fix

o Especially important is the OpenSSL fix.

.gitignore

@@ -1,4 +1,62 @@
 *.o
+*.la
 *.lo
 *~
 .libs
+.deps
+.dirstamp
+aclocal.m4
+autom4te.cache
+certificate.pem
+compile
+config.cache
+config.guess
+config.h
+config.h.in
+config.log
+config.status
+config.sub
+configure
+debian/autoreconf.after
+debian/autoreconf.before
+debian/files
+debian/*.debhelper.log
+debian/*.debhelper
+debian/*.substvars
+debian/shellinabox/
+debian/tmp/
+demo/beep.wav
+demo/demo.js
+demo/enabled.gif
+demo/favicon.ico
+demo/keyboard.png
+demo/print-styles.css
+demo/styles.css
+demo/usercss-*.css
+demo/vt100.js
+depcomp
+INSTALL
+install-sh
+libtool
+ltmain.sh
+Makefile
+Makefile.in
+missing
+m4/
+shellinabox/beep.h
+shellinabox/cgi_root.h
+shellinabox/enabled.h
+shellinabox/favicon.h
+shellinabox/keyboard.h
+shellinabox/keyboard-layout.h
+shellinabox/print-styles.h
+shellinabox/root_page.h
+shellinabox/shell_in_a_box.h
+shellinabox/shell_in_a_box.js
+shellinabox/styles.h
+shellinabox/vt100.h
+shellinabox/vt100.js
+shellinaboxd
+shellinaboxd.1
+shellinaboxd.ps
+stamp-h1

CHANGELOG.md

@@ -0,0 +1,544 @@
+# Change Log
+All notable changes to this project will be documented in this file.
+
+## 2015-03
+Contributors: [Luka Krajger](https://github.com/KLuka), [Philip Hughes](https://github.com/Grimthorr), [Daniel Gröber](https://github.com/DanielG), [Ezra Buehler](https://github.com/easybe), [Anders Kaseorg](https://github.com/andersk), [Jonathan Rennison](https://github.com/JGRennison), [Guillaume Martres](https://github.com/smarter)
+
+	- Swap to gzip compression (fixes #262 and #266).
+
+	- Set the encoding of .html files to UTF-8.
+
+	- Fix <input> element type.
+
+	- Issue #173: Keyboard icon on dark background.
+
+	- Another (final) fix for Firefox keycodes problems.
+
+	- Removed at sign (@) from beginning of some JS comments.
+
+	- Issues #51, #202 ... : Keycodes fixes for FireFox.
+
+	- Issue #195: A couple of bugs in vt100.jspp.
+
+	- Issue #103, #203: Child process termination (partial fix).
+
+	- Merge pull request #285 from KLuka/master.
+
+	- Issue #275: gracefully manage HTTP time-outs and connection problems.
+
+	- Set SSL options for increased security and disable compromised SSL
+	version 2.0 and 3.0.
+
+	- Issue #262: Page cannot be displayed.
+
+	- Issue #180: Ever growing console occurs in iPad.
+
+	- Issue #202: "-_" keys don't not work in FF > 15.
+
+	- No longer set HTTP Content-Length.
+
+	- Issue #245: Blank screen in Chrome 31.0.1650.57.
+
+	- Issue #114: popup warning on tab/window close.
+
+	- Issues 39, 43, 166 and 172 commits applied to .jspp files.
+
+	- Removed auto-generated .js files.
+
+## 2012-04  Marc Singer  <elf@woollysoft.com>
+
+	- Fixing errors reported by piuparts.
+
+	- Debian build now defaults to direct link with shared libraries.
+
+	- Removing PATH_MAX reference.
+
+	- Fixing Valgrind discovered issues.
+
+	- Issue 172: autocorrect/autocapitalize can cause problems on
+	mobile devices.
+
+	- Issue 167: Accept connections in subfolders.
+
+	- Issue 39: Clipboard not integrated with client operating system
+
+	- Cleanup of debian control file before 2.11.
+
+	- Issue 166: Color goes away.
+
+	- Issue 167: Accept connections in subfolders.
+
+## 2012-03  Marc Singer  <elf@woollysoft.com>
+
+	- Issue 134: How to add arguments.
+
+	- Issue 116: A shellinthebox runner / configuration file.
+
+	- Issue 93: openssl required install-time.
+
+	- Issue 50: SSH service not working on Centos/RHEL.
+
+	- Issue 49: Debian packageing uses cross-directory hardlinks.
+
+	- Issue 47: Does not build on Mac OSX.
+
+	- Issue 43: 2.10 version introduces a keyboard layout problem.
+
+	- Issue 39: clipboard not integrated with client operating system.
+
+## 2012-02-02  Jay Weisskopf  <jay@jayschwa.net>
+
+	- Use 2048-bit RSA keys for auto-generated certificates.
+
+	- Assume a private key is RSA if the header does not specify a type.
+
+## 2012-01-12  Anders Kaseorg  <andersk@mit.edu>
+
+	- sslGenerateCertificate: Don't use the shell.
+
+	- sslSNICallback: Properly disallow invalid characters.
+
+	- Fix miscellaneous strncat buffer overflows.
+
+## 2012-01-04  Jay Weisskopf  <jay@jayschwa.net>
+
+	- Fixed an error in the init script's status function.
+
+	- Check for null pointers from gethostbyname_r() to prevent seg faults.
+
+## 2012-01-01  Jay Weisskopf  <jay@jayschwa.net>
+
+	- Removed "Lucida Console" font because bold is wider than normal.
+
+	- Bold and underline SGR attributes now utilize CSS.
+
+	- Removed color pair restrictions.
+
+	- Removed config.h. It is auto-generated by the configure script.
+
+	- Changed the cursor color to match the default text color.
+
+	- Write the OSC title to the window's title instead of the status bar. …
+
+## 2010-10  Markus Gutschke  <markus@shellinabox.com>
+	
+	- Fixed inefficient I/O behavior and ability to interrupt long running
+	output with CTRL-C.
+
+	- Fixed confusing error message when we fail to dynamically load
+	PAM support.
+
+	- Fall back to calling select() instead of poll() for MacOS X.
+
+## 2010-09  Markus Gutschke  <markus@shellinabox.com>
+
+	- Implement a few work-arounds to avoid some problems with
+	pututxline() on MacOS X.
+ 
+	- Relax a check() that would trigger when using old-style
+	(pre-Unix 98) pseudo terminals.
+
+	- Another iteration of changes intended to deal with MacOS X
+	specific build.
+
+	- In an attempt to reduce build dependencies, remove the requirement
+	for objcopy. Instead, we are now using "od" to generate C source code.
+
+	- Added support for building with toolchains that don't support
+	symbol aliasing.
+
+	- Adjusted MIME types.
+
+	- Store keyboard layout in separate HTML file.
+
+## 2010-09-11  Markus Gutschke  <markus@shellinabox.com>
+
+	- Added --pidfile= option that can be used even if running in the
+	foreground.
+
+## 2010-09-04  Markus Gutschke  <markus@shellinabox.com>
+
+	- Added an optional on-screen keyboard. Must be activated by the
+	user by selecting the option in the context-menu.
+
+## 2010-09-03  Markus Gutschke  <markus@shellinabox.com>
+
+	- Fix some scaling related issues. This fix is thanks to some
+	excellent detective work by Jan <siev...@zedat.fu-berlin.de>.
+
+	- Allow changing of font sizes in the user CSS.
+
+## 2010-08-19  Markus Gutschke  <markus@shellinabox.com>
+
+	- Thanks to lotr44's excellent analysis of the problem, we now have
+	a fix for the problem with typing "!" on French keyboards.
+
+## 2010-08-06  Markus Gutschke  <markus@shellinabox.com>
+
+	- Allow users to disable the blinking cursor from the context menu.
+
+## 2010-07-08  Markus Gutschke  <markus@shellinabox.com>
+
+	- Added support for systems that have utmpx.h, but don't implement
+	updwtmpx().
+
+## 2010-07-02  Markus Gutschke  <markus@shellinabox.com>
+
+	- Fixed a NULL pointer dereference that can occur when hostnames
+	do not resolve. Thanks to <vmagerya> for pointing out this problem.
+
+## 2010-03-31  Markus Gutschke  <markus@shellinabox.com>
+
+	- Tweaked the build system to work better on OpenWRT. This is largely
+	thanks to very helpful bug reports, and lots of testing by Jan Jaeger.
+
+## 2010-03-29  Markus Gutschke  <markus@shellinabox.com>
+
+	- Started working on support for WebSockets.
+
+	- Fixed some compiler warnings when compiling with -Wextra
+
+	- Thanks to Jan Jaeger's excellent bug report, made some changes
+	that should make it easier to build ShellInABox for OpenWRT.
+
+## 2009-12-10  Markus Gutschke  <markus@shellinabox.com>
+
+	- Add .note.GNU-stack to all object files so that the generated
+	binary doesn't erroneously request an executable stack.
+
+## 2009-12-03  Markus Gutschke  <markus@shellinabox.com>
+
+	- Allow retrieval of the user's default login shell from
+	/etc/passwd.
+
+	- Allow the code to be built without support for the LOGIN
+	service, as calling /bin/login does not work well on Fedora.
+
+## 2009-12-02  Markus Gutschke  <markus@shellinabox.com>
+
+	- Added fallback code that dynamically computes the correct commandline
+	arguments for "objcopy" if building for an otherwise unknown target
+	platform.
+
+## 2009-12-01  Markus Gutschke  <markus@shellinabox.com>
+
+	- Added some basic sanity checks to the commit script that now makes
+	sure we at least attempt to keep copyright dates updated whenever we
+	make changes.
+
+	- Added checks that the debian/changelog file is up-to-date
+
+	- Added debian/watch file
+
+	- Updated the Standards-Version in debian/control. Still need to
+	review whether we are in full compliance, though.
+
+	- Fixed lintian errors.
+
+## 2009-11-29  Markus Gutschke  <markus@shellinabox.com>
+
+	- Preparations for packaging ShellInABox in a way that makes it
+	easy for Debian package maintainers to pick it up.
+
+## 2009-11-25  Markus Gutschke  <markus@shellinabox.com>
+
+	- On browsers that support CSS transforms, enable switching between
+	  80 and 132 column mode.
+
+## 2009-11-21  Markus Gutschke  <markus@shellinabox.com>
+
+	- Updated manual page documenting --user-css
+
+	- Released version 2.10
+
+## 2009-11-18  Markus Gutschke  <markus@shellinabox.com>
+
+	- Fixed some compiler warnings when using more recent versions of
+	gcc and glibc.
+
+	- Tweak the handling of CTRL keys, so that some of the more unusual
+	combinations work. For historic reasons, there is an expectation that
+	CTRL-3..CTRL-8 return specific control characters. Also fixed the
+	handling of CTRL-\ which could cause problems with some browsers.
+
+	- Rely on the browser for capitalization. This should fix Capslock
+	behavior. Hopefully, it won't break any other keyboard features or
+	layouts.
+
+## 2009-08-20  Markus Gutschke  <markus@shellinabox.com>
+
+	- Added transparent printing support. The development of this
+	feature is sponsored by De Bortoli Wines Pty Limited and by
+	Eternity Technologies.
+
+## 2009-08-19  Markus Gutschke  <markus@shellinabox.com>
+
+	- Added a ${url} parameter that can be used in the service description.
+
+## 2009-08-11  Markus Gutschke  <markus@shellinabox.com>
+
+	- Added support for user selectable style sheets. Included example
+	style sheets that allow switching to white-on-black or to monochrome
+	mode from the right click context menu.
+
+	- Fixed the "|" key on Swedish keyboards.
+
+## 2009-07-30  Markus Gutschke  <markus@shellinabox.com>
+
+	- Added the --css command line option to make incremental changes
+	to the style sheet without having to load a full replacement with
+	the --static-file option. Added an example that enables white text
+	on a black background.
+
+	- Added Debian specific documentation to the manual page.
+
+## 2009-07-29  Markus Gutschke  <markus@shellinabox.com>
+
+	- Allow unprivileged users to run the daemon. This requires
+	calling "ssh" instead of "login".
+
+## 2009-07-27  Markus Gutschke  <markus@shellinabox.com>
+
+	- Use JavaScript redirection for attaching the missing slash to
+	the URL. This should make it easier to use reverse proxies. It was
+	already possible to run shellinaboxd behind a proxy, but a lot of
+	users got the configuration wrong.
+
+## 2009-07-08  Markus Gutschke  <markus@shellinabox.com>
+
+	- Optionally compress large responses, if the browser accepts
+	deflate compression. This mainly improves start up time.
+
+	- More fine tuning of the regular expressions that detect URLs.
+	We now allow '.' and ',' in URLs, as long as they are not at the
+	very end of the URL, where they would probably be part of the
+	enclosing sentence and not actually part of the URL.
+
+## 2009-07-06  Markus Gutschke  <markus@shellinabox.com>
+
+	- Making it easier to host the terminal on non-root URLs by always
+	redirecting to a URL that includes a trailing slash.
+
+	- Run-time testing for availability of libpthread functions does not
+	work reliably on some platforms. So, avoid doing so on anything
+	other than Linux/i386. For all other platforms, assume that the code
+	is not linked against libpthread. For ShellInABox, this is always
+	the correct assumption. But if the code gets embedded into other
+	projects, this might have to be changed.
+
+## 2009-07-05  Markus Gutschke  <markus@shellinabox.com>
+
+	- Released version 2.9
+
+## 2009-07-04  Markus Gutschke  <markus@shellinabox.com>
+
+	- Refined regular expressions for finding URLs.
+
+	- Show new terminal size when resizing the browser.
+
+	- Restored compatibility with IE5 and IE6.
+
+## 2009-07-03  Markus Gutschke  <markus@shellinabox.com>
+
+	- Added --linkify option. Default settings cause the terminal to
+	recognize fully qualified URLs and to make them clickable.
+
+## 2009-06-28  Markus Gutschke  <markus@shellinabox.com>
+
+	- Added support for keyboards that have a dedicated "<" / ">" key.
+
+## 2009-06-21  Markus Gutschke  <markus@shellinabox.com>
+
+	- Added --localhost option.
+
+	- Added support for building on ARM.
+
+	- Respect "Connection: close" for proxies that rely on pre-HTTP/1.1
+	behavior.
+
+## 2009-05-24  Markus Gutschke  <markus@shellinabox.com>
+
+	- Added SSL support for OpenBSD
+
+## 2009-05-23  Markus Gutschke  <markus@shellinabox.com>
+
+	- Released version 2.8
+
+## 2009-05-22  Markus Gutschke  <markus@shellinabox.com>
+
+	- Improved support for entering non-ASCII characters.
+
+## 2009-05-20  Markus Gutschke  <markus@shellinabox.com>
+
+	- Fixed various issues with building on OpenBSD
+
+## 2009-04-28  Markus Gutschke  <markus@shellinabox.com>
+
+	- Fixed variable expansion in service descriptions.
+	
+## 2009-04-27  Markus Gutschke  <markus@shellinabox.com>
+
+	- Released version 2.7
+
+	- Improved compatibility with some PAM configurations when running
+	as a non-privileged user.
+
+	- Fixed a bug that required shells to output data (e.g. a prompt)
+	before they could read the first data.
+
+	- Fixed a potential crash.
+
+## 2009-04-12  Markus Gutschke  <markus@shellinabox.com>
+
+	- Released version 2.6
+
+	- The demo application is still incomplete, but starting to be
+	somewhat functional. The BASIC interpreter supports variables, and
+	can parse expressions. But it is still missing all flow-control
+	commands, making it somewhat useless for writing real programs.
+
+## 2009-03-30  Markus Gutschke  <markus@shellinabox.com>
+
+	- Added initial revision of demo application.
+
+	- Show fatal error message even when running in "quiet" mode.
+
+	- Make it easier to override parameters needed by the system startup
+	scripts.
+
+## 2009-03-29  Markus Gutschke  <markus@shellinabox.com>
+
+	- Added support for chained SSL certificates
+
+## 2009-03-23  Markus Gutschke  <markus@shellinabox.com>
+
+	- Added an INSTALL.Debian file with Debian-specific instructions on
+	how to build and install a package file.
+
+## 2009-03-21  Markus Gutschke  <markus@shellinabox.com>
+
+	- Possible fix for IE problems with horizontal positioning of
+	cursor if the line ends in spaces.
+
+	- Work-around for an IE6 bug when doing HTTPS through proxies.
+	
+## 2009-03-21  Markus Gutschke  <markus@shellinabox.com>
+
+	- Released version 2.5
+
+	- More testing on older IE versions.
+
+## 2009-03-19  Markus Gutschke  <markus@shellinabox.com>
+
+	- Fixed cursor positioning. Hopefully, more browsers will be happy
+	with this, now.
+
+	- Explicitly added no-cache headers to our responses. This might help
+	with the IE6 problems.
+
+## 2009-03-17  Markus Gutschke  <markus@shellinabox.com>
+
+	- Allow root to bind to privileged port.
+
+## 2009-03-17  Markus Gutschke  <markus@shellinabox.com>
+
+	- Fixed IE6 support.
+
+	- Fixed possible memory corruption, when sessions time out.
+
+## 2009-03-16  Markus Gutschke  <markus@shellinabox.com>
+
+	- Fixed some compiler warnings, that newer versions of GCC issue.
+
+## 2009-02-27  Markus Gutschke  <markus@shellinabox.com>
+
+	- Added fallback on old-style pty's, if /dev/pts is not mounted.
+
+	- Work-around for systems that don't define a "nogroup" group.
+
+	- Remove the dependency on fdopendir, which does not exist
+	everywhere.
+
+## 2009-02-16  Markus Gutschke  <markus@shellinabox.com>
+
+	- Include VCS revision number in user-visible version string.
+
+	- Allow "configure" to select whether OpenSSL and PAM libraries
+	should be used at all, dynamically searched-for at run-time, or
+	linked as a regular dynamic library.
+
+	- Fixed various bugs that prevents ShellInABox from running on
+	FreeBSD
+
+## 2009-02-12  Markus Gutschke  <markus@shellinabox.com>
+
+	- Released version 2.4
+
+## 2009-02-11  Markus Gutschke  <markus@shellinabox.com>
+
+	- Fixed fatal compiler warning if compiling without SSL support.
+
+	- Fixed cursor hiding and showing
+
+	- Fixed various rendering glitches reported by Phil Endecott of
+	Anyterm (http://anyterm.org) fame.
+
+	- Made code more portable. In particular, fixed sed scripts.
+
+	- Added explicit config.h file, instead of passing configuration
+	options on the compiler's command line.
+
+	- Fixed compilation issues on BSD systems. Code is still untested
+	and unsupported on non-Linux systems at this time.
+
+## 2009-01-21  Markus Gutschke  <markus@shellinabox.com>
+
+	- Released version 2.3
+
+	- Fixed a show-stopper bug that broke the --cert option.
+
+## 2009-01-21  Markus Gutschke  <markus@shellinabox.com>
+
+	- Released version 2.2
+
+	- Fixed a bug that could result in the font getting corrupted.
+
+	- Improved compatibility with more versions of the OpenSSL library.
+	Previously, the feature test for TLSEXT did not always work correctly,
+	resulting in compilation failures.
+
+	- Improved support for embedding shellinaboxd into existing web
+	services. SSL certificates can now be passed in through a file
+	handle, and port and pid numbers can be retrieved from the CGI header.
+
+## 2009-01-08  Markus Gutschke  <markus@shellinabox.com>
+
+	- Released version 2.1
+
+	- Fixed build errors mostly related to x86_64.
+
+	- Added --no-beep command line option to avoid VLC plugin crashing
+	Firefox/x86_64.
+
+	- Fixed multi-line selections in Firefox.
+
+## 2009-01-01  Markus Gutschke  <markus@shellinabox.com>
+
+	- Added CGI mode for demand-loading the shellinaboxd daemon
+	from a web server. This also allows for the web server to
+	perform authentication, instead of having shellinaboxd do so.
+	
+	- Tightened setuid-root operation to no longer allow switching
+	to arbitrary users/groups. As before, setuid-root remains a
+	non-standard configuration that is not currently recommended.
+	
+	- Fixed session management to deal better with torn down
+	connections. Closed one bug that could have resulted in
+	permanently orphaned connections, when the browser navigated
+	away from the page.
+
+## 2008-12-27  Markus Gutschke  <markus@shellinabox.com>
+
+	- First public release of the version 2.0 rewrite. This is the
+	first release of ShellInABox that supports an AJAX interface
+	instead of the original Java applet.

ChangeLog

@@ -1,392 +0,0 @@
-2010-09-11  Markus Gutschke  <markus@shellinabox.com>
-
-	* Added --pidfile= option that can be used even if running in the
-	foreground.
-
-2010-09-04  Markus Gutschke  <markus@shellinabox.com>
-
-	* Added an optional on-screen keyboard. Must be activated by the
-	user by selecting the option in the context-menu.
-
-2010-09-03  Markus Gutschke  <markus@shellinabox.com>
-
-	* Fix some scaling related issues. This fix is thanks to some
-	excellent detective work by Jan <siev...@zedat.fu-berlin.de>.
-
-	* Allow changing of font sizes in the user CSS.
-
-2010-08-19  Markus Gutschke  <markus@shellinabox.com>
-
-	* Thanks to lotr44's excellent analysis of the problem, we now have
-	a fix for the problem with typing "!" on French keyboards.
-
-2010-08-06  Markus Gutschke  <markus@shellinabox.com>
-
-	* Allow users to disable the blinking cursor from the context menu.
-
-2010-07-08  Markus Gutschke  <markus@shellinabox.com>
-
-	* Added support for systems that have utmpx.h, but don't implement
-	updwtmpx().
-
-2010-07-02  Markus Gutschke  <markus@shellinabox.com>
-
-	* Fixed a NULL pointer dereference that can occur when hostnames
-	do not resolve. Thanks to <vmagerya> for pointing out this problem.
-
-2010-03-31  Markus Gutschke  <markus@shellinabox.com>
-
-	* Tweaked the build system to work better on OpenWRT. This is largely
-	thanks to very helpful bug reports, and lots of testing by Jan Jaeger.
-
-2010-03-29  Markus Gutschke  <markus@shellinabox.com>
-
-	* Started working on support for WebSockets.
-
-	* Fixed some compiler warnings when compiling with -Wextra
-
-	* Thanks to Jan Jaeger's excellent bug report, made some changes
-	that should make it easier to build ShellInABox for OpenWRT.
-
-2009-12-10  Markus Gutschke  <markus@shellinabox.com>
-
-	* Add .note.GNU-stack to all object files so that the generated
-	binary doesn't erroneously request an executable stack.
-
-2009-12-03  Markus Gutschke  <markus@shellinabox.com>
-
-	* Allow retrieval of the user's default login shell from
-	/etc/passwd.
-
-	* Allow the code to be built without support for the LOGIN
-	service, as calling /bin/login does not work well on Fedora.
-
-2009-12-02  Markus Gutschke  <markus@shellinabox.com>
-
-	* Added fallback code that dynamically computes the correct commandline
-	arguments for "objcopy" if building for an otherwise unknown target
-	platform.
-
-2009-12-01  Markus Gutschke  <markus@shellinabox.com>
-
-	* Added some basic sanity checks to the commit script that now makes
-	sure we at least attempt to keep copyright dates updated whenever we
-	make changes.
-
-	* Added checks that the debian/changelog file is up-to-date
-
-	* Added debian/watch file
-
-	* Updated the Standards-Version in debian/control. Still need to
-	review whether we are in full compliance, though.
-
-	* Fixed lintian errors.
-
-2009-11-29  Markus Gutschke  <markus@shellinabox.com>
-
-	* Preparations for packaging ShellInABox in a way that makes it
-	easy for Debian package maintainers to pick it up.
-
-2009-11-25  Markus Gutschke  <markus@shellinabox.com>
-
-	* On browsers that support CSS transforms, enable switching between
-	  80 and 132 column mode.
-
-2009-11-21  Markus Gutschke  <markus@shellinabox.com>
-
-	* Updated manual page documenting --user-css
-
-	* Released version 2.10
-
-2009-11-18  Markus Gutschke  <markus@shellinabox.com>
-
-	* Fixed some compiler warnings when using more recent versions of
-	gcc and glibc.
-
-	* Tweak the handling of CTRL keys, so that some of the more unusual
-	combinations work. For historic reasons, there is an expectation that
-	CTRL-3..CTRL-8 return specific control characters. Also fixed the
-	handling of CTRL-\ which could cause problems with some browsers.
-
-	* Rely on the browser for capitalization. This should fix Capslock
-	behavior. Hopefully, it won't break any other keyboard features or
-	layouts.
-
-2009-08-20  Markus Gutschke  <markus@shellinabox.com>
-
-	* Added transparent printing support. The development of this
-	feature is sponsored by De Bortoli Wines Pty Limited and by
-	Eternity Technologies.
-
-2009-08-19  Markus Gutschke  <markus@shellinabox.com>
-
-	* Added a ${url} parameter that can be used in the service description.
-
-2009-08-11  Markus Gutschke  <markus@shellinabox.com>
-
-	* Added support for user selectable style sheets. Included example
-	style sheets that allow switching to white-on-black or to monochrome
-	mode from the right click context menu.
-
-	* Fixed the "|" key on Swedish keyboards.
-
-2009-07-30  Markus Gutschke  <markus@shellinabox.com>
-
-	* Added the --css command line option to make incremental changes
-	to the style sheet without having to load a full replacement with
-	the --static-file option. Added an example that enables white text
-	on a black background.
-
-	* Added Debian specific documentation to the manual page.
-
-2009-07-29  Markus Gutschke  <markus@shellinabox.com>
-
-	* Allow unprivileged users to run the daemon. This requires
-	calling "ssh" instead of "login".
-
-2009-07-27  Markus Gutschke  <markus@shellinabox.com>
-
-	* Use JavaScript redirection for attaching the missing slash to
-	the URL. This should make it easier to use reverse proxies. It was
-	already possible to run shellinaboxd behind a proxy, but a lot of
-	users got the configuration wrong.
-
-2009-07-08  Markus Gutschke  <markus@shellinabox.com>
-
-	* Optionally compress large responses, if the browser accepts
-	deflate compression. This mainly improves start up time.
-
-	* More fine tuning of the regular expressions that detect URLs.
-	We now allow '.' and ',' in URLs, as long as they are not at the
-	very end of the URL, where they would probably be part of the
-	enclosing sentence and not actually part of the URL.
-
-2009-07-06  Markus Gutschke  <markus@shellinabox.com>
-
-	* Making it easier to host the terminal on non-root URLs by always
-	redirecting to a URL that includes a trailing slash.
-
-	* Run-time testing for availability of libpthread functions does not
-	work reliably on some platforms. So, avoid doing so on anything
-	other than Linux/i386. For all other platforms, assume that the code
-	is not linked against libpthread. For ShellInABox, this is always
-	the correct assumption. But if the code gets embedded into other
-	projects, this might have to be changed.
-
-2009-07-05  Markus Gutschke  <markus@shellinabox.com>
-
-	* Released version 2.9
-
-2009-07-04  Markus Gutschke  <markus@shellinabox.com>
-
-	* Refined regular expressions for finding URLs.
-
-	* Show new terminal size when resizing the browser.
-
-	* Restored compatibility with IE5 and IE6.
-
-2009-07-03  Markus Gutschke  <markus@shellinabox.com>
-
-	* Added --linkify option. Default settings cause the terminal to
-	recognize fully qualified URLs and to make them clickable.
-
-2009-06-28  Markus Gutschke  <markus@shellinabox.com>
-
-	* Added support for keyboards that have a dedicated "<" / ">" key.
-
-2009-06-21  Markus Gutschke  <markus@shellinabox.com>
-
-	* Added --localhost option.
-
-	* Added support for building on ARM.
-
-	* Respect "Connection: close" for proxies that rely on pre-HTTP/1.1
-	behavior.
-
-2009-05-24  Markus Gutschke  <markus@shellinabox.com>
-
-	* Added SSL support for OpenBSD
-
-2009-05-23  Markus Gutschke  <markus@shellinabox.com>
-
-	* Released version 2.8
-
-2009-05-22  Markus Gutschke  <markus@shellinabox.com>
-
-	* Improved support for entering non-ASCII characters.
-
-2009-05-20  Markus Gutschke  <markus@shellinabox.com>
-
-	* Fixed various issues with building on OpenBSD
-
-2009-04-28  Markus Gutschke  <markus@shellinabox.com>
-
-	* Fixed variable expansion in service descriptions.
-	
-2009-04-27  Markus Gutschke  <markus@shellinabox.com>
-
-	* Released version 2.7
-
-	* Improved compatibility with some PAM configurations when running
-	as a non-privileged user.
-
-	* Fixed a bug that required shells to output data (e.g. a prompt)
-	before they could read the first data.
-
-	* Fixed a potential crash.
-
-2009-04-12  Markus Gutschke  <markus@shellinabox.com>
-
-	* Released version 2.6
-
-	* The demo application is still incomplete, but starting to be
-	somewhat functional. The BASIC interpreter supports variables, and
-	can parse expressions. But it is still missing all flow-control
-	commands, making it somewhat useless for writing real programs.
-
-2009-03-30  Markus Gutschke  <markus@shellinabox.com>
-
-	* Added initial revision of demo application.
-
-	* Show fatal error message even when running in "quiet" mode.
-
-	* Make it easier to override parameters needed by the system startup
-	scripts.
-
-2009-03-29  Markus Gutschke  <markus@shellinabox.com>
-
-	* Added support for chained SSL certificates
-
-2009-03-23  Markus Gutschke  <markus@shellinabox.com>
-
-	* Added an INSTALL.Debian file with Debian-specific instructions on
-	how to build and install a package file.
-
-2009-03-21  Markus Gutschke  <markus@shellinabox.com>
-
-	* Possible fix for IE problems with horizontal positioning of
-	cursor if the line ends in spaces.
-
-	* Work-around for an IE6 bug when doing HTTPS through proxies.
-	
-2009-03-21  Markus Gutschke  <markus@shellinabox.com>
-
-	* Released version 2.5
-
-	* More testing on older IE versions.
-
-2009-03-19  Markus Gutschke  <markus@shellinabox.com>
-
-	* Fixed cursor positioning. Hopefully, more browsers will be happy
-	with this, now.
-
-	* Explicitly added no-cache headers to our responses. This might help
-	with the IE6 problems.
-
-2009-03-17  Markus Gutschke  <markus@shellinabox.com>
-
-	* Allow root to bind to privileged port.
-
-2009-03-17  Markus Gutschke  <markus@shellinabox.com>
-
-	* Fixed IE6 support.
-
-	* Fixed possible memory corruption, when sessions time out.
-
-2009-03-16  Markus Gutschke  <markus@shellinabox.com>
-
-	* Fixed some compiler warnings, that newer versions of GCC issue.
-
-2009-02-27  Markus Gutschke  <markus@shellinabox.com>
-
-	* Added fallback on old-style pty's, if /dev/pts is not mounted.
-
-	* Work-around for systems that don't define a "nogroup" group.
-
-	* Remove the dependency on fdopendir, which does not exist
-	everywhere.
-
-2009-02-16  Markus Gutschke  <markus@shellinabox.com>
-
-	* Include VCS revision number in user-visible version string.
-
-	* Allow "configure" to select whether OpenSSL and PAM libraries
-	should be used at all, dynamically searched-for at run-time, or
-	linked as a regular dynamic library.
-
-	* Fixed various bugs that prevents ShellInABox from running on
-	FreeBSD
-
-2009-02-12  Markus Gutschke  <markus@shellinabox.com>
-
-	* Released version 2.4
-
-2009-02-11  Markus Gutschke  <markus@shellinabox.com>
-
-	* Fixed fatal compiler warning if compiling without SSL support.
-
-	* Fixed cursor hiding and showing
-
-	* Fixed various rendering glitches reported by Phil Endecott of
-	Anyterm (http://anyterm.org) fame.
-
-	* Made code more portable. In particular, fixed sed scripts.
-
-	* Added explicit config.h file, instead of passing configuration
-	options on the compiler's command line.
-
-	* Fixed compilation issues on BSD systems. Code is still untested
-	and unsupported on non-Linux systems at this time.
-
-2009-01-21  Markus Gutschke  <markus@shellinabox.com>
-
-	* Released version 2.3
-
-	* Fixed a show-stopper bug that broke the --cert option.
-
-2009-01-21  Markus Gutschke  <markus@shellinabox.com>
-
-	* Released version 2.2
-
-	* Fixed a bug that could result in the font getting corrupted.
-
-	* Improved compatibility with more versions of the OpenSSL library.
-	Previously, the feature test for TLSEXT did not always work correctly,
-	resulting in compilation failures.
-
-	* Improved support for embedding shellinaboxd into existing web
-	services. SSL certificates can now be passed in through a file
-	handle, and port and pid numbers can be retrieved from the CGI header.
-
-2009-01-08  Markus Gutschke  <markus@shellinabox.com>
-
-	* Released version 2.1
-
-	* Fixed build errors mostly related to x86_64.
-
-	* Added --no-beep command line option to avoid VLC plugin crashing
-	Firefox/x86_64.
-
-	* Fixed multi-line selections in Firefox.
-
-2009-01-01  Markus Gutschke  <markus@shellinabox.com>
-
-	* Added CGI mode for demand-loading the shellinaboxd daemon
-	from a web server. This also allows for the web server to
-	perform authentication, instead of having shellinaboxd do so.
-	
-	* Tightened setuid-root operation to no longer allow switching
-	to arbitrary users/groups. As before, setuid-root remains a
-	non-standard configuration that is not currently recommended.
-	
-	* Fixed session management to deal better with torn down
-	connections. Closed one bug that could have resulted in
-	permanently orphaned connections, when the browser navigated
-	away from the page.
-
-2008-12-27  Markus Gutschke  <markus@shellinabox.com>
-
-	* First public release of the version 2.0 rewrite. This is the
-	first release of ShellInABox that supports an AJAX interface
-	instead of the original Java applet.
-

