1 --- shadow-4.0.3.orig/lib/prototypes.h
2 +++ shadow-4.0.3/lib/prototypes.h
4 extern int isexpired(const struct passwd *);
8 +#include <linux/flask/flask_types.h>
11 /* basename() renamed to Basename() to avoid libc name space confusion */
13 extern char *Basename(char *str);
15 extern int chown_tree(const char *, uid_t, uid_t, gid_t, gid_t);
18 -extern void chown_tty(const char *, const struct passwd *);
19 +extern void chown_tty(const char *, const struct passwd *
21 +, int FLASK_flag, security_id_t user_sid, security_id_t *ttyn_sid
26 extern int console(const char *);
29 extern void setup_env(struct passwd *);
32 +#include <linux/flask/flask_types.h>
36 -extern void shell(const char *, const char *);
37 +extern void shell(const char *, const char *
39 + , int FLASK_flag, security_id_t user_sid
45 --- shadow-4.0.3.orig/src/su.c
46 +++ shadow-4.0.3/src/su.c
57 /* local function prototypes */
59 +/* If nonzero, change some environment vars to indicate the user su'd to. */
60 +static int change_environment;
62 +static struct option const longopts[] =
64 + {"command", required_argument, 0, 'c'},
65 + {"preserve-environment", no_argument, 0, 'p'},
66 + {"shell", required_argument, 0, 's'},
67 + {"help", no_argument, 0, 'h'},
73 static RETSIGTYPE die (int);
78 +/* borrowed from GNU sh-utils' "su.c" */
80 +restricted_shell (const char *shell)
85 + while ((line = getusershell ()) != NULL) {
86 + if (*line != '#' && strcmp (line, shell) == 0) {
95 +/* borrowed from GNU sh-utils' "su.c" */
97 +elements (char **arr)
101 + for (n = 0; *arr; ++arr)
106 +/* borrowed from GNU sh-utils' "su.c" */
108 +run_shell (char *shell, const char *command, char **additional_args, int login)
113 + int cmd_len_left = sizeof(cmd) - 1;
117 + if (additional_args)
118 + args = (const char **) xmalloc (sizeof (char *)
119 + * (10 + elements (additional_args)));
121 + args = (const char **) xmalloc (sizeof (char *) * 10);
126 + char *shell_basename;
128 + shell_basename = getdef_str("SU_NAME");
129 + if (!shell_basename)
130 + shell_basename = Basename(shell);
132 + arg0 = xmalloc (strlen (shell_basename) + 2);
134 + strcpy (arg0 + 1, shell_basename);
138 + args[0] = Basename(shell);
139 + if (command || additional_args)
140 + args[argno++] = "-c";
142 + if (strlen(command) > cmd_len_left) {
143 + fprintf(stderr, _("Command line args too long\n"));
146 + strcat(cmd, command);
147 + cmd_len_left -= strlen(command);
149 + if (additional_args)
150 + for (; *additional_args; ++additional_args) {
151 + if ((strlen(*additional_args) + 1) > cmd_len_left) {
152 + fprintf(stderr, _("Command line args too long\n"));
159 + strcat(cmd, *additional_args);
160 + cmd_len_left -= strlen(*additional_args);
162 + if (cmd[0]) args[argno++] = cmd;
163 + args[argno] = NULL;
164 + execv (shell, (char **) args);
165 + fprintf (stderr, _("No shell\n"));
166 + SYSLOG((LOG_WARN, "Cannot execute %s\n", shell));
169 static void su_failure (const char *tty)
171 @@ -153,13 +256,14 @@
174 const char *tty = 0; /* Name of tty SU is run from */
179 struct passwd *pw = 0;
180 char **envp = environ;
182 + char *command = 0, *shell = 0, **additional_args = 0;
188 @@ -174,12 +278,14 @@
190 #endif /* !USE_PAM */
193 + /* sanitize_env (); */
195 setlocale (LC_ALL, "");
196 bindtextdomain (PACKAGE, LOCALEDIR);
197 textdomain (PACKAGE);
199 + change_environment = 1;
202 * Get the program name. The program name is used as a prefix to
203 * most error messages.
204 @@ -224,14 +330,66 @@
205 * Process the command line arguments.
209 - argv++; /* shift out command name */
211 - if (argc > 0 && strcmp (argv[0], "-") == 0) {
212 + while ((optc = getopt_long (argc, argv, "c:mps:h", longopts, NULL)) != -1) {
221 + change_environment = 0;
227 + fprintf(stderr, _("\
228 +Usage: su [OPTS] [-] [username [ARGS]]\n\
229 + - make this a login shell\n\
230 + -c, --command=<command>\n\
231 + pass command to the invoked shell using its -c\n\
233 + -m, -p, --preserve-environment\n\
234 + do not reset environment variables, and keep the\n\
236 + -s, --shell=<shell>\n\
237 + use shell instead of the default in /etc/passwd\n"));
242 + if (optind < argc && !strcmp (argv[optind], "-")) {
245 - argv++; /* shift ... */
250 + strncpy(name, argv[optind++], sizeof(name) - 1);
252 + struct passwd *root_pw = getpwuid(0);
253 + if (root_pw == NULL) {
254 + SYSLOG((LOG_CRIT, "There is no UID 0 user."));
257 + strcpy(name, root_pw->pw_name);
261 + additional_args = argv + optind;
264 + * Get the user's real name. The current UID is used to determine
265 + * who has executed su. That user ID must exist.
268 + pw = get_my_pwent();
270 + SYSLOG((LOG_CRIT, "Unknown UID: %d\n", (int) my_uid));
273 + STRFCPY(oldname, pw->pw_name);
276 * If a new login is being set up, the old environment will be
278 addenv (*envp++, NULL);
282 - * The next argument must be either a user ID, or some flag to a
283 - * subshell. Pretty sticky since you can't have an argument which
284 - * doesn't start with a "-" unless you specify the new user name.
285 - * Any remaining arguments will be passed to the user's login shell.
288 - if (argc > 0 && argv[0][0] != '-') {
289 - STRFCPY (name, argv[0]); /* use this login id */
291 - argv++; /* shift ... */
293 - if (!name[0]) /* use default user ID */
294 - (void) strcpy (name, "root");
296 - doshell = argc == 0; /* any arguments remaining? */
299 - * Get the user's real name. The current UID is used to determine
300 - * who has executed su. That user ID must exist.
303 - pw = get_my_pwent ();
305 - SYSLOG ((LOG_CRIT, "Unknown UID: %u", my_uid));
308 - STRFCPY (oldname, pw->pw_name);
314 * Set the default shell.
317 - if (pwent.pw_shell[0] == '\0')
318 - pwent.pw_shell = "/bin/sh"; /* XXX warning: const */
319 + if (pwent.pw_shell == NULL || pwent.pw_shell[0] == '\0')
320 + pwent.pw_shell = (char *) "/bin/sh";
322 + if (shell == 0 && change_environment == 0)
323 + shell = getenv ("SHELL");
324 + if (shell != 0 && getuid () && restricted_shell (pwent.pw_shell))
327 + shell = (char *) strdup (pwent.pw_shell);
329 + signal(SIGINT, SIG_IGN);
331 ret = pam_authenticate (pamh, 0);
332 if (ret != PAM_SUCCESS) {
337 + ret = pam_get_item(pamh, PAM_USER, (const void **) &tmp_name);
338 + if (ret != PAM_SUCCESS) {
339 + SYSLOG((LOG_ERR, "pam_get_item: internal PAM error\n"));
340 + fprintf(stderr, "%s: Internal PAM error retrieving username\n", Prog);
341 + pam_end(pamh, ret);
344 + strncpy(name, tmp_name, sizeof(name) - 1);
347 * Set up a signal handler in case the user types QUIT.
348 @@ -507,10 +652,14 @@
352 - environ = newenvp; /* make new environment active */
354 - if (getenv ("IFS")) /* don't export user IFS ... */
355 - addenv ("IFS= \t\n", NULL); /* ... instead, set a safe IFS */
356 + if (change_environment || restricted_shell(pwent.pw_shell)) {
357 + environ = newenvp; /* make new environment active */
358 + if (getenv ("IFS")) /* don't export user IFS ... */
359 + addenv("IFS= \t\n", NULL); /* ... instead, set a safe IFS */
361 + if (getenv ("IFS"))
362 + putenv("IFS= \t\n");
365 if (pwent.pw_shell[0] == '*') { /* subsystem root required */
366 pwent.pw_shell++; /* skip the '*' */
367 @@ -554,17 +703,56 @@
371 + ret = pam_open_session(pamh, 0);
372 + if (ret != PAM_SUCCESS) {
373 + SYSLOG((LOG_ERR, "pam_open_session: %s\n", pam_strerror(pamh, ret)));
374 + fprintf(stderr, "%s: %s\n", Prog, pam_strerror(pamh, ret));
375 + pam_setcred(pamh, PAM_DELETE_CRED);
376 + pam_end(pamh, ret);
379 + /* We must fork before setuid() because we need to call
380 + * pam_close_session() as root.
383 + /* We let the admin configure whether they need to keep login
384 + around to close sessions */
385 + if (getdef_bool("CLOSE_SESSIONS")) {
389 + signal(SIGINT, SIG_IGN);
394 + SYSLOG((LOG_ERR, "su: fork failure: %m"));
395 + perror("su: fork failure");
396 + pam_setcred(pamh, PAM_DELETE_CRED);
397 + pam_close_session(pamh, 0);
398 + pam_end(pamh, PAM_ABORT);
400 + case 0: /* child */
401 + signal(SIGINT, SIG_DFL);
403 + default: /* parent */
404 + waitpid(pid, &status, 0);
405 + /* now we are done using PAM */
406 + pam_setcred(pamh, PAM_DELETE_CRED);
407 + ret = pam_close_session(pamh, 0);
408 + pam_end(pamh, ret);
409 + exit(WEXITSTATUS(status));
413 /* become the new user */
414 if (change_uid (&pwent)) {
415 + pam_close_session(pamh, 0);
416 pam_setcred (pamh, PAM_DELETE_CRED);
417 pam_end (pamh, PAM_ABORT);
421 - /* now we are done using PAM */
422 - pam_end (pamh, PAM_SUCCESS);
425 if (!amroot) /* no limits if su from root */
426 setup_limits (&pwent);
427 @@ -573,11 +761,14 @@
429 #endif /* !USE_PAM */
432 - setup_env (&pwent);
433 + if (fakelogin && (change_environment || restricted_shell(pwent.pw_shell)))
435 #if 1 /* Suggested by Joey Hess. XXX - is this right? */
437 - addenv ("HOME", pwent.pw_dir);
438 + else if (change_environment || restricted_shell(pwent.pw_shell)) {
439 + addenv("HOME", pwent.pw_dir);
440 + addenv("USER", pwent.pw_name);
441 + addenv("SHELL", shell);
451 - * See if the user has extra arguments on the command line. In that
452 - * case they will be provided to the new user's shell as arguments.
458 -#if 0 /* XXX - GNU su doesn't do this. --marekm */
459 - if (!hushed (&pwent)) {
464 - cp = getdef_str ("SU_NAME");
466 - cp = Basename (pwent.pw_shell);
468 - arg0 = xmalloc (strlen (cp) + 2);
470 - strcpy (arg0 + 1, cp);
473 - cp = Basename (pwent.pw_shell);
478 - * Use new user's shell from /etc/passwd and create an argv
479 - * with the rest of the command line included.
