Tor  0.4.6.0-alpha-dev
tor-gencert.c
1 /* Copyright (c) 2007-2020, The Tor Project, Inc. */
2 /* See LICENSE for licensing information */
3 
4 #include "orconfig.h"
5 
6 #include <stdio.h>
7 #include <string.h>
8 
9 #include <sys/types.h>
10 #include <sys/stat.h>
11 #include <fcntl.h>
12 #ifdef HAVE_UNISTD_H
13 #include <unistd.h>
14 #endif
15 
16 #include "lib/cc/compat_compiler.h"
19 
20 #ifdef ENABLE_OPENSSL
21 /* Some versions of OpenSSL declare X509_STORE_CTX_set_verify_cb twice in
22  * x509.h and x509_vfy.h. Suppress the GCC warning so we can build with
23  * -Wredundant-decl. */
24 DISABLE_GCC_WARNING("-Wredundant-decls")
25 
26 #include <openssl/evp.h>
27 #include <openssl/pem.h>
28 #include <openssl/rsa.h>
29 #include <openssl/objects.h>
30 #include <openssl/obj_mac.h>
31 #include <openssl/err.h>
32 
33 ENABLE_GCC_WARNING("-Wredundant-decls")
34 #endif /* defined(ENABLE_OPENSSL) */
35 
36 #include <errno.h>
37 
42 #include "lib/encoding/binascii.h"
43 #include "lib/encoding/time_fmt.h"
44 #include "lib/fs/files.h"
45 #include "lib/log/log.h"
46 #include "lib/malloc/malloc.h"
47 #include "lib/net/address.h"
48 #include "lib/net/inaddr.h"
49 #include "lib/net/resolve.h"
51 #include "lib/string/printf.h"
52 
53 #define IDENTITY_KEY_BITS 3072
54 #define SIGNING_KEY_BITS 2048
55 #define DEFAULT_LIFETIME 12
56 
57 /* These globals are set via command line options. */
58 static char *identity_key_file = NULL;
59 static char *signing_key_file = NULL;
60 static char *certificate_file = NULL;
61 static int reuse_signing_key = 0;
62 static int verbose = 0;
63 static int make_new_id = 0;
64 static int months_lifetime = DEFAULT_LIFETIME;
65 static int passphrase_fd = -1;
66 static char *address = NULL;
67 
68 static char *passphrase = NULL;
69 static size_t passphrase_len = 0;
70 
71 static EVP_PKEY *identity_key = NULL;
72 static EVP_PKEY *signing_key = NULL;
73 
74 /** Write a usage message for tor-gencert to stderr. */
75 static void
76 show_help(void)
77 {
78  fprintf(stderr, "Syntax:\n"
79  "tor-gencert [-h|--help] [-v] [-r|--reuse] [--create-identity-key]\n"
80  " [-i identity_key_file] [-s signing_key_file] "
81  "[-c certificate_file]\n"
82  " [-m lifetime_in_months] [-a address:port] "
83  "[--passphrase-fd <fd>]\n");
84 }
85 
86 /** Read the passphrase from the passphrase fd. */
87 static int
88 load_passphrase(void)
89 {
90  char *cp;
91  char buf[1024]; /* "Ought to be enough for anybody." */
92  memset(buf, 0, sizeof(buf)); /* should be needless */
93  ssize_t n = read_all_from_fd(passphrase_fd, buf, sizeof(buf));
94  if (n < 0) {
95  log_err(LD_GENERAL, "Couldn't read from passphrase fd: %s",
96  strerror(errno));
97  return -1;
98  }
99  /* We'll take everything from the buffer except for optional terminating
100  * newline. */
101  cp = memchr(buf, '\n', n);
102  if (cp == NULL) {
103  passphrase_len = n;
104  } else {
105  passphrase_len = cp-buf;
106  }
107  passphrase = tor_strndup(buf, passphrase_len);
108  memwipe(buf, 0, sizeof(buf));
109  return 0;
110 }
111 
112 static void
113 clear_passphrase(void)
114 {
115  if (passphrase) {
116  memwipe(passphrase, 0, passphrase_len);
117  tor_free(passphrase);
118  }
119 }
120 
121 /** Read the command line options from <b>argc</b> and <b>argv</b>,
122  * setting global option vars as needed.
