bsdiff-portable

compats.c (109158B)

---

 #include "config.h"
 #if !HAVE_ERR
 /*
  * Copyright (c) 1993
  *      The Regents of the University of California.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. Neither the name of the University nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  *
  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  */
 
 #include <errno.h>
 #include <stdarg.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 
 void
 vwarnx(const char *fmt, va_list ap)
 {
 	fprintf(stderr, "%s: ", getprogname());
 	if (fmt != NULL)
 		vfprintf(stderr, fmt, ap);
 	fprintf(stderr, "\n");
 }
 
 void
 vwarnc(int code, const char *fmt, va_list ap)
 {
 	fprintf(stderr, "%s: ", getprogname());
 	if (fmt != NULL) {
 		vfprintf(stderr, fmt, ap);
 		fprintf(stderr, ": ");
 	}
 	fprintf(stderr, "%s\n", strerror(code));
 }
 
 void
 vwarn(const char *fmt, va_list ap)
 {
 	int sverrno;
 
 	sverrno = errno;
 	fprintf(stderr, "%s: ", getprogname());
 	if (fmt != NULL) {
 		vfprintf(stderr, fmt, ap);
 		fprintf(stderr, ": ");
 	}
 	fprintf(stderr, "%s\n", strerror(sverrno));
 }
 
 void
 verrc(int eval, int code, const char *fmt, va_list ap)
 {
 	fprintf(stderr, "%s: ", getprogname());
 	if (fmt != NULL) {
 		vfprintf(stderr, fmt, ap);
 		fprintf(stderr, ": ");
 	}
 	fprintf(stderr, "%s\n", strerror(code));
 	exit(eval);
 }
 
 void
 verrx(int eval, const char *fmt, va_list ap)
 {
 	fprintf(stderr, "%s: ", getprogname());
 	if (fmt != NULL)
 		vfprintf(stderr, fmt, ap);
 	fprintf(stderr, "\n");
 	exit(eval);
 }
 
 void
 verr(int eval, const char *fmt, va_list ap)
 {
 	int sverrno;
 
 	sverrno = errno;
 	fprintf(stderr, "%s: ", getprogname());
 	if (fmt != NULL) {
 		vfprintf(stderr, fmt, ap);
 		fprintf(stderr, ": ");
 	}
 	fprintf(stderr, "%s\n", strerror(sverrno));
 	exit(eval);
 }
 
 void
 err(int eval, const char *fmt, ...)
 {
 	va_list ap;
 
 	va_start(ap, fmt);
 	verr(eval, fmt, ap);
 	va_end(ap);
 }
 
 void
 errc(int eval, int code, const char *fmt, ...)
 {
 	va_list ap;
 
 	va_start(ap, fmt);
 	verrc(eval, code, fmt, ap);
 	va_end(ap);
 }
 
 void
 errx(int eval, const char *fmt, ...)
 {
 	va_list ap;
 
 	va_start(ap, fmt);
 	verrx(eval, fmt, ap);
 	va_end(ap);
 }
 
 void
 warn(const char *fmt, ...)
 {
 	va_list ap;
 
 	va_start(ap, fmt);
 	vwarn(fmt, ap);
 	va_end(ap);
 }
 
 void
 warnc(int code, const char *fmt, ...)
 {
 	va_list ap;
 
 	va_start(ap, fmt);
 	vwarnc(code, fmt, ap);
 	va_end(ap);
 }
 
 void
 warnx(const char *fmt, ...)
 {
 	va_list ap;
 
 	va_start(ap, fmt);
 	vwarnx(fmt, ap);
 	va_end(ap);
 }
 #endif /* !HAVE_ERR */
 #if !HAVE_B64_NTOP
 /*	$OpenBSD$	*/
 
 /*
  * Copyright (c) 1996 by Internet Software Consortium.
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
  *
  * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
  * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
  * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
  * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
  * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
  * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
  * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
  * SOFTWARE.
  */
 
 /*
  * Portions Copyright (c) 1995 by International Business Machines, Inc.
  *
  * International Business Machines, Inc. (hereinafter called IBM) grants
  * permission under its copyrights to use, copy, modify, and distribute this
  * Software with or without fee, provided that the above copyright notice and
  * all paragraphs of this notice appear in all copies, and that the name of IBM
  * not be used in connection with the marketing of any product incorporating
  * the Software or modifications thereof, without specific, written prior
  * permission.
  *
  * To the extent it has a right to do so, IBM grants an immunity from suit
  * under its patents, if any, for the use, sale or manufacture of products to
  * the extent that such products are used for performing Domain Name System
  * dynamic updates in TCP/IP networks by means of the Software.  No immunity is
  * granted for any product per se or for any other function of any product.
  *
  * THE SOFTWARE IS PROVIDED "AS IS", AND IBM DISCLAIMS ALL WARRANTIES,
  * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
  * PARTICULAR PURPOSE.  IN NO EVENT SHALL IBM BE LIABLE FOR ANY SPECIAL,
  * DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER ARISING
  * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE, EVEN
  * IF IBM IS APPRISED OF THE POSSIBILITY OF SUCH DAMAGES.
  */
 
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
 #include <arpa/nameser.h>
 
 #include <ctype.h>
 #include <resolv.h>
 #include <stdio.h>
 
 #include <stdlib.h>
 #include <string.h>
 
 static const char b64_Base64[] =
 	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
 static const char b64_Pad64 = '=';
 
 /* (From RFC1521 and draft-ietf-dnssec-secext-03.txt)
    The following encoding technique is taken from RFC 1521 by Borenstein
    and Freed.  It is reproduced here in a slightly edited form for
    convenience.
 
    A 65-character subset of US-ASCII is used, enabling 6 bits to be
    represented per printable character. (The extra 65th character, "=",
    is used to signify a special processing function.)
 
    The encoding process represents 24-bit groups of input bits as output
    strings of 4 encoded characters. Proceeding from left to right, a
    24-bit input group is formed by concatenating 3 8-bit input groups.
    These 24 bits are then treated as 4 concatenated 6-bit groups, each
    of which is translated into a single digit in the base64 alphabet.
 
    Each 6-bit group is used as an index into an array of 64 printable
    characters. The character referenced by the index is placed in the
    output string.
 
                          Table 1: The Base64 Alphabet
 
       Value Encoding  Value Encoding  Value Encoding  Value Encoding
           0 A            17 R            34 i            51 z
           1 B            18 S            35 j            52 0
           2 C            19 T            36 k            53 1
           3 D            20 U            37 l            54 2
           4 E            21 V            38 m            55 3
           5 F            22 W            39 n            56 4
           6 G            23 X            40 o            57 5
           7 H            24 Y            41 p            58 6
           8 I            25 Z            42 q            59 7
           9 J            26 a            43 r            60 8
          10 K            27 b            44 s            61 9
          11 L            28 c            45 t            62 +
          12 M            29 d            46 u            63 /
          13 N            30 e            47 v
          14 O            31 f            48 w         (pad) =
          15 P            32 g            49 x
          16 Q            33 h            50 y
 
    Special processing is performed if fewer than 24 bits are available
    at the end of the data being encoded.  A full encoding quantum is
    always completed at the end of a quantity.  When fewer than 24 input
    bits are available in an input group, zero bits are added (on the
    right) to form an integral number of 6-bit groups.  Padding at the
    end of the data is performed using the '=' character.
 
    Since all base64 input is an integral number of octets, only the
          -------------------------------------------------                       
    following cases can arise:
    
        (1) the final quantum of encoding input is an integral
            multiple of 24 bits; here, the final unit of encoded
 	   output will be an integral multiple of 4 characters
 	   with no "=" padding,
        (2) the final quantum of encoding input is exactly 8 bits;
            here, the final unit of encoded output will be two
 	   characters followed by two "=" padding characters, or
        (3) the final quantum of encoding input is exactly 16 bits;
            here, the final unit of encoded output will be three
 	   characters followed by one "=" padding character.
    */
 
 int
 b64_ntop(u_char const *src, size_t srclength, char *target, size_t targsize)
 {
 	size_t datalength = 0;
 	u_char input[3];
 	u_char output[4];
 	size_t i;
 
 	while (2 < srclength) {
 		input[0] = *src++;
 		input[1] = *src++;
 		input[2] = *src++;
 		srclength -= 3;
 
 		output[0] = input[0] >> 2;
 		output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
 		output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
 		output[3] = input[2] & 0x3f;
 
 		if (datalength + 4 > targsize)
 			return (-1);
 		target[datalength++] = b64_Base64[output[0]];
 		target[datalength++] = b64_Base64[output[1]];
 		target[datalength++] = b64_Base64[output[2]];
 		target[datalength++] = b64_Base64[output[3]];
 	}
     
 	/* Now we worry about padding. */
 	if (0 != srclength) {
 		/* Get what's left. */
 		input[0] = input[1] = input[2] = '\0';
 		for (i = 0; i < srclength; i++)
 			input[i] = *src++;
 	
 		output[0] = input[0] >> 2;
 		output[1] = ((input[0] & 0x03) << 4) + (input[1] >> 4);
 		output[2] = ((input[1] & 0x0f) << 2) + (input[2] >> 6);
 
 		if (datalength + 4 > targsize)
 			return (-1);
 		target[datalength++] = b64_Base64[output[0]];
 		target[datalength++] = b64_Base64[output[1]];
 		if (srclength == 1)
 			target[datalength++] = b64_Pad64;
 		else
 			target[datalength++] = b64_Base64[output[2]];
 		target[datalength++] = b64_Pad64;
 	}
 	if (datalength >= targsize)
 		return (-1);
 	target[datalength] = '\0';	/* Returned value doesn't count \0. */
 	return (datalength);
 }
 
 /* skips all whitespace anywhere.
    converts characters, four at a time, starting at (or after)
    src from base - 64 numbers into three 8 bit bytes in the target area.
    it returns the number of data bytes stored at the target, or -1 on error.
  */
 
 int
 b64_pton(char const *src, u_char *target, size_t targsize)
 {
 	int state, ch;
 	size_t tarindex;
 	u_char nextbyte;
 	char *pos;
 
 	state = 0;
 	tarindex = 0;
 
 	while ((ch = (unsigned char)*src++) != '\0') {
 		if (isspace(ch))	/* Skip whitespace anywhere. */
 			continue;
 
 		if (ch == b64_Pad64)
 			break;
 
 		pos = strchr(b64_Base64, ch);
 		if (pos == 0) 		/* A non-base64 character. */
 			return (-1);
 
 		switch (state) {
 		case 0:
 			if (target) {
 				if (tarindex >= targsize)
 					return (-1);
 				target[tarindex] = (pos - b64_Base64) << 2;
 			}
 			state = 1;
 			break;
 		case 1:
 			if (target) {
 				if (tarindex >= targsize)
 					return (-1);
 				target[tarindex]   |=  (pos - b64_Base64) >> 4;
 				nextbyte = ((pos - b64_Base64) & 0x0f) << 4;
 				if (tarindex + 1 < targsize)
 					target[tarindex+1] = nextbyte;
 				else if (nextbyte)
 					return (-1);
 			}
 			tarindex++;
 			state = 2;
 			break;
 		case 2:
 			if (target) {
 				if (tarindex >= targsize)
 					return (-1);
 				target[tarindex]   |=  (pos - b64_Base64) >> 2;
 				nextbyte = ((pos - b64_Base64) & 0x03) << 6;
 				if (tarindex + 1 < targsize)
 					target[tarindex+1] = nextbyte;
 				else if (nextbyte)
 					return (-1);
 			}
 			tarindex++;
 			state = 3;
 			break;
 		case 3:
 			if (target) {
 				if (tarindex >= targsize)
 					return (-1);
 				target[tarindex] |= (pos - b64_Base64);
 			}
 			tarindex++;
 			state = 0;
 			break;
 		}
 	}
 
 	/*
 	 * We are done decoding Base-64 chars.  Let's see if we ended
 	 * on a byte boundary, and/or with erroneous trailing characters.
 	 */
 
 	if (ch == b64_Pad64) {			/* We got a pad char. */
 		ch = (unsigned char)*src++;	/* Skip it, get next. */
 		switch (state) {
 		case 0:		/* Invalid = in first position */
 		case 1:		/* Invalid = in second position */
 			return (-1);
 
 		case 2:		/* Valid, means one byte of info */
 			/* Skip any number of spaces. */
 			for (; ch != '\0'; ch = (unsigned char)*src++)
 				if (!isspace(ch))
 					break;
 			/* Make sure there is another trailing = sign. */
 			if (ch != b64_Pad64)
 				return (-1);
 			ch = (unsigned char)*src++;		/* Skip the = */
 			/* Fall through to "single trailing =" case. */
 			/* FALLTHROUGH */
 
 		case 3:		/* Valid, means two bytes of info */
 			/*
 			 * We know this char is an =.  Is there anything but
 			 * whitespace after it?
 			 */
 			for (; ch != '\0'; ch = (unsigned char)*src++)
 				if (!isspace(ch))
 					return (-1);
 
 			/*
 			 * Now make sure for cases 2 and 3 that the "extra"
 			 * bits that slopped past the last full byte were
 			 * zeros.  If we don't check them, they become a
 			 * subliminal channel.
 			 */
 			if (target && tarindex < targsize &&
 			    target[tarindex] != 0)
 				return (-1);
 		}
 	} else {
 		/*
 		 * We ended by seeing the end of the string.  Make sure we
 		 * have no partial bytes lying around.
 		 */
 		if (state != 0)
 			return (-1);
 	}
 
 	return (tarindex);
 }
 #endif /* !HAVE_B64_NTOP */
 #if !HAVE_EXPLICIT_BZERO
 /* OPENBSD ORIGINAL: lib/libc/string/explicit_bzero.c */
 /*
  * Public domain.
  * Written by Ted Unangst
  */
 
 #include <string.h>
 
 /*
  * explicit_bzero - don't let the compiler optimize away bzero
  */
 
 #if HAVE_MEMSET_S
 
 void
 explicit_bzero(void *p, size_t n)
 {
 	if (n == 0)
 		return;
 	(void)memset_s(p, n, 0, n);
 }
 
 #else /* HAVE_MEMSET_S */
 
 #include <strings.h>
 
 /*
  * Indirect bzero through a volatile pointer to hopefully avoid
  * dead-store optimisation eliminating the call.
  */
 static void (* volatile ssh_bzero)(void *, size_t) = bzero;
 
 void
 explicit_bzero(void *p, size_t n)
 {
 	if (n == 0)
 		return;
 	/*
 	 * clang -fsanitize=memory needs to intercept memset-like functions
 	 * to correctly detect memory initialisation. Make sure one is called
 	 * directly since our indirection trick above sucessfully confuses it.
 	 */
 #if defined(__has_feature)
 # if __has_feature(memory_sanitizer)
 	memset(p, 0, n);
 # endif
 #endif
 
 	ssh_bzero(p, n);
 }
 
 #endif /* HAVE_MEMSET_S */
 #endif /* !HAVE_EXPLICIT_BZERO */
 #if !HAVE_FTS
 /*	$OpenBSD$	*/
 
 /*-
  * Copyright (c) 1990, 1993, 1994
  *	The Regents of the University of California.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. Neither the name of the University nor the names of its contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  *
  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  */
 
 #include <sys/stat.h>
 #include <sys/types.h>
 
 #include <dirent.h>
 #include <errno.h>
 #include <fcntl.h>
 #include <limits.h>
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
 
 /* 
  * oconfigure: Adapted from sys/_types.h.
  * oconfigure: Be conservative with ALIGNBYTES.
  */
 #define	FTS_ALIGNBYTES		(sizeof(long) - 1)
 #define	FTS_ALIGN(p)		(((unsigned long)(p) + FTS_ALIGNBYTES) &~ FTS_ALIGNBYTES)
 
 static FTSENT	*fts_alloc(FTS *, char *, size_t);
 static FTSENT	*fts_build(FTS *, int);
 static void	 fts_lfree(FTSENT *);
 static void	 fts_load(FTS *, FTSENT *);
 static size_t	 fts_maxarglen(char * const *);
 static void	 fts_padjust(FTS *, FTSENT *);
 static int	 fts_palloc(FTS *, size_t);
 static FTSENT	*fts_sort(FTS *, FTSENT *, int);
 static u_short	 fts_stat(FTS *, FTSENT *, int, int);
 static int	 fts_safe_changedir(FTS *, FTSENT *, int, char *);
 
