sync libratbox - r25599 + charybdis packaging patch

2008-06-25 09:28:30 +04:00 · 2008-06-25 09:28:30 +04:00 · 033be68727
parent d9af2dddd3
commit 033be68727
27 changed files with 1091 additions and 833 deletions
--- a/libratbox/ChangeLog
+++ b/libratbox/ChangeLog
@ -1,3 +1,344 @@
 androsyn    2008/06/24 14:04:50 UTC	(25588)
  Log:
  move some of the common accept code into a function
  Modified:
 	libratbox/trunk/src/openssl.c (File Modified) 
 androsyn    2008/06/20 21:49:53 UTC	(25576)
  Log:
  rerun autoconf again
  Modified:
 	libratbox/trunk/configure (File Modified) 
 androsyn    2008/06/20 21:49:06 UTC	(25574)
  Log:
  enable Id tags on configure.ac
  Modified:
 	libratbox/trunk/configure.ac (File Modified) (Property Modified)
 jilles      2008/06/20 21:42:48 UTC	(25572)
  Log:
  Rerun autoconf.
  Modified:
 	libratbox/trunk/configure (File Modified) 
 jilles      2008/06/20 21:42:29 UTC	(25570)
  Log:
  Change == in test to =.
  Modified:
 	libratbox/trunk/configure.ac (File Modified) 
 androsyn    2008/06/20 18:46:08 UTC	(25568)
  Log:
  add a missing commio-ssl.h include in gnutls.c
  Modified:
 	libratbox/trunk/src/gnutls.c (File Modified) 
 androsyn    2008/06/19 19:05:46 UTC	(25556)
  Log:
  don't load the certificate twice and remember to close the file after opening it
  Modified:
 	libratbox/trunk/src/gnutls.c (File Modified) 
 androsyn    2008/06/11 14:40:44 UTC	(25532)
  Log:
  All sorts of autotools goo for GNUTLS.  Partially based on nenolod's patch.
  Modified:
 	libratbox/trunk/Makefile.in (File Modified) 
 	libratbox/trunk/aclocal.m4 (File Modified) 
 	libratbox/trunk/configure (File Modified) 
 	libratbox/trunk/configure.ac (File Modified) 
 	libratbox/trunk/include/libratbox_config.h.in (File Modified) 
 	libratbox/trunk/src/Makefile.am (File Modified) 
 	libratbox/trunk/src/Makefile.in (File Modified) 
 	libratbox/trunk/src/nossl.c (File Modified) 
 androsyn    2008/06/11 06:12:55 UTC	(25530)
  Log:
  first pass at gnutls code..
  Modified:
 	libratbox/trunk/src/gnutls.c (File Added) 
 jilles      2008/05/17 13:36:55 UTC	(25387)
  Log:
  Remove static inline symbols from export-syms.txt.
  These do not exist in the library and some platforms
  such as MacOS X don't like that.
  Modified:
 	libratbox/trunk/src/export-syms.txt (File Modified) 
 androsyn    2008/05/16 16:06:02 UTC	(25377)
  Log:
  fix a compile warning
  Modified:
 	libratbox/trunk/src/openssl.c (File Modified) 
 androsyn    2008/05/16 15:19:51 UTC	(25375)
  Log:
  fix up the soft assert stuff for libratbox and rename likely/unlikely to rb_likely/rb_unlikely
  Modified:
 	libratbox/trunk/include/commio-int.h (File Modified) 
 	libratbox/trunk/include/ratbox_lib.h (File Modified) 
 	libratbox/trunk/include/rb_memory.h (File Modified) 
 	libratbox/trunk/src/balloc.c (File Modified) 
 	libratbox/trunk/src/commio.c (File Modified) 
 	libratbox/trunk/src/linebuf.c (File Modified) 
 	libratbox/trunk/src/poll.c (File Modified) 
 	libratbox/trunk/src/ratbox_lib.c (File Modified) 
 	libratbox/trunk/src/sigio.c (File Modified) 
 	libratbox/trunk/src/snprintf.c (File Modified) 
 jilles      2008/05/14 17:55:22 UTC	(25364)
  Log:
  Fix a mistake in kqueue 'overflow' handling.
  If there is no space in the output buffer to report an
  error adding to the kqueue, kevent(2) will abort and
  return the error in errno (I was correct that it does
  not tell you where it failed). So do not abort the loop
  if kevent(2) fails and do not log (expected) EBADF.
  Modified:
 	libratbox/trunk/src/kqueue.c (File Modified) 
 androsyn    2008/05/13 14:48:46 UTC	(25358)
  Log:
  save connect errno so that we get a correct connect failure reason
  Modified:
 	libratbox/trunk/src/commio.c (File Modified) 
 jilles      2008/05/12 17:52:22 UTC	(25356)
  Log:
  Fix a possible crash with SSL connections closing early.
  Modified:
 	libratbox/trunk/src/openssl.c (File Modified) 
 jilles      2008/05/12 16:51:54 UTC	(25354)
  Log:
  Fix kqueue sometimes dropping updates.
  (ircd wouldn't read or write anymore to certain clients)
  This happens because kqueue.c will often try to add
  already closed file descriptors to the kqueue. The kernel
  tries to report bad file descriptors in the eventlist; if
  the eventlist has no space, processing of the changelist
  is silently halted.
  The fix:
  1. allocate two kqlst things, one for what kqlst currently does 
  and one as output buffer
  this ensures the kevent(2) call in rb_select_kqueue() never 
  drops updates
  2. replace the kevent(2) call in kq_update_events() by a loop 
  that processes the updates one at a time
  that doesn't happen much, and it's the only way to be sure 
  without also getting events out of the queue we cannot process 
  at that time
  Modified:
 	libratbox/trunk/src/kqueue.c (File Modified) 
 androsyn    2008/05/08 19:32:13 UTC	(25327)
  Log:
  forgot prototypes and nossl versions of rb_ssl handshake stuff
  Modified:
 	libratbox/trunk/include/rb_commio.h (File Modified) 
 	libratbox/trunk/src/nossl.c (File Modified) 
 androsyn    2008/05/08 19:09:42 UTC	(25325)
  Log:
  keep track of the number of openssl handshakes and export rb_ssl_handshake_count and rb_ssl_clear_handshake_count
  Modified:
 	libratbox/trunk/include/commio-int.h (File Modified) 
 	libratbox/trunk/src/export-syms.txt (File Modified) 
 	libratbox/trunk/src/openssl.c (File Modified) 
 androsyn    2008/05/02 12:41:05 UTC	(25291)
  Log:
  fix build for bsd platforms with lack EVFILT_TIMER
  Modified:
 	libratbox/trunk/src/kqueue.c (File Modified) 
 androsyn    2008/04/21 18:38:23 UTC	(25245)
  Log:
  kill a process with SIGKILL when calling helper_close to be certain the process goes away
  Modified:
 	libratbox/trunk/src/helper.c (File Modified) 
 river       2008/04/16 20:33:35 UTC	(25235)
  Log:
  support for compiling on OpenVMS (untested)
  Modified:
 	libratbox/trunk/include/libratbox_config.h_vms (File Added) 
 	libratbox/trunk/src/descrip.mms (File Added) 
 	libratbox/trunk/src/rawbuf.c (File Modified) 
 androsyn    2008/04/16 20:11:37 UTC	(25233)
  Log:
  less than zero doesn't make sense for size_t
  Modified:
 	libratbox/trunk/src/balloc.c (File Modified) 
 jilles      2008/04/13 16:19:04 UTC	(25229)
  Log:
  patricia: remove ugly abuse of K&R style function declaration
  It left the argument types unspecified in a function
  pointer, then called it using different numbers of
  arguments.
  Modified:
 	libratbox/trunk/include/rb_patricia.h (File Modified) 
 	libratbox/trunk/src/patricia.c (File Modified) 
 jilles      2008/04/12 22:20:43 UTC	(25227)
  Log:
  Remove linebuf's per-line flushing flag, as it's per-head state.
  In rare cases, this sharing caused the ircd to skip
  part of outgoing traffic, e.g. appearing as "not enough
  parameters" errors on the other side.
  The purpose of this flag can be fulfilled by the writeofs
  in the bufhead.
  Modified:
 	libratbox/trunk/include/rb_linebuf.h (File Modified) 
 	libratbox/trunk/src/linebuf.c (File Modified) 
 jilles      2008/04/12 14:30:19 UTC	(25225)
  Log:
  read/write return type should be ssize_t, not int or size_t.
  The writev emulation used size_t, which is unsigned,
  preventing negative values to be seen.
  Modified:
 	libratbox/trunk/src/commio.c (File Modified) 
 jilles      2008/04/11 08:48:21 UTC	(25223)
  Log:
  kqueue: also use EV_ONESHOT for read events
  This makes the kernel's state agree with our handler pointer.
  SSL may need to suspend selecting for reading to write
  something, e.g. with renegotiation.
  Modified:
 	libratbox/trunk/src/kqueue.c (File Modified) 
 jilles      2008/04/09 19:43:08 UTC	(25219)
  Log:
  Call the accept callback when timing out an SSL accept.
  The callback will close the F.
  Modified:
 	libratbox/trunk/src/openssl.c (File Modified) 
 jilles      2008/04/09 19:26:04 UTC	(25217)
  Log:
  Fix up ssl_accept WANT_READ/WANT_WRITE a bit.
  Only select for the exact thing asked, and if
  SSL_ERROR_SYSCALL happens abort it even if the
  errno is "ignorable".
  Modified:
 	libratbox/trunk/src/openssl.c (File Modified) 
 jilles      2008/04/05 19:09:32 UTC	(25205)
  Log:
  Fix SET_SS_LEN so that it also works correctly outside libratbox.
  Use RB_SOCKADDR_HAS_SA_LEN instead of SOCKADDR_IN_HAS_LEN
  which is only defined inside libratbox.
  This fixes creating own sockaddr structs in other programs
  using SET_SS_LEN, then passing them to libratbox, on
  4.4BSD based systems.
  Modified:
 	libratbox/trunk/include/ratbox_lib.h (File Modified) 
 androsyn    2008/04/04 18:43:29 UTC	(25203)
  Log:
  don't spin on accept when you don't get any data
  Modified:
 	libratbox/trunk/src/openssl.c (File Modified) 
 androsyn    2008/04/01 22:05:38 UTC	(25197)
  Log:
  return useful errno values here
  Modified:
 	libratbox/trunk/src/nossl.c (File Modified) 
 jilles      2008/04/01 20:38:54 UTC	(25195)
  Log:
  Make this link without OpenSSL.
  Patch from nenolod.
  Modified:
 	libratbox/trunk/src/nossl.c (File Modified) 
 androsyn    2008/03/30 16:34:18 UTC	(25177)
  Log:
  Remove DISABLE_SSL_COMP stuff completely.  Force our outbound connections to use TLSv1
--- a/libratbox/Makefile.in
+++ b/libratbox/Makefile.in
@ -13,6 +13,7 @@
 # PARTICULAR PURPOSE.
@SET_MAKE@
 VPATH = @srcdir@
 pkgdatadir = $(datadir)/@PACKAGE@
 pkglibdir = $(libdir)/@PACKAGE@
@ -33,7 +34,8 @@ build_triplet = @build@
 host_triplet = @host@
 subdir = .
 DIST_COMMON = README $(am__configure_deps) $(srcdir)/Makefile.am \
-	$(srcdir)/Makefile.in $(top_srcdir)/configure \
+	$(srcdir)/Makefile.in $(srcdir)/libratbox.pc.in \
 	$(top_srcdir)/configure \
 	$(top_srcdir)/include/libratbox_config.h.in COPYING ChangeLog \
 	INSTALL TODO config.guess config.sub depcomp install-sh \
 	ltmain.sh missing
@ -46,7 +48,7 @@ am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \
 configure.lineno config.status.lineno
 mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/include/libratbox_config.h
-CONFIG_CLEAN_FILES =
+CONFIG_CLEAN_FILES = libratbox.pc
 SOURCES =
 DIST_SOURCES =
 RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
@ -56,6 +58,15 @@ RECURSIVE_TARGETS = all-recursive check-recursive dvi-recursive \
 	install-pdf-recursive install-ps-recursive install-recursive \
 	installcheck-recursive installdirs-recursive pdf-recursive \
 	ps-recursive uninstall-recursive
 am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
 am__vpath_adj = case $$p in \
    $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
    *) f=$$p;; \
  esac;
 am__strip_dir = `echo $$p | sed -e 's|^.*/||'`;
 am__installdirs = "$(DESTDIR)$(pkgconfigdir)"
 pkgconfigDATA_INSTALL = $(INSTALL_DATA)
 DATA = $(pkgconfig_DATA)
 RECURSIVE_CLEAN_TARGETS = mostlyclean-recursive clean-recursive	\
  distclean-recursive maintainer-clean-recursive
 ETAGS = etags
@ -142,7 +153,7 @@ SED = @SED@
 SEDOBJ = @SEDOBJ@
 SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
-SSL_INCLUDES = @SSL_INCLUDES@
+SSL_CFLAGS = @SSL_CFLAGS@
 SSL_LIBS = @SSL_LIBS@
 STRIP = @STRIP@
 TOUCH = @TOUCH@
@ -201,6 +212,8 @@ top_builddir = @top_builddir@
 top_srcdir = @top_srcdir@
 AUTOMAKE_OPTIONS = foreign
 SUBDIRS = src
 pkgconfigdir = $(libdir)/pkgconfig
 pkgconfig_DATA = libratbox.pc
 all: all-recursive
 .SUFFIXES:
@ -254,6 +267,8 @@ $(top_srcdir)/include/libratbox_config.h.in: @MAINTAINER_MODE_TRUE@ $(am__config
 distclean-hdr:
 	-rm -f include/libratbox_config.h include/stamp-h1
 libratbox.pc: $(top_builddir)/config.status $(srcdir)/libratbox.pc.in
 	cd $(top_builddir) && $(SHELL) ./config.status $@
 mostlyclean-libtool:
 	-rm -f *.lo
@ -263,6 +278,23 @@ clean-libtool:
 distclean-libtool:
 	-rm -f libtool
 install-pkgconfigDATA: $(pkgconfig_DATA)
 	@$(NORMAL_INSTALL)
 	test -z "$(pkgconfigdir)" || $(MKDIR_P) "$(DESTDIR)$(pkgconfigdir)"
 	@list='$(pkgconfig_DATA)'; for p in $$list; do \
 	  if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
 	  f=$(am__strip_dir) \
 	  echo " $(pkgconfigDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(pkgconfigdir)/$$f'"; \
 	  $(pkgconfigDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(pkgconfigdir)/$$f"; \
 	done
 uninstall-pkgconfigDATA:
 	@$(NORMAL_UNINSTALL)
