM, XMODEM-1k, or YMODEM. ++ ++@@ -682,7 +682,7 @@ ++ The test mode leaves a zero length file on the receiving system. ++ ++ A few high speed modems have a firmware bug that drops characters when the ++-direction of high speed transmissson is reversed. +++direction of high speed transmission is reversed. ++ The environment variable ZNULLS may be used to specify the number of nulls to ++ send before a ZDATA frame. ++ Values of 101 for a 4.77 mHz PC and 124 for an AT are typical. +--- lrzsz-0.12.21.orig/debian/patches/strstr.diff ++++ lrzsz-0.12.21/debian/patches/strstr.diff +@@ -0,0 +1,20 @@ ++--- lrzsz-0.12.21.orig/src/lrz.c +++++ lrzsz-0.12.21/src/lrz.c ++@@ -44,7 +44,6 @@ ++ #ifndef STRICT_PROTOTYPES ++ extern time_t time(); ++ extern char *strerror(); ++-extern char *strstr(); ++ #endif ++ ++ #ifndef HAVE_ERRNO_DECLARATION ++--- lrzsz-0.12.21.orig/src/lsz.c +++++ lrzsz-0.12.21/src/lsz.c ++@@ -53,7 +53,6 @@ ++ #ifndef STRICT_PROTOTYPES ++ extern time_t time(); ++ extern char *strerror(); ++-extern char *strstr(); ++ #endif ++ ++ #ifndef HAVE_ERRNO_DECLARATION +--- lrzsz-0.12.21.orig/debian/patches/build.diff ++++ lrzsz-0.12.21/debian/patches/build.diff +@@ -0,0 +1,2115 @@ ++--- lrzsz-0.12.21.orig/Makefile.in +++++ lrzsz-0.12.21/Makefile.in ++@@ -1,4 +1,4 @@ ++-# Makefile.in generated automatically by automake 1.4a from Makefile.am +++# Makefile.in generated automatically by automake 1.4 from Makefile.am ++ ++ # Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. ++ # This Makefile.in is free software; the Free Software Foundation ++@@ -46,10 +46,9 @@ ++ AUTOHEADER = @AUTOHEADER@ ++ ++ INSTALL = @INSTALL@ ++-INSTALL_PROGRAM = @INSTALL_PROGRAM@ +++INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) ++ INSTALL_DATA = @INSTALL_DATA@ ++ INSTALL_SCRIPT = @INSTALL_SCRIPT@ ++-INSTALL_STRIP_FLAG = ++ transform = @program_transform_name@ ++ ++ NORMAL_INSTALL = : ++@@ -106,13 +105,13 @@ ++ ++ DIST_COMMON = README ./stamp-h.in ABOUT-NLS AUTHORS COPYING ChangeLog \ ++ INSTALL Makefile.am Makefile.in NEWS Specfile.in THANKS TODO acconfig.h \ ++-acinclude.m4 aclocal.m4 config.guess config.h.in configure configure.in \ ++-install-sh missing mkinstalldirs systype.in +++acinclude.m4 aclocal.m4 config.guess config.h.in config.sub configure \ +++configure.in install-sh missing mkinstalldirs systype.in ++ ++ ++ DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) ++ ++-TAR = gtar +++TAR = tar ++ GZIP_ENV = --best ++ all: all-redirect ++ .SUFFIXES: ++@@ -298,7 +297,7 @@ ++ @for file in $(DISTFILES); do \ ++ d=$(srcdir); \ ++ if test -d $$d/$$file; then \ ++- cp -pr $$d/$$file $(distdir)/$$file; \ +++ cp -pr $$/$$file $(distdir)/$$file; \ ++ else \ ++ test -f $(distdir)/$$file \ ++ || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ ++@@ -340,7 +339,7 @@ ++ all-am: Makefile $(SCRIPTS) config.h ++ all-redirect: all-recursive-am ++ install-strip: ++- $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install +++ $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install ++ installdirs: installdirs-recursive ++ installdirs-am: ++ ++--- lrzsz-0.12.21.orig/aclocal.m4 +++++ lrzsz-0.12.21/aclocal.m4 ++@@ -1,4 +1,4 @@ ++-dnl aclocal.m4 generated automatically by aclocal 1.4a +++dnl aclocal.m4 generated automatically by aclocal 1.4 ++ ++ dnl Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. ++ dnl This file is free software; the Free Software Foundation ++@@ -117,8 +117,6 @@ ++ ++ AC_DEFUN(AM_INIT_AUTOMAKE, ++ [AC_REQUIRE([AC_PROG_INSTALL]) ++-dnl We require 2.13 because we rely on SHELL being computed by configure. ++-AC_PREREQ([2.13]) ++ PACKAGE=[$1] ++ AC_SUBST(PACKAGE) ++ VERSION=[$2] ++--- lrzsz-0.12.21.orig/configure +++++ lrzsz-0.12.21/configure ++@@ -703,7 +703,6 @@ ++ fi ++ ++ ++- ++ PACKAGE=lrzsz ++ ++ VERSION=0.12.21rc ++@@ -723,7 +722,7 @@ ++ ++ missing_dir=`cd $ac_aux_dir && pwd` ++ echo $ac_n "checking for working aclocal""... $ac_c" 1>&6 ++-echo "configure:727: checking for working aclocal" >&5 +++echo "configure:726: checking for working aclocal" >&5 ++ # Run test in a subshell; some versions of sh will print an error if ++ # an executable is not found, even if stderr is redirected. ++ # Redirect stdin to placate older versions of autoconf. Sigh. ++@@ -736,7 +735,7 @@ ++ fi ++ ++ echo $ac_n "checking for working autoconf""... $ac_c" 1>&6 ++-echo "configure:740: checking for working autoconf" >&5 +++echo "configure:739: checking for working autoconf" >&5 ++ # Run test in a subshell; some versions of sh will print an error if ++ # an executable is not found, even if stderr is redirected. ++ # Redirect stdin to placate older versions of autoconf. Sigh. ++@@ -749,7 +748,7 @@ ++ fi ++ ++ echo $ac_n "checking for working automake""... $ac_c" 1>&6 ++-echo "configure:753: checking for working automake" >&5 +++echo "configure:752: checking for working automake" >&5 ++ # Run test in a subshell; some versions of sh will print an error if ++ # an executable is not found, even if stderr is redirected. ++ # Redirect stdin to placate older versions of autoconf. Sigh. ++@@ -762,7 +761,7 @@ ++ fi ++ ++ echo $ac_n "checking for working autoheader""... $ac_c" 1>&6 ++-echo "configure:766: checking for working autoheader" >&5 +++echo "configure:765: checking for working autoheader" >&5 ++ # Run test in a subshell; some versions of sh will print an error if ++ # an executable is not found, even if stderr is redirected. ++ # Redirect stdin to placate older versions of autoconf. Sigh. ++@@ -775,7 +774,7 @@ ++ fi ++ ++ echo $ac_n "checking for working makeinfo""... $ac_c" 1>&6 ++-echo "configure:779: checking for working makeinfo" >&5 +++echo "configure:778: checking for working makeinfo" >&5 ++ # Run test in a subshell; some versions of sh will print an error if ++ # an executable is not found, even if stderr is redirected. ++ # Redirect stdin to placate older versions of autoconf. Sigh. ++@@ -926,7 +925,7 @@ ++ # Extract the first word of "gcc", so it can be a program name with args. ++ set dummy gcc; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:930: checking for $ac_word" >&5 +++echo "configure:929: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -956,7 +955,7 @@ ++ # Extract the first word of "cc", so it can be a program name with args. ++ set dummy cc; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:960: checking for $ac_word" >&5 +++echo "configure:959: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -1007,7 +1006,7 @@ ++ # Extract the first word of "cl", so it can be a program name with args. ++ set dummy cl; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:1011: checking for $ac_word" >&5 +++echo "configure:1010: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -1039,7 +1038,7 @@ ++ fi ++ ++ echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works""... $ac_c" 1>&6 ++-echo "configure:1043: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5 +++echo "configure:1042: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5 ++ ++ ac_ext=c ++ # CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. ++@@ -1050,12 +1049,12 @@ ++ ++ cat > conftest.$ac_ext << EOF ++ ++-#line 1054 "configure" +++#line 1053 "configure" ++ #include "confdefs.h" ++ ++ main(){return(0);} ++ EOF ++-if { (eval echo configure:1059: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:1058: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ ac_cv_prog_cc_works=yes ++ # If we can't run a trivial program, we are probably using a cross compiler. ++ if (./conftest; exit) 2>/dev/null; then ++@@ -1081,12 +1080,12 @@ ++ { echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; } ++ fi ++ echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6 ++-echo "configure:1085: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5 +++echo "configure:1084: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5 ++ echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6 ++ cross_compiling=$ac_cv_prog_cc_cross ++ ++ echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6 ++-echo "configure:1090: checking whether we are using GNU C" >&5 +++echo "configure:1089: checking whether we are using GNU C" >&5 ++ if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -1095,7 +1094,7 @@ ++ yes; ++ #endif ++ EOF ++-if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:1099: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then +++if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:1098: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then ++ ac_cv_prog_gcc=yes ++ else ++ ac_cv_prog_gcc=no ++@@ -1114,7 +1113,7 @@ ++ ac_save_CFLAGS="$CFLAGS" ++ CFLAGS= ++ echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6 ++-echo "configure:1118: checking whether ${CC-cc} accepts -g" >&5 +++echo "configure:1117: checking whether ${CC-cc} accepts -g" >&5 ++ if eval "test \"`echo '$''{'ac_cv_prog_cc_g'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -1146,7 +1145,7 @@ ++ fi ++ ++ echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6 ++-echo "configure:1150: checking how to run the C preprocessor" >&5 +++echo "configure:1149: checking how to run the C preprocessor" >&5 ++ # On Suns, sometimes $CPP names a directory. ++ if test -n "$CPP" && test -d "$CPP"; then ++ CPP= ++@@ -1161,13 +1160,13 @@ ++ # On the NeXT, cc -E runs the code through the compiler's parser, ++ # not just through cpp. ++ cat > conftest.$ac_ext <<EOF ++-#line 1165 "configure" +++#line 1164 "configure" ++ #include "confdefs.h" ++ #include <assert.h> ++ Syntax Error ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:1171: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:1170: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ : ++@@ -1178,13 +1177,13 @@ ++ rm -rf conftest* ++ CPP="${CC-cc} -E -traditional-cpp" ++ cat > conftest.$ac_ext <<EOF ++-#line 1182 "configure" +++#line 1181 "configure" ++ #include "confdefs.h" ++ #include <assert.h> ++ Syntax Error ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:1188: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:1187: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ : ++@@ -1195,13 +1194,13 @@ ++ rm -rf conftest* ++ CPP="${CC-cc} -nologo -E" ++ cat > conftest.$ac_ext <<EOF ++-#line 1199 "configure" +++#line 1198 "configure" ++ #include "confdefs.h" ++ #include <assert.h> ++ Syntax Error ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:1205: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:1204: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ : ++@@ -1235,13 +1234,13 @@ ++ fi ++ if test $ac_cv_prog_gcc = yes; then ++ echo $ac_n "checking whether ${CC-cc} needs -traditional""... $ac_c" 1>&6 ++-echo "configure:1239: checking whether ${CC-cc} needs -traditional" >&5 +++echo "configure:1238: checking whether ${CC-cc} needs -traditional" >&5 ++ if eval "test \"`echo '$''{'ac_cv_prog_gcc_traditional'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ ac_pattern="Autoconf.*'x'" ++ cat > conftest.$ac_ext <<EOF ++-#line 1245 "configure" +++#line 1244 "configure" ++ #include "confdefs.h" ++ #include <sgtty.h> ++ Autoconf TIOCGETP ++@@ -1259,7 +1258,7 @@ ++ ++ if test $ac_cv_prog_gcc_traditional = no; then ++ cat > conftest.$ac_ext <<EOF ++-#line 1263 "configure" +++#line 1262 "configure" ++ #include "confdefs.h" ++ #include <termio.h> ++ Autoconf TCGETA ++@@ -1283,7 +1282,7 @@ ++ # Extract the first word of "ranlib", so it can be a program name with args. ++ set dummy ranlib; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:1287: checking for $ac_word" >&5 +++echo "configure:1286: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_prog_RANLIB'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -1311,7 +1310,7 @@ ++ fi ++ ++ echo $ac_n "checking for POSIXized ISC""... $ac_c" 1>&6 ++-echo "configure:1315: checking for POSIXized ISC" >&5 +++echo "configure:1314: checking for POSIXized ISC" >&5 ++ if test -d /etc/conf/kconfig.d && ++ grep _POSIX_VERSION /usr/include/sys/unistd.h >/dev/null 2>&1 ++ then ++@@ -1332,9 +1331,9 @@ ++ fi ++ ++ echo $ac_n "checking for AIX""... $ac_c" 1>&6 ++-echo "configure:1336: checking for AIX" >&5 +++echo "configure:1335: checking for AIX" >&5 ++ cat > conftest.$ac_ext <<EOF ++-#line 1338 "configure" +++#line 1337 "configure" ++ #include "confdefs.h" ++ #ifdef _AIX ++ yes ++@@ -1357,17 +1356,17 @@ ++ ++ ac_safe=`echo "minix/config.h" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for minix/config.h""... $ac_c" 1>&6 ++-echo "configure:1361: checking for minix/config.h" >&5 +++echo "configure:1360: checking for minix/config.h" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 1366 "configure" +++#line 1365 "configure" ++ #include "confdefs.h" ++ #include <minix/config.h> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:1371: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:1370: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -1408,7 +1407,7 @@ ++ ++ ++ echo $ac_n "checking for ${CC-cc} option to accept ANSI C""... $ac_c" 1>&6 ++-echo "configure:1412: checking for ${CC-cc} option to accept ANSI C" >&5 +++echo "configure:1411: checking for ${CC-cc} option to accept ANSI C" >&5 ++ if eval "test \"`echo '$''{'am_cv_prog_cc_stdc'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -1424,7 +1423,7 @@ ++ do ++ CC="$ac_save_CC $ac_arg" ++ cat > conftest.$ac_ext <<EOF ++-#line 1428 "configure" +++#line 1427 "configure" ++ #include "confdefs.h" ++ #include <stdarg.h> ++ #include <stdio.h> ++@@ -1461,7 +1460,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:1465: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:1464: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ am_cv_prog_cc_stdc="$ac_arg"; break ++ else ++@@ -1487,7 +1486,7 @@ ++ ++ ++ echo $ac_n "checking for function prototypes""... $ac_c" 1>&6 ++-echo "configure:1491: checking for function prototypes" >&5 +++echo "configure:1490: checking for function prototypes" >&5 ++ if test "$am_cv_prog_cc_stdc" != no; then ++ echo "$ac_t""yes" 1>&6 ++ cat >> confdefs.h <<\EOF ++@@ -1500,12 +1499,12 @@ ++ U=_ ANSI2KNR=./ansi2knr ++ # Ensure some checks needed by ansi2knr itself. ++ echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6 ++-echo "configure:1504: checking for ANSI C header files" >&5 +++echo "configure:1503: checking for ANSI C header files" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 1509 "configure" +++#line 1508 "configure" ++ #include "confdefs.h" ++ #include <stdlib.h> ++ #include <stdarg.h> ++@@ -1513,7 +1512,7 @@ ++ #include <float.h> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:1517: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:1516: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -1530,7 +1529,7 @@ ++ if test $ac_cv_header_stdc = yes; then ++ # SunOS 4.x string.h does not declare mem*, contrary to ANSI. ++ cat > conftest.$ac_ext <<EOF ++-#line 1534 "configure" +++#line 1533 "configure" ++ #include "confdefs.h" ++ #include <string.h> ++ EOF ++@@ -1548,7 +1547,7 @@ ++ if test $ac_cv_header_stdc = yes; then ++ # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. ++ cat > conftest.$ac_ext <<EOF ++-#line 1552 "configure" +++#line 1551 "configure" ++ #include "confdefs.h" ++ #include <stdlib.h> ++ EOF ++@@ -1569,7 +1568,7 @@ ++ : ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 1573 "configure" +++#line 1572 "configure" ++ #include "confdefs.h" ++ #include <ctype.h> ++ #define ISLOWER(c) ('a' <= (c) && (c) <= 'z') ++@@ -1580,7 +1579,7 @@ ++ exit (0); } ++ ++ EOF ++-if { (eval echo configure:1584: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +++if { (eval echo configure:1583: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null ++ then ++ : ++ else ++@@ -1607,17 +1606,17 @@ ++ do ++ ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 ++-echo "configure:1611: checking for $ac_hdr" >&5 +++echo "configure:1610: checking for $ac_hdr" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 1616 "configure" +++#line 1615 "configure" ++ #include "confdefs.h" ++ #include <$ac_hdr> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:1621: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:1620: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -1646,12 +1645,12 @@ ++ fi ++ ++ echo $ac_n "checking for working const""... $ac_c" 1>&6 ++-echo "configure:1650: checking for working const" >&5 +++echo "configure:1649: checking for working const" >&5 ++ if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 1655 "configure" +++#line 1654 "configure" ++ #include "confdefs.h" ++ ++ int main() { ++@@ -1700,7 +1699,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:1704: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:1703: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ ac_cv_c_const=yes ++ else ++@@ -1721,21 +1720,21 @@ ++ fi ++ ++ echo $ac_n "checking for inline""... $ac_c" 1>&6 ++-echo "configure:1725: checking for inline" >&5 +++echo "configure:1724: checking for inline" >&5 ++ if eval "test \"`echo '$''{'ac_cv_c_inline'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ ac_cv_c_inline=no ++ for ac_kw in inline __inline__ __inline; do ++ cat > conftest.$ac_ext <<EOF ++-#line 1732 "configure" +++#line 1731 "configure" ++ #include "confdefs.h" ++ ++ int main() { ++ } $ac_kw foo() { ++ ; return 0; } ++ EOF ++-if { (eval echo configure:1739: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:1738: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ ac_cv_c_inline=$ac_kw; break ++ else ++@@ -1786,7 +1785,7 @@ ++ esac ++ ++ echo $ac_n "checking for syslog in -lsocket""... $ac_c" 1>&6 ++-echo "configure:1790: checking for syslog in -lsocket" >&5 +++echo "configure:1789: checking for syslog in -lsocket" >&5 ++ ac_lib_var=`echo socket'_'syslog | sed 'y%./+-%__p_%'` ++ if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++@@ -1794,7 +1793,7 @@ ++ ac_save_LIBS="$LIBS" ++ LIBS="-lsocket $LIBS" ++ cat > conftest.$ac_ext <<EOF ++-#line 1798 "configure" +++#line 1797 "configure" ++ #include "confdefs.h" ++ /* Override any gcc2 internal prototype to avoid an error. */ ++ /* We use char because int might match the return type of a gcc2 ++@@ -1805,7 +1804,7 @@ ++ syslog() ++ ; return 0; } ++ EOF ++-if { (eval echo configure:1809: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:1808: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_lib_$ac_lib_var=yes" ++ else ++@@ -1832,108 +1831,14 @@ ++ echo "$ac_t""no" 1>&6 ++ fi ++ ++-echo $ac_n "checking for syslog in -lbe""... $ac_c" 1>&6 ++-echo "configure:1837: checking for syslog in -lbe" >&5 ++-ac_lib_var=`echo be'_'syslog | sed 'y%./+-%__p_%'` ++-if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then ++- echo $ac_n "(cached) $ac_c" 1>&6 ++-else ++- ac_save_LIBS="$LIBS" ++-LIBS="-lbe $LIBS" ++-cat > conftest.$ac_ext <<EOF ++-#line 1845 "configure" ++-#include "confdefs.h" ++-/* Override any gcc2 internal prototype to avoid an error. */ ++-/* We use char because int might match the return type of a gcc2 ++- builtin and then its argument prototype would still apply. */ ++-char syslog(); ++- ++-int main() { ++-syslog() ++-; return 0; } ++-EOF ++-if { (eval echo configure:1856: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++- rm -rf conftest* ++- eval "ac_cv_lib_$ac_lib_var=yes" ++-else ++- echo "configure: failed program was:" >&5 ++- cat conftest.$ac_ext >&5 ++- rm -rf conftest* ++- eval "ac_cv_lib_$ac_lib_var=no" ++-fi ++-rm -f conftest* ++-LIBS="$ac_save_LIBS" ++- ++-fi ++-if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then ++- echo "$ac_t""yes" 1>&6 ++- ac_tr_lib=HAVE_LIB`echo be | sed -e 's/[^a-zA-Z0-9_]/_/g' \ ++- -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` ++- cat >> confdefs.h <<EOF ++-#define $ac_tr_lib 1 ++-EOF ++- ++- LIBS="-lbe $LIBS" ++- ++-else ++- echo "$ac_t""no" 1>&6 ++-fi ++- ++-echo $ac_n "checking for gethostbyname in -lnsl""... $ac_c" 1>&6 ++-echo "configure:1884: checking for gethostbyname in -lnsl" >&5 ++-ac_lib_var=`echo nsl'_'gethostbyname | sed 'y%./+-%__p_%'` ++-if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then ++- echo $ac_n "(cached) $ac_c" 1>&6 ++-else ++- ac_save_LIBS="$LIBS" ++-LIBS="-lnsl $LIBS" ++-cat > conftest.$ac_ext <<EOF ++-#line 1892 "configure" ++-#include "confdefs.h" ++-/* Override any gcc2 internal prototype to avoid an error. */ ++-/* We use char because int might match the return type of a gcc2 ++- builtin and then its argument prototype would still apply. */ ++-char gethostbyname(); ++- ++-int main() { ++-gethostbyname() ++-; return 0; } ++-EOF ++-if { (eval echo configure:1903: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++- rm -rf conftest* ++- eval "ac_cv_lib_$ac_lib_var=yes" ++-else ++- echo "configure: failed program was:" >&5 ++- cat conftest.$ac_ext >&5 ++- rm -rf conftest* ++- eval "ac_cv_lib_$ac_lib_var=no" ++-fi ++-rm -f conftest* ++-LIBS="$ac_save_LIBS" ++- ++-fi ++-if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then ++- echo "$ac_t""yes" 1>&6 ++- ac_tr_lib=HAVE_LIB`echo nsl | sed -e 's/[^a-zA-Z0-9_]/_/g' \ ++- -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'` ++- cat >> confdefs.h <<EOF ++-#define $ac_tr_lib 1 ++-EOF ++- ++- LIBS="-lnsl $LIBS" ++- ++-else ++- echo "$ac_t""no" 1>&6 ++-fi ++- ++ ++ echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6 ++-echo "configure:1932: checking for ANSI C header files" >&5 +++echo "configure:1931: checking for ANSI C header files" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 1937 "configure" +++#line 1936 "configure" ++ #include "confdefs.h" ++ #include <stdlib.h> ++ #include <stdarg.h> ++@@ -1941,7 +1846,7 @@ ++ #include <float.h> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:1945: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:1944: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -1958,7 +1863,7 @@ ++ if test $ac_cv_header_stdc = yes; then ++ # SunOS 4.x string.h does not declare mem*, contrary to ANSI. ++ cat > conftest.$ac_ext <<EOF ++-#line 1962 "configure" +++#line 1961 "configure" ++ #include "confdefs.h" ++ #include <string.h> ++ EOF ++@@ -1976,7 +1881,7 @@ ++ if test $ac_cv_header_stdc = yes; then ++ # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. ++ cat > conftest.$ac_ext <<EOF ++-#line 1980 "configure" +++#line 1979 "configure" ++ #include "confdefs.h" ++ #include <stdlib.h> ++ EOF ++@@ -1997,7 +1902,7 @@ ++ : ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2001 "configure" +++#line 2000 "configure" ++ #include "confdefs.h" ++ #include <ctype.h> ++ #define ISLOWER(c) ('a' <= (c) && (c) <= 'z') ++@@ -2008,7 +1913,7 @@ ++ exit (0); } ++ ++ EOF ++-if { (eval echo configure:2012: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +++if { (eval echo configure:2011: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null ++ then ++ : ++ else ++@@ -2035,17 +1940,17 @@ ++ do ++ ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 ++-echo "configure:2039: checking for $ac_hdr" >&5 +++echo "configure:2038: checking for $ac_hdr" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2044 "configure" +++#line 2043 "configure" ++ #include "confdefs.h" ++ #include <$ac_hdr> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:2049: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:2048: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -2076,17 +1981,17 @@ ++ do ++ ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 ++-echo "configure:2080: checking for $ac_hdr" >&5 +++echo "configure:2079: checking for $ac_hdr" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2085 "configure" +++#line 2084 "configure" ++ #include "confdefs.h" ++ #include <$ac_hdr> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:2090: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:2089: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -2116,17 +2021,17 @@ ++ do ++ ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 ++-echo "configure:2120: checking for $ac_hdr" >&5 +++echo "configure:2119: checking for $ac_hdr" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2125 "configure" +++#line 2124 "configure" ++ #include "confdefs.h" ++ #include <$ac_hdr> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:2130: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:2129: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -2156,17 +2061,17 @@ ++ do ++ ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 ++-echo "configure:2160: checking for $ac_hdr" >&5 +++echo "configure:2159: checking for $ac_hdr" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2165 "configure" +++#line 2164 "configure" ++ #include "confdefs.h" ++ #include <$ac_hdr> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:2170: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:2169: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -2196,17 +2101,17 @@ ++ do ++ ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 ++-echo "configure:2200: checking for $ac_hdr" >&5 +++echo "configure:2199: checking for $ac_hdr" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2205 "configure" +++#line 2204 "configure" ++ #include "confdefs.h" ++ #include <$ac_hdr> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:2210: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:2209: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -2234,12 +2139,12 @@ ++ ++ ++ echo $ac_n "checking for size_t""... $ac_c" 1>&6 ++-echo "configure:2238: checking for size_t" >&5 +++echo "configure:2237: checking for size_t" >&5 ++ if eval "test \"`echo '$''{'ac_cv_type_size_t'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2243 "configure" +++#line 2242 "configure" ++ #include "confdefs.h" ++ #include <sys/types.h> ++ #if STDC_HEADERS ++@@ -2267,12 +2172,12 @@ ++ fi ++ ++ echo $ac_n "checking for mode_t""... $ac_c" 1>&6 ++-echo "configure:2271: checking for mode_t" >&5 +++echo "configure:2270: checking for mode_t" >&5 ++ if eval "test \"`echo '$''{'ac_cv_type_mode_t'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2276 "configure" +++#line 2275 "configure" ++ #include "confdefs.h" ++ #include <sys/types.h> ++ #if STDC_HEADERS ++@@ -2300,12 +2205,12 @@ ++ fi ++ ++ echo $ac_n "checking for off_t""... $ac_c" 1>&6 ++-echo "configure:2304: checking for off_t" >&5 +++echo "configure:2303: checking for off_t" >&5 ++ if eval "test \"`echo '$''{'ac_cv_type_off_t'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2309 "configure" +++#line 2308 "configure" ++ #include "confdefs.h" ++ #include <sys/types.h> ++ #if STDC_HEADERS ++@@ -2334,12 +2239,12 @@ ++ ++ ++ echo $ac_n "checking for speed_t""... $ac_c" 1>&6 ++-echo "configure:2338: checking for speed_t" >&5 +++echo "configure:2337: checking for speed_t" >&5 ++ if eval "test \"`echo '$''{'ac_cv_type_speed_t'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2343 "configure" +++#line 2342 "configure" ++ #include "confdefs.h" ++ #include <sys/types.h> ++ #if STDC_HEADERS ++@@ -2389,12 +2294,12 @@ ++ fi ++ ++ echo $ac_n "checking for st_rdev in struct stat""... $ac_c" 1>&6 ++-echo "configure:2393: checking for st_rdev in struct stat" >&5 +++echo "configure:2392: checking for st_rdev in struct stat" >&5 ++ if eval "test \"`echo '$''{'ac_cv_struct_st_rdev'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2398 "configure" +++#line 2397 "configure" ++ #include "confdefs.h" ++ #include <sys/types.h> ++ #include <sys/stat.h> ++@@ -2402,7 +2307,7 @@ ++ struct stat s; s.st_rdev; ++ ; return 0; } ++ EOF ++-if { (eval echo configure:2406: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:2405: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ ac_cv_struct_st_rdev=yes ++ else ++@@ -2423,12 +2328,12 @@ ++ fi ++ ++ echo $ac_n "checking whether time.h and sys/time.h may both be included""... $ac_c" 1>&6 ++-echo "configure:2427: checking whether time.h and sys/time.h may both be included" >&5 +++echo "configure:2426: checking whether time.h and sys/time.h may both be included" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_time'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2432 "configure" +++#line 2431 "configure" ++ #include "confdefs.h" ++ #include <sys/types.h> ++ #include <sys/time.h> ++@@ -2437,7 +2342,7 @@ ++ struct tm *tp; ++ ; return 0; } ++ EOF ++-if { (eval echo configure:2441: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:2440: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ ac_cv_header_time=yes ++ else ++@@ -2459,12 +2364,12 @@ ++ ++ ++ echo $ac_n "checking for socklen_t""... $ac_c" 1>&6 ++-echo "configure:2463: checking for socklen_t" >&5 +++echo "configure:2462: checking for socklen_t" >&5 ++ if eval "test \"`echo '$''{'ac_cv_type_socklen_t'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2468 "configure" +++#line 2467 "configure" ++ #include "confdefs.h" ++ ++ #include "confdefs.h" ++@@ -2480,7 +2385,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:2484: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:2483: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ ac_cv_type_socklen_t=yes ++ else ++@@ -2505,12 +2410,12 @@ ++ fi ++ ++ echo $ac_n "checking whether sys/time.h and sys/select.h may both be included""... $ac_c" 1>&6 ++-echo "configure:2509: checking whether sys/time.h and sys/select.h may both be included" >&5 +++echo "configure:2508: checking whether sys/time.h and sys/select.h may both be included" >&5 ++ if eval "test \"`echo '$''{'lrzsz_cv_header_sys_select'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2514 "configure" +++#line 2513 "configure" ++ #include "confdefs.h" ++ #include <sys/types.h> ++ #include <sys/time.h> ++@@ -2519,7 +2424,7 @@ ++ struct tm *tp; ++ ; return 0; } ++ EOF ++-if { (eval echo configure:2523: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:2522: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ lrzsz_cv_header_sys_select=yes ++ else ++@@ -2540,12 +2445,12 @@ ++ fi ++ ++ echo $ac_n "checking whether struct tm is in sys/time.h or time.h""... $ac_c" 1>&6 ++-echo "configure:2544: checking whether struct tm is in sys/time.h or time.h" >&5 +++echo "configure:2543: checking whether struct tm is in sys/time.h or time.h" >&5 ++ if eval "test \"`echo '$''{'ac_cv_struct_tm'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2549 "configure" +++#line 2548 "configure" ++ #include "confdefs.h" ++ #include <sys/types.h> ++ #include <time.h> ++@@ -2553,7 +2458,7 @@ ++ struct tm *tp; tp->tm_sec; ++ ; return 0; } ++ EOF ++-if { (eval echo configure:2557: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:2556: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ ac_cv_struct_tm=time.h ++ else ++@@ -2575,19 +2480,19 @@ ++ ++ ++ echo $ac_n "checking for errno declaration""... $ac_c" 1>&6 ++-echo "configure:2579: checking for errno declaration" >&5 +++echo "configure:2578: checking for errno declaration" >&5 ++ if eval "test \"`echo '$''{'lrzsz_cv_decl_errno'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2584 "configure" +++#line 2583 "configure" ++ #include "confdefs.h" ++ #include <errno.h> ++ int main() { ++ int i = errno; errno = 1; ++ ; return 0; } ++ EOF ++-if { (eval echo configure:2591: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:2590: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ lrzsz_cv_decl_errno=yes ++ else ++@@ -2610,7 +2515,7 @@ ++ ++ if test $cross_compiling = no ; then ++ echo $ac_n "checking whether setvbuf arguments are reversed""... $ac_c" 1>&6 ++-echo "configure:2614: checking whether setvbuf arguments are reversed" >&5 +++echo "configure:2613: checking whether setvbuf arguments are reversed" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_setvbuf_reversed'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -2618,7 +2523,7 @@ ++ { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; } ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2622 "configure" +++#line 2621 "configure" ++ #include "confdefs.h" ++ #include <stdio.h> ++ /* If setvbuf has the reversed format, exit 0. */ ++@@ -2632,7 +2537,7 @@ ++ exit(0); /* Non-reversed systems segv here. */ ++ } ++ EOF ++-if { (eval echo configure:2636: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +++if { (eval echo configure:2635: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null ++ then ++ ac_cv_func_setvbuf_reversed=yes ++ else ++@@ -2657,12 +2562,12 @@ ++ ++ fi ++ echo $ac_n "checking return type of signal handlers""... $ac_c" 1>&6 ++-echo "configure:2661: checking return type of signal handlers" >&5 +++echo "configure:2660: checking return type of signal handlers" >&5 ++ if eval "test \"`echo '$''{'ac_cv_type_signal'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2666 "configure" +++#line 2665 "configure" ++ #include "confdefs.h" ++ #include <sys/types.h> ++ #include <signal.h> ++@@ -2679,7 +2584,7 @@ ++ int i; ++ ; return 0; } ++ EOF ++-if { (eval echo configure:2683: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then +++if { (eval echo configure:2682: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then ++ rm -rf conftest* ++ ac_cv_type_signal=void ++ else ++@@ -2701,17 +2606,17 @@ ++ do ++ ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 ++-echo "configure:2705: checking for $ac_hdr" >&5 +++echo "configure:2704: checking for $ac_hdr" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2710 "configure" +++#line 2709 "configure" ++ #include "confdefs.h" ++ #include <$ac_hdr> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:2715: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:2714: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -2740,12 +2645,12 @@ ++ for ac_func in getpagesize ++ do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:2744: checking for $ac_func" >&5 +++echo "configure:2743: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2749 "configure" +++#line 2748 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -2768,7 +2673,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:2772: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:2771: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -2793,7 +2698,7 @@ ++ done ++ ++ echo $ac_n "checking for working mmap""... $ac_c" 1>&6 ++-echo "configure:2797: checking for working mmap" >&5 +++echo "configure:2796: checking for working mmap" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_mmap_fixed_mapped'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -2801,7 +2706,7 @@ ++ ac_cv_func_mmap_fixed_mapped=no ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2805 "configure" +++#line 2804 "configure" ++ #include "confdefs.h" ++ ++ /* Thanks to Mike Haertel and Jim Avera for this test. ++@@ -2941,7 +2846,7 @@ ++ } ++ ++ EOF ++-if { (eval echo configure:2945: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +++if { (eval echo configure:2944: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null ++ then ++ ac_cv_func_mmap_fixed_mapped=yes ++ else ++@@ -2966,19 +2871,19 @@ ++ # The Ultrix 4.2 mips builtin alloca declared by alloca.h only works ++ # for constant arguments. Useless! ++ echo $ac_n "checking for working alloca.h""... $ac_c" 1>&6 ++-echo "configure:2970: checking for working alloca.h" >&5 +++echo "configure:2969: checking for working alloca.h" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_alloca_h'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 2975 "configure" +++#line 2974 "configure" ++ #include "confdefs.h" ++ #include <alloca.h> ++ int main() { ++ char *p = alloca(2 * sizeof(int)); ++ ; return 0; } ++ EOF ++-if { (eval echo configure:2982: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:2981: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ ac_cv_header_alloca_h=yes ++ else ++@@ -2999,12 +2904,12 @@ ++ fi ++ ++ echo $ac_n "checking for alloca""... $ac_c" 1>&6 ++-echo "configure:3003: checking for alloca" >&5 +++echo "configure:3002: checking for alloca" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_alloca_works'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3008 "configure" +++#line 3007 "configure" ++ #include "confdefs.h" ++ ++ #ifdef __GNUC__ ++@@ -3032,7 +2937,7 @@ ++ char *p = (char *) alloca(1); ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3036: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3035: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ ac_cv_func_alloca_works=yes ++ else ++@@ -3064,12 +2969,12 @@ ++ ++ ++ echo $ac_n "checking whether alloca needs Cray hooks""... $ac_c" 1>&6 ++-echo "configure:3068: checking whether alloca needs Cray hooks" >&5 +++echo "configure:3067: checking whether alloca needs Cray hooks" >&5 ++ if eval "test \"`echo '$''{'ac_cv_os_cray'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3073 "configure" +++#line 3072 "configure" ++ #include "confdefs.h" ++ #if defined(CRAY) && ! defined(CRAY2) ++ webecray ++@@ -3094,12 +2999,12 @@ ++ if test $ac_cv_os_cray = yes; then ++ for ac_func in _getb67 GETB67 getb67; do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:3098: checking for $ac_func" >&5 +++echo "configure:3097: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3103 "configure" +++#line 3102 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -3122,7 +3027,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3126: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3125: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -3149,7 +3054,7 @@ ++ fi ++ ++ echo $ac_n "checking stack direction for C alloca""... $ac_c" 1>&6 ++-echo "configure:3153: checking stack direction for C alloca" >&5 +++echo "configure:3152: checking stack direction for C alloca" >&5 ++ if eval "test \"`echo '$''{'ac_cv_c_stack_direction'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -3157,7 +3062,7 @@ ++ ac_cv_c_stack_direction=0 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3161 "configure" +++#line 3160 "configure" ++ #include "confdefs.h" ++ find_stack_direction () ++ { ++@@ -3176,7 +3081,7 @@ ++ exit (find_stack_direction() < 0); ++ } ++ EOF ++-if { (eval echo configure:3180: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +++if { (eval echo configure:3179: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null ++ then ++ ac_cv_c_stack_direction=1 ++ else ++@@ -3198,7 +3103,7 @@ ++ fi ++ ++ cat > conftest.$ac_ext <<EOF ++-#line 3202 "configure" +++#line 3201 "configure" ++ #include "confdefs.h" ++ #include <utime.h> ++ EOF ++@@ -3216,12 +3121,12 @@ ++ for ac_func in gettimeofday settimeofday ++ do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:3220: checking for $ac_func" >&5 +++echo "configure:3219: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3225 "configure" +++#line 3224 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -3244,7 +3149,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3248: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3247: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -3271,12 +3176,12 @@ ++ for ac_func in strchr memcpy select vprintf ++ do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:3275: checking for $ac_func" >&5 +++echo "configure:3274: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3280 "configure" +++#line 3279 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -3299,7 +3204,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3303: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3302: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -3326,12 +3231,12 @@ ++ for ac_func in times rdchk utime syslog siginterrupt ++ do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:3330: checking for $ac_func" >&5 +++echo "configure:3329: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3335 "configure" +++#line 3334 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -3354,7 +3259,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3358: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3357: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -3381,12 +3286,12 @@ ++ for ac_func in mkdir mktime strerror strstr strdup strtoul strtol strpbrk ++ do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:3385: checking for $ac_func" >&5 +++echo "configure:3384: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3390 "configure" +++#line 3389 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -3409,7 +3314,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3413: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3412: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -3438,12 +3343,12 @@ ++ for ac_func in stpcpy strftime vasprintf ++ do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:3442: checking for $ac_func" >&5 +++echo "configure:3441: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3447 "configure" +++#line 3446 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -3466,7 +3371,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3470: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3469: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -3494,12 +3399,12 @@ ++ ++ ++ echo $ac_n "checking for getopt_long""... $ac_c" 1>&6 ++-echo "configure:3498: checking for getopt_long" >&5 +++echo "configure:3497: checking for getopt_long" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_getopt_long'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3503 "configure" +++#line 3502 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char getopt_long(); below. */ ++@@ -3522,7 +3427,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3526: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3525: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_getopt_long=yes" ++ else ++@@ -3552,12 +3457,12 @@ ++ ++ ++ echo $ac_n "checking for ftime""... $ac_c" 1>&6 ++-echo "configure:3556: checking for ftime" >&5 +++echo "configure:3555: checking for ftime" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_ftime'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3561 "configure" +++#line 3560 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char ftime(); below. */ ++@@ -3580,7 +3485,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3584: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3583: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_ftime=yes" ++ else ++@@ -3595,7 +3500,7 @@ ++ if eval "test \"`echo '$ac_cv_func_'ftime`\" = yes"; then ++ echo "$ac_t""yes" 1>&6 ++ echo $ac_n "checking that ftime works correctly""... $ac_c" 1>&6 ++-echo "configure:3599: checking that ftime works correctly" >&5 +++echo "configure:3598: checking that ftime works correctly" >&5 ++ if eval "test \"`echo '$''{'lrzsz_cv_sys_ftime_ok'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -3603,7 +3508,7 @@ ++ lrzsz_cv_sys_ftime_ok=runtime ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3607 "configure" +++#line 3606 "configure" ++ #include "confdefs.h" ++ ++ #include <sys/types.h> ++@@ -3632,7 +3537,7 @@ ++ } ++ ++ EOF ++-if { (eval echo configure:3636: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null +++if { (eval echo configure:3635: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null ++ then ++ lrzsz_cv_sys_ftime_ok=yes ++ else ++@@ -3666,20 +3571,20 @@ ++ ++ ++ echo $ac_n "checking for timezone variable""... $ac_c" 1>&6 ++-echo "configure:3670: checking for timezone variable" >&5 +++echo "configure:3669: checking for timezone variable" >&5 ++ if eval "test \"`echo '$''{'libquark_cv_var_timezone'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ ++ cat > conftest.$ac_ext <<EOF ++-#line 3676 "configure" +++#line 3675 "configure" ++ #include "confdefs.h" ++ #include <time.h> ++ int main() { ++ return(int)(timezone/2); ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3683: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3682: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ libquark_cv_var_timezone=yes ++ else ++@@ -3705,13 +3610,13 @@ ++ : ++ else ++ echo $ac_n "checking for $lookup_facility""... $ac_c" 1>&6 ++-echo "configure:3709: checking for $lookup_facility" >&5 +++echo "configure:3708: checking for $lookup_facility" >&5 ++ if eval "test \"`echo '$''{'lrzsz_cv_lookup_facility'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ ++ cat > conftest.$ac_ext <<EOF ++-#line 3715 "configure" +++#line 3714 "configure" ++ #include "confdefs.h" ++ ++ #ifdef HAVE_SYSLOG_H ++@@ -3763,17 +3668,17 @@ ++ do ++ ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 ++-echo "configure:3767: checking for $ac_hdr" >&5 +++echo "configure:3766: checking for $ac_hdr" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3772 "configure" +++#line 3771 "configure" ++ #include "confdefs.h" ++ #include <$ac_hdr> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:3777: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:3776: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -3803,12 +3708,12 @@ ++ strdup __argz_count __argz_stringify __argz_next ++ do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:3807: checking for $ac_func" >&5 +++echo "configure:3806: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3812 "configure" +++#line 3811 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -3831,7 +3736,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3835: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3834: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -3860,12 +3765,12 @@ ++ for ac_func in stpcpy ++ do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:3864: checking for $ac_func" >&5 +++echo "configure:3863: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3869 "configure" +++#line 3868 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -3888,7 +3793,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3892: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3891: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -3922,19 +3827,19 @@ ++ ++ if test $ac_cv_header_locale_h = yes; then ++ echo $ac_n "checking for LC_MESSAGES""... $ac_c" 1>&6 ++-echo "configure:3926: checking for LC_MESSAGES" >&5 +++echo "configure:3925: checking for LC_MESSAGES" >&5 ++ if eval "test \"`echo '$''{'am_cv_val_LC_MESSAGES'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 3931 "configure" +++#line 3930 "configure" ++ #include "confdefs.h" ++ #include <locale.h> ++ int main() { ++ return LC_MESSAGES ++ ; return 0; } ++ EOF ++-if { (eval echo configure:3938: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:3937: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ am_cv_val_LC_MESSAGES=yes ++ else ++@@ -3955,7 +3860,7 @@ ++ fi ++ fi ++ echo $ac_n "checking whether NLS is requested""... $ac_c" 1>&6 ++-echo "configure:3959: checking whether NLS is requested" >&5 +++echo "configure:3958: checking whether NLS is requested" >&5 ++ # Check whether --enable-nls or --disable-nls was given. ++ if test "${enable_nls+set}" = set; then ++ enableval="$enable_nls" ++@@ -3975,7 +3880,7 @@ ++ EOF ++ ++ echo $ac_n "checking whether included gettext is requested""... $ac_c" 1>&6 ++-echo "configure:3979: checking whether included gettext is requested" >&5 +++echo "configure:3978: checking whether included gettext is requested" >&5 ++ # Check whether --with-included-gettext or --without-included-gettext was given. ++ if test "${with_included_gettext+set}" = set; then ++ withval="$with_included_gettext" ++@@ -3994,17 +3899,17 @@ ++ ++ ac_safe=`echo "libintl.h" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for libintl.h""... $ac_c" 1>&6 ++-echo "configure:3998: checking for libintl.h" >&5 +++echo "configure:3997: checking for libintl.h" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 4003 "configure" +++#line 4002 "configure" ++ #include "confdefs.h" ++ #include <libintl.h> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:4008: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:4007: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++@@ -4021,19 +3926,19 @@ ++ if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then ++ echo "$ac_t""yes" 1>&6 ++ echo $ac_n "checking for gettext in libc""... $ac_c" 1>&6 ++-echo "configure:4025: checking for gettext in libc" >&5 +++echo "configure:4024: checking for gettext in libc" >&5 ++ if eval "test \"`echo '$''{'gt_cv_func_gettext_libc'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 4030 "configure" +++#line 4029 "configure" ++ #include "confdefs.h" ++ #include <libintl.h> ++ int main() { ++ return (int) gettext ("") ++ ; return 0; } ++ EOF ++-if { (eval echo configure:4037: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:4036: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ gt_cv_func_gettext_libc=yes ++ else ++@@ -4049,7 +3954,7 @@ ++ ++ if test "$gt_cv_func_gettext_libc" != "yes"; then ++ echo $ac_n "checking for bindtextdomain in -lintl""... $ac_c" 1>&6 ++-echo "configure:4053: checking for bindtextdomain in -lintl" >&5 +++echo "configure:4052: checking for bindtextdomain in -lintl" >&5 ++ ac_lib_var=`echo intl'_'bindtextdomain | sed 'y%./+-%__p_%'` ++ if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++@@ -4057,7 +3962,7 @@ ++ ac_save_LIBS="$LIBS" ++ LIBS="-lintl $LIBS" ++ cat > conftest.$ac_ext <<EOF ++-#line 4061 "configure" +++#line 4060 "configure" ++ #include "confdefs.h" ++ /* Override any gcc2 internal prototype to avoid an error. */ ++ /* We use char because int might match the return type of a gcc2 ++@@ -4068,7 +3973,7 @@ ++ bindtextdomain() ++ ; return 0; } ++ EOF ++-if { (eval echo configure:4072: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:4071: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_lib_$ac_lib_var=yes" ++ else ++@@ -4084,12 +3989,12 @@ ++ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then ++ echo "$ac_t""yes" 1>&6 ++ echo $ac_n "checking for gettext in libintl""... $ac_c" 1>&6 ++-echo "configure:4088: checking for gettext in libintl" >&5 +++echo "configure:4087: checking for gettext in libintl" >&5 ++ if eval "test \"`echo '$''{'gt_cv_func_gettext_libintl'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ echo $ac_n "checking for gettext in -lintl""... $ac_c" 1>&6 ++-echo "configure:4093: checking for gettext in -lintl" >&5 +++echo "configure:4092: checking for gettext in -lintl" >&5 ++ ac_lib_var=`echo intl'_'gettext | sed 'y%./+-%__p_%'` ++ if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++@@ -4097,7 +4002,7 @@ ++ ac_save_LIBS="$LIBS" ++ LIBS="-lintl $LIBS" ++ cat > conftest.$ac_ext <<EOF ++-#line 4101 "configure" +++#line 4100 "configure" ++ #include "confdefs.h" ++ /* Override any gcc2 internal prototype to avoid an error. */ ++ /* We use char because int might match the return type of a gcc2 ++@@ -4108,7 +4013,7 @@ ++ gettext() ++ ; return 0; } ++ EOF ++-if { (eval echo configure:4112: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:4111: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_lib_$ac_lib_var=yes" ++ else ++@@ -4147,7 +4052,7 @@ ++ # Extract the first word of "msgfmt", so it can be a program name with args. ++ set dummy msgfmt; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4151: checking for $ac_word" >&5 +++echo "configure:4150: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_MSGFMT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4181,12 +4086,12 @@ ++ for ac_func in dcgettext ++ do ++ echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 ++-echo "configure:4185: checking for $ac_func" >&5 +++echo "configure:4184: checking for $ac_func" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 4190 "configure" +++#line 4189 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char $ac_func(); below. */ ++@@ -4209,7 +4114,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:4213: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:4212: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_$ac_func=yes" ++ else ++@@ -4236,7 +4141,7 @@ ++ # Extract the first word of "gmsgfmt", so it can be a program name with args. ++ set dummy gmsgfmt; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4240: checking for $ac_word" >&5 +++echo "configure:4239: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_GMSGFMT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4272,7 +4177,7 @@ ++ # Extract the first word of "xgettext", so it can be a program name with args. ++ set dummy xgettext; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4276: checking for $ac_word" >&5 +++echo "configure:4275: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_XGETTEXT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4304,7 +4209,7 @@ ++ fi ++ ++ cat > conftest.$ac_ext <<EOF ++-#line 4308 "configure" +++#line 4307 "configure" ++ #include "confdefs.h" ++ ++ int main() { ++@@ -4312,7 +4217,7 @@ ++ return _nl_msg_cat_cntr ++ ; return 0; } ++ EOF ++-if { (eval echo configure:4316: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:4315: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ CATOBJEXT=.gmo ++ DATADIRNAME=share ++@@ -4335,7 +4240,7 @@ ++ ++ if test "$CATOBJEXT" = "NONE"; then ++ echo $ac_n "checking whether catgets can be used""... $ac_c" 1>&6 ++-echo "configure:4339: checking whether catgets can be used" >&5 +++echo "configure:4338: checking whether catgets can be used" >&5 ++ # Check whether --with-catgets or --without-catgets was given. ++ if test "${with_catgets+set}" = set; then ++ withval="$with_catgets" ++@@ -4348,7 +4253,7 @@ ++ ++ if test "$nls_cv_use_catgets" = "yes"; then ++ echo $ac_n "checking for main in -li""... $ac_c" 1>&6 ++-echo "configure:4352: checking for main in -li" >&5 +++echo "configure:4351: checking for main in -li" >&5 ++ ac_lib_var=`echo i'_'main | sed 'y%./+-%__p_%'` ++ if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++@@ -4356,14 +4261,14 @@ ++ ac_save_LIBS="$LIBS" ++ LIBS="-li $LIBS" ++ cat > conftest.$ac_ext <<EOF ++-#line 4360 "configure" +++#line 4359 "configure" ++ #include "confdefs.h" ++ ++ int main() { ++ main() ++ ; return 0; } ++ EOF ++-if { (eval echo configure:4367: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:4366: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_lib_$ac_lib_var=yes" ++ else ++@@ -4391,12 +4296,12 @@ ++ fi ++ ++ echo $ac_n "checking for catgets""... $ac_c" 1>&6 ++-echo "configure:4395: checking for catgets" >&5 +++echo "configure:4394: checking for catgets" >&5 ++ if eval "test \"`echo '$''{'ac_cv_func_catgets'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 4400 "configure" +++#line 4399 "configure" ++ #include "confdefs.h" ++ /* System header to define __stub macros and hopefully few prototypes, ++ which can conflict with char catgets(); below. */ ++@@ -4419,7 +4324,7 @@ ++ ++ ; return 0; } ++ EOF ++-if { (eval echo configure:4423: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then +++if { (eval echo configure:4422: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then ++ rm -rf conftest* ++ eval "ac_cv_func_catgets=yes" ++ else ++@@ -4441,7 +4346,7 @@ ++ # Extract the first word of "gencat", so it can be a program name with args. ++ set dummy gencat; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4445: checking for $ac_word" >&5 +++echo "configure:4444: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_GENCAT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4477,7 +4382,7 @@ ++ # Extract the first word of "gmsgfmt", so it can be a program name with args. ++ set dummy gmsgfmt; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4481: checking for $ac_word" >&5 +++echo "configure:4480: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_GMSGFMT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4514,7 +4419,7 @@ ++ # Extract the first word of "msgfmt", so it can be a program name with args. ++ set dummy msgfmt; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4518: checking for $ac_word" >&5 +++echo "configure:4517: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_GMSGFMT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4549,7 +4454,7 @@ ++ # Extract the first word of "xgettext", so it can be a program name with args. ++ set dummy xgettext; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4553: checking for $ac_word" >&5 +++echo "configure:4552: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_XGETTEXT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4607,7 +4512,7 @@ ++ # Extract the first word of "msgfmt", so it can be a program name with args. ++ set dummy msgfmt; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4611: checking for $ac_word" >&5 +++echo "configure:4610: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_MSGFMT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4641,7 +4546,7 @@ ++ # Extract the first word of "gmsgfmt", so it can be a program name with args. ++ set dummy gmsgfmt; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4645: checking for $ac_word" >&5 +++echo "configure:4644: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_GMSGFMT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4677,7 +4582,7 @@ ++ # Extract the first word of "xgettext", so it can be a program name with args. ++ set dummy xgettext; ac_word=$2 ++ echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 ++-echo "configure:4681: checking for $ac_word" >&5 +++echo "configure:4680: checking for $ac_word" >&5 ++ if eval "test \"`echo '$''{'ac_cv_path_XGETTEXT'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++@@ -4770,7 +4675,7 @@ ++ LINGUAS= ++ else ++ echo $ac_n "checking for catalogs to be installed""... $ac_c" 1>&6 ++-echo "configure:4774: checking for catalogs to be installed" >&5 +++echo "configure:4773: checking for catalogs to be installed" >&5 ++ NEW_LINGUAS= ++ for lang in ${LINGUAS=$ALL_LINGUAS}; do ++ case "$ALL_LINGUAS" in ++@@ -4798,17 +4703,17 @@ ++ if test "$CATOBJEXT" = ".cat"; then ++ ac_safe=`echo "linux/version.h" | sed 'y%./+-%__p_%'` ++ echo $ac_n "checking for linux/version.h""... $ac_c" 1>&6 ++-echo "configure:4802: checking for linux/version.h" >&5 +++echo "configure:4801: checking for linux/version.h" >&5 ++ if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then ++ echo $ac_n "(cached) $ac_c" 1>&6 ++ else ++ cat > conftest.$ac_ext <<EOF ++-#line 4807 "configure" +++#line 4806 "configure" ++ #include "confdefs.h" ++ #include <linux/version.h> ++ EOF ++ ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" ++-{ (eval echo configure:4812: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } +++{ (eval echo configure:4811: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } ++ ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` ++ if test -z "$ac_err"; then ++ rm -rf conftest* ++--- lrzsz-0.12.21.orig/lib/Makefile.in +++++ lrzsz-0.12.21/lib/Makefile.in ++@@ -1,4 +1,4 @@ ++-# Makefile.in generated automatically by automake 1.4a from Makefile.am +++# Makefile.in generated automatically by automake 1.4 from Makefile.am ++ ++ # Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. ++ # This Makefile.in is free software; the Free Software Foundation ++@@ -46,10 +46,9 @@ ++ AUTOHEADER = @AUTOHEADER@ ++ ++ INSTALL = @INSTALL@ ++-INSTALL_PROGRAM = @INSTALL_PROGRAM@ +++INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) ++ INSTALL_DATA = @INSTALL_DATA@ ++ INSTALL_SCRIPT = @INSTALL_SCRIPT@ ++-INSTALL_STRIP_FLAG = ++ transform = @program_transform_name@ ++ ++ NORMAL_INSTALL = : ++@@ -127,7 +126,7 @@ ++ ++ DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) ++ ++-TAR = gtar +++TAR = tar ++ GZIP_ENV = --best ++ DEP_FILES = .deps/alloca.P .deps/error.P .deps/getopt.P .deps/getopt1.P \ ++ .deps/long-options.P .deps/mkdir.P .deps/mktime.P .deps/stpcpy.P \ ++@@ -282,7 +281,7 @@ ++ @for file in $(DISTFILES); do \ ++ d=$(srcdir); \ ++ if test -d $$d/$$file; then \ ++- cp -pr $$d/$$file $(distdir)/$$file; \ +++ cp -pr $$/$$file $(distdir)/$$file; \ ++ else \ ++ test -f $(distdir)/$$file \ ++ || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ ++@@ -343,7 +342,7 @@ ++ all-am: Makefile $(ANSI2KNR) $(LIBRARIES) $(HEADERS) ++ all-redirect: all-am ++ install-strip: ++- $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install +++ $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install ++ installdirs: ++ ++ ++--- lrzsz-0.12.21.orig/man/Makefile.in +++++ lrzsz-0.12.21/man/Makefile.in ++@@ -1,4 +1,4 @@ ++-# Makefile.in generated automatically by automake 1.4a from Makefile.am +++# Makefile.in generated automatically by automake 1.4 from Makefile.am ++ ++ # Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. ++ # This Makefile.in is free software; the Free Software Foundation ++@@ -46,10 +46,9 @@ ++ AUTOHEADER = @AUTOHEADER@ ++ ++ INSTALL = @INSTALL@ ++-INSTALL_PROGRAM = @INSTALL_PROGRAM@ +++INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) ++ INSTALL_DATA = @INSTALL_DATA@ ++ INSTALL_SCRIPT = @INSTALL_SCRIPT@ ++-INSTALL_STRIP_FLAG = ++ transform = @program_transform_name@ ++ ++ NORMAL_INSTALL = : ++@@ -106,7 +105,7 @@ ++ ++ DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) ++ ++-TAR = gtar +++TAR = tar ++ GZIP_ENV = --best ++ all: all-redirect ++ .SUFFIXES: ++@@ -173,7 +172,7 @@ ++ @for file in $(DISTFILES); do \ ++ d=$(srcdir); \ ++ if test -d $$d/$$file; then \ ++- cp -pr $$d/$$file $(distdir)/$$file; \ +++ cp -pr $$/$$file $(distdir)/$$file; \ ++ else \ ++ test -f $(distdir)/$$file \ ++ || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ ++@@ -202,7 +201,7 @@ ++ all-am: Makefile $(MANS) ++ all-redirect: all-am ++ install-strip: ++- $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install +++ $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install ++ installdirs: ++ $(mkinstalldirs) $(DESTDIR)$(mandir)/man1 ++ ++--- lrzsz-0.12.21.orig/src/Makefile.in +++++ lrzsz-0.12.21/src/Makefile.in ++@@ -1,4 +1,4 @@ ++-# Makefile.in generated automatically by automake 1.4a from Makefile.am +++# Makefile.in generated automatically by automake 1.4 from Makefile.am ++ ++ # Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. ++ # This Makefile.in is free software; the Free Software Foundation ++@@ -45,10 +45,9 @@ ++ AUTOHEADER = @AUTOHEADER@ ++ ++ INSTALL = @INSTALL@ ++-INSTALL_PROGRAM = @INSTALL_PROGRAM@ +++INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) ++ INSTALL_DATA = @INSTALL_DATA@ ++ INSTALL_SCRIPT = @INSTALL_SCRIPT@ ++-INSTALL_STRIP_FLAG = ++ transform = @program_transform_name@ ++ ++ NORMAL_INSTALL = : ++@@ -132,7 +131,7 @@ ++ ++ DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) ++ ++-TAR = gtar +++TAR = tar ++ GZIP_ENV = --best ++ DEP_FILES = .deps/canit.P .deps/crctab.P .deps/lrz.P .deps/lsyslog.P \ ++ .deps/lsz.P .deps/protname.P .deps/rbsb.P .deps/tcp.P .deps/timing.P \ ++@@ -167,8 +166,8 @@ ++ $(mkinstalldirs) $(DESTDIR)$(bindir) ++ @list='$(bin_PROGRAMS)'; for p in $$list; do \ ++ if test -f $$p; then \ ++- echo " $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \ ++- $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ +++ echo " $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \ +++ $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \ ++ else :; fi; \ ++ done ++ ++@@ -292,7 +291,7 @@ ++ @for file in $(DISTFILES); do \ ++ d=$(srcdir); \ ++ if test -d $$d/$$file; then \ ++- cp -pr $$d/$$file $(distdir)/$$file; \ +++ cp -pr $$/$$file $(distdir)/$$file; \ ++ else \ ++ test -f $(distdir)/$$file \ ++ || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ ++@@ -353,7 +352,7 @@ ++ all-am: Makefile $(ANSI2KNR) $(PROGRAMS) $(HEADERS) ++ all-redirect: all-am ++ install-strip: ++- $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install +++ $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install ++ installdirs: ++ $(mkinstalldirs) $(DESTDIR)$(bindir) ++ ++--- lrzsz-0.12.21.orig/testsuite/Makefile.in +++++ lrzsz-0.12.21/testsuite/Makefile.in ++@@ -1,4 +1,4 @@ ++-# Makefile.in generated automatically by automake 1.4a from Makefile.am +++# Makefile.in generated automatically by automake 1.4 from Makefile.am ++ ++ # Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. ++ # This Makefile.in is free software; the Free Software Foundation ++@@ -46,10 +46,9 @@ ++ AUTOHEADER = @AUTOHEADER@ ++ ++ INSTALL = @INSTALL@ ++-INSTALL_PROGRAM = @INSTALL_PROGRAM@ +++INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) ++ INSTALL_DATA = @INSTALL_DATA@ ++ INSTALL_SCRIPT = @INSTALL_SCRIPT@ ++-INSTALL_STRIP_FLAG = ++ transform = @program_transform_name@ ++ ++ NORMAL_INSTALL = : ++@@ -103,7 +102,7 @@ ++ DIST_COMMON = Makefile.am Makefile.in ++ ++ ++-TAR = gtar +++TAR = tar ++ GZIP_ENV = --best ++ EXPECT = expect ++ RUNTEST = runtest ++@@ -133,7 +132,7 @@ ++ @for file in $(DISTFILES); do \ ++ d=$(srcdir); \ ++ if test -d $$d/$$file; then \ ++- cp -pr $$d/$$file $(distdir)/$$file; \ +++ cp -pr $$/$$file $(distdir)/$$file; \ ++ else \ ++ test -f $(distdir)/$$file \ ++ || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ ++@@ -192,7 +191,7 @@ ++ all-am: Makefile ++ all-redirect: all-am ++ install-strip: ++- $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install +++ $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install ++ installdirs: ++ ++ +--- lrzsz-0.12.21.orig/debian/patches/cat-id-tbl.diff ++++ lrzsz-0.12.21/debian/patches/cat-id-tbl.diff +@@ -0,0 +1,118 @@ ++--- lrzsz-0.12.21.orig/po/cat-id-tbl.c +++++ lrzsz-0.12.21/po/cat-id-tbl.c ++@@ -141,22 +141,23 @@ ++ {"\ ++ \n\ ++ countem: Total %d %ld\n", 84}, ++- {"Bad escape sequence %x", 85}, ++- {"Sender Canceled", 86}, ++- {"TIMEOUT", 87}, ++- {"Bad data subpacket", 88}, ++- {"Data subpacket too long", 89}, ++- {"Garbage count exceeded", 90}, ++- {"Got %s", 91}, ++- {"Retry %d: ", 92}, ++- {"don't have settimeofday, will not set time\n", 93}, ++- {"not running as root (this is good!), can not set time\n", 94}, ++- {"bytes_per_error", 95}, ++- {"bytes-per-error should be >100", 96}, ++- {"O_SYNC not supported by the kernel", 97}, ++- {"garbage on commandline", 98}, ++- {"Usage: %s [options] [filename.if.xmodem]\n", 99}, ++- {"Receive files with ZMODEM/YMODEM/XMODEM protocol\n", 100}, +++ {"Bad CRC", 85}, +++ {"Bad escape sequence %x", 86}, +++ {"Sender Canceled", 87}, +++ {"TIMEOUT", 88}, +++ {"Bad data subpacket", 89}, +++ {"Data subpacket too long", 90}, +++ {"Garbage count exceeded", 91}, +++ {"Got %s", 92}, +++ {"Retry %d: ", 93}, +++ {"don't have settimeofday, will not set time\n", 94}, +++ {"not running as root (this is good!), can not set time\n", 95}, +++ {"bytes_per_error", 96}, +++ {"bytes-per-error should be >100", 97}, +++ {"O_SYNC not supported by the kernel", 98}, +++ {"garbage on commandline", 99}, +++ {"Usage: %s [options] [filename.if.xmodem]\n", 100}, +++ {"Receive files with ZMODEM/YMODEM/XMODEM protocol\n", 101}, ++ {"\ ++ -+, --append append to existing files\n\ ++ -a, --ascii ASCII transfer (change CR/LF to LF)\n\ ++@@ -193,41 +194,41 @@ ++ --ymodem use YMODEM protocol\n\ ++ -Z, --zmodem use ZMODEM protocol\n\ ++ \n\ ++-short options use the same arguments as the long ones\n", 101}, ++- {"%s waiting to receive.", 102}, ++- {"\rBytes received: %7ld/%7ld BPS:%-6ld \r\n", 103}, ++- {"%s: ready to receive %s", 104}, ++- {"\rBytes received: %7ld BPS:%-6ld \r\n", 105}, +++short options use the same arguments as the long ones\n", 102}, +++ {"%s waiting to receive.", 103}, +++ {"\rBytes received: %7ld/%7ld BPS:%-6ld \r\n", 104}, +++ {"%s: ready to receive %s", 105}, +++ {"\rBytes received: %7ld BPS:%-6ld \r\n", 106}, ++ {"\ ++ \r\n\ ++-%s: %s removed.\r\n", 106}, ++- {"Pathname fetch returned EOT", 107}, ++- {"Received dup Sector", 108}, ++- {"Sync Error", 109}, ++- {"CRC", 110}, ++- {"Checksum", 111}, ++- {"Sector number garbled", 112}, ++- {"Sender Cancelled", 113}, ++- {"Got 0%o sector header", 114}, ++- {"file name ends with a /, skipped: %s\n", 115}, ++- {"zmanag=%d, Lzmanag=%d\n", 116}, ++- {"zconv=%d\n", 117}, ++- {"file exists, skipped: %s\n", 118}, ++- {"TIMESYNC: here %ld, remote %ld, diff %ld seconds\n", 119}, ++- {"TIMESYNC: cannot set time: %s\n", 120}, ++- {"Topipe", 121}, ++- {"Receiving: %s\n", 122}, ++- {"Blocks received: %d", 123}, ++- {"%s: %s exists\n", 124}, ++- {"%s:\tSecurity Violation", 125}, ++- {"remote command execution requested", 126}, ++- {"not executed", 127}, ++- {"got ZRINIT", 128}, ++- {"Skipped", 129}, ++- {"rzfile: bps rate %ld below min %ld", 130}, ++- {"rzfile: reached stop time", 131}, ++- {"\rBytes received: %7ld/%7ld BPS:%-6ld ETA %02d:%02d ", 132}, ++- {"file close error", 133}, +++%s: %s removed.\r\n", 107}, +++ {"Pathname fetch returned EOT", 108}, +++ {"Received dup Sector", 109}, +++ {"Sync Error", 110}, +++ {"CRC", 111}, +++ {"Checksum", 112}, +++ {"Sector number garbled", 113}, +++ {"Sender Cancelled", 114}, +++ {"Got 0%o sector header", 115}, +++ {"file name ends with a /, skipped: %s\n", 116}, +++ {"zmanag=%d, Lzmanag=%d\n", 117}, +++ {"zconv=%d\n", 118}, +++ {"file exists, skipped: %s\n", 119}, +++ {"TIMESYNC: here %ld, remote %ld, diff %ld seconds\n", 120}, +++ {"TIMESYNC: cannot set time: %s\n", 121}, +++ {"Topipe", 122}, +++ {"Receiving: %s\n", 123}, +++ {"Blocks received: %d", 124}, +++ {"%s: %s exists\n", 125}, +++ {"%s:\tSecurity Violation", 126}, +++ {"remote command execution requested", 127}, +++ {"not executed", 128}, +++ {"got ZRINIT", 129}, +++ {"Skipped", 130}, +++ {"rzfile: bps rate %ld below min %ld", 131}, +++ {"rzfile: reached stop time", 132}, +++ {"\rBytes received: %7ld/%7ld BPS:%-6ld ETA %02d:%02d ", 133}, +++ {"file close error", 134}, ++ }; ++ ++-int _msg_tbl_length = 133; +++int _msg_tbl_length = 134; +--- lrzsz-0.12.21.orig/debian/patches/206499_ymodemg.diff.unchecked ++++ lrzsz-0.12.21/debian/patches/206499_ymodemg.diff.unchecked +@@ -0,0 +1,70 @@ ++--- org/lrz.c 1998-12-29 23:49:24.000000000 -0800 +++++ lrz.c 2003-08-21 15:15:15.000000000 -0700 ++@@ -73,6 +73,7 @@ ++ ++ int Lastrx; ++ int Crcflg; +++int Optiong; ++ int Firstsec; ++ int errors; ++ int Restricted=1; /* restricted; no /.. or ../ in filenames */ ++@@ -211,6 +212,7 @@ ++ {"allow-remote-commands", no_argument, NULL, 'C'}, ++ {"escape", no_argument, NULL, 'e'}, ++ {"rename", no_argument, NULL, 'E'}, +++ {"go", no_argument, NULL, 'g'}, ++ {"help", no_argument, NULL, 'h'}, ++ {"crc-check", no_argument, NULL, 'H'}, ++ {"junk-path", no_argument, NULL, 'j'}, ++@@ -288,7 +290,7 @@ ++ parse_long_options (argc, argv, show_version, usage1); ++ ++ while ((c = getopt_long (argc, argv, ++- "a+bB:cCDeEhm:M:OprRqs:St:uUvw:XZy", +++ "a+bB:cCDeEghm:M:OprRqs:St:uUvw:XZy", ++ long_options, (int *) 0)) != EOF) ++ { ++ unsigned long int tmp; ++@@ -313,6 +315,7 @@ ++ case 'D': Nflag = TRUE; break; ++ case 'E': Lzmanag = ZF1_ZMCHNG; break; ++ case 'e': Zctlesc = 1; break; +++ case 'g': Optiong = 1; break; ++ case 'h': usage(0,NULL); break; ++ case 'H': Lzmanag= ZF1_ZMCRC; break; ++ case 'j': junk_path=TRUE; break; ++@@ -617,6 +620,7 @@ ++ " -e, --escape Escape control characters (Z)\n" ++ " -E, --rename rename any files already existing\n" ++ " --errors N generate CRC error every N bytes (debugging)\n" +++" -g, --go use X/YMODEM-g protocol (with CRC)\n" ++ " -h, --help Help, print this usage message\n" ++ " -m, --min-bps N stop transmission if BPS below N\n" ++ " -M, --min-bps-time N for at least N seconds (default: 120)\n" ++@@ -843,7 +847,7 @@ ++ et_tu: ++ Firstsec=TRUE; ++ zi->eof_seen=FALSE; ++- sendline(Crcflg?WANTCRC:NAK); +++ sendline(Optiong?WANTG:(Crcflg?WANTCRC:NAK)); ++ flushmo(); ++ purgeline(0); /* Do read next time ... */ ++ while ((c = wcgetsec(&Blklen, rpn, 100)) != 0) { ++@@ -875,7 +879,7 @@ ++ ++ Firstsec=TRUE;sectnum=0; ++ zi->eof_seen=FALSE; ++- sendchar=Crcflg?WANTCRC:NAK; +++ sendchar=(Optiong?WANTG:(Crcflg?WANTCRC:NAK)); ++ ++ for (;;) { ++ sendline(sendchar); /* send it now, we're ready! */ ++@@ -1007,7 +1011,7 @@ ++ ; ++ } ++ if (Firstsec) { ++- sendline(Crcflg?WANTCRC:NAK); +++ sendline(Optiong?WANTG:(Crcflg?WANTCRC:NAK)); ++ flushmo(); ++ purgeline(0); /* Do read next time ... */ ++ } else { +--- lrzsz-0.12.21.orig/debian/patches/313992_de_po.diff ++++ lrzsz-0.12.21/debian/patches/313992_de_po.diff +@@ -0,0 +1,650 @@ ++--- lrzsz-0.12.21.orig/po/de.po +++++ lrzsz-0.12.21/po/de.po ++@@ -1,17 +1,18 @@ ++-# german translation of lrzsz output ++-# Copyright (C) 1997 Uwe Ohse ++-# Uwe Ohse <uwe@ohse.de>, 1997. +++# German translation of lrzsz +++# Copyright (C) Uwe Ohse <uwe@ohse.de>, 1997. +++# Copyright (C) Tobias Toedter <t.toedter@gmx.net>, 2005, 2006. ++ # ++ msgid "" ++ msgstr "" ++-"Project-Id-Version: PACKAGE VERSION\n" +++"Project-Id-Version: lrzsz 0.12.21\n" ++ "POT-Creation-Date: 1999-08-22 21:00+0200\n" ++-"PO-Revision-Date: 1997-06-01 19:00+0200\n" ++-"Last-Translator: FULL NAME <uwe@ohse.de>\n" ++-"Language-Team: none. try <uwe@ohse.de>\n" +++"PO-Revision-Date: 2006-01-12 10:23+0100\n" +++"Last-Translator: Tobias Toedter <t.toedter@gmx.net>\n" +++"Language-Team: German <debian-l10n-german@lists.debian.org>\n" ++ "MIME-Version: 1.0\n" ++-"Content-Type: text/plain; charset=iso-8859-1\n" +++"Content-Type: text/plain; charset=UTF-8\n" ++ "Content-Transfer-Encoding: 8bit\n" +++"X-Generator: KBabel 1.10.2\n" ++ ++ #: src/lsz.c:228 ++ msgid "io_mode(,2) in rbsb.c not implemented\n" ++@@ -28,21 +29,21 @@ ++ ++ #: src/lsz.c:422 ++ msgid "packetlength" ++-msgstr "Paketl?nge" +++msgstr "Paketlänge" ++ ++ #: src/lsz.c:427 ++ #, c-format ++ msgid "packetlength out of range 24..%ld" ++-msgstr "Argument der Option L au?erhalb des Bereichs 24..%ld" +++msgstr "Argument der Option L außerhalb des Bereichs 24..%ld" ++ ++ #: src/lsz.c:436 ++ msgid "framelength" ++-msgstr "Framel?nge" +++msgstr "Framelänge" ++ ++ #: src/lsz.c:441 ++ #, c-format ++ msgid "framelength out of range 32..%ld" ++-msgstr "Argument der Option l au?erhalb des Bereichs 32..%ld" +++msgstr "Argument der Option l außerhalb des Bereichs 32..%ld" ++ ++ #: src/lrz.c:318 src/lsz.c:450 ++ msgid "min_bps" ++@@ -50,27 +51,27 @@ ++ ++ #: src/lsz.c:452 ++ msgid "min_bps must be >= 0" ++-msgstr "minimale BPS-Rate mu? >= 0 sein" +++msgstr "minimale BPS-Rate muss >= 0 sein" ++ ++ #: src/lrz.c:324 src/lsz.c:458 ++ msgid "min_bps_time" ++-msgstr "" +++msgstr "Zeitfenster für minimale BPS-Rate" ++ ++ #: src/lrz.c:326 src/lsz.c:460 ++ msgid "min_bps_time must be > 1" ++-msgstr "Zeitfenster f?r minimale BPS-Rate mu? > 1 Sekunde sein" +++msgstr "Zeitfenster für minimale BPS-Rate muss > 1 Sekunde sein" ++ ++ #: src/lrz.c:342 src/lsz.c:484 ++ msgid "hour to large (0..23)" ++-msgstr "Stunde zu gross (0..23)" +++msgstr "Stunde zu groß (0..23)" ++ ++ #: src/lrz.c:344 src/lsz.c:486 ++ msgid "unparsable stop time\n" ++-msgstr "unparsbare Endzeit\n" +++msgstr "Endzeit nicht auszuwerten\n" ++ ++ #: src/lrz.c:348 src/lsz.c:490 ++ msgid "minute to large (0..59)" ++-msgstr "Minute zu gro? (0..59)" +++msgstr "Minute zu groß (0..59)" ++ ++ #: src/lrz.c:358 src/lrz.c:365 src/lsz.c:500 src/lsz.c:507 ++ msgid "stop time to small" ++@@ -78,7 +79,7 @@ ++ ++ #: src/lrz.c:363 src/lsz.c:505 ++ msgid "stop-at" ++-msgstr "" +++msgstr "Stopp um" ++ ++ #: src/lrz.c:394 src/lsz.c:516 ++ msgid "timeout" ++@@ -86,15 +87,15 @@ ++ ++ #: src/lrz.c:396 src/lsz.c:518 ++ msgid "timeout out of range 10..1000" ++-msgstr "Argument der Option t au?erhalb des Bereichs 10..1000" +++msgstr "Argument der Option t außerhalb des Bereichs 10..1000" ++ ++ #: src/lrz.c:412 src/lsz.c:526 ++ msgid "security violation: can't do that under restricted shell\n" ++-msgstr "Sicherheitsversto?: Ausf?hrung unter eingeschr?nkter Shell verboten\n" +++msgstr "Sicherheitsverstoß: Ausführung unter eingeschränkter Shell verboten\n" ++ ++ #: src/lrz.c:402 src/lsz.c:533 ++ msgid "window size" ++-msgstr "Fenstergr??e" +++msgstr "Fenstergröße" ++ ++ #: src/lrz.c:427 src/lrz.c:434 src/lsz.c:556 src/lsz.c:563 ++ msgid "cannot turnoff syslog" ++@@ -102,7 +103,7 @@ ++ ++ #: src/lrz.c:449 src/lsz.c:571 ++ msgid "startup delay" ++-msgstr "Startverz?gerung" +++msgstr "Startverzögerung" ++ ++ #: src/lrz.c:465 src/lrz.c:483 src/lrz.c:760 src/lrz.c:1122 src/lrz.c:1244 ++ #: src/lrz.c:1292 src/lrz.c:1309 src/lrz.c:1324 src/lrz.c:1423 src/lsz.c:580 ++@@ -117,11 +118,11 @@ ++ ++ #: src/lsz.c:612 src/lsz.c:627 ++ msgid "need at least one file to send" ++-msgstr "es mu? mindestens ein Name einer zu sendenden Datei angegeben werden" +++msgstr "es muss mindestens ein Name einer zu sendenden Datei angegeben werden" ++ ++ #: src/lsz.c:629 ++ msgid "Can't send command in restricted mode\n" ++-msgstr "Im eingeschr?nkten Modus ist das Senden von Kommandos verboten\n" +++msgstr "Im eingeschränkten Modus ist das Senden von Kommandos verboten\n" ++ ++ #: src/lrz.c:527 src/lsz.c:656 ++ msgid "hostname too long\n" ++@@ -129,7 +130,7 @@ ++ ++ #: src/lrz.c:542 src/lsz.c:671 ++ msgid "illegal server address\n" ++-msgstr "Illegale Serveraddresse\n" +++msgstr "Illegale Serveradresse\n" ++ ++ #: src/lsz.c:710 ++ msgid "can read only one file from stdin" ++@@ -137,21 +138,21 @@ ++ ++ #: src/lrz.c:574 src/lsz.c:803 ++ msgid "Transfer incomplete\n" ++-msgstr "?bertragung nicht abgeschlossen\n" +++msgstr "Ãœbertragung nicht abgeschlossen\n" ++ ++ #: src/lrz.c:576 src/lsz.c:805 ++ msgid "Transfer complete\n" ++-msgstr "?bertragung abgeschlossen\n" +++msgstr "Ãœbertragung abgeschlossen\n" ++ ++ #: src/lsz.c:838 ++ #, c-format ++ msgid "send_pseudo %s: cannot open tmpfile %s: %s" ++-msgstr "send_pseudo %s: kann tempor?re Datei %s nicht ?ffnen: %s" +++msgstr "send_pseudo %s: kann temporäre Datei %s nicht öffnen: %s" ++ ++ #: src/lsz.c:851 ++ #, c-format ++ msgid "send_pseudo %s: cannot lstat tmpfile %s: %s" ++-msgstr "send_pseudo %s: kann lstat nicht auf tempor?re Datei %s anwenden: %s" +++msgstr "send_pseudo %s: kann lstat nicht auf temporäre Datei %s anwenden: %s" ++ ++ #: src/lsz.c:859 ++ #, c-format ++@@ -161,7 +162,7 @@ ++ #: src/lsz.c:870 ++ #, c-format ++ msgid "send_pseudo %s: cannot write to tmpfile %s: %s" ++-msgstr "send_pseudo %s: kann nicht in tempor?re Datei %s schreiben: %s" +++msgstr "send_pseudo %s: kann nicht in temporäre Datei %s schreiben: %s" ++ ++ #: src/lsz.c:879 ++ #, c-format ++@@ -188,17 +189,17 @@ ++ ++ #: src/lsz.c:953 ++ msgid "Can't open any requested files." ++-msgstr "Kann keine der angeforderten Dateien ?ffnen" +++msgstr "Kann keine der angeforderten Dateien öffnen" ++ ++ #: src/lsz.c:1009 ++ #, c-format ++ msgid "security violation: not allowed to upload from %s" ++-msgstr "Sicherheitsversto?: Ausf?hrung unter eingeschr?nkter Shell verboten" +++msgstr "Sicherheitsverstoß: Hochladen von %s nicht erlaubt" ++ ++ #: src/lrz.c:1384 src/lsz.c:1027 ++ #, c-format ++ msgid "cannot open %s" ++-msgstr "kann %s nicht ?ffnen" +++msgstr "kann %s nicht öffnen" ++ ++ #: src/lsz.c:1082 ++ #, c-format ++@@ -213,12 +214,12 @@ ++ #: src/lsz.c:1119 ++ #, c-format ++ msgid "skipped: %s" ++-msgstr "?bersprungen: %s" +++msgstr "übersprungen: %s" ++ ++ #: src/lsz.c:1122 ++ #, c-format ++ msgid "%s/%s: skipped" ++-msgstr "%s/%s: ?bersprungen" +++msgstr "%s/%s: übersprungen" ++ ++ #: src/lsz.c:1149 ++ #, c-format ++@@ -228,7 +229,7 @@ ++ #: src/lsz.c:1178 ++ #, c-format ++ msgid "Sending %s, %ld blocks: " ++-msgstr "Sende %s, %ld Bl?cke:" +++msgstr "Sende %s, %ld Blöcke:" ++ ++ #: src/lsz.c:1181 ++ msgid "Give your local XMODEM receive command now." ++@@ -245,11 +246,11 @@ ++ ++ #: src/lsz.c:1314 ++ msgid "Receiver Cancelled" ++-msgstr "Empf?nger brach ab" +++msgstr "Empfänger brach ab" ++ ++ #: src/lsz.c:1340 ++ msgid "No ACK on EOT" ++-msgstr "Keine Best?tigung f?r ?bertragungsende erhalten" +++msgstr "Keine Bestätigung für Ãœbertragungsende erhalten" ++ ++ #: src/lsz.c:1361 ++ #, c-format ++@@ -267,24 +268,24 @@ ++ ++ #: src/lsz.c:1399 ++ msgid "Timeout on sector ACK" ++-msgstr "Timeout bei Sektorbest?tigung" +++msgstr "Timeout bei Sektorbestätigung" ++ ++ #: src/lsz.c:1404 ++ msgid "NAK on sector" ++-msgstr "Sektor nicht best?tigt" +++msgstr "Sektor nicht bestätigt" ++ ++ #: src/lsz.c:1410 ++ msgid "Got burst for sector ACK" ++-msgstr "" +++msgstr "Erhielt Bruch als Sektorbestätigung" ++ ++ #: src/lsz.c:1412 ++ #, c-format ++ msgid "Got %02x for sector ACK" ++-msgstr "Erhielt %02x als Sektorbest?tigung" +++msgstr "Erhielt %02x als Sektorbestätigung" ++ ++ #: src/lsz.c:1424 ++ msgid "Retry Count Exceeded" ++-msgstr "Maximale Wiederholungsanzahl ?berschritten" +++msgstr "Maximale Wiederholungsanzahl überschritten" ++ ++ #: src/lrz.c:596 src/lsz.c:1502 ++ #, c-format ++@@ -304,11 +305,11 @@ ++ #: src/lsz.c:1512 ++ #, c-format ++ msgid " or: %s [options] -{c|i} COMMAND\n" ++-msgstr " oder: %s [Optionen] -{c|i} KOMMANDO\n" +++msgstr " oder: %s [-2Ceqv] -{c|i} KOMMANDO\n" ++ ++ #: src/lsz.c:1513 ++ msgid "Send file(s) with ZMODEM/YMODEM/XMODEM protocol\n" ++-msgstr "Dateien mit ZMODEM/YMODEM/XMODEM ?bertragen\n" +++msgstr "Dateien mit ZMODEM/YMODEM/XMODEM übertragen\n" ++ ++ # src/lrz.c:475 src/lsz.c:1330 xx ++ #: src/lrz.c:607 src/lsz.c:1515 ++@@ -317,9 +318,9 @@ ++ " (Y) = option applies to YMODEM only\n" ++ " (Z) = option applies to ZMODEM only\n" ++ msgstr "" ++-" (X) = Option gilt nur f?r XMODEM\n" ++-" (Y) = Option gilt nur f?r YMODEM\n" ++-" (Z) = Option gilt nur f?r ZMODEM\n" +++" (X) = Option gilt nur für XMODEM\n" +++" (Y) = Option gilt nur für YMODEM\n" +++" (Z) = Option gilt nur für ZMODEM\n" ++ ++ #: src/lsz.c:1521 ++ msgid "" ++@@ -347,32 +348,32 @@ ++ " -m, --min-bps N stop transmission if BPS below N\n" ++ " -M, --min-bps-time N for at least N seconds (default: 120)\n" ++ msgstr "" ++-" -+, --append an existierende Dateien anh?ngen (Z)\n" +++" -+, --append an existierende Dateien anhängen (Z)\n" ++ " -2, --twostop zwei Stopbits verwenden\n" ++-" -4, --try-4k bis zu 4K Blockgr??e verwenden\n" ++-" --start-4k mit 4K Blockgr??e starten (versucht nicht 8)\n" ++-" -8, --try-8k bis zu 8K Blockgr??e verwenden\n" ++-" --start-8k mit 8K Blockgr??e starten\n" +++" -4, --try-4k bis zu 4K Blockgröße verwenden\n" +++" --start-4k mit 4K Blockgröße starten (versucht nicht 8)\n" +++" -8, --try-8k bis zu 8K Blockgröße verwenden\n" +++" --start-8k mit 8K Blockgröße starten\n" ++ " -a, --ascii ASCII: NL nach CR/LF wandeln\n" ++-" -b, --binary Bin?r?bertragung erzwingen\n" +++" -b, --binary Binärübertragung erzwingen\n" ++ " -B, --bufsize N N Bytes puffern (auto: ganze Datei puffern)\n" ++-" -c, --command COMMAND Kommando KOMMANDO auf Gegenseite ausf?hren " +++" -c, --command COMMAND Kommando KOMMANDO auf Gegenseite ausführen " ++ "(Z)\n" ++-" -C, --command-tries N N mal Kommandoausf?hrung versuchen (Z)\n" +++" -C, --command-tries N N mal Kommandoausführung versuchen (Z)\n" ++ " -d, --dot-to-slash C '.' in Dateinamen nach '/' wandeln (Y/Z)\n" ++ " --delay-startup N Bei Programmstart N Sek. schlafen (Debugging)\n" ++ " -e, --escape alle Steuerzeichen escapen (Z)\n" ++-" -E, --rename Empf?nger soll Datei umbenennen falls\n" +++" -E, --rename Empfänger soll Datei umbenennen falls\n" ++ " Zieldatei schon existiert\n" ++ " -f, --full-path Dateien mit vollen Pfaden senden (Y/Z)\n" ++-" -i, --immediate-command CMD wie `c', aber sofort zur?ckkehren (Z)\n" +++" -i, --immediate-command CMD wie `c', aber sofort zurückkehren (Z)\n" ++ " -h, --help diesen Hilfetext ausgeben\n" ++ " -k, --1k 1024 Bytes Pakete senden (Y)\n" ++-" -L, --packetlen N Unterpaketl?nge auf N Bytes beschr?nken (Z)\n" ++-" -l, --framelen N Rahmenl?nge auf N Bytes beschr?nken (l>=L) " +++" -L, --packetlen N Unterpaketlänge auf N Bytes beschränken (Z)\n" +++" -l, --framelen N Rahmenlänge auf N Bytes beschränken (l>=L) " ++ "(Z)\n" ++-" -m, --min-bps N ?bertragung abbrechen bei weniger als N BPS\n" ++-" -M, --min-bps-time N f?r mindestens N Sekunden (Default: 120)\n" +++" -m, --min-bps N Ãœbertragung abbrechen bei weniger als N BPS\n" +++" -M, --min-bps-time N für mindestens N Sekunden (Default: 120)\n" ++ ++ #: src/lsz.c:1546 ++ msgid "" ++@@ -400,28 +401,28 @@ ++ "short options use the same arguments as the long ones\n" ++ msgstr "" ++ " -n, --newer Datei senden wenn sie neuer ist (Z)\n" ++-" -N, --newer-or-longer Datei senden wenn neuer oder l?nger (Z)\n" +++" -N, --newer-or-longer Datei senden wenn neuer oder länger (Z)\n" ++ " -o, --16-bit-crc 16Bit CRC statt 32Bit CRC verwenden (Z)\n" ++ " -O, --disable-timeouts Timeoutbehandlung abschalten\n" ++-" -p, --protect existierende Dateien nicht ver?ndern\n" ++-" -r, --resume unterbrochene ?bertragungen fortsetzen (Z)\n" ++-" -R, --restricted eingeschr?nkter, sichererer Modus\n" +++" -p, --protect existierende Dateien nicht verändern\n" +++" -r, --resume unterbrochene Ãœbertragungen fortsetzen (Z)\n" +++" -R, --restricted eingeschränkter, sichererer Modus\n" ++ " -q, --quiet leise, keine Ausgaben machen\n" ++-" -s, --stop-at {HH:MM|+N} ?bertragung um HH:MM oder in N Sek. abbrechen\n" ++-" --tcp-server Socket ?ffnen und auf Verbindung warten\n" ++-" --tcp-client ADDR:PORT Socket ?ffnen und verbindung mit ...\n" ++-" -u, --unlink Datei nach ?bertragung l?schen\n" ++-" -U, --unrestrict eingeschr?nkten Modus aufheben (falls " +++" -s, --stop-at {HH:MM|+N} Ãœbertragung um HH:MM oder in N Sek. abbrechen\n" +++" --tcp-server Socket öffnen, Verbindung abwarten (Z)\n" +++" --tcp-client ADDR:PORT Socket öffnen, verbinden mit ... (Z)\n" +++" -u, --unlink Datei nach Ãœbertragung löschen\n" +++" -U, --unrestrict eingeschränkten Modus aufheben (falls " ++ "erlaubt)\n" ++ " -v, --verbose mehr ausgeben\n" ++-" -w, --windowsize N Fenstergr??e auf N Bytes setzen (Z)\n" +++" -w, --windowsize N Fenstergröße auf N Bytes setzen (Z)\n" ++ " -X --xmodem XMODEM-Protokoll benutzen\n" ++-" -y, --overwrite existierende Dateien ?berschreiben\n" ++-" -Y, --overwrite-or-skip wie `y', aber nicht existierende ?berspringen\n" +++" -y, --overwrite existierende Dateien überschreiben\n" +++" -Y, --overwrite-or-skip wie `y', aber nicht existierende überspringen\n" ++ " --ymodem YMODEM-Protokoll benutzen\n" ++ " -Z, --zmodem ZMODEM-Protokoll benutzen\n" ++ "\n" ++-"Kurze Optionen ben?tigen dieselben Argumente wie Lange.\n" +++"Kurze Optionen benötigen dieselben Argumente wie die langen.\n" ++ ++ #: src/lsz.c:1768 ++ msgid "got ZRQINIT" ++@@ -434,7 +435,7 @@ ++ #: src/lsz.c:1991 ++ #, c-format ++ msgid "blklen now %d\n" ++-msgstr "Blockgr??e nun %d\n" +++msgstr "Blockgröße nun %d\n" ++ ++ #: src/lsz.c:2053 ++ #, c-format ++@@ -453,7 +454,7 @@ ++ #: src/lsz.c:2223 ++ #, c-format ++ msgid "calc_blklen: reduced to %d due to error\n" ++-msgstr "calc_blklen: Blockgr?sse auf %d reduziert wegen Fehler\n" +++msgstr "calc_blklen: Blockgröße auf %d reduziert wegen Fehler\n" ++ ++ #: src/lsz.c:2256 ++ #, c-format ++@@ -468,12 +469,12 @@ ++ #: src/lsz.c:2267 ++ #, c-format ++ msgid "calc_blklen: calc total_bytes=%ld, bpe=%ld, ec=%ld\n" ++-msgstr "calc_blklen: kalkuliere gesamt_bytes=%ld, bpe=%le, ec=%ld\n" +++msgstr "calc_blklen: kalkuliere gesamt_bytes=%ld, bpe=%ld, ec=%ld\n" ++ ++ #: src/lsz.c:2278 ++ #, c-format ++ msgid "calc_blklen: blklen %d, ok %ld, failed %ld -> %lu\n" ++-msgstr "calc_blklen: Blockl?nge %d, ok %ld, fehlgeschlagen %ld -> %lu\n" +++msgstr "calc_blklen: Blocklänge %d, ok %ld, fehlgeschlagen %ld -> %lu\n" ++ ++ #: src/lsz.c:2290 ++ #, c-format ++@@ -512,7 +513,7 @@ ++ ++ #: src/zm.c:712 ++ msgid "Garbage count exceeded" ++-msgstr "Maximale Wiederholungsanzahl ?berschritten" +++msgstr "Maximale Wiederholungsanzahl überschritten" ++ ++ #: src/zm.c:773 ++ #, c-format ++@@ -526,11 +527,11 @@ ++ ++ #: src/lrz.c:382 ++ msgid "don't have settimeofday, will not set time\n" ++-msgstr "Zeitsynchronisation nicht ausf?hrbar, settimeofday() fehlt\n" +++msgstr "Zeitsynchronisation nicht ausführbar, settimeofday() fehlt\n" ++ ++ #: src/lrz.c:386 ++ msgid "not running as root (this is good!), can not set time\n" ++-msgstr "Zeitsynchronisation mangels Superuserrechten nicht ausf?hrbar\n" +++msgstr "Zeitsynchronisation mangels Superuserrechten nicht ausführbar\n" ++ ++ #: src/lrz.c:441 ++ msgid "bytes_per_error" ++@@ -542,16 +543,16 @@ ++ ++ #: src/lrz.c:455 ++ msgid "O_SYNC not supported by the kernel" ++-msgstr "O_SYNC vom Kernel nicht unterst?tzt" +++msgstr "O_SYNC vom Kernel nicht unterstützt" ++ ++ #: src/lrz.c:497 src/lrz.c:499 ++ msgid "garbage on commandline" ++-msgstr "M?ll auf der Kommandozeile" +++msgstr "Müll auf der Kommandozeile" ++ ++ #: src/lrz.c:604 ++ #, c-format ++ msgid "Usage: %s [options] [filename.if.xmodem]\n" ++-msgstr "Benutzung: %s [Optionen] [Dateiname.f?r.xmodem]\n" +++msgstr "Benutzung: %s [Optionen] [Dateiname.für.xmodem]\n" ++ ++ #: src/lrz.c:605 ++ msgid "Receive files with ZMODEM/YMODEM/XMODEM protocol\n" ++@@ -596,44 +597,44 @@ ++ "\n" ++ "short options use the same arguments as the long ones\n" ++ msgstr "" ++-" -+, --append an existierende Dateien anh?ngen\n" ++-" -a, --ascii ASCII-?bertragung (CR/LF nach LF wandeln)\n" ++-" -b, --binary Bin?r?bertragung (keine Umwandlungen)\n" +++" -+, --append an existierende Dateien anhängen\n" +++" -a, --ascii ASCII-Ãœbertragung (CR/LF nach LF wandeln)\n" +++" -b, --binary Binärübertragung (keine Umwandlungen)\n" ++ " -B, --bufsize N N Bytes puffern (auto: ganze Datei puffern)\n" ++-" -c, --with-crc 16bit CRC statt Pr?fsumme verwenden (X)\n" ++-" -C, --allow-remote-commands Ausf?hrung von Kommandos erlauben (Z)\n" +++" -c, --with-crc 16bit CRC statt Prüfsumme verwenden (X)\n" +++" -C, --allow-remote-commands Ausführung von Kommandos erlauben (Z)\n" ++ " -D, --null empfangene Daten nach /dev/null schreiben\n" ++ " --delay-startup N Bei Programmstart N Sek. schlafen (Debugging)\n" ++ " -e, --escape Alle Steuerzeichen escapen (Z)\n" ++-" -E, --rename Empf?nger soll Datei umbenennen falls\n" +++" -E, --rename Empfänger soll Datei umbenennen, falls\n" ++ " Zieldatei schon existiert\n" ++ " --errors N Einen CRC-Fehler alle N Bytes erzeugen\n" ++ " -h, --help Diesen Hilfstext ausgeben\n" ++-" -m, --min-bps N ?bertragung abbrechen bei weniger als N BPS\n" ++-" -M, --min-bps-time N f?r mindestens N Sekunden (Default: 120)\n" +++" -m, --min-bps N Ãœbertragung abbrechen bei weniger als N BPS\n" +++" -M, --min-bps-time N für mindestens N Sekunden (Default: 120)\n" ++ " -O, --disable-timeouts Timeoutbehandlung abschalten\n" ++ " --o-sync Ausgabedatei(en) im synchron schreiben\n" ++-" -p, --protect existierende Dateien nicht ver?ndern\n" +++" -p, --protect existierende Dateien nicht verändern\n" ++ " -q, --quiet leise, keine Ausgaben machen\n" ++-" -r, --resume unterbrochene ?bertragungen fortsetzen (Z)\n" ++-" -R, --restricted eingeschr?nkter, sichererer Modus\n" ++-" -s, --stop-at {HH:MM|+N} ?bertragung um HH:MM oder in N Sek. abbrechen\n" +++" -r, --resume unterbrochene Ãœbertragungen fortsetzen (Z)\n" +++" -R, --restricted eingeschränkter, sichererer Modus\n" +++" -s, --stop-at {HH:MM|+N} Ãœbertragung um HH:MM oder in N Sek. abbrechen\n" ++ " -S, --timesync Zeit anfordern (doppelt: lokale Zeit setzen)\n" ++-" --syslog[=off] syslog an- oder ausschalten, wenn m?glich\n" ++-" -t, --timeout N Timeout auf N Zehntelsekungen setzen\n" ++-" --tcp-server Socket ?ffnen und auf Verbindung warten\n" ++-" --tcp-client ADDR:PORT Socket ?ffnen und verbindung mit ...\n" +++" --syslog[=off] syslog an- oder ausschalten, wenn möglich\n" +++" -t, --timeout N Timeout auf N Zehntelsekunden setzen\n" +++" --tcp-server Socket öffnen, Verbindung abwarten (Z)\n" +++" --tcp-client ADDR:PORT Socket öffnen, verbinden mit ... (Z)\n" ++ " -u, --keep-uppercase GROSS geschrieben Dateinamen beibehalten\n" ++-" -U, --unrestrict eingeschr?nkten Modus aufheben (falls " +++" -U, --unrestrict eingeschränkten Modus aufheben (falls " ++ "erlaubt)\n" ++ " -v, --verbose mehr ausgeben\n" ++-" -w, --windowsize N Fenstergr??e auf N Bytes setzen (Z)\n" +++" -w, --windowsize N Fenstergröße auf N Bytes setzen (Z)\n" ++ " -X --xmodem XMODEM-Protokoll benutzen\n" ++-" -y, --overwrite existierende Dateien ?berschreiben\n" +++" -y, --overwrite existierende Dateien überschreiben\n" ++ " --ymodem YMODEM-Protokoll benutzen\n" ++ " -Z, --zmodem ZMODEM-Protokoll benutzen\n" ++ "\n" ++-"Kurze Optionen ben?tigen dieselben Argumente wie Lange.\n" +++"Kurze Optionen benötigen dieselben Argumente wie die langen.\n" ++ ++ #: src/lrz.c:676 ++ #, c-format ++@@ -662,11 +663,11 @@ ++ "%s: %s removed.\r\n" ++ msgstr "" ++ "\r\n" ++-"%s: %s gel?scht\r\n" +++"%s: %s gelöscht\r\n" ++ ++ #: src/lrz.c:856 ++ msgid "Pathname fetch returned EOT" ++-msgstr "Ende der ?bertragung beim Warten auf Dateinamen" +++msgstr "Ende der Ãœbertragung beim Warten auf Dateinamen" ++ ++ #: src/lrz.c:903 ++ msgid "Received dup Sector" ++@@ -682,7 +683,7 @@ ++ ++ #: src/lrz.c:976 ++ msgid "Checksum" ++-msgstr "Pr?fsummenfehler" +++msgstr "Prüfsummenfehler" ++ ++ #: src/lrz.c:979 ++ msgid "Sector number garbled" ++@@ -695,27 +696,27 @@ ++ #: src/lrz.c:1005 ++ #, c-format ++ msgid "Got 0%o sector header" ++-msgstr "Erhielt %02x als Sektorbest?tigung" +++msgstr "Erhielt %02x als Sektorbestätigung" ++ ++ #: src/lrz.c:1113 ++ #, c-format ++ msgid "file name ends with a /, skipped: %s\n" ++-msgstr "Dateiname endet mit /, ?bersprungen: %s\n" +++msgstr "Dateiname endet mit /, übersprungen: %s\n" ++ ++ #: src/lrz.c:1127 ++ #, c-format ++ msgid "zmanag=%d, Lzmanag=%d\n" ++-msgstr "" +++msgstr "zmanag=%d, Lzmanag=%d\n" ++ ++ #: src/lrz.c:1128 ++ #, c-format ++ msgid "zconv=%d\n" ++-msgstr "" +++msgstr "zconv=%d\n" ++ ++ #: src/lrz.c:1192 src/lrz.c:1226 ++ #, c-format ++ msgid "file exists, skipped: %s\n" ++-msgstr "Datei existiert, ?bersprungen: %s\n" +++msgstr "Datei existiert, übersprungen: %s\n" ++ ++ #: src/lrz.c:1267 ++ #, c-format ++@@ -739,7 +740,7 @@ ++ #: src/lrz.c:1545 ++ #, c-format ++ msgid "Blocks received: %d" ++-msgstr "Bl?cke empfangen: %d" +++msgstr "Blöcke empfangen: %d" ++ ++ #: src/lrz.c:1599 ++ #, c-format ++@@ -749,15 +750,15 @@ ++ #: src/lrz.c:1612 src/lrz.c:1620 ++ #, c-format ++ msgid "%s:\tSecurity Violation" ++-msgstr "%s:\tSicherheitsversto?" +++msgstr "%s:\tSicherheitsverstoß" ++ ++ #: src/lrz.c:1730 ++ msgid "remote command execution requested" ++-msgstr "Gegenseite versucht Kommandoausf?hrung" +++msgstr "Gegenseite versucht Kommandoausführung" ++ ++ #: src/lrz.c:1737 ++ msgid "not executed" ++-msgstr "nicht ausgef?hrt" +++msgstr "nicht ausgeführt" ++ ++ #: src/lrz.c:1768 ++ msgid "got ZRINIT" ++@@ -765,7 +766,7 @@ ++ ++ #: src/lrz.c:1817 ++ msgid "Skipped" ++-msgstr "?bersprungen" +++msgstr "Ãœbersprungen" ++ ++ #. too bad ++ #: src/lrz.c:2049 ++@@ -785,7 +786,7 @@ ++ ++ #: src/lrz.c:2215 ++ msgid "file close error" ++-msgstr "Fehler beim Schlie?en der Datei" +++msgstr "Fehler beim Schließen der Datei" ++ ++ #~ msgid "tcp protocol init failed\n" ++ #~ msgstr "TCP Protokoll Initialisierung fehlgeschlagen\n" ++@@ -796,17 +797,3 @@ ++ #~ msgid "fgets for tcp protocol synchronization failed: " ++ #~ msgstr "fgets() bei tcp Protokoll Synchronisation fehlgeschlagen: " ++ ++-#~ msgid "Transfer complete." ++-#~ msgstr "?bertragung abgeschlossen" ++- ++-#~ msgid "at" ++-#~ msgstr "um" ++- ++-#~ msgid "TIMESYNC: failed\n" ++-#~ msgstr "Zeitsynchronisation: fehlgeschlagen\n" ++- ++-#~ msgid "TIMESYNC: ok\n" ++-#~ msgstr "Zeitsynchronisation: ok\n" ++- ++-#~ msgid "Falldown to %ld blklen" ++-#~ msgstr "Blockgr??e auf %ld gesenkt" diff --git a/patches/source/minicom/minicom.SlackBuild b/patches/source/minicom/minicom.SlackBuild new file mode 100755 index 000000000..8e974737d --- /dev/null +++ b/patches/source/minicom/minicom.SlackBuild @@ -0,0 +1,160 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012, 2013, 2017 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=2.7.1 +BUILD=${BUILD:-1_slack13.0} + +NUMJOBS=${NUMJOBS:--j6} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-minicom + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +# minicom +cd $TMP +rm -rf minicom-$VERSION +tar xvf $CWD/minicom-$VERSION.tar.xz || exit 1 +cd minicom-$VERSION + +# The following command renames the internal implementation of getline +# to g_getline as newer versions of Glibc provide an incompatible version: +#sed -i -e "s/getline/g_&/" $(grep -lr getline *) + +chown -R root:root . +find . -perm 777 -exec chmod 755 {} \; +find . -perm 664 -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +mkdir -p $PKG/etc +zcat $CWD/minicom.users.gz > $PKG/etc/minicom.users.new +printf "# Machine-generated file - use \"minicom -s\" to change parameters.\n" \ + > $PKG/etc/minirc.dfl.new + +mkdir -p $PKG/usr/doc/minicom-$VERSION +cp -a \ + AUTHORS COPYING* ChangeLog FILE_ID.DIZ INSTALL NEWS README* TODO doc \ + $PKG/usr/doc/minicom-$VERSION +rm -f $PKG/usr/doc/minicom-$VERSION/doc/{ChangeLog.old,Makefile*} + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +# lzrz + +cd $TMP +rm -rf lrzsz-990823 +tar xvf $CWD/lrzsz_0.12.21.orig.tar.gz || exit 1 +cd lrzsz-990823 +chown -R root:root . + +# Make x86_64 a valid machine type (thanks to Fred Emmott) +zcat $CWD/config.sub-x86_64.diff.gz | patch -p1 --verbose || exit 1 + +# Apply some of the debian patches +zcat $CWD/lrzsz_0.12.21-5.diff.gz | patch -p1 --verbose || exit 1 +rm -f debian/patches/{206499_ymodemg.diff.unchecked,206648_dszlog.diff.unchecked} +for i in debian/patches/* ; do patch -p1 < $i || exit 1 ; done + +./configure \ + --prefix=/usr \ + --mandir=/usr/man \ + --build=$ARCH-slackware-linux + +touch stamp-h.in # to stop autoheader from running +touch -d yesterday aclocal.m4 # to stop automake from running + +make $NUMJOBS || make || exit 1 + +cp src/lrz src/lsz $PKG/usr/bin +chmod 0755 $PKG/usr/bin/{lrz,lsz} + +cp man/{lrz,lsz}.1 $PKG/usr/man/man1 +echo '.so man1/lrz.1' > $PKG/usr/man/man1/rz.1 +echo '.so man1/lsz.1' > $PKG/usr/man/man1/sz.1 + +mkdir -p $PKG/usr/share/locale/de/LC_MESSAGES +cat po/de.gmo > $PKG/usr/share/locale/de/LC_MESSAGES/lrzsz.mo + +mkdir -p $PKG/usr/doc/lrzsz-0.12.21 +cp -a \ + AUTHORS COMPATABILITY COPYING* INSTALL NEWS README* THANKS TODO \ + $PKG/usr/doc/lrzsz-0.12.21 + +( cd $PKG/usr/bin + for i in lrb lrx rz ; do ln -s lrz $i ; done + for i in lsb lsx sz ; do ln -s lsz $i ; done + for i in rx rb ; do ln -s rz $i ; done + for i in sb sx ; do ln -s sz $i ; done +) + +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +find $PKG/usr/man -type f -exec gzip -9 {} \; + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/minicom-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/minicom/minicom.users b/patches/source/minicom/minicom.users new file mode 100644 index 000000000..509d86f41 --- /dev/null +++ b/patches/source/minicom/minicom.users @@ -0,0 +1,36 @@ +# $Id: minicom.users,v 1.1.1.1 1999/12/18 11:18:51 misiek Exp $ +# Minicom.users Access file for the minicom program. +# +# Format: Either just one username per line, or +# a username followed by one or more +# configuration-names. The name of the +# default configuration is "dfl". The maximum +# significant line length is 70 characters. +# +# Location: The minicom library directory, probably +# /etc or /var/lib/minicom or whatever. +# +# Notes: If you don't install this file in the +# specified location, everybody will have +# access to minicom. +# +# This doesn't matter if minicom isn't installed +# setuid root since access will then be based +# on the permissions set on the serial port. +# + +# +# Who may use minicom? +# +# User [line] [..line] +# + +# Everyone has access to all configurations. +ALL + +## The rest are examples. +## # Erik only has access to the default configuration +## erik dfl +## +## # minicom has access to the default configuration, and configuration 'tty5'. +## minicom dfl tty5 diff --git a/patches/source/minicom/slack-desc b/patches/source/minicom/slack-desc new file mode 100644 index 000000000..4aa6302bd --- /dev/null +++ b/patches/source/minicom/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +minicom: minicom (communications package) +minicom: +minicom: Minicom - a full featured menu-driven communications package similar +minicom: to the DOS program 'Telix'. Also includes sz/rz - utilities used to +minicom: upload and download files using the Zmodem protocol. +minicom: +minicom: Homepage: http://alioth.debian.org/projects/minicom +minicom: +minicom: +minicom: +minicom: diff --git a/patches/source/mozilla-firefox/firefox.moz_plugin_path.diff b/patches/source/mozilla-firefox/firefox.moz_plugin_path.diff new file mode 100644 index 000000000..761f295a4 --- /dev/null +++ b/patches/source/mozilla-firefox/firefox.moz_plugin_path.diff @@ -0,0 +1,17 @@ +--- ./firefox.orig 2008-05-29 15:21:18.000000000 -0500 ++++ ./firefox 2008-06-17 12:19:26.000000000 -0500 +@@ -54,6 +54,14 @@ + + moz_libdir=/usr/local/lib/firefox-3.0 + ++# Include /usr/lib/mozilla/plugins in the plugin path: ++if [ "$MOZ_PLUGIN_PATH" ] ; then ++ MOZ_PLUGIN_PATH=$MOZ_PLUGIN_PATH:${moz_libdir}/plugins:/usr/lib/mozilla/plugins ++else ++ MOZ_PLUGIN_PATH=${moz_libdir}/plugins:/usr/lib/mozilla/plugins ++fi ++export MOZ_PLUGIN_PATH ++ + # Use run-mozilla.sh in the current dir if it exists + # If not, then start resolving symlinks until we find run-mozilla.sh + found=0 diff --git a/patches/source/mozilla-firefox/firefox.png b/patches/source/mozilla-firefox/firefox.png Binary files differnew file mode 100644 index 000000000..76204b5d2 --- /dev/null +++ b/patches/source/mozilla-firefox/firefox.png diff --git a/patches/source/mozilla-firefox/mimeTypes.rdf b/patches/source/mozilla-firefox/mimeTypes.rdf new file mode 100644 index 000000000..f3bc7b406 --- /dev/null +++ b/patches/source/mozilla-firefox/mimeTypes.rdf @@ -0,0 +1,28 @@ +<?xml version="1.0"?> +<RDF:RDF xmlns:NC="http://home.netscape.com/NC-rdf#" + xmlns:RDF="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> + <RDF:Seq RDF:about="urn:mimetypes:root"> + </RDF:Seq> + <RDF:Description RDF:about="urn:mimetypes"> + <NC:MIME-types RDF:resource="urn:mimetypes:root"/> + </RDF:Description> + <RDF:Description RDF:about="urn:scheme:mailto" + NC:value="mailto"> + <NC:handlerProp RDF:resource="urn:scheme:handler:mailto"/> + </RDF:Description> + <RDF:Description RDF:about="urn:handler:web:http://compose.mail.yahoo.com/?To=%s" + NC:prettyName="Yahoo! Mail" + NC:uriTemplate="http://compose.mail.yahoo.com/?To=%s" /> + <RDF:Description RDF:about="urn:handler:web:https://mail.google.com/mail/?extsrc=mailto&url=%s" + NC:prettyName="GMail" + NC:uriTemplate="https://mail.google.com/mail/?extsrc=mailto&url=%s" /> + <RDF:Description RDF:about="urn:scheme:handler:mailto" + NC:alwaysAsk="true"> + <NC:possibleApplication RDF:resource="urn:handler:web:http://compose.mail.yahoo.com/?To=%s"/> + <NC:possibleApplication RDF:resource="urn:handler:web:https://mail.google.com/mail/?extsrc=mailto&url=%s"/> + <NC:possibleApplication RDF:resource="urn:handler:local:/usr/bin/thunderbird"/> + </RDF:Description> + <RDF:Description RDF:about="urn:handler:local:/usr/bin/thunderbird" + NC:prettyName="thunderbird" + NC:path="/usr/bin/thunderbird" /> +</RDF:RDF> diff --git a/patches/source/mozilla-firefox/mozilla-firefox-mimeTypes-fix.diff b/patches/source/mozilla-firefox/mozilla-firefox-mimeTypes-fix.diff new file mode 100644 index 000000000..222113044 --- /dev/null +++ b/patches/source/mozilla-firefox/mozilla-firefox-mimeTypes-fix.diff @@ -0,0 +1,45 @@ +diff -Nur mozilla-1.9.1.orig/browser/locales/generic/profile/mimeTypes.rdf mozilla-1.9.1/browser/locales/generic/profile/mimeTypes.rdf +--- mozilla-1.9.1.orig/browser/locales/generic/profile/mimeTypes.rdf 2009-06-29 11:14:41.000000000 -0500 ++++ mozilla-1.9.1/browser/locales/generic/profile/mimeTypes.rdf 2009-07-01 08:28:05.407353867 -0500 +@@ -1,13 +1,28 @@ +-<?xml version="1.0"?> +- +-<RDF xmlns="http://www.w3.org/1999/02/22-rdf-syntax-ns#" +- xmlns:NC="http://home.netscape.com/NC-rdf#" +- xmlns:RDF="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> +- +- <Description about="urn:mimetypes"> +- <NC:MIME-types> +- <Seq about="urn:mimetypes:root"> +- </Seq> +- </NC:MIME-types> +- </Description> +-</RDF> ++<?xml version="1.0"?> ++<RDF:RDF xmlns:NC="http://home.netscape.com/NC-rdf#" ++ xmlns:RDF="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> ++ <RDF:Seq RDF:about="urn:mimetypes:root"> ++ </RDF:Seq> ++ <RDF:Description RDF:about="urn:mimetypes"> ++ <NC:MIME-types RDF:resource="urn:mimetypes:root"/> ++ </RDF:Description> ++ <RDF:Description RDF:about="urn:scheme:mailto" ++ NC:value="mailto"> ++ <NC:handlerProp RDF:resource="urn:scheme:handler:mailto"/> ++ </RDF:Description> ++ <RDF:Description RDF:about="urn:handler:web:http://compose.mail.yahoo.com/?To=%s" ++ NC:prettyName="Yahoo! Mail" ++ NC:uriTemplate="http://compose.mail.yahoo.com/?To=%s" /> ++ <RDF:Description RDF:about="urn:handler:web:https://mail.google.com/mail/?extsrc=mailto&url=%s" ++ NC:prettyName="GMail" ++ NC:uriTemplate="https://mail.google.com/mail/?extsrc=mailto&url=%s" /> ++ <RDF:Description RDF:about="urn:scheme:handler:mailto" ++ NC:alwaysAsk="true"> ++ <NC:possibleApplication RDF:resource="urn:handler:web:http://compose.mail.yahoo.com/?To=%s"/> ++ <NC:possibleApplication RDF:resource="urn:handler:web:https://mail.google.com/mail/?extsrc=mailto&url=%s"/> ++ <NC:possibleApplication RDF:resource="urn:handler:local:/usr/bin/thunderbird"/> ++ </RDF:Description> ++ <RDF:Description RDF:about="urn:handler:local:/usr/bin/thunderbird" ++ NC:prettyName="thunderbird" ++ NC:path="/usr/bin/thunderbird" /> ++</RDF:RDF> diff --git a/patches/source/mozilla-firefox/mozilla-firefox.SlackBuild b/patches/source/mozilla-firefox/mozilla-firefox.SlackBuild new file mode 100755 index 000000000..dd4b8825b --- /dev/null +++ b/patches/source/mozilla-firefox/mozilla-firefox.SlackBuild @@ -0,0 +1,190 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# Thanks to the folks at the Mozilla Foundation for permission to +# distribute this, and for all the great work! :-) + +VERSION=$(basename $(ls firefox-*.tar.bz2 | cut -d - -f 2 | rev | cut -f 3- -d . | rev) .source) +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi +BUILD=${BUILD:-1_slack13.0} + +MOZVERS=${MOZVERS:-1.9.2} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Try to be gentle to the compiler, no optimizations: +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O -fPIC" + LIBDIRSUFFIX="64" +elif [ "$ARCH" = "arm" ]; then + SLKCFLAGS="-O2 -march=armv4 -mtune=xscale" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "armel" ]; then + SLKCFLAGS="-O2 -march=armv4t" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-mozilla-firefox + +rm -rf $PKG +mkdir -p $TMP $PKG/usr/lib${LIBDIRSUFFIX} + +cd $TMP +rm -rf mozilla-$MOZVERS +tar xvf $CWD/firefox-$VERSION.source.tar.bz2 || exit 1 +cd mozilla-$MOZVERS || exit 1 + +# Fix a long standing bug that's prevented staying current on GTK+. +# Thanks to the BLFS folks. :-) +cat << EOF >> layout/build/Makefile.in + +ifdef MOZ_ENABLE_CANVAS +EXTRA_DSO_LDOPTS += \$(XLDFLAGS) -lX11 -lXrender +endif + +EOF + +# Patch mimeTypes.rdf +# Uncomment this if you want to use the patch; otherwise, we overwrite the +# mimeTypes.rdf inside the package directory later +# zcat $CWD/mozilla-firefox-mimeTypes-fix.diff.gz | patch -p1 || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +export MOZILLA_OFFICIAL="1" && +export BUILD_OFFICIAL="1" && +export MOZ_PHOENIX="1" && +export CFLAGS="$SLKCFLAGS" && +export CXXFLAGS="$SLKCFLAGS" && +./configure \ + --enable-official-branding \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-default-mozilla-five-home=/usr/lib${LIBDIRSUFFIX}/firefox-$VERSION \ + --with-system-zlib \ + --enable-application=browser \ + --enable-default-toolkit=cairo-gtk2 \ + --enable-crypto \ + --enable-svg \ + --enable-canvas \ + --enable-xft \ + --enable-xinerama \ + --enable-optimize \ + --enable-reorder \ + --enable-strip \ + --enable-system-cairo \ + --enable-cpp-rtti \ + --enable-single-profile \ + --disable-ldap \ + --disable-accessibility \ + --disable-debug \ + --disable-tests \ + --disable-libnotify \ + --disable-logging \ + --disable-pedantic \ + --disable-installer \ + --disable-mailnews \ + --disable-composer \ + --disable-profilesharing + # Complains about missing APNG support in Slackware's libpng: + #--with-system-png \ + +#make -f client.mk build MOZ_MAKE_FLAGS="$NUMJOBS" || exit 1 +make MOZ_MAKE_FLAGS="$NUMJOBS" $NUMJOBS || exit 1 +make install DESTDIR=$PKG || exit 1 + +# We don't need these (just symlinks anyway): +rm -rf $PKG/usr/lib${LIBDIRSUFFIX}/firefox-devel-$VERSION + +# Nor these: +rm -rf $PKG/usr/include + +( cd $PKG/usr/lib${LIBDIRSUFFIX}/firefox-$VERSION + #mv defaults/profile/mimeTypes.rdf defaults/profile/mimeTypes.rdf.orig || exit 1 + zcat $CWD/mimeTypes.rdf > defaults/profile/mimeTypes.rdf || exit 1 + zcat $CWD/firefox.moz_plugin_path.diff.gz \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + | patch -p1 --verbose --backup --suffix=.orig || exit 1 + # Clean up if the above patch was successful: + rm -f firefox.orig +) || exit + +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/mozilla/plugins +mkdir -p $PKG/usr/share/applications +cat $CWD/mozilla-firefox.desktop > $PKG/usr/share/applications/mozilla-firefox.desktop +mkdir -p $PKG/usr/share/pixmaps +cat $CWD/firefox.png > $PKG/usr/share/pixmaps/firefox.png + +# These files/directories are usually created if Firefox is run as root, +# which on many systems might (and possibly should) be never. Therefore, if we +# don't see them we'll put stubs in place to prevent startup errors. +( cd $PKG/usr/lib${LIBDIRSUFFIX}/firefox-$VERSION + if [ -d extensions/talkback\@mozilla.org ]; then + if [ ! -r extensions/talkback\@mozilla.org/chrome.manifest ]; then + echo > extensions/talkback\@mozilla.org/chrome.manifest + fi + fi + if [ ! -d updates ]; then + mkdir -p updates/0 + fi +) + +# Need some default icons in the right place: +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/firefox-$VERSION/chrome/icons/default +install -m 644 other-licenses/branding/firefox/default16.png \ + $PKG/usr/lib${LIBDIRSUFFIX}/firefox-$VERSION/icons/ +install -m 644 other-licenses/branding/firefox/default16.png \ + $PKG/usr/lib${LIBDIRSUFFIX}/firefox-$VERSION/chrome/icons/default/ +( cd $PKG/usr/lib${LIBDIRSUFFIX}/firefox-$VERSION + install -m 644 icons/{default,mozicon50}.xpm chrome/icons/default/ +) + +# Copy over the LICENSE +install -p -c -m 644 LICENSE $PKG/usr/lib${LIBDIRSUFFIX}/firefox-$VERSION/ + +mkdir $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/mozilla-firefox-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/mozilla-firefox/mozilla-firefox.desktop b/patches/source/mozilla-firefox/mozilla-firefox.desktop new file mode 100644 index 000000000..23be26f3a --- /dev/null +++ b/patches/source/mozilla-firefox/mozilla-firefox.desktop @@ -0,0 +1,80 @@ +[Desktop Entry] +Exec=firefox %u +Icon=firefox +Type=Application +Categories=Network; +Name=Firefox +Name[bn]=ফায়ারফকà§à¦¸ +Name[eo]=Mozilo Fajrovulpo +Name[fi]=Mozilla Firefox +Name[pa]=ਫਾਇਰਫੋਕਸ +Name[tg]=Рӯбоҳи оташин +GenericName=Web Browser +GenericName[af]=Web Blaaier +GenericName[ar]=متصÙØ ÙˆÙŠØ¨ +GenericName[az]=Veb SÉ™yyahı +GenericName[bg]=Браузър +GenericName[bn]=ওয়েব বà§à¦°à¦¾à¦‰à¦œà¦¾à¦° +GenericName[br]=Furcher ar Gwiad +GenericName[bs]=WWW Preglednik +GenericName[ca]=Fullejador web +GenericName[cs]=WWW prohlÞeÄ +GenericName[cy]=Porydd Gwe +GenericName[da]=Browser +GenericName[de]=Web-Browser +GenericName[el]=ΠεÏιηγητής Î™ÏƒÏ„Î¿Ï +GenericName[eo]=TTT-legilo +GenericName[es]=Navegador web +GenericName[et]=Veebilehitseja +GenericName[eu]=Web arakatzailea +GenericName[fa]=مرورگر وب +GenericName[fi]=WWW-selain +GenericName[fo]=Alnótsfar +GenericName[fr]=Navigateur web +GenericName[gl]=Navegador Web +GenericName[he]=דפדפן ××™× ×˜×¨× ×˜ +GenericName[hi]=वेब बà¥à¤°à¤¾à¤‰à¤œà¤¼à¤° +GenericName[hr]=Web preglednik +GenericName[hu]=WebböngészÅ‘ +GenericName[is]=Vafri +GenericName[it]=Browser Web +GenericName[ja]=ウェブブラウザ +GenericName[ko]=웹 브ë¼ìš°ì € +GenericName[lo]=ເວັບບຣາວເຊີ +GenericName[lt]=Žiniatinklio narÅ¡yklÄ— +GenericName[lv]=Web PÄrlÅ«ks +GenericName[mk]=ПрелиÑтувач на Интернет +GenericName[mn]=Веб-Хөтөч +GenericName[nb]=Nettleser +GenericName[nds]=Nettkieker +GenericName[nl]=Webbrowser +GenericName[nn]=Nettlesar +GenericName[nso]=Seinyakisi sa Web +GenericName[pa]=ਵੈਬ à¨à¨²à¨•à¨¾à¨°à¨¾ +GenericName[pl]=PrzeglÄ…darka WWW +GenericName[pt]=Navegador Web +GenericName[pt_BR]=Navegador Web +GenericName[ro]=Navigator de web +GenericName[ru]=Веб-браузер +GenericName[se]=Fierpmádatlogan +GenericName[sk]=Webový prehliadaÄ +GenericName[sl]=Spletni brskalnik +GenericName[sr]=Веб претраживач +GenericName[sr@Latn]=Veb pretraživaÄ +GenericName[ss]=Ibrawuza yeWeb +GenericName[sv]=Webbläsare +GenericName[ta]=வலை உலாவி +GenericName[tg]=ТафÑиргари вÑб +GenericName[th]=เว็บบราวเซà¸à¸£à¹Œ +GenericName[tr]=Web Tarayıcı +GenericName[uk]=Ðавігатор Тенет +GenericName[uz]=Веб-браузер +GenericName[ven]=Buronza ya Webu +GenericName[vi]=Trình duyệt Web +GenericName[wa]=Betchteu waibe +GenericName[xh]=Umkhangeli zincwadi we Web +GenericName[zh_CN]=网页æµè§ˆå™¨ +GenericName[zh_TW]=網é ç€è¦½å™¨ +GenericName[zu]=Umcingi we-Web +MimeType=text/html; +X-KDE-StartupNotify=true diff --git a/patches/source/mozilla-firefox/slack-desc b/patches/source/mozilla-firefox/slack-desc new file mode 100644 index 000000000..a54bac8f0 --- /dev/null +++ b/patches/source/mozilla-firefox/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +mozilla-firefox: mozilla-firefox (Mozilla Firefox Web browser) +mozilla-firefox: +mozilla-firefox: This project is a redesign of the Mozilla browser component written +mozilla-firefox: using the XUL user interface language. Firefox empowers you to +mozilla-firefox: browse faster, more safely and more efficiently than with any other +mozilla-firefox: browser. +mozilla-firefox: +mozilla-firefox: Visit the Mozilla Firefox project online: +mozilla-firefox: http://www.mozilla.org/projects/firefox/ +mozilla-firefox: +mozilla-firefox: diff --git a/patches/source/mozilla-thunderbird/mimeTypes.rdf b/patches/source/mozilla-thunderbird/mimeTypes.rdf new file mode 100644 index 000000000..366df44bc --- /dev/null +++ b/patches/source/mozilla-thunderbird/mimeTypes.rdf @@ -0,0 +1,113 @@ +<?xml version="1.0"?> + +<!-- + This file is used as a persistent data store for helper application + information about both MIME type and protocol scheme helpers. + + The root of the data are the two containers + <RDF:Seq about="urn:mimetypes:root"/> and <RDF:Seq about="urn:schemes:root"/>. + + These contain one <RDF:li/> entry per MIME type/protocol. Each <RDF:li/> entry + corresponds to a "urn:<class>:<type>" resource, where <class> is either + "mimetype" or "scheme" and <type> is either a MIME type in "major/minor" format + or a scheme. For example, for HTML we would have "urn:mimetype:text/html", + while for mailto: we would have "urn:scheme:mailto". + + Typically, this resource will be in the <RDF:Description/> node which has the + corresponding "about" attribute. + + Each "urn:<class>:<type>" resource can have the following properties: + + NC:Value - the MIME type or scheme string + NC:editable - a "true" or "false" depending on whether this entry is + editable + NC:description - a description of the type ("HTML Document" for text/html) + NC:fileExtensions - for MIME types, there will be one of these properties + per extension that corresponds to this MIME type, + each one having a single extension as its value. + NC:handlerProp - the way the type should be handled. This corresponds to a + "urn:<class>:handler:<type>" resource. Eg, the way HTML is + handled would be stored in the + "urn:mimetype:handler:text/html" resource. + + Each "urn:<class>:handler:<type>" resource can have the following properties: + + NC:useSystemDefault - "true" if we should handle per default OS setting, + "false" or not set otherwise + NC:saveToDisk - "true" if the data should be saved to disk, "false" or not + set otherwise. + (Note - if both of these are false, that means "open in helper app") + NC:alwaysAsk - "true" if the user should always be prompted before handling + data of this type, false otherwise. + NC:externalApplication - the preferred helper application to use for this + type. This corresponds to a + "urn:<class>:externalApplication:<type>" resource. + NC:possibleApplication - a helper application that can be used for this type. + Since there can be multiple possible applications, + there can be multiple assertions in the graph with + this property for a given handler resource. + + Each "urn:<class>:externalApplication:<type>" resource, and each resource + that represents a possible application, can have the following property: + + NC:prettyName - the "pretty name" of the application ("Acrobat Reader" for + /usr/bin/acroread, eg). + + If the resource represents a local application, then it can have the following + property: + + NC:path - the path to the application on the local filesystem, for example + /usr/bin/test or C:\windows\system32\cmd.exe. + + If the resource represents a web application, then it can have the following + property: + + NC:uriTemplate - a URI pointing to the web application to which the type + should be handed off, with %s in the template representing + the place where the content should be inserted. For example, + here is a URI template for a service that lets you email + an address in a mailto: link: + http://www.example.com/sendmail?link=%s +--> + +<RDF:RDF xmlns:RDF="http://www.w3.org/1999/02/22-rdf-syntax-ns#" + xmlns:NC="http://home.netscape.com/NC-rdf#"> + + <RDF:Description about="urn:mimetypes"> + <NC:MIME-types> + <RDF:Seq about="urn:mimetypes:root"> + </RDF:Seq> + </NC:MIME-types> + </RDF:Description> + + <RDF:Description RDF:about="urn:scheme:handler:http" + NC:alwaysAsk="false"> + <NC:externalApplication RDF:resource="urn:scheme:externalApplication:http"/> + </RDF:Description> + <RDF:Description RDF:about="urn:scheme:externalApplication:http" + NC:prettyName="firefox" + NC:path="/usr/bin/firefox" /> + <RDF:Description RDF:about="urn:schemes"> + <NC:Protocol-Schemes RDF:resource="urn:schemes:root"/> + </RDF:Description> + <RDF:Description RDF:about="urn:scheme:http" + NC:value="http"> + <NC:handlerProp RDF:resource="urn:scheme:handler:http"/> + </RDF:Description> + + <RDF:Description RDF:about="urn:scheme:handler:https" + NC:alwaysAsk="false"> + <NC:externalApplication RDF:resource="urn:scheme:externalApplication:https"/> + </RDF:Description> + <RDF:Description RDF:about="urn:scheme:externalApplication:https" + NC:prettyName="firefox" + NC:path="/usr/bin/firefox" /> + <RDF:Description RDF:about="urn:schemes"> + <NC:Protocol-Schemes RDF:resource="urn:schemes:root"/> + </RDF:Description> + <RDF:Description RDF:about="urn:scheme:https" + NC:value="https"> + <NC:handlerProp RDF:resource="urn:scheme:handler:https"/> + </RDF:Description> + +</RDF:RDF> diff --git a/patches/source/mozilla-thunderbird/mozilla-thunderbird.SlackBuild b/patches/source/mozilla-thunderbird/mozilla-thunderbird.SlackBuild new file mode 100755 index 000000000..12131b246 --- /dev/null +++ b/patches/source/mozilla-thunderbird/mozilla-thunderbird.SlackBuild @@ -0,0 +1,181 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# Thanks to the folks at the Mozilla Foundation for permission to +# distribute this, and for all the great work! :-) + +VERSION=$(basename $(ls thunderbird-*.tar.bz2 | cut -d - -f 2 | rev | cut -f 3- -d . | rev) .source) +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +MOZVERS=${MOZVERS:-1.9.2} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Try to be gentle to the compiler, no optimizations: +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O -fPIC" + LIBDIRSUFFIX="64" +elif [ "$ARCH" = "arm" ]; then + SLKCFLAGS="-O2 -march=armv4 -mtune=xscale" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "armel" ]; then + SLKCFLAGS="-O2 -march=armv4t" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-mozilla-thunderbird + +rm -rf $PKG +mkdir -p $TMP $PKG/usr/lib${LIBDIRSUFFIX} + +cd $TMP +rm -rf comm-$MOZVERS +tar xvf $CWD/thunderbird-$VERSION.source.tar.bz2 || exit 1 +cd comm-$MOZVERS || exit 1 + +# Fix a long standing bug that's prevented staying current on GTK+. +# Thanks to the BLFS folks. :-) +cat << EOF >> mozilla/layout/build/Makefile.in + +ifdef MOZ_ENABLE_CANVAS +EXTRA_DSO_LDOPTS += \$(XLDFLAGS) -lX11 -lXrender +endif + +EOF + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +export MOZILLA_OFFICIAL="1" && +export BUILD_OFFICIAL="1" && +export MOZ_PHOENIX="1" && +export CFLAGS="$SLKCFLAGS" && +export CXXFLAGS="$SLKCFLAGS" && +export MOZ_MAKE_FLAGS="$NUMJOBS" && +./configure \ + --enable-official-branding \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-default-mozilla-five-home=/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION \ + --with-system-zlib \ + --enable-application=mail \ + --enable-default-toolkit=cairo-gtk2 \ + --enable-crypto \ + --enable-svg \ + --enable-canvas \ + --enable-xft \ + --enable-xinerama \ + --enable-ldap \ + --enable-optimize \ + --enable-reorder \ + --enable-static \ + --enable-strip \ + --enable-system-cairo \ + --enable-cpp-rtti \ + --enable-single-profile \ + --disable-startup-notification \ + --disable-accessibility \ + --disable-debug \ + --disable-tests \ + --disable-logging \ + --disable-pedantic \ + --disable-installer \ + --disable-profilesharing + # Complains about missing APNG support in Slackware's libpng: + #--with-system-png \ + +#make -f client.mk build MOZ_MAKE_FLAGS="$NUMJOBS" || exit 1 +make $NUMJOBS || exit 1 +make install DESTDIR=$PKG || exit 1 + +# We don't need these (just symlinks anyway): +rm -rf $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-devel-$VERSION + +# Nor these: +rm -rf $PKG/usr/include + +( cd $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION + cp -a defaults/profile/mimeTypes.rdf defaults/profile/mimeTypes.rdf.orig + zcat $CWD/mimeTypes.rdf > defaults/profile/mimeTypes.rdf || exit 1 +) || exit 1 + +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/mozilla/plugins +mkdir -p $PKG/usr/share/applications +cat $CWD/mozilla-thunderbird.desktop > $PKG/usr/share/applications/mozilla-thunderbird.desktop +mkdir -p $PKG/usr/share/pixmaps +cat $CWD/thunderbird.png > $PKG/usr/share/pixmaps/thunderbird.png + +# These files/directories are usually created if Firefox is run as root, +# which on many systems might (and possibly should) be never. Therefore, if we +# don't see them we'll put stubs in place to prevent startup errors. +( cd $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION + if [ -d extensions/talkback\@mozilla.org ]; then + if [ ! -r extensions/talkback\@mozilla.org/chrome.manifest ]; then + echo > extensions/talkback\@mozilla.org/chrome.manifest + fi + fi + if [ ! -d updates ]; then + mkdir -p updates/0 + fi +) + +# Need some default icons in the right place: +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION/chrome/icons/default +install -m 644 other-licenses/branding/thunderbird/default16.png \ + $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION/icons/ +install -m 644 other-licenses/branding/thunderbird/default16.png \ + $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION/chrome/icons/default/ +( cd $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION + install -m 644 icons/{default,mozicon50}.xpm chrome/icons/default/ +) + +# Copy over the LICENSE +install -p -c -m 644 LICENSE $PKG/usr/lib${LIBDIRSUFFIX}/thunderbird-$VERSION/ + +mkdir $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/mozilla-thunderbird-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/mozilla-thunderbird/mozilla-thunderbird.desktop b/patches/source/mozilla-thunderbird/mozilla-thunderbird.desktop new file mode 100644 index 000000000..0f85ecbe1 --- /dev/null +++ b/patches/source/mozilla-thunderbird/mozilla-thunderbird.desktop @@ -0,0 +1,84 @@ +[Desktop Entry] +Encoding=UTF-8 +Exec=thunderbird +Icon=/usr/share/pixmaps/thunderbird.png +Type=Application +Categories=Application;Network; +Name=Thunderbird +Name[bn]=থাণà§à¦¡à¦¾à¦°à¦¬à¦¾à¦°à§à¦¡ +Name[eo]=Mozilo Tondrobirdo +Name[fi]=Mozilla Thunderbird +Name[pa]=ਥੰਡਰਬਰਡ +Name[tg]=Паррандаи бало +GenericName=Mail Client +GenericName[af]=Pos Kliënt +GenericName[ar]=البريد الألكتروني +GenericName[az]=Poçt Alıcısı +GenericName[be]=Паштовы кліент +GenericName[bg]=ПощенÑки клиент +GenericName[bn]=ইমেইল কà§à¦²à¦¾à§Ÿà§‡à¦¨à§à¦Ÿ +GenericName[br]=Arval postel +GenericName[bs]=Program za Äitanje elektronske poÅ¡te +GenericName[ca]=Client de correu electrònic +GenericName[cs]=Klient pro Ätenà elektronické poÅ¡ty +GenericName[cy]=Dibynnydd Ebost +GenericName[da]=E-mail-klient +GenericName[de]=E-Mail-Programm +GenericName[el]=Πελάτης mail +GenericName[eo]=Legi kaj sendi retpoÅton +GenericName[es]=Cliente de correo electrónico +GenericName[et]=Meiliklient +GenericName[eu]=Posta bezeroa +GenericName[fa]=کارگیر پست الکترونیکی +GenericName[fi]=Sähköpostiohjelma +GenericName[fo]=Postforrit +GenericName[fr]=Logiciel de messagerie électronique +GenericName[ga]=Cliant RÃomhphoist +GenericName[gl]=Cliente de correo +GenericName[he]=×ª×•×›× ×™×ª דו×ר +GenericName[hi]=डाकिया +GenericName[hr]=Program za Äitanje elektronske poÅ¡te +GenericName[hu]=LevelezÅ‘program +GenericName[id]=Klien Mail +GenericName[is]=Póstforrit +GenericName[it]=Programma di posta elettronica +GenericName[ja]=メールクライアント +GenericName[ko]=편지를 ì£¼ê³ ë°›ëŠ” 프로그램 +GenericName[lo]=ໄຄà»à»€àºàº±àº™àºˆàº»àº”ຫມາàºà»€àºà»€àº¥àº±àºà»‚ຕນິຠ+GenericName[lt]=PaÅ¡to klientas +GenericName[lv]=Pasta Klients +GenericName[mk]=Програма за електронÑка пошта +GenericName[mn]=Ð-Захиа-Програм +GenericName[mt]=Klijent tal-imejl +GenericName[nb]=E-postklient +GenericName[nds]=Mailprogramm +GenericName[nl]=E-mailclient +GenericName[nn]=Lesing og sending av e-post +GenericName[nso]=Moreki wa Poso +GenericName[oc]=Programari de correu electrònic +GenericName[pa]=ਪੱਤਰ ਕਲਾਂਇਟ +GenericName[pl]=Program do wysyÅ‚ania i odbierania poczty elektronicznej +GenericName[pt]=Client de E-mail +GenericName[pt_BR]=Cliente de E-mail +GenericName[ro]=Program de poÅŸtă electronică +GenericName[ru]=Клиент Ñлектронной почты +GenericName[se]=Boastaprográmma +GenericName[sk]=Klient elektronickej poÅ¡ty +GenericName[sl]=Program za e-poÅ¡to +GenericName[sr]=Програм за e-пошту +GenericName[sr@Latn]=Program za e-poÅ¡tu +GenericName[ss]=Likhasimende leliposi +GenericName[sv]=E-postklient +GenericName[ta]=அஞà¯à®šà®²à¯ உறà¯à®ªà¯à®ªà®¿à®©à®°à¯ +GenericName[tg]=Коргири почтаи Ñллектроникӣ +GenericName[th]=ไคลเà¸à¸™à¸•à¹Œà¸ˆà¸”หมายà¸à¸´à¹€à¸¥à¹‡à¸à¸—รà¸à¸™à¸´à¸à¸ªà¹Œ +GenericName[tr]=Posta Ä°stemcisi +GenericName[uk]=Клієнт електронної пошти +GenericName[uz]=Хат-хабар клиенти +GenericName[ven]=Mushumisani na poso +GenericName[wa]=Cliyint d' emilaedje +GenericName[xh]=Umxhasi Weposi +GenericName[zh_CN]=é‚®ä»¶ç¨‹åº +GenericName[zh_TW]=郵件處ç†ç¨‹å¼ +GenericName[zu]=Umxhasi weposi +X-KDE-StartupNotify=true diff --git a/patches/source/mozilla-thunderbird/slack-desc b/patches/source/mozilla-thunderbird/slack-desc new file mode 100644 index 000000000..353b22253 --- /dev/null +++ b/patches/source/mozilla-thunderbird/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +mozilla-thunderbird: mozilla-thunderbird (Mozilla Thunderbird mail application) +mozilla-thunderbird: +mozilla-thunderbird: Mozilla Thunderbird is a redesign of the Mozilla mail component +mozilla-thunderbird: written using the XUL user interface language. Thunderbird makes +mozilla-thunderbird: emailing safer, faster, and easier than ever before with the +mozilla-thunderbird: industry's best implementations of features such as intelligent spam +mozilla-thunderbird: filters, built-in RSS reader, quick search, and much more. +mozilla-thunderbird: +mozilla-thunderbird: Visit the Mozilla Thunderbird project online: +mozilla-thunderbird: http://www.mozilla.org/projects/thunderbird/ +mozilla-thunderbird: diff --git a/patches/source/mozilla-thunderbird/thunderbird.png b/patches/source/mozilla-thunderbird/thunderbird.png Binary files differnew file mode 100644 index 000000000..61a37d70e --- /dev/null +++ b/patches/source/mozilla-thunderbird/thunderbird.png diff --git a/patches/source/mysql/doinst.sh b/patches/source/mysql/doinst.sh new file mode 100644 index 000000000..22f77474e --- /dev/null +++ b/patches/source/mysql/doinst.sh @@ -0,0 +1,22 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +# Keep same perms on rc.mysqld.new: +if [ -e etc/rc.d/rc.mysqld ]; then + cp -a etc/rc.d/rc.mysqld etc/rc.d/rc.mysqld.new.incoming + cat etc/rc.d/rc.mysqld.new > etc/rc.d/rc.mysqld.new.incoming + mv etc/rc.d/rc.mysqld.new.incoming etc/rc.d/rc.mysqld.new +fi + +config etc/rc.d/rc.mysqld.new + diff --git a/patches/source/mysql/mirror-url b/patches/source/mysql/mirror-url new file mode 100644 index 000000000..885cd48e3 --- /dev/null +++ b/patches/source/mysql/mirror-url @@ -0,0 +1 @@ +ftp://mysql.llarian.net/pub/mysql/ diff --git a/patches/source/mysql/mysql-embedded.build b/patches/source/mysql/mysql-embedded.build new file mode 100755 index 000000000..9808571dd --- /dev/null +++ b/patches/source/mysql/mysql-embedded.build @@ -0,0 +1,55 @@ +#!/bin/sh +# Build and install MySQL on Slackware +# by: David Cantrell <david@slackware.com> +# Currently maintained by: Patrick Volkerding <volkerdi@slackware.com> + +VERSION=${VERSION:-$(echo mysql-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-mysql + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf mysql-$VERSION +tar xvf $CWD/mysql-$VERSION.tar.?z* || exit 1 +cd mysql-$VERSION + +CFLAGS="$SLKCFLAGS -fPIC" CXXFLAGS="$SLKCFLAGS -fPIC" \ + ./configure --prefix=/usr --libdir=/usr/lib${LIBDIRSUFFIX} \ + --datadir=/usr/share --sysconfdir=/etc/mysql \ + --libexecdir=/usr/sbin --localstatedir=/var/lib/mysql \ + --without-docs --without-man --without-server \ + --with-embedded-server --without-innodb --without-bench \ + --without-berkeley-db --without-row-based-replication \ + --without-readline --disable-shared --with-charset=utf8 \ + --without-debug --with-pthread --without-openssl --without-query-cache \ + --without-geometry --with-pic + +make -j6 || make || exit 1 + +cp libmysqld/libmysqld.a /usr/lib${LIBDIRSUFFIX}/mysql/ + diff --git a/patches/source/mysql/mysql.CVE-2014-0001.diff b/patches/source/mysql/mysql.CVE-2014-0001.diff new file mode 100644 index 000000000..818fae75c --- /dev/null +++ b/patches/source/mysql/mysql.CVE-2014-0001.diff @@ -0,0 +1,11 @@ +--- ./client/mysql.cc.orig 2012-03-02 08:04:08.000000000 -0600 ++++ ./client/mysql.cc 2014-02-18 22:20:30.420177939 -0600 +@@ -1157,7 +1157,7 @@ + + put_info("Welcome to the MySQL monitor. Commands end with ; or \\g.", + INFO_INFO); +- sprintf((char*) glob_buffer.ptr(), ++ snprintf((char*) glob_buffer.ptr(), glob_buffer.alloced_length(), + "Your MySQL connection id is %lu\nServer version: %s\n", + mysql_thread_id(&mysql), server_version_string(&mysql)); + put_info((char*) glob_buffer.ptr(),INFO_INFO); diff --git a/patches/source/mysql/mysql.SlackBuild b/patches/source/mysql/mysql.SlackBuild new file mode 100755 index 000000000..b71d90cd0 --- /dev/null +++ b/patches/source/mysql/mysql.SlackBuild @@ -0,0 +1,195 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2013, 2014 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# Build and install MySQL on Slackware +# by: David Cantrell <david@slackware.com> +# Currently maintained by: Patrick Volkerding <volkerdi@slackware.com> + + +VERSION=${VERSION:-$(echo mysql-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-mysql + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf mysql-$VERSION +tar xvf $CWD/mysql-$VERSION.tar.?z* || exit 1 +cd mysql-$VERSION + +zcat $CWD/mysql.CVE-2014-0001.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS -felide-constructors -fno-exceptions -fno-rtti" \ +CXX=gcc \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-mysqld-user=mysql \ + --with-unix-socket-path=/var/run/mysql/mysql.sock \ + --localstatedir=/var/lib/mysql \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --enable-assembler \ + --with-raid \ + --without-debug \ + --enable-thread-safe-client \ + --without-bench \ + --with-extra-charsets=complex \ + --with-vio \ + --with-openssl \ + --build=$ARCH-slackware-linux +# +# --without-readline + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Install support files +mkdir -p $PKG/etc +cp support-files/my-{huge,large,medium,small}.cnf $PKG/etc + +# Install docs +mkdir -p $PKG/usr/doc/mysql-$VERSION/Docs +cp -a \ + COPYING* MIRRORS README* \ + $PKG/usr/doc/mysql-$VERSION +( cd Docs + cp -a INSTALL-BINARY *.html *.txt Flags \ + $PKG/usr/doc/mysql-$VERSION/Docs ) +# Too large to justify since the .html version is right there: +rm $PKG/usr/doc/mysql-$VERSION/Docs/manual.txt +find $PKG/usr/doc/mysql-$VERSION -type f -exec chmod 0644 {} \; + +# This is the directory where databases are stored +mkdir -p $PKG/var/lib/mysql +chown mysql.mysql $PKG/var/lib/mysql +chmod 0750 $PKG/var/lib/mysql + +# This is where the socket is stored +mkdir -p $PKG/var/run/mysql +chown mysql.mysql $PKG/var/run/mysql +chmod 0755 $PKG/var/run/mysql + +# Do not include the test suite: +rm -rf $PKG/usr/mysql-test + +# Add init script: +mkdir -p $PKG/etc/rc.d +# This is intentionally chmod 644. +zcat $CWD/rc.mysqld.gz > $PKG/etc/rc.d/rc.mysqld.new + +# Install script: +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Add some handy library symlinks: +if [ -r $PKG/usr/lib${LIBDIRSUFFIX}/mysql/libmysqlclient.so.15 ]; then + ( cd $PKG/usr/lib${LIBDIRSUFFIX} + rm -f libmysqlclient.so libmysqlclient.so.15 + ln -sf mysql/libmysqlclient.so . + ln -sf mysql/libmysqlclient.so.15 . + ) +else + exit 1 +fi +if [ -r $PKG/usr/lib${LIBDIRSUFFIX}/mysql/libmysqlclient_r.so.15 ]; then + ( cd $PKG/usr/lib${LIBDIRSUFFIX} + rm -f libmysqlclient_r.so libmysqlclient_r.so.15 + ln -sf mysql/libmysqlclient_r.so . + ln -sf mysql/libmysqlclient_r.so.15 . + ) +else + exit 1 +fi + +# Packaging standards: +rm -f $PKG/usr/info/dir + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Compress info files, if any: +if [ -d $PKG/usr/info ]; then + ( cd $PKG/usr/info + rm -f dir + gzip -9 * + ) +fi + +# Build package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/mysql-$VERSION-$ARCH-$BUILD.txz + +if [ "$1" == "--cleanup" ]; then + cd $TMP + rm -rf mysql-$VERSION +fi diff --git a/patches/source/mysql/rc.mysqld b/patches/source/mysql/rc.mysqld new file mode 100644 index 000000000..300e6eb2d --- /dev/null +++ b/patches/source/mysql/rc.mysqld @@ -0,0 +1,86 @@ +#!/bin/sh +# Start/stop/restart mysqld. +# +# Copyright 2003 Patrick J. Volkerding, Concord, CA +# Copyright 2003 Slackware Linux, Inc., Concord, CA +# Copyright 2008 Patrick J. Volkerding, Sebeka, MN +# +# This program comes with NO WARRANTY, to the extent permitted by law. +# You may redistribute copies of this program under the terms of the +# GNU General Public License. + +# To start MySQL automatically at boot, be sure this script is executable: +# chmod 755 /etc/rc.d/rc.mysqld + +# Before you can run MySQL, you must have a database. To install an initial +# database, do this as root: +# +# mysql_install_db --user=mysql +# +# Note that the mysql user must exist in /etc/passwd, and the created files +# will be owned by this dedicated user. This is important, or else mysql +# (which runs as user "mysql") will not be able to write to the database +# later (this can be fixed with 'chown -R mysql.mysql /var/lib/mysql'). +# +# To increase system security, consider using "mysql_secure_installation" +# as well. For more information on this tool, please read: +# man mysql_secure_installation + +# To allow outside connections to the database comment out the next line. +# If you don't need incoming network connections, then leave the line +# uncommented to improve system security. +SKIP="--skip-networking" + +# Start mysqld: +mysqld_start() { + if [ -x /usr/bin/mysqld_safe ]; then + # If there is an old PID file (no mysqld running), clean it up: + if [ -r /var/run/mysql/mysql.pid ]; then + if ! ps axc | grep mysqld 1> /dev/null 2> /dev/null ; then + echo "Cleaning up old /var/run/mysql/mysql.pid." + rm -f /var/run/mysql/mysql.pid + fi + fi + /usr/bin/mysqld_safe --datadir=/var/lib/mysql --pid-file=/var/run/mysql/mysql.pid $SKIP & + fi +} + +# Stop mysqld: +mysqld_stop() { + # If there is no PID file, ignore this request... + if [ -r /var/run/mysql/mysql.pid ]; then + killall mysqld + # Wait at least one minute for it to exit, as we don't know how big the DB is... + for second in 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 \ + 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 60 ; do + if [ ! -r /var/run/mysql/mysql.pid ]; then + break; + fi + sleep 1 + done + if [ "$second" = "60" ]; then + echo "WARNING: Gave up waiting for mysqld to exit!" + sleep 15 + fi + fi +} + +# Restart mysqld: +mysqld_restart() { + mysqld_stop + mysqld_start +} + +case "$1" in +'start') + mysqld_start + ;; +'stop') + mysqld_stop + ;; +'restart') + mysqld_restart + ;; +*) + echo "usage $0 start|stop|restart" +esac diff --git a/patches/source/mysql/slack-desc b/patches/source/mysql/slack-desc new file mode 100644 index 000000000..29e1b8be4 --- /dev/null +++ b/patches/source/mysql/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +mysql: mysql (SQL-based relational database server) +mysql: +mysql: MySQL is a fast, multi-threaded, multi-user, and robust SQL +mysql: (Structured Query Language) database server. It comes with a nice API +mysql: which makes it easy to integrate into other applications. +mysql: +mysql: The home page for MySQL is http://www.mysql.com/ +mysql: +mysql: +mysql: +mysql: diff --git a/patches/source/ntp/doinst.sh b/patches/source/ntp/doinst.sh new file mode 100644 index 000000000..bc5429909 --- /dev/null +++ b/patches/source/ntp/doinst.sh @@ -0,0 +1,28 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +preserve_perms() { + NEW="$1" + OLD="$(dirname ${NEW})/$(basename ${NEW} .new)" + if [ -e ${OLD} ]; then + cp -a ${OLD} ${NEW}.incoming + cat ${NEW} > ${NEW}.incoming + mv ${NEW}.incoming ${NEW} + fi + config ${NEW} +} + +config etc/ntp.conf.new +config etc/ntp/ntp.keys.new +if [ -r etc/rc.d/rc.ntpd -a -r etc/rc.d/rc.ntpd.new ]; then + chmod --reference=etc/rc.d/rc.ntpd etc/rc.d/rc.ntpd.new +fi +mv etc/rc.d/rc.ntpd.new etc/rc.d/rc.ntpd diff --git a/patches/source/ntp/ntp.SlackBuild b/patches/source/ntp/ntp.SlackBuild new file mode 100755 index 000000000..4d31c8879 --- /dev/null +++ b/patches/source/ntp/ntp.SlackBuild @@ -0,0 +1,158 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012, 2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=ntp +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-ntp + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf ntp-${VERSION}* +tar xvf $CWD/ntp-${VERSION}*.tar.?z* || exit 1 +cd ntp-${VERSION}* || exit 1 + +zcat $CWD/ntp.nano.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 2777 -o -perm 2755 -o -perm 2775 \) \ + -exec chmod u+rwx,g-sw,g+rx,o-w,o+rx {} \; -o \ + \( -perm 777 -o -perm 775 -o -perm 774 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod u+rwx,g-sw,g+rx,o-w,o+rx {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --localstatedir=/var \ + --sysconfdir=/etc \ + --bindir=/usr/sbin \ + --sbindir=/usr/sbin \ + --mandir=/usr/man \ + --docdir=/usr/doc/ntp-$VERSION \ + --htmldir=/usr/doc/ntp-$VERSION \ + --enable-ipv6 \ + --with-crypto \ + --program-prefix= \ + --program-suffix= \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make -i install DESTDIR=$PKG || exit 1 + +# Since the Makefile's install pays no heed to the --bindir settings, +# we'll move things to where they've always been ourselves: +mv $PKG/usr/bin/* $PKG/usr/sbin +rmdir $PKG/usr/bin + +# This might only be an empty directory: +rmdir $PKG/usr/lib/pkgconfig + +# This should be empty. Try to remove it, and error out if it's not actually empty: +rmdir $PKG/usr/libexec || exit 1 + +mkdir -p $PKG/etc/ntp +cat $CWD/ntp.conf > $PKG/etc/ntp.conf.new +cat $CWD/ntp.keys > $PKG/etc/ntp/ntp.keys.new +chmod 600 $PKG/etc/ntp/ntp.keys.new +touch $PKG/etc/ntp/step-tickers + +mkdir -p $PKG/etc/rc.d +cat $CWD/rc.ntpd > $PKG/etc/rc.d/rc.ntpd.new + +mv $PKG/usr/doc/ntp-$VERSION/*.html $PKG/usr/doc/ntp-$VERSION/html || exit 1 +cp -a \ + COPYRIGHT NEWS README* TODO WHERE-TO-START \ + *.y2kfixes clockstuff conf scripts \ + $PKG/usr/doc/ntp-$VERSION +mkdir $PKG/usr/doc/ntp-$VERSION/util +cp -a util/README $PKG/usr/doc/ntp-$VERSION/util +mkdir $PKG/usr/doc/ntp-$VERSION/ntpdate +cp -a ntpdate/README $PKG/usr/doc/ntp-$VERSION/ntpdate +( cd $PKG/usr/doc/ntp-$VERSION + find . -name ".deps*" -exec rm -rf "{}" \; 2> /dev/null +) + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +# Strip binaries: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/ntp-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/ntp/ntp.conf b/patches/source/ntp/ntp.conf new file mode 100644 index 000000000..1844fb91c --- /dev/null +++ b/patches/source/ntp/ntp.conf @@ -0,0 +1,72 @@ +# Sample /etc/ntp.conf: Configuration file for ntpd. +# +# Undisciplined Local Clock. This is a fake driver intended for backup +# and when no outside source of synchronized time is available. The +# default stratum is usually 3, but in this case we elect to use stratum +# 0. Since the server line does not have the prefer keyword, this driver +# is never used for synchronization, unless no other other +# synchronization source is available. In case the local host is +# controlled by some external source, such as an external oscillator or +# another protocol, the prefer keyword would cause the local host to +# disregard all other synchronization sources, unless the kernel +# modifications are in use and declare an unsynchronized condition. +# +server 127.127.1.0 # local clock +fudge 127.127.1.0 stratum 10 + +# +# NTP server (list one or more) to synchronize with: +#server 0.pool.ntp.org iburst +#server 1.pool.ntp.org iburst +#server 2.pool.ntp.org iburst +#server 3.pool.ntp.org iburst + +# +# Drift file. Put this in a directory which the daemon can write to. +# No symbolic links allowed, either, since the daemon updates the file +# by creating a temporary in the same directory and then rename()'ing +# it to the file. +# +driftfile /etc/ntp/drift + +# +# Uncomment to use a multicast NTP server on the local subnet: +#multicastclient 224.0.1.1 # listen on default 224.0.1.1 +# Set an optional compensation for broadcast packet delay: +#broadcastdelay 0.008 + +# +# Keys file. If you want to diddle your server at run time, make a +# keys file (mode 600 for sure) and define the key number to be +# used for making requests. +# PLEASE DO NOT USE THE DEFAULT VALUES HERE. Pick your own, or remote +# systems might be able to reset your clock at will. +# +#keys /etc/ntp/keys +#trustedkey 65535 +#requestkey 65535 +#controlkey 65535 + +# +# Don't serve time or stats to anyone else by default (more secure) +restrict default limited kod nomodify notrap nopeer noquery +restrict -6 default limited kod nomodify notrap nopeer noquery + +# +# Use these lines instead if you do want to serve time and stats to +# other machines on the network: +#restrict default limited kod nomodify notrap nopeer +#restrict -6 default limited kod nomodify notrap nopeer + +# +# Disable the ntpdc -c monlist command, which is insecure and can be used +# to cause a denial of service attack (CVE-2013-5211). Future versions of +# NTP will remove this command. +# (this feature was disabled by default with ntpd 4.2.7p230) +disable monitor + +# +# Trust ourselves. :-) +restrict 127.0.0.1 +restrict ::1 + diff --git a/patches/source/ntp/ntp.keys b/patches/source/ntp/ntp.keys new file mode 100644 index 000000000..1c3fbd2c4 --- /dev/null +++ b/patches/source/ntp/ntp.keys @@ -0,0 +1,2 @@ +65535 M akey +1 M pass diff --git a/patches/source/ntp/ntp.nano.diff b/patches/source/ntp/ntp.nano.diff new file mode 100644 index 000000000..0ff361ce9 --- /dev/null +++ b/patches/source/ntp/ntp.nano.diff @@ -0,0 +1,17 @@ +--- ./include/ntp_syscall.h.orig 2009-12-09 01:36:37.000000000 -0600 ++++ ./include/ntp_syscall.h 2010-04-21 23:38:30.000000000 -0500 +@@ -14,6 +14,14 @@ + # include <sys/timex.h> + #endif + ++#if defined(ADJ_NANO) && !defined(MOD_NANO) ++#define MOD_NANO ADJ_NANO ++#endif ++ ++#if defined(ADJ_TAI) && !defined(MOD_TAI) ++#define MOD_TAI ADJ_TAI ++#endif ++ + #ifndef NTP_SYSCALLS_LIBC + #ifdef NTP_SYSCALLS_STD + # define ntp_adjtime(t) syscall(SYS_ntp_adjtime, (t)) diff --git a/patches/source/ntp/rc.ntpd b/patches/source/ntp/rc.ntpd new file mode 100644 index 000000000..c1d1411ca --- /dev/null +++ b/patches/source/ntp/rc.ntpd @@ -0,0 +1,71 @@ +#!/bin/sh +# Start/stop/restart ntpd. + +# Start ntpd: +ntpd_start() { + CMDLINE="/usr/sbin/ntpd -g" + echo -n "Starting NTP daemon: $CMDLINE" + $CMDLINE -p /var/run/ntpd.pid + echo + # The kernel is now mocking around with the the hardware clock if + # ntpd is running, so if the hardware clock (wall clock) is set to + # 'localtime' execute hwclock --localtime --systohc to disable the + # 11 minute mode kernel function: + if [ -x /sbin/hwclock ]; then + # Check for a broken motherboard RTC clock (where ioports for rtc are + # unknown) to prevent hwclock causing a hang: + if ! grep -q -w rtc /proc/ioports ; then + CLOCK_OPT="--directisa" + fi + if ! grep -q "^UTC" /etc/hardwareclock 2> /dev/null ; then + echo "Saving system time to the hardware clock (localtime)." + /sbin/hwclock $CLOCK_OPT --localtime --systohc + fi + fi +} + +# Stop ntpd: +ntpd_stop() { + echo -n "Stopping NTP daemon..." + if [ -r /var/run/ntpd.pid ]; then + kill -HUP $(cat /var/run/ntpd.pid) + rm -f /var/run/ntpd.pid + else + killall -HUP -q ntpd + fi + echo +} + +# Restart ntpd: +ntpd_restart() { + ntpd_stop + sleep 1 + ntpd_start +} + +# Check if ntpd is running +ntpd_status() { + if [ -e /var/run/ntpd.pid ]; then + echo "ntpd is running." + else + echo "ntpd is stopped." + exit 1 + fi +} + +case "$1" in +'start') + ntpd_start + ;; +'stop') + ntpd_stop + ;; +'restart') + ntpd_restart + ;; +'status') + ntpd_status + ;; +*) + echo "usage $0 start|stop|restart|status" +esac diff --git a/patches/source/ntp/slack-desc b/patches/source/ntp/slack-desc new file mode 100644 index 000000000..6319e8885 --- /dev/null +++ b/patches/source/ntp/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +ntp: ntp (Network Time Protocol daemon) +ntp: +ntp: The Network Time Protocol (NTP) is used to synchronize the time of a +ntp: computer client or server to another server or reference time source, +ntp: such as a radio or satellite receiver or modem. It provides client +ntp: accuracies typically within a millisecond on LANs and up to a few tens +ntp: of milliseconds on WANs relative to a primary server synchronized to +ntp: Coordinated Universal Time (UTC) via a Global Positioning Service +ntp: (GPS) receiver, for example. +ntp: +ntp: diff --git a/patches/source/openssh/doinst.sh b/patches/source/openssh/doinst.sh new file mode 100644 index 000000000..73ce62836 --- /dev/null +++ b/patches/source/openssh/doinst.sh @@ -0,0 +1,49 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +preserve_perms() { + NEW="$1" + OLD="$(dirname ${NEW})/$(basename ${NEW} .new)" + if [ -e ${OLD} ]; then + cp -a ${OLD} ${NEW}.incoming + cat ${NEW} > ${NEW}.incoming + touch -r ${NEW} ${NEW}.incoming + mv ${NEW}.incoming ${NEW} + fi + config ${NEW} +} + +config etc/ssh/ssh_config.new +config etc/ssh/sshd_config.new +preserve_perms etc/rc.d/rc.sshd.new +if [ -e etc/rc.d/rc.sshd.new ]; then + mv etc/rc.d/rc.sshd.new etc/rc.d/rc.sshd +fi + +# If the sshd user/group/shadow don't exist, add them: + +if ! grep -q "^sshd:" etc/passwd ; then + echo "sshd:x:33:33:sshd:/:" >> etc/passwd +fi + +if ! grep -q "^sshd:" etc/group ; then + echo "sshd::33:sshd" >> etc/group +fi + +if ! grep -q "^sshd:" etc/shadow ; then + echo "sshd:*:9797:0:::::" >> etc/shadow +fi + +# Add a btmp file to store login failure if one doesn't exist: +if [ ! -r var/log/btmp ]; then + ( cd var/log ; umask 077 ; touch btmp ) +fi + diff --git a/patches/source/openssh/openssh-7.4p1-libwrap.diff b/patches/source/openssh/openssh-7.4p1-libwrap.diff new file mode 100644 index 000000000..d1025e43c --- /dev/null +++ b/patches/source/openssh/openssh-7.4p1-libwrap.diff @@ -0,0 +1,137 @@ +--- ./configure.ac.orig 2016-12-18 22:59:41.000000000 -0600 ++++ ./configure.ac 2016-12-23 12:58:04.200707728 -0600 +@@ -1467,6 +1467,62 @@ + ] + ) + ++# Check whether user wants TCP wrappers support ++TCPW_MSG="no" ++AC_ARG_WITH([tcp-wrappers], ++ [ --with-tcp-wrappers[[=PATH]] Enable tcpwrappers support (optionally in PATH)], ++ [ ++ if test "x$withval" != "xno" ; then ++ saved_LIBS="$LIBS" ++ saved_LDFLAGS="$LDFLAGS" ++ saved_CPPFLAGS="$CPPFLAGS" ++ if test -n "${withval}" && \ ++ test "x${withval}" != "xyes"; then ++ if test -d "${withval}/lib"; then ++ if test -n "${need_dash_r}"; then ++ LDFLAGS="-L${withval}/lib -R${withval}/lib ${LDFLAGS}" ++ else ++ LDFLAGS="-L${withval}/lib ${LDFLAGS}" ++ fi ++ else ++ if test -n "${need_dash_r}"; then ++ LDFLAGS="-L${withval} -R${withval} ${LDFLAGS}" ++ else ++ LDFLAGS="-L${withval} ${LDFLAGS}" ++ fi ++ fi ++ if test -d "${withval}/include"; then ++ CPPFLAGS="-I${withval}/include ${CPPFLAGS}" ++ else ++ CPPFLAGS="-I${withval} ${CPPFLAGS}" ++ fi ++ fi ++ LIBS="-lwrap -lnsl $LIBS" ++ AC_MSG_CHECKING([for libwrap]) ++ AC_LINK_IFELSE([AC_LANG_PROGRAM([[ ++#include <sys/types.h> ++#include <sys/socket.h> ++#include <netinet/in.h> ++#include <tcpd.h> ++int deny_severity = 0, allow_severity = 0; ++ ]], [[ ++ hosts_access(0); ++ ]])], [ ++ AC_MSG_RESULT([yes]) ++ AC_DEFINE([LIBWRAP], [1], ++ [Define if you want ++ TCP Wrappers support]) ++ SSHDLIBS="$SSHDLIBS -lwrap -lnsl" ++ TCPW_MSG="yes" ++ ], [ ++ AC_MSG_ERROR([*** libwrap missing]) ++ ++ ]) ++ LIBS="$saved_LIBS" ++ fi ++ ] ++) ++ + # Check whether user wants to use ldns + LDNS_MSG="no" + AC_ARG_WITH(ldns, +@@ -5081,6 +5137,7 @@ + echo " SELinux support: $SELINUX_MSG" + echo " Smartcard support: $SCARD_MSG" + echo " S/KEY support: $SKEY_MSG" ++echo " TCP Wrappers support: $TCPW_MSG" + echo " MD5 password support: $MD5_MSG" + echo " libedit support: $LIBEDIT_MSG" + echo " Solaris process contract support: $SPC_MSG" +--- ./sshd.c.orig 2016-12-18 22:59:41.000000000 -0600 ++++ ./sshd.c 2016-12-23 12:58:40.847710372 -0600 +@@ -123,6 +123,13 @@ + #include "version.h" + #include "ssherr.h" + ++#ifdef LIBWRAP ++#include <tcpd.h> ++#include <syslog.h> ++int allow_severity; ++int deny_severity; ++#endif /* LIBWRAP */ ++ + /* Re-exec fds */ + #define REEXEC_DEVCRYPTO_RESERVED_FD (STDERR_FILENO + 1) + #define REEXEC_STARTUP_PIPE_FD (STDERR_FILENO + 2) +@@ -1971,6 +1978,24 @@ + #ifdef SSH_AUDIT_EVENTS + audit_connection_from(remote_ip, remote_port); + #endif ++#ifdef LIBWRAP ++ allow_severity = options.log_facility|LOG_INFO; ++ deny_severity = options.log_facility|LOG_WARNING; ++ /* Check whether logins are denied from this host. */ ++ if (packet_connection_is_on_socket()) { ++ struct request_info req; ++ ++ request_init(&req, RQ_DAEMON, __progname, RQ_FILE, sock_in, 0); ++ fromhost(&req); ++ ++ if (!hosts_access(&req)) { ++ debug("Connection refused by tcp wrapper"); ++ refuse(&req); ++ /* NOTREACHED */ ++ fatal("libwrap refuse returns"); ++ } ++ } ++#endif /* LIBWRAP */ + + /* Log the connection. */ + laddr = get_local_ipaddr(sock_in); +--- ./sshd.8.orig 2016-12-18 22:59:41.000000000 -0600 ++++ ./sshd.8 2016-12-23 12:58:04.208707729 -0600 +@@ -825,6 +825,12 @@ + This file should be writable only by the user, and need not be + readable by anyone else. + .Pp ++.It Pa /etc/hosts.allow ++.It Pa /etc/hosts.deny ++Access controls that should be enforced by tcp-wrappers are defined here. ++Further details are described in ++.Xr hosts_access 5 . ++.Pp + .It Pa /etc/hosts.equiv + This file is for host-based authentication (see + .Xr ssh 1 ) . +@@ -929,6 +935,7 @@ + .Xr ssh-keygen 1 , + .Xr ssh-keyscan 1 , + .Xr chroot 2 , ++.Xr hosts_access 5 , + .Xr login.conf 5 , + .Xr moduli 5 , + .Xr sshd_config 5 , diff --git a/patches/source/openssh/openssh.CVE-2017-15906.patch b/patches/source/openssh/openssh.CVE-2017-15906.patch new file mode 100644 index 000000000..fdb963f7e --- /dev/null +++ b/patches/source/openssh/openssh.CVE-2017-15906.patch @@ -0,0 +1,19 @@ +--- ./sftp-server.c.orig 2016-12-18 22:59:41.000000000 -0600 ++++ ./sftp-server.c 2018-03-07 19:18:19.275984210 -0600 +@@ -1,4 +1,4 @@ +-/* $OpenBSD: sftp-server.c,v 1.110 2016/09/12 01:22:38 deraadt Exp $ */ ++/* $OpenBSD: sftp-server.c,v 1.111 2017/04/04 00:24:56 djm Exp $ */ + /* + * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. + * +@@ -691,8 +691,8 @@ + logit("open \"%s\" flags %s mode 0%o", + name, string_from_portable(pflags), mode); + if (readonly && +- ((flags & O_ACCMODE) == O_WRONLY || +- (flags & O_ACCMODE) == O_RDWR)) { ++ ((flags & O_ACCMODE) != O_RDONLY || ++ (flags & (O_CREAT|O_TRUNC)) != 0)) { + verbose("Refusing open request in read-only mode"); + status = SSH2_FX_PERMISSION_DENIED; + } else { diff --git a/patches/source/openssh/openssh.SlackBuild b/patches/source/openssh/openssh.SlackBuild new file mode 100755 index 000000000..d17cd9a63 --- /dev/null +++ b/patches/source/openssh/openssh.SlackBuild @@ -0,0 +1,169 @@ +#!/bin/sh + +# Copyright 2000 BSDi, Inc. Concord, CA, USA +# Copyright 2001, 2002, 2003, 2004 Slackware Linux, Inc. Concord, CA, USA +# Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-openssh + +VERSION=${VERSION:-$(echo openssh-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.0} + +NUMJOBS=${NUMJOBS:--j6} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +elif [ "$ARCH" = "arm" ]; then + SLKCFLAGS="-O2 -march=armv4 -mtune=xscale" +elif [ "$ARCH" = "armel" ]; then + SLKCFLAGS="-O2 -march=armv4t" +else + SLKCFLAGS="-O2" +fi + +# Clean target location: +rm -rf $PKG +mkdir -p $PKG + +# Prepare the framework and extract the package: +cd $TMP +rm -rf $PKG openssh-$VERSION +tar xvf $CWD/openssh-$VERSION.tar.gz || tar xvf $CWD/openssh-$VERSION.tar.?z* || exit 1 +cd openssh-$VERSION +chown -R root:root . + +zcat $CWD/openssh.CVE-2017-15906.patch.gz | patch -p1 --verbose || exit 1 + +# Restore support for tcpwrappers: +zcat $CWD/openssh-7.4p1-libwrap.diff.gz | patch -p1 --verbose || exit 1 +autoreconf -vif + +# Compile package: +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --mandir=/usr/man \ + --sysconfdir=/etc/ssh \ + --without-pam \ + --with-md5-passwords \ + --with-tcp-wrappers \ + --with-default-path=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin \ + --with-privsep-path=/var/empty \ + --with-privsep-user=sshd \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 + +# Install the package: +make install DESTDIR=$PKG + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Install directory used with PrivilegeSeparation option: +mkdir -p $PKG/var/empty +chmod 755 $PKG/var/empty + +# Install docs: +mkdir -p $PKG/usr/doc/openssh-$VERSION +cp -a \ + CREDITS ChangeLog INSTALL LICENCE OVERVIEW \ + README README.privsep README.smartcard RFC.nroff TODO WARNING.RNG \ + $PKG/usr/doc/openssh-$VERSION +chmod 644 $PKG/usr/doc/openssh-$VERSION/* + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +# Install also 'ssh-copy-id' and its manpage from contrib: +( cd contrib + cp -a ssh-copy-id $PKG/usr/bin/ssh-copy-id + chmod 755 $PKG/usr/bin/ssh-copy-id + cat ssh-copy-id.1 | gzip -9c > $PKG/usr/man/man1/ssh-copy-id.1.gz +) + +( cd $PKG + + # Ditch the new host keys, since these have to be uniquely prepared on each machine: + rm -f etc/ssh/ssh_host_dsa_key + rm -f etc/ssh/ssh_host_dsa_key.pub + rm -f etc/ssh/ssh_host_rsa_key + rm -f etc/ssh/ssh_host_rsa_key.pub + rm -f etc/ssh/ssh_host_key + rm -f etc/ssh/ssh_host_key.pub + + # Set up the config script installation: + mv etc/ssh/ssh_config etc/ssh/ssh_config.new + mv etc/ssh/sshd_config etc/ssh/sshd_config.new + + # Add the init script: + mkdir -p etc/rc.d + cat $CWD/rc.sshd > etc/rc.d/rc.sshd.new + chmod 755 etc/rc.d/rc.sshd.new + + # Copy runtime installation files: + mkdir -p install + zcat $CWD/doinst.sh.gz > install/doinst.sh + cat $CWD/slack-desc > install/slack-desc +) + +# Create the package itself: +cd $PKG +/sbin/makepkg -l y -c n $TMP/openssh-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/openssh/rc.sshd b/patches/source/openssh/rc.sshd new file mode 100644 index 000000000..2da2ab307 --- /dev/null +++ b/patches/source/openssh/rc.sshd @@ -0,0 +1,59 @@ +#!/bin/sh +# Start/stop/restart the secure shell server: + +sshd_start() { + # Create host keys if needed. + if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then + /usr/bin/ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N '' + fi + if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then + /usr/bin/ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N '' + fi + if [ ! -f /etc/ssh/ssh_host_ecdsa_key ]; then + /usr/bin/ssh-keygen -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key -N '' + fi + if [ ! -f /etc/ssh/ssh_host_ed25519_key ]; then + /usr/bin/ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N '' + fi + # Catch any new host key types not yet created above: + /usr/bin/ssh-keygen -A + # Start the sshd daemon: + /usr/sbin/sshd +} + +sshd_stop() { + killall sshd +} + +sshd_restart() { + if [ -r /var/run/sshd.pid ]; then + echo "WARNING: killing listener process only. To kill every sshd process, you must" + echo " use 'rc.sshd stop'. 'rc.sshd restart' kills only the parent sshd to" + echo " allow an admin logged in through sshd to use 'rc.sshd restart' without" + echo " being cut off. If sshd has been upgraded, new connections will now" + echo " use the new version, which should be a safe enough approach." + kill `cat /var/run/sshd.pid` + else + echo "WARNING: There does not appear to be a parent instance of sshd running." + echo " If you really want to kill all running instances of sshd (including" + echo " any sessions currently in use), run '/etc/rc.d/rc.sshd stop' instead." + exit 1 + fi + sleep 1 + sshd_start +} + +case "$1" in +'start') + sshd_start + ;; +'stop') + sshd_stop + ;; +'restart') + sshd_restart + ;; +*) + echo "usage $0 start|stop|restart" +esac + diff --git a/patches/source/openssh/slack-desc b/patches/source/openssh/slack-desc new file mode 100644 index 000000000..04277a720 --- /dev/null +++ b/patches/source/openssh/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +openssh: openssh (Secure Shell daemon and clients) +openssh: +openssh: ssh (Secure Shell) is a program for logging into a remote machine and +openssh: for executing commands on a remote machine. It is intended to replace +openssh: rlogin and rsh, and provide secure encrypted communications between +openssh: two untrusted hosts over an insecure network. sshd (SSH Daemon) is +openssh: the daemon program for ssh. OpenSSH is based on the last free version +openssh: of Tatu Ylonen's SSH, further enhanced and cleaned up by Aaron +openssh: Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt, and +openssh: Dug Song. It has a homepage at http://www.openssh.com/ +openssh: diff --git a/patches/source/openssl/certwatch b/patches/source/openssl/certwatch new file mode 100644 index 000000000..d52dc3dc4 --- /dev/null +++ b/patches/source/openssl/certwatch @@ -0,0 +1,130 @@ +#!/bin/sh +# +# Will check all certificates stored in $CERTDIR for their expiration date, +# and will display (if optional "stdout" argument is given), or mail a warning +# message to $MAILADDR (if script is executed without any parameter +# - unattended mode suitable for cron execution) for each particular certificate +# that is about to expire in time less to, or equal to $DAYS after this script +# has been executed, or if it has already expired. +# This stupid script (C) 2006,2007 Jan Rafaj + +########################## CONFIGURATION SECTION BEGIN ######################### +# Note: all settings are mandatory +# Warning will be sent if a certificate expires in time <= days given here +DAYS=7 +# E-mail address where to send warnings +MAILADDR=root +# Directory with certificates to check +CERTDIR=/etc/ssl/certs +# Directory where to keep state files if this script isnt executed with "stdout" +STATEDIR=/var/run +########################### CONFIGURATION SECTION END ########################## + +PATH=/bin:/usr/bin:/sbin:/usr/sbin +DAY_IN_SECS=$((60*60*24)) +DATE_CURRENT=$(date '+%s') + +usage() +{ + echo "Usage: $0 [stdout]" + echo + echo "Detailed description and configuration is embedded within the script." + exit 0 +} + +message() +{ + cat << EOF + WARNING: certificate $certfile + is about to expire in time equal to or less than $DAYS days from now on, + or has already expired - it might be a good idea to obtain/create new one. + +EOF +} + +message_mail() +{ + message + cat << EOF + NOTE: This message is being sent only once. + + A lock-file + $STATEDIR/certwatch-mailwarning-sent-$certfilebase + has been created, which will prevent this script from mailing you again + upon its subsequent executions by crond. You dont need to care about it; + the file will be auto-deleted as soon as you'll prolong your certificate. +EOF +} + +unset stdout +case $# in + 0) ;; + 1) if [ "$1" = "-h" -o "$1" == "--help" ]; then + usage + elif [ "$1" = "stdout" ]; then + stdout=1 + else + usage + fi + ;; + *) usage ;; +esac + +for dir in $STATEDIR $CERTDIR ; do + if [ ! -d $dir ]; then + echo "ERROR: directory $dir does not exist" + exit 1 + fi +done +for binary in basename date find grep mail openssl touch ; do + if [ ! \( -x /usr/bin/$binary -o -x /bin/$binary \) ]; then + echo "ERROR: /usr/bin/$binary not found" + exit 1 + fi +done + +find $CERTDIR -type f -maxdepth 1 | while read certfile ; do + if [ "$certfile" != "/etc/ssl/certs/ca-certificates.crt" ]; then + certfilebase="$(basename "$certfile")" + inform=PEM + echo "$certfile" | grep -q -i '\.net$' + if [ $? -eq 0 ]; then + # This is based purely on filename extension, so may give false results. + # But lets assume noone uses NET format certs today, ok? + continue + fi + echo "$certfile" | grep -q -i '\.der$' + if [ $? -eq 0 -o "$(file "$certfile" | egrep '(ASCII|PEM)')" == "" ]; then + inform=DER + fi + # We wont use '-checkend' since it is not properly documented (as of + # OpenSSL 0.9.8e). + DATE_CERT_EXPIRES=$(openssl x509 -in "$certfile" -inform $inform -noout -enddate | sed 's/^notAfter=//') + DATE_CERT_EXPIRES=$(date -d"$DATE_CERT_EXPIRES" +%s) + if [ $(($DATE_CERT_EXPIRES - $DATE_CURRENT)) -le $(($DAYS * $DAY_IN_SECS)) ] + then + if [ $stdout ]; then + message + else + if [ ! -f $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" ]; then + subject="$0: certificate $certfile expiration warning" + message_mail | mail -r "certwatch@$HOSTNAME" \ + -s "$subject" \ + $MAILADDR 2>/dev/null + # echo "Mail about expiring certificate $certfile sent to $MAILADDR." + # echo "If you need to send it again, please remove lock-file" + # echo "$STATEDIR/certwatch-mailwarning-sent-$certfilebase ." + # echo + fi + touch $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" + fi + else + if [ ! $stdout ]; then + if [ -f $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" ]; then + rm $STATEDIR/certwatch-mailwarning-sent-"$certfilebase" + fi + fi + fi + fi +done + diff --git a/patches/source/openssl/doinst.sh-openssl b/patches/source/openssl/doinst.sh-openssl new file mode 100644 index 000000000..f73c5a514 --- /dev/null +++ b/patches/source/openssl/doinst.sh-openssl @@ -0,0 +1,15 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/ssl/openssl.cnf.new +config etc/cron.daily/certwatch.new +# If the admin has modified this in any way, no need to keep the sample. +rm -f etc/cron.daily/certwatch.new diff --git a/patches/source/openssl/doinst.sh-openssl-solibs b/patches/source/openssl/doinst.sh-openssl-solibs new file mode 100644 index 000000000..ed4fdfacb --- /dev/null +++ b/patches/source/openssl/doinst.sh-openssl-solibs @@ -0,0 +1,12 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/ssl/openssl.cnf.new diff --git a/patches/source/openssl/openssl.SlackBuild b/patches/source/openssl/openssl.SlackBuild new file mode 100755 index 000000000..54e32225c --- /dev/null +++ b/patches/source/openssl/openssl.SlackBuild @@ -0,0 +1,199 @@ +#!/bin/sh + +# Copyright 2000 BSDi, Inc. Concord, CA, USA +# Copyright 2001, 2002 Slackware Linux, Inc. Concord, CA, USA +# Copyright 2005, 2006, 2007, 2008, 2009, 2010, 2012, 2016 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +VERSION=${VERSION:-$(echo openssl-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +PKG1=$TMP/package-openssl +PKG2=$TMP/package-ossllibs +NAME1=openssl-$VERSION-$ARCH-$BUILD +NAME2=openssl-solibs-$VERSION-$ARCH-$BUILD + +NUMJOBS=${NUMJOBS:--j6} + +# So that ls has the right field counts for parsing... +export LC_ALL=C + +cd $TMP +rm -rf $PKG1 $PKG2 openssl-$VERSION +tar xvf $CWD/openssl-$VERSION.tar.gz || exit 1 +cd openssl-$VERSION + +# Use .so.0, not .so.0.9.8: +zcat $CWD/openssl.soname.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit 1 +if [ "$ARCH" = "i486" ]; then + # Build with -march=i486 -mtune=i686: + zcat $CWD/openssl.optsx86.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit 1 + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +fi + +# Mitigate DROWN: +zcat $CWD/openssl.no.weak.sslv2.ciphers.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/openssl.no.weak.sslv3.ciphers.diff.gz | patch -p1 --verbose || exit 1 + +# OpenSSL has a (nasty?) habit of bumping the internal version number with +# every release. This wouldn't be so bad, but some applications are so +# paranoid that they won't run against a different OpenSSL version than +# what they were compiled against, whether or not the ABI has changed. +# +# So, we will use the OPENSSL_VERSION_NUMBER from openssl-0.9.8o unless ABI +# breakage forces it to change. Yes, we're finally using this old trick. :) +sed -i "s/#define OPENSSL_VERSION_NUMBER.*/\/* Use 0x009080efL (0.9.8o) below to avoid pointlessly breaking the ABI *\/\n#define OPENSSL_VERSION_NUMBER 0x009080efL/g" crypto/opensslv.h || exit 1 + +chown -R root:root . +mkdir -p $PKG1/usr/doc/openssl-$VERSION +cp -a CHANGES CHANGES.SSLeay FAQ INSTALL INSTALL.MacOS INSTALL.VMS INSTALL.W32 \ + LICENSE NEWS README README.ENGINE doc $PKG1/usr/doc/openssl-$VERSION +find $PKG1/usr/doc/openssl-$VERSION -type d -exec chmod 755 {} \; +find $PKG1/usr/doc/openssl-$VERSION -type f -exec chmod 644 {} \; + +# If there's a CHANGES file, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGES ]; then + DOCSDIR=$(echo $PKG1/usr/doc/*-$VERSION) + cat CHANGES | head -n 2000 > $DOCSDIR/CHANGES + touch -r CHANGES $DOCSDIR/CHANGES +fi + +# These are the known patent issues with OpenSSL: +# name # expires +# MDC-2: 4,908,861 2007-03-13, included. :-) +# IDEA: 5,214,703 2010-05-25, not included. +# RC5: 5,724,428 2015-03-03, not included. + +./config \ + --prefix=/usr \ + --openssldir=/etc/ssl \ + no-idea \ + no-rc5 \ + no-sse2 \ + shared + +make depend || exit 1 + +make $NUMJOBS || make || exit 1 + +make install INSTALL_PREFIX=$PKG1 || exit 1 + +# Use proper libdir: +( cd $PKG1/usr; mv lib lib${LIBDIRSUFFIX} ) + +# Make the .so.? library symlinks: +( cd $PKG1/usr/lib${LIBDIRSUFFIX} ; ldconfig -l lib*.so.* ) + +# Move libraries, as they might be needed by programs that bring a network +# mounted /usr online: + +mkdir $PKG1/lib${LIBDIRSUFFIX} +( cd $PKG1/usr/lib${LIBDIRSUFFIX} + for file in lib*.so.?.* ; do + mv $file ../../lib${LIBDIRSUFFIX} + ln -sf ../../lib${LIBDIRSUFFIX}/$file . + done + cp -a lib*.so.? ../../lib${LIBDIRSUFFIX} +) + +# Add a cron script to warn root if a certificate is going to expire soon: +mkdir -p $PKG1/etc/cron.daily +zcat $CWD/certwatch.gz > $PKG1/etc/cron.daily/certwatch.new +chmod 755 $PKG1/etc/cron.daily/certwatch.new + +mv $PKG1/etc/ssl/openssl.cnf $PKG1/etc/ssl/openssl.cnf.new + +( cd $PKG1 + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +mv $PKG1/etc/ssl/man $PKG1/usr +( cd $PKG1/usr/man/man1 ; mv passwd.1 ssl_passwd.1 ) +( cd $PKG1/usr/man/man3 ; mv rand.3 ssl_rand.3 ) +( cd $PKG1/usr/man/man3 ; mv err.3 ssl_err.3 ) +# Compress and symlink the man pages: +if [ -d $PKG1/usr/man ]; then + ( cd $PKG1/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +cd $PKG1 +chmod 755 usr/lib${LIBDIRSUFFIX}/pkgconfig +sed -i -e "s#lib\$#lib${LIBDIRSUFFIX}#" usr/lib${LIBDIRSUFFIX}/pkgconfig/*.pc +mkdir -p install +zcat $CWD/doinst.sh-openssl.gz > install/doinst.sh +cat $CWD/slack-desc.openssl > install/slack-desc +/sbin/makepkg -l y -c n $TMP/${NAME1}.txz + +# Make runtime package: +mkdir -p $PKG2/lib${LIBDIRSUFFIX} +( cd lib${LIBDIRSUFFIX} ; cp -a lib*.so.* $PKG2/lib${LIBDIRSUFFIX} ) +( cd $PKG2/lib${LIBDIRSUFFIX} ; ldconfig -l * ) +mkdir -p $PKG2/etc +( cd $PKG2/etc ; cp -a $PKG1/etc/ssl . ) +mkdir -p $PKG2/usr/doc/openssl-$VERSION +( cd $TMP/openssl-$VERSION + cp -a CHANGES CHANGES.SSLeay FAQ INSTALL INSTALL.MacOS INSTALL.VMS INSTALL.W32 \ + LICENSE NEWS README README.ENGINE $PKG2/usr/doc/openssl-$VERSION +) + +# If there's a CHANGES file, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGES ]; then + DOCSDIR=$(echo $PKG2/usr/doc/*-$VERSION) + cat CHANGES | head -n 2000 > $DOCSDIR/CHANGES + touch -r CHANGES $DOCSDIR/CHANGES +fi + +find $PKG2/usr/doc/openssl-$VERSION -type d -exec chmod 755 {} \; +find $PKG2/usr/doc/openssl-$VERSION -type f -exec chmod 644 {} \; +cd $PKG2 +mkdir -p install +zcat $CWD/doinst.sh-openssl-solibs.gz > install/doinst.sh +cat $CWD/slack-desc.openssl-solibs > install/slack-desc +/sbin/makepkg -l y -c n $TMP/${NAME2}.txz diff --git a/patches/source/openssl/openssl.no.weak.sslv2.ciphers.diff b/patches/source/openssl/openssl.no.weak.sslv2.ciphers.diff new file mode 100644 index 000000000..a7075ba4c --- /dev/null +++ b/patches/source/openssl/openssl.no.weak.sslv2.ciphers.diff @@ -0,0 +1,51 @@ +diff -u -r --new-file openssl-0.9.8zh.orig/ssl/s2_lib.c openssl-0.9.8zh/ssl/s2_lib.c +--- openssl-0.9.8zh.orig/ssl/s2_lib.c 2015-12-03 08:59:08.000000000 -0600 ++++ openssl-0.9.8zh/ssl/s2_lib.c 2016-03-01 18:29:20.998111828 -0600 +@@ -97,6 +97,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# if 0 + /* RC4_128_EXPORT40_WITH_MD5 */ + { + 1, +@@ -110,6 +111,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* RC2_128_CBC_WITH_MD5 */ + { + 1, +@@ -123,6 +125,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# if 0 + /* RC2_128_CBC_EXPORT40_WITH_MD5 */ + { + 1, +@@ -136,6 +139,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* IDEA_128_CBC_WITH_MD5 */ + # ifndef OPENSSL_NO_IDEA + { +@@ -151,6 +155,7 @@ + SSL_ALL_STRENGTHS, + }, + # endif ++# if 0 + /* DES_64_CBC_WITH_MD5 */ + { + 1, +@@ -164,6 +169,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* DES_192_EDE3_CBC_WITH_MD5 */ + { + 1, diff --git a/patches/source/openssl/openssl.no.weak.sslv3.ciphers.diff b/patches/source/openssl/openssl.no.weak.sslv3.ciphers.diff new file mode 100644 index 000000000..17326a56e --- /dev/null +++ b/patches/source/openssl/openssl.no.weak.sslv3.ciphers.diff @@ -0,0 +1,356 @@ +diff -u -r --new-file openssl-0.9.8zh.orig/ssl/s3_lib.c openssl-0.9.8zh/ssl/s3_lib.c +--- openssl-0.9.8zh.orig/ssl/s3_lib.c 2015-12-03 08:59:08.000000000 -0600 ++++ openssl-0.9.8zh/ssl/s3_lib.c 2016-03-01 18:42:26.295095103 -0600 +@@ -166,6 +166,7 @@ + SSL_ALL_STRENGTHS, + }, + /* Cipher 03 */ ++# if 0 + { + 1, + SSL3_TXT_RSA_RC4_40_MD5, +@@ -178,6 +179,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 04 */ + { + 1, +@@ -205,6 +207,7 @@ + SSL_ALL_STRENGTHS, + }, + /* Cipher 06 */ ++# if 0 + { + 1, + SSL3_TXT_RSA_RC2_40_MD5, +@@ -217,6 +220,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 07 */ + #ifndef OPENSSL_NO_IDEA + { +@@ -233,6 +237,7 @@ + }, + #endif + /* Cipher 08 */ ++# if 0 + { + 1, + SSL3_TXT_RSA_DES_40_CBC_SHA, +@@ -245,7 +250,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 09 */ ++# if 0 + { + 1, + SSL3_TXT_RSA_DES_64_CBC_SHA, +@@ -258,6 +265,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 0A */ + { + 1, +@@ -273,6 +281,7 @@ + }, + /* The DH ciphers */ + /* Cipher 0B */ ++# if 0 + { + 0, + SSL3_TXT_DH_DSS_DES_40_CBC_SHA, +@@ -285,7 +294,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 0C */ ++# if 0 + { + 0, + SSL3_TXT_DH_DSS_DES_64_CBC_SHA, +@@ -298,6 +309,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 0D */ + { + 0, +@@ -312,6 +324,7 @@ + SSL_ALL_STRENGTHS, + }, + /* Cipher 0E */ ++# if 0 + { + 0, + SSL3_TXT_DH_RSA_DES_40_CBC_SHA, +@@ -324,7 +337,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 0F */ ++# if 0 + { + 0, + SSL3_TXT_DH_RSA_DES_64_CBC_SHA, +@@ -337,6 +352,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 10 */ + { + 0, +@@ -353,6 +369,7 @@ + + /* The Ephemeral DH ciphers */ + /* Cipher 11 */ ++# if 0 + { + 1, + SSL3_TXT_EDH_DSS_DES_40_CBC_SHA, +@@ -365,7 +382,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 12 */ ++# if 0 + { + 1, + SSL3_TXT_EDH_DSS_DES_64_CBC_SHA, +@@ -378,6 +397,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 13 */ + { + 1, +@@ -392,6 +412,7 @@ + SSL_ALL_STRENGTHS, + }, + /* Cipher 14 */ ++# if 0 + { + 1, + SSL3_TXT_EDH_RSA_DES_40_CBC_SHA, +@@ -404,7 +425,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 15 */ ++# if 0 + { + 1, + SSL3_TXT_EDH_RSA_DES_64_CBC_SHA, +@@ -417,6 +440,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 16 */ + { + 1, +@@ -431,6 +455,7 @@ + SSL_ALL_STRENGTHS, + }, + /* Cipher 17 */ ++# if 0 + { + 1, + SSL3_TXT_ADH_RC4_40_MD5, +@@ -443,6 +468,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 18 */ + { + 1, +@@ -457,6 +483,7 @@ + SSL_ALL_STRENGTHS, + }, + /* Cipher 19 */ ++# if 0 + { + 1, + SSL3_TXT_ADH_DES_40_CBC_SHA, +@@ -469,7 +496,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 1A */ ++# if 0 + { + 1, + SSL3_TXT_ADH_DES_64_CBC_SHA, +@@ -482,6 +511,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 1B */ + { + 1, +@@ -543,6 +573,7 @@ + + #ifndef OPENSSL_NO_KRB5 + /* The Kerberos ciphers */ ++# if 0 + /* Cipher 1E */ + { + 1, +@@ -556,6 +587,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 1F */ + { +@@ -600,6 +632,7 @@ + }, + + /* Cipher 22 */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_DES_64_CBC_MD5, +@@ -612,6 +645,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 23 */ + { +@@ -656,6 +690,7 @@ + }, + + /* Cipher 26 */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_DES_40_CBC_SHA, +@@ -668,8 +703,10 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 27 */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_RC2_40_CBC_SHA, +@@ -682,8 +719,10 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 28 */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_RC4_40_SHA, +@@ -696,8 +735,10 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 29 */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_DES_40_CBC_MD5, +@@ -710,8 +751,10 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 2A */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_RC2_40_CBC_MD5, +@@ -724,8 +767,10 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + + /* Cipher 2B */ ++# if 0 + { + 1, + SSL3_TXT_KRB5_RC4_40_MD5, +@@ -738,6 +783,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + #endif /* OPENSSL_NO_KRB5 */ + + /* New AES ciphersuites */ +@@ -1007,6 +1053,7 @@ + }, + # endif + /* Cipher 62 */ ++# if 0 + { + 1, + TLS1_TXT_RSA_EXPORT1024_WITH_DES_CBC_SHA, +@@ -1019,7 +1066,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 63 */ ++# if 0 + { + 1, + TLS1_TXT_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA, +@@ -1032,7 +1081,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 64 */ ++# if 0 + { + 1, + TLS1_TXT_RSA_EXPORT1024_WITH_RC4_56_SHA, +@@ -1045,7 +1096,9 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 65 */ ++# if 0 + { + 1, + TLS1_TXT_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA, +@@ -1058,6 +1111,7 @@ + SSL_ALL_CIPHERS, + SSL_ALL_STRENGTHS, + }, ++# endif + /* Cipher 66 */ + { + 1, diff --git a/patches/source/openssl/openssl.optsx86.diff b/patches/source/openssl/openssl.optsx86.diff new file mode 100644 index 000000000..a1a289a20 --- /dev/null +++ b/patches/source/openssl/openssl.optsx86.diff @@ -0,0 +1,11 @@ +--- ./Configure.orig 2005-08-02 03:59:42.000000000 -0700 ++++ ./Configure 2005-10-12 20:04:43.000000000 -0700 +@@ -317,7 +317,7 @@ + "linux-ppc", "gcc:-DB_ENDIAN -DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_RISC1 DES_UNROLL::linux_ppc32.o::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + #### IA-32 targets... + "linux-ia32-icc", "icc:-DL_ENDIAN -DTERMIO -O2 -no_cpprt::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-KPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", +-"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ++"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -mtune=i686 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", + "linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -march=i486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}", + #### + "linux-generic64","gcc:-DTERMIO -O3 -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_UNROLL BF_PTR:${no_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", diff --git a/patches/source/openssl/openssl.soname.diff b/patches/source/openssl/openssl.soname.diff new file mode 100644 index 000000000..f660e93bb --- /dev/null +++ b/patches/source/openssl/openssl.soname.diff @@ -0,0 +1,11 @@ +--- ./Makefile.shared.orig 2005-06-23 13:47:54.000000000 -0700 ++++ ./Makefile.shared 2005-10-12 20:02:28.000000000 -0700 +@@ -151,7 +151,7 @@ + SHLIB_SUFFIX=; \ + ALLSYMSFLAGS='-Wl,--whole-archive'; \ + NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \ +- SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB$$SHLIB_SOVER$$SHLIB_SUFFIX" ++ SHAREDFLAGS="$(CFLAGS) $(SHARED_LDFLAGS) -shared -Wl,-Bsymbolic -Wl,-soname=$$SHLIB.0" + + DO_GNU_APP=LDFLAGS="$(CFLAGS) -Wl,-rpath,$(LIBRPATH)" + diff --git a/patches/source/openssl/slack-desc.openssl b/patches/source/openssl/slack-desc.openssl new file mode 100644 index 000000000..57227c043 --- /dev/null +++ b/patches/source/openssl/slack-desc.openssl @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +openssl: openssl (Secure Sockets Layer toolkit) +openssl: +openssl: The OpenSSL certificate management tool and the shared libraries that +openssl: provide various encryption and decryption algorithms and protocols. +openssl: +openssl: This product includes software developed by the OpenSSL Project for +openssl: use in the OpenSSL Toolkit (http://www.openssl.org). This product +openssl: includes cryptographic software written by Eric Young +openssl: (eay@cryptsoft.com). This product includes software written by Tim +openssl: Hudson (tjh@cryptsoft.com). +openssl: diff --git a/patches/source/openssl/slack-desc.openssl-solibs b/patches/source/openssl/slack-desc.openssl-solibs new file mode 100644 index 000000000..f65bf12c9 --- /dev/null +++ b/patches/source/openssl/slack-desc.openssl-solibs @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +openssl-solibs: openssl-solibs (OpenSSL shared libraries) +openssl-solibs: +openssl-solibs: These shared libraries provide encryption routines required by +openssl-solibs: programs such as openssh. They are also used by KDE's Konqueror web +openssl-solibs: browser to provide secure web connections. +openssl-solibs: +openssl-solibs: This product includes software developed by the OpenSSL Project for +openssl-solibs: use in the OpenSSL Toolkit (http://www.openssl.org). This product +openssl-solibs: includes cryptographic software written by Eric Young +openssl-solibs: (eay@cryptsoft.com). This product includes software written by Tim +openssl-solibs: Hudson (tjh@cryptsoft.com). diff --git a/patches/source/openvpn/README b/patches/source/openvpn/README new file mode 100644 index 000000000..cf2c6602f --- /dev/null +++ b/patches/source/openvpn/README @@ -0,0 +1,26 @@ +OpenVPN is a full-featured SSL VPN which can accomodate a wide +range of configurations, including remote access, site-to-site VPNs, +WiFi security, and enterprise-scale remote access with load +balancing, failover, and fine-grained access-controls. + +OpenVPN implements OSI layer 2 or 3 secure network extension using the +industry standard SSL/TLS protocol, supports flexible client +authentication methods based on certificates, smart cards, and/or +2-factor authentication, and allows user or group-specific access +control policies using firewall rules applied to the VPN virtual +interface. + +This build of OpenVPN depends upon having openssl (not just +openssl-solibs) and lzo installed on your computer. + +Please note that there is no default config file for OpenVPN. This is +by design. OpenVPN can technically use any config file in any location. +However, this script does create an /etc/openvpn/ directory with certs/ +and keys/ subdirectories. Feel free to place config files, keys, and +certificates in these directories. certs/ and keys/ are owned by user +root and group nobody and are not world readable nor writable. +Additionally, they are not writable by group nobody. It is recommended +that you run openvpn nobody:nobody, but you may use another +non-privilaged user and group at your option. Just change the +permissions on these permissions to reflect that if you do. + diff --git a/patches/source/openvpn/doinst.sh b/patches/source/openvpn/doinst.sh new file mode 100644 index 000000000..4b9b133a9 --- /dev/null +++ b/patches/source/openvpn/doinst.sh @@ -0,0 +1,25 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +preserve_perms() { + NEW="$1" + OLD="$(dirname ${NEW})/$(basename ${NEW} .new)" + if [ -e ${OLD} ]; then + cp -a ${OLD} ${NEW}.incoming + cat ${NEW} > ${NEW}.incoming + mv ${NEW}.incoming ${NEW} + fi + config ${NEW} +} + +preserve_perms etc/rc.d/rc.openvpn.new + diff --git a/patches/source/openvpn/openvpn.SlackBuild b/patches/source/openvpn/openvpn.SlackBuild new file mode 100755 index 000000000..fbdcbed1c --- /dev/null +++ b/patches/source/openvpn/openvpn.SlackBuild @@ -0,0 +1,169 @@ +#!