 /* oconfigure: Prefix with FTS_. */
 
 #define FTS_MAX(a, b)	(((a) > (b)) ? (a) : (b))
 #define	FTS_ISDOT(a)		(a[0] == '.' && (!a[1] || (a[1] == '.' && !a[2])))
 #define	FTS_CLR(opt)		(sp->fts_options &= ~(opt))
 #define	FTS_ISSET(opt)		(sp->fts_options & (opt))
 #define	FTS_SET(opt)		(sp->fts_options |= (opt))
 #define	FTS_FCHDIR(sp, fd)	(!FTS_ISSET(FTS_NOCHDIR) && fchdir(fd))
 /* fts_build flags */
 #define	FTS_BCHILD		1 /* fts_children */
 #define	FTS_BNAMES		2 /* fts_children, names only */
 #define	FTS_BREAD		3 /* fts_read */
 
 FTS *
 fts_open(char * const *argv, int options,
     int (*compar)(const FTSENT **, const FTSENT **))
 {
 	FTS *sp;
 	FTSENT *p, *root;
 	int nitems;
 	FTSENT *parent, *prev;
 	char empty[1] = { '\0' };
 
 	/* Options check. */
 	if (options & ~FTS_OPTIONMASK) {
 		errno = EINVAL;
 		return (NULL);
 	}
 
 	/* At least one path must be specified. */
 	if (*argv == NULL) {
 		errno = EINVAL;
 		return (NULL);
 	}
 
 	/* Allocate/initialize the stream */
 	if ((sp = calloc(1, sizeof(FTS))) == NULL)
 		return (NULL);
 	sp->fts_compar = compar;
 	sp->fts_options = options;
 
 	/* Logical walks turn on NOCHDIR; symbolic links are too hard. */
 	if (FTS_ISSET(FTS_LOGICAL))
 		FTS_SET(FTS_NOCHDIR);
 
 	/*
 	 * Start out with 1K of path space, and enough, in any case,
 	 * to hold the user's paths.
 	 */
 	if (fts_palloc(sp, FTS_MAX(fts_maxarglen(argv), PATH_MAX)))
 		goto mem1;
 
 	/* Allocate/initialize root's parent. */
 	if ((parent = fts_alloc(sp, empty, 0)) == NULL)
 		goto mem2;
 	parent->fts_level = FTS_ROOTPARENTLEVEL;
 
 	/* Allocate/initialize root(s). */
 	for (root = prev = NULL, nitems = 0; *argv; ++argv, ++nitems) {
 		if ((p = fts_alloc(sp, *argv, strlen(*argv))) == NULL)
 			goto mem3;
 		p->fts_level = FTS_ROOTLEVEL;
 		p->fts_parent = parent;
 		p->fts_accpath = p->fts_name;
 		p->fts_info = fts_stat(sp, p, FTS_ISSET(FTS_COMFOLLOW), -1);
 
 		/* Command-line "." and ".." are real directories. */
 		if (p->fts_info == FTS_DOT)
 			p->fts_info = FTS_D;
 
 		/*
 		 * If comparison routine supplied, traverse in sorted
 		 * order; otherwise traverse in the order specified.
 		 */
 		if (compar) {
 			p->fts_link = root;
 			root = p;
 		} else {
 			p->fts_link = NULL;
 			if (root == NULL)
 				root = p;
 			else
 				prev->fts_link = p;
 			prev = p;
 		}
 	}
 	if (compar && nitems > 1)
 		root = fts_sort(sp, root, nitems);
 
 	/*
 	 * Allocate a dummy pointer and make fts_read think that we've just
 	 * finished the node before the root(s); set p->fts_info to FTS_INIT
 	 * so that everything about the "current" node is ignored.
 	 */
 	if ((sp->fts_cur = fts_alloc(sp, empty, 0)) == NULL)
 		goto mem3;
 	sp->fts_cur->fts_link = root;
 	sp->fts_cur->fts_info = FTS_INIT;
 
 	/*
 	 * If using chdir(2), grab a file descriptor pointing to dot to ensure
 	 * that we can get back here; this could be avoided for some paths,
 	 * but almost certainly not worth the effort.  Slashes, symbolic links,
 	 * and ".." are all fairly nasty problems.  Note, if we can't get the
 	 * descriptor we run anyway, just more slowly.
 	 */
 	if (!FTS_ISSET(FTS_NOCHDIR) &&
 	    (sp->fts_rfd = open(".", O_RDONLY | O_CLOEXEC)) == -1)
 		FTS_SET(FTS_NOCHDIR);
 
 	if (nitems == 0)
 		free(parent);
 
 	return (sp);
 
 mem3:	fts_lfree(root);
 	free(parent);
 mem2:	free(sp->fts_path);
 mem1:	free(sp);
 	return (NULL);
 }
 
 static void
 fts_load(FTS *sp, FTSENT *p)
 {
 	size_t len;
 	char *cp;
 
 	/*
 	 * Load the stream structure for the next traversal.  Since we don't
 	 * actually enter the directory until after the preorder visit, set
 	 * the fts_accpath field specially so the chdir gets done to the right
 	 * place and the user can access the first node.  From fts_open it's
 	 * known that the path will fit.
 	 */
 	len = p->fts_pathlen = p->fts_namelen;
 	memmove(sp->fts_path, p->fts_name, len + 1);
 	if ((cp = strrchr(p->fts_name, '/')) && (cp != p->fts_name || cp[1])) {
 		len = strlen(++cp);
 		memmove(p->fts_name, cp, len + 1);
 		p->fts_namelen = len;
 	}
 	p->fts_accpath = p->fts_path = sp->fts_path;
 	sp->fts_dev = p->fts_dev;
 }
 
 int
 fts_close(FTS *sp)
 {
 	FTSENT *freep, *p;
 	int rfd, error = 0;
 
 	/*
 	 * This still works if we haven't read anything -- the dummy structure
 	 * points to the root list, so we step through to the end of the root
 	 * list which has a valid parent pointer.
 	 */
 	if (sp->fts_cur) {
 		for (p = sp->fts_cur; p->fts_level >= FTS_ROOTLEVEL;) {
 			freep = p;
 			p = p->fts_link ? p->fts_link : p->fts_parent;
 			free(freep);
 		}
 		free(p);
 	}
 
 	/* Stash the original directory fd if needed. */
 	rfd = FTS_ISSET(FTS_NOCHDIR) ? -1 : sp->fts_rfd;
 
 	/* Free up child linked list, sort array, path buffer, stream ptr.*/
 	if (sp->fts_child)
 		fts_lfree(sp->fts_child);
 	free(sp->fts_array);
 	free(sp->fts_path);
 	free(sp);
 
 	/* Return to original directory, checking for error. */
 	if (rfd != -1) {
 		int saved_errno;
 		error = fchdir(rfd);
 		saved_errno = errno;
 		(void)close(rfd);
 		errno = saved_errno;
 	}
 
 	return (error);
 }
 
 /*
  * Special case of "/" at the end of the path so that slashes aren't
  * appended which would cause paths to be written as "....//foo".
  */
 #define	NAPPEND(p)							\
 	(p->fts_path[p->fts_pathlen - 1] == '/'				\
 	    ? p->fts_pathlen - 1 : p->fts_pathlen)
 
 FTSENT *
 fts_read(FTS *sp)
 {
 	FTSENT *p, *tmp;
 	int instr;
 	char *t;
 	char up[3] = { '.', '.', '\0' };
 	int saved_errno;
 
 	/* If finished or unrecoverable error, return NULL. */
 	if (sp->fts_cur == NULL || FTS_ISSET(FTS_STOP))
 		return (NULL);
 
 	/* Set current node pointer. */
 	p = sp->fts_cur;
 
 	/* Save and zero out user instructions. */
 	instr = p->fts_instr;
 	p->fts_instr = FTS_NOINSTR;
 
 	/* Any type of file may be re-visited; re-stat and re-turn. */
 	if (instr == FTS_AGAIN) {
 		p->fts_info = fts_stat(sp, p, 0, -1);
 		return (p);
 	}
 
 	/*
 	 * Following a symlink -- SLNONE test allows application to see
 	 * SLNONE and recover.  If indirecting through a symlink, have
 	 * keep a pointer to current location.  If unable to get that
 	 * pointer, follow fails.
 	 */
 	if (instr == FTS_FOLLOW &&
 	    (p->fts_info == FTS_SL || p->fts_info == FTS_SLNONE)) {
 		p->fts_info = fts_stat(sp, p, 1, -1);
 		if (p->fts_info == FTS_D && !FTS_ISSET(FTS_NOCHDIR)) {
 			if ((p->fts_symfd =
 			    open(".", O_RDONLY | O_CLOEXEC)) == -1) {
 				p->fts_errno = errno;
 				p->fts_info = FTS_ERR;
 			} else
 				p->fts_flags |= FTS_SYMFOLLOW;
 		}
 		return (p);
 	}
 
 	/* Directory in pre-order. */
 	if (p->fts_info == FTS_D) {
 		/* If skipped or crossed mount point, do post-order visit. */
 		if (instr == FTS_SKIP ||
 		    (FTS_ISSET(FTS_XDEV) && p->fts_dev != sp->fts_dev)) {
 			if (p->fts_flags & FTS_SYMFOLLOW)
 				(void)close(p->fts_symfd);
 			if (sp->fts_child) {
 				fts_lfree(sp->fts_child);
 				sp->fts_child = NULL;
 			}
 			p->fts_info = FTS_DP;
 			return (p);
 		}
 
 		/* Rebuild if only read the names and now traversing. */
 		if (sp->fts_child && FTS_ISSET(FTS_NAMEONLY)) {
 			FTS_CLR(FTS_NAMEONLY);
 			fts_lfree(sp->fts_child);
 			sp->fts_child = NULL;
 		}
 
 		/*
 		 * Cd to the subdirectory.
 		 *
 		 * If have already read and now fail to chdir, whack the list
 		 * to make the names come out right, and set the parent errno
 		 * so the application will eventually get an error condition.
 		 * Set the FTS_DONTCHDIR flag so that when we logically change
 		 * directories back to the parent we don't do a chdir.
 		 *
 		 * If haven't read do so.  If the read fails, fts_build sets
 		 * FTS_STOP or the fts_info field of the node.
 		 */
 		if (sp->fts_child) {
 			if (fts_safe_changedir(sp, p, -1, p->fts_accpath)) {
 				p->fts_errno = errno;
 				p->fts_flags |= FTS_DONTCHDIR;
 				for (p = sp->fts_child; p; p = p->fts_link)
 					p->fts_accpath =
 					    p->fts_parent->fts_accpath;
 			}
 		} else if ((sp->fts_child = fts_build(sp, FTS_BREAD)) == NULL) {
 			if (FTS_ISSET(FTS_STOP))
 				return (NULL);
 			return (p);
 		}
 		p = sp->fts_child;
 		sp->fts_child = NULL;
 		goto name;
 	}
 
 	/* Move to the next node on this level. */
 next:	tmp = p;
 	if ((p = p->fts_link)) {
 		free(tmp);
 
 		/*
 		 * If reached the top, return to the original directory (or
 		 * the root of the tree), and load the paths for the next root.
 		 */
 		if (p->fts_level == FTS_ROOTLEVEL) {
 			if (FTS_FCHDIR(sp, sp->fts_rfd)) {
 				FTS_SET(FTS_STOP);
 				return (NULL);
 			}
 			fts_load(sp, p);
 			return (sp->fts_cur = p);
 		}
 
 		/*
 		 * User may have called fts_set on the node.  If skipped,
 		 * ignore.  If followed, get a file descriptor so we can
 		 * get back if necessary.
 		 */
 		if (p->fts_instr == FTS_SKIP)
 			goto next;
 		if (p->fts_instr == FTS_FOLLOW) {
 			p->fts_info = fts_stat(sp, p, 1, -1);
 			if (p->fts_info == FTS_D && !FTS_ISSET(FTS_NOCHDIR)) {
 				if ((p->fts_symfd =
 				    open(".", O_RDONLY | O_CLOEXEC)) == -1) {
 					p->fts_errno = errno;
 					p->fts_info = FTS_ERR;
 				} else
 					p->fts_flags |= FTS_SYMFOLLOW;
 			}
 			p->fts_instr = FTS_NOINSTR;
 		}
 
 name:		t = sp->fts_path + NAPPEND(p->fts_parent);
 		*t++ = '/';
 		memmove(t, p->fts_name, p->fts_namelen + 1);
 		return (sp->fts_cur = p);
 	}
 
 	/* Move up to the parent node. */
 	p = tmp->fts_parent;
 	free(tmp);
 
 	if (p->fts_level == FTS_ROOTPARENTLEVEL) {
 		/*
 		 * Done; free everything up and set errno to 0 so the user
 		 * can distinguish between error and EOF.
 		 */
 		free(p);
 		errno = 0;
 		return (sp->fts_cur = NULL);
 	}
 
 	/* NUL terminate the pathname. */
 	sp->fts_path[p->fts_pathlen] = '\0';
 
 	/*
 	 * Return to the parent directory.  If at a root node or came through
 	 * a symlink, go back through the file descriptor.  Otherwise, cd up
 	 * one directory.
 	 */
 	if (p->fts_level == FTS_ROOTLEVEL) {
 		if (FTS_FCHDIR(sp, sp->fts_rfd)) {
 			FTS_SET(FTS_STOP);
 			sp->fts_cur = p;
 			return (NULL);
 		}
 	} else if (p->fts_flags & FTS_SYMFOLLOW) {
 		if (FTS_FCHDIR(sp, p->fts_symfd)) {
 			saved_errno = errno;
 			(void)close(p->fts_symfd);
 			errno = saved_errno;
 			FTS_SET(FTS_STOP);
 			sp->fts_cur = p;
 			return (NULL);
 		}
 		(void)close(p->fts_symfd);
 	} else if (!(p->fts_flags & FTS_DONTCHDIR) &&
 	    fts_safe_changedir(sp, p->fts_parent, -1, up)) {
 		FTS_SET(FTS_STOP);
 		sp->fts_cur = p;
 		return (NULL);
 	}
 	p->fts_info = p->fts_errno ? FTS_ERR : FTS_DP;
 	return (sp->fts_cur = p);
 }
 
 /*
  * Fts_set takes the stream as an argument although it's not used in this
  * implementation; it would be necessary if anyone wanted to add global
  * semantics to fts using fts_set.  An error return is allowed for similar
  * reasons.
  */
 int
 fts_set(FTS *sp, FTSENT *p, int instr)
 {
 	if (instr && instr != FTS_AGAIN && instr != FTS_FOLLOW &&
 	    instr != FTS_NOINSTR && instr != FTS_SKIP) {
 		errno = EINVAL;
 		return (1);
 	}
 	p->fts_instr = instr;
 	return (0);
 }
 
 FTSENT *
 fts_children(FTS *sp, int instr)
 {
 	FTSENT *p;
 	int fd;
 
 	if (instr && instr != FTS_NAMEONLY) {
 		errno = EINVAL;
 		return (NULL);
 	}
 
 	/* Set current node pointer. */
 	p = sp->fts_cur;
 
 	/*
 	 * Errno set to 0 so user can distinguish empty directory from
 	 * an error.
 	 */
 	errno = 0;
 
 	/* Fatal errors stop here. */
 	if (FTS_ISSET(FTS_STOP))
 		return (NULL);
 
 	/* Return logical hierarchy of user's arguments. */
 	if (p->fts_info == FTS_INIT)
 		return (p->fts_link);
 
 	/*
 	 * If not a directory being visited in pre-order, stop here.  Could
 	 * allow FTS_DNR, assuming the user has fixed the problem, but the
 	 * same effect is available with FTS_AGAIN.
 	 */
 	if (p->fts_info != FTS_D /* && p->fts_info != FTS_DNR */)
 		return (NULL);
 
 	/* Free up any previous child list. */
 	if (sp->fts_child)
 		fts_lfree(sp->fts_child);
 
 	if (instr == FTS_NAMEONLY) {
 		FTS_SET(FTS_NAMEONLY);
 		instr = FTS_BNAMES;
 	} else
 		instr = FTS_BCHILD;
 