482 - argv[-1] = pwent.pw_shell;
483 - (void) execv (pwent.pw_shell, &argv[-1]);
484 - (void) fprintf (stderr, _("No shell\n"));
485 - SYSLOG ((LOG_WARN, "Cannot execute %s", pwent.pw_shell));
490 - shell (pwent.pw_shell, cp);
491 + run_shell (shell, command, additional_args, fakelogin);
492 /*NOTREACHED*/ exit (1);
494 --- shadow-4.0.3.orig/src/groupadd.c
495 +++ shadow-4.0.3/src/groupadd.c
503 RCSID (PKG_VER "$Id$")
504 #include <sys/types.h>
505 --- shadow-4.0.3.orig/src/groupdel.c
506 +++ shadow-4.0.3/src/groupdel.c
514 RCSID(PKG_VER "$Id$")
516 --- shadow-4.0.3.orig/src/groupmod.c
517 +++ shadow-4.0.3/src/groupmod.c
525 RCSID (PKG_VER "$Id$")
526 #include <sys/types.h>
527 --- shadow-4.0.3.orig/src/chpasswd.c
528 +++ shadow-4.0.3/src/chpasswd.c
536 RCSID (PKG_VER "$Id$")
538 --- shadow-4.0.3.orig/src/newusers.c
539 +++ shadow-4.0.3/src/newusers.c
547 RCSID (PKG_VER "$Id$")
548 #include <sys/types.h>
549 --- shadow-4.0.3.orig/src/login.c
550 +++ shadow-4.0.3/src/login.c
552 #include <sys/proc.h>
553 #include <sys/sysi86.h>
556 +#ifndef MAXHOSTNAMELEN
557 +#define MAXHOSTNAMELEN 64
562 * Support for RADIUS authentication based on a hacked util-linux login
564 for (arg = 1; arg < argc; arg++) {
565 if (argv[arg][0] == '-' && strlen (argv[arg]) > 2)
567 + if (!strcmp(argv[arg], "--"))
568 + break; /* stop checking on a "--" */
572 @@ -424,11 +431,39 @@
573 static char temp_pw[2];
574 static char temp_shell[] = "/bin/sh";
577 +#include <linux/flask/flask_types.h>
578 +#include <selinux/flask_util.h>
579 +#include <selinux/fs_secure.h>
580 +#include <selinux/ss.h>
581 +#include <selinux/get_user_sid.h>
590 +#define CONTEXTLEN 255
591 + security_context_t user_context;
592 + int user_context_len = CONTEXTLEN;
593 + security_id_t user_sid;
594 + security_id_t* sidlist;
595 +#define SIDLISTLEN 10
596 + int sidlistlen = SIDLISTLEN;
598 + security_id_t ttyn_sid; /* The current sid of ttyn device */
601 + security_id_t vcsn_sid; /* The current sid of vcsn device */
602 + security_id_t vcsan_sid; /* The current sid of vcsan device */
604 + security_id_t newdev_sid; /* The new sid of a device */
605 + struct stat statbuf;
609 #if defined(SHADOWPWD) && !defined(USE_PAM)
610 struct spwd *spwd = NULL;
614 check_flags (argc, argv);
616 - while ((flag = getopt (argc, argv, "d:f:h:pr:")) != EOF) {
617 + while ((flag = getopt (argc, argv, "d:f::h:pr:")) != EOF) {
621 @@ -475,11 +510,16 @@
623 * username must be a separate token
624 * (-f root, *not* -froot). --marekm
626 + * if -f has an arg, use that, else use the
627 + * normal user name passed after all options
630 - if (optarg != argv[optind - 1])
631 + if (optarg != NULL && optarg != argv[optind - 1])
634 - STRFCPY (username, optarg);
636 + STRFCPY (username, optarg);
643 if (optind < argc) { /* get the user name */
645 + if (rflg || (fflg && username[0]))
649 @@ -763,49 +803,98 @@
653 - retcode = pam_authenticate (pamh, 0);
654 - while ((failcount++ < retries) &&
655 - ((retcode == PAM_AUTH_ERR) ||
656 - (retcode == PAM_USER_UNKNOWN) ||
657 - (retcode == PAM_CRED_INSUFFICIENT) ||
658 - (retcode == PAM_AUTHINFO_UNAVAIL))) {
659 - pam_get_item (pamh, PAM_USER,
660 - (const void **) &pam_user);
661 - syslog (LOG_NOTICE,
662 - "FAILED LOGIN %d FROM %s FOR %s, %s",
663 - failcount, hostname, pam_user,
664 - pam_strerror (pamh, retcode));
665 -#ifdef HAVE_PAM_FAIL_DELAY
666 - pam_fail_delay (pamh, 1000000 * delay);
669 + const char *failent_user;
674 + retcode = pam_fail_delay(pamh, 1000000*delay);
676 + retcode = pam_authenticate (pamh, 0);
678 + pam_get_item (pamh, PAM_USER,
679 + (const void **) &pam_user);
681 + if (pam_user && pam_user[0]) {
682 + pwd = getpwnam(pam_user);
685 + failent_user = pwent.pw_name;
687 + if (getdef_bool("LOG_UNKFAIL_ENAB") && pam_user)
688 + failent_user = pam_user;
690 + failent_user = "UNKNOWN";
694 + failent_user = "UNKNOWN";
697 + if (retcode == PAM_MAXTRIES || failcount >= retries) {
698 + syslog (LOG_NOTICE,
699 + _("TOO MANY LOGIN TRIES (%d)%s FOR `%s'"),
700 + failcount, fromhost, failent_user);
702 + if (pwd && getdef_bool("FAILLOG_ENAB"))
703 + failure (pwent.pw_uid, tty, &faillog);
706 + _("Maximum number of tries exceeded (%d)\n"),
710 + } else if (retcode == PAM_ABORT) {
711 + /* Serious problems, quit now */
712 + fprintf(stderr,_("login: abort requested by PAM\n"));
713 + syslog(LOG_ERR,_("PAM_ABORT returned from pam_authenticate()"));
716 + } else if (retcode != PAM_SUCCESS) {
717 + syslog(LOG_NOTICE,_("FAILED LOGIN (%d)%s FOR `%s', %s"),
718 + failcount, fromhost, failent_user,
719 + pam_strerror (pamh, retcode));
723 + if (pwd && getdef_bool("FAILLOG_ENAB") &&
724 + ! failcheck (pwent.pw_uid, &faillog, failed)) {
725 + SYSLOG((LOG_CRIT, FAILURE_CNT, failent_user, fromhost));
729 - fprintf (stderr, "Login incorrect\n\n");
730 - pam_set_item (pamh, PAM_USER, NULL);
731 - retcode = pam_authenticate (pamh, 0);
734 - if (retcode != PAM_SUCCESS) {
735 - pam_get_item (pamh, PAM_USER,
736 - (const void **) &pam_user);
738 - if (retcode == PAM_MAXTRIES)
739 - syslog (LOG_NOTICE,
740 - "TOO MANY LOGIN TRIES (%d) FROM %s FOR %s, %s",
741 - failcount, hostname,
743 - pam_strerror (pamh,
746 - syslog (LOG_NOTICE,
747 - "FAILED LOGIN SESSION FROM %s FOR %s, %s",
748 - hostname, pam_user,
749 - pam_strerror (pamh,
752 - fprintf (stderr, "\nLogin incorrect\n");
753 - pam_end (pamh, retcode);
758 + fprintf(stderr,"Login incorrect\n\n");
760 + if (pwd && getdef_bool("FAILLOG_ENAB"))
761 + failure (pwent.pw_uid, tty, &faillog);
763 + if (getdef_str("FTMP_FILE") != NULL) {
766 + gettimeofday(&(failent.ut_tv), NULL);
769 + time(&failent.ut_time);
771 + strncpy(failent.ut_user, failent_user, sizeof(failent.ut_user));
773 + failent.ut_type = USER_PROCESS;
778 + /* Let's give it another go around */
779 + pam_set_item(pamh,PAM_USER,NULL);
782 + /* We don't get here unless they were authenticated above */
784 retcode = pam_acct_mgmt (pamh, 0);
786 if (retcode == PAM_NEW_AUTHTOK_REQD) {
787 @@ -828,11 +917,14 @@
789 if (!pwd || setup_groups (pwd))
794 retcode = pam_setcred (pamh, PAM_ESTABLISH_CRED);
797 - retcode = pam_open_session (pamh, 0);
798 + retcode = pam_open_session (pamh,
799 + hushed(&pwent) ? PAM_SILENT : 0);
802 #else /* ! USE_PAM */
803 @@ -1002,6 +1094,7 @@
808 if (pwd && getdef_bool ("FAILLOG_ENAB") &&
809 !failcheck (pwent.pw_uid, &faillog, failed)) {
811 @@ -1009,12 +1102,15 @@
812 username, fromhost));
820 /* don't log non-existent users */
821 if (pwd && getdef_bool ("FAILLOG_ENAB"))
822 failure (pwent.pw_uid, tty, &faillog);
824 if (getdef_str ("FTMP_FILE") != NULL) {
825 const char *failent_user;
827 @@ -1078,6 +1174,66 @@
829 #endif /* ! USE_PAM */
830 alarm (0); /* turn off alarm clock */
833 + /* Make sure FLASK is really installed on this system */
834 + if( (FLASK_flag = is_flask_enabled()) )
836 + /* Get security context and SID for user */
837 + sidlistlen = SIDLISTLEN;
838 + sidlist = malloc (sidlistlen*sizeof(security_id_t));
839 + if (sidlist == 0) {
840 + fprintf(stderr, "login: no memory for SID list.\n");
844 + num_sids = get_ordered_sid_list (pam_user, 0, sidlist, &sidlistlen);
845 + if (num_sids <= 0 && sidlistlen > SIDLISTLEN) {
846 + security_id_t *tmplist;
847 + tmplist = realloc (sidlist, sidlistlen*sizeof(security_id_t));
850 + num_sids = get_ordered_sid_list (pam_user, 0, sidlist, &sidlistlen);
854 + if (num_sids <= 0) {
855 + fprintf(stderr, "login: unable to obtain SIDs for %s.\n", pam_user);
856 + if (manual_user_enter_sid (pam_user, &user_sid))
858 + syslog (LOG_ERR, "UNABLE TO GET VALID SID FOR %s", pam_user);
864 + query_user_sid (sidlist, num_sids, &user_sid);
867 + user_context_len = CONTEXTLEN;
868 + user_context = malloc(user_context_len);
869 + if (!user_context) {
870 + fprintf(stderr, "login: no memory for security context.\n");
873 + rc = security_sid_to_context(user_sid,user_context,&user_context_len);
874 + if (rc < 0 && user_context_len > CONTEXTLEN)
876 + security_context_t tmpcon;
877 + tmpcon = realloc (user_context, user_context_len);
879 + user_context = tmpcon;
880 + rc = security_sid_to_context (user_sid, user_context, &user_context_len);
884 + free (user_context);
885 + syslog (LOG_ERR, "PROBLEM OBTAINING CONTEXT FOR %s", pam_user);
891 #ifndef USE_PAM /* PAM does this */
893 * porttime checks moved here, after the user has been
894 @@ -1172,7 +1328,11 @@
896 setup_limits (&pwent); /* nice, ulimit etc. */
897 #endif /* ! USE_PAM */
898 - chown_tty (tty, &pwent);
899 + chown_tty(tty, &pwent
901 + , FLASK_flag, user_sid, &ttyn_sid
907 @@ -1338,6 +1498,16 @@
914 + /* We need to change the contexts of the
915 + * terminal devices back to the system when
916 + * the user's session ends. */
917 + if(chsid(tty, ttyn_sid) != 0)
924 @@ -1354,10 +1524,33 @@
926 endsgent (); /* stop access to shadow group file */
931 + if(pwent.pw_uid == 0)
932 + SYSLOG((LOG_NOTICE, "ROOT LOGIN %s", fromhost));
933 + else if(getdef_bool("LOG_OK_LOGINS"))
935 + SYSLOG((LOG_INFO, "`%s' logged in %s", pam_user, fromhost, user_context));
937 + SYSLOG((LOG_INFO, "`%s' logged in %s", username, fromhost, user_context));
939 + free(user_context);
944 if (pwent.pw_uid == 0)
945 SYSLOG ((LOG_NOTICE, "ROOT LOGIN %s", fromhost));
946 else if (getdef_bool ("LOG_OK_LOGINS"))
948 + SYSLOG ((LOG_INFO, "`%s' logged in %s", pam_user, fromhost));
950 SYSLOG ((LOG_INFO, "`%s' logged in %s", username, fromhost));
958 @@ -1367,8 +1560,16 @@
961 if ((tmp = getdef_str ("FAKE_SHELL")) != NULL) {
962 - shell (tmp, pwent.pw_shell); /* fake shell */
963 + shell (tmp, pwent.pw_shell
965 + , FLASK_flag, user_sid
967 + ); /* fake shell */
969 - shell (pwent.pw_shell, (char *) 0); /* exec the shell finally. */
970 + shell(pwent.pw_shell, (char *) 0
972 + , FLASK_flag, user_sid
974 + ); /* exec the shell finally. */
975 /*NOTREACHED*/ return 0;
977 --- shadow-4.0.3.orig/src/passwd.c
978 +++ shadow-4.0.3/src/passwd.c
979 @@ -1173,8 +1173,8 @@
981 if (!amroot && pw->pw_uid != getuid ()) {
983 - _("You may not change the password for %s.\n"),
985 + _("%s: You may not view or modify password information for %s.\n"),
987 SYSLOG ((LOG_WARN, "can't change pwd for `%s'", name));
990 --- shadow-4.0.3.orig/src/cppw.c
991 +++ shadow-4.0.3/src/cppw.c
994 + cppw, cpgr copy with locking given file over the password or group file
995 + with -s will copy with locking given file over shadow or gshadow file
997 + Copyright (C) 1999 Stephen Frost <sfrost@snowman.net>
999 + Based on vipw, vigr by:
1000 + Copyright (C) 1997 Guy Maor <maor@ece.utexas.edu>
1002 + This program is free software; you can redistribute it and/or modify
1003 + it under the terms of the GNU General Public License as published by
1004 + the Free Software Foundation; either version 2 of the License, or
1005 + (at your option) any later version.