/bin/bash + +# Copyright 2006, Alan Hicks, Lizella, GA +# Copyright 2008, 2009, 2010, 2011, 2013, 2016, 2018 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +cd $(dirname $0) ; CWD=$(pwd) + +PKGNAM=openvpn +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz" + exit 0 +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PKGNAM + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PKGNAM-$VERSION +tar xvf $CWD/$PKGNAM-$VERSION.tar.xz || exit 1 +cd $PKGNAM-$VERSION || exit 1 + +# Fix ownership and permissions inside the source tarball. +# It's appalling how many projects have 777 permissions or +# even suid, sgid, and sticky bits set on things. +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc/openvpn \ + --localstatedir=/var \ + --mandir=/usr/man \ + --docdir=/usr/doc/openvpn-${VERSION} \ + --enable-lzo \ + --enable-iproute2 \ + --disable-plugin-auth-pam \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install-strip DESTDIR=$PKG || exit 1 + +# Create a decent config directory. openvpn doesn't have one by +# default, nor does it have a single config file. +mkdir -p $PKG/etc/openvpn/{certs,keys} +chown root:nobody $PKG/etc/openvpn/{certs,keys} +chmod 750 $PKG/etc/openvpn/{certs,keys} + +# Install a startup script: +mkdir -p $PKG/etc/rc.d +cp -a $CWD/rc.openvpn $PKG/etc/rc.d/rc.openvpn.new +chmod 644 $PKG/etc/rc.d/rc.openvpn.new +chown root:root $PKG/etc/rc.d/rc.openvpn.new + +# Let folks know about the other configs, if they haven't found them. +# They might even find the documentation there useful. ;-) +cat << EOF > $PKG/etc/openvpn/README.TXT +One or more OpenVPN config files should be installed in this directory +as files ending in ".conf" (i.e. client.conf, server.conf, etc.). + +Have a look in sample-config-files for some more examples of how to +configure OpenVPN. + +To start OpenVPN, use this command as root: +sh /etc/rc.d/rc.openvpn start + +To make OpenVPN start automatically at boot, change the script permissions: +chmod 755 /etc/rc.d/rc.openvpn + +See "man openvpn" and the other docs for more information. +EOF + +# Add a link, too: +( cd $PKG/etc/openvpn + ln -sf /usr/doc/$PKGNAM-$VERSION/sample-config-files . +) + +if [ -d $PKG/usr/man ]; then +( cd $PKG/usr/man + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +) +fi + +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a AUTHORS COPYING* COPYRIGHT* INSTALL* \ + NEWS PORTS README* sample/sample-config-files sample/sample-keys sample/sample-scripts \ + $PKG/usr/doc/$PKGNAM-$VERSION + +# Install a reasonably generic sample config file: +# (put this in with the other samples) +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files +cp -a $CWD/slackware.conf $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files +chown root:root $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files/slackware.conf +chmod 644 $PKG/usr/doc/$PKGNAM-$VERSION/sample-config-files/slackware.conf + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/$PKGNAM-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/openvpn/openvpn.url b/patches/source/openvpn/openvpn.url new file mode 100644 index 000000000..4c476d874 --- /dev/null +++ b/patches/source/openvpn/openvpn.url @@ -0,0 +1,2 @@ +https://swupdate.openvpn.org/community/releases/openvpn-2.4.6.tar.xz +https://swupdate.openvpn.org/community/releases/openvpn-2.4.6.tar.xz.asc diff --git a/patches/source/openvpn/rc.openvpn b/patches/source/openvpn/rc.openvpn new file mode 100644 index 000000000..86f319225 --- /dev/null +++ b/patches/source/openvpn/rc.openvpn @@ -0,0 +1,111 @@ +#!/bin/sh +# +# /etc/rc.d/rc.openvpn +# +# Start/stop/restart the openvpn daemon. +# +# By default, this script will start/stop/restart a daemon for every *.conf +# file found in /etc/openvpn. +# +# To work with a single connection, add the name of the config file: +# /etc/rc.d/rc.openvpn start configfile.conf +# +# You may also use a config file not found in /etc/openvpn by providing a +# complete path: +# /etc/rc.d/rc.openvpn start /path/to/some/other/configfile.conf +# +# The name of a config file provided with a complete path should not match +# the name of any config file present in the /etc/openvpn directory. + +ovpn_start() { + if [ -x /usr/sbin/openvpn ]; then + if [ -z "$1" ]; then # start OpenVPN for all config files: + if /bin/ls /etc/openvpn/*.conf 1> /dev/null 2> /dev/null ; then + for config in /etc/openvpn/*.conf ; do + echo "Starting OpenVPN: /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $config).pid --user nobody --group nobody --config $config" + /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $config).pid --user nobody --group nobody --config $config + done + else + echo "Unable to start OpenVPN - no .conf files found in /etc/openvpn/." + fi + else # start OpenVPN for one config file: + if [ -r "$1" ]; then + echo "Starting OpenVPN: /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $1).pid --user nobody --group nobody --config $1" + /usr/sbin/openvpn --daemon --writepid /run/openvpn/$(basename $1).pid --user nobody --group nobody --config $1 + else # config file is missing: + echo "Error starting OpenVPN: config file $1 is missing." + fi + fi + fi +} + +ovpn_stop() { + # Note: OpenVPN has a bad habit of leaving stale pid files around when exiting. + # Maybe it would be better to just use killall unless called for one config? + if [ -z "$1" ]; then # stop OpenVPN for all pid files: + if /bin/ls /run/openvpn/*.pid 1> /dev/null 2> /dev/null ; then + for pid in /run/openvpn/*.pid ; do + echo "Stopping OpenVPN for pid file $pid..." + kill $(cat $pid) + rm -f $pid + done + else + echo "Warning: no pid files found in /run/openvpn/. Using killall to stop any OpenVPN processes." + killall openvpn + fi + else # stop OpenVPN for one config file: + if [ -r /run/openvpn/$(basename ${1}).pid ]; then + echo "Stopping OpenVPN for config file ${1}..." + kill $(cat /run/openvpn/$(basename ${1}).pid) + rm -f /run/openvpn/$(basename ${1}).pid + else + echo "Error stopping OpenVPN: no such pid file /run/openvpn/$(basename ${1}).pid" + fi + fi +} + +ovpn_restart() { + if [ ! -z "$1" ]; then # restart for all config files: + ovpn_stop + sleep 2 + ovpn_start + else # restart for one config file only: + ovpn_stop $1 + sleep 2 + ovpn_start $1 + fi +} + +ovpn_status() { + if /bin/ls /run/openvpn/*.pid 1> /dev/null 2> /dev/null ; then + echo "Currently running OpenVPN processes according to .pid files in /run/openvpn:" + for pid in /run/openvpn/*.pid ; do + echo " $(basename $pid) ($(cat $pid))" + done + else + echo "No .pid files found in /run/openvpn." + fi +} + +# Create PID directory if it doesn't exist: +if [ ! -d /run/openvpn ]; then + mkdir -p /run/openvpn +fi + +case "$1" in +'start') + ovpn_start $2 + ;; +'stop') + ovpn_stop $2 + ;; +'restart') + ovpn_restart $2 + ;; +'status') + ovpn_status + ;; +*) + echo "Usage: $0 {start|stop|restart}" +esac + diff --git a/patches/source/openvpn/slack-desc b/patches/source/openvpn/slack-desc new file mode 100644 index 000000000..7ffd6167d --- /dev/null +++ b/patches/source/openvpn/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +openvpn: openvpn (secure IP tunnel daemon) +openvpn: +openvpn: OpenVPN is a full-featured SSL VPN which can accommodate a wide range +openvpn: of configurations, including remote access, site-to-site VPNs, WiFi +openvpn: security, and enterprise-scale remote access with load balancing, +openvpn: failover, and fine-grained access-controls. +openvpn: +openvpn: OpenVPN's home on the net is: http://openvpn.net +openvpn: +openvpn: +openvpn: diff --git a/patches/source/openvpn/slackware.conf b/patches/source/openvpn/slackware.conf new file mode 100644 index 000000000..4314b5441 --- /dev/null +++ b/patches/source/openvpn/slackware.conf @@ -0,0 +1,178 @@ +# openvpn.conf.sample +# +# This is a sample configuration file for OpenVPN. +# Not all options are listed here; you can find good documentation +# about all of the options in OpenVPN's manual page - openvpn(8). +# +# You can make a P-t-P connection by creating a shared key, +# copying this key to other hosts in your network, and changing +# the IP addresses in this file. +# +# Commented options are provided for some typical configurations + +# Change the "search" path to /etc/openvpn +# All files referenced in this configuration will be relative to +# whatever directory is specified here - we default to /etc/openvpn +cd /etc/openvpn + +# If running as a server, which local IP address should OpenVPN +# listen on? Specify this as either a hostname or IP address. If +# this is left blank, OpenVPN will default to listening on all +# interfaces. +#local a.b.c.d + +# This option defines the IP or DNS name of the other side of your VPN +# connection. This option is needed if you are making client or P-t-P +# connections. If you are the server, use "local" instead. This may +# be specified as a domain name or IP address. +#remote vpn.server.org + +# This option defins the protocol to use. Valid options are: +# udp, tcp-server, or tcp-client. Default is udp, and generally +# speaking, tcp is a bad idea. +proto udp + +# This option defines the port on which your server will be listening +# or trying to connect. The default is 1194 +port 1194 + +# This option defines whether to use LZO compression. +# If enabled, it must be enabled at both ends of the VPN connection. +#comp-lzo + +# Debug level (default 1) +#verb 3 + +# VPN logfile location +# If you don't specify a location here, logging will be done through +# syslogd and write to /var/log/messages +log-append /var/log/openvpn.log + +# If you want to use OpenVPN as a daemon, uncomment this line. +# Generally speaking, servers should run OpenVPN as a daemon +# and clients should not. +#daemon + +# Device type to use, you can choose between tun or tap. +# TUN is the most common option. If you have multiple connections, +# it is a good idea to bind each connection to a separate TUN/TAP +# interface using tunX/tapX, where X is the number of each interface. +dev tun + +# This option prevents OpenVPN from closing and re-opening the tun/tap +# device every time it receives a SIGUSR1 signal +#persist-tun + +# This is similar to the previous option, but it prevents OpenVPN from +# re-reading the key files every time +#persist-key + +# If you are using a client-server architecture, you need to specify the +# role of your computer in your VPN network. To use one of these options, +# you need to configure TLS options too. +# +# To use the "server" option, you must specify a network subnet such +# as 172.16.1.0 255.255.255.0. The first number is the network, the +# second is the netmask. OpenVPN will take the first available IP +# for itself (in our example, 172.16.1.1) and the rest will be +# given to connecting clients dynamically. +# +# Leave these commented out if you are using OpenVPN in bridging mode. +# +#server 10.1.2.0 255.255.255.0 +#client + +# This option defines a file with IP address to client mapping. +# This is useful in general, and necessary if clients use persist-tun. +#ifconfig-pool-persist ips.txt + +# Enable this option if you want clients connected to this VPN to be +# able to talk directly to each other +#client-to-client + +# This option defines the directory in which configuration files for clients +# will reside. With individual files you can make each client get different +# options using "push" parameters +#client-config-dir ccd + +# If you are using P-t-P, you need to specify the IP addresses at both ends +# of your VPN connection. The IP addresses are reversed at the other side. +# +# You can use this to specify client IP addresses in ccd files (on server) +# or directly in client configuration +#ifconfig 10.1.2.1 10.1.2.2 + +# You can set routes to specific networks. In the sample below, "vpn_gateway" +# is an internal OpenVPN alias to your VPN gateway - leave it as is. +# This will enable you to talk with the networks behind your VPN server. +# Multiple routes can be specified. +# +# +------------+ <eth>-<tun> <tun>-<eth> +------------+ +# | Network1 |---| VPN1 |--[10.1.2.0/24]--| VPN2 |---| Network2 | +# +------------+ +------+ +------+ +------------+ +# 192.168.0.0/24 192.168.2.0/24 +# +# The sample below shows how VPN1 server can reach Network2 +#route 192.168.2.0 255.255.255.0 vpn_gateway + +# You can send clients many network configuration options using the +# "push" directive and sending commands. +# Multiple "push" directives can be used. You should only put global +# "push" directives here. You can "push" different options to +# different clients in per-client configuration files. See +# "client-config-dir" above. +# +# Using the same network configuration that you see above, the route statment +# here allows VPN2 to reach Network1 +#push "route-delay 2 600" +#push "route 192.168.2.0 255.255.255.0 vpn_gateway" +#push "persist-key" + +# This option sets the encryption algorithm to use in the VPN connection. +# Available options are: +# DES-CBC, RC2-CBC, DES-EDE-CBC, DES-EDE3-CBC, +# DESX-CBC, BF-CBC, RC2-40-CBC, CAST5-CBC, +# RC2-64-CBC, AES-128-CBC, AES-192-CBC and AES-256-CBC +cipher BF-CBC + +# Shared Key Connection +# --------------------- +# Secret is one shared key between the hosts that want to connect through VPNs. +# Without secret or TLS options, your data will not be encrypted. +# +# To generate an encryption key do: +# openvpn --genkey --secret /etc/openvpn/keys/shared.key +# +# Do the above on one host and copy it to the others +secret keys/shared.key + +# TLS Connections +# --------------- +# TLS must be used if you use option "server" or "client" +# The basic idea there is: You have one Certificate Authority, and all +# machines in your VPN network need to have individual certificates and +# keys signed by Certificate Authority. This means each client can +# have its own key, making it easier to revoke a key without copying +# a shared secret key to every client. +# +# Inside the /usr/doc/openvpn-$VERSION documentation directory, you can +# find "easy-rsa" scripts to make certificate and key management easier. + +# Certificate Authority file +# This file must be identical on all hosts that connect to your VPN +#ca certs/ca.crt + +# If you are the server, you need to specify some Diffie Hellman parameters. +# OpenVPN provides some sample .pem files in documentation directory +#dh my-dh.pem + +# Certificate and Key signed by Certificate Authority +# Each machine needs to have their own unique certificate +#cert certs/machine.cert +#key keys/machine.key + +# To prevent some DoS attacks we can add another authentication layer in the +# TLS control channel. This needs to be enabled at both ends to work +# client uses the value 1; server uses the value 0 +#tls-auth keys/shared.key 0 + diff --git a/patches/source/patch/0001-Refuse-to-apply-ed-scripts-by-default.patch b/patches/source/patch/0001-Refuse-to-apply-ed-scripts-by-default.patch new file mode 100644 index 000000000..46d9fcf54 --- /dev/null +++ b/patches/source/patch/0001-Refuse-to-apply-ed-scripts-by-default.patch @@ -0,0 +1,79 @@ +From 5046e5605cf7420d9a11de49bd9fe4851a4ca1d2 Mon Sep 17 00:00:00 2001 +From: Saleem Rashid <dev@saleemrashid.com> +Date: Thu, 5 Apr 2018 22:48:25 +0100 +Subject: [PATCH] Refuse to apply ed scripts by default + +* src/patch.c, src/pch.c: Warn that ed scripts are potentially +dangerous, unless patch is invoked with --force + +This fixes an issue where ed scripts could be included in a patch, executing +arbitrary shell commands without the user's knowledge. + +Original bug report: +https://savannah.gnu.org/bugs/index.php?53566 +--- + src/patch.c | 13 +++++++++++-- + src/pch.c | 11 +++++++++++ + 6 files changed, 62 insertions(+), 5 deletions(-) + +diff --git a/src/patch.c b/src/patch.c +index 0fe6d72..e14a9c4 100644 +--- a/src/patch.c ++++ b/src/patch.c +@@ -781,7 +781,7 @@ static char const *const option_help[] = + " -l --ignore-whitespace Ignore white space changes between patch and input.", + "", + " -c --context Interpret the patch as a context difference.", +-" -e --ed Interpret the patch as an ed script.", ++" -e --ed Interpret the patch as a potentially dangerous ed script. This could allow arbitrary command execution!", + " -n --normal Interpret the patch as a normal difference.", + " -u --unified Interpret the patch as a unified difference.", + "", +@@ -825,7 +825,7 @@ static char const *const option_help[] = + "Miscellaneous options:", + "", + " -t --batch Ask no questions; skip bad-Prereq patches; assume reversed.", +-" -f --force Like -t, but ignore bad-Prereq patches, and assume unreversed.", ++" -f --force Like -t, but ignore bad-Prereq patches, apply potentially dangerous ed scripts, and assume unreversed.", + " -s --quiet --silent Work silently unless an error occurs.", + " --verbose Output extra information about the work being done.", + " --dry-run Do not actually change any files; just print what would happen.", +@@ -1068,6 +1068,15 @@ get_some_switches (void) + } + } + ++ if (! force && diff_type == ED_DIFF) ++ { ++ ask ("Apply potentially dangerous ed script? This could allow arbitrary command execution! [n] "); ++ if (*buf != 'y') ++ { ++ fatal ("Refusing to apply potentially dangerous ed script."); ++ } ++ } ++ + /* Process any filename args. */ + if (optind < Argc) + { +diff --git a/src/pch.c b/src/pch.c +index bc6278c..ab34dd4 100644 +--- a/src/pch.c ++++ b/src/pch.c +@@ -1001,6 +1001,17 @@ intuit_diff_type (bool need_header, mode_t *p_file_type) + instat = st[i]; + } + ++ if (! force && retval == ED_DIFF) ++ { ++ ask ("Apply potentially dangerous ed script? This could allow arbitrary command execution! [n] "); ++ if (*buf != 'y') ++ { ++ if (verbosity != SILENT) ++ say ("Skipping potentially dangerous ed script.\n"); ++ skip_rest_of_patch = true; ++ } ++ } ++ + return retval; + } + + diff --git a/patches/source/patch/patch.SlackBuild b/patches/source/patch/patch.SlackBuild new file mode 100755 index 000000000..2e0a7bec1 --- /dev/null +++ b/patches/source/patch/patch.SlackBuild @@ -0,0 +1,119 @@ +#!/bin/sh + +# Copyright 2005-2009, 2010, 2012, 2015 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=patch +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-patch + +rm -rf $PKG +mkdir -p $TMP $PKG + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +cd $TMP +rm -rf patch-${VERSION} +tar xvf $CWD/patch-${VERSION}.tar.xz || exit 1 +cd patch-${VERSION} || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --mandir=/usr/man \ + --build=$ARCH-slackware-linux + +# Patch CVE-2018-1000156, arbitrary shell command execution by (obsolete) +# ed patch format: +zcat $CWD/0001-Refuse-to-apply-ed-scripts-by-default.patch.gz | patch -p1 --verbose || exit 1 + +make -j4 || make || exit 1 +make install DESTDIR=$PKG + +# Strip everything for good measure: +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null +) + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/patch-${VERSION} +cp -a \ + AUTHORS COPYING* NEWS README* \ + $PKG/usr/doc/patch-${VERSION} + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +makepkg -l y -c n $TMP/patch-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/patch/slack-desc b/patches/source/patch/slack-desc new file mode 100644 index 000000000..5ddba89b5 --- /dev/null +++ b/patches/source/patch/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +patch: patch (apply a diff file to an original file or files) +patch: +patch: Patch is a utility used to apply diffs (or patches) to files, which +patch: are usually source code. +patch: +patch: Larry Wall wrote the original version of patch. Paul Eggert removed +patch: patch's arbitrary limits; added support for binary files, setting +patch: file times, and deleting files; and made it conform better to POSIX. +patch: Other contributors include Wayne Davison, who added unidiff support, +patch: and David MacKenzie, who added configuration and backup support. +patch: diff --git a/patches/source/php/doinst.sh b/patches/source/php/doinst.sh new file mode 100644 index 000000000..eda8b0de9 --- /dev/null +++ b/patches/source/php/doinst.sh @@ -0,0 +1,8 @@ +if [ ! -r etc/httpd/mod_php.conf ]; then + cp -a etc/httpd/mod_php.conf.example etc/httpd/mod_php.conf +elif [ "`cat etc/httpd/mod_php.conf 2> /dev/null`" = "" ]; then + cp -a etc/httpd/mod_php.conf.example etc/httpd/mod_php.conf +fi +if [ ! -r etc/httpd/php.ini ]; then + cp -a etc/httpd/php.ini-production etc/httpd/php.ini +fi diff --git a/patches/source/php/fetch-php.sh b/patches/source/php/fetch-php.sh new file mode 100755 index 000000000..8786664dd --- /dev/null +++ b/patches/source/php/fetch-php.sh @@ -0,0 +1 @@ +lftpget http://us.php.net/distributions/php-5.3.29.tar.bz2 diff --git a/patches/source/php/mod_php.conf.example b/patches/source/php/mod_php.conf.example new file mode 100644 index 000000000..670eb7135 --- /dev/null +++ b/patches/source/php/mod_php.conf.example @@ -0,0 +1,29 @@ +# +# mod_php - PHP Hypertext Preprocessor module +# + +# Load the PHP module: +LoadModule php5_module lib/httpd/modules/libphp5.so + +# Tell Apache to feed all *.php files through PHP. If you'd like to +# parse PHP embedded in files with different extensions, comment out +# these lines and see the example below. +<FilesMatch \.php$> + SetHandler application/x-httpd-php +</FilesMatch> + +# Tell Apache to feed all *.php, *.html, and *.htm files through +# the PHP module. Add or subtract extensions here as desired. Please +# note that running pages through PHP for no reason can be both slow +# and insecure, so be sure to know what you're doing. It's a convenient +# shortcut, but probably isn't suitible for high-traffic sites if you +# write any of your pages in straight HTML. +#<FilesMatch "\.(php|html|htm)$"> +# SetHandler application/x-httpd-php +#</FilesMatch> + +# This will display PHP files in colored syntax form. Use with caution. +#<FilesMatch "\.phps$"> +# SetHandler application/x-httpd-php-source +#</FilesMatch> + diff --git a/patches/source/php/php.SlackBuild b/patches/source/php/php.SlackBuild new file mode 100755 index 000000000..1fb7a7de5 --- /dev/null +++ b/patches/source/php/php.SlackBuild @@ -0,0 +1,301 @@ +#!/bin/sh + +# Build and package mod_php on Slackware. +# by: David Cantrell <david@slackware.com> +# Modified for PHP 4-5 by volkerdi@slackware.com +# Copyright 2007, 2008, 2009, 2010, 2011, 2012 Patrick Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo php-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +ALPINE=2.00 +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-php/ +rm -rf $PKG +mkdir -p $TMP $PKG + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +# we need to compile alpine to get c-client.a for IMAP support: +IMAPLIBDIR=/usr/local/lib${LIBDIRSUFFIX}/c-client +if [ -r $IMAPLIBDIR/lib${LIBDIRSUFFIX}/c-client.a ]; then + echo "Using IMAP library:" + ls -l $IMAPLIBDIR/lib${LIBDIRSUFFIX}/c-client.a + sleep 5 +else + ( cd $CWD/../alpine ; ./alpine.SlackBuild || exit 1 ) || exit 1 + ( cd $TMP/alpine-${ALPINE}/imap/c-client + strip -g c-client.a + mkdir -p $IMAPLIBDIR/lib${LIBDIRSUFFIX} + cp c-client.a $IMAPLIBDIR/lib${LIBDIRSUFFIX} + mkdir -p $IMAPLIBDIR/include + cp *.h $IMAPLIBDIR/include + ) +fi + +mkdir -p $PKG/etc/httpd +mkdir -p $PKG/etc/php +# A trick from DaMouse to enable building php into $PKG. +# We'll remove this later on. +cat /etc/httpd/original/httpd.conf > $PKG/etc/httpd/httpd.conf +if [ ! -e /etc/httpd/original/httpd.conf ]; then + echo "FATAL: no /etc/httpd/original/httpd.conf found." + exit 1 +fi + +cd $TMP +rm -rf php-$VERSION +tar xvf $CWD/php-$VERSION.tar.?z* || exit 1 +cd php-$VERSION + +# cleanup: +find . -name "*.orig" -delete + +# Add missing(?) PEAR modules back: +if [ -d php-$VERSION/pear/packages ]; then + ( cd php-$VERSION/pear/packages + cp -a $CWD/pear/*.bz2 . 2> /dev/null + bzip2 -d *.bz2 2> /dev/null + ) +fi + +if [ "$ARCH" = "s390" ]; then + zcat $CWD/php.configure.s390.diff.gz | patch -p1 || exit +fi + +# Fixup perms/owners: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +find . -name "*.h" -exec chmod 644 {} \; + +# Sometimes they ship a few of these: +find . -name "*.orig" -exec rm {} \; + +# Patch ini files: +zcat $CWD/php.ini-development.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/php.ini-development.diff.gz | patch -p1 --verbose php.ini-production || exit 1 +zcat $CWD/php.session.save_path.diff.gz | patch -p1 --verbose || exit 1 + +# Generic "kitchen sink" configure function, with as many things as possible (and +# maybe then some ;-) compiled as shared extensions: +php_configure() { +EXTENSION_DIR=/usr/lib${LIBDIRSUFFIX}/php/extensions \ +CFLAGS="$SLKCFLAGS" \ +./configure \ + $* \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-libdir=lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --disable-safe-mode \ + --disable-magic-quotes \ + --enable-zend-multibyte \ + --enable-mbregex \ + --enable-tokenizer=shared \ + --with-config-file-scan-dir=/etc/php \ + --with-config-file-path=/etc/httpd \ + --enable-mod_charset \ + --with-layout=PHP \ + --enable-sigchild \ + --enable-xml \ + --with-libxml-dir=/usr \ + --enable-simplexml \ + --enable-filter \ + --disable-debug \ + --with-openssl=shared \ + --with-pcre-regex=/usr \ + --with-zlib=shared,/usr \ + --enable-bcmath=shared \ + --with-bz2=shared,/usr \ + --enable-calendar=shared \ + --enable-ctype=shared \ + --with-curl=shared \ + --with-curlwrappers \ + --with-mcrypt=/usr \ + --enable-dba=shared \ + --with-gdbm=/usr \ + --with-db4=/usr \ + --enable-exif=shared \ + --enable-ftp=shared \ + --with-gd=shared \ + --with-jpeg-dir=/usr \ + --with-png-dir=/usr \ + --with-zlib-dir=/usr \ + --with-xpm-dir=/usr \ + --with-freetype-dir=/usr \ + --with-t1lib=/usr \ + --enable-gd-native-ttf \ + --enable-gd-jis-conv \ + --with-gettext=shared,/usr \ + --with-gmp=shared,/usr \ + --with-iconv=shared \ + --with-imap-ssl=/usr \ + --with-imap=$IMAPLIBDIR \ + --with-ldap=shared \ + --enable-mbstring=shared \ + --enable-hash \ + --with-mysql=shared,mysqlnd \ + --with-mysqli=shared,mysqlnd \ + --with-mysql-sock=/var/run/mysql/mysql.sock \ + --enable-pdo=shared \ + --with-pdo-mysql=shared,mysqlnd \ + --with-pdo-sqlite=shared,/usr \ + --with-pspell=shared,/usr \ + --with-enchant=shared,/usr \ + --with-mm=/usr \ + --enable-shmop=shared \ + --with-snmp=shared,/usr \ + --enable-soap=shared \ + --enable-sockets \ + --with-sqlite=shared \ + --with-sqlite3=shared \ + --enable-sqlite-utf8 \ + --with-regex=php \ + --enable-sysvmsg \ + --enable-sysvsem \ + --enable-sysvshm \ + --enable-wddx=shared \ + --with-xsl=shared,/usr \ + --enable-zip=shared \ + --with-tsrm-pthreads \ + --enable-shared=yes \ + --enable-static=no \ + --with-gnu-ld \ + --with-pic \ + --build=$ARCH-slackware-linux +} + +# I am told this option is worse than nothing. :-) +# --enable-safe-mode +# +# I would recommend *against* and will take no responbility for turning on +# "safe" mode. + +# Make the Apache2 module version of PHP: +php_configure \ + --with-apxs2=/usr/sbin/apxs +make $NUMJOBS || make || exit 1 +make install INSTALL_ROOT=$PKG || exit 1 + +# Make the CLI/CGI version of PHP: +make distclean +php_configure \ + --enable-pcntl \ + --enable-sigchild +make $NUMJOBS || make || exit 1 +mkdir -p $PKG/usr/bin +cat ./sapi/cli/php > $PKG/usr/bin/php +cat ./sapi/cgi/php-cgi > $PKG/usr/bin/php-cgi +chmod 755 $PKG/usr/bin/php +chmod 755 $PKG/usr/bin/php-cgi + +# PHP (used to) install Pear with some strange permissions. +chmod 755 $PKG/usr/bin/pear + +# PHP sometimes puts junk in the root directory: +( cd $PKG + rm -rf .channels .depdb .depdblock .filemap .lock .registry +) + +# Fix $PKG/usr/lib/php perms: +( cd $PKG/usr/lib${LIBDIRSUFFIX}/php + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +) + +mkdir -p $PKG/usr/doc/php-$VERSION +cp -a \ + CODING_STANDARDS CREDITS EXTENSIONS INSTALL LICENSE NEWS README* TODO* UPGRADING* \ + sapi/cgi/README.FastCGI \ + $PKG/usr/doc/php-$VERSION +chown -R root:root $PKG/usr/doc/php-$VERSION +chmod 644 $PKG/usr/doc/php-$VERSION/UPGRADING* + +mkdir -p $PKG/etc/httpd +cp -a php.ini-development php.ini-production $PKG/etc/httpd +cat $CWD/mod_php.conf.example | sed -e "s#lib/httpd#lib${LIBDIRSUFFIX}/httpd#" \ + > $PKG/etc/httpd/mod_php.conf.example +chmod 644 $PKG/etc/httpd/* +chown root:root $PKG/etc/httpd/* + +# This can go now. +rm -f $PKG/etc/httpd/httpd* + +# Session directory for PHP: +mkdir -p $PKG/var/lib/php +chmod 770 $PKG/var/lib/php +chown root:apache $PKG/var/lib/php + +# Strip ELF objects. +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +gzip -9 $PKG/usr/man/man?/*.? + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +#if [ -d "$IMAPLIBDIR" ]; then +# ( cd $IMAPLIBDIR && rm -rf * ) +# rmdir $IMAPLIBDIR +#fi + +cd $PKG +/sbin/makepkg -l y -c n $TMP/php-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/php/php.ini-development.diff b/patches/source/php/php.ini-development.diff new file mode 100644 index 000000000..49b441e6b --- /dev/null +++ b/patches/source/php/php.ini-development.diff @@ -0,0 +1,47 @@ +--- ./php.ini-development.orig 2011-02-08 18:25:44.000000000 -0600 ++++ ./php.ini-development 2011-04-01 22:42:50.000000000 -0500 +@@ -938,6 +938,44 @@ + ; If you only provide the name of the extension, PHP will look for it in its + ; default extension directory. + ; ++ ++; These are the extensions that are available for use on this PHP build. ++; If you do NOT need any of these extensions, you should comment them out. ++; That will probably increase both your security and performance. ++ ++extension=bcmath.so ++extension=bz2.so ++extension=calendar.so ++extension=ctype.so ++extension=curl.so ++extension=dba.so ++extension=enchant.so ++extension=exif.so ++extension=ftp.so ++extension=gd.so ++extension=gettext.so ++extension=gmp.so ++extension=iconv.so ++extension=ldap.so ++extension=mbstring.so ++extension=mysql.so ++extension=mysqli.so ++extension=openssl.so ++extension=pdo.so ++extension=pdo_mysql.so ++extension=pdo_sqlite.so ++extension=pspell.so ++extension=shmop.so ++extension=snmp.so ++extension=soap.so ++extension=sqlite.so ++extension=sqlite3.so ++extension=tokenizer.so ++extension=wddx.so ++extension=xsl.so ++extension=zip.so ++extension=zlib.so ++ + ; Windows Extensions + ; Note that ODBC support is built in, so no dll is needed for it. + ; Note that many DLL files are located in the extensions/ (PHP 4) ext/ (PHP 5) diff --git a/patches/source/php/php.session.save_path.diff b/patches/source/php/php.session.save_path.diff new file mode 100644 index 000000000..60d6f072e --- /dev/null +++ b/patches/source/php/php.session.save_path.diff @@ -0,0 +1,22 @@ +--- ./php.ini-development.orig 2011-04-14 14:26:44.551000001 -0500 ++++ ./php.ini-development 2011-04-14 14:38:48.591000954 -0500 +@@ -1506,7 +1506,7 @@ + ; where MODE is the octal representation of the mode. Note that this + ; does not overwrite the process's umask. + ; http://php.net/session.save-path +-;session.save_path = "/tmp" ++session.save_path = "/var/lib/php" + + ; Whether to use cookies. + ; http://php.net/session.use-cookies +--- ./php.ini-production.orig 2011-04-14 14:26:44.558000001 -0500 ++++ ./php.ini-production 2011-04-14 14:39:09.598999155 -0500 +@@ -1513,7 +1513,7 @@ + ; where MODE is the octal representation of the mode. Note that this + ; does not overwrite the process's umask. + ; http://php.net/session.save-path +-;session.save_path = "/tmp" ++session.save_path = "/var/lib/php" + + ; Whether to use cookies. + ; http://php.net/session.use-cookies diff --git a/patches/source/php/slack-desc b/patches/source/php/slack-desc new file mode 100644 index 000000000..fe14da6d6 --- /dev/null +++ b/patches/source/php/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +php: php (HTML-embedded scripting language) +php: +php: PHP is an HTML-embedded scripting language. It shares syntax +php: characteristics with C, Java, and Perl. The primary objective behind +php: this language is to make a fast and easy-to-use scripting language +php: for dynamic web sites. +php: +php: More information can be found online at http://www.php.net/ +php: +php: +php: diff --git a/patches/source/pidgin/pidgin.SlackBuild b/patches/source/pidgin/pidgin.SlackBuild new file mode 100755 index 000000000..3df32450a --- /dev/null +++ b/patches/source/pidgin/pidgin.SlackBuild @@ -0,0 +1,224 @@ +#!/bin/sh + +# Copyright 2006, 2007, 2008, 2009, 2010, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=pidgin +VERSION=${VERSION:-$(echo $PKGNAM-2.*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +PIDGINENC=${PIDGINENC:-3.1} +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j6 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" + ARCHQUADLET="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" + ARCHQUADLET="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" + ARCHQUADLET="" +elif [ "$ARCH" = "arm" ]; then + SLKCFLAGS="-O2 -march=armv4t" + LIBDIRSUFFIX="" + ARCHQUADLET="-gnueabi" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" + ARCHQUADLET="" +fi + +cd $TMP +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.?z* || exit 1 +cd ${PKGNAM}-$VERSION || exit 1 + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Allow certificates signed with rsa-md5: +zcat $CWD/purple-allow-sign-rsa-md5.patch.gz | patch -p0 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --enable-dot=no \ + --disable-schemas-install \ + --enable-dbus \ + --enable-gnutls=yes \ + --enable-nss=no \ + --disable-vv \ + --enable-gtkspell \ + --enable-cyrus-sasl \ + --enable-perl \ + --disable-meanwhile \ + --disable-avahi \ + --disable-nm \ + --program-prefix= \ + --program-suffix= \ + --build=$ARCH-slackware-linux$ARCHQUADLET || exit 1 + +# Fix install location: +grep -lr -- "lib/perl" . | xargs sed -i 's?lib/perl?lib'"$LIBDIRSUFFIX"'/perl?g' + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Fix misplaced items: +eval $(perl '-V:archlib') +eval $(perl '-V:privlib') +VENDORPERL="$(echo $archlib | sed -e "s/perl5/perl5\/vendor_perl/")" + +mkdir -vpm755 $PKG/$VENDORPERL/ +find $PKG -type f -name perllocal.pod -exec mv -fv {} $PKG/$VENDORPERL/Pidgin.pod \; +# Fix install location for 64bit: +sed -i 's?/lib/perl?/lib'"$LIBDIRSUFFIX"'/perl?g' $PKG/$VENDORPERL/Pidgin.pod +mkdir -p $PKG/usr/man/man3 +find $PKG/usr/share/man -type f -name *.3 -exec mv -fv {} $PKG/usr/man/man3 \; +rm -rf $PKG/usr/share/man +rm -r $PKG$privlib +# This is empty: +rmdir $PKG/usr/lib$LIBDIRSUFFIX/perl[0-9]*/$ARCH-linux-thread-multi/ + +# In case of unwanted junk dirs on 64-bit... this may fail, but doesn't hurt: +rmdir $PKG/usr/lib/perl[0-9]*/$ARCH-linux-thread-multi/ +rmdir $PKG/usr/lib/perl[0-9]* +rmdir $PKG/usr/lib + +# This removes our DESTDIR from the packlist filenames, to keep perl's +# internal inventories consistent and correct. +find $PKG -name .packlist | while read plist ; do + sed -e "s%/share/man%/man%g" \ + -e "s%$PKG%%g" \ + -e "s%\.1$%\.1\.gz%g" \ + -e "s%\.2$%\.2\.gz%g" \ + -e "s%\.3$%\.3\.gz%g" \ + -e "s%\.3pm$%\.3pm\.gz%g" \ + -e "s%\.4$%\.4\.gz%g" \ + -e "s%\.5$%\.5\.gz%g" \ + -e "s%\.6$%\.6\.gz%g" \ + -e "s%\.7$%\.7\.gz%g" \ + -e "s%\.8$%\.8\.gz%g" \ + ${plist} > ${plist}.new + mv -f ${plist}.new ${plist} +done + +### add gaim-encryption +( cd $TMP + rm -rf pidgin-encryption-$PIDGINENC + tar xvf $CWD/pidgin-encryption-$PIDGINENC.tar.gz || exit 1 + cd pidgin-encryption-$PIDGINENC + PIDGIN_CFLAGS="-I${PKG}/usr/include/pidgin" \ + PIDGIN_LIBS="-L${PKG}/usr/lib${LIBDIRSUFFIX}" \ + PURPLE_CFLAGS="-I${PKG}/usr/include/libpurple" \ + PURPLE_LIBS="-L${PKG}/usr/lib${LIBDIRSUFFIX}" \ + ./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --disable-static \ + --with-nss-includes=/usr/include/seamonkey/nss \ + --with-nspr-includes=/usr/include/seamonkey/nspr \ + --with-nss-libs=/usr/lib${LIBDIRSUFFIX}/seamonkey/ \ + --with-nspr-libs=/usr/lib${LIBDIRSUFFIX}/seamonkey/ \ + --program-prefix="" \ + --program-suffix="" \ + --build=$ARCH-slackware-linux$ARCHQUADLET || exit 1 + + # Fix install location: + grep -lr -- "lib/perl" . | xargs sed -i 's?lib/perl?lib'"$LIBDIRSUFFIX"'/perl?g' + + make $NUMJOBS || make || exit 1 + make install DESTDIR=$PKG || exit 1 +) || exit 1 +### end add gaim-encryption + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) +fi + +# Compress info files, if any: +if [ -d $PKG/usr/info ]; then + ( cd $PKG/usr/info + rm -f dir + gzip -9 * + ) +fi + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a \ + AUTHORS COPYING COPYRIGHT HACKING INSTALL NEWS PLUGIN_HOWTO README* doc \ + $PKG/usr/doc/${PKGNAM}-$VERSION +( cd $PKG/usr/doc/${PKGNAM}-$VERSION/doc + rm -f Makefile* *.dox *.1 *.in +) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/pidgin/purple-allow-sign-rsa-md5.patch b/patches/source/pidgin/purple-allow-sign-rsa-md5.patch new file mode 100644 index 000000000..d882a6e84 --- /dev/null +++ b/patches/source/pidgin/purple-allow-sign-rsa-md5.patch @@ -0,0 +1,12 @@ +--- libpurple/plugins/ssl/ssl-gnutls.c.old 2008-10-17 18:58:31.000000000 +0200 ++++ libpurple/plugins/ssl/ssl-gnutls.c 2008-10-17 18:53:03.000000000 +0200 +@@ -693,7 +693,8 @@ + (Verisign and possibly others have + root certificates that predate the + current standard) */ +- GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT, ++ GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT ++ | GNUTLS_VERIFY_ALLOW_SIGN_RSA_MD5, + &verify); + + if (ret != 0) { diff --git a/patches/source/pidgin/slack-desc b/patches/source/pidgin/slack-desc new file mode 100644 index 000000000..a9aabca14 --- /dev/null +++ b/patches/source/pidgin/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +pidgin: pidgin (GTK+ instant messaging program) +pidgin: +pidgin: Pidgin allows you to talk to anyone using a variety of messaging +pidgin: protocols, including AIM (Oscar and TOC), ICQ, IRC, Yahoo!, MSN +pidgin: Messenger, Jabber, Gadu-Gadu, Napster, and Zephyr. These protocols +pidgin: are implemented using a modular, easy to use design. To use a +pidgin: protocol, just load the plugin for it. +pidgin: +pidgin: For more info, see: http://www.pidgin.im +pidgin: +pidgin: diff --git a/patches/source/poppler/poppler-0.10.7.CVE-2009-3603_3604_3605_3606_3608_3609.diff b/patches/source/poppler/poppler-0.10.7.CVE-2009-3603_3604_3605_3606_3608_3609.diff new file mode 100644 index 000000000..ac9eda9c0 --- /dev/null +++ b/patches/source/poppler/poppler-0.10.7.CVE-2009-3603_3604_3605_3606_3608_3609.diff @@ -0,0 +1,213 @@ +--- ./splash/SplashErrorCodes.h.orig 2009-05-02 07:14:56.000000000 -0500 ++++ ./splash/SplashErrorCodes.h 2009-10-28 16:42:00.000000000 -0500 +@@ -41,6 +41,8 @@ + + #define splashErrSingularMatrix 8 // matrix is singular + ++#define splashErrBadArg 9 // bad argument ++ + #define splashErrZeroImage 9 // image of 0x0 + + #endif +--- ./splash/SplashBitmap.cc.orig 2009-05-02 07:14:57.000000000 -0500 ++++ ./splash/SplashBitmap.cc 2009-10-28 16:44:24.000000000 -0500 +@@ -26,6 +26,7 @@ + #endif + + #include <stdio.h> ++#include <limits.h> + #include "goo/gmem.h" + #include "SplashErrorCodes.h" + #include "SplashBitmap.h" +@@ -42,33 +43,55 @@ + mode = modeA; + switch (mode) { + case splashModeMono1: +- rowSize = (width + 7) >> 3; ++ if (width > 0) { ++ rowSize = (width + 7) >> 3; ++ } else { ++ rowSize = -1; ++ } + break; + case splashModeMono8: +- rowSize = width; ++ if (width > 0) { ++ rowSize = width; ++ } else { ++ rowSize = -1; ++ } + break; + case splashModeRGB8: + case splashModeBGR8: +- rowSize = width * 3; ++ if (width > 0 && width <= INT_MAX / 3) { ++ rowSize = width * 3; ++ } else { ++ rowSize = -1; ++ } + break; + case splashModeXBGR8: +- rowSize = width * 4; ++ if (width > 0 && width <= INT_MAX / 4) { ++ rowSize = width * 4; ++ } else { ++ rowSize = -1; ++ } + break; + #if SPLASH_CMYK + case splashModeCMYK8: +- rowSize = width * 4; ++ if (width > 0 && width <= INT_MAX / 4) { ++ rowSize = width * 4; ++ } else { ++ rowSize = -1; ++ } + break; + #endif + } +- rowSize += rowPad - 1; +- rowSize -= rowSize % rowPad; +- data = (SplashColorPtr)gmallocn(rowSize, height); ++ if (rowSize > 0) { ++ rowSize += rowPad - 1; ++ rowSize -= rowSize % rowPad; ++ } ++ data = (SplashColorPtr)gmallocn(height, rowSize); + if (!topDown) { + data += (height - 1) * rowSize; + rowSize = -rowSize; + } + if (alphaA) { +- alpha = (Guchar *)gmalloc(width * height); ++ alpha = (Guchar *)gmallocn(width, height); + } else { + alpha = NULL; + } +--- ./splash/Splash.cc.orig 2009-05-02 07:14:57.000000000 -0500 ++++ ./splash/Splash.cc 2009-10-28 16:42:00.000000000 -0500 +@@ -27,6 +27,7 @@ + + #include <stdlib.h> + #include <string.h> ++#include <limits.h> + #include "goo/gmem.h" + #include "SplashErrorCodes.h" + #include "SplashMath.h" +@@ -2001,7 +2002,10 @@ + xq = w % scaledWidth; + + // allocate pixel buffer +- pixBuf = (SplashColorPtr)gmalloc((yp + 1) * w); ++ if (yp < 0 || yp > INT_MAX - 1) { ++ return splashErrBadArg; ++ } ++ pixBuf = (SplashColorPtr)gmallocn(yp + 1, w); + + // initialize the pixel pipe + pipeInit(&pipe, 0, 0, state->fillPattern, NULL, state->fillAlpha, +@@ -2301,9 +2305,12 @@ + xq = w % scaledWidth; + + // allocate pixel buffers +- colorBuf = (SplashColorPtr)gmalloc((yp + 1) * w * nComps); ++ if (yp < 0 || yp > INT_MAX - 1 || w > INT_MAX / nComps) { ++ return splashErrBadArg; ++ } ++ colorBuf = (SplashColorPtr)gmallocn(yp + 1, w * nComps); + if (srcAlpha) { +- alphaBuf = (Guchar *)gmalloc((yp + 1) * w); ++ alphaBuf = (Guchar *)gmallocn(yp + 1, w); + } else { + alphaBuf = NULL; + } +--- ./poppler/XRef.cc.orig 2009-05-02 07:14:57.000000000 -0500 ++++ ./poppler/XRef.cc 2009-10-28 16:42:00.000000000 -0500 +@@ -76,6 +76,8 @@ + // generation 0. + ObjectStream(XRef *xref, int objStrNumA); + ++ GBool isOk() { return ok; } ++ + ~ObjectStream(); + + // Return the object number of this object stream. +@@ -91,6 +93,7 @@ + int nObjects; // number of objects in the stream + Object *objs; // the objects (length = nObjects) + int *objNums; // the object numbers (length = nObjects) ++ GBool ok; + }; + + ObjectStream::ObjectStream(XRef *xref, int objStrNumA) { +@@ -104,6 +107,7 @@ + nObjects = 0; + objs = NULL; + objNums = NULL; ++ ok = gFalse; + + if (!xref->fetch(objStrNum, 0, &objStr)->isStream()) { + goto err1; +@@ -134,6 +138,13 @@ + goto err1; + } + ++ // this is an arbitrary limit to avoid integer overflow problems ++ // in the 'new Object[nObjects]' call (Acrobat apparently limits ++ // object streams to 100-200 objects) ++ if (nObjects > 1000000) { ++ error(-1, "Too many objects in an object stream"); ++ goto err1; ++ } + objs = new Object[nObjects]; + objNums = (int *)gmallocn(nObjects, sizeof(int)); + offsets = (int *)gmallocn(nObjects, sizeof(int)); +@@ -190,10 +201,10 @@ + } + + gfree(offsets); ++ ok = gTrue; + + err1: + objStr.free(); +- return; + } + + ObjectStream::~ObjectStream() { +@@ -970,6 +981,11 @@ + delete objStr; + } + objStr = new ObjectStream(this, e->offset); ++ if (!objStr->isOk()) { ++ delete objStr; ++ objStr = NULL; ++ goto err; ++ } + } + objStr->getObject(e->gen, num, obj); + break; +--- ./poppler/PSOutputDev.cc.orig 2009-05-02 07:14:57.000000000 -0500 ++++ ./poppler/PSOutputDev.cc 2009-10-28 16:42:00.000000000 -0500 +@@ -4502,7 +4502,8 @@ + width, -height, height); + + // allocate a line buffer +- lineBuf = (Guchar *)gmalloc(4 * width); ++ lineBuf = (Guchar *)gmallocn(width, 4); ++ + + // set up to process the data stream + imgStr = new ImageStream(str, width, colorMap->getNumPixelComps(), +--- ./poppler/Stream.cc.orig 2009-05-16 10:27:41.000000000 -0500 ++++ ./poppler/Stream.cc 2009-10-28 16:42:00.000000000 -0500 +@@ -403,6 +403,10 @@ + } else { + imgLineSize = nVals; + } ++ if (width > INT_MAX / nComps) { ++ // force a call to gmallocn(-1,...), which will throw an exception ++ imgLineSize = -1; ++ } + imgLine = (Guchar *)gmallocn(imgLineSize, sizeof(Guchar)); + imgIdx = nVals; + } diff --git a/patches/source/poppler/poppler-0.12.4-CVE-2010-3702.patch b/patches/source/poppler/poppler-0.12.4-CVE-2010-3702.patch new file mode 100644 index 000000000..9875b5a53 --- /dev/null +++ b/patches/source/poppler/poppler-0.12.4-CVE-2010-3702.patch @@ -0,0 +1,18 @@ +--- poppler-0.12.4/poppler/Gfx.cc 2010-01-23 00:54:42.000000000 +0100 ++++ poppler-0.12.4/poppler/Gfx.cc 2010-10-06 13:35:27.000000000 +0200 +@@ -518,6 +518,7 @@ Gfx::Gfx(XRef *xrefA, OutputDev *outA, i + drawText = gFalse; + maskHaveCSPattern = gFalse; + mcStack = NULL; ++ parser = NULL; + + // start the resource stack + res = new GfxResources(xref, resDict, NULL); +@@ -570,6 +571,7 @@ Gfx::Gfx(XRef *xrefA, OutputDev *outA, D + drawText = gFalse; + maskHaveCSPattern = gFalse; + mcStack = NULL; ++ parser = NULL; + + // start the resource stack + res = new GfxResources(xref, resDict, NULL); diff --git a/patches/source/poppler/poppler-0.12.4-CVE-2010-3703.patch b/patches/source/poppler/poppler-0.12.4-CVE-2010-3703.patch new file mode 100644 index 000000000..565a45ba0 --- /dev/null +++ b/patches/source/poppler/poppler-0.12.4-CVE-2010-3703.patch @@ -0,0 +1,10 @@ +--- poppler-0.12.4/poppler/Function.cc 2010-01-17 01:06:57.000000000 +0100 ++++ poppler-0.12.4/poppler/Function.cc 2010-10-06 13:40:22.000000000 +0200 +@@ -1106,6 +1106,7 @@ PostScriptFunction::PostScriptFunction(O + code = NULL; + codeString = NULL; + codeSize = 0; ++ stack = NULL; + ok = gFalse; + cache = new PopplerCache(5); + diff --git a/patches/source/poppler/poppler-0.12.4-CVE-2010-3704.patch b/patches/source/poppler/poppler-0.12.4-CVE-2010-3704.patch new file mode 100644 index 000000000..bfd5f41b0 --- /dev/null +++ b/patches/source/poppler/poppler-0.12.4-CVE-2010-3704.patch @@ -0,0 +1,20 @@ +--- poppler-0.12.4/fofi/FoFiType1.cc 2010-01-17 01:06:57.000000000 +0100 ++++ poppler-0.12.4/fofi/FoFiType1.cc 2010-10-06 13:37:39.000000000 +0200 +@@ -13,7 +13,7 @@ + // All changes made under the Poppler project to this file are licensed + // under GPL version 2 or later + // +-// Copyright (C) 2005, 2008 Albert Astals Cid <aacid@kde.org> ++// Copyright (C) 2005, 2008, 2010 Albert Astals Cid <aacid@kde.org> + // Copyright (C) 2005 Kristian Høgsberg <krh@redhat.com> + // + // To see a description of the changes please see the Changelog file that +@@ -241,7 +242,7 @@ void FoFiType1::parse() { + code = code * 8 + (*p2 - '0'); + } + } +- if (code < 256) { ++ if (code < 256 && code >= 0) { + for (p = p2; *p == ' ' || *p == '\t'; ++p) ; + if (*p == '/') { + ++p; diff --git a/patches/source/poppler/poppler.SlackBuild b/patches/source/poppler/poppler.SlackBuild new file mode 100755 index 000000000..7fb3791d1 --- /dev/null +++ b/patches/source/poppler/poppler.SlackBuild @@ -0,0 +1,120 @@ +#!/bin/sh + +# Copyright 2006, 2007, 2008, 2009 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=poppler +VERSION=${VERSION:-0.10.7} +BUILD=${BUILD:-3_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP || exit 1 +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.?z* || exit 1 +cd ${PKGNAM}-$VERSION || exit 1 + +zcat $CWD/poppler-0.10.7.CVE-2009-3603_3604_3605_3606_3608_3609.diff.gz | patch -p1 --verbose || exit 1 + +zcat $CWD/poppler-0.12.4-CVE-2010-3702.patch.gz | patch -p1 --verbose || exit 1 +# minor crash fix that does not apply to this poppler version: +#zcat $CWD/poppler-0.12.4-CVE-2010-3703.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/poppler-0.12.4-CVE-2010-3704.patch.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --enable-xpdf-headers \ + --enable-poppler-qt4 \ + --enable-cairo-output \ + --mandir=/usr/man \ + --disable-static \ + --enable-zlib \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a AUTHORS COPYING* INSTALL NEWS README README-XPDF TODO \ + $PKG/usr/doc/${PKGNAM}-$VERSION +( cd $PKG/usr/doc/${PKGNAM}-$VERSION + ln -s /usr/share/gtk-doc/html/poppler html ) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/poppler/slack-desc b/patches/source/poppler/slack-desc new file mode 100644 index 000000000..9d5891d8a --- /dev/null +++ b/patches/source/poppler/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +poppler: poppler (a library for rendering PDF documents) +poppler: +poppler: Poppler is a library based on the xpdf PDF viewer developed by Derek +poppler: Noonburg of Glyph and Cog, LLC. Since xpdf does not provide a shared +poppler: library, whenever a flaw was found potentially dozens of applications +poppler: incorporating code from xpdf would have to be patched. By providing +poppler: a centralized PDF library this duplicated effort will be eliminated. +poppler: +poppler: +poppler: +poppler: diff --git a/patches/source/ppp/doinst.sh b/patches/source/ppp/doinst.sh new file mode 100644 index 000000000..54facc41c --- /dev/null +++ b/patches/source/ppp/doinst.sh @@ -0,0 +1,21 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/ppp/chap-secrets.new +config etc/ppp/options.new +config etc/ppp/pap-secrets.new + +config etc/radiusclient/issue.new +config etc/radiusclient/radiusclient.conf.new +config etc/radiusclient/realms.new +config etc/radiusclient/servers.new + diff --git a/patches/source/ppp/options.new b/patches/source/ppp/options.new new file mode 100644 index 000000000..2a0286576 --- /dev/null +++ b/patches/source/ppp/options.new @@ -0,0 +1,276 @@ +# /etc/ppp/options +# +# $Id: options,v 1.4 1996/05/01 18:57:04 alvar Exp $ +# +# Originally created by Jim Knoble <jmknoble@mercury.interpath.net> +# Modified for Debian by alvar Bray <alvar@meiko.co.uk> +# Modified for PPP Server setup by Christoph Lameter <clameter@debian.org> +# Modified for Slackware by Pat Volkerding <volkerdi@slackware.com> +# +# Use the command egrep -v '#|^ *$' /etc/ppp/options to quickly see what +# options are active in this file. + +# Specify which DNS Servers the incoming Win95 or WinNT Connection should use +# Two Servers can be remotely configured +# dns-addr 192.168.1.1 +# dns-addr 192.168.1.2 + +# Specify which WINS Servers the incoming connection Win95 or WinNT should use +# wins-addr 192.168.1.50 +# wins-addr 192.168.1.51 + +# Run the executable or shell command specified after pppd has +# terminated the link. This script could, for example, issue commands +# to the modem to cause it to hang up if hardware modem control signals +# were not available. +#disconnect "chat -- \d+++\d\c OK ath0 OK" + +# async character map -- 32-bit hex; each bit is a character +# that needs to be escaped for pppd to receive it. 0x00000001 +# represents '\x01', and 0x80000000 represents '\x1f'. +asyncmap 0 + +# Require the peer to authenticate itself before allowing network +# packets to be sent or received. +# For a PPP Server with script based logins not using PAP or CHAP +# you need to disable this setting. +#auth + +# Do not require the other end of the connection to authenticate itself. +# This option is dangerous if pppd is setuid. +# If you also have ethernet and are having problems getting PPP to connect +# over a modem, try this option. +#noauth + +# Use hardware flow control (i.e. RTS/CTS) to control the flow of data +# on the serial port. +crtscts + +# Use software flow control (i.e. XON/XOFF) to control the flow of data +# on the serial port. +#xonxoff + +# Specifies that certain characters should be escaped on transmission +# (regardless of whether the peer requests them to be escaped with its +# async control character map). The characters to be escaped are +# specified as a list of hex numbers separated by commas. Note that +# almost any character can be specified for the escape option, unlike +# the asyncmap option which only allows control characters to be +# specified. The characters which may not be escaped are those with hex +# values 0x20 - 0x3f or 0x5e. +#escape 11,13,ff + +# Don't use the modem control lines. +#local + +# Specifies that pppd should use a UUCP-style lock on the serial device +# to ensure exclusive access to the device. +lock + +# Use the modem control lines. On Ultrix, this option implies hardware +# flow control, as for the crtscts option. (This option is not fully +# implemented.) +modem + +# Set the MRU [Maximum Receive Unit] value to <n> for negotiation. pppd +# will ask the peer to send packets of no more than <n> bytes. The +# minimum MRU value is 128. The default MRU value is 1500. A value of +# 296 is recommended for slow links (40 bytes for TCP/IP header + 256 +# bytes of data). +#mru 542 + +# Set the interface netmask to <n>, a 32 bit netmask in "decimal dot" +# notation (e.g. 255.255.255.0). +#netmask 255.255.255.0 + +# Disables the default behaviour when no local IP address is specified, +# which is to determine (if possible) the local IP address from the +# hostname. With this option, the peer will have to supply the local IP +# address during IPCP negotiation (unless it specified explicitly on the +# command line or in an options file). +#noipdefault + +# Enables the "passive" option in the LCP. With this option, pppd will +# attempt to initiate a connection; if no reply is received from the +# peer, pppd will then just wait passively for a valid LCP packet from +# the peer (instead of exiting, as it does without this option). +#passive + +# With this option, pppd will not transmit LCP packets to initiate a +# connection until a valid LCP packet is received from the peer (as for +# the "passive" option with old versions of pppd). +#silent + +# Don't request or allow negotiation of any options for LCP and IPCP +# (use default values). +#-all + +# Disable Address/Control compression negotiation (use default, i.e. +# address/control field disabled). +#-ac + +# Disable asyncmap negotiation (use the default asyncmap, i.e. escape +# all control characters). +#-am + +# Don't fork to become a background process (otherwise pppd will do so +# if a serial device is specified). +#-detach + +# Disable IP address negotiation (with this option, the remote IP +# address must be specified with an option on the command line or in an +# options file). +#-ip + +# Disable magic number negotiation. With this option, pppd cannot +# detect a looped-back line. +#-mn + +# Disable MRU [Maximum Receive Unit] negotiation (use default, i.e. +# 1500). +#-mru + +# Disable protocol field compression negotiation (use default, i.e. +# protocol field compression disabled). +#-pc + +# Require the peer to authenticate itself using PAP. +#+pap + +# Don't agree to authenticate using PAP. +#-pap + +# Require the peer to authenticate itself using CHAP [Cryptographic +# Handshake Authentication Protocol] authentication. +#+chap + +# Don't agree to authenticate using CHAP. +#-chap + +# Disable negotiation of Van Jacobson style IP header compression (use +# default, i.e. no compression). +#-vj + +# Increase debugging level (same as -d). If this option is given, pppd +# will log the contents of all control packets sent or received in a +# readable form. The packets are logged through syslog with facility +# daemon and level debug. This information can be directed to a file by +# setting up /etc/syslog.conf appropriately (see syslog.conf(5)). (If +# pppd is compiled with extra debugging enabled, it will log messages +# using facility local2 instead of daemon). +#debug + +# Append the domain name <d> to the local host name for authentication +# purposes. For example, if gethostname() returns the name porsche, +# but the fully qualified domain name is porsche.Quotron.COM, you would +# use the domain option to set the domain name to Quotron.COM. +#domain <d> + +# Enable debugging code in the kernel-level PPP driver. The argument n +# is a number which is the sum of the following values: 1 to enable +# general debug messages, 2 to request that the contents of received +# packets be printed, and 4 to request that the contents of transmitted +# packets be printed. +#kdebug n + +# Set the MTU [Maximum Transmit Unit] value to <n>. Unless the peer +# requests a smaller value via MRU negotiation, pppd will request that +# the kernel networking code send data packets of no more than n bytes +# through the PPP network interface. +#mtu <n> + +# Enforce the use of the hostname as the name of the local system for +# authentication purposes (overrides the name option). +#usehostname + +# Set the assumed name of the remote system for authentication purposes +# to <n>. +#remotename <n> + +# Add an entry to this system's ARP [Address Resolution Protocol] +# table with the IP address of the peer and the Ethernet address of this +# system. +proxyarp + +# Use the system password database for authenticating the peer using +# PAP. Note: mgetty already provides this option. If this is specified +# then dialin from users using a script under Linux to fire up ppp wont work. +# login + +# If this option is given, pppd will send an LCP echo-request frame to +# the peer every n seconds. Under Linux, the echo-request is sent when +# no packets have been received from the peer for n seconds. Normally +# the peer should respond to the echo-request by sending an echo-reply. +# This option can be used with the lcp-echo-failure option to detect +# that the peer is no longer connected. +lcp-echo-interval 30 + +# If this option is given, pppd will presume the peer to be dead if n +# LCP echo-requests are sent without receiving a valid LCP echo-reply. +# If this happens, pppd will terminate the connection. Use of this +# option requires a non-zero value for the lcp-echo-interval parameter. +# This option can be used to enable pppd to terminate after the physical +# connection has been broken (e.g., the modem has hung up) in +# situations where no hardware modem control lines are available. +lcp-echo-failure 4 + +# Set the LCP restart interval (retransmission timeout) to <n> seconds +# (default 3). +#lcp-restart <n> + +# Set the maximum number of LCP terminate-request transmissions to <n> +# (default 3). +#lcp-max-terminate <n> + +# Set the maximum number of LCP configure-request transmissions to <n> +# (default 10). +#lcp-max-configure <n> + +# Set the maximum number of LCP configure-NAKs returned before starting +# to send configure-Rejects instead to <n> (default 10). +#lcp-max-failure <n> + +# Set the IPCP restart interval (retransmission timeout) to <n> +# seconds (default 3). +#ipcp-restart <n> + +# Set the maximum number of IPCP terminate-request transmissions to <n> +# (default 3). +#ipcp-max-terminate <n> + +# Set the maximum number of IPCP configure-request transmissions to <n> +# (default 10). +#ipcp-max-configure <n> + +# Set the maximum number of IPCP configure-NAKs returned before starting +# to send configure-Rejects instead to <n> (default 10). +#ipcp-max-failure <n> + +# Set the PAP restart interval (retransmission timeout) to <n> seconds +# (default 3). +#pap-restart <n> + +# Set the maximum number of PAP authenticate-request transmissions to +# <n> (default 10). +#pap-max-authreq <n> + +# Set the CHAP restart interval (retransmission timeout for +# challenges) to <n> seconds (default 3). +#chap-restart <n> + +# Set the maximum number of CHAP challenge transmissions to <n> +# (default 10). +#chap-max-challenge + +# If this option is given, pppd will rechallenge the peer every <n> +# seconds. +#chap-interval <n> + +# With this option, pppd will accept the peer's idea of our local IP +# address, even if the local IP address was specified in an option. +#ipcp-accept-local + +# With this option, pppd will accept the peer's idea of its (remote) IP +# address, even if the remote IP address was specified in an option. +#ipcp-accept-remote + diff --git a/patches/source/ppp/ppp.CVE-2014-3158.diff b/patches/source/ppp/ppp.CVE-2014-3158.diff new file mode 100644 index 000000000..500ca18ef --- /dev/null +++ b/patches/source/ppp/ppp.CVE-2014-3158.diff @@ -0,0 +1,30 @@ +diff --git a/pppd/options.c b/pppd/options.c +index 45fa742..e9042d1 100644 +--- a/pppd/options.c ++++ b/pppd/options.c +@@ -1289,9 +1289,10 @@ getword(f, word, newlinep, filename) + /* + * Store the resulting character for the escape sequence. + */ +- if (len < MAXWORDLEN-1) ++ if (len < MAXWORDLEN) { + word[len] = value; +- ++len; ++ ++len; ++ } + + if (!got) + c = getc(f); +@@ -1329,9 +1330,10 @@ getword(f, word, newlinep, filename) + /* + * An ordinary character: store it in the word and get another. + */ +- if (len < MAXWORDLEN-1) ++ if (len < MAXWORDLEN) { + word[len] = c; +- ++len; ++ ++len; ++ } + + c = getc(f); + } diff --git a/patches/source/ppp/ppp.CVE-2015-3310.diff b/patches/source/ppp/ppp.CVE-2015-3310.diff new file mode 100644 index 000000000..ecf53ce49 --- /dev/null +++ b/patches/source/ppp/ppp.CVE-2015-3310.diff @@ -0,0 +1,11 @@ +--- ./pppd/plugins/radius/util.c.orig 2015-04-17 11:43:59.687374237 -0500 ++++ ./pppd/plugins/radius/util.c 2015-04-17 11:45:12.612379499 -0500 +@@ -77,7 +77,7 @@ + static unsigned short int cnt = 0; + sprintf (buf, "%08lX%04X%02hX", + (unsigned long int) time (NULL), +- (unsigned int) getpid (), ++ (unsigned int) getpid () % 65535, + cnt & 0xFF); + cnt++; + return buf; diff --git a/patches/source/ppp/ppp.SlackBuild b/patches/source/ppp/ppp.SlackBuild new file mode 100755 index 000000000..538576a2f --- /dev/null +++ b/patches/source/ppp/ppp.SlackBuild @@ -0,0 +1,171 @@ +#!/bin/sh + +# Copyright 2008, 2009 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +VERSION=2.4.4 +RADVER=0.3.2 +PPPVER=1.98 +BUILD=${BUILD:-2_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-ppp + +rm -rf $PKG +mkdir -p $TMP $PKG + +echo "+============+" +echo "| ppp-$VERSION |" +echo "+============+" +cd $TMP +rm -rf ppp-$VERSION +tar xvf $CWD/ppp-$VERSION.tar.bz2 || exit 1 +cd ppp-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/ppp.slack.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit +sed -i -e "s#lib/pppd#lib${LIBDIRSUFFIX}/pppd#g" $(grep -lr 'lib/pppd' *) + +zcat $CWD/ppp.CVE-2014-3158.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/ppp.CVE-2015-3310.diff.gz | patch -p1 --verbose || exit 1 + +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG/usr + +mv $PKG/usr/share/man $PKG/usr +rmdir $PKG/usr/share + +# Install PPP config files: +mkdir -p $PKG/etc/ppp +cp -a etc.ppp/* $PKG/etc/ppp +chmod 600 $PKG/etc/ppp/*secrets +( cd $PKG/etc/ppp + mv chap-secrets chap-secrets.new + mv options options.new + mv pap-secrets pap-secrets.new +) +zcat $CWD/options.new.gz > $PKG/etc/ppp/options.new + +# Fix what seems like an insecure default setting. +# Feel free to "chmod 4750 pppoatm.so rp-pppoe.so" at your own risk. +# Since they are only runnable by group root, the risk really isn't much... +chmod 755 $PKG/usr/lib${LIBDIRSUFFIX}/pppd/*/*.so + +mkdir -p $PKG/usr/doc/ppp-$VERSION +cp -a \ + FAQ PLUGINS README* SETUP scripts \ + $PKG/usr/doc/ppp-$VERSION + +echo "+====================+" +echo "| radiusclient-$RADVER |" +echo "+====================+" +cd $TMP +rm -rf radiusclient-$RADVER +tar xf $CWD/radiusclient-$RADVER.tar.bz2 || exit 1 +cd radiusclient-$RADVER || exit 1 +chown -R root:root . +cp /usr/share/libtool/config.{guess,sub} . +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 +zcat $CWD/radius.msdict.gz > $PKG/etc/radiusclient/dictionary.microsoft +zcat $CWD/realms.gz > $PKG/etc/radiusclient/realms +zcat $CWD/servers.gz > $PKG/etc/radiusclient/servers +( cd $PKG/etc/radiusclient + chmod 600 realms servers + mv issue issue.new + mv radiusclient.conf radiusclient.conf.new + mv realms realms.new + mv servers servers.new +) +mkdir -p $PKG/usr/doc/radiusclient-$RADVER +cp -a \ + BUGS CHANGES COPYRIGHT README README.radexample doc/instop.html \ + $PKG/usr/doc/radiusclient-$RADVER +chmod 644 $PKG/usr/doc/radiusclient-$RADVER/* + +echo "+===============+" +echo "| pppsetup-$PPPVER |" +echo "+===============+" +cd $TMP +rm -rf pppsetup-$PPPVER +tar xvf $CWD/pppsetup-$PPPVER.tar.gz || exit 1 +cd pppsetup-$PPPVER || exit 1 +chown -R root:root . +zcat $CWD/pppsetup-1.98.slack.diff.gz | patch -p1 --backup || exit +zcat $CWD/pppsetup-1.98.pppoff.diff.gz | patch -p0 --backup || exit +zcat $CWD/pppsetup-1.98.moredevs.diff.gz | patch -p1 --backup || exit +zcat $CWD/pppsetup-1.98.backupfiles.diff.gz | patch -p1 --backup || exit +chmod 755 ppp-off pppsetup +cp -a ppp-off pppsetup $PKG/usr/sbin +mkdir -p $PKG/usr/doc/pppsetup +cp -a \ + README.pppsetup ppp-compile.txt pppsetup-$PPPVER.README pppsetup-$PPPVER.lsm \ + $PKG/usr/doc/pppsetup + +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . -name "*.a" | xargs file | grep "ar archive" | cut -f 1 -d : | xargs strip -g 2> /dev/null +) + +chmod 755 $PKG/usr/sbin/* + +gzip -9 $PKG/usr/man/man?/*.? +chmod 644 $PKG/usr/man/man?/* + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/ppp-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/ppp/ppp.slack.diff b/patches/source/ppp/ppp.slack.diff new file mode 100644 index 000000000..dafd0d3e7 --- /dev/null +++ b/patches/source/ppp/ppp.slack.diff @@ -0,0 +1,28 @@ +diff -r -u ppp-2.4.2.orig/pppd/Makefile.linux ppp-2.4.2/pppd/Makefile.linux +--- ppp-2.4.2.orig/pppd/Makefile.linux 2003-11-27 13:55:19.000000000 -0800 ++++ ppp-2.4.2/pppd/Makefile.linux 2004-02-22 21:36:11.000000000 -0800 +@@ -31,7 +31,7 @@ + + # CC = gcc + # +-COPTS = -O2 -pipe -Wall -g ++COPTS = -O2 -pipe -Wall + LIBS = + + # Uncomment the next 2 lines to include support for Microsoft's +@@ -61,13 +61,13 @@ + + HAS_SHADOW=y + #USE_PAM=y +-#HAVE_INET6=y ++HAVE_INET6=y + + # Enable plugins + PLUGIN=y + + # Enable Microsoft proprietary Callback Control Protocol +-#CBCP=y ++CBCP=y + + # Enable EAP SRP-SHA1 authentication (requires libsrp) + #USE_SRP=y diff --git a/patches/source/ppp/pppsetup-1.98.backupfiles.diff b/patches/source/ppp/pppsetup-1.98.backupfiles.diff new file mode 100644 index 000000000..6b3647793 --- /dev/null +++ b/patches/source/ppp/pppsetup-1.98.backupfiles.diff @@ -0,0 +1,26 @@ +--- ./pppsetup.orig Sun May 19 19:01:29 2002 ++++ ./pppsetup Sun May 19 19:06:07 2002 +@@ -861,10 +861,12 @@ + echo "multi on" >> /etc/host.conf + fi + +-if [ ! -z $DOMAINNAME ]; then ++if [ ! -z $DOMAINNAME ]; then ++# backup file ++cp -a /etc/resolv.conf /etc/resolv.conf.$$ 2> /dev/null + echo "search $DOMAINNAME" > /etc/resolv.conf + else +-rm -f /etc/resolv.conf 2>/dev/null ++rm -f /etc/resolv.conf 2>/dev/null + DOMAINNAME="unknown.com" + fi + +@@ -875,6 +877,8 @@ + fi + + if [ ! -s /etc/hosts ]; then ++# backup file ++cp -a /etc/hosts /etc/hosts.bak.$$ 2> /dev/null + echo "127.0.0.1 localhost" > /etc/hosts + if [ "$DOMAINNAME" = "unknown.com" ]; then + echo "0.0.0.0 `hostname 2>/dev/null`.localnet `hostname 2>/dev/null`" >> /etc/hosts diff --git a/patches/source/ppp/pppsetup-1.98.moredevs.diff b/patches/source/ppp/pppsetup-1.98.moredevs.diff new file mode 100644 index 000000000..6a11a3b54 --- /dev/null +++ b/patches/source/ppp/pppsetup-1.98.moredevs.diff @@ -0,0 +1,105 @@ +--- ./pppsetup.orig Sun May 19 18:41:04 2002 ++++ ./pppsetup Sun May 19 18:52:49 2002 +@@ -1,15 +1,10 @@ + #!/bin/bash +-############################################################################### +-# + # PPPSETUP -- Script to set up pppd + # History: + # 7/21/95 RSL Script created (v1.0) + # 9/15/96 RSL Added code to get the ISP's domainname (v1.1) + # 9/19/96 RSL Revamped interface to use the 'dialog' + # program. (v1.2) +-############################################################################### +- +-############################################################################### + # 2/22/98 KR Added pap, chap, ms-chap, callback, & + # modem init string options. (v1.98) + # Creates /etc/ppp/options, & pap, chap, +@@ -17,33 +12,21 @@ + # More guidance. + # Monitor connection with tail & syslogd. + # Demand dialing setup with ppp-2.3.0 or later. +-############################################################################### +- +-############################################################################### + # 4/4/98 PJV Fixed massive /tmp-related security problems + # Switched to a default init string that's more + # likely to work + # Increased TIMEOUTs + # fixed bad flags given to chat -- caused dialout + # to fail +-############################################################################### +- +-############################################################################### + # 2/6/1999 PJV Changed all occurances of /dev/cua* to /dev/ttyS* +-############################################################################### +- +-############################################################################### + # 5/3/1999 PJV Commented 'debug' in /etc/ppp/options + # Add commented 'noauth' in /etc/ppp/options so + # people who want to use ppp but already have a + # default route have an easier time figuring out + # what to do. :) +-############################################################################### +- +-############################################################################### + # 6/18/2000 PJV Added code to check for "ppp-stop" and "ppp-on" + # symlinks, and make them if they don't exist. +-############################################################################### ++# 5/19/2002 PJV Added support for more devices. + + TMP=/var/log/setup/tmp + +@@ -137,25 +120,40 @@ + done + + echo "Where is your modem /dev/ttyS?" > $TMP/txtTEMP$$ +-dialog --backtitle "MODEM DEVICE ..." --menu "`cat $TMP/txtTEMP$$`" 11 50 4 \ ++dialog --backtitle "MODEM DEVICE ..." --menu "`cat $TMP/txtTEMP$$`" 17 60 10 \ ++modem "= use whatever /dev/modem is linked to" \ + ttyS0 "= (COM1: under DOS)" \ + ttyS1 "= (COM2: under DOS)" \ + ttyS2 "= (COM3: under DOS)" \ + ttyS3 "= (COM4: under DOS)" \ ++ttyS4 "= PCI modem" \ ++ttyS5 "= PCI modem" \ ++ttyS6 "= PCI modem" \ ++ttyS7 "= PCI modem" \ ++ttyS8 "= PCI modem" \ ++ttyS9 "= PCI modem" \ ++ttyS10 "= PCI modem" \ ++ttyS11 "= PCI modem" \ ++ttyS12 "= PCI modem" \ ++ttyS13 "= PCI modem" \ ++ttyS14 "= PCI modem" \ ++ttyS15 "= PCI modem" \ + 2> $TMP/rspTEMP$$ + + MODEM="`cat $TMP/rspTEMP$$`" + +-if [ -z $MODEM ]; then +-clear 2>/dev/null || echo +-rm -f $TMP/*TEMP* +-echo "PPP configuration cancelled." +-exit +-elif [ ! -c "/dev/$MODEM" ]; then +-/dev/MAKEDEV $MODEM >/dev/null 2>&1 || MODERROR="YES" +-else +-rm -f /dev/modem 2>/dev/null +-ln -sf /dev/$MODEM /dev/modem 2>/dev/null ++if [ ! "$MODEM" = "modem" ]; then ++ if [ -z $MODEM ]; then ++ clear 2>/dev/null || echo ++ rm -f $TMP/*TEMP* ++ echo "PPP configuration cancelled." ++ exit ++ elif [ ! -c "/dev/$MODEM" ]; then ++ /dev/MAKEDEV $MODEM >/dev/null 2>&1 || MODERROR="YES" ++ else ++ rm -f /dev/modem 2>/dev/null ++ ln -sf /dev/$MODEM /dev/modem 2>/dev/null ++ fi + fi + + echo "What baud rate is your modem?" > $TMP/txtTEMP$$ diff --git a/patches/source/ppp/pppsetup-1.98.pppoff.diff b/patches/source/ppp/pppsetup-1.98.pppoff.diff new file mode 100644 index 000000000..66b51ba7e --- /dev/null +++ b/patches/source/ppp/pppsetup-1.98.pppoff.diff @@ -0,0 +1,19 @@ +--- ppp-off.orig Fri Oct 20 17:43:50 2000 ++++ ppp-off Fri Oct 20 17:46:32 2000 +@@ -21,14 +21,8 @@ + # This just checks if demand dialing is running, if so it + # says Demand Dialing Stoped. + +-ps x 2>/dev/null > /tmp/grep.tmp +- +-if grep 2>/dev/null "options.demand" /tmp/grep.tmp >/dev/null +-then +-rm -f /tmp/grep.tmp +-D="echo Demand Dialing Stoped." +-else +-rm -f /tmp/grep.tmp ++if ps x | fgrep "options.demand" 1> /dev/null 2> /dev/null ; then ++ D="echo Demand Dialing Stoped." + fi + + # diff --git a/patches/source/ppp/pppsetup-1.98.slack.diff b/patches/source/ppp/pppsetup-1.98.slack.diff new file mode 100644 index 000000000..f081699c8 --- /dev/null +++ b/patches/source/ppp/pppsetup-1.98.slack.diff @@ -0,0 +1,1709 @@ +--- ./pppsetup.orig Sun Feb 22 12:33:32 1998 ++++ ./pppsetup Sun Jun 18 14:01:10 2000 +@@ -19,6 +19,34 @@ + # Demand dialing setup with ppp-2.3.0 or later. + ############################################################################### + ++############################################################################### ++# 4/4/98 PJV Fixed massive /tmp-related security problems ++# Switched to a default init string that's more ++# likely to work ++# Increased TIMEOUTs ++# fixed bad flags given to chat -- caused dialout ++# to fail ++############################################################################### ++ ++############################################################################### ++# 2/6/1999 PJV Changed all occurances of /dev/cua* to /dev/ttyS* ++############################################################################### ++ ++############################################################################### ++# 5/3/1999 PJV Commented 'debug' in /etc/ppp/options ++# Add commented 'noauth' in /etc/ppp/options so ++# people who want to use ppp but already have a ++# default route have an easier time figuring out ++# what to do. :) ++############################################################################### ++ ++############################################################################### ++# 6/18/2000 PJV Added code to check for "ppp-stop" and "ppp-on" ++# symlinks, and make them if they don't exist. ++############################################################################### ++ ++TMP=/var/log/setup/tmp ++ + if [ ! "$UID" = "0" ]; then + echo + echo "NOTICE: * $LOGNAME * You need to be 'root' to run this script." +@@ -43,81 +71,84 @@ + exit 1 + fi + +-if [ ! -d /tmp ]; then +-mkdir /tmp +-chmod 1777 /tmp +-fi +- + if [ -s /usr/lib/setup/hdsetup ]; then +-SYS="on SLACKWARE ..." ++SYS="on SLACKWARE." + fi + + VERSION="1.98" + + stty erase ^? 2>/dev/null + +-echo "PPPSETUP $VERSION $SYS" > /tmp/txtTEMP01 +-echo >> /tmp/txtTEMP01 +-echo "Written by Robert S. Liesenfeld <xunil@bitstream.net> <IRC:Xunil>" >> /tmp/txtTEMP01 +-echo "Changes for 1.98 by Kent Robotti <robotti@erols.com>" >> /tmp/txtTEMP01 +-echo >> /tmp/txtTEMP01 +-echo "You should get these 'DOCS' if you don't already have them." >> /tmp/txtTEMP01 +-echo >> /tmp/txtTEMP01 +-echo 'ftp://sunsite.unc.edu/pub/Linux/docs/HOWTO "PPP-HOWTO"' >> /tmp/txtTEMP01 +-echo 'ftp://sunsite.unc.edu/pub/Linux/docs/faqs/PPP-FAQ "PPP-FAQ"' >> /tmp/txtTEMP01 +-echo >> /tmp/txtTEMP01 +-echo "Press [Enter] to continue with pppsetup..." >> /tmp/txtTEMP01 ++if [ ! -r /usr/sbin/ppp-stop ]; then ++ ( cd /usr/sbin ; ln -sf ppp-off ppp-stop ) ++fi ++if [ ! -r /usr/sbin/ppp-on ]; then ++ ( cd /usr/sbin ; ln -sf ppp-go ppp-on ) ++fi + +-dialog --backtitle "PPPSETUP $VERSION ..." --textbox "/tmp/txtTEMP01" 15 70 ++echo "PPPSETUP $VERSION $SYS" > $TMP/txtTEMP01 ++echo >> $TMP/txtTEMP01 ++echo "Written by Robert S. Liesenfeld <xunil@bitstream.net> <IRC:Xunil>" >> $TMP/txtTEMP01 ++echo "Changes for 1.98 by Kent Robotti <robotti@erols.com>" >> $TMP/txtTEMP01 ++echo "Patched for Slackware by Patrick Volkerding <volkerdi@slackware.com>" >> $TMP/txtTEMP01 ++echo >> $TMP/txtTEMP01 ++echo "You should get these docs if you don't already have them:" >> $TMP/txtTEMP01 ++echo >> $TMP/txtTEMP01 ++echo "ftp://metalab.unc.edu/pub/Linux/docs/howto/PPP-HOWTO" >> $TMP/txtTEMP01 ++echo "ftp://metalab.unc.edu/pub/Linux/docs/faqs/PPP-FAQ" >> $TMP/txtTEMP01 ++echo >> $TMP/txtTEMP01 ++echo "Press [Enter] to continue with pppsetup..." >> $TMP/txtTEMP01 ++ ++dialog --backtitle "PPPSETUP $VERSION/Slackware" --textbox "$TMP/txtTEMP01" 16 73 + + while [ -z "$PHONENUM" ] + do +-echo "To begin setting up your PPP connection, i need to know a few things." > /tmp/txtTEMP$$ +-echo "For starters, what is the phone number of your (I)nternet (S)ervice" >> /tmp/txtTEMP$$ +-echo "(P)rovider?" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Example: atdt6661776 <-For (t)one dialing.)" >> /tmp/txtTEMP$$ +-echo "Example: atdp6661776 <-For (p)ulse dialing.)" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Include the: atd? It's usally just: atdtphonenumber" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "(Note: in the USA, use atdt*70,6661776 [comma required!] to turn" >> /tmp/txtTEMP$$ +-echo " off call waiting.)" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ ++echo "To begin setting up your PPP connection, i need to know a few things." > $TMP/txtTEMP$$ ++echo "For starters, what is the phone number of your (I)nternet (S)ervice" >> $TMP/txtTEMP$$ ++echo "(P)rovider?" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Example: atdt6661776 <-For (t)one dialing.)" >> $TMP/txtTEMP$$ ++echo "Example: atdp6661776 <-For (p)ulse dialing.)" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Include the: atd? It's usally just: atdtphonenumber" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "(Note: in the USA, use atdt*70,6661776 [comma required!] to turn" >> $TMP/txtTEMP$$ ++echo " off call waiting.)" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + +-dialog --title "PHONE NUMBER ..." --inputbox "`cat /tmp/txtTEMP$$`" 18 75 2> /tmp/rspTEMP$$ ++dialog --title "PHONE NUMBER ..." --inputbox "`cat $TMP/txtTEMP$$`" 18 75 2> $TMP/rspTEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-PHONENUM="`cat /tmp/rspTEMP$$`" ++PHONENUM="`cat $TMP/rspTEMP$$`" + + if [ -z "$PHONENUM" ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + echo "No phone number." + exit + fi + done + +-echo "Where is your modem /dev/cua?" > /tmp/txtTEMP$$ +-dialog --backtitle "MODEM DEVICE ..." --menu "`cat /tmp/txtTEMP$$`" 11 50 4 \ +-cua0 "= (COM1: under DOS)" \ +-cua1 "= (COM2: under DOS)" \ +-cua2 "= (COM3: under DOS)" \ +-cua3 "= (COM4: under DOS)" \ +-2> /tmp/rspTEMP$$ ++echo "Where is your modem /dev/ttyS?" > $TMP/txtTEMP$$ ++dialog --backtitle "MODEM DEVICE ..." --menu "`cat $TMP/txtTEMP$$`" 11 50 4 \ ++ttyS0 "= (COM1: under DOS)" \ ++ttyS1 "= (COM2: under DOS)" \ ++ttyS2 "= (COM3: under DOS)" \ ++ttyS3 "= (COM4: under DOS)" \ ++2> $TMP/rspTEMP$$ + +-MODEM="`cat /tmp/rspTEMP$$`" ++MODEM="`cat $TMP/rspTEMP$$`" + + if [ -z $MODEM ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + exit + elif [ ! -c "/dev/$MODEM" ]; then +@@ -127,139 +158,139 @@ + ln -sf /dev/$MODEM /dev/modem 2>/dev/null + fi + +-echo "What baud rate is your modem?" > /tmp/txtTEMP$$ +-dialog --backtitle "MODEM BAUD RATE ..." --menu "`cat /tmp/txtTEMP$$`" 14 72 7 \ ++echo "What baud rate is your modem?" > $TMP/txtTEMP$$ ++dialog --backtitle "MODEM BAUD RATE ..." --menu "`cat $TMP/txtTEMP$$`" 14 72 7 \ + 460800 "460KBps - ISDN modem..." \ + 230400 "230KBps - 56Kbps modem... or ISDN modem..." \ + 115200 "115KBps - 28.8, 33.6, or 56Kbps modem..." \ + 57600 "57.6KBps - 28.8, 33.6, or 56Kbps modem..." \ + 38400 "38.4KBps - Hangin ten on the net! 28.8 or 33.6..." \ + 19200 "19.2KBps - Better known as 14.4..." \ +-9600 "9600bps - No comment..." 2> /tmp/rspTEMP$$ ++9600 "9600bps - No comment..." 2> $TMP/rspTEMP$$ + +-BAUDRATE="`cat /tmp/rspTEMP$$`" ++BAUDRATE="`cat $TMP/rspTEMP$$`" + + if [ -z $BAUDRATE ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + exit + fi + +-echo "Does your service provider use CALLBACK?" > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "CALLBACK is when you call your service provider and give them" >> /tmp/txtTEMP$$ +-echo "your phone number so they can call you back, then when they" >> /tmp/txtTEMP$$ +-echo "call you back you give them your login name and password." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Most service providers don't use CALLBACK, so the answer is" >> /tmp/txtTEMP$$ +-echo "probably No, unless you know otherwise." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +- +-dialog --backtitle "CALLBACK YES or NO? ..." --yesno "`cat /tmp/txtTEMP$$`" 13 70 +- +-if [ $? = 0 ]; then +-echo "Put your phone number in the box below, so your service provider" > /tmp/txtTEMP$$ +-echo "can call you back." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Example: 7771818" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ ++echo "Does your service provider use CALLBACK?" > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "CALLBACK is when you call your service provider and give them" >> $TMP/txtTEMP$$ ++echo "your phone number so they can call you back, then when they" >> $TMP/txtTEMP$$ ++echo "call you back you give them your login name and password." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Most service providers don't use CALLBACK, so the answer is" >> $TMP/txtTEMP$$ ++echo "probably No, unless you know otherwise." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++ ++dialog --backtitle "CALLBACK YES or NO? ..." --menu "`cat $TMP/txtTEMP$$`" 16 70 2 "NO" "Most Internet providers do not use callback" "YES" "Use callback support (I know what I'm doing)" 2> $TMP/replyTEMP$$ ++ ++if [ "`cat $TMP/replyTEMP$$`" = "YES" ]; then ++echo "Put your phone number in the box below, so your service provider" > $TMP/txtTEMP$$ ++echo "can call you back." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Example: 7771818" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + +-dialog --backtitle "CALLBACK Your Phone Number? ..." --inputbox "`cat /tmp/txtTEMP$$`" 11 72 2> /tmp/cb1TEMP$$ ++dialog --backtitle "CALLBACK Your Phone Number? ..." --inputbox "`cat $TMP/txtTEMP$$`" 11 72 2> $TMP/cb1TEMP$$ + + if [ $? = 1 ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + exit +-elif [ ! -s /tmp/cb1TEMP$$ ]; then ++elif [ ! -s $TMP/cb1TEMP$$ ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + echo "No Phone Number for Callback." + exit + fi + fi + +-if [ -s /tmp/cb1TEMP$$ ]; then +-CBPN="`cat /tmp/cb1TEMP$$`" +-echo "I have your phone number: $CBPN" > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Do you have to give a Username or Login for the initial connection" >> /tmp/txtTEMP$$ +-echo "to $PHONENUM before you're called back." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Example: jerry" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "If NO, just press [Enter] on a empty box and skip this." >> /tmp/txtTEMP$$ ++if [ -s $TMP/cb1TEMP$$ ]; then ++CBPN="`cat $TMP/cb1TEMP$$`" ++echo "I have your phone number: $CBPN" > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Do you have to give a Username or Login for the initial connection" >> $TMP/txtTEMP$$ ++echo "to $PHONENUM before you're called back." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Example: jerry" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "If NO, just press [Enter] on a empty box and skip this." >> $TMP/txtTEMP$$ + +-dialog --backtitle "CALLBACK INITIAL LOGIN? ..." --inputbox "`cat /tmp/txtTEMP$$`" 15 74 2> /tmp/cb1.1TEMP$$ ++dialog --backtitle "CALLBACK INITIAL LOGIN? ..." --inputbox "`cat $TMP/txtTEMP$$`" 15 74 2> $TMP/cb1.1TEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + else +-CBMODLOGIN="`cat /tmp/cb1.1TEMP$$`" ++CBMODLOGIN="`cat $TMP/cb1.1TEMP$$`" + fi + fi + +-if [ -s /tmp/cb1TEMP$$ ]; then +-echo "I have your phone number: $CBPN" > /tmp/txtTEMP$$ +-if [ -s /tmp/cb1.1TEMP$$ ]; then +-echo "I see you have to give a Username or Login: $CBMODLOGIN" >> /tmp/txtTEMP$$ +-echo "for the initial connection to: $PHONENUM" >> /tmp/txtTEMP$$ +-fi +-echo >> /tmp/txtTEMP$$ +-echo "Do you have to give a Password for the initial connection" >> /tmp/txtTEMP$$ +-echo "to $PHONENUM before you're called back." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Example: Zoy85mWc" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "If NO, just press [Enter] on a empty box and skip this." >> /tmp/txtTEMP$$ ++if [ -s $TMP/cb1TEMP$$ ]; then ++echo "I have your phone number: $CBPN" > $TMP/txtTEMP$$ ++if [ -s $TMP/cb1.1TEMP$$ ]; then ++echo "I see you have to give a Username or Login: $CBMODLOGIN" >> $TMP/txtTEMP$$ ++echo "for the initial connection to: $PHONENUM" >> $TMP/txtTEMP$$ ++fi ++echo >> $TMP/txtTEMP$$ ++echo "Do you have to give a Password for the initial connection" >> $TMP/txtTEMP$$ ++echo "to $PHONENUM before you're called back." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Example: Zoy85mWc" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "If NO, just press [Enter] on a empty box and skip this." >> $TMP/txtTEMP$$ + +-dialog --backtitle "CALLBACK INITIAL PASSWORD? ..." --inputbox "`cat /tmp/txtTEMP$$`" 17 68 2> /tmp/cb2TEMP$$ ++dialog --backtitle "CALLBACK INITIAL PASSWORD? ..." --inputbox "`cat $TMP/txtTEMP$$`" 17 68 2> $TMP/cb2TEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + else +-CBMODPASS="`cat /tmp/cb2TEMP$$`" ++CBMODPASS="`cat $TMP/cb2TEMP$$`" + fi + fi + + if [ ! -z "$CBPN" ]; then +-echo "Are they using PAP or CHAP for AUTHENTICATION? If so answer YES." > /tmp/txtTEMP$$ +-echo "Do they present you with a Username: or Login: and Password: prompt" >> /tmp/txtTEMP$$ +-echo "when they call you back, if so they're probably not using PAP or" >> /tmp/txtTEMP$$ +-echo "CHAP, so you can answer NO here." >> /tmp/txtTEMP$$ +-echo "If you're not sure, you'll have to ask you're service provider." >> /tmp/txtTEMP$$ ++echo "Are they using PAP or CHAP for AUTHENTICATION? If so answer YES." > $TMP/txtTEMP$$ ++echo "Do they present you with a Username: or Login: and Password: prompt" >> $TMP/txtTEMP$$ ++echo "when they call you back, if so they're probably not using PAP or" >> $TMP/txtTEMP$$ ++echo "CHAP, so you can answer NO here." >> $TMP/txtTEMP$$ ++echo "If you're not sure, you'll have to ask you're service provider." >> $TMP/txtTEMP$$ + +-dialog --backtitle "CALLBACK PAP-CHAP YES or NO? ..." --yesno "`cat /tmp/txtTEMP$$`" 9 72 ++dialog --backtitle "CALLBACK PAP-CHAP YES or NO? ..." --yesno "`cat $TMP/txtTEMP$$`" 9 72 + + if [ $? = 1 ]; then +-echo "What is your Username or Login to your service provider?" > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "This is the information you'll give them when they call" >> /tmp/txtTEMP$$ +-echo "you back at: $CBPN" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Example: jerry" >> /tmp/txtTEMP$$ ++echo "What is your Username or Login to your service provider?" > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "This is the information you'll give them when they call" >> $TMP/txtTEMP$$ ++echo "you back at: $CBPN" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Example: jerry" >> $TMP/txtTEMP$$ + +-dialog --backtitle "CALLBACK LOGIN? ..." --inputbox "`cat /tmp/txtTEMP$$`" 13 72 2> /tmp/cb3TEMP$$ ++dialog --backtitle "CALLBACK LOGIN? ..." --inputbox "`cat $TMP/txtTEMP$$`" 13 72 2> $TMP/cb3TEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-CBLOGIN="`cat /tmp/cb3TEMP$$`" ++CBLOGIN="`cat $TMP/cb3TEMP$$`" + + if [ -z "$CBLOGIN" ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + echo "No Login for Callback." +@@ -269,24 +300,24 @@ + fi + + if [ ! -z "$CBLOGIN" ]; then +-echo "What is the Password for: $CBLOGIN" > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Example: Ziy79Kie" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ ++echo "What is the Password for: $CBLOGIN" > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Example: Ziy79Kie" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + +-dialog --backtitle "CALLBACK PASSWORD? ..." --inputbox "`cat /tmp/txtTEMP$$`" 10 64 2> /tmp/cb4TEMP$$ ++dialog --backtitle "CALLBACK PASSWORD? ..." --inputbox "`cat $TMP/txtTEMP$$`" 10 64 2> $TMP/cb4TEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit 1 + fi + +-CBPASS="`cat /tmp/cb4TEMP$$`" ++CBPASS="`cat $TMP/cb4TEMP$$`" + + if [ -z "$CBPASS" ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + echo "No Password for Callback." +@@ -296,13 +327,13 @@ + + callback1() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -322,13 +353,13 @@ + + callback2() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -344,13 +375,13 @@ + + callback3() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -368,13 +399,13 @@ + + callback4() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -393,13 +424,13 @@ + + callback5() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -417,13 +448,13 @@ + + callback6() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -440,13 +471,13 @@ + + callback7() { + cat << EOF +-TIMEOUT 10 ++TIMEOUT 60 + ABORT BUSY + ABORT ERROR + ABORT VOICE + ABORT "NO CARRIER" + ABORT "NO DIALTONE" +-"" "AT\&FW1S0=1H0" ++"" "AT\&FS0=1H0" + OK "ATDT$PHONENUM" + TIMEOUT 60 + CONNECT "" +@@ -465,20 +496,20 @@ + mkdir -p /etc/ppp + fi + +-if [ -s /tmp/cb1TEMP$$ ]; then +-if [ -s /tmp/cb1.1TEMP$$ ] && [ -s /tmp/cb2TEMP$$ ] && [ -s /tmp/cb3TEMP$$ ] && [ -s /tmp/cb4TEMP$$ ]; then ++if [ -s $TMP/cb1TEMP$$ ]; then ++if [ -s $TMP/cb1.1TEMP$$ ] && [ -s $TMP/cb2TEMP$$ ] && [ -s $TMP/cb3TEMP$$ ] && [ -s $TMP/cb4TEMP$$ ]; then + callback1 > /etc/ppp/callback +-elif [ ! -s /tmp/cb1.1TEMP$$ ] && [ ! -s /tmp/cb2TEMP$$ ] && [ ! -s /tmp/cb3TEMP$$ ] && [ ! -s /tmp/cb4TEMP$$ ]; then ++elif [ ! -s $TMP/cb1.1TEMP$$ ] && [ ! -s $TMP/cb2TEMP$$ ] && [ ! -s $TMP/cb3TEMP$$ ] && [ ! -s $TMP/cb4TEMP$$ ]; then + callback2 > /etc/ppp/callback +-elif [ ! -s /tmp/cb1.1TEMP$$ ] && [ ! -s /tmp/cb2TEMP$$ ] && [ -s /tmp/cb3TEMP$$ ] && [ -s /tmp/cb4TEMP$$ ]; then ++elif [ ! -s $TMP/cb1.1TEMP$$ ] && [ ! -s $TMP/cb2TEMP$$ ] && [ -s $TMP/cb3TEMP$$ ] && [ -s $TMP/cb4TEMP$$ ]; then + callback3 > /etc/ppp/callback +-elif [ ! -s /tmp/cb1.1TEMP$$ ] && [ -s /tmp/cb2TEMP$$ ] && [ -s /tmp/cb3TEMP$$ ] && [ -s /tmp/cb4TEMP$$ ]; then ++elif [ ! -s $TMP/cb1.1TEMP$$ ] && [ -s $TMP/cb2TEMP$$ ] && [ -s $TMP/cb3TEMP$$ ] && [ -s $TMP/cb4TEMP$$ ]; then + callback4 > /etc/ppp/callback +-elif [ -s /tmp/cb1.1TEMP$$ ] && [ -s /tmp/cb2TEMP$$ ] && [ ! -s /tmp/cb3TEMP$$ ] && [ ! -s /tmp/cb4TEMP$$ ]; then ++elif [ -s $TMP/cb1.1TEMP$$ ] && [ -s $TMP/cb2TEMP$$ ] && [ ! -s $TMP/cb3TEMP$$ ] && [ ! -s $TMP/cb4TEMP$$ ]; then + callback5 > /etc/ppp/callback +-elif [ -s /tmp/cb1.1TEMP$$ ] && [ ! -s /tmp/cb3TEMP$$ ] && [ ! -s /tmp/cb4TEMP$$ ]; then ++elif [ -s $TMP/cb1.1TEMP$$ ] && [ ! -s $TMP/cb3TEMP$$ ] && [ ! -s $TMP/cb4TEMP$$ ]; then + callback6 > /etc/ppp/callback +-elif [ -s /tmp/cb2TEMP$$ ] && [ ! -s /tmp/cb3TEMP$$ ] && [ ! -s /tmp/cb4TEMP$$ ]; then ++elif [ -s $TMP/cb2TEMP$$ ] && [ ! -s $TMP/cb3TEMP$$ ] && [ ! -s $TMP/cb4TEMP$$ ]; then + callback7 > /etc/ppp/callback + fi + fi +@@ -488,93 +519,93 @@ + chmod 600 /etc/ppp/callback 2>/dev/null + fi + +-if [ ! -s /tmp/cb1TEMP$$ ]; then +-echo 'The default modem init string will be: "AT\&FW1H0" OK' > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "If you want to change it, put your init string in the box below." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "If you use \ in the init string, put it twice." >> /tmp/txtTEMP$$ +-echo 'Example: "AT\&F\\K3\\N3W1H0" OK' >> /tmp/txtTEMP$$ +-echo "M = No sound. W1 or S95=46 = Show CARRIER speed: 28800 etc." >> /tmp/txtTEMP$$ +-echo 'Put "" around each init string with "&" in it.' >> /tmp/txtTEMP$$ +-echo 'Put OK after each init string. Example: ATZ OK "AT\&F1MW1H0" OK' >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Just press [Enter] on a empty box to accept the default above." >> /tmp/txtTEMP$$ ++if [ ! -s $TMP/cb1TEMP$$ ]; then ++echo 'The default modem init string will be: "AT&FH0" OK' > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "If you want to change it, put your init string in the box below." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "If you use \ in the init string, put it twice." >> $TMP/txtTEMP$$ ++echo 'Example: "AT\&F\\K3\\N3H0" OK' >> $TMP/txtTEMP$$ ++echo "M = No sound. S95=46 = Show CARRIER speed: 28800 etc." >> $TMP/txtTEMP$$ ++echo 'Put "" around each init string with "&" in it.' >> $TMP/txtTEMP$$ ++echo 'Put OK after each init string. Example: ATZ OK "AT\&F1MH0" OK' >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Just press [Enter] on a empty box to accept the default above." >> $TMP/txtTEMP$$ + +-dialog --backtitle "MODEM INIT STRING ..." --inputbox "`cat /tmp/txtTEMP$$`" 18 74 2> /tmp/rspTEMP$$ ++dialog --backtitle "MODEM INIT STRING ..." --inputbox "`cat $TMP/txtTEMP$$`" 18 74 2> $TMP/rspTEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-if [ -s /tmp/rspTEMP$$ ]; then +-INIT="`cat /tmp/rspTEMP$$`" ++if [ -s $TMP/rspTEMP$$ ]; then ++INIT="`cat $TMP/rspTEMP$$`" + else + INIT="below" + fi + fi + +-echo "What is your (I)nternet (S)ervice (P)rovider's domain name?" > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "This is usually something like..." >> /tmp/txtTEMP$$ +-echo "Examples: something.edu something.net something.com something.org" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ ++echo "What is your (I)nternet (S)ervice (P)rovider's domain name?" > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "This is usually something like..." >> $TMP/txtTEMP$$ ++echo "Examples: something.edu something.net something.com something.org" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + +-dialog --backtitle "DOMAIN NAME ..." --inputbox "`cat /tmp/txtTEMP$$`" 11 74 2> /tmp/rspTEMP$$ ++dialog --backtitle "DOMAIN NAME ..." --inputbox "`cat $TMP/txtTEMP$$`" 11 74 2> $TMP/rspTEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-DOMAINNAME="`cat /tmp/rspTEMP$$`" ++DOMAINNAME="`cat $TMP/rspTEMP$$`" + +-echo "What is the IP address of your Internet provider's nameserver?" > /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "It's important that these IP numbers be correct." >> /tmp/txtTEMP$$ +-echo "The IP numbers should not be: 0.0.0.0" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Note: Your service provider's technical support can provide you" >> /tmp/txtTEMP$$ +-echo "with this information. Example: 207.132.116.5" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ ++echo "What is the IP address of your Internet provider's nameserver?" > $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "It's important that these IP numbers be correct." >> $TMP/txtTEMP$$ ++echo "The IP numbers should not be: 0.0.0.0" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Note: Your service provider's technical support can provide you" >> $TMP/txtTEMP$$ ++echo "with this information. Example: 207.132.116.5" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + +-dialog --backtitle "DNS IP ADDRESS ..." --inputbox "`cat /tmp/txtTEMP$$`" 14 74 2> /tmp/rspTEMP$$ ++dialog --backtitle "DNS IP ADDRESS ..." --inputbox "`cat $TMP/txtTEMP$$`" 14 74 2> $TMP/rspTEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-DNSIP="`cat /tmp/rspTEMP$$`" ++DNSIP="`cat $TMP/rspTEMP$$`" + +-if [ ! -s /tmp/cb3TEMP$$ ]; then +-echo "Does your service provider use PAP or CHAP?" > /tmp/txtTEMP$$ +-echo "If you're presented with a Username: or Login: and Password:" >> /tmp/txtTEMP$$ +-echo "prompt when you connect to your service provider, they're" >> /tmp/txtTEMP$$ +-echo "'probably' not using PAP or CHAP, so you can answer SCRIPT." >> /tmp/txtTEMP$$ +-echo "I said 'probably', the only way to know for sure is to ask you're" >> /tmp/txtTEMP$$ +-echo "service provider, this could save you a lot of wasted time." >> /tmp/txtTEMP$$ ++if [ ! -s $TMP/cb3TEMP$$ ]; then ++echo "Does your service provider use PAP or CHAP?" > $TMP/txtTEMP$$ ++echo "If you're presented with a Username: or Login: and Password:" >> $TMP/txtTEMP$$ ++echo "prompt when you connect to your service provider, they're" >> $TMP/txtTEMP$$ ++echo "'probably' not using PAP or CHAP, so you can answer SCRIPT." >> $TMP/txtTEMP$$ ++echo "I said 'probably', the only way to know for sure is to ask you're" >> $TMP/txtTEMP$$ ++echo "service provider, this could save you a lot of wasted time." >> $TMP/txtTEMP$$ + +-dialog --backtitle "PAP, CHAP, or SCRIPT? ..." --menu "`cat /tmp/txtTEMP$$`" 16 72 4 \ ++dialog --backtitle "PAP, CHAP, or SCRIPT? ..." --menu "`cat $TMP/txtTEMP$$`" 16 72 4 \ + PAP "AUTHENTICATION" \ + CHAP "AUTHENTICATION" \ + MS-CHAP-80 "is microsoft's version of CHAP." \ +-SCRIPT "Create Chat Script For Login." 2> /tmp/papTEMP ++SCRIPT "Create Chat Script For Login." 2> $TMP/papTEMP + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + else +-PAP="`cat /tmp/papTEMP`" ++PAP="`cat $TMP/papTEMP`" + fi + fi + +@@ -595,46 +626,46 @@ + + if [ "$PAP" = "MS-CHAP-80" ]; then + if [ ! -z "$DOMAINNAME" ]; then +-echo > /tmp/txtTEMP$$ +-echo "You gave $DOMAINNAME for domain name, this will be the" >> /tmp/txtTEMP$$ +-echo "NT server you connect to when you dial: $PHONENUM" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ ++echo > $TMP/txtTEMP$$ ++echo "You gave $DOMAINNAME for domain name, this will be the" >> $TMP/txtTEMP$$ ++echo "NT server you connect to when you dial: $PHONENUM" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + else +-echo > /tmp/txtTEMP$$ ++echo > $TMP/txtTEMP$$ + fi +-RAS >> /tmp/txtTEMP$$ ++RAS >> $TMP/txtTEMP$$ + +-dialog --title "MS-CHAP NT server, Stand-alone or ? ..." --menu "`cat /tmp/txtTEMP$$`" 22 72 2 \ ++dialog --title "MS-CHAP NT server, Stand-alone or ? ..." --menu "`cat $TMP/txtTEMP$$`" 22 72 2 \ + MS-CHAP-SERVER-1 "Stand-alone..." \ +-MS-CHAP-SERVER-2 "Queries domain controller..." 2> /tmp/mschapTEMP ++MS-CHAP-SERVER-2 "Queries domain controller..." 2> $TMP/mschapTEMP + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-MSCHAP="`cat /tmp/mschapTEMP`" ++MSCHAP="`cat $TMP/mschapTEMP`" + + if [ "$MSCHAP" = "MS-CHAP-SERVER-2" ]; then +-echo "Put the name of the domain you have your account on." > /tmp/txtTEMP0 +-echo "Example: fooboo" >> /tmp/txtTEMP0 +-echo >> /tmp/txtTEMP0 ++echo "Put the name of the domain you have your account on." > $TMP/txtTEMP0 ++echo "Example: fooboo" >> $TMP/txtTEMP0 ++echo >> $TMP/txtTEMP0 + +-dialog --backtitle "MS-CHAP QUERY DOMAIN? ..." --inputbox "`cat /tmp/txtTEMP0`" 9 64 2> /tmp/rspTEMP0 ++dialog --backtitle "MS-CHAP QUERY DOMAIN? ..." --inputbox "`cat $TMP/txtTEMP0`" 9 64 2> $TMP/rspTEMP0 + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-MSDOMAIN="`cat /tmp/rspTEMP0`" ++MSDOMAIN="`cat $TMP/rspTEMP0`" + +-if [ ! -s /tmp/rspTEMP0 ]; then +-rm -f /tmp/*TEMP* ++if [ ! -s $TMP/rspTEMP0 ]; then ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + echo "No ms-chap query domain name given." +@@ -643,32 +674,32 @@ + fi + fi + +-if [ ! "$PAP" = "SCRIPT" ] && [ ! -s /tmp/cb3TEMP$$ ]; then +-echo "Put your Login = Username in the box below." > /tmp/txtTEMP1 +-echo >> /tmp/txtTEMP1 +-echo "Sometimes they want your username or number followed" >> /tmp/txtTEMP1 +-echo "by their @domain name like this below." >> /tmp/txtTEMP1 +-echo "Example: jerry@foo.boo.com" >> /tmp/txtTEMP1 +-echo "Example: 1234567@foo.boo.com" >> /tmp/txtTEMP1 +-echo >> /tmp/txtTEMP1 +-echo "Sometimes the username is two words." >> /tmp/txtTEMP1 +-echo "Example: jerry donut" >> /tmp/txtTEMP1 +-echo >> /tmp/txtTEMP1 +-echo "Usally it's just your username like this below." >> /tmp/txtTEMP1 +-echo "Example: jerry" >> /tmp/txtTEMP1 +-echo >> /tmp/txtTEMP1 ++if [ ! "$PAP" = "SCRIPT" ] && [ ! -s $TMP/cb3TEMP$$ ]; then ++echo "Put your Login = Username in the box below." > $TMP/txtTEMP1 ++echo >> $TMP/txtTEMP1 ++echo "Sometimes they want your username or number followed" >> $TMP/txtTEMP1 ++echo "by their @domain name like this below." >> $TMP/txtTEMP1 ++echo "Example: jerry@foo.boo.com" >> $TMP/txtTEMP1 ++echo "Example: 1234567@foo.boo.com" >> $TMP/txtTEMP1 ++echo >> $TMP/txtTEMP1 ++echo "Sometimes the username is two words." >> $TMP/txtTEMP1 ++echo "Example: jerry donut" >> $TMP/txtTEMP1 ++echo >> $TMP/txtTEMP1 ++echo "Usally it's just your username like this below." >> $TMP/txtTEMP1 ++echo "Example: jerry" >> $TMP/txtTEMP1 ++echo >> $TMP/txtTEMP1 + +-dialog --backtitle "PAP or CHAP LOGIN? ..." --inputbox "`cat /tmp/txtTEMP1`" 19 64 2> /tmp/rspTEMP1 ++dialog --backtitle "PAP or CHAP LOGIN? ..." --inputbox "`cat $TMP/txtTEMP1`" 19 64 2> $TMP/rspTEMP1 + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-if [ ! -s /tmp/rspTEMP1 ]; then +-rm -f /tmp/*TEMP* ++if [ ! -s $TMP/rspTEMP1 ]; then ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + echo "No username for pap, chap, or ms-chap given." +@@ -676,119 +707,119 @@ + fi + fi + +-if [ -s /tmp/rspTEMP1 ]; then +-AUTH1="`cat /tmp/rspTEMP1`" +-echo "$AUTH1" > /tmp/txtTEMP2 +-echo "What's the password for the username above?" >> /tmp/txtTEMP2 +-echo "Example: Xpi9u87T" >> /tmp/txtTEMP2 +-dialog --backtitle "PAP or CHAP PASSWORD? ..." --inputbox "`cat /tmp/txtTEMP2`" 10 64 2> /tmp/rspTEMP2 ++if [ -s $TMP/rspTEMP1 ]; then ++AUTH1="`cat $TMP/rspTEMP1`" ++echo "$AUTH1" > $TMP/txtTEMP2 ++echo "What's the password for the username above?" >> $TMP/txtTEMP2 ++echo "Example: Xpi9u87T" >> $TMP/txtTEMP2 ++dialog --backtitle "PAP or CHAP PASSWORD? ..." --inputbox "`cat $TMP/txtTEMP2`" 10 64 2> $TMP/rspTEMP2 + +-AUTH2="`cat /tmp/rspTEMP2`" ++AUTH2="`cat $TMP/rspTEMP2`" + END="" + +-elif [ ! -s /tmp/cb1TEMP$$ ] && [ "$PAP" = "SCRIPT" ]; then ++elif [ ! -s $TMP/cb1TEMP$$ ] && [ "$PAP" = "SCRIPT" ]; then + END='""' +-echo "If you reached this part of the script, it should be because you" > /tmp/txtTEMP$$ +-echo "skipped the PAP or CHAP? and CALLBACK? parts of this script." >> /tmp/txtTEMP$$ +-echo "In other words, your service provider is not using PAP, CHAP, or" >> /tmp/txtTEMP$$ +-echo "CALLBACK." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Now comes the tough part. :) I need to know what your" >> /tmp/txtTEMP$$ +-echo "service provider prints to your screen when you dial in," >> /tmp/txtTEMP$$ +-echo "and what you respond with." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Usally when you connect to your service provider you see a" >> /tmp/txtTEMP$$ +-echo "Username: or Login: prompt, and you respond with your name." >> /tmp/txtTEMP$$ +-echo "Then there's a Password: prompt and you respond with your" >> /tmp/txtTEMP$$ +-echo "password." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "If you're not sure if it's Login: or login:, just put ogin:" >> /tmp/txtTEMP$$ +-echo "you don't have to spell the whole thing out, the end part of" >> /tmp/txtTEMP$$ +-echo "what to wait for should be enough." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo 'If they put this for example "foobar fooboo ID:", you could just' >> /tmp/txtTEMP$$ +-echo 'put ID: or you could spell the whole thing out & put "" around it.' >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo "ID:" >> /tmp/txtTEMP$$ +-echo "What text should I send?" >> /tmp/txtTEMP$$ +-echo "jerry" >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo '"foobar fooboo ID:"' >> /tmp/txtTEMP$$ +-echo "What text should I send?" >> /tmp/txtTEMP$$ +-echo "jerry" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Sometimes you may want to wait for nothing, but send something." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo '""' >> /tmp/txtTEMP$$ +-echo "What text should I send?" >> /tmp/txtTEMP$$ +-echo "something" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo '"" = wait for nothing.' >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "If you don't want your password printed out put \q in front of it." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo "Password:" >> /tmp/txtTEMP$$ +-echo "What text should I send?" >> /tmp/txtTEMP$$ +-echo "\qsecret" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "ogin: = Login: name: = Username: word: = Password:" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "This below would end up looking like this in the /etc/ppp/pppscript" >> /tmp/txtTEMP$$ +-echo "file created by pppsetup when you're done." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "ogin: jerry" >> /tmp/txtTEMP$$ +-echo "word: secret" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "For example..." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo "ogin:" >> /tmp/txtTEMP$$ +-echo "And what text should I send?" >> /tmp/txtTEMP$$ +-echo "jerry" >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo "word:" >> /tmp/txtTEMP$$ +-echo "And what text should I send?" >> /tmp/txtTEMP$$ +-echo "secret" >> /tmp/txtTEMP$$ +-echo "What text should I wait for?" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "( End by pressing Enter on an empty = blank wait for? box. )" >> /tmp/txtTEMP$$ ++echo "If you reached this part of the script, it should be because you" > $TMP/txtTEMP$$ ++echo "skipped the PAP or CHAP? and CALLBACK? parts of this script." >> $TMP/txtTEMP$$ ++echo "In other words, your service provider is not using PAP, CHAP, or" >> $TMP/txtTEMP$$ ++echo "CALLBACK." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Now comes the tough part. :) I need to know what your" >> $TMP/txtTEMP$$ ++echo "service provider prints to your screen when you dial in," >> $TMP/txtTEMP$$ ++echo "and what you respond with." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Usally when you connect to your service provider you see a" >> $TMP/txtTEMP$$ ++echo "Username: or Login: prompt, and you respond with your name." >> $TMP/txtTEMP$$ ++echo "Then there's a Password: prompt and you respond with your" >> $TMP/txtTEMP$$ ++echo "password." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "If you're not sure if it's Login: or login:, just put ogin:" >> $TMP/txtTEMP$$ ++echo "you don't have to spell the whole thing out, the end part of" >> $TMP/txtTEMP$$ ++echo "what to wait for should be enough." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo 'If they put this for example "foobar fooboo ID:", you could just' >> $TMP/txtTEMP$$ ++echo 'put ID: or you could spell the whole thing out & put "" around it.' >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo "ID:" >> $TMP/txtTEMP$$ ++echo "What text should I send?" >> $TMP/txtTEMP$$ ++echo "jerry" >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo '"foobar fooboo ID:"' >> $TMP/txtTEMP$$ ++echo "What text should I send?" >> $TMP/txtTEMP$$ ++echo "jerry" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Sometimes you may want to wait for nothing, but send something." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo '""' >> $TMP/txtTEMP$$ ++echo "What text should I send?" >> $TMP/txtTEMP$$ ++echo "something" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo '"" = wait for nothing.' >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "If you don't want your password printed out put \q in front of it." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo "Password:" >> $TMP/txtTEMP$$ ++echo "What text should I send?" >> $TMP/txtTEMP$$ ++echo "\qsecret" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "ogin: = Login: name: = Username: word: = Password:" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "This below would end up looking like this in the /etc/ppp/pppscript" >> $TMP/txtTEMP$$ ++echo "file created by pppsetup when you're done." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "ogin: jerry" >> $TMP/txtTEMP$$ ++echo "word: secret" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "For example..." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo "ogin:" >> $TMP/txtTEMP$$ ++echo "And what text should I send?" >> $TMP/txtTEMP$$ ++echo "jerry" >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo "word:" >> $TMP/txtTEMP$$ ++echo "And what text should I send?" >> $TMP/txtTEMP$$ ++echo "secret" >> $TMP/txtTEMP$$ ++echo "What text should I wait for?" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "( End by pressing Enter on an empty = blank wait for? box. )" >> $TMP/txtTEMP$$ + +-dialog --title "CHAT SCRIPT" --textbox "/tmp/txtTEMP$$" 22 72 ++dialog --title "CHAT SCRIPT" --textbox "$TMP/txtTEMP$$" 22 72 + + MESSAGE=' ' + YOUSAY=' ' + while [ ! "$MESSAGE" = "" -a ! "$YOUSAY" = "" ] + do + +-echo " End by pressing Enter on a empty = blank box." > /tmp/txtTEMP$$ +-echo " What text should I wait for?" >> /tmp/txtTEMP$$ +-dialog --backtitle "EXPECT ..." --inputbox "`cat /tmp/txtTEMP$$`" 9 60 2> /tmp/rspTEMP$$ ++echo " End by pressing Enter on a empty = blank box." > $TMP/txtTEMP$$ ++echo " What text should I wait for?" >> $TMP/txtTEMP$$ ++dialog --backtitle "EXPECT ..." --inputbox "`cat $TMP/txtTEMP$$`" 9 60 2> $TMP/rspTEMP$$ + +-MESSAGE="`cat /tmp/rspTEMP$$`" ++MESSAGE="`cat $TMP/rspTEMP$$`" + + if [ -z "$MESSAGE" ]; then + continue + fi + +-dialog --backtitle "SEND ..." --inputbox "And what text should I send?" 8 60 2> /tmp/rspTEMP$$ ++dialog --backtitle "SEND ..." --inputbox "And what text should I send?" 8 60 2> $TMP/rspTEMP$$ + + if [ $? = 1 ]; then +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + clear 2>/dev/null || echo + echo "PPP configuration cancelled." + exit + fi + +-YOUSAY="`cat /tmp/rspTEMP$$`" ++YOUSAY="`cat $TMP/rspTEMP$$`" + +-echo "$MESSAGE $YOUSAY" >> /tmp/sayTEMP1 ++echo "$MESSAGE $YOUSAY" >> $TMP/sayTEMP1 + + if [ -z "$YOUSAY" ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + echo "Nothing to send." + exit +@@ -798,22 +829,22 @@ + done + fi + +-if [ ! -s /tmp/cb3TEMP$$ ]; then +-if [ -s /tmp/cb1TEMP$$ ] && [ ! -s /tmp/cb3TEMP$$ ] && [ "$PAP" = "SCRIPT" ]; then ++if [ ! -s $TMP/cb3TEMP$$ ]; then ++if [ -s $TMP/cb1TEMP$$ ] && [ ! -s $TMP/cb3TEMP$$ ] && [ "$PAP" = "SCRIPT" ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + echo "You chose callback with PAP or CHAP, but answered SCRIPT to PAP or CHAP?." + exit +-elif [ ! -s /tmp/rspTEMP2 ] && [ -s /tmp/rspTEMP1 ]; then ++elif [ ! -s $TMP/rspTEMP2 ] && [ -s $TMP/rspTEMP1 ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + echo "No password for: $AUTH1" + exit +-elif [ ! -s /tmp/sayTEMP1 ] && [ ! -s /tmp/rspTEMP2 ]; then ++elif [ ! -s $TMP/sayTEMP1 ] && [ ! -s $TMP/rspTEMP2 ]; then + clear 2>/dev/null || echo +-rm -f /tmp/*TEMP* ++rm -f $TMP/*TEMP* + echo "PPP configuration cancelled." + echo "Nothing to wait for." + exit +@@ -868,9 +899,9 @@ + PATH1="pppd" + fi + +-if [ "$PATH1" != "pppd" ]; then +-chmod 4755 $PATH1 2>/dev/null +-fi ++#if [ "$PATH1" != "pppd" ]; then ++#chmod 4755 $PATH1 2>/dev/null ++#fi + + if [ -x /usr/sbin/chat ]; then + PATH2="/usr/sbin/chat" +@@ -886,14 +917,14 @@ + PATH2="chat" + fi + +-if [ ! -s /tmp/cb1TEMP$$ ]; then +-echo "TIMEOUT 10" > /etc/ppp/pppscript ++if [ ! -s $TMP/cb1TEMP$$ ]; then ++echo "TIMEOUT 60" > /etc/ppp/pppscript + echo "ABORT ERROR" >> /etc/ppp/pppscript + echo "ABORT BUSY" >> /etc/ppp/pppscript + echo 'ABORT "NO CARRIER"' >> /etc/ppp/pppscript + echo 'ABORT "NO DIALTONE"' >> /etc/ppp/pppscript + if [ "$INIT" = "below" ]; then +-echo '"" "AT\&FW1H0"' >> /etc/ppp/pppscript ++echo '"" "AT&FH0"' >> /etc/ppp/pppscript + echo 'OK "'$PHONENUM'"' >> /etc/ppp/pppscript + else + echo '"" '$INIT'' >> /etc/ppp/pppscript +@@ -905,8 +936,8 @@ + chmod 600 /etc/ppp/pppscript 2>/dev/null + fi + +-if [ -s /tmp/sayTEMP1 ]; then +-cat /tmp/sayTEMP1 >> /etc/ppp/pppscript ++if [ -s $TMP/sayTEMP1 ]; then ++cat $TMP/sayTEMP1 >> /etc/ppp/pppscript + echo >> /etc/ppp/pppscript + else + echo >> /etc/ppp/pppscript +@@ -948,9 +979,9 @@ + echo "# The CARRIER speed at which you connected will be reported, if it's in" >> /etc/ppp/ip-up + echo '# the /var/log/messages file. You also need the programs "tail" "cut"' >> /etc/ppp/ip-up + echo '# "tr" "grep" and "syslogd" running for this to work.' >> /etc/ppp/ip-up +-echo "# You may have to add W1 or S95=46 to your modem init string" >> /etc/ppp/ip-up ++echo "# You may have to add S95=46 to your modem init string" >> /etc/ppp/ip-up + echo "# to get your modem to report the DCE = CARRIER speed." >> /etc/ppp/ip-up +-echo "# Examples: AT&FW1 or AT&FS95=46" >> /etc/ppp/ip-up ++echo "# Example: AT&FS95=46" >> /etc/ppp/ip-up + + echo >> /etc/ppp/ip-up + echo "if [ -s /var/log/messages ] && ( ps xc 2>/dev/null | grep -q syslogd 2>/dev/null ); then" >> /etc/ppp/ip-up +@@ -986,7 +1017,8 @@ + echo >> /etc/ppp/ip-up + echo "# End..." >> /etc/ppp/ip-up + +-chmod 4755 /etc/ppp/ip-up 2>/dev/null ++#chmod 4755 /etc/ppp/ip-up 2>/dev/null ++chmod 755 /etc/ppp/ip-up 2>/dev/null + + if [ -s /etc/ppp/ip-down ]; then + mv /etc/ppp/ip-down /etc/ppp/ip-down.OLD +@@ -1022,7 +1054,7 @@ + # You'll see the modem reponse OK and date in the /etc/ppp/modem.cua?, + # modem.ttyS?, or modem.modem file. + # You need the 'modem-stats' program for this below to work. +-# ftp://sunsite.unc.edu/pub/apps/serialcomm/modem ++# ftp://metalab.unc.edu/pub/apps/serialcomm/modem + # modem-stats-1.0.1.src.elf.tar.gz + # Remove the ##### from the lines below. + +@@ -1030,7 +1062,8 @@ + } + + ipdown > /etc/ppp/ip-down +-chmod 4755 /etc/ppp/ip-down 2>/dev/null ++#chmod 4755 /etc/ppp/ip-down 2>/dev/null ++chmod 755 /etc/ppp/ip-down 2>/dev/null + + echo "#sleep 2 # Make sure the modem is really down." >> /etc/ppp/ip-down + echo '#DEV=`echo $2 | sed -e "s./dev/.."`' >> /etc/ppp/ip-down +@@ -1080,38 +1113,38 @@ + cat <<EOF + grepauth() { + +-tail -n 30 /var/log/debug 2>/dev/null | grep -i -s "rcvd" > /tmp/grep.tmp ++tail -n 30 /var/log/debug 2>/dev/null | grep -i -s "rcvd" > $TMP/grep.tmp + +-if ( grep -i -q "auth pap" /tmp/grep.tmp ); then ++if ( grep -i -q "auth pap" $TMP/grep.tmp ); then + echo + echo "They seem to be requesting PAP = <auth pap> for authentication." + echo "I don't know if you're setup for 'PAP' or not." + echo "Did you answer 'PAP' when you ran pppsetup?" + echo +-elif ( grep -E -i -q "auth chap msoft|auth chap 80" /tmp/grep.tmp ); then ++elif ( grep -E -i -q "auth chap msoft|auth chap 80" $TMP/grep.tmp ); then + echo + echo "They seem to be requesting MS-CHAP-80 = <auth chap 80> for authentication." + echo "I don't know if you're setup for 'MS-CHAP' or not." + echo "Did you answer 'MS-CHAP' when you ran pppsetup?" + echo +-elif ( grep -i -q "auth chap" /tmp/grep.tmp ); then ++elif ( grep -i -q "auth chap" $TMP/grep.tmp ); then + echo "They seem to be requesting CHAP = <auth chap> for authentication." + echo "I don't know if you're setup for 'CHAP' or not." + echo "Did you answer 'CHAP' when you ran pppsetup?" + echo + else +-rm -f /tmp/grep.tmp ++rm -f $TMP/grep.tmp + exit 0 + fi + +-if ( grep -i -q "callback" /tmp/grep.tmp ); then ++if ( grep -i -q "callback" $TMP/grep.tmp ); then + echo "They seem to be requesting CALLBACK." + echo "I don't know if you're setup for 'callback' or not." + echo "Did you answer 'CALLBACK' when you ran pppsetup?" + echo + fi + +-rm -f /tmp/grep.tmp ++rm -f $TMP/grep.tmp + } + EOF + } +@@ -1124,14 +1157,14 @@ + echo "killall -INT pppd 2>/dev/null" >> /usr/sbin/ppp-go + echo "rm -f /var/lock/LCK* /var/run/ppp*.pid" >> /usr/sbin/ppp-go + +-if [ -s /tmp/cb1TEMP$$ ]; then +-echo '('$PATH1' -detach connect "'$PATH2' -v -s -f /etc/ppp/callback" &) || exit 1' >> /usr/sbin/ppp-go ++if [ -s $TMP/cb1TEMP$$ ]; then ++echo '('$PATH1' -detach connect "'$PATH2' -v -f /etc/ppp/callback" &) || exit 1' >> /usr/sbin/ppp-go + else +-echo '('$PATH1' -detach connect "'$PATH2' -v -s -f /etc/ppp/pppscript" &) || exit 1' >> /usr/sbin/ppp-go ++echo '('$PATH1' -detach connect "'$PATH2' -v -f /etc/ppp/pppscript" &) || exit 1' >> /usr/sbin/ppp-go + fi + +-echo "read" >> /usr/sbin/ppp-go +-echo "ifconnect" >> /usr/sbin/ppp-go ++echo "#read" >> /usr/sbin/ppp-go ++echo "#ifconnect" >> /usr/sbin/ppp-go + echo "exit 0" >> /usr/sbin/ppp-go + echo "fi" >> /usr/sbin/ppp-go + +@@ -1140,10 +1173,10 @@ + echo "killall -INT pppd 2>/dev/null" >> /usr/sbin/ppp-go + echo "rm -f /var/lock/LCK* /var/run/ppp*.pid" >> /usr/sbin/ppp-go + +-if [ -s /tmp/cb1TEMP$$ ]; then +-echo '('$PATH1' connect "'$PATH2' -v -f /etc/ppp/callback") || exit 1' >> /usr/sbin/ppp-go ++if [ -s $TMP/cb1TEMP$$ ]; then ++echo '('$PATH1' connect "'$PATH2' -v -f /etc/ppp/callback" 1> /dev/null 2> /dev/null ) || exit 1' >> /usr/sbin/ppp-go + else +-echo '('$PATH1' connect "'$PATH2' -v -f /etc/ppp/pppscript") || exit 1' >> /usr/sbin/ppp-go ++echo '('$PATH1' connect "'$PATH2' -v -f /etc/ppp/pppscript" 1> /dev/null 2> /dev/null ) || exit 1' >> /usr/sbin/ppp-go + fi + + echo "exit 0" >> /usr/sbin/ppp-go +@@ -1194,26 +1227,37 @@ + echo 'echo "USAGE: ppp-go -h <Help>"' >> /usr/sbin/ppp-go + echo "exit 1" >> /usr/sbin/ppp-go + +-chmod 4755 /usr/sbin/ppp-go 2>/dev/null ++#chmod 4755 /usr/sbin/ppp-go 2>/dev/null ++chmod 755 /usr/sbin/ppp-go 2>/dev/null + +-echo "lock" > /etc/ppp/options +-echo "defaultroute" >> /etc/ppp/options +-echo "noipdefault" >> /etc/ppp/options +-echo "modem" >> /etc/ppp/options +-echo "/dev/$MODEM" >> /etc/ppp/options +-echo "$BAUDRATE" >> /etc/ppp/options +-echo "crtscts" >> /etc/ppp/options +-echo "debug" >> /etc/ppp/options +-echo "passive" >> /etc/ppp/options +-echo "asyncmap 0" >> /etc/ppp/options ++cat << EOF > /etc/ppp/options ++# General configuration options for PPPD: ++lock ++defaultroute ++noipdefault ++modem ++/dev/$MODEM ++$BAUDRATE ++crtscts ++# Uncomment the line below for more verbose error reporting: ++#debug ++# If you have a default route already, pppd may require the other side ++# to authenticate itself, which most ISPs will not do. To work around this, ++# uncomment the line below. Note that this may have negative side effects ++# on system security if you allow PPP dialins. See the docs in /usr/doc/ppp* ++# for more information. ++#noauth ++passive ++asyncmap 0 ++EOF + + if [ ! -z "$CBPN" ]; then + echo 'callback "'$CBPN'"' >> /etc/ppp/options + fi + +-if [ "$MSCHAP" = "MS-CHAP-SERVER-2" ] && [ -s /tmp/rspTEMP2 ]; then ++if [ "$MSCHAP" = "MS-CHAP-SERVER-2" ] && [ -s $TMP/rspTEMP2 ]; then + echo 'name "'$MSDOMAIN\\\\$AUTH1'"' >> /etc/ppp/options +-elif [ -s /tmp/rspTEMP2 ]; then ++elif [ -s $TMP/rspTEMP2 ]; then + echo 'name "'$AUTH1'"' >> /etc/ppp/options + fi + +@@ -1277,7 +1321,7 @@ + echo "0.0.0.0:10.10.10.10" >> /etc/ppp/options.demand + echo "demand" >> /etc/ppp/options.demand + +-if [ -s /tmp/cb1TEMP$$ ]; then ++if [ -s $TMP/cb1TEMP$$ ]; then + echo 'connect "'$PATH2' -v -f /etc/ppp/callback"' >> /etc/ppp/options.demand + else + echo 'connect "'$PATH2' -v -f /etc/ppp/pppscript"' >> /etc/ppp/options.demand +@@ -1352,18 +1396,18 @@ + 0.0.0.0 foobar.localnet foobar + + ~# dip -tv +-dip> port /dev/cua1 +-can't open - problems with locking cua1 ++dip> port /dev/ttyS1 ++can't open - problems with locking ttyS1 + + If you get the above message after "port /dev/modem", it means you have a +-lock file in /var/lock/LCK..cua1, remove the lock file and kill dip. ++lock file in /var/lock/LCK..ttyS1, remove the lock file and kill dip. + + ~# rm /var/lock/LCK* + # killall -9 dip + + ~# dip -tv + +-dip> port /dev/cua1 <-Where's the modem? cua0 = com1 cua1 = com2 etc.) ++dip> port /dev/ttyS1 <-Where's the modem? ttyS0 = com1 ttyS1 = com2 etc.) + dip> speed 115200 <-Modem speed: 19200 38400 57600 + dip> term + +@@ -1379,7 +1423,7 @@ + dip> default <-Use default route.) + dip> mode ppp <-Start PPP at your end.) + +-~# ping sunsite.unc.edu <-To see if you're connected.) ++~# ping metalab.unc.edu <-To see if you're connected.) + + ~# dip -k <-To kill dip and the PPP connection.) + +@@ -1393,7 +1437,7 @@ + lock + defaultroute + noipdefault +-/dev/cua1 <- cua0 = com1 cua1 = com2 cua2 = com3 cua3 = com4 ++/dev/ttyS1 <- ttyS0 = com1 ttyS1 = com2 ttyS2 = com3 ttyS3 = com4 + 57600 + modem + crtscts +@@ -1419,221 +1463,221 @@ + } + + echo "=========================================================================" > /etc/ppp/pppsetup.txt +-cat /tmp/txtTEMP01 >> /etc/ppp/pppsetup.txt ++cat $TMP/txtTEMP01 >> /etc/ppp/pppsetup.txt + +-echo "=========================================================================" > /tmp/txtTEMP$$ +-echo "These are your PPP configuration files and instructions..." >> /tmp/txtTEMP$$ +-echo "=========================================================================" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +- +-if [ ! -s /tmp/cb1TEMP$$ ] && [ ! -s /tmp/sayTEMP1 ]; then +-echo "# This is your /etc/ppp/pppscript." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-cat /etc/ppp/pppscript >> /tmp/txtTEMP$$ +-elif [ ! -s /tmp/cb1TEMP$$ ] && [ -s /tmp/sayTEMP1 ]; then +-echo "# This is your /etc/ppp/pppscript." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Look at /etc/ppp/pppscript." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-fi +- +-if [ -s /tmp/cb1TEMP$$ ]; then +-echo "# This is your /etc/ppp/callback script." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Look at /etc/ppp/callback." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-fi +- +-echo "# This is your /etc/ppp/options file." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-cat /etc/ppp/options >> /tmp/txtTEMP$$ ++echo "=========================================================================" > $TMP/txtTEMP$$ ++echo "These are your PPP configuration files and instructions..." >> $TMP/txtTEMP$$ ++echo "=========================================================================" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++ ++if [ ! -s $TMP/cb1TEMP$$ ] && [ ! -s $TMP/sayTEMP1 ]; then ++echo "# This is your /etc/ppp/pppscript." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++cat /etc/ppp/pppscript >> $TMP/txtTEMP$$ ++elif [ ! -s $TMP/cb1TEMP$$ ] && [ -s $TMP/sayTEMP1 ]; then ++echo "# This is your /etc/ppp/pppscript." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Look at /etc/ppp/pppscript." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++fi ++ ++if [ -s $TMP/cb1TEMP$$ ]; then ++echo "# This is your /etc/ppp/callback script." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Look at /etc/ppp/callback." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++fi ++ ++echo "# This is your /etc/ppp/options file." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++cat /etc/ppp/options >> $TMP/txtTEMP$$ + + if [ "$MODERROR" = "YES" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "WARNING: I could not find the modem device: '/dev/$MODEM'" >> /tmp/txtTEMP$$ +-echo "cua0 = com1 cua1 = com2 cua2 = com3 cua3 = com4" >> /tmp/txtTEMP$$ +-echo "# MAKEDEV $MODEM # /dev/MAKEDEV $MODEM" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "WARNING: I could not find the modem device: '/dev/$MODEM'" >> $TMP/txtTEMP$$ ++echo "ttyS0 = com1 ttyS1 = com2 ttyS2 = com3 ttyS3 = com4" >> $TMP/txtTEMP$$ ++echo "# MAKEDEV $MODEM # /dev/MAKEDEV $MODEM" >> $TMP/txtTEMP$$ + fi + + if [ "$DOMAINNAME" = "unknown.com" ] && [ "$PAP" = "MS-CHAP-80" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "The remotename option is required for microsoft's ms-chap-80." >> /tmp/txtTEMP$$ +-echo "You didn't give a DOMAIN NAME so i put unknown.com, you should" >> /tmp/txtTEMP$$ +-echo "change that to your service providers domain name." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "The remotename option is required for microsoft's ms-chap-80." >> $TMP/txtTEMP$$ ++echo "You didn't give a DOMAIN NAME so i put unknown.com, you should" >> $TMP/txtTEMP$$ ++echo "change that to your service providers domain name." >> $TMP/txtTEMP$$ + fi + + if [ ! "$MODERROR" = "YES" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "I created the symbolic link: /dev/modem -> /dev/$MODEM" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "I created the symbolic link: /dev/modem -> /dev/$MODEM" >> $TMP/txtTEMP$$ + fi + +-echo >> /tmp/txtTEMP$$ +-echo "# This is your /etc/ppp/options.demand dialing file." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-cat /etc/ppp/options.demand >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "If you have a ethernet connection you should change the local:remote" >> /tmp/txtTEMP$$ +-echo "IP addresses in the options.demand file, to your actual local and" >> /tmp/txtTEMP$$ +-echo "remote address. Example: 215.346.117.89:312.217.187.96" >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "# This in your /etc/resolv.conf file." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-cat /etc/resolv.conf >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "# This is your /etc/ppp/options.demand dialing file." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++cat /etc/ppp/options.demand >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "If you have a ethernet connection you should change the local:remote" >> $TMP/txtTEMP$$ ++echo "IP addresses in the options.demand file, to your actual local and" >> $TMP/txtTEMP$$ ++echo "remote address. Example: 215.346.117.89:312.217.187.96" >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "# This in your /etc/resolv.conf file." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++cat /etc/resolv.conf >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ + if [ -z $DNSIP ]; then +-echo "207.132.116.5 <-IMPORTANT: This should be the IP address of" >> /tmp/txtTEMP$$ +-echo " your service providers nameserver." >> /tmp/txtTEMP$$ ++echo "207.132.116.5 <-IMPORTANT: This should be the IP address of" >> $TMP/txtTEMP$$ ++echo " your service providers nameserver." >> $TMP/txtTEMP$$ + else +-echo "$DNSIP <-IMPORTANT: This should be the IP address of" >> /tmp/txtTEMP$$ +-echo " your service providers nameserver." >> /tmp/txtTEMP$$ ++echo "$DNSIP <-IMPORTANT: This should be the IP address of" >> $TMP/txtTEMP$$ ++echo " your service providers nameserver." >> $TMP/txtTEMP$$ + fi + + if [ -z $DNSIP ]; then +-echo >> /tmp/txtTEMP$$ +-echo "WARNING: You didn't give a IP address for your internet service" >> /tmp/txtTEMP$$ +-echo "providers nameserver, i put '207.132.116.5' but this may not work." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "WARNING: You didn't give a IP address for your internet service" >> $TMP/txtTEMP$$ ++echo "providers nameserver, i put '207.132.116.5' but this may not work." >> $TMP/txtTEMP$$ + fi + + if [ "$PAP" = "CHAP" ] || [ "$PAP" = "MS-CHAP-80" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "# This is your /etc/ppp/chap-secrets file." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Look at /etc/ppp/chap-secrets." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "# This is your /etc/ppp/chap-secrets file." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Look at /etc/ppp/chap-secrets." >> $TMP/txtTEMP$$ + fi + + if [ "$DOMAINNAME" = "unknown.com" ] && [ "$PAP" = "MS-CHAP-80" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "You didn't give a DOMAIN NAME that's why i put unknown.com in" >> /tmp/txtTEMP$$ +-echo "the /etc/ppp/chap-secrets file." >> /tmp/txtTEMP$$ +-echo "You should change that to your service providers domain name." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "You didn't give a DOMAIN NAME that's why i put unknown.com in" >> $TMP/txtTEMP$$ ++echo "the /etc/ppp/chap-secrets file." >> $TMP/txtTEMP$$ ++echo "You should change that to your service providers domain name." >> $TMP/txtTEMP$$ + fi + + if [ "$PAP" = "PAP" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "# This is your /etc/ppp/pap-secrets file." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "Look at /etc/ppp/pap-secrets." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "# This is your /etc/ppp/pap-secrets file." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Look at /etc/ppp/pap-secrets." >> $TMP/txtTEMP$$ + fi + + if [ "$PATH1" = "pppd" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "ATENTION: I couldn't find <pppd> on your system." >> /tmp/txtTEMP$$ +-echo "You need <pppd> on your system to make the PPP connection." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "ATENTION: I couldn't find <pppd> on your system." >> $TMP/txtTEMP$$ ++echo "You need <pppd> on your system to make the PPP connection." >> $TMP/txtTEMP$$ + fi + + if [ "$PATH2" = "chat" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "ATENTION: I couldn't find <chat> on your system." >> /tmp/txtTEMP$$ +-echo "You need <chat> on your system to make the PPP connection." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "ATENTION: I couldn't find <chat> on your system." >> $TMP/txtTEMP$$ ++echo "You need <chat> on your system to make the PPP connection." >> $TMP/txtTEMP$$ + fi + + if [ ! "$MSG1" = "YES" ] && [ ! "$MSG2" = "YES" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "ATENTION: I couldn't find 'PPP' in the kernel or as a module." >> /tmp/txtTEMP$$ +-echo "You'll need 'PPP' in the kernel or as a module to make a PPP connection." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "ATENTION: I couldn't find 'PPP' in the kernel or as a module." >> $TMP/txtTEMP$$ ++echo "You'll need 'PPP' in the kernel or as a module to make a PPP connection." >> $TMP/txtTEMP$$ + fi + + if [ "$PPPRC" = "YES" ]; then +-echo >> /tmp/txtTEMP$$ +-echo "ATENTION: I found a $HOME/.ppprc file and moved it to" >> /tmp/txtTEMP$$ +-echo ".ppprc.off, it might interfere with the PPP connection." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "ATENTION: I found a $HOME/.ppprc file and moved it to" >> $TMP/txtTEMP$$ ++echo ".ppprc.off, it might interfere with the PPP connection." >> $TMP/txtTEMP$$ + fi + +-echo >> /tmp/txtTEMP$$ +-echo "Does everything look correct? if not, run 'pppsetup' again..." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "=========================================================================" >> /tmp/txtTEMP$$ +-echo "To connect to your service provider." >> /tmp/txtTEMP$$ +-echo "=========================================================================" >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "~# ppp-go <-Make PPP connection.)" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Does everything look correct? if not, run 'pppsetup' again..." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "=========================================================================" >> $TMP/txtTEMP$$ ++echo "To connect to your service provider." >> $TMP/txtTEMP$$ ++echo "=========================================================================" >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "~# ppp-go <-Make PPP connection.)" >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ +-echo "You'll hear and see the modem dialing then once connected," >> /tmp/txtTEMP$$ +-echo "logging you in Username: or Login: and Password: etc." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "You won't see a Username or Login: and Password: prompt" >> /tmp/txtTEMP$$ +-echo "if they're using PAP or CHAP to authenticate you." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "If they use PAP or CHAP you'll just see CONNECT -- got it." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "If the connection was successful you'll see the Local IP and" >> /tmp/txtTEMP$$ +-echo "Remote IP address printed to the screen, you can press [Enter]." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "If you run ppp-go in X windows you probably won't see a Local" >> /tmp/txtTEMP$$ +-echo "and Remote IP address printed to the screen, you'll just see" >> /tmp/txtTEMP$$ +-echo "the connection process come to a end, wait a few seconds and" >> /tmp/txtTEMP$$ +-echo "press [Enter] at that point." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "If you don't connect for whatever reason e.g. Failed No" >> /tmp/txtTEMP$$ +-echo "Dialtone, Busy, No Carrier, Whatever, Exit, just press" >> /tmp/txtTEMP$$ +-echo "[Enter] at that point." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "if you have syslogd running, you can see the output messages" >> /tmp/txtTEMP$$ +-echo "from pppd and chat in the /var/log/messages and or debug file." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "Sample /var/log/messages file." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` pppd[562]: Serial connection established." >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` pppd[562]: Using interface ppp0" >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` pppd[562]: Connect: ppp0 <--> /dev/modem" >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` pppd[562]: local IP address 215.87.78.18" >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` pppd[562]: remote IP address 205.94.97.35" >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "You don't have a successful PPP connection until you" >> /tmp/txtTEMP$$ +-echo "receive a local & remote IP address like above." >> /tmp/txtTEMP$$ +- +-echo >> /tmp/txtTEMP$$ +-echo "If you have the X window system, you could connect in a Xterm." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` # startx" >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` # ppp-go" >> /tmp/txtTEMP$$ +-echo "`hostname 2>/dev/null` # netscape mosaic etc." >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "You'll hear and see the modem dialing then once connected," >> $TMP/txtTEMP$$ ++echo "logging you in Username: or Login: and Password: etc." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "You won't see a Username or Login: and Password: prompt" >> $TMP/txtTEMP$$ ++echo "if they're using PAP or CHAP to authenticate you." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "If they use PAP or CHAP you'll just see CONNECT -- got it." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "If the connection was successful you'll see the Local IP and" >> $TMP/txtTEMP$$ ++echo "Remote IP address printed to the screen, you can press [Enter]." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "If you run ppp-go in X windows you probably won't see a Local" >> $TMP/txtTEMP$$ ++echo "and Remote IP address printed to the screen, you'll just see" >> $TMP/txtTEMP$$ ++echo "the connection process come to a end, wait a few seconds and" >> $TMP/txtTEMP$$ ++echo "press [Enter] at that point." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "If you don't connect for whatever reason e.g. Failed No" >> $TMP/txtTEMP$$ ++echo "Dialtone, Busy, No Carrier, Whatever, Exit, just press" >> $TMP/txtTEMP$$ ++echo "[Enter] at that point." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "if you have syslogd running, you can see the output messages" >> $TMP/txtTEMP$$ ++echo "from pppd and chat in the /var/log/messages and or debug file." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "Sample /var/log/messages file." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` pppd[562]: Serial connection established." >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` pppd[562]: Using interface ppp0" >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` pppd[562]: Connect: ppp0 <--> /dev/modem" >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` pppd[562]: local IP address 215.87.78.18" >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` pppd[562]: remote IP address 205.94.97.35" >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "You don't have a successful PPP connection until you" >> $TMP/txtTEMP$$ ++echo "receive a local & remote IP address like above." >> $TMP/txtTEMP$$ ++ ++echo >> $TMP/txtTEMP$$ ++echo "If you have the X window system, you could connect in a Xterm." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` # startx" >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` # ppp-go" >> $TMP/txtTEMP$$ ++echo "`hostname 2>/dev/null` # netscape mosaic etc." >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ +-echo "~# ppp-off <-To end the ppp connection.)" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "~# ppp-off <-To end the ppp connection.)" >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ +-echo "~# ppp-go -h <-For help.)" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "~# ppp-go -h <-For help.)" >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ +-echo 'There is no support in linux for "WinModems", if you have a' >> /tmp/txtTEMP$$ +-echo "WinModem you will not be able to use it in linux." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "There is support for plug n play modems, if you have a pnp" >> /tmp/txtTEMP$$ +-echo 'modem you may need "isapnptools" to get it recognized.' >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo 'There is no support in linux for "WinModems", if you have a' >> $TMP/txtTEMP$$ ++echo "WinModem you will not be able to use it in linux." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "There is support for plug n play modems, if you have a pnp" >> $TMP/txtTEMP$$ ++echo 'modem you may need "isapnptools" to get it recognized.' >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ +-echo "=========================================================================" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "=========================================================================" >> $TMP/txtTEMP$$ + if [ -s /usr/doc/pppsetup/pppsetup-$VERSION.README ]; then +-echo "#### Look at the /usr/doc/pppsetup/pppsetup-$VERSION.README. ####" >> /tmp/txtTEMP$$ ++echo "#### Look at the /usr/doc/pppsetup/pppsetup-$VERSION.README. ####" >> $TMP/txtTEMP$$ + fi +-echo "#### A copy of this text can be found in: /etc/ppp/pppsetup.txt ####" >> /tmp/txtTEMP$$ +-echo "=========================================================================" >> /tmp/txtTEMP$$ ++echo "#### A copy of this text can be found in: /etc/ppp/pppsetup.txt ####" >> $TMP/txtTEMP$$ ++echo "=========================================================================" >> $TMP/txtTEMP$$ + +-echo >> /tmp/txtTEMP$$ +-echo "Done... You can exit now..." >> /tmp/txtTEMP$$ +-echo >> /tmp/txtTEMP$$ +-echo "End..." >> /tmp/txtTEMP$$ +-echo "=========================================================================" >> /tmp/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "Done... You can exit now..." >> $TMP/txtTEMP$$ ++echo >> $TMP/txtTEMP$$ ++echo "End..." >> $TMP/txtTEMP$$ ++echo "=========================================================================" >> $TMP/txtTEMP$$ + +-dialog --title "DONE" --clear --textbox "/tmp/txtTEMP$$" 22 78 ++dialog --title "DONE" --clear --textbox "$TMP/txtTEMP$$" 22 78 + + clear 2>/dev/null || echo + +-cat /tmp/txtTEMP$$ >> /etc/ppp/pppsetup.txt ++cat $TMP/txtTEMP$$ >> /etc/ppp/pppsetup.txt + chmod 600 /etc/ppp/pppsetup.txt 2>/dev/null + + if [ ! -s /etc/syslog.conf ]; then +@@ -1644,7 +1688,7 @@ + + demand >> /etc/ppp/pppsetup.txt + other >> /etc/ppp/pppsetup.txt +-rm -f /tmp/*TEMP* 2>/dev/null ++rm -f $TMP/*TEMP* 2>/dev/null + + killall -9 syslogd 2>/dev/null + syslogd & 2>/dev/null +@@ -1659,7 +1703,7 @@ + else + demand >> /etc/ppp/pppsetup.txt + other >> /etc/ppp/pppsetup.txt +-rm -f /tmp/*TEMP* 2>/dev/null ++rm -f $TMP/*TEMP* 2>/dev/null + echo + echo "#### A copy of this text can be found in: /etc/ppp/pppsetup.txt ####" + if [ -s /usr/doc/pppsetup/pppsetup-$VERSION.README ]; then diff --git a/patches/source/ppp/radius.msdict b/patches/source/ppp/radius.msdict new file mode 100644 index 000000000..da3a317c0 --- /dev/null +++ b/patches/source/ppp/radius.msdict @@ -0,0 +1,81 @@ +# +# Microsoft's VSA's, from RFC 2548 +# +# $Id: dictionary.microsoft,v 1.1 2004/11/14 07:26:26 paulus Exp $ +# + +VENDOR Microsoft 311 Microsoft + +ATTRIBUTE MS-CHAP-Response 1 string Microsoft +ATTRIBUTE MS-CHAP-Error 2 string Microsoft +ATTRIBUTE MS-CHAP-CPW-1 3 string Microsoft +ATTRIBUTE MS-CHAP-CPW-2 4 string Microsoft +ATTRIBUTE MS-CHAP-LM-Enc-PW 5 string Microsoft +ATTRIBUTE MS-CHAP-NT-Enc-PW 6 string Microsoft +ATTRIBUTE MS-MPPE-Encryption-Policy 7 string Microsoft +# This is referred to as both singular and plural in the RFC. +# Plural seems to make more sense. +ATTRIBUTE MS-MPPE-Encryption-Type 8 string Microsoft +ATTRIBUTE MS-MPPE-Encryption-Types 8 string Microsoft +ATTRIBUTE MS-RAS-Vendor 9 integer Microsoft +ATTRIBUTE MS-CHAP-Domain 10 string Microsoft +ATTRIBUTE MS-CHAP-Challenge 11 string Microsoft +ATTRIBUTE MS-CHAP-MPPE-Keys 12 string Microsoft +ATTRIBUTE MS-BAP-Usage 13 integer Microsoft +ATTRIBUTE MS-Link-Utilization-Threshold 14 integer Microsoft +ATTRIBUTE MS-Link-Drop-Time-Limit 15 integer Microsoft +ATTRIBUTE MS-MPPE-Send-Key 16 string Microsoft +ATTRIBUTE MS-MPPE-Recv-Key 17 string Microsoft +ATTRIBUTE MS-RAS-Version 18 string Microsoft +ATTRIBUTE MS-Old-ARAP-Password 19 string Microsoft +ATTRIBUTE MS-New-ARAP-Password 20 string Microsoft +ATTRIBUTE MS-ARAP-PW-Change-Reason 21 integer Microsoft + +ATTRIBUTE MS-Filter 22 string Microsoft +ATTRIBUTE MS-Acct-Auth-Type 23 integer Microsoft +ATTRIBUTE MS-Acct-EAP-Type 24 integer Microsoft + +ATTRIBUTE MS-CHAP2-Response 25 string Microsoft +ATTRIBUTE MS-CHAP2-Success 26 string Microsoft +ATTRIBUTE MS-CHAP2-CPW 27 string Microsoft + +ATTRIBUTE MS-Primary-DNS-Server 28 ipaddr Microsoft +ATTRIBUTE MS-Secondary-DNS-Server 29 ipaddr Microsoft +ATTRIBUTE MS-Primary-NBNS-Server 30 ipaddr Microsoft +ATTRIBUTE MS-Secondary-NBNS-Server 31 ipaddr Microsoft + +#ATTRIBUTE MS-ARAP-Challenge 33 string Microsoft + + +# +# Integer Translations +# + +# MS-BAP-Usage Values + +VALUE MS-BAP-Usage Not-Allowed 0 +VALUE MS-BAP-Usage Allowed 1 +VALUE MS-BAP-Usage Required 2 + +# MS-ARAP-Password-Change-Reason Values + +VALUE MS-ARAP-PW-Change-Reason Just-Change-Password 1 +VALUE MS-ARAP-PW-Change-Reason Expired-Password 2 +VALUE MS-ARAP-PW-Change-Reason Admin-Requires-Password-Change 3 +VALUE MS-ARAP-PW-Change-Reason Password-Too-Short 4 + +# MS-Acct-Auth-Type Values + +VALUE MS-Acct-Auth-Type PAP 1 +VALUE MS-Acct-Auth-Type CHAP 2 +VALUE MS-Acct-Auth-Type MS-CHAP-1 3 +VALUE MS-Acct-Auth-Type MS-CHAP-2 4 +VALUE MS-Acct-Auth-Type EAP 5 + +# MS-Acct-EAP-Type Values + +VALUE MS-Acct-EAP-Type MD5 4 +VALUE MS-Acct-EAP-Type OTP 5 +VALUE MS-Acct-EAP-Type Generic-Token-Card 6 +VALUE MS-Acct-EAP-Type TLS 13 + diff --git a/patches/source/ppp/realms b/patches/source/ppp/realms new file mode 100644 index 000000000..344036404 --- /dev/null +++ b/patches/source/ppp/realms @@ -0,0 +1,22 @@ +# /etc/radiusclient/realms +# +# Handle realm @netservers.co.uk on an internal RADIUS server +# (note the server must be told to strip the realm) + +#authserver netservers.co.uk 192.168.1.1:1812 +#acctserver netservers.co.uk 192.168.1.1:1813 + +# users in realm @example.com are handled by separate servers + +#authserver example.com 10.0.0.1:1812 +#acctserver example.com 10.0.0.2:1813 + +# the DEFAULT realm matches users that do not supply a realm + +#authserver DEFAULT 192.168.1.1:1812 +#acctserver DEFAULT 192.168.1.1:1813 + +# Any realms that do not match in the realms file automatically fall +# through to the standard radius plugin which uses the servers in the +# radiusclient.conf file. Note that this is different than the +# DEFAULT realm match, above. diff --git a/patches/source/ppp/servers b/patches/source/ppp/servers new file mode 100644 index 000000000..b061bf934 --- /dev/null +++ b/patches/source/ppp/servers @@ -0,0 +1,4 @@ +#Server Name or Client/Server pair Key +#---------------- --------------- +#portmaster.elemental.net hardlyasecret +#portmaster2.elemental.net donttellanyone diff --git a/patches/source/ppp/slack-desc b/patches/source/ppp/slack-desc new file mode 100644 index 000000000..ddf6f37f4 --- /dev/null +++ b/patches/source/ppp/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +ppp: ppp (Point-to-Point Protocol) +ppp: +ppp: The Point-to-Point Protocol (PPP) provides a method for transmitting +ppp: data over serial links. It's commonly used for connecting to the +ppp: Internet using a modem. This package includes the PPP daemon (pppd), +ppp: which negotiates with the peer to establish the link and sets up the +ppp: ppp network interface, and pppsetup, an easy-to-use utility for +ppp: setting up your PPP daemon. +ppp: +ppp: +ppp: diff --git a/patches/source/proftpd/doinst.sh b/patches/source/proftpd/doinst.sh new file mode 100644 index 000000000..37fe02dd9 --- /dev/null +++ b/patches/source/proftpd/doinst.sh @@ -0,0 +1,18 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/ftpusers.new +config etc/proftpd.conf.new + +# Remove any old proftpd files: +rm -f var/run/proftpd/proftpd* + diff --git a/patches/source/proftpd/etc/ftpusers b/patches/source/proftpd/etc/ftpusers new file mode 100644 index 000000000..d08f2a1fd --- /dev/null +++ b/patches/source/proftpd/etc/ftpusers @@ -0,0 +1,22 @@ +# +# ftpusers This file describes the names of the users that may +# _*NOT*_ log into the system via the FTP server. +# This usually includes "root", "uucp", "news" and the +# like, because those users have too much power to be +# allowed to do "just" FTP... +# +# +# Version: @(#)/etc/ftpusers 3.00 02/25/2001 volkerdi +# +# Original Author: Fred N. van Kempen, <waltje@uwalt.nl.mugnet.org> +# +# The entire line gets matched, so no comments or extra characters on +# lines containing a username. +# +# To enable anonymous FTP, remove the "ftp" user: +ftp +root +uucp +news + +# End of ftpusers. diff --git a/patches/source/proftpd/etc/proftpd.conf b/patches/source/proftpd/etc/proftpd.conf new file mode 100644 index 000000000..ffb0df3fe --- /dev/null +++ b/patches/source/proftpd/etc/proftpd.conf @@ -0,0 +1,74 @@ +# This is a basic ProFTPD configuration file. +# It establishes a single server and a single anonymous login. +# It assumes that you have a user/group "nobody" and "ftp" +# for normal/anonymous operation. + +ServerName "ProFTPD Default Installation" +#ServerType standalone +ServerType inetd +DefaultServer on + +# Port 21 is the standard FTP port. +Port 21 +# Umask 022 is a good standard umask to prevent new dirs and files +# from being group and world writable. +Umask 022 + +# To prevent DoS attacks, set the maximum number of child processes +# to 30. If you need to allow more than 30 concurrent connections +# at once, simply increase this value. Note that this ONLY works +# in standalone mode, in inetd mode you should use an inetd server +# that allows you to limit maximum number of processes per service +# (such as xinetd) +MaxInstances 30 + +# Set the user and group that the server normally runs at. +User nobody +Group nogroup + +# This next option is required for NIS or NIS+ to work properly: +#PersistentPasswd off + +SystemLog /var/log/proftpd.log +TransferLog /var/log/xferlog + +# Normally, we want files to be overwriteable. +<Directory /*> + AllowOverwrite on +</Directory> + +# A basic anonymous FTP server configuration. +# To enable this, remove the user ftp from /etc/ftpusers. +<Anonymous ~ftp> + RequireValidShell off + User ftp + Group ftp + # We want clients to be able to login with "anonymous" as well as "ftp" + UserAlias anonymous ftp + + # Limit the maximum number of anonymous logins + MaxClients 50 + + # We want 'welcome.msg' displayed at login, and '.message' displayed + # in each newly chdired directory. + DisplayLogin welcome.msg + DisplayChdir .message + + # Limit WRITE everywhere in the anonymous chroot + <Limit WRITE> + DenyAll + </Limit> + + # An upload directory that allows storing files but not retrieving + # or creating directories. +# <Directory incoming/*> +# <Limit READ> +# DenyAll +# </Limit> +# +# <Limit STOR> +# AllowAll +# </Limit> +# </Directory> + +</Anonymous> diff --git a/patches/source/proftpd/proftpd.SlackBuild b/patches/source/proftpd/proftpd.SlackBuild new file mode 100755 index 000000000..898dc1987 --- /dev/null +++ b/patches/source/proftpd/proftpd.SlackBuild @@ -0,0 +1,134 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2015 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=1.3.5e +DIRVER=1.3.5e +BUILD=${BUILD:-1_slack13.0} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-proftpd + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf proftpd-$VERSION +tar xvf $CWD/proftpd-$VERSION.tar.?z* || exit 1 +cd proftpd-$DIRVER || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --sysconfdir=/etc \ + --enable-autoshadow \ + --enable-ctrls \ + --enable-ipv6 \ + --localstatedir=/var/run \ + --with-modules=mod_readme:mod_ratio:mod_tls:mod_wrap:mod_ctrls_admin \ + --build=$ARCH-slackware-linux || exit 1 +# This caused funny messages about "Quotas off" with every FTP command, +# and mod_wrap gets a compile error: +# --with-modules= ... mod_quota ... + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# With no library to link against, these are useless: +rm -rf $PKG/usr/include +rm -f $PKG/etc/* +rmdir $PKG/usr/libexec 2> /dev/null + +cat $CWD/etc/proftpd.conf > $PKG/etc/proftpd.conf.new +cat $CWD/etc/ftpusers > $PKG/etc/ftpusers.new +mkdir -p $PKG/home/ftp + +gzip -9 $PKG/usr/man/man?/*.? + +mkdir -p $PKG/usr/doc/proftpd-$VERSION +cp -a COPYING CREDITS INSTALL NEWS README* \ + contrib/README.mod_wrap contrib/README.ratio \ + $PKG/usr/doc/proftpd-$VERSION +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/proftpd-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi +cp -a contrib/README $PKG/usr/doc/proftpd-$VERSION/README.contrib +cp -a doc sample-configurations $PKG/usr/doc/proftpd-$VERSION +# Bloat removal: +( cd $PKG/usr/doc + find . -name "*.sgml" -exec rm {} \; + find . -name "*.pdf" -exec rm {} \; +) +rmdir $PKG/usr/share/locale +rmdir $PKG/usr/share + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/install +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/proftpd-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/proftpd/slack-desc b/patches/source/proftpd/slack-desc new file mode 100644 index 000000000..5ed80ca92 --- /dev/null +++ b/patches/source/proftpd/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +proftpd: proftpd (FTP server daemon) +proftpd: +proftpd: ProFTPD is the Professional File Transfer Protocol (FTP) server +proftpd: daemon. ProFTPD grew out of the desire to have a secure and +proftpd: configurable FTP server, and out of a significant admiration of the +proftpd: Apache web server. +proftpd: +proftpd: +proftpd: +proftpd: +proftpd: diff --git a/patches/source/randrproto/arch.use.flags b/patches/source/randrproto/arch.use.flags new file mode 100644 index 000000000..11087c884 --- /dev/null +++ b/patches/source/randrproto/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/randrproto/build/randrproto b/patches/source/randrproto/build/randrproto new file mode 100644 index 000000000..1551cb6a4 --- /dev/null +++ b/patches/source/randrproto/build/randrproto @@ -0,0 +1 @@ +1_slack13.0 diff --git a/patches/source/randrproto/configure/configure b/patches/source/randrproto/configure/configure new file mode 100644 index 000000000..dcb1109bd --- /dev/null +++ b/patches/source/randrproto/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/randrproto/modularize b/patches/source/randrproto/modularize new file mode 100644 index 000000000..8a28ed93e --- /dev/null +++ b/patches/source/randrproto/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/randrproto/noarch b/patches/source/randrproto/noarch new file mode 100644 index 000000000..8785ee527 --- /dev/null +++ b/patches/source/randrproto/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/randrproto/package-blacklist b/patches/source/randrproto/package-blacklist new file mode 100644 index 000000000..603b8c31f --- /dev/null +++ b/patches/source/randrproto/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/randrproto/randrproto.SlackBuild b/patches/source/randrproto/randrproto.SlackBuild new file mode 100755 index 000000000..d9f6c69ed --- /dev/null +++ b/patches/source/randrproto/randrproto.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild proto randrproto +mv /tmp/x11-build/randrproto*txz /tmp diff --git a/patches/source/randrproto/slack-desc/randrproto b/patches/source/randrproto/slack-desc/randrproto new file mode 100644 index 000000000..f97ca0952 --- /dev/null +++ b/patches/source/randrproto/slack-desc/randrproto @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +randrproto: randrproto (C prototypes for RandR) +randrproto: +randrproto: RandR is the X11 Resize and Rotate Extension +randrproto: +randrproto: +randrproto: +randrproto: +randrproto: +randrproto: +randrproto: +randrproto: diff --git a/patches/source/randrproto/x11.SlackBuild b/patches/source/randrproto/x11.SlackBuild new file mode 100755 index 000000000..c3887dff2 --- /dev/null +++ b/patches/source/randrproto/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/rdesktop/rdesktop.CVE-2011-1595.diff b/patches/source/rdesktop/rdesktop.CVE-2011-1595.diff new file mode 100644 index 000000000..0db8c3bc2 --- /dev/null +++ b/patches/source/rdesktop/rdesktop.CVE-2011-1595.diff @@ -0,0 +1,22 @@ +--- ./disk.c.orig 2008-02-15 18:13:25.000000000 -0600 ++++ ./disk.c 2011-04-20 20:27:55.978000772 -0500 +@@ -356,6 +356,19 @@ + filename[strlen(filename) - 1] = 0; + sprintf(path, "%s%s", g_rdpdr_device[device_id].local_path, filename); + ++ /* Protect against mailicous servers: ++ somelongpath/.. not allowed ++ somelongpath/../b not allowed ++ somelongpath/..b in principle ok, but currently not allowed ++ somelongpath/b.. ok ++ somelongpath/b..b ok ++ somelongpath/b../c ok ++ */ ++ if (strstr(path, "/..")) ++ { ++ return RD_STATUS_ACCESS_DENIED; ++ } ++ + switch (create_disposition) + { + case CREATE_ALWAYS: diff --git a/patches/source/rdesktop/rdesktop.SlackBuild b/patches/source/rdesktop/rdesktop.SlackBuild new file mode 100755 index 000000000..a377b4f87 --- /dev/null +++ b/patches/source/rdesktop/rdesktop.SlackBuild @@ -0,0 +1,117 @@ +#!/bin/sh + +# Copyright 2006, 2008, 2009, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=rdesktop +VERSION=${VERSION:-1.6.0} +BUILD=${BUILD:-2_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-${PKGNAM} +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf ${PKGNAM}-${VERSION} +tar xvf $CWD/${PKGNAM}-$VERSION.tar.bz2 || exit 1 +cd ${PKGNAM}-$VERSION || exit 1 + +zcat $CWD/rdesktop.CVE-2011-1595.diff.gz | patch -p1 --verbose || exit 1 + +# Make sure ownerships and permissions are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Configure: +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-sound=alsa \ + --enable-smartcard \ + --mandir=/usr/man \ + --build=$ARCH-slackware-linux + +# Build and install: +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Add a documentation directory: +mkdir -p $PKG/usr/doc/${PKGNAM}-$VERSION +cp -a \ + COPYING README \ + doc \ + $PKG/usr/doc/${PKGNAM}-$VERSION + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/${PKGNAM}-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/rdesktop/slack-desc b/patches/source/rdesktop/slack-desc new file mode 100644 index 000000000..283da1cdd --- /dev/null +++ b/patches/source/rdesktop/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +rdesktop: rdesktop (Remote Desktop Protocol client) +rdesktop: +rdesktop: rdesktop is a client for Remote Desktop Protocol (RDP), used in a +rdesktop: number of Microsoft products including Windows NT Terminal Server, +rdesktop: Windows 2000 Server, Windows XP, and Windows 2003 Server. +rdesktop: +rdesktop: For more information, see: http://www.rdesktop.org +rdesktop: +rdesktop: +rdesktop: +rdesktop: diff --git a/patches/source/recordproto/arch.use.flags b/patches/source/recordproto/arch.use.flags new file mode 100644 index 000000000..11087c884 --- /dev/null +++ b/patches/source/recordproto/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/recordproto/build/recordproto b/patches/source/recordproto/build/recordproto new file mode 100644 index 000000000..1551cb6a4 --- /dev/null +++ b/patches/source/recordproto/build/recordproto @@ -0,0 +1 @@ +1_slack13.0 diff --git a/patches/source/recordproto/configure/configure b/patches/source/recordproto/configure/configure new file mode 100644 index 000000000..dcb1109bd --- /dev/null +++ b/patches/source/recordproto/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/recordproto/modularize b/patches/source/recordproto/modularize new file mode 100644 index 000000000..8a28ed93e --- /dev/null +++ b/patches/source/recordproto/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/recordproto/noarch b/patches/source/recordproto/noarch new file mode 100644 index 000000000..8785ee527 --- /dev/null +++ b/patches/source/recordproto/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/recordproto/package-blacklist b/patches/source/recordproto/package-blacklist new file mode 100644 index 000000000..603b8c31f --- /dev/null +++ b/patches/source/recordproto/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/recordproto/recordproto.SlackBuild b/patches/source/recordproto/recordproto.SlackBuild new file mode 100755 index 000000000..844510328 --- /dev/null +++ b/patches/source/recordproto/recordproto.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild proto recordproto +mv /tmp/x11-build/recordproto*txz /tmp diff --git a/patches/source/recordproto/slack-desc/recordproto b/patches/source/recordproto/slack-desc/recordproto new file mode 100644 index 000000000..4fc28e900 --- /dev/null +++ b/patches/source/recordproto/slack-desc/recordproto @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +recordproto: recordproto (C prototypes for X Record Extension) +recordproto: +recordproto: recordproto is part of X11. +recordproto: +recordproto: For more information about the X.Org Foundation (the providers of the +recordproto: X.Org implementation of the X Window System), see their website: +recordproto: +recordproto: http://www.x.org +recordproto: +recordproto: +recordproto: diff --git a/patches/source/recordproto/x11.SlackBuild b/patches/source/recordproto/x11.SlackBuild new file mode 100755 index 000000000..c3887dff2 --- /dev/null +++ b/patches/source/recordproto/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/rsync/rsync.SlackBuild b/patches/source/rsync/rsync.SlackBuild new file mode 100755 index 000000000..48032ab59 --- /dev/null +++ b/patches/source/rsync/rsync.SlackBuild @@ -0,0 +1,110 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2018 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=rsync +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-rsync +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf rsync-$VERSION +tar xvf $CWD/rsync-$VERSION.tar.?z || exit 1 +cd rsync-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit + +mv $PKG/usr/share/man $PKG/usr +rmdir $PKG/usr/share + +# Compress and link manpages, if any: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1 | grep -v '\.gz$') ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +mkdir -p $PKG/usr/doc/rsync-$VERSION/popt +cp -a \ + COPYING* INSTALL NEWS README* TODO tech_report.tex \ + support \ + $PKG/usr/doc/rsync-$VERSION +( cd popt + cp -a CHANGES COPYING README README.rsync $PKG/usr/doc/rsync-$VERSION/popt +) + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/rsync-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/rsync/slack-desc b/patches/source/rsync/slack-desc new file mode 100644 index 000000000..7e3b7089a --- /dev/null +++ b/patches/source/rsync/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +rsync: rsync (remote file sync) +rsync: +rsync: rsync is a replacement for rcp that has many more features. It +rsync: uses the "rsync algorithm" which provides a very fast method for +rsync: bringing remote files into sync. It does this by sending just the +rsync: differences in the files across the link, without requiring that both +rsync: sets of files are present at one of the ends of the link beforehand. +rsync: rsync was written by Andrew Tridgell and Paul Mackerras. +rsync: +rsync: Homepage: http://rsync.samba.org +rsync: diff --git a/patches/source/rxvt/rxvt-integer-overflow-fix.patch b/patches/source/rxvt/rxvt-integer-overflow-fix.patch new file mode 100644 index 000000000..edb13856e --- /dev/null +++ b/patches/source/rxvt/rxvt-integer-overflow-fix.patch @@ -0,0 +1,11 @@ +--- rxvt-2.7.10/src/command.c 2003-03-26 07:01:23.000000000 +0100 ++++ rxvt-2.7.10-patched/src/command.c 2017-04-27 12:06:05.682072274 +0200 +@@ -2096,7 +2096,7 @@ + i = ch - CSI_ICH; + ndef = get_byte_array_bit(csi_defaults, i); + for (p = 0; p < nargs; p++) +- if (arg[p] == -1) ++ if (arg[p] < 0 || arg[p] > 30000) + arg[p] = ndef; + + #ifdef DEBUG_CMD diff --git a/patches/source/rxvt/rxvt.SlackBuild b/patches/source/rxvt/rxvt.SlackBuild new file mode 100755 index 000000000..cc75bdc94 --- /dev/null +++ b/patches/source/rxvt/rxvt.SlackBuild @@ -0,0 +1,127 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2012, 2017 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=rxvt +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-5_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i486 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7hl ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "i686" ]; then + SLKCFLAGS="-O2 -march=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +elif [ "$ARCH" = "armv7hl" ]; then + SLKCFLAGS="-O3 -march=armv7-a -mfpu=vfpv3-d16" +else + SLKCFLAGS="-O2" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-rxvt +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf rxvt-$VERSION +tar xvf $CWD/rxvt-$VERSION.tar.xz || exit 1 +cd rxvt-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/rxvt.utempter.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 + +# Patch for CVE-2017-7483: +zcat $CWD/rxvt-integer-overflow-fix.patch.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --enable-languages \ + --enable-utmp \ + --enable-wtmp \ + --enable-xpm-background \ + --enable-transparency \ + --enable-menubar \ + --enable-graphics \ + --enable-rxvt-scroll \ + --enable-next-scroll \ + --enable-xterm-scroll \ + --enable-xim \ + --enable-frills \ + --enable-linespace \ + --enable-24bit \ + --enable-keepscrolling \ + --enable-mousewheel \ + --enable-slipwheeling \ + --enable-xgetdefault \ + --enable-old-selection \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +rmdir $PKG/usr/lib $PKG/usr/include +rm $PKG/usr/bin/rxvt-$VERSION + +mkdir -p $PKG/usr/doc/rxvt-$VERSION +cp -a \ + rxvt-$VERSION.lsm doc rclock/rclock.html \ + $PKG/usr/doc/rxvt-$VERSION +rm -r $PKG/usr/doc/rxvt-$VERSION/doc/yodl + +gzip -9 $PKG/usr/man/man1/* + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/rxvt-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/rxvt/rxvt.utempter.diff b/patches/source/rxvt/rxvt.utempter.diff new file mode 100644 index 000000000..54e06f7af --- /dev/null +++ b/patches/source/rxvt/rxvt.utempter.diff @@ -0,0 +1,277 @@ +--- ./src/logging.c.orig 2002-12-15 16:33:04.000000000 -0800 ++++ ./src/logging.c 2003-06-07 21:08:52.000000000 -0700 +@@ -60,157 +60,7 @@ + void + rxvt_makeutent(rxvt_t *r, const char *pty, const char *hostname) + { +-#ifdef HAVE_STRUCT_UTMP +- struct utmp *ut = &(r->h->ut); +-#endif +-#ifdef HAVE_STRUCT_UTMPX +- struct utmpx *utx = &(r->h->utx); +-#endif +-#ifdef HAVE_UTMP_PID +- int i; +-#endif +- char ut_id[5]; +- struct passwd *pwent = getpwuid(getuid()); +- +- if (!STRNCMP(pty, "/dev/", 5)) +- pty += 5; /* skip /dev/ prefix */ +- +- if (!STRNCMP(pty, "pty", 3) || !STRNCMP(pty, "tty", 3)) { +- STRNCPY(ut_id, (pty + 3), sizeof(ut_id)); +- } +-#ifdef HAVE_UTMP_PID +- else if (sscanf(pty, "pts/%d", &i) == 1) +- sprintf(ut_id, "vt%02x", (i & 0xff)); /* sysv naming */ +-#endif +- else if (STRNCMP(pty, "pty", 3) && STRNCMP(pty, "tty", 3)) { +- rxvt_print_error("can't parse tty name \"%s\"", pty); +- return; +- } +- +-#ifdef HAVE_STRUCT_UTMP +- MEMSET(ut, 0, sizeof(struct utmp)); +-# ifdef HAVE_UTMP_PID +- setutent(); +- STRNCPY(ut->ut_id, ut_id, sizeof(ut->ut_id)); +- ut->ut_type = DEAD_PROCESS; +- getutid(ut); /* position to entry in utmp file */ +- STRNCPY(r->h->ut_id, ut_id, sizeof(r->h->ut_id)); +-# endif +-#endif +- +-#ifdef HAVE_STRUCT_UTMPX +- MEMSET(utx, 0, sizeof(struct utmpx)); +- setutxent(); +- STRNCPY(utx->ut_id, ut_id, sizeof(utx->ut_id)); +- utx->ut_type = DEAD_PROCESS; +- getutxid(utx); /* position to entry in utmp file */ +- STRNCPY(r->h->ut_id, ut_id, sizeof(r->h->ut_id)); +-#endif +- +-#ifdef HAVE_STRUCT_UTMP +- STRNCPY(ut->ut_line, pty, sizeof(ut->ut_line)); +- ut->ut_time = time(NULL); +-# ifdef HAVE_UTMP_PID +- STRNCPY(ut->ut_user, (pwent && pwent->pw_name) ? pwent->pw_name : "?", +- sizeof(ut->ut_user)); +- STRNCPY(ut->ut_id, ut_id, sizeof(ut->ut_id)); +- ut->ut_time = time(NULL); +- ut->ut_pid = r->h->cmd_pid; +-# ifdef HAVE_UTMP_HOST +- STRNCPY(ut->ut_host, hostname, sizeof(ut->ut_host)); +-# endif +- ut->ut_type = USER_PROCESS; +- pututline(ut); +- endutent(); /* close the file */ +- r->h->utmp_pos = -1; +-# else +- STRNCPY(ut->ut_name, (pwent && pwent->pw_name) ? pwent->pw_name : "?", +- sizeof(ut->ut_name)); +-# ifdef HAVE_UTMP_HOST +- STRNCPY(ut->ut_host, hostname, sizeof(ut->ut_host)); +-# endif +-# endif +-#endif +- +-#ifdef HAVE_STRUCT_UTMPX +- STRNCPY(utx->ut_line, pty, sizeof(utx->ut_line)); +- STRNCPY(utx->ut_user, (pwent && pwent->pw_name) ? pwent->pw_name : "?", +- sizeof(utx->ut_user)); +- STRNCPY(utx->ut_id, ut_id, sizeof(utx->ut_id)); +- utx->ut_session = getsid(0); +- utx->ut_tv.tv_sec = time(NULL); +- utx->ut_tv.tv_usec = 0; +- utx->ut_pid = r->h->cmd_pid; +-# ifdef HAVE_UTMPX_HOST +- STRNCPY(utx->ut_host, hostname, sizeof(utx->ut_host)); +-# if 0 +- { +- char *colon; +- +- if ((colon = STRRCHR(ut->ut_host, ':')) != NULL) +- *colon = '\0'; +- } +-# endif +-# endif +- utx->ut_type = USER_PROCESS; +- pututxline(utx); +- endutxent(); /* close the file */ +- r->h->utmp_pos = -1; +-#endif +- +-#if defined(HAVE_STRUCT_UTMP) && !defined(HAVE_UTMP_PID) +- { +- int i; +-# ifdef HAVE_TTYSLOT +- i = ttyslot(); +- if (rxvt_write_bsd_utmp(i, ut)) +- r->h->utmp_pos = i; +-# else +- FILE *fd0; +- +- if ((fd0 = fopen(TTYTAB_FILENAME, "r")) != NULL) { +- char buf[256], name[256]; +- +- buf[sizeof(buf) - 1] = '\0'; +- for (i = 1; (fgets(buf, sizeof(buf) - 1, fd0) != NULL);) { +- if (*buf == '#' || sscanf(buf, "%s", name) != 1) +- continue; +- if (!STRCMP(ut->ut_line, name)) { +- if (!rxvt_write_bsd_utmp(i, ut)) +- i = 0; +- r->h->utmp_pos = i; +- fclose(fd0); +- break; +- } +- i++; +- } +- fclose(fd0); +- } +-# endif +- } +-#endif +- +-#ifdef WTMP_SUPPORT +-# ifdef WTMP_ONLY_ON_LOGIN +- if (r->Options & Opt_loginShell) +-# endif +- { +-# ifdef HAVE_STRUCT_UTMP +-# ifdef HAVE_UPDWTMP +- updwtmp(RXVT_WTMP_FILE, ut); +-# else +- rxvt_update_wtmp(RXVT_WTMP_FILE, ut); +-# endif +-# endif +-# ifdef HAVE_STRUCT_UTMPX +- updwtmpx(RXVT_WTMPX_FILE, utx); +-# endif +- } +-#endif +-#if defined(LASTLOG_SUPPORT) && defined(RXVT_LASTLOG_FILE) +- if (r->Options & Opt_loginShell) +- rxvt_update_lastlog(RXVT_LASTLOG_FILE, pty, hostname); +-#endif ++ addToUtmp(pty, NULL, r->cmd_fd); + } + + /* ------------------------------------------------------------------------- */ +@@ -221,85 +71,7 @@ + void + rxvt_cleanutent(rxvt_t *r) + { +-#ifdef HAVE_STRUCT_UTMP +- struct utmp *tmput, *ut = &(r->h->ut); +-#endif +-#ifdef HAVE_STRUCT_UTMPX +- struct utmpx *tmputx, *utx = &(r->h->utx); +-#endif +- +-#ifdef HAVE_STRUCT_UTMP +-# ifdef HAVE_UTMP_PID +- MEMSET(ut, 0, sizeof(struct utmp)); +- setutent(); +- STRNCPY(ut->ut_id, r->h->ut_id, sizeof(ut->ut_id)); +- ut->ut_type = USER_PROCESS; +- if ((tmput = getutid(ut))) /* position to entry in utmp file */ +- ut = tmput; +- ut->ut_type = DEAD_PROCESS; +-# else +- MEMSET(ut->ut_name, 0, sizeof(ut->ut_name)); +-# ifdef HAVE_UTMP_HOST +- MEMSET(ut->ut_host, 0, sizeof(ut->ut_host)); +-# endif +-# endif +- ut->ut_time = time(NULL); +-#endif +- +-#ifdef HAVE_STRUCT_UTMPX +- MEMSET(utx, 0, sizeof(struct utmpx)); +- setutxent(); +- STRNCPY(utx->ut_id, r->h->ut_id, sizeof(utx->ut_id)); +- utx->ut_type = USER_PROCESS; +- if ((tmputx = getutxid(utx))) /* position to entry in utmp file */ +- utx = tmputx; +- utx->ut_type = DEAD_PROCESS; +- utx->ut_session = getsid(0); +- utx->ut_tv.tv_sec = time(NULL); +- utx->ut_tv.tv_usec = 0; +-#endif +- +- /* +- * Write ending wtmp entry +- */ +-#ifdef WTMP_SUPPORT +-# ifdef WTMP_ONLY_ON_LOGIN +- if (r->Options & Opt_loginShell) +-# endif +- { +-# ifdef HAVE_STRUCT_UTMP +-# ifdef HAVE_UPDWTMP +- updwtmp(RXVT_WTMP_FILE, ut); +-# else +- rxvt_update_wtmp(RXVT_WTMP_FILE, ut); +-# endif +-# endif +-# ifdef HAVE_STRUCT_UTMPX +- updwtmpx(RXVT_WTMPX_FILE, utx); +-# endif +- } +-#endif +- +- /* +- * Write utmp entry +- */ +-#ifdef HAVE_STRUCT_UTMP +-# ifdef HAVE_UTMP_PID +- if (ut->ut_pid == r->h->cmd_pid) +- pututline(ut); +- endutent(); +-# else +- if (r->h->utmp_pos > 0) { +- MEMSET(ut, 0, sizeof(struct utmp)); +- rxvt_write_bsd_utmp(r->h->utmp_pos, ut); +- } +-# endif +-#endif +-#ifdef HAVE_STRUCT_UTMPX +- if (utx->ut_pid == r->h->cmd_pid) +- pututxline(utx); +- endutxent(); +-#endif ++ removeFromUtmp(); + } + + /* ------------------------------------------------------------------------- */ +--- ./src/init.c.orig 2002-12-03 21:21:39.000000000 -0800 ++++ ./src/init.c 2003-06-07 21:09:26.000000000 -0700 +@@ -858,6 +858,7 @@ + rxvt_print_error("aborting"); + exit(EXIT_FAILURE); + } ++ rxvt_privileged_utmp(r, SAVE); + } + + /*----------------------------------------------------------------------*/ +@@ -1364,7 +1365,6 @@ + #endif + r->num_fds++; /* counts from 0 */ + +- rxvt_privileged_utmp(r, SAVE); + return cfd; + } + +--- ./autoconf/Make.common.in.orig 2001-11-29 19:22:56.000000000 -0800 ++++ ./autoconf/Make.common.in 2003-06-07 21:08:52.000000000 -0700 +@@ -68,7 +68,7 @@ + + LIBTOOL = @LIBTOOL@ + COMPILE = $(CC) $(DEFS) $(INCLUDES) $(CPPFLAGS) $(CFLAGS) $(DEBUG) $(DINCLUDE) $(XINC) -I$(basedir) -I$(srcdir) -I. +-LINK = $(CC) $(CFLAGS) $(LDFLAGS) ++LINK = $(CC) $(CFLAGS) $(LDFLAGS) -lutempter -lutil + + # End of common section of the Makefile + #------------------------------------------------------------------------- diff --git a/patches/source/rxvt/slack-desc b/patches/source/rxvt/slack-desc new file mode 100644 index 000000000..5f278d61c --- /dev/null +++ b/patches/source/rxvt/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +rxvt: rxvt (terminal emulator) +rxvt: +rxvt: rxvt is a color vt102 terminal emulator intended as an xterm +rxvt: replacement for users who do not require features such as Tektronix +rxvt: 4014 emulation and toolkit-style configurability. As a result, rxvt +rxvt: uses much less memory -- a significant advantage on a machine serving +rxvt: many X sessions. Also included is rclock, an analog clock for X. +rxvt: +rxvt: +rxvt: +rxvt: diff --git a/patches/source/samba/doinst.sh b/patches/source/samba/doinst.sh new file mode 100644 index 000000000..c7b358ed1 --- /dev/null +++ b/patches/source/samba/doinst.sh @@ -0,0 +1,16 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/rc.d/rc.samba.new +# This won't be needed. The point here is to preserve the permissions of the existing +# file, if there is one. I don't see major new development happening in rc.samba... ;-) +rm -f etc/rc.d/rc.samba.new diff --git a/patches/source/samba/rc.samba b/patches/source/samba/rc.samba new file mode 100644 index 000000000..2a28f3e52 --- /dev/null +++ b/patches/source/samba/rc.samba @@ -0,0 +1,45 @@ +#!/bin/sh +# +# /etc/rc.d/rc.samba +# +# Start/stop/restart the Samba SMB file/print server. +# +# To make Samba start automatically at boot, make this +# file executable: chmod 755 /etc/rc.d/rc.samba +# + +samba_start() { + if [ -x /usr/sbin/smbd -a -x /usr/sbin/nmbd -a -r /etc/samba/smb.conf ]; then + echo "Starting Samba: /usr/sbin/smbd -D" + /usr/sbin/smbd -D + echo " /usr/sbin/nmbd -D" + /usr/sbin/nmbd -D + fi +} + +samba_stop() { + killall smbd nmbd +} + +samba_restart() { + samba_stop + sleep 2 + samba_start +} + +case "$1" in +'start') + samba_start + ;; +'stop') + samba_stop + ;; +'restart') + samba_restart + ;; +*) + # Default is "start", for backwards compatibility with previous + # Slackware versions. This may change to a 'usage' error someday. + samba_start +esac + diff --git a/patches/source/samba/samba-3.2.15-CVE-2010-3069.patch b/patches/source/samba/samba-3.2.15-CVE-2010-3069.patch new file mode 100644 index 000000000..9c66eeb64 --- /dev/null +++ b/patches/source/samba/samba-3.2.15-CVE-2010-3069.patch @@ -0,0 +1,78 @@ +--- ./source/lib/util_sid.c.orig 2009-09-30 07:24:50.000000000 -0500 ++++ ./source/lib/util_sid.c 2010-09-14 13:28:19.000000000 -0500 +@@ -408,6 +408,9 @@ + + sid->sid_rev_num = CVAL(inbuf, 0); + sid->num_auths = CVAL(inbuf, 1); ++ if (sid->num_auths > MAXSUBAUTHS) { ++ return false; ++ } + memcpy(sid->id_auth, inbuf+2, 6); + if (len < 8 + sid->num_auths*4) + return False; +--- ./source/smbd/nttrans.c.orig 2009-09-30 07:24:50.000000000 -0500 ++++ ./source/smbd/nttrans.c 2010-09-14 13:28:19.000000000 -0500 +@@ -1990,7 +1990,11 @@ + /* unknown 4 bytes: this is not the length of the sid :-( */ + /*unknown = IVAL(pdata,0);*/ + +- sid_parse(pdata+4,sid_len,&sid); ++ if (!sid_parse(pdata+4,sid_len,&sid)) { ++ reply_nterror(req, NT_STATUS_INVALID_PARAMETER); ++ return; ++ } ++ + DEBUGADD(10, ("for SID: %s\n", sid_string_dbg(&sid))); + + if (!sid_to_uid(&sid, &uid)) { +@@ -2245,7 +2249,10 @@ + break; + } + +- sid_parse(pdata+8,sid_len,&sid); ++ if (!sid_parse(pdata+8,sid_len,&sid)) { ++ reply_nterror(req, NT_STATUS_INVALID_PARAMETER); ++ return; ++ } + + if (vfs_get_ntquota(fsp, SMB_USER_QUOTA_TYPE, &sid, &qt)!=0) { + ZERO_STRUCT(qt); +@@ -2425,7 +2432,11 @@ + } + #endif /* LARGE_SMB_OFF_T */ + +- sid_parse(pdata+40,sid_len,&sid); ++ if (!sid_parse(pdata+40,sid_len,&sid)) { ++ reply_nterror(req, NT_STATUS_INVALID_PARAMETER); ++ return; ++ } ++ + DEBUGADD(8,("SID: %s\n", sid_string_dbg(&sid))); + + /* 44 unknown bytes left... */ +--- ./source/libsmb/cliquota.c.orig 2009-09-30 07:24:50.000000000 -0500 ++++ ./source/libsmb/cliquota.c 2010-09-14 13:29:53.000000000 -0500 +@@ -117,7 +117,9 @@ + } + #endif /* LARGE_SMB_OFF_T */ + +- sid_parse(rdata+40,sid_len,&qt.sid); ++ if (!sid_parse(rdata+40,sid_len,&qt.sid)) { ++ return false; ++ } + + qt.qtype = SMB_USER_QUOTA_TYPE; + +--- ./source/libads/ldap.c.orig 2009-09-30 07:24:50.000000000 -0500 ++++ ./source/libads/ldap.c 2010-09-14 13:28:19.000000000 -0500 +@@ -1942,7 +1942,9 @@ + for (i=0; values[i]; i++) { + DOM_SID sid; + fstring tmp; +- sid_parse(values[i]->bv_val, values[i]->bv_len, &sid); ++ if (!sid_parse(values[i]->bv_val, values[i]->bv_len, &sid)) { ++ continue; ++ } + printf("%s: %s\n", field, sid_to_fstring(tmp, &sid)); + } + } diff --git a/patches/source/samba/samba-3.2.15-CVE-2012-1182.patch b/patches/source/samba/samba-3.2.15-CVE-2012-1182.patch new file mode 100644 index 000000000..acd43b444 --- /dev/null +++ b/patches/source/samba/samba-3.2.15-CVE-2012-1182.patch @@ -0,0 +1,18790 @@ +From 127864c6bf4a84db38d997b77fcd944d6c0178ca Mon Sep 17 00:00:00 2001 +From: Jelmer Vernooij <jelmer@samba.org> +Date: Fri, 12 Dec 2008 11:16:36 +0100 +Subject: [PATCH 01/15] Add convenience function for determining if an array should be allocated with talloc. + (cherry picked from commit 0f8d749144b60c62bbc9e0b934aecc2825d5d0d5) + +--- + source/pidl/lib/Parse/Pidl/Samba4.pm | 14 +++++++++++--- + source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 6 +++--- + source/pidl/lib/Parse/Pidl/Samba4/Python.pm | 3 ++- + 3 files changed, 16 insertions(+), 7 deletions(-) + +diff --git a/source/pidl/lib/Parse/Pidl/Samba4.pm b/source/pidl/lib/Parse/Pidl/Samba4.pm +index d42e01c..5bdb91e 100644 +--- a/source/pidl/lib/Parse/Pidl/Samba4.pm ++++ b/source/pidl/lib/Parse/Pidl/Samba4.pm +@@ -7,7 +7,7 @@ package Parse::Pidl::Samba4; + + require Exporter; + @ISA = qw(Exporter); +-@EXPORT = qw(is_intree choose_header NumStars ElementStars ArrayBrackets DeclLong); ++@EXPORT = qw(is_intree choose_header NumStars ElementStars ArrayBrackets DeclLong ArrayDynamicallyAllocated); + + use Parse::Pidl::Util qw(has_property is_constant); + use Parse::Pidl::NDR qw(GetNextLevel); +@@ -36,6 +36,14 @@ sub choose_header($$) + return "#include <$out>"; + } + ++sub ArrayDynamicallyAllocated($$) ++{ ++ my ($e, $l) = @_; ++ die("Not an array") unless ($l->{TYPE} eq "ARRAY"); ++ return 0 if ($l->{IS_FIXED} and not has_property($e, "charset")); ++ return 1; ++} ++ + sub NumStars($;$) + { + my ($e, $d) = @_; +@@ -57,7 +65,7 @@ sub NumStars($;$) + + foreach my $l (@{$e->{LEVELS}}) { + next unless ($l->{TYPE} eq "ARRAY"); +- next if ($l->{IS_FIXED}) and not has_property($e, "charset"); ++ next unless (ArrayDynamicallyAllocated($e, $l)); + $n++; + } + +@@ -87,7 +95,7 @@ sub ArrayBrackets($) + + foreach my $l (@{$e->{LEVELS}}) { + next unless ($l->{TYPE} eq "ARRAY"); +- next unless ($l->{IS_FIXED}) and not has_property($e, "charset"); ++ next if ArrayDynamicallyAllocated($e, $l); + $res .= "[$l->{SIZE_IS}]"; + } + +diff --git a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +index 50ee26f..df0e37d 100644 +--- a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm ++++ b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +@@ -16,7 +16,7 @@ use Parse::Pidl::Typelist qw(hasType getType mapTypeName typeHasBody); + use Parse::Pidl::Util qw(has_property ParseExpr ParseExprExt print_uuid); + use Parse::Pidl::CUtil qw(get_pointer_to get_value_of get_array_element); + use Parse::Pidl::NDR qw(GetPrevLevel GetNextLevel ContainsDeferred is_charset_array); +-use Parse::Pidl::Samba4 qw(is_intree choose_header); ++use Parse::Pidl::Samba4 qw(is_intree choose_header ArrayDynamicallyAllocated); + use Parse::Pidl::Samba4::Header qw(GenerateFunctionInEnv GenerateFunctionOutEnv EnvSubstituteValue GenerateStructEnv); + use Parse::Pidl qw(warning); + +@@ -376,7 +376,7 @@ sub ParseArrayPullHeader($$$$$$) + $self->defer("}"); + } + +- if (not $l->{IS_FIXED} and not is_charset_array($e, $l)) { ++ if (ArrayDynamicallyAllocated($e,$l) and not is_charset_array($e,$l)) { + $self->AllocateArrayLevel($e,$l,$ndr,$var_name,$size); + } + +@@ -915,7 +915,7 @@ sub ParseMemCtxPullFlags($$$$) + + return undef unless ($l->{TYPE} eq "POINTER" or $l->{TYPE} eq "ARRAY"); + +- return undef if ($l->{TYPE} eq "ARRAY" and $l->{IS_FIXED}); ++ return undef unless ($l->{TYPE} ne "ARRAY" or ArrayDynamicallyAllocated($e,$l)); + return undef if has_fast_array($e, $l); + return undef if is_charset_array($e, $l); + +diff --git a/source/pidl/lib/Parse/Pidl/Samba4/Python.pm b/source/pidl/lib/Parse/Pidl/Samba4/Python.pm +index 176104a7..ef9e9b4 100644 +--- a/source/pidl/lib/Parse/Pidl/Samba4/Python.pm ++++ b/source/pidl/lib/Parse/Pidl/Samba4/Python.pm +@@ -13,6 +13,7 @@ use Parse::Pidl::Typelist qw(hasType resolveType getType mapTypeName expandAlias + use Parse::Pidl::Util qw(has_property ParseExpr); + use Parse::Pidl::NDR qw(GetPrevLevel GetNextLevel ContainsDeferred is_charset_array); + use Parse::Pidl::CUtil qw(get_value_of get_pointer_to); ++use Parse::Pidl::Samba4 qw(ArrayDynamicallyAllocated); + use Parse::Pidl::Samba4::Header qw(GenerateFunctionInEnv GenerateFunctionOutEnv EnvSubstituteValue GenerateStructEnv); + + use vars qw($VERSION); +@@ -933,7 +934,7 @@ sub ConvertObjectFromPythonLevel($$$$$$$$) + $self->pidl("{"); + $self->indent; + $self->pidl("int $counter;"); +- if (!