 	@list='$(pkgconfig_DATA)'; for p in $$list; do \
 	  f=$(am__strip_dir) \
 	  echo " rm -f '$(DESTDIR)$(pkgconfigdir)/$$f'"; \
 	  rm -f "$(DESTDIR)$(pkgconfigdir)/$$f"; \
 	done
 # This directory's subdirectories are mostly independent; you can cd
 # into them and run `make' without going through this Makefile.
@ -544,9 +576,12 @@ distcleancheck: distclean
 	       exit 1; } >&2
 check-am: all-am
 check: check-recursive
-all-am: Makefile
+all-am: Makefile $(DATA)
 installdirs: installdirs-recursive
 installdirs-am:
 	for dir in "$(DESTDIR)$(pkgconfigdir)"; do \
 	  test -z "$$dir" || $(MKDIR_P) "$$dir"; \
 	done
 install: install-recursive
 install-exec: install-exec-recursive
 install-data: install-data-recursive
@ -591,7 +626,7 @@ info: info-recursive
 info-am:
-install-data-am:
+install-data-am: install-pkgconfigDATA
 install-dvi: install-dvi-recursive
@ -627,7 +662,7 @@ ps: ps-recursive
 ps-am:
-uninstall-am:
+uninstall-am: uninstall-pkgconfigDATA
 .MAKE: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) install-am \
 	install-strip
@ -642,11 +677,12 @@ uninstall-am:
 	install-data install-data-am install-dvi install-dvi-am \
 	install-exec install-exec-am install-html install-html-am \
 	install-info install-info-am install-man install-pdf \
-	install-pdf-am install-ps install-ps-am install-strip \
+	install-pdf-am install-pkgconfigDATA install-ps install-ps-am \
-	installcheck installcheck-am installdirs installdirs-am \
+	install-strip installcheck installcheck-am installdirs \
-	maintainer-clean maintainer-clean-generic mostlyclean \
+	installdirs-am maintainer-clean maintainer-clean-generic \
-	mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
+	mostlyclean mostlyclean-generic mostlyclean-libtool pdf pdf-am \
-	tags tags-recursive uninstall uninstall-am
+	ps ps-am tags tags-recursive uninstall uninstall-am \
 	uninstall-pkgconfigDATA
 # Tell versions [3.59,3.63) of GNU make to not export all variables.
 # Otherwise a system limit (for SysV at least) may be exceeded.
--- a/libratbox/aclocal.m4
+++ b/libratbox/aclocal.m4
@ -21,7 +21,7 @@ To do so, use the procedure documented by the package, typically `autoreconf'.])
 # libtool.m4 - Configure libtool for the host system. -*-Autoconf-*-
-# serial 52 Debian 1.5.26-4 AC_PROG_LIBTOOL
+# serial 52 Debian 1.5.26-1ubuntu1 AC_PROG_LIBTOOL
 # AC_PROVIDE_IFELSE(MACRO-NAME, IF-PROVIDED, IF-NOT-PROVIDED)
@ -6671,116 +6671,6 @@ AC_SUBST([SED])
 AC_MSG_RESULT([$SED])
 ])
 # longlong.m4 serial 13
 dnl Copyright (C) 1999-2007 Free Software Foundation, Inc.
 dnl This file is free software; the Free Software Foundation
 dnl gives unlimited permission to copy and/or distribute it,
 dnl with or without modifications, as long as this notice is preserved.
 dnl From Paul Eggert.
 # Define HAVE_LONG_LONG_INT if 'long long int' works.
 # This fixes a bug in Autoconf 2.61, but can be removed once we
 # assume 2.62 everywhere.
 # Note: If the type 'long long int' exists but is only 32 bits large
 # (as on some very old compilers), HAVE_LONG_LONG_INT will not be
 # defined. In this case you can treat 'long long int' like 'long int'.
 AC_DEFUN([AC_TYPE_LONG_LONG_INT],
 [
  AC_CACHE_CHECK([for long long int], [ac_cv_type_long_long_int],
    [AC_LINK_IFELSE(
       [_AC_TYPE_LONG_LONG_SNIPPET],
       [dnl This catches a bug in Tandem NonStop Kernel (OSS) cc -O circa 2004.
 	dnl If cross compiling, assume the bug isn't important, since
 	dnl nobody cross compiles for this platform as far as we know.
 	AC_RUN_IFELSE(
 	  [AC_LANG_PROGRAM(
 	     [[@%:@include <limits.h>
 	       @%:@ifndef LLONG_MAX
 	       @%:@ define HALF \
 			(1LL << (sizeof (long long int) * CHAR_BIT - 2))
 	       @%:@ define LLONG_MAX (HALF - 1 + HALF)
 	       @%:@endif]],
 	     [[long long int n = 1;
 	       int i;
 	       for (i = 0; ; i++)
 		 {
 		   long long int m = n << i;
 		   if (m >> i != n)
 		     return 1;
 		   if (LLONG_MAX / 2 < m)
 		     break;
 		 }
 	       return 0;]])],
 	  [ac_cv_type_long_long_int=yes],
 	  [ac_cv_type_long_long_int=no],
 	  [ac_cv_type_long_long_int=yes])],
       [ac_cv_type_long_long_int=no])])
  if test $ac_cv_type_long_long_int = yes; then
    AC_DEFINE([HAVE_LONG_LONG_INT], 1,
      [Define to 1 if the system has the type `long long int'.])
  fi
 ])
 # Define HAVE_UNSIGNED_LONG_LONG_INT if 'unsigned long long int' works.
 # This fixes a bug in Autoconf 2.61, but can be removed once we
 # assume 2.62 everywhere.
 # Note: If the type 'unsigned long long int' exists but is only 32 bits
 # large (as on some very old compilers), AC_TYPE_UNSIGNED_LONG_LONG_INT
 # will not be defined. In this case you can treat 'unsigned long long int'
 # like 'unsigned long int'.
 AC_DEFUN([AC_TYPE_UNSIGNED_LONG_LONG_INT],
 [
  AC_CACHE_CHECK([for unsigned long long int],
    [ac_cv_type_unsigned_long_long_int],
    [AC_LINK_IFELSE(
       [_AC_TYPE_LONG_LONG_SNIPPET],
       [ac_cv_type_unsigned_long_long_int=yes],
       [ac_cv_type_unsigned_long_long_int=no])])
  if test $ac_cv_type_unsigned_long_long_int = yes; then
    AC_DEFINE([HAVE_UNSIGNED_LONG_LONG_INT], 1,
      [Define to 1 if the system has the type `unsigned long long int'.])
  fi
 ])
 # Expands to a C program that can be used to test for simultaneous support
 # of 'long long' and 'unsigned long long'. We don't want to say that
 # 'long long' is available if 'unsigned long long' is not, or vice versa,
 # because too many programs rely on the symmetry between signed and unsigned
 # integer types (excluding 'bool').
 AC_DEFUN([_AC_TYPE_LONG_LONG_SNIPPET],
 [
  AC_LANG_PROGRAM(
    [[/* Test preprocessor.  */
      #if ! (-9223372036854775807LL < 0 && 0 < 9223372036854775807ll)
        error in preprocessor;
      #endif
      #if ! (18446744073709551615ULL <= -1ull)
        error in preprocessor;
      #endif
      /* Test literals.  */
      long long int ll = 9223372036854775807ll;
      long long int nll = -9223372036854775807LL;
      unsigned long long int ull = 18446744073709551615ULL;
      /* Test constant expressions.   */
      typedef int a[((-9223372036854775807LL < 0 && 0 < 9223372036854775807ll)
 		     ? 1 : -1)];
      typedef int b[(18446744073709551615ULL <= (unsigned long long int) -1
 		     ? 1 : -1)];
      int i = 63;]],
    [[/* Test availability of runtime routines for shift and division.  */
      long long int llmax = 9223372036854775807ll;
      unsigned long long int ullmax = 18446744073709551615ull;
      return ((ll << 63) | (ll >> 63) | (ll < i) | (ll > i)
 	      | (llmax / ll) | (llmax % ll)
 	      | (ull << 63) | (ull >> 63) | (ull << i) | (ull >> i)
 	      | (ullmax / ull) | (ullmax % ull));]])
 ])
 # pkg.m4 - Macros to locate and utilise pkg-config.            -*- Autoconf -*-
 # 
 # Copyright © 2004 Scott James Remnant <scott@netsplit.com>.
--- a/libratbox/configure
+++ b/libratbox/configure
@ -2,7 +2,7 @@
 # Guess values for system-dependent variables and create Makefiles.
 # Generated by GNU Autoconf 2.61 for libratbox devel.
 #
-# $Id: configure.ac 23020 2006-09-01 18:20:19Z androsyn $
+# $Id: configure.ac 25574 2008-06-20 21:49:06Z androsyn $
 #
 # Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
 # 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc.
@ -895,7 +895,7 @@ GNUTLS_CFLAGS
 GNUTLS_LIBS
 PICFLAGS
 SEDOBJ
-SSL_INCLUDES
+SSL_CFLAGS
 SSL_LIBS
 RB_PREFIX
 LIBOBJS
@ -1508,10 +1508,10 @@ Optional Features:
                          optimize for fast installation [default=yes]
  --disable-libtool-lock  avoid locking (might break parallel builds)
  --disable-ipv6          Disable IPv6 support
  --enable-gnutls         Enable GnuTLS support.
  --disable-gnutls        Disable GnuTLS support.
  --enable-openssl=DIR    Enable OpenSSL support (DIR optional).
  --disable-openssl       Disable OpenSSL support.
  --enable-gnutls         Enable GnuTLS support.
  --disable-gnutls        Disable GnuTLS support.
  --enable-assert         Enable assert(). Choose between soft(warnings) and
                          hard(aborts the daemon)
  --enable-profile        Enable profiling
@ -1616,7 +1616,7 @@ Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
 This configure script is free software; the Free Software Foundation
 gives unlimited permission to copy, distribute and modify it.
-$Id: configure.ac 23020 2006-09-01 18:20:19Z androsyn $
+$Id: configure.ac 25574 2008-06-20 21:49:06Z androsyn $
 _ACEOF
  exit
 fi
@ -22261,43 +22261,26 @@ if test "${ac_cv_type_long_long_int+set}" = set; then
  echo $ECHO_N "(cached) $ECHO_C" >&6
 else
  cat >conftest.$ac_ext <<_ACEOF
-
+/* confdefs.h.  */
  /* confdefs.h.  */
 _ACEOF
 cat confdefs.h >>conftest.$ac_ext
 cat >>conftest.$ac_ext <<_ACEOF
 /* end confdefs.h.  */
-/* Test preprocessor.  */
+long long int ll = 9223372036854775807ll;
      #if ! (-9223372036854775807LL < 0 && 0 < 9223372036854775807ll)
        error in preprocessor;
      #endif
      #if ! (18446744073709551615ULL <= -1ull)
        error in preprocessor;
      #endif
      /* Test literals.  */
      long long int ll = 9223372036854775807ll;
 	    long long int nll = -9223372036854775807LL;
-      unsigned long long int ull = 18446744073709551615ULL;
+	    typedef int a[((-9223372036854775807LL < 0
-      /* Test constant expressions.   */
+			    && 0 < 9223372036854775807ll)
      typedef int a[((-9223372036854775807LL < 0 && 0 < 9223372036854775807ll)
 		     ? 1 : -1)];
      typedef int b[(18446744073709551615ULL <= (unsigned long long int) -1
 			   ? 1 : -1)];
 	    int i = 63;
 int
 main ()
 {
-/* Test availability of runtime routines for shift and division.  */
+long long int llmax = 9223372036854775807ll;
      long long int llmax = 9223372036854775807ll;
      unsigned long long int ullmax = 18446744073709551615ull;
 	    return ((ll << 63) | (ll >> 63) | (ll < i) | (ll > i)
-	      | (llmax / ll) | (llmax % ll)
+		    | (llmax / ll) | (llmax % ll));
 	      | (ull << 63) | (ull >> 63) | (ull << i) | (ull >> i)
 	      | (ullmax / ull) | (ullmax % ull));
  ;
  return 0;
 }
 _ACEOF
 rm -f conftest.$ac_objext conftest$ac_exeext
 if { (ac_try="$ac_link"
@ -22483,43 +22466,24 @@ if test "${ac_cv_type_unsigned_long_long_int+set}" = set; then
  echo $ECHO_N "(cached) $ECHO_C" >&6
 else
  cat >conftest.$ac_ext <<_ACEOF
-
+/* confdefs.h.  */
  /* confdefs.h.  */
 _ACEOF
 cat confdefs.h >>conftest.$ac_ext
 cat >>conftest.$ac_ext <<_ACEOF
 /* end confdefs.h.  */
-/* Test preprocessor.  */
+unsigned long long int ull = 18446744073709551615ULL;
-      #if ! (-9223372036854775807LL < 0 && 0 < 9223372036854775807ll)
+	    typedef int a[(18446744073709551615ULL <= (unsigned long long int) -1
        error in preprocessor;
      #endif
      #if ! (18446744073709551615ULL <= -1ull)
        error in preprocessor;
      #endif
      /* Test literals.  */
      long long int ll = 9223372036854775807ll;
      long long int nll = -9223372036854775807LL;
      unsigned long long int ull = 18446744073709551615ULL;
      /* Test constant expressions.   */
      typedef int a[((-9223372036854775807LL < 0 && 0 < 9223372036854775807ll)
 		     ? 1 : -1)];
      typedef int b[(18446744073709551615ULL <= (unsigned long long int) -1
 			   ? 1 : -1)];
 	   int i = 63;
 int
 main ()
 {
-/* Test availability of runtime routines for shift and division.  */
+unsigned long long int ullmax = 18446744073709551615ull;
-      long long int llmax = 9223372036854775807ll;
+	    return (ull << 63 | ull >> 63 | ull << i | ull >> i
-      unsigned long long int ullmax = 18446744073709551615ull;
+		    | ullmax / ull | ullmax % ull);
      return ((ll << 63) | (ll >> 63) | (ll < i) | (ll > i)
 	      | (llmax / ll) | (llmax % ll)
 	      | (ull << 63) | (ull >> 63) | (ull << i) | (ull >> i)
 	      | (ullmax / ull) | (ullmax % ull));
  ;
  return 0;
 }
 _ACEOF
 rm -f conftest.$ac_objext conftest$ac_exeext
 if { (ac_try="$ac_link"
@ -25886,221 +25850,6 @@ _ACEOF
 fi
 { echo "$as_me:$LINENO: checking for GnuTLS" >&5
 echo $ECHO_N "checking for GnuTLS... $ECHO_C" >&6; }
 # Check whether --enable-gnutls was given.
 if test "${enable_gnutls+set}" = set; then
  enableval=$enable_gnutls; cf_enable_gnutls=$enableval
 else
  cf_enable_gnutls="auto"
 fi
 if test "$cf_enable_gnutls" != no; then
 if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then
 	if test -n "$ac_tool_prefix"; then
  # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args.
 set dummy ${ac_tool_prefix}pkg-config; ac_word=$2
 { echo "$as_me:$LINENO: checking for $ac_word" >&5
 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
 if test "${ac_cv_path_PKG_CONFIG+set}" = set; then
  echo $ECHO_N "(cached) $ECHO_C" >&6
 else
  case $PKG_CONFIG in
  [\\/]* | ?:[\\/]*)
  ac_cv_path_PKG_CONFIG="$PKG_CONFIG" # Let the user override the test with a path.