ChangeLog

@@ -0,0 +1 @@
+CHANGELOG.md

INSTALL

@@ -1,237 +0,0 @@
-Installation Instructions
-*************************
-
-Copyright (C) 1994, 1995, 1996, 1999, 2000, 2001, 2002, 2004, 2005,
-2006, 2007 Free Software Foundation, Inc.
-
-This file is free documentation; the Free Software Foundation gives
-unlimited permission to copy, distribute and modify it.
-
-Basic Installation
-==================
-
-Briefly, the shell commands `./configure; make; make install' should
-configure, build, and install this package.  The following
-more-detailed instructions are generic; see the `README' file for
-instructions specific to this package.
-
-   The `configure' shell script attempts to guess correct values for
-various system-dependent variables used during compilation.  It uses
-those values to create a `Makefile' in each directory of the package.
-It may also create one or more `.h' files containing system-dependent
-definitions.  Finally, it creates a shell script `config.status' that
-you can run in the future to recreate the current configuration, and a
-file `config.log' containing compiler output (useful mainly for
-debugging `configure').
-
-   It can also use an optional file (typically called `config.cache'
-and enabled with `--cache-file=config.cache' or simply `-C') that saves
-the results of its tests to speed up reconfiguring.  Caching is
-disabled by default to prevent problems with accidental use of stale
-cache files.
-
-   If you need to do unusual things to compile the package, please try
-to figure out how `configure' could check whether to do them, and mail
-diffs or instructions to the address given in the `README' so they can
-be considered for the next release.  If you are using the cache, and at
-some point `config.cache' contains results you don't want to keep, you
-may remove or edit it.
-
-   The file `configure.ac' (or `configure.in') is used to create
-`configure' by a program called `autoconf'.  You need `configure.ac' if
-you want to change it or regenerate `configure' using a newer version
-of `autoconf'.
-
-The simplest way to compile this package is:
-
-  1. `cd' to the directory containing the package's source code and type
-     `./configure' to configure the package for your system.
-
-     Running `configure' might take a while.  While running, it prints
-     some messages telling which features it is checking for.
-
-  2. Type `make' to compile the package.
-
-  3. Optionally, type `make check' to run any self-tests that come with
-     the package.
-
-  4. Type `make install' to install the programs and any data files and
-     documentation.
-
-  5. You can remove the program binaries and object files from the
-     source code directory by typing `make clean'.  To also remove the
-     files that `configure' created (so you can compile the package for
-     a different kind of computer), type `make distclean'.  There is
-     also a `make maintainer-clean' target, but that is intended mainly
-     for the package's developers.  If you use it, you may have to get
-     all sorts of other programs in order to regenerate files that came
-     with the distribution.
-
-  6. Often, you can also type `make uninstall' to remove the installed
-     files again.
-
-Compilers and Options
-=====================
-
-Some systems require unusual options for compilation or linking that the
-`configure' script does not know about.  Run `./configure --help' for
-details on some of the pertinent environment variables.
-
-   You can give `configure' initial values for configuration parameters
-by setting variables in the command line or in the environment.  Here
-is an example:
-
-     ./configure CC=c99 CFLAGS=-g LIBS=-lposix
-
-   *Note Defining Variables::, for more details.
-
-Compiling For Multiple Architectures
-====================================
-
-You can compile the package for more than one kind of computer at the
-same time, by placing the object files for each architecture in their
-own directory.  To do this, you can use GNU `make'.  `cd' to the
-directory where you want the object files and executables to go and run
-the `configure' script.  `configure' automatically checks for the
-source code in the directory that `configure' is in and in `..'.
-
-   With a non-GNU `make', it is safer to compile the package for one
-architecture at a time in the source code directory.  After you have
-installed the package for one architecture, use `make distclean' before
-reconfiguring for another architecture.
-
-Installation Names
-==================
-
-By default, `make install' installs the package's commands under
-`/usr/local/bin', include files under `/usr/local/include', etc.  You
-can specify an installation prefix other than `/usr/local' by giving
-`configure' the option `--prefix=PREFIX'.
-
-   You can specify separate installation prefixes for
-architecture-specific files and architecture-independent files.  If you
-pass the option `--exec-prefix=PREFIX' to `configure', the package uses
-PREFIX as the prefix for installing programs and libraries.
-Documentation and other data files still use the regular prefix.
-
-   In addition, if you use an unusual directory layout you can give
-options like `--bindir=DIR' to specify different values for particular
-kinds of files.  Run `configure --help' for a list of the directories
-you can set and what kinds of files go in them.
-
-   If the package supports it, you can cause programs to be installed
-with an extra prefix or suffix on their names by giving `configure' the
-option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
-
-Optional Features
-=================
-
-Some packages pay attention to `--enable-FEATURE' options to
-`configure', where FEATURE indicates an optional part of the package.
-They may also pay attention to `--with-PACKAGE' options, where PACKAGE
-is something like `gnu-as' or `x' (for the X Window System).  The
-`README' should mention any `--enable-' and `--with-' options that the
-package recognizes.
-
-   For packages that use the X Window System, `configure' can usually
-find the X include and library files automatically, but if it doesn't,
-you can use the `configure' options `--x-includes=DIR' and
-`--x-libraries=DIR' to specify their locations.
-
-Specifying the System Type
-==========================
-
-There may be some features `configure' cannot figure out automatically,
-but needs to determine by the type of machine the package will run on.
-Usually, assuming the package is built to be run on the _same_
-architectures, `configure' can figure that out, but if it prints a
-message saying it cannot guess the machine type, give it the
-`--build=TYPE' option.  TYPE can either be a short name for the system
-type, such as `sun4', or a canonical name which has the form:
-
-     CPU-COMPANY-SYSTEM
-
-where SYSTEM can have one of these forms:
-
-     OS KERNEL-OS
-
-   See the file `config.sub' for the possible values of each field.  If
-`config.sub' isn't included in this package, then this package doesn't
-need to know the machine type.
-
-   If you are _building_ compiler tools for cross-compiling, you should
-use the option `--target=TYPE' to select the type of system they will
-produce code for.
-
-   If you want to _use_ a cross compiler, that generates code for a
-platform different from the build platform, you should specify the
-"host" platform (i.e., that on which the generated programs will
-eventually be run) with `--host=TYPE'.
-
-Sharing Defaults
-================
-
-If you want to set default values for `configure' scripts to share, you
-can create a site shell script called `config.site' that gives default
-values for variables like `CC', `cache_file', and `prefix'.
-`configure' looks for `PREFIX/share/config.site' if it exists, then
-`PREFIX/etc/config.site' if it exists.  Or, you can set the
-`CONFIG_SITE' environment variable to the location of the site script.
-A warning: not all `configure' scripts look for a site script.
-
-Defining Variables
-==================
-
-Variables not defined in a site shell script can be set in the
-environment passed to `configure'.  However, some packages may run
-configure again during the build, and the customized values of these
-variables may be lost.  In order to avoid this problem, you should set
-them in the `configure' command line, using `VAR=value'.  For example:
-
-     ./configure CC=/usr/local2/bin/gcc
-
-causes the specified `gcc' to be used as the C compiler (unless it is
-overridden in the site shell script).
-
-Unfortunately, this technique does not work for `CONFIG_SHELL' due to
-an Autoconf bug.  Until the bug is fixed you can use this workaround:
-
-     CONFIG_SHELL=/bin/bash /bin/bash ./configure CONFIG_SHELL=/bin/bash
-
-`configure' Invocation
-======================
-
-`configure' recognizes the following options to control how it operates.
-
-`--help'
-`-h'
-     Print a summary of the options to `configure', and exit.
-
-`--version'
-`-V'
-     Print the version of Autoconf used to generate the `configure'
-     script, and exit.
-
-`--cache-file=FILE'
-     Enable the cache: use and save the results of the tests in FILE,
-     traditionally `config.cache'.  FILE defaults to `/dev/null' to
-     disable caching.
-
-`--config-cache'
-`-C'
-     Alias for `--cache-file=config.cache'.
-
-`--quiet'
-`--silent'
-`-q'
-     Do not print messages saying which checks are being made.  To
-     suppress all normal output, redirect it to `/dev/null' (any error
-     messages will still be shown).
-
-`--srcdir=DIR'
-     Look for the package's source code in directory DIR.  Usually
-     `configure' can determine that directory automatically.
-
-`configure' also accepts some other, not widely useful, options.  Run
-`configure --help' for more details.
-

INSTALL.Debian

@@ -41,7 +41,7 @@ you point your browser to the site.
 
 At the very least, you need a file called "certificate.pem" that includes
 both the private key and the public certificate in PEM (i.e. ASCII) format.
-Additionally, you should create files for each of the publically visible
+Additionally, you should create files for each of the publicly visible
 hostnames that your machine has. These are named "certificate-${FQDN}.pem".
 You probably also want "certificate-localhost.pem".
 

Makefile.am

@@ -1,6 +1,7 @@
 AM_CPPFLAGS          =
 AM_CFLAGS            = -g -std=gnu99 -Wall
 AM_LDFLAGS           = -g -lm
+ACLOCAL_AMFLAGS      = -I m4
 
 noinst_LTLIBRARIES   = libhttp.la                                             \
                        liblogging.la
@@ -11,17 +12,12 @@ noinst_HEADERS       = libhttp/http.h
 dist_doc_DATA        = AUTHORS                                                \
                        COPYING                                                \
                        GPL-2                                                  \
-                       ChangeLog                                              \
-                       INSTALL                                                \
-                       NEWS                                                   \
-                       README                                                 \
-                       TODO                                                   \
-                       shellinabox/white-on-black.css                         \
-                       shellinabox/black-on-white.css                         \
-                       shellinabox/monochrome.css                             \
-                       shellinabox/color.css
+                       NEWS
 EXTRA_DIST           = INSTALL.Debian                                         \
                        README.Fedora                                          \
+                       INSTALL                                                \
+                       README                                                 \
+                       TODO                                                   \
                        demo/beep.wav                                          \
                        demo/favicon.ico                                       \
                        demo/demo.html                                         \
@@ -43,6 +39,10 @@ EXTRA_DIST           = INSTALL.Debian                                         \
                        shellinabox/shell_in_a_box.js                          \
                        shellinabox/vt100.js                                   \
                        shellinabox/cgi-mode-example.sh                        \
+                       shellinabox/white-on-black.css                         \
+                       shellinabox/black-on-white.css                         \
+                       shellinabox/monochrome.css                             \
+                       shellinabox/color.css                                  \
                        debian/README                                          \
                        debian/README.available                                \
                        debian/README.enabled                                  \
@@ -127,6 +127,8 @@ BUILT_SOURCES        = shellinabox/beep.h                                     \
 shellinaboxd_LDADD   = liblogging.la                                          \
                        libhttp.la
 shellinaboxd_LDFLAGS = -static
+## Added this for compatibility with older versions of autoconf/automake
+docdir               = ${datadir}/doc/${PACKAGE}
 
 symbolname           =                                                        \
   sed -e 's/.*\/\([^.]*\)[.].*/\1/'                                           \
@@ -238,9 +240,10 @@ shellinaboxd.1: ${top_srcdir}/shellinabox/shellinaboxd.man.in                 \
 	@out=`echo "$@" 2>/dev/null|sed -e 's/\.[^.]*$$/.ps/'`;               \
 	man -Tps "./$@" >"$${out}" 2>/dev/null || rm -f "$${out}"
 
-clean-local:
+clean-local: clean-demo
 	-rm -rf shellinaboxd.1                                                \
-	        shellinaboxd.ps
+	        shellinaboxd.ps                                               \
+	        shellinaboxd.pdf
 	-rm -rf debian/shellinabox                                            \
 	        debian/shellinabox*.debhelper*                                \
 	        debian/shellinabox.substvars                                  \
@@ -253,10 +256,26 @@ clean-local:
 	        shellinabox/keyboard-layout.h				      \
 	        shellinabox/print-styles.h  				      \
 	        shellinabox/root_page.h     				      \
+	        shellinabox/shell_in_a_box.js				      \
 	        shellinabox/shell_in_a_box.h				      \
 	        shellinabox/styles.h                                          \
+	        shellinabox/vt100.js                                          \
 	        shellinabox/vt100.h
 
+clean-demo:
+	-rm demo/beep.wav						      \
+	    demo/demo.js 						      \
+	    demo/enabled.gif 						      \
+	    demo/favicon.ico 						      \
+	    demo/keyboard.png 						      \
+	    demo/print-styles.css 					      \
+	    demo/styles.css 						      \
+	    demo/usercss-0.css 						      \
+	    demo/usercss-1.css 						      \
+	    demo/usercss-2.css 						      \
+	    demo/usercss-3.css 						      \
+	    demo/vt100.js
+
 .css.h:
 	@echo od "$<" '>'"$@"
 	@mkdir -p "`dirname "$@"`"
@@ -320,7 +339,7 @@ clean-local:
 	             -e t                                                     \
 	             -e d "$<"`"                                              \
 	     -e "s/^#/\/\/ #/"                                                \
-	     -e "s/VERSION/\"@VERSION@ (revision @VCS_REVISION@)\"/g"         \
+	     -e "s/VERSION/\"@VERSION@ @VCS_REVISION@\"/g"                    \
 	     "$<" >"$@"
 
 .js.h:
@@ -346,3 +365,9 @@ clean-local:
 	           "(int)sizeof($${sym}Start);";                              \
 	 } >"$@"
 
+shellinaboxd.ps: shellinaboxd.1
+	groff -man -T ps $^ >$@
+
+shellinaboxd.pdf: shellinaboxd.ps
+	ps2pdf $^ $@
+

README.Fedora

@@ -29,4 +29,3 @@ some tips on getting things working:
   Make sure you assign the correct SELinux labels to this file when copying
   it into "/etc/pam.d":
     cp -Z system_u:object_r:etc_t:s0 etc-pam.d-shellinabox-example /etc/pam.d/
-

README.md

@@ -0,0 +1,104 @@
+
+shellinabox
+===========
+
+[![Build Status](https://drone.io/github.com/shellinabox/shellinabox/status.png)](https://drone.io/github.com/shellinabox/shellinabox/latest)
+[![Join the chat at https://gitter.im/shellinabox/shellinabox](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/shellinabox/shellinabox?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+
+
+This is an unofficial fork of the project **Shell In A Box**. The fork was created because
+the original project was not maintained anymore and we cannot contact the original
+repository owners.
+
+Our aim is to continue with maintenance of the shellinabox project. For a list of
+recent changes, please see [CHANGELOG.md](/CHANGELOG.md).
+
+If you have any questions, issues, or patches, please feel free to submit a pull
+request or report an issue. You can also drop an email to the original project
+[issue #261](https://code.google.com/p/shellinabox/issues/detail?id=261) discussion
+from where this fork started.
+
+
+About shellinabox
+-----------------
+
+Shell In A Box implements a web server that can export arbitrary command line
+tools to a web based terminal emulator. This emulator is accessible to any
+JavaScript and CSS enabled web browser and does not require any additional
+browser plugins.
+
+![Shell In A Box preview](/misc/preview.gif?raw=true)
+
+More information:
+
+* [Manual page](https://github.com/shellinabox/shellinabox/wiki/shellinaboxd_man)
+* [Official site](https://code.google.com/p/shellinabox)
+* [Official wiki](https://code.google.com/p/shellinabox/wiki/shellinaboxd_man)
+
+
+Build
+-----------------
+
+For building **shellinabox** from source on Debian or RHEL based systems use commands
+listed below. This will create executable file `shellinaboxd` in project directory.
+
+1. Clone the autotools
+
+   ```
+    wget https://raw.githubusercontent.com/simono41/shellinabox/master/auto.sh
+   ```
+
+3. Run autotools 
+
+   ```
+    chmod +x auto.sh
+    ./auto.sh
+   ```
+
+#### Debian package
+
+For building and installing `.deb` packages you can use commands listed bellow.
+Note that dependencies from the first step above are also required.
+
+1. Build package
+
+    ```
+    dpkg-buildpackage -b
+    ```
+
+2. Install package
+
+    ```
+    dpkg -i ../shellinabox_{ver}_{arch}.deb
+    ```
+
+For more information about `.deb` packages please see [INSTALL.Debian](/INSTALL.Debian) file.
+
+Issues
+-----------------
+
+All reported issues were imported from [Google Code Project Issues](https://code.google.com/p/shellinabox/issues/list).
+You can report new issues here, but first please try to reproduce them with package
+created from our sources. In new issue report please include following things:
+
+* Name and version of your operating system
+* Name and version of your browser
+* Version of shellinabox
+* Steps to reproduce the problem
+
+Also feel free to post any questions or comments in [shellinabox chat room](https://gitter.im/shellinabox/shellinabox)
+on Gitter.
+
+
+Known Issues
+------------
+
+* The openssl package is required for HTTP/SSL support.
+  Shell-in-a-box may be used without SSL such that the login session
+  is not encrypted.  To enable automatic creation of self-signed
+  certificates or to use a generated certificate, install openssl.
+
+* On Debian Jessie, the default openssl package does not include the
+  utilities necessary for Shell-in-a-box to generate self-signed
+  certificates.  Upgrade openssl to install a version of the tools
+  that support certificate creation.

TODO

@@ -1,4 +1,3 @@
 - Check if there is any way that we could fall back on gnutls if openssl is
   unavailable
 - Package for distributions other than Debian
-

auto.sh

@@ -0,0 +1,56 @@
+#!/bin/bash
+
+set -ex
+
+if [[ $EUID -ne 0 ]]; then
+   echo "This script must be run as root" 1>&2
+   exit 1
+fi
+  echo "Als root Angemeldet"
+
+if [ -f /usr/bin/apt ]; then
+  apt update
+
+  apt install git libssl-dev libpam0g-dev zlib1g-dev dh-autoreconf
+fi
+
+if [ -f /usr/bin/pacman ]; then
+  pacman -Sy git openssl autoconf automake make gcc
+fi
+
+cd /opt/
+
+git clone https://github.com/simono41/shellinabox.git
+
+cd shellinabox
+
+autoreconf -i
+
+./configure && make
+
+cp shellinabox.service /etc/systemd/system/
+
+systemctl daemon-reload
+
+systemctl enable shellinabox.service
+
+# adduser
+
+echo adduser webssh
+
+useradd webssh
+
+mkdir /home/webssh
+
+cp shellinabox_sshwrapper.sh /home/webssh/
+
+chmod 770 -R /home/webssh/
+
+chown -cR webssh:webssh /home/webssh/
+
+passwd webssh <<EOT
+webssh
+webssh
+EOT
+
+systemctl start shellinabox.service &

commit

@@ -1,5 +1,10 @@
 #!/bin/bash -e
 
+echo "This script would only work on a Subversion repository"
+echo "and is only kept for historical purpose... for now."
+exit 1
+
+
 # The script ensures that all commands succeed unless an error occurred. If it
 # does though, the shell terminates the script and our exit handler runs.
 trap 'tput bel || :; echo Failed! >&2' EXIT

config.h.in

@@ -1,182 +0,0 @@
-/* config.h.in.  Generated from configure.ac by autoheader.  */
-
-/* Define to 1 if you have support for symbol aliasing */
-#undef HAVE_ATTRIBUTE_ALIAS
-
-/* Define to 1 if you have support for the "unused" attribute */
-#undef HAVE_ATTRIBUTE_UNUSED
-
-/* Set if you want support for calling /bin/login */
-#undef HAVE_BIN_LOGIN
-
-/* Define to 1 if you have the <dlfcn.h> header file. */
-#undef HAVE_DLFCN_H
-
-/* Define to 1 if you have the `dlopen' function. */
-#undef HAVE_DLOPEN
-
-/* Define to 1 if you have the `getgrgid_r' function. */
-#undef HAVE_GETGRGID_R
-
-/* Define to 1 if you have the `getgrnam_r' function. */
-#undef HAVE_GETGRNAM_R
-
-/* Define to 1 if getgrouplist() takes ints as arguments */
-#undef HAVE_GETGROUPLIST_TAKES_INTS
-
-/* Define to 1 if you have the `gethostbyname_r' function. */
-#undef HAVE_GETHOSTBYNAME_R
-
-/* Define to 1 if you have the `getpwnam_r' function. */
-#undef HAVE_GETPWNAM_R
-
-/* Define to 1 if you have the `getpwuid_r' function. */
-#undef HAVE_GETPWUID_R
-
-/* Define to 1 if you have the `getresgid' function. */
-#undef HAVE_GETRESGID
-
-/* Define to 1 if you have the `getresuid' function. */
-#undef HAVE_GETRESUID
-
-/* Define to 1 if you have the <inttypes.h> header file. */
-#undef HAVE_INTTYPES_H
-
-/* Define to 1 if you have support for isnan */
-#undef HAVE_ISNAN
-
-/* Define to 1 if you have the <libutil.h> header file. */
-#undef HAVE_LIBUTIL_H
-
-/* Define to 1 if you have the `login_tty' function. */
-#undef HAVE_LOGIN_TTY
-
-/* Define to 1 if you have the <memory.h> header file. */
-#undef HAVE_MEMORY_H
-
-/* Define to 1 if you have the `openpty' function. */
-#undef HAVE_OPENPTY
-
-/* Define to 1 if you have the <openssl/bio.h> header file. */
-#undef HAVE_OPENSSL_BIO_H
-
-/* Define to 1 if you have the <openssl/err.h> header file. */
-#undef HAVE_OPENSSL_ERR_H
-
-/* Define to 1 if you have the <openssl/ssl.h> header file. */
-#undef HAVE_OPENSSL_SSL_H
-
-/* Define to 1 if you have the <pthread.h> header file. */
-#undef HAVE_PTHREAD_H
-
-/* Define to 1 if you have a re-entrant version of ptsname */
-#undef HAVE_PTSNAME_R
-
-/* Define to 1 if you have the <pty.h> header file. */
-#undef HAVE_PTY_H
-
-/* Define to 1 if you have the <security/pam_appl.h> header file. */
-#undef HAVE_SECURITY_PAM_APPL_H
-
-/* Define to 1 if you have the <security/pam_client.h> header file. */
-#undef HAVE_SECURITY_PAM_CLIENT_H
-
-/* Define to 1 if you have the <security/pam_misc.h> header file. */
-#undef HAVE_SECURITY_PAM_MISC_H
-
-/* Define to 1 if you have the `setresgid' function. */
-#undef HAVE_SETRESGID
-
-/* Define to 1 if you have the `setresuid' function. */
-#undef HAVE_SETRESUID
-
-/* Define to 1 if you have a working sigwait */
-#undef HAVE_SIGWAIT
-
-/* Define to 1 if you have the <stdint.h> header file. */
-#undef HAVE_STDINT_H
-
-/* Define to 1 if you have the <stdlib.h> header file. */
-#undef HAVE_STDLIB_H
-
-/* Define to 1 if you have the `strcasestr' function. */
-#undef HAVE_STRCASESTR
-
-/* Define to 1 if you have the <strings.h> header file. */
-#undef HAVE_STRINGS_H
-
-/* Define to 1 if you have the <string.h> header file. */
-#undef HAVE_STRING_H
-
-/* Define to 1 if you have the `strlcat' function. */
-#undef HAVE_STRLCAT
-
-/* Define to 1 if you have the <sys/prctl.h> header file. */
-#undef HAVE_SYS_PRCTL_H
-
-/* Define to 1 if you have the <sys/stat.h> header file. */
-#undef HAVE_SYS_STAT_H
-
-/* Define to 1 if you have the <sys/types.h> header file. */
-#undef HAVE_SYS_TYPES_H
-
-/* Define to 1 if you have the <sys/uio.h> header file. */
-#undef HAVE_SYS_UIO_H
-
-/* Define to 1 if you have the <unistd.h> header file. */
-#undef HAVE_UNISTD_H
-
-/* Define to 1 if you have support for updwtmp */
-#undef HAVE_UPDWTMP
-
-/* Define to 1 if you have support for updwtmpx */
-#undef HAVE_UPDWTMPX
-
-/* Define to 1 if you have the <util.h> header file. */
-#undef HAVE_UTIL_H
-
-/* Define to 1 if you have the <utmpx.h> header file. */
-#undef HAVE_UTMPX_H
-
-/* Define to 1 if you have the <utmp.h> header file. */
-#undef HAVE_UTMP_H
-
-/* Define to 1 if zlib development files are installed */
-#undef HAVE_ZLIB
-
-/* Define to the sub-directory in which libtool stores uninstalled libraries.
-   */
-#undef LT_OBJDIR
-
-/* Name of package */
-#undef PACKAGE
-
-/* Define to the address where bug reports for this package should be sent. */
-#undef PACKAGE_BUGREPORT
-
-/* Define to the full name of this package. */
-#undef PACKAGE_NAME
-
-/* Define to the full name and version of this package. */
-#undef PACKAGE_STRING
-
-/* Define to the one symbol short name of this package. */
-#undef PACKAGE_TARNAME
-
-/* Define to the home page for this package. */
-#undef PACKAGE_URL
-
-/* Define to the version of this package. */
-#undef PACKAGE_VERSION
-
-/* Define to 1 if you have the ANSI C header files. */
-#undef STDC_HEADERS
-
-/* Most recent revision number in the version control system */
-#undef VCS_REVISION
-
-/* Version number of package */
-#undef VERSION
-
-/* Define to empty if `const' does not conform to ANSI C. */
-#undef const

configure.ac

@@ -1,27 +1,38 @@
 AC_PREREQ(2.57)
 
-dnl This is the one location where the authoritative version number is stored
-AC_INIT(shellinabox, 2.10, markus@shellinabox.com)
-VCS_REVISION=239
+dnl This is one of the locations where the authoritative version
+dnl  number is stored.  The other is in the debian/changelog.
+AC_INIT(shellinabox, 2.20, markus@shellinabox.com)
+if test -e .git; then
+VCS_REVISION=" (revision `cd $srcdir && git log -1 --format=format:%h`)"
+else
+VCS_REVISION=""
+fi
 AC_SUBST(VCS_REVISION)
 AC_DEFINE_UNQUOTED(VCS_REVISION, "${VCS_REVISION}",
                    [Most recent revision number in the version control system])
 
 dnl Set up autoconf/automake for building C libraries and binaries with GCC
 CFLAGS="${CFLAGS:--Os}"
-AM_INIT_AUTOMAKE
+AM_INIT_AUTOMAKE([subdir-objects])
 AM_CONFIG_HEADER(config.h)
 AC_PROG_CC
+dnl Added this for compatibility with older versions of autoconf/automake
+AM_PROG_CC_C_O
 AC_LANG_WERROR
 AC_PROG_INSTALL
 AC_PROG_LIBTOOL
 AC_SUBST(LIBTOOL_DEPS)
 AC_C_CONST
 AC_PROG_GCC_TRADITIONAL
+AC_CONFIG_MACRO_DIR([m4])
+
+dnl Overwrite default archiver flags.
+AC_SUBST(AR_FLAGS, [cr])
 
 dnl Check for header files that do not exist on all platforms
-AC_CHECK_HEADERS([libutil.h pthread.h pty.h strings.h sys/prctl.h sys/uio.h  \
-                  util.h utmp.h utmpx.h])
+AC_CHECK_HEADERS([libutil.h pthread.h pty.h strings.h syslog.h sys/prctl.h \
+                  sys/uio.h util.h])
 
 dnl Most systems require linking against libutil.so in order to get login_tty()
 AC_CHECK_FUNCS(login_tty, [],
@@ -32,6 +43,9 @@ AC_CHECK_FUNCS(login_tty, [],
 dnl Use strlcat() instead of strncat() to avoid spurious warnings
 AC_CHECK_FUNCS([strlcat])
 
+dnl Use vsyslog() for logging important error messages
+AC_CHECK_FUNCS([vsyslog])
+
 dnl Prefer thread-safe functions, if available
 AC_CHECK_FUNCS([getgrgid_r getgrnam_r gethostbyname_r getpwnam_r getpwuid_r  \
                 openpty strcasestr getresuid getresgid setresuid setresgid ])
@@ -61,15 +75,6 @@ AC_TRY_LINK([#include <math.h>],
             [AC_DEFINE(HAVE_ISNAN, 1,
                        Define to 1 if you have support for isnan)])
 
-dnl Even if utmpx.h exists, not all systems have support for updwtmpx()
-AC_TRY_LINK([#include <utmp.h>],
-            [updwtmp(0, 0);],
-            [AC_DEFINE(HAVE_UPDWTMP, 1,
-                       Define to 1 if you have support for updwtmp)])
-AC_TRY_LINK([#include <utmpx.h>],
-            [updwtmpx(0, 0);],
-            [AC_DEFINE(HAVE_UPDWTMPX, 1,
-                       Define to 1 if you have support for updwtmpx)])
 
 dnl Check if the compiler supports aliasing of symbols
 AC_TRY_LINK([void x(void) { };
@@ -133,6 +138,28 @@ AC_ARG_ENABLE(runtime-loading,
                             these libraries into the binary, thus making them a
                             hard dependency, then disable runtime-loading.])
 