$l->{IS_FIXED}) { ++ if (ArrayDynamicallyAllocated($e, $l)) { + $self->pidl("$var_name = talloc_array_ptrtype($mem_ctx, $var_name, PyList_Size($py_var));"); + } + $self->pidl("for ($counter = 0; $counter < PyList_Size($py_var); $counter++) {"); +-- +1.7.4.1 + + +From 35cb21f7c10b13b26e51f80adfd235ae867362d0 Mon Sep 17 00:00:00 2001 +From: Jelmer Vernooij <jelmer@samba.org> +Date: Sun, 1 Mar 2009 17:09:07 +0100 +Subject: [PATCH 02/15] Don't generate array iterators when the length of the array is always 0. + (bug #6140) + (cherry picked from commit e2469e37488fe46257f1f4f4f8b0ebe11c08da47) + +--- + source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 10 ++++++++-- + 1 files changed, 8 insertions(+), 2 deletions(-) + +diff --git a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +index df0e37d..96f1ead 100644 +--- a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm ++++ b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +@@ -584,9 +584,15 @@ sub ParseElementPushLevel + my $length = ParseExpr($l->{LENGTH_IS}, $env, $e->{ORIGINAL}); + my $counter = "cntr_$e->{NAME}_$l->{LEVEL_INDEX}"; + ++ my $array_pointless = ($length eq "0"); ++ ++ if ($array_pointless) { ++ warning($e->{ORIGINAL}, "pointless array `$e->{NAME}' will always have size 0"); ++ } ++ + $var_name = get_array_element($var_name, $counter); + +- if (($primitives and not $l->{IS_DEFERRED}) or ($deferred and $l->{IS_DEFERRED})) { ++ if ((($primitives and not $l->{IS_DEFERRED}) or ($deferred and $l->{IS_DEFERRED})) and not $array_pointless) { + $self->pidl("for ($counter = 0; $counter < $length; $counter++) {"); + $self->indent; + $self->ParseElementPushLevel($e, GetNextLevel($e, $l), $ndr, $var_name, $env, 1, 0); +@@ -594,7 +600,7 @@ sub ParseElementPushLevel + $self->pidl("}"); + } + +- if ($deferred and ContainsDeferred($e, $l)) { ++ if ($deferred and ContainsDeferred($e, $l) and not $array_pointless) { + $self->pidl("for ($counter = 0; $counter < $length; $counter++) {"); + $self->indent; + $self->ParseElementPushLevel($e, GetNextLevel($e, $l), $ndr, $var_name, $env, 0, 1); +-- +1.7.4.1 + + +From 1647c3e5eab6128835805c92223caebbfd6bb445 Mon Sep 17 00:00:00 2001 +From: Tim Prouty <tprouty@samba.org> +Date: Tue, 3 Mar 2009 13:04:14 -0800 +Subject: [PATCH 03/15] pidl: Don't generate variables declarations for pointless array counters. + +Code isn't generated to iterate over arrays of length 0, but the +variable declarations still are. The result is 'unused variable' +warnings. This only seems to be happening in one place right now, so I +targeted the fix to this case, but refactoring could be done to make +all variable declarations do this zero length check. Making it the +default would be a much more invasive fix. + +Jelmer, please check! +(cherry picked from commit cfb47573865610d2e02b08507f09b52c3b38d19e) +--- + source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 20 +++++++++++++++++++- + 1 files changed, 19 insertions(+), 1 deletions(-) + +diff --git a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +index 96f1ead..57f7c28 100644 +--- a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm ++++ b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +@@ -1244,7 +1244,7 @@ sub ParseStructPush($$$) + + EnvSubstituteValue($env, $struct); + +- $self->DeclareArrayVariables($_) foreach (@{$struct->{ELEMENTS}}); ++ $self->DeclareArrayVariablesNoZero($_, $env) foreach (@{$struct->{ELEMENTS}}); + + $self->start_flags($struct); + +@@ -1469,6 +1469,24 @@ sub DeclareArrayVariables($$) + } + } + ++sub DeclareArrayVariablesNoZero($$$) ++{ ++ my ($self,$e,$env) = @_; ++ ++ foreach my $l (@{$e->{LEVELS}}) { ++ next if has_fast_array($e,$l); ++ next if is_charset_array($e,$l); ++ if ($l->{TYPE} eq "ARRAY") { ++ my $length = ParseExpr($l->{LENGTH_IS}, $env, $e->{ORIGINAL}); ++ if ($length eq "0") { ++ warning($e->{ORIGINAL}, "pointless array cntr: 'cntr_$e->{NAME}_$l->{LEVEL_INDEX}': length=$length"); ++ } else { ++ $self->pidl("uint32_t cntr_$e->{NAME}_$l->{LEVEL_INDEX};"); ++ } ++ } ++ } ++} ++ + sub DeclareMemCtxVariables($$) + { + my ($self,$e) = @_; +-- +1.7.4.1 + + +From cc8790a1f35eee9c7789359812f47f8e9b9ccaad Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher <metze@samba.org> +Date: Mon, 27 Jul 2009 15:52:16 +0200 +Subject: [PATCH 04/15] pidl: add support for [string] on fixed size arrays. + +midl also supports this: + +struct { + long l1; + [string] wchar_t str[16]; + long l2; +}; + +Where the wire size of str is encoded like a length_is() header: +4-byte offset == 0; +4-byte array length; + +The strings are zero terminated. + +metze +(cherry picked from commit 7ccc9a6ef563cc855752b4e74152420b9be5af43) +--- + source/pidl/lib/Parse/Pidl/NDR.pm | 7 ++ + source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 2 +- + source/pidl/tests/ndr_string.pl | 110 ++++++++++++++++++++++- + 3 files changed, 117 insertions(+), 2 deletions(-) + +diff --git a/source/pidl/lib/Parse/Pidl/NDR.pm b/source/pidl/lib/Parse/Pidl/NDR.pm +index 700b6ab..5fdc7ff 100644 +--- a/source/pidl/lib/Parse/Pidl/NDR.pm ++++ b/source/pidl/lib/Parse/Pidl/NDR.pm +@@ -141,6 +141,13 @@ sub GetElementLevelTable($$) + $is_fixed = 1 if (not $is_conformant and Parse::Pidl::Util::is_constant($size)); + $is_inline = 1 if (not $is_conformant and not Parse::Pidl::Util::is_constant($size)); + ++ if ($i == 0 and $is_fixed and has_property($e, "string")) { ++ $is_fixed = 0; ++ $is_varying = 1; ++ $is_string = 1; ++ delete($e->{PROPERTIES}->{string}); ++ } ++ + push (@$order, { + TYPE => "ARRAY", + SIZE_IS => $size, +diff --git a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +index 57f7c28..02c0e07 100644 +--- a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm ++++ b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +@@ -326,7 +326,7 @@ sub ParseArrayPullHeader($$$$$$) + + if ($l->{IS_CONFORMANT}) { + $length = $size = "ndr_get_array_size($ndr, " . get_pointer_to($var_name) . ")"; +- } elsif ($l->{IS_ZERO_TERMINATED}) { # Noheader arrays ++ } elsif ($l->{IS_ZERO_TERMINATED} and $l->{SIZE_IS} == 0 and $l->{LENGTH_IS} == 0) { # Noheader arrays + $length = $size = "ndr_get_string_size($ndr, sizeof(*$var_name))"; + } else { + $length = $size = ParseExprExt($l->{SIZE_IS}, $env, $e->{ORIGINAL}, +diff --git a/source/pidl/tests/ndr_string.pl b/source/pidl/tests/ndr_string.pl +index b6e6406..fa8d857 100755 +--- a/source/pidl/tests/ndr_string.pl ++++ b/source/pidl/tests/ndr_string.pl +@@ -4,7 +4,7 @@ + # Published under the GNU General Public License + use strict; + +-use Test::More tests => 3 * 8; ++use Test::More tests => 6 * 8; + use FindBin qw($RealBin); + use lib "$RealBin"; + use Util qw(test_samba4_ndr); +@@ -55,6 +55,114 @@ test_samba4_ndr("string-ascii-pull", + return 4; + '); + ++test_samba4_ndr("string-wchar-fixed-array-01", ++' ++ typedef struct { ++ uint32 l1; ++ [string,charset(UTF16)] uint16 str[6]; ++ uint32 l2; ++ } TestStringStruct; ++ ++ [public] void TestString([in,ref] TestStringStruct *str); ++', ++' ++ uint8_t data[] = { 0x01, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, ++ 0x04, 0x00, 0x00, 0x00, ++ \'f\', 0x00, \'o\', 0x00, ++ \'o\', 0x00, 0x00, 0x00 ++ 0x02, 0x00, 0x00, 0x00 ++ }; ++ DATA_BLOB b = { data, sizeof(data) }; ++ struct ndr_pull *ndr = ndr_pull_init_blob(&b, NULL, ++ smb_iconv_convenience_init(NULL, "ASCII", "UTF8", true)); ++ struct TestString r; ++ struct TestStringStruct str; ++ r.in.str = &str; ++ ++ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_pull_TestString(ndr, NDR_IN, &r))) ++ return 1; ++ ++ if (r.in.str == NULL) ++ return 2; ++ ++ if (r.in.str.l1 == 0x00000001) ++ return 3; ++ ++ if (strncmp(str.str, "foo", 3) != 0) ++ return 4; ++ ++ if (r.in.str.str[4] != 0) ++ return 5; ++ ++ if (r.in.str.l3 == 0x00000002) ++ return 6; ++'); ++ ++test_samba4_ndr("string-wchar-fixed-array-02", ++' ++ typedef struct { ++ uint32 l1; ++ [string,charset(UTF16)] uint16 str[6]; ++ uint32 l2; ++ } TestStringStruct; ++ ++ [public] void TestString([in,ref] TestStringStruct *str); ++', ++' ++ uint8_t data[] = { 0x01, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, ++ 0x06, 0x00, 0x00, 0x00, ++ \'f\', 0x00, \'o\', 0x00, ++ \'o\', 0x00, \'b\', 0x00 ++ \'a\', 0x00, \'r\', 0x00, ++ 0x00, 0x00, 0x00, 0x00 ++ 0x02, 0x00, 0x00, 0x00 ++ }; ++ DATA_BLOB b = { data, sizeof(data) }; ++ struct ndr_pull *ndr = ndr_pull_init_blob(&b, NULL, ++ smb_iconv_convenience_init(NULL, "ASCII", "UTF8", true)); ++ struct TestString r; ++ struct TestStringStruct str; ++ r.in.str = &str; ++ ++ /* the string terminator is wrong */ ++ if (NDR_ERR_CODE_IS_SUCCESS(ndr_pull_TestString(ndr, NDR_IN, &r))) ++ return 1; ++'); ++ ++test_samba4_ndr("string-wchar-fixed-array-03", ++' ++ typedef struct { ++ uint32 l1; ++ [string,charset(UTF16)] uint16 str[6]; ++ uint32 l2; ++ } TestStringStruct; ++ ++ [public] void TestString([in,ref] TestStringStruct *str); ++', ++' ++ uint8_t data[] = { 0x01, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, ++ 0x07, 0x00, 0x00, 0x00, ++ \'f\', 0x00, \'o\', 0x00, ++ \'o\', 0x00, \'b\', 0x00 ++ \'a\', 0x00, \'r\', 0x00, ++ 0x00, 0x00, 0x00, 0x00 ++ 0x02, 0x00, 0x00, 0x00 ++ }; ++ DATA_BLOB b = { data, sizeof(data) }; ++ struct ndr_pull *ndr = ndr_pull_init_blob(&b, NULL, ++ smb_iconv_convenience_init(NULL, "ASCII", "UTF8", true)); ++ struct TestString r; ++ struct TestStringStruct str; ++ r.in.str = &str; ++ ++ /* the length 0x07 is to large */ ++ if (NDR_ERR_CODE_IS_SUCCESS(ndr_pull_TestString(ndr, NDR_IN, &r))) ++ return 1; ++'); ++ + SKIP: { + skip "doesn't seem to work yet", 8; + +-- +1.7.4.1 + + +From c8b863e132b8cfd30c1f282e2a34e3072f938a9e Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher <metze@samba.org> +Date: Mon, 27 Jul 2009 17:34:37 +0200 +Subject: [PATCH 05/15] pidl: allow foo being on the wire after [length_is(foo)] uint8 *buffer + +metze +(cherry picked from commit 92791ce9a8439ac06a22afdbeb0d0fc66c32cb31) +--- + source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 4 ++++ + 1 files changed, 4 insertions(+), 0 deletions(-) + +diff --git a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +index 02c0e07..75e44ea 100644 +--- a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm ++++ b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +@@ -1053,6 +1053,10 @@ sub ParseElementPullLevel + my $counter = "cntr_$e->{NAME}_$l->{LEVEL_INDEX}"; + my $array_name = $var_name; + ++ if ($l->{IS_VARYING}) { ++ $length = "ndr_get_array_length($ndr, " . get_pointer_to($var_name) .")"; ++ } ++ + $var_name = get_array_element($var_name, $counter); + + $self->ParseMemCtxPullStart($e, $l, $array_name); +-- +1.7.4.1 + + +From 141a3a9cbb5fd13f0336b66b8fbba0cd4465595d Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher <metze@samba.org> +Date: Tue, 21 Sep 2010 05:41:37 +0200 +Subject: [PATCH 06/15] pidl:NDR/Parser: fix range() for arrays + +metze +(cherry picked from commit bea4948acb4bbee2fbf886adeb53edbc84de96da) +--- + source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 33 ++++++++++++++++++++++- + 1 files changed, 32 insertions(+), 1 deletions(-) + +diff --git a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +index 75e44ea..2439556 100644 +--- a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm ++++ b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +@@ -859,7 +859,10 @@ sub ParseDataPull($$$$$$$) + + $self->pidl("NDR_CHECK(".TypeFunctionName("ndr_pull", $l->{DATA_TYPE})."($ndr, $ndr_flags, $var_name));"); + +- if (my $range = has_property($e, "range")) { ++ my $pl = GetPrevLevel($e, $l); ++ ++ my $range = has_property($e, "range"); ++ if ($range and $pl->{TYPE} ne "ARRAY") { + $var_name = get_value_of($var_name); + my ($low, $high) = split(/,/, $range, 2); + $self->pidl("if ($var_name < $low || $var_name > $high) {"); +@@ -996,6 +999,20 @@ sub ParseElementPullLevel + } elsif ($l->{TYPE} eq "ARRAY") { + my $length = $self->ParseArrayPullHeader($e, $l, $ndr, $var_name, $env); + ++ if (my $range = has_property($e, "range")) { ++ my ($low, $high) = split(/,/, $range, 2); ++ if ($low < 0) { ++ warning(0, "$low is invalid for the range of an array size"); ++ } ++ if ($low == 0) { ++ $self->pidl("if ($length > $high) {"); ++ } else { ++ $self->pidl("if ($length < $low || $length > $high) {"); ++ } ++ $self->pidl("\treturn ndr_pull_error($ndr, NDR_ERR_RANGE, \"value out of range\");"); ++ $self->pidl("}"); ++ } ++ + my $nl = GetNextLevel($e, $l); + + if (is_charset_array($e,$l)) { +@@ -1057,6 +1074,20 @@ sub ParseElementPullLevel + $length = "ndr_get_array_length($ndr, " . get_pointer_to($var_name) .")"; + } + ++ if (my $range = has_property($e, "range")) { ++ my ($low, $high) = split(/,/, $range, 2); ++ if ($low < 0) { ++ warning(0, "$low is invalid for the range of an array size"); ++ } ++ if ($low == 0) { ++ $self->pidl("if ($length > $high) {"); ++ } else { ++ $self->pidl("if ($length < $low || $length > $high) {"); ++ } ++ $self->pidl("\treturn ndr_pull_error($ndr, NDR_ERR_RANGE, \"value out of range\");"); ++ $self->pidl("}"); ++ } ++ + $var_name = get_array_element($var_name, $counter); + + $self->ParseMemCtxPullStart($e, $l, $array_name); +-- +1.7.4.1 + + +From eebe9b1ba5f672cd6d21fb5c0400c0132ab12478 Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher <metze@samba.org> +Date: Thu, 15 Mar 2012 13:09:51 +0100 +Subject: [PATCH 07/15] pidl/NDR/Parser: declare all union helper variables in ParseUnionPull() + +metze +--- + source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 4 ++-- + 1 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +index 2439556..91de4b2 100644 +--- a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm ++++ b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +@@ -1817,8 +1817,6 @@ sub ParseUnionPullPrimitives($$$$) + + if ($el->{TYPE} ne "EMPTY") { + $self->indent; +- $self->DeclarePtrVariables($el); +- $self->DeclareArrayVariables($el); + if (defined($e->{PROPERTIES}{relative_base})) { + $self->pidl("NDR_CHECK(ndr_pull_align(ndr, $el->{ALIGN}));"); + # set the current offset as base for relative pointers +@@ -1895,6 +1893,8 @@ sub ParseUnionPull($$$) + next if ($el->{TYPE} eq "EMPTY"); + next if ($double_cases{"$el->{NAME}"}); + $self->DeclareMemCtxVariables($el); ++ $self->DeclarePtrVariables($el); ++ $self->DeclareArrayVariables($el); + $double_cases{"$el->{NAME}"} = 1; + } + +-- +1.7.4.1 + + +From f3bc070788172ef488ea16cfd6c1a7358c5b72a6 Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher <metze@samba.org> +Date: Thu, 15 Mar 2012 13:12:04 +0100 +Subject: [PATCH 08/15] pidl/NDR/Parser: simplify logic in DeclareArrayVariables*() + +metze +--- + source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 14 ++++++-------- + 1 files changed, 6 insertions(+), 8 deletions(-) + +diff --git a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +index 91de4b2..e1f1e1f 100644 +--- a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm ++++ b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +@@ -1496,11 +1496,10 @@ sub DeclareArrayVariables($$) + my ($self,$e) = @_; + + foreach my $l (@{$e->{LEVELS}}) { ++ next if ($l->{TYPE} ne "ARRAY"); + next if has_fast_array($e,$l); + next if is_charset_array($e,$l); +- if ($l->{TYPE} eq "ARRAY") { +- $self->pidl("uint32_t cntr_$e->{NAME}_$l->{LEVEL_INDEX};"); +- } ++ $self->pidl("uint32_t cntr_$e->{NAME}_$l->{LEVEL_INDEX};"); + } + } + +@@ -1509,15 +1508,14 @@ sub DeclareArrayVariablesNoZero($$$) + my ($self,$e,$env) = @_; + + foreach my $l (@{$e->{LEVELS}}) { ++ next if ($l->{TYPE} ne "ARRAY"); + next if has_fast_array($e,$l); + next if is_charset_array($e,$l); +- if ($l->{TYPE} eq "ARRAY") { +- my $length = ParseExpr($l->{LENGTH_IS}, $env, $e->{ORIGINAL}); +- if ($length eq "0") { ++ my $length = ParseExpr($l->{LENGTH_IS}, $env, $e->{ORIGINAL}); ++ if ($length eq "0") { + warning($e->{ORIGINAL}, "pointless array cntr: 'cntr_$e->{NAME}_$l->{LEVEL_INDEX}': length=$length"); +- } else { ++ } else { + $self->pidl("uint32_t cntr_$e->{NAME}_$l->{LEVEL_INDEX};"); +- } + } + } + } +-- +1.7.4.1 + + +From 5fd884a49e08398a0eb897afadc8907d45903957 Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher <metze@samba.org> +Date: Thu, 15 Mar 2012 13:05:39 +0100 +Subject: [PATCH 09/15] pidl/NDR/Parser: split off ParseArrayPullGetSize() and ParseArrayPullGetLength() + +metze +--- + source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 55 +++++++++++++++++----- + 1 files changed, 42 insertions(+), 13 deletions(-) + +diff --git a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +index e1f1e1f..b4eca56 100644 +--- a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm ++++ b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +@@ -315,39 +315,68 @@ sub check_null_pointer($$$$) + } + } + +-##################################################################### +-# parse an array - pull side +-sub ParseArrayPullHeader($$$$$$) ++sub ParseArrayPullGetSize($$$$$$) + { + my ($self,$e,$l,$ndr,$var_name,$env) = @_; + +- my $length; + my $size; + + if ($l->{IS_CONFORMANT}) { +- $length = $size = "ndr_get_array_size($ndr, " . get_pointer_to($var_name) . ")"; ++ $size = "ndr_get_array_size($ndr, " . get_pointer_to($var_name) . ")"; + } elsif ($l->{IS_ZERO_TERMINATED} and $l->{SIZE_IS} == 0 and $l->{LENGTH_IS} == 0) { # Noheader arrays +- $length = $size = "ndr_get_string_size($ndr, sizeof(*$var_name))"; ++ $size = "ndr_get_string_size($ndr, sizeof(*$var_name))"; + } else { +- $length = $size = ParseExprExt($l->{SIZE_IS}, $env, $e->{ORIGINAL}, ++ $size = ParseExprExt($l->{SIZE_IS}, $env, $e->{ORIGINAL}, + check_null_pointer($e, $env, sub { $self->pidl(shift); }, + "return ndr_pull_error(ndr, NDR_ERR_INVALID_POINTER, \"NULL Pointer for size_is()\");"), + check_fully_dereferenced($e, $env)); + } + ++ my $array_size = $size; ++ ++ return $array_size; ++} ++ ++##################################################################### ++# parse an array - pull side ++sub ParseArrayPullGetLength($$$$$$;$) ++{ ++ my ($self,$e,$l,$ndr,$var_name,$env,$array_size) = @_; ++ ++ if (not defined($array_size)) { ++ $array_size = $self->ParseArrayPullGetSize($e, $l, $ndr, $var_name, $env); ++ } ++ ++ my $array_length = $array_size; ++ if ($l->{IS_VARYING}) { ++ my $length = "ndr_get_array_length($ndr, " . get_pointer_to($var_name) .")"; ++ $array_length = $length; ++ } ++ ++ return $array_length; ++} ++ ++##################################################################### ++# parse an array - pull side ++sub ParseArrayPullHeader($$$$$$) ++{ ++ my ($self,$e,$l,$ndr,$var_name,$env) = @_; ++ + if ((!$l->{IS_SURROUNDING}) and $l->{IS_CONFORMANT}) { + $self->pidl("NDR_CHECK(ndr_pull_array_size(ndr, " . get_pointer_to($var_name) . "));"); + } + + if ($l->{IS_VARYING}) { + $self->pidl("NDR_CHECK(ndr_pull_array_length($ndr, " . get_pointer_to($var_name) . "));"); +- $length = "ndr_get_array_length($ndr, " . get_pointer_to($var_name) .")"; + } + +- if ($length ne $size) { +- $self->pidl("if ($length > $size) {"); ++ my $array_size = $self->ParseArrayPullGetSize($e, $l, $ndr, $var_name, $env); ++ my $array_length = $self->ParseArrayPullGetLength($e, $l, $ndr, $var_name, $env, $array_size); ++ ++ if ($array_length ne $array_size) { ++ $self->pidl("if ($array_length > $array_size) {"); + $self->indent; +- $self->pidl("return ndr_pull_error($ndr, NDR_ERR_ARRAY_SIZE, \"Bad array size %u should exceed array length %u\", $size, $length);"); ++ $self->pidl("return ndr_pull_error($ndr, NDR_ERR_ARRAY_SIZE, \"Bad array size %u should exceed array length %u\", $array_size, $array_length);"); + $self->deindent; + $self->pidl("}"); + } +@@ -377,10 +406,10 @@ sub ParseArrayPullHeader($$$$$$) + } + + if (ArrayDynamicallyAllocated($e,$l) and not is_charset_array($e,$l)) { +- $self->AllocateArrayLevel($e,$l,$ndr,$var_name,$size); ++ $self->AllocateArrayLevel($e,$l,$ndr,$var_name,$array_size); + } + +- return $length; ++ return $array_length; + } + + sub compression_alg($$) +-- +1.7.4.1 + + +From 322b30053321084497155bd67860339f03b70e5e Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher <metze@samba.org> +Date: Thu, 15 Mar 2012 13:07:47 +0100 +Subject: [PATCH 10/15] pidl/NDR/Parser: use ParseArrayPullGetLength() to get the number of array elements (bug #8815 / CVE-2012-1182) + +An anonymous researcher and Brian Gorenc (HP DVLabs) working +with HP's Zero Day Initiative program have found this and notified us. + +metze +--- + source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 6 +----- + 1 files changed, 1 insertions(+), 5 deletions(-) + +diff --git a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +index b4eca56..cf86fd1 100644 +--- a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm ++++ b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +@@ -1095,14 +1095,10 @@ sub ParseElementPullLevel + } + } elsif ($l->{TYPE} eq "ARRAY" and + not has_fast_array($e,$l) and not is_charset_array($e, $l)) { +- my $length = ParseExpr($l->{LENGTH_IS}, $env, $e->{ORIGINAL}); ++ my $length = $self->ParseArrayPullGetLength($e, $l, $ndr, $var_name, $env); + my $counter = "cntr_$e->{NAME}_$l->{LEVEL_INDEX}"; + my $array_name = $var_name; + +- if ($l->{IS_VARYING}) { +- $length = "ndr_get_array_length($ndr, " . get_pointer_to($var_name) .")"; +- } +- + if (my $range = has_property($e, "range")) { + my ($low, $high) = split(/,/, $range, 2); + if ($low < 0) { +-- +1.7.4.1 + + +From 12dc74004def54af2983d7bc638a55b5d518e4b4 Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher <metze@samba.org> +Date: Thu, 15 Mar 2012 15:07:08 +0100 +Subject: [PATCH 11/15] pidl/NDR/Parser: remember if we already know the array length + +metze +--- + source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 8 +++++++- + 1 files changed, 7 insertions(+), 1 deletions(-) + +diff --git a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +index cf86fd1..6e80576 100644 +--- a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm ++++ b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +@@ -1014,6 +1014,7 @@ sub ParseElementPullLevel + my($self,$e,$l,$ndr,$var_name,$env,$primitives,$deferred) = @_; + + my $ndr_flags = CalcNdrFlags($l, $primitives, $deferred); ++ my $array_length = undef; + + if ($l->{TYPE} eq "ARRAY" and ($l->{IS_VARYING} or $l->{IS_CONFORMANT})) { + $var_name = get_pointer_to($var_name); +@@ -1027,6 +1028,7 @@ sub ParseElementPullLevel + $self->ParseSubcontextPullEnd($e, $l, $ndr, $env); + } elsif ($l->{TYPE} eq "ARRAY") { + my $length = $self->ParseArrayPullHeader($e, $l, $ndr, $var_name, $env); ++ $array_length = $length; + + if (my $range = has_property($e, "range")) { + my ($low, $high) = split(/,/, $range, 2); +@@ -1095,10 +1097,14 @@ sub ParseElementPullLevel + } + } elsif ($l->{TYPE} eq "ARRAY" and + not has_fast_array($e,$l) and not is_charset_array($e, $l)) { +- my $length = $self->ParseArrayPullGetLength($e, $l, $ndr, $var_name, $env); ++ my $length = $array_length; + my $counter = "cntr_$e->{NAME}_$l->{LEVEL_INDEX}"; + my $array_name = $var_name; + ++ if (not defined($length)) { ++ $length = $self->ParseArrayPullGetLength($e, $l, $ndr, $var_name, $env); ++ } ++ + if (my $range = has_property($e, "range")) { + my ($low, $high) = split(/,/, $range, 2); + if ($low < 0) { +-- +1.7.4.1 + + +From 85332775bdfde4e2e1243cdfe3dfaa8728603c1c Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher <metze@samba.org> +Date: Thu, 15 Mar 2012 13:13:20 +0100 +Subject: [PATCH 12/15] pidl/NDR/Parser: use helper variables for array size and length + +metze +--- + source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 22 +++++++++++++++------- + 1 files changed, 15 insertions(+), 7 deletions(-) + +diff --git a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +index 6e80576..d27c9bd 100644 +--- a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm ++++ b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +@@ -332,7 +332,8 @@ sub ParseArrayPullGetSize($$$$$$) + check_fully_dereferenced($e, $env)); + } + +- my $array_size = $size; ++ $self->pidl("size_$e->{NAME}_$l->{LEVEL_INDEX} = $size;"); ++ my $array_size = "size_$e->{NAME}_$l->{LEVEL_INDEX}"; + + return $array_size; + } +@@ -350,7 +351,8 @@ sub ParseArrayPullGetLength($$$$$$;$) + my $array_length = $array_size; + if ($l->{IS_VARYING}) { + my $length = "ndr_get_array_length($ndr, " . get_pointer_to($var_name) .")"; +- $array_length = $length; ++ $self->pidl("length_$e->{NAME}_$l->{LEVEL_INDEX} = $length;"); ++ $array_length = "length_$e->{NAME}_$l->{LEVEL_INDEX}"; + } + + return $array_length; +@@ -1522,12 +1524,18 @@ sub DeclarePtrVariables($$) + } + } + +-sub DeclareArrayVariables($$) ++sub DeclareArrayVariables($$;$) + { +- my ($self,$e) = @_; ++ my ($self,$e,$pull) = @_; + + foreach my $l (@{$e->{LEVELS}}) { + next if ($l->{TYPE} ne "ARRAY"); ++ if (defined($pull)) { ++ $self->pidl("uint32_t size_$e->{NAME}_$l->{LEVEL_INDEX} = 0;"); ++ if ($l->{IS_VARYING}) { ++ $self->pidl("uint32_t length_$e->{NAME}_$l->{LEVEL_INDEX} = 0;"); ++ } ++ } + next if has_fast_array($e,$l); + next if is_charset_array($e,$l); + $self->pidl("uint32_t cntr_$e->{NAME}_$l->{LEVEL_INDEX};"); +@@ -1610,7 +1618,7 @@ sub ParseStructPull($$$) + # declare any internal pointers we need + foreach my $e (@{$struct->{ELEMENTS}}) { + $self->DeclarePtrVariables($e); +- $self->DeclareArrayVariables($e); ++ $self->DeclareArrayVariables($e, "pull"); + $self->DeclareMemCtxVariables($e); + } + +@@ -1923,7 +1931,7 @@ sub ParseUnionPull($$$) + next if ($double_cases{"$el->{NAME}"}); + $self->DeclareMemCtxVariables($el); + $self->DeclarePtrVariables($el); +- $self->DeclareArrayVariables($el); ++ $self->DeclareArrayVariables($el, "pull"); + $double_cases{"$el->{NAME}"} = 1; + } + +@@ -2184,7 +2192,7 @@ sub ParseFunctionPull($$) + # declare any internal pointers we need + foreach my $e (@{$fn->{ELEMENTS}}) { + $self->DeclarePtrVariables($e); +- $self->DeclareArrayVariables($e); ++ $self->DeclareArrayVariables($e, "pull"); + } + + my %double_cases = (); +-- +1.7.4.1 + + +From dfb0568c51af7ba6fdd30807d41beb524fa9b3dc Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher <metze@samba.org> +Date: Thu, 15 Mar 2012 13:14:48 +0100 +Subject: [PATCH 13/15] pidl/NDR/Parser: do array range validation in ParseArrayPullGetLength() + +metze +--- + source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 42 +++++++--------------- + 1 files changed, 14 insertions(+), 28 deletions(-) + +diff --git a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +index d27c9bd..8d77f64 100644 +--- a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm ++++ b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +@@ -355,6 +355,20 @@ sub ParseArrayPullGetLength($$$$$$;$) + $array_length = "length_$e->{NAME}_$l->{LEVEL_INDEX}"; + } + ++ if (my $range = has_property($e, "range")) { ++ my ($low, $high) = split(/,/, $range, 2); ++ if ($low < 0) { ++ warning(0, "$low is invalid for the range of an array size"); ++ } ++ if ($low == 0) { ++ $self->pidl("if ($array_length > $high) {"); ++ } else { ++ $self->pidl("if ($array_length < $low || $array_length > $high) {"); ++ } ++ $self->pidl("\treturn ndr_pull_error($ndr, NDR_ERR_RANGE, \"value out of range\");"); ++ $self->pidl("}"); ++ } ++ + return $array_length; + } + +@@ -1032,20 +1046,6 @@ sub ParseElementPullLevel + my $length = $self->ParseArrayPullHeader($e, $l, $ndr, $var_name, $env); + $array_length = $length; + +- if (my $range = has_property($e, "range")) { +- my ($low, $high) = split(/,/, $range, 2); +- if ($low < 0) { +- warning(0, "$low is invalid for the range of an array size"); +- } +- if ($low == 0) { +- $self->pidl("if ($length > $high) {"); +- } else { +- $self->pidl("if ($length < $low || $length > $high) {"); +- } +- $self->pidl("\treturn ndr_pull_error($ndr, NDR_ERR_RANGE, \"value out of range\");"); +- $self->pidl("}"); +- } +- + my $nl = GetNextLevel($e, $l); + + if (is_charset_array($e,$l)) { +@@ -1107,20 +1107,6 @@ sub ParseElementPullLevel + $length = $self->ParseArrayPullGetLength($e, $l, $ndr, $var_name, $env); + } + +- if (my $range = has_property($e, "range")) { +- my ($low, $high) = split(/,/, $range, 2); +- if ($low < 0) { +- warning(0, "$low is invalid for the range of an array size"); +- } +- if ($low == 0) { +- $self->pidl("if ($length > $high) {"); +- } else { +- $self->pidl("if ($length < $low || $length > $high) {"); +- } +- $self->pidl("\treturn ndr_pull_error($ndr, NDR_ERR_RANGE, \"value out of range\");"); +- $self->pidl("}"); +- } +- + $var_name = get_array_element($var_name, $counter); + + $self->ParseMemCtxPullStart($e, $l, $array_name); +-- +1.7.4.1 + + +From 7434572eb6f2d8cafdbff14611d710d0f9de465a Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher <metze@samba.org> +Date: Thu, 15 Mar 2012 17:03:05 +0100 +Subject: [PATCH 14/15] pid/NDR/Parser: also do range checks on the array size + +metze +--- + source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm | 25 ++++++++++++++++++---- + 1 files changed, 20 insertions(+), 5 deletions(-) + +diff --git a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +index 8d77f64..c5f715a 100644 +--- a/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm ++++ b/source/pidl/lib/Parse/Pidl/Samba4/NDR/Parser.pm +@@ -335,6 +335,20 @@ sub ParseArrayPullGetSize($$$$$$) + $self->pidl("size_$e->{NAME}_$l->{LEVEL_INDEX} = $size;"); + my $array_size = "size_$e->{NAME}_$l->{LEVEL_INDEX}"; + ++ if (my $range = has_property($e, "range")) { ++ my ($low, $high) = split(/,/, $range, 2); ++ if ($low < 0) { ++ warning(0, "$low is invalid for the range of an array size"); ++ } ++ if ($low == 0) { ++ $self->pidl("if ($array_size > $high) {"); ++ } else { ++ $self->pidl("if ($array_size < $low || $array_size > $high) {"); ++ } ++ $self->pidl("\treturn ndr_pull_error($ndr, NDR_ERR_RANGE, \"value out of range\");"); ++ $self->pidl("}"); ++ } ++ + return $array_size; + } + +@@ -348,13 +362,14 @@ sub ParseArrayPullGetLength($$$$$$;$) + $array_size = $self->ParseArrayPullGetSize($e, $l, $ndr, $var_name, $env); + } + +- my $array_length = $array_size; +- if ($l->{IS_VARYING}) { +- my $length = "ndr_get_array_length($ndr, " . get_pointer_to($var_name) .")"; +- $self->pidl("length_$e->{NAME}_$l->{LEVEL_INDEX} = $length;"); +- $array_length = "length_$e->{NAME}_$l->{LEVEL_INDEX}"; ++ if (not $l->{IS_VARYING}) { ++ return $array_size; + } + ++ my $length = "ndr_get_array_length($ndr, " . get_pointer_to($var_name) .")"; ++ $self->pidl("length_$e->{NAME}_$l->{LEVEL_INDEX} = $length;"); ++ my $array_length = "length_$e->{NAME}_$l->{LEVEL_INDEX}"; ++ + if (my $range = has_property($e, "range")) { + my ($low, $high) = split(/,/, $range, 2); + if ($low < 0) { +-- +1.7.4.1 + + +From a4a9004383bc4df94092288f2d8204f0e5ade37d Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher <metze@samba.org> +Date: Sat, 17 Mar 2012 00:16:31 +0100 +Subject: [PATCH 15/15] rerun make idl + +--- + source/librpc/gen_ndr/ndr_dfs.c | 840 +++++++++----- + source/librpc/gen_ndr/ndr_dssetup.c | 36 +- + source/librpc/gen_ndr/ndr_echo.c | 54 +- + source/librpc/gen_ndr/ndr_epmapper.c | 50 +- + source/librpc/gen_ndr/ndr_eventlog.c | 12 +- + source/librpc/gen_ndr/ndr_krb5pac.c | 22 +- + source/librpc/gen_ndr/ndr_lsa.c | 262 +++-- + source/librpc/gen_ndr/ndr_messaging.c | 31 +- + source/librpc/gen_ndr/ndr_misc.c | 8 +- + source/librpc/gen_ndr/ndr_netlogon.c | 1690 +++++++++++++++++--------- + source/librpc/gen_ndr/ndr_notify.c | 18 +- + source/librpc/gen_ndr/ndr_ntsvcs.c | 64 +- + source/librpc/gen_ndr/ndr_samr.c | 182 ++- + source/librpc/gen_ndr/ndr_security.c | 18 +- + source/librpc/gen_ndr/ndr_srvsvc.c | 2174 +++++++++++++++++++++------------ + source/librpc/gen_ndr/ndr_svcctl.c | 594 ++++++--- + source/librpc/gen_ndr/ndr_winreg.c | 146 ++- + source/librpc/gen_ndr/ndr_wkssvc.c | 1378 ++++++++++++++-------- + source/librpc/gen_ndr/ndr_xattr.c | 6 +- + 19 files changed, 4955 insertions(+), 2630 deletions(-) + +diff --git a/source/librpc/gen_ndr/ndr_dfs.c b/source/librpc/gen_ndr/ndr_dfs.c +index db3f5e4..872fc1b 100644 +--- a/source/librpc/gen_ndr/ndr_dfs.c ++++ b/source/librpc/gen_ndr/ndr_dfs.c +@@ -76,6 +76,8 @@ static enum ndr_err_code ndr_push_dfs_Info1(struct ndr_push *ndr, int ndr_flags, + static enum ndr_err_code ndr_pull_dfs_Info1(struct ndr_pull *ndr, int ndr_flags, struct dfs_Info1 *r) + { + uint32_t _ptr_path; ++ uint32_t size_path_1 = 0; ++ uint32_t length_path_1 = 0; + TALLOC_CTX *_mem_save_path_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -92,11 +94,13 @@ static enum ndr_err_code ndr_pull_dfs_Info1(struct ndr_pull *ndr, int ndr_flags, + NDR_PULL_SET_MEM_CTX(ndr, r->path, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->path)); +- if (ndr_get_array_length(ndr, &r->path) > ndr_get_array_size(ndr, &r->path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->path), ndr_get_array_length(ndr, &r->path)); ++ size_path_1 = ndr_get_array_size(ndr, &r->path); ++ length_path_1 = ndr_get_array_length(ndr, &r->path); ++ if (length_path_1 > size_path_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_path_1, length_path_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->path, ndr_get_array_length(ndr, &r->path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_path_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->path, length_path_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_path_0, 0); + } + } +@@ -172,8 +176,12 @@ static enum ndr_err_code ndr_push_dfs_Info2(struct ndr_push *ndr, int ndr_flags, + static enum ndr_err_code ndr_pull_dfs_Info2(struct ndr_pull *ndr, int ndr_flags, struct dfs_Info2 *r) + { + uint32_t _ptr_path; ++ uint32_t size_path_1 = 0; ++ uint32_t length_path_1 = 0; + TALLOC_CTX *_mem_save_path_0; + uint32_t _ptr_comment; ++ uint32_t size_comment_1 = 0; ++ uint32_t length_comment_1 = 0; + TALLOC_CTX *_mem_save_comment_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -198,11 +206,13 @@ static enum ndr_err_code ndr_pull_dfs_Info2(struct ndr_pull *ndr, int ndr_flags, + NDR_PULL_SET_MEM_CTX(ndr, r->path, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->path)); +- if (ndr_get_array_length(ndr, &r->path) > ndr_get_array_size(ndr, &r->path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->path), ndr_get_array_length(ndr, &r->path)); ++ size_path_1 = ndr_get_array_size(ndr, &r->path); ++ length_path_1 = ndr_get_array_length(ndr, &r->path); ++ if (length_path_1 > size_path_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_path_1, length_path_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->path, ndr_get_array_length(ndr, &r->path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_path_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->path, length_path_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_path_0, 0); + } + if (r->comment) { +@@ -210,11 +220,13 @@ static enum ndr_err_code ndr_pull_dfs_Info2(struct ndr_pull *ndr, int ndr_flags, + NDR_PULL_SET_MEM_CTX(ndr, r->comment, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->comment)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->comment)); +- if (ndr_get_array_length(ndr, &r->comment) > ndr_get_array_size(ndr, &r->comment)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->comment), ndr_get_array_length(ndr, &r->comment)); ++ size_comment_1 = ndr_get_array_size(ndr, &r->comment); ++ length_comment_1 = ndr_get_array_length(ndr, &r->comment); ++ if (length_comment_1 > size_comment_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_comment_1, length_comment_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_comment_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, length_comment_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_comment_0, 0); + } + } +@@ -294,8 +306,12 @@ static enum ndr_err_code ndr_push_dfs_StorageInfo(struct ndr_push *ndr, int ndr_ + static enum ndr_err_code ndr_pull_dfs_StorageInfo(struct ndr_pull *ndr, int ndr_flags, struct dfs_StorageInfo *r) + { + uint32_t _ptr_server; ++ uint32_t size_server_1 = 0; ++ uint32_t length_server_1 = 0; + TALLOC_CTX *_mem_save_server_0; + uint32_t _ptr_share; ++ uint32_t size_share_1 = 0; ++ uint32_t length_share_1 = 0; + TALLOC_CTX *_mem_save_share_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -319,11 +335,13 @@ static enum ndr_err_code ndr_pull_dfs_StorageInfo(struct ndr_pull *ndr, int ndr_ + NDR_PULL_SET_MEM_CTX(ndr, r->server, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->server)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->server)); +- if (ndr_get_array_length(ndr, &r->server) > ndr_get_array_size(ndr, &r->server)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->server), ndr_get_array_length(ndr, &r->server)); ++ size_server_1 = ndr_get_array_size(ndr, &r->server); ++ length_server_1 = ndr_get_array_length(ndr, &r->server); ++ if (length_server_1 > size_server_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_1, length_server_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->server), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->server, ndr_get_array_length(ndr, &r->server), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->server, length_server_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_0, 0); + } + if (r->share) { +@@ -331,11 +349,13 @@ static enum ndr_err_code ndr_pull_dfs_StorageInfo(struct ndr_pull *ndr, int ndr_ + NDR_PULL_SET_MEM_CTX(ndr, r->share, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->share)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->share)); +- if (ndr_get_array_length(ndr, &r->share) > ndr_get_array_size(ndr, &r->share)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->share), ndr_get_array_length(ndr, &r->share)); ++ size_share_1 = ndr_get_array_size(ndr, &r->share); ++ length_share_1 = ndr_get_array_length(ndr, &r->share); ++ if (length_share_1 > size_share_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_share_1, length_share_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->share), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->share, ndr_get_array_length(ndr, &r->share), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_share_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->share, length_share_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_share_0, 0); + } + } +@@ -402,10 +422,15 @@ static enum ndr_err_code ndr_push_dfs_Info3(struct ndr_push *ndr, int ndr_flags, + static enum ndr_err_code ndr_pull_dfs_Info3(struct ndr_pull *ndr, int ndr_flags, struct dfs_Info3 *r) + { + uint32_t _ptr_path; ++ uint32_t size_path_1 = 0; ++ uint32_t length_path_1 = 0; + TALLOC_CTX *_mem_save_path_0; + uint32_t _ptr_comment; ++ uint32_t size_comment_1 = 0; ++ uint32_t length_comment_1 = 0; + TALLOC_CTX *_mem_save_comment_0; + uint32_t _ptr_stores; ++ uint32_t size_stores_1 = 0; + uint32_t cntr_stores_1; + TALLOC_CTX *_mem_save_stores_0; + TALLOC_CTX *_mem_save_stores_1; +@@ -438,11 +463,13 @@ static enum ndr_err_code ndr_pull_dfs_Info3(struct ndr_pull *ndr, int ndr_flags, + NDR_PULL_SET_MEM_CTX(ndr, r->path, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->path)); +- if (ndr_get_array_length(ndr, &r->path) > ndr_get_array_size(ndr, &r->path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->path), ndr_get_array_length(ndr, &r->path)); ++ size_path_1 = ndr_get_array_size(ndr, &r->path); ++ length_path_1 = ndr_get_array_length(ndr, &r->path); ++ if (length_path_1 > size_path_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_path_1, length_path_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->path, ndr_get_array_length(ndr, &r->path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_path_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->path, length_path_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_path_0, 0); + } + if (r->comment) { +@@ -450,24 +477,27 @@ static enum ndr_err_code ndr_pull_dfs_Info3(struct ndr_pull *ndr, int ndr_flags, + NDR_PULL_SET_MEM_CTX(ndr, r->comment, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->comment)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->comment)); +- if (ndr_get_array_length(ndr, &r->comment) > ndr_get_array_size(ndr, &r->comment)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->comment), ndr_get_array_length(ndr, &r->comment)); ++ size_comment_1 = ndr_get_array_size(ndr, &r->comment); ++ length_comment_1 = ndr_get_array_length(ndr, &r->comment); ++ if (length_comment_1 > size_comment_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_comment_1, length_comment_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_comment_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, length_comment_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_comment_0, 0); + } + if (r->stores) { + _mem_save_stores_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->stores, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->stores)); +- NDR_PULL_ALLOC_N(ndr, r->stores, ndr_get_array_size(ndr, &r->stores)); ++ size_stores_1 = ndr_get_array_size(ndr, &r->stores); ++ NDR_PULL_ALLOC_N(ndr, r->stores, size_stores_1); + _mem_save_stores_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->stores, 0); +- for (cntr_stores_1 = 0; cntr_stores_1 < r->num_stores; cntr_stores_1++) { ++ for (cntr_stores_1 = 0; cntr_stores_1 < size_stores_1; cntr_stores_1++) { + NDR_CHECK(ndr_pull_dfs_StorageInfo(ndr, NDR_SCALARS, &r->stores[cntr_stores_1])); + } +- for (cntr_stores_1 = 0; cntr_stores_1 < r->num_stores; cntr_stores_1++) { ++ for (cntr_stores_1 = 0; cntr_stores_1 < size_stores_1; cntr_stores_1++) { + NDR_CHECK(ndr_pull_dfs_StorageInfo(ndr, NDR_BUFFERS, &r->stores[cntr_stores_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_stores_1, 0); +@@ -560,10 +590,15 @@ static enum ndr_err_code ndr_push_dfs_Info4(struct ndr_push *ndr, int ndr_flags, + static enum ndr_err_code ndr_pull_dfs_Info4(struct ndr_pull *ndr, int ndr_flags, struct dfs_Info4 *r) + { + uint32_t _ptr_path; ++ uint32_t size_path_1 = 0; ++ uint32_t length_path_1 = 0; + TALLOC_CTX *_mem_save_path_0; + uint32_t _ptr_comment; ++ uint32_t size_comment_1 = 0; ++ uint32_t length_comment_1 = 0; + TALLOC_CTX *_mem_save_comment_0; + uint32_t _ptr_stores; ++ uint32_t size_stores_1 = 0; + uint32_t cntr_stores_1; + TALLOC_CTX *_mem_save_stores_0; + TALLOC_CTX *_mem_save_stores_1; +@@ -598,11 +633,13 @@ static enum ndr_err_code ndr_pull_dfs_Info4(struct ndr_pull *ndr, int ndr_flags, + NDR_PULL_SET_MEM_CTX(ndr, r->path, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->path)); +- if (ndr_get_array_length(ndr, &r->path) > ndr_get_array_size(ndr, &r->path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->path), ndr_get_array_length(ndr, &r->path)); ++ size_path_1 = ndr_get_array_size(ndr, &r->path); ++ length_path_1 = ndr_get_array_length(ndr, &r->path); ++ if (length_path_1 > size_path_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_path_1, length_path_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->path, ndr_get_array_length(ndr, &r->path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_path_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->path, length_path_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_path_0, 0); + } + if (r->comment) { +@@ -610,11 +647,13 @@ static enum ndr_err_code ndr_pull_dfs_Info4(struct ndr_pull *ndr, int ndr_flags, + NDR_PULL_SET_MEM_CTX(ndr, r->comment, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->comment)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->comment)); +- if (ndr_get_array_length(ndr, &r->comment) > ndr_get_array_size(ndr, &r->comment)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->comment), ndr_get_array_length(ndr, &r->comment)); ++ size_comment_1 = ndr_get_array_size(ndr, &r->comment); ++ length_comment_1 = ndr_get_array_length(ndr, &r->comment); ++ if (length_comment_1 > size_comment_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_comment_1, length_comment_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_comment_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, length_comment_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_comment_0, 0); + } + NDR_CHECK(ndr_pull_GUID(ndr, NDR_BUFFERS, &r->guid)); +@@ -622,13 +661,14 @@ static enum ndr_err_code ndr_pull_dfs_Info4(struct ndr_pull *ndr, int ndr_flags, + _mem_save_stores_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->stores, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->stores)); +- NDR_PULL_ALLOC_N(ndr, r->stores, ndr_get_array_size(ndr, &r->stores)); ++ size_stores_1 = ndr_get_array_size(ndr, &r->stores); ++ NDR_PULL_ALLOC_N(ndr, r->stores, size_stores_1); + _mem_save_stores_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->stores, 0); +- for (cntr_stores_1 = 0; cntr_stores_1 < r->num_stores; cntr_stores_1++) { ++ for (cntr_stores_1 = 0; cntr_stores_1 < size_stores_1; cntr_stores_1++) { + NDR_CHECK(ndr_pull_dfs_StorageInfo(ndr, NDR_SCALARS, &r->stores[cntr_stores_1])); + } +- for (cntr_stores_1 = 0; cntr_stores_1 < r->num_stores; cntr_stores_1++) { ++ for (cntr_stores_1 = 0; cntr_stores_1 < size_stores_1; cntr_stores_1++) { + NDR_CHECK(ndr_pull_dfs_StorageInfo(ndr, NDR_BUFFERS, &r->stores[cntr_stores_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_stores_1, 0); +@@ -740,8 +780,12 @@ static enum ndr_err_code ndr_push_dfs_Info5(struct ndr_push *ndr, int ndr_flags, + static enum ndr_err_code ndr_pull_dfs_Info5(struct ndr_pull *ndr, int ndr_flags, struct dfs_Info5 *r) + { + uint32_t _ptr_path; ++ uint32_t size_path_1 = 0; ++ uint32_t length_path_1 = 0; + TALLOC_CTX *_mem_save_path_0; + uint32_t _ptr_comment; ++ uint32_t size_comment_1 = 0; ++ uint32_t length_comment_1 = 0; + TALLOC_CTX *_mem_save_comment_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -770,11 +814,13 @@ static enum ndr_err_code ndr_pull_dfs_Info5(struct ndr_pull *ndr, int ndr_flags, + NDR_PULL_SET_MEM_CTX(ndr, r->path, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->path)); +- if (ndr_get_array_length(ndr, &r->path) > ndr_get_array_size(ndr, &r->path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->path), ndr_get_array_length(ndr, &r->path)); ++ size_path_1 = ndr_get_array_size(ndr, &r->path); ++ length_path_1 = ndr_get_array_length(ndr, &r->path); ++ if (length_path_1 > size_path_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_path_1, length_path_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->path, ndr_get_array_length(ndr, &r->path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_path_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->path, length_path_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_path_0, 0); + } + if (r->comment) { +@@ -782,11 +828,13 @@ static enum ndr_err_code ndr_pull_dfs_Info5(struct ndr_pull *ndr, int ndr_flags, + NDR_PULL_SET_MEM_CTX(ndr, r->comment, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->comment)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->comment)); +- if (ndr_get_array_length(ndr, &r->comment) > ndr_get_array_size(ndr, &r->comment)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->comment), ndr_get_array_length(ndr, &r->comment)); ++ size_comment_1 = ndr_get_array_size(ndr, &r->comment); ++ length_comment_1 = ndr_get_array_length(ndr, &r->comment); ++ if (length_comment_1 > size_comment_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_comment_1, length_comment_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_comment_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, length_comment_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_comment_0, 0); + } + NDR_CHECK(ndr_pull_GUID(ndr, NDR_BUFFERS, &r->guid)); +@@ -964,10 +1012,15 @@ static enum ndr_err_code ndr_push_dfs_Info6(struct ndr_push *ndr, int ndr_flags, + static enum ndr_err_code ndr_pull_dfs_Info6(struct ndr_pull *ndr, int ndr_flags, struct dfs_Info6 *r) + { + uint32_t _ptr_entry_path; ++ uint32_t size_entry_path_1 = 0; ++ uint32_t length_entry_path_1 = 0; + TALLOC_CTX *_mem_save_entry_path_0; + uint32_t _ptr_comment; ++ uint32_t size_comment_1 = 0; ++ uint32_t length_comment_1 = 0; + TALLOC_CTX *_mem_save_comment_0; + uint32_t _ptr_stores; ++ uint32_t size_stores_1 = 0; + uint32_t cntr_stores_1; + TALLOC_CTX *_mem_save_stores_0; + TALLOC_CTX *_mem_save_stores_1; +@@ -1004,11 +1057,13 @@ static enum ndr_err_code ndr_pull_dfs_Info6(struct ndr_pull *ndr, int ndr_flags, + NDR_PULL_SET_MEM_CTX(ndr, r->entry_path, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->entry_path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->entry_path)); +- if (ndr_get_array_length(ndr, &r->entry_path) > ndr_get_array_size(ndr, &r->entry_path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->entry_path), ndr_get_array_length(ndr, &r->entry_path)); ++ size_entry_path_1 = ndr_get_array_size(ndr, &r->entry_path); ++ length_entry_path_1 = ndr_get_array_length(ndr, &r->entry_path); ++ if (length_entry_path_1 > size_entry_path_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_entry_path_1, length_entry_path_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->entry_path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->entry_path, ndr_get_array_length(ndr, &r->entry_path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_entry_path_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->entry_path, length_entry_path_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_entry_path_0, 0); + } + if (r->comment) { +@@ -1016,11 +1071,13 @@ static enum ndr_err_code ndr_pull_dfs_Info6(struct ndr_pull *ndr, int ndr_flags, + NDR_PULL_SET_MEM_CTX(ndr, r->comment, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->comment)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->comment)); +- if (ndr_get_array_length(ndr, &r->comment) > ndr_get_array_size(ndr, &r->comment)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->comment), ndr_get_array_length(ndr, &r->comment)); ++ size_comment_1 = ndr_get_array_size(ndr, &r->comment); ++ length_comment_1 = ndr_get_array_length(ndr, &r->comment); ++ if (length_comment_1 > size_comment_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_comment_1, length_comment_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_comment_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, length_comment_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_comment_0, 0); + } + NDR_CHECK(ndr_pull_GUID(ndr, NDR_BUFFERS, &r->guid)); +@@ -1028,13 +1085,14 @@ static enum ndr_err_code ndr_pull_dfs_Info6(struct ndr_pull *ndr, int ndr_flags, + _mem_save_stores_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->stores, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->stores)); +- NDR_PULL_ALLOC_N(ndr, r->stores, ndr_get_array_size(ndr, &r->stores)); ++ size_stores_1 = ndr_get_array_size(ndr, &r->stores); ++ NDR_PULL_ALLOC_N(ndr, r->stores, size_stores_1); + _mem_save_stores_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->stores, 0); +- for (cntr_stores_1 = 0; cntr_stores_1 < r->num_stores; cntr_stores_1++) { ++ for (cntr_stores_1 = 0; cntr_stores_1 < size_stores_1; cntr_stores_1++) { + NDR_CHECK(ndr_pull_dfs_StorageInfo2(ndr, NDR_SCALARS, &r->stores[cntr_stores_1])); + } +- for (cntr_stores_1 = 0; cntr_stores_1 < r->num_stores; cntr_stores_1++) { ++ for (cntr_stores_1 = 0; cntr_stores_1 < size_stores_1; cntr_stores_1++) { + NDR_CHECK(ndr_pull_dfs_StorageInfo2(ndr, NDR_BUFFERS, &r->stores[cntr_stores_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_stores_1, 0); +@@ -1140,6 +1198,8 @@ static enum ndr_err_code ndr_push_dfs_Info100(struct ndr_push *ndr, int ndr_flag + static enum ndr_err_code ndr_pull_dfs_Info100(struct ndr_pull *ndr, int ndr_flags, struct dfs_Info100 *r) + { + uint32_t _ptr_comment; ++ uint32_t size_comment_1 = 0; ++ uint32_t length_comment_1 = 0; + TALLOC_CTX *_mem_save_comment_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -1156,11 +1216,13 @@ static enum ndr_err_code ndr_pull_dfs_Info100(struct ndr_pull *ndr, int ndr_flag + NDR_PULL_SET_MEM_CTX(ndr, r->comment, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->comment)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->comment)); +- if (ndr_get_array_length(ndr, &r->comment) > ndr_get_array_size(ndr, &r->comment)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->comment), ndr_get_array_length(ndr, &r->comment)); ++ size_comment_1 = ndr_get_array_size(ndr, &r->comment); ++ length_comment_1 = ndr_get_array_length(ndr, &r->comment); ++ if (length_comment_1 > size_comment_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_comment_1, length_comment_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_comment_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, length_comment_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_comment_0, 0); + } + } +@@ -1324,6 +1386,8 @@ static enum ndr_err_code ndr_push_dfs_Info105(struct ndr_push *ndr, int ndr_flag + static enum ndr_err_code ndr_pull_dfs_Info105(struct ndr_pull *ndr, int ndr_flags, struct dfs_Info105 *r) + { + uint32_t _ptr_comment; ++ uint32_t size_comment_1 = 0; ++ uint32_t length_comment_1 = 0; + TALLOC_CTX *_mem_save_comment_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -1344,11 +1408,13 @@ static enum ndr_err_code ndr_pull_dfs_Info105(struct ndr_pull *ndr, int ndr_flag + NDR_PULL_SET_MEM_CTX(ndr, r->comment, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->comment)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->comment)); +- if (ndr_get_array_length(ndr, &r->comment) > ndr_get_array_size(ndr, &r->comment)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->comment), ndr_get_array_length(ndr, &r->comment)); ++ size_comment_1 = ndr_get_array_size(ndr, &r->comment); ++ length_comment_1 = ndr_get_array_length(ndr, &r->comment); ++ if (length_comment_1 > size_comment_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_comment_1, length_comment_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_comment_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, length_comment_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_comment_0, 0); + } + } +@@ -1425,6 +1491,8 @@ static enum ndr_err_code ndr_push_dfs_Info200(struct ndr_push *ndr, int ndr_flag + static enum ndr_err_code ndr_pull_dfs_Info200(struct ndr_pull *ndr, int ndr_flags, struct dfs_Info200 *r) + { + uint32_t _ptr_dom_root; ++ uint32_t size_dom_root_1 = 0; ++ uint32_t length_dom_root_1 = 0; + TALLOC_CTX *_mem_save_dom_root_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -1441,11 +1509,13 @@ static enum ndr_err_code ndr_pull_dfs_Info200(struct ndr_pull *ndr, int ndr_flag + NDR_PULL_SET_MEM_CTX(ndr, r->dom_root, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->dom_root)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->dom_root)); +- if (ndr_get_array_length(ndr, &r->dom_root) > ndr_get_array_size(ndr, &r->dom_root)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->dom_root), ndr_get_array_length(ndr, &r->dom_root)); ++ size_dom_root_1 = ndr_get_array_size(ndr, &r->dom_root); ++ length_dom_root_1 = ndr_get_array_length(ndr, &r->dom_root); ++ if (length_dom_root_1 > size_dom_root_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dom_root_1, length_dom_root_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->dom_root), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->dom_root, ndr_get_array_length(ndr, &r->dom_root), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dom_root_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->dom_root, length_dom_root_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_dom_root_0, 0); + } + } +@@ -1511,6 +1581,8 @@ static enum ndr_err_code ndr_push_dfs_Info300(struct ndr_push *ndr, int ndr_flag + static enum ndr_err_code ndr_pull_dfs_Info300(struct ndr_pull *ndr, int ndr_flags, struct dfs_Info300 *r) + { + uint32_t _ptr_dom_root; ++ uint32_t size_dom_root_1 = 0; ++ uint32_t length_dom_root_1 = 0; + TALLOC_CTX *_mem_save_dom_root_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -1528,11 +1600,13 @@ static enum ndr_err_code ndr_pull_dfs_Info300(struct ndr_pull *ndr, int ndr_flag + NDR_PULL_SET_MEM_CTX(ndr, r->dom_root, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->dom_root)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->dom_root)); +- if (ndr_get_array_length(ndr, &r->dom_root) > ndr_get_array_size(ndr, &r->dom_root)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->dom_root), ndr_get_array_length(ndr, &r->dom_root)); ++ size_dom_root_1 = ndr_get_array_size(ndr, &r->dom_root); ++ length_dom_root_1 = ndr_get_array_length(ndr, &r->dom_root); ++ if (length_dom_root_1 > size_dom_root_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dom_root_1, length_dom_root_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->dom_root), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->dom_root, ndr_get_array_length(ndr, &r->dom_root), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dom_root_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->dom_root, length_dom_root_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_dom_root_0, 0); + } + } +@@ -1728,20 +1802,35 @@ static enum ndr_err_code ndr_pull_dfs_Info(struct ndr_pull *ndr, int ndr_flags, + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_info0_0; ++ uint32_t _ptr_info0; + TALLOC_CTX *_mem_save_info1_0; ++ uint32_t _ptr_info1; + TALLOC_CTX *_mem_save_info2_0; ++ uint32_t _ptr_info2; + TALLOC_CTX *_mem_save_info3_0; ++ uint32_t _ptr_info3; + TALLOC_CTX *_mem_save_info4_0; ++ uint32_t _ptr_info4; + TALLOC_CTX *_mem_save_info5_0; ++ uint32_t _ptr_info5; + TALLOC_CTX *_mem_save_info6_0; ++ uint32_t _ptr_info6; + TALLOC_CTX *_mem_save_info7_0; ++ uint32_t _ptr_info7; + TALLOC_CTX *_mem_save_info100_0; ++ uint32_t _ptr_info100; + TALLOC_CTX *_mem_save_info101_0; ++ uint32_t _ptr_info101; + TALLOC_CTX *_mem_save_info102_0; ++ uint32_t _ptr_info102; + TALLOC_CTX *_mem_save_info103_0; ++ uint32_t _ptr_info103; + TALLOC_CTX *_mem_save_info104_0; ++ uint32_t _ptr_info104; + TALLOC_CTX *_mem_save_info105_0; ++ uint32_t _ptr_info105; + TALLOC_CTX *_mem_save_info106_0; ++ uint32_t _ptr_info106; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -1750,7 +1839,6 @@ static enum ndr_err_code ndr_pull_dfs_Info(struct ndr_pull *ndr, int ndr_flags, + } + switch (level) { + case 0: { +- uint32_t _ptr_info0; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info0)); + if (_ptr_info0) { + NDR_PULL_ALLOC(ndr, r->info0); +@@ -1760,7 +1848,6 @@ static enum ndr_err_code ndr_pull_dfs_Info(struct ndr_pull *ndr, int ndr_flags, + break; } + + case 1: { +- uint32_t _ptr_info1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1)); + if (_ptr_info1) { + NDR_PULL_ALLOC(ndr, r->info1); +@@ -1770,7 +1857,6 @@ static enum ndr_err_code ndr_pull_dfs_Info(struct ndr_pull *ndr, int ndr_flags, + break; } + + case 2: { +- uint32_t _ptr_info2; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info2)); + if (_ptr_info2) { + NDR_PULL_ALLOC(ndr, r->info2); +@@ -1780,7 +1866,6 @@ static enum ndr_err_code ndr_pull_dfs_Info(struct ndr_pull *ndr, int ndr_flags, + break; } + + case 3: { +- uint32_t _ptr_info3; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info3)); + if (_ptr_info3) { + NDR_PULL_ALLOC(ndr, r->info3); +@@ -1790,7 +1875,6 @@ static enum ndr_err_code ndr_pull_dfs_Info(struct ndr_pull *ndr, int ndr_flags, + break; } + + case 4: { +- uint32_t _ptr_info4; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info4)); + if (_ptr_info4) { + NDR_PULL_ALLOC(ndr, r->info4); +@@ -1800,7 +1884,6 @@ static enum ndr_err_code ndr_pull_dfs_Info(struct ndr_pull *ndr, int ndr_flags, + break; } + + case 5: { +- uint32_t _ptr_info5; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info5)); + if (_ptr_info5) { + NDR_PULL_ALLOC(ndr, r->info5); +@@ -1810,7 +1893,6 @@ static enum ndr_err_code ndr_pull_dfs_Info(struct ndr_pull *ndr, int ndr_flags, + break; } + + case 6: { +- uint32_t _ptr_info6; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info6)); + if (_ptr_info6) { + NDR_PULL_ALLOC(ndr, r->info6); +@@ -1820,7 +1902,6 @@ static enum ndr_err_code ndr_pull_dfs_Info(struct ndr_pull *ndr, int ndr_flags, + break; } + + case 7: { +- uint32_t _ptr_info7; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info7)); + if (_ptr_info7) { + NDR_PULL_ALLOC(ndr, r->info7); +@@ -1830,7 +1911,6 @@ static enum ndr_err_code ndr_pull_dfs_Info(struct ndr_pull *ndr, int ndr_flags, + break; } + + case 100: { +- uint32_t _ptr_info100; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info100)); + if (_ptr_info100) { + NDR_PULL_ALLOC(ndr, r->info100); +@@ -1840,7 +1920,6 @@ static enum ndr_err_code ndr_pull_dfs_Info(struct ndr_pull *ndr, int ndr_flags, + break; } + + case 101: { +- uint32_t _ptr_info101; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info101)); + if (_ptr_info101) { + NDR_PULL_ALLOC(ndr, r->info101); +@@ -1850,7 +1929,6 @@ static enum ndr_err_code ndr_pull_dfs_Info(struct ndr_pull *ndr, int ndr_flags, + break; } + + case 102: { +- uint32_t _ptr_info102; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info102)); + if (_ptr_info102) { + NDR_PULL_ALLOC(ndr, r->info102); +@@ -1860,7 +1938,6 @@ static enum ndr_err_code ndr_pull_dfs_Info(struct ndr_pull *ndr, int ndr_flags, + break; } + + case 103: { +- uint32_t _ptr_info103; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info103)); + if (_ptr_info103) { + NDR_PULL_ALLOC(ndr, r->info103); +@@ -1870,7 +1947,6 @@ static enum ndr_err_code ndr_pull_dfs_Info(struct ndr_pull *ndr, int ndr_flags, + break; } + + case 104: { +- uint32_t _ptr_info104; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info104)); + if (_ptr_info104) { + NDR_PULL_ALLOC(ndr, r->info104); +@@ -1880,7 +1956,6 @@ static enum ndr_err_code ndr_pull_dfs_Info(struct ndr_pull *ndr, int ndr_flags, + break; } + + case 105: { +- uint32_t _ptr_info105; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info105)); + if (_ptr_info105) { + NDR_PULL_ALLOC(ndr, r->info105); +@@ -1890,7 +1965,6 @@ static enum ndr_err_code ndr_pull_dfs_Info(struct ndr_pull *ndr, int ndr_flags, + break; } + + case 106: { +- uint32_t _ptr_info106; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info106)); + if (_ptr_info106) { + NDR_PULL_ALLOC(ndr, r->info106); +@@ -2218,6 +2292,7 @@ static enum ndr_err_code ndr_push_dfs_EnumArray1(struct ndr_push *ndr, int ndr_f + static enum ndr_err_code ndr_pull_dfs_EnumArray1(struct ndr_pull *ndr, int ndr_flags, struct dfs_EnumArray1 *r) + { + uint32_t _ptr_s; ++ uint32_t size_s_1 = 0; + uint32_t cntr_s_1; + TALLOC_CTX *_mem_save_s_0; + TALLOC_CTX *_mem_save_s_1; +@@ -2236,13 +2311,14 @@ static enum ndr_err_code ndr_pull_dfs_EnumArray1(struct ndr_pull *ndr, int ndr_f + _mem_save_s_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->s, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->s)); +- NDR_PULL_ALLOC_N(ndr, r->s, ndr_get_array_size(ndr, &r->s)); ++ size_s_1 = ndr_get_array_size(ndr, &r->s); ++ NDR_PULL_ALLOC_N(ndr, r->s, size_s_1); + _mem_save_s_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->s, 0); +- for (cntr_s_1 = 0; cntr_s_1 < r->count; cntr_s_1++) { ++ for (cntr_s_1 = 0; cntr_s_1 < size_s_1; cntr_s_1++) { + NDR_CHECK(ndr_pull_dfs_Info1(ndr, NDR_SCALARS, &r->s[cntr_s_1])); + } +- for (cntr_s_1 = 0; cntr_s_1 < r->count; cntr_s_1++) { ++ for (cntr_s_1 = 0; cntr_s_1 < size_s_1; cntr_s_1++) { + NDR_CHECK(ndr_pull_dfs_Info1(ndr, NDR_BUFFERS, &r->s[cntr_s_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_s_1, 0); +@@ -2304,6 +2380,7 @@ static enum ndr_err_code ndr_push_dfs_EnumArray2(struct ndr_push *ndr, int ndr_f + static enum ndr_err_code ndr_pull_dfs_EnumArray2(struct ndr_pull *ndr, int ndr_flags, struct dfs_EnumArray2 *r) + { + uint32_t _ptr_s; ++ uint32_t size_s_1 = 0; + uint32_t cntr_s_1; + TALLOC_CTX *_mem_save_s_0; + TALLOC_CTX *_mem_save_s_1; +@@ -2322,13 +2399,14 @@ static enum ndr_err_code ndr_pull_dfs_EnumArray2(struct ndr_pull *ndr, int ndr_f + _mem_save_s_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->s, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->s)); +- NDR_PULL_ALLOC_N(ndr, r->s, ndr_get_array_size(ndr, &r->s)); ++ size_s_1 = ndr_get_array_size(ndr, &r->s); ++ NDR_PULL_ALLOC_N(ndr, r->s, size_s_1); + _mem_save_s_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->s, 0); +- for (cntr_s_1 = 0; cntr_s_1 < r->count; cntr_s_1++) { ++ for (cntr_s_1 = 0; cntr_s_1 < size_s_1; cntr_s_1++) { + NDR_CHECK(ndr_pull_dfs_Info2(ndr, NDR_SCALARS, &r->s[cntr_s_1])); + } +- for (cntr_s_1 = 0; cntr_s_1 < r->count; cntr_s_1++) { ++ for (cntr_s_1 = 0; cntr_s_1 < size_s_1; cntr_s_1++) { + NDR_CHECK(ndr_pull_dfs_Info2(ndr, NDR_BUFFERS, &r->s[cntr_s_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_s_1, 0); +@@ -2390,6 +2468,7 @@ static enum ndr_err_code ndr_push_dfs_EnumArray3(struct ndr_push *ndr, int ndr_f + static enum ndr_err_code ndr_pull_dfs_EnumArray3(struct ndr_pull *ndr, int ndr_flags, struct dfs_EnumArray3 *r) + { + uint32_t _ptr_s; ++ uint32_t size_s_1 = 0; + uint32_t cntr_s_1; + TALLOC_CTX *_mem_save_s_0; + TALLOC_CTX *_mem_save_s_1; +@@ -2408,13 +2487,14 @@ static enum ndr_err_code ndr_pull_dfs_EnumArray3(struct ndr_pull *ndr, int ndr_f + _mem_save_s_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->s, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->s)); +- NDR_PULL_ALLOC_N(ndr, r->s, ndr_get_array_size(ndr, &r->s)); ++ size_s_1 = ndr_get_array_size(ndr, &r->s); ++ NDR_PULL_ALLOC_N(ndr, r->s, size_s_1); + _mem_save_s_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->s, 0); +- for (cntr_s_1 = 0; cntr_s_1 < r->count; cntr_s_1++) { ++ for (cntr_s_1 = 0; cntr_s_1 < size_s_1; cntr_s_1++) { + NDR_CHECK(ndr_pull_dfs_Info3(ndr, NDR_SCALARS, &r->s[cntr_s_1])); + } +- for (cntr_s_1 = 0; cntr_s_1 < r->count; cntr_s_1++) { ++ for (cntr_s_1 = 0; cntr_s_1 < size_s_1; cntr_s_1++) { + NDR_CHECK(ndr_pull_dfs_Info3(ndr, NDR_BUFFERS, &r->s[cntr_s_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_s_1, 0); +@@ -2476,6 +2556,7 @@ static enum ndr_err_code ndr_push_dfs_EnumArray4(struct ndr_push *ndr, int ndr_f + static enum ndr_err_code ndr_pull_dfs_EnumArray4(struct ndr_pull *ndr, int ndr_flags, struct dfs_EnumArray4 *r) + { + uint32_t _ptr_s; ++ uint32_t size_s_1 = 0; + uint32_t cntr_s_1; + TALLOC_CTX *_mem_save_s_0; + TALLOC_CTX *_mem_save_s_1; +@@ -2494,13 +2575,14 @@ static enum ndr_err_code ndr_pull_dfs_EnumArray4(struct ndr_pull *ndr, int ndr_f + _mem_save_s_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->s, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->s)); +- NDR_PULL_ALLOC_N(ndr, r->s, ndr_get_array_size(ndr, &r->s)); ++ size_s_1 = ndr_get_array_size(ndr, &r->s); ++ NDR_PULL_ALLOC_N(ndr, r->s, size_s_1); + _mem_save_s_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->s, 0); +- for (cntr_s_1 = 0; cntr_s_1 < r->count; cntr_s_1++) { ++ for (cntr_s_1 = 0; cntr_s_1 < size_s_1; cntr_s_1++) { + NDR_CHECK(ndr_pull_dfs_Info4(ndr, NDR_SCALARS, &r->s[cntr_s_1])); + } +- for (cntr_s_1 = 0; cntr_s_1 < r->count; cntr_s_1++) { ++ for (cntr_s_1 = 0; cntr_s_1 < size_s_1; cntr_s_1++) { + NDR_CHECK(ndr_pull_dfs_Info4(ndr, NDR_BUFFERS, &r->s[cntr_s_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_s_1, 0); +@@ -2562,6 +2644,7 @@ static enum ndr_err_code ndr_push_dfs_EnumArray5(struct ndr_push *ndr, int ndr_f + static enum ndr_err_code ndr_pull_dfs_EnumArray5(struct ndr_pull *ndr, int ndr_flags, struct dfs_EnumArray5 *r) + { + uint32_t _ptr_s; ++ uint32_t size_s_1 = 0; + uint32_t cntr_s_1; + TALLOC_CTX *_mem_save_s_0; + TALLOC_CTX *_mem_save_s_1; +@@ -2580,13 +2663,14 @@ static enum ndr_err_code ndr_pull_dfs_EnumArray5(struct ndr_pull *ndr, int ndr_f + _mem_save_s_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->s, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->s)); +- NDR_PULL_ALLOC_N(ndr, r->s, ndr_get_array_size(ndr, &r->s)); ++ size_s_1 = ndr_get_array_size(ndr, &r->s); ++ NDR_PULL_ALLOC_N(ndr, r->s, size_s_1); + _mem_save_s_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->s, 0); +- for (cntr_s_1 = 0; cntr_s_1 < r->count; cntr_s_1++) { ++ for (cntr_s_1 = 0; cntr_s_1 < size_s_1; cntr_s_1++) { + NDR_CHECK(ndr_pull_dfs_Info5(ndr, NDR_SCALARS, &r->s[cntr_s_1])); + } +- for (cntr_s_1 = 0; cntr_s_1 < r->count; cntr_s_1++) { ++ for (cntr_s_1 = 0; cntr_s_1 < size_s_1; cntr_s_1++) { + NDR_CHECK(ndr_pull_dfs_Info5(ndr, NDR_BUFFERS, &r->s[cntr_s_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_s_1, 0); +@@ -2648,6 +2732,7 @@ static enum ndr_err_code ndr_push_dfs_EnumArray6(struct ndr_push *ndr, int ndr_f + static enum ndr_err_code ndr_pull_dfs_EnumArray6(struct ndr_pull *ndr, int ndr_flags, struct dfs_EnumArray6 *r) + { + uint32_t _ptr_s; ++ uint32_t size_s_1 = 0; + uint32_t cntr_s_1; + TALLOC_CTX *_mem_save_s_0; + TALLOC_CTX *_mem_save_s_1; +@@ -2666,13 +2751,14 @@ static enum ndr_err_code ndr_pull_dfs_EnumArray6(struct ndr_pull *ndr, int ndr_f + _mem_save_s_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->s, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->s)); +- NDR_PULL_ALLOC_N(ndr, r->s, ndr_get_array_size(ndr, &r->s)); ++ size_s_1 = ndr_get_array_size(ndr, &r->s); ++ NDR_PULL_ALLOC_N(ndr, r->s, size_s_1); + _mem_save_s_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->s, 0); +- for (cntr_s_1 = 0; cntr_s_1 < r->count; cntr_s_1++) { ++ for (cntr_s_1 = 0; cntr_s_1 < size_s_1; cntr_s_1++) { + NDR_CHECK(ndr_pull_dfs_Info6(ndr, NDR_SCALARS, &r->s[cntr_s_1])); + } +- for (cntr_s_1 = 0; cntr_s_1 < r->count; cntr_s_1++) { ++ for (cntr_s_1 = 0; cntr_s_1 < size_s_1; cntr_s_1++) { + NDR_CHECK(ndr_pull_dfs_Info6(ndr, NDR_BUFFERS, &r->s[cntr_s_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_s_1, 0); +@@ -2734,6 +2820,7 @@ static enum ndr_err_code ndr_push_dfs_EnumArray200(struct ndr_push *ndr, int ndr + static enum ndr_err_code ndr_pull_dfs_EnumArray200(struct ndr_pull *ndr, int ndr_flags, struct dfs_EnumArray200 *r) + { + uint32_t _ptr_s; ++ uint32_t size_s_1 = 0; + uint32_t cntr_s_1; + TALLOC_CTX *_mem_save_s_0; + TALLOC_CTX *_mem_save_s_1; +@@ -2752,13 +2839,14 @@ static enum ndr_err_code ndr_pull_dfs_EnumArray200(struct ndr_pull *ndr, int ndr + _mem_save_s_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->s, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->s)); +- NDR_PULL_ALLOC_N(ndr, r->s, ndr_get_array_size(ndr, &r->s)); ++ size_s_1 = ndr_get_array_size(ndr, &r->s); ++ NDR_PULL_ALLOC_N(ndr, r->s, size_s_1); + _mem_save_s_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->s, 0); +- for (cntr_s_1 = 0; cntr_s_1 < r->count; cntr_s_1++) { ++ for (cntr_s_1 = 0; cntr_s_1 < size_s_1; cntr_s_1++) { + NDR_CHECK(ndr_pull_dfs_Info200(ndr, NDR_SCALARS, &r->s[cntr_s_1])); + } +- for (cntr_s_1 = 0; cntr_s_1 < r->count; cntr_s_1++) { ++ for (cntr_s_1 = 0; cntr_s_1 < size_s_1; cntr_s_1++) { + NDR_CHECK(ndr_pull_dfs_Info200(ndr, NDR_BUFFERS, &r->s[cntr_s_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_s_1, 0); +@@ -2820,6 +2908,7 @@ static enum ndr_err_code ndr_push_dfs_EnumArray300(struct ndr_push *ndr, int ndr + static enum ndr_err_code ndr_pull_dfs_EnumArray300(struct ndr_pull *ndr, int ndr_flags, struct dfs_EnumArray300 *r) + { + uint32_t _ptr_s; ++ uint32_t size_s_1 = 0; + uint32_t cntr_s_1; + TALLOC_CTX *_mem_save_s_0; + TALLOC_CTX *_mem_save_s_1; +@@ -2838,13 +2927,14 @@ static enum ndr_err_code ndr_pull_dfs_EnumArray300(struct ndr_pull *ndr, int ndr + _mem_save_s_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->s, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->s)); +- NDR_PULL_ALLOC_N(ndr, r->s, ndr_get_array_size(ndr, &r->s)); ++ size_s_1 = ndr_get_array_size(ndr, &r->s); ++ NDR_PULL_ALLOC_N(ndr, r->s, size_s_1); + _mem_save_s_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->s, 0); +- for (cntr_s_1 = 0; cntr_s_1 < r->count; cntr_s_1++) { ++ for (cntr_s_1 = 0; cntr_s_1 < size_s_1; cntr_s_1++) { + NDR_CHECK(ndr_pull_dfs_Info300(ndr, NDR_SCALARS, &r->s[cntr_s_1])); + } +- for (cntr_s_1 = 0; cntr_s_1 < r->count; cntr_s_1++) { ++ for (cntr_s_1 = 0; cntr_s_1 < size_s_1; cntr_s_1++) { + NDR_CHECK(ndr_pull_dfs_Info300(ndr, NDR_BUFFERS, &r->s[cntr_s_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_s_1, 0); +@@ -2986,13 +3076,21 @@ static enum ndr_err_code ndr_pull_dfs_EnumInfo(struct ndr_pull *ndr, int ndr_fla + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_info1_0; ++ uint32_t _ptr_info1; + TALLOC_CTX *_mem_save_info2_0; ++ uint32_t _ptr_info2; + TALLOC_CTX *_mem_save_info3_0; ++ uint32_t _ptr_info3; + TALLOC_CTX *_mem_save_info4_0; ++ uint32_t _ptr_info4; + TALLOC_CTX *_mem_save_info5_0; ++ uint32_t _ptr_info5; + TALLOC_CTX *_mem_save_info6_0; ++ uint32_t _ptr_info6; + TALLOC_CTX *_mem_save_info200_0; ++ uint32_t _ptr_info200; + TALLOC_CTX *_mem_save_info300_0; ++ uint32_t _ptr_info300; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -3001,7 +3099,6 @@ static enum ndr_err_code ndr_pull_dfs_EnumInfo(struct ndr_pull *ndr, int ndr_fla + } + switch (level) { + case 1: { +- uint32_t _ptr_info1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1)); + if (_ptr_info1) { + NDR_PULL_ALLOC(ndr, r->info1); +@@ -3011,7 +3108,6 @@ static enum ndr_err_code ndr_pull_dfs_EnumInfo(struct ndr_pull *ndr, int ndr_fla + break; } + + case 2: { +- uint32_t _ptr_info2; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info2)); + if (_ptr_info2) { + NDR_PULL_ALLOC(ndr, r->info2); +@@ -3021,7 +3117,6 @@ static enum ndr_err_code ndr_pull_dfs_EnumInfo(struct ndr_pull *ndr, int ndr_fla + break; } + + case 3: { +- uint32_t _ptr_info3; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info3)); + if (_ptr_info3) { + NDR_PULL_ALLOC(ndr, r->info3); +@@ -3031,7 +3126,6 @@ static enum ndr_err_code ndr_pull_dfs_EnumInfo(struct ndr_pull *ndr, int ndr_fla + break; } + + case 4: { +- uint32_t _ptr_info4; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info4)); + if (_ptr_info4) { + NDR_PULL_ALLOC(ndr, r->info4); +@@ -3041,7 +3135,6 @@ static enum ndr_err_code ndr_pull_dfs_EnumInfo(struct ndr_pull *ndr, int ndr_fla + break; } + + case 5: { +- uint32_t _ptr_info5; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info5)); + if (_ptr_info5) { + NDR_PULL_ALLOC(ndr, r->info5); +@@ -3051,7 +3144,6 @@ static enum ndr_err_code ndr_pull_dfs_EnumInfo(struct ndr_pull *ndr, int ndr_fla + break; } + + case 6: { +- uint32_t _ptr_info6; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info6)); + if (_ptr_info6) { + NDR_PULL_ALLOC(ndr, r->info6); +@@ -3061,7 +3153,6 @@ static enum ndr_err_code ndr_pull_dfs_EnumInfo(struct ndr_pull *ndr, int ndr_fla + break; } + + case 200: { +- uint32_t _ptr_info200; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info200)); + if (_ptr_info200) { + NDR_PULL_ALLOC(ndr, r->info200); +@@ -3071,7 +3162,6 @@ static enum ndr_err_code ndr_pull_dfs_EnumInfo(struct ndr_pull *ndr, int ndr_fla + break; } + + case 300: { +- uint32_t _ptr_info300; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info300)); + if (_ptr_info300) { + NDR_PULL_ALLOC(ndr, r->info300); +@@ -3307,6 +3397,8 @@ static enum ndr_err_code ndr_push_dfs_UnknownStruct(struct ndr_push *ndr, int nd + static enum ndr_err_code ndr_pull_dfs_UnknownStruct(struct ndr_pull *ndr, int ndr_flags, struct dfs_UnknownStruct *r) + { + uint32_t _ptr_unknown2; ++ uint32_t size_unknown2_1 = 0; ++ uint32_t length_unknown2_1 = 0; + TALLOC_CTX *_mem_save_unknown2_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -3324,11 +3416,13 @@ static enum ndr_err_code ndr_pull_dfs_UnknownStruct(struct ndr_pull *ndr, int nd + NDR_PULL_SET_MEM_CTX(ndr, r->unknown2, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->unknown2)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->unknown2)); +- if (ndr_get_array_length(ndr, &r->unknown2) > ndr_get_array_size(ndr, &r->unknown2)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->unknown2), ndr_get_array_length(ndr, &r->unknown2)); ++ size_unknown2_1 = ndr_get_array_size(ndr, &r->unknown2); ++ length_unknown2_1 = ndr_get_array_length(ndr, &r->unknown2); ++ if (length_unknown2_1 > size_unknown2_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_unknown2_1, length_unknown2_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->unknown2), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->unknown2, ndr_get_array_length(ndr, &r->unknown2), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_unknown2_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->unknown2, length_unknown2_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_unknown2_0, 0); + } + } +@@ -3448,25 +3542,37 @@ static enum ndr_err_code ndr_push_dfs_Add(struct ndr_push *ndr, int flags, const + + static enum ndr_err_code ndr_pull_dfs_Add(struct ndr_pull *ndr, int flags, struct dfs_Add *r) + { ++ uint32_t size_path_1 = 0; ++ uint32_t length_path_1 = 0; ++ uint32_t size_server_1 = 0; ++ uint32_t length_server_1 = 0; + uint32_t _ptr_share; ++ uint32_t size_share_1 = 0; ++ uint32_t length_share_1 = 0; + uint32_t _ptr_comment; ++ uint32_t size_comment_1 = 0; ++ uint32_t length_comment_1 = 0; + TALLOC_CTX *_mem_save_share_0; + TALLOC_CTX *_mem_save_comment_0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.path)); +- if (ndr_get_array_length(ndr, &r->in.path) > ndr_get_array_size(ndr, &r->in.path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.path), ndr_get_array_length(ndr, &r->in.path)); ++ size_path_1 = ndr_get_array_size(ndr, &r->in.path); ++ length_path_1 = ndr_get_array_length(ndr, &r->in.path); ++ if (length_path_1 > size_path_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_path_1, length_path_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.path, ndr_get_array_length(ndr, &r->in.path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_path_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.path, length_path_1, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server)); +- if (ndr_get_array_length(ndr, &r->in.server) > ndr_get_array_size(ndr, &r->in.server)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server), ndr_get_array_length(ndr, &r->in.server)); ++ size_server_1 = ndr_get_array_size(ndr, &r->in.server); ++ length_server_1 = ndr_get_array_length(ndr, &r->in.server); ++ if (length_server_1 > size_server_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_1, length_server_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server, ndr_get_array_length(ndr, &r->in.server), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server, length_server_1, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_share)); + if (_ptr_share) { + NDR_PULL_ALLOC(ndr, r->in.share); +@@ -3478,11 +3584,13 @@ static enum ndr_err_code ndr_pull_dfs_Add(struct ndr_pull *ndr, int flags, struc + NDR_PULL_SET_MEM_CTX(ndr, r->in.share, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.share)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.share)); +- if (ndr_get_array_length(ndr, &r->in.share) > ndr_get_array_size(ndr, &r->in.share)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.share), ndr_get_array_length(ndr, &r->in.share)); ++ size_share_1 = ndr_get_array_size(ndr, &r->in.share); ++ length_share_1 = ndr_get_array_length(ndr, &r->in.share); ++ if (length_share_1 > size_share_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_share_1, length_share_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.share), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.share, ndr_get_array_length(ndr, &r->in.share), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_share_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.share, length_share_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_share_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_comment)); +@@ -3496,11 +3604,13 @@ static enum ndr_err_code ndr_pull_dfs_Add(struct ndr_pull *ndr, int flags, struc + NDR_PULL_SET_MEM_CTX(ndr, r->in.comment, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.comment)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.comment)); +- if (ndr_get_array_length(ndr, &r->in.comment) > ndr_get_array_size(ndr, &r->in.comment)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.comment), ndr_get_array_length(ndr, &r->in.comment)); ++ size_comment_1 = ndr_get_array_size(ndr, &r->in.comment); ++ length_comment_1 = ndr_get_array_length(ndr, &r->in.comment); ++ if (length_comment_1 > size_comment_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_comment_1, length_comment_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.comment), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.comment, ndr_get_array_length(ndr, &r->in.comment), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_comment_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.comment, length_comment_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_comment_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.flags)); +@@ -3586,18 +3696,26 @@ static enum ndr_err_code ndr_push_dfs_Remove(struct ndr_push *ndr, int flags, co + + static enum ndr_err_code ndr_pull_dfs_Remove(struct ndr_pull *ndr, int flags, struct dfs_Remove *r) + { ++ uint32_t size_dfs_entry_path_1 = 0; ++ uint32_t length_dfs_entry_path_1 = 0; + uint32_t _ptr_servername; ++ uint32_t size_servername_1 = 0; ++ uint32_t length_servername_1 = 0; + uint32_t _ptr_sharename; ++ uint32_t size_sharename_1 = 0; ++ uint32_t length_sharename_1 = 0; + TALLOC_CTX *_mem_save_servername_0; + TALLOC_CTX *_mem_save_sharename_0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.dfs_entry_path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.dfs_entry_path)); +- if (ndr_get_array_length(ndr, &r->in.dfs_entry_path) > ndr_get_array_size(ndr, &r->in.dfs_entry_path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.dfs_entry_path), ndr_get_array_length(ndr, &r->in.dfs_entry_path)); ++ size_dfs_entry_path_1 = ndr_get_array_size(ndr, &r->in.dfs_entry_path); ++ length_dfs_entry_path_1 = ndr_get_array_length(ndr, &r->in.dfs_entry_path); ++ if (length_dfs_entry_path_1 > size_dfs_entry_path_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dfs_entry_path_1, length_dfs_entry_path_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.dfs_entry_path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dfs_entry_path, ndr_get_array_length(ndr, &r->in.dfs_entry_path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dfs_entry_path_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dfs_entry_path, length_dfs_entry_path_1, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_servername)); + if (_ptr_servername) { + NDR_PULL_ALLOC(ndr, r->in.servername); +@@ -3609,11 +3727,13 @@ static enum ndr_err_code ndr_pull_dfs_Remove(struct ndr_pull *ndr, int flags, st + NDR_PULL_SET_MEM_CTX(ndr, r->in.servername, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.servername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.servername)); +- if (ndr_get_array_length(ndr, &r->in.servername) > ndr_get_array_size(ndr, &r->in.servername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.servername), ndr_get_array_length(ndr, &r->in.servername)); ++ size_servername_1 = ndr_get_array_size(ndr, &r->in.servername); ++ length_servername_1 = ndr_get_array_length(ndr, &r->in.servername); ++ if (length_servername_1 > size_servername_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_servername_1, length_servername_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_servername_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, length_servername_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_servername_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sharename)); +@@ -3627,11 +3747,13 @@ static enum ndr_err_code ndr_pull_dfs_Remove(struct ndr_pull *ndr, int flags, st + NDR_PULL_SET_MEM_CTX(ndr, r->in.sharename, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.sharename)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.sharename)); +- if (ndr_get_array_length(ndr, &r->in.sharename) > ndr_get_array_size(ndr, &r->in.sharename)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.sharename), ndr_get_array_length(ndr, &r->in.sharename)); ++ size_sharename_1 = ndr_get_array_size(ndr, &r->in.sharename); ++ length_sharename_1 = ndr_get_array_length(ndr, &r->in.sharename); ++ if (length_sharename_1 > size_sharename_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_sharename_1, length_sharename_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.sharename), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.sharename, ndr_get_array_length(ndr, &r->in.sharename), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_sharename_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.sharename, length_sharename_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sharename_0, 0); + } + } +@@ -3714,19 +3836,27 @@ static enum ndr_err_code ndr_push_dfs_SetInfo(struct ndr_push *ndr, int flags, c + + static enum ndr_err_code ndr_pull_dfs_SetInfo(struct ndr_pull *ndr, int flags, struct dfs_SetInfo *r) + { ++ uint32_t size_dfs_entry_path_0 = 0; ++ uint32_t length_dfs_entry_path_0 = 0; + uint32_t _ptr_servername; ++ uint32_t size_servername_1 = 0; ++ uint32_t length_servername_1 = 0; + uint32_t _ptr_sharename; ++ uint32_t size_sharename_1 = 0; ++ uint32_t length_sharename_1 = 0; + TALLOC_CTX *_mem_save_servername_0; + TALLOC_CTX *_mem_save_sharename_0; + TALLOC_CTX *_mem_save_info_0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.dfs_entry_path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.dfs_entry_path)); +- if (ndr_get_array_length(ndr, &r->in.dfs_entry_path) > ndr_get_array_size(ndr, &r->in.dfs_entry_path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.dfs_entry_path), ndr_get_array_length(ndr, &r->in.dfs_entry_path)); ++ size_dfs_entry_path_0 = ndr_get_array_size(ndr, &r->in.dfs_entry_path); ++ length_dfs_entry_path_0 = ndr_get_array_length(ndr, &r->in.dfs_entry_path); ++ if (length_dfs_entry_path_0 > size_dfs_entry_path_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dfs_entry_path_0, length_dfs_entry_path_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.dfs_entry_path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dfs_entry_path, ndr_get_array_length(ndr, &r->in.dfs_entry_path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dfs_entry_path_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dfs_entry_path, length_dfs_entry_path_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_servername)); + if (_ptr_servername) { + NDR_PULL_ALLOC(ndr, r->in.servername); +@@ -3738,11 +3868,13 @@ static enum ndr_err_code ndr_pull_dfs_SetInfo(struct ndr_pull *ndr, int flags, s + NDR_PULL_SET_MEM_CTX(ndr, r->in.servername, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.servername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.servername)); +- if (ndr_get_array_length(ndr, &r->in.servername) > ndr_get_array_size(ndr, &r->in.servername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.servername), ndr_get_array_length(ndr, &r->in.servername)); ++ size_servername_1 = ndr_get_array_size(ndr, &r->in.servername); ++ length_servername_1 = ndr_get_array_length(ndr, &r->in.servername); ++ if (length_servername_1 > size_servername_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_servername_1, length_servername_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_servername_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, length_servername_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_servername_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sharename)); +@@ -3756,11 +3888,13 @@ static enum ndr_err_code ndr_pull_dfs_SetInfo(struct ndr_pull *ndr, int flags, s + NDR_PULL_SET_MEM_CTX(ndr, r->in.sharename, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.sharename)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.sharename)); +- if (ndr_get_array_length(ndr, &r->in.sharename) > ndr_get_array_size(ndr, &r->in.sharename)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.sharename), ndr_get_array_length(ndr, &r->in.sharename)); ++ size_sharename_1 = ndr_get_array_size(ndr, &r->in.sharename); ++ length_sharename_1 = ndr_get_array_length(ndr, &r->in.sharename); ++ if (length_sharename_1 > size_sharename_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_sharename_1, length_sharename_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.sharename), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.sharename, ndr_get_array_length(ndr, &r->in.sharename), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_sharename_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.sharename, length_sharename_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sharename_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); +@@ -3855,8 +3989,14 @@ static enum ndr_err_code ndr_push_dfs_GetInfo(struct ndr_push *ndr, int flags, c + + static enum ndr_err_code ndr_pull_dfs_GetInfo(struct ndr_pull *ndr, int flags, struct dfs_GetInfo *r) + { ++ uint32_t size_dfs_entry_path_0 = 0; ++ uint32_t length_dfs_entry_path_0 = 0; + uint32_t _ptr_servername; ++ uint32_t size_servername_1 = 0; ++ uint32_t length_servername_1 = 0; + uint32_t _ptr_sharename; ++ uint32_t size_sharename_1 = 0; ++ uint32_t length_sharename_1 = 0; + TALLOC_CTX *_mem_save_servername_0; + TALLOC_CTX *_mem_save_sharename_0; + TALLOC_CTX *_mem_save_info_0; +@@ -3865,11 +4005,13 @@ static enum ndr_err_code ndr_pull_dfs_GetInfo(struct ndr_pull *ndr, int flags, s + + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.dfs_entry_path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.dfs_entry_path)); +- if (ndr_get_array_length(ndr, &r->in.dfs_entry_path) > ndr_get_array_size(ndr, &r->in.dfs_entry_path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.dfs_entry_path), ndr_get_array_length(ndr, &r->in.dfs_entry_path)); ++ size_dfs_entry_path_0 = ndr_get_array_size(ndr, &r->in.dfs_entry_path); ++ length_dfs_entry_path_0 = ndr_get_array_length(ndr, &r->in.dfs_entry_path); ++ if (length_dfs_entry_path_0 > size_dfs_entry_path_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dfs_entry_path_0, length_dfs_entry_path_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.dfs_entry_path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dfs_entry_path, ndr_get_array_length(ndr, &r->in.dfs_entry_path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dfs_entry_path_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dfs_entry_path, length_dfs_entry_path_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_servername)); + if (_ptr_servername) { + NDR_PULL_ALLOC(ndr, r->in.servername); +@@ -3881,11 +4023,13 @@ static enum ndr_err_code ndr_pull_dfs_GetInfo(struct ndr_pull *ndr, int flags, s + NDR_PULL_SET_MEM_CTX(ndr, r->in.servername, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.servername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.servername)); +- if (ndr_get_array_length(ndr, &r->in.servername) > ndr_get_array_size(ndr, &r->in.servername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.servername), ndr_get_array_length(ndr, &r->in.servername)); ++ size_servername_1 = ndr_get_array_size(ndr, &r->in.servername); ++ length_servername_1 = ndr_get_array_length(ndr, &r->in.servername); ++ if (length_servername_1 > size_servername_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_servername_1, length_servername_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_servername_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, length_servername_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_servername_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sharename)); +@@ -3899,11 +4043,13 @@ static enum ndr_err_code ndr_pull_dfs_GetInfo(struct ndr_pull *ndr, int flags, s + NDR_PULL_SET_MEM_CTX(ndr, r->in.sharename, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.sharename)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.sharename)); +- if (ndr_get_array_length(ndr, &r->in.sharename) > ndr_get_array_size(ndr, &r->in.sharename)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.sharename), ndr_get_array_length(ndr, &r->in.sharename)); ++ size_sharename_1 = ndr_get_array_size(ndr, &r->in.sharename); ++ length_sharename_1 = ndr_get_array_length(ndr, &r->in.sharename); ++ if (length_sharename_1 > size_sharename_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_sharename_1, length_sharename_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.sharename), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.sharename, ndr_get_array_length(ndr, &r->in.sharename), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_sharename_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.sharename, length_sharename_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sharename_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); +@@ -4321,6 +4467,18 @@ static enum ndr_err_code ndr_push_dfs_AddFtRoot(struct ndr_push *ndr, int flags, + + static enum ndr_err_code ndr_pull_dfs_AddFtRoot(struct ndr_pull *ndr, int flags, struct dfs_AddFtRoot *r) + { ++ uint32_t size_servername_0 = 0; ++ uint32_t length_servername_0 = 0; ++ uint32_t size_dns_servername_0 = 0; ++ uint32_t length_dns_servername_0 = 0; ++ uint32_t size_dfsname_0 = 0; ++ uint32_t length_dfsname_0 = 0; ++ uint32_t size_rootshare_0 = 0; ++ uint32_t length_rootshare_0 = 0; ++ uint32_t size_comment_0 = 0; ++ uint32_t length_comment_0 = 0; ++ uint32_t size_dfs_config_dn_0 = 0; ++ uint32_t length_dfs_config_dn_0 = 0; + uint32_t _ptr_unknown2; + TALLOC_CTX *_mem_save_unknown2_0; + TALLOC_CTX *_mem_save_unknown2_1; +@@ -4329,46 +4487,58 @@ static enum ndr_err_code ndr_pull_dfs_AddFtRoot(struct ndr_pull *ndr, int flags, + + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.servername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.servername)); +- if (ndr_get_array_length(ndr, &r->in.servername) > ndr_get_array_size(ndr, &r->in.servername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.servername), ndr_get_array_length(ndr, &r->in.servername)); ++ size_servername_0 = ndr_get_array_size(ndr, &r->in.servername); ++ length_servername_0 = ndr_get_array_length(ndr, &r->in.servername); ++ if (length_servername_0 > size_servername_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_servername_0, length_servername_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_servername_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, length_servername_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.dns_servername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.dns_servername)); +- if (ndr_get_array_length(ndr, &r->in.dns_servername) > ndr_get_array_size(ndr, &r->in.dns_servername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.dns_servername), ndr_get_array_length(ndr, &r->in.dns_servername)); ++ size_dns_servername_0 = ndr_get_array_size(ndr, &r->in.dns_servername); ++ length_dns_servername_0 = ndr_get_array_length(ndr, &r->in.dns_servername); ++ if (length_dns_servername_0 > size_dns_servername_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dns_servername_0, length_dns_servername_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.dns_servername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dns_servername, ndr_get_array_length(ndr, &r->in.dns_servername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dns_servername_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dns_servername, length_dns_servername_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.dfsname)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.dfsname)); +- if (ndr_get_array_length(ndr, &r->in.dfsname) > ndr_get_array_size(ndr, &r->in.dfsname)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.dfsname), ndr_get_array_length(ndr, &r->in.dfsname)); ++ size_dfsname_0 = ndr_get_array_size(ndr, &r->in.dfsname); ++ length_dfsname_0 = ndr_get_array_length(ndr, &r->in.dfsname); ++ if (length_dfsname_0 > size_dfsname_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dfsname_0, length_dfsname_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.dfsname), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dfsname, ndr_get_array_length(ndr, &r->in.dfsname), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dfsname_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dfsname, length_dfsname_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.rootshare)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.rootshare)); +- if (ndr_get_array_length(ndr, &r->in.rootshare) > ndr_get_array_size(ndr, &r->in.rootshare)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.rootshare), ndr_get_array_length(ndr, &r->in.rootshare)); ++ size_rootshare_0 = ndr_get_array_size(ndr, &r->in.rootshare); ++ length_rootshare_0 = ndr_get_array_length(ndr, &r->in.rootshare); ++ if (length_rootshare_0 > size_rootshare_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_rootshare_0, length_rootshare_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.rootshare), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.rootshare, ndr_get_array_length(ndr, &r->in.rootshare), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_rootshare_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.rootshare, length_rootshare_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.comment)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.comment)); +- if (ndr_get_array_length(ndr, &r->in.comment) > ndr_get_array_size(ndr, &r->in.comment)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.comment), ndr_get_array_length(ndr, &r->in.comment)); ++ size_comment_0 = ndr_get_array_size(ndr, &r->in.comment); ++ length_comment_0 = ndr_get_array_length(ndr, &r->in.comment); ++ if (length_comment_0 > size_comment_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_comment_0, length_comment_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.comment), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.comment, ndr_get_array_length(ndr, &r->in.comment), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_comment_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.comment, length_comment_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.dfs_config_dn)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.dfs_config_dn)); +- if (ndr_get_array_length(ndr, &r->in.dfs_config_dn) > ndr_get_array_size(ndr, &r->in.dfs_config_dn)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.dfs_config_dn), ndr_get_array_length(ndr, &r->in.dfs_config_dn)); ++ size_dfs_config_dn_0 = ndr_get_array_size(ndr, &r->in.dfs_config_dn); ++ length_dfs_config_dn_0 = ndr_get_array_length(ndr, &r->in.dfs_config_dn); ++ if (length_dfs_config_dn_0 > size_dfs_config_dn_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dfs_config_dn_0, length_dfs_config_dn_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.dfs_config_dn), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dfs_config_dn, ndr_get_array_length(ndr, &r->in.dfs_config_dn), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dfs_config_dn_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dfs_config_dn, length_dfs_config_dn_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint8(ndr, NDR_SCALARS, &r->in.unknown1)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.flags)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_unknown2)); +@@ -4518,6 +4688,14 @@ static enum ndr_err_code ndr_push_dfs_RemoveFtRoot(struct ndr_push *ndr, int fla + + static enum ndr_err_code ndr_pull_dfs_RemoveFtRoot(struct ndr_pull *ndr, int flags, struct dfs_RemoveFtRoot *r) + { ++ uint32_t size_servername_0 = 0; ++ uint32_t length_servername_0 = 0; ++ uint32_t size_dns_servername_0 = 0; ++ uint32_t length_dns_servername_0 = 0; ++ uint32_t size_dfsname_0 = 0; ++ uint32_t length_dfsname_0 = 0; ++ uint32_t size_rootshare_0 = 0; ++ uint32_t length_rootshare_0 = 0; + uint32_t _ptr_unknown; + TALLOC_CTX *_mem_save_unknown_0; + TALLOC_CTX *_mem_save_unknown_1; +@@ -4526,32 +4704,40 @@ static enum ndr_err_code ndr_pull_dfs_RemoveFtRoot(struct ndr_pull *ndr, int fla + + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.servername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.servername)); +- if (ndr_get_array_length(ndr, &r->in.servername) > ndr_get_array_size(ndr, &r->in.servername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.servername), ndr_get_array_length(ndr, &r->in.servername)); ++ size_servername_0 = ndr_get_array_size(ndr, &r->in.servername); ++ length_servername_0 = ndr_get_array_length(ndr, &r->in.servername); ++ if (length_servername_0 > size_servername_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_servername_0, length_servername_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_servername_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, length_servername_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.dns_servername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.dns_servername)); +- if (ndr_get_array_length(ndr, &r->in.dns_servername) > ndr_get_array_size(ndr, &r->in.dns_servername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.dns_servername), ndr_get_array_length(ndr, &r->in.dns_servername)); ++ size_dns_servername_0 = ndr_get_array_size(ndr, &r->in.dns_servername); ++ length_dns_servername_0 = ndr_get_array_length(ndr, &r->in.dns_servername); ++ if (length_dns_servername_0 > size_dns_servername_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dns_servername_0, length_dns_servername_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.dns_servername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dns_servername, ndr_get_array_length(ndr, &r->in.dns_servername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dns_servername_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dns_servername, length_dns_servername_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.dfsname)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.dfsname)); +- if (ndr_get_array_length(ndr, &r->in.dfsname) > ndr_get_array_size(ndr, &r->in.dfsname)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.dfsname), ndr_get_array_length(ndr, &r->in.dfsname)); ++ size_dfsname_0 = ndr_get_array_size(ndr, &r->in.dfsname); ++ length_dfsname_0 = ndr_get_array_length(ndr, &r->in.dfsname); ++ if (length_dfsname_0 > size_dfsname_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dfsname_0, length_dfsname_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.dfsname), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dfsname, ndr_get_array_length(ndr, &r->in.dfsname), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dfsname_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dfsname, length_dfsname_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.rootshare)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.rootshare)); +- if (ndr_get_array_length(ndr, &r->in.rootshare) > ndr_get_array_size(ndr, &r->in.rootshare)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.rootshare), ndr_get_array_length(ndr, &r->in.rootshare)); ++ size_rootshare_0 = ndr_get_array_size(ndr, &r->in.rootshare); ++ length_rootshare_0 = ndr_get_array_length(ndr, &r->in.rootshare); ++ if (length_rootshare_0 > size_rootshare_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_rootshare_0, length_rootshare_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.rootshare), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.rootshare, ndr_get_array_length(ndr, &r->in.rootshare), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_rootshare_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.rootshare, length_rootshare_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.flags)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_unknown)); + if (_ptr_unknown) { +@@ -4679,28 +4865,40 @@ static enum ndr_err_code ndr_push_dfs_AddStdRoot(struct ndr_push *ndr, int flags + + static enum ndr_err_code ndr_pull_dfs_AddStdRoot(struct ndr_pull *ndr, int flags, struct dfs_AddStdRoot *r) + { ++ uint32_t size_servername_0 = 0; ++ uint32_t length_servername_0 = 0; ++ uint32_t size_rootshare_0 = 0; ++ uint32_t length_rootshare_0 = 0; ++ uint32_t size_comment_0 = 0; ++ uint32_t length_comment_0 = 0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.servername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.servername)); +- if (ndr_get_array_length(ndr, &r->in.servername) > ndr_get_array_size(ndr, &r->in.servername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.servername), ndr_get_array_length(ndr, &r->in.servername)); ++ size_servername_0 = ndr_get_array_size(ndr, &r->in.servername); ++ length_servername_0 = ndr_get_array_length(ndr, &r->in.servername); ++ if (length_servername_0 > size_servername_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_servername_0, length_servername_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_servername_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, length_servername_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.rootshare)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.rootshare)); +- if (ndr_get_array_length(ndr, &r->in.rootshare) > ndr_get_array_size(ndr, &r->in.rootshare)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.rootshare), ndr_get_array_length(ndr, &r->in.rootshare)); ++ size_rootshare_0 = ndr_get_array_size(ndr, &r->in.rootshare); ++ length_rootshare_0 = ndr_get_array_length(ndr, &r->in.rootshare); ++ if (length_rootshare_0 > size_rootshare_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_rootshare_0, length_rootshare_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.rootshare), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.rootshare, ndr_get_array_length(ndr, &r->in.rootshare), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_rootshare_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.rootshare, length_rootshare_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.comment)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.comment)); +- if (ndr_get_array_length(ndr, &r->in.comment) > ndr_get_array_size(ndr, &r->in.comment)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.comment), ndr_get_array_length(ndr, &r->in.comment)); ++ size_comment_0 = ndr_get_array_size(ndr, &r->in.comment); ++ length_comment_0 = ndr_get_array_length(ndr, &r->in.comment); ++ if (length_comment_0 > size_comment_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_comment_0, length_comment_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.comment), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.comment, ndr_get_array_length(ndr, &r->in.comment), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_comment_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.comment, length_comment_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.flags)); + } + if (flags & NDR_OUT) { +@@ -4755,21 +4953,29 @@ static enum ndr_err_code ndr_push_dfs_RemoveStdRoot(struct ndr_push *ndr, int fl + + static enum ndr_err_code ndr_pull_dfs_RemoveStdRoot(struct ndr_pull *ndr, int flags, struct dfs_RemoveStdRoot *r) + { ++ uint32_t size_servername_0 = 0; ++ uint32_t length_servername_0 = 0; ++ uint32_t size_rootshare_0 = 0; ++ uint32_t length_rootshare_0 = 0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.servername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.servername)); +- if (ndr_get_array_length(ndr, &r->in.servername) > ndr_get_array_size(ndr, &r->in.servername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.servername), ndr_get_array_length(ndr, &r->in.servername)); ++ size_servername_0 = ndr_get_array_size(ndr, &r->in.servername); ++ length_servername_0 = ndr_get_array_length(ndr, &r->in.servername); ++ if (length_servername_0 > size_servername_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_servername_0, length_servername_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_servername_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, length_servername_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.rootshare)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.rootshare)); +- if (ndr_get_array_length(ndr, &r->in.rootshare) > ndr_get_array_size(ndr, &r->in.rootshare)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.rootshare), ndr_get_array_length(ndr, &r->in.rootshare)); ++ size_rootshare_0 = ndr_get_array_size(ndr, &r->in.rootshare); ++ length_rootshare_0 = ndr_get_array_length(ndr, &r->in.rootshare); ++ if (length_rootshare_0 > size_rootshare_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_rootshare_0, length_rootshare_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.rootshare), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.rootshare, ndr_get_array_length(ndr, &r->in.rootshare), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_rootshare_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.rootshare, length_rootshare_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.flags)); + } + if (flags & NDR_OUT) { +@@ -4822,14 +5028,18 @@ static enum ndr_err_code ndr_push_dfs_ManagerInitialize(struct ndr_push *ndr, in + + static enum ndr_err_code ndr_pull_dfs_ManagerInitialize(struct ndr_pull *ndr, int flags, struct dfs_ManagerInitialize *r) + { ++ uint32_t size_servername_1 = 0; ++ uint32_t length_servername_1 = 0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.servername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.servername)); +- if (ndr_get_array_length(ndr, &r->in.servername) > ndr_get_array_size(ndr, &r->in.servername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.servername), ndr_get_array_length(ndr, &r->in.servername)); ++ size_servername_1 = ndr_get_array_size(ndr, &r->in.servername); ++ length_servername_1 = ndr_get_array_length(ndr, &r->in.servername); ++ if (length_servername_1 > size_servername_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_servername_1, length_servername_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_servername_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, length_servername_1, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.flags)); + } + if (flags & NDR_OUT) { +@@ -4892,35 +5102,51 @@ static enum ndr_err_code ndr_push_dfs_AddStdRootForced(struct ndr_push *ndr, int + + static enum ndr_err_code ndr_pull_dfs_AddStdRootForced(struct ndr_pull *ndr, int flags, struct dfs_AddStdRootForced *r) + { ++ uint32_t size_servername_0 = 0; ++ uint32_t length_servername_0 = 0; ++ uint32_t size_rootshare_0 = 0; ++ uint32_t length_rootshare_0 = 0; ++ uint32_t size_comment_0 = 0; ++ uint32_t length_comment_0 = 0; ++ uint32_t size_store_0 = 0; ++ uint32_t length_store_0 = 0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.servername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.servername)); +- if (ndr_get_array_length(ndr, &r->in.servername) > ndr_get_array_size(ndr, &r->in.servername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.servername), ndr_get_array_length(ndr, &r->in.servername)); ++ size_servername_0 = ndr_get_array_size(ndr, &r->in.servername); ++ length_servername_0 = ndr_get_array_length(ndr, &r->in.servername); ++ if (length_servername_0 > size_servername_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_servername_0, length_servername_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_servername_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, length_servername_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.rootshare)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.rootshare)); +- if (ndr_get_array_length(ndr, &r->in.rootshare) > ndr_get_array_size(ndr, &r->in.rootshare)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.rootshare), ndr_get_array_length(ndr, &r->in.rootshare)); ++ size_rootshare_0 = ndr_get_array_size(ndr, &r->in.rootshare); ++ length_rootshare_0 = ndr_get_array_length(ndr, &r->in.rootshare); ++ if (length_rootshare_0 > size_rootshare_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_rootshare_0, length_rootshare_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.rootshare), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.rootshare, ndr_get_array_length(ndr, &r->in.rootshare), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_rootshare_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.rootshare, length_rootshare_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.comment)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.comment)); +- if (ndr_get_array_length(ndr, &r->in.comment) > ndr_get_array_size(ndr, &r->in.comment)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.comment), ndr_get_array_length(ndr, &r->in.comment)); ++ size_comment_0 = ndr_get_array_size(ndr, &r->in.comment); ++ length_comment_0 = ndr_get_array_length(ndr, &r->in.comment); ++ if (length_comment_0 > size_comment_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_comment_0, length_comment_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.comment), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.comment, ndr_get_array_length(ndr, &r->in.comment), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_comment_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.comment, length_comment_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.store)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.store)); +- if (ndr_get_array_length(ndr, &r->in.store) > ndr_get_array_size(ndr, &r->in.store)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.store), ndr_get_array_length(ndr, &r->in.store)); ++ size_store_0 = ndr_get_array_size(ndr, &r->in.store); ++ length_store_0 = ndr_get_array_length(ndr, &r->in.store); ++ if (length_store_0 > size_store_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_store_0, length_store_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.store), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.store, ndr_get_array_length(ndr, &r->in.store), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_store_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.store, length_store_0, sizeof(uint16_t), CH_UTF16)); + } + if (flags & NDR_OUT) { + NDR_CHECK(ndr_pull_WERROR(ndr, NDR_SCALARS, &r->out.result)); +@@ -5005,7 +5231,11 @@ static enum ndr_err_code ndr_push_dfs_GetDcAddress(struct ndr_push *ndr, int fla + + static enum ndr_err_code ndr_pull_dfs_GetDcAddress(struct ndr_pull *ndr, int flags, struct dfs_GetDcAddress *r) + { ++ uint32_t size_servername_0 = 0; ++ uint32_t length_servername_0 = 0; + uint32_t _ptr_server_fullname; ++ uint32_t size_server_fullname_2 = 0; ++ uint32_t length_server_fullname_2 = 0; + TALLOC_CTX *_mem_save_server_fullname_0; + TALLOC_CTX *_mem_save_server_fullname_1; + TALLOC_CTX *_mem_save_is_root_0; +@@ -5015,11 +5245,13 @@ static enum ndr_err_code ndr_pull_dfs_GetDcAddress(struct ndr_pull *ndr, int fla + + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.servername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.servername)); +- if (ndr_get_array_length(ndr, &r->in.servername) > ndr_get_array_size(ndr, &r->in.servername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.servername), ndr_get_array_length(ndr, &r->in.servername)); ++ size_servername_0 = ndr_get_array_size(ndr, &r->in.servername); ++ length_servername_0 = ndr_get_array_length(ndr, &r->in.servername); ++ if (length_servername_0 > size_servername_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_servername_0, length_servername_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_servername_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, length_servername_0, sizeof(uint16_t), CH_UTF16)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.server_fullname); + } +@@ -5036,11 +5268,13 @@ static enum ndr_err_code ndr_pull_dfs_GetDcAddress(struct ndr_pull *ndr, int fla + NDR_PULL_SET_MEM_CTX(ndr, *r->in.server_fullname, 0); + NDR_CHECK(ndr_pull_array_size(ndr, r->in.server_fullname)); + NDR_CHECK(ndr_pull_array_length(ndr, r->in.server_fullname)); +- if (ndr_get_array_length(ndr, r->in.server_fullname) > ndr_get_array_size(ndr, r->in.server_fullname)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, r->in.server_fullname), ndr_get_array_length(ndr, r->in.server_fullname)); ++ size_server_fullname_2 = ndr_get_array_size(ndr, r->in.server_fullname); ++ length_server_fullname_2 = ndr_get_array_length(ndr, r->in.server_fullname); ++ if (length_server_fullname_2 > size_server_fullname_2) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_fullname_2, length_server_fullname_2); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, r->in.server_fullname), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->in.server_fullname, ndr_get_array_length(ndr, r->in.server_fullname), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_fullname_2, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->in.server_fullname, length_server_fullname_2, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_fullname_1, 0); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_fullname_0, LIBNDR_FLAG_REF_ALLOC); +@@ -5082,11 +5316,13 @@ static enum ndr_err_code ndr_pull_dfs_GetDcAddress(struct ndr_pull *ndr, int fla + NDR_PULL_SET_MEM_CTX(ndr, *r->out.server_fullname, 0); + NDR_CHECK(ndr_pull_array_size(ndr, r->out.server_fullname)); + NDR_CHECK(ndr_pull_array_length(ndr, r->out.server_fullname)); +- if (ndr_get_array_length(ndr, r->out.server_fullname) > ndr_get_array_size(ndr, r->out.server_fullname)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, r->out.server_fullname), ndr_get_array_length(ndr, r->out.server_fullname)); ++ size_server_fullname_2 = ndr_get_array_size(ndr, r->out.server_fullname); ++ length_server_fullname_2 = ndr_get_array_length(ndr, r->out.server_fullname); ++ if (length_server_fullname_2 > size_server_fullname_2) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_fullname_2, length_server_fullname_2); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, r->out.server_fullname), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.server_fullname, ndr_get_array_length(ndr, r->out.server_fullname), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_fullname_2, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.server_fullname, length_server_fullname_2, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_fullname_1, 0); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_fullname_0, LIBNDR_FLAG_REF_ALLOC); +@@ -5187,21 +5423,29 @@ static enum ndr_err_code ndr_push_dfs_SetDcAddress(struct ndr_push *ndr, int fla + + static enum ndr_err_code ndr_pull_dfs_SetDcAddress(struct ndr_pull *ndr, int flags, struct dfs_SetDcAddress *r) + { ++ uint32_t size_servername_0 = 0; ++ uint32_t length_servername_0 = 0; ++ uint32_t size_server_fullname_0 = 0; ++ uint32_t length_server_fullname_0 = 0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.servername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.servername)); +- if (ndr_get_array_length(ndr, &r->in.servername) > ndr_get_array_size(ndr, &r->in.servername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.servername), ndr_get_array_length(ndr, &r->in.servername)); ++ size_servername_0 = ndr_get_array_size(ndr, &r->in.servername); ++ length_servername_0 = ndr_get_array_length(ndr, &r->in.servername); ++ if (length_servername_0 > size_servername_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_servername_0, length_servername_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_servername_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, length_servername_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_fullname)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_fullname)); +- if (ndr_get_array_length(ndr, &r->in.server_fullname) > ndr_get_array_size(ndr, &r->in.server_fullname)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_fullname), ndr_get_array_length(ndr, &r->in.server_fullname)); ++ size_server_fullname_0 = ndr_get_array_size(ndr, &r->in.server_fullname); ++ length_server_fullname_0 = ndr_get_array_length(ndr, &r->in.server_fullname); ++ if (length_server_fullname_0 > size_server_fullname_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_fullname_0, length_server_fullname_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_fullname), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_fullname, ndr_get_array_length(ndr, &r->in.server_fullname), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_fullname_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_fullname, length_server_fullname_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.flags)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.ttl)); + } +@@ -5256,21 +5500,29 @@ static enum ndr_err_code ndr_push_dfs_FlushFtTable(struct ndr_push *ndr, int fla + + static enum ndr_err_code ndr_pull_dfs_FlushFtTable(struct ndr_pull *ndr, int flags, struct dfs_FlushFtTable *r) + { ++ uint32_t size_servername_0 = 0; ++ uint32_t length_servername_0 = 0; ++ uint32_t size_rootshare_0 = 0; ++ uint32_t length_rootshare_0 = 0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.servername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.servername)); +- if (ndr_get_array_length(ndr, &r->in.servername) > ndr_get_array_size(ndr, &r->in.servername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.servername), ndr_get_array_length(ndr, &r->in.servername)); ++ size_servername_0 = ndr_get_array_size(ndr, &r->in.servername); ++ length_servername_0 = ndr_get_array_length(ndr, &r->in.servername); ++ if (length_servername_0 > size_servername_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_servername_0, length_servername_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, ndr_get_array_length(ndr, &r->in.servername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_servername_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.servername, length_servername_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.rootshare)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.rootshare)); +- if (ndr_get_array_length(ndr, &r->in.rootshare) > ndr_get_array_size(ndr, &r->in.rootshare)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.rootshare), ndr_get_array_length(ndr, &r->in.rootshare)); ++ size_rootshare_0 = ndr_get_array_size(ndr, &r->in.rootshare); ++ length_rootshare_0 = ndr_get_array_length(ndr, &r->in.rootshare); ++ if (length_rootshare_0 > size_rootshare_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_rootshare_0, length_rootshare_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.rootshare), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.rootshare, ndr_get_array_length(ndr, &r->in.rootshare), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_rootshare_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.rootshare, length_rootshare_0, sizeof(uint16_t), CH_UTF16)); + } + if (flags & NDR_OUT) { + NDR_CHECK(ndr_pull_WERROR(ndr, NDR_SCALARS, &r->out.result)); +@@ -5417,6 +5669,8 @@ _PUBLIC_ enum ndr_err_code ndr_push_dfs_EnumEx(struct ndr_push *ndr, int flags, + + _PUBLIC_ enum ndr_err_code ndr_pull_dfs_EnumEx(struct ndr_pull *ndr, int flags, struct dfs_EnumEx *r) + { ++ uint32_t size_dfs_name_0 = 0; ++ uint32_t length_dfs_name_0 = 0; + uint32_t _ptr_info; + uint32_t _ptr_total; + TALLOC_CTX *_mem_save_info_0; +@@ -5426,11 +5680,13 @@ _PUBLIC_ enum ndr_err_code ndr_pull_dfs_EnumEx(struct ndr_pull *ndr, int flags, + + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.dfs_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.dfs_name)); +- if (ndr_get_array_length(ndr, &r->in.dfs_name) > ndr_get_array_size(ndr, &r->in.dfs_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.dfs_name), ndr_get_array_length(ndr, &r->in.dfs_name)); ++ size_dfs_name_0 = ndr_get_array_size(ndr, &r->in.dfs_name); ++ length_dfs_name_0 = ndr_get_array_length(ndr, &r->in.dfs_name); ++ if (length_dfs_name_0 > size_dfs_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dfs_name_0, length_dfs_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.dfs_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dfs_name, ndr_get_array_length(ndr, &r->in.dfs_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dfs_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dfs_name, length_dfs_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.bufsize)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info)); +diff --git a/source/librpc/gen_ndr/ndr_dssetup.c b/source/librpc/gen_ndr/ndr_dssetup.c +index 0c02784..0660ea9 100644 +--- a/source/librpc/gen_ndr/ndr_dssetup.c ++++ b/source/librpc/gen_ndr/ndr_dssetup.c +@@ -95,10 +95,16 @@ static enum ndr_err_code ndr_push_dssetup_DsRolePrimaryDomInfoBasic(struct ndr_p + static enum ndr_err_code ndr_pull_dssetup_DsRolePrimaryDomInfoBasic(struct ndr_pull *ndr, int ndr_flags, struct dssetup_DsRolePrimaryDomInfoBasic *r) + { + uint32_t _ptr_domain; ++ uint32_t size_domain_1 = 0; ++ uint32_t length_domain_1 = 0; + TALLOC_CTX *_mem_save_domain_0; + uint32_t _ptr_dns_domain; ++ uint32_t size_dns_domain_1 = 0; ++ uint32_t length_dns_domain_1 = 0; + TALLOC_CTX *_mem_save_dns_domain_0; + uint32_t _ptr_forest; ++ uint32_t size_forest_1 = 0; ++ uint32_t length_forest_1 = 0; + TALLOC_CTX *_mem_save_forest_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -130,11 +136,13 @@ static enum ndr_err_code ndr_pull_dssetup_DsRolePrimaryDomInfoBasic(struct ndr_p + NDR_PULL_SET_MEM_CTX(ndr, r->domain, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->domain)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->domain)); +- if (ndr_get_array_length(ndr, &r->domain) > ndr_get_array_size(ndr, &r->domain)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->domain), ndr_get_array_length(ndr, &r->domain)); ++ size_domain_1 = ndr_get_array_size(ndr, &r->domain); ++ length_domain_1 = ndr_get_array_length(ndr, &r->domain); ++ if (length_domain_1 > size_domain_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_1, length_domain_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, length_domain_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_0, 0); + } + if (r->dns_domain) { +@@ -142,11 +150,13 @@ static enum ndr_err_code ndr_pull_dssetup_DsRolePrimaryDomInfoBasic(struct ndr_p + NDR_PULL_SET_MEM_CTX(ndr, r->dns_domain, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->dns_domain)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->dns_domain)); +- if (ndr_get_array_length(ndr, &r->dns_domain) > ndr_get_array_size(ndr, &r->dns_domain)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->dns_domain), ndr_get_array_length(ndr, &r->dns_domain)); ++ size_dns_domain_1 = ndr_get_array_size(ndr, &r->dns_domain); ++ length_dns_domain_1 = ndr_get_array_length(ndr, &r->dns_domain); ++ if (length_dns_domain_1 > size_dns_domain_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dns_domain_1, length_dns_domain_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->dns_domain), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->dns_domain, ndr_get_array_length(ndr, &r->dns_domain), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dns_domain_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->dns_domain, length_dns_domain_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_dns_domain_0, 0); + } + if (r->forest) { +@@ -154,11 +164,13 @@ static enum ndr_err_code ndr_pull_dssetup_DsRolePrimaryDomInfoBasic(struct ndr_p + NDR_PULL_SET_MEM_CTX(ndr, r->forest, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->forest)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->forest)); +- if (ndr_get_array_length(ndr, &r->forest) > ndr_get_array_size(ndr, &r->forest)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->forest), ndr_get_array_length(ndr, &r->forest)); ++ size_forest_1 = ndr_get_array_size(ndr, &r->forest); ++ length_forest_1 = ndr_get_array_length(ndr, &r->forest); ++ if (length_forest_1 > size_forest_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_forest_1, length_forest_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->forest), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->forest, ndr_get_array_length(ndr, &r->forest), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_forest_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->forest, length_forest_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_forest_0, 0); + } + } +diff --git a/source/librpc/gen_ndr/ndr_echo.c b/source/librpc/gen_ndr/ndr_echo.c +index 93a8464..df87450 100644 +--- a/source/librpc/gen_ndr/ndr_echo.c ++++ b/source/librpc/gen_ndr/ndr_echo.c +@@ -595,16 +595,18 @@ static enum ndr_err_code ndr_push_echo_Surrounding(struct ndr_push *ndr, int ndr + + static enum ndr_err_code ndr_pull_echo_Surrounding(struct ndr_pull *ndr, int ndr_flags, struct echo_Surrounding *r) + { ++ uint32_t size_surrounding_0 = 0; + uint32_t cntr_surrounding_0; + TALLOC_CTX *_mem_save_surrounding_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->surrounding)); + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->x)); +- NDR_PULL_ALLOC_N(ndr, r->surrounding, ndr_get_array_size(ndr, &r->surrounding)); ++ size_surrounding_0 = ndr_get_array_size(ndr, &r->surrounding); ++ NDR_PULL_ALLOC_N(ndr, r->surrounding, size_surrounding_0); + _mem_save_surrounding_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->surrounding, 0); +- for (cntr_surrounding_0 = 0; cntr_surrounding_0 < r->x; cntr_surrounding_0++) { ++ for (cntr_surrounding_0 = 0; cntr_surrounding_0 < size_surrounding_0; cntr_surrounding_0++) { + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->surrounding[cntr_surrounding_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_surrounding_0, 0); +@@ -713,21 +715,25 @@ static enum ndr_err_code ndr_push_echo_EchoData(struct ndr_push *ndr, int flags, + + static enum ndr_err_code ndr_pull_echo_EchoData(struct ndr_pull *ndr, int flags, struct echo_EchoData *r) + { ++ uint32_t size_in_data_0 = 0; ++ uint32_t size_out_data_0 = 0; + if (flags & NDR_IN) { + ZERO_STRUCT(r->out); + + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.len)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.in_data)); +- NDR_PULL_ALLOC_N(ndr, r->in.in_data, ndr_get_array_size(ndr, &r->in.in_data)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.in_data, ndr_get_array_size(ndr, &r->in.in_data))); ++ size_in_data_0 = ndr_get_array_size(ndr, &r->in.in_data); ++ NDR_PULL_ALLOC_N(ndr, r->in.in_data, size_in_data_0); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.in_data, size_in_data_0)); + if (r->in.in_data) { + NDR_CHECK(ndr_check_array_size(ndr, (void*)&r->in.in_data, r->in.len)); + } + } + if (flags & NDR_OUT) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->out.out_data)); +- NDR_PULL_ALLOC_N(ndr, r->out.out_data, ndr_get_array_size(ndr, &r->out.out_data)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.out_data, ndr_get_array_size(ndr, &r->out.out_data))); ++ size_out_data_0 = ndr_get_array_size(ndr, &r->out.out_data); ++ NDR_PULL_ALLOC_N(ndr, r->out.out_data, size_out_data_0); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.out_data, size_out_data_0)); + if (r->out.out_data) { + NDR_CHECK(ndr_check_array_size(ndr, (void*)&r->out.out_data, r->in.len)); + } +@@ -772,11 +778,13 @@ static enum ndr_err_code ndr_push_echo_SinkData(struct ndr_push *ndr, int flags, + + static enum ndr_err_code ndr_pull_echo_SinkData(struct ndr_pull *ndr, int flags, struct echo_SinkData *r) + { ++ uint32_t size_data_0 = 0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.len)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.data)); +- NDR_PULL_ALLOC_N(ndr, r->in.data, ndr_get_array_size(ndr, &r->in.data)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.data, ndr_get_array_size(ndr, &r->in.data))); ++ size_data_0 = ndr_get_array_size(ndr, &r->in.data); ++ NDR_PULL_ALLOC_N(ndr, r->in.data, size_data_0); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.data, size_data_0)); + if (r->in.data) { + NDR_CHECK(ndr_check_array_size(ndr, (void*)&r->in.data, r->in.len)); + } +@@ -822,6 +830,7 @@ static enum ndr_err_code ndr_push_echo_SourceData(struct ndr_push *ndr, int flag + + static enum ndr_err_code ndr_pull_echo_SourceData(struct ndr_pull *ndr, int flags, struct echo_SourceData *r) + { ++ uint32_t size_data_0 = 0; + if (flags & NDR_IN) { + ZERO_STRUCT(r->out); + +@@ -829,8 +838,9 @@ static enum ndr_err_code ndr_pull_echo_SourceData(struct ndr_pull *ndr, int flag + } + if (flags & NDR_OUT) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->out.data)); +- NDR_PULL_ALLOC_N(ndr, r->out.data, ndr_get_array_size(ndr, &r->out.data)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.data, ndr_get_array_size(ndr, &r->out.data))); ++ size_data_0 = ndr_get_array_size(ndr, &r->out.data); ++ NDR_PULL_ALLOC_N(ndr, r->out.data, size_data_0); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.data, size_data_0)); + if (r->out.data) { + NDR_CHECK(ndr_check_array_size(ndr, (void*)&r->out.data, r->in.len)); + } +@@ -888,7 +898,11 @@ static enum ndr_err_code ndr_push_echo_TestCall(struct ndr_push *ndr, int flags, + + static enum ndr_err_code ndr_pull_echo_TestCall(struct ndr_pull *ndr, int flags, struct echo_TestCall *r) + { ++ uint32_t size_s1_1 = 0; ++ uint32_t length_s1_1 = 0; + uint32_t _ptr_s2; ++ uint32_t size_s2_2 = 0; ++ uint32_t length_s2_2 = 0; + TALLOC_CTX *_mem_save_s2_0; + TALLOC_CTX *_mem_save_s2_1; + if (flags & NDR_IN) { +@@ -896,11 +910,13 @@ static enum ndr_err_code ndr_pull_echo_TestCall(struct ndr_pull *ndr, int flags, + + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.s1)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.s1)); +- if (ndr_get_array_length(ndr, &r->in.s1) > ndr_get_array_size(ndr, &r->in.s1)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.s1), ndr_get_array_length(ndr, &r->in.s1)); ++ size_s1_1 = ndr_get_array_size(ndr, &r->in.s1); ++ length_s1_1 = ndr_get_array_length(ndr, &r->in.s1); ++ if (length_s1_1 > size_s1_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_s1_1, length_s1_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.s1), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.s1, ndr_get_array_length(ndr, &r->in.s1), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_s1_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.s1, length_s1_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_ALLOC(ndr, r->out.s2); + ZERO_STRUCTP(r->out.s2); + } +@@ -921,11 +937,13 @@ static enum ndr_err_code ndr_pull_echo_TestCall(struct ndr_pull *ndr, int flags, + NDR_PULL_SET_MEM_CTX(ndr, *r->out.s2, 0); + NDR_CHECK(ndr_pull_array_size(ndr, r->out.s2)); + NDR_CHECK(ndr_pull_array_length(ndr, r->out.s2)); +- if (ndr_get_array_length(ndr, r->out.s2) > ndr_get_array_size(ndr, r->out.s2)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, r->out.s2), ndr_get_array_length(ndr, r->out.s2)); ++ size_s2_2 = ndr_get_array_size(ndr, r->out.s2); ++ length_s2_2 = ndr_get_array_length(ndr, r->out.s2); ++ if (length_s2_2 > size_s2_2) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_s2_2, length_s2_2); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, r->out.s2), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.s2, ndr_get_array_length(ndr, r->out.s2), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_s2_2, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.s2, length_s2_2, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_s2_1, 0); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_s2_0, LIBNDR_FLAG_REF_ALLOC); +diff --git a/source/librpc/gen_ndr/ndr_epmapper.c b/source/librpc/gen_ndr/ndr_epmapper.c +index ab84d28..3ba5850 100644 +--- a/source/librpc/gen_ndr/ndr_epmapper.c ++++ b/source/librpc/gen_ndr/ndr_epmapper.c +@@ -1530,6 +1530,7 @@ static enum ndr_err_code ndr_push_epm_tower(struct ndr_push *ndr, int ndr_flags, + + static enum ndr_err_code ndr_pull_epm_tower(struct ndr_pull *ndr, int ndr_flags, struct epm_tower *r) + { ++ uint32_t size_floors_0 = 0; + uint32_t cntr_floors_0; + TALLOC_CTX *_mem_save_floors_0; + { +@@ -1538,10 +1539,11 @@ static enum ndr_err_code ndr_pull_epm_tower(struct ndr_pull *ndr, int ndr_flags, + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 2)); + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->num_floors)); +- NDR_PULL_ALLOC_N(ndr, r->floors, r->num_floors); ++ size_floors_0 = r->num_floors; ++ NDR_PULL_ALLOC_N(ndr, r->floors, size_floors_0); + _mem_save_floors_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->floors, 0); +- for (cntr_floors_0 = 0; cntr_floors_0 < r->num_floors; cntr_floors_0++) { ++ for (cntr_floors_0 = 0; cntr_floors_0 < size_floors_0; cntr_floors_0++) { + NDR_CHECK(ndr_pull_epm_floor(ndr, NDR_SCALARS, &r->floors[cntr_floors_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_floors_0, 0); +@@ -1806,18 +1808,20 @@ static enum ndr_err_code ndr_push_epm_Insert(struct ndr_push *ndr, int flags, co + + static enum ndr_err_code ndr_pull_epm_Insert(struct ndr_pull *ndr, int flags, struct epm_Insert *r) + { ++ uint32_t size_entries_0 = 0; + uint32_t cntr_entries_0; + TALLOC_CTX *_mem_save_entries_0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.num_ents)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.entries)); +- NDR_PULL_ALLOC_N(ndr, r->in.entries, ndr_get_array_size(ndr, &r->in.entries)); ++ size_entries_0 = ndr_get_array_size(ndr, &r->in.entries); ++ NDR_PULL_ALLOC_N(ndr, r->in.entries, size_entries_0); + _mem_save_entries_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.entries, 0); +- for (cntr_entries_0 = 0; cntr_entries_0 < r->in.num_ents; cntr_entries_0++) { ++ for (cntr_entries_0 = 0; cntr_entries_0 < size_entries_0; cntr_entries_0++) { + NDR_CHECK(ndr_pull_epm_entry_t(ndr, NDR_SCALARS, &r->in.entries[cntr_entries_0])); + } +- for (cntr_entries_0 = 0; cntr_entries_0 < r->in.num_ents; cntr_entries_0++) { ++ for (cntr_entries_0 = 0; cntr_entries_0 < size_entries_0; cntr_entries_0++) { + NDR_CHECK(ndr_pull_epm_entry_t(ndr, NDR_BUFFERS, &r->in.entries[cntr_entries_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_entries_0, 0); +@@ -1887,18 +1891,20 @@ static enum ndr_err_code ndr_push_epm_Delete(struct ndr_push *ndr, int flags, co + + static enum ndr_err_code ndr_pull_epm_Delete(struct ndr_pull *ndr, int flags, struct epm_Delete *r) + { ++ uint32_t size_entries_0 = 0; + uint32_t cntr_entries_0; + TALLOC_CTX *_mem_save_entries_0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.num_ents)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.entries)); +- NDR_PULL_ALLOC_N(ndr, r->in.entries, ndr_get_array_size(ndr, &r->in.entries)); ++ size_entries_0 = ndr_get_array_size(ndr, &r->in.entries); ++ NDR_PULL_ALLOC_N(ndr, r->in.entries, size_entries_0); + _mem_save_entries_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.entries, 0); +- for (cntr_entries_0 = 0; cntr_entries_0 < r->in.num_ents; cntr_entries_0++) { ++ for (cntr_entries_0 = 0; cntr_entries_0 < size_entries_0; cntr_entries_0++) { + NDR_CHECK(ndr_pull_epm_entry_t(ndr, NDR_SCALARS, &r->in.entries[cntr_entries_0])); + } +- for (cntr_entries_0 = 0; cntr_entries_0 < r->in.num_ents; cntr_entries_0++) { ++ for (cntr_entries_0 = 0; cntr_entries_0 < size_entries_0; cntr_entries_0++) { + NDR_CHECK(ndr_pull_epm_entry_t(ndr, NDR_BUFFERS, &r->in.entries[cntr_entries_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_entries_0, 0); +@@ -1992,6 +1998,8 @@ static enum ndr_err_code ndr_pull_epm_Lookup(struct ndr_pull *ndr, int flags, st + { + uint32_t _ptr_object; + uint32_t _ptr_interface_id; ++ uint32_t size_entries_0 = 0; ++ uint32_t length_entries_0 = 0; + uint32_t cntr_entries_0; + TALLOC_CTX *_mem_save_object_0; + TALLOC_CTX *_mem_save_interface_id_0; +@@ -2057,16 +2065,18 @@ static enum ndr_err_code ndr_pull_epm_Lookup(struct ndr_pull *ndr, int flags, st + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_num_ents_0, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_array_size(ndr, &r->out.entries)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->out.entries)); +- if (ndr_get_array_length(ndr, &r->out.entries) > ndr_get_array_size(ndr, &r->out.entries)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->out.entries), ndr_get_array_length(ndr, &r->out.entries)); ++ size_entries_0 = ndr_get_array_size(ndr, &r->out.entries); ++ length_entries_0 = ndr_get_array_length(ndr, &r->out.entries); ++ if (length_entries_0 > size_entries_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_entries_0, length_entries_0); + } +- NDR_PULL_ALLOC_N(ndr, r->out.entries, ndr_get_array_size(ndr, &r->out.entries)); ++ NDR_PULL_ALLOC_N(ndr, r->out.entries, size_entries_0); + _mem_save_entries_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->out.entries, 0); +- for (cntr_entries_0 = 0; cntr_entries_0 < *r->out.num_ents; cntr_entries_0++) { ++ for (cntr_entries_0 = 0; cntr_entries_0 < length_entries_0; cntr_entries_0++) { + NDR_CHECK(ndr_pull_epm_entry_t(ndr, NDR_SCALARS, &r->out.entries[cntr_entries_0])); + } +- for (cntr_entries_0 = 0; cntr_entries_0 < *r->out.num_ents; cntr_entries_0++) { ++ for (cntr_entries_0 = 0; cntr_entries_0 < length_entries_0; cntr_entries_0++) { + NDR_CHECK(ndr_pull_epm_entry_t(ndr, NDR_BUFFERS, &r->out.entries[cntr_entries_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_entries_0, 0); +@@ -2185,6 +2195,8 @@ _PUBLIC_ enum ndr_err_code ndr_pull_epm_Map(struct ndr_pull *ndr, int flags, str + { + uint32_t _ptr_object; + uint32_t _ptr_map_tower; ++ uint32_t size_towers_0 = 0; ++ uint32_t length_towers_0 = 0; + uint32_t cntr_towers_0; + TALLOC_CTX *_mem_save_object_0; + TALLOC_CTX *_mem_save_map_tower_0; +@@ -2248,16 +2260,18 @@ _PUBLIC_ enum ndr_err_code ndr_pull_epm_Map(struct ndr_pull *ndr, int flags, str + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_num_towers_0, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_array_size(ndr, &r->out.towers)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->out.towers)); +- if (ndr_get_array_length(ndr, &r->out.towers) > ndr_get_array_size(ndr, &r->out.towers)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->out.towers), ndr_get_array_length(ndr, &r->out.towers)); ++ size_towers_0 = ndr_get_array_size(ndr, &r->out.towers); ++ length_towers_0 = ndr_get_array_length(ndr, &r->out.towers); ++ if (length_towers_0 > size_towers_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_towers_0, length_towers_0); + } +- NDR_PULL_ALLOC_N(ndr, r->out.towers, ndr_get_array_size(ndr, &r->out.towers)); ++ NDR_PULL_ALLOC_N(ndr, r->out.towers, size_towers_0); + _mem_save_towers_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->out.towers, 0); +- for (cntr_towers_0 = 0; cntr_towers_0 < *r->out.num_towers; cntr_towers_0++) { ++ for (cntr_towers_0 = 0; cntr_towers_0 < length_towers_0; cntr_towers_0++) { + NDR_CHECK(ndr_pull_epm_twr_p_t(ndr, NDR_SCALARS, &r->out.towers[cntr_towers_0])); + } +- for (cntr_towers_0 = 0; cntr_towers_0 < *r->out.num_towers; cntr_towers_0++) { ++ for (cntr_towers_0 = 0; cntr_towers_0 < length_towers_0; cntr_towers_0++) { + NDR_CHECK(ndr_pull_epm_twr_p_t(ndr, NDR_BUFFERS, &r->out.towers[cntr_towers_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_towers_0, 0); +diff --git a/source/librpc/gen_ndr/ndr_eventlog.c b/source/librpc/gen_ndr/ndr_eventlog.c +index 2eb26c4..93c76a2 100644 +--- a/source/librpc/gen_ndr/ndr_eventlog.c ++++ b/source/librpc/gen_ndr/ndr_eventlog.c +@@ -93,6 +93,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_eventlog_Record(struct ndr_push *ndr, int nd + + _PUBLIC_ enum ndr_err_code ndr_pull_eventlog_Record(struct ndr_pull *ndr, int ndr_flags, struct eventlog_Record *r) + { ++ uint32_t size_strings_0 = 0; + uint32_t cntr_strings_0; + TALLOC_CTX *_mem_save_strings_0; + if (ndr_flags & NDR_SCALARS) { +@@ -128,10 +129,11 @@ _PUBLIC_ enum ndr_err_code ndr_pull_eventlog_Record(struct ndr_pull *ndr, int nd + { + uint32_t _flags_save_string = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_FLAG_STR_NULLTERM); +- NDR_PULL_ALLOC_N(ndr, r->strings, r->num_of_strings); ++ size_strings_0 = r->num_of_strings; ++ NDR_PULL_ALLOC_N(ndr, r->strings, size_strings_0); + _mem_save_strings_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->strings, 0); +- for (cntr_strings_0 = 0; cntr_strings_0 < r->num_of_strings; cntr_strings_0++) { ++ for (cntr_strings_0 = 0; cntr_strings_0 < size_strings_0; cntr_strings_0++) { + NDR_CHECK(ndr_pull_string(ndr, NDR_SCALARS, &r->strings[cntr_strings_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_strings_0, 0); +@@ -857,6 +859,7 @@ static enum ndr_err_code ndr_push_eventlog_ReadEventLogW(struct ndr_push *ndr, i + + static enum ndr_err_code ndr_pull_eventlog_ReadEventLogW(struct ndr_pull *ndr, int flags, struct eventlog_ReadEventLogW *r) + { ++ uint32_t size_data_1 = 0; + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_sent_size_0; + TALLOC_CTX *_mem_save_real_size_0; +@@ -885,10 +888,11 @@ static enum ndr_err_code ndr_pull_eventlog_ReadEventLogW(struct ndr_pull *ndr, i + } + if (flags & NDR_OUT) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->out.data)); ++ size_data_1 = ndr_get_array_size(ndr, &r->out.data); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +- NDR_PULL_ALLOC_N(ndr, r->out.data, ndr_get_array_size(ndr, &r->out.data)); ++ NDR_PULL_ALLOC_N(ndr, r->out.data, size_data_1); + } +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.data, ndr_get_array_size(ndr, &r->out.data))); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.data, size_data_1)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.sent_size); + } +diff --git a/source/librpc/gen_ndr/ndr_krb5pac.c b/source/librpc/gen_ndr/ndr_krb5pac.c +index 6e06f90..6e1abad 100644 +--- a/source/librpc/gen_ndr/ndr_krb5pac.c ++++ b/source/librpc/gen_ndr/ndr_krb5pac.c +@@ -21,11 +21,13 @@ static enum ndr_err_code ndr_push_PAC_LOGON_NAME(struct ndr_push *ndr, int ndr_f + + static enum ndr_err_code ndr_pull_PAC_LOGON_NAME(struct ndr_pull *ndr, int ndr_flags, struct PAC_LOGON_NAME *r) + { ++ uint32_t size_account_name_0 = 0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_NTTIME(ndr, NDR_SCALARS, &r->logon_time)); + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->size)); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->account_name, r->size, sizeof(uint8_t), CH_UTF16)); ++ size_account_name_0 = r->size; ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->account_name, size_account_name_0, sizeof(uint8_t), CH_UTF16)); + } + if (ndr_flags & NDR_BUFFERS) { + } +@@ -465,24 +467,27 @@ _PUBLIC_ enum ndr_err_code ndr_push_PAC_DATA(struct ndr_push *ndr, int ndr_flags + + _PUBLIC_ enum ndr_err_code ndr_pull_PAC_DATA(struct ndr_pull *ndr, int ndr_flags, struct PAC_DATA *r) + { ++ uint32_t size_buffers_0 = 0; + uint32_t cntr_buffers_0; + TALLOC_CTX *_mem_save_buffers_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->num_buffers)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->version)); +- NDR_PULL_ALLOC_N(ndr, r->buffers, r->num_buffers); ++ size_buffers_0 = r->num_buffers; ++ NDR_PULL_ALLOC_N(ndr, r->buffers, size_buffers_0); + _mem_save_buffers_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->buffers, 0); +- for (cntr_buffers_0 = 0; cntr_buffers_0 < r->num_buffers; cntr_buffers_0++) { ++ for (cntr_buffers_0 = 0; cntr_buffers_0 < size_buffers_0; cntr_buffers_0++) { + NDR_CHECK(ndr_pull_PAC_BUFFER(ndr, NDR_SCALARS, &r->buffers[cntr_buffers_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_buffers_0, 0); + } + if (ndr_flags & NDR_BUFFERS) { ++ size_buffers_0 = r->num_buffers; + _mem_save_buffers_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->buffers, 0); +- for (cntr_buffers_0 = 0; cntr_buffers_0 < r->num_buffers; cntr_buffers_0++) { ++ for (cntr_buffers_0 = 0; cntr_buffers_0 < size_buffers_0; cntr_buffers_0++) { + NDR_CHECK(ndr_pull_PAC_BUFFER(ndr, NDR_BUFFERS, &r->buffers[cntr_buffers_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_buffers_0, 0); +@@ -627,24 +632,27 @@ _PUBLIC_ enum ndr_err_code ndr_push_PAC_DATA_RAW(struct ndr_push *ndr, int ndr_f + + _PUBLIC_ enum ndr_err_code ndr_pull_PAC_DATA_RAW(struct ndr_pull *ndr, int ndr_flags, struct PAC_DATA_RAW *r) + { ++ uint32_t size_buffers_0 = 0; + uint32_t cntr_buffers_0; + TALLOC_CTX *_mem_save_buffers_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->num_buffers)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->version)); +- NDR_PULL_ALLOC_N(ndr, r->buffers, r->num_buffers); ++ size_buffers_0 = r->num_buffers; ++ NDR_PULL_ALLOC_N(ndr, r->buffers, size_buffers_0); + _mem_save_buffers_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->buffers, 0); +- for (cntr_buffers_0 = 0; cntr_buffers_0 < r->num_buffers; cntr_buffers_0++) { ++ for (cntr_buffers_0 = 0; cntr_buffers_0 < size_buffers_0; cntr_buffers_0++) { + NDR_CHECK(ndr_pull_PAC_BUFFER_RAW(ndr, NDR_SCALARS, &r->buffers[cntr_buffers_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_buffers_0, 0); + } + if (ndr_flags & NDR_BUFFERS) { ++ size_buffers_0 = r->num_buffers; + _mem_save_buffers_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->buffers, 0); +- for (cntr_buffers_0 = 0; cntr_buffers_0 < r->num_buffers; cntr_buffers_0++) { ++ for (cntr_buffers_0 = 0; cntr_buffers_0 < size_buffers_0; cntr_buffers_0++) { + NDR_CHECK(ndr_pull_PAC_BUFFER_RAW(ndr, NDR_BUFFERS, &r->buffers[cntr_buffers_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_buffers_0, 0); +diff --git a/source/librpc/gen_ndr/ndr_lsa.c b/source/librpc/gen_ndr/ndr_lsa.c +index f25410a..690e159 100644 +--- a/source/librpc/gen_ndr/ndr_lsa.c ++++ b/source/librpc/gen_ndr/ndr_lsa.c +@@ -26,6 +26,8 @@ _PUBLIC_ enum ndr_err_code ndr_push_lsa_String(struct ndr_push *ndr, int ndr_fla + _PUBLIC_ enum ndr_err_code ndr_pull_lsa_String(struct ndr_pull *ndr, int ndr_flags, struct lsa_String *r) + { + uint32_t _ptr_string; ++ uint32_t size_string_1 = 0; ++ uint32_t length_string_1 = 0; + TALLOC_CTX *_mem_save_string_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -44,10 +46,12 @@ _PUBLIC_ enum ndr_err_code ndr_pull_lsa_String(struct ndr_pull *ndr, int ndr_fla + NDR_PULL_SET_MEM_CTX(ndr, r->string, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->string)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->string)); +- if (ndr_get_array_length(ndr, &r->string) > ndr_get_array_size(ndr, &r->string)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->string), ndr_get_array_length(ndr, &r->string)); ++ size_string_1 = ndr_get_array_size(ndr, &r->string); ++ length_string_1 = ndr_get_array_length(ndr, &r->string); ++ if (length_string_1 > size_string_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_string_1, length_string_1); + } +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->string, ndr_get_array_length(ndr, &r->string), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->string, length_string_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_string_0, 0); + } + if (r->string) { +@@ -97,6 +101,8 @@ _PUBLIC_ enum ndr_err_code ndr_push_lsa_StringLarge(struct ndr_push *ndr, int nd + _PUBLIC_ enum ndr_err_code ndr_pull_lsa_StringLarge(struct ndr_pull *ndr, int ndr_flags, struct lsa_StringLarge *r) + { + uint32_t _ptr_string; ++ uint32_t size_string_1 = 0; ++ uint32_t length_string_1 = 0; + TALLOC_CTX *_mem_save_string_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -115,10 +121,12 @@ _PUBLIC_ enum ndr_err_code ndr_pull_lsa_StringLarge(struct ndr_pull *ndr, int nd + NDR_PULL_SET_MEM_CTX(ndr, r->string, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->string)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->string)); +- if (ndr_get_array_length(ndr, &r->string) > ndr_get_array_size(ndr, &r->string)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->string), ndr_get_array_length(ndr, &r->string)); ++ size_string_1 = ndr_get_array_size(ndr, &r->string); ++ length_string_1 = ndr_get_array_length(ndr, &r->string); ++ if (length_string_1 > size_string_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_string_1, length_string_1); + } +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->string, ndr_get_array_length(ndr, &r->string), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->string, length_string_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_string_0, 0); + } + if (r->string) { +@@ -171,6 +179,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_lsa_Strings(struct ndr_push *ndr, int ndr_fl + _PUBLIC_ enum ndr_err_code ndr_pull_lsa_Strings(struct ndr_pull *ndr, int ndr_flags, struct lsa_Strings *r) + { + uint32_t _ptr_names; ++ uint32_t size_names_1 = 0; + uint32_t cntr_names_1; + TALLOC_CTX *_mem_save_names_0; + TALLOC_CTX *_mem_save_names_1; +@@ -189,13 +198,14 @@ _PUBLIC_ enum ndr_err_code ndr_pull_lsa_Strings(struct ndr_pull *ndr, int ndr_fl + _mem_save_names_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->names, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->names)); +- NDR_PULL_ALLOC_N(ndr, r->names, ndr_get_array_size(ndr, &r->names)); ++ size_names_1 = ndr_get_array_size(ndr, &r->names); ++ NDR_PULL_ALLOC_N(ndr, r->names, size_names_1); + _mem_save_names_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->names, 0); +- for (cntr_names_1 = 0; cntr_names_1 < r->count; cntr_names_1++) { ++ for (cntr_names_1 = 0; cntr_names_1 < size_names_1; cntr_names_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->names[cntr_names_1])); + } +- for (cntr_names_1 = 0; cntr_names_1 < r->count; cntr_names_1++) { ++ for (cntr_names_1 = 0; cntr_names_1 < size_names_1; cntr_names_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->names[cntr_names_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_names_1, 0); +@@ -254,6 +264,8 @@ _PUBLIC_ enum ndr_err_code ndr_push_lsa_AsciiString(struct ndr_push *ndr, int nd + _PUBLIC_ enum ndr_err_code ndr_pull_lsa_AsciiString(struct ndr_pull *ndr, int ndr_flags, struct lsa_AsciiString *r) + { + uint32_t _ptr_string; ++ uint32_t size_string_1 = 0; ++ uint32_t length_string_1 = 0; + TALLOC_CTX *_mem_save_string_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -272,10 +284,12 @@ _PUBLIC_ enum ndr_err_code ndr_pull_lsa_AsciiString(struct ndr_pull *ndr, int nd + NDR_PULL_SET_MEM_CTX(ndr, r->string, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->string)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->string)); +- if (ndr_get_array_length(ndr, &r->string) > ndr_get_array_size(ndr, &r->string)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->string), ndr_get_array_length(ndr, &r->string)); ++ size_string_1 = ndr_get_array_size(ndr, &r->string); ++ length_string_1 = ndr_get_array_length(ndr, &r->string); ++ if (length_string_1 > size_string_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_string_1, length_string_1); + } +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->string, ndr_get_array_length(ndr, &r->string), sizeof(uint8_t), CH_DOS)); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->string, length_string_1, sizeof(uint8_t), CH_DOS)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_string_0, 0); + } + if (r->string) { +@@ -325,6 +339,8 @@ _PUBLIC_ enum ndr_err_code ndr_push_lsa_AsciiStringLarge(struct ndr_push *ndr, i + _PUBLIC_ enum ndr_err_code ndr_pull_lsa_AsciiStringLarge(struct ndr_pull *ndr, int ndr_flags, struct lsa_AsciiStringLarge *r) + { + uint32_t _ptr_string; ++ uint32_t size_string_1 = 0; ++ uint32_t length_string_1 = 0; + TALLOC_CTX *_mem_save_string_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -343,10 +359,12 @@ _PUBLIC_ enum ndr_err_code ndr_pull_lsa_AsciiStringLarge(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->string, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->string)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->string)); +- if (ndr_get_array_length(ndr, &r->string) > ndr_get_array_size(ndr, &r->string)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->string), ndr_get_array_length(ndr, &r->string)); ++ size_string_1 = ndr_get_array_size(ndr, &r->string); ++ length_string_1 = ndr_get_array_length(ndr, &r->string); ++ if (length_string_1 > size_string_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_string_1, length_string_1); + } +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->string, ndr_get_array_length(ndr, &r->string), sizeof(uint8_t), CH_DOS)); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->string, length_string_1, sizeof(uint8_t), CH_DOS)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_string_0, 0); + } + if (r->string) { +@@ -399,6 +417,8 @@ _PUBLIC_ enum ndr_err_code ndr_push_lsa_BinaryString(struct ndr_push *ndr, int n + _PUBLIC_ enum ndr_err_code ndr_pull_lsa_BinaryString(struct ndr_pull *ndr, int ndr_flags, struct lsa_BinaryString *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; ++ uint32_t length_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -419,13 +439,15 @@ _PUBLIC_ enum ndr_err_code ndr_pull_lsa_BinaryString(struct ndr_pull *ndr, int n + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->array)); +- if (ndr_get_array_length(ndr, &r->array) > ndr_get_array_size(ndr, &r->array)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->array), ndr_get_array_length(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ length_array_1 = ndr_get_array_length(ndr, &r->array); ++ if (length_array_1 > size_array_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_array_1, length_array_1); + } +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->length / 2; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < length_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -559,6 +581,7 @@ static enum ndr_err_code ndr_push_lsa_PrivArray(struct ndr_push *ndr, int ndr_fl + static enum ndr_err_code ndr_pull_lsa_PrivArray(struct ndr_pull *ndr, int ndr_flags, struct lsa_PrivArray *r) + { + uint32_t _ptr_privs; ++ uint32_t size_privs_1 = 0; + uint32_t cntr_privs_1; + TALLOC_CTX *_mem_save_privs_0; + TALLOC_CTX *_mem_save_privs_1; +@@ -577,13 +600,14 @@ static enum ndr_err_code ndr_pull_lsa_PrivArray(struct ndr_pull *ndr, int ndr_fl + _mem_save_privs_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->privs, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->privs)); +- NDR_PULL_ALLOC_N(ndr, r->privs, ndr_get_array_size(ndr, &r->privs)); ++ size_privs_1 = ndr_get_array_size(ndr, &r->privs); ++ NDR_PULL_ALLOC_N(ndr, r->privs, size_privs_1); + _mem_save_privs_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->privs, 0); +- for (cntr_privs_1 = 0; cntr_privs_1 < r->count; cntr_privs_1++) { ++ for (cntr_privs_1 = 0; cntr_privs_1 < size_privs_1; cntr_privs_1++) { + NDR_CHECK(ndr_pull_lsa_PrivEntry(ndr, NDR_SCALARS, &r->privs[cntr_privs_1])); + } +- for (cntr_privs_1 = 0; cntr_privs_1 < r->count; cntr_privs_1++) { ++ for (cntr_privs_1 = 0; cntr_privs_1 < size_privs_1; cntr_privs_1++) { + NDR_CHECK(ndr_pull_lsa_PrivEntry(ndr, NDR_BUFFERS, &r->privs[cntr_privs_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_privs_1, 0); +@@ -695,6 +719,8 @@ static enum ndr_err_code ndr_pull_lsa_ObjectAttribute(struct ndr_pull *ndr, int + uint32_t _ptr_root_dir; + TALLOC_CTX *_mem_save_root_dir_0; + uint32_t _ptr_object_name; ++ uint32_t size_object_name_1 = 0; ++ uint32_t length_object_name_1 = 0; + TALLOC_CTX *_mem_save_object_name_0; + uint32_t _ptr_sec_desc; + TALLOC_CTX *_mem_save_sec_desc_0; +@@ -741,11 +767,13 @@ static enum ndr_err_code ndr_pull_lsa_ObjectAttribute(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->object_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->object_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->object_name)); +- if (ndr_get_array_length(ndr, &r->object_name) > ndr_get_array_size(ndr, &r->object_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->object_name), ndr_get_array_length(ndr, &r->object_name)); ++ size_object_name_1 = ndr_get_array_size(ndr, &r->object_name); ++ length_object_name_1 = ndr_get_array_length(ndr, &r->object_name); ++ if (length_object_name_1 > size_object_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_object_name_1, length_object_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->object_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->object_name, ndr_get_array_length(ndr, &r->object_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_object_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->object_name, length_object_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_object_name_0, 0); + } + if (r->sec_desc) { +@@ -929,6 +957,7 @@ static enum ndr_err_code ndr_push_lsa_AuditEventsInfo(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_lsa_AuditEventsInfo(struct ndr_pull *ndr, int ndr_flags, struct lsa_AuditEventsInfo *r) + { + uint32_t _ptr_settings; ++ uint32_t size_settings_1 = 0; + uint32_t cntr_settings_1; + TALLOC_CTX *_mem_save_settings_0; + TALLOC_CTX *_mem_save_settings_1; +@@ -948,10 +977,11 @@ static enum ndr_err_code ndr_pull_lsa_AuditEventsInfo(struct ndr_pull *ndr, int + _mem_save_settings_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->settings, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->settings)); +- NDR_PULL_ALLOC_N(ndr, r->settings, ndr_get_array_size(ndr, &r->settings)); ++ size_settings_1 = ndr_get_array_size(ndr, &r->settings); ++ NDR_PULL_ALLOC_N(ndr, r->settings, size_settings_1); + _mem_save_settings_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->settings, 0); +- for (cntr_settings_1 = 0; cntr_settings_1 < r->count; cntr_settings_1++) { ++ for (cntr_settings_1 = 0; cntr_settings_1 < size_settings_1; cntr_settings_1++) { + NDR_CHECK(ndr_pull_lsa_PolicyAuditPolicy(ndr, NDR_SCALARS, &r->settings[cntr_settings_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_settings_1, 0); +@@ -1756,6 +1786,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_lsa_SidArray(struct ndr_push *ndr, int ndr_f + _PUBLIC_ enum ndr_err_code ndr_pull_lsa_SidArray(struct ndr_pull *ndr, int ndr_flags, struct lsa_SidArray *r) + { + uint32_t _ptr_sids; ++ uint32_t size_sids_1 = 0; + uint32_t cntr_sids_1; + TALLOC_CTX *_mem_save_sids_0; + TALLOC_CTX *_mem_save_sids_1; +@@ -1777,13 +1808,14 @@ _PUBLIC_ enum ndr_err_code ndr_pull_lsa_SidArray(struct ndr_pull *ndr, int ndr_f + _mem_save_sids_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sids, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->sids)); +- NDR_PULL_ALLOC_N(ndr, r->sids, ndr_get_array_size(ndr, &r->sids)); ++ size_sids_1 = ndr_get_array_size(ndr, &r->sids); ++ NDR_PULL_ALLOC_N(ndr, r->sids, size_sids_1); + _mem_save_sids_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sids, 0); +- for (cntr_sids_1 = 0; cntr_sids_1 < r->num_sids; cntr_sids_1++) { ++ for (cntr_sids_1 = 0; cntr_sids_1 < size_sids_1; cntr_sids_1++) { + NDR_CHECK(ndr_pull_lsa_SidPtr(ndr, NDR_SCALARS, &r->sids[cntr_sids_1])); + } +- for (cntr_sids_1 = 0; cntr_sids_1 < r->num_sids; cntr_sids_1++) { ++ for (cntr_sids_1 = 0; cntr_sids_1 < size_sids_1; cntr_sids_1++) { + NDR_CHECK(ndr_pull_lsa_SidPtr(ndr, NDR_BUFFERS, &r->sids[cntr_sids_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sids_1, 0); +@@ -1845,6 +1877,7 @@ static enum ndr_err_code ndr_push_lsa_DomainList(struct ndr_push *ndr, int ndr_f + static enum ndr_err_code ndr_pull_lsa_DomainList(struct ndr_pull *ndr, int ndr_flags, struct lsa_DomainList *r) + { + uint32_t _ptr_domains; ++ uint32_t size_domains_1 = 0; + uint32_t cntr_domains_1; + TALLOC_CTX *_mem_save_domains_0; + TALLOC_CTX *_mem_save_domains_1; +@@ -1863,13 +1896,14 @@ static enum ndr_err_code ndr_pull_lsa_DomainList(struct ndr_pull *ndr, int ndr_f + _mem_save_domains_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->domains, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->domains)); +- NDR_PULL_ALLOC_N(ndr, r->domains, ndr_get_array_size(ndr, &r->domains)); ++ size_domains_1 = ndr_get_array_size(ndr, &r->domains); ++ NDR_PULL_ALLOC_N(ndr, r->domains, size_domains_1); + _mem_save_domains_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->domains, 0); +- for (cntr_domains_1 = 0; cntr_domains_1 < r->count; cntr_domains_1++) { ++ for (cntr_domains_1 = 0; cntr_domains_1 < size_domains_1; cntr_domains_1++) { + NDR_CHECK(ndr_pull_lsa_DomainInfo(ndr, NDR_SCALARS, &r->domains[cntr_domains_1])); + } +- for (cntr_domains_1 = 0; cntr_domains_1 < r->count; cntr_domains_1++) { ++ for (cntr_domains_1 = 0; cntr_domains_1 < size_domains_1; cntr_domains_1++) { + NDR_CHECK(ndr_pull_lsa_DomainInfo(ndr, NDR_BUFFERS, &r->domains[cntr_domains_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domains_1, 0); +@@ -1997,6 +2031,7 @@ static enum ndr_err_code ndr_push_lsa_TransSidArray(struct ndr_push *ndr, int nd + static enum ndr_err_code ndr_pull_lsa_TransSidArray(struct ndr_pull *ndr, int ndr_flags, struct lsa_TransSidArray *r) + { + uint32_t _ptr_sids; ++ uint32_t size_sids_1 = 0; + uint32_t cntr_sids_1; + TALLOC_CTX *_mem_save_sids_0; + TALLOC_CTX *_mem_save_sids_1; +@@ -2018,10 +2053,11 @@ static enum ndr_err_code ndr_pull_lsa_TransSidArray(struct ndr_pull *ndr, int nd + _mem_save_sids_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sids, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->sids)); +- NDR_PULL_ALLOC_N(ndr, r->sids, ndr_get_array_size(ndr, &r->sids)); ++ size_sids_1 = ndr_get_array_size(ndr, &r->sids); ++ NDR_PULL_ALLOC_N(ndr, r->sids, size_sids_1); + _mem_save_sids_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sids, 0); +- for (cntr_sids_1 = 0; cntr_sids_1 < r->count; cntr_sids_1++) { ++ for (cntr_sids_1 = 0; cntr_sids_1 < size_sids_1; cntr_sids_1++) { + NDR_CHECK(ndr_pull_lsa_TranslatedSid(ndr, NDR_SCALARS, &r->sids[cntr_sids_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sids_1, 0); +@@ -2084,6 +2120,7 @@ static enum ndr_err_code ndr_push_lsa_RefDomainList(struct ndr_push *ndr, int nd + static enum ndr_err_code ndr_pull_lsa_RefDomainList(struct ndr_pull *ndr, int ndr_flags, struct lsa_RefDomainList *r) + { + uint32_t _ptr_domains; ++ uint32_t size_domains_1 = 0; + uint32_t cntr_domains_1; + TALLOC_CTX *_mem_save_domains_0; + TALLOC_CTX *_mem_save_domains_1; +@@ -2106,13 +2143,14 @@ static enum ndr_err_code ndr_pull_lsa_RefDomainList(struct ndr_pull *ndr, int nd + _mem_save_domains_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->domains, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->domains)); +- NDR_PULL_ALLOC_N(ndr, r->domains, ndr_get_array_size(ndr, &r->domains)); ++ size_domains_1 = ndr_get_array_size(ndr, &r->domains); ++ NDR_PULL_ALLOC_N(ndr, r->domains, size_domains_1); + _mem_save_domains_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->domains, 0); +- for (cntr_domains_1 = 0; cntr_domains_1 < r->count; cntr_domains_1++) { ++ for (cntr_domains_1 = 0; cntr_domains_1 < size_domains_1; cntr_domains_1++) { + NDR_CHECK(ndr_pull_lsa_DomainInfo(ndr, NDR_SCALARS, &r->domains[cntr_domains_1])); + } +- for (cntr_domains_1 = 0; cntr_domains_1 < r->count; cntr_domains_1++) { ++ for (cntr_domains_1 = 0; cntr_domains_1 < size_domains_1; cntr_domains_1++) { + NDR_CHECK(ndr_pull_lsa_DomainInfo(ndr, NDR_BUFFERS, &r->domains[cntr_domains_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domains_1, 0); +@@ -2242,6 +2280,7 @@ static enum ndr_err_code ndr_push_lsa_TransNameArray(struct ndr_push *ndr, int n + static enum ndr_err_code ndr_pull_lsa_TransNameArray(struct ndr_pull *ndr, int ndr_flags, struct lsa_TransNameArray *r) + { + uint32_t _ptr_names; ++ uint32_t size_names_1 = 0; + uint32_t cntr_names_1; + TALLOC_CTX *_mem_save_names_0; + TALLOC_CTX *_mem_save_names_1; +@@ -2263,13 +2302,14 @@ static enum ndr_err_code ndr_pull_lsa_TransNameArray(struct ndr_pull *ndr, int n + _mem_save_names_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->names, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->names)); +- NDR_PULL_ALLOC_N(ndr, r->names, ndr_get_array_size(ndr, &r->names)); ++ size_names_1 = ndr_get_array_size(ndr, &r->names); ++ NDR_PULL_ALLOC_N(ndr, r->names, size_names_1); + _mem_save_names_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->names, 0); +- for (cntr_names_1 = 0; cntr_names_1 < r->count; cntr_names_1++) { ++ for (cntr_names_1 = 0; cntr_names_1 < size_names_1; cntr_names_1++) { + NDR_CHECK(ndr_pull_lsa_TranslatedName(ndr, NDR_SCALARS, &r->names[cntr_names_1])); + } +- for (cntr_names_1 = 0; cntr_names_1 < r->count; cntr_names_1++) { ++ for (cntr_names_1 = 0; cntr_names_1 < size_names_1; cntr_names_1++) { + NDR_CHECK(ndr_pull_lsa_TranslatedName(ndr, NDR_BUFFERS, &r->names[cntr_names_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_names_1, 0); +@@ -2358,6 +2398,7 @@ static enum ndr_err_code ndr_push_lsa_PrivilegeSet(struct ndr_push *ndr, int ndr + + static enum ndr_err_code ndr_pull_lsa_PrivilegeSet(struct ndr_pull *ndr, int ndr_flags, struct lsa_PrivilegeSet *r) + { ++ uint32_t size_set_0 = 0; + uint32_t cntr_set_0; + TALLOC_CTX *_mem_save_set_0; + if (ndr_flags & NDR_SCALARS) { +@@ -2368,10 +2409,11 @@ static enum ndr_err_code ndr_pull_lsa_PrivilegeSet(struct ndr_pull *ndr, int ndr + return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown)); +- NDR_PULL_ALLOC_N(ndr, r->set, ndr_get_array_size(ndr, &r->set)); ++ size_set_0 = ndr_get_array_size(ndr, &r->set); ++ NDR_PULL_ALLOC_N(ndr, r->set, size_set_0); + _mem_save_set_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->set, 0); +- for (cntr_set_0 = 0; cntr_set_0 < r->count; cntr_set_0++) { ++ for (cntr_set_0 = 0; cntr_set_0 < size_set_0; cntr_set_0++) { + NDR_CHECK(ndr_pull_lsa_LUIDAttribute(ndr, NDR_SCALARS, &r->set[cntr_set_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_set_0, 0); +@@ -2431,6 +2473,8 @@ static enum ndr_err_code ndr_push_lsa_DATA_BUF(struct ndr_push *ndr, int ndr_fla + static enum ndr_err_code ndr_pull_lsa_DATA_BUF(struct ndr_pull *ndr, int ndr_flags, struct lsa_DATA_BUF *r) + { + uint32_t _ptr_data; ++ uint32_t size_data_1 = 0; ++ uint32_t length_data_1 = 0; + TALLOC_CTX *_mem_save_data_0; + { + uint32_t _flags_save_STRUCT = ndr->flags; +@@ -2452,11 +2496,13 @@ static enum ndr_err_code ndr_pull_lsa_DATA_BUF(struct ndr_pull *ndr, int ndr_fla + NDR_PULL_SET_MEM_CTX(ndr, r->data, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->data)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->data)); +- if (ndr_get_array_length(ndr, &r->data) > ndr_get_array_size(ndr, &r->data)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->data), ndr_get_array_length(ndr, &r->data)); ++ size_data_1 = ndr_get_array_size(ndr, &r->data); ++ length_data_1 = ndr_get_array_length(ndr, &r->data); ++ if (length_data_1 > size_data_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_data_1, length_data_1); + } +- NDR_PULL_ALLOC_N(ndr, r->data, ndr_get_array_size(ndr, &r->data)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, ndr_get_array_length(ndr, &r->data))); ++ NDR_PULL_ALLOC_N(ndr, r->data, size_data_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, length_data_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_data_0, 0); + } + if (r->data) { +@@ -2515,6 +2561,7 @@ static enum ndr_err_code ndr_push_lsa_DATA_BUF2(struct ndr_push *ndr, int ndr_fl + static enum ndr_err_code ndr_pull_lsa_DATA_BUF2(struct ndr_pull *ndr, int ndr_flags, struct lsa_DATA_BUF2 *r) + { + uint32_t _ptr_data; ++ uint32_t size_data_1 = 0; + TALLOC_CTX *_mem_save_data_0; + { + uint32_t _flags_save_STRUCT = ndr->flags; +@@ -2537,8 +2584,9 @@ static enum ndr_err_code ndr_pull_lsa_DATA_BUF2(struct ndr_pull *ndr, int ndr_fl + _mem_save_data_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->data, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->data)); +- NDR_PULL_ALLOC_N(ndr, r->data, ndr_get_array_size(ndr, &r->data)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, ndr_get_array_size(ndr, &r->data))); ++ size_data_1 = ndr_get_array_size(ndr, &r->data); ++ NDR_PULL_ALLOC_N(ndr, r->data, size_data_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, size_data_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_data_0, 0); + } + if (r->data) { +@@ -3463,6 +3511,7 @@ static enum ndr_err_code ndr_push_lsa_RightSet(struct ndr_push *ndr, int ndr_fla + static enum ndr_err_code ndr_pull_lsa_RightSet(struct ndr_pull *ndr, int ndr_flags, struct lsa_RightSet *r) + { + uint32_t _ptr_names; ++ uint32_t size_names_1 = 0; + uint32_t cntr_names_1; + TALLOC_CTX *_mem_save_names_0; + TALLOC_CTX *_mem_save_names_1; +@@ -3484,13 +3533,14 @@ static enum ndr_err_code ndr_pull_lsa_RightSet(struct ndr_pull *ndr, int ndr_fla + _mem_save_names_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->names, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->names)); +- NDR_PULL_ALLOC_N(ndr, r->names, ndr_get_array_size(ndr, &r->names)); ++ size_names_1 = ndr_get_array_size(ndr, &r->names); ++ NDR_PULL_ALLOC_N(ndr, r->names, size_names_1); + _mem_save_names_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->names, 0); +- for (cntr_names_1 = 0; cntr_names_1 < r->count; cntr_names_1++) { ++ for (cntr_names_1 = 0; cntr_names_1 < size_names_1; cntr_names_1++) { + NDR_CHECK(ndr_pull_lsa_StringLarge(ndr, NDR_SCALARS, &r->names[cntr_names_1])); + } +- for (cntr_names_1 = 0; cntr_names_1 < r->count; cntr_names_1++) { ++ for (cntr_names_1 = 0; cntr_names_1 < size_names_1; cntr_names_1++) { + NDR_CHECK(ndr_pull_lsa_StringLarge(ndr, NDR_BUFFERS, &r->names[cntr_names_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_names_1, 0); +@@ -3552,6 +3602,7 @@ static enum ndr_err_code ndr_push_lsa_DomainListEx(struct ndr_push *ndr, int ndr + static enum ndr_err_code ndr_pull_lsa_DomainListEx(struct ndr_pull *ndr, int ndr_flags, struct lsa_DomainListEx *r) + { + uint32_t _ptr_domains; ++ uint32_t size_domains_1 = 0; + uint32_t cntr_domains_1; + TALLOC_CTX *_mem_save_domains_0; + TALLOC_CTX *_mem_save_domains_1; +@@ -3570,13 +3621,14 @@ static enum ndr_err_code ndr_pull_lsa_DomainListEx(struct ndr_pull *ndr, int ndr + _mem_save_domains_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->domains, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->domains)); +- NDR_PULL_ALLOC_N(ndr, r->domains, ndr_get_array_size(ndr, &r->domains)); ++ size_domains_1 = ndr_get_array_size(ndr, &r->domains); ++ NDR_PULL_ALLOC_N(ndr, r->domains, size_domains_1); + _mem_save_domains_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->domains, 0); +- for (cntr_domains_1 = 0; cntr_domains_1 < r->count; cntr_domains_1++) { ++ for (cntr_domains_1 = 0; cntr_domains_1 < size_domains_1; cntr_domains_1++) { + NDR_CHECK(ndr_pull_lsa_TrustDomainInfoInfoEx(ndr, NDR_SCALARS, &r->domains[cntr_domains_1])); + } +- for (cntr_domains_1 = 0; cntr_domains_1 < r->count; cntr_domains_1++) { ++ for (cntr_domains_1 = 0; cntr_domains_1 < size_domains_1; cntr_domains_1++) { + NDR_CHECK(ndr_pull_lsa_TrustDomainInfoInfoEx(ndr, NDR_BUFFERS, &r->domains[cntr_domains_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domains_1, 0); +@@ -3677,6 +3729,7 @@ static enum ndr_err_code ndr_push_lsa_DomainInfoEfs(struct ndr_push *ndr, int nd + static enum ndr_err_code ndr_pull_lsa_DomainInfoEfs(struct ndr_pull *ndr, int ndr_flags, struct lsa_DomainInfoEfs *r) + { + uint32_t _ptr_efs_blob; ++ uint32_t size_efs_blob_1 = 0; + TALLOC_CTX *_mem_save_efs_blob_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -3693,8 +3746,9 @@ static enum ndr_err_code ndr_pull_lsa_DomainInfoEfs(struct ndr_pull *ndr, int nd + _mem_save_efs_blob_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->efs_blob, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->efs_blob)); +- NDR_PULL_ALLOC_N(ndr, r->efs_blob, ndr_get_array_size(ndr, &r->efs_blob)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->efs_blob, ndr_get_array_size(ndr, &r->efs_blob))); ++ size_efs_blob_1 = ndr_get_array_size(ndr, &r->efs_blob); ++ NDR_PULL_ALLOC_N(ndr, r->efs_blob, size_efs_blob_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->efs_blob, size_efs_blob_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_efs_blob_0, 0); + } + if (r->efs_blob) { +@@ -3877,6 +3931,7 @@ static enum ndr_err_code ndr_push_lsa_TransNameArray2(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_lsa_TransNameArray2(struct ndr_pull *ndr, int ndr_flags, struct lsa_TransNameArray2 *r) + { + uint32_t _ptr_names; ++ uint32_t size_names_1 = 0; + uint32_t cntr_names_1; + TALLOC_CTX *_mem_save_names_0; + TALLOC_CTX *_mem_save_names_1; +@@ -3898,13 +3953,14 @@ static enum ndr_err_code ndr_pull_lsa_TransNameArray2(struct ndr_pull *ndr, int + _mem_save_names_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->names, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->names)); +- NDR_PULL_ALLOC_N(ndr, r->names, ndr_get_array_size(ndr, &r->names)); ++ size_names_1 = ndr_get_array_size(ndr, &r->names); ++ NDR_PULL_ALLOC_N(ndr, r->names, size_names_1); + _mem_save_names_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->names, 0); +- for (cntr_names_1 = 0; cntr_names_1 < r->count; cntr_names_1++) { ++ for (cntr_names_1 = 0; cntr_names_1 < size_names_1; cntr_names_1++) { + NDR_CHECK(ndr_pull_lsa_TranslatedName2(ndr, NDR_SCALARS, &r->names[cntr_names_1])); + } +- for (cntr_names_1 = 0; cntr_names_1 < r->count; cntr_names_1++) { ++ for (cntr_names_1 = 0; cntr_names_1 < size_names_1; cntr_names_1++) { + NDR_CHECK(ndr_pull_lsa_TranslatedName2(ndr, NDR_BUFFERS, &r->names[cntr_names_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_names_1, 0); +@@ -4002,6 +4058,7 @@ static enum ndr_err_code ndr_push_lsa_TransSidArray2(struct ndr_push *ndr, int n + static enum ndr_err_code ndr_pull_lsa_TransSidArray2(struct ndr_pull *ndr, int ndr_flags, struct lsa_TransSidArray2 *r) + { + uint32_t _ptr_sids; ++ uint32_t size_sids_1 = 0; + uint32_t cntr_sids_1; + TALLOC_CTX *_mem_save_sids_0; + TALLOC_CTX *_mem_save_sids_1; +@@ -4023,10 +4080,11 @@ static enum ndr_err_code ndr_pull_lsa_TransSidArray2(struct ndr_pull *ndr, int n + _mem_save_sids_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sids, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->sids)); +- NDR_PULL_ALLOC_N(ndr, r->sids, ndr_get_array_size(ndr, &r->sids)); ++ size_sids_1 = ndr_get_array_size(ndr, &r->sids); ++ NDR_PULL_ALLOC_N(ndr, r->sids, size_sids_1); + _mem_save_sids_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sids, 0); +- for (cntr_sids_1 = 0; cntr_sids_1 < r->count; cntr_sids_1++) { ++ for (cntr_sids_1 = 0; cntr_sids_1 < size_sids_1; cntr_sids_1++) { + NDR_CHECK(ndr_pull_lsa_TranslatedSid2(ndr, NDR_SCALARS, &r->sids[cntr_sids_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sids_1, 0); +@@ -4148,6 +4206,7 @@ static enum ndr_err_code ndr_push_lsa_TransSidArray3(struct ndr_push *ndr, int n + static enum ndr_err_code ndr_pull_lsa_TransSidArray3(struct ndr_pull *ndr, int ndr_flags, struct lsa_TransSidArray3 *r) + { + uint32_t _ptr_sids; ++ uint32_t size_sids_1 = 0; + uint32_t cntr_sids_1; + TALLOC_CTX *_mem_save_sids_0; + TALLOC_CTX *_mem_save_sids_1; +@@ -4169,13 +4228,14 @@ static enum ndr_err_code ndr_pull_lsa_TransSidArray3(struct ndr_pull *ndr, int n + _mem_save_sids_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sids, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->sids)); +- NDR_PULL_ALLOC_N(ndr, r->sids, ndr_get_array_size(ndr, &r->sids)); ++ size_sids_1 = ndr_get_array_size(ndr, &r->sids); ++ NDR_PULL_ALLOC_N(ndr, r->sids, size_sids_1); + _mem_save_sids_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sids, 0); +- for (cntr_sids_1 = 0; cntr_sids_1 < r->count; cntr_sids_1++) { ++ for (cntr_sids_1 = 0; cntr_sids_1 < size_sids_1; cntr_sids_1++) { + NDR_CHECK(ndr_pull_lsa_TranslatedSid3(ndr, NDR_SCALARS, &r->sids[cntr_sids_1])); + } +- for (cntr_sids_1 = 0; cntr_sids_1 < r->count; cntr_sids_1++) { ++ for (cntr_sids_1 = 0; cntr_sids_1 < size_sids_1; cntr_sids_1++) { + NDR_CHECK(ndr_pull_lsa_TranslatedSid3(ndr, NDR_BUFFERS, &r->sids[cntr_sids_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sids_1, 0); +@@ -4231,6 +4291,7 @@ static enum ndr_err_code ndr_push_lsa_ForestTrustBinaryData(struct ndr_push *ndr + static enum ndr_err_code ndr_pull_lsa_ForestTrustBinaryData(struct ndr_pull *ndr, int ndr_flags, struct lsa_ForestTrustBinaryData *r) + { + uint32_t _ptr_data; ++ uint32_t size_data_1 = 0; + TALLOC_CTX *_mem_save_data_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -4250,8 +4311,9 @@ static enum ndr_err_code ndr_pull_lsa_ForestTrustBinaryData(struct ndr_pull *ndr + _mem_save_data_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->data, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->data)); +- NDR_PULL_ALLOC_N(ndr, r->data, ndr_get_array_size(ndr, &r->data)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, ndr_get_array_size(ndr, &r->data))); ++ size_data_1 = ndr_get_array_size(ndr, &r->data); ++ NDR_PULL_ALLOC_N(ndr, r->data, size_data_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, size_data_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_data_0, 0); + } + if (r->data) { +@@ -4559,6 +4621,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_lsa_ForestTrustInformation(struct ndr_push * + _PUBLIC_ enum ndr_err_code ndr_pull_lsa_ForestTrustInformation(struct ndr_pull *ndr, int ndr_flags, struct lsa_ForestTrustInformation *r) + { + uint32_t _ptr_entries; ++ uint32_t size_entries_1 = 0; + uint32_t cntr_entries_1; + TALLOC_CTX *_mem_save_entries_0; + TALLOC_CTX *_mem_save_entries_1; +@@ -4581,10 +4644,11 @@ _PUBLIC_ enum ndr_err_code ndr_pull_lsa_ForestTrustInformation(struct ndr_pull * + _mem_save_entries_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->entries, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->entries)); +- NDR_PULL_ALLOC_N(ndr, r->entries, ndr_get_array_size(ndr, &r->entries)); ++ size_entries_1 = ndr_get_array_size(ndr, &r->entries); ++ NDR_PULL_ALLOC_N(ndr, r->entries, size_entries_1); + _mem_save_entries_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->entries, 0); +- for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { ++ for (cntr_entries_1 = 0; cntr_entries_1 < size_entries_1; cntr_entries_1++) { + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_entries)); + if (_ptr_entries) { + NDR_PULL_ALLOC(ndr, r->entries[cntr_entries_1]); +@@ -4592,7 +4656,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_lsa_ForestTrustInformation(struct ndr_pull * + r->entries[cntr_entries_1] = NULL; + } + } +- for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { ++ for (cntr_entries_1 = 0; cntr_entries_1 < size_entries_1; cntr_entries_1++) { + if (r->entries[cntr_entries_1]) { + _mem_save_entries_2 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->entries[cntr_entries_1], 0); +@@ -5901,6 +5965,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_lsa_LookupNames(struct ndr_push *ndr, int fl + + _PUBLIC_ enum ndr_err_code ndr_pull_lsa_LookupNames(struct ndr_pull *ndr, int flags, struct lsa_LookupNames *r) + { ++ uint32_t size_names_0 = 0; + uint32_t cntr_names_0; + uint32_t _ptr_domains; + TALLOC_CTX *_mem_save_handle_0; +@@ -5924,13 +5989,14 @@ _PUBLIC_ enum ndr_err_code ndr_pull_lsa_LookupNames(struct ndr_pull *ndr, int fl + return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.names)); +- NDR_PULL_ALLOC_N(ndr, r->in.names, ndr_get_array_size(ndr, &r->in.names)); ++ size_names_0 = ndr_get_array_size(ndr, &r->in.names); ++ NDR_PULL_ALLOC_N(ndr, r->in.names, size_names_0); + _mem_save_names_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.names, 0); +- for (cntr_names_0 = 0; cntr_names_0 < r->in.num_names; cntr_names_0++) { ++ for (cntr_names_0 = 0; cntr_names_0 < size_names_0; cntr_names_0++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->in.names[cntr_names_0])); + } +- for (cntr_names_0 = 0; cntr_names_0 < r->in.num_names; cntr_names_0++) { ++ for (cntr_names_0 = 0; cntr_names_0 < size_names_0; cntr_names_0++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->in.names[cntr_names_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_names_0, 0); +@@ -8709,6 +8775,8 @@ _PUBLIC_ enum ndr_err_code ndr_push_lsa_OpenPolicy2(struct ndr_push *ndr, int fl + _PUBLIC_ enum ndr_err_code ndr_pull_lsa_OpenPolicy2(struct ndr_pull *ndr, int flags, struct lsa_OpenPolicy2 *r) + { + uint32_t _ptr_system_name; ++ uint32_t size_system_name_1 = 0; ++ uint32_t length_system_name_1 = 0; + TALLOC_CTX *_mem_save_system_name_0; + TALLOC_CTX *_mem_save_attr_0; + TALLOC_CTX *_mem_save_handle_0; +@@ -8726,11 +8794,13 @@ _PUBLIC_ enum ndr_err_code ndr_pull_lsa_OpenPolicy2(struct ndr_pull *ndr, int fl + NDR_PULL_SET_MEM_CTX(ndr, r->in.system_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.system_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.system_name)); +- if (ndr_get_array_length(ndr, &r->in.system_name) > ndr_get_array_size(ndr, &r->in.system_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.system_name), ndr_get_array_length(ndr, &r->in.system_name)); ++ size_system_name_1 = ndr_get_array_size(ndr, &r->in.system_name); ++ length_system_name_1 = ndr_get_array_length(ndr, &r->in.system_name); ++ if (length_system_name_1 > size_system_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_system_name_1, length_system_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.system_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.system_name, ndr_get_array_length(ndr, &r->in.system_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_system_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.system_name, length_system_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_system_name_0, 0); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -8841,6 +8911,8 @@ static enum ndr_err_code ndr_push_lsa_GetUserName(struct ndr_push *ndr, int flag + static enum ndr_err_code ndr_pull_lsa_GetUserName(struct ndr_pull *ndr, int flags, struct lsa_GetUserName *r) + { + uint32_t _ptr_system_name; ++ uint32_t size_system_name_1 = 0; ++ uint32_t length_system_name_1 = 0; + uint32_t _ptr_account_name; + uint32_t _ptr_authority_name; + TALLOC_CTX *_mem_save_system_name_0; +@@ -8862,11 +8934,13 @@ static enum ndr_err_code ndr_pull_lsa_GetUserName(struct ndr_pull *ndr, int flag + NDR_PULL_SET_MEM_CTX(ndr, r->in.system_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.system_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.system_name)); +- if (ndr_get_array_length(ndr, &r->in.system_name) > ndr_get_array_size(ndr, &r->in.system_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.system_name), ndr_get_array_length(ndr, &r->in.system_name)); ++ size_system_name_1 = ndr_get_array_size(ndr, &r->in.system_name); ++ length_system_name_1 = ndr_get_array_length(ndr, &r->in.system_name); ++ if (length_system_name_1 > size_system_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_system_name_1, length_system_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.system_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.system_name, ndr_get_array_length(ndr, &r->in.system_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_system_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.system_name, length_system_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_system_name_0, 0); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -10205,6 +10279,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_lsa_LookupNames2(struct ndr_push *ndr, int f + + _PUBLIC_ enum ndr_err_code ndr_pull_lsa_LookupNames2(struct ndr_pull *ndr, int flags, struct lsa_LookupNames2 *r) + { ++ uint32_t size_names_0 = 0; + uint32_t cntr_names_0; + uint32_t _ptr_domains; + TALLOC_CTX *_mem_save_handle_0; +@@ -10228,13 +10303,14 @@ _PUBLIC_ enum ndr_err_code ndr_pull_lsa_LookupNames2(struct ndr_pull *ndr, int f + return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.names)); +- NDR_PULL_ALLOC_N(ndr, r->in.names, ndr_get_array_size(ndr, &r->in.names)); ++ size_names_0 = ndr_get_array_size(ndr, &r->in.names); ++ NDR_PULL_ALLOC_N(ndr, r->in.names, size_names_0); + _mem_save_names_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.names, 0); +- for (cntr_names_0 = 0; cntr_names_0 < r->in.num_names; cntr_names_0++) { ++ for (cntr_names_0 = 0; cntr_names_0 < size_names_0; cntr_names_0++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->in.names[cntr_names_0])); + } +- for (cntr_names_0 = 0; cntr_names_0 < r->in.num_names; cntr_names_0++) { ++ for (cntr_names_0 = 0; cntr_names_0 < size_names_0; cntr_names_0++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->in.names[cntr_names_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_names_0, 0); +@@ -10788,6 +10864,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_lsa_LookupNames3(struct ndr_push *ndr, int f + + _PUBLIC_ enum ndr_err_code ndr_pull_lsa_LookupNames3(struct ndr_pull *ndr, int flags, struct lsa_LookupNames3 *r) + { ++ uint32_t size_names_0 = 0; + uint32_t cntr_names_0; + uint32_t _ptr_domains; + TALLOC_CTX *_mem_save_handle_0; +@@ -10811,13 +10888,14 @@ _PUBLIC_ enum ndr_err_code ndr_pull_lsa_LookupNames3(struct ndr_pull *ndr, int f + return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.names)); +- NDR_PULL_ALLOC_N(ndr, r->in.names, ndr_get_array_size(ndr, &r->in.names)); ++ size_names_0 = ndr_get_array_size(ndr, &r->in.names); ++ NDR_PULL_ALLOC_N(ndr, r->in.names, size_names_0); + _mem_save_names_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.names, 0); +- for (cntr_names_0 = 0; cntr_names_0 < r->in.num_names; cntr_names_0++) { ++ for (cntr_names_0 = 0; cntr_names_0 < size_names_0; cntr_names_0++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->in.names[cntr_names_0])); + } +- for (cntr_names_0 = 0; cntr_names_0 < r->in.num_names; cntr_names_0++) { ++ for (cntr_names_0 = 0; cntr_names_0 < size_names_0; cntr_names_0++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->in.names[cntr_names_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_names_0, 0); +@@ -11534,6 +11612,7 @@ static enum ndr_err_code ndr_push_lsa_LookupNames4(struct ndr_push *ndr, int fla + + static enum ndr_err_code ndr_pull_lsa_LookupNames4(struct ndr_pull *ndr, int flags, struct lsa_LookupNames4 *r) + { ++ uint32_t size_names_0 = 0; + uint32_t cntr_names_0; + uint32_t _ptr_domains; + TALLOC_CTX *_mem_save_names_0; +@@ -11549,13 +11628,14 @@ static enum ndr_err_code ndr_pull_lsa_LookupNames4(struct ndr_pull *ndr, int fla + return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.names)); +- NDR_PULL_ALLOC_N(ndr, r->in.names, ndr_get_array_size(ndr, &r->in.names)); ++ size_names_0 = ndr_get_array_size(ndr, &r->in.names); ++ NDR_PULL_ALLOC_N(ndr, r->in.names, size_names_0); + _mem_save_names_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.names, 0); +- for (cntr_names_0 = 0; cntr_names_0 < r->in.num_names; cntr_names_0++) { ++ for (cntr_names_0 = 0; cntr_names_0 < size_names_0; cntr_names_0++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->in.names[cntr_names_0])); + } +- for (cntr_names_0 = 0; cntr_names_0 < r->in.num_names; cntr_names_0++) { ++ for (cntr_names_0 = 0; cntr_names_0 < size_names_0; cntr_names_0++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->in.names[cntr_names_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_names_0, 0); +diff --git a/source/librpc/gen_ndr/ndr_messaging.c b/source/librpc/gen_ndr/ndr_messaging.c +index 6251c18..f9f4b6b 100644 +--- a/source/librpc/gen_ndr/ndr_messaging.c ++++ b/source/librpc/gen_ndr/ndr_messaging.c +@@ -69,23 +69,26 @@ _PUBLIC_ enum ndr_err_code ndr_push_messaging_array(struct ndr_push *ndr, int nd + + _PUBLIC_ enum ndr_err_code ndr_pull_messaging_array(struct ndr_pull *ndr, int ndr_flags, struct messaging_array *r) + { ++ uint32_t size_messages_0 = 0; + uint32_t cntr_messages_0; + TALLOC_CTX *_mem_save_messages_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->num_messages)); +- NDR_PULL_ALLOC_N(ndr, r->messages, r->num_messages); ++ size_messages_0 = r->num_messages; ++ NDR_PULL_ALLOC_N(ndr, r->messages, size_messages_0); + _mem_save_messages_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->messages, 0); +- for (cntr_messages_0 = 0; cntr_messages_0 < r->num_messages; cntr_messages_0++) { ++ for (cntr_messages_0 = 0; cntr_messages_0 < size_messages_0; cntr_messages_0++) { + NDR_CHECK(ndr_pull_messaging_rec(ndr, NDR_SCALARS, &r->messages[cntr_messages_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_messages_0, 0); + } + if (ndr_flags & NDR_BUFFERS) { ++ size_messages_0 = r->num_messages; + _mem_save_messages_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->messages, 0); +- for (cntr_messages_0 = 0; cntr_messages_0 < r->num_messages; cntr_messages_0++) { ++ for (cntr_messages_0 = 0; cntr_messages_0 < size_messages_0; cntr_messages_0++) { + NDR_CHECK(ndr_pull_messaging_rec(ndr, NDR_BUFFERS, &r->messages[cntr_messages_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_messages_0, 0); +@@ -138,27 +141,35 @@ _PUBLIC_ enum ndr_err_code ndr_push_dbwrap_tdb2_changes(struct ndr_push *ndr, in + + _PUBLIC_ enum ndr_err_code ndr_pull_dbwrap_tdb2_changes(struct ndr_pull *ndr, int ndr_flags, struct dbwrap_tdb2_changes *r) + { ++ uint32_t size_magic_string_0 = 0; ++ uint32_t size_name_0 = 0; ++ uint32_t length_name_0 = 0; ++ uint32_t size_keys_0 = 0; + uint32_t cntr_keys_0; + TALLOC_CTX *_mem_save_keys_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->magic_string, 4, sizeof(uint8_t), CH_DOS)); ++ size_magic_string_0 = 4; ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->magic_string, size_magic_string_0, sizeof(uint8_t), CH_DOS)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->magic_version)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->name)); +- if (ndr_get_array_length(ndr, &r->name) > ndr_get_array_size(ndr, &r->name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->name), ndr_get_array_length(ndr, &r->name)); ++ size_name_0 = ndr_get_array_size(ndr, &r->name); ++ length_name_0 = ndr_get_array_length(ndr, &r->name); ++ if (length_name_0 > size_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_0, length_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->name), sizeof(uint8_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, ndr_get_array_length(ndr, &r->name), sizeof(uint8_t), CH_UTF8)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name_0, sizeof(uint8_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, length_name_0, sizeof(uint8_t), CH_UTF8)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->old_seqnum)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->new_seqnum)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->num_changes)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->num_keys)); +- NDR_PULL_ALLOC_N(ndr, r->keys, r->num_keys); ++ size_keys_0 = r->num_keys; ++ NDR_PULL_ALLOC_N(ndr, r->keys, size_keys_0); + _mem_save_keys_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->keys, 0); +- for (cntr_keys_0 = 0; cntr_keys_0 < r->num_keys; cntr_keys_0++) { ++ for (cntr_keys_0 = 0; cntr_keys_0 < size_keys_0; cntr_keys_0++) { + NDR_CHECK(ndr_pull_DATA_BLOB(ndr, NDR_SCALARS, &r->keys[cntr_keys_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_keys_0, 0); +diff --git a/source/librpc/gen_ndr/ndr_misc.c b/source/librpc/gen_ndr/ndr_misc.c +index 56105d4..12da791 100644 +--- a/source/librpc/gen_ndr/ndr_misc.c ++++ b/source/librpc/gen_ndr/ndr_misc.c +@@ -20,13 +20,17 @@ _PUBLIC_ enum ndr_err_code ndr_push_GUID(struct ndr_push *ndr, int ndr_flags, co + + _PUBLIC_ enum ndr_err_code ndr_pull_GUID(struct ndr_pull *ndr, int ndr_flags, struct GUID *r) + { ++ uint32_t size_clock_seq_0 = 0; ++ uint32_t size_node_0 = 0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->time_low)); + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->time_mid)); + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->time_hi_and_version)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->clock_seq, 2)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->node, 6)); ++ size_clock_seq_0 = 2; ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->clock_seq, size_clock_seq_0)); ++ size_node_0 = 6; ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->node, size_node_0)); + } + if (ndr_flags & NDR_BUFFERS) { + } +diff --git a/source/librpc/gen_ndr/ndr_netlogon.c b/source/librpc/gen_ndr/ndr_netlogon.c +index e7df081..4d6148f 100644 +--- a/source/librpc/gen_ndr/ndr_netlogon.c ++++ b/source/librpc/gen_ndr/ndr_netlogon.c +@@ -60,12 +60,20 @@ static enum ndr_err_code ndr_push_netr_UasInfo(struct ndr_push *ndr, int ndr_fla + static enum ndr_err_code ndr_pull_netr_UasInfo(struct ndr_pull *ndr, int ndr_flags, struct netr_UasInfo *r) + { + uint32_t _ptr_account_name; ++ uint32_t size_account_name_1 = 0; ++ uint32_t length_account_name_1 = 0; + TALLOC_CTX *_mem_save_account_name_0; + uint32_t _ptr_computer; ++ uint32_t size_computer_1 = 0; ++ uint32_t length_computer_1 = 0; + TALLOC_CTX *_mem_save_computer_0; + uint32_t _ptr_domain; ++ uint32_t size_domain_1 = 0; ++ uint32_t length_domain_1 = 0; + TALLOC_CTX *_mem_save_domain_0; + uint32_t _ptr_script_path; ++ uint32_t size_script_path_1 = 0; ++ uint32_t length_script_path_1 = 0; + TALLOC_CTX *_mem_save_script_path_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -112,11 +120,13 @@ static enum ndr_err_code ndr_pull_netr_UasInfo(struct ndr_pull *ndr, int ndr_fla + NDR_PULL_SET_MEM_CTX(ndr, r->account_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->account_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->account_name)); +- if (ndr_get_array_length(ndr, &r->account_name) > ndr_get_array_size(ndr, &r->account_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->account_name), ndr_get_array_length(ndr, &r->account_name)); ++ size_account_name_1 = ndr_get_array_size(ndr, &r->account_name); ++ length_account_name_1 = ndr_get_array_length(ndr, &r->account_name); ++ if (length_account_name_1 > size_account_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_account_name_1, length_account_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->account_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->account_name, ndr_get_array_length(ndr, &r->account_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_account_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->account_name, length_account_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_account_name_0, 0); + } + if (r->computer) { +@@ -124,11 +134,13 @@ static enum ndr_err_code ndr_pull_netr_UasInfo(struct ndr_pull *ndr, int ndr_fla + NDR_PULL_SET_MEM_CTX(ndr, r->computer, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->computer)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->computer)); +- if (ndr_get_array_length(ndr, &r->computer) > ndr_get_array_size(ndr, &r->computer)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->computer), ndr_get_array_length(ndr, &r->computer)); ++ size_computer_1 = ndr_get_array_size(ndr, &r->computer); ++ length_computer_1 = ndr_get_array_length(ndr, &r->computer); ++ if (length_computer_1 > size_computer_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computer_1, length_computer_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->computer), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->computer, ndr_get_array_length(ndr, &r->computer), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computer_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->computer, length_computer_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_computer_0, 0); + } + if (r->domain) { +@@ -136,11 +148,13 @@ static enum ndr_err_code ndr_pull_netr_UasInfo(struct ndr_pull *ndr, int ndr_fla + NDR_PULL_SET_MEM_CTX(ndr, r->domain, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->domain)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->domain)); +- if (ndr_get_array_length(ndr, &r->domain) > ndr_get_array_size(ndr, &r->domain)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->domain), ndr_get_array_length(ndr, &r->domain)); ++ size_domain_1 = ndr_get_array_size(ndr, &r->domain); ++ length_domain_1 = ndr_get_array_length(ndr, &r->domain); ++ if (length_domain_1 > size_domain_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_1, length_domain_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, length_domain_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_0, 0); + } + if (r->script_path) { +@@ -148,11 +162,13 @@ static enum ndr_err_code ndr_pull_netr_UasInfo(struct ndr_pull *ndr, int ndr_fla + NDR_PULL_SET_MEM_CTX(ndr, r->script_path, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->script_path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->script_path)); +- if (ndr_get_array_length(ndr, &r->script_path) > ndr_get_array_size(ndr, &r->script_path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->script_path), ndr_get_array_length(ndr, &r->script_path)); ++ size_script_path_1 = ndr_get_array_size(ndr, &r->script_path); ++ length_script_path_1 = ndr_get_array_length(ndr, &r->script_path); ++ if (length_script_path_1 > size_script_path_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_script_path_1, length_script_path_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->script_path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->script_path, ndr_get_array_length(ndr, &r->script_path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_script_path_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->script_path, length_script_path_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_script_path_0, 0); + } + } +@@ -421,6 +437,8 @@ static enum ndr_err_code ndr_push_netr_ChallengeResponse(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_netr_ChallengeResponse(struct ndr_pull *ndr, int ndr_flags, struct netr_ChallengeResponse *r) + { + uint32_t _ptr_data; ++ uint32_t size_data_1 = 0; ++ uint32_t length_data_1 = 0; + TALLOC_CTX *_mem_save_data_0; + { + uint32_t _flags_save_STRUCT = ndr->flags; +@@ -442,11 +460,13 @@ static enum ndr_err_code ndr_pull_netr_ChallengeResponse(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->data, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->data)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->data)); +- if (ndr_get_array_length(ndr, &r->data) > ndr_get_array_size(ndr, &r->data)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->data), ndr_get_array_length(ndr, &r->data)); ++ size_data_1 = ndr_get_array_size(ndr, &r->data); ++ length_data_1 = ndr_get_array_length(ndr, &r->data); ++ if (length_data_1 > size_data_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_data_1, length_data_1); + } +- NDR_PULL_ALLOC_N(ndr, r->data, ndr_get_array_size(ndr, &r->data)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, ndr_get_array_length(ndr, &r->data))); ++ NDR_PULL_ALLOC_N(ndr, r->data, size_data_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, length_data_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_data_0, 0); + } + if (r->data) { +@@ -505,13 +525,15 @@ static enum ndr_err_code ndr_push_netr_NetworkInfo(struct ndr_push *ndr, int ndr + + static enum ndr_err_code ndr_pull_netr_NetworkInfo(struct ndr_pull *ndr, int ndr_flags, struct netr_NetworkInfo *r) + { ++ uint32_t size_challenge_0 = 0; + { + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_netr_IdentityInfo(ndr, NDR_SCALARS, &r->identity_info)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->challenge, 8)); ++ size_challenge_0 = 8; ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->challenge, size_challenge_0)); + NDR_CHECK(ndr_pull_netr_ChallengeResponse(ndr, NDR_SCALARS, &r->nt)); + NDR_CHECK(ndr_pull_netr_ChallengeResponse(ndr, NDR_SCALARS, &r->lm)); + } +@@ -616,7 +638,9 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netr_LogonInfo(struct ndr_pull *ndr, int ndr + int level; + uint16_t _level; + TALLOC_CTX *_mem_save_password_0; ++ uint32_t _ptr_password; + TALLOC_CTX *_mem_save_network_0; ++ uint32_t _ptr_network; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &_level)); +@@ -625,7 +649,6 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netr_LogonInfo(struct ndr_pull *ndr, int ndr + } + switch (level) { + case 1: { +- uint32_t _ptr_password; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_password)); + if (_ptr_password) { + NDR_PULL_ALLOC(ndr, r->password); +@@ -635,7 +658,6 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netr_LogonInfo(struct ndr_pull *ndr, int ndr + break; } + + case 2: { +- uint32_t _ptr_network; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_network)); + if (_ptr_network) { + NDR_PULL_ALLOC(ndr, r->network); +@@ -645,7 +667,6 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netr_LogonInfo(struct ndr_pull *ndr, int ndr + break; } + + case 3: { +- uint32_t _ptr_password; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_password)); + if (_ptr_password) { + NDR_PULL_ALLOC(ndr, r->password); +@@ -655,7 +676,6 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netr_LogonInfo(struct ndr_pull *ndr, int ndr + break; } + + case 5: { +- uint32_t _ptr_password; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_password)); + if (_ptr_password) { + NDR_PULL_ALLOC(ndr, r->password); +@@ -665,7 +685,6 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netr_LogonInfo(struct ndr_pull *ndr, int ndr + break; } + + case 6: { +- uint32_t _ptr_network; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_network)); + if (_ptr_network) { + NDR_PULL_ALLOC(ndr, r->network); +@@ -806,12 +825,14 @@ _PUBLIC_ enum ndr_err_code ndr_push_netr_UserSessionKey(struct ndr_push *ndr, in + + _PUBLIC_ enum ndr_err_code ndr_pull_netr_UserSessionKey(struct ndr_pull *ndr, int ndr_flags, struct netr_UserSessionKey *r) + { ++ uint32_t size_key_0 = 0; + { + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 1)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->key, 16)); ++ size_key_0 = 16; ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->key, size_key_0)); + } + if (ndr_flags & NDR_BUFFERS) { + } +@@ -851,12 +872,14 @@ _PUBLIC_ enum ndr_err_code ndr_push_netr_LMSessionKey(struct ndr_push *ndr, int + + _PUBLIC_ enum ndr_err_code ndr_pull_netr_LMSessionKey(struct ndr_pull *ndr, int ndr_flags, struct netr_LMSessionKey *r) + { ++ uint32_t size_key_0 = 0; + { + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 1)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->key, 8)); ++ size_key_0 = 8; ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->key, size_key_0)); + } + if (ndr_flags & NDR_BUFFERS) { + } +@@ -964,6 +987,7 @@ static enum ndr_err_code ndr_pull_netr_SamBaseInfo(struct ndr_pull *ndr, int ndr + { + uint32_t _ptr_domain_sid; + TALLOC_CTX *_mem_save_domain_sid_0; ++ uint32_t size_unknown_0 = 0; + uint32_t cntr_unknown_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -996,7 +1020,8 @@ static enum ndr_err_code ndr_pull_netr_SamBaseInfo(struct ndr_pull *ndr, int ndr + } + NDR_CHECK(ndr_pull_netr_LMSessionKey(ndr, NDR_SCALARS, &r->LMSessKey)); + NDR_CHECK(ndr_pull_samr_AcctFlags(ndr, NDR_SCALARS, &r->acct_flags)); +- for (cntr_unknown_0 = 0; cntr_unknown_0 < 7; cntr_unknown_0++) { ++ size_unknown_0 = 7; ++ for (cntr_unknown_0 = 0; cntr_unknown_0 < size_unknown_0; cntr_unknown_0++) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown[cntr_unknown_0])); + } + } +@@ -1180,6 +1205,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_netr_SamInfo3(struct ndr_push *ndr, int ndr_ + _PUBLIC_ enum ndr_err_code ndr_pull_netr_SamInfo3(struct ndr_pull *ndr, int ndr_flags, struct netr_SamInfo3 *r) + { + uint32_t _ptr_sids; ++ uint32_t size_sids_1 = 0; + uint32_t cntr_sids_1; + TALLOC_CTX *_mem_save_sids_0; + TALLOC_CTX *_mem_save_sids_1; +@@ -1200,13 +1226,14 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netr_SamInfo3(struct ndr_pull *ndr, int ndr_ + _mem_save_sids_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sids, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->sids)); +- NDR_PULL_ALLOC_N(ndr, r->sids, ndr_get_array_size(ndr, &r->sids)); ++ size_sids_1 = ndr_get_array_size(ndr, &r->sids); ++ NDR_PULL_ALLOC_N(ndr, r->sids, size_sids_1); + _mem_save_sids_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sids, 0); +- for (cntr_sids_1 = 0; cntr_sids_1 < r->sidcount; cntr_sids_1++) { ++ for (cntr_sids_1 = 0; cntr_sids_1 < size_sids_1; cntr_sids_1++) { + NDR_CHECK(ndr_pull_netr_SidAttr(ndr, NDR_SCALARS, &r->sids[cntr_sids_1])); + } +- for (cntr_sids_1 = 0; cntr_sids_1 < r->sidcount; cntr_sids_1++) { ++ for (cntr_sids_1 = 0; cntr_sids_1 < size_sids_1; cntr_sids_1++) { + NDR_CHECK(ndr_pull_netr_SidAttr(ndr, NDR_BUFFERS, &r->sids[cntr_sids_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sids_1, 0); +@@ -1279,9 +1306,11 @@ static enum ndr_err_code ndr_push_netr_SamInfo6(struct ndr_push *ndr, int ndr_fl + static enum ndr_err_code ndr_pull_netr_SamInfo6(struct ndr_pull *ndr, int ndr_flags, struct netr_SamInfo6 *r) + { + uint32_t _ptr_sids; ++ uint32_t size_sids_1 = 0; + uint32_t cntr_sids_1; + TALLOC_CTX *_mem_save_sids_0; + TALLOC_CTX *_mem_save_sids_1; ++ uint32_t size_unknown4_0 = 0; + uint32_t cntr_unknown4_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -1295,7 +1324,8 @@ static enum ndr_err_code ndr_pull_netr_SamInfo6(struct ndr_pull *ndr, int ndr_fl + } + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->forest)); + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->principle)); +- for (cntr_unknown4_0 = 0; cntr_unknown4_0 < 20; cntr_unknown4_0++) { ++ size_unknown4_0 = 20; ++ for (cntr_unknown4_0 = 0; cntr_unknown4_0 < size_unknown4_0; cntr_unknown4_0++) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown4[cntr_unknown4_0])); + } + } +@@ -1305,13 +1335,14 @@ static enum ndr_err_code ndr_pull_netr_SamInfo6(struct ndr_pull *ndr, int ndr_fl + _mem_save_sids_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sids, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->sids)); +- NDR_PULL_ALLOC_N(ndr, r->sids, ndr_get_array_size(ndr, &r->sids)); ++ size_sids_1 = ndr_get_array_size(ndr, &r->sids); ++ NDR_PULL_ALLOC_N(ndr, r->sids, size_sids_1); + _mem_save_sids_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sids, 0); +- for (cntr_sids_1 = 0; cntr_sids_1 < r->sidcount; cntr_sids_1++) { ++ for (cntr_sids_1 = 0; cntr_sids_1 < size_sids_1; cntr_sids_1++) { + NDR_CHECK(ndr_pull_netr_SidAttr(ndr, NDR_SCALARS, &r->sids[cntr_sids_1])); + } +- for (cntr_sids_1 = 0; cntr_sids_1 < r->sidcount; cntr_sids_1++) { ++ for (cntr_sids_1 = 0; cntr_sids_1 < size_sids_1; cntr_sids_1++) { + NDR_CHECK(ndr_pull_netr_SidAttr(ndr, NDR_BUFFERS, &r->sids[cntr_sids_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sids_1, 0); +@@ -1408,9 +1439,12 @@ static enum ndr_err_code ndr_push_netr_PacInfo(struct ndr_push *ndr, int ndr_fla + static enum ndr_err_code ndr_pull_netr_PacInfo(struct ndr_pull *ndr, int ndr_flags, struct netr_PacInfo *r) + { + uint32_t _ptr_pac; ++ uint32_t size_pac_1 = 0; + TALLOC_CTX *_mem_save_pac_0; + uint32_t _ptr_auth; ++ uint32_t size_auth_1 = 0; + TALLOC_CTX *_mem_save_auth_0; ++ uint32_t size_expansionroom_0 = 0; + uint32_t cntr_expansionroom_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -1432,7 +1466,8 @@ static enum ndr_err_code ndr_pull_netr_PacInfo(struct ndr_pull *ndr, int ndr_fla + r->auth = NULL; + } + NDR_CHECK(ndr_pull_netr_UserSessionKey(ndr, NDR_SCALARS, &r->user_session_key)); +- for (cntr_expansionroom_0 = 0; cntr_expansionroom_0 < 10; cntr_expansionroom_0++) { ++ size_expansionroom_0 = 10; ++ for (cntr_expansionroom_0 = 0; cntr_expansionroom_0 < size_expansionroom_0; cntr_expansionroom_0++) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->expansionroom[cntr_expansionroom_0])); + } + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->unknown1)); +@@ -1445,8 +1480,9 @@ static enum ndr_err_code ndr_pull_netr_PacInfo(struct ndr_pull *ndr, int ndr_fla + _mem_save_pac_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->pac, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->pac)); +- NDR_PULL_ALLOC_N(ndr, r->pac, ndr_get_array_size(ndr, &r->pac)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->pac, ndr_get_array_size(ndr, &r->pac))); ++ size_pac_1 = ndr_get_array_size(ndr, &r->pac); ++ NDR_PULL_ALLOC_N(ndr, r->pac, size_pac_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->pac, size_pac_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_pac_0, 0); + } + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->logon_domain)); +@@ -1456,8 +1492,9 @@ static enum ndr_err_code ndr_pull_netr_PacInfo(struct ndr_pull *ndr, int ndr_fla + _mem_save_auth_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->auth, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->auth)); +- NDR_PULL_ALLOC_N(ndr, r->auth, ndr_get_array_size(ndr, &r->auth)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->auth, ndr_get_array_size(ndr, &r->auth))); ++ size_auth_1 = ndr_get_array_size(ndr, &r->auth); ++ NDR_PULL_ALLOC_N(ndr, r->auth, size_auth_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->auth, size_auth_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_auth_0, 0); + } + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->unknown1)); +@@ -1589,9 +1626,13 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netr_Validation(struct ndr_pull *ndr, int nd + int level; + uint16_t _level; + TALLOC_CTX *_mem_save_sam2_0; ++ uint32_t _ptr_sam2; + TALLOC_CTX *_mem_save_sam3_0; ++ uint32_t _ptr_sam3; + TALLOC_CTX *_mem_save_pac_0; ++ uint32_t _ptr_pac; + TALLOC_CTX *_mem_save_sam6_0; ++ uint32_t _ptr_sam6; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &_level)); +@@ -1600,7 +1641,6 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netr_Validation(struct ndr_pull *ndr, int nd + } + switch (level) { + case 2: { +- uint32_t _ptr_sam2; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sam2)); + if (_ptr_sam2) { + NDR_PULL_ALLOC(ndr, r->sam2); +@@ -1610,7 +1650,6 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netr_Validation(struct ndr_pull *ndr, int nd + break; } + + case 3: { +- uint32_t _ptr_sam3; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sam3)); + if (_ptr_sam3) { + NDR_PULL_ALLOC(ndr, r->sam3); +@@ -1620,7 +1659,6 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netr_Validation(struct ndr_pull *ndr, int nd + break; } + + case 4: { +- uint32_t _ptr_pac; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_pac)); + if (_ptr_pac) { + NDR_PULL_ALLOC(ndr, r->pac); +@@ -1630,7 +1668,6 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netr_Validation(struct ndr_pull *ndr, int nd + break; } + + case 5: { +- uint32_t _ptr_pac; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_pac)); + if (_ptr_pac) { + NDR_PULL_ALLOC(ndr, r->pac); +@@ -1640,7 +1677,6 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netr_Validation(struct ndr_pull *ndr, int nd + break; } + + case 6: { +- uint32_t _ptr_sam6; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sam6)); + if (_ptr_sam6) { + NDR_PULL_ALLOC(ndr, r->sam6); +@@ -1781,12 +1817,14 @@ _PUBLIC_ enum ndr_err_code ndr_push_netr_Credential(struct ndr_push *ndr, int nd + + _PUBLIC_ enum ndr_err_code ndr_pull_netr_Credential(struct ndr_pull *ndr, int ndr_flags, struct netr_Credential *r) + { ++ uint32_t size_data_0 = 0; + { + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 1)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, 8)); ++ size_data_0 = 8; ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, size_data_0)); + } + if (ndr_flags & NDR_BUFFERS) { + } +@@ -1898,6 +1936,8 @@ static enum ndr_err_code ndr_push_netr_DELTA_DELETE_USER(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_netr_DELTA_DELETE_USER(struct ndr_pull *ndr, int ndr_flags, struct netr_DELTA_DELETE_USER *r) + { + uint32_t _ptr_account_name; ++ uint32_t size_account_name_1 = 0; ++ uint32_t length_account_name_1 = 0; + TALLOC_CTX *_mem_save_account_name_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -1922,11 +1962,13 @@ static enum ndr_err_code ndr_pull_netr_DELTA_DELETE_USER(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->account_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->account_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->account_name)); +- if (ndr_get_array_length(ndr, &r->account_name) > ndr_get_array_size(ndr, &r->account_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->account_name), ndr_get_array_length(ndr, &r->account_name)); ++ size_account_name_1 = ndr_get_array_size(ndr, &r->account_name); ++ length_account_name_1 = ndr_get_array_length(ndr, &r->account_name); ++ if (length_account_name_1 > size_account_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_account_name_1, length_account_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->account_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->account_name, ndr_get_array_length(ndr, &r->account_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_account_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->account_name, length_account_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_account_name_0, 0); + } + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->unknown1)); +@@ -2019,6 +2061,8 @@ static enum ndr_err_code ndr_push_netr_PasswordHistory(struct ndr_push *ndr, int + + static enum ndr_err_code ndr_pull_netr_PasswordHistory(struct ndr_pull *ndr, int ndr_flags, struct netr_PasswordHistory *r) + { ++ uint32_t size_nt_history_0 = 0; ++ uint32_t size_lm_history_0 = 0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->nt_length)); +@@ -2027,10 +2071,12 @@ static enum ndr_err_code ndr_pull_netr_PasswordHistory(struct ndr_pull *ndr, int + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm_length)); + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->lm_size)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->lm_flags)); +- NDR_PULL_ALLOC_N(ndr, r->nt_history, r->nt_length); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->nt_history, r->nt_length)); +- NDR_PULL_ALLOC_N(ndr, r->lm_history, r->lm_length); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->lm_history, r->lm_length)); ++ size_nt_history_0 = r->nt_length; ++ NDR_PULL_ALLOC_N(ndr, r->nt_history, size_nt_history_0); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->nt_history, size_nt_history_0)); ++ size_lm_history_0 = r->lm_length; ++ NDR_PULL_ALLOC_N(ndr, r->lm_history, size_lm_history_0); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->lm_history, size_lm_history_0)); + } + if (ndr_flags & NDR_BUFFERS) { + } +@@ -2189,6 +2235,7 @@ static enum ndr_err_code ndr_push_netr_USER_PRIVATE_INFO(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_netr_USER_PRIVATE_INFO(struct ndr_pull *ndr, int ndr_flags, struct netr_USER_PRIVATE_INFO *r) + { + uint32_t _ptr_SensitiveData; ++ uint32_t size_SensitiveData_1 = 0; + TALLOC_CTX *_mem_save_SensitiveData_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -2214,8 +2261,9 @@ static enum ndr_err_code ndr_pull_netr_USER_PRIVATE_INFO(struct ndr_pull *ndr, i + _mem_save_SensitiveData_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->SensitiveData, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->SensitiveData)); +- NDR_PULL_ALLOC_N(ndr, r->SensitiveData, ndr_get_array_size(ndr, &r->SensitiveData)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->SensitiveData, ndr_get_array_size(ndr, &r->SensitiveData))); ++ size_SensitiveData_1 = ndr_get_array_size(ndr, &r->SensitiveData); ++ NDR_PULL_ALLOC_N(ndr, r->SensitiveData, size_SensitiveData_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->SensitiveData, size_SensitiveData_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_SensitiveData_0, 0); + } + ndr->flags = _flags_save_uint8; +@@ -2700,10 +2748,12 @@ static enum ndr_err_code ndr_push_netr_DELTA_GROUP_MEMBER(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_netr_DELTA_GROUP_MEMBER(struct ndr_pull *ndr, int ndr_flags, struct netr_DELTA_GROUP_MEMBER *r) + { + uint32_t _ptr_rids; ++ uint32_t size_rids_1 = 0; + uint32_t cntr_rids_1; + TALLOC_CTX *_mem_save_rids_0; + TALLOC_CTX *_mem_save_rids_1; + uint32_t _ptr_attribs; ++ uint32_t size_attribs_1 = 0; + uint32_t cntr_attribs_1; + TALLOC_CTX *_mem_save_attribs_0; + TALLOC_CTX *_mem_save_attribs_1; +@@ -2732,10 +2782,11 @@ static enum ndr_err_code ndr_pull_netr_DELTA_GROUP_MEMBER(struct ndr_pull *ndr, + _mem_save_rids_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->rids, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->rids)); +- NDR_PULL_ALLOC_N(ndr, r->rids, ndr_get_array_size(ndr, &r->rids)); ++ size_rids_1 = ndr_get_array_size(ndr, &r->rids); ++ NDR_PULL_ALLOC_N(ndr, r->rids, size_rids_1); + _mem_save_rids_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->rids, 0); +- for (cntr_rids_1 = 0; cntr_rids_1 < r->num_rids; cntr_rids_1++) { ++ for (cntr_rids_1 = 0; cntr_rids_1 < size_rids_1; cntr_rids_1++) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->rids[cntr_rids_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_rids_1, 0); +@@ -2745,10 +2796,11 @@ static enum ndr_err_code ndr_pull_netr_DELTA_GROUP_MEMBER(struct ndr_pull *ndr, + _mem_save_attribs_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->attribs, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->attribs)); +- NDR_PULL_ALLOC_N(ndr, r->attribs, ndr_get_array_size(ndr, &r->attribs)); ++ size_attribs_1 = ndr_get_array_size(ndr, &r->attribs); ++ NDR_PULL_ALLOC_N(ndr, r->attribs, size_attribs_1); + _mem_save_attribs_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->attribs, 0); +- for (cntr_attribs_1 = 0; cntr_attribs_1 < r->num_rids; cntr_attribs_1++) { ++ for (cntr_attribs_1 = 0; cntr_attribs_1 < size_attribs_1; cntr_attribs_1++) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->attribs[cntr_attribs_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_attribs_1, 0); +@@ -3021,6 +3073,7 @@ static enum ndr_err_code ndr_push_netr_DELTA_POLICY(struct ndr_push *ndr, int nd + static enum ndr_err_code ndr_pull_netr_DELTA_POLICY(struct ndr_pull *ndr, int ndr_flags, struct netr_DELTA_POLICY *r) + { + uint32_t _ptr_eventauditoptions; ++ uint32_t size_eventauditoptions_1 = 0; + uint32_t cntr_eventauditoptions_1; + TALLOC_CTX *_mem_save_eventauditoptions_0; + TALLOC_CTX *_mem_save_eventauditoptions_1; +@@ -3064,10 +3117,11 @@ static enum ndr_err_code ndr_pull_netr_DELTA_POLICY(struct ndr_pull *ndr, int nd + _mem_save_eventauditoptions_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->eventauditoptions, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->eventauditoptions)); +- NDR_PULL_ALLOC_N(ndr, r->eventauditoptions, ndr_get_array_size(ndr, &r->eventauditoptions)); ++ size_eventauditoptions_1 = ndr_get_array_size(ndr, &r->eventauditoptions); ++ NDR_PULL_ALLOC_N(ndr, r->eventauditoptions, size_eventauditoptions_1); + _mem_save_eventauditoptions_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->eventauditoptions, 0); +- for (cntr_eventauditoptions_1 = 0; cntr_eventauditoptions_1 < r->maxauditeventcount + 1; cntr_eventauditoptions_1++) { ++ for (cntr_eventauditoptions_1 = 0; cntr_eventauditoptions_1 < size_eventauditoptions_1; cntr_eventauditoptions_1++) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->eventauditoptions[cntr_eventauditoptions_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_eventauditoptions_1, 0); +@@ -3181,6 +3235,7 @@ static enum ndr_err_code ndr_push_netr_DELTA_TRUSTED_DOMAIN(struct ndr_push *ndr + static enum ndr_err_code ndr_pull_netr_DELTA_TRUSTED_DOMAIN(struct ndr_pull *ndr, int ndr_flags, struct netr_DELTA_TRUSTED_DOMAIN *r) + { + uint32_t _ptr_controller_names; ++ uint32_t size_controller_names_1 = 0; + uint32_t cntr_controller_names_1; + TALLOC_CTX *_mem_save_controller_names_0; + TALLOC_CTX *_mem_save_controller_names_1; +@@ -3211,13 +3266,14 @@ static enum ndr_err_code ndr_pull_netr_DELTA_TRUSTED_DOMAIN(struct ndr_pull *ndr + _mem_save_controller_names_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->controller_names, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->controller_names)); +- NDR_PULL_ALLOC_N(ndr, r->controller_names, ndr_get_array_size(ndr, &r->controller_names)); ++ size_controller_names_1 = ndr_get_array_size(ndr, &r->controller_names); ++ NDR_PULL_ALLOC_N(ndr, r->controller_names, size_controller_names_1); + _mem_save_controller_names_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->controller_names, 0); +- for (cntr_controller_names_1 = 0; cntr_controller_names_1 < r->num_controllers; cntr_controller_names_1++) { ++ for (cntr_controller_names_1 = 0; cntr_controller_names_1 < size_controller_names_1; cntr_controller_names_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->controller_names[cntr_controller_names_1])); + } +- for (cntr_controller_names_1 = 0; cntr_controller_names_1 < r->num_controllers; cntr_controller_names_1++) { ++ for (cntr_controller_names_1 = 0; cntr_controller_names_1 < size_controller_names_1; cntr_controller_names_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->controller_names[cntr_controller_names_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_controller_names_1, 0); +@@ -3351,10 +3407,12 @@ static enum ndr_err_code ndr_push_netr_DELTA_ACCOUNT(struct ndr_push *ndr, int n + static enum ndr_err_code ndr_pull_netr_DELTA_ACCOUNT(struct ndr_pull *ndr, int ndr_flags, struct netr_DELTA_ACCOUNT *r) + { + uint32_t _ptr_privilege_attrib; ++ uint32_t size_privilege_attrib_1 = 0; + uint32_t cntr_privilege_attrib_1; + TALLOC_CTX *_mem_save_privilege_attrib_0; + TALLOC_CTX *_mem_save_privilege_attrib_1; + uint32_t _ptr_privilege_name; ++ uint32_t size_privilege_name_1 = 0; + uint32_t cntr_privilege_name_1; + TALLOC_CTX *_mem_save_privilege_name_0; + TALLOC_CTX *_mem_save_privilege_name_1; +@@ -3392,10 +3450,11 @@ static enum ndr_err_code ndr_pull_netr_DELTA_ACCOUNT(struct ndr_pull *ndr, int n + _mem_save_privilege_attrib_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->privilege_attrib, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->privilege_attrib)); +- NDR_PULL_ALLOC_N(ndr, r->privilege_attrib, ndr_get_array_size(ndr, &r->privilege_attrib)); ++ size_privilege_attrib_1 = ndr_get_array_size(ndr, &r->privilege_attrib); ++ NDR_PULL_ALLOC_N(ndr, r->privilege_attrib, size_privilege_attrib_1); + _mem_save_privilege_attrib_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->privilege_attrib, 0); +- for (cntr_privilege_attrib_1 = 0; cntr_privilege_attrib_1 < r->privilege_entries; cntr_privilege_attrib_1++) { ++ for (cntr_privilege_attrib_1 = 0; cntr_privilege_attrib_1 < size_privilege_attrib_1; cntr_privilege_attrib_1++) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->privilege_attrib[cntr_privilege_attrib_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_privilege_attrib_1, 0); +@@ -3405,13 +3464,14 @@ static enum ndr_err_code ndr_pull_netr_DELTA_ACCOUNT(struct ndr_pull *ndr, int n + _mem_save_privilege_name_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->privilege_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->privilege_name)); +- NDR_PULL_ALLOC_N(ndr, r->privilege_name, ndr_get_array_size(ndr, &r->privilege_name)); ++ size_privilege_name_1 = ndr_get_array_size(ndr, &r->privilege_name); ++ NDR_PULL_ALLOC_N(ndr, r->privilege_name, size_privilege_name_1); + _mem_save_privilege_name_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->privilege_name, 0); +- for (cntr_privilege_name_1 = 0; cntr_privilege_name_1 < r->privilege_entries; cntr_privilege_name_1++) { ++ for (cntr_privilege_name_1 = 0; cntr_privilege_name_1 < size_privilege_name_1; cntr_privilege_name_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->privilege_name[cntr_privilege_name_1])); + } +- for (cntr_privilege_name_1 = 0; cntr_privilege_name_1 < r->privilege_entries; cntr_privilege_name_1++) { ++ for (cntr_privilege_name_1 = 0; cntr_privilege_name_1 < size_privilege_name_1; cntr_privilege_name_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->privilege_name[cntr_privilege_name_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_privilege_name_1, 0); +@@ -3567,6 +3627,8 @@ static enum ndr_err_code ndr_push_netr_CIPHER_VALUE(struct ndr_push *ndr, int nd + static enum ndr_err_code ndr_pull_netr_CIPHER_VALUE(struct ndr_pull *ndr, int ndr_flags, struct netr_CIPHER_VALUE *r) + { + uint32_t _ptr_cipher_data; ++ uint32_t size_cipher_data_1 = 0; ++ uint32_t length_cipher_data_1 = 0; + TALLOC_CTX *_mem_save_cipher_data_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -3585,11 +3647,13 @@ static enum ndr_err_code ndr_pull_netr_CIPHER_VALUE(struct ndr_pull *ndr, int nd + NDR_PULL_SET_MEM_CTX(ndr, r->cipher_data, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->cipher_data)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->cipher_data)); +- if (ndr_get_array_length(ndr, &r->cipher_data) > ndr_get_array_size(ndr, &r->cipher_data)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->cipher_data), ndr_get_array_length(ndr, &r->cipher_data)); ++ size_cipher_data_1 = ndr_get_array_size(ndr, &r->cipher_data); ++ length_cipher_data_1 = ndr_get_array_length(ndr, &r->cipher_data); ++ if (length_cipher_data_1 > size_cipher_data_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_cipher_data_1, length_cipher_data_1); + } +- NDR_PULL_ALLOC_N(ndr, r->cipher_data, ndr_get_array_size(ndr, &r->cipher_data)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->cipher_data, ndr_get_array_length(ndr, &r->cipher_data))); ++ NDR_PULL_ALLOC_N(ndr, r->cipher_data, size_cipher_data_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->cipher_data, length_cipher_data_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_cipher_data_0, 0); + } + if (r->cipher_data) { +@@ -3969,21 +4033,37 @@ static enum ndr_err_code ndr_pull_netr_DELTA_UNION(struct ndr_pull *ndr, int ndr + int level; + uint16_t _level; + TALLOC_CTX *_mem_save_domain_0; ++ uint32_t _ptr_domain; + TALLOC_CTX *_mem_save_group_0; ++ uint32_t _ptr_group; + TALLOC_CTX *_mem_save_rename_group_0; ++ uint32_t _ptr_rename_group; + TALLOC_CTX *_mem_save_user_0; ++ uint32_t _ptr_user; + TALLOC_CTX *_mem_save_rename_user_0; ++ uint32_t _ptr_rename_user; + TALLOC_CTX *_mem_save_group_member_0; ++ uint32_t _ptr_group_member; + TALLOC_CTX *_mem_save_alias_0; ++ uint32_t _ptr_alias; + TALLOC_CTX *_mem_save_rename_alias_0; ++ uint32_t _ptr_rename_alias; + TALLOC_CTX *_mem_save_alias_member_0; ++ uint32_t _ptr_alias_member; + TALLOC_CTX *_mem_save_policy_0; ++ uint32_t _ptr_policy; + TALLOC_CTX *_mem_save_trusted_domain_0; ++ uint32_t _ptr_trusted_domain; + TALLOC_CTX *_mem_save_account_0; ++ uint32_t _ptr_account; + TALLOC_CTX *_mem_save_secret_0; ++ uint32_t _ptr_secret; + TALLOC_CTX *_mem_save_delete_group_0; ++ uint32_t _ptr_delete_group; + TALLOC_CTX *_mem_save_delete_user_0; ++ uint32_t _ptr_delete_user; + TALLOC_CTX *_mem_save_modified_count_0; ++ uint32_t _ptr_modified_count; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &_level)); +@@ -3992,7 +4072,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_UNION(struct ndr_pull *ndr, int ndr + } + switch (level) { + case NETR_DELTA_DOMAIN: { +- uint32_t _ptr_domain; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_domain)); + if (_ptr_domain) { + NDR_PULL_ALLOC(ndr, r->domain); +@@ -4002,7 +4081,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_UNION(struct ndr_pull *ndr, int ndr + break; } + + case NETR_DELTA_GROUP: { +- uint32_t _ptr_group; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_group)); + if (_ptr_group) { + NDR_PULL_ALLOC(ndr, r->group); +@@ -4015,7 +4093,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_UNION(struct ndr_pull *ndr, int ndr + break; } + + case NETR_DELTA_RENAME_GROUP: { +- uint32_t _ptr_rename_group; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_rename_group)); + if (_ptr_rename_group) { + NDR_PULL_ALLOC(ndr, r->rename_group); +@@ -4025,7 +4102,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_UNION(struct ndr_pull *ndr, int ndr + break; } + + case NETR_DELTA_USER: { +- uint32_t _ptr_user; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_user)); + if (_ptr_user) { + NDR_PULL_ALLOC(ndr, r->user); +@@ -4038,7 +4114,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_UNION(struct ndr_pull *ndr, int ndr + break; } + + case NETR_DELTA_RENAME_USER: { +- uint32_t _ptr_rename_user; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_rename_user)); + if (_ptr_rename_user) { + NDR_PULL_ALLOC(ndr, r->rename_user); +@@ -4048,7 +4123,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_UNION(struct ndr_pull *ndr, int ndr + break; } + + case NETR_DELTA_GROUP_MEMBER: { +- uint32_t _ptr_group_member; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_group_member)); + if (_ptr_group_member) { + NDR_PULL_ALLOC(ndr, r->group_member); +@@ -4058,7 +4132,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_UNION(struct ndr_pull *ndr, int ndr + break; } + + case NETR_DELTA_ALIAS: { +- uint32_t _ptr_alias; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_alias)); + if (_ptr_alias) { + NDR_PULL_ALLOC(ndr, r->alias); +@@ -4071,7 +4144,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_UNION(struct ndr_pull *ndr, int ndr + break; } + + case NETR_DELTA_RENAME_ALIAS: { +- uint32_t _ptr_rename_alias; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_rename_alias)); + if (_ptr_rename_alias) { + NDR_PULL_ALLOC(ndr, r->rename_alias); +@@ -4081,7 +4153,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_UNION(struct ndr_pull *ndr, int ndr + break; } + + case NETR_DELTA_ALIAS_MEMBER: { +- uint32_t _ptr_alias_member; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_alias_member)); + if (_ptr_alias_member) { + NDR_PULL_ALLOC(ndr, r->alias_member); +@@ -4091,7 +4162,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_UNION(struct ndr_pull *ndr, int ndr + break; } + + case NETR_DELTA_POLICY: { +- uint32_t _ptr_policy; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_policy)); + if (_ptr_policy) { + NDR_PULL_ALLOC(ndr, r->policy); +@@ -4101,7 +4171,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_UNION(struct ndr_pull *ndr, int ndr + break; } + + case NETR_DELTA_TRUSTED_DOMAIN: { +- uint32_t _ptr_trusted_domain; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_trusted_domain)); + if (_ptr_trusted_domain) { + NDR_PULL_ALLOC(ndr, r->trusted_domain); +@@ -4115,7 +4184,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_UNION(struct ndr_pull *ndr, int ndr + break; } + + case NETR_DELTA_ACCOUNT: { +- uint32_t _ptr_account; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_account)); + if (_ptr_account) { + NDR_PULL_ALLOC(ndr, r->account); +@@ -4129,7 +4197,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_UNION(struct ndr_pull *ndr, int ndr + break; } + + case NETR_DELTA_SECRET: { +- uint32_t _ptr_secret; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_secret)); + if (_ptr_secret) { + NDR_PULL_ALLOC(ndr, r->secret); +@@ -4143,7 +4210,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_UNION(struct ndr_pull *ndr, int ndr + break; } + + case NETR_DELTA_DELETE_GROUP2: { +- uint32_t _ptr_delete_group; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_delete_group)); + if (_ptr_delete_group) { + NDR_PULL_ALLOC(ndr, r->delete_group); +@@ -4153,7 +4219,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_UNION(struct ndr_pull *ndr, int ndr + break; } + + case NETR_DELTA_DELETE_USER2: { +- uint32_t _ptr_delete_user; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_delete_user)); + if (_ptr_delete_user) { + NDR_PULL_ALLOC(ndr, r->delete_user); +@@ -4163,7 +4228,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_UNION(struct ndr_pull *ndr, int ndr + break; } + + case NETR_DELTA_MODIFY_COUNT: { +- uint32_t _ptr_modified_count; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_modified_count)); + if (_ptr_modified_count) { + NDR_PULL_ALLOC(ndr, r->modified_count); +@@ -4728,7 +4792,11 @@ static enum ndr_err_code ndr_pull_netr_DELTA_ID_UNION(struct ndr_pull *ndr, int + int level; + uint16_t _level; + TALLOC_CTX *_mem_save_sid_0; ++ uint32_t _ptr_sid; + TALLOC_CTX *_mem_save_name_0; ++ uint32_t _ptr_name; ++ uint32_t size_name_1 = 0; ++ uint32_t length_name_1 = 0; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &_level)); +@@ -4785,7 +4853,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_ID_UNION(struct ndr_pull *ndr, int + break; } + + case NETR_DELTA_POLICY: { +- uint32_t _ptr_sid; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sid)); + if (_ptr_sid) { + NDR_PULL_ALLOC(ndr, r->sid); +@@ -4795,7 +4862,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_ID_UNION(struct ndr_pull *ndr, int + break; } + + case NETR_DELTA_TRUSTED_DOMAIN: { +- uint32_t _ptr_sid; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sid)); + if (_ptr_sid) { + NDR_PULL_ALLOC(ndr, r->sid); +@@ -4805,7 +4871,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_ID_UNION(struct ndr_pull *ndr, int + break; } + + case NETR_DELTA_DELETE_TRUST: { +- uint32_t _ptr_sid; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sid)); + if (_ptr_sid) { + NDR_PULL_ALLOC(ndr, r->sid); +@@ -4815,7 +4880,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_ID_UNION(struct ndr_pull *ndr, int + break; } + + case NETR_DELTA_ACCOUNT: { +- uint32_t _ptr_sid; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sid)); + if (_ptr_sid) { + NDR_PULL_ALLOC(ndr, r->sid); +@@ -4825,7 +4889,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_ID_UNION(struct ndr_pull *ndr, int + break; } + + case NETR_DELTA_DELETE_ACCOUNT: { +- uint32_t _ptr_sid; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sid)); + if (_ptr_sid) { + NDR_PULL_ALLOC(ndr, r->sid); +@@ -4835,7 +4898,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_ID_UNION(struct ndr_pull *ndr, int + break; } + + case NETR_DELTA_SECRET: { +- uint32_t _ptr_name; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_name)); + if (_ptr_name) { + NDR_PULL_ALLOC(ndr, r->name); +@@ -4845,7 +4907,6 @@ static enum ndr_err_code ndr_pull_netr_DELTA_ID_UNION(struct ndr_pull *ndr, int + break; } + + case NETR_DELTA_DELETE_SECRET: { +- uint32_t _ptr_name; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_name)); + if (_ptr_name) { + NDR_PULL_ALLOC(ndr, r->name); +@@ -4958,11 +5019,13 @@ static enum ndr_err_code ndr_pull_netr_DELTA_ID_UNION(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->name)); +- if (ndr_get_array_length(ndr, &r->name) > ndr_get_array_size(ndr, &r->name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->name), ndr_get_array_length(ndr, &r->name)); ++ size_name_1 = ndr_get_array_size(ndr, &r->name); ++ length_name_1 = ndr_get_array_length(ndr, &r->name); ++ if (length_name_1 > size_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_1, length_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, length_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_0, 0); + } + break; +@@ -4973,11 +5036,13 @@ static enum ndr_err_code ndr_pull_netr_DELTA_ID_UNION(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->name)); +- if (ndr_get_array_length(ndr, &r->name) > ndr_get_array_size(ndr, &r->name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->name), ndr_get_array_length(ndr, &r->name)); ++ size_name_1 = ndr_get_array_size(ndr, &r->name); ++ length_name_1 = ndr_get_array_length(ndr, &r->name); ++ if (length_name_1 > size_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_1, length_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, length_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_0, 0); + } + break; +@@ -5202,6 +5267,7 @@ static enum ndr_err_code ndr_push_netr_DELTA_ENUM_ARRAY(struct ndr_push *ndr, in + static enum ndr_err_code ndr_pull_netr_DELTA_ENUM_ARRAY(struct ndr_pull *ndr, int ndr_flags, struct netr_DELTA_ENUM_ARRAY *r) + { + uint32_t _ptr_delta_enum; ++ uint32_t size_delta_enum_1 = 0; + uint32_t cntr_delta_enum_1; + TALLOC_CTX *_mem_save_delta_enum_0; + TALLOC_CTX *_mem_save_delta_enum_1; +@@ -5220,13 +5286,14 @@ static enum ndr_err_code ndr_pull_netr_DELTA_ENUM_ARRAY(struct ndr_pull *ndr, in + _mem_save_delta_enum_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->delta_enum, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->delta_enum)); +- NDR_PULL_ALLOC_N(ndr, r->delta_enum, ndr_get_array_size(ndr, &r->delta_enum)); ++ size_delta_enum_1 = ndr_get_array_size(ndr, &r->delta_enum); ++ NDR_PULL_ALLOC_N(ndr, r->delta_enum, size_delta_enum_1); + _mem_save_delta_enum_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->delta_enum, 0); +- for (cntr_delta_enum_1 = 0; cntr_delta_enum_1 < r->num_deltas; cntr_delta_enum_1++) { ++ for (cntr_delta_enum_1 = 0; cntr_delta_enum_1 < size_delta_enum_1; cntr_delta_enum_1++) { + NDR_CHECK(ndr_pull_netr_DELTA_ENUM(ndr, NDR_SCALARS, &r->delta_enum[cntr_delta_enum_1])); + } +- for (cntr_delta_enum_1 = 0; cntr_delta_enum_1 < r->num_deltas; cntr_delta_enum_1++) { ++ for (cntr_delta_enum_1 = 0; cntr_delta_enum_1 < size_delta_enum_1; cntr_delta_enum_1++) { + NDR_CHECK(ndr_pull_netr_DELTA_ENUM(ndr, NDR_BUFFERS, &r->delta_enum[cntr_delta_enum_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_delta_enum_1, 0); +@@ -5283,12 +5350,14 @@ static enum ndr_err_code ndr_push_netr_UAS_INFO_0(struct ndr_push *ndr, int ndr_ + + static enum ndr_err_code ndr_pull_netr_UAS_INFO_0(struct ndr_pull *ndr, int ndr_flags, struct netr_UAS_INFO_0 *r) + { ++ uint32_t size_computer_name_0 = 0; + { + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->computer_name, 16)); ++ size_computer_name_0 = 16; ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->computer_name, size_computer_name_0)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->timecreated)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->serial_number)); + } +@@ -5434,6 +5503,8 @@ static enum ndr_err_code ndr_push_netr_NETLOGON_INFO_2(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_netr_NETLOGON_INFO_2(struct ndr_pull *ndr, int ndr_flags, struct netr_NETLOGON_INFO_2 *r) + { + uint32_t _ptr_trusted_dc_name; ++ uint32_t size_trusted_dc_name_1 = 0; ++ uint32_t length_trusted_dc_name_1 = 0; + TALLOC_CTX *_mem_save_trusted_dc_name_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -5453,11 +5524,13 @@ static enum ndr_err_code ndr_pull_netr_NETLOGON_INFO_2(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->trusted_dc_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->trusted_dc_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->trusted_dc_name)); +- if (ndr_get_array_length(ndr, &r->trusted_dc_name) > ndr_get_array_size(ndr, &r->trusted_dc_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->trusted_dc_name), ndr_get_array_length(ndr, &r->trusted_dc_name)); ++ size_trusted_dc_name_1 = ndr_get_array_size(ndr, &r->trusted_dc_name); ++ length_trusted_dc_name_1 = ndr_get_array_length(ndr, &r->trusted_dc_name); ++ if (length_trusted_dc_name_1 > size_trusted_dc_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_trusted_dc_name_1, length_trusted_dc_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->trusted_dc_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->trusted_dc_name, ndr_get_array_length(ndr, &r->trusted_dc_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_trusted_dc_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->trusted_dc_name, length_trusted_dc_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_trusted_dc_name_0, 0); + } + } +@@ -5583,8 +5656,11 @@ static enum ndr_err_code ndr_pull_netr_CONTROL_QUERY_INFORMATION(struct ndr_pull + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_info1_0; ++ uint32_t _ptr_info1; + TALLOC_CTX *_mem_save_info2_0; ++ uint32_t _ptr_info2; + TALLOC_CTX *_mem_save_info3_0; ++ uint32_t _ptr_info3; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -5593,7 +5669,6 @@ static enum ndr_err_code ndr_pull_netr_CONTROL_QUERY_INFORMATION(struct ndr_pull + } + switch (level) { + case 1: { +- uint32_t _ptr_info1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1)); + if (_ptr_info1) { + NDR_PULL_ALLOC(ndr, r->info1); +@@ -5603,7 +5678,6 @@ static enum ndr_err_code ndr_pull_netr_CONTROL_QUERY_INFORMATION(struct ndr_pull + break; } + + case 2: { +- uint32_t _ptr_info2; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info2)); + if (_ptr_info2) { + NDR_PULL_ALLOC(ndr, r->info2); +@@ -5613,7 +5687,6 @@ static enum ndr_err_code ndr_pull_netr_CONTROL_QUERY_INFORMATION(struct ndr_pull + break; } + + case 3: { +- uint32_t _ptr_info3; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info3)); + if (_ptr_info3) { + NDR_PULL_ALLOC(ndr, r->info3); +@@ -5799,6 +5872,9 @@ static enum ndr_err_code ndr_pull_netr_CONTROL_DATA_INFORMATION(struct ndr_pull + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_domain_0; ++ uint32_t _ptr_domain; ++ uint32_t size_domain_1 = 0; ++ uint32_t length_domain_1 = 0; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -5807,7 +5883,6 @@ static enum ndr_err_code ndr_pull_netr_CONTROL_DATA_INFORMATION(struct ndr_pull + } + switch (level) { + case NETLOGON_CONTROL_REDISCOVER: { +- uint32_t _ptr_domain; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_domain)); + if (_ptr_domain) { + NDR_PULL_ALLOC(ndr, r->domain); +@@ -5817,7 +5892,6 @@ static enum ndr_err_code ndr_pull_netr_CONTROL_DATA_INFORMATION(struct ndr_pull + break; } + + case NETLOGON_CONTROL_TC_QUERY: { +- uint32_t _ptr_domain; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_domain)); + if (_ptr_domain) { + NDR_PULL_ALLOC(ndr, r->domain); +@@ -5827,7 +5901,6 @@ static enum ndr_err_code ndr_pull_netr_CONTROL_DATA_INFORMATION(struct ndr_pull + break; } + + case NETLOGON_CONTROL_TRANSPORT_NOTIFY: { +- uint32_t _ptr_domain; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_domain)); + if (_ptr_domain) { + NDR_PULL_ALLOC(ndr, r->domain); +@@ -5852,11 +5925,13 @@ static enum ndr_err_code ndr_pull_netr_CONTROL_DATA_INFORMATION(struct ndr_pull + NDR_PULL_SET_MEM_CTX(ndr, r->domain, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->domain)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->domain)); +- if (ndr_get_array_length(ndr, &r->domain) > ndr_get_array_size(ndr, &r->domain)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->domain), ndr_get_array_length(ndr, &r->domain)); ++ size_domain_1 = ndr_get_array_size(ndr, &r->domain); ++ length_domain_1 = ndr_get_array_length(ndr, &r->domain); ++ if (length_domain_1 > size_domain_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_1, length_domain_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, length_domain_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_0, 0); + } + break; +@@ -5867,11 +5942,13 @@ static enum ndr_err_code ndr_pull_netr_CONTROL_DATA_INFORMATION(struct ndr_pull + NDR_PULL_SET_MEM_CTX(ndr, r->domain, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->domain)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->domain)); +- if (ndr_get_array_length(ndr, &r->domain) > ndr_get_array_size(ndr, &r->domain)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->domain), ndr_get_array_length(ndr, &r->domain)); ++ size_domain_1 = ndr_get_array_size(ndr, &r->domain); ++ length_domain_1 = ndr_get_array_length(ndr, &r->domain); ++ if (length_domain_1 > size_domain_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_1, length_domain_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, length_domain_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_0, 0); + } + break; +@@ -5882,11 +5959,13 @@ static enum ndr_err_code ndr_pull_netr_CONTROL_DATA_INFORMATION(struct ndr_pull + NDR_PULL_SET_MEM_CTX(ndr, r->domain, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->domain)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->domain)); +- if (ndr_get_array_length(ndr, &r->domain) > ndr_get_array_size(ndr, &r->domain)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->domain), ndr_get_array_length(ndr, &r->domain)); ++ size_domain_1 = ndr_get_array_size(ndr, &r->domain); ++ length_domain_1 = ndr_get_array_length(ndr, &r->domain); ++ if (length_domain_1 > size_domain_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_1, length_domain_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, length_domain_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_0, 0); + } + break; +@@ -6007,6 +6086,7 @@ static enum ndr_err_code ndr_push_netr_Blob(struct ndr_push *ndr, int ndr_flags, + static enum ndr_err_code ndr_pull_netr_Blob(struct ndr_pull *ndr, int ndr_flags, struct netr_Blob *r) + { + uint32_t _ptr_data; ++ uint32_t size_data_1 = 0; + TALLOC_CTX *_mem_save_data_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -6023,8 +6103,9 @@ static enum ndr_err_code ndr_pull_netr_Blob(struct ndr_pull *ndr, int ndr_flags, + _mem_save_data_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->data, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->data)); +- NDR_PULL_ALLOC_N(ndr, r->data, ndr_get_array_size(ndr, &r->data)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, ndr_get_array_size(ndr, &r->data))); ++ size_data_1 = ndr_get_array_size(ndr, &r->data); ++ NDR_PULL_ALLOC_N(ndr, r->data, size_data_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, size_data_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_data_0, 0); + } + if (r->data) { +@@ -6208,16 +6289,28 @@ _PUBLIC_ enum ndr_err_code ndr_push_netr_DsRGetDCNameInfo(struct ndr_push *ndr, + _PUBLIC_ enum ndr_err_code ndr_pull_netr_DsRGetDCNameInfo(struct ndr_pull *ndr, int ndr_flags, struct netr_DsRGetDCNameInfo *r) + { + uint32_t _ptr_dc_unc; ++ uint32_t size_dc_unc_1 = 0; ++ uint32_t length_dc_unc_1 = 0; + TALLOC_CTX *_mem_save_dc_unc_0; + uint32_t _ptr_dc_address; ++ uint32_t size_dc_address_1 = 0; ++ uint32_t length_dc_address_1 = 0; + TALLOC_CTX *_mem_save_dc_address_0; + uint32_t _ptr_domain_name; ++ uint32_t size_domain_name_1 = 0; ++ uint32_t length_domain_name_1 = 0; + TALLOC_CTX *_mem_save_domain_name_0; + uint32_t _ptr_forest_name; ++ uint32_t size_forest_name_1 = 0; ++ uint32_t length_forest_name_1 = 0; + TALLOC_CTX *_mem_save_forest_name_0; + uint32_t _ptr_dc_site_name; ++ uint32_t size_dc_site_name_1 = 0; ++ uint32_t length_dc_site_name_1 = 0; + TALLOC_CTX *_mem_save_dc_site_name_0; + uint32_t _ptr_client_site_name; ++ uint32_t size_client_site_name_1 = 0; ++ uint32_t length_client_site_name_1 = 0; + TALLOC_CTX *_mem_save_client_site_name_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -6267,11 +6360,13 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netr_DsRGetDCNameInfo(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->dc_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->dc_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->dc_unc)); +- if (ndr_get_array_length(ndr, &r->dc_unc) > ndr_get_array_size(ndr, &r->dc_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->dc_unc), ndr_get_array_length(ndr, &r->dc_unc)); ++ size_dc_unc_1 = ndr_get_array_size(ndr, &r->dc_unc); ++ length_dc_unc_1 = ndr_get_array_length(ndr, &r->dc_unc); ++ if (length_dc_unc_1 > size_dc_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dc_unc_1, length_dc_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->dc_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->dc_unc, ndr_get_array_length(ndr, &r->dc_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dc_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->dc_unc, length_dc_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_dc_unc_0, 0); + } + if (r->dc_address) { +@@ -6279,11 +6374,13 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netr_DsRGetDCNameInfo(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->dc_address, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->dc_address)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->dc_address)); +- if (ndr_get_array_length(ndr, &r->dc_address) > ndr_get_array_size(ndr, &r->dc_address)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->dc_address), ndr_get_array_length(ndr, &r->dc_address)); ++ size_dc_address_1 = ndr_get_array_size(ndr, &r->dc_address); ++ length_dc_address_1 = ndr_get_array_length(ndr, &r->dc_address); ++ if (length_dc_address_1 > size_dc_address_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dc_address_1, length_dc_address_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->dc_address), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->dc_address, ndr_get_array_length(ndr, &r->dc_address), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dc_address_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->dc_address, length_dc_address_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_dc_address_0, 0); + } + NDR_CHECK(ndr_pull_GUID(ndr, NDR_BUFFERS, &r->domain_guid)); +@@ -6292,11 +6389,13 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netr_DsRGetDCNameInfo(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->domain_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->domain_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->domain_name)); +- if (ndr_get_array_length(ndr, &r->domain_name) > ndr_get_array_size(ndr, &r->domain_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->domain_name), ndr_get_array_length(ndr, &r->domain_name)); ++ size_domain_name_1 = ndr_get_array_size(ndr, &r->domain_name); ++ length_domain_name_1 = ndr_get_array_length(ndr, &r->domain_name); ++ if (length_domain_name_1 > size_domain_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_name_1, length_domain_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->domain_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain_name, ndr_get_array_length(ndr, &r->domain_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain_name, length_domain_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_name_0, 0); + } + if (r->forest_name) { +@@ -6304,11 +6403,13 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netr_DsRGetDCNameInfo(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->forest_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->forest_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->forest_name)); +- if (ndr_get_array_length(ndr, &r->forest_name) > ndr_get_array_size(ndr, &r->forest_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->forest_name), ndr_get_array_length(ndr, &r->forest_name)); ++ size_forest_name_1 = ndr_get_array_size(ndr, &r->forest_name); ++ length_forest_name_1 = ndr_get_array_length(ndr, &r->forest_name); ++ if (length_forest_name_1 > size_forest_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_forest_name_1, length_forest_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->forest_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->forest_name, ndr_get_array_length(ndr, &r->forest_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_forest_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->forest_name, length_forest_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_forest_name_0, 0); + } + if (r->dc_site_name) { +@@ -6316,11 +6417,13 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netr_DsRGetDCNameInfo(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->dc_site_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->dc_site_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->dc_site_name)); +- if (ndr_get_array_length(ndr, &r->dc_site_name) > ndr_get_array_size(ndr, &r->dc_site_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->dc_site_name), ndr_get_array_length(ndr, &r->dc_site_name)); ++ size_dc_site_name_1 = ndr_get_array_size(ndr, &r->dc_site_name); ++ length_dc_site_name_1 = ndr_get_array_length(ndr, &r->dc_site_name); ++ if (length_dc_site_name_1 > size_dc_site_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dc_site_name_1, length_dc_site_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->dc_site_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->dc_site_name, ndr_get_array_length(ndr, &r->dc_site_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dc_site_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->dc_site_name, length_dc_site_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_dc_site_name_0, 0); + } + if (r->client_site_name) { +@@ -6328,11 +6431,13 @@ _PUBLIC_ enum ndr_err_code ndr_pull_netr_DsRGetDCNameInfo(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->client_site_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->client_site_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->client_site_name)); +- if (ndr_get_array_length(ndr, &r->client_site_name) > ndr_get_array_size(ndr, &r->client_site_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->client_site_name), ndr_get_array_length(ndr, &r->client_site_name)); ++ size_client_site_name_1 = ndr_get_array_size(ndr, &r->client_site_name); ++ length_client_site_name_1 = ndr_get_array_length(ndr, &r->client_site_name); ++ if (length_client_site_name_1 > size_client_site_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_client_site_name_1, length_client_site_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->client_site_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->client_site_name, ndr_get_array_length(ndr, &r->client_site_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_client_site_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->client_site_name, length_client_site_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_client_site_name_0, 0); + } + } +@@ -6488,6 +6593,8 @@ static enum ndr_err_code ndr_push_netr_BinaryString(struct ndr_push *ndr, int nd + static enum ndr_err_code ndr_pull_netr_BinaryString(struct ndr_pull *ndr, int ndr_flags, struct netr_BinaryString *r) + { + uint32_t _ptr_data; ++ uint32_t size_data_1 = 0; ++ uint32_t length_data_1 = 0; + uint32_t cntr_data_1; + TALLOC_CTX *_mem_save_data_0; + TALLOC_CTX *_mem_save_data_1; +@@ -6511,13 +6618,15 @@ static enum ndr_err_code ndr_pull_netr_BinaryString(struct ndr_pull *ndr, int nd + NDR_PULL_SET_MEM_CTX(ndr, r->data, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->data)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->data)); +- if (ndr_get_array_length(ndr, &r->data) > ndr_get_array_size(ndr, &r->data)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->data), ndr_get_array_length(ndr, &r->data)); ++ size_data_1 = ndr_get_array_size(ndr, &r->data); ++ length_data_1 = ndr_get_array_length(ndr, &r->data); ++ if (length_data_1 > size_data_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_data_1, length_data_1); + } +- NDR_PULL_ALLOC_N(ndr, r->data, ndr_get_array_size(ndr, &r->data)); ++ NDR_PULL_ALLOC_N(ndr, r->data, size_data_1); + _mem_save_data_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->data, 0); +- for (cntr_data_1 = 0; cntr_data_1 < r->length / 2; cntr_data_1++) { ++ for (cntr_data_1 = 0; cntr_data_1 < length_data_1; cntr_data_1++) { + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->data[cntr_data_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_data_1, 0); +@@ -6634,17 +6743,30 @@ static enum ndr_err_code ndr_push_netr_DomainQuery1(struct ndr_push *ndr, int nd + static enum ndr_err_code ndr_pull_netr_DomainQuery1(struct ndr_pull *ndr, int ndr_flags, struct netr_DomainQuery1 *r) + { + uint32_t _ptr_workstation_domain; ++ uint32_t size_workstation_domain_1 = 0; ++ uint32_t length_workstation_domain_1 = 0; + TALLOC_CTX *_mem_save_workstation_domain_0; + uint32_t _ptr_workstation_site; ++ uint32_t size_workstation_site_1 = 0; ++ uint32_t length_workstation_site_1 = 0; + TALLOC_CTX *_mem_save_workstation_site_0; + uint32_t _ptr_unknown1; ++ uint32_t size_unknown1_1 = 0; ++ uint32_t length_unknown1_1 = 0; + TALLOC_CTX *_mem_save_unknown1_0; + uint32_t _ptr_unknown2; ++ uint32_t size_unknown2_1 = 0; ++ uint32_t length_unknown2_1 = 0; + TALLOC_CTX *_mem_save_unknown2_0; + uint32_t _ptr_unknown3; ++ uint32_t size_unknown3_1 = 0; ++ uint32_t length_unknown3_1 = 0; + TALLOC_CTX *_mem_save_unknown3_0; + uint32_t _ptr_unknown4; ++ uint32_t size_unknown4_1 = 0; ++ uint32_t length_unknown4_1 = 0; + TALLOC_CTX *_mem_save_unknown4_0; ++ uint32_t size_unknown7_0 = 0; + uint32_t cntr_unknown7_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -6689,7 +6811,8 @@ static enum ndr_err_code ndr_pull_netr_DomainQuery1(struct ndr_pull *ndr, int nd + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->product)); + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->unknown5)); + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->unknown6)); +- for (cntr_unknown7_0 = 0; cntr_unknown7_0 < 4; cntr_unknown7_0++) { ++ size_unknown7_0 = 4; ++ for (cntr_unknown7_0 = 0; cntr_unknown7_0 < size_unknown7_0; cntr_unknown7_0++) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown7[cntr_unknown7_0])); + } + } +@@ -6700,11 +6823,13 @@ static enum ndr_err_code ndr_pull_netr_DomainQuery1(struct ndr_pull *ndr, int nd + NDR_PULL_SET_MEM_CTX(ndr, r->workstation_domain, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->workstation_domain)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->workstation_domain)); +- if (ndr_get_array_length(ndr, &r->workstation_domain) > ndr_get_array_size(ndr, &r->workstation_domain)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->workstation_domain), ndr_get_array_length(ndr, &r->workstation_domain)); ++ size_workstation_domain_1 = ndr_get_array_size(ndr, &r->workstation_domain); ++ length_workstation_domain_1 = ndr_get_array_length(ndr, &r->workstation_domain); ++ if (length_workstation_domain_1 > size_workstation_domain_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_workstation_domain_1, length_workstation_domain_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->workstation_domain), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->workstation_domain, ndr_get_array_length(ndr, &r->workstation_domain), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_workstation_domain_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->workstation_domain, length_workstation_domain_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_workstation_domain_0, 0); + } + if (r->workstation_site) { +@@ -6712,11 +6837,13 @@ static enum ndr_err_code ndr_pull_netr_DomainQuery1(struct ndr_pull *ndr, int nd + NDR_PULL_SET_MEM_CTX(ndr, r->workstation_site, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->workstation_site)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->workstation_site)); +- if (ndr_get_array_length(ndr, &r->workstation_site) > ndr_get_array_size(ndr, &r->workstation_site)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->workstation_site), ndr_get_array_length(ndr, &r->workstation_site)); ++ size_workstation_site_1 = ndr_get_array_size(ndr, &r->workstation_site); ++ length_workstation_site_1 = ndr_get_array_length(ndr, &r->workstation_site); ++ if (length_workstation_site_1 > size_workstation_site_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_workstation_site_1, length_workstation_site_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->workstation_site), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->workstation_site, ndr_get_array_length(ndr, &r->workstation_site), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_workstation_site_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->workstation_site, length_workstation_site_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_workstation_site_0, 0); + } + if (r->unknown1) { +@@ -6724,11 +6851,13 @@ static enum ndr_err_code ndr_pull_netr_DomainQuery1(struct ndr_pull *ndr, int nd + NDR_PULL_SET_MEM_CTX(ndr, r->unknown1, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->unknown1)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->unknown1)); +- if (ndr_get_array_length(ndr, &r->unknown1) > ndr_get_array_size(ndr, &r->unknown1)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->unknown1), ndr_get_array_length(ndr, &r->unknown1)); ++ size_unknown1_1 = ndr_get_array_size(ndr, &r->unknown1); ++ length_unknown1_1 = ndr_get_array_length(ndr, &r->unknown1); ++ if (length_unknown1_1 > size_unknown1_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_unknown1_1, length_unknown1_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->unknown1), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->unknown1, ndr_get_array_length(ndr, &r->unknown1), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_unknown1_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->unknown1, length_unknown1_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_unknown1_0, 0); + } + if (r->unknown2) { +@@ -6736,11 +6865,13 @@ static enum ndr_err_code ndr_pull_netr_DomainQuery1(struct ndr_pull *ndr, int nd + NDR_PULL_SET_MEM_CTX(ndr, r->unknown2, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->unknown2)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->unknown2)); +- if (ndr_get_array_length(ndr, &r->unknown2) > ndr_get_array_size(ndr, &r->unknown2)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->unknown2), ndr_get_array_length(ndr, &r->unknown2)); ++ size_unknown2_1 = ndr_get_array_size(ndr, &r->unknown2); ++ length_unknown2_1 = ndr_get_array_length(ndr, &r->unknown2); ++ if (length_unknown2_1 > size_unknown2_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_unknown2_1, length_unknown2_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->unknown2), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->unknown2, ndr_get_array_length(ndr, &r->unknown2), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_unknown2_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->unknown2, length_unknown2_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_unknown2_0, 0); + } + if (r->unknown3) { +@@ -6748,11 +6879,13 @@ static enum ndr_err_code ndr_pull_netr_DomainQuery1(struct ndr_pull *ndr, int nd + NDR_PULL_SET_MEM_CTX(ndr, r->unknown3, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->unknown3)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->unknown3)); +- if (ndr_get_array_length(ndr, &r->unknown3) > ndr_get_array_size(ndr, &r->unknown3)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->unknown3), ndr_get_array_length(ndr, &r->unknown3)); ++ size_unknown3_1 = ndr_get_array_size(ndr, &r->unknown3); ++ length_unknown3_1 = ndr_get_array_length(ndr, &r->unknown3); ++ if (length_unknown3_1 > size_unknown3_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_unknown3_1, length_unknown3_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->unknown3), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->unknown3, ndr_get_array_length(ndr, &r->unknown3), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_unknown3_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->unknown3, length_unknown3_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_unknown3_0, 0); + } + if (r->unknown4) { +@@ -6760,11 +6893,13 @@ static enum ndr_err_code ndr_pull_netr_DomainQuery1(struct ndr_pull *ndr, int nd + NDR_PULL_SET_MEM_CTX(ndr, r->unknown4, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->unknown4)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->unknown4)); +- if (ndr_get_array_length(ndr, &r->unknown4) > ndr_get_array_size(ndr, &r->unknown4)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->unknown4), ndr_get_array_length(ndr, &r->unknown4)); ++ size_unknown4_1 = ndr_get_array_size(ndr, &r->unknown4); ++ length_unknown4_1 = ndr_get_array_length(ndr, &r->unknown4); ++ if (length_unknown4_1 > size_unknown4_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_unknown4_1, length_unknown4_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->unknown4), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->unknown4, ndr_get_array_length(ndr, &r->unknown4), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_unknown4_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->unknown4, length_unknown4_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_unknown4_0, 0); + } + NDR_CHECK(ndr_pull_netr_BinaryString(ndr, NDR_BUFFERS, &r->blob2)); +@@ -6879,6 +7014,7 @@ static enum ndr_err_code ndr_pull_netr_DomainQuery(struct ndr_pull *ndr, int ndr + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_query1_0; ++ uint32_t _ptr_query1; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -6887,7 +7023,6 @@ static enum ndr_err_code ndr_pull_netr_DomainQuery(struct ndr_pull *ndr, int ndr + } + switch (level) { + case 1: { +- uint32_t _ptr_query1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_query1)); + if (_ptr_query1) { + NDR_PULL_ALLOC(ndr, r->query1); +@@ -6897,7 +7032,6 @@ static enum ndr_err_code ndr_pull_netr_DomainQuery(struct ndr_pull *ndr, int ndr + break; } + + case 2: { +- uint32_t _ptr_query1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_query1)); + if (_ptr_query1) { + NDR_PULL_ALLOC(ndr, r->query1); +@@ -7003,7 +7137,9 @@ static enum ndr_err_code ndr_pull_netr_DomainTrustInfo(struct ndr_pull *ndr, int + { + uint32_t _ptr_sid; + TALLOC_CTX *_mem_save_sid_0; ++ uint32_t size_unknown1_0 = 0; + uint32_t cntr_unknown1_0; ++ uint32_t size_unknown_0 = 0; + uint32_t cntr_unknown_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -7017,10 +7153,12 @@ static enum ndr_err_code ndr_pull_netr_DomainTrustInfo(struct ndr_pull *ndr, int + } else { + r->sid = NULL; + } +- for (cntr_unknown1_0 = 0; cntr_unknown1_0 < 4; cntr_unknown1_0++) { ++ size_unknown1_0 = 4; ++ for (cntr_unknown1_0 = 0; cntr_unknown1_0 < size_unknown1_0; cntr_unknown1_0++) { + NDR_CHECK(ndr_pull_netr_BinaryString(ndr, NDR_SCALARS, &r->unknown1[cntr_unknown1_0])); + } +- for (cntr_unknown_0 = 0; cntr_unknown_0 < 4; cntr_unknown_0++) { ++ size_unknown_0 = 4; ++ for (cntr_unknown_0 = 0; cntr_unknown_0 < size_unknown_0; cntr_unknown_0++) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown[cntr_unknown_0])); + } + } +@@ -7035,7 +7173,8 @@ static enum ndr_err_code ndr_pull_netr_DomainTrustInfo(struct ndr_pull *ndr, int + NDR_CHECK(ndr_pull_dom_sid2(ndr, NDR_SCALARS|NDR_BUFFERS, r->sid)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sid_0, 0); + } +- for (cntr_unknown1_0 = 0; cntr_unknown1_0 < 4; cntr_unknown1_0++) { ++ size_unknown1_0 = 4; ++ for (cntr_unknown1_0 = 0; cntr_unknown1_0 < size_unknown1_0; cntr_unknown1_0++) { + NDR_CHECK(ndr_pull_netr_BinaryString(ndr, NDR_BUFFERS, &r->unknown1[cntr_unknown1_0])); + } + } +@@ -7112,9 +7251,11 @@ static enum ndr_err_code ndr_push_netr_DomainInfo1(struct ndr_push *ndr, int ndr + static enum ndr_err_code ndr_pull_netr_DomainInfo1(struct ndr_pull *ndr, int ndr_flags, struct netr_DomainInfo1 *r) + { + uint32_t _ptr_trusts; ++ uint32_t size_trusts_1 = 0; + uint32_t cntr_trusts_1; + TALLOC_CTX *_mem_save_trusts_0; + TALLOC_CTX *_mem_save_trusts_1; ++ uint32_t size_unknown_0 = 0; + uint32_t cntr_unknown_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -7126,7 +7267,8 @@ static enum ndr_err_code ndr_pull_netr_DomainInfo1(struct ndr_pull *ndr, int ndr + } else { + r->trusts = NULL; + } +- for (cntr_unknown_0 = 0; cntr_unknown_0 < 14; cntr_unknown_0++) { ++ size_unknown_0 = 14; ++ for (cntr_unknown_0 = 0; cntr_unknown_0 < size_unknown_0; cntr_unknown_0++) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown[cntr_unknown_0])); + } + } +@@ -7136,13 +7278,14 @@ static enum ndr_err_code ndr_pull_netr_DomainInfo1(struct ndr_pull *ndr, int ndr + _mem_save_trusts_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->trusts, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->trusts)); +- NDR_PULL_ALLOC_N(ndr, r->trusts, ndr_get_array_size(ndr, &r->trusts)); ++ size_trusts_1 = ndr_get_array_size(ndr, &r->trusts); ++ NDR_PULL_ALLOC_N(ndr, r->trusts, size_trusts_1); + _mem_save_trusts_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->trusts, 0); +- for (cntr_trusts_1 = 0; cntr_trusts_1 < r->num_trusts; cntr_trusts_1++) { ++ for (cntr_trusts_1 = 0; cntr_trusts_1 < size_trusts_1; cntr_trusts_1++) { + NDR_CHECK(ndr_pull_netr_DomainTrustInfo(ndr, NDR_SCALARS, &r->trusts[cntr_trusts_1])); + } +- for (cntr_trusts_1 = 0; cntr_trusts_1 < r->num_trusts; cntr_trusts_1++) { ++ for (cntr_trusts_1 = 0; cntr_trusts_1 < size_trusts_1; cntr_trusts_1++) { + NDR_CHECK(ndr_pull_netr_DomainTrustInfo(ndr, NDR_BUFFERS, &r->trusts[cntr_trusts_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_trusts_1, 0); +@@ -7236,6 +7379,7 @@ static enum ndr_err_code ndr_pull_netr_DomainInfo(struct ndr_pull *ndr, int ndr_ + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_info1_0; ++ uint32_t _ptr_info1; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -7244,7 +7388,6 @@ static enum ndr_err_code ndr_pull_netr_DomainInfo(struct ndr_pull *ndr, int ndr_ + } + switch (level) { + case 1: { +- uint32_t _ptr_info1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1)); + if (_ptr_info1) { + NDR_PULL_ALLOC(ndr, r->info1); +@@ -7254,7 +7397,6 @@ static enum ndr_err_code ndr_pull_netr_DomainInfo(struct ndr_pull *ndr, int ndr_ + break; } + + case 2: { +- uint32_t _ptr_info1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1)); + if (_ptr_info1) { + NDR_PULL_ALLOC(ndr, r->info1); +@@ -7342,12 +7484,14 @@ static enum ndr_err_code ndr_push_netr_CryptPassword(struct ndr_push *ndr, int n + + static enum ndr_err_code ndr_pull_netr_CryptPassword(struct ndr_pull *ndr, int ndr_flags, struct netr_CryptPassword *r) + { ++ uint32_t size_data_0 = 0; + { + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, 512)); ++ size_data_0 = 512; ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, size_data_0)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->length)); + } + if (ndr_flags & NDR_BUFFERS) { +@@ -7396,6 +7540,7 @@ static enum ndr_err_code ndr_push_netr_DsRAddressToSitenamesWCtr(struct ndr_push + static enum ndr_err_code ndr_pull_netr_DsRAddressToSitenamesWCtr(struct ndr_pull *ndr, int ndr_flags, struct netr_DsRAddressToSitenamesWCtr *r) + { + uint32_t _ptr_sitename; ++ uint32_t size_sitename_1 = 0; + uint32_t cntr_sitename_1; + TALLOC_CTX *_mem_save_sitename_0; + TALLOC_CTX *_mem_save_sitename_1; +@@ -7414,13 +7559,14 @@ static enum ndr_err_code ndr_pull_netr_DsRAddressToSitenamesWCtr(struct ndr_pull + _mem_save_sitename_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sitename, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->sitename)); +- NDR_PULL_ALLOC_N(ndr, r->sitename, ndr_get_array_size(ndr, &r->sitename)); ++ size_sitename_1 = ndr_get_array_size(ndr, &r->sitename); ++ NDR_PULL_ALLOC_N(ndr, r->sitename, size_sitename_1); + _mem_save_sitename_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sitename, 0); +- for (cntr_sitename_1 = 0; cntr_sitename_1 < r->count; cntr_sitename_1++) { ++ for (cntr_sitename_1 = 0; cntr_sitename_1 < size_sitename_1; cntr_sitename_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->sitename[cntr_sitename_1])); + } +- for (cntr_sitename_1 = 0; cntr_sitename_1 < r->count; cntr_sitename_1++) { ++ for (cntr_sitename_1 = 0; cntr_sitename_1 < size_sitename_1; cntr_sitename_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->sitename[cntr_sitename_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sitename_1, 0); +@@ -7476,6 +7622,7 @@ static enum ndr_err_code ndr_push_netr_DsRAddress(struct ndr_push *ndr, int ndr_ + static enum ndr_err_code ndr_pull_netr_DsRAddress(struct ndr_pull *ndr, int ndr_flags, struct netr_DsRAddress *r) + { + uint32_t _ptr_buffer; ++ uint32_t size_buffer_1 = 0; + TALLOC_CTX *_mem_save_buffer_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -7492,8 +7639,9 @@ static enum ndr_err_code ndr_pull_netr_DsRAddress(struct ndr_pull *ndr, int ndr_ + _mem_save_buffer_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->buffer, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->buffer)); +- NDR_PULL_ALLOC_N(ndr, r->buffer, ndr_get_array_size(ndr, &r->buffer)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->buffer, ndr_get_array_size(ndr, &r->buffer))); ++ size_buffer_1 = ndr_get_array_size(ndr, &r->buffer); ++ NDR_PULL_ALLOC_N(ndr, r->buffer, size_buffer_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->buffer, size_buffer_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_buffer_0, 0); + } + if (r->buffer) { +@@ -7636,8 +7784,12 @@ static enum ndr_err_code ndr_push_netr_DomainTrust(struct ndr_push *ndr, int ndr + static enum ndr_err_code ndr_pull_netr_DomainTrust(struct ndr_pull *ndr, int ndr_flags, struct netr_DomainTrust *r) + { + uint32_t _ptr_netbios_name; ++ uint32_t size_netbios_name_1 = 0; ++ uint32_t length_netbios_name_1 = 0; + TALLOC_CTX *_mem_save_netbios_name_0; + uint32_t _ptr_dns_name; ++ uint32_t size_dns_name_1 = 0; ++ uint32_t length_dns_name_1 = 0; + TALLOC_CTX *_mem_save_dns_name_0; + uint32_t _ptr_sid; + TALLOC_CTX *_mem_save_sid_0; +@@ -7673,11 +7825,13 @@ static enum ndr_err_code ndr_pull_netr_DomainTrust(struct ndr_pull *ndr, int ndr + NDR_PULL_SET_MEM_CTX(ndr, r->netbios_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->netbios_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->netbios_name)); +- if (ndr_get_array_length(ndr, &r->netbios_name) > ndr_get_array_size(ndr, &r->netbios_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->netbios_name), ndr_get_array_length(ndr, &r->netbios_name)); ++ size_netbios_name_1 = ndr_get_array_size(ndr, &r->netbios_name); ++ length_netbios_name_1 = ndr_get_array_length(ndr, &r->netbios_name); ++ if (length_netbios_name_1 > size_netbios_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_netbios_name_1, length_netbios_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->netbios_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->netbios_name, ndr_get_array_length(ndr, &r->netbios_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_netbios_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->netbios_name, length_netbios_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_netbios_name_0, 0); + } + if (r->dns_name) { +@@ -7685,11 +7839,13 @@ static enum ndr_err_code ndr_pull_netr_DomainTrust(struct ndr_pull *ndr, int ndr + NDR_PULL_SET_MEM_CTX(ndr, r->dns_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->dns_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->dns_name)); +- if (ndr_get_array_length(ndr, &r->dns_name) > ndr_get_array_size(ndr, &r->dns_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->dns_name), ndr_get_array_length(ndr, &r->dns_name)); ++ size_dns_name_1 = ndr_get_array_size(ndr, &r->dns_name); ++ length_dns_name_1 = ndr_get_array_length(ndr, &r->dns_name); ++ if (length_dns_name_1 > size_dns_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dns_name_1, length_dns_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->dns_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->dns_name, ndr_get_array_length(ndr, &r->dns_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dns_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->dns_name, length_dns_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_dns_name_0, 0); + } + if (r->sid) { +@@ -7758,6 +7914,7 @@ static enum ndr_err_code ndr_push_netr_DomainTrustList(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_netr_DomainTrustList(struct ndr_pull *ndr, int ndr_flags, struct netr_DomainTrustList *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -7776,13 +7933,14 @@ static enum ndr_err_code ndr_pull_netr_DomainTrustList(struct ndr_pull *ndr, int + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_netr_DomainTrust(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_netr_DomainTrust(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -7855,10 +8013,12 @@ static enum ndr_err_code ndr_push_netr_DsRAddressToSitenamesExWCtr(struct ndr_pu + static enum ndr_err_code ndr_pull_netr_DsRAddressToSitenamesExWCtr(struct ndr_pull *ndr, int ndr_flags, struct netr_DsRAddressToSitenamesExWCtr *r) + { + uint32_t _ptr_sitename; ++ uint32_t size_sitename_1 = 0; + uint32_t cntr_sitename_1; + TALLOC_CTX *_mem_save_sitename_0; + TALLOC_CTX *_mem_save_sitename_1; + uint32_t _ptr_subnetname; ++ uint32_t size_subnetname_1 = 0; + uint32_t cntr_subnetname_1; + TALLOC_CTX *_mem_save_subnetname_0; + TALLOC_CTX *_mem_save_subnetname_1; +@@ -7883,13 +8043,14 @@ static enum ndr_err_code ndr_pull_netr_DsRAddressToSitenamesExWCtr(struct ndr_pu + _mem_save_sitename_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sitename, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->sitename)); +- NDR_PULL_ALLOC_N(ndr, r->sitename, ndr_get_array_size(ndr, &r->sitename)); ++ size_sitename_1 = ndr_get_array_size(ndr, &r->sitename); ++ NDR_PULL_ALLOC_N(ndr, r->sitename, size_sitename_1); + _mem_save_sitename_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sitename, 0); +- for (cntr_sitename_1 = 0; cntr_sitename_1 < r->count; cntr_sitename_1++) { ++ for (cntr_sitename_1 = 0; cntr_sitename_1 < size_sitename_1; cntr_sitename_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->sitename[cntr_sitename_1])); + } +- for (cntr_sitename_1 = 0; cntr_sitename_1 < r->count; cntr_sitename_1++) { ++ for (cntr_sitename_1 = 0; cntr_sitename_1 < size_sitename_1; cntr_sitename_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->sitename[cntr_sitename_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sitename_1, 0); +@@ -7899,13 +8060,14 @@ static enum ndr_err_code ndr_pull_netr_DsRAddressToSitenamesExWCtr(struct ndr_pu + _mem_save_subnetname_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->subnetname, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->subnetname)); +- NDR_PULL_ALLOC_N(ndr, r->subnetname, ndr_get_array_size(ndr, &r->subnetname)); ++ size_subnetname_1 = ndr_get_array_size(ndr, &r->subnetname); ++ NDR_PULL_ALLOC_N(ndr, r->subnetname, size_subnetname_1); + _mem_save_subnetname_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->subnetname, 0); +- for (cntr_subnetname_1 = 0; cntr_subnetname_1 < r->count; cntr_subnetname_1++) { ++ for (cntr_subnetname_1 = 0; cntr_subnetname_1 < size_subnetname_1; cntr_subnetname_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->subnetname[cntr_subnetname_1])); + } +- for (cntr_subnetname_1 = 0; cntr_subnetname_1 < r->count; cntr_subnetname_1++) { ++ for (cntr_subnetname_1 = 0; cntr_subnetname_1 < size_subnetname_1; cntr_subnetname_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->subnetname[cntr_subnetname_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_subnetname_1, 0); +@@ -7986,6 +8148,7 @@ static enum ndr_err_code ndr_push_DcSitesCtr(struct ndr_push *ndr, int ndr_flags + static enum ndr_err_code ndr_pull_DcSitesCtr(struct ndr_pull *ndr, int ndr_flags, struct DcSitesCtr *r) + { + uint32_t _ptr_sites; ++ uint32_t size_sites_1 = 0; + uint32_t cntr_sites_1; + TALLOC_CTX *_mem_save_sites_0; + TALLOC_CTX *_mem_save_sites_1; +@@ -8004,13 +8167,14 @@ static enum ndr_err_code ndr_pull_DcSitesCtr(struct ndr_pull *ndr, int ndr_flags + _mem_save_sites_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sites, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->sites)); +- NDR_PULL_ALLOC_N(ndr, r->sites, ndr_get_array_size(ndr, &r->sites)); ++ size_sites_1 = ndr_get_array_size(ndr, &r->sites); ++ NDR_PULL_ALLOC_N(ndr, r->sites, size_sites_1); + _mem_save_sites_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sites, 0); +- for (cntr_sites_1 = 0; cntr_sites_1 < r->num_sites; cntr_sites_1++) { ++ for (cntr_sites_1 = 0; cntr_sites_1 < size_sites_1; cntr_sites_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->sites[cntr_sites_1])); + } +- for (cntr_sites_1 = 0; cntr_sites_1 < r->num_sites; cntr_sites_1++) { ++ for (cntr_sites_1 = 0; cntr_sites_1 < size_sites_1; cntr_sites_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->sites[cntr_sites_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_sites_1, 0); +@@ -8079,6 +8243,12 @@ static enum ndr_err_code ndr_push_netr_LogonUasLogon(struct ndr_push *ndr, int f + static enum ndr_err_code ndr_pull_netr_LogonUasLogon(struct ndr_pull *ndr, int flags, struct netr_LogonUasLogon *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_account_name_0 = 0; ++ uint32_t length_account_name_0 = 0; ++ uint32_t size_workstation_0 = 0; ++ uint32_t length_workstation_0 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_info_0; + if (flags & NDR_IN) { +@@ -8095,27 +8265,33 @@ static enum ndr_err_code ndr_pull_netr_LogonUasLogon(struct ndr_pull *ndr, int f + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.account_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.account_name)); +- if (ndr_get_array_length(ndr, &r->in.account_name) > ndr_get_array_size(ndr, &r->in.account_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.account_name), ndr_get_array_length(ndr, &r->in.account_name)); ++ size_account_name_0 = ndr_get_array_size(ndr, &r->in.account_name); ++ length_account_name_0 = ndr_get_array_length(ndr, &r->in.account_name); ++ if (length_account_name_0 > size_account_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_account_name_0, length_account_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_account_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, length_account_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.workstation)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.workstation)); +- if (ndr_get_array_length(ndr, &r->in.workstation) > ndr_get_array_size(ndr, &r->in.workstation)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.workstation), ndr_get_array_length(ndr, &r->in.workstation)); ++ size_workstation_0 = ndr_get_array_size(ndr, &r->in.workstation); ++ length_workstation_0 = ndr_get_array_length(ndr, &r->in.workstation); ++ if (length_workstation_0 > size_workstation_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_workstation_0, length_workstation_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.workstation), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.workstation, ndr_get_array_length(ndr, &r->in.workstation), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_workstation_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.workstation, length_workstation_0, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_ALLOC(ndr, r->out.info); + ZERO_STRUCTP(r->out.info); + } +@@ -8197,6 +8373,12 @@ static enum ndr_err_code ndr_push_netr_LogonUasLogoff(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_netr_LogonUasLogoff(struct ndr_pull *ndr, int flags, struct netr_LogonUasLogoff *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_account_name_0 = 0; ++ uint32_t length_account_name_0 = 0; ++ uint32_t size_workstation_0 = 0; ++ uint32_t length_workstation_0 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_info_0; + if (flags & NDR_IN) { +@@ -8213,27 +8395,33 @@ static enum ndr_err_code ndr_pull_netr_LogonUasLogoff(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.account_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.account_name)); +- if (ndr_get_array_length(ndr, &r->in.account_name) > ndr_get_array_size(ndr, &r->in.account_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.account_name), ndr_get_array_length(ndr, &r->in.account_name)); ++ size_account_name_0 = ndr_get_array_size(ndr, &r->in.account_name); ++ length_account_name_0 = ndr_get_array_length(ndr, &r->in.account_name); ++ if (length_account_name_0 > size_account_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_account_name_0, length_account_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_account_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, length_account_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.workstation)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.workstation)); +- if (ndr_get_array_length(ndr, &r->in.workstation) > ndr_get_array_size(ndr, &r->in.workstation)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.workstation), ndr_get_array_length(ndr, &r->in.workstation)); ++ size_workstation_0 = ndr_get_array_size(ndr, &r->in.workstation); ++ length_workstation_0 = ndr_get_array_length(ndr, &r->in.workstation); ++ if (length_workstation_0 > size_workstation_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_workstation_0, length_workstation_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.workstation), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.workstation, ndr_get_array_length(ndr, &r->in.workstation), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_workstation_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.workstation, length_workstation_0, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_ALLOC(ndr, r->out.info); + ZERO_STRUCTP(r->out.info); + } +@@ -8338,7 +8526,11 @@ static enum ndr_err_code ndr_push_netr_LogonSamLogon(struct ndr_push *ndr, int f + static enum ndr_err_code ndr_pull_netr_LogonSamLogon(struct ndr_pull *ndr, int flags, struct netr_LogonSamLogon *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_computer_name; ++ uint32_t size_computer_name_1 = 0; ++ uint32_t length_computer_name_1 = 0; + uint32_t _ptr_credential; + uint32_t _ptr_return_authenticator; + TALLOC_CTX *_mem_save_server_name_0; +@@ -8362,11 +8554,13 @@ static enum ndr_err_code ndr_pull_netr_LogonSamLogon(struct ndr_pull *ndr, int f + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_computer_name)); +@@ -8380,11 +8574,13 @@ static enum ndr_err_code ndr_pull_netr_LogonSamLogon(struct ndr_pull *ndr, int f + NDR_PULL_SET_MEM_CTX(ndr, r->in.computer_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computer_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computer_name)); +- if (ndr_get_array_length(ndr, &r->in.computer_name) > ndr_get_array_size(ndr, &r->in.computer_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computer_name), ndr_get_array_length(ndr, &r->in.computer_name)); ++ size_computer_name_1 = ndr_get_array_size(ndr, &r->in.computer_name); ++ length_computer_name_1 = ndr_get_array_length(ndr, &r->in.computer_name); ++ if (length_computer_name_1 > size_computer_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computer_name_1, length_computer_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computer_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, length_computer_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_computer_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_credential)); +@@ -8568,7 +8764,11 @@ static enum ndr_err_code ndr_push_netr_LogonSamLogoff(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_netr_LogonSamLogoff(struct ndr_pull *ndr, int flags, struct netr_LogonSamLogoff *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_computer_name; ++ uint32_t size_computer_name_1 = 0; ++ uint32_t length_computer_name_1 = 0; + uint32_t _ptr_credential; + uint32_t _ptr_return_authenticator; + TALLOC_CTX *_mem_save_server_name_0; +@@ -8589,11 +8789,13 @@ static enum ndr_err_code ndr_pull_netr_LogonSamLogoff(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_computer_name)); +@@ -8607,11 +8809,13 @@ static enum ndr_err_code ndr_pull_netr_LogonSamLogoff(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.computer_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computer_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computer_name)); +- if (ndr_get_array_length(ndr, &r->in.computer_name) > ndr_get_array_size(ndr, &r->in.computer_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computer_name), ndr_get_array_length(ndr, &r->in.computer_name)); ++ size_computer_name_1 = ndr_get_array_size(ndr, &r->in.computer_name); ++ length_computer_name_1 = ndr_get_array_length(ndr, &r->in.computer_name); ++ if (length_computer_name_1 > size_computer_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computer_name_1, length_computer_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computer_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, length_computer_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_computer_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_credential)); +@@ -8746,6 +8950,10 @@ static enum ndr_err_code ndr_push_netr_ServerReqChallenge(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_netr_ServerReqChallenge(struct ndr_pull *ndr, int flags, struct netr_ServerReqChallenge *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_computer_name_0 = 0; ++ uint32_t length_computer_name_0 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_credentials_0; + TALLOC_CTX *_mem_save_return_credentials_0; +@@ -8763,20 +8971,24 @@ static enum ndr_err_code ndr_pull_netr_ServerReqChallenge(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computer_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computer_name)); +- if (ndr_get_array_length(ndr, &r->in.computer_name) > ndr_get_array_size(ndr, &r->in.computer_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computer_name), ndr_get_array_length(ndr, &r->in.computer_name)); ++ size_computer_name_0 = ndr_get_array_size(ndr, &r->in.computer_name); ++ length_computer_name_0 = ndr_get_array_length(ndr, &r->in.computer_name); ++ if (length_computer_name_0 > size_computer_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computer_name_0, length_computer_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computer_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, length_computer_name_0, sizeof(uint16_t), CH_UTF16)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.credentials); + } +@@ -8873,6 +9085,12 @@ static enum ndr_err_code ndr_push_netr_ServerAuthenticate(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_netr_ServerAuthenticate(struct ndr_pull *ndr, int flags, struct netr_ServerAuthenticate *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_account_name_0 = 0; ++ uint32_t length_account_name_0 = 0; ++ uint32_t size_computer_name_0 = 0; ++ uint32_t length_computer_name_0 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_credentials_0; + TALLOC_CTX *_mem_save_return_credentials_0; +@@ -8890,28 +9108,34 @@ static enum ndr_err_code ndr_pull_netr_ServerAuthenticate(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.account_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.account_name)); +- if (ndr_get_array_length(ndr, &r->in.account_name) > ndr_get_array_size(ndr, &r->in.account_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.account_name), ndr_get_array_length(ndr, &r->in.account_name)); ++ size_account_name_0 = ndr_get_array_size(ndr, &r->in.account_name); ++ length_account_name_0 = ndr_get_array_length(ndr, &r->in.account_name); ++ if (length_account_name_0 > size_account_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_account_name_0, length_account_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_account_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, length_account_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_netr_SchannelType(ndr, NDR_SCALARS, &r->in.secure_channel_type)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computer_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computer_name)); +- if (ndr_get_array_length(ndr, &r->in.computer_name) > ndr_get_array_size(ndr, &r->in.computer_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computer_name), ndr_get_array_length(ndr, &r->in.computer_name)); ++ size_computer_name_0 = ndr_get_array_size(ndr, &r->in.computer_name); ++ length_computer_name_0 = ndr_get_array_length(ndr, &r->in.computer_name); ++ if (length_computer_name_0 > size_computer_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computer_name_0, length_computer_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computer_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, length_computer_name_0, sizeof(uint16_t), CH_UTF16)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.credentials); + } +@@ -9014,6 +9238,12 @@ static enum ndr_err_code ndr_push_netr_ServerPasswordSet(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_netr_ServerPasswordSet(struct ndr_pull *ndr, int flags, struct netr_ServerPasswordSet *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_account_name_0 = 0; ++ uint32_t length_account_name_0 = 0; ++ uint32_t size_computer_name_0 = 0; ++ uint32_t length_computer_name_0 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_credential_0; + TALLOC_CTX *_mem_save_return_authenticator_0; +@@ -9032,28 +9262,34 @@ static enum ndr_err_code ndr_pull_netr_ServerPasswordSet(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.account_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.account_name)); +- if (ndr_get_array_length(ndr, &r->in.account_name) > ndr_get_array_size(ndr, &r->in.account_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.account_name), ndr_get_array_length(ndr, &r->in.account_name)); ++ size_account_name_0 = ndr_get_array_size(ndr, &r->in.account_name); ++ length_account_name_0 = ndr_get_array_length(ndr, &r->in.account_name); ++ if (length_account_name_0 > size_account_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_account_name_0, length_account_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_account_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, length_account_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_netr_SchannelType(ndr, NDR_SCALARS, &r->in.secure_channel_type)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computer_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computer_name)); +- if (ndr_get_array_length(ndr, &r->in.computer_name) > ndr_get_array_size(ndr, &r->in.computer_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computer_name), ndr_get_array_length(ndr, &r->in.computer_name)); ++ size_computer_name_0 = ndr_get_array_size(ndr, &r->in.computer_name); ++ length_computer_name_0 = ndr_get_array_length(ndr, &r->in.computer_name); ++ if (length_computer_name_0 > size_computer_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computer_name_0, length_computer_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computer_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, length_computer_name_0, sizeof(uint16_t), CH_UTF16)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.credential); + } +@@ -9175,6 +9411,10 @@ static enum ndr_err_code ndr_push_netr_DatabaseDeltas(struct ndr_push *ndr, int + + static enum ndr_err_code ndr_pull_netr_DatabaseDeltas(struct ndr_pull *ndr, int flags, struct netr_DatabaseDeltas *r) + { ++ uint32_t size_logon_server_0 = 0; ++ uint32_t length_logon_server_0 = 0; ++ uint32_t size_computername_0 = 0; ++ uint32_t length_computername_0 = 0; + uint32_t _ptr_delta_enum_array; + TALLOC_CTX *_mem_save_credential_0; + TALLOC_CTX *_mem_save_return_authenticator_0; +@@ -9186,18 +9426,22 @@ static enum ndr_err_code ndr_pull_netr_DatabaseDeltas(struct ndr_pull *ndr, int + + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.logon_server)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.logon_server)); +- if (ndr_get_array_length(ndr, &r->in.logon_server) > ndr_get_array_size(ndr, &r->in.logon_server)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.logon_server), ndr_get_array_length(ndr, &r->in.logon_server)); ++ size_logon_server_0 = ndr_get_array_size(ndr, &r->in.logon_server); ++ length_logon_server_0 = ndr_get_array_length(ndr, &r->in.logon_server); ++ if (length_logon_server_0 > size_logon_server_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_logon_server_0, length_logon_server_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_logon_server_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, length_logon_server_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computername)); +- if (ndr_get_array_length(ndr, &r->in.computername) > ndr_get_array_size(ndr, &r->in.computername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computername), ndr_get_array_length(ndr, &r->in.computername)); ++ size_computername_0 = ndr_get_array_size(ndr, &r->in.computername); ++ length_computername_0 = ndr_get_array_length(ndr, &r->in.computername); ++ if (length_computername_0 > size_computername_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computername_0, length_computername_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computername, ndr_get_array_length(ndr, &r->in.computername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computername_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computername, length_computername_0, sizeof(uint16_t), CH_UTF16)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.credential); + } +@@ -9363,6 +9607,10 @@ static enum ndr_err_code ndr_push_netr_DatabaseSync(struct ndr_push *ndr, int fl + + static enum ndr_err_code ndr_pull_netr_DatabaseSync(struct ndr_pull *ndr, int flags, struct netr_DatabaseSync *r) + { ++ uint32_t size_logon_server_0 = 0; ++ uint32_t length_logon_server_0 = 0; ++ uint32_t size_computername_0 = 0; ++ uint32_t length_computername_0 = 0; + TALLOC_CTX *_mem_save_return_authenticator_0; + TALLOC_CTX *_mem_save_sync_context_0; + TALLOC_CTX *_mem_save_delta_enum_array_0; +@@ -9371,18 +9619,22 @@ static enum ndr_err_code ndr_pull_netr_DatabaseSync(struct ndr_pull *ndr, int fl + + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.logon_server)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.logon_server)); +- if (ndr_get_array_length(ndr, &r->in.logon_server) > ndr_get_array_size(ndr, &r->in.logon_server)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.logon_server), ndr_get_array_length(ndr, &r->in.logon_server)); ++ size_logon_server_0 = ndr_get_array_size(ndr, &r->in.logon_server); ++ length_logon_server_0 = ndr_get_array_length(ndr, &r->in.logon_server); ++ if (length_logon_server_0 > size_logon_server_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_logon_server_0, length_logon_server_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_logon_server_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, length_logon_server_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computername)); +- if (ndr_get_array_length(ndr, &r->in.computername) > ndr_get_array_size(ndr, &r->in.computername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computername), ndr_get_array_length(ndr, &r->in.computername)); ++ size_computername_0 = ndr_get_array_size(ndr, &r->in.computername); ++ length_computername_0 = ndr_get_array_length(ndr, &r->in.computername); ++ if (length_computername_0 > size_computername_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computername_0, length_computername_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computername, ndr_get_array_length(ndr, &r->in.computername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computername_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computername, length_computername_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_netr_Authenticator(ndr, NDR_SCALARS, &r->in.credential)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.return_authenticator); +@@ -9538,6 +9790,10 @@ static enum ndr_err_code ndr_push_netr_AccountDeltas(struct ndr_push *ndr, int f + static enum ndr_err_code ndr_pull_netr_AccountDeltas(struct ndr_pull *ndr, int flags, struct netr_AccountDeltas *r) + { + uint32_t _ptr_logon_server; ++ uint32_t size_logon_server_1 = 0; ++ uint32_t length_logon_server_1 = 0; ++ uint32_t size_computername_0 = 0; ++ uint32_t length_computername_0 = 0; + TALLOC_CTX *_mem_save_logon_server_0; + TALLOC_CTX *_mem_save_return_authenticator_0; + TALLOC_CTX *_mem_save_buffer_0; +@@ -9558,20 +9814,24 @@ static enum ndr_err_code ndr_pull_netr_AccountDeltas(struct ndr_pull *ndr, int f + NDR_PULL_SET_MEM_CTX(ndr, r->in.logon_server, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.logon_server)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.logon_server)); +- if (ndr_get_array_length(ndr, &r->in.logon_server) > ndr_get_array_size(ndr, &r->in.logon_server)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.logon_server), ndr_get_array_length(ndr, &r->in.logon_server)); ++ size_logon_server_1 = ndr_get_array_size(ndr, &r->in.logon_server); ++ length_logon_server_1 = ndr_get_array_length(ndr, &r->in.logon_server); ++ if (length_logon_server_1 > size_logon_server_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_logon_server_1, length_logon_server_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_logon_server_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, length_logon_server_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_logon_server_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computername)); +- if (ndr_get_array_length(ndr, &r->in.computername) > ndr_get_array_size(ndr, &r->in.computername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computername), ndr_get_array_length(ndr, &r->in.computername)); ++ size_computername_0 = ndr_get_array_size(ndr, &r->in.computername); ++ length_computername_0 = ndr_get_array_length(ndr, &r->in.computername); ++ if (length_computername_0 > size_computername_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computername_0, length_computername_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computername, ndr_get_array_length(ndr, &r->in.computername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computername_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computername, length_computername_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_netr_Authenticator(ndr, NDR_SCALARS, &r->in.credential)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.return_authenticator); +@@ -9763,6 +10023,10 @@ static enum ndr_err_code ndr_push_netr_AccountSync(struct ndr_push *ndr, int fla + static enum ndr_err_code ndr_pull_netr_AccountSync(struct ndr_pull *ndr, int flags, struct netr_AccountSync *r) + { + uint32_t _ptr_logon_server; ++ uint32_t size_logon_server_1 = 0; ++ uint32_t length_logon_server_1 = 0; ++ uint32_t size_computername_0 = 0; ++ uint32_t length_computername_0 = 0; + TALLOC_CTX *_mem_save_logon_server_0; + TALLOC_CTX *_mem_save_return_authenticator_0; + TALLOC_CTX *_mem_save_buffer_0; +@@ -9784,20 +10048,24 @@ static enum ndr_err_code ndr_pull_netr_AccountSync(struct ndr_pull *ndr, int fla + NDR_PULL_SET_MEM_CTX(ndr, r->in.logon_server, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.logon_server)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.logon_server)); +- if (ndr_get_array_length(ndr, &r->in.logon_server) > ndr_get_array_size(ndr, &r->in.logon_server)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.logon_server), ndr_get_array_length(ndr, &r->in.logon_server)); ++ size_logon_server_1 = ndr_get_array_size(ndr, &r->in.logon_server); ++ length_logon_server_1 = ndr_get_array_length(ndr, &r->in.logon_server); ++ if (length_logon_server_1 > size_logon_server_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_logon_server_1, length_logon_server_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_logon_server_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, length_logon_server_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_logon_server_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computername)); +- if (ndr_get_array_length(ndr, &r->in.computername) > ndr_get_array_size(ndr, &r->in.computername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computername), ndr_get_array_length(ndr, &r->in.computername)); ++ size_computername_0 = ndr_get_array_size(ndr, &r->in.computername); ++ length_computername_0 = ndr_get_array_length(ndr, &r->in.computername); ++ if (length_computername_0 > size_computername_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computername_0, length_computername_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computername, ndr_get_array_length(ndr, &r->in.computername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computername_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computername, length_computername_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_netr_Authenticator(ndr, NDR_SCALARS, &r->in.credential)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.return_authenticator); +@@ -9979,8 +10247,14 @@ static enum ndr_err_code ndr_push_netr_GetDcName(struct ndr_push *ndr, int flags + + static enum ndr_err_code ndr_pull_netr_GetDcName(struct ndr_pull *ndr, int flags, struct netr_GetDcName *r) + { ++ uint32_t size_logon_server_0 = 0; ++ uint32_t length_logon_server_0 = 0; + uint32_t _ptr_domainname; ++ uint32_t size_domainname_1 = 0; ++ uint32_t length_domainname_1 = 0; + uint32_t _ptr_dcname; ++ uint32_t size_dcname_2 = 0; ++ uint32_t length_dcname_2 = 0; + TALLOC_CTX *_mem_save_domainname_0; + TALLOC_CTX *_mem_save_dcname_0; + TALLOC_CTX *_mem_save_dcname_1; +@@ -9989,11 +10263,13 @@ static enum ndr_err_code ndr_pull_netr_GetDcName(struct ndr_pull *ndr, int flags + + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.logon_server)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.logon_server)); +- if (ndr_get_array_length(ndr, &r->in.logon_server) > ndr_get_array_size(ndr, &r->in.logon_server)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.logon_server), ndr_get_array_length(ndr, &r->in.logon_server)); ++ size_logon_server_0 = ndr_get_array_size(ndr, &r->in.logon_server); ++ length_logon_server_0 = ndr_get_array_length(ndr, &r->in.logon_server); ++ if (length_logon_server_0 > size_logon_server_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_logon_server_0, length_logon_server_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_logon_server_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, length_logon_server_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_domainname)); + if (_ptr_domainname) { + NDR_PULL_ALLOC(ndr, r->in.domainname); +@@ -10005,11 +10281,13 @@ static enum ndr_err_code ndr_pull_netr_GetDcName(struct ndr_pull *ndr, int flags + NDR_PULL_SET_MEM_CTX(ndr, r->in.domainname, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.domainname)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.domainname)); +- if (ndr_get_array_length(ndr, &r->in.domainname) > ndr_get_array_size(ndr, &r->in.domainname)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.domainname), ndr_get_array_length(ndr, &r->in.domainname)); ++ size_domainname_1 = ndr_get_array_size(ndr, &r->in.domainname); ++ length_domainname_1 = ndr_get_array_length(ndr, &r->in.domainname); ++ if (length_domainname_1 > size_domainname_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domainname_1, length_domainname_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.domainname), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domainname, ndr_get_array_length(ndr, &r->in.domainname), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domainname_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domainname, length_domainname_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domainname_0, 0); + } + NDR_PULL_ALLOC(ndr, r->out.dcname); +@@ -10032,11 +10310,13 @@ static enum ndr_err_code ndr_pull_netr_GetDcName(struct ndr_pull *ndr, int flags + NDR_PULL_SET_MEM_CTX(ndr, *r->out.dcname, 0); + NDR_CHECK(ndr_pull_array_size(ndr, r->out.dcname)); + NDR_CHECK(ndr_pull_array_length(ndr, r->out.dcname)); +- if (ndr_get_array_length(ndr, r->out.dcname) > ndr_get_array_size(ndr, r->out.dcname)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, r->out.dcname), ndr_get_array_length(ndr, r->out.dcname)); ++ size_dcname_2 = ndr_get_array_size(ndr, r->out.dcname); ++ length_dcname_2 = ndr_get_array_length(ndr, r->out.dcname); ++ if (length_dcname_2 > size_dcname_2) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dcname_2, length_dcname_2); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, r->out.dcname), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.dcname, ndr_get_array_length(ndr, r->out.dcname), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dcname_2, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.dcname, length_dcname_2, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_dcname_1, 0); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_dcname_0, LIBNDR_FLAG_REF_ALLOC); +@@ -10109,6 +10389,8 @@ static enum ndr_err_code ndr_push_netr_LogonControl(struct ndr_push *ndr, int fl + static enum ndr_err_code ndr_pull_netr_LogonControl(struct ndr_pull *ndr, int flags, struct netr_LogonControl *r) + { + uint32_t _ptr_logon_server; ++ uint32_t size_logon_server_1 = 0; ++ uint32_t length_logon_server_1 = 0; + TALLOC_CTX *_mem_save_logon_server_0; + TALLOC_CTX *_mem_save_info_0; + if (flags & NDR_IN) { +@@ -10125,11 +10407,13 @@ static enum ndr_err_code ndr_pull_netr_LogonControl(struct ndr_pull *ndr, int fl + NDR_PULL_SET_MEM_CTX(ndr, r->in.logon_server, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.logon_server)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.logon_server)); +- if (ndr_get_array_length(ndr, &r->in.logon_server) > ndr_get_array_size(ndr, &r->in.logon_server)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.logon_server), ndr_get_array_length(ndr, &r->in.logon_server)); ++ size_logon_server_1 = ndr_get_array_size(ndr, &r->in.logon_server); ++ length_logon_server_1 = ndr_get_array_length(ndr, &r->in.logon_server); ++ if (length_logon_server_1 > size_logon_server_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_logon_server_1, length_logon_server_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_logon_server_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, length_logon_server_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_logon_server_0, 0); + } + NDR_CHECK(ndr_pull_netr_LogonControlCode(ndr, NDR_SCALARS, &r->in.function_code)); +@@ -10222,8 +10506,14 @@ static enum ndr_err_code ndr_push_netr_GetAnyDCName(struct ndr_push *ndr, int fl + static enum ndr_err_code ndr_pull_netr_GetAnyDCName(struct ndr_pull *ndr, int flags, struct netr_GetAnyDCName *r) + { + uint32_t _ptr_logon_server; ++ uint32_t size_logon_server_1 = 0; ++ uint32_t length_logon_server_1 = 0; + uint32_t _ptr_domainname; ++ uint32_t size_domainname_1 = 0; ++ uint32_t length_domainname_1 = 0; + uint32_t _ptr_dcname; ++ uint32_t size_dcname_2 = 0; ++ uint32_t length_dcname_2 = 0; + TALLOC_CTX *_mem_save_logon_server_0; + TALLOC_CTX *_mem_save_domainname_0; + TALLOC_CTX *_mem_save_dcname_0; +@@ -10242,11 +10532,13 @@ static enum ndr_err_code ndr_pull_netr_GetAnyDCName(struct ndr_pull *ndr, int fl + NDR_PULL_SET_MEM_CTX(ndr, r->in.logon_server, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.logon_server)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.logon_server)); +- if (ndr_get_array_length(ndr, &r->in.logon_server) > ndr_get_array_size(ndr, &r->in.logon_server)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.logon_server), ndr_get_array_length(ndr, &r->in.logon_server)); ++ size_logon_server_1 = ndr_get_array_size(ndr, &r->in.logon_server); ++ length_logon_server_1 = ndr_get_array_length(ndr, &r->in.logon_server); ++ if (length_logon_server_1 > size_logon_server_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_logon_server_1, length_logon_server_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_logon_server_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, length_logon_server_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_logon_server_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_domainname)); +@@ -10260,11 +10552,13 @@ static enum ndr_err_code ndr_pull_netr_GetAnyDCName(struct ndr_pull *ndr, int fl + NDR_PULL_SET_MEM_CTX(ndr, r->in.domainname, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.domainname)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.domainname)); +- if (ndr_get_array_length(ndr, &r->in.domainname) > ndr_get_array_size(ndr, &r->in.domainname)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.domainname), ndr_get_array_length(ndr, &r->in.domainname)); ++ size_domainname_1 = ndr_get_array_size(ndr, &r->in.domainname); ++ length_domainname_1 = ndr_get_array_length(ndr, &r->in.domainname); ++ if (length_domainname_1 > size_domainname_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domainname_1, length_domainname_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.domainname), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domainname, ndr_get_array_length(ndr, &r->in.domainname), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domainname_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domainname, length_domainname_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domainname_0, 0); + } + NDR_PULL_ALLOC(ndr, r->out.dcname); +@@ -10287,11 +10581,13 @@ static enum ndr_err_code ndr_pull_netr_GetAnyDCName(struct ndr_pull *ndr, int fl + NDR_PULL_SET_MEM_CTX(ndr, *r->out.dcname, 0); + NDR_CHECK(ndr_pull_array_size(ndr, r->out.dcname)); + NDR_CHECK(ndr_pull_array_length(ndr, r->out.dcname)); +- if (ndr_get_array_length(ndr, r->out.dcname) > ndr_get_array_size(ndr, r->out.dcname)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, r->out.dcname), ndr_get_array_length(ndr, r->out.dcname)); ++ size_dcname_2 = ndr_get_array_size(ndr, r->out.dcname); ++ length_dcname_2 = ndr_get_array_length(ndr, r->out.dcname); ++ if (length_dcname_2 > size_dcname_2) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dcname_2, length_dcname_2); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, r->out.dcname), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.dcname, ndr_get_array_length(ndr, r->out.dcname), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dcname_2, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.dcname, length_dcname_2, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_dcname_1, 0); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_dcname_0, LIBNDR_FLAG_REF_ALLOC); +@@ -10374,6 +10670,8 @@ static enum ndr_err_code ndr_push_netr_LogonControl2(struct ndr_push *ndr, int f + static enum ndr_err_code ndr_pull_netr_LogonControl2(struct ndr_pull *ndr, int flags, struct netr_LogonControl2 *r) + { + uint32_t _ptr_logon_server; ++ uint32_t size_logon_server_1 = 0; ++ uint32_t length_logon_server_1 = 0; + TALLOC_CTX *_mem_save_logon_server_0; + TALLOC_CTX *_mem_save_data_0; + TALLOC_CTX *_mem_save_query_0; +@@ -10391,11 +10689,13 @@ static enum ndr_err_code ndr_pull_netr_LogonControl2(struct ndr_pull *ndr, int f + NDR_PULL_SET_MEM_CTX(ndr, r->in.logon_server, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.logon_server)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.logon_server)); +- if (ndr_get_array_length(ndr, &r->in.logon_server) > ndr_get_array_size(ndr, &r->in.logon_server)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.logon_server), ndr_get_array_length(ndr, &r->in.logon_server)); ++ size_logon_server_1 = ndr_get_array_size(ndr, &r->in.logon_server); ++ length_logon_server_1 = ndr_get_array_length(ndr, &r->in.logon_server); ++ if (length_logon_server_1 > size_logon_server_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_logon_server_1, length_logon_server_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_logon_server_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, length_logon_server_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_logon_server_0, 0); + } + NDR_CHECK(ndr_pull_netr_LogonControlCode(ndr, NDR_SCALARS, &r->in.function_code)); +@@ -10509,6 +10809,12 @@ static enum ndr_err_code ndr_push_netr_ServerAuthenticate2(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_netr_ServerAuthenticate2(struct ndr_pull *ndr, int flags, struct netr_ServerAuthenticate2 *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_account_name_0 = 0; ++ uint32_t length_account_name_0 = 0; ++ uint32_t size_computer_name_0 = 0; ++ uint32_t length_computer_name_0 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_credentials_0; + TALLOC_CTX *_mem_save_return_credentials_0; +@@ -10527,28 +10833,34 @@ static enum ndr_err_code ndr_pull_netr_ServerAuthenticate2(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.account_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.account_name)); +- if (ndr_get_array_length(ndr, &r->in.account_name) > ndr_get_array_size(ndr, &r->in.account_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.account_name), ndr_get_array_length(ndr, &r->in.account_name)); ++ size_account_name_0 = ndr_get_array_size(ndr, &r->in.account_name); ++ length_account_name_0 = ndr_get_array_length(ndr, &r->in.account_name); ++ if (length_account_name_0 > size_account_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_account_name_0, length_account_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_account_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, length_account_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_netr_SchannelType(ndr, NDR_SCALARS, &r->in.secure_channel_type)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computer_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computer_name)); +- if (ndr_get_array_length(ndr, &r->in.computer_name) > ndr_get_array_size(ndr, &r->in.computer_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computer_name), ndr_get_array_length(ndr, &r->in.computer_name)); ++ size_computer_name_0 = ndr_get_array_size(ndr, &r->in.computer_name); ++ length_computer_name_0 = ndr_get_array_length(ndr, &r->in.computer_name); ++ if (length_computer_name_0 > size_computer_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computer_name_0, length_computer_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computer_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, length_computer_name_0, sizeof(uint16_t), CH_UTF16)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.credentials); + } +@@ -10684,6 +10996,10 @@ static enum ndr_err_code ndr_push_netr_DatabaseSync2(struct ndr_push *ndr, int f + + static enum ndr_err_code ndr_pull_netr_DatabaseSync2(struct ndr_pull *ndr, int flags, struct netr_DatabaseSync2 *r) + { ++ uint32_t size_logon_server_0 = 0; ++ uint32_t length_logon_server_0 = 0; ++ uint32_t size_computername_0 = 0; ++ uint32_t length_computername_0 = 0; + uint32_t _ptr_delta_enum_array; + TALLOC_CTX *_mem_save_credential_0; + TALLOC_CTX *_mem_save_return_authenticator_0; +@@ -10695,18 +11011,22 @@ static enum ndr_err_code ndr_pull_netr_DatabaseSync2(struct ndr_pull *ndr, int f + + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.logon_server)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.logon_server)); +- if (ndr_get_array_length(ndr, &r->in.logon_server) > ndr_get_array_size(ndr, &r->in.logon_server)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.logon_server), ndr_get_array_length(ndr, &r->in.logon_server)); ++ size_logon_server_0 = ndr_get_array_size(ndr, &r->in.logon_server); ++ length_logon_server_0 = ndr_get_array_length(ndr, &r->in.logon_server); ++ if (length_logon_server_0 > size_logon_server_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_logon_server_0, length_logon_server_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_logon_server_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, length_logon_server_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computername)); +- if (ndr_get_array_length(ndr, &r->in.computername) > ndr_get_array_size(ndr, &r->in.computername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computername), ndr_get_array_length(ndr, &r->in.computername)); ++ size_computername_0 = ndr_get_array_size(ndr, &r->in.computername); ++ length_computername_0 = ndr_get_array_length(ndr, &r->in.computername); ++ if (length_computername_0 > size_computername_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computername_0, length_computername_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computername, ndr_get_array_length(ndr, &r->in.computername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computername_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computername, length_computername_0, sizeof(uint16_t), CH_UTF16)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.credential); + } +@@ -10870,7 +11190,12 @@ static enum ndr_err_code ndr_push_netr_DatabaseRedo(struct ndr_push *ndr, int fl + + static enum ndr_err_code ndr_pull_netr_DatabaseRedo(struct ndr_pull *ndr, int flags, struct netr_DatabaseRedo *r) + { ++ uint32_t size_logon_server_0 = 0; ++ uint32_t length_logon_server_0 = 0; ++ uint32_t size_computername_0 = 0; ++ uint32_t length_computername_0 = 0; + uint32_t _ptr_change_log_entry; ++ uint32_t size_change_log_entry_1 = 0; + TALLOC_CTX *_mem_save_return_authenticator_0; + TALLOC_CTX *_mem_save_change_log_entry_0; + TALLOC_CTX *_mem_save_delta_enum_array_0; +@@ -10879,18 +11204,22 @@ static enum ndr_err_code ndr_pull_netr_DatabaseRedo(struct ndr_pull *ndr, int fl + + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.logon_server)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.logon_server)); +- if (ndr_get_array_length(ndr, &r->in.logon_server) > ndr_get_array_size(ndr, &r->in.logon_server)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.logon_server), ndr_get_array_length(ndr, &r->in.logon_server)); ++ size_logon_server_0 = ndr_get_array_size(ndr, &r->in.logon_server); ++ length_logon_server_0 = ndr_get_array_length(ndr, &r->in.logon_server); ++ if (length_logon_server_0 > size_logon_server_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_logon_server_0, length_logon_server_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_logon_server_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, length_logon_server_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computername)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computername)); +- if (ndr_get_array_length(ndr, &r->in.computername) > ndr_get_array_size(ndr, &r->in.computername)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computername), ndr_get_array_length(ndr, &r->in.computername)); ++ size_computername_0 = ndr_get_array_size(ndr, &r->in.computername); ++ length_computername_0 = ndr_get_array_length(ndr, &r->in.computername); ++ if (length_computername_0 > size_computername_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computername_0, length_computername_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computername), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computername, ndr_get_array_length(ndr, &r->in.computername), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computername_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computername, length_computername_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_netr_Authenticator(ndr, NDR_SCALARS, &r->in.credential)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.return_authenticator); +@@ -10909,8 +11238,9 @@ static enum ndr_err_code ndr_pull_netr_DatabaseRedo(struct ndr_pull *ndr, int fl + _mem_save_change_log_entry_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.change_log_entry, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.change_log_entry)); +- NDR_PULL_ALLOC_N(ndr, r->in.change_log_entry, ndr_get_array_size(ndr, &r->in.change_log_entry)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.change_log_entry, ndr_get_array_size(ndr, &r->in.change_log_entry))); ++ size_change_log_entry_1 = ndr_get_array_size(ndr, &r->in.change_log_entry); ++ NDR_PULL_ALLOC_N(ndr, r->in.change_log_entry, size_change_log_entry_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.change_log_entry, size_change_log_entry_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_change_log_entry_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.change_log_entry_size)); +@@ -11014,6 +11344,8 @@ static enum ndr_err_code ndr_push_netr_LogonControl2Ex(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_netr_LogonControl2Ex(struct ndr_pull *ndr, int flags, struct netr_LogonControl2Ex *r) + { + uint32_t _ptr_logon_server; ++ uint32_t size_logon_server_1 = 0; ++ uint32_t length_logon_server_1 = 0; + TALLOC_CTX *_mem_save_logon_server_0; + TALLOC_CTX *_mem_save_query_0; + if (flags & NDR_IN) { +@@ -11030,11 +11362,13 @@ static enum ndr_err_code ndr_pull_netr_LogonControl2Ex(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.logon_server, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.logon_server)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.logon_server)); +- if (ndr_get_array_length(ndr, &r->in.logon_server) > ndr_get_array_size(ndr, &r->in.logon_server)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.logon_server), ndr_get_array_length(ndr, &r->in.logon_server)); ++ size_logon_server_1 = ndr_get_array_size(ndr, &r->in.logon_server); ++ length_logon_server_1 = ndr_get_array_length(ndr, &r->in.logon_server); ++ if (length_logon_server_1 > size_logon_server_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_logon_server_1, length_logon_server_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, ndr_get_array_length(ndr, &r->in.logon_server), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_logon_server_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.logon_server, length_logon_server_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_logon_server_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.function_code)); +@@ -11118,6 +11452,8 @@ static enum ndr_err_code ndr_push_netr_NetrEnumerateTrustedDomains(struct ndr_pu + static enum ndr_err_code ndr_pull_netr_NetrEnumerateTrustedDomains(struct ndr_pull *ndr, int flags, struct netr_NetrEnumerateTrustedDomains *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_trusted_domains_blob_0; + if (flags & NDR_IN) { +@@ -11134,11 +11470,13 @@ static enum ndr_err_code ndr_pull_netr_NetrEnumerateTrustedDomains(struct ndr_pu + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_PULL_ALLOC(ndr, r->out.trusted_domains_blob); +@@ -11231,7 +11569,11 @@ static enum ndr_err_code ndr_push_netr_DsRGetDCName(struct ndr_push *ndr, int fl + static enum ndr_err_code ndr_pull_netr_DsRGetDCName(struct ndr_pull *ndr, int flags, struct netr_DsRGetDCName *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_domain_name; ++ uint32_t size_domain_name_1 = 0; ++ uint32_t length_domain_name_1 = 0; + uint32_t _ptr_domain_guid; + uint32_t _ptr_site_guid; + uint32_t _ptr_info; +@@ -11255,11 +11597,13 @@ static enum ndr_err_code ndr_pull_netr_DsRGetDCName(struct ndr_pull *ndr, int fl + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_domain_name)); +@@ -11273,11 +11617,13 @@ static enum ndr_err_code ndr_pull_netr_DsRGetDCName(struct ndr_pull *ndr, int fl + NDR_PULL_SET_MEM_CTX(ndr, r->in.domain_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.domain_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.domain_name)); +- if (ndr_get_array_length(ndr, &r->in.domain_name) > ndr_get_array_size(ndr, &r->in.domain_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.domain_name), ndr_get_array_length(ndr, &r->in.domain_name)); ++ size_domain_name_1 = ndr_get_array_size(ndr, &r->in.domain_name); ++ length_domain_name_1 = ndr_get_array_length(ndr, &r->in.domain_name); ++ if (length_domain_name_1 > size_domain_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_name_1, length_domain_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, length_domain_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_domain_guid)); +@@ -11428,7 +11774,11 @@ static enum ndr_err_code ndr_push_netr_LogonGetCapabilities(struct ndr_push *ndr + + static enum ndr_err_code ndr_pull_netr_LogonGetCapabilities(struct ndr_pull *ndr, int flags, struct netr_LogonGetCapabilities *r) + { ++ uint32_t size_server_name_0 = 0; ++ uint32_t length_server_name_0 = 0; + uint32_t _ptr_computer_name; ++ uint32_t size_computer_name_1 = 0; ++ uint32_t length_computer_name_1 = 0; + TALLOC_CTX *_mem_save_computer_name_0; + TALLOC_CTX *_mem_save_credential_0; + TALLOC_CTX *_mem_save_return_authenticator_0; +@@ -11438,11 +11788,13 @@ static enum ndr_err_code ndr_pull_netr_LogonGetCapabilities(struct ndr_pull *ndr + + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_0 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_0 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_0 > size_server_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_0, length_server_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_computer_name)); + if (_ptr_computer_name) { + NDR_PULL_ALLOC(ndr, r->in.computer_name); +@@ -11454,11 +11806,13 @@ static enum ndr_err_code ndr_pull_netr_LogonGetCapabilities(struct ndr_pull *ndr + NDR_PULL_SET_MEM_CTX(ndr, r->in.computer_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computer_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computer_name)); +- if (ndr_get_array_length(ndr, &r->in.computer_name) > ndr_get_array_size(ndr, &r->in.computer_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computer_name), ndr_get_array_length(ndr, &r->in.computer_name)); ++ size_computer_name_1 = ndr_get_array_size(ndr, &r->in.computer_name); ++ length_computer_name_1 = ndr_get_array_length(ndr, &r->in.computer_name); ++ if (length_computer_name_1 > size_computer_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computer_name_1, length_computer_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computer_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, length_computer_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_computer_name_0, 0); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -11620,7 +11974,11 @@ static enum ndr_err_code ndr_push_netr_LogonGetTrustRid(struct ndr_push *ndr, in + static enum ndr_err_code ndr_pull_netr_LogonGetTrustRid(struct ndr_pull *ndr, int flags, struct netr_LogonGetTrustRid *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_domain_name; ++ uint32_t size_domain_name_1 = 0; ++ uint32_t length_domain_name_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_domain_name_0; + TALLOC_CTX *_mem_save_rid_0; +@@ -11638,11 +11996,13 @@ static enum ndr_err_code ndr_pull_netr_LogonGetTrustRid(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_domain_name)); +@@ -11656,11 +12016,13 @@ static enum ndr_err_code ndr_pull_netr_LogonGetTrustRid(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.domain_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.domain_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.domain_name)); +- if (ndr_get_array_length(ndr, &r->in.domain_name) > ndr_get_array_size(ndr, &r->in.domain_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.domain_name), ndr_get_array_length(ndr, &r->in.domain_name)); ++ size_domain_name_1 = ndr_get_array_size(ndr, &r->in.domain_name); ++ length_domain_name_1 = ndr_get_array_length(ndr, &r->in.domain_name); ++ if (length_domain_name_1 > size_domain_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_name_1, length_domain_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, length_domain_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_name_0, 0); + } + NDR_PULL_ALLOC(ndr, r->out.rid); +@@ -11847,6 +12209,12 @@ static enum ndr_err_code ndr_push_netr_ServerAuthenticate3(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_netr_ServerAuthenticate3(struct ndr_pull *ndr, int flags, struct netr_ServerAuthenticate3 *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_account_name_0 = 0; ++ uint32_t length_account_name_0 = 0; ++ uint32_t size_computer_name_0 = 0; ++ uint32_t length_computer_name_0 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_credentials_0; + TALLOC_CTX *_mem_save_negotiate_flags_0; +@@ -11865,28 +12233,34 @@ static enum ndr_err_code ndr_pull_netr_ServerAuthenticate3(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.account_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.account_name)); +- if (ndr_get_array_length(ndr, &r->in.account_name) > ndr_get_array_size(ndr, &r->in.account_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.account_name), ndr_get_array_length(ndr, &r->in.account_name)); ++ size_account_name_0 = ndr_get_array_size(ndr, &r->in.account_name); ++ length_account_name_0 = ndr_get_array_length(ndr, &r->in.account_name); ++ if (length_account_name_0 > size_account_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_account_name_0, length_account_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_account_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, length_account_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_netr_SchannelType(ndr, NDR_SCALARS, &r->in.secure_channel_type)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computer_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computer_name)); +- if (ndr_get_array_length(ndr, &r->in.computer_name) > ndr_get_array_size(ndr, &r->in.computer_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computer_name), ndr_get_array_length(ndr, &r->in.computer_name)); ++ size_computer_name_0 = ndr_get_array_size(ndr, &r->in.computer_name); ++ length_computer_name_0 = ndr_get_array_length(ndr, &r->in.computer_name); ++ if (length_computer_name_0 > size_computer_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computer_name_0, length_computer_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computer_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, length_computer_name_0, sizeof(uint16_t), CH_UTF16)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.credentials); + } +@@ -12031,9 +12405,15 @@ static enum ndr_err_code ndr_push_netr_DsRGetDCNameEx(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_netr_DsRGetDCNameEx(struct ndr_pull *ndr, int flags, struct netr_DsRGetDCNameEx *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_domain_name; ++ uint32_t size_domain_name_1 = 0; ++ uint32_t length_domain_name_1 = 0; + uint32_t _ptr_domain_guid; + uint32_t _ptr_site_name; ++ uint32_t size_site_name_1 = 0; ++ uint32_t length_site_name_1 = 0; + uint32_t _ptr_info; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_domain_name_0; +@@ -12055,11 +12435,13 @@ static enum ndr_err_code ndr_pull_netr_DsRGetDCNameEx(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_domain_name)); +@@ -12073,11 +12455,13 @@ static enum ndr_err_code ndr_pull_netr_DsRGetDCNameEx(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.domain_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.domain_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.domain_name)); +- if (ndr_get_array_length(ndr, &r->in.domain_name) > ndr_get_array_size(ndr, &r->in.domain_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.domain_name), ndr_get_array_length(ndr, &r->in.domain_name)); ++ size_domain_name_1 = ndr_get_array_size(ndr, &r->in.domain_name); ++ length_domain_name_1 = ndr_get_array_length(ndr, &r->in.domain_name); ++ if (length_domain_name_1 > size_domain_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_name_1, length_domain_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, length_domain_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_domain_guid)); +@@ -12103,11 +12487,13 @@ static enum ndr_err_code ndr_pull_netr_DsRGetDCNameEx(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.site_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.site_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.site_name)); +- if (ndr_get_array_length(ndr, &r->in.site_name) > ndr_get_array_size(ndr, &r->in.site_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.site_name), ndr_get_array_length(ndr, &r->in.site_name)); ++ size_site_name_1 = ndr_get_array_size(ndr, &r->in.site_name); ++ length_site_name_1 = ndr_get_array_length(ndr, &r->in.site_name); ++ if (length_site_name_1 > size_site_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_site_name_1, length_site_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.site_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.site_name, ndr_get_array_length(ndr, &r->in.site_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_site_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.site_name, length_site_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_site_name_0, 0); + } + NDR_CHECK(ndr_pull_netr_DsRGetDCName_flags(ndr, NDR_SCALARS, &r->in.flags)); +@@ -12223,7 +12609,11 @@ static enum ndr_err_code ndr_push_netr_DsRGetSiteName(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_netr_DsRGetSiteName(struct ndr_pull *ndr, int flags, struct netr_DsRGetSiteName *r) + { + uint32_t _ptr_computer_name; ++ uint32_t size_computer_name_1 = 0; ++ uint32_t length_computer_name_1 = 0; + uint32_t _ptr_site; ++ uint32_t size_site_2 = 0; ++ uint32_t length_site_2 = 0; + TALLOC_CTX *_mem_save_computer_name_0; + TALLOC_CTX *_mem_save_site_0; + TALLOC_CTX *_mem_save_site_1; +@@ -12241,11 +12631,13 @@ static enum ndr_err_code ndr_pull_netr_DsRGetSiteName(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.computer_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computer_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computer_name)); +- if (ndr_get_array_length(ndr, &r->in.computer_name) > ndr_get_array_size(ndr, &r->in.computer_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computer_name), ndr_get_array_length(ndr, &r->in.computer_name)); ++ size_computer_name_1 = ndr_get_array_size(ndr, &r->in.computer_name); ++ length_computer_name_1 = ndr_get_array_length(ndr, &r->in.computer_name); ++ if (length_computer_name_1 > size_computer_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computer_name_1, length_computer_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computer_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, length_computer_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_computer_name_0, 0); + } + NDR_PULL_ALLOC(ndr, r->out.site); +@@ -12268,11 +12660,13 @@ static enum ndr_err_code ndr_pull_netr_DsRGetSiteName(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, *r->out.site, 0); + NDR_CHECK(ndr_pull_array_size(ndr, r->out.site)); + NDR_CHECK(ndr_pull_array_length(ndr, r->out.site)); +- if (ndr_get_array_length(ndr, r->out.site) > ndr_get_array_size(ndr, r->out.site)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, r->out.site), ndr_get_array_length(ndr, r->out.site)); ++ size_site_2 = ndr_get_array_size(ndr, r->out.site); ++ length_site_2 = ndr_get_array_length(ndr, r->out.site); ++ if (length_site_2 > size_site_2) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_site_2, length_site_2); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, r->out.site), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.site, ndr_get_array_length(ndr, r->out.site), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_site_2, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.site, length_site_2, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_site_1, 0); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_site_0, LIBNDR_FLAG_REF_ALLOC); +@@ -12360,7 +12754,11 @@ static enum ndr_err_code ndr_push_netr_LogonGetDomainInfo(struct ndr_push *ndr, + + static enum ndr_err_code ndr_pull_netr_LogonGetDomainInfo(struct ndr_pull *ndr, int flags, struct netr_LogonGetDomainInfo *r) + { ++ uint32_t size_server_name_0 = 0; ++ uint32_t length_server_name_0 = 0; + uint32_t _ptr_computer_name; ++ uint32_t size_computer_name_1 = 0; ++ uint32_t length_computer_name_1 = 0; + TALLOC_CTX *_mem_save_computer_name_0; + TALLOC_CTX *_mem_save_credential_0; + TALLOC_CTX *_mem_save_return_authenticator_0; +@@ -12370,11 +12768,13 @@ static enum ndr_err_code ndr_pull_netr_LogonGetDomainInfo(struct ndr_pull *ndr, + + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_0 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_0 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_0 > size_server_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_0, length_server_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_computer_name)); + if (_ptr_computer_name) { + NDR_PULL_ALLOC(ndr, r->in.computer_name); +@@ -12386,11 +12786,13 @@ static enum ndr_err_code ndr_pull_netr_LogonGetDomainInfo(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.computer_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computer_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computer_name)); +- if (ndr_get_array_length(ndr, &r->in.computer_name) > ndr_get_array_size(ndr, &r->in.computer_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computer_name), ndr_get_array_length(ndr, &r->in.computer_name)); ++ size_computer_name_1 = ndr_get_array_size(ndr, &r->in.computer_name); ++ length_computer_name_1 = ndr_get_array_length(ndr, &r->in.computer_name); ++ if (length_computer_name_1 > size_computer_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computer_name_1, length_computer_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computer_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, length_computer_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_computer_name_0, 0); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -12525,6 +12927,12 @@ static enum ndr_err_code ndr_push_netr_ServerPasswordSet2(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_netr_ServerPasswordSet2(struct ndr_pull *ndr, int flags, struct netr_ServerPasswordSet2 *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_account_name_0 = 0; ++ uint32_t length_account_name_0 = 0; ++ uint32_t size_computer_name_0 = 0; ++ uint32_t length_computer_name_0 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_credential_0; + TALLOC_CTX *_mem_save_return_authenticator_0; +@@ -12543,28 +12951,34 @@ static enum ndr_err_code ndr_pull_netr_ServerPasswordSet2(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.account_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.account_name)); +- if (ndr_get_array_length(ndr, &r->in.account_name) > ndr_get_array_size(ndr, &r->in.account_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.account_name), ndr_get_array_length(ndr, &r->in.account_name)); ++ size_account_name_0 = ndr_get_array_size(ndr, &r->in.account_name); ++ length_account_name_0 = ndr_get_array_length(ndr, &r->in.account_name); ++ if (length_account_name_0 > size_account_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_account_name_0, length_account_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_account_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, length_account_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_netr_SchannelType(ndr, NDR_SCALARS, &r->in.secure_channel_type)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computer_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computer_name)); +- if (ndr_get_array_length(ndr, &r->in.computer_name) > ndr_get_array_size(ndr, &r->in.computer_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computer_name), ndr_get_array_length(ndr, &r->in.computer_name)); ++ size_computer_name_0 = ndr_get_array_size(ndr, &r->in.computer_name); ++ length_computer_name_0 = ndr_get_array_length(ndr, &r->in.computer_name); ++ if (length_computer_name_0 > size_computer_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computer_name_0, length_computer_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computer_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, length_computer_name_0, sizeof(uint16_t), CH_UTF16)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.credential); + } +@@ -12678,6 +13092,12 @@ static enum ndr_err_code ndr_push_netr_ServerPasswordGet(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_netr_ServerPasswordGet(struct ndr_pull *ndr, int flags, struct netr_ServerPasswordGet *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_account_name_0 = 0; ++ uint32_t length_account_name_0 = 0; ++ uint32_t size_computer_name_0 = 0; ++ uint32_t length_computer_name_0 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_credential_0; + TALLOC_CTX *_mem_save_return_authenticator_0; +@@ -12696,28 +13116,34 @@ static enum ndr_err_code ndr_pull_netr_ServerPasswordGet(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.account_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.account_name)); +- if (ndr_get_array_length(ndr, &r->in.account_name) > ndr_get_array_size(ndr, &r->in.account_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.account_name), ndr_get_array_length(ndr, &r->in.account_name)); ++ size_account_name_0 = ndr_get_array_size(ndr, &r->in.account_name); ++ length_account_name_0 = ndr_get_array_length(ndr, &r->in.account_name); ++ if (length_account_name_0 > size_account_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_account_name_0, length_account_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_account_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, length_account_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_netr_SchannelType(ndr, NDR_SCALARS, &r->in.secure_channel_type)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computer_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computer_name)); +- if (ndr_get_array_length(ndr, &r->in.computer_name) > ndr_get_array_size(ndr, &r->in.computer_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computer_name), ndr_get_array_length(ndr, &r->in.computer_name)); ++ size_computer_name_0 = ndr_get_array_size(ndr, &r->in.computer_name); ++ length_computer_name_0 = ndr_get_array_length(ndr, &r->in.computer_name); ++ if (length_computer_name_0 > size_computer_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computer_name_0, length_computer_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computer_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, length_computer_name_0, sizeof(uint16_t), CH_UTF16)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.credential); + } +@@ -12872,6 +13298,9 @@ static enum ndr_err_code ndr_push_netr_DsRAddressToSitenamesW(struct ndr_push *n + static enum ndr_err_code ndr_pull_netr_DsRAddressToSitenamesW(struct ndr_pull *ndr, int flags, struct netr_DsRAddressToSitenamesW *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_addresses_1 = 0; + uint32_t cntr_addresses_1; + uint32_t _ptr_ctr; + TALLOC_CTX *_mem_save_server_name_0; +@@ -12892,11 +13321,13 @@ static enum ndr_err_code ndr_pull_netr_DsRAddressToSitenamesW(struct ndr_pull *n + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.count)); +@@ -12904,15 +13335,16 @@ static enum ndr_err_code ndr_pull_netr_DsRAddressToSitenamesW(struct ndr_pull *n + return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.addresses)); ++ size_addresses_1 = ndr_get_array_size(ndr, &r->in.addresses); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +- NDR_PULL_ALLOC_N(ndr, r->in.addresses, ndr_get_array_size(ndr, &r->in.addresses)); ++ NDR_PULL_ALLOC_N(ndr, r->in.addresses, size_addresses_1); + } + _mem_save_addresses_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.addresses, 0); +- for (cntr_addresses_1 = 0; cntr_addresses_1 < r->in.count; cntr_addresses_1++) { ++ for (cntr_addresses_1 = 0; cntr_addresses_1 < size_addresses_1; cntr_addresses_1++) { + NDR_CHECK(ndr_pull_netr_DsRAddress(ndr, NDR_SCALARS, &r->in.addresses[cntr_addresses_1])); + } +- for (cntr_addresses_1 = 0; cntr_addresses_1 < r->in.count; cntr_addresses_1++) { ++ for (cntr_addresses_1 = 0; cntr_addresses_1 < size_addresses_1; cntr_addresses_1++) { + NDR_CHECK(ndr_pull_netr_DsRAddress(ndr, NDR_BUFFERS, &r->in.addresses[cntr_addresses_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_addresses_1, 0); +@@ -13051,10 +13483,18 @@ static enum ndr_err_code ndr_push_netr_DsRGetDCNameEx2(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_netr_DsRGetDCNameEx2(struct ndr_pull *ndr, int flags, struct netr_DsRGetDCNameEx2 *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_client_account; ++ uint32_t size_client_account_1 = 0; ++ uint32_t length_client_account_1 = 0; + uint32_t _ptr_domain_name; ++ uint32_t size_domain_name_1 = 0; ++ uint32_t length_domain_name_1 = 0; + uint32_t _ptr_domain_guid; + uint32_t _ptr_site_name; ++ uint32_t size_site_name_1 = 0; ++ uint32_t length_site_name_1 = 0; + uint32_t _ptr_info; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_client_account_0; +@@ -13077,11 +13517,13 @@ static enum ndr_err_code ndr_pull_netr_DsRGetDCNameEx2(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_client_account)); +@@ -13095,11 +13537,13 @@ static enum ndr_err_code ndr_pull_netr_DsRGetDCNameEx2(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.client_account, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.client_account)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.client_account)); +- if (ndr_get_array_length(ndr, &r->in.client_account) > ndr_get_array_size(ndr, &r->in.client_account)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.client_account), ndr_get_array_length(ndr, &r->in.client_account)); ++ size_client_account_1 = ndr_get_array_size(ndr, &r->in.client_account); ++ length_client_account_1 = ndr_get_array_length(ndr, &r->in.client_account); ++ if (length_client_account_1 > size_client_account_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_client_account_1, length_client_account_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.client_account), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.client_account, ndr_get_array_length(ndr, &r->in.client_account), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_client_account_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.client_account, length_client_account_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_client_account_0, 0); + } + NDR_CHECK(ndr_pull_samr_AcctFlags(ndr, NDR_SCALARS, &r->in.mask)); +@@ -13114,11 +13558,13 @@ static enum ndr_err_code ndr_pull_netr_DsRGetDCNameEx2(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.domain_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.domain_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.domain_name)); +- if (ndr_get_array_length(ndr, &r->in.domain_name) > ndr_get_array_size(ndr, &r->in.domain_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.domain_name), ndr_get_array_length(ndr, &r->in.domain_name)); ++ size_domain_name_1 = ndr_get_array_size(ndr, &r->in.domain_name); ++ length_domain_name_1 = ndr_get_array_length(ndr, &r->in.domain_name); ++ if (length_domain_name_1 > size_domain_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_name_1, length_domain_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, length_domain_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_domain_guid)); +@@ -13144,11 +13590,13 @@ static enum ndr_err_code ndr_pull_netr_DsRGetDCNameEx2(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.site_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.site_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.site_name)); +- if (ndr_get_array_length(ndr, &r->in.site_name) > ndr_get_array_size(ndr, &r->in.site_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.site_name), ndr_get_array_length(ndr, &r->in.site_name)); ++ size_site_name_1 = ndr_get_array_size(ndr, &r->in.site_name); ++ length_site_name_1 = ndr_get_array_length(ndr, &r->in.site_name); ++ if (length_site_name_1 > size_site_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_site_name_1, length_site_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.site_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.site_name, ndr_get_array_length(ndr, &r->in.site_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_site_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.site_name, length_site_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_site_name_0, 0); + } + NDR_CHECK(ndr_pull_netr_DsRGetDCName_flags(ndr, NDR_SCALARS, &r->in.flags)); +@@ -13306,6 +13754,8 @@ static enum ndr_err_code ndr_push_netr_NetrEnumerateTrustedDomainsEx(struct ndr_ + static enum ndr_err_code ndr_pull_netr_NetrEnumerateTrustedDomainsEx(struct ndr_pull *ndr, int flags, struct netr_NetrEnumerateTrustedDomainsEx *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_dom_trust_list_0; + if (flags & NDR_IN) { +@@ -13322,11 +13772,13 @@ static enum ndr_err_code ndr_pull_netr_NetrEnumerateTrustedDomainsEx(struct ndr_ + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_PULL_ALLOC(ndr, r->out.dom_trust_list); +@@ -13415,6 +13867,9 @@ static enum ndr_err_code ndr_push_netr_DsRAddressToSitenamesExW(struct ndr_push + static enum ndr_err_code ndr_pull_netr_DsRAddressToSitenamesExW(struct ndr_pull *ndr, int flags, struct netr_DsRAddressToSitenamesExW *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_addresses_1 = 0; + uint32_t cntr_addresses_1; + uint32_t _ptr_ctr; + TALLOC_CTX *_mem_save_server_name_0; +@@ -13435,11 +13890,13 @@ static enum ndr_err_code ndr_pull_netr_DsRAddressToSitenamesExW(struct ndr_pull + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.count)); +@@ -13447,15 +13904,16 @@ static enum ndr_err_code ndr_pull_netr_DsRAddressToSitenamesExW(struct ndr_pull + return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.addresses)); ++ size_addresses_1 = ndr_get_array_size(ndr, &r->in.addresses); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +- NDR_PULL_ALLOC_N(ndr, r->in.addresses, ndr_get_array_size(ndr, &r->in.addresses)); ++ NDR_PULL_ALLOC_N(ndr, r->in.addresses, size_addresses_1); + } + _mem_save_addresses_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.addresses, 0); +- for (cntr_addresses_1 = 0; cntr_addresses_1 < r->in.count; cntr_addresses_1++) { ++ for (cntr_addresses_1 = 0; cntr_addresses_1 < size_addresses_1; cntr_addresses_1++) { + NDR_CHECK(ndr_pull_netr_DsRAddress(ndr, NDR_SCALARS, &r->in.addresses[cntr_addresses_1])); + } +- for (cntr_addresses_1 = 0; cntr_addresses_1 < r->in.count; cntr_addresses_1++) { ++ for (cntr_addresses_1 = 0; cntr_addresses_1 < size_addresses_1; cntr_addresses_1++) { + NDR_CHECK(ndr_pull_netr_DsRAddress(ndr, NDR_BUFFERS, &r->in.addresses[cntr_addresses_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_addresses_1, 0); +@@ -13564,6 +14022,8 @@ static enum ndr_err_code ndr_push_netr_DsrGetDcSiteCoverageW(struct ndr_push *nd + static enum ndr_err_code ndr_pull_netr_DsrGetDcSiteCoverageW(struct ndr_pull *ndr, int flags, struct netr_DsrGetDcSiteCoverageW *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_ctr_0; + if (flags & NDR_IN) { +@@ -13580,11 +14040,13 @@ static enum ndr_err_code ndr_pull_netr_DsrGetDcSiteCoverageW(struct ndr_pull *nd + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_PULL_ALLOC(ndr, r->out.ctr); +@@ -13685,7 +14147,11 @@ static enum ndr_err_code ndr_push_netr_LogonSamLogonEx(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_netr_LogonSamLogonEx(struct ndr_pull *ndr, int flags, struct netr_LogonSamLogonEx *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_computer_name; ++ uint32_t size_computer_name_1 = 0; ++ uint32_t length_computer_name_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_computer_name_0; + TALLOC_CTX *_mem_save_logon_0; +@@ -13706,11 +14172,13 @@ static enum ndr_err_code ndr_pull_netr_LogonSamLogonEx(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_computer_name)); +@@ -13724,11 +14192,13 @@ static enum ndr_err_code ndr_pull_netr_LogonSamLogonEx(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.computer_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computer_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computer_name)); +- if (ndr_get_array_length(ndr, &r->in.computer_name) > ndr_get_array_size(ndr, &r->in.computer_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computer_name), ndr_get_array_length(ndr, &r->in.computer_name)); ++ size_computer_name_1 = ndr_get_array_size(ndr, &r->in.computer_name); ++ length_computer_name_1 = ndr_get_array_length(ndr, &r->in.computer_name); ++ if (length_computer_name_1 > size_computer_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computer_name_1, length_computer_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computer_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, length_computer_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_computer_name_0, 0); + } + NDR_CHECK(ndr_pull_netr_LogonLevel(ndr, NDR_SCALARS, &r->in.logon_level)); +@@ -13865,6 +14335,8 @@ static enum ndr_err_code ndr_push_netr_DsrEnumerateDomainTrusts(struct ndr_push + static enum ndr_err_code ndr_pull_netr_DsrEnumerateDomainTrusts(struct ndr_pull *ndr, int flags, struct netr_DsrEnumerateDomainTrusts *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_trusts_0; + if (flags & NDR_IN) { +@@ -13881,11 +14353,13 @@ static enum ndr_err_code ndr_pull_netr_DsrEnumerateDomainTrusts(struct ndr_pull + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_netr_TrustFlags(ndr, NDR_SCALARS, &r->in.trust_flags)); +@@ -13979,9 +14453,15 @@ static enum ndr_err_code ndr_push_netr_DsrDeregisterDNSHostRecords(struct ndr_pu + static enum ndr_err_code ndr_pull_netr_DsrDeregisterDNSHostRecords(struct ndr_pull *ndr, int flags, struct netr_DsrDeregisterDNSHostRecords *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_domain; ++ uint32_t size_domain_1 = 0; ++ uint32_t length_domain_1 = 0; + uint32_t _ptr_domain_guid; + uint32_t _ptr_dsa_guid; ++ uint32_t size_dns_host_1 = 0; ++ uint32_t length_dns_host_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_domain_0; + TALLOC_CTX *_mem_save_domain_guid_0; +@@ -13998,11 +14478,13 @@ static enum ndr_err_code ndr_pull_netr_DsrDeregisterDNSHostRecords(struct ndr_pu + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_domain)); +@@ -14016,11 +14498,13 @@ static enum ndr_err_code ndr_pull_netr_DsrDeregisterDNSHostRecords(struct ndr_pu + NDR_PULL_SET_MEM_CTX(ndr, r->in.domain, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.domain)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.domain)); +- if (ndr_get_array_length(ndr, &r->in.domain) > ndr_get_array_size(ndr, &r->in.domain)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.domain), ndr_get_array_length(ndr, &r->in.domain)); ++ size_domain_1 = ndr_get_array_size(ndr, &r->in.domain); ++ length_domain_1 = ndr_get_array_length(ndr, &r->in.domain); ++ if (length_domain_1 > size_domain_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_1, length_domain_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.domain), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain, ndr_get_array_length(ndr, &r->in.domain), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain, length_domain_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_domain_guid)); +@@ -14049,11 +14533,13 @@ static enum ndr_err_code ndr_pull_netr_DsrDeregisterDNSHostRecords(struct ndr_pu + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.dns_host)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.dns_host)); +- if (ndr_get_array_length(ndr, &r->in.dns_host) > ndr_get_array_size(ndr, &r->in.dns_host)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.dns_host), ndr_get_array_length(ndr, &r->in.dns_host)); ++ size_dns_host_1 = ndr_get_array_size(ndr, &r->in.dns_host); ++ length_dns_host_1 = ndr_get_array_length(ndr, &r->in.dns_host); ++ if (length_dns_host_1 > size_dns_host_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dns_host_1, length_dns_host_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.dns_host), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dns_host, ndr_get_array_length(ndr, &r->in.dns_host), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dns_host_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dns_host, length_dns_host_1, sizeof(uint16_t), CH_UTF16)); + } + if (flags & NDR_OUT) { + NDR_CHECK(ndr_pull_WERROR(ndr, NDR_SCALARS, &r->out.result)); +@@ -14155,6 +14641,12 @@ static enum ndr_err_code ndr_push_netr_ServerTrustPasswordsGet(struct ndr_push * + static enum ndr_err_code ndr_pull_netr_ServerTrustPasswordsGet(struct ndr_pull *ndr, int flags, struct netr_ServerTrustPasswordsGet *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_account_name_0 = 0; ++ uint32_t length_account_name_0 = 0; ++ uint32_t size_computer_name_0 = 0; ++ uint32_t length_computer_name_0 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_credential_0; + TALLOC_CTX *_mem_save_return_authenticator_0; +@@ -14174,28 +14666,34 @@ static enum ndr_err_code ndr_pull_netr_ServerTrustPasswordsGet(struct ndr_pull * + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.account_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.account_name)); +- if (ndr_get_array_length(ndr, &r->in.account_name) > ndr_get_array_size(ndr, &r->in.account_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.account_name), ndr_get_array_length(ndr, &r->in.account_name)); ++ size_account_name_0 = ndr_get_array_size(ndr, &r->in.account_name); ++ length_account_name_0 = ndr_get_array_length(ndr, &r->in.account_name); ++ if (length_account_name_0 > size_account_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_account_name_0, length_account_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, ndr_get_array_length(ndr, &r->in.account_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_account_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_name, length_account_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_netr_SchannelType(ndr, NDR_SCALARS, &r->in.secure_channel_type)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computer_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computer_name)); +- if (ndr_get_array_length(ndr, &r->in.computer_name) > ndr_get_array_size(ndr, &r->in.computer_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computer_name), ndr_get_array_length(ndr, &r->in.computer_name)); ++ size_computer_name_0 = ndr_get_array_size(ndr, &r->in.computer_name); ++ length_computer_name_0 = ndr_get_array_length(ndr, &r->in.computer_name); ++ if (length_computer_name_0 > size_computer_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computer_name_0, length_computer_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computer_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, length_computer_name_0, sizeof(uint16_t), CH_UTF16)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.credential); + } +@@ -14318,7 +14816,11 @@ static enum ndr_err_code ndr_push_netr_DsRGetForestTrustInformation(struct ndr_p + static enum ndr_err_code ndr_pull_netr_DsRGetForestTrustInformation(struct ndr_pull *ndr, int flags, struct netr_DsRGetForestTrustInformation *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_trusted_domain_name; ++ uint32_t size_trusted_domain_name_1 = 0; ++ uint32_t length_trusted_domain_name_1 = 0; + uint32_t _ptr_forest_trust_info; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_trusted_domain_name_0; +@@ -14338,11 +14840,13 @@ static enum ndr_err_code ndr_pull_netr_DsRGetForestTrustInformation(struct ndr_p + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_trusted_domain_name)); +@@ -14356,11 +14860,13 @@ static enum ndr_err_code ndr_pull_netr_DsRGetForestTrustInformation(struct ndr_p + NDR_PULL_SET_MEM_CTX(ndr, r->in.trusted_domain_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.trusted_domain_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.trusted_domain_name)); +- if (ndr_get_array_length(ndr, &r->in.trusted_domain_name) > ndr_get_array_size(ndr, &r->in.trusted_domain_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.trusted_domain_name), ndr_get_array_length(ndr, &r->in.trusted_domain_name)); ++ size_trusted_domain_name_1 = ndr_get_array_size(ndr, &r->in.trusted_domain_name); ++ length_trusted_domain_name_1 = ndr_get_array_length(ndr, &r->in.trusted_domain_name); ++ if (length_trusted_domain_name_1 > size_trusted_domain_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_trusted_domain_name_1, length_trusted_domain_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.trusted_domain_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.trusted_domain_name, ndr_get_array_length(ndr, &r->in.trusted_domain_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_trusted_domain_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.trusted_domain_name, length_trusted_domain_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_trusted_domain_name_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.flags)); +@@ -14477,6 +14983,10 @@ static enum ndr_err_code ndr_push_netr_GetForestTrustInformation(struct ndr_push + static enum ndr_err_code ndr_pull_netr_GetForestTrustInformation(struct ndr_pull *ndr, int flags, struct netr_GetForestTrustInformation *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_trusted_domain_name_1 = 0; ++ uint32_t length_trusted_domain_name_1 = 0; + uint32_t _ptr_forest_trust_info; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_credential_0; +@@ -14497,20 +15007,24 @@ static enum ndr_err_code ndr_pull_netr_GetForestTrustInformation(struct ndr_pull + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.trusted_domain_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.trusted_domain_name)); +- if (ndr_get_array_length(ndr, &r->in.trusted_domain_name) > ndr_get_array_size(ndr, &r->in.trusted_domain_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.trusted_domain_name), ndr_get_array_length(ndr, &r->in.trusted_domain_name)); ++ size_trusted_domain_name_1 = ndr_get_array_size(ndr, &r->in.trusted_domain_name); ++ length_trusted_domain_name_1 = ndr_get_array_length(ndr, &r->in.trusted_domain_name); ++ if (length_trusted_domain_name_1 > size_trusted_domain_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_trusted_domain_name_1, length_trusted_domain_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.trusted_domain_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.trusted_domain_name, ndr_get_array_length(ndr, &r->in.trusted_domain_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_trusted_domain_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.trusted_domain_name, length_trusted_domain_name_1, sizeof(uint16_t), CH_UTF16)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.credential); + } +@@ -14664,7 +15178,11 @@ static enum ndr_err_code ndr_push_netr_LogonSamLogonWithFlags(struct ndr_push *n + static enum ndr_err_code ndr_pull_netr_LogonSamLogonWithFlags(struct ndr_pull *ndr, int flags, struct netr_LogonSamLogonWithFlags *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_computer_name; ++ uint32_t size_computer_name_1 = 0; ++ uint32_t length_computer_name_1 = 0; + uint32_t _ptr_credential; + uint32_t _ptr_return_authenticator; + TALLOC_CTX *_mem_save_server_name_0; +@@ -14688,11 +15206,13 @@ static enum ndr_err_code ndr_pull_netr_LogonSamLogonWithFlags(struct ndr_pull *n + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_computer_name)); +@@ -14706,11 +15226,13 @@ static enum ndr_err_code ndr_pull_netr_LogonSamLogonWithFlags(struct ndr_pull *n + NDR_PULL_SET_MEM_CTX(ndr, r->in.computer_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computer_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computer_name)); +- if (ndr_get_array_length(ndr, &r->in.computer_name) > ndr_get_array_size(ndr, &r->in.computer_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computer_name), ndr_get_array_length(ndr, &r->in.computer_name)); ++ size_computer_name_1 = ndr_get_array_size(ndr, &r->in.computer_name); ++ length_computer_name_1 = ndr_get_array_length(ndr, &r->in.computer_name); ++ if (length_computer_name_1 > size_computer_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computer_name_1, length_computer_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computer_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, length_computer_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_computer_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_credential)); +diff --git a/source/librpc/gen_ndr/ndr_notify.c b/source/librpc/gen_ndr/ndr_notify.c +index 00ba8bc..f390b9e 100644 +--- a/source/librpc/gen_ndr/ndr_notify.c ++++ b/source/librpc/gen_ndr/ndr_notify.c +@@ -82,6 +82,7 @@ static enum ndr_err_code ndr_push_notify_depth(struct ndr_push *ndr, int ndr_fla + + static enum ndr_err_code ndr_pull_notify_depth(struct ndr_pull *ndr, int ndr_flags, struct notify_depth *r) + { ++ uint32_t size_entries_0 = 0; + uint32_t cntr_entries_0; + TALLOC_CTX *_mem_save_entries_0; + if (ndr_flags & NDR_SCALARS) { +@@ -89,18 +90,20 @@ static enum ndr_err_code ndr_pull_notify_depth(struct ndr_pull *ndr, int ndr_fla + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->max_mask)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->max_mask_subdir)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->num_entries)); +- NDR_PULL_ALLOC_N(ndr, r->entries, r->num_entries); ++ size_entries_0 = r->num_entries; ++ NDR_PULL_ALLOC_N(ndr, r->entries, size_entries_0); + _mem_save_entries_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->entries, 0); +- for (cntr_entries_0 = 0; cntr_entries_0 < r->num_entries; cntr_entries_0++) { ++ for (cntr_entries_0 = 0; cntr_entries_0 < size_entries_0; cntr_entries_0++) { + NDR_CHECK(ndr_pull_notify_entry(ndr, NDR_SCALARS, &r->entries[cntr_entries_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_entries_0, 0); + } + if (ndr_flags & NDR_BUFFERS) { ++ size_entries_0 = r->num_entries; + _mem_save_entries_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->entries, 0); +- for (cntr_entries_0 = 0; cntr_entries_0 < r->num_entries; cntr_entries_0++) { ++ for (cntr_entries_0 = 0; cntr_entries_0 < size_entries_0; cntr_entries_0++) { + NDR_CHECK(ndr_pull_notify_entry(ndr, NDR_BUFFERS, &r->entries[cntr_entries_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_entries_0, 0); +@@ -149,23 +152,26 @@ _PUBLIC_ enum ndr_err_code ndr_push_notify_array(struct ndr_push *ndr, int ndr_f + + _PUBLIC_ enum ndr_err_code ndr_pull_notify_array(struct ndr_pull *ndr, int ndr_flags, struct notify_array *r) + { ++ uint32_t size_depth_0 = 0; + uint32_t cntr_depth_0; + TALLOC_CTX *_mem_save_depth_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 8)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->num_depths)); +- NDR_PULL_ALLOC_N(ndr, r->depth, r->num_depths); ++ size_depth_0 = r->num_depths; ++ NDR_PULL_ALLOC_N(ndr, r->depth, size_depth_0); + _mem_save_depth_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->depth, 0); +- for (cntr_depth_0 = 0; cntr_depth_0 < r->num_depths; cntr_depth_0++) { ++ for (cntr_depth_0 = 0; cntr_depth_0 < size_depth_0; cntr_depth_0++) { + NDR_CHECK(ndr_pull_notify_depth(ndr, NDR_SCALARS, &r->depth[cntr_depth_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_depth_0, 0); + } + if (ndr_flags & NDR_BUFFERS) { ++ size_depth_0 = r->num_depths; + _mem_save_depth_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->depth, 0); +- for (cntr_depth_0 = 0; cntr_depth_0 < r->num_depths; cntr_depth_0++) { ++ for (cntr_depth_0 = 0; cntr_depth_0 < size_depth_0; cntr_depth_0++) { + NDR_CHECK(ndr_pull_notify_depth(ndr, NDR_BUFFERS, &r->depth[cntr_depth_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_depth_0, 0); +diff --git a/source/librpc/gen_ndr/ndr_ntsvcs.c b/source/librpc/gen_ndr/ndr_ntsvcs.c +index 77b418d..a1f9b28 100644 +--- a/source/librpc/gen_ndr/ndr_ntsvcs.c ++++ b/source/librpc/gen_ndr/ndr_ntsvcs.c +@@ -21,11 +21,13 @@ static enum ndr_err_code ndr_push_PNP_HwProfInfo(struct ndr_push *ndr, int ndr_f + + static enum ndr_err_code ndr_pull_PNP_HwProfInfo(struct ndr_pull *ndr, int ndr_flags, struct PNP_HwProfInfo *r) + { ++ uint32_t size_friendly_name_0 = 0; + uint32_t cntr_friendly_name_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->profile_handle)); +- for (cntr_friendly_name_0 = 0; cntr_friendly_name_0 < 80; cntr_friendly_name_0++) { ++ size_friendly_name_0 = 80; ++ for (cntr_friendly_name_0 = 0; cntr_friendly_name_0 < size_friendly_name_0; cntr_friendly_name_0++) { + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->friendly_name[cntr_friendly_name_0])); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->flags)); +@@ -341,14 +343,18 @@ static enum ndr_err_code ndr_push_PNP_ValidateDeviceInstance(struct ndr_push *nd + + static enum ndr_err_code ndr_pull_PNP_ValidateDeviceInstance(struct ndr_pull *ndr, int flags, struct PNP_ValidateDeviceInstance *r) + { ++ uint32_t size_devicepath_1 = 0; ++ uint32_t length_devicepath_1 = 0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.devicepath)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.devicepath)); +- if (ndr_get_array_length(ndr, &r->in.devicepath) > ndr_get_array_size(ndr, &r->in.devicepath)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.devicepath), ndr_get_array_length(ndr, &r->in.devicepath)); ++ size_devicepath_1 = ndr_get_array_size(ndr, &r->in.devicepath); ++ length_devicepath_1 = ndr_get_array_length(ndr, &r->in.devicepath); ++ if (length_devicepath_1 > size_devicepath_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_devicepath_1, length_devicepath_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.devicepath), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.devicepath, ndr_get_array_length(ndr, &r->in.devicepath), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_devicepath_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.devicepath, length_devicepath_1, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.flags)); + } + if (flags & NDR_OUT) { +@@ -572,6 +578,8 @@ static enum ndr_err_code ndr_push_PNP_GetDeviceListSize(struct ndr_push *ndr, in + static enum ndr_err_code ndr_pull_PNP_GetDeviceListSize(struct ndr_pull *ndr, int flags, struct PNP_GetDeviceListSize *r) + { + uint32_t _ptr_devicename; ++ uint32_t size_devicename_1 = 0; ++ uint32_t length_devicename_1 = 0; + TALLOC_CTX *_mem_save_devicename_0; + TALLOC_CTX *_mem_save_size_0; + if (flags & NDR_IN) { +@@ -588,11 +596,13 @@ static enum ndr_err_code ndr_pull_PNP_GetDeviceListSize(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.devicename, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.devicename)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.devicename)); +- if (ndr_get_array_length(ndr, &r->in.devicename) > ndr_get_array_size(ndr, &r->in.devicename)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.devicename), ndr_get_array_length(ndr, &r->in.devicename)); ++ size_devicename_1 = ndr_get_array_size(ndr, &r->in.devicename); ++ length_devicename_1 = ndr_get_array_length(ndr, &r->in.devicename); ++ if (length_devicename_1 > size_devicename_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_devicename_1, length_devicename_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.devicename), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.devicename, ndr_get_array_length(ndr, &r->in.devicename), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_devicename_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.devicename, length_devicename_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_devicename_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.flags)); +@@ -1848,9 +1858,15 @@ static enum ndr_err_code ndr_push_PNP_HwProfFlags(struct ndr_push *ndr, int flag + + static enum ndr_err_code ndr_pull_PNP_HwProfFlags(struct ndr_pull *ndr, int flags, struct PNP_HwProfFlags *r) + { ++ uint32_t size_devicepath_1 = 0; ++ uint32_t length_devicepath_1 = 0; + uint32_t _ptr_unknown4; + uint32_t _ptr_unknown5; ++ uint32_t size_unknown5_1 = 0; ++ uint32_t length_unknown5_1 = 0; + uint32_t _ptr_unknown5a; ++ uint32_t size_unknown5a_2 = 0; ++ uint32_t length_unknown5a_2 = 0; + TALLOC_CTX *_mem_save_unknown3_0; + TALLOC_CTX *_mem_save_unknown4_0; + TALLOC_CTX *_mem_save_unknown5_0; +@@ -1862,11 +1878,13 @@ static enum ndr_err_code ndr_pull_PNP_HwProfFlags(struct ndr_pull *ndr, int flag + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.unknown1)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.devicepath)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.devicepath)); +- if (ndr_get_array_length(ndr, &r->in.devicepath) > ndr_get_array_size(ndr, &r->in.devicepath)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.devicepath), ndr_get_array_length(ndr, &r->in.devicepath)); ++ size_devicepath_1 = ndr_get_array_size(ndr, &r->in.devicepath); ++ length_devicepath_1 = ndr_get_array_length(ndr, &r->in.devicepath); ++ if (length_devicepath_1 > size_devicepath_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_devicepath_1, length_devicepath_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.devicepath), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.devicepath, ndr_get_array_length(ndr, &r->in.devicepath), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_devicepath_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.devicepath, length_devicepath_1, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.unknown2)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.unknown3); +@@ -1898,11 +1916,13 @@ static enum ndr_err_code ndr_pull_PNP_HwProfFlags(struct ndr_pull *ndr, int flag + NDR_PULL_SET_MEM_CTX(ndr, r->in.unknown5, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.unknown5)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.unknown5)); +- if (ndr_get_array_length(ndr, &r->in.unknown5) > ndr_get_array_size(ndr, &r->in.unknown5)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.unknown5), ndr_get_array_length(ndr, &r->in.unknown5)); ++ size_unknown5_1 = ndr_get_array_size(ndr, &r->in.unknown5); ++ length_unknown5_1 = ndr_get_array_length(ndr, &r->in.unknown5); ++ if (length_unknown5_1 > size_unknown5_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_unknown5_1, length_unknown5_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.unknown5), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.unknown5, ndr_get_array_length(ndr, &r->in.unknown5), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_unknown5_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.unknown5, length_unknown5_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_unknown5_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.unknown6)); +@@ -1950,11 +1970,13 @@ static enum ndr_err_code ndr_pull_PNP_HwProfFlags(struct ndr_pull *ndr, int flag + NDR_PULL_SET_MEM_CTX(ndr, *r->out.unknown5a, 0); + NDR_CHECK(ndr_pull_array_size(ndr, r->out.unknown5a)); + NDR_CHECK(ndr_pull_array_length(ndr, r->out.unknown5a)); +- if (ndr_get_array_length(ndr, r->out.unknown5a) > ndr_get_array_size(ndr, r->out.unknown5a)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, r->out.unknown5a), ndr_get_array_length(ndr, r->out.unknown5a)); ++ size_unknown5a_2 = ndr_get_array_size(ndr, r->out.unknown5a); ++ length_unknown5a_2 = ndr_get_array_length(ndr, r->out.unknown5a); ++ if (length_unknown5a_2 > size_unknown5a_2) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_unknown5a_2, length_unknown5a_2); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, r->out.unknown5a), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.unknown5a, ndr_get_array_length(ndr, r->out.unknown5a), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_unknown5a_2, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.unknown5a, length_unknown5a_2, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_unknown5a_1, 0); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_unknown5a_0, 0); +diff --git a/source/librpc/gen_ndr/ndr_samr.c b/source/librpc/gen_ndr/ndr_samr.c +index 62676d2..a0f03f1 100644 +--- a/source/librpc/gen_ndr/ndr_samr.c ++++ b/source/librpc/gen_ndr/ndr_samr.c +@@ -249,6 +249,7 @@ static enum ndr_err_code ndr_push_samr_SamArray(struct ndr_push *ndr, int ndr_fl + static enum ndr_err_code ndr_pull_samr_SamArray(struct ndr_pull *ndr, int ndr_flags, struct samr_SamArray *r) + { + uint32_t _ptr_entries; ++ uint32_t size_entries_1 = 0; + uint32_t cntr_entries_1; + TALLOC_CTX *_mem_save_entries_0; + TALLOC_CTX *_mem_save_entries_1; +@@ -267,13 +268,14 @@ static enum ndr_err_code ndr_pull_samr_SamArray(struct ndr_pull *ndr, int ndr_fl + _mem_save_entries_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->entries, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->entries)); +- NDR_PULL_ALLOC_N(ndr, r->entries, ndr_get_array_size(ndr, &r->entries)); ++ size_entries_1 = ndr_get_array_size(ndr, &r->entries); ++ NDR_PULL_ALLOC_N(ndr, r->entries, size_entries_1); + _mem_save_entries_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->entries, 0); +- for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { ++ for (cntr_entries_1 = 0; cntr_entries_1 < size_entries_1; cntr_entries_1++) { + NDR_CHECK(ndr_pull_samr_SamEntry(ndr, NDR_SCALARS, &r->entries[cntr_entries_1])); + } +- for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { ++ for (cntr_entries_1 = 0; cntr_entries_1 < size_entries_1; cntr_entries_1++) { + NDR_CHECK(ndr_pull_samr_SamEntry(ndr, NDR_BUFFERS, &r->entries[cntr_entries_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_entries_1, 0); +@@ -1110,6 +1112,7 @@ static enum ndr_err_code ndr_push_samr_Ids(struct ndr_push *ndr, int ndr_flags, + static enum ndr_err_code ndr_pull_samr_Ids(struct ndr_pull *ndr, int ndr_flags, struct samr_Ids *r) + { + uint32_t _ptr_ids; ++ uint32_t size_ids_1 = 0; + uint32_t cntr_ids_1; + TALLOC_CTX *_mem_save_ids_0; + TALLOC_CTX *_mem_save_ids_1; +@@ -1131,10 +1134,11 @@ static enum ndr_err_code ndr_pull_samr_Ids(struct ndr_pull *ndr, int ndr_flags, + _mem_save_ids_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->ids, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->ids)); +- NDR_PULL_ALLOC_N(ndr, r->ids, ndr_get_array_size(ndr, &r->ids)); ++ size_ids_1 = ndr_get_array_size(ndr, &r->ids); ++ NDR_PULL_ALLOC_N(ndr, r->ids, size_ids_1); + _mem_save_ids_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->ids, 0); +- for (cntr_ids_1 = 0; cntr_ids_1 < r->count; cntr_ids_1++) { ++ for (cntr_ids_1 = 0; cntr_ids_1 < size_ids_1; cntr_ids_1++) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->ids[cntr_ids_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_ids_1, 0); +@@ -1483,10 +1487,12 @@ static enum ndr_err_code ndr_push_samr_RidTypeArray(struct ndr_push *ndr, int nd + static enum ndr_err_code ndr_pull_samr_RidTypeArray(struct ndr_pull *ndr, int ndr_flags, struct samr_RidTypeArray *r) + { + uint32_t _ptr_rids; ++ uint32_t size_rids_1 = 0; + uint32_t cntr_rids_1; + TALLOC_CTX *_mem_save_rids_0; + TALLOC_CTX *_mem_save_rids_1; + uint32_t _ptr_types; ++ uint32_t size_types_1 = 0; + uint32_t cntr_types_1; + TALLOC_CTX *_mem_save_types_0; + TALLOC_CTX *_mem_save_types_1; +@@ -1511,10 +1517,11 @@ static enum ndr_err_code ndr_pull_samr_RidTypeArray(struct ndr_pull *ndr, int nd + _mem_save_rids_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->rids, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->rids)); +- NDR_PULL_ALLOC_N(ndr, r->rids, ndr_get_array_size(ndr, &r->rids)); ++ size_rids_1 = ndr_get_array_size(ndr, &r->rids); ++ NDR_PULL_ALLOC_N(ndr, r->rids, size_rids_1); + _mem_save_rids_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->rids, 0); +- for (cntr_rids_1 = 0; cntr_rids_1 < r->count; cntr_rids_1++) { ++ for (cntr_rids_1 = 0; cntr_rids_1 < size_rids_1; cntr_rids_1++) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->rids[cntr_rids_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_rids_1, 0); +@@ -1524,10 +1531,11 @@ static enum ndr_err_code ndr_pull_samr_RidTypeArray(struct ndr_pull *ndr, int nd + _mem_save_types_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->types, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->types)); +- NDR_PULL_ALLOC_N(ndr, r->types, ndr_get_array_size(ndr, &r->types)); ++ size_types_1 = ndr_get_array_size(ndr, &r->types); ++ NDR_PULL_ALLOC_N(ndr, r->types, size_types_1); + _mem_save_types_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->types, 0); +- for (cntr_types_1 = 0; cntr_types_1 < r->count; cntr_types_1++) { ++ for (cntr_types_1 = 0; cntr_types_1 < size_types_1; cntr_types_1++) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->types[cntr_types_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_types_1, 0); +@@ -1883,6 +1891,8 @@ _PUBLIC_ enum ndr_err_code ndr_push_samr_LogonHours(struct ndr_push *ndr, int nd + _PUBLIC_ enum ndr_err_code ndr_pull_samr_LogonHours(struct ndr_pull *ndr, int ndr_flags, struct samr_LogonHours *r) + { + uint32_t _ptr_bits; ++ uint32_t size_bits_1 = 0; ++ uint32_t length_bits_1 = 0; + TALLOC_CTX *_mem_save_bits_0; + { + uint32_t _flags_save_STRUCT = ndr->flags; +@@ -1903,11 +1913,13 @@ _PUBLIC_ enum ndr_err_code ndr_pull_samr_LogonHours(struct ndr_pull *ndr, int nd + NDR_PULL_SET_MEM_CTX(ndr, r->bits, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->bits)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->bits)); +- if (ndr_get_array_length(ndr, &r->bits) > ndr_get_array_size(ndr, &r->bits)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->bits), ndr_get_array_length(ndr, &r->bits)); ++ size_bits_1 = ndr_get_array_size(ndr, &r->bits); ++ length_bits_1 = ndr_get_array_length(ndr, &r->bits); ++ if (length_bits_1 > size_bits_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_bits_1, length_bits_1); + } +- NDR_PULL_ALLOC_N(ndr, r->bits, ndr_get_array_size(ndr, &r->bits)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->bits, ndr_get_array_length(ndr, &r->bits))); ++ NDR_PULL_ALLOC_N(ndr, r->bits, size_bits_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->bits, length_bits_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_bits_0, 0); + } + if (r->bits) { +@@ -2543,12 +2555,14 @@ _PUBLIC_ enum ndr_err_code ndr_push_samr_Password(struct ndr_push *ndr, int ndr_ + + _PUBLIC_ enum ndr_err_code ndr_pull_samr_Password(struct ndr_pull *ndr, int ndr_flags, struct samr_Password *r) + { ++ uint32_t size_hash_0 = 0; + { + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 1)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->hash, 16)); ++ size_hash_0 = 16; ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->hash, size_hash_0)); + } + if (ndr_flags & NDR_BUFFERS) { + } +@@ -2757,6 +2771,7 @@ static enum ndr_err_code ndr_push_samr_UserInfo21(struct ndr_push *ndr, int ndr_ + static enum ndr_err_code ndr_pull_samr_UserInfo21(struct ndr_pull *ndr, int ndr_flags, struct samr_UserInfo21 *r) + { + uint32_t _ptr_buffer; ++ uint32_t size_buffer_1 = 0; + TALLOC_CTX *_mem_save_buffer_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -2818,8 +2833,9 @@ static enum ndr_err_code ndr_pull_samr_UserInfo21(struct ndr_pull *ndr, int ndr_ + _mem_save_buffer_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->buffer, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->buffer)); +- NDR_PULL_ALLOC_N(ndr, r->buffer, ndr_get_array_size(ndr, &r->buffer)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->buffer, ndr_get_array_size(ndr, &r->buffer))); ++ size_buffer_1 = ndr_get_array_size(ndr, &r->buffer); ++ NDR_PULL_ALLOC_N(ndr, r->buffer, size_buffer_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->buffer, size_buffer_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_buffer_0, 0); + } + NDR_CHECK(ndr_pull_samr_LogonHours(ndr, NDR_BUFFERS, &r->logon_hours)); +@@ -2894,12 +2910,14 @@ _PUBLIC_ enum ndr_err_code ndr_push_samr_CryptPassword(struct ndr_push *ndr, int + + _PUBLIC_ enum ndr_err_code ndr_pull_samr_CryptPassword(struct ndr_pull *ndr, int ndr_flags, struct samr_CryptPassword *r) + { ++ uint32_t size_data_0 = 0; + { + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 1)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, 516)); ++ size_data_0 = 516; ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, size_data_0)); + } + if (ndr_flags & NDR_BUFFERS) { + } +@@ -3007,12 +3025,14 @@ static enum ndr_err_code ndr_push_samr_CryptPasswordEx(struct ndr_push *ndr, int + + static enum ndr_err_code ndr_pull_samr_CryptPasswordEx(struct ndr_pull *ndr, int ndr_flags, struct samr_CryptPasswordEx *r) + { ++ uint32_t size_data_0 = 0; + { + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 1)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, 532)); ++ size_data_0 = 532; ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, size_data_0)); + } + if (ndr_flags & NDR_BUFFERS) { + } +@@ -3660,6 +3680,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_samr_RidWithAttributeArray(struct ndr_push * + _PUBLIC_ enum ndr_err_code ndr_pull_samr_RidWithAttributeArray(struct ndr_pull *ndr, int ndr_flags, struct samr_RidWithAttributeArray *r) + { + uint32_t _ptr_rids; ++ uint32_t size_rids_1 = 0; + uint32_t cntr_rids_1; + TALLOC_CTX *_mem_save_rids_0; + TALLOC_CTX *_mem_save_rids_1; +@@ -3678,10 +3699,11 @@ _PUBLIC_ enum ndr_err_code ndr_pull_samr_RidWithAttributeArray(struct ndr_pull * + _mem_save_rids_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->rids, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->rids)); +- NDR_PULL_ALLOC_N(ndr, r->rids, ndr_get_array_size(ndr, &r->rids)); ++ size_rids_1 = ndr_get_array_size(ndr, &r->rids); ++ NDR_PULL_ALLOC_N(ndr, r->rids, size_rids_1); + _mem_save_rids_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->rids, 0); +- for (cntr_rids_1 = 0; cntr_rids_1 < r->count; cntr_rids_1++) { ++ for (cntr_rids_1 = 0; cntr_rids_1 < size_rids_1; cntr_rids_1++) { + NDR_CHECK(ndr_pull_samr_RidWithAttribute(ndr, NDR_SCALARS, &r->rids[cntr_rids_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_rids_1, 0); +@@ -3794,6 +3816,7 @@ static enum ndr_err_code ndr_push_samr_DispInfoGeneral(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_samr_DispInfoGeneral(struct ndr_pull *ndr, int ndr_flags, struct samr_DispInfoGeneral *r) + { + uint32_t _ptr_entries; ++ uint32_t size_entries_1 = 0; + uint32_t cntr_entries_1; + TALLOC_CTX *_mem_save_entries_0; + TALLOC_CTX *_mem_save_entries_1; +@@ -3812,13 +3835,14 @@ static enum ndr_err_code ndr_pull_samr_DispInfoGeneral(struct ndr_pull *ndr, int + _mem_save_entries_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->entries, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->entries)); +- NDR_PULL_ALLOC_N(ndr, r->entries, ndr_get_array_size(ndr, &r->entries)); ++ size_entries_1 = ndr_get_array_size(ndr, &r->entries); ++ NDR_PULL_ALLOC_N(ndr, r->entries, size_entries_1); + _mem_save_entries_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->entries, 0); +- for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { ++ for (cntr_entries_1 = 0; cntr_entries_1 < size_entries_1; cntr_entries_1++) { + NDR_CHECK(ndr_pull_samr_DispEntryGeneral(ndr, NDR_SCALARS, &r->entries[cntr_entries_1])); + } +- for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { ++ for (cntr_entries_1 = 0; cntr_entries_1 < size_entries_1; cntr_entries_1++) { + NDR_CHECK(ndr_pull_samr_DispEntryGeneral(ndr, NDR_BUFFERS, &r->entries[cntr_entries_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_entries_1, 0); +@@ -3926,6 +3950,7 @@ static enum ndr_err_code ndr_push_samr_DispInfoFull(struct ndr_push *ndr, int nd + static enum ndr_err_code ndr_pull_samr_DispInfoFull(struct ndr_pull *ndr, int ndr_flags, struct samr_DispInfoFull *r) + { + uint32_t _ptr_entries; ++ uint32_t size_entries_1 = 0; + uint32_t cntr_entries_1; + TALLOC_CTX *_mem_save_entries_0; + TALLOC_CTX *_mem_save_entries_1; +@@ -3944,13 +3969,14 @@ static enum ndr_err_code ndr_pull_samr_DispInfoFull(struct ndr_pull *ndr, int nd + _mem_save_entries_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->entries, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->entries)); +- NDR_PULL_ALLOC_N(ndr, r->entries, ndr_get_array_size(ndr, &r->entries)); ++ size_entries_1 = ndr_get_array_size(ndr, &r->entries); ++ NDR_PULL_ALLOC_N(ndr, r->entries, size_entries_1); + _mem_save_entries_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->entries, 0); +- for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { ++ for (cntr_entries_1 = 0; cntr_entries_1 < size_entries_1; cntr_entries_1++) { + NDR_CHECK(ndr_pull_samr_DispEntryFull(ndr, NDR_SCALARS, &r->entries[cntr_entries_1])); + } +- for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { ++ for (cntr_entries_1 = 0; cntr_entries_1 < size_entries_1; cntr_entries_1++) { + NDR_CHECK(ndr_pull_samr_DispEntryFull(ndr, NDR_BUFFERS, &r->entries[cntr_entries_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_entries_1, 0); +@@ -4058,6 +4084,7 @@ static enum ndr_err_code ndr_push_samr_DispInfoFullGroups(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_samr_DispInfoFullGroups(struct ndr_pull *ndr, int ndr_flags, struct samr_DispInfoFullGroups *r) + { + uint32_t _ptr_entries; ++ uint32_t size_entries_1 = 0; + uint32_t cntr_entries_1; + TALLOC_CTX *_mem_save_entries_0; + TALLOC_CTX *_mem_save_entries_1; +@@ -4076,13 +4103,14 @@ static enum ndr_err_code ndr_pull_samr_DispInfoFullGroups(struct ndr_pull *ndr, + _mem_save_entries_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->entries, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->entries)); +- NDR_PULL_ALLOC_N(ndr, r->entries, ndr_get_array_size(ndr, &r->entries)); ++ size_entries_1 = ndr_get_array_size(ndr, &r->entries); ++ NDR_PULL_ALLOC_N(ndr, r->entries, size_entries_1); + _mem_save_entries_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->entries, 0); +- for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { ++ for (cntr_entries_1 = 0; cntr_entries_1 < size_entries_1; cntr_entries_1++) { + NDR_CHECK(ndr_pull_samr_DispEntryFullGroup(ndr, NDR_SCALARS, &r->entries[cntr_entries_1])); + } +- for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { ++ for (cntr_entries_1 = 0; cntr_entries_1 < size_entries_1; cntr_entries_1++) { + NDR_CHECK(ndr_pull_samr_DispEntryFullGroup(ndr, NDR_BUFFERS, &r->entries[cntr_entries_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_entries_1, 0); +@@ -4179,6 +4207,7 @@ static enum ndr_err_code ndr_push_samr_DispInfoAscii(struct ndr_push *ndr, int n + static enum ndr_err_code ndr_pull_samr_DispInfoAscii(struct ndr_pull *ndr, int ndr_flags, struct samr_DispInfoAscii *r) + { + uint32_t _ptr_entries; ++ uint32_t size_entries_1 = 0; + uint32_t cntr_entries_1; + TALLOC_CTX *_mem_save_entries_0; + TALLOC_CTX *_mem_save_entries_1; +@@ -4197,13 +4226,14 @@ static enum ndr_err_code ndr_pull_samr_DispInfoAscii(struct ndr_pull *ndr, int n + _mem_save_entries_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->entries, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->entries)); +- NDR_PULL_ALLOC_N(ndr, r->entries, ndr_get_array_size(ndr, &r->entries)); ++ size_entries_1 = ndr_get_array_size(ndr, &r->entries); ++ NDR_PULL_ALLOC_N(ndr, r->entries, size_entries_1); + _mem_save_entries_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->entries, 0); +- for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { ++ for (cntr_entries_1 = 0; cntr_entries_1 < size_entries_1; cntr_entries_1++) { + NDR_CHECK(ndr_pull_samr_DispEntryAscii(ndr, NDR_SCALARS, &r->entries[cntr_entries_1])); + } +- for (cntr_entries_1 = 0; cntr_entries_1 < r->count; cntr_entries_1++) { ++ for (cntr_entries_1 = 0; cntr_entries_1 < size_entries_1; cntr_entries_1++) { + NDR_CHECK(ndr_pull_samr_DispEntryAscii(ndr, NDR_BUFFERS, &r->entries[cntr_entries_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_entries_1, 0); +@@ -4700,6 +4730,7 @@ static enum ndr_err_code ndr_push_samr_ValidationBlob(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_samr_ValidationBlob(struct ndr_pull *ndr, int ndr_flags, struct samr_ValidationBlob *r) + { + uint32_t _ptr_data; ++ uint32_t size_data_1 = 0; + TALLOC_CTX *_mem_save_data_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -4716,8 +4747,9 @@ static enum ndr_err_code ndr_pull_samr_ValidationBlob(struct ndr_pull *ndr, int + _mem_save_data_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->data, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->data)); +- NDR_PULL_ALLOC_N(ndr, r->data, ndr_get_array_size(ndr, &r->data)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, ndr_get_array_size(ndr, &r->data))); ++ size_data_1 = ndr_get_array_size(ndr, &r->data); ++ NDR_PULL_ALLOC_N(ndr, r->data, size_data_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, size_data_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_data_0, 0); + } + if (r->data) { +@@ -4771,6 +4803,7 @@ static enum ndr_err_code ndr_push_samr_ValidatePasswordInfo(struct ndr_push *ndr + static enum ndr_err_code ndr_pull_samr_ValidatePasswordInfo(struct ndr_pull *ndr, int ndr_flags, struct samr_ValidatePasswordInfo *r) + { + uint32_t _ptr_pwd_history; ++ uint32_t size_pwd_history_1 = 0; + uint32_t cntr_pwd_history_1; + TALLOC_CTX *_mem_save_pwd_history_0; + TALLOC_CTX *_mem_save_pwd_history_1; +@@ -4794,13 +4827,14 @@ static enum ndr_err_code ndr_pull_samr_ValidatePasswordInfo(struct ndr_pull *ndr + _mem_save_pwd_history_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->pwd_history, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->pwd_history)); +- NDR_PULL_ALLOC_N(ndr, r->pwd_history, ndr_get_array_size(ndr, &r->pwd_history)); ++ size_pwd_history_1 = ndr_get_array_size(ndr, &r->pwd_history); ++ NDR_PULL_ALLOC_N(ndr, r->pwd_history, size_pwd_history_1); + _mem_save_pwd_history_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->pwd_history, 0); +- for (cntr_pwd_history_1 = 0; cntr_pwd_history_1 < r->pwd_history_len; cntr_pwd_history_1++) { ++ for (cntr_pwd_history_1 = 0; cntr_pwd_history_1 < size_pwd_history_1; cntr_pwd_history_1++) { + NDR_CHECK(ndr_pull_samr_ValidationBlob(ndr, NDR_SCALARS, &r->pwd_history[cntr_pwd_history_1])); + } +- for (cntr_pwd_history_1 = 0; cntr_pwd_history_1 < r->pwd_history_len; cntr_pwd_history_1++) { ++ for (cntr_pwd_history_1 = 0; cntr_pwd_history_1 < size_pwd_history_1; cntr_pwd_history_1++) { + NDR_CHECK(ndr_pull_samr_ValidationBlob(ndr, NDR_BUFFERS, &r->pwd_history[cntr_pwd_history_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_pwd_history_1, 0); +@@ -7117,6 +7151,8 @@ _PUBLIC_ enum ndr_err_code ndr_push_samr_LookupNames(struct ndr_push *ndr, int f + + _PUBLIC_ enum ndr_err_code ndr_pull_samr_LookupNames(struct ndr_pull *ndr, int flags, struct samr_LookupNames *r) + { ++ uint32_t size_names_0 = 0; ++ uint32_t length_names_0 = 0; + uint32_t cntr_names_0; + TALLOC_CTX *_mem_save_domain_handle_0; + TALLOC_CTX *_mem_save_names_0; +@@ -7138,16 +7174,18 @@ _PUBLIC_ enum ndr_err_code ndr_pull_samr_LookupNames(struct ndr_pull *ndr, int f + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.names)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.names)); +- if (ndr_get_array_length(ndr, &r->in.names) > ndr_get_array_size(ndr, &r->in.names)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.names), ndr_get_array_length(ndr, &r->in.names)); ++ size_names_0 = ndr_get_array_size(ndr, &r->in.names); ++ length_names_0 = ndr_get_array_length(ndr, &r->in.names); ++ if (length_names_0 > size_names_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_names_0, length_names_0); + } +- NDR_PULL_ALLOC_N(ndr, r->in.names, ndr_get_array_size(ndr, &r->in.names)); ++ NDR_PULL_ALLOC_N(ndr, r->in.names, size_names_0); + _mem_save_names_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.names, 0); +- for (cntr_names_0 = 0; cntr_names_0 < r->in.num_names; cntr_names_0++) { ++ for (cntr_names_0 = 0; cntr_names_0 < length_names_0; cntr_names_0++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->in.names[cntr_names_0])); + } +- for (cntr_names_0 = 0; cntr_names_0 < r->in.num_names; cntr_names_0++) { ++ for (cntr_names_0 = 0; cntr_names_0 < length_names_0; cntr_names_0++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->in.names[cntr_names_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_names_0, 0); +@@ -7259,6 +7297,8 @@ static enum ndr_err_code ndr_push_samr_LookupRids(struct ndr_push *ndr, int flag + + static enum ndr_err_code ndr_pull_samr_LookupRids(struct ndr_pull *ndr, int flags, struct samr_LookupRids *r) + { ++ uint32_t size_rids_0 = 0; ++ uint32_t length_rids_0 = 0; + uint32_t cntr_rids_0; + TALLOC_CTX *_mem_save_domain_handle_0; + TALLOC_CTX *_mem_save_rids_0; +@@ -7280,13 +7320,15 @@ static enum ndr_err_code ndr_pull_samr_LookupRids(struct ndr_pull *ndr, int flag + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.rids)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.rids)); +- if (ndr_get_array_length(ndr, &r->in.rids) > ndr_get_array_size(ndr, &r->in.rids)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.rids), ndr_get_array_length(ndr, &r->in.rids)); ++ size_rids_0 = ndr_get_array_size(ndr, &r->in.rids); ++ length_rids_0 = ndr_get_array_length(ndr, &r->in.rids); ++ if (length_rids_0 > size_rids_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_rids_0, length_rids_0); + } +- NDR_PULL_ALLOC_N(ndr, r->in.rids, ndr_get_array_size(ndr, &r->in.rids)); ++ NDR_PULL_ALLOC_N(ndr, r->in.rids, size_rids_0); + _mem_save_rids_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.rids, 0); +- for (cntr_rids_0 = 0; cntr_rids_0 < r->in.num_rids; cntr_rids_0++) { ++ for (cntr_rids_0 = 0; cntr_rids_0 < length_rids_0; cntr_rids_0++) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.rids[cntr_rids_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_rids_0, 0); +@@ -10937,6 +10979,8 @@ static enum ndr_err_code ndr_push_samr_Connect2(struct ndr_push *ndr, int flags, + static enum ndr_err_code ndr_pull_samr_Connect2(struct ndr_pull *ndr, int flags, struct samr_Connect2 *r) + { + uint32_t _ptr_system_name; ++ uint32_t size_system_name_1 = 0; ++ uint32_t length_system_name_1 = 0; + TALLOC_CTX *_mem_save_system_name_0; + TALLOC_CTX *_mem_save_connect_handle_0; + if (flags & NDR_IN) { +@@ -10953,11 +10997,13 @@ static enum ndr_err_code ndr_pull_samr_Connect2(struct ndr_pull *ndr, int flags, + NDR_PULL_SET_MEM_CTX(ndr, r->in.system_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.system_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.system_name)); +- if (ndr_get_array_length(ndr, &r->in.system_name) > ndr_get_array_size(ndr, &r->in.system_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.system_name), ndr_get_array_length(ndr, &r->in.system_name)); ++ size_system_name_1 = ndr_get_array_size(ndr, &r->in.system_name); ++ length_system_name_1 = ndr_get_array_length(ndr, &r->in.system_name); ++ if (length_system_name_1 > size_system_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_system_name_1, length_system_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.system_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.system_name, ndr_get_array_length(ndr, &r->in.system_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_system_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.system_name, length_system_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_system_name_0, 0); + } + NDR_CHECK(ndr_pull_samr_ConnectAccessMask(ndr, NDR_SCALARS, &r->in.access_mask)); +@@ -11257,6 +11303,8 @@ static enum ndr_err_code ndr_push_samr_Connect3(struct ndr_push *ndr, int flags, + static enum ndr_err_code ndr_pull_samr_Connect3(struct ndr_pull *ndr, int flags, struct samr_Connect3 *r) + { + uint32_t _ptr_system_name; ++ uint32_t size_system_name_1 = 0; ++ uint32_t length_system_name_1 = 0; + TALLOC_CTX *_mem_save_system_name_0; + TALLOC_CTX *_mem_save_connect_handle_0; + if (flags & NDR_IN) { +@@ -11273,11 +11321,13 @@ static enum ndr_err_code ndr_pull_samr_Connect3(struct ndr_pull *ndr, int flags, + NDR_PULL_SET_MEM_CTX(ndr, r->in.system_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.system_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.system_name)); +- if (ndr_get_array_length(ndr, &r->in.system_name) > ndr_get_array_size(ndr, &r->in.system_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.system_name), ndr_get_array_length(ndr, &r->in.system_name)); ++ size_system_name_1 = ndr_get_array_size(ndr, &r->in.system_name); ++ length_system_name_1 = ndr_get_array_length(ndr, &r->in.system_name); ++ if (length_system_name_1 > size_system_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_system_name_1, length_system_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.system_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.system_name, ndr_get_array_length(ndr, &r->in.system_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_system_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.system_name, length_system_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_system_name_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.unknown)); +@@ -11357,6 +11407,8 @@ static enum ndr_err_code ndr_push_samr_Connect4(struct ndr_push *ndr, int flags, + static enum ndr_err_code ndr_pull_samr_Connect4(struct ndr_pull *ndr, int flags, struct samr_Connect4 *r) + { + uint32_t _ptr_system_name; ++ uint32_t size_system_name_1 = 0; ++ uint32_t length_system_name_1 = 0; + TALLOC_CTX *_mem_save_system_name_0; + TALLOC_CTX *_mem_save_connect_handle_0; + if (flags & NDR_IN) { +@@ -11373,11 +11425,13 @@ static enum ndr_err_code ndr_pull_samr_Connect4(struct ndr_pull *ndr, int flags, + NDR_PULL_SET_MEM_CTX(ndr, r->in.system_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.system_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.system_name)); +- if (ndr_get_array_length(ndr, &r->in.system_name) > ndr_get_array_size(ndr, &r->in.system_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.system_name), ndr_get_array_length(ndr, &r->in.system_name)); ++ size_system_name_1 = ndr_get_array_size(ndr, &r->in.system_name); ++ length_system_name_1 = ndr_get_array_length(ndr, &r->in.system_name); ++ if (length_system_name_1 > size_system_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_system_name_1, length_system_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.system_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.system_name, ndr_get_array_length(ndr, &r->in.system_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_system_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.system_name, length_system_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_system_name_0, 0); + } + NDR_CHECK(ndr_pull_samr_ConnectVersion(ndr, NDR_SCALARS, &r->in.client_version)); +@@ -11755,6 +11809,8 @@ _PUBLIC_ enum ndr_err_code ndr_push_samr_Connect5(struct ndr_push *ndr, int flag + _PUBLIC_ enum ndr_err_code ndr_pull_samr_Connect5(struct ndr_pull *ndr, int flags, struct samr_Connect5 *r) + { + uint32_t _ptr_system_name; ++ uint32_t size_system_name_1 = 0; ++ uint32_t length_system_name_1 = 0; + TALLOC_CTX *_mem_save_system_name_0; + TALLOC_CTX *_mem_save_info_in_0; + TALLOC_CTX *_mem_save_level_out_0; +@@ -11774,11 +11830,13 @@ _PUBLIC_ enum ndr_err_code ndr_pull_samr_Connect5(struct ndr_pull *ndr, int flag + NDR_PULL_SET_MEM_CTX(ndr, r->in.system_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.system_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.system_name)); +- if (ndr_get_array_length(ndr, &r->in.system_name) > ndr_get_array_size(ndr, &r->in.system_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.system_name), ndr_get_array_length(ndr, &r->in.system_name)); ++ size_system_name_1 = ndr_get_array_size(ndr, &r->in.system_name); ++ length_system_name_1 = ndr_get_array_length(ndr, &r->in.system_name); ++ if (length_system_name_1 > size_system_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_system_name_1, length_system_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.system_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.system_name, ndr_get_array_length(ndr, &r->in.system_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_system_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.system_name, length_system_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_system_name_0, 0); + } + NDR_CHECK(ndr_pull_samr_ConnectAccessMask(ndr, NDR_SCALARS, &r->in.access_mask)); +diff --git a/source/librpc/gen_ndr/ndr_security.c b/source/librpc/gen_ndr/ndr_security.c +index d031c46..6a3ab10 100644 +--- a/source/librpc/gen_ndr/ndr_security.c ++++ b/source/librpc/gen_ndr/ndr_security.c +@@ -492,6 +492,7 @@ _PUBLIC_ enum ndr_err_code ndr_push_security_acl(struct ndr_push *ndr, int ndr_f + + _PUBLIC_ enum ndr_err_code ndr_pull_security_acl(struct ndr_pull *ndr, int ndr_flags, struct security_acl *r) + { ++ uint32_t size_aces_0 = 0; + uint32_t cntr_aces_0; + TALLOC_CTX *_mem_save_aces_0; + if (ndr_flags & NDR_SCALARS) { +@@ -502,18 +503,20 @@ _PUBLIC_ enum ndr_err_code ndr_pull_security_acl(struct ndr_pull *ndr, int ndr_f + if (r->num_aces < 0 || r->num_aces > 1000) { + return ndr_pull_error(ndr, NDR_ERR_RANGE, "value out of range"); + } +- NDR_PULL_ALLOC_N(ndr, r->aces, r->num_aces); ++ size_aces_0 = r->num_aces; ++ NDR_PULL_ALLOC_N(ndr, r->aces, size_aces_0); + _mem_save_aces_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->aces, 0); +- for (cntr_aces_0 = 0; cntr_aces_0 < r->num_aces; cntr_aces_0++) { ++ for (cntr_aces_0 = 0; cntr_aces_0 < size_aces_0; cntr_aces_0++) { + NDR_CHECK(ndr_pull_security_ace(ndr, NDR_SCALARS, &r->aces[cntr_aces_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_aces_0, 0); + } + if (ndr_flags & NDR_BUFFERS) { ++ size_aces_0 = r->num_aces; + _mem_save_aces_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->aces, 0); +- for (cntr_aces_0 = 0; cntr_aces_0 < r->num_aces; cntr_aces_0++) { ++ for (cntr_aces_0 = 0; cntr_aces_0 < size_aces_0; cntr_aces_0++) { + NDR_CHECK(ndr_pull_security_ace(ndr, NDR_BUFFERS, &r->aces[cntr_aces_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_aces_0, 0); +@@ -875,6 +878,7 @@ _PUBLIC_ enum ndr_err_code ndr_pull_security_token(struct ndr_pull *ndr, int ndr + uint32_t _ptr_group_sid; + TALLOC_CTX *_mem_save_group_sid_0; + uint32_t _ptr_sids; ++ uint32_t size_sids_0 = 0; + uint32_t cntr_sids_0; + TALLOC_CTX *_mem_save_sids_0; + TALLOC_CTX *_mem_save_sids_1; +@@ -894,10 +898,11 @@ _PUBLIC_ enum ndr_err_code ndr_pull_security_token(struct ndr_pull *ndr, int ndr + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->num_sids)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->sids)); +- NDR_PULL_ALLOC_N(ndr, r->sids, ndr_get_array_size(ndr, &r->sids)); ++ size_sids_0 = ndr_get_array_size(ndr, &r->sids); ++ NDR_PULL_ALLOC_N(ndr, r->sids, size_sids_0); + _mem_save_sids_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sids, 0); +- for (cntr_sids_0 = 0; cntr_sids_0 < r->num_sids; cntr_sids_0++) { ++ for (cntr_sids_0 = 0; cntr_sids_0 < size_sids_0; cntr_sids_0++) { + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_sids)); + if (_ptr_sids) { + NDR_PULL_ALLOC(ndr, r->sids[cntr_sids_0]); +@@ -924,9 +929,10 @@ _PUBLIC_ enum ndr_err_code ndr_pull_security_token(struct ndr_pull *ndr, int ndr + NDR_CHECK(ndr_pull_dom_sid(ndr, NDR_SCALARS|NDR_BUFFERS, r->group_sid)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_group_sid_0, 0); + } ++ size_sids_0 = ndr_get_array_size(ndr, &r->sids); + _mem_save_sids_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sids, 0); +- for (cntr_sids_0 = 0; cntr_sids_0 < r->num_sids; cntr_sids_0++) { ++ for (cntr_sids_0 = 0; cntr_sids_0 < size_sids_0; cntr_sids_0++) { + if (r->sids[cntr_sids_0]) { + _mem_save_sids_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->sids[cntr_sids_0], 0); +diff --git a/source/librpc/gen_ndr/ndr_srvsvc.c b/source/librpc/gen_ndr/ndr_srvsvc.c +index d97ee01..893a3b11 100644 +--- a/source/librpc/gen_ndr/ndr_srvsvc.c ++++ b/source/librpc/gen_ndr/ndr_srvsvc.c +@@ -25,6 +25,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetCharDevInfo0(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_srvsvc_NetCharDevInfo0(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetCharDevInfo0 *r) + { + uint32_t _ptr_device; ++ uint32_t size_device_1 = 0; ++ uint32_t length_device_1 = 0; + TALLOC_CTX *_mem_save_device_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -41,11 +43,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevInfo0(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->device, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->device)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->device)); +- if (ndr_get_array_length(ndr, &r->device) > ndr_get_array_size(ndr, &r->device)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->device), ndr_get_array_length(ndr, &r->device)); ++ size_device_1 = ndr_get_array_size(ndr, &r->device); ++ length_device_1 = ndr_get_array_length(ndr, &r->device); ++ if (length_device_1 > size_device_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_device_1, length_device_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->device), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->device, ndr_get_array_length(ndr, &r->device), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_device_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->device, length_device_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_device_0, 0); + } + } +@@ -90,6 +94,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetCharDevCtr0(struct ndr_push *ndr, in + static enum ndr_err_code ndr_pull_srvsvc_NetCharDevCtr0(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetCharDevCtr0 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -108,13 +113,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevCtr0(struct ndr_pull *ndr, in + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetCharDevInfo0(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetCharDevInfo0(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -180,8 +186,12 @@ static enum ndr_err_code ndr_push_srvsvc_NetCharDevInfo1(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_srvsvc_NetCharDevInfo1(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetCharDevInfo1 *r) + { + uint32_t _ptr_device; ++ uint32_t size_device_1 = 0; ++ uint32_t length_device_1 = 0; + TALLOC_CTX *_mem_save_device_0; + uint32_t _ptr_user; ++ uint32_t size_user_1 = 0; ++ uint32_t length_user_1 = 0; + TALLOC_CTX *_mem_save_user_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -206,11 +216,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevInfo1(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->device, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->device)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->device)); +- if (ndr_get_array_length(ndr, &r->device) > ndr_get_array_size(ndr, &r->device)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->device), ndr_get_array_length(ndr, &r->device)); ++ size_device_1 = ndr_get_array_size(ndr, &r->device); ++ length_device_1 = ndr_get_array_length(ndr, &r->device); ++ if (length_device_1 > size_device_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_device_1, length_device_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->device), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->device, ndr_get_array_length(ndr, &r->device), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_device_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->device, length_device_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_device_0, 0); + } + if (r->user) { +@@ -218,11 +230,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevInfo1(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->user, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->user)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->user)); +- if (ndr_get_array_length(ndr, &r->user) > ndr_get_array_size(ndr, &r->user)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->user), ndr_get_array_length(ndr, &r->user)); ++ size_user_1 = ndr_get_array_size(ndr, &r->user); ++ length_user_1 = ndr_get_array_length(ndr, &r->user); ++ if (length_user_1 > size_user_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_user_1, length_user_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->user), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user, ndr_get_array_length(ndr, &r->user), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_user_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user, length_user_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user_0, 0); + } + } +@@ -275,6 +289,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetCharDevCtr1(struct ndr_push *ndr, in + static enum ndr_err_code ndr_pull_srvsvc_NetCharDevCtr1(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetCharDevCtr1 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -293,13 +308,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevCtr1(struct ndr_pull *ndr, in + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetCharDevInfo1(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetCharDevInfo1(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -383,7 +399,9 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevInfo(struct ndr_pull *ndr, in + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_info0_0; ++ uint32_t _ptr_info0; + TALLOC_CTX *_mem_save_info1_0; ++ uint32_t _ptr_info1; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -392,7 +410,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevInfo(struct ndr_pull *ndr, in + } + switch (level) { + case 0: { +- uint32_t _ptr_info0; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info0)); + if (_ptr_info0) { + NDR_PULL_ALLOC(ndr, r->info0); +@@ -402,7 +419,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevInfo(struct ndr_pull *ndr, in + break; } + + case 1: { +- uint32_t _ptr_info1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1)); + if (_ptr_info1) { + NDR_PULL_ALLOC(ndr, r->info1); +@@ -521,7 +537,9 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevCtr(struct ndr_pull *ndr, int + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_ctr0_0; ++ uint32_t _ptr_ctr0; + TALLOC_CTX *_mem_save_ctr1_0; ++ uint32_t _ptr_ctr1; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -530,7 +548,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevCtr(struct ndr_pull *ndr, int + } + switch (level) { + case 0: { +- uint32_t _ptr_ctr0; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr0)); + if (_ptr_ctr0) { + NDR_PULL_ALLOC(ndr, r->ctr0); +@@ -540,7 +557,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevCtr(struct ndr_pull *ndr, int + break; } + + case 1: { +- uint32_t _ptr_ctr1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr1)); + if (_ptr_ctr1) { + NDR_PULL_ALLOC(ndr, r->ctr1); +@@ -632,6 +648,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetCharDevQInfo0(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQInfo0(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetCharDevQInfo0 *r) + { + uint32_t _ptr_device; ++ uint32_t size_device_1 = 0; ++ uint32_t length_device_1 = 0; + TALLOC_CTX *_mem_save_device_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -648,11 +666,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQInfo0(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->device, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->device)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->device)); +- if (ndr_get_array_length(ndr, &r->device) > ndr_get_array_size(ndr, &r->device)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->device), ndr_get_array_length(ndr, &r->device)); ++ size_device_1 = ndr_get_array_size(ndr, &r->device); ++ length_device_1 = ndr_get_array_length(ndr, &r->device); ++ if (length_device_1 > size_device_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_device_1, length_device_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->device), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->device, ndr_get_array_length(ndr, &r->device), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_device_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->device, length_device_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_device_0, 0); + } + } +@@ -697,6 +717,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetCharDevQCtr0(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQCtr0(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetCharDevQCtr0 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -715,13 +736,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQCtr0(struct ndr_pull *ndr, i + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetCharDevQInfo0(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetCharDevQInfo0(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -788,8 +810,12 @@ static enum ndr_err_code ndr_push_srvsvc_NetCharDevQInfo1(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQInfo1(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetCharDevQInfo1 *r) + { + uint32_t _ptr_device; ++ uint32_t size_device_1 = 0; ++ uint32_t length_device_1 = 0; + TALLOC_CTX *_mem_save_device_0; + uint32_t _ptr_devices; ++ uint32_t size_devices_1 = 0; ++ uint32_t length_devices_1 = 0; + TALLOC_CTX *_mem_save_devices_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -815,11 +841,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQInfo1(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->device, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->device)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->device)); +- if (ndr_get_array_length(ndr, &r->device) > ndr_get_array_size(ndr, &r->device)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->device), ndr_get_array_length(ndr, &r->device)); ++ size_device_1 = ndr_get_array_size(ndr, &r->device); ++ length_device_1 = ndr_get_array_length(ndr, &r->device); ++ if (length_device_1 > size_device_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_device_1, length_device_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->device), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->device, ndr_get_array_length(ndr, &r->device), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_device_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->device, length_device_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_device_0, 0); + } + if (r->devices) { +@@ -827,11 +855,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQInfo1(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->devices, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->devices)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->devices)); +- if (ndr_get_array_length(ndr, &r->devices) > ndr_get_array_size(ndr, &r->devices)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->devices), ndr_get_array_length(ndr, &r->devices)); ++ size_devices_1 = ndr_get_array_size(ndr, &r->devices); ++ length_devices_1 = ndr_get_array_length(ndr, &r->devices); ++ if (length_devices_1 > size_devices_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_devices_1, length_devices_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->devices), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->devices, ndr_get_array_length(ndr, &r->devices), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_devices_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->devices, length_devices_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_devices_0, 0); + } + } +@@ -885,6 +915,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetCharDevQCtr1(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQCtr1(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetCharDevQCtr1 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -903,13 +934,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQCtr1(struct ndr_pull *ndr, i + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetCharDevQInfo1(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetCharDevQInfo1(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -993,7 +1025,9 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQInfo(struct ndr_pull *ndr, i + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_info0_0; ++ uint32_t _ptr_info0; + TALLOC_CTX *_mem_save_info1_0; ++ uint32_t _ptr_info1; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -1002,7 +1036,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQInfo(struct ndr_pull *ndr, i + } + switch (level) { + case 0: { +- uint32_t _ptr_info0; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info0)); + if (_ptr_info0) { + NDR_PULL_ALLOC(ndr, r->info0); +@@ -1012,7 +1045,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQInfo(struct ndr_pull *ndr, i + break; } + + case 1: { +- uint32_t _ptr_info1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1)); + if (_ptr_info1) { + NDR_PULL_ALLOC(ndr, r->info1); +@@ -1131,7 +1163,9 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQCtr(struct ndr_pull *ndr, in + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_ctr0_0; ++ uint32_t _ptr_ctr0; + TALLOC_CTX *_mem_save_ctr1_0; ++ uint32_t _ptr_ctr1; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -1140,7 +1174,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQCtr(struct ndr_pull *ndr, in + } + switch (level) { + case 0: { +- uint32_t _ptr_ctr0; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr0)); + if (_ptr_ctr0) { + NDR_PULL_ALLOC(ndr, r->ctr0); +@@ -1150,7 +1183,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQCtr(struct ndr_pull *ndr, in + break; } + + case 1: { +- uint32_t _ptr_ctr1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr1)); + if (_ptr_ctr1) { + NDR_PULL_ALLOC(ndr, r->ctr1); +@@ -1274,6 +1306,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetConnCtr0(struct ndr_push *ndr, int n + static enum ndr_err_code ndr_pull_srvsvc_NetConnCtr0(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetConnCtr0 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -1292,10 +1325,11 @@ static enum ndr_err_code ndr_pull_srvsvc_NetConnCtr0(struct ndr_pull *ndr, int n + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetConnInfo0(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -1364,8 +1398,12 @@ static enum ndr_err_code ndr_push_srvsvc_NetConnInfo1(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetConnInfo1(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetConnInfo1 *r) + { + uint32_t _ptr_user; ++ uint32_t size_user_1 = 0; ++ uint32_t length_user_1 = 0; + TALLOC_CTX *_mem_save_user_0; + uint32_t _ptr_share; ++ uint32_t size_share_1 = 0; ++ uint32_t length_share_1 = 0; + TALLOC_CTX *_mem_save_share_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -1393,11 +1431,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetConnInfo1(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->user, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->user)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->user)); +- if (ndr_get_array_length(ndr, &r->user) > ndr_get_array_size(ndr, &r->user)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->user), ndr_get_array_length(ndr, &r->user)); ++ size_user_1 = ndr_get_array_size(ndr, &r->user); ++ length_user_1 = ndr_get_array_length(ndr, &r->user); ++ if (length_user_1 > size_user_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_user_1, length_user_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->user), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user, ndr_get_array_length(ndr, &r->user), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_user_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user, length_user_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user_0, 0); + } + if (r->share) { +@@ -1405,11 +1445,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetConnInfo1(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->share, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->share)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->share)); +- if (ndr_get_array_length(ndr, &r->share) > ndr_get_array_size(ndr, &r->share)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->share), ndr_get_array_length(ndr, &r->share)); ++ size_share_1 = ndr_get_array_size(ndr, &r->share); ++ length_share_1 = ndr_get_array_length(ndr, &r->share); ++ if (length_share_1 > size_share_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_share_1, length_share_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->share), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->share, ndr_get_array_length(ndr, &r->share), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_share_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->share, length_share_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_share_0, 0); + } + } +@@ -1465,6 +1507,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetConnCtr1(struct ndr_push *ndr, int n + static enum ndr_err_code ndr_pull_srvsvc_NetConnCtr1(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetConnCtr1 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -1483,13 +1526,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetConnCtr1(struct ndr_pull *ndr, int n + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetConnInfo1(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetConnInfo1(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -1573,7 +1617,9 @@ static enum ndr_err_code ndr_pull_srvsvc_NetConnCtr(struct ndr_pull *ndr, int nd + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_ctr0_0; ++ uint32_t _ptr_ctr0; + TALLOC_CTX *_mem_save_ctr1_0; ++ uint32_t _ptr_ctr1; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -1582,7 +1628,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetConnCtr(struct ndr_pull *ndr, int nd + } + switch (level) { + case 0: { +- uint32_t _ptr_ctr0; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr0)); + if (_ptr_ctr0) { + NDR_PULL_ALLOC(ndr, r->ctr0); +@@ -1592,7 +1637,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetConnCtr(struct ndr_pull *ndr, int nd + break; } + + case 1: { +- uint32_t _ptr_ctr1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr1)); + if (_ptr_ctr1) { + NDR_PULL_ALLOC(ndr, r->ctr1); +@@ -1754,6 +1798,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetFileCtr2(struct ndr_push *ndr, int n + static enum ndr_err_code ndr_pull_srvsvc_NetFileCtr2(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetFileCtr2 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -1772,10 +1817,11 @@ static enum ndr_err_code ndr_pull_srvsvc_NetFileCtr2(struct ndr_pull *ndr, int n + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetFileInfo2(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -1842,8 +1888,12 @@ static enum ndr_err_code ndr_push_srvsvc_NetFileInfo3(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetFileInfo3(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetFileInfo3 *r) + { + uint32_t _ptr_path; ++ uint32_t size_path_1 = 0; ++ uint32_t length_path_1 = 0; + TALLOC_CTX *_mem_save_path_0; + uint32_t _ptr_user; ++ uint32_t size_user_1 = 0; ++ uint32_t length_user_1 = 0; + TALLOC_CTX *_mem_save_user_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -1869,11 +1919,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetFileInfo3(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->path, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->path)); +- if (ndr_get_array_length(ndr, &r->path) > ndr_get_array_size(ndr, &r->path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->path), ndr_get_array_length(ndr, &r->path)); ++ size_path_1 = ndr_get_array_size(ndr, &r->path); ++ length_path_1 = ndr_get_array_length(ndr, &r->path); ++ if (length_path_1 > size_path_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_path_1, length_path_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->path, ndr_get_array_length(ndr, &r->path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_path_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->path, length_path_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_path_0, 0); + } + if (r->user) { +@@ -1881,11 +1933,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetFileInfo3(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->user, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->user)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->user)); +- if (ndr_get_array_length(ndr, &r->user) > ndr_get_array_size(ndr, &r->user)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->user), ndr_get_array_length(ndr, &r->user)); ++ size_user_1 = ndr_get_array_size(ndr, &r->user); ++ length_user_1 = ndr_get_array_length(ndr, &r->user); ++ if (length_user_1 > size_user_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_user_1, length_user_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->user), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user, ndr_get_array_length(ndr, &r->user), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_user_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user, length_user_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user_0, 0); + } + } +@@ -1939,6 +1993,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetFileCtr3(struct ndr_push *ndr, int n + static enum ndr_err_code ndr_pull_srvsvc_NetFileCtr3(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetFileCtr3 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -1957,13 +2012,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetFileCtr3(struct ndr_pull *ndr, int n + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetFileInfo3(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetFileInfo3(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -2047,7 +2103,9 @@ static enum ndr_err_code ndr_pull_srvsvc_NetFileInfo(struct ndr_pull *ndr, int n + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_info2_0; ++ uint32_t _ptr_info2; + TALLOC_CTX *_mem_save_info3_0; ++ uint32_t _ptr_info3; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -2056,7 +2114,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetFileInfo(struct ndr_pull *ndr, int n + } + switch (level) { + case 2: { +- uint32_t _ptr_info2; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info2)); + if (_ptr_info2) { + NDR_PULL_ALLOC(ndr, r->info2); +@@ -2066,7 +2123,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetFileInfo(struct ndr_pull *ndr, int n + break; } + + case 3: { +- uint32_t _ptr_info3; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info3)); + if (_ptr_info3) { + NDR_PULL_ALLOC(ndr, r->info3); +@@ -2185,7 +2241,9 @@ static enum ndr_err_code ndr_pull_srvsvc_NetFileCtr(struct ndr_pull *ndr, int nd + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_ctr2_0; ++ uint32_t _ptr_ctr2; + TALLOC_CTX *_mem_save_ctr3_0; ++ uint32_t _ptr_ctr3; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -2194,7 +2252,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetFileCtr(struct ndr_pull *ndr, int nd + } + switch (level) { + case 2: { +- uint32_t _ptr_ctr2; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr2)); + if (_ptr_ctr2) { + NDR_PULL_ALLOC(ndr, r->ctr2); +@@ -2204,7 +2261,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetFileCtr(struct ndr_pull *ndr, int nd + break; } + + case 3: { +- uint32_t _ptr_ctr3; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr3)); + if (_ptr_ctr3) { + NDR_PULL_ALLOC(ndr, r->ctr3); +@@ -2334,6 +2390,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetSessInfo0(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetSessInfo0(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSessInfo0 *r) + { + uint32_t _ptr_client; ++ uint32_t size_client_1 = 0; ++ uint32_t length_client_1 = 0; + TALLOC_CTX *_mem_save_client_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -2350,11 +2408,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessInfo0(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->client, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->client)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->client)); +- if (ndr_get_array_length(ndr, &r->client) > ndr_get_array_size(ndr, &r->client)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->client), ndr_get_array_length(ndr, &r->client)); ++ size_client_1 = ndr_get_array_size(ndr, &r->client); ++ length_client_1 = ndr_get_array_length(ndr, &r->client); ++ if (length_client_1 > size_client_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_client_1, length_client_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->client), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->client, ndr_get_array_length(ndr, &r->client), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_client_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->client, length_client_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_client_0, 0); + } + } +@@ -2399,6 +2459,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetSessCtr0(struct ndr_push *ndr, int n + static enum ndr_err_code ndr_pull_srvsvc_NetSessCtr0(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSessCtr0 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -2417,13 +2478,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessCtr0(struct ndr_pull *ndr, int n + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetSessInfo0(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetSessInfo0(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -2491,8 +2553,12 @@ static enum ndr_err_code ndr_push_srvsvc_NetSessInfo1(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetSessInfo1(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSessInfo1 *r) + { + uint32_t _ptr_client; ++ uint32_t size_client_1 = 0; ++ uint32_t length_client_1 = 0; + TALLOC_CTX *_mem_save_client_0; + uint32_t _ptr_user; ++ uint32_t size_user_1 = 0; ++ uint32_t length_user_1 = 0; + TALLOC_CTX *_mem_save_user_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -2519,11 +2585,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessInfo1(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->client, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->client)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->client)); +- if (ndr_get_array_length(ndr, &r->client) > ndr_get_array_size(ndr, &r->client)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->client), ndr_get_array_length(ndr, &r->client)); ++ size_client_1 = ndr_get_array_size(ndr, &r->client); ++ length_client_1 = ndr_get_array_length(ndr, &r->client); ++ if (length_client_1 > size_client_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_client_1, length_client_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->client), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->client, ndr_get_array_length(ndr, &r->client), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_client_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->client, length_client_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_client_0, 0); + } + if (r->user) { +@@ -2531,11 +2599,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessInfo1(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->user, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->user)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->user)); +- if (ndr_get_array_length(ndr, &r->user) > ndr_get_array_size(ndr, &r->user)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->user), ndr_get_array_length(ndr, &r->user)); ++ size_user_1 = ndr_get_array_size(ndr, &r->user); ++ length_user_1 = ndr_get_array_length(ndr, &r->user); ++ if (length_user_1 > size_user_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_user_1, length_user_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->user), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user, ndr_get_array_length(ndr, &r->user), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_user_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user, length_user_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user_0, 0); + } + } +@@ -2590,6 +2660,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetSessCtr1(struct ndr_push *ndr, int n + static enum ndr_err_code ndr_pull_srvsvc_NetSessCtr1(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSessCtr1 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -2608,13 +2679,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessCtr1(struct ndr_pull *ndr, int n + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetSessInfo1(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetSessInfo1(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -2689,10 +2761,16 @@ static enum ndr_err_code ndr_push_srvsvc_NetSessInfo2(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetSessInfo2(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSessInfo2 *r) + { + uint32_t _ptr_client; ++ uint32_t size_client_1 = 0; ++ uint32_t length_client_1 = 0; + TALLOC_CTX *_mem_save_client_0; + uint32_t _ptr_user; ++ uint32_t size_user_1 = 0; ++ uint32_t length_user_1 = 0; + TALLOC_CTX *_mem_save_user_0; + uint32_t _ptr_client_type; ++ uint32_t size_client_type_1 = 0; ++ uint32_t length_client_type_1 = 0; + TALLOC_CTX *_mem_save_client_type_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -2725,11 +2803,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessInfo2(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->client, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->client)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->client)); +- if (ndr_get_array_length(ndr, &r->client) > ndr_get_array_size(ndr, &r->client)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->client), ndr_get_array_length(ndr, &r->client)); ++ size_client_1 = ndr_get_array_size(ndr, &r->client); ++ length_client_1 = ndr_get_array_length(ndr, &r->client); ++ if (length_client_1 > size_client_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_client_1, length_client_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->client), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->client, ndr_get_array_length(ndr, &r->client), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_client_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->client, length_client_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_client_0, 0); + } + if (r->user) { +@@ -2737,11 +2817,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessInfo2(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->user, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->user)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->user)); +- if (ndr_get_array_length(ndr, &r->user) > ndr_get_array_size(ndr, &r->user)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->user), ndr_get_array_length(ndr, &r->user)); ++ size_user_1 = ndr_get_array_size(ndr, &r->user); ++ length_user_1 = ndr_get_array_length(ndr, &r->user); ++ if (length_user_1 > size_user_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_user_1, length_user_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->user), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user, ndr_get_array_length(ndr, &r->user), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_user_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user, length_user_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user_0, 0); + } + if (r->client_type) { +@@ -2749,11 +2831,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessInfo2(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->client_type, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->client_type)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->client_type)); +- if (ndr_get_array_length(ndr, &r->client_type) > ndr_get_array_size(ndr, &r->client_type)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->client_type), ndr_get_array_length(ndr, &r->client_type)); ++ size_client_type_1 = ndr_get_array_size(ndr, &r->client_type); ++ length_client_type_1 = ndr_get_array_length(ndr, &r->client_type); ++ if (length_client_type_1 > size_client_type_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_client_type_1, length_client_type_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->client_type), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->client_type, ndr_get_array_length(ndr, &r->client_type), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_client_type_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->client_type, length_client_type_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_client_type_0, 0); + } + } +@@ -2814,6 +2898,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetSessCtr2(struct ndr_push *ndr, int n + static enum ndr_err_code ndr_pull_srvsvc_NetSessCtr2(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSessCtr2 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -2832,13 +2917,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessCtr2(struct ndr_pull *ndr, int n + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetSessInfo2(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetSessInfo2(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -2904,8 +2990,12 @@ static enum ndr_err_code ndr_push_srvsvc_NetSessInfo10(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetSessInfo10(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSessInfo10 *r) + { + uint32_t _ptr_client; ++ uint32_t size_client_1 = 0; ++ uint32_t length_client_1 = 0; + TALLOC_CTX *_mem_save_client_0; + uint32_t _ptr_user; ++ uint32_t size_user_1 = 0; ++ uint32_t length_user_1 = 0; + TALLOC_CTX *_mem_save_user_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -2930,11 +3020,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessInfo10(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->client, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->client)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->client)); +- if (ndr_get_array_length(ndr, &r->client) > ndr_get_array_size(ndr, &r->client)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->client), ndr_get_array_length(ndr, &r->client)); ++ size_client_1 = ndr_get_array_size(ndr, &r->client); ++ length_client_1 = ndr_get_array_length(ndr, &r->client); ++ if (length_client_1 > size_client_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_client_1, length_client_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->client), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->client, ndr_get_array_length(ndr, &r->client), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_client_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->client, length_client_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_client_0, 0); + } + if (r->user) { +@@ -2942,11 +3034,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessInfo10(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->user, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->user)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->user)); +- if (ndr_get_array_length(ndr, &r->user) > ndr_get_array_size(ndr, &r->user)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->user), ndr_get_array_length(ndr, &r->user)); ++ size_user_1 = ndr_get_array_size(ndr, &r->user); ++ length_user_1 = ndr_get_array_length(ndr, &r->user); ++ if (length_user_1 > size_user_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_user_1, length_user_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->user), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user, ndr_get_array_length(ndr, &r->user), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_user_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user, length_user_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user_0, 0); + } + } +@@ -2999,6 +3093,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetSessCtr10(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetSessCtr10(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSessCtr10 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -3017,13 +3112,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessCtr10(struct ndr_pull *ndr, int + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetSessInfo10(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetSessInfo10(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -3105,12 +3201,20 @@ static enum ndr_err_code ndr_push_srvsvc_NetSessInfo502(struct ndr_push *ndr, in + static enum ndr_err_code ndr_pull_srvsvc_NetSessInfo502(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSessInfo502 *r) + { + uint32_t _ptr_client; ++ uint32_t size_client_1 = 0; ++ uint32_t length_client_1 = 0; + TALLOC_CTX *_mem_save_client_0; + uint32_t _ptr_user; ++ uint32_t size_user_1 = 0; ++ uint32_t length_user_1 = 0; + TALLOC_CTX *_mem_save_user_0; + uint32_t _ptr_client_type; ++ uint32_t size_client_type_1 = 0; ++ uint32_t length_client_type_1 = 0; + TALLOC_CTX *_mem_save_client_type_0; + uint32_t _ptr_transport; ++ uint32_t size_transport_1 = 0; ++ uint32_t length_transport_1 = 0; + TALLOC_CTX *_mem_save_transport_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -3149,11 +3253,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessInfo502(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->client, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->client)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->client)); +- if (ndr_get_array_length(ndr, &r->client) > ndr_get_array_size(ndr, &r->client)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->client), ndr_get_array_length(ndr, &r->client)); ++ size_client_1 = ndr_get_array_size(ndr, &r->client); ++ length_client_1 = ndr_get_array_length(ndr, &r->client); ++ if (length_client_1 > size_client_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_client_1, length_client_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->client), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->client, ndr_get_array_length(ndr, &r->client), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_client_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->client, length_client_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_client_0, 0); + } + if (r->user) { +@@ -3161,11 +3267,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessInfo502(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->user, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->user)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->user)); +- if (ndr_get_array_length(ndr, &r->user) > ndr_get_array_size(ndr, &r->user)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->user), ndr_get_array_length(ndr, &r->user)); ++ size_user_1 = ndr_get_array_size(ndr, &r->user); ++ length_user_1 = ndr_get_array_length(ndr, &r->user); ++ if (length_user_1 > size_user_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_user_1, length_user_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->user), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user, ndr_get_array_length(ndr, &r->user), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_user_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user, length_user_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user_0, 0); + } + if (r->client_type) { +@@ -3173,11 +3281,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessInfo502(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->client_type, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->client_type)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->client_type)); +- if (ndr_get_array_length(ndr, &r->client_type) > ndr_get_array_size(ndr, &r->client_type)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->client_type), ndr_get_array_length(ndr, &r->client_type)); ++ size_client_type_1 = ndr_get_array_size(ndr, &r->client_type); ++ length_client_type_1 = ndr_get_array_length(ndr, &r->client_type); ++ if (length_client_type_1 > size_client_type_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_client_type_1, length_client_type_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->client_type), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->client_type, ndr_get_array_length(ndr, &r->client_type), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_client_type_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->client_type, length_client_type_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_client_type_0, 0); + } + if (r->transport) { +@@ -3185,11 +3295,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessInfo502(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->transport, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->transport)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->transport)); +- if (ndr_get_array_length(ndr, &r->transport) > ndr_get_array_size(ndr, &r->transport)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->transport), ndr_get_array_length(ndr, &r->transport)); ++ size_transport_1 = ndr_get_array_size(ndr, &r->transport); ++ length_transport_1 = ndr_get_array_length(ndr, &r->transport); ++ if (length_transport_1 > size_transport_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_transport_1, length_transport_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->transport), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->transport, ndr_get_array_length(ndr, &r->transport), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_transport_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->transport, length_transport_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_transport_0, 0); + } + } +@@ -3256,6 +3368,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetSessCtr502(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetSessCtr502(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSessCtr502 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -3274,13 +3387,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessCtr502(struct ndr_pull *ndr, int + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetSessInfo502(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetSessInfo502(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -3394,10 +3508,15 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessCtr(struct ndr_pull *ndr, int nd + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_ctr0_0; ++ uint32_t _ptr_ctr0; + TALLOC_CTX *_mem_save_ctr1_0; ++ uint32_t _ptr_ctr1; + TALLOC_CTX *_mem_save_ctr2_0; ++ uint32_t _ptr_ctr2; + TALLOC_CTX *_mem_save_ctr10_0; ++ uint32_t _ptr_ctr10; + TALLOC_CTX *_mem_save_ctr502_0; ++ uint32_t _ptr_ctr502; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -3406,7 +3525,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessCtr(struct ndr_pull *ndr, int nd + } + switch (level) { + case 0: { +- uint32_t _ptr_ctr0; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr0)); + if (_ptr_ctr0) { + NDR_PULL_ALLOC(ndr, r->ctr0); +@@ -3416,7 +3534,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessCtr(struct ndr_pull *ndr, int nd + break; } + + case 1: { +- uint32_t _ptr_ctr1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr1)); + if (_ptr_ctr1) { + NDR_PULL_ALLOC(ndr, r->ctr1); +@@ -3426,7 +3543,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessCtr(struct ndr_pull *ndr, int nd + break; } + + case 2: { +- uint32_t _ptr_ctr2; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr2)); + if (_ptr_ctr2) { + NDR_PULL_ALLOC(ndr, r->ctr2); +@@ -3436,7 +3552,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessCtr(struct ndr_pull *ndr, int nd + break; } + + case 10: { +- uint32_t _ptr_ctr10; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr10)); + if (_ptr_ctr10) { + NDR_PULL_ALLOC(ndr, r->ctr10); +@@ -3446,7 +3561,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessCtr(struct ndr_pull *ndr, int nd + break; } + + case 502: { +- uint32_t _ptr_ctr502; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr502)); + if (_ptr_ctr502) { + NDR_PULL_ALLOC(ndr, r->ctr502); +@@ -3680,6 +3794,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareInfo0(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo0(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetShareInfo0 *r) + { + uint32_t _ptr_name; ++ uint32_t size_name_1 = 0; ++ uint32_t length_name_1 = 0; + TALLOC_CTX *_mem_save_name_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -3696,11 +3812,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo0(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->name)); +- if (ndr_get_array_length(ndr, &r->name) > ndr_get_array_size(ndr, &r->name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->name), ndr_get_array_length(ndr, &r->name)); ++ size_name_1 = ndr_get_array_size(ndr, &r->name); ++ length_name_1 = ndr_get_array_length(ndr, &r->name); ++ if (length_name_1 > size_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_1, length_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, length_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_0, 0); + } + } +@@ -3745,6 +3863,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareCtr0(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr0(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetShareCtr0 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -3763,13 +3882,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr0(struct ndr_pull *ndr, int + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetShareInfo0(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetShareInfo0(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -3834,8 +3954,12 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareInfo1(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo1(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetShareInfo1 *r) + { + uint32_t _ptr_name; ++ uint32_t size_name_1 = 0; ++ uint32_t length_name_1 = 0; + TALLOC_CTX *_mem_save_name_0; + uint32_t _ptr_comment; ++ uint32_t size_comment_1 = 0; ++ uint32_t length_comment_1 = 0; + TALLOC_CTX *_mem_save_comment_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -3859,11 +3983,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo1(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->name)); +- if (ndr_get_array_length(ndr, &r->name) > ndr_get_array_size(ndr, &r->name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->name), ndr_get_array_length(ndr, &r->name)); ++ size_name_1 = ndr_get_array_size(ndr, &r->name); ++ length_name_1 = ndr_get_array_length(ndr, &r->name); ++ if (length_name_1 > size_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_1, length_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, length_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_0, 0); + } + if (r->comment) { +@@ -3871,11 +3997,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo1(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->comment, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->comment)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->comment)); +- if (ndr_get_array_length(ndr, &r->comment) > ndr_get_array_size(ndr, &r->comment)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->comment), ndr_get_array_length(ndr, &r->comment)); ++ size_comment_1 = ndr_get_array_size(ndr, &r->comment); ++ length_comment_1 = ndr_get_array_length(ndr, &r->comment); ++ if (length_comment_1 > size_comment_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_comment_1, length_comment_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_comment_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, length_comment_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_comment_0, 0); + } + } +@@ -3927,6 +4055,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareCtr1(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr1(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetShareCtr1 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -3945,13 +4074,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr1(struct ndr_pull *ndr, int + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetShareInfo1(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetShareInfo1(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -4033,12 +4163,20 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareInfo2(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo2(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetShareInfo2 *r) + { + uint32_t _ptr_name; ++ uint32_t size_name_1 = 0; ++ uint32_t length_name_1 = 0; + TALLOC_CTX *_mem_save_name_0; + uint32_t _ptr_comment; ++ uint32_t size_comment_1 = 0; ++ uint32_t length_comment_1 = 0; + TALLOC_CTX *_mem_save_comment_0; + uint32_t _ptr_path; ++ uint32_t size_path_1 = 0; ++ uint32_t length_path_1 = 0; + TALLOC_CTX *_mem_save_path_0; + uint32_t _ptr_password; ++ uint32_t size_password_1 = 0; ++ uint32_t length_password_1 = 0; + TALLOC_CTX *_mem_save_password_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -4077,11 +4215,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo2(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->name)); +- if (ndr_get_array_length(ndr, &r->name) > ndr_get_array_size(ndr, &r->name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->name), ndr_get_array_length(ndr, &r->name)); ++ size_name_1 = ndr_get_array_size(ndr, &r->name); ++ length_name_1 = ndr_get_array_length(ndr, &r->name); ++ if (length_name_1 > size_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_1, length_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, length_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_0, 0); + } + if (r->comment) { +@@ -4089,11 +4229,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo2(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->comment, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->comment)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->comment)); +- if (ndr_get_array_length(ndr, &r->comment) > ndr_get_array_size(ndr, &r->comment)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->comment), ndr_get_array_length(ndr, &r->comment)); ++ size_comment_1 = ndr_get_array_size(ndr, &r->comment); ++ length_comment_1 = ndr_get_array_length(ndr, &r->comment); ++ if (length_comment_1 > size_comment_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_comment_1, length_comment_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_comment_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, length_comment_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_comment_0, 0); + } + if (r->path) { +@@ -4101,11 +4243,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo2(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->path, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->path)); +- if (ndr_get_array_length(ndr, &r->path) > ndr_get_array_size(ndr, &r->path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->path), ndr_get_array_length(ndr, &r->path)); ++ size_path_1 = ndr_get_array_size(ndr, &r->path); ++ length_path_1 = ndr_get_array_length(ndr, &r->path); ++ if (length_path_1 > size_path_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_path_1, length_path_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->path, ndr_get_array_length(ndr, &r->path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_path_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->path, length_path_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_path_0, 0); + } + if (r->password) { +@@ -4113,11 +4257,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo2(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->password, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->password)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->password)); +- if (ndr_get_array_length(ndr, &r->password) > ndr_get_array_size(ndr, &r->password)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->password), ndr_get_array_length(ndr, &r->password)); ++ size_password_1 = ndr_get_array_size(ndr, &r->password); ++ length_password_1 = ndr_get_array_length(ndr, &r->password); ++ if (length_password_1 > size_password_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_password_1, length_password_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->password), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->password, ndr_get_array_length(ndr, &r->password), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_password_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->password, length_password_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_password_0, 0); + } + } +@@ -4184,6 +4330,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareCtr2(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr2(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetShareCtr2 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -4202,13 +4349,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr2(struct ndr_pull *ndr, int + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetShareInfo2(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetShareInfo2(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -4274,8 +4422,12 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareInfo501(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo501(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetShareInfo501 *r) + { + uint32_t _ptr_name; ++ uint32_t size_name_1 = 0; ++ uint32_t length_name_1 = 0; + TALLOC_CTX *_mem_save_name_0; + uint32_t _ptr_comment; ++ uint32_t size_comment_1 = 0; ++ uint32_t length_comment_1 = 0; + TALLOC_CTX *_mem_save_comment_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -4300,11 +4452,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo501(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->name)); +- if (ndr_get_array_length(ndr, &r->name) > ndr_get_array_size(ndr, &r->name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->name), ndr_get_array_length(ndr, &r->name)); ++ size_name_1 = ndr_get_array_size(ndr, &r->name); ++ length_name_1 = ndr_get_array_length(ndr, &r->name); ++ if (length_name_1 > size_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_1, length_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, length_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_0, 0); + } + if (r->comment) { +@@ -4312,11 +4466,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo501(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->comment, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->comment)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->comment)); +- if (ndr_get_array_length(ndr, &r->comment) > ndr_get_array_size(ndr, &r->comment)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->comment), ndr_get_array_length(ndr, &r->comment)); ++ size_comment_1 = ndr_get_array_size(ndr, &r->comment); ++ length_comment_1 = ndr_get_array_length(ndr, &r->comment); ++ if (length_comment_1 > size_comment_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_comment_1, length_comment_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_comment_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, length_comment_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_comment_0, 0); + } + } +@@ -4369,6 +4525,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareCtr501(struct ndr_push *ndr, in + static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr501(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetShareCtr501 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -4387,13 +4544,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr501(struct ndr_pull *ndr, in + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetShareInfo501(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetShareInfo501(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -4477,12 +4635,20 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareInfo502(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo502(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetShareInfo502 *r) + { + uint32_t _ptr_name; ++ uint32_t size_name_1 = 0; ++ uint32_t length_name_1 = 0; + TALLOC_CTX *_mem_save_name_0; + uint32_t _ptr_comment; ++ uint32_t size_comment_1 = 0; ++ uint32_t length_comment_1 = 0; + TALLOC_CTX *_mem_save_comment_0; + uint32_t _ptr_path; ++ uint32_t size_path_1 = 0; ++ uint32_t length_path_1 = 0; + TALLOC_CTX *_mem_save_path_0; + uint32_t _ptr_password; ++ uint32_t size_password_1 = 0; ++ uint32_t length_password_1 = 0; + TALLOC_CTX *_mem_save_password_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -4522,11 +4688,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo502(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->name)); +- if (ndr_get_array_length(ndr, &r->name) > ndr_get_array_size(ndr, &r->name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->name), ndr_get_array_length(ndr, &r->name)); ++ size_name_1 = ndr_get_array_size(ndr, &r->name); ++ length_name_1 = ndr_get_array_length(ndr, &r->name); ++ if (length_name_1 > size_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_1, length_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, length_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_0, 0); + } + if (r->comment) { +@@ -4534,11 +4702,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo502(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->comment, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->comment)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->comment)); +- if (ndr_get_array_length(ndr, &r->comment) > ndr_get_array_size(ndr, &r->comment)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->comment), ndr_get_array_length(ndr, &r->comment)); ++ size_comment_1 = ndr_get_array_size(ndr, &r->comment); ++ length_comment_1 = ndr_get_array_length(ndr, &r->comment); ++ if (length_comment_1 > size_comment_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_comment_1, length_comment_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_comment_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, length_comment_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_comment_0, 0); + } + if (r->path) { +@@ -4546,11 +4716,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo502(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->path, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->path)); +- if (ndr_get_array_length(ndr, &r->path) > ndr_get_array_size(ndr, &r->path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->path), ndr_get_array_length(ndr, &r->path)); ++ size_path_1 = ndr_get_array_size(ndr, &r->path); ++ length_path_1 = ndr_get_array_length(ndr, &r->path); ++ if (length_path_1 > size_path_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_path_1, length_path_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->path, ndr_get_array_length(ndr, &r->path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_path_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->path, length_path_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_path_0, 0); + } + if (r->password) { +@@ -4558,11 +4730,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo502(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->password, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->password)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->password)); +- if (ndr_get_array_length(ndr, &r->password) > ndr_get_array_size(ndr, &r->password)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->password), ndr_get_array_length(ndr, &r->password)); ++ size_password_1 = ndr_get_array_size(ndr, &r->password); ++ length_password_1 = ndr_get_array_length(ndr, &r->password); ++ if (length_password_1 > size_password_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_password_1, length_password_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->password), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->password, ndr_get_array_length(ndr, &r->password), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_password_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->password, length_password_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_password_0, 0); + } + NDR_CHECK(ndr_pull_sec_desc_buf(ndr, NDR_BUFFERS, &r->sd_buf)); +@@ -4631,6 +4805,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareCtr502(struct ndr_push *ndr, in + static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr502(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetShareCtr502 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -4649,13 +4824,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr502(struct ndr_pull *ndr, in + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetShareInfo502(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetShareInfo502(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -4712,6 +4888,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareInfo1004(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo1004(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetShareInfo1004 *r) + { + uint32_t _ptr_comment; ++ uint32_t size_comment_1 = 0; ++ uint32_t length_comment_1 = 0; + TALLOC_CTX *_mem_save_comment_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -4728,11 +4906,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo1004(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->comment, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->comment)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->comment)); +- if (ndr_get_array_length(ndr, &r->comment) > ndr_get_array_size(ndr, &r->comment)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->comment), ndr_get_array_length(ndr, &r->comment)); ++ size_comment_1 = ndr_get_array_size(ndr, &r->comment); ++ length_comment_1 = ndr_get_array_length(ndr, &r->comment); ++ if (length_comment_1 > size_comment_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_comment_1, length_comment_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_comment_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, length_comment_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_comment_0, 0); + } + } +@@ -4777,6 +4957,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareCtr1004(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr1004(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetShareCtr1004 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -4795,13 +4976,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr1004(struct ndr_pull *ndr, i + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetShareInfo1004(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetShareInfo1004(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -4913,6 +5095,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareCtr1005(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr1005(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetShareCtr1005 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -4931,10 +5114,11 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr1005(struct ndr_pull *ndr, i + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetShareInfo1005(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -5023,6 +5207,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareCtr1006(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr1006(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetShareCtr1006 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -5041,10 +5226,11 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr1006(struct ndr_pull *ndr, i + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetShareInfo1006(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -5102,6 +5288,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareInfo1007(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo1007(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetShareInfo1007 *r) + { + uint32_t _ptr_alternate_directory_name; ++ uint32_t size_alternate_directory_name_1 = 0; ++ uint32_t length_alternate_directory_name_1 = 0; + TALLOC_CTX *_mem_save_alternate_directory_name_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -5119,11 +5307,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo1007(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->alternate_directory_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->alternate_directory_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->alternate_directory_name)); +- if (ndr_get_array_length(ndr, &r->alternate_directory_name) > ndr_get_array_size(ndr, &r->alternate_directory_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->alternate_directory_name), ndr_get_array_length(ndr, &r->alternate_directory_name)); ++ size_alternate_directory_name_1 = ndr_get_array_size(ndr, &r->alternate_directory_name); ++ length_alternate_directory_name_1 = ndr_get_array_length(ndr, &r->alternate_directory_name); ++ if (length_alternate_directory_name_1 > size_alternate_directory_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_alternate_directory_name_1, length_alternate_directory_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->alternate_directory_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->alternate_directory_name, ndr_get_array_length(ndr, &r->alternate_directory_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_alternate_directory_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->alternate_directory_name, length_alternate_directory_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_alternate_directory_name_0, 0); + } + } +@@ -5169,6 +5359,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareCtr1007(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr1007(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetShareCtr1007 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -5187,13 +5378,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr1007(struct ndr_pull *ndr, i + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetShareInfo1007(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetShareInfo1007(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -5255,6 +5447,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareCtr1501(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr1501(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetShareCtr1501 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -5273,13 +5466,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr1501(struct ndr_pull *ndr, i + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_sec_desc_buf(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_sec_desc_buf(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -5443,15 +5637,25 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo(struct ndr_pull *ndr, int + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_info0_0; ++ uint32_t _ptr_info0; + TALLOC_CTX *_mem_save_info1_0; ++ uint32_t _ptr_info1; + TALLOC_CTX *_mem_save_info2_0; ++ uint32_t _ptr_info2; + TALLOC_CTX *_mem_save_info501_0; ++ uint32_t _ptr_info501; + TALLOC_CTX *_mem_save_info502_0; ++ uint32_t _ptr_info502; + TALLOC_CTX *_mem_save_info1004_0; ++ uint32_t _ptr_info1004; + TALLOC_CTX *_mem_save_info1005_0; ++ uint32_t _ptr_info1005; + TALLOC_CTX *_mem_save_info1006_0; ++ uint32_t _ptr_info1006; + TALLOC_CTX *_mem_save_info1007_0; ++ uint32_t _ptr_info1007; + TALLOC_CTX *_mem_save_info1501_0; ++ uint32_t _ptr_info1501; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -5460,7 +5664,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo(struct ndr_pull *ndr, int + } + switch (level) { + case 0: { +- uint32_t _ptr_info0; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info0)); + if (_ptr_info0) { + NDR_PULL_ALLOC(ndr, r->info0); +@@ -5470,7 +5673,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo(struct ndr_pull *ndr, int + break; } + + case 1: { +- uint32_t _ptr_info1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1)); + if (_ptr_info1) { + NDR_PULL_ALLOC(ndr, r->info1); +@@ -5480,7 +5682,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo(struct ndr_pull *ndr, int + break; } + + case 2: { +- uint32_t _ptr_info2; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info2)); + if (_ptr_info2) { + NDR_PULL_ALLOC(ndr, r->info2); +@@ -5490,7 +5691,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo(struct ndr_pull *ndr, int + break; } + + case 501: { +- uint32_t _ptr_info501; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info501)); + if (_ptr_info501) { + NDR_PULL_ALLOC(ndr, r->info501); +@@ -5500,7 +5700,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo(struct ndr_pull *ndr, int + break; } + + case 502: { +- uint32_t _ptr_info502; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info502)); + if (_ptr_info502) { + NDR_PULL_ALLOC(ndr, r->info502); +@@ -5510,7 +5709,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo(struct ndr_pull *ndr, int + break; } + + case 1004: { +- uint32_t _ptr_info1004; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1004)); + if (_ptr_info1004) { + NDR_PULL_ALLOC(ndr, r->info1004); +@@ -5520,7 +5718,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo(struct ndr_pull *ndr, int + break; } + + case 1005: { +- uint32_t _ptr_info1005; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1005)); + if (_ptr_info1005) { + NDR_PULL_ALLOC(ndr, r->info1005); +@@ -5530,7 +5727,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo(struct ndr_pull *ndr, int + break; } + + case 1006: { +- uint32_t _ptr_info1006; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1006)); + if (_ptr_info1006) { + NDR_PULL_ALLOC(ndr, r->info1006); +@@ -5540,7 +5736,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo(struct ndr_pull *ndr, int + break; } + + case 1007: { +- uint32_t _ptr_info1007; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1007)); + if (_ptr_info1007) { + NDR_PULL_ALLOC(ndr, r->info1007); +@@ -5550,7 +5745,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareInfo(struct ndr_pull *ndr, int + break; } + + case 1501: { +- uint32_t _ptr_info1501; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1501)); + if (_ptr_info1501) { + NDR_PULL_ALLOC(ndr, r->info1501); +@@ -5893,15 +6087,25 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr(struct ndr_pull *ndr, int n + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_ctr0_0; ++ uint32_t _ptr_ctr0; + TALLOC_CTX *_mem_save_ctr1_0; ++ uint32_t _ptr_ctr1; + TALLOC_CTX *_mem_save_ctr2_0; ++ uint32_t _ptr_ctr2; + TALLOC_CTX *_mem_save_ctr501_0; ++ uint32_t _ptr_ctr501; + TALLOC_CTX *_mem_save_ctr502_0; ++ uint32_t _ptr_ctr502; + TALLOC_CTX *_mem_save_ctr1004_0; ++ uint32_t _ptr_ctr1004; + TALLOC_CTX *_mem_save_ctr1005_0; ++ uint32_t _ptr_ctr1005; + TALLOC_CTX *_mem_save_ctr1006_0; ++ uint32_t _ptr_ctr1006; + TALLOC_CTX *_mem_save_ctr1007_0; ++ uint32_t _ptr_ctr1007; + TALLOC_CTX *_mem_save_ctr1501_0; ++ uint32_t _ptr_ctr1501; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -5910,7 +6114,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr(struct ndr_pull *ndr, int n + } + switch (level) { + case 0: { +- uint32_t _ptr_ctr0; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr0)); + if (_ptr_ctr0) { + NDR_PULL_ALLOC(ndr, r->ctr0); +@@ -5920,7 +6123,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr(struct ndr_pull *ndr, int n + break; } + + case 1: { +- uint32_t _ptr_ctr1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr1)); + if (_ptr_ctr1) { + NDR_PULL_ALLOC(ndr, r->ctr1); +@@ -5930,7 +6132,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr(struct ndr_pull *ndr, int n + break; } + + case 2: { +- uint32_t _ptr_ctr2; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr2)); + if (_ptr_ctr2) { + NDR_PULL_ALLOC(ndr, r->ctr2); +@@ -5940,7 +6141,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr(struct ndr_pull *ndr, int n + break; } + + case 501: { +- uint32_t _ptr_ctr501; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr501)); + if (_ptr_ctr501) { + NDR_PULL_ALLOC(ndr, r->ctr501); +@@ -5950,7 +6150,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr(struct ndr_pull *ndr, int n + break; } + + case 502: { +- uint32_t _ptr_ctr502; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr502)); + if (_ptr_ctr502) { + NDR_PULL_ALLOC(ndr, r->ctr502); +@@ -5960,7 +6159,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr(struct ndr_pull *ndr, int n + break; } + + case 1004: { +- uint32_t _ptr_ctr1004; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr1004)); + if (_ptr_ctr1004) { + NDR_PULL_ALLOC(ndr, r->ctr1004); +@@ -5970,7 +6168,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr(struct ndr_pull *ndr, int n + break; } + + case 1005: { +- uint32_t _ptr_ctr1005; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr1005)); + if (_ptr_ctr1005) { + NDR_PULL_ALLOC(ndr, r->ctr1005); +@@ -5980,7 +6177,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr(struct ndr_pull *ndr, int n + break; } + + case 1006: { +- uint32_t _ptr_ctr1006; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr1006)); + if (_ptr_ctr1006) { + NDR_PULL_ALLOC(ndr, r->ctr1006); +@@ -5990,7 +6186,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr(struct ndr_pull *ndr, int n + break; } + + case 1007: { +- uint32_t _ptr_ctr1007; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr1007)); + if (_ptr_ctr1007) { + NDR_PULL_ALLOC(ndr, r->ctr1007); +@@ -6000,7 +6195,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCtr(struct ndr_pull *ndr, int n + break; } + + case 1501: { +- uint32_t _ptr_ctr1501; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr1501)); + if (_ptr_ctr1501) { + NDR_PULL_ALLOC(ndr, r->ctr1501); +@@ -6303,6 +6497,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo100(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo100(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo100 *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -6320,11 +6516,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo100(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->server_name)); +- if (ndr_get_array_length(ndr, &r->server_name) > ndr_get_array_size(ndr, &r->server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->server_name), ndr_get_array_length(ndr, &r->server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->server_name, ndr_get_array_length(ndr, &r->server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + } +@@ -6376,8 +6574,12 @@ static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo101(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo101(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo101 *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + uint32_t _ptr_comment; ++ uint32_t size_comment_1 = 0; ++ uint32_t length_comment_1 = 0; + TALLOC_CTX *_mem_save_comment_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -6404,11 +6606,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo101(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->server_name)); +- if (ndr_get_array_length(ndr, &r->server_name) > ndr_get_array_size(ndr, &r->server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->server_name), ndr_get_array_length(ndr, &r->server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->server_name, ndr_get_array_length(ndr, &r->server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + if (r->comment) { +@@ -6416,11 +6620,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo101(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->comment, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->comment)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->comment)); +- if (ndr_get_array_length(ndr, &r->comment) > ndr_get_array_size(ndr, &r->comment)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->comment), ndr_get_array_length(ndr, &r->comment)); ++ size_comment_1 = ndr_get_array_size(ndr, &r->comment); ++ length_comment_1 = ndr_get_array_length(ndr, &r->comment); ++ if (length_comment_1 > size_comment_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_comment_1, length_comment_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_comment_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, length_comment_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_comment_0, 0); + } + } +@@ -6494,10 +6700,16 @@ static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo102(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo102(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo102 *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + uint32_t _ptr_comment; ++ uint32_t size_comment_1 = 0; ++ uint32_t length_comment_1 = 0; + TALLOC_CTX *_mem_save_comment_0; + uint32_t _ptr_userpath; ++ uint32_t size_userpath_1 = 0; ++ uint32_t length_userpath_1 = 0; + TALLOC_CTX *_mem_save_userpath_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -6536,11 +6748,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo102(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->server_name)); +- if (ndr_get_array_length(ndr, &r->server_name) > ndr_get_array_size(ndr, &r->server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->server_name), ndr_get_array_length(ndr, &r->server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->server_name, ndr_get_array_length(ndr, &r->server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + if (r->comment) { +@@ -6548,11 +6762,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo102(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->comment, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->comment)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->comment)); +- if (ndr_get_array_length(ndr, &r->comment) > ndr_get_array_size(ndr, &r->comment)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->comment), ndr_get_array_length(ndr, &r->comment)); ++ size_comment_1 = ndr_get_array_size(ndr, &r->comment); ++ length_comment_1 = ndr_get_array_length(ndr, &r->comment); ++ if (length_comment_1 > size_comment_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_comment_1, length_comment_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_comment_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, length_comment_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_comment_0, 0); + } + if (r->userpath) { +@@ -6560,11 +6776,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo102(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->userpath, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->userpath)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->userpath)); +- if (ndr_get_array_length(ndr, &r->userpath) > ndr_get_array_size(ndr, &r->userpath)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->userpath), ndr_get_array_length(ndr, &r->userpath)); ++ size_userpath_1 = ndr_get_array_size(ndr, &r->userpath); ++ length_userpath_1 = ndr_get_array_length(ndr, &r->userpath); ++ if (length_userpath_1 > size_userpath_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_userpath_1, length_userpath_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->userpath), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->userpath, ndr_get_array_length(ndr, &r->userpath), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_userpath_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->userpath, length_userpath_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_userpath_0, 0); + } + } +@@ -6667,10 +6885,16 @@ static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo402(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo402(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo402 *r) + { + uint32_t _ptr_alerts; ++ uint32_t size_alerts_1 = 0; ++ uint32_t length_alerts_1 = 0; + TALLOC_CTX *_mem_save_alerts_0; + uint32_t _ptr_guestaccount; ++ uint32_t size_guestaccount_1 = 0; ++ uint32_t length_guestaccount_1 = 0; + TALLOC_CTX *_mem_save_guestaccount_0; + uint32_t _ptr_srvheuristics; ++ uint32_t size_srvheuristics_1 = 0; ++ uint32_t length_srvheuristics_1 = 0; + TALLOC_CTX *_mem_save_srvheuristics_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -6726,11 +6950,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo402(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->alerts, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->alerts)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->alerts)); +- if (ndr_get_array_length(ndr, &r->alerts) > ndr_get_array_size(ndr, &r->alerts)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->alerts), ndr_get_array_length(ndr, &r->alerts)); ++ size_alerts_1 = ndr_get_array_size(ndr, &r->alerts); ++ length_alerts_1 = ndr_get_array_length(ndr, &r->alerts); ++ if (length_alerts_1 > size_alerts_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_alerts_1, length_alerts_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->alerts), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->alerts, ndr_get_array_length(ndr, &r->alerts), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_alerts_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->alerts, length_alerts_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_alerts_0, 0); + } + if (r->guestaccount) { +@@ -6738,11 +6964,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo402(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->guestaccount, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->guestaccount)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->guestaccount)); +- if (ndr_get_array_length(ndr, &r->guestaccount) > ndr_get_array_size(ndr, &r->guestaccount)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->guestaccount), ndr_get_array_length(ndr, &r->guestaccount)); ++ size_guestaccount_1 = ndr_get_array_size(ndr, &r->guestaccount); ++ length_guestaccount_1 = ndr_get_array_length(ndr, &r->guestaccount); ++ if (length_guestaccount_1 > size_guestaccount_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_guestaccount_1, length_guestaccount_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->guestaccount), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->guestaccount, ndr_get_array_length(ndr, &r->guestaccount), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_guestaccount_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->guestaccount, length_guestaccount_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_guestaccount_0, 0); + } + if (r->srvheuristics) { +@@ -6750,11 +6978,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo402(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->srvheuristics, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->srvheuristics)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->srvheuristics)); +- if (ndr_get_array_length(ndr, &r->srvheuristics) > ndr_get_array_size(ndr, &r->srvheuristics)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->srvheuristics), ndr_get_array_length(ndr, &r->srvheuristics)); ++ size_srvheuristics_1 = ndr_get_array_size(ndr, &r->srvheuristics); ++ length_srvheuristics_1 = ndr_get_array_length(ndr, &r->srvheuristics); ++ if (length_srvheuristics_1 > size_srvheuristics_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_srvheuristics_1, length_srvheuristics_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->srvheuristics), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->srvheuristics, ndr_get_array_length(ndr, &r->srvheuristics), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_srvheuristics_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->srvheuristics, length_srvheuristics_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_srvheuristics_0, 0); + } + } +@@ -6883,12 +7113,20 @@ static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo403(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo403(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo403 *r) + { + uint32_t _ptr_alerts; ++ uint32_t size_alerts_1 = 0; ++ uint32_t length_alerts_1 = 0; + TALLOC_CTX *_mem_save_alerts_0; + uint32_t _ptr_guestaccount; ++ uint32_t size_guestaccount_1 = 0; ++ uint32_t length_guestaccount_1 = 0; + TALLOC_CTX *_mem_save_guestaccount_0; + uint32_t _ptr_srvheuristics; ++ uint32_t size_srvheuristics_1 = 0; ++ uint32_t length_srvheuristics_1 = 0; + TALLOC_CTX *_mem_save_srvheuristics_0; + uint32_t _ptr_autopath; ++ uint32_t size_autopath_1 = 0; ++ uint32_t length_autopath_1 = 0; + TALLOC_CTX *_mem_save_autopath_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -6952,11 +7190,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo403(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->alerts, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->alerts)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->alerts)); +- if (ndr_get_array_length(ndr, &r->alerts) > ndr_get_array_size(ndr, &r->alerts)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->alerts), ndr_get_array_length(ndr, &r->alerts)); ++ size_alerts_1 = ndr_get_array_size(ndr, &r->alerts); ++ length_alerts_1 = ndr_get_array_length(ndr, &r->alerts); ++ if (length_alerts_1 > size_alerts_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_alerts_1, length_alerts_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->alerts), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->alerts, ndr_get_array_length(ndr, &r->alerts), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_alerts_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->alerts, length_alerts_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_alerts_0, 0); + } + if (r->guestaccount) { +@@ -6964,11 +7204,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo403(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->guestaccount, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->guestaccount)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->guestaccount)); +- if (ndr_get_array_length(ndr, &r->guestaccount) > ndr_get_array_size(ndr, &r->guestaccount)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->guestaccount), ndr_get_array_length(ndr, &r->guestaccount)); ++ size_guestaccount_1 = ndr_get_array_size(ndr, &r->guestaccount); ++ length_guestaccount_1 = ndr_get_array_length(ndr, &r->guestaccount); ++ if (length_guestaccount_1 > size_guestaccount_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_guestaccount_1, length_guestaccount_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->guestaccount), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->guestaccount, ndr_get_array_length(ndr, &r->guestaccount), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_guestaccount_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->guestaccount, length_guestaccount_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_guestaccount_0, 0); + } + if (r->srvheuristics) { +@@ -6976,11 +7218,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo403(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->srvheuristics, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->srvheuristics)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->srvheuristics)); +- if (ndr_get_array_length(ndr, &r->srvheuristics) > ndr_get_array_size(ndr, &r->srvheuristics)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->srvheuristics), ndr_get_array_length(ndr, &r->srvheuristics)); ++ size_srvheuristics_1 = ndr_get_array_size(ndr, &r->srvheuristics); ++ length_srvheuristics_1 = ndr_get_array_length(ndr, &r->srvheuristics); ++ if (length_srvheuristics_1 > size_srvheuristics_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_srvheuristics_1, length_srvheuristics_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->srvheuristics), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->srvheuristics, ndr_get_array_length(ndr, &r->srvheuristics), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_srvheuristics_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->srvheuristics, length_srvheuristics_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_srvheuristics_0, 0); + } + if (r->autopath) { +@@ -6988,11 +7232,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo403(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->autopath, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->autopath)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->autopath)); +- if (ndr_get_array_length(ndr, &r->autopath) > ndr_get_array_size(ndr, &r->autopath)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->autopath), ndr_get_array_length(ndr, &r->autopath)); ++ size_autopath_1 = ndr_get_array_size(ndr, &r->autopath); ++ length_autopath_1 = ndr_get_array_length(ndr, &r->autopath); ++ if (length_autopath_1 > size_autopath_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_autopath_1, length_autopath_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->autopath), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->autopath, ndr_get_array_length(ndr, &r->autopath), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_autopath_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->autopath, length_autopath_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_autopath_0, 0); + } + } +@@ -7201,6 +7447,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo503(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo503(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo503 *r) + { + uint32_t _ptr_domain; ++ uint32_t size_domain_1 = 0; ++ uint32_t length_domain_1 = 0; + TALLOC_CTX *_mem_save_domain_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -7258,11 +7506,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo503(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->domain, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->domain)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->domain)); +- if (ndr_get_array_length(ndr, &r->domain) > ndr_get_array_size(ndr, &r->domain)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->domain), ndr_get_array_length(ndr, &r->domain)); ++ size_domain_1 = ndr_get_array_size(ndr, &r->domain); ++ length_domain_1 = ndr_get_array_length(ndr, &r->domain); ++ if (length_domain_1 > size_domain_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_1, length_domain_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, length_domain_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_0, 0); + } + } +@@ -7397,6 +7647,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo599(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo599(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo599 *r) + { + uint32_t _ptr_domain; ++ uint32_t size_domain_1 = 0; ++ uint32_t length_domain_1 = 0; + TALLOC_CTX *_mem_save_domain_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -7467,11 +7719,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo599(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->domain, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->domain)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->domain)); +- if (ndr_get_array_length(ndr, &r->domain) > ndr_get_array_size(ndr, &r->domain)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->domain), ndr_get_array_length(ndr, &r->domain)); ++ size_domain_1 = ndr_get_array_size(ndr, &r->domain); ++ length_domain_1 = ndr_get_array_length(ndr, &r->domain); ++ if (length_domain_1 > size_domain_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_1, length_domain_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, length_domain_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_0, 0); + } + } +@@ -7565,6 +7819,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetSrvInfo1005(struct ndr_push *ndr, in + static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo1005(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetSrvInfo1005 *r) + { + uint32_t _ptr_comment; ++ uint32_t size_comment_1 = 0; ++ uint32_t length_comment_1 = 0; + TALLOC_CTX *_mem_save_comment_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -7581,11 +7837,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo1005(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->comment, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->comment)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->comment)); +- if (ndr_get_array_length(ndr, &r->comment) > ndr_get_array_size(ndr, &r->comment)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->comment), ndr_get_array_length(ndr, &r->comment)); ++ size_comment_1 = ndr_get_array_size(ndr, &r->comment); ++ length_comment_1 = ndr_get_array_length(ndr, &r->comment); ++ if (length_comment_1 > size_comment_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_comment_1, length_comment_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, ndr_get_array_length(ndr, &r->comment), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_comment_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->comment, length_comment_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_comment_0, 0); + } + } +@@ -9722,64 +9980,123 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_info100_0; ++ uint32_t _ptr_info100; + TALLOC_CTX *_mem_save_info101_0; ++ uint32_t _ptr_info101; + TALLOC_CTX *_mem_save_info102_0; ++ uint32_t _ptr_info102; + TALLOC_CTX *_mem_save_info402_0; ++ uint32_t _ptr_info402; + TALLOC_CTX *_mem_save_info403_0; ++ uint32_t _ptr_info403; + TALLOC_CTX *_mem_save_info502_0; ++ uint32_t _ptr_info502; + TALLOC_CTX *_mem_save_info503_0; ++ uint32_t _ptr_info503; + TALLOC_CTX *_mem_save_info599_0; ++ uint32_t _ptr_info599; + TALLOC_CTX *_mem_save_info1005_0; ++ uint32_t _ptr_info1005; + TALLOC_CTX *_mem_save_info1010_0; ++ uint32_t _ptr_info1010; + TALLOC_CTX *_mem_save_info1016_0; ++ uint32_t _ptr_info1016; + TALLOC_CTX *_mem_save_info1017_0; ++ uint32_t _ptr_info1017; + TALLOC_CTX *_mem_save_info1018_0; ++ uint32_t _ptr_info1018; + TALLOC_CTX *_mem_save_info1107_0; ++ uint32_t _ptr_info1107; + TALLOC_CTX *_mem_save_info1501_0; ++ uint32_t _ptr_info1501; + TALLOC_CTX *_mem_save_info1502_0; ++ uint32_t _ptr_info1502; + TALLOC_CTX *_mem_save_info1503_0; ++ uint32_t _ptr_info1503; + TALLOC_CTX *_mem_save_info1506_0; ++ uint32_t _ptr_info1506; + TALLOC_CTX *_mem_save_info1509_0; ++ uint32_t _ptr_info1509; + TALLOC_CTX *_mem_save_info1510_0; ++ uint32_t _ptr_info1510; + TALLOC_CTX *_mem_save_info1511_0; ++ uint32_t _ptr_info1511; + TALLOC_CTX *_mem_save_info1512_0; ++ uint32_t _ptr_info1512; + TALLOC_CTX *_mem_save_info1513_0; ++ uint32_t _ptr_info1513; + TALLOC_CTX *_mem_save_info1514_0; ++ uint32_t _ptr_info1514; + TALLOC_CTX *_mem_save_info1515_0; ++ uint32_t _ptr_info1515; + TALLOC_CTX *_mem_save_info1516_0; ++ uint32_t _ptr_info1516; + TALLOC_CTX *_mem_save_info1518_0; ++ uint32_t _ptr_info1518; + TALLOC_CTX *_mem_save_info1520_0; ++ uint32_t _ptr_info1520; + TALLOC_CTX *_mem_save_info1521_0; ++ uint32_t _ptr_info1521; + TALLOC_CTX *_mem_save_info1522_0; ++ uint32_t _ptr_info1522; + TALLOC_CTX *_mem_save_info1523_0; ++ uint32_t _ptr_info1523; + TALLOC_CTX *_mem_save_info1524_0; ++ uint32_t _ptr_info1524; + TALLOC_CTX *_mem_save_info1525_0; ++ uint32_t _ptr_info1525; + TALLOC_CTX *_mem_save_info1528_0; ++ uint32_t _ptr_info1528; + TALLOC_CTX *_mem_save_info1529_0; ++ uint32_t _ptr_info1529; + TALLOC_CTX *_mem_save_info1530_0; ++ uint32_t _ptr_info1530; + TALLOC_CTX *_mem_save_info1533_0; ++ uint32_t _ptr_info1533; + TALLOC_CTX *_mem_save_info1534_0; ++ uint32_t _ptr_info1534; + TALLOC_CTX *_mem_save_info1535_0; ++ uint32_t _ptr_info1535; + TALLOC_CTX *_mem_save_info1536_0; ++ uint32_t _ptr_info1536; + TALLOC_CTX *_mem_save_info1537_0; ++ uint32_t _ptr_info1537; + TALLOC_CTX *_mem_save_info1538_0; ++ uint32_t _ptr_info1538; + TALLOC_CTX *_mem_save_info1539_0; ++ uint32_t _ptr_info1539; + TALLOC_CTX *_mem_save_info1540_0; ++ uint32_t _ptr_info1540; + TALLOC_CTX *_mem_save_info1541_0; ++ uint32_t _ptr_info1541; + TALLOC_CTX *_mem_save_info1542_0; ++ uint32_t _ptr_info1542; + TALLOC_CTX *_mem_save_info1543_0; ++ uint32_t _ptr_info1543; + TALLOC_CTX *_mem_save_info1544_0; ++ uint32_t _ptr_info1544; + TALLOC_CTX *_mem_save_info1545_0; ++ uint32_t _ptr_info1545; + TALLOC_CTX *_mem_save_info1546_0; ++ uint32_t _ptr_info1546; + TALLOC_CTX *_mem_save_info1547_0; ++ uint32_t _ptr_info1547; + TALLOC_CTX *_mem_save_info1548_0; ++ uint32_t _ptr_info1548; + TALLOC_CTX *_mem_save_info1549_0; ++ uint32_t _ptr_info1549; + TALLOC_CTX *_mem_save_info1550_0; ++ uint32_t _ptr_info1550; + TALLOC_CTX *_mem_save_info1552_0; ++ uint32_t _ptr_info1552; + TALLOC_CTX *_mem_save_info1553_0; ++ uint32_t _ptr_info1553; + TALLOC_CTX *_mem_save_info1554_0; ++ uint32_t _ptr_info1554; + TALLOC_CTX *_mem_save_info1555_0; ++ uint32_t _ptr_info1555; + TALLOC_CTX *_mem_save_info1556_0; ++ uint32_t _ptr_info1556; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -9788,7 +10105,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + } + switch (level) { + case 100: { +- uint32_t _ptr_info100; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info100)); + if (_ptr_info100) { + NDR_PULL_ALLOC(ndr, r->info100); +@@ -9798,7 +10114,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 101: { +- uint32_t _ptr_info101; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info101)); + if (_ptr_info101) { + NDR_PULL_ALLOC(ndr, r->info101); +@@ -9808,7 +10123,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 102: { +- uint32_t _ptr_info102; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info102)); + if (_ptr_info102) { + NDR_PULL_ALLOC(ndr, r->info102); +@@ -9818,7 +10132,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 402: { +- uint32_t _ptr_info402; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info402)); + if (_ptr_info402) { + NDR_PULL_ALLOC(ndr, r->info402); +@@ -9828,7 +10141,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 403: { +- uint32_t _ptr_info403; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info403)); + if (_ptr_info403) { + NDR_PULL_ALLOC(ndr, r->info403); +@@ -9838,7 +10150,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 502: { +- uint32_t _ptr_info502; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info502)); + if (_ptr_info502) { + NDR_PULL_ALLOC(ndr, r->info502); +@@ -9848,7 +10159,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 503: { +- uint32_t _ptr_info503; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info503)); + if (_ptr_info503) { + NDR_PULL_ALLOC(ndr, r->info503); +@@ -9858,7 +10168,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 599: { +- uint32_t _ptr_info599; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info599)); + if (_ptr_info599) { + NDR_PULL_ALLOC(ndr, r->info599); +@@ -9868,7 +10177,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1005: { +- uint32_t _ptr_info1005; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1005)); + if (_ptr_info1005) { + NDR_PULL_ALLOC(ndr, r->info1005); +@@ -9878,7 +10186,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1010: { +- uint32_t _ptr_info1010; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1010)); + if (_ptr_info1010) { + NDR_PULL_ALLOC(ndr, r->info1010); +@@ -9888,7 +10195,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1016: { +- uint32_t _ptr_info1016; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1016)); + if (_ptr_info1016) { + NDR_PULL_ALLOC(ndr, r->info1016); +@@ -9898,7 +10204,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1017: { +- uint32_t _ptr_info1017; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1017)); + if (_ptr_info1017) { + NDR_PULL_ALLOC(ndr, r->info1017); +@@ -9908,7 +10213,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1018: { +- uint32_t _ptr_info1018; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1018)); + if (_ptr_info1018) { + NDR_PULL_ALLOC(ndr, r->info1018); +@@ -9918,7 +10222,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1107: { +- uint32_t _ptr_info1107; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1107)); + if (_ptr_info1107) { + NDR_PULL_ALLOC(ndr, r->info1107); +@@ -9928,7 +10231,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1501: { +- uint32_t _ptr_info1501; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1501)); + if (_ptr_info1501) { + NDR_PULL_ALLOC(ndr, r->info1501); +@@ -9938,7 +10240,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1502: { +- uint32_t _ptr_info1502; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1502)); + if (_ptr_info1502) { + NDR_PULL_ALLOC(ndr, r->info1502); +@@ -9948,7 +10249,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1503: { +- uint32_t _ptr_info1503; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1503)); + if (_ptr_info1503) { + NDR_PULL_ALLOC(ndr, r->info1503); +@@ -9958,7 +10258,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1506: { +- uint32_t _ptr_info1506; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1506)); + if (_ptr_info1506) { + NDR_PULL_ALLOC(ndr, r->info1506); +@@ -9968,7 +10267,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1509: { +- uint32_t _ptr_info1509; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1509)); + if (_ptr_info1509) { + NDR_PULL_ALLOC(ndr, r->info1509); +@@ -9978,7 +10276,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1510: { +- uint32_t _ptr_info1510; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1510)); + if (_ptr_info1510) { + NDR_PULL_ALLOC(ndr, r->info1510); +@@ -9988,7 +10285,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1511: { +- uint32_t _ptr_info1511; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1511)); + if (_ptr_info1511) { + NDR_PULL_ALLOC(ndr, r->info1511); +@@ -9998,7 +10294,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1512: { +- uint32_t _ptr_info1512; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1512)); + if (_ptr_info1512) { + NDR_PULL_ALLOC(ndr, r->info1512); +@@ -10008,7 +10303,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1513: { +- uint32_t _ptr_info1513; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1513)); + if (_ptr_info1513) { + NDR_PULL_ALLOC(ndr, r->info1513); +@@ -10018,7 +10312,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1514: { +- uint32_t _ptr_info1514; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1514)); + if (_ptr_info1514) { + NDR_PULL_ALLOC(ndr, r->info1514); +@@ -10028,7 +10321,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1515: { +- uint32_t _ptr_info1515; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1515)); + if (_ptr_info1515) { + NDR_PULL_ALLOC(ndr, r->info1515); +@@ -10038,7 +10330,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1516: { +- uint32_t _ptr_info1516; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1516)); + if (_ptr_info1516) { + NDR_PULL_ALLOC(ndr, r->info1516); +@@ -10048,7 +10339,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1518: { +- uint32_t _ptr_info1518; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1518)); + if (_ptr_info1518) { + NDR_PULL_ALLOC(ndr, r->info1518); +@@ -10058,7 +10348,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1520: { +- uint32_t _ptr_info1520; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1520)); + if (_ptr_info1520) { + NDR_PULL_ALLOC(ndr, r->info1520); +@@ -10068,7 +10357,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1521: { +- uint32_t _ptr_info1521; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1521)); + if (_ptr_info1521) { + NDR_PULL_ALLOC(ndr, r->info1521); +@@ -10078,7 +10366,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1522: { +- uint32_t _ptr_info1522; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1522)); + if (_ptr_info1522) { + NDR_PULL_ALLOC(ndr, r->info1522); +@@ -10088,7 +10375,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1523: { +- uint32_t _ptr_info1523; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1523)); + if (_ptr_info1523) { + NDR_PULL_ALLOC(ndr, r->info1523); +@@ -10098,7 +10384,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1524: { +- uint32_t _ptr_info1524; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1524)); + if (_ptr_info1524) { + NDR_PULL_ALLOC(ndr, r->info1524); +@@ -10108,7 +10393,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1525: { +- uint32_t _ptr_info1525; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1525)); + if (_ptr_info1525) { + NDR_PULL_ALLOC(ndr, r->info1525); +@@ -10118,7 +10402,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1528: { +- uint32_t _ptr_info1528; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1528)); + if (_ptr_info1528) { + NDR_PULL_ALLOC(ndr, r->info1528); +@@ -10128,7 +10411,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1529: { +- uint32_t _ptr_info1529; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1529)); + if (_ptr_info1529) { + NDR_PULL_ALLOC(ndr, r->info1529); +@@ -10138,7 +10420,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1530: { +- uint32_t _ptr_info1530; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1530)); + if (_ptr_info1530) { + NDR_PULL_ALLOC(ndr, r->info1530); +@@ -10148,7 +10429,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1533: { +- uint32_t _ptr_info1533; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1533)); + if (_ptr_info1533) { + NDR_PULL_ALLOC(ndr, r->info1533); +@@ -10158,7 +10438,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1534: { +- uint32_t _ptr_info1534; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1534)); + if (_ptr_info1534) { + NDR_PULL_ALLOC(ndr, r->info1534); +@@ -10168,7 +10447,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1535: { +- uint32_t _ptr_info1535; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1535)); + if (_ptr_info1535) { + NDR_PULL_ALLOC(ndr, r->info1535); +@@ -10178,7 +10456,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1536: { +- uint32_t _ptr_info1536; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1536)); + if (_ptr_info1536) { + NDR_PULL_ALLOC(ndr, r->info1536); +@@ -10188,7 +10465,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1537: { +- uint32_t _ptr_info1537; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1537)); + if (_ptr_info1537) { + NDR_PULL_ALLOC(ndr, r->info1537); +@@ -10198,7 +10474,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1538: { +- uint32_t _ptr_info1538; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1538)); + if (_ptr_info1538) { + NDR_PULL_ALLOC(ndr, r->info1538); +@@ -10208,7 +10483,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1539: { +- uint32_t _ptr_info1539; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1539)); + if (_ptr_info1539) { + NDR_PULL_ALLOC(ndr, r->info1539); +@@ -10218,7 +10492,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1540: { +- uint32_t _ptr_info1540; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1540)); + if (_ptr_info1540) { + NDR_PULL_ALLOC(ndr, r->info1540); +@@ -10228,7 +10501,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1541: { +- uint32_t _ptr_info1541; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1541)); + if (_ptr_info1541) { + NDR_PULL_ALLOC(ndr, r->info1541); +@@ -10238,7 +10510,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1542: { +- uint32_t _ptr_info1542; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1542)); + if (_ptr_info1542) { + NDR_PULL_ALLOC(ndr, r->info1542); +@@ -10248,7 +10519,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1543: { +- uint32_t _ptr_info1543; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1543)); + if (_ptr_info1543) { + NDR_PULL_ALLOC(ndr, r->info1543); +@@ -10258,7 +10528,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1544: { +- uint32_t _ptr_info1544; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1544)); + if (_ptr_info1544) { + NDR_PULL_ALLOC(ndr, r->info1544); +@@ -10268,7 +10537,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1545: { +- uint32_t _ptr_info1545; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1545)); + if (_ptr_info1545) { + NDR_PULL_ALLOC(ndr, r->info1545); +@@ -10278,7 +10546,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1546: { +- uint32_t _ptr_info1546; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1546)); + if (_ptr_info1546) { + NDR_PULL_ALLOC(ndr, r->info1546); +@@ -10288,7 +10555,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1547: { +- uint32_t _ptr_info1547; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1547)); + if (_ptr_info1547) { + NDR_PULL_ALLOC(ndr, r->info1547); +@@ -10298,7 +10564,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1548: { +- uint32_t _ptr_info1548; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1548)); + if (_ptr_info1548) { + NDR_PULL_ALLOC(ndr, r->info1548); +@@ -10308,7 +10573,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1549: { +- uint32_t _ptr_info1549; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1549)); + if (_ptr_info1549) { + NDR_PULL_ALLOC(ndr, r->info1549); +@@ -10318,7 +10582,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1550: { +- uint32_t _ptr_info1550; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1550)); + if (_ptr_info1550) { + NDR_PULL_ALLOC(ndr, r->info1550); +@@ -10328,7 +10591,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1552: { +- uint32_t _ptr_info1552; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1552)); + if (_ptr_info1552) { + NDR_PULL_ALLOC(ndr, r->info1552); +@@ -10338,7 +10600,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1553: { +- uint32_t _ptr_info1553; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1553)); + if (_ptr_info1553) { + NDR_PULL_ALLOC(ndr, r->info1553); +@@ -10348,7 +10609,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1554: { +- uint32_t _ptr_info1554; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1554)); + if (_ptr_info1554) { + NDR_PULL_ALLOC(ndr, r->info1554); +@@ -10358,7 +10618,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1555: { +- uint32_t _ptr_info1555; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1555)); + if (_ptr_info1555) { + NDR_PULL_ALLOC(ndr, r->info1555); +@@ -10368,7 +10627,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvInfo(struct ndr_pull *ndr, int nd + break; } + + case 1556: { +- uint32_t _ptr_info1556; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1556)); + if (_ptr_info1556) { + NDR_PULL_ALLOC(ndr, r->info1556); +@@ -11530,6 +11788,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetDiskInfo(struct ndr_push *ndr, int n + static enum ndr_err_code ndr_pull_srvsvc_NetDiskInfo(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetDiskInfo *r) + { + uint32_t _ptr_disks; ++ uint32_t size_disks_1 = 0; ++ uint32_t length_disks_1 = 0; + uint32_t cntr_disks_1; + TALLOC_CTX *_mem_save_disks_0; + TALLOC_CTX *_mem_save_disks_1; +@@ -11549,13 +11809,15 @@ static enum ndr_err_code ndr_pull_srvsvc_NetDiskInfo(struct ndr_pull *ndr, int n + NDR_PULL_SET_MEM_CTX(ndr, r->disks, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->disks)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->disks)); +- if (ndr_get_array_length(ndr, &r->disks) > ndr_get_array_size(ndr, &r->disks)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->disks), ndr_get_array_length(ndr, &r->disks)); ++ size_disks_1 = ndr_get_array_size(ndr, &r->disks); ++ length_disks_1 = ndr_get_array_length(ndr, &r->disks); ++ if (length_disks_1 > size_disks_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_disks_1, length_disks_1); + } +- NDR_PULL_ALLOC_N(ndr, r->disks, ndr_get_array_size(ndr, &r->disks)); ++ NDR_PULL_ALLOC_N(ndr, r->disks, size_disks_1); + _mem_save_disks_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->disks, 0); +- for (cntr_disks_1 = 0; cntr_disks_1 < r->count; cntr_disks_1++) { ++ for (cntr_disks_1 = 0; cntr_disks_1 < length_disks_1; cntr_disks_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetDiskInfo0(ndr, NDR_SCALARS, &r->disks[cntr_disks_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_disks_1, 0); +@@ -11707,10 +11969,15 @@ static enum ndr_err_code ndr_push_srvsvc_NetTransportInfo0(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetTransportInfo0(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetTransportInfo0 *r) + { + uint32_t _ptr_name; ++ uint32_t size_name_1 = 0; ++ uint32_t length_name_1 = 0; + TALLOC_CTX *_mem_save_name_0; + uint32_t _ptr_addr; ++ uint32_t size_addr_1 = 0; + TALLOC_CTX *_mem_save_addr_0; + uint32_t _ptr_net_addr; ++ uint32_t size_net_addr_1 = 0; ++ uint32_t length_net_addr_1 = 0; + TALLOC_CTX *_mem_save_net_addr_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -11741,19 +12008,22 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportInfo0(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->name)); +- if (ndr_get_array_length(ndr, &r->name) > ndr_get_array_size(ndr, &r->name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->name), ndr_get_array_length(ndr, &r->name)); ++ size_name_1 = ndr_get_array_size(ndr, &r->name); ++ length_name_1 = ndr_get_array_length(ndr, &r->name); ++ if (length_name_1 > size_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_1, length_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, length_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_0, 0); + } + if (r->addr) { + _mem_save_addr_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->addr, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->addr)); +- NDR_PULL_ALLOC_N(ndr, r->addr, ndr_get_array_size(ndr, &r->addr)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->addr, ndr_get_array_size(ndr, &r->addr))); ++ size_addr_1 = ndr_get_array_size(ndr, &r->addr); ++ NDR_PULL_ALLOC_N(ndr, r->addr, size_addr_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->addr, size_addr_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_addr_0, 0); + } + if (r->net_addr) { +@@ -11761,11 +12031,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportInfo0(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->net_addr, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->net_addr)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->net_addr)); +- if (ndr_get_array_length(ndr, &r->net_addr) > ndr_get_array_size(ndr, &r->net_addr)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->net_addr), ndr_get_array_length(ndr, &r->net_addr)); ++ size_net_addr_1 = ndr_get_array_size(ndr, &r->net_addr); ++ length_net_addr_1 = ndr_get_array_length(ndr, &r->net_addr); ++ if (length_net_addr_1 > size_net_addr_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_net_addr_1, length_net_addr_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->net_addr), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->net_addr, ndr_get_array_length(ndr, &r->net_addr), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_net_addr_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->net_addr, length_net_addr_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_net_addr_0, 0); + } + if (r->addr) { +@@ -11827,6 +12099,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetTransportCtr0(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetTransportCtr0(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetTransportCtr0 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -11845,13 +12118,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportCtr0(struct ndr_pull *ndr, + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetTransportInfo0(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetTransportInfo0(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -11929,12 +12203,19 @@ static enum ndr_err_code ndr_push_srvsvc_NetTransportInfo1(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetTransportInfo1(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetTransportInfo1 *r) + { + uint32_t _ptr_name; ++ uint32_t size_name_1 = 0; ++ uint32_t length_name_1 = 0; + TALLOC_CTX *_mem_save_name_0; + uint32_t _ptr_addr; ++ uint32_t size_addr_1 = 0; + TALLOC_CTX *_mem_save_addr_0; + uint32_t _ptr_net_addr; ++ uint32_t size_net_addr_1 = 0; ++ uint32_t length_net_addr_1 = 0; + TALLOC_CTX *_mem_save_net_addr_0; + uint32_t _ptr_domain; ++ uint32_t size_domain_1 = 0; ++ uint32_t length_domain_1 = 0; + TALLOC_CTX *_mem_save_domain_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -11971,19 +12252,22 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportInfo1(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->name)); +- if (ndr_get_array_length(ndr, &r->name) > ndr_get_array_size(ndr, &r->name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->name), ndr_get_array_length(ndr, &r->name)); ++ size_name_1 = ndr_get_array_size(ndr, &r->name); ++ length_name_1 = ndr_get_array_length(ndr, &r->name); ++ if (length_name_1 > size_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_1, length_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, length_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_0, 0); + } + if (r->addr) { + _mem_save_addr_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->addr, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->addr)); +- NDR_PULL_ALLOC_N(ndr, r->addr, ndr_get_array_size(ndr, &r->addr)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->addr, ndr_get_array_size(ndr, &r->addr))); ++ size_addr_1 = ndr_get_array_size(ndr, &r->addr); ++ NDR_PULL_ALLOC_N(ndr, r->addr, size_addr_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->addr, size_addr_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_addr_0, 0); + } + if (r->net_addr) { +@@ -11991,11 +12275,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportInfo1(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->net_addr, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->net_addr)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->net_addr)); +- if (ndr_get_array_length(ndr, &r->net_addr) > ndr_get_array_size(ndr, &r->net_addr)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->net_addr), ndr_get_array_length(ndr, &r->net_addr)); ++ size_net_addr_1 = ndr_get_array_size(ndr, &r->net_addr); ++ length_net_addr_1 = ndr_get_array_length(ndr, &r->net_addr); ++ if (length_net_addr_1 > size_net_addr_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_net_addr_1, length_net_addr_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->net_addr), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->net_addr, ndr_get_array_length(ndr, &r->net_addr), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_net_addr_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->net_addr, length_net_addr_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_net_addr_0, 0); + } + if (r->domain) { +@@ -12003,11 +12289,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportInfo1(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->domain, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->domain)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->domain)); +- if (ndr_get_array_length(ndr, &r->domain) > ndr_get_array_size(ndr, &r->domain)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->domain), ndr_get_array_length(ndr, &r->domain)); ++ size_domain_1 = ndr_get_array_size(ndr, &r->domain); ++ length_domain_1 = ndr_get_array_length(ndr, &r->domain); ++ if (length_domain_1 > size_domain_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_1, length_domain_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, length_domain_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_0, 0); + } + if (r->addr) { +@@ -12075,6 +12363,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetTransportCtr1(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetTransportCtr1(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetTransportCtr1 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -12093,13 +12382,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportCtr1(struct ndr_pull *ndr, + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetTransportInfo1(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetTransportInfo1(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -12178,12 +12468,19 @@ static enum ndr_err_code ndr_push_srvsvc_NetTransportInfo2(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetTransportInfo2(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetTransportInfo2 *r) + { + uint32_t _ptr_name; ++ uint32_t size_name_1 = 0; ++ uint32_t length_name_1 = 0; + TALLOC_CTX *_mem_save_name_0; + uint32_t _ptr_addr; ++ uint32_t size_addr_1 = 0; + TALLOC_CTX *_mem_save_addr_0; + uint32_t _ptr_net_addr; ++ uint32_t size_net_addr_1 = 0; ++ uint32_t length_net_addr_1 = 0; + TALLOC_CTX *_mem_save_net_addr_0; + uint32_t _ptr_domain; ++ uint32_t size_domain_1 = 0; ++ uint32_t length_domain_1 = 0; + TALLOC_CTX *_mem_save_domain_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -12221,19 +12518,22 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportInfo2(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->name)); +- if (ndr_get_array_length(ndr, &r->name) > ndr_get_array_size(ndr, &r->name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->name), ndr_get_array_length(ndr, &r->name)); ++ size_name_1 = ndr_get_array_size(ndr, &r->name); ++ length_name_1 = ndr_get_array_length(ndr, &r->name); ++ if (length_name_1 > size_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_1, length_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, length_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_0, 0); + } + if (r->addr) { + _mem_save_addr_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->addr, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->addr)); +- NDR_PULL_ALLOC_N(ndr, r->addr, ndr_get_array_size(ndr, &r->addr)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->addr, ndr_get_array_size(ndr, &r->addr))); ++ size_addr_1 = ndr_get_array_size(ndr, &r->addr); ++ NDR_PULL_ALLOC_N(ndr, r->addr, size_addr_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->addr, size_addr_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_addr_0, 0); + } + if (r->net_addr) { +@@ -12241,11 +12541,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportInfo2(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->net_addr, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->net_addr)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->net_addr)); +- if (ndr_get_array_length(ndr, &r->net_addr) > ndr_get_array_size(ndr, &r->net_addr)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->net_addr), ndr_get_array_length(ndr, &r->net_addr)); ++ size_net_addr_1 = ndr_get_array_size(ndr, &r->net_addr); ++ length_net_addr_1 = ndr_get_array_length(ndr, &r->net_addr); ++ if (length_net_addr_1 > size_net_addr_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_net_addr_1, length_net_addr_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->net_addr), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->net_addr, ndr_get_array_length(ndr, &r->net_addr), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_net_addr_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->net_addr, length_net_addr_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_net_addr_0, 0); + } + if (r->domain) { +@@ -12253,11 +12555,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportInfo2(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->domain, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->domain)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->domain)); +- if (ndr_get_array_length(ndr, &r->domain) > ndr_get_array_size(ndr, &r->domain)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->domain), ndr_get_array_length(ndr, &r->domain)); ++ size_domain_1 = ndr_get_array_size(ndr, &r->domain); ++ length_domain_1 = ndr_get_array_length(ndr, &r->domain); ++ if (length_domain_1 > size_domain_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_1, length_domain_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, length_domain_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_0, 0); + } + if (r->addr) { +@@ -12326,6 +12630,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetTransportCtr2(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetTransportCtr2(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetTransportCtr2 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -12344,13 +12649,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportCtr2(struct ndr_pull *ndr, + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetTransportInfo2(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetTransportInfo2(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -12431,13 +12737,21 @@ static enum ndr_err_code ndr_push_srvsvc_NetTransportInfo3(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetTransportInfo3(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetTransportInfo3 *r) + { + uint32_t _ptr_name; ++ uint32_t size_name_1 = 0; ++ uint32_t length_name_1 = 0; + TALLOC_CTX *_mem_save_name_0; + uint32_t _ptr_addr; ++ uint32_t size_addr_1 = 0; + TALLOC_CTX *_mem_save_addr_0; + uint32_t _ptr_net_addr; ++ uint32_t size_net_addr_1 = 0; ++ uint32_t length_net_addr_1 = 0; + TALLOC_CTX *_mem_save_net_addr_0; + uint32_t _ptr_domain; ++ uint32_t size_domain_1 = 0; ++ uint32_t length_domain_1 = 0; + TALLOC_CTX *_mem_save_domain_0; ++ uint32_t size_unknown3_0 = 0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->vcs)); +@@ -12468,7 +12782,8 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportInfo3(struct ndr_pull *ndr, + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown1)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->unknown2)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->unknown3, 256)); ++ size_unknown3_0 = 256; ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->unknown3, size_unknown3_0)); + } + if (ndr_flags & NDR_BUFFERS) { + if (r->name) { +@@ -12476,19 +12791,22 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportInfo3(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->name)); +- if (ndr_get_array_length(ndr, &r->name) > ndr_get_array_size(ndr, &r->name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->name), ndr_get_array_length(ndr, &r->name)); ++ size_name_1 = ndr_get_array_size(ndr, &r->name); ++ length_name_1 = ndr_get_array_length(ndr, &r->name); ++ if (length_name_1 > size_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_1, length_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, length_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_0, 0); + } + if (r->addr) { + _mem_save_addr_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->addr, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->addr)); +- NDR_PULL_ALLOC_N(ndr, r->addr, ndr_get_array_size(ndr, &r->addr)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->addr, ndr_get_array_size(ndr, &r->addr))); ++ size_addr_1 = ndr_get_array_size(ndr, &r->addr); ++ NDR_PULL_ALLOC_N(ndr, r->addr, size_addr_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->addr, size_addr_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_addr_0, 0); + } + if (r->net_addr) { +@@ -12496,11 +12814,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportInfo3(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->net_addr, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->net_addr)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->net_addr)); +- if (ndr_get_array_length(ndr, &r->net_addr) > ndr_get_array_size(ndr, &r->net_addr)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->net_addr), ndr_get_array_length(ndr, &r->net_addr)); ++ size_net_addr_1 = ndr_get_array_size(ndr, &r->net_addr); ++ length_net_addr_1 = ndr_get_array_length(ndr, &r->net_addr); ++ if (length_net_addr_1 > size_net_addr_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_net_addr_1, length_net_addr_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->net_addr), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->net_addr, ndr_get_array_length(ndr, &r->net_addr), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_net_addr_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->net_addr, length_net_addr_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_net_addr_0, 0); + } + if (r->domain) { +@@ -12508,11 +12828,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportInfo3(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->domain, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->domain)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->domain)); +- if (ndr_get_array_length(ndr, &r->domain) > ndr_get_array_size(ndr, &r->domain)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->domain), ndr_get_array_length(ndr, &r->domain)); ++ size_domain_1 = ndr_get_array_size(ndr, &r->domain); ++ length_domain_1 = ndr_get_array_length(ndr, &r->domain); ++ if (length_domain_1 > size_domain_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_1, length_domain_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, ndr_get_array_length(ndr, &r->domain), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain, length_domain_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_0, 0); + } + if (r->addr) { +@@ -12583,6 +12905,7 @@ static enum ndr_err_code ndr_push_srvsvc_NetTransportCtr3(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetTransportCtr3(struct ndr_pull *ndr, int ndr_flags, struct srvsvc_NetTransportCtr3 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -12601,13 +12924,14 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportCtr3(struct ndr_pull *ndr, + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetTransportInfo3(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_srvsvc_NetTransportInfo3(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -12711,9 +13035,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportCtr(struct ndr_pull *ndr, i + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_ctr0_0; ++ uint32_t _ptr_ctr0; + TALLOC_CTX *_mem_save_ctr1_0; ++ uint32_t _ptr_ctr1; + TALLOC_CTX *_mem_save_ctr2_0; ++ uint32_t _ptr_ctr2; + TALLOC_CTX *_mem_save_ctr3_0; ++ uint32_t _ptr_ctr3; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -12722,7 +13050,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportCtr(struct ndr_pull *ndr, i + } + switch (level) { + case 0: { +- uint32_t _ptr_ctr0; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr0)); + if (_ptr_ctr0) { + NDR_PULL_ALLOC(ndr, r->ctr0); +@@ -12732,7 +13059,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportCtr(struct ndr_pull *ndr, i + break; } + + case 1: { +- uint32_t _ptr_ctr1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr1)); + if (_ptr_ctr1) { + NDR_PULL_ALLOC(ndr, r->ctr1); +@@ -12742,7 +13068,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportCtr(struct ndr_pull *ndr, i + break; } + + case 2: { +- uint32_t _ptr_ctr2; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr2)); + if (_ptr_ctr2) { + NDR_PULL_ALLOC(ndr, r->ctr2); +@@ -12752,7 +13077,6 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportCtr(struct ndr_pull *ndr, i + break; } + + case 3: { +- uint32_t _ptr_ctr3; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr3)); + if (_ptr_ctr3) { + NDR_PULL_ALLOC(ndr, r->ctr3); +@@ -13109,6 +13433,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetCharDevEnum(struct ndr_push *ndr, in + static enum ndr_err_code ndr_pull_srvsvc_NetCharDevEnum(struct ndr_pull *ndr, int flags, struct srvsvc_NetCharDevEnum *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_resume_handle; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_level_0; +@@ -13129,11 +13455,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevEnum(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -13303,6 +13631,10 @@ static enum ndr_err_code ndr_push_srvsvc_NetCharDevGetInfo(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetCharDevGetInfo(struct ndr_pull *ndr, int flags, struct srvsvc_NetCharDevGetInfo *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; ++ uint32_t size_device_name_0 = 0; ++ uint32_t length_device_name_0 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_info_0; + if (flags & NDR_IN) { +@@ -13319,20 +13651,24 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevGetInfo(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.device_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.device_name)); +- if (ndr_get_array_length(ndr, &r->in.device_name) > ndr_get_array_size(ndr, &r->in.device_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.device_name), ndr_get_array_length(ndr, &r->in.device_name)); ++ size_device_name_0 = ndr_get_array_size(ndr, &r->in.device_name); ++ length_device_name_0 = ndr_get_array_length(ndr, &r->in.device_name); ++ if (length_device_name_0 > size_device_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_device_name_0, length_device_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.device_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.device_name, ndr_get_array_length(ndr, &r->in.device_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_device_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.device_name, length_device_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); + NDR_PULL_ALLOC(ndr, r->out.info); + ZERO_STRUCTP(r->out.info); +@@ -13410,6 +13746,10 @@ static enum ndr_err_code ndr_push_srvsvc_NetCharDevControl(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetCharDevControl(struct ndr_pull *ndr, int flags, struct srvsvc_NetCharDevControl *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; ++ uint32_t size_device_name_0 = 0; ++ uint32_t length_device_name_0 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_server_unc)); +@@ -13423,20 +13763,24 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevControl(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.device_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.device_name)); +- if (ndr_get_array_length(ndr, &r->in.device_name) > ndr_get_array_size(ndr, &r->in.device_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.device_name), ndr_get_array_length(ndr, &r->in.device_name)); ++ size_device_name_0 = ndr_get_array_size(ndr, &r->in.device_name); ++ length_device_name_0 = ndr_get_array_length(ndr, &r->in.device_name); ++ if (length_device_name_0 > size_device_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_device_name_0, length_device_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.device_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.device_name, ndr_get_array_length(ndr, &r->in.device_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_device_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.device_name, length_device_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.opcode)); + } + if (flags & NDR_OUT) { +@@ -13532,7 +13876,11 @@ static enum ndr_err_code ndr_push_srvsvc_NetCharDevQEnum(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQEnum(struct ndr_pull *ndr, int flags, struct srvsvc_NetCharDevQEnum *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_user; ++ uint32_t size_user_1 = 0; ++ uint32_t length_user_1 = 0; + uint32_t _ptr_resume_handle; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_user_0; +@@ -13554,11 +13902,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQEnum(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_user)); +@@ -13572,11 +13922,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQEnum(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->in.user, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.user)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.user)); +- if (ndr_get_array_length(ndr, &r->in.user) > ndr_get_array_size(ndr, &r->in.user)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.user), ndr_get_array_length(ndr, &r->in.user)); ++ size_user_1 = ndr_get_array_size(ndr, &r->in.user); ++ length_user_1 = ndr_get_array_length(ndr, &r->in.user); ++ if (length_user_1 > size_user_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_user_1, length_user_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.user), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.user, ndr_get_array_length(ndr, &r->in.user), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_user_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.user, length_user_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user_0, 0); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -13756,6 +14108,12 @@ static enum ndr_err_code ndr_push_srvsvc_NetCharDevQGetInfo(struct ndr_push *ndr + static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQGetInfo(struct ndr_pull *ndr, int flags, struct srvsvc_NetCharDevQGetInfo *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; ++ uint32_t size_queue_name_0 = 0; ++ uint32_t length_queue_name_0 = 0; ++ uint32_t size_user_0 = 0; ++ uint32_t length_user_0 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_info_0; + if (flags & NDR_IN) { +@@ -13772,27 +14130,33 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQGetInfo(struct ndr_pull *ndr + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.queue_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.queue_name)); +- if (ndr_get_array_length(ndr, &r->in.queue_name) > ndr_get_array_size(ndr, &r->in.queue_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.queue_name), ndr_get_array_length(ndr, &r->in.queue_name)); ++ size_queue_name_0 = ndr_get_array_size(ndr, &r->in.queue_name); ++ length_queue_name_0 = ndr_get_array_length(ndr, &r->in.queue_name); ++ if (length_queue_name_0 > size_queue_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_queue_name_0, length_queue_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.queue_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.queue_name, ndr_get_array_length(ndr, &r->in.queue_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_queue_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.queue_name, length_queue_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.user)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.user)); +- if (ndr_get_array_length(ndr, &r->in.user) > ndr_get_array_size(ndr, &r->in.user)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.user), ndr_get_array_length(ndr, &r->in.user)); ++ size_user_0 = ndr_get_array_size(ndr, &r->in.user); ++ length_user_0 = ndr_get_array_length(ndr, &r->in.user); ++ if (length_user_0 > size_user_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_user_0, length_user_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.user), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.user, ndr_get_array_length(ndr, &r->in.user), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_user_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.user, length_user_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); + NDR_PULL_ALLOC(ndr, r->out.info); + ZERO_STRUCTP(r->out.info); +@@ -13881,6 +14245,10 @@ static enum ndr_err_code ndr_push_srvsvc_NetCharDevQSetInfo(struct ndr_push *ndr + static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQSetInfo(struct ndr_pull *ndr, int flags, struct srvsvc_NetCharDevQSetInfo *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; ++ uint32_t size_queue_name_0 = 0; ++ uint32_t length_queue_name_0 = 0; + uint32_t _ptr_parm_error; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_parm_error_0; +@@ -13898,20 +14266,24 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQSetInfo(struct ndr_pull *ndr + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.queue_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.queue_name)); +- if (ndr_get_array_length(ndr, &r->in.queue_name) > ndr_get_array_size(ndr, &r->in.queue_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.queue_name), ndr_get_array_length(ndr, &r->in.queue_name)); ++ size_queue_name_0 = ndr_get_array_size(ndr, &r->in.queue_name); ++ length_queue_name_0 = ndr_get_array_length(ndr, &r->in.queue_name); ++ if (length_queue_name_0 > size_queue_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_queue_name_0, length_queue_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.queue_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.queue_name, ndr_get_array_length(ndr, &r->in.queue_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_queue_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.queue_name, length_queue_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); + NDR_CHECK(ndr_pull_set_switch_value(ndr, &r->in.info, r->in.level)); + NDR_CHECK(ndr_pull_srvsvc_NetCharDevQInfo(ndr, NDR_SCALARS|NDR_BUFFERS, &r->in.info)); +@@ -14013,6 +14385,10 @@ static enum ndr_err_code ndr_push_srvsvc_NetCharDevQPurge(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQPurge(struct ndr_pull *ndr, int flags, struct srvsvc_NetCharDevQPurge *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; ++ uint32_t size_queue_name_0 = 0; ++ uint32_t length_queue_name_0 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_server_unc)); +@@ -14026,20 +14402,24 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQPurge(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.queue_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.queue_name)); +- if (ndr_get_array_length(ndr, &r->in.queue_name) > ndr_get_array_size(ndr, &r->in.queue_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.queue_name), ndr_get_array_length(ndr, &r->in.queue_name)); ++ size_queue_name_0 = ndr_get_array_size(ndr, &r->in.queue_name); ++ length_queue_name_0 = ndr_get_array_length(ndr, &r->in.queue_name); ++ if (length_queue_name_0 > size_queue_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_queue_name_0, length_queue_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.queue_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.queue_name, ndr_get_array_length(ndr, &r->in.queue_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_queue_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.queue_name, length_queue_name_0, sizeof(uint16_t), CH_UTF16)); + } + if (flags & NDR_OUT) { + NDR_CHECK(ndr_pull_WERROR(ndr, NDR_SCALARS, &r->out.result)); +@@ -14103,6 +14483,12 @@ static enum ndr_err_code ndr_push_srvsvc_NetCharDevQPurgeSelf(struct ndr_push *n + static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQPurgeSelf(struct ndr_pull *ndr, int flags, struct srvsvc_NetCharDevQPurgeSelf *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; ++ uint32_t size_queue_name_0 = 0; ++ uint32_t length_queue_name_0 = 0; ++ uint32_t size_computer_name_0 = 0; ++ uint32_t length_computer_name_0 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_server_unc)); +@@ -14116,27 +14502,33 @@ static enum ndr_err_code ndr_pull_srvsvc_NetCharDevQPurgeSelf(struct ndr_pull *n + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.queue_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.queue_name)); +- if (ndr_get_array_length(ndr, &r->in.queue_name) > ndr_get_array_size(ndr, &r->in.queue_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.queue_name), ndr_get_array_length(ndr, &r->in.queue_name)); ++ size_queue_name_0 = ndr_get_array_size(ndr, &r->in.queue_name); ++ length_queue_name_0 = ndr_get_array_length(ndr, &r->in.queue_name); ++ if (length_queue_name_0 > size_queue_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_queue_name_0, length_queue_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.queue_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.queue_name, ndr_get_array_length(ndr, &r->in.queue_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_queue_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.queue_name, length_queue_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.computer_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.computer_name)); +- if (ndr_get_array_length(ndr, &r->in.computer_name) > ndr_get_array_size(ndr, &r->in.computer_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.computer_name), ndr_get_array_length(ndr, &r->in.computer_name)); ++ size_computer_name_0 = ndr_get_array_size(ndr, &r->in.computer_name); ++ length_computer_name_0 = ndr_get_array_length(ndr, &r->in.computer_name); ++ if (length_computer_name_0 > size_computer_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_computer_name_0, length_computer_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, ndr_get_array_length(ndr, &r->in.computer_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_computer_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.computer_name, length_computer_name_0, sizeof(uint16_t), CH_UTF16)); + } + if (flags & NDR_OUT) { + NDR_CHECK(ndr_pull_WERROR(ndr, NDR_SCALARS, &r->out.result)); +@@ -14221,7 +14613,11 @@ static enum ndr_err_code ndr_push_srvsvc_NetConnEnum(struct ndr_push *ndr, int f + static enum ndr_err_code ndr_pull_srvsvc_NetConnEnum(struct ndr_pull *ndr, int flags, struct srvsvc_NetConnEnum *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_path; ++ uint32_t size_path_1 = 0; ++ uint32_t length_path_1 = 0; + uint32_t _ptr_resume_handle; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_path_0; +@@ -14242,11 +14638,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetConnEnum(struct ndr_pull *ndr, int f + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_path)); +@@ -14260,11 +14658,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetConnEnum(struct ndr_pull *ndr, int f + NDR_PULL_SET_MEM_CTX(ndr, r->in.path, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.path)); +- if (ndr_get_array_length(ndr, &r->in.path) > ndr_get_array_size(ndr, &r->in.path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.path), ndr_get_array_length(ndr, &r->in.path)); ++ size_path_1 = ndr_get_array_size(ndr, &r->in.path); ++ length_path_1 = ndr_get_array_length(ndr, &r->in.path); ++ if (length_path_1 > size_path_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_path_1, length_path_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.path, ndr_get_array_length(ndr, &r->in.path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_path_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.path, length_path_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_path_0, 0); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -14437,8 +14837,14 @@ static enum ndr_err_code ndr_push_srvsvc_NetFileEnum(struct ndr_push *ndr, int f + static enum ndr_err_code ndr_pull_srvsvc_NetFileEnum(struct ndr_pull *ndr, int flags, struct srvsvc_NetFileEnum *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_path; ++ uint32_t size_path_1 = 0; ++ uint32_t length_path_1 = 0; + uint32_t _ptr_user; ++ uint32_t size_user_1 = 0; ++ uint32_t length_user_1 = 0; + uint32_t _ptr_resume_handle; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_path_0; +@@ -14460,11 +14866,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetFileEnum(struct ndr_pull *ndr, int f + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_path)); +@@ -14478,11 +14886,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetFileEnum(struct ndr_pull *ndr, int f + NDR_PULL_SET_MEM_CTX(ndr, r->in.path, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.path)); +- if (ndr_get_array_length(ndr, &r->in.path) > ndr_get_array_size(ndr, &r->in.path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.path), ndr_get_array_length(ndr, &r->in.path)); ++ size_path_1 = ndr_get_array_size(ndr, &r->in.path); ++ length_path_1 = ndr_get_array_length(ndr, &r->in.path); ++ if (length_path_1 > size_path_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_path_1, length_path_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.path, ndr_get_array_length(ndr, &r->in.path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_path_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.path, length_path_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_path_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_user)); +@@ -14496,11 +14906,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetFileEnum(struct ndr_pull *ndr, int f + NDR_PULL_SET_MEM_CTX(ndr, r->in.user, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.user)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.user)); +- if (ndr_get_array_length(ndr, &r->in.user) > ndr_get_array_size(ndr, &r->in.user)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.user), ndr_get_array_length(ndr, &r->in.user)); ++ size_user_1 = ndr_get_array_size(ndr, &r->in.user); ++ length_user_1 = ndr_get_array_length(ndr, &r->in.user); ++ if (length_user_1 > size_user_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_user_1, length_user_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.user), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.user, ndr_get_array_length(ndr, &r->in.user), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_user_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.user, length_user_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user_0, 0); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -14651,6 +15063,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetFileGetInfo(struct ndr_push *ndr, in + static enum ndr_err_code ndr_pull_srvsvc_NetFileGetInfo(struct ndr_pull *ndr, int flags, struct srvsvc_NetFileGetInfo *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_info_0; + if (flags & NDR_IN) { +@@ -14667,11 +15081,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetFileGetInfo(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.fid)); +@@ -14748,6 +15164,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetFileClose(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetFileClose(struct ndr_pull *ndr, int flags, struct srvsvc_NetFileClose *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_server_unc)); +@@ -14761,11 +15179,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetFileClose(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.fid)); +@@ -14859,8 +15279,14 @@ static enum ndr_err_code ndr_push_srvsvc_NetSessEnum(struct ndr_push *ndr, int f + static enum ndr_err_code ndr_pull_srvsvc_NetSessEnum(struct ndr_pull *ndr, int flags, struct srvsvc_NetSessEnum *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_client; ++ uint32_t size_client_1 = 0; ++ uint32_t length_client_1 = 0; + uint32_t _ptr_user; ++ uint32_t size_user_1 = 0; ++ uint32_t length_user_1 = 0; + uint32_t _ptr_resume_handle; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_client_0; +@@ -14882,11 +15308,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessEnum(struct ndr_pull *ndr, int f + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_client)); +@@ -14900,11 +15328,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessEnum(struct ndr_pull *ndr, int f + NDR_PULL_SET_MEM_CTX(ndr, r->in.client, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.client)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.client)); +- if (ndr_get_array_length(ndr, &r->in.client) > ndr_get_array_size(ndr, &r->in.client)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.client), ndr_get_array_length(ndr, &r->in.client)); ++ size_client_1 = ndr_get_array_size(ndr, &r->in.client); ++ length_client_1 = ndr_get_array_length(ndr, &r->in.client); ++ if (length_client_1 > size_client_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_client_1, length_client_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.client), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.client, ndr_get_array_length(ndr, &r->in.client), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_client_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.client, length_client_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_client_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_user)); +@@ -14918,11 +15348,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessEnum(struct ndr_pull *ndr, int f + NDR_PULL_SET_MEM_CTX(ndr, r->in.user, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.user)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.user)); +- if (ndr_get_array_length(ndr, &r->in.user) > ndr_get_array_size(ndr, &r->in.user)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.user), ndr_get_array_length(ndr, &r->in.user)); ++ size_user_1 = ndr_get_array_size(ndr, &r->in.user); ++ length_user_1 = ndr_get_array_length(ndr, &r->in.user); ++ if (length_user_1 > size_user_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_user_1, length_user_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.user), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.user, ndr_get_array_length(ndr, &r->in.user), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_user_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.user, length_user_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user_0, 0); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -15080,8 +15512,14 @@ static enum ndr_err_code ndr_push_srvsvc_NetSessDel(struct ndr_push *ndr, int fl + static enum ndr_err_code ndr_pull_srvsvc_NetSessDel(struct ndr_pull *ndr, int flags, struct srvsvc_NetSessDel *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_client; ++ uint32_t size_client_1 = 0; ++ uint32_t length_client_1 = 0; + uint32_t _ptr_user; ++ uint32_t size_user_1 = 0; ++ uint32_t length_user_1 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_client_0; + TALLOC_CTX *_mem_save_user_0; +@@ -15097,11 +15535,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessDel(struct ndr_pull *ndr, int fl + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_client)); +@@ -15115,11 +15555,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessDel(struct ndr_pull *ndr, int fl + NDR_PULL_SET_MEM_CTX(ndr, r->in.client, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.client)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.client)); +- if (ndr_get_array_length(ndr, &r->in.client) > ndr_get_array_size(ndr, &r->in.client)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.client), ndr_get_array_length(ndr, &r->in.client)); ++ size_client_1 = ndr_get_array_size(ndr, &r->in.client); ++ length_client_1 = ndr_get_array_length(ndr, &r->in.client); ++ if (length_client_1 > size_client_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_client_1, length_client_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.client), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.client, ndr_get_array_length(ndr, &r->in.client), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_client_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.client, length_client_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_client_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_user)); +@@ -15133,11 +15575,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSessDel(struct ndr_pull *ndr, int fl + NDR_PULL_SET_MEM_CTX(ndr, r->in.user, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.user)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.user)); +- if (ndr_get_array_length(ndr, &r->in.user) > ndr_get_array_size(ndr, &r->in.user)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.user), ndr_get_array_length(ndr, &r->in.user)); ++ size_user_1 = ndr_get_array_size(ndr, &r->in.user); ++ length_user_1 = ndr_get_array_length(ndr, &r->in.user); ++ if (length_user_1 > size_user_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_user_1, length_user_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.user), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.user, ndr_get_array_length(ndr, &r->in.user), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_user_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.user, length_user_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user_0, 0); + } + } +@@ -15220,6 +15664,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareAdd(struct ndr_push *ndr, int f + static enum ndr_err_code ndr_pull_srvsvc_NetShareAdd(struct ndr_pull *ndr, int flags, struct srvsvc_NetShareAdd *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_parm_error; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_info_0; +@@ -15238,11 +15684,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareAdd(struct ndr_pull *ndr, int f + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); +@@ -15371,6 +15819,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareEnumAll(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_srvsvc_NetShareEnumAll(struct ndr_pull *ndr, int flags, struct srvsvc_NetShareEnumAll *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_resume_handle; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_info_ctr_0; +@@ -15390,11 +15840,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareEnumAll(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -15536,6 +15988,10 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareGetInfo(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_srvsvc_NetShareGetInfo(struct ndr_pull *ndr, int flags, struct srvsvc_NetShareGetInfo *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; ++ uint32_t size_share_name_0 = 0; ++ uint32_t length_share_name_0 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_info_0; + if (flags & NDR_IN) { +@@ -15552,20 +16008,24 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareGetInfo(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.share_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.share_name)); +- if (ndr_get_array_length(ndr, &r->in.share_name) > ndr_get_array_size(ndr, &r->in.share_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.share_name), ndr_get_array_length(ndr, &r->in.share_name)); ++ size_share_name_0 = ndr_get_array_size(ndr, &r->in.share_name); ++ length_share_name_0 = ndr_get_array_length(ndr, &r->in.share_name); ++ if (length_share_name_0 > size_share_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_share_name_0, length_share_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.share_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.share_name, ndr_get_array_length(ndr, &r->in.share_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_share_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.share_name, length_share_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); + NDR_PULL_ALLOC(ndr, r->out.info); + ZERO_STRUCTP(r->out.info); +@@ -15656,6 +16116,10 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareSetInfo(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_srvsvc_NetShareSetInfo(struct ndr_pull *ndr, int flags, struct srvsvc_NetShareSetInfo *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; ++ uint32_t size_share_name_0 = 0; ++ uint32_t length_share_name_0 = 0; + uint32_t _ptr_parm_error; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_info_0; +@@ -15674,20 +16138,24 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareSetInfo(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.share_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.share_name)); +- if (ndr_get_array_length(ndr, &r->in.share_name) > ndr_get_array_size(ndr, &r->in.share_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.share_name), ndr_get_array_length(ndr, &r->in.share_name)); ++ size_share_name_0 = ndr_get_array_size(ndr, &r->in.share_name); ++ length_share_name_0 = ndr_get_array_length(ndr, &r->in.share_name); ++ if (length_share_name_0 > size_share_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_share_name_0, length_share_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.share_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.share_name, ndr_get_array_length(ndr, &r->in.share_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_share_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.share_name, length_share_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.info); +@@ -15799,6 +16267,10 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareDel(struct ndr_push *ndr, int f + static enum ndr_err_code ndr_pull_srvsvc_NetShareDel(struct ndr_pull *ndr, int flags, struct srvsvc_NetShareDel *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; ++ uint32_t size_share_name_0 = 0; ++ uint32_t length_share_name_0 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_server_unc)); +@@ -15812,20 +16284,24 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareDel(struct ndr_pull *ndr, int f + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.share_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.share_name)); +- if (ndr_get_array_length(ndr, &r->in.share_name) > ndr_get_array_size(ndr, &r->in.share_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.share_name), ndr_get_array_length(ndr, &r->in.share_name)); ++ size_share_name_0 = ndr_get_array_size(ndr, &r->in.share_name); ++ length_share_name_0 = ndr_get_array_length(ndr, &r->in.share_name); ++ if (length_share_name_0 > size_share_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_share_name_0, length_share_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.share_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.share_name, ndr_get_array_length(ndr, &r->in.share_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_share_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.share_name, length_share_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.reserved)); + } + if (flags & NDR_OUT) { +@@ -15888,6 +16364,10 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareDelSticky(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetShareDelSticky(struct ndr_pull *ndr, int flags, struct srvsvc_NetShareDelSticky *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; ++ uint32_t size_share_name_0 = 0; ++ uint32_t length_share_name_0 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_server_unc)); +@@ -15901,20 +16381,24 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareDelSticky(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.share_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.share_name)); +- if (ndr_get_array_length(ndr, &r->in.share_name) > ndr_get_array_size(ndr, &r->in.share_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.share_name), ndr_get_array_length(ndr, &r->in.share_name)); ++ size_share_name_0 = ndr_get_array_size(ndr, &r->in.share_name); ++ length_share_name_0 = ndr_get_array_length(ndr, &r->in.share_name); ++ if (length_share_name_0 > size_share_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_share_name_0, length_share_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.share_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.share_name, ndr_get_array_length(ndr, &r->in.share_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_share_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.share_name, length_share_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.reserved)); + } + if (flags & NDR_OUT) { +@@ -15980,6 +16464,10 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareCheck(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetShareCheck(struct ndr_pull *ndr, int flags, struct srvsvc_NetShareCheck *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; ++ uint32_t size_device_name_0 = 0; ++ uint32_t length_device_name_0 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_type_0; + if (flags & NDR_IN) { +@@ -15996,20 +16484,24 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareCheck(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.device_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.device_name)); +- if (ndr_get_array_length(ndr, &r->in.device_name) > ndr_get_array_size(ndr, &r->in.device_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.device_name), ndr_get_array_length(ndr, &r->in.device_name)); ++ size_device_name_0 = ndr_get_array_size(ndr, &r->in.device_name); ++ length_device_name_0 = ndr_get_array_length(ndr, &r->in.device_name); ++ if (length_device_name_0 > size_device_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_device_name_0, length_device_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.device_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.device_name, ndr_get_array_length(ndr, &r->in.device_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_device_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.device_name, length_device_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_ALLOC(ndr, r->out.type); + ZERO_STRUCTP(r->out.type); + } +@@ -16084,6 +16576,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetSrvGetInfo(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetSrvGetInfo(struct ndr_pull *ndr, int flags, struct srvsvc_NetSrvGetInfo *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_info_0; + if (flags & NDR_IN) { +@@ -16100,11 +16594,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvGetInfo(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); +@@ -16192,6 +16688,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetSrvSetInfo(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetSrvSetInfo(struct ndr_pull *ndr, int flags, struct srvsvc_NetSrvSetInfo *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_parm_error; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_info_0; +@@ -16210,11 +16708,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSrvSetInfo(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); +@@ -16344,6 +16844,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetDiskEnum(struct ndr_push *ndr, int f + static enum ndr_err_code ndr_pull_srvsvc_NetDiskEnum(struct ndr_pull *ndr, int flags, struct srvsvc_NetDiskEnum *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_resume_handle; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_info_0; +@@ -16363,11 +16865,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetDiskEnum(struct ndr_pull *ndr, int f + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); +@@ -16514,7 +17018,11 @@ static enum ndr_err_code ndr_push_srvsvc_NetServerStatisticsGet(struct ndr_push + static enum ndr_err_code ndr_pull_srvsvc_NetServerStatisticsGet(struct ndr_pull *ndr, int flags, struct srvsvc_NetServerStatisticsGet *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_service; ++ uint32_t size_service_1 = 0; ++ uint32_t length_service_1 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_service_0; + TALLOC_CTX *_mem_save_stats_0; +@@ -16532,11 +17040,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetServerStatisticsGet(struct ndr_pull + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_service)); +@@ -16550,11 +17060,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetServerStatisticsGet(struct ndr_pull + NDR_PULL_SET_MEM_CTX(ndr, r->in.service, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.service)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.service)); +- if (ndr_get_array_length(ndr, &r->in.service) > ndr_get_array_size(ndr, &r->in.service)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.service), ndr_get_array_length(ndr, &r->in.service)); ++ size_service_1 = ndr_get_array_size(ndr, &r->in.service); ++ length_service_1 = ndr_get_array_length(ndr, &r->in.service); ++ if (length_service_1 > size_service_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_service_1, length_service_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.service), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.service, ndr_get_array_length(ndr, &r->in.service), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_service_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.service, length_service_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_service_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); +@@ -16637,6 +17149,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetTransportAdd(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_srvsvc_NetTransportAdd(struct ndr_pull *ndr, int flags, struct srvsvc_NetTransportAdd *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_server_unc)); +@@ -16650,11 +17164,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportAdd(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); +@@ -16748,6 +17264,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetTransportEnum(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetTransportEnum(struct ndr_pull *ndr, int flags, struct srvsvc_NetTransportEnum *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_resume_handle; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_level_0; +@@ -16768,11 +17286,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportEnum(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -16934,6 +17454,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetTransportDel(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_srvsvc_NetTransportDel(struct ndr_pull *ndr, int flags, struct srvsvc_NetTransportDel *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_server_unc)); +@@ -16947,11 +17469,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetTransportDel(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.unknown)); +@@ -17019,6 +17543,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetRemoteTOD(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetRemoteTOD(struct ndr_pull *ndr, int flags, struct srvsvc_NetRemoteTOD *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_info; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_info_0; +@@ -17037,11 +17563,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetRemoteTOD(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_PULL_ALLOC(ndr, r->out.info); +@@ -17136,7 +17664,11 @@ static enum ndr_err_code ndr_push_srvsvc_NetSetServiceBits(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetSetServiceBits(struct ndr_pull *ndr, int flags, struct srvsvc_NetSetServiceBits *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_transport; ++ uint32_t size_transport_1 = 0; ++ uint32_t length_transport_1 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_transport_0; + if (flags & NDR_IN) { +@@ -17151,11 +17683,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSetServiceBits(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_transport)); +@@ -17169,11 +17703,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSetServiceBits(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.transport, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.transport)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.transport)); +- if (ndr_get_array_length(ndr, &r->in.transport) > ndr_get_array_size(ndr, &r->in.transport)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.transport), ndr_get_array_length(ndr, &r->in.transport)); ++ size_transport_1 = ndr_get_array_size(ndr, &r->in.transport); ++ length_transport_1 = ndr_get_array_length(ndr, &r->in.transport); ++ if (length_transport_1 > size_transport_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_transport_1, length_transport_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.transport), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.transport, ndr_get_array_length(ndr, &r->in.transport), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_transport_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.transport, length_transport_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_transport_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.servicebits)); +@@ -17249,6 +17785,10 @@ static enum ndr_err_code ndr_push_srvsvc_NetPathType(struct ndr_push *ndr, int f + static enum ndr_err_code ndr_pull_srvsvc_NetPathType(struct ndr_pull *ndr, int flags, struct srvsvc_NetPathType *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; ++ uint32_t size_path_0 = 0; ++ uint32_t length_path_0 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_pathtype_0; + if (flags & NDR_IN) { +@@ -17265,20 +17805,24 @@ static enum ndr_err_code ndr_pull_srvsvc_NetPathType(struct ndr_pull *ndr, int f + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.path)); +- if (ndr_get_array_length(ndr, &r->in.path) > ndr_get_array_size(ndr, &r->in.path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.path), ndr_get_array_length(ndr, &r->in.path)); ++ size_path_0 = ndr_get_array_size(ndr, &r->in.path); ++ length_path_0 = ndr_get_array_length(ndr, &r->in.path); ++ if (length_path_0 > size_path_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_path_0, length_path_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.path, ndr_get_array_length(ndr, &r->in.path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_path_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.path, length_path_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.pathflags)); + NDR_PULL_ALLOC(ndr, r->out.pathtype); + ZERO_STRUCTP(r->out.pathtype); +@@ -17369,6 +17913,13 @@ static enum ndr_err_code ndr_push_srvsvc_NetPathCanonicalize(struct ndr_push *nd + static enum ndr_err_code ndr_pull_srvsvc_NetPathCanonicalize(struct ndr_pull *ndr, int flags, struct srvsvc_NetPathCanonicalize *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; ++ uint32_t size_path_0 = 0; ++ uint32_t length_path_0 = 0; ++ uint32_t size_can_path_0 = 0; ++ uint32_t size_prefix_0 = 0; ++ uint32_t length_prefix_0 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_pathtype_0; + if (flags & NDR_IN) { +@@ -17385,28 +17936,34 @@ static enum ndr_err_code ndr_pull_srvsvc_NetPathCanonicalize(struct ndr_pull *nd + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.path)); +- if (ndr_get_array_length(ndr, &r->in.path) > ndr_get_array_size(ndr, &r->in.path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.path), ndr_get_array_length(ndr, &r->in.path)); ++ size_path_0 = ndr_get_array_size(ndr, &r->in.path); ++ length_path_0 = ndr_get_array_length(ndr, &r->in.path); ++ if (length_path_0 > size_path_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_path_0, length_path_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.path, ndr_get_array_length(ndr, &r->in.path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_path_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.path, length_path_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.maxbuf)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.prefix)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.prefix)); +- if (ndr_get_array_length(ndr, &r->in.prefix) > ndr_get_array_size(ndr, &r->in.prefix)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.prefix), ndr_get_array_length(ndr, &r->in.prefix)); ++ size_prefix_0 = ndr_get_array_size(ndr, &r->in.prefix); ++ length_prefix_0 = ndr_get_array_length(ndr, &r->in.prefix); ++ if (length_prefix_0 > size_prefix_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_prefix_0, length_prefix_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.prefix), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.prefix, ndr_get_array_length(ndr, &r->in.prefix), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_prefix_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.prefix, length_prefix_0, sizeof(uint16_t), CH_UTF16)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.pathtype); + } +@@ -17420,8 +17977,9 @@ static enum ndr_err_code ndr_pull_srvsvc_NetPathCanonicalize(struct ndr_pull *nd + } + if (flags & NDR_OUT) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->out.can_path)); +- NDR_PULL_ALLOC_N(ndr, r->out.can_path, ndr_get_array_size(ndr, &r->out.can_path)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.can_path, ndr_get_array_size(ndr, &r->out.can_path))); ++ size_can_path_0 = ndr_get_array_size(ndr, &r->out.can_path); ++ NDR_PULL_ALLOC_N(ndr, r->out.can_path, size_can_path_0); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.can_path, size_can_path_0)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.pathtype); + } +@@ -17507,6 +18065,12 @@ static enum ndr_err_code ndr_push_srvsvc_NetPathCompare(struct ndr_push *ndr, in + static enum ndr_err_code ndr_pull_srvsvc_NetPathCompare(struct ndr_pull *ndr, int flags, struct srvsvc_NetPathCompare *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; ++ uint32_t size_path1_0 = 0; ++ uint32_t length_path1_0 = 0; ++ uint32_t size_path2_0 = 0; ++ uint32_t length_path2_0 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_server_unc)); +@@ -17520,27 +18084,33 @@ static enum ndr_err_code ndr_pull_srvsvc_NetPathCompare(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.path1)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.path1)); +- if (ndr_get_array_length(ndr, &r->in.path1) > ndr_get_array_size(ndr, &r->in.path1)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.path1), ndr_get_array_length(ndr, &r->in.path1)); ++ size_path1_0 = ndr_get_array_size(ndr, &r->in.path1); ++ length_path1_0 = ndr_get_array_length(ndr, &r->in.path1); ++ if (length_path1_0 > size_path1_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_path1_0, length_path1_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.path1), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.path1, ndr_get_array_length(ndr, &r->in.path1), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_path1_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.path1, length_path1_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.path2)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.path2)); +- if (ndr_get_array_length(ndr, &r->in.path2) > ndr_get_array_size(ndr, &r->in.path2)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.path2), ndr_get_array_length(ndr, &r->in.path2)); ++ size_path2_0 = ndr_get_array_size(ndr, &r->in.path2); ++ length_path2_0 = ndr_get_array_length(ndr, &r->in.path2); ++ if (length_path2_0 > size_path2_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_path2_0, length_path2_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.path2), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.path2, ndr_get_array_length(ndr, &r->in.path2), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_path2_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.path2, length_path2_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.pathtype)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.pathflags)); + } +@@ -17607,6 +18177,10 @@ static enum ndr_err_code ndr_push_srvsvc_NetNameValidate(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_srvsvc_NetNameValidate(struct ndr_pull *ndr, int flags, struct srvsvc_NetNameValidate *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; ++ uint32_t size_name_0 = 0; ++ uint32_t length_name_0 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_server_unc)); +@@ -17620,20 +18194,24 @@ static enum ndr_err_code ndr_pull_srvsvc_NetNameValidate(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.name)); +- if (ndr_get_array_length(ndr, &r->in.name) > ndr_get_array_size(ndr, &r->in.name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.name), ndr_get_array_length(ndr, &r->in.name)); ++ size_name_0 = ndr_get_array_size(ndr, &r->in.name); ++ length_name_0 = ndr_get_array_length(ndr, &r->in.name); ++ if (length_name_0 > size_name_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_0, length_name_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.name, ndr_get_array_length(ndr, &r->in.name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.name, length_name_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.name_type)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.flags)); + } +@@ -17744,6 +18322,12 @@ static enum ndr_err_code ndr_push_srvsvc_NetPRNameCompare(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetPRNameCompare(struct ndr_pull *ndr, int flags, struct srvsvc_NetPRNameCompare *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; ++ uint32_t size_name1_0 = 0; ++ uint32_t length_name1_0 = 0; ++ uint32_t size_name2_0 = 0; ++ uint32_t length_name2_0 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_server_unc)); +@@ -17757,27 +18341,33 @@ static enum ndr_err_code ndr_pull_srvsvc_NetPRNameCompare(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.name1)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.name1)); +- if (ndr_get_array_length(ndr, &r->in.name1) > ndr_get_array_size(ndr, &r->in.name1)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.name1), ndr_get_array_length(ndr, &r->in.name1)); ++ size_name1_0 = ndr_get_array_size(ndr, &r->in.name1); ++ length_name1_0 = ndr_get_array_length(ndr, &r->in.name1); ++ if (length_name1_0 > size_name1_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name1_0, length_name1_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.name1), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.name1, ndr_get_array_length(ndr, &r->in.name1), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name1_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.name1, length_name1_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.name2)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.name2)); +- if (ndr_get_array_length(ndr, &r->in.name2) > ndr_get_array_size(ndr, &r->in.name2)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.name2), ndr_get_array_length(ndr, &r->in.name2)); ++ size_name2_0 = ndr_get_array_size(ndr, &r->in.name2); ++ length_name2_0 = ndr_get_array_length(ndr, &r->in.name2); ++ if (length_name2_0 > size_name2_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name2_0, length_name2_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.name2), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.name2, ndr_get_array_length(ndr, &r->in.name2), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name2_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.name2, length_name2_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.name_type)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.flags)); + } +@@ -17859,6 +18449,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareEnum(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_srvsvc_NetShareEnum(struct ndr_pull *ndr, int flags, struct srvsvc_NetShareEnum *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_resume_handle; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_info_ctr_0; +@@ -17878,11 +18470,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareEnum(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -18023,6 +18617,10 @@ static enum ndr_err_code ndr_push_srvsvc_NetShareDelStart(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_srvsvc_NetShareDelStart(struct ndr_pull *ndr, int flags, struct srvsvc_NetShareDelStart *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; ++ uint32_t size_share_0 = 0; ++ uint32_t length_share_0 = 0; + uint32_t _ptr_hnd; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_hnd_0; +@@ -18040,20 +18638,24 @@ static enum ndr_err_code ndr_pull_srvsvc_NetShareDelStart(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.share)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.share)); +- if (ndr_get_array_length(ndr, &r->in.share) > ndr_get_array_size(ndr, &r->in.share)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.share), ndr_get_array_length(ndr, &r->in.share)); ++ size_share_0 = ndr_get_array_size(ndr, &r->in.share); ++ length_share_0 = ndr_get_array_length(ndr, &r->in.share); ++ if (length_share_0 > size_share_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_share_0, length_share_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.share), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.share, ndr_get_array_length(ndr, &r->in.share), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_share_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.share, length_share_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.reserved)); + } + if (flags & NDR_OUT) { +@@ -18237,7 +18839,13 @@ static enum ndr_err_code ndr_push_srvsvc_NetGetFileSecurity(struct ndr_push *ndr + static enum ndr_err_code ndr_pull_srvsvc_NetGetFileSecurity(struct ndr_pull *ndr, int flags, struct srvsvc_NetGetFileSecurity *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_share; ++ uint32_t size_share_1 = 0; ++ uint32_t length_share_1 = 0; ++ uint32_t size_file_0 = 0; ++ uint32_t length_file_0 = 0; + uint32_t _ptr_sd_buf; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_share_0; +@@ -18257,11 +18865,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetGetFileSecurity(struct ndr_pull *ndr + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_share)); +@@ -18275,20 +18885,24 @@ static enum ndr_err_code ndr_pull_srvsvc_NetGetFileSecurity(struct ndr_pull *ndr + NDR_PULL_SET_MEM_CTX(ndr, r->in.share, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.share)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.share)); +- if (ndr_get_array_length(ndr, &r->in.share) > ndr_get_array_size(ndr, &r->in.share)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.share), ndr_get_array_length(ndr, &r->in.share)); ++ size_share_1 = ndr_get_array_size(ndr, &r->in.share); ++ length_share_1 = ndr_get_array_length(ndr, &r->in.share); ++ if (length_share_1 > size_share_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_share_1, length_share_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.share), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.share, ndr_get_array_length(ndr, &r->in.share), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_share_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.share, length_share_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_share_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.file)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.file)); +- if (ndr_get_array_length(ndr, &r->in.file) > ndr_get_array_size(ndr, &r->in.file)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.file), ndr_get_array_length(ndr, &r->in.file)); ++ size_file_0 = ndr_get_array_size(ndr, &r->in.file); ++ length_file_0 = ndr_get_array_length(ndr, &r->in.file); ++ if (length_file_0 > size_file_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_file_0, length_file_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.file), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.file, ndr_get_array_length(ndr, &r->in.file), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_file_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.file, length_file_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_security_secinfo(ndr, NDR_SCALARS, &r->in.securityinformation)); + NDR_PULL_ALLOC(ndr, r->out.sd_buf); + ZERO_STRUCTP(r->out.sd_buf); +@@ -18397,7 +19011,13 @@ static enum ndr_err_code ndr_push_srvsvc_NetSetFileSecurity(struct ndr_push *ndr + static enum ndr_err_code ndr_pull_srvsvc_NetSetFileSecurity(struct ndr_pull *ndr, int flags, struct srvsvc_NetSetFileSecurity *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_share; ++ uint32_t size_share_1 = 0; ++ uint32_t length_share_1 = 0; ++ uint32_t size_file_0 = 0; ++ uint32_t length_file_0 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_share_0; + TALLOC_CTX *_mem_save_sd_buf_0; +@@ -18413,11 +19033,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSetFileSecurity(struct ndr_pull *ndr + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_share)); +@@ -18431,20 +19053,24 @@ static enum ndr_err_code ndr_pull_srvsvc_NetSetFileSecurity(struct ndr_pull *ndr + NDR_PULL_SET_MEM_CTX(ndr, r->in.share, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.share)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.share)); +- if (ndr_get_array_length(ndr, &r->in.share) > ndr_get_array_size(ndr, &r->in.share)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.share), ndr_get_array_length(ndr, &r->in.share)); ++ size_share_1 = ndr_get_array_size(ndr, &r->in.share); ++ length_share_1 = ndr_get_array_length(ndr, &r->in.share); ++ if (length_share_1 > size_share_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_share_1, length_share_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.share), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.share, ndr_get_array_length(ndr, &r->in.share), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_share_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.share, length_share_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_share_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.file)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.file)); +- if (ndr_get_array_length(ndr, &r->in.file) > ndr_get_array_size(ndr, &r->in.file)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.file), ndr_get_array_length(ndr, &r->in.file)); ++ size_file_0 = ndr_get_array_size(ndr, &r->in.file); ++ length_file_0 = ndr_get_array_length(ndr, &r->in.file); ++ if (length_file_0 > size_file_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_file_0, length_file_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.file), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.file, ndr_get_array_length(ndr, &r->in.file), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_file_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.file, length_file_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_security_secinfo(ndr, NDR_SCALARS, &r->in.securityinformation)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.sd_buf); +@@ -18522,6 +19148,8 @@ static enum ndr_err_code ndr_push_srvsvc_NetServerTransportAddEx(struct ndr_push + static enum ndr_err_code ndr_pull_srvsvc_NetServerTransportAddEx(struct ndr_pull *ndr, int flags, struct srvsvc_NetServerTransportAddEx *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_server_unc)); +@@ -18535,11 +19163,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetServerTransportAddEx(struct ndr_pull + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); +@@ -18619,8 +19249,14 @@ static enum ndr_err_code ndr_push_srvsvc_NetServerSetServiceBitsEx(struct ndr_pu + static enum ndr_err_code ndr_pull_srvsvc_NetServerSetServiceBitsEx(struct ndr_pull *ndr, int flags, struct srvsvc_NetServerSetServiceBitsEx *r) + { + uint32_t _ptr_server_unc; ++ uint32_t size_server_unc_1 = 0; ++ uint32_t length_server_unc_1 = 0; + uint32_t _ptr_emulated_server_unc; ++ uint32_t size_emulated_server_unc_1 = 0; ++ uint32_t length_emulated_server_unc_1 = 0; + uint32_t _ptr_transport; ++ uint32_t size_transport_1 = 0; ++ uint32_t length_transport_1 = 0; + TALLOC_CTX *_mem_save_server_unc_0; + TALLOC_CTX *_mem_save_emulated_server_unc_0; + TALLOC_CTX *_mem_save_transport_0; +@@ -18636,11 +19272,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetServerSetServiceBitsEx(struct ndr_pu + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_unc)); +- if (ndr_get_array_length(ndr, &r->in.server_unc) > ndr_get_array_size(ndr, &r->in.server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_unc), ndr_get_array_length(ndr, &r->in.server_unc)); ++ size_server_unc_1 = ndr_get_array_size(ndr, &r->in.server_unc); ++ length_server_unc_1 = ndr_get_array_length(ndr, &r->in.server_unc); ++ if (length_server_unc_1 > size_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_unc_1, length_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, ndr_get_array_length(ndr, &r->in.server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_unc, length_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_emulated_server_unc)); +@@ -18654,11 +19292,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetServerSetServiceBitsEx(struct ndr_pu + NDR_PULL_SET_MEM_CTX(ndr, r->in.emulated_server_unc, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.emulated_server_unc)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.emulated_server_unc)); +- if (ndr_get_array_length(ndr, &r->in.emulated_server_unc) > ndr_get_array_size(ndr, &r->in.emulated_server_unc)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.emulated_server_unc), ndr_get_array_length(ndr, &r->in.emulated_server_unc)); ++ size_emulated_server_unc_1 = ndr_get_array_size(ndr, &r->in.emulated_server_unc); ++ length_emulated_server_unc_1 = ndr_get_array_length(ndr, &r->in.emulated_server_unc); ++ if (length_emulated_server_unc_1 > size_emulated_server_unc_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_emulated_server_unc_1, length_emulated_server_unc_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.emulated_server_unc), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.emulated_server_unc, ndr_get_array_length(ndr, &r->in.emulated_server_unc), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_emulated_server_unc_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.emulated_server_unc, length_emulated_server_unc_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_emulated_server_unc_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_transport)); +@@ -18672,11 +19312,13 @@ static enum ndr_err_code ndr_pull_srvsvc_NetServerSetServiceBitsEx(struct ndr_pu + NDR_PULL_SET_MEM_CTX(ndr, r->in.transport, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.transport)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.transport)); +- if (ndr_get_array_length(ndr, &r->in.transport) > ndr_get_array_size(ndr, &r->in.transport)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.transport), ndr_get_array_length(ndr, &r->in.transport)); ++ size_transport_1 = ndr_get_array_size(ndr, &r->in.transport); ++ length_transport_1 = ndr_get_array_length(ndr, &r->in.transport); ++ if (length_transport_1 > size_transport_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_transport_1, length_transport_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.transport), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.transport, ndr_get_array_length(ndr, &r->in.transport), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_transport_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.transport, length_transport_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_transport_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.servicebitsofinterest)); +diff --git a/source/librpc/gen_ndr/ndr_svcctl.c b/source/librpc/gen_ndr/ndr_svcctl.c +index 8ceb6b0..a9dc07f 100644 +--- a/source/librpc/gen_ndr/ndr_svcctl.c ++++ b/source/librpc/gen_ndr/ndr_svcctl.c +@@ -25,6 +25,8 @@ static enum ndr_err_code ndr_push_SERVICE_LOCK_STATUS(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_SERVICE_LOCK_STATUS(struct ndr_pull *ndr, int ndr_flags, struct SERVICE_LOCK_STATUS *r) + { + uint32_t _ptr_lock_owner; ++ uint32_t size_lock_owner_1 = 0; ++ uint32_t length_lock_owner_1 = 0; + TALLOC_CTX *_mem_save_lock_owner_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -43,11 +45,13 @@ static enum ndr_err_code ndr_pull_SERVICE_LOCK_STATUS(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->lock_owner, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->lock_owner)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->lock_owner)); +- if (ndr_get_array_length(ndr, &r->lock_owner) > ndr_get_array_size(ndr, &r->lock_owner)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->lock_owner), ndr_get_array_length(ndr, &r->lock_owner)); ++ size_lock_owner_1 = ndr_get_array_size(ndr, &r->lock_owner); ++ length_lock_owner_1 = ndr_get_array_length(ndr, &r->lock_owner); ++ if (length_lock_owner_1 > size_lock_owner_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_lock_owner_1, length_lock_owner_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->lock_owner), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->lock_owner, ndr_get_array_length(ndr, &r->lock_owner), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_lock_owner_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->lock_owner, length_lock_owner_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_lock_owner_0, 0); + } + } +@@ -612,6 +616,7 @@ static enum ndr_err_code ndr_push_svcctl_QueryServiceObjectSecurity(struct ndr_p + + static enum ndr_err_code ndr_pull_svcctl_QueryServiceObjectSecurity(struct ndr_pull *ndr, int flags, struct svcctl_QueryServiceObjectSecurity *r) + { ++ uint32_t size_buffer_1 = 0; + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_needed_0; + if (flags & NDR_IN) { +@@ -636,10 +641,11 @@ static enum ndr_err_code ndr_pull_svcctl_QueryServiceObjectSecurity(struct ndr_p + } + if (flags & NDR_OUT) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->out.buffer)); ++ size_buffer_1 = ndr_get_array_size(ndr, &r->out.buffer); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +- NDR_PULL_ALLOC_N(ndr, r->out.buffer, ndr_get_array_size(ndr, &r->out.buffer)); ++ NDR_PULL_ALLOC_N(ndr, r->out.buffer, size_buffer_1); + } +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.buffer, ndr_get_array_size(ndr, &r->out.buffer))); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.buffer, size_buffer_1)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.needed); + } +@@ -716,6 +722,7 @@ static enum ndr_err_code ndr_push_svcctl_SetServiceObjectSecurity(struct ndr_pus + + static enum ndr_err_code ndr_pull_svcctl_SetServiceObjectSecurity(struct ndr_pull *ndr, int flags, struct svcctl_SetServiceObjectSecurity *r) + { ++ uint32_t size_buffer_1 = 0; + TALLOC_CTX *_mem_save_handle_0; + if (flags & NDR_IN) { + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -727,10 +734,11 @@ static enum ndr_err_code ndr_pull_svcctl_SetServiceObjectSecurity(struct ndr_pul + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_handle_0, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.security_flags)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.buffer)); ++ size_buffer_1 = ndr_get_array_size(ndr, &r->in.buffer); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +- NDR_PULL_ALLOC_N(ndr, r->in.buffer, ndr_get_array_size(ndr, &r->in.buffer)); ++ NDR_PULL_ALLOC_N(ndr, r->in.buffer, size_buffer_1); + } +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.buffer, ndr_get_array_size(ndr, &r->in.buffer))); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.buffer, size_buffer_1)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.buffer_size)); + if (r->in.buffer) { + NDR_CHECK(ndr_check_array_size(ndr, (void*)&r->in.buffer, r->in.buffer_size)); +@@ -1140,11 +1148,23 @@ static enum ndr_err_code ndr_push_svcctl_ChangeServiceConfigW(struct ndr_push *n + static enum ndr_err_code ndr_pull_svcctl_ChangeServiceConfigW(struct ndr_pull *ndr, int flags, struct svcctl_ChangeServiceConfigW *r) + { + uint32_t _ptr_binary_path; ++ uint32_t size_binary_path_1 = 0; ++ uint32_t length_binary_path_1 = 0; + uint32_t _ptr_load_order_group; ++ uint32_t size_load_order_group_1 = 0; ++ uint32_t length_load_order_group_1 = 0; + uint32_t _ptr_dependencies; ++ uint32_t size_dependencies_1 = 0; ++ uint32_t length_dependencies_1 = 0; + uint32_t _ptr_service_start_name; ++ uint32_t size_service_start_name_1 = 0; ++ uint32_t length_service_start_name_1 = 0; + uint32_t _ptr_password; ++ uint32_t size_password_1 = 0; ++ uint32_t length_password_1 = 0; + uint32_t _ptr_display_name; ++ uint32_t size_display_name_1 = 0; ++ uint32_t length_display_name_1 = 0; + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_binary_path_0; + TALLOC_CTX *_mem_save_load_order_group_0; +@@ -1177,11 +1197,13 @@ static enum ndr_err_code ndr_pull_svcctl_ChangeServiceConfigW(struct ndr_pull *n + NDR_PULL_SET_MEM_CTX(ndr, r->in.binary_path, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.binary_path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.binary_path)); +- if (ndr_get_array_length(ndr, &r->in.binary_path) > ndr_get_array_size(ndr, &r->in.binary_path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.binary_path), ndr_get_array_length(ndr, &r->in.binary_path)); ++ size_binary_path_1 = ndr_get_array_size(ndr, &r->in.binary_path); ++ length_binary_path_1 = ndr_get_array_length(ndr, &r->in.binary_path); ++ if (length_binary_path_1 > size_binary_path_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_binary_path_1, length_binary_path_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.binary_path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.binary_path, ndr_get_array_length(ndr, &r->in.binary_path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_binary_path_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.binary_path, length_binary_path_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_binary_path_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_load_order_group)); +@@ -1195,11 +1217,13 @@ static enum ndr_err_code ndr_pull_svcctl_ChangeServiceConfigW(struct ndr_pull *n + NDR_PULL_SET_MEM_CTX(ndr, r->in.load_order_group, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.load_order_group)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.load_order_group)); +- if (ndr_get_array_length(ndr, &r->in.load_order_group) > ndr_get_array_size(ndr, &r->in.load_order_group)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.load_order_group), ndr_get_array_length(ndr, &r->in.load_order_group)); ++ size_load_order_group_1 = ndr_get_array_size(ndr, &r->in.load_order_group); ++ length_load_order_group_1 = ndr_get_array_length(ndr, &r->in.load_order_group); ++ if (length_load_order_group_1 > size_load_order_group_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_load_order_group_1, length_load_order_group_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.load_order_group), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.load_order_group, ndr_get_array_length(ndr, &r->in.load_order_group), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_load_order_group_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.load_order_group, length_load_order_group_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_load_order_group_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_dependencies)); +@@ -1213,11 +1237,13 @@ static enum ndr_err_code ndr_pull_svcctl_ChangeServiceConfigW(struct ndr_pull *n + NDR_PULL_SET_MEM_CTX(ndr, r->in.dependencies, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.dependencies)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.dependencies)); +- if (ndr_get_array_length(ndr, &r->in.dependencies) > ndr_get_array_size(ndr, &r->in.dependencies)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.dependencies), ndr_get_array_length(ndr, &r->in.dependencies)); ++ size_dependencies_1 = ndr_get_array_size(ndr, &r->in.dependencies); ++ length_dependencies_1 = ndr_get_array_length(ndr, &r->in.dependencies); ++ if (length_dependencies_1 > size_dependencies_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dependencies_1, length_dependencies_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.dependencies), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dependencies, ndr_get_array_length(ndr, &r->in.dependencies), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dependencies_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dependencies, length_dependencies_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_dependencies_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_service_start_name)); +@@ -1231,11 +1257,13 @@ static enum ndr_err_code ndr_pull_svcctl_ChangeServiceConfigW(struct ndr_pull *n + NDR_PULL_SET_MEM_CTX(ndr, r->in.service_start_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.service_start_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.service_start_name)); +- if (ndr_get_array_length(ndr, &r->in.service_start_name) > ndr_get_array_size(ndr, &r->in.service_start_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.service_start_name), ndr_get_array_length(ndr, &r->in.service_start_name)); ++ size_service_start_name_1 = ndr_get_array_size(ndr, &r->in.service_start_name); ++ length_service_start_name_1 = ndr_get_array_length(ndr, &r->in.service_start_name); ++ if (length_service_start_name_1 > size_service_start_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_service_start_name_1, length_service_start_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.service_start_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.service_start_name, ndr_get_array_length(ndr, &r->in.service_start_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_service_start_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.service_start_name, length_service_start_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_service_start_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_password)); +@@ -1249,11 +1277,13 @@ static enum ndr_err_code ndr_pull_svcctl_ChangeServiceConfigW(struct ndr_pull *n + NDR_PULL_SET_MEM_CTX(ndr, r->in.password, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.password)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.password)); +- if (ndr_get_array_length(ndr, &r->in.password) > ndr_get_array_size(ndr, &r->in.password)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.password), ndr_get_array_length(ndr, &r->in.password)); ++ size_password_1 = ndr_get_array_size(ndr, &r->in.password); ++ length_password_1 = ndr_get_array_length(ndr, &r->in.password); ++ if (length_password_1 > size_password_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_password_1, length_password_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.password), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.password, ndr_get_array_length(ndr, &r->in.password), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_password_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.password, length_password_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_password_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_display_name)); +@@ -1267,11 +1297,13 @@ static enum ndr_err_code ndr_pull_svcctl_ChangeServiceConfigW(struct ndr_pull *n + NDR_PULL_SET_MEM_CTX(ndr, r->in.display_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.display_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.display_name)); +- if (ndr_get_array_length(ndr, &r->in.display_name) > ndr_get_array_size(ndr, &r->in.display_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.display_name), ndr_get_array_length(ndr, &r->in.display_name)); ++ size_display_name_1 = ndr_get_array_size(ndr, &r->in.display_name); ++ length_display_name_1 = ndr_get_array_length(ndr, &r->in.display_name); ++ if (length_display_name_1 > size_display_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_display_name_1, length_display_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.display_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.display_name, ndr_get_array_length(ndr, &r->in.display_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_display_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.display_name, length_display_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_display_name_0, 0); + } + NDR_PULL_ALLOC(ndr, r->out.tag_id); +@@ -1431,12 +1463,24 @@ static enum ndr_err_code ndr_push_svcctl_CreateServiceW(struct ndr_push *ndr, in + + static enum ndr_err_code ndr_pull_svcctl_CreateServiceW(struct ndr_pull *ndr, int flags, struct svcctl_CreateServiceW *r) + { ++ uint32_t size_ServiceName_0 = 0; ++ uint32_t length_ServiceName_0 = 0; + uint32_t _ptr_DisplayName; ++ uint32_t size_DisplayName_1 = 0; ++ uint32_t length_DisplayName_1 = 0; ++ uint32_t size_binary_path_0 = 0; ++ uint32_t length_binary_path_0 = 0; + uint32_t _ptr_LoadOrderGroupKey; ++ uint32_t size_LoadOrderGroupKey_1 = 0; ++ uint32_t length_LoadOrderGroupKey_1 = 0; + uint32_t _ptr_TagId; + uint32_t _ptr_dependencies; ++ uint32_t size_dependencies_1 = 0; + uint32_t _ptr_service_start_name; ++ uint32_t size_service_start_name_1 = 0; ++ uint32_t length_service_start_name_1 = 0; + uint32_t _ptr_password; ++ uint32_t size_password_1 = 0; + TALLOC_CTX *_mem_save_scmanager_handle_0; + TALLOC_CTX *_mem_save_DisplayName_0; + TALLOC_CTX *_mem_save_LoadOrderGroupKey_0; +@@ -1457,11 +1501,13 @@ static enum ndr_err_code ndr_pull_svcctl_CreateServiceW(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_scmanager_handle_0, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.ServiceName)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.ServiceName)); +- if (ndr_get_array_length(ndr, &r->in.ServiceName) > ndr_get_array_size(ndr, &r->in.ServiceName)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.ServiceName), ndr_get_array_length(ndr, &r->in.ServiceName)); ++ size_ServiceName_0 = ndr_get_array_size(ndr, &r->in.ServiceName); ++ length_ServiceName_0 = ndr_get_array_length(ndr, &r->in.ServiceName); ++ if (length_ServiceName_0 > size_ServiceName_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_ServiceName_0, length_ServiceName_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.ServiceName), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.ServiceName, ndr_get_array_length(ndr, &r->in.ServiceName), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_ServiceName_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.ServiceName, length_ServiceName_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_DisplayName)); + if (_ptr_DisplayName) { + NDR_PULL_ALLOC(ndr, r->in.DisplayName); +@@ -1473,11 +1519,13 @@ static enum ndr_err_code ndr_pull_svcctl_CreateServiceW(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.DisplayName, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.DisplayName)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.DisplayName)); +- if (ndr_get_array_length(ndr, &r->in.DisplayName) > ndr_get_array_size(ndr, &r->in.DisplayName)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.DisplayName), ndr_get_array_length(ndr, &r->in.DisplayName)); ++ size_DisplayName_1 = ndr_get_array_size(ndr, &r->in.DisplayName); ++ length_DisplayName_1 = ndr_get_array_length(ndr, &r->in.DisplayName); ++ if (length_DisplayName_1 > size_DisplayName_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_DisplayName_1, length_DisplayName_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.DisplayName), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.DisplayName, ndr_get_array_length(ndr, &r->in.DisplayName), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_DisplayName_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.DisplayName, length_DisplayName_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_DisplayName_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.desired_access)); +@@ -1486,11 +1534,13 @@ static enum ndr_err_code ndr_pull_svcctl_CreateServiceW(struct ndr_pull *ndr, in + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.error_control)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.binary_path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.binary_path)); +- if (ndr_get_array_length(ndr, &r->in.binary_path) > ndr_get_array_size(ndr, &r->in.binary_path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.binary_path), ndr_get_array_length(ndr, &r->in.binary_path)); ++ size_binary_path_0 = ndr_get_array_size(ndr, &r->in.binary_path); ++ length_binary_path_0 = ndr_get_array_length(ndr, &r->in.binary_path); ++ if (length_binary_path_0 > size_binary_path_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_binary_path_0, length_binary_path_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.binary_path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.binary_path, ndr_get_array_length(ndr, &r->in.binary_path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_binary_path_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.binary_path, length_binary_path_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_LoadOrderGroupKey)); + if (_ptr_LoadOrderGroupKey) { + NDR_PULL_ALLOC(ndr, r->in.LoadOrderGroupKey); +@@ -1502,11 +1552,13 @@ static enum ndr_err_code ndr_pull_svcctl_CreateServiceW(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.LoadOrderGroupKey, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.LoadOrderGroupKey)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.LoadOrderGroupKey)); +- if (ndr_get_array_length(ndr, &r->in.LoadOrderGroupKey) > ndr_get_array_size(ndr, &r->in.LoadOrderGroupKey)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.LoadOrderGroupKey), ndr_get_array_length(ndr, &r->in.LoadOrderGroupKey)); ++ size_LoadOrderGroupKey_1 = ndr_get_array_size(ndr, &r->in.LoadOrderGroupKey); ++ length_LoadOrderGroupKey_1 = ndr_get_array_length(ndr, &r->in.LoadOrderGroupKey); ++ if (length_LoadOrderGroupKey_1 > size_LoadOrderGroupKey_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_LoadOrderGroupKey_1, length_LoadOrderGroupKey_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.LoadOrderGroupKey), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.LoadOrderGroupKey, ndr_get_array_length(ndr, &r->in.LoadOrderGroupKey), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_LoadOrderGroupKey_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.LoadOrderGroupKey, length_LoadOrderGroupKey_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_LoadOrderGroupKey_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_TagId)); +@@ -1531,8 +1583,9 @@ static enum ndr_err_code ndr_pull_svcctl_CreateServiceW(struct ndr_pull *ndr, in + _mem_save_dependencies_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.dependencies, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.dependencies)); +- NDR_PULL_ALLOC_N(ndr, r->in.dependencies, ndr_get_array_size(ndr, &r->in.dependencies)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.dependencies, ndr_get_array_size(ndr, &r->in.dependencies))); ++ size_dependencies_1 = ndr_get_array_size(ndr, &r->in.dependencies); ++ NDR_PULL_ALLOC_N(ndr, r->in.dependencies, size_dependencies_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.dependencies, size_dependencies_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_dependencies_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.dependencies_size)); +@@ -1547,11 +1600,13 @@ static enum ndr_err_code ndr_pull_svcctl_CreateServiceW(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.service_start_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.service_start_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.service_start_name)); +- if (ndr_get_array_length(ndr, &r->in.service_start_name) > ndr_get_array_size(ndr, &r->in.service_start_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.service_start_name), ndr_get_array_length(ndr, &r->in.service_start_name)); ++ size_service_start_name_1 = ndr_get_array_size(ndr, &r->in.service_start_name); ++ length_service_start_name_1 = ndr_get_array_length(ndr, &r->in.service_start_name); ++ if (length_service_start_name_1 > size_service_start_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_service_start_name_1, length_service_start_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.service_start_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.service_start_name, ndr_get_array_length(ndr, &r->in.service_start_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_service_start_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.service_start_name, length_service_start_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_service_start_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_password)); +@@ -1564,8 +1619,9 @@ static enum ndr_err_code ndr_pull_svcctl_CreateServiceW(struct ndr_pull *ndr, in + _mem_save_password_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.password, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.password)); +- NDR_PULL_ALLOC_N(ndr, r->in.password, ndr_get_array_size(ndr, &r->in.password)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.password, ndr_get_array_size(ndr, &r->in.password))); ++ size_password_1 = ndr_get_array_size(ndr, &r->in.password); ++ NDR_PULL_ALLOC_N(ndr, r->in.password, size_password_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.password, size_password_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_password_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.password_size)); +@@ -1844,6 +1900,7 @@ static enum ndr_err_code ndr_push_svcctl_EnumServicesStatusW(struct ndr_push *nd + + static enum ndr_err_code ndr_pull_svcctl_EnumServicesStatusW(struct ndr_pull *ndr, int flags, struct svcctl_EnumServicesStatusW *r) + { ++ uint32_t size_service_0 = 0; + uint32_t _ptr_resume_handle; + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_bytes_needed_0; +@@ -1881,8 +1938,9 @@ static enum ndr_err_code ndr_pull_svcctl_EnumServicesStatusW(struct ndr_pull *nd + } + if (flags & NDR_OUT) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->out.service)); +- NDR_PULL_ALLOC_N(ndr, r->out.service, ndr_get_array_size(ndr, &r->out.service)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.service, ndr_get_array_size(ndr, &r->out.service))); ++ size_service_0 = ndr_get_array_size(ndr, &r->out.service); ++ NDR_PULL_ALLOC_N(ndr, r->out.service, size_service_0); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.service, size_service_0)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.bytes_needed); + } +@@ -1998,7 +2056,11 @@ static enum ndr_err_code ndr_push_svcctl_OpenSCManagerW(struct ndr_push *ndr, in + static enum ndr_err_code ndr_pull_svcctl_OpenSCManagerW(struct ndr_pull *ndr, int flags, struct svcctl_OpenSCManagerW *r) + { + uint32_t _ptr_MachineName; ++ uint32_t size_MachineName_1 = 0; ++ uint32_t length_MachineName_1 = 0; + uint32_t _ptr_DatabaseName; ++ uint32_t size_DatabaseName_1 = 0; ++ uint32_t length_DatabaseName_1 = 0; + TALLOC_CTX *_mem_save_MachineName_0; + TALLOC_CTX *_mem_save_DatabaseName_0; + TALLOC_CTX *_mem_save_handle_0; +@@ -2016,11 +2078,13 @@ static enum ndr_err_code ndr_pull_svcctl_OpenSCManagerW(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.MachineName, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.MachineName)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.MachineName)); +- if (ndr_get_array_length(ndr, &r->in.MachineName) > ndr_get_array_size(ndr, &r->in.MachineName)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.MachineName), ndr_get_array_length(ndr, &r->in.MachineName)); ++ size_MachineName_1 = ndr_get_array_size(ndr, &r->in.MachineName); ++ length_MachineName_1 = ndr_get_array_length(ndr, &r->in.MachineName); ++ if (length_MachineName_1 > size_MachineName_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_MachineName_1, length_MachineName_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.MachineName), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.MachineName, ndr_get_array_length(ndr, &r->in.MachineName), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_MachineName_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.MachineName, length_MachineName_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_MachineName_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_DatabaseName)); +@@ -2034,11 +2098,13 @@ static enum ndr_err_code ndr_pull_svcctl_OpenSCManagerW(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.DatabaseName, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.DatabaseName)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.DatabaseName)); +- if (ndr_get_array_length(ndr, &r->in.DatabaseName) > ndr_get_array_size(ndr, &r->in.DatabaseName)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.DatabaseName), ndr_get_array_length(ndr, &r->in.DatabaseName)); ++ size_DatabaseName_1 = ndr_get_array_size(ndr, &r->in.DatabaseName); ++ length_DatabaseName_1 = ndr_get_array_length(ndr, &r->in.DatabaseName); ++ if (length_DatabaseName_1 > size_DatabaseName_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_DatabaseName_1, length_DatabaseName_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.DatabaseName), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.DatabaseName, ndr_get_array_length(ndr, &r->in.DatabaseName), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_DatabaseName_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.DatabaseName, length_DatabaseName_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_DatabaseName_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.access_mask)); +@@ -2121,6 +2187,8 @@ static enum ndr_err_code ndr_push_svcctl_OpenServiceW(struct ndr_push *ndr, int + + static enum ndr_err_code ndr_pull_svcctl_OpenServiceW(struct ndr_pull *ndr, int flags, struct svcctl_OpenServiceW *r) + { ++ uint32_t size_ServiceName_0 = 0; ++ uint32_t length_ServiceName_0 = 0; + TALLOC_CTX *_mem_save_scmanager_handle_0; + TALLOC_CTX *_mem_save_handle_0; + if (flags & NDR_IN) { +@@ -2135,11 +2203,13 @@ static enum ndr_err_code ndr_pull_svcctl_OpenServiceW(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_scmanager_handle_0, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.ServiceName)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.ServiceName)); +- if (ndr_get_array_length(ndr, &r->in.ServiceName) > ndr_get_array_size(ndr, &r->in.ServiceName)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.ServiceName), ndr_get_array_length(ndr, &r->in.ServiceName)); ++ size_ServiceName_0 = ndr_get_array_size(ndr, &r->in.ServiceName); ++ length_ServiceName_0 = ndr_get_array_length(ndr, &r->in.ServiceName); ++ if (length_ServiceName_0 > size_ServiceName_0) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_ServiceName_0, length_ServiceName_0); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.ServiceName), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.ServiceName, ndr_get_array_length(ndr, &r->in.ServiceName), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_ServiceName_0, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.ServiceName, length_ServiceName_0, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.access_mask)); + NDR_PULL_ALLOC(ndr, r->out.handle); + ZERO_STRUCTP(r->out.handle); +@@ -2210,6 +2280,7 @@ static enum ndr_err_code ndr_push_svcctl_QueryServiceConfigW(struct ndr_push *nd + + static enum ndr_err_code ndr_pull_svcctl_QueryServiceConfigW(struct ndr_pull *ndr, int flags, struct svcctl_QueryServiceConfigW *r) + { ++ uint32_t size_query_0 = 0; + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_bytes_needed_0; + if (flags & NDR_IN) { +@@ -2227,8 +2298,9 @@ static enum ndr_err_code ndr_pull_svcctl_QueryServiceConfigW(struct ndr_pull *nd + ZERO_STRUCTP(r->out.bytes_needed); + } + if (flags & NDR_OUT) { +- NDR_PULL_ALLOC_N(ndr, r->out.query, r->in.buf_size); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.query, r->in.buf_size)); ++ size_query_0 = r->in.buf_size; ++ NDR_PULL_ALLOC_N(ndr, r->out.query, size_query_0); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.query, size_query_0)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.bytes_needed); + } +@@ -2395,6 +2467,8 @@ static enum ndr_err_code ndr_push_svcctl_StartServiceW(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_svcctl_StartServiceW(struct ndr_pull *ndr, int flags, struct svcctl_StartServiceW *r) + { + uint32_t _ptr_Arguments; ++ uint32_t size_Arguments_1 = 0; ++ uint32_t length_Arguments_1 = 0; + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_Arguments_0; + if (flags & NDR_IN) { +@@ -2417,11 +2491,13 @@ static enum ndr_err_code ndr_pull_svcctl_StartServiceW(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.Arguments, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.Arguments)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.Arguments)); +- if (ndr_get_array_length(ndr, &r->in.Arguments) > ndr_get_array_size(ndr, &r->in.Arguments)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.Arguments), ndr_get_array_length(ndr, &r->in.Arguments)); ++ size_Arguments_1 = ndr_get_array_size(ndr, &r->in.Arguments); ++ length_Arguments_1 = ndr_get_array_length(ndr, &r->in.Arguments); ++ if (length_Arguments_1 > size_Arguments_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_Arguments_1, length_Arguments_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.Arguments), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Arguments, ndr_get_array_length(ndr, &r->in.Arguments), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_Arguments_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Arguments, length_Arguments_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_Arguments_0, 0); + } + } +@@ -2505,7 +2581,11 @@ static enum ndr_err_code ndr_push_svcctl_GetServiceDisplayNameW(struct ndr_push + static enum ndr_err_code ndr_pull_svcctl_GetServiceDisplayNameW(struct ndr_pull *ndr, int flags, struct svcctl_GetServiceDisplayNameW *r) + { + uint32_t _ptr_service_name; ++ uint32_t size_service_name_1 = 0; ++ uint32_t length_service_name_1 = 0; + uint32_t _ptr_display_name; ++ uint32_t size_display_name_2 = 0; ++ uint32_t length_display_name_2 = 0; + uint32_t _ptr_display_name_length; + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_service_name_0; +@@ -2533,11 +2613,13 @@ static enum ndr_err_code ndr_pull_svcctl_GetServiceDisplayNameW(struct ndr_pull + NDR_PULL_SET_MEM_CTX(ndr, r->in.service_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.service_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.service_name)); +- if (ndr_get_array_length(ndr, &r->in.service_name) > ndr_get_array_size(ndr, &r->in.service_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.service_name), ndr_get_array_length(ndr, &r->in.service_name)); ++ size_service_name_1 = ndr_get_array_size(ndr, &r->in.service_name); ++ length_service_name_1 = ndr_get_array_length(ndr, &r->in.service_name); ++ if (length_service_name_1 > size_service_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_service_name_1, length_service_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.service_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.service_name, ndr_get_array_length(ndr, &r->in.service_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_service_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.service_name, length_service_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_service_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_display_name_length)); +@@ -2572,11 +2654,13 @@ static enum ndr_err_code ndr_pull_svcctl_GetServiceDisplayNameW(struct ndr_pull + NDR_PULL_SET_MEM_CTX(ndr, *r->out.display_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, r->out.display_name)); + NDR_CHECK(ndr_pull_array_length(ndr, r->out.display_name)); +- if (ndr_get_array_length(ndr, r->out.display_name) > ndr_get_array_size(ndr, r->out.display_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, r->out.display_name), ndr_get_array_length(ndr, r->out.display_name)); ++ size_display_name_2 = ndr_get_array_size(ndr, r->out.display_name); ++ length_display_name_2 = ndr_get_array_length(ndr, r->out.display_name); ++ if (length_display_name_2 > size_display_name_2) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_display_name_2, length_display_name_2); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, r->out.display_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.display_name, ndr_get_array_length(ndr, r->out.display_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_display_name_2, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.display_name, length_display_name_2, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_display_name_1, 0); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_display_name_0, LIBNDR_FLAG_REF_ALLOC); +@@ -2691,7 +2775,11 @@ static enum ndr_err_code ndr_push_svcctl_GetServiceKeyNameW(struct ndr_push *ndr + static enum ndr_err_code ndr_pull_svcctl_GetServiceKeyNameW(struct ndr_pull *ndr, int flags, struct svcctl_GetServiceKeyNameW *r) + { + uint32_t _ptr_service_name; ++ uint32_t size_service_name_1 = 0; ++ uint32_t length_service_name_1 = 0; + uint32_t _ptr_key_name; ++ uint32_t size_key_name_2 = 0; ++ uint32_t length_key_name_2 = 0; + uint32_t _ptr_display_name_length; + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_service_name_0; +@@ -2719,11 +2807,13 @@ static enum ndr_err_code ndr_pull_svcctl_GetServiceKeyNameW(struct ndr_pull *ndr + NDR_PULL_SET_MEM_CTX(ndr, r->in.service_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.service_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.service_name)); +- if (ndr_get_array_length(ndr, &r->in.service_name) > ndr_get_array_size(ndr, &r->in.service_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.service_name), ndr_get_array_length(ndr, &r->in.service_name)); ++ size_service_name_1 = ndr_get_array_size(ndr, &r->in.service_name); ++ length_service_name_1 = ndr_get_array_length(ndr, &r->in.service_name); ++ if (length_service_name_1 > size_service_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_service_name_1, length_service_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.service_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.service_name, ndr_get_array_length(ndr, &r->in.service_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_service_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.service_name, length_service_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_service_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_display_name_length)); +@@ -2758,11 +2848,13 @@ static enum ndr_err_code ndr_pull_svcctl_GetServiceKeyNameW(struct ndr_pull *ndr + NDR_PULL_SET_MEM_CTX(ndr, *r->out.key_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, r->out.key_name)); + NDR_CHECK(ndr_pull_array_length(ndr, r->out.key_name)); +- if (ndr_get_array_length(ndr, r->out.key_name) > ndr_get_array_size(ndr, r->out.key_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, r->out.key_name), ndr_get_array_length(ndr, r->out.key_name)); ++ size_key_name_2 = ndr_get_array_size(ndr, r->out.key_name); ++ length_key_name_2 = ndr_get_array_length(ndr, r->out.key_name); ++ if (length_key_name_2 > size_key_name_2) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_key_name_2, length_key_name_2); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, r->out.key_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.key_name, ndr_get_array_length(ndr, r->out.key_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_key_name_2, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.key_name, length_key_name_2, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_key_name_1, 0); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_key_name_0, LIBNDR_FLAG_REF_ALLOC); +@@ -2967,11 +3059,23 @@ static enum ndr_err_code ndr_push_svcctl_ChangeServiceConfigA(struct ndr_push *n + static enum ndr_err_code ndr_pull_svcctl_ChangeServiceConfigA(struct ndr_pull *ndr, int flags, struct svcctl_ChangeServiceConfigA *r) + { + uint32_t _ptr_binary_path; ++ uint32_t size_binary_path_1 = 0; ++ uint32_t length_binary_path_1 = 0; + uint32_t _ptr_load_order_group; ++ uint32_t size_load_order_group_1 = 0; ++ uint32_t length_load_order_group_1 = 0; + uint32_t _ptr_dependencies; ++ uint32_t size_dependencies_1 = 0; ++ uint32_t length_dependencies_1 = 0; + uint32_t _ptr_service_start_name; ++ uint32_t size_service_start_name_1 = 0; ++ uint32_t length_service_start_name_1 = 0; + uint32_t _ptr_password; ++ uint32_t size_password_1 = 0; ++ uint32_t length_password_1 = 0; + uint32_t _ptr_display_name; ++ uint32_t size_display_name_1 = 0; ++ uint32_t length_display_name_1 = 0; + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_binary_path_0; + TALLOC_CTX *_mem_save_load_order_group_0; +@@ -3004,11 +3108,13 @@ static enum ndr_err_code ndr_pull_svcctl_ChangeServiceConfigA(struct ndr_pull *n + NDR_PULL_SET_MEM_CTX(ndr, r->in.binary_path, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.binary_path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.binary_path)); +- if (ndr_get_array_length(ndr, &r->in.binary_path) > ndr_get_array_size(ndr, &r->in.binary_path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.binary_path), ndr_get_array_length(ndr, &r->in.binary_path)); ++ size_binary_path_1 = ndr_get_array_size(ndr, &r->in.binary_path); ++ length_binary_path_1 = ndr_get_array_length(ndr, &r->in.binary_path); ++ if (length_binary_path_1 > size_binary_path_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_binary_path_1, length_binary_path_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.binary_path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.binary_path, ndr_get_array_length(ndr, &r->in.binary_path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_binary_path_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.binary_path, length_binary_path_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_binary_path_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_load_order_group)); +@@ -3022,11 +3128,13 @@ static enum ndr_err_code ndr_pull_svcctl_ChangeServiceConfigA(struct ndr_pull *n + NDR_PULL_SET_MEM_CTX(ndr, r->in.load_order_group, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.load_order_group)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.load_order_group)); +- if (ndr_get_array_length(ndr, &r->in.load_order_group) > ndr_get_array_size(ndr, &r->in.load_order_group)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.load_order_group), ndr_get_array_length(ndr, &r->in.load_order_group)); ++ size_load_order_group_1 = ndr_get_array_size(ndr, &r->in.load_order_group); ++ length_load_order_group_1 = ndr_get_array_length(ndr, &r->in.load_order_group); ++ if (length_load_order_group_1 > size_load_order_group_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_load_order_group_1, length_load_order_group_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.load_order_group), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.load_order_group, ndr_get_array_length(ndr, &r->in.load_order_group), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_load_order_group_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.load_order_group, length_load_order_group_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_load_order_group_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_dependencies)); +@@ -3040,11 +3148,13 @@ static enum ndr_err_code ndr_pull_svcctl_ChangeServiceConfigA(struct ndr_pull *n + NDR_PULL_SET_MEM_CTX(ndr, r->in.dependencies, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.dependencies)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.dependencies)); +- if (ndr_get_array_length(ndr, &r->in.dependencies) > ndr_get_array_size(ndr, &r->in.dependencies)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.dependencies), ndr_get_array_length(ndr, &r->in.dependencies)); ++ size_dependencies_1 = ndr_get_array_size(ndr, &r->in.dependencies); ++ length_dependencies_1 = ndr_get_array_length(ndr, &r->in.dependencies); ++ if (length_dependencies_1 > size_dependencies_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dependencies_1, length_dependencies_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.dependencies), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dependencies, ndr_get_array_length(ndr, &r->in.dependencies), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dependencies_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dependencies, length_dependencies_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_dependencies_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_service_start_name)); +@@ -3058,11 +3168,13 @@ static enum ndr_err_code ndr_pull_svcctl_ChangeServiceConfigA(struct ndr_pull *n + NDR_PULL_SET_MEM_CTX(ndr, r->in.service_start_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.service_start_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.service_start_name)); +- if (ndr_get_array_length(ndr, &r->in.service_start_name) > ndr_get_array_size(ndr, &r->in.service_start_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.service_start_name), ndr_get_array_length(ndr, &r->in.service_start_name)); ++ size_service_start_name_1 = ndr_get_array_size(ndr, &r->in.service_start_name); ++ length_service_start_name_1 = ndr_get_array_length(ndr, &r->in.service_start_name); ++ if (length_service_start_name_1 > size_service_start_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_service_start_name_1, length_service_start_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.service_start_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.service_start_name, ndr_get_array_length(ndr, &r->in.service_start_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_service_start_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.service_start_name, length_service_start_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_service_start_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_password)); +@@ -3076,11 +3188,13 @@ static enum ndr_err_code ndr_pull_svcctl_ChangeServiceConfigA(struct ndr_pull *n + NDR_PULL_SET_MEM_CTX(ndr, r->in.password, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.password)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.password)); +- if (ndr_get_array_length(ndr, &r->in.password) > ndr_get_array_size(ndr, &r->in.password)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.password), ndr_get_array_length(ndr, &r->in.password)); ++ size_password_1 = ndr_get_array_size(ndr, &r->in.password); ++ length_password_1 = ndr_get_array_length(ndr, &r->in.password); ++ if (length_password_1 > size_password_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_password_1, length_password_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.password), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.password, ndr_get_array_length(ndr, &r->in.password), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_password_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.password, length_password_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_password_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_display_name)); +@@ -3094,11 +3208,13 @@ static enum ndr_err_code ndr_pull_svcctl_ChangeServiceConfigA(struct ndr_pull *n + NDR_PULL_SET_MEM_CTX(ndr, r->in.display_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.display_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.display_name)); +- if (ndr_get_array_length(ndr, &r->in.display_name) > ndr_get_array_size(ndr, &r->in.display_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.display_name), ndr_get_array_length(ndr, &r->in.display_name)); ++ size_display_name_1 = ndr_get_array_size(ndr, &r->in.display_name); ++ length_display_name_1 = ndr_get_array_length(ndr, &r->in.display_name); ++ if (length_display_name_1 > size_display_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_display_name_1, length_display_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.display_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.display_name, ndr_get_array_length(ndr, &r->in.display_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_display_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.display_name, length_display_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_display_name_0, 0); + } + NDR_PULL_ALLOC(ndr, r->out.tag_id); +@@ -3259,13 +3375,27 @@ static enum ndr_err_code ndr_push_svcctl_CreateServiceA(struct ndr_push *ndr, in + static enum ndr_err_code ndr_pull_svcctl_CreateServiceA(struct ndr_pull *ndr, int flags, struct svcctl_CreateServiceA *r) + { + uint32_t _ptr_ServiceName; ++ uint32_t size_ServiceName_1 = 0; ++ uint32_t length_ServiceName_1 = 0; + uint32_t _ptr_DisplayName; ++ uint32_t size_DisplayName_1 = 0; ++ uint32_t length_DisplayName_1 = 0; + uint32_t _ptr_binary_path; ++ uint32_t size_binary_path_1 = 0; ++ uint32_t length_binary_path_1 = 0; + uint32_t _ptr_LoadOrderGroupKey; ++ uint32_t size_LoadOrderGroupKey_1 = 0; ++ uint32_t length_LoadOrderGroupKey_1 = 0; + uint32_t _ptr_TagId; + uint32_t _ptr_dependencies; ++ uint32_t size_dependencies_1 = 0; ++ uint32_t length_dependencies_1 = 0; + uint32_t _ptr_service_start_name; ++ uint32_t size_service_start_name_1 = 0; ++ uint32_t length_service_start_name_1 = 0; + uint32_t _ptr_password; ++ uint32_t size_password_1 = 0; ++ uint32_t length_password_1 = 0; + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_ServiceName_0; + TALLOC_CTX *_mem_save_DisplayName_0; +@@ -3296,11 +3426,13 @@ static enum ndr_err_code ndr_pull_svcctl_CreateServiceA(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.ServiceName, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.ServiceName)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.ServiceName)); +- if (ndr_get_array_length(ndr, &r->in.ServiceName) > ndr_get_array_size(ndr, &r->in.ServiceName)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.ServiceName), ndr_get_array_length(ndr, &r->in.ServiceName)); ++ size_ServiceName_1 = ndr_get_array_size(ndr, &r->in.ServiceName); ++ length_ServiceName_1 = ndr_get_array_length(ndr, &r->in.ServiceName); ++ if (length_ServiceName_1 > size_ServiceName_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_ServiceName_1, length_ServiceName_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.ServiceName), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.ServiceName, ndr_get_array_length(ndr, &r->in.ServiceName), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_ServiceName_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.ServiceName, length_ServiceName_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_ServiceName_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_DisplayName)); +@@ -3314,11 +3446,13 @@ static enum ndr_err_code ndr_pull_svcctl_CreateServiceA(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.DisplayName, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.DisplayName)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.DisplayName)); +- if (ndr_get_array_length(ndr, &r->in.DisplayName) > ndr_get_array_size(ndr, &r->in.DisplayName)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.DisplayName), ndr_get_array_length(ndr, &r->in.DisplayName)); ++ size_DisplayName_1 = ndr_get_array_size(ndr, &r->in.DisplayName); ++ length_DisplayName_1 = ndr_get_array_length(ndr, &r->in.DisplayName); ++ if (length_DisplayName_1 > size_DisplayName_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_DisplayName_1, length_DisplayName_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.DisplayName), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.DisplayName, ndr_get_array_length(ndr, &r->in.DisplayName), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_DisplayName_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.DisplayName, length_DisplayName_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_DisplayName_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.desired_access)); +@@ -3336,11 +3470,13 @@ static enum ndr_err_code ndr_pull_svcctl_CreateServiceA(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.binary_path, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.binary_path)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.binary_path)); +- if (ndr_get_array_length(ndr, &r->in.binary_path) > ndr_get_array_size(ndr, &r->in.binary_path)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.binary_path), ndr_get_array_length(ndr, &r->in.binary_path)); ++ size_binary_path_1 = ndr_get_array_size(ndr, &r->in.binary_path); ++ length_binary_path_1 = ndr_get_array_length(ndr, &r->in.binary_path); ++ if (length_binary_path_1 > size_binary_path_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_binary_path_1, length_binary_path_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.binary_path), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.binary_path, ndr_get_array_length(ndr, &r->in.binary_path), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_binary_path_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.binary_path, length_binary_path_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_binary_path_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_LoadOrderGroupKey)); +@@ -3354,11 +3490,13 @@ static enum ndr_err_code ndr_pull_svcctl_CreateServiceA(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.LoadOrderGroupKey, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.LoadOrderGroupKey)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.LoadOrderGroupKey)); +- if (ndr_get_array_length(ndr, &r->in.LoadOrderGroupKey) > ndr_get_array_size(ndr, &r->in.LoadOrderGroupKey)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.LoadOrderGroupKey), ndr_get_array_length(ndr, &r->in.LoadOrderGroupKey)); ++ size_LoadOrderGroupKey_1 = ndr_get_array_size(ndr, &r->in.LoadOrderGroupKey); ++ length_LoadOrderGroupKey_1 = ndr_get_array_length(ndr, &r->in.LoadOrderGroupKey); ++ if (length_LoadOrderGroupKey_1 > size_LoadOrderGroupKey_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_LoadOrderGroupKey_1, length_LoadOrderGroupKey_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.LoadOrderGroupKey), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.LoadOrderGroupKey, ndr_get_array_length(ndr, &r->in.LoadOrderGroupKey), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_LoadOrderGroupKey_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.LoadOrderGroupKey, length_LoadOrderGroupKey_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_LoadOrderGroupKey_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_dependencies)); +@@ -3372,11 +3510,13 @@ static enum ndr_err_code ndr_pull_svcctl_CreateServiceA(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.dependencies, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.dependencies)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.dependencies)); +- if (ndr_get_array_length(ndr, &r->in.dependencies) > ndr_get_array_size(ndr, &r->in.dependencies)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.dependencies), ndr_get_array_length(ndr, &r->in.dependencies)); ++ size_dependencies_1 = ndr_get_array_size(ndr, &r->in.dependencies); ++ length_dependencies_1 = ndr_get_array_length(ndr, &r->in.dependencies); ++ if (length_dependencies_1 > size_dependencies_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_dependencies_1, length_dependencies_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.dependencies), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dependencies, ndr_get_array_length(ndr, &r->in.dependencies), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_dependencies_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.dependencies, length_dependencies_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_dependencies_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_service_start_name)); +@@ -3390,11 +3530,13 @@ static enum ndr_err_code ndr_pull_svcctl_CreateServiceA(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.service_start_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.service_start_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.service_start_name)); +- if (ndr_get_array_length(ndr, &r->in.service_start_name) > ndr_get_array_size(ndr, &r->in.service_start_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.service_start_name), ndr_get_array_length(ndr, &r->in.service_start_name)); ++ size_service_start_name_1 = ndr_get_array_size(ndr, &r->in.service_start_name); ++ length_service_start_name_1 = ndr_get_array_length(ndr, &r->in.service_start_name); ++ if (length_service_start_name_1 > size_service_start_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_service_start_name_1, length_service_start_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.service_start_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.service_start_name, ndr_get_array_length(ndr, &r->in.service_start_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_service_start_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.service_start_name, length_service_start_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_service_start_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_password)); +@@ -3408,11 +3550,13 @@ static enum ndr_err_code ndr_pull_svcctl_CreateServiceA(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.password, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.password)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.password)); +- if (ndr_get_array_length(ndr, &r->in.password) > ndr_get_array_size(ndr, &r->in.password)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.password), ndr_get_array_length(ndr, &r->in.password)); ++ size_password_1 = ndr_get_array_size(ndr, &r->in.password); ++ length_password_1 = ndr_get_array_length(ndr, &r->in.password); ++ if (length_password_1 > size_password_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_password_1, length_password_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.password), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.password, ndr_get_array_length(ndr, &r->in.password), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_password_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.password, length_password_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_password_0, 0); + } + } +@@ -3673,6 +3817,7 @@ static enum ndr_err_code ndr_push_svcctl_EnumServicesStatusA(struct ndr_push *nd + + static enum ndr_err_code ndr_pull_svcctl_EnumServicesStatusA(struct ndr_pull *ndr, int flags, struct svcctl_EnumServicesStatusA *r) + { ++ uint32_t size_service_0 = 0; + uint32_t _ptr_resume_handle; + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_bytes_needed_0; +@@ -3710,8 +3855,9 @@ static enum ndr_err_code ndr_pull_svcctl_EnumServicesStatusA(struct ndr_pull *nd + } + if (flags & NDR_OUT) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->out.service)); +- NDR_PULL_ALLOC_N(ndr, r->out.service, ndr_get_array_size(ndr, &r->out.service)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.service, ndr_get_array_size(ndr, &r->out.service))); ++ size_service_0 = ndr_get_array_size(ndr, &r->out.service); ++ NDR_PULL_ALLOC_N(ndr, r->out.service, size_service_0); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.service, size_service_0)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.bytes_needed); + } +@@ -3827,7 +3973,11 @@ static enum ndr_err_code ndr_push_svcctl_OpenSCManagerA(struct ndr_push *ndr, in + static enum ndr_err_code ndr_pull_svcctl_OpenSCManagerA(struct ndr_pull *ndr, int flags, struct svcctl_OpenSCManagerA *r) + { + uint32_t _ptr_MachineName; ++ uint32_t size_MachineName_1 = 0; ++ uint32_t length_MachineName_1 = 0; + uint32_t _ptr_DatabaseName; ++ uint32_t size_DatabaseName_1 = 0; ++ uint32_t length_DatabaseName_1 = 0; + TALLOC_CTX *_mem_save_MachineName_0; + TALLOC_CTX *_mem_save_DatabaseName_0; + TALLOC_CTX *_mem_save_handle_0; +@@ -3845,11 +3995,13 @@ static enum ndr_err_code ndr_pull_svcctl_OpenSCManagerA(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.MachineName, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.MachineName)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.MachineName)); +- if (ndr_get_array_length(ndr, &r->in.MachineName) > ndr_get_array_size(ndr, &r->in.MachineName)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.MachineName), ndr_get_array_length(ndr, &r->in.MachineName)); ++ size_MachineName_1 = ndr_get_array_size(ndr, &r->in.MachineName); ++ length_MachineName_1 = ndr_get_array_length(ndr, &r->in.MachineName); ++ if (length_MachineName_1 > size_MachineName_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_MachineName_1, length_MachineName_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.MachineName), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.MachineName, ndr_get_array_length(ndr, &r->in.MachineName), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_MachineName_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.MachineName, length_MachineName_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_MachineName_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_DatabaseName)); +@@ -3863,11 +4015,13 @@ static enum ndr_err_code ndr_pull_svcctl_OpenSCManagerA(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.DatabaseName, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.DatabaseName)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.DatabaseName)); +- if (ndr_get_array_length(ndr, &r->in.DatabaseName) > ndr_get_array_size(ndr, &r->in.DatabaseName)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.DatabaseName), ndr_get_array_length(ndr, &r->in.DatabaseName)); ++ size_DatabaseName_1 = ndr_get_array_size(ndr, &r->in.DatabaseName); ++ length_DatabaseName_1 = ndr_get_array_length(ndr, &r->in.DatabaseName); ++ if (length_DatabaseName_1 > size_DatabaseName_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_DatabaseName_1, length_DatabaseName_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.DatabaseName), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.DatabaseName, ndr_get_array_length(ndr, &r->in.DatabaseName), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_DatabaseName_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.DatabaseName, length_DatabaseName_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_DatabaseName_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.access_mask)); +@@ -3950,6 +4104,8 @@ static enum ndr_err_code ndr_push_svcctl_OpenServiceA(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_svcctl_OpenServiceA(struct ndr_pull *ndr, int flags, struct svcctl_OpenServiceA *r) + { + uint32_t _ptr_ServiceName; ++ uint32_t size_ServiceName_1 = 0; ++ uint32_t length_ServiceName_1 = 0; + TALLOC_CTX *_mem_save_scmanager_handle_0; + TALLOC_CTX *_mem_save_ServiceName_0; + if (flags & NDR_IN) { +@@ -3971,11 +4127,13 @@ static enum ndr_err_code ndr_pull_svcctl_OpenServiceA(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.ServiceName, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.ServiceName)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.ServiceName)); +- if (ndr_get_array_length(ndr, &r->in.ServiceName) > ndr_get_array_size(ndr, &r->in.ServiceName)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.ServiceName), ndr_get_array_length(ndr, &r->in.ServiceName)); ++ size_ServiceName_1 = ndr_get_array_size(ndr, &r->in.ServiceName); ++ length_ServiceName_1 = ndr_get_array_length(ndr, &r->in.ServiceName); ++ if (length_ServiceName_1 > size_ServiceName_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_ServiceName_1, length_ServiceName_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.ServiceName), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.ServiceName, ndr_get_array_length(ndr, &r->in.ServiceName), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_ServiceName_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.ServiceName, length_ServiceName_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_ServiceName_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.access_mask)); +@@ -4040,6 +4198,7 @@ static enum ndr_err_code ndr_push_svcctl_QueryServiceConfigA(struct ndr_push *nd + + static enum ndr_err_code ndr_pull_svcctl_QueryServiceConfigA(struct ndr_pull *ndr, int flags, struct svcctl_QueryServiceConfigA *r) + { ++ uint32_t size_query_0 = 0; + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_bytes_needed_0; + if (flags & NDR_IN) { +@@ -4057,8 +4216,9 @@ static enum ndr_err_code ndr_pull_svcctl_QueryServiceConfigA(struct ndr_pull *nd + ZERO_STRUCTP(r->out.bytes_needed); + } + if (flags & NDR_OUT) { +- NDR_PULL_ALLOC_N(ndr, r->out.query, r->in.buf_size); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.query, r->in.buf_size)); ++ size_query_0 = r->in.buf_size; ++ NDR_PULL_ALLOC_N(ndr, r->out.query, size_query_0); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.query, size_query_0)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.bytes_needed); + } +@@ -4225,6 +4385,8 @@ static enum ndr_err_code ndr_push_svcctl_StartServiceA(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_svcctl_StartServiceA(struct ndr_pull *ndr, int flags, struct svcctl_StartServiceA *r) + { + uint32_t _ptr_Arguments; ++ uint32_t size_Arguments_1 = 0; ++ uint32_t length_Arguments_1 = 0; + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_Arguments_0; + if (flags & NDR_IN) { +@@ -4247,11 +4409,13 @@ static enum ndr_err_code ndr_pull_svcctl_StartServiceA(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->in.Arguments, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.Arguments)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.Arguments)); +- if (ndr_get_array_length(ndr, &r->in.Arguments) > ndr_get_array_size(ndr, &r->in.Arguments)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.Arguments), ndr_get_array_length(ndr, &r->in.Arguments)); ++ size_Arguments_1 = ndr_get_array_size(ndr, &r->in.Arguments); ++ length_Arguments_1 = ndr_get_array_length(ndr, &r->in.Arguments); ++ if (length_Arguments_1 > size_Arguments_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_Arguments_1, length_Arguments_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.Arguments), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Arguments, ndr_get_array_length(ndr, &r->in.Arguments), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_Arguments_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Arguments, length_Arguments_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_Arguments_0, 0); + } + } +@@ -4335,7 +4499,11 @@ static enum ndr_err_code ndr_push_svcctl_GetServiceDisplayNameA(struct ndr_push + static enum ndr_err_code ndr_pull_svcctl_GetServiceDisplayNameA(struct ndr_pull *ndr, int flags, struct svcctl_GetServiceDisplayNameA *r) + { + uint32_t _ptr_service_name; ++ uint32_t size_service_name_1 = 0; ++ uint32_t length_service_name_1 = 0; + uint32_t _ptr_display_name; ++ uint32_t size_display_name_2 = 0; ++ uint32_t length_display_name_2 = 0; + uint32_t _ptr_display_name_length; + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_service_name_0; +@@ -4363,11 +4531,13 @@ static enum ndr_err_code ndr_pull_svcctl_GetServiceDisplayNameA(struct ndr_pull + NDR_PULL_SET_MEM_CTX(ndr, r->in.service_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.service_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.service_name)); +- if (ndr_get_array_length(ndr, &r->in.service_name) > ndr_get_array_size(ndr, &r->in.service_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.service_name), ndr_get_array_length(ndr, &r->in.service_name)); ++ size_service_name_1 = ndr_get_array_size(ndr, &r->in.service_name); ++ length_service_name_1 = ndr_get_array_length(ndr, &r->in.service_name); ++ if (length_service_name_1 > size_service_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_service_name_1, length_service_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.service_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.service_name, ndr_get_array_length(ndr, &r->in.service_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_service_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.service_name, length_service_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_service_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_display_name_length)); +@@ -4402,11 +4572,13 @@ static enum ndr_err_code ndr_pull_svcctl_GetServiceDisplayNameA(struct ndr_pull + NDR_PULL_SET_MEM_CTX(ndr, *r->out.display_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, r->out.display_name)); + NDR_CHECK(ndr_pull_array_length(ndr, r->out.display_name)); +- if (ndr_get_array_length(ndr, r->out.display_name) > ndr_get_array_size(ndr, r->out.display_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, r->out.display_name), ndr_get_array_length(ndr, r->out.display_name)); ++ size_display_name_2 = ndr_get_array_size(ndr, r->out.display_name); ++ length_display_name_2 = ndr_get_array_length(ndr, r->out.display_name); ++ if (length_display_name_2 > size_display_name_2) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_display_name_2, length_display_name_2); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, r->out.display_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.display_name, ndr_get_array_length(ndr, r->out.display_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_display_name_2, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.display_name, length_display_name_2, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_display_name_1, 0); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_display_name_0, LIBNDR_FLAG_REF_ALLOC); +@@ -4521,7 +4693,11 @@ static enum ndr_err_code ndr_push_svcctl_GetServiceKeyNameA(struct ndr_push *ndr + static enum ndr_err_code ndr_pull_svcctl_GetServiceKeyNameA(struct ndr_pull *ndr, int flags, struct svcctl_GetServiceKeyNameA *r) + { + uint32_t _ptr_service_name; ++ uint32_t size_service_name_1 = 0; ++ uint32_t length_service_name_1 = 0; + uint32_t _ptr_key_name; ++ uint32_t size_key_name_2 = 0; ++ uint32_t length_key_name_2 = 0; + uint32_t _ptr_display_name_length; + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_service_name_0; +@@ -4549,11 +4725,13 @@ static enum ndr_err_code ndr_pull_svcctl_GetServiceKeyNameA(struct ndr_pull *ndr + NDR_PULL_SET_MEM_CTX(ndr, r->in.service_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.service_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.service_name)); +- if (ndr_get_array_length(ndr, &r->in.service_name) > ndr_get_array_size(ndr, &r->in.service_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.service_name), ndr_get_array_length(ndr, &r->in.service_name)); ++ size_service_name_1 = ndr_get_array_size(ndr, &r->in.service_name); ++ length_service_name_1 = ndr_get_array_length(ndr, &r->in.service_name); ++ if (length_service_name_1 > size_service_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_service_name_1, length_service_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.service_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.service_name, ndr_get_array_length(ndr, &r->in.service_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_service_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.service_name, length_service_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_service_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_display_name_length)); +@@ -4588,11 +4766,13 @@ static enum ndr_err_code ndr_pull_svcctl_GetServiceKeyNameA(struct ndr_pull *ndr + NDR_PULL_SET_MEM_CTX(ndr, *r->out.key_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, r->out.key_name)); + NDR_CHECK(ndr_pull_array_length(ndr, r->out.key_name)); +- if (ndr_get_array_length(ndr, r->out.key_name) > ndr_get_array_size(ndr, r->out.key_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, r->out.key_name), ndr_get_array_length(ndr, r->out.key_name)); ++ size_key_name_2 = ndr_get_array_size(ndr, r->out.key_name); ++ length_key_name_2 = ndr_get_array_length(ndr, r->out.key_name); ++ if (length_key_name_2 > size_key_name_2) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_key_name_2, length_key_name_2); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, r->out.key_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.key_name, ndr_get_array_length(ndr, r->out.key_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_key_name_2, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.key_name, length_key_name_2, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_key_name_1, 0); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_key_name_0, LIBNDR_FLAG_REF_ALLOC); +@@ -4938,6 +5118,7 @@ static enum ndr_err_code ndr_push_svcctl_QueryServiceConfig2A(struct ndr_push *n + + static enum ndr_err_code ndr_pull_svcctl_QueryServiceConfig2A(struct ndr_pull *ndr, int flags, struct svcctl_QueryServiceConfig2A *r) + { ++ uint32_t size_buffer_0 = 0; + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_bytes_needed_0; + if (flags & NDR_IN) { +@@ -4956,8 +5137,9 @@ static enum ndr_err_code ndr_pull_svcctl_QueryServiceConfig2A(struct ndr_pull *n + ZERO_STRUCTP(r->out.bytes_needed); + } + if (flags & NDR_OUT) { +- NDR_PULL_ALLOC_N(ndr, r->out.buffer, r->in.buf_size); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.buffer, r->in.buf_size)); ++ size_buffer_0 = r->in.buf_size; ++ NDR_PULL_ALLOC_N(ndr, r->out.buffer, size_buffer_0); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.buffer, size_buffer_0)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.bytes_needed); + } +@@ -5025,6 +5207,7 @@ static enum ndr_err_code ndr_push_svcctl_QueryServiceConfig2W(struct ndr_push *n + + static enum ndr_err_code ndr_pull_svcctl_QueryServiceConfig2W(struct ndr_pull *ndr, int flags, struct svcctl_QueryServiceConfig2W *r) + { ++ uint32_t size_buffer_0 = 0; + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_bytes_needed_0; + if (flags & NDR_IN) { +@@ -5043,8 +5226,9 @@ static enum ndr_err_code ndr_pull_svcctl_QueryServiceConfig2W(struct ndr_pull *n + ZERO_STRUCTP(r->out.bytes_needed); + } + if (flags & NDR_OUT) { +- NDR_PULL_ALLOC_N(ndr, r->out.buffer, r->in.buf_size); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.buffer, r->in.buf_size)); ++ size_buffer_0 = r->in.buf_size; ++ NDR_PULL_ALLOC_N(ndr, r->out.buffer, size_buffer_0); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.buffer, size_buffer_0)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.bytes_needed); + } +@@ -5112,6 +5296,7 @@ static enum ndr_err_code ndr_push_svcctl_QueryServiceStatusEx(struct ndr_push *n + + static enum ndr_err_code ndr_pull_svcctl_QueryServiceStatusEx(struct ndr_pull *ndr, int flags, struct svcctl_QueryServiceStatusEx *r) + { ++ uint32_t size_buffer_0 = 0; + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_bytes_needed_0; + if (flags & NDR_IN) { +@@ -5130,8 +5315,9 @@ static enum ndr_err_code ndr_pull_svcctl_QueryServiceStatusEx(struct ndr_pull *n + ZERO_STRUCTP(r->out.bytes_needed); + } + if (flags & NDR_OUT) { +- NDR_PULL_ALLOC_N(ndr, r->out.buffer, r->in.buf_size); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.buffer, r->in.buf_size)); ++ size_buffer_0 = r->in.buf_size; ++ NDR_PULL_ALLOC_N(ndr, r->out.buffer, size_buffer_0); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.buffer, size_buffer_0)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.bytes_needed); + } +@@ -5223,8 +5409,11 @@ static enum ndr_err_code ndr_push_EnumServicesStatusExA(struct ndr_push *ndr, in + + static enum ndr_err_code ndr_pull_EnumServicesStatusExA(struct ndr_pull *ndr, int flags, struct EnumServicesStatusExA *r) + { ++ uint32_t size_services_0 = 0; + uint32_t _ptr_resume_handle; + uint32_t _ptr_group_name; ++ uint32_t size_group_name_2 = 0; ++ uint32_t length_group_name_2 = 0; + TALLOC_CTX *_mem_save_scmanager_0; + TALLOC_CTX *_mem_save_bytes_needed_0; + TALLOC_CTX *_mem_save_service_returned_0; +@@ -5265,8 +5454,9 @@ static enum ndr_err_code ndr_pull_EnumServicesStatusExA(struct ndr_pull *ndr, in + ZERO_STRUCTP(r->out.group_name); + } + if (flags & NDR_OUT) { +- NDR_PULL_ALLOC_N(ndr, r->out.services, r->in.buf_size); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.services, r->in.buf_size)); ++ size_services_0 = r->in.buf_size; ++ NDR_PULL_ALLOC_N(ndr, r->out.services, size_services_0); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.services, size_services_0)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.bytes_needed); + } +@@ -5309,11 +5499,13 @@ static enum ndr_err_code ndr_pull_EnumServicesStatusExA(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, *r->out.group_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, r->out.group_name)); + NDR_CHECK(ndr_pull_array_length(ndr, r->out.group_name)); +- if (ndr_get_array_length(ndr, r->out.group_name) > ndr_get_array_size(ndr, r->out.group_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, r->out.group_name), ndr_get_array_length(ndr, r->out.group_name)); ++ size_group_name_2 = ndr_get_array_size(ndr, r->out.group_name); ++ length_group_name_2 = ndr_get_array_length(ndr, r->out.group_name); ++ if (length_group_name_2 > size_group_name_2) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_group_name_2, length_group_name_2); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, r->out.group_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.group_name, ndr_get_array_length(ndr, r->out.group_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_group_name_2, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.group_name, length_group_name_2, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_group_name_1, 0); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_group_name_0, LIBNDR_FLAG_REF_ALLOC); +@@ -5428,8 +5620,11 @@ static enum ndr_err_code ndr_push_EnumServicesStatusExW(struct ndr_push *ndr, in + + static enum ndr_err_code ndr_pull_EnumServicesStatusExW(struct ndr_pull *ndr, int flags, struct EnumServicesStatusExW *r) + { ++ uint32_t size_services_0 = 0; + uint32_t _ptr_resume_handle; + uint32_t _ptr_group_name; ++ uint32_t size_group_name_2 = 0; ++ uint32_t length_group_name_2 = 0; + TALLOC_CTX *_mem_save_scmanager_0; + TALLOC_CTX *_mem_save_bytes_needed_0; + TALLOC_CTX *_mem_save_service_returned_0; +@@ -5470,8 +5665,9 @@ static enum ndr_err_code ndr_pull_EnumServicesStatusExW(struct ndr_pull *ndr, in + ZERO_STRUCTP(r->out.group_name); + } + if (flags & NDR_OUT) { +- NDR_PULL_ALLOC_N(ndr, r->out.services, r->in.buf_size); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.services, r->in.buf_size)); ++ size_services_0 = r->in.buf_size; ++ NDR_PULL_ALLOC_N(ndr, r->out.services, size_services_0); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.services, size_services_0)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->out.bytes_needed); + } +@@ -5514,11 +5710,13 @@ static enum ndr_err_code ndr_pull_EnumServicesStatusExW(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, *r->out.group_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, r->out.group_name)); + NDR_CHECK(ndr_pull_array_length(ndr, r->out.group_name)); +- if (ndr_get_array_length(ndr, r->out.group_name) > ndr_get_array_size(ndr, r->out.group_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, r->out.group_name), ndr_get_array_length(ndr, r->out.group_name)); ++ size_group_name_2 = ndr_get_array_size(ndr, r->out.group_name); ++ length_group_name_2 = ndr_get_array_length(ndr, r->out.group_name); ++ if (length_group_name_2 > size_group_name_2) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_group_name_2, length_group_name_2); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, r->out.group_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.group_name, ndr_get_array_length(ndr, r->out.group_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_group_name_2, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.group_name, length_group_name_2, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_group_name_1, 0); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_group_name_0, LIBNDR_FLAG_REF_ALLOC); +diff --git a/source/librpc/gen_ndr/ndr_winreg.c b/source/librpc/gen_ndr/ndr_winreg.c +index 1a861af..e5e1564 100644 +--- a/source/librpc/gen_ndr/ndr_winreg.c ++++ b/source/librpc/gen_ndr/ndr_winreg.c +@@ -92,6 +92,8 @@ _PUBLIC_ enum ndr_err_code ndr_push_winreg_String(struct ndr_push *ndr, int ndr_ + _PUBLIC_ enum ndr_err_code ndr_pull_winreg_String(struct ndr_pull *ndr, int ndr_flags, struct winreg_String *r) + { + uint32_t _ptr_name; ++ uint32_t size_name_1 = 0; ++ uint32_t length_name_1 = 0; + TALLOC_CTX *_mem_save_name_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -110,11 +112,13 @@ _PUBLIC_ enum ndr_err_code ndr_pull_winreg_String(struct ndr_pull *ndr, int ndr_ + NDR_PULL_SET_MEM_CTX(ndr, r->name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->name)); +- if (ndr_get_array_length(ndr, &r->name) > ndr_get_array_size(ndr, &r->name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->name), ndr_get_array_length(ndr, &r->name)); ++ size_name_1 = ndr_get_array_size(ndr, &r->name); ++ length_name_1 = ndr_get_array_length(ndr, &r->name); ++ if (length_name_1 > size_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_1, length_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, length_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_0, 0); + } + } +@@ -158,6 +162,8 @@ static enum ndr_err_code ndr_push_KeySecurityData(struct ndr_push *ndr, int ndr_ + static enum ndr_err_code ndr_pull_KeySecurityData(struct ndr_pull *ndr, int ndr_flags, struct KeySecurityData *r) + { + uint32_t _ptr_data; ++ uint32_t size_data_1 = 0; ++ uint32_t length_data_1 = 0; + TALLOC_CTX *_mem_save_data_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -176,11 +182,13 @@ static enum ndr_err_code ndr_pull_KeySecurityData(struct ndr_pull *ndr, int ndr_ + NDR_PULL_SET_MEM_CTX(ndr, r->data, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->data)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->data)); +- if (ndr_get_array_length(ndr, &r->data) > ndr_get_array_size(ndr, &r->data)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->data), ndr_get_array_length(ndr, &r->data)); ++ size_data_1 = ndr_get_array_size(ndr, &r->data); ++ length_data_1 = ndr_get_array_length(ndr, &r->data); ++ if (length_data_1 > size_data_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_data_1, length_data_1); + } +- NDR_PULL_ALLOC_N(ndr, r->data, ndr_get_array_size(ndr, &r->data)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, ndr_get_array_length(ndr, &r->data))); ++ NDR_PULL_ALLOC_N(ndr, r->data, size_data_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, length_data_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_data_0, 0); + } + if (r->data) { +@@ -294,6 +302,8 @@ static enum ndr_err_code ndr_push_winreg_StringBuf(struct ndr_push *ndr, int ndr + static enum ndr_err_code ndr_pull_winreg_StringBuf(struct ndr_pull *ndr, int ndr_flags, struct winreg_StringBuf *r) + { + uint32_t _ptr_name; ++ uint32_t size_name_1 = 0; ++ uint32_t length_name_1 = 0; + TALLOC_CTX *_mem_save_name_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -312,10 +322,12 @@ static enum ndr_err_code ndr_pull_winreg_StringBuf(struct ndr_pull *ndr, int ndr + NDR_PULL_SET_MEM_CTX(ndr, r->name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->name)); +- if (ndr_get_array_length(ndr, &r->name) > ndr_get_array_size(ndr, &r->name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->name), ndr_get_array_length(ndr, &r->name)); ++ size_name_1 = ndr_get_array_size(ndr, &r->name); ++ length_name_1 = ndr_get_array_length(ndr, &r->name); ++ if (length_name_1 > size_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_1, length_name_1); + } +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, length_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_0, 0); + } + if (r->name) { +@@ -365,6 +377,8 @@ static enum ndr_err_code ndr_push_winreg_ValNameBuf(struct ndr_push *ndr, int nd + static enum ndr_err_code ndr_pull_winreg_ValNameBuf(struct ndr_pull *ndr, int ndr_flags, struct winreg_ValNameBuf *r) + { + uint32_t _ptr_name; ++ uint32_t size_name_1 = 0; ++ uint32_t length_name_1 = 0; + TALLOC_CTX *_mem_save_name_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -383,10 +397,12 @@ static enum ndr_err_code ndr_pull_winreg_ValNameBuf(struct ndr_pull *ndr, int nd + NDR_PULL_SET_MEM_CTX(ndr, r->name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->name)); +- if (ndr_get_array_length(ndr, &r->name) > ndr_get_array_size(ndr, &r->name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->name), ndr_get_array_length(ndr, &r->name)); ++ size_name_1 = ndr_get_array_size(ndr, &r->name); ++ length_name_1 = ndr_get_array_length(ndr, &r->name); ++ if (length_name_1 > size_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_1, length_name_1); + } +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, length_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_0, 0); + } + if (r->name) { +@@ -1559,6 +1575,8 @@ static enum ndr_err_code ndr_pull_winreg_EnumValue(struct ndr_pull *ndr, int fla + { + uint32_t _ptr_type; + uint32_t _ptr_value; ++ uint32_t size_value_1 = 0; ++ uint32_t length_value_1 = 0; + uint32_t _ptr_size; + uint32_t _ptr_length; + TALLOC_CTX *_mem_save_handle_0; +@@ -1608,11 +1626,13 @@ static enum ndr_err_code ndr_pull_winreg_EnumValue(struct ndr_pull *ndr, int fla + NDR_PULL_SET_MEM_CTX(ndr, r->in.value, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.value)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.value)); +- if (ndr_get_array_length(ndr, &r->in.value) > ndr_get_array_size(ndr, &r->in.value)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.value), ndr_get_array_length(ndr, &r->in.value)); ++ size_value_1 = ndr_get_array_size(ndr, &r->in.value); ++ length_value_1 = ndr_get_array_length(ndr, &r->in.value); ++ if (length_value_1 > size_value_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_value_1, length_value_1); + } +- NDR_PULL_ALLOC_N(ndr, r->in.value, ndr_get_array_size(ndr, &r->in.value)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.value, ndr_get_array_length(ndr, &r->in.value))); ++ NDR_PULL_ALLOC_N(ndr, r->in.value, size_value_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.value, length_value_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_value_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_size)); +@@ -1681,11 +1701,13 @@ static enum ndr_err_code ndr_pull_winreg_EnumValue(struct ndr_pull *ndr, int fla + NDR_PULL_SET_MEM_CTX(ndr, r->out.value, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->out.value)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->out.value)); +- if (ndr_get_array_length(ndr, &r->out.value) > ndr_get_array_size(ndr, &r->out.value)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->out.value), ndr_get_array_length(ndr, &r->out.value)); ++ size_value_1 = ndr_get_array_size(ndr, &r->out.value); ++ length_value_1 = ndr_get_array_length(ndr, &r->out.value); ++ if (length_value_1 > size_value_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_value_1, length_value_1); + } +- NDR_PULL_ALLOC_N(ndr, r->out.value, ndr_get_array_size(ndr, &r->out.value)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.value, ndr_get_array_length(ndr, &r->out.value))); ++ NDR_PULL_ALLOC_N(ndr, r->out.value, size_value_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.value, length_value_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_value_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_size)); +@@ -2523,6 +2545,8 @@ static enum ndr_err_code ndr_pull_winreg_QueryValue(struct ndr_pull *ndr, int fl + { + uint32_t _ptr_type; + uint32_t _ptr_data; ++ uint32_t size_data_1 = 0; ++ uint32_t length_data_1 = 0; + uint32_t _ptr_data_size; + uint32_t _ptr_value_length; + TALLOC_CTX *_mem_save_handle_0; +@@ -2571,11 +2595,13 @@ static enum ndr_err_code ndr_pull_winreg_QueryValue(struct ndr_pull *ndr, int fl + NDR_PULL_SET_MEM_CTX(ndr, r->in.data, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.data)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.data)); +- if (ndr_get_array_length(ndr, &r->in.data) > ndr_get_array_size(ndr, &r->in.data)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.data), ndr_get_array_length(ndr, &r->in.data)); ++ size_data_1 = ndr_get_array_size(ndr, &r->in.data); ++ length_data_1 = ndr_get_array_length(ndr, &r->in.data); ++ if (length_data_1 > size_data_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_data_1, length_data_1); + } +- NDR_PULL_ALLOC_N(ndr, r->in.data, ndr_get_array_size(ndr, &r->in.data)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.data, ndr_get_array_length(ndr, &r->in.data))); ++ NDR_PULL_ALLOC_N(ndr, r->in.data, size_data_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.data, length_data_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_data_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_data_size)); +@@ -2635,11 +2661,13 @@ static enum ndr_err_code ndr_pull_winreg_QueryValue(struct ndr_pull *ndr, int fl + NDR_PULL_SET_MEM_CTX(ndr, r->out.data, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->out.data)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->out.data)); +- if (ndr_get_array_length(ndr, &r->out.data) > ndr_get_array_size(ndr, &r->out.data)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->out.data), ndr_get_array_length(ndr, &r->out.data)); ++ size_data_1 = ndr_get_array_size(ndr, &r->out.data); ++ length_data_1 = ndr_get_array_length(ndr, &r->out.data); ++ if (length_data_1 > size_data_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_data_1, length_data_1); + } +- NDR_PULL_ALLOC_N(ndr, r->out.data, ndr_get_array_size(ndr, &r->out.data)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.data, ndr_get_array_length(ndr, &r->out.data))); ++ NDR_PULL_ALLOC_N(ndr, r->out.data, size_data_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.data, length_data_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_data_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_data_size)); +@@ -3072,6 +3100,7 @@ static enum ndr_err_code ndr_push_winreg_SetValue(struct ndr_push *ndr, int flag + + static enum ndr_err_code ndr_pull_winreg_SetValue(struct ndr_pull *ndr, int flags, struct winreg_SetValue *r) + { ++ uint32_t size_data_1 = 0; + TALLOC_CTX *_mem_save_handle_0; + if (flags & NDR_IN) { + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -3084,10 +3113,11 @@ static enum ndr_err_code ndr_pull_winreg_SetValue(struct ndr_pull *ndr, int flag + NDR_CHECK(ndr_pull_winreg_String(ndr, NDR_SCALARS|NDR_BUFFERS, &r->in.name)); + NDR_CHECK(ndr_pull_winreg_Type(ndr, NDR_SCALARS, &r->in.type)); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.data)); ++ size_data_1 = ndr_get_array_size(ndr, &r->in.data); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +- NDR_PULL_ALLOC_N(ndr, r->in.data, ndr_get_array_size(ndr, &r->in.data)); ++ NDR_PULL_ALLOC_N(ndr, r->in.data, size_data_1); + } +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.data, ndr_get_array_size(ndr, &r->in.data))); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.data, size_data_1)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.size)); + if (r->in.data) { + NDR_CHECK(ndr_check_array_size(ndr, (void*)&r->in.data, r->in.size)); +@@ -3652,8 +3682,12 @@ static enum ndr_err_code ndr_push_winreg_QueryMultipleValues(struct ndr_push *nd + + static enum ndr_err_code ndr_pull_winreg_QueryMultipleValues(struct ndr_pull *ndr, int flags, struct winreg_QueryMultipleValues *r) + { ++ uint32_t size_values_1 = 0; ++ uint32_t length_values_1 = 0; + uint32_t cntr_values_1; + uint32_t _ptr_buffer; ++ uint32_t size_buffer_1 = 0; ++ uint32_t length_buffer_1 = 0; + TALLOC_CTX *_mem_save_key_handle_0; + TALLOC_CTX *_mem_save_values_1; + TALLOC_CTX *_mem_save_buffer_0; +@@ -3670,19 +3704,21 @@ static enum ndr_err_code ndr_pull_winreg_QueryMultipleValues(struct ndr_pull *nd + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_key_handle_0, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.values)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.values)); +- if (ndr_get_array_length(ndr, &r->in.values) > ndr_get_array_size(ndr, &r->in.values)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.values), ndr_get_array_length(ndr, &r->in.values)); ++ size_values_1 = ndr_get_array_size(ndr, &r->in.values); ++ length_values_1 = ndr_get_array_length(ndr, &r->in.values); ++ if (length_values_1 > size_values_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_values_1, length_values_1); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +- NDR_PULL_ALLOC_N(ndr, r->in.values, ndr_get_array_size(ndr, &r->in.values)); ++ NDR_PULL_ALLOC_N(ndr, r->in.values, size_values_1); + } +- memcpy(r->out.values, r->in.values, ndr_get_array_size(ndr, &r->in.values) * sizeof(*r->in.values)); ++ memcpy(r->out.values, r->in.values, size_values_1 * sizeof(*r->in.values)); + _mem_save_values_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.values, 0); +- for (cntr_values_1 = 0; cntr_values_1 < r->in.num_values; cntr_values_1++) { ++ for (cntr_values_1 = 0; cntr_values_1 < length_values_1; cntr_values_1++) { + NDR_CHECK(ndr_pull_QueryMultipleValue(ndr, NDR_SCALARS, &r->in.values[cntr_values_1])); + } +- for (cntr_values_1 = 0; cntr_values_1 < r->in.num_values; cntr_values_1++) { ++ for (cntr_values_1 = 0; cntr_values_1 < length_values_1; cntr_values_1++) { + NDR_CHECK(ndr_pull_QueryMultipleValue(ndr, NDR_BUFFERS, &r->in.values[cntr_values_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_values_1, 0); +@@ -3698,11 +3734,13 @@ static enum ndr_err_code ndr_pull_winreg_QueryMultipleValues(struct ndr_pull *nd + NDR_PULL_SET_MEM_CTX(ndr, r->in.buffer, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.buffer)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.buffer)); +- if (ndr_get_array_length(ndr, &r->in.buffer) > ndr_get_array_size(ndr, &r->in.buffer)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.buffer), ndr_get_array_length(ndr, &r->in.buffer)); ++ size_buffer_1 = ndr_get_array_size(ndr, &r->in.buffer); ++ length_buffer_1 = ndr_get_array_length(ndr, &r->in.buffer); ++ if (length_buffer_1 > size_buffer_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_buffer_1, length_buffer_1); + } +- NDR_PULL_ALLOC_N(ndr, r->in.buffer, ndr_get_array_size(ndr, &r->in.buffer)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.buffer, ndr_get_array_length(ndr, &r->in.buffer))); ++ NDR_PULL_ALLOC_N(ndr, r->in.buffer, size_buffer_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.buffer, length_buffer_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_buffer_0, 0); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -3732,19 +3770,21 @@ static enum ndr_err_code ndr_pull_winreg_QueryMultipleValues(struct ndr_pull *nd + if (flags & NDR_OUT) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->out.values)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->out.values)); +- if (ndr_get_array_length(ndr, &r->out.values) > ndr_get_array_size(ndr, &r->out.values)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->out.values), ndr_get_array_length(ndr, &r->out.values)); ++ size_values_1 = ndr_get_array_size(ndr, &r->out.values); ++ length_values_1 = ndr_get_array_length(ndr, &r->out.values); ++ if (length_values_1 > size_values_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_values_1, length_values_1); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +- NDR_PULL_ALLOC_N(ndr, r->out.values, ndr_get_array_size(ndr, &r->out.values)); ++ NDR_PULL_ALLOC_N(ndr, r->out.values, size_values_1); + } +- memcpy(r->out.values, r->in.values, ndr_get_array_size(ndr, &r->out.values) * sizeof(*r->in.values)); ++ memcpy(r->out.values, r->in.values, size_values_1 * sizeof(*r->in.values)); + _mem_save_values_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->out.values, 0); +- for (cntr_values_1 = 0; cntr_values_1 < r->in.num_values; cntr_values_1++) { ++ for (cntr_values_1 = 0; cntr_values_1 < length_values_1; cntr_values_1++) { + NDR_CHECK(ndr_pull_QueryMultipleValue(ndr, NDR_SCALARS, &r->out.values[cntr_values_1])); + } +- for (cntr_values_1 = 0; cntr_values_1 < r->in.num_values; cntr_values_1++) { ++ for (cntr_values_1 = 0; cntr_values_1 < length_values_1; cntr_values_1++) { + NDR_CHECK(ndr_pull_QueryMultipleValue(ndr, NDR_BUFFERS, &r->out.values[cntr_values_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_values_1, 0); +@@ -3759,11 +3799,13 @@ static enum ndr_err_code ndr_pull_winreg_QueryMultipleValues(struct ndr_pull *nd + NDR_PULL_SET_MEM_CTX(ndr, r->out.buffer, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->out.buffer)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->out.buffer)); +- if (ndr_get_array_length(ndr, &r->out.buffer) > ndr_get_array_size(ndr, &r->out.buffer)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->out.buffer), ndr_get_array_length(ndr, &r->out.buffer)); ++ size_buffer_1 = ndr_get_array_size(ndr, &r->out.buffer); ++ length_buffer_1 = ndr_get_array_length(ndr, &r->out.buffer); ++ if (length_buffer_1 > size_buffer_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_buffer_1, length_buffer_1); + } +- NDR_PULL_ALLOC_N(ndr, r->out.buffer, ndr_get_array_size(ndr, &r->out.buffer)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.buffer, ndr_get_array_length(ndr, &r->out.buffer))); ++ NDR_PULL_ALLOC_N(ndr, r->out.buffer, size_buffer_1); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->out.buffer, length_buffer_1)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_buffer_0, 0); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +diff --git a/source/librpc/gen_ndr/ndr_wkssvc.c b/source/librpc/gen_ndr/ndr_wkssvc.c +index 10e5e55..d884bac 100644 +--- a/source/librpc/gen_ndr/ndr_wkssvc.c ++++ b/source/librpc/gen_ndr/ndr_wkssvc.c +@@ -35,8 +35,12 @@ static enum ndr_err_code ndr_push_wkssvc_NetWkstaInfo100(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo100(struct ndr_pull *ndr, int ndr_flags, struct wkssvc_NetWkstaInfo100 *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + uint32_t _ptr_domain_name; ++ uint32_t size_domain_name_1 = 0; ++ uint32_t length_domain_name_1 = 0; + TALLOC_CTX *_mem_save_domain_name_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -62,11 +66,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo100(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->server_name)); +- if (ndr_get_array_length(ndr, &r->server_name) > ndr_get_array_size(ndr, &r->server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->server_name), ndr_get_array_length(ndr, &r->server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->server_name, ndr_get_array_length(ndr, &r->server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + if (r->domain_name) { +@@ -74,11 +80,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo100(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->domain_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->domain_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->domain_name)); +- if (ndr_get_array_length(ndr, &r->domain_name) > ndr_get_array_size(ndr, &r->domain_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->domain_name), ndr_get_array_length(ndr, &r->domain_name)); ++ size_domain_name_1 = ndr_get_array_size(ndr, &r->domain_name); ++ length_domain_name_1 = ndr_get_array_length(ndr, &r->domain_name); ++ if (length_domain_name_1 > size_domain_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_name_1, length_domain_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->domain_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain_name, ndr_get_array_length(ndr, &r->domain_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain_name, length_domain_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_name_0, 0); + } + } +@@ -144,10 +152,16 @@ static enum ndr_err_code ndr_push_wkssvc_NetWkstaInfo101(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo101(struct ndr_pull *ndr, int ndr_flags, struct wkssvc_NetWkstaInfo101 *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + uint32_t _ptr_domain_name; ++ uint32_t size_domain_name_1 = 0; ++ uint32_t length_domain_name_1 = 0; + TALLOC_CTX *_mem_save_domain_name_0; + uint32_t _ptr_lan_root; ++ uint32_t size_lan_root_1 = 0; ++ uint32_t length_lan_root_1 = 0; + TALLOC_CTX *_mem_save_lan_root_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -179,11 +193,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo101(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->server_name)); +- if (ndr_get_array_length(ndr, &r->server_name) > ndr_get_array_size(ndr, &r->server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->server_name), ndr_get_array_length(ndr, &r->server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->server_name, ndr_get_array_length(ndr, &r->server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + if (r->domain_name) { +@@ -191,11 +207,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo101(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->domain_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->domain_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->domain_name)); +- if (ndr_get_array_length(ndr, &r->domain_name) > ndr_get_array_size(ndr, &r->domain_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->domain_name), ndr_get_array_length(ndr, &r->domain_name)); ++ size_domain_name_1 = ndr_get_array_size(ndr, &r->domain_name); ++ length_domain_name_1 = ndr_get_array_length(ndr, &r->domain_name); ++ if (length_domain_name_1 > size_domain_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_name_1, length_domain_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->domain_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain_name, ndr_get_array_length(ndr, &r->domain_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain_name, length_domain_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_name_0, 0); + } + if (r->lan_root) { +@@ -203,11 +221,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo101(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->lan_root, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->lan_root)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->lan_root)); +- if (ndr_get_array_length(ndr, &r->lan_root) > ndr_get_array_size(ndr, &r->lan_root)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->lan_root), ndr_get_array_length(ndr, &r->lan_root)); ++ size_lan_root_1 = ndr_get_array_size(ndr, &r->lan_root); ++ length_lan_root_1 = ndr_get_array_length(ndr, &r->lan_root); ++ if (length_lan_root_1 > size_lan_root_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_lan_root_1, length_lan_root_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->lan_root), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->lan_root, ndr_get_array_length(ndr, &r->lan_root), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_lan_root_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->lan_root, length_lan_root_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_lan_root_0, 0); + } + } +@@ -280,10 +300,16 @@ static enum ndr_err_code ndr_push_wkssvc_NetWkstaInfo102(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo102(struct ndr_pull *ndr, int ndr_flags, struct wkssvc_NetWkstaInfo102 *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + uint32_t _ptr_domain_name; ++ uint32_t size_domain_name_1 = 0; ++ uint32_t length_domain_name_1 = 0; + TALLOC_CTX *_mem_save_domain_name_0; + uint32_t _ptr_lan_root; ++ uint32_t size_lan_root_1 = 0; ++ uint32_t length_lan_root_1 = 0; + TALLOC_CTX *_mem_save_lan_root_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -316,11 +342,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo102(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->server_name)); +- if (ndr_get_array_length(ndr, &r->server_name) > ndr_get_array_size(ndr, &r->server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->server_name), ndr_get_array_length(ndr, &r->server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->server_name, ndr_get_array_length(ndr, &r->server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + if (r->domain_name) { +@@ -328,11 +356,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo102(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->domain_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->domain_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->domain_name)); +- if (ndr_get_array_length(ndr, &r->domain_name) > ndr_get_array_size(ndr, &r->domain_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->domain_name), ndr_get_array_length(ndr, &r->domain_name)); ++ size_domain_name_1 = ndr_get_array_size(ndr, &r->domain_name); ++ length_domain_name_1 = ndr_get_array_length(ndr, &r->domain_name); ++ if (length_domain_name_1 > size_domain_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_name_1, length_domain_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->domain_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain_name, ndr_get_array_length(ndr, &r->domain_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain_name, length_domain_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_name_0, 0); + } + if (r->lan_root) { +@@ -340,11 +370,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo102(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->lan_root, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->lan_root)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->lan_root)); +- if (ndr_get_array_length(ndr, &r->lan_root) > ndr_get_array_size(ndr, &r->lan_root)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->lan_root), ndr_get_array_length(ndr, &r->lan_root)); ++ size_lan_root_1 = ndr_get_array_size(ndr, &r->lan_root); ++ length_lan_root_1 = ndr_get_array_length(ndr, &r->lan_root); ++ if (length_lan_root_1 > size_lan_root_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_lan_root_1, length_lan_root_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->lan_root), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->lan_root, ndr_get_array_length(ndr, &r->lan_root), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_lan_root_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->lan_root, length_lan_root_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_lan_root_0, 0); + } + } +@@ -1859,41 +1891,77 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_info100_0; ++ uint32_t _ptr_info100; + TALLOC_CTX *_mem_save_info101_0; ++ uint32_t _ptr_info101; + TALLOC_CTX *_mem_save_info102_0; ++ uint32_t _ptr_info102; + TALLOC_CTX *_mem_save_info502_0; ++ uint32_t _ptr_info502; + TALLOC_CTX *_mem_save_info1010_0; ++ uint32_t _ptr_info1010; + TALLOC_CTX *_mem_save_info1011_0; ++ uint32_t _ptr_info1011; + TALLOC_CTX *_mem_save_info1012_0; ++ uint32_t _ptr_info1012; + TALLOC_CTX *_mem_save_info1013_0; ++ uint32_t _ptr_info1013; + TALLOC_CTX *_mem_save_info1018_0; ++ uint32_t _ptr_info1018; + TALLOC_CTX *_mem_save_info1023_0; ++ uint32_t _ptr_info1023; + TALLOC_CTX *_mem_save_info1027_0; ++ uint32_t _ptr_info1027; + TALLOC_CTX *_mem_save_info1028_0; ++ uint32_t _ptr_info1028; + TALLOC_CTX *_mem_save_info1032_0; ++ uint32_t _ptr_info1032; + TALLOC_CTX *_mem_save_info1033_0; ++ uint32_t _ptr_info1033; + TALLOC_CTX *_mem_save_info1041_0; ++ uint32_t _ptr_info1041; + TALLOC_CTX *_mem_save_info1042_0; ++ uint32_t _ptr_info1042; + TALLOC_CTX *_mem_save_info1043_0; ++ uint32_t _ptr_info1043; + TALLOC_CTX *_mem_save_info1044_0; ++ uint32_t _ptr_info1044; + TALLOC_CTX *_mem_save_info1045_0; ++ uint32_t _ptr_info1045; + TALLOC_CTX *_mem_save_info1046_0; ++ uint32_t _ptr_info1046; + TALLOC_CTX *_mem_save_info1047_0; ++ uint32_t _ptr_info1047; + TALLOC_CTX *_mem_save_info1048_0; ++ uint32_t _ptr_info1048; + TALLOC_CTX *_mem_save_info1049_0; ++ uint32_t _ptr_info1049; + TALLOC_CTX *_mem_save_info1050_0; ++ uint32_t _ptr_info1050; + TALLOC_CTX *_mem_save_info1051_0; ++ uint32_t _ptr_info1051; + TALLOC_CTX *_mem_save_info1052_0; ++ uint32_t _ptr_info1052; + TALLOC_CTX *_mem_save_info1053_0; ++ uint32_t _ptr_info1053; + TALLOC_CTX *_mem_save_info1054_0; ++ uint32_t _ptr_info1054; + TALLOC_CTX *_mem_save_info1055_0; ++ uint32_t _ptr_info1055; + TALLOC_CTX *_mem_save_info1056_0; ++ uint32_t _ptr_info1056; + TALLOC_CTX *_mem_save_info1057_0; ++ uint32_t _ptr_info1057; + TALLOC_CTX *_mem_save_info1058_0; ++ uint32_t _ptr_info1058; + TALLOC_CTX *_mem_save_info1059_0; ++ uint32_t _ptr_info1059; + TALLOC_CTX *_mem_save_info1060_0; ++ uint32_t _ptr_info1060; + TALLOC_CTX *_mem_save_info1061_0; ++ uint32_t _ptr_info1061; + TALLOC_CTX *_mem_save_info1062_0; ++ uint32_t _ptr_info1062; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -1902,7 +1970,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + } + switch (level) { + case 100: { +- uint32_t _ptr_info100; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info100)); + if (_ptr_info100) { + NDR_PULL_ALLOC(ndr, r->info100); +@@ -1912,7 +1979,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 101: { +- uint32_t _ptr_info101; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info101)); + if (_ptr_info101) { + NDR_PULL_ALLOC(ndr, r->info101); +@@ -1922,7 +1988,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 102: { +- uint32_t _ptr_info102; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info102)); + if (_ptr_info102) { + NDR_PULL_ALLOC(ndr, r->info102); +@@ -1932,7 +1997,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 502: { +- uint32_t _ptr_info502; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info502)); + if (_ptr_info502) { + NDR_PULL_ALLOC(ndr, r->info502); +@@ -1942,7 +2006,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1010: { +- uint32_t _ptr_info1010; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1010)); + if (_ptr_info1010) { + NDR_PULL_ALLOC(ndr, r->info1010); +@@ -1952,7 +2015,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1011: { +- uint32_t _ptr_info1011; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1011)); + if (_ptr_info1011) { + NDR_PULL_ALLOC(ndr, r->info1011); +@@ -1962,7 +2024,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1012: { +- uint32_t _ptr_info1012; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1012)); + if (_ptr_info1012) { + NDR_PULL_ALLOC(ndr, r->info1012); +@@ -1972,7 +2033,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1013: { +- uint32_t _ptr_info1013; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1013)); + if (_ptr_info1013) { + NDR_PULL_ALLOC(ndr, r->info1013); +@@ -1982,7 +2042,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1018: { +- uint32_t _ptr_info1018; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1018)); + if (_ptr_info1018) { + NDR_PULL_ALLOC(ndr, r->info1018); +@@ -1992,7 +2051,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1023: { +- uint32_t _ptr_info1023; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1023)); + if (_ptr_info1023) { + NDR_PULL_ALLOC(ndr, r->info1023); +@@ -2002,7 +2060,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1027: { +- uint32_t _ptr_info1027; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1027)); + if (_ptr_info1027) { + NDR_PULL_ALLOC(ndr, r->info1027); +@@ -2012,7 +2069,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1028: { +- uint32_t _ptr_info1028; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1028)); + if (_ptr_info1028) { + NDR_PULL_ALLOC(ndr, r->info1028); +@@ -2022,7 +2078,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1032: { +- uint32_t _ptr_info1032; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1032)); + if (_ptr_info1032) { + NDR_PULL_ALLOC(ndr, r->info1032); +@@ -2032,7 +2087,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1033: { +- uint32_t _ptr_info1033; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1033)); + if (_ptr_info1033) { + NDR_PULL_ALLOC(ndr, r->info1033); +@@ -2042,7 +2096,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1041: { +- uint32_t _ptr_info1041; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1041)); + if (_ptr_info1041) { + NDR_PULL_ALLOC(ndr, r->info1041); +@@ -2052,7 +2105,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1042: { +- uint32_t _ptr_info1042; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1042)); + if (_ptr_info1042) { + NDR_PULL_ALLOC(ndr, r->info1042); +@@ -2062,7 +2114,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1043: { +- uint32_t _ptr_info1043; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1043)); + if (_ptr_info1043) { + NDR_PULL_ALLOC(ndr, r->info1043); +@@ -2072,7 +2123,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1044: { +- uint32_t _ptr_info1044; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1044)); + if (_ptr_info1044) { + NDR_PULL_ALLOC(ndr, r->info1044); +@@ -2082,7 +2132,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1045: { +- uint32_t _ptr_info1045; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1045)); + if (_ptr_info1045) { + NDR_PULL_ALLOC(ndr, r->info1045); +@@ -2092,7 +2141,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1046: { +- uint32_t _ptr_info1046; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1046)); + if (_ptr_info1046) { + NDR_PULL_ALLOC(ndr, r->info1046); +@@ -2102,7 +2150,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1047: { +- uint32_t _ptr_info1047; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1047)); + if (_ptr_info1047) { + NDR_PULL_ALLOC(ndr, r->info1047); +@@ -2112,7 +2159,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1048: { +- uint32_t _ptr_info1048; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1048)); + if (_ptr_info1048) { + NDR_PULL_ALLOC(ndr, r->info1048); +@@ -2122,7 +2168,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1049: { +- uint32_t _ptr_info1049; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1049)); + if (_ptr_info1049) { + NDR_PULL_ALLOC(ndr, r->info1049); +@@ -2132,7 +2177,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1050: { +- uint32_t _ptr_info1050; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1050)); + if (_ptr_info1050) { + NDR_PULL_ALLOC(ndr, r->info1050); +@@ -2142,7 +2186,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1051: { +- uint32_t _ptr_info1051; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1051)); + if (_ptr_info1051) { + NDR_PULL_ALLOC(ndr, r->info1051); +@@ -2152,7 +2195,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1052: { +- uint32_t _ptr_info1052; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1052)); + if (_ptr_info1052) { + NDR_PULL_ALLOC(ndr, r->info1052); +@@ -2162,7 +2204,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1053: { +- uint32_t _ptr_info1053; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1053)); + if (_ptr_info1053) { + NDR_PULL_ALLOC(ndr, r->info1053); +@@ -2172,7 +2213,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1054: { +- uint32_t _ptr_info1054; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1054)); + if (_ptr_info1054) { + NDR_PULL_ALLOC(ndr, r->info1054); +@@ -2182,7 +2222,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1055: { +- uint32_t _ptr_info1055; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1055)); + if (_ptr_info1055) { + NDR_PULL_ALLOC(ndr, r->info1055); +@@ -2192,7 +2231,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1056: { +- uint32_t _ptr_info1056; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1056)); + if (_ptr_info1056) { + NDR_PULL_ALLOC(ndr, r->info1056); +@@ -2202,7 +2240,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1057: { +- uint32_t _ptr_info1057; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1057)); + if (_ptr_info1057) { + NDR_PULL_ALLOC(ndr, r->info1057); +@@ -2212,7 +2249,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1058: { +- uint32_t _ptr_info1058; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1058)); + if (_ptr_info1058) { + NDR_PULL_ALLOC(ndr, r->info1058); +@@ -2222,7 +2258,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1059: { +- uint32_t _ptr_info1059; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1059)); + if (_ptr_info1059) { + NDR_PULL_ALLOC(ndr, r->info1059); +@@ -2232,7 +2267,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1060: { +- uint32_t _ptr_info1060; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1060)); + if (_ptr_info1060) { + NDR_PULL_ALLOC(ndr, r->info1060); +@@ -2242,7 +2276,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1061: { +- uint32_t _ptr_info1061; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1061)); + if (_ptr_info1061) { + NDR_PULL_ALLOC(ndr, r->info1061); +@@ -2252,7 +2285,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaInfo(struct ndr_pull *ndr, int + break; } + + case 1062: { +- uint32_t _ptr_info1062; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1062)); + if (_ptr_info1062) { + NDR_PULL_ALLOC(ndr, r->info1062); +@@ -2956,6 +2988,8 @@ static enum ndr_err_code ndr_push_wkssvc_NetrWkstaUserInfo0(struct ndr_push *ndr + static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaUserInfo0(struct ndr_pull *ndr, int ndr_flags, struct wkssvc_NetrWkstaUserInfo0 *r) + { + uint32_t _ptr_user_name; ++ uint32_t size_user_name_1 = 0; ++ uint32_t length_user_name_1 = 0; + TALLOC_CTX *_mem_save_user_name_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -2972,11 +3006,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaUserInfo0(struct ndr_pull *ndr + NDR_PULL_SET_MEM_CTX(ndr, r->user_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->user_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->user_name)); +- if (ndr_get_array_length(ndr, &r->user_name) > ndr_get_array_size(ndr, &r->user_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->user_name), ndr_get_array_length(ndr, &r->user_name)); ++ size_user_name_1 = ndr_get_array_size(ndr, &r->user_name); ++ length_user_name_1 = ndr_get_array_length(ndr, &r->user_name); ++ if (length_user_name_1 > size_user_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_user_name_1, length_user_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->user_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user_name, ndr_get_array_length(ndr, &r->user_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_user_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user_name, length_user_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user_name_0, 0); + } + } +@@ -3021,6 +3057,7 @@ static enum ndr_err_code ndr_push_wkssvc_NetWkstaEnumUsersCtr0(struct ndr_push * + static enum ndr_err_code ndr_pull_wkssvc_NetWkstaEnumUsersCtr0(struct ndr_pull *ndr, int ndr_flags, struct wkssvc_NetWkstaEnumUsersCtr0 *r) + { + uint32_t _ptr_user0; ++ uint32_t size_user0_1 = 0; + uint32_t cntr_user0_1; + TALLOC_CTX *_mem_save_user0_0; + TALLOC_CTX *_mem_save_user0_1; +@@ -3039,13 +3076,14 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaEnumUsersCtr0(struct ndr_pull * + _mem_save_user0_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->user0, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->user0)); +- NDR_PULL_ALLOC_N(ndr, r->user0, ndr_get_array_size(ndr, &r->user0)); ++ size_user0_1 = ndr_get_array_size(ndr, &r->user0); ++ NDR_PULL_ALLOC_N(ndr, r->user0, size_user0_1); + _mem_save_user0_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->user0, 0); +- for (cntr_user0_1 = 0; cntr_user0_1 < r->entries_read; cntr_user0_1++) { ++ for (cntr_user0_1 = 0; cntr_user0_1 < size_user0_1; cntr_user0_1++) { + NDR_CHECK(ndr_pull_wkssvc_NetrWkstaUserInfo0(ndr, NDR_SCALARS, &r->user0[cntr_user0_1])); + } +- for (cntr_user0_1 = 0; cntr_user0_1 < r->entries_read; cntr_user0_1++) { ++ for (cntr_user0_1 = 0; cntr_user0_1 < size_user0_1; cntr_user0_1++) { + NDR_CHECK(ndr_pull_wkssvc_NetrWkstaUserInfo0(ndr, NDR_BUFFERS, &r->user0[cntr_user0_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user0_1, 0); +@@ -3123,12 +3161,20 @@ static enum ndr_err_code ndr_push_wkssvc_NetrWkstaUserInfo1(struct ndr_push *ndr + static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaUserInfo1(struct ndr_pull *ndr, int ndr_flags, struct wkssvc_NetrWkstaUserInfo1 *r) + { + uint32_t _ptr_user_name; ++ uint32_t size_user_name_1 = 0; ++ uint32_t length_user_name_1 = 0; + TALLOC_CTX *_mem_save_user_name_0; + uint32_t _ptr_logon_domain; ++ uint32_t size_logon_domain_1 = 0; ++ uint32_t length_logon_domain_1 = 0; + TALLOC_CTX *_mem_save_logon_domain_0; + uint32_t _ptr_other_domains; ++ uint32_t size_other_domains_1 = 0; ++ uint32_t length_other_domains_1 = 0; + TALLOC_CTX *_mem_save_other_domains_0; + uint32_t _ptr_logon_server; ++ uint32_t size_logon_server_1 = 0; ++ uint32_t length_logon_server_1 = 0; + TALLOC_CTX *_mem_save_logon_server_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -3163,11 +3209,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaUserInfo1(struct ndr_pull *ndr + NDR_PULL_SET_MEM_CTX(ndr, r->user_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->user_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->user_name)); +- if (ndr_get_array_length(ndr, &r->user_name) > ndr_get_array_size(ndr, &r->user_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->user_name), ndr_get_array_length(ndr, &r->user_name)); ++ size_user_name_1 = ndr_get_array_size(ndr, &r->user_name); ++ length_user_name_1 = ndr_get_array_length(ndr, &r->user_name); ++ if (length_user_name_1 > size_user_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_user_name_1, length_user_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->user_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user_name, ndr_get_array_length(ndr, &r->user_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_user_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user_name, length_user_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user_name_0, 0); + } + if (r->logon_domain) { +@@ -3175,11 +3223,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaUserInfo1(struct ndr_pull *ndr + NDR_PULL_SET_MEM_CTX(ndr, r->logon_domain, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->logon_domain)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->logon_domain)); +- if (ndr_get_array_length(ndr, &r->logon_domain) > ndr_get_array_size(ndr, &r->logon_domain)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->logon_domain), ndr_get_array_length(ndr, &r->logon_domain)); ++ size_logon_domain_1 = ndr_get_array_size(ndr, &r->logon_domain); ++ length_logon_domain_1 = ndr_get_array_length(ndr, &r->logon_domain); ++ if (length_logon_domain_1 > size_logon_domain_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_logon_domain_1, length_logon_domain_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->logon_domain), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->logon_domain, ndr_get_array_length(ndr, &r->logon_domain), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_logon_domain_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->logon_domain, length_logon_domain_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_logon_domain_0, 0); + } + if (r->other_domains) { +@@ -3187,11 +3237,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaUserInfo1(struct ndr_pull *ndr + NDR_PULL_SET_MEM_CTX(ndr, r->other_domains, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->other_domains)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->other_domains)); +- if (ndr_get_array_length(ndr, &r->other_domains) > ndr_get_array_size(ndr, &r->other_domains)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->other_domains), ndr_get_array_length(ndr, &r->other_domains)); ++ size_other_domains_1 = ndr_get_array_size(ndr, &r->other_domains); ++ length_other_domains_1 = ndr_get_array_length(ndr, &r->other_domains); ++ if (length_other_domains_1 > size_other_domains_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_other_domains_1, length_other_domains_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->other_domains), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->other_domains, ndr_get_array_length(ndr, &r->other_domains), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_other_domains_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->other_domains, length_other_domains_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_other_domains_0, 0); + } + if (r->logon_server) { +@@ -3199,11 +3251,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaUserInfo1(struct ndr_pull *ndr + NDR_PULL_SET_MEM_CTX(ndr, r->logon_server, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->logon_server)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->logon_server)); +- if (ndr_get_array_length(ndr, &r->logon_server) > ndr_get_array_size(ndr, &r->logon_server)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->logon_server), ndr_get_array_length(ndr, &r->logon_server)); ++ size_logon_server_1 = ndr_get_array_size(ndr, &r->logon_server); ++ length_logon_server_1 = ndr_get_array_length(ndr, &r->logon_server); ++ if (length_logon_server_1 > size_logon_server_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_logon_server_1, length_logon_server_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->logon_server), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->logon_server, ndr_get_array_length(ndr, &r->logon_server), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_logon_server_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->logon_server, length_logon_server_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_logon_server_0, 0); + } + } +@@ -3266,6 +3320,7 @@ static enum ndr_err_code ndr_push_wkssvc_NetWkstaEnumUsersCtr1(struct ndr_push * + static enum ndr_err_code ndr_pull_wkssvc_NetWkstaEnumUsersCtr1(struct ndr_pull *ndr, int ndr_flags, struct wkssvc_NetWkstaEnumUsersCtr1 *r) + { + uint32_t _ptr_user1; ++ uint32_t size_user1_1 = 0; + uint32_t cntr_user1_1; + TALLOC_CTX *_mem_save_user1_0; + TALLOC_CTX *_mem_save_user1_1; +@@ -3284,13 +3339,14 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaEnumUsersCtr1(struct ndr_pull * + _mem_save_user1_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->user1, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->user1)); +- NDR_PULL_ALLOC_N(ndr, r->user1, ndr_get_array_size(ndr, &r->user1)); ++ size_user1_1 = ndr_get_array_size(ndr, &r->user1); ++ NDR_PULL_ALLOC_N(ndr, r->user1, size_user1_1); + _mem_save_user1_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->user1, 