  ;;
  *)
  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
 for as_dir in $PATH
 do
  IFS=$as_save_IFS
  test -z "$as_dir" && as_dir=.
  for ac_exec_ext in '' $ac_executable_extensions; do
  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
    ac_cv_path_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext"
    echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
    break 2
  fi
 done
 done
 IFS=$as_save_IFS
  ;;
 esac
 fi
 PKG_CONFIG=$ac_cv_path_PKG_CONFIG
 if test -n "$PKG_CONFIG"; then
  { echo "$as_me:$LINENO: result: $PKG_CONFIG" >&5
 echo "${ECHO_T}$PKG_CONFIG" >&6; }
 else
  { echo "$as_me:$LINENO: result: no" >&5
 echo "${ECHO_T}no" >&6; }
 fi
 fi
 if test -z "$ac_cv_path_PKG_CONFIG"; then
  ac_pt_PKG_CONFIG=$PKG_CONFIG
  # Extract the first word of "pkg-config", so it can be a program name with args.
 set dummy pkg-config; ac_word=$2
 { echo "$as_me:$LINENO: checking for $ac_word" >&5
 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
 if test "${ac_cv_path_ac_pt_PKG_CONFIG+set}" = set; then
  echo $ECHO_N "(cached) $ECHO_C" >&6
 else
  case $ac_pt_PKG_CONFIG in
  [\\/]* | ?:[\\/]*)
  ac_cv_path_ac_pt_PKG_CONFIG="$ac_pt_PKG_CONFIG" # Let the user override the test with a path.
  ;;
  *)
  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
 for as_dir in $PATH
 do
  IFS=$as_save_IFS
  test -z "$as_dir" && as_dir=.
  for ac_exec_ext in '' $ac_executable_extensions; do
  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
    ac_cv_path_ac_pt_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext"
    echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
    break 2
  fi
 done
 done
 IFS=$as_save_IFS
  ;;
 esac
 fi
 ac_pt_PKG_CONFIG=$ac_cv_path_ac_pt_PKG_CONFIG
 if test -n "$ac_pt_PKG_CONFIG"; then
  { echo "$as_me:$LINENO: result: $ac_pt_PKG_CONFIG" >&5
 echo "${ECHO_T}$ac_pt_PKG_CONFIG" >&6; }
 else
  { echo "$as_me:$LINENO: result: no" >&5
 echo "${ECHO_T}no" >&6; }
 fi
  if test "x$ac_pt_PKG_CONFIG" = x; then
    PKG_CONFIG=""
  else
    case $cross_compiling:$ac_tool_warned in
 yes:)
 { echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools
 whose name does not start with the host triplet.  If you think this
 configuration is useful to you, please write to autoconf@gnu.org." >&5
 echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools
 whose name does not start with the host triplet.  If you think this
 configuration is useful to you, please write to autoconf@gnu.org." >&2;}
 ac_tool_warned=yes ;;
 esac
    PKG_CONFIG=$ac_pt_PKG_CONFIG
  fi
 else
  PKG_CONFIG="$ac_cv_path_PKG_CONFIG"
 fi
 fi
 if test -n "$PKG_CONFIG"; then
 	_pkg_min_version=0.9.0
 	{ echo "$as_me:$LINENO: checking pkg-config is at least version $_pkg_min_version" >&5
 echo $ECHO_N "checking pkg-config is at least version $_pkg_min_version... $ECHO_C" >&6; }
 	if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then
 		{ echo "$as_me:$LINENO: result: yes" >&5
 echo "${ECHO_T}yes" >&6; }
 	else
 		{ echo "$as_me:$LINENO: result: no" >&5
 echo "${ECHO_T}no" >&6; }
 		PKG_CONFIG=""
 	fi
 fi
 pkg_failed=no
 { echo "$as_me:$LINENO: checking for GNUTLS" >&5
 echo $ECHO_N "checking for GNUTLS... $ECHO_C" >&6; }
 if test -n "$PKG_CONFIG"; then
    if test -n "$GNUTLS_CFLAGS"; then
        pkg_cv_GNUTLS_CFLAGS="$GNUTLS_CFLAGS"
    else
        if test -n "$PKG_CONFIG" && \
    { (echo "$as_me:$LINENO: \$PKG_CONFIG --exists --print-errors \"gnutls\"") >&5
  ($PKG_CONFIG --exists --print-errors "gnutls") 2>&5
  ac_status=$?
  echo "$as_me:$LINENO: \$? = $ac_status" >&5
  (exit $ac_status); }; then
  pkg_cv_GNUTLS_CFLAGS=`$PKG_CONFIG --cflags "gnutls" 2>/dev/null`
 else
  pkg_failed=yes
 fi
    fi
 else
 	pkg_failed=untried
 fi
 if test -n "$PKG_CONFIG"; then
    if test -n "$GNUTLS_LIBS"; then
        pkg_cv_GNUTLS_LIBS="$GNUTLS_LIBS"
    else
        if test -n "$PKG_CONFIG" && \
    { (echo "$as_me:$LINENO: \$PKG_CONFIG --exists --print-errors \"gnutls\"") >&5
  ($PKG_CONFIG --exists --print-errors "gnutls") 2>&5
  ac_status=$?
  echo "$as_me:$LINENO: \$? = $ac_status" >&5
  (exit $ac_status); }; then
  pkg_cv_GNUTLS_LIBS=`$PKG_CONFIG --libs "gnutls" 2>/dev/null`
 else
  pkg_failed=yes
 fi
    fi
 else
 	pkg_failed=untried
 fi
 if test $pkg_failed = yes; then
 if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
        _pkg_short_errors_supported=yes
 else
        _pkg_short_errors_supported=no
 fi
        if test $_pkg_short_errors_supported = yes; then
 	        GNUTLS_PKG_ERRORS=`$PKG_CONFIG --short-errors --errors-to-stdout --print-errors "gnutls"`
        else
 	        GNUTLS_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "gnutls"`
        fi
 	# Put the nasty error message in config.log where it belongs
 	echo "$GNUTLS_PKG_ERRORS" >&5
 	{ echo "$as_me:$LINENO: result: no" >&5
 echo "${ECHO_T}no" >&6; }
                cf_enable_gnutls="no"
 elif test $pkg_failed = untried; then
 	cf_enable_gnutls="no"
 else
 	GNUTLS_CFLAGS=$pkg_cv_GNUTLS_CFLAGS
 	GNUTLS_LIBS=$pkg_cv_GNUTLS_LIBS
        { echo "$as_me:$LINENO: result: yes" >&5
 echo "${ECHO_T}yes" >&6; }
 		CPPFLAGS="$CPPFLAGS $GNUTLS_CFLAGS"
 		LIBS="$LIBS $GNUTLS_LIBS"
 		cf_enable_gnutls="yes"
 fi
 fi
 if test "$cf_enable_gnutls" != no; then
 cat >>confdefs.h <<\_ACEOF
 #define HAVE_GNUTLS 1
 _ACEOF
 fi
 { echo "$as_me:$LINENO: checking for OpenSSL" >&5
 echo $ECHO_N "checking for OpenSSL... $ECHO_C" >&6; }
@ -26112,10 +25861,6 @@ else
 fi
 if test "$cf_enable_gnutls" = "yes" -a "$cf_enable_openssl" = "auto"; then
 	cf_enable_openssl="no"
 fi
 if test "$cf_enable_openssl" != "no" ; then
 	cf_openssl_basedir=""
 	if test "$cf_enable_openssl" != "auto" &&
@ -26133,7 +25878,7 @@ if test "$cf_enable_openssl" != "no" ; then
 	fi
 		if test ! -z "$cf_openssl_basedir"; then
 		if test -f "${cf_openssl_basedir}/include/openssl/opensslv.h" ; then
-			SSL_INCLUDES="-I${cf_openssl_basedir}/include"
+			SSL_CFLAGS="-I${cf_openssl_basedir}/include"
 			SSL_LIBS="-L${cf_openssl_basedir}/lib"
 		else
 						cf_openssl_basedir=""
@ -26160,7 +25905,7 @@ echo "${ECHO_T}disabled" >&6; }
 fi
 save_CPPFLAGS="$CPPFLAGS"
-CPPFLAGS="$CPPFLAGS $SSL_INCLUDES"
+CPPFLAGS="$CPPFLAGS $SSL_CFLAGS"
 save_LIBS="$LIBS"
 LIBS="$LIBS $SSL_LIBS"
 if test "$cf_enable_openssl" != no; then
@ -26374,15 +26119,241 @@ fi
 fi
-if test "$cf_enable_openssl" != no; then
+
 { echo "$as_me:$LINENO: checking for GnuTLS" >&5
 echo $ECHO_N "checking for GnuTLS... $ECHO_C" >&6; }
 # Check whether --enable-gnutls was given.
 if test "${enable_gnutls+set}" = set; then
  enableval=$enable_gnutls; cf_enable_gnutls=$enableval
 else
  cf_enable_gnutls="auto"
 fi
 if test "$cf_enable_gnutls" != no; then
 if test "x$ac_cv_env_PKG_CONFIG_set" != "xset"; then
 	if test -n "$ac_tool_prefix"; then
  # Extract the first word of "${ac_tool_prefix}pkg-config", so it can be a program name with args.
 set dummy ${ac_tool_prefix}pkg-config; ac_word=$2
 { echo "$as_me:$LINENO: checking for $ac_word" >&5
 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
 if test "${ac_cv_path_PKG_CONFIG+set}" = set; then
  echo $ECHO_N "(cached) $ECHO_C" >&6
 else
  case $PKG_CONFIG in
  [\\/]* | ?:[\\/]*)
  ac_cv_path_PKG_CONFIG="$PKG_CONFIG" # Let the user override the test with a path.
  ;;
  *)
  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
 for as_dir in $PATH
 do
  IFS=$as_save_IFS
  test -z "$as_dir" && as_dir=.
  for ac_exec_ext in '' $ac_executable_extensions; do
  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
    ac_cv_path_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext"
    echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
    break 2
  fi
 done
 done
 IFS=$as_save_IFS
  ;;
 esac
 fi
 PKG_CONFIG=$ac_cv_path_PKG_CONFIG
 if test -n "$PKG_CONFIG"; then
  { echo "$as_me:$LINENO: result: $PKG_CONFIG" >&5
 echo "${ECHO_T}$PKG_CONFIG" >&6; }
 else
  { echo "$as_me:$LINENO: result: no" >&5
 echo "${ECHO_T}no" >&6; }
 fi
 fi
 if test -z "$ac_cv_path_PKG_CONFIG"; then
  ac_pt_PKG_CONFIG=$PKG_CONFIG
  # Extract the first word of "pkg-config", so it can be a program name with args.
 set dummy pkg-config; ac_word=$2
 { echo "$as_me:$LINENO: checking for $ac_word" >&5
 echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; }
 if test "${ac_cv_path_ac_pt_PKG_CONFIG+set}" = set; then
  echo $ECHO_N "(cached) $ECHO_C" >&6
 else
  case $ac_pt_PKG_CONFIG in
  [\\/]* | ?:[\\/]*)
  ac_cv_path_ac_pt_PKG_CONFIG="$ac_pt_PKG_CONFIG" # Let the user override the test with a path.