123  */
124 static int
125 parse_commandline(int argc, char **argv)
126 {
127  int i;
129  for (i = 1; i < argc; ++i) {
130  if (!strcmp(argv[i], "--help") || !strcmp(argv[i], "-h")) {
131  show_help();
132  return 1;
133  } else if (!strcmp(argv[i], "-i")) {
134  if (i+1>=argc) {
135  fprintf(stderr, "No argument to -i\n");
136  return 1;
137  }
138  if (identity_key_file) {
139  fprintf(stderr, "Duplicate values for -i\n");
140  return -1;
141  }
142  identity_key_file = tor_strdup(argv[++i]);
143  } else if (!strcmp(argv[i], "-s")) {
144  if (i+1>=argc) {
145  fprintf(stderr, "No argument to -s\n");
146  return 1;
147  }
148  if (signing_key_file) {
149  fprintf(stderr, "Duplicate values for -s\n");
150  return -1;
151  }
152  signing_key_file = tor_strdup(argv[++i]);
153  } else if (!strcmp(argv[i], "-c")) {
154  if (i+1>=argc) {
155  fprintf(stderr, "No argument to -c\n");
156  return 1;
157  }
158  if (certificate_file) {
159  fprintf(stderr, "Duplicate values for -c\n");
160  return -1;
161  }
162  certificate_file = tor_strdup(argv[++i]);
163  } else if (!strcmp(argv[i], "-m")) {
164  if (i+1>=argc) {
165  fprintf(stderr, "No argument to -m\n");
166  return 1;
167  }
168  months_lifetime = atoi(argv[++i]);
169  if (months_lifetime > 24 || months_lifetime < 0) {
170  fprintf(stderr, "Lifetime (in months) was out of range.\n");
171  return 1;
172  }
173  } else if (!strcmp(argv[i], "-r") || !strcmp(argv[i], "--reuse")) {
174  reuse_signing_key = 1;
175  } else if (!strcmp(argv[i], "-v")) {
176  verbose = 1;
177  } else if (!strcmp(argv[i], "-a")) {
178  tor_addr_t addr;
179  uint16_t port;
180  if (i+1>=argc) {
181  fprintf(stderr, "No argument to -a\n");
182  return 1;
183  }
184  const char *addr_arg = argv[++i];
185  if (tor_addr_port_lookup(addr_arg, &addr, &port)<0) {
186  fprintf(stderr, "Can't resolve address/port for %s", addr_arg);
187  return 1;
188  }
189  if (tor_addr_family(&addr) != AF_INET) {
190  fprintf(stderr, "%s must resolve to an IPv4 address", addr_arg);
191  return 1;
192  }
193  tor_free(address);
194  address = tor_strdup(fmt_addrport(&addr, port));
195  } else if (!strcmp(argv[i], "--create-identity-key")) {
196  make_new_id = 1;
197  } else if (!strcmp(argv[i], "--passphrase-fd")) {
198  if (i+1>=argc) {
199  fprintf(stderr, "No argument to --passphrase-fd\n");
200  return 1;
201  }
202  passphrase_fd = atoi(argv[++i]);
203  } else {
204  fprintf(stderr, "Unrecognized option %s\n", argv[i]);
205  return 1;
206  }
207  }
208 
209  memwipe(&s, 0, sizeof(s));
210  if (verbose)
212  else
214  add_stream_log(&s, "<stderr>", fileno(stderr));
215 
216  if (!identity_key_file) {
217  identity_key_file = tor_strdup("./authority_identity_key");
218  log_info(LD_GENERAL, "No identity key file given; defaulting to %s",
219  identity_key_file);
220  }
221  if (!signing_key_file) {
222  signing_key_file = tor_strdup("./authority_signing_key");
223  log_info(LD_GENERAL, "No signing key file given; defaulting to %s",
224  signing_key_file);
225  }
226  if (!certificate_file) {
227  certificate_file = tor_strdup("./authority_certificate");
228  log_info(LD_GENERAL, "No signing key file given; defaulting to %s",
229  certificate_file);
230  }
231  if (passphrase_fd >= 0) {
232  if (load_passphrase()<0)
233  return 1;
234  }
235  return 0;
236 }
237 
238 static RSA *
239 generate_key(int bits)
240 {
241  RSA *rsa = NULL;
242  crypto_pk_t *env = crypto_pk_new();
243  if (crypto_pk_generate_key_with_bits(env,bits)<0)
244  goto done;
245  rsa = crypto_pk_get_openssl_rsa_(env);
246  done:
247  crypto_pk_free(env);
248  return rsa;
249 }
250 
251 /** Try to read the identity key from <b>identity_key_file</b>. If no such
252  * file exists and create_identity_key is set, make a new identity key and
253  * store it. Return 0 on success, nonzero on failure.