1007 + This program is distributed in the hope that it will be useful, but
1008 + WITHOUT ANY WARRANTY; without even the implied warranty of
1009 + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
1010 + General Public License for more details.
1012 + You should have received a copy of the GNU General Public License
1013 + along with this program; if not, write to the Free Software
1014 + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
1018 +#include <config.h>
1019 +#include "defines.h"
1022 +#include <sys/stat.h>
1023 +#include <unistd.h>
1025 +#include <stdlib.h>
1026 +#include <sys/types.h>
1027 +#include <signal.h>
1029 +#include "prototypes.h"
1031 +#include "shadowio.h"
1032 +#include "groupio.h"
1033 +#include "sgroupio.h"
1036 +static const char *progname, *filename, *filenewname;
1037 +static int filelocked = 0;
1038 +static int (*unlock)();
1040 +/* local function prototypes */
1041 +static int create_backup_file (FILE *, const char *, struct stat *);
1042 +static void cppwexit (const char *, int, int);
1043 +static void cppwcopy (const char *, const char *, int (*) (void), int (*) (void));
1044 +int main (int, char **);
1047 +create_backup_file(FILE *fp, const char *backup, struct stat *sb)
1049 + struct utimbuf ub;
1054 + mask = umask(077);
1055 + bkfp = fopen(backup, "w");
1057 + if (!bkfp) return -1;
1060 + while ((c = getc(fp)) != EOF) {
1061 + if (putc(c, bkfp) == EOF) break;
1064 + if (c != EOF || fflush(bkfp)) {
1069 + if (fclose(bkfp)) {
1074 + ub.actime = sb->st_atime;
1075 + ub.modtime = sb->st_mtime;
1076 + if (utime(backup, &ub) ||
1077 + chmod(backup, sb->st_mode) ||
1078 + chown(backup, sb->st_uid, sb->st_gid)) {
1086 +cppwexit(const char *msg, int syserr, int ret)
1089 + if (filelocked) (*unlock)();
1090 + if (msg) fprintf(stderr, "%s: %s", progname, msg);
1091 + if (syserr) fprintf(stderr, ": %s", strerror(err));
1092 + fprintf(stderr, "\n%s: %s is unchanged\n", progname, filename);
1097 +cppwcopy(const char *file, const char *in_file, int (*file_lock) (void), int (*file_unlock) (void))
1101 + char filenew[1024];
1103 + snprintf(filenew, sizeof filenew, "%s.new", file);
1104 + unlock = file_unlock;
1106 + filenewname = filenew;
1108 + if (access(file, F_OK)) cppwexit(file, 1, 1);
1109 + if (!file_lock()) cppwexit("Couldn't lock file", errno, 5);
1112 + /* file to copy has same owners, perm */
1113 + if (stat(file, &st1)) cppwexit(file, 1, 1);
1114 + if (!(f = fopen(in_file, "r"))) cppwexit(file, 1, 1);
1115 + if (create_backup_file(f, filenew, &st1))
1116 + cppwexit("Couldn't make backup", errno, 1);
1118 + /* XXX - here we should check filenew for errors; if there are any,
1119 + fail w/ an appropriate error code and let the user manually fix
1120 + it. Use pwck or grpck to do the check. - Stephen (Shamelessly
1121 + stolen from '--marekm's comment) */
1123 + if (rename(filenew, file) == -1) {
1124 + fprintf(stderr, "%s: can't copy %s: %s)\n",
1125 + progname, filenew, strerror(errno));
1134 +main(int argc, char **argv)
1143 + progname = ((c = strrchr(*argv, '/')) ? c+1 : *argv);
1144 + do_cppw = (strcmp(progname, "cpgr") != 0);
1146 + while ((flag = getopt(argc, argv, "ghps")) != EOF) {
1161 +`cppw <file>' copys over /etc/passwd `cppw -s <file>' copys over /etc/shadow\n\
1162 +`cpgr <file>' copys over /etc/group `cpgr -s <file>' copys over /etc/gshadow\n\
1168 + if (optind >= argc) {
1169 + cppwexit ("missing file argument, -h for usage",0,1);
1172 + in_file = argv[argc - 1];
1177 + cppwcopy(SHADOW_FILE, in_file, spw_lock, spw_unlock);
1180 + cppwcopy(PASSWD_FILE, in_file, pw_lock, pw_unlock);
1185 + cppwcopy(SGROUP_FILE, in_file, sgr_lock, sgr_unlock);
1188 + cppwcopy(GROUP_FILE, in_file, gr_lock, gr_unlock);
1193 --- shadow-4.0.3.orig/src/Makefile.am
1194 +++ shadow-4.0.3/src/Makefile.am
1196 ubin_PROGRAMS = faillog lastlog chage chfn chsh expiry gpasswd newgrp passwd
1197 usbin_PROGRAMS = chpasswd dpasswd groupadd groupdel groupmod \
1198 logoutd mkpasswd newusers useradd userdel usermod grpck \
1199 - pwck vipw grpconv grpunconv pwconv pwunconv
1200 + pwck vipw grpconv grpunconv pwconv pwunconv cppw
1202 noinst_PROGRAMS = id sulogin
1206 suidubins = chage chfn chsh expiry gpasswd newgrp passwd
1208 -LDADD = $(top_builddir)/libmisc/libmisc.la \
1211 +LDADD += $(top_builddir)/libmisc/libmisc.la \
1212 $(top_builddir)/lib/libshadow.la
1214 chpasswd_LDADD = $(LDADD) $(LIBPAM)
1216 groupadd_LDADD = $(LDADD) $(LIBPAM)
1217 groupdel_LDADD = $(LDADD) $(LIBPAM)
1218 groupmod_LDADD = $(LDADD) $(LIBPAM)
1219 -login_LDADD = $(LDADD) $(LIBPAM)
1220 +login_LDADD = $(LDADD) $(LIBPAM) $(SEC_LDADD)
1221 newusers_LDADD = $(LDADD) $(LIBPAM)
1222 passwd_LDADD = $(LDADD) $(LIBPAM) $(LIBCRACK)
1223 su_SOURCES = su.c suauth.c
1224 -su_LDADD = $(LDADD) $(LIBPAM)
1225 +su_LDADD = $(LDADD) $(LIBPAM) $(SEC_LDADD)
1226 useradd_LDADD = $(LDADD) $(LIBPAM)
1227 userdel_LDADD = $(LDADD) $(LIBPAM)
1228 usermod_LDADD = $(LDADD) $(LIBPAM)
1229 +newgrp_LDADD = $(LDADD) $(LIBPAM) $(SEC_LDADD)
1230 +sulogin_LDADD = $(LDADD) $(LIBPAM) $(SEC_LDADD)
1233 - ln -sf newgrp $(DESTDIR)$(bindir)/sg
1234 ln -sf vigr $(DESTDIR)$(bindir)/vipw
1235 for i in $(suidbins); do \
1236 chmod 4755 $(DESTDIR)$(bindir)/$$i; \
1237 --- shadow-4.0.3.orig/src/grpck.c
1238 +++ shadow-4.0.3/src/grpck.c
1244 struct commonio_entry *gre, *tgre;
1248 * Parse the command line arguments
1251 - while ((arg = getopt (argc, argv, "qrs")) != EOF) {
1252 + while ((arg = getopt (argc, argv, "qprs")) != EOF) {
1255 /* quiet - ignored for now */
1266 @@ -315,9 +319,13 @@
1268 * prompt the user to delete the entry or not
1271 - if (!yes_or_no ())
1273 + if (!yes_or_no ())
1281 * All group file deletions wind up here. This code
1282 --- shadow-4.0.3.orig/src/newgrp.c
1283 +++ shadow-4.0.3/src/newgrp.c
1287 /* XXX - remove when gettext is safe to use in setuid programs */
1289 + /* sanitize_env ();*/
1292 setlocale (LC_ALL, "");
1293 @@ -386,8 +386,13 @@
1294 SYSLOG ((LOG_INFO, "user `%s' switched to group `%s'",
1296 if (getdef_bool ("SYSLOG_SG_ENAB")) {
1297 - char *loginname = xstrdup (getlogin ());
1298 - char *tty = xstrdup (ttyname (0));
1299 + char *loginname = getlogin ();
1300 + char *tty = ttyname (0);
1302 + if (loginname != NULL)
1303 + loginname = xstrdup (loginname);
1305 + tty = xstrdup (tty);
1307 if (loginname == NULL)
1309 @@ -586,7 +591,11 @@
1310 * the previous environment which should be the user's login shell.
1313 - shell (prog, initflag ? (char *) 0 : cp);
1314 + shell(prog, initflag ? (char *) 0 : cp
1315 +#ifdef CONFIG_FLASK
1319 /*NOTREACHED*/ failure:
1322 --- shadow-4.0.3.orig/src/useradd.c
1323 +++ shadow-4.0.3/src/useradd.c
1331 RCSID (PKG_VER "$Id$")
1332 #include "prototypes.h"
1333 --- shadow-4.0.3.orig/src/userdel.c
1334 +++ shadow-4.0.3/src/userdel.c
1342 RCSID (PKG_VER "$Id$")
1343 #include <sys/stat.h>
1348 + int deleted_user_group = 0;
1349 const struct sgrp *sgrp;
1351 #endif /* SHADOWGRP */
1352 @@ -209,6 +212,10 @@
1354 gr_remove (grp->gr_name);
1357 + deleted_user_group = 1;
1361 * Update the DBM group file with the new entry as well.