+dnl This is feature is not suported in some standard C libs. So users can use
+dnl this switch to avoid compile and runtime problems. Note that utmp must
+dnl disabled on systems with musl libc.
+AC_ARG_ENABLE(utmp,
+              [  --disable-utmp            Disable support for login records. Note
+                                           that for systems with musl libc utmp must
+                                           be disabled.])
+
+if test "x$enable_utmp" != xno; then
+  AC_CHECK_HEADERS([utmp.h utmpx.h])
+
+  dnl Even if utmpx.h exists, not all systems have support for updwtmpx()
+  AC_TRY_LINK([#include <utmp.h>],
+              [updwtmp(0, 0);],
+              [AC_DEFINE(HAVE_UPDWTMP, 1,
+                         Define to 1 if you have support for updwtmp)])
+  AC_TRY_LINK([#include <utmpx.h>],
+              [updwtmpx(0, 0);],
+              [AC_DEFINE(HAVE_UPDWTMPX, 1,
+                         Define to 1 if you have support for updwtmpx)])
+fi
+
 dnl Only test for OpenSSL headers, if not explicitly disabled
 if test "x$enable_ssl" != xno; then
   AC_CHECK_HEADERS([openssl/bio.h openssl/err.h openssl/ssl.h])

debian/README.source

@@ -1,3 +1,3 @@
-The upstream source for shellinabox is archived in googlecode GIT
-repository, <http://code.google.com/p/shellinabox/>.  The package is
-being maintained as a native Debian package.
+The upstream source for shellinabox is archived in GitHub GIT
+repository, <https://github.com/shellinabox/shellinabox/>.
+The package is being maintained as a native Debian package.

debian/changelog

@@ -1,3 +1,97 @@
+shellinabox (2.20) unstable; urgency=medium
+
+  * Fixed issue #222, LOGIN service
+  * Fixed issue #360, ignore escape sequences to fix dir listing
+  * Fix for function key presses
+  * Adjusting scale on IE
+  * New option to disable peer check (#364)
+  * Add option for custom SSH port
+  * Support for APL characters
+  * PDF documentation
+  * Fix for BSD build
+  * New ready event support
+  * OpenSSL 1.1 fixes  (Closes: #828542)
+  * May build with MUSL library
+  * Documentation added that SSL support is optional and requires
+    installation of openssl on Debian. (Closes: #839067)
+  * Jessie requires explicit installation of openssl because the default
+    package does not include the necessary utilities to support creation
+    of certificates. (Closes: #839066)
+
+ -- Marc Singer <elf@debian.org>  Wed, 09 Nov 2016 09:52:24 -0800
+
+shellinabox (2.19) unstable; urgency=high
+
+  * Added support for middle-click paste, #350.
+  * Improved iOS support, #354.
+  * New logic to enable soft keyboard icon, #119, #321, #354.
+  * Disable HTTP fallback using the URL /plain.  Consequently disables
+    automatic upgrades from HTTP to HTTPS, #355. (CVE-2015-8400).
+
+ -- Marc Singer <elf@debian.org>  Sat, 05 Dec 2015 10:24:12 -0800
+
+shellinabox (2.18) unstable; urgency=low
+
+  * Fixed reverse vide rendering, #341.
+  * Using stdout for version information, #344.
+  * Added CGI session key in HTTP response.
+  * Child process cleanup, #103.
+  * Merged #340.
+  * Autoconf updates.
+  * Disabled utmp logging.
+  * Merge #338, killing children with HUP.
+  * Fixed handling of large HTTP requests.
+  * Enhanced logging clarity with prefix.
+
+ -- Marc Singer <elf@debian.org>  Sat, 10 Oct 2015 10:53:38 -0700
+
+shellinabox (2.17) unstable; urgency=medium
+
+  * Generally, SSL updates.
+  * Disabling secure client-initiated renegotiation, an abused and
+    unnecessary feature.
+  * Added support for PFS using ECDHE.
+  * Guarding build against old versions of SSL.
+
+ -- Marc Singer <elf@debian.org>  Fri, 07 Aug 2015 20:48:33 -0700
+
+shellinabox (2.16) unstable; urgency=low
+
+  * New release to guarantee upgrades for people who had installed a
+    2.15-1 release candidate.
+  * Update to About dialog to use GitHub URLs.
+
+ -- Marc Singer <elf@debian.org>  Fri, 24 Jul 2015 11:45:22 -0700
+
+shellinabox (2.15) unstable; urgency=low
+
+  * Improved clean-liness so that source archive is clean.
+  * First release from GitHub. (Closes: #785181)
+  
+  [Contributions by Alexandre Detiste <alexandre.detiste@gmail.com>]
+  * Bump std version to 3.9.6, no change needed
+  * Bump debhelper compat to 9
+  * Move lintian exception in d/shellinabox.lintian
+  * Change urls to new GitHub repos
+  * Retain user preferences on upgrade (Closes: #786441)
+
+ -- Marc Singer <elf@debian.org>  Fri, 24 Jul 2015 09:16:18 -0700
+
+shellinabox (2.14-1) unstable; urgency=low
+
+  * Revised install target of debian/rules.
+  * Revised postrm and prerm to fix dangling symlinks on
+    purge. (Closes: #668720.)
+
+ -- Marc Singer <elf@debian.org>  Sat, 21 Apr 2012 10:26:21 -0700
+
+shellinabox (2.13-1) unstable; urgency=low
+
+  * Typo in web address.  (Closes: #668130.)
+  * Removing PATH_MAX reference which should fix Hurd build.
+
+ -- Marc Singer <elf@buici.com>  Mon, 09 Apr 2012 18:34:17 -0700
+
 shellinabox (2.12-1) unstable; urgency=low
 
   * Moved libssl from a dependency to a recommended package using a helper

debian/compat

@@ -1 +1 @@
-8
+9

debian/control

@@ -2,24 +2,21 @@ Source: shellinabox
 Section: web
 Priority: optional
 Maintainer: Marc Singer <elf@debian.org>
-Build-Depends: debhelper (>= 8.0.0), autotools-dev, binutils,
- libssl-dev, libpam0g-dev, zlib1g-dev
-Standards-Version: 3.9.2
-Homepage: http://shelinabox.com
-Vcs-Git: https://code.google.com/p/shellinabox/
-Vcs-Browser: https://code.google.com/p/shellinabox/source/browse/
+Build-Depends: debhelper (>= 9), autotools-dev, binutils,
+ libssl-dev, libpam0g-dev, zlib1g-dev, dh-autoreconf
+Standards-Version: 3.9.6
+Homepage: http://shellinabox.com
+Vcs-Git: https://github.com/shellinabox/shellinabox/
+Vcs-Browser: https://github.com/shellinabox/shellinabox/
 
 Package: shellinabox
 Architecture: any
 Depends: ${shlibs:Depends}, ${misc:Depends}, adduser, lsb-base
-Recommends: ${shlibs:Recommends}
-Suggests: libpam0g, openssl
+Suggests: openssl
 Description: publish command line shell through AJAX interface
  Shellinabox can export arbitrary command line programs to any JavaScript
  enabled web browser. By default, it prompts for username and password
- and then exports a SSL/TLS encrypted login shell. Shellinabox provides
- a VT100 compatible terminal emulator that runs within any modern browser.
- .
- ShellInABox links libssl dynamically, so libssl must be installed
- either manually or as a dependency of another package for SSL support
- to be available.
+ and then exports a login shell. Shellinabox provides a VT100
+ compatible terminal emulator that runs within any modern
+ browser. Support for HTTPS protocol (SSL/TLS encryption) is optional
+ and requires installation of openssl.

debian/copyright

@@ -1,9 +1,13 @@
-Format: http://dep.debian.net/deps/dep5
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
 Upstream-Name: shellinabox
-Source: <https://code.google.com/p/shellinabox/>
+Source: <https://github.com/shellinabox/shellinabox/>
 
 Files: *
 Copyright: Copyright 2008-2012, Markus Gutschke  All rights reserved.
+                     2012, Marc Singer
+                     2015, Luka Krajger, Philip Hughes, Daniel Gröber,
+                           Ezra Buehler, Anders Kaseorg,
+                           Jonathan Rennison, Guillaume Martres
 Upstream-Author: markus@shellinabox.com
 License: GPL-2+
   This program is free software; you can redistribute it and/or modify

debian/rules

@@ -1,59 +1,38 @@
 #!/usr/bin/make -f
 # -*- makefile -*-
-# Sample debian/rules that uses debhelper.
-# This file was originally written by Joey Hess and Craig Small.
-# As a special exception, when this file is copied by dh-make into a
-# dh-make output file, you may use that output file without restriction.
-# This special exception was added by Craig Small in version 0.37 of dh-make.
 
 # Uncomment this to turn on verbose mode.
 #export DH_VERBOSE=1
 
+DH_WITH=--with autotools-dev,autoreconf
+
+clean:
+	[ ! -f Makefile ] || make clean-demo
+	dh clean $(DH_WITH)
+
 %:
-	dh $@ --with autotools-dev
+	dh $@ $(DH_WITH)
 
+# elf-2012.04.10: Since Debian manages package dependencies we can
+# 		  force linkage of ssl s.t. the dependency is properly kept
+# 		  up-to-date.  This is much better than attempting to
+# 		  force the right version of ssl to be present
+# 		  s.t. the runtime loader can find them.
+override_dh_auto_configure:
+	dh_auto_configure -- --disable-runtime-loading
 
-# elf-2012.04.07: Because the daemon loads libssl.so-X dynamically
-#		  there is no way for the debhelper script to find the
-#		  library name to add to the dependencies.  So we
-#		  link a small program to provide a target for
-#		  dpkg-shlibdeps to use to recover the dependency.
-override_dh_shlibdeps:
-	gcc -o debian/shellinabox/ssl-deps debian/ssl-deps.c -lcrypto
-	dpkg-shlibdeps -Tdebian/shellinabox.substvars debian/shellinabox/usr/bin/shellinaboxd \
-		-dRecommends debian/shellinabox/ssl-deps
-	rm debian/shellinabox/ssl-deps
-
-# elf-2012.03.24: This work should be done in the Makefile install
-#		  target instead of debian/rules.
+AVAILABLE=debian/shellinabox/etc/shellinabox/options-available
+ENABLED=debian/shellinabox/etc/shellinabox/options-enabled
 override_dh_install:
-	dh_testdir
-	dh_testroot
-	dh_prep
-	dh_installdirs
-	@# Add here commands to install the package into debian/tmp
-	$(MAKE) install DESTDIR="$(CURDIR)/debian/tmp"
-# Set up system-wide user CSS style options
-	mkdir -p "$(CURDIR)/debian/tmp/etc/shellinabox/options-available"     \
-	         "$(CURDIR)/debian/tmp/etc/shellinabox/options-enabled"
-	for i in "00+Black on White" "00_White On Black"                      \
-	         "01_Monochrome"     "01+Color Terminal"; do                  \
-	  cp "$(CURDIR)/debian/tmp/usr/share/doc/shellinabox/$$(echo "$$i"|   \
-                                        sed -e 's/[0-9]*[_+]\([^ ]*\).*/\1/'| \
-	                                tr A-Z a-z)"*.css                     \
-	     "$(CURDIR)/debian/tmp/etc/shellinabox/options-available/$$i.css";\
-	done
-	cd "$(CURDIR)/debian/tmp/etc/shellinabox/options-enabled" &&          \
-	ln -s ../options-available/*.css .
-	cp "$(CURDIR)/debian/README.available"                                \
-	   "$(CURDIR)/debian/tmp/etc/shellinabox/options-available/README"
-	cp "$(CURDIR)/debian/README.enabled"                                  \
-	   "$(CURDIR)/debian/tmp/etc/shellinabox/options-enabled/README"
-# Add Lintian override. ShellInABox has an explicit exemption allowing
-# the linking its GPLv2 code with OpenSSL.
-	mkdir -p "$(CURDIR)/debian/tmp/usr/share/lintian/overrides/"
-	{ echo '# ShellInABox has an explicit exemption allowing the linking';\
-	echo '# of its GPLv2 code with OpenSSL';                              \
-	echo 'shellinabox binary: possible-gpl-code-linked-with-openssl'; }   \
-	   >"$(CURDIR)/debian/tmp/usr/share/lintian/overrides/shellinabox"
 	dh_install
+	install -D -m644 shellinabox/black-on-white.css "$(AVAILABLE)/00+Black on White.css"
+	install -D -m644 shellinabox/white-on-black.css "$(AVAILABLE)/00_White On Black.css"
+	install -D -m644 shellinabox/color.css          "$(AVAILABLE)/01+Color Terminal.css"
+	install -D -m644 shellinabox/monochrome.css     "$(AVAILABLE)/01_Monochrome.css"
+	install -D -m644 debian/README.available        "$(AVAILABLE)/README"
+	install -D -m644 debian/README.enabled          "$(ENABLED)/README"
+
+	# info duplicated in debian/copyright
+	# and /usr/share/common-licenses/GPL-2
+	rm debian/shellinabox/usr/share/doc/shellinabox/COPYING
+	rm debian/shellinabox/usr/share/doc/shellinabox/GPL-2

debian/shellinabox.default

@@ -10,10 +10,6 @@ SHELLINABOX_PORT=4200
 # SHELLINABOX_USER=shellinabox
 # SHELLINABOX_GROUP=shellinabox
 
-# Names of openssl libraries to load dynamically.
-SHELLINABOX_LIBSSL_SO=libssl.so.1.0.0
-SHELLINABOX_LIBCRYPTO_SO=libcrypto.so.1.0.0
-
 # Any optional arguments (e.g. extra service definitions).  Make sure
 # that that argument is quoted.
 #

debian/shellinabox.init

@@ -8,7 +8,7 @@
 # Short-Description: Shell In A Box Daemon
 # Description:       Daemon for publishing a login shell at
 #                    http://localhost:SHELLINABOX_PORT
-#		     where default port number is 4200. 
+#		     where default port number is 4200.
 ### END INIT INFO
 
 # Authors: Markus Gutschke <markus@shellinabox.com>, Marc Singer <elf@buici.com>
@@ -40,10 +40,6 @@ SHELLINABOX_PORT="${SHELLINABOX_PORT:-4200}"
 SHELLINABOX_USER="${SHELLINABOX_USER:-shellinabox}"
 SHELLINABOX_GROUP="${SHELLINABOX_GROUP:-shellinabox}"
 
-# Export SO file names
-export SHELLINABOX_LIBCRYPTO_SO="${SHELLINABOX_LIBCRYPTO_SO:-libcrypto.so}"
-export SHELLINABOX_LIBSSL_SO="${SHELLINABOX_LIBSSL_SO:-libssl.so}"
-
 #
 #       Function that starts the daemon/service.
 #

debian/shellinabox.install

@@ -1,5 +0,0 @@
-etc/shellinabox/options-available
-etc/shellinabox/options-enabled
-usr/bin
-usr/share/lintian/overrides
-usr/share/man/man1

debian/shellinabox.lintian-overrides

@@ -0,0 +1,3 @@
+# ShellInABox has an explicit exemption allowing the linking
+# of its GPLv2 code with OpenSSL
+shellinabox binary: possible-gpl-code-linked-with-openssl

debian/shellinabox.postinst

@@ -25,6 +25,20 @@ case "$1" in
           --home /var/lib/shellinabox --gecos "Shell In A Box" \
           --group shellinabox
       fi
+	# Shellinabox must own the certificate directory so that it
+	# can write the certificate even when the daemon has given-up
+	# root privileges.
+#      chown shellinabox:shellinabox /var/lib/shellinabox
+
+      # new install, enable all options
+      if [ -z "$2" ]; then
+         (cd /etc/shellinabox/options-enabled; ln -s ../options-available/*.css .)
+      # upgrade from <= v2.14, re-enable saved options
+      elif [ -d /etc/shellinabox/options-enabled-save ]; then
+         mv /etc/shellinabox/options-enabled-save/*.css /etc/shellinabox/options-enabled
+         rm -r /etc/shellinabox/options-enabled-save
+      fi
+      # future upgrades: no-op
     ;;
 
     abort-upgrade|abort-remove|abort-deconfigure)

debian/shellinabox.postrm

@@ -18,26 +18,24 @@ set -e
 # for details, see http://www.debian.org/doc/debian-policy/ or
 # the debian-policy package
 
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+d=/var/lib/shellinabox
 
 case "$1" in
     remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
     ;;
 
     purge)
-        deluser --quiet --system --remove-home shellinabox > /dev/null || true
+        deluser  --quiet --system shellinabox > /dev/null || true
         delgroup --quiet --system shellinabox > /dev/null || true
+	[ ! -d "$d" ] || rmdir "$d" || true    # deluser can't do this for /var
+	rm -rf "/etc/shellinabox/options-enabled"
 	exit 0
     ;;
-
-    *)
-        echo "postrm called with unknown argument \`$1'" >&2
-        exit 1
-    ;;
 esac
 
-# dh_installdeb will replace this with shell code automatically
-# generated by other debhelper scripts.
-
-#DEBHELPER#
-
 exit 0

debian/shellinabox.preinst

@@ -0,0 +1,33 @@
+#!/bin/sh
+
+set -e
+
+# summary of how this script can be called:
+#        * <new-preinst> `install'
+#        * <new-preinst> `install' <old-version>
+#        * <new-preinst> `upgrade' <old-version>
+#        * <old-preinst> `abort-upgrade' <new-version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+#DEBHELPER#
+
+case "$1" in
+    upgrade)
+	# save old configuration
+	test -d /etc/shellinabox/options-enabled || exit 0
+	ls /etc/shellinabox/options-enabled/*.css > /dev/null 2>&1 || exit 0
+	if dpkg --compare-versions "$2" le "2.14-1"; then
+		mkdir -p /etc/shellinabox/options-enabled-save
+		cp -a /etc/shellinabox/options-enabled/*.css /etc/shellinabox/options-enabled-save
+	fi
+    ;;
+
+    install|abort-upgrade)
+    ;;
+
+    *)
+        echo "preinst called with unknown argument \`$1'" >&2
+        exit 1
+    ;;
+esac

debian/shellinabox.prerm

@@ -0,0 +1,37 @@
+#!/bin/sh
+# prerm script for shellinabox
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+#        * <prerm> `remove'
+#        * <old-prerm> `upgrade' <new-version>
+#        * <new-prerm> `failed-upgrade' <old-version>
+#        * <conflictor's-prerm> `remove' `in-favour' <package> <new-version>
+#        * <deconfigured's-prerm> `deconfigure' `in-favour'
+#          <package-being-installed> <version> `removing'
+#          <conflicting-package> <version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+
+case "$1" in
+    remove)
+	[ ! -f /var/lib/shellinabox/certificate.pem ] \
+	 || rm /var/lib/shellinabox/certificate.pem
+	;;
+    upgrade|deconfigure)
+        ;;
+
+    failed-upgrade)
+        ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0

debian/source/format

@@ -1 +1 @@
-3.0 (quilt)
+3.0 (native)

debian/source/options

@@ -1 +0,0 @@
-

debian/ssl-deps.c

@@ -1,8 +0,0 @@
-/* minimal program to link libcrypto */
-#include <openssl/sha.h>
-int main()
-{
-  SHA_CTX ctx;
-  SHA1_Init (&ctx);
-  return 0;
-}

debian/watch

@@ -1,2 +0,0 @@
-version=3
-https://code.google.com/p/shellinabox/downloads/detail?name=shellinabox-(.+).tar.gz

demo/demo.html

@@ -2,26 +2,27 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml" xml:lang="en" lang="en">
   <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
     <!--
     ShellInABox - Make command line applications available as AJAX web applications
     Copyright (C) 2008-2010 Markus Gutschke markus@shellinabox.com
-    
+
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License version 2 as
     published by the Free Software Foundation.
-    
+
     This program is distributed in the hope that it will be useful,
     but WITHOUT ANY WARRANTY; without even the implied warranty of
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
     GNU General Public License for more details.
-    
+
     You should have received a copy of the GNU General Public License along
     with this program; if not, write to the Free Software Foundation, Inc.,
     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-    
+
     In addition to these license terms, the author grants the following
     additional rights:
-    
+
     If you modify this program, or any covered work, by linking or
     combining it with the OpenSSL project's OpenSSL library (or a
     modified version of that library), containing parts covered by the
@@ -30,20 +31,20 @@
     Corresponding Source for a non-source form of such a combination
     shall include the source code for the parts of OpenSSL used as well
     as that of the covered work.
-    
+
     You may at your option choose to remove this additional permission from
     the work, or from any part of it.
-    
+
     It is possible to build this program in a way that it loads OpenSSL
     libraries at run-time. If doing so, the following notices are required
     by the OpenSSL and SSLeay licenses:
-    
+
     This product includes software developed by the OpenSSL Project
     for use in the OpenSSL Toolkit. (http://www.openssl.org/)
-    
+
     This product includes cryptographic software written by Eric Young
     (eay@cryptsoft.com)
-    
+
     The most up-to-date version of this program is always available from
     http://shellinabox.com
     -->

demo/demo.jspp

@@ -880,7 +880,7 @@ Demo.prototype.intrinsic = function() {
     }
     v               = arg1.val().substr(arg1.val().length - v);
     value           = new this.Value(TYPE_STRING, v, v);
-    break;   
+    break;
   case 'STR$':
     value           = new this.Value(TYPE_STRING, arg1.toString(),
                                      arg1.toString());
@@ -909,7 +909,7 @@ Demo.prototype.intrinsic = function() {
       v             = String.fromCharCode(arg1.val());
       value         = new this.Value(TYPE_STRING, v, v);
       break;
-    case 'SPC': 
+    case 'SPC':
       if (arg1.val() < 0) {
         return this.error('Range error');
       }
@@ -1183,4 +1183,3 @@ Demo.prototype.Value.prototype.val = function() {
 Demo.prototype.Value.prototype.toString = function() {
   return this.s;
 };
-

demo/demo.xml

@@ -1,4 +1,4 @@
-<?xml version="1.0" encoding="UTF-8" ?> 
+<?xml version="1.0" encoding="UTF-8" ?>
 <Module>
   <ModulePrefs title="ShellInABox Demo" />
   <Content type="url" href="http://shellinabox.googlecode.com/git/demo/demo.html" />

demo/keyboard.html

@@ -2,6 +2,7 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml" xml:lang="en" lang="en">
 <head>
+  <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
 </head>
 <body><pre class="box"><div
   ><i id="27">Esc</i><i id="112">F1</i><i id="113">F2</i><i id="114">F3</i

demo/print-styles.css

@@ -1,42 +0,0 @@
-/* Set styles used when opening the printer window */
-#print {
-  margin: 0.5ex 0px 0px 0px;
-}
-
-#options, #spacer {
-  font-family:      sans;
-  font-size:        smaller;
-  position:         fixed;
-  top:              0px;
-  left:             0px;
-  right:            0px;
-  background-color: #EEEEEE;
-  border-style:     solid;
-  border-top:       0px solid black;
-  border-left:      0px solid black;
-  border-right:     0px solid black;
-  border-bottom:    1px solid black;
-}
-
-#spacer {
-  position:   static;
-  visibility: hidden;
-}
-
-@media print {
-  body {
-    margin: 0px;
-  }
-
-  #print { 
-    margin: 0px;
-  }
-
-  #print .pagebreak {
-    page-break-before: always;
-  }
-
-  #print .pagebreak hr, #options {
-    display: none;
-  }
-}

demo/styles.css

@@ -1,233 +0,0 @@
-#vt100 a { 
-  text-decoration:      none;
-  color:                inherit;
-}
-
-#vt100 a:hover { 
-  text-decoration:      underline;
-}
-
-#vt100 #reconnect {
-  position:             absolute;
-  z-index:              2;
-}
-
-#vt100 #reconnect input { 
-  padding:              1ex;
-  font-weight:          bold;
-  font-size:            x-large;
-}
-
-#vt100 #cursize {
-  background:           #EEEEEE;
-  border:               1px solid black;
-  font-family:          sans-serif;
-  font-size:            large;
-  font-weight:          bold;
-  padding:              1ex;
-  position:             absolute;
-  z-index:              2;
-}
-
-#vt100 pre { 
-  margin:               0px;
-}
-
-#vt100 pre pre {
-  overflow:             hidden;
-}
-
-#vt100 #scrollable {
-  overflow-x:           hidden;
-  overflow-y:           scroll;
-  position:             relative;
-  padding:              1px;
-}
-
-#vt100 #console, #vt100 #alt_console, #vt100 #cursor, #vt100 #lineheight, #vt100 .hidden pre { 
-  font-family:          "DejaVu Sans Mono", "Everson Mono", FreeMono, "Andale Mono", monospace;
-}
-
-#vt100 #lineheight { 
-  position:             absolute;
-  visibility:           hidden;
-}
-
-#vt100 #cursor {
-  position:             absolute;
-  left:                 0px;
-  top:                  0px;
-  overflow:             hidden;
-  z-index:              1;
-}
-
-#vt100 #cursor.bright {
-  background-color:     black;
-  color:                white;
-}
-
-#vt100 #cursor.dim {
-  visibility:           hidden;
-}
-
-#vt100 #cursor.inactive {
-  border:               1px solid;
-  margin:               -1px;
-}
-
-#vt100 #padding { 
-  visibility:           hidden;
-  width:                1px;
-  height:               0px;
-  overflow:             hidden;
-}
-
-#vt100 .hidden {
-  position:             absolute;
-  top:                  -10000px;
-  left:                 -10000px;
-  width:                0px;
-  height:               0px;
-}
-
-#vt100 #menu { 
-  overflow:             visible;
-  position:             absolute;
-  z-index:              3;
-}
-
-#vt100 #menu .popup {
-  background-color:     #EEEEEE;
-  border:               1px solid black;
-  font-family:          sans-serif;
-  position:             absolute;
-}
-
-#vt100 #menu .popup ul { 
-  list-style-type:      none;
-  padding:              0px;
-  margin:               0px;
-  min-width:            10em;
-}
-
-#vt100 #menu .popup li { 
-  padding:              3px 0.5ex 3px 0.5ex;
-}
-
-#vt100 #menu .popup li.hover {
-  background-color:     #444444;
-  color:                white;
-}
-
-#vt100 #menu .popup li.disabled {
-  color:                #AAAAAA;
-}
-
-#vt100 #menu .popup hr { 
-  margin:               0.5ex 0px 0.5ex 0px;
-}
-
-#vt100 #menu img { 
-  margin-right:         0.5ex;
-  width:                1ex;
-  height:               1ex;
-}
-
-#vt100 #scrollable.inverted { color:            #ffffff;
-                              background-color: #000000; }
-
-#vt100 #kbd_button { 
-  float:                left;
-  position:             fixed;
-  z-index:              0;
-  visibility:           hidden;
-}
-
-#vt100 #keyboard {
-  z-index:              3;
-  position:             absolute;
-}
-
-#vt100 #keyboard .box {
-  font-family:          sans-serif;
-  background-color:     #cccccc;
-  padding:              .8em;
-  float:                left;
-  position:             absolute;
-  border-radius:        10px;
-  -moz-border-radius:   10px;
-  box-shadow:           4px 4px 6px #222222;
-  -webkit-box-shadow:   4px 4px 6px #222222;
-  /* Don't set the -moz-box-shadow. It doesn't properly scale when CSS
-   * transforms are in effect. Once Firefox supports box-shadow, it should
-   * automatically do the right thing. Until then, leave shadows disabled
-   * for Firefox.
-   */
-  opacity:              0.85;
-  -moz-opacity:         0.85;
-  filter:               alpha(opacity=85);
-}
-
-#vt100 #keyboard .box * {
-  vertical-align:       top;
-  display:              inline-block;
-}
-
-#vt100 #keyboard b, #vt100 #keyboard i, #vt100 #keyboard s, #vt100 #keyboard u {
-  font-style:           normal;
-  font-weight:          bold;
-  border-radius:        5px;
-  -moz-border-radius:   5px;
-  background-color:     #555555;
-  color:                #eeeeee;
-  box-shadow:           2px 2px 3px #222222;
-  -webkit-box-shadow:   2px 2px 3px #222222;
-  padding:              4px;
-  margin:               2px;
-  height:               2ex;
-  display:              inline-block;
-  text-align:           center;
-  text-decoration:      none;
-}
-
-#vt100 #keyboard b, #vt100 #keyboard s {
-  width:                2ex;
-}
-
-#vt100 #keyboard u, #vt100 #keyboard s {
-  visibility:           hidden;
-}
-
-#vt100 #keyboard .shifted { 
-  display:              none;
-}
-
-#vt100 #keyboard .selected {
-  color:                #888888;
-  background-color:     #eeeeee;
-  box-shadow:           0px 0px 3px #222222;
-  -webkit-box-shadow:   0px 0px 3px #222222;
-  position:             relative;
-  top:                  1px;
-  left:                 1px;
-}
-
-
-@media print {
-  #vt100 .scrollback {
-    display:            none;
-  }
-
-  #vt100 #reconnect, #vt100 #cursor, #vt100 #menu, #vt100 #kbd_button, #vt100 #keyboard { 
-    visibility:         hidden;
-  }
-
-  #vt100 #scrollable { 
-    overflow:           hidden;
-  }
-
-  #vt100 #console, #vt100 #alt_console { 
-    overflow:           hidden;
-    width:              1000000ex;
-  }
-}