 	/*
 	 * If using chdir on a relative path and called BEFORE fts_read does
 	 * its chdir to the root of a traversal, we can lose -- we need to
 	 * chdir into the subdirectory, and we don't know where the current
 	 * directory is, so we can't get back so that the upcoming chdir by
 	 * fts_read will work.
 	 */
 	if (p->fts_level != FTS_ROOTLEVEL || p->fts_accpath[0] == '/' ||
 	    FTS_ISSET(FTS_NOCHDIR))
 		return (sp->fts_child = fts_build(sp, instr));
 
 	if ((fd = open(".", O_RDONLY | O_CLOEXEC)) == -1)
 		return (NULL);
 	sp->fts_child = fts_build(sp, instr);
 	if (fchdir(fd)) {
 		(void)close(fd);
 		return (NULL);
 	}
 	(void)close(fd);
 	return (sp->fts_child);
 }
 
 /*
  * This is the tricky part -- do not casually change *anything* in here.  The
  * idea is to build the linked list of entries that are used by fts_children
  * and fts_read.  There are lots of special cases.
  *
  * The real slowdown in walking the tree is the stat calls.  If FTS_NOSTAT is
  * set and it's a physical walk (so that symbolic links can't be directories),
  * we can do things quickly.  First, if it's a 4.4BSD file system, the type
  * of the file is in the directory entry.  Otherwise, we assume that the number
  * of subdirectories in a node is equal to the number of links to the parent.
  * The former skips all stat calls.  The latter skips stat calls in any leaf
  * directories and for any files after the subdirectories in the directory have
  * been found, cutting the stat calls by about 2/3.
  */
 static FTSENT *
 fts_build(FTS *sp, int type)
 {
 	struct dirent *dp;
 	FTSENT *p, *head;
 	FTSENT *cur, *tail;
 	DIR *dirp;
 	void *oldaddr;
 	size_t len, maxlen, namlen;
 	int nitems, cderrno, descend, level, nlinks, nostat, doadjust;
 	int saved_errno;
 	char *cp;
 	char up[3] = { '.', '.', '\0' };
 
 	/* Set current node pointer. */
 	cur = sp->fts_cur;
 
 	/*
 	 * Open the directory for reading.  If this fails, we're done.
 	 * If being called from fts_read, set the fts_info field.
 	 */
 	if ((dirp = opendir(cur->fts_accpath)) == NULL) {
 		if (type == FTS_BREAD) {
 			cur->fts_info = FTS_DNR;
 			cur->fts_errno = errno;
 		}
 		return (NULL);
 	}
 
 	/*
 	 * Nlinks is the number of possible entries of type directory in the
 	 * directory if we're cheating on stat calls, 0 if we're not doing
 	 * any stat calls at all, -1 if we're doing stats on everything.
 	 */
 	if (type == FTS_BNAMES)
 		nlinks = 0;
 	else if (FTS_ISSET(FTS_NOSTAT) && FTS_ISSET(FTS_PHYSICAL)) {
 		nlinks = cur->fts_nlink - (FTS_ISSET(FTS_SEEDOT) ? 0 : 2);
 		nostat = 1;
 	} else {
 		nlinks = -1;
 		nostat = 0;
 	}
 
 #ifdef notdef
 	(void)printf("nlinks == %d (cur: %u)\n", nlinks, cur->fts_nlink);
 	(void)printf("NOSTAT %d PHYSICAL %d SEEDOT %d\n",
 	    FTS_ISSET(FTS_NOSTAT), FTS_ISSET(FTS_PHYSICAL), FTS_ISSET(FTS_SEEDOT));
 #endif
 	/*
 	 * If we're going to need to stat anything or we want to descend
 	 * and stay in the directory, chdir.  If this fails we keep going,
 	 * but set a flag so we don't chdir after the post-order visit.
 	 * We won't be able to stat anything, but we can still return the
 	 * names themselves.  Note, that since fts_read won't be able to
 	 * chdir into the directory, it will have to return different path
 	 * names than before, i.e. "a/b" instead of "b".  Since the node
 	 * has already been visited in pre-order, have to wait until the
 	 * post-order visit to return the error.  There is a special case
 	 * here, if there was nothing to stat then it's not an error to
 	 * not be able to stat.  This is all fairly nasty.  If a program
 	 * needed sorted entries or stat information, they had better be
 	 * checking FTS_NS on the returned nodes.
 	 */
 	cderrno = 0;
 	if (nlinks || type == FTS_BREAD) {
 		if (fts_safe_changedir(sp, cur, dirfd(dirp), NULL)) {
 			if (nlinks && type == FTS_BREAD)
 				cur->fts_errno = errno;
 			cur->fts_flags |= FTS_DONTCHDIR;
 			descend = 0;
 			cderrno = errno;
 			(void)closedir(dirp);
 			dirp = NULL;
 		} else
 			descend = 1;
 	} else
 		descend = 0;
 
 	/*
 	 * Figure out the max file name length that can be stored in the
 	 * current path -- the inner loop allocates more path as necessary.
 	 * We really wouldn't have to do the maxlen calculations here, we
 	 * could do them in fts_read before returning the path, but it's a
 	 * lot easier here since the length is part of the dirent structure.
 	 *
 	 * If not changing directories set a pointer so that can just append
 	 * each new name into the path.
 	 */
 	len = NAPPEND(cur);
 	if (FTS_ISSET(FTS_NOCHDIR)) {
 		cp = sp->fts_path + len;
 		*cp++ = '/';
 	}
 	len++;
 	maxlen = sp->fts_pathlen - len;
 
 	/*
 	 * fts_level is signed so we must prevent it from wrapping
 	 * around to FTS_ROOTLEVEL and FTS_ROOTPARENTLEVEL.
 	 */
 	level = cur->fts_level;
 	if (level < FTS_MAXLEVEL)
 	    level++;
 
 	/* Read the directory, attaching each entry to the `link' pointer. */
 	doadjust = 0;
 	for (head = tail = NULL, nitems = 0; dirp && (dp = readdir(dirp));) {
 		if (!FTS_ISSET(FTS_SEEDOT) && FTS_ISDOT(dp->d_name))
 			continue;
 
 		namlen = strlen(dp->d_name);
 
 		if (!(p = fts_alloc(sp, dp->d_name, namlen)))
 			goto mem1;
 		if (namlen >= maxlen) {	/* include space for NUL */
 			oldaddr = sp->fts_path;
 			if (fts_palloc(sp, namlen +len + 1)) {
 				/*
 				 * No more memory for path or structures.  Save
 				 * errno, free up the current structure and the
 				 * structures already allocated.
 				 */
 mem1:				saved_errno = errno;
 				free(p);
 				fts_lfree(head);
 				(void)closedir(dirp);
 				cur->fts_info = FTS_ERR;
 				FTS_SET(FTS_STOP);
 				errno = saved_errno;
 				return (NULL);
 			}
 			/* Did realloc() change the pointer? */
 			if (oldaddr != sp->fts_path) {
 				doadjust = 1;
 				if (FTS_ISSET(FTS_NOCHDIR))
 					cp = sp->fts_path + len;
 			}
 			maxlen = sp->fts_pathlen - len;
 		}
 
 		p->fts_level = level;
 		p->fts_parent = sp->fts_cur;
 		p->fts_pathlen = len + namlen;
 		if (p->fts_pathlen < len) {
 			/*
 			 * If we wrap, free up the current structure and
 			 * the structures already allocated, then error
 			 * out with ENAMETOOLONG.
 			 */
 			free(p);
 			fts_lfree(head);
 			(void)closedir(dirp);
 			cur->fts_info = FTS_ERR;
 			FTS_SET(FTS_STOP);
 			errno = ENAMETOOLONG;
 			return (NULL);
 		}
 
 		if (cderrno) {
 			if (nlinks) {
 				p->fts_info = FTS_NS;
 				p->fts_errno = cderrno;
 			} else
 				p->fts_info = FTS_NSOK;
 			p->fts_accpath = cur->fts_accpath;
 		} else if (nlinks == 0
 #ifdef DT_DIR
 		    || (nostat &&
 		    dp->d_type != DT_DIR && dp->d_type != DT_UNKNOWN)
 #endif
 		    ) {
 			p->fts_accpath =
 			    FTS_ISSET(FTS_NOCHDIR) ? p->fts_path : p->fts_name;
 			p->fts_info = FTS_NSOK;
 		} else {
 			/* Build a file name for fts_stat to stat. */
 			if (FTS_ISSET(FTS_NOCHDIR)) {
 				p->fts_accpath = p->fts_path;
 				memmove(cp, p->fts_name, p->fts_namelen + 1);
 				p->fts_info = fts_stat(sp, p, 0, dirfd(dirp));
 			} else {
 				p->fts_accpath = p->fts_name;
 				p->fts_info = fts_stat(sp, p, 0, -1);
 			}
 
 			/* Decrement link count if applicable. */
 			if (nlinks > 0 && (p->fts_info == FTS_D ||
 			    p->fts_info == FTS_DC || p->fts_info == FTS_DOT))
 				--nlinks;
 		}
 
 		/* We walk in directory order so "ls -f" doesn't get upset. */
 		p->fts_link = NULL;
 		if (head == NULL)
 			head = tail = p;
 		else {
 			tail->fts_link = p;
 			tail = p;
 		}
 		++nitems;
 	}
 	if (dirp)
 		(void)closedir(dirp);
 
 	/*
 	 * If realloc() changed the address of the path, adjust the
 	 * addresses for the rest of the tree and the dir list.
 	 */
 	if (doadjust)
 		fts_padjust(sp, head);
 
 	/*
 	 * If not changing directories, reset the path back to original
 	 * state.
 	 */
 	if (FTS_ISSET(FTS_NOCHDIR)) {
 		if (len == sp->fts_pathlen || nitems == 0)
 			--cp;
 		*cp = '\0';
 	}
 
 	/*
 	 * If descended after called from fts_children or after called from
 	 * fts_read and nothing found, get back.  At the root level we use
 	 * the saved fd; if one of fts_open()'s arguments is a relative path
 	 * to an empty directory, we wind up here with no other way back.  If
 	 * can't get back, we're done.
 	 */
 	if (descend && (type == FTS_BCHILD || !nitems) &&
 	    (cur->fts_level == FTS_ROOTLEVEL ? FTS_FCHDIR(sp, sp->fts_rfd) :
 	    fts_safe_changedir(sp, cur->fts_parent, -1, up))) {
 		cur->fts_info = FTS_ERR;
 		FTS_SET(FTS_STOP);
 		return (NULL);
 	}
 
 	/* If didn't find anything, return NULL. */
 	if (!nitems) {
 		if (type == FTS_BREAD)
 			cur->fts_info = FTS_DP;
 		return (NULL);
 	}
 
 	/* Sort the entries. */
 	if (sp->fts_compar && nitems > 1)
 		head = fts_sort(sp, head, nitems);
 	return (head);
 }
 
 static u_short
 fts_stat(FTS *sp, FTSENT *p, int follow, int dfd)
 {
 	FTSENT *t;
 	dev_t dev;
 	ino_t ino;
 	struct stat *sbp, sb;
 	int saved_errno;
 	const char *path;
 
 	if (dfd == -1) {
 		path = p->fts_accpath;
 		dfd = AT_FDCWD;
 	} else
 		path = p->fts_name;
 
 	/* If user needs stat info, stat buffer already allocated. */
 	sbp = FTS_ISSET(FTS_NOSTAT) ? &sb : p->fts_statp;
 
 	/*
 	 * If doing a logical walk, or application requested FTS_FOLLOW, do
 	 * a stat(2).  If that fails, check for a non-existent symlink.  If
 	 * fail, set the errno from the stat call.
 	 */
 	if (FTS_ISSET(FTS_LOGICAL) || follow) {
 		if (fstatat(dfd, path, sbp, 0)) {
 			saved_errno = errno;
 			if (!fstatat(dfd, path, sbp, AT_SYMLINK_NOFOLLOW)) {
 				errno = 0;
 				return (FTS_SLNONE);
 			}
 			p->fts_errno = saved_errno;
 			goto err;
 		}
 	} else if (fstatat(dfd, path, sbp, AT_SYMLINK_NOFOLLOW)) {
 		p->fts_errno = errno;
 err:		memset(sbp, 0, sizeof(struct stat));
 		return (FTS_NS);
 	}
 
 	if (S_ISDIR(sbp->st_mode)) {
 		/*
 		 * Set the device/inode.  Used to find cycles and check for
 		 * crossing mount points.  Also remember the link count, used
 		 * in fts_build to limit the number of stat calls.  It is
 		 * understood that these fields are only referenced if fts_info
 		 * is set to FTS_D.
 		 */
 		dev = p->fts_dev = sbp->st_dev;
 		ino = p->fts_ino = sbp->st_ino;
 		p->fts_nlink = sbp->st_nlink;
 
 		if (FTS_ISDOT(p->fts_name))
 			return (FTS_DOT);
 
 		/*
 		 * Cycle detection is done by brute force when the directory
 		 * is first encountered.  If the tree gets deep enough or the
 		 * number of symbolic links to directories is high enough,
 		 * something faster might be worthwhile.
 		 */
 		for (t = p->fts_parent;
 		    t->fts_level >= FTS_ROOTLEVEL; t = t->fts_parent)
 			if (ino == t->fts_ino && dev == t->fts_dev) {
 				p->fts_cycle = t;
 				return (FTS_DC);
 			}
 		return (FTS_D);
 	}
 	if (S_ISLNK(sbp->st_mode))
 		return (FTS_SL);
 	if (S_ISREG(sbp->st_mode))
 		return (FTS_F);
 	return (FTS_DEFAULT);
 }
 
 static FTSENT *
 fts_sort(FTS *sp, FTSENT *head, int nitems)
 {
 	FTSENT **ap, *p;
 
 	/*
 	 * Construct an array of pointers to the structures and call qsort(3).
 	 * Reassemble the array in the order returned by qsort.  If unable to
 	 * sort for memory reasons, return the directory entries in their
 	 * current order.  Allocate enough space for the current needs plus
 	 * 40 so don't realloc one entry at a time.
 	 */
 	if (nitems > sp->fts_nitems) {
 		struct _ftsent **a;
 
 		if ((a = reallocarray(sp->fts_array,
 		    nitems + 40, sizeof(FTSENT *))) == NULL) {
 			free(sp->fts_array);
 			sp->fts_array = NULL;
 			sp->fts_nitems = 0;
 			return (head);
 		}
 		sp->fts_nitems = nitems + 40;
 		sp->fts_array = a;
 	}
 	for (ap = sp->fts_array, p = head; p; p = p->fts_link)
 		*ap++ = p;
 	qsort(sp->fts_array, nitems, sizeof(FTSENT *),
 		(int(*)(const void *, const void *))sp->fts_compar);
 	for (head = *(ap = sp->fts_array); --nitems; ++ap)
 		ap[0]->fts_link = ap[1];
 	ap[0]->fts_link = NULL;
 	return (head);
 }
 
 static FTSENT *
 fts_alloc(FTS *sp, char *name, size_t namelen)
 {
 	FTSENT *p;
 	size_t len;
 
 	/*
 	 * The file name is a variable length array and no stat structure is
 	 * necessary if the user has set the nostat bit.  Allocate the FTSENT
 	 * structure, the file name and the stat structure in one chunk, but
 	 * be careful that the stat structure is reasonably aligned.  Since the
 	 * fts_name field is declared to be of size 1, the fts_name pointer is
 	 * namelen + 2 before the first possible address of the stat structure.
 	 */
 	len = sizeof(FTSENT) + namelen;
 	if (!FTS_ISSET(FTS_NOSTAT))
 		len += sizeof(struct stat) + FTS_ALIGNBYTES;
 	if ((p = calloc(1, len)) == NULL)
 		return (NULL);
 
 	p->fts_path = sp->fts_path;
 	p->fts_namelen = namelen;
 	p->fts_instr = FTS_NOINSTR;
 	if (!FTS_ISSET(FTS_NOSTAT))
 		p->fts_statp = (struct stat *)FTS_ALIGN(p->fts_name + namelen + 2);
 	memcpy(p->fts_name, name, namelen);
 
 	return (p);
 }
 
 static void
 fts_lfree(FTSENT *head)
 {
 	FTSENT *p;
 
