psiphon

Merge lp:~psiphon-inc/psiphon/psiphon-1.6 into lp:psiphon

psiphon-1.6
Merge into trunk

Proposed by مندس جرثومي on 2011-11-23

Status:	Needs review
Proposed branch:	lp:~psiphon-inc/psiphon/psiphon-1.6
Merge into:	lp:psiphon
Diff against target:	30229 lines (+29308/-0) 170 files modified appWeb/CONFIGURE_DEBUG.TXT (+5/-0) appWeb/CONFIGURE_RELEASE.TXT (+5/-0) appWeb/openSslModule.cpp (+896/-0) appWeb/thread.cpp (+768/-0) appweb.cnf (+27/-0) bake-w32.bat (+1/-0) changes.txt (+99/-0) common/CppSQLite3.cpp (+1383/-0) common/CppSQLite3.h (+270/-0) common/SHA1.cpp (+282/-0) common/SHA1.h (+150/-0) common/SetupInfo.cpp (+512/-0) common/SetupInfo.h (+110/-0) common/User.cpp (+598/-0) common/User.h (+94/-0) common/bookmarks.cpp (+213/-0) common/bookmarks.h (+30/-0) common/convert.cpp (+176/-0) common/convert.h (+47/-0) common/cookies.cpp (+947/-0) common/cookies.h (+73/-0) common/logDetails.cpp (+252/-0) common/logDetails.h (+70/-0) common/parsedUrl.cpp (+312/-0) common/parsedUrl.h (+78/-0) common/sessions.cpp (+134/-0) common/sessions.h (+29/-0) common/sqlite3.h (+1161/-0) common/strfunc.cpp (+109/-0) common/strfunc.h (+39/-0) common/timefunc.h (+21/-0) common/tracer.cpp (+89/-0) common/tracer.h (+39/-0) html/en/errors/403.html (+15/-0) html/en/errors/404.html (+15/-0) html/en/errors/504.html (+15/-0) html/en/index.tpl.html (+1/-0) html/en/language.ini (+1/-0) html/en/login.tpl.html (+62/-0) html/en/login_err_db_insert_sess.tpl.html (+62/-0) html/en/login_err_db_update_sess.tpl.html (+62/-0) html/en/login_err_no_match.tpl.html (+62/-0) html/en/login_err_pwd.tpl.html (+62/-0) html/en/login_err_user.tpl.html (+62/-0) html/en/main.tpl.html (+15/-0) html/en/reset_pwd.tpl.html (+66/-0) html/en/reset_pwd_err_conf_fail_pwd.tpl.html (+66/-0) html/en/reset_pwd_err_conf_pwd.tpl.html (+66/-0) html/en/reset_pwd_err_cur_pwd.tpl.html (+66/-0) html/en/reset_pwd_err_db_update.tpl.html (+66/-0) html/en/reset_pwd_err_new_pwd.tpl.html (+66/-0) html/en/reset_pwd_err_no_match.tpl.html (+66/-0) html/en/reset_pwd_err_user.tpl.html (+66/-0) html/en/reset_pwd_success.tpl.html (+27/-0) html/en/topbar.tpl.html (+511/-0) html/fr/errors/403.html (+15/-0) html/fr/errors/404.html (+15/-0) html/fr/errors/504.html (+15/-0) html/fr/index.tpl.html (+1/-0) html/fr/language.ini (+1/-0) html/fr/login.tpl.html (+62/-0) html/fr/login_err_db_insert_sess.tpl.html (+62/-0) html/fr/login_err_db_update_sess.tpl.html (+62/-0) html/fr/login_err_no_match.tpl.html (+62/-0) html/fr/login_err_pwd.tpl.html (+62/-0) html/fr/login_err_user.tpl.html (+62/-0) html/fr/main.tpl.html (+15/-0) html/fr/reset_pwd.tpl.html (+66/-0) html/fr/reset_pwd_err_conf_fail_pwd.tpl.html (+66/-0) html/fr/reset_pwd_err_conf_pwd.tpl.html (+66/-0) html/fr/reset_pwd_err_cur_pwd.tpl.html (+66/-0) html/fr/reset_pwd_err_db_update.tpl.html (+66/-0) html/fr/reset_pwd_err_new_pwd.tpl.html (+66/-0) html/fr/reset_pwd_err_no_match.tpl.html (+66/-0) html/fr/reset_pwd_err_user.tpl.html (+66/-0) html/fr/reset_pwd_success.tpl.html (+27/-0) html/fr/topbar.tpl.html (+511/-0) html/fr/topbar_text.tpl.html (+461/-0) html/ru/language.ini (+1/-0) html/ru/login.tpl.html (+62/-0) html/ru/login_err_db_insert_sess.tpl.html (+62/-0) html/ru/login_err_db_update_sess.tpl.html (+62/-0) html/ru/login_err_no_match.tpl.html (+62/-0) html/ru/login_err_pwd.tpl.html (+62/-0) html/ru/login_err_user.tpl.html (+62/-0) html/ru/reset_pwd.tpl.html (+66/-0) html/ru/reset_pwd_err_conf_fail_pwd.tpl.html (+66/-0) html/ru/reset_pwd_err_conf_pwd.tpl.html (+66/-0) html/ru/reset_pwd_err_cur_pwd.tpl.html (+66/-0) html/ru/reset_pwd_err_db_update.tpl.html (+66/-0) html/ru/reset_pwd_err_new_pwd.tpl.html (+67/-0) html/ru/reset_pwd_err_no_match.tpl.html (+66/-0) html/ru/reset_pwd_err_user.tpl.html (+66/-0) html/ru/reset_pwd_success.tpl.html (+27/-0) html/ru/topbar.tpl.html (+517/-0) install-ubuntu.txt (+98/-0) install-w32.txt (+111/-0) installer.aip (+221/-0) mime.types (+110/-0) psiphon.bkl (+296/-0) psiphonHandler/CSSFlexLexer.h (+24/-0) psiphonHandler/CSSLexer.l (+61/-0) psiphonHandler/FlexLexer.h (+202/-0) psiphonHandler/HTMLFlexLexer.h (+24/-0) psiphonHandler/HTMLlexer.l (+315/-0) psiphonHandler/lex.CSS.cpp (+1451/-0) psiphonHandler/lex.HTML.cpp (+1852/-0) psiphonHandler/myclient.cpp (+1084/-0) psiphonHandler/myclient.h (+239/-0) psiphonHandler/psiphonContFilter.cpp (+394/-0) psiphonHandler/psiphonContFilter.h (+84/-0) psiphonHandler/psiphonHandler.cpp (+1797/-0) psiphonHandler/psiphonHandler.def (+3/-0) psiphonHandler/psiphonHandler.h (+204/-0) psiphonHandler/psiphonUrl.cpp (+293/-0) psiphonHandler/psiphonUrl.h (+49/-0) psiphonHandler/psiphonUtils.cpp (+390/-0) psiphonHandler/psiphonUtils.h (+55/-0) psiphonHandler/tokensDefs.h (+48/-0) psiphonPanel/CertDlg.cpp (+309/-0) psiphonPanel/CertDlg.h (+64/-0) psiphonPanel/CodeCountry.cpp (+266/-0) psiphonPanel/CodeCountry.h (+30/-0) psiphonPanel/DownloadEvent.cpp (+96/-0) psiphonPanel/DownloadEvent.h (+168/-0) psiphonPanel/DownloadFile.cpp (+167/-0) psiphonPanel/DownloadFile.h (+80/-0) psiphonPanel/GetIP.cpp (+101/-0) psiphonPanel/GetIP.h (+23/-0) psiphonPanel/LinkDlg.cpp (+302/-0) psiphonPanel/LinkDlg.h (+63/-0) psiphonPanel/ListCtrlSort.cpp (+88/-0) psiphonPanel/ListCtrlSort.h (+74/-0) psiphonPanel/LogDlg.cpp (+223/-0) psiphonPanel/LogDlg.h (+61/-0) psiphonPanel/PrefDlg.cpp (+121/-0) psiphonPanel/PrefDlg.h (+45/-0) psiphonPanel/PsiphonApp.cpp (+99/-0) psiphonPanel/PsiphonApp.h (+43/-0) psiphonPanel/PsiphonDlg.cpp (+574/-0) psiphonPanel/PsiphonDlg.h (+99/-0) psiphonPanel/PsiphonLog.cpp (+51/-0) psiphonPanel/PsiphonLog.h (+39/-0) psiphonPanel/PsiphonNameDlg.cpp (+133/-0) psiphonPanel/PsiphonNameDlg.h (+42/-0) psiphonPanel/Server.cpp (+215/-0) psiphonPanel/Server.h (+80/-0) psiphonPanel/SetupDlg.cpp (+123/-0) psiphonPanel/SetupDlg.h (+61/-0) psiphonPanel/UpdateDlg.cpp (+292/-0) psiphonPanel/UpdateDlg.h (+59/-0) psiphonPanel/UserDetailsDlg.cpp (+230/-0) psiphonPanel/UserDetailsDlg.h (+46/-0) psiphonPanel/UserDlg.cpp (+336/-0) psiphonPanel/UserDlg.h (+69/-0) psiphonPanel/cert.cpp (+102/-0) psiphonPanel/cert.h (+22/-0) psiphonPanel/psiphonoff.xpm (+189/-0) psiphonPanel/psiphonon.xpm (+189/-0) psiphonPanel/resources.h (+33/-0) psiphonPanel/sessionAccess.cpp (+172/-0) psiphonPanel/sessionAccess.h (+35/-0) psiphonPanel/stdwx.cpp (+19/-0) psiphonPanel/stdwx.h (+53/-0) psiphonPanel/taskbaricon.cpp (+91/-0) psiphonPanel/taskbaricon.h (+39/-0) psiphonPanel/update.cpp (+79/-0) psiphonPanel/update.h (+20/-0) psiphonPanel/wxPsiphon.rc (+23/-0) userlicense.txt (+39/-0)
To merge this branch:	bzr merge lp:~psiphon-inc/psiphon/psiphon-1.6
Related bugs:	Link a bug report
Related blueprints:	Psiphon 2 Design Overview (Undefined)

Reviewer	Review Type	Date Requested	Status
Psiphon Inc.		2011-11-23	Pending
Review via email: mp+83096@code.launchpad.net

Unmerged revisions

1. By jamyang <email address hidden> on 2009-05-14: psiphon-1.6

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches

to all changes:

Adam P

Alireza Zamani

Glezarie Keen

Jeremy Vernon

Naing Aung

e.fryntov

gokul

jumbo

pengxinxin

psiphon

Merge lp:~psiphon-inc/psiphon/psiphon-1.6 into lp:psiphon

Commit message

Description of the change

Unmerged revisions

Preview Diff

Subscribers

 === added file '.DS_Store'
 Binary files .DS_Store	1970-01-01 00:00:00 +0000 and .DS_Store	2011-11-23 01:01:25 +0000 differ
 === added directory 'appWeb'
 === added file 'appWeb/CONFIGURE_DEBUG.TXT'
 --- appWeb/CONFIGURE_DEBUG.TXT	1970-01-01 00:00:00 +0000
 +++ appWeb/CONFIGURE_DEBUG.TXT	2011-11-23 01:01:25 +0000
@@ -0,0 +1,5 @@
++./configure --reset
++./configure --disable-samples --without-upload --without-xdb   --disable-test --type=DEBUG \
++--with-openssl=loadable \
++--with-openssl-dir=../../openssl \
++--with-openssl-libs="ssl crypto"
 \ No newline at end of file
 === added file 'appWeb/CONFIGURE_RELEASE.TXT'
 --- appWeb/CONFIGURE_RELEASE.TXT	1970-01-01 00:00:00 +0000
 +++ appWeb/CONFIGURE_RELEASE.TXT	2011-11-23 01:01:25 +0000
@@ -0,0 +1,5 @@
++./configure --reset
++./configure --disable-samples --without-upload --without-xdb   --disable-test --type=RELEASE \
++--with-openssl=loadable \
++--with-openssl-dir=../../openssl \
++--with-openssl-libs="ssl crypto"
 \ No newline at end of file
 === added file 'appWeb/openSslModule.cpp'
 --- appWeb/openSslModule.cpp	1970-01-01 00:00:00 +0000
 +++ appWeb/openSslModule.cpp	2011-11-23 01:01:25 +0000
@@ -0,0 +1,896 @@
++///
++///	@file 	openSslModule.cpp
++/// @brief 	Support for secure sockets via OpenSSL
++///	@overview This module integrates support for OpenSSL into AppWeb
++///		via a dynamically loadable module.
++//
++/////////////////////////////////// Copyright //////////////////////////////////
++//
++//	@copy	default
++//
++//	Copyright (c) Mbedthis Software LLC, 2003-2006. All Rights Reserved.
++//	Copyright (c) Michael O'Brien, 1994-2006. All Rights Reserved.
++//
++//	This software is distributed under commercial and open source licenses.
++//	You may use the GPL open source license described below or you may acquire
++//	a commercial license from Mbedthis Software. You agree to be fully bound
++//	by the terms of either license. Consult the LICENSE.TXT distributed with
++//	this software for full details.
++//
++//	This software is open source; you can redistribute it and/or modify it
++//	under the terms of the GNU General Public License as published by the
++//	Free Software Foundation; either version 2 of the License, or (at your
++//	option) any later version. See the GNU General Public License for more
++//	details at: http://www.mbedthis.com/downloads/gplLicense.html
++//
++//	This program is distributed WITHOUT ANY WARRANTY; without even the
++//	implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
++//
++//	This GPL license does NOT permit incorporating this software into
++//	proprietary programs. If you are unable to comply with the GPL, you must
++//	acquire a commercial license to use this software. Commercial licenses
++//	for this software and support services are available from Mbedthis
++//	Software at http://www.mbedthis.com
++//
++//	@end
++//
++////////////////////////////////// Includes ////////////////////////////////////
++
++#include	"openSslModule.h"
++
++//////////////////////////////////// Locals ////////////////////////////////////
++#if BLD_FEATURE_OPENSSL_MODULE
++
++#include	"openSslDh.h"
++
++#if BLD_FEATURE_MULTITHREAD
++static MprMutex	**locks;
++static int		numLocks;
++#endif
++
++////////////////////////////// Forward Declarations ////////////////////////////
++
++#if BLD_FEATURE_MULTITHREAD
++static DynLock	*sslCreateDynLock(const char *file, int line);
++static void 	sslDynLock(int mode, DynLock *dl, const char *file, int line);
++static void 	sslDestroyDynLock(DynLock *dl, const char *file, int line);
++static void		sslStaticLock(int mode, int n, const char *file, int line);
++static ulong 	sslThreadId();
++#endif
++
++static int		configureCertificates(SSL_CTX *ctx, char *key, char *cert);
++static RSA		*rsaCallback(SSL *ssl, int isExport, int keyLength);
++static DH		*dhCallback(SSL *ssl, int isExport, int keyLength);
++static int 		verifyX509Certificate(int ok, X509_STORE_CTX *ctx);
++
++//////////////////////////////////// Locals ////////////////////////////////////
++
++static MaOpenSslModule *openSslModule;
++static MaOpenSslProvider *openSslProvider;
++
++////////////////////////////////////////////////////////////////////////////////
++/////////////////////////////// MaOpenSslModule ////////////////////////////////
++////////////////////////////////////////////////////////////////////////////////
++
++int mprOpenSslInit(void *handle)
++{
++	if (maGetHttp() == 0) {
++		return MPR_ERR_NOT_INITIALIZED;
++	}
++	new MaOpenSslModule(handle);
++	return 0;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++MaOpenSslModule::MaOpenSslModule(void *handle) : MaModule("openSsl", handle)
++{
++	openSslModule = this;
++	openSslProvider = new MaOpenSslProvider("openSsl");
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++MaOpenSslModule::~MaOpenSslModule()
++{
++	delete openSslProvider;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	This is called from Http::start after all the modules are loaded.
++//	The code here is global for this handler and is not required per handler
++//	instance.
++//
++int MaOpenSslModule::start()
++{
++	RandBuf		randBuf;
++	static int	once = 0;
++
++	//
++	//	Depending on the order in the configuration file, we will get called
++	//	by the module mechanism and by OpenSslConfig::start(). But we only
++	//	want to run once.
++	//
++	if (once++ > 0) {
++		return 0;
++	}
++	randBuf.pid = getpid();
++	randBuf.time = time(0);
++	randBuf.msec = mprGetTime(0);
++	RAND_seed((void*) &randBuf, sizeof(randBuf));
++
++#if SOLARIS || LINUX || MACOSX
++	mprLog(6, "OpenSsl: Before calling RAND_load_file\n");
++	RAND_load_file("/dev/urandom", 256);
++	mprLog(6, "OpenSsl: After calling RAND_load_file\n");
++#endif
++
++#if BLD_FEATURE_MULTITHREAD
++	numLocks = CRYPTO_num_locks();
++	locks = (MprMutex**) mprMalloc(numLocks * sizeof(MprMutex*));
++	for (int i = 0; i < numLocks; i++) {
++		locks[i] = new MprMutex();
++	}
++	CRYPTO_set_id_callback(sslThreadId);
++	CRYPTO_set_locking_callback(sslStaticLock);
++
++	CRYPTO_set_dynlock_create_callback(sslCreateDynLock);
++	CRYPTO_set_dynlock_destroy_callback(sslDestroyDynLock);
++	CRYPTO_set_dynlock_lock_callback(sslDynLock);
++#endif
++
++#if WIN
++	// _fmode=_O_BINARY;
++	//	CRYPTO_malloc_init();
++	//	SSLC_add_all_algorithms();
++#else
++	OpenSSL_add_all_algorithms();
++#endif
++
++	SSL_library_init();
++	return 0;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++void MaOpenSslModule::stop()
++{
++#if BLD_FEATURE_MULTITHREAD
++	int		i;
++
++	if (locks) {
++		for (i = 0; i < numLocks; i++) {
++			delete locks[i];
++		}
++		mprFree(locks);
++		locks = 0;
++		numLocks = 0;
++
++		CRYPTO_set_id_callback(0);
++		CRYPTO_set_locking_callback(0);
++
++		CRYPTO_set_dynlock_create_callback(0);
++		CRYPTO_set_dynlock_destroy_callback(0);
++		CRYPTO_set_dynlock_lock_callback(0);
++	}
++#endif
++}
++
++////////////////////////////////////////////////////////////////////////////////
++/////////////////////////////// MaOpenSslProvider //////////////////////////////
++////////////////////////////////////////////////////////////////////////////////
++//
++//	The SSL provider class implements and decouples the interface between
++//	AppWeb and any SSL stack.
++//
++
++MaOpenSslProvider::MaOpenSslProvider(char *name) : MaSslProvider(name)
++{
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++MaOpenSslProvider::~MaOpenSslProvider()
++{
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++MaSslConfig *MaOpenSslProvider::newConfig(MaHost *host)
++{
++	return new MaOpenSslConfig(host);
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//////////////////////////////// MaOpenSslConfig ///////////////////////////////
++////////////////////////////////////////////////////////////////////////////////
++//
++// An instance is created for each SSL server
++//
++
++MaOpenSslConfig::MaOpenSslConfig(MaHost *host) : MaSslConfig(host)
++{
++	context = 0;
++	dhKey512 = 0;
++	dhKey1024 = 0;
++	rsaKey512 = 0;
++	rsaKey1024 = 0;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++MaOpenSslConfig::~MaOpenSslConfig()
++{
++	if (context != 0) {
++		SSL_CTX_free(context);
++	}
++	if (rsaKey512) {
++		RSA_free(rsaKey512);
++	}
++	if (rsaKey1024) {
++		RSA_free(rsaKey1024);
++	}
++	if (dhKey512) {
++		DH_free(dhKey512);
++	}
++	if (dhKey1024) {
++		DH_free(dhKey1024);
++	}
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	This method is called to open listening sockets using this SslConfig setup.
++//
++
++MprSocket *MaOpenSslConfig::newSocket()
++{
++	MaOpenSslSocket	*socket;
++
++	socket = new MaOpenSslSocket(this);
++
++	return (MprSocket*) socket;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	This is started for each SSL connection. With Keep-alive this may service
++//	many requests.
++//
++
++int MaOpenSslConfig::start()
++{
++	SSL_METHOD	*meth;
++	char		*hostName;
++
++	if (keyFile == 0) {
++		mprError(MPR_L, MPR_LOG, "Cant start SSL: missing key file");
++		return MPR_ERR_CANT_INITIALIZE;
++	}
++	if (certFile == 0) {
++		mprError(MPR_L, MPR_LOG, "Cant start SSL: missing certificate file");
++		return MPR_ERR_CANT_INITIALIZE;
++	}
++
++	//
++	//	Depending on the order in the configuration file, we may get called
++	//	by sslModule::start() before OpenSslModule::start has run. So we
++	//	must initialize here.
++	//
++	openSslModule->start();
++
++	hostName = host->getName();
++
++	if (protocols == MPR_HTTP_PROTO_SSLV2) {
++		meth = SSLv2_server_method();
++	} else {
++		meth = SSLv23_server_method();
++	}
++	context = SSL_CTX_new(meth);
++	mprAssert(context);
++	if (context == 0) {
++		mprError(MPR_L, MPR_LOG, "Unable to create SSL context");
++		return MPR_ERR_CANT_CREATE;
++	}
++
++    SSL_CTX_set_app_data(context, (void*) this);
++	SSL_CTX_set_quiet_shutdown(context, 1);
++	SSL_CTX_sess_set_cache_size(context, 512);
++
++	//
++	//	Configure the certificate for this host
++	//
++	if (configureCertificates(context, keyFile, certFile) != 0) {
++		SSL_CTX_free(context);
++		context = 0;
++		return MPR_ERR_CANT_INITIALIZE;
++	}
++
++	mprLog(4, "SSL: %s: Using ciphers %s\n", hostName, ciphers);
++	SSL_CTX_set_cipher_list(context, ciphers);
++
++	//
++	//	Configure the client verification certificate locations
++	//
++	if (verifyClient) {
++		if (caFile == 0 && caPath == 0) {
++			mprError(MPR_L, MPR_LOG,
++				"Must define CA certificates if using client verification");
++			SSL_CTX_free(context);
++			context = 0;
++			return MPR_ERR_BAD_STATE;
++		}
++		if (caFile || caPath) {
++			if ((!SSL_CTX_load_verify_locations(context, caFile, caPath)) ||
++					(!SSL_CTX_set_default_verify_paths(context))) {
++				mprError(MPR_L, MPR_LOG,
++					"Unable to set certificate locations");
++				SSL_CTX_free(context);
++				context = 0;
++				return MPR_ERR_CANT_ACCESS;
++			}
++			if (caFile) {
++				STACK_OF(X509_NAME) *certNames;
++				certNames = SSL_load_client_CA_file(caFile);
++				if (certNames == 0) {
++				} else {
++					//
++					//	Define the list of CA certificates to send to the client
++					//	before they send their client certificate for validation
++					//
++					SSL_CTX_set_client_CA_list(context, certNames);
++				}
++			}
++		}
++		mprLog(4, "SSL: %s: is verifying client connections\n", hostName);
++		if (caFile) {
++			mprLog(4, "SSL: %s: Using certificates from %s\n", hostName,
++				caFile);
++		} else if (caPath) {
++			mprLog(4, "SSL: %s: Using certificates from directory %s\n",
++				hostName, caPath);
++		}
++		SSL_CTX_set_verify(context,
++			SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
++			verifyX509Certificate);
++		SSL_CTX_set_verify_depth(context, verifyDepth);
++
++	} else {
++		SSL_CTX_set_verify(context, SSL_VERIFY_NONE, verifyX509Certificate);
++	}
++
++	//
++	//	Define callbacks
++	//
++	SSL_CTX_set_tmp_rsa_callback(context, rsaCallback);
++	SSL_CTX_set_tmp_dh_callback(context, dhCallback);
++
++	//
++	//	Enable all buggy client work-arounds
++	//
++	SSL_CTX_set_options(context, SSL_OP_ALL);
++
++	//
++	//	Select the required protocols
++	//
++	if (!(protocols & MPR_HTTP_PROTO_SSLV2)) {
++		SSL_CTX_set_options(context, SSL_OP_NO_SSLv2);
++		mprLog(4, "SSL: %s: Disabling SSLv2\n", hostName);
++	}
++	if (!(protocols & MPR_HTTP_PROTO_SSLV3)) {
++		SSL_CTX_set_options(context, SSL_OP_NO_SSLv3);
++		mprLog(4, "SSL: %s: Disabling SSLv3\n", hostName);
++	}
++	if (!(protocols & MPR_HTTP_PROTO_TLSV1)) {
++		SSL_CTX_set_options(context, SSL_OP_NO_TLSv1);
++		mprLog(4, "SSL: %s: Disabling TLSv1\n", hostName);
++	}
++
++	//
++	//	Ensure we generate a new private key for each connection
++	//
++    SSL_CTX_set_options(context, SSL_OP_SINGLE_DH_USE);
++
++	//
++	//	Pre-generate some keys that are slow to compute
++	//
++	rsaKey512 = RSA_generate_key(512, RSA_F4, 0, 0);
++	rsaKey1024 = RSA_generate_key(1024, RSA_F4, 0, 0);
++
++	dhKey512 = get_dh512();
++	dhKey1024 = get_dh1024();
++
++	return 0;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++void MaOpenSslConfig::stop()
++{
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++SSL_CTX *MaOpenSslConfig::getContext()
++{
++	return context;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++///
++///	Called to verify X509 client certificates
++///
++static int verifyX509Certificate(int ok, X509_STORE_CTX *xContext)
++{
++	X509			*cert;
++	SSL				*ssl;
++	MaOpenSslSocket	*sslSocket;
++	MaOpenSslConfig	*config;
++	char			subject[260], issuer[260], peer[260];
++	int				error, depth;
++
++	subject[0] = issuer[0] = '\0';
++
++	ssl = (SSL*) X509_STORE_CTX_get_app_data(xContext);
++	sslSocket = (MaOpenSslSocket*) SSL_get_app_data(ssl);
++	config = (MaOpenSslConfig*) sslSocket->getConfig();
++
++	cert = X509_STORE_CTX_get_current_cert(xContext);
++	depth =	X509_STORE_CTX_get_error_depth(xContext);
++	error = X509_STORE_CTX_get_error(xContext);
++
++	if (X509_NAME_oneline(X509_get_subject_name(cert), subject,
++			sizeof(subject) - 1) < 0) {
++		ok = 0;
++	}
++	//
++	//	FUTURE -- should compare subject name and host name. Need smart compare
++	//
++	if (X509_NAME_oneline(X509_get_issuer_name(xContext->current_cert), issuer,
++			sizeof(issuer) - 1) < 0) {
++		ok = 0;
++	}
++	if (X509_NAME_get_text_by_NID(X509_get_subject_name(xContext->current_cert),
++		 	NID_commonName, peer, sizeof(peer) - 1) < 0) {
++		ok = 0;
++	}
++
++	//
++	//	Customizers: add your own code here to validate client certificates
++	//
++	if (ok && config->verifyDepth < depth) {
++		if (error == 0) {
++			error = X509_V_ERR_CERT_CHAIN_TOO_LONG;
++		}
++		ok = 0;
++	}
++
++	if (error != 0) {
++		mprAssert(!ok);
++	}
++
++#if UNUSED
++	switch (error) {
++	case X509_V_ERR_CERT_HAS_EXPIRED:
++	case X509_V_ERR_CERT_NOT_YET_VALID:
++	case X509_V_ERR_CERT_REJECTED:
++	case X509_V_ERR_CERT_SIGNATURE_FAILURE:
++	case X509_V_ERR_CERT_UNTRUSTED:
++	case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
++	case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
++	case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
++	case X509_V_ERR_INVALID_CA:
++	case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
++	case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
++	default:
++		ok = 0;
++		break;
++	}
++#endif
++
++	if (!ok) {
++		mprLog(0, "SSL: Certification failed: subject %s\n", subject);
++		mprLog(4, "SSL: Issuer: %s\n", issuer);
++		mprLog(4, "SSL: Peer: %s\n", peer);
++		mprLog(4, "SSL: Error: %d: %s\n", error,
++			X509_verify_cert_error_string(error));
++
++	} else {
++		mprLog(0, "SSL: Certificate verified: subject %s\n", subject);
++		mprLog(4, "SSL: Issuer: %s\n", issuer);
++		mprLog(4, "SSL: Peer: %s\n", peer);
++	}
++	return ok;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++///
++///	Configure the SSL certificate information
++///
++
++static int configureCertificates(SSL_CTX *ctx, char *key, char *cert)
++{
++	mprAssert(ctx);
++	mprAssert(cert);
++
++	if (cert == 0) {
++		return 0;
++	}
++
++	if (SSL_CTX_use_certificate_file(ctx, cert, SSL_FILETYPE_PEM) <= 0){
++		mprError(MPR_L, MPR_LOG, "Can't define certificate file: %s", cert);
++		return -1;
++	}
++
++	key = (key == 0) ? cert : key;
++	if (SSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM) <= 0) {
++		mprError(MPR_L, MPR_LOG, "Can't define private key file: %s", key);
++		return -1;
++	}
++
++	if (!SSL_CTX_check_private_key(ctx)) {
++		mprError(MPR_L, MPR_LOG, "Check of private key file failed: %s", key);
++		return -1;
++	}
++	return 0;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//////////////////////////////// MaOpenSslSocket ///////////////////////////////
++////////////////////////////////////////////////////////////////////////////////
++
++MaOpenSslSocket::MaOpenSslSocket(MaOpenSslConfig *config) : MaSslSocket(config)
++{
++	ssl = 0;
++	bio = 0;
++	context = config->getContext();
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++MaOpenSslSocket::~MaOpenSslSocket()
++{
++	mprAssert(ssl == 0);
++	mprAssert(bio == 0);