demo/usercss-0.css

@@ -1,22 +0,0 @@
-#vt100 #cursor.bright {
-  background-color: white;
-  color:            black;
-}
-
-#vt100 #scrollable {
-  color:            #ffffff;
-  background-color: #000000;
-}
-
-#vt100 #scrollable.inverted {
-  color:            #000000;
-  background-color: #ffffff;
-}
-
-#vt100 .ansi15 {
-  color:            #000000;
-}
-
-#vt100 .bgAnsi0 {
-  background-color: #ffffff;
-}

demo/usercss-2.css

@@ -1,29 +0,0 @@
-#vt100 .ansi1    { color:            inherit; }
-#vt100 .ansi2    { color:            inherit; }
-#vt100 .ansi3    { color:            inherit; }
-#vt100 .ansi4    { color:            inherit; }
-#vt100 .ansi5    { color:            inherit; }
-#vt100 .ansi6    { color:            inherit; }
-#vt100 .ansi7    { color:            inherit; }
-#vt100 .ansi8    { color:            inherit; }
-#vt100 .ansi9    { color:            inherit; }
-#vt100 .ansi10   { color:            inherit; }
-#vt100 .ansi11   { color:            inherit; }
-#vt100 .ansi12   { color:            inherit; }
-#vt100 .ansi13   { color:            inherit; }
-#vt100 .ansi14   { color:            inherit; }
-
-#vt100 .bgAnsi1  { background-color: transparent; }
-#vt100 .bgAnsi2  { background-color: transparent; }
-#vt100 .bgAnsi3  { background-color: transparent; }
-#vt100 .bgAnsi4  { background-color: transparent; }
-#vt100 .bgAnsi5  { background-color: transparent; }
-#vt100 .bgAnsi6  { background-color: transparent; }
-#vt100 .bgAnsi7  { background-color: transparent; }
-#vt100 .bgAnsi8  { background-color: transparent; }
-#vt100 .bgAnsi9  { background-color: transparent; }
-#vt100 .bgAnsi10 { background-color: transparent; }
-#vt100 .bgAnsi11 { background-color: transparent; }
-#vt100 .bgAnsi12 { background-color: transparent; }
-#vt100 .bgAnsi13 { background-color: transparent; }
-#vt100 .bgAnsi14 { background-color: transparent; }

demo/usercss-3.css

@@ -1,34 +0,0 @@
-/* DEFINES_COLORS */
-#vt100 .ansi0               {                            }
-#vt100 .ansi1               { color:            #cd0000; }
-#vt100 .ansi2               { color:            #00cd00; }
-#vt100 .ansi3               { color:            #cdcd00; }
-#vt100 .ansi4               { color:            #0000ee; }
-#vt100 .ansi5               { color:            #cd00cd; }
-#vt100 .ansi6               { color:            #00cdcd; }
-#vt100 .ansi7               { color:            #e5e5e5; }
-#vt100 .ansi8               { color:            #7f7f7f; }
-#vt100 .ansi9               { color:            #ff0000; }
-#vt100 .ansi10              { color:            #00ff00; }
-#vt100 .ansi11              { color:            #e8e800; }
-#vt100 .ansi12              { color:            #5c5cff; }
-#vt100 .ansi13              { color:            #ff00ff; }
-#vt100 .ansi14              { color:            #00ffff; }
-#vt100 .ansi15              { color:            #ffffff; }
-
-#vt100 .bgAnsi0             { background-color: #000000; }
-#vt100 .bgAnsi1             { background-color: #cd0000; }
-#vt100 .bgAnsi2             { background-color: #00cd00; }
-#vt100 .bgAnsi3             { background-color: #cdcd00; }
-#vt100 .bgAnsi4             { background-color: #0000ee; }
-#vt100 .bgAnsi5             { background-color: #cd00cd; }
-#vt100 .bgAnsi6             { background-color: #00cdcd; }
-#vt100 .bgAnsi7             { background-color: #e5e5e5; }
-#vt100 .bgAnsi8             { background-color: #7f7f7f; }
-#vt100 .bgAnsi9             { background-color: #ff0000; }
-#vt100 .bgAnsi10            { background-color: #00ff00; }
-#vt100 .bgAnsi11            { background-color: #e8e800; }
-#vt100 .bgAnsi12            { background-color: #5c5cff; }
-#vt100 .bgAnsi13            { background-color: #ff00ff; }
-#vt100 .bgAnsi14            { background-color: #00ffff; }
-#vt100 .bgAnsi15            {                            }

depcomp

@@ -1,589 +0,0 @@
-#! /bin/sh
-# depcomp - compile a program generating dependencies as side-effects
-
-scriptversion=2007-03-29.01
-
-# Copyright (C) 1999, 2000, 2003, 2004, 2005, 2006, 2007 Free Software
-# Foundation, Inc.
-
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2, or (at your option)
-# any later version.
-
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-# 02110-1301, USA.
-
-# As a special exception to the GNU General Public License, if you
-# distribute this file as part of a program that contains a
-# configuration script generated by Autoconf, you may include it under
-# the same distribution terms that you use for the rest of that program.
-
-# Originally written by Alexandre Oliva <oliva@dcc.unicamp.br>.
-
-case $1 in
-  '')
-     echo "$0: No command.  Try \`$0 --help' for more information." 1>&2
-     exit 1;
-     ;;
-  -h | --h*)
-    cat <<\EOF
-Usage: depcomp [--help] [--version] PROGRAM [ARGS]
-
-Run PROGRAMS ARGS to compile a file, generating dependencies
-as side-effects.
-
-Environment variables:
-  depmode     Dependency tracking mode.
-  source      Source file read by `PROGRAMS ARGS'.
-  object      Object file output by `PROGRAMS ARGS'.
-  DEPDIR      directory where to store dependencies.
-  depfile     Dependency file to output.
-  tmpdepfile  Temporary file to use when outputing dependencies.
-  libtool     Whether libtool is used (yes/no).
-
-Report bugs to <bug-automake@gnu.org>.
-EOF
-    exit $?
-    ;;
-  -v | --v*)
-    echo "depcomp $scriptversion"
-    exit $?
-    ;;
-esac
-
-if test -z "$depmode" || test -z "$source" || test -z "$object"; then
-  echo "depcomp: Variables source, object and depmode must be set" 1>&2
-  exit 1
-fi
-
-# Dependencies for sub/bar.o or sub/bar.obj go into sub/.deps/bar.Po.
-depfile=${depfile-`echo "$object" |
-  sed 's|[^\\/]*$|'${DEPDIR-.deps}'/&|;s|\.\([^.]*\)$|.P\1|;s|Pobj$|Po|'`}
-tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`}
-
-rm -f "$tmpdepfile"
-
-# Some modes work just like other modes, but use different flags.  We
-# parameterize here, but still list the modes in the big case below,
-# to make depend.m4 easier to write.  Note that we *cannot* use a case
-# here, because this file can only contain one case statement.
-if test "$depmode" = hp; then
-  # HP compiler uses -M and no extra arg.
-  gccflag=-M
-  depmode=gcc
-fi
-
-if test "$depmode" = dashXmstdout; then
-   # This is just like dashmstdout with a different argument.
-   dashmflag=-xM
-   depmode=dashmstdout
-fi
-
-case "$depmode" in
-gcc3)
-## gcc 3 implements dependency tracking that does exactly what
-## we want.  Yay!  Note: for some reason libtool 1.4 doesn't like
-## it if -MD -MP comes after the -MF stuff.  Hmm.
-## Unfortunately, FreeBSD c89 acceptance of flags depends upon
-## the command line argument order; so add the flags where they
-## appear in depend2.am.  Note that the slowdown incurred here
-## affects only configure: in makefiles, %FASTDEP% shortcuts this.
-  for arg
-  do
-    case $arg in
-    -c) set fnord "$@" -MT "$object" -MD -MP -MF "$tmpdepfile" "$arg" ;;
-    *)  set fnord "$@" "$arg" ;;
-    esac
-    shift # fnord
-    shift # $arg
-  done
-  "$@"
-  stat=$?
-  if test $stat -eq 0; then :
-  else
-    rm -f "$tmpdepfile"
-    exit $stat
-  fi
-  mv "$tmpdepfile" "$depfile"
-  ;;
-
-gcc)
-## There are various ways to get dependency output from gcc.  Here's
-## why we pick this rather obscure method:
-## - Don't want to use -MD because we'd like the dependencies to end
-##   up in a subdir.  Having to rename by hand is ugly.
-##   (We might end up doing this anyway to support other compilers.)
-## - The DEPENDENCIES_OUTPUT environment variable makes gcc act like
-##   -MM, not -M (despite what the docs say).
-## - Using -M directly means running the compiler twice (even worse
-##   than renaming).
-  if test -z "$gccflag"; then
-    gccflag=-MD,
-  fi
-  "$@" -Wp,"$gccflag$tmpdepfile"
-  stat=$?
-  if test $stat -eq 0; then :
-  else
-    rm -f "$tmpdepfile"
-    exit $stat
-  fi
-  rm -f "$depfile"
-  echo "$object : \\" > "$depfile"
-  alpha=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
-## The second -e expression handles DOS-style file names with drive letters.
-  sed -e 's/^[^:]*: / /' \
-      -e 's/^['$alpha']:\/[^:]*: / /' < "$tmpdepfile" >> "$depfile"
-## This next piece of magic avoids the `deleted header file' problem.
-## The problem is that when a header file which appears in a .P file
-## is deleted, the dependency causes make to die (because there is
-## typically no way to rebuild the header).  We avoid this by adding
-## dummy dependencies for each header file.  Too bad gcc doesn't do
-## this for us directly.
-  tr ' ' '
-' < "$tmpdepfile" |
-## Some versions of gcc put a space before the `:'.  On the theory
-## that the space means something, we add a space to the output as
-## well.
-## Some versions of the HPUX 10.20 sed can't process this invocation
-## correctly.  Breaking it into two sed invocations is a workaround.
-    sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile"
-  rm -f "$tmpdepfile"
-  ;;
-
-hp)
-  # This case exists only to let depend.m4 do its work.  It works by
-  # looking at the text of this script.  This case will never be run,
-  # since it is checked for above.
-  exit 1
-  ;;
-
-sgi)
-  if test "$libtool" = yes; then
-    "$@" "-Wp,-MDupdate,$tmpdepfile"
-  else
-    "$@" -MDupdate "$tmpdepfile"
-  fi
-  stat=$?
-  if test $stat -eq 0; then :
-  else
-    rm -f "$tmpdepfile"
-    exit $stat
-  fi
-  rm -f "$depfile"
-
-  if test -f "$tmpdepfile"; then  # yes, the sourcefile depend on other files
-    echo "$object : \\" > "$depfile"
-
-    # Clip off the initial element (the dependent).  Don't try to be
-    # clever and replace this with sed code, as IRIX sed won't handle
-    # lines with more than a fixed number of characters (4096 in
-    # IRIX 6.2 sed, 8192 in IRIX 6.5).  We also remove comment lines;
-    # the IRIX cc adds comments like `#:fec' to the end of the
-    # dependency line.
-    tr ' ' '
-' < "$tmpdepfile" \
-    | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' | \
-    tr '
-' ' ' >> $depfile
-    echo >> $depfile
-
-    # The second pass generates a dummy entry for each header file.
-    tr ' ' '
-' < "$tmpdepfile" \
-   | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \
-   >> $depfile
-  else
-    # The sourcefile does not contain any dependencies, so just
-    # store a dummy comment line, to avoid errors with the Makefile
-    # "include basename.Plo" scheme.
-    echo "#dummy" > "$depfile"
-  fi
-  rm -f "$tmpdepfile"
-  ;;
-
-aix)
-  # The C for AIX Compiler uses -M and outputs the dependencies
-  # in a .u file.  In older versions, this file always lives in the
-  # current directory.  Also, the AIX compiler puts `$object:' at the
-  # start of each line; $object doesn't have directory information.
-  # Version 6 uses the directory in both cases.
-  dir=`echo "$object" | sed -e 's|/[^/]*$|/|'`
-  test "x$dir" = "x$object" && dir=
-  base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'`
-  if test "$libtool" = yes; then
-    tmpdepfile1=$dir$base.u
-    tmpdepfile2=$base.u
-    tmpdepfile3=$dir.libs/$base.u
-    "$@" -Wc,-M
-  else
-    tmpdepfile1=$dir$base.u
-    tmpdepfile2=$dir$base.u
-    tmpdepfile3=$dir$base.u
-    "$@" -M
-  fi
-  stat=$?
-
-  if test $stat -eq 0; then :
-  else
-    rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
-    exit $stat
-  fi
-
-  for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
-  do
-    test -f "$tmpdepfile" && break
-  done
-  if test -f "$tmpdepfile"; then
-    # Each line is of the form `foo.o: dependent.h'.
-    # Do two passes, one to just change these to
-    # `$object: dependent.h' and one to simply `dependent.h:'.
-    sed -e "s,^.*\.[a-z]*:,$object:," < "$tmpdepfile" > "$depfile"
-    # That's a tab and a space in the [].
-    sed -e 's,^.*\.[a-z]*:[	 ]*,,' -e 's,$,:,' < "$tmpdepfile" >> "$depfile"
-  else
-    # The sourcefile does not contain any dependencies, so just
-    # store a dummy comment line, to avoid errors with the Makefile
-    # "include basename.Plo" scheme.
-    echo "#dummy" > "$depfile"
-  fi
-  rm -f "$tmpdepfile"
-  ;;
-
-icc)
-  # Intel's C compiler understands `-MD -MF file'.  However on
-  #    icc -MD -MF foo.d -c -o sub/foo.o sub/foo.c
-  # ICC 7.0 will fill foo.d with something like
-  #    foo.o: sub/foo.c
-  #    foo.o: sub/foo.h
-  # which is wrong.  We want:
-  #    sub/foo.o: sub/foo.c
-  #    sub/foo.o: sub/foo.h
-  #    sub/foo.c:
-  #    sub/foo.h:
-  # ICC 7.1 will output
-  #    foo.o: sub/foo.c sub/foo.h
-  # and will wrap long lines using \ :
-  #    foo.o: sub/foo.c ... \
-  #     sub/foo.h ... \
-  #     ...
-
-  "$@" -MD -MF "$tmpdepfile"
-  stat=$?
-  if test $stat -eq 0; then :
-  else
-    rm -f "$tmpdepfile"
-    exit $stat
-  fi
-  rm -f "$depfile"
-  # Each line is of the form `foo.o: dependent.h',
-  # or `foo.o: dep1.h dep2.h \', or ` dep3.h dep4.h \'.
-  # Do two passes, one to just change these to
-  # `$object: dependent.h' and one to simply `dependent.h:'.
-  sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile"
-  # Some versions of the HPUX 10.20 sed can't process this invocation
-  # correctly.  Breaking it into two sed invocations is a workaround.
-  sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" |
-    sed -e 's/$/ :/' >> "$depfile"
-  rm -f "$tmpdepfile"
-  ;;
-
-hp2)
-  # The "hp" stanza above does not work with aCC (C++) and HP's ia64
-  # compilers, which have integrated preprocessors.  The correct option
-  # to use with these is +Maked; it writes dependencies to a file named
-  # 'foo.d', which lands next to the object file, wherever that
-  # happens to be.
-  # Much of this is similar to the tru64 case; see comments there.
-  dir=`echo "$object" | sed -e 's|/[^/]*$|/|'`
-  test "x$dir" = "x$object" && dir=
-  base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'`
-  if test "$libtool" = yes; then
-    tmpdepfile1=$dir$base.d
-    tmpdepfile2=$dir.libs/$base.d
-    "$@" -Wc,+Maked
-  else
-    tmpdepfile1=$dir$base.d
-    tmpdepfile2=$dir$base.d
-    "$@" +Maked
-  fi
-  stat=$?
-  if test $stat -eq 0; then :
-  else
-     rm -f "$tmpdepfile1" "$tmpdepfile2"
-     exit $stat
-  fi
-
-  for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2"
-  do
-    test -f "$tmpdepfile" && break
-  done
-  if test -f "$tmpdepfile"; then
-    sed -e "s,^.*\.[a-z]*:,$object:," "$tmpdepfile" > "$depfile"
-    # Add `dependent.h:' lines.
-    sed -ne '2,${; s/^ *//; s/ \\*$//; s/$/:/; p;}' "$tmpdepfile" >> "$depfile"
-  else
-    echo "#dummy" > "$depfile"
-  fi
-  rm -f "$tmpdepfile" "$tmpdepfile2"
-  ;;
-
-tru64)
-   # The Tru64 compiler uses -MD to generate dependencies as a side
-   # effect.  `cc -MD -o foo.o ...' puts the dependencies into `foo.o.d'.
-   # At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put
-   # dependencies in `foo.d' instead, so we check for that too.
-   # Subdirectories are respected.
-   dir=`echo "$object" | sed -e 's|/[^/]*$|/|'`
-   test "x$dir" = "x$object" && dir=
-   base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'`
-
-   if test "$libtool" = yes; then
-      # With Tru64 cc, shared objects can also be used to make a
-      # static library.  This mechanism is used in libtool 1.4 series to
-      # handle both shared and static libraries in a single compilation.
-      # With libtool 1.4, dependencies were output in $dir.libs/$base.lo.d.
-      #
-      # With libtool 1.5 this exception was removed, and libtool now
-      # generates 2 separate objects for the 2 libraries.  These two
-      # compilations output dependencies in $dir.libs/$base.o.d and
-      # in $dir$base.o.d.  We have to check for both files, because
-      # one of the two compilations can be disabled.  We should prefer
-      # $dir$base.o.d over $dir.libs/$base.o.d because the latter is
-      # automatically cleaned when .libs/ is deleted, while ignoring
-      # the former would cause a distcleancheck panic.
-      tmpdepfile1=$dir.libs/$base.lo.d   # libtool 1.4
-      tmpdepfile2=$dir$base.o.d          # libtool 1.5
-      tmpdepfile3=$dir.libs/$base.o.d    # libtool 1.5
-      tmpdepfile4=$dir.libs/$base.d      # Compaq CCC V6.2-504
-      "$@" -Wc,-MD
-   else
-      tmpdepfile1=$dir$base.o.d
-      tmpdepfile2=$dir$base.d
-      tmpdepfile3=$dir$base.d
-      tmpdepfile4=$dir$base.d
-      "$@" -MD
-   fi
-
-   stat=$?
-   if test $stat -eq 0; then :
-   else
-      rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4"
-      exit $stat
-   fi
-
-   for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4"
-   do
-     test -f "$tmpdepfile" && break
-   done
-   if test -f "$tmpdepfile"; then
-      sed -e "s,^.*\.[a-z]*:,$object:," < "$tmpdepfile" > "$depfile"
-      # That's a tab and a space in the [].
-      sed -e 's,^.*\.[a-z]*:[	 ]*,,' -e 's,$,:,' < "$tmpdepfile" >> "$depfile"
-   else
-      echo "#dummy" > "$depfile"
-   fi
-   rm -f "$tmpdepfile"
-   ;;
-
-#nosideeffect)
-  # This comment above is used by automake to tell side-effect
-  # dependency tracking mechanisms from slower ones.
-
-dashmstdout)
-  # Important note: in order to support this mode, a compiler *must*
-  # always write the preprocessed file to stdout, regardless of -o.
-  "$@" || exit $?
-
-  # Remove the call to Libtool.
-  if test "$libtool" = yes; then
-    while test $1 != '--mode=compile'; do
-      shift
-    done
-    shift
-  fi
-
-  # Remove `-o $object'.
-  IFS=" "
-  for arg
-  do
-    case $arg in
-    -o)
-      shift
-      ;;
-    $object)
-      shift
-      ;;
-    *)
-      set fnord "$@" "$arg"
-      shift # fnord
-      shift # $arg
-      ;;
-    esac
-  done
-
-  test -z "$dashmflag" && dashmflag=-M
-  # Require at least two characters before searching for `:'
-  # in the target name.  This is to cope with DOS-style filenames:
-  # a dependency such as `c:/foo/bar' could be seen as target `c' otherwise.
-  "$@" $dashmflag |
-    sed 's:^[  ]*[^: ][^:][^:]*\:[    ]*:'"$object"'\: :' > "$tmpdepfile"
-  rm -f "$depfile"
-  cat < "$tmpdepfile" > "$depfile"
-  tr ' ' '
-' < "$tmpdepfile" | \
-## Some versions of the HPUX 10.20 sed can't process this invocation
-## correctly.  Breaking it into two sed invocations is a workaround.
-    sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile"
-  rm -f "$tmpdepfile"
-  ;;
-
-dashXmstdout)
-  # This case only exists to satisfy depend.m4.  It is never actually
-  # run, as this mode is specially recognized in the preamble.
-  exit 1
-  ;;
-
-makedepend)
-  "$@" || exit $?
-  # Remove any Libtool call
-  if test "$libtool" = yes; then
-    while test $1 != '--mode=compile'; do
-      shift
-    done
-    shift
-  fi
-  # X makedepend
-  shift
-  cleared=no
-  for arg in "$@"; do
-    case $cleared in
-    no)
-      set ""; shift
-      cleared=yes ;;
-    esac
-    case "$arg" in
-    -D*|-I*)
-      set fnord "$@" "$arg"; shift ;;
-    # Strip any option that makedepend may not understand.  Remove
-    # the object too, otherwise makedepend will parse it as a source file.
-    -*|$object)
-      ;;
-    *)
-      set fnord "$@" "$arg"; shift ;;
-    esac
-  done
-  obj_suffix="`echo $object | sed 's/^.*\././'`"
-  touch "$tmpdepfile"
-  ${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@"
-  rm -f "$depfile"
-  cat < "$tmpdepfile" > "$depfile"
-  sed '1,2d' "$tmpdepfile" | tr ' ' '
-' | \
-## Some versions of the HPUX 10.20 sed can't process this invocation
-## correctly.  Breaking it into two sed invocations is a workaround.
-    sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile"
-  rm -f "$tmpdepfile" "$tmpdepfile".bak
-  ;;
-
-cpp)
-  # Important note: in order to support this mode, a compiler *must*
-  # always write the preprocessed file to stdout.
-  "$@" || exit $?
-
-  # Remove the call to Libtool.
-  if test "$libtool" = yes; then
-    while test $1 != '--mode=compile'; do
-      shift
-    done
-    shift
-  fi
-
-  # Remove `-o $object'.
-  IFS=" "
-  for arg
-  do
-    case $arg in
-    -o)
-      shift
-      ;;
-    $object)
-      shift
-      ;;
-    *)
-      set fnord "$@" "$arg"
-      shift # fnord
-      shift # $arg
-      ;;
-    esac
-  done
-
-  "$@" -E |
-    sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \
-       -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' |
-    sed '$ s: \\$::' > "$tmpdepfile"
-  rm -f "$depfile"
-  echo "$object : \\" > "$depfile"
-  cat < "$tmpdepfile" >> "$depfile"
-  sed < "$tmpdepfile" '/^$/d;s/^ //;s/ \\$//;s/$/ :/' >> "$depfile"
-  rm -f "$tmpdepfile"
-  ;;
-
-msvisualcpp)
-  # Important note: in order to support this mode, a compiler *must*
-  # always write the preprocessed file to stdout, regardless of -o,
-  # because we must use -o when running libtool.
-  "$@" || exit $?
-  IFS=" "
-  for arg
-  do
-    case "$arg" in
-    "-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI")
-	set fnord "$@"
-	shift
-	shift
-	;;
-    *)
-	set fnord "$@" "$arg"
-	shift
-	shift
-	;;
-    esac
-  done
-  "$@" -E |
-  sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::echo "`cygpath -u \\"\1\\"`":p' | sort | uniq > "$tmpdepfile"
-  rm -f "$depfile"
-  echo "$object : \\" > "$depfile"
-  . "$tmpdepfile" | sed 's% %\\ %g' | sed -n '/^\(.*\)$/ s::	\1 \\:p' >> "$depfile"
-  echo "	" >> "$depfile"
-  . "$tmpdepfile" | sed 's% %\\ %g' | sed -n '/^\(.*\)$/ s::\1\::p' >> "$depfile"
-  rm -f "$tmpdepfile"
-  ;;
-
-none)
-  exec "$@"
-  ;;
-
-*)
-  echo "Unknown depmode $depmode" 1>&2
-  exit 1
-  ;;
-esac
-
-exit 0
-
-# Local Variables:
-# mode: shell-script
-# sh-indentation: 2
-# eval: (add-hook 'write-file-hooks 'time-stamp)
-# time-stamp-start: "scriptversion="
-# time-stamp-format: "%:y-%02m-%02d.%02H"
-# time-stamp-end: "$"
-# End:

install-sh

@@ -1,519 +0,0 @@
-#!/bin/sh
-# install - install a program, script, or datafile
-
-scriptversion=2006-12-25.00
-
-# This originates from X11R5 (mit/util/scripts/install.sh), which was
-# later released in X11R6 (xc/config/util/install.sh) with the
-# following copyright and license.
-#
-# Copyright (C) 1994 X Consortium
-#
-# Permission is hereby granted, free of charge, to any person obtaining a copy
-# of this software and associated documentation files (the "Software"), to
-# deal in the Software without restriction, including without limitation the
-# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
-# sell copies of the Software, and to permit persons to whom the Software is
-# furnished to do so, subject to the following conditions:
-#
-# The above copyright notice and this permission notice shall be included in
-# all copies or substantial portions of the Software.
-#
-# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
-# X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
-# AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC-
-# TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-#
-# Except as contained in this notice, the name of the X Consortium shall not
-# be used in advertising or otherwise to promote the sale, use or other deal-
-# ings in this Software without prior written authorization from the X Consor-
-# tium.
-#
-#
-# FSF changes to this file are in the public domain.
-#
-# Calling this script install-sh is preferred over install.sh, to prevent
-# `make' implicit rules from creating a file called install from it
-# when there is no Makefile.
-#
-# This script is compatible with the BSD install script, but was written
-# from scratch.
-
-nl='
-'
-IFS=" ""	$nl"
-
-# set DOITPROG to echo to test this script
-
-# Don't use :- since 4.3BSD and earlier shells don't like it.
-doit=${DOITPROG-}
-if test -z "$doit"; then
-  doit_exec=exec
-else
-  doit_exec=$doit
-fi
-
-# Put in absolute file names if you don't have them in your path;
-# or use environment vars.
-
-chgrpprog=${CHGRPPROG-chgrp}
-chmodprog=${CHMODPROG-chmod}
-chownprog=${CHOWNPROG-chown}
-cmpprog=${CMPPROG-cmp}
-cpprog=${CPPROG-cp}
-mkdirprog=${MKDIRPROG-mkdir}
-mvprog=${MVPROG-mv}
-rmprog=${RMPROG-rm}
-stripprog=${STRIPPROG-strip}
-
-posix_glob='?'
-initialize_posix_glob='
-  test "$posix_glob" != "?" || {
-    if (set -f) 2>/dev/null; then
-      posix_glob=
-    else
-      posix_glob=:
-    fi
-  }
-'
-
-posix_mkdir=
-
-# Desired mode of installed file.
-mode=0755
-
-chgrpcmd=
-chmodcmd=$chmodprog
-chowncmd=
-mvcmd=$mvprog
-rmcmd="$rmprog -f"
-stripcmd=
-
-src=
-dst=
-dir_arg=
-dst_arg=
-
-copy_on_change=false
-no_target_directory=
-
-usage="\
-Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE
-   or: $0 [OPTION]... SRCFILES... DIRECTORY
-   or: $0 [OPTION]... -t DIRECTORY SRCFILES...
-   or: $0 [OPTION]... -d DIRECTORIES...
-
-In the 1st form, copy SRCFILE to DSTFILE.
-In the 2nd and 3rd, copy all SRCFILES to DIRECTORY.
-In the 4th, create DIRECTORIES.
-
-Options:
-     --help     display this help and exit.
-     --version  display version info and exit.
-
-  -c            (ignored)
-  -C            install only if different (preserve the last data modification time)
-  -d            create directories instead of installing files.
-  -g GROUP      $chgrpprog installed files to GROUP.
-  -m MODE       $chmodprog installed files to MODE.
-  -o USER       $chownprog installed files to USER.
-  -s            $stripprog installed files.
-  -t DIRECTORY  install into DIRECTORY.
-  -T            report an error if DSTFILE is a directory.
-
-Environment variables override the default commands:
-  CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG
-  RMPROG STRIPPROG
-"
-
-while test $# -ne 0; do
-  case $1 in
-    -c) ;;
-
-    -C) copy_on_change=true;;
-
-    -d) dir_arg=true;;
-
-    -g) chgrpcmd="$chgrpprog $2"
-	shift;;
-
-    --help) echo "$usage"; exit $?;;
-
-    -m) mode=$2
-	case $mode in
-	  *' '* | *'	'* | *'
-'*	  | *'*'* | *'?'* | *'['*)
-	    echo "$0: invalid mode: $mode" >&2
-	    exit 1;;
-	esac
-	shift;;
-
-    -o) chowncmd="$chownprog $2"
-	shift;;
-
-    -s) stripcmd=$stripprog;;
-
-    -t) dst_arg=$2
-	shift;;
-
-    -T) no_target_directory=true;;
-
-    --version) echo "$0 $scriptversion"; exit $?;;
-
-    --)	shift
-	break;;
-
-    -*)	echo "$0: invalid option: $1" >&2
-	exit 1;;
-
-    *)  break;;
-  esac
-  shift
-done
-
-if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then
-  # When -d is used, all remaining arguments are directories to create.
-  # When -t is used, the destination is already specified.
-  # Otherwise, the last argument is the destination.  Remove it from $@.
-  for arg
-  do
-    if test -n "$dst_arg"; then
-      # $@ is not empty: it contains at least $arg.
-      set fnord "$@" "$dst_arg"
-      shift # fnord
-    fi
-    shift # arg
-    dst_arg=$arg
-  done
-fi
-
-if test $# -eq 0; then
-  if test -z "$dir_arg"; then
-    echo "$0: no input file specified." >&2
-    exit 1
-  fi
-  # It's OK to call `install-sh -d' without argument.
-  # This can happen when creating conditional directories.
-  exit 0
-fi
-
-if test -z "$dir_arg"; then
-  trap '(exit $?); exit' 1 2 13 15
-
-  # Set umask so as not to create temps with too-generous modes.
-  # However, 'strip' requires both read and write access to temps.
-  case $mode in
-    # Optimize common cases.
-    *644) cp_umask=133;;
-    *755) cp_umask=22;;
-
-    *[0-7])
-      if test -z "$stripcmd"; then
-	u_plus_rw=
-      else
-	u_plus_rw='% 200'
-      fi
-      cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;;
-    *)
-      if test -z "$stripcmd"; then
-	u_plus_rw=
-      else
-	u_plus_rw=,u+rw
-      fi
-      cp_umask=$mode$u_plus_rw;;
-  esac
-fi
-
-for src
-do
-  # Protect names starting with `-'.
-  case $src in
-    -*) src=./$src;;
-  esac
-
-  if test -n "$dir_arg"; then
-    dst=$src
-    dstdir=$dst
-    test -d "$dstdir"
-    dstdir_status=$?
-  else
-
-    # Waiting for this to be detected by the "$cpprog $src $dsttmp" command
-    # might cause directories to be created, which would be especially bad
-    # if $src (and thus $dsttmp) contains '*'.
-    if test ! -f "$src" && test ! -d "$src"; then
-      echo "$0: $src does not exist." >&2
-      exit 1
-    fi
-
-    if test -z "$dst_arg"; then
-      echo "$0: no destination specified." >&2
-      exit 1
-    fi
-
-    dst=$dst_arg
-    # Protect names starting with `-'.
-    case $dst in
-      -*) dst=./$dst;;
-    esac
-
-    # If destination is a directory, append the input filename; won't work
-    # if double slashes aren't ignored.
-    if test -d "$dst"; then
-      if test -n "$no_target_directory"; then
-	echo "$0: $dst_arg: Is a directory" >&2
-	exit 1
-      fi
-      dstdir=$dst
-      dst=$dstdir/`basename "$src"`
-      dstdir_status=0
-    else
-      # Prefer dirname, but fall back on a substitute if dirname fails.
-      dstdir=`
-	(dirname "$dst") 2>/dev/null ||
-	expr X"$dst" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
-	     X"$dst" : 'X\(//\)[^/]' \| \
-	     X"$dst" : 'X\(//\)$' \| \
-	     X"$dst" : 'X\(/\)' \| . 2>/dev/null ||
-	echo X"$dst" |
-	    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
-		   s//\1/
-		   q
-		 }
-		 /^X\(\/\/\)[^/].*/{
-		   s//\1/
-		   q
-		 }
-		 /^X\(\/\/\)$/{
-		   s//\1/
-		   q
-		 }
-		 /^X\(\/\).*/{
-		   s//\1/
-		   q
-		 }
-		 s/.*/./; q'
-      `
-
-      test -d "$dstdir"
-      dstdir_status=$?
-    fi
-  fi
-
-  obsolete_mkdir_used=false
-
-  if test $dstdir_status != 0; then
-    case $posix_mkdir in
-      '')
-	# Create intermediate dirs using mode 755 as modified by the umask.
-	# This is like FreeBSD 'install' as of 1997-10-28.
-	umask=`umask`
-	case $stripcmd.$umask in
-	  # Optimize common cases.
-	  *[2367][2367]) mkdir_umask=$umask;;
-	  .*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;;
-
-	  *[0-7])
-	    mkdir_umask=`expr $umask + 22 \
-	      - $umask % 100 % 40 + $umask % 20 \
-	      - $umask % 10 % 4 + $umask % 2
-	    `;;
-	  *) mkdir_umask=$umask,go-w;;
-	esac
-
-	# With -d, create the new directory with the user-specified mode.
-	# Otherwise, rely on $mkdir_umask.
-	if test -n "$dir_arg"; then
-	  mkdir_mode=-m$mode
-	else
-	  mkdir_mode=
-	fi
-
-	posix_mkdir=false
-	case $umask in
-	  *[123567][0-7][0-7])
-	    # POSIX mkdir -p sets u+wx bits regardless of umask, which
-	    # is incompatible with FreeBSD 'install' when (umask & 300) != 0.
-	    ;;
-	  *)
-	    tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$
-	    trap 'ret=$?; rmdir "$tmpdir/d" "$tmpdir" 2>/dev/null; exit $ret' 0
-
-	    if (umask $mkdir_umask &&
-		exec $mkdirprog $mkdir_mode -p -- "$tmpdir/d") >/dev/null 2>&1
-	    then
-	      if test -z "$dir_arg" || {
-		   # Check for POSIX incompatibilities with -m.
-		   # HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or
-		   # other-writeable bit of parent directory when it shouldn't.
-		   # FreeBSD 6.1 mkdir -m -p sets mode of existing directory.
-		   ls_ld_tmpdir=`ls -ld "$tmpdir"`
-		   case $ls_ld_tmpdir in
-		     d????-?r-*) different_mode=700;;
-		     d????-?--*) different_mode=755;;
-		     *) false;;
-		   esac &&
-		   $mkdirprog -m$different_mode -p -- "$tmpdir" && {
-		     ls_ld_tmpdir_1=`ls -ld "$tmpdir"`
-		     test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1"
-		   }
-		 }
-	      then posix_mkdir=:
-	      fi
-	      rmdir "$tmpdir/d" "$tmpdir"
-	    else
-	      # Remove any dirs left behind by ancient mkdir implementations.
-	      rmdir ./$mkdir_mode ./-p ./-- 2>/dev/null
-	    fi
-	    trap '' 0;;
-	esac;;
-    esac
-
-    if
-      $posix_mkdir && (
-	umask $mkdir_umask &&
-	$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir"
-      )
-    then :
-    else
-
-      # The umask is ridiculous, or mkdir does not conform to POSIX,
-      # or it failed possibly due to a race condition.  Create the
-      # directory the slow way, step by step, checking for races as we go.
-
-      case $dstdir in
-	/*) prefix='/';;
-	-*) prefix='./';;
-	*)  prefix='';;
-      esac
-
-      eval "$initialize_posix_glob"
-
-      oIFS=$IFS
-      IFS=/
-      $posix_glob set -f
-      set fnord $dstdir
-      shift
-      $posix_glob set +f
-      IFS=$oIFS
-
-      prefixes=
-
-      for d
-      do
-	test -z "$d" && continue
-
-	prefix=$prefix$d
-	if test -d "$prefix"; then
-	  prefixes=
-	else
-	  if $posix_mkdir; then
-	    (umask=$mkdir_umask &&
-	     $doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break
-	    # Don't fail if two instances are running concurrently.
-	    test -d "$prefix" || exit 1
-	  else
-	    case $prefix in
-	      *\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;;
-	      *) qprefix=$prefix;;
-	    esac
-	    prefixes="$prefixes '$qprefix'"
-	  fi
-	fi
-	prefix=$prefix/
-      done
-
-      if test -n "$prefixes"; then
-	# Don't fail if two instances are running concurrently.
-	(umask $mkdir_umask &&
-	 eval "\$doit_exec \$mkdirprog $prefixes") ||
-	  test -d "$dstdir" || exit 1
-	obsolete_mkdir_used=true
-      fi
-    fi
-  fi
-
-  if test -n "$dir_arg"; then
-    { test -z "$chowncmd" || $doit $chowncmd "$dst"; } &&
-    { test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } &&
-    { test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false ||
-      test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1
-  else
-
-    # Make a couple of temp file names in the proper directory.
-    dsttmp=$dstdir/_inst.$$_
-    rmtmp=$dstdir/_rm.$$_
-
-    # Trap to clean up those temp files at exit.
-    trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0
-
-    # Copy the file name to the temp name.
-    (umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") &&
-
-    # and set any options; do chmod last to preserve setuid bits.
-    #
-    # If any of these fail, we abort the whole thing.  If we want to
-    # ignore errors from any of these, just make sure not to ignore
-    # errors from the above "$doit $cpprog $src $dsttmp" command.
-    #
-    { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } &&
-    { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } &&
-    { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } &&
-    { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } &&
-
-    # If -C, don't bother to copy if it wouldn't change the file.
-    if $copy_on_change &&
-       old=`LC_ALL=C ls -dlL "$dst"	2>/dev/null` &&
-       new=`LC_ALL=C ls -dlL "$dsttmp"	2>/dev/null` &&
-
-       eval "$initialize_posix_glob" &&
-       $posix_glob set -f &&
-       set X $old && old=:$2:$4:$5:$6 &&
-       set X $new && new=:$2:$4:$5:$6 &&
-       $posix_glob set +f &&
-
-       test "$old" = "$new" &&
-       $cmpprog "$dst" "$dsttmp" >/dev/null 2>&1
-    then
-      rm -f "$dsttmp"
-    else
-      # Rename the file to the real destination.
-      $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null ||
-
-      # The rename failed, perhaps because mv can't rename something else
-      # to itself, or perhaps because mv is so ancient that it does not
-      # support -f.
-      {
-	# Now remove or move aside any old file at destination location.
-	# We try this two ways since rm can't unlink itself on some
-	# systems and the destination file might be busy for other
-	# reasons.  In this case, the final cleanup might fail but the new
-	# file should still install successfully.
-	{
-	  test ! -f "$dst" ||
-	  $doit $rmcmd -f "$dst" 2>/dev/null ||
-	  { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null &&
-	    { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }
-	  } ||
-	  { echo "$0: cannot unlink or rename $dst" >&2
-	    (exit 1); exit 1
-	  }
-	} &&
-
-	# Now rename the file to the real destination.
-	$doit $mvcmd "$dsttmp" "$dst"
-      }
-    fi || exit 1
-
-    trap '' 0
-  fi
-done
-
-# Local variables:
-# eval: (add-hook 'write-file-hooks 'time-stamp)
-# time-stamp-start: "scriptversion="
-# time-stamp-format: "%:y-%02m-%02d.%02H"
-# time-stamp-end: "$"
-# End:

libhttp/http.h

@@ -102,7 +102,7 @@ short serverConnectionSetEvents(Server *server, ServerConnection *connection,
 void serverExitLoop(Server *server, int exitAll);
 void serverLoop(Server *server);
 int  serverSupportsSSL();
-void serverEnableSSL(Server *server, int flag);
+void serverSetupSSL(Server *server, int enable, int force);
 void serverSetCertificate(Server *server, const char *filename,
                           int autoGenerateMissing);
 void serverSetCertificateFd(Server *server, int fd);
@@ -127,6 +127,7 @@ Server *httpGetServer(const HttpConnection *http);
 ServerConnection *httpGetServerConnection(const HttpConnection *);
 int httpGetFd(const HttpConnection *http);
 const char *httpGetPeerName(const HttpConnection *http);
+const char *httpGetRealIP(const HttpConnection *http);
 const char *httpGetMethod(const HttpConnection *http);
 const char *httpGetVersion(const HttpConnection *http);
 const HashMap *httpGetHeaders(const HttpConnection *http);

libhttp/httpconnection.c

@@ -88,7 +88,7 @@
 static int httpPromoteToSSL(struct HttpConnection *http, const char *buf,
                             int len) {
   if (http->ssl->enabled && !http->sslHndl) {
-    debug("Switching to SSL (replaying %d+%d bytes)",
+    debug("[ssl] Switching to SSL (replaying %d+%d bytes)...",
           http->partialLength, len);
     if (http->partial && len > 0) {
       check(http->partial  = realloc(http->partial,
@@ -102,6 +102,8 @@ static int httpPromoteToSSL(struct HttpConnection *http, const char *buf,
                                     http->partial ? http->partialLength : len);
     if (http->sslHndl) {
       check(!rc);
+      // Reset renegotiations count for connections promoted to SSL.
+      http->ssl->renegotiationCount = 0;
       SSL_set_app_data(http->sslHndl, http);
     }
     free(http->partial);
@@ -138,6 +140,13 @@ static ssize_t httpRead(struct HttpConnection *http, char *buf, ssize_t len) {
       break;
     }
     dcheck(!ERR_peek_error());
+
+    // Shutdown SSL connection, if client initiated renegotiation.
+    if (http->ssl->renegotiationCount > 1) {
+      debug("[ssl] Connection shutdown due to client initiated renegotiation!");
+      rc                     = 0;
+      errno                  = EINVAL;
+    }
   } else {
     rc = NOINTR(read(http->fd, buf, len));
   }
@@ -183,18 +192,13 @@ static ssize_t httpWrite(struct HttpConnection *http, const char *buf,
 
 static int httpShutdown(struct HttpConnection *http, int how) {
   if (http->sslHndl) {
-    int rc        = 0;
     if (how != SHUT_RD) {
       dcheck(!ERR_peek_error());
       for (int i = 0; i < 10; i++) {
         sslBlockSigPipe();
-        rc        = SSL_shutdown(http->sslHndl);
+        int rc    = SSL_shutdown(http->sslHndl);
         int sPipe = sslUnblockSigPipe();
-        if (rc > 0) {
-          rc      = 0;
-          break;
-        } else {
-          rc      = -1;
+        if (rc < 1) {
           // Retry a few times in order to prefer a clean bidirectional
           // shutdown. But don't bother if the other side already closed
           // the connection.
@@ -269,7 +273,7 @@ static int httpFinishCommand(struct HttpConnection *http) {
         *lengthBuf  = '\000';
         strncat(lengthBuf, "-", sizeof(lengthBuf)-1);
       }
-      info("%s - - %s \"%s %s %s\" %d %s",
+      info("[http] %s - - %s \"%s %s %s\" %d %s",
            http->peerName, timeBuf, http->method, http->path, http->version,
            http->code, lengthBuf);
     }
@@ -292,6 +296,14 @@ static char *getPeerName(int fd, int *port, int numericHosts) {
     }
     return NULL;
   }
+  char *ret;
+  if (peerAddr.sa_family == AF_UNIX) {
+    if (port) {
+      *port         = 0;
+    }
+    check(ret       = strdup("localhost"));
+    return ret;
+  }
   char host[256];
   if (numericHosts ||
       getnameinfo(&peerAddr, sockLen, host, sizeof(host), NULL, 0, NI_NOFQDN)){
@@ -302,7 +314,6 @@ static char *getPeerName(int fd, int *port, int numericHosts) {
   if (port) {
     *port           = ntohs(((struct sockaddr_in *)&peerAddr)->sin_port);
   }
-  char *ret;
   check(ret         = strdup(host));
   return ret;
 }
@@ -394,7 +405,7 @@ void initHttpConnection(struct HttpConnection *http, struct Server *server,
   http->sslHndl            = NULL;
   http->lastError          = 0;
   if (logIsInfo()) {
-    debug("Accepted connection from %s:%d",
+    debug("[http] Accepted connection from %s:%d",
           http->peerName ? http->peerName : "???", http->peerPort);
   }
 }
@@ -415,11 +426,11 @@ void destroyHttpConnection(struct HttpConnection *http) {
     }
     httpSetState(http, COMMAND);
     if (logIsInfo()) {
-      debug("Closing connection to %s:%d",
+      debug("[http] Closing connection to %s:%d",
             http->peerName ? http->peerName : "???", http->peerPort);
     }
     httpShutdown(http, http->closed ? SHUT_WR : SHUT_RDWR);
-    dcheck(!close(http->fd));
+    dcheck(!close(http->fd) || errno != EBADF);
     free(http->peerName);
     free(http->url);
     free(http->method);
@@ -564,15 +575,6 @@ void httpTransfer(struct HttpConnection *http, char *msg, int len) {
   check(msg);
   check(len >= 0);
 
-  // Internet Explorer seems to have difficulties with compressed data. It
-  // also has difficulties with SSL connections that are being proxied.
-  int ieBug                 = 0;
-  const char *userAgent     = getFromHashMap(&http->header, "user-agent");
-  const char *msie          = userAgent ? strstr(userAgent, "MSIE ") : NULL;
-  if (msie) {
-    ieBug++;
-  }
-
   char *header              = NULL;
   int headerLength          = 0;
   int bodyOffset            = 0;
@@ -607,15 +609,15 @@ void httpTransfer(struct HttpConnection *http, char *msg, int len) {
         // Found the end of the headers.
 
         // Check that we don't send any data with HEAD requests
-        int isHead          = !strcmp(http->method, "HEAD");
+        int isHead          = http->method && !strcmp(http->method, "HEAD");
         check(l == 2 || !isHead);
 
         #ifdef HAVE_ZLIB
         // Compress replies that might exceed the size of a single IP packet
-        compress            = !ieBug && !isHead &&
+        compress            = !isHead &&
                               !http->isPartialReply &&
                               len > 1400 &&
-                              httpAcceptsEncoding(http, "deflate");
+                              httpAcceptsEncoding(http, "gzip");
         #endif
         break;
       } else {
@@ -630,7 +632,7 @@ void httpTransfer(struct HttpConnection *http, char *msg, int len) {
       line                  = eol + 1;
     }
 
-    if (ieBug || compress) {
+    if (compress) {
       if (l >= 2 && !memcmp(line, "\r\n", 2)) {
         line               += 2;
         l                  -= 2;
@@ -640,10 +642,6 @@ void httpTransfer(struct HttpConnection *http, char *msg, int len) {
       check(header          = malloc(headerLength));
       memcpy(header, msg, headerLength);
     }
-    if (ieBug) {
-      removeHeader(header, &headerLength, "connection:");
-      addHeader(&header, &headerLength, "Connection: close\r\n");
-    }
 
     if (compress) {
       #ifdef HAVE_ZLIB
@@ -659,10 +657,11 @@ void httpTransfer(struct HttpConnection *http, char *msg, int len) {
                                 .avail_out = len,
                                 .next_out  = (unsigned char *)compressed
                               };
-      if (deflateInit(&strm, Z_DEFAULT_COMPRESSION) == Z_OK) {
+      if (deflateInit2(&strm, Z_DEFAULT_COMPRESSION, Z_DEFLATED,
+                       31, 8, Z_DEFAULT_STRATEGY) == Z_OK) {
         if (deflate(&strm, Z_FINISH) == Z_STREAM_END) {
           // Compression was successful and resulted in reduction in size
-          debug("Compressed response from %d to %d", len, len-strm.avail_out);
+          debug("[http] Compressed response from %d to %d", len, len-strm.avail_out);
           free(msg);
           msg               = compressed;
           len              -= strm.avail_out;
@@ -670,7 +669,7 @@ void httpTransfer(struct HttpConnection *http, char *msg, int len) {
           removeHeader(header, &headerLength, "content-length:");
           removeHeader(header, &headerLength, "content-encoding:");
           addHeader(&header, &headerLength, "Content-Length: %d\r\n", len);
-          addHeader(&header, &headerLength, "Content-Encoding: deflate\r\n");
+          addHeader(&header, &headerLength, "Content-Encoding: gzip\r\n");
         } else {
           free(compressed);
         }
@@ -758,7 +757,7 @@ void httpTransfer(struct HttpConnection *http, char *msg, int len) {
     if (!http->isPartialReply) {
       if (http->expecting < 0) {
         // If we do not know the length of the content, close the connection.
-        debug("Closing previously suspended connection");
+        debug("[http] Closing previously suspended connection!");
         httpCloseRead(http);
         httpSetState(http, DISCARD_PAYLOAD);
       } else if (http->expecting == 0) {
@@ -773,10 +772,6 @@ void httpTransfer(struct HttpConnection *http, char *msg, int len) {
       }
     }
   }
-
-  if (ieBug) {
-    httpCloseRead(http);
-  }
 }
 
 void httpTransferPartialReply(struct HttpConnection *http, char *msg, int len){
@@ -791,7 +786,7 @@ void httpTransferPartialReply(struct HttpConnection *http, char *msg, int len){
 
 static int httpHandleCommand(struct HttpConnection *http,
                              const struct Trie *handlers) {
-  debug("Handling \"%s\" \"%s\"", http->method, http->path);
+  debug("[http] Handling \"%s\" \"%s\"", http->method, http->path);
   const char *contentLength                  = getFromHashMap(&http->header,
                                                              "content-length");
   if (contentLength != NULL && *contentLength) {
@@ -906,7 +901,7 @@ static int httpHandleCommand(struct HttpConnection *http,
               protocol ? protocol : "",
               protocol ? "\r\n" : "");
             free(port);
-            debug("Switching to WebSockets");
+            debug("[http] Switching to WebSockets");
             httpTransfer(http, response, strlen(response));
             if (http->expecting < 0) {
               http->expecting                = 0;
@@ -1163,7 +1158,7 @@ static int httpParseHeaders(struct HttpConnection *http,
     }
     value[j]               = '\000';
     if (getRefFromHashMap(&http->header, http->key)) {
-      debug("Dropping duplicate header \"%s\"", http->key);
+      debug("[http] Dropping duplicate header \"%s\"", http->key);
       free(http->key);
       free(value);
       http->key            = NULL;
@@ -1426,6 +1421,7 @@ int httpHandleConnection(struct ServerConnection *connection, void *http_,
       if (bytes > 0) {
         http->headerLength          += bytes;
         if (http->headerLength > MAX_HEADER_LENGTH) {
+          debug("[http] Connection closed due to exceeded header size!");
           httpSendReply(http, 413, "Header too big", NO_MSG);
           bytes                      = 0;
           eof                        = 1;
@@ -1484,6 +1480,13 @@ int httpHandleConnection(struct ServerConnection *connection, void *http_,
           *events                   |= POLLIN;
           continue;
         }
+      } else {
+        if (http->ssl && http->ssl->enabled && http->ssl->force) {
+          debug("[http] Non-SSL connections not allowed!");
+          httpCloseRead(http);
+          bytes                      = 0;
+          eof                        = 1;
+        }
       }
     }
 
@@ -1653,7 +1656,7 @@ int httpHandleConnection(struct ServerConnection *connection, void *http_,
           }
         }
       }
-  
+
       // If the callback only provided partial data, refill the outgoing
       // buffer whenever it runs low.
       if (http->isPartialReply && (!http->msg || http->msgLength <= 0)) {
@@ -1680,7 +1683,7 @@ int httpHandleConnection(struct ServerConnection *connection, void *http_,
       http->msg                      = NULL;
       http->msgLength                = 0;
     }
-  
+
     if ((!(*events || http->isSuspended) || timedOut) && http->sslHndl) {
       *events                        = 0;
       serverSetTimeout(connection, 1);
@@ -1787,11 +1790,12 @@ void httpSendReply(struct HttpConnection *http, int code,
                                 code != 200 ? "Connection: close\r\n" : "",
                                 (long)strlen(body));
   }
-  int isHead     = !strcmp(http->method, "HEAD");
+  int isHead     = http->method && !strcmp(http->method, "HEAD");
   if (!isHead) {
     response     = stringPrintf(response, "%s", body);
   }
   free(body);
+  check(response);
   httpTransfer(http, response, strlen(response));
   if (code != 200 || isHead) {
     httpCloseRead(http);
@@ -1905,6 +1909,10 @@ const char *httpGetPeerName(const struct HttpConnection *http) {
   return http->peerName;
 }
 
+const char *httpGetRealIP(const struct HttpConnection *http) {
+  return getFromHashMap(&http->header, "x-real-ip");
+}
+
 const char *httpGetMethod(const struct HttpConnection *http) {
   return http->method;
 }

libhttp/httpconnection.h

@@ -115,7 +115,7 @@ struct HttpHandler {
   int (*websocketHandler)(struct HttpConnection *, void *, int,
                           const char *, int);
   void *arg, *streamingArg;
-  
+
 };
 
 struct HttpConnection *newHttpConnection(struct Server *server, int fd,
@@ -148,6 +148,7 @@ struct Server *httpGetServer(const struct HttpConnection *http);
 struct ServerConnection *httpGetServerConnection(const struct HttpConnection*);
 int         httpGetFd(const HttpConnection *http);
 const char *httpGetPeerName(const struct HttpConnection *http);
+const char *httpGetRealIP(const struct HttpConnection *http);
 const char *httpGetMethod(const struct HttpConnection *http);
 const char *httpGetProtocol(const struct HttpConnection *http);
 const char *httpGetHost(const struct HttpConnection *http);

libhttp/server.c

@@ -48,10 +48,13 @@
 #include <arpa/inet.h>
 #include <fcntl.h>
 #include <netinet/in.h>
+#include <stdint.h>
 #include <stdlib.h>
 #include <string.h>
 #include <sys/poll.h>
+#include <sys/stat.h>
 #include <sys/socket.h>
+#include <sys/un.h>
 #include <sys/time.h>
 #include <sys/types.h>
 #include <unistd.h>
@@ -138,6 +141,10 @@ int x_poll(struct pollfd *fds, nfds_t nfds, int timeout) {
 #endif
 
 time_t currentTime;
+char  *unixDomainPath  = NULL;
+int    unixDomainUser  = 0;
+int    unixDomainGroup = 0;
+int    unixDomainChmod = 0;
 
 struct PayLoad {
   int (*handler)(struct HttpConnection *, void *, const char *, int);
@@ -181,7 +188,7 @@ static int serverCollectFullPayload(struct HttpConnection *http,
     free(payload);
   }
   return rc;
-  
+
 }
 
 static int serverCollectHandler(struct HttpConnection *http, void *handler_) {
@@ -282,6 +289,50 @@ void initServer(struct Server *server, int localhostOnly, int portMin,
   server->numConnections        = 0;
 
   int true                      = 1;
+
+  if (unixDomainPath && *unixDomainPath) {
+
+    server->serverFd              = socket(AF_UNIX, SOCK_STREAM, 0);
+    check(server->serverFd >= 0);
+    check(!setsockopt(server->serverFd, SOL_SOCKET, SO_REUSEADDR,
+                      &true, sizeof(true)));
+
+    struct stat st;
+    if (!stat(unixDomainPath, &st) && S_ISSOCK(st.st_mode)) {
+      unlink(unixDomainPath);
+    }
+
+    struct sockaddr_un serverAddr = { 0 };
+    serverAddr.sun_family         = AF_UNIX;
+    memcpy(serverAddr.sun_path, unixDomainPath, sizeof(serverAddr.sun_path));
+    int servlen                   = sizeof(serverAddr.sun_family)
+                                    + strlen(unixDomainPath);
+
+    if (bind(server->serverFd, (struct sockaddr *)&serverAddr, servlen)) {
+      fatal("[server] Failed to bind to unix socket! [%d: %s]",
+            errno, strerror(errno));
+    }
+    if (chown(unixDomainPath, unixDomainUser, unixDomainGroup)) {
+      fatal("[server] Unable to change ownership on unix socket! [%d: %s]",
+            errno, strerror(errno));
+    }
+    if (chmod(unixDomainPath, unixDomainChmod)) {
+      fatal("[server] Unable to change permission on unix socket! [%d: %s]",
+            errno, strerror(errno));
+    }
+
+    check(!listen(server->serverFd, SOMAXCONN));
+    info("[server] Listening on unix domain socket %s...", unixDomainPath);
+    check(server->pollFds         = malloc(sizeof(struct pollfd)));
+    server->pollFds->fd           = server->serverFd;
+    server->pollFds->events       = POLLIN;
+
+    initTrie(&server->handlers, serverDestroyHandlers, NULL);
+    serverRegisterStreamingHttpHandler(server, "/quit", serverQuitHandler, NULL);
+    initSSL(&server->ssl);
+    return;
+  }
+
   server->serverFd              = socket(PF_INET, SOCK_STREAM, 0);
   check(server->serverFd >= 0);
   check(!setsockopt(server->serverFd, SOL_SOCKET, SO_REUSEADDR,
@@ -312,7 +363,7 @@ void initServer(struct Server *server, int localhostOnly, int portMin,
       serverAddr.sin_port       = 0;
     }
     if (!serverAddr.sin_port) {
-      fatal("Failed to find any available port");
+      fatal("[server] Failed to find any available port!");
     }
   }
 
@@ -322,7 +373,7 @@ void initServer(struct Server *server, int localhostOnly, int portMin,
                      &socklen));
   check(socklen == sizeof(serverAddr));
   server->port                  = ntohs(serverAddr.sin_port);
-  info("Listening on port %d", server->port);
+  info("[server] Listening on port %d...", server->port);
 
   check(server->pollFds         = malloc(sizeof(struct pollfd)));
   server->pollFds->fd           = server->serverFd;
@@ -336,8 +387,8 @@ void initServer(struct Server *server, int localhostOnly, int portMin,
 void destroyServer(struct Server *server) {
   if (server) {
     if (server->serverFd >= 0) {
-      info("Shutting down server");
-      close(server->serverFd);
+      info("[server] Shutting down server");
+      NOINTR(close(server->serverFd));
     }
     for (int i = 0; i < server->numConnections; i++) {
       server->connections[i].destroyConnection(server->connections[i].arg);
@@ -346,6 +397,14 @@ void destroyServer(struct Server *server) {
     free(server->pollFds);
     destroyTrie(&server->handlers);
     destroySSL(&server->ssl);
+
+    if (unixDomainPath) {
+      struct stat st;
+      if (*unixDomainPath && !stat(unixDomainPath, &st) && S_ISSOCK(st.st_mode)) {
+        unlink(unixDomainPath);
+      }
+      free(unixDomainPath);
+    }
   }
 }
 
@@ -611,11 +670,12 @@ void serverLoop(struct Server *server) {
   server->looping                         = loopDepth - 1;
 }
 
-void serverEnableSSL(struct Server *server, int flag) {
-  if (flag) {
+void serverSetupSSL(struct Server *server, int enable, int force) {
+  if (enable) {
     check(serverSupportsSSL());
   }
-  sslEnable(&server->ssl, flag);
+  sslEnable(&server->ssl, enable);
+  sslForce(&server->ssl, force);
 }
 
 void serverSetCertificate(struct Server *server, const char *filename,

libhttp/server.h

@@ -52,6 +52,11 @@
 #include "libhttp/http.h"
 #include "libhttp/ssl.h"
 
+#ifndef UNIX_PATH_MAX
+#define UNIX_PATH_MAX 108
+#endif
+
+
 struct Server;
 
 struct ServerConnection {
@@ -113,7 +118,7 @@ short serverConnectionSetEvents(struct Server *server,
                                 short events);
 void serverExitLoop(struct Server *server, int exitAll);
 void serverLoop(struct Server *server);
-void serverEnableSSL(struct Server *server, int flag);
+void serverSetupSSL(struct Server *server, int enable, int force);
 void serverSetCertificate(struct Server *server, const char *filename,
                           int autoGenerateMissing);
 void serverSetCertificateFd(struct Server *server, int fd);
@@ -121,5 +126,9 @@ void serverSetNumericHosts(struct Server *server, int numericHosts);
 struct Trie *serverGetHttpHandlers(struct Server *server);
 
 extern time_t currentTime;
+extern char  *unixDomainPath;
+extern int    unixDomainUser;
+extern int    unixDomainGroup;
+extern int    unixDomainChmod;
 