 	/* Free a linked list of structures. */
 	while ((p = head)) {
 		head = head->fts_link;
 		free(p);
 	}
 }
 
 /*
  * Allow essentially unlimited paths; find, rm, ls should all work on any tree.
  * Most systems will allow creation of paths much longer than PATH_MAX, even
  * though the kernel won't resolve them.  Add the size (not just what's needed)
  * plus 256 bytes so don't realloc the path 2 bytes at a time.
  */
 static int
 fts_palloc(FTS *sp, size_t more)
 {
 	char *p;
 
 	/*
 	 * Check for possible wraparound.
 	 */
 	more += 256;
 	if (sp->fts_pathlen + more < sp->fts_pathlen) {
 		free(sp->fts_path);
 		sp->fts_path = NULL;
 		errno = ENAMETOOLONG;
 		return (1);
 	}
 	p = recallocarray(sp->fts_path, sp->fts_pathlen,
 	    sp->fts_pathlen + more, 1);
 	if (p == NULL) {
 		free(sp->fts_path);
 		sp->fts_path = NULL;
 		return (1);
 	}
 	sp->fts_pathlen += more;
 	sp->fts_path = p;
 	return (0);
 }
 
 /*
  * When the path is realloc'd, have to fix all of the pointers in structures
  * already returned.
  */
 static void
 fts_padjust(FTS *sp, FTSENT *head)
 {
 	FTSENT *p;
 	char *addr = sp->fts_path;
 
 #define	ADJUST(p) {							\
 	if ((p)->fts_accpath != (p)->fts_name) {			\
 		(p)->fts_accpath =					\
 		    (char *)addr + ((p)->fts_accpath - (p)->fts_path);	\
 	}								\
 	(p)->fts_path = addr;						\
 }
 	/* Adjust the current set of children. */
 	for (p = sp->fts_child; p; p = p->fts_link)
 		ADJUST(p);
 
 	/* Adjust the rest of the tree, including the current level. */
 	for (p = head; p->fts_level >= FTS_ROOTLEVEL;) {
 		ADJUST(p);
 		p = p->fts_link ? p->fts_link : p->fts_parent;
 	}
 }
 
 static size_t
 fts_maxarglen(char * const *argv)
 {
 	size_t len, max;
 
 	for (max = 0; *argv; ++argv)
 		if ((len = strlen(*argv)) > max)
 			max = len;
 	return (max + 1);
 }
 
 /*
  * Change to dir specified by fd or p->fts_accpath without getting
  * tricked by someone changing the world out from underneath us.
  * Assumes p->fts_dev and p->fts_ino are filled in.
  */
 static int
 fts_safe_changedir(FTS *sp, FTSENT *p, int fd, char *path)
 {
 	int ret, oerrno, newfd;
 	struct stat sb;
 
 	newfd = fd;
 	if (FTS_ISSET(FTS_NOCHDIR))
 		return (0);
 	if (fd == -1 && (newfd = open(path, O_RDONLY|O_DIRECTORY|O_CLOEXEC)) == -1)
 		return (-1);
 	if (fstat(newfd, &sb) == -1) {
 		ret = -1;
 		goto bail;
 	}
 	if (p->fts_dev != sb.st_dev || p->fts_ino != sb.st_ino) {
 		errno = ENOENT;		/* disinformation */
 		ret = -1;
 		goto bail;
 	}
 	ret = fchdir(newfd);
 bail:
 	oerrno = errno;
 	if (fd == -1)
 		(void)close(newfd);
 	errno = oerrno;
 	return (ret);
 }
 #endif /* !HAVE_FTS */
 #if !HAVE_GETPROGNAME
 /*
  * Copyright (c) 2016 Nicholas Marriott <nicholas.marriott@gmail.com>
  * Copyright (c) 2017 Kristaps Dzonsons <kristaps@bsd.lv>
  * Copyright (c) 2020 Stephen Gregoratto <dev@sgregoratto.me>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
  *
  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  * WHATSOEVER RESULTING FROM LOSS OF MIND, USE, DATA OR PROFITS, WHETHER
  * IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING
  * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
 #include <sys/types.h>
 
 #include <errno.h>
 
 #if HAVE_GETEXECNAME
 #include <stdlib.h>
 const char *
 getprogname(void)
 {
 	return getexecname();
 }
 #elif HAVE_PROGRAM_INVOCATION_SHORT_NAME
 const char *
 getprogname(void)
 {
 	return (program_invocation_short_name);
 }
 #elif HAVE___PROGNAME
 const char *
 getprogname(void)
 {
 	extern char	*__progname;
 
 	return (__progname);
 }
 #else
 #error No getprogname available.
 #endif
 #endif /* !HAVE_GETPROGNAME */
 #if !HAVE_MD5
 /*
  * This code implements the MD5 message-digest algorithm.
  * The algorithm is due to Ron Rivest.	This code was
  * written by Colin Plumb in 1993, no copyright is claimed.
  * This code is in the public domain; do with it what you wish.
  *
  * Equivalent code is available from RSA Data Security, Inc.
  * This code has been tested against that, and is equivalent,
  * except that you don't need to include two pages of legalese
  * with every copy.
  *
  * To compute the message digest of a chunk of bytes, declare an
  * MD5Context structure, pass it to MD5Init, call MD5Update as
  * needed on buffers full of bytes, and then call MD5Final, which
  * will fill a supplied 16-byte array with the digest.
  */
 
 #include <sys/types.h>
 #include <stdlib.h>
 #include <string.h>
 
 #ifndef BYTE_ORDER
 # if defined(LITTLE_ENDIAN) || defined(BIG_ENDIAN)
 #  error Confusion in endian macros.
 # endif
 # if !defined(__BYTE_ORDER__)
 #  error Byte order macro not found.
 # endif
 # if !defined(__ORDER_LITTLE_ENDIAN__) || !defined(__ORDER_BIG_ENDIAN__)
 #  error Little/big endian macros not found.
 # endif
 # define BYTE_ORDER __BYTE_ORDER__
 # define LITTLE_ENDIAN __ORDER_LITTLE_ENDIAN__
 # define BIG_ENDIAN __ORDER_BIG_ENDIAN__
 #endif /*!BYTE_ORDER*/
 
 #define PUT_64BIT_LE(cp, value) do {					\
 	(cp)[7] = (value) >> 56;					\
 	(cp)[6] = (value) >> 48;					\
 	(cp)[5] = (value) >> 40;					\
 	(cp)[4] = (value) >> 32;					\
 	(cp)[3] = (value) >> 24;					\
 	(cp)[2] = (value) >> 16;					\
 	(cp)[1] = (value) >> 8;						\
 	(cp)[0] = (value); } while (0)
 
 #define PUT_32BIT_LE(cp, value) do {					\
 	(cp)[3] = (value) >> 24;					\
 	(cp)[2] = (value) >> 16;					\
 	(cp)[1] = (value) >> 8;						\
 	(cp)[0] = (value); } while (0)
 
 static uint8_t PADDING[MD5_BLOCK_LENGTH] = {
 	0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
 	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
 	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
 };
 
 /*
  * Start MD5 accumulation.  Set bit count to 0 and buffer to mysterious
  * initialization constants.
  */
 void
 MD5Init(MD5_CTX *ctx)
 {
 	ctx->count = 0;
 	ctx->state[0] = 0x67452301;
 	ctx->state[1] = 0xefcdab89;
 	ctx->state[2] = 0x98badcfe;
 	ctx->state[3] = 0x10325476;
 }
 
 /*
  * Update context to reflect the concatenation of another buffer full
  * of bytes.
  */
 void
 MD5Update(MD5_CTX *ctx, const unsigned char *input, size_t len)
 {
 	size_t have, need;
 
 	/* Check how many bytes we already have and how many more we need. */
 	have = (size_t)((ctx->count >> 3) & (MD5_BLOCK_LENGTH - 1));
 	need = MD5_BLOCK_LENGTH - have;
 
 	/* Update bitcount */
 	ctx->count += (uint64_t)len << 3;
 
 	if (len >= need) {
 		if (have != 0) {
 			memcpy(ctx->buffer + have, input, need);
 			MD5Transform(ctx->state, ctx->buffer);
 			input += need;
 			len -= need;
 			have = 0;
 		}
 
 		/* Process data in MD5_BLOCK_LENGTH-byte chunks. */
 		while (len >= MD5_BLOCK_LENGTH) {
 			MD5Transform(ctx->state, input);
 			input += MD5_BLOCK_LENGTH;
 			len -= MD5_BLOCK_LENGTH;
 		}
 	}
 
 	/* Handle any remaining bytes of data. */
 	if (len != 0)
 		memcpy(ctx->buffer + have, input, len);
 }
 
 /*
  * Pad pad to 64-byte boundary with the bit pattern
  * 1 0* (64-bit count of bits processed, MSB-first)
  */
 void
 MD5Pad(MD5_CTX *ctx)
 {
 	uint8_t count[8];
 	size_t padlen;
 
 	/* Convert count to 8 bytes in little endian order. */
 	PUT_64BIT_LE(count, ctx->count);
 
 	/* Pad out to 56 mod 64. */
 	padlen = MD5_BLOCK_LENGTH -
 	    ((ctx->count >> 3) & (MD5_BLOCK_LENGTH - 1));
 	if (padlen < 1 + 8)
 		padlen += MD5_BLOCK_LENGTH;
 	MD5Update(ctx, PADDING, padlen - 8);		/* padlen - 8 <= 64 */
 	MD5Update(ctx, count, 8);
 }
 
 /*
  * Final wrapup--call MD5Pad, fill in digest and zero out ctx.
  */
 void
 MD5Final(unsigned char digest[MD5_DIGEST_LENGTH], MD5_CTX *ctx)
 {
 	int i;
 
 	MD5Pad(ctx);
 	for (i = 0; i < 4; i++)
 		PUT_32BIT_LE(digest + i * 4, ctx->state[i]);
 	memset(ctx, 0, sizeof(*ctx));
 }
 
 
 /* The four core functions - F1 is optimized somewhat */
 
 /* #define F1(x, y, z) (x & y | ~x & z) */
 #define F1(x, y, z) (z ^ (x & (y ^ z)))
 #define F2(x, y, z) F1(z, x, y)
 #define F3(x, y, z) (x ^ y ^ z)
 #define F4(x, y, z) (y ^ (x | ~z))
 
 /* This is the central step in the MD5 algorithm. */
 #define MD5STEP(f, w, x, y, z, data, s) \
 	( w += f(x, y, z) + data,  w = w<<s | w>>(32-s),  w += x )
 
 /*
  * The core of the MD5 algorithm, this alters an existing MD5 hash to
  * reflect the addition of 16 longwords of new data.  MD5Update blocks
  * the data and converts bytes into longwords for this routine.
  */
 void
 MD5Transform(uint32_t state[4], const uint8_t block[MD5_BLOCK_LENGTH])
 {
 	uint32_t a, b, c, d, in[MD5_BLOCK_LENGTH / 4];
 
 #if BYTE_ORDER == LITTLE_ENDIAN
 	memcpy(in, block, sizeof(in));
 #else
 	for (a = 0; a < MD5_BLOCK_LENGTH / 4; a++) {
 		in[a] = (uint32_t)(
 		    (uint32_t)(block[a * 4 + 0]) |
 		    (uint32_t)(block[a * 4 + 1]) <<  8 |
 		    (uint32_t)(block[a * 4 + 2]) << 16 |
 		    (uint32_t)(block[a * 4 + 3]) << 24);
 	}
 #endif
 
 	a = state[0];
 	b = state[1];
 	c = state[2];
 	d = state[3];
 
 	MD5STEP(F1, a, b, c, d, in[ 0] + 0xd76aa478,  7);
 	MD5STEP(F1, d, a, b, c, in[ 1] + 0xe8c7b756, 12);
 	MD5STEP(F1, c, d, a, b, in[ 2] + 0x242070db, 17);
 	MD5STEP(F1, b, c, d, a, in[ 3] + 0xc1bdceee, 22);
 	MD5STEP(F1, a, b, c, d, in[ 4] + 0xf57c0faf,  7);
 	MD5STEP(F1, d, a, b, c, in[ 5] + 0x4787c62a, 12);
 	MD5STEP(F1, c, d, a, b, in[ 6] + 0xa8304613, 17);
 	MD5STEP(F1, b, c, d, a, in[ 7] + 0xfd469501, 22);
 	MD5STEP(F1, a, b, c, d, in[ 8] + 0x698098d8,  7);
 	MD5STEP(F1, d, a, b, c, in[ 9] + 0x8b44f7af, 12);
 	MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17);
 	MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22);
 	MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122,  7);
 	MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12);
 	MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17);
 	MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22);
 
 	MD5STEP(F2, a, b, c, d, in[ 1] + 0xf61e2562,  5);
 	MD5STEP(F2, d, a, b, c, in[ 6] + 0xc040b340,  9);
 	MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14);
 	MD5STEP(F2, b, c, d, a, in[ 0] + 0xe9b6c7aa, 20);
 	MD5STEP(F2, a, b, c, d, in[ 5] + 0xd62f105d,  5);
 	MD5STEP(F2, d, a, b, c, in[10] + 0x02441453,  9);
 	MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14);
 	MD5STEP(F2, b, c, d, a, in[ 4] + 0xe7d3fbc8, 20);
 	MD5STEP(F2, a, b, c, d, in[ 9] + 0x21e1cde6,  5);
 	MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6,  9);
 	MD5STEP(F2, c, d, a, b, in[ 3] + 0xf4d50d87, 14);
 	MD5STEP(F2, b, c, d, a, in[ 8] + 0x455a14ed, 20);
 	MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905,  5);
 	MD5STEP(F2, d, a, b, c, in[ 2] + 0xfcefa3f8,  9);
 	MD5STEP(F2, c, d, a, b, in[ 7] + 0x676f02d9, 14);
 	MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20);
 
 	MD5STEP(F3, a, b, c, d, in[ 5] + 0xfffa3942,  4);
 	MD5STEP(F3, d, a, b, c, in[ 8] + 0x8771f681, 11);
 	MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16);
 	MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23);
 	MD5STEP(F3, a, b, c, d, in[ 1] + 0xa4beea44,  4);
 	MD5STEP(F3, d, a, b, c, in[ 4] + 0x4bdecfa9, 11);
 	MD5STEP(F3, c, d, a, b, in[ 7] + 0xf6bb4b60, 16);
 	MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23);
 	MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6,  4);
 	MD5STEP(F3, d, a, b, c, in[ 0] + 0xeaa127fa, 11);
 	MD5STEP(F3, c, d, a, b, in[ 3] + 0xd4ef3085, 16);
 	MD5STEP(F3, b, c, d, a, in[ 6] + 0x04881d05, 23);
 	MD5STEP(F3, a, b, c, d, in[ 9] + 0xd9d4d039,  4);
 	MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11);
 	MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16);
 	MD5STEP(F3, b, c, d, a, in[2 ] + 0xc4ac5665, 23);
 
 	MD5STEP(F4, a, b, c, d, in[ 0] + 0xf4292244,  6);
 	MD5STEP(F4, d, a, b, c, in[7 ] + 0x432aff97, 10);
 	MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15);
 	MD5STEP(F4, b, c, d, a, in[5 ] + 0xfc93a039, 21);
 	MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3,  6);
 	MD5STEP(F4, d, a, b, c, in[3 ] + 0x8f0ccc92, 10);
 	MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15);
 	MD5STEP(F4, b, c, d, a, in[1 ] + 0x85845dd1, 21);
 	MD5STEP(F4, a, b, c, d, in[8 ] + 0x6fa87e4f,  6);
 	MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10);
 	MD5STEP(F4, c, d, a, b, in[6 ] + 0xa3014314, 15);
 	MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21);
 	MD5STEP(F4, a, b, c, d, in[4 ] + 0xf7537e82,  6);
 	MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10);
 	MD5STEP(F4, c, d, a, b, in[2 ] + 0x2ad7d2bb, 15);
 	MD5STEP(F4, b, c, d, a, in[9 ] + 0xeb86d391, 21);
 
 	state[0] += a;
 	state[1] += b;
 	state[2] += c;
 	state[3] += d;
 }
 
 char *
 MD5End(MD5_CTX *ctx, char *buf)
 {
 	int i;
 	unsigned char digest[MD5_DIGEST_LENGTH];
 	static const char hex[]="0123456789abcdef";
 
 	if (!buf)
 		buf = malloc(2*MD5_DIGEST_LENGTH + 1);
 	if (!buf)
 		return 0;
 	MD5Final(digest, ctx);
 	for (i = 0; i < MD5_DIGEST_LENGTH; i++) {
 		buf[i+i] = hex[digest[i] >> 4];
 		buf[i+i+1] = hex[digest[i] & 0x0f];
 	}
 	buf[i+i] = '\0';
 	return buf;
 }
 #endif /* !HAVE_MD5 */
 #if !HAVE_MEMMEM
 /*-
  * Copyright (c) 2005 Pascal Gloor <pascal.gloor@spale.com>
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in
  *    the documentation and/or other materials provided with the
  *    distribution.
  * 3. The name of the author may not be used to endorse or promote
  *    products derived from this software without specific prior written
  *    permission.
  *
  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS''
  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
  * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
  * PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR
  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
  * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
  * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 /*
  * Find the first occurrence of the byte string s in byte string l.
  */
 void *
 memmem(const void *l, size_t l_len, const void *s, size_t s_len)
 {
 	const char *cur, *last;
 	const char *cl = l;
 	const char *cs = s;
 