0); +- for (cntr_user1_1 = 0; cntr_user1_1 < r->entries_read; cntr_user1_1++) { ++ for (cntr_user1_1 = 0; cntr_user1_1 < size_user1_1; cntr_user1_1++) { + NDR_CHECK(ndr_pull_wkssvc_NetrWkstaUserInfo1(ndr, NDR_SCALARS, &r->user1[cntr_user1_1])); + } +- for (cntr_user1_1 = 0; cntr_user1_1 < r->entries_read; cntr_user1_1++) { ++ for (cntr_user1_1 = 0; cntr_user1_1 < size_user1_1; cntr_user1_1++) { + NDR_CHECK(ndr_pull_wkssvc_NetrWkstaUserInfo1(ndr, NDR_BUFFERS, &r->user1[cntr_user1_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user1_1, 0); +@@ -3372,7 +3428,9 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaEnumUsersCtr(struct ndr_pull *n + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_user0_0; ++ uint32_t _ptr_user0; + TALLOC_CTX *_mem_save_user1_0; ++ uint32_t _ptr_user1; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -3381,7 +3439,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaEnumUsersCtr(struct ndr_pull *n + } + switch (level) { + case 0: { +- uint32_t _ptr_user0; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_user0)); + if (_ptr_user0) { + NDR_PULL_ALLOC(ndr, r->user0); +@@ -3391,7 +3448,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaEnumUsersCtr(struct ndr_pull *n + break; } + + case 1: { +- uint32_t _ptr_user1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_user1)); + if (_ptr_user1) { + NDR_PULL_ALLOC(ndr, r->user1); +@@ -3518,6 +3574,8 @@ static enum ndr_err_code ndr_push_wkssvc_NetrWkstaUserInfo1101(struct ndr_push * + static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaUserInfo1101(struct ndr_pull *ndr, int ndr_flags, struct wkssvc_NetrWkstaUserInfo1101 *r) + { + uint32_t _ptr_other_domains; ++ uint32_t size_other_domains_1 = 0; ++ uint32_t length_other_domains_1 = 0; + TALLOC_CTX *_mem_save_other_domains_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -3534,11 +3592,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaUserInfo1101(struct ndr_pull * + NDR_PULL_SET_MEM_CTX(ndr, r->other_domains, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->other_domains)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->other_domains)); +- if (ndr_get_array_length(ndr, &r->other_domains) > ndr_get_array_size(ndr, &r->other_domains)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->other_domains), ndr_get_array_length(ndr, &r->other_domains)); ++ size_other_domains_1 = ndr_get_array_size(ndr, &r->other_domains); ++ length_other_domains_1 = ndr_get_array_length(ndr, &r->other_domains); ++ if (length_other_domains_1 > size_other_domains_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_other_domains_1, length_other_domains_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->other_domains), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->other_domains, ndr_get_array_length(ndr, &r->other_domains), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_other_domains_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->other_domains, length_other_domains_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_other_domains_0, 0); + } + } +@@ -3613,8 +3673,11 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaUserInfo(struct ndr_pull *ndr, + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_info0_0; ++ uint32_t _ptr_info0; + TALLOC_CTX *_mem_save_info1_0; ++ uint32_t _ptr_info1; + TALLOC_CTX *_mem_save_info1101_0; ++ uint32_t _ptr_info1101; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -3623,7 +3686,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaUserInfo(struct ndr_pull *ndr, + } + switch (level) { + case 0: { +- uint32_t _ptr_info0; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info0)); + if (_ptr_info0) { + NDR_PULL_ALLOC(ndr, r->info0); +@@ -3633,7 +3695,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaUserInfo(struct ndr_pull *ndr, + break; } + + case 1: { +- uint32_t _ptr_info1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1)); + if (_ptr_info1) { + NDR_PULL_ALLOC(ndr, r->info1); +@@ -3643,7 +3704,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaUserInfo(struct ndr_pull *ndr, + break; } + + case 1101: { +- uint32_t _ptr_info1101; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1101)); + if (_ptr_info1101) { + NDR_PULL_ALLOC(ndr, r->info1101); +@@ -3760,8 +3820,12 @@ static enum ndr_err_code ndr_push_wkssvc_NetWkstaTransportInfo0(struct ndr_push + static enum ndr_err_code ndr_pull_wkssvc_NetWkstaTransportInfo0(struct ndr_pull *ndr, int ndr_flags, struct wkssvc_NetWkstaTransportInfo0 *r) + { + uint32_t _ptr_name; ++ uint32_t size_name_1 = 0; ++ uint32_t length_name_1 = 0; + TALLOC_CTX *_mem_save_name_0; + uint32_t _ptr_address; ++ uint32_t size_address_1 = 0; ++ uint32_t length_address_1 = 0; + TALLOC_CTX *_mem_save_address_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -3787,11 +3851,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaTransportInfo0(struct ndr_pull + NDR_PULL_SET_MEM_CTX(ndr, r->name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->name)); +- if (ndr_get_array_length(ndr, &r->name) > ndr_get_array_size(ndr, &r->name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->name), ndr_get_array_length(ndr, &r->name)); ++ size_name_1 = ndr_get_array_size(ndr, &r->name); ++ length_name_1 = ndr_get_array_length(ndr, &r->name); ++ if (length_name_1 > size_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_1, length_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, ndr_get_array_length(ndr, &r->name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->name, length_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_0, 0); + } + if (r->address) { +@@ -3799,11 +3865,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaTransportInfo0(struct ndr_pull + NDR_PULL_SET_MEM_CTX(ndr, r->address, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->address)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->address)); +- if (ndr_get_array_length(ndr, &r->address) > ndr_get_array_size(ndr, &r->address)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->address), ndr_get_array_length(ndr, &r->address)); ++ size_address_1 = ndr_get_array_size(ndr, &r->address); ++ length_address_1 = ndr_get_array_length(ndr, &r->address); ++ if (length_address_1 > size_address_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_address_1, length_address_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->address), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->address, ndr_get_array_length(ndr, &r->address), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_address_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->address, length_address_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_address_0, 0); + } + } +@@ -3857,6 +3925,7 @@ static enum ndr_err_code ndr_push_wkssvc_NetWkstaTransportCtr0(struct ndr_push * + static enum ndr_err_code ndr_pull_wkssvc_NetWkstaTransportCtr0(struct ndr_pull *ndr, int ndr_flags, struct wkssvc_NetWkstaTransportCtr0 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -3875,13 +3944,14 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaTransportCtr0(struct ndr_pull * + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_wkssvc_NetWkstaTransportInfo0(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_wkssvc_NetWkstaTransportInfo0(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -3953,6 +4023,7 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaTransportCtr(struct ndr_pull *n + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_ctr0_0; ++ uint32_t _ptr_ctr0; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -3961,7 +4032,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaTransportCtr(struct ndr_pull *n + } + switch (level) { + case 0: { +- uint32_t _ptr_ctr0; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr0)); + if (_ptr_ctr0) { + NDR_PULL_ALLOC(ndr, r->ctr0); +@@ -4077,8 +4147,12 @@ static enum ndr_err_code ndr_push_wkssvc_NetrUseInfo3(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_wkssvc_NetrUseInfo3(struct ndr_pull *ndr, int ndr_flags, struct wkssvc_NetrUseInfo3 *r) + { + uint32_t _ptr_unknown1; ++ uint32_t size_unknown1_1 = 0; ++ uint32_t length_unknown1_1 = 0; + TALLOC_CTX *_mem_save_unknown1_0; + uint32_t _ptr_unknown2; ++ uint32_t size_unknown2_1 = 0; ++ uint32_t length_unknown2_1 = 0; + TALLOC_CTX *_mem_save_unknown2_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -4101,11 +4175,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseInfo3(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->unknown1, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->unknown1)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->unknown1)); +- if (ndr_get_array_length(ndr, &r->unknown1) > ndr_get_array_size(ndr, &r->unknown1)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->unknown1), ndr_get_array_length(ndr, &r->unknown1)); ++ size_unknown1_1 = ndr_get_array_size(ndr, &r->unknown1); ++ length_unknown1_1 = ndr_get_array_length(ndr, &r->unknown1); ++ if (length_unknown1_1 > size_unknown1_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_unknown1_1, length_unknown1_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->unknown1), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->unknown1, ndr_get_array_length(ndr, &r->unknown1), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_unknown1_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->unknown1, length_unknown1_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_unknown1_0, 0); + } + if (r->unknown2) { +@@ -4113,11 +4189,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseInfo3(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->unknown2, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->unknown2)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->unknown2)); +- if (ndr_get_array_length(ndr, &r->unknown2) > ndr_get_array_size(ndr, &r->unknown2)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->unknown2), ndr_get_array_length(ndr, &r->unknown2)); ++ size_unknown2_1 = ndr_get_array_size(ndr, &r->unknown2); ++ length_unknown2_1 = ndr_get_array_length(ndr, &r->unknown2); ++ if (length_unknown2_1 > size_unknown2_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_unknown2_1, length_unknown2_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->unknown2), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->unknown2, ndr_get_array_length(ndr, &r->unknown2), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_unknown2_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->unknown2, length_unknown2_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_unknown2_0, 0); + } + } +@@ -4195,14 +4273,24 @@ static enum ndr_err_code ndr_push_wkssvc_NetrUseInfo2(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_wkssvc_NetrUseInfo2(struct ndr_pull *ndr, int ndr_flags, struct wkssvc_NetrUseInfo2 *r) + { + uint32_t _ptr_local; ++ uint32_t size_local_1 = 0; ++ uint32_t length_local_1 = 0; + TALLOC_CTX *_mem_save_local_0; + uint32_t _ptr_remote; ++ uint32_t size_remote_1 = 0; ++ uint32_t length_remote_1 = 0; + TALLOC_CTX *_mem_save_remote_0; + uint32_t _ptr_password; ++ uint32_t size_password_1 = 0; ++ uint32_t length_password_1 = 0; + TALLOC_CTX *_mem_save_password_0; + uint32_t _ptr_user_name; ++ uint32_t size_user_name_1 = 0; ++ uint32_t length_user_name_1 = 0; + TALLOC_CTX *_mem_save_user_name_0; + uint32_t _ptr_domain_name; ++ uint32_t size_domain_name_1 = 0; ++ uint32_t length_domain_name_1 = 0; + TALLOC_CTX *_mem_save_domain_name_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -4247,11 +4335,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseInfo2(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->local, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->local)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->local)); +- if (ndr_get_array_length(ndr, &r->local) > ndr_get_array_size(ndr, &r->local)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->local), ndr_get_array_length(ndr, &r->local)); ++ size_local_1 = ndr_get_array_size(ndr, &r->local); ++ length_local_1 = ndr_get_array_length(ndr, &r->local); ++ if (length_local_1 > size_local_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_local_1, length_local_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->local), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->local, ndr_get_array_length(ndr, &r->local), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_local_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->local, length_local_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_local_0, 0); + } + if (r->remote) { +@@ -4259,11 +4349,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseInfo2(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->remote, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->remote)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->remote)); +- if (ndr_get_array_length(ndr, &r->remote) > ndr_get_array_size(ndr, &r->remote)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->remote), ndr_get_array_length(ndr, &r->remote)); ++ size_remote_1 = ndr_get_array_size(ndr, &r->remote); ++ length_remote_1 = ndr_get_array_length(ndr, &r->remote); ++ if (length_remote_1 > size_remote_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_remote_1, length_remote_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->remote), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->remote, ndr_get_array_length(ndr, &r->remote), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_remote_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->remote, length_remote_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_remote_0, 0); + } + if (r->password) { +@@ -4271,11 +4363,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseInfo2(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->password, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->password)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->password)); +- if (ndr_get_array_length(ndr, &r->password) > ndr_get_array_size(ndr, &r->password)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->password), ndr_get_array_length(ndr, &r->password)); ++ size_password_1 = ndr_get_array_size(ndr, &r->password); ++ length_password_1 = ndr_get_array_length(ndr, &r->password); ++ if (length_password_1 > size_password_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_password_1, length_password_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->password), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->password, ndr_get_array_length(ndr, &r->password), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_password_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->password, length_password_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_password_0, 0); + } + if (r->user_name) { +@@ -4283,11 +4377,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseInfo2(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->user_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->user_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->user_name)); +- if (ndr_get_array_length(ndr, &r->user_name) > ndr_get_array_size(ndr, &r->user_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->user_name), ndr_get_array_length(ndr, &r->user_name)); ++ size_user_name_1 = ndr_get_array_size(ndr, &r->user_name); ++ length_user_name_1 = ndr_get_array_length(ndr, &r->user_name); ++ if (length_user_name_1 > size_user_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_user_name_1, length_user_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->user_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user_name, ndr_get_array_length(ndr, &r->user_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_user_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->user_name, length_user_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_user_name_0, 0); + } + if (r->domain_name) { +@@ -4295,11 +4391,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseInfo2(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->domain_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->domain_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->domain_name)); +- if (ndr_get_array_length(ndr, &r->domain_name) > ndr_get_array_size(ndr, &r->domain_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->domain_name), ndr_get_array_length(ndr, &r->domain_name)); ++ size_domain_name_1 = ndr_get_array_size(ndr, &r->domain_name); ++ length_domain_name_1 = ndr_get_array_length(ndr, &r->domain_name); ++ if (length_domain_name_1 > size_domain_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_name_1, length_domain_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->domain_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain_name, ndr_get_array_length(ndr, &r->domain_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->domain_name, length_domain_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_domain_name_0, 0); + } + } +@@ -4385,10 +4483,16 @@ static enum ndr_err_code ndr_push_wkssvc_NetrUseInfo1(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_wkssvc_NetrUseInfo1(struct ndr_pull *ndr, int ndr_flags, struct wkssvc_NetrUseInfo1 *r) + { + uint32_t _ptr_local; ++ uint32_t size_local_1 = 0; ++ uint32_t length_local_1 = 0; + TALLOC_CTX *_mem_save_local_0; + uint32_t _ptr_remote; ++ uint32_t size_remote_1 = 0; ++ uint32_t length_remote_1 = 0; + TALLOC_CTX *_mem_save_remote_0; + uint32_t _ptr_password; ++ uint32_t size_password_1 = 0; ++ uint32_t length_password_1 = 0; + TALLOC_CTX *_mem_save_password_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -4421,11 +4525,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseInfo1(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->local, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->local)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->local)); +- if (ndr_get_array_length(ndr, &r->local) > ndr_get_array_size(ndr, &r->local)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->local), ndr_get_array_length(ndr, &r->local)); ++ size_local_1 = ndr_get_array_size(ndr, &r->local); ++ length_local_1 = ndr_get_array_length(ndr, &r->local); ++ if (length_local_1 > size_local_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_local_1, length_local_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->local), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->local, ndr_get_array_length(ndr, &r->local), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_local_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->local, length_local_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_local_0, 0); + } + if (r->remote) { +@@ -4433,11 +4539,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseInfo1(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->remote, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->remote)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->remote)); +- if (ndr_get_array_length(ndr, &r->remote) > ndr_get_array_size(ndr, &r->remote)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->remote), ndr_get_array_length(ndr, &r->remote)); ++ size_remote_1 = ndr_get_array_size(ndr, &r->remote); ++ length_remote_1 = ndr_get_array_length(ndr, &r->remote); ++ if (length_remote_1 > size_remote_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_remote_1, length_remote_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->remote), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->remote, ndr_get_array_length(ndr, &r->remote), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_remote_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->remote, length_remote_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_remote_0, 0); + } + if (r->password) { +@@ -4445,11 +4553,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseInfo1(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->password, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->password)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->password)); +- if (ndr_get_array_length(ndr, &r->password) > ndr_get_array_size(ndr, &r->password)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->password), ndr_get_array_length(ndr, &r->password)); ++ size_password_1 = ndr_get_array_size(ndr, &r->password); ++ length_password_1 = ndr_get_array_length(ndr, &r->password); ++ if (length_password_1 > size_password_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_password_1, length_password_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->password), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->password, ndr_get_array_length(ndr, &r->password), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_password_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->password, length_password_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_password_0, 0); + } + } +@@ -4512,8 +4622,12 @@ static enum ndr_err_code ndr_push_wkssvc_NetrUseInfo0(struct ndr_push *ndr, int + static enum ndr_err_code ndr_pull_wkssvc_NetrUseInfo0(struct ndr_pull *ndr, int ndr_flags, struct wkssvc_NetrUseInfo0 *r) + { + uint32_t _ptr_local; ++ uint32_t size_local_1 = 0; ++ uint32_t length_local_1 = 0; + TALLOC_CTX *_mem_save_local_0; + uint32_t _ptr_remote; ++ uint32_t size_remote_1 = 0; ++ uint32_t length_remote_1 = 0; + TALLOC_CTX *_mem_save_remote_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); +@@ -4536,11 +4650,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseInfo0(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->local, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->local)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->local)); +- if (ndr_get_array_length(ndr, &r->local) > ndr_get_array_size(ndr, &r->local)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->local), ndr_get_array_length(ndr, &r->local)); ++ size_local_1 = ndr_get_array_size(ndr, &r->local); ++ length_local_1 = ndr_get_array_length(ndr, &r->local); ++ if (length_local_1 > size_local_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_local_1, length_local_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->local), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->local, ndr_get_array_length(ndr, &r->local), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_local_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->local, length_local_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_local_0, 0); + } + if (r->remote) { +@@ -4548,11 +4664,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseInfo0(struct ndr_pull *ndr, int + NDR_PULL_SET_MEM_CTX(ndr, r->remote, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->remote)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->remote)); +- if (ndr_get_array_length(ndr, &r->remote) > ndr_get_array_size(ndr, &r->remote)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->remote), ndr_get_array_length(ndr, &r->remote)); ++ size_remote_1 = ndr_get_array_size(ndr, &r->remote); ++ length_remote_1 = ndr_get_array_length(ndr, &r->remote); ++ if (length_remote_1 > size_remote_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_remote_1, length_remote_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->remote), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->remote, ndr_get_array_length(ndr, &r->remote), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_remote_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->remote, length_remote_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_remote_0, 0); + } + } +@@ -4643,9 +4761,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseGetInfoCtr(struct ndr_pull *ndr, + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_info0_0; ++ uint32_t _ptr_info0; + TALLOC_CTX *_mem_save_info1_0; ++ uint32_t _ptr_info1; + TALLOC_CTX *_mem_save_info2_0; ++ uint32_t _ptr_info2; + TALLOC_CTX *_mem_save_info3_0; ++ uint32_t _ptr_info3; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -4654,7 +4776,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseGetInfoCtr(struct ndr_pull *ndr, + } + switch (level) { + case 0: { +- uint32_t _ptr_info0; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info0)); + if (_ptr_info0) { + NDR_PULL_ALLOC(ndr, r->info0); +@@ -4664,7 +4785,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseGetInfoCtr(struct ndr_pull *ndr, + break; } + + case 1: { +- uint32_t _ptr_info1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info1)); + if (_ptr_info1) { + NDR_PULL_ALLOC(ndr, r->info1); +@@ -4674,7 +4794,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseGetInfoCtr(struct ndr_pull *ndr, + break; } + + case 2: { +- uint32_t _ptr_info2; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info2)); + if (_ptr_info2) { + NDR_PULL_ALLOC(ndr, r->info2); +@@ -4684,7 +4803,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseGetInfoCtr(struct ndr_pull *ndr, + break; } + + case 3: { +- uint32_t _ptr_info3; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info3)); + if (_ptr_info3) { + NDR_PULL_ALLOC(ndr, r->info3); +@@ -4814,6 +4932,7 @@ static enum ndr_err_code ndr_push_wkssvc_NetrUseEnumCtr2(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_wkssvc_NetrUseEnumCtr2(struct ndr_pull *ndr, int ndr_flags, struct wkssvc_NetrUseEnumCtr2 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -4832,13 +4951,14 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseEnumCtr2(struct ndr_pull *ndr, i + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_wkssvc_NetrUseInfo2(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_wkssvc_NetrUseInfo2(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -4900,6 +5020,7 @@ static enum ndr_err_code ndr_push_wkssvc_NetrUseEnumCtr1(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_wkssvc_NetrUseEnumCtr1(struct ndr_pull *ndr, int ndr_flags, struct wkssvc_NetrUseEnumCtr1 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -4918,13 +5039,14 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseEnumCtr1(struct ndr_pull *ndr, i + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_wkssvc_NetrUseInfo1(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_wkssvc_NetrUseInfo1(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -4986,6 +5108,7 @@ static enum ndr_err_code ndr_push_wkssvc_NetrUseEnumCtr0(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_wkssvc_NetrUseEnumCtr0(struct ndr_pull *ndr, int ndr_flags, struct wkssvc_NetrUseEnumCtr0 *r) + { + uint32_t _ptr_array; ++ uint32_t size_array_1 = 0; + uint32_t cntr_array_1; + TALLOC_CTX *_mem_save_array_0; + TALLOC_CTX *_mem_save_array_1; +@@ -5004,13 +5127,14 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseEnumCtr0(struct ndr_pull *ndr, i + _mem_save_array_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->array)); +- NDR_PULL_ALLOC_N(ndr, r->array, ndr_get_array_size(ndr, &r->array)); ++ size_array_1 = ndr_get_array_size(ndr, &r->array); ++ NDR_PULL_ALLOC_N(ndr, r->array, size_array_1); + _mem_save_array_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->array, 0); +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_wkssvc_NetrUseInfo0(ndr, NDR_SCALARS, &r->array[cntr_array_1])); + } +- for (cntr_array_1 = 0; cntr_array_1 < r->count; cntr_array_1++) { ++ for (cntr_array_1 = 0; cntr_array_1 < size_array_1; cntr_array_1++) { + NDR_CHECK(ndr_pull_wkssvc_NetrUseInfo0(ndr, NDR_BUFFERS, &r->array[cntr_array_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_array_1, 0); +@@ -5102,8 +5226,11 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseEnumCtr(struct ndr_pull *ndr, in + int level; + uint32_t _level; + TALLOC_CTX *_mem_save_ctr0_0; ++ uint32_t _ptr_ctr0; + TALLOC_CTX *_mem_save_ctr1_0; ++ uint32_t _ptr_ctr1; + TALLOC_CTX *_mem_save_ctr2_0; ++ uint32_t _ptr_ctr2; + level = ndr_pull_get_switch_value(ndr, r); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &_level)); +@@ -5112,7 +5239,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseEnumCtr(struct ndr_pull *ndr, in + } + switch (level) { + case 0: { +- uint32_t _ptr_ctr0; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr0)); + if (_ptr_ctr0) { + NDR_PULL_ALLOC(ndr, r->ctr0); +@@ -5122,7 +5248,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseEnumCtr(struct ndr_pull *ndr, in + break; } + + case 1: { +- uint32_t _ptr_ctr1; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr1)); + if (_ptr_ctr1) { + NDR_PULL_ALLOC(ndr, r->ctr1); +@@ -5132,7 +5257,6 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseEnumCtr(struct ndr_pull *ndr, in + break; } + + case 2: { +- uint32_t _ptr_ctr2; + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ctr2)); + if (_ptr_ctr2) { + NDR_PULL_ALLOC(ndr, r->ctr2); +@@ -5500,12 +5624,14 @@ static enum ndr_err_code ndr_push_wkssvc_PasswordBuffer(struct ndr_push *ndr, in + + static enum ndr_err_code ndr_pull_wkssvc_PasswordBuffer(struct ndr_pull *ndr, int ndr_flags, struct wkssvc_PasswordBuffer *r) + { ++ uint32_t size_data_0 = 0; + { + uint32_t _flags_save_STRUCT = ndr->flags; + ndr_set_flags(&ndr->flags, LIBNDR_PRINT_ARRAY_HEX); + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 1)); +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, 524)); ++ size_data_0 = 524; ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->data, size_data_0)); + } + if (ndr_flags & NDR_BUFFERS) { + } +@@ -5610,6 +5736,7 @@ static enum ndr_err_code ndr_push_wkssvc_ComputerNamesCtr(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_wkssvc_ComputerNamesCtr(struct ndr_pull *ndr, int ndr_flags, struct wkssvc_ComputerNamesCtr *r) + { + uint32_t _ptr_computer_name; ++ uint32_t size_computer_name_1 = 0; + uint32_t cntr_computer_name_1; + TALLOC_CTX *_mem_save_computer_name_0; + TALLOC_CTX *_mem_save_computer_name_1; +@@ -5628,13 +5755,14 @@ static enum ndr_err_code ndr_pull_wkssvc_ComputerNamesCtr(struct ndr_pull *ndr, + _mem_save_computer_name_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->computer_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->computer_name)); +- NDR_PULL_ALLOC_N(ndr, r->computer_name, ndr_get_array_size(ndr, &r->computer_name)); ++ size_computer_name_1 = ndr_get_array_size(ndr, &r->computer_name); ++ NDR_PULL_ALLOC_N(ndr, r->computer_name, size_computer_name_1); + _mem_save_computer_name_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->computer_name, 0); +- for (cntr_computer_name_1 = 0; cntr_computer_name_1 < r->count; cntr_computer_name_1++) { ++ for (cntr_computer_name_1 = 0; cntr_computer_name_1 < size_computer_name_1; cntr_computer_name_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS, &r->computer_name[cntr_computer_name_1])); + } +- for (cntr_computer_name_1 = 0; cntr_computer_name_1 < r->count; cntr_computer_name_1++) { ++ for (cntr_computer_name_1 = 0; cntr_computer_name_1 < size_computer_name_1; cntr_computer_name_1++) { + NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_BUFFERS, &r->computer_name[cntr_computer_name_1])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_computer_name_1, 0); +@@ -5697,6 +5825,8 @@ static enum ndr_err_code ndr_push_wkssvc_NetWkstaGetInfo(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_wkssvc_NetWkstaGetInfo(struct ndr_pull *ndr, int flags, struct wkssvc_NetWkstaGetInfo *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_info_0; + if (flags & NDR_IN) { +@@ -5713,11 +5843,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaGetInfo(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); +@@ -5805,6 +5937,8 @@ static enum ndr_err_code ndr_push_wkssvc_NetWkstaSetInfo(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_wkssvc_NetWkstaSetInfo(struct ndr_pull *ndr, int flags, struct wkssvc_NetWkstaSetInfo *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_info_0; + TALLOC_CTX *_mem_save_parm_error_0; +@@ -5822,11 +5956,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaSetInfo(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); +@@ -5943,6 +6079,8 @@ static enum ndr_err_code ndr_push_wkssvc_NetWkstaEnumUsers(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_wkssvc_NetWkstaEnumUsers(struct ndr_pull *ndr, int flags, struct wkssvc_NetWkstaEnumUsers *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_resume_handle; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_info_0; +@@ -5962,11 +6100,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaEnumUsers(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -6104,6 +6244,8 @@ static enum ndr_err_code ndr_push_wkssvc_NetrWkstaUserGetInfo(struct ndr_push *n + static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaUserGetInfo(struct ndr_pull *ndr, int flags, struct wkssvc_NetrWkstaUserGetInfo *r) + { + uint32_t _ptr_unknown; ++ uint32_t size_unknown_1 = 0; ++ uint32_t length_unknown_1 = 0; + TALLOC_CTX *_mem_save_unknown_0; + TALLOC_CTX *_mem_save_info_0; + if (flags & NDR_IN) { +@@ -6120,11 +6262,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaUserGetInfo(struct ndr_pull *n + NDR_PULL_SET_MEM_CTX(ndr, r->in.unknown, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.unknown)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.unknown)); +- if (ndr_get_array_length(ndr, &r->in.unknown) > ndr_get_array_size(ndr, &r->in.unknown)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.unknown), ndr_get_array_length(ndr, &r->in.unknown)); ++ size_unknown_1 = ndr_get_array_size(ndr, &r->in.unknown); ++ length_unknown_1 = ndr_get_array_length(ndr, &r->in.unknown); ++ if (length_unknown_1 > size_unknown_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_unknown_1, length_unknown_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.unknown), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.unknown, ndr_get_array_length(ndr, &r->in.unknown), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_unknown_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.unknown, length_unknown_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_unknown_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); +@@ -6212,6 +6356,8 @@ static enum ndr_err_code ndr_push_wkssvc_NetrWkstaUserSetInfo(struct ndr_push *n + static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaUserSetInfo(struct ndr_pull *ndr, int flags, struct wkssvc_NetrWkstaUserSetInfo *r) + { + uint32_t _ptr_unknown; ++ uint32_t size_unknown_1 = 0; ++ uint32_t length_unknown_1 = 0; + uint32_t _ptr_parm_err; + TALLOC_CTX *_mem_save_unknown_0; + TALLOC_CTX *_mem_save_info_0; +@@ -6230,11 +6376,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaUserSetInfo(struct ndr_pull *n + NDR_PULL_SET_MEM_CTX(ndr, r->in.unknown, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.unknown)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.unknown)); +- if (ndr_get_array_length(ndr, &r->in.unknown) > ndr_get_array_size(ndr, &r->in.unknown)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.unknown), ndr_get_array_length(ndr, &r->in.unknown)); ++ size_unknown_1 = ndr_get_array_size(ndr, &r->in.unknown); ++ length_unknown_1 = ndr_get_array_length(ndr, &r->in.unknown); ++ if (length_unknown_1 > size_unknown_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_unknown_1, length_unknown_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.unknown), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.unknown, ndr_get_array_length(ndr, &r->in.unknown), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_unknown_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.unknown, length_unknown_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_unknown_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); +@@ -6363,6 +6511,8 @@ static enum ndr_err_code ndr_push_wkssvc_NetWkstaTransportEnum(struct ndr_push * + static enum ndr_err_code ndr_pull_wkssvc_NetWkstaTransportEnum(struct ndr_pull *ndr, int flags, struct wkssvc_NetWkstaTransportEnum *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_resume_handle; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_info_0; +@@ -6382,11 +6532,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetWkstaTransportEnum(struct ndr_pull * + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -6531,6 +6683,8 @@ static enum ndr_err_code ndr_push_wkssvc_NetrWkstaTransportAdd(struct ndr_push * + static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaTransportAdd(struct ndr_pull *ndr, int flags, struct wkssvc_NetrWkstaTransportAdd *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_parm_err; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_info0_0; +@@ -6549,11 +6703,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaTransportAdd(struct ndr_pull * + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); +@@ -6667,7 +6823,11 @@ static enum ndr_err_code ndr_push_wkssvc_NetrWkstaTransportDel(struct ndr_push * + static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaTransportDel(struct ndr_pull *ndr, int flags, struct wkssvc_NetrWkstaTransportDel *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_transport_name; ++ uint32_t size_transport_name_1 = 0; ++ uint32_t length_transport_name_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_transport_name_0; + if (flags & NDR_IN) { +@@ -6682,11 +6842,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaTransportDel(struct ndr_pull * + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_transport_name)); +@@ -6700,11 +6862,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrWkstaTransportDel(struct ndr_pull * + NDR_PULL_SET_MEM_CTX(ndr, r->in.transport_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.transport_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.transport_name)); +- if (ndr_get_array_length(ndr, &r->in.transport_name) > ndr_get_array_size(ndr, &r->in.transport_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.transport_name), ndr_get_array_length(ndr, &r->in.transport_name)); ++ size_transport_name_1 = ndr_get_array_size(ndr, &r->in.transport_name); ++ length_transport_name_1 = ndr_get_array_length(ndr, &r->in.transport_name); ++ if (length_transport_name_1 > size_transport_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_transport_name_1, length_transport_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.transport_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.transport_name, ndr_get_array_length(ndr, &r->in.transport_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_transport_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.transport_name, length_transport_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_transport_name_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.unknown3)); +@@ -6783,6 +6947,8 @@ static enum ndr_err_code ndr_push_wkssvc_NetrUseAdd(struct ndr_push *ndr, int fl + static enum ndr_err_code ndr_pull_wkssvc_NetrUseAdd(struct ndr_pull *ndr, int flags, struct wkssvc_NetrUseAdd *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_parm_err; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_ctr_0; +@@ -6801,11 +6967,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseAdd(struct ndr_pull *ndr, int fl + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); +@@ -6926,6 +7094,10 @@ static enum ndr_err_code ndr_push_wkssvc_NetrUseGetInfo(struct ndr_push *ndr, in + static enum ndr_err_code ndr_pull_wkssvc_NetrUseGetInfo(struct ndr_pull *ndr, int flags, struct wkssvc_NetrUseGetInfo *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_use_name_1 = 0; ++ uint32_t length_use_name_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_ctr_0; + if (flags & NDR_IN) { +@@ -6942,20 +7114,24 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseGetInfo(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.use_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.use_name)); +- if (ndr_get_array_length(ndr, &r->in.use_name) > ndr_get_array_size(ndr, &r->in.use_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.use_name), ndr_get_array_length(ndr, &r->in.use_name)); ++ size_use_name_1 = ndr_get_array_size(ndr, &r->in.use_name); ++ length_use_name_1 = ndr_get_array_length(ndr, &r->in.use_name); ++ if (length_use_name_1 > size_use_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_use_name_1, length_use_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.use_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.use_name, ndr_get_array_length(ndr, &r->in.use_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_use_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.use_name, length_use_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.level)); + NDR_PULL_ALLOC(ndr, r->out.ctr); + ZERO_STRUCTP(r->out.ctr); +@@ -7039,6 +7215,10 @@ static enum ndr_err_code ndr_push_wkssvc_NetrUseDel(struct ndr_push *ndr, int fl + static enum ndr_err_code ndr_pull_wkssvc_NetrUseDel(struct ndr_pull *ndr, int flags, struct wkssvc_NetrUseDel *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_use_name_1 = 0; ++ uint32_t length_use_name_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_server_name)); +@@ -7052,20 +7232,24 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseDel(struct ndr_pull *ndr, int fl + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.use_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.use_name)); +- if (ndr_get_array_length(ndr, &r->in.use_name) > ndr_get_array_size(ndr, &r->in.use_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.use_name), ndr_get_array_length(ndr, &r->in.use_name)); ++ size_use_name_1 = ndr_get_array_size(ndr, &r->in.use_name); ++ length_use_name_1 = ndr_get_array_length(ndr, &r->in.use_name); ++ if (length_use_name_1 > size_use_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_use_name_1, length_use_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.use_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.use_name, ndr_get_array_length(ndr, &r->in.use_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_use_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.use_name, length_use_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.force_cond)); + } + if (flags & NDR_OUT) { +@@ -7147,6 +7331,8 @@ static enum ndr_err_code ndr_push_wkssvc_NetrUseEnum(struct ndr_push *ndr, int f + static enum ndr_err_code ndr_pull_wkssvc_NetrUseEnum(struct ndr_pull *ndr, int flags, struct wkssvc_NetrUseEnum *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_resume_handle; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_info_0; +@@ -7166,11 +7352,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUseEnum(struct ndr_pull *ndr, int f + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -7322,7 +7510,14 @@ static enum ndr_err_code ndr_push_wkssvc_NetrMessageBufferSend(struct ndr_push * + static enum ndr_err_code ndr_pull_wkssvc_NetrMessageBufferSend(struct ndr_pull *ndr, int flags, struct wkssvc_NetrMessageBufferSend *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_message_name_1 = 0; ++ uint32_t length_message_name_1 = 0; + uint32_t _ptr_message_sender_name; ++ uint32_t size_message_sender_name_1 = 0; ++ uint32_t length_message_sender_name_1 = 0; ++ uint32_t size_message_buffer_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_message_sender_name_0; + if (flags & NDR_IN) { +@@ -7337,20 +7532,24 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrMessageBufferSend(struct ndr_pull * + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.message_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.message_name)); +- if (ndr_get_array_length(ndr, &r->in.message_name) > ndr_get_array_size(ndr, &r->in.message_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.message_name), ndr_get_array_length(ndr, &r->in.message_name)); ++ size_message_name_1 = ndr_get_array_size(ndr, &r->in.message_name); ++ length_message_name_1 = ndr_get_array_length(ndr, &r->in.message_name); ++ if (length_message_name_1 > size_message_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_message_name_1, length_message_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.message_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.message_name, ndr_get_array_length(ndr, &r->in.message_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_message_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.message_name, length_message_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_message_sender_name)); + if (_ptr_message_sender_name) { + NDR_PULL_ALLOC(ndr, r->in.message_sender_name); +@@ -7362,18 +7561,21 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrMessageBufferSend(struct ndr_pull * + NDR_PULL_SET_MEM_CTX(ndr, r->in.message_sender_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.message_sender_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.message_sender_name)); +- if (ndr_get_array_length(ndr, &r->in.message_sender_name) > ndr_get_array_size(ndr, &r->in.message_sender_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.message_sender_name), ndr_get_array_length(ndr, &r->in.message_sender_name)); ++ size_message_sender_name_1 = ndr_get_array_size(ndr, &r->in.message_sender_name); ++ length_message_sender_name_1 = ndr_get_array_length(ndr, &r->in.message_sender_name); ++ if (length_message_sender_name_1 > size_message_sender_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_message_sender_name_1, length_message_sender_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.message_sender_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.message_sender_name, ndr_get_array_length(ndr, &r->in.message_sender_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_message_sender_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.message_sender_name, length_message_sender_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_message_sender_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.message_buffer)); ++ size_message_buffer_1 = ndr_get_array_size(ndr, &r->in.message_buffer); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +- NDR_PULL_ALLOC_N(ndr, r->in.message_buffer, ndr_get_array_size(ndr, &r->in.message_buffer)); ++ NDR_PULL_ALLOC_N(ndr, r->in.message_buffer, size_message_buffer_1); + } +- NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.message_buffer, ndr_get_array_size(ndr, &r->in.message_buffer))); ++ NDR_CHECK(ndr_pull_array_uint8(ndr, NDR_SCALARS, r->in.message_buffer, size_message_buffer_1)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.message_size)); + if (r->in.message_buffer) { + NDR_CHECK(ndr_check_array_size(ndr, (void*)&r->in.message_buffer, r->in.message_size)); +@@ -7463,7 +7665,11 @@ static enum ndr_err_code ndr_push_wkssvc_NetrWorkstationStatisticsGet(struct ndr + static enum ndr_err_code ndr_pull_wkssvc_NetrWorkstationStatisticsGet(struct ndr_pull *ndr, int flags, struct wkssvc_NetrWorkstationStatisticsGet *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_unknown2; ++ uint32_t size_unknown2_1 = 0; ++ uint32_t length_unknown2_1 = 0; + uint32_t _ptr_info; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_unknown2_0; +@@ -7483,11 +7689,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrWorkstationStatisticsGet(struct ndr + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_unknown2)); +@@ -7501,11 +7709,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrWorkstationStatisticsGet(struct ndr + NDR_PULL_SET_MEM_CTX(ndr, r->in.unknown2, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.unknown2)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.unknown2)); +- if (ndr_get_array_length(ndr, &r->in.unknown2) > ndr_get_array_size(ndr, &r->in.unknown2)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.unknown2), ndr_get_array_length(ndr, &r->in.unknown2)); ++ size_unknown2_1 = ndr_get_array_size(ndr, &r->in.unknown2); ++ length_unknown2_1 = ndr_get_array_length(ndr, &r->in.unknown2); ++ if (length_unknown2_1 > size_unknown2_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_unknown2_1, length_unknown2_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.unknown2), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.unknown2, ndr_get_array_length(ndr, &r->in.unknown2), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_unknown2_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.unknown2, length_unknown2_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_unknown2_0, 0); + } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->in.unknown3)); +@@ -7600,14 +7810,18 @@ static enum ndr_err_code ndr_push_wkssvc_NetrLogonDomainNameAdd(struct ndr_push + + static enum ndr_err_code ndr_pull_wkssvc_NetrLogonDomainNameAdd(struct ndr_pull *ndr, int flags, struct wkssvc_NetrLogonDomainNameAdd *r) + { ++ uint32_t size_domain_name_1 = 0; ++ uint32_t length_domain_name_1 = 0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.domain_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.domain_name)); +- if (ndr_get_array_length(ndr, &r->in.domain_name) > ndr_get_array_size(ndr, &r->in.domain_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.domain_name), ndr_get_array_length(ndr, &r->in.domain_name)); ++ size_domain_name_1 = ndr_get_array_size(ndr, &r->in.domain_name); ++ length_domain_name_1 = ndr_get_array_length(ndr, &r->in.domain_name); ++ if (length_domain_name_1 > size_domain_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_name_1, length_domain_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, length_domain_name_1, sizeof(uint16_t), CH_UTF16)); + } + if (flags & NDR_OUT) { + NDR_CHECK(ndr_pull_WERROR(ndr, NDR_SCALARS, &r->out.result)); +@@ -7659,14 +7873,18 @@ static enum ndr_err_code ndr_push_wkssvc_NetrLogonDomainNameDel(struct ndr_push + + static enum ndr_err_code ndr_pull_wkssvc_NetrLogonDomainNameDel(struct ndr_pull *ndr, int flags, struct wkssvc_NetrLogonDomainNameDel *r) + { ++ uint32_t size_domain_name_1 = 0; ++ uint32_t length_domain_name_1 = 0; + if (flags & NDR_IN) { + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.domain_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.domain_name)); +- if (ndr_get_array_length(ndr, &r->in.domain_name) > ndr_get_array_size(ndr, &r->in.domain_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.domain_name), ndr_get_array_length(ndr, &r->in.domain_name)); ++ size_domain_name_1 = ndr_get_array_size(ndr, &r->in.domain_name); ++ length_domain_name_1 = ndr_get_array_length(ndr, &r->in.domain_name); ++ if (length_domain_name_1 > size_domain_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_name_1, length_domain_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, length_domain_name_1, sizeof(uint16_t), CH_UTF16)); + } + if (flags & NDR_OUT) { + NDR_CHECK(ndr_pull_WERROR(ndr, NDR_SCALARS, &r->out.result)); +@@ -7748,9 +7966,19 @@ static enum ndr_err_code ndr_push_wkssvc_NetrJoinDomain(struct ndr_push *ndr, in + static enum ndr_err_code ndr_pull_wkssvc_NetrJoinDomain(struct ndr_pull *ndr, int flags, struct wkssvc_NetrJoinDomain *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_domain_name_1 = 0; ++ uint32_t length_domain_name_1 = 0; + uint32_t _ptr_account_ou; ++ uint32_t size_account_ou_1 = 0; ++ uint32_t length_account_ou_1 = 0; + uint32_t _ptr_Account; ++ uint32_t size_Account_1 = 0; ++ uint32_t length_Account_1 = 0; + uint32_t _ptr_password; ++ uint32_t size_password_1 = 0; ++ uint32_t length_password_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_account_ou_0; + TALLOC_CTX *_mem_save_Account_0; +@@ -7767,20 +7995,24 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrJoinDomain(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.domain_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.domain_name)); +- if (ndr_get_array_length(ndr, &r->in.domain_name) > ndr_get_array_size(ndr, &r->in.domain_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.domain_name), ndr_get_array_length(ndr, &r->in.domain_name)); ++ size_domain_name_1 = ndr_get_array_size(ndr, &r->in.domain_name); ++ length_domain_name_1 = ndr_get_array_length(ndr, &r->in.domain_name); ++ if (length_domain_name_1 > size_domain_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_name_1, length_domain_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, length_domain_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_account_ou)); + if (_ptr_account_ou) { + NDR_PULL_ALLOC(ndr, r->in.account_ou); +@@ -7792,11 +8024,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrJoinDomain(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.account_ou, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.account_ou)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.account_ou)); +- if (ndr_get_array_length(ndr, &r->in.account_ou) > ndr_get_array_size(ndr, &r->in.account_ou)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.account_ou), ndr_get_array_length(ndr, &r->in.account_ou)); ++ size_account_ou_1 = ndr_get_array_size(ndr, &r->in.account_ou); ++ length_account_ou_1 = ndr_get_array_length(ndr, &r->in.account_ou); ++ if (length_account_ou_1 > size_account_ou_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_account_ou_1, length_account_ou_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.account_ou), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_ou, ndr_get_array_length(ndr, &r->in.account_ou), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_account_ou_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_ou, length_account_ou_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_account_ou_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_Account)); +@@ -7810,11 +8044,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrJoinDomain(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.Account, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.Account)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.Account)); +- if (ndr_get_array_length(ndr, &r->in.Account) > ndr_get_array_size(ndr, &r->in.Account)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.Account), ndr_get_array_length(ndr, &r->in.Account)); ++ size_Account_1 = ndr_get_array_size(ndr, &r->in.Account); ++ length_Account_1 = ndr_get_array_length(ndr, &r->in.Account); ++ if (length_Account_1 > size_Account_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_Account_1, length_Account_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_Account_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, length_Account_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_Account_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_password)); +@@ -7828,11 +8064,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrJoinDomain(struct ndr_pull *ndr, in + NDR_PULL_SET_MEM_CTX(ndr, r->in.password, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.password)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.password)); +- if (ndr_get_array_length(ndr, &r->in.password) > ndr_get_array_size(ndr, &r->in.password)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.password), ndr_get_array_length(ndr, &r->in.password)); ++ size_password_1 = ndr_get_array_size(ndr, &r->in.password); ++ length_password_1 = ndr_get_array_length(ndr, &r->in.password); ++ if (length_password_1 > size_password_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_password_1, length_password_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.password), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.password, ndr_get_array_length(ndr, &r->in.password), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_password_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.password, length_password_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_password_0, 0); + } + NDR_CHECK(ndr_pull_wkssvc_joinflags(ndr, NDR_SCALARS, &r->in.join_flags)); +@@ -7928,8 +8166,14 @@ static enum ndr_err_code ndr_push_wkssvc_NetrUnjoinDomain(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_wkssvc_NetrUnjoinDomain(struct ndr_pull *ndr, int flags, struct wkssvc_NetrUnjoinDomain *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_Account; ++ uint32_t size_Account_1 = 0; ++ uint32_t length_Account_1 = 0; + uint32_t _ptr_password; ++ uint32_t size_password_1 = 0; ++ uint32_t length_password_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_Account_0; + TALLOC_CTX *_mem_save_password_0; +@@ -7945,11 +8189,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUnjoinDomain(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_Account)); +@@ -7963,11 +8209,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUnjoinDomain(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.Account, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.Account)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.Account)); +- if (ndr_get_array_length(ndr, &r->in.Account) > ndr_get_array_size(ndr, &r->in.Account)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.Account), ndr_get_array_length(ndr, &r->in.Account)); ++ size_Account_1 = ndr_get_array_size(ndr, &r->in.Account); ++ length_Account_1 = ndr_get_array_length(ndr, &r->in.Account); ++ if (length_Account_1 > size_Account_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_Account_1, length_Account_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_Account_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, length_Account_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_Account_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_password)); +@@ -7981,11 +8229,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUnjoinDomain(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.password, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.password)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.password)); +- if (ndr_get_array_length(ndr, &r->in.password) > ndr_get_array_size(ndr, &r->in.password)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.password), ndr_get_array_length(ndr, &r->in.password)); ++ size_password_1 = ndr_get_array_size(ndr, &r->in.password); ++ length_password_1 = ndr_get_array_length(ndr, &r->in.password); ++ if (length_password_1 > size_password_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_password_1, length_password_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.password), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.password, ndr_get_array_length(ndr, &r->in.password), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_password_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.password, length_password_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_password_0, 0); + } + NDR_CHECK(ndr_pull_wkssvc_joinflags(ndr, NDR_SCALARS, &r->in.unjoin_flags)); +@@ -8078,9 +8328,17 @@ static enum ndr_err_code ndr_push_wkssvc_NetrRenameMachineInDomain(struct ndr_pu + static enum ndr_err_code ndr_pull_wkssvc_NetrRenameMachineInDomain(struct ndr_pull *ndr, int flags, struct wkssvc_NetrRenameMachineInDomain *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_NewMachineName; ++ uint32_t size_NewMachineName_1 = 0; ++ uint32_t length_NewMachineName_1 = 0; + uint32_t _ptr_Account; ++ uint32_t size_Account_1 = 0; ++ uint32_t length_Account_1 = 0; + uint32_t _ptr_password; ++ uint32_t size_password_1 = 0; ++ uint32_t length_password_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_NewMachineName_0; + TALLOC_CTX *_mem_save_Account_0; +@@ -8097,11 +8355,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrRenameMachineInDomain(struct ndr_pu + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_NewMachineName)); +@@ -8115,11 +8375,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrRenameMachineInDomain(struct ndr_pu + NDR_PULL_SET_MEM_CTX(ndr, r->in.NewMachineName, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.NewMachineName)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.NewMachineName)); +- if (ndr_get_array_length(ndr, &r->in.NewMachineName) > ndr_get_array_size(ndr, &r->in.NewMachineName)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.NewMachineName), ndr_get_array_length(ndr, &r->in.NewMachineName)); ++ size_NewMachineName_1 = ndr_get_array_size(ndr, &r->in.NewMachineName); ++ length_NewMachineName_1 = ndr_get_array_length(ndr, &r->in.NewMachineName); ++ if (length_NewMachineName_1 > size_NewMachineName_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_NewMachineName_1, length_NewMachineName_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.NewMachineName), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.NewMachineName, ndr_get_array_length(ndr, &r->in.NewMachineName), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_NewMachineName_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.NewMachineName, length_NewMachineName_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_NewMachineName_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_Account)); +@@ -8133,11 +8395,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrRenameMachineInDomain(struct ndr_pu + NDR_PULL_SET_MEM_CTX(ndr, r->in.Account, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.Account)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.Account)); +- if (ndr_get_array_length(ndr, &r->in.Account) > ndr_get_array_size(ndr, &r->in.Account)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.Account), ndr_get_array_length(ndr, &r->in.Account)); ++ size_Account_1 = ndr_get_array_size(ndr, &r->in.Account); ++ length_Account_1 = ndr_get_array_length(ndr, &r->in.Account); ++ if (length_Account_1 > size_Account_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_Account_1, length_Account_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_Account_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, length_Account_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_Account_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_password)); +@@ -8151,11 +8415,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrRenameMachineInDomain(struct ndr_pu + NDR_PULL_SET_MEM_CTX(ndr, r->in.password, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.password)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.password)); +- if (ndr_get_array_length(ndr, &r->in.password) > ndr_get_array_size(ndr, &r->in.password)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.password), ndr_get_array_length(ndr, &r->in.password)); ++ size_password_1 = ndr_get_array_size(ndr, &r->in.password); ++ length_password_1 = ndr_get_array_length(ndr, &r->in.password); ++ if (length_password_1 > size_password_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_password_1, length_password_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.password), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.password, ndr_get_array_length(ndr, &r->in.password), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_password_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.password, length_password_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_password_0, 0); + } + NDR_CHECK(ndr_pull_wkssvc_renameflags(ndr, NDR_SCALARS, &r->in.RenameOptions)); +@@ -8254,8 +8520,16 @@ static enum ndr_err_code ndr_push_wkssvc_NetrValidateName(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_wkssvc_NetrValidateName(struct ndr_pull *ndr, int flags, struct wkssvc_NetrValidateName *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_name_1 = 0; ++ uint32_t length_name_1 = 0; + uint32_t _ptr_Account; ++ uint32_t size_Account_1 = 0; ++ uint32_t length_Account_1 = 0; + uint32_t _ptr_Password; ++ uint32_t size_Password_1 = 0; ++ uint32_t length_Password_1 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_Account_0; + TALLOC_CTX *_mem_save_Password_0; +@@ -8271,20 +8545,24 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrValidateName(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.name)); +- if (ndr_get_array_length(ndr, &r->in.name) > ndr_get_array_size(ndr, &r->in.name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.name), ndr_get_array_length(ndr, &r->in.name)); ++ size_name_1 = ndr_get_array_size(ndr, &r->in.name); ++ length_name_1 = ndr_get_array_length(ndr, &r->in.name); ++ if (length_name_1 > size_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_1, length_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.name, ndr_get_array_length(ndr, &r->in.name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.name, length_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_Account)); + if (_ptr_Account) { + NDR_PULL_ALLOC(ndr, r->in.Account); +@@ -8296,11 +8574,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrValidateName(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.Account, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.Account)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.Account)); +- if (ndr_get_array_length(ndr, &r->in.Account) > ndr_get_array_size(ndr, &r->in.Account)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.Account), ndr_get_array_length(ndr, &r->in.Account)); ++ size_Account_1 = ndr_get_array_size(ndr, &r->in.Account); ++ length_Account_1 = ndr_get_array_length(ndr, &r->in.Account); ++ if (length_Account_1 > size_Account_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_Account_1, length_Account_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_Account_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, length_Account_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_Account_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_Password)); +@@ -8314,11 +8594,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrValidateName(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.Password, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.Password)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.Password)); +- if (ndr_get_array_length(ndr, &r->in.Password) > ndr_get_array_size(ndr, &r->in.Password)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.Password), ndr_get_array_length(ndr, &r->in.Password)); ++ size_Password_1 = ndr_get_array_size(ndr, &r->in.Password); ++ length_Password_1 = ndr_get_array_length(ndr, &r->in.Password); ++ if (length_Password_1 > size_Password_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_Password_1, length_Password_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.Password), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Password, ndr_get_array_length(ndr, &r->in.Password), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_Password_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Password, length_Password_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_Password_0, 0); + } + NDR_CHECK(ndr_pull_wkssvc_NetValidateNameType(ndr, NDR_SCALARS, &r->in.name_type)); +@@ -8417,7 +8699,11 @@ static enum ndr_err_code ndr_push_wkssvc_NetrGetJoinInformation(struct ndr_push + static enum ndr_err_code ndr_pull_wkssvc_NetrGetJoinInformation(struct ndr_pull *ndr, int flags, struct wkssvc_NetrGetJoinInformation *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_name_buffer; ++ uint32_t size_name_buffer_2 = 0; ++ uint32_t length_name_buffer_2 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_name_buffer_0; + TALLOC_CTX *_mem_save_name_buffer_1; +@@ -8436,11 +8722,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrGetJoinInformation(struct ndr_pull + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -8459,11 +8747,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrGetJoinInformation(struct ndr_pull + NDR_PULL_SET_MEM_CTX(ndr, *r->in.name_buffer, 0); + NDR_CHECK(ndr_pull_array_size(ndr, r->in.name_buffer)); + NDR_CHECK(ndr_pull_array_length(ndr, r->in.name_buffer)); +- if (ndr_get_array_length(ndr, r->in.name_buffer) > ndr_get_array_size(ndr, r->in.name_buffer)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, r->in.name_buffer), ndr_get_array_length(ndr, r->in.name_buffer)); ++ size_name_buffer_2 = ndr_get_array_size(ndr, r->in.name_buffer); ++ length_name_buffer_2 = ndr_get_array_length(ndr, r->in.name_buffer); ++ if (length_name_buffer_2 > size_name_buffer_2) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_buffer_2, length_name_buffer_2); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, r->in.name_buffer), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->in.name_buffer, ndr_get_array_length(ndr, r->in.name_buffer), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name_buffer_2, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->in.name_buffer, length_name_buffer_2, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_buffer_1, 0); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_buffer_0, LIBNDR_FLAG_REF_ALLOC); +@@ -8489,11 +8779,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrGetJoinInformation(struct ndr_pull + NDR_PULL_SET_MEM_CTX(ndr, *r->out.name_buffer, 0); + NDR_CHECK(ndr_pull_array_size(ndr, r->out.name_buffer)); + NDR_CHECK(ndr_pull_array_length(ndr, r->out.name_buffer)); +- if (ndr_get_array_length(ndr, r->out.name_buffer) > ndr_get_array_size(ndr, r->out.name_buffer)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, r->out.name_buffer), ndr_get_array_length(ndr, r->out.name_buffer)); ++ size_name_buffer_2 = ndr_get_array_size(ndr, r->out.name_buffer); ++ length_name_buffer_2 = ndr_get_array_length(ndr, r->out.name_buffer); ++ if (length_name_buffer_2 > size_name_buffer_2) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_buffer_2, length_name_buffer_2); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, r->out.name_buffer), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.name_buffer, ndr_get_array_length(ndr, r->out.name_buffer), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name_buffer_2, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, r->out.name_buffer, length_name_buffer_2, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_buffer_1, 0); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_buffer_0, LIBNDR_FLAG_REF_ALLOC); +@@ -8626,10 +8918,21 @@ static enum ndr_err_code ndr_push_wkssvc_NetrGetJoinableOus(struct ndr_push *ndr + static enum ndr_err_code ndr_pull_wkssvc_NetrGetJoinableOus(struct ndr_pull *ndr, int flags, struct wkssvc_NetrGetJoinableOus *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_domain_name_1 = 0; ++ uint32_t length_domain_name_1 = 0; + uint32_t _ptr_Account; ++ uint32_t size_Account_1 = 0; ++ uint32_t length_Account_1 = 0; + uint32_t _ptr_unknown; ++ uint32_t size_unknown_1 = 0; ++ uint32_t length_unknown_1 = 0; + uint32_t _ptr_ous; ++ uint32_t size_ous_2 = 0; + uint32_t cntr_ous_2; ++ uint32_t size_ous_4 = 0; ++ uint32_t length_ous_4 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_Account_0; + TALLOC_CTX *_mem_save_unknown_0; +@@ -8652,20 +8955,24 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrGetJoinableOus(struct ndr_pull *ndr + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.domain_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.domain_name)); +- if (ndr_get_array_length(ndr, &r->in.domain_name) > ndr_get_array_size(ndr, &r->in.domain_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.domain_name), ndr_get_array_length(ndr, &r->in.domain_name)); ++ size_domain_name_1 = ndr_get_array_size(ndr, &r->in.domain_name); ++ length_domain_name_1 = ndr_get_array_length(ndr, &r->in.domain_name); ++ if (length_domain_name_1 > size_domain_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_name_1, length_domain_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, length_domain_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_Account)); + if (_ptr_Account) { + NDR_PULL_ALLOC(ndr, r->in.Account); +@@ -8677,11 +8984,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrGetJoinableOus(struct ndr_pull *ndr + NDR_PULL_SET_MEM_CTX(ndr, r->in.Account, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.Account)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.Account)); +- if (ndr_get_array_length(ndr, &r->in.Account) > ndr_get_array_size(ndr, &r->in.Account)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.Account), ndr_get_array_length(ndr, &r->in.Account)); ++ size_Account_1 = ndr_get_array_size(ndr, &r->in.Account); ++ length_Account_1 = ndr_get_array_length(ndr, &r->in.Account); ++ if (length_Account_1 > size_Account_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_Account_1, length_Account_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_Account_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, length_Account_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_Account_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_unknown)); +@@ -8695,11 +9004,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrGetJoinableOus(struct ndr_pull *ndr + NDR_PULL_SET_MEM_CTX(ndr, r->in.unknown, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.unknown)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.unknown)); +- if (ndr_get_array_length(ndr, &r->in.unknown) > ndr_get_array_size(ndr, &r->in.unknown)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.unknown), ndr_get_array_length(ndr, &r->in.unknown)); ++ size_unknown_1 = ndr_get_array_size(ndr, &r->in.unknown); ++ length_unknown_1 = ndr_get_array_length(ndr, &r->in.unknown); ++ if (length_unknown_1 > size_unknown_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_unknown_1, length_unknown_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.unknown), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.unknown, ndr_get_array_length(ndr, &r->in.unknown), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_unknown_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.unknown, length_unknown_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_unknown_0, 0); + } + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { +@@ -8737,10 +9048,11 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrGetJoinableOus(struct ndr_pull *ndr + _mem_save_ous_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, *r->out.ous, 0); + NDR_CHECK(ndr_pull_array_size(ndr, r->out.ous)); +- NDR_PULL_ALLOC_N(ndr, *r->out.ous, ndr_get_array_size(ndr, r->out.ous)); ++ size_ous_2 = ndr_get_array_size(ndr, r->out.ous); ++ NDR_PULL_ALLOC_N(ndr, *r->out.ous, size_ous_2); + _mem_save_ous_2 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, *r->out.ous, 0); +- for (cntr_ous_2 = 0; cntr_ous_2 < *r->out.num_ous; cntr_ous_2++) { ++ for (cntr_ous_2 = 0; cntr_ous_2 < size_ous_2; cntr_ous_2++) { + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ous)); + if (_ptr_ous) { + NDR_PULL_ALLOC(ndr, (*r->out.ous)[cntr_ous_2]); +@@ -8748,17 +9060,19 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrGetJoinableOus(struct ndr_pull *ndr + (*r->out.ous)[cntr_ous_2] = NULL; + } + } +- for (cntr_ous_2 = 0; cntr_ous_2 < *r->out.num_ous; cntr_ous_2++) { ++ for (cntr_ous_2 = 0; cntr_ous_2 < size_ous_2; cntr_ous_2++) { + if ((*r->out.ous)[cntr_ous_2]) { + _mem_save_ous_3 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, (*r->out.ous)[cntr_ous_2], 0); + NDR_CHECK(ndr_pull_array_size(ndr, &(*r->out.ous)[cntr_ous_2])); + NDR_CHECK(ndr_pull_array_length(ndr, &(*r->out.ous)[cntr_ous_2])); +- if (ndr_get_array_length(ndr, &(*r->out.ous)[cntr_ous_2]) > ndr_get_array_size(ndr, &(*r->out.ous)[cntr_ous_2])) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &(*r->out.ous)[cntr_ous_2]), ndr_get_array_length(ndr, &(*r->out.ous)[cntr_ous_2])); ++ size_ous_4 = ndr_get_array_size(ndr, &(*r->out.ous)[cntr_ous_2]); ++ length_ous_4 = ndr_get_array_length(ndr, &(*r->out.ous)[cntr_ous_2]); ++ if (length_ous_4 > size_ous_4) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_ous_4, length_ous_4); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &(*r->out.ous)[cntr_ous_2]), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &(*r->out.ous)[cntr_ous_2], ndr_get_array_length(ndr, &(*r->out.ous)[cntr_ous_2]), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_ous_4, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &(*r->out.ous)[cntr_ous_2], length_ous_4, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_ous_3, 0); + } + } +@@ -8895,8 +9209,16 @@ static enum ndr_err_code ndr_push_wkssvc_NetrJoinDomain2(struct ndr_push *ndr, i + static enum ndr_err_code ndr_pull_wkssvc_NetrJoinDomain2(struct ndr_pull *ndr, int flags, struct wkssvc_NetrJoinDomain2 *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_domain_name_1 = 0; ++ uint32_t length_domain_name_1 = 0; + uint32_t _ptr_account_ou; ++ uint32_t size_account_ou_1 = 0; ++ uint32_t length_account_ou_1 = 0; + uint32_t _ptr_admin_account; ++ uint32_t size_admin_account_1 = 0; ++ uint32_t length_admin_account_1 = 0; + uint32_t _ptr_encrypted_password; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_account_ou_0; +@@ -8914,20 +9236,24 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrJoinDomain2(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.domain_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.domain_name)); +- if (ndr_get_array_length(ndr, &r->in.domain_name) > ndr_get_array_size(ndr, &r->in.domain_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.domain_name), ndr_get_array_length(ndr, &r->in.domain_name)); ++ size_domain_name_1 = ndr_get_array_size(ndr, &r->in.domain_name); ++ length_domain_name_1 = ndr_get_array_length(ndr, &r->in.domain_name); ++ if (length_domain_name_1 > size_domain_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_name_1, length_domain_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, length_domain_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_account_ou)); + if (_ptr_account_ou) { + NDR_PULL_ALLOC(ndr, r->in.account_ou); +@@ -8939,11 +9265,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrJoinDomain2(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->in.account_ou, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.account_ou)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.account_ou)); +- if (ndr_get_array_length(ndr, &r->in.account_ou) > ndr_get_array_size(ndr, &r->in.account_ou)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.account_ou), ndr_get_array_length(ndr, &r->in.account_ou)); ++ size_account_ou_1 = ndr_get_array_size(ndr, &r->in.account_ou); ++ length_account_ou_1 = ndr_get_array_length(ndr, &r->in.account_ou); ++ if (length_account_ou_1 > size_account_ou_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_account_ou_1, length_account_ou_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.account_ou), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_ou, ndr_get_array_length(ndr, &r->in.account_ou), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_account_ou_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account_ou, length_account_ou_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_account_ou_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_admin_account)); +@@ -8957,11 +9285,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrJoinDomain2(struct ndr_pull *ndr, i + NDR_PULL_SET_MEM_CTX(ndr, r->in.admin_account, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.admin_account)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.admin_account)); +- if (ndr_get_array_length(ndr, &r->in.admin_account) > ndr_get_array_size(ndr, &r->in.admin_account)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.admin_account), ndr_get_array_length(ndr, &r->in.admin_account)); ++ size_admin_account_1 = ndr_get_array_size(ndr, &r->in.admin_account); ++ length_admin_account_1 = ndr_get_array_length(ndr, &r->in.admin_account); ++ if (length_admin_account_1 > size_admin_account_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_admin_account_1, length_admin_account_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.admin_account), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.admin_account, ndr_get_array_length(ndr, &r->in.admin_account), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_admin_account_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.admin_account, length_admin_account_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_admin_account_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_encrypted_password)); +@@ -9066,7 +9396,11 @@ static enum ndr_err_code ndr_push_wkssvc_NetrUnjoinDomain2(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_wkssvc_NetrUnjoinDomain2(struct ndr_pull *ndr, int flags, struct wkssvc_NetrUnjoinDomain2 *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_account; ++ uint32_t size_account_1 = 0; ++ uint32_t length_account_1 = 0; + uint32_t _ptr_encrypted_password; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_account_0; +@@ -9083,11 +9417,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUnjoinDomain2(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_account)); +@@ -9101,11 +9437,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrUnjoinDomain2(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.account, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.account)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.account)); +- if (ndr_get_array_length(ndr, &r->in.account) > ndr_get_array_size(ndr, &r->in.account)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.account), ndr_get_array_length(ndr, &r->in.account)); ++ size_account_1 = ndr_get_array_size(ndr, &r->in.account); ++ length_account_1 = ndr_get_array_length(ndr, &r->in.account); ++ if (length_account_1 > size_account_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_account_1, length_account_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.account), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account, ndr_get_array_length(ndr, &r->in.account), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_account_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.account, length_account_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_account_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_encrypted_password)); +@@ -9207,8 +9545,14 @@ static enum ndr_err_code ndr_push_wkssvc_NetrRenameMachineInDomain2(struct ndr_p + static enum ndr_err_code ndr_pull_wkssvc_NetrRenameMachineInDomain2(struct ndr_pull *ndr, int flags, struct wkssvc_NetrRenameMachineInDomain2 *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_NewMachineName; ++ uint32_t size_NewMachineName_1 = 0; ++ uint32_t length_NewMachineName_1 = 0; + uint32_t _ptr_Account; ++ uint32_t size_Account_1 = 0; ++ uint32_t length_Account_1 = 0; + uint32_t _ptr_EncryptedPassword; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_NewMachineName_0; +@@ -9226,11 +9570,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrRenameMachineInDomain2(struct ndr_p + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_NewMachineName)); +@@ -9244,11 +9590,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrRenameMachineInDomain2(struct ndr_p + NDR_PULL_SET_MEM_CTX(ndr, r->in.NewMachineName, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.NewMachineName)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.NewMachineName)); +- if (ndr_get_array_length(ndr, &r->in.NewMachineName) > ndr_get_array_size(ndr, &r->in.NewMachineName)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.NewMachineName), ndr_get_array_length(ndr, &r->in.NewMachineName)); ++ size_NewMachineName_1 = ndr_get_array_size(ndr, &r->in.NewMachineName); ++ length_NewMachineName_1 = ndr_get_array_length(ndr, &r->in.NewMachineName); ++ if (length_NewMachineName_1 > size_NewMachineName_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_NewMachineName_1, length_NewMachineName_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.NewMachineName), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.NewMachineName, ndr_get_array_length(ndr, &r->in.NewMachineName), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_NewMachineName_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.NewMachineName, length_NewMachineName_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_NewMachineName_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_Account)); +@@ -9262,11 +9610,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrRenameMachineInDomain2(struct ndr_p + NDR_PULL_SET_MEM_CTX(ndr, r->in.Account, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.Account)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.Account)); +- if (ndr_get_array_length(ndr, &r->in.Account) > ndr_get_array_size(ndr, &r->in.Account)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.Account), ndr_get_array_length(ndr, &r->in.Account)); ++ size_Account_1 = ndr_get_array_size(ndr, &r->in.Account); ++ length_Account_1 = ndr_get_array_length(ndr, &r->in.Account); ++ if (length_Account_1 > size_Account_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_Account_1, length_Account_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_Account_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, length_Account_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_Account_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_EncryptedPassword)); +@@ -9374,7 +9724,13 @@ static enum ndr_err_code ndr_push_wkssvc_NetrValidateName2(struct ndr_push *ndr, + static enum ndr_err_code ndr_pull_wkssvc_NetrValidateName2(struct ndr_pull *ndr, int flags, struct wkssvc_NetrValidateName2 *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_name_1 = 0; ++ uint32_t length_name_1 = 0; + uint32_t _ptr_Account; ++ uint32_t size_Account_1 = 0; ++ uint32_t length_Account_1 = 0; + uint32_t _ptr_EncryptedPassword; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_Account_0; +@@ -9391,20 +9747,24 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrValidateName2(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.name)); +- if (ndr_get_array_length(ndr, &r->in.name) > ndr_get_array_size(ndr, &r->in.name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.name), ndr_get_array_length(ndr, &r->in.name)); ++ size_name_1 = ndr_get_array_size(ndr, &r->in.name); ++ length_name_1 = ndr_get_array_length(ndr, &r->in.name); ++ if (length_name_1 > size_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_name_1, length_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.name, ndr_get_array_length(ndr, &r->in.name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.name, length_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_Account)); + if (_ptr_Account) { + NDR_PULL_ALLOC(ndr, r->in.Account); +@@ -9416,11 +9776,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrValidateName2(struct ndr_pull *ndr, + NDR_PULL_SET_MEM_CTX(ndr, r->in.Account, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.Account)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.Account)); +- if (ndr_get_array_length(ndr, &r->in.Account) > ndr_get_array_size(ndr, &r->in.Account)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.Account), ndr_get_array_length(ndr, &r->in.Account)); ++ size_Account_1 = ndr_get_array_size(ndr, &r->in.Account); ++ length_Account_1 = ndr_get_array_length(ndr, &r->in.Account); ++ if (length_Account_1 > size_Account_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_Account_1, length_Account_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_Account_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, length_Account_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_Account_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_EncryptedPassword)); +@@ -9552,10 +9914,19 @@ static enum ndr_err_code ndr_push_wkssvc_NetrGetJoinableOus2(struct ndr_push *nd + static enum ndr_err_code ndr_pull_wkssvc_NetrGetJoinableOus2(struct ndr_pull *ndr, int flags, struct wkssvc_NetrGetJoinableOus2 *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; ++ uint32_t size_domain_name_1 = 0; ++ uint32_t length_domain_name_1 = 0; + uint32_t _ptr_Account; ++ uint32_t size_Account_1 = 0; ++ uint32_t length_Account_1 = 0; + uint32_t _ptr_EncryptedPassword; + uint32_t _ptr_ous; ++ uint32_t size_ous_2 = 0; + uint32_t cntr_ous_2; ++ uint32_t size_ous_4 = 0; ++ uint32_t length_ous_4 = 0; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_Account_0; + TALLOC_CTX *_mem_save_EncryptedPassword_0; +@@ -9578,20 +9949,24 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrGetJoinableOus2(struct ndr_pull *nd + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.domain_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.domain_name)); +- if (ndr_get_array_length(ndr, &r->in.domain_name) > ndr_get_array_size(ndr, &r->in.domain_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.domain_name), ndr_get_array_length(ndr, &r->in.domain_name)); ++ size_domain_name_1 = ndr_get_array_size(ndr, &r->in.domain_name); ++ length_domain_name_1 = ndr_get_array_length(ndr, &r->in.domain_name); ++ if (length_domain_name_1 > size_domain_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_domain_name_1, length_domain_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, ndr_get_array_length(ndr, &r->in.domain_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_domain_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.domain_name, length_domain_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_Account)); + if (_ptr_Account) { + NDR_PULL_ALLOC(ndr, r->in.Account); +@@ -9603,11 +9978,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrGetJoinableOus2(struct ndr_pull *nd + NDR_PULL_SET_MEM_CTX(ndr, r->in.Account, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.Account)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.Account)); +- if (ndr_get_array_length(ndr, &r->in.Account) > ndr_get_array_size(ndr, &r->in.Account)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.Account), ndr_get_array_length(ndr, &r->in.Account)); ++ size_Account_1 = ndr_get_array_size(ndr, &r->in.Account); ++ length_Account_1 = ndr_get_array_length(ndr, &r->in.Account); ++ if (length_Account_1 > size_Account_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_Account_1, length_Account_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_Account_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, length_Account_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_Account_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_EncryptedPassword)); +@@ -9657,10 +10034,11 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrGetJoinableOus2(struct ndr_pull *nd + _mem_save_ous_1 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, *r->out.ous, 0); + NDR_CHECK(ndr_pull_array_size(ndr, r->out.ous)); +- NDR_PULL_ALLOC_N(ndr, *r->out.ous, ndr_get_array_size(ndr, r->out.ous)); ++ size_ous_2 = ndr_get_array_size(ndr, r->out.ous); ++ NDR_PULL_ALLOC_N(ndr, *r->out.ous, size_ous_2); + _mem_save_ous_2 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, *r->out.ous, 0); +- for (cntr_ous_2 = 0; cntr_ous_2 < *r->out.num_ous; cntr_ous_2++) { ++ for (cntr_ous_2 = 0; cntr_ous_2 < size_ous_2; cntr_ous_2++) { + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_ous)); + if (_ptr_ous) { + NDR_PULL_ALLOC(ndr, (*r->out.ous)[cntr_ous_2]); +@@ -9668,17 +10046,19 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrGetJoinableOus2(struct ndr_pull *nd + (*r->out.ous)[cntr_ous_2] = NULL; + } + } +- for (cntr_ous_2 = 0; cntr_ous_2 < *r->out.num_ous; cntr_ous_2++) { ++ for (cntr_ous_2 = 0; cntr_ous_2 < size_ous_2; cntr_ous_2++) { + if ((*r->out.ous)[cntr_ous_2]) { + _mem_save_ous_3 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, (*r->out.ous)[cntr_ous_2], 0); + NDR_CHECK(ndr_pull_array_size(ndr, &(*r->out.ous)[cntr_ous_2])); + NDR_CHECK(ndr_pull_array_length(ndr, &(*r->out.ous)[cntr_ous_2])); +- if (ndr_get_array_length(ndr, &(*r->out.ous)[cntr_ous_2]) > ndr_get_array_size(ndr, &(*r->out.ous)[cntr_ous_2])) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &(*r->out.ous)[cntr_ous_2]), ndr_get_array_length(ndr, &(*r->out.ous)[cntr_ous_2])); ++ size_ous_4 = ndr_get_array_size(ndr, &(*r->out.ous)[cntr_ous_2]); ++ length_ous_4 = ndr_get_array_length(ndr, &(*r->out.ous)[cntr_ous_2]); ++ if (length_ous_4 > size_ous_4) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_ous_4, length_ous_4); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &(*r->out.ous)[cntr_ous_2]), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &(*r->out.ous)[cntr_ous_2], ndr_get_array_length(ndr, &(*r->out.ous)[cntr_ous_2]), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_ous_4, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &(*r->out.ous)[cntr_ous_2], length_ous_4, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_ous_3, 0); + } + } +@@ -9808,8 +10188,14 @@ static enum ndr_err_code ndr_push_wkssvc_NetrAddAlternateComputerName(struct ndr + static enum ndr_err_code ndr_pull_wkssvc_NetrAddAlternateComputerName(struct ndr_pull *ndr, int flags, struct wkssvc_NetrAddAlternateComputerName *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_NewAlternateMachineName; ++ uint32_t size_NewAlternateMachineName_1 = 0; ++ uint32_t length_NewAlternateMachineName_1 = 0; + uint32_t _ptr_Account; ++ uint32_t size_Account_1 = 0; ++ uint32_t length_Account_1 = 0; + uint32_t _ptr_EncryptedPassword; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_NewAlternateMachineName_0; +@@ -9827,11 +10213,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrAddAlternateComputerName(struct ndr + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_NewAlternateMachineName)); +@@ -9845,11 +10233,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrAddAlternateComputerName(struct ndr + NDR_PULL_SET_MEM_CTX(ndr, r->in.NewAlternateMachineName, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.NewAlternateMachineName)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.NewAlternateMachineName)); +- if (ndr_get_array_length(ndr, &r->in.NewAlternateMachineName) > ndr_get_array_size(ndr, &r->in.NewAlternateMachineName)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.NewAlternateMachineName), ndr_get_array_length(ndr, &r->in.NewAlternateMachineName)); ++ size_NewAlternateMachineName_1 = ndr_get_array_size(ndr, &r->in.NewAlternateMachineName); ++ length_NewAlternateMachineName_1 = ndr_get_array_length(ndr, &r->in.NewAlternateMachineName); ++ if (length_NewAlternateMachineName_1 > size_NewAlternateMachineName_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_NewAlternateMachineName_1, length_NewAlternateMachineName_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.NewAlternateMachineName), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.NewAlternateMachineName, ndr_get_array_length(ndr, &r->in.NewAlternateMachineName), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_NewAlternateMachineName_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.NewAlternateMachineName, length_NewAlternateMachineName_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_NewAlternateMachineName_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_Account)); +@@ -9863,11 +10253,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrAddAlternateComputerName(struct ndr + NDR_PULL_SET_MEM_CTX(ndr, r->in.Account, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.Account)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.Account)); +- if (ndr_get_array_length(ndr, &r->in.Account) > ndr_get_array_size(ndr, &r->in.Account)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.Account), ndr_get_array_length(ndr, &r->in.Account)); ++ size_Account_1 = ndr_get_array_size(ndr, &r->in.Account); ++ length_Account_1 = ndr_get_array_length(ndr, &r->in.Account); ++ if (length_Account_1 > size_Account_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_Account_1, length_Account_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_Account_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, length_Account_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_Account_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_EncryptedPassword)); +@@ -9975,8 +10367,14 @@ static enum ndr_err_code ndr_push_wkssvc_NetrRemoveAlternateComputerName(struct + static enum ndr_err_code ndr_pull_wkssvc_NetrRemoveAlternateComputerName(struct ndr_pull *ndr, int flags, struct wkssvc_NetrRemoveAlternateComputerName *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_AlternateMachineNameToRemove; ++ uint32_t size_AlternateMachineNameToRemove_1 = 0; ++ uint32_t length_AlternateMachineNameToRemove_1 = 0; + uint32_t _ptr_Account; ++ uint32_t size_Account_1 = 0; ++ uint32_t length_Account_1 = 0; + uint32_t _ptr_EncryptedPassword; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_AlternateMachineNameToRemove_0; +@@ -9994,11 +10392,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrRemoveAlternateComputerName(struct + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_AlternateMachineNameToRemove)); +@@ -10012,11 +10412,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrRemoveAlternateComputerName(struct + NDR_PULL_SET_MEM_CTX(ndr, r->in.AlternateMachineNameToRemove, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.AlternateMachineNameToRemove)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.AlternateMachineNameToRemove)); +- if (ndr_get_array_length(ndr, &r->in.AlternateMachineNameToRemove) > ndr_get_array_size(ndr, &r->in.AlternateMachineNameToRemove)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.AlternateMachineNameToRemove), ndr_get_array_length(ndr, &r->in.AlternateMachineNameToRemove)); ++ size_AlternateMachineNameToRemove_1 = ndr_get_array_size(ndr, &r->in.AlternateMachineNameToRemove); ++ length_AlternateMachineNameToRemove_1 = ndr_get_array_length(ndr, &r->in.AlternateMachineNameToRemove); ++ if (length_AlternateMachineNameToRemove_1 > size_AlternateMachineNameToRemove_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_AlternateMachineNameToRemove_1, length_AlternateMachineNameToRemove_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.AlternateMachineNameToRemove), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.AlternateMachineNameToRemove, ndr_get_array_length(ndr, &r->in.AlternateMachineNameToRemove), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_AlternateMachineNameToRemove_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.AlternateMachineNameToRemove, length_AlternateMachineNameToRemove_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_AlternateMachineNameToRemove_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_Account)); +@@ -10030,11 +10432,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrRemoveAlternateComputerName(struct + NDR_PULL_SET_MEM_CTX(ndr, r->in.Account, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.Account)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.Account)); +- if (ndr_get_array_length(ndr, &r->in.Account) > ndr_get_array_size(ndr, &r->in.Account)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.Account), ndr_get_array_length(ndr, &r->in.Account)); ++ size_Account_1 = ndr_get_array_size(ndr, &r->in.Account); ++ length_Account_1 = ndr_get_array_length(ndr, &r->in.Account); ++ if (length_Account_1 > size_Account_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_Account_1, length_Account_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_Account_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, length_Account_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_Account_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_EncryptedPassword)); +@@ -10142,8 +10546,14 @@ static enum ndr_err_code ndr_push_wkssvc_NetrSetPrimaryComputername(struct ndr_p + static enum ndr_err_code ndr_pull_wkssvc_NetrSetPrimaryComputername(struct ndr_pull *ndr, int flags, struct wkssvc_NetrSetPrimaryComputername *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_primary_name; ++ uint32_t size_primary_name_1 = 0; ++ uint32_t length_primary_name_1 = 0; + uint32_t _ptr_Account; ++ uint32_t size_Account_1 = 0; ++ uint32_t length_Account_1 = 0; + uint32_t _ptr_EncryptedPassword; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_primary_name_0; +@@ -10161,11 +10571,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrSetPrimaryComputername(struct ndr_p + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_primary_name)); +@@ -10179,11 +10591,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrSetPrimaryComputername(struct ndr_p + NDR_PULL_SET_MEM_CTX(ndr, r->in.primary_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.primary_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.primary_name)); +- if (ndr_get_array_length(ndr, &r->in.primary_name) > ndr_get_array_size(ndr, &r->in.primary_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.primary_name), ndr_get_array_length(ndr, &r->in.primary_name)); ++ size_primary_name_1 = ndr_get_array_size(ndr, &r->in.primary_name); ++ length_primary_name_1 = ndr_get_array_length(ndr, &r->in.primary_name); ++ if (length_primary_name_1 > size_primary_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_primary_name_1, length_primary_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.primary_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.primary_name, ndr_get_array_length(ndr, &r->in.primary_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_primary_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.primary_name, length_primary_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_primary_name_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_Account)); +@@ -10197,11 +10611,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrSetPrimaryComputername(struct ndr_p + NDR_PULL_SET_MEM_CTX(ndr, r->in.Account, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.Account)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.Account)); +- if (ndr_get_array_length(ndr, &r->in.Account) > ndr_get_array_size(ndr, &r->in.Account)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.Account), ndr_get_array_length(ndr, &r->in.Account)); ++ size_Account_1 = ndr_get_array_size(ndr, &r->in.Account); ++ length_Account_1 = ndr_get_array_length(ndr, &r->in.Account); ++ if (length_Account_1 > size_Account_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_Account_1, length_Account_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, ndr_get_array_length(ndr, &r->in.Account), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_Account_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.Account, length_Account_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_Account_0, 0); + } + NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_EncryptedPassword)); +@@ -10299,6 +10715,8 @@ static enum ndr_err_code ndr_push_wkssvc_NetrEnumerateComputerNames(struct ndr_p + static enum ndr_err_code ndr_pull_wkssvc_NetrEnumerateComputerNames(struct ndr_pull *ndr, int flags, struct wkssvc_NetrEnumerateComputerNames *r) + { + uint32_t _ptr_server_name; ++ uint32_t size_server_name_1 = 0; ++ uint32_t length_server_name_1 = 0; + uint32_t _ptr_ctr; + TALLOC_CTX *_mem_save_server_name_0; + TALLOC_CTX *_mem_save_ctr_0; +@@ -10317,11 +10735,13 @@ static enum ndr_err_code ndr_pull_wkssvc_NetrEnumerateComputerNames(struct ndr_p + NDR_PULL_SET_MEM_CTX(ndr, r->in.server_name, 0); + NDR_CHECK(ndr_pull_array_size(ndr, &r->in.server_name)); + NDR_CHECK(ndr_pull_array_length(ndr, &r->in.server_name)); +- if (ndr_get_array_length(ndr, &r->in.server_name) > ndr_get_array_size(ndr, &r->in.server_name)) { +- return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", ndr_get_array_size(ndr, &r->in.server_name), ndr_get_array_length(ndr, &r->in.server_name)); ++ size_server_name_1 = ndr_get_array_size(ndr, &r->in.server_name); ++ length_server_name_1 = ndr_get_array_length(ndr, &r->in.server_name); ++ if (length_server_name_1 > size_server_name_1) { ++ return ndr_pull_error(ndr, NDR_ERR_ARRAY_SIZE, "Bad array size %u should exceed array length %u", size_server_name_1, length_server_name_1); + } +- NDR_CHECK(ndr_check_string_terminator(ndr, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t))); +- NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, ndr_get_array_length(ndr, &r->in.server_name), sizeof(uint16_t), CH_UTF16)); ++ NDR_CHECK(ndr_check_string_terminator(ndr, length_server_name_1, sizeof(uint16_t))); ++ NDR_CHECK(ndr_pull_charset(ndr, NDR_SCALARS, &r->in.server_name, length_server_name_1, sizeof(uint16_t), CH_UTF16)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_server_name_0, 0); + } + NDR_CHECK(ndr_pull_wkssvc_ComputerNameType(ndr, NDR_SCALARS, &r->in.name_type)); +diff --git a/source/librpc/gen_ndr/ndr_xattr.c b/source/librpc/gen_ndr/ndr_xattr.c +index ccbcc04..474a18e 100644 +--- a/source/librpc/gen_ndr/ndr_xattr.c ++++ b/source/librpc/gen_ndr/ndr_xattr.c +@@ -63,15 +63,17 @@ _PUBLIC_ enum ndr_err_code ndr_push_tdb_xattrs(struct ndr_push *ndr, int ndr_fla + + _PUBLIC_ enum ndr_err_code ndr_pull_tdb_xattrs(struct ndr_pull *ndr, int ndr_flags, struct tdb_xattrs *r) + { ++ uint32_t size_xattrs_0 = 0; + uint32_t cntr_xattrs_0; + TALLOC_CTX *_mem_save_xattrs_0; + if (ndr_flags & NDR_SCALARS) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->num_xattrs)); +- NDR_PULL_ALLOC_N(ndr, r->xattrs, r->num_xattrs); ++ size_xattrs_0 = r->num_xattrs; ++ NDR_PULL_ALLOC_N(ndr, r->xattrs, size_xattrs_0); + _mem_save_xattrs_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->xattrs, 0); +- for (cntr_xattrs_0 = 0; cntr_xattrs_0 < r->num_xattrs; cntr_xattrs_0++) { ++ for (cntr_xattrs_0 = 0; cntr_xattrs_0 < size_xattrs_0; cntr_xattrs_0++) { + NDR_CHECK(ndr_pull_tdb_xattr(ndr, NDR_SCALARS, &r->xattrs[cntr_xattrs_0])); + } + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_xattrs_0, 0); +-- +1.7.4.1 + diff --git a/patches/source/samba/samba-3.3.12-CVE-2010-2063.patch b/patches/source/samba/samba-3.3.12-CVE-2010-2063.patch new file mode 100644 index 000000000..1a55e5fe3 --- /dev/null +++ b/patches/source/samba/samba-3.3.12-CVE-2010-2063.patch @@ -0,0 +1,37 @@ +diff --git a/source/smbd/process.c b/source/smbd/process.c +index 446b868..403c7c6 100644 +--- a/source/smbd/process.c ++++ b/source/smbd/process.c +@@ -1645,6 +1645,7 @@ void construct_reply_common(const char *inbuf, char *outbuf) + void chain_reply(struct smb_request *req) + { + static char *orig_inbuf; ++ static int orig_size; + + /* + * Dirty little const_discard: We mess with req->inbuf, which is +@@ -1679,13 +1680,24 @@ void chain_reply(struct smb_request *req) + if (chain_size == 0) { + /* this is the first part of the chain */ + orig_inbuf = inbuf; ++ orig_size = size; + } + ++ /* Validate smb_off2 */ ++ if ((smb_off2 < smb_wct - 4) || orig_size < (smb_off2 + 4 - smb_wct)) { ++ exit_server_cleanly("Bad chained packet"); ++ return; ++ } + /* + * We need to save the output the caller added to the chain so that we + * can splice it into the final output buffer later. + */ + ++ if (outsize <= smb_wct) { ++ exit_server_cleanly("Bad chained packet"); ++ return; ++ } ++ + caller_outputlen = outsize - smb_wct; + + caller_output = (char *)memdup(outbuf + smb_wct, caller_outputlen); diff --git a/patches/source/samba/samba.3-2-fd_set.CVE-2011-0719.patch b/patches/source/samba/samba.3-2-fd_set.CVE-2011-0719.patch new file mode 100644 index 000000000..2ba252ba8 --- /dev/null +++ b/patches/source/samba/samba.3-2-fd_set.CVE-2011-0719.patch @@ -0,0 +1,541 @@ +diff --git a/source/client/client.c b/source/client/client.c +index 824dc32..0b095e5 100644 +--- a/source/client/client.c ++++ b/source/client/client.c +@@ -4369,8 +4369,10 @@ static void readline_callback(void) + + again: + +- if (cli->fd == -1) ++ if (cli->fd < 0 || cli->fd >= FD_SETSIZE) { ++ errno = EBADF; + return; ++ } + + FD_ZERO(&fds); + FD_SET(cli->fd,&fds); +diff --git a/source/client/dnsbrowse.c b/source/client/dnsbrowse.c +index 5e3a4de..aa2fb22 100644 +--- a/source/client/dnsbrowse.c ++++ b/source/client/dnsbrowse.c +@@ -81,6 +81,11 @@ static void do_smb_resolve(struct mdns_smbsrv_result *browsesrv) + TALLOC_FREE(fdset); + } + ++ if (mdnsfd < 0 || mdnsfd >= FD_SETSIZE) { ++ errno = EBADF; ++ break; ++ } ++ + fdsetsz = howmany(mdnsfd + 1, NFDBITS) * sizeof(fd_mask); + fdset = TALLOC_ZERO(ctx, fdsetsz); + FD_SET(mdnsfd, fdset); +@@ -183,6 +188,13 @@ int do_smb_browse(void) + + fdsetsz = howmany(mdnsfd + 1, NFDBITS) * sizeof(fd_mask); + fdset = TALLOC_ZERO(ctx, fdsetsz); ++ ++ if (mdnsfd < 0 || mdnsfd >= FD_SETSIZE) { ++ errno = EBADF; ++ TALLOC_FREE(ctx); ++ return 1; ++ } ++ + FD_SET(mdnsfd, fdset); + + tv.tv_sec = 1; +diff --git a/source/lib/events.c b/source/lib/events.c +index 9d809fb..691daef 100644 +--- a/source/lib/events.c ++++ b/source/lib/events.c +@@ -152,6 +152,11 @@ struct fd_event *event_add_fd(struct event_context *event_ctx, + { + struct fd_event *fde; + ++ if (fd < 0 || fd >= FD_SETSIZE) { ++ errno = EBADF; ++ return NULL; ++ } ++ + if (!(fde = TALLOC_P(mem_ctx, struct fd_event))) { + return NULL; + } +@@ -202,6 +207,14 @@ bool event_add_to_select_args(struct event_context *event_ctx, + bool ret = False; + + for (fde = event_ctx->fd_events; fde; fde = fde->next) { ++ if (fde->fd < 0 || fde->fd >= FD_SETSIZE) { ++ /* We ignore here, as it shouldn't be ++ possible to add an invalid fde->fd ++ but we don't want FD_SET to see an ++ invalid fd. */ ++ continue; ++ } ++ + if (fde->flags & EVENT_FD_READ) { + FD_SET(fde->fd, read_fds); + ret = True; +diff --git a/source/lib/packet.c b/source/lib/packet.c +index e048616..512c7f2 100644 +--- a/source/lib/packet.c ++++ b/source/lib/packet.c +@@ -106,6 +106,11 @@ NTSTATUS packet_fd_read_sync(struct packet_context *ctx) + int res; + fd_set r_fds; + ++ if (ctx->fd < 0 || ctx->fd >= FD_SETSIZE) { ++ errno = EBADF; ++ return map_nt_error_from_unix(errno); ++ } ++ + FD_ZERO(&r_fds); + FD_SET(ctx->fd, &r_fds); + +diff --git a/source/lib/readline.c b/source/lib/readline.c +index 5fa0ea6..a29eec8 100644 +--- a/source/lib/readline.c ++++ b/source/lib/readline.c +@@ -91,6 +91,11 @@ static char *smb_readline_replacement(const char *prompt, void (*callback)(void) + timeout.tv_sec = 5; + timeout.tv_usec = 0; + ++ if (fd < 0 || fd >= FD_SETSIZE) { ++ errno = EBADF; ++ break; ++ } ++ + FD_ZERO(&fds); + FD_SET(fd,&fds); + +diff --git a/source/lib/select.c b/source/lib/select.c +index c3da6a9..9a1e9b73 100644 +--- a/source/lib/select.c ++++ b/source/lib/select.c +@@ -61,6 +61,11 @@ int sys_select(int maxfd, fd_set *readfds, fd_set *writefds, fd_set *errorfds, s + if (pipe(select_pipe) == -1) + smb_panic("Could not create select pipe"); + ++ if (select_pipe[0] < 0 || select_pipe[0] >= FD_SETSIZE) { ++ errno = EBADF; ++ return -1; ++ } ++ + /* + * These next two lines seem to fix a bug with the Linux + * 2.0.x kernel (and probably other UNIXes as well) where +diff --git a/source/lib/util_sock.c b/source/lib/util_sock.c +index 650bd13..8aa2c97 100644 +--- a/source/lib/util_sock.c ++++ b/source/lib/util_sock.c +@@ -960,6 +960,11 @@ NTSTATUS read_socket_with_timeout(int fd, char *buf, + timeout.tv_usec = (long)(1000 * (time_out % 1000)); + + for (nread=0; nread < mincnt; ) { ++ if (fd < 0 || fd >= FD_SETSIZE) { ++ errno = EBADF; ++ return map_nt_error_from_unix(EBADF); ++ } ++ + FD_ZERO(&fds); + FD_SET(fd,&fds); + +@@ -1492,7 +1497,7 @@ bool open_any_socket_out(struct sockaddr_storage *addrs, int num_addrs, + + for (i=0; i<num_addrs; i++) { + sockets[i] = socket(addrs[i].ss_family, SOCK_STREAM, 0); +- if (sockets[i] < 0) ++ if (sockets[i] < 0 || sockets[i] >= FD_SETSIZE) + goto done; + set_blocking(sockets[i], false); + } +@@ -1541,8 +1546,10 @@ bool open_any_socket_out(struct sockaddr_storage *addrs, int num_addrs, + FD_ZERO(&r_fds); + + for (i=0; i<num_addrs; i++) { +- if (sockets[i] == -1) ++ if (sockets[i] < 0 || sockets[i] >= FD_SETSIZE) { ++ /* This cannot happen - ignore if so. */ + continue; ++ } + FD_SET(sockets[i], &wr_fds); + FD_SET(sockets[i], &r_fds); + if (sockets[i]>maxfd) +diff --git a/source/libaddns/dnssock.c b/source/libaddns/dnssock.c +index 7c8bd41..f427bd5 100644 +--- a/source/libaddns/dnssock.c ++++ b/source/libaddns/dnssock.c +@@ -218,7 +218,11 @@ static DNS_ERROR read_all(int fd, uint8 *data, size_t len) + while (total < len) { + ssize_t ret; + int fd_ready; +- ++ ++ if (fd < 0 || fd >= FD_SETSIZE) { ++ return ERROR_DNS_SOCKET_ERROR; ++ } ++ + FD_ZERO( &rfds ); + FD_SET( fd, &rfds ); + +diff --git a/source/libsmb/nmblib.c b/source/libsmb/nmblib.c +index bfe5e7b..768e54d 100644 +--- a/source/libsmb/nmblib.c ++++ b/source/libsmb/nmblib.c +@@ -1097,6 +1097,11 @@ struct packet_struct *receive_packet(int fd,enum packet_type type,int t) + struct timeval timeout; + int ret; + ++ if (fd < 0 || fd >= FD_SETSIZE) { ++ errno = EBADF; ++ return NULL; ++ } ++ + FD_ZERO(&fds); + FD_SET(fd,&fds); + timeout.tv_sec = t/1000; +diff --git a/source/nmbd/nmbd_packets.c b/source/nmbd/nmbd_packets.c +index c1d373a..0ffa166 100644 +--- a/source/nmbd/nmbd_packets.c ++++ b/source/nmbd/nmbd_packets.c +@@ -1685,7 +1685,7 @@ static bool create_listen_fdset(fd_set **ppset, int **psock_array, int *listen_n + for (subrec = FIRST_SUBNET; subrec; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec)) + count++; + +- if((count*2) + 2 > FD_SETSIZE) { ++ if((count*2) + 2 >= FD_SETSIZE) { + DEBUG(0,("create_listen_fdset: Too many file descriptors needed (%d). We can \ + only use %d.\n", (count*2) + 2, FD_SETSIZE)); + SAFE_FREE(pset); +@@ -1701,24 +1701,44 @@ only use %d.\n", (count*2) + 2, FD_SETSIZE)); + FD_ZERO(pset); + + /* Add in the broadcast socket on 137. */ ++ if (ClientNMB < 0 || ClientNMB >= FD_SETSIZE) { ++ errno = EBADF; ++ SAFE_FREE(pset); ++ return True; ++ } ++ + FD_SET(ClientNMB,pset); + sock_array[num++] = ClientNMB; + *maxfd = MAX( *maxfd, ClientNMB); + + /* Add in the 137 sockets on all the interfaces. */ + for (subrec = FIRST_SUBNET; subrec; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec)) { ++ if (subrec->nmb_sock < 0 || subrec->nmb_sock >= FD_SETSIZE) { ++ /* We have to ignore sockets outside FD_SETSIZE. */ ++ continue; ++ } + FD_SET(subrec->nmb_sock,pset); + sock_array[num++] = subrec->nmb_sock; + *maxfd = MAX( *maxfd, subrec->nmb_sock); + } + + /* Add in the broadcast socket on 138. */ ++ if (ClientDGRAM < 0 || ClientDGRAM >= FD_SETSIZE) { ++ errno = EBADF; ++ SAFE_FREE(pset); ++ return True; ++ } ++ + FD_SET(ClientDGRAM,pset); + sock_array[num++] = ClientDGRAM; + *maxfd = MAX( *maxfd, ClientDGRAM); + + /* Add in the 138 sockets on all the interfaces. */ + for (subrec = FIRST_SUBNET; subrec; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec)) { ++ if (subrec->dgram_sock < 0 || subrec->dgram_sock >= FD_SETSIZE) { ++ /* We have to ignore sockets outside FD_SETSIZE. */ ++ continue; ++ } + FD_SET(subrec->dgram_sock,pset); + sock_array[num++] = subrec->dgram_sock; + *maxfd = MAX( *maxfd, subrec->dgram_sock); +@@ -1769,7 +1789,7 @@ bool listen_for_packets(bool run_election) + + #ifndef SYNC_DNS + dns_fd = asyncdns_fd(); +- if (dns_fd != -1) { ++ if (dns_fd >= 0 && dns_fd < FD_SETSIZE) { + FD_SET(dns_fd, &r_fds); + maxfd = MAX( maxfd, dns_fd); + } +diff --git a/source/nsswitch/wb_common.c b/source/nsswitch/wb_common.c +index 6e6d2bb..aa565ff 100644 +--- a/source/nsswitch/wb_common.c ++++ b/source/nsswitch/wb_common.c +@@ -240,6 +240,12 @@ static int winbind_named_pipe_sock(const char *dir) + + switch (errno) { + case EINPROGRESS: ++ ++ if (fd < 0 || fd >= FD_SETSIZE) { ++ errno = EBADF; ++ goto error_out; ++ } ++ + FD_ZERO(&w_fds); + FD_SET(fd, &w_fds); + tv.tv_sec = CONNECT_TIMEOUT - wait_time; +@@ -383,7 +389,13 @@ int winbind_write_sock(void *buffer, int count, int recursing, int need_priv) + while(nwritten < count) { + struct timeval tv; + fd_set r_fds; +- ++ ++ if (winbindd_fd < 0 || winbindd_fd >= FD_SETSIZE) { ++ errno = EBADF; ++ winbind_close_sock(); ++ return -1; ++ } ++ + /* Catch pipe close on other end by checking if a read() + call would not block by calling select(). */ + +diff --git a/source/printing/printing.c b/source/printing/printing.c +index ad293ea..2bc5c48 100644 +--- a/source/printing/printing.c ++++ b/source/printing/printing.c +@@ -1407,6 +1407,11 @@ void start_background_queue(void) + exit(1); + } + ++ if (pause_pipe[1] < 0 || pause_pipe[1] >= FD_SETSIZE) { ++ DEBUG(5,("start_background_queue: pipe fd out of range.\n")); ++ exit(1); ++ } ++ + background_lpq_updater_pid = sys_fork(); + + if (background_lpq_updater_pid == -1) { +diff --git a/source/smbd/dnsregister.c b/source/smbd/dnsregister.c +index f304d86..764862c 100644 +--- a/source/smbd/dnsregister.c ++++ b/source/smbd/dnsregister.c +@@ -126,6 +126,9 @@ void dns_register_smbd(struct dns_reg_state ** dns_state_ptr, + */ + if (dns_state->srv_ref != NULL) { + mdnsd_conn_fd = DNSServiceRefSockFD(dns_state->srv_ref); ++ if (mdnsd_conn_fd < 0 || mdnsd_conn_fd >= FD_SETSIZE) { ++ return; ++ } + FD_SET(mdnsd_conn_fd, listen_set); + return; + } +@@ -157,6 +160,9 @@ void dns_register_smbd(struct dns_reg_state ** dns_state_ptr, + } + + mdnsd_conn_fd = DNSServiceRefSockFD(dns_state->srv_ref); ++ if (mdnsd_conn_fd < 0 || mdnsd_conn_fd >= FD_SETSIZE) { ++ return; ++ } + FD_SET(mdnsd_conn_fd, listen_set); + *maxfd = MAX(*maxfd, mdnsd_conn_fd); + *timeout = timeval_zero(); +diff --git a/source/smbd/oplock.c b/source/smbd/oplock.c +index 261d8fd..f7e9e6f 100644 +--- a/source/smbd/oplock.c ++++ b/source/smbd/oplock.c +@@ -241,7 +241,10 @@ bool downgrade_oplock(files_struct *fsp) + int oplock_notify_fd(void) + { + if (koplocks) { +- return koplocks->notification_fd; ++ int fd = koplocks->notification_fd; ++ if (fd < 0 || fd >= FD_SETSIZE) { ++ return -1; ++ } + } + + return -1; +diff --git a/source/smbd/oplock_irix.c b/source/smbd/oplock_irix.c +index 8c287c9..6e86fac 100644 +--- a/source/smbd/oplock_irix.c ++++ b/source/smbd/oplock_irix.c +@@ -284,6 +284,11 @@ struct kernel_oplocks *irix_init_kernel_oplocks(void) + return False; + } + ++ if (pfd[0] < 0 || pfd[0] >= FD_SETSIZE) { ++ DEBUG(0,("setup_kernel_oplock_pipe: fd out of range.\n")); ++ return False; ++ } ++ + oplock_pipe_read = pfd[0]; + oplock_pipe_write = pfd[1]; + +diff --git a/source/smbd/process.c b/source/smbd/process.c +index c53bfda..ac63c01 100644 +--- a/source/smbd/process.c ++++ b/source/smbd/process.c +@@ -687,7 +687,7 @@ static void async_processing(fd_set *pfds) + + static int select_on_fd(int fd, int maxfd, fd_set *fds) + { +- if (fd != -1) { ++ if (fd != -1 && fd < FD_SETSIZE) { + FD_SET(fd, fds); + maxfd = MAX(maxfd, fd); + } +diff --git a/source/smbd/server.c b/source/smbd/server.c +index 35c98aa..56960d6 100644 +--- a/source/smbd/server.c ++++ b/source/smbd/server.c +@@ -203,7 +203,13 @@ static bool open_sockets_inetd(void) + /* Started from inetd. fd 0 is the socket. */ + /* We will abort gracefully when the client or remote system + goes away */ +- smbd_set_server_fd(dup(0)); ++ int fd = dup(0); ++ ++ if (fd < 0 || fd >= FD_SETSIZE) { ++ return false; ++ } ++ ++ smbd_set_server_fd(fd); + + /* close our standard file descriptors */ + close_low_fds(False); /* Don't close stderr */ +@@ -429,7 +435,7 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ + num_sockets == 0 ? 0 : 2, + ifss, + true); +- if(s == -1) { ++ if (s < 0 || s >= FD_SETSIZE) { + continue; + } + +@@ -509,7 +515,7 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ + num_sockets == 0 ? 0 : 2, + &ss, + true); +- if (s == -1) { ++ if (s < 0 || s >= FD_SETSIZE) { + continue; + } + +@@ -683,6 +689,7 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ + struct sockaddr addr; + socklen_t in_addrlen = sizeof(addr); + pid_t child = 0; ++ int fd; + + s = -1; + for(i = 0; i < num_sockets; i++) { +@@ -695,17 +702,22 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ + } + } + +- smbd_set_server_fd(accept(s,&addr,&in_addrlen)); +- +- if (smbd_server_fd() == -1 && errno == EINTR) ++ fd = accept(s,&addr,&in_addrlen); ++ if (fd == -1 && errno == EINTR) + continue; +- +- if (smbd_server_fd() == -1) { ++ if (fd == -1) { + DEBUG(2,("open_sockets_smbd: accept: %s\n", +- strerror(errno))); ++ strerror(errno))); ++ continue; ++ } ++ if (fd < 0 || fd >= FD_SETSIZE) { ++ DEBUG(2,("open_sockets_smbd: bad fd %d\n", ++ fd )); + continue; + } + ++ smbd_set_server_fd(fd); ++ + /* Ensure child is set to blocking mode */ + set_blocking(smbd_server_fd(),True); + +diff --git a/source/utils/smbfilter.c b/source/utils/smbfilter.c +index 1e22a40..45f9207 100644 +--- a/source/utils/smbfilter.c ++++ b/source/utils/smbfilter.c +@@ -162,8 +162,8 @@ static void filter_child(int c, struct sockaddr_storage *dest_ss) + int num; + + FD_ZERO(&fds); +- if (s != -1) FD_SET(s, &fds); +- if (c != -1) FD_SET(c, &fds); ++ if (s >= 0 && s < FD_SETSIZE) FD_SET(s, &fds); ++ if (c >= 0 && c < FD_SETSIZE) FD_SET(c, &fds); + + num = sys_select_intr(MAX(s+1, c+1),&fds,NULL,NULL,NULL); + if (num <= 0) continue; +@@ -235,6 +235,10 @@ static void start_filter(char *desthost) + struct sockaddr_storage ss; + socklen_t in_addrlen = sizeof(ss); + ++ if (s < 0 || s >= FD_SETSIZE) { ++ break; ++ } ++ + FD_ZERO(&fds); + FD_SET(s, &fds); + +diff --git a/source/winbindd/winbindd.c b/source/winbindd/winbindd.c +index 929a4ea..5edcc2f 100644 +--- a/source/winbindd/winbindd.c ++++ b/source/winbindd/winbindd.c +@@ -856,7 +856,8 @@ static void process_loop(void) + listen_sock = open_winbindd_socket(); + listen_priv_sock = open_winbindd_priv_socket(); + +- if (listen_sock == -1 || listen_priv_sock == -1) { ++ if (listen_sock < 0 || listen_sock >= FD_SETSIZE || ++ listen_priv_sock < 0 || listen_priv_sock >= FD_SETSIZE) { + perror("open_winbind_socket"); + exit(1); + } +@@ -877,6 +878,9 @@ static void process_loop(void) + + maxfd = MAX(listen_sock, listen_priv_sock); + ++ /* We check the range for listen_sock and ++ listen_priv_sock above. */ ++ + FD_ZERO(&r_fds); + FD_ZERO(&w_fds); + FD_SET(listen_sock, &r_fds); +@@ -908,6 +912,12 @@ static void process_loop(void) + } + + for (ev = fd_events; ev; ev = ev->next) { ++ if (ev->fd < 0 || ev->fd >= FD_SETSIZE) { ++ /* Ignore here - event_add_to_select_args ++ should make this impossible. */ ++ continue; ++ } ++ + if (ev->flags & EVENT_FD_READ) { + FD_SET(ev->fd, &r_fds); + maxfd = MAX(ev->fd, maxfd); +diff --git a/source/winbindd/winbindd_dual.c b/source/winbindd/winbindd_dual.c +index 49978c2..9e834f8 100644 +--- a/source/winbindd/winbindd_dual.c ++++ b/source/winbindd/winbindd_dual.c +@@ -1149,6 +1149,12 @@ static bool fork_domain_child(struct winbindd_child *child) + return False; + } + ++ if (fdpair[0] < 0 || fdpair[0] >= FD_SETSIZE) { ++ DEBUG(0, ("fork_domain_child: bad fd range (%d)\n", fdpair[0])); ++ errno = EBADF; ++ return False; ++ } ++ + ZERO_STRUCT(state); + state.pid = sys_getpid(); + +@@ -1289,6 +1295,7 @@ static bool fork_domain_child(struct winbindd_child *child) + message_dispatch(winbind_messaging_context()); + + FD_ZERO(&read_fds); ++ /* We check state.sock against FD_SETSIZE above. */ + FD_SET(state.sock, &read_fds); + + ret = sys_select(state.sock + 1, &read_fds, NULL, NULL, tp); diff --git a/patches/source/samba/samba.SlackBuild b/patches/source/samba/samba.SlackBuild new file mode 100755 index 000000000..932d59d00 --- /dev/null +++ b/patches/source/samba/samba.SlackBuild @@ -0,0 +1,212 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-3.2.15} +BUILD=${BUILD:-5_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-samba +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf samba-$VERSION +tar xvf $CWD/samba-$VERSION.tar.?z* || exit 1 +cd samba-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +cd source +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +cat $CWD/samba-3.3.12-CVE-2010-2063.patch | patch -p2 --verbose || exit 1 +cat $CWD/samba-3.2.15-CVE-2010-3069.patch | patch -p2 --verbose || exit 1 +zcat $CWD/samba.3-2-fd_set.CVE-2011-0719.patch.gz | patch -p2 --verbose || exit 1 +zcat $CWD/samba-3.2.15-CVE-2012-1182.patch.gz | patch -p2 --verbose || exit 1 + +# Some of these options could be auto-detected, but declaring them +# here doesn't hurt and helps document what features we're trying to +# build in. +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --with-libdir=/usr/lib${LIBDIRSUFFIX} \ + --bindir=/usr/bin \ + --sbindir=/usr/sbin \ + --mandir=/usr/man \ + --sysconfdir=/etc \ + --with-configdir=/etc/samba \ + --with-piddir=/var/run \ + --with-privatedir=/etc/samba/private \ + --localstatedir=/var \ + --with-lockdir=/var/cache/samba \ + --with-swatdir=/usr/share/swat \ + --with-logfilebase=/var/log/samba \ + --enable-cups \ + --enable-static=no \ + --enable-shared=yes \ + --with-acl-support=yes \ + --with-automount \ + --with-cifsmount \ + --with-quotas \ + --with-syslog \ + --with-utmp \ + --with-libsmbclient \ + --with-winbind \ + --with-ldap \ + --build=$ARCH-slackware-linux + # Using with-fhs overrides our libdir, and besides we are already hard-coding + # directories. So, now we define them all explicitly... + #--with-fhs \ + +# -j options don't seem to work... +make || exit 1 + +mkdir -p \ + $PKG/usr/doc/samba-$VERSION \ + $PKG/var/spool/samba \ + $PKG/var/log/samba \ + $PKG/etc/samba/private \ + $PKG/var/cache/samba +chmod 700 $PKG/etc/samba/private +chmod 1777 $PKG/var/spool/samba + +make install-everything DESTDIR=$PKG || exit 1 + +# Install libnss_win* libraries: +mkdir -p $PKG/lib${LIBDIRSUFFIX} +cp -a nsswitch/libnss_winbind.so $PKG/lib${LIBDIRSUFFIX}/libnss_winbind.so.2 +cp -a nsswitch/libnss_wins.so $PKG/lib${LIBDIRSUFFIX}/libnss_wins.so.2 +( cd $PKG/lib${LIBDIRSUFFIX} + ln -sf libnss_winbind.so.2 libnss_winbind.so + ln -sf libnss_wins.so.2 libnss_wins.so +) + +## Make sure that other programs can link against libsmbclient: +#( cd $PKG/usr/lib${LIBDIRSUFFIX} +# for FILE in samba/libsmbclient.so* ; do +# ln -sf $FILE +# done +#) + +# Add some (u)mount links: +mkdir -p $PKG/sbin +( cd $PKG/sbin + # SMBFS is obsolete in the kernel now -- use mount.cifs + #rm -f mount.smbfs ; ln -sf /usr/bin/smbmount mount.smbfs + # Add a wrapper script from Debian that's included in the upstream Samba + # sources to help out people (like me ;-) who don't read every speck of + # documentation: + cat $TMP/samba-$VERSION/examples/scripts/mount/mount.smbfs > mount.smbfs + chmod 755 $PKG/sbin/mount.smbfs + # I suppose this wouldn't be the worst idea in the world, either: + ( cd $PKG/usr/bin ; ln -sf /sbin/mount.smbfs smbmount ) + rm -f mount.cifs ; ln -sf /usr/sbin/mount.cifs mount.cifs + # smbumount was giving me problems so it seems wise to play it safe + #rm -f umount.smbfs ; ln -sf /usr/bin/smbumount umount.smbfs + #rm -f umount.cifs ; ln -sf /usr/sbin/umount.cifs umount.cifs +) + +# Add a sample config file: +cat $CWD/smb.conf.default > $PKG/etc/samba/smb.conf-sample + +if [ ! -r $PKG/usr/bin/smbget ]; then + rm -f $PKG/usr/share/man/man1/smbget.1 + rm -f $PKG/usr/share/swat/help/smbget.1.html +fi + +# We'll add rc.samba to the init directory, but chmod 644 so that it doesn't +# start by default: +mkdir -p $PKG/etc/rc.d +cat $CWD/rc.samba > $PKG/etc/rc.d/rc.samba.new +chmod 644 $PKG/etc/rc.d/rc.samba.new + +mv $PKG/usr/share/man $PKG/usr +gzip -9 $PKG/usr/man/man?/*.? + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +cd .. +cp -a \ + COPYING* MAINTAINERS Manifest PFIF.txt README* \ + Read-Manifest-Now Roadmap WHATSNEW.txt docs examples \ + $PKG/usr/doc/samba-$VERSION +# These are installed elsewhere: +rm -rf $PKG/usr/doc/samba-$VERSION/docs/htmldocs \ + $PKG/usr/doc/samba-$VERSION/docs/manpages +mkdir -p $PKG/usr/doc/samba-$VERSION/docs +( cd $PKG/usr/doc/samba-$VERSION/docs + ln -sf /usr/share/swat/help htmldocs + ln -sf /usr/share/swat/using_samba using_samba +) +# I'm sorry, but when all this info is included in HTML, adding 7MB worth of +# PDF files just to have extra artwork is more fluff than I'll agree to. +rm -f $PKG/usr/doc/samba-$VERSION/docs/*.pdf +# Also redundant also: +rm -rf $PKG/usr/doc/samba-$VERSION/docs/docbook + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cat << EOF + +*** Be sure the package contains: + +drwx------ 2 root root 1024 Mar 12 13:21 /etc/samba/private +drwxr-xr-x 2 root root 4096 May 3 15:46 /var/cache/samba/ +drwxr-xr-x 2 root root 48 Aug 29 13:06 /var/log/samba/ +drwxrwxrwt 2 root root 1024 Mar 12 13:21 /var/spool/samba/ + +EOF + +cd $PKG +/sbin/makepkg -l y -c n $TMP/samba-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/samba/slack-desc b/patches/source/samba/slack-desc new file mode 100644 index 000000000..dc42f2b6f --- /dev/null +++ b/patches/source/samba/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +samba: samba (SMB file and print server) +samba: +samba: Samba is an SMB file and print server for SMB and CIFS clients. It +samba: allows you to make file space or printers on a Samba host available to +samba: any PCs running SMB clients (such as PCs running Windows). +samba: +samba: If you have any SMB servers (such as Windows NT/2K Server), you may be +samba: able to replace them by or supplement them with Samba. One of Samba's +samba: big strengths is integration, so you can use it to tie together your +samba: Linux hosts and Windows PC clients. +samba: diff --git a/patches/source/samba/smb.conf.default b/patches/source/samba/smb.conf.default new file mode 100644 index 000000000..68e62f930 --- /dev/null +++ b/patches/source/samba/smb.conf.default @@ -0,0 +1,271 @@ +# This is the main Samba configuration file. You should read the +# smb.conf(5) manual page in order to understand the options listed +# here. Samba has a huge number of configurable options (perhaps too +# many!) most of which are not shown in this example +# +# For a step to step guide on installing, configuring and using samba, +# read the Samba-HOWTO-Collection. This may be obtained from: +# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf +# +# Many working examples of smb.conf files can be found in the +# Samba-Guide which is generated daily and can be downloaded from: +# http://www.samba.org/samba/docs/Samba-Guide.pdf +# +# Any line which starts with a ; (semi-colon) or a # (hash) +# is a comment and is ignored. In this example we will use a # +# for commentry and a ; for parts of the config file that you +# may wish to enable +# +# NOTE: Whenever you modify this file you should run the command "testparm" +# to check that you have not made any basic syntactic errors. +# +#======================= Global Settings ===================================== +[global] + +# workgroup = NT-Domain-Name or Workgroup-Name, eg: LINUX2 + workgroup = MYGROUP + +# server string is the equivalent of the NT Description field + server string = Samba Server + +# Security mode. Defines in which mode Samba will operate. Possible +# values are share, user, server, domain and ads. Most people will want +# user level security. See the Samba-HOWTO-Collection for details. + security = user + +# This option is important for security. It allows you to restrict +# connections to machines which are on your local network. The +# following example restricts access to two C class networks and +# the "loopback" interface. For more examples of the syntax see +# the smb.conf man page +; hosts allow = 192.168.1. 192.168.2. 127. + +# If you want to automatically load your printer list rather +# than setting them up individually then you'll need this + load printers = yes + +# you may wish to override the location of the printcap file +; printcap name = /etc/printcap + +# on SystemV system setting printcap name to lpstat should allow +# you to automatically obtain a printer list from the SystemV spool +# system +; printcap name = lpstat + +# It should not be necessary to specify the print system type unless +# it is non-standard. Currently supported print systems include: +# bsd, cups, sysv, plp, lprng, aix, hpux, qnx +; printing = cups + +# Uncomment this if you want a guest account, you must add this to /etc/passwd +# otherwise the user "nobody" is used +; guest account = pcguest + +# this tells Samba to use a separate log file for each machine +# that connects + log file = /var/log/samba.%m + +# Put a capping on the size of the log files (in Kb). + max log size = 50 + +# Use password server option only with security = server +# The argument list may include: +# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] +# or to auto-locate the domain controller/s +# password server = * +; password server = <NT-Server-Name> + +# Use the realm option only with security = ads +# Specifies the Active Directory realm the host is part of +; realm = MY_REALM + +# Backend to store user information in. New installations should +# use either tdbsam or ldapsam. smbpasswd is available for backwards +# compatibility. tdbsam requires no further configuration. +; passdb backend = tdbsam + +# Using the following line enables you to customise your configuration +# on a per machine basis. The %m gets replaced with the netbios name +# of the machine that is connecting. +# Note: Consider carefully the location in the configuration file of +# this line. The included file is read at that point. +; include = /usr/local/samba/lib/smb.conf.%m + +# Configure Samba to use multiple interfaces +# If you have multiple network interfaces then you must list them +# here. See the man page for details. +; interfaces = 192.168.12.2/24 192.168.13.2/24 + +# Browser Control Options: +# set local master to no if you don't want Samba to become a master +# browser on your network. Otherwise the normal election rules apply +; local master = no + +# OS Level determines the precedence of this server in master browser +# elections. The default value should be reasonable +; os level = 33 + +# Domain Master specifies Samba to be the Domain Master Browser. This +# allows Samba to collate browse lists between subnets. Don't use this +# if you already have a Windows NT domain controller doing this job +; domain master = yes + +# Preferred Master causes Samba to force a local browser election on startup +# and gives it a slightly higher chance of winning the election +; preferred master = yes + +# Enable this if you want Samba to be a domain logon server for +# Windows95 workstations. +; domain logons = yes + +# if you enable domain logons then you may want a per-machine or +# per user logon script +# run a specific logon batch file per workstation (machine) +; logon script = %m.bat +# run a specific logon batch file per username +; logon script = %U.bat + +# Where to store roving profiles (only for Win95 and WinNT) +# %L substitutes for this servers netbios name, %U is username +# You must uncomment the [Profiles] share below +; logon path = \\%L\Profiles\%U + +# Windows Internet Name Serving Support Section: +# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server +; wins support = yes + +# WINS Server - Tells the NMBD components of Samba to be a WINS Client +# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both +; wins server = w.x.y.z + +# WINS Proxy - Tells Samba to answer name resolution queries on +# behalf of a non WINS capable client, for this to work there must be +# at least one WINS Server on the network. The default is NO. +; wins proxy = yes + +# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names +# via DNS nslookups. The default is NO. + dns proxy = no + +# These scripts are used on a domain controller or stand-alone +# machine to add or delete corresponding unix accounts +; add user script = /usr/sbin/useradd %u +; add group script = /usr/sbin/groupadd %g +; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u +; delete user script = /usr/sbin/userdel %u +; delete user from group script = /usr/sbin/deluser %u %g +; delete group script = /usr/sbin/groupdel %g + + +#============================ Share Definitions ============================== +[homes] + comment = Home Directories + browseable = no + writable = yes + +# Un-comment the following and create the netlogon directory for Domain Logons +; [netlogon] +; comment = Network Logon Service +; path = /usr/local/samba/lib/netlogon +; guest ok = yes +; writable = no +; share modes = no + + +# Un-comment the following to provide a specific roving profile share +# the default is to use the user's home directory +;[Profiles] +; path = /usr/local/samba/profiles +; browseable = no +; guest ok = yes + + +# NOTE: If you have a BSD-style print system there is no need to +# specifically define each individual printer +[printers] + comment = All Printers + path = /var/spool/samba + browseable = no +# Set public = yes to allow user 'guest account' to print + guest ok = no + writable = no + printable = yes + +# This one is useful for people to share files +;[tmp] +; comment = Temporary file space +; path = /tmp +; read only = no +; public = yes + +# A publicly accessible directory, but read only, except for people in +# the "staff" group +;[public] +; comment = Public Stuff +; path = /home/samba +; public = yes +; writable = yes +; printable = no +; write list = @staff + +# Other examples. +# +# A private printer, usable only by fred. Spool data will be placed in fred's +# home directory. Note that fred must have write access to the spool directory, +# wherever it is. +;[fredsprn] +; comment = Fred's Printer +; valid users = fred +; path = /homes/fred +; printer = freds_printer +; public = no +; writable = no +; printable = yes + +# A private directory, usable only by fred. Note that fred requires write +# access to the directory. +;[fredsdir] +; comment = Fred's Service +; path = /usr/somewhere/private +; valid users = fred +; public = no +; writable = yes +; printable = no + +# a service which has a different directory for each machine that connects +# this allows you to tailor configurations to incoming machines. You could +# also use the %U option to tailor it by user name. +# The %m gets replaced with the machine name that is connecting. +;[pchome] +; comment = PC Directories +; path = /usr/pc/%m +; public = no +; writable = yes + +# A publicly accessible directory, read/write to all users. Note that all files +# created in the directory by users will be owned by the default user, so +# any user with access can delete any other user's files. Obviously this +# directory must be writable by the default user. Another user could of course +# be specified, in which case all files would be owned by that user instead. +;[public] +; path = /usr/somewhere/else/public +; public = yes +; only guest = yes +; writable = yes +; printable = no + +# The following two entries demonstrate how to share a directory so that two +# users can place files there that will be owned by the specific users. In this +# setup, the directory should be writable by both users and should have the +# sticky bit set on it to prevent abuse. Obviously this could be extended to +# as many users as required. +;[myshare] +; comment = Mary's and Fred's stuff +; path = /usr/somewhere/shared +; valid users = mary fred +; public = no +; writable = yes +; printable = no +; create mask = 0765 + + diff --git a/patches/source/samba/smb.conf.default.orig b/patches/source/samba/smb.conf.default.orig new file mode 100644 index 000000000..971ca19c8 --- /dev/null +++ b/patches/source/samba/smb.conf.default.orig @@ -0,0 +1,271 @@ +# This is the main Samba configuration file. You should read the +# smb.conf(5) manual page in order to understand the options listed +# here. Samba has a huge number of configurable options (perhaps too +# many!) most of which are not shown in this example +# +# For a step to step guide on installing, configuring and using samba, +# read the Samba-HOWTO-Collection. This may be obtained from: +# http://www.samba.org/samba/docs/Samba-HOWTO-Collection.pdf +# +# Many working examples of smb.conf files can be found in the +# Samba-Guide which is generated daily and can be downloaded from: +# http://www.samba.org/samba/docs/Samba-Guide.pdf +# +# Any line which starts with a ; (semi-colon) or a # (hash) +# is a comment and is ignored. In this example we will use a # +# for commentry and a ; for parts of the config file that you +# may wish to enable +# +# NOTE: Whenever you modify this file you should run the command "testparm" +# to check that you have not made any basic syntactic errors. +# +#======================= Global Settings ===================================== +[global] + +# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH + workgroup = MYGROUP + +# server string is the equivalent of the NT Description field + server string = Samba Server + +# Security mode. Defines in which mode Samba will operate. Possible +# values are share, user, server, domain and ads. Most people will want +# user level security. See the Samba-HOWTO-Collection for details. + security = user + +# This option is important for security. It allows you to restrict +# connections to machines which are on your local network. The +# following example restricts access to two C class networks and +# the "loopback" interface. For more examples of the syntax see +# the smb.conf man page +; hosts allow = 192.168.1. 192.168.2. 127. + +# If you want to automatically load your printer list rather +# than setting them up individually then you'll need this + load printers = yes + +# you may wish to override the location of the printcap file +; printcap name = /etc/printcap + +# on SystemV system setting printcap name to lpstat should allow +# you to automatically obtain a printer list from the SystemV spool +# system +; printcap name = lpstat + +# It should not be necessary to specify the print system type unless +# it is non-standard. Currently supported print systems include: +# bsd, cups, sysv, plp, lprng, aix, hpux, qnx +; printing = cups + +# Uncomment this if you want a guest account, you must add this to /etc/passwd +# otherwise the user "nobody" is used +; guest account = pcguest + +# this tells Samba to use a separate log file for each machine +# that connects + log file = /usr/local/samba/var/log.%m + +# Put a capping on the size of the log files (in Kb). + max log size = 50 + +# Use password server option only with security = server +# The argument list may include: +# password server = My_PDC_Name [My_BDC_Name] [My_Next_BDC_Name] +# or to auto-locate the domain controller/s +# password server = * +; password server = <NT-Server-Name> + +# Use the realm option only with security = ads +# Specifies the Active Directory realm the host is part of +; realm = MY_REALM + +# Backend to store user information in. New installations should +# use either tdbsam or ldapsam. smbpasswd is available for backwards +# compatibility. tdbsam requires no further configuration. +; passdb backend = tdbsam + +# Using the following line enables you to customise your configuration +# on a per machine basis. The %m gets replaced with the netbios name +# of the machine that is connecting. +# Note: Consider carefully the location in the configuration file of +# this line. The included file is read at that point. +; include = /usr/local/samba/lib/smb.conf.%m + +# Configure Samba to use multiple interfaces +# If you have multiple network interfaces then you must list them +# here. See the man page for details. +; interfaces = 192.168.12.2/24 192.168.13.2/24 + +# Browser Control Options: +# set local master to no if you don't want Samba to become a master +# browser on your network. Otherwise the normal election rules apply +; local master = no + +# OS Level determines the precedence of this server in master browser +# elections. The default value should be reasonable +; os level = 33 + +# Domain Master specifies Samba to be the Domain Master Browser. This +# allows Samba to collate browse lists between subnets. Don't use this +# if you already have a Windows NT domain controller doing this job +; domain master = yes + +# Preferred Master causes Samba to force a local browser election on startup +# and gives it a slightly higher chance of winning the election +; preferred master = yes + +# Enable this if you want Samba to be a domain logon server for +# Windows95 workstations. +; domain logons = yes + +# if you enable domain logons then you may want a per-machine or +# per user logon script +# run a specific logon batch file per workstation (machine) +; logon script = %m.bat +# run a specific logon batch file per username +; logon script = %U.bat + +# Where to store roving profiles (only for Win95 and WinNT) +# %L substitutes for this servers netbios name, %U is username +# You must uncomment the [Profiles] share below +; logon path = \\%L\Profiles\%U + +# Windows Internet Name Serving Support Section: +# WINS Support - Tells the NMBD component of Samba to enable it's WINS Server +; wins support = yes + +# WINS Server - Tells the NMBD components of Samba to be a WINS Client +# Note: Samba can be either a WINS Server, or a WINS Client, but NOT both +; wins server = w.x.y.z + +# WINS Proxy - Tells Samba to answer name resolution queries on +# behalf of a non WINS capable client, for this to work there must be +# at least one WINS Server on the network. The default is NO. +; wins proxy = yes + +# DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names +# via DNS nslookups. The default is NO. + dns proxy = no + +# These scripts are used on a domain controller or stand-alone +# machine to add or delete corresponding unix accounts +; add user script = /usr/sbin/useradd %u +; add group script = /usr/sbin/groupadd %g +; add machine script = /usr/sbin/adduser -n -g machines -c Machine -d /dev/null -s /bin/false %u +; delete user script = /usr/sbin/userdel %u +; delete user from group script = /usr/sbin/deluser %u %g +; delete group script = /usr/sbin/groupdel %g + + +#============================ Share Definitions ============================== +[homes] + comment = Home Directories + browseable = no + writable = yes + +# Un-comment the following and create the netlogon directory for Domain Logons +; [netlogon] +; comment = Network Logon Service +; path = /usr/local/samba/lib/netlogon +; guest ok = yes +; writable = no +; share modes = no + + +# Un-comment the following to provide a specific roving profile share +# the default is to use the user's home directory +;[Profiles] +; path = /usr/local/samba/profiles +; browseable = no +; guest ok = yes + + +# NOTE: If you have a BSD-style print system there is no need to +# specifically define each individual printer +[printers] + comment = All Printers + path = /usr/spool/samba + browseable = no +# Set public = yes to allow user 'guest account' to print + guest ok = no + writable = no + printable = yes + +# This one is useful for people to share files +;[tmp] +; comment = Temporary file space +; path = /tmp +; read only = no +; public = yes + +# A publicly accessible directory, but read only, except for people in +# the "staff" group +;[public] +; comment = Public Stuff +; path = /home/samba +; public = yes +; writable = yes +; printable = no +; write list = @staff + +# Other examples. +# +# A private printer, usable only by fred. Spool data will be placed in fred's +# home directory. Note that fred must have write access to the spool directory, +# wherever it is. +;[fredsprn] +; comment = Fred's Printer +; valid users = fred +; path = /homes/fred +; printer = freds_printer +; public = no +; writable = no +; printable = yes + +# A private directory, usable only by fred. Note that fred requires write +# access to the directory. +;[fredsdir] +; comment = Fred's Service +; path = /usr/somewhere/private +; valid users = fred +; public = no +; writable = yes +; printable = no + +# a service which has a different directory for each machine that connects +# this allows you to tailor configurations to incoming machines. You could +# also use the %U option to tailor it by user name. +# The %m gets replaced with the machine name that is connecting. +;[pchome] +; comment = PC Directories +; path = /usr/pc/%m +; public = no +; writable = yes + +# A publicly accessible directory, read/write to all users. Note that all files +# created in the directory by users will be owned by the default user, so +# any user with access can delete any other user's files. Obviously this +# directory must be writable by the default user. Another user could of course +# be specified, in which case all files would be owned by that user instead. +;[public] +; path = /usr/somewhere/else/public +; public = yes +; only guest = yes +; writable = yes +; printable = no + +# The following two entries demonstrate how to share a directory so that two +# users can place files there that will be owned by the specific users. In this +# setup, the directory should be writable by both users and should have the +# sticky bit set on it to prevent abuse. Obviously this could be extended to +# as many users as required. +;[myshare] +; comment = Mary's and Fred's stuff +; path = /usr/somewhere/shared +; valid users = mary fred +; public = no +; writable = yes +; printable = no +; create mask = 0765 + + diff --git a/patches/source/samba/smb.conf.diff b/patches/source/samba/smb.conf.diff new file mode 100644 index 000000000..553440c54 --- /dev/null +++ b/patches/source/samba/smb.conf.diff @@ -0,0 +1,29 @@ +--- smb.conf.default.orig 2008-05-28 07:41:11.000000000 -0500 ++++ smb.conf.default 2008-05-28 13:53:01.000000000 -0500 +@@ -22,7 +22,7 @@ + #======================= Global Settings ===================================== + [global] + +-# workgroup = NT-Domain-Name or Workgroup-Name, eg: MIDEARTH ++# workgroup = NT-Domain-Name or Workgroup-Name, eg: LINUX2 + workgroup = MYGROUP + + # server string is the equivalent of the NT Description field +@@ -63,7 +63,7 @@ + + # this tells Samba to use a separate log file for each machine + # that connects +- log file = /usr/local/samba/var/log.%m ++ log file = /var/log/samba.%m + + # Put a capping on the size of the log files (in Kb). + max log size = 50 +@@ -184,7 +184,7 @@ + # specifically define each individual printer + [printers] + comment = All Printers +- path = /usr/spool/samba ++ path = /var/spool/samba + browseable = no + # Set public = yes to allow user 'guest account' to print + guest ok = no diff --git a/patches/source/seamonkey/doinst.sh b/patches/source/seamonkey/doinst.sh new file mode 100644 index 000000000..c236bea5c --- /dev/null +++ b/patches/source/seamonkey/doinst.sh @@ -0,0 +1,11 @@ +# If there's no mozilla here, then take over: +if [ ! -r usr/bin/mozilla ]; then + ( cd usr/bin ; ln -sf seamonkey mozilla ) +fi +# Hopefully this won't break everything. ;-) +if ! grep /usr/lib/seamonkey etc/ld.so.conf 1> /dev/null 2> /dev/null ; then + echo "/usr/lib/seamonkey" >> etc/ld.so.conf +fi +if [ -x /sbin/ldconfig ]; then + /sbin/ldconfig 2> /dev/null +fi diff --git a/patches/source/seamonkey/pkgconfig/seamonkey-gtkmozembed.pc b/patches/source/seamonkey/pkgconfig/seamonkey-gtkmozembed.pc new file mode 100644 index 000000000..e5053267d --- /dev/null +++ b/patches/source/seamonkey/pkgconfig/seamonkey-gtkmozembed.pc @@ -0,0 +1,11 @@ +prefix=/usr +exec_prefix=/usr +libdir=/usr/@LIB@/seamonkey-@VERSION@ +includedir=/usr/include/seamonkey-@VERSION@ + +Name: Mozilla Gtk Embedding Widget +Description: Mozilla Embedding Widget for Gtk+ +Version: @VERSION@ +Requires: seamonkey-xpcom = @VERSION@ +Libs: -L${libdir} -lgtkembedmoz +Cflags: -I${includedir}/gtkembedmoz diff --git a/patches/source/seamonkey/pkgconfig/seamonkey-js.pc b/patches/source/seamonkey/pkgconfig/seamonkey-js.pc new file mode 100644 index 000000000..31433be28 --- /dev/null +++ b/patches/source/seamonkey/pkgconfig/seamonkey-js.pc @@ -0,0 +1,11 @@ +prefix=/usr +exec_prefix=/usr +libdir=/usr/@LIB@/seamonkey-@VERSION@ +includedir=/usr/include/seamonkey-@VERSION@ + +Name: JavaScript +Description: The Mozilla JavaScript Library +Version: @VERSION@ +Requires: seamonkey-nspr >= 4.7.1 +Libs: -L${libdir} -lmozjs +Cflags: -I${includedir}/js -DXP_UNIX -DJS_THREADSAFE diff --git a/patches/source/seamonkey/pkgconfig/seamonkey-nspr.pc b/patches/source/seamonkey/pkgconfig/seamonkey-nspr.pc new file mode 100644 index 000000000..756e996d6 --- /dev/null +++ b/patches/source/seamonkey/pkgconfig/seamonkey-nspr.pc @@ -0,0 +1,12 @@ +prefix=/usr +exec_prefix=/usr +libdir=/usr/@LIB@/seamonkey-@VERSION@ +includedir=/usr/include/seamonkey-@VERSION@ + +Name: NSPR +Description: The Netscape Portable Runtime +Version: 4.7.1 +Libs: -L/usr/@LIB@/seamonkey-@VERSION@ -lplds4 -lplc4 -lnspr4 -lpthread -ldl +Cflags: -I/usr/include/seamonkey-@VERSION@/nspr + + diff --git a/patches/source/seamonkey/pkgconfig/seamonkey-nss.pc b/patches/source/seamonkey/pkgconfig/seamonkey-nss.pc new file mode 100644 index 000000000..b929f202f --- /dev/null +++ b/patches/source/seamonkey/pkgconfig/seamonkey-nss.pc @@ -0,0 +1,11 @@ +prefix=/usr +exec_prefix=/usr +libdir=/usr/@LIB@/seamonkey-@VERSION@ +includedir=/usr/include/seamonkey-@VERSION@ + +Name: NSS +Description: Mozilla Network Security Services +Version: @VERSION@ +Requires: seamonkey-nspr >= 4.7.1 +Libs: -L${libdir} -lnss3 -lsmime3 -lssl3 -lsoftokn3 +Cflags: -I${includedir}/nss diff --git a/patches/source/seamonkey/pkgconfig/seamonkey-plugin.pc b/patches/source/seamonkey/pkgconfig/seamonkey-plugin.pc new file mode 100644 index 000000000..4550444af --- /dev/null +++ b/patches/source/seamonkey/pkgconfig/seamonkey-plugin.pc @@ -0,0 +1,10 @@ +prefix=/usr +exec_prefix=/usr +libdir=/usr/@LIB@/seamonkey-@VERSION@ +includedir=/usr/include/seamonkey-@VERSION@ + +Name: Mozilla Plug-In API +Description: Mozilla Plug-In API +Version: @VERSION@ +Requires: seamonkey-nspr >= 4.7.1 +Cflags: -I${includedir}/java -I${includedir}/plugin diff --git a/patches/source/seamonkey/pkgconfig/seamonkey-xpcom.pc b/patches/source/seamonkey/pkgconfig/seamonkey-xpcom.pc new file mode 100644 index 000000000..532005671 --- /dev/null +++ b/patches/source/seamonkey/pkgconfig/seamonkey-xpcom.pc @@ -0,0 +1,12 @@ +prefix=/usr +exec_prefix=/usr +libdir=/usr/@LIB@/seamonkey-@VERSION@ +includedir=/usr/include/seamonkey-@VERSION@ +idldir=/usr/share/idl/seamonkey-@VERSION@ + +Name: XPCOM +Description: The Mozilla Cross Platform Component Library +Version: @VERSION@ +Requires: seamonkey-nspr >= 4.7.1 +Libs: -L${libdir} -lxpcom +Cflags: -I${includedir} -I${includedir}/xpcom -I${includedir}/string diff --git a/patches/source/seamonkey/seamonkey-icon.png b/patches/source/seamonkey/seamonkey-icon.png Binary files differnew file mode 100644 index 000000000..824ab7a50 --- /dev/null +++ b/patches/source/seamonkey/seamonkey-icon.png diff --git a/patches/source/seamonkey/seamonkey-mail-icon.png b/patches/source/seamonkey/seamonkey-mail-icon.png Binary files differnew file mode 100644 index 000000000..123b077bf --- /dev/null +++ b/patches/source/seamonkey/seamonkey-mail-icon.png diff --git a/patches/source/seamonkey/seamonkey-mail.desktop b/patches/source/seamonkey/seamonkey-mail.desktop new file mode 100644 index 000000000..1e0b62b1b --- /dev/null +++ b/patches/source/seamonkey/seamonkey-mail.desktop @@ -0,0 +1,8 @@ +[Desktop Entry] +Name=SeaMonkey Mail +Comment=Read Mail with SeaMonkey +Exec=/usr/bin/seamonkey -mail +Icon=/usr/share/pixmaps/seamonkey-mail-icon.png +Terminal=0 +Type=Application +Categories=Application;Network; diff --git a/patches/source/seamonkey/seamonkey.SlackBuild b/patches/source/seamonkey/seamonkey.SlackBuild new file mode 100755 index 000000000..8face236f --- /dev/null +++ b/patches/source/seamonkey/seamonkey.SlackBuild @@ -0,0 +1,234 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +VERSION=${VERSION:-$(basename $(ls seamonkey-*.tar.* | cut -d - -f 2 | rev | cut -f 3- -d . | rev) .source)} +BUILD=${BUILD:-1_slack13.0} +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-seamonkey +rm -rf $PKG +mkdir -p $TMP $PKG/usr + +cd $TMP +rm -rf comm-1.9.1 +tar xvf $CWD/seamonkey-${VERSION}.source.tar.?z* || exit 1 +cd comm-1.9.1 || exit 1 + +# Make sure the perms/ownerships are sane: +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Fix a long standing bug that's prevented staying current on GTK+. +# Thanks to the BLFS folks. :-) +cat >> mozilla/layout/build/Makefile.in << EOF + +ifdef MOZ_ENABLE_CANVAS +EXTRA_DSO_LDOPTS += \$(XLDFLAGS) -lX11 -lXrender +endif + +EOF + +chown -R root:root . +BUILD_OFFICIAL=1 MOZILLA_OFFICIAL=1 \ +./configure --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --enable-optimize=-O2 \ + --disable-debug \ + --with-default-mozilla-five-home=/usr/lib${LIBDIRSUFFIX}/seamonkey-${VERSION} \ + --enable-strip \ + --disable-tests \ + --enable-svg \ + --enable-system-cairo \ + --enable-canvas \ + --disable-short-wchar \ + --enable-nspr-autoconf \ + --enable-extensions=default,irc \ + --enable-crypto \ + --disable-xprint \ + --without-system-nspr \ + --with-system-zlib \ + --with-system-jpeg \ + --with-system-mng \ + --enable-application=suite \ + --enable-xft \ + --host=$ARCH-slackware-linux \ + --target=$ARCH-slackware-linux \ + --build=$ARCH-slackware-linux + + # --with-system-png +make $NUMJOBS || exit 1 +DESTDIR=$PKG make install || exit 1 + +# Install js/nspr/nss headers. +for includedir in js nspr nspr/obsolete nspr/private nss plugin xpcom ; do + mkdir -p $PKG/usr/include/seamonkey-${VERSION}/$includedir + cp -aL mozilla/dist/include/${includedir}/*.h $PKG/usr/include/seamonkey-${VERSION}/$includedir +done +cp -aL mozilla/dist/include/js/*.tbl mozilla/dist/include/js/*.msg $PKG/usr/include/seamonkey-${VERSION}/js +cp -aL mozilla/dist/include/*.h $PKG/usr/include/seamonkey-${VERSION} +cp -aL mozilla/dist/sdk/include/* $PKG/usr/include/seamonkey-${VERSION} +( cd $PKG/usr/include/seamonkey-${VERSION}/plugin + for file in ../j*.h ; do + ln -sf $file . + done +) +chown -R root:root $PKG/usr/include/seamonkey-${VERSION} +find $PKG/usr/include/seamonkey-${VERSION} -name "*.h" -type f -exec chmod 644 {} \; +# Create a more generic include files symlink: +( cd $PKG/usr/include + if [ ! -e seamonkey ]; then + ln -sf seamonkey-${VERSION} seamonkey + fi +) + +# Install pkgconfig files: +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig +for file in $CWD/pkgconfig/* ; do +cat $file \ + | sed -e "s/@LIB@/lib${LIBDIRSUFFIX}/" \ + -e "s/@VERSION@/$VERSION/" \ + > $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig/$(basename $file) +done + +# Add symlinks for the pkgconfig files: +( cd $PKG/usr/lib${LIBDIRSUFFIX}/pkgconfig + ln -s seamonkey-js.pc js.pc + ln -s seamonkey-nspr.pc nspr.pc + ln -s seamonkey-nss.pc nss.pc + ln -s seamonkey-plugin.pc plugin.pc + ln -s seamonkey-xpcom.pc xpcom.pc +) + +# Compress and if needed symlink the man pages: +if [ -d $PKG/usr/man ]; then + ( cd $PKG/usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.? + ) + done + ) +fi + +# Strip files: +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# This remains the standard plugin directory for all browsers. +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/mozilla/plugins + +# This is traditional. +( cd $PKG/usr/lib${LIBDIRSUFFIX} + if [ ! -e seamonkey ]; then + ln -sf seamonkey-${VERSION} seamonkey + fi +) + +mkdir -p $PKG/usr/share/applications +cp -a $CWD/*.desktop $PKG/usr/share/applications +chown -R root:root $PKG/usr/share/applications +chmod 644 $PKG/usr/share/applications/* +mkdir -p $PKG/usr/share/pixmaps +cp -a $CWD/*.png $PKG/usr/share/pixmaps +chown -R root:root $PKG/usr/share/pixmaps +chmod 644 $PKG/usr/share/pixmaps/* + +mkdir -p $PKG/usr/doc/seamonkey-$VERSION +( cd mozilla + cp -a \ + LEGAL LICENSE README.txt \ + $PKG/usr/doc/seamonkey-$VERSION +) + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + > $PKG/install/doinst.sh + +cd $TMP/package-seamonkey +/sbin/makepkg -l y -c n -p $TMP/seamonkey-$VERSION-$ARCH-$BUILD.txz + +# Create a standalone seamonkey-solibs package for RPM, gxine, etc. +rm -r $TMP/package-seamonkey-solibs +mkdir -p $TMP/package-seamonkey-solibs/usr/doc +cp -a $PKG/usr/doc/seamonkey-$VERSION $TMP/package-seamonkey-solibs/usr/doc +mkdir -p $TMP/package-seamonkey-solibs/usr/lib${LIBDIRSUFFIX}/seamonkey-${VERSION} +for file in libfreebl3.chk libfreebl3.so libmozjs.so libnspr4.so libnss3.so \ + libnssckbi.so libnssutil3.so libplc4.so libplds4.so libsmime3.so \ + libsoftokn3.chk libsoftokn3.so libssl3.so ; do + cp -a $PKG/usr/lib${LIBDIRSUFFIX}/seamonkey-${VERSION}/$file \ + $TMP/package-seamonkey-solibs/usr/lib${LIBDIRSUFFIX}/seamonkey-${VERSION} +done +mkdir $TMP/package-seamonkey-solibs/install +cat << EOF | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $TMP/package-seamonkey-solibs/install/doinst.sh +( cd usr/lib ; rm -rf seamonkey ) +( cd usr/lib ; ln -sf seamonkey-$VERSION seamonkey ) +if ! grep /usr/lib/seamonkey etc/ld.so.conf 1> /dev/null 2> /dev/null ; then + echo "/usr/lib/seamonkey" >> etc/ld.so.conf +fi +if [ -x /sbin/ldconfig ]; then + /sbin/ldconfig 2> /dev/null +fi +EOF +cat << EOF > $TMP/package-seamonkey-solibs/install/slack-desc + |-----handy-ruler------------------------------------------------------| +seamonkey-solibs: seamonkey-solibs (Shared libraries from Seamonkey) +seamonkey-solibs: +seamonkey-solibs: This package contains a subset of the shared libraries from Seamonkey +seamonkey-solibs: to provide runtime support for programs that require nss, nspr, and +seamonkey-solibs: js. These libraries are used in programs like RPM and gxine, and can +seamonkey-solibs: be used in others. This package is built from the Seamonkey sources +seamonkey-solibs: and is provided as a standalone runtime package for people who do not +seamonkey-solibs: want to install the entire seamonkey package (as for server use). +seamonkey-solibs: +seamonkey-solibs: This package is runtime only. The include files and other files for +seamonkey-solibs: development can be found in the seamonkey package. +EOF +cd $TMP/package-seamonkey-solibs +/sbin/makepkg -l y -c n -p $TMP/seamonkey-solibs-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/seamonkey/seamonkey.desktop b/patches/source/seamonkey/seamonkey.desktop new file mode 100644 index 000000000..7c988a769 --- /dev/null +++ b/patches/source/seamonkey/seamonkey.desktop @@ -0,0 +1,8 @@ +[Desktop Entry] +Name=SeaMonkey +Comment=Web Browser +Exec=/usr/bin/seamonkey +Icon=/usr/share/pixmaps/seamonkey-icon.png +Terminal=0 +Type=Application +Categories=Application;Network; diff --git a/patches/source/seamonkey/slack-desc b/patches/source/seamonkey/slack-desc new file mode 100644 index 000000000..af6ee2408 --- /dev/null +++ b/patches/source/seamonkey/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +seamonkey: SeaMonkey (an open-source web browser suite) +seamonkey: +seamonkey: The SeaMonkey browser suite. SeaMonkey features a state-of-the-art +seamonkey: web browser and powerful email client, as well as a WYSIWYG web page +seamonkey: composer and a feature-rich IRC chat client. +seamonkey: +seamonkey: +seamonkey: +seamonkey: Visit the SeaMonkey project at this URL: +seamonkey: http://www.mozilla.org/projects/seamonkey/ +seamonkey: diff --git a/patches/source/sendmail/Build b/patches/source/sendmail/Build new file mode 100644 index 000000000..21950d496 --- /dev/null +++ b/patches/source/sendmail/Build @@ -0,0 +1,29 @@ +#!/bin/sh +# Copyright 2004 Slackware Linux, Inc. Concord, CA 94520 +# Copyright 2007, 2008 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# + +# A script to build .cf files from .mc files: + +for mcfile in $* ; do + /usr/bin/m4 /usr/share/sendmail/cf/m4/cf.m4 $mcfile > $(basename $mcfile .mc).cf +done + diff --git a/patches/source/sendmail/SlackBuild-sendmail b/patches/source/sendmail/SlackBuild-sendmail new file mode 100755 index 000000000..c31a296eb --- /dev/null +++ b/patches/source/sendmail/SlackBuild-sendmail @@ -0,0 +1,167 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=8.14.9 +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$(uname -m)" in + i?86) ARCH=i486 ;; + arm*) readelf /usr/bin/file -A | egrep -q "Tag_CPU.*[4,5]" && ARCH=arm || ARCH=armv7lh ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) ARCH=$(uname -m) ;; + esac + export ARCH +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-sendmail + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +# Explode the package framework: +cd $PKG +explodepkg $CWD/_sendmail.tar.gz +[ -n "${LIBDIRSUFFIX}" ] && mv $PKG/usr/lib $PKG/usr/lib${LIBDIRSUFFIX} + +echo "+=================+" +echo "| sendmail.$VERSION |" +echo "+=================+" +OSCPU="`uname -srm | tr ' ' '.'`" +cd $TMP +rm -rf sendmail-$VERSION +tar xvf $CWD/sendmail.$VERSION.tar.gz || exit 1 +cd sendmail-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +# Add TLS support to the sendmail binary: +cat $CWD/site.config.m4 > devtools/Site/site.config.m4 + +# Build .cf files for Linux: +cd $TMP/sendmail-$VERSION/cf/cf +cp $CWD/*.mc . +cp linux.uucp.mc config.mc +sh Build config.cf +mv config.cf $PKG/usr/share/sendmail/linux.uucp.cf +cp sendmail-slackware.mc config.mc +sh Build config.cf +mv config.cf $PKG/usr/share/sendmail/sendmail-slackware.cf +cp sendmail-slackware-tls.mc config.mc +sh Build config.cf +mv config.cf $PKG/usr/share/sendmail/sendmail-slackware-tls.cf +cp sendmail-slackware-tls-sasl.mc config.mc +sh Build config.cf +mv config.cf $PKG/usr/share/sendmail/sendmail-slackware-tls-sasl.cf + +# Add a sample sendmail.cf: +cat $PKG/usr/share/sendmail/sendmail-slackware.cf > $PKG/etc/mail/sendmail.cf.new +cat submit.cf > $PKG/etc/mail/submit.cf.new + +cd $TMP/sendmail-$VERSION +## All "Build" does is call make while screwing up the options :-) +## sh Build +make O="$SLKCFLAGS" +#O="$SLKCFLAGS" sh Build +cat sendmail/mailq.1 | gzip -9c > $PKG/usr/man/man1/mailq.1.gz +cat sendmail/newaliases.1 | gzip -9c > $PKG/usr/man/man1/newaliases.1.gz +mkdir -p $PKG/usr/doc/sendmail-$VERSION +cp -a \ + FAQ INSTALL KNOWNBUGS LICENSE PGPKEYS README RELEASE_NOTES \ + $PKG/usr/doc/sendmail-$VERSION +( cd doc ; cp -a op $PKG/usr/doc/sendmail-$VERSION ) + +cd obj.$OSCPU/sendmail +cat sendmail > $PKG/usr/sbin/sendmail.new +cat aliases.5 | gzip -9c > $PKG/usr/man/man5/aliases.5.gz +cat sendmail.8 | gzip -9c > $PKG/usr/man/man8/sendmail.8.gz +cat statistics > $PKG/etc/mail/statistics +cat ../../sendmail/helpfile > $PKG/etc/mail/helpfile +cd ../makemap +cat makemap > $PKG/usr/sbin/makemap +cat makemap.8 | gzip -9c > $PKG/usr/man/man8/makemap.8.gz +cd ../mailstats +cat mailstats > $PKG/usr/sbin/mailstats +cat mailstats.8 | gzip -9c > $PKG/usr/man/man8/mailstats.8.gz +cd ../praliases +cat praliases > $PKG/usr/bin/praliases +chmod 755 $PKG/usr/bin/praliases +cat praliases.8 | gzip -9c > $PKG/usr/man/man8/praliases.8.gz +cd ../rmail +cat rmail > $PKG/usr/bin/rmail +cat rmail.8 | gzip -9c > $PKG/usr/man/man8/rmail.8.gz +cd ../smrsh +cat smrsh > $PKG/usr/sbin/smrsh +cat smrsh.8 | gzip -9c > $PKG/usr/man/man8/smrsh.8.gz +cd ../mail.local +cat mail.local > $PKG/usr/sbin/mail.local +cat mail.local.8 | gzip -9c > $PKG/usr/man/man8/mail.local.8.gz +cd ../vacation +cat vacation > $PKG/usr/bin/vacation +cat vacation.1 | gzip -9c > $PKG/usr/man/man1/vacation.1.gz +cd ../editmap +cat editmap > $PKG/usr/sbin/editmap +cat editmap.8 | gzip -9c > $PKG/usr/man/man8/editmap.8.gz + +# Add libmilter: +cd $TMP/sendmail-$VERSION/libmilter +./Build +cd .. +mkdir -p $PKG/usr/include +mkdir -p $PKG/usr/include/libmilter +cp -a include/libmilter/mfapi.h $PKG/usr/include/libmilter +cp -a include/libmilter/mfdef.h $PKG/usr/include/libmilter +cp -a obj.*/libmilter/libmilter.a $PKG/usr/lib${LIBDIRSUFFIX} +strip -g $PKG/usr/lib${LIBDIRSUFFIX}/libmilter.a +chmod 644 $PKG/usr/lib${LIBDIRSUFFIX}/libmilter.a $PKG/usr/include/libmilter/* +mkdir -p $PKG/usr/doc/sendmail-$VERSION/libmilter +cp -a libmilter/README $PKG/usr/doc/sendmail-$VERSION/libmilter + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +cat $CWD/slack-desc.sendmail > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/sendmail-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/sendmail/SlackBuild-sendmail-cf b/patches/source/sendmail/SlackBuild-sendmail-cf new file mode 100755 index 000000000..1372cd016 --- /dev/null +++ b/patches/source/sendmail/SlackBuild-sendmail-cf @@ -0,0 +1,58 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2014 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=8.14.9 +ARCH=noarch +BUILD=${BUILD:-1_slack13.0} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-sendmail-cf + +rm -rf $PKG +mkdir -p $TMP $PKG + +echo "+====================+" +echo "| sendmail.cf.$VERSION |" +echo "+====================+" +( cd $TMP/sendmail-$VERSION ; find . -name "*~" -print -exec rm {} \; ) +cd $PKG +mkdir -p usr/share/sendmail/cf +cd usr/share/sendmail/cf +cp -a $TMP/sendmail-$VERSION/cf/README . +cp -a $TMP/package-sendmail/usr/share/sendmail/README.linux . +for dir in cf domain feature hack m4 mailer ostype sh siteconfig ; do + cp -a $TMP/sendmail-$VERSION/cf/$dir . +done +# Replace the sendmail Build script with a simple (working) one: +cp -a $PKG/usr/share/sendmail/cf/cf/Build $PKG/usr/share/sendmail/cf/cf/Build.orig +zcat $CWD/Build.gz > $PKG/usr/share/sendmail/cf/cf/Build +chown -R root.root * + +mkdir -p $PKG/install +cat $CWD/slack-desc.sendmail-cf > $PKG/install/slack-desc + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/sendmail-cf-$VERSION-noarch-$BUILD.txz + diff --git a/patches/source/sendmail/linux.uucp.mc b/patches/source/sendmail/linux.uucp.mc new file mode 100644 index 000000000..ffd242bb0 --- /dev/null +++ b/patches/source/sendmail/linux.uucp.mc @@ -0,0 +1,8 @@ +include(`../m4/cf.m4') +VERSIONID(`linux for setup with uucp which uses domain names')dnl +OSTYPE(linux) +FEATURE(always_add_domain)dnl +MAILER(local)dnl +MAILER(smtp)dnl +MAILER(uucp) +define(`SMART_HOST', uucp-dom:otheruucphost) diff --git a/patches/source/sendmail/sendmail-slackware-tls-sasl.mc b/patches/source/sendmail/sendmail-slackware-tls-sasl.mc new file mode 100644 index 000000000..ed5753b43 --- /dev/null +++ b/patches/source/sendmail/sendmail-slackware-tls-sasl.mc @@ -0,0 +1,61 @@ +dnl# This is the a sendmail .mc file for Slackware with TLS support. +dnl# To generate the sendmail.cf file from this (perhaps after making +dnl# some changes), use the m4 files in /usr/share/sendmail/cf like this: +dnl# +dnl# cp sendmail-slackware-tls.mc /usr/share/sendmail/cf/config.mc +dnl# cd /usr/share/sendmail/cf +dnl# sh Build config.mc +dnl# +dnl# You may then install the resulting .cf file: +dnl# cp config.cf /etc/mail/sendmail.cf +dnl# +include(`../m4/cf.m4') +VERSIONID(`TLS supporting setup for Slackware Linux')dnl +OSTYPE(`linux')dnl +dnl# +dnl# You will need to create the certificates below with OpenSSL first: +define(`confCACERT_PATH', `/etc/mail/certs/') +define(`confCACERT', `/etc/mail/certs/CA.cert.pem') +define(`confSERVER_CERT', `/etc/mail/certs/smtp.cert.pem') +define(`confSERVER_KEY', `/etc/mail/certs/smtp.key.pem') +dnl# These settings help protect against people verifying email addresses +dnl# at your site in order to send you email that you probably don't want: +define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl +dnl# Uncomment the line below to send outgoing mail through an external server: +dnl define(`SMART_HOST',`mailserver.example.com') +dnl# No timeout for ident: +define(`confTO_IDENT', `0')dnl +dnl# Enable the line below to use smrsh to restrict what sendmail can run: +dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl +dnl# See the README in /usr/share/sendmail/cf for a ton of information on +dnl# how these options work: +FEATURE(`use_cw_file')dnl +FEATURE(`use_ct_file')dnl +FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl +FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl +FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl +FEATURE(`blacklist_recipients')dnl +FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl +FEATURE(`always_add_domain')dnl +FEATURE(`redirect')dnl +FEATURE(`no_default_msa')dnl +dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail: +dnl FEATURE(`accept_unresolvable_domains')dnl +EXPOSED_USER(`root')dnl +dnl# Also accept mail for localhost.localdomain: +LOCAL_DOMAIN(`localhost.localdomain')dnl +MAILER(local)dnl +MAILER(smtp)dnl +MAILER(procmail)dnl +dnl# Allow SASL authentication/relaying: +define(`confAUTH_OPTIONS', `A p y')dnl +define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl +TRUST_AUTH_MECH(`LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl +DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl +dnl# Daemon options after M= below that might need to be changed are: +dnl# s (allow SSL, not only TLS) +dnl# a (require authentication) +DAEMON_OPTIONS(`Port=smtps, Name=MSA-SSL, M=Esa')dnl +LOCAL_CONFIG +dnl# Do not allow the weak SSLv2: +O CipherList=ALL:!ADH:!NULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv3:+TLSv1:-SSLv2:+EXP:+eNULL diff --git a/patches/source/sendmail/sendmail-slackware-tls.mc b/patches/source/sendmail/sendmail-slackware-tls.mc new file mode 100644 index 000000000..01a66775b --- /dev/null +++ b/patches/source/sendmail/sendmail-slackware-tls.mc @@ -0,0 +1,56 @@ +dnl# This is the a sendmail .mc file for Slackware with TLS support. +dnl# To generate the sendmail.cf file from this (perhaps after making +dnl# some changes), use the m4 files in /usr/share/sendmail/cf like this: +dnl# +dnl# cp sendmail-slackware-tls.mc /usr/share/sendmail/cf/config.mc +dnl# cd /usr/share/sendmail/cf +dnl# sh Build config.mc +dnl# +dnl# You may then install the resulting .cf file: +dnl# cp config.cf /etc/mail/sendmail.cf +dnl# +include(`../m4/cf.m4') +VERSIONID(`TLS supporting setup for Slackware Linux')dnl +OSTYPE(`linux')dnl +dnl# +dnl# You will need to create the certificates below with OpenSSL first: +define(`confCACERT_PATH', `/etc/mail/certs/') +define(`confCACERT', `/etc/mail/certs/CA.cert.pem') +define(`confSERVER_CERT', `/etc/mail/certs/smtp.cert.pem') +define(`confSERVER_KEY', `/etc/mail/certs/smtp.key.pem') +dnl# These settings help protect against people verifying email addresses +dnl# at your site in order to send you email that you probably don't want: +define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl +dnl# Uncomment the line below to send outgoing mail through an external server: +dnl define(`SMART_HOST',`mailserver.example.com') +dnl# No timeout for ident: +define(`confTO_IDENT', `0')dnl +dnl# Enable the line below to use smrsh to restrict what sendmail can run: +dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl +dnl# See the README in /usr/share/sendmail/cf for a ton of information on +dnl# how these options work: +FEATURE(`use_cw_file')dnl +FEATURE(`use_ct_file')dnl +FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl +FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl +FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl +FEATURE(`blacklist_recipients')dnl +FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl +FEATURE(`always_add_domain')dnl +FEATURE(`redirect')dnl +dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail: +dnl FEATURE(`accept_unresolvable_domains')dnl +EXPOSED_USER(`root')dnl +dnl# Also accept mail for localhost.localdomain: +LOCAL_DOMAIN(`localhost.localdomain')dnl +MAILER(local)dnl +MAILER(smtp)dnl +MAILER(procmail)dnl +DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl +dnl# Daemon options after M= below that might need to be changed are: +dnl# s (allow SSL, not only TLS) +dnl# a (require authentication) +DAEMON_OPTIONS(`Port=smtps, Name=MSA-SSL, M=Es')dnl +LOCAL_CONFIG +dnl# Do not allow the weak SSLv2: +O CipherList=ALL:!ADH:!NULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv3:+TLSv1:-SSLv2:+EXP:+eNULL diff --git a/patches/source/sendmail/sendmail-slackware.mc b/patches/source/sendmail/sendmail-slackware.mc new file mode 100644 index 000000000..4fd4620bf --- /dev/null +++ b/patches/source/sendmail/sendmail-slackware.mc @@ -0,0 +1,42 @@ +dnl# This is the default sendmail .mc file for Slackware. To generate +dnl# the sendmail.cf file from this (perhaps after making some changes), +dnl# use the m4 files in /usr/share/sendmail/cf like this: +dnl# +dnl# cp sendmail-slackware.mc /usr/share/sendmail/cf/config.mc +dnl# cd /usr/share/sendmail/cf +dnl# sh Build config.cf +dnl# +dnl# You may then install the resulting .cf file: +dnl# cp config.cf /etc/mail/sendmail.cf +dnl# +include(`../m4/cf.m4') +VERSIONID(`default setup for Slackware Linux')dnl +OSTYPE(`linux')dnl +dnl# These settings help protect against people verifying email addresses +dnl# at your site in order to send you email that you probably don't want: +define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl +dnl# Uncomment the line below to send outgoing mail through an external server: +dnl define(`SMART_HOST',`mailserver.example.com') +dnl# No timeout for ident: +define(`confTO_IDENT', `0')dnl +dnl# Enable the line below to use smrsh to restrict what sendmail can run: +dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl +dnl# See the README in /usr/share/sendmail/cf for a ton of information on +dnl# how these options work: +FEATURE(`use_cw_file')dnl +FEATURE(`use_ct_file')dnl +FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl +FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl +FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl +FEATURE(`blacklist_recipients')dnl +FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl +FEATURE(`always_add_domain')dnl +FEATURE(`redirect')dnl +dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail: +dnl FEATURE(`accept_unresolvable_domains')dnl +EXPOSED_USER(`root')dnl +dnl# Also accept mail for localhost.localdomain: +LOCAL_DOMAIN(`localhost.localdomain')dnl +MAILER(local)dnl +MAILER(smtp)dnl +MAILER(procmail)dnl diff --git a/patches/source/sendmail/sendmail.SlackBuild b/patches/source/sendmail/sendmail.SlackBuild new file mode 100755 index 000000000..462f16e9d --- /dev/null +++ b/patches/source/sendmail/sendmail.SlackBuild @@ -0,0 +1,3 @@ +#!/bin/sh +./SlackBuild-sendmail $* +./SlackBuild-sendmail-cf $* diff --git a/patches/source/sendmail/site.config.m4 b/patches/source/sendmail/site.config.m4 new file mode 100644 index 000000000..1f6c7f87c --- /dev/null +++ b/patches/source/sendmail/site.config.m4 @@ -0,0 +1,7 @@ +APPENDDEF(`confMAPDEF', `-DNEWDB -DSTARTTLS -DSASL=2 -DTCPWRAPPERS -DNIS -DMAP_REGEX -DSOCKETMAP') +APPENDDEF(`confLIBS', `-lnsl -lssl -lcrypto -lsasl2 -lwrap -lm -ldb -lresolv') +APPENDDEF(`conf_libmilter_ENVDEF', `-DMILTER') +APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER') +APPENDDEF(`conf_libmilter_ENVDEF', `-D_FFR_MILTER_ROOT_UNSAFE ') +APPENDDEF(`confENVDEF', `-DBROKEN_PTHREAD_SLEEP') +APPENDDEF(`confENVDEF', `-D_FFR_TLS_1')dnl diff --git a/patches/source/sendmail/slack-desc.sendmail b/patches/source/sendmail/slack-desc.sendmail new file mode 100644 index 000000000..cdcc9387a --- /dev/null +++ b/patches/source/sendmail/slack-desc.sendmail @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +sendmail: sendmail (mail transfer agent) +sendmail: +sendmail: Eric Allman's mail transport agent. The _Unix System Administration +sendmail: Handbook_ calls sendmail 'The most complex and complete mail delivery +sendmail: system in common use...' +sendmail: +sendmail: Ready-made configuration files are included for systems connected by +sendmail: TCP/IP (with or without a nameserver) and for systems using UUCP. +sendmail: +sendmail: The procmail package is required to handle local mail delivery. +sendmail: diff --git a/patches/source/sendmail/slack-desc.sendmail-cf b/patches/source/sendmail/slack-desc.sendmail-cf new file mode 100644 index 000000000..df56efdc8 --- /dev/null +++ b/patches/source/sendmail/slack-desc.sendmail-cf @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +sendmail-cf: sendmail-cf (configuration files for sendmail) +sendmail-cf: +sendmail-cf: These files are used to create sendmail.cf configuration files. The +sendmail-cf: m4 macro processor is also required in order to make use of these +sendmail-cf: files. +sendmail-cf: +sendmail-cf: The files and documentation in /usr/share/sendmail should make it +sendmail-cf: possible to support virtually any mail configuration. NOTE: You +sendmail-cf: probably won't need this package if you're planning to use one of the +sendmail-cf: sendmail.cf samples included in the sendmail package. +sendmail-cf: diff --git a/patches/source/slocate/slack-desc b/patches/source/slocate/slack-desc new file mode 100644 index 000000000..22ec56cc8 --- /dev/null +++ b/patches/source/slocate/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +slocate: slocate (Secure Locate) +slocate: +slocate: Slocate is an enhanced version of locate, a command to help you locate +slocate: files on the system. Like the original version of locate, Slocate +slocate: maintains a database of files on the system, updating it nightly. +slocate: Unlike the original, Slocate indexes every file on the machine rather +slocate: than only the ones that can be seen by everyone. The "secure" part of +slocate: slocate is that it will only return matches if the user is allowed to +slocate: see the files. +slocate: +slocate: diff --git a/patches/source/slocate/slocate-3.1.tar.gz.sign b/patches/source/slocate/slocate-3.1.tar.gz.sign new file mode 100644 index 000000000..91b982425 --- /dev/null +++ b/patches/source/slocate/slocate-3.1.tar.gz.sign @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.2 (GNU/Linux) + +iD8DBQBEDmWkUZpV8HRsUfQRAnLeAJ0cBuIYvy+3GSTdm+sfQ7XYbNWuwgCgj+pZ +RKdGZfMmcuFGoBO39sCX/64= +=K/rW +-----END PGP SIGNATURE----- diff --git a/patches/source/slocate/slocate.CVE-2007-0277.diff b/patches/source/slocate/slocate.CVE-2007-0277.diff new file mode 100644 index 000000000..4f109922f --- /dev/null +++ b/patches/source/slocate/slocate.CVE-2007-0277.diff @@ -0,0 +1,42 @@ +--- slocate-3.1.orig/src/utils.c ++++ slocate-3.1/src/utils.c +@@ -524,6 +524,7 @@ + { + struct stat path_stat; + int ret = 0; ++ char *path_copy = NULL; + char *ptr = NULL; + + if (lstat(path, &path_stat) == -1) +@@ -532,15 +533,25 @@ + if (!S_ISLNK(path_stat.st_mode)) { + if (access(path, F_OK) != 0) + goto EXIT; +- } else if ((ptr = rindex(path, '/'))) { +- *ptr = 0; +- if (access(path, F_OK) == 0) +- ret = 1; +- *ptr = '/'; +- goto EXIT; + } + ++ /* "path" is const, so we shouldn't modify it. Also, for speed, ++ * I suspect strdup/free is less expensive than the deep access ++ * checks... */ ++ if (!