| < rra-c-util README | Russ Allbery > Software > rra-c-util | PAM Testing > |
Beginning with version 11.0.0, rra-c-util is versioned with semver. Changes to C warning flags, perlcritic configuration, and similar changes to style tests are not considered backward-incompatible changes.
Versions older than 11.0.0 use a relaxed semver-like versioning scheme.
Find changes for the upcoming release in the project’s changelog.d directory.
package Module::Name v1.0.0 syntax in the module version tests. Always use semantic versions when updating module versions.@SPDX_IGNORE configuration option is available (see below).RRA_PROG_CC_WARNINGS_FLAGS to disable -Wunsafe-buffer-usage for Clang (not intended for C code) and add several new GCC warnings and related flags added between GCC 9.2 and 13.2.@SPDX_IGNORE may now be set in the perl.conf test configuration file to specify an additional list of regular expressions matching files that the check for SPDX license headers should ignore.-isystem instead of -I for the include paths. This tells the compiler to suppress warnings for constructions in the headers by treating them as system headers.xrealloc and xreallocarray.docs/pod.t and style/critic.t when neither lib or blib exists.python-config to find link flags if it is available, since this produces more correct results. Remove LOCALMODLIBS from the requested flags, since it is not necessary and breaks the build with newer Python versions.t/docs/spdx-license.t check.Makefile.PL in the Perl t/style/critic.t test if it exists.CHANGELOG.md, and maintained using scriv.aclocal tool, specifically improved --install and --diff behavior, if the rra-c-util macros are on the aclocal search path.perl/MANIFEST.SKIP is now suitable for copying as-is into Perl module packages as a default MANIFEST.SKIP.portable/getnameinfo test to skip some checks when 0.0.0.0 resolves to a hostname. (Alas, someone was weird enough to put it in DNS.) Thanks, Julien ÉLIE.AS_CASE syntax in RRA_PROG_CC_FLAG and RRA_LIB_KAFS. Thanks, Julien ÉLIE.test -a syntax in systemd.m4. Thanks, Julien ÉLIE.RRA_LIB_PCRE2 and RRA_LIB_PCRE2_OPTIONAL macros that detect version 2 of the PCRE library (the current supported version). PCRE version 1 has been deprecated; users should switch to PCRE2. RRA_LIB_PCRE_OPTIONAL will likely be dropped in a future version of rra-c-util.$self parameter when imposing a limit on the number of arguments that can be passed to a method.portable/sd-daemon.h on systems that do have libsystemd. The GCC pragmas to set visibility were in the wrong place, causing link failures with libsystemd.docs/spdx-license test.#<<< comments. The default alignment is much too aggressive and makes the formatting unstable..clang-format for Clang 13.0.IN6_ARE_ADDR_EQUAL Autoconf probe on macOS, where it needs an include of string.h. Patch from Julien ÉLIE.RRA_PROG_CC_FLAG and RRA_PROG_LD_FLAG for Clang. Previously they would not reject unknown flags since unknown flags to Clang are only a warning by default. Thanks, Julien ÉLIE. (#9)-Wreserved-identifier in RRA_PROG_CC_WARNING_FLAGS for Clang, since it produces false positives with FD_ZERO and similar macros defined in system headers under Clang 13.0.RRA_SET_LIBDIR macro. I believe it was only used for PAM module packages, and its logic is now incorrect on Debian usrmerge systems. My PAM module packages will instead document that setting --libdir manually to specify the correct PAM module path is likely to be necessary.qw lists.pam_end, such as PAM_DATA_SILENT, to the fakepam testing framework.t/docs/changes.t test for Perl modules that uses Test::CPAN::Changes to check the format of Changes files.t/lib.RRA_SET_LDFLAGS to always use the multilib directory (lib32 or lib64) if it exists, even if the system does not (as with Debian derivatives) use multilib. Hopefully fixes detection of the library path for OpenSSL 3.0. Thanks, Julien ÉLIE.RRA_LIB_PYTHON to use sysconfig by preference and only fall back on distutils.sysconfig if sysconfig is not available, since distutils.sysconfig has been deprecated in Python 3.10.SUN_LEN on macOS X Big Sur. Thanks, Julien ÉLIE.k_haspag replacement to not attempt to allocate negative memory if getgroups fails. Thanks, Jeffrey Altman.RRA_FUNC_KRB5_GET_INIT_CREDS_OPT_SET_PKINIT_ARGS and RRA_LIB_KAFS to avoid deprecated macros from Autoconf 2.71.~ backup files when checking for SPDX license identifiers.-Wformat-truncation warnings from GCC 10 in the portable replacement for getnameinfo. The return status of snprintf is tested for truncation, but GCC doesn’t recognize that.is_file_contents (provided by Test::RRA).SQLITE to SQLITE3, including their output variables and configure command-line options, to bring the naming convention in line with common practice for software using SQLite v3. Clear the SQLITE3 variables if the library was optional and no working library was found.KRB5_CPPFLAGS_GCC output variable from the RRA_LIB_KRB5 macro to KRB5_CPPFLAGS_WARNINGS to more accurately reflect its intended use and to reflect that it works with Clang.m4/krb5.m4 Autoconf macros no longer define AM_CONDITIONAL as a no-op if it’s not already defined, since this may be unexpected when loading a macro. If you want to use those macros without Automake, add m4_define_default([AM_CONDITIONAL], [:]) to configure.ac.sd_notify and sd_notifyf and a (non-functional) preprocessor stub for sd_is_socket for portability for more APIs to systems without libsystemd.RRA_LIB_KRB5 and RRA_LIB_KRB5_OPTIONAL macros now also check that at least one Kerberos header file was found and either abort with an error or mark Kerberos as unusable depending on the choice of macro. Thanks, Julien ÉLIE.portable/sd-daemon.h to include necessary prerequisite headers and not assume they were already included.RRA_PROG_PYTHON Python version test to work on Python 3.0 and Python versions older than 2.7. Tested with Python 2.3.0. Thanks, Julien ÉLIE.util/fdflag test on Solaris 11. Thanks, Julien ÉLIE.util/fdflag test that caused it to fail on OpenBSD, and clean up the child process if anything goes wrong with the main process so that the test driver doesn’t hang.AS_ECHO instead of echo in all Autoconf macros for slightly improved portability. Thanks, Julien ÉLIE.RRA_PROG_LD_FLAG Autoconf macro to probe whether a given flag is supported when linking. Patch from Julien ÉLIE.RRA_PROG_C_FLAG Autoconf macro to be used to probe for flags containing a comma. Change suggested by Julien ÉLIE.string.h in the probe for AI_ADDRCONFIG support to avoid problems on macOS X. Thanks, Bo Lindbergh.reallocarr to reallocarray and only prototypes the latter if _OPENBSD_SOURCE is defined, which is not one of the macros Autoconf defines by default. Work around this for now by checking