1363 @@ -279,6 +286,10 @@
1364 SYSLOG ((LOG_INFO, "delete `%s' from shadow group `%s'\n",
1365 user_name, nsgrp->sg_name));
1368 + if (deleted_user_group)
1369 + sgr_remove(user_name);
1374 --- shadow-4.0.3.orig/src/usermod.c
1375 +++ shadow-4.0.3/src/usermod.c
1383 RCSID (PKG_VER "$Id$")
1384 #include <sys/types.h>
1385 @@ -1544,9 +1546,14 @@
1386 if (copy_tree (user_home, user_newhome,
1387 uflg ? user_newid : -1,
1388 gflg ? user_newgid : -1) ==
1389 - 0 && remove_tree (user_home) == 0
1390 - && rmdir (user_home) == 0)
1393 + if (remove_tree (user_home) != 0 ||
1394 + rmdir (user_home) != 0)
1396 + _("%s: warning: failed to completely remove old home directory %s"),
1401 (void) remove_tree (user_newhome);
1402 (void) rmdir (user_newhome);
1403 --- shadow-4.0.3.orig/src/sulogin.c
1404 +++ shadow-4.0.3/src/sulogin.c
1405 @@ -268,6 +268,10 @@
1409 - shell (pwent.pw_shell, (char *) 0); /* exec the shell finally. */
1410 + shell(pwent.pw_shell, (char *) 0
1411 +#ifdef CONFIG_FLASK
1414 + ); /* exec the shell finally. */
1415 /*NOTREACHED*/ return (0);
1417 --- shadow-4.0.3.orig/src/chage.c
1418 +++ shadow-4.0.3/src/chage.c
1426 RCSID (PKG_VER "$Id$")
1427 #include <sys/types.h>
1428 --- shadow-4.0.3.orig/libmisc/sub.c
1429 +++ shadow-4.0.3/libmisc/sub.c
1435 + /* Now fixup the shell to get rid of that '*' */
1436 + if (*pw->pw_shell == '*')
1439 --- shadow-4.0.3.orig/libmisc/pam_pass.c
1440 +++ shadow-4.0.3/libmisc/pam_pass.c
1445 + fputs("passwd: password updated successfully\n", stderr);
1446 pam_end(pamh, PAM_SUCCESS);
1448 #else /* !USE_PAM */
1449 --- shadow-4.0.3.orig/libmisc/shell.c
1450 +++ shadow-4.0.3/libmisc/shell.c
1455 -shell(const char *file, const char *arg)
1456 +shell(const char *file, const char *arg
1457 +#ifdef CONFIG_FLASK
1458 + , int FLASK_flag, security_id_t user_sid
1468 +#ifdef CONFIG_FLASK
1470 + execle_secure(file, user_sid, arg, (char *) 0, newenvp);
1473 execle (file, arg, (char *) 0, newenvp);
1476 @@ -103,6 +112,11 @@
1477 if ((fp = fopen (file, "r"))) {
1478 if (getc (fp) == '#' && getc (fp) == '!') {
1480 +#ifdef CONFIG_FLASK
1482 + execle ("/bin/sh", user_sid, "sh", file, (char *) 0, newenvp);
1485 execle ("/bin/sh", "sh",
1486 file, (char *) 0, newenvp);
1488 --- shadow-4.0.3.orig/libmisc/getdate.c
1489 +++ shadow-4.0.3/libmisc/getdate.c
1492 -/* A Bison parser, made from getdate.y
1493 - by GNU Bison version 1.25
1495 +/* A Bison parser, made from getdate.y
1496 + by GNU bison 1.33. */
1498 #define YYBISON 1 /* Identify Bison output. */
1502 -#define tDAY_UNIT 260
1503 -#define tDAYZONE 261
1505 -#define tHOUR_UNIT 263
1507 -#define tMERIDIAN 265
1508 -#define tMINUTE_UNIT 266
1510 -#define tMONTH_UNIT 268
1511 -#define tSEC_UNIT 269
1512 -#define tSNUMBER 270
1513 -#define tUNUMBER 271
1514 -#define tYEAR_UNIT 272
1518 +# define tDAY_UNIT 259
1519 +# define tDAYZONE 260
1521 +# define tHOUR_UNIT 262
1523 +# define tMERIDIAN 264
1524 +# define tMINUTE_UNIT 265
1525 +# define tMONTH 266
1526 +# define tMONTH_UNIT 267
1527 +# define tSEC_UNIT 268
1528 +# define tSNUMBER 269
1529 +# define tUNUMBER 270
1530 +# define tYEAR_UNIT 271
1535 @@ -197,16 +195,15 @@
1538 #line 175 "getdate.y"
1542 enum _MERIDIAN Meridian;
1546 -#ifndef __cplusplus
1550 +# define YYSTYPE yystype
1557 @@ -215,159 +212,187 @@
1558 #define YYFLAG -32768
1561 -#define YYTRANSLATE(x) ((unsigned)(x) <= 273 ? yytranslate[x] : 32)
1562 +/* YYTRANSLATE(YYLEX) -- Bison token number corresponding to YYLEX. */
1563 +#define YYTRANSLATE(x) ((unsigned)(x) <= 272 ? yytranslate[x] : 32)
1565 -static const char yytranslate[] = { 0,
1566 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1567 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1568 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1569 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1570 - 2, 2, 2, 20, 2, 2, 21, 2, 2, 2,
1571 - 2, 2, 2, 2, 2, 2, 2, 19, 2, 2,
1572 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1573 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1574 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1575 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1576 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1577 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1578 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1579 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1580 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1581 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1582 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1583 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1584 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1585 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1586 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1587 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1588 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1589 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1590 - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1591 - 2, 2, 2, 2, 2, 1, 2, 3, 4, 5,
1592 - 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
1594 +/* YYTRANSLATE[YYLEX] -- Bison token number corresponding to YYLEX. */
1595 +static const char yytranslate[] =
1597 + 0, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1598 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1599 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1600 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1601 + 2, 2, 2, 2, 20, 2, 2, 21, 2, 2,
1602 + 2, 2, 2, 2, 2, 2, 2, 2, 19, 2,
1603 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1604 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1605 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1606 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1607 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1608 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1609 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1610 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1611 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1612 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1613 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1614 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1615 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1616 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1617 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1618 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1619 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1620 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1621 + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
1622 + 2, 2, 2, 2, 2, 2, 1, 3, 4, 5,
1623 + 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
1628 -static const short yyprhs[] = { 0,
1629 - 0, 1, 4, 6, 8, 10, 12, 14, 16, 19,
1630 - 24, 29, 36, 43, 45, 47, 50, 52, 55, 58,
1631 - 62, 68, 72, 76, 79, 84, 87, 91, 94, 96,
1632 - 99, 102, 104, 107, 110, 112, 115, 118, 120, 123,
1633 - 126, 128, 131, 134, 136, 139, 142, 144, 146, 147
1635 +static const short yyprhs[] =
1637 + 0, 0, 1, 4, 6, 8, 10, 12, 14, 16,
1638 + 19, 24, 29, 36, 43, 45, 47, 50, 52, 55,
1639 + 58, 62, 68, 72, 76, 79, 84, 87, 91, 94,
1640 + 96, 99, 102, 104, 107, 110, 112, 115, 118, 120,
1641 + 123, 126, 128, 131, 134, 136, 139, 142, 144, 146,
1645 -static const short yyrhs[] = { -1,
1646 - 22, 23, 0, 24, 0, 25, 0, 27, 0, 26,
1647 - 0, 28, 0, 30, 0, 16, 10, 0, 16, 19,
1648 - 16, 31, 0, 16, 19, 16, 15, 0, 16, 19,
1649 - 16, 19, 16, 31, 0, 16, 19, 16, 19, 16,
1650 - 15, 0, 18, 0, 6, 0, 18, 7, 0, 4,
1651 - 0, 4, 20, 0, 16, 4, 0, 16, 21, 16,
1652 - 0, 16, 21, 16, 21, 16, 0, 16, 15, 15,
1653 - 0, 16, 12, 15, 0, 12, 16, 0, 12, 16,
1654 - 20, 16, 0, 16, 12, 0, 16, 12, 16, 0,
1655 - 29, 3, 0, 29, 0, 16, 17, 0, 15, 17,
1656 - 0, 17, 0, 16, 13, 0, 15, 13, 0, 13,
1657 - 0, 16, 5, 0, 15, 5, 0, 5, 0, 16,
1658 - 8, 0, 15, 8, 0, 8, 0, 16, 11, 0,
1659 - 15, 11, 0, 11, 0, 16, 14, 0, 15, 14,
1660 - 0, 14, 0, 16, 0, 0, 10, 0
1661 +static const short yyrhs[] =
1663 + -1, 22, 23, 0, 24, 0, 25, 0, 27, 0,
1664 + 26, 0, 28, 0, 30, 0, 16, 10, 0, 16,
1665 + 19, 16, 31, 0, 16, 19, 16, 15, 0, 16,
1666 + 19, 16, 19, 16, 31, 0, 16, 19, 16, 19,
1667 + 16, 15, 0, 18, 0, 6, 0, 18, 7, 0,
1668 + 4, 0, 4, 20, 0, 16, 4, 0, 16, 21,
1669 + 16, 0, 16, 21, 16, 21, 16, 0, 16, 15,
1670 + 15, 0, 16, 12, 15, 0, 12, 16, 0, 12,
1671 + 16, 20, 16, 0, 16, 12, 0, 16, 12, 16,
1672 + 0, 29, 3, 0, 29, 0, 16, 17, 0, 15,
1673 + 17, 0, 17, 0, 16, 13, 0, 15, 13, 0,
1674 + 13, 0, 16, 5, 0, 15, 5, 0, 5, 0,
1675 + 16, 8, 0, 15, 8, 0, 8, 0, 16, 11,
1676 + 0, 15, 11, 0, 11, 0, 16, 14, 0, 15,
1677 + 14, 0, 14, 0, 16, 0, 0, 10, 0
1683 -static const short yyrline[] = { 0,
1684 - 191, 192, 195, 198, 201, 204, 207, 210, 213, 219,
1685 - 225, 234, 240, 252, 255, 258, 264, 268, 272, 278,
1686 - 282, 300, 306, 312, 316, 321, 325, 332, 340, 343,
1687 - 346, 349, 352, 355, 358, 361, 364, 367, 370, 373,
1688 - 376, 379, 382, 385, 388, 391, 394, 399, 432, 436
1690 +/* YYRLINE[YYN] -- source line where rule number YYN was defined. */
1691 +static const short yyrline[] =
1693 + 0, 191, 192, 195, 198, 201, 204, 207, 210, 213,
1694 + 219, 225, 234, 240, 252, 255, 258, 264, 268, 272,
1695 + 278, 282, 300, 306, 312, 316, 321, 325, 332, 340,
1696 + 343, 346, 349, 352, 355, 358, 361, 364, 367, 370,
1697 + 373, 376, 379, 382, 385, 388, 391, 394, 399, 432,
1703 -#if YYDEBUG != 0 || defined (YYERROR_VERBOSE)
1704 +#if (YYDEBUG) || defined YYERROR_VERBOSE
1706 -static const char * const yytname[] = { "$","error","$undefined.","tAGO","tDAY",
1707 -"tDAY_UNIT","tDAYZONE","tDST","tHOUR_UNIT","tID","tMERIDIAN","tMINUTE_UNIT",
1708 -"tMONTH","tMONTH_UNIT","tSEC_UNIT","tSNUMBER","tUNUMBER","tYEAR_UNIT","tZONE",
1709 -"':'","','","'/'","spec","item","time","zone","day","date","rel","relunit","number",
1711 +/* YYTNAME[TOKEN_NUM] -- String name of the token TOKEN_NUM. */
1712 +static const char *const yytname[] =
1714 + "$", "error", "$undefined.", "tAGO", "tDAY", "tDAY_UNIT", "tDAYZONE",
1715 + "tDST", "tHOUR_UNIT", "tID", "tMERIDIAN", "tMINUTE_UNIT", "tMONTH",
1716 + "tMONTH_UNIT", "tSEC_UNIT", "tSNUMBER", "tUNUMBER", "tYEAR_UNIT",
1717 + "tZONE", "':'", "','", "'/'", "spec", "item", "time", "zone", "day",
1718 + "date", "rel", "relunit", "number", "o_merid", NULL
1722 -static const short yyr1[] = { 0,
1723 - 22, 22, 23, 23, 23, 23, 23, 23, 24, 24,
1724 - 24, 24, 24, 25, 25, 25, 26, 26, 26, 27,
1725 - 27, 27, 27, 27, 27, 27, 27, 28, 28, 29,
1726 - 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
1727 - 29, 29, 29, 29, 29, 29, 29, 30, 31, 31
1728 +/* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */
1729 +static const short yyr1[] =
1731 + 0, 22, 22, 23, 23, 23, 23, 23, 23, 24,
1732 + 24, 24, 24, 24, 25, 25, 25, 26, 26, 26,
1733 + 27, 27, 27, 27, 27, 27, 27, 27, 28, 28,
1734 + 29, 29, 29, 29, 29, 29, 29, 29, 29, 29,
1735 + 29, 29, 29, 29, 29, 29, 29, 29, 30, 31,
1739 -static const short yyr2[] = { 0,
1740 - 0, 2, 1, 1, 1, 1, 1, 1, 2, 4,
1741 - 4, 6, 6, 1, 1, 2, 1, 2, 2, 3,
1742 - 5, 3, 3, 2, 4, 2, 3, 2, 1, 2,
1743 - 2, 1, 2, 2, 1, 2, 2, 1, 2, 2,
1744 - 1, 2, 2, 1, 2, 2, 1, 1, 0, 1
1745 +/* YYR2[YYN] -- Number of symbols composing right hand side of rule YYN. */
1746 +static const short yyr2[] =
1748 + 0, 0, 2, 1, 1, 1, 1, 1, 1, 2,
1749 + 4, 4, 6, 6, 1, 1, 2, 1, 2, 2,
1750 + 3, 5, 3, 3, 2, 4, 2, 3, 2, 1,
1751 + 2, 2, 1, 2, 2, 1, 2, 2, 1, 2,
1752 + 2, 1, 2, 2, 1, 2, 2, 1, 1, 0,
1756 -static const short yydefact[] = { 1,
1757 - 0, 17, 38, 15, 41, 44, 0, 35, 47, 0,
1758 - 48, 32, 14, 2, 3, 4, 6, 5, 7, 29,
1759 - 8, 18, 24, 37, 40, 43, 34, 46, 31, 19,
1760 - 36, 39, 9, 42, 26, 33, 45, 0, 30, 0,
1761 - 0, 16, 28, 0, 23, 27, 22, 49, 20, 25,
1762 - 50, 11, 0, 10, 0, 49, 21, 13, 12, 0,
1764 +/* YYDEFACT[S] -- default rule to reduce with in state S when YYTABLE
1765 + doesn't specify something else to do. Zero means the default is an
1767 +static const short yydefact[] =
1769 + 1, 0, 17, 38, 15, 41, 44, 0, 35, 47,
1770 + 0, 48, 32, 14, 2, 3, 4, 6, 5, 7,
1771 + 29, 8, 18, 24, 37, 40, 43, 34, 46, 31,
1772 + 19, 36, 39, 9, 42, 26, 33, 45, 0, 30,
1773 + 0, 0, 16, 28, 0, 23, 27, 22, 49, 20,
1774 + 25, 50, 11, 0, 10, 0, 49, 21, 13, 12,
1778 -static const short yydefgoto[] = { 1,
1779 - 14, 15, 16, 17, 18, 19, 20, 21, 54
1780 +static const short yydefgoto[] =
1782 + 1, 14, 15, 16, 17, 18, 19, 20, 21, 54
1785 -static const short yypact[] = {-32768,
1786 - 0, -19,-32768,-32768,-32768,-32768, -13,-32768,-32768, 30,
1787 - 15,-32768, 14,-32768,-32768,-32768,-32768,-32768,-32768, 19,
1788 --32768,-32768, 4,-32768,-32768,-32768,-32768,-32768,-32768,-32768,
1789 --32768,-32768,-32768,-32768, -6,-32768,-32768, 16,-32768, 17,
1790 - 23,-32768,-32768, 24,-32768,-32768,-32768, 27, 28,-32768,
1791 --32768,-32768, 29,-32768, 32, -8,-32768,-32768,-32768, 50,
1793 +static const short yypact[] =
1795 + -32768, 0, -19,-32768,-32768,-32768,-32768, -13,-32768,-32768,
1796 + 30, 15,-32768, 14,-32768,-32768,-32768,-32768,-32768,-32768,
1797 + 19,-32768,-32768, 4,-32768,-32768,-32768,-32768,-32768,-32768,
1798 + -32768,-32768,-32768,-32768,-32768, -6,-32768,-32768, 16,-32768,
1799 + 17, 23,-32768,-32768, 24,-32768,-32768,-32768, 27, 28,
1800 + -32768,-32768,-32768, 29,-32768, 32, -8,-32768,-32768,-32768,
1804 -static const short yypgoto[] = {-32768,
1805 --32768,-32768,-32768,-32768,-32768,-32768,-32768,-32768, -5
1806 +static const short yypgoto[] =
1808 + -32768,-32768,-32768,-32768,-32768,-32768,-32768,-32768,-32768, -5
1815 -static const short yytable[] = { 60,
1816 - 22, 51, 23, 2, 3, 4, 58, 5, 45, 46,
1817 - 6, 7, 8, 9, 10, 11, 12, 13, 30, 31,
1818 - 42, 43, 32, 44, 33, 34, 35, 36, 37, 38,
1819 - 47, 39, 48, 40, 24, 41, 51, 25, 49, 50,
1820 - 26, 52, 27, 28, 56, 53, 29, 57, 55, 61,
1822 +static const short yytable[] =
1824 + 60, 22, 51, 23, 2, 3, 4, 58, 5, 45,
1825 + 46, 6, 7, 8, 9, 10, 11, 12, 13, 30,
1826 + 31, 42, 43, 32, 44, 33, 34, 35, 36, 37,
1827 + 38, 47, 39, 48, 40, 24, 41, 51, 25, 49,
1828 + 50, 26, 52, 27, 28, 56, 53, 29, 57, 55,
1832 -static const short yycheck[] = { 0,
1833 - 20, 10, 16, 4, 5, 6, 15, 8, 15, 16,
1834 - 11, 12, 13, 14, 15, 16, 17, 18, 4, 5,
1835 - 7, 3, 8, 20, 10, 11, 12, 13, 14, 15,
1836 - 15, 17, 16, 19, 5, 21, 10, 8, 16, 16,
1837 - 11, 15, 13, 14, 16, 19, 17, 16, 21, 0,
1839 +static const short yycheck[] =
1841 + 0, 20, 10, 16, 4, 5, 6, 15, 8, 15,
1842 + 16, 11, 12, 13, 14, 15, 16, 17, 18, 4,
1843 + 5, 7, 3, 8, 20, 10, 11, 12, 13, 14,
1844 + 15, 15, 17, 16, 19, 5, 21, 10, 8, 16,
1845 + 16, 11, 15, 13, 14, 16, 19, 17, 16, 21,
1848 /* -*-C-*- Note some compilers choke on comments on `#line' lines. */
1849 -#line 3 "/usr/share/bison.simple"
1850 +#line 3 "/usr/share/bison/bison.simple"
1852 /* Skeleton output parser for bison,
1853 - Copyright (C) 1984, 1989, 1990 Free Software Foundation, Inc.