254  */
255 static int
256 load_identity_key(void)
257 {
258  file_status_t status = file_status(identity_key_file);
259  FILE *f;
260 
261  if (make_new_id) {
262  open_file_t *open_file = NULL;
263  RSA *key;
264  if (status != FN_NOENT) {
265  log_err(LD_GENERAL, "--create-identity-key was specified, but %s "
266  "already exists.", identity_key_file);
267  return 1;
268  }
269  log_notice(LD_GENERAL, "Generating %d-bit RSA identity key.",
270  IDENTITY_KEY_BITS);
271  if (!(key = generate_key(IDENTITY_KEY_BITS))) {
272  log_err(LD_GENERAL, "Couldn't generate identity key.");
273  crypto_openssl_log_errors(LOG_ERR, "Generating identity key");
274  return 1;
275  }
276  identity_key = EVP_PKEY_new();
277  if (!(EVP_PKEY_assign_RSA(identity_key, key))) {
278  log_err(LD_GENERAL, "Couldn't assign identity key.");
279  return 1;
280  }
281 
282  if (!(f = start_writing_to_stdio_file(identity_key_file,
283  OPEN_FLAGS_REPLACE | O_TEXT, 0400,
284  &open_file)))
285  return 1;
286 
287  /* Write the key to the file. If passphrase is not set, takes it from
288  * the terminal. */
289  if (!PEM_write_PKCS8PrivateKey_nid(f, identity_key,
290  NID_pbe_WithSHA1And3_Key_TripleDES_CBC,
291  passphrase, (int)passphrase_len,
292  NULL, NULL)) {
293  log_err(LD_GENERAL, "Couldn't write identity key to %s",
294  identity_key_file);
295  crypto_openssl_log_errors(LOG_ERR, "Writing identity key");
296  abort_writing_to_file(open_file);
297  return 1;
298  }
299  finish_writing_to_file(open_file);
300  } else {
301  if (status != FN_FILE) {
302  log_err(LD_GENERAL,
303  "No identity key found in %s. To specify a location "
304  "for an identity key, use -i. To generate a new identity key, "
305  "use --create-identity-key.", identity_key_file);
306  return 1;
307  }
308 
309  if (!(f = fopen(identity_key_file, "r"))) {
310  log_err(LD_GENERAL, "Couldn't open %s for reading: %s",
311  identity_key_file, strerror(errno));
312  return 1;
313  }
314 
315  /* Read the key. If passphrase is not set, takes it from the terminal. */
316  identity_key = PEM_read_PrivateKey(f, NULL, NULL, passphrase);
317  if (!identity_key) {
318  log_err(LD_GENERAL, "Couldn't read identity key from %s",
319  identity_key_file);
320  fclose(f);
321  return 1;
322  }
323  fclose(f);
324  }
325  return 0;
326 }
327 
328 /** Load a saved signing key from disk. Return 0 on success, nonzero on
329  * failure. */
330 static int
331 load_signing_key(void)
332 {
333  FILE *f;
334  if (!(f = fopen(signing_key_file, "r"))) {
335  log_err(LD_GENERAL, "Couldn't open %s for reading: %s",
336  signing_key_file, strerror(errno));
337  return 1;
338  }
339  if (!(signing_key = PEM_read_PrivateKey(f, NULL, NULL, NULL))) {
340  log_err(LD_GENERAL, "Couldn't read siging key from %s", signing_key_file);
341  fclose(f);
342  return 1;
343  }
344  fclose(f);
345  return 0;
346 }
347 
348 /** Generate a new signing key and write it to disk. Return 0 on success,
349  * nonzero on failure. */
350 static int
351 generate_signing_key(void)
352 {
353  open_file_t *open_file;
354  FILE *f;
355  RSA *key;
356  log_notice(LD_GENERAL, "Generating %d-bit RSA signing key.",
357  SIGNING_KEY_BITS);
358  if (!(key = generate_key(SIGNING_KEY_BITS))) {
359  log_err(LD_GENERAL, "Couldn't generate signing key.");
360  crypto_openssl_log_errors(LOG_ERR, "Generating signing key");