whether reallocarray is declared, not only whether it’s available, and protyping it if it’s not declared. This uses the semi-hidden deprecated symbol on NetBSD.getnameinfo replacement, handle musl libc’s gethostbyaddr, which returns the string conversion of the IP address if the host doesn’t resolve. This only affects the test suite, since musl libc supports IPv6 and thus doesn’t need this replacement.ControlStructures::ProhibitCascadingIfElse in perlcritic checks. It recommends using given/when instead, but this construct is marked as experimental in Perl and was considered a mistake in some quarters.memset to implement explicit_bzero if the latter is not available.PAM_MAX_RESP_SIZE to portable/pam.h.krb5.conf file. Patch from Jeffrey Hutzelman.krb5.conf file does not contain a default_realm setting.ENTRY and EXIT logging macros for PAM modules to use do/while syntax so that it can be used like a function call.tests/config other than README when checking for SPDX license identifiers..pc when enumerating all files for tests and when checking for SPDX license identifiers for Perl packages. This directory is used by quilt (and thus some Debian packaging) for metadata.snprintf tests that surpassed the promised precision of C floating point numbers..clang-format.is_file_contents Test::RRA function now falls back on printing the expected and seen output if diff does not work, primarily to support platforms like Windows with no standard diff program.tests/docs/spdx-license-t and the Perl equivalent, check for my legacy “see LICENSE” notice even in short files that are otherwise skipped by the test to ensure that all license notices are replaced with the new SPDX notices.RRA_LIB_KRB5_OPTIONAL probing in the --enable-reduced-depends case when linking with libkrb5 is not possible but libcom_err is present. The probes for com_err were previously not skipped, resulting in a non-empty KRB5_LIBS containing only -lcom_err, which incorrectly caused the macro to indicate that Kerberos libraries were present..git directories by testing an explicit list of files and directories in the Perl t/style/strict.t test. This means that test now assumes the only interesting files are in subdirectories or end in *.PL. It also now skips blib, so no longer double-checks library files and scripts.RRA_PROG_PYTHON, RRA_PYTHON_MODULE, and RRA_LIB_PYTHON written by Julien ÉLIE and based on earlier work in INN. The first finds Python through an environment variable or a PATH search, checking for a sufficiently high version, and supports requiring Python 2, Python 3, or either. The second checks whether a Python module can be loaded by the discovered Python interpreter, and the third reports the flags required to link with the Python library to embed it in another program.RRA_PROG_PERL macro now also makes PERL a substitution variable. Thanks, Julien ÉLIE.docs/urls test (for both Perl and non-Perl packages) to style/obsolete-strings, which more correctly reflects its purpose. Add a check for RRA_MAINTAINER_TESTS, which has been replaced by Lancaster Consensus environment variables.RRA_LIB_PERL macro now checks for the EXTERN.h header and for perl_alloc in the libperl library, to double-check that the discovered linkage information actually works. (It may not on, for example, a Debian host without libperl-dev installed.)RRA_LIB_BDB, RRA_LIB_OPENSSL, RRA_LIB_SASL, and RRA_LIB_ZLIB macros, and their _OPTIONAL counterparts, all now check that the library’s key header can be found as well as the library. The _OPTIONAL versions treat the library as missing if the header is not present; the non-optional versions will abort configure with an error if the header is not present.tests/perl/module-version-t -u. Previous versions were quoting two-part version numbers, but this is a syntax error when the version is set with the package directive.all_files function of Test::RRA::Automake.check-cppcheck target to run cppcheck across the source base with a standard configuration. Fix all issues found by cppcheck.UINT32_MAX for systems that don’t have it.va_end in the pam-util putil_log_failure function.network_bind_all. Some hosts with unusual network configurations may rewrite client packets to appear to come from an IP address other than 127.0.0.1, resulting in false positives in earlier versions of this test.SA_LEN macro from portable/socket.h. This macro came from INN’s portability code, and can be useful when adding IPv6 support to old code bases that didn’t pass address lengths. But it was fairly easy to remove the remaining uses of it from INN, and it’s never caught on and been standardized. It wasn’t necessary in any of my other projects and was causing warnings with some new warning options in GCC 7, so drop it entirely.network_sockaddr_sprint now takes a socklen_t instead of a size_t as its second argument for better compatibility with other networking functions it calls.bail_krb5 and diag_krb5 TAP library functions to take either a krb5_error_code or a kadm5_ret_t as their second argument.-Wformat-overflow=2, -Wformat-truncation=2, -Walloc-zero, -Wduplicated-branches, -Wconversion -Wno-sign-conversion, -Wmissing-declarations, and -Wrestrict to the default GCC warning flags, and fix resulting issues. Remove various warning options that are now the default or implied by other flags.-Weverything with some exclusions). See m4/cc-flags.m4 for the list of Clang warning options excluded.+ characters using RRA_PROG_CC_FLAG. This character has to be replaced when creating cache variables. Thanks to Julien ÉLIE for the report.reallocarray replacements have a minimum size of 1 and that pam-util/vector.c always allocates the strings array with a minimum size of 1 to simplify static analysis.is_file_contents function to Test::RRA for Perl tests. This compares a string with the contents of a file and displays a diff if they don’t match.tests/docs/urls-t, and perl/t/docs/urls.t for Perl modules) for bad URLs or other strings in all distribution files, initially just checking for non-https www.eyrie.org URLs and my old email address. In the process, add a new all_files function to Test::RRA::Automake that returns all “interesting” files in the distribution that a test may want to look at.RRA_PROG_CC_FLAG. GCC and Clang both don’t produce fatal errors for unknown -Wno-* flags, so test the corresponding positive -W flag instead when determining if they’re supported. Thanks to Guillem Jover for the information.RRA_PROG_CC_WARNINGS_FLAGS, always add -Werror to warning flags for both GCC and Clang, rather than probing for whether it’s supported in GCC and not using it with Clang.tests/perl/strict-t and perl/t/style/strict.t, since that version is required to know that use 5.012 or later automatically