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Called to accept new connections. When a new connection arrives, this
++//	method is called to create a new socket object using the same SSL "config"
++//	as the listening socket.
++//
++
++MprSocket *MaOpenSslSocket::newSocket()
++{
++	MaOpenSslSocket	*socket;
++
++	socket = new MaOpenSslSocket((MaOpenSslConfig*) config);
++
++	return (MprSocket*) socket;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	initConnection is called on the first I/O on a new connection. It must
++//	setup the SSL structures ready to exchange data.
++//
++//	Init connection must return -1 on errors. It must also be able to reject
++//	subsequent calls to read()/write(). On errors we leave bio == 0. This
++//	will cause any calls to read() to error.
++//
++
++int MaOpenSslSocket::initConnection()
++{
++	BIO		*bioSSL, *bioSock;
++
++	if (bio) {
++		return 0;
++	}
++	bio = BIO_new(BIO_f_buffer());
++	if (bio == 0) {
++		return MPR_ERR_CANT_INITIALIZE;
++	}
++
++	BIO_set_write_buffer_size(bio, 128);
++	ssl = (SSL*) SSL_new(context);
++	mprAssert(ssl);
++	if (ssl == 0) {
++		return MPR_ERR_CANT_INITIALIZE;
++	}
++    SSL_set_app_data(ssl, (void*) this);
++
++	SSL_set_session(ssl, 0);
++	bioSSL = BIO_new(BIO_f_ssl());
++	mprAssert(bioSSL);
++
++	bioSock = BIO_new_socket(sock, BIO_NOCLOSE);
++	mprAssert(bioSock);
++
++	SSL_set_bio(ssl, bioSock, bioSock);
++	SSL_set_accept_state(ssl);
++
++	BIO_set_ssl(bioSSL, ssl, BIO_CLOSE);
++	BIO_push(bio, bioSSL);
++	return 0;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++bool MaOpenSslSocket::dispose()
++{
++	if (ssl) {
++		SSL_set_shutdown(ssl, SSL_SENT_SHUTDOWN | SSL_RECEIVED_SHUTDOWN);
++		ssl = 0;
++	}
++	if (bio) {
++		BIO_free_all(bio);
++		bio = 0;
++	}
++
++	//
++	//	Disposing a socket is a thread-safe way of calling a destructor. It
++	//	uses reference counting and will be deleted when the last reference
++	//	is released.
++	//
++	return this->MprSocket::dispose();
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++void MaOpenSslSocket::close(int how)
++{
++	BIO_flush(bio);
++	this->MprSocket::close(how);
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Write data. Return the number of bytes written or -1 on errors.
++//
++
++int	MaOpenSslSocket::write(char *buf, int len)
++{
++	int		rc, written, totalWritten;
++
++	if (bio == 0 || ssl == 0 || len < 0) {
++		return -1;
++	}
++	BIO_clear_retry_flags(bio);
++	totalWritten = 0;
++	do {
++		written = BIO_write(bio, buf, len);
++		mprLog(7, "written %d, len %d\n", written, len);
++		if (written >= 0) {
++			do {
++				rc = BIO_flush(bio);
++				mprLog(7, "BIO_flush rc %d\n", rc);
++				if (rc > 0) {
++					//	Success
++					break;
++				}
++				//
++				//	Nap to prevent busy waiting.
++				//
++				mprSleep(10);
++			} while (rc <= 0 && BIO_should_retry(bio));
++			totalWritten += written;
++			buf += written;
++			len -= written;
++		}
++		mprLog(7, "write: len %d, written %d, total %d, should_retry %d\n",
++			len, written, totalWritten, BIO_should_retry(bio));
++	} while (len > 0 && (written > 0 || BIO_should_retry(bio)));
++
++//AFF
++	if(written < 0 && BIO_should_retry(bio) == 0)
++		return -1;
++//
++
++	return totalWritten;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++int MaOpenSslSocket::flush()
++{
++	return BIO_flush(bio);
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++int	MaOpenSslSocket::read(char *buf, int len)
++{
++	int		rc;
++
++	if (bio == 0 || ssl == 0) {
++		return -1;
++	}
++
++	rc = BIO_read(bio, buf, len);
++
++#if DEBUG
++	if (rc > 0 && !connTraced) {
++		X509_NAME	*xSubject;
++		X509		*cert;
++		char		subject[260], issuer[260], peer[260];
++
++		mprLog(4, "%d: SSL Connected using: \"%s\"\n",
++			sock, SSL_get_cipher(ssl));
++
++		cert = SSL_get_peer_certificate(ssl);
++		if (cert == 0) {
++			mprLog(4, "%d: SSL Details: client supplied no certificate\n",
++				sock);
++		} else {
++			xSubject = X509_get_subject_name(cert);
++			X509_NAME_oneline(xSubject, subject, sizeof(subject) -1);
++			X509_NAME_oneline(X509_get_issuer_name(cert), issuer,
++				sizeof(issuer) -1);
++			X509_NAME_get_text_by_NID(xSubject, NID_commonName, peer,
++				sizeof(peer) - 1);
++			mprLog(4, "%d: SSL Subject %s\n", sock, subject);
++			mprLog(4, "%d: SSL Issuer: %s\n", sock, issuer);
++			mprLog(4, "%d: SSL Peer: %s\n", sock, peer);
++			X509_free(cert);
++		}
++		connTraced = 1;
++	}
++#endif
++
++	if (rc > 0) {
++		return rc;
++
++	} else if (rc == 0) {
++		if (BIO_should_retry(bio)) {
++			return 0;
++		}
++		flags |= MPR_SOCKET_EOF;
++		return 0;
++	}
++	if (BIO_should_retry(bio)) {
++		return 0;
++	}
++	return rc;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++#if UNUSED
++//
++//	Return true if end of file
++//
++
++bool MaOpenSslSocket::getEof()
++{
++	bool	rc;
++
++	rc = (BIO_eof(bio) != 0);
++	return rc;
++}
++
++#endif
++
++////////////////////////////////////////////////////////////////////////////////
++#if BLD_FEATURE_MULTITHREAD
++
++static ulong sslThreadId()
++{
++	return (long) mprGetCurrentThread();
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++static void sslStaticLock(int mode, int n, const char *file, int line)
++{
++	mprAssert(0 <= n && n < numLocks);
++	if (mode & CRYPTO_LOCK) {
++		locks[n]->lock();
++	} else {
++		locks[n]->unlock();
++	}
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++static DynLock *sslCreateDynLock(const char *file, int line)
++{
++	DynLock		*dl;
++
++	dl = (DynLock*) mprMalloc(sizeof(DynLock));
++	dl->mutex = new MprMutex();
++	return dl;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++static void sslDestroyDynLock(DynLock *dl, const char *file, int line)
++{
++	delete dl->mutex;
++	mprFree(dl);
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++static void sslDynLock(int mode, DynLock *dl, const char *file, int line)
++{
++	if (mode & CRYPTO_LOCK) {
++		dl->mutex->lock();
++	} else {
++		dl->mutex->unlock();
++	}
++}
++
++#endif // BLD_FEATURE_MULTITHREAD
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Used for ephemeral RSA keys
++//
++
++static RSA *rsaCallback(SSL *ssl, int isExport, int keyLength)
++{
++	MaOpenSslSocket	*sslSocket;
++	MaOpenSslConfig	*config;
++	RSA 			*key;
++
++	sslSocket = (MaOpenSslSocket*) SSL_get_app_data(ssl);
++	config = (MaOpenSslConfig*) sslSocket->getConfig();
++
++	key = 0;
++	switch (keyLength) {
++	case 512:
++		key = config->rsaKey512;
++		break;
++
++	case 1024:
++	default:
++		key = config->rsaKey1024;
++	}
++	return key;
++}
++
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Used for ephemeral DH keys
++//
++
++static DH *dhCallback(SSL *ssl, int isExport, int keyLength)
++{
++	MaOpenSslSocket	*sslSocket;
++	MaOpenSslConfig	*config;
++	DH	 			*key;
++
++	sslSocket = (MaOpenSslSocket*) SSL_get_app_data(ssl);
++	config = (MaOpenSslConfig*) sslSocket->getConfig();
++
++	key = 0;
++	switch (keyLength) {
++	case 512:
++		key = config->dhKey512;
++		break;
++
++	case 1024:
++	default:
++		key = config->dhKey1024;
++	}
++	return key;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++#else
++void mprOpenSslModuleDummy() {}
++
++#endif // BLD_FEATURE_OPENSSL_MODULE
++
++//
++// Local variables:
++// tab-width: 4
++// c-basic-offset: 4
++// End:
++// vim:tw=78
++// vim600: sw=4 ts=4 fdm=marker
++// vim<600: sw=4 ts=4
++//
 === added file 'appWeb/thread.cpp'
 --- appWeb/thread.cpp	1970-01-01 00:00:00 +0000
 +++ appWeb/thread.cpp	2011-11-23 01:01:25 +0000
@@ -0,0 +1,768 @@
++///
++///	@file 	WIN/thread.cpp
++/// @brief 	Primitive multi-threading support for Linux
++/// @overview This module provides threading, mutex and condition
++///		variable APIs for Windows.
++//
++////////////////////////////////// Copyright ///////////////////////////////////
++//
++//	@copy	default
++//
++//	Copyright (c) Mbedthis Software LLC, 2003-2006. All Rights Reserved.
++//	Copyright (c) Michael O'Brien, 1994-2006. All Rights Reserved.
++//
++//	This software is distributed under commercial and open source licenses.
++//	You may use the GPL open source license described below or you may acquire
++//	a commercial license from Mbedthis Software. You agree to be fully bound
++//	by the terms of either license. Consult the LICENSE.TXT distributed with
++//	this software for full details.
++//
++//	This software is open source; you can redistribute it and/or modify it
++//	under the terms of the GNU General Public License as published by the
++//	Free Software Foundation; either version 2 of the License, or (at your
++//	option) any later version. See the GNU General Public License for more
++//	details at: http://www.mbedthis.com/downloads/gplLicense.html
++//
++//	This program is distributed WITHOUT ANY WARRANTY; without even the
++//	implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
++//
++//	This GPL license does NOT permit incorporating this software into
++//	proprietary programs. If you are unable to comply with the GPL, you must
++//	acquire a commercial license to use this software. Commercial licenses
++//	for this software and support services are available from Mbedthis
++//	Software at http://www.mbedthis.com
++//
++//	@end
++//
++////////////////////////////////// Includes ///////////////////////////////////
++
++#include	"mpr/mpr.h"
++
++//////////////////////////////////// Locals ///////////////////////////////////
++#if BLD_FEATURE_MULTITHREAD
++
++#if BLD_DEBUG
++CRITICAL_SECTION	debugCs;
++static MprList		mutexList;
++static int			numMutex = -1;		// Must initialize to -1 (see addMutex)
++MprList				condList;
++
++#define DEBUG_TIME	0					// Spare[0] == time
++#define DEBUG_ID	1					// Spare[1] == thread id
++#endif
++
++//////////////////////////// Forward Declarations /////////////////////////////
++
++static uint			__stdcall threadProcWrapper(void *arg);
++
++#if BLD_DEBUG
++#if UNUSED
++static void			lockBuster(void *data, MprThread *tp);
++#endif
++static void			removeMutex(MprMutex *mp);
++static void			addMutex(MprMutex *mp);
++#endif
++
++///////////////////////////////////// Code ////////////////////////////////////
++//
++//	Initialize thread service
++//
++//
++
++MprThreadService::MprThreadService()
++{
++	mutex = new MprMutex();
++
++	//
++	//	Don't actually create the thread. Just create a thread object for this
++	//	main thread.
++	//
++	mainThread = new MprThread(MPR_NORMAL_PRIORITY, "main");
++	mainThread->setId(GetCurrentThreadId());
++
++	insertThread(mainThread);
++}
++
++///////////////////////////////////////////////////////////////////////////////
++//
++//	Terminate the thread service
++//
++
++MprThreadService::~MprThreadService()
++{
++	delete mainThread;
++
++#if BLD_DEBUG
++	if (threads.getNumItems() > 0) {
++		mprError(MPR_L, MPR_LOG, "Exiting with %d thread(s) unfreed",
++			threads.getNumItems());
++	}
++	if (condList.getNumItems() > 0) {
++		mprError(MPR_L, MPR_LOG, "Exiting with %d cond var(s) unfreed",
++			condList.getNumItems());
++	}
++	//
++	//	We allow one open mutex for the log service which has not yet shutdown,
++	//	and one for the libmpr DLL (malloc), we also need one for our mutex
++	//	is freed below.
++	//
++	if (mutexList.getNumItems() > 3) {
++		mprError(MPR_L, MPR_LOG, "Exiting with %d mutex(es) unfreed",
++			mutexList.getNumItems() - 3);
++	}
++#endif
++	delete mutex;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Add a thread to the list
++//
++
++void MprThreadService::insertThread(MprThread *tp)
++{
++	lock();
++	threads.insert(tp);
++	unlock();
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Remove a thread from the list
++//
++
++void MprThreadService::removeThread(MprThread *tp)
++{
++	lock();
++	threads.remove(tp);
++	unlock();
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Nothing to do
++//
++
++int MprThreadService::start()
++{
++#if BLD_DEBUG && UNUSED
++	MprThread	*tp;
++
++	if (!mprGetDebugMode()) {
++		tp = new MprThread(lockBuster, MPR_LOW_PRIORITY, 0, "watch");
++		tp->start();
++	}
++#endif
++	return 0;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Nothing to do. We expect the threads to be self terminating.
++//
++
++int MprThreadService::stop(int timeout)
++{
++	//
++	//  Wait until all threads (except main thread) have exited
++	//
++	while (threads.getNumItems() > 1 && timeout > 0) {
++		mprSleep(10);
++		timeout -= 10;
++	}
++	return 0;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Return the current thread object
++//
++
++MprThread *MprThreadService::getCurrentThread()
++{
++	MprThread	*tp;
++	int			id;
++
++	lock();
++	id = (int) GetCurrentThreadId();
++	tp = (MprThread*) threads.getFirst();
++	while (tp) {
++		if (tp->getId() == id) {
++			unlock();
++			return tp;
++		}
++		tp = (MprThread*) threads.getNext(tp);
++	}
++	unlock();
++	return 0;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++////////////////////////////////// MprThread ///////////////////////////////////
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Create a main thread
++//
++
++MprThread::MprThread(int priority, char *name)
++{
++	osThreadId = 0;
++	pid = getpid();
++	threadHandle = 0;
++	this->priority = priority;
++	entry = 0;
++	data = 0;
++	this->name = mprStrdup(name);
++
++	mutex = new MprMutex();
++	//
++	//	Inserted into the thread list in MprThreadService()
++	//
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Create a thread
++//
++
++MprThread::MprThread(MprThreadProc entry, int priority, void *data,
++	char *name, int stackSize)
++{
++	osThreadId = 0;
++	pid = getpid();
++	threadHandle = 0;
++	this->priority = priority;
++	this->entry = entry;
++	this->data = data;
++	this->name = mprStrdup(name);
++
++	mutex = new MprMutex();
++	mpr->threadService->insertThread(this);
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Destroy a thread
++//
++
++MprThread::~MprThread()
++{
++	lock();
++	mprLog(MPR_INFO, "Thread exiting %s (%x)\n", name, osThreadId);
++
++	mpr->threadService->removeThread(this);
++	mprFree(name);
++	if (threadHandle) {
++		CloseHandle(threadHandle);
++	}
++	delete mutex;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Start a thread
++//
++
++int MprThread::start()
++{
++	HANDLE			h;
++	uint			threadId;
++
++	lock();
++	h = (HANDLE) _beginthreadex(NULL, 0, threadProcWrapper, (void*) this,
++		0, &threadId);
++	if (h == NULL) {
++		unlock();
++		return MPR_ERR_CANT_INITIALIZE;
++	}
++	osThreadId = (ulong) threadId;
++	threadHandle = (HANDLE) h;
++
++	setPriority(priority);
++	mprLog(MPR_INFO, "Created thread %s (%x)\n", name, threadId);
++	unlock();
++	return 0;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Thread entry function
++//
++
++static uint __stdcall threadProcWrapper(void *data)
++{
++//AFF gracefull crash, main app should exit
++#if BLD_DEBUG
++#else
++	try
++	{
++#endif
++	MprThread		*tp;
++
++	tp = (MprThread*) data;
++	tp->threadProc();
++	delete tp;
++
++#if BLD_DEBUG
++#else
++	}
++	catch(...)
++	{
++		mprLog((char*)"ERROR: catch(...) threadProcWrapper crashed. terminating gracefully...");
++		mprGetMpr()->terminate(1);
++	}
++#endif
++
++	return 0;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Thread procedure
++//
++
++void MprThread::threadProc()
++{
++	osThreadId = GetCurrentThreadId();
++	pid = getpid();
++	(entry)(data, this);
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++void MprThread::setPriority(int newPriority)
++{
++	int		osPri;
++
++	lock();
++	if (priority == newPriority) {
++		unlock();
++		return;
++	}
++
++	osPri = mapMprPriorityToOs(newPriority);
++	SetThreadPriority(threadHandle, osPri);
++	priority = newPriority;
++	unlock();
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++void MprThread::setId(int id)
++{
++	osThreadId = (ulong) id;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Map Mpr priority to Windows native priority. Windows priorities range from
++//	-15 to +15 (zero is normal). Warning: +15 will not yield the CPU, -15 may
++//	get starved. We should be very wary going above +11.
++//
++
++int MprThread::mapMprPriorityToOs(int mprPriority)
++{
++	mprAssert(mprPriority >= 0 && mprPriority <= 100);
++
++	if (mprPriority <= MPR_BACKGROUND_PRIORITY) {
++		return THREAD_PRIORITY_LOWEST;
++	} else if (mprPriority <= MPR_LOW_PRIORITY) {
++		return THREAD_PRIORITY_BELOW_NORMAL;
++	} else if (mprPriority <= MPR_NORMAL_PRIORITY) {
++		return THREAD_PRIORITY_NORMAL;
++	} else if (mprPriority <= MPR_HIGH_PRIORITY) {
++		return THREAD_PRIORITY_ABOVE_NORMAL;
++	} else {
++		return THREAD_PRIORITY_HIGHEST;
++	}
++}
++
++///////////////////////////////////////////////////////////////////////////////
++//
++//	Map Windows priority to Mpr priority
++//
++
++int MprThread::mapOsPriorityToMpr(int nativePriority)
++{
++	int		priority;
++
++	priority = (45 * nativePriority) + 50;
++	if (priority < 0) {
++		priority = 0;
++	}
++	if (priority >= 100) {
++		priority = 99;
++	}
++	return priority;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++/////////////////////////////////// MprMutex ///////////////////////////////////
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Create a mutex
++//
++
++MprMutex::MprMutex()
++{
++	memset(&cs, 0, sizeof(cs));
++	InitializeCriticalSectionAndSpinCount(&cs, 5000);
++
++#if BLD_DEBUG
++	addMutex(this);