 #endif

libhttp/ssl.c

@@ -100,17 +100,23 @@ BIO_METHOD *  (*BIO_f_buffer)(void);
 void          (*BIO_free_all)(BIO *);
 BIO *         (*BIO_new)(BIO_METHOD *);
 BIO *         (*BIO_new_socket)(int, int);
+BIO *         (*BIO_next)(BIO *);
 BIO *         (*BIO_pop)(BIO *);
 BIO *         (*BIO_push)(BIO *, BIO *);
+#if defined(HAVE_OPENSSL_EC)
+void          (*EC_KEY_free)(EC_KEY *);
+EC_KEY *      (*EC_KEY_new_by_curve_name)(int);
+#endif
 void          (*ERR_clear_error)(void);
-void          (*ERR_clear_error)(void);
-unsigned long (*ERR_peek_error)(void);
 unsigned long (*ERR_peek_error)(void);
 long          (*SSL_CTX_callback_ctrl)(SSL_CTX *, int, void (*)(void));
 int           (*SSL_CTX_check_private_key)(const SSL_CTX *);
 long          (*SSL_CTX_ctrl)(SSL_CTX *, int, long, void *);
 void          (*SSL_CTX_free)(SSL_CTX *);
 SSL_CTX *     (*SSL_CTX_new)(SSL_METHOD *);
+int           (*SSL_CTX_set_cipher_list)(SSL_CTX *, const char *);
+void          (*SSL_CTX_set_info_callback)(SSL_CTX *,
+                                           void (*)(const SSL *, int, int));
 int           (*SSL_CTX_use_PrivateKey_file)(SSL_CTX *, const char *, int);
 int           (*SSL_CTX_use_PrivateKey_ASN1)(int, SSL_CTX *,
                                              const unsigned char *, long);
@@ -136,6 +142,8 @@ int           (*SSL_write)(SSL *, const void *, int);
 SSL_METHOD *  (*SSLv23_server_method)(void);
 X509 *        (*d2i_X509)(X509 **px, const unsigned char **in, int len);
 void          (*X509_free)(X509 *a);
+void          (*x_sk_zero)(void *st);
+void *        (*x_SSL_COMP_get_compression_methods)(void);
 #endif
 
 static void sslDestroyCachedContext(void *ssl_, char *context_) {
@@ -160,9 +168,11 @@ struct SSLSupport *newSSL(void) {
 
 void initSSL(struct SSLSupport *ssl) {
   ssl->enabled               = serverSupportsSSL();
+  ssl->force                 = 0;
   ssl->sslContext            = NULL;
   ssl->sniCertificatePattern = NULL;
   ssl->generateMissing       = 0;
+  ssl->renegotiationCount    = 0;
   initTrie(&ssl->sniContexts, sslDestroyCachedContext, ssl);
 }
 
@@ -193,7 +203,10 @@ static int maybeLoadCrypto(void) {
   // it, iff we haven't tried loading it before and iff libssl.so does not
   // work by itself.
   static int crypto;
-  const char* path_libcrypto = getenv ("SHELLINABOX_LIBCRYPTO_SO");
+  // SHELLINABOX_LIBCRYPTO_SO can be used to select the specific
+  // soname of libcrypto for systems where it is not libcrypto.so.
+  // The feature is currently disabled.
+  const char* path_libcrypto = NULL; // getenv ("SHELLINABOX_LIBCRYPTO_SO");
   if (path_libcrypto == NULL)
     path_libcrypto = "libcrypto.so";
 
@@ -249,7 +262,10 @@ static void *loadSymbol(const char *lib, const char *fn) {
 }
 
 static void loadSSL(void) {
-  const char* path_libssl    = getenv ("SHELLINABOX_LIBSSL_SO");
+  // SHELLINABOX_LIBSSL_SO can be used to select the specific
+  // soname of libssl for systems where it is not libssl.so.
+  // The feature is currently disabled.
+  const char* path_libssl = NULL; // = getenv ("SHELLINABOX_LIBSSL_SO");
   if (path_libssl == NULL)
     path_libssl = "libssl.so";
   check(!SSL_library_init);
@@ -265,17 +281,24 @@ static void loadSSL(void) {
     { { &BIO_free_all },                "BIO_free_all" },
     { { &BIO_new },                     "BIO_new" },
     { { &BIO_new_socket },              "BIO_new_socket" },
+    { { &BIO_next },                    "BIO_next" },
     { { &BIO_pop },                     "BIO_pop" },
     { { &BIO_push },                    "BIO_push" },
     { { &ERR_clear_error },             "ERR_clear_error" },
     { { &ERR_clear_error },             "ERR_clear_error" },
     { { &ERR_peek_error },              "ERR_peek_error" },
     { { &ERR_peek_error },              "ERR_peek_error" },
+#ifdef HAVE_OPENSSL_EC
+    { { &EC_KEY_free },                 "EC_KEY_free" },
+    { { &EC_KEY_new_by_curve_name },    "EC_KEY_new_by_curve_name" },
+#endif
     { { &SSL_CTX_callback_ctrl },       "SSL_CTX_callback_ctrl" },
     { { &SSL_CTX_check_private_key },   "SSL_CTX_check_private_key" },
     { { &SSL_CTX_ctrl },                "SSL_CTX_ctrl" },
     { { &SSL_CTX_free },                "SSL_CTX_free" },
     { { &SSL_CTX_new },                 "SSL_CTX_new" },
+    { { &SSL_CTX_set_cipher_list },     "SSL_CTX_set_cipher_list" },
+    { { &SSL_CTX_set_info_callback },   "SSL_CTX_set_info_callback" },
     { { &SSL_CTX_use_PrivateKey_file }, "SSL_CTX_use_PrivateKey_file" },
     { { &SSL_CTX_use_PrivateKey_ASN1 }, "SSL_CTX_use_PrivateKey_ASN1" },
     { { &SSL_CTX_use_certificate_file },"SSL_CTX_use_certificate_file"},
@@ -302,11 +325,12 @@ static void loadSSL(void) {
     { { &SSL_write },                   "SSL_write" },
     { { &SSLv23_server_method },        "SSLv23_server_method" },
     { { &d2i_X509 },                    "d2i_X509" },
-    { { &X509_free },                   "X509_free" }
+    { { &X509_free },                   "X509_free" },
+    { { &x_sk_zero },                   "sk_zero" }
   };
   for (unsigned i = 0; i < sizeof(symbols)/sizeof(symbols[0]); i++) {
     if (!(*symbols[i].var = loadSymbol(path_libssl, symbols[i].fn))) {
-      debug("Failed to load SSL support. Could not find \"%s\"",
+      debug("[ssl] Failed to load SSL support. Could not find \"%s\"!",
             symbols[i].fn);
       for (unsigned j = 0; j < sizeof(symbols)/sizeof(symbols[0]); j++) {
         *symbols[j].var = NULL;
@@ -314,9 +338,14 @@ static void loadSSL(void) {
       return;
     }
   }
+  // These are optional
+  x_SSL_COMP_get_compression_methods = loadSymbol(path_libssl, "SSL_COMP_get_compression_methods");
+  // ends
+
+
   SSL_library_init();
   dcheck(!ERR_peek_error());
-  debug("Loaded SSL suppport");
+  debug("[ssl] Loaded SSL suppport...");
 }
 #endif
 
@@ -353,33 +382,39 @@ int serverSupportsSSL(void) {
 #if defined(HAVE_OPENSSL)
 static void sslGenerateCertificate(const char *certificate,
                                    const char *serverName) {
- debug("Auto-generating missing certificate \"%s\" for \"%s\"",
-       certificate, serverName);
+  info("[ssl] Auto-generating missing certificate \"%s\" for \"%s\"...",
+        certificate, serverName);
 
-  pid_t pid = fork();
+  pid_t pid       = fork();
   if (pid == -1) {
-    warn("Failed to generate self-signed certificate \"%s\"", certificate);
+    warn("[ssl] Failed to generate self-signed certificate \"%s\"!", certificate);
   } else if (pid == 0) {
-    int fd = NOINTR(open("/dev/null", O_RDONLY));
+    int fd        = NOINTR(open("/dev/null", O_RDONLY));
     check(fd != -1);
     check(NOINTR(dup2(fd, STDERR_FILENO)) == STDERR_FILENO);
     check(NOINTR(close(fd)) == 0);
-    fd = NOINTR(open("/dev/null", O_WRONLY));
+    fd            = NOINTR(open("/dev/null", O_WRONLY));
     check(fd != -1);
     check(NOINTR(dup2(fd, STDIN_FILENO)) == STDIN_FILENO);
     check(NOINTR(close(fd)) == 0);
     umask(077);
     check(setenv("PATH", "/usr/bin:/usr/sbin", 1) == 0);
-    execlp("openssl", "openssl", "req", "-x509", "-nodes", "-days", "7300",
-           "-newkey", "rsa:2048", "-keyout", certificate, "-out", certificate,
-           "-subj", stringPrintf(NULL, "/CN=%s/", serverName),
-           (char *)NULL);
-    check(0);
+    char *subject;
+    check(subject = stringPrintf(NULL, "/CN=%s/", serverName));
+    if (execlp("openssl", "openssl", "req", "-x509", "-nodes", "-days", "7300",
+               "-newkey", "rsa:2048", "-keyout", certificate, "-out", certificate,
+               "-subj", subject, (char *)NULL) < 0) {
+      warn("[ssl] Failed to generate self-signed certificate \"%s\"!", certificate);
+      free(subject);
+    }
   } else {
     int status;
     check(NOINTR(waitpid(pid, &status, 0)) == pid);
-    if (!WIFEXITED(status) || WEXITSTATUS(status) != 0)
-      warn("Failed to generate self-signed certificate \"%s\"", certificate);
+    if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) {
+      warn("[ssl] Failed to generate self-signed certificate \"%s\"!", certificate);
+    } else {
+      info("[ssl] Certificate successfully generated.");
+    }
   }
 }
 
@@ -575,6 +610,76 @@ static int sslSetCertificateFromFile(SSL_CTX *context,
   int rc = sslSetCertificateFromFd(context, fd);
   return rc;
 }
+
+static void sslInfoCallback(const SSL *sslHndl, int type, int val) {
+  // Count the number of renegotiations for each SSL session.
+  if (type & SSL_CB_HANDSHAKE_START) {
+    struct HttpConnection *http    =
+                          (struct HttpConnection *) SSL_get_app_data(sslHndl);
+    http->ssl->renegotiationCount += 1;
+  }
+}
+
+static SSL_CTX *sslMakeContext(void) {
+
+  SSL_CTX *context;
+  check(context = SSL_CTX_new(SSLv23_server_method()));
+
+  long options  = SSL_OP_ALL;
+  options      |= SSL_OP_NO_SSLv2;
+  options      |= SSL_OP_NO_SSLv3;
+  options      |= SSL_OP_SINGLE_DH_USE;
+
+#ifdef SSL_OP_NO_COMPRESSION
+  options      |= SSL_OP_NO_COMPRESSION;
+#endif
+
+#ifdef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
+  options      |= SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION;
+#endif
+
+  // Set default SSL options.
+  SSL_CTX_set_options(context, options);
+
+  // Workaround for SSL_OP_NO_COMPRESSION with older OpenSSL versions.
+#ifdef HAVE_DLOPEN
+  if (SSL_COMP_get_compression_methods) {
+    sk_SSL_COMP_zero(SSL_COMP_get_compression_methods());
+  }
+#elif OPENSSL_VERSION_NUMBER >= 0x00908000L
+  sk_SSL_COMP_zero(SSL_COMP_get_compression_methods());
+#endif
+
+  // For Perfect Forward Secrecy (PFS) support we need to enable some additional
+  // SSL options, provide eliptic curve key object for handshake and add chipers
+  // suits with ECDHE handshake on top of the ciper list.
+#ifdef HAVE_OPENSSL_EC
+  SSL_CTX_set_options(context, SSL_OP_SINGLE_ECDH_USE);
+  SSL_CTX_set_options(context, SSL_OP_CIPHER_SERVER_PREFERENCE);
+
+  EC_KEY *ecKey;
+  check(ecKey   = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1));
+  SSL_CTX_set_tmp_ecdh(context, ecKey);
+  EC_KEY_free(ecKey);
+
+  debug("[ssl] Support for PFS enabled...");
+#endif
+
+  check(SSL_CTX_set_cipher_list(context,
+    "ECDHE-RSA-AES256-GCM-SHA384:"
+    "ECDHE-RSA-AES128-GCM-SHA256:"
+    "ECDHE-RSA-AES256-SHA384:"
+    "ECDHE-RSA-AES128-SHA256:"
+    "ECDHE-RSA-AES256-SHA:"
+    "ECDHE-RSA-AES128-SHA:"
+    "ECDHE-RSA-DES-CBC3-SHA:"
+    "HIGH:MEDIUM:!RC4:!aNULL:!MD5"));
+
+  SSL_CTX_set_info_callback(context, sslInfoCallback);
+
+  debug("[ssl] Server context successfully initialized...");
+  return context;
+}
 #endif
 
 #ifdef HAVE_TLSEXT
@@ -589,7 +694,7 @@ static int sslSNICallback(SSL *sslHndl, int *al ATTR_UNUSED,
   }
   struct HttpConnection *http =
                             (struct HttpConnection *)SSL_get_app_data(sslHndl);
-  debug("Received SNI callback for virtual host \"%s\" from \"%s:%d\"",
+  debug("[ssl] Received SNI callback for virtual host \"%s\" from \"%s:%d\"...",
         name, httpGetPeerName(http), httpGetPort(http));
   char *serverName;
   check(serverName        = malloc(strlen(name)+2));
@@ -613,7 +718,7 @@ static int sslSNICallback(SSL *sslHndl, int *al ATTR_UNUSED,
                                                    serverName+1,
                                                    NULL);
   if (context == NULL) {
-    check(context         = SSL_CTX_new(SSLv23_server_method()));
+    context               = sslMakeContext();
     check(ssl->sniCertificatePattern);
     char *certificate     = stringPrintfUnchecked(NULL,
                                                   ssl->sniCertificatePattern,
@@ -626,7 +731,7 @@ static int sslSNICallback(SSL *sslHndl, int *al ATTR_UNUSED,
         // the default certificate, instead.
         sslSetCertificateFromFile(context, certificate);
       } else {
-        warn("Could not find matching certificate \"%s\" for \"%s\"",
+        warn("[ssl] Could not find matching certificate \"%s\" for \"%s\"",
              certificate, serverName + 1);
         SSL_CTX_free(context);
         context           = ssl->sslContext;
@@ -691,7 +796,7 @@ void sslSetCertificate(struct SSLSupport *ssl, const char *filename,
   }
 
   // Try to set the default certificate. If necessary, (re-)generate it.
-  check(ssl->sslContext              = SSL_CTX_new(SSLv23_server_method()));
+  ssl->sslContext                    = sslMakeContext();
   if (autoGenerateMissing) {
     if (sslSetCertificateFromFile(ssl->sslContext, defaultCertificate) < 0) {
       char hostname[256], buf[4096];
@@ -703,7 +808,7 @@ void sslSetCertificate(struct SSLSupport *ssl, const char *filename,
         sslGenerateCertificate(defaultCertificate, he->h_name);
       } else {
         if (h_err) {
-          warn("Error getting host information: \"%s\".", hstrerror(h_err));
+          warn("[ssl] Error getting host information: \"%s\".", hstrerror(h_err));
         }
         sslGenerateCertificate(defaultCertificate, hostname);
       }
@@ -712,7 +817,7 @@ void sslSetCertificate(struct SSLSupport *ssl, const char *filename,
     }
   }
   if (sslSetCertificateFromFile(ssl->sslContext, defaultCertificate) < 0) {
-    fatal("Cannot read valid certificate from \"%s\". "
+    fatal("[ssl] Cannot read valid certificate from \"%s\"! "
           "Check file permissions and file format.", defaultCertificate);
   }
  valid_certificate:
@@ -775,10 +880,10 @@ static char *sslFdToFilename(int fd) {
 
 void sslSetCertificateFd(struct SSLSupport *ssl, int fd) {
 #ifdef HAVE_OPENSSL
-  check(ssl->sslContext = SSL_CTX_new(SSLv23_server_method()));
+  ssl->sslContext = sslMakeContext();
   char *filename = sslFdToFilename(fd);
   if (!sslSetCertificateFromFd(ssl->sslContext, fd)) {
-    fatal("Cannot read valid certificate from %s. Check file format.",
+    fatal("[ssl] Cannot read valid certificate from %s. Check file format.",
           filename);
   }
   free(filename);
@@ -792,6 +897,12 @@ int sslEnable(struct SSLSupport *ssl, int enabled) {
   return old;
 }
 
+int sslForce(struct SSLSupport *ssl, int force) {
+  int old      = ssl->force;
+  ssl->force   = force;
+  return old;
+}
+
 void sslBlockSigPipe(void) {
   sigset_t set;
   sigemptyset(&set);
@@ -904,6 +1015,14 @@ int sslPromoteToSSL(struct SSLSupport *ssl, SSL **sslHndl, int fd,
 #endif
 }
 
+BIO *sslGetNextBIO(BIO *b) {
+#if OPENSSL_VERSION_NUMBER <= 0x10100000L
+  return b->next_bio;
+#else
+  return BIO_next(b);
+#endif
+}
+
 void sslFreeHndl(SSL **sslHndl) {
 #if defined(HAVE_OPENSSL)
   if (*sslHndl) {
@@ -911,24 +1030,23 @@ void sslFreeHndl(SSL **sslHndl) {
     // BIOs. This is particularly a problem if an SSL connection has two
     // different BIOs for the read and the write end, with one being a stacked
     // derivative of the other. Unfortunately, this is exactly the scenario
-    // that we set up.
+    // that we set up with call to "BIO_push(readBIO, writeBIO)" in function
+    // "sslPromoteToSSL()".
     // As a work-around, we un-stack the BIOs prior to freeing the SSL
     // connection.
+    debug("[ssl] Freeing SSL handle.");
     ERR_clear_error();
     BIO *writeBIO, *readBIO;
     check(writeBIO    = SSL_get_wbio(*sslHndl));
     check(readBIO     = SSL_get_rbio(*sslHndl));
     if (writeBIO != readBIO) {
-      if (readBIO->next_bio == writeBIO) {
-        // OK, that's exactly the bug we are looking for. We know how to
-        // fix it.
+      if (sslGetNextBIO(readBIO) == writeBIO) {
+        // OK, that's exactly the bug we are looking for. We know that
+        // writeBIO needs to be removed from readBIO chain.
+        debug("[ssl] Removing stacked write BIO!");
         check(BIO_pop(readBIO) == writeBIO);
-        check(readBIO->references == 1);
-        check(writeBIO->references == 1);
-        check(!readBIO->next_bio);
-        check(!writeBIO->prev_bio);
-      } else if (readBIO->next_bio == writeBIO->next_bio &&
-                 writeBIO->next_bio->prev_bio == writeBIO) {
+        check(!sslGetNextBIO(readBIO));
+      } else if (sslGetNextBIO(readBIO) == sslGetNextBIO(writeBIO)) {
         // Things get even more confused, if the SSL handshake is aborted
         // prematurely.
         // OpenSSL appears to internally stack a BIO onto the read end that
@@ -937,21 +1055,19 @@ void sslFreeHndl(SSL **sslHndl) {
         // reading and one for writing). In this case, not only is the
         // reference count wrong, but the chain of next_bio/prev_bio pairs
         // is corrupted, too.
+        warn("[ssl] Removing stacked socket BIO!");
         BIO *sockBIO;
         check(sockBIO = BIO_pop(readBIO));
         check(sockBIO == BIO_pop(writeBIO));
-        check(readBIO->references == 1);
-        check(writeBIO->references == 1);
-        check(sockBIO->references == 1);
-        check(!readBIO->next_bio);
-        check(!writeBIO->next_bio);
-        check(!sockBIO->prev_bio);
+        check(!sslGetNextBIO(readBIO));
+        check(!sslGetNextBIO(writeBIO));
+        check(!sslGetNextBIO(sockBIO));
         BIO_free_all(sockBIO);
       } else {
         // We do not know, how to fix this situation. Something must have
         // changed in the OpenSSL internals. Either, this is a new bug, or
         // somebody fixed the code in a way that we did not anticipate.
-        fatal("Unexpected corruption of OpenSSL data structures");
+        fatal("[ssl] Unexpected corruption of OpenSSL data structures");
       }
     }
     SSL_free(*sslHndl);

libhttp/ssl.h

@@ -61,6 +61,7 @@
 #undef HAVE_OPENSSL
 typedef struct BIO        BIO;
 typedef struct BIO_METHOD BIO_METHOD;
+typedef struct EC_KEY     EC_KEY;
 typedef struct SSL        SSL;
 typedef struct SSL_CTX    SSL_CTX;
 typedef struct SSL_METHOD SSL_METHOD;
@@ -69,23 +70,35 @@ typedef struct X509       X509;
 #define SSL_ERROR_WANT_WRITE 3
 #endif
 
+// EC support was added to OpenSSL in 0.9.8, but it can be disabled in some
+// distributions.
+#if OPENSSL_VERSION_NUMBER >= 0x0090800fL && !defined(OPENSSL_NO_EC)
+# define HAVE_OPENSSL_EC
+#endif
+
 #if defined(HAVE_DLOPEN)
 extern long    (*x_BIO_ctrl)(BIO *, int, long, void *);
 extern BIO_METHOD *(*x_BIO_f_buffer)(void);
 extern void    (*x_BIO_free_all)(BIO *);
 extern BIO    *(*x_BIO_new)(BIO_METHOD *);
 extern BIO    *(*x_BIO_new_socket)(int, int);
+extern BIO    *(*x_BIO_next)(BIO *);
 extern BIO    *(*x_BIO_pop)(BIO *);
 extern BIO    *(*x_BIO_push)(BIO *, BIO *);
+#if defined(HAVE_OPENSSL_EC)
+extern void    (*x_EC_KEY_free)(EC_KEY *);
+extern EC_KEY *(*x_EC_KEY_new_by_curve_name)(int);
+#endif
 extern void    (*x_ERR_clear_error)(void);
-extern void    (*x_ERR_clear_error)(void);
-extern unsigned long (*x_ERR_peek_error)(void);
 extern unsigned long (*x_ERR_peek_error)(void);
 extern long    (*x_SSL_CTX_callback_ctrl)(SSL_CTX *, int, void (*)(void));
 extern int     (*x_SSL_CTX_check_private_key)(const SSL_CTX *);
 extern long    (*x_SSL_CTX_ctrl)(SSL_CTX *, int, long, void *);
 extern void    (*x_SSL_CTX_free)(SSL_CTX *);
 extern SSL_CTX*(*x_SSL_CTX_new)(SSL_METHOD *);
+extern int     (*x_SSL_CTX_set_cipher_list)(SSL_CTX *, const char *);
+extern void    (*x_SSL_CTX_set_info_callback)(SSL_CTX *,
+                                              void (*)(const SSL *, int, int));
 extern int     (*x_SSL_CTX_use_PrivateKey_file)(SSL_CTX *, const char *, int);
 extern int     (*x_SSL_CTX_use_PrivateKey_ASN1)(int, SSL_CTX *,
                                                 const unsigned char *, long);
@@ -111,23 +124,28 @@ extern int     (*x_SSL_write)(SSL *, const void *, int);
 extern SSL_METHOD *(*x_SSLv23_server_method)(void);
 extern X509 *  (*x_d2i_X509)(X509 **px, const unsigned char **in, int len);
 extern void    (*x_X509_free)(X509 *a);
+extern void    (*x_sk_zero)(void *st);
+extern void   *(*x_SSL_COMP_get_compression_methods)(void);
 
 #define BIO_ctrl                     x_BIO_ctrl
 #define BIO_f_buffer                 x_BIO_f_buffer
 #define BIO_free_all                 x_BIO_free_all
 #define BIO_new                      x_BIO_new
 #define BIO_new_socket               x_BIO_new_socket
+#define BIO_next                     x_BIO_next
 #define BIO_pop                      x_BIO_pop
 #define BIO_push                     x_BIO_push
+#define EC_KEY_free                  x_EC_KEY_free
+#define EC_KEY_new_by_curve_name     x_EC_KEY_new_by_curve_name
 #define ERR_clear_error              x_ERR_clear_error
-#define ERR_clear_error              x_ERR_clear_error
-#define ERR_peek_error               x_ERR_peek_error
 #define ERR_peek_error               x_ERR_peek_error
 #define SSL_CTX_callback_ctrl        x_SSL_CTX_callback_ctrl
 #define SSL_CTX_check_private_key    x_SSL_CTX_check_private_key
 #define SSL_CTX_ctrl                 x_SSL_CTX_ctrl
 #define SSL_CTX_free                 x_SSL_CTX_free
 #define SSL_CTX_new                  x_SSL_CTX_new
+#define SSL_CTX_set_cipher_list      x_SSL_CTX_set_cipher_list
+#define SSL_CTX_set_info_callback    x_SSL_CTX_set_info_callback
 #define SSL_CTX_use_PrivateKey_file  x_SSL_CTX_use_PrivateKey_file
 #define SSL_CTX_use_PrivateKey_ASN1  x_SSL_CTX_use_PrivateKey_ASN1
 #define SSL_CTX_use_certificate_file x_SSL_CTX_use_certificate_file
@@ -151,10 +169,13 @@ extern void    (*x_X509_free)(X509 *a);
 #define SSLv23_server_method         x_SSLv23_server_method
 #define d2i_X509                     x_d2i_X509
 #define X509_free                    x_X509_free
+#define sk_zero                      x_sk_zero
+#define SSL_COMP_get_compression_methods    x_SSL_COMP_get_compression_methods
 
 #undef  BIO_set_buffer_read_data
 #undef  SSL_CTX_set_tlsext_servername_arg
 #undef  SSL_CTX_set_tlsext_servername_callback
+#undef  SSL_CTX_set_tmp_ecdh
 #undef  SSL_get_app_data
 #undef  SSL_set_app_data
 #undef  SSL_set_mode
@@ -169,6 +190,9 @@ extern void    (*x_X509_free)(X509 *a);
                                  (x_SSL_CTX_callback_ctrl(ctx,                \
                                            SSL_CTRL_SET_TLSEXT_SERVERNAME_CB, \
                                            (void (*)(void))cb))
+#define SSL_CTX_set_tmp_ecdh(ctx, ecdh)                                       \
+                                 (x_SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TMP_ECDH,  \
+                                                 0, (char *)ecdh))
 #define SSL_get_app_data(s)      (x_SSL_get_ex_data(s, 0))
 #define SSL_set_app_data(s, arg) (x_SSL_set_ex_data(s, 0, (char *)arg))
 #define SSL_set_mode(ssl, op)    (x_SSL_ctrl((ssl), SSL_CTRL_MODE, (op), NULL))
@@ -176,9 +200,11 @@ extern void    (*x_X509_free)(X509 *a);
 
 struct SSLSupport {
   int         enabled;
+  int         force;
   SSL_CTX     *sslContext;
   char        *sniCertificatePattern;
   int         generateMissing;
+  int         renegotiationCount;
   struct Trie sniContexts;
 };
 
@@ -191,6 +217,7 @@ void sslSetCertificate(struct SSLSupport *ssl, const char *filename,
                        int autoGenerateMissing);
 void sslSetCertificateFd(struct SSLSupport *ssl, int fd);
 int  sslEnable(struct SSLSupport *ssl, int enabled);
+int  sslForce(struct SSLSupport *ssl, int force);
 void sslBlockSigPipe();
 int  sslUnblockSigPipe();
 int  sslPromoteToSSL(struct SSLSupport *ssl, SSL **sslHndl, int fd,

libhttp/url.c

@@ -82,10 +82,10 @@ static char *urlUnescape(char *s) {
           ch    = (ch << 4) + c2 - (c2 > '9' ? 'A' - 10 : '0');
           ++u;
         } else if (!warned++) {
-          warn("Malformed URL encoded data \"%s\"", r);
+          warn("[http] Malformed URL encoded data \"%s\"!", r);
         }
       } else if (!warned++) {
-        warn("Malformed URL encoded data \"%s\"", r);
+        warn("[http] Malformed URL encoded data \"%s\"!", r);
       }
     }
     *s++        = ch;
@@ -113,7 +113,7 @@ static char *urlMakeString(const char *buf, int len) {
   }
 }
 
-static void urlParseQueryString(struct URL *url, const char *query, int len) {
+static void urlParseQueryString(struct HashMap *hashmap, const char *query, int len) {
   const char *key   = query;
   const char *value = NULL;
   for (const char *ampersand = query; len-- >= 0; ampersand++) {
@@ -131,7 +131,7 @@ static void urlParseQueryString(struct URL *url, const char *query, int len) {
           v         = urlMakeString(value, vl);
           urlUnescape(v);
         }
-        addToHashMap(&url->args, k, v);
+        addToHashMap(hashmap, k, v);
       }
       key           = ampersand + 1;
       value         = NULL;
@@ -275,7 +275,7 @@ static void urlParsePostBody(struct URL *url,
   const char *ctHeader     = getFromHashMap(&http->header, "content-type");
   urlParseHeaderLine(&contentType, ctHeader, ctHeader ? strlen(ctHeader) : 0);
   if (getRefFromHashMap(&contentType, "application/x-www-form-urlencoded")) {
-    urlParseQueryString(url, buf, len);
+    urlParseQueryString(&url->args, buf, len);
   } else if (getRefFromHashMap(&contentType, "multipart/form-data")) {
     const char *boundary   = getFromHashMap(&contentType, "boundary");
     if (boundary && *boundary) {
@@ -297,7 +297,7 @@ static void urlParsePostBody(struct URL *url,
                 urlParsePart(url, lastPart, ptr - lastPart);
               } else {
                 if (ptr != buf) {
-                  info("Ignoring prologue before \"multipart/form-data\"");
+                  info("[http] Ignoring prologue before \"multipart/form-data\"!");
                 }
               }
               lastPart     = part;
@@ -307,18 +307,18 @@ static void urlParsePostBody(struct URL *url,
               urlParsePart(url, lastPart, ptr - lastPart);
               lastPart     = NULL;
               if (len > 0) {
-                info("Ignoring epilogue past end of \"multipart/"
-                     "form-data\"");
+                info("[http] Ignoring epilogue past end of \"multipart/"
+				     "form-data\"!");
               }
             }
           }
         }
       }
       if (lastPart) {
-        warn("Missing final \"boundary\" for \"multipart/form-data\"");
+        warn("[http] Missing final \"boundary\" for \"multipart/form-data\"!");
       }
     } else {
-      warn("Missing \"boundary\" information for \"multipart/form-data\"");
+      warn("[http] Missing \"boundary\" information for \"multipart/form-data\"!");
     }
   }
   destroyHashMap(&contentType);
@@ -346,7 +346,8 @@ void initURL(struct URL *url, const struct HttpConnection *http,
   url->url                   = NULL;
   initHashMap(&url->args, urlDestroyHashMapEntry, NULL);
   if (!strcmp(http->method, "GET")) {
-    urlParseQueryString(url, url->query, strlen(url->query));
+    check(url->query);
+    urlParseQueryString(&url->args, url->query, strlen(url->query));
   } else if (!strcmp(http->method, "POST")) {
     urlParsePostBody(url, http, buf, len);
   }
@@ -428,3 +429,9 @@ const char *urlGetURL(struct URL *url) {
 const struct HashMap *urlGetArgs(struct URL *url) {
   return &url->args;
 }
+
+struct HashMap *urlParseQuery(const char *buf, int len) {
+  struct HashMap *hashmap = newHashMap(urlDestroyHashMapEntry, NULL);
+  urlParseQueryString(hashmap, buf, len);
+  return hashmap;
+}

libhttp/url.h

@@ -83,4 +83,6 @@ const char *urlGetAnchor(struct URL *url);
 const char *urlGetURL(struct URL *url);
 const struct HashMap *urlGetArgs(struct URL *url);
 