implies use strict.RRA_PROG_CC_FLAG macro, from INN, which determines whether the compiler supports a given flag. New RRA_PROG_CC_WARNINGS_FLAGS macro, replacing the WARNINGS variable in Makefile.am, to calculate all of the warning flags supported by the current compiler, and use it for the warnings target. The warning flags have been updated for new flags available in GCC 6.1.0.snprintf to avoid an off-by-one error when verifying the output was not truncated. (All locations should have been safe anyway for other reasons, but be certain.) Based on a patch by Yuriy M. Kaminskiy to INN.do with relative paths changed. Fix by making the relative search paths more explicit. This fixes running module-version-t -u outside the test suite to bump version numbers.strlcat and strlcpy. These had various bugs around edge cases, and I’ve been convinced that these interfaces are a bad idea. They’re no longer used by any of the utility libraries and should normally be replaced with asprintf or similar functions.C_TAP_SOURCE and C_TAP_BUILD environment variables in all test support code instead of SOURCE and BUILD, following the change in C TAP Harness 4.0. Upgrading to any test support libraries from this release will also require upgrading the test suite driver to C TAP Harness 4.0 or later.network_set_freebind, network_set_reuseaddr, and network_set_v6only are now public functions for clients that need additional control over when these options are set or can’t use the network_bind functions.RRA_PROG_PERL macro that finds the path of a Perl interpreter of the given version or newer. Add a new RRA_PERL_CHECK_MODULE macro that checks whether a given module can be loaded by Perl. Add a new RRA_LIB_PERL macro that finds the compiler and linker flags for embedding Perl. These are based on the configure macros used in INN.gss_oid_equal for older versions of Heimdal.m4/openssl.m4 probe for OpenSSL to look for SSL_accept instead of SSL_library_init, fixing OpenSSL 1.1.0 detection. Thanks, Julien ÉLIE.vector_join and cvector_join to use memcpy instead of strlcpy and strlcat.bootstrap, matching the emerging consensus in the Autoconf world.@MODULE_VERSION_IGNORE, for the test perl.conf configuration that excludes certain modules from the version consistency check. This allows different versioning to be used for modules that provide DBIx::Class schemata.tests/perl/module-version-t and perl/t/style/module-version.t into a new Test::RRA::ModuleVersion test module. This adds support for the Perl 5.12 module version syntax to the tests/perl/module-version-t version of the test.docs/synopsis.t test to not use UNIX-specific path delimiters to exclude files in blib/script. This fixes portability to older builds of Perl on Windows.util/network/server-t test has been made more robust against additional ways that IPv6 could not be available, such as the restrictions in the current Travis-CI build environment.KRB5_ANON_REALM.PAM_SESSION_ERR to the error codes supported by the PAM testing framework.errno when a module calls pam_modutil_getpwnam with an unrecognized username. Returning NULL with a 0 errno makes other testing easier.kadm5_init_krb5_context for programs that use libkadm5clnt without needing libkrb5.va_end in the xasprintf implementation.buffer_find_string if passed a buffer that’s never had any data. Found by Richard Kettlewell.PAM_DATA_REPLACE and PAM_DATA_SILENT options for pam_set_data and doesn’t define PAM_BAD_ITEM. Thanks to Meno Abels for the report.RRA_HEADER_PAM_STRERROR_CONST macro that checks whether pam_strerror wants its first argument declared const. This is required to build the fakepam library for testing on Mac OS X, which declares the first argument const (unlike other PAM implementations).RRA_LIB_SYSTEMD_DAEMON_OPTIONAL for now, since it only checks for those functions and will support libsystemd-daemon on older installations.$() in the probe for systemd support, since Solaris 10 /bin/sh is still used by configure and doesn’t support this syntax.style/module-version.t test and helper script for regular Perl modules. This is similar to tests/perl/module-version-t except that it expects a Perl module layout instead of Perl modules embedded in a larger distribution, does not do the Automake integration, and supports the Perl 5.12 package syntax. (Common code should someday be factored out into Test::RRA.)network_connect, network_connect_host, and network_client_create now accept “any” as a source as well as “all”, as a synonym for letting the operating system pick, for parallelism with network_bind_ipv4 and network_bind_ipv6.portable/socket.h portability layer now provides a socket_set_errno_einval macro to set the current socket error to an equivalent of EINVAL. Windows uses a different error code for this case.portable/socket-unix.h portability layer that includes sys/un.h and defines SUN_LEN if the implementation does not do so. (Use in combination with the RRA_MACRO_SUN_LEN Autoconf macro.)PIPE_READ and PIPE_WRITE macros to util/macros.h to name the elements of the array passed to pipe.PAM_RHOST, PAM_RUSER, and PAM_TTY and read-only support for PAM_SERVICE (returning the service name given to pam_start) and PAM_USER_PROMPT (returning “login:”) to the fake PAM library for testing. Patch from Jeffrey Hutzelman.TAP_KRB_NEEDS_PKINIT, to the kerberos_setup function. This indicates that configuration for PKINIT authentications is required for this test case.vector_join and vector_cjoin.strlcpy in the getnameinfo replacement (use memcpy instead) and the setenv replacement (use asprintf instead).util/buffer.c functions and for inet_aton and inet_ntoa replacements to match the default hidden visibility of other portability and util functions. Thanks, Julien ÉLIE.network_addr_match now always fails (returns false) if either of the strings are the empty string. AIX 7.1’s inet_aton treats the empty string as equivalent to 0.0.0.0, but we want to treat it as a syntax error since it’s too easy to get an empty string by accident.reallocarray for systems (currently anything that isn’t OpenBSD) that don’t have it. This function is the same as realloc but takes calloc-style arguments and checks for size overflow before calling realloc.xreallocarray to the util library, which is a checked version of reallocarray similar to what xrealloc is for realloc.portable/system.h now also guarantees the inclusion of inttypes.h (which it had included for years as an implementation detail) and limits.h (to ensure the availability of SIZE_TYPE on older systems).RRA_LIB_KRB5 and RRA_LIB_KRB5_OPTIONAL now also provide a KRB5_CPPFLAGS_GCC Makefile variable that can be used in combination with gcc warnings (such as the make warnings target) to suppress warnings from Kerberos headers