361  return 1;
362  }
363  signing_key = EVP_PKEY_new();
364  if (!(EVP_PKEY_assign_RSA(signing_key, key))) {
365  log_err(LD_GENERAL, "Couldn't assign signing key.");
366  return 1;
367  }
368 
369  if (!(f = start_writing_to_stdio_file(signing_key_file,
370  OPEN_FLAGS_REPLACE | O_TEXT, 0600,
371  &open_file)))
372  return 1;
373 
374  /* Write signing key with no encryption. */
375  if (!PEM_write_RSAPrivateKey(f, key, NULL, NULL, 0, NULL, NULL)) {
376  crypto_openssl_log_errors(LOG_WARN, "writing signing key");
377  abort_writing_to_file(open_file);
378  return 1;
379  }
380 
381  finish_writing_to_file(open_file);
382 
383  return 0;
384 }
385 
386 /** Encode <b>key</b> in the format used in directory documents; return
387  * a newly allocated string holding the result or NULL on failure. */
388 static char *
389 key_to_string(EVP_PKEY *key)
390 {
391  BUF_MEM *buf;
392  BIO *b;
393  RSA *rsa = EVP_PKEY_get1_RSA(key);
394  char *result;
395  if (!rsa)
396  return NULL;
397 
398  b = BIO_new(BIO_s_mem());
399  if (!PEM_write_bio_RSAPublicKey(b, rsa)) {
400  crypto_openssl_log_errors(LOG_WARN, "writing public key to string");
401  RSA_free(rsa);
402  return NULL;
403  }
404 
405  BIO_get_mem_ptr(b, &buf);
406  result = tor_malloc(buf->length + 1);
407  memcpy(result, buf->data, buf->length);
408  result[buf->length] = 0;
409 
410  BIO_free(b);
411 
412  RSA_free(rsa);
413  return result;
414 }
415 
416 /** Set <b>out</b> to the hex-encoded fingerprint of <b>pkey</b>. */
417 static int
418 get_fingerprint(EVP_PKEY *pkey, char *out)
419 {
420  int r = -1;
421  crypto_pk_t *pk = crypto_new_pk_from_openssl_rsa_(EVP_PKEY_get1_RSA(pkey));
422  if (pk) {
423  r = crypto_pk_get_fingerprint(pk, out, 0);
424  crypto_pk_free(pk);
425  }
426  return r;
427 }
428 
429 /** Set <b>out</b> to the hex-encoded fingerprint of <b>pkey</b>. */
430 static int
431 get_digest(EVP_PKEY *pkey, char *out)
432 {
433  int r = -1;
434  crypto_pk_t *pk = crypto_new_pk_from_openssl_rsa_(EVP_PKEY_get1_RSA(pkey));
435  if (pk) {
436  r = crypto_pk_get_digest(pk, out);
437  crypto_pk_free(pk);
438  }
439  return r;
440 }
441 
442 /** Generate a new certificate for our loaded or generated keys, and write it
443  * to disk. Return 0 on success, nonzero on failure. */
444 static int
445 generate_certificate(void)
446 {
447  char buf[8192];
448  time_t now = time(NULL);
449  struct tm tm;
450  char published[ISO_TIME_LEN+1];
451  char expires[ISO_TIME_LEN+1];
452  char id_digest[DIGEST_LEN];
453  char fingerprint[FINGERPRINT_LEN+1];
454  FILE *f;
455  size_t signed_len;
456  char digest[DIGEST_LEN];
457  char signature[1024]; /* handles up to 8192-bit keys. */
458  int r;
459 
460  if (get_fingerprint(identity_key, fingerprint) < 0) {
461  return -1;
462  }
463  if (get_digest(identity_key, id_digest)) {
464  return -1;
465  }
466  char *ident = key_to_string(identity_key);
467  char *signing = key_to_string(signing_key);
468 
469  tor_localtime_r(&now, &tm);
470  tm.tm_mon += months_lifetime;
471 
472  format_iso_time(published, now);
473  format_iso_time(expires, mktime(&tm));
474 
475  tor_snprintf(buf, sizeof(buf),
476  "dir-key-certificate-version 3"
477  "%s%s"
478  "\nfingerprint %s\n"
479  "dir-key-published %s\n"
480  "dir-key-expires %s\n"
481  "dir-identity-key\n%s"
482  "dir-signing-key\n%s"