1855 + Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002 Free Software
1858 This program is free software; you can redistribute it and/or modify
1859 it under the terms of the GNU General Public License as published by
1860 @@ -381,183 +406,328 @@
1862 You should have received a copy of the GNU General Public License
1863 along with this program; if not, write to the Free Software
1864 - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
1865 + Foundation, Inc., 59 Temple Place - Suite 330,
1866 + Boston, MA 02111-1307, USA. */
1868 /* As a special exception, when this file is copied by Bison into a
1869 Bison output file, you may use that output file without restriction.
1870 This special exception was added by the Free Software Foundation
1871 in version 1.24 of Bison. */
1875 -#define alloca __builtin_alloca
1876 -#else /* not GNU C. */
1877 -#if (!defined (__STDC__) && defined (sparc)) || defined (__sparc__) || defined (__sparc) || defined (__sgi)
1878 -#include <alloca.h>
1879 -#else /* not sparc */
1880 -#if defined (MSDOS) && !defined (__TURBOC__)
1881 -#include <malloc.h>
1882 -#else /* not MSDOS, or __TURBOC__ */
1884 -#include <malloc.h>
1886 -#else /* not MSDOS, __TURBOC__, or _AIX */
1888 +/* This is the parser code that is written into each bison parser when
1889 + the %semantic_parser declaration is not specified in the grammar.
1890 + It was written by Richard Stallman by simplifying the hairy parser
1891 + used when %semantic_parser is specified. */
1893 +/* All symbols defined below should begin with yy or YY, to avoid
1894 + infringing on user name space. This should be done even for local
1895 + variables, as they might otherwise be expanded by user macros.
1896 + There are some unavoidable exceptions within include files to
1897 + define necessary library symbols; they are noted "INFRINGES ON
1898 + USER NAME SPACE" below. */
1902 -void *alloca (unsigned int);
1903 +# define YYSTD(x) std::x
1905 +# define YYSTD(x) x
1908 +#if ! defined (yyoverflow) || defined (YYERROR_VERBOSE)
1910 +/* The parser invokes alloca or malloc; define the necessary symbols. */
1912 +# if YYSTACK_USE_ALLOCA
1913 +# define YYSTACK_ALLOC alloca
1915 +# ifndef YYSTACK_USE_ALLOCA
1916 +# if defined (alloca) || defined (_ALLOCA_H)
1917 +# define YYSTACK_ALLOC alloca
1920 +# define YYSTACK_ALLOC __builtin_alloca
1926 +# ifdef YYSTACK_ALLOC
1927 + /* Pacify GCC's `empty if-body' warning. */
1928 +# define YYSTACK_FREE(Ptr) do { /* empty */; } while (0)
1930 +# ifdef __cplusplus
1931 +# include <cstdlib> /* INFRINGES ON USER NAME SPACE */
1932 +# define YYSIZE_T std::size_t
1935 +# include <stdlib.h> /* INFRINGES ON USER NAME SPACE */
1936 +# define YYSIZE_T size_t
1939 +# define YYSTACK_ALLOC YYSTD (malloc)
1940 +# define YYSTACK_FREE YYSTD (free)
1943 +/* A type that is properly aligned for any stack member. */
1952 -#else /* not __cplusplus */
1954 -#endif /* not __cplusplus */
1955 -#endif /* __hpux */
1956 -#endif /* not _AIX */
1957 -#endif /* not MSDOS, or __TURBOC__ */
1958 -#endif /* not sparc. */
1959 -#endif /* not GNU C. */
1960 -#endif /* alloca not defined. */
1962 -/* This is the parser code that is written into each bison parser
1963 - when the %semantic_parser declaration is not specified in the grammar.
1964 - It was written by Richard Stallman by simplifying the hairy parser
1965 - used when %semantic_parser is specified. */
1967 -/* Note: there must be only one dollar sign in this file.
1968 - It is replaced by the list of actions, each action
1969 - as one case of the switch. */
1971 +/* The size of the maximum gap between one aligned stack and the next. */
1972 +# define YYSTACK_GAP_MAX (sizeof (union yyalloc) - 1)
1974 +/* The size of an array large to enough to hold all stacks, each with
1977 +# define YYSTACK_BYTES(N) \
1978 + ((N) * (sizeof (short) + sizeof (YYSTYPE) + sizeof (YYLTYPE)) \
1979 + + 2 * YYSTACK_GAP_MAX)
1981 +# define YYSTACK_BYTES(N) \
1982 + ((N) * (sizeof (short) + sizeof (YYSTYPE)) \
1983 + + YYSTACK_GAP_MAX)
1986 +/* Relocate the TYPE STACK from its old location to the new one. The
1987 + local variables YYSIZE and YYSTACKSIZE give the old and new number of
1988 + elements in the stack, and YYPTR gives the new location of the
1989 + stack. Advance YYPTR to a properly aligned location for the next
1991 +# define YYSTACK_RELOCATE(Type, Stack) \
1994 + YYSIZE_T yynewbytes; \
1995 + yymemcpy ((char *) yyptr, (char *) (Stack), \
1996 + yysize * (YYSIZE_T) sizeof (Type)); \
1997 + Stack = &yyptr->Stack; \
1998 + yynewbytes = yystacksize * sizeof (Type) + YYSTACK_GAP_MAX; \
1999 + yyptr += yynewbytes / sizeof (*yyptr); \
2003 +#endif /* ! defined (yyoverflow) || defined (YYERROR_VERBOSE) */
2006 +#if ! defined (YYSIZE_T) && defined (__SIZE_TYPE__)
2007 +# define YYSIZE_T __SIZE_TYPE__
2009 +#if ! defined (YYSIZE_T) && defined (size_t)
2010 +# define YYSIZE_T size_t
2012 +#if ! defined (YYSIZE_T)
2013 +# ifdef __cplusplus
2014 +# include <cstddef> /* INFRINGES ON USER NAME SPACE */
2015 +# define YYSIZE_T std::size_t
2018 +# include <stddef.h> /* INFRINGES ON USER NAME SPACE */
2019 +# define YYSIZE_T size_t
2023 +#if ! defined (YYSIZE_T)
2024 +# define YYSIZE_T unsigned int
2027 #define yyerrok (yyerrstatus = 0)
2028 #define yyclearin (yychar = YYEMPTY)
2031 -#define YYACCEPT return(0)
2032 -#define YYABORT return(1)
2033 +#define YYACCEPT goto yyacceptlab
2034 +#define YYABORT goto yyabortlab
2035 #define YYERROR goto yyerrlab1
2036 -/* Like YYERROR except do call yyerror.
2037 - This remains here temporarily to ease the
2038 - transition to the new meaning of YYERROR, for GCC.
2039 +/* Like YYERROR except do call yyerror. This remains here temporarily
2040 + to ease the transition to the new meaning of YYERROR, for GCC.
2041 Once GCC version 2 has supplanted version 1, this can go. */
2042 #define YYFAIL goto yyerrlab
2043 #define YYRECOVERING() (!!yyerrstatus)
2044 -#define YYBACKUP(token, value) \
2045 +#define YYBACKUP(Token, Value) \
2047 if (yychar == YYEMPTY && yylen == 1) \
2048 - { yychar = (token), yylval = (value); \
2050 + yychar = (Token); \
2051 + yylval = (Value); \
2052 yychar1 = YYTRANSLATE (yychar); \
2057 - { yyerror ("syntax error: cannot back up"); YYERROR; } \
2059 + yyerror ("syntax error: cannot back up"); \
2065 #define YYERRCODE 256
2068 -#define YYLEX yylex()
2072 -#ifdef YYLSP_NEEDED
2074 -#define YYLEX yylex(&yylval, &yylloc, YYLEX_PARAM)
2076 -#define YYLEX yylex(&yylval, &yylloc)
2078 -#else /* not YYLSP_NEEDED */
2080 -#define YYLEX yylex(&yylval, YYLEX_PARAM)
2082 -#define YYLEX yylex(&yylval)
2084 -#endif /* not YYLSP_NEEDED */
2087 -/* If nonreentrant, generate the variables here */
2088 +/* YYLLOC_DEFAULT -- Compute the default location (before the actions
2093 -int yychar; /* the lookahead symbol */
2094 -YYSTYPE yylval; /* the semantic value of the */
2095 - /* lookahead symbol */
2097 -#ifdef YYLSP_NEEDED
2098 -YYLTYPE yylloc; /* location data for the lookahead */
2100 + When YYLLOC_DEFAULT is run, CURRENT is set the location of the
2101 + first token. By default, to implement support for ranges, extend
2102 + its range to the last symbol. */
2104 +#ifndef YYLLOC_DEFAULT
2105 +# define YYLLOC_DEFAULT(Current, Rhs, N) \
2106 + Current.last_line = Rhs[N].last_line; \
2107 + Current.last_column = Rhs[N].last_column;
2110 -int yynerrs; /* number of parse errors so far */
2111 -#endif /* not YYPURE */
2114 -int yydebug; /* nonzero means print parse trace */
2115 -/* Since this is uninitialized, it does not stop multiple parsers
2116 - from coexisting. */
2118 +/* YYLEX -- calling `yylex' with the right arguments. */
2122 +# ifdef YYLEX_PARAM
2123 +# define YYLEX yylex (&yylval, &yylloc, YYLEX_PARAM)
2125 +# define YYLEX yylex (&yylval, &yylloc)
2127 +# else /* !YYLSP_NEEDED */
2128 +# ifdef YYLEX_PARAM
2129 +# define YYLEX yylex (&yylval, YYLEX_PARAM)
2131 +# define YYLEX yylex (&yylval)
2133 +# endif /* !YYLSP_NEEDED */
2134 +#else /* !YYPURE */
2135 +# define YYLEX yylex ()
2136 +#endif /* !YYPURE */
2139 +/* Enable debugging if requested. */
2143 +# ifdef __cplusplus
2144 +# include <cstdio> /* INFRINGES ON USER NAME SPACE */
2146 +# include <stdio.h> /* INFRINGES ON USER NAME SPACE */
2148 +# define YYFPRINTF YYSTD (fprintf)
2151 -/* YYINITDEPTH indicates the initial size of the parser's stacks */
2152 +# define YYDPRINTF(Args) \
2157 +/* Nonzero means print parse trace. [The following comment makes no
2158 + sense to me. Could someone clarify it? --akim] Since this is
2159 + uninitialized, it does not stop multiple parsers from coexisting.