  ;;
  *)
  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
 for as_dir in $PATH
 do
  IFS=$as_save_IFS
  test -z "$as_dir" && as_dir=.
  for ac_exec_ext in '' $ac_executable_extensions; do
  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
    ac_cv_path_ac_pt_PKG_CONFIG="$as_dir/$ac_word$ac_exec_ext"
    echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5
    break 2
  fi
 done
 done
 IFS=$as_save_IFS
  ;;
 esac
 fi
 ac_pt_PKG_CONFIG=$ac_cv_path_ac_pt_PKG_CONFIG
 if test -n "$ac_pt_PKG_CONFIG"; then
  { echo "$as_me:$LINENO: result: $ac_pt_PKG_CONFIG" >&5
 echo "${ECHO_T}$ac_pt_PKG_CONFIG" >&6; }
 else
  { echo "$as_me:$LINENO: result: no" >&5
 echo "${ECHO_T}no" >&6; }
 fi
  if test "x$ac_pt_PKG_CONFIG" = x; then
    PKG_CONFIG=""
  else
    case $cross_compiling:$ac_tool_warned in
 yes:)
 { echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools
 whose name does not start with the host triplet.  If you think this
 configuration is useful to you, please write to autoconf@gnu.org." >&5
 echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools
 whose name does not start with the host triplet.  If you think this
 configuration is useful to you, please write to autoconf@gnu.org." >&2;}
 ac_tool_warned=yes ;;
 esac
    PKG_CONFIG=$ac_pt_PKG_CONFIG
  fi
 else
  PKG_CONFIG="$ac_cv_path_PKG_CONFIG"
 fi
 fi
 if test -n "$PKG_CONFIG"; then
 	_pkg_min_version=0.9.0
 	{ echo "$as_me:$LINENO: checking pkg-config is at least version $_pkg_min_version" >&5
 echo $ECHO_N "checking pkg-config is at least version $_pkg_min_version... $ECHO_C" >&6; }
 	if $PKG_CONFIG --atleast-pkgconfig-version $_pkg_min_version; then
 		{ echo "$as_me:$LINENO: result: yes" >&5
 echo "${ECHO_T}yes" >&6; }
 	else
 		{ echo "$as_me:$LINENO: result: no" >&5
 echo "${ECHO_T}no" >&6; }
 		PKG_CONFIG=""
 	fi
 fi
 pkg_failed=no
 { echo "$as_me:$LINENO: checking for GNUTLS" >&5
 echo $ECHO_N "checking for GNUTLS... $ECHO_C" >&6; }
 if test -n "$PKG_CONFIG"; then
    if test -n "$GNUTLS_CFLAGS"; then
        pkg_cv_GNUTLS_CFLAGS="$GNUTLS_CFLAGS"
    else
        if test -n "$PKG_CONFIG" && \
    { (echo "$as_me:$LINENO: \$PKG_CONFIG --exists --print-errors \"gnutls\"") >&5
  ($PKG_CONFIG --exists --print-errors "gnutls") 2>&5
  ac_status=$?
  echo "$as_me:$LINENO: \$? = $ac_status" >&5
  (exit $ac_status); }; then
  pkg_cv_GNUTLS_CFLAGS=`$PKG_CONFIG --cflags "gnutls" 2>/dev/null`
 else
  pkg_failed=yes
 fi
    fi
 else
 	pkg_failed=untried
 fi
 if test -n "$PKG_CONFIG"; then
    if test -n "$GNUTLS_LIBS"; then
        pkg_cv_GNUTLS_LIBS="$GNUTLS_LIBS"
    else
        if test -n "$PKG_CONFIG" && \
    { (echo "$as_me:$LINENO: \$PKG_CONFIG --exists --print-errors \"gnutls\"") >&5
  ($PKG_CONFIG --exists --print-errors "gnutls") 2>&5
  ac_status=$?
  echo "$as_me:$LINENO: \$? = $ac_status" >&5
  (exit $ac_status); }; then
  pkg_cv_GNUTLS_LIBS=`$PKG_CONFIG --libs "gnutls" 2>/dev/null`
 else
  pkg_failed=yes
 fi
    fi
 else
 	pkg_failed=untried
 fi
 if test $pkg_failed = yes; then
 if $PKG_CONFIG --atleast-pkgconfig-version 0.20; then
        _pkg_short_errors_supported=yes
 else
        _pkg_short_errors_supported=no
 fi
        if test $_pkg_short_errors_supported = yes; then
 	        GNUTLS_PKG_ERRORS=`$PKG_CONFIG --short-errors --errors-to-stdout --print-errors "gnutls"`
        else
 	        GNUTLS_PKG_ERRORS=`$PKG_CONFIG --errors-to-stdout --print-errors "gnutls"`
        fi
 	# Put the nasty error message in config.log where it belongs
 	echo "$GNUTLS_PKG_ERRORS" >&5
 	{ echo "$as_me:$LINENO: result: no" >&5
 echo "${ECHO_T}no" >&6; }
                cf_enable_gnutls="no"
 elif test $pkg_failed = untried; then
 	cf_enable_gnutls="no"
 else
 	GNUTLS_CFLAGS=$pkg_cv_GNUTLS_CFLAGS
 	GNUTLS_LIBS=$pkg_cv_GNUTLS_LIBS
        { echo "$as_me:$LINENO: result: yes" >&5
 echo "${ECHO_T}yes" >&6; }
               cf_enable_gnutls="yes"
 fi
 fi
 if test "$cf_enable_gnutls" = "auto" -a "$cf_enable_openssl" = "yes"; then
       cf_enable_gnutls="no"
 fi
 if test x"$cf_enable_openssl" != xno; then
 cat >>confdefs.h <<\_ACEOF
 #define HAVE_OPENSSL 1
 _ACEOF
 	GNUTLS_CFLAGS=""
 	GNUTLS_LIBS=""
 	SSL_TYPE="openssl"
 elif test x"$cf_enable_gnutls" != xno; then
 cat >>confdefs.h <<\_ACEOF
 #define HAVE_GNUTLS 1
 _ACEOF
 	SSL_LIBS=""
 	SSL_CFLAGS=""
 	SSL_TYPE="gnutls"
 fi
 CPPFLAGS="$save_CPPFLAGS"
 LIBS="$save_LIBS"
@ -26479,6 +26450,7 @@ fi
 if test "$prefix" = "NONE"; then
 cat >>confdefs.h <<_ACEOF
@ -26514,6 +26486,7 @@ done
 ac_config_commands="$ac_config_commands include/librb-config.h"
 ac_config_files="$ac_config_files src/Makefile Makefile libratbox.pc"
@ -27451,7 +27424,7 @@ GNUTLS_CFLAGS!$GNUTLS_CFLAGS$ac_delim
 GNUTLS_LIBS!$GNUTLS_LIBS$ac_delim
 PICFLAGS!$PICFLAGS$ac_delim
 SEDOBJ!$SEDOBJ$ac_delim
-SSL_INCLUDES!$SSL_INCLUDES$ac_delim
+SSL_CFLAGS!$SSL_CFLAGS$ac_delim
 SSL_LIBS!$SSL_LIBS$ac_delim
 RB_PREFIX!$RB_PREFIX$ac_delim
 LIBOBJS!$LIBOBJS$ac_delim
@ -28368,7 +28341,6 @@ echo "Installing into: $prefix"
 echo "IPv6 support ................... $have_v6"
 echo "Assert debugging ............... $assert"
 echo "Block allocator ................ $balloc"
-echo "OpenSSL ........................ $cf_enable_openssl"
+echo "SSL Type........................ $SSL_TYPE"
 echo "GnuTLS ......................... $cf_enable_gnutls"
 echo
--- a/libratbox/configure.ac
+++ b/libratbox/configure.ac
@ -1,4 +1,4 @@
-dnl $Id: configure.ac 23020 2006-09-01 18:20:19Z androsyn $
+dnl $Id: configure.ac 25574 2008-06-20 21:49:06Z androsyn $
 dnl Process this file with autoconf to produce a configure script.
 dnl TODO: clean up all the OpenSSL and shared module checking stuff;
@ -8,7 +8,7 @@ dnl said functions need to be just about as complex as they already are.
 AC_PREREQ(2.60)
 AUTOMAKE_OPTIONS = 1.10
 dnl Sneaky way to get an Id tag into the configure script
-AC_COPYRIGHT([$Id: configure.ac 23020 2006-09-01 18:20:19Z androsyn $])
+AC_COPYRIGHT([$Id: configure.ac 25574 2008-06-20 21:49:06Z androsyn $])
 AC_INIT([libratbox],[devel])
 AM_INIT_AUTOMAKE(AC_PACKAGE_TARNAME, AC_PACKAGE_VERSION, -)
@ -241,25 +241,6 @@ if test "$is_mingw" = "yes"; then
 	AC_DEFINE(HAVE_WIN32, [1], [Define to 1 if you are on windows])
 fi
 dnl GnuTLS support
 AC_MSG_CHECKING(for GnuTLS)
 AC_ARG_ENABLE(gnutls,
 [AC_HELP_STRING([--enable-gnutls],[Enable GnuTLS support.])
 AC_HELP_STRING([--disable-gnutls],[Disable GnuTLS support.])],
 [cf_enable_gnutls=$enableval],
 [cf_enable_gnutls="auto"])
 if test "$cf_enable_gnutls" != no; then
 	PKG_CHECK_MODULES(GNUTLS, [gnutls], [
 		CPPFLAGS="$CPPFLAGS $GNUTLS_CFLAGS"
 		LIBS="$LIBS $GNUTLS_LIBS"
 		cf_enable_gnutls="yes"
 	], [cf_enable_gnutls="no"])
 fi
 if test "$cf_enable_gnutls" != no; then
 	AC_DEFINE(HAVE_GNUTLS, 1, [Has GNUTLS])
 fi
 dnl OpenSSL support
 AC_MSG_CHECKING(for OpenSSL)
@ -269,11 +250,6 @@ AC_HELP_STRING([--disable-openssl],[Disable OpenSSL support.])],
 [cf_enable_openssl=$enableval],
 [cf_enable_openssl="auto"])
 dnl Prefer GnuTLS over OpenSSL due to licensing issues, this could use improvement
 if test "$cf_enable_gnutls" = "yes" -a "$cf_enable_openssl" = "auto"; then
 	cf_enable_openssl="no"
 fi
 if test "$cf_enable_openssl" != "no" ; then
 	cf_openssl_basedir=""
 	if test "$cf_enable_openssl" != "auto" &&
@ -294,7 +270,7 @@ if test "$cf_enable_openssl" != "no" ; then
 	dnl Now check cf_openssl_found to see if we found anything.
 	if test ! -z "$cf_openssl_basedir"; then
 		if test -f "${cf_openssl_basedir}/include/openssl/opensslv.h" ; then
-			SSL_INCLUDES="-I${cf_openssl_basedir}/include"
+			SSL_CFLAGS="-I${cf_openssl_basedir}/include"
 			SSL_LIBS="-L${cf_openssl_basedir}/lib"
 		else
 		dnl OpenSSL wasn't found in the directory specified.  Naughty
@ -329,7 +305,7 @@ else
 fi
 save_CPPFLAGS="$CPPFLAGS"
-CPPFLAGS="$CPPFLAGS $SSL_INCLUDES"
+CPPFLAGS="$CPPFLAGS $SSL_CFLAGS"
 save_LIBS="$LIBS"
 LIBS="$LIBS $SSL_LIBS"
 if test "$cf_enable_openssl" != no; then
@ -369,10 +345,40 @@ if test "$cf_enable_openssl" != no; then
 		[cf_enable_openssl=no], [-lcrypto])
 fi
-if test "$cf_enable_openssl" != no; then
+
-	AC_DEFINE(HAVE_OPENSSL,1,[Has OpenSSL])
+
 dnl GnuTLS support
 AC_MSG_CHECKING(for GnuTLS)
 AC_ARG_ENABLE(gnutls,
 [AC_HELP_STRING([--enable-gnutls],[Enable GnuTLS support.])
 AC_HELP_STRING([--disable-gnutls],[Disable GnuTLS support.])],
 [cf_enable_gnutls=$enableval],
 [cf_enable_gnutls="auto"])
 if test "$cf_enable_gnutls" != no; then
       PKG_CHECK_MODULES(GNUTLS, [gnutls], [
               cf_enable_gnutls="yes"   
       ], [cf_enable_gnutls="no"])      
 fi
 if test "$cf_enable_gnutls" = "auto" -a "$cf_enable_openssl" = "yes"; then
       cf_enable_gnutls="no"
 fi
 if test x"$cf_enable_openssl" != xno; then
 	AC_DEFINE(HAVE_OPENSSL,1,[Has OpenSSL])
 	GNUTLS_CFLAGS=""
 	GNUTLS_LIBS=""
 	SSL_TYPE="openssl"
 elif test x"$cf_enable_gnutls" != xno; then
 	AC_DEFINE(HAVE_GNUTLS, 1, [Has GnuTLS])
 	SSL_LIBS=""
 	SSL_CFLAGS=""	
 	SSL_TYPE="gnutls"
 fi
 CPPFLAGS="$save_CPPFLAGS"
 LIBS="$save_LIBS"
@ -431,9 +437,10 @@ AC_SUBST(LDFLAGS)
 AC_SUBST(PICFLAGS)
 AC_SUBST(CFLAGS)
 AC_SUBST(SEDOBJ)
-AC_SUBST(SSL_INCLUDES)
+AC_SUBST(SSL_CFLAGS)
 AC_SUBST(SSL_LIBS)
-
+AC_SUBST(GNUTLS_CFLAGS)
 AC_SUBST(GNUTLS_LIBS)
 if test "$prefix" = "NONE"; then 
 	AC_DEFINE_UNQUOTED(RB_PREFIX, "$ac_default_prefix", [Prefix where libratbox is installed.])