+struct HashMap *urlParseQuery(const char *buf, int len);
+
 #endif /* URL_H__ */

logging/logging.c

@@ -52,6 +52,19 @@
 
 #include "logging/logging.h"
 
+#ifdef HAVE_SYSLOG_H
+# include <syslog.h>
+# ifndef HAVE_VSYSLOG
+static void vsyslog(int priority, const char *fmt, va_list ap) {
+  char *s = vStringPrintf(NULL, fmt, ap);
+  if (s) {
+    syslog(priority, "%s", s);
+    free(s);
+  }
+}
+# endif
+#endif
+
 static int verbosity = MSG_DEFAULT;
 
 static void debugMsg(int level, const char *fmt, va_list ap) {
@@ -86,6 +99,13 @@ void error(const char *fmt, ...) {
   va_list ap;
   va_start(ap, fmt);
   debugMsg(MSG_ERROR, fmt, ap);
+#ifdef HAVE_SYSLOG_H
+  va_list apSyslog;
+  va_copy(apSyslog, ap);
+  va_start(apSyslog, fmt);
+  vsyslog(LOG_ERR, fmt, apSyslog);
+  va_end(apSyslog);
+#endif
   va_end(ap);
 }
 
@@ -100,6 +120,14 @@ void fatal(const char *fmt, ...) {
   va_list ap;
   va_start(ap, fmt);
   debugMsg(MSG_QUIET, fmt, ap);
+#ifdef HAVE_SYSLOG_H
+  va_list apSyslog;
+  va_copy(apSyslog, ap);
+  va_start(apSyslog, fmt);
+  vsyslog(LOG_CRIT, fmt, apSyslog);
+  va_end(apSyslog);
+  syslog(LOG_CRIT, "[server] Aborting...");
+#endif
   va_end(ap);
   _exit(1);
 }
@@ -191,4 +219,3 @@ char *stringPrintfUnchecked(char *buf, const char *fmt, ...)
   return s;
 }
 #endif
-

m4/.gitignore

@@ -0,0 +1,3 @@
+# This directory is used by autotools, so we ignore all files except this one.
+*
+!.gitignore

misc/embedded.html

@@ -0,0 +1,237 @@
+<!DOCTYPE HTML>
+<!--
+
+	##
+	# Example page with embedded Shell In A Box.
+	#
+
+	On this page we can see how Shell In A Box can be embedded in another page and
+	how can we comunicate with it.
+
+	##
+	# Server Side
+	#
+
+	For communication with Shell In A Box we need to set '-m' (messages-origin)
+	command line option with appropriate messages origin. Origin should be set to
+	URL of parent (this) window. If origin is set to '*' Shell In A Box won't check
+	origin on received messages. This is usually unsafe option.
+
+	Command line example:
+
+		shellinaboxd -p 4200 -m 'https://192.168.1.150'
+
+	##
+	# Client Side
+	#
+
+	Shell In A Box accepts messages formatted as JSON strings with 'type' and 'data'
+	fields. Messages with same format can be passed back to parent (this) window.
+
+	Message example:
+
+		var message = JSON.stringify({
+			type : "message type",
+			data : "additional data"
+		});
+
+	Messages are passed with function postMessage() and are received in "message"
+	events.
+
+	Following types of message can be sent to shellinabox:
+
+	* input
+		writes content of data field to terminal
+
+	* output
+		enables passing of output to parent window (data field must be set
+		to enable, disable or toggle)
+
+	* session
+		request sessions status
+
+	* onsessionchange
+		enables passing session status to parent window (data field must be
+		set to enable, disable or toggle)
+
+	* reconnect
+		reconnects the terminal
+
+	Following types of messages can be received from shellinabox:
+
+	* ready
+		signals that shellinabox is ready to send and receive messages
+
+	* output
+		data field contains terminal output
+
+	* session
+		data field contains session status (alive or closed)
+
+	Example for passing command to Shell In A Box frame:
+
+		iframe.contentWindow.postMessage(JSON.stringify({
+			type : "input",
+			data : "ls -l\n"
+		}), "https://192.168.1.150:4200");
+
+	Please note that message passing and JSON operations are only supported on moderen
+	browsers.
+
+	##
+	# Info
+	#
+
+	For working examples please see HTML and JS code bellow...
+
+	For more info and browser limitations on iframe message passing please check:
+	https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage
+
+-->
+<html>
+<head>
+	<style>
+		p {
+			font-size:	1.1em;
+		}
+		#shell, #output {
+			width:		640px;
+			height:		300px;
+			margin: 	20px 10px;
+		}
+		#output {
+			overflow:	scroll;
+			border:		2px solid #999;
+		}
+	</style>
+</head>
+<body>
+
+	<h3>
+		Embedded Shell In A Box example page.
+	</h3>
+
+	<p>Controls:</p>
+	<div>
+		<input type="text"   id="input"></input>
+		<input type="button" id="execute" value="Execute"></input>
+		<input type="button" id="output-enable"  value="Output Enable"></input>
+		<input type="button" id="output-disable" value="Output Disable"></input>
+		<input type="button" id="reconnect" value="Reconnect"></input>
+		<input type="button" id="session-reload" value="Session Status"></input>
+		<input type="button" id="session-toggle" value="Session Status Toggle"></input>
+	</div>
+
+	<p id="session">Session status: ???</p>
+
+	<!--
+		Embedded shellinabox. In our case src attribute will be added with help
+		of JS. -->
+	<iframe id="shell" src=""></iframe>
+
+	<!-- Ouput -->
+	<p>Terminal output:</p>
+	<pre id="output"></pre>
+
+	<script>
+
+		// Shellinabox url
+		var url = "https://192.168.1.150:4200";
+
+		var input   = document.getElementById("input");
+		var iframe  = document.getElementById("shell");
+		var output  = document.getElementById("output");
+		var session = document.getElementById("session");
+
+		document.getElementById("execute").addEventListener("click", function() {
+			// Send input to shellinabox
+			var message = JSON.stringify({
+				type : 'input',
+				data : input.value + '\n'
+			});
+			iframe.contentWindow.postMessage(message, url);
+		});
+
+		document.getElementById("output-enable").addEventListener("click", function() {
+			// Enable output replay from shellinabox iframe
+			var message = JSON.stringify({
+				type : 'output',
+				data : 'enable'
+			});
+			iframe.contentWindow.postMessage(message, url);
+		});
+
+		document.getElementById("output-disable").addEventListener("click", function() {
+			// Disable output replay from shellinabox iframe
+			var message = JSON.stringify({
+				type : 'output',
+				data : 'disable'
+			});
+			iframe.contentWindow.postMessage(message, url);
+			// Clear output window
+			output.innerHTML = '';
+		});
+
+		document.getElementById("session-reload").addEventListener("click", function() {
+			// Request shellianbox session status
+			var message = JSON.stringify({
+				type : 'session'
+			});
+			iframe.contentWindow.postMessage(message, url);
+		});
+
+		document.getElementById("session-toggle").addEventListener("click", function() {
+			// Toggles shellinabox session status reporting
+			var message = JSON.stringify({
+				type : 'onsessionchange',
+				data : 'toggle'
+			});
+			iframe.contentWindow.postMessage(message, url);
+		});
+
+		document.getElementById("reconnect").addEventListener("click", function() {
+			// Request shellianbox session status
+			var message = JSON.stringify({
+				type : 'reconnect'
+			});
+			iframe.contentWindow.postMessage(message, url);
+		});
+
+		// Receive response from shellinabox
+		window.addEventListener("message", function(message) {
+
+			// Allow messages only from shellinabox
+			if (message.origin !== url) {
+				return;
+			}
+
+			// Handle response according to response type
+			var decoded = JSON.parse(message.data);
+			switch (decoded.type) {
+			case "ready":
+				// Shellinabox is ready to communicate and we will enable console output
+				// by default.
+				var message = JSON.stringify({
+					type : 'output',
+					data : 'enable'
+				});
+				iframe.contentWindow.postMessage(message, url);
+				break;
+			case "output" :
+				// Append new output
+				output.innerHTML = output.innerHTML + decoded.data;
+				break;
+			case "session" :
+				// Reload session status
+				session.innerHTML = 'Session status: ' + decoded.data;
+				break;
+			}
+		}, false);
+
+		// Add url to our iframe after the event listener is installed.
+		iframe.src = url;
+
+	</script>
+
+</body>
+</html>

missing

@@ -1,367 +0,0 @@
-#! /bin/sh
-# Common stub for a few missing GNU programs while installing.
-
-scriptversion=2006-05-10.23
-
-# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006
-#   Free Software Foundation, Inc.
-# Originally by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996.
-
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2, or (at your option)
-# any later version.
-
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-# 02110-1301, USA.
-
-# As a special exception to the GNU General Public License, if you
-# distribute this file as part of a program that contains a
-# configuration script generated by Autoconf, you may include it under
-# the same distribution terms that you use for the rest of that program.
-
-if test $# -eq 0; then
-  echo 1>&2 "Try \`$0 --help' for more information"
-  exit 1
-fi
-
-run=:
-sed_output='s/.* --output[ =]\([^ ]*\).*/\1/p'
-sed_minuso='s/.* -o \([^ ]*\).*/\1/p'
-
-# In the cases where this matters, `missing' is being run in the
-# srcdir already.
-if test -f configure.ac; then
-  configure_ac=configure.ac
-else
-  configure_ac=configure.in
-fi
-
-msg="missing on your system"
-
-case $1 in
---run)
-  # Try to run requested program, and just exit if it succeeds.
-  run=
-  shift
-  "$@" && exit 0
-  # Exit code 63 means version mismatch.  This often happens
-  # when the user try to use an ancient version of a tool on
-  # a file that requires a minimum version.  In this case we
-  # we should proceed has if the program had been absent, or
-  # if --run hadn't been passed.
-  if test $? = 63; then
-    run=:
-    msg="probably too old"
-  fi
-  ;;
-
-  -h|--h|--he|--hel|--help)
-    echo "\
-$0 [OPTION]... PROGRAM [ARGUMENT]...
-
-Handle \`PROGRAM [ARGUMENT]...' for when PROGRAM is missing, or return an
-error status if there is no known handling for PROGRAM.
-
-Options:
-  -h, --help      display this help and exit
-  -v, --version   output version information and exit
-  --run           try to run the given command, and emulate it if it fails
-
-Supported PROGRAM values:
-  aclocal      touch file \`aclocal.m4'
-  autoconf     touch file \`configure'
-  autoheader   touch file \`config.h.in'
-  autom4te     touch the output file, or create a stub one
-  automake     touch all \`Makefile.in' files
-  bison        create \`y.tab.[ch]', if possible, from existing .[ch]
-  flex         create \`lex.yy.c', if possible, from existing .c
-  help2man     touch the output file
-  lex          create \`lex.yy.c', if possible, from existing .c
-  makeinfo     touch the output file
-  tar          try tar, gnutar, gtar, then tar without non-portable flags
-  yacc         create \`y.tab.[ch]', if possible, from existing .[ch]
-
-Send bug reports to <bug-automake@gnu.org>."
-    exit $?
-    ;;
-
-  -v|--v|--ve|--ver|--vers|--versi|--versio|--version)
-    echo "missing $scriptversion (GNU Automake)"
-    exit $?
-    ;;
-
-  -*)
-    echo 1>&2 "$0: Unknown \`$1' option"
-    echo 1>&2 "Try \`$0 --help' for more information"
-    exit 1
-    ;;
-
-esac
-
-# Now exit if we have it, but it failed.  Also exit now if we
-# don't have it and --version was passed (most likely to detect
-# the program).
-case $1 in
-  lex|yacc)
-    # Not GNU programs, they don't have --version.
-    ;;
-
-  tar)
-    if test -n "$run"; then
-       echo 1>&2 "ERROR: \`tar' requires --run"
-       exit 1
-    elif test "x$2" = "x--version" || test "x$2" = "x--help"; then
-       exit 1
-    fi
-    ;;
-
-  *)
-    if test -z "$run" && ($1 --version) > /dev/null 2>&1; then
-       # We have it, but it failed.
-       exit 1
-    elif test "x$2" = "x--version" || test "x$2" = "x--help"; then
-       # Could not run --version or --help.  This is probably someone
-       # running `$TOOL --version' or `$TOOL --help' to check whether
-       # $TOOL exists and not knowing $TOOL uses missing.
-       exit 1
-    fi
-    ;;
-esac
-
-# If it does not exist, or fails to run (possibly an outdated version),
-# try to emulate it.
-case $1 in
-  aclocal*)
-    echo 1>&2 "\
-WARNING: \`$1' is $msg.  You should only need it if
-         you modified \`acinclude.m4' or \`${configure_ac}'.  You might want
-         to install the \`Automake' and \`Perl' packages.  Grab them from
-         any GNU archive site."
-    touch aclocal.m4
-    ;;
-
-  autoconf)
-    echo 1>&2 "\
-WARNING: \`$1' is $msg.  You should only need it if
-         you modified \`${configure_ac}'.  You might want to install the
-         \`Autoconf' and \`GNU m4' packages.  Grab them from any GNU
-         archive site."
-    touch configure
-    ;;
-
-  autoheader)
-    echo 1>&2 "\
-WARNING: \`$1' is $msg.  You should only need it if
-         you modified \`acconfig.h' or \`${configure_ac}'.  You might want
-         to install the \`Autoconf' and \`GNU m4' packages.  Grab them
-         from any GNU archive site."
-    files=`sed -n 's/^[ ]*A[CM]_CONFIG_HEADER(\([^)]*\)).*/\1/p' ${configure_ac}`
-    test -z "$files" && files="config.h"
-    touch_files=
-    for f in $files; do
-      case $f in
-      *:*) touch_files="$touch_files "`echo "$f" |
-				       sed -e 's/^[^:]*://' -e 's/:.*//'`;;
-      *) touch_files="$touch_files $f.in";;
-      esac
-    done
-    touch $touch_files
-    ;;
-
-  automake*)
-    echo 1>&2 "\
-WARNING: \`$1' is $msg.  You should only need it if
-         you modified \`Makefile.am', \`acinclude.m4' or \`${configure_ac}'.
-         You might want to install the \`Automake' and \`Perl' packages.
-         Grab them from any GNU archive site."
-    find . -type f -name Makefile.am -print |
-	   sed 's/\.am$/.in/' |
-	   while read f; do touch "$f"; done
-    ;;
-
-  autom4te)
-    echo 1>&2 "\
-WARNING: \`$1' is needed, but is $msg.
-         You might have modified some files without having the
-         proper tools for further handling them.
-         You can get \`$1' as part of \`Autoconf' from any GNU
-         archive site."
-
-    file=`echo "$*" | sed -n "$sed_output"`
-    test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"`
-    if test -f "$file"; then
-	touch $file
-    else
-	test -z "$file" || exec >$file
-	echo "#! /bin/sh"
-	echo "# Created by GNU Automake missing as a replacement of"
-	echo "#  $ $@"
-	echo "exit 0"
-	chmod +x $file
-	exit 1
-    fi
-    ;;
-
-  bison|yacc)
-    echo 1>&2 "\
-WARNING: \`$1' $msg.  You should only need it if
-         you modified a \`.y' file.  You may need the \`Bison' package
-         in order for those modifications to take effect.  You can get
-         \`Bison' from any GNU archive site."
-    rm -f y.tab.c y.tab.h
-    if test $# -ne 1; then
-        eval LASTARG="\${$#}"
-	case $LASTARG in
-	*.y)
-	    SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'`
-	    if test -f "$SRCFILE"; then
-	         cp "$SRCFILE" y.tab.c
-	    fi
-	    SRCFILE=`echo "$LASTARG" | sed 's/y$/h/'`
-	    if test -f "$SRCFILE"; then
-	         cp "$SRCFILE" y.tab.h
-	    fi
-	  ;;
-	esac
-    fi
-    if test ! -f y.tab.h; then
-	echo >y.tab.h
-    fi
-    if test ! -f y.tab.c; then
-	echo 'main() { return 0; }' >y.tab.c
-    fi
-    ;;
-
-  lex|flex)
-    echo 1>&2 "\
-WARNING: \`$1' is $msg.  You should only need it if
-         you modified a \`.l' file.  You may need the \`Flex' package
-         in order for those modifications to take effect.  You can get
-         \`Flex' from any GNU archive site."
-    rm -f lex.yy.c
-    if test $# -ne 1; then
-        eval LASTARG="\${$#}"
-	case $LASTARG in
-	*.l)
-	    SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'`
-	    if test -f "$SRCFILE"; then
-	         cp "$SRCFILE" lex.yy.c
-	    fi
-	  ;;
-	esac
-    fi
-    if test ! -f lex.yy.c; then
-	echo 'main() { return 0; }' >lex.yy.c
-    fi
-    ;;
-
-  help2man)
-    echo 1>&2 "\
-WARNING: \`$1' is $msg.  You should only need it if
-	 you modified a dependency of a manual page.  You may need the
-	 \`Help2man' package in order for those modifications to take
-	 effect.  You can get \`Help2man' from any GNU archive site."
-
-    file=`echo "$*" | sed -n "$sed_output"`
-    test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"`
-    if test -f "$file"; then
-	touch $file
-    else
-	test -z "$file" || exec >$file
-	echo ".ab help2man is required to generate this page"
-	exit 1
-    fi
-    ;;
-
-  makeinfo)
-    echo 1>&2 "\
-WARNING: \`$1' is $msg.  You should only need it if
-         you modified a \`.texi' or \`.texinfo' file, or any other file
-         indirectly affecting the aspect of the manual.  The spurious
-         call might also be the consequence of using a buggy \`make' (AIX,
-         DU, IRIX).  You might want to install the \`Texinfo' package or
-         the \`GNU make' package.  Grab either from any GNU archive site."
-    # The file to touch is that specified with -o ...
-    file=`echo "$*" | sed -n "$sed_output"`
-    test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"`
-    if test -z "$file"; then
-      # ... or it is the one specified with @setfilename ...
-      infile=`echo "$*" | sed 's/.* \([^ ]*\) *$/\1/'`
-      file=`sed -n '
-	/^@setfilename/{
-	  s/.* \([^ ]*\) *$/\1/
-	  p
-	  q
-	}' $infile`
-      # ... or it is derived from the source name (dir/f.texi becomes f.info)
-      test -z "$file" && file=`echo "$infile" | sed 's,.*/,,;s,.[^.]*$,,'`.info
-    fi
-    # If the file does not exist, the user really needs makeinfo;
-    # let's fail without touching anything.
-    test -f $file || exit 1
-    touch $file
-    ;;
-
-  tar)
-    shift
-
-    # We have already tried tar in the generic part.
-    # Look for gnutar/gtar before invocation to avoid ugly error
-    # messages.
-    if (gnutar --version > /dev/null 2>&1); then
-       gnutar "$@" && exit 0
-    fi
-    if (gtar --version > /dev/null 2>&1); then
-       gtar "$@" && exit 0
-    fi
-    firstarg="$1"
-    if shift; then
-	case $firstarg in
-	*o*)
-	    firstarg=`echo "$firstarg" | sed s/o//`
-	    tar "$firstarg" "$@" && exit 0
-	    ;;
-	esac
-	case $firstarg in
-	*h*)
-	    firstarg=`echo "$firstarg" | sed s/h//`
-	    tar "$firstarg" "$@" && exit 0
-	    ;;
-	esac
-    fi
-
-    echo 1>&2 "\
-WARNING: I can't seem to be able to run \`tar' with the given arguments.
-         You may want to install GNU tar or Free paxutils, or check the
-         command line arguments."
-    exit 1
-    ;;
-
-  *)
-    echo 1>&2 "\
-WARNING: \`$1' is needed, and is $msg.
-         You might have modified some files without having the
-         proper tools for further handling them.  Check the \`README' file,
-         it often tells you about the needed prerequisites for installing
-         this package.  You may also peek at any GNU archive site, in case
-         some other package would contain this missing \`$1' program."
-    exit 1
-    ;;
-esac
-
-exit 0
-
-# Local variables:
-# eval: (add-hook 'write-file-hooks 'time-stamp)
-# time-stamp-start: "scriptversion="
-# time-stamp-format: "%:y-%02m-%02d.%02H"
-# time-stamp-end: "$"
-# End:

sgit

@@ -0,0 +1,22 @@
+#!/bin/bash
+
+set -ex
+
+if [[ "--help" == "${1}" ]]; then
+echo "bash ./sgit user.email commit"
+fi
+
+if [[ -z "${2}" ]]; then
+echo "Bitte email und commit angeben!!!"
+exit 1
+fi
+
+git config --global user.email "${1}"
+git config --global user.name "${1}"
+git status
+git pull
+git add --all
+git commit --all -m "${2}"
+git show
+git push
+git status

shellinabox.service

@@ -0,0 +1,9 @@
+[Unit]
+Description=shellinabox
+
+[Service]
+Type=oneshot
+ExecStart=/opt/shellinabox/shellinaboxd -t --service=/:webssh:webssh:HOME:'/home/webssh/shellinabox_sshwrapper.sh'
+
+[Install]
+WantedBy=multi-user.target

shellinabox/black-on-white.css

@@ -0,0 +1,16 @@
+#vt100 .ansiDefR {
+  color:            #ffffff;
+}
+
+#vt100 .bgAnsiDefR {
+  background-color: #000000;
+}
+
+#vt100 #scrollable.inverted .ansiDefR {
+  color:            #000000;
+}
+
+#vt100 #scrollable.inverted .bgAnsiDefR {
+  background-color: #ffffff;
+}
+

shellinabox/cgi_root.html

@@ -2,26 +2,27 @@
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml" xml:lang="en" lang="en">
   <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
     <!--
     ShellInABox - Make command line applications available as AJAX web applications
     Copyright (C) 2008-2009 Markus Gutschke markus@shellinabox.com
-    
+
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License version 2 as
     published by the Free Software Foundation.
-    
+
     This program is distributed in the hope that it will be useful,
     but WITHOUT ANY WARRANTY; without even the implied warranty of
     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
     GNU General Public License for more details.
-    
+
     You should have received a copy of the GNU General Public License along
     with this program; if not, write to the Free Software Foundation, Inc.,
     51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-    
+
     In addition to these license terms, the author grants the following
     additional rights:
-    
+
     If you modify this program, or any covered work, by linking or
     combining it with the OpenSSL project's OpenSSL library (or a
     modified version of that library), containing parts covered by the
@@ -30,20 +31,20 @@
     Corresponding Source for a non-source form of such a combination
     shall include the source code for the parts of OpenSSL used as well
     as that of the covered work.
-    
+
     You may at your option choose to remove this additional permission from
     the work, or from any part of it.
-    
+
     It is possible to build this program in a way that it loads OpenSSL
     libraries at run-time. If doing so, the following notices are required
     by the OpenSSL and SSLeay licenses:
-    
+
     This product includes software developed by the OpenSSL Project
     for use in the OpenSSL Toolkit. (http://www.openssl.org/)
-    
+
     This product includes cryptographic software written by Eric Young
-    (eay@cryptsoft.com)   
-    
+    (eay@cryptsoft.com)
+
     The most up-to-date version of this program is always available from
     http://shellinabox.com
     -->
@@ -69,7 +70,7 @@
                        '<frame src="' + url + '#' +
                           encodeURIComponent(document.location.href) +
                           ',%s' + '">\n' +
-                     '</frameset>');      
+                     '</frameset>');
     })();
     --></script>
   </head>

shellinabox/color.css

@@ -1,34 +1,527 @@
 /* DEFINES_COLORS */
-#vt100 .ansi0               {                            }
-#vt100 .ansi1               { color:            #cd0000; }
-#vt100 .ansi2               { color:            #00cd00; }
-#vt100 .ansi3               { color:            #cdcd00; }
-#vt100 .ansi4               { color:            #0000ee; }
-#vt100 .ansi5               { color:            #cd00cd; }
-#vt100 .ansi6               { color:            #00cdcd; }
-#vt100 .ansi7               { color:            #e5e5e5; }
-#vt100 .ansi8               { color:            #7f7f7f; }
-#vt100 .ansi9               { color:            #ff0000; }
-#vt100 .ansi10              { color:            #00ff00; }
-#vt100 .ansi11              { color:            #e8e800; }
-#vt100 .ansi12              { color:            #5c5cff; }
-#vt100 .ansi13              { color:            #ff00ff; }
-#vt100 .ansi14              { color:            #00ffff; }
-#vt100 .ansi15              { color:            #ffffff; }
 