++	cs.DebugInfo->Spare[DEBUG_ID] = -1;				// Thread ID goes here
++	cs.DebugInfo->Spare[DEBUG_TIME] = 0;			// Time goes here
++#endif
++}
++
++///////////////////////////////////////////////////////////////////////////////
++//
++//	Destroy a mutex. Must be locked on entrance.
++//
++
++MprMutex::~MprMutex()
++{
++	DeleteCriticalSection(&cs);
++#if BLD_DEBUG
++	removeMutex(this);
++#endif
++}
++
++///////////////////////////////////////////////////////////////////////////////
++//
++//	Lock a mutex
++//
++
++void MprMutex::lock()
++{
++	EnterCriticalSection(&cs);
++
++#if BLD_DEBUG
++	mprAssert(cs.RecursionCount >= 0);
++	mprAssert(cs.RecursionCount < MPR_MAX_RECURSION);
++	mprAssert(cs.LockCount < MPR_MAX_BLOCKED_LOCKS);
++
++	cs.DebugInfo->Spare[DEBUG_ID] = (ulong) GetCurrentThreadId();
++	cs.DebugInfo->Spare[DEBUG_TIME] = GetTickCount();
++#endif
++}
++
++///////////////////////////////////////////////////////////////////////////////
++//
++//	Try to lock a mutex. Do not block!
++//
++
++int MprMutex::tryLock()
++{
++	mprAssert(cs.RecursionCount >= 0);
++	if (TryEnterCriticalSection(&cs) == 0) {
++		return MPR_ERR_BUSY;
++	}
++#if BLD_DEBUG
++	cs.DebugInfo->Spare[DEBUG_ID] = (ulong) GetCurrentThreadId();
++	cs.DebugInfo->Spare[DEBUG_TIME] = GetTickCount();
++#endif
++	return 0;
++}
++
++///////////////////////////////////////////////////////////////////////////////
++//
++//	Unlock a mutex.  structure
++//
++
++void MprMutex::unlock()
++{
++#if BLD_DEBUG
++	mprAssert(cs.DebugInfo->Spare[DEBUG_ID] == (ulong) GetCurrentThreadId());
++	mprAssert(cs.RecursionCount > 0);
++	mprAssert(cs.RecursionCount < MPR_MAX_RECURSION);
++	mprAssert(cs.LockCount < MPR_MAX_LOCKS);
++	cs.DebugInfo->Spare[DEBUG_TIME] = GetTickCount();
++#endif
++	LeaveCriticalSection(&cs);
++}
++
++///////////////////////////////////////////////////////////////////////////////
++/////////////////////////////////// MprCond ////////////////////////////////////
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Create a condition variable for use by single or multiple waiters
++//
++
++MprCond::MprCond()
++{
++#if UNUSED
++	wakeAll = 0;
++	numWaiting = 0;
++#endif
++	triggered = 0;
++	mutex = new MprMutex();
++	cv = CreateEvent(NULL, FALSE, FALSE, NULL);
++}
++
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Destroy a condition variable
++//
++
++MprCond::~MprCond()
++{
++	mutex->lock();
++	CloseHandle(cv);
++	delete mutex;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Wait for the event to be triggered. Should only be used when there are
++//	single waiters. If the event is already triggered, then it will return
++//	immediately.
++//
++
++int MprCond::waitForCond(long timeout)
++{
++	if (timeout < 0) {
++		timeout = MAXINT;
++	}
++
++	if (WaitForSingleObject(cv, timeout) != WAIT_OBJECT_0) {
++		return -1;
++	}
++
++	//
++	//	Reset the event
++	//
++	mutex->lock();
++	mprAssert(triggered != 0);
++	triggered = 0;
++	ResetEvent(cv);
++	mutex->unlock();
++
++	return 0;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++#if UNUSED
++//
++//	Wait for a condition variable to be signalled. Suitable for when there are
++//	multiple waiters. It will work for single waiters, but is slower than
++//	waitForCond() above. Depending on whether signalCond() or signalAll() is
++//	used, a single waiter or multiple waiters may awake with one invocation of
++//	signal. If the condition is already triggered, this routine will not block
++//	for the first waiter. NOTE: the externalMutex must be defined and locked on
++//	entry to this routine
++//
++
++int MprCond::multiWait(MprMutex *externalMutex, long timeout)
++{
++	int		now, deadline;
++
++	if (timeout < 0) {
++		timeout = MAXINT;
++	}
++	now = mprGetTime(0);
++	deadline = now + timeout;
++
++	while (now <= deadline) {
++		mutex->lock();
++		numWaiting++;
++		mutex->unlock();
++
++		externalMutex->unlock();
++
++		if (WaitForSingleObject(cv, timeout) != WAIT_OBJECT_0) {
++			return -1;
++		}
++
++		mutex->lock();
++		--numWaiting;
++		if (wakeAll) {
++			//
++			//	Last thread to awake must reset the event
++			//
++			if (numWaiting == 0) {
++				wakeAll = 0;
++				ResetEvent(cv);
++			}
++			mutex->unlock();
++			break;
++		}
++		if (triggered) {
++			triggered = 0;
++			ResetEvent(cv);
++			mutex->unlock();
++			break;
++		}
++		mutex->unlock();
++		now = mprGetTime(0);
++	}
++	externalMutex->lock();
++	return 0;
++}
++
++#endif
++////////////////////////////////////////////////////////////////////////////////
++//
++//	Signal a condition and wakeup the waiter. Note: this may be called
++//	prior to the waiter waiting.
++//
++
++void MprCond::signalCond()
++{
++	mutex->lock();
++	triggered = 1;
++#if UNUSED
++	wakeAll = 0;
++#endif
++	SetEvent(cv);
++	mutex->unlock();
++}
++
++///////////////////////////////////////////////////////////////////////////////
++#if UNUSED
++//
++//	Signal all waiters. Note: this may be called prior to anyone waiting.
++//
++
++void MprCond::signalAll()
++{
++	mutex->lock();
++	triggered = 1;
++#if UNUSED
++	wakeAll = 1;
++#endif
++	SetEvent(cv);
++	mutex->unlock();
++}
++
++///////////////////////////////////////////////////////////////////////////////
++//
++//	Use very carefully when you really know what you are doing. More dangerous
++//	than it looks
++//
++
++void MprCond::reset()
++{
++	mutex->lock();
++	triggered = 0;
++#if UNUSED
++	wakeAll = 0;
++#endif
++	ResetEvent(cv);
++	mutex->unlock();
++}
++
++#endif
++///////////////////////////////////////////////////////////////////////////////
++////////////////////////////////////// Debug //////////////////////////////////
++///////////////////////////////////////////////////////////////////////////////
++#if BLD_DEBUG
++#if UNUSED
++
++static void	lockBuster(void *data, MprThread *tp)
++{
++	MprMutex		*mp;
++	int			duration;
++	uint		tid, whenLocked, ticks;
++
++	tid = (int) GetCurrentThreadId();
++	while (! mpr->isExiting()) {
++		if (numMutex > MPR_MAX_LOCKS) {
++			mprError(MPR_L, MPR_LOG, "Too many mutexes");
++		}
++
++		mp = (MprMutex*) mutexList.getFirst();
++		while (mp) {
++			whenLocked = mp->cs.DebugInfo->Spare[DEBUG_TIME];
++
++			if (mp->cs.RecursionCount > 0) {
++				ticks = GetTickCount();
++				if (ticks < whenLocked) {
++					duration = 0xFFFFFFFF - whenLocked + 1 + ticks;
++				} else {
++					duration = ticks - whenLocked;
++				}
++				if (duration > MPR_MAX_LOCK_TIME) {
++					mprError(MPR_L, MPR_LOG, "Mutex held too long");
++					//	FUTURE -- could bust the lock here ... mp->unlock();
++				}
++			}
++			mp = (MprMutex*) mutexList.getNext(&mp->link);
++		}
++		mprSleep(500);
++	}
++}
++
++#endif // UNUSED
++///////////////////////////////////////////////////////////////////////////////
++//
++//	Add this mutex to the list
++//
++
++static void addMutex(MprMutex *mp)
++{
++	//
++	//	First time initialization
++	//
++	if (numMutex < 0) {
++		memset(&debugCs, 0, sizeof(debugCs));
++		InitializeCriticalSectionAndSpinCount(&debugCs, 4000);
++	}
++	EnterCriticalSection(&debugCs);
++	mutexList.insert(&mp->link);
++	numMutex++;
++	LeaveCriticalSection(&debugCs);
++}
++
++///////////////////////////////////////////////////////////////////////////////
++//
++//	Remove this mutex from the list
++//
++
++static void removeMutex(MprMutex *mp)
++{
++	EnterCriticalSection(&debugCs);
++	numMutex--;
++	mutexList.remove(&mp->link);
++	LeaveCriticalSection(&debugCs);
++}
++
++///////////////////////////////////////////////////////////////////////////////
++//
++//	Return the number of mutexes owned by this thread
++//
++
++int MprDebug::getMutexNum()
++{
++	MprMutex		*mp;
++	int			num;
++	uint		tid;
++
++	tid = (uint) GetCurrentThreadId();
++
++	num = 0;
++	mp = (MprMutex*) mutexList.getFirst();
++	while (mp) {
++
++		if (mp->cs.DebugInfo->Spare[DEBUG_ID] == tid) {
++			num++;
++		}
++		mp = (MprMutex*) mutexList.getNext(&mp->link);
++	}
++	return num;
++}
++
++#endif // BLD_DEBUG
++#endif // BLD_FEATURE_MULTITHREAD
++///////////////////////////////////////////////////////////////////////////////
++
++//
++// Local variables:
++// tab-width: 4
++// c-basic-offset: 4
++// End:
++// vim:tw=78
++// vim600: sw=4 ts=4 fdm=marker
++// vim<600: sw=4 ts=4
++//
 === added file 'appweb.cnf'
 --- appweb.cnf	1970-01-01 00:00:00 +0000
 +++ appweb.cnf	2011-11-23 01:01:25 +0000
@@ -0,0 +1,27 @@
++ServerRoot "."
++DocumentRoot "."
++
++LoadModulePath  $SERVER_ROOT
++
++LoadModule psiphonHandler 	libpsiphonHandler
++LoadModule ssl		 	libsslModule
++LoadModule openSsl 		libopenSslModule
++
++ThreadLimit 100
++KeepAlive on
++
++<VirtualHost *:*>
++	AddHandler psiphonHandler
++	DocumentRoot "."
++	SSLEngine on
++	SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
++	SSLProtocol ALL -SSLV2
++
++	SSLCertificateFile "$SERVER_ROOT/cert.pem"
++	SSLCertificateKeyFile "$SERVER_ROOT/key.pem"
++
++	<Location />
++		HttpChunking off
++		SetHandler  psiphonHandler
++	</Location>
++</VirtualHost>
 === added file 'bake-w32.bat'
 --- bake-w32.bat	1970-01-01 00:00:00 +0000
 +++ bake-w32.bat	2011-11-23 01:01:25 +0000
@@ -0,0 +1,1 @@
++bakefile -f msvc6prj psiphon.bkl
 \ No newline at end of file
 === added file 'changes.txt'
 --- changes.txt	1970-01-01 00:00:00 +0000
 +++ changes.txt	2011-11-23 01:01:25 +0000
@@ -0,0 +1,99 @@
++-------------------------------------------
++Changes in version 1.6 (09 Mar 2007)
++- added fingerprint to SSL certificate page
++- added update downloading
++- minor code revisions
++
++-------------------------------------------
++Changes in version 1.5 (09 Feb 2007)
++
++- fixed '100% CPU usage' bug
++- added psiphon will find available port if 443 is not
++- added double click on a link in the log window opens it in default browser
++- added column sorting
++- added status icons
++- added choise for "Get My IP" server
++- added SLL country combo sorting
++- changed System Tray icon to be always available
++- minor GUI revisions
++- minor code revisions
++
++-------------------------------------------
++Changes in version 1.4 (26 Jan 2007)
++
++- added minimize to task bar
++- added single bakefile file for both platforms(WIN, LINUX)
++- added detailed build instructions for both platforms
++- fixed compatibility with Shaw Secure
++- improved HTML entities decoding
++- minor code revisions
++
++-------------------------------------------
++Changes in version 1.3 (29 Dec 2006)
++
++Added:
++- HTML entities decoding in the HTML filter
++
++Changed:
++- Improved CSS filtering
++
++- Improved error handling
++
++- Limited user input
++
++- Delete user related info when delete user
++
++- Password overwrite bug fixed
++
++- Switched to prepared SQL statements throughout the code
++
++- Minor code revisions
++
++-------------------------------------------
++Changes in version 1.2 (15 Dec 2006)
++
++Added:
++- Custom SSL certificate
++
++- Log level persistence
++
++- Log can be disabled
++
++Changed:
++- Image on/off handling through "Javascript:void(0);" in order to avoid extra HTTP requests
++
++- Updated wxWidgets framework to 2.8
++
++- Updated Advanced Installer to 4.6
++
++- Fixed several buffer overflow vulnerabilities
++
++-------------------------------------------
++Changes in version 1.1 (8 Dec 2006)
++
++Added:
++- psiphon access is forbidden (HTTP 403) to domains that resolve to localhost or
++  private network
++
++- Multiple network interface cards support
++
++- Our own external IP detection service
++
++- Version check on startup
++
++- Users can toggle images on/off in the blue bar
++
++Changed:
++- URLs in HTTP requests to psiphon must be prepended with psiphonode name
++  set by psiphon admin at setup, i.e. https://<IP>:<port>/<psiphonode>/login/..,
++  https://<IP>:<port>/<psiphonode>/fetch/.. etc.
++
++- Replacement tags (<%varname%>) added in HTML templates.
++
++- wxWidgets HTTP headers are replaced with generic headers
++
++- New database design in order to minimize SQLite locking
++
++- GUI changes
++
++- Minor bug fixes
 \ No newline at end of file
 === added directory 'common'
 === added file 'common/CppSQLite3.cpp'
 --- common/CppSQLite3.cpp	1970-01-01 00:00:00 +0000
 +++ common/CppSQLite3.cpp	2011-11-23 01:01:25 +0000
@@ -0,0 +1,1383 @@
++////////////////////////////////////////////////////////////////////////////////
++// CppSQLite3 - A C++ wrapper around the SQLite3 embedded database library.
++//
++// Copyright (c) 2004 Rob Groves. All Rights Reserved. rob.groves@btinternet.com
++//
++// Permission to use, copy, modify, and distribute this software and its
++// documentation for any purpose, without fee, and without a written
++// agreement, is hereby granted, provided that the above copyright notice,
++// this paragraph and the following two paragraphs appear in all copies,
++// modifications, and distributions.
++//
++// IN NO EVENT SHALL THE AUTHOR BE LIABLE TO ANY PARTY FOR DIRECT,
++// INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES, INCLUDING LOST
++// PROFITS, ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION,
++// EVEN IF THE AUTHOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++//
++// THE AUTHOR SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING, BUT NOT
++// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
++// PARTICULAR PURPOSE. THE SOFTWARE AND ACCOMPANYING DOCUMENTATION, IF
++// ANY, PROVIDED HEREUNDER IS PROVIDED "AS IS". THE AUTHOR HAS NO OBLIGATION
++// TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
++//
++// V3.0		03/08/2004	-Initial Version for sqlite3
++//
++// V3.1		16/09/2004	-Implemented getXXXXField using sqlite3 functions
++//						-Added CppSQLiteDB3::tableExists()
++////////////////////////////////////////////////////////////////////////////////
++#include "CppSQLite3.h"
++#include <cstdlib>
++
++// Named constant for passing to CppSQLite3Exception when passing it a string
++// that cannot be deleted.
++static const bool DONT_DELETE_MSG = false;
++
++////////////////////////////////////////////////////////////////////////////////
++// Prototypes for SQLite functions not included in SQLite DLL, but copied below
++// from SQLite encode.c
++////////////////////////////////////////////////////////////////////////////////
++int sqlite3_encode_binary(const unsigned char* in, int n, unsigned char* out);
++int sqlite3_decode_binary(const unsigned char* in, unsigned char* out);
++
++////////////////////////////////////////////////////////////////////////////////
++
++////////////////////////////////////////////////////////////////////////////////
++
++CppSQLite3Exception::CppSQLite3Exception(const int nErrCode, char* szErrMess, bool bDeleteMsg/*=true*/) : mnErrCode(nErrCode)
++{
++	mpszErrMess = sqlite3_mprintf("%s[%d]: %s", errorCodeAsString(nErrCode), nErrCode, szErrMess ? szErrMess : "");
++
++	if(bDeleteMsg && szErrMess)
++	{
++		sqlite3_free(szErrMess);
++	}
++}
++
++CppSQLite3Exception::CppSQLite3Exception(const CppSQLite3Exception& e) : mnErrCode(e.mnErrCode)
++{
++	mpszErrMess = 0;
++	if(e.mpszErrMess)
++	{
++		mpszErrMess = sqlite3_mprintf("%s", e.mpszErrMess);
++	}
++}
++
++const char* CppSQLite3Exception::errorCodeAsString(int nErrCode)
++{
++	switch(nErrCode)
++	{
++	case SQLITE_OK  		:
++		return "SQLITE_OK";
++	case SQLITE_ERROR   	:
++		return "SQLITE_ERROR";
++	case SQLITE_INTERNAL	:
++		return "SQLITE_INTERNAL";
++	case SQLITE_PERM		:
++		return "SQLITE_PERM";
++	case SQLITE_ABORT   	:
++		return "SQLITE_ABORT";
++	case SQLITE_BUSY		:
++		return "SQLITE_BUSY";
++	case SQLITE_LOCKED  	:
++		return "SQLITE_LOCKED";
++	case SQLITE_NOMEM   	:
++		return "SQLITE_NOMEM";
++	case SQLITE_READONLY	:
++		return "SQLITE_READONLY";
++	case SQLITE_INTERRUPT   :
++		return "SQLITE_INTERRUPT";
++	case SQLITE_IOERR   	:
++		return "SQLITE_IOERR";
++	case SQLITE_CORRUPT 	:
++		return "SQLITE_CORRUPT";
++	case SQLITE_NOTFOUND	:
++		return "SQLITE_NOTFOUND";
++	case SQLITE_FULL		:
++		return "SQLITE_FULL";
++	case SQLITE_CANTOPEN	:
++		return "SQLITE_CANTOPEN";
++	case SQLITE_PROTOCOL	:
++		return "SQLITE_PROTOCOL";
++	case SQLITE_EMPTY   	:
++		return "SQLITE_EMPTY";
++	case SQLITE_SCHEMA  	:
++		return "SQLITE_SCHEMA";
++	case SQLITE_TOOBIG  	:
++		return "SQLITE_TOOBIG";
++	case SQLITE_CONSTRAINT  :
++		return "SQLITE_CONSTRAINT";
++	case SQLITE_MISMATCH	:
++		return "SQLITE_MISMATCH";
++	case SQLITE_MISUSE  	:
++		return "SQLITE_MISUSE";
++	case SQLITE_NOLFS   	:
++		return "SQLITE_NOLFS";
++	case SQLITE_AUTH		:
++		return "SQLITE_AUTH";
++	case SQLITE_FORMAT  	:
++		return "SQLITE_FORMAT";
++	case SQLITE_RANGE   	:
++		return "SQLITE_RANGE";
++	case SQLITE_ROW 		:
++		return "SQLITE_ROW";
++	case SQLITE_DONE		:
++		return "SQLITE_DONE";
++	case CPPSQLITE_ERROR	:
++		return "CPPSQLITE_ERROR";
++	default:
++		return "UNKNOWN_ERROR";
++	}
++}
++
++CppSQLite3Exception::~CppSQLite3Exception()
++{
++	if(mpszErrMess)
++	{
++		sqlite3_free(mpszErrMess);
++		mpszErrMess = 0;
++	}
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++CppSQLite3Buffer::CppSQLite3Buffer()
++{
++	mpBuf = 0;
++}
++
++CppSQLite3Buffer::~CppSQLite3Buffer()
++{
++	clear();
++}
++
++void CppSQLite3Buffer::clear()
++{
++	if(mpBuf)
++	{
++		sqlite3_free(mpBuf);
++		mpBuf = 0;
++	}
++}
++
++const char* CppSQLite3Buffer::format(const char* szFormat, ...)