2162 +#else /* !YYDEBUG */
2163 +# define YYDPRINTF(Args)
2164 +#endif /* !YYDEBUG */
2166 +/* YYINITDEPTH -- initial size of the parser's stacks. */
2168 -#define YYINITDEPTH 200
2169 +# define YYINITDEPTH 200
2172 -/* YYMAXDEPTH is the maximum size the stacks can grow to
2173 - (effective only if the built-in stack extension method is used). */
2174 +/* YYMAXDEPTH -- maximum size the stacks can grow to (effective only
2175 + if the built-in stack extension method is used).
2177 + Do not make this value too large; the results are undefined if
2178 + SIZE_MAX < YYSTACK_BYTES (YYMAXDEPTH)
2179 + evaluated with infinite-precision integer arithmetic. */
2187 -#define YYMAXDEPTH 10000
2190 -/* Prevent warning if -Wstrict-prototypes. */
2192 -int yyparse (void);
2193 +# define YYMAXDEPTH 10000
2196 -#if __GNUC__ > 1 /* GNU C and GNU C++ define this. */
2197 -#define __yy_memcpy(TO,FROM,COUNT) __builtin_memcpy(TO,FROM,COUNT)
2198 -#else /* not GNU C or C++ */
2199 -#ifndef __cplusplus
2200 +#if ! defined (yyoverflow) && ! defined (yymemcpy)
2201 +# if __GNUC__ > 1 /* GNU C and GNU C++ define this. */
2202 +# define yymemcpy __builtin_memcpy
2203 +# else /* not GNU C or C++ */
2205 /* This is the most reliable way to avoid incompatibilities
2206 in available built-in functions on various systems. */
2208 -__yy_memcpy (to, from, count)
2213 - register char *f = from;
2214 - register char *t = to;
2215 - register int i = count;
2216 +# if defined (__STDC__) || defined (__cplusplus)
2217 +yymemcpy (char *yyto, const char *yyfrom, YYSIZE_T yycount)
2219 +yymemcpy (yyto, yyfrom, yycount)
2221 + const char *yyfrom;
2225 + register const char *yyf = yyfrom;
2226 + register char *yyt = yyto;
2227 + register YYSIZE_T yyi = yycount;
2231 + while (yyi-- != 0)
2237 -#else /* __cplusplus */
2238 +#ifdef YYERROR_VERBOSE
2240 -/* This is the most reliable way to avoid incompatibilities
2241 - in available built-in functions on various systems. */
2243 -__yy_memcpy (char *to, char *from, int count)
2245 +# if defined (__GLIBC__) && defined (_STRING_H)
2246 +# define yystrlen strlen
2248 +/* Return the length of YYSTR. */
2250 +# if defined (__STDC__) || defined (__cplusplus)
2251 +yystrlen (const char *yystr)
2254 + const char *yystr;
2257 - register char *f = from;
2258 - register char *t = to;
2259 - register int i = count;
2260 + register const char *yys = yystr;
2264 + while (*yys++ != '\0')
2267 + return yys - yystr - 1;
2274 +# if defined (__GLIBC__) && defined (_STRING_H) && defined (_GNU_SOURCE)
2275 +# define yystpcpy stpcpy
2277 +/* Copy YYSRC to YYDEST, returning the address of the terminating '\0' in
2280 +# if defined (__STDC__) || defined (__cplusplus)
2281 +yystpcpy (char *yydest, const char *yysrc)
2283 +yystpcpy (yydest, yysrc)
2285 + const char *yysrc;
2288 + register char *yyd = yydest;
2289 + register const char *yys = yysrc;
2291 + while ((*yyd++ = *yys++) != '\0')
2300 -#line 196 "/usr/share/bison.simple"
2301 +#line 341 "/usr/share/bison/bison.simple"
2304 /* The user can define YYPARSE_PARAM as the name of an argument to be passed
2305 into yyparse. The argument should have type void *.
2306 @@ -566,66 +736,121 @@
2307 to the proper pointer type. */
2309 #ifdef YYPARSE_PARAM
2311 -#define YYPARSE_PARAM_ARG void *YYPARSE_PARAM
2312 -#define YYPARSE_PARAM_DECL
2313 -#else /* not __cplusplus */
2314 -#define YYPARSE_PARAM_ARG YYPARSE_PARAM
2315 -#define YYPARSE_PARAM_DECL void *YYPARSE_PARAM;
2316 -#endif /* not __cplusplus */
2317 -#else /* not YYPARSE_PARAM */
2318 -#define YYPARSE_PARAM_ARG
2319 -#define YYPARSE_PARAM_DECL
2320 -#endif /* not YYPARSE_PARAM */
2321 +# ifdef __cplusplus
2322 +# define YYPARSE_PARAM_ARG void *YYPARSE_PARAM
2323 +# define YYPARSE_PARAM_DECL
2324 +# else /* !__cplusplus */
2325 +# define YYPARSE_PARAM_ARG YYPARSE_PARAM
2326 +# define YYPARSE_PARAM_DECL void *YYPARSE_PARAM;
2327 +# endif /* !__cplusplus */
2328 +#else /* !YYPARSE_PARAM */
2329 +# define YYPARSE_PARAM_ARG
2330 +# define YYPARSE_PARAM_DECL
2331 +#endif /* !YYPARSE_PARAM */
2333 +/* Prevent warning if -Wstrict-prototypes. */
2335 +# ifdef YYPARSE_PARAM
2336 +int yyparse (void *);
2338 +int yyparse (void);
2342 +/* YY_DECL_VARIABLES -- depending whether we use a pure parser,
2343 + variables are global, or local to YYPARSE. */
2345 +#define YY_DECL_NON_LSP_VARIABLES \
2346 +/* The lookahead symbol. */ \
2349 +/* The semantic value of the lookahead symbol. */ \
2352 +/* Number of parse errors so far. */ \
2356 +# define YY_DECL_VARIABLES \
2357 +YY_DECL_NON_LSP_VARIABLES \
2359 +/* Location data for the lookahead symbol. */ \
2362 +# define YY_DECL_VARIABLES \
2363 +YY_DECL_NON_LSP_VARIABLES
2367 +/* If nonreentrant, generate the variables here. */
2371 +#endif /* !YYPURE */
2374 -yyparse(YYPARSE_PARAM_ARG)
2375 +yyparse (YYPARSE_PARAM_ARG)
2378 + /* If reentrant, generate the variables here. */
2381 +#endif /* !YYPURE */
2383 register int yystate;
2386 + /* Number of tokens to shift before error messages enabled. */
2388 + /* Lookahead token as an internal (translated) token number. */
2391 + /* Three stacks and their tools:
2392 + `yyss': related to states,
2393 + `yyvs': related to semantic values,
2394 + `yyls': related to locations.
2396 + Refer to the stacks thru separate pointers, to allow yyoverflow
2397 + to reallocate them elsewhere. */
2399 + /* The state stack. */
2400 + short yyssa[YYINITDEPTH];
2401 + short *yyss = yyssa;
2402 register short *yyssp;
2403 - register YYSTYPE *yyvsp;
2404 - int yyerrstatus; /* number of tokens to shift before error messages enabled */
2405 - int yychar1 = 0; /* lookahead token as an internal (translated) token number */
2407 - short yyssa[YYINITDEPTH]; /* the state stack */
2408 - YYSTYPE yyvsa[YYINITDEPTH]; /* the semantic value stack */
2410 - short *yyss = yyssa; /* refer to the stacks thru separate pointers */
2411 - YYSTYPE *yyvs = yyvsa; /* to allow yyoverflow to reallocate them elsewhere */
2412 + /* The semantic value stack. */
2413 + YYSTYPE yyvsa[YYINITDEPTH];
2414 + YYSTYPE *yyvs = yyvsa;
2415 + register YYSTYPE *yyvsp;
2417 -#ifdef YYLSP_NEEDED
2418 - YYLTYPE yylsa[YYINITDEPTH]; /* the location stack */
2420 + /* The location stack. */
2421 + YYLTYPE yylsa[YYINITDEPTH];
2422 YYLTYPE *yyls = yylsa;
2426 -#define YYPOPSTACK (yyvsp--, yyssp--, yylsp--)
2428 +# define YYPOPSTACK (yyvsp--, yyssp--, yylsp--)
2430 -#define YYPOPSTACK (yyvsp--, yyssp--)
2431 +# define YYPOPSTACK (yyvsp--, yyssp--)
2434 - int yystacksize = YYINITDEPTH;
2435 + YYSIZE_T yystacksize = YYINITDEPTH;
2441 -#ifdef YYLSP_NEEDED
2446 - YYSTYPE yyval; /* the variable used to return */
2447 - /* semantic values from the action */
2449 + /* The variables used to return semantic value and location from the
2450 + action routines. */
2456 + /* When reducing, the number of symbols on the RHS of the reduced
2462 - fprintf(stderr, "Starting parse\n");
2464 + YYDPRINTF ((stderr, "Starting parse\n"));
2468 @@ -637,96 +862,106 @@
2469 so that they stay on the same level as the state stack.
2470 The wasted elements are never initialized. */
2475 -#ifdef YYLSP_NEEDED
2481 -/* Push a new state, which is found in yystate . */
2482 -/* In all cases, when you get here, the value and location stacks
2483 - have just been pushed. so pushing a state here evens the stacks. */
2485 +/*------------------------------------------------------------.
2486 +| yynewstate -- Push a new state, which is found in yystate. |
2487 +`------------------------------------------------------------*/
2489 + /* In all cases, when you get here, the value and location stacks
2490 + have just been pushed. so pushing a state here evens the stacks.