in non-system paths.util/messages-krb5 test can now be included in a package that may or may not be built with Kerberos support and will be skipped if Kerberos support is not enabled.network_read and network_write with a timeout, restart the I/O attempt if a system call failed with EINTR instead of aborting the operation.calloc in preference to calculating a malloc size with multiplication everywhere, and reallocarray in preference to calculating a realloc size. In most places this caution was probably not necessary, but uniformity is easier to audit and no one will ever notice the speed difference between malloc and calloc.portable/pam.h with a C++ compiler. Caught by cppcheck.skip_unless_maintainer to skip_unless_author in Test::RRA and add a skip_unless_automated function that skips the test unless author, release, or automated testing is requested. Use the new function for many of the Perl tests that don’t uncover functionality issues. Switch from RRA_MAINTAINER_TESTS to use the environment variables from the Perl Lancaster Consensus (AUTHOR_TESTING, AUTOMATED_TESTING, and RELEASE_TESTING) for consistency with other Perl packages.RRA_LIB_SQLITE and RRA_LIB_SQLITE_OPTIONAL macros and corresponding RRA_LIB_SQLITE_SWITCH and RRA_LIB_SQLITE_RESTORE macros. These only look for SQLite 3 with the sqlite3_open_v2 interface, since that should be old enough to be present nearly everywhere.@STRICT_PREREQ, which lists modules that are required for meaningful script testing. If any of those modules is not installed, Perl scripts will not be checked. This allows correct handling of supporting scripts or optional utilities whose dependencies are not installed when tests are run.perltidy.LOG files after testing.RRA_LIB_EVENT and RRA_LIB_EVENT_OPTIONAL macros and corresponding RRA_LIB_EVENT_SWITCH and RRA_LIB_EVENT_RESTORE macros. Add a portability wrapper around the libevent include files and Autoconf probes, defines, and code to support using libevent 1.4 via the libevent 2.0 API (with some degradation of functionality).message_handlers_reset function to the messages utility API. This function resets all handlers to their defaults and frees any memory allocated by the message_handlers functions. This is primarily useful to allow freeing all memory when doing exhaustive memory allocation testing.SIGALRM if the process doesn’t stop fast enough and instead clearly reports the problem with bail. Fix a memory leak when starting a process under fakeroot.test_cleanup_register API and free allocated memory in child processes as well as the primary process.portable/krb5.h with a C++ compiler.RRA_WITH_SYSTEMD_UNITDIR, which defines the HAVE_SYSTEMD Automake conditional and the systemdsystemunitdir substitution variable, and RRA_LIB_SYSTEMD_DAEMON_OPTIONAL, which probes for the optional libsystemd-daemon library (used for socket notification and startup synchronization). It also provides portable/sd-daemon.h, which wraps the systemd/sd-daemon.h include file and stubs out sd_notify and sd_listen_fds if libsystemd-daemon was not available.process_start_fakeroot from working properly.network_bind_* functions now take a socket type as an additional argument so that they can be used with UDP-based services.network_bind_all now returns a boolean, which will be false if no sockets could be bound due to some error. Callers may check this instead of checking if the socket count is zero.network_wait_any function that waits for an array of file descriptors and returns the first one that selects ready for read. This can be used by UDP servers similar to network_accept_any for TCP servers.vector_free and cvector_free now accept a NULL argument and silently do nothing. This allows for more concise cleanup code.process_start, process_start_fakeroot, and process_stop functions in the process TAP add-on. Note that these require an Autoconf probe for sys/select.h and a replacement for a missing mkstemp. Rewrite the remctl TAP add-on to use this new API to start and stop remctld.RRA_LIB_ZLIB and RRA_LIB_ZLIB_OPTIONAL macros to probe for zlib, based on the Autoconf macros in INN. Contributed by Julien ÉLIE.RRA_LIB_BDB, RRA_LIB_BDB_OPTIONAL, and RRA_LIB_BDB_NDBM macros to probe for Berkeley DB and its ndbm compatibility layer, based on the Autoconf macros in INN. Contributed by Julien ÉLIE.network_bind_* functions now more reliably set the socket errno on failure and log somewhat more informative error messages with warn.RRA_LIB_SASL and RRA_LIB_SASL_OPTIONAL macros based on Autoconf macros in INN. Contributed by Julien ÉLIE. Currently, these only deal with Cyrus SASL, not GNU SASL.KADM5_MISSING_KRB5_CONF_PARAMS in portable/kadmin.h for kadmin implementations that don’t define it, such as Heimdal.test_tmpdir to Test::RRA::Automake. This works the same as the corresponding function in the C and shell TAP libraries: it creates a temporary directory for tests to use, returns the path, and attempts to remove the directory when the process exits.*_OPTIONAL version of all Autoconf macros using lib-helper.m4 that would add yes/include and yes/lib to the compiler and linker search paths. Found by Julien ÉLIE.RRA_LIB_KRB5 and RRA_LIB_KRB5_OPTIONAL now define HAVE_KRB5 instead of HAVE_KERBEROS and set rra_use_KRB5 instead of rra_use_kerberos, for consistency with other macros, with the macro names, and with the other shell variables those macros set. All utility code, libraries, and tests included in rra-c-util have been updated accordingly.RRA_LIB_OPENSSL and RRA_LIB_OPENSSL_OPTIONAL now define HAVE_OPENSSL instead of HAVE_SSL if the library is found to make the define consistent with the macro names and shell variables.*_OPTIONAL m4 macros now set the corresponding rra_use_* shell variable to true if no explicit configure flags are given but the libraries are found at configure time, paralleling how the HAVE_* C preprocessor variables are defined.portable/socket.h now defines EAI_ADDRFAMILY to EAI_FAMILY if it’s not defined to let code compare against this obsolete error code unconditionally. Some older systems may have an EAI_ADDRFAMILY error code distinct from EAI_FAMILY.RRA_LIB_KRB5_OPTIONAL now correctly configures the package to not use Kerberos instead of failing if neither the new Kerberos error APIs nor libcom_err could be found.AM_CONDITIONAL for the use of libcom_err is now ignored if Automake is not in use.RRA_LIB_OPENSSL_OPTIONAL no longer aborts if libcrypto could not be found, and both it and RRA_LIB_OPENSSL now properly restore the default CPPFLAGS, LDFLAGS, and LIBS after probing for the libraries. Patch from Julien ÉLIE.RRA_LIB_OPENSSL and RRA_LIB_OPENSSL_OPTIONAL now probe for -ldl first and add it to the dependency libraries unless --enable-reduced-depends is given. This