++{
++	clear();
++	va_list va;
++	va_start(va, szFormat);
++	mpBuf = sqlite3_vmprintf(szFormat, va);
++	va_end(va);
++	return mpBuf;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++CppSQLite3Binary::CppSQLite3Binary() : mpBuf(0), mnBinaryLen(0), mnBufferLen(0), mnEncodedLen(0), mbEncoded(false)
++{
++}
++
++CppSQLite3Binary::~CppSQLite3Binary()
++{
++	clear();
++}
++
++void CppSQLite3Binary::setBinary(const unsigned char* pBuf, int nLen)
++{
++	mpBuf = allocBuffer(nLen);
++	memcpy(mpBuf, pBuf, nLen);
++}
++
++void CppSQLite3Binary::setEncoded(const unsigned char* pBuf)
++{
++	clear();
++
++	mnEncodedLen = strlen((const char*)pBuf);
++	mnBufferLen = mnEncodedLen + 1; // Allow for NULL terminator
++
++	mpBuf = (unsigned char*)malloc(mnBufferLen);
++
++	if(!mpBuf)
++	{
++		throw CppSQLite3Exception(CPPSQLITE_ERROR, "Cannot allocate memory", DONT_DELETE_MSG);
++	}
++
++	memcpy(mpBuf, pBuf, mnBufferLen);
++	mbEncoded = true;
++}
++
++const unsigned char* CppSQLite3Binary::getEncoded()
++{
++	if(!mbEncoded)
++	{
++		unsigned char* ptmp = (unsigned char*)malloc(mnBinaryLen);
++		memcpy(ptmp, mpBuf, mnBinaryLen);
++		mnEncodedLen = sqlite3_encode_binary(ptmp, mnBinaryLen, mpBuf);
++		free(ptmp);
++		mbEncoded = true;
++	}
++
++	return mpBuf;
++}
++
++const unsigned char* CppSQLite3Binary::getBinary()
++{
++	if(mbEncoded)
++	{
++		// in/out buffers can be the same
++		mnBinaryLen = sqlite3_decode_binary(mpBuf, mpBuf);
++
++		if(mnBinaryLen == -1)
++		{
++			throw CppSQLite3Exception(CPPSQLITE_ERROR, "Cannot decode binary", DONT_DELETE_MSG);
++		}
++
++		mbEncoded = false;
++	}
++
++	return mpBuf;
++}
++
++int CppSQLite3Binary::getBinaryLength()
++{
++	getBinary();
++	return mnBinaryLen;
++}
++
++unsigned char* CppSQLite3Binary::allocBuffer(int nLen)
++{
++	clear();
++
++	// Allow extra space for encoded binary as per comments in
++	// SQLite encode.c See bottom of this file for implementation
++	// of SQLite functions use 3 instead of 2 just to be sure ;-)
++	mnBinaryLen = nLen;
++	mnBufferLen = 3 + (257 * nLen) / 254;
++
++	mpBuf = (unsigned char*)malloc(mnBufferLen);
++
++	if(!mpBuf)
++	{
++		throw CppSQLite3Exception(CPPSQLITE_ERROR, "Cannot allocate memory", DONT_DELETE_MSG);
++	}
++
++	mbEncoded = false;
++
++	return mpBuf;
++}
++
++void CppSQLite3Binary::clear()
++{
++	if(mpBuf)
++	{
++		mnBinaryLen = 0;
++		mnBufferLen = 0;
++		free(mpBuf);
++		mpBuf = 0;
++	}
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++CppSQLite3Query::CppSQLite3Query()
++{
++	mpVM = 0;
++	mbEof = true;
++	mnCols = 0;
++	mbOwnVM = false;
++}
++
++CppSQLite3Query::CppSQLite3Query(const CppSQLite3Query& rQuery)
++{
++	mpVM = rQuery.mpVM;
++	// Only one object can own the VM
++	const_cast<CppSQLite3Query&>(rQuery).mpVM = 0;
++	mbEof = rQuery.mbEof;
++	mnCols = rQuery.mnCols;
++	mbOwnVM = rQuery.mbOwnVM;
++}
++
++CppSQLite3Query::CppSQLite3Query(sqlite3* pDB, sqlite3_stmt* pVM, bool bEof, bool bOwnVM/*=true*/)
++{
++	mpDB = pDB;
++	mpVM = pVM;
++	mbEof = bEof;
++	mnCols = sqlite3_column_count(mpVM);
++	mbOwnVM = bOwnVM;
++}
++
++CppSQLite3Query::~CppSQLite3Query()
++{
++	try
++	{
++		finalize();
++	}
++	catch(...)
++	{
++	}
++}
++
++CppSQLite3Query& CppSQLite3Query::operator=(const CppSQLite3Query& rQuery)
++{
++	try
++	{
++		finalize();
++	}
++	catch(...)
++	{
++	}
++	mpVM = rQuery.mpVM;
++	// Only one object can own the VM
++	const_cast<CppSQLite3Query&>(rQuery).mpVM = 0;
++	mbEof = rQuery.mbEof;
++	mnCols = rQuery.mnCols;
++	mbOwnVM = rQuery.mbOwnVM;
++	return *this;
++}
++
++int CppSQLite3Query::numFields()
++{
++	checkVM();
++	return mnCols;
++}
++
++const char* CppSQLite3Query::fieldValue(int nField)
++{
++	checkVM();
++
++	if(nField < 0 || nField > mnCols - 1)
++	{
++		throw CppSQLite3Exception(CPPSQLITE_ERROR, "Invalid field index requested", DONT_DELETE_MSG);
++	}
++
++	return (const char*)sqlite3_column_text(mpVM, nField);
++}
++
++const char* CppSQLite3Query::fieldValue(const char* szField)
++{
++	int nField = fieldIndex(szField);
++	return (const char*)sqlite3_column_text(mpVM, nField);
++}
++
++int CppSQLite3Query::getIntField(int nField, int nNullValue/*=0*/)
++{
++	if(fieldDataType(nField) == SQLITE_NULL)
++	{
++		return nNullValue;
++	}
++	else
++	{
++		return sqlite3_column_int(mpVM, nField);
++	}
++}
++
++int CppSQLite3Query::getIntField(const char* szField, int nNullValue/*=0*/)
++{
++	int nField = fieldIndex(szField);
++	return getIntField(nField, nNullValue);
++}
++
++double CppSQLite3Query::getFloatField(int nField, double fNullValue/*=0.0*/)
++{
++	if(fieldDataType(nField) == SQLITE_NULL)
++	{
++		return fNullValue;
++	}
++	else
++	{
++		return sqlite3_column_double(mpVM, nField);
++	}
++}
++
++double CppSQLite3Query::getFloatField(const char* szField, double fNullValue/*=0.0*/)
++{
++	int nField = fieldIndex(szField);
++	return getFloatField(nField, fNullValue);
++}
++
++const char* CppSQLite3Query::getStringField(int nField, const char* szNullValue/*=""*/)
++{
++	if(fieldDataType(nField) == SQLITE_NULL)
++	{
++		return szNullValue;
++	}
++	else
++	{
++		return (const char*)sqlite3_column_text(mpVM, nField);
++	}
++}
++
++const char* CppSQLite3Query::getStringField(const char* szField, const char* szNullValue/*=""*/)
++{
++	int nField = fieldIndex(szField);
++	return getStringField(nField, szNullValue);
++}
++
++const unsigned char* CppSQLite3Query::getBlobField(int nField, int& nLen)
++{
++	checkVM();
++
++	if(nField < 0 || nField > mnCols - 1)
++	{
++		throw CppSQLite3Exception(CPPSQLITE_ERROR, "Invalid field index requested", DONT_DELETE_MSG);
++	}
++
++	nLen = sqlite3_column_bytes(mpVM, nField);
++	return (const unsigned char*)sqlite3_column_blob(mpVM, nField);
++}
++
++const unsigned char* CppSQLite3Query::getBlobField(const char* szField, int& nLen)
++{
++	int nField = fieldIndex(szField);
++	return getBlobField(nField, nLen);
++}
++
++bool CppSQLite3Query::fieldIsNull(int nField)
++{
++	return (fieldDataType(nField) == SQLITE_NULL);
++}
++
++bool CppSQLite3Query::fieldIsNull(const char* szField)
++{
++	int nField = fieldIndex(szField);
++	return (fieldDataType(nField) == SQLITE_NULL);
++}
++
++int CppSQLite3Query::fieldIndex(const char* szField)
++{
++	checkVM();
++
++	if(szField)
++	{
++		for(int nField = 0;nField < mnCols;nField++)
++		{
++			const char* szTemp = sqlite3_column_name(mpVM, nField);
++
++			if(strcmp(szField, szTemp) == 0)
++			{
++				return nField;
++			}
++		}
++	}
++
++	throw CppSQLite3Exception(CPPSQLITE_ERROR, "Invalid field name requested", DONT_DELETE_MSG);
++}
++
++const char* CppSQLite3Query::fieldName(int nCol)
++{
++	checkVM();
++
++	if(nCol < 0 || nCol > mnCols - 1)
++	{
++		throw CppSQLite3Exception(CPPSQLITE_ERROR, "Invalid field index requested", DONT_DELETE_MSG);
++	}
++
++	return sqlite3_column_name(mpVM, nCol);
++}
++
++const char* CppSQLite3Query::fieldDeclType(int nCol)
++{
++	checkVM();
++
++	if(nCol < 0 || nCol > mnCols - 1)
++	{
++		throw CppSQLite3Exception(CPPSQLITE_ERROR, "Invalid field index requested", DONT_DELETE_MSG);
++	}
++
++	return sqlite3_column_decltype(mpVM, nCol);
++}
++
++int CppSQLite3Query::fieldDataType(int nCol)
++{
++	checkVM();
++
++	if(nCol < 0 || nCol > mnCols - 1)
++	{
++		throw CppSQLite3Exception(CPPSQLITE_ERROR, "Invalid field index requested", DONT_DELETE_MSG);
++	}
++
++	return sqlite3_column_type(mpVM, nCol);
++}
++
++bool CppSQLite3Query::eof()
++{
++	checkVM();
++	return mbEof;
++}
++
++void CppSQLite3Query::nextRow()
++{
++	checkVM();
++
++	int nRet = sqlite3_step(mpVM);
++
++	if(nRet == SQLITE_DONE)
++	{
++		// no rows
++		mbEof = true;
++	}
++	else if(nRet == SQLITE_ROW)
++	{
++		// more rows, nothing to do
++	}
++	else
++	{
++		nRet = sqlite3_finalize(mpVM);
++		mpVM = 0;
++		const char* szError = sqlite3_errmsg(mpDB);
++		throw CppSQLite3Exception(nRet, (char*)szError, DONT_DELETE_MSG);
++	}
++}
++
++void CppSQLite3Query::finalize()
++{
++	if(mpVM && mbOwnVM)
++	{
++		int nRet = sqlite3_finalize(mpVM);
++		mpVM = 0;
++		if(nRet != SQLITE_OK)
++		{
++			const char* szError = sqlite3_errmsg(mpDB);
++			throw CppSQLite3Exception(nRet, (char*)szError, DONT_DELETE_MSG);
++		}
++	}
++}
++
++void CppSQLite3Query::checkVM()
++{
++	if(mpVM == 0)
++	{
++		throw CppSQLite3Exception(CPPSQLITE_ERROR, "Null Virtual Machine pointer", DONT_DELETE_MSG);
++	}
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++CppSQLite3Table::CppSQLite3Table()
++{
++	mpaszResults = 0;
++	mnRows = 0;
++	mnCols = 0;
++	mnCurrentRow = 0;
++}
++
++CppSQLite3Table::CppSQLite3Table(const CppSQLite3Table& rTable)
++{
++	mpaszResults = rTable.mpaszResults;
++	// Only one object can own the results
++	const_cast<CppSQLite3Table&>(rTable).mpaszResults = 0;
++	mnRows = rTable.mnRows;
++	mnCols = rTable.mnCols;
++	mnCurrentRow = rTable.mnCurrentRow;
++}
++
++CppSQLite3Table::CppSQLite3Table(char** paszResults, int nRows, int nCols)
++{
++	mpaszResults = paszResults;
++	mnRows = nRows;
++	mnCols = nCols;
++	mnCurrentRow = 0;
++}
++
++CppSQLite3Table::~CppSQLite3Table()
++{
++	try
++	{
++		finalize();
++	}
++	catch(...)
++	{
++	}
++}
++
++CppSQLite3Table& CppSQLite3Table::operator=(const CppSQLite3Table& rTable)
++{
++	try
++	{
++		finalize();
++	}
++	catch(...)
++	{
++	}
++	mpaszResults = rTable.mpaszResults;
++	// Only one object can own the results
++	const_cast<CppSQLite3Table&>(rTable).mpaszResults = 0;
++	mnRows = rTable.mnRows;
++	mnCols = rTable.mnCols;
++	mnCurrentRow = rTable.mnCurrentRow;
++	return *this;
++}
++
++void CppSQLite3Table::finalize()
++{
++	if(mpaszResults)
++	{
++		sqlite3_free_table(mpaszResults);
++		mpaszResults = 0;
++	}
++}
++
++int CppSQLite3Table::numFields()
++{
++	checkResults();
++	return mnCols;
++}
++
++int CppSQLite3Table::numRows()
++{
++	checkResults();
++	return mnRows;
++}
++
++const char* CppSQLite3Table::fieldValue(int nField)
++{
++	checkResults();
++
++	if(nField < 0 || nField > mnCols - 1)
++	{
++		throw CppSQLite3Exception(CPPSQLITE_ERROR, "Invalid field index requested", DONT_DELETE_MSG);
++	}
++
++	int nIndex = (mnCurrentRow* mnCols) + mnCols + nField;
++	return mpaszResults[nIndex];
++}
++
++const char* CppSQLite3Table::fieldValue(const char* szField)
++{
++	checkResults();
++
++	if(szField)
++	{
++		for(int nField = 0;nField < mnCols;nField++)
++		{
++			if(strcmp(szField, mpaszResults[nField]) == 0)
++			{
++				int nIndex = (mnCurrentRow* mnCols) + mnCols + nField;
++				return mpaszResults[nIndex];
++			}
++		}
++	}
++
++	throw CppSQLite3Exception(CPPSQLITE_ERROR, "Invalid field name requested", DONT_DELETE_MSG);
++}
++
++int CppSQLite3Table::getIntField(int nField, int nNullValue/*=0*/)
++{
++	if(fieldIsNull(nField))
++	{
++		return nNullValue;
++	}
++	else
++	{
++		return atoi(fieldValue(nField));
++	}
++}
++
++int CppSQLite3Table::getIntField(const char* szField, int nNullValue/*=0*/)
++{
++	if(fieldIsNull(szField))
++	{
++		return nNullValue;
++	}
++	else
++	{
++		return atoi(fieldValue(szField));
++	}
++}
++
++double CppSQLite3Table::getFloatField(int nField, double fNullValue/*=0.0*/)
++{
++	if(fieldIsNull(nField))
++	{
++		return fNullValue;
++	}
++	else
++	{
++		return atof(fieldValue(nField));
++	}
++}
++
++double CppSQLite3Table::getFloatField(const char* szField, double fNullValue/*=0.0*/)
++{
++	if(fieldIsNull(szField))
++	{
++		return fNullValue;
++	}
++	else
++	{
++		return atof(fieldValue(szField));
++	}
++}
++
++const char* CppSQLite3Table::getStringField(int nField, const char* szNullValue/*=""*/)
++{
++	if(fieldIsNull(nField))
++	{
++		return szNullValue;
++	}
++	else
++	{
++		return fieldValue(nField);
++	}
++}
++
++const char* CppSQLite3Table::getStringField(const char* szField, const char* szNullValue/*=""*/)
++{
++	if(fieldIsNull(szField))
++	{
++		return szNullValue;
++	}
++	else
++	{
++		return fieldValue(szField);
++	}
++}
++
++bool CppSQLite3Table::fieldIsNull(int nField)
++{
++	checkResults();
++	return (fieldValue(nField) == 0);
++}
++
++bool CppSQLite3Table::fieldIsNull(const char* szField)
++{
++	checkResults();
++	return (fieldValue(szField) == 0);
++}
++
++const char* CppSQLite3Table::fieldName(int nCol)
++{
++	checkResults();
++
++	if(nCol < 0 || nCol > mnCols - 1)
++	{
++		throw CppSQLite3Exception(CPPSQLITE_ERROR, "Invalid field index requested", DONT_DELETE_MSG);
++	}
++
++	return mpaszResults[nCol];
++}
++
++void CppSQLite3Table::setRow(int nRow)
++{
++	checkResults();
++
++	if(nRow < 0 || nRow > mnRows - 1)
++	{
++		throw CppSQLite3Exception(CPPSQLITE_ERROR, "Invalid row index requested", DONT_DELETE_MSG);
++	}
++
++	mnCurrentRow = nRow;
++}
++
++void CppSQLite3Table::checkResults()
++{
++	if(mpaszResults == 0)
++	{
++		throw CppSQLite3Exception(CPPSQLITE_ERROR, "Null Results pointer", DONT_DELETE_MSG);
++	}
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++CppSQLite3Statement::CppSQLite3Statement()
++{
++	mpDB = 0;
++	mpVM = 0;
++}
++
++CppSQLite3Statement::CppSQLite3Statement(const CppSQLite3Statement& rStatement)
++{
++	mpDB = rStatement.mpDB;
++	mpVM = rStatement.mpVM;
++	// Only one object can own VM
++	const_cast<CppSQLite3Statement&>(rStatement).mpVM = 0;
++}
++
++CppSQLite3Statement::CppSQLite3Statement(sqlite3* pDB, sqlite3_stmt* pVM)
++{
++	mpDB = pDB;
++	mpVM = pVM;
++}
++
++CppSQLite3Statement::~CppSQLite3Statement()
++{
++	try
++	{
++		finalize();
++	}
++	catch(...)
++	{
++	}
++}
++
++CppSQLite3Statement& CppSQLite3Statement::operator=(const CppSQLite3Statement& rStatement)
++{
++	mpDB = rStatement.mpDB;
++	mpVM = rStatement.mpVM;
++	// Only one object can own VM
++	const_cast<CppSQLite3Statement&>(rStatement).mpVM = 0;
++	return *this;
++}
++
++int CppSQLite3Statement::execDML()
++{
++	checkDB();
++	checkVM();
++
++	const char* szError = 0;
++
++	int nRet = sqlite3_step(mpVM);
++
++	if(nRet == SQLITE_DONE)
++	{
++		int nRowsChanged = sqlite3_changes(mpDB);
++
++		nRet = sqlite3_reset(mpVM);
++
++		if(nRet != SQLITE_OK)
++		{
++			szError = sqlite3_errmsg(mpDB);
++			throw CppSQLite3Exception(nRet, (char*)szError, DONT_DELETE_MSG);
++		}
++
++		return nRowsChanged;
++	}
++	else
++	{
++		nRet = sqlite3_reset(mpVM);
++		szError = sqlite3_errmsg(mpDB);
++		throw CppSQLite3Exception(nRet, (char*)szError, DONT_DELETE_MSG);
++	}
++}
++
++CppSQLite3Query CppSQLite3Statement::execQuery()
++{
++	checkDB();
++	checkVM();
++
++	int nRet = sqlite3_step(mpVM);
++
++	if(nRet == SQLITE_DONE)
++	{
++		// no rows
++		return CppSQLite3Query(mpDB, mpVM, true/*eof*/, false);
++	}
++	else if(nRet == SQLITE_ROW)
++	{
++		// at least 1 row
++		return CppSQLite3Query(mpDB, mpVM, false/*eof*/, false);
++	}
++	else
++	{
++		nRet = sqlite3_reset(mpVM);
++		const char* szError = sqlite3_errmsg(mpDB);
++		throw CppSQLite3Exception(nRet, (char*)szError, DONT_DELETE_MSG);
++	}
++}
++
++void CppSQLite3Statement::bind(int nParam, const char* szValue)
++{
++	checkVM();
++	int nRes = sqlite3_bind_text(mpVM, nParam, szValue, -1, SQLITE_TRANSIENT);
++
++	if(nRes != SQLITE_OK)
++	{
++		throw CppSQLite3Exception(nRes, "Error binding string param", DONT_DELETE_MSG);
++	}
++}
++
++void CppSQLite3Statement::bind(int nParam, const int nValue)
++{
++	checkVM();
++	int nRes = sqlite3_bind_int(mpVM, nParam, nValue);
++
++	if(nRes != SQLITE_OK)
++	{
++		throw CppSQLite3Exception(nRes, "Error binding int param", DONT_DELETE_MSG);
++	}
++}
++
++void CppSQLite3Statement::bind(int nParam, const double dValue)
++{
++	checkVM();
++	int nRes = sqlite3_bind_double(mpVM, nParam, dValue);
++
++	if(nRes != SQLITE_OK)
++	{
++		throw CppSQLite3Exception(nRes, "Error binding double param", DONT_DELETE_MSG);
++	}
++}
++
++void CppSQLite3Statement::bind(int nParam, const unsigned char* blobValue, int nLen)
++{
++	checkVM();
++	int nRes = sqlite3_bind_blob(mpVM, nParam, (const void*)blobValue, nLen, SQLITE_TRANSIENT);
++
++	if(nRes != SQLITE_OK)
++	{
++		throw CppSQLite3Exception(nRes, "Error binding blob param", DONT_DELETE_MSG);
++	}
++}
++
++void CppSQLite3Statement::bindNull(int nParam)
++{
++	checkVM();
++	int nRes = sqlite3_bind_null(mpVM, nParam);
++
++	if(nRes != SQLITE_OK)
++	{
++		throw CppSQLite3Exception(nRes, "Error binding NULL param", DONT_DELETE_MSG);
++	}
++}
++
++void CppSQLite3Statement::reset()
++{
++	if(mpVM)
++	{
++		int nRet = sqlite3_reset(mpVM);
++
++		if(nRet != SQLITE_OK)
++		{
++			const char* szError = sqlite3_errmsg(mpDB);
++			throw CppSQLite3Exception(nRet, (char*)szError, DONT_DELETE_MSG);
++		}
++	}
++}
++
++void CppSQLite3Statement::finalize()
++{
++	if(mpVM)
++	{
++		int nRet = sqlite3_finalize(mpVM);
++		mpVM = 0;
++
++		if(nRet != SQLITE_OK)
++		{
++			const char* szError = sqlite3_errmsg(mpDB);
++			throw CppSQLite3Exception(nRet, (char*)szError, DONT_DELETE_MSG);
++		}
++	}
++}
++
++void CppSQLite3Statement::checkDB()
++{
++	if(mpDB == 0)
++	{
++		throw CppSQLite3Exception(CPPSQLITE_ERROR, "Database not open", DONT_DELETE_MSG);
++	}
++}
++
++void CppSQLite3Statement::checkVM()
++{
++	if(mpVM == 0)
++	{
++		throw CppSQLite3Exception(CPPSQLITE_ERROR, "Null Virtual Machine pointer", DONT_DELETE_MSG);
++	}
++}
++
++////////////////////////////////////////////////////////////////////////////////
++
++CppSQLite3DB::CppSQLite3DB()
++{
++	mpDB = 0;
++	mnBusyTimeoutMs = 60000; // 60 seconds
++}
++
++CppSQLite3DB::CppSQLite3DB(const CppSQLite3DB& db)