 	/* a zero length needle should just return the haystack */
 	if (l_len == 0)
 		return (void *)cl;
 
 	/* "s" must be smaller or equal to "l" */
 	if (l_len < s_len)
 		return NULL;
 
 	/* special case where s_len == 1 */
 	if (s_len == 1)
 		return memchr(l, *cs, l_len);
 
 	/* the last position where its possible to find "s" in "l" */
 	last = cl + l_len - s_len;
 
 	for (cur = cl; cur <= last; cur++)
 		if (cur[0] == cs[0] && memcmp(cur, cs, s_len) == 0)
 			return (void *)cur;
 
 	return NULL;
 }
 #endif /* !HAVE_MEMMEM */
 #if !HAVE_MEMRCHR
 /*
  * Copyright (c) 2007 Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
  *
  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  *
  */
 
 #include <string.h>
 
 /*
  * Reverse memchr()
  * Find the last occurrence of 'c' in the buffer 's' of size 'n'.
  */
 void *
 memrchr(const void *s, int c, size_t n)
 {
     const unsigned char *cp;
 
     if (n != 0) {
         cp = (unsigned char *)s + n;
         do {
             if (*(--cp) == (unsigned char)c)
                 return((void *)cp);
         } while (--n != 0);
     }
     return(NULL);
 }
 #endif /* !HAVE_MEMRCHR */
 #if !HAVE_MKFIFOAT
 #include <sys/stat.h>
 
 #include <errno.h>
 #include <fcntl.h>
 #include <unistd.h>
 
 int
 mkfifoat(int fd, const char *path, mode_t mode)
 {
 	int	er, curfd = -1, newfd = -1;
 
 	/* Get our current directory then switch to the given one. */
 
 	if (fd != AT_FDCWD) {
 		if ((curfd = open(".", O_RDONLY | O_DIRECTORY, 0)) == -1)
 			return -1;
 		if (fchdir(fd) == -1)
 			goto out;
 	}
 
 	if ((newfd = mkfifo(path, mode)) == -1)
 		goto out;
 
 	/* This leaves the fifo if it fails. */
 
 	if (curfd != -1 && fchdir(curfd) == -1)
 		goto out;
 	if (curfd != -1)
 		close(curfd);
 
 	return newfd;
 out:
 	/* Ignore errors in close(2). */
 
 	er = errno;
 	if (curfd != -1)
 		fchdir(curfd);
 	if (curfd != -1)
 		close(curfd);
 	if (newfd != -1)
 		close(newfd);
 	errno = er;
 	return -1;
 }
 #endif /* !HAVE_MKFIFOAT */
 #if !HAVE_MKNODAT
 #include <sys/stat.h>
 
 #include <errno.h>
 #include <fcntl.h>
 #include <unistd.h>
 
 int
 mknodat(int fd, const char *path, mode_t mode, dev_t dev)
 {
 	int	er, curfd = -1, newfd = -1;
 
 	/* Get our current directory then switch to the given one. */
 
 	if (fd != AT_FDCWD) {
 		if ((curfd = open(".", O_RDONLY | O_DIRECTORY, 0)) == -1)
 			return -1;
 		if (fchdir(fd) == -1)
 			goto out;
 	}
 
 	if ((newfd = mknod(path, mode, dev)) == -1)
 		goto out;
 
 	/* This leaves the node if it fails. */
 
 	if (curfd != -1 && fchdir(curfd) == -1)
 		goto out;
 	if (curfd != -1)
 		close(curfd);
 
 	return newfd;
 out:
 	
 	/* Ignore errors in close(2). */
 
 	er = errno;
 	if (curfd != -1)
 		fchdir(curfd);
 	if (curfd != -1)
 		close(curfd);
 	if (newfd != -1)
 		close(newfd);
 	errno = er;
 	return -1;
 }
 #endif /* !HAVE_MKNODAT */
 #if !HAVE_READPASSPHRASE
 /* 
  * Original: readpassphrase.c in OpenSSH portable
  */
 /*
  * Copyright (c) 2000-2002, 2007, 2010
  *	Todd C. Miller <millert@openbsd.org>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
  *
  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  *
  * Sponsored in part by the Defense Advanced Research Projects
  * Agency (DARPA) and Air Force Research Laboratory, Air Force
  * Materiel Command, USAF, under agreement number F39502-99-1-0512.
  */
 
 #include <ctype.h>
 #include <errno.h>
 #include <fcntl.h>
 #include <paths.h>
 #include <pwd.h>
 #include <signal.h>
 #include <string.h>
 #include <termios.h>
 #include <unistd.h>
 
 #if !defined(_NSIG) && defined(NSIG)
 # define _NSIG NSIG
 #endif
 
 static volatile sig_atomic_t readpassphrase_signo[_NSIG];
 
 static void
 readpassphrase_handler(int s)
 {
 
 	readpassphrase_signo[s] = 1;
 }
 
 char *
 readpassphrase(const char *prompt, char *buf, size_t bufsiz, int flags)
 {
 	ssize_t nr;
 	int input, output, save_errno, i, need_restart;
 	char ch, *p, *end;
 	struct termios term, oterm;
 	struct sigaction sa, savealrm, saveint, savehup, savequit, saveterm;
 	struct sigaction savetstp, savettin, savettou, savepipe;
 /* If we don't have TCSASOFT define it so that ORing it it below is a no-op. */
 #ifndef TCSASOFT
 	const int tcasoft = 0;
 #else
 	const int tcasoft = TCSASOFT;
 #endif
 
 	/* I suppose we could alloc on demand in this case (XXX). */
 	if (bufsiz == 0) {
 		errno = EINVAL;
 		return(NULL);
 	}
 
 restart:
 	for (i = 0; i < _NSIG; i++)
 		readpassphrase_signo[i] = 0;
 	nr = -1;
 	save_errno = 0;
 	need_restart = 0;
 	/*
 	 * Read and write to /dev/tty if available.  If not, read from
 	 * stdin and write to stderr unless a tty is required.
 	 */
 	if ((flags & RPP_STDIN) ||
 	    (input = output = open(_PATH_TTY, O_RDWR)) == -1) {
 		if (flags & RPP_REQUIRE_TTY) {
 			errno = ENOTTY;
 			return(NULL);
 		}
 		input = STDIN_FILENO;
 		output = STDERR_FILENO;
 	}
 
 	/*
 	 * Turn off echo if possible.
 	 * If we are using a tty but are not the foreground pgrp this will
 	 * generate SIGTTOU, so do it *before* installing the signal handlers.
 	 */
 	if (input != STDIN_FILENO && tcgetattr(input, &oterm) == 0) {
 		memcpy(&term, &oterm, sizeof(term));
 		if (!(flags & RPP_ECHO_ON))
 			term.c_lflag &= ~(ECHO | ECHONL);
 #ifdef VSTATUS
 		if (term.c_cc[VSTATUS] != _POSIX_VDISABLE)
 			term.c_cc[VSTATUS] = _POSIX_VDISABLE;
 #endif
 		(void)tcsetattr(input, TCSAFLUSH|tcasoft, &term);
 	} else {
 		memset(&term, 0, sizeof(term));
 		term.c_lflag |= ECHO;
 		memset(&oterm, 0, sizeof(oterm));
 		oterm.c_lflag |= ECHO;
 	}
 
 	/*
 	 * Catch signals that would otherwise cause the user to end
 	 * up with echo turned off in the shell.  Don't worry about
 	 * things like SIGXCPU and SIGVTALRM for now.
 	 */
 	sigemptyset(&sa.sa_mask);
 	sa.sa_flags = 0;		/* don't restart system calls */
 	sa.sa_handler = readpassphrase_handler;
 	(void)sigaction(SIGALRM, &sa, &savealrm);
 	(void)sigaction(SIGHUP, &sa, &savehup);
 	(void)sigaction(SIGINT, &sa, &saveint);
 	(void)sigaction(SIGPIPE, &sa, &savepipe);
 	(void)sigaction(SIGQUIT, &sa, &savequit);
 	(void)sigaction(SIGTERM, &sa, &saveterm);
 	(void)sigaction(SIGTSTP, &sa, &savetstp);
 	(void)sigaction(SIGTTIN, &sa, &savettin);
 	(void)sigaction(SIGTTOU, &sa, &savettou);
 
 	if (!(flags & RPP_STDIN))
 		(void)write(output, prompt, strlen(prompt));
 	end = buf + bufsiz - 1;
 	p = buf;
 	while ((nr = read(input, &ch, 1)) == 1 && ch != '\n' && ch != '\r') {
 		if (p < end) {
 			if ((flags & RPP_SEVENBIT))
 				ch &= 0x7f;
 			if (isalpha((unsigned char)ch)) {
 				if ((flags & RPP_FORCELOWER))
 					ch = (char)tolower((unsigned char)ch);
 				if ((flags & RPP_FORCEUPPER))
 					ch = (char)toupper((unsigned char)ch);
 			}
 			*p++ = ch;
 		}
 	}
 	*p = '\0';
 	save_errno = errno;
 	if (!(term.c_lflag & ECHO))
 		(void)write(output, "\n", 1);
 
 	/* Restore old terminal settings and signals. */
 	if (memcmp(&term, &oterm, sizeof(term)) != 0) {
 		const int sigttou = readpassphrase_signo[SIGTTOU];
 
 		/* Ignore SIGTTOU generated when we are not the fg pgrp. */
 		while (tcsetattr(input, TCSAFLUSH|tcasoft, &oterm) == -1 &&
 		    errno == EINTR && !readpassphrase_signo[SIGTTOU])
 			continue;
 		readpassphrase_signo[SIGTTOU] = sigttou;
 	}
 	(void)sigaction(SIGALRM, &savealrm, NULL);
 	(void)sigaction(SIGHUP, &savehup, NULL);
 	(void)sigaction(SIGINT, &saveint, NULL);
 	(void)sigaction(SIGQUIT, &savequit, NULL);
 	(void)sigaction(SIGPIPE, &savepipe, NULL);
 	(void)sigaction(SIGTERM, &saveterm, NULL);
 	(void)sigaction(SIGTSTP, &savetstp, NULL);
 	(void)sigaction(SIGTTIN, &savettin, NULL);
 	(void)sigaction(SIGTTOU, &savettou, NULL);
 	if (input != STDIN_FILENO)
 		(void)close(input);
 
 	/*
 	 * If we were interrupted by a signal, resend it to ourselves
 	 * now that we have restored the signal handlers.
 	 */
 	for (i = 0; i < _NSIG; i++) {
 		if (readpassphrase_signo[i]) {
 			kill(getpid(), i);
 			switch (i) {
 			case SIGTSTP:
 			case SIGTTIN:
 			case SIGTTOU:
 				need_restart = 1;
 			}
 		}
 	}
 	if (need_restart)
 		goto restart;
 
 	if (save_errno)
 		errno = save_errno;
 	return(nr == -1 ? NULL : buf);
 }
 #endif /* !HAVE_READPASSPHRASE */
 #if !HAVE_REALLOCARRAY
 /*
  * Copyright (c) 2008 Otto Moerbeek <otto@drijf.net>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
  *
  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
 #include <sys/types.h>
 #include <errno.h>
 #include <stdint.h>
 #include <stdlib.h>
 
 /*
  * This is sqrt(SIZE_MAX+1), as s1*s2 <= SIZE_MAX
  * if both s1 < MUL_NO_OVERFLOW and s2 < MUL_NO_OVERFLOW
  */
 #define MUL_NO_OVERFLOW	((size_t)1 << (sizeof(size_t) * 4))
 
 void *
 reallocarray(void *optr, size_t nmemb, size_t size)
 {
 	if ((nmemb >= MUL_NO_OVERFLOW || size >= MUL_NO_OVERFLOW) &&
 	    nmemb > 0 && SIZE_MAX / nmemb < size) {
 		errno = ENOMEM;
 		return NULL;
 	}
 	return realloc(optr, size * nmemb);
 }
 #endif /* !HAVE_REALLOCARRAY */
 #if !HAVE_RECALLOCARRAY
 /*
  * Copyright (c) 2008, 2017 Otto Moerbeek <otto@drijf.net>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
  *
  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
 /* OPENBSD ORIGINAL: lib/libc/stdlib/recallocarray.c */
 
 #include <errno.h>
 #include <stdlib.h>
 #include <stdint.h>
 #include <string.h>
 #include <unistd.h>
 
 /*
  * This is sqrt(SIZE_MAX+1), as s1*s2 <= SIZE_MAX
  * if both s1 < MUL_NO_OVERFLOW and s2 < MUL_NO_OVERFLOW
  */
 #define MUL_NO_OVERFLOW ((size_t)1 << (sizeof(size_t) * 4))
 
 void *
 recallocarray(void *ptr, size_t oldnmemb, size_t newnmemb, size_t size)
 {
 	size_t oldsize, newsize;
 	void *newptr;
 
 	if (ptr == NULL)
 		return calloc(newnmemb, size);
 
 	if ((newnmemb >= MUL_NO_OVERFLOW || size >= MUL_NO_OVERFLOW) &&
 	    newnmemb > 0 && SIZE_MAX / newnmemb < size) {
 		errno = ENOMEM;
 		return NULL;
 	}
 	newsize = newnmemb * size;
 
 	if ((oldnmemb >= MUL_NO_OVERFLOW || size >= MUL_NO_OVERFLOW) &&
 	    oldnmemb > 0 && SIZE_MAX / oldnmemb < size) {
 		errno = EINVAL;
 		return NULL;
 	}
 	oldsize = oldnmemb * size;
 	
 	/*
 	 * Don't bother too much if we're shrinking just a bit,
 	 * we do not shrink for series of small steps, oh well.
 	 */
 	if (newsize <= oldsize) {
 		size_t d = oldsize - newsize;
 
 		if (d < oldsize / 2 && d < (size_t)getpagesize()) {
 			memset((char *)ptr + newsize, 0, d);
 			return ptr;
 		}
 	}
 
 	newptr = malloc(newsize);
 	if (newptr == NULL)
 		return NULL;
 
 	if (newsize > oldsize) {
 		memcpy(newptr, ptr, oldsize);
 		memset((char *)newptr + oldsize, 0, newsize - oldsize);
 	} else
 		memcpy(newptr, ptr, newsize);
 
 	explicit_bzero(ptr, oldsize);
 	free(ptr);
 
 	return newptr;
 }
 #endif /* !HAVE_RECALLOCARRAY */
 #if !HAVE_SETRESGID
 /*
  * Copyright (c) 2004, 2005 Darren Tucker (dtucker at zip com au).
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
  *
  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
 #include <sys/types.h>
 #include <unistd.h>
 
 int
 setresgid(gid_t rgid, gid_t egid, gid_t sgid)
 {
 	/* this is the only configuration tested */
 
 	if (rgid != egid || egid != sgid)
 		return -1;
 
 	if (setregid(rgid, egid) == -1)
 		return -1;
 
 	return 0;
 }
 #endif /* !HAVE_SETRESGID */
 #if !HAVE_SETRESUID
 /*
  * Copyright (c) 2004, 2005 Darren Tucker (dtucker at zip com au).
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
  *
  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
 #include <sys/types.h>
 