is required to link with OpenSSL on AIX. Reported by Julien ÉLIE.xasprintf and xvasprintf, distinguish between failure to allocate memory and failure to format the output. Report the latter by passing 0 to the failure handler, and special-case that in the default failure handler to report a different error message.snprintf when converting port numbers to strings in network_bind_all and network_connect_host, and use the correct format for the port number for the latter.vsnprintf in the syslog message handlers for die, warn, and friends, and report an error with warn if vsnprintf fails.vasprintf replacement, preserve errno if snprintf fails when formatting the string into the newly-allocated buffer.snprintf in the getnameinfo and inet_ntop replacement functions instead of assuming that it will always succeed.RRA_LIB_OPENSSL instead of RRA_LIB_SSL, and all the substitution variables have similarly been changed. The m4 file is now openssl.m4 and depends on lib-helper.m4. There is a new macro, RRA_LIB_OPENSSL_OPTIONAL, for packages with optional OpenSSL support. HAVE_SSL is now defined if the OpenSSL libraries were found.use_prereq function in Test::RRA, support version numbers containing underscores and report the required version number, if any, in the skip message printed if the test is skipped.@STRICT_IGNORE variable in the perl.conf configuration file for the standard tests for Perl scripts.portable/kadmin.h the header file defining kadmin error codes, add a probe for one of the two possible namings for that file, and adjust for the missing KADM5_PASS_Q_GENERIC error code in Heimdal.krb5_free_default_realm with krb5_xfree on Heimdal, not free.k_pioctl to the portability layer for libkafs by providing a fallback to lpioctl when using the AFS libraries and a system call failure define if no library was found.examples, usr/bin, and usr/sbin directories, not check SYNOPSIS sections for scripts, work correctly with packages missing Build.PL or a t directory, and also check style in files under a usr directory.tests/perl/module-version-t test for packages that have embedded Perl modules. This checks that the embedded Perl module versions match the package version and can optionally update all of the version numbers.network_connect, when given a timeout, now resumes waiting for the nonblocking connect after being interrupted by a signal. This can mean that a connect can take longer than the timeout if interrupted; hopefully both timeouts and catching signals are rare enough that this won’t pose a serious issue.tests/docs and tests/perl now use these libraries, so packages using those test scripts should also include the tests/tap/perl directory in the distribution.tests/perl/critic-t and tests/perl/minimum-version-t tests now use tests/data/perl.conf for per-package configuration, making it easier to use the tests verbatim in multiple packages with different ignore lists or minimum version requirements.perl/t directory that contains generic test programs suitable for standalone Perl modules or for projects that embed a Perl module build inside the project.tests/perl/strict-t test now works properly for Perl scripts that make use of a Perl module that’s built as part of the larger package build.clang --analyze with Clang 3.0.sys/statvfs.h that converts statvfs code to statfs code for older systems.portable/apr.h now includes apr_errno.h, apr_file_info.h, and apr_file_io.h and handles backwards compatibility of the APR_FOPEN_* flags and APR_FPROT_* constants to APR 0.9.tests/docs/pod-t and tests/docs/pod-spelling-t to use File::Spec rather than assuming UNIX paths, use Test::Spelling instead of hand-rolling its functionality, ignore .git and perl directories, and use my current Perl coding style. These tests are now more suitable for copying into other packages.tests/perl/critic-t, tests/perl/minimum-version-t, and tests/perl/strict-t. Add configuration for perlcritic and perltidy for use with the test suite to tests/data. The minimum version test may require some configuration when copied into another package.tests/data that is suitable for other projects using rra-c-util, particularly ones using Kerberos.roken_concat (present since at least Heimdal 0.4) instead of rk_simple_execve (not present until Heimdal 1.3).krb5.h should be used instead of krb5/krb5.h.RRA_INCLUDES_APACHE macro to m4/apache.m4 that can be used to include a basic set of Apache headers when probing for declarations relevant to Apache modules.concat and concatpath from the util library. asprintf or xasprintf, provided by the portability and util libraries respectively, are entirely superior alternatives to concat. concatpath was only used in INN and will be reintroduced if I end up using it in my other software.xasprintf and xvasprintf (in the util library) and basprintf and bvasprintf (in the TAP add-on) are now void functions and always call the xmalloc failure handler on any error, not just on ENOMEM errors. The faint chance that the underlying asprintf function could return some other error isn’t worth the additional code complexity of still having to check the return status and then probably abort anyway.-g and -On flags from APACHE_CPPFLAGS as returned by apxs to avoid forcing debugging and optimization strategy for Apache modules.xmalloc, xcalloc, and xrealloc.pam_args structure in putil_args_free and in EXIT logging to make handling of failure to allocate the pam_args structure simpler.KRB5_WELLKNOWN_NAME and KRB5_ANON_NAME to the Kerberos portability header, used to form the anonymous principal name.krb5_free_string to the Kerberos portability header.%* wildcard in output in PAM test scripts has been removed. Use regular expressions instead.pam_output) has changed accordingly.PAM_AUTHTOK item. Instead, take new configuration parameters authtok and oldauthtok that, if provided, are copied into the PAM data before running the script. This allows separate testing of a saved password and a password provided at a prompt. Document in the fakepam README file all of the possible configuration parameters./), and the actual output or prompt will be matched against the regular expression. If regular expression support is not available, the test will be skipped.PAM_AUTHINFO_UNAVAIL to the recognized PAM error codes, report output and prompt lines starting from 1 instead of 0, and report an error message rather than segfaulting if necessary parameters for a testing script are not provided.PAM_SUCCESS.RRA_KRB5_CONFIG helper macro for Kerberos library probes now checks whether --deps is supported by krb5-config and, if so, passes it in unless --enable-reduced-depends was passed to configure. This will fix link issues on some platforms where all dependency libraries need to be linked to ensure proper behavior.RRA_LIB_GSSAPI and RRA_LIB_KRB5 have been modified to use RRA_KRB5_CONFIG instead of duplicating their own krb5-config logic. This includes picking up the above change to use --deps if available. If including m4/gssapi.m4 or m4/krb5.m4 in another package, one must now also copy m4/krb5-config.m4.RRA_LIB_GSSAPI no longer calls krb5-config with no arguments if the gssapi argument isn’t supported and instead falls back to manual library probing. This is only relevant for very old versions of Kerberos.krb5.conf files.remctl.sh and kerberos.sh TAP libraries and instead use a tap_ prefix on variables, for portability to Solaris /bin/sh. Also avoid using test_file_path or test_tmpdir in backquotes inside double quotes to avoid a quoting bug in Solaris /bin/sh.