@ -675,11 +682,12 @@ fi
 )
-AC_CONFIG_FILES([
+
-	src/Makefile
+AC_CONFIG_FILES(		\
-	Makefile
+	src/Makefile		\
-	libratbox.pc
+	Makefile		\
-])
+	libratbox.pc		\
 )
 AC_OUTPUT
@ -694,7 +702,6 @@ echo "Installing into: $prefix"
 echo "IPv6 support ................... $have_v6"
 echo "Assert debugging ............... $assert"
 echo "Block allocator ................ $balloc"
-echo "OpenSSL ........................ $cf_enable_openssl"
+echo "SSL Type........................ $SSL_TYPE"
 echo "GnuTLS ......................... $cf_enable_gnutls"
 echo
--- a/libratbox/include/commio-int.h
+++ b/libratbox/include/commio-int.h
@ -115,6 +115,7 @@ struct _fde
 	struct conndata *connect;
 	struct acceptdata *accept;
 	void *ssl;
 	unsigned int handshake_count;
 	unsigned long ssl_errno;
 };
@ -137,7 +138,7 @@ rb_find_fd(int fd)
 	rb_dlink_list *hlist;
 	rb_dlink_node *ptr;
-	if(unlikely(fd < 0))
+	if(rb_unlikely(fd < 0))
 		return NULL;
 	hlist = &rb_fd_table[rb_hash_fd(fd)];
--- a/libratbox/include/libratbox_config.h.in
+++ b/libratbox/include/libratbox_config.h.in
@ -51,7 +51,7 @@
 /* Define to 1 if you have the `gmtime_r' function. */
 #undef HAVE_GMTIME_R
-/* Has GNUTLS */
+/* Has GnuTLS */
 #undef HAVE_GNUTLS
 /* Define to 1 if the system has the type `intmax_t'. */
--- a/libratbox/include/ratbox_lib.h
+++ b/libratbox/include/ratbox_lib.h
@ -1,5 +1,5 @@
 /*
- * $Id: ratbox_lib.h 24866 2008-01-10 16:33:54Z androsyn $
+ * $Id: ratbox_lib.h 25375 2008-05-16 15:19:51Z androsyn $
 */
 #ifndef RB_LIB_H
@ -38,32 +38,32 @@ char *alloca();
 #ifdef __GNUC__
-#ifdef likely
+#ifdef rb_likely
-#undef likely
+#undef rb_likely
 #endif
-#ifdef unlikely
+#ifdef rb_unlikely
-#undef unlikely
+#undef rb_unlikely
 #endif
 #if __GNUC__ == 2 && __GNUC_MINOR__ < 96
 # define __builtin_expect(x, expected_value) (x)
 #endif
-#define likely(x)       __builtin_expect(!!(x), 1)
+#define rb_likely(x)       __builtin_expect(!!(x), 1)
-#define unlikely(x)     __builtin_expect(!!(x), 0)
+#define rb_unlikely(x)     __builtin_expect(!!(x), 0)
 #else /* !__GNUC__ */
 #define UNUSED(x) x
-#ifdef likely
+#ifdef rb_likely
-#undef likely
+#undef rb_likely
 #endif
-#ifdef unlikely
+#ifdef rb_unlikely
-#undef unlikely
+#undef rb_unlikely
 #endif
-#define likely(x)	(x)
+#define rb_likely(x)	(x)
-#define unlikely(x)	(x)
+#define rb_unlikely(x)	(x)
 #endif
@ -118,24 +118,18 @@ unsigned int geteuid(void);
 #ifdef SOFT_ASSERT
 #ifdef __GNUC__
 #define lrb_assert(expr)	do								\
-			if(unlikely(!(expr))) {							\
+			if(rb_unlikely(!(expr))) {							\
-				lib_ilog(L_MAIN, 						\
+				rb_lib_log( 						\
 				"file: %s line: %d (%s): Assertion failed: (%s)",	\
 				__FILE__, __LINE__, __PRETTY_FUNCTION__, #expr); 	\
 				sendto_realops_flags(UMODE_ALL, L_ALL, 			\
 				"file: %s line: %d (%s): Assertion failed: (%s)",	\
 				__FILE__, __LINE__, __PRETTY_FUNCTION__, #expr); 	\
 			}								\
 			while(0)
 #else
 #define lrb_assert(expr)	do								\
-			if(unlikely(!(expr))) {							\
+			if(rb_unlikely(!(expr))) {							\
-				lib_ilog(L_MAIN, 						\
+				rb_lib_log(L_MAIN, 						\
 				"file: %s line: %d: Assertion failed: (%s)",		\
 				__FILE__, __LINE__, #expr); 				\
 				sendto_realops_flags(UMODE_ALL, L_ALL,			\
 				"file: %s line: %d: Assertion failed: (%s)"		\
 				__FILE__, __LINE__, #expr);				\
 			}								\
 			while(0)
 #endif
--- a/libratbox/include/rb_commio.h
+++ b/libratbox/include/rb_commio.h
@ -21,7 +21,7 @@
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301
 *  USA
 *
- *  $Id: rb_commio.h 25038 2008-01-23 16:03:08Z androsyn $
+ *  $Id: rb_commio.h 25327 2008-05-08 19:32:13Z androsyn $
 */
 #ifndef RB_LIB_H
@ -168,5 +168,7 @@ void  rb_ssl_start_accepted(rb_fde_t *new_F, ACCB *cb, void *data, int timeout);
 void rb_ssl_start_connected(rb_fde_t *F, CNCB *callback, void *data, int timeout);
 int rb_supports_ssl(void);
 unsigned int rb_ssl_handshake_count(rb_fde_t *F);
 void rb_ssl_clear_handshake_count(rb_fde_t *F);
 #endif /* INCLUDED_commio_h */
--- a/libratbox/include/rb_linebuf.h
+++ b/libratbox/include/rb_linebuf.h
@ -21,7 +21,7 @@
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301
 *  USA
 *
- *  $Id: rb_linebuf.h 24324 2007-08-31 22:05:45Z androsyn $
+ *  $Id: rb_linebuf.h 25227 2008-04-12 22:20:43Z jilles $
 */
 #ifndef RB_LIB_H
--- a/libratbox/include/rb_memory.h
+++ b/libratbox/include/rb_memory.h
@ -21,7 +21,7 @@
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301
 *  USA
 *
- *  $Id: rb_memory.h 25022 2008-01-23 03:54:00Z androsyn $
+ *  $Id: rb_memory.h 25375 2008-05-16 15:19:51Z androsyn $
 */
 #ifndef RB_LIB_H
@ -40,7 +40,7 @@ static inline void *
 rb_malloc(size_t size)
 {
 	void *ret = calloc(1, size);
-	if(unlikely(ret == NULL))
+	if(rb_unlikely(ret == NULL))
 		rb_outofmemory();
 	return (ret);
 }
@ -50,7 +50,7 @@ rb_realloc(void *x, size_t y)
 {
 	void *ret = realloc(x, y);
-	if(unlikely(ret == NULL))
+	if(rb_unlikely(ret == NULL))
 		rb_outofmemory();
 	return (ret);
 }
@ -59,7 +59,7 @@ static inline char *
 rb_strndup(const char *x, size_t y)
 {
 	char *ret = malloc(y);
-	if(unlikely(ret == NULL))
+	if(rb_unlikely(ret == NULL))
 		rb_outofmemory();
 	rb_strlcpy(ret, x, y);
 	return(ret);
@ -69,7 +69,7 @@ static inline char *
 rb_strdup(const char *x)
 {
 	char *ret = malloc(strlen(x) + 1);
-	if(unlikely(ret == NULL))
+	if(rb_unlikely(ret == NULL))
 		rb_outofmemory();
 	strcpy(ret, x);
 	return(ret);
@ -79,8 +79,9 @@ rb_strdup(const char *x)
 static inline void
 rb_free(void *ptr)
 {
-        if(likely(ptr != NULL))
+        if(rb_likely(ptr != NULL))
        	free(ptr);
 }
 #endif /* _I_MEMORY_H */
--- a/libratbox/src/Makefile.am
+++ b/libratbox/src/Makefile.am
@ -1,8 +1,8 @@
-# $Id: Makefile.am 24820 2008-01-02 19:47:32Z androsyn $
+# $Id: Makefile.am 25532 2008-06-11 14:40:44Z androsyn $
 AUTOMAKE_OPTIONS = foreign
-INCLUDES = -I. -I../include @SSL_INCLUDES@
+INCLUDES = -I. -I../include @SSL_CFLAGS@ @GNUTLS_CFLAGS@
 libratbox_la_SOURCES =			\
 	unix.c				\
@ -32,6 +32,6 @@ libratbox_la_SOURCES =			\
 libratbox_la_LDFLAGS = -version-info 3:0:0 -no-undefined -export-symbols export-syms.txt
-libratbox_la_LIBADD = @CRYPT_LIB@ @SSL_LIBS@ 
+libratbox_la_LIBADD = @CRYPT_LIB@ @SSL_LIBS@ @GNUTLS_LIBS@
 lib_LTLIBRARIES = libratbox.la
--- a/libratbox/src/Makefile.in
+++ b/libratbox/src/Makefile.in
@ -14,7 +14,7 @@
@SET_MAKE@
-# $Id: Makefile.am 24820 2008-01-02 19:47:32Z androsyn $
+# $Id: Makefile.am 25532 2008-06-11 14:40:44Z androsyn $
 VPATH = @srcdir@
 pkgdatadir = $(datadir)/@PACKAGE@
@ -150,7 +150,7 @@ SED = @SED@
 SEDOBJ = @SEDOBJ@
 SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
-SSL_INCLUDES = @SSL_INCLUDES@
+SSL_CFLAGS = @SSL_CFLAGS@
 SSL_LIBS = @SSL_LIBS@
 STRIP = @STRIP@
 TOUCH = @TOUCH@
@ -208,7 +208,7 @@ target_alias = @target_alias@
 top_builddir = @top_builddir@
 top_srcdir = @top_srcdir@
 AUTOMAKE_OPTIONS = foreign
-INCLUDES = -I. -I../include @SSL_INCLUDES@
+INCLUDES = -I. -I../include @SSL_CFLAGS@ @GNUTLS_CFLAGS@
 libratbox_la_SOURCES = \
 	unix.c				\
 	win32.c				\
@ -235,8 +235,8 @@ libratbox_la_SOURCES = \
 	rawbuf.c			\
 	patricia.c
-libratbox_la_LDFLAGS = -avoid-version -no-undefined -export-symbols export-syms.txt
+libratbox_la_LDFLAGS = -version-info 3:0:0 -no-undefined -export-symbols export-syms.txt
-libratbox_la_LIBADD = @CRYPT_LIB@ @SSL_LIBS@ 
+libratbox_la_LIBADD = @CRYPT_LIB@ @SSL_LIBS@ @GNUTLS_LIBS@
 lib_LTLIBRARIES = libratbox.la
 all: all-am
--- a/libratbox/src/balloc.c
+++ b/libratbox/src/balloc.c
@ -28,7 +28,7 @@
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301
 *  USA
 *
- *  $Id: balloc.c 25048 2008-01-23 18:34:02Z androsyn $
+ *  $Id: balloc.c 25375 2008-05-16 15:19:51Z androsyn $
 */
 /* 
@ -233,7 +233,7 @@ newblock(rb_bh * bh)
 	b->alloc_size = bh->elemsPerBlock * (bh->elemSize + sizeof(rb_heap_block *));
 	b->elems = get_block(b->alloc_size);
-	if(unlikely(b->elems == NULL))
+	if(rb_unlikely(b->elems == NULL))
 	{
 		return (1);
 	}
@ -273,7 +273,7 @@ rb_bh_create(size_t elemsize, int elemsperblock, const char *desc)
 	lrb_assert(elemsize > 0 && elemsperblock > 0);
 	lrb_assert(elemsize >= sizeof(rb_dlink_node));
 	/* Catch idiotic requests up front */
-	if((elemsize <= 0) || (elemsperblock <= 0))
+	if((elemsize == 0) || (elemsperblock <= 0))
 	{
 		rb_bh_fail("Attempting to rb_bh_create idiotic sizes");
 	}
@ -337,7 +337,7 @@ rb_bh_alloc(rb_bh * bh)
 	rb_heap_memblock *memblock;
 #endif	
 	lrb_assert(bh != NULL);
-	if(unlikely(bh == NULL))
+	if(rb_unlikely(bh == NULL))
 	{
 		rb_bh_fail("Cannot allocate if bh == NULL");
 	}
@ -350,7 +350,7 @@ rb_bh_alloc(rb_bh * bh)
 		/* Allocate new block and assign */
 		/* newblock returns 1 if unsuccessful, 0 if not */
-		if(unlikely(newblock(bh)))
+		if(rb_unlikely(newblock(bh)))
 		{
 			rb_lib_log("newblock() failed");
 			rb_outofmemory();	/* Well that didn't work either...bail */
@ -392,15 +392,15 @@ rb_bh_free(rb_bh * bh, void *ptr)
 	lrb_assert(bh != NULL);
 	lrb_assert(ptr != NULL);
-	if(unlikely(bh == NULL))
+	if(rb_unlikely(bh == NULL))
 	{
-		rb_lib_log("balloc.c:rb_bh_free() bh == NULL");
+		rb_lib_log("balloc.c:rb_bhFree() bh == NULL");
 		return (1);
 	}
-	if(unlikely(ptr == NULL))
+	if(rb_unlikely(ptr == NULL))
 	{
-		rb_lib_log("balloc.rb_bh_free() ptr == NULL");
+		rb_lib_log("balloc.rb_bhFree() ptr == NULL");
 		return (1);
 	}
@ -409,7 +409,7 @@ rb_bh_free(rb_bh * bh, void *ptr)
 #else
 	memblock = (rb_heap_memblock *) ((uintptr_t)ptr - sizeof(rb_heap_block *));
 	/* XXX */
-	if(unlikely(!((uintptr_t)ptr >= (uintptr_t)memblock->block->elems && (uintptr_t)ptr < (uintptr_t)memblock->block->elems + (uintptr_t)memblock->block->alloc_size)))
+	if(rb_unlikely(!((uintptr_t)ptr >= (uintptr_t)memblock->block->elems && (uintptr_t)ptr < (uintptr_t)memblock->block->elems + (uintptr_t)memblock->block->alloc_size)))
 	{
 		rb_bh_fail("rb_bh_free() bogus pointer");
 	}
--- a/libratbox/src/commio.c
+++ b/libratbox/src/commio.c
@ -21,7 +21,7 @@
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301
 *  USA
 *
- *  $Id: commio.c 25358 2008-05-13 14:48:46Z androsyn $
+ *  $Id: commio.c 25375 2008-05-16 15:19:51Z androsyn $
 */
 #include <libratbox_config.h>
 #include <ratbox_lib.h>
@ -368,7 +368,7 @@ rb_accept_tryaccept(rb_fde_t *F, void *data)
 		new_F = rb_open(new_fd, RB_FD_SOCKET, "Incoming Connection");
-		if(unlikely(!rb_set_nb(new_F)))
+		if(rb_unlikely(!rb_set_nb(new_F)))
 		{
 			rb_get_errno();
 			rb_lib_log("rb_accept: Couldn't set FD %d non blocking!", new_F->fd);
@ -603,7 +603,7 @@ rb_socketpair(int family, int sock_type, int proto, rb_fde_t **F1, rb_fde_t **F2
 	}
 	/* Set the socket non-blocking, and other wonderful bits */
-	if(unlikely(!rb_set_nb(*F1)))
+	if(rb_unlikely(!rb_set_nb(*F1)))
 	{
 		rb_lib_log("rb_open: Couldn't set FD %d non blocking: %s", nfd[0], strerror(errno));
 		rb_close(*F1);