 #include <errno.h>
 #include <unistd.h>
 
 int
 setresuid(uid_t ruid, uid_t euid, uid_t suid)
 {
 	uid_t ouid;
 	int ret = -1;
 
 	/* Allow only the tested configuration. */
 
 	if (ruid != euid || euid != suid) {
 		errno = ENOSYS;
 		return -1;
 	}
 	ouid = getuid();
 
 	if ((ret = setreuid(euid, euid)) == -1)
 		return -1;
 
 	/*
 	 * When real, effective and saved uids are the same and we have
 	 * changed uids, sanity check that we cannot restore the old uid.
 	 */
 
 	if (ruid == euid && euid == suid && ouid != ruid &&
 	    setuid(ouid) != -1 && seteuid(ouid) != -1) {
 		errno = EINVAL;
 		return -1;
 	}
 
 	/*
 	 * Finally, check that the real and effective uids are what we
 	 * expect.
 	 */
 	if (getuid() != ruid || geteuid() != euid) {
 		errno = EACCES;
 		return -1;
 	}
 
 	return ret;
 }
 #endif /* !HAVE_SETRESUID */
 #if !HAVE_SHA2_H
 /*	$OpenBSD$	*/
 
 /*
  * FILE:	sha2.c
  * AUTHOR:	Aaron D. Gifford <me@aarongifford.com>
  * 
  * Copyright (c) 2000-2001, Aaron D. Gifford
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. Neither the name of the copyright holder nor the names of contributors
  *    may be used to endorse or promote products derived from this software
  *    without specific prior written permission.
  * 
  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTOR(S) ``AS IS'' AND
  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTOR(S) BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
  * $From: sha2.c,v 1.1 2001/11/08 00:01:51 adg Exp adg $
  */
 
 /* OPENBSD ORIGINAL: lib/libc/hash/sha2.c */
 
 /* no-op out, similar to DEF_WEAK but only needed here */
 #define MAKE_CLONE(x, y)	void __ssh_compat_make_clone_##x_##y(void)
 
 #include <sys/types.h>
 #include <sys/stat.h>
 
 #include <errno.h>
 #include <fcntl.h>
 #include <stdlib.h>
 #include <stdio.h>
 #include <string.h>
 #include <unistd.h>
 
 #ifndef MINIMUM
 # define MINIMUM(a, b)	(((a) < (b)) ? (a) : (b))
 #endif
 
 #ifndef BYTE_ORDER
 # if defined(LITTLE_ENDIAN) || defined(BIG_ENDIAN)
 #  error Confusion in endian macros.
 # endif
 # if !defined(__BYTE_ORDER__)
 #  error Byte order macro not found.
 # endif
 # if !defined(__ORDER_LITTLE_ENDIAN__) || !defined(__ORDER_BIG_ENDIAN__)
 #  error Little/big endian macros not found.
 # endif
 # define BYTE_ORDER __BYTE_ORDER__
 # define LITTLE_ENDIAN __ORDER_LITTLE_ENDIAN__
 # define BIG_ENDIAN __ORDER_BIG_ENDIAN__
 #endif /*!BYTE_ORDER*/
 
 /*
  * UNROLLED TRANSFORM LOOP NOTE:
  * You can define SHA2_UNROLL_TRANSFORM to use the unrolled transform
  * loop version for the hash transform rounds (defined using macros
  * later in this file).  Either define on the command line, for example:
  *
  *   cc -DSHA2_UNROLL_TRANSFORM -o sha2 sha2.c sha2prog.c
  *
  * or define below:
  *
  *   #define SHA2_UNROLL_TRANSFORM
  *
  */
 #if defined(__amd64__) || defined(__i386__)
 #define SHA2_UNROLL_TRANSFORM
 #endif
 
 /*** SHA-224/256/384/512 Machine Architecture Definitions *****************/
 /*
  * BYTE_ORDER NOTE:
  *
  * Please make sure that your system defines BYTE_ORDER.  If your
  * architecture is little-endian, make sure it also defines
  * LITTLE_ENDIAN and that the two (BYTE_ORDER and LITTLE_ENDIAN) are
  * equivalent.
  *
  * If your system does not define the above, then you can do so by
  * hand like this:
  *
  *   #define LITTLE_ENDIAN 1234
  *   #define BIG_ENDIAN    4321
  *
  * And for little-endian machines, add:
  *
  *   #define BYTE_ORDER LITTLE_ENDIAN 
  *
  * Or for big-endian machines:
  *
  *   #define BYTE_ORDER BIG_ENDIAN
  *
  * The FreeBSD machine this was written on defines BYTE_ORDER
  * appropriately by including <sys/types.h> (which in turn includes
  * <machine/endian.h> where the appropriate definitions are actually
  * made).
  */
 #if !defined(BYTE_ORDER) || (BYTE_ORDER != LITTLE_ENDIAN && BYTE_ORDER != BIG_ENDIAN)
 #error Define BYTE_ORDER to be equal to either LITTLE_ENDIAN or BIG_ENDIAN
 #endif
 
 
 /*** SHA-224/256/384/512 Various Length Definitions ***********************/
 /* NOTE: Most of these are in sha2.h */
 #define SHA224_SHORT_BLOCK_LENGTH	(SHA224_BLOCK_LENGTH - 8)
 #define SHA256_SHORT_BLOCK_LENGTH	(SHA256_BLOCK_LENGTH - 8)
 #define SHA384_SHORT_BLOCK_LENGTH	(SHA384_BLOCK_LENGTH - 16)
 #define SHA512_SHORT_BLOCK_LENGTH	(SHA512_BLOCK_LENGTH - 16)
 
 /*** ENDIAN SPECIFIC COPY MACROS **************************************/
 #define BE_8_TO_32(dst, cp) do {					\
 	(dst) = (uint32_t)(cp)[3] | ((uint32_t)(cp)[2] << 8) |	\
 	    ((uint32_t)(cp)[1] << 16) | ((uint32_t)(cp)[0] << 24);	\
 } while(0)
 
 #define BE_8_TO_64(dst, cp) do {					\
 	(dst) = (uint64_t)(cp)[7] | ((uint64_t)(cp)[6] << 8) |	\
 	    ((uint64_t)(cp)[5] << 16) | ((uint64_t)(cp)[4] << 24) |	\
 	    ((uint64_t)(cp)[3] << 32) | ((uint64_t)(cp)[2] << 40) |	\
 	    ((uint64_t)(cp)[1] << 48) | ((uint64_t)(cp)[0] << 56);	\
 } while (0)
 
 #define BE_64_TO_8(cp, src) do {					\
 	(cp)[0] = (src) >> 56;						\
         (cp)[1] = (src) >> 48;						\
 	(cp)[2] = (src) >> 40;						\
 	(cp)[3] = (src) >> 32;						\
 	(cp)[4] = (src) >> 24;						\
 	(cp)[5] = (src) >> 16;						\
 	(cp)[6] = (src) >> 8;						\
 	(cp)[7] = (src);						\
 } while (0)
 
 #define BE_32_TO_8(cp, src) do {					\
 	(cp)[0] = (src) >> 24;						\
 	(cp)[1] = (src) >> 16;						\
 	(cp)[2] = (src) >> 8;						\
 	(cp)[3] = (src);						\
 } while (0)
 
 /*
  * Macro for incrementally adding the unsigned 64-bit integer n to the
  * unsigned 128-bit integer (represented using a two-element array of
  * 64-bit words):
  */
 #define ADDINC128(w,n) do {						\
 	(w)[0] += (uint64_t)(n);					\
 	if ((w)[0] < (n)) {						\
 		(w)[1]++;						\
 	}								\
 } while (0)
 
 /*** THE SIX LOGICAL FUNCTIONS ****************************************/
 /*
  * Bit shifting and rotation (used by the six SHA-XYZ logical functions:
  *
  *   NOTE:  The naming of R and S appears backwards here (R is a SHIFT and
  *   S is a ROTATION) because the SHA-224/256/384/512 description document
  *   (see http://csrc.nist.gov/cryptval/shs/sha256-384-512.pdf) uses this
  *   same "backwards" definition.
  */
 /* Shift-right (used in SHA-224, SHA-256, SHA-384, and SHA-512): */
 #define R(b,x) 		((x) >> (b))
 /* 32-bit Rotate-right (used in SHA-224 and SHA-256): */
 #define S32(b,x)	(((x) >> (b)) | ((x) << (32 - (b))))
 /* 64-bit Rotate-right (used in SHA-384 and SHA-512): */
 #define S64(b,x)	(((x) >> (b)) | ((x) << (64 - (b))))
 
 /* Two of six logical functions used in SHA-224, SHA-256, SHA-384, and SHA-512: */
 #define Ch(x,y,z)	(((x) & (y)) ^ ((~(x)) & (z)))
 #define Maj(x,y,z)	(((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
 
 /* Four of six logical functions used in SHA-224 and SHA-256: */
 #define Sigma0_256(x)	(S32(2,  (x)) ^ S32(13, (x)) ^ S32(22, (x)))
 #define Sigma1_256(x)	(S32(6,  (x)) ^ S32(11, (x)) ^ S32(25, (x)))
 #define sigma0_256(x)	(S32(7,  (x)) ^ S32(18, (x)) ^ R(3 ,   (x)))
 #define sigma1_256(x)	(S32(17, (x)) ^ S32(19, (x)) ^ R(10,   (x)))
 
 /* Four of six logical functions used in SHA-384 and SHA-512: */
 #define Sigma0_512(x)	(S64(28, (x)) ^ S64(34, (x)) ^ S64(39, (x)))
 #define Sigma1_512(x)	(S64(14, (x)) ^ S64(18, (x)) ^ S64(41, (x)))
 #define sigma0_512(x)	(S64( 1, (x)) ^ S64( 8, (x)) ^ R( 7,   (x)))
 #define sigma1_512(x)	(S64(19, (x)) ^ S64(61, (x)) ^ R( 6,   (x)))
 
 
 /*** SHA-XYZ INITIAL HASH VALUES AND CONSTANTS ************************/
 /* Hash constant words K for SHA-224 and SHA-256: */
 static const uint32_t K256[64] = {
 	0x428a2f98UL, 0x71374491UL, 0xb5c0fbcfUL, 0xe9b5dba5UL,
 	0x3956c25bUL, 0x59f111f1UL, 0x923f82a4UL, 0xab1c5ed5UL,
 	0xd807aa98UL, 0x12835b01UL, 0x243185beUL, 0x550c7dc3UL,
 	0x72be5d74UL, 0x80deb1feUL, 0x9bdc06a7UL, 0xc19bf174UL,
 	0xe49b69c1UL, 0xefbe4786UL, 0x0fc19dc6UL, 0x240ca1ccUL,
 	0x2de92c6fUL, 0x4a7484aaUL, 0x5cb0a9dcUL, 0x76f988daUL,
 	0x983e5152UL, 0xa831c66dUL, 0xb00327c8UL, 0xbf597fc7UL,
 	0xc6e00bf3UL, 0xd5a79147UL, 0x06ca6351UL, 0x14292967UL,
 	0x27b70a85UL, 0x2e1b2138UL, 0x4d2c6dfcUL, 0x53380d13UL,
 	0x650a7354UL, 0x766a0abbUL, 0x81c2c92eUL, 0x92722c85UL,
 	0xa2bfe8a1UL, 0xa81a664bUL, 0xc24b8b70UL, 0xc76c51a3UL,
 	0xd192e819UL, 0xd6990624UL, 0xf40e3585UL, 0x106aa070UL,
 	0x19a4c116UL, 0x1e376c08UL, 0x2748774cUL, 0x34b0bcb5UL,
 	0x391c0cb3UL, 0x4ed8aa4aUL, 0x5b9cca4fUL, 0x682e6ff3UL,
 	0x748f82eeUL, 0x78a5636fUL, 0x84c87814UL, 0x8cc70208UL,
 	0x90befffaUL, 0xa4506cebUL, 0xbef9a3f7UL, 0xc67178f2UL
 };
 
 /* Initial hash value H for SHA-256: */
 static const uint32_t sha256_initial_hash_value[8] = {
 	0x6a09e667UL,
 	0xbb67ae85UL,
 	0x3c6ef372UL,
 	0xa54ff53aUL,
 	0x510e527fUL,
 	0x9b05688cUL,
 	0x1f83d9abUL,
 	0x5be0cd19UL
 };
 
 /* Hash constant words K for SHA-384 and SHA-512: */
 static const uint64_t K512[80] = {
 	0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL,
 	0xb5c0fbcfec4d3b2fULL, 0xe9b5dba58189dbbcULL,
 	0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL,
 	0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL,
 	0xd807aa98a3030242ULL, 0x12835b0145706fbeULL,
 	0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL,
 	0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL,
 	0x9bdc06a725c71235ULL, 0xc19bf174cf692694ULL,
 	0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL,
 	0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL,
 	0x2de92c6f592b0275ULL, 0x4a7484aa6ea6e483ULL,
 	0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL,
 	0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL,
 	0xb00327c898fb213fULL, 0xbf597fc7beef0ee4ULL,
 	0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL,
 	0x06ca6351e003826fULL, 0x142929670a0e6e70ULL,
 	0x27b70a8546d22ffcULL, 0x2e1b21385c26c926ULL,
 	0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL,
 	0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL,
 	0x81c2c92e47edaee6ULL, 0x92722c851482353bULL,
 	0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL,
 	0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL,
 	0xd192e819d6ef5218ULL, 0xd69906245565a910ULL,
 	0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL,
 	0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL,
 	0x2748774cdf8eeb99ULL, 0x34b0bcb5e19b48a8ULL,
 	0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL,
 	0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL,
 	0x748f82ee5defb2fcULL, 0x78a5636f43172f60ULL,
 	0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL,
 	0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL,
 	0xbef9a3f7b2c67915ULL, 0xc67178f2e372532bULL,
 	0xca273eceea26619cULL, 0xd186b8c721c0c207ULL,
 	0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL,
 	0x06f067aa72176fbaULL, 0x0a637dc5a2c898a6ULL,
 	0x113f9804bef90daeULL, 0x1b710b35131c471bULL,
 	0x28db77f523047d84ULL, 0x32caab7b40c72493ULL,
 	0x3c9ebe0a15c9bebcULL, 0x431d67c49c100d4cULL,
 	0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL,
 	0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL
 };
 
 /* Initial hash value H for SHA-512 */
 static const uint64_t sha512_initial_hash_value[8] = {
 	0x6a09e667f3bcc908ULL,
 	0xbb67ae8584caa73bULL,
 	0x3c6ef372fe94f82bULL,
 	0xa54ff53a5f1d36f1ULL,
 	0x510e527fade682d1ULL,
 	0x9b05688c2b3e6c1fULL,
 	0x1f83d9abfb41bd6bULL,
 	0x5be0cd19137e2179ULL
 };
 
 /* Initial hash value H for SHA-384 */
 static const uint64_t sha384_initial_hash_value[8] = {
 	0xcbbb9d5dc1059ed8ULL,
 	0x629a292a367cd507ULL,
 	0x9159015a3070dd17ULL,
 	0x152fecd8f70e5939ULL,
 	0x67332667ffc00b31ULL,
 	0x8eb44a8768581511ULL,
 	0xdb0c2e0d64f98fa7ULL,
 	0x47b5481dbefa4fa4ULL
 };
 
 /*** SHA-256: *********************************************************/
 void
 SHA256Init(SHA2_CTX *context)
 {
 	memcpy(context->state.st32, sha256_initial_hash_value,
 	    sizeof(sha256_initial_hash_value));
 	memset(context->buffer, 0, sizeof(context->buffer));
 	context->bitcount[0] = 0;
 }
 
 #ifdef SHA2_UNROLL_TRANSFORM
 
 /* Unrolled SHA-256 round macros: */
 
 #define ROUND256_0_TO_15(a,b,c,d,e,f,g,h) do {				    \
 	BE_8_TO_32(W256[j], data);					    \
 	data += 4;							    \
 	T1 = (h) + Sigma1_256((e)) + Ch((e), (f), (g)) + K256[j] + W256[j]; \
 	(d) += T1;							    \
 	(h) = T1 + Sigma0_256((a)) + Maj((a), (b), (c));		    \
 	j++;								    \
 } while(0)
 