__attribute__ handling in portable/macros.h more aware of different versions and compilers. All attributes are now suppressed for GCC older than 2.96 (instead of 2.7), since __malloc__ became available then. __alloc_size__ is suppressed for GCC older than 4.3. Warnings about unknown diagnostics are suppressed for LLVM and Clang, which pretend to be GCC but don’t support all the same attributes.buffer_sprintf and buffer_vsprintf and instead introduce new buffer_append_sprintf and _vsprintf functions to append to the buffer, which is what the functions did with a true argument. This avoids having a bool argument to functions, the meaning of which is often obscure in the calling code.RRA_INCLUDES_GSSAPI macro that can be used to get a set of standard includes when probing for GSS-API library features.RRA_LIB_GSSAPI, since there’s no downside to always running them.gssapi/gssapi.h should be used instead of gssapi.h. Thanks to Jeffrey Hutzelman for the idea.rra_use_remctl to true in RRA_LIB_REMCTL_OPTIONAL if remctl libraries were found, following the documentation.kerberos_setup in the Kerberos TAP add-on and always return a struct of configuration. Return the path to the keytab configuration and the corresponding principal, if present, and the principal, username, realm, and password from a password configuration, if present. Support requiring one or both configurations and calling skip_all if they’re missing. Remove the alternative implementation of the Kerberos utility functions that doesn’t require the Kerberos libraries and instead use #ifdef inside the primary implementation to handle this.#define via Makefile.am rather than requiring all test programs pass it in. Shut down remctld automatically at the end of the test suite to remove the requirement for explicit cleanup. Take the Kerberos configuration struct from the new kerberos_setup function and get the required configuration information from it. Add support for running remctld under fakeroot, and correctly handle shutting down remctld when run under fakeroot or valgrind.network_read and network_write functions to the network utility library, which read from and write to network sockets with an optional timeout.kerberos.sh and remctl.sh TAP add-ons for the new tests/config location of Kerberos configuration and to use test_tmpdir for temporary files.strndup function to not assume that the string being duplicated is nul-terminated.xstrndup.-D_FORTIFY_SOURCE=2 to the default warning flags for more checks on glibc systems, and fix the resulting warnings in some of the test suite programs.krb5_cc_get_full_name function to the Kerberos portability layer.krb5_deltat is not equivalent to long.PAM_AUTHTOK, PAM_OLDAUTHTOK, and PAM_CONV items and more correctly implements the PAM environment. It also supports intercepting getpwnam calls and returning a synthetic structure, and intercepting Kerberos krb5_kuserok calls and using the configured home directory to find .k5login. Log output is now returned as an array of strings rather than concatenating all the messages together. The fake PAM library now depends on the TAP library and uses its facilities for allocating memory so that memory allocation failures are reported with bail.kerberos_setup TAP utility function now expects a test keytab to be in tests/config/keytab instead of tests/data/test.keytab and uses tests/tmp for the temporary ticket cache. It no longer needs the principal found in the keytab to be explicitly configured in tests/data/test.principal; instead, it reads the principal from the keytab.tests/fakepam/README for more information.portable/pam.h support for PAM_EXTERN.krb5.h and krb5/krb5.h and use the latter if the former isn’t found. Add an RRA_INCLUDES_KRB5 macro that expands into the headers to use for Kerberos probes. This allows the header to be found on NetBSD systems. Thanks to Fredrik Pettai for the report.m4/lib-helper.m4 and m4/krb5-config.m4) that may eventually be used for the other library probes. Add a portability wrapper around kadm5/admin.h and some example probes in configure.ac.basprintf and bvasprintf, which wrap asprintf and vasprintf, checking their return status and calling bail if they fail.bail_krb5 and diag_krb5 to append a Kerberos error message, kerberos_config_password to return Kerberos principal and password information from a file in tests/config, and kerberos_keytab_principal to return the first principal found in a keytab file (so that the user doesn’t have to explicitly configure which principal to use once they’ve created the keytab)kerberos_generate_conf TAP utility function to generate a krb5.conf file for testing. The last supports changing the default realm, removing configuration that may interfere with what’s being tested, and honoring a krb5.conf file put in tests/config. It uses a helper program, generate-krb5-conf, which must be in tests/data.krb5_get_error_message with a NULL context. Older versions of Heimdal will dereference the context unconditionally and segfault.putil_log_failure and allow for systems where __func__ is defined by the system headers even though the compiler doesn’t indicate a new enough C standard version (such as NetBSD).RRA_LIB_REMCTL_OPTIONAL to not define HAVE_REMCTL even if the library wasn’t found and to clear the variables used in Makefiles if the library isn’t found.config.h in stdbool.h unless it has already been included.ssize_t in portable/system.h if the system doesn’t define it (Windows does not). Requires an additional check in configure.ac for users of portable/system.h. Patch from Matthew Loar.vector_join and cvector_join. Thanks to Richard Kettlewell for the test suite addition.socklen_t and sig_atomic_t. Patch from Matthew Loar.