2494 - *++yyssp = yystate;
2498 if (yyssp >= yyss + yystacksize - 1)
2500 - /* Give user a chance to reallocate the stack */
2501 - /* Use copies of these so that the &'s don't force the real ones into memory. */
2502 - YYSTYPE *yyvs1 = yyvs;
2503 - short *yyss1 = yyss;
2504 -#ifdef YYLSP_NEEDED
2505 - YYLTYPE *yyls1 = yyls;
2508 /* Get the current used size of the three stacks, in elements. */
2509 - int size = yyssp - yyss + 1;
2510 + YYSIZE_T yysize = yyssp - yyss + 1;
2513 - /* Each stack pointer address is followed by the size of
2514 - the data in use in that stack, in bytes. */
2515 -#ifdef YYLSP_NEEDED
2516 - /* This used to be a conditional around just the two extra args,
2517 - but that might be undefined if yyoverflow is a macro. */
2518 - yyoverflow("parser stack overflow",
2519 - &yyss1, size * sizeof (*yyssp),
2520 - &yyvs1, size * sizeof (*yyvsp),
2521 - &yyls1, size * sizeof (*yylsp),
2524 - yyoverflow("parser stack overflow",
2525 - &yyss1, size * sizeof (*yyssp),
2526 - &yyvs1, size * sizeof (*yyvsp),
2530 - yyss = yyss1; yyvs = yyvs1;
2531 -#ifdef YYLSP_NEEDED
2535 + /* Give user a chance to reallocate the stack. Use copies of
2536 + these so that the &'s don't force the real ones into
2538 + YYSTYPE *yyvs1 = yyvs;
2539 + short *yyss1 = yyss;
2541 + /* Each stack pointer address is followed by the size of the
2542 + data in use in that stack, in bytes. */
2544 + YYLTYPE *yyls1 = yyls;
2545 + /* This used to be a conditional around just the two extra args,
2546 + but that might be undefined if yyoverflow is a macro. */
2547 + yyoverflow ("parser stack overflow",
2548 + &yyss1, yysize * sizeof (*yyssp),
2549 + &yyvs1, yysize * sizeof (*yyvsp),
2550 + &yyls1, yysize * sizeof (*yylsp),
2554 + yyoverflow ("parser stack overflow",
2555 + &yyss1, yysize * sizeof (*yyssp),
2556 + &yyvs1, yysize * sizeof (*yyvsp),
2562 #else /* no yyoverflow */
2563 /* Extend the stack our own way. */
2564 if (yystacksize >= YYMAXDEPTH)
2566 - yyerror("parser stack overflow");
2569 + goto yyoverflowlab;
2571 if (yystacksize > YYMAXDEPTH)
2572 yystacksize = YYMAXDEPTH;
2573 - yyss = (short *) alloca (yystacksize * sizeof (*yyssp));
2574 - __yy_memcpy ((char *)yyss, (char *)yyss1, size * sizeof (*yyssp));
2575 - yyvs = (YYSTYPE *) alloca (yystacksize * sizeof (*yyvsp));
2576 - __yy_memcpy ((char *)yyvs, (char *)yyvs1, size * sizeof (*yyvsp));
2577 -#ifdef YYLSP_NEEDED
2578 - yyls = (YYLTYPE *) alloca (yystacksize * sizeof (*yylsp));
2579 - __yy_memcpy ((char *)yyls, (char *)yyls1, size * sizeof (*yylsp));
2583 + short *yyss1 = yyss;
2584 + union yyalloc *yyptr =
2585 + (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize));
2587 + goto yyoverflowlab;
2588 + YYSTACK_RELOCATE (short, yyss);
2589 + YYSTACK_RELOCATE (YYSTYPE, yyvs);
2591 + YYSTACK_RELOCATE (YYLTYPE, yyls);
2593 +# undef YYSTACK_RELOCATE
2594 + if (yyss1 != yyssa)
2595 + YYSTACK_FREE (yyss1);
2597 #endif /* no yyoverflow */
2599 - yyssp = yyss + size - 1;
2600 - yyvsp = yyvs + size - 1;
2601 -#ifdef YYLSP_NEEDED
2602 - yylsp = yyls + size - 1;
2603 + yyssp = yyss + yysize - 1;
2604 + yyvsp = yyvs + yysize - 1;
2606 + yylsp = yyls + yysize - 1;
2611 - fprintf(stderr, "Stack size increased to %d\n", yystacksize);
2613 + YYDPRINTF ((stderr, "Stack size increased to %lu\n",
2614 + (unsigned long int) yystacksize));
2616 if (yyssp >= yyss + yystacksize - 1)
2622 - fprintf(stderr, "Entering state %d\n", yystate);
2624 + YYDPRINTF ((stderr, "Entering state %d\n", yystate));
2635 /* Do appropriate processing given the current state. */
2636 /* Read a lookahead token if we need one and don't already have one. */
2637 @@ -745,10 +980,7 @@
2639 if (yychar == YYEMPTY)
2643 - fprintf(stderr, "Reading a token: ");
2645 + YYDPRINTF ((stderr, "Reading a token: "));
2649 @@ -759,25 +991,25 @@
2651 yychar = YYEOF; /* Don't call YYLEX any more */
2655 - fprintf(stderr, "Now at end of input.\n");
2657 + YYDPRINTF ((stderr, "Now at end of input.\n"));
2661 - yychar1 = YYTRANSLATE(yychar);
2662 + yychar1 = YYTRANSLATE (yychar);
2666 + /* We have to keep this `#if YYDEBUG', since we use variables
2667 + which are defined only if `YYDEBUG' is set. */
2670 - fprintf (stderr, "Next token is %d (%s", yychar, yytname[yychar1]);
2671 - /* Give the individual parser a way to print the precise meaning
2672 - of a token, for further debugging info. */
2674 + YYFPRINTF (stderr, "Next token is %d (%s",
2675 + yychar, yytname[yychar1]);
2676 + /* Give the individual parser a way to print the precise
2677 + meaning of a token, for further debugging info. */
2679 YYPRINT (stderr, yychar, yylval);
2681 - fprintf (stderr, ")\n");
2683 + YYFPRINTF (stderr, ")\n");
2687 @@ -809,88 +1041,110 @@
2690 /* Shift the lookahead token. */
2694 - fprintf(stderr, "Shifting token %d (%s), ", yychar, yytname[yychar1]);
2696 + YYDPRINTF ((stderr, "Shifting token %d (%s), ",
2697 + yychar, yytname[yychar1]));
2699 /* Discard the token being shifted unless it is eof. */
2700 if (yychar != YYEOF)
2704 -#ifdef YYLSP_NEEDED
2709 - /* count tokens shifted since error; after three, turn off error status. */
2710 - if (yyerrstatus) yyerrstatus--;
2711 + /* Count tokens shifted since error; after three, turn off error
2719 -/* Do the default action for the current state. */
2722 +/*-----------------------------------------------------------.
2723 +| yydefault -- do the default action for the current state. |
2724 +`-----------------------------------------------------------*/
2726 yyn = yydefact[yystate];
2732 -/* Do a reduction. yyn is the number of a rule to reduce with. */
2733 +/*-----------------------------.
2734 +| yyreduce -- Do a reduction. |
2735 +`-----------------------------*/
2737 + /* yyn is the number of a rule to reduce with. */
2740 - yyval = yyvsp[1-yylen]; /* implement default value of the action */
2743 + /* If YYLEN is nonzero, implement the default value of the action:
2746 + Otherwise, the following line sets YYVAL to the semantic value of
2747 + the lookahead token. This behavior is undocumented and Bison
2748 + users should not rely upon it. Assigning to YYVAL
2749 + unconditionally makes the parser a bit smaller, and it avoids a
2750 + GCC warning that YYVAL may be used uninitialized. */
2751 + yyval = yyvsp[1-yylen];
2754 + /* Similarly for the default location. Let the user run additional
2755 + commands if for instance locations are ranges. */
2756 + yyloc = yylsp[1-yylen];
2757 + YYLLOC_DEFAULT (yyloc, (yylsp - yylen), yylen);
2761 + /* We have to keep this `#if YYDEBUG', since we use variables which
2762 + are defined only if `YYDEBUG' is set. */
2768 - fprintf (stderr, "Reducing via rule %d (line %d), ",
2769 - yyn, yyrline[yyn]);
2770 + YYFPRINTF (stderr, "Reducing via rule %d (line %d), ",
2771 + yyn, yyrline[yyn]);
2773 /* Print the symbols being reduced, and their result. */
2774 - for (i = yyprhs[yyn]; yyrhs[i] > 0; i++)
2775 - fprintf (stderr, "%s ", yytname[yyrhs[i]]);
2776 - fprintf (stderr, " -> %s\n", yytname[yyr1[yyn]]);
2777 + for (yyi = yyprhs[yyn]; yyrhs[yyi] > 0; yyi++)
2778 + YYFPRINTF (stderr, "%s ", yytname[yyrhs[yyi]]);
2779 + YYFPRINTF (stderr, " -> %s\n", yytname[yyr1[yyn]]);
2787 #line 195 "getdate.y"
2795 #line 198 "getdate.y"
2803 #line 201 "getdate.y"
2811 #line 204 "getdate.y"
2819 #line 207 "getdate.y"
2827 #line 213 "getdate.y"
2829 @@ -898,8 +1152,8 @@
2832 yyMeridian = yyvsp[0].Meridian;
2838 #line 219 "getdate.y"
2840 @@ -907,8 +1161,8 @@
2841 yyMinutes = yyvsp[-1].Number;
2843 yyMeridian = yyvsp[0].Meridian;
2849 #line 225 "getdate.y"
2851 @@ -919,8 +1173,8 @@
2852 yyTimezone = (yyvsp[0].Number < 0
2853 ? -yyvsp[0].Number % 100 + (-yyvsp[0].Number / 100) * 60
2854 : - (yyvsp[0].Number % 100 + (yyvsp[0].Number / 100) * 60));
2860 #line 234 "getdate.y"
2862 @@ -928,8 +1182,8 @@
2863 yyMinutes = yyvsp[-3].Number;
2864 yySeconds = yyvsp[-1].Number;
2865 yyMeridian = yyvsp[0].Meridian;
2871 #line 240 "getdate.y"
2873 @@ -941,54 +1195,54 @@
2874 yyTimezone = (yyvsp[0].Number < 0
2875 ? -yyvsp[0].Number % 100 + (-yyvsp[0].Number / 100) * 60
2876 : - (yyvsp[0].Number % 100 + (yyvsp[0].Number / 100) * 60));
2882 #line 252 "getdate.y"
2884 yyTimezone = yyvsp[0].Number;
2890 #line 255 "getdate.y"
2892 yyTimezone = yyvsp[0].Number - 60;
2898 #line 259 "getdate.y"
2900 yyTimezone = yyvsp[-1].Number - 60;
2906 #line 264 "getdate.y"
2909 yyDayNumber = yyvsp[0].Number;
2915 #line 268 "getdate.y"
2918 yyDayNumber = yyvsp[-1].Number;
2924 #line 272 "getdate.y"
2926 yyDayOrdinal = yyvsp[-1].Number;
2927 yyDayNumber = yyvsp[0].Number;
2933 #line 278 "getdate.y"
2935 yyMonth = yyvsp[-2].Number;
2936 yyDay = yyvsp[0].Number;
2942 #line 282 "getdate.y"
2944 @@ -1008,8 +1262,8 @@
2945 yyDay = yyvsp[-2].Number;
2946 yyYear = yyvsp[0].Number;
2953 #line 300 "getdate.y"
2955 @@ -1017,8 +1271,8 @@
2956 yyYear = yyvsp[-2].Number;
2957 yyMonth = -yyvsp[-1].Number;
2958 yyDay = -yyvsp[0].Number;
2964 #line 306 "getdate.y"
2966 @@ -1026,38 +1280,38 @@
2967 yyDay = yyvsp[-2].Number;
2968 yyMonth = yyvsp[-1].Number;
2969 yyYear = -yyvsp[0].Number;
2975 #line 312 "getdate.y"
2977 yyMonth = yyvsp[-1].Number;
2978 yyDay = yyvsp[0].Number;
2984 #line 316 "getdate.y"
2986 yyMonth = yyvsp[-3].Number;
2987 yyDay = yyvsp[-2].Number;
2988 yyYear = yyvsp[0].Number;
2994 #line 321 "getdate.y"
2996 yyMonth = yyvsp[0].Number;
2997 yyDay = yyvsp[-1].Number;
3003 #line 325 "getdate.y"
3005 yyMonth = yyvsp[-1].Number;
3006 yyDay = yyvsp[-2].Number;
3007 yyYear = yyvsp[0].Number;
3013 #line 332 "getdate.y"
3015 @@ -1067,116 +1321,116 @@
3016 yyRelDay = -yyRelDay;
3017 yyRelMonth = -yyRelMonth;
3018 yyRelYear = -yyRelYear;
3024 #line 343 "getdate.y"
3026 yyRelYear += yyvsp[-1].Number * yyvsp[0].Number;
3032 #line 346 "getdate.y"
3034 yyRelYear += yyvsp[-1].Number * yyvsp[0].Number;
3040 #line 349 "getdate.y"
3048 #line 352 "getdate.y"
3050 yyRelMonth += yyvsp[-1].Number * yyvsp[0].Number;
3056 #line 355 "getdate.y"
3058 yyRelMonth += yyvsp[-1].Number * yyvsp[0].Number;
3064 #line 358 "getdate.y"
3072 #line 361 "getdate.y"
3074 yyRelDay += yyvsp[-1].Number * yyvsp[0].Number;
3080 #line 364 "getdate.y"
3082 yyRelDay += yyvsp[-1].Number * yyvsp[0].Number;
3088 #line 367 "getdate.y"
3096 #line 370 "getdate.y"
3098 yyRelHour += yyvsp[-1].Number * yyvsp[0].Number;
3104 #line 373 "getdate.y"
3106 yyRelHour += yyvsp[-1].Number * yyvsp[0].Number;
3112 #line 376 "getdate.y"
3120 #line 379 "getdate.y"
3122 yyRelMinutes += yyvsp[-1].Number * yyvsp[0].Number;
3128 #line 382 "getdate.y"
3130 yyRelMinutes += yyvsp[-1].Number * yyvsp[0].Number;
3136 #line 385 "getdate.y"
3144 #line 388 "getdate.y"
3146 yyRelSeconds += yyvsp[-1].Number * yyvsp[0].Number;
3152 #line 391 "getdate.y"
3154 yyRelSeconds += yyvsp[-1].Number * yyvsp[0].Number;
3160 #line 394 "getdate.y"
3168 #line 400 "getdate.y"
3170 @@ -1208,64 +1462,50 @@
3179 #line 433 "getdate.y"
3181 yyval.Meridian = MER24;
3187 #line 437 "getdate.y"
3189 yyval.Meridian = yyvsp[0].Meridian;
3195 - /* the action file gets copied in in place of this dollarsign */
3196 -#line 498 "/usr/share/bison.simple"
3198 +#line 727 "/usr/share/bison/bison.simple"
3203 -#ifdef YYLSP_NEEDED
3212 - short *ssp1 = yyss - 1;
3213 - fprintf (stderr, "state stack now");
3214 - while (ssp1 != yyssp)
3215 - fprintf (stderr, " %d", *++ssp1);
3216 - fprintf (stderr, "\n");
3217 + short *yyssp1 = yyss - 1;
3218 + YYFPRINTF (stderr, "state stack now");
3219 + while (yyssp1 != yyssp)
3220 + YYFPRINTF (stderr, " %d", *++yyssp1);
3221 + YYFPRINTF (stderr, "\n");
3227 -#ifdef YYLSP_NEEDED
3231 - yylsp->first_line = yylloc.first_line;
3232 - yylsp->first_column = yylloc.first_column;
3233 - yylsp->last_line = (yylsp-1)->last_line;
3234 - yylsp->last_column = (yylsp-1)->last_column;
3239 - yylsp->last_line = (yylsp+yylen-1)->last_line;
3240 - yylsp->last_column = (yylsp+yylen-1)->last_column;
3246 - /* Now "shift" the result of the reduction.