483  "dir-key-crosscert\n"
484  "-----BEGIN ID SIGNATURE-----\n",
485  address?"\ndir-address ":"", address?address:"",
486  fingerprint, published, expires, ident, signing
487  );
488  tor_free(ident);
489  tor_free(signing);
490 
491  /* Append a cross-certification */
492  RSA *rsa = EVP_PKEY_get1_RSA(signing_key);
493  r = RSA_private_encrypt(DIGEST_LEN, (unsigned char*)id_digest,
494  (unsigned char*)signature,
495  rsa,
496  RSA_PKCS1_PADDING);
497  RSA_free(rsa);
498 
499  signed_len = strlen(buf);
500  base64_encode(buf+signed_len, sizeof(buf)-signed_len, signature, r,
501  BASE64_ENCODE_MULTILINE);
502 
503  strlcat(buf,
504  "-----END ID SIGNATURE-----\n"
505  "dir-key-certification\n", sizeof(buf));
506 
507  signed_len = strlen(buf);
508  SHA1((const unsigned char*)buf,signed_len,(unsigned char*)digest);
509 
510  rsa = EVP_PKEY_get1_RSA(identity_key);
511  r = RSA_private_encrypt(DIGEST_LEN, (unsigned char*)digest,
512  (unsigned char*)signature,
513  rsa,
514  RSA_PKCS1_PADDING);
515  RSA_free(rsa);
516  strlcat(buf, "-----BEGIN SIGNATURE-----\n", sizeof(buf));
517  signed_len = strlen(buf);
518  base64_encode(buf+signed_len, sizeof(buf)-signed_len, signature, r,
519  BASE64_ENCODE_MULTILINE);
520  strlcat(buf, "-----END SIGNATURE-----\n", sizeof(buf));
521 
522  if (!(f = fopen(certificate_file, "w"))) {
523  log_err(LD_GENERAL, "Couldn't open %s for writing: %s",
524  certificate_file, strerror(errno));
525  return 1;
526  }
527 
528  if (fputs(buf, f) < 0) {
529  log_err(LD_GENERAL, "Couldn't write to %s: %s",
530  certificate_file, strerror(errno));
531  fclose(f);
532  return 1;
533  }
534  fclose(f);
535  return 0;
536 }
537 
538 /** Entry point to tor-gencert */
539 int
540 main(int argc, char **argv)
541 {
542  int r = 1;
543  init_logging(1);
544 
545  /* Don't bother using acceleration. */
546  if (crypto_global_init(0, NULL, NULL)) {
547  fprintf(stderr, "Couldn't initialize crypto library.\n");
548  return 1;
549  }
550  if (crypto_seed_rng()) {
551  fprintf(stderr, "Couldn't seed RNG.\n");
552  goto done;
553  }
554  /* Make sure that files are made private. */
555  umask(0077);
556 
557  if (parse_commandline(argc, argv))
558  goto done;
559  if (load_identity_key())
560  goto done;
561  if (reuse_signing_key) {
562  if (load_signing_key())
563  goto done;
564  } else {
565  if (generate_signing_key())
566  goto done;
567  }
568  if (generate_certificate())
569  goto done;
570 
571  r = 0;
572  done:
573  clear_passphrase();
574  if (identity_key)
575  EVP_PKEY_free(identity_key);
576  if (signing_key)
577  EVP_PKEY_free(signing_key);
578  tor_free(address);
579  tor_free(identity_key_file);
580  tor_free(signing_key_file);
581  tor_free(certificate_file);
582  tor_free(address);
583 
585  return r;
586 }
finish_writing_to_file
int finish_writing_to_file(open_file_t *file_data)
Definition: files.c:465
add_stream_log
void add_stream_log(const log_severity_list_t *severity, const char *name, int fd)
Definition: log.c:902
file_status_t
file_status_t
Definition: files.h:55
init_logging
void init_logging(int disable_startup_queue)
Definition: log.c:911
tor_free
#define tor_free(p)
Definition: malloc.h:52
LOG_DEBUG
#define LOG_DEBUG
Definition: log.h:42
tor_addr_family
static sa_family_t tor_addr_family(const tor_addr_t *a)
Definition: address.h:187
inaddr.h
Header for inaddr.c.