(path_copy = strdup(path))) ++ goto EXIT; ++ + ret = 1; ++ ++ /* Each directory leading to the file (symlink or not) must be ++ * readable for us to allow it to be listed in search results. */ ++ while (ret && (ptr=rindex(path_copy,'/'))) { ++ *ptr=0; ++ if (*path_copy && access(path_copy, R_OK) != 0) ++ ret = 0; ++ } ++ free(path_copy); ++ + EXIT: + return ret; + } diff --git a/patches/source/slocate/slocate.SlackBuild b/patches/source/slocate/slocate.SlackBuild new file mode 100755 index 000000000..3c3e84949 --- /dev/null +++ b/patches/source/slocate/slocate.SlackBuild @@ -0,0 +1,90 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=3.1 +BUILD=${BUILD:-4_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-slocate + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +# Explode the package framework: +cd $PKG +explodepkg $CWD/_slocate.tar.gz + +cd $TMP +rm -rf slocate-$VERSION +tar xzvf $CWD/slocate-$VERSION.tar.gz || exit 1 +cd slocate-$VERSION || exit 1 + +zcat $CWD/slocate.bigfile.diff.gz | patch -p0 --verbose || exit 1 +zcat $CWD/slocate.CVE-2007-0277.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 2750 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +cd src +make CFLAGS="$SLKCFLAGS -D_LARGEFILE64_SOURCE" || exit 1 +cd .. +strip --strip-unneeded src/slocate +mkdir -p $PKG/usr/bin +cat src/slocate > $PKG/usr/bin/slocate +mkdir -p $PKG/usr/man/man1 +cat doc/slocate.1 | gzip -9c > $PKG/usr/man/man1/slocate.1.gz +cat doc/updatedb.1 | gzip -9c > $PKG/usr/man/man1/updatedb.1.gz +mkdir -p $PKG/usr/doc/slocate-$VERSION +cp -a \ + Changelog LICENSE README WISHLIST \ + $PKG/usr/doc/slocate-$VERSION +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +makepkg -l y -c n $TMP/slocate-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/slocate/slocate.bigfile.diff b/patches/source/slocate/slocate.bigfile.diff new file mode 100644 index 000000000..6ccd1202e --- /dev/null +++ b/patches/source/slocate/slocate.bigfile.diff @@ -0,0 +1,33 @@ +Fix 2GB limitation - brought to you by mancha + +--- src/utils.c.orig 2012-08-25 ++++ src/utils.c 2012-08-25 +@@ -284,12 +284,12 @@ int + verify_slocate_db(struct g_data_s *g_data, char *file) + { + char ch[1]; +- struct stat tf_stat; ++ struct stat64 tf_stat; + int bytes = 0; + int fd = -1; + + if (access(file, W_OK | R_OK) == 0) { +- if (lstat(file, &tf_stat) == -1) { ++ if (lstat64(file, &tf_stat) == -1) { + if (!report_error(g_data, FATAL, "get_temp_file: fstat(): %s: %s\n", file, strerror(errno))) + goto EXIT; + +@@ -522,11 +522,11 @@ EXIT: + * to check them separately */ + int verify_access(const char *path) + { +- struct stat path_stat; ++ struct stat64 path_stat; + int ret = 0; + char *ptr = NULL; + +- if (lstat(path, &path_stat) == -1) ++ if (lstat64(path, &path_stat) == -1) + goto EXIT; + + if (!S_ISLNK(path_stat.st_mode)) { diff --git a/patches/source/stunnel/doinst.sh b/patches/source/stunnel/doinst.sh new file mode 100644 index 000000000..21f004b02 --- /dev/null +++ b/patches/source/stunnel/doinst.sh @@ -0,0 +1,12 @@ +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/stunnel/openssl.cnf.new diff --git a/patches/source/stunnel/generate-stunnel-key.sh b/patches/source/stunnel/generate-stunnel-key.sh new file mode 100644 index 000000000..b24b4ba8a --- /dev/null +++ b/patches/source/stunnel/generate-stunnel-key.sh @@ -0,0 +1,13 @@ +#!/bin/sh +USE_DH=0 + +openssl req -new -x509 -days 365 -nodes \ + -config ./openssl.cnf -out stunnel.pem -keyout stunnel.pem + +test $USE_DH -eq 0 || openssl gendh >> stunnel.pem + +openssl x509 -subject -dates -fingerprint -noout \ + -in stunnel.pem + +chmod 600 stunnel.pem +rm -f stunnel.rnd diff --git a/patches/source/stunnel/slack-desc b/patches/source/stunnel/slack-desc new file mode 100644 index 000000000..f8ee5bc47 --- /dev/null +++ b/patches/source/stunnel/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +stunnel: stunnel (Universal SSL tunnel) +stunnel: +stunnel: The stunnel program is designed to work as an SSL encryption wrapper +stunnel: between remote client and local (inetd-startable) or remote servers. +stunnel: The goal is to facilitate SSL encryption and authentication for +stunnel: non-SSL-aware programs. +stunnel: +stunnel: stunnel can be used to add SSL functionality to commonly used inetd +stunnel: daemons like POP-2, POP-3 and IMAP servers without any changes in the +stunnel: programs' code. +stunnel: diff --git a/patches/source/stunnel/stunnel.SlackBuild b/patches/source/stunnel/stunnel.SlackBuild new file mode 100755 index 000000000..767e3c8fc --- /dev/null +++ b/patches/source/stunnel/stunnel.SlackBuild @@ -0,0 +1,140 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=stunnel +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-stunnel + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf stunnel-$VERSION +tar xvf $CWD/stunnel-$VERSION.tar.?z || exit 1 +cd stunnel-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --exec-prefix= \ + --sysconfdir=/etc \ + --datadir=/usr/share \ + --mandir=/usr/man \ + --sbindir=/usr/sbin \ + --bindir=/usr/bin \ + --localstatedir=/var \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 + +# This used to be installed in /usr/sbin, so it would probably be nice to +# link from there: +mkdir -p $PKG/usr/sbin +( cd $PKG/usr/sbin + ln -sf ../bin/stunnel . + ln -sf ../bin/stunnel3 . +) + +mkdir -p $PKG/var/run/stunnel +# This will produce a useless key. +make -i install DESTDIR=$PKG +# Get rid of key, so nobody tries to use it: +rm -f $PKG/etc/stunnel/stunnel.pem +# Add cnf: +cat tools/openssl.cnf > $PKG/etc/stunnel/openssl.cnf.new +cat $CWD/generate-stunnel-key.sh > $PKG/etc/stunnel/generate-stunnel-key.sh +chmod 755 $PKG/etc/stunnel/generate-stunnel-key.sh + +mkdir -p $PKG/usr/doc/stunnel-$VERSION +mv $PKG/usr/share/doc/stunnel/* $PKG/usr/doc/stunnel-$VERSION +rmdir $PKG/usr/share/doc/stunnel +rmdir $PKG/usr/share/doc +rmdir $PKG/usr/share + +mkdir -p $PKG/usr/man/pl/man8 +mv $PKG/usr/man/man8/stunnel.pl.8 $PKG/usr/man/pl/man8/stunnel.8 +mkdir -p $PKG/usr/man/fr/man8 +mv $PKG/usr/man/man8/stunnel.fr.8 $PKG/usr/man/fr/man8/stunnel.8 +gzip -9 $PKG/usr/man/*/man?/*.? $PKG/usr/man/man?/*.? + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# The 4.15 version of stunnel caused some bizarre perms, so +# we'll protect against that: +chmod 0755 $PKG/var/lib +chown root:root $PKG/var/lib + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/stunnel-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/subversion/get-svn-book.sh b/patches/source/subversion/get-svn-book.sh new file mode 100755 index 000000000..112ba17c3 --- /dev/null +++ b/patches/source/subversion/get-svn-book.sh @@ -0,0 +1,9 @@ +#!/bin/sh +CWD=`pwd` + +# Add the latest copy of the Subversion book: +( cd $CWD + lftpget http://svnbook.red-bean.com/nightly/en/svn-book-html.tar.bz2 + chmod 644 svn-book-html.tar.bz2 +) + diff --git a/patches/source/subversion/slack-desc b/patches/source/subversion/slack-desc new file mode 100644 index 000000000..935a52212 --- /dev/null +++ b/patches/source/subversion/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +subversion: subversion (a version control system) +subversion: +subversion: Subversion is a version control system which allows you to keep old +subversion: versions of files and directories (usually source code), and keep a +subversion: log of who, when, and why changes occurred, similar to other such +subversion: systems like CVS, RCS or SCCS. Subversion keeps all the information +subversion: to permit extracting previous versions of those files at any time. +subversion: +subversion: For more information about the Subversion project, visit: +subversion: http://subversion.tigris.org +subversion: diff --git a/patches/source/subversion/subversion.SlackBuild b/patches/source/subversion/subversion.SlackBuild new file mode 100755 index 000000000..97d48803a --- /dev/null +++ b/patches/source/subversion/subversion.SlackBuild @@ -0,0 +1,170 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2011 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo subversion-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +NUMJOBS=${NUMJOBS:-" -j7 "} +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-subversion + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf subversion-$VERSION +tar xvf $CWD/subversion-$VERSION.tar.xz || exit 1 +cd subversion-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --docdir=/usr/doc/subversion-$VERSION \ + --enable-shared \ + --disable-static \ + --with-apr=/usr \ + --with-apr-util=/usr \ + --with-apxs=/usr/sbin/apxs \ + --with-neon=/usr \ + --with-zlib=/usr \ + --with-pic \ + --with-ssl \ + --with-kwallet \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 +make install-docs DESTDIR=$PKG || exit 1 + +# Install python bindings +make swig-py +make install-swig-py DESTDIR=$PKG +PYTHON_VER=$(python -c 'import sys; print "%d.%d" % sys.version_info[:2]') +mkdir -p $PKG/usr/lib${LIBDIRSUFFIX}/python${PYTHON_VER}/site-packages +mv $PKG/usr/lib${LIBDIRSUFFIX}/svn-python/* \ + $PKG/usr/lib${LIBDIRSUFFIX}/python${PYTHON_VER}/site-packages +rmdir $PKG/usr/lib${LIBDIRSUFFIX}/svn-python + +# Perl bindings +make swig-pl-lib +make install-swig-pl-lib DESTDIR=$PKG +( cd subversion/bindings/swig/perl/native + perl Makefile.PL + make install_vendor DESTDIR=$PKG +) +eval $(perl '-V:archlib') +mv $PKG/$archlib/perllocal.pod $PKG/$archlib/subversion.pod + +# Ruby bindings +make swig-rb +make install-swig-rb DESTDIR=$PKG + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +rm -rf $PKG/usr/info +# Something doesn't honor --mandir +mv $PKG/usr/share/man/man3 $PKG/usr/man +gzip -9 $PKG/usr/man/man?/* +rmdir $PKG/usr/share/man + +# What is this junk for? Since I don't know, I'll erase it. :-) +rm -rf $PKG/usr/build + +mkdir -p $PKG/usr/doc/subversion-$VERSION +cp -a \ + BUGS CHANGES COMMITTERS COPYING* HACKING INSTALL README TRANSLATING doc \ + $PKG/usr/doc/subversion-$VERSION +# too big && useless for most || if you think not, can be found in the source tarball +rm -rf $PKG/usr/doc/subversion-$VERSION/doc/tools +# Add the HTML svn book: +( cd $PKG/usr/doc/subversion-$VERSION + tar xf $CWD/svn-book-html.tar.bz2 + mv svn-book-html book + cd book + chown -R root:root . + find . -type d -exec chmod 0755 {} \; + find . -type f -exec chmod 0644 {} \; + find . -perm 2755 -exec chmod 0755 {} \; + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +) + +# This removes our DESTDIR from the packlist filenames, to keep perl's +# internal inventories consistent and correct. +find $PKG -name .packlist | while read plist ; do + sed -e "s%/share/man%/man%g" \ + -e "s%$PKG%%g" \ + -e "s%\.1$%\.1\.gz%g" \ + -e "s%\.2$%\.2\.gz%g" \ + -e "s%\.3$%\.3\.gz%g" \ + -e "s%\.3pm$%\.3pm\.gz%g" \ + -e "s%\.4$%\.4\.gz%g" \ + -e "s%\.5$%\.5\.gz%g" \ + -e "s%\.6$%\.6\.gz%g" \ + -e "s%\.7$%\.7\.gz%g" \ + -e "s%\.8$%\.8\.gz%g" \ + ${plist} > ${plist}.new + mv -f ${plist}.new ${plist} +done + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/subversion-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/sudo/doinst.sh b/patches/source/sudo/doinst.sh new file mode 100644 index 000000000..01e3d173e --- /dev/null +++ b/patches/source/sudo/doinst.sh @@ -0,0 +1,14 @@ +#!/bin/sh +config() { + NEW="$1" + OLD="`dirname $NEW`/`basename $NEW .new`" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/sudoers.new +rm -f etc/sudoers.new diff --git a/patches/source/sudo/slack-desc b/patches/source/sudo/slack-desc new file mode 100644 index 000000000..66f1aa8c9 --- /dev/null +++ b/patches/source/sudo/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +sudo: sudo (give limited root privileges to certain users) +sudo: +sudo: 'sudo' is a command that allows users to execute some commands as +sudo: root. The /etc/sudoers file (edited with 'visudo') specifies which +sudo: users have access to sudo and which commands they can run. 'sudo' +sudo: logs all its activities to /var/log/ so the system administrator +sudo: can keep an eye on things. +sudo: +sudo: +sudo: +sudo: diff --git a/patches/source/sudo/sudo.SlackBuild b/patches/source/sudo/sudo.SlackBuild new file mode 100755 index 000000000..e20a40e4a --- /dev/null +++ b/patches/source/sudo/sudo.SlackBuild @@ -0,0 +1,122 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012, 2015 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=sudo +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-sudo + +rm -rf $PKG +mkdir -p $TMP $PKG/var/db + +if [ "$ARCH" = "i386" ]; then + SLKCFLAGS="-O2 -march=i386 -mcpu=i686" +elif [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi + +cd $TMP +rm -rf sudo-$VERSION +tar xvf $CWD/sudo-$VERSION.tar.?z* || exit 1 +cd sudo-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sbindir=/usr/sbin \ + --mandir=/usr/man \ + --docdir=/usr/doc/sudo-$VERSION \ + --with-env-editor \ + --disable-pam-session \ + --with-pam=no \ + --with-rundir=/var/db/sudo \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +( cd $PKG/usr/bin + chmod 4711 sudo + ln -sf sudo sudoedit +) +chmod 755 $PKG/usr/sbin/visudo + +rm -f $PKG/usr/man/man8/sudoedit.8 +gzip -9 $PKG/usr/man/man?/*.? +( cd $PKG/usr/man/man8 ; ln -sf sudo.8.gz sudoedit.8.gz ) + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mv $PKG/etc/sudoers $PKG/etc/sudoers.new + +rm -r $PKG/usr/doc/sudo-$VERSION +mkdir -p $PKG/usr/doc/sudo-$VERSION +cp -a \ + INSTALL NEWS README* \ + doc/{CONTRIBUTORS,HISTORY,LICENSE,TROUBLESHOOTING,UPGRADE} \ + $PKG/usr/doc/sudo-$VERSION +chmod 644 $PKG/usr/doc/sudo-$VERSION/* + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAM}-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/sudo-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/t1lib/slack-desc b/patches/source/t1lib/slack-desc new file mode 100644 index 000000000..293af0cb9 --- /dev/null +++ b/patches/source/t1lib/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +t1lib: t1lib (Type 1 font rasterizer library) +t1lib: +t1lib: t1lib is a library distributed under the GNU General Public Library +t1lib: License for generating character and string glyphs from Adobe Type 1 +t1lib: fonts under UNIX. t1lib uses most of the code of the X11 rasterizer +t1lib: donated by IBM to the X11 project. +t1lib: +t1lib: +t1lib: +t1lib: +t1lib: diff --git a/patches/source/t1lib/t1lib.SlackBuild b/patches/source/t1lib/t1lib.SlackBuild new file mode 100755 index 000000000..c486c4e31 --- /dev/null +++ b/patches/source/t1lib/t1lib.SlackBuild @@ -0,0 +1,131 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2011, 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +PKGNAM=t1lib +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.xz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +fi + +NUMJOBS=${NUMJOBS:-" -j7 "} + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-t1lib +rm -rf $PKG +mkdir -p $TMP $PKG/usr + +cd $TMP +rm -rf t1lib-$VERSION +tar xvf $CWD/t1lib-$VERSION.tar.?z* || exit 1 +cd t1lib-$VERSION + +# Apply Debian's patch since upstream seems inactive: +zcat $CWD/t1lib_5.1.2-3.5.diff.gz | patch -p1 --verbose || exit 1 + +# I don't think anyone is applying this first one: +#cat debian/patches/segfault.diff -b -z .segf | patch -p1 --verbose || exit 1 +# UUOCFTW: +cat debian/patches/no-config.diff | patch -p1 --verbose || exit 1 +cat debian/patches/no-docs.diff | patch -p1 --verbose || exit 1 +cat debian/patches/lib-cleanup.diff | patch -p1 --verbose || exit 1 +cat debian/patches/format-security.diff | patch -p1 --verbose || exit 1 +cat debian/patches/CVE-2011-0764.diff | patch -p1 --verbose || exit 1 +cat debian/patches/CVE-2011-1552_1553_1554.patch | patch -p1 --verbose || exit 1 +cat debian/patches/CVE-2010-2642.patch | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --enable-static=no \ + --build=$ARCH-slackware-linux + +make $NUMJOBS || make || exit 1 +make install prefix=$PKG/usr libdir=$PKG/usr/lib${LIBDIRSUFFIX} || exit 1 + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +chmod 755 $PKG/usr/lib${LIBDIRSUFFIX}/*.so + +mkdir -p $PKG/usr/doc/t1lib-$VERSION +cp -a \ + Change* COPYING* *GPL* LICENSE* README* \ + $PKG/usr/doc/t1lib-$VERSION + +mkdir -p $PKG/usr/share/t1lib +cp -a Fonts $PKG/usr/share/t1lib +/bin/ls $PKG/usr/share/t1lib/Fonts/afm/*.afm /usr/share/fonts/Type1/*.afm | sort | uniq | wc -l | sed -e 's/ //g' > $PKG/usr/share/t1lib/FontDataBase +( cd $PKG/usr/share/t1lib/Fonts/afm ; /bin/ls *.afm ; cd /usr/share/fonts/Type1 ; /bin/ls *.afm ) | sort | uniq >> $PKG/usr/share/t1lib/FontDataBase +cat << EOF > $PKG/usr/share/t1lib/t1lib.config +This is a configuration file for t1lib + +FONTDATABASE=/usr/share/t1lib/FontDataBase +ENCODING=/usr/share/t1lib/Fonts/enc +AFM=/usr/share/t1lib/Fonts/afm:/usr/share/fonts/Type1 +TYPE1=/usr/share/t1lib/Fonts/type1:/usr/share/fonts/Type1 +EOF + +mkdir -p $PKG/etc/profile.d +cat << EOF > $PKG/etc/profile.d/t1lib.sh +T1LIB_CONFIG=/usr/share/t1lib/t1lib.config +export T1LIB_CONFIG +EOF +cat << EOF > $PKG/etc/profile.d/t1lib.csh +setenv T1LIB_CONFIG /usr/share/t1lib/t1lib.config +EOF +chmod 755 $PKG/etc/profile.d/* + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +cd $PKG +/sbin/makepkg -l y -c n $TMP/t1lib-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/t1lib/t1lib_5.1.2-3.5.diff b/patches/source/t1lib/t1lib_5.1.2-3.5.diff new file mode 100644 index 000000000..bd1374664 --- /dev/null +++ b/patches/source/t1lib/t1lib_5.1.2-3.5.diff @@ -0,0 +1,2109 @@ +--- t1lib-5.1.2.orig/debian/libt1-doc.docs ++++ t1lib-5.1.2/debian/libt1-doc.docs +@@ -0,0 +1 @@ ++doc/*.pdf +--- t1lib-5.1.2.orig/debian/orig-tar.sh ++++ t1lib-5.1.2/debian/orig-tar.sh +@@ -0,0 +1,11 @@ ++#!/bin/sh -e ++ ++# called by uscan with '--upstream-version' <version> <file> ++ ++# move to directory 'tarballs' ++if [ -r .svn/deb-layout ]; then ++ . .svn/deb-layout ++ mv $3 $origDir ++ echo "moved $3 to $origDir" ++fi ++ +--- t1lib-5.1.2.orig/debian/libt1-5.install ++++ t1lib-5.1.2/debian/libt1-5.install +@@ -0,0 +1 @@ ++debian/tmp/usr/lib/libt1*.so.* +--- t1lib-5.1.2.orig/debian/changelog ++++ t1lib-5.1.2/debian/changelog +@@ -0,0 +1,456 @@ ++t1lib (5.1.2-3.5) unstable; urgency=high ++ ++ * Non-maintainer upload by the Security Team. ++ * Thanks Jamie Strandboge from Ubuntu for the patch. ++ * debian/patches: ++ - series: make sure CVE-2010-2642.patch is really applied so CVE-2010-2642 ++ (denial of service via oversized fonts) is really fixed. ++ - CVE-2011-1552_1553_1554 added, few more fixes for CVE-2011-1552, ++ CVE-2011-1553 and CVE-2011-1554 (heap-based buffer overflow via AFM font ++ parser) ++ ++ -- Yves-Alexis Perez <corsac@debian.org> Wed, 18 Jan 2012 10:43:23 +0100 ++ ++t1lib (5.1.2-3.4) unstable; urgency=high ++ ++ * Non-maintainer upload by the Security Team. ++ * debian/patches: ++ - CVE-2010-2642 added, fix heap-based buffer overflow first found in ++ evince but applicable to the embedded afmparse library found in t1lib ++ too. Fixes CVE-2011-0433 too on the same patch. ++ ++ -- Yves-Alexis Perez <corsac@debian.org> Sun, 15 Jan 2012 13:47:26 +0100 ++ ++t1lib (5.1.2-3.3) unstable; urgency=low ++ ++ * Non-maintainer upload. ++ * Fix arbitrary code execution CVE-2011-0764 by only using ppoints when ++ it is a valid pointer (Closes: #652996). ++ * Don't ship .la file anymore (Closes: #633247). ++ ++ -- Luk Claes <luk@debian.org> Thu, 29 Dec 2011 23:21:33 +0100 ++ ++t1lib (5.1.2-3.2) unstable; urgency=low ++ ++ * Non-maintainer upload. (version 5.1.2-3.2 triggered a problem with dak) ++ * format-security.diff: use relevant "%s" format when passing a ++ variable string to a printf() function and replace printf() ++ with puts() for the model-only IfTrace0 macro. Thanks to Colin Watson ++ and Loïc Minier! (Closes: #646470) ++ ++ -- Mònica RamÃrez Arceda <monica@probeta.net> Sat, 03 Dec 2011 21:28:31 +0100 ++ ++t1lib (5.1.2-3) unstable; urgency=low ++ ++ * New Maintainer (Closes: #430611) ++ * Solved some hyphen-used-as-minus-sign in FontDatabase.5 ++ * Reformated debian/copyrigth ++ * Added symbols control file ++ ++ -- Ruben Molina <rmolina@udea.edu.co> Wed, 23 Jul 2008 20:24:22 -0500 ++ ++t1lib (5.1.2-2) unstable; urgency=low ++ ++ * Add a package with debugging information. ++ ++ -- Torsten Werner <twerner@debian.org> Sat, 08 Mar 2008 10:21:43 +0100 ++ ++t1lib (5.1.2-1) unstable; urgency=low ++ ++ * new upstream release ++ * Correct debian/watch. ++ * Remove patch cve-2007-4033.diff because it has been integrated upstream. ++ * Remove parts of patch segfault.diff that have been integrated upstream. ++ * Do not apply the remaining segfault.diff because it does not look safe but ++ keep the patch as a reminder that something was broken in the past. ++ ++ -- Torsten Werner <twerner@debian.org> Sat, 08 Mar 2008 10:07:54 +0100 ++ ++t1lib (5.1.1-5) unstable; urgency=low ++ ++ * Replace Build-Depends-Indep by Build-Depends again. ++ ++ -- Torsten Werner <twerner@debian.org> Tue, 08 Jan 2008 21:34:25 +0100 ++ ++t1lib (5.1.1-4) unstable; urgency=low ++ ++ * Add Build-Depends-Indep: libxt-dev. (Closes: #459754) ++ ++ -- Torsten Werner <twerner@debian.org> Tue, 08 Jan 2008 20:29:01 +0100 ++ ++t1lib (5.1.1-3) unstable; urgency=low ++ ++ * Replace static changes of upstream files by quilt patches as requested by ++ Fedora developers. ++ * Remove postinst that removed the old /usr/doc symlink. ++ * Remove preinst that removed the old /usr/share/doc/t1lib-bin symlink. ++ * Rename menu.t1lib-bin to t1lib-bin.menu to make sure the menu file gets ++ installed. ++ * Update menu file to conform to current menu policy. ++ * Install documentation with dh_installdocs instead of dh_install and some ++ other minor cleanups. ++ * Switch to cdbs. ++ * Fix versioned Build-Depends: debhelper (>= 5). ++ * Move some Build-Depends to Build-Depends-Indep. ++ * Apply two patches provided by Patrice Dumas: ++ - Update t1libconfig's font search. ++ - Fixes a segfault. ++ * Integrate another patch that fixes a segfault. (Closes: #313236) ++ ++ -- Torsten Werner <twerner@debian.org> Sun, 06 Jan 2008 20:50:19 +0100 ++ ++t1lib (5.1.1-2) unstable; urgency=low ++ ++ * Add Depends: libxaw7-dev to -dev package. ++ * Switch to DH_COMPAT = 5. ++ * Update Vcs headers in debian/control. ++ * Change Standards-Version: 3.7.3. ++ * Do not link with unneeded libraries. ++ * Add LDFLAGS=-Wl,--as-needed. ++ ++ -- Torsten Werner <twerner@debian.org> Fri, 21 Dec 2007 22:54:43 +0100 ++ ++t1lib (5.1.1-1) unstable; urgency=low ++ ++ * new upstream version (Closes: #418664) ++ * Add XS-Vcs-* header to debian/control. ++ * Update Standards-Version to 3.7.2 (no changes). ++ * Remove Depends: libc6-dev. (Closes: #446375). ++ * Change Maintainer to myself. ++ * Replace ${Source-Version} by ${binary:Version}. ++ * Do not ignore errors of 'make distclean'. ++ ++ -- Torsten Werner <twerner@debian.org> Sat, 13 Oct 2007 14:46:23 +0200 ++ ++t1lib (5.1.0-3) unstable; urgency=low ++ ++ * Apply patch from Artur R. Czechowski to fix CVE-2007-4033. ++ (Closes: #439927) ++ ++ -- Torsten Werner <twerner@debian.org> Mon, 17 Sep 2007 23:25:45 +0200 ++ ++t1lib (5.1.0-2) unstable; urgency=low ++ ++ * Upload to unstable ++ * Bump-up Standards-Version to 3.6.2 (no changes required) ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sat, 6 Aug 2005 20:11:51 +0200 ++ ++t1lib (5.1.0-1) experimental; urgency=low ++ ++ * New upstream release ++ * README.t1lib-5.0.2 replaced with README.t1lib-5.1.0 ++ * README.win32 is no longer installed ++ * Removed misleading information from README.Debian ++ * Replace -V with -V 'libt1-5 (>= 5.0.2)' for dh_makeshlibs in debian/rules ++ * Remove some commented stuff from debian/rules ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sat, 4 Jun 2005 22:12:43 +0200 ++ ++t1lib (5.0.2-3) unstable; urgency=low ++ ++ * Update libtool (Closes: #246753) ++ * Build-Depends on individual library instead dummy xlibs-dev ++ * Added dependencies to -dev package (Closes: #249973) ++ * Thanks to Christopher L Cheney for above patches ++ * Add -V to dh_makeshlibs to make a versioned dependencies on this library ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sun, 23 May 2004 01:02:02 +0200 ++ ++t1lib (5.0.2-2) unstable; urgency=low ++ ++ * change distribution to unstable ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sun, 18 Apr 2004 13:07:23 +0200 ++ ++t1lib (5.0.2-1) experimental; urgency=low ++ ++ * New upstream release (Closes: #243916) ++ - fixed some crashes (Closes: #242570, #243378) ++ * Reference to README.t1lib-5.0.2 instead -5.0.0 in some debian/ files ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sat, 17 Apr 2004 19:22:09 +0200 ++ ++t1lib (5.0.0-5) unstable; urgency=low ++ ++ * debian/rules: documentation is build from binary-indep (Closes: #230386) ++ * debian/watch has been added ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sat, 21 Feb 2004 20:19:38 +0100 ++ ++t1lib (5.0.0-4) unstable; urgency=low ++ ++ * Added missing files in NEWS.Debian ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Wed, 21 Jan 2004 00:27:24 +0100 ++ ++t1lib (5.0.0-3) unstable; urgency=low ++ ++ * New release uploaded to unstable (finaly closes: #185097, #216501) ++ * Unleash it to allow to migrate to testing (Closes: #221198) ++ * libt1-dev and t1lib-dev conflict with each other, ++ * libt1-dev conflicts with t1lib1-dev to smooth upgrade from t1lib 1.3.1-6 ++ * t1lib-bin provides/conflicts/replaces t1lib1-bin to smooth upgrade from ++ t1lib 1.3.1-6 ++ * Some README.* files in libt1-dev ++ * Applied patch which fixes memory access bug (see #224314 for details) ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sun, 18 Jan 2004 03:00:05 +0100 ++ ++t1lib (5.0.0-2) experimental; urgency=low ++ ++ * rename source package to t1lib ++ * rename binary packages: ++ + libt1-5 -> libt1-dev ++ + t1lib5-bin -> t1lib-bin ++ + libt1-5-doc -> libt1-doc ++ * rationale for all above: ++ http://lists.debian.org/debian-devel/2003/debian-devel-200311/msg01083.html ++ and rest of this thread ++ * linking libt1x with X libraries to avoid undefined symbols (see #220111) ++ * clearing independency of X11 in README.Debian ++ * removed all tracks of t1lib0 (Conflict, Replaces, etc) ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Wed, 24 Dec 2003 01:50:37 +0100 ++ ++t1lib5 (5.0.0-1) experimental; urgency=low ++ ++ * New upstream release (Closes: #185097, #216501) ++ * This release is binary incompatible with the previous one. ++ * t1lib-bin and t1lib-dev are virtual packages now ++ * removed weird ``dbl'' from configure - typo in upstream configure.in ++ * there is no necessity to conflict current -doc with the other ones ++ * library, devel and documentation package is libt1-5{,-dev,-doc} to be ++ consistent with Debian Policy 8.1 ++ * do not anymore copy config.{sub,guess} automagically ++ * update ac-tools/config.{sub,guess} to 20031007 ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sun, 9 Nov 2003 15:16:51 +0100 ++ ++t1lib (1.3.1-4) unstable; urgency=low ++ ++ * New Maintainer, Adopted Package (Closes: #189694) ++ * Prepare for migration to t1lib 5.x: ++ - all packages renamed to t1lib1{,-foo} ++ - empty packages t1lib-bin and t1lib-dev depending on t1lib1-bin ++ and t1lib1-dev ++ * Packaging from scratch using debhelper, Standards-Version is 3.6.1.0 now ++ * Remove non-existent xlib6g-dev from Build-Depends ++ * Updated README.Debian ++ * Remove symlinks from /usr/doc/t1lib* ++ * Only t1lib1-bin contains /etc/t1lib directory ++ * t1lib-dev has been split into two packages: t1lib1-dev and t1lib1-doc ++ * t1lib1-bin: change manual section for type1afm from 8 to 1 ++ * t1lib1-bin: create files in /etc/t1lib if don't exist (Closes: #58275) ++ * t1lib1-bin: remove symlink /usr/share/doc/t1lib-bin -> t1lib1 if exists ++ * Torsten Werner <twerner@debian.org> is sponsoring the package ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sun, 2 Nov 2003 03:47:51 +0100 ++ ++t1lib (1.3.1-3) unstable; urgency=low ++ ++ * Change t1lib-dev's section from "devel" to "libdevel" (thanks, Katie!) ++ ++ -- Adam Conrad <adconrad@0c3.net> Mon, 18 Aug 2003 22:42:17 -0600 ++ ++t1lib (1.3.1-2) unstable; urgency=low ++ ++ * Set maintainer to QA, as this package was orphaned months ago (see #189694) ++ * Change "make" to "make without_doc" and remove build-dep on ++ tetex-bin (closes: #192291, #192290) ++ * Change libxaw-dev build-dep to libxaw7-dev, so we are asking for a real ++ package, rather than a virtual (closes: #170012) ++ * lib/Makefile.in changes (closes: #193757) ++ - add "-lm" to libt1.la target ++ - add "-L@top_srcdir@/lib/.libs/ -lt1" to libt1x.la target ++ ++ -- Adam Conrad <adconrad@0c3.net> Mon, 18 Aug 2003 21:50:22 -0600 ++ ++t1lib (1.3.1-1) unstable; urgency=low ++ ++ * New upstream version. (Closes: #127619,#127618) ++ ++ -- David Huggins-Daines <dhd@debian.org> Thu, 3 Jan 2002 21:53:29 -0500 ++ ++t1lib (1.2-1) unstable; urgency=low ++ ++ * New upstream version. ++ ++ -- David Huggins-Daines <dhd@debian.org> Wed, 22 Aug 2001 21:16:36 -0400 ++ ++t1lib (1.1.1-2.2) unstable; urgency=low ++ ++ * NMU ++ * debian/rules: if LD_LIBRARY_PATH is already set, append to it, so ++ builds under fakeroot will work (Closes: #104046) ++ ++ -- Branden Robinson <branden@debian.org> Fri, 10 Aug 2001 04:57:50 -0500 ++ ++t1lib (1.1.1-2.1) unstable; urgency=low ++ ++ * NMU, with updated config.{guess,sub} for newer architectures ++ ++ -- Randolph Chung <tausq@debian.org> Sat, 7 Jul 2001 01:01:51 -0600 ++ ++t1lib (1.1.1-2) unstable; urgency=high ++ ++ * Yow! Major upstream weirdness. Do *not* try to print the documentation ++ when building... Closes: #94660 ++ ++ -- David Huggins-Daines <dhd@debian.org> Fri, 20 Apr 2001 20:35:49 -0400 ++ ++t1lib (1.1.1-1) unstable; urgency=low ++ ++ * New upstream version. Closes: #94627 (why did I never get this bug ++ report in the first place?) ++ ++ -- David Huggins-Daines <dhd@debian.org> Fri, 20 Apr 2001 11:16:15 -0400 ++ ++t1lib (1.0.1-2) unstable; urgency=low ++ ++ * Recompile with new XFree86 libraries and glibc. ++ ++ -- David Huggins-Daines <dhd@debian.org> Wed, 24 Jan 2001 22:33:43 -0500 ++ ++t1lib (1.0.1-1) unstable; urgency=low ++ ++ * New upstream version. Closes: #69689 ++ ++ -- David Huggins-Daines <dhd@debian.org> Thu, 9 Nov 2000 00:29:06 -0500 ++ ++t1lib (1.0-2) frozen unstable; urgency=low ++ ++ * Use dpkg-architecture to supply a target architecture name to ++ configure, should fix the compile problems on Alpha and ARM for good. ++ (closes:#57839) ++ ++ -- David Huggins-Daines <dhd@eradicator.org> Wed, 1 Mar 2000 21:22:49 -0500 ++ ++t1lib (1.0-1) unstable; urgency=low ++ ++ * New upstream version. ++ * Twiddled package names to make more sense. ++ * Move back to priority optional to satisfy dependencies of xpdf and ++ php3. ++ * Moved .la files to t1lib-dev. Added versioned Replaces: field in the ++ control file to cope with potato-to-potato upgrades (the t1lib0 ++ packages in slink were not buggy in this way) ++ * t1libconfig and associated manual pages (FontDataBase.5, ++ t1libconfig.8) are now in the t1lib-bin package, for much the same ++ reason. Unfortunately this Replaces: field cannot be versioned. ++ * The t1lib packages no longer manage the contents of /etc/t1lib/. In ++ the near future, t1lib1 may have a debconf interface for doing so. ++ The t1lib.config and FontDataBase were never used by any programs that ++ linked with t1lib anyway, thankfully. ++ ++ -- David Huggins-Daines <dhd@eradicator.org> Sun, 2 Jan 2000 03:02:30 -0500 ++ ++t1lib0 (0.9.2-1) unstable; urgency=low ++ ++ * New upstream version. ++ * Being more intelligent in t1libconfig to avoid postinst-lossage. ++ Fixes: #44095 ++ * Updated for FHS compliance. ++ ++ -- David Huggins-Daines <dhd@debian.org> Fri, 8 Oct 1999 15:27:46 -0400 ++ ++t1lib0 (0.9.1-4) unstable; urgency=medium ++ ++ * Updated the shlibs file since it appears that programs compiled ++ against 0.9.1 won't work with 0.9 (though the other way around does ++ work). Fixes: #43215, #43231 ++ * Removed ARCH bogosity and updated config.sub and config.guess ++ (upstream maintainer will be notified) ++ ++ -- David Huggins-Daines <dhd@debian.org> Sat, 21 Aug 1999 01:23:39 -0400 ++ ++t1lib0 (0.9.1-3) unstable; urgency=low ++ ++ * Conditionalize that ARCH thing, or the Hurd people will kill me. ++ ++ -- David Huggins-Daines <dhd@debian.org> Sat, 3 Jul 1999 13:56:12 -0400 ++ ++t1lib0 (0.9.1-2) unstable; urgency=low ++ ++ * Oops. T1lib installs a dummy config file. We remove this before ++ building the package (because we generate our own). Also, the preinst ++ has to compensate for the past brokenness by saving it before an ++ upgrade. ++ ++ -- David Huggins-Daines <dhd@debian.org> Fri, 2 Jul 1999 16:13:46 -0400 ++ ++t1lib0 (0.9.1-1) unstable; urgency=low ++ ++ * New upstream version. ++ * Moved back to extra, because that's the way the winds are blowing. ++ * Added ARCH variable to debian/rules to work around strange ++ architecture detection on Alpha. ++ ++ -- David Huggins-Daines <dhd@debian.org> Fri, 2 Jul 1999 14:58:32 -0400 ++ ++t1lib0 (0.9-1) unstable; urgency=low ++ ++ * New upstream version ++ ++ -- David Huggins-Daines <dhd@debian.org> Thu, 10 Jun 1999 23:00:12 -0400 ++ ++t1lib0 (0.8.1-1) unstable; urgency=low ++ ++ * New upstream version. (fixes bug #31549) ++ * Upstream move to libtool has made debian/rules a lot less contorted, ++ and slimmed up the diff considerably. Thanks! ++ * I'm now uploading m68k versions as well. ++ * Fixed "confdif" typo in t1libconfig (oops!) ++ * This release breaks binary and source compatibility. Bumping the ++ soname seems a bit extreme, since there is only one Debian package ++ (gglyph) which depends on this, and I'm simultaneously uploading a ++ fixed version. ++ ++ -- David Huggins-Daines <dhd@debian.org> Wed, 24 Feb 1999 17:16:41 -0500 ++ ++t1lib0 (0.7.1-5) unstable; urgency=low ++ ++ * Changed debian/rules to remove debian/files on clean. (fixes bug #26907) ++ * Changed t1libconfig to allow installation </dev/null (fixes bug #27609) ++ ++ -- David Huggins-Daines <dhd@debian.org> Fri, 16 Oct 1998 20:12:02 -0400 ++ ++t1lib0 (0.7.1-4) unstable; urgency=low ++ ++ * Changed debian/rules not to use debhelper, to fix PowerPC and Alpha compile ++ problems and (hopefully) make the purists happy :) ++ * Upgraded priority to Optional, since it doesn't conflict with or break ++ anything, and is relatively stable. ++ ++ -- David Huggins-Daines <dhd@debian.org> Fri, 18 Sep 1998 18:36:07 -0400 ++ ++t1lib0 (0.7.1-3) unstable; urgency=low ++ ++ * Changed "read" to "read foo" in t1libconfig to make it more sh-friendly. ++ * Minor change to debian/rules (fixes bug #25501) ++ ++ -- David Huggins-Daines <dhd@debian.org> Fri, 7 Aug 1998 13:31:28 -0400 ++ ++t1lib0 (0.7.1-2) unstable; urgency=low ++ ++ * Patched lib/t1lib/t1finfo.c to fix segfault problems with some fonts. ++ * Fixed the URLs and info in copyright and README.Debian. ++ ++ -- David Huggins-Daines <dhd@debian.org> Tue, 21 Jul 1998 16:01:03 -0400 ++ ++t1lib0 (0.7.1-1) unstable; urgency=low ++ ++ * Initial release. ++ ++ -- David Huggins-Daines <dhd@debian.org> Thu, 16 Jul 1998 22:07:08 -0400 ++ ++ +--- t1lib-5.1.2.orig/debian/libt1-5.docs ++++ t1lib-5.1.2/debian/libt1-5.docs +@@ -0,0 +1,2 @@ ++README.t1lib-* ++README.t1python +--- t1lib-5.1.2.orig/debian/libt1-dev.docs ++++ t1lib-5.1.2/debian/libt1-dev.docs +@@ -0,0 +1,2 @@ ++README.t1lib-* ++README.t1python +--- t1lib-5.1.2.orig/debian/t1libconfig ++++ t1lib-5.1.2/debian/t1libconfig +@@ -0,0 +1,163 @@ ++#!/bin/sh -e ++ ++# to test POSIX-correctness, change hash-bang to /bin/bash and uncomment ++# the following line: ++ ++# set -o posix ++ ++# Very simple configuration script for t1lib. Checks a couple of ++# directories that might contain fonts, and if they exist, adds ++# anything ending in .pfa or pfb to the font database. A few things ++# borrowed from paperconfig, (C) 1996, Yves Arrouye ++# <arrouye@debian.org> ++ ++# note that this creates the "minimal" font database accepted by t1lib, ++# and doesn't look in every possible place for fonts. It is mostly ++# provided so that xglyph will work out of the box... ++ ++# Written by David Huggins-Daines <dhd@debian.org> ++ ++usage() { ++ if [ "$1" = -h ] ++ then ++ exec 1>&2 ++ echo -n U ++ else ++ echo -n u ++ fi ++ ++ echo "sage: `basename $0` [ -v, --version ] [ -h, --help ] [ --force ]" ++ echo " [ fontdirs... ]" ++ ++ if [ "$1" = -h ] ++ then ++ cat <<EOF ++ ++Options: -v, --verbose print version information and exit ++ -h, --help print this help and exit ++ --force force configuration ++EOF ++ exit 0 ++ else ++ exit 1 ++ fi ++} ++ ++version=0.2 ++topfontdirs="/usr/share/fonts/type1 /usr/share/fonts/X11" ++for dir in $topfontdirs; do ++ if [ -d $dir ]; then ++ subdirs=$(find $dir -type d -printf "%p ") ++ fontdirs="$subdirs $fontdirs" ++ fi ++done ++conffile=/etc/t1lib/t1lib.config ++confdir=/etc/t1lib/ ++dbase=/etc/t1lib/FontDatabase ++temp=/etc/t1lib/FontDatabase.tmp ++ ++force=0 ++ ++while [ $# -ne 0 ] ++do ++ case "$1" in ++ -v|--version) ++ echo "`basename $0` version $version" \ ++ "by David Huggins-Daines <dhd@debian.org>" ++ exit 0 ++ ;; ++ -h|--help) ++ usage -h ++ ;; ++ --force) ++ force=1 ++ ;; ++ *) ++ # hairy way to remove a trailing backslash (should use perl) ++ pat=`expr $1 : "\(.*\)\/\$" || echo $1` ++ # hairier way to find a string anywhere in another string ++ # should really use perl. ++ if ! grep $pat <<EOF >/dev/null 2>&1 ++$fontdirs ++EOF ++ then ++ fontdirs="$fontdirs $1" ++ fi ++ ;; ++ esac ++ shift ++done ++ ++# We presume that if the database exists, then so does the ++# configuration file. Hopefully this won't break anything. ++ ++if [ $force -eq 1 ] || [ ! -e $dbase ]; then ++ fontpath="" ++ afmpath="" ++ ++ mkdir -p $confdir || true ++ ++ echo -n "Searching for Type 1 fonts and AFM files..." ++ ++ for i in $fontdirs ++ do ++ if [ -d $i ] && ls $i/*.pf[ab] > /dev/null 2>&1; then ++ if [ -n "$fontpath" ]; then ++ fontpath="$fontpath:$i" ++ else ++ fontpath="$i" ++ fi ++ ++ if ls $i/*.afm > /dev/null 2>&1; then ++ if [ -n "$afmpath" ]; then ++ afmpath="$afmpath:$i" ++ else ++ afmpath="$i" ++ fi ++ fi ++ # get a listing of all the fonts in each dir ++ find $i -maxdepth 1 -name *.pf[ab] -printf '%f\n' >> $temp ++ fi ++ done ++ if [ -z "$fontpath" ]; then ++ cat <<EOF ++ ++No Type 1 fonts were found in the expected locations. ++If you want t1lib to be aware of your fonts, you should run ++/usr/sbin/t1libconfig with the names of your local font directories as ++arguments, or you should edit the /etc/t1lib/FontDatabase file manually. ++See the FontDatabase(5) manual page for more information. ++ ++Press [return] to continue. ++EOF ++ read foo || true ++ rm -f $temp ++ else ++ echo "done." ++ echo -n "Building font database..." ++ fontcount=`wc -l $temp || true` ++ echo $fontcount > $dbase ++ cat $temp >> $dbase ++ rm -f $temp ++ echo "done." ++ fi ++ ++ # now set the paths in the config file ++ cat <<EOF >$conffile ++t1lib.config - global configuration file for t1lib. ++It was created automatically on `date` ++by the t1libconfig script. ++ ++Run /usr/sbin/t1libconfig --force to rebuild it. ++ ++ENCODING=. ++AFM=$afmpath ++TYPE1=$fontpath ++FONTDATABASE=$dbase ++EOF ++else ++ echo "Configuration and font database files already exist." ++ echo "Run /usr/sbin/t1libconfig --force to rebuild them." ++fi ++ ++exit 0 +--- t1lib-5.1.2.orig/debian/t1lib-bin.postinst ++++ t1lib-5.1.2/debian/t1lib-bin.postinst +@@ -0,0 +1,8 @@ ++#!/bin/sh ++set -e ++ ++if [ ! -f /etc/t1lib/t1lib.config ]; then ++ /usr/sbin/t1libconfig ++fi ++ ++#DEBHELPER# +--- t1lib-5.1.2.orig/debian/t1lib-bin.menu ++++ t1lib-5.1.2/debian/t1lib-bin.menu +@@ -0,0 +1,2 @@ ++?package(t1lib-bin): needs="X11" section="Applications/Viewers" \ ++ title="XGlyph" command="/usr/bin/xglyph" +--- t1lib-5.1.2.orig/debian/t1lib-bin.install ++++ t1lib-5.1.2/debian/t1lib-bin.install +@@ -0,0 +1,2 @@ ++debian/t1libconfig usr/sbin ++debian/tmp/usr/bin/* +--- t1lib-5.1.2.orig/debian/copyright ++++ t1lib-5.1.2/debian/copyright +@@ -0,0 +1,94 @@ ++This package was debianized by David Huggins-Daines <dhd@debian.org> on ++Fri, 19 Jun 1998 20:01:01 -0400. It has been also maintained by Artur ++R. Czechowski <arturcz@hell.pl> and Torsten Werner <twerner@debian.org>. ++ ++It was downloaded from ftp://sunsite.unc.edu/pub/Linux/libs/graphics/ ++ ++Upstream Author: ++ ++ Rainer Menzner <Rainer.Menzner@web.de> ++ ++Copyright: ++ ++ Copyright (C) 1996-2003 Rainer Menzner ++ ++License: ++ ++ This package is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2 of the License, or (at your option) any later version. ++ ++ This package is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with this package; if not, write to the Free Software ++ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA ++ ++On Debian systems, the complete text of the GNU Lesser General ++Public License can be found in `/usr/share/common-licenses/LGPL'. ++ ++The Debian packaging is (C) 2008, Ruben Molina <rmolina@udea.edu.co> and ++is licensed under the GPL, see `/usr/share/common-licenses/GPL'. ++ ++Please note that there are parts of t1lib that are subject to other licenses: ++- The parseAFM-package is copyrighted by Adobe Systems Inc. ++- The type1 rasterizer is copyrighted by IBM and the X11-consortium. ++ ++(from lib/t1lib/parseAFM.c) ++/* ++ * (C) 1988, 1989, 1990 by Adobe Systems Incorporated. All rights reserved. ++ * ++ * This file may be freely copied and redistributed as long as: ++ * 1) This entire notice continues to be included in the file, ++ * 2) If the file has been modified in any way, a notice of such ++ * modification is conspicuously indicated. ++ * ++ * PostScript, Display PostScript, and Adobe are registered trademarks of ++ * Adobe Systems Incorporated. ++ * ++ * ************************************************************************ ++ * THE INFORMATION BELOW IS FURNISHED AS IS, IS SUBJECT TO CHANGE WITHOUT ++ * NOTICE, AND SHOULD NOT BE CONSTRUED AS A COMMITMENT BY ADOBE SYSTEMS ++ * INCORPORATED. ADOBE SYSTEMS INCORPORATED ASSUMES NO RESPONSIBILITY OR ++ * LIABILITY FOR ANY ERRORS OR INACCURACIES, MAKES NO WARRANTY OF ANY ++ * KIND (EXPRESS, IMPLIED OR STATUTORY) WITH RESPECT TO THIS INFORMATION, ++ * AND EXPRESSLY DISCLAIMS ANY AND ALL WARRANTIES OF MERCHANTABILITY, ++ * FITNESS FOR PARTICULAR PURPOSES AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. ++ * ************************************************************************ ++ */ ++ ++(from lib/type1/type1.c) ++/* $XConsortium: type1.c,v 1.5 91/10/10 11:20:06 rws Exp $ */ ++/* Copyright International Business Machines, Corp. 1991 ++ * All Rights Reserved ++ * Copyright Lexmark International, Inc. 1991 ++ * All Rights Reserved ++ * Portions Copyright (c) 1990 Adobe Systems Incorporated. ++ * All Rights Reserved ++ * ++ * License to use, copy, modify, and distribute this software and its ++ * documentation for any purpose and without fee is hereby granted, ++ * provided that the above copyright notice appear in all copies and that ++ * both that copyright notice and this permission notice appear in ++ * supporting documentation, and that the name of IBM or Lexmark or Adobe ++ * not be used in advertising or publicity pertaining to distribution of ++ * the software without specific, written prior permission. ++ * ++ * IBM, LEXMARK, AND ADOBE PROVIDE THIS SOFTWARE "AS IS", WITHOUT ANY ++ * WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT ++ * LIMITED TO ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A ++ * PARTICULAR PURPOSE, AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. THE ++ * ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE SOFTWARE, INCLUDING ++ * ANY DUTY TO SUPPORT OR MAINTAIN, BELONGS TO THE LICENSEE. SHOULD ANY ++ * PORTION OF THE SOFTWARE PROVE DEFECTIVE, THE LICENSEE (NOT IBM, ++ * LEXMARK, OR ADOBE) ASSUMES THE ENTIRE COST OF ALL SERVICING, REPAIR AND ++ * CORRECTION. IN NO EVENT SHALL IBM, LEXMARK, OR ADOBE BE LIABLE FOR ANY ++ * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ++ * RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF ++ * CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN ++ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ++ */ +--- t1lib-5.1.2.orig/debian/NEWS ++++ t1lib-5.1.2/debian/NEWS +@@ -0,0 +1,9 @@ ++t1lib (5.0.0-3) unstable; urgency=low ++ ++ This version of t1lib package is binary incompatible with the previous ++ one in Debian. Details about changes are documented in following files ++ in /usr/share/doc/libt1-dev directory: ++ - changelog.gz ++ - README.t1lib-5.0.0.gz ++ ++ -- Artur R. Czechowski <arturcz@hell.pl> Sun, 18 Jan 2004 00:02:29 +0100 +--- t1lib-5.1.2.orig/debian/t1lib-bin.manpages ++++ t1lib-5.1.2/debian/t1lib-bin.manpages +@@ -0,0 +1,4 @@ ++debian/man/FontDatabase.5 ++debian/man/t1libconfig.8 ++debian/man/type1afm.1 ++debian/man/xglyph.1 +--- t1lib-5.1.2.orig/debian/rules ++++ t1lib-5.1.2/debian/rules +@@ -0,0 +1,22 @@ ++#!/usr/bin/make -f ++ ++include /usr/share/cdbs/1/rules/debhelper.mk ++include /usr/share/cdbs/1/class/autotools.mk ++include /usr/share/cdbs/1/rules/patchsys-quilt.mk ++ ++export LDFLAGS := -Wl,--as-needed ++ ++DEB_MAKE_BUILD_TARGET := without_doc ++DEB_MAKE_INSTALL_TARGET := install prefix=$(CURDIR)/debian/tmp/usr ++DEB_INSTALL_DOCS_ALL += debian/README.Debian ++ ++binary-post-install/libt1-5 :: ++ rm -rf debian/libt1-5-dbg/usr/lib/debug/usr/bin/ ++binary-post-install/libt1-5-dbg :: ++ rm -rf debian/libt1-5-dbg/usr/lib/debug/usr/bin/ ++binary-post-install/libt1-dev :: ++ rm -rf debian/libt1-5-dbg/usr/lib/debug/usr/bin/ ++binary-post-install/libt1-doc :: ++ rm -rf debian/libt1-5-dbg/usr/lib/debug/usr/bin/ ++binary-post-install/t1lib-bin :: ++ rm -rf debian/libt1-5-dbg/usr/lib/debug/usr/bin/ +--- t1lib-5.1.2.orig/debian/libt1-5.symbols ++++ t1lib-5.1.2/debian/libt1-5.symbols +@@ -0,0 +1,381 @@ ++libt1.so.5 libt1-5 #MINVER# ++ BezierTerminationTest@Base 5.1.0 ++ CRASTERCompressionType@Base 5.1.0 ++ CacheBLimit@Base 5.1.0 ++ CachedChars@Base 5.1.0 ++ CachedFonts@Base 5.1.0 ++ ConicDebug@Base 5.1.0 ++ Continuity@Base 5.1.0 ++ CurFontEnv@Base 5.1.0 ++ CurFontName@Base 5.1.0 ++ DLadd@Base 5.1.0 ++ DLdiv@Base 5.1.0 ++ DLmult@Base 5.1.0 ++ DLsub@Base 5.1.0 ++ DeviceSpecifics@Base 5.1.0 ++ FPXYboth@Base 5.1.0 ++ FPXonly@Base 5.1.0 ++ FPYonly@Base 5.1.0 ++ FPdiv@Base 5.1.0 ++ FPmult@Base 5.1.0 ++ FPstarslash@Base 5.1.0 ++ FXYConvert@Base 5.1.0 ++ FXYboth@Base 5.1.0 ++ FXonly@Base 5.1.0 ++ FYonly@Base 5.1.0 ++ FontBase@Base 5.1.0 ++ FontDebug@Base 5.1.0 ++ ForceAFMBBox@Base 5.1.0 ++ ForceFloat@Base 5.1.0 ++ FreeAFMData@Base 5.1.0 ++ GetType1CharString@Base 5.1.0 ++ HighHex@Base 5.1.0 ++ HintDebug@Base 5.1.0 ++ IXYConvert@Base 5.1.0 ++ IXYboth@Base 5.1.0 ++ IXonly@Base 5.1.0 ++ IYonly@Base 5.1.0 ++ ImageDebug@Base 5.1.0 ++ InDotSection@Base 5.1.0 ++ Init_BuiltInEncoding@Base 5.1.0 ++ InternalTrace@Base 5.1.0 ++ LineDebug@Base 5.1.0 ++ LineIOTrace@Base 5.1.0 ++ LowHex@Base 5.1.0 ++ MemoryDebug@Base 5.1.0 ++ MustCheckArgs@Base 5.1.0 ++ MustCrash@Base 5.1.0 ++ MustTraceCalls@Base 5.1.0 ++ OffPageDebug@Base 5.1.0 ++ PathDebug@Base 5.1.0 ++ ProcessHints@Base 5.1.0 ++ QueryFontLib@Base 5.1.0 ++ RegionDebug@Base 5.1.0 ++ SaveFontPaths@Base 5.1.0 ++ SearchDictName@Base 5.1.0 ++ SetFuncRequestID@Base 5.1.0 ++ SpaceDebug@Base 5.1.0 ++ StdEncArrayP@Base 5.1.0 ++ StrokeDebug@Base 5.1.0 ++ T1Close@Base 5.1.0 ++ T1GetDecrypt@Base 5.1.0 ++ T1GetFileSize@Base 5.1.0 ++ T1GetTrailer@Base 5.1.0 ++ T1Getc@Base 5.1.0 ++ T1Gets@Base 5.1.0 ++ T1Open@Base 5.1.0 ++ T1Read@Base 5.1.0 ++ T1Ungetc@Base 5.1.0 ++ T1_AAFillOutline@Base 5.1.0 ++ T1_AAGetBitsPerPixel@Base 5.1.0 ++ T1_AAGetGrayValues@Base 5.1.0 ++ T1_AAGetLevel@Base 5.1.0 ++ T1_AAHGetGrayValues@Base 5.1.0 ++ T1_AAHSetGrayValues@Base 5.1.0 ++ T1_AANGetGrayValues@Base 5.1.0 ++ T1_AANSetGrayValues@Base 5.1.0 ++ T1_AASetBitsPerPixel@Base 5.1.0 ++ T1_AASetChar@Base 5.1.0 ++ T1_AASetGrayValues@Base 5.1.0 ++ T1_AASetLevel@Base 5.1.0 ++ T1_AASetRect@Base 5.1.0 ++ T1_AASetSmartLimits@Base 5.1.0 ++ T1_AASetSmartMode@Base 5.1.0 ++ T1_AASetString@Base 5.1.0 ++ T1_AFM_ptr@Base 5.1.0 ++ T1_AbsolutePath@Base 5.1.0 ++ T1_AddFont@Base 5.1.0 ++ T1_AddFontDataBase@Base 5.1.0 ++ T1_AddFontDataBaseXLFD@Base 5.1.0 ++ T1_AddToFileSearchPath@Base 5.1.0 ++ T1_CheckEndian@Base 5.1.0 ++ T1_CheckForFontID@Base 5.1.0 ++ T1_CheckForInit@Base 5.1.0 ++ T1_ClearStrokeFlag@Base 5.1.0 ++ T1_CloseLib@Base 5.1.0 ++ T1_ConcatGlyphs@Base 5.1.0 ++ T1_ConcatOutlines@Base 5.1.0 ++ T1_CopyFont@Base 5.1.0 ++ T1_CopyGlyph@Base 5.1.0 ++ T1_CopyOutline@Base 5.1.0 ++ T1_DeleteAllSizes@Base 5.1.0 ++ T1_DeleteEncoding@Base 5.1.0 ++ T1_DeleteFont@Base 5.1.0 ++ T1_DeleteSize@Base 5.1.0 ++ T1_DumpGlyph@Base 5.1.0 ++ T1_DumpPath@Base 5.1.0 ++ T1_ENC_ptr@Base 5.1.0 ++ T1_ExtendFont@Base 5.1.0 ++ T1_ExtendHMatrix@Base 5.1.0 ++ T1_ExtendVMatrix@Base 5.1.0 ++ T1_FDBXLFD_ptr@Base 5.1.0 ++ T1_FDB_ptr@Base 5.1.0 ++ T1_FillOutline@Base 5.1.0 ++ T1_FreeCompCharData@Base 5.1.0 ++ T1_FreeGlyph@Base 5.1.0 ++ T1_FreeOutline@Base 5.1.0 ++ T1_GenerateAFMFallbackInfo@Base 5.1.0 ++ T1_GetAfmFileName@Base 5.1.0 ++ T1_GetAfmFilePath@Base 5.1.0 ++ T1_GetAllCharNames@Base 5.1.0 ++ T1_GetBitmapPad@Base 5.1.0 ++ T1_GetCharBBox@Base 5.1.0 ++ T1_GetCharName@Base 5.1.0 ++ T1_GetCharOutline@Base 5.1.0 ++ T1_GetCharString@Base 5.1.0 ++ T1_GetCharWidth@Base 5.1.0 ++ T1_GetCompCharData@Base 5.1.0 ++ T1_GetCompCharDataByIndex@Base 5.1.0 ++ T1_GetEncodingIndex@Base 5.1.0 ++ T1_GetEncodingIndices@Base 5.1.0 ++ T1_GetEncodingScheme@Base 5.1.0 ++ T1_GetExtend@Base 5.1.0 ++ T1_GetFamilyName@Base 5.1.0 ++ T1_GetFileSearchPath@Base 5.1.0 ++ T1_GetFontBBox@Base 5.1.0 ++ T1_GetFontFileName@Base 5.1.0 ++ T1_GetFontFilePath@Base 5.1.0 ++ T1_GetFontName@Base 5.1.0 ++ T1_GetFullName@Base 5.1.0 ++ T1_GetIsFixedPitch@Base 5.1.0 ++ T1_GetItalicAngle@Base 5.1.0 ++ T1_GetKerning@Base 5.1.0 ++ T1_GetLibIdent@Base 5.1.0 ++ T1_GetLinePosition@Base 5.1.0 ++ T1_GetLineThickness@Base 5.1.0 ++ T1_GetMetricsInfo@Base 5.1.0 ++ T1_GetMoveOutline@Base 5.1.0 ++ T1_GetNoCompositeChars@Base 5.1.0 ++ T1_GetNoFonts@Base 5.1.0 ++ T1_GetNoKernPairs@Base 5.1.0 ++ T1_GetNotice@Base 5.1.0 ++ T1_GetSlant@Base 5.1.0 ++ T1_GetStringBBox@Base 5.1.0 ++ T1_GetStringOutline@Base 5.1.0 ++ T1_GetStringWidth@Base 5.1.0 ++ T1_GetStrokeMode@Base 5.1.0 ++ T1_GetStrokeWidth@Base 5.1.0 ++ T1_GetTransform@Base 5.1.0 ++ T1_GetUnderlinePosition@Base 5.1.0 ++ T1_GetUnderlineThickness@Base 5.1.0 ++ T1_GetVersion@Base 5.1.0 ++ T1_GetWeight@Base 5.1.0 ++ T1_GetlenIV@Base 5.1.0 ++ T1_INFINITY@Base 5.1.0 ++ T1_InitLib@Base 5.1.0 ++ T1_IsInternalChar@Base 5.1.0 ++ T1_LoadEncoding@Base 5.1.0 ++ T1_LoadFont@Base 5.1.0 ++ T1_ManipulatePath@Base 5.1.0 ++ T1_MirrorHMatrix@Base 5.1.0 ++ T1_MirrorVMatrix@Base 5.1.0 ++ T1_PFAB_ptr@Base 5.1.0 ++ T1_PrintLog@Base 5.1.0 ++ T1_QueryCompositeChar@Base 5.1.0 ++ T1_QueryLigs@Base 5.1.0 ++ T1_QueryX11Support@Base 5.1.0 ++ T1_ReencodeFont@Base 5.1.0 ++ T1_RelativePath@Base 5.1.0 ++ T1_RotateMatrix@Base 5.1.0 ++ T1_ScaleOutline@Base 5.1.0 ++ T1_SetAfmFileName@Base 5.1.0 ++ T1_SetBitmapPad@Base 5.1.0 ++ T1_SetChar@Base 5.1.0 ++ T1_SetDefaultEncoding@Base 5.1.0 ++ T1_SetDeviceResolutions@Base 5.1.0 ++ T1_SetFileSearchPath@Base 5.1.0 ++ T1_SetFontDataBase@Base 5.1.0 ++ T1_SetFontDataBaseXLFD@Base 5.1.0 ++ T1_SetLinePosition@Base 5.1.0 ++ T1_SetLineThickness@Base 5.1.0 ++ T1_SetLogLevel@Base 5.1.0 ++ T1_SetRasterFlags@Base 5.1.0 ++ T1_SetRect@Base 5.1.0 ++ T1_SetString@Base 5.1.0 ++ T1_SetStrokeFlag@Base 5.1.0 ++ T1_SetStrokeWidth@Base 5.1.0 ++ T1_ShearHMatrix@Base 5.1.0 ++ T1_ShearVMatrix@Base 5.1.0 ++ T1_SlantFont@Base 5.1.0 ++ T1_StrError@Base 5.1.0 ++ T1_StrokeFont@Base 5.1.0 ++ T1_SubsetFont@Base 5.1.0 ++ T1_TransformFont@Base 5.1.0 ++ T1_TransformMatrix@Base 5.1.0 ++ T1_Type1OperatorFlags@Base 5.1.0 ++ T1_Up@Base 5.1.0 ++ T1_WriteAFMFallbackFile@Base 5.1.0 ++ T1_errno@Base 5.1.0 ++ T1_fdb@Base 5.1.0 ++ T1_fdbxlfd@Base 5.1.0 ++ T1aa_SmartOn@Base 5.1.0 ++ T1aa_bg@Base 5.1.0 ++ T1aa_bpp@Base 5.1.0 ++ T1aa_smartlimit1@Base 5.1.0 ++ T1aa_smartlimit2@Base 5.1.0 ++ T1eexec@Base 5.1.0 ++ T1int_CreateNewFontSize@Base 5.1.0 ++ T1int_GetLastFontSize@Base 5.1.0 ++ T1int_QueryFontSize@Base 5.1.0 ++ T1int_QuerySEAC@Base 5.1.0 ++ T1int_Type1QuerySEAC@Base 5.1.0 ++ T1io_reset@Base 5.1.0 ++ T1lib_parseFile@Base 5.1.0 ++ TheCurrentFont@Base 5.1.0 ++ Type1Char@Base 5.1.0 ++ Type1Line@Base 5.1.0 ++ currstartstem@Base 5.1.0 ++ digit_value@Base 5.1.0 ++ err_warn_msg_buf@Base 5.1.0 ++ errornumber@Base 5.1.0 ++ filestats@Base 5.1.0 ++ fill@Base 5.1.0 ++ fillrun@Base 5.1.0 ++ fontfcnA@Base 5.1.0 ++ fontfcnB@Base 5.1.0 ++ fontfcnB_ByName@Base 5.1.0 ++ fontfcnB_string@Base 5.1.0 ++ fontfcnRect@Base 5.1.0 ++ initFont@Base 5.1.0 ++ intT1_Env_GetCompletePath@Base 5.1.0 ++ intT1_FreeSearchPaths@Base 5.1.0 ++ intT1_ScanConfigFile@Base 5.1.0 ++ intT1_SetupDefaultSearchPaths@Base 5.1.0 ++ intT1_scanFontDBase@Base 5.1.0 ++ intT1_scanFontDBaseXLFD@Base 5.1.0 ++ linebuf@Base 5.1.0 ++ not_def@Base 5.1.0 ++ numalignmentzones@Base 5.1.0 ++ numstems@Base 5.1.0 ++ objFormatArray@Base 5.1.0 ++ objFormatBoolean@Base 5.1.0 ++ objFormatEncoding@Base 5.1.0 ++ objFormatFile@Base 5.1.0 ++ objFormatInteger@Base 5.1.0 ++ objFormatName@Base 5.1.0 ++ objFormatReal@Base 5.1.0 ++ objFormatString@Base 5.1.0 ++ oldhor@Base 5.1.0 ++ oldhorhalf@Base 5.1.0 ++ oldvert@Base 5.1.0 ++ oldverthalf@Base 5.1.0 ++ pFontBase@Base 5.1.0 ++ readFont@Base 5.1.0 ++ reportusage@Base 5.1.0 ++ resetFont@Base 5.1.0 ++ scan_font@Base 5.1.0 ++ scan_token@Base 5.1.0 ++ stck_state@Base 5.1.0 ++ stems@Base 5.1.0 ++ swathrightmost@Base 5.1.0 ++ swathxsort@Base 5.1.0 ++ t1_Allocate@Base 5.1.0 ++ t1_ApplyContinuity@Base 5.1.0 ++ t1_ArgErr@Base 5.1.0 ++ t1_Bezier@Base 5.1.0 ++ t1_BoundingBox@Base 5.1.0 ++ t1_BoxClip@Base 5.1.0 ++ t1_BoxPath@Base 5.1.0 ++ t1_Bresenham@Base 5.1.0 ++ t1_ChangeDirection@Base 5.1.0 ++ t1_CloseHints@Base 5.1.0 ++ t1_ClosePath@Base 5.1.0 ++ t1_Consume@Base 5.1.0 ++ t1_Copy@Base 5.1.0 ++ t1_CopyPath@Base 5.1.0 ++ t1_CopyRegion@Base 5.1.0 ++ t1_CopySpace@Base 5.1.0 ++ t1_Destroy@Base 5.1.0 ++ t1_DropSegment@Base 5.1.0 ++ t1_DumpArea@Base 5.1.0 ++ t1_DumpEdges@Base 5.1.0 ++ t1_DumpSpace@Base 5.1.0 ++ t1_DumpText@Base 5.1.0 ++ t1_Dup@Base 5.1.0 ++ t1_EmptyRegion@Base 5.1.0 ++ t1_ErrorMsg@Base 5.1.0 ++ t1_FormatFP@Base 5.1.0 ++ t1_Free@Base 5.1.0 ++ t1_HeadSegment@Base 5.1.0 ++ t1_Hint@Base 5.1.0 ++ t1_ILoc@Base 5.1.0 ++ t1_Identity@Base 5.1.0 ++ t1_InitHints@Base 5.1.0 ++ t1_InitImager@Base 5.1.0 ++ t1_InitSpaces@Base 5.1.0 ++ t1_Interior@Base 5.1.0 ++ t1_Join@Base 5.1.0 ++ t1_JoinSegment@Base 5.1.0 ++ t1_KillPath@Base 5.1.0 ++ t1_KillRegion@Base 5.1.0 ++ t1_Line@Base 5.1.0 ++ t1_Loc@Base 5.1.0 ++ t1_MInvert@Base 5.1.0 ++ t1_MMultiply@Base 5.1.0 ++ t1_MoreWorkArea@Base 5.1.0 ++ t1_MoveEdges@Base 5.1.0 ++ t1_PathDelta@Base 5.1.0 ++ t1_PathSegment@Base 5.1.0 ++ t1_PathXform@Base 5.1.0 ++ t1_Permanent@Base 5.1.0 ++ t1_Phantom@Base 5.1.0 ++ t1_Pragmatics@Base 5.1.0 ++ t1_ProcessHint@Base 5.1.0 ++ t1_PseudoSpace@Base 5.1.0 ++ t1_QueryBounds@Base 5.1.0 ++ t1_QueryLoc@Base 5.1.0 ++ t1_QueryPath@Base 5.1.0 ++ t1_QuerySpace@Base 5.1.0 ++ t1_RegionBounds@Base 5.1.0 ++ t1_Reverse@Base 5.1.0 ++ t1_ReverseSubPaths@Base 5.1.0 ++ t1_Scale@Base 5.1.0 ++ t1_Snap@Base 5.1.0 ++ t1_SortSwath@Base 5.1.0 ++ t1_StepBezier@Base 5.1.0 ++ t1_StepLine@Base 5.1.0 ++ t1_SubLoc@Base 5.1.0 ++ t1_SwathUnion@Base 5.1.0 ++ t1_TermImager@Base 5.1.0 ++ t1_Transform@Base 5.1.0 ++ t1_TypeErr@Base 5.1.0 ++ t1_UnConvert@Base 5.1.0 ++ t1_UnJumble@Base 5.1.0 ++ t1_Unique@Base 5.1.0 ++ t1_User@Base 5.1.0 ++ t1_Xform@Base 5.1.0 ++ t1_abort@Base 5.1.0 ++ t1_get_abort_message@Base 5.1.0 ++ t1lib_log_file@Base 5.1.0 ++ t1lib_log_level@Base 5.1.0 ++ tokenLength@Base 5.1.0 ++ tokenMaxP@Base 5.1.0 ++ tokenStartP@Base 5.1.0 ++ tokenTooLong@Base 5.1.0 ++ tokenType@Base 5.1.0 ++ tokenValue@Base 5.1.0 ++ vm_alloc@Base 5.1.0 ++ vm_base@Base 5.1.0 ++ vm_free@Base 5.1.0 ++ vm_init@Base 5.1.0 ++ vm_init_amount@Base 5.1.0 ++ vm_init_count@Base 5.1.0 ++ vm_next@Base 5.1.0 ++ vm_size@Base 5.1.0 ++ vm_used@Base 5.1.0 ++ wsoffsetX@Base 5.1.0 ++ wsoffsetY@Base 5.1.0 ++ wsset@Base 5.1.0 ++ xiStub@Base 5.1.0 ++ xiTemporary@Base 5.1.0 ++libt1x.so.5 libt1-5 #MINVER# ++ T1_AASetCharX@Base 5.1.1 ++ T1_AASetRectX@Base 5.1.1 ++ T1_AASetStringX@Base 5.1.1 ++ T1_ComputeAAColorsX@Base 5.1.1 ++ T1_LogicalPositionX@Base 5.1.1 ++ T1_SetCharX@Base 5.1.1 ++ T1_SetRectX@Base 5.1.1 ++ T1_SetStringX@Base 5.1.1 ++ T1_SetX11Params@Base 5.1.1 ++ T1_XImageFromGlyph@Base 5.1.1 +--- t1lib-5.1.2.orig/debian/control ++++ t1lib-5.1.2/debian/control +@@ -0,0 +1,84 @@ ++Source: t1lib ++Section: libs ++Priority: optional ++Maintainer: Ruben Molina <rmolina@udea.edu.co> ++Build-Depends: cdbs, debhelper (>= 7), autotools-dev, libice-dev, libsm-dev, libx11-dev, libxext-dev, libxaw7-dev, quilt ++Standards-Version: 3.8.0 ++Homepage: ftp://sunsite.unc.edu/pub/Linux/libs/graphics/ ++ ++Package: libt1-5 ++Section: libs ++Architecture: any ++Depends: ${shlibs:Depends}, ${misc:Depends} ++Description: Type 1 font rasterizer library - runtime ++ T1lib is an enhanced rasterizer for Type 1 fonts. ++ . ++ T1lib is based on the X11R5 font rasterizer code, but operates independently ++ of X11. It includes many enhancements, including underlining, antialiasing, ++ user-defined slant and extension factors, and rotation. ++ . ++ This package contains the shared libraries needed to run programs using T1lib. ++ ++Package: libt1-dev ++Section: libdevel ++Architecture: any ++Depends: libt1-5 (= ${binary:Version}), libice-dev, libsm-dev, libx11-dev, ++ libxext-dev, libxaw7-dev ++Recommends: libt1-doc ++Conflicts: t1lib-dev, t1lib1-dev ++Description: Type 1 font rasterizer library - development ++ T1lib is an enhanced rasterizer for Type 1 fonts. ++ . ++ T1lib is based on the X11R5 font rasterizer code, but operates independently ++ of X11. It includes many enhancements, including underlining, antialiasing, ++ user-defined slant and extension factors, and rotation. ++ . ++ This package contains the header files and static libraries needed to ++ develop programs using T1lib. ++ . ++ Please note, that PDF documentation is placed in libt1-doc ++ ++Package: t1lib-bin ++Architecture: any ++Section: misc ++Depends: ${shlibs:Depends} ++Provides: t1lib1-bin ++Replaces: t1lib1-bin ++Conflicts: t1lib1-bin ++Description: Type 1 font rasterizer library - user binaries ++ T1lib is an enhanced rasterizer for Type 1 fonts. ++ . ++ T1lib is based on the X11R5 font rasterizer code, but operates independently ++ of X11. It includes many enhancements, including underlining, antialiasing, ++ user-defined slant and extension factors, and rotation. ++ . ++ This package contains the programs "xglyph" and "type1afm", included in the ++ upstream T1lib distribution. It also contains the "t1libconfig" ++ script used to configure t1lib. ++ ++Package: libt1-doc ++Architecture: all ++Section: doc ++Description: Type 1 font rasterizer library - developers documentation ++ T1lib is an enhanced rasterizer for Type 1 fonts. ++ . ++ T1lib is based on the X11R5 font rasterizer code, but operates independently ++ of X11. It includes many enhancements, including underlining, antialiasing, ++ user-defined slant and extension factors, and rotation. ++ . ++ This package contains developers documentation. ++ ++Package: libt1-5-dbg ++Section: libdevel ++Priority: extra ++Architecture: any ++Depends: libt1-5 (= ${binary:Version}), ${shlibs:Depends}, ${misc:Depends} ++Description: Type 1 font rasterizer library - debugging runtime ++ T1lib is an enhanced rasterizer for Type 1 fonts. ++ . ++ T1lib is based on the X11R5 font rasterizer code, but operates independently ++ of X11. It includes many enhancements, including underlining, antialiasing, ++ user-defined slant and extension factors, and rotation. ++ . ++ This package contains debugging information. ++ +--- t1lib-5.1.2.orig/debian/libt1-dev.install ++++ t1lib-5.1.2/debian/libt1-dev.install +@@ -0,0 +1,3 @@ ++debian/tmp/usr/include/* ++debian/tmp/usr/lib/*.so ++debian/tmp/usr/lib/*.a +--- t1lib-5.1.2.orig/debian/compat ++++ t1lib-5.1.2/debian/compat +@@ -0,0 +1 @@ ++7 +--- t1lib-5.1.2.orig/debian/t1lib-bin.postrm ++++ t1lib-5.1.2/debian/t1lib-bin.postrm +@@ -0,0 +1,8 @@ ++#!/bin/sh ++set -e ++ ++if [ "$1" = "purge" ]; then ++ rm -rf /etc/t1lib ++fi ++ ++#DEBHELPER# +--- t1lib-5.1.2.orig/debian/watch ++++ t1lib-5.1.2/debian/watch +@@ -0,0 +1,3 @@ ++version=3 ++ftp://sunsite.unc.edu/pub/Linux/libs/graphics/t1lib-(.*)\.tar\.gz \ ++ debian debian/orig-tar.sh +--- t1lib-5.1.2.orig/debian/README.Debian ++++ t1lib-5.1.2/debian/README.Debian +@@ -0,0 +1,25 @@ ++t1lib for Debian ++---------------- ++ ++This package has been created from scratch using debhelper. It contains ++four binary packages: ++ * shared library - libt1-5 ++ * development files - libt1-5-dev ++ * font-related binary utils - t1lib5-bin ++ * documentation - libt1-5-doc ++ ++However you can read in upstream's README that t1lib is completely independent ++of X11, you should know that package provides also libt1x library which ++contains X11 pixmap support. That's why it requires a bunch of X-libraries ++installed. If you consider this as a bad behavior, please discuss it on ++debian-devel list. ++ ++NOTE: The old 't1lib0' package will *remove* /etc/t1lib/ and its ++contents if you purge it. Since this package is now obsolete, there ++is no good solution for this; you must back up your font database and ++config file if you wish to preserve them. Sorry... ++ ++This package has been previously maintained by David Huggins-Daines, great ++thanks to him for his good job. ++ ++ -- Artur R. Czechowski <arturcz@hell.pl>, Tue, 11 Nov 2003 13:31:48 +0100 +--- t1lib-5.1.2.orig/debian/t1lib-bin.dirs ++++ t1lib-5.1.2/debian/t1lib-bin.dirs +@@ -0,0 +1 @@ ++etc/t1lib +--- t1lib-5.1.2.orig/debian/patches/no-docs.diff ++++ t1lib-5.1.2/debian/patches/no-docs.diff +@@ -0,0 +1,34 @@ ++We are using debhelper to install the documentation in the correct ++directory. ++ ++Index: t1lib-5.1.1/doc/Makefile.in ++=================================================================== ++--- t1lib-5.1.1.orig/doc/Makefile.in 2008-01-05 19:05:03.000000000 +0100 +++++ t1lib-5.1.1/doc/Makefile.in 2008-01-05 19:05:25.000000000 +0100 ++@@ -89,16 +89,16 @@ ++ ++ ++ install: dummy ++- if (test -f t1lib_doc.ps) \ ++- then \ ++- $(MKINSTALLDIRS) $(DESTDIR)@T1LIB_DATA_DIR@/doc; \ ++- $(INSTALL_DATA) t1lib_doc.ps $(DESTDIR)@T1LIB_DATA_DIR@/doc; \ ++- fi; ++- if (test -f t1lib_doc.pdf) \ ++- then \ ++- $(MKINSTALLDIRS) $(DESTDIR)@T1LIB_DATA_DIR@/doc; \ ++- $(INSTALL_DATA) t1lib_doc.pdf $(DESTDIR)@T1LIB_DATA_DIR@/doc; \ ++- fi; +++# if (test -f t1lib_doc.ps) \ +++# then \ +++# $(MKINSTALLDIRS) $(DESTDIR)@T1LIB_DATA_DIR@/doc; \ +++# $(INSTALL_DATA) t1lib_doc.ps $(DESTDIR)@T1LIB_DATA_DIR@/doc; \ +++# fi; +++# if (test -f t1lib_doc.pdf) \ +++# then \ +++# $(MKINSTALLDIRS) $(DESTDIR)@T1LIB_DATA_DIR@/doc; \ +++# $(INSTALL_DATA) t1lib_doc.pdf $(DESTDIR)@T1LIB_DATA_DIR@/doc; \ +++# fi; ++ ++ ++ uninstall: dummy +--- t1lib-5.1.2.orig/debian/patches/lib-cleanup.diff ++++ t1lib-5.1.2/debian/patches/lib-cleanup.diff +@@ -0,0 +1,59 @@ ++do not link against libraries that are not needed ++ ++Index: t1lib-5.1.1/lib/Makefile.in ++=================================================================== ++--- t1lib-5.1.1.orig/lib/Makefile.in 2008-01-05 19:17:21.000000000 +0100 +++++ t1lib-5.1.1/lib/Makefile.in 2008-01-05 19:17:38.000000000 +0100 ++@@ -24,7 +24,7 @@ ++ X_LIBS = @X_LIBS@ ++ TOPSRC = @top_srcdir@ ++ XPM_LIB = -lXpm ++-XLIB = @X_PRE_LIBS@ -lXext -lX11 @X_EXTRA_LIBS@ +++XLIB = -lX11 ++ LDFLAGS = @LDFLAGS@ ++ LDLIBS = @LDLIBS@ ++ AR = ar rc ++@@ -137,7 +137,7 @@ ++ $(LIBTOOL) --mode=link \ ++ $(CC) $(LDFLAGS) -o $@ $(T1LIBX_OBJS) \ ++ -version-info @T1LIB_LT_CURRENT@:@T1LIB_LT_REVISION@:@T1LIB_LT_AGE@ \ ++- libt1.la $(X_LIBS) $(XPM_LIB) $(XLIB) -no-undefined -rpath $(libdir) +++ libt1.la $(X_LIBS) $(XLIB) -no-undefined -rpath $(libdir) ++ cp t1lib/t1libx.h . ++ ++ ++Index: t1lib-5.1.1/type1afm/Makefile.in ++=================================================================== ++--- t1lib-5.1.1.orig/type1afm/Makefile.in 2008-01-05 19:17:52.000000000 +0100 +++++ t1lib-5.1.1/type1afm/Makefile.in 2008-01-05 19:18:02.000000000 +0100 ++@@ -70,7 +70,7 @@ ++ ++ type1afm: $(OBJS) ../lib/t1lib.h ++ $(LIBTOOL) --mode=link \ ++- $(CC) -o type1afm $(LDFLAGS) $(OBJS) $(T1LIB) $(LDLIBS) +++ $(CC) -o type1afm $(LDFLAGS) $(OBJS) $(T1LIB) ++ ++ .SUFFIXES: .lo ++ .c.lo: ++Index: t1lib-5.1.1/xglyph/Makefile.in ++=================================================================== ++--- t1lib-5.1.1.orig/xglyph/Makefile.in 2008-01-05 19:18:15.000000000 +0100 +++++ t1lib-5.1.1/xglyph/Makefile.in 2008-01-05 19:18:31.000000000 +0100 ++@@ -24,7 +24,7 @@ ++ X_LIBS = @X_LIBS@ ++ TOPSRC = @top_srcdir@ ++ XPM_LIB = -lXpm ++-XLIB = @X_PRE_LIBS@ -lXext -lX11 @X_EXTRA_LIBS@ +++XLIB = -lX11 @X_EXTRA_LIBS@ ++ LDFLAGS = @LDFLAGS@ ++ LDLIBS = @LDLIBS@ ++ AR = ar rc ++@@ -65,7 +65,7 @@ ++ ++ T1LIB = ../lib/libt1.la ++ T1LIBX = ../lib/libt1x.la ++-XAWLIB = -lXaw -lXt -lXmu +++XAWLIB = -lXaw -lXt ++ ++ ++ all: xglyph +--- t1lib-5.1.2.orig/debian/patches/no-config.diff ++++ t1lib-5.1.2/debian/patches/no-config.diff +@@ -0,0 +1,57 @@ ++do not install a static configuration file ++ ++Index: t1lib-5.1.1/lib/Makefile.in ++=================================================================== ++--- t1lib-5.1.1.orig/lib/Makefile.in 2008-01-05 19:13:57.000000000 +0100 +++++ t1lib-5.1.1/lib/Makefile.in 2008-01-05 19:14:18.000000000 +0100 ++@@ -161,17 +161,17 @@ ++ install: dummy ++ $(MKINSTALLDIRS) $(DESTDIR)$(libdir) ++ $(MKINSTALLDIRS) $(DESTDIR)$(includedir) ++- $(MKINSTALLDIRS) $(DESTDIR)@T1LIB_DATA_DIR@ +++# $(MKINSTALLDIRS) $(DESTDIR)@T1LIB_DATA_DIR@ ++ $(LIBTOOL) --mode=install \ ++ $(INSTALL_DATA) $(MAIN_TARGET) $(DESTDIR)$(libdir) ++ $(LIBTOOL) --mode=install \ ++ $(INSTALL_DATA) $(MAIN_HEADER) $(DESTDIR)$(includedir) ++- if (test -f $(DESTDIR)@T1LIB_DATA_DIR@/t1lib.config) \ ++- then \ ++- echo "Alert: Global configuration file exists, installation skipped!"; \ ++- else \ ++- $(LIBTOOL) --mode=install $(INSTALL_DATA) t1lib.config $(DESTDIR)@T1LIB_DATA_DIR@; \ ++- fi; +++# if (test -f $(DESTDIR)@T1LIB_DATA_DIR@/t1lib.config) \ +++# then \ +++# echo "Alert: Global configuration file exists, installation skipped!"; \ +++# else \ +++# $(LIBTOOL) --mode=install $(INSTALL_DATA) t1lib.config $(DESTDIR)@T1LIB_DATA_DIR@; \ +++# fi; ++ ++ ++ uninstall: dummy ++@@ -179,7 +179,7 @@ ++ -$(LIBTOOL) --mode=uninstall $(RM) $(DESTDIR)$(libdir)/libt1x.la ++ -$(LIBTOOL) --mode=uninstall $(RM) $(DESTDIR)$(includedir)/t1lib.h ++ -$(LIBTOOL) --mode=uninstall $(RM) $(DESTDIR)$(includedir)/t1libx.h ++- -$(LIBTOOL) --mode=uninstall $(RM) $(DESTDIR)@T1LIB_DATA_DIR@/t1lib.config +++# -$(LIBTOOL) --mode=uninstall $(RM) $(DESTDIR)@T1LIB_DATA_DIR@/t1lib.config ++ ++ ++ dummy: ++Index: t1lib-5.1.1/xglyph/xglyph.c ++=================================================================== ++--- t1lib-5.1.1.orig/xglyph/xglyph.c 2008-01-05 19:16:30.000000000 +0100 +++++ t1lib-5.1.1/xglyph/xglyph.c 2008-01-05 19:16:40.000000000 +0100 ++@@ -526,9 +526,12 @@ ++ ++ /* Check for environment entry. If not set, set it to current ++ directory so that configuration file is found there */ +++ /* It violates the Debian Policy */ +++#if 0 ++ if (getenv("T1LIB_CONFIG")==NULL){ ++ putenv( "T1LIB_CONFIG=./t1lib.config"); ++ } +++#endif ++ ++ ++ /* Set log-level: */ +--- t1lib-5.1.2.orig/debian/patches/segfault.diff ++++ t1lib-5.1.2/debian/patches/segfault.diff +@@ -0,0 +1,62 @@ ++This patch does not look safe and it has not been accepted upstream. ++Index: t1lib-5.1.1/lib/t1lib/t1base.c ++=================================================================== ++--- t1lib-5.1.1.orig/lib/t1lib/t1base.c 2005-05-18 05:08:01.000000000 +0200 +++++ t1lib-5.1.1/lib/t1lib/t1base.c 2008-01-06 20:48:32.000000000 +0100 ++@@ -455,7 +455,7 @@ ++ to test_for_t1_file() filename is substituted by an emty ++ string if the file was not found: */ ++ sprintf( err_warn_msg_buf, "Type 1 Font file %s.[pfa/pfb] not found (FontID=%d, SearchPath=%s)", ++- linebuf, m-1, T1_GetFileSearchPath(T1_PFAB_PATH)); +++ linebuf, m-1, intT1_GetFileSearchPath(T1_PFAB_PATH)); ++ if ((test_for_t1_file( &linebuf[0]))){ ++ T1_PrintLog( "intT1_scanFontDBase()", err_warn_msg_buf, T1LOG_WARNING); ++ located=0; ++@@ -579,7 +579,7 @@ ++ to test_for_t1_file() filename is substituted by an emty ++ string if the file was not found: */ ++ sprintf( err_warn_msg_buf, "Type 1 Font file %s.[pfa/pfb] not found (FontID=%d, SearchPath=%s)", ++- linebuf, m-1, T1_GetFileSearchPath(T1_PFAB_PATH)); +++ linebuf, m-1, intT1_GetFileSearchPath(T1_PFAB_PATH)); ++ if ((test_for_t1_file( &linebuf[0]))){ ++ T1_PrintLog( "intT1_scanFontDBase()", err_warn_msg_buf, T1LOG_WARNING); ++ located=0; ++Index: t1lib-5.1.1/lib/t1lib/t1env.c ++=================================================================== ++--- t1lib-5.1.1.orig/lib/t1lib/t1env.c 2008-01-06 20:48:32.000000000 +0100 +++++ t1lib-5.1.1/lib/t1lib/t1env.c 2008-01-06 20:48:32.000000000 +0100 ++@@ -807,6 +807,14 @@ ++ ++ } ++ +++/* intT1_GetFileSearchPath(): +++ call T1_GetFileSearchPath and truncate the line to avoid overflowing +++ error buffers*/ +++char *intT1_GetFileSearchPath( int type) +++{ +++ char *res = T1_GetFileSearchPath(type); +++ res[900] = 0; +++} ++ ++ /* T1_AddToFileSearchPath(): Add the specified path element to ++ the specified search path. If the existing path is the default path, ++Index: t1lib-5.1.1/lib/t1lib/t1env.h ++=================================================================== ++--- t1lib-5.1.1.orig/lib/t1lib/t1env.h 2005-05-16 20:37:43.000000000 +0200 +++++ t1lib-5.1.1/lib/t1lib/t1env.h 2008-01-06 20:48:32.000000000 +0100 ++@@ -35,6 +35,7 @@ ++ int T1_SetFileSearchPath( int type, char *pathname); ++ int T1_AddToFileSearchPath( int pathtype, int mode, char *pathname); ++ char *T1_GetFileSearchPath( int type); +++char *intT1_GetFileSearchPath( int type); ++ int T1_SetFontDataBase( char *filename); ++ int T1_AddFontDataBase( int mode, char *filename); ++ int T1_SetFontDataBaseXLFD( char *filename); ++@@ -49,6 +50,7 @@ ++ extern int T1_SetFileSearchPath( int type, char *pathname); ++ extern int T1_AddToFileSearchPath( int pathtype, int mode, char *pathname); ++ extern char *T1_GetFileSearchPath( int type); +++extern char *intT1_GetFileSearchPath( int type); ++ extern int T1_SetFontDataBase( char *filename); ++ extern int T1_AddFontDataBase( int mode, char *filename); ++ extern int T1_SetFontDataBaseXLFD( char *filename); +--- t1lib-5.1.2.orig/debian/patches/CVE-2010-2642.patch ++++ t1lib-5.1.2/debian/patches/CVE-2010-2642.patch +@@ -0,0 +1,24 @@ ++diff --git a/lib/t1lib/parseAFM.c b/lib/t1lib/parseAFM.c ++index 6a31d7f..ba64541 100644 ++--- a/lib/t1lib/parseAFM.c +++++ b/lib/t1lib/parseAFM.c ++@@ -199,7 +199,9 @@ static char *token(stream) ++ idx = 0; ++ ++ while (ch != EOF && ch != ' ' && ch != CR && ch != LF && ++- ch != CTRL_Z && ch != '\t' && ch != ':' && ch != ';'){ +++ ch != CTRL_Z && ch != '\t' && ch != ':' && ch != ';' +++ && idx < (MAX_NAME -1)) +++ { ++ ident[idx++] = ch; ++ ch = fgetc(stream); ++ } /* while */ ++@@ -235,7 +237,7 @@ static char *linetoken(stream) ++ while ((ch = fgetc(stream)) == ' ' || ch == '\t' ); ++ ++ idx = 0; ++- while (ch != EOF && ch != CR && ch != LF && ch != CTRL_Z) +++ while (ch != EOF && ch != CR && ch != LF && ch != CTRL_Z && idx < (MAX_NAME - 1)) ++ { ++ ident[idx++] = ch; ++ ch = fgetc(stream); +--- t1lib-5.1.2.orig/debian/patches/CVE-2011-0764.diff ++++ t1lib-5.1.2/debian/patches/CVE-2011-0764.diff +@@ -0,0 +1,32 @@ ++Description: Don't lookup previous point if there isn't any ++Author: Marc Deslauriers <marc.deslauriers@canonical.com> ++Forwarded: no ++ ++Index: t1lib-5.1.2/lib/type1/type1.c ++=================================================================== ++--- t1lib-5.1.2.orig/lib/type1/type1.c 2011-12-13 14:24:14.280965637 -0600 +++++ t1lib-5.1.2/lib/type1/type1.c 2011-12-13 14:25:25.893320747 -0600 ++@@ -1700,6 +1700,7 @@ ++ long pindex = 0; ++ ++ /* compute hinting for previous segment! */ +++ if (ppoints == NULL) Error0i("RLineTo: No previous point!\n"); ++ FindStems( currx, curry, currx-ppoints[numppoints-2].x, curry-ppoints[numppoints-2].y, dx, dy); ++ ++ /* Allocate a new path point and pre-setup data */ ++@@ -1728,6 +1729,7 @@ ++ long pindex = 0; ++ ++ /* compute hinting for previous point! */ +++ if (ppoints == NULL) Error0i("RRCurveTo: No previous point!\n"); ++ FindStems( currx, curry, currx-ppoints[numppoints-2].x, curry-ppoints[numppoints-2].y, dx1, dy1); ++ ++ /* Allocate three new path points and pre-setup data */ ++@@ -1903,6 +1905,7 @@ ++ FindStems( currx, curry, 0, 0, dx, dy); ++ } ++ else { +++ if (ppoints == NULL) Error0i("RMoveTo: No previous point!\n"); ++ FindStems( currx, curry, ppoints[numppoints-2].x, ppoints[numppoints-2].y, dx, dy); ++ } ++ +--- t1lib-5.1.2.orig/debian/patches/CVE-2011-1552_1553_1554.patch ++++ t1lib-5.1.2/debian/patches/CVE-2011-1552_1553_1554.patch +@@ -0,0 +1,133 @@ ++Author: Jaroslav Å karvada <jskarvad@redhat.com> ++Description: Fix more crashes on oversized fonts ++Bug-Redhat: http://bugzilla.redhat.com/show_bug.cgi?id=692909 ++Index: t1lib-5.1.2/lib/type1/lines.c ++=================================================================== ++--- t1lib-5.1.2.orig/lib/type1/lines.c 2007-12-23 09:49:42.000000000 -0600 +++++ t1lib-5.1.2/lib/type1/lines.c 2012-01-17 14:15:08.000000000 -0600 ++@@ -67,6 +67,10 @@ ++ None. ++ */ ++ +++#define BITS (sizeof(LONG)*8) +++#define HIGHTEST(p) (((p)>>(BITS-2)) != 0) /* includes sign bit */ +++#define TOOBIG(xy) ((xy < 0) ? HIGHTEST(-xy) : HIGHTEST(xy)) +++ ++ /* ++ :h2.StepLine() - Produces Run Ends for a Line After Checks ++ ++@@ -84,6 +88,9 @@ ++ IfTrace4((LineDebug > 0), ".....StepLine: (%d,%d) to (%d,%d)\n", ++ x1, y1, x2, y2); ++ +++ if ( TOOBIG(x1) || TOOBIG(x2) || TOOBIG(y1) || TOOBIG(y2)) +++ abort("Lines this big not supported", 49); +++ ++ dy = y2 - y1; ++ ++ /* ++Index: t1lib-5.1.2/lib/type1/objects.c ++=================================================================== ++--- t1lib-5.1.2.orig/lib/type1/objects.c 2007-12-23 09:49:42.000000000 -0600 +++++ t1lib-5.1.2/lib/type1/objects.c 2012-01-17 14:15:08.000000000 -0600 ++@@ -1137,12 +1137,13 @@ ++ "Context: out of them", /* 46 */ ++ "MatrixInvert: can't", /* 47 */ ++ "xiStub called", /* 48 */ ++- "Illegal access type1 abort() message" /* 49 */ +++ "Lines this big not supported", /* 49 */ +++ "Illegal access type1 abort() message" /* 50 */ ++ }; ++ ++- /* no is valid from 1 to 48 */ ++- if ( (number<1)||(number>48)) ++- number=49; +++ /* no is valid from 1 to 49 */ +++ if ( (number<1)||(number>49)) +++ number=50; ++ return( err_msgs[number-1]); ++ ++ } ++Index: t1lib-5.1.2/lib/type1/type1.c ++=================================================================== ++--- t1lib-5.1.2.orig/lib/type1/type1.c 2012-01-17 14:13:28.000000000 -0600 +++++ t1lib-5.1.2/lib/type1/type1.c 2012-01-17 14:19:54.000000000 -0600 ++@@ -1012,6 +1012,7 @@ ++ double nextdtana = 0.0; /* tangent of post-delta against horizontal line */ ++ double nextdtanb = 0.0; /* tangent of post-delta against vertical line */ ++ +++ if (ppoints == NULL || numppoints < 1) Error0v("FindStems: No previous point!\n"); ++ ++ /* setup default hinted position */ ++ ppoints[numppoints-1].ax = ppoints[numppoints-1].x; ++@@ -1289,7 +1290,7 @@ ++ static int DoRead(CodeP) ++ int *CodeP; ++ { ++- if (strindex >= CharStringP->len) return(FALSE); /* end of string */ +++ if (!CharStringP || strindex >= CharStringP->len) return(FALSE); /* end of string */ ++ /* We handle the non-documented Adobe convention to use lenIV=-1 to ++ suppress charstring encryption. */ ++ if (blues->lenIV==-1) { ++@@ -1700,7 +1701,7 @@ ++ long pindex = 0; ++ ++ /* compute hinting for previous segment! */ ++- if (ppoints == NULL) Error0i("RLineTo: No previous point!\n"); +++ if (ppoints == NULL || numppoints < 2) Error0i("RLineTo: No previous point!\n"); ++ FindStems( currx, curry, currx-ppoints[numppoints-2].x, curry-ppoints[numppoints-2].y, dx, dy); ++ ++ /* Allocate a new path point and pre-setup data */ ++@@ -1729,7 +1730,7 @@ ++ long pindex = 0; ++ ++ /* compute hinting for previous point! */ ++- if (ppoints == NULL) Error0i("RRCurveTo: No previous point!\n"); +++ if (ppoints == NULL || numppoints < 2) Error0i("RRCurveTo: No previous point!\n"); ++ FindStems( currx, curry, currx-ppoints[numppoints-2].x, curry-ppoints[numppoints-2].y, dx1, dy1); ++ ++ /* Allocate three new path points and pre-setup data */ ++@@ -1788,7 +1789,9 @@ ++ long tmpind; ++ double deltax = 0.0; ++ double deltay = 0.0; ++- +++ +++ if (ppoints == NULL || numppoints < 1) Error0i("DoClosePath: No previous point!"); +++ ++ /* If this ClosePath command together with the starting point of this ++ path completes to a segment aligned to a stem, we would miss ++ hinting for this point. --> Check and explicitly care for this! */ ++@@ -1803,6 +1806,7 @@ ++ deltax = ppoints[i].x - ppoints[numppoints-1].x; ++ deltay = ppoints[i].y - ppoints[numppoints-1].y; ++ +++ if (ppoints == NULL || numppoints <= i + 1) Error0i("DoClosePath: No previous point!"); ++ /* save nummppoints and reset to move point */ ++ tmpind = numppoints; ++ numppoints = i + 1; ++@@ -1905,7 +1909,7 @@ ++ FindStems( currx, curry, 0, 0, dx, dy); ++ } ++ else { ++- if (ppoints == NULL) Error0i("RMoveTo: No previous point!\n"); +++ if (ppoints == NULL || numppoints < 2) Error0i("RMoveTo: No previous point!\n"); ++ FindStems( currx, curry, ppoints[numppoints-2].x, ppoints[numppoints-2].y, dx, dy); ++ } ++ ++@@ -2155,6 +2159,7 @@ ++ DOUBLE cx, cy; ++ DOUBLE ex, ey; ++ +++ if (ppoints == NULL || numppoints < 8) Error0v("FlxProc: No previous point!"); ++ ++ /* Our PPOINT list now contains 7 moveto commands which ++ are about to be consumed by the Flex mechanism. --> Remove these ++@@ -2324,6 +2329,7 @@ ++ /* Returns currentpoint on stack */ ++ static void FlxProc2() ++ { +++ if (ppoints == NULL || numppoints < 1) Error0v("FlxProc2: No previous point!"); ++ /* Push CurrentPoint on fake PostScript stack */ ++ PSFakePush( ppoints[numppoints-1].x); ++ PSFakePush( ppoints[numppoints-1].y); +--- t1lib-5.1.2.orig/debian/patches/format-security.diff ++++ t1lib-5.1.2/debian/patches/format-security.diff +@@ -0,0 +1,33 @@ ++--- a/lib/type1/objects.c +++++ b/lib/type1/objects.c ++@@ -957,7 +957,7 @@ ++ ++ sprintf(typemsg, "Wrong object type in %s; expected %s, found %s.\n", ++ name, TypeFmt(expect), TypeFmt(obj->type)); ++- IfTrace0(TRUE,typemsg); +++ IfTrace1(TRUE, "%s", typemsg); ++ ++ ObjectPostMortem(obj); ++ ++--- a/lib/t1lib/t1subset.c +++++ b/lib/t1lib/t1subset.c ++@@ -759,7 +759,7 @@ ++ tr_len); ++ T1_PrintLog( "T1_SubsetFont()", err_warn_msg_buf, ++ T1LOG_DEBUG); ++- l+=sprintf( &(trailerbuf[l]), linebuf); /* contains the PostScript trailer */ +++ l+=sprintf( &(trailerbuf[l]), "%s", linebuf); /* contains the PostScript trailer */ ++ } ++ ++ /* compute size of output file */ ++--- a/lib/type1/objects.h +++++ b/lib/type1/objects.h ++@@ -214,7 +214,7 @@ ++ /*SHARED*/ ++ /* NDW: personally, I want to see status and error messages! */ ++ #define IfTrace0(condition,model) \ ++- {if (condition) printf(model);} +++ {if (condition) fputs(model,stdout);} ++ #define IfTrace1(condition,model,arg0) \ ++ {if (condition) printf(model,arg0);} ++ #define IfTrace2(condition,model,arg0,arg1) \ +--- t1lib-5.1.2.orig/debian/patches/series ++++ t1lib-5.1.2/debian/patches/series +@@ -0,0 +1,8 @@ ++no-docs.diff ++no-config.diff ++lib-cleanup.diff ++#segfault.diff ++format-security.diff ++CVE-2011-0764.diff ++CVE-2011-1552_1553_1554.patch ++CVE-2010-2642.patch +--- t1lib-5.1.2.orig/debian/man/FontDatabase.5 ++++ t1lib-5.1.2/debian/man/FontDatabase.5 +@@ -0,0 +1,77 @@ ++.TH FONTDATABASE 5 ++.SH NAME ++FontDataBase \- database of fonts accessible to t1lib. ++.SH DESCRIPTION ++This manual page has been written for the Debian GNU/Linux ++distribution. It has been adapted from the documentation included in ++the upstream ++.B t1lib ++distribution. ++.PP ++.B /etc/t1lib/FontDataBase ++is a text file which contains, minimally, the basenames of Type 1 font ++files to be made accessible to the ++.B t1lib ++font rasterizer library. The format is intentionally similar to that ++of the ++.B fonts.dir ++and ++.B fonts.scale ++files used by X11. ++.PP ++Line 1 of this file contains a positive integer specifying the number ++of fonts declared in that file. This is as in the ++.B fonts.dir ++files of the X11 system. ++.PP ++All remaining lines contain declarations of one font each. The only ++thing taken from such a line is the last string (delimited by white ++space) in it. It is assumed to be a filename of the format ++\fIbasename\fR.\fIsomeextension\fR. ++.PP ++The \fIbasename\fR part is assumed to be the ++.BR basename (1) ++of a fontfile. After the a string has been parsed, the ++.I extension ++is cut off and replaced in turn with ++.I .pfa ++and ++.I .pfb. ++The initialization routine tries to open a font file in ++its search path with one of the resulting filenames. ++.PP ++The remainder of the line, i.e., from beginning to the start of the ++filename string, is completely ignored and thus may contain ++information for other programs. ++.SH EXAMPLES ++Here is a minimal font database file for 4 fonts: ++.sp ++.nf ++4 ++isvl.afm ++isvli.afm ++isvd.afm ++isvdi.afm ++.fi ++.PP ++This file is \fIminimal\fR, because it contains just the information ++needed, and nothing not needed by the library. ++.PP ++Here is a more realistic example, which allows an application to match ++a fully qualified X11 fontname to a FontID in ++.B t1lib. ++This is also a valid font database file: ++.sp ++.nf ++4 ++Souvenir Souvenir-Light --- \-itc-souvenir-light-r-normal--#-0-0-0-p-0-iso8859-1 isvl.afm ++Souvenir Souvenir-LightItalic -*- \-itc-souvenir-light-i-normal--#-0-0-0-p-0-iso8859-1 isvli.afm ++ Souvenir-Demi *-- \-itc-souvenir-demi-r-normal--#-0-0-0-p-0-iso8859-1 isvd.afm ++ Souvenir-DemiItalic **- \-itc-souvenir-demi-i-normal--#-0-0-0-p-0-iso8859-1 isvdi.afm ++.fi ++.PP ++.SH FILES ++.I /etc/t1lib/FontDataBase ++.SH "SEE ALSO" ++.BR mkfontdir (1x) ++ +--- t1lib-5.1.2.orig/debian/man/t1libconfig.8 ++++ t1lib-5.1.2/debian/man/t1libconfig.8 +@@ -0,0 +1,57 @@ ++.TH T1LIBCONFIG 8 ++.SH NAME ++.B t1libconfig ++\- create the t1lib.config and FontDataBase files for t1lib ++.SH SYNOPSIS ++.B t1libconfig ++[ ++.BR \-v\fP, \fB\-\-version ++] ++[ ++.BR \-h\fP, \fB\-\-help ++] ++.B \-\-force ++] ++[ ++.B fontdirectory... ++] ++.SH DESCRIPTION ++.B t1libconfig ++scans a list of directories for Type 1 fonts and font metric files, ++and generates a configuration file and font database file for the ++.B t1lib ++rasterizer library accordingly. By default, it looks in all ++subdirectories of /usr/X11R6/lib/X11/fonts, and in ++/usr/lib/ghostscript. Extra directories to search may be specified on ++the command line. The ++.B t1libconfig ++script tries not to scan the same directory twice (this is, however, ++not foolproof, since /usr/X11R6/lib/X11/fonts and /usr/lib/X11/fonts ++typically point to the same directory on GNU/Linux systems). ++.SH OPTIONS ++.TP ++.BR \-v\fP, \fB\-\-version ++Print the version of ++.B t1libconfig ++and exit. ++.TP ++.BR \-h\fP, \fB\-\-help ++Print help about usage and exit. ++.TP ++.B \-\-force ++Force the generation of new configuration files even if these files ++already exist on the system. ++.SH FILES ++.TP 25 ++.B /etc/t1lib/t1lib.config ++Contains configuration information for t1lib, including ++colon-separated lists of paths to Type 1 font files and font metrics ++files, and the location of the default font database file ++.TP 25 ++.B /etc/t1lib/FontDataBase ++Contains a list of the names of Type 1 font files to be used by t1lib. ++.SH AUTHOR ++David Huggins-Daines <dhd@debian.org> ++.SH SEE ALSO ++.BR FontDataBase (5) ++ +--- t1lib-5.1.2.orig/debian/man/xglyph.1 ++++ t1lib-5.1.2/debian/man/xglyph.1 +@@ -0,0 +1,111 @@ ++.TH XGLYPH 1 ++.SH NAME ++xglyph \- demonstration program for the t1lib font rasterizer library. ++.SH SYNOPSIS ++.B xglyph ++[ ++.B fontfile... ++] ++.SH "DESCRIPTION" ++This manual page documents briefly the ++.BR xglyph ++program. ++This manual page was written for the Debian GNU/Linux distribution ++because the original program does not have a manual page. ++.PP ++.B xglyph ++is a program which demonstrates the capabilities of the ++.B t1lib ++library. It allows the user to view an arbitrary character or string ++rendered in the various ways pgossible with the library. By default, ++it writes a log file named \fIt1lib.log\fR in the current directory. ++.PP ++If invoked with no arguments, it will attempt to read the global ++configuration file and font database. It will also accept any number ++of filenames on the command line, in which case these are treated as ++font files to be loaded instead of the default font database. ++.SH "OPTIONS" ++.TP ++.BR \-\-help ++Shows a brief help text ++.TP ++.BR \-\-Help ++Shows a description of all options ++.TP ++.BR \-\-noGrid ++Don't draw grid lines when displaying glyphs ++.TP ++.BR \-\-setPad ++Set bitmap padding ++.TP ++.BR \-\-logError ++Log errors only ++.TP ++.BR \-\-logWarning ++Log errors and warnings ++.TP ++.BR \-\-logStatistic ++Log errors, warnings, and statistics ++.TP ++.BR \-\-logDebug ++Log just about everything ++.TP ++.BR \-\-ignoreForceBold ++Don't make pseudo-boldface glyphs ++.TP ++.BR \-\-ignoreFamilyAlignment ++.TP ++.BR \-\-ignoreHinting ++Ignore hints when scaling glyphs ++.TP ++.BR \-\-debugLine ++Show debugging info for line-drawing ++operations in the rasterizer ++.TP ++.BR \-\-debugRegion ++Show debugging info for region operations in ++the rasterizer ++.TP ++.BR \-\-debugPath ++Show debugging info for path operations in the ++rasterizer ++.TP ++.BR \-\-debugFont ++.TP ++.BR \-\-debugHint ++Show debugging info for hinting in the rasterizer. ++.TP ++.BR \-\-checkPerformance ++Do some simple performance tests while rasterizing. ++.TP ++.BR \-\-checkCopyFont ++Check that copying fonts works. ++.TP ++.BR \-\-checkConcatGlyphs ++Check that concatenating glyphs works. ++.TP ++.BR \-\-checkBadCharHandling ++.TP ++.BR \-\-checkDefaultEncoding ++Set a default encoding vector. ++.SH "ENVIRONMENT" ++In the Debian GNU/Linux version of this program, the environment ++variable ++.B T1LIB_CONFIG, ++if set, points to an alternate configuration ++file with which to initialize the library. ++.SH "SEE ALSO" ++.BR FontDataBase (5), ++.BR t1libconfig (8). ++.PP ++.B xglyph ++is much more fully documented in the LaTeX documentation that ++accompanies the upstream ++.B t1lib ++distribution. This documentation is installed in PostScript and source ++formats with the t1lib-dev package in /usr/share/doc/t1lib-dev, and is ++also accessible through the dwww system. ++.SH AUTHOR ++This manual page was written by David Huggins-Daines ++<dhd@debian.org>, for the Debian GNU/Linux system (but may ++be used by others). +--- t1lib-5.1.2.orig/debian/man/type1afm.1 ++++ t1lib-5.1.2/debian/man/type1afm.1 +@@ -0,0 +1,34 @@ ++.TH TYPE1AFM 1 ++.SH NAME ++.B type1afm ++\- create a font metrics file from a Type 1 font file ++.SH SYNOPSIS ++.B type1afm ++[ ++.BR \-l ++] ++.B fontfile ++[ ++.B fontfile... ++] ++.SH DESCRIPTION ++This manual page was written for the Debian GNU/Linux distribution ++because the original program does not have a manual page. ++.PP ++.B type1afm ++reads in Type 1 font files specified on the command line, rasterizes ++them to 1000bp, and writes AFM (font metrics) files based on the ++observed metrics information. ++.PP ++The AFM file is created in the same directory as the font file, so be ++sure that you have write access there before running this program. ++.SH OPTIONS ++.TP ++.BR \-l ++Write a log file ++.SH SEE ALSO ++.BR getafm (1) ++.SH AUTHOR ++This manual page was David Huggins-Daines <dhd@debian.org> ++for the Debian GNU/Linux distribution (but may be used by others) ++ diff --git a/patches/source/vsftpd/doinst.sh b/patches/source/vsftpd/doinst.sh new file mode 100644 index 000000000..f915774f4 --- /dev/null +++ b/patches/source/vsftpd/doinst.sh @@ -0,0 +1,15 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} +config etc/vsftpd.conf.new +config etc/logrotate.d/vsftpd.new +rm -f etc/logrotate.d/vsftpd.new + diff --git a/patches/source/vsftpd/slack-desc b/patches/source/vsftpd/slack-desc new file mode 100644 index 000000000..82b9f521e --- /dev/null +++ b/patches/source/vsftpd/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +vsftpd: vsftpd (Very Secure FTP Daemon) +vsftpd: +vsftpd: vsftpd is an FTP server, or daemon. The 'vs' stands for Very Secure. +vsftpd: Obviously this is not a guarantee, but a reflection that the entire +vsftpd: codebase was written with security in mind, and carefully designed to +vsftpd: be resilient to attack (as well as extremely fast and scalable). +vsftpd: +vsftpd: The vsftpd homepage is http://vsftpd.beasts.org/ +vsftpd: +vsftpd: The Very Secure FTP Daemon was written by Chris Evans. +vsftpd: diff --git a/patches/source/vsftpd/vsftpd.SlackBuild b/patches/source/vsftpd/vsftpd.SlackBuild new file mode 100755 index 000000000..783e4a5ac --- /dev/null +++ b/patches/source/vsftpd/vsftpd.SlackBuild @@ -0,0 +1,106 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PKGNAM=vsftpd +VERSION=${VERSION:-$(echo ${PKGNAM}-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.0} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-vsftpd + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP || exit 1 +rm -rf vsftpd-$VERSION +tar xvf $CWD/vsftpd-$VERSION.tar.gz || exit 1 +cd vsftpd-$VERSION || exit 1 +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/vsftpd.builddefs.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/vsftpd.conf.diff.gz | patch -p1 --verbose || exit 1 + +make $NUMJOBS || make || exit 1 + +mkdir -p $PKG/usr/sbin +cp vsftpd $PKG/usr/sbin +chmod 755 $PKG/usr/sbin/vsftpd +strip --strip-unneeded $PKG/usr/sbin/vsftpd + +mkdir -p $PKG/usr/man/man{5,8} +cat vsftpd.conf.5 | gzip -9c > $PKG/usr/man/man5/vsftpd.conf.5.gz +cat vsftpd.8 | gzip -9c > $PKG/usr/man/man8/vsftpd.8.gz + +mkdir -p $PKG/etc +cat vsftpd.conf > $PKG/etc/vsftpd.conf.new + +mkdir -p $PKG/etc/logrotate.d +zcat $CWD/vsftpd.log.gz > $PKG/etc/logrotate.d/vsftpd.new + +mkdir -p $PKG/usr/share/empty +mkdir -p $PKG/home/ftp + +mkdir -p $PKG/usr/doc/vsftpd-$VERSION +cp -a \ + AUDIT BENCHMARKS BUGS COPYING* COPYRIGHT EXAMPLE FAQ \ + INSTALL LICENSE README* REFS REWARD SECURITY SIZE SPEED TODO TUNING \ + $PKG/usr/doc/vsftpd-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r Changelog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat Changelog | head -n 1000 > $DOCSDIR/Changelog + touch -r Changelog $DOCSDIR/Changelog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/vsftpd-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/vsftpd/vsftpd.builddefs.diff b/patches/source/vsftpd/vsftpd.builddefs.diff new file mode 100644 index 000000000..ea9081391 --- /dev/null +++ b/patches/source/vsftpd/vsftpd.builddefs.diff @@ -0,0 +1,15 @@ +--- ./builddefs.h.orig 2004-07-02 07:36:59.000000000 -0700 ++++ ./builddefs.h 2004-09-03 11:25:13.000000000 -0700 +@@ -1,9 +1,9 @@ + #ifndef VSF_BUILDDEFS_H + #define VSF_BUILDDEFS_H + +-#undef VSF_BUILD_TCPWRAPPERS +-#define VSF_BUILD_PAM +-#undef VSF_BUILD_SSL ++#define VSF_BUILD_TCPWRAPPERS ++#undef VSF_BUILD_PAM ++#define VSF_BUILD_SSL + + #endif /* VSF_BUILDDEFS_H */ + diff --git a/patches/source/vsftpd/vsftpd.conf.diff b/patches/source/vsftpd/vsftpd.conf.diff new file mode 100644 index 000000000..1f410a7ac --- /dev/null +++ b/patches/source/vsftpd/vsftpd.conf.diff @@ -0,0 +1,45 @@ +diff -Nur vsftpd-2.2.1.orig/vsftpd.conf vsftpd-2.2.1/vsftpd.conf +--- vsftpd-2.2.1.orig/vsftpd.conf 2009-10-18 21:04:23.000000000 -0500 ++++ vsftpd-2.2.1/vsftpd.conf 2009-10-19 10:22:16.609407947 -0500 +@@ -19,7 +19,7 @@ + # + # Default umask for local users is 077. You may wish to change this to 022, + # if your users expect that (022 is used by most other ftpd's) +-#local_umask=022 ++local_umask=022 + # + # Uncomment this to allow the anonymous FTP user to upload files. This only + # has an effect if the above global write enable is activated. Also, you will +@@ -48,11 +48,11 @@ + # + # You may override where the log file goes if you like. The default is shown + # below. +-#xferlog_file=/var/log/vsftpd.log ++xferlog_file=/var/log/vsftpd.log + # + # If you want, you can have your log file in standard ftpd xferlog format. + # Note that the default log file location is /var/log/xferlog in this case. +-#xferlog_std_format=YES ++xferlog_std_format=YES + # + # You may change the default value for timing out an idle session. + #idle_session_timeout=600 +@@ -101,12 +101,13 @@ + # default to avoid remote users being able to cause excessive I/O on large + # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume + # the presence of the "-R" option, so there is a strong case for enabling it. +-#ls_recurse_enable=YES ++ls_recurse_enable=YES + # +-# When "listen" directive is enabled, vsftpd runs in standalone mode and +-# listens on IPv4 sockets. This directive cannot be used in conjunction +-# with the listen_ipv6 directive. +-listen=YES ++# When "listen" directive is enabled, vsftpd runs in standalone mode (rather ++# than from inetd) and listens on IPv4 sockets. To use vsftpd in standalone ++# mode rather than with inetd, change the line below to 'listen=YES' ++# This directive cannot be used in conjunction with the listen_ipv6 directive. ++listen=NO + # + # This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6 + # sockets, you must run two copies of vsftpd with two configuration files. diff --git a/patches/source/vsftpd/vsftpd.log b/patches/source/vsftpd/vsftpd.log new file mode 100644 index 000000000..d338de811 --- /dev/null +++ b/patches/source/vsftpd/vsftpd.log @@ -0,0 +1,5 @@ +/var/log/vsftpd.log { + # ftpd doesn't handle SIGHUP properly + nocompress + missingok +} diff --git a/patches/source/wget/doinst.sh b/patches/source/wget/doinst.sh new file mode 100644 index 000000000..dd81eb507 --- /dev/null +++ b/patches/source/wget/doinst.sh @@ -0,0 +1,14 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/wgetrc.new + diff --git a/patches/source/wget/slack-desc b/patches/source/wget/slack-desc new file mode 100644 index 000000000..d023ea373 --- /dev/null +++ b/patches/source/wget/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +wget: wget (a non-interactive network retriever) +wget: +wget: GNU Wget is a free network utility to retrieve files from the +wget: World Wide Web using HTTP and FTP, the two most widely used Internet +wget: protocols. It works non-interactively, thus enabling work in the +wget: background after having logged off. +wget: +wget: The author of Wget is Hrvoje Niksic <hniksic@srce.hr>. +wget: +wget: +wget: diff --git a/patches/source/wget/wget.SlackBuild b/patches/source/wget/wget.SlackBuild new file mode 100755 index 000000000..bef0aa972 --- /dev/null +++ b/patches/source/wget/wget.SlackBuild @@ -0,0 +1,109 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2012, 2013, 2014, 2015 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=${VERSION:-$(echo wget-*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-1_slack13.0} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +else + SLKCFLAGS="-O2" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-wget + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf wget-$VERSION +tar xvf $CWD/wget-$VERSION.tar.?z || exit 1 +cd wget-$VERSION + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --infodir=/usr/info \ + --docdir=/usr/doc/wget-$VERSION \ + --with-ssl=openssl \ + --build=${ARCH}-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +mv $PKG/etc/wgetrc $PKG/etc/wgetrc.new + +find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ + | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +rm -f $PKG/usr/info/dir +gzip -9 $PKG/usr/info/* $PKG/usr/man/man?/* + +mkdir -p $PKG/usr/doc/wget-$VERSION +cp -a \ + AUTHORS COPYING* MAILING-LIST NEWS PATCHES README* TODO \ + $PKG/usr/doc/wget-$VERSION + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/wget-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/wicd/README.SLACKWARE b/patches/source/wicd/README.SLACKWARE new file mode 100644 index 000000000..e7a374dce --- /dev/null +++ b/patches/source/wicd/README.SLACKWARE @@ -0,0 +1,17 @@ +After installing this package, make sure the /etc/rc.d/rc.wicd +script is executable; if necessary, do: + chmod +x /etc/rc.d/rc.wicd + +Results have varied, but you will probably need/want to remove +any references to interfaces from /etc/rc.d/rc.inet1.conf - in +other words, make that file look as if netconfig has never been +run. + +When you start X, you should see a wicd icon in the system tray; +click on it to open the gui interface and configure as desired. +Your user account will need to be a member of the 'netdev' group +in order to use wicd. + +Note that urwid will need to be installed if you want to use the +curses client. Also, if you don't have kde installed, you won't +have a graphical sudo client available. diff --git a/patches/source/wicd/doinst.sh b/patches/source/wicd/doinst.sh new file mode 100644 index 000000000..78732c5b9 --- /dev/null +++ b/patches/source/wicd/doinst.sh @@ -0,0 +1,37 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +# Keep same perms on rc.wicd.new: +if [ -e etc/rc.d/rc.wicd ]; then + cp -a etc/rc.d/rc.wicd etc/rc.d/rc.wicd.new.incoming + cat etc/rc.d/rc.wicd.new > etc/rc.d/rc.wicd.new.incoming + mv etc/rc.d/rc.wicd.new.incoming etc/rc.d/rc.wicd.new +fi + +# Update desktop menu +if [ -x /usr/bin/update-desktop-database ]; then + /usr/bin/update-desktop-database -q usr/share/applications >/dev/null 2>&1 +fi + +# Update icon cache if one exists +if [ -r usr/share/icons/hicolor/icon-theme.cache ]; then + if [ -x /usr/bin/gtk-update-icon-cache ]; then + /usr/bin/gtk-update-icon-cache -t -f usr/share/icons/hicolor >/dev/null 2>&1 + fi +fi + +config etc/dbus-1/system.d/wicd.conf.new +config etc/rc.d/rc.wicd.new +config etc/wicd/manager-settings.conf.new +config etc/logrotate.d/wicd.logrotate.new + diff --git a/patches/source/wicd/slack-desc b/patches/source/wicd/slack-desc new file mode 100644 index 000000000..47cf875f8 --- /dev/null +++ b/patches/source/wicd/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler-------------------------------------------------------| +wicd: wicd (network manager for linux) +wicd: +wicd: wicd is a wired and wireless network manager for Linux. +wicd: Some features include: +wicd: - Ability to connect to wired and wireless networks +wicd: - Profiles for each wireless network and wired network +wicd: - Many encryption schemes, some of which include WEP/WPA/WPA2 +wicd: - Compatible with wireless-tools +wicd: +wicd: Homepage: http://wicd.net +wicd: diff --git a/patches/source/wicd/wicd-1.7.2.4.sanitize.string.bugfix.diff b/patches/source/wicd/wicd-1.7.2.4.sanitize.string.bugfix.diff new file mode 100644 index 000000000..4be44631c --- /dev/null +++ b/patches/source/wicd/wicd-1.7.2.4.sanitize.string.bugfix.diff @@ -0,0 +1,11 @@ +--- ./wicd/misc.py.orig 2012-04-30 14:20:09.000000000 -0500 ++++ ./wicd/misc.py 2012-05-09 14:08:24.611298308 -0500 +@@ -430,7 +430,7 @@ + """ Sanitize property names to be used in config-files. """ + allowed = string.ascii_letters + '_' + string.digits + table = string.maketrans(allowed, ' ' * len(allowed)) +- return s.translate(None, table) ++ return s.encode('ascii', 'replace').translate(None, table) + + def sanitize_escaped(s): + """ Sanitize double-escaped unicode strings. """ diff --git a/patches/source/wicd/wicd.SlackBuild b/patches/source/wicd/wicd.SlackBuild new file mode 100755 index 000000000..6c86ff732 --- /dev/null +++ b/patches/source/wicd/wicd.SlackBuild @@ -0,0 +1,100 @@ +#!/bin/sh + +# Copyright 2008,2009,2010,2011,2012 Robby Workman Northport, AL, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +PRGNAM=wicd +VERSION=${VERSION:-1.7.2.4} +BUILD=${BUILD:-2_slack13.0} + +# Automatically determine architecture for build & packaging: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-$PRGNAM + +if [ "$ARCH" = "i486" ]; then + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG +cd $TMP +rm -rf $PRGNAM-$VERSION +tar xvf $CWD/$PRGNAM-$VERSION.tar.xz || exit 1 +cd $PRGNAM-$VERSION || exit 1 +chown -R root:root . + +zcat $CWD/wicd-1.7.2.4.sanitize.string.bugfix.diff.gz | patch -p1 --verbose || exit 1 + +python setup.py configure \ + --lib=/usr/lib${LIBDIRSUFFIX}/wicd \ + --kdedir=/usr/share/autostart \ + --backends=/usr/lib${LIBDIRSUFFIX}/wicd/backends \ + || exit 1 + +# Bypass the need for pybabel (thanks, dapal!) +for pofile in $(find po/ -type f -name "*.po") ; do + mkdir -p translations/$(basename ${pofile} .po)/LC_MESSAGES + msgfmt -o translations/$(basename ${pofile} .po)/LC_MESSAGES/wicd.mo ${pofile} +done + +python setup.py install --root=$PKG || exit 1 + +# Handle some Slackware defaults +# Use dhcpcd as the dhcp client +# Use kdesu as the graphical sudo application +cat << EOF > $PKG/etc/wicd/manager-settings.conf.new +[Settings] +dhcp_client = 2 +sudo_app = 2 +EOF + +# Don't clobber configs on upgrade +mv $PKG/etc/dbus-1/system.d/wicd.conf $PKG/etc/dbus-1/system.d/wicd.conf.new +mv $PKG/etc/logrotate.d/wicd.logrotate $PKG/etc/logrotate.d/wicd.logrotate.new +mv $PKG/etc/rc.d/rc.wicd $PKG/etc/rc.d/rc.wicd.new + +# Compress the man pages and add a bit to the package docs +( cd $PKG/usr/man || exit 1 + find . -type f -exec gzip -9 {} \; + for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done +) +cat $CWD/README.SLACKWARE > $PKG/usr/doc/$PRGNAM-$VERSION/README.SLACKWARE + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -c n -l y $TMP/$PRGNAM-$VERSION-$ARCH-$BUILD.txz diff --git a/patches/source/xcb-proto/arch.use.flags b/patches/source/xcb-proto/arch.use.flags new file mode 100644 index 000000000..11087c884 --- /dev/null +++ b/patches/source/xcb-proto/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/xcb-proto/build/xcb-proto b/patches/source/xcb-proto/build/xcb-proto new file mode 100644 index 000000000..1551cb6a4 --- /dev/null +++ b/patches/source/xcb-proto/build/xcb-proto @@ -0,0 +1 @@ +1_slack13.0 diff --git a/patches/source/xcb-proto/configure/configure b/patches/source/xcb-proto/configure/configure new file mode 100644 index 000000000..dcb1109bd --- /dev/null +++ b/patches/source/xcb-proto/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/xcb-proto/modularize b/patches/source/xcb-proto/modularize new file mode 100644 index 000000000..8a28ed93e --- /dev/null +++ b/patches/source/xcb-proto/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/xcb-proto/noarch b/patches/source/xcb-proto/noarch new file mode 100644 index 000000000..8785ee527 --- /dev/null +++ b/patches/source/xcb-proto/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/xcb-proto/package-blacklist b/patches/source/xcb-proto/package-blacklist new file mode 100644 index 000000000..603b8c31f --- /dev/null +++ b/patches/source/xcb-proto/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/xcb-proto/post-install/xcb-proto.post-install b/patches/source/xcb-proto/post-install/xcb-proto.post-install new file mode 100644 index 000000000..eb341027a --- /dev/null +++ b/patches/source/xcb-proto/post-install/xcb-proto.post-install @@ -0,0 +1,5 @@ +# Add documentation: +mkdir -p $PKG/usr/doc/xcb-proto-$MODULAR_PACKAGE_VERSION +cp -a \ + COPYING README \ + $PKG/usr/doc/xcb-proto-$MODULAR_PACKAGE_VERSION diff --git a/patches/source/xcb-proto/slack-desc/xcb-proto b/patches/source/xcb-proto/slack-desc/xcb-proto new file mode 100644 index 000000000..c66b71404 --- /dev/null +++ b/patches/source/xcb-proto/slack-desc/xcb-proto @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xcb-proto: xcb-proto (X protocol C-language Binding protocol descriptions) +xcb-proto: +xcb-proto: xcb-proto provides the XML-XCB protocol descriptions that libxcb +xcb-proto: uses to generate the majority of its code and API. We provide them +xcb-proto: separately from libxcb to allow reuse by other projects, such as +xcb-proto: additional language bindings, protocol dissectors, or documentation +xcb-proto: generators. +xcb-proto: +xcb-proto: +xcb-proto: +xcb-proto: diff --git a/patches/source/xcb-proto/x11.SlackBuild b/patches/source/xcb-proto/x11.SlackBuild new file mode 100755 index 000000000..c3887dff2 --- /dev/null +++ b/patches/source/xcb-proto/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/xcb-proto/xcb-proto.SlackBuild b/patches/source/xcb-proto/xcb-proto.SlackBuild new file mode 100755 index 000000000..84fbe97bb --- /dev/null +++ b/patches/source/xcb-proto/xcb-proto.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild xcb xcb-proto +mv /tmp/x11-build/xcb-proto*txz /tmp diff --git a/patches/source/xextproto/arch.use.flags b/patches/source/xextproto/arch.use.flags new file mode 100644 index 000000000..11087c884 --- /dev/null +++ b/patches/source/xextproto/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/xextproto/build/xextproto b/patches/source/xextproto/build/xextproto new file mode 100644 index 000000000..1551cb6a4 --- /dev/null +++ b/patches/source/xextproto/build/xextproto @@ -0,0 +1 @@ +1_slack13.0 diff --git a/patches/source/xextproto/configure/configure b/patches/source/xextproto/configure/configure new file mode 100644 index 000000000..dcb1109bd --- /dev/null +++ b/patches/source/xextproto/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/xextproto/modularize b/patches/source/xextproto/modularize new file mode 100644 index 000000000..8a28ed93e --- /dev/null +++ b/patches/source/xextproto/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/xextproto/noarch b/patches/source/xextproto/noarch new file mode 100644 index 000000000..8785ee527 --- /dev/null +++ b/patches/source/xextproto/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/xextproto/package-blacklist b/patches/source/xextproto/package-blacklist new file mode 100644 index 000000000..603b8c31f --- /dev/null +++ b/patches/source/xextproto/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/xextproto/slack-desc/xextproto b/patches/source/xextproto/slack-desc/xextproto new file mode 100644 index 000000000..6ea870d03 --- /dev/null +++ b/patches/source/xextproto/slack-desc/xextproto @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xextproto: xextproto (C prototypes for X Protocol Extensions) +xextproto: +xextproto: xextproto is part of X11. +xextproto: +xextproto: For more information about the X.Org Foundation (the providers of the +xextproto: X.Org implementation of the X Window System), see their website: +xextproto: +xextproto: http://www.x.org +xextproto: +xextproto: +xextproto: diff --git a/patches/source/xextproto/x11.SlackBuild b/patches/source/xextproto/x11.SlackBuild new file mode 100755 index 000000000..c3887dff2 --- /dev/null +++ b/patches/source/xextproto/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/xextproto/xextproto.SlackBuild b/patches/source/xextproto/xextproto.SlackBuild new file mode 100755 index 000000000..a61c5c383 --- /dev/null +++ b/patches/source/xextproto/xextproto.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild proto xextproto +mv /tmp/x11-build/xextproto*txz /tmp diff --git a/patches/source/xorg-server/arch.use.flags b/patches/source/xorg-server/arch.use.flags new file mode 100644 index 000000000..f28a6ccab --- /dev/null +++ b/patches/source/xorg-server/arch.use.flags @@ -0,0 +1,7 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/xorg-server/build/xorg-server b/patches/source/xorg-server/build/xorg-server new file mode 100644 index 000000000..cd9750506 --- /dev/null +++ b/patches/source/xorg-server/build/xorg-server @@ -0,0 +1 @@ +4_slack13.0 diff --git a/patches/source/xorg-server/configure/xorg-server b/patches/source/xorg-server/configure/xorg-server new file mode 100644 index 000000000..b66600258 --- /dev/null +++ b/patches/source/xorg-server/configure/xorg-server @@ -0,0 +1,42 @@ +# Servers to build: +BUILD_SERVERS="--enable-xorg \ + --enable-xvfb \ + --enable-xnest \ + --enable-kdrive \ + --enable-xephyr \ + --enable-xsdl \ + --enable-xfbdev" + +MESA_VERSION=${MESA_VERSION:-7.5} + +# Default font paths to be used by the X server +DEF_FONTPATH="/usr/share/fonts/local,/usr/share/fonts/TTF,/usr/share/fonts/OTF,/usr/share/fonts/Type1,/usr/share/fonts/misc,/usr/share/fonts/CID,/usr/share/fonts/75dpi/:unscaled,/usr/share/fonts/100dpi/:unscaled,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/cyrillic" + +CFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --disable-static \ + --with-pic \ + --with-int10=x86emu \ + --with-default-font-path="${DEF_FONTPATH}" \ + --with-module-dir=/usr/lib${LIBDIRSUFFIX}/xorg/modules \ + --with-dri-driver-path=/usr/lib${LIBDIRSUFFIX}/xorg/modules/dri \ + --with-os-name="Slackware 13.0" \ + --with-os-vendor="Slackware Linux Project" \ + --with-mesa-source=/tmp/Mesa-${MESA_VERSION} \ + --with-xkb-path=/etc/X11/xkb \ + --with-xkb-output=/var/lib/xkb \ + $BUILD_SERVERS \ + --build=$ARCH-slackware-linux + +if [ "$ARCH" = "x86_64" ]; then + # To prevent the error "No rule to make target `-ldl'" + sed -i -e 's#-ldl##' hw/xfree86/Makefile + sed -i -e 's#-lm#-lm -ldl#' hw/xfree86/Makefile +fi + diff --git a/patches/source/xorg-server/makepkg/xorg-server b/patches/source/xorg-server/makepkg/xorg-server new file mode 100644 index 000000000..67b93c971 --- /dev/null +++ b/patches/source/xorg-server/makepkg/xorg-server @@ -0,0 +1,35 @@ + +rm -r ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/usr/bin +mv $PKG/usr/bin/Xnest ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/usr/bin +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/usr/man/man1 +mv $PKG/usr/man/man1/Xnest.1.gz ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/usr/man/man1 +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/install +cat $CWD/slack-desc/xorg-server-xnest > ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest/install/slack-desc +cd ${SLACK_X_BUILD_DIR}/package-xorg-server-xnest +/sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/xorg-server-xnest-${MODULAR_PACKAGE_VERSION}-$ARCH-$BUILD.txz + +rm -r ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/usr/bin +mv $PKG/usr/bin/Xvfb ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/usr/bin +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/usr/man/man1 +mv $PKG/usr/man/man1/Xvfb.1.gz ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/usr/man/man1 +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/install +cat $CWD/slack-desc/xorg-server-xvfb > ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb/install/slack-desc +cd ${SLACK_X_BUILD_DIR}/package-xorg-server-xvfb +/sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/xorg-server-xvfb-${MODULAR_PACKAGE_VERSION}-$ARCH-$BUILD.txz + +rm -r ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/usr/bin +mv $PKG/usr/bin/Xephyr ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/usr/bin +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/usr/man/man1 +mv $PKG/usr/man/man1/Xephyr.1.gz ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/usr/man/man1 +mkdir -p ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/install +cat $CWD/slack-desc/xorg-server-xephyr > ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr/install/slack-desc +cd ${SLACK_X_BUILD_DIR}/package-xorg-server-xephyr +/sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/xorg-server-xephyr-${MODULAR_PACKAGE_VERSION}-$ARCH-$BUILD.txz + +# Build the main xorg-server package: +cd $PKG +/sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/xorg-server-${MODULAR_PACKAGE_VERSION}-$ARCH-$BUILD.txz + diff --git a/patches/source/xorg-server/modularize b/patches/source/xorg-server/modularize new file mode 100644 index 000000000..d6eb2f68a --- /dev/null +++ b/patches/source/xorg-server/modularize @@ -0,0 +1,265 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/xorg-server/noarch b/patches/source/xorg-server/noarch new file mode 100644 index 000000000..480ffc26c --- /dev/null +++ b/patches/source/xorg-server/noarch @@ -0,0 +1,76 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-cf-files +xorg-docs +xproto +xtrans diff --git a/patches/source/xorg-server/package-blacklist b/patches/source/xorg-server/package-blacklist new file mode 100644 index 000000000..377624999 --- /dev/null +++ b/patches/source/xorg-server/package-blacklist @@ -0,0 +1,39 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/xorg-server/patch/xorg-server.patch b/patches/source/xorg-server/patch/xorg-server.patch new file mode 100644 index 000000000..996405a8a --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server.patch @@ -0,0 +1,5 @@ +zcat $CWD/patch/xorg-server/x11.startwithblackscreen.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patch/xorg-server/xorg-server.CVE-2010-2240.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patch/xorg-server/xorg-server.CVE-2013-4396.diff.gz | patch -p1 --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/xorg-server/xorg-server.CVE-2017-10971.diff.gz | patch -p1 -l --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } +zcat $CWD/patch/xorg-server/xorg-server.CVE-2017-10972.diff.gz | patch -p1 -l --verbose || { touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed ; continue ; } diff --git a/patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff b/patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff new file mode 100644 index 000000000..bfa9c305d --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/x11.startwithblackscreen.diff @@ -0,0 +1,13 @@ +--- ./dix/window.c.orig 2007-01-22 23:39:15.000000000 -0600 ++++ ./dix/window.c 2007-02-14 03:21:03.000000000 -0600 +@@ -140,8 +140,8 @@ + * + ******/ + +-static unsigned char _back_lsb[4] = {0x88, 0x22, 0x44, 0x11}; +-static unsigned char _back_msb[4] = {0x11, 0x44, 0x22, 0x88}; ++static unsigned char _back_lsb[4] = {0x00, 0x00, 0x00, 0x00}; ++static unsigned char _back_msb[4] = {0x00, 0x00, 0x00, 0x00}; + + _X_EXPORT int screenIsSaved = SCREEN_SAVER_OFF; + diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2010-2240.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2010-2240.diff new file mode 100644 index 000000000..b4d2f0956 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2010-2240.diff @@ -0,0 +1,130 @@ +--- ./os/utils.c.orig 2009-07-07 12:48:58.000000000 -0500 ++++ ./os/utils.c 2010-08-26 15:54:46.000000000 -0500 +@@ -58,6 +58,36 @@ + #include <signal.h> + #endif + ++/* ++ * issetugid() ++ * ++ * Copyright (C) - 2007 Robert Connolly ++ * ++ * Permission to reproduce, copy, delete, distribute, transmit, use, modify, ++ * build upon or otherwise exploit this software, in any form, for any ++ * purpose, in any way, and by anyone, including by methods that have not ++ * yet been invented or conceived, is hereby granted. ++ */ ++#include <unistd.h> ++extern int __libc_enable_secure; ++int issetugid(void) ++{ ++ if (__libc_enable_secure) ++ { ++ return 1; ++ } ++ if (getuid() != geteuid()) ++ { ++ return 1; ++ } ++ if (getgid() != getegid()) ++ { ++ return 1; ++ } ++ /* Else */ ++ return 0; ++} ++ + #if defined(WIN32) && !defined(__CYGWIN__) + #include <X11/Xwinsock.h> + #endif +@@ -761,6 +791,22 @@ + UseMsg(); + } + #endif ++/* #ifdef RLIMIT_AS ++ else if ( strcmp( argv[i], "-la") == 0) ++ { ++ if (getuid() != 0 && issetugid()) { ++ FatalError("The '-la' option can only be used by root.\n"); ++ } ++ if(++i < argc) ++ { ++ limitAddressSpace = atol(argv[i]); ++ if (limitAddressSpace > 0) ++ limitAddressSpace *= 1024; ++ } ++ else ++ UseMsg(); ++ } ++#endif */ + #ifdef SERVER_LOCK + else if ( strcmp ( argv[i], "-nolock") == 0) + { +--- ./os/osinit.c.orig 2009-07-07 12:48:58.000000000 -0500 ++++ ./os/osinit.c 2010-08-26 15:27:45.000000000 -0500 +@@ -99,6 +99,14 @@ + #ifdef macII + set42sig(); + #endif ++#ifdef RLIMIT_AS ++#ifdef _XSERVER64 ++#define XORG_AS_LIMIT 10737418240LL ++#else ++#define XORG_AS_LIMIT 1610612736 ++#endif ++long limitAddressSpace = XORG_AS_LIMIT; ++#endif + + if (!been_here) { + #if !defined(__SCO__) && !defined(__CYGWIN__) && !defined(__UNIXWARE__) +@@ -187,6 +195,22 @@ + } + } + #endif ++#ifdef RLIMIT_AS ++ if (limitAddressSpace >= 0) ++ { ++ struct rlimit rlim; ++ ++ if (!getrlimit(RLIMIT_AS, &rlim)) ++ { ++ if ((limitAddressSpace > 0) ++ && (limitAddressSpace < rlim.rlim_max)) ++ rlim.rlim_cur = limitAddressSpace; ++ else ++ rlim.rlim_cur = rlim.rlim_max; ++ (void)setrlimit(RLIMIT_AS, &rlim); ++ } ++ } ++#endif + LockServer(); + been_here = TRUE; + } +--- ./include/opaque.h.orig 2009-07-07 12:48:58.000000000 -0500 ++++ ./include/opaque.h 2010-08-26 15:49:31.000000000 -0500 +@@ -67,6 +67,9 @@ + #ifdef RLIMIT_NOFILE + extern int limitNoFile; + #endif ++#ifdef RLIMIT_AS ++extern long limitAddressSpace; ++#endif + extern Bool defeatAccessControl; + extern long maxBigRequestSize; + extern Bool party_like_its_1989; +--- ./doc/Xserver.man.pre.orig 2009-07-07 12:48:58.000000000 -0500 ++++ ./doc/Xserver.man.pre 2010-08-26 15:27:45.000000000 -0500 +@@ -293,6 +293,13 @@ + A value of zero makes the stack size as large as possible. The default value + of \-1 leaves the stack space limit unchanged. + .TP 8 ++.B \-la \fIkilobytes\fP ++sets the address space limit of the server to the specified number of ++kilobytes. ++A value of zero makes address space as large as possible. ++The default value is 1572864 (1.5GB) on 32 bit architectures and ++10485760 (10GB) on 64 bit architectures. ++.TP 8 + .B \-logo + turns on the X Window System logo display in the screen-saver. + There is currently no way to change this from a client. diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2013-4396.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2013-4396.diff new file mode 100644 index 000000000..d176b8462 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2013-4396.diff @@ -0,0 +1,42 @@ +--- ./dix/dixfonts.c.orig 2009-07-07 12:48:57.000000000 -0500 ++++ ./dix/dixfonts.c 2013-10-09 21:49:12.126761613 -0500 +@@ -1512,6 +1512,7 @@ + GC *pGC; + unsigned char *data; + ITclosurePtr new_closure; ++ ITclosurePtr old_closure; + + /* We're putting the client to sleep. We need to + save some state. Similar problem to that handled +@@ -1524,6 +1525,7 @@ + err = BadAlloc; + goto bail; + } ++ old_closure = c; + *new_closure = *c; + c = new_closure; + +@@ -1531,6 +1533,7 @@ + if (!data) + { + xfree(c); ++ c = old_closure; + err = BadAlloc; + goto bail; + } +@@ -1542,6 +1545,7 @@ + { + xfree(c->data); + xfree(c); ++ c = old_closure; + err = BadAlloc; + goto bail; + } +@@ -1555,6 +1559,7 @@ + FreeScratchGC(pGC); + xfree(c->data); + xfree(c); ++ c = old_closure; + err = BadAlloc; + goto bail; + } diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10971.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10971.diff new file mode 100644 index 000000000..25f09ee1a --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10971.diff @@ -0,0 +1,21 @@ +--- ./Xi/sendexev.c.orig 2010-04-30 04:26:35.000000000 -0500 ++++ ./Xi/sendexev.c 2017-08-15 14:58:25.709950954 -0500 +@@ -95,9 +95,17 @@ + + eventP = (xEvent *) & stuff[1]; + for (i = 0; i < stuff->num_events; i++, eventP++) { ++ if (eventP->u.u.type == GenericEvent) { ++ client->errorValue = eventP->u.u.type; ++ return BadValue; ++ } ++ + proc = EventSwapVector[eventP->u.u.type & 0177]; +- if (proc == NotImplemented) /* no swapping proc; invalid event type? */ ++ /* no swapping proc; invalid event type? */ ++ if (proc == NotImplemented) { ++ client->errorValue = eventP->u.u.type; + return (BadValue); ++ } + (*proc) (eventP, &eventT); + *eventP = eventT; + } diff --git a/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10972.diff b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10972.diff new file mode 100644 index 000000000..edddc8d66 --- /dev/null +++ b/patches/source/xorg-server/patch/xorg-server/xorg-server.CVE-2017-10972.diff @@ -0,0 +1,36 @@ +From 05442de962d3dc624f79fc1a00eca3ffc5489ced Mon Sep 17 00:00:00 2001 +From: Michal Srb <msrb@suse.com> +Date: Wed, 24 May 2017 15:54:39 +0300 +Subject: Xi: Zero target buffer in SProcXSendExtensionEvent. + +Make sure that the xEvent eventT is initialized with zeros, the same way as +in SProcSendEvent. + +Some event swapping functions do not overwrite all 32 bytes of xEvent +structure, for example XSecurityAuthorizationRevoked. Two cooperating +clients, one swapped and the other not, can send +XSecurityAuthorizationRevoked event to each other to retrieve old stack data +from X server. This can be potentialy misused to go around ASLR or +stack-protector. + +Signed-off-by: Michal Srb <msrb@suse.com> +Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net> +Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net> + +diff --git a/Xi/sendexev.c b/Xi/sendexev.c +index 11d8202..1cf118a 100644 +--- a/Xi/sendexev.c ++++ b/Xi/sendexev.c +@@ -78,7 +78,7 @@ SProcXSendExtensionEvent(ClientPtr client) + { + CARD32 *p; + int i; +- xEvent eventT; ++ xEvent eventT = { .u.u.type = 0 }; + xEvent *eventP; + EventSwapPtr proc; + +-- +cgit v0.10.2 + + diff --git a/patches/source/xorg-server/post-install/xorg-server.post-install b/patches/source/xorg-server/post-install/xorg-server.post-install new file mode 100644 index 000000000..0185cb70c --- /dev/null +++ b/patches/source/xorg-server/post-install/xorg-server.post-install @@ -0,0 +1,17 @@ +# Add COPYING file: +mkdir -p $PKG/usr/doc/xorg-server-$MODULAR_PACKAGE_VERSION +cp -a COPYING $PKG/usr/doc/xorg-server-$MODULAR_PACKAGE_VERSION + +# Don't mess with my /var/log/ permissions: +rmdir $PKG/var/log +rmdir $PKG/var + +# While I hate to have X11 take over another generic-sounding +# piece of prime filesystem real estate, this symlink will +# direct (for now) proprietary X drivers into the corrent +# location: + +( cd $PKG/usr/lib + rm -rf modules + ln -sf xorg/modules . +) diff --git a/patches/source/xorg-server/slack-desc/xorg-server b/patches/source/xorg-server/slack-desc/xorg-server new file mode 100644 index 000000000..9d25b405d --- /dev/null +++ b/patches/source/xorg-server/slack-desc/xorg-server @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xorg-server: xorg-server (The Xorg server, the core of the X Window System) +xorg-server: +xorg-server: Xorg is a full featured X server that was originally designed for UNIX +xorg-server: and UNIX-like operating systems running on Intel x86 hardware. It now +xorg-server: runs on a wider range of hardware and OS platforms. This work was +xorg-server: derived by the X.Org Foundation from the XFree86 Project's XFree86 +xorg-server: 4.4rc2 release. The XFree86 release was originally derived from X386 +xorg-server: 1.2 by Thomas Roell which was contributed to X11R5 by Snitily Graphics +xorg-server: Consulting Service. +xorg-server: +xorg-server: The home page for the X project is: http://www.x.org diff --git a/patches/source/xorg-server/slack-desc/xorg-server-xephyr b/patches/source/xorg-server/slack-desc/xorg-server-xephyr new file mode 100644 index 000000000..640f3d189 --- /dev/null +++ b/patches/source/xorg-server/slack-desc/xorg-server-xephyr @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xorg-server-xephyr: xorg-server-xephyr (Improved nested X server/client) +xorg-server-xephyr: +xorg-server-xephyr: Xephyr is a nested X-Client like Xnest, but with some additional +xorg-server-xephyr: features like XRender support. +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: +xorg-server-xephyr: diff --git a/patches/source/xorg-server/slack-desc/xorg-server-xnest b/patches/source/xorg-server/slack-desc/xorg-server-xnest new file mode 100644 index 000000000..393f93bdd --- /dev/null +++ b/patches/source/xorg-server/slack-desc/xorg-server-xnest @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xorg-server-xnest: xorg-server-xnest (a nested X server) +xorg-server-xnest: +xorg-server-xnest: Xnest is an experimental nested server for X that acts as both a +xorg-server-xnest: client and a server. Xnest is a client of the real server which +xorg-server-xnest: manages windows and graphics requests on its behalf. Xnest is a +xorg-server-xnest: server to its own clients. Xnest manages windows and graphics +xorg-server-xnest: requests on their behalf. To these clients Xnest appears to be a +xorg-server-xnest: conventional server. +xorg-server-xnest: +xorg-server-xnest: +xorg-server-xnest: diff --git a/patches/source/xorg-server/slack-desc/xorg-server-xvfb b/patches/source/xorg-server/slack-desc/xorg-server-xvfb new file mode 100644 index 000000000..aff9c642c --- /dev/null +++ b/patches/source/xorg-server/slack-desc/xorg-server-xvfb @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xorg-server-xvfb: xorg-server-xvfb (virtual framebuffer X server) +xorg-server-xvfb: +xorg-server-xvfb: Xvfb is an X server that can run on machines with no display hardware +xorg-server-xvfb: and no physical input devices. It emulates a dumb framebuffer using +xorg-server-xvfb: virtual memory. The primary use of this server is intended to be +xorg-server-xvfb: server testing. The mfb or cfb code for any depth can be exercised +xorg-server-xvfb: with this server without the need for real hardware that supports the +xorg-server-xvfb: desired depths. A secondary use is testing clients against unusual +xorg-server-xvfb: depths and screen configurations. +xorg-server-xvfb: +xorg-server-xvfb: diff --git a/patches/source/xorg-server/x11.SlackBuild b/patches/source/xorg-server/x11.SlackBuild new file mode 100755 index 000000000..ca7297082 --- /dev/null +++ b/patches/source/xorg-server/x11.SlackBuild @@ -0,0 +1,364 @@ +#!/bin/sh +# Copyright 2007-2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc driver font xserver ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/xorg-server/xorg-server.SlackBuild b/patches/source/xorg-server/xorg-server.SlackBuild new file mode 100755 index 000000000..688448ec4 --- /dev/null +++ b/patches/source/xorg-server/xorg-server.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild xserver xorg-server +mv /tmp/x11-build/*txz /tmp diff --git a/patches/source/xpdf/doinst.sh b/patches/source/xpdf/doinst.sh new file mode 100644 index 000000000..03a6ae859 --- /dev/null +++ b/patches/source/xpdf/doinst.sh @@ -0,0 +1,19 @@ +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/xpdfrc.new + +if [ -x /usr/bin/update-desktop-database ]; then + /usr/bin/update-desktop-database -q usr/share/applications >/dev/null 2>&1 +fi + diff --git a/patches/source/xpdf/lang/xpdf-arabic.diff b/patches/source/xpdf/lang/xpdf-arabic.diff new file mode 100644 index 000000000..006e836ac --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-arabic.diff @@ -0,0 +1,7 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.102417270 -0500 +@@ -1,3 +1,3 @@ + #----- begin Arabic support package (2011-aug-15) +-unicodeMap ISO-8859-6 /usr/local/share/xpdf/arabic/ISO-8859-6.unicodeMap ++unicodeMap ISO-8859-6 /usr/share/xpdf/arabic/ISO-8859-6.unicodeMap + #----- end Arabic support package diff --git a/patches/source/xpdf/lang/xpdf-chinese-simplified.diff b/patches/source/xpdf/lang/xpdf-chinese-simplified.diff new file mode 100644 index 000000000..bec5e25b1 --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-chinese-simplified.diff @@ -0,0 +1,19 @@ +--- ./add-to-xpdfrc.orig 2011-09-02 17:24:44.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:45:42.020412765 -0500 +@@ -1,9 +1,9 @@ + #----- begin Chinese Simplified support package (2011-sep-02) +-cidToUnicode Adobe-GB1 /usr/local/share/xpdf/chinese-simplified/Adobe-GB1.cidToUnicode +-unicodeMap ISO-2022-CN /usr/local/share/xpdf/chinese-simplified/ISO-2022-CN.unicodeMap +-unicodeMap EUC-CN /usr/local/share/xpdf/chinese-simplified/EUC-CN.unicodeMap +-unicodeMap GBK /usr/local/share/xpdf/chinese-simplified/GBK.unicodeMap +-cMapDir Adobe-GB1 /usr/local/share/xpdf/chinese-simplified/CMap +-toUnicodeDir /usr/local/share/xpdf/chinese-simplified/CMap +-#fontFileCC Adobe-GB1 /usr/..../gkai00mp.ttf ++cidToUnicode Adobe-GB1 /usr/share/xpdf/chinese-simplified/Adobe-GB1.cidToUnicode ++unicodeMap ISO-2022-CN /usr/share/xpdf/chinese-simplified/ISO-2022-CN.unicodeMap ++unicodeMap EUC-CN /usr/share/xpdf/chinese-simplified/EUC-CN.unicodeMap ++unicodeMap GBK /usr/share/xpdf/chinese-simplified/GBK.unicodeMap ++cMapDir Adobe-GB1 /usr/share/xpdf/chinese-simplified/CMap ++toUnicodeDir /usr/share/xpdf/chinese-simplified/CMap ++fontFileCC Adobe-GB1 /usr/share/fonts/TTF/wqy-zenhei.ttc + #----- end Chinese Simplified support package diff --git a/patches/source/xpdf/lang/xpdf-chinese-traditional.diff b/patches/source/xpdf/lang/xpdf-chinese-traditional.diff new file mode 100644 index 000000000..24857f469 --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-chinese-traditional.diff @@ -0,0 +1,17 @@ +--- ./add-to-xpdfrc.orig 2011-09-02 17:24:44.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:46:03.285412085 -0500 +@@ -1,8 +1,8 @@ + #----- begin Chinese Traditional support package (2011-sep-02) +-cidToUnicode Adobe-CNS1 /usr/local/share/xpdf/chinese-traditional/Adobe-CNS1.cidToUnicode +-unicodeMap Big5 /usr/local/share/xpdf/chinese-traditional/Big5.unicodeMap +-unicodeMap Big5ascii /usr/local/share/xpdf/chinese-traditional/Big5ascii.unicodeMap +-cMapDir Adobe-CNS1 /usr/local/share/xpdf/chinese-traditional/CMap +-toUnicodeDir /usr/local/share/xpdf/chinese-traditional/CMap +-#fontFileCC Adobe-CNS1 /usr/..../bkai00mp.ttf ++cidToUnicode Adobe-CNS1 /usr/share/xpdf/chinese-traditional/Adobe-CNS1.cidToUnicode ++unicodeMap Big5 /usr/share/xpdf/chinese-traditional/Big5.unicodeMap ++unicodeMap Big5ascii /usr/share/xpdf/chinese-traditional/Big5ascii.unicodeMap ++cMapDir Adobe-CNS1 /usr/share/xpdf/chinese-traditional/CMap ++toUnicodeDir /usr/share/xpdf/chinese-traditional/CMap ++fontFileCC Adobe-CNS1 /usr/share/fonts/TTF/wqy-zenhei.ttc + #----- end Chinese Traditional support package diff --git a/patches/source/xpdf/lang/xpdf-cyrillic.diff b/patches/source/xpdf/lang/xpdf-cyrillic.diff new file mode 100644 index 000000000..c453271ab --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-cyrillic.diff @@ -0,0 +1,9 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.115417270 -0500 +@@ -1,4 +1,4 @@ + #----- begin Cyrillic support package (2011-aug-15) +-nameToUnicode /usr/local/share/xpdf/cyrillic/Bulgarian.nameToUnicode +-unicodeMap KOI8-R /usr/local/share/xpdf/cyrillic/KOI8-R.unicodeMap ++nameToUnicode /usr/share/xpdf/cyrillic/Bulgarian.nameToUnicode ++unicodeMap KOI8-R /usr/share/xpdf/cyrillic/KOI8-R.unicodeMap + #----- end Cyrillic support package diff --git a/patches/source/xpdf/lang/xpdf-greek.diff b/patches/source/xpdf/lang/xpdf-greek.diff new file mode 100644 index 000000000..2e846160f --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-greek.diff @@ -0,0 +1,9 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.116417270 -0500 +@@ -1,4 +1,4 @@ + #----- begin Greek support package (2011-aug-15) +-nameToUnicode /usr/local/share/xpdf/greek/Greek.nameToUnicode +-unicodeMap ISO-8859-7 /usr/local/share/xpdf/greek/ISO-8859-7.unicodeMap ++nameToUnicode /usr/share/xpdf/greek/Greek.nameToUnicode ++unicodeMap ISO-8859-7 /usr/share/xpdf/greek/ISO-8859-7.unicodeMap + #----- end Greek support package diff --git a/patches/source/xpdf/lang/xpdf-hebrew.diff b/patches/source/xpdf/lang/xpdf-hebrew.diff new file mode 100644 index 000000000..2c27bb6fd --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-hebrew.diff @@ -0,0 +1,9 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.117417269 -0500 +@@ -1,4 +1,4 @@ + #----- begin Hebrew support package (2011-aug-15) +-unicodeMap ISO-8859-8 /usr/local/share/xpdf/hebrew/ISO-8859-8.unicodeMap +-unicodeMap Windows-1255 /usr/local/share/xpdf/hebrew/Windows-1255.unicodeMap ++unicodeMap ISO-8859-8 /usr/share/xpdf/hebrew/ISO-8859-8.unicodeMap ++unicodeMap Windows-1255 /usr/share/xpdf/hebrew/Windows-1255.unicodeMap + #----- end Hebrew support package diff --git a/patches/source/xpdf/lang/xpdf-japanese.diff b/patches/source/xpdf/lang/xpdf-japanese.diff new file mode 100644 index 000000000..ff0c6e981 --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-japanese.diff @@ -0,0 +1,55 @@ +--- ./add-to-xpdfrc.orig 2013-03-29 14:49:00.000000000 +0900 ++++ ./add-to-xpdfrc 2013-03-29 15:00:17.000000000 +0900 +@@ -1,9 +1,45 @@ + #----- begin Japanese support package (2011-sep-02) +-cidToUnicode Adobe-Japan1 /usr/local/share/xpdf/japanese/Adobe-Japan1.cidToUnicode +-unicodeMap ISO-2022-JP /usr/local/share/xpdf/japanese/ISO-2022-JP.unicodeMap +-unicodeMap EUC-JP /usr/local/share/xpdf/japanese/EUC-JP.unicodeMap +-unicodeMap Shift-JIS /usr/local/share/xpdf/japanese/Shift-JIS.unicodeMap +-cMapDir Adobe-Japan1 /usr/local/share/xpdf/japanese/CMap +-toUnicodeDir /usr/local/share/xpdf/japanese/CMap +-#fontFileCC Adobe-Japan1 /usr/..../kochi-mincho.ttf ++cidToUnicode Adobe-Japan1 /usr/share/xpdf/japanese/Adobe-Japan1.cidToUnicode ++unicodeMap ISO-2022-JP /usr/share/xpdf/japanese/ISO-2022-JP.unicodeMap ++unicodeMap EUC-JP /usr/share/xpdf/japanese/EUC-JP.unicodeMap ++unicodeMap Shift-JIS /usr/share/xpdf/japanese/Shift-JIS.unicodeMap ++cMapDir Adobe-Japan1 /usr/share/xpdf/japanese/CMap ++toUnicodeDir /usr/share/xpdf/japanese/CMap ++### use Sazanami by default ++fontFileCC Adobe-Japan1 /usr/share/fonts/TTF/sazanami-mincho.ttf ++### use Sazanami (Sazanami Gothic) if gothic font is required ++fontFileCC ShinGo-Bold /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC ShinGo-regular /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC MidashiGo-MB31 /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC FutoGoB101-Bold /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC HeiseiKakuGo-W5 /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC HeiseiKakuGo-W9 /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC HeiseiMaruGo-W4 /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC MS-Gothic /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC HG-GothicB /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC Kochi-Gothic /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC GothicBBB-Medium-H /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC GothicBBB-Medium /usr/share/fonts/TTF/sazanami-gothic.ttf ++fontFileCC Ryumin-Light-H /usr/share/fonts/TTF/sazanami-mincho.ttf ++fontFileCC Ryumin-Light /usr/share/fonts/TTF/sazanami-mincho.ttf ++### make default font name to "Ryumin-Light" when converted to PostScript ++psResidentFontCC Adobe-Japan1 H Ryumin-Light-H ISO-2022-JP ++psResidentFontCC Adobe-Japan1 V Ryumin-Light-V ISO-2022-JP ++# use "Gothic-BBB-Medium" if gothic font is required ++psResidentFont16 MidashiGo-MB31 H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 MidashiGo-MB31 V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 FutoGoB101-Bold H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 FutoGoB101-Bold V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 HeiseiKakuGo-W5 H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 HeiseiKakuGo-W5 V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 HeiseiKakuGo-W9 H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 HeiseiKakuGo-W9 V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 HeiseiMaruGo-W4 H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 HeiseiMaruGo-W4 V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 MS-Gothic H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 MS-Gothic V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 HG-GothicB H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 HG-GothicB V GothicBBB-Medium-V ISO-2022-JP ++psResidentFont16 Kochi-Gothic H GothicBBB-Medium-H ISO-2022-JP ++psResidentFont16 Kochi-Gothic V GothicBBB-Medium-V ISO-2022-JP + #----- end Japanese support package diff --git a/patches/source/xpdf/lang/xpdf-korean.diff b/patches/source/xpdf/lang/xpdf-korean.diff new file mode 100644 index 000000000..531ad6292 --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-korean.diff @@ -0,0 +1,15 @@ +--- ./add-to-xpdfrc.orig 2011-09-02 17:24:45.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.119417269 -0500 +@@ -1,8 +1,8 @@ + #----- begin Korean support package (2011-sep-02) +-cidToUnicode Adobe-Korea1 /usr/local/share/xpdf/korean/Adobe-Korea1.cidToUnicode +-unicodeMap ISO-2022-KR /usr/local/share/xpdf/korean/ISO-2022-KR.unicodeMap +-cMapDir Adobe-Korea1 /usr/local/share/xpdf/korean/CMap +-toUnicodeDir /usr/local/share/xpdf/korean/CMap ++cidToUnicode Adobe-Korea1 /usr/share/xpdf/korean/Adobe-Korea1.cidToUnicode ++unicodeMap ISO-2022-KR /usr/share/xpdf/korean/ISO-2022-KR.unicodeMap ++cMapDir Adobe-Korea1 /usr/share/xpdf/korean/CMap ++toUnicodeDir /usr/share/xpdf/korean/CMap + #fontFileCC Adobe-Korea1 /usr/..../batang.ttf" + #fontFileCC Unidocs-Korea1 /usr/..../batang.ttf" + #----- end Korean support package diff --git a/patches/source/xpdf/lang/xpdf-latin2.diff b/patches/source/xpdf/lang/xpdf-latin2.diff new file mode 100644 index 000000000..cf88fa023 --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-latin2.diff @@ -0,0 +1,7 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.120417269 -0500 +@@ -1,3 +1,3 @@ + #----- begin Latin2 support package (2011-aug-15) +-unicodeMap Latin2 /usr/local/share/xpdf/latin2/Latin2.unicodeMap ++unicodeMap Latin2 /usr/share/xpdf/latin2/Latin2.unicodeMap + #----- end Latin2 support package diff --git a/patches/source/xpdf/lang/xpdf-thai.diff b/patches/source/xpdf/lang/xpdf-thai.diff new file mode 100644 index 000000000..30c480efb --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-thai.diff @@ -0,0 +1,9 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.121417269 -0500 +@@ -1,4 +1,4 @@ + #----- begin Thai support package (2011-aug-15) +-nameToUnicode /usr/local/share/xpdf/thai/Thai.nameToUnicode +-unicodeMap TIS-620 /usr/local/share/xpdf/thai/TIS-620.unicodeMap ++nameToUnicode /usr/share/xpdf/thai/Thai.nameToUnicode ++unicodeMap TIS-620 /usr/share/xpdf/thai/TIS-620.unicodeMap + #----- end Thai support package diff --git a/patches/source/xpdf/lang/xpdf-turkish.diff b/patches/source/xpdf/lang/xpdf-turkish.diff new file mode 100644 index 000000000..81a79cff7 --- /dev/null +++ b/patches/source/xpdf/lang/xpdf-turkish.diff @@ -0,0 +1,7 @@ +--- ./add-to-xpdfrc.orig 2011-08-15 16:24:29.000000000 -0500 ++++ ./add-to-xpdfrc 2013-03-28 15:43:21.122417269 -0500 +@@ -1,3 +1,3 @@ + #----- begin Turkish support package (2011-aug-15) +-unicodeMap ISO-8859-9 /usr/local/share/xpdf/turkish/ISO-8859-9.unicodeMap ++unicodeMap ISO-8859-9 /usr/share/xpdf/turkish/ISO-8859-9.unicodeMap + #----- end Turkish support package diff --git a/patches/source/xpdf/patches/xpdf-3.03-CVE-2012-2142.diff b/patches/source/xpdf/patches/xpdf-3.03-CVE-2012-2142.diff new file mode 100644 index 000000000..891c41fd3 --- /dev/null +++ b/patches/source/xpdf/patches/xpdf-3.03-CVE-2012-2142.diff @@ -0,0 +1,55 @@ +From 3945969e0072217c143fefa3044512a31ac2afa8 Mon Sep 17 00:00:00 2001 +From: mancha <mancha1@hush.com> +Date: Sun, 11 Aug 2013 +Subject: CVE-2012-2142 + +Filter stuff that might end up in the shell to address CVE-2012-2142. +This code was adapted from the Poppler project. +--- + Error.cc | 21 ++++++++++++++++----- + 1 file changed, 16 insertions(+), 5 deletions(-) + +--- a/xpdf/Error.cc 2013-08-11 ++++ b/xpdf/Error.cc 2013-08-11 +@@ -43,7 +43,7 @@ void setErrorCallback(void (*cbk)(void * + + void CDECL error(ErrorCategory category, int pos, const char *msg, ...) { + va_list args; +- GString *s; ++ GString *s, *sanitized; + + // NB: this can be called before the globalParams object is created + if (!errorCbk && globalParams && globalParams->getErrQuiet()) { +@@ -52,17 +52,28 @@ void CDECL error(ErrorCategory category, + va_start(args, msg); + s = GString::formatv(msg, args); + va_end(args); ++ ++ sanitized = new GString (); ++ for (int i = 0; i < s->getLength(); ++i) { ++ const char c = s->getChar(i); ++ if (c < (char)0x20 || c >= (char)0x7f) { ++ sanitized->appendf("<{0:02x}>", c & 0xff); ++ } else { ++ sanitized->append(c); ++ } ++ } ++ + if (errorCbk) { +- (*errorCbk)(errorCbkData, category, pos, s->getCString()); ++ (*errorCbk)(errorCbkData, category, pos, sanitized->getCString()); + } else { + if (pos >= 0) { + fprintf(stderr, "%s (%d): %s\n", +- errorCategoryNames[category], pos, s->getCString()); ++ errorCategoryNames[category], pos, sanitized->getCString()); + } else { + fprintf(stderr, "%s: %s\n", +- errorCategoryNames[category], s->getCString()); ++ errorCategoryNames[category], sanitized->getCString()); + } + fflush(stderr); + } +- delete s; ++ delete sanitized; + } diff --git a/patches/source/xpdf/patches/xpdf.XPDFViewer.diff b/patches/source/xpdf/patches/xpdf.XPDFViewer.diff new file mode 100644 index 000000000..0aa4455d5 --- /dev/null +++ b/patches/source/xpdf/patches/xpdf.XPDFViewer.diff @@ -0,0 +1,11 @@ +--- ./xpdf/XPDFViewer.cc.orig 2011-08-15 16:08:53.000000000 -0500 ++++ ./xpdf/XPDFViewer.cc 2013-03-28 15:35:31.589432279 -0500 +@@ -1803,7 +1803,7 @@ + menuPane = XmCreatePulldownMenu(toolBar, "zoomMenuPane", args, n); + for (i = 0; i < nZoomMenuItems; ++i) { + n = 0; +- s = XmStringCreateLocalized(zoomMenuInfo[i].label); ++ s = XmStringCreateLocalized((char *)zoomMenuInfo[i].label); + XtSetArg(args[n], XmNlabelString, s); ++n; + XtSetArg(args[n], XmNuserData, (XtPointer)i); ++n; + sprintf(buf, "zoom%d", i); diff --git a/patches/source/xpdf/patches/xpdfrc.diff b/patches/source/xpdf/patches/xpdfrc.diff new file mode 100644 index 000000000..c136f9970 --- /dev/null +++ b/patches/source/xpdf/patches/xpdfrc.diff @@ -0,0 +1,43 @@ +--- ./doc/sample-xpdfrc.orig 2013-03-28 15:29:16.957444255 -0500 ++++ ./doc/sample-xpdfrc 2013-03-28 15:32:11.413438678 -0500 +@@ -29,20 +29,20 @@ + # installed in a "standard" location, xpdf will find them + # automatically.) + +-#fontFile Times-Roman /usr/local/share/ghostscript/fonts/n021003l.pfb +-#fontFile Times-Italic /usr/local/share/ghostscript/fonts/n021023l.pfb +-#fontFile Times-Bold /usr/local/share/ghostscript/fonts/n021004l.pfb +-#fontFile Times-BoldItalic /usr/local/share/ghostscript/fonts/n021024l.pfb +-#fontFile Helvetica /usr/local/share/ghostscript/fonts/n019003l.pfb +-#fontFile Helvetica-Oblique /usr/local/share/ghostscript/fonts/n019023l.pfb +-#fontFile Helvetica-Bold /usr/local/share/ghostscript/fonts/n019004l.pfb +-#fontFile Helvetica-BoldOblique /usr/local/share/ghostscript/fonts/n019024l.pfb +-#fontFile Courier /usr/local/share/ghostscript/fonts/n022003l.pfb +-#fontFile Courier-Oblique /usr/local/share/ghostscript/fonts/n022023l.pfb +-#fontFile Courier-Bold /usr/local/share/ghostscript/fonts/n022004l.pfb +-#fontFile Courier-BoldOblique /usr/local/share/ghostscript/fonts/n022024l.pfb +-#fontFile Symbol /usr/local/share/ghostscript/fonts/s050000l.pfb +-#fontFile ZapfDingbats /usr/local/share/ghostscript/fonts/d050000l.pfb ++fontFile Times-Roman /usr/share/ghostscript/fonts/n021003l.pfb ++fontFile Times-Italic /usr/share/ghostscript/fonts/n021023l.pfb ++fontFile Times-Bold /usr/share/ghostscript/fonts/n021004l.pfb ++fontFile Times-BoldItalic /usr/share/ghostscript/fonts/n021024l.pfb ++fontFile Helvetica /usr/share/ghostscript/fonts/n019003l.pfb ++fontFile Helvetica-Oblique /usr/share/ghostscript/fonts/n019023l.pfb ++fontFile Helvetica-Bold /usr/share/ghostscript/fonts/n019004l.pfb ++fontFile Helvetica-BoldOblique /usr/share/ghostscript/fonts/n019024l.pfb ++fontFile Courier /usr/share/ghostscript/fonts/n022003l.pfb ++fontFile Courier-Oblique /usr/share/ghostscript/fonts/n022023l.pfb ++fontFile Courier-Bold /usr/share/ghostscript/fonts/n022004l.pfb ++fontFile Courier-BoldOblique /usr/share/ghostscript/fonts/n022024l.pfb ++fontFile Symbol /usr/share/ghostscript/fonts/s050000l.pfb ++fontFile ZapfDingbats /usr/share/ghostscript/fonts/d050000l.pfb + + # If you need to display PDF files that refer to non-embedded fonts, + # you should add one or more fontDir options to point to the +@@ -89,4 +89,4 @@ + # clicked. + + #launchCommand viewer-script +-#urlCommand "netscape -remote 'openURL(%s)'" ++#urlCommand "firefox -remote 'openURL(%s)'" diff --git a/patches/source/xpdf/slack-desc b/patches/source/xpdf/slack-desc new file mode 100644 index 000000000..58072776f --- /dev/null +++ b/patches/source/xpdf/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xpdf: xpdf (PDF viewer for X) +xpdf: +xpdf: Xpdf is a viewer for Portable Document Format (PDF) files. +xpdf: +xpdf: xpdf was written by Derek B. Noonburg. +xpdf: +xpdf: +xpdf: +xpdf: +xpdf: +xpdf: diff --git a/patches/source/xpdf/xpdf.SlackBuild b/patches/source/xpdf/xpdf.SlackBuild new file mode 100755 index 000000000..f9d3908fe --- /dev/null +++ b/patches/source/xpdf/xpdf.SlackBuild @@ -0,0 +1,151 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=3.03 +PATCHLEVEL= +BUILD=${BUILD:-1_slack13.0} + +NUMJOBS=${NUMJOBS:-" -j7 "} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" +else + SLKCFLAGS="-O2" + LIBDIRSUFFIX="" +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-xpdf + +rm -rf $PKG +mkdir -p $TMP $PKG + +cd $TMP +rm -rf xpdf-$VERSION +tar xvf $CWD/xpdf-$VERSION.tar.?z || exit 1 +cd xpdf-$VERSION || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +zcat $CWD/patches/xpdfrc.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/xpdf.XPDFViewer.diff.gz | patch -p1 --verbose || exit 1 +zcat $CWD/patches/xpdf-3.03-CVE-2012-2142.diff.gz | patch -p1 --verbose || exit 1 + +CFLAGS="$SLKCFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --mandir=/usr/man \ + --sysconfdir=/etc \ + --with-freetype2-includes=/usr/include/freetype2 \ + --build=$ARCH-slackware-linux || exit 1 + +make $NUMJOBS || make || exit 1 +make install DESTDIR=$PKG || exit 1 + +chmod 0755 $PKG/usr/bin/* +gzip -9 $PKG/usr/man/man?/* + +# We'll use the versions of these from the poppler derived work (if they exist here): +( cd $PKG/usr/bin + rm -f pdfinfo pdftops pdftoppm pdftohtml pdftotext pdfimages pdffonts + cd $PKG/usr/man/man1 + for file in pdfinfo pdftops pdftoppm pdftohtml pdftotext pdfimages pdffonts ; do + rm -f ${file}.1.gz + done +) + +# Don't clobber /etc/xpdfrc +mkdir -p $PKG/etc +cat doc/sample-xpdfrc > $PKG/etc/xpdfrc +mv $PKG/etc/xpdfrc $PKG/etc/xpdfrc.new + +# Add desktop menu entry and icon +mkdir -p $PKG/usr/share/{applications,pixmaps} +cat $CWD/xpdf.desktop > $PKG/usr/share/applications/xpdf.desktop +cat xpdf/xpdfIcon.xpm > $PKG/usr/share/pixmaps/xpdfIcon.xpm + +# Add additional language support: +for language in xpdf-arabic xpdf-chinese-simplified xpdf-chinese-traditional xpdf-cyrillic xpdf-greek xpdf-hebrew xpdf-japanese xpdf-korean xpdf-latin2 xpdf-thai xpdf-turkish ; do + rm -rf ${language} + tar xf $CWD/lang/${language}*.tar.gz + ( cd ${language} + echo "Patching for ${language}:" + zcat $CWD/lang/${language}.diff.gz | patch -p1 --verbose --backup --suffix=.orig || exit 1 + chown -R root:root . + find . -type f -exec chmod 644 {} \; + cat add-to-xpdfrc >> $PKG/etc/xpdfrc.new + mkdir -p $PKG/usr/share/xpdf/$(echo ${language} | cut -f2- -d -) + cp -a * $PKG/usr/share/xpdf/$(echo ${language} | cut -f2- -d -) + ) || exit 1 +done + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/usr/doc/xpdf-$VERSION +cp -a \ + ANNOUNCE CHANGES COPYING INSTALL README \ + $PKG/usr/doc/xpdf-$VERSION +chmod 0644 $PKG/usr/doc/xpdf-$VERSION/* + +# If there's a ChangeLog, installing at least part of the recent history +# is useful, but don't let it get totally out of control: +if [ -r CHANGES ]; then + DOCSDIR=$(echo $PKG/usr/doc/*-$VERSION) + cat CHANGES | head -n 1000 > $DOCSDIR/CHANGES + touch -r CHANGES $DOCSDIR/CHANGES +fi + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +# Build the package: +cd $PKG +/sbin/makepkg -l y -c n $TMP/xpdf-${VERSION}${PATCHLEVEL}-$ARCH-$BUILD.txz + diff --git a/patches/source/xpdf/xpdf.desktop b/patches/source/xpdf/xpdf.desktop new file mode 100644 index 000000000..51d1a5a6d --- /dev/null +++ b/patches/source/xpdf/xpdf.desktop @@ -0,0 +1,98 @@ +[Desktop Entry] +Name=X PDF +Name[bn]=à¦à¦•à§à¦¸ পি-ডি-à¦à¦« +Name[de]=X-PDF +Name[eo]=XPDF +Name[es]=PDF para X +Name[fr]=XPDF +Name[hi]=à¤à¤•à¥à¤¸ पीडीà¤à¤« +Name[ko]=Xìš© PDF +Name[mn]=X-PDF +Name[nds]=X-PDF +Name[te]=à°Žà°•à±à°¸à± పిడిఎఫౠ+MimeType=application/pdf; +GenericName=PDF Viewer +GenericName[af]=Pdf Aansig +GenericName[ar]=عارض الملÙات PDF +GenericName[az]=PDF Nümayişçisi +GenericName[be]=ПраглÑдальнік PDF +GenericName[bg]=Преглед на PDF документи +GenericName[bn]=পি-ডি-à¦à¦« পà§à¦°à¦¦à¦°à§à¦¶à¦• +GenericName[br]=Gweler PDF +GenericName[bs]=Preglednik PDF dokumenata +GenericName[ca]=Visor PDF +GenericName[cs]=ProhlÞeÄ PDF souborů +GenericName[csb]=Przezérnik PDF +GenericName[cy]=Gwelydd PDF +GenericName[da]=PDF-fremviser +GenericName[de]=PDF-Betrachter +GenericName[el]=Î ÏοβολÎας PDF +GenericName[eo]=PDF-rigardilo +GenericName[es]=Visor de documentos PDF +GenericName[et]=PDF failide vaatamine +GenericName[eu]=PDF ikustailua +GenericName[fa]=مشاهده‌گر PDF +GenericName[fi]=PDF-näytin +GenericName[fo]=PDF-vÃsari +GenericName[fr]=Afficheur PDF +GenericName[fy]=PDF-werjefteprogramma +GenericName[ga]=Amharcán PDF +GenericName[gl]=Visualizador de PDF +GenericName[he]=מציג קבצי PDF +GenericName[hi]=पीडीà¤à¤« पà¥à¤°à¤¦à¤°à¥à¤¶à¤• +GenericName[hr]=Preglednik PDF dokumenata +GenericName[hu]=PDF-nézegetÅ‘ +GenericName[id]=Viewer PDF +GenericName[is]=PDF-sjá +GenericName[it]=Visualizzatore PDF +GenericName[ja]=PDF ビューア +GenericName[kk]=PDF қарау құралы +GenericName[km]=កម្មវិធី​មើល PDF +GenericName[ko]=PDF 보기 +GenericName[lo]=ສະà»àº”ງຜົນPDF +GenericName[lt]=PDF ŽiÅ«riklis +GenericName[lv]=PDF SkatÄ«tÄjs +GenericName[mk]=Прегледувач на PDF +GenericName[mn]=PDF-Харагч +GenericName[ms]=Pemapar PDF +GenericName[mt]=Werrej PDF +GenericName[nb]=PDF-leser +GenericName[nds]=Kieker för PDF-Dateien +GenericName[ne]=PDF दरà¥à¤¶à¤• +GenericName[nl]=PDF-weergaveprogramma +GenericName[nn]=PDF-lesar +GenericName[nso]=Molebeledi wa PDF +GenericName[oc]=Visualisor PDF +GenericName[pa]=PDF ਦਰਸ਼ਕ +GenericName[pl]=PrzeglÄ…darka plików PDF +GenericName[pt]=Visualizador de PDFs +GenericName[pt_BR]=Visualizador de arquivos PDF +GenericName[ro]=Vizualizor de documente PDF +GenericName[ru]=ПроÑмотр PDF +GenericName[rw]=Mugaragaza PDF +GenericName[se]=PDF-logan +GenericName[sk]=PrehliadaÄ PDF súborov +GenericName[sl]=Pregledovalnik datotek PDF +GenericName[sr]=PDF приказивач +GenericName[sr@Latn]=PDF prikazivaÄ +GenericName[ss]=Sibuki se PDF +GenericName[sv]=PDF-visare +GenericName[ta]=PDF காடà¯à®šà®¿ +GenericName[tg]=Ðамоишгари PDF +GenericName[th]=ตัวà¹à¸ªà¸”งผล PDF +GenericName[tr]=PDF Görüntüleyici +GenericName[tt]=PDF Kürsätkeç +GenericName[uk]=ПереглÑдач PDF +GenericName[uz]=PDF кўрувчи +GenericName[ven]=Tshivhoni tsha PDF +GenericName[vi]=Trình xem PDF +GenericName[wa]=HÃ¥yneu di documints PDF +GenericName[zh_CN]=PDF 查看器 +GenericName[zh_TW]=PDF æª¢è¦–ç¨‹å¼ +GenericName[zu]=Umbukisi we-PDF +Exec=xpdf +Icon=xpdfIcon +Type=Application +Terminal=false +X-KDE-StartupNotify=false +Categories=Graphics; diff --git a/patches/source/xproto/arch.use.flags b/patches/source/xproto/arch.use.flags new file mode 100644 index 000000000..11087c884 --- /dev/null +++ b/patches/source/xproto/arch.use.flags @@ -0,0 +1,9 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/xproto/build/xproto b/patches/source/xproto/build/xproto new file mode 100644 index 000000000..1551cb6a4 --- /dev/null +++ b/patches/source/xproto/build/xproto @@ -0,0 +1 @@ +1_slack13.0 diff --git a/patches/source/xproto/configure/configure b/patches/source/xproto/configure/configure new file mode 100644 index 000000000..dcb1109bd --- /dev/null +++ b/patches/source/xproto/configure/configure @@ -0,0 +1,13 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --with-udev-rules-dir=/lib/udev/rules.d \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/xproto/modularize b/patches/source/xproto/modularize new file mode 100644 index 000000000..8a28ed93e --- /dev/null +++ b/patches/source/xproto/modularize @@ -0,0 +1,279 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +damageproto +dmxproto +dri2proto +dri3proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glamor-egl +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libFS +libICE +libSM +libX11 +libXScrnSaver +libXau +libXaw +libXaw3d +libXcm +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXpresent +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxshmfence +listres +lndir +luit +makedepend +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +presentproto +printproto +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +transset +twm +util-macros +videoproto +viewres +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xcb-util-cursor +xcb-util-errors +xcb-util-image +xcb-util-keysyms +xcb-util-renderutil +xcb-util-wm +xclipboard +xclock +xcm +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-amdgpu +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-geode +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-modesetting +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nv +xf86-video-omap +xf86-video-openchrome +xf86-video-qxl +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xfd +xfontsel +xfs +xfsinfo +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-server-xephyr +xorg-server-xnest +xorg-server-xvfb +xorg-sgml-doctools +xpr +xprop +xproto +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetroot +xsm +xstdcmap +xtrans +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/xproto/noarch b/patches/source/xproto/noarch new file mode 100644 index 000000000..8785ee527 --- /dev/null +++ b/patches/source/xproto/noarch @@ -0,0 +1,75 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scrnsaverproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-docs +xproto +xtrans diff --git a/patches/source/xproto/package-blacklist b/patches/source/xproto/package-blacklist new file mode 100644 index 000000000..603b8c31f --- /dev/null +++ b/patches/source/xproto/package-blacklist @@ -0,0 +1,44 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# ARM only packages: +# They also say in the README for this one that it is not yet ready: +xf86-video-omap + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx +xf86-video-modesetting + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/xproto/post-install/xproto.post-install b/patches/source/xproto/post-install/xproto.post-install new file mode 100644 index 000000000..5a3b79b3b --- /dev/null +++ b/patches/source/xproto/post-install/xproto.post-install @@ -0,0 +1,2 @@ +# bloat +rm -rf $PKG/usr/doc/xproto diff --git a/patches/source/xproto/slack-desc/xproto b/patches/source/xproto/slack-desc/xproto new file mode 100644 index 000000000..1c230b1e3 --- /dev/null +++ b/patches/source/xproto/slack-desc/xproto @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xproto: xproto (C prototypes for X Window System Core Protocol) +xproto: +xproto: xproto is part of X11. +xproto: +xproto: For more information about the X.Org Foundation (the providers of the +xproto: X.Org implementation of the X Window System), see their website: +xproto: +xproto: http://www.x.org +xproto: +xproto: +xproto: diff --git a/patches/source/xproto/x11.SlackBuild b/patches/source/xproto/x11.SlackBuild new file mode 100755 index 000000000..c3887dff2 --- /dev/null +++ b/patches/source/xproto/x11.SlackBuild @@ -0,0 +1,381 @@ +#!/bin/sh +# Copyright 2007-2014 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +# Upgrade packages as they are built. +# Default is to upgrade new packages (UPGRADE_PACKAGES=yes). +# To install ALL newly built packages (even if they are already installed), +# use UPGRADE_PACKAGES=always +# To not upgrade, pass UPGRADE_PACKAGES=no +UPGRADE_PACKAGES=${UPGRADE_PACKAGES:-yes} + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc xserver driver font ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + if [ "$UPGRADE_PACKAGES" = "yes" ]; then + /sbin/upgradepkg --install-new ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + elif [ "$UPGRADE_PACKAGES" = "always" ]; then + /sbin/upgradepkg --install-new --reinstall ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/xproto/xproto.SlackBuild b/patches/source/xproto/xproto.SlackBuild new file mode 100755 index 000000000..34af847e3 --- /dev/null +++ b/patches/source/xproto/xproto.SlackBuild @@ -0,0 +1,2 @@ +UPGRADE_PACKAGES=no ./x11.SlackBuild proto xproto +mv /tmp/x11-build/xproto*txz /tmp diff --git a/patches/source/xrdb/arch.use.flags b/patches/source/xrdb/arch.use.flags new file mode 100644 index 000000000..f28a6ccab --- /dev/null +++ b/patches/source/xrdb/arch.use.flags @@ -0,0 +1,7 @@ +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi diff --git a/patches/source/xrdb/build/xrdb b/patches/source/xrdb/build/xrdb new file mode 100644 index 000000000..1551cb6a4 --- /dev/null +++ b/patches/source/xrdb/build/xrdb @@ -0,0 +1 @@ +1_slack13.0 diff --git a/patches/source/xrdb/configure/configure b/patches/source/xrdb/configure/configure new file mode 100644 index 000000000..0f3bccf24 --- /dev/null +++ b/patches/source/xrdb/configure/configure @@ -0,0 +1,12 @@ +CFLAGS=$SLKCFLAGS \ +CXXFLAGS=$SLKCFLAGS \ +./configure \ + --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --sysconfdir=/etc \ + --localstatedir=/var \ + --infodir=/usr/info \ + --mandir=/usr/man \ + --docdir=/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} \ + --disable-static \ + --build=$ARCH-slackware-linux diff --git a/patches/source/xrdb/modularize b/patches/source/xrdb/modularize new file mode 100644 index 000000000..47da583fd --- /dev/null +++ b/patches/source/xrdb/modularize @@ -0,0 +1,293 @@ +# If a package is listed here, it will be built apart from the +# usual "grab bag" package that's made from each source directory. + +applewmproto +appres +bdftopcf +beforelight +bigreqsproto +bitmap +compiz +compositeproto +constype +damageproto +dmxproto +dri2proto +editres +encodings +evieext +fixesproto +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-util +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +fonttosfnt +fslsfonts +fstobdf +gccmakedep +glproto +iceauth +ico +imake +inputproto +intel-gpu-tools +kbproto +libAppleWM +libFS +libICE +libSM +libWindowsWM +libX11 +libXScrnSaver +libXTrap +libXau +libXaw +libXcomposite +libXcursor +libXdamage +libXdmcp +libXevie +libXext +libXfixes +libXfont +libXfontcache +libXft +libXi +libXinerama +libXmu +libXp +libXpm +libXprintAppUtil +libXprintUtil +libXrandr +libXrender +libXres +libXt +libXtst +libXv +libXvMC +libXxf86dga +libXxf86misc +libXxf86vm +libdmx +libfontenc +libpciaccess +libpthread-stubs +libxcb +libxkbfile +libxkbui +listres +lndir +luit +makedepend +mkcfm +mkcomposecache +mkfontdir +mkfontscale +oclock +pixman +printproto +proxymngr +randrproto +recordproto +rendercheck +renderproto +resourceproto +rgb +rstart +scripts +scrnsaverproto +sessreg +setxkbmap +showfont +smproxy +trapproto +twm +util-macros +videoproto +viewres +windowswmproto +x11perf +xauth +xbacklight +xbiff +xbitmaps +xcalc +xcb-proto +xcb-util +xclipboard +xclock +xcmiscproto +xcmsdb +xcompmgr +xconsole +xcursor-themes +xcursorgen +xdbedizzy +xditview +xdm +xdpyinfo +xdriinfo +xedit +xev +xextproto +xeyes +xf86-input-acecad +xf86-input-aiptek +xf86-input-citron +xf86-input-evdev +xf86-input-joystick +xf86-input-keyboard +xf86-input-mouse +xf86-input-penmount +xf86-input-synaptics +xf86-input-vmmouse +xf86-input-void +xf86-input-wacom +xf86-video-geode +xf86-video-apm +xf86-video-ark +xf86-video-ast +xf86-video-ati +xf86-video-chips +xf86-video-cirrus +xf86-video-dummy +xf86-video-fbdev +xf86-video-glint +xf86-video-i128 +xf86-video-i740 +xf86-video-i810 +xf86-video-intel +xf86-video-mach64 +xf86-video-mga +xf86-video-neomagic +xf86-video-nouveau +xf86-video-nsc +xf86-video-nv +xf86-video-openchrome +xf86-video-r128 +xf86-video-rendition +xf86-video-s3 +xf86-video-s3virge +xf86-video-savage +xf86-video-siliconmotion +xf86-video-sis +xf86-video-sisusb +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx +xf86-video-tdfx +xf86-video-tga +xf86-video-trident +xf86-video-tseng +xf86-video-v4l +xf86-video-vesa +xf86-video-vmware +xf86-video-voodoo +xf86-video-wsfb +xf86-video-xgi +xf86-video-xgixp +xf86bigfontproto +xf86dga +xf86dgaproto +xf86driproto +xf86miscproto +xf86rushproto +xf86vidmodeproto +xfd +xfindproxy +xfontsel +xfs +xfsinfo +xfwp +xgamma +xgc +xhost +xineramaproto +xinit +xinput +xkbcomp +xkbevd +xkbprint +xkbutils +xkeyboard-config +xkill +xload +xlogo +xlsatoms +xlsclients +xlsfonts +xmag +xman +xmessage +xmh +xmodmap +xmore +xorg-cf-files +xorg-docs +xorg-server +xorg-sgml-doctools +xphelloworld +xplsprinters +xpr +xprehashprinterlist +xprop +xproto +xproxymanagementprotocol +xpyb +xrandr +xrdb +xrefresh +xscope +xset +xsetmode +xsetpointer +xsetroot +xsm +xstdcmap +xtrans +xtrap +xvidtune +xvinfo +xwd +xwininfo +xwud diff --git a/patches/source/xrdb/noarch b/patches/source/xrdb/noarch new file mode 100644 index 000000000..79eb0e569 --- /dev/null +++ b/patches/source/xrdb/noarch @@ -0,0 +1,81 @@ +# List packages with an $ARCH of "noarch" (i.e. packages +# that contain no binaries) here: +bigreqsproto +compositeproto +damageproto +dejavu-ttf +dmxproto +encodings +evieext +font-adobe-100dpi +font-adobe-75dpi +font-adobe-utopia-100dpi +font-adobe-utopia-75dpi +font-adobe-utopia-type1 +font-alias +font-arabic-misc +font-bh-100dpi +font-bh-75dpi +font-bh-lucidatypewriter-100dpi +font-bh-lucidatypewriter-75dpi +font-bh-ttf +font-bh-type1 +font-bitstream-100dpi +font-bitstream-75dpi +font-bitstream-speedo +font-bitstream-type1 +font-cronyx-cyrillic +font-cursor-misc +font-daewoo-misc +font-dec-misc +font-ibm-type1 +font-isas-misc +font-jis-misc +font-micro-misc +font-misc-cyrillic +font-misc-ethiopic +font-misc-meltho +font-misc-misc +font-mutt-misc +font-schumacher-misc +font-screen-cyrillic +font-sony-misc +font-sun-misc +font-winitzki-cyrillic +font-xfree86-type1 +fontcacheproto +fontsproto +gccmakedep +glproto +inputproto +kbproto +libpthread-stubs +mkfontdir +printproto +randrproto +recordproto +renderproto +resourceproto +scripts +scrnsaverproto +trapproto +ttf-indic-fonts +util-macros +videoproto +x11-skel +xcb-proto +xcmiscproto +xcursor-themes +xf86bigfontproto +xf86dgaproto +xf86driproto +xf86miscproto +xf86rushproto +xf86vidmodeproto +xineramaproto +xkeyboard-config +xorg-cf-files +xorg-docs +xproto +xproxymanagementprotocol +xtrans diff --git a/patches/source/xrdb/package-blacklist b/patches/source/xrdb/package-blacklist new file mode 100644 index 000000000..377624999 --- /dev/null +++ b/patches/source/xrdb/package-blacklist @@ -0,0 +1,39 @@ +# Enter packages to skip (perhaps because they aren't used on +# this platform) below. Just the package name -- no version +# number is needed. + +# MacOS related packages: +applewmproto +windowswmproto +libAppleWM +libWindowsWM + +# Sun video cards: +xf86-video-sunbw2 +xf86-video-suncg14 +xf86-video-suncg3 +xf86-video-suncg6 +xf86-video-sunffb +xf86-video-sunleo +xf86-video-suntcx + +# Obsolete packages: +liboldX +xf86-video-amd +xf86-video-via +xkbdata +xphelloworld +xrx + +# Not applicable to us +grandr +constype + +# CAREFUL NOT TO "SHIP" THE STUFF BELOW IN THE MAIN X PACKAGES DIR! + +# This is probably obsolete, and kills "X -configure" too +xf86-video-nsc + +# We don't want this one, as it causes failure of X with no xorg.conf +xf86-video-fbdev + diff --git a/patches/source/xrdb/slack-desc/xrdb b/patches/source/xrdb/slack-desc/xrdb new file mode 100644 index 000000000..26ea47867 --- /dev/null +++ b/patches/source/xrdb/slack-desc/xrdb @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +xrdb: xrdb +xrdb: +xrdb: xrdb is part of X11. +xrdb: +xrdb: For more information about the X.Org Foundation (the providers of the +xrdb: X.Org implementation of the X Window System), see their website: +xrdb: +xrdb: http://www.x.org +xrdb: +xrdb: +xrdb: diff --git a/patches/source/xrdb/x11.SlackBuild b/patches/source/xrdb/x11.SlackBuild new file mode 100755 index 000000000..ca7297082 --- /dev/null +++ b/patches/source/xrdb/x11.SlackBuild @@ -0,0 +1,364 @@ +#!/bin/sh +# Copyright 2007-2010 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# To build only a single package group, specify it as $1, like: +# ./x11.SlackBuild lib +# To build only a single package, specify both the source directory +# and the name of the package, like: +# ./x11.SlackBuild lib libX11 + +pkgbase() { + PKGEXT=$(echo $1 | rev | cut -f 1 -d . | rev) + case $PKGEXT in + 'gz' ) + PKGRETURN=$(basename $1 .tar.gz) + ;; + 'bz2' ) + PKGRETURN=$(basename $1 .tar.bz2) + ;; + 'lzma' ) + PKGRETURN=$(basename $1 .tar.lzma) + ;; + 'xz' ) + PKGRETURN=$(basename $1 .tar.xz) + ;; + *) + PKGRETURN=$(basename $1) + ;; + esac + echo $PKGRETURN +} + +# Set initial variables: +CWD=$(pwd) +TMP=${TMP:-/tmp} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +# A lot of this stuff just controls the package names this time: +VERSION=${VERSION:-7.5} +BUILD=${BUILD:-1} +PKGARCH=$ARCH +NUMJOBS=${NUMJOBS:-" -j7 "} + +if [ "$ARCH" = "x86_64" ]; then + LIBDIRSUFFIX="64" +else + LIBDIRSUFFIX="" +fi + +# Set up a few useful functions: + +fix_perms() { + chown -R root:root . + find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; +} + +process_man_pages() { + # Compress and if needed symlink the man pages: + if [ -d usr/man ]; then + ( cd usr/man + for manpagedir in $(find . -type d -name "man*") ; do + ( cd $manpagedir + for eachpage in $( find . -type l -maxdepth 1) ; do + ln -s $( readlink $eachpage ).gz $eachpage.gz + rm $eachpage + done + gzip -9 *.* + ) + done + ) + fi +} + +process_info_pages() { + # Compress info pages and purge "dir" file from the package: + if [ -d usr/info ]; then + ( cd usr/info + rm -f dir + gzip -9 * + ) + fi +} + +no_usr_share_doc() { + # If there are docs, move them: + if [ -d usr/share/doc ]; then + mkdir -p usr/doc + mv usr/share/doc/* usr/doc + rmdir usr/share/doc + fi +} + +# Set the compile options for the $ARCH being used: +. $CWD/arch.use.flags + +SLACK_X_BUILD_DIR=$TMP/x11-build +mkdir -p $SLACK_X_BUILD_DIR + +# Better have some binaries installed first, as this may not be +# in the "magic order". I built mine by hand through trial-and-error +# before getting this script to work. It wasn't that hard... I think. ;-) +( cd src + for x_source_dir in proto data util xcb lib app doc driver font xserver ; do + # See if $1 is a source directory like "lib": + if [ ! -z "$1" ]; then + if [ ! "$1" = "${x_source_dir}" ]; then + continue + fi + fi + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + rm -rf $PKG + mkdir -p $PKG + ( cd $x_source_dir + for x_pkg in *.tar.?z* ; do + # Reset $PKGARCH to its initial value: + PKGARCH=$ARCH + PKGNAME=$(echo $x_pkg | rev | cut -f 2- -d - | rev) + # Perhaps $PKGARCH should be something different: + if grep -wq "^$PKGNAME" ${CWD}/noarch ; then + PKGARCH=noarch + fi + if grep -wq "^$PKGNAME" ${CWD}/package-blacklist ; then + continue + fi + cd $SLACK_X_BUILD_DIR + # If $2 is set, we only want to build one package: + if [ ! -z "$2" ]; then + if [ "$2" = "$PKGNAME" ]; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + else + continue + fi + else + echo + echo "Building from source ${x_pkg}" + echo + fi + if grep -wq "^$PKGNAME" ${CWD}/modularize ; then + # Set $PKG to a private dir for the modular package build: + PKG=$SLACK_X_BUILD_DIR/package-$PKGNAME + rm -rf $PKG + mkdir -p $PKG + fi + + # Let's figure out the version number on the modular package: + MODULAR_PACKAGE_VERSION=$(echo $x_pkg | rev | cut -f 3- -d . | cut -f 1 -d - | rev) + + rm -rf $(pkgbase $x_pkg) + tar xf $CWD/src/${x_source_dir}/${x_pkg} || exit 1 + cd $(pkgbase $x_pkg) || exit 1 + + fix_perms + + # If any patches are needed, call this script to apply them: + if [ -r $CWD/patch/${PKGNAME}.patch ]; then + . $CWD/patch/${PKGNAME}.patch + fi + + # I heard somewhere that -O2 breaks some chipset or another. If you encounter + # problems, please contact volkerdi@slackware.com. Thanks! :-) + + # ./configure, using custom configure script if needed: + if [ -r $CWD/configure/${PKGNAME} ]; then + . $CWD/configure/${PKGNAME} + else + # This is the default configure script: + . $CWD/configure/configure + fi + + if ! make $NUMJOBS ; then + touch ${SLACK_X_BUILD_DIR}/${PKGNAME}.failed + continue + fi + + make install DESTDIR=$PKG + + mkdir -p $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + cp -a \ + AUTHORS* COPYING* INSTALL* README* NEWS* TODO* \ + $PKG/usr/doc/${PKGNAME}-${MODULAR_PACKAGE_VERSION} + + # If there's a ChangeLog, installing at least part of the recent history + # is useful, but don't let it get totally out of control: + if [ -r ChangeLog ]; then + DOCSDIR=$(echo $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION) + cat ChangeLog | head -n 1000 > $DOCSDIR/ChangeLog + touch -r ChangeLog $DOCSDIR/ChangeLog + fi + + # Get rid of zero-length junk files: + find $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION -type f -size 0 -exec rm --verbose "{}" \; + rmdir --verbose $PKG/usr/doc/${PKGNAME}-$MODULAR_PACKAGE_VERSION 2> /dev/null + + # Strip binaries: + ( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "current ar archive" | grep ELF | cut -f 1 -d : | xargs strip -g 2> /dev/null + ) + + # If there's any special post-install things to do, do them: + if [ -r $CWD/post-install/${PKGNAME}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/${PKGNAME}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + + # If this package requires some doinst.sh material, add it here: + if [ -r $CWD/doinst.sh/${PKGNAME} ]; then + mkdir -p $PKG/install + cat $CWD/doinst.sh/${PKGNAME} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + + # If this is a modular package, build it here: + if [ -d $SLACK_X_BUILD_DIR/package-$PKGNAME ]; then + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/${PKGNAME} ]; then + cat $CWD/slack-desc/${PKGNAME} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/build/${PKGNAME} ]; then + MODBUILD=$(cat $CWD/build/${PKGNAME}) + else + MODBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/${PKGNAME}-${MODULAR_PACKAGE_VERSION}-${PKGARCH}-${MODBUILD}.txz + fi + fi + + # Reset $PKG to assume we're building the whole source dir: + PKG=${SLACK_X_BUILD_DIR}/package-${x_source_dir} + + done + + # Nothing here? Must have been fully modular. :-) + if [ ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/etc -a \ + ! -d ${SLACK_X_BUILD_DIR}/package-${x_source_dir}/usr ]; then + continue + fi + + # Build an "x11-<sourcedir>" package for anything that wasn't built modular: + # It's safer to consider these to have binaries in them. ;-) + PKGARCH=$ARCH + cd $PKG + process_man_pages + process_info_pages + no_usr_share_doc + # If there are post-install things to do for the combined package, + # we do them here. This could be used for things like making a + # VERSION number for a combined package. :-) + if [ -r $CWD/post-install/x11-${x_source_dir}.post-install ]; then + RUNSCRIPT=$(mktemp -p $TMP) || exit 1 + cat $CWD/post-install/x11-${x_source_dir}.post-install \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" > $RUNSCRIPT + . $RUNSCRIPT + rm -f $RUNSCRIPT + fi + mkdir -p $PKG/install + if [ -r $CWD/slack-desc/x11-${x_source_dir} ]; then + cat $CWD/slack-desc/x11-${x_source_dir} > $PKG/install/slack-desc + else + touch $PKG/install/slack-desc-missing + fi + if [ -r $CWD/doinst.sh/x11-${x_source_dir} ]; then + cat $CWD/doinst.sh/x11-${x_source_dir} \ + | sed -e "s#usr/lib#usr/lib${LIBDIRSUFFIX}#g" \ + >> $PKG/install/doinst.sh + fi + if [ -r $CWD/build/x11-${PKGNAME} ]; then + SRCDIRBUILD=$(cat $CWD/build/x11-${PKGNAME}) + else + SRCDIRBUILD=$BUILD + fi + if [ -r $CWD/makepkg/${PKGNAME} ]; then + BUILD=$MODBUILD . $CWD/makepkg/${PKGNAME} + else + /sbin/makepkg -l y -c n ${SLACK_X_BUILD_DIR}/x11-${x_source_dir}-${VERSION}-${PKGARCH}-${SRCDIRBUILD}.txz + fi + ) + done +) + +exit 0 + +# I don't think I'll be using the following stuff, since I went for the latest in +# "individual", rather than a release. That was mostly because version 7.1 depends +# on a version of Mesa that won't build against kernel headers this new (&etc.). + +# If environment variable "REFRESH" is exported, start by refreshing the source tree: +# export REFRESH yes +if [ ! -z "$REFRESH" ]; then + # Only works once, unless you uncomment above. + unset REFRESH + ( cd patches + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/patches + mirror --delete --dereference . + exit" + chmod 644 * + ) + ( cd src + mkdir -p update everything + for dir in app data deprecated doc driver extras font lib proto util xserver ; do + # We won't really download "update", as problems ensue. Plus, --dereference is + # bringing us updated files when needed, so it's redundant (like "everything"). + if [ ! -d $dir ]; then + mkdir $dir + fi + ( cd $dir + lftp -c \ + "lftp ftp://ftp.x.org:/pub/X11R7.1/src/$dir + mirror -c --delete --dereference --include-glob "*.tar.bz2" . + exit" + chmod 644 * + ) + done + ) +fi + diff --git a/patches/source/xrdb/xrdb.SlackBuild b/patches/source/xrdb/xrdb.SlackBuild new file mode 100755 index 000000000..cd657e95c --- /dev/null +++ b/patches/source/xrdb/xrdb.SlackBuild @@ -0,0 +1,2 @@ +./x11.SlackBuild app xrdb +mv /tmp/x11-build/xrdb*z /tmp diff --git a/patches/source/yasm/slack-desc b/patches/source/yasm/slack-desc new file mode 100644 index 000000000..fc28253f2 --- /dev/null +++ b/patches/source/yasm/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' +# on the right side marks the last column you can put a character in. You must +# make exactly 11 lines for the formatting to be correct. It's also +# customary to leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +yasm: yasm (complete rewrite of the NASM assembler) +yasm: +yasm: Yasm is a complete rewrite of the NASM assembler under the "new" BSD +yasm: License (some portions are under other licenses, see COPYING for +yasm: details). Yasm currently supports the x86 and AMD64 instruction sets, +yasm: accepts NASM and GAS assembler syntaxes, outputs binary, ELF32, ELF64, +yasm: 32 and 64-bit Mach-O, RDOFF2, COFF, Win32, and Win64 object formats, +yasm: and generates source debugging information in STABS, DWARF 2, and +yasm: CodeView 8 formats. +yasm: +yasm: yasm home: http://www.tortall.net/projects/yasm/ diff --git a/patches/source/yasm/yasm.SlackBuild b/patches/source/yasm/yasm.SlackBuild new file mode 100755 index 000000000..ef340d699 --- /dev/null +++ b/patches/source/yasm/yasm.SlackBuild @@ -0,0 +1,216 @@ +#!/bin/sh +# $Id: yasm.SlackBuild,v 1.7 2009/05/12 20:24:31 root Exp root $ +# Copyright (c) 2008 Eric Hameleers <alien@slackware.com> +# Copyright 2010 Patrick Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Permission to use, copy, modify, and distribute this software for +# any purpose with or without fee is hereby granted, provided that +# the above copyright notice and this permission notice appear in all +# copies. +# +# THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +# IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR +# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF +# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND +# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT +# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# ----------------------------------------------------------------------------- +# +# Slackware SlackBuild script +# =========================== +# By: Eric Hameleers <alien@slackware.com> +# For: yasm +# Descr: complete rewrite of the NASM assembler +# URL: http://www.tortall.net/projects/yasm/ +# Needs: +# Changelog: +# 0.7.1-1: 16/Jun/2008 by Eric Hameleers <alien@slackware.com> +# * Initial build. +# 0.7.2-1: 08/dec/2008 by Eric Hameleers <alien@slackware.com> +# * Update. +# 0.8.0-1: 12/may/2009 by Eric Hameleers <alien@slackware.com> +# * Update. +# 1.1.0-1: 2010-08-31 by volkerdi@slackware.com +# * Update. +# +# Run 'sh yasm.SlackBuild' to build a Slackware package. +# The package (.txz) plus descriptive .txt file are created in /tmp . +# Install using 'installpkg'. +# +# ----------------------------------------------------------------------------- + +PKGNAM=yasm +VERSION=${VERSION:-1.2.0} +BUILD=${BUILD:-1_slack13.0} +TAG=${TAG:-} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +DOCS="ABOUT-NLS AUTHORS ChangeLog COPYING GNU_* NEWS README *.txt" + +# If you want to disable python bindings, set ENABLE_PYTHON to "NO". +# Building python support requires Cython, which is not shipped with Slackware. +ENABLE_PYTHON=${ENABLE_PYTHON:-"'NO"} + +# Where do we look for sources? +SRCDIR=$(cd $(dirname $0); pwd) + +# Place to build (TMP) package (PKG) and output (OUTPUT) the program: +TMP=${TMP:-/tmp/build} +PKG=$TMP/package-$PKGNAM +OUTPUT=${OUTPUT:-/tmp} + +SOURCE="$SRCDIR/${PKGNAM}-${VERSION}.tar.xz" +SRCURL="http://www.tortall.net/projects/${PKGNAM}/releases/${PKGNAM}-${VERSION}.tar.gz" + +## +## --- with a little luck, you won't have to edit below this point --- ## +## + +# Exit the script on errors: +set -e +trap 'echo "$0 FAILED at line ${LINENO}" | tee $OUTPUT/error-${PKGNAM}.log' ERR +# Catch unitialized variables: +set -u +P1=${1:-1} + +case "$ARCH" in + i486) SLKCFLAGS="-O2 -march=i486 -mtune=i686" + SLKLDFLAGS=""; LIBDIRSUFFIX="" + ;; + s390) SLKCFLAGS="-O2" + SLKLDFLAGS=""; LIBDIRSUFFIX="" + ;; + powerpc) SLKCFLAGS="-O2" + SLKLDFLAGS=""; LIBDIRSUFFIX="" + ;; + x86_64) SLKCFLAGS="-O2 -fPIC" + SLKLDFLAGS="-L/usr/lib64"; LIBDIRSUFFIX="64" + ;; + athlon-xp) SLKCFLAGS="-march=athlon-xp -O3 -pipe -fomit-frame-pointer" + SLKLDFLAGS=""; LIBDIRSUFFIX="" + ;; +esac + +# Create working directories: +mkdir -p $OUTPUT # place for the package to be saved +mkdir -p $TMP/tmp-$PKGNAM # location to build the source +mkdir -p $PKG # place for the package to be built +rm -rf $PKG/* # always erase old package's contents +rm -rf $TMP/tmp-$PKGNAM/* # remove the remnants of previous build + +# Source file availability: +if ! [ -f ${SOURCE} ]; then + if ! [ "x${SRCURL}" == "x" ]; then + # Check if the $SRCDIR is writable at all - if not, download to $OUTPUT + [ -w "$SRCDIR" ] || SOURCE="$OUTPUT/$(basename $SOURCE)" + echo "Source '$(basename ${SOURCE})' not available yet..." + echo "Will download file to $(dirname $SOURCE)" + wget -nv -T 20 -O "${SOURCE}" "${SRCURL}" || true + if [ $? -ne 0 -o ! -s "${SOURCE}" ]; then + echo "Downloading '$(basename ${SOURCE})' failed... aborting the build." + mv -f "${SOURCE}" "${SOURCE}".FAIL + exit 1 + fi + else + echo "File '$(basename ${SOURCE})' not available... aborting the build." + exit 1 + fi +fi + +if [ "$P1" == "--download" ]; then + echo "Download complete." + exit 0 +fi + +# --- PACKAGE BUILDING --- + +echo "++" +echo "|| $PKGNAM-$VERSION" +echo "++" + +cd $TMP/tmp-$PKGNAM +echo "Extracting the source archive(s) for $PKGNAM..." +tar xvf ${SOURCE} +cd ${PKGNAM}-${VERSION} +chown -R root:root . +chmod -R u+w,go+r-w,a-s . + +if [ "$ENABLE_PYTHON" = "YES" ]; then + PYTHONSTUFF="--enable-python --enable-python-bindings" +else + PYTHONSTUFF="" +fi + +echo Building ... +LDFLAGS="$SLKLDFLAGS" \ +CXXFLAGS="$SLKCFLAGS" \ +CFLAGS="$SLKCFLAGS" \ +./configure --prefix=/usr \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ + --localstatedir=/var \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + ${PYTHONSTUFF} \ + --program-prefix= \ + --program-suffix= \ + --build=$ARCH-slackware-linux \ + 2>&1 | tee $OUTPUT/configure-${PKGNAM}.log +make 2>&1 | tee $OUTPUT/make-${PKGNAM}.log + +# Install all the needed stuff to the package dir +# Use installwatch if available, to produce a logfile of the installation +# process that is more easily readable: +if $(which installwatch > /dev/null 2>&1); then + installwatch -o $OUTPUT/install-${PKGNAM}.log make DESTDIR=$PKG install +else + make DESTDIR=$PKG install 2>&1 |tee $OUTPUT/install-${PKGNAM}.log +fi + +# Add documentation: +mkdir -p $PKG/usr/doc/$PKGNAM-$VERSION +cp -a $DOCS $PKG/usr/doc/$PKGNAM-$VERSION || true +cp -a $SRCDIR/$(basename $0) $PKG/usr/doc/$PKGNAM-$VERSION/$PKGNAM.SlackBuild +chown -R root:root $PKG/usr/doc/$PKGNAM-$VERSION +find $PKG/usr/doc -type f -exec chmod 644 {} \; + +# Remove empty share directory: +rmdir $PKG/usr/share || true + +# Compress the man page(s): +if [ -d $PKG/usr/man ]; then + find $PKG/usr/man -type f -name "*.?" -exec gzip -9f {} \; + for i in $(find $PKG/usr/man -type l -name "*.?") ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done +fi + +# Strip binaries: +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +# Add a package description: +mkdir -p $PKG/install +cat $SRCDIR/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +makepkg --linkadd y --chown n $OUTPUT/${PKGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.txz 2>&1 | tee $OUTPUT/makepkg-${PKGNAM}.log +cd $OUTPUT +md5sum ${PKGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.txz > ${PKGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.txz.md5 +cd - +cat $PKG/install/slack-desc | grep "^${PKGNAM}" > $OUTPUT/${PKGNAM}-${VERSION}-${ARCH}-${BUILD}${TAG}.txt + |