-I/usr/include from the output of krb5-config. The previous code used extended regular expressions, which cannot be relied on inside sed, and would have stripped include paths that start with /usr/include. Just use two sed invocations, with and without a trailing space. Thanks to Ken Dreyer for the report.RRA_LIB_KRB5_OPTIONAL to make Kerberos libraries really optional when called without --enable-reduced-depends and without setting a path to the Kerberos libraries.RRA_LIB_REMCTL_OPTIONAL to not require the remctl library be found when neither --with-remctl nor --without-remctl was given.INADDR_LOOPBACK in the socket portability code and instead use htonl(0x7f000001UL). The byte-order of INADDR_LOOPBACK appears to be undefined in practice, so neither using it directly nor using it with htonl works reliably.issetugid was mistakenly called issetuidgid instead, causing it to always be built. Use the correct function name so that the native function is used on platforms that provide it.gssapi/gssapi_krb5.h in portable/gssapi.h if it’s available. Prefer gssapi/gssapi.h to gssapi.h in sample configure probes.typedef instead of #define for defining socklen_t and sig_atomic_t if they’re missing, following the recommendation in the Autoconf manual.atexit handler so the caller doesn’t need to explicitly clean up. It also frees all allocated memory, including the returned principal and the stored environment variables, for cleaner valgrind analysis.network_connect utility functions now take an optional timeout. If non-zero, a non-blocking connect is done with that timeout, rather than blocking on connect until the TCP stack gives up. The network utility code now depends on the fdflag code.PATH_KRB5_CONFIG as the environment variable to set the path to krb5-config rather than KRB5_CONFIG in all the Autoconf macros that use it (krb5.m4, gssapi.m4, and krb4.m4), since the latter is used by the Kerberos libraries to specify an alternative path to krb5.conf.is_function_output TAP add-on interface to take an opaque data pointer and pass it into the called function.network_bind_all.fdflag_nonblocking for Windows and allow fdflag.c to be built on Windows.krb5_deltat and are parsed using the Kerberos library routine to parse a time interval. Without Kerberos, they fall back to longs and are parsed as numbers.pam_get_item and pam_set_item in the fake PAM library used for testing PAM modules.krb5_verify_init_creds_opt_init, which is missing from the AIX NAS Kerberos implementation in at least some versions.HAVE_KERBEROS if RRA_LIB_KRB5 is used, rather than only if RRA_LIB_KRB5_OPTIONAL is used and Kerberos was found. This simplifies reuse of code between mandatory-Kerberos and optional-Kerberos packages.krb5_get_init_creds_opt_set_change_password_prompt, krb5_set_password, and krb5_get_init_creds_opt_set_pkinit, replacing them as needed, and add new Autoconf macros to handle old nine-argument forms of the latter.RRA_LIB_REMCTL_OPTIONAL to m4/remctl.m4 for packages where the remctl dependency is not required. Define HAVE_REMCTL if remctl is present, including when using the non-optional macro.run_setup TAP add-on function that runs a given command and calls bail if it fails, used for doing test setup in an external command. (Some things are easier to do in shell than in C.)--with-krb5-include or --with-krb5-lib is given. Similarly avoid use of krb5-config in the GSS-API Autoconf macros if --with-gssapi-include or --with-gssapi-lib are given. One generally doesn’t specify specific directories like that unless krb5-config will be wrong.configure.ac probe for krb5_kt_free_entry prototype.portable/pam.h.portable/mkstemp.c.getaddrinfo replacement portable to systems that don’t declare h_errno and don’t define the netdb.h error constants.network_bind_all on Windows.ARRAY_SIZE and ARRAY_END macros to util/macros.h.krb5_appdefault_string returns without setting the result string. Fixes a possible segfault during configuration parsing on Mac OS X 10.7.afs/param.h is not found. The system call interface can’t be built without the AFS headers, and it’s better to fail with a descriptive message at configure time than with an obscure message at compile time.strings.h in portable/system.h if it exists. Some platforms, such as FreeBSD, follow POSIX closely and only define strncasecmp here.gssapi/gssapi.h to gssapi.h in portable/gssapi.h. On FreeBSD, gssapi.h is marked as deprecated and emits a warning.util/messages.c when printing an error about failed memory allocation.--enable-kafs is passed to configure. This avoids having rra-c-util fail to build on platforms that require the OpenAFS headers or libraries when AFS is not installed.network_accept_any if select returns with no error but without setting any of the sockets as ready. This should be a rare edge case.pam_getenvlist in the fakepam testing library to return an empty environment instead of NULL when no environment variables have been set.network_accept_any function, which takes an array of file descriptors (similar to what’s returned by network_bind_all) and blocks accepting incoming connections on any of those file descriptors.remctld_start function of the TAP remctl add-on now takes optional additional arguments to remctld.network_bind_ipv6 and not binding to all local addresses, use IP_FREEBIND if it’s available. This allows binding to addresses that are not yet configured, which is much more common with IPv6 given IPv6 autoconfiguration.portable/getaddrinfo test on systems where invalid hostnames still resolve.gssapi.m4 fix for Heimdal without libroken was incomplete. It now doesn’t attempt to link with libroken when probing for GSS-API symbols. Thanks, Antoine Verheijen.snprintf testing and properly check the return status of xasprintf and xvasprintf.-Wconversion. This warning flag is still unused by default due a bug in handling htons.-Wjump-misses-init, -Wlogical-op, and -Wredundant-decls.gssapi.m4 Autoconf macros now handle the bundled Heimdal on OpenBSD that doesn’t have a separate libroken. Thanks to Antoine Verheijen for the analysis.KRB5_USES_COM_ERR Automake conditional to false when --without-krb5 is used rather than leaving it undefined, since the latter can cause configure failures. Patch from Andrew Deason.m4/socket.m4.krb5_realm to configure.ac so that pam-util will compile with Heimdal. Also fix kafs compilation flags to build properly with Heimdal kafs if it’s in a non-standard path.strndup replacement, check if the string being duplicated is NULL, and if so, return NULL and set errno to EINVAL rather than segfaulting. Thanks, Carsten Hey.sockaddr_in and sockaddr_in6 in the network library before using one, just in case non-zeroed padding bytes might cause problems. Thanks, Bo Lindbergh.strndup (not available on Mac OS X).vector_copy, vector_exec, and vector_exec_env to the pam-util vector library. Fix vector_clear to not attempt to free strings that are NULL.ibm_svc/krb5_svc.h (part of AIX’s bundled Kerberos implementation), include krb5.h before attempting to include that header to quiet confusing Autoconf warnings. Reported by Wilfried Weiss.kafs/kafs.h to portable/kafs.h, since it’s more a portability header than a header solely for the kafs replacement library.krb5.conf. It also provides a version of the util/vector.c library that doesn’t die on memory allocation failure and hence is suitable for use in PAM modules.k_haspag for use with either the kafs replacement library or for systems with a libkafs or libkopenafs that don’t have that function.k_pioctl from the kafs replacement library and provide a definition of struct ViceIoctl. This is mainly for the use of k_haspag, but may prove useful for making other AFS system calls.krb5_free_default_realm and krb5_init_secure_context to the Kerberos portability layer.krb5_appdefault_* functions for compatibility with AIX’s included Kerberos, which provides the profile library but not the Kerberos interface to query it.