++{
++	mpDB = db.mpDB;
++	mnBusyTimeoutMs = 60000; // 60 seconds
++}
++
++CppSQLite3DB::~CppSQLite3DB()
++{
++	Close();
++}
++
++CppSQLite3DB& CppSQLite3DB::operator=(const CppSQLite3DB& db)
++{
++	mpDB = db.mpDB;
++	mnBusyTimeoutMs = 60000; // 60 seconds
++	return *this;
++}
++
++void CppSQLite3DB::Open(const char* szFile)
++{
++	int nRet = sqlite3_open(szFile, &mpDB);
++
++	if(nRet != SQLITE_OK)
++	{
++		const char* szError = sqlite3_errmsg(mpDB);
++		throw CppSQLite3Exception(nRet, (char*)szError, DONT_DELETE_MSG);
++	}
++
++	setBusyTimeout(mnBusyTimeoutMs);
++}
++
++void CppSQLite3DB::Close()
++{
++	if(mpDB)
++	{
++		sqlite3_close(mpDB);
++		mpDB = 0;
++	}
++}
++
++CppSQLite3Statement CppSQLite3DB::compileStatement(const char* szSQL)
++{
++	checkDB();
++
++	sqlite3_stmt* pVM = compile(szSQL);
++	return CppSQLite3Statement(mpDB, pVM);
++}
++
++bool CppSQLite3DB::tableExists(const char* szTable)
++{
++	char szSQL[128];
++	sprintf(szSQL, "select count(*) from sqlite_master where type='table' and name='%s'", szTable);
++	int nRet = execScalar(szSQL);
++	return (nRet > 0);
++}
++
++int CppSQLite3DB::execDML(const char* szSQL)
++{
++	checkDB();
++
++	char* szError = 0;
++
++	int nRet = sqlite3_exec(mpDB, szSQL, 0, 0, &szError);
++
++	if(nRet == SQLITE_OK)
++	{
++		return sqlite3_changes(mpDB);
++	}
++	else
++	{
++		throw CppSQLite3Exception(nRet, szError);
++	}
++}
++
++CppSQLite3Query CppSQLite3DB::execQuery(const char* szSQL)
++{
++	checkDB();
++
++	sqlite3_stmt* pVM = compile(szSQL);
++
++	int nRet = sqlite3_step(pVM);
++
++	if(nRet == SQLITE_DONE)
++	{
++		// no rows
++		return CppSQLite3Query(mpDB, pVM, true/*eof*/);
++	}
++	else if(nRet == SQLITE_ROW)
++	{
++		// at least 1 row
++		return CppSQLite3Query(mpDB, pVM, false/*eof*/);
++	}
++	else
++	{
++		nRet = sqlite3_finalize(pVM);
++		const char* szError = sqlite3_errmsg(mpDB);
++		throw CppSQLite3Exception(nRet, (char*)szError, DONT_DELETE_MSG);
++	}
++}
++
++int CppSQLite3DB::execScalar(const char* szSQL)
++{
++	CppSQLite3Query q = execQuery(szSQL);
++
++	if(q.eof() || q.numFields() < 1)
++	{
++		throw CppSQLite3Exception(CPPSQLITE_ERROR, "Invalid scalar query", DONT_DELETE_MSG);
++	}
++
++	return atoi(q.fieldValue(0));
++}
++
++CppSQLite3Table CppSQLite3DB::getTable(const char* szSQL)
++{
++	checkDB();
++
++	char* szError = 0;
++	char** paszResults = 0;
++	int nRet;
++	int nRows(0);
++	int nCols(0);
++
++	nRet = sqlite3_get_table(mpDB, szSQL, &paszResults, &nRows, &nCols, &szError);
++
++	if(nRet == SQLITE_OK)
++	{
++		return CppSQLite3Table(paszResults, nRows, nCols);
++	}
++	else
++	{
++		throw CppSQLite3Exception(nRet, szError);
++	}
++}
++
++sqlite_int64 CppSQLite3DB::lastRowId()
++{
++	return sqlite3_last_insert_rowid(mpDB);
++}
++
++void CppSQLite3DB::setBusyTimeout(int nMillisecs)
++{
++	mnBusyTimeoutMs = nMillisecs;
++	sqlite3_busy_timeout(mpDB, mnBusyTimeoutMs);
++}
++
++void CppSQLite3DB::checkDB()
++{
++	if(!mpDB)
++	{
++		throw CppSQLite3Exception(CPPSQLITE_ERROR, "Database not open", DONT_DELETE_MSG);
++	}
++}
++
++sqlite3_stmt* CppSQLite3DB::compile(const char* szSQL)
++{
++	checkDB();
++
++	char* szError = 0;
++	const char* szTail = 0;
++	sqlite3_stmt* pVM;
++
++	int nRet = sqlite3_prepare(mpDB, szSQL, -1, &pVM, &szTail);
++
++	if(nRet != SQLITE_OK)
++	{
++		throw CppSQLite3Exception(nRet, szError);
++	}
++
++	return pVM;
++}
++
++////////////////////////////////////////////////////////////////////////////////
++// SQLite encode.c reproduced here, containing implementation notes and source
++// for sqlite3_encode_binary() and sqlite3_decode_binary()
++////////////////////////////////////////////////////////////////////////////////
++
++/*
++** 2002 April 25
++**
++** The author disclaims copyright to this source code.  In place of
++** a legal notice, here is a blessing:
++**
++**    May you do good and not evil.
++**    May you find forgiveness for yourself and forgive others.
++**    May you share freely, never taking more than you give.
++**
++*************************************************************************
++** This file contains helper routines used to translate binary data into
++** a null-terminated string (suitable for use in SQLite) and back again.
++** These are convenience routines for use by people who want to store binary
++** data in an SQLite database.  The code in this file is not used by any other
++** part of the SQLite library.
++**
++** $Id: encode.c,v 1.10 2004/01/14 21:59:23 drh Exp $
++*/
++
++/*
++** How This Encoder Works
++**
++** The output is allowed to contain any character except 0x27 (') and
++** 0x00.  This is accomplished by using an escape character to encode
++** 0x27 and 0x00 as a two-byte sequence.  The escape character is always
++** 0x01.  An 0x00 is encoded as the two byte sequence 0x01 0x01.  The
++** 0x27 character is encoded as the two byte sequence 0x01 0x03.  Finally,
++** the escape character itself is encoded as the two-character sequence
++** 0x01 0x02.
++**
++** To summarize, the encoder works by using an escape sequences as follows:
++**
++**  	 0x00  ->  0x01 0x01
++**  	 0x01  ->  0x01 0x02
++**  	 0x27  ->  0x01 0x03
++**
++** If that were all the encoder did, it would work, but in certain cases
++** it could double the size of the encoded string.  For example, to
++** encode a string of 100 0x27 characters would require 100 instances of
++** the 0x01 0x03 escape sequence resulting in a 200-character output.
++** We would prefer to keep the size of the encoded string smaller than
++** this.
++**
++** To minimize the encoding size, we first add a fixed offset value to each
++** byte in the sequence.  The addition is modulo 256.  (That is to say, if
++** the sum of the original character value and the offset exceeds 256, then
++** the higher order bits are truncated.)  The offset is chosen to minimize
++** the number of characters in the string that need to be escaped.  For
++** example, in the case above where the string was composed of 100 0x27
++** characters, the offset might be 0x01.  Each of the 0x27 characters would
++** then be converted into an 0x28 character which would not need to be
++** escaped at all and so the 100 character input string would be converted
++** into just 100 characters of output.  Actually 101 characters of output -
++** we have to record the offset used as the first byte in the sequence so
++** that the string can be decoded.  Since the offset value is stored as
++** part of the output string and the output string is not allowed to contain
++** characters 0x00 or 0x27, the offset cannot be 0x00 or 0x27.
++**
++** Here, then, are the encoding steps:
++**
++**     (1)   Choose an offset value and make it the first character of
++**  		 output.
++**
++**     (2)   Copy each input character into the output buffer, one by
++**  		 one, adding the offset value as you copy.
++**
++**     (3)   If the value of an input character plus offset is 0x00, replace
++**  		 that one character by the two-character sequence 0x01 0x01.
++**  		 If the sum is 0x01, replace it with 0x01 0x02.  If the sum
++**  		 is 0x27, replace it with 0x01 0x03.
++**
++**     (4)   Put a 0x00 terminator at the end of the output.
++**
++** Decoding is obvious:
++**
++**     (5)   Copy encoded characters except the first into the decode
++**  		 buffer.  Set the first encoded character aside for use as
++**  		 the offset in step 7 below.
++**
++**     (6)   Convert each 0x01 0x01 sequence into a single character 0x00.
++**  		 Convert 0x01 0x02 into 0x01.  Convert 0x01 0x03 into 0x27.
++**
++**     (7)   Subtract the offset value that was the first character of
++**  		 the encoded buffer from all characters in the output buffer.
++**
++** The only tricky part is step (1) - how to compute an offset value to
++** minimize the size of the output buffer.  This is accomplished by testing
++** all offset values and picking the one that results in the fewest number
++** of escapes.  To do that, we first scan the entire input and count the
++** number of occurances of each character value in the input.  Suppose
++** the number of 0x00 characters is N(0), the number of occurances of 0x01
++** is N(1), and so forth up to the number of occurances of 0xff is N(255).
++** An offset of 0 is not allowed so we don't have to test it.  The number
++** of escapes required for an offset of 1 is N(1)+N(2)+N(40).  The number
++** of escapes required for an offset of 2 is N(2)+N(3)+N(41).  And so forth.
++** In this way we find the offset that gives the minimum number of escapes,
++** and thus minimizes the length of the output string.
++*/
++
++/*
++** Encode a binary buffer "in" of size n bytes so that it contains
++** no instances of characters '\'' or '\000'.  The output is
++** null-terminated and can be used as a string value in an INSERT
++** or UPDATE statement.  Use sqlite3_decode_binary() to convert the
++** string back into its original binary.
++**
++** The result is written into a preallocated output buffer "out".
++** "out" must be able to hold at least 2 +(257*n)/254 bytes.
++** In other words, the output will be expanded by as much as 3
++** bytes for every 254 bytes of input plus 2 bytes of fixed overhead.
++** (This is approximately 2 + 1.0118*n or about a 1.2% size increase.)
++**
++** The return value is the number of characters in the encoded
++** string, excluding the "\000" terminator.
++*/
++int sqlite3_encode_binary(const unsigned char* in, int n, unsigned char* out)
++{
++	int i = 0;
++	int j = 0;
++	int e = 0;
++	int m = 0;
++
++	int cnt[256];
++
++	if(n <= 0)
++	{
++		out[0] = 'x';
++		out[1] = 0;
++		return 1;
++	}
++	memset(cnt, 0, sizeof(cnt));
++	for(i = n - 1;i >= 0;i--)
++	{
++		cnt[in[i]]++;
++	}
++	m = n;
++	for(i = 1;i < 256;i++)
++	{
++		int sum;
++		if(i == '\'')
++			continue;
++		sum = cnt[i] + cnt[(i + 1) & 0xff] + cnt[(i + '\'') & 0xff];
++		if(sum < m)
++		{
++			m = sum;
++			e = i;
++			if(m == 0)
++				break;
++		}
++	}
++	out[0] = e;
++	j = 1;
++	for(i = 0;i < n;i++)
++	{
++		int c = (in[i] - e) & 0xff;
++		if(c == 0)
++		{
++			out[j++] = 1;
++			out[j++] = 1;
++		}
++		else if(c == 1)
++		{
++			out[j++] = 1;
++			out[j++] = 2;
++		}
++		else if(c == '\'')
++		{
++			out[j++] = 1;
++			out[j++] = 3;
++		}
++		else
++		{
++			out[j++] = c;
++		}
++	}
++	out[j] = 0;
++	return j;
++}
++
++/*
++** Decode the string "in" into binary data and write it into "out".
++** This routine reverses the encoding created by sqlite3_encode_binary().
++** The output will always be a few bytes less than the input.  The number
++** of bytes of output is returned.  If the input is not a well-formed
++** encoding, -1 is returned.
++**
++** The "in" and "out" parameters may point to the same buffer in order
++** to decode a string in place.
++*/
++int sqlite3_decode_binary(const unsigned char* in, unsigned char* out)
++{
++	int i = 0;
++	int c = 0;
++	int e = 0;
++
++	e = *(in++);
++	i = 0;
++	while((c = *(in++)) != 0)
++	{
++		if(c == 1)
++		{
++			c = *(in++);
++			if(c == 1)
++			{
++				c = 0;
++			}
++			else if(c == 2)
++			{
++				c = 1;
++			}
++			else if(c == 3)
++			{
++				c = '\'';
++			}
++			else
++			{
++				return -1;
++			}
++		}
++		out[i++] = (c + e) & 0xff;
++	}
++	return i;
++}
 === added file 'common/CppSQLite3.h'
 --- common/CppSQLite3.h	1970-01-01 00:00:00 +0000
 +++ common/CppSQLite3.h	2011-11-23 01:01:25 +0000
@@ -0,0 +1,270 @@
++#pragma once
++
++#include "sqlite3.h"
++#include <cstdio>
++#include <cstring>
++
++#define CPPSQLITE_ERROR 1000
++
++class CppSQLite3Exception
++{
++public:
++
++    CppSQLite3Exception(const int nErrCode,
++                    char* szErrMess,
++                    bool bDeleteMsg=true);
++
++    CppSQLite3Exception(const CppSQLite3Exception&  e);
++
++    virtual ~CppSQLite3Exception();
++
++    const int errorCode() { return mnErrCode; }
++
++    const char* errorMessage() { return mpszErrMess; }
++
++    static const char* errorCodeAsString(int nErrCode);
++
++private:
++
++    int mnErrCode;
++    char* mpszErrMess;
++};
++
++class CppSQLite3Buffer
++{
++public:
++
++    CppSQLite3Buffer();
++
++    ~CppSQLite3Buffer();
++
++    const char* format(const char* szFormat, ...);
++
++    operator const char*() { return mpBuf; }
++
++    void clear();
++
++private:
++
++    char* mpBuf;
++};
++
++class CppSQLite3Binary
++{
++public:
++
++    CppSQLite3Binary();
++
++    ~CppSQLite3Binary();
++
++    void setBinary(const unsigned char* pBuf, int nLen);
++    void setEncoded(const unsigned char* pBuf);
++
++    const unsigned char* getEncoded();
++    const unsigned char* getBinary();
++
++    int getBinaryLength();
++
++    unsigned char* allocBuffer(int nLen);
++
++    void clear();
++
++private:
++
++    unsigned char* mpBuf;
++    int mnBinaryLen;
++    int mnBufferLen;
++    int mnEncodedLen;
++    bool mbEncoded;
++};
++
++class CppSQLite3Query
++{
++public:
++
++    CppSQLite3Query();
++
++    CppSQLite3Query(const CppSQLite3Query& rQuery);
++
++    CppSQLite3Query(sqlite3* pDB,
++				sqlite3_stmt* pVM,
++                bool bEof,
++                bool bOwnVM=true);
++
++    CppSQLite3Query& operator=(const CppSQLite3Query& rQuery);
++
++    virtual ~CppSQLite3Query();
++
++    int numFields();
++
++    int fieldIndex(const char* szField);
++    const char* fieldName(int nCol);
++
++    const char* fieldDeclType(int nCol);
++    int fieldDataType(int nCol);
++
++    const char* fieldValue(int nField);
++    const char* fieldValue(const char* szField);
++
++    int getIntField(int nField, int nNullValue=0);
++    int getIntField(const char* szField, int nNullValue=0);
++
++    double getFloatField(int nField, double fNullValue=0.0);
++    double getFloatField(const char* szField, double fNullValue=0.0);
++
++    const char* getStringField(int nField, const char* szNullValue="");
++    const char* getStringField(const char* szField, const char* szNullValue="");
++
++    const unsigned char* getBlobField(int nField, int& nLen);
++    const unsigned char* getBlobField(const char* szField, int& nLen);
++
++    bool fieldIsNull(int nField);
++    bool fieldIsNull(const char* szField);
++
++    bool eof();
++
++    void nextRow();
++
++    void finalize();
++
++private:
++
++    void checkVM();
++
++	sqlite3* mpDB;
++    sqlite3_stmt* mpVM;
++    bool mbEof;
++    int mnCols;
++    bool mbOwnVM;
++};
++
++class CppSQLite3Table
++{
++public:
++
++    CppSQLite3Table();
++
++    CppSQLite3Table(const CppSQLite3Table& rTable);
++
++    CppSQLite3Table(char** paszResults, int nRows, int nCols);
++
++    virtual ~CppSQLite3Table();
++
++    CppSQLite3Table& operator=(const CppSQLite3Table& rTable);
++
++    int numFields();
++
++    int numRows();
++
++    const char* fieldName(int nCol);
++
++    const char* fieldValue(int nField);
++    const char* fieldValue(const char* szField);
++
++    int getIntField(int nField, int nNullValue=0);
++    int getIntField(const char* szField, int nNullValue=0);
++
++    double getFloatField(int nField, double fNullValue=0.0);
++    double getFloatField(const char* szField, double fNullValue=0.0);
++
++    const char* getStringField(int nField, const char* szNullValue="");
++    const char* getStringField(const char* szField, const char* szNullValue="");
++
++    bool fieldIsNull(int nField);
++    bool fieldIsNull(const char* szField);
++
++    void setRow(int nRow);
++
++    void finalize();
++
++private:
++
++    void checkResults();
++
++    int mnCols;
++    int mnRows;
++    int mnCurrentRow;
++    char** mpaszResults;
++};
++
++class CppSQLite3Statement
++{
++public:
++
++    CppSQLite3Statement();
++
++    CppSQLite3Statement(const CppSQLite3Statement& rStatement);
++
++    CppSQLite3Statement(sqlite3* pDB, sqlite3_stmt* pVM);
++
++    virtual ~CppSQLite3Statement();
++
++    CppSQLite3Statement& operator=(const CppSQLite3Statement& rStatement);
++
++    int execDML();
++
++    CppSQLite3Query execQuery();
++
++    void bind(int nParam, const char* szValue);
++    void bind(int nParam, const int nValue);
++    void bind(int nParam, const double dwValue);
++    void bind(int nParam, const unsigned char* blobValue, int nLen);
++    void bindNull(int nParam);
++
++    void reset();
++
++    void finalize();
++
++private:
++
++    void checkDB();
++    void checkVM();
++
++    sqlite3* mpDB;
++    sqlite3_stmt* mpVM;
++};
++
++class CppSQLite3DB
++{
++public:
++
++    CppSQLite3DB();
++
++    virtual ~CppSQLite3DB();
++
++    void Open(const char* szFile);
++
++    void Close();
++
++	bool tableExists(const char* szTable);
++
++    int execDML(const char* szSQL);
++
++    CppSQLite3Query execQuery(const char* szSQL);
++
++    int execScalar(const char* szSQL);
++
++    CppSQLite3Table getTable(const char* szSQL);
++
++    CppSQLite3Statement compileStatement(const char* szSQL);
++
++    sqlite_int64 lastRowId();
++
++    void interrupt() { sqlite3_interrupt(mpDB); }
++
++    void setBusyTimeout(int nMillisecs);
++
++    static const char* SQLiteVersion() { return SQLITE_VERSION; }
++
++private:
++
++    CppSQLite3DB(const CppSQLite3DB& db);
++    CppSQLite3DB& operator=(const CppSQLite3DB& db);
++
++    sqlite3_stmt* compile(const char* szSQL);
++