 #define ROUND256(a,b,c,d,e,f,g,h) do {					    \
 	s0 = W256[(j+1)&0x0f];						    \
 	s0 = sigma0_256(s0);						    \
 	s1 = W256[(j+14)&0x0f];						    \
 	s1 = sigma1_256(s1);						    \
 	T1 = (h) + Sigma1_256((e)) + Ch((e), (f), (g)) + K256[j] +	    \
 	     (W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0);		    \
 	(d) += T1;							    \
 	(h) = T1 + Sigma0_256((a)) + Maj((a), (b), (c));		    \
 	j++;								    \
 } while(0)
 
 void
 SHA256Transform(uint32_t state[8], const uint8_t data[SHA256_BLOCK_LENGTH])
 {
 	uint32_t	a, b, c, d, e, f, g, h, s0, s1;
 	uint32_t	T1, W256[16];
 	int		j;
 
 	/* Initialize registers with the prev. intermediate value */
 	a = state[0];
 	b = state[1];
 	c = state[2];
 	d = state[3];
 	e = state[4];
 	f = state[5];
 	g = state[6];
 	h = state[7];
 
 	j = 0;
 	do {
 		/* Rounds 0 to 15 (unrolled): */
 		ROUND256_0_TO_15(a,b,c,d,e,f,g,h);
 		ROUND256_0_TO_15(h,a,b,c,d,e,f,g);
 		ROUND256_0_TO_15(g,h,a,b,c,d,e,f);
 		ROUND256_0_TO_15(f,g,h,a,b,c,d,e);
 		ROUND256_0_TO_15(e,f,g,h,a,b,c,d);
 		ROUND256_0_TO_15(d,e,f,g,h,a,b,c);
 		ROUND256_0_TO_15(c,d,e,f,g,h,a,b);
 		ROUND256_0_TO_15(b,c,d,e,f,g,h,a);
 	} while (j < 16);
 
 	/* Now for the remaining rounds up to 63: */
 	do {
 		ROUND256(a,b,c,d,e,f,g,h);
 		ROUND256(h,a,b,c,d,e,f,g);
 		ROUND256(g,h,a,b,c,d,e,f);
 		ROUND256(f,g,h,a,b,c,d,e);
 		ROUND256(e,f,g,h,a,b,c,d);
 		ROUND256(d,e,f,g,h,a,b,c);
 		ROUND256(c,d,e,f,g,h,a,b);
 		ROUND256(b,c,d,e,f,g,h,a);
 	} while (j < 64);
 
 	/* Compute the current intermediate hash value */
 	state[0] += a;
 	state[1] += b;
 	state[2] += c;
 	state[3] += d;
 	state[4] += e;
 	state[5] += f;
 	state[6] += g;
 	state[7] += h;
 
 	/* Clean up */
 	a = b = c = d = e = f = g = h = T1 = 0;
 }
 
 #else /* SHA2_UNROLL_TRANSFORM */
 
 void
 SHA256Transform(uint32_t state[8], const uint8_t data[SHA256_BLOCK_LENGTH])
 {
 	uint32_t	a, b, c, d, e, f, g, h, s0, s1;
 	uint32_t	T1, T2, W256[16];
 	int		j;
 
 	/* Initialize registers with the prev. intermediate value */
 	a = state[0];
 	b = state[1];
 	c = state[2];
 	d = state[3];
 	e = state[4];
 	f = state[5];
 	g = state[6];
 	h = state[7];
 
 	j = 0;
 	do {
 		BE_8_TO_32(W256[j], data);
 		data += 4;
 		/* Apply the SHA-256 compression function to update a..h */
 		T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + W256[j];
 		T2 = Sigma0_256(a) + Maj(a, b, c);
 		h = g;
 		g = f;
 		f = e;
 		e = d + T1;
 		d = c;
 		c = b;
 		b = a;
 		a = T1 + T2;
 
 		j++;
 	} while (j < 16);
 
 	do {
 		/* Part of the message block expansion: */
 		s0 = W256[(j+1)&0x0f];
 		s0 = sigma0_256(s0);
 		s1 = W256[(j+14)&0x0f];	
 		s1 = sigma1_256(s1);
 
 		/* Apply the SHA-256 compression function to update a..h */
 		T1 = h + Sigma1_256(e) + Ch(e, f, g) + K256[j] + 
 		     (W256[j&0x0f] += s1 + W256[(j+9)&0x0f] + s0);
 		T2 = Sigma0_256(a) + Maj(a, b, c);
 		h = g;
 		g = f;
 		f = e;
 		e = d + T1;
 		d = c;
 		c = b;
 		b = a;
 		a = T1 + T2;
 
 		j++;
 	} while (j < 64);
 
 	/* Compute the current intermediate hash value */
 	state[0] += a;
 	state[1] += b;
 	state[2] += c;
 	state[3] += d;
 	state[4] += e;
 	state[5] += f;
 	state[6] += g;
 	state[7] += h;
 
 	/* Clean up */
 	a = b = c = d = e = f = g = h = T1 = T2 = 0;
 }
 
 #endif /* SHA2_UNROLL_TRANSFORM */
 
 void
 SHA256Update(SHA2_CTX *context, const uint8_t *data, size_t len)
 {
 	uint64_t	freespace, usedspace;
 
 	/* Calling with no data is valid (we do nothing) */
 	if (len == 0)
 		return;
 
 	usedspace = (context->bitcount[0] >> 3) % SHA256_BLOCK_LENGTH;
 	if (usedspace > 0) {
 		/* Calculate how much free space is available in the buffer */
 		freespace = SHA256_BLOCK_LENGTH - usedspace;
 
 		if (len >= freespace) {
 			/* Fill the buffer completely and process it */
 			memcpy(&context->buffer[usedspace], data, freespace);
 			context->bitcount[0] += freespace << 3;
 			len -= freespace;
 			data += freespace;
 			SHA256Transform(context->state.st32, context->buffer);
 		} else {
 			/* The buffer is not yet full */
 			memcpy(&context->buffer[usedspace], data, len);
 			context->bitcount[0] += (uint64_t)len << 3;
 			/* Clean up: */
 			usedspace = freespace = 0;
 			return;
 		}
 	}
 	while (len >= SHA256_BLOCK_LENGTH) {
 		/* Process as many complete blocks as we can */
 		SHA256Transform(context->state.st32, data);
 		context->bitcount[0] += SHA256_BLOCK_LENGTH << 3;
 		len -= SHA256_BLOCK_LENGTH;
 		data += SHA256_BLOCK_LENGTH;
 	}
 	if (len > 0) {
 		/* There's left-overs, so save 'em */
 		memcpy(context->buffer, data, len);
 		context->bitcount[0] += len << 3;
 	}
 	/* Clean up: */
 	usedspace = freespace = 0;
 }
 
 void
 SHA256Pad(SHA2_CTX *context)
 {
 	unsigned int	usedspace;
 
 	usedspace = (context->bitcount[0] >> 3) % SHA256_BLOCK_LENGTH;
 	if (usedspace > 0) {
 		/* Begin padding with a 1 bit: */
 		context->buffer[usedspace++] = 0x80;
 
 		if (usedspace <= SHA256_SHORT_BLOCK_LENGTH) {
 			/* Set-up for the last transform: */
 			memset(&context->buffer[usedspace], 0,
 			    SHA256_SHORT_BLOCK_LENGTH - usedspace);
 		} else {
 			if (usedspace < SHA256_BLOCK_LENGTH) {
 				memset(&context->buffer[usedspace], 0,
 				    SHA256_BLOCK_LENGTH - usedspace);
 			}
 			/* Do second-to-last transform: */
 			SHA256Transform(context->state.st32, context->buffer);
 
 			/* Prepare for last transform: */
 			memset(context->buffer, 0, SHA256_SHORT_BLOCK_LENGTH);
 		}
 	} else {
 		/* Set-up for the last transform: */
 		memset(context->buffer, 0, SHA256_SHORT_BLOCK_LENGTH);
 
 		/* Begin padding with a 1 bit: */
 		*context->buffer = 0x80;
 	}
 	/* Store the length of input data (in bits) in big endian format: */
 	BE_64_TO_8(&context->buffer[SHA256_SHORT_BLOCK_LENGTH],
 	    context->bitcount[0]);
 
 	/* Final transform: */
 	SHA256Transform(context->state.st32, context->buffer);
 
 	/* Clean up: */
 	usedspace = 0;
 }
 
 void
 SHA256Final(uint8_t digest[SHA256_DIGEST_LENGTH], SHA2_CTX *context)
 {
 	SHA256Pad(context);
 
 #if BYTE_ORDER == LITTLE_ENDIAN
 	int	i;
 
 	/* Convert TO host byte order */
 	for (i = 0; i < 8; i++)
 		BE_32_TO_8(digest + i * 4, context->state.st32[i]);
 #else
 	memcpy(digest, context->state.st32, SHA256_DIGEST_LENGTH);
 #endif
 	explicit_bzero(context, sizeof(*context));
 }
 
 
 /*** SHA-512: *********************************************************/
 void
 SHA512Init(SHA2_CTX *context)
 {
 	memcpy(context->state.st64, sha512_initial_hash_value,
 	    sizeof(sha512_initial_hash_value));
 	memset(context->buffer, 0, sizeof(context->buffer));
 	context->bitcount[0] = context->bitcount[1] =  0;
 }
 
 #ifdef SHA2_UNROLL_TRANSFORM
 
 /* Unrolled SHA-512 round macros: */
 
 #define ROUND512_0_TO_15(a,b,c,d,e,f,g,h) do {				    \
 	BE_8_TO_64(W512[j], data);					    \
 	data += 8;							    \
 	T1 = (h) + Sigma1_512((e)) + Ch((e), (f), (g)) + K512[j] + W512[j]; \
 	(d) += T1;							    \
 	(h) = T1 + Sigma0_512((a)) + Maj((a), (b), (c));		    \
 	j++;								    \
 } while(0)
 
 
 #define ROUND512(a,b,c,d,e,f,g,h) do {					    \
 	s0 = W512[(j+1)&0x0f];						    \
 	s0 = sigma0_512(s0);						    \
 	s1 = W512[(j+14)&0x0f];						    \
 	s1 = sigma1_512(s1);						    \
 	T1 = (h) + Sigma1_512((e)) + Ch((e), (f), (g)) + K512[j] +	    \
              (W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0);		    \
 	(d) += T1;							    \
 	(h) = T1 + Sigma0_512((a)) + Maj((a), (b), (c));		    \
 	j++;								    \
 } while(0)
 
 void
 SHA512Transform(uint64_t state[8], const uint8_t data[SHA512_BLOCK_LENGTH])
 {
 	uint64_t	a, b, c, d, e, f, g, h, s0, s1;
 	uint64_t	T1, W512[16];
 	int		j;
 
 	/* Initialize registers with the prev. intermediate value */
 	a = state[0];
 	b = state[1];
 	c = state[2];
 	d = state[3];
 	e = state[4];
 	f = state[5];
 	g = state[6];
 	h = state[7];
 
 	j = 0;
 	do {
 		/* Rounds 0 to 15 (unrolled): */
 		ROUND512_0_TO_15(a,b,c,d,e,f,g,h);
 		ROUND512_0_TO_15(h,a,b,c,d,e,f,g);
 		ROUND512_0_TO_15(g,h,a,b,c,d,e,f);
 		ROUND512_0_TO_15(f,g,h,a,b,c,d,e);
 		ROUND512_0_TO_15(e,f,g,h,a,b,c,d);
 		ROUND512_0_TO_15(d,e,f,g,h,a,b,c);
 		ROUND512_0_TO_15(c,d,e,f,g,h,a,b);
 		ROUND512_0_TO_15(b,c,d,e,f,g,h,a);
 	} while (j < 16);
 
 	/* Now for the remaining rounds up to 79: */
 	do {
 		ROUND512(a,b,c,d,e,f,g,h);
 		ROUND512(h,a,b,c,d,e,f,g);
 		ROUND512(g,h,a,b,c,d,e,f);
 		ROUND512(f,g,h,a,b,c,d,e);
 		ROUND512(e,f,g,h,a,b,c,d);
 		ROUND512(d,e,f,g,h,a,b,c);
 		ROUND512(c,d,e,f,g,h,a,b);
 		ROUND512(b,c,d,e,f,g,h,a);
 	} while (j < 80);
 
 	/* Compute the current intermediate hash value */
 	state[0] += a;
 	state[1] += b;
 	state[2] += c;
 	state[3] += d;
 	state[4] += e;
 	state[5] += f;
 	state[6] += g;
 	state[7] += h;
 
 	/* Clean up */
 	a = b = c = d = e = f = g = h = T1 = 0;
 }
 
 #else /* SHA2_UNROLL_TRANSFORM */
 
 void
 SHA512Transform(uint64_t state[8], const uint8_t data[SHA512_BLOCK_LENGTH])
 {
 	uint64_t	a, b, c, d, e, f, g, h, s0, s1;
 	uint64_t	T1, T2, W512[16];
 	int		j;
 
 	/* Initialize registers with the prev. intermediate value */
 	a = state[0];
 	b = state[1];
 	c = state[2];
 	d = state[3];
 	e = state[4];
 	f = state[5];
 	g = state[6];
 	h = state[7];
 
 	j = 0;
 	do {
 		BE_8_TO_64(W512[j], data);
 		data += 8;
 		/* Apply the SHA-512 compression function to update a..h */
 		T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] + W512[j];
 		T2 = Sigma0_512(a) + Maj(a, b, c);
 		h = g;
 		g = f;
 		f = e;
 		e = d + T1;
 		d = c;
 		c = b;
 		b = a;
 		a = T1 + T2;
 
 		j++;
 	} while (j < 16);
 
 	do {
 		/* Part of the message block expansion: */
 		s0 = W512[(j+1)&0x0f];
 		s0 = sigma0_512(s0);
 		s1 = W512[(j+14)&0x0f];
 		s1 =  sigma1_512(s1);
 
 		/* Apply the SHA-512 compression function to update a..h */
 		T1 = h + Sigma1_512(e) + Ch(e, f, g) + K512[j] +
 		     (W512[j&0x0f] += s1 + W512[(j+9)&0x0f] + s0);
 		T2 = Sigma0_512(a) + Maj(a, b, c);
 		h = g;
 		g = f;
 		f = e;
 		e = d + T1;
 		d = c;
 		c = b;
 		b = a;
 		a = T1 + T2;
 
 		j++;
 	} while (j < 80);
 
 	/* Compute the current intermediate hash value */
 	state[0] += a;
 	state[1] += b;
 	state[2] += c;
 	state[3] += d;
 	state[4] += e;
 	state[5] += f;
 	state[6] += g;
 	state[7] += h;
 
 	/* Clean up */
 	a = b = c = d = e = f = g = h = T1 = T2 = 0;
 }
 
 #endif /* SHA2_UNROLL_TRANSFORM */
 
 void
 SHA512Update(SHA2_CTX *context, const uint8_t *data, size_t len)
 {
 	size_t	freespace, usedspace;
 
 	/* Calling with no data is valid (we do nothing) */
 	if (len == 0)
 		return;
 
 	usedspace = (context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH;
 	if (usedspace > 0) {
 		/* Calculate how much free space is available in the buffer */
 		freespace = SHA512_BLOCK_LENGTH - usedspace;
 
 		if (len >= freespace) {
 			/* Fill the buffer completely and process it */
 			memcpy(&context->buffer[usedspace], data, freespace);
 			ADDINC128(context->bitcount, freespace << 3);
 			len -= freespace;
 			data += freespace;
 			SHA512Transform(context->state.st64, context->buffer);
 		} else {
 			/* The buffer is not yet full */
 			memcpy(&context->buffer[usedspace], data, len);
 			ADDINC128(context->bitcount, len << 3);
 			/* Clean up: */
 			usedspace = freespace = 0;
 			return;
 		}
 	}
 	while (len >= SHA512_BLOCK_LENGTH) {
 		/* Process as many complete blocks as we can */
 		SHA512Transform(context->state.st64, data);
 		ADDINC128(context->bitcount, SHA512_BLOCK_LENGTH << 3);
 		len -= SHA512_BLOCK_LENGTH;
 		data += SHA512_BLOCK_LENGTH;
 	}
 	if (len > 0) {
 		/* There's left-overs, so save 'em */
 		memcpy(context->buffer, data, len);
 		ADDINC128(context->bitcount, len << 3);
 	}
 	/* Clean up: */
 	usedspace = freespace = 0;
 }
 
 void
 SHA512Pad(SHA2_CTX *context)
 {
 	unsigned int	usedspace;
 
 	usedspace = (context->bitcount[0] >> 3) % SHA512_BLOCK_LENGTH;
 	if (usedspace > 0) {
 		/* Begin padding with a 1 bit: */
 		context->buffer[usedspace++] = 0x80;
 
 		if (usedspace <= SHA512_SHORT_BLOCK_LENGTH) {
 			/* Set-up for the last transform: */
 			memset(&context->buffer[usedspace], 0, SHA512_SHORT_BLOCK_LENGTH - usedspace);
 		} else {
 			if (usedspace < SHA512_BLOCK_LENGTH) {
 				memset(&context->buffer[usedspace], 0, SHA512_BLOCK_LENGTH - usedspace);
 			}
 			/* Do second-to-last transform: */
 			SHA512Transform(context->state.st64, context->buffer);
 