@ -611,7 +611,7 @@ rb_socketpair(int family, int sock_type, int proto, rb_fde_t **F1, rb_fde_t **F2
 		return -1;
 	}
-	if(unlikely(!rb_set_nb(*F2)))
+	if(rb_unlikely(!rb_set_nb(*F2)))
 	{
 		rb_lib_log("rb_open: Couldn't set FD %d non blocking: %s", nfd[1], strerror(errno));
 		rb_close(*F1);
@ -640,7 +640,7 @@ rb_pipe(rb_fde_t **F1, rb_fde_t **F2, const char *desc)
 	*F1 = rb_open(fd[0], RB_FD_PIPE, desc);
 	*F2 = rb_open(fd[1], RB_FD_PIPE, desc);
-	if(unlikely(!rb_set_nb(*F1)))
+	if(rb_unlikely(!rb_set_nb(*F1)))
 	{
 		rb_lib_log("rb_open: Couldn't set FD %d non blocking: %s", fd[0], strerror(errno));
 		rb_close(*F1);
@ -648,7 +648,7 @@ rb_pipe(rb_fde_t **F1, rb_fde_t **F2, const char *desc)
 		return -1;
 	}
-	if(unlikely(!rb_set_nb(*F2)))
+	if(rb_unlikely(!rb_set_nb(*F2)))
 	{
 		rb_lib_log("rb_open: Couldn't set FD %d non blocking: %s", fd[1], strerror(errno));
 		rb_close(*F1);
@ -679,7 +679,7 @@ rb_socket(int family, int sock_type, int proto, const char *note)
 	rb_fde_t *F;
 	int fd;
 	/* First, make sure we aren't going to run out of file descriptors */
-	if(unlikely(number_fd >= rb_maxconnections))
+	if(rb_unlikely(number_fd >= rb_maxconnections))
 	{
 		errno = ENFILE;
 		return NULL;
@ -692,7 +692,7 @@ rb_socket(int family, int sock_type, int proto, const char *note)
 	 */
 	fd = socket(family, sock_type, proto);
 	rb_fd_hack(&fd);
-	if(unlikely(fd < 0))
+	if(rb_unlikely(fd < 0))
 		return NULL;	/* errno will be passed through, yay.. */
 #if defined(RB_IPV6) && defined(IPV6_V6ONLY)
@ -718,7 +718,7 @@ rb_socket(int family, int sock_type, int proto, const char *note)
 		return NULL;
 	/* Set the socket non-blocking, and other wonderful bits */
-	if(unlikely(!rb_set_nb(F)))
+	if(rb_unlikely(!rb_set_nb(F)))
 	{
 		rb_lib_log("rb_open: Couldn't set FD %d non blocking: %s", fd, strerror(errno));
 		rb_close(F);
@ -801,7 +801,7 @@ rb_open(int fd, rb_uint8_t type, const char *desc)
 	rb_fde_t *F = add_fd(fd);
 	lrb_assert(fd >= 0);
-	if(unlikely(IsFDOpen(F)))
+	if(rb_unlikely(IsFDOpen(F)))
 	{
 		return NULL;
 	}
@ -831,7 +831,7 @@ rb_close(rb_fde_t *F)
 	lrb_assert(IsFDOpen(F));
 	lrb_assert(!(type & RB_FD_FILE));
-	if(unlikely(type & RB_FD_FILE))
+	if(rb_unlikely(type & RB_FD_FILE))
 	{
 		lrb_assert(F->read_handler == NULL);
 		lrb_assert(F->write_handler == NULL);
--- a/libratbox/src/export-syms.txt
+++ b/libratbox/src/export-syms.txt
@ -143,3 +143,5 @@ rb_gettimeofday
 rb_sleep
 rb_spawn_process
 rb_supports_ssl
 rb_ssl_handshake_count
 rb_ssl_clear_handshake_count
--- a/libratbox/src/gnutls.c
+++ b/libratbox/src/gnutls.c
@ -4,7 +4,6 @@
 *
 *  Copyright (C) 2007-2008 ircd-ratbox development team
 *  Copyright (C) 2007-2008 Aaron Sethman <androsyn@ratbox.org>
 *  Copyright (C) 2008 William Pitcock <nenolod@nenolod.net>
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
@ -21,29 +20,50 @@
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301
 *  USA
 *
- *  $Id: commio.c 24808 2008-01-02 08:17:05Z androsyn $
+ *  $Id: gnutls.c 25568 2008-06-20 18:46:08Z androsyn $
 */
 #include <libratbox_config.h>
 #include <ratbox_lib.h>
 #ifdef HAVE_GNUTLS
 #include <commio-int.h>
 #include <commio-ssl.h>
-#include <gnutls/gnutls.h>
+#ifdef HAVE_GNUTLS
-static gnutls_certificate_credentials_t x509_cred;
+#include <gnutls/gnutls.h>
-static gnutls_dh_params_t dh_params;
+#include <gcrypt.h>
 static gnutls_certificate_credentials x509;
 static gnutls_dh_params dh_params;
 #define SSL_P(x) *((gnutls_session_t *)F->ssl)
 void
 rb_ssl_shutdown(rb_fde_t * F)
 {
 	int i;
 	if(F == NULL || F->ssl == NULL)
 		return;
 	for (i = 0; i < 4; i++)
 	{
 		if(gnutls_bye(SSL_P(F), GNUTLS_SHUT_RDWR) == GNUTLS_E_SUCCESS)
 			break;
 	}
 	gnutls_deinit(SSL_P(F));
 	rb_free(F->ssl);
 }
-	gnutls_bye((gnutls_session_t) F->ssl, GNUTLS_SHUT_RDWR);
+unsigned int
-	gnutls_deinit((gnutls_session_t) F->ssl);
+rb_ssl_handshake_count(rb_fde_t *F)
 {
 	return F->handshake_count;
 }
 void
 rb_ssl_clear_handshake_count(rb_fde_t *F)
 {
 	F->handshake_count = 0;
 }
 static void
@ -53,38 +73,52 @@ rb_ssl_timeout(rb_fde_t * F, void *notused)
 	F->accept->callback(F, RB_ERR_TIMEOUT, NULL, 0, F->accept->data);
 }
 static int do_ssl_handshake(rb_fde_t *F, PF *callback)
 {
 	int ret;
 	int flags;	
 	ret = gnutls_handshake(SSL_P(F));
 	if(ret < 0)
 	{
 		if((ret == GNUTLS_E_INTERRUPTED && rb_ignore_errno(errno)) || ret == GNUTLS_E_AGAIN)
 		{
 			if(gnutls_record_get_direction(SSL_P(F)) == 0)
 				flags = RB_SELECT_READ;
 			else
 				flags = RB_SELECT_WRITE;
 			rb_setselect(F, flags, callback, NULL);	
 			return 0;
 		}
 		F->ssl_errno = ret;
 		return -1;
 	} 
 	return 1; /* handshake is finished..go about life */
 }
 static void
 rb_ssl_tryaccept(rb_fde_t * F, void *data)
 {
-	int ssl_err;
+	int ret;
 	lrb_assert(F->accept != NULL);
 	int flags;
 	struct acceptdata *ad;
-	if((ssl_err = gnutls_handshake((gnutls_session_t) F->ssl)) != 0)
+	lrb_assert(F->accept != NULL);
 	{
 		switch (ssl_err)
 		{
 		case GNUTLS_E_INTERRUPTED:
 			if(rb_ignore_errno(errno))
 		case GNUTLS_E_AGAIN:
 			{
 				if(gnutls_record_get_direction((gnutls_session_t) F->ssl))
 					flags = RB_SELECT_WRITE;
 				else
 					flags = RB_SELECT_READ;
-				F->ssl_errno = ssl_err;
+	ret = do_ssl_handshake(F, rb_ssl_tryaccept);
-				rb_setselect(F, flags, rb_ssl_tryaccept, NULL);
+	
-				return;
+	switch(ret)
-			}
+	{
-			break;
+		case -1:
 		default:
 			F->ssl_errno = ssl_err;
 			F->accept->callback(F, RB_ERROR_SSL, NULL, 0, F->accept->data);
 			break;
-		}
+		case 0:
 			/* do_ssl_handshake does the rb_setselect stuff */
 			return;
 		default:
 			break;			
 	}
 	rb_settimeout(F, 0, NULL, NULL);
 	rb_setselect(F, RB_SELECT_READ | RB_SELECT_WRITE, NULL, NULL);
@ -94,24 +128,15 @@ rb_ssl_tryaccept(rb_fde_t * F, void *data)
 	ad->callback(F, RB_OK, (struct sockaddr *) &ad->S, ad->addrlen,
 			    ad->data);
 	rb_free(ad);
 }
 void
 rb_ssl_start_accepted(rb_fde_t * new_F, ACCB * cb, void *data, int timeout)
 {
-	gnutls_session_t sess;
+	gnutls_session_t *ssl;
 	int ssl_err;
 	new_F->type |= RB_FD_SSL;
-
+	ssl = new_F->ssl = rb_malloc(sizeof(gnutls_session_t));
 	gnutls_init(&sess, GNUTLS_SERVER);
 	gnutls_set_default_priority(sess);
 	gnutls_credentials_set(sess, GNUTLS_CRD_CERTIFICATE, x509_cred);
 	gnutls_dh_set_prime_bits(sess, 1024);
 	gnutls_certificate_server_set_request(sess, GNUTLS_CERT_REQUEST);
 	new_F->ssl = sess;
 	new_F->accept = rb_malloc(sizeof(struct acceptdata));
 	new_F->accept->callback = cb;
@ -120,65 +145,32 @@ rb_ssl_start_accepted(rb_fde_t * new_F, ACCB * cb, void *data, int timeout)
 	new_F->accept->addrlen = 0;
-	gnutls_transport_set_ptr((gnutls_session_t) new_F->ssl, (gnutls_transport_ptr_t) rb_get_fd(new_F));
+	gnutls_init(ssl, GNUTLS_SERVER);	
-
+	gnutls_set_default_priority(*ssl);
-	if((ssl_err = gnutls_handshake((gnutls_session_t) new_F->ssl)) != 0)
+	gnutls_credentials_set(*ssl, GNUTLS_CRD_CERTIFICATE, x509);
 	gnutls_dh_set_prime_bits(*ssl, 1024);
 	gnutls_transport_set_ptr(*ssl, (gnutls_transport_ptr_t) (long int)new_F->fd);
 	if(do_ssl_handshake(new_F, rb_ssl_tryaccept))
 	{
-		switch(ssl_err)
+		struct acceptdata *ad = new_F->accept;
 		{
 		case GNUTLS_E_INTERRUPTED:
 			if(rb_ignore_errno(errno))
 		case GNUTLS_E_AGAIN:
 			{
 				int flags;
 				if(gnutls_record_get_direction((gnutls_session_t) new_F->ssl))
 					flags = RB_SELECT_WRITE;
 				else
 					flags = RB_SELECT_READ;
 				new_F->ssl_errno = ssl_err;
 				rb_setselect(new_F, flags, rb_ssl_tryaccept, NULL);
 				return;
 			}
 			break;
 		default:
 			new_F->ssl_errno = ssl_err;
 			new_F->accept->callback(new_F, RB_ERROR_SSL, NULL, 0, new_F->accept->data);
 			return;
 		}
 	}
 	else
 	{
 		struct acceptdata *ad;
 		rb_settimeout(new_F, 0, NULL, NULL);
 		rb_setselect(new_F, RB_SELECT_READ | RB_SELECT_WRITE, NULL, NULL);
 		ad = new_F->accept;
 		new_F->accept = NULL;
-		ad->callback(new_F, RB_OK, (struct sockaddr *) &ad->S, ad->addrlen,
+		ad->callback(new_F, RB_OK, (struct sockaddr *) &ad->S, ad->addrlen, ad->data);
 				    ad->data);
 		rb_free(ad);	
 	}
 }
 void
 rb_ssl_accept_setup(rb_fde_t * F, int new_fd, struct sockaddr *st, int addrlen)
 {
 	gnutls_session_t sess;
 	rb_fde_t *new_F;
 	int ssl_err;
 	new_F = rb_find_fd(new_fd);
 	gnutls_init(&sess, GNUTLS_SERVER);
 	gnutls_set_default_priority(sess);
 	gnutls_credentials_set(sess, GNUTLS_CRD_CERTIFICATE, x509_cred);
 	gnutls_dh_set_prime_bits(sess, 1024);
 	gnutls_certificate_server_set_request(sess, GNUTLS_CERT_REQUEST);
 	new_F->type |= RB_FD_SSL;
 	new_F->ssl = rb_malloc(sizeof(gnutls_session_t));
 	new_F->accept = rb_malloc(sizeof(struct acceptdata));
 	new_F->accept->callback = F->accept->callback;
@ -187,90 +179,54 @@ rb_ssl_accept_setup(rb_fde_t * F, int new_fd, struct sockaddr *st, int addrlen)
 	memcpy(&new_F->accept->S, st, addrlen);
 	new_F->accept->addrlen = addrlen;
-	gnutls_transport_set_ptr((gnutls_session_t) new_F->ssl, (gnutls_transport_ptr_t) rb_get_fd(new_F));
+	gnutls_init((gnutls_session_t *)new_F->ssl, GNUTLS_SERVER);	
-	if((ssl_err = gnutls_handshake((gnutls_session_t) new_F->ssl)) != 0)
+	gnutls_set_default_priority(SSL_P(new_F));
 	gnutls_credentials_set(SSL_P(new_F), GNUTLS_CRD_CERTIFICATE, x509);
 	gnutls_dh_set_prime_bits(SSL_P(new_F), 1024);
 	gnutls_transport_set_ptr(SSL_P(new_F), (gnutls_transport_ptr_t) (long int)new_fd);
 	if(do_ssl_handshake(F, rb_ssl_tryaccept))
 	{
-		switch(ssl_err)
+		struct acceptdata *ad = F->accept;
-		{
+		F->accept = NULL;
-		case GNUTLS_E_INTERRUPTED:
+		ad->callback(F, RB_OK, (struct sockaddr *) &ad->S, ad->addrlen, ad->data);
 			if(rb_ignore_errno(errno))
 		case GNUTLS_E_AGAIN:
 			{
 				int flags;
 				if(gnutls_record_get_direction((gnutls_session_t) new_F->ssl))
 					flags = RB_SELECT_WRITE;
 				else
 					flags = RB_SELECT_READ;
 				new_F->ssl_errno = ssl_err;
 				rb_setselect(new_F, flags, rb_ssl_tryaccept, NULL);
 				return;
 			}
 			break;
 		default:
 			new_F->ssl_errno = ssl_err;
 			new_F->accept->callback(new_F, RB_ERROR_SSL, NULL, 0, new_F->accept->data);
 			return;
 		}
 	}
 	else
 	{
 		struct acceptdata *ad;
 		rb_settimeout(new_F, 0, NULL, NULL);
 		rb_setselect(new_F, RB_SELECT_READ | RB_SELECT_WRITE, NULL, NULL);
 		ad = new_F->accept;
 		new_F->accept = NULL;
 		ad->callback(new_F, RB_OK, (struct sockaddr *) &ad->S, ad->addrlen,
 				    ad->data);
 		rb_free(ad);	
 	}
 }
 static ssize_t
 rb_ssl_read_or_write(int r_or_w, rb_fde_t * F, void *rbuf, const void *wbuf, size_t count)
 {
 	ssize_t ret;
-	unsigned long err;
+	gnutls_session_t *ssl = F->ssl;
 	gnutls_session_t ssl = F->ssl;
 	if(r_or_w == 0)
-		ret = gnutls_record_recv(ssl, rbuf, count);
+		ret = gnutls_record_recv(*ssl, rbuf, count);
 	else
-		ret = gnutls_record_send(ssl, wbuf, count);
+		ret = gnutls_record_send(*ssl, wbuf, count);
 	if(ret < 0)
 	{
-		switch (ret)
+		switch(ret)
 		{
 		case GNUTLS_E_AGAIN:
 			errno = EAGAIN;
 			if (gnutls_record_get_direction(ssl))
 				return RB_RW_SSL_NEED_WRITE;
 			else
 				return RB_RW_SSL_NEED_READ;
 		case GNUTLS_E_INTERRUPTED:
-			err = ret;
+			if(rb_ignore_errno(errno))
 			if(err == 0)
 			{
-				F->ssl_errno = 0;
+				if(gnutls_record_get_direction(*ssl) == 0)
-				return RB_RW_IO_ERROR;
+					return RB_RW_SSL_NEED_READ;
-			}
+				else
 					return RB_RW_SSL_NEED_WRITE;
 				break;
 			}
 		default:
-			err = ret;
+			F->ssl_errno = ret;
-			break;
+			errno = EIO;
 		}
 		F->ssl_errno = err;
 		if(err > 0)
 		{
 			errno = EIO;	/* not great but... */
 			return RB_RW_SSL_ERROR;
 		}
 			return RB_RW_IO_ERROR;
 		}
 	}
 	return ret;
 }
@ -286,38 +242,107 @@ rb_ssl_write(rb_fde_t * F, const void *buf, size_t count)
 	return rb_ssl_read_or_write(1, F, NULL, buf, count);
 }
 static void
 rb_gcry_random_seed(void *unused)
 {
 	gcry_fast_random_poll();
 }
 int
 rb_init_ssl(void)
 {
 	int ret = 1, g_ret;
 	gnutls_global_init();
-	gnutls_certificate_allocate_credentials(&x509_cred);
+	if(gnutls_certificate_allocate_credentials(&x509) != GNUTLS_E_SUCCESS)
 	gnutls_dh_params_init(&dh_params);
 	if((g_ret = gnutls_dh_params_generate2(dh_params, 1024)) < 0)
 	{
-		rb_lib_log("rb_init_gnutls: Failed to generate GNUTLS DH params: %s", gnutls_strerror(g_ret));
+		rb_lib_log("rb_init_ssl: Unable to allocate SSL/TLS certificate credentials");
-		ret = 0;
+		return 0;
 	}
 	rb_event_addish("rb_gcry_random_seed", rb_gcry_random_seed, NULL, 300);
 	return 1;
 }
-	gnutls_certificate_set_dh_params(x509_cred, dh_params);
+static void
 rb_free_datum_t(gnutls_datum_t *d)
 {
 	rb_free(d->data);
 	rb_free(d);
 }
-	return ret;
+static gnutls_datum_t *
 rb_load_file_into_datum_t(const char *file)
 {
 	FILE *f;
 	gnutls_datum_t *datum;
 	struct stat fileinfo;
 	if((f = fopen(file, "r")) == NULL)
 		return NULL;
 	if(fstat(fileno(f), &fileinfo))
 		return NULL;
 	datum = rb_malloc(sizeof(gnutls_datum_t));
 	if(fileinfo.st_size > 131072) /* deal with retards */
 		datum->size = 131072;
 	else
 		datum->size = fileinfo.st_size;	
 	datum->data = rb_malloc(datum->size + 1);
 	fread(datum->data, datum->size, 1, f);
 	fclose(f);
 	return datum;	
 }
 int
 rb_setup_ssl_server(const char *cert, const char *keyfile, const char *dhfile)
 {
-	int ret = 0;
+	int ret;
-
+	gnutls_datum_t *d_cert, *d_key;
-	if((ret = gnutls_certificate_set_x509_key_file(x509_cred, cert, keyfile, GNUTLS_X509_FMT_PEM)) < 0)
+	if(cert == NULL)
 	{
-		rb_lib_log("rb_setup_ssl_server: Setting x509 keys up failed: %s", gnutls_strerror(ret));
+		rb_lib_log("rb_setup_ssl_server: No certificate file");
 		return 0;
 	}
 	if((d_cert = rb_load_file_into_datum_t(cert)) == NULL)
 	{
 		rb_lib_log("rb_setup_ssl_server: Error loading certificate: %s", strerror(errno));
 		return 0;
 	}
 	if((d_key = rb_load_file_into_datum_t(keyfile)) == NULL)
 	{
 		rb_lib_log("rb_setup_ssl_server: Error loading key: %s", strerror(errno));
 		return 0;
 	}
 	if((ret = gnutls_certificate_set_x509_key_mem(x509, d_cert, d_key, GNUTLS_X509_FMT_PEM)) != GNUTLS_E_SUCCESS)
 	{
 		rb_lib_log("rb_setup_ssl_server: Error loading certificate or key file: %s", gnutls_strerror(ret));
 		return 0;
 	}
 	rb_free_datum_t(d_cert);
 	rb_free_datum_t(d_key);
 	if(dhfile != NULL)
 	{
 		if(gnutls_dh_params_init(&dh_params) == GNUTLS_E_SUCCESS)
 		{
 			gnutls_datum_t *data;
 			int xret;
 			data = rb_load_file_into_datum_t(dhfile);
 			if(data != NULL)
 			{
 				xret = gnutls_dh_params_import_pkcs3(dh_params, data, GNUTLS_X509_FMT_PEM);
 				if(xret < 0)
 					rb_lib_log("rb_setup_ssl_server: Error parsing DH file: %s\n", gnutls_strerror(xret));
 				rb_free_datum_t(data);
 			}
 			gnutls_certificate_set_dh_params(x509, dh_params);
 		} else 
 			rb_lib_log("rb_setup_ssl_server: Unable to setup DH parameters");
 	}
 	return 1;
 }
@ -354,40 +379,30 @@ static void
 rb_ssl_tryconn_cb(rb_fde_t * F, void *data)
 {
 	struct ssl_connect *sconn = data;
-	int ssl_err;
+	int ret;
-	if((ssl_err = gnutls_handshake((gnutls_session_t) F->ssl)) != 0)
+        ret = do_ssl_handshake(F, rb_ssl_tryconn_cb);
        switch(ret)
        {
-		switch (ssl_err)
+                case -1:
 		{
 		case GNUTLS_E_INTERRUPTED:
 			if(rb_ignore_errno(errno))
 		case GNUTLS_E_AGAIN:
 				{
 					F->ssl_errno = ssl_err;
 					rb_setselect(F, RB_SELECT_READ | RB_SELECT_WRITE,
 						     rb_ssl_tryconn_cb, sconn);
 					return;
 				}
 		default:
 			F->ssl_errno = ssl_err;
              		rb_ssl_connect_realcb(F, RB_ERROR_SSL, sconn); 
                        break;
                case 0:
                        /* do_ssl_handshake does the rb_setselect stuff */
                        return;
                default:
                        break;
        }
 	}
 	else
 	{
 	rb_ssl_connect_realcb(F, RB_OK, sconn);
 	}
 }
 static void
 rb_ssl_tryconn(rb_fde_t * F, int status, void *data)
 {
 	gnutls_session_t sess;
 	struct ssl_connect *sconn = data;
 	int ssl_err;
 	if(status != RB_OK)
 	{
 		rb_ssl_connect_realcb(F, status, sconn);
@ -396,35 +411,15 @@ rb_ssl_tryconn(rb_fde_t * F, int status, void *data)
 	F->type |= RB_FD_SSL;
 	gnutls_init(&sess, GNUTLS_CLIENT);
 	gnutls_set_default_priority(sess);
 	gnutls_credentials_set(sess, GNUTLS_CRD_CERTIFICATE, x509_cred);
 	gnutls_dh_set_prime_bits(sess, 1024);
 	gnutls_transport_set_ptr(sess, (gnutls_transport_ptr_t) F->fd);
 	F->ssl = sess;
 	rb_settimeout(F, sconn->timeout, rb_ssl_tryconn_timeout_cb, sconn);
-	if((ssl_err = gnutls_handshake((gnutls_session_t) F->ssl)) != 0)
+	F->ssl = rb_malloc(sizeof(gnutls_session_t));
-	{
+        gnutls_init(F->ssl, GNUTLS_CLIENT);
-		switch (ssl_err)
+        gnutls_set_default_priority(SSL_P(F));
-		{
+	gnutls_dh_set_prime_bits(SSL_P(F), 1024);
-		case GNUTLS_E_INTERRUPTED:
+	gnutls_transport_set_ptr(SSL_P(F), (gnutls_transport_ptr_t) (long int)F->fd);
-			if(rb_ignore_errno(errno))
+
-		case GNUTLS_E_AGAIN:
+	if(do_ssl_handshake(F, rb_ssl_tryconn_cb))
 				{
 					F->ssl_errno = ssl_err;
 					rb_setselect(F, RB_SELECT_READ | RB_SELECT_WRITE,
 						     rb_ssl_tryconn_cb, sconn);
 					return;
 				}
 		default:
 			F->ssl_errno = ssl_err;
 			rb_ssl_connect_realcb(F, RB_ERROR_SSL, sconn);
 			return;
 		}
 	}
 	else
 	{
 		rb_ssl_connect_realcb(F, RB_OK, sconn);
 	}
@ -443,14 +438,13 @@ rb_connect_tcp_ssl(rb_fde_t * F, struct sockaddr *dest,
 	sconn->callback = callback;
 	sconn->timeout = timeout;
 	rb_connect_tcp(F, dest, clocal, socklen, rb_ssl_tryconn, sconn, timeout);
 }
 void
 rb_ssl_start_connected(rb_fde_t * F, CNCB * callback, void *data, int timeout)
 {
 	gnutls_session_t sess;
 	struct ssl_connect *sconn;
 	int ssl_err;
 	if(F == NULL)
 		return;
@ -462,52 +456,33 @@ rb_ssl_start_connected(rb_fde_t * F, CNCB * callback, void *data, int timeout)
 	F->connect->callback = callback;
 	F->connect->data = data;
 	F->type |= RB_FD_SSL;
 	F->ssl = rb_malloc(sizeof(gnutls_session_t));
-	gnutls_init(&sess, GNUTLS_CLIENT);
+        gnutls_init(F->ssl, GNUTLS_CLIENT);
-	gnutls_set_default_priority(sess);
+        gnutls_set_default_priority(SSL_P(F));
-	gnutls_credentials_set(sess, GNUTLS_CRD_CERTIFICATE, x509_cred);
+	gnutls_dh_set_prime_bits(SSL_P(F), 1024);
-	gnutls_dh_set_prime_bits(sess, 1024);
+	gnutls_transport_set_ptr(SSL_P(F), (gnutls_transport_ptr_t) (long int)F->fd);
 	gnutls_transport_set_ptr(sess, (gnutls_transport_ptr_t) F->fd);
 	F->ssl = sess;
 	rb_settimeout(F, sconn->timeout, rb_ssl_tryconn_timeout_cb, sconn);
-	if((ssl_err = gnutls_handshake((gnutls_session_t) F->ssl)) != 0)
+
-	{
+	if(do_ssl_handshake(F, rb_ssl_tryconn_cb))
 		switch (ssl_err)
 		{
 		case GNUTLS_E_INTERRUPTED:
 			if(rb_ignore_errno(errno))
 		case GNUTLS_E_AGAIN:
 				{
 					F->ssl_errno = ssl_err;
 					rb_setselect(F, RB_SELECT_READ | RB_SELECT_WRITE,
 						     rb_ssl_tryconn_cb, sconn);
 					return;
 				}
 		default:
 			F->ssl_errno = ssl_err;
 			rb_ssl_connect_realcb(F, RB_ERROR_SSL, sconn);
 			return;
 		}
 	}
 	else
 	{
 		rb_ssl_connect_realcb(F, RB_OK, sconn);
 	}
 }
 /* XXX: implement me */
 int
 rb_init_prng(const char *path, prng_seed_t seed_type)
 {
-	return -1;
+	gcry_fast_random_poll();
 	return 1;
 }
 int
 rb_get_random(void *buf, size_t length)
 {
-	return -1;
+	gcry_randomize(buf, length, GCRY_STRONG_RANDOM);
 	return 1;
 }
--- a/libratbox/src/helper.c
+++ b/libratbox/src/helper.c
@ -19,7 +19,7 @@
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301
 *  USA
 *
- *  $Id: helper.c 25038 2008-01-23 16:03:08Z androsyn $
+ *  $Id: helper.c 25245 2008-04-21 18:38:23Z androsyn $
 */
 #include <libratbox_config.h>
 #include <ratbox_lib.h>
@ -271,7 +271,7 @@ rb_helper_close(rb_helper *helper)
 {
 	if(helper == NULL)
 		return;
-		
+	kill(helper->pid, SIGKILL);
 	rb_close(helper->ifd);
 	rb_close(helper->ofd);
 	rb_free(helper);	
--- a/libratbox/src/kqueue.c
+++ b/libratbox/src/kqueue.c
@ -22,7 +22,7 @@
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301
 *  USA
 *
- *  $Id: kqueue.c 25038 2008-01-23 16:03:08Z androsyn $
+ *  $Id: kqueue.c 25364 2008-05-14 17:55:22Z jilles $
 */
 #include <libratbox_config.h>
@ -285,6 +285,8 @@ rb_select_kqueue(long delay)
 	}
 	return RB_OK;
 }
 #if defined(KQUEUE_SCHED_EVENT)
 static int can_do_event = 0;
 int
 rb_kqueue_supports_event(void)
@ -343,6 +345,7 @@ rb_kqueue_init_event(void)
 {
 	return;
 }
 #endif /* KQUEUE_SCHED_EVENT */
 #else /* kqueue not supported */
 int
--- a/libratbox/src/linebuf.c
+++ b/libratbox/src/linebuf.c
@ -21,7 +21,7 @@
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301
 *  USA
 *
- *  $Id: linebuf.c 25038 2008-01-23 16:03:08Z androsyn $
+ *  $Id: linebuf.c 25375 2008-05-16 15:19:51Z androsyn $
 */
 #include <libratbox_config.h>
@ -547,13 +547,13 @@ rb_linebuf_putmsg(buf_head_t * bufhead, const char *format, va_list * va_args, c
 	bufline->terminated = 1;
 	/* Truncate the data if required */
-	if(unlikely(len > 510))
+	if(rb_unlikely(len > 510))
 	{
 		len = 510;
 		bufline->buf[len++] = '\r';
 		bufline->buf[len++] = '\n';
 	}
-	else if(unlikely(len == 0))
+	else if(rb_unlikely(len == 0))
 	{
 		bufline->buf[len++] = '\r';
 		bufline->buf[len++] = '\n';
@ -593,19 +593,19 @@ rb_linebuf_putbuf(buf_head_t *bufhead, const char *buffer)
 	/* Create a new line */
 	bufline = rb_linebuf_new_line(bufhead);
-	if(unlikely(buffer != NULL))
+	if(rb_unlikely(buffer != NULL))
 		len = rb_strlcpy(bufline->buf, buffer, BUF_DATA_SIZE);
 	bufline->terminated = 1;
 	/* Truncate the data if required */
-	if(unlikely(len > 510))
+	if(rb_unlikely(len > 510))
 	{
 		len = 510;
 		bufline->buf[len++] = '\r';
 		bufline->buf[len++] = '\n';
 	}
-	else if(unlikely(len == 0))
+	else if(rb_unlikely(len == 0))
 	{
 		bufline->buf[len++] = '\r';
 		bufline->buf[len++] = '\n';
@ -648,7 +648,7 @@ rb_linebuf_put(buf_head_t * bufhead, const char *format, ...)
 	/* Create a new line */
 	bufline = rb_linebuf_new_line(bufhead);
-	if(unlikely(format != NULL))
+	if(rb_unlikely(format != NULL))
 	{
 		va_start(args, format);
 		len = rb_vsnprintf(bufline->buf, BUF_DATA_SIZE, format, args);
@ -658,13 +658,13 @@ rb_linebuf_put(buf_head_t * bufhead, const char *format, ...)
 	bufline->terminated = 1;
 	/* Truncate the data if required */
-	if(unlikely(len > 510))
+	if(rb_unlikely(len > 510))
 	{
 		len = 510;
 		bufline->buf[len++] = '\r';
 		bufline->buf[len++] = '\n';
 	}
-	else if(unlikely(len == 0))
+	else if(rb_unlikely(len == 0))
 	{
 		bufline->buf[len++] = '\r';
 		bufline->buf[len++] = '\n';
--- a/libratbox/src/nossl.c
+++ b/libratbox/src/nossl.c
@ -112,14 +112,28 @@ rb_ssl_accept_setup(rb_fde_t * F, int new_fd, struct sockaddr *st, int addrlen)
 ssize_t
 rb_ssl_read(rb_fde_t * F, void *buf, size_t count)
 {
-	return 0;
+	errno = ENOSYS;
 	return -1;
 }
 ssize_t
 rb_ssl_write(rb_fde_t * F, const void *buf, size_t count)
 {
 	errno = ENOSYS;
 	return -1;
 }
 unsigned int
 rb_ssl_handshake_count(rb_fde_t *F)
 {
 	return 0;
 }
 void  
 rb_ssl_clear_handshake_count(rb_fde_t *F)
 {
 	return;
 }
 #endif /* !HAVE_OPENSSL */
--- a/libratbox/src/openssl.c
+++ b/libratbox/src/openssl.c
@ -37,6 +37,7 @@
 static SSL_CTX *ssl_server_ctx;
 static SSL_CTX *ssl_client_ctx;
 static int libratbox_index = -1;
 static unsigned long get_last_err(void)
 {
@ -68,6 +69,18 @@ rb_ssl_shutdown(rb_fde_t * F)
 	SSL_free((SSL *) F->ssl);
 }
 unsigned int
 rb_ssl_handshake_count(rb_fde_t *F)
 {
 	return F->handshake_count;
 }
 void
 rb_ssl_clear_handshake_count(rb_fde_t *F)
 {
 	F->handshake_count = 0;
 }
 static void
 rb_ssl_timeout(rb_fde_t * F, void *notused)
 {
@ -76,6 +89,24 @@ rb_ssl_timeout(rb_fde_t * F, void *notused)
 }
 static void rb_ssl_info_callback(SSL *ssl, int where, int ret)
 {
 	if(where & SSL_CB_HANDSHAKE_START)
 	{
 		rb_fde_t *F = SSL_get_ex_data(ssl, libratbox_index);
 		if(F == NULL)
 			return;
 		F->handshake_count++;
 	} 
 }
 static void
 rb_setup_ssl_cb(rb_fde_t *F)
 {
 	SSL_set_ex_data(F->ssl, libratbox_index, (char *)F);
 	SSL_set_info_callback((SSL *)F->ssl, (void *)rb_ssl_info_callback);
 }
 static void
 rb_ssl_tryaccept(rb_fde_t * F, void *data)
 {
@ -121,21 +152,11 @@ rb_ssl_tryaccept(rb_fde_t * F, void *data)
 }
-void
+
-rb_ssl_start_accepted(rb_fde_t * new_F, ACCB * cb, void *data, int timeout)
+static void
 rb_ssl_accept_common(rb_fde_t *new_F)
 {
 	int ssl_err;
 	new_F->type |= RB_FD_SSL;
 	new_F->ssl = SSL_new(ssl_server_ctx);
 	new_F->accept = rb_malloc(sizeof(struct acceptdata));
 	new_F->accept->callback = cb;
 	new_F->accept->data = data;
 	rb_settimeout(new_F, timeout, rb_ssl_timeout, NULL);
 	new_F->accept->addrlen = 0;
 	SSL_set_fd((SSL *) new_F->ssl, rb_get_fd(new_F));
 	if((ssl_err = SSL_accept((SSL *) new_F->ssl)) <= 0)
 	{
 		switch (ssl_err = SSL_get_error((SSL *) new_F->ssl, ssl_err))
@ -162,6 +183,23 @@ rb_ssl_start_accepted(rb_fde_t * new_F, ACCB * cb, void *data, int timeout)
 	}
 }
 void
 rb_ssl_start_accepted(rb_fde_t * new_F, ACCB * cb, void *data, int timeout)
 {
 	new_F->type |= RB_FD_SSL;
 	new_F->ssl = SSL_new(ssl_server_ctx);
 	new_F->accept = rb_malloc(sizeof(struct acceptdata));
 	new_F->accept->callback = cb;
 	new_F->accept->data = data;
 	rb_settimeout(new_F, timeout, rb_ssl_timeout, NULL);
 	new_F->accept->addrlen = 0;
 	SSL_set_fd((SSL *) new_F->ssl, rb_get_fd(new_F));
 	rb_setup_ssl_cb(new_F);
 	rb_ssl_accept_common(new_F);
 }
@ -169,9 +207,10 @@ void
 rb_ssl_accept_setup(rb_fde_t * F, int new_fd, struct sockaddr *st, int addrlen)
 {
 	rb_fde_t *new_F;
 	int ssl_err;
 	new_F = rb_find_fd(new_fd);
 	if(new_F == NULL)
 		return;
 	new_F->type |= RB_FD_SSL;
 	new_F->ssl = SSL_new(ssl_server_ctx);
 	new_F->accept = rb_malloc(sizeof(struct acceptdata));
@ -183,30 +222,8 @@ rb_ssl_accept_setup(rb_fde_t * F, int new_fd, struct sockaddr *st, int addrlen)
 	new_F->accept->addrlen = addrlen;
 	SSL_set_fd((SSL *) new_F->ssl, new_fd);
-	if((ssl_err = SSL_accept((SSL *) new_F->ssl)) <= 0)
+	rb_setup_ssl_cb(new_F);
-	{
+	rb_ssl_accept_common(new_F);
 		switch (ssl_err = SSL_get_error((SSL *) new_F->ssl, ssl_err))
 		{
 		case SSL_ERROR_SYSCALL:
 			if(rb_ignore_errno(errno))
 		case SSL_ERROR_WANT_READ:
 		case SSL_ERROR_WANT_WRITE:
 				{
 					F->ssl_errno = get_last_err();
 					rb_setselect(new_F, RB_SELECT_READ | RB_SELECT_WRITE,
 						     rb_ssl_tryaccept, NULL);
 					return;
 				}
 		default:
 			F->ssl_errno = get_last_err();
 			F->accept->callback(F, RB_ERROR_SSL, NULL, 0, F->accept->data);
 			return;
 		}
 	}
 	else
 	{
 		rb_ssl_tryaccept(new_F, NULL);
 	}
 }
 static ssize_t
@ -272,8 +289,10 @@ int
 rb_init_ssl(void)
 {
 	int ret = 1;
 	char libratbox_data[] = "libratbox data";
 	SSL_load_error_strings();
 	SSL_library_init();
 	libratbox_index = SSL_get_ex_new_index(0, libratbox_data, NULL, NULL, NULL);
 	ssl_server_ctx = SSL_CTX_new(SSLv23_server_method());
 	if(ssl_server_ctx == NULL)
 	{
@ -430,7 +449,7 @@ rb_ssl_tryconn(rb_fde_t * F, int status, void *data)
 	F->type |= RB_FD_SSL;
 	F->ssl = SSL_new(ssl_client_ctx);
 	SSL_set_fd((SSL *) F->ssl, F->fd);
-
+	rb_setup_ssl_cb(F);
 	rb_settimeout(F, sconn->timeout, rb_ssl_tryconn_timeout_cb, sconn);
 	if((ssl_err = SSL_connect((SSL *) F->ssl)) <= 0)
 	{
@ -493,6 +512,7 @@ rb_ssl_start_connected(rb_fde_t * F, CNCB * callback, void *data, int timeout)
 	F->ssl = SSL_new(ssl_client_ctx);
 	SSL_set_fd((SSL *) F->ssl, F->fd);
 	rb_setup_ssl_cb(F);
 	rb_settimeout(F, sconn->timeout, rb_ssl_tryconn_timeout_cb, sconn);
 	if((ssl_err = SSL_connect((SSL *) F->ssl)) <= 0)
 	{
--- a/libratbox/src/poll.c
+++ b/libratbox/src/poll.c
@ -22,7 +22,7 @@
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301
 *  USA
 *
- *  $Id: poll.c 25038 2008-01-23 16:03:08Z androsyn $
+ *  $Id: poll.c 25375 2008-05-16 15:19:51Z androsyn $
 */
 #include <libratbox_config.h>
 #include <ratbox_lib.h>
@ -81,7 +81,7 @@ rb_init_netio_poll(void)
 static void
 resize_pollarray(int fd)
 {
-	if(unlikely(fd >= pollfd_list.allocated))
+	if(rb_unlikely(fd >= pollfd_list.allocated))
 	{
 		int x, old_value = pollfd_list.allocated;
 		pollfd_list.allocated += 1024;
--- a/libratbox/src/ratbox_lib.c
+++ b/libratbox/src/ratbox_lib.c
@ -20,7 +20,7 @@
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301
 *  USA
 *
- *  $Id: ratbox_lib.c 25038 2008-01-23 16:03:08Z androsyn $
+ *  $Id: ratbox_lib.c 25375 2008-05-16 15:19:51Z androsyn $
 */
 #include <libratbox_config.h>
@ -69,7 +69,7 @@ rb_ctime(const time_t t, char *buf, size_t len)
 #else
 	tp = gmtime(&t);
 #endif
-	if(unlikely(tp == NULL))
+	if(rb_unlikely(tp == NULL))
 	{
 		strcpy(buf, "");
 		return(buf);
@ -104,7 +104,7 @@ rb_date(const time_t t, char *buf, size_t len)
 	gm = gmtime(&t);
 #endif
-	if(unlikely(gm == NULL))
+	if(rb_unlikely(gm == NULL))
 	{
 		rb_strlcpy(buf, "", len);	
 		return(buf);
@ -169,7 +169,7 @@ rb_set_time(void)
 {
 	struct timeval newtime;
-	if(unlikely(rb_gettimeofday(&newtime, NULL) == -1))
+	if(rb_unlikely(rb_gettimeofday(&newtime, NULL) == -1))
 	{
 		rb_lib_log("Clock Failure (%s)", strerror(errno));
 		rb_lib_restart("Clock Failure");
@ -184,7 +184,7 @@ rb_set_time(void)
 const char *
 rb_lib_version(void)
 {
-	static const char *id = "$Rev: 25038 $";
+	static const char *id = "$Rev: 25375 $";
 	return id;
 }
--- a/libratbox/src/rawbuf.c
+++ b/libratbox/src/rawbuf.c
@ -207,7 +207,7 @@ rb_rawbuf_append(rawbuf_head_t * rb, void *data, int len)
 		len -= clen;
 		if(len == 0)
 			return;
-		data += clen;
+		data = (char *)data + clen;
 	}
@ -223,7 +223,7 @@ rb_rawbuf_append(rawbuf_head_t * rb, void *data, int len)
 		memcpy(buf->data, data, clen);
 		buf->len += clen;
 		len -= clen;
-		data += clen;
+		data = (char *)data + clen;
 		rb->len += clen;
 	}
 }
--- a/libratbox/src/sigio.c
+++ b/libratbox/src/sigio.c
@ -23,7 +23,7 @@
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301
 *  USA
 *
- *  $Id: sigio.c 25038 2008-01-23 16:03:08Z androsyn $
+ *  $Id: sigio.c 25375 2008-05-16 15:19:51Z androsyn $
 */
 #ifndef _GNU_SOURCE
@ -103,7 +103,7 @@ rb_init_netio_sigio(void)
 static inline void
 resize_pollarray(int fd)
 {
-	if(unlikely(fd >= pollfd_list.allocated))
+	if(rb_unlikely(fd >= pollfd_list.allocated))
 	{
 		int x, old_value = pollfd_list.allocated;
 		pollfd_list.allocated += 1024;
--- a/libratbox/src/snprintf.c
+++ b/libratbox/src/snprintf.c
@ -4,7 +4,7 @@
 * The original headers are below..
 * Note that this implementation does not process floating point numbers so
 * you will likely need to fall back to using sprintf yourself to do those...
- * $Id: snprintf.c 25038 2008-01-23 16:03:08Z androsyn $
+ * $Id: snprintf.c 25375 2008-05-16 15:19:51Z androsyn $
 */
 /*
@ -295,7 +295,7 @@ int rb_vsnprintf(char *buf, size_t size, const char *fmt, va_list args)
 	/* Reject out-of-range values early.  Large positive sizes are
 	   used for unknown buffer sizes. */
-	if (unlikely((int) size < 0)) {
+	if (rb_unlikely((int) size < 0)) {
 		return 0;
 	}