--with-libkafs-lib and --with-libkafs-include configure options to work properly.kafs.h header./usr/kerberos/bin after checking the user’s PATH. This is the default location on Red Hat Enterprise prior to RHEL6.configure.ac that was previously commented out so that it is tested when building rra-c-util. Building this package directly will now require working GSS-API libraries, but since it already required working Kerberos libraries, this should not make a noticeable difference.krb5_get_init_creds_opt_free.ktutil_list to output details of the contents of a keytab, used to compare two keytabs.apr-config --includes and add it to the preprocessor flags. Fixes build failures on Red Hat Enterprise Linux 4 and 5.sys/types.h before sys/socket.h so that the test program compiles on OpenBSD. Thanks, Wim Lewis.kerberos.sh and remctl.sh test libraries.ld --version-script M4 checks in the distribution.--version-script flag with a simple version script that just assigns symbol versions and marks some symbols as local.vector_split_multi and cvector_split_multi functions to util/vector.h, which split a string into a vector using any character found in a string of separators as a separator.issetuidgid function.krb5_data_free versus krb5_free_data_contents and improve checking for krb5_kt_free_entry with older versions of MIT Kerberos.config.h in portable/krb5.h so that the Kerberos portability code can be used in situations where a stripped-down config.h is needed, such as Apache modules.krb5.m4 Autoconf macros now handle the bundled Heimdal on OpenBSD that doesn’t have a separate libroken.KRB5_CPPFLAGS, KRB5_LDFLAGS, or KRB5_LIBS are set before calling the macro, their values will be preserved and added to whatever the macro sets, which allows the caller to set up custom values for particular operating systems.CPPFLAGS, LDFLAGS, and LIBS after probing for GSS-API libraries with --enable-reduced-depends. Previously, the default variables were left containing extra GSS-API-specific flags.krb5_free_error_message to not be static.util/xwrite.h. Previously, the header would be incorrectly skipped if util/xmalloc.h was already included.die and warn wrappers for Kerberos errors to the utility library.pam_syslog and pam_vsyslog, and an Autoconf macro to determine whether the PAM library headers use const.xmalloc itself.util/util.h.util/util.h apart into separate header files for every utility function grouping. This requires include changes in all packages importing rra-c-util, but makes it much easier to update header file changes for only those components that a downstream package users.alloc_size, malloc, and nonnull to the prototypes for utility functions where appropriate, and add the format attribute to xasprintf.kafs/kafs.h now defines HAVE_KAFS if any form of AFS support is available. This allows programs using it to, for instance, display different help output based on whether AFS support is compiled in (as opposed to available on the current system, which is what k_hasafs determines).network_connect or network_client_create are called with an unknown address domain for the source address.AC_TYPE_LONG_LONG_INT instead of AC_CHECK_TYPES([long long]) as provided by newer Autoconfs, and change the snprintf replacement to assume the compiler provides long double.RRA_SET_LIBDIR, which sets the libdir variable based on the size of an integer in the compilation environment and whether /usr/lib32 or /usr/lib64 exist.socket_type typedef rather than int directly to store the file descriptors of sockets and, on Windows, typedef that to SOCKET instead of int. Update the function signatures of the network utility functions appropriately. Compare socket_type variables against an INVALID_SOCKET define instead of -1. Fixes portability issues to 64-bit Windows. Thanks, Jeffrey Altman.AC_LIBOBJ and the portable directory and supports more specific configure options.mkstemp on systems that don’t have it.m4/krb4.m4, which probes for Kerberos v4 libraries in the same ways that m4/krb5.m4 probes for Kerberos v5 libraries.m4/socket-unix.m4, which contains some probes for UNIX domain socket support taken from INN with modifications by Julien ÉLIE.RRA_SET_LDFLAGS (m4/lib-pathname.m4) now appends to the variable rather than only setting it and takes an optional third argument naming a subdirectory of the library directory to add to the library search path.asprintf function.--enable-silent-rules option to configure or build with make V=0.KRB5_CONFIG environment variable over a path constructed from the --with-gssapi argument.AS_HELP_STRING instead of the deprecated AC_HELP_STRING in all Autoconf m4 files.Initial public release based on the portability code that shipped with remctl 2.13 with some additional files from other current releases of my software packages. The changes below are relative to that version.
RRA_LIB_*_SET functions. When using Automake, one should never put one’s own flags into the CPPFLAGS, CFLAGS, and LDFLAGS variables, since the user may override them. Instead, AM_* versions should be set in Makefile.am. This can be done using the existing substitution variables, so the *_SET functions were always wrong.vector_addn function that adds a counted string to a vector (similar to strndup). There is no cvector equivalent.AI_ADDRCONFIG flag being present in the system headers, passing it into getaddrinfo results in an error. Test for this at configure time and, if it doesn’t work, hide the system AI_ADDRCONFIG definition.message_fatal_cleanup extern in util.h. Fixes compilation problems on Mac OS X and probably elsewhere.AC_TRY_* to AC_*_IFELSE for all Autoconf macros.AC_CONFIG_MACRO_DIR and using AC_USE_SYSTEM_EXTENSIONS instead of AC_AIX and AC_GNU_SOURCE.| < rra-c-util README | Russ Allbery > Software > rra-c-util | PAM Testing > |