 			/* And set-up for the last transform: */
 			memset(context->buffer, 0, SHA512_BLOCK_LENGTH - 2);
 		}
 	} else {
 		/* Prepare for final transform: */
 		memset(context->buffer, 0, SHA512_SHORT_BLOCK_LENGTH);
 
 		/* Begin padding with a 1 bit: */
 		*context->buffer = 0x80;
 	}
 	/* Store the length of input data (in bits) in big endian format: */
 	BE_64_TO_8(&context->buffer[SHA512_SHORT_BLOCK_LENGTH],
 	    context->bitcount[1]);
 	BE_64_TO_8(&context->buffer[SHA512_SHORT_BLOCK_LENGTH + 8],
 	    context->bitcount[0]);
 
 	/* Final transform: */
 	SHA512Transform(context->state.st64, context->buffer);
 
 	/* Clean up: */
 	usedspace = 0;
 }
 
 void
 SHA512Final(uint8_t digest[SHA512_DIGEST_LENGTH], SHA2_CTX *context)
 {
 	SHA512Pad(context);
 
 #if BYTE_ORDER == LITTLE_ENDIAN
 	int	i;
 
 	/* Convert TO host byte order */
 	for (i = 0; i < 8; i++)
 		BE_64_TO_8(digest + i * 8, context->state.st64[i]);
 #else
 	memcpy(digest, context->state.st64, SHA512_DIGEST_LENGTH);
 #endif
 	explicit_bzero(context, sizeof(*context));
 }
 
 /*** SHA-384: *********************************************************/
 void
 SHA384Init(SHA2_CTX *context)
 {
 	memcpy(context->state.st64, sha384_initial_hash_value,
 	    sizeof(sha384_initial_hash_value));
 	memset(context->buffer, 0, sizeof(context->buffer));
 	context->bitcount[0] = context->bitcount[1] = 0;
 }
 
 MAKE_CLONE(SHA384Transform, SHA512Transform);
 MAKE_CLONE(SHA384Update, SHA512Update);
 MAKE_CLONE(SHA384Pad, SHA512Pad);
 
 /* Equivalent of MAKE_CLONE (which is a no-op) for SHA384 funcs */
 void
 SHA384Transform(uint64_t state[8], const uint8_t data[SHA512_BLOCK_LENGTH])
 {
 	SHA512Transform(state, data);
 }
 
 void
 SHA384Update(SHA2_CTX *context, const uint8_t *data, size_t len)
 {
 	SHA512Update(context, data, len);
 }
 
 void
 SHA384Pad(SHA2_CTX *context)
 {
 	SHA512Pad(context);
 }
 
 void
 SHA384Final(uint8_t digest[SHA384_DIGEST_LENGTH], SHA2_CTX *context)
 {
 	SHA384Pad(context);
 
 #if BYTE_ORDER == LITTLE_ENDIAN
 	int	i;
 
 	/* Convert TO host byte order */
 	for (i = 0; i < 6; i++)
 		BE_64_TO_8(digest + i * 8, context->state.st64[i]);
 #else
 	memcpy(digest, context->state.st64, SHA384_DIGEST_LENGTH);
 #endif
 	/* Zero out state data */
 	explicit_bzero(context, sizeof(*context));
 }
 
 char *
 SHA256End(SHA2_CTX *ctx, char *buf)
 {
 	int i;
 	uint8_t digest[SHA256_DIGEST_LENGTH];
 	static const char hex[] = "0123456789abcdef";
 
 	if (buf == NULL && (buf = malloc(SHA256_DIGEST_STRING_LENGTH)) == NULL)
 		return (NULL);
 
 	SHA256Final(digest, ctx);
 	for (i = 0; i < SHA256_DIGEST_LENGTH; i++) {
 		buf[i + i] = hex[digest[i] >> 4];
 		buf[i + i + 1] = hex[digest[i] & 0x0f];
 	}
 	buf[i + i] = '\0';
 	explicit_bzero(digest, sizeof(digest));
 	return (buf);
 }
 
 char *
 SHA384End(SHA2_CTX *ctx, char *buf)
 {
 	int i;
 	uint8_t digest[SHA384_DIGEST_LENGTH];
 	static const char hex[] = "0123456789abcdef";
 
 	if (buf == NULL && (buf = malloc(SHA384_DIGEST_STRING_LENGTH)) == NULL)
 		return (NULL);
 
 	SHA384Final(digest, ctx);
 	for (i = 0; i < SHA384_DIGEST_LENGTH; i++) {
 		buf[i + i] = hex[digest[i] >> 4];
 		buf[i + i + 1] = hex[digest[i] & 0x0f];
 	}
 	buf[i + i] = '\0';
 	explicit_bzero(digest, sizeof(digest));
 	return (buf);
 }
 
 char *
 SHA512End(SHA2_CTX *ctx, char *buf)
 {
 	int i;
 	uint8_t digest[SHA512_DIGEST_LENGTH];
 	static const char hex[] = "0123456789abcdef";
 
 	if (buf == NULL && (buf = malloc(SHA512_DIGEST_STRING_LENGTH)) == NULL)
 		return (NULL);
 
 	SHA512Final(digest, ctx);
 	for (i = 0; i < SHA512_DIGEST_LENGTH; i++) {
 		buf[i + i] = hex[digest[i] >> 4];
 		buf[i + i + 1] = hex[digest[i] & 0x0f];
 	}
 	buf[i + i] = '\0';
 	explicit_bzero(digest, sizeof(digest));
 	return (buf);
 }
 
 char *
 SHA256FileChunk(const char *filename, char *buf, off_t off, off_t len)
 {
 	struct stat sb;
 	u_char buffer[BUFSIZ];
 	SHA2_CTX ctx;
 	int fd, save_errno;
 	ssize_t nr;
 
 	SHA256Init(&ctx);
 
 	if ((fd = open(filename, O_RDONLY)) == -1)
 		return (NULL);
 	if (len == 0) {
 		if (fstat(fd, &sb) == -1) {
 			save_errno = errno;
 			close(fd);
 			errno = save_errno;
 			return (NULL);
 		}
 		len = sb.st_size;
 	}
 	if (off > 0 && lseek(fd, off, SEEK_SET) == -1) {
 		save_errno = errno;
 		close(fd);
 		errno = save_errno;
 		return (NULL);
 	}
 
 	while ((nr = read(fd, buffer, MINIMUM(sizeof(buffer), (size_t)len))) > 0) {
 		SHA256Update(&ctx, buffer, nr);
 		if (len > 0 && (len -= nr) == 0)
 			break;
 	}
 
 	save_errno = errno;
 	close(fd);
 	errno = save_errno;
 	return (nr == -1 ? NULL : SHA256End(&ctx, buf));
 }
 
 char *
 SHA256File(const char *filename, char *buf)
 {
 	return (SHA256FileChunk(filename, buf, 0, 0));
 }
 
 char *
 SHA384FileChunk(const char *filename, char *buf, off_t off, off_t len)
 {
 	struct stat sb;
 	u_char buffer[BUFSIZ];
 	SHA2_CTX ctx;
 	int fd, save_errno;
 	ssize_t nr;
 
 	SHA384Init(&ctx);
 
 	if ((fd = open(filename, O_RDONLY)) == -1)
 		return (NULL);
 	if (len == 0) {
 		if (fstat(fd, &sb) == -1) {
 			save_errno = errno;
 			close(fd);
 			errno = save_errno;
 			return (NULL);
 		}
 		len = sb.st_size;
 	}
 	if (off > 0 && lseek(fd, off, SEEK_SET) == -1) {
 		save_errno = errno;
 		close(fd);
 		errno = save_errno;
 		return (NULL);
 	}
 
 	while ((nr = read(fd, buffer, MINIMUM(sizeof(buffer), (size_t)len))) > 0) {
 		SHA384Update(&ctx, buffer, nr);
 		if (len > 0 && (len -= nr) == 0)
 			break;
 	}
 
 	save_errno = errno;
 	close(fd);
 	errno = save_errno;
 	return (nr == -1 ? NULL : SHA384End(&ctx, buf));
 }
 
 char *
 SHA384File(const char *filename, char *buf)
 {
 	return (SHA384FileChunk(filename, buf, 0, 0));
 }
 
 char *
 SHA512FileChunk(const char *filename, char *buf, off_t off, off_t len)
 {
 	struct stat sb;
 	u_char buffer[BUFSIZ];
 	SHA2_CTX ctx;
 	int fd, save_errno;
 	ssize_t nr;
 
 	SHA512Init(&ctx);
 
 	if ((fd = open(filename, O_RDONLY)) == -1)
 		return (NULL);
 	if (len == 0) {
 		if (fstat(fd, &sb) == -1) {
 			save_errno = errno;
 			close(fd);
 			errno = save_errno;
 			return (NULL);
 		}
 		len = sb.st_size;
 	}
 	if (off > 0 && lseek(fd, off, SEEK_SET) == -1) {
 		save_errno = errno;
 		close(fd);
 		errno = save_errno;
 		return (NULL);
 	}
 
 	while ((nr = read(fd, buffer, MINIMUM(sizeof(buffer), (size_t)len))) > 0) {
 		SHA512Update(&ctx, buffer, nr);
 		if (len > 0 && (len -= nr) == 0)
 			break;
 	}
 
 	save_errno = errno;
 	close(fd);
 	errno = save_errno;
 	return (nr == -1 ? NULL : SHA512End(&ctx, buf));
 }
 
 char *
 SHA512File(const char *filename, char *buf)
 {
 	return (SHA512FileChunk(filename, buf, 0, 0));
 }
 
 char *
 SHA256Data(const u_char *data, size_t len, char *buf)
 {
 	SHA2_CTX ctx;
 
 	SHA256Init(&ctx);
 	SHA256Update(&ctx, data, len);
 	return (SHA256End(&ctx, buf));
 }
 
 char *
 SHA384Data(const u_char *data, size_t len, char *buf)
 {
 	SHA2_CTX ctx;
 
 	SHA384Init(&ctx);
 	SHA384Update(&ctx, data, len);
 	return (SHA384End(&ctx, buf));
 }
 
 char *
 SHA512Data(const u_char *data, size_t len, char *buf)
 {
 	SHA2_CTX ctx;
 
 	SHA512Init(&ctx);
 	SHA512Update(&ctx, data, len);
 	return (SHA512End(&ctx, buf));
 }
 #endif /* !HAVE_SHA2_H */
 #if !HAVE_STRLCAT
 /*
  * Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
  *
  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
 #include <sys/types.h>
 #include <string.h>
 
 /*
  * Appends src to string dst of size siz (unlike strncat, siz is the
  * full size of dst, not space left).  At most siz-1 characters
  * will be copied.  Always NUL terminates (unless siz <= strlen(dst)).
  * Returns strlen(src) + MIN(siz, strlen(initial dst)).
  * If retval >= siz, truncation occurred.
  */
 size_t
 strlcat(char *dst, const char *src, size_t siz)
 {
 	char *d = dst;
 	const char *s = src;
 	size_t n = siz;
 	size_t dlen;
 
 	/* Find the end of dst and adjust bytes left but don't go past end */
 	while (n-- != 0 && *d != '\0')
 		d++;
 	dlen = d - dst;
 	n = siz - dlen;
 
 	if (n == 0)
 		return(dlen + strlen(s));
 	while (*s != '\0') {
 		if (n != 1) {
 			*d++ = *s;
 			n--;
 		}
 		s++;
 	}
 	*d = '\0';
 
 	return(dlen + (s - src));	/* count does not include NUL */
 }
 #endif /* !HAVE_STRLCAT */
 #if !HAVE_STRLCPY
 /*
  * Copyright (c) 1998 Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
  *
  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
 #include <sys/types.h>
 #include <string.h>
 
 /*
  * Copy src to string dst of size siz.  At most siz-1 characters
  * will be copied.  Always NUL terminates (unless siz == 0).
  * Returns strlen(src); if retval >= siz, truncation occurred.
  */
 size_t
 strlcpy(char *dst, const char *src, size_t siz)
 {
 	char *d = dst;
 	const char *s = src;
 	size_t n = siz;
 
 	/* Copy as many bytes as will fit */
 	if (n != 0) {
 		while (--n != 0) {
 			if ((*d++ = *s++) == '\0')
 				break;
 		}
 	}
 
 	/* Not enough room in dst, add NUL and traverse rest of src */
 	if (n == 0) {
 		if (siz != 0)
 			*d = '\0';		/* NUL-terminate dst */
 		while (*s++)
 			;
 	}
 
 	return(s - src - 1);	/* count does not include NUL */
 }
 #endif /* !HAVE_STRLCPY */
 #if !HAVE_STRNDUP
 /*	$OpenBSD$	*/
 /*
  * Copyright (c) 2010 Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
  *
  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
 #include <sys/types.h>
 
 #include <stddef.h>
 #include <stdlib.h>
 #include <string.h>
 
 char *
 strndup(const char *str, size_t maxlen)
 {
 	char *copy;
 	size_t len;
 
 	len = strnlen(str, maxlen);
 	copy = malloc(len + 1);
 	if (copy != NULL) {
 		(void)memcpy(copy, str, len);
 		copy[len] = '\0';
 	}
 
 	return copy;
 }
 #endif /* !HAVE_STRNDUP */
 #if !HAVE_STRNLEN
 /*	$OpenBSD$	*/
 
 /*
  * Copyright (c) 2010 Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
  *
  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
 #include <sys/types.h>
 #include <string.h>
 
 size_t
 strnlen(const char *str, size_t maxlen)
 {
 	const char *cp;
 
 	for (cp = str; maxlen != 0 && *cp != '\0'; cp++, maxlen--)
 		;
 
 	return (size_t)(cp - str);
 }
 #endif /* !HAVE_STRNLEN */
 #if !HAVE_STRTONUM
 /*
  * Copyright (c) 2004 Ted Unangst and Todd Miller
  * All rights reserved.
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
  * copyright notice and this permission notice appear in all copies.
  *
  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
 #include <errno.h>
 #include <limits.h>
 #include <stdlib.h>
 
 #define	INVALID		1
 #define	TOOSMALL	2
 #define	TOOLARGE	3
 
 long long
 strtonum(const char *numstr, long long minval, long long maxval,
     const char **errstrp)
 {
 	long long ll = 0;
 	int error = 0;
 	char *ep;
 	struct errval {
 		const char *errstr;
 		int err;
 	} ev[4] = {
 		{ NULL,		0 },
 		{ "invalid",	EINVAL },
 		{ "too small",	ERANGE },
 		{ "too large",	ERANGE },
 	};
 
 	ev[0].err = errno;
 	errno = 0;
 	if (minval > maxval) {
 		error = INVALID;
 	} else {
 		ll = strtoll(numstr, &ep, 10);
 		if (numstr == ep || *ep != '\0')
 			error = INVALID;
 		else if ((ll == LLONG_MIN && errno == ERANGE) || ll < minval)
 			error = TOOSMALL;
 		else if ((ll == LLONG_MAX && errno == ERANGE) || ll > maxval)
 			error = TOOLARGE;
 	}
 	if (errstrp != NULL)
 		*errstrp = ev[error].errstr;
 	errno = ev[error].err;
 	if (error)
 		ll = 0;
 
 	return (ll);
 }
 #endif /* !HAVE_STRTONUM */