read_all_from_fd
ssize_t read_all_from_fd(int fd, char *buf, size_t count)
Definition: files.c:181
set_log_severity_config
void set_log_severity_config(int loglevelMin, int loglevelMax, log_severity_list_t *severity_out)
Definition: log.c:868
crypto_seed_rng
int crypto_seed_rng(void)
Definition: crypto_rand.c:452
memwipe
void memwipe(void *mem, uint8_t byte, size_t sz)
Definition: crypto_util.c:55
tor_addr_t
Definition: address.h:69
crypto_pk_new
crypto_pk_t * crypto_pk_new(void)
Definition: crypto_rsa_nss.c:165
compat_string.h
Header for compat_string.c.
format_iso_time
void format_iso_time(char *buf, time_t t)
Definition: time_fmt.c:295
LD_GENERAL
#define LD_GENERAL
Definition: log.h:62
crypto_init.h
Headers for crypto_init.c.
crypto_global_init
int crypto_global_init(int useAccel, const char *accelName, const char *accelDir)
Definition: crypto_init.c:88
crypto_pk_generate_key_with_bits
int crypto_pk_generate_key_with_bits(crypto_pk_t *env, int bits)
Definition: crypto_rsa_nss.c:200
base64_encode
int base64_encode(char *dest, size_t destlen, const char *src, size_t srclen, int flags)
Definition: binascii.c:215
tor_snprintf
int tor_snprintf(char *str, size_t size, const char *format,...)
Definition: printf.c:27
open_file_t
Definition: files.c:289
crypto_rsa.h
Headers for crypto_rsa.c.
crypto_util.h
Common functions for cryptographic routines.
crypto_openssl_mgt.h
Headers for crypto_openssl_mgt.c.
DIGEST_LEN
#define DIGEST_LEN
Definition: digest_sizes.h:20
tor_addr_port_lookup
int tor_addr_port_lookup(const char *s, tor_addr_t *addr_out, uint16_t *port_out)
Definition: resolve.c:252
resolve.h
Header for resolve.c.
address.h
Headers for address.h.
crypto_openssl_log_errors
void crypto_openssl_log_errors(int severity, const char *doing)
Definition: crypto_openssl_mgt.c:61
printf.h
Header for printf.c.
crypto_global_cleanup
int crypto_global_cleanup(void)
Definition: crypto_init.c:129
crypto_pk_get_digest
int crypto_pk_get_digest(const crypto_pk_t *pk, char *digest_out)
Definition: crypto_rsa.c:356
binascii.h
Header for binascii.c.
abort_writing_to_file
int abort_writing_to_file(open_file_t *file_data)
Definition: files.c:473
file_status
file_status_t file_status(const char *filename)
Definition: files.c:212
malloc.h
Headers for util_malloc.c.
crypto_rand.h
Common functions for using (pseudo-)random number generators.
time_fmt.h
Header for time_fmt.c.
fmt_addrport
const char * fmt_addrport(const tor_addr_t *addr, uint16_t port)
Definition: address.c:1199
log.h
Headers for log.c.
crypto_pk_get_fingerprint
int crypto_pk_get_fingerprint(crypto_pk_t *pk, char *fp_out, int add_space)
Definition: crypto_rsa.c:229
crypto_pk_t
Definition: crypto_rsa_nss.c:37
LOG_WARN
#define LOG_WARN
Definition: log.h:53
LOG_ERR
#define LOG_ERR
Definition: log.h:56
main
int main(int argc, char *argv[])
Definition: tor_main.c:25
log_severity_list_t
Definition: log.h:151
files.h
Wrappers for reading and writing data to files on disk.
crypto_digest.h
Headers for crypto_digest.c.
start_writing_to_stdio_file
FILE * start_writing_to_stdio_file(const char *fname, int open_flags, int mode, open_file_t **data_out)
Definition: files.c:398
FINGERPRINT_LEN
#define FINGERPRINT_LEN
Definition: crypto_rsa.h:34
tor_localtime_r
struct tm * tor_localtime_r(const time_t *timep, struct tm *result)
Definition: time_fmt.c:46
compat_compiler.h
Utility macros to handle different features and behavior in different compilers.