++    void checkDB();
++
++    sqlite3* mpDB;
++    int mnBusyTimeoutMs;
++};
 === added file 'common/SHA1.cpp'
 --- common/SHA1.cpp	1970-01-01 00:00:00 +0000
 +++ common/SHA1.cpp	2011-11-23 01:01:25 +0000
@@ -0,0 +1,282 @@
++/*
++	100% free public domain implementation of the SHA-1 algorithm
++	by Dominik Reichl <dominik.reichl@t-online.de>
++	Web: http://www.dominik-reichl.de/
++
++	Version 1.6 - 2005-02-07 (thanks to Howard Kapustein for patches)
++	- You can set the endianness in your files, no need to modify the
++	  header file of the CSHA1 class any more
++	- Aligned data support
++	- Made support/compilation of the utility functions (ReportHash
++	  and HashFile) optional (useful, if bytes count, for example in
++	  embedded environments)
++
++	Version 1.5 - 2005-01-01
++	- 64-bit compiler compatibility added
++	- Made variable wiping optional (define SHA1_WIPE_VARIABLES)
++	- Removed unnecessary variable initializations
++	- ROL32 improvement for the Microsoft compiler (using _rotl)
++
++	======== Test Vectors (from FIPS PUB 180-1) ========
++
++	SHA1("abc") =
++		A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D
++
++	SHA1("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq") =
++		84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1
++
++	SHA1(A million repetitions of "a") =
++		34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F
++*/
++
++#include "SHA1.h"
++
++#ifdef SHA1_UTILITY_FUNCTIONS
++#define SHA1_MAX_FILE_BUFFER 8000
++#endif
++
++// Rotate x bits to the left
++#ifndef ROL32
++#ifdef _MSC_VER
++#define ROL32(_val32, _nBits) _rotl(_val32, _nBits)
++#else
++#define ROL32(_val32, _nBits) (((_val32)<<(_nBits))|((_val32)>>(32-(_nBits))))
++#endif
++#endif
++
++#ifdef SHA1_LITTLE_ENDIAN
++#define SHABLK0(i) (m_block->l[i] = \
++	(ROL32(m_block->l[i],24) & 0xFF00FF00) | (ROL32(m_block->l[i],8) & 0x00FF00FF))
++#else
++#define SHABLK0(i) (m_block->l[i])
++#endif
++
++#define SHABLK(i) (m_block->l[i&15] = ROL32(m_block->l[(i+13)&15] ^ m_block->l[(i+8)&15] \
++	^ m_block->l[(i+2)&15] ^ m_block->l[i&15],1))
++
++// SHA-1 rounds
++#define _R0(v,w,x,y,z,i) { z+=((w&(x^y))^y)+SHABLK0(i)+0x5A827999+ROL32(v,5); w=ROL32(w,30); }
++#define _R1(v,w,x,y,z,i) { z+=((w&(x^y))^y)+SHABLK(i)+0x5A827999+ROL32(v,5); w=ROL32(w,30); }
++#define _R2(v,w,x,y,z,i) { z+=(w^x^y)+SHABLK(i)+0x6ED9EBA1+ROL32(v,5); w=ROL32(w,30); }
++#define _R3(v,w,x,y,z,i) { z+=(((w|x)&y)|(w&x))+SHABLK(i)+0x8F1BBCDC+ROL32(v,5); w=ROL32(w,30); }
++#define _R4(v,w,x,y,z,i) { z+=(w^x^y)+SHABLK(i)+0xCA62C1D6+ROL32(v,5); w=ROL32(w,30); }
++
++CSHA1::CSHA1()
++{
++	m_block = (SHA1_WORKSPACE_BLOCK *)m_workspace;
++
++	Reset();
++}
++
++CSHA1::~CSHA1()
++{
++	Reset();
++}
++
++void CSHA1::Reset()
++{
++	// SHA1 initialization constants
++	m_state[0] = 0x67452301;
++	m_state[1] = 0xEFCDAB89;
++	m_state[2] = 0x98BADCFE;
++	m_state[3] = 0x10325476;
++	m_state[4] = 0xC3D2E1F0;
++
++	m_count[0] = 0;
++	m_count[1] = 0;
++}
++
++void CSHA1::Transform(UINT_32* state, UINT_8* buffer)
++{
++	// Copy state[] to working vars
++	UINT_32 a = state[0], b = state[1], c = state[2], d = state[3], e = state[4];
++
++	memcpy(m_block, buffer, 64);
++
++	// 4 rounds of 20 operations each. Loop unrolled.
++	_R0(a, b, c, d, e, 0); _R0(e, a, b, c, d, 1); _R0(d, e, a, b, c, 2); _R0(c, d, e, a, b, 3);
++	_R0(b, c, d, e, a, 4); _R0(a, b, c, d, e, 5); _R0(e, a, b, c, d, 6); _R0(d, e, a, b, c, 7);
++	_R0(c, d, e, a, b, 8); _R0(b, c, d, e, a, 9); _R0(a, b, c, d, e, 10); _R0(e, a, b, c, d, 11);
++	_R0(d, e, a, b, c, 12); _R0(c, d, e, a, b, 13); _R0(b, c, d, e, a, 14); _R0(a, b, c, d, e, 15);
++	_R1(e, a, b, c, d, 16); _R1(d, e, a, b, c, 17); _R1(c, d, e, a, b, 18); _R1(b, c, d, e, a, 19);
++	_R2(a, b, c, d, e, 20); _R2(e, a, b, c, d, 21); _R2(d, e, a, b, c, 22); _R2(c, d, e, a, b, 23);
++	_R2(b, c, d, e, a, 24); _R2(a, b, c, d, e, 25); _R2(e, a, b, c, d, 26); _R2(d, e, a, b, c, 27);
++	_R2(c, d, e, a, b, 28); _R2(b, c, d, e, a, 29); _R2(a, b, c, d, e, 30); _R2(e, a, b, c, d, 31);
++	_R2(d, e, a, b, c, 32); _R2(c, d, e, a, b, 33); _R2(b, c, d, e, a, 34); _R2(a, b, c, d, e, 35);
++	_R2(e, a, b, c, d, 36); _R2(d, e, a, b, c, 37); _R2(c, d, e, a, b, 38); _R2(b, c, d, e, a, 39);
++	_R3(a, b, c, d, e, 40); _R3(e, a, b, c, d, 41); _R3(d, e, a, b, c, 42); _R3(c, d, e, a, b, 43);
++	_R3(b, c, d, e, a, 44); _R3(a, b, c, d, e, 45); _R3(e, a, b, c, d, 46); _R3(d, e, a, b, c, 47);
++	_R3(c, d, e, a, b, 48); _R3(b, c, d, e, a, 49); _R3(a, b, c, d, e, 50); _R3(e, a, b, c, d, 51);
++	_R3(d, e, a, b, c, 52); _R3(c, d, e, a, b, 53); _R3(b, c, d, e, a, 54); _R3(a, b, c, d, e, 55);
++	_R3(e, a, b, c, d, 56); _R3(d, e, a, b, c, 57); _R3(c, d, e, a, b, 58); _R3(b, c, d, e, a, 59);
++	_R4(a, b, c, d, e, 60); _R4(e, a, b, c, d, 61); _R4(d, e, a, b, c, 62); _R4(c, d, e, a, b, 63);
++	_R4(b, c, d, e, a, 64); _R4(a, b, c, d, e, 65); _R4(e, a, b, c, d, 66); _R4(d, e, a, b, c, 67);
++	_R4(c, d, e, a, b, 68); _R4(b, c, d, e, a, 69); _R4(a, b, c, d, e, 70); _R4(e, a, b, c, d, 71);
++	_R4(d, e, a, b, c, 72); _R4(c, d, e, a, b, 73); _R4(b, c, d, e, a, 74); _R4(a, b, c, d, e, 75);
++	_R4(e, a, b, c, d, 76); _R4(d, e, a, b, c, 77); _R4(c, d, e, a, b, 78); _R4(b, c, d, e, a, 79);
++
++	// Add the working vars back into state
++	state[0] += a;
++	state[1] += b;
++	state[2] += c;
++	state[3] += d;
++	state[4] += e;
++
++	// Wipe variables
++#ifdef SHA1_WIPE_VARIABLES
++	a = b = c = d = e = 0;
++#endif
++}
++
++// Use this function to hash in binary data and strings
++void CSHA1::Update(UINT_8* data, UINT_32 len)
++{
++	UINT_32 i, j;
++
++	j = (m_count[0] >> 3) & 63;
++
++	if((m_count[0] += len << 3) < (len << 3))
++		m_count[1]++;
++
++	m_count[1] += (len >> 29);
++
++	if((j + len) > 63)
++	{
++		i = 64 - j;
++		memcpy(&m_buffer[j], data, i);
++		Transform(m_state, m_buffer);
++
++		for(;i + 63 < len;i += 64)
++			Transform(m_state, &data[i]);
++
++		j = 0;
++	}
++	else
++		i = 0;
++
++	memcpy(&m_buffer[j], &data[i], len - i);
++}
++
++#ifdef SHA1_UTILITY_FUNCTIONS
++// Hash in file contents
++bool CSHA1::HashFile(char* szFileName)
++{
++	unsigned long ulFileSize, ulRest, ulBlocks;
++	unsigned long i;
++	UINT_8 uData[SHA1_MAX_FILE_BUFFER];
++	FILE* fIn;
++
++	if(szFileName == NULL)
++		return false;
++
++	fIn = fopen(szFileName, "rb");
++	if(fIn == NULL)
++		return false;
++
++	fseek(fIn, 0, SEEK_END);
++	ulFileSize = (unsigned long)ftell(fIn);
++	fseek(fIn, 0, SEEK_SET);
++
++	if(ulFileSize != 0)
++	{
++		ulBlocks = ulFileSize / SHA1_MAX_FILE_BUFFER;
++		ulRest = ulFileSize % SHA1_MAX_FILE_BUFFER;
++	}
++	else
++	{
++		ulBlocks = 0;
++		ulRest = 0;
++	}
++
++	for(i = 0;i < ulBlocks;i++)
++	{
++		fread(uData, 1, SHA1_MAX_FILE_BUFFER, fIn);
++		Update((UINT_8 *)uData, SHA1_MAX_FILE_BUFFER);
++	}
++
++	if(ulRest != 0)
++	{
++		fread(uData, 1, ulRest, fIn);
++		Update((UINT_8 *)uData, ulRest);
++	}
++
++	fclose(fIn); fIn = NULL;
++	return true;
++}
++
++#endif
++
++void CSHA1::Final()
++{
++	UINT_32 i;
++	UINT_8 finalcount[8];
++
++	for(i = 0;i < 8;i++)
++		finalcount[i] = (UINT_8)((m_count[((i >= 4) ? 0 : 1)] >> ((3 - (i & 3)) * 8)) & 255); // Endian independent
++
++	Update((UINT_8 *)"\200", 1);
++
++	while((m_count[0] & 504) != 448)
++		Update((UINT_8 *)"\0", 1);
++
++	Update(finalcount, 8); // Cause a SHA1Transform()
++
++	for(i = 0;i < 20;i++)
++	{
++		m_digest[i] = (UINT_8)((m_state[i >> 2] >> ((3 - (i & 3)) * 8)) & 255);
++	}
++
++	// Wipe variables for security reasons
++#ifdef SHA1_WIPE_VARIABLES
++	i = 0;
++	memset(m_buffer, 0, 64);
++	memset(m_state, 0, 20);
++	memset(m_count, 0, 8);
++	memset(finalcount, 0, 8);
++	Transform(m_state, m_buffer);
++#endif
++}
++
++#ifdef SHA1_UTILITY_FUNCTIONS
++// Get the final hash as a pre-formatted string
++void CSHA1::ReportHash(char* szReport, unsigned char uReportType)
++{
++	unsigned char i;
++	char szTemp[16];
++
++	if(szReport == NULL)
++		return;
++
++	if(uReportType == REPORT_HEX)
++	{
++		sprintf(szTemp, "%02X", m_digest[0]);
++		strcat(szReport, szTemp);
++
++		for(i = 1;i < 20;i++)
++		{
++			sprintf(szTemp, " %02X", m_digest[i]);
++			strcat(szReport, szTemp);
++		}
++	}
++	else if(uReportType == REPORT_DIGIT)
++	{
++		sprintf(szTemp, "%u", m_digest[0]);
++		strcat(szReport, szTemp);
++
++		for(i = 1;i < 20;i++)
++		{
++			sprintf(szTemp, " %u", m_digest[i]);
++			strcat(szReport, szTemp);
++		}
++	}
++	else
++		strcpy(szReport, "Error: Unknown report type!");
++}
++
++#endif
++
++// Get the raw message digest
++void CSHA1::GetHash(UINT_8* puDest)
++{
++	memcpy(puDest, m_digest, 20);
++}
 === added file 'common/SHA1.h'
 --- common/SHA1.h	1970-01-01 00:00:00 +0000
 +++ common/SHA1.h	2011-11-23 01:01:25 +0000
@@ -0,0 +1,150 @@
++/*
++	100% free public domain implementation of the SHA-1 algorithm
++	by Dominik Reichl <dominik.reichl@t-online.de>
++	Web: http://www.dominik-reichl.de/
++
++	Version 1.6 - 2005-02-07 (thanks to Howard Kapustein for patches)
++	- You can set the endianness in your files, no need to modify the
++	  header file of the CSHA1 class any more
++	- Aligned data support
++	- Made support/compilation of the utility functions (ReportHash
++	  and HashFile) optional (useful, if bytes count, for example in
++	  embedded environments)
++
++	Version 1.5 - 2005-01-01
++	- 64-bit compiler compatibility added
++	- Made variable wiping optional (define SHA1_WIPE_VARIABLES)
++	- Removed unnecessary variable initializations
++	- ROL32 improvement for the Microsoft compiler (using _rotl)
++
++	======== Test Vectors (from FIPS PUB 180-1) ========
++
++	SHA1("abc") =
++		A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D
++
++	SHA1("abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq") =
++		84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1
++
++	SHA1(A million repetitions of "a") =
++		34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F
++*/
++
++#ifndef ___SHA1_HDR___
++#define ___SHA1_HDR___
++
++#if !defined(SHA1_UTILITY_FUNCTIONS) && !defined(SHA1_NO_UTILITY_FUNCTIONS)
++#define SHA1_UTILITY_FUNCTIONS
++#endif
++
++#include <memory.h> // Needed for memset and memcpy
++
++#ifdef SHA1_UTILITY_FUNCTIONS
++#include <stdio.h>  // Needed for file access and sprintf
++#include <string.h> // Needed for strcat and strcpy
++#endif
++
++#ifdef _MSC_VER
++#include <stdlib.h>
++#endif
++
++// You can define the endian mode in your files, without modifying the SHA1
++// source files. Just #define SHA1_LITTLE_ENDIAN or #define SHA1_BIG_ENDIAN
++// in your files, before including the SHA1.h header file. If you don't
++// define anything, the class defaults to little endian.
++
++#if !defined(SHA1_LITTLE_ENDIAN) && !defined(SHA1_BIG_ENDIAN)
++#define SHA1_LITTLE_ENDIAN
++#endif
++
++// Same here. If you want variable wiping, #define SHA1_WIPE_VARIABLES, if
++// not, #define SHA1_NO_WIPE_VARIABLES. If you don't define anything, it
++// defaults to wiping.
++
++#if !defined(SHA1_WIPE_VARIABLES) && !defined(SHA1_NO_WIPE_VARIABLES)
++#define SHA1_WIPE_VARIABLES
++#endif
++
++/////////////////////////////////////////////////////////////////////////////
++// Define 8- and 32-bit variables
++
++#ifndef UINT_32
++
++#ifdef _MSC_VER
++
++#define UINT_8  unsigned __int8
++#define UINT_32 unsigned __int32
++
++#else
++
++#define UINT_8 unsigned char
++/*AFF
++#if (ULONG_MAX == 0xFFFFFFFF)
++#define UINT_32 unsigned long
++#else
++#define UINT_32 unsigned int
++#endif
++*/
++#define UINT_32 unsigned int
++
++#endif
++#endif
++
++/////////////////////////////////////////////////////////////////////////////
++// Declare SHA1 workspace
++
++typedef union
++{
++	UINT_8	c[64];
++	UINT_32	l[16];
++} SHA1_WORKSPACE_BLOCK;
++
++class CSHA1
++{
++public:
++#ifdef SHA1_UTILITY_FUNCTIONS
++	// Two different formats for ReportHash(...)
++	enum
++	{
++		REPORT_HEX		= 0,
++		REPORT_DIGIT	= 1
++	};
++#endif
++
++	// Constructor and Destructor
++							CSHA1();
++							~CSHA1();
++
++	UINT_32					m_state[5];
++	UINT_32					m_count[2];
++	UINT_32					__reserved1[1];
++	UINT_8					m_buffer[64];
++	UINT_8					m_digest[20];
++	UINT_32					__reserved2[3];
++
++	void					Reset();
++
++	// Update the hash value
++	void					Update(UINT_8* data, UINT_32 len);
++#ifdef SHA1_UTILITY_FUNCTIONS
++	bool					HashFile(char* szFileName);
++#endif
++
++	// Finalize hash and report
++	void					Final();
++
++	// Report functions: as pre-formatted and raw data
++#ifdef SHA1_UTILITY_FUNCTIONS
++	void					ReportHash(char* szReport, unsigned char uReportType = REPORT_HEX);
++#endif
++	void					GetHash(UINT_8* puDest);
++
++private:
++	// Private SHA-1 transformation
++	void					Transform(UINT_32* state, UINT_8* buffer);
++
++	// Member variables
++	UINT_8					m_workspace[64];
++	SHA1_WORKSPACE_BLOCK* 	m_block; // SHA1 pointer to the byte array above
++};
++
++#endif
 === added file 'common/SetupInfo.cpp'
 --- common/SetupInfo.cpp	1970-01-01 00:00:00 +0000
 +++ common/SetupInfo.cpp	2011-11-23 01:01:25 +0000
@@ -0,0 +1,512 @@
++////////////////////////////////////////////////////////////////////////////////
++//	Copyright (c) CitizenLab, 2006. All Rights Reserved.
++//	The latest version of this code is available at http://psiphon.civisec.org/
++//
++//	This software is open source; you can redistribute it and/or modify it
++//	under the terms of the GNU General Public License as published by the
++//	Free Software Foundation; either version 2 of the License, or (at your
++//	option) any later version.
++//
++//	This program is distributed WITHOUT ANY WARRANTY; without even the
++//	implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
++//	See the GNU General Public License for more details at:
++//	http://psiphon.civisec.org/
++//
++//	This General Public License does NOT permit incorporating this software
++//	into proprietary programs.
++////////////////////////////////////////////////////////////////////////////////
++
++#include "SetupInfo.h"
++#include <stdio.h>
++#include <string.h>
++#include <stdlib.h>
++#include "strfunc.h"
++#include <sys/stat.h>
++
++#define SETUP_FUNC  "psiphon.cnf"
++
++#define _T(X) X
++
++CSetupInfo g_info;
++
++CSetupInfo::CSetupInfo()
++{
++	Init();
++}
++
++CSetupInfo::CSetupInfo(const char* sIn)
++{
++	Init();
++	Parse(sIn);
++}
++
++CSetupInfo::~CSetupInfo()
++{
++	delete m_sIP;
++	delete m_sName;
++	delete m_Common;
++	delete m_Country;
++	delete m_State;
++	delete m_Email;
++	delete m_Unit;
++	delete m_Organization;
++	delete m_sIPServer;
++	delete m_sFinger;
++}
++
++void CSetupInfo::Init()
++{
++	m_sIP = strdup(_T("127.0.0.1"));
++	m_nPort = 443;
++	m_nShowImages = 1;
++	m_nAutoUpdateIP = 1;
++	m_nTestPort = 1;
++	m_nStartOnStartUp = 0;
++	m_sName = NULL;
++	m_nCheckForUpdatesOnStartUp = 1;
++	m_Common = strdup(_T("somename.somewhere.com"));
++	m_Country = strdup(_T("US"));
++	m_State = strdup(_T("Some State"));
++	m_Email = strdup(_T("root@somename.somewhere.com"));
++	m_Unit = strdup(_T("My Subunit of Large Organization"));
++	m_Organization = strdup(_T("My Large Organization Name"));
++	m_nRegenrateOnStartUp = 0;
++	m_nLogLevel = 0;
++	m_sIPServer = strdup(_T("http://psiphon.civisec.org/ip.php"));
++	m_sFinger = NULL;
++}
++
++void CSetupInfo::Out(char*& sOut)
++{
++	char FORMAT[] = _T("%s\t%d\t%d\t%d\t%d\t%d\t%s\t%d\t%s\t%s\t%s\t%s\t%s\t%s\t%d\t%d\t%s");
++
++	int nSize = GetStrLength(FORMAT)
++			  + GetStrLength(m_sIP)
++			  + GetStrLength(m_nPort)
++			  + GetStrLength(m_nShowImages)
++			  + GetStrLength(m_nAutoUpdateIP)
++			  + GetStrLength(m_nTestPort)
++			  + GetStrLength(m_nStartOnStartUp)
++			  + GetStrLength(m_sName)
++			  + GetStrLength(m_nCheckForUpdatesOnStartUp)
++			  + GetStrLength(m_Common)
++			  + GetStrLength(m_Country)
++			  + GetStrLength(m_State)
++			  + GetStrLength(m_Email)
++			  + GetStrLength(m_Organization)
++			  + GetStrLength(m_Unit)
++			  + GetStrLength(m_nRegenrateOnStartUp)
++			  + GetStrLength(m_nLogLevel)
++			  + GetStrLength(m_sIPServer);
++
++	sOut = new char[nSize];
++
++	int nLen = _snprintf(sOut, nSize, FORMAT
++										, m_sIP
++										, m_nPort
++										, m_nShowImages
++										, m_nAutoUpdateIP
++										, m_nTestPort
++										, m_nStartOnStartUp
++										, m_sName
++										, m_nCheckForUpdatesOnStartUp
++										, m_Common
++										, m_Country
++										, m_State
++										, m_Email
++										, m_Organization
++										, m_Unit
++										, m_nRegenrateOnStartUp
++										, m_nLogLevel
++										, m_sIPServer);
++
++	if(nLen <= 0 || nLen >= nSize)
++	{
++		delete sOut;
++		sOut = NULL;
++	}
++}
++
++void CSetupInfo::Parse(const char* sIn)
++{
++	if(!sIn || !*sIn)
++		return;
++
++	char* _sIn = strdup(sIn);
++
++	char seps[] = _T("\t");
++	char* token = strtok(_sIn, seps);
++
++	if(!token)
++		return;
++
++	if(strcmp(token, _T("NULL")) != 0)
++		SetIP(token);
++
++	token = strtok(NULL, seps);
++	if(!token)
++	{
++		delete _sIn;
++		return;
++	}
++	SetPort(atoi(token));
++
++	token = strtok(NULL, seps);
++	if(!token)
++	{
++		delete _sIn;
++		return;
++	}
++	SetShowImages(atoi(token));
++
++	token = strtok(NULL, seps);
++	if(!token)
++	{
++		delete _sIn;
++		return;
++	}
++	SetAutoUpdateIP(atoi(token));
++
++	token = strtok(NULL, seps);
++	if(!token)
++	{
++		delete _sIn;
++		return;
++	}
++	SetTestPort(atoi(token));