3247 - Determine what state that goes to,
3248 - based on the state we popped back to
3249 - and the rule number reduced by. */
3250 + /* Now `shift' the result of the reduction. Determine what state
3251 + that goes to, based on the state we popped back to and the rule
3252 + number reduced by. */
3256 @@ -1277,10 +1517,13 @@
3260 -yyerrlab: /* here on detecting error */
3262 - if (! yyerrstatus)
3263 - /* If not already recovering from an error, report this error. */
3264 +/*------------------------------------.
3265 +| yyerrlab -- here on detecting error |
3266 +`------------------------------------*/
3268 + /* If not already recovering from an error, report this error. */
3273 @@ -1289,102 +1532,121 @@
3275 if (yyn > YYFLAG && yyn < YYLAST)
3282 - /* Start X at -yyn if nec to avoid negative indexes in yycheck. */
3283 - for (x = (yyn < 0 ? -yyn : 0);
3284 - x < (sizeof(yytname) / sizeof(char *)); x++)
3285 - if (yycheck[x + yyn] == x)
3286 - size += strlen(yytname[x]) + 15, count++;
3287 - msg = (char *) malloc(size + 15);
3289 + YYSIZE_T yysize = 0;
3294 + /* Start YYX at -YYN if negative to avoid negative indexes in
3296 + for (yyx = yyn < 0 ? -yyn : 0;
3297 + yyx < (int) (sizeof (yytname) / sizeof (char *)); yyx++)
3298 + if (yycheck[yyx + yyn] == yyx)
3299 + yysize += yystrlen (yytname[yyx]) + 15, yycount++;
3300 + yysize += yystrlen ("parse error, unexpected ") + 1;
3301 + yysize += yystrlen (yytname[YYTRANSLATE (yychar)]);
3302 + yymsg = (char *) YYSTACK_ALLOC (yysize);
3305 - strcpy(msg, "parse error");
3306 + char *yyp = yystpcpy (yymsg, "parse error, unexpected ");
3307 + yyp = yystpcpy (yyp, yytname[YYTRANSLATE (yychar)]);
3313 - for (x = (yyn < 0 ? -yyn : 0);
3314 - x < (sizeof(yytname) / sizeof(char *)); x++)
3315 - if (yycheck[x + yyn] == x)
3317 + for (yyx = yyn < 0 ? -yyn : 0;
3318 + yyx < (int) (sizeof (yytname) / sizeof (char *));
3320 + if (yycheck[yyx + yyn] == yyx)
3322 - strcat(msg, count == 0 ? ", expecting `" : " or `");
3323 - strcat(msg, yytname[x]);
3326 + const char *yyq = ! yycount ? ", expecting " : " or ";
3327 + yyp = yystpcpy (yyp, yyq);
3328 + yyp = yystpcpy (yyp, yytname[yyx]);
3335 + YYSTACK_FREE (yymsg);
3338 - yyerror ("parse error; also virtual memory exceeded");
3339 + yyerror ("parse error; also virtual memory exhausted");
3342 -#endif /* YYERROR_VERBOSE */
3343 - yyerror("parse error");
3344 +#endif /* defined (YYERROR_VERBOSE) */
3345 + yyerror ("parse error");
3349 -yyerrlab1: /* here on error raised explicitly by an action */
3352 +/*--------------------------------------------------.
3353 +| yyerrlab1 -- error raised explicitly by an action |
3354 +`--------------------------------------------------*/
3356 if (yyerrstatus == 3)
3358 - /* if just tried and failed to reuse lookahead token after an error, discard it. */
3359 + /* If just tried and failed to reuse lookahead token after an
3360 + error, discard it. */
3362 /* return failure if at end of input */
3363 if (yychar == YYEOF)
3368 - fprintf(stderr, "Discarding token %d (%s).\n", yychar, yytname[yychar1]);
3371 + YYDPRINTF ((stderr, "Discarding token %d (%s).\n",
3372 + yychar, yytname[yychar1]));
3376 - /* Else will try to reuse lookahead token
3377 - after shifting the error token. */
3378 + /* Else will try to reuse lookahead token after shifting the error
3381 yyerrstatus = 3; /* Each real token shifted decrements this */
3385 -yyerrdefault: /* current state does not do anything special for the error token. */
3387 +/*-------------------------------------------------------------------.
3388 +| yyerrdefault -- current state does not do anything special for the |
3390 +`-------------------------------------------------------------------*/
3393 /* This is wrong; only states that explicitly want error tokens
3394 should shift them. */
3395 - yyn = yydefact[yystate]; /* If its default is to accept any token, ok. Otherwise pop it.*/
3396 - if (yyn) goto yydefault;
3398 + /* If its default is to accept any token, ok. Otherwise pop it. */
3399 + yyn = yydefact[yystate];
3404 -yyerrpop: /* pop the current state because it cannot handle the error token */
3406 - if (yyssp == yyss) YYABORT;
3407 +/*---------------------------------------------------------------.
3408 +| yyerrpop -- pop the current state because it cannot handle the |
3410 +`---------------------------------------------------------------*/
3412 + if (yyssp == yyss)
3416 -#ifdef YYLSP_NEEDED
3425 - short *ssp1 = yyss - 1;
3426 - fprintf (stderr, "Error: state stack now");
3427 - while (ssp1 != yyssp)
3428 - fprintf (stderr, " %d", *++ssp1);
3429 - fprintf (stderr, "\n");
3430 + short *yyssp1 = yyss - 1;
3431 + YYFPRINTF (stderr, "Error: state stack now");
3432 + while (yyssp1 != yyssp)
3433 + YYFPRINTF (stderr, " %d", *++yyssp1);
3434 + YYFPRINTF (stderr, "\n");
3443 yyn = yypact[yystate];
3446 @@ -1407,18 +1669,45 @@
3452 - fprintf(stderr, "Shifting error token, ");
3454 + YYDPRINTF ((stderr, "Shifting error token, "));
3457 -#ifdef YYLSP_NEEDED
3466 +/*-------------------------------------.
3467 +| yyacceptlab -- YYACCEPT comes here. |
3468 +`-------------------------------------*/
3473 +/*-----------------------------------.
3474 +| yyabortlab -- YYABORT comes here. |
3475 +`-----------------------------------*/
3480 +/*---------------------------------------------.
3481 +| yyoverflowab -- parser overflow comes here. |
3482 +`---------------------------------------------*/
3484 + yyerror ("parser stack overflow");
3486 + /* Fall through. */
3490 + if (yyss != yyssa)
3491 + YYSTACK_FREE (yyss);
3495 #line 442 "getdate.y"
3497 --- shadow-4.0.3.orig/libmisc/chowntty.c
3498 +++ shadow-4.0.3/libmisc/chowntty.c
3503 +#ifdef CONFIG_FLASK
3504 +#include <selinux/ss.h>
3505 +#include <selinux/fs_secure.h>
3509 * is_my_tty -- determine if "tty" is the same as TTY stdin is using
3515 -chown_tty(const char *tty, const struct passwd *info)
3516 +chown_tty(const char *tty, const struct passwd *info
3517 +#ifdef CONFIG_FLASK
3518 +, int FLASK_flag, security_id_t user_sid, security_id_t *ttyn_sid
3522 char buf[200], full_tty[200];
3523 char *group; /* TTY group name or number */
3524 struct group *grent;
3526 +#ifdef CONFIG_FLASK
3527 + security_id_t newdev_sid; /* The new sid of a device */
3528 + struct stat statbuf;
3532 * See if login.defs has some value configured for the port group
3533 @@ -116,9 +129,29 @@
3534 tty, info->pw_name));
3537 - if (!(err == EROFS && info->pw_uid == 0))
3541 +#ifdef CONFIG_FLASK
3544 + if(stat_secure(tty, &statbuf, ttyn_sid) != 0)
3546 + perror("stat_secure");
3549 + if(security_change_sid (user_sid, *ttyn_sid, SECCLASS_CHR_FILE, &newdev_sid) != 0)
3551 + perror("security_change_sid");
3554 + if(chsid(tty, newdev_sid) != 0)
3564 --- shadow-4.0.3.orig/libmisc/failure.c
3565 +++ shadow-4.0.3/libmisc/failure.c
3568 #include "failure.h"
3570 +#ifdef HAVE_UTMPX_H
3576 #define YEAR (365L*DAY)
3578 @@ -248,7 +252,13 @@
3582 -failtmp(const struct utmp *failent)
3584 +#ifdef HAVE_UTMPX_H
3585 + const struct utmpx *failent
3587 + const struct utmp *failent
3593 --- shadow-4.0.3.orig/libmisc/failure.h
3594 +++ shadow-4.0.3/libmisc/failure.h
3597 #include "defines.h"
3598 #include "faillog.h"
3599 +#ifdef HAVE_UTMPX_H
3606 * failure - make failure entry
3608 * failtmp updates the (struct utmp) formatted failure log which
3609 * maintains a record of all login failures.
3611 +#ifdef HAVE_UTMPX_H
3612 +extern void failtmp(const struct utmpx *);
3614 extern void failtmp(const struct utmp *);
3619 --- shadow-4.0.3.orig/configure.in
3620 +++ shadow-4.0.3/configure.in
3624 AC_MSG_CHECKING(location of shared mail directory)
3625 -for maildir in /var/spool/mail /var/mail /usr/spool/mail /usr/mail NONE; do
3626 +for maildir in /var/mail /var/spool/mail /usr/spool/mail /usr/mail NONE; do
3627 if test "$maildir" = "NONE"; then
3629 elif test -d $maildir; then
3631 AC_ARG_WITH(libpam, [ --with-libpam use libpam for PAM support])
3632 AC_ARG_WITH(libskey, [ --with-libskey use libskey for S/Key support])
3633 AC_ARG_WITH(libtcfs, [ --with-libtcfs use libtcfs for TCFS support])
3634 +AC_ARG_WITH(selinux, [ --with-selinux use SE Linux support])
3636 dnl Check for some functions in libc first, only if not found check for
3637 dnl other libraries. This should prevent linking libnsl if not really
3638 @@ -260,14 +261,20 @@
3639 AC_CHECK_LIB(tcfs, tcfs_encrypt_key, AC_DEFINE(HAVE_TCFS) AC_DEFINE(TCFS_GDBM_SUPPORT) LIBTCFS="-ltcfs -lgdbm", , -lgdbm)
3642 +AC_SUBST(SEC_LDADD)
3643 +if test "$with_libpam" = "yes"; then
3644 + SEC_LDADD=-lselinux
3645 + CFLAGS="$CFLAGS -DCONFIG_FLASK -I/usr/include/selinux"
3648 if test "$with_libpam" = "yes"; then
3649 AC_CHECK_LIB(pam, pam_start,
3652 - AC_CHECK_LIB(pam_misc, main,
3653 + AC_CHECK_LIB(pam_misc, misc_conv,
3654 [LIBPAM="$LIBPAM -lpam_misc"],
3655 - AC_MSG_ERROR(libpam_misc is missing)
3656 + AC_MSG_ERROR(libpam_misc is missing),
3659 [AC_MSG_CHECKING(use login access checking if PAM not used)
3660 AC_DEFINE(LOGIN_ACCESS)
3669 --- shadow-4.0.3.orig/Makefile.am
3670 +++ shadow-4.0.3/Makefile.am
3672 AUTOMAKE_OPTIONS = 1.5 dist-bzip2 foreign
3674 SUBDIRS = intl po man libmisc lib src \
3675 - contrib debian doc etc