-#vt100 .bgAnsi0             { background-color: #000000; }
-#vt100 .bgAnsi1             { background-color: #cd0000; }
-#vt100 .bgAnsi2             { background-color: #00cd00; }
-#vt100 .bgAnsi3             { background-color: #cdcd00; }
-#vt100 .bgAnsi4             { background-color: #0000ee; }
-#vt100 .bgAnsi5             { background-color: #cd00cd; }
-#vt100 .bgAnsi6             { background-color: #00cdcd; }
-#vt100 .bgAnsi7             { background-color: #e5e5e5; }
-#vt100 .bgAnsi8             { background-color: #7f7f7f; }
-#vt100 .bgAnsi9             { background-color: #ff0000; }
-#vt100 .bgAnsi10            { background-color: #00ff00; }
-#vt100 .bgAnsi11            { background-color: #e8e800; }
-#vt100 .bgAnsi12            { background-color: #5c5cff; }
-#vt100 .bgAnsi13            { background-color: #ff00ff; }
-#vt100 .bgAnsi14            { background-color: #00ffff; }
-#vt100 .bgAnsi15            {                            }
+/* SYSTEM colors */
+#vt100 .ansiDef   {                            }
+#vt100 .ansiDefR  {                            }
+
+#vt100 .ansi0     { color:            #000000; }
+#vt100 .ansi1     { color:            #cd0000; }
+#vt100 .ansi2     { color:            #00cd00; }
+#vt100 .ansi3     { color:            #cdcd00; }
+#vt100 .ansi4     { color:            #0000ee; }
+#vt100 .ansi5     { color:            #cd00cd; }
+#vt100 .ansi6     { color:            #00cdcd; }
+#vt100 .ansi7     { color:            #e5e5e5; }
+#vt100 .ansi8     { color:            #7f7f7f; }
+#vt100 .ansi9     { color:            #ff0000; }
+#vt100 .ansi10    { color:            #00ff00; }
+#vt100 .ansi11    { color:            #e8e800; }
+#vt100 .ansi12    { color:            #5c5cff; }
+#vt100 .ansi13    { color:            #ff00ff; }
+#vt100 .ansi14    { color:            #00ffff; }
+#vt100 .ansi15    { color:            #ffffff; }
+
+/* XTERM colors - 256 color mode */
+#vt100 .ansi16    { color:            #000000; }
+#vt100 .ansi17    { color:            #00005f; }
+#vt100 .ansi18    { color:            #000087; }
+#vt100 .ansi19    { color:            #0000af; }
+#vt100 .ansi20    { color:            #0000d7; }
+#vt100 .ansi21    { color:            #0000ff; }
+#vt100 .ansi22    { color:            #005f00; }
+#vt100 .ansi23    { color:            #005f5f; }
+#vt100 .ansi24    { color:            #005f87; }
+#vt100 .ansi25    { color:            #005faf; }
+#vt100 .ansi26    { color:            #005fd7; }
+#vt100 .ansi27    { color:            #005fff; }
+#vt100 .ansi28    { color:            #008700; }
+#vt100 .ansi29    { color:            #00875f; }
+#vt100 .ansi30    { color:            #008787; }
+#vt100 .ansi31    { color:            #0087af; }
+#vt100 .ansi32    { color:            #0087d7; }
+#vt100 .ansi33    { color:            #0087ff; }
+#vt100 .ansi34    { color:            #00af00; }
+#vt100 .ansi35    { color:            #00af5f; }
+#vt100 .ansi36    { color:            #00af87; }
+#vt100 .ansi37    { color:            #00afaf; }
+#vt100 .ansi38    { color:            #00afd7; }
+#vt100 .ansi39    { color:            #00afff; }
+#vt100 .ansi40    { color:            #00d700; }
+#vt100 .ansi41    { color:            #00d75f; }
+#vt100 .ansi42    { color:            #00d787; }
+#vt100 .ansi43    { color:            #00d7af; }
+#vt100 .ansi44    { color:            #00d7d7; }
+#vt100 .ansi45    { color:            #00d7ff; }
+#vt100 .ansi46    { color:            #00ff00; }
+#vt100 .ansi47    { color:            #00ff5f; }
+#vt100 .ansi48    { color:            #00ff87; }
+#vt100 .ansi49    { color:            #00ffaf; }
+#vt100 .ansi50    { color:            #00ffd7; }
+#vt100 .ansi51    { color:            #00ffff; }
+#vt100 .ansi52    { color:            #5f0000; }
+#vt100 .ansi53    { color:            #5f005f; }
+#vt100 .ansi54    { color:            #5f0087; }
+#vt100 .ansi55    { color:            #5f00af; }
+#vt100 .ansi56    { color:            #5f00d7; }
+#vt100 .ansi57    { color:            #5f00ff; }
+#vt100 .ansi58    { color:            #5f5f00; }
+#vt100 .ansi59    { color:            #5f5f5f; }
+#vt100 .ansi60    { color:            #5f5f87; }
+#vt100 .ansi61    { color:            #5f5faf; }
+#vt100 .ansi62    { color:            #5f5fd7; }
+#vt100 .ansi63    { color:            #5f5fff; }
+#vt100 .ansi64    { color:            #5f8700; }
+#vt100 .ansi65    { color:            #5f875f; }
+#vt100 .ansi66    { color:            #5f8787; }
+#vt100 .ansi67    { color:            #5f87af; }
+#vt100 .ansi68    { color:            #5f87d7; }
+#vt100 .ansi69    { color:            #5f87ff; }
+#vt100 .ansi70    { color:            #5faf00; }
+#vt100 .ansi71    { color:            #5faf5f; }
+#vt100 .ansi72    { color:            #5faf87; }
+#vt100 .ansi73    { color:            #5fafaf; }
+#vt100 .ansi74    { color:            #5fafd7; }
+#vt100 .ansi75    { color:            #5fafff; }
+#vt100 .ansi76    { color:            #5fd700; }
+#vt100 .ansi77    { color:            #5fd75f; }
+#vt100 .ansi78    { color:            #5fd787; }
+#vt100 .ansi79    { color:            #5fd7af; }
+#vt100 .ansi80    { color:            #5fd7d7; }
+#vt100 .ansi81    { color:            #5fd7ff; }
+#vt100 .ansi82    { color:            #5fff00; }
+#vt100 .ansi83    { color:            #5fff5f; }
+#vt100 .ansi84    { color:            #5fff87; }
+#vt100 .ansi85    { color:            #5fffaf; }
+#vt100 .ansi86    { color:            #5fffd7; }
+#vt100 .ansi87    { color:            #5fffff; }
+#vt100 .ansi88    { color:            #870000; }
+#vt100 .ansi89    { color:            #87005f; }
+#vt100 .ansi90    { color:            #870087; }
+#vt100 .ansi91    { color:            #8700af; }
+#vt100 .ansi92    { color:            #8700d7; }
+#vt100 .ansi93    { color:            #8700ff; }
+#vt100 .ansi94    { color:            #875f00; }
+#vt100 .ansi95    { color:            #875f5f; }
+#vt100 .ansi96    { color:            #875f87; }
+#vt100 .ansi97    { color:            #875faf; }
+#vt100 .ansi98    { color:            #875fd7; }
+#vt100 .ansi99    { color:            #875fff; }
+#vt100 .ansi100   { color:            #878700; }
+#vt100 .ansi101   { color:            #87875f; }
+#vt100 .ansi102   { color:            #878787; }
+#vt100 .ansi103   { color:            #8787af; }
+#vt100 .ansi104   { color:            #8787d7; }
+#vt100 .ansi105   { color:            #8787ff; }
+#vt100 .ansi106   { color:            #87af00; }
+#vt100 .ansi107   { color:            #87af5f; }
+#vt100 .ansi108   { color:            #87af87; }
+#vt100 .ansi109   { color:            #87afaf; }
+#vt100 .ansi110   { color:            #87afd7; }
+#vt100 .ansi111   { color:            #87afff; }
+#vt100 .ansi112   { color:            #87d700; }
+#vt100 .ansi113   { color:            #87d75f; }
+#vt100 .ansi114   { color:            #87d787; }
+#vt100 .ansi115   { color:            #87d7af; }
+#vt100 .ansi116   { color:            #87d7d7; }
+#vt100 .ansi117   { color:            #87d7ff; }
+#vt100 .ansi118   { color:            #87ff00; }
+#vt100 .ansi119   { color:            #87ff5f; }
+#vt100 .ansi120   { color:            #87ff87; }
+#vt100 .ansi121   { color:            #87ffaf; }
+#vt100 .ansi122   { color:            #87ffd7; }
+#vt100 .ansi123   { color:            #87ffff; }
+#vt100 .ansi124   { color:            #af0000; }
+#vt100 .ansi125   { color:            #af005f; }
+#vt100 .ansi126   { color:            #af0087; }
+#vt100 .ansi127   { color:            #af00af; }
+#vt100 .ansi128   { color:            #af00d7; }
+#vt100 .ansi129   { color:            #af00ff; }
+#vt100 .ansi130   { color:            #af5f00; }
+#vt100 .ansi131   { color:            #af5f5f; }
+#vt100 .ansi132   { color:            #af5f87; }
+#vt100 .ansi133   { color:            #af5faf; }
+#vt100 .ansi134   { color:            #af5fd7; }
+#vt100 .ansi135   { color:            #af5fff; }
+#vt100 .ansi136   { color:            #af8700; }
+#vt100 .ansi137   { color:            #af875f; }
+#vt100 .ansi138   { color:            #af8787; }
+#vt100 .ansi139   { color:            #af87af; }
+#vt100 .ansi140   { color:            #af87d7; }
+#vt100 .ansi141   { color:            #af87ff; }
+#vt100 .ansi142   { color:            #afaf00; }
+#vt100 .ansi143   { color:            #afaf5f; }
+#vt100 .ansi144   { color:            #afaf87; }
+#vt100 .ansi145   { color:            #afafaf; }
+#vt100 .ansi146   { color:            #afafd7; }
+#vt100 .ansi147   { color:            #afafff; }
+#vt100 .ansi148   { color:            #afd700; }
+#vt100 .ansi149   { color:            #afd75f; }
+#vt100 .ansi150   { color:            #afd787; }
+#vt100 .ansi151   { color:            #afd7af; }
+#vt100 .ansi152   { color:            #afd7d7; }
+#vt100 .ansi153   { color:            #afd7ff; }
+#vt100 .ansi154   { color:            #afff00; }
+#vt100 .ansi155   { color:            #afff5f; }
+#vt100 .ansi156   { color:            #afff87; }
+#vt100 .ansi157   { color:            #afffaf; }
+#vt100 .ansi158   { color:            #afffd7; }
+#vt100 .ansi159   { color:            #afffff; }
+#vt100 .ansi160   { color:            #d70000; }
+#vt100 .ansi161   { color:            #d7005f; }
+#vt100 .ansi162   { color:            #d70087; }
+#vt100 .ansi163   { color:            #d700af; }
+#vt100 .ansi164   { color:            #d700d7; }
+#vt100 .ansi165   { color:            #d700ff; }
+#vt100 .ansi166   { color:            #d75f00; }
+#vt100 .ansi167   { color:            #d75f5f; }
+#vt100 .ansi168   { color:            #d75f87; }
+#vt100 .ansi169   { color:            #d75faf; }
+#vt100 .ansi170   { color:            #d75fd7; }
+#vt100 .ansi171   { color:            #d75fff; }
+#vt100 .ansi172   { color:            #d78700; }
+#vt100 .ansi173   { color:            #d7875f; }
+#vt100 .ansi174   { color:            #d78787; }
+#vt100 .ansi175   { color:            #d787af; }
+#vt100 .ansi176   { color:            #d787d7; }
+#vt100 .ansi177   { color:            #d787ff; }
+#vt100 .ansi178   { color:            #d7af00; }
+#vt100 .ansi179   { color:            #d7af5f; }
+#vt100 .ansi180   { color:            #d7af87; }
+#vt100 .ansi181   { color:            #d7afaf; }
+#vt100 .ansi182   { color:            #d7afd7; }
+#vt100 .ansi183   { color:            #d7afff; }
+#vt100 .ansi184   { color:            #d7d700; }
+#vt100 .ansi185   { color:            #d7d75f; }
+#vt100 .ansi186   { color:            #d7d787; }
+#vt100 .ansi187   { color:            #d7d7af; }
+#vt100 .ansi188   { color:            #d7d7d7; }
+#vt100 .ansi189   { color:            #d7d7ff; }
+#vt100 .ansi190   { color:            #d7ff00; }
+#vt100 .ansi191   { color:            #d7ff5f; }
+#vt100 .ansi192   { color:            #d7ff87; }
+#vt100 .ansi193   { color:            #d7ffaf; }
+#vt100 .ansi194   { color:            #d7ffd7; }
+#vt100 .ansi195   { color:            #d7ffff; }
+#vt100 .ansi196   { color:            #ff0000; }
+#vt100 .ansi197   { color:            #ff005f; }
+#vt100 .ansi198   { color:            #ff0087; }
+#vt100 .ansi199   { color:            #ff00af; }
+#vt100 .ansi200   { color:            #ff00d7; }
+#vt100 .ansi201   { color:            #ff00ff; }
+#vt100 .ansi202   { color:            #ff5f00; }
+#vt100 .ansi203   { color:            #ff5f5f; }
+#vt100 .ansi204   { color:            #ff5f87; }
+#vt100 .ansi205   { color:            #ff5faf; }
+#vt100 .ansi206   { color:            #ff5fd7; }
+#vt100 .ansi207   { color:            #ff5fff; }
+#vt100 .ansi208   { color:            #ff8700; }
+#vt100 .ansi209   { color:            #ff875f; }
+#vt100 .ansi210   { color:            #ff8787; }
+#vt100 .ansi211   { color:            #ff87af; }
+#vt100 .ansi212   { color:            #ff87d7; }
+#vt100 .ansi213   { color:            #ff87ff; }
+#vt100 .ansi214   { color:            #ffaf00; }
+#vt100 .ansi215   { color:            #ffaf5f; }
+#vt100 .ansi216   { color:            #ffaf87; }
+#vt100 .ansi217   { color:            #ffafaf; }
+#vt100 .ansi218   { color:            #ffafd7; }
+#vt100 .ansi219   { color:            #ffafff; }
+#vt100 .ansi220   { color:            #ffd700; }
+#vt100 .ansi221   { color:            #ffd75f; }
+#vt100 .ansi222   { color:            #ffd787; }
+#vt100 .ansi223   { color:            #ffd7af; }
+#vt100 .ansi224   { color:            #ffd7d7; }
+#vt100 .ansi225   { color:            #ffd7ff; }
+#vt100 .ansi226   { color:            #ffff00; }
+#vt100 .ansi227   { color:            #ffff5f; }
+#vt100 .ansi228   { color:            #ffff87; }
+#vt100 .ansi229   { color:            #ffffaf; }
+#vt100 .ansi230   { color:            #ffffd7; }
+#vt100 .ansi231   { color:            #ffffff; }
+#vt100 .ansi232   { color:            #080808; }
+#vt100 .ansi233   { color:            #121212; }
+#vt100 .ansi234   { color:            #1c1c1c; }
+#vt100 .ansi235   { color:            #262626; }
+#vt100 .ansi236   { color:            #303030; }
+#vt100 .ansi237   { color:            #3a3a3a; }
+#vt100 .ansi238   { color:            #444444; }
+#vt100 .ansi239   { color:            #4e4e4e; }
+#vt100 .ansi240   { color:            #585858; }
+#vt100 .ansi241   { color:            #626262; }
+#vt100 .ansi242   { color:            #6c6c6c; }
+#vt100 .ansi243   { color:            #767676; }
+#vt100 .ansi244   { color:            #808080; }
+#vt100 .ansi245   { color:            #8a8a8a; }
+#vt100 .ansi246   { color:            #949494; }
+#vt100 .ansi247   { color:            #9e9e9e; }
+#vt100 .ansi248   { color:            #a8a8a8; }
+#vt100 .ansi249   { color:            #b2b2b2; }
+#vt100 .ansi250   { color:            #bcbcbc; }
+#vt100 .ansi251   { color:            #c6c6c6; }
+#vt100 .ansi252   { color:            #d0d0d0; }
+#vt100 .ansi253   { color:            #dadada; }
+#vt100 .ansi254   { color:            #e4e4e4; }
+#vt100 .ansi255   { color:            #eeeeee; }
+
+/* SYSTEM colors */
+#vt100 .bgAnsiDef {                            }
+#vt100 .bgAnsiDefR {                            }
+
+#vt100 .bgAnsi0   { background-color: #000000; }
+#vt100 .bgAnsi1   { background-color: #cd0000; }
+#vt100 .bgAnsi2   { background-color: #00cd00; }
+#vt100 .bgAnsi3   { background-color: #cdcd00; }
+#vt100 .bgAnsi4   { background-color: #0000ee; }
+#vt100 .bgAnsi5   { background-color: #cd00cd; }
+#vt100 .bgAnsi6   { background-color: #00cdcd; }
+#vt100 .bgAnsi7   { background-color: #e5e5e5; }
+#vt100 .bgAnsi8   { background-color: #7f7f7f; }
+#vt100 .bgAnsi9   { background-color: #ff0000; }
+#vt100 .bgAnsi10  { background-color: #00ff00; }
+#vt100 .bgAnsi11  { background-color: #e8e800; }
+#vt100 .bgAnsi12  { background-color: #5c5cff; }
+#vt100 .bgAnsi13  { background-color: #ff00ff; }
+#vt100 .bgAnsi14  { background-color: #00ffff; }
+#vt100 .bgAnsi15  { background-color: #ffffff; }
+
+/* XTERM colors - 256 color mode */
+#vt100 .bgAnsi16  { background-color: #000000; }
+#vt100 .bgAnsi17  { background-color: #00005f; }
+#vt100 .bgAnsi18  { background-color: #000087; }
+#vt100 .bgAnsi19  { background-color: #0000af; }
+#vt100 .bgAnsi20  { background-color: #0000d7; }
+#vt100 .bgAnsi21  { background-color: #0000ff; }
+#vt100 .bgAnsi22  { background-color: #005f00; }
+#vt100 .bgAnsi23  { background-color: #005f5f; }
+#vt100 .bgAnsi24  { background-color: #005f87; }
+#vt100 .bgAnsi25  { background-color: #005faf; }
+#vt100 .bgAnsi26  { background-color: #005fd7; }
+#vt100 .bgAnsi27  { background-color: #005fff; }
+#vt100 .bgAnsi28  { background-color: #008700; }
+#vt100 .bgAnsi29  { background-color: #00875f; }
+#vt100 .bgAnsi30  { background-color: #008787; }
+#vt100 .bgAnsi31  { background-color: #0087af; }
+#vt100 .bgAnsi32  { background-color: #0087d7; }
+#vt100 .bgAnsi33  { background-color: #0087ff; }
+#vt100 .bgAnsi34  { background-color: #00af00; }
+#vt100 .bgAnsi35  { background-color: #00af5f; }
+#vt100 .bgAnsi36  { background-color: #00af87; }
+#vt100 .bgAnsi37  { background-color: #00afaf; }
+#vt100 .bgAnsi38  { background-color: #00afd7; }
+#vt100 .bgAnsi39  { background-color: #00afff; }
+#vt100 .bgAnsi40  { background-color: #00d700; }
+#vt100 .bgAnsi41  { background-color: #00d75f; }
+#vt100 .bgAnsi42  { background-color: #00d787; }
+#vt100 .bgAnsi43  { background-color: #00d7af; }
+#vt100 .bgAnsi44  { background-color: #00d7d7; }
+#vt100 .bgAnsi45  { background-color: #00d7ff; }
+#vt100 .bgAnsi46  { background-color: #00ff00; }
+#vt100 .bgAnsi47  { background-color: #00ff5f; }
+#vt100 .bgAnsi48  { background-color: #00ff87; }
+#vt100 .bgAnsi49  { background-color: #00ffaf; }
+#vt100 .bgAnsi50  { background-color: #00ffd7; }
+#vt100 .bgAnsi51  { background-color: #00ffff; }
+#vt100 .bgAnsi52  { background-color: #5f0000; }
+#vt100 .bgAnsi53  { background-color: #5f005f; }
+#vt100 .bgAnsi54  { background-color: #5f0087; }
+#vt100 .bgAnsi55  { background-color: #5f00af; }
+#vt100 .bgAnsi56  { background-color: #5f00d7; }
+#vt100 .bgAnsi57  { background-color: #5f00ff; }
+#vt100 .bgAnsi58  { background-color: #5f5f00; }
+#vt100 .bgAnsi59  { background-color: #5f5f5f; }
+#vt100 .bgAnsi60  { background-color: #5f5f87; }
+#vt100 .bgAnsi61  { background-color: #5f5faf; }
+#vt100 .bgAnsi62  { background-color: #5f5fd7; }
+#vt100 .bgAnsi63  { background-color: #5f5fff; }
+#vt100 .bgAnsi64  { background-color: #5f8700; }
+#vt100 .bgAnsi65  { background-color: #5f875f; }
+#vt100 .bgAnsi66  { background-color: #5f8787; }
+#vt100 .bgAnsi67  { background-color: #5f87af; }
+#vt100 .bgAnsi68  { background-color: #5f87d7; }
+#vt100 .bgAnsi69  { background-color: #5f87ff; }
+#vt100 .bgAnsi70  { background-color: #5faf00; }
+#vt100 .bgAnsi71  { background-color: #5faf5f; }
+#vt100 .bgAnsi72  { background-color: #5faf87; }
+#vt100 .bgAnsi73  { background-color: #5fafaf; }
+#vt100 .bgAnsi74  { background-color: #5fafd7; }
+#vt100 .bgAnsi75  { background-color: #5fafff; }
+#vt100 .bgAnsi76  { background-color: #5fd700; }
+#vt100 .bgAnsi77  { background-color: #5fd75f; }
+#vt100 .bgAnsi78  { background-color: #5fd787; }
+#vt100 .bgAnsi79  { background-color: #5fd7af; }
+#vt100 .bgAnsi80  { background-color: #5fd7d7; }
+#vt100 .bgAnsi81  { background-color: #5fd7ff; }
+#vt100 .bgAnsi82  { background-color: #5fff00; }
+#vt100 .bgAnsi83  { background-color: #5fff5f; }
+#vt100 .bgAnsi84  { background-color: #5fff87; }
+#vt100 .bgAnsi85  { background-color: #5fffaf; }
+#vt100 .bgAnsi86  { background-color: #5fffd7; }
+#vt100 .bgAnsi87  { background-color: #5fffff; }
+#vt100 .bgAnsi88  { background-color: #870000; }
+#vt100 .bgAnsi89  { background-color: #87005f; }
+#vt100 .bgAnsi90  { background-color: #870087; }
+#vt100 .bgAnsi91  { background-color: #8700af; }
+#vt100 .bgAnsi92  { background-color: #8700d7; }
+#vt100 .bgAnsi93  { background-color: #8700ff; }
+#vt100 .bgAnsi94  { background-color: #875f00; }
+#vt100 .bgAnsi95  { background-color: #875f5f; }
+#vt100 .bgAnsi96  { background-color: #875f87; }
+#vt100 .bgAnsi97  { background-color: #875faf; }
+#vt100 .bgAnsi98  { background-color: #875fd7; }
+#vt100 .bgAnsi99  { background-color: #875fff; }
+#vt100 .bgAnsi100 { background-color: #878700; }
+#vt100 .bgAnsi101 { background-color: #87875f; }
+#vt100 .bgAnsi102 { background-color: #878787; }
+#vt100 .bgAnsi103 { background-color: #8787af; }
+#vt100 .bgAnsi104 { background-color: #8787d7; }
+#vt100 .bgAnsi105 { background-color: #8787ff; }
+#vt100 .bgAnsi106 { background-color: #87af00; }
+#vt100 .bgAnsi107 { background-color: #87af5f; }
+#vt100 .bgAnsi108 { background-color: #87af87; }
+#vt100 .bgAnsi109 { background-color: #87afaf; }
+#vt100 .bgAnsi110 { background-color: #87afd7; }
+#vt100 .bgAnsi111 { background-color: #87afff; }
+#vt100 .bgAnsi112 { background-color: #87d700; }
+#vt100 .bgAnsi113 { background-color: #87d75f; }
+#vt100 .bgAnsi114 { background-color: #87d787; }
+#vt100 .bgAnsi115 { background-color: #87d7af; }
+#vt100 .bgAnsi116 { background-color: #87d7d7; }
+#vt100 .bgAnsi117 { background-color: #87d7ff; }
+#vt100 .bgAnsi118 { background-color: #87ff00; }
+#vt100 .bgAnsi119 { background-color: #87ff5f; }
+#vt100 .bgAnsi120 { background-color: #87ff87; }
+#vt100 .bgAnsi121 { background-color: #87ffaf; }
+#vt100 .bgAnsi122 { background-color: #87ffd7; }
+#vt100 .bgAnsi123 { background-color: #87ffff; }
+#vt100 .bgAnsi124 { background-color: #af0000; }
+#vt100 .bgAnsi125 { background-color: #af005f; }
+#vt100 .bgAnsi126 { background-color: #af0087; }
+#vt100 .bgAnsi127 { background-color: #af00af; }
+#vt100 .bgAnsi128 { background-color: #af00d7; }
+#vt100 .bgAnsi129 { background-color: #af00ff; }
+#vt100 .bgAnsi130 { background-color: #af5f00; }
+#vt100 .bgAnsi131 { background-color: #af5f5f; }
+#vt100 .bgAnsi132 { background-color: #af5f87; }
+#vt100 .bgAnsi133 { background-color: #af5faf; }
+#vt100 .bgAnsi134 { background-color: #af5fd7; }
+#vt100 .bgAnsi135 { background-color: #af5fff; }
+#vt100 .bgAnsi136 { background-color: #af8700; }
+#vt100 .bgAnsi137 { background-color: #af875f; }
+#vt100 .bgAnsi138 { background-color: #af8787; }
+#vt100 .bgAnsi139 { background-color: #af87af; }
+#vt100 .bgAnsi140 { background-color: #af87d7; }
+#vt100 .bgAnsi141 { background-color: #af87ff; }
+#vt100 .bgAnsi142 { background-color: #afaf00; }
+#vt100 .bgAnsi143 { background-color: #afaf5f; }
+#vt100 .bgAnsi144 { background-color: #afaf87; }
+#vt100 .bgAnsi145 { background-color: #afafaf; }
+#vt100 .bgAnsi146 { background-color: #afafd7; }
+#vt100 .bgAnsi147 { background-color: #afafff; }
+#vt100 .bgAnsi148 { background-color: #afd700; }
+#vt100 .bgAnsi149 { background-color: #afd75f; }
+#vt100 .bgAnsi150 { background-color: #afd787; }
+#vt100 .bgAnsi151 { background-color: #afd7af; }
+#vt100 .bgAnsi152 { background-color: #afd7d7; }
+#vt100 .bgAnsi153 { background-color: #afd7ff; }
+#vt100 .bgAnsi154 { background-color: #afff00; }
+#vt100 .bgAnsi155 { background-color: #afff5f; }
+#vt100 .bgAnsi156 { background-color: #afff87; }
+#vt100 .bgAnsi157 { background-color: #afffaf; }
+#vt100 .bgAnsi158 { background-color: #afffd7; }
+#vt100 .bgAnsi159 { background-color: #afffff; }
+#vt100 .bgAnsi160 { background-color: #d70000; }
+#vt100 .bgAnsi161 { background-color: #d7005f; }
+#vt100 .bgAnsi162 { background-color: #d70087; }
+#vt100 .bgAnsi163 { background-color: #d700af; }
+#vt100 .bgAnsi164 { background-color: #d700d7; }
+#vt100 .bgAnsi165 { background-color: #d700ff; }
+#vt100 .bgAnsi166 { background-color: #d75f00; }
+#vt100 .bgAnsi167 { background-color: #d75f5f; }
+#vt100 .bgAnsi168 { background-color: #d75f87; }
+#vt100 .bgAnsi169 { background-color: #d75faf; }
+#vt100 .bgAnsi170 { background-color: #d75fd7; }
+#vt100 .bgAnsi171 { background-color: #d75fff; }
+#vt100 .bgAnsi172 { background-color: #d78700; }
+#vt100 .bgAnsi173 { background-color: #d7875f; }
+#vt100 .bgAnsi174 { background-color: #d78787; }
+#vt100 .bgAnsi175 { background-color: #d787af; }
+#vt100 .bgAnsi176 { background-color: #d787d7; }
+#vt100 .bgAnsi177 { background-color: #d787ff; }
+#vt100 .bgAnsi178 { background-color: #d7af00; }
+#vt100 .bgAnsi179 { background-color: #d7af5f; }
+#vt100 .bgAnsi180 { background-color: #d7af87; }
+#vt100 .bgAnsi181 { background-color: #d7afaf; }
+#vt100 .bgAnsi182 { background-color: #d7afd7; }
+#vt100 .bgAnsi183 { background-color: #d7afff; }
+#vt100 .bgAnsi184 { background-color: #d7d700; }
+#vt100 .bgAnsi185 { background-color: #d7d75f; }
+#vt100 .bgAnsi186 { background-color: #d7d787; }
+#vt100 .bgAnsi187 { background-color: #d7d7af; }
+#vt100 .bgAnsi188 { background-color: #d7d7d7; }
+#vt100 .bgAnsi189 { background-color: #d7d7ff; }
+#vt100 .bgAnsi190 { background-color: #d7ff00; }
+#vt100 .bgAnsi191 { background-color: #d7ff5f; }
+#vt100 .bgAnsi192 { background-color: #d7ff87; }
+#vt100 .bgAnsi193 { background-color: #d7ffaf; }
+#vt100 .bgAnsi194 { background-color: #d7ffd7; }
+#vt100 .bgAnsi195 { background-color: #d7ffff; }
+#vt100 .bgAnsi196 { background-color: #ff0000; }
+#vt100 .bgAnsi197 { background-color: #ff005f; }
+#vt100 .bgAnsi198 { background-color: #ff0087; }
+#vt100 .bgAnsi199 { background-color: #ff00af; }
+#vt100 .bgAnsi200 { background-color: #ff00d7; }
+#vt100 .bgAnsi201 { background-color: #ff00ff; }
+#vt100 .bgAnsi202 { background-color: #ff5f00; }
+#vt100 .bgAnsi203 { background-color: #ff5f5f; }
+#vt100 .bgAnsi204 { background-color: #ff5f87; }
+#vt100 .bgAnsi205 { background-color: #ff5faf; }
+#vt100 .bgAnsi206 { background-color: #ff5fd7; }
+#vt100 .bgAnsi207 { background-color: #ff5fff; }
+#vt100 .bgAnsi208 { background-color: #ff8700; }
+#vt100 .bgAnsi209 { background-color: #ff875f; }
+#vt100 .bgAnsi210 { background-color: #ff8787; }
+#vt100 .bgAnsi211 { background-color: #ff87af; }
+#vt100 .bgAnsi212 { background-color: #ff87d7; }
+#vt100 .bgAnsi213 { background-color: #ff87ff; }
+#vt100 .bgAnsi214 { background-color: #ffaf00; }
+#vt100 .bgAnsi215 { background-color: #ffaf5f; }
+#vt100 .bgAnsi216 { background-color: #ffaf87; }
+#vt100 .bgAnsi217 { background-color: #ffafaf; }
+#vt100 .bgAnsi218 { background-color: #ffafd7; }
+#vt100 .bgAnsi219 { background-color: #ffafff; }
+#vt100 .bgAnsi220 { background-color: #ffd700; }
+#vt100 .bgAnsi221 { background-color: #ffd75f; }
+#vt100 .bgAnsi222 { background-color: #ffd787; }
+#vt100 .bgAnsi223 { background-color: #ffd7af; }
+#vt100 .bgAnsi224 { background-color: #ffd7d7; }
+#vt100 .bgAnsi225 { background-color: #ffd7ff; }
+#vt100 .bgAnsi226 { background-color: #ffff00; }
+#vt100 .bgAnsi227 { background-color: #ffff5f; }
+#vt100 .bgAnsi228 { background-color: #ffff87; }
+#vt100 .bgAnsi229 { background-color: #ffffaf; }
+#vt100 .bgAnsi230 { background-color: #ffffd7; }
+#vt100 .bgAnsi231 { background-color: #ffffff; }
+#vt100 .bgAnsi232 { background-color: #080808; }
+#vt100 .bgAnsi233 { background-color: #121212; }
+#vt100 .bgAnsi234 { background-color: #1c1c1c; }
+#vt100 .bgAnsi235 { background-color: #262626; }
+#vt100 .bgAnsi236 { background-color: #303030; }
+#vt100 .bgAnsi237 { background-color: #3a3a3a; }
+#vt100 .bgAnsi238 { background-color: #444444; }
+#vt100 .bgAnsi239 { background-color: #4e4e4e; }
+#vt100 .bgAnsi240 { background-color: #585858; }
+#vt100 .bgAnsi241 { background-color: #626262; }
+#vt100 .bgAnsi242 { background-color: #6c6c6c; }
+#vt100 .bgAnsi243 { background-color: #767676; }
+#vt100 .bgAnsi244 { background-color: #808080; }
+#vt100 .bgAnsi245 { background-color: #8a8a8a; }
+#vt100 .bgAnsi246 { background-color: #949494; }
+#vt100 .bgAnsi247 { background-color: #9e9e9e; }
+#vt100 .bgAnsi248 { background-color: #a8a8a8; }
+#vt100 .bgAnsi249 { background-color: #b2b2b2; }
+#vt100 .bgAnsi250 { background-color: #bcbcbc; }
+#vt100 .bgAnsi251 { background-color: #c6c6c6; }
+#vt100 .bgAnsi252 { background-color: #d0d0d0; }
+#vt100 .bgAnsi253 { background-color: #dadada; }
+#vt100 .bgAnsi254 { background-color: #e4e4e4; }
+#vt100 .bgAnsi255 { background-color: #eeeeee; }

shellinabox/externalfile.c

@@ -75,7 +75,7 @@ static int externalFileHttpHandler(HttpConnection *http, void *arg,
     while (*pathInfo == '/') {
       pathInfo++;
     }
-  
+
     // Compute file name of external file
     char *fn;
     int s_size             = strlen((char *)arg) +
@@ -91,7 +91,7 @@ static int externalFileHttpHandler(HttpConnection *http, void *arg,
         ptr++;
       }
       strncat(fn, ptr, s_size);
-  
+
       // Any files/directories starting with a dot are inaccessible to us
       do {
         if (*ptr == '.') {
@@ -103,7 +103,7 @@ static int externalFileHttpHandler(HttpConnection *http, void *arg,
         ptr                = strchr(ptr + 1, '/');
       } while (ptr);
     }
-  
+
     // Open file for reading
 #ifndef O_LARGEFILE
 #define O_LARGEFILE 0
@@ -147,7 +147,7 @@ static int externalFileHttpHandler(HttpConnection *http, void *arg,
       httpSendReply(http, 404, "File not found", NO_MSG);
       return HTTP_DONE;
     }
-  
+
     // We only serve regular files, and restrict the file size to 100MB.
     // As a special-case, we also allow access to /dev/null.
     struct stat sb = { 0 };
@@ -161,7 +161,7 @@ static int externalFileHttpHandler(HttpConnection *http, void *arg,
       return HTTP_DONE;
     }
     free(fn);
-  
+
     // Set up response header
     char *response         = stringPrintf(NULL,
                                           "HTTP/1.1 200 OK\r\n"
@@ -180,7 +180,7 @@ static int externalFileHttpHandler(HttpConnection *http, void *arg,
       }
       check(response       = realloc(response, respLen + dataLen + 1));
       bytes                = NOINTR(read(fd, response + respLen, dataLen));
-      
+
       if (bytes < 0) {
         free(response);
         NOINTR(close(fd));
@@ -188,7 +188,7 @@ static int externalFileHttpHandler(HttpConnection *http, void *arg,
         return HTTP_DONE;
       }
     }
-  
+
     if (bytes < 0 || bytes == sb.st_size) {
       // Read entire file. Transmit it in one go.
       httpTransfer(http, response,
@@ -199,7 +199,7 @@ static int externalFileHttpHandler(HttpConnection *http, void *arg,
       // Transmit partial reply and store state for future calls into the
       // handler.
       httpTransferPartialReply(http, response, respLen + bytes);
-      
+
       check(state          = malloc(sizeof(struct ExternalFileState)));
       state->fd            = fd;
       state->totalSize     = sb.st_size;