++
++	token = strtok(NULL, seps);
++	if(!token)
++	{
++		delete _sIn;
++		return;
++	}
++	SetStartOnStartUp(atoi(token));
++
++	token = strtok(NULL, seps);
++	if(!token)
++	{
++		delete _sIn;
++		return;
++	}
++	SetName(token);
++
++	token = strtok(NULL, seps);
++	if(!token)
++	{
++		delete _sIn;
++		return;
++	}
++	SetCheckForUpdatesOnStartUp(atoi(token));
++
++	token = strtok(NULL, seps);
++	if(!token)
++	{
++		delete _sIn;
++		return;
++	}
++	SetCommon(token);
++
++	token = strtok(NULL, seps);
++	if(!token)
++	{
++		delete _sIn;
++		return;
++	}
++	SetCountry(token);
++
++	token = strtok(NULL, seps);
++	if(!token)
++	{
++		delete _sIn;
++		return;
++	}
++	SetState(token);
++
++	token = strtok(NULL, seps);
++	if(!token)
++	{
++		delete _sIn;
++		return;
++	}
++	SetEmail(token);
++
++	token = strtok(NULL, seps);
++	if(!token)
++	{
++		delete _sIn;
++		return;
++	}
++	SetOrganization(token);
++
++	token = strtok(NULL, seps);
++	if(!token)
++	{
++		delete _sIn;
++		return;
++	}
++	SetUnit(token);
++
++	token = strtok(NULL, seps);
++	if(!token)
++	{
++		delete _sIn;
++		return;
++	}
++	SetRegenrateOnStartUp(atoi(token));
++
++	token = strtok(NULL, seps);
++	if(!token)
++	{
++		delete _sIn;
++		return;
++	}
++	SetLogLevel(atoi(token));
++
++	token = strtok(NULL, seps);
++	if(!token)
++	{
++		delete _sIn;
++		return;
++	}
++	SetIPServer(token);
++
++	delete _sIn;
++}
++
++bool CSetupInfo::Store()
++{
++	FILE* pFile = fopen(SETUP_FUNC, _T("w"));
++	if(pFile == NULL)
++		return false;
++
++	char* pOut = NULL;
++	Out(pOut);
++	if(pOut == NULL)
++		return false;
++
++	fwrite(pOut, sizeof(char), strlen(pOut), pFile);
++
++	delete pOut;
++
++	fclose(pFile);
++
++	return true;
++}
++
++void CSetupInfo::Load()
++{
++	struct stat results;
++	if(stat(SETUP_FUNC, &results) != 0)
++		return;
++
++	FILE* pFile = fopen(SETUP_FUNC, _T("r"));
++	if(pFile == NULL)
++		return;
++
++	int nSize = results.st_size/sizeof(char) + 1;
++
++	char* pIn = new char[nSize];
++	memset(pIn, 0, nSize * sizeof(char));
++
++	fread(pIn, sizeof(char), nSize, pFile);
++
++	pIn[nSize - 1] = 0;
++
++	Parse(pIn);
++
++	delete pIn;
++
++	fclose(pFile);
++}
++
++char* CSetupInfo::GetIP()
++{
++	return m_sIP;
++}
++
++void CSetupInfo::SetIP(const char* _sIP)
++{
++	delete 	m_sIP;
++	m_sIP = strdup(_sIP);
++}
++
++int CSetupInfo::GetPort()
++{
++	return m_nPort;
++}
++
++void CSetupInfo::SetPort(int _nPort)
++{
++	m_nPort = _nPort;
++}
++
++int CSetupInfo::GetShowImages()
++{
++	return m_nShowImages;
++}
++
++void CSetupInfo::SetShowImages(int _nShowImages)
++{
++	m_nShowImages = _nShowImages;
++}
++
++int CSetupInfo::GetAutoUpdateIP()
++{
++	return m_nAutoUpdateIP;
++}
++
++void CSetupInfo::SetAutoUpdateIP(int _nAutoUpdateIP)
++{
++	m_nAutoUpdateIP = _nAutoUpdateIP;
++}
++
++int CSetupInfo::GetTestPort()
++{
++	return m_nTestPort;
++}
++
++void CSetupInfo::SetTestPort(int _nTestPort)
++{
++	m_nTestPort = _nTestPort;
++}
++
++int CSetupInfo::GetStartOnStartUp()
++{
++	return m_nStartOnStartUp;
++}
++
++void CSetupInfo::SetStartOnStartUp(int _nStartOnStartUp)
++{
++	m_nStartOnStartUp = _nStartOnStartUp;
++}
++
++char* CSetupInfo::GetName()
++{
++	return m_sName;
++}
++
++void CSetupInfo::SetName(const char* _sName)
++{
++	delete 	m_sName;
++	m_sName = strdup(_sName);
++}
++
++int CSetupInfo::GetCheckForUpdatesOnStartUp()
++{
++	return m_nCheckForUpdatesOnStartUp;
++}
++
++void CSetupInfo::SetCheckForUpdatesOnStartUp(int _nCheckForUpdatesOnStartUp)
++{
++	m_nCheckForUpdatesOnStartUp = _nCheckForUpdatesOnStartUp;
++}
++
++void CSetupInfo::SetCommon(const char* _Common)
++{
++	delete 	m_Common;
++	m_Common = strdup(_Common);
++}
++
++void CSetupInfo::SetUnit(const char* _Unit)
++{
++	delete 	m_Unit;
++	m_Unit = strdup(_Unit);
++}
++
++void CSetupInfo::SetOrganization(const char* _Organization)
++{
++	delete 	m_Organization;
++	m_Organization = strdup(_Organization);
++}
++
++void CSetupInfo::SetEmail(const char* _Email)
++{
++	delete 	m_Email;
++	m_Email = strdup(_Email);
++}
++
++void CSetupInfo::SetCountry(const char* _Country)
++{
++	delete 	m_Country;
++	m_Country = strdup(_Country);
++}
++
++void CSetupInfo::SetState(const char* _State)
++{
++	delete 	m_State;
++	m_State = strdup(_State);
++}
++
++void CSetupInfo::SetRegenrateOnStartUp(int _nRegenrateOnStartUp)
++{
++	m_nRegenrateOnStartUp = _nRegenrateOnStartUp;
++}
++
++char* CSetupInfo::GetCommon()
++{
++	return 	m_Common;
++}
++
++char* CSetupInfo::GetUnit()
++{
++	return 	m_Unit;
++}
++
++char* CSetupInfo::GetOrganization()
++{
++	return 	m_Organization;
++}
++
++char* CSetupInfo::GetEmail()
++{
++	return 	m_Email;
++}
++
++char* CSetupInfo::GetCountry()
++{
++	return 	m_Country;
++}
++
++char* CSetupInfo::GetState()
++{
++	return 	m_State;
++}
++
++int CSetupInfo::GetRegenrateOnStartUp()
++{
++	return m_nRegenrateOnStartUp;
++}
++
++int CSetupInfo::GetLogLevel()
++{
++	return m_nLogLevel;
++}
++
++void CSetupInfo::SetLogLevel(int _nLogLevel)
++{
++	m_nLogLevel = _nLogLevel;
++}
++
++char* CSetupInfo::GetIPServer()
++{
++	return m_sIPServer;
++}
++
++void CSetupInfo::SetIPServer(const char* _sIPServer)
++{
++	delete 	m_sIPServer;
++	m_sIPServer = strdup(_sIPServer);
++}
++
++char* CSetupInfo::GetFinger()
++{
++	return m_sFinger;
++}
++
++void CSetupInfo::SetFinger(const char* _sFinger)
++{
++	delete 	m_sFinger;
++	m_sFinger = strdup(_sFinger);
++}
++
 === added file 'common/SetupInfo.h'
 --- common/SetupInfo.h	1970-01-01 00:00:00 +0000
 +++ common/SetupInfo.h	2011-11-23 01:01:25 +0000
@@ -0,0 +1,110 @@
++////////////////////////////////////////////////////////////////////////////////
++//	Copyright (c) CitizenLab, 2006. All Rights Reserved.
++//	The latest version of this code is available at http://psiphon.civisec.org/
++//
++//	This software is open source; you can redistribute it and/or modify it
++//	under the terms of the GNU General Public License as published by the
++//	Free Software Foundation; either version 2 of the License, or (at your
++//	option) any later version.
++//
++//	This program is distributed WITHOUT ANY WARRANTY; without even the
++//	implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
++//	See the GNU General Public License for more details at:
++//	http://psiphon.civisec.org/
++//
++//	This General Public License does NOT permit incorporating this software
++//	into proprietary programs.
++////////////////////////////////////////////////////////////////////////////////
++
++#pragma once
++
++class CSetupInfo
++{
++	char* 	m_sIP;
++	int		m_nPort;
++	int		m_nShowImages;
++	int		m_nAutoUpdateIP;
++	int		m_nTestPort;
++	int		m_nStartOnStartUp;
++	char* 	m_sName;
++	int		m_nCheckForUpdatesOnStartUp;
++
++	char* 	m_Common;
++	char* 	m_Unit;
++	char* 	m_Organization;
++	char* 	m_Email;
++	char* 	m_Country;
++	char* 	m_State;
++	int		m_nRegenrateOnStartUp;
++	int		m_nLogLevel;
++	char*	m_sIPServer;
++	char*	m_sFinger;
++
++public:
++	CSetupInfo();
++
++	CSetupInfo(const char* sIn);
++	~CSetupInfo();
++
++public:
++	char*	GetIP();
++	void	SetIP(const char* _sIP);
++
++	int		GetShowImages();
++	void	SetShowImages(int _nShowImages);
++
++	int		GetPort();
++	void	SetPort(int _nPort);
++
++	int		GetAutoUpdateIP();
++	void	SetAutoUpdateIP(int _nAutoUpdateIP);
++
++	int		GetTestPort();
++	void	SetTestPort(int _nTestPort);
++
++	int		GetStartOnStartUp();
++	void	SetStartOnStartUp(int _nStartOnStartUp);
++
++	char*	GetName();
++	void	SetName(const char* _sName);
++
++	int		GetCheckForUpdatesOnStartUp();
++	void	SetCheckForUpdatesOnStartUp(int _nCheckForUpdatesOnStartUp);
++
++	bool	Store();
++	void	Load();
++
++	void	SetCommon(const char* _Common);
++	void	SetUnit(const char* _Unit);
++	void	SetOrganization(const char* _Organization);
++	void	SetEmail(const char* _Email);
++	void	SetCountry(const char* _Country);
++	void	SetState(const char* _State);
++	void	SetRegenrateOnStartUp(int _nRegenrateOnStartUp);
++
++	char*	GetCommon();
++	char*	GetUnit();
++	char*	GetOrganization();
++	char*	GetEmail();
++	char*	GetCountry();
++	char*	GetState();
++	int		GetRegenrateOnStartUp();
++
++	int		GetLogLevel();
++	void	SetLogLevel(int _nLogLevel);
++
++	char*	GetIPServer();
++	void	SetIPServer(const char* pIPServer);
++
++	char*	GetFinger();
++	void	SetFinger(const char* pFinger);
++
++protected:
++	void	Init();
++	void	Out(char*& sOut);
++
++	void	Parse(const char* sIn);
++};
++
++extern 	CSetupInfo g_info;
++
 === added file 'common/User.cpp'
 --- common/User.cpp	1970-01-01 00:00:00 +0000
 +++ common/User.cpp	2011-11-23 01:01:25 +0000
@@ -0,0 +1,598 @@
++////////////////////////////////////////////////////////////////////////////////
++//	Copyright (c) CitizenLab, 2006. All Rights Reserved.
++//	The latest version of this code is available at http://psiphon.civisec.org/
++//
++//	This software is open source; you can redistribute it and/or modify it
++//	under the terms of the GNU General Public License as published by the
++//	Free Software Foundation; either version 2 of the License, or (at your
++//	option) any later version.
++//
++//	This program is distributed WITHOUT ANY WARRANTY; without even the
++//	implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
++//	See the GNU General Public License for more details at:
++//	http://psiphon.civisec.org/
++//
++//	This General Public License does NOT permit incorporating this software
++//	into proprietary programs.
++////////////////////////////////////////////////////////////////////////////////
++
++#include "convert.h"
++#include "CppSQLite3.h"
++#include "User.h"
++#include "SHA1.h"
++#include "strfunc.h"
++
++#define _T(X) X
++
++void escape(char* pDest, int nSize, const char* pSrc);
++
++char* CDBUser::m_sDB = _T("users.db");
++
++LOG_ROUTINE CDBUser::m_pLogFunc = NULL;
++
++CDBUser::CDBUser()
++{
++	Init();
++}
++
++CDBUser::~CDBUser()
++{
++	Cleanup();
++}
++
++void CDBUser::Init()
++{
++	m_sUserName = NULL;
++	m_sPassword = NULL;
++	m_sEmail = NULL;
++	m_sFullName = NULL;
++
++	m_nID = 0;
++	m_nDeleted = false;
++
++	m_nLastAccess = 0;
++	m_nWritten = 0;
++	m_nRead = 0;
++	m_nWriteTime = 0;
++	m_nReadTime = 0;
++}
++
++void CDBUser::Cleanup()
++{
++	delete m_sUserName;
++	delete m_sPassword;
++	delete m_sEmail;
++	delete m_sFullName;
++
++	Init();
++}
++
++int CDBUser::Get(int nUserID)
++{
++	if(nUserID <= 0)
++		return -1;
++
++	try
++	{
++		CppSQLite3DB db;
++		db.Open(m_sDB);
++
++		if(!db.tableExists(_T("users")))
++			return false;
++
++		CppSQLite3Statement stmt = db.compileStatement(_T("select nIndex, sUsername, sPassword, sEmail, sFullname from users where nIndex = ?;"));
++
++		stmt.bind(1, nUserID);
++
++		CppSQLite3Query q = stmt.execQuery();
++
++		if(!q.eof())
++		{
++			SetID(q.getIntField(0));
++
++			CConverter wUsername(q.fieldValue(1));
++			SetUsername(wUsername);
++
++			CConverter wPassword(q.fieldValue(2));
++			SetPassword(wPassword);
++
++			CConverter wEmail(q.fieldValue(3));
++			SetEmail(wEmail);
++
++			CConverter wFullName(q.fieldValue(4));
++			SetFullName(wFullName);
++
++			q.nextRow();
++
++			return 0;
++		}
++	}
++	catch(CppSQLite3Exception& e)
++	{
++		CConverter wMsg(e.errorMessage());
++		CDBUser::Log(wMsg);
++	}
++
++	return -1;
++}
++
++int CDBUser::FindUser(const char* pUserName, const char* pPassword)
++{
++	if(!pUserName || strlen(pUserName) > 100)
++		return -1;
++
++	if(!pPassword || strlen(pPassword) > 64)
++		return -1;
++
++	try
++	{
++		CppSQLite3DB db;
++		db.Open(m_sDB);
++
++		if(!db.tableExists(_T("users")))
++			return -1;
++
++		CppSQLite3Statement stmt = db.compileStatement(_T("select nIndex from users where sUsername=? and sPassword=? and nDeleted != 1;"));
++
++		stmt.bind(1, pUserName);
++		stmt.bind(2, pPassword);
++
++		CppSQLite3Query q = stmt.execQuery();
++
++		if(!q.eof())
++		{
++			return (q.getIntField(0));
++		}
++	}
++	catch(CppSQLite3Exception& e)
++	{
++		CConverter wMsg(e.errorMessage());
++		CDBUser::Log(wMsg);
++	}
++
++	return -1;
++}
++
++int CDBUser::FindUsername(const char* pUserName)
++{
++	if(!pUserName || strlen(pUserName) > 100)
++		return -1;
++
++	try
++	{
++		CppSQLite3DB db;
++		db.Open(m_sDB);
++
++		if(!db.tableExists(_T("users")))
++			return -1;
++
++
++		CppSQLite3Statement stmt = db.compileStatement(_T("select nIndex from users where sUsername=?;"));
++
++		stmt.bind(1, pUserName);
++
++		CppSQLite3Query q = stmt.execQuery();
++
++		if(!q.eof())
++		{
++			return (q.getIntField(0));
++		}
++	}
++	catch(CppSQLite3Exception& e)
++	{
++		CConverter wMsg(e.errorMessage());
++		CDBUser::Log(wMsg);
++	}
++
++	return -1;
++}
++
++int CDBUser::Insert()
++{
++	if(!m_sUserName || strlen(m_sUserName) > 100)
++		return -1;
++
++	if(!m_sPassword || strlen(m_sPassword) > 64)
++		return -1;
++
++	if(!m_sEmail || strlen(m_sEmail) > 100)
++		return -1;
++
++	if(!m_sFullName || strlen(m_sFullName) > 100)
++		return -1;
++	try
++	{
++		CppSQLite3DB db;
++		db.Open(m_sDB);
++
++		if(!db.tableExists(_T("users")))
++		{
++			db.execDML(_T("create table users(nIndex integer primary key, sUsername char(100), sPassword char(64), sEmail char(100), sFullname char(100), nDeleted int);"));
++		}
++
++		CppSQLite3Statement stmt = db.compileStatement(_T("insert into users (sUsername, sPassword, sEmail, sFullname, nDeleted)"
++		" values (?, ?, ?, ?, ?);"));
++
++		stmt.bind(1, m_sUserName);
++		stmt.bind(2, m_sPassword);
++		stmt.bind(3, m_sEmail);
++		stmt.bind(4, m_sFullName);
++		stmt.bind(5, m_nDeleted);
++
++
++		int nRows = stmt.execDML();
++
++		m_nID = (int)db.lastRowId();
++
++		return nRows;
++	}
++	catch(CppSQLite3Exception& e)
++	{
++		CConverter wMsg(e.errorMessage());
++		CDBUser::Log(wMsg);
++	}
++
++	return -1;
++}
++
++int CDBUser::Update()
++{
++	if(m_nID <= 0)
++		return -1;
++
++	if(!m_sPassword || strlen(m_sPassword) > 64)
++		return -1;
++
++	if(!m_sEmail || strlen(m_sEmail) > 100)
++		return -1;
++
++	if(!m_sFullName || strlen(m_sFullName) > 100)
++		return -1;
++
++	try
++	{
++		CppSQLite3DB db;
++		db.Open(m_sDB);
++
++		if(!db.tableExists("users"))
++			return -1;
++
++		CppSQLite3Statement stmt;
++
++		if(strlen(m_sPassword) > 0)
++		{
++			stmt = db.compileStatement(_T("update users set sPassword=?, sEmail=?, sFullname=? where nIndex=?;"));
++			stmt.bind(1, m_sPassword);
++			stmt.bind(2, m_sEmail);
++			stmt.bind(3, m_sFullName);
++			stmt.bind(4, m_nID);
++		}
++		else
++		{
++			stmt = db.compileStatement(_T("update users set sEmail=?, sFullname=? where nIndex=?;"));
++			stmt.bind(1, m_sEmail);
++			stmt.bind(2, m_sFullName);
++			stmt.bind(3, m_nID);
++		}
++
++		int nRows = stmt.execDML();
++		return nRows;
++	}
++	catch(CppSQLite3Exception& e)
++	{
++		CConverter wMsg(e.errorMessage());
++		CDBUser::Log(wMsg);
++	}
++
++	return -1;
++}
++
++void CDBUser::EncryptPassword(char* pKey, int nKeySize, const char* _pUsername, const char* _pPassword)
++{
++	if(!pKey)
++		return;
++
++	if(nKeySize == 0)
++		return;
++
++	if(!_pUsername || strlen(_pUsername) > 100)
++		return;
++	if(!_pPassword || strlen(_pPassword) > 64)
++		return;
++
++	CSHA1 sha1;
++
++	CConverter aUsername(_pUsername);
++	CConverter aPassword(_pPassword);
++
++	sha1.Update((UINT_8*)(char*)(const char*)aUsername, strlen(aUsername));
++	sha1.Update((UINT_8*)(char*)(const char*)aPassword, strlen(aPassword));
++	sha1.Final();
++
++	char* aKey = new char[nKeySize];
++	memset(aKey, 0, nKeySize * sizeof(char));
++	sha1.ReportHash(aKey, CSHA1::REPORT_HEX);
++
++	CConverter _pKey(aKey);
++	strncpy(pKey, _pKey, nKeySize);
++
++	delete aKey;
++}
++
++int CDBUser::Delete(int nUserID)
++{
++	if(nUserID <= 0)
++		return -1;
++
++	try
++	{
++		CppSQLite3DB db;
++		db.Open(m_sDB);
++
++		if(!db.tableExists(_T("users")))
++			return false;
++
++		CppSQLite3Statement stmt = db.compileStatement(_T("update users set nDeleted=1 where nIndex=?;"));
++		stmt.bind(1, nUserID);
++		stmt.execDML();
++
++		return 0;
++	}
++	catch(CppSQLite3Exception& e)
++	{
++		CConverter wMsg(e.errorMessage());
++		CDBUser::Log(wMsg);
++	}
++
++	return -1;
++}
++
++int CDBUser::GetUserCount()
++{
++	try
++	{
++		CppSQLite3DB db;
++		db.Open(m_sDB);
++
++		if(!db.tableExists(_T("users")))
++			return 0;
++
++		int nRet = db.execScalar(_T("select count(*) from users where nDeleted = 0"));
++
++		return nRet;
++	}
++	catch(CppSQLite3Exception& e)
++	{
++		CConverter wMsg(e.errorMessage());
++		CDBUser::Log(wMsg);
++	}
++
++	return -1;
++}
++
++int CDBUser::LoadUsers(CDBUser**& pUsers)
++{
++	int nUserCount = GetUserCount();
++	if(nUserCount <= 0)
++		return 0;
++
++	pUsers = new CDBUser * [nUserCount];
++
++	try
++	{
++		CppSQLite3DB db;
++		db.Open(m_sDB);
++
++		if(!db.tableExists(_T("users")))
++			return 0;
++
++		CppSQLite3Query q = db.execQuery(_T("select * from users where nDeleted = 0;"));
++
++		int i = 0;
++
++		while(!q.eof())
++		{
++			CDBUser* pUser = new CDBUser;
++
++			pUser->SetID(q.getIntField(0));
++
++			CConverter wUsername(q.fieldValue(1));
++			pUser->SetUsername(wUsername);
++
++			CConverter wPassword(q.fieldValue(2));
++			pUser->SetPassword(wPassword);
++
++			CConverter wEmail(q.fieldValue(3));
++			pUser->SetEmail(wEmail);
++
++			CConverter wFullName(q.fieldValue(4));
++			pUser->SetFullName(wFullName);
++
++			pUsers[i++] = pUser;
++